From 646a5c1cbfd95873950a87b5f75d52073a967023 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Mon, 28 May 2018 19:12:29 +0000 Subject: Mon May 28 19:12:29 UTC 2018 a/pkgtools-15.0-noarch-13.txz: Rebuilt. installpkg: default line length for --terselength is the number of columns. removepkg: added --terse mode. upgradepkg: default line length for --terselength is the number of columns. upgradepkg: accept -option in addition to --option. ap/vim-8.1.0026-x86_64-1.txz: Upgraded. d/bison-3.0.5-x86_64-1.txz: Upgraded. e/emacs-26.1-x86_64-1.txz: Upgraded. kde/kopete-4.14.3-x86_64-8.txz: Rebuilt. Recompiled against libidn-1.35. n/conntrack-tools-1.4.5-x86_64-1.txz: Upgraded. n/libnetfilter_conntrack-1.0.7-x86_64-1.txz: Upgraded. n/libnftnl-1.1.0-x86_64-1.txz: Upgraded. n/links-2.16-x86_64-2.txz: Rebuilt. Rebuilt to enable X driver for -g mode. n/lynx-2.8.9dev.19-x86_64-1.txz: Upgraded. n/nftables-0.8.5-x86_64-1.txz: Upgraded. n/p11-kit-0.23.11-x86_64-1.txz: Upgraded. n/ulogd-2.0.7-x86_64-1.txz: Upgraded. n/whois-5.3.1-x86_64-1.txz: Upgraded. xap/network-manager-applet-1.8.12-x86_64-1.txz: Upgraded. xap/vim-gvim-8.1.0026-x86_64-1.txz: Upgraded. --- ChangeLog.txt | 15300 +++++++++++++++++++++++++++++++------------------------- 1 file changed, 8399 insertions(+), 6901 deletions(-) (limited to 'ChangeLog.txt') diff --git a/ChangeLog.txt b/ChangeLog.txt index f603590b4..754b9cf5f 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,7218 +1,8716 @@ -Thu Jun 30 20:26:57 UTC 2016 -Slackware 14.2 x86_64 stable is released! - -The long development cycle (the Linux community has lately been living in -"interesting times", as they say) is finally behind us, and we're proud to -announce the release of Slackware 14.2. The new release brings many updates -and modern tools, has switched from udev to eudev (no systemd), and adds -well over a hundred new packages to the system. Thanks to the team, the -upstream developers, the dedicated Slackware community, and everyone else -who pitched in to help make this release a reality. - -The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a dual-sided -32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware -project by picking up a copy from store.slackware.com. We're taking -pre-orders now, and offer a discount if you sign up for a subscription. - -Have fun! :-) -+--------------------------+ -Thu Jun 30 17:25:39 UTC 2016 -testing/packages/kernel-module-ecryptfs-4.4.14-x86_64-1.txz: Added. - This package contains a fixed version of the eCryptfs kernel module. -+--------------------------+ -Wed Jun 29 19:38:51 UTC 2016 -a/sysklogd-1.5.1-x86_64-2.txz: Rebuilt. - Add a new -c option to disable suppression of repeated messages, which helps - log parsing tools such as fail2ban work better. -ap/at-3.1.19-x86_64-2.txz: Rebuilt. - Removed broken at_deny.5 man page symlink. -+--------------------------+ -Wed Jun 29 00:23:01 UTC 2016 -a/kernel-firmware-20160628git-noarch-1.txz: Upgraded. -+--------------------------+ -Sun Jun 26 01:28:27 UTC 2016 -ap/screen-4.4.0-x86_64-1.txz: Upgraded. -xfce/xfce4-pulseaudio-plugin-0.2.4-x86_64-3.txz: Rebuilt. - Reverted the icon background color patch, which was causing artifacts around - the icon or other issues such as the icon being too wide. These seemed - worse than the background color issue, which at least doesn't affect the - default Xfce theme. The patch remains in the source directory, commented - out in case anyone wants to try it. Also, an alternate patch from - Jean-Philippe Guillemin has been added to the source directory (commented - out). -+--------------------------+ -Fri Jun 24 23:37:19 UTC 2016 -Sorry about the delay, but we had to wait for this kernel. At least we were -able to get some other good fixes in this week while we were waiting. :-) -a/aaa_elflibs-14.2-x86_64-23.txz: Rebuilt. -a/kernel-generic-4.4.14-x86_64-1.txz: Upgraded. -a/kernel-huge-4.4.14-x86_64-1.txz: Upgraded. -a/kernel-modules-4.4.14-x86_64-1.txz: Upgraded. -ap/mariadb-10.0.26-x86_64-1.txz: Upgraded. -d/kernel-headers-4.4.14-x86-1.txz: Upgraded. -k/kernel-source-4.4.14-noarch-1.txz: Upgraded. - This kernel release fixes two security issues: - Corrupted offset allows for arbitrary decrements in compat - IPT_SO_SET_REPLACE setsockopt. Risk: High. Impact: Kernel memory - corruption, leading to elevation of privileges or kernel code execution. - This occurs in a compat_setsockopt() call that is normally restricted to - root, however, Linux 3/4 kernels that support user and network namespaces - can allow an unprivileged user to trigger this functionality. This is - exploitable from inside a container. - Out of bounds reads when processing IPT_SO_SET_REPLACE setsockopt. - Risk: Medium. Impact: Out of bounds heap memory access, leading to a - Denial of Service (or possibly heap disclosure or further impact). - This occurs in a setsockopt() call that is normally restricted to root, - however, Linux 3/4 kernels that support user and network namespaces can - allow an unprivileged user to trigger this functionality. This is - exploitable from inside a container. - For more information, see: - http://www.openwall.com/lists/oss-security/2016/06/24/5 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4997 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4998 - (* Security fix *) -l/libpng-1.6.23-x86_64-1.txz: Upgraded. -l/librsvg-2.40.16-x86_64-1.txz: Upgraded. -n/php-5.6.23-x86_64-1.txz: Upgraded. - This release fixes bugs and security issues. - For more information, see: - http://php.net/ChangeLog-5.php#5.6.23 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5769 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5770 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5771 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5772 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5773 - (* Security fix *) +Mon May 28 19:12:29 UTC 2018 +a/pkgtools-15.0-noarch-13.txz: Rebuilt. + installpkg: default line length for --terselength is the number of columns. + removepkg: added --terse mode. + upgradepkg: default line length for --terselength is the number of columns. + upgradepkg: accept -option in addition to --option. +ap/vim-8.1.0026-x86_64-1.txz: Upgraded. +d/bison-3.0.5-x86_64-1.txz: Upgraded. +e/emacs-26.1-x86_64-1.txz: Upgraded. +kde/kopete-4.14.3-x86_64-8.txz: Rebuilt. + Recompiled against libidn-1.35. +n/conntrack-tools-1.4.5-x86_64-1.txz: Upgraded. +n/libnetfilter_conntrack-1.0.7-x86_64-1.txz: Upgraded. +n/libnftnl-1.1.0-x86_64-1.txz: Upgraded. +n/links-2.16-x86_64-2.txz: Rebuilt. + Rebuilt to enable X driver for -g mode. +n/lynx-2.8.9dev.19-x86_64-1.txz: Upgraded. +n/nftables-0.8.5-x86_64-1.txz: Upgraded. +n/p11-kit-0.23.11-x86_64-1.txz: Upgraded. +n/ulogd-2.0.7-x86_64-1.txz: Upgraded. +n/whois-5.3.1-x86_64-1.txz: Upgraded. +xap/network-manager-applet-1.8.12-x86_64-1.txz: Upgraded. +xap/vim-gvim-8.1.0026-x86_64-1.txz: Upgraded. ++--------------------------+ +Fri May 25 23:29:36 UTC 2018 +a/glibc-zoneinfo-2018e-noarch-2.txz: Rebuilt. + Handle removal of US/Pacific-New timezone. If we see that the machine is + using this, it will be automatically switched to US/Pacific. +a/kernel-firmware-20180525_7518922-noarch-1.txz: Upgraded. +a/kernel-generic-4.14.44-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.44-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.44-x86_64-1.txz: Upgraded. +a/pkgtools-15.0-noarch-12.txz: Rebuilt. + installpkg: Suppport --terselength to set the maximum length of a line + output in --terse mode. + removepkg: Use file locking to allow only one instance at a time of ldconfig. + upgradepkg: Added --terse mode to output one line per upgraded package. + upgradepkg: Suppport --terselength to set the maximum length of a line + output in --terse mode. +ap/hplip-3.18.5-x86_64-1.txz: Upgraded. +ap/sc-7.16-x86_64-6.txz: Removed. +ap/sc-im-0.7.0-x86_64-1.txz: Added. + This is an improved version of the SC spreadsheet program. +d/kernel-headers-4.14.44-x86-1.txz: Upgraded. +d/parallel-20180522-noarch-1.txz: Upgraded. +k/kernel-source-4.14.44-noarch-1.txz: Upgraded. +l/libunistring-0.9.10-x86_64-1.txz: Upgraded. +l/mozilla-nss-3.37.1-x86_64-1.txz: Upgraded. +n/nn-6.7.3-x86_64-6.txz: Rebuilt. + Don't include /etc/nntpserver.new - the network-scripts package already + ships a copy of this for all the packages that use it. +n/php-7.2.6-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Thu Jun 23 22:59:25 UTC 2016 -kde/kde-workspace-4.11.22-x86_64-4.txz: Rebuilt. - Fixed a bug with generating the initial panel where two Konqueror launchers - would be created. Instead, there will be one launcher each for Dolphin, - Konqueror, Firefox, and Konsole. Thanks to Eric Hameleers. -+--------------------------+ -Thu Jun 23 08:04:53 UTC 2016 -ap/cups-filters-1.9.0-x86_64-2.txz: Rebuilt. - Recompiled against poppler-0.45.0. -kde/calligra-2.9.11-x86_64-5.txz: Rebuilt. - Recompiled against poppler-0.45.0. -l/poppler-0.45.0-x86_64-1.txz: Upgraded. -xfce/tumbler-0.1.31-x86_64-8.txz: Rebuilt. - Recompiled against poppler-0.45.0. -+--------------------------+ -Wed Jun 22 21:56:53 UTC 2016 -a/etc-14.2-x86_64-7.txz: Rebuilt. - Added root to the audio group. -a/kernel-firmware-20160622git-noarch-1.txz: Upgraded. -ap/nano-2.6.0-x86_64-1.txz: Upgraded. -d/llvm-3.8.0-x86_64-2.txz: Rebuilt. - Don't remove LLVMHello.so as it is referenced in LLVMExports.cmake breaking - builds that use "find_package(LLVM 3.8 CONFIG)". Thanks to Hunter S. -l/pulseaudio-9.0-x86_64-1.txz: Upgraded. - This release fixes many bugs, including this one that was commonly reported - during the Slackware 14.2 development cycle: - "Automatic routing improvements: - In 8.0, PulseAudio started to automatically switch to another profile when - the device associated with the current profile is unplugged. That seemingly - smart thing had some serious unintended consequences. One typical issue was - that when unplugging headphones, PulseAudio might switch to S/PDIF output - and not switch back to headphones when they are plugged in again. Another - issue was that HDMI in many cases appears to get temporarily unplugged when - the monitor goes to sleep mode, or even when switching the refresh rate of - the monitor -- PulseAudio 8.0 would move audio away from the HDMI monitor in - these cases and not move the audio back to HDMI when the monitor becomes - available again. These issues are now fixed." -l/sip-4.18-x86_64-1.txz: Upgraded. -xfce/xfce4-pulseaudio-plugin-0.2.4-x86_64-2.txz: Rebuilt. - Applied a patch to make the icon background match the theme (although this - will only work if the theme has a GTK+3 subtheme). Thanks to DarkVision. -+--------------------------+ -Tue Jun 21 19:11:38 UTC 2016 -a/aaa_elflibs-14.2-x86_64-22.txz: Rebuilt. -l/gmp-6.1.1-x86_64-1.txz: Upgraded. -testing/packages/screen-4.4.0-x86_64-1.txz: Added. -+--------------------------+ -Tue Jun 21 17:50:21 UTC 2016 -a/bash-4.3.046-x86_64-1.txz: Upgraded. -+--------------------------+ -Mon Jun 20 21:39:07 UTC 2016 -a/aaa_elflibs-14.2-x86_64-21.txz: Rebuilt. -a/mkinitrd-1.4.8-x86_64-8.txz: Rebuilt. - In mkinitrd_command_generator.sh, include a few more modules that might be - needed to unlock a LUKS partition using a USB keyboard. - Thanks to Eric Hameleers. -l/cairo-1.14.6-x86_64-2.txz: Rebuilt. - Patched an issue that was causing GTK3 applets to crash. - See: https://github.com/mate-desktop/mate-panel/issues/369 - Thanks to Willy Sudiarto Raharjo. -l/libarchive-3.2.1-x86_64-1.txz: Upgraded. - This release fixes several critical bugs, including some with security - implications. - (* Security fix *) -l/pcre-8.39-x86_64-1.txz: Upgraded. - This release fixes bugs (including a couple of DoS security issues), and - retrofits to PCRE1 some appropriate JIT improvements from PCRE2. +Wed May 23 04:42:29 UTC 2018 +a/kernel-firmware-20180518_2a9b2cf-noarch-1.txz: Upgraded. +a/kernel-generic-4.14.43-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.43-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.43-x86_64-1.txz: Upgraded. +a/pkgtools-15.0-noarch-11.txz: Rebuilt. + installpkg: Implement locking to prevent screen output or install script + collisions if multiple copies of installpkg are running simultaneously. + installpkg: Use $(mcookie) instead of $$. Fall back on $$ if mcookie is + not available. + makepkg: Add --compress option, usually used to change the preset + compression level or block size. Thanks to shasta. +a/procps-ng-3.3.15-x86_64-1.txz: Upgraded. + Shared library .so-version bump. + This update fixes bugs and security issues: + library: Fix integer overflow and LPE in file2strvec + library: Use size_t for alloc functions + pgrep: Fix stack-based buffer overflow + ps: Fix buffer overflow in output buffer, causing DOS + top: Don't use cwd for location of config + For more information, see: + https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1124 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1126 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1125 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1123 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1122 + (* Security fix *) +ap/cups-filters-1.20.3-x86_64-2.txz: Rebuilt. + Recompiled against poppler-0.65.0. +ap/mariadb-10.2.15-x86_64-1.txz: Upgraded. + This update fixes bugs and security issues. + For more information, see: + https://mariadb.com/kb/en/mariadb-10215-release-notes/ + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2786 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2759 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2777 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2810 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2782 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2784 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2787 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2766 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2755 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2819 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2817 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2761 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2781 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2771 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2813 + (* Security fix *) +ap/vim-8.1.0016-x86_64-1.txz: Upgraded. +d/Cython-0.28.2-x86_64-1.txz: Upgraded. +d/cmake-3.11.2-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.43-x86-1.txz: Upgraded. +d/meson-0.46.1-x86_64-1.txz: Upgraded. +k/kernel-source-4.14.43-noarch-1.txz: Upgraded. + Changes to .config (thanks to tumble): + TCP_CONG_ADVANCED n -> y + +DEFAULT_CUBIC y + +DEFAULT_RENO n + +TCP_CONG_BBR m + +TCP_CONG_BIC m + +TCP_CONG_CDG m + +TCP_CONG_DCTCP m + +TCP_CONG_HSTCP m + +TCP_CONG_HTCP m + +TCP_CONG_HYBLA m + +TCP_CONG_ILLINOIS m + +TCP_CONG_LP m + +TCP_CONG_NV m + +TCP_CONG_SCALABLE m + +TCP_CONG_VEGAS m + +TCP_CONG_VENO m + +TCP_CONG_WESTWOOD m + +TCP_CONG_YEAH m +kde/calligra-2.9.11-x86_64-21.txz: Rebuilt. + Recompiled against poppler-0.65.0. +l/QScintilla-2.10.4-x86_64-1.txz: Upgraded. +l/babl-0.1.50-x86_64-1.txz: Upgraded. +l/glib-networking-2.56.1-x86_64-1.txz: Upgraded. +l/poppler-0.65.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/vte-0.52.2-x86_64-1.txz: Upgraded. +n/crda-3.18-x86_64-7.txz: Rebuilt. + Upgraded to wireless-regdb-2018.05.09. +n/mutt-1.10.0-x86_64-1.txz: Upgraded. +n/postfix-3.3.1-x86_64-1.txz: Upgraded. +n/stunnel-5.45-x86_64-1.txz: Upgraded. +t/texlive-2017.171108-x86_64-6.txz: Rebuilt. + Recompiled against poppler-0.65.0. +x/intel-gpu-tools-1.22-x86_64-3.txz: Rebuilt. + Recompiled against procps-ng-3.3.15. +xap/gimp-2.10.2-x86_64-1.txz: Upgraded. +xap/mozilla-thunderbird-52.8.0-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1283 + https://www.mozilla.org/en-US/thunderbird/52.8.0/releasenotes/ + https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/ (* Security fix *) +xap/vim-gvim-8.1.0016-x86_64-1.txz: Upgraded. +xfce/tumbler-0.2.1-x86_64-3.txz: Rebuilt. + Recompiled against poppler-0.65.0. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Fri Jun 17 22:43:09 UTC 2016 -xap/imagemagick-6.9.4_9-x86_64-1.txz: Upgraded. -+--------------------------+ -Thu Jun 16 21:52:57 UTC 2016 -l/gd-2.2.1-x86_64-1.txz: Upgraded. - This update fixes the following security issues: - Stack consumption vulnerability allows remote attackers to cause a denial of - service via a crafted imagefilltoborder call. - Integer signedness error allows remote attackers to cause a denial of service - or potentially execute arbitrary code via crafted compressed gd2 data, which - triggers a heap-based buffer overflow. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8874 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3074 - (* Security fix *) -n/php-5.6.22-x86_64-2.txz: Rebuilt. - Added option --with-vpx-dir=/usr. Thanks to Pierre ANDREENKO. -+--------------------------+ -Thu Jun 16 18:13:55 UTC 2016 -testing/packages/tmux-2.2-x86_64-2.txz: Rebuilt. - Added /usr/share/terminfo/tmux{,-256color}. Thanks to dugan. -+--------------------------+ -Wed Jun 15 18:56:13 UTC 2016 -a/aaa_elflibs-14.2-x86_64-20.txz: Rebuilt. -kde/kdelibs-4.14.21-x86_64-1.txz: Upgraded. -l/libjpeg-turbo-1.5.0-x86_64-1.txz: Upgraded. -n/libgcrypt-1.7.1-x86_64-1.txz: Upgraded. -n/libgpg-error-1.23-x86_64-1.txz: Upgraded. -+--------------------------+ -Wed Jun 15 06:13:17 UTC 2016 -a/aaa_elflibs-14.2-x86_64-19.txz: Rebuilt. -ap/cups-2.1.4-x86_64-1.txz: Upgraded. -+--------------------------+ -Wed Jun 15 01:57:05 UTC 2016 -a/glibc-zoneinfo-2016e-noarch-1.txz: Upgraded. -a/pkgtools-14.2-noarch-10.txz: Rebuilt. - In removepkg, fix package name matching so that (for example) "removepkg s" - will not remove a package whose name begins and ends with "s". - Thanks to Andreas Guldstrand. - Added internationalized man pages. - Thanks to Didier Spaier and the Slint translation team. -ap/slackpkg-2.82.1-noarch-3.txz: Rebuilt. - Added internationalized man pages. - Thanks to Didier Spaier and the Slint translation team. -ap/vim-7.4.1938-x86_64-1.txz: Upgraded. -d/git-2.9.0-x86_64-1.txz: Upgraded. -xap/gparted-0.26.1-x86_64-1.txz: Upgraded. -xap/vim-gvim-7.4.1938-x86_64-1.txz: Upgraded. +Sat May 19 04:24:47 UTC 2018 +a/aaa_elflibs-14.2-x86_64-39.txz: Rebuilt. + Restored libstdc++.so.5. Upgraded libidn and libidn2. +ap/vim-8.1.0001-x86_64-1.txz: Upgraded. +l/libidn2-2.0.5-x86_64-1.txz: Upgraded. +x/mesa-18.0.4-x86_64-1.txz: Upgraded. +x/xf86-video-mach64-6.9.6-x86_64-1.txz: Upgraded. +x/xf86-video-rendition-4.2.7-x86_64-1.txz: Upgraded. +xap/vim-gvim-8.1.0001-x86_64-1.txz: Upgraded. ++--------------------------+ +Thu May 17 20:49:42 UTC 2018 +l/babl-0.1.48-x86_64-1.txz: Upgraded. +l/gegl-0.4.2-x86_64-1.txz: Upgraded. +l/gst-plugins-base-1.14.1-x86_64-1.txz: Upgraded. +l/gst-plugins-good-1.14.1-x86_64-1.txz: Upgraded. +l/gst-plugins-libav-1.14.1-x86_64-1.txz: Upgraded. +l/gstreamer-1.14.1-x86_64-1.txz: Upgraded. +n/ca-certificates-20180409-noarch-1.txz: Upgraded. +n/samba-4.8.2-x86_64-1.txz: Upgraded. +x/libinput-1.10.7-x86_64-1.txz: Upgraded. +x/xf86-video-vmware-13.3.0-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-60.0.1-x86_64-1.txz: Upgraded. +extra/pure-alsa-system/gst-plugins-good-1.14.1-x86_64-1_alsa.txz: Upgraded. ++--------------------------+ +Thu May 17 04:13:16 UTC 2018 +a/e2fsprogs-1.44.2-x86_64-1.txz: Upgraded. +a/kernel-generic-4.14.41-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.41-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.41-x86_64-1.txz: Upgraded. +a/usbutils-010-x86_64-1.txz: Upgraded. +ap/lsscsi-0.29-x86_64-1.txz: Upgraded. +ap/nano-2.9.7-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.41-x86-1.txz: Upgraded. +k/kernel-source-4.14.41-noarch-1.txz: Upgraded. +l/libgphoto2-2.5.18-x86_64-1.txz: Upgraded. +l/libimobiledevice-1.2.0-x86_64-5.txz: Rebuilt. + Patch to fix double free with OpenSSL-1.1.x. Thanks to ill323. +n/curl-7.60.0-x86_64-1.txz: Upgraded. + This release contains security fixes: + FTP: shutdown response buffer overflow + RTSP: bad headers buffer over-read + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000300 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000301 + (* Security fix *) +n/links-2.16-x86_64-1.txz: Upgraded. +x/xdg-utils-1.1.3-noarch-1.txz: Upgraded. +xfce/xfce4-terminal-0.8.7.4-x86_64-1.txz: Upgraded. +extra/tigervnc/tigervnc-1.8.0-x86_64-5.txz: Rebuilt. + Patched and recompiled for xorg-server-1.20.0. Thanks to Matteo Bernardini. isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +pasture/php-5.6.36-x86_64-1.txz: Added. + Since some things still require php-5.6, here's an alternate package + compiled against openssl-1.1. Thanks to Darth Vader. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Tue Jun 14 03:48:17 UTC 2016 -xap/pidgin-2.10.12-x86_64-2.txz: Rebuilt. - Use the much larger collection of SSL certs in /etc/ssl/certs rather - than the ones that ship with Pidgin, otherwise certificates issued by - Let's Encrypt (and others) cannot be verified. Thanks to Cesare. -+--------------------------+ -Mon Jun 13 21:34:08 UTC 2016 -a/gettext-0.19.8.1-x86_64-1.txz: Upgraded. -a/pkgtools-14.2-noarch-9.txz: Rebuilt. - In setup.80.make-bootdisk, create a first bootable active primary partition - rather than using a filesystem on the unpartitioned device. Some BIOSes - won't boot it otherwise. Thanks to Richard Narron. -d/gettext-tools-0.19.8.1-x86_64-1.txz: Upgraded. -+--------------------------+ -Mon Jun 13 07:07:39 UTC 2016 -a/grub-2.00-x86_64-5.txz: Rebuilt. - Use correct GRUB_DISABLE_RECOVERY option in /etc/default/grub.new. - Thanks to Eugen Wissner. -a/mkinitrd-1.4.8-x86_64-7.txz: Rebuilt. - Fixed detecting USB partition in init, added proper USB storage modules - to mkinitrd, and added missing USB keyboard modules to - mkinitrd_command_generator.sh to fix entering LUKS password with some - newer USB keyboards. Thanks to Eric Hameleers. -a/sysvinit-scripts-2.0-noarch-33.txz: Rebuilt. - rc.S: In cryptsetup script, support supplying a password of "none" - (interactive entry) for non-swap partitions to allow specifying additional - options. Support a new option "discard" to pass the --allow-discards option - to cryptsetup when unlocking a volume, which can potentially improve - performance and longevity on some SSDs. Thanks to Nathan Wallace. -ap/cups-filters-1.9.0-x86_64-1.txz: Upgraded. -ap/lxc-2.0.1-x86_64-4.txz: Rebuilt. - Merged rc.S changes. -l/hicolor-icon-theme-0.15-noarch-1.txz: Upgraded. -n/NetworkManager-1.2.2-x86_64-2.txz: Rebuilt. - Install udev rules in the correct directory. Thanks to gmgf. -n/samba-4.4.4-x86_64-3.txz: Rebuilt. - When installing, move any files existing in /etc/samba/private to - /var/lib/samba/private, not just *.tdb files. - Thanks to Maciej Goluchowski. -n/vsftpd-3.0.3-x86_64-3.txz: Rebuilt. - Patched to handle NULL returns from recent glibc crypt(). Thanks to nixi. -n/wget-1.18-x86_64-1.txz: Upgraded. - This version fixes a security vulnerability present in all old versions - of wget. On a server redirect from HTTP to a FTP resource, wget would - trust the HTTP server and use the name in the redirected URL as the - destination filename. This behaviour was changed and now it works - similarly as a redirect from HTTP to another HTTP resource so the original - name is used as the destination file. To keep the previous behaviour the - user must provide --trust-server-names. - The vulnerability was discovered by Dawid Golunski and was reported by - Beyond Security's SecuriTeam. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4971 - (* Security fix *) -x/xterm-325-x86_64-1.txz: Upgraded. -isolinux/efiboot.img: Rebuilt. -+--------------------------+ -Thu Jun 9 18:13:44 UTC 2016 -a/e2fsprogs-1.43.1-x86_64-1.txz: Upgraded. -ap/groff-1.22.3-x86_64-2.txz: Rebuilt. - Use correct app-defaults directory. Thanks to DarkVision. -kde/kdelibs-4.14.20-x86_64-1.txz: Upgraded. -x/xf86-video-intel-git_20160601_b617f80-x86_64-1.txz: Upgraded. - Rolling the git dice one more time since there are reports that this version - fixes video corruption and freezes after resume. Please let me know quickly - if it causes any regressions. +Mon May 14 19:48:52 UTC 2018 +a/openssl-solibs-1.1.0h-x86_64-2.txz: Rebuilt. +ap/gutenprint-5.2.14-x86_64-2.txz: Rebuilt. + Rebuilt without the gimp2 print plugin (not compatible with gimp-2.10.0). +ap/vim-8.0.1839-x86_64-1.txz: Upgraded. +n/openssl-1.1.0h-x86_64-2.txz: Rebuilt. + Fixed missing quotes in c_rehash. Thanks to Matteo Bernardini. + After updating this package, it may be required to reinstall the + ca-certificates package (or run: update-ca-certificates --fresh). +x/libdmx-1.1.4-x86_64-1.txz: Upgraded. +xap/vim-gvim-8.0.1839-x86_64-1.txz: Upgraded. ++--------------------------+ +Sat May 12 00:28:18 UTC 2018 +Where possible, the driver packages for X11 have been recompiled. However, +there were some (xf86-video-geode, xf86-video-tseng, xf86-video-sis, +xf86-video-savage, xf86-video-s3virge, xf86-video-rendition, xf86-video-r128, +and xf86-video-mach64) that would not compile against xorg-server-1.20.0 and +for which no patches seem to be available. Is anyone still using those, or are +they finally obsolete? I'll hold off on removing them until I can find out one +way or the other. +a/aaa_elflibs-14.2-x86_64-38.txz: Rebuilt. +a/bzip2-1.0.6-x86_64-3.txz: Rebuilt. + Added bzip2.pc. +ap/ghostscript-9.23-x86_64-3.txz: Rebuilt. + Recompiled against libidn-1.35. +d/rust-1.26.0-x86_64-1.txz: Upgraded. +l/libidn-1.35-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/loudmouth-1.5.3-x86_64-3.txz: Rebuilt. + Recompiled against libidn-1.35. +n/NetworkManager-1.10.8-x86_64-1.txz: Upgraded. +n/bind-9.11.3-x86_64-4.txz: Rebuilt. + Recompiled against libidn-1.35. +n/lynx-2.8.9dev.18-x86_64-1.txz: Upgraded. + Compiled against libidn-1.35. +n/mcabber-1.0.5-x86_64-4.txz: Rebuilt. + Recompiled against libidn-1.35. +n/mutt-1.9.5-x86_64-4.txz: Rebuilt. + Recompiled against libidn-1.35. +x/xf86-input-acecad-1.5.0-x86_64-12.txz: Rebuilt. +x/xf86-input-evdev-2.10.5-x86_64-3.txz: Rebuilt. +x/xf86-input-joystick-1.6.3-x86_64-3.txz: Rebuilt. +x/xf86-input-keyboard-1.9.0-x86_64-3.txz: Rebuilt. +x/xf86-input-libinput-0.27.1-x86_64-3.txz: Rebuilt. +x/xf86-input-mouse-1.9.2-x86_64-3.txz: Rebuilt. +x/xf86-input-penmount-1.5.0-x86_64-12.txz: Rebuilt. +x/xf86-input-synaptics-1.9.0-x86_64-3.txz: Rebuilt. +x/xf86-input-vmmouse-13.1.0-x86_64-7.txz: Rebuilt. +x/xf86-input-void-1.4.0-x86_64-12.txz: Rebuilt. +x/xf86-input-wacom-0.36.1-x86_64-3.txz: Rebuilt. +x/xf86-video-amdgpu-18.0.1-x86_64-3.txz: Rebuilt. +x/xf86-video-apm-1.2.5-x86_64-11.txz: Rebuilt. +x/xf86-video-ark-0.7.5-x86_64-11.txz: Rebuilt. +x/xf86-video-ast-1.1.5-x86_64-5.txz: Rebuilt. +x/xf86-video-ati-18.0.1-x86_64-3.txz: Rebuilt. +x/xf86-video-chips-1.2.7-x86_64-3.txz: Rebuilt. +x/xf86-video-cirrus-1.5.3-x86_64-5.txz: Rebuilt. +x/xf86-video-dummy-0.3.8-x86_64-3.txz: Rebuilt. +x/xf86-video-glint-1.2.9-x86_64-3.txz: Rebuilt. +x/xf86-video-i128-1.3.6-x86_64-11.txz: Rebuilt. +x/xf86-video-i740-1.3.6-x86_64-3.txz: Rebuilt. +x/xf86-video-mga-1.6.5-x86_64-3.txz: Rebuilt. +x/xf86-video-neomagic-1.2.9-x86_64-5.txz: Rebuilt. +x/xf86-video-nouveau-1.0.15-x86_64-3.txz: Rebuilt. +x/xf86-video-nv-2.1.21-x86_64-3.txz: Rebuilt. +x/xf86-video-openchrome-0.6.0-x86_64-3.txz: Rebuilt. +x/xf86-video-s3-0.6.5-x86_64-11.txz: Rebuilt. +x/xf86-video-siliconmotion-1.7.9-x86_64-3.txz: Rebuilt. +x/xf86-video-sisusb-0.9.7-x86_64-3.txz: Rebuilt. +x/xf86-video-tdfx-1.4.7-x86_64-3.txz: Rebuilt. +x/xf86-video-tga-1.2.2-x86_64-11.txz: Rebuilt. +x/xf86-video-trident-1.3.8-x86_64-3.txz: Rebuilt. +x/xf86-video-v4l-0.2.0-x86_64-16.txz: Rebuilt. +x/xf86-video-vboxvideo-1.0.0-x86_64-3.txz: Rebuilt. +x/xf86-video-vesa-2.4.0-x86_64-3.txz: Rebuilt. +x/xf86-video-vmware-13.2.1-x86_64-7.txz: Rebuilt. +x/xf86-video-voodoo-1.2.5-x86_64-12.txz: Rebuilt. +xap/pidgin-2.13.0-x86_64-3.txz: Rebuilt. + Recompiled against libidn-1.35. ++--------------------------+ +Thu May 10 21:01:11 UTC 2018 +a/aaa_elflibs-14.2-x86_64-37.txz: Rebuilt. + Restored libpng14.so.14. +n/nghttp2-1.32.0-x86_64-1.txz: Upgraded. +x/libdrm-2.4.92-x86_64-1.txz: Upgraded. +x/xf86-video-intel-git_20180315_e7bfc906-x86_64-1.txz: Upgraded. +x/xorg-server-1.20.0-x86_64-1.txz: Upgraded. +x/xorg-server-xephyr-1.20.0-x86_64-1.txz: Upgraded. +x/xorg-server-xnest-1.20.0-x86_64-1.txz: Upgraded. +x/xorg-server-xvfb-1.20.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Thu May 10 13:17:20 UTC 2018 +n/wpa_supplicant-2.6-x86_64-6.txz: Rebuilt. + Drop the use-system-openssl-ciphers patch. Thanks to GazL. ++--------------------------+ +Thu May 10 03:25:47 UTC 2018 +a/aaa_elflibs-14.2-x86_64-36.txz: Rebuilt. +a/glibc-zoneinfo-2018e-noarch-1.txz: Upgraded. +a/kernel-firmware-20180507_8fc2d4e-noarch-1.txz: Upgraded. +a/kernel-generic-4.14.40-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.40-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.40-x86_64-1.txz: Upgraded. +a/openssl-solibs-1.1.0h-x86_64-1.txz: Upgraded. +a/openssl10-solibs-1.0.2o-x86_64-1.txz: Added. + Added compatibility libraries for binaries that need to remain compiled + against openssl-1.0.2. +ap/hplip-3.18.4-x86_64-2.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +ap/mariadb-10.2.14-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +d/git-2.17.0-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +d/kernel-headers-4.14.40-x86-1.txz: Upgraded. +d/perl-5.26.2-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +d/python-2.7.15-x86_64-2.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +d/python3-3.6.5-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +d/ruby-2.5.1-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +d/rust-1.25.0-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +k/kernel-source-4.14.40-noarch-1.txz: Upgraded. +l/M2Crypto-0.27.0-x86_64-4.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +l/apr-util-1.6.1-x86_64-7.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +l/gnome-keyring-3.28.2-x86_64-1.txz: Upgraded. +l/gvfs-1.36.2-x86_64-1.txz: Upgraded. +l/libarchive-3.3.2-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +l/libevent-2.1.8-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +l/libimobiledevice-1.2.0-x86_64-4.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +l/librsvg-2.42.4-x86_64-1.txz: Upgraded. +l/libsoup-2.62.2-x86_64-1.txz: Upgraded. +l/libssh2-1.8.0-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +l/libvncserver-0.9.11-x86_64-4.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +l/libzip-1.5.1-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +l/neon-0.30.2-x86_64-1.txz: Upgraded. + Compiled against openssl-1.1.0h. +l/opusfile-0.9-x86_64-4.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +l/pulseaudio-11.1-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +l/pycurl-7.43.0.1-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +l/qca-2.1.3-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +l/qt-4.8.7-x86_64-10.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +l/redland-1.0.17-x86_64-5.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +l/serf-1.3.9-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/alpine-2.21-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/bind-9.11.3-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/curl-7.59.0-x86_64-4.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/cyrus-sasl-2.1.27_rc7-x86_64-1.txz: Upgraded. + Compiled against openssl-1.1.0h. +n/dovecot-2.3.1-x86_64-4.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/epic5-2.0.1-x86_64-5.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/fetchmail-6.3.26-x86_64-4.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/htdig-3.2.0b6-x86_64-6.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/httpd-2.4.33-x86_64-4.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/irssi-1.1.1-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/lftp-4.8.3-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/libgpg-error-1.31-x86_64-1.txz: Upgraded. +n/links-2.14-x86_64-4.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/lynx-2.8.9dev.16-x86_64-2.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/mailx-12.5-x86_64-4.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/mutt-1.9.5-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/net-snmp-5.7.3-x86_64-8.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/nmap-7.70-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/ntp-4.2.8p11-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/openldap-client-2.4.46-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/openssh-7.7p1-x86_64-5.txz: Rebuilt. + Recompiled against openssl-1.1.0h. + Thanks to alienBOB for the patch. +n/openssl-1.1.0h-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +n/openssl10-1.0.2o-x86_64-1.txz: Added. + Added a compatibility development package for sources that need to be + compiled against openssl-1.0.2o. To compile against openssl-1.0.2o, you'll + need to add lines like this to the build script: + export CFLAGS="$CFLAGS -I/usr/include/openssl-1.0" + export LIBS="-L/usr/lib${LIBDIRSUFFIX}/openssl-1.0" + Some sources may still make a mess of things, and in those cases it might be + easiest to temporarily remove the openssl (1.1.0h) package while compiling, + in addition to the changes shown above. + The shared libraries in this package (and also duplicated in the + openssl10-solibs package) have also been changed to use versioned symbols. + Old binaries and libraries will continue to run linked with these new + libraries, but it is suggested to recompile them if possible. This will + prevent problems in case something ends up linking both the 1.0.2 and the + 1.1.0 OpenSSL libraries. +n/openvpn-2.4.6-x86_64-2.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/php-7.2.5-x86_64-2.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/pidentd-3.0.19-x86_64-4.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/popa3d-1.0.3-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/postfix-3.3.0-x86_64-4.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/proftpd-1.3.6-x86_64-4.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/slrn-1.0.2-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/snownews-1.5.13_20180507-x86_64-1.txz: Upgraded. + Compiled against openssl-1.1.0h. +n/stunnel-5.44-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/tcpdump-4.9.2-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/ulogd-2.0.5-x86_64-4.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/vsftpd-3.0.3-x86_64-5.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +n/wget-1.19.5-x86_64-1.txz: Upgraded. + Fixed a security issue where a malicious web server could inject arbitrary + cookies into the cookie jar file. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0494 + (* Security fix *) + Compiled against openssl-1.1.0h. +n/wpa_supplicant-2.6-x86_64-5.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +t/fig2dev-3.2.7a-x86_64-1.txz: Upgraded. +t/xfig-3.2.7a-x86_64-1.txz: Upgraded. +x/mesa-18.0.3-x86_64-1.txz: Upgraded. +xap/gftp-2.0.19-x86_64-7.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +xap/gkrellm-2.3.10-x86_64-4.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +xap/gnuplot-5.2.3-x86_64-1.txz: Upgraded. +xap/hexchat-2.14.1-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +xap/mozilla-firefox-60.0-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. + For more information, see: + https://www.mozilla.org/security/known-vulnerabilities/firefox.html + https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/ + (* Security fix *) +xap/rdesktop-1.8.3-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +xap/sane-1.0.27-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +xap/x3270-3.3.12ga7-x86_64-4.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +extra/sendmail/sendmail-8.15.2-x86_64-3.txz: Rebuilt. + Recompiled against openssl-1.1.0h. +extra/sendmail/sendmail-cf-8.15.2-noarch-3.txz: Rebuilt. isolinux/initrd.img: Rebuilt. - Rebuilt to update e2fsprogs. +kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. - Rebuilt to update e2fsprogs. -+--------------------------+ -Wed Jun 8 21:20:46 UTC 2016 -a/kernel-generic-4.4.13-x86_64-1.txz: Upgraded. -a/kernel-huge-4.4.13-x86_64-1.txz: Upgraded. -a/kernel-modules-4.4.13-x86_64-1.txz: Upgraded. -a/mkinitrd-1.4.8-x86_64-6.txz: Rebuilt. - Support LABEL= and UUID= for resume device. Thanks to SeB. -a/pkgtools-14.2-noarch-8.txz: Rebuilt. - pkgtool: Correctly determine root device when running from the installer. - Thanks to Richard Narron. -d/kernel-headers-4.4.13-x86-1.txz: Upgraded. -d/python-setuptools-22.0.5-x86_64-1.txz: Upgraded. - Include documentation in package. Thanks to bassmadrigal. -k/kernel-source-4.4.13-noarch-1.txz: Upgraded. -l/sdl-1.2.15-x86_64-4.txz: Rebuilt. - Patched an SDL_ttf bug that prevents shaded text from displaying. - Thanks to Cheng Bao. -n/samba-4.4.4-x86_64-2.txz: Rebuilt. - Patched doinst.sh to fix a couple possible (harmless) error messages upon - installation. Thanks to Maciej Goluchowski. ++--------------------------+ +Fri May 4 19:40:52 UTC 2018 +d/python-2.7.15-x86_64-1.txz: Upgraded. + Updated to the latest 2.7.x release. + This fixes some security issues in difflib and poplib (regexes vulnerable + to denial of service attacks), as well as security issues with the bundled + expat library. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0876 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5300 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9063 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9233 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061 + (* Security fix *) +e/emacs-25.3-x86_64-4.txz: Rebuilt. + Recompiled against imagemagick-6.9.9_42. +l/virtuoso-ose-6.1.8-x86_64-9.txz: Rebuilt. + Recompiled against imagemagick-6.9.9_42. +x/xterm-333-x86_64-1.txz: Upgraded. +xap/xine-lib-1.2.9-x86_64-3.txz: Rebuilt. + Recompiled against imagemagick-6.9.9_42. +xap/xlockmore-5.55-x86_64-1.txz: Upgraded. + Compiled against imagemagick-6.9.9_42. ++--------------------------+ +Thu May 3 22:42:35 UTC 2018 +l/imagemagick-6.9.9_42-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/seamonkey-solibs-2.49.3-x86_64-1.txz: Upgraded. +xap/seamonkey-2.49.3-x86_64-1.txz: Upgraded. + This update contains security fixes and improvements. + For more information (when it appears), see: + http://www.seamonkey-project.org/releases/seamonkey2.49.3 + (* Security fix *) ++--------------------------+ +Thu May 3 13:44:01 UTC 2018 +a/kernel-firmware-20180430_397a604-noarch-1.txz: Upgraded. +a/kernel-generic-4.14.39-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.39-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.39-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.39-x86-1.txz: Upgraded. +k/kernel-source-4.14.39-noarch-1.txz: Upgraded. +l/LibRaw-0.18.10-x86_64-1.txz: Upgraded. + Fixes some minor security issues. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13735 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14265 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14348 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10528 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10529 + (* Security fix *) +l/libaio-0.3.111-x86_64-1.txz: Upgraded. +n/dhcpcd-7.0.4-x86_64-1.txz: Upgraded. +n/gnupg2-2.2.7-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. -testing/source/linux-4.5.4-configs/*: Removed. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Tue Jun 7 21:39:07 UTC 2016 -a/smartmontools-6.5-x86_64-1.txz: Upgraded. -n/gnutls-3.4.13-x86_64-1.txz: Upgraded. - Use secure_getenv() where available to obtain environment variables to - fix an issue where setuid programs could potentially allow an attacker - to overwrite and corrupt arbitrary files. - This issue was only present in gnutls-3.4.12. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4456 - (* Security fix *) -n/samba-4.4.4-x86_64-1.txz: Upgraded. - Migrate any .tdb files in /etc/samba/private to /var/lib/samba/private. - Thanks to ivandi. -xap/gkrellm-2.3.7-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-45.2.0esr-x86_64-1.txz: Upgraded. +Tue May 1 20:43:20 UTC 2018 +a/dbus-1.12.8-x86_64-1.txz: Upgraded. +a/eudev-3.2.5-x86_64-3.txz: Rebuilt. + Don't treat bind actions as add/update actions. Fixes MTP with recent + kernels. Thanks to DarkVision for the link to the patch. +a/xfsprogs-4.16.1-x86_64-1.txz: Upgraded. +ap/hplip-3.18.4-x86_64-1.txz: Upgraded. +ap/man-pages-4.16-noarch-1.txz: Upgraded. +l/gegl-0.4.0-x86_64-1.txz: Upgraded. +l/gexiv2-0.10.8-x86_64-1.txz: Added. + Required by gimp-2.10.0. +l/json-c-0.13.1_20180305-x86_64-1.txz: Added. + Looks like we're getting this package back since libmypaint needs it. +l/json-glib-1.4.2-x86_64-1.txz: Added. + Required by gegl-0.4.0 and gimp-2.10.0. +x/libinput-1.10.6-x86_64-1.txz: Upgraded. +x/libmypaint-1.3.0-x86_64-1.txz: Added. + Required by gimp-2.10.0. +x/mypaint-brushes-1.3.0-noarch-1.txz: Added. + Required by gimp-2.10.0. +xap/gimp-2.10.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Mon Apr 30 22:35:43 UTC 2018 +a/xz-5.2.4-x86_64-1.txz: Upgraded. +ap/sudo-1.8.23-x86_64-1.txz: Upgraded. +l/libwmf-0.2.8.4-x86_64-8.txz: Rebuilt. + Patched denial of service and possible execution of arbitrary code + security issues. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0941 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3376 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2756 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3472 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3473 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3477 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0848 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4588 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4695 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4696 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9011 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6362 + (* Security fix *) + Symlink to system Type1 fonts. +l/libwmf-docs-0.2.8.4-noarch-7.txz: Removed. + There's no good reason to split this package. +xap/mozilla-firefox-59.0.3-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html + https://www.mozilla.org/security/known-vulnerabilities/firefox.html (* Security fix *) +--------------------------+ -Tue Jun 7 06:03:13 UTC 2016 -a/pkgtools-14.2-noarch-7.txz: Rebuilt. - In setup.80.make-bootdisk, use -i option with syslinux. - Thanks to Richard Narron. - In setup.80.make-bootdisk, try to use syslinux-nomtools. This is more - reliable due to a race condition between udev and mtools when syslinux - makes rapid calls to mtools. If syslinux-nomtools is not available, then - run syslinux within strace which changes the timing enough that it works. -l/aspell-en-7.1_0-x86_64-1.txz: Upgraded. - On all of these aspell dictionary packages, use a proper $ARCH. - Thanks to Didier Spaier. -n/yptools-2.14-x86_64-7.txz: Rebuilt. - Compile with --libexecdir=/usr/lib${LIBDIRSUFFIX}/yp or else ypserv will - not be able to start ypxfr on 64-bit. Thanks to Jonathan Woithe. -extra/aspell-word-lists/aspell-af-0.50_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-am-0.03_1-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-az-0.02_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-be-0.01-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-bg-4.1_0-x86_64-1.txz: Upgraded. -extra/aspell-word-lists/aspell-bn-0.01.1_1-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-br-0.50_2-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-ca-20040130_1-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-cs-20040614_1-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-csb-0.02_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-cy-0.50_3-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-da-1.4.42_1-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-de-20030222_1-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-el-0.50_3-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-eo-2.1.20000225a_2-x86_64-1.txz: Upgraded. -extra/aspell-word-lists/aspell-es-1.11_2-x86_64-1.txz: Upgraded. -extra/aspell-word-lists/aspell-et-0.1.21_1-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-fa-0.11_0-x86_64-1.txz: Upgraded. -extra/aspell-word-lists/aspell-fi-0.7_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-fo-0.2.16_1-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-fr-0.50_3-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-ga-4.5_0-x86_64-1.txz: Upgraded. -extra/aspell-word-lists/aspell-gd-0.1.1_1-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-gl-0.5a_2-x86_64-1.txz: Upgraded. -extra/aspell-word-lists/aspell-gu-0.03_0-x86_64-1.txz: Upgraded. -extra/aspell-word-lists/aspell-gv-0.50_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-he-1.0_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-hi-0.02_0-x86_64-1.txz: Upgraded. -extra/aspell-word-lists/aspell-hil-0.11_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-hr-0.51_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-hsb-0.02_0-x86_64-1.txz: Upgraded. -extra/aspell-word-lists/aspell-hu-0.99.4.2_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-ia-0.50_1-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-id-1.2_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-is-0.51.1_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-it-2.2_20050523_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-ku-0.20_1-x86_64-1.txz: Upgraded. -extra/aspell-word-lists/aspell-la-20020503_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-lt-1.2.1_0-x86_64-1.txz: Upgraded. -extra/aspell-word-lists/aspell-lv-0.5.5_1-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-mg-0.03_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-mi-0.50_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-mk-0.50_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-mn-0.06_2-x86_64-1.txz: Upgraded. -extra/aspell-word-lists/aspell-mr-0.10_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-ms-0.50_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-mt-0.50_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-nb-0.50.1_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-nds-0.01_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-nl-0.50_2-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-nn-0.50.1_1-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-no-0.50_2-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-ny-0.01_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-or-0.03_1-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-pa-0.01_1-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-pl-6.0_20061121_0-x86_64-1.txz: Upgraded. -extra/aspell-word-lists/aspell-pt-0.50_2-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-pt_BR-20090702_0-x86_64-1.txz: Upgraded. -extra/aspell-word-lists/aspell-qu-0.02_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-ro-3.3_2-x86_64-1.txz: Upgraded. -extra/aspell-word-lists/aspell-ru-0.99f7_1-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-rw-0.50_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-sc-1.0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-sk-2.01_2-x86_64-1.txz: Upgraded. -extra/aspell-word-lists/aspell-sl-0.50_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-sr-0.02-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-sv-0.51_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-sw-0.50_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-ta-20040424_1-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-te-0.01_2-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-tet-0.1.1-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-tl-0.02_1-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-tn-1.0.1_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-tr-0.50_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-uk-1.4.0_0-x86_64-1.txz: Upgraded. -extra/aspell-word-lists/aspell-uz-0.6_0-x86_64-1.txz: Upgraded. -extra/aspell-word-lists/aspell-vi-0.01.1_1-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-wa-0.50_0-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-yi-0.01.1_1-x86_64-5.txz: Rebuilt. -extra/aspell-word-lists/aspell-zu-0.50_0-x86_64-5.txz: Rebuilt. -+--------------------------+ -Sat Jun 4 20:56:31 UTC 2016 -d/pkg-config-0.29.1-x86_64-2.txz: Rebuilt. - Added /usr/local/share/pkgconfig to $PKG_CONFIG_PATH. - Thanks to bassmadrigal. -n/nftables-0.6-x86_64-1.txz: Upgraded. -n/samba-4.4.3-x86_64-2.txz: Rebuilt. - Moved /etc/samba/private/ to /var/lib/samba/private/. - Thanks to Pierre ANDREENKO. -x/xf86-input-evdev-2.10.3-x86_64-1.txz: Upgraded. -+--------------------------+ -Fri Jun 3 23:36:07 UTC 2016 -ap/lxc-2.0.1-x86_64-3.txz: Rebuilt. - In /etc/inittab, use "shutdown -h now" for powerfail. Without this, lxc-stop - will send SIGPWR to attempt to stop the container, and will then force stop - it after a one minute timeout. Thanks to Andreas Vögele. - In the init scripts, wrap $container in double quotes to prevent syntax - errors if the variable is unset. Thanks to Jakub 'shasta' Jankowski. -l/libxml2-2.9.4-x86_64-2.txz: Rebuilt. - Fix attribute decoding during XML schema validation. - Thanks to Andreas Vögele. -n/net-snmp-5.7.3-x86_64-3.txz: Rebuilt. - Include support for the ucd-snmp/diskio module. - Thanks to Jakub 'shasta' Jankowski. -n/ntp-4.2.8p8-x86_64-1.txz: Upgraded. - This release patches one high and four low severity security issues: - CVE-2016-4957: Crypto-NAK crash - CVE-2016-4953: Bad authentication demobilizes ephemeral associations - CVE-2016-4954: Processing spoofed server packets - CVE-2016-4955: Autokey association reset - CVE-2016-4956: Broadcast interleave - For more information, see: - http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4957 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4953 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4954 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4955 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4956 - (* Security fix *) -xap/imagemagick-6.9.4_7-x86_64-1.txz: Upgraded. -xfce/xfce4-panel-4.12.0-x86_64-3.txz: Rebuilt. - Blink taskbar buttons for notification 4 times, not G_MAXUINT times. - Thanks to Andrzej Telszewski. -+--------------------------+ -Thu Jun 2 19:08:13 UTC 2016 -This could be the last batch of updates before 14.2 stable, so please test! -a/kernel-firmware-20160601git-noarch-1.txz: Upgraded. -a/kernel-generic-4.4.12-x86_64-1.txz: Upgraded. -a/kernel-huge-4.4.12-x86_64-1.txz: Upgraded. -a/kernel-modules-4.4.12-x86_64-1.txz: Upgraded. -ap/hplip-3.16.5-x86_64-3.txz: Rebuilt. - Patched setup.py to set LC_ALL=C, which should fix parsing CUPS output. -d/gdb-7.11.1-x86_64-1.txz: Upgraded. -d/kernel-headers-4.4.12-x86-1.txz: Upgraded. -k/kernel-source-4.4.12-noarch-1.txz: Upgraded. -l/harfbuzz-1.2.7-x86_64-1.txz: Upgraded. -n/libnftnl-1.0.6-x86_64-1.txz: Upgraded. -xap/imagemagick-6.9.4_6-x86_64-1.txz: Upgraded. -xap/xscreensaver-5.35-x86_64-2.txz: Rebuilt. - Fixed missing '\' in the build script which caused a few configure options - to be skipped. Thanks to Stuart Winter. +Mon Apr 30 01:34:10 UTC 2018 +a/kernel-generic-4.14.38-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.38-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.38-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.38-x86-1.txz: Upgraded. +k/kernel-source-4.14.38-noarch-1.txz: Upgraded. +l/libwebp-1.0.0-x86_64-1.txz: Upgraded. +n/samba-4.8.1-x86_64-1.txz: Upgraded. +x/x11-skel-7.7-x86_64-4.txz: Rebuilt. + xwmconfig: typo fix in comment. (fortune -m "only code") isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Tue May 31 20:05:12 UTC 2016 -ap/cdrtools-3.01-x86_64-3.txz: Rebuilt. - Applied cdrtools-3.01-fix-20151126-mkisofs-isoinfo.patch. Thanks to gmgf. -ap/hplip-3.16.5-x86_64-2.txz: Rebuilt. - Recompiled with these changed paths: - --with-hpppddir=/usr/share/ppd/HP - --with-drvdir=/usr/share/cups/drv/HP - This matches what is expected for Slackware in the distros.dat file and is - hardcoded in core_install.py. Thanks to kjhambrick. -l/LibRaw-0.17.2-x86_64-1.txz: Upgraded. -l/lcms2-2.7-x86_64-2.txz: Rebuilt. - Don't package PDF/RTF docs. -n/bluez-5.40-x86_64-1.txz: Upgraded. -extra/bash-completion/bash-completion-2.2-noarch-3.txz: Rebuilt. - Removed mpv -> mplayer symlink. Thanks to Robby Workman. -+--------------------------+ -Tue May 31 05:42:04 UTC 2016 -a/aaa_elflibs-14.2-x86_64-18.txz: Rebuilt. -ap/tmux-2.1-x86_64-3.txz: Rebuilt. - Added /usr/share/terminfo/tmux{,-256color}. Thanks to dugan. -d/python-setuptools-21.2.2-x86_64-1.txz: Upgraded. -n/curl-7.49.1-x86_64-1.txz: Upgraded. -xap/blueman-2.0.4-x86_64-1.txz: Upgraded. - Thanks to Robby Workman. -xap/imagemagick-6.9.4_5-x86_64-1.txz: Upgraded. - Removed popen() support to prevent another shell vulnerability. This - issue was discovered by Bob Friesenhahn, of the GraphicsMagick project. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5118 - (* Security fix *) -xap/mozilla-thunderbird-45.1.1-x86_64-1.txz: Upgraded. - This release contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html - (* Security fix *) -xap/xscreensaver-5.35-x86_64-1.txz: Upgraded. -+--------------------------+ -Fri May 27 23:08:17 UTC 2016 -a/sysvinit-scripts-2.0-noarch-32.txz: Rebuilt. - rc.S: Fixed cgroup, cgmanager, and cgproxy handling so that it works if /usr - is a separate partition. Thanks to Richard Cranium and Matteo Bernardini. -ap/ghostscript-9.19-x86_64-2.txz: Rebuilt. - Use the bundled version of openjpeg, which includes patches needed by - ghostscript. Thanks to qunying. -ap/lxc-2.0.1-x86_64-2.txz: Rebuilt. - Merged rc.S changes. -l/libxml2-2.9.4-x86_64-1.txz: Upgraded. - This release fixes bugs and security issues: - Heap-based buffer underreads due to xmlParseName (CVE-2016-4447). - Format string vulnerability (CVE-2016-4448). - Inappropriate fetch of entities content (CVE-2016-4449). - For more information, see: - http://xmlsoft.org/news.html - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449 - (* Security fix *) -l/libxslt-1.1.29-x86_64-1.txz: Upgraded. - This release fixes bugs and a security issue: - Fix for type confusion in preprocessing attributes (Daniel Veillard). - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995 - (* Security fix *) -n/php-5.6.22-x86_64-1.txz: Upgraded. +Sun Apr 29 00:07:10 UTC 2018 +a/glibc-zoneinfo-2018d-noarch-3.txz: Rebuilt. + timeconfig: fixed some cosmetic issues with output spacing. +a/gpm-1.20.7-x86_64-7.txz: Rebuilt. + setup.mouse: fixed some cosmetic issues with output spacing. +a/pkgtools-15.0-noarch-10.txz: Rebuilt. + Fixed some cosmetic issues with output spacing. +ap/slackpkg-2.82.2-noarch-3.txz: Rebuilt. + Edited the slack-desc to be properly formed (and more accurate). +d/doxygen-1.8.14-x86_64-3.txz: Rebuilt. + Reverted patch that causes doxygen to segfault. Thanks to orbea. +l/libvisio-0.1.6-x86_64-4.txz: Rebuilt. + Removed build script kludge to work around doxygen segfault. +x/mesa-18.0.2-x86_64-1.txz: Upgraded. +x/x11-skel-7.7-x86_64-3.txz: Rebuilt. + xwmconfig: fixed some cosmetic issues with output spacing. ++--------------------------+ +Fri Apr 27 23:15:41 UTC 2018 +ap/nano-2.9.6-x86_64-1.txz: Upgraded. +e/emacs-25.3-x86_64-3.txz: Rebuilt. + Provide unversioned emacs-no-x11 and emacs-with-x11 symlinks. + Thanks to madridsecreto. +n/openssh-7.7p1-x86_64-4.txz: Rebuilt. + Fixed tunnel forwarding with -w option. Thanks to Mario Preksavec. +x/urw-core35-fonts-otf-20170801_91edd6e_git-noarch-1.txz: Upgraded. ++--------------------------+ +Fri Apr 27 03:58:48 UTC 2018 +a/kernel-generic-4.14.37-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.37-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.37-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.37-x86-1.txz: Upgraded. +k/kernel-source-4.14.37-noarch-1.txz: Upgraded. +n/openvpn-2.4.6-x86_64-1.txz: Upgraded. + This is a security update fixing a potential double-free() in Interactive + Service. This usually only leads to a process crash (DoS by an unprivileged + local account) but since it could possibly lead to memory corruption if + happening while multiple other threads are active at the same time, + CVE-2018-9336 has been assigned to acknowledge this risk. + For more information, see: + https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9336 + (* Security fix *) +n/php-7.2.5-x86_64-1.txz: Upgraded. This release fixes bugs and security issues. For more information, see: - http://php.net/ChangeLog-5.php#5.6.22 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7456 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5094 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5096 + https://php.net/ChangeLog-7.php#7.2.5 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5712 (* Security fix *) -xap/geeqie-1.3-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. - Make rc.dropbear executable. Thanks to Eduard Rozenberg. +kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. - Make rc.dropbear executable. Thanks to Eduard Rozenberg. -+--------------------------+ -Thu May 26 23:12:27 UTC 2016 -a/aaa_elflibs-14.2-x86_64-17.txz: Rebuilt. -l/libpng-1.6.22-x86_64-1.txz: Upgraded. -l/libtiff-4.0.6-x86_64-1.txz: Upgraded. -n/bind-9.10.4_P1-x86_64-1.txz: Upgraded. -x/libXfixes-5.0.2-x86_64-1.txz: Upgraded. -x/xproto-7.0.29-noarch-1.txz: Upgraded. -xap/imagemagick-6.9.4_4-x86_64-1.txz: Upgraded. -+--------------------------+ -Thu May 26 20:30:18 UTC 2016 -ap/ghostscript-9.19-x86_64-1.txz: Upgraded. - Dumped old unmaintained bundled libraries and linked with system libraries - instead. There had been a crash previously with the GIMP plugin and - ghostscript > 9.07, but now it works as expected. Thanks to qunying. -+--------------------------+ -Wed May 25 23:37:36 UTC 2016 -x/xf86-input-wacom-0.33.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Thu Apr 26 01:34:12 UTC 2018 +Don't like PulseAudio? Well... I hear you. Personally, it works for me, and it +makes it easier to switch between multiple audio inputs and outputs compared +to using plain ALSA. PulseAudio got off to a rocky start in the Linux world, +where it found itself adopted before it was ready (it was even billed on its +own website at the time as "the software that currently breaks your audio"). +It's my opinion that the reputation that PulseAudio acquired due to problems +back then isn't deserved any longer. If your hardware supports the sampling +rate of the audio data you're trying to play, PulseAudio will not resample it +(and if your hardware doesn't support that rate, resampling can hardly be +avoided). The increased latency has not been an issue here. Nevertheless, I +recognize that there are use cases where PulseAudio is still a detriment. +While I don't generally recommend removing PulseAudio, I'm not going to cram +it down your throat. So, if you'd like to be rid of PulseAudio, head over to +the new extra/pure-alsa-system directory and follow the instructions in the +README file there, and you'll have a PulseAudio-free pure ALSA system. +Thanks to orbea who sent me a small patch for the mpg123.SlackBuild so that +it would detect the lack of PulseAudio and not try to build in support, which +got me to thinking about all of this. Cheers! :-) +a/btrfs-progs-v4.16.1-x86_64-1.txz: Upgraded. +kde/kopete-4.14.3-x86_64-7.txz: Rebuilt. + Dropped obsolete wlm (libmsn) protocol. Thanks to alienBOB. +l/libmsn-4.2.1-x86_64-3.txz: Removed. +l/poppler-data-0.4.9-noarch-1.txz: Upgraded. +extra/pure-alsa-system/MPlayer-20180208-x86_64-3_alsa.txz: Rebuilt. +extra/pure-alsa-system/alsa-lib-1.1.6-x86_64-3_alsa.txz: Rebuilt. +extra/pure-alsa-system/alsa-plugins-1.1.6-x86_64-2_alsa.txz: Rebuilt. +extra/pure-alsa-system/audacious-plugins-3.9-x86_64-4_alsa.txz: Rebuilt. +extra/pure-alsa-system/ffmpeg-3.4.2-x86_64-2_alsa.txz: Rebuilt. +extra/pure-alsa-system/fluidsynth-1.1.10-x86_64-2_alsa.txz: Rebuilt. +extra/pure-alsa-system/gst-plugins-good-1.14.0-x86_64-2_alsa.txz: Rebuilt. +extra/pure-alsa-system/gst-plugins-good0-0.10.31-x86_64-3_alsa.txz: Rebuilt. +extra/pure-alsa-system/kde-runtime-4.14.3-x86_64-7_alsa.txz: Rebuilt. +extra/pure-alsa-system/kmix-4.14.3-x86_64-4_alsa.txz: Rebuilt. +extra/pure-alsa-system/libao-1.2.2-x86_64-2_alsa.txz: Rebuilt. +extra/pure-alsa-system/libcanberra-0.30-x86_64-6_alsa.txz: Rebuilt. +extra/pure-alsa-system/mpg123-1.25.10-x86_64-2_alsa.txz: Rebuilt. +extra/pure-alsa-system/phonon-4.8.3-x86_64-3_alsa.txz: Rebuilt. +extra/pure-alsa-system/sox-14.4.2-x86_64-5_alsa.txz: Rebuilt. +extra/pure-alsa-system/xfce4-mixer-4.11.0-x86_64-1_alsa.txz: Upgraded. +extra/pure-alsa-system/xfce4-volumed-0.1.13-x86_64-4_alsa.txz: Rebuilt. +extra/pure-alsa-system/xine-lib-1.2.9-x86_64-2_alsa.txz: Rebuilt. ++--------------------------+ +Wed Apr 25 04:38:51 UTC 2018 +a/kernel-generic-4.14.36-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.36-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.36-x86_64-1.txz: Upgraded. +d/gcc-7.3.0-x86_64-3.txz: Rebuilt. +d/gcc-brig-7.3.0-x86_64-3.txz: Rebuilt. +d/gcc-g++-7.3.0-x86_64-3.txz: Rebuilt. +d/gcc-gfortran-7.3.0-x86_64-3.txz: Rebuilt. +d/gcc-gnat-7.3.0-x86_64-3.txz: Rebuilt. + Rebuilt to fix missing shared libraries. Thanks to qunying. +d/gcc-go-7.3.0-x86_64-3.txz: Rebuilt. +d/gcc-objc-7.3.0-x86_64-3.txz: Rebuilt. +d/kernel-headers-4.14.36-x86-1.txz: Upgraded. +d/parallel-20180422-noarch-1.txz: Added. +d/perl-5.26.2-x86_64-2.txz: Rebuilt. + Applied upstream patch to use net_buffer_length in DBD-mysql. + Thanks to Iouri Kharon. + Upgraded to URI-1.74. +k/kernel-source-4.14.36-noarch-1.txz: Upgraded. +l/imagemagick-6.9.9_40-x86_64-3.txz: Rebuilt. + Really disable OpenCL. Thanks to orbea. isolinux/initrd.img: Rebuilt. - In rc.dropbear, drop the option to use /etc/motd.net (this was preventing - dropbear from starting properly). Thanks to Eduard Rozenberg. +kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. - In rc.dropbear, drop the option to use /etc/motd.net (this was preventing - dropbear from starting properly). Thanks to Eduard Rozenberg. -+--------------------------+ -Wed May 25 04:20:09 UTC 2016 -a/aaa_elflibs-14.2-x86_64-16.txz: Rebuilt. -a/e2fsprogs-1.43-x86_64-2.txz: Rebuilt. - Do not use 64-bit by default on ext4, since some bootloaders cannot handle - it yet. But use "auto_64-bit_support = 1", which will enable 64-bit if the - number of blocks for the file system requires the feature to be enabled. -a/syslinux-4.07-x86_64-1.txz: Upgraded. -ap/cups-filters-1.8.3-x86_64-3.txz: Rebuilt. - Recompiled against poppler-0.44.0. -ap/mpg123-1.23.4-x86_64-1.txz: Upgraded. -ap/slackpkg-2.82.1-noarch-2.txz: Rebuilt. - Updated URLs for garr.it mirrors. Thanks to Andrej Sossi. -d/git-2.8.3-x86_64-1.txz: Upgraded. -kde/calligra-2.9.11-x86_64-4.txz: Rebuilt. - Recompiled against poppler-0.44.0. -l/libarchive-3.1.2-x86_64-3.txz: Rebuilt. - Patched an issue with Zip archive handling that could allow an attacker - to overwrite parts of the heap in a controlled fashion and execute - arbitrary code. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541 - (* Security fix *) -l/poppler-0.44.0-x86_64-1.txz: Upgraded. - Shared library .so-version bump. -n/gnutls-3.4.12-x86_64-1.txz: Upgraded. -xap/MPlayer-1.2_20160125-x86_64-3.txz: Rebuilt. - Recompiled with --disable-ossaudio. -xfce/tumbler-0.1.31-x86_64-7.txz: Rebuilt. - Recompiled against poppler-0.44.0. ++--------------------------+ +Mon Apr 23 22:17:42 UTC 2018 +ap/gutenprint-5.2.14-x86_64-1.txz: Upgraded. +d/meson-0.46.0-x86_64-1.txz: Upgraded. +d/python-pip-10.0.1-x86_64-1.txz: Upgraded. ++--------------------------+ +Sat Apr 21 17:39:25 UTC 2018 +a/lvm2-2.02.177-x86_64-1.txz: Upgraded. +a/pkgtools-15.0-noarch-9.txz: Rebuilt. + installpkg: fixed occasional lack of package size reported by the installer. +d/binutils-2.30-x86_64-3.txz: Rebuilt. + Fixed /usr/$TARGET/lib directory. Thanks to GazL. +n/gpgme-1.11.1-x86_64-1.txz: Upgraded. +n/ppp-2.4.7-x86_64-3.txz: Rebuilt. + Fixed rp-pppoe build. Thanks to voegelas for the bug report. +xfce/xfce4-settings-4.12.3-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Fri May 20 21:20:29 UTC 2016 -a/aaa_base-14.2-x86_64-2.txz: Rebuilt. - Updated your your initial email. ;-) - Thanks to Tonus for the typo report. -a/aaa_elflibs-14.2-x86_64-15.txz: Rebuilt. -a/btrfs-progs-v4.5.3-x86_64-1.txz: Upgraded. -a/e2fsprogs-1.43-x86_64-1.txz: Upgraded. -a/gzip-1.8-x86_64-1.txz: Upgraded. -a/kernel-generic-4.4.11-x86_64-1.txz: Upgraded. -a/kernel-huge-4.4.11-x86_64-1.txz: Upgraded. -a/kernel-modules-4.4.11-x86_64-1.txz: Upgraded. -a/tar-1.29-x86_64-1.txz: Upgraded. -ap/lxc-2.0.1-x86_64-1.txz: Upgraded. -ap/sqlite-3.13.0-x86_64-1.txz: Upgraded. -ap/vim-7.4.1832-x86_64-1.txz: Upgraded. -d/kernel-headers-4.4.11-x86-1.txz: Upgraded. -k/kernel-source-4.4.11-noarch-1.txz: Upgraded. -n/curl-7.49.0-x86_64-1.txz: Upgraded. - Fixed a TLS certificate check bypass with mbedTLS/PolarSSL. - For more information, see: - https://curl.haxx.se/docs/adv_20160518.html - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3739 - (* Security fix *) -n/dnsmasq-2.76-x86_64-1.txz: Upgraded. -n/lftp-4.7.2-x86_64-1.txz: Upgraded. -xap/vim-gvim-7.4.1832-x86_64-1.txz: Upgraded. +Fri Apr 20 03:32:21 UTC 2018 +a/kernel-generic-4.14.35-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.35-x86_64-1.txz: Upgraded. + SQUASHFS m -> y + Thanks to alienBOB. +a/kernel-modules-4.14.35-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.35-x86-1.txz: Upgraded. +k/kernel-source-4.14.35-noarch-1.txz: Upgraded. + RCU_EXPERT n -> y + +RCU_FANOUT 32 + +RCU_FANOUT_LEAF 16 + +RCU_FAST_NO_HZ y + +RCU_NOCB_CPU y + Thanks to alienBOB. +kde/kde-runtime-4.14.3-x86_64-7.txz: Rebuilt. + Recompiled against gpgme-1.11.0. +kde/kdepim-4.14.10-x86_64-4.txz: Rebuilt. + Recompiled against gpgme-1.11.0. +kde/kdepimlibs-4.14.10-x86_64-6.txz: Rebuilt. + Recompiled against gpgme-1.11.0. +kde/kget-4.14.3-x86_64-5.txz: Rebuilt. + Recompiled against gpgme-1.11.0. +kde/kopete-4.14.3-x86_64-6.txz: Rebuilt. + Recompiled against gpgme-1.11.0. +l/gmime-2.6.23-x86_64-4.txz: Rebuilt. + Recompiled against gpgme-1.11.0. +n/gpa-0.9.10-x86_64-3.txz: Rebuilt. + Recompiled against gpgme-1.11.0. +n/gpgme-1.11.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +n/mcabber-1.0.5-x86_64-3.txz: Rebuilt. + Recompiled against gpgme-1.11.0. +n/mutt-1.9.5-x86_64-2.txz: Rebuilt. + Recompiled against gpgme-1.11.0. +n/samba-4.7.7-x86_64-2.txz: Rebuilt. + Recompiled against gpgme-1.11.0. +x/libinput-1.10.5-x86_64-1.txz: Upgraded. +extra/fltk/fltk-1.3.4_2-x86_64-2.txz: Rebuilt. + Fixed fltk-config. Thanks to Matteo Bernardini. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Tue May 17 21:52:11 UTC 2016 -a/aaa_elflibs-14.2-x86_64-14.txz: Rebuilt. -d/mercurial-3.8.2-x86_64-1.txz: Upgraded. -l/gdbm-1.12-x86_64-1.txz: Upgraded. -l/libmtp-1.1.11-x86_64-1.txz: Upgraded. -n/libndp-1.6-x86_64-1.txz: Upgraded. - This update fixes a security issue. It was found that libndp did - not properly validate and check the origin of Neighbor Discovery - Protocol (NDP) messages. An attacker on a non-local network could - use this flaw to advertise a node as a router, allowing them to - perform man-in-the-middle attacks on a connecting client, or - disrupt the network connectivity of that client. - Thanks to Julien Bernard (Viagénie) for reporting this issue. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3698 - (* Security fix *) -xap/gnuplot-5.0.3-x86_64-2.txz: Rebuilt. - Added libcaca support. Thanks to Andrew Clemons. -+--------------------------+ -Tue May 17 05:06:44 UTC 2016 -a/kernel-firmware-20160516git-noarch-1.txz: Upgraded. -a/lvm2-2.02.154-x86_64-1.txz: Upgraded. -d/python-setuptools-21.0.0-x86_64-1.txz: Upgraded. -n/lftp-4.7.1-x86_64-1.txz: Upgraded. -xap/imagemagick-6.9.4_1-x86_64-2.txz: Rebuilt. - Fixed .new config file installation. Thanks to ivandi. -testing/source/linux-4.5.4-configs/*: Added. -testing/source/linux-4.6-configs/*: Added. -+--------------------------+ -Thu May 12 01:50:21 UTC 2016 -a/kernel-firmware-20160511git-noarch-1.txz: Upgraded. -a/kernel-generic-4.4.10-x86_64-1.txz: Upgraded. -a/kernel-huge-4.4.10-x86_64-1.txz: Upgraded. -a/kernel-modules-4.4.10-x86_64-1.txz: Upgraded. -ap/man-pages-4.06-noarch-1.txz: Upgraded. -d/kernel-headers-4.4.10-x86-1.txz: Upgraded. -k/kernel-source-4.4.10-noarch-1.txz: Upgraded. -n/NetworkManager-1.2.2-x86_64-1.txz: Upgraded. -xap/mozilla-thunderbird-45.1.0-x86_64-1.txz: Upgraded. - This release contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html - (* Security fix *) -xap/network-manager-applet-1.2.2-x86_64-1.txz: Upgraded. +Thu Apr 19 01:04:06 UTC 2018 +Hi folks, and welcome to the third ever Slackware Mass Rebuild (and the +longest ChangeLog entry in project history). There were two primary +motivations for rebuilding everything in the main tree. The first was to +switch to the new C++ ABI. The second was to get rid of all the .la files +in the LD_LIBRARY_PATH. Really, having .la files installed has been mostly +obsolete since things began to use pkg-config instead, but it's not easy +to get rid of them unless you do it all at once. If you just take them out +of one package, any other packages containing .la files that refer to the +removed ones will be broken. We've removed a few here and there before +(and then handled any packages that had referred to them with a rebuild), +but it was time to finally remove all the ones in /lib{,64} and +/usr/lib{,64}. One of the reasons that this really needed to happen is that +many projects are starting to migrate to build systems other than autotools, +and those systems do not generate .la files. So if we didn't get rid of them +now, we might end up in a situation later on where they are being removed +by upstream and then we would have to chase down the dependency breakage and +recompile (possibly many) other packages. The .la files that are outside of +the LD_LIBRARY_PATH were not removed (and shouldn't be) - those ones are +often used by the lt_dlopen() function to load plugins and removing those +ones can break things. But those ones don't cause problems... they aren't +likely to try to infect .la files produced by other packages. +IMPORTANT NOTE: If you have any third party or other packages installed on +your system that don't come with Slackware, and those packages have installed +any .la files, it is very likely that they refer to some .la files which we +have just removed, and that trying to compile against these packages will no +longer work. Luckily, the solution is simple: remove them. This command will +remove any stale .la files from the LD_LIBRARY_PATH: +rm /{,usr/}lib{,64}/*.la +Moving forward, nothing shipped in Slackware will contain any .la files in +those directories, and any SlackBuilds intended to be used with Slackware 15.0 +should contain this bit of script: +# Don't ship .la files: +rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la +In addition to those goals, the opportunity was taken to clean up slack-desc +files and make many trivial fixes to build scripts. We've also made it easy +to recompile everything again should there be a good reason to do so. +You'll also find various updates scattered throughout this long list. +Enjoy, and sorry about the bandwidth. ;-) +a/aaa_base-14.2-x86_64-4.txz: Rebuilt. + In /etc/os-release, change PRETTY_NAME to: + PRETTY_NAME="Slackware 14.2 $ARCH (post 14.2 -current)" +a/aaa_elflibs-14.2-x86_64-35.txz: Rebuilt. + Removed obsolete libraries: libudev.so.0.13.1, libgdbm.so.3.0.0, + libhistory.so.5.2, libjpeg.so.8.0.1, libmpfr.so.4.1.6, libpng14.so.14.18.0, + libreadline.so.5.2, libstdc++.so.5.0.7, libtiff.so.3.9.7, + and libtiffxx.so.3.9.7. + Don't create library symlinks in the install script - let installpkg's + ldconfig do the work. +a/aaa_terminfo-6.1_20180324-x86_64-4.txz: Rebuilt. + Changed xterm definition as noted for the ncurses package below. +a/acl-2.2.52-x86_64-2.txz: Rebuilt. +a/acpid-2.0.29-x86_64-1.txz: Upgraded. +a/attr-2.4.47-x86_64-2.txz: Rebuilt. +a/bash-4.4.019-x86_64-3.txz: Rebuilt. +a/bin-11.1-x86_64-2.txz: Rebuilt. +a/btrfs-progs-v4.16-x86_64-2.txz: Rebuilt. +a/bzip2-1.0.6-x86_64-2.txz: Rebuilt. +a/coreutils-8.29-x86_64-2.txz: Rebuilt. +a/cpio-2.12-x86_64-2.txz: Rebuilt. +a/cpufrequtils-008-x86_64-2.txz: Rebuilt. +a/cryptsetup-1.7.5-x86_64-2.txz: Rebuilt. +a/dbus-1.12.6-x86_64-2.txz: Rebuilt. +a/dcron-4.5-x86_64-6.txz: Rebuilt. +a/dialog-1.3_20170509-x86_64-2.txz: Rebuilt. +a/dosfstools-4.1-x86_64-2.txz: Rebuilt. +a/e2fsprogs-1.44.1-x86_64-2.txz: Rebuilt. +a/ed-1.14.2-x86_64-2.txz: Rebuilt. +a/efibootmgr-0.5.4-x86_64-2.txz: Rebuilt. +a/elilo-3.16-x86_64-6.txz: Rebuilt. +a/elvis-2.2_0-x86_64-4.txz: Rebuilt. +a/etc-15.0-x86_64-4.txz: Rebuilt. +a/eudev-3.2.5-x86_64-2.txz: Rebuilt. +a/file-5.33-x86_64-1.txz: Upgraded. +a/findutils-4.4.2-x86_64-2.txz: Rebuilt. +a/floppy-5.5-x86_64-2.txz: Rebuilt. +a/gawk-4.2.1-x86_64-2.txz: Rebuilt. +a/genpower-1.0.5-x86_64-3.txz: Rebuilt. +a/gettext-0.19.8.1-x86_64-5.txz: Rebuilt. +a/getty-ps-2.1.0b-x86_64-4.txz: Rebuilt. +a/glibc-solibs-2.27-x86_64-2.txz: Rebuilt. +a/glibc-zoneinfo-2018d-noarch-2.txz: Rebuilt. +a/gpm-1.20.7-x86_64-6.txz: Rebuilt. +a/gptfdisk-1.0.3-x86_64-2.txz: Rebuilt. +a/grep-3.1-x86_64-2.txz: Rebuilt. +a/grub-2.02-x86_64-2.txz: Rebuilt. +a/gzip-1.9-x86_64-2.txz: Rebuilt. +a/hdparm-9.56-x86_64-2.txz: Rebuilt. +a/hostname-3.18-x86_64-2.txz: Rebuilt. +a/hwdata-0.304-noarch-2.txz: Rebuilt. +a/infozip-6.0-x86_64-4.txz: Rebuilt. +a/inotify-tools-3.14-x86_64-2.txz: Rebuilt. +a/jfsutils-1.1.15-x86_64-2.txz: Rebuilt. +a/kbd-1.15.3-x86_64-4.txz: Rebuilt. +a/kernel-firmware-20180409_b562d2f-noarch-1.txz: Upgraded. +a/kmod-25-x86_64-2.txz: Rebuilt. +a/lbzip2-2.5-x86_64-2.txz: Rebuilt. +a/less-530-x86_64-3.txz: Rebuilt. +a/lha-114i-x86_64-2.txz: Rebuilt. +a/libcgroup-0.41-x86_64-3.txz: Rebuilt. +a/libgudev-232-x86_64-2.txz: Rebuilt. +a/lilo-24.2-x86_64-8.txz: Rebuilt. +a/logrotate-3.14.0-x86_64-2.txz: Rebuilt. +a/lrzip-0.631-x86_64-2.txz: Rebuilt. +a/lvm2-2.02.176-x86_64-2.txz: Rebuilt. +a/lzip-1.20-x86_64-3.txz: Rebuilt. +a/lzlib-1.10-x86_64-3.txz: Rebuilt. +a/mcelog-153-x86_64-2.txz: Rebuilt. +a/mdadm-4.0-x86_64-2.txz: Rebuilt. +a/minicom-2.7.1-x86_64-2.txz: Rebuilt. +a/mkinitrd-1.4.11-x86_64-6.txz: Rebuilt. + Improved and documented UUID support. Thanks to Xsane. + Upgraded to busybox-1.28.3. +a/mlocate-0.26-x86_64-2.txz: Rebuilt. +a/mt-st-1.3-x86_64-2.txz: Rebuilt. +a/mtx-1.3.12-x86_64-2.txz: Rebuilt. +a/ncompress-4.2.4.4-x86_64-2.txz: Rebuilt. +a/ntfs-3g-2017.3.23-x86_64-2.txz: Rebuilt. +a/openssl-solibs-1.0.2o-x86_64-2.txz: Rebuilt. +a/os-prober-1.76-x86_64-2.txz: Rebuilt. +a/patch-2.7.6-x86_64-3.txz: Rebuilt. +a/pciutils-3.5.6-x86_64-2.txz: Rebuilt. +a/pcmciautils-018-x86_64-2.txz: Rebuilt. +a/pkgtools-15.0-noarch-8.txz: Rebuilt. + installpkg: avoid messing with the system /install directory. + removepkg: also run ldconfig following package removal. +a/plzip-1.7-x86_64-3.txz: Rebuilt. +a/procps-ng-3.3.14-x86_64-2.txz: Rebuilt. +a/quota-4.03-x86_64-2.txz: Rebuilt. +a/reiserfsprogs-3.6.27-x86_64-2.txz: Rebuilt. +a/rpm2tgz-1.2.2-x86_64-2.txz: Rebuilt. +a/sdparm-1.10-x86_64-2.txz: Rebuilt. +a/sed-4.5-x86_64-2.txz: Rebuilt. +a/shadow-4.2.1-x86_64-4.txz: Rebuilt. +a/sharutils-4.15.2-x86_64-2.txz: Rebuilt. +a/smartmontools-6.6-x86_64-3.txz: Rebuilt. +a/splitvt-1.6.6-x86_64-2.txz: Rebuilt. +a/sysfsutils-2.1.0-x86_64-2.txz: Rebuilt. +a/sysklogd-1.5.1-x86_64-3.txz: Rebuilt. +a/syslinux-4.07-x86_64-2.txz: Rebuilt. +a/sysvinit-2.88dsf-x86_64-5.txz: Rebuilt. +a/sysvinit-functions-8.53-x86_64-3.txz: Rebuilt. +a/sysvinit-scripts-2.1-noarch-9.txz: Rebuilt. +a/tar-1.30-x86_64-2.txz: Rebuilt. +a/tcsh-6.20.00-x86_64-2.txz: Rebuilt. +a/time-1.9-x86_64-2.txz: Rebuilt. +a/tree-1.7.0-x86_64-2.txz: Rebuilt. +a/udisks-1.0.5-x86_64-4.txz: Rebuilt. +a/udisks2-2.6.5-x86_64-2.txz: Rebuilt. +a/unarj-265-x86_64-2.txz: Rebuilt. +a/upower-0.9.23-x86_64-4.txz: Rebuilt. +a/usb_modeswitch-2.5.1-x86_64-2.txz: Rebuilt. +a/usbutils-009-x86_64-2.txz: Rebuilt. +a/utempter-1.1.6-x86_64-3.txz: Rebuilt. +a/util-linux-2.32-x86_64-2.txz: Rebuilt. +a/which-2.21-x86_64-2.txz: Rebuilt. +a/xfsprogs-4.15.1-x86_64-2.txz: Rebuilt. +a/xz-5.2.3-x86_64-2.txz: Rebuilt. +a/zoo-2.10_22-x86_64-2.txz: Rebuilt. +ap/a2ps-4.14-x86_64-7.txz: Rebuilt. +ap/acct-6.6.4-x86_64-2.txz: Rebuilt. +ap/alsa-utils-1.1.6-x86_64-2.txz: Rebuilt. +ap/amp-0.7.6-x86_64-2.txz: Rebuilt. +ap/at-3.1.20-x86_64-2.txz: Rebuilt. +ap/bc-1.07.1-x86_64-2.txz: Rebuilt. +ap/bpe-2.01.00-x86_64-4.txz: Rebuilt. +ap/cdparanoia-III_10.2-x86_64-2.txz: Rebuilt. +ap/cdrdao-1.2.3-x86_64-4.txz: Rebuilt. +ap/cdrtools-3.01-x86_64-4.txz: Rebuilt. +ap/cgmanager-0.41-x86_64-4.txz: Rebuilt. +ap/cups-2.2.7-x86_64-2.txz: Rebuilt. +ap/cups-filters-1.20.3-x86_64-1.txz: Upgraded. + Recompiled against poppler-0.64.0. +ap/dash-0.5.9.1-x86_64-2.txz: Rebuilt. +ap/dc3dd-7.2.646-x86_64-2.txz: Rebuilt. +ap/ddrescue-1.23-x86_64-2.txz: Rebuilt. +ap/diffstat-1.61-x86_64-2.txz: Rebuilt. +ap/diffutils-3.6-x86_64-2.txz: Rebuilt. +ap/dmapi-2.2.12-x86_64-3.txz: Rebuilt. +ap/dmidecode-3.1-x86_64-2.txz: Rebuilt. +ap/dvd+rw-tools-7.1-x86_64-3.txz: Rebuilt. +ap/enscript-1.6.6-x86_64-2.txz: Rebuilt. +ap/flac-1.3.2-x86_64-2.txz: Rebuilt. +ap/ghostscript-9.23-x86_64-2.txz: Rebuilt. +ap/ghostscript-fonts-std-8.11-noarch-2.txz: Rebuilt. +ap/gphoto2-2.5.17-x86_64-1.txz: Upgraded. +ap/groff-1.22.3-x86_64-3.txz: Rebuilt. +ap/gutenprint-5.2.13-x86_64-2.txz: Rebuilt. +ap/hplip-3.18.3-x86_64-2.txz: Rebuilt. +ap/htop-2.2.0-x86_64-2.txz: Rebuilt. +ap/ispell-3.4.00-x86_64-2.txz: Rebuilt. +ap/itstool-2.0.4-x86_64-3.txz: Rebuilt. +ap/jed-0.99_19-x86_64-3.txz: Rebuilt. +ap/joe-4.6-x86_64-2.txz: Rebuilt. +ap/jove-4.16.0.73-x86_64-4.txz: Rebuilt. +ap/ksh93-20180412_71e6fdad-x86_64-1.txz: Upgraded. +ap/libx86-1.1-x86_64-3.txz: Rebuilt. +ap/linuxdoc-tools-0.9.72-x86_64-5.txz: Rebuilt. +ap/lm_sensors-3.4.0-x86_64-2.txz: Rebuilt. +ap/lsof-4.91-x86_64-2.txz: Rebuilt. +ap/lsscsi-0.28-x86_64-2.txz: Rebuilt. +ap/lxc-2.0.9-x86_64-2.txz: Rebuilt. +ap/madplay-0.15.2b-x86_64-5.txz: Rebuilt. +ap/man-db-2.8.3-x86_64-2.txz: Rebuilt. +ap/man-pages-4.15-noarch-2.txz: Rebuilt. +ap/mariadb-10.2.14-x86_64-2.txz: Rebuilt. +ap/mc-4.8.20-x86_64-2.txz: Rebuilt. +ap/moc-2.5.2-x86_64-4.txz: Rebuilt. +ap/most-5.0.0a-x86_64-3.txz: Rebuilt. +ap/mpg123-1.25.10-x86_64-2.txz: Rebuilt. +ap/nano-2.9.5-x86_64-2.txz: Rebuilt. +ap/normalize-0.7.7-x86_64-3.txz: Rebuilt. +ap/opus-tools-0.1.10-x86_64-2.txz: Rebuilt. +ap/pamixer-1.3.1-x86_64-6.txz: Rebuilt. + Recompiled against boost-1.67.0. +ap/pm-utils-1.4.1-x86_64-6.txz: Rebuilt. +ap/powertop-2.8-x86_64-3.txz: Rebuilt. +ap/qpdf-8.0.2-x86_64-2.txz: Rebuilt. +ap/radeontool-1.6.3-x86_64-2.txz: Rebuilt. +ap/rpm-4.14.1-x86_64-2.txz: Rebuilt. +ap/rzip-2.1-x86_64-2.txz: Rebuilt. +ap/sc-7.16-x86_64-6.txz: Rebuilt. +ap/screen-4.6.2-x86_64-2.txz: Rebuilt. +ap/seejpeg-1.10-x86_64-2.txz: Rebuilt. +ap/slackpkg-2.82.2-noarch-2.txz: Rebuilt. +ap/soma-2.12.3-noarch-2.txz: Rebuilt. +ap/sox-14.4.2-x86_64-5.txz: Rebuilt. +ap/sqlite-3.23.1-x86_64-2.txz: Rebuilt. +ap/squashfs-tools-4.3-x86_64-3.txz: Rebuilt. +ap/sudo-1.8.22-x86_64-2.txz: Rebuilt. +ap/sysstat-11.6.3-x86_64-2.txz: Rebuilt. +ap/terminus-font-4.40-noarch-2.txz: Rebuilt. +ap/texinfo-6.5-x86_64-3.txz: Rebuilt. + Recompiled against perl-5.26.2. +ap/tmux-2.7-x86_64-1.txz: Upgraded. +ap/usbmuxd-1.1.0-x86_64-2.txz: Rebuilt. +ap/vbetool-1.2.2-x86_64-2.txz: Rebuilt. +ap/vim-8.0.1733-x86_64-1.txz: Upgraded. + Recompiled against perl-5.26.2. +ap/vorbis-tools-1.4.0-x86_64-4.txz: Rebuilt. +ap/xfsdump-3.1.8-x86_64-2.txz: Rebuilt. +ap/xorriso-1.4.8-x86_64-2.txz: Rebuilt. +ap/zsh-5.5.1-x86_64-1.txz: Upgraded. +d/Cython-0.28.1-x86_64-2.txz: Rebuilt. +d/autoconf-2.69-noarch-2.txz: Rebuilt. +d/automake-1.16.1-noarch-2.txz: Rebuilt. +d/binutils-2.30-x86_64-2.txz: Rebuilt. +d/bison-3.0.4-x86_64-2.txz: Rebuilt. +d/ccache-3.4.2-x86_64-2.txz: Rebuilt. +d/clisp-2.49.20180409.0e4d38776f59-x86_64-1.txz: Upgraded. +d/cmake-3.11.1-x86_64-1.txz: Upgraded. +d/cscope-15.8b-x86_64-3.txz: Rebuilt. +d/cvs-1.11.23-x86_64-3.txz: Rebuilt. +d/dev86-0.16.21-x86_64-2.txz: Rebuilt. +d/distcc-3.3-x86_64-2.txz: Rebuilt. +d/doxygen-1.8.14-x86_64-2.txz: Rebuilt. +d/flex-2.6.4-x86_64-3.txz: Rebuilt. +d/gcc-7.3.0-x86_64-2.txz: Rebuilt. +d/gcc-brig-7.3.0-x86_64-2.txz: Rebuilt. +d/gcc-g++-7.3.0-x86_64-2.txz: Rebuilt. +d/gcc-gfortran-7.3.0-x86_64-2.txz: Rebuilt. +d/gcc-gnat-7.3.0-x86_64-2.txz: Rebuilt. +d/gcc-go-7.3.0-x86_64-2.txz: Rebuilt. +d/gcc-objc-7.3.0-x86_64-2.txz: Rebuilt. +d/gdb-8.1-x86_64-2.txz: Rebuilt. +d/gettext-tools-0.19.8.1-x86_64-5.txz: Rebuilt. +d/git-2.17.0-x86_64-2.txz: Rebuilt. +d/gnucobol-2.2-x86_64-2.txz: Rebuilt. +d/gperf-3.1-x86_64-2.txz: Rebuilt. +d/guile-2.2.3-x86_64-2.txz: Rebuilt. +d/help2man-1.47.6-x86_64-2.txz: Rebuilt. +d/indent-2.2.10-x86_64-2.txz: Rebuilt. +d/intltool-0.51.0-x86_64-4.txz: Rebuilt. +d/libtool-2.4.6-x86_64-7.txz: Rebuilt. +d/llvm-6.0.0-x86_64-2.txz: Rebuilt. +d/m4-1.4.18-x86_64-2.txz: Rebuilt. +d/make-4.2.1-x86_64-3.txz: Rebuilt. +d/mercurial-4.5.3-x86_64-2.txz: Rebuilt. +d/meson-0.45.1-x86_64-2.txz: Rebuilt. +d/nasm-2.13.03-x86_64-2.txz: Rebuilt. +d/ninja-1.8.2-x86_64-2.txz: Rebuilt. +d/opencl-headers-2.1-noarch-2.txz: Rebuilt. +d/oprofile-1.2.0-x86_64-3.txz: Rebuilt. +d/p2c-1.21alpha2-x86_64-4.txz: Rebuilt. +d/patchelf-0.9-x86_64-2.txz: Rebuilt. +d/perl-5.26.2-x86_64-1.txz: Upgraded. + Upgraded to DBD-mysql-4.046, DBI-1.641, and XML-Simple-2.25. +d/pkg-config-0.29.2-x86_64-2.txz: Rebuilt. +d/pmake-1.111-x86_64-5.txz: Rebuilt. +d/python-2.7.14-x86_64-2.txz: Rebuilt. +d/python-pip-9.0.3-x86_64-2.txz: Rebuilt. +d/python-setuptools-39.0.1-x86_64-2.txz: Rebuilt. +d/python3-3.6.5-x86_64-2.txz: Rebuilt. +d/rcs-5.9.4-x86_64-2.txz: Rebuilt. +d/re2c-1.0.3-x86_64-2.txz: Rebuilt. +d/ruby-2.5.1-x86_64-2.txz: Rebuilt. +d/rust-1.25.0-x86_64-2.txz: Rebuilt. +d/scons-3.0.1-x86_64-2.txz: Rebuilt. +d/slacktrack-2.18-x86_64-2.txz: Rebuilt. +d/strace-4.22-x86_64-2.txz: Rebuilt. +d/subversion-1.10.0-x86_64-1.txz: Upgraded. +d/swig-3.0.12-x86_64-2.txz: Rebuilt. +d/yasm-1.3.0-x86_64-2.txz: Rebuilt. +e/emacs-25.3-x86_64-2.txz: Rebuilt. +kde/amarok-2.9.0-x86_64-2.txz: Rebuilt. +kde/amor-4.14.3-x86_64-3.txz: Rebuilt. +kde/analitza-4.14.3-x86_64-4.txz: Rebuilt. +kde/ark-4.14.3-x86_64-3.txz: Rebuilt. +kde/artikulate-4.14.3-x86_64-3.txz: Rebuilt. +kde/audiocd-kio-4.14.3-x86_64-3.txz: Rebuilt. +kde/baloo-4.14.3-x86_64-4.txz: Rebuilt. +kde/baloo-widgets-4.14.3-x86_64-3.txz: Rebuilt. +kde/blinken-4.14.3-x86_64-3.txz: Rebuilt. +kde/bluedevil-2.1.1-x86_64-4.txz: Rebuilt. +kde/bomber-4.14.3-x86_64-3.txz: Rebuilt. +kde/bovo-4.14.3-x86_64-3.txz: Rebuilt. +kde/calligra-2.9.11-x86_64-20.txz: Rebuilt. + Recompiled against boost-1.67.0 and poppler-0.64.0. +kde/cantor-4.14.3-x86_64-3.txz: Rebuilt. +kde/cervisia-4.14.3-x86_64-3.txz: Rebuilt. +kde/dolphin-plugins-4.14.3-x86_64-3.txz: Rebuilt. +kde/dragon-4.14.3-x86_64-3.txz: Rebuilt. +kde/filelight-4.14.3-x86_64-3.txz: Rebuilt. +kde/granatier-4.14.3-x86_64-3.txz: Rebuilt. +kde/gwenview-4.14.3-x86_64-4.txz: Rebuilt. +kde/juk-4.14.3-x86_64-3.txz: Rebuilt. +kde/k3b-2.0.3-x86_64-4.txz: Rebuilt. +kde/kaccessible-4.14.3-x86_64-3.txz: Rebuilt. +kde/kactivities-4.13.3-x86_64-3.txz: Rebuilt. +kde/kajongg-4.14.3-x86_64-3.txz: Rebuilt. +kde/kalgebra-4.14.3-x86_64-3.txz: Rebuilt. +kde/kalzium-4.14.3-x86_64-3.txz: Rebuilt. +kde/kamera-4.14.3-x86_64-3.txz: Rebuilt. +kde/kanagram-4.14.3-x86_64-3.txz: Rebuilt. +kde/kapman-4.14.3-x86_64-3.txz: Rebuilt. +kde/kapptemplate-4.14.3-x86_64-3.txz: Rebuilt. +kde/kate-4.14.3-x86_64-4.txz: Rebuilt. +kde/katomic-4.14.3-x86_64-3.txz: Rebuilt. +kde/kaudiocreator-1.3-x86_64-3.txz: Rebuilt. +kde/kblackbox-4.14.3-x86_64-3.txz: Rebuilt. +kde/kblocks-4.14.3-x86_64-3.txz: Rebuilt. +kde/kbounce-4.14.3-x86_64-3.txz: Rebuilt. +kde/kbreakout-4.14.3-x86_64-3.txz: Rebuilt. +kde/kbruch-4.14.3-x86_64-3.txz: Rebuilt. +kde/kcachegrind-4.14.3-x86_64-3.txz: Rebuilt. +kde/kcalc-4.14.3-x86_64-3.txz: Rebuilt. +kde/kcharselect-4.14.3-x86_64-3.txz: Rebuilt. +kde/kcolorchooser-4.14.3-x86_64-3.txz: Rebuilt. +kde/kcron-4.14.3-x86_64-3.txz: Rebuilt. +kde/kde-base-artwork-4.14.3-x86_64-3.txz: Rebuilt. +kde/kde-baseapps-4.14.3-x86_64-3.txz: Rebuilt. +kde/kde-dev-scripts-4.14.3-x86_64-3.txz: Rebuilt. +kde/kde-dev-utils-4.14.3-x86_64-3.txz: Rebuilt. +kde/kde-runtime-4.14.3-x86_64-6.txz: Rebuilt. +kde/kde-wallpapers-4.14.3-noarch-2.txz: Rebuilt. +kde/kde-workspace-4.11.22-x86_64-5.txz: Rebuilt. +kde/kdeartwork-4.14.3-x86_64-3.txz: Rebuilt. +kde/kdeconnect-kde-0.8-x86_64-4.txz: Rebuilt. +kde/kdegraphics-mobipocket-4.14.3-x86_64-3.txz: Rebuilt. +kde/kdegraphics-strigi-analyzer-4.14.3-x86_64-3.txz: Rebuilt. +kde/kdegraphics-thumbnailers-4.14.3-x86_64-3.txz: Rebuilt. +kde/kdelibs-4.14.38-x86_64-2.txz: Rebuilt. +kde/kdenetwork-filesharing-4.14.3-x86_64-3.txz: Rebuilt. +kde/kdenetwork-strigi-analyzers-4.14.3-x86_64-3.txz: Rebuilt. +kde/kdepim-4.14.10-x86_64-3.txz: Rebuilt. +kde/kdepim-runtime-4.14.10-x86_64-2.txz: Rebuilt. +kde/kdepimlibs-4.14.10-x86_64-5.txz: Rebuilt. +kde/kdeplasma-addons-4.14.3-x86_64-3.txz: Rebuilt. +kde/kdesdk-kioslaves-4.14.3-x86_64-3.txz: Rebuilt. +kde/kdesdk-strigi-analyzers-4.14.3-x86_64-3.txz: Rebuilt. +kde/kdesdk-thumbnailers-4.14.3-x86_64-3.txz: Rebuilt. +kde/kdev-python-1.7.3-x86_64-3.txz: Rebuilt. +kde/kdevelop-4.7.4-x86_64-2.txz: Rebuilt. +kde/kdevelop-pg-qt-1.0.0-x86_64-3.txz: Rebuilt. +kde/kdevelop-php-1.7.4-x86_64-2.txz: Rebuilt. +kde/kdevelop-php-docs-1.7.4-x86_64-2.txz: Rebuilt. +kde/kdevplatform-1.7.4-x86_64-2.txz: Rebuilt. +kde/kdewebdev-4.14.3-x86_64-3.txz: Rebuilt. +kde/kdf-4.14.3-x86_64-3.txz: Rebuilt. +kde/kdiamond-4.14.3-x86_64-3.txz: Rebuilt. +kde/kfilemetadata-4.14.3-x86_64-4.txz: Rebuilt. +kde/kfloppy-4.14.3-x86_64-3.txz: Rebuilt. +kde/kfourinline-4.14.3-x86_64-3.txz: Rebuilt. +kde/kgamma-4.14.3-x86_64-3.txz: Rebuilt. +kde/kgeography-4.14.3-x86_64-3.txz: Rebuilt. +kde/kget-4.14.3-x86_64-4.txz: Rebuilt. +kde/kgoldrunner-4.14.3-x86_64-3.txz: Rebuilt. +kde/kgpg-4.14.3-x86_64-3.txz: Rebuilt. +kde/khangman-4.14.3-x86_64-3.txz: Rebuilt. +kde/kig-4.14.3-x86_64-8.txz: Rebuilt. +kde/kigo-4.14.3-x86_64-3.txz: Rebuilt. +kde/killbots-4.14.3-x86_64-3.txz: Rebuilt. +kde/kio-mtp-2063e75_20131020git-x86_64-4.txz: Rebuilt. +kde/kiriki-4.14.3-x86_64-3.txz: Rebuilt. +kde/kiten-4.14.3-x86_64-3.txz: Rebuilt. +kde/kjumpingcube-4.14.3-x86_64-3.txz: Rebuilt. +kde/klettres-4.14.3-x86_64-3.txz: Rebuilt. +kde/klickety-4.14.3-x86_64-3.txz: Rebuilt. +kde/klines-4.14.3-x86_64-3.txz: Rebuilt. +kde/kmag-4.14.3-x86_64-3.txz: Rebuilt. +kde/kmahjongg-4.14.3-x86_64-3.txz: Rebuilt. +kde/kmines-4.14.3-x86_64-3.txz: Rebuilt. +kde/kmix-4.14.3-x86_64-4.txz: Rebuilt. +kde/kmousetool-4.14.3-x86_64-3.txz: Rebuilt. +kde/kmouth-4.14.3-x86_64-3.txz: Rebuilt. +kde/kmplot-4.14.3-x86_64-3.txz: Rebuilt. +kde/knavalbattle-4.14.3-x86_64-3.txz: Rebuilt. +kde/knetwalk-4.14.3-x86_64-3.txz: Rebuilt. +kde/kolf-4.14.3-x86_64-3.txz: Rebuilt. +kde/kollision-4.14.3-x86_64-3.txz: Rebuilt. +kde/kolourpaint-4.14.3-x86_64-3.txz: Rebuilt. +kde/kompare-4.14.3-x86_64-3.txz: Rebuilt. +kde/konquest-4.14.3-x86_64-3.txz: Rebuilt. +kde/konsole-4.14.3-x86_64-5.txz: Rebuilt. + Reverted TERM change, so by default TERM=xterm again. +kde/kopete-4.14.3-x86_64-5.txz: Rebuilt. +kde/korundum-4.14.3-x86_64-6.txz: Rebuilt. +kde/kpat-4.14.3-x86_64-3.txz: Rebuilt. +kde/kplayer-0.7.2-x86_64-3.txz: Rebuilt. +kde/kppp-4.14.3-x86_64-3.txz: Rebuilt. +kde/kqtquickcharts-4.14.3-x86_64-3.txz: Rebuilt. +kde/krdc-4.14.3-x86_64-4.txz: Rebuilt. +kde/kremotecontrol-4.14.3-x86_64-3.txz: Rebuilt. +kde/kreversi-4.14.3-x86_64-3.txz: Rebuilt. +kde/krfb-4.14.3-x86_64-3.txz: Rebuilt. +kde/kross-interpreters-4.14.3-x86_64-4.txz: Rebuilt. +kde/kruler-4.14.3-x86_64-3.txz: Rebuilt. +kde/ksaneplugin-4.14.3-x86_64-3.txz: Rebuilt. +kde/kscreen-1.0.2.1-x86_64-3.txz: Rebuilt. +kde/kshisen-4.14.3-x86_64-3.txz: Rebuilt. +kde/ksirk-4.14.3-x86_64-3.txz: Rebuilt. +kde/ksnakeduel-4.14.3-x86_64-3.txz: Rebuilt. +kde/ksnapshot-4.14.3-x86_64-3.txz: Rebuilt. +kde/kspaceduel-4.14.3-x86_64-3.txz: Rebuilt. +kde/ksquares-4.14.3-x86_64-3.txz: Rebuilt. +kde/kstars-4.14.3-x86_64-3.txz: Rebuilt. +kde/ksudoku-4.14.3-x86_64-3.txz: Rebuilt. +kde/ksystemlog-4.14.3-x86_64-3.txz: Rebuilt. +kde/kteatime-4.14.3-x86_64-3.txz: Rebuilt. +kde/ktimer-4.14.3-x86_64-3.txz: Rebuilt. +kde/ktorrent-4.3.1-x86_64-3.txz: Rebuilt. +kde/ktouch-4.14.3-x86_64-4.txz: Rebuilt. +kde/ktuberling-4.14.3-x86_64-3.txz: Rebuilt. +kde/kturtle-4.14.3-x86_64-3.txz: Rebuilt. +kde/ktux-4.14.3-x86_64-3.txz: Rebuilt. +kde/kubrick-4.14.3-x86_64-3.txz: Rebuilt. +kde/kuser-4.14.3-x86_64-3.txz: Rebuilt. +kde/kwalletmanager-4.14.3-x86_64-3.txz: Rebuilt. +kde/kwebkitpart-1.3.4-x86_64-3.txz: Rebuilt. +kde/kwordquiz-4.14.3-x86_64-3.txz: Rebuilt. +kde/libkcddb-4.14.3-x86_64-3.txz: Rebuilt. +kde/libkcompactdisc-4.14.3-x86_64-3.txz: Rebuilt. +kde/libkdcraw-4.14.3-x86_64-5.txz: Rebuilt. +kde/libkdeedu-4.14.3-x86_64-3.txz: Rebuilt. +kde/libkdegames-4.14.3-x86_64-3.txz: Rebuilt. +kde/libkexiv2-4.14.3-x86_64-4.txz: Rebuilt. +kde/libkipi-4.14.3-x86_64-3.txz: Rebuilt. +kde/libkmahjongg-4.14.3-x86_64-3.txz: Rebuilt. +kde/libkomparediff2-4.14.3-x86_64-3.txz: Rebuilt. +kde/libksane-4.14.3-x86_64-3.txz: Rebuilt. +kde/libkscreen-1.0.5-x86_64-3.txz: Rebuilt. +kde/libktorrent-1.3.1-x86_64-4.txz: Rebuilt. +kde/libmm-qt-1.0.1-x86_64-3.txz: Rebuilt. +kde/libnm-qt-0.9.8.3-x86_64-3.txz: Rebuilt. +kde/lokalize-4.14.3-x86_64-4.txz: Rebuilt. +kde/lskat-4.14.3-x86_64-4.txz: Rebuilt. +kde/marble-4.14.3-x86_64-3.txz: Rebuilt. +kde/mplayerthumbs-4.14.3-x86_64-3.txz: Rebuilt. +kde/nepomuk-core-4.14.3-x86_64-4.txz: Rebuilt. +kde/nepomuk-widgets-4.14.3-x86_64-3.txz: Rebuilt. +kde/okteta-4.14.3-x86_64-3.txz: Rebuilt. +kde/okular-4.14.3-x86_64-3.txz: Rebuilt. +kde/oxygen-gtk2-1.4.6-x86_64-3.txz: Rebuilt. +kde/oxygen-icons-4.14.3-x86_64-3.txz: Rebuilt. +kde/pairs-4.14.3-x86_64-3.txz: Rebuilt. +kde/palapeli-4.14.3-x86_64-3.txz: Rebuilt. +kde/parley-4.14.3-x86_64-3.txz: Rebuilt. +kde/partitionmanager-1.1.1-x86_64-3.txz: Rebuilt. +kde/perlkde-4.14.3-x86_64-5.txz: Rebuilt. + Recompiled against perl-5.26.2. +kde/perlqt-4.14.3-x86_64-6.txz: Rebuilt. + Recompiled against perl-5.26.2. +kde/picmi-4.14.3-x86_64-3.txz: Rebuilt. +kde/plasma-nm-0.9.3.6-x86_64-2.txz: Rebuilt. +kde/polkit-kde-agent-1-9d74ae3_20120104git-x86_64-3.txz: Rebuilt. +kde/polkit-kde-kcmodules-1-001bdf7_20120111git-x86_64-3.txz: Rebuilt. +kde/poxml-4.14.3-x86_64-3.txz: Rebuilt. +kde/print-manager-4.14.3-x86_64-3.txz: Rebuilt. +kde/pykde4-4.14.3-x86_64-7.txz: Rebuilt. +kde/qtruby-4.14.3-x86_64-8.txz: Rebuilt. +kde/rocs-4.14.3-x86_64-3.txz: Rebuilt. +kde/skanlite-1.1-x86_64-3.txz: Rebuilt. +kde/smokegen-4.14.3-x86_64-3.txz: Rebuilt. +kde/smokekde-4.14.3-x86_64-3.txz: Rebuilt. +kde/smokeqt-4.14.3-x86_64-5.txz: Rebuilt. +kde/step-4.14.3-x86_64-6.txz: Rebuilt. +kde/superkaramba-4.14.3-x86_64-4.txz: Rebuilt. +kde/svgpart-4.14.3-x86_64-3.txz: Rebuilt. +kde/sweeper-4.14.3-x86_64-3.txz: Rebuilt. +kde/umbrello-4.14.3-x86_64-3.txz: Rebuilt. +kde/wicd-kde-0.3.0_bcf27d8-x86_64-3.txz: Rebuilt. +kde/zeroconf-ioslave-4.14.3-x86_64-3.txz: Rebuilt. +l/ConsoleKit2-1.0.0-x86_64-4.txz: Rebuilt. +l/GConf-3.2.6-x86_64-4.txz: Rebuilt. +l/LibRaw-0.18.8-x86_64-2.txz: Rebuilt. +l/M2Crypto-0.27.0-x86_64-3.txz: Rebuilt. +l/Mako-1.0.7-x86_64-2.txz: Rebuilt. +l/PyQt-4.12.1-x86_64-2.txz: Rebuilt. +l/QScintilla-2.10.2-x86_64-2.txz: Rebuilt. +l/SDL2-2.0.8-x86_64-2.txz: Rebuilt. +l/SDL2_gfx-1.0.3-x86_64-2.txz: Rebuilt. +l/SDL2_image-2.0.3-x86_64-2.txz: Rebuilt. +l/SDL2_mixer-2.0.2-x86_64-3.txz: Rebuilt. +l/SDL2_net-2.0.1-x86_64-2.txz: Rebuilt. +l/SDL2_ttf-2.0.14-x86_64-2.txz: Rebuilt. +l/a52dec-0.7.4-x86_64-3.txz: Rebuilt. +l/aalib-1.4rc5-x86_64-6.txz: Rebuilt. +l/adwaita-icon-theme-3.28.0-noarch-2.txz: Rebuilt. +l/akonadi-1.13.0-x86_64-9.txz: Rebuilt. + Recompiled against boost-1.67.0. +l/alsa-lib-1.1.6-x86_64-3.txz: Rebuilt. +l/alsa-oss-1.1.6-x86_64-2.txz: Rebuilt. +l/alsa-plugins-1.1.6-x86_64-2.txz: Rebuilt. +l/apr-1.6.3-x86_64-2.txz: Rebuilt. +l/apr-util-1.6.1-x86_64-6.txz: Rebuilt. +l/aspell-0.60.6.1-x86_64-3.txz: Rebuilt. +l/aspell-en-2018.04.16_0-x86_64-1.txz: Upgraded. +l/at-spi2-atk-2.26.2-x86_64-2.txz: Rebuilt. +l/at-spi2-core-2.28.0-x86_64-2.txz: Rebuilt. +l/atk-2.28.1-x86_64-2.txz: Rebuilt. +l/atkmm-2.24.2-x86_64-2.txz: Rebuilt. +l/attica-0.4.2-x86_64-2.txz: Rebuilt. +l/audiofile-0.3.6-x86_64-2.txz: Rebuilt. +l/automoc4-0.9.88-x86_64-2.txz: Rebuilt. +l/babl-0.1.46-x86_64-1.txz: Upgraded. +l/boost-1.67.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/cairo-1.15.12-x86_64-2.txz: Rebuilt. +l/cairomm-1.12.2-x86_64-2.txz: Rebuilt. +l/chmlib-0.40-x86_64-3.txz: Rebuilt. +l/clucene-2.3.3.4-x86_64-3.txz: Rebuilt. +l/db42-4.2.52-x86_64-4.txz: Rebuilt. +l/db44-4.4.20-x86_64-4.txz: Rebuilt. +l/db48-4.8.30-x86_64-3.txz: Rebuilt. +l/dbus-glib-0.110-x86_64-2.txz: Rebuilt. +l/dbus-python-1.2.6-x86_64-2.txz: Rebuilt. +l/dconf-0.26.1-x86_64-2.txz: Rebuilt. +l/dconf-editor-3.26.2-x86_64-2.txz: Rebuilt. +l/desktop-file-utils-0.23-x86_64-2.txz: Rebuilt. +l/djvulibre-3.5.27-x86_64-2.txz: Rebuilt. +l/ebook-tools-0.2.2-x86_64-5.txz: Rebuilt. +l/eigen2-2.0.17-x86_64-2.txz: Rebuilt. +l/eigen3-3.2.10-x86_64-2.txz: Rebuilt. +l/elfutils-0.170-x86_64-2.txz: Rebuilt. +l/enchant-1.6.1-x86_64-2.txz: Rebuilt. +l/esound-0.2.41-x86_64-3.txz: Rebuilt. +l/exiv2-0.26-x86_64-3.txz: Rebuilt. +l/expat-2.2.5-x86_64-2.txz: Rebuilt. +l/ffmpeg-3.4.2-x86_64-2.txz: Rebuilt. +l/fftw-3.3.7-x86_64-2.txz: Rebuilt. +l/fluidsynth-1.1.10-x86_64-2.txz: Rebuilt. +l/freetype-2.9-x86_64-2.txz: Rebuilt. +l/fribidi-0.19.7-x86_64-2.txz: Rebuilt. +l/fuse-2.9.7-x86_64-2.txz: Rebuilt. +l/gamin-0.1.10-x86_64-6.txz: Rebuilt. +l/gc-7.6.4-x86_64-2.txz: Rebuilt. +l/gcr-3.28.0-x86_64-2.txz: Rebuilt. +l/gd-2.2.5-x86_64-1.txz: Upgraded. + This update fixes two security issues: + Double-free in gdImagePngPtr() (denial of service). + Buffer over-read into uninitialized memory (information leak). + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6362 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7890 + (* Security fix *) +l/gdbm-1.13-x86_64-2.txz: Rebuilt. +l/gdk-pixbuf2-2.36.12-x86_64-2.txz: Rebuilt. +l/gegl-0.2.0-x86_64-7.txz: Rebuilt. +l/giflib-5.1.4-x86_64-2.txz: Rebuilt. +l/glade3-3.8.6-x86_64-2.txz: Rebuilt. +l/glib-1.2.10-x86_64-6.txz: Rebuilt. +l/glib-networking-2.56.0-x86_64-2.txz: Rebuilt. +l/glib2-2.56.1-x86_64-2.txz: Rebuilt. +l/glibc-2.27-x86_64-2.txz: Rebuilt. + [PATCH] Linux: use reserved name __key in pkey_get [BZ #22797] +l/glibc-i18n-2.27-x86_64-2.txz: Rebuilt. +l/glibc-profile-2.27-x86_64-2.txz: Rebuilt. +l/glibmm-2.56.0-x86_64-1.txz: Upgraded. +l/gmime-2.6.23-x86_64-3.txz: Rebuilt. +l/gmm-4.3-noarch-2.txz: Rebuilt. +l/gmp-6.1.2-x86_64-2.txz: Rebuilt. +l/gnome-keyring-3.28.0.2-x86_64-2.txz: Rebuilt. +l/gnome-themes-standard-3.22.3-x86_64-2.txz: Rebuilt. +l/gnu-efi-3.0.6-x86_64-2.txz: Rebuilt. +l/gobject-introspection-1.56.1-x86_64-2.txz: Rebuilt. +l/grantlee-0.5.1-x86_64-2.txz: Rebuilt. +l/gsettings-desktop-schemas-3.28.0-x86_64-2.txz: Rebuilt. +l/gsl-2.4-x86_64-2.txz: Rebuilt. +l/gst-plugins-base-1.14.0-x86_64-2.txz: Rebuilt. +l/gst-plugins-base0-0.10.36-x86_64-3.txz: Rebuilt. +l/gst-plugins-good-1.14.0-x86_64-2.txz: Rebuilt. +l/gst-plugins-good0-0.10.31-x86_64-3.txz: Rebuilt. +l/gst-plugins-libav-1.14.0-x86_64-2.txz: Rebuilt. +l/gstreamer-1.14.0-x86_64-2.txz: Rebuilt. +l/gstreamer0-0.10.36-x86_64-2.txz: Rebuilt. +l/gtk+-1.2.10-x86_64-7.txz: Rebuilt. +l/gtk+2-2.24.32-x86_64-2.txz: Rebuilt. +l/gtk+3-3.22.30-x86_64-1.txz: Upgraded. +l/gtkmm2-2.24.5-x86_64-2.txz: Rebuilt. +l/gtkmm3-3.22.2-x86_64-2.txz: Rebuilt. +l/gtkspell-2.0.16-x86_64-4.txz: Rebuilt. +l/gvfs-1.36.1-x86_64-2.txz: Rebuilt. +l/harfbuzz-1.7.6-x86_64-3.txz: Rebuilt. +l/hicolor-icon-theme-0.17-noarch-2.txz: Rebuilt. +l/hunspell-1.6.2-x86_64-2.txz: Rebuilt. +l/icon-naming-utils-0.8.90-x86_64-3.txz: Rebuilt. +l/icu4c-61.1-x86_64-2.txz: Rebuilt. +l/id3lib-3.8.3-x86_64-2.txz: Rebuilt. +l/ilmbase-2.2.0-x86_64-2.txz: Rebuilt. +l/imagemagick-6.9.9_40-x86_64-2.txz: Rebuilt. + Don't use OpenCL. Thanks to EdGr. +l/iso-codes-3.76-noarch-2.txz: Rebuilt. +l/jansson-2.11-x86_64-2.txz: Rebuilt. +l/jasper-2.0.12-x86_64-2.txz: Rebuilt. +l/jemalloc-4.5.0-x86_64-2.txz: Rebuilt. +l/js185-1.0.0-x86_64-2.txz: Rebuilt. +l/judy-1.0.5-x86_64-2.txz: Rebuilt. +l/keybinder-0.3.1-x86_64-2.txz: Rebuilt. +l/keyutils-1.5.10-x86_64-2.txz: Rebuilt. +l/lame-3.100-x86_64-2.txz: Rebuilt. +l/lcms-1.19-x86_64-4.txz: Rebuilt. +l/lcms2-2.9-x86_64-2.txz: Rebuilt. +l/libaio-0.3.110-x86_64-2.txz: Rebuilt. +l/libao-1.2.2-x86_64-2.txz: Rebuilt. +l/libarchive-3.3.2-x86_64-2.txz: Rebuilt. +l/libart_lgpl-2.3.21-x86_64-2.txz: Rebuilt. +l/libasyncns-0.8-x86_64-2.txz: Rebuilt. +l/libatasmart-0.19-x86_64-3.txz: Rebuilt. +l/libbluedevil-2.1-x86_64-2.txz: Rebuilt. +l/libbluray-1.0.1-x86_64-2.txz: Rebuilt. +l/libcaca-0.99.beta19-x86_64-3.txz: Rebuilt. +l/libcanberra-0.30-x86_64-6.txz: Rebuilt. +l/libcap-2.25-x86_64-2.txz: Rebuilt. +l/libcap-ng-0.7.8-x86_64-3.txz: Rebuilt. +l/libcddb-1.3.2-x86_64-5.txz: Rebuilt. +l/libcdio-2.0.0-x86_64-2.txz: Rebuilt. +l/libcdio-paranoia-10.2+0.94+2-x86_64-3.txz: Rebuilt. +l/libclc-20180223_3554053-x86_64-2.txz: Rebuilt. +l/libcroco-0.6.12-x86_64-2.txz: Rebuilt. +l/libdbusmenu-qt-0.9.2-x86_64-3.txz: Rebuilt. +l/libdiscid-0.6.2-x86_64-2.txz: Rebuilt. +l/libdvdnav-6.0.0-x86_64-2.txz: Rebuilt. +l/libdvdread-6.0.0-x86_64-3.txz: Rebuilt. +l/libedit-20170329_3.1-x86_64-2.txz: Rebuilt. +l/libevent-2.1.8-x86_64-2.txz: Rebuilt. +l/libexif-0.6.21-x86_64-2.txz: Rebuilt. +l/libfakekey-0.3-x86_64-2.txz: Rebuilt. +l/libffi-3.2.1-x86_64-2.txz: Rebuilt. +l/libglade-2.6.4-x86_64-6.txz: Rebuilt. +l/libgnome-keyring-3.12.0-x86_64-2.txz: Rebuilt. +l/libgphoto2-2.5.17-x86_64-1.txz: Upgraded. +l/libgpod-0.8.3-x86_64-5.txz: Rebuilt. +l/libgsf-1.14.42-x86_64-2.txz: Rebuilt. +l/libical-3.0.1-x86_64-3.txz: Rebuilt. +l/libid3tag-0.15.1b-x86_64-5.txz: Rebuilt. +l/libidl-0.8.14-x86_64-2.txz: Rebuilt. +l/libidn-1.34-x86_64-2.txz: Rebuilt. +l/libidn2-2.0.4-x86_64-2.txz: Rebuilt. +l/libieee1284-0.2.11-x86_64-4.txz: Rebuilt. +l/libimobiledevice-1.2.0-x86_64-3.txz: Rebuilt. +l/libiodbc-3.52.10-x86_64-3.txz: Rebuilt. +l/libjpeg-turbo-1.5.3-x86_64-2.txz: Rebuilt. +l/libkarma-0.1.1-x86_64-3.txz: Rebuilt. +l/liblastfm-1.0.9-x86_64-2.txz: Rebuilt. +l/libmad-0.15.1b-x86_64-4.txz: Rebuilt. +l/libmcrypt-2.5.8-x86_64-2.txz: Rebuilt. +l/libmng-2.0.3-x86_64-2.txz: Rebuilt. +l/libmpc-1.1.0-x86_64-2.txz: Rebuilt. +l/libmsn-4.2.1-x86_64-3.txz: Rebuilt. +l/libmtp-1.1.15-x86_64-2.txz: Rebuilt. +l/libnih-1.0.3-x86_64-3.txz: Rebuilt. +l/libnjb-2.2.7-x86_64-2.txz: Rebuilt. +l/libnl-1.1.4-x86_64-2.txz: Rebuilt. +l/libnl3-3.4.0-x86_64-2.txz: Rebuilt. +l/libnotify-0.7.7-x86_64-2.txz: Rebuilt. +l/libodfgen-0.1.6-x86_64-2.txz: Rebuilt. +l/libogg-1.3.3-x86_64-2.txz: Rebuilt. +l/liboggz-1.1.1-x86_64-3.txz: Rebuilt. +l/liboil-0.3.17-x86_64-2.txz: Rebuilt. +l/libpcap-1.8.1-x86_64-2.txz: Rebuilt. +l/libplist-2.0.0-x86_64-2.txz: Rebuilt. +l/libpng-1.6.34-x86_64-2.txz: Rebuilt. +l/libproxy-0.4.15-x86_64-2.txz: Rebuilt. +l/libraw1394-2.1.2-x86_64-2.txz: Rebuilt. +l/librevenge-0.0.4-x86_64-2.txz: Rebuilt. +l/librsvg-2.42.3-x86_64-3.txz: Rebuilt. +l/libsamplerate-0.1.9-x86_64-2.txz: Rebuilt. +l/libsecret-0.18.6-x86_64-2.txz: Rebuilt. +l/libsigc++-2.10.0-x86_64-2.txz: Rebuilt. +l/libsigsegv-2.12-x86_64-2.txz: Rebuilt. +l/libsndfile-1.0.28-x86_64-2.txz: Rebuilt. +l/libsodium-1.0.16-x86_64-2.txz: Rebuilt. +l/libsoup-2.62.1-x86_64-2.txz: Rebuilt. +l/libspectre-0.2.8-x86_64-2.txz: Rebuilt. +l/libssh-0.7.5-x86_64-2.txz: Rebuilt. +l/libssh2-1.8.0-x86_64-2.txz: Rebuilt. +l/libtasn1-4.13-x86_64-2.txz: Rebuilt. +l/libtheora-1.1.1-x86_64-2.txz: Rebuilt. +l/libtiff-4.0.9-x86_64-2.txz: Rebuilt. +l/libunistring-0.9.9-x86_64-2.txz: Rebuilt. +l/libunwind-1.2.1-x86_64-3.txz: Rebuilt. +l/libusb-1.0.22-x86_64-2.txz: Rebuilt. +l/libusb-compat-0.1.5-x86_64-3.txz: Rebuilt. +l/libusbmuxd-1.0.10-x86_64-2.txz: Rebuilt. +l/libvisio-0.1.6-x86_64-3.txz: Rebuilt. +l/libvisual-0.4.0-x86_64-4.txz: Rebuilt. +l/libvisual-plugins-0.4.0-x86_64-3.txz: Rebuilt. +l/libvncserver-0.9.11-x86_64-3.txz: Rebuilt. +l/libvorbis-1.3.6-x86_64-2.txz: Rebuilt. +l/libvpx-1.7.0-x86_64-2.txz: Rebuilt. +l/libwebp-0.6.1-x86_64-2.txz: Rebuilt. +l/libwmf-0.2.8.4-x86_64-7.txz: Rebuilt. +l/libwmf-docs-0.2.8.4-noarch-7.txz: Rebuilt. +l/libwnck-2.31.0-x86_64-3.txz: Rebuilt. +l/libwpd-0.10.1-x86_64-2.txz: Rebuilt. +l/libwpg-0.3.1-x86_64-2.txz: Rebuilt. +l/libxklavier-5.4-x86_64-2.txz: Rebuilt. +l/libxml2-2.9.8-x86_64-2.txz: Rebuilt. +l/libxslt-1.1.32-x86_64-2.txz: Rebuilt. +l/libyaml-0.1.7-x86_64-2.txz: Rebuilt. +l/libzip-1.5.1-x86_64-2.txz: Rebuilt. +l/loudmouth-1.5.3-x86_64-2.txz: Rebuilt. +l/lzo-2.10-x86_64-2.txz: Rebuilt. +l/media-player-info-23-noarch-2.txz: Rebuilt. +l/mhash-0.9.9.9-x86_64-4.txz: Rebuilt. +l/mm-1.4.2-x86_64-3.txz: Rebuilt. +l/mozilla-nss-3.36.1-x86_64-2.txz: Rebuilt. +l/mpfr-4.0.1-x86_64-2.txz: Rebuilt. +l/ncurses-6.1_20180324-x86_64-4.txz: Rebuilt. + Change the xterm entry in xterm.terminfo (way down at the bottom, where it + says "customization begins here" and that we may need to change the xterm + entry since it is used "for a variety of incompatible terminal emulations") + to drop the use of use=rep+ansi. In addition to causing Konsole breakage, I + have verification that rep= was causing problems with terminals connecting + from OSX. Only the xterm entry has changed. Previously this was an alias for + xterm-new, which has not been altered. Feel free to use xterm-new instead if + it suits your needs better. +l/neon-0.30.1-x86_64-3.txz: Rebuilt. +l/netpbm-10.66.02-x86_64-5.txz: Rebuilt. +l/newt-0.52.20-x86_64-3.txz: Rebuilt. +l/ocl-icd-2.2.12-x86_64-2.txz: Rebuilt. +l/openexr-2.2.0-x86_64-3.txz: Rebuilt. +l/openjpeg-2.3.0-x86_64-2.txz: Rebuilt. +l/opus-1.3_beta-x86_64-2.txz: Rebuilt. +l/opusfile-0.9-x86_64-3.txz: Rebuilt. +l/orc-0.4.28-x86_64-2.txz: Rebuilt. +l/pango-1.42.1-x86_64-2.txz: Rebuilt. +l/pangomm-2.40.1-x86_64-2.txz: Rebuilt. +l/parted-3.2-x86_64-4.txz: Rebuilt. +l/pcre-8.42-x86_64-2.txz: Rebuilt. +l/pcre2-10.31-x86_64-2.txz: Rebuilt. +l/phonon-4.8.3-x86_64-3.txz: Rebuilt. +l/phonon-gstreamer-4.8.2-x86_64-2.txz: Rebuilt. +l/pilot-link-0.12.5-x86_64-13.txz: Rebuilt. +l/polkit-0.113-x86_64-4.txz: Rebuilt. +l/polkit-gnome-0.105-x86_64-2.txz: Rebuilt. +l/polkit-qt-1-0.112.0-x86_64-2.txz: Rebuilt. +l/poppler-0.64.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/poppler-data-0.4.8-noarch-2.txz: Rebuilt. +l/popt-1.16-x86_64-3.txz: Rebuilt. +l/pulseaudio-11.1-x86_64-2.txz: Rebuilt. +l/pycairo-1.16.3-x86_64-2.txz: Rebuilt. +l/pycups-1.9.73-x86_64-4.txz: Rebuilt. +l/pycurl-7.43.0.1-x86_64-2.txz: Rebuilt. +l/pygobject-2.28.7-x86_64-2.txz: Rebuilt. +l/pygobject3-3.28.2-x86_64-2.txz: Rebuilt. +l/pygtk-2.24.0-x86_64-5.txz: Rebuilt. +l/pyparsing-2.2.0-x86_64-2.txz: Rebuilt. +l/python-appdirs-1.4.3-x86_64-2.txz: Rebuilt. +l/python-certifi-2018.1.18-x86_64-2.txz: Rebuilt. +l/python-chardet-3.0.4-x86_64-2.txz: Rebuilt. +l/python-docutils-0.14-x86_64-2.txz: Rebuilt. +l/python-idna-2.6-x86_64-2.txz: Rebuilt. +l/python-notify2-0.3.1-x86_64-2.txz: Rebuilt. +l/python-packaging-16.8-x86_64-2.txz: Rebuilt. +l/python-pillow-5.1.0-x86_64-2.txz: Rebuilt. +l/python-requests-2.18.4-x86_64-2.txz: Rebuilt. +l/python-sane-2.8.3-x86_64-2.txz: Rebuilt. +l/python-six-1.11.0-x86_64-2.txz: Rebuilt. +l/python-urllib3-1.22-x86_64-2.txz: Rebuilt. +l/qca-2.1.3-x86_64-2.txz: Rebuilt. +l/qimageblitz-0.0.6-x86_64-2.txz: Rebuilt. +l/qjson-0.8.1-x86_64-2.txz: Rebuilt. +l/qt-4.8.7-x86_64-9.txz: Rebuilt. +l/qt-gstreamer-1.2.0-x86_64-2.txz: Rebuilt. +l/qtscriptgenerator-0.2.0-x86_64-3.txz: Rebuilt. +l/raptor2-2.0.15-x86_64-5.txz: Rebuilt. +l/rasqal-0.9.33-x86_64-3.txz: Rebuilt. +l/readline-7.0.003-x86_64-2.txz: Rebuilt. +l/redland-1.0.17-x86_64-4.txz: Rebuilt. +l/sbc-1.3-x86_64-2.txz: Rebuilt. +l/sdl-1.2.15-x86_64-7.txz: Rebuilt. +l/seamonkey-solibs-2.49.2-x86_64-2.txz: Rebuilt. +l/serf-1.3.9-x86_64-2.txz: Rebuilt. +l/sg3_utils-1.42-x86_64-2.txz: Rebuilt. +l/shared-desktop-ontologies-0.11.0-x86_64-2.txz: Rebuilt. +l/shared-mime-info-1.9-x86_64-2.txz: Rebuilt. +l/sip-4.19.8-x86_64-2.txz: Rebuilt. +l/slang-2.3.2-x86_64-3.txz: Rebuilt. +l/slang1-1.4.9-x86_64-2.txz: Rebuilt. +l/soprano-2.9.4-x86_64-2.txz: Rebuilt. +l/sound-theme-freedesktop-0.8-noarch-2.txz: Rebuilt. +l/speex-1.2.0-x86_64-2.txz: Rebuilt. +l/speexdsp-1.2rc3-x86_64-2.txz: Rebuilt. +l/startup-notification-0.12-x86_64-3.txz: Rebuilt. +l/strigi-0.7.8-x86_64-4.txz: Rebuilt. +l/svgalib-1.9.25-x86_64-4.txz: Rebuilt. +l/system-config-printer-1.5.11-x86_64-3.txz: Rebuilt. +l/t1lib-5.1.2-x86_64-4.txz: Rebuilt. +l/taglib-1.11.1-x86_64-3.txz: Rebuilt. +l/taglib-extras-1.0.1-x86_64-2.txz: Rebuilt. +l/talloc-2.1.13-x86_64-1.txz: Upgraded. +l/tango-icon-theme-0.8.90-noarch-2.txz: Rebuilt. +l/tango-icon-theme-extras-0.1.0-noarch-2.txz: Rebuilt. +l/tdb-1.3.15-x86_64-2.txz: Rebuilt. +l/tevent-0.9.36-x86_64-2.txz: Rebuilt. +l/urwid-1.0.3-x86_64-3.txz: Rebuilt. +l/utf8proc-2.1.0-x86_64-1.txz: Added. + This library is required by subversion-1.10.0. +l/v4l-utils-1.14.2-x86_64-2.txz: Rebuilt. +l/virtuoso-ose-6.1.8-x86_64-8.txz: Rebuilt. +l/vte-0.52.1-x86_64-2.txz: Rebuilt. +l/wavpack-5.1.0-x86_64-2.txz: Rebuilt. +l/xapian-core-1.4.5-x86_64-2.txz: Rebuilt. +l/zlib-1.2.11-x86_64-2.txz: Rebuilt. +n/ModemManager-1.6.12-x86_64-2.txz: Rebuilt. +n/NetworkManager-1.10.6-x86_64-3.txz: Rebuilt. +n/alpine-2.21-x86_64-2.txz: Rebuilt. +n/autofs-5.1.4-x86_64-2.txz: Rebuilt. +n/biff+comsat-0.17-x86_64-2.txz: Rebuilt. +n/bind-9.11.3-x86_64-2.txz: Rebuilt. +n/bluez-5.49-x86_64-3.txz: Rebuilt. +n/bluez-firmware-1.2-x86_64-2.txz: Rebuilt. +n/bootp-2.4.3-x86_64-3.txz: Rebuilt. +n/bridge-utils-1.5-x86_64-2.txz: Rebuilt. +n/bsd-finger-0.17-x86_64-3.txz: Rebuilt. +n/ca-certificates-20170717-noarch-2.txz: Rebuilt. +n/cifs-utils-6.7-x86_64-2.txz: Rebuilt. +n/conntrack-tools-1.4.4-x86_64-2.txz: Rebuilt. +n/crda-3.18-x86_64-6.txz: Rebuilt. +n/curl-7.59.0-x86_64-3.txz: Rebuilt. +n/cyrus-sasl-2.1.26-x86_64-4.txz: Rebuilt. +n/dhcp-4.4.1-x86_64-2.txz: Rebuilt. +n/dhcpcd-7.0.3-x86_64-2.txz: Rebuilt. +n/dnsmasq-2.79-x86_64-2.txz: Rebuilt. +n/dovecot-2.3.1-x86_64-3.txz: Rebuilt. + Recompiled using --with-lucene. Thanks to kj25vm. +n/ebtables-2.0.10-x86_64-2.txz: Rebuilt. +n/elm-2.5.8-x86_64-5.txz: Rebuilt. +n/epic5-2.0.1-x86_64-4.txz: Rebuilt. + Recompiled against perl-5.26.2. +n/ethtool-4.16-x86_64-1.txz: Upgraded. +n/fetchmail-6.3.26-x86_64-3.txz: Rebuilt. +n/getmail-5.6-x86_64-2.txz: Rebuilt. +n/gnupg-1.4.22-x86_64-2.txz: Rebuilt. +n/gnupg2-2.2.6-x86_64-2.txz: Rebuilt. +n/gnutls-3.6.2-x86_64-2.txz: Rebuilt. +n/gpa-0.9.10-x86_64-2.txz: Rebuilt. +n/gpgme-1.10.0-x86_64-2.txz: Rebuilt. +n/htdig-3.2.0b6-x86_64-5.txz: Rebuilt. +n/httpd-2.4.33-x86_64-3.txz: Rebuilt. +n/icmpinfo-1.11-x86_64-3.txz: Rebuilt. +n/iftop-1.0pre4-x86_64-2.txz: Rebuilt. +n/inetd-1.79s-x86_64-11.txz: Rebuilt. +n/iproute2-4.16.0-x86_64-2.txz: Rebuilt. +n/ipset-6.38-x86_64-1.txz: Upgraded. +n/iptables-1.6.2-x86_64-2.txz: Rebuilt. +n/iptraf-ng-1.1.4-x86_64-3.txz: Rebuilt. +n/iputils-s20140519-x86_64-2.txz: Rebuilt. +n/irssi-1.1.1-x86_64-2.txz: Rebuilt. + Recompiled against perl-5.26.2. +n/iw-4.14-x86_64-2.txz: Rebuilt. +n/lftp-4.8.3-x86_64-2.txz: Rebuilt. +n/libassuan-2.5.1-x86_64-2.txz: Rebuilt. +n/libgcrypt-1.8.2-x86_64-2.txz: Rebuilt. +n/libgpg-error-1.29-x86_64-2.txz: Rebuilt. +n/libksba-1.3.5-x86_64-2.txz: Rebuilt. +n/libmbim-1.16.0-x86_64-2.txz: Rebuilt. +n/libmilter-8.15.2-x86_64-2.txz: Rebuilt. +n/libmnl-1.0.4-x86_64-3.txz: Rebuilt. +n/libndp-1.6-x86_64-2.txz: Rebuilt. +n/libnetfilter_acct-1.0.3-x86_64-2.txz: Rebuilt. +n/libnetfilter_conntrack-1.0.6-x86_64-2.txz: Rebuilt. +n/libnetfilter_cthelper-1.0.0-x86_64-2.txz: Rebuilt. +n/libnetfilter_cttimeout-1.0.0-x86_64-2.txz: Rebuilt. +n/libnetfilter_log-1.0.1-x86_64-2.txz: Rebuilt. +n/libnetfilter_queue-1.0.3-x86_64-2.txz: Rebuilt. +n/libnfnetlink-1.0.1-x86_64-2.txz: Rebuilt. +n/libnftnl-1.0.9-x86_64-2.txz: Rebuilt. +n/libqmi-1.20.0-x86_64-2.txz: Rebuilt. +n/libtirpc-1.0.3-x86_64-2.txz: Rebuilt. +n/links-2.14-x86_64-3.txz: Rebuilt. +n/lynx-2.8.9dev.16-x86_64-1.txz: Upgraded. +n/mailx-12.5-x86_64-3.txz: Rebuilt. +n/mcabber-1.0.5-x86_64-2.txz: Rebuilt. +n/metamail-2.7-x86_64-7.txz: Rebuilt. +n/mobile-broadband-provider-info-20170310-x86_64-2.txz: Rebuilt. +n/mtr-0.92-x86_64-2.txz: Rebuilt. +n/mutt-1.9.5-x86_64-1.txz: Upgraded. +n/nc-1.10-x86_64-2.txz: Rebuilt. +n/ncftp-3.2.6-x86_64-2.txz: Rebuilt. +n/net-snmp-5.7.3-x86_64-7.txz: Rebuilt. + Recompiled against perl-5.26.2. +n/net-tools-20170208_479bb4a-x86_64-2.txz: Rebuilt. +n/netatalk-2.2.3-x86_64-7.txz: Rebuilt. +n/netdate-bsd4-x86_64-2.txz: Rebuilt. +n/netkit-bootparamd-0.17-x86_64-3.txz: Rebuilt. +n/netkit-ftp-0.17-x86_64-4.txz: Rebuilt. +n/netkit-ntalk-0.17-x86_64-5.txz: Rebuilt. +n/netkit-routed-0.17-x86_64-2.txz: Rebuilt. +n/netkit-rsh-0.17-x86_64-2.txz: Rebuilt. +n/netkit-rusers-0.17-x86_64-2.txz: Rebuilt. +n/netkit-rwall-0.17-x86_64-2.txz: Rebuilt. +n/netkit-rwho-0.17-x86_64-3.txz: Rebuilt. +n/netkit-timed-0.17-x86_64-2.txz: Rebuilt. +n/netpipes-4.2-x86_64-2.txz: Rebuilt. +n/nettle-3.4-x86_64-2.txz: Rebuilt. +n/netwatch-1.3.1_2-x86_64-3.txz: Rebuilt. +n/network-scripts-15.0-noarch-7.txz: Rebuilt. +n/netwrite-0.17-x86_64-2.txz: Rebuilt. +n/newspost-2.1.1-x86_64-2.txz: Rebuilt. +n/nfacct-1.0.2-x86_64-2.txz: Rebuilt. +n/nfs-utils-2.3.1-x86_64-2.txz: Rebuilt. +n/nftables-0.8.2-x86_64-2.txz: Rebuilt. +n/nghttp2-1.31.1-x86_64-1.txz: Upgraded. + This update fixes a security issue: + Denial of service due to NULL pointer dereference. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000168 + (* Security fix *) +n/nmap-7.70-x86_64-2.txz: Rebuilt. +n/nn-6.7.3-x86_64-5.txz: Rebuilt. +n/npth-1.5-x86_64-2.txz: Rebuilt. +n/ntp-4.2.8p11-x86_64-2.txz: Rebuilt. + Recompiled against perl-5.26.2. +n/obexftp-0.24.2-x86_64-3.txz: Rebuilt. +n/openldap-client-2.4.46-x86_64-2.txz: Rebuilt. +n/openobex-1.7.2-x86_64-2.txz: Rebuilt. +n/openssh-7.7p1-x86_64-3.txz: Rebuilt. +n/openssl-1.0.2o-x86_64-2.txz: Rebuilt. +n/openvpn-2.4.5-x86_64-2.txz: Rebuilt. +n/p11-kit-0.23.10-x86_64-2.txz: Rebuilt. +n/php-7.2.4-x86_64-2.txz: Rebuilt. +n/pidentd-3.0.19-x86_64-3.txz: Rebuilt. +n/pinentry-1.1.0-x86_64-2.txz: Rebuilt. +n/popa3d-1.0.3-x86_64-2.txz: Rebuilt. +n/postfix-3.3.0-x86_64-3.txz: Rebuilt. +n/ppp-2.4.7-x86_64-2.txz: Rebuilt. +n/procmail-3.22-x86_64-3.txz: Rebuilt. +n/proftpd-1.3.6-x86_64-3.txz: Rebuilt. +n/pssh-2.3.1-x86_64-3.txz: Rebuilt. +n/rdist-6.1.5-x86_64-3.txz: Rebuilt. +n/rp-pppoe-3.12-x86_64-2.txz: Rebuilt. +n/rpcbind-0.2.4-x86_64-4.txz: Rebuilt. +n/rsync-3.1.3-x86_64-2.txz: Rebuilt. +n/samba-4.7.7-x86_64-1.txz: Upgraded. +n/slrn-1.0.2-x86_64-2.txz: Rebuilt. +n/snownews-1.5.12-x86_64-4.txz: Rebuilt. +n/sshfs-2.10-x86_64-2.txz: Rebuilt. +n/stunnel-5.44-x86_64-2.txz: Rebuilt. +n/tcp_wrappers-7.6-x86_64-2.txz: Rebuilt. +n/tcpdump-4.9.2-x86_64-2.txz: Rebuilt. +n/telnet-0.17-x86_64-4.txz: Rebuilt. +n/tftp-hpa-5.2-x86_64-4.txz: Rebuilt. +n/tin-2.4.2-x86_64-3.txz: Rebuilt. +n/traceroute-2.1.0-x86_64-2.txz: Rebuilt. +n/ulogd-2.0.5-x86_64-3.txz: Rebuilt. +n/uucp-1.07-x86_64-2.txz: Rebuilt. +n/vlan-1.9-x86_64-3.txz: Rebuilt. +n/vsftpd-3.0.3-x86_64-4.txz: Rebuilt. +n/wget-1.19.4-x86_64-3.txz: Rebuilt. +n/whois-5.3.0-x86_64-2.txz: Rebuilt. +n/wireless_tools-29-x86_64-12.txz: Rebuilt. +n/wpa_supplicant-2.6-x86_64-4.txz: Rebuilt. +n/yptools-2.14-x86_64-10.txz: Rebuilt. +n/ytalk-3.3.0-x86_64-4.txz: Rebuilt. +n/zd1211-firmware-1.5-fw-2.txz: Rebuilt. +t/fig2dev-3.2.7-x86_64-1.txz: Upgraded. +t/texlive-2017.171108-x86_64-5.txz: Rebuilt. + Recompiled against poppler-0.64.0. +t/xfig-3.2.7-x86_64-1.txz: Upgraded. +tcl/expect-5.45.4-x86_64-2.txz: Rebuilt. +tcl/hfsutils-3.2.6-x86_64-6.txz: Rebuilt. +tcl/tcl-8.6.8-x86_64-3.txz: Rebuilt. +tcl/tclx-8.4.1-x86_64-4.txz: Rebuilt. +tcl/tix-8.4.3-x86_64-4.txz: Rebuilt. +tcl/tk-8.6.8-x86_64-2.txz: Rebuilt. +x/anthy-9100h-x86_64-2.txz: Rebuilt. +x/appres-1.0.5-x86_64-2.txz: Rebuilt. +x/bdftopcf-1.1-x86_64-2.txz: Rebuilt. +x/beforelight-1.0.5-x86_64-3.txz: Rebuilt. +x/bitmap-1.0.8-x86_64-3.txz: Rebuilt. +x/compiz-0.8.8-x86_64-5.txz: Rebuilt. +x/dejavu-fonts-ttf-2.37-noarch-3.txz: Rebuilt. +x/editres-1.0.7-x86_64-2.txz: Rebuilt. +x/encodings-1.0.4-noarch-2.txz: Rebuilt. +x/font-adobe-100dpi-1.0.3-noarch-2.txz: Rebuilt. +x/font-adobe-75dpi-1.0.3-noarch-2.txz: Rebuilt. +x/font-adobe-utopia-100dpi-1.0.4-noarch-2.txz: Rebuilt. +x/font-adobe-utopia-75dpi-1.0.4-noarch-2.txz: Rebuilt. +x/font-adobe-utopia-type1-1.0.4-noarch-2.txz: Rebuilt. +x/font-alias-1.0.3-noarch-2.txz: Rebuilt. +x/font-arabic-misc-1.0.3-noarch-2.txz: Rebuilt. +x/font-bh-100dpi-1.0.3-noarch-2.txz: Rebuilt. +x/font-bh-75dpi-1.0.3-noarch-2.txz: Rebuilt. +x/font-bh-lucidatypewriter-100dpi-1.0.3-noarch-2.txz: Rebuilt. +x/font-bh-lucidatypewriter-75dpi-1.0.3-noarch-2.txz: Rebuilt. +x/font-bh-ttf-1.0.3-noarch-2.txz: Rebuilt. +x/font-bh-type1-1.0.3-noarch-2.txz: Rebuilt. +x/font-bitstream-100dpi-1.0.3-noarch-2.txz: Rebuilt. +x/font-bitstream-75dpi-1.0.3-noarch-2.txz: Rebuilt. +x/font-bitstream-speedo-1.0.2-noarch-2.txz: Rebuilt. +x/font-bitstream-type1-1.0.3-noarch-2.txz: Rebuilt. +x/font-cronyx-cyrillic-1.0.3-noarch-2.txz: Rebuilt. +x/font-cursor-misc-1.0.3-noarch-2.txz: Rebuilt. +x/font-daewoo-misc-1.0.3-noarch-2.txz: Rebuilt. +x/font-dec-misc-1.0.3-noarch-2.txz: Rebuilt. +x/font-ibm-type1-1.0.3-noarch-2.txz: Rebuilt. +x/font-isas-misc-1.0.3-noarch-2.txz: Rebuilt. +x/font-jis-misc-1.0.3-noarch-2.txz: Rebuilt. +x/font-micro-misc-1.0.3-noarch-2.txz: Rebuilt. +x/font-misc-cyrillic-1.0.3-noarch-2.txz: Rebuilt. +x/font-misc-ethiopic-1.0.3-noarch-2.txz: Rebuilt. +x/font-misc-meltho-1.0.3-noarch-2.txz: Rebuilt. +x/font-misc-misc-1.1.2-noarch-2.txz: Rebuilt. +x/font-mutt-misc-1.0.3-noarch-2.txz: Rebuilt. +x/font-schumacher-misc-1.1.2-noarch-2.txz: Rebuilt. +x/font-screen-cyrillic-1.0.4-noarch-2.txz: Rebuilt. +x/font-sony-misc-1.0.3-noarch-2.txz: Rebuilt. +x/font-sun-misc-1.0.3-noarch-2.txz: Rebuilt. +x/font-util-1.3.1-x86_64-3.txz: Rebuilt. +x/font-winitzki-cyrillic-1.0.3-noarch-2.txz: Rebuilt. +x/font-xfree86-type1-1.0.4-noarch-2.txz: Rebuilt. +x/fontconfig-2.12.6-x86_64-2.txz: Rebuilt. +x/fonttosfnt-1.0.4-x86_64-3.txz: Rebuilt. +x/freeglut-3.0.0-x86_64-2.txz: Rebuilt. +x/fslsfonts-1.0.5-x86_64-3.txz: Rebuilt. +x/fstobdf-1.0.6-x86_64-3.txz: Rebuilt. +x/gccmakedep-1.0.3-noarch-2.txz: Rebuilt. +x/glew-2.1.0-x86_64-2.txz: Rebuilt. +x/glu-9.0.0-x86_64-2.txz: Rebuilt. +x/iceauth-1.0.8-x86_64-2.txz: Rebuilt. +x/ico-1.0.5-x86_64-2.txz: Rebuilt. +x/imake-1.0.7-x86_64-3.txz: Rebuilt. +x/intel-gpu-tools-1.22-x86_64-2.txz: Rebuilt. +x/intel-vaapi-driver-2.1.0-x86_64-2.txz: Rebuilt. +x/libFS-1.0.7-x86_64-2.txz: Rebuilt. +x/libICE-1.0.9-x86_64-3.txz: Rebuilt. +x/libSM-1.2.2-x86_64-3.txz: Rebuilt. +x/libX11-1.6.5-x86_64-2.txz: Rebuilt. +x/libXScrnSaver-1.2.2-x86_64-3.txz: Rebuilt. +x/libXau-1.0.8-x86_64-3.txz: Rebuilt. +x/libXaw-1.0.13-x86_64-2.txz: Rebuilt. +x/libXaw3d-1.6.2-x86_64-4.txz: Rebuilt. +x/libXaw3dXft-1.6.2d-x86_64-3.txz: Rebuilt. +x/libXcm-0.5.2-x86_64-3.txz: Rebuilt. +x/libXcomposite-0.4.4-x86_64-3.txz: Rebuilt. +x/libXcursor-1.1.15-x86_64-2.txz: Rebuilt. +x/libXdamage-1.1.4-x86_64-3.txz: Rebuilt. +x/libXdmcp-1.1.2-x86_64-3.txz: Rebuilt. +x/libXevie-1.0.3-x86_64-3.txz: Rebuilt. +x/libXext-1.3.3-x86_64-3.txz: Rebuilt. +x/libXfixes-5.0.3-x86_64-2.txz: Rebuilt. +x/libXfont2-2.0.3-x86_64-2.txz: Rebuilt. +x/libXfontcache-1.0.5-x86_64-3.txz: Rebuilt. +x/libXft-2.3.2-x86_64-4.txz: Rebuilt. +x/libXi-1.7.9-x86_64-2.txz: Rebuilt. +x/libXinerama-1.1.3-x86_64-3.txz: Rebuilt. +x/libXmu-1.1.2-x86_64-3.txz: Rebuilt. +x/libXp-1.0.3-x86_64-3.txz: Rebuilt. +x/libXpm-3.5.12-x86_64-2.txz: Rebuilt. +x/libXpresent-1.0.0-x86_64-2.txz: Rebuilt. +x/libXrandr-1.5.1-x86_64-2.txz: Rebuilt. +x/libXrender-0.9.10-x86_64-2.txz: Rebuilt. +x/libXres-1.2.0-x86_64-2.txz: Rebuilt. +x/libXt-1.1.5-x86_64-2.txz: Rebuilt. +x/libXtst-1.2.3-x86_64-2.txz: Rebuilt. +x/libXv-1.0.11-x86_64-2.txz: Rebuilt. +x/libXvMC-1.0.10-x86_64-2.txz: Rebuilt. +x/libXxf86dga-1.1.4-x86_64-3.txz: Rebuilt. +x/libXxf86misc-1.0.3-x86_64-3.txz: Rebuilt. +x/libXxf86vm-1.1.4-x86_64-3.txz: Rebuilt. +x/libdmx-1.1.3-x86_64-3.txz: Rebuilt. +x/libdrm-2.4.91-x86_64-2.txz: Rebuilt. +x/libepoxy-1.4.3-x86_64-2.txz: Rebuilt. +x/liberation-fonts-ttf-2.00.1-noarch-2.txz: Rebuilt. +x/libevdev-1.5.9-x86_64-2.txz: Rebuilt. +x/libfontenc-1.1.3-x86_64-2.txz: Rebuilt. +x/libhangul-0.1.0-x86_64-2.txz: Rebuilt. +x/libinput-1.10.4-x86_64-2.txz: Rebuilt. +x/libpciaccess-0.14-x86_64-2.txz: Rebuilt. +x/libpthread-stubs-0.4-noarch-2.txz: Rebuilt. +x/libva-2.1.0-x86_64-2.txz: Rebuilt. +x/libva-utils-2.1.0-x86_64-2.txz: Rebuilt. +x/libvdpau-1.1.1-x86_64-2.txz: Rebuilt. +x/libwacom-0.29-x86_64-2.txz: Rebuilt. +x/libxcb-1.13-x86_64-2.txz: Rebuilt. +x/libxkbfile-1.0.9-x86_64-2.txz: Rebuilt. +x/libxshmfence-1.3-x86_64-2.txz: Rebuilt. +x/listres-1.0.4-x86_64-2.txz: Rebuilt. +x/lndir-1.0.3-x86_64-3.txz: Rebuilt. +x/luit-1.1.1-x86_64-3.txz: Rebuilt. +x/m17n-lib-1.8.0-x86_64-2.txz: Rebuilt. +x/makedepend-1.0.5-x86_64-3.txz: Rebuilt. +x/mesa-18.0.1-x86_64-1.txz: Upgraded. +x/mkcomposecache-1.2.1-x86_64-3.txz: Rebuilt. +x/mkfontdir-1.0.7-noarch-2.txz: Rebuilt. +x/mkfontscale-1.1.3-x86_64-2.txz: Rebuilt. +x/motif-2.3.8-x86_64-2.txz: Rebuilt. +x/mtdev-1.1.5-x86_64-2.txz: Rebuilt. +x/oclock-1.0.4-x86_64-2.txz: Rebuilt. +x/pixman-0.34.0-x86_64-2.txz: Rebuilt. +x/rendercheck-1.5-x86_64-2.txz: Rebuilt. +x/rgb-1.0.6-x86_64-3.txz: Rebuilt. +x/sazanami-fonts-ttf-20040629-noarch-2.txz: Rebuilt. +x/scim-1.4.17-x86_64-2.txz: Rebuilt. +x/scim-anthy-1.2.7-x86_64-2.txz: Rebuilt. +x/scim-hangul-0.4.0-x86_64-2.txz: Rebuilt. +x/scim-input-pad-0.1.3.1-x86_64-2.txz: Rebuilt. +x/scim-m17n-0.2.3-x86_64-2.txz: Rebuilt. +x/scim-pinyin-0.5.92-x86_64-2.txz: Rebuilt. +x/scim-tables-0.5.14.1-x86_64-2.txz: Rebuilt. +x/sessreg-1.1.1-x86_64-2.txz: Rebuilt. +x/setxkbmap-1.3.1-x86_64-2.txz: Rebuilt. +x/showfont-1.0.5-x86_64-3.txz: Rebuilt. +x/sinhala_lklug-font-ttf-20060929-noarch-2.txz: Rebuilt. +x/smproxy-1.0.6-x86_64-2.txz: Rebuilt. +x/tibmachuni-font-ttf-1.901b-noarch-2.txz: Rebuilt. +x/transset-1.0.2-x86_64-2.txz: Rebuilt. +x/ttf-indic-fonts-0.5.14-noarch-2.txz: Rebuilt. +x/ttf-tlwg-0.6.4-noarch-2.txz: Rebuilt. +x/twm-1.0.10-x86_64-2.txz: Rebuilt. +x/urw-core35-fonts-otf-20160712_79bcdfb_git-noarch-2.txz: Rebuilt. +x/util-macros-1.19.2-noarch-2.txz: Rebuilt. +x/viewres-1.0.5-x86_64-2.txz: Rebuilt. +x/vulkan-sdk-1.1.70.0-x86_64-2.txz: Rebuilt. +x/wqy-zenhei-font-ttf-0.8.38_1-noarch-5.txz: Rebuilt. +x/x11-skel-7.7-x86_64-2.txz: Rebuilt. +x/x11perf-1.6.0-x86_64-2.txz: Rebuilt. +x/xauth-1.0.10-x86_64-2.txz: Rebuilt. +x/xbacklight-1.2.2-x86_64-2.txz: Rebuilt. +x/xbiff-1.0.3-x86_64-3.txz: Rebuilt. +x/xbitmaps-1.1.2-x86_64-2.txz: Rebuilt. +x/xcalc-1.0.6-x86_64-3.txz: Rebuilt. +x/xcb-proto-1.13-x86_64-2.txz: Rebuilt. +x/xcb-util-0.4.0-x86_64-3.txz: Rebuilt. +x/xcb-util-cursor-0.1.3-x86_64-2.txz: Rebuilt. +x/xcb-util-errors-1.0-x86_64-2.txz: Rebuilt. +x/xcb-util-image-0.4.0-x86_64-3.txz: Rebuilt. +x/xcb-util-keysyms-0.4.0-x86_64-3.txz: Rebuilt. +x/xcb-util-renderutil-0.3.9-x86_64-3.txz: Rebuilt. +x/xcb-util-wm-0.4.1-x86_64-3.txz: Rebuilt. +x/xclipboard-1.1.3-x86_64-3.txz: Rebuilt. +x/xclock-1.0.7-x86_64-3.txz: Rebuilt. +x/xcm-0.5.2-x86_64-3.txz: Rebuilt. +x/xcmsdb-1.0.5-x86_64-2.txz: Rebuilt. +x/xcompmgr-1.1.7-x86_64-2.txz: Rebuilt. +x/xconsole-1.0.7-x86_64-2.txz: Rebuilt. +x/xcursor-themes-1.0.5-noarch-2.txz: Rebuilt. +x/xcursorgen-1.0.6-x86_64-4.txz: Rebuilt. +x/xdbedizzy-1.1.0-x86_64-3.txz: Rebuilt. +x/xdg-user-dirs-0.15-x86_64-2.txz: Rebuilt. +x/xdg-utils-1.1.2-noarch-2.txz: Rebuilt. +x/xditview-1.0.4-x86_64-2.txz: Rebuilt. +x/xdm-1.1.11-x86_64-8.txz: Rebuilt. +x/xdpyinfo-1.3.2-x86_64-2.txz: Rebuilt. +x/xdriinfo-1.0.6-x86_64-2.txz: Rebuilt. +x/xedit-1.2.2-x86_64-3.txz: Rebuilt. +x/xev-1.2.2-x86_64-2.txz: Rebuilt. +x/xeyes-1.1.2-x86_64-2.txz: Rebuilt. +x/xf86-input-acecad-1.5.0-x86_64-11.txz: Rebuilt. +x/xf86-input-evdev-2.10.5-x86_64-2.txz: Rebuilt. +x/xf86-input-joystick-1.6.3-x86_64-2.txz: Rebuilt. +x/xf86-input-keyboard-1.9.0-x86_64-2.txz: Rebuilt. +x/xf86-input-libinput-0.27.1-x86_64-2.txz: Rebuilt. +x/xf86-input-mouse-1.9.2-x86_64-2.txz: Rebuilt. +x/xf86-input-penmount-1.5.0-x86_64-11.txz: Rebuilt. +x/xf86-input-synaptics-1.9.0-x86_64-2.txz: Rebuilt. +x/xf86-input-vmmouse-13.1.0-x86_64-6.txz: Rebuilt. +x/xf86-input-void-1.4.0-x86_64-11.txz: Rebuilt. +x/xf86-input-wacom-0.36.1-x86_64-2.txz: Rebuilt. +x/xf86-video-amdgpu-18.0.1-x86_64-2.txz: Rebuilt. +x/xf86-video-apm-1.2.5-x86_64-10.txz: Rebuilt. +x/xf86-video-ark-0.7.5-x86_64-10.txz: Rebuilt. +x/xf86-video-ast-1.1.5-x86_64-4.txz: Rebuilt. +x/xf86-video-ati-18.0.1-x86_64-2.txz: Rebuilt. +x/xf86-video-chips-1.2.7-x86_64-2.txz: Rebuilt. +x/xf86-video-cirrus-1.5.3-x86_64-4.txz: Rebuilt. +x/xf86-video-dummy-0.3.8-x86_64-2.txz: Rebuilt. +x/xf86-video-glint-1.2.9-x86_64-2.txz: Rebuilt. +x/xf86-video-i128-1.3.6-x86_64-10.txz: Rebuilt. +x/xf86-video-i740-1.3.6-x86_64-2.txz: Rebuilt. +x/xf86-video-intel-git_20180206_aa36399c-x86_64-2.txz: Rebuilt. +x/xf86-video-mach64-6.9.5-x86_64-4.txz: Rebuilt. +x/xf86-video-mga-1.6.5-x86_64-2.txz: Rebuilt. +x/xf86-video-neomagic-1.2.9-x86_64-4.txz: Rebuilt. +x/xf86-video-nouveau-1.0.15-x86_64-2.txz: Rebuilt. +x/xf86-video-nv-2.1.21-x86_64-2.txz: Rebuilt. +x/xf86-video-openchrome-0.6.0-x86_64-2.txz: Rebuilt. +x/xf86-video-r128-6.10.2-x86_64-2.txz: Rebuilt. +x/xf86-video-rendition-4.2.6-x86_64-3.txz: Rebuilt. +x/xf86-video-s3-0.6.5-x86_64-10.txz: Rebuilt. +x/xf86-video-s3virge-1.10.7-x86_64-4.txz: Rebuilt. +x/xf86-video-savage-2.3.9-x86_64-2.txz: Rebuilt. +x/xf86-video-siliconmotion-1.7.9-x86_64-2.txz: Rebuilt. +x/xf86-video-sis-0.10.9-x86_64-2.txz: Rebuilt. +x/xf86-video-sisusb-0.9.7-x86_64-2.txz: Rebuilt. +x/xf86-video-tdfx-1.4.7-x86_64-2.txz: Rebuilt. +x/xf86-video-tga-1.2.2-x86_64-10.txz: Rebuilt. +x/xf86-video-trident-1.3.8-x86_64-2.txz: Rebuilt. +x/xf86-video-tseng-1.2.5-x86_64-10.txz: Rebuilt. +x/xf86-video-v4l-0.2.0-x86_64-15.txz: Rebuilt. +x/xf86-video-vboxvideo-1.0.0-x86_64-2.txz: Rebuilt. +x/xf86-video-vesa-2.4.0-x86_64-2.txz: Rebuilt. +x/xf86-video-vmware-13.2.1-x86_64-6.txz: Rebuilt. +x/xf86-video-voodoo-1.2.5-x86_64-11.txz: Rebuilt. +x/xf86dga-1.0.3-x86_64-3.txz: Rebuilt. +x/xfd-1.1.2-x86_64-3.txz: Rebuilt. +x/xfontsel-1.0.6-x86_64-2.txz: Rebuilt. +x/xfs-1.2.0-x86_64-2.txz: Rebuilt. +x/xfsinfo-1.0.5-x86_64-3.txz: Rebuilt. +x/xgamma-1.0.6-x86_64-2.txz: Rebuilt. +x/xgc-1.0.5-x86_64-2.txz: Rebuilt. +x/xhost-1.0.7-x86_64-2.txz: Rebuilt. +x/xinit-1.4.0-x86_64-2.txz: Rebuilt. +x/xinput-1.6.2-x86_64-2.txz: Rebuilt. +x/xkbcomp-1.4.1-x86_64-2.txz: Rebuilt. +x/xkbevd-1.1.4-x86_64-2.txz: Rebuilt. +x/xkbprint-1.0.4-x86_64-2.txz: Rebuilt. +x/xkbutils-1.0.4-x86_64-3.txz: Rebuilt. +x/xkeyboard-config-2.22-noarch-2.txz: Rebuilt. +x/xkill-1.0.5-x86_64-2.txz: Rebuilt. +x/xload-1.1.3-x86_64-2.txz: Rebuilt. +x/xlogo-1.0.4-x86_64-3.txz: Rebuilt. +x/xlsatoms-1.1.2-x86_64-2.txz: Rebuilt. +x/xlsclients-1.1.4-x86_64-2.txz: Rebuilt. +x/xlsfonts-1.0.6-x86_64-2.txz: Rebuilt. +x/xmag-1.0.6-x86_64-2.txz: Rebuilt. +x/xman-1.1.4-x86_64-3.txz: Rebuilt. +x/xmessage-1.0.5-x86_64-2.txz: Rebuilt. +x/xmh-1.0.3-x86_64-2.txz: Rebuilt. +x/xmodmap-1.0.9-x86_64-2.txz: Rebuilt. +x/xmore-1.0.2-x86_64-3.txz: Rebuilt. +x/xorg-cf-files-1.0.6-x86_64-3.txz: Rebuilt. +x/xorg-docs-1.7.1-noarch-2.txz: Rebuilt. +x/xorg-server-1.19.6-x86_64-3.txz: Rebuilt. +x/xorg-server-xephyr-1.19.6-x86_64-3.txz: Rebuilt. +x/xorg-server-xnest-1.19.6-x86_64-3.txz: Rebuilt. +x/xorg-server-xvfb-1.19.6-x86_64-3.txz: Rebuilt. +x/xorg-sgml-doctools-1.11-x86_64-3.txz: Rebuilt. +x/xorgproto-2018.4-x86_64-3.txz: Rebuilt. +x/xpr-1.0.5-x86_64-2.txz: Rebuilt. +x/xprop-1.2.3-x86_64-2.txz: Rebuilt. +x/xpyb-1.3.1-x86_64-5.txz: Rebuilt. +x/xrandr-1.5.0-x86_64-2.txz: Rebuilt. +x/xrdb-1.1.1-x86_64-2.txz: Rebuilt. +x/xrefresh-1.0.6-x86_64-2.txz: Rebuilt. +x/xscope-1.4.1-x86_64-3.txz: Rebuilt. +x/xset-1.2.4-x86_64-2.txz: Rebuilt. +x/xsetroot-1.1.2-x86_64-2.txz: Rebuilt. +x/xsm-1.0.4-x86_64-2.txz: Rebuilt. +x/xstdcmap-1.0.3-x86_64-3.txz: Rebuilt. +x/xterm-332-x86_64-1.txz: Upgraded. +x/xtrans-1.3.5-noarch-2.txz: Rebuilt. +x/xvidtune-1.0.3-x86_64-3.txz: Rebuilt. +x/xvinfo-1.1.3-x86_64-2.txz: Rebuilt. +x/xwd-1.0.7-x86_64-2.txz: Rebuilt. +x/xwininfo-1.1.4-x86_64-2.txz: Rebuilt. +x/xwud-1.0.5-x86_64-2.txz: Rebuilt. +xap/MPlayer-20180208-x86_64-3.txz: Rebuilt. +xap/audacious-3.9-x86_64-2.txz: Rebuilt. +xap/audacious-plugins-3.9-x86_64-4.txz: Rebuilt. +xap/blackbox-0.70.1-x86_64-8.txz: Rebuilt. +xap/blueman-2.0.5-x86_64-2.txz: Rebuilt. +xap/ddd-3.3.12-x86_64-6.txz: Rebuilt. +xap/easytag-2.4.2-x86_64-2.txz: Rebuilt. +xap/electricsheep-20090306-x86_64-5.txz: Rebuilt. +xap/fluxbox-1.3.7-x86_64-3.txz: Rebuilt. +xap/fvwm-2.6.7-x86_64-4.txz: Rebuilt. +xap/geeqie-1.4-x86_64-2.txz: Rebuilt. +xap/gftp-2.0.19-x86_64-6.txz: Rebuilt. +xap/gimp-2.8.22-x86_64-2.txz: Rebuilt. +xap/gkrellm-2.3.10-x86_64-3.txz: Rebuilt. +xap/gnuchess-6.2.5-x86_64-2.txz: Rebuilt. +xap/gnuplot-5.2.2-x86_64-2.txz: Rebuilt. +xap/gparted-0.31.0-x86_64-2.txz: Rebuilt. +xap/gucharmap-10.0.3-x86_64-2.txz: Rebuilt. +xap/gv-3.7.4-x86_64-2.txz: Rebuilt. +xap/hexchat-2.14.1-x86_64-2.txz: Rebuilt. + Recompiled against perl-5.26.2. +xap/mozilla-firefox-59.0.2-x86_64-2.txz: Rebuilt. +xap/mozilla-thunderbird-52.7.0-x86_64-2.txz: Rebuilt. +xap/network-manager-applet-1.8.10-x86_64-5.txz: Rebuilt. +xap/pan-0.143-x86_64-4.txz: Rebuilt. +xap/pavucontrol-3.0-x86_64-2.txz: Rebuilt. +xap/pidgin-2.13.0-x86_64-2.txz: Rebuilt. +xap/rdesktop-1.8.3-x86_64-2.txz: Rebuilt. +xap/rxvt-unicode-9.22-x86_64-4.txz: Rebuilt. +xap/sane-1.0.27-x86_64-2.txz: Rebuilt. +xap/seamonkey-2.49.2-x86_64-2.txz: Rebuilt. +xap/seyon-2.20c-x86_64-4.txz: Rebuilt. +xap/vim-gvim-8.0.1733-x86_64-1.txz: Upgraded. + Recompiled against perl-5.26.2. +xap/windowmaker-0.95.8-x86_64-2.txz: Rebuilt. +xap/x11-ssh-askpass-1.2.4.1-x86_64-3.txz: Rebuilt. +xap/x3270-3.3.12ga7-x86_64-3.txz: Rebuilt. +xap/xaos-3.6-x86_64-2.txz: Rebuilt. +xap/xfractint-20.04p13-x86_64-2.txz: Rebuilt. +xap/xgames-0.3-x86_64-5.txz: Rebuilt. +xap/xine-lib-1.2.9-x86_64-2.txz: Rebuilt. +xap/xine-ui-0.99.10-x86_64-2.txz: Rebuilt. +xap/xlockmore-5.54-x86_64-3.txz: Rebuilt. +xap/xmms-1.2.11-x86_64-6.txz: Rebuilt. +xap/xpaint-2.10.2-x86_64-2.txz: Rebuilt. +xap/xpdf-4.00-x86_64-3.txz: Rebuilt. +xap/xsane-0.999-x86_64-2.txz: Rebuilt. +xap/xscreensaver-5.39-x86_64-1.txz: Upgraded. +xap/xv-3.10a-x86_64-9.txz: Rebuilt. +xfce/Thunar-1.6.15-x86_64-2.txz: Rebuilt. +xfce/exo-0.12.0-x86_64-2.txz: Rebuilt. +xfce/garcon-0.6.1-x86_64-2.txz: Rebuilt. +xfce/gtk-xfce-engine-2.10.1-x86_64-3.txz: Rebuilt. +xfce/libxfce4ui-4.12.1-x86_64-3.txz: Rebuilt. +xfce/libxfce4util-4.12.1-x86_64-4.txz: Rebuilt. +xfce/orage-4.12.1-x86_64-5.txz: Rebuilt. +xfce/thunar-volman-0.8.1-x86_64-3.txz: Rebuilt. +xfce/tumbler-0.2.1-x86_64-2.txz: Rebuilt. + Recompiled against poppler-0.64.0. +xfce/xfce4-appfinder-4.12.0-x86_64-3.txz: Rebuilt. +xfce/xfce4-clipman-plugin-1.4.2-x86_64-2.txz: Rebuilt. +xfce/xfce4-dev-tools-4.12.0-x86_64-3.txz: Rebuilt. +xfce/xfce4-notifyd-0.4.2-x86_64-2.txz: Rebuilt. +xfce/xfce4-panel-4.12.2-x86_64-2.txz: Rebuilt. +xfce/xfce4-power-manager-1.4.4-x86_64-5.txz: Rebuilt. +xfce/xfce4-pulseaudio-plugin-0.4.0-x86_64-2.txz: Rebuilt. +xfce/xfce4-screenshooter-1.8.2-x86_64-5.txz: Rebuilt. +xfce/xfce4-session-4.12.1-x86_64-3.txz: Rebuilt. +xfce/xfce4-settings-4.12.2-x86_64-2.txz: Rebuilt. +xfce/xfce4-systemload-plugin-1.2.1-x86_64-2.txz: Rebuilt. + Patched to fix tooltips. Thanks to Rod3775. +xfce/xfce4-taskmanager-1.2.0-x86_64-2.txz: Rebuilt. +xfce/xfce4-terminal-0.8.7.3-x86_64-2.txz: Rebuilt. +xfce/xfce4-weather-plugin-0.8.10-x86_64-4.txz: Rebuilt. +xfce/xfconf-4.12.1-x86_64-2.txz: Rebuilt. +xfce/xfdesktop-4.12.4-x86_64-2.txz: Rebuilt. +xfce/xfwm4-4.12.4-x86_64-2.txz: Rebuilt. +y/bsd-games-2.13-x86_64-13.txz: Rebuilt. +extra/aspell-word-lists/aspell-el-0.08_0-x86_64-1.txz: Upgraded. +extra/aspell-word-lists/aspell-hus-0.03_1-x86_64-1.txz: Added. +extra/aspell-word-lists/aspell-kn-0.01_1-x86_64-1.txz: Added. +extra/fltk/fltk-1.3.4_2-x86_64-1.txz: Upgraded. +extra/mplayerplug-in/mplayerplug-in-3.55-x86_64-1.txz: Removed. +extra/tigervnc/tigervnc-1.8.0-x86_64-4.txz: Rebuilt. isolinux/initrd.img: Rebuilt. -kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Wed May 11 05:20:01 UTC 2016 -a/dcron-4.5-x86_64-5.txz: Rebuilt. - Patched bug where cron.update is not picked up while jobs are still running. - Thanks to Jeroen Hendriks. -ap/lxc-2.0.0-x86_64-4.txz: Rebuilt. - Applied "[PATCH] cgfsng: don't require that systemd subsystem be mounted". - Thanks to Johannes Schöpfer. -ap/moc-2.5.1-x86_64-1.txz: Upgraded. -ap/slackpkg-2.82.1-noarch-1.txz: Upgraded. - Updated x86* mirrors lists for Slackware 14.2. -n/openvpn-2.3.11-x86_64-1.txz: Upgraded. -x/mesa-11.2.2-x86_64-1.txz: Upgraded. -xap/imagemagick-6.9.4_1-x86_64-1.txz: Upgraded. - This release addresses several security issues in ImageMagick, including: - Insufficient shell characters filtering allows code execution (CVE-2016-3714) - Server Side Request Forgery (CVE-2016-3718) - File deletion (CVE-2016-3715) - File moving (CVE-2016-3716) - Local file read (CVE-2016-3717) - In addition, the default policy.xml config file has been modified to disable - all of the previously vulnerable coders, and to disable indirect reads. - For more information, see: - https://imagetragick.com - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3714 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3718 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3715 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3716 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3717 - (* Security fix *) -+--------------------------+ -Thu May 5 05:17:19 UTC 2016 -a/kernel-generic-4.4.9-x86_64-1.txz: Upgraded. -a/kernel-huge-4.4.9-x86_64-1.txz: Upgraded. -a/kernel-modules-4.4.9-x86_64-1.txz: Upgraded. -a/sysvinit-scripts-2.0-noarch-31.txz: Rebuilt. - In rc.M, bluetooth must start before NetworkManager (like it did in Slackware - 14.1) in order to enable bluetooth networking. Thanks to James Marca. -ap/lxc-2.0.0-x86_64-3.txz: Rebuilt. - Merged rc.M changes. -d/kernel-headers-4.4.9-x86-1.txz: Upgraded. -k/kernel-source-4.4.9-noarch-1.txz: Upgraded. -n/mutt-1.6.1-x86_64-1.txz: Upgraded. +Thu Apr 12 23:00:51 UTC 2018 +a/aaa_base-14.2-x86_64-3.txz: Rebuilt. + If the system is running -current, append a "+" to /etc/slackware-version. + Identify the system as stable or current in /etc/os-release by setting + VERSION_CODENAME to either stable or current. In PRETTY_NAME, really + spell it out, e.g: PRETTY_NAME="Slackware 14.2 (pre-15.0 -current)" +a/kernel-generic-4.14.34-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.34-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.34-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.34-x86-1.txz: Upgraded. +k/kernel-source-4.14.34-noarch-1.txz: Upgraded. + SND_HDA_INPUT_BEEP n -> y + +SND_HDA_INPUT_BEEP_MODE 0 + Thanks to GazL. +l/cairo-1.15.12-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Wed May 4 19:24:29 UTC 2016 -ap/hplip-3.16.5-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-45.1.1esr-x86_64-1.txz: Upgraded. +Wed Apr 11 20:38:06 UTC 2018 +a/lbzip2-2.5-x86_64-1.txz: Added. +a/pkgtools-15.0-noarch-7.txz: Rebuilt. + explodepkg: support parallel bzip2 (lbzip2). Thanks to ruario. + installpkg: support parallel bzip2 (lbzip2). Thanks to ruario. + makepkg: support parallel bzip2 (lbzip2). Thanks to ruario. + pkgdiff: added tool to compare the file contents of two packages. +ap/sqlite-3.23.1-x86_64-1.txz: Upgraded. +l/libzip-1.5.1-x86_64-1.txz: Upgraded. +l/mozilla-nss-3.36.1-x86_64-1.txz: Upgraded. +n/libgpg-error-1.29-x86_64-1.txz: Upgraded. ++--------------------------+ +Tue Apr 10 23:38:57 UTC 2018 +a/procps-ng-3.3.14-x86_64-1.txz: Upgraded. +ap/htop-2.2.0-x86_64-1.txz: Upgraded. +l/vte-0.52.1-x86_64-1.txz: Upgraded. +n/gnupg2-2.2.6-x86_64-1.txz: Upgraded. +x/xf86-input-libinput-0.27.1-x86_64-1.txz: Upgraded. ++--------------------------+ +Mon Apr 9 23:03:06 UTC 2018 +l/gobject-introspection-1.56.1-x86_64-1.txz: Upgraded. +l/gvfs-1.36.1-x86_64-1.txz: Upgraded. +l/libsoup-2.62.1-x86_64-1.txz: Upgraded. +n/wireless-tools-29-x86_64-10.txz: Removed. +n/wireless_tools-29-x86_64-11.txz: Added. + Renamed package to match upstream tarball name. +x/libinput-1.10.4-x86_64-1.txz: Upgraded. ++--------------------------+ +Sun Apr 8 22:22:25 UTC 2018 +a/kernel-firmware-20180329_8c1e439-noarch-1.txz: Upgraded. +a/kernel-generic-4.14.33-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.33-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.33-x86_64-1.txz: Upgraded. +d/ccache-3.4.2-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.33-x86-1.txz: Upgraded. +k/kernel-source-4.14.33-noarch-1.txz: Upgraded. + FAT_DEFAULT_UTF8 n -> y + Thanks to USUARIONUEVO. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Tue May 3 20:30:53 UTC 2016 -a/openssl-solibs-1.0.2h-x86_64-1.txz: Upgraded. -n/bind-9.10.4-x86_64-1.txz: Upgraded. -n/openssl-1.0.2h-x86_64-1.txz: Upgraded. - This update fixes the following security issues: - Memory corruption in the ASN.1 encoder (CVE-2016-2108) - Padding oracle in AES-NI CBC MAC check (CVE-2016-2107) - EVP_EncodeUpdate overflow (CVE-2016-2105) - EVP_EncryptUpdate overflow (CVE-2016-2106) - ASN.1 BIO excessive memory allocation (CVE-2016-2109) - EBCDIC overread (CVE-2016-2176) - For more information, see: - https://www.openssl.org/news/secadv/20160503.txt - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2107 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2105 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2106 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2109 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2176 - (* Security fix *) -xap/hexchat-2.12.1-x86_64-1.txz: Upgraded. -testing/packages/tmux-2.2-x86_64-1.txz: Added. - For those using a UTF8 locale, I'm adding back the latest tmux in /testing. - Most likely we'll throw the switch on "UTF8 by default" shortly into the - next development cycle, but now isn't the time for it. -+--------------------------+ -Mon May 2 19:42:54 UTC 2016 -ap/tmux-2.1-x86_64-2.txz: Rebuilt. - Reverted to tmux-2.1, because tmux-2.2 has dropped support for non-UTF8 - character sets "since supporting multiple character sets is a pain". - Thanks to Dan Church for the bug report. -d/mercurial-3.8.1-x86_64-1.txz: Upgraded. - This update fixes possible arbitrary code execution when converting Git - repos. Mercurial prior to 3.8 allowed arbitrary code execution when using - the convert extension on Git repos with hostile names. This could affect - automated code conversion services that allow arbitrary repository names. - This is a further side-effect of Git CVE-2015-7545. - Reported and fixed by Blake Burkhart. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3105 - (* Security fix *) -l/icu4c-56.1-x86_64-2.txz: Rebuilt. - Patched pkgdata crash when using "-m". Thanks to Fabio Bas. -l/librsvg-2.40.15-x86_64-2.txz: Rebuilt. - Reverted upstream patch that broke the rsvg-convert scaling functionality. - Thanks to haary. -n/samba-4.4.3-x86_64-1.txz: Upgraded. -xap/imagemagick-6.9.3_9-x86_64-1.txz: Upgraded. -+--------------------------+ -Sat Apr 30 20:28:33 UTC 2016 -a/aaa_elflibs-14.2-x86_64-13.txz: Rebuilt. -a/lvm2-2.02.152-x86_64-1.txz: Upgraded. -ap/gphoto2-2.5.10-x86_64-1.txz: Upgraded. -ap/mariadb-10.0.25-x86_64-1.txz: Upgraded. -ap/vim-7.4.1811-x86_64-1.txz: Upgraded. -d/git-2.8.2-x86_64-1.txz: Upgraded. -d/ruby-2.2.5-x86_64-1.txz: Upgraded. -d/subversion-1.9.4-x86_64-1.txz: Upgraded. - This release fixes two security issues: - CVE-2016-2167: svnserve/sasl may authenticate users using the wrong realm. - CVE-2016-2168: Remotely triggerable DoS vulnerability in mod_authz_svn - during COPY/MOVE authorization check. - For more information, see: - http://subversion.apache.org/security/CVE-2016-2167-advisory.txt - http://subversion.apache.org/security/CVE-2016-2168-advisory.txt - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2167 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2168 - (* Security fix *) -l/libgphoto2-2.5.10-x86_64-1.txz: Upgraded. -n/whois-5.2.12-x86_64-1.txz: Upgraded. -n/yptools-2.14-x86_64-6.txz: Rebuilt. - Don't remove unmerged .new config files. Thanks to christian laubscher. -x/xf86-input-evdev-2.10.2-x86_64-1.txz: Upgraded. -xap/vim-gvim-7.4.1811-x86_64-1.txz: Upgraded. -+--------------------------+ -Sat Apr 30 05:51:33 UTC 2016 -d/perl-5.22.2-x86_64-1.txz: Upgraded. -+--------------------------+ -Fri Apr 29 20:54:01 UTC 2016 -ap/cups-filters-1.8.3-x86_64-2.txz: Rebuilt. - Recompiled against poppler-0.43.0. -kde/calligra-2.9.11-x86_64-3.txz: Rebuilt. - Recompiled against poppler-0.43.0. -l/poppler-0.43.0-x86_64-1.txz: Upgraded. +Sun Apr 8 03:39:55 UTC 2018 +ap/joe-4.6-x86_64-1.txz: Upgraded. +l/gdk-pixbuf2-2.36.12-x86_64-1.txz: Upgraded. +n/bluez-5.49-x86_64-2.txz: Rebuilt. + Patched to fix bluetoothd crashes. Thanks to SeB. ++--------------------------+ +Sat Apr 7 21:00:57 UTC 2018 +a/btrfs-progs-v4.16-x86_64-1.txz: Upgraded. +ap/sysstat-11.6.3-x86_64-1.txz: Upgraded. +kde/kdev-python-1.7.3-x86_64-2.txz: Rebuilt. + Make shared libraries executable. +l/exiv2-0.26-x86_64-2.txz: Rebuilt. + Make shared libraries executable. +l/glib-1.2.10-x86_64-5.txz: Rebuilt. + Make shared libraries executable. +l/glib2-2.56.1-x86_64-1.txz: Upgraded. +l/pango-1.42.1-x86_64-1.txz: Upgraded. +l/slang-2.3.2-x86_64-2.txz: Rebuilt. + Make shared libraries executable. +n/dhcpcd-7.0.3-x86_64-1.txz: Upgraded. +xfce/libxfce4util-4.12.1-x86_64-3.txz: Rebuilt. + Make shared libraries executable. ++--------------------------+ +Fri Apr 6 20:47:43 UTC 2018 +a/patch-2.7.6-x86_64-2.txz: Rebuilt. + Fix arbitrary shell execution possible with obsolete ed format patches. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000156 + (* Security fix *) +d/strace-4.22-x86_64-1.txz: Upgraded. +xfce/Thunar-1.6.15-x86_64-1.txz: Upgraded. ++--------------------------+ +Thu Apr 5 21:21:24 UTC 2018 +a/procps-ng-3.3.13-x86_64-1.txz: Upgraded. +ap/man-db-2.8.3-x86_64-1.txz: Upgraded. +d/git-2.17.0-x86_64-1.txz: Upgraded. +l/python-pillow-5.1.0-x86_64-1.txz: Upgraded. +n/openssh-7.7p1-x86_64-2.txz: Rebuilt. + Restored tcp_wrappers support. Thanks to ecd102 for the patch. ++--------------------------+ +Wed Apr 4 22:07:03 UTC 2018 +l/alsa-lib-1.1.6-x86_64-2.txz: Rebuilt. + Restored missing mixer modules. ++--------------------------+ +Wed Apr 4 21:12:00 UTC 2018 +ap/alsa-utils-1.1.6-x86_64-1.txz: Upgraded. +d/mercurial-4.5.3-x86_64-1.txz: Upgraded. +l/alsa-lib-1.1.6-x86_64-1.txz: Upgraded. +l/alsa-oss-1.1.6-x86_64-1.txz: Upgraded. +l/alsa-plugins-1.1.6-x86_64-1.txz: Upgraded. +l/gvfs-1.36.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Wed Apr 4 00:16:40 UTC 2018 +a/pkgtools-15.0-noarch-6.txz: Rebuilt. + pkgtool: don't use LANG=C. + installpkg: don't use LANG=C, but set LC_ALL=C prior to running dd (where we + need to parse the output) and sort (where we need predictable collation). +ap/cups-filters-1.20.2-x86_64-1.txz: Upgraded. +ap/sqlite-3.23.0-x86_64-1.txz: Upgraded. +l/adwaita-icon-theme-3.28.0-noarch-1.txz: Upgraded. +l/at-spi2-atk-2.26.2-x86_64-1.txz: Upgraded. +l/at-spi2-core-2.28.0-x86_64-1.txz: Upgraded. +l/atk-2.28.1-x86_64-1.txz: Upgraded. +l/gcr-3.28.0-x86_64-1.txz: Upgraded. +l/glib-networking-2.56.0-x86_64-1.txz: Upgraded. +l/glib2-2.56.0-x86_64-1.txz: Upgraded. +l/gnome-keyring-3.28.0.2-x86_64-1.txz: Upgraded. +l/gobject-introspection-1.56.0-x86_64-1.txz: Upgraded. +l/gsettings-desktop-schemas-3.28.0-x86_64-1.txz: Upgraded. +l/gtk+3-3.22.29-x86_64-1.txz: Upgraded. +l/libsecret-0.18.6-x86_64-1.txz: Upgraded. +l/libsoup-2.62.0-x86_64-1.txz: Upgraded. +l/pango-1.42.0-x86_64-1.txz: Upgraded. +l/pygobject3-3.28.2-x86_64-1.txz: Upgraded. +l/vte-0.52.0-x86_64-1.txz: Upgraded. +n/getmail-5.6-x86_64-1.txz: Upgraded. +n/iproute2-4.16.0-x86_64-1.txz: Upgraded. +n/openssh-7.7p1-x86_64-1.txz: Upgraded. + The patch to restore tcp_wrappers no longer works (applies, but breaks + incoming connections), so tcp_wrappers is no longer supported. This support + was dropped by upstream years ago, and there are many better ways to filter + incoming ports since the days when tcp_wrappers was the only choice. + There is very little chance that we will try to add support for tcp_wrappers + again here. Migrate to a better port filtering solution (e.g., iptables or + nftables), or (I suppose) you could try asking for the support to be + reinstated upstream. ;-) +xap/rxvt-unicode-9.22-x86_64-3.txz: Rebuilt. + Don't modify the default terminfo definitions. Thanks to GazL. ++--------------------------+ +Sun Apr 1 21:05:03 UTC 2018 +a/aaa_terminfo-6.1-x86_64-3.txz: Rebuilt. +a/sed-4.5-x86_64-1.txz: Upgraded. +ap/lsof-4.91-x86_64-1.txz: Upgraded. +ap/vim-8.0.1655-x86_64-1.txz: Upgraded. +kde/konsole-4.14.3-x86_64-4.txz: Rebuilt. + Use TERM=konsole. +l/libidn-1.34-x86_64-1.txz: Upgraded. + This update fixes security issues: + Fix integer overflow in combine_hangul() + Fix integer overflow in punycode decoder + Fix NULL pointer dereference in g_utf8_normalize() + Fix NULL pointer dereference in stringprep_ucs4_nfkc_normalize() + (* Security fix *) +l/ncurses-6.1_20180324-x86_64-3.txz: Upgraded. + Use unmodified upstream terminfo definitions rather than break a feature + of the xterm-new definition for the benefit of a program that can't pick + the right TERM= setting. Thanks to GazL. +xap/rxvt-unicode-9.22-x86_64-2.txz: Rebuilt. + In the urxvt terminfo definitions, set kbs=^H. +xap/vim-gvim-8.0.1655-x86_64-1.txz: Upgraded. +extra/brltty/brltty-5.6-x86_64-1.txz: Upgraded. ++--------------------------+ +Sun Apr 1 02:53:26 UTC 2018 +a/aaa_terminfo-6.1-x86_64-2.txz: Rebuilt. +a/kernel-firmware-20180330_a3be6d4-noarch-1.txz: Upgraded. +a/kernel-generic-4.14.32-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.32-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.32-x86_64-1.txz: Upgraded. +ap/cups-filters-1.20.1-x86_64-3.txz: Rebuilt. + Recompiled against poppler-0.63.0. +ap/sqlite-3.22.0-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-61.1. +d/kernel-headers-4.14.32-x86-1.txz: Upgraded. +d/rust-1.25.0-x86_64-1.txz: Upgraded. +d/subversion-1.9.7-x86_64-4.txz: Rebuilt. + Recompiled against icu4c-61.1. +k/kernel-source-4.14.32-noarch-1.txz: Upgraded. +kde/calligra-2.9.11-x86_64-19.txz: Rebuilt. + Recompiled against icu4c-61.1 and poppler-0.63.0. +l/apr-util-1.6.1-x86_64-5.txz: Rebuilt. + Recompiled against icu4c-61.1. +l/boost-1.66.0-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-61.1. +l/gvfs-1.34.2.1-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-61.1. +l/harfbuzz-1.7.6-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-61.1. +l/icu4c-61.1-x86_64-1.txz: Upgraded. Shared library .so-version bump. -n/ntp-4.2.8p7-x86_64-1.txz: Upgraded. - This release patches several low and medium severity security issues: - CVE-2016-1551: Refclock impersonation vulnerability, AKA: refclock-peering - CVE-2016-1549: Sybil vulnerability: ephemeral association attack, - AKA: ntp-sybil - MITIGATION ONLY - CVE-2016-2516: Duplicate IPs on unconfig directives will cause an assertion - botch - CVE-2016-2517: Remote configuration trustedkey/requestkey values are not - properly validated - CVE-2016-2518: Crafted addpeer with hmode > 7 causes array wraparound with - MATCH_ASSOC - CVE-2016-2519: ctl_getitem() return value not always checked - CVE-2016-1547: Validate crypto-NAKs, AKA: nak-dos - CVE-2016-1548: Interleave-pivot - MITIGATION ONLY - CVE-2015-7704: KoD fix: peer associations were broken by the fix for - NtpBug2901, AKA: Symmetric active/passive mode is broken - CVE-2015-8138: Zero Origin Timestamp Bypass, AKA: Additional KoD Checks - CVE-2016-1550: Improve NTP security against buffer comparison timing attacks, - authdecrypt-timing, AKA: authdecrypt-timing - For more information, see: - http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8138 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1547 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1548 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1549 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1550 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1551 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2516 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2517 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2518 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2519 - (* Security fix *) -n/php-5.6.21-x86_64-1.txz: Upgraded. - This release fixes bugs and security issues. +l/libgpod-0.8.3-x86_64-4.txz: Rebuilt. + Recompiled against icu4c-61.1. +l/libical-3.0.1-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-61.1. +l/libvisio-0.1.6-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-61.1. +l/ncurses-6.1_20180324-x86_64-2.txz: Rebuilt. + Removed "rep=%p1%c\E[%p2%{1}%-%db," from the xterm-new definition. It was not + present in the xterm-new definition shipped in Slackware 14.2 and is causing + problems with dialog. +l/poppler-0.63.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/raptor2-2.0.15-x86_64-4.txz: Rebuilt. + Recompiled against icu4c-61.1. +n/NetworkManager-1.10.6-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-61.1. +n/dovecot-2.3.1-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-61.1. +n/httpd-2.4.33-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-61.1. +n/php-7.2.4-x86_64-1.txz: Upgraded. + This update fixes a security issue where sensitive data belonging to other + accounts might be accessed by a local user. + For more information, see: + http://bugs.php.net/75605 + (* Security fix *) + Compiled against icu4c-61.1. +n/postfix-3.3.0-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-61.1. +n/tin-2.4.2-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-61.1. +t/texlive-2017.171108-x86_64-4.txz: Rebuilt. + Recompiled against icu4c-61.1. +xap/network-manager-applet-1.8.10-x86_64-4.txz: Rebuilt. + Recompiled against icu4c-61.1. +xap/rxvt-2.7.10-x86_64-5.txz: Removed. +xap/rxvt-unicode-9.22-x86_64-1.txz: Added. + Thanks to MadMaverick9 for the utempter support patch. +xfce/tumbler-0.2.1-x86_64-1.txz: Upgraded. + Compiled against poppler-0.63.0. +xfce/xfce4-screenshooter-1.8.2-x86_64-4.txz: Rebuilt. + Recompiled against icu4c-61.1. +xfce/xfce4-weather-plugin-0.8.10-x86_64-3.txz: Rebuilt. + Recompiled against icu4c-61.1. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ +Thu Mar 29 20:48:28 UTC 2018 +a/bash-4.4.019-x86_64-2.txz: Rebuilt. + Fixed builtins.1 and rbash.1 manpages to work properly with strict + implementations (such as mandoc). Thanks to orbea. +ap/cups-2.2.7-x86_64-1.txz: Upgraded. +ap/mariadb-10.2.14-x86_64-1.txz: Upgraded. +ap/nano-2.9.5-x86_64-1.txz: Upgraded. +d/cmake-3.11.0-x86_64-1.txz: Upgraded. +d/flex-2.6.4-x86_64-2.txz: Rebuilt. + Fix flex compiled with recent glibc. Thanks to nobodino. +d/python-pip-9.0.3-x86_64-1.txz: Upgraded. +d/python3-3.6.5-x86_64-1.txz: Upgraded. + Refactored difflib and poplib to fix potential DoS vectors. + Thanks to Jamie Davis for the patch. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061 + (* Security fix *) +d/ruby-2.5.1-x86_64-1.txz: Upgraded. + This release includes some bug fixes and some security fixes: + HTTP response splitting in WEBrick. + Unintentional file and directory creation with directory traversal in + tempfile and tmpdir. + DoS by large request in WEBrick. + Buffer under-read in String#unpack. + Unintentional socket creation by poisoned NUL byte in UNIXServer + and UNIXSocket. + Unintentional directory traversal by poisoned NUL byte in Dir. + Multiple vulnerabilities in RubyGems. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780 + (* Security fix *) +d/subversion-1.9.7-x86_64-3.txz: Rebuilt. + Recompiled for ruby-2.5.1. +kde/korundum-4.14.3-x86_64-5.txz: Rebuilt. + Recompiled for ruby-2.5.1. +kde/qtruby-4.14.3-x86_64-7.txz: Rebuilt. + Recompiled for ruby-2.5.1. +l/apr-util-1.6.1-x86_64-4.txz: Rebuilt. + Merged upstream patch to fix httpd build. +n/dhcpcd-7.0.2-x86_64-1.txz: Upgraded. +n/dovecot-2.3.1-x86_64-1.txz: Upgraded. +n/epic5-2.0.1-x86_64-3.txz: Rebuilt. + Recompiled for ruby-2.5.1. +x/mesa-18.0.0-x86_64-1.txz: Upgraded. +xfce/xfce4-terminal-0.8.7.3-x86_64-1.txz: Upgraded. ++--------------------------+ +Thu Mar 29 01:02:50 UTC 2018 +a/etc-15.0-x86_64-3.txz: Rebuilt. + When adding an sddm user, use $HOME = /var/lib/sddm. + Make sure the sddm user is a member of the video group. +a/kernel-generic-4.14.31-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.31-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.31-x86_64-1.txz: Upgraded. +a/openssl-solibs-1.0.2o-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.31-x86-1.txz: Upgraded. +k/kernel-source-4.14.31-noarch-1.txz: Upgraded. +n/openssl-1.0.2o-x86_64-1.txz: Upgraded. + This update fixes a security issue: + Constructed ASN.1 types with a recursive definition could exceed the stack. For more information, see: - http://php.net/ChangeLog-5.php#5.6.21 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3074 - (* Security fix *) -x/libdrm-2.4.68-x86_64-1.txz: Upgraded. -xfce/tumbler-0.1.31-x86_64-6.txz: Rebuilt. - Recompiled against poppler-0.43.0. -+--------------------------+ -Wed Apr 27 21:16:37 UTC 2016 -n/yptools-2.14-x86_64-5.txz: Rebuilt. - Use /usr/lib$LIBDIRSUFFIX/yp in /var/yp/Makefile.new. Thanks to alex14641. -xap/mozilla-firefox-45.1.0esr-x86_64-2.txz: Rebuilt. - Fixed $RELEASEVER to avoid installing extra files and placing a few files in - the wrong location. Thanks to Mikhail Zotov. -xfce/xfce4-settings-4.12.0-x86_64-3.txz: Rebuilt. - Patched a bug that may prevent a display from waking up from standby mode - when running a 4.4.x (or newer) kernel. Thanks to Matthias Schuster. -+--------------------------+ -Wed Apr 27 04:20:57 UTC 2016 -xap/mozilla-firefox-45.1.0esr-x86_64-1.txz: Upgraded. + https://www.openssl.org/news/secadv/20180327.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0739 + (* Security fix *) +extra/recordmydesktop/recordmydesktop-0.3.8.1-x86_64-4.txz: Rebuilt. + Applied bitrate patches from Arch. Thanks to USUARIONUEVO. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ +Mon Mar 26 22:06:38 UTC 2018 +a/aaa_terminfo-6.1-x86_64-1.txz: Upgraded. +a/etc-15.0-x86_64-2.txz: Rebuilt. + Don't include /etc/termcap-* files here. They aren't needed by anything + shipped with Slackware, and shouldn't be needed by much of anything at all. + But we'll ship a full /etc/termcap with the ncurses package just in case. +a/hdparm-9.56-x86_64-1.txz: Upgraded. +l/apr-util-1.6.1-x86_64-3.txz: Rebuilt. + Recompiled using --with-mysql=/usr option. +l/libusb-1.0.22-x86_64-1.txz: Upgraded. +l/ncurses-6.1_20180324-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-59.0.2-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html - (* Security fix *) -+--------------------------+ -Tue Apr 26 05:16:02 UTC 2016 -ap/lxc-2.0.0-x86_64-2.txz: Rebuilt. - rc.lxc: Stop containers with lxc-stop rather than having lxc-attach call - /sbin/halt. Thanks to linuxxer and Matteo Bernardini. -xfce/xfce4-weather-plugin-0.8.7-x86_64-1.txz: Upgraded. -+--------------------------+ -Sun Apr 24 03:44:25 UTC 2016 -a/grep-2.25-x86_64-1.txz: Upgraded. -a/kernel-generic-4.4.8-x86_64-1.txz: Upgraded. -a/kernel-huge-4.4.8-x86_64-1.txz: Upgraded. - Needed to be built into the huge kernel since virtio is. Thanks to Cal Peake. - NET_9P m -> y - NET_9P_VIRTIO m -> y -a/kernel-modules-4.4.8-x86_64-1.txz: Upgraded. -a/lilo-24.2-x86_64-2.txz: Rebuilt. - Patched usable memory bug. Thanks to Sl4ck3ver. -ap/lxc-2.0.0-x86_64-1.txz: Upgraded. -ap/sqlite-3.12.2-x86_64-1.txz: Upgraded. -d/kernel-headers-4.4.8-x86-1.txz: Upgraded. -k/kernel-source-4.4.8-noarch-1.txz: Upgraded. -n/NetworkManager-1.2.0-x86_64-1.txz: Upgraded. - Thanks to Robby Workman. -n/ca-certificates-20160104-noarch-1.txz: Upgraded. - Thanks to Cal Peake for fixing a build script typo that created duplicate - certificates with each successive build. -n/gnupg2-2.0.30-x86_64-1.txz: Upgraded. -x/motif-2.3.5-x86_64-1.txz: Upgraded. -xap/network-manager-applet-1.2.0-x86_64-1.txz: Upgraded. + https://www.mozilla.org/en-US/security/advisories/mfsa2018-10/ + https://www.mozilla.org/security/known-vulnerabilities/firefox.html + (* Security fix *) ++--------------------------+ +Mon Mar 26 03:28:26 UTC 2018 +a/e2fsprogs-1.44.1-x86_64-1.txz: Upgraded. +a/kbd-1.15.3-x86_64-3.txz: Rebuilt. + setconsolefont: generate font list on the fly. Thanks to David Woodhouse. +a/kernel-generic-4.14.30-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.30-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.30-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.30-x86-1.txz: Upgraded. +k/kernel-source-4.14.30-noarch-1.txz: Upgraded. +l/imagemagick-6.9.9_40-x86_64-1.txz: Upgraded. +l/libdvdread-6.0.0-x86_64-2.txz: Rebuilt. + Fixed misplaced files under /usr/share/doc. +l/libmtp-1.1.15-x86_64-1.txz: Upgraded. +l/liboggz-1.1.1-x86_64-2.txz: Rebuilt. + Removed spurious /usr/share/doc directory. +l/librsvg-2.42.3-x86_64-2.txz: Rebuilt. + Fixed misplaced files under /usr/share/doc. +xfce/xfce4-pulseaudio-plugin-0.4.0-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. - Patched busybox umask bug. Thanks to Goran "CHUPCKO" Lazic. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. - Patched busybox umask bug. Thanks to Goran "CHUPCKO" Lazic. -+--------------------------+ -Tue Apr 19 18:59:10 UTC 2016 -x/xf86-video-intel-git_20160418_562ae1f-x86_64-1.txz: Upgraded. - Bumped to latest git, dropped glamor fallback patch. -+--------------------------+ -Mon Apr 18 22:21:58 UTC 2016 -a/coreutils-8.25-x86_64-2.txz: Rebuilt. - Reverted new default ls quoting. -a/glibc-zoneinfo-2016d-noarch-1.txz: Upgraded. -ap/vim-7.4.1752-x86_64-1.txz: Upgraded. -d/cmake-3.5.2-x86_64-1.txz: Upgraded. -d/perl-5.22.1-x86_64-2.txz: Rebuilt. - Patched security issue "loss of taint in canonpath()". Thanks to ttk. - Patched to recognize gcc 5.x to allow using -D_FORTIFY_SOURCE=2. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8607 - (* Security fix *) -n/bluez-5.39-x86_64-2.txz: Rebuilt. - In rc.bluetooth, don't attempt to start/stop rfcomm. Thanks to e5150. -n/libgcrypt-1.7.0-x86_64-1.txz: Upgraded. -x/mesa-11.2.1-x86_64-1.txz: Upgraded. -x/xf86-video-intel-git_20160417_81029be-x86_64-1.txz: Upgraded. - Removed --with-default-dri=2 --with-default-accel=uxa options - Added patch for modesetting + glamor fallback on gen9+. - Hopefully the latest git, these option changes, and fallback patch will solve - the issues reported on LQ. Please test! -xap/imagemagick-6.9.3_8-x86_64-1.txz: Upgraded. -xap/vim-gvim-7.4.1752-x86_64-1.txz: Upgraded. -+--------------------------+ -Fri Apr 15 20:37:37 UTC 2016 -Finally got some fixes we were waiting for in this new kernel. -It's been almost a month since 14.2rc1 so we'll call this Slackware -14.2 release candidate 2. Almost there. Get in any last-minute -bug reports quickly. :-) -a/kernel-generic-4.4.7-x86_64-1.txz: Upgraded. -a/kernel-huge-4.4.7-x86_64-1.txz: Upgraded. - BLK_DEV_NVME m -> y -a/kernel-modules-4.4.7-x86_64-1.txz: Upgraded. -d/kernel-headers-4.4.7-x86-1.txz: Upgraded. -k/kernel-source-4.4.7-noarch-1.txz: Upgraded. -l/alsa-lib-1.1.1-x86_64-2.txz: Rebuilt. - Applied upstream patch to fix error EBADFD. Thanks to e5150. -l/glibmm-2.46.4-x86_64-1.txz: Upgraded. -l/gst-plugins-base-1.6.4-x86_64-1.txz: Upgraded. -l/gst-plugins-good-1.6.4-x86_64-1.txz: Upgraded. -l/gstreamer-1.6.4-x86_64-1.txz: Upgraded. -l/gtkmm3-3.18.1-x86_64-1.txz: Upgraded. -l/qca-2.1.1-x86_64-2.txz: Rebuilt. - Install crypto.prf in the correct directory. Thanks to David Spencer. -n/gnutls-3.4.11-x86_64-1.txz: Upgraded. -n/nfs-utils-1.3.3-x86_64-2.txz: Rebuilt. - Fix nfsd startup on kernels without IPv6 support. Thanks to Mario Preksavec. -n/samba-4.4.2-x86_64-1.txz: Upgraded. - This update fixes the security issues known as "badlock" (or "sadlock"), - which may allow man-in-the-middle or denial-of-service attacks: - CVE-2015-5370 (Multiple errors in DCE-RPC code) - CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP) - CVE-2016-2111 (NETLOGON Spoofing Vulnerability) - CVE-2016-2112 (LDAP client and server don't enforce integrity) - CVE-2016-2113 (Missing TLS certificate validation) - CVE-2016-2114 ("server signing = mandatory" not enforced) - CVE-2016-2115 (SMB IPC traffic is not integrity protected) - CVE-2016-2118 (SAMR and LSA man in the middle attacks possible) - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118 - (* Security fix *) -x/xf86-video-intel-git_20160224_d167280-x86_64-1.txz: Upgraded. - So far, this version seems to be the most stable of the ones tested. - Thanks to Andrzej Telszewski. -x/xf86-video-openchrome-0.4.0-x86_64-1.txz: Upgraded. -x/xorg-server-1.18.3-x86_64-2.txz: Rebuilt. - Applied a patch from https://bugs.freedesktop.org/show_bug.cgi?id=49950 - to fix applying keyboard layout settings when using a keyboard/mouse combo - device such as a Logitech wireless keyboard with the unifying receiver. - Thanks to Jean-Philippe Guillemin. -x/xorg-server-xephyr-1.18.3-x86_64-2.txz: Rebuilt. -x/xorg-server-xnest-1.18.3-x86_64-2.txz: Rebuilt. -x/xorg-server-xvfb-1.18.3-x86_64-2.txz: Rebuilt. -xap/geeqie-1.2.3-x86_64-1.txz: Upgraded. -xap/mozilla-thunderbird-45.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Sat Mar 24 19:47:01 UTC 2018 +a/sysvinit-scripts-2.1-noarch-8.txz: Rebuilt. + rc.M: Set default hostname using FQDN. Thanks to Andrzej Telszewski. +l/jansson-2.11-x86_64-1.txz: Added. +n/curl-7.59.0-x86_64-2.txz: Rebuilt. + Recompiled to pick up HTTP/2 support from libnghttp2. +n/httpd-2.4.33-x86_64-1.txz: Upgraded. + Added HTTP/2 support (requires jansson and nghttp2). +n/nghttp2-1.31.0-x86_64-1.txz: Added. ++--------------------------+ +Fri Mar 23 22:28:20 UTC 2018 +a/glibc-zoneinfo-2018d-noarch-1.txz: Upgraded. +d/git-2.16.3-x86_64-1.txz: Upgraded. +n/openldap-client-2.4.46-x86_64-1.txz: Upgraded. +x/libwacom-0.29-x86_64-1.txz: Upgraded. +x/xf86-input-wacom-0.36.1-x86_64-1.txz: Upgraded. +xap/mozilla-thunderbird-52.7.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html - (* Security fix *) + https://www.mozilla.org/en-US/thunderbird/52.7.0/releasenotes/ + (* Security fix *) ++--------------------------+ +Thu Mar 22 07:12:40 UTC 2018 +a/kernel-firmware-20180319_44476f2-noarch-1.txz: Upgraded. +a/kernel-generic-4.14.29-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.29-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.29-x86_64-1.txz: Upgraded. +a/util-linux-2.32-x86_64-1.txz: Upgraded. +ap/ghostscript-9.23-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.29-x86-1.txz: Upgraded. +d/meson-0.45.1-x86_64-1.txz: Upgraded. +k/kernel-source-4.14.29-noarch-1.txz: Upgraded. +l/pcre-8.42-x86_64-1.txz: Upgraded. +x/mesa-17.3.7-x86_64-1.txz: Upgraded. +x/vulkan-sdk-1.1.70.0-x86_64-1.txz: Upgraded. + Thanks to dugan for help updating the build script. +x/xf86-input-libinput-0.27.0-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Tue Apr 12 05:37:20 UTC 2016 -a/aaa_elflibs-14.2-x86_64-12.txz: Rebuilt. - Added libtdb.so.1.3.8. -a/lvm2-2.02.150-x86_64-1.txz: Upgraded. -ap/sqlite-3.12.1-x86_64-1.txz: Upgraded. -ap/tmux-2.2-x86_64-1.txz: Upgraded. -l/QScintilla-2.9.1-x86_64-1.txz: Upgraded. -l/harfbuzz-1.2.6-x86_64-1.txz: Upgraded. -l/libpng-1.6.21-x86_64-1.txz: Upgraded. -l/libtasn1-4.8-x86_64-1.txz: Upgraded. -l/sip-4.17-x86_64-1.txz: Upgraded. -n/epic5-2.0-x86_64-1.txz: Upgraded. -n/httpd-2.4.20-x86_64-1.txz: Upgraded. -n/nmap-7.12-x86_64-1.txz: Upgraded. -n/proftpd-1.3.5b-x86_64-1.txz: Upgraded. - Compiled with --enable-dso. Thanks to David M. Syzdek. - Compiled with --enable-nls. Thanks to Olek. -n/samba-4.4.0-x86_64-1.txz: Upgraded. - This will probably be a very short-lived package, but it would be good to - hear about any bugs before 4.4.1 is packaged (probably tomorrow). -n/vsftpd-3.0.3-x86_64-2.txz: Rebuilt. - In /etc/vsftpd.conf.new, set seccomp_sandbox=NO to work around bugs. -x/xf86-video-amdgpu-1.1.0-x86_64-1.txz: Upgraded. -x/xf86-video-ati-7.7.0-x86_64-1.txz: Upgraded. -x/xf86-video-intel-git_20160411_a7526ea-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-45.0.2-x86_64-1.txz: Upgraded. -+--------------------------+ -Wed Apr 6 05:07:44 UTC 2016 -d/git-2.8.1-x86_64-1.txz: Upgraded. -d/nasm-2.12.01-x86_64-1.txz: Upgraded. -d/strace-4.11-x86_64-1.txz: Upgraded. -d/subversion-1.9.3-x86_64-1.txz: Upgraded. - Subversion servers and clients are vulnerable to remotely triggerable - heap-based buffer overflows and out-of-bounds reads that may allow remote - attackers to cause a denial of service or possibly execute arbitrary code - under the context of the targeted process. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5259 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5343 - (* Security fix *) -l/harfbuzz-1.2.5-x86_64-1.txz: Upgraded. -l/librsvg-2.40.15-x86_64-1.txz: Upgraded. -n/bluez-5.39-x86_64-1.txz: Upgraded. -x/mesa-11.2.0-x86_64-1.txz: Upgraded. -x/xf86-video-intel-git_20160405_afddc9f-x86_64-1.txz: Upgraded. -x/xorg-server-1.18.3-x86_64-1.txz: Upgraded. -x/xorg-server-xephyr-1.18.3-x86_64-1.txz: Upgraded. -x/xorg-server-xnest-1.18.3-x86_64-1.txz: Upgraded. -x/xorg-server-xvfb-1.18.3-x86_64-1.txz: Upgraded. -x/xterm-324-x86_64-1.txz: Upgraded. -extra/tigervnc/tigervnc-1.6.0-x86_64-3.txz: Rebuilt. - Rebuilt for xorg-server-1.18.3. -+--------------------------+ -Mon Apr 4 19:54:22 UTC 2016 -a/lvm2-2.02.149-x86_64-1.txz: Upgraded. -ap/sqlite-3.12.0-x86_64-1.txz: Upgraded. -d/make-4.1-x86_64-2.txz: Rebuilt. - Applied patch: Handle NULL returns from ttyname(). Thanks to e5150. -l/iso-codes-3.67-noarch-1.txz: Upgraded. -n/NetworkManager-1.0.12-x86_64-1.txz: Upgraded. -n/bluez-5.38-x86_64-3.txz: Rebuilt. - Added another patch from upstream git. Thanks to gmgf. -n/mutt-1.6.0-x86_64-1.txz: Upgraded. -x/inputproto-2.3.2-noarch-1.txz: Upgraded. -xap/mozilla-thunderbird-38.7.2-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html - (* Security fix *) +Tue Mar 20 22:52:16 UTC 2018 +l/gst-plugins-base-1.14.0-x86_64-1.txz: Upgraded. +l/gst-plugins-good-1.14.0-x86_64-1.txz: Upgraded. +l/gst-plugins-libav-1.14.0-x86_64-1.txz: Upgraded. +l/gstreamer-1.14.0-x86_64-1.txz: Upgraded. +n/nmap-7.70-x86_64-1.txz: Upgraded. +x/fontconfig-2.12.6-x86_64-1.txz: Upgraded. + Reverted to previous version. There are problem reports with the latest + version, and I see no upside to staying on the bleeding edge right now. ++--------------------------+ +Mon Mar 19 19:03:32 UTC 2018 +a/kernel-generic-4.14.28-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.28-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.28-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.28-x86-1.txz: Upgraded. +k/kernel-source-4.14.28-noarch-1.txz: Upgraded. +xap/gparted-0.31.0-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Fri Apr 1 21:17:37 UTC 2016 -a/elilo-3.16-x86_64-2.txz: Rebuilt. - eliloconfig: strip alphabetic characters from $EFI_PARTITION. - Rebuilt /boot/elilo-x86_64.efi against gnu-efi-3.0.4. -a/kernel-firmware-20160401git-noarch-1.txz: Upgraded. -ap/alsa-utils-1.1.1-x86_64-1.txz: Upgraded. - Don't run rc.alsa by default. -ap/at-3.1.19-x86_64-1.txz: Upgraded. -d/mercurial-3.7.3-x86_64-1.txz: Upgraded. - This update fixes security issues and bugs, including remote code execution - in binary delta decoding, arbitrary code execution with Git subrepos, and - arbitrary code execution when converting Git repos. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3630 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3068 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3069 - (* Security fix *) -f/linux-howtos-20160401-noarch-1.txz: Upgraded. -l/alsa-lib-1.1.1-x86_64-1.txz: Upgraded. -l/alsa-plugins-1.1.1-x86_64-1.txz: Upgraded. -l/gnu-efi-3.0.4-x86_64-1.txz: Upgraded. -l/newt-0.52.19-x86_64-1.txz: Upgraded. -n/ModemManager-1.4.14-x86_64-1.txz: Upgraded. -n/dhcp-4.3.4-x86_64-1.txz: Upgraded. - This update fixes bugs and (previously patched) security issues. -n/php-5.6.20-x86_64-1.txz: Upgraded. - This release fixes bugs and security issues. +Sun Mar 18 21:42:00 UTC 2018 +d/Cython-0.28.1-x86_64-1.txz: Upgraded. +d/python-setuptools-39.0.1-x86_64-1.txz: Upgraded. +n/dnsmasq-2.79-x86_64-1.txz: Upgraded. ++--------------------------+ +Sun Mar 18 00:55:39 UTC 2018 +a/sysvinit-scripts-2.1-noarch-7.txz: Rebuilt. + rc.M: start consolekit before Bluetooth and NetworkManager. Thanks to allend. +d/python-setuptools-39.0.0-x86_64-1.txz: Upgraded. +l/libvorbis-1.3.6-x86_64-1.txz: Upgraded. + This release fixes security issues. For more information, see: - http://php.net/ChangeLog-5.php#5.6.20 - (* Security fix *) -xap/audacious-3.7.2-x86_64-1.txz: Upgraded. -xap/audacious-plugins-3.7.2-x86_64-1.txz: Upgraded. -+--------------------------+ -Tue Mar 29 07:43:02 UTC 2016 -d/git-2.8.0-x86_64-1.txz: Upgraded. -n/iptables-1.6.0-x86_64-2.txz: Rebuilt. - Moved /usr/etc/ethertypes to /etc/ethertypes. Thanks to e5150. -usb-and-pxe-installers/usbimg2disk.sh: Patched. - Exclude any dangling symlinks when copying files. Thanks to gsl. - Add new option -e (or --errors) to abort on any errors. -+--------------------------+ -Sun Mar 27 19:39:10 UTC 2016 -a/dbus-1.10.8-x86_64-1.txz: Upgraded. -a/grub-2.00-x86_64-4.txz: Rebuilt. - Include support for 32-bit EFI. Thanks to Eric Hameleers. -a/lvm2-2.02.148-x86_64-1.txz: Upgraded. -ap/hplip-3.16.3-x86_64-1.txz: Upgraded. -l/dbus-python-1.2.4-x86_64-1.txz: Upgraded. -extra/brltty/brltty-5.3.1-x86_64-2.txz: Rebuilt. - Added upstream patch to prefer a blank if the same glyph is used for other - characters. Added udev rules. Thanks to Didier Spaier. -testing/source/linux-4.6-rc1-configs/*: Added. -+--------------------------+ -Sat Mar 26 23:20:34 UTC 2016 -a/etc-14.2-x86_64-6.txz: Rebuilt. - Added polkitd user (UID 87) and group (GID 87). -ap/mc-4.8.16-x86_64-2.txz: Rebuilt. - Applied some upstream patches. Thanks to th_r. -d/cmake-3.5.1-x86_64-1.txz: Upgraded. -l/iso-codes-3.66-noarch-1.txz: Upgraded. -l/libsecret-0.18.5-x86_64-1.txz: Upgraded. -l/polkit-0.113-x86_64-2.txz: Rebuilt. - Ensure that polkitd user (UID 87) and group (GID 87) exist. - Ensure correct permissions on /etc/polkit-1/rules.d. - Remove obsolete .pkla rules and /etc/polkit-1/localauthority directory. - Don't build and install examples. -l/urwid-1.0.3-x86_64-1.txz: Upgraded. - Switch to version 1.0.3, since wicd has problems with newer versions. -n/bluez-5.38-x86_64-2.txz: Rebuilt. - Use reset=1 when loading the btusb module. - Applied upstream patch to fix a crash when connecting to audio controllers. - Thanks to gmgf. -n/curl-7.48.0-x86_64-1.txz: Upgraded. -n/mtr-0.86-x86_64-1.txz: Upgraded. -x/xkeyboard-config-2.17-noarch-1.txz: Upgraded. -xap/fvwm-2.6.6-x86_64-1.txz: Upgraded. -extra/brltty/brltty-5.3.1-x86_64-1.txz: Upgraded. -extra/wicd/wicd-1.7.4-x86_64-2.txz: Rebuilt. - Fix wicd-curses crash bugs. Thanks to foobaru, Tonus, and comet.berkeley. -+--------------------------+ -Fri Mar 25 20:43:59 UTC 2016 -a/glibc-zoneinfo-2016c-noarch-1.txz: Upgraded. -a/kernel-firmware-20160325git-noarch-1.txz: Upgraded. -a/ntfs-3g-2016.2.22-x86_64-1.txz: Upgraded. - Shared library .so-version bump. -ap/cups-filters-1.8.3-x86_64-1.txz: Upgraded. -ap/sudo-1.8.16-x86_64-1.txz: Upgraded. -ap/zsh-5.2-x86_64-1.txz: Upgraded. -kde/ktouch-4.14.3-x86_64-3.txz: Rebuilt. - Patched to fix performance issues. Thanks to Andrzej Telszewski. -l/libevent-2.0.22-x86_64-1.txz: Upgraded. - Multiple integer overflows in the evbuffer API allow context-dependent - attackers to cause a denial of service or possibly have other unspecified - impact via "insanely large inputs" to the (1) evbuffer_add, - (2) evbuffer_expand, or (3) bufferevent_write function, which triggers a - heap-based buffer overflow or an infinite loop. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6272 - (* Security fix *) -l/polkit-0.113-x86_64-1.txz: Upgraded. - Polkit config format change: Uses ".rules" files rather than ".pkla", and - the rules files are JavaScript. Thanks to Robby Workman. -l/polkit-gnome-0.105-x86_64-1.txz: Upgraded. - Thanks to Robby Workman. -n/NetworkManager-1.0.10-x86_64-5.txz: Rebuilt. - Patched rc.networkmanager to only attempt to kill wpa_supplicant on shutdown - using the first .pid found in /var/run or /run. Otherwise if those - directories are symlinked or bind mounted together there will be a race - condition that may result in an error message. - I'm still not certain that rc.networkmanager should be messing with - wpa_supplicant. What about cases where NetworkManager might be configured to - *not* manage the wireless interfaces at all? - Luckily, there is rarely any reason for stopping NetworkManager (outside of - shutdown or reboot), or for restarting it. -n/irssi-0.8.19-x86_64-1.txz: Upgraded. -n/nmap-7.11-x86_64-1.txz: Upgraded. -xap/mozilla-thunderbird-38.7.1-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14632 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14633 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146 + (* Security fix *) +l/pycairo-1.16.3-x86_64-1.txz: Upgraded. +n/bluez-5.49-x86_64-1.txz: Upgraded. +x/xorgproto-2018.4-x86_64-2.txz: Rebuilt. + Include support for legacy protocols. Thanks to nobodino. +extra/bash-completion/bash-completion-2.8-noarch-1.txz: Upgraded. ++--------------------------+ +Sat Mar 17 03:25:26 UTC 2018 +Beannachtai na le Padraig oraibh! +a/hdparm-9.55-x86_64-1.txz: Upgraded. +ap/dmidecode-3.1-x86_64-1.txz: Upgraded. +d/cmake-3.10.3-x86_64-1.txz: Upgraded. +n/libtirpc-1.0.3-x86_64-1.txz: Upgraded. +x/xf86-video-amdgpu-18.0.1-x86_64-1.txz: Upgraded. +x/xf86-video-ati-18.0.1-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-59.0.1-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html - (* Security fix *) -+--------------------------+ -Mon Mar 21 03:19:48 UTC 2016 -a/aaa_elflibs-14.2-x86_64-11.txz: Rebuilt. -a/lvm2-2.02.147-x86_64-1.txz: Upgraded. -a/pciutils-3.4.1-x86_64-2.txz: Rebuilt. - Use a shared libpci, not a static one. This fixes linking some programs as - the static library won't pull in other recent dependencies such as libudev. - Thanks to 55020. -a/pkgtools-14.2-noarch-6.txz: Rebuilt. - In installpkg's terse mode, make some dots connecting the description to the - uncompressed package size. -a/utempter-1.1.6-x86_64-2.txz: Rebuilt. - Fixed manpage symlinks. Thanks to elyk. -ap/cups-filters-1.8.2-x86_64-2.txz: Rebuilt. - Recompiled against poppler-0.42.0. -ap/ddrescue-1.21-x86_64-1.txz: Upgraded. -ap/man-pages-4.05-noarch-1.txz: Upgraded. -ap/mc-4.8.16-x86_64-1.txz: Upgraded. -kde/calligra-2.9.11-x86_64-2.txz: Rebuilt. - Recompiled against poppler-0.42.0. -kde/kde-workspace-4.11.22-x86_64-3.txz: Rebuilt. - Recompiled against shared library from pciutils-3.4.1. -kde/lskat-4.14.3-x86_64-3.txz: Rebuilt. - Fixed a typo in slack-desc. -l/harfbuzz-1.2.4-x86_64-1.txz: Upgraded. -l/libodfgen-0.1.6-x86_64-1.txz: Upgraded. - Thanks to Heinz Wiesinger. -l/librevenge-0.0.4-x86_64-1.txz: Upgraded. - Thanks to Heinz Wiesinger. -l/libvisio-0.1.5-x86_64-1.txz: Upgraded. - Thanks to Heinz Wiesinger. -l/libwpd-0.10.1-x86_64-1.txz: Upgraded. - Thanks to Heinz Wiesinger. -l/libzip-1.0.1-x86_64-2.txz: Rebuilt. - Fixed manpage symlinks. Thanks to elyk. -l/poppler-0.42.0-x86_64-1.txz: Upgraded. - Shared library .so-version bump. -l/taglib-1.10-x86_64-1.txz: Upgraded. - Thanks to Heinz Wiesinger. -l/wavpack-4.75.2-x86_64-1.txz: Upgraded. - Thanks to Heinz Wiesinger. -n/NetworkManager-1.0.10-x86_64-4.txz: Rebuilt. - When stopping NetworkManager, ensure that wpa_supplicant is also stopped. - Thanks to allend. -n/bluez-5.38-x86_64-1.txz: Upgraded. -tcl/tcl-8.6.5-x86_64-2.txz: Rebuilt. - Fixed manpage symlinks. Thanks to elyk. -tcl/tk-8.6.5-x86_64-2.txz: Rebuilt. -xap/hexchat-2.12.0-x86_64-2.txz: Rebuilt. - Recompiled against shared library from pciutils-3.4.1. -xfce/tumbler-0.1.31-x86_64-5.txz: Rebuilt. - Recompiled against poppler-0.42.0. -xfce/xfce4-power-manager-1.4.4-x86_64-4.txz: Rebuilt. - Removed dead symlinks in documentation. Thanks to elyk. -extra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild: Patched. - Scrape the webpage to determine the latest version. - Thanks to Eric Hameleers. + https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/ + https://www.mozilla.org/security/known-vulnerabilities/firefox.html + (* Security fix *) ++--------------------------+ +Fri Mar 16 02:29:29 UTC 2018 +a/kernel-firmware-20180314_4c0bf11-noarch-1.txz: Upgraded. +a/kernel-generic-4.14.27-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.27-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.27-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.27-x86-1.txz: Upgraded. +k/kernel-source-4.14.27-noarch-1.txz: Upgraded. + TRANSPARENT_HUGEPAGE_ALWAYS y -> n + TRANSPARENT_HUGEPAGE_MADVISE n -> y + Thanks to Darth Vader. +n/bind-9.11.3-x86_64-1.txz: Upgraded. +n/curl-7.59.0-x86_64-1.txz: Upgraded. + This update fixes security issues: + FTP path trickery leads to NIL byte out of bounds write + LDAP NULL pointer dereference + RTSP RTP buffer over-read + For more information, see: + https://curl.haxx.se/docs/adv_2018-9cd6.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120 + https://curl.haxx.se/docs/adv_2018-97a2.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121 + https://curl.haxx.se/docs/adv_2018-b047.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122 + (* Security fix *) +x/libinput-1.10.3-x86_64-1.txz: Upgraded. +xap/hexchat-2.14.1-x86_64-1.txz: Upgraded. +xfce/xfce4-terminal-0.8.7.2-x86_64-1.txz: Upgraded. +extra/wicd/wicd-1.7.4-x86_64-3.txz: Rebuilt. + Patched to fix saving settings with wicd-curses. Thanks to justwantin. isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. -usb-and-pxe-installers/usbimg2disk.sh: Patched. - Fixed the call to sfdisk to make the first partition active. - Thanks to Jonathan Woithe. - Leave syslinux files in the USB stick root rather than trying to move them. -+--------------------------+ -Fri Mar 18 20:02:40 UTC 2016 -d/git-2.7.4-x86_64-1.txz: Upgraded. - NOTE: Issuing this patch again since the bug reporter listed the - wrong git version (2.7.1) as fixed. The vulnerability was actually - patched in git-2.7.4. - Fixed buffer overflows allowing server and client side remote code - execution in all git versions before 2.7.4. - For more information, see: - http://seclists.org/oss-sec/2016/q1/645 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2315 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2324 - (* Security fix *) -xap/hexchat-2.12.0-x86_64-1.txz: Upgraded. -xap/mozilla-thunderbird-38.7.0-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html - (* Security fix *) -extra/bash-completion/bash-completion-2.2-noarch-2.txz: Rebuilt. - Applied upstream patches to fix tar filename completion and related issues. - Thanks to Robby Workman. +--------------------------+ -Thu Mar 17 22:09:16 UTC 2016 -Good hello, let's call this Slackware 14.2 release candidate 1. We still -have a bit of work to do before this is fully ready to go, but we're done -doing every little upgrade that comes along. Well, mostly. -Have a great day, and beannachtai na Feile Padraig oraibh! -a/kernel-generic-4.4.6-x86_64-1.txz: Upgraded. -a/kernel-huge-4.4.6-x86_64-1.txz: Upgraded. -a/kernel-modules-4.4.6-x86_64-1.txz: Upgraded. -d/kernel-headers-4.4.6-x86-1.txz: Upgraded. -d/perl-5.22.1-x86_64-1.txz: Upgraded. - Also upgraded to DBD-mysql-4.033, URI-1.71, and XML-Simple-2.22. -k/kernel-source-4.4.6-noarch-1.txz: Upgraded. -l/M2Crypto-0.23.0-x86_64-1.txz: Upgraded. -n/crda-3.18-x86_64-3.txz: Rebuilt. - Upgraded to wireless-regdb-2016.02.08. Thanks to USUARIONUEVO. -n/nmap-7.10-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-45.0.1-x86_64-1.txz: Upgraded. +Tue Mar 13 21:12:51 UTC 2018 +a/time-1.9-x86_64-1.txz: Upgraded. +d/automake-1.16.1-noarch-1.txz: Upgraded. +l/imagemagick-6.9.9_38-x86_64-1.txz: Upgraded. +n/samba-4.7.6-x86_64-1.txz: Upgraded. + This is a security update in order to patch the following defects: + On a Samba 4 AD DC the LDAP server in all versions of Samba from + 4.0.0 onwards incorrectly validates permissions to modify passwords + over LDAP allowing authenticated users to change any other users` + passwords, including administrative users. + All versions of Samba from 4.0.0 onwards are vulnerable to a denial of + service attack when the RPC spoolss service is configured to be run as + an external daemon. Missing input sanitization checks on some of the + input parameters to spoolss RPC calls could cause the print spooler + service to crash. There is no known vulnerability associated with this + error, merely a denial of service. If the RPC spoolss service is left by + default as an internal service, all a client can do is crash its own + authenticated connection. + For more information, see: + https://www.samba.org/samba/security/CVE-2018-1057.html + https://wiki.samba.org/index.php/CVE-2018-1057 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050 + (* Security fix *) +xap/mozilla-firefox-59.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html - (* Security fix *) -extra/tigervnc/tigervnc-1.6.0-x86_64-2.txz: Rebuilt. - Rebuilt for xorg-server-1.18.2. + https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/ + https://www.mozilla.org/security/known-vulnerabilities/firefox.html + (* Security fix *) ++--------------------------+ +Tue Mar 13 04:24:58 UTC 2018 +ap/hplip-3.18.3-x86_64-1.txz: Upgraded. +ap/vim-8.0.1601-x86_64-1.txz: Upgraded. +n/NetworkManager-1.10.6-x86_64-1.txz: Upgraded. +x/bigreqsproto-1.1.2-noarch-1.txz: Removed. +x/compositeproto-0.4.2-noarch-1.txz: Removed. +x/damageproto-1.2.1-noarch-1.txz: Removed. +x/dmxproto-2.3.1-noarch-1.txz: Removed. +x/dri2proto-2.8-x86_64-2.txz: Removed. +x/dri3proto-1.0-x86_64-2.txz: Removed. +x/evieext-1.1.1-noarch-1.txz: Removed. +x/fixesproto-5.0-x86_64-2.txz: Removed. +x/fontcacheproto-0.1.3-noarch-1.txz: Removed. +x/fontsproto-2.1.3-noarch-1.txz: Removed. +x/glproto-1.4.17-noarch-1.txz: Removed. +x/inputproto-2.3.2-noarch-1.txz: Removed. +x/kbproto-1.0.7-noarch-1.txz: Removed. +x/presentproto-1.1-x86_64-1.txz: Removed. +x/printproto-1.0.5-noarch-1.txz: Removed. +x/randrproto-1.5.0-noarch-1.txz: Removed. +x/recordproto-1.14.2-noarch-1.txz: Removed. +x/renderproto-0.11.1-noarch-1.txz: Removed. +x/resourceproto-1.2.0-noarch-1.txz: Removed. +x/scrnsaverproto-1.2.2-noarch-1.txz: Removed. +x/videoproto-2.3.3-noarch-1.txz: Removed. +x/xcmiscproto-1.2.2-noarch-1.txz: Removed. +x/xextproto-7.3.0-x86_64-2.txz: Removed. +x/xf86bigfontproto-1.2.0-noarch-1.txz: Removed. +x/xf86dgaproto-2.1-noarch-1.txz: Removed. +x/xf86driproto-2.1.1-noarch-1.txz: Removed. +x/xf86miscproto-0.9.3-noarch-1.txz: Removed. +x/xf86vidmodeproto-2.3.1-noarch-1.txz: Removed. +x/xineramaproto-1.2.1-noarch-1.txz: Removed. +x/xorgproto-2018.4-x86_64-1.txz: Added. +x/xproto-7.0.31-noarch-1.txz: Removed. +xap/vim-gvim-8.0.1601-x86_64-1.txz: Upgraded. ++--------------------------+ +Mon Mar 12 07:16:15 UTC 2018 +a/kernel-generic-4.14.26-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.26-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.26-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.26-x86-1.txz: Upgraded. +k/kernel-source-4.14.26-noarch-1.txz: Upgraded. +x/ico-1.0.5-x86_64-1.txz: Upgraded. +x/intel-gpu-tools-1.22-x86_64-1.txz: Upgraded. +x/transset-1.0.2-x86_64-1.txz: Upgraded. +x/xbacklight-1.2.2-x86_64-1.txz: Upgraded. +x/xbitmaps-1.1.2-x86_64-1.txz: Upgraded. +x/xcursor-themes-1.0.5-noarch-1.txz: Upgraded. +x/xeyes-1.1.2-x86_64-1.txz: Upgraded. +x/xf86-video-intel-git_20180206_aa36399c-x86_64-1.txz: Upgraded. +x/xfontsel-1.0.6-x86_64-1.txz: Upgraded. +x/xinit-1.4.0-x86_64-1.txz: Upgraded. +x/xkill-1.0.5-x86_64-1.txz: Upgraded. +x/xload-1.1.3-x86_64-1.txz: Upgraded. +x/xlsclients-1.1.4-x86_64-1.txz: Upgraded. +x/xlsfonts-1.0.6-x86_64-1.txz: Upgraded. +x/xmessage-1.0.5-x86_64-1.txz: Upgraded. +x/xpr-1.0.5-x86_64-1.txz: Upgraded. +x/xprop-1.2.3-x86_64-1.txz: Upgraded. +x/xpyb-1.3.1-x86_64-4.txz: Rebuilt. + Patched and recompiled against xcb-proto-1.13. +x/xrdb-1.1.1-x86_64-1.txz: Upgraded. +x/xrefresh-1.0.6-x86_64-1.txz: Upgraded. +x/xset-1.2.4-x86_64-1.txz: Upgraded. +x/xsetroot-1.1.2-x86_64-1.txz: Upgraded. +x/xsm-1.0.4-x86_64-1.txz: Upgraded. +x/xwd-1.0.7-x86_64-1.txz: Upgraded. +x/xwininfo-1.1.4-x86_64-1.txz: Upgraded. +x/xwud-1.0.5-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. -testing/source/linux-4.5-configs/*: Added. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Tue Mar 15 23:53:18 UTC 2016 -a/glibc-zoneinfo-2016b-noarch-1.txz: Upgraded. -a/procps-ng-3.3.11-x86_64-1.txz: Upgraded. -d/git-2.7.3-x86_64-1.txz: Upgraded. - Fixed buffer overflows allowing server and client side remote code - execution in all git versions before 2.7.1. - For more information, see: - http://seclists.org/oss-sec/2016/q1/645 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2315 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2324 - (* Security fix *) -kde/kdelibs-4.14.18-x86_64-1.txz: Upgraded. -l/seamonkey-solibs-2.40-x86_64-1.txz: Upgraded. -n/ethtool-4.5-x86_64-1.txz: Upgraded. -xap/gnuplot-5.0.3-x86_64-1.txz: Upgraded. -xap/seamonkey-2.40-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - For more information, see: - http://www.seamonkey-project.org/releases/seamonkey2.40 - (* Security fix *) -xfce/xfce4-clipman-plugin-1.2.6-x86_64-1.txz: Upgraded. -+--------------------------+ -Mon Mar 14 02:18:20 UTC 2016 -a/grep-2.24-x86_64-1.txz: Upgraded. -ap/sudo-1.8.15-x86_64-1.txz: Upgraded. - New options: --with-insults --with-all-insults --with-pc-insults. - Sorry about this, I know it's a bit silly. ;-) - Thanks to chytraeus for the suggestion. -x/videoproto-2.3.3-noarch-1.txz: Upgraded. -x/xorg-server-1.18.2-x86_64-1.txz: Upgraded. -x/xorg-server-xephyr-1.18.2-x86_64-1.txz: Upgraded. -x/xorg-server-xnest-1.18.2-x86_64-1.txz: Upgraded. -x/xorg-server-xvfb-1.18.2-x86_64-1.txz: Upgraded. -xap/MPlayer-1.2_20160125-x86_64-2.txz: Rebuilt. - Rebuilt against ffmpeg-2.8.6. - Force lavf for flac because the native demuxer can't handle embedded album - art. As a bonus (or a regression) you'll also get album art if it exists. -xap/xine-lib-1.2.6-x86_64-8.txz: Rebuilt. - Rebuilt against ffmpeg-2.8.6. -+--------------------------+ -Thu Mar 10 23:43:47 UTC 2016 -a/kernel-firmware-20160310git-noarch-1.txz: Upgraded. -a/kernel-generic-4.4.5-x86_64-1.txz: Upgraded. -a/kernel-huge-4.4.5-x86_64-1.txz: Upgraded. -a/kernel-modules-4.4.5-x86_64-1.txz: Upgraded. -ap/vim-7.4.1530-x86_64-1.txz: Upgraded. - When building vim, we now fetch a prepatched archive from github rather than - applying hundreds or thousands of patches to the original sources. As a side - benefit, all you need to do in order to build the latest version of vim is - remove the existing tarball and run the SlackBuild again. It will scrape the - vim page at github for the latest version number and then fetch that version. - Thanks to USUARIONUEVO for posting a URL that got me thinking about it. -d/git-2.7.2-x86_64-1.txz: Upgraded. -d/kernel-headers-4.4.5-x86-1.txz: Upgraded. -k/kernel-source-4.4.5-noarch-1.txz: Upgraded. -l/gtk+3-3.18.9-x86_64-1.txz: Upgraded. -n/openssh-7.2p2-x86_64-1.txz: Upgraded. - This release fixes a security bug: - sshd(8): sanitise X11 authentication credentials to avoid xauth - command injection when X11Forwarding is enabled. - For more information, see: - http://www.openssh.com/txt/x11fwd.adv - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3115 - (* Security fix *) -xap/vim-gvim-7.4.1530-x86_64-1.txz: Upgraded. +Sun Mar 11 06:02:10 UTC 2018 +a/e2fsprogs-1.44.0-x86_64-1.txz: Upgraded. +a/kernel-generic-4.14.25-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.25-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.25-x86_64-1.txz: Upgraded. +a/logrotate-3.14.0-x86_64-1.txz: Upgraded. +ap/nano-2.9.4-x86_64-1.txz: Upgraded. +d/distcc-3.3-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.25-x86-1.txz: Upgraded. +d/llvm-6.0.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +d/rust-1.24.1-x86_64-2.txz: Rebuilt. + Use the bundled LLVM compiler since Rust will usually not be ready to be + built with the latest LLVM. Thanks to Andrew Clemons. +k/kernel-source-4.14.25-noarch-1.txz: Upgraded. +l/fluidsynth-1.1.10-x86_64-1.txz: Upgraded. +l/libxml2-2.9.8-x86_64-1.txz: Upgraded. +n/dovecot-2.3.0.1-x86_64-2.txz: Rebuilt. + Recompiled with --with-ldap=plugin option. Thanks to AlexSlack. +x/libevdev-1.5.9-x86_64-1.txz: Upgraded. +x/mesa-17.3.6-x86_64-2.txz: Rebuilt. + Recompiled against llvm-6.0.0. +x/xf86-video-vmware-13.2.1-x86_64-5.txz: Rebuilt. + Recompiled against llvm-6.0.0. +xap/pidgin-2.13.0-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. - Use "mkfs.brtfs -f" in SeTpartitions. Thanks to Didier Spaier. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. - Use "mkfs.brtfs -f" in SeTpartitions. Thanks to Didier Spaier. -+--------------------------+ -Thu Mar 10 02:46:49 UTC 2016 -a/cryptsetup-1.7.1-x86_64-1.txz: Upgraded. -a/grep-2.23-x86_64-1.txz: Upgraded. -ap/htop-2.0.1-x86_64-1.txz: Upgraded. -d/cmake-3.5.0-x86_64-1.txz: Upgraded. -kde/calligra-2.9.11-x86_64-1.txz: Upgraded. -kde/kdelibs-4.14.17-x86_64-1.txz: Upgraded. -kdei/calligra-l10n-bs-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ca-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ca\@valencia-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-cs-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-da-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-de-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-el-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-en_GB-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-es-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-et-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-fi-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-fr-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-gl-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-hu-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-it-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ja-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-kk-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-nb-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-nl-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pl-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pt-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pt_BR-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ru-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-sk-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-sv-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-tr-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-uk-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-zh_CN-2.9.11-noarch-1.txz: Upgraded. -kdei/calligra-l10n-zh_TW-2.9.11-noarch-1.txz: Upgraded. -l/mozilla-nss-3.23-x86_64-1.txz: Upgraded. - Upgraded to nss-3.23 and nspr-4.12. - This release contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/nss.html - (* Security fix *) -n/bind-9.10.3_P4-x86_64-1.txz: Upgraded. - Fixed security issues: - Duplicate EDNS COOKIE options in a response could trigger an assertion - failure. (CVE-2016-2088) [RT #41809] - Fix resolver assertion failure due to improper DNAME handling when - parsing fetch reply messages. (CVE-2016-1286) [RT #41753] - Malformed control messages can trigger assertions in named and rndc. - (CVE-2016-1285) [RT #41666] - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2088 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285 - (* Security fix *) -n/gnupg-1.4.20-x86_64-1.txz: Upgraded. -n/lynx-2.8.8rel.2-x86_64-1.txz: Upgraded. -x/xf86-video-openchrome-git_20160309_74e95a6-x86_64-1.txz: Upgraded. +--------------------------+ -Wed Mar 9 01:36:14 UTC 2016 -d/llvm-3.8.0-x86_64-1.txz: Upgraded. +Thu Mar 8 21:52:05 UTC 2018 +a/kernel-modules-4.14.24-x86_64-2.txz: Rebuilt. + Fixed "build" and "source" symlinks. ++--------------------------+ +Thu Mar 8 07:07:45 UTC 2018 +a/dbus-1.12.6-x86_64-1.txz: Upgraded. +a/kernel-generic-4.14.24-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.24-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.24-x86_64-1.txz: Upgraded. +ap/cups-filters-1.20.1-x86_64-2.txz: Rebuilt. + Recompiled against qpdf-8.0.2. +ap/qpdf-8.0.2-x86_64-1.txz: Upgraded. Shared library .so-version bump. -x/mesa-11.1.2-x86_64-2.txz: Rebuilt. - Recompiled against libLLVM-3.8. -x/xf86-video-vmware-13.1.0-x86_64-7.txz: Rebuilt. - Recompiled against libLLVM-3.8. -+--------------------------+ -Tue Mar 8 20:30:19 UTC 2016 -l/shared-mime-info-1.6-x86_64-1.txz: Upgraded. -n/samba-4.3.6-x86_64-1.txz: Upgraded. - This update fixes bugs, and two security issues: - Incorrect ACL get/set allowed on symlink path (CVE-2015-7560). - Out-of-bounds read in internal DNS server (CVE-2016-0771). - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771 - (* Security fix *) -xap/mozilla-firefox-45.0-x86_64-1.txz: Upgraded. - This release contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html - (* Security fix *) +d/kernel-headers-4.14.24-x86-1.txz: Upgraded. +d/mercurial-4.5.2-x86_64-1.txz: Upgraded. +d/meson-0.45.0-x86_64-1.txz: Upgraded. +d/rust-1.24.1-x86_64-1.txz: Upgraded. +k/kernel-source-4.14.24-noarch-1.txz: Upgraded. +kde/amarok-2.9.0-x86_64-1.txz: Upgraded. +l/SDL2_image-2.0.3-x86_64-1.txz: Upgraded. +l/cairo-1.15.10-x86_64-1.txz: Upgraded. +l/gvfs-1.34.2.1-x86_64-1.txz: Upgraded. +l/harfbuzz-1.7.6-x86_64-1.txz: Upgraded. +l/libclc-20180223_3554053-x86_64-1.txz: Upgraded. +l/librsvg-2.42.3-x86_64-1.txz: Upgraded. +l/mozilla-nss-3.36-x86_64-1.txz: Upgraded. + Upgraded to nss-3.36 and nspr-4.19. +l/slang-2.3.2-x86_64-1.txz: Upgraded. +n/mutt-1.9.4-x86_64-1.txz: Upgraded. +n/php-7.2.3-x86_64-1.txz: Upgraded. + This update fixes a stack buffer overflow vulnerability. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7584 + (* Security fix *) +x/appres-1.0.5-x86_64-1.txz: Upgraded. +x/editres-1.0.7-x86_64-1.txz: Upgraded. +x/fontconfig-2.13.0-x86_64-1.txz: Upgraded. +x/iceauth-1.0.8-x86_64-1.txz: Upgraded. +x/libdrm-2.4.91-x86_64-1.txz: Upgraded. +x/libinput-1.10.2-x86_64-1.txz: Upgraded. +x/libxcb-1.13-x86_64-1.txz: Upgraded. +x/listres-1.0.4-x86_64-1.txz: Upgraded. +x/mkfontscale-1.1.3-x86_64-1.txz: Upgraded. +x/oclock-1.0.4-x86_64-1.txz: Upgraded. +x/twm-1.0.10-x86_64-1.txz: Upgraded. +x/util-macros-1.19.2-noarch-1.txz: Upgraded. +x/viewres-1.0.5-x86_64-1.txz: Upgraded. +x/wqy-zenhei-font-ttf-0.8.38_1-noarch-4.txz: Rebuilt. + Fix .conf files to not produce warnings with fontconfig-2.13.0. +x/xcb-proto-1.13-x86_64-1.txz: Upgraded. +x/xdriinfo-1.0.6-x86_64-1.txz: Upgraded. +x/xf86-video-amdgpu-18.0.0-x86_64-1.txz: Upgraded. +x/xf86-video-ati-18.0.0-x86_64-1.txz: Upgraded. +x/xkbcomp-1.4.1-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Tue Mar 8 01:54:33 UTC 2016 -A few more updates. Thanks to Robby Workman for prepping most of -the minor version bumps. -a/acpid-2.0.26-x86_64-1.txz: Upgraded. -a/ed-1.13-x86_64-1.txz: Upgraded. -a/hwdata-0.284-noarch-1.txz: Upgraded. -a/lvm2-2.02.145-x86_64-1.txz: Upgraded. -a/pciutils-3.4.1-x86_64-1.txz: Upgraded. -ap/cups-filters-1.8.2-x86_64-1.txz: Upgraded. -ap/diffstat-1.60-x86_64-1.txz: Upgraded. -ap/enscript-1.6.6-x86_64-1.txz: Upgraded. -ap/foomatic-filters-4.0.17-x86_64-1.txz: Removed. - The cups-filters package contains these programs. -ap/lxc-1.1.5-x86_64-3.txz: Rebuilt. - Added modified versions of a few init scripts instead of having the - lxc-slackware template try to patch them (which invariably led to the - template breaking every time any of the other files were changed). -ap/man-pages-4.04-noarch-1.txz: Upgraded. -ap/sysstat-11.2.1.1-x86_64-1.txz: Upgraded. -d/binutils-2.26-x86_64-3.txz: Rebuilt. - Rebuilt with --enable-install-libiberty, since the binutils version of - libiberty.a will be built with -fPIC where needed. -d/cscope-15.8b-x86_64-1.txz: Upgraded. -d/gcc-5.3.0-x86_64-3.txz: Rebuilt. - Rebuilt with --disable-install-libiberty. -d/gcc-g++-5.3.0-x86_64-3.txz: Rebuilt. -d/gcc-gfortran-5.3.0-x86_64-3.txz: Rebuilt. -d/gcc-gnat-5.3.0-x86_64-3.txz: Rebuilt. -d/gcc-go-5.3.0-x86_64-3.txz: Rebuilt. -d/gcc-java-5.3.0-x86_64-3.txz: Rebuilt. -d/gcc-objc-5.3.0-x86_64-3.txz: Rebuilt. -d/pkg-config-0.29.1-x86_64-1.txz: Upgraded. -d/python-setuptools-20.1.1-x86_64-1.txz: Upgraded. -l/LibRaw-0.17.1-x86_64-1.txz: Upgraded. -l/aspell-0.60.6.1-x86_64-1.txz: Upgraded. -l/fribidi-0.19.7-x86_64-1.txz: Upgraded. -l/fuse-2.9.5-x86_64-1.txz: Upgraded. -l/gtk+2-2.24.30-x86_64-1.txz: Upgraded. -l/gvfs-1.26.3-x86_64-1.txz: Upgraded. -l/libgsf-1.14.36-x86_64-1.txz: Upgraded. -l/libnl3-3.2.27-x86_64-1.txz: Upgraded. -l/libsecret-0.18.4-x86_64-1.txz: Upgraded. -l/libwpg-0.3.1-x86_64-1.txz: Upgraded. -l/mpfr-3.1.4-x86_64-1.txz: Upgraded. -l/pycurl-7.43.0-x86_64-1.txz: Upgraded. -l/v4l-utils-1.10.0-x86_64-1.txz: Upgraded. -n/lftp-4.6.5-x86_64-1.txz: Upgraded. -n/nettle-3.2-x86_64-1.txz: Upgraded. -n/netwatch-1.3.1_2-x86_64-1.txz: Upgraded. -n/openssh-7.2p1-x86_64-1.txz: Upgraded. - Thanks to Alan Brantley for updating the libwrap patch. -n/p11-kit-0.23.2-x86_64-1.txz: Upgraded. -n/php-5.6.19-x86_64-1.txz: Upgraded. - This release fixes bugs and security issues. - For more information, see: - http://php.net/ChangeLog-5.php#5.6.19 - (* Security fix *) -x/libdrm-2.4.67-x86_64-1.txz: Upgraded. -x/libva-1.6.2-x86_64-1.txz: Upgraded. -x/libva-intel-driver-1.6.2-x86_64-1.txz: Upgraded. -x/xorg-server-1.18.1-x86_64-2.txz: Rebuilt. - Applied a patch to fix crashes when making MPlayer (and some other video - players) go fullscreen after a resume. Thanks to orbea. -x/xorg-server-xephyr-1.18.1-x86_64-2.txz: Rebuilt. -x/xorg-server-xnest-1.18.1-x86_64-2.txz: Rebuilt. -x/xorg-server-xvfb-1.18.1-x86_64-2.txz: Rebuilt. -xap/geeqie-1.2.1-x86_64-2.txz: Rebuilt. - Patched to fix crashes and high CPU usage when used with modern versions - of GTK+. Thanks to Jas for pointing out the patch in upstream git. -extra/bash-completion/bash-completion-2.2-noarch-1.txz: Upgraded. -+--------------------------+ -Fri Mar 4 18:22:42 UTC 2016 -a/kernel-generic-4.4.4-x86_64-1.txz: Upgraded. -a/kernel-huge-4.4.4-x86_64-1.txz: Upgraded. -a/kernel-modules-4.4.4-x86_64-1.txz: Upgraded. -a/lvm2-2.02.144-x86_64-1.txz: Upgraded. -a/mdadm-3.3.4-x86_64-1.txz: Upgraded. -a/upower-0.9.23-x86_64-3.txz: Rebuilt. - Added several patches from the git master branch, including one to prevent - a bluetooth mouse or keyboard from being improperly detected as a power - source. Thanks to Robby Workman. -ap/texinfo-6.1-x86_64-1.txz: Upgraded. -d/kernel-headers-4.4.4-x86-1.txz: Upgraded. -k/kernel-source-4.4.4-noarch-1.txz: Upgraded. -l/dbus-glib-0.106-x86_64-1.txz: Upgraded. -l/dbus-python-1.2.2-x86_64-1.txz: Upgraded. -n/conntrack-tools-1.4.3-x86_64-1.txz: Upgraded. -n/gnutls-3.4.10-x86_64-1.txz: Upgraded. -n/iproute2-4.4.0-x86_64-1.txz: Upgraded. -n/iptables-1.6.0-x86_64-1.txz: Upgraded. -n/irssi-0.8.18-x86_64-1.txz: Upgraded. -n/libnetfilter_conntrack-1.0.5-x86_64-1.txz: Upgraded. -n/libnftnl-1.0.5-x86_64-1.txz: Upgraded. -n/nftables-0.5-x86_64-1.txz: Upgraded. -n/stunnel-5.31-x86_64-1.txz: Upgraded. +Thu Mar 1 23:24:54 UTC 2018 +a/kernel-generic-4.14.23-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.23-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.23-x86_64-1.txz: Upgraded. +a/lilo-24.2-x86_64-7.txz: Rebuilt. + liloconfig: prevent extraneous Windows partitions from being added + to lilo.conf. Thanks to allend. + liloconfig: display a notice when the script is scanning for partitions + (which may take some time) so that it doesn't appear to be stalled. +a/xfsprogs-4.15.1-x86_64-1.txz: Upgraded. +ap/man-db-2.8.2-x86_64-1.txz: Upgraded. +ap/mpg123-1.25.10-x86_64-1.txz: Upgraded. +d/help2man-1.47.6-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.23-x86-1.txz: Upgraded. +k/kernel-source-4.14.23-noarch-1.txz: Upgraded. +l/SDL2-2.0.8-x86_64-1.txz: Upgraded. +l/libunistring-0.9.9-x86_64-1.txz: Upgraded. +l/mozilla-nss-3.35-x86_64-1.txz: Upgraded. + Upgraded to nss-3.35 and nspr-4.18. +l/sip-4.19.8-x86_64-1.txz: Upgraded. +l/tevent-0.9.36-x86_64-1.txz: Upgraded. +n/dhcp-4.4.1-x86_64-1.txz: Upgraded. + This update fixes two security issues: + Corrected an issue where large sized 'X/x' format options were causing + option handling logic to overwrite memory when expanding them to human + readable form. Reported by Felix Wilhelm, Google Security Team. + Option reference count was not correctly decremented in error path + when parsing buffer for options. Reported by Felix Wilhelm, Google + Security Team. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5732 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5733 + (* Security fix *) +n/dovecot-2.3.0.1-x86_64-1.txz: Upgraded. + This release addresses three security issues in dovecot: + TLS SNI config lookups may lead to excessive memory usage, causing + imap-login/pop3-login VSZ limit to be reached and the process restarted. + Parsing invalid email addresses may cause a crash or leak memory contents + to attacker. First discovered by Aleksandar Nikolic of Cisco Talos. + Independently also discovered by "flxflndy" via HackerOne. + Aborted SASL authentication leaks memory in login process. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15130 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14461 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15132 + (* Security fix *) +n/ntp-4.2.8p11-x86_64-1.txz: Upgraded. + This release addresses five security issues in ntpd: + * LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU#961909: Sybil vulnerability: + ephemeral association attack. While fixed in ntp-4.2.8p7, there are + significant additional protections for this issue in 4.2.8p11. + Reported by Matt Van Gundy of Cisco. + * INFO/MEDIUM: Sec 3412 / CVE-2018-7182 / VU#961909: ctl_getitem(): buffer + read overrun leads to undefined behavior and information leak. + Reported by Yihan Lian of Qihoo 360. + * LOW: Sec 3415 / CVE-2018-7170 / VU#961909: Multiple authenticated + ephemeral associations. Reported on the questions@ list. + * LOW: Sec 3453 / CVE-2018-7184 / VU#961909: Interleaved symmetric mode + cannot recover from bad state. Reported by Miroslav Lichvar of Red Hat. + * LOW/MEDIUM: Sec 3454 / CVE-2018-7185 / VU#961909: Unauthenticated packet + can reset authenticated interleaved association. + Reported by Miroslav Lichvar of Red Hat. + For more information, see: + http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1549 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7182 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7170 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7184 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7185 + (* Security fix *) +n/openvpn-2.4.5-x86_64-1.txz: Upgraded. + rc.openvpn: handle multiple config files. + Thanks to Daniel Junior, Thomas Choi, and BrokenCog for helpful hints. +n/p11-kit-0.23.10-x86_64-1.txz: Upgraded. +x/libinput-1.10.1-x86_64-1.txz: Upgraded. +x/libxshmfence-1.3-x86_64-1.txz: Upgraded. +xfce/xfce4-notifyd-0.4.2-x86_64-1.txz: Upgraded. +xfce/xfce4-settings-4.12.2-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Thu Mar 3 20:05:41 UTC 2016 -ap/mariadb-10.0.24-x86_64-2.txz: Rebuilt. - Recompiled with patched binutils. -d/binutils-2.26-x86_64-2.txz: Rebuilt. - Applied upstream patches for several bugs, including: - PR ld/19698 - * elflink.c (bfd_elf_record_link_assignment): Set versioned if - symbol version is unknown. - Which was causing MariaDB to fail to start properly for Akonadi. -d/python-2.7.11-x86_64-2.txz: Rebuilt. - Recompiled to drop support for OpenSSL SSLv2. - Thanks to Matteo Bernardini. -l/neon-0.30.1-x86_64-2.txz: Rebuilt. - Recompiled to drop support for OpenSSL SSLv2. - Thanks to Matteo Bernardini. +Tue Feb 27 06:51:04 UTC 2018 +d/ccache-3.4.1-x86_64-1.txz: Upgraded. +x/mesa-17.3.6-x86_64-1.txz: Upgraded. ++--------------------------+ +Mon Feb 26 21:32:03 UTC 2018 +a/gawk-4.2.1-x86_64-1.txz: Upgraded. +a/kernel-generic-4.14.22-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.22-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.22-x86_64-1.txz: Upgraded. +a/lilo-24.2-x86_64-6.txz: Rebuilt. + Support NVMe devices. Thanks to timsoft. +ap/cups-filters-1.20.1-x86_64-1.txz: Upgraded. +d/automake-1.16-noarch-1.txz: Upgraded. +d/kernel-headers-4.14.22-x86-1.txz: Upgraded. +k/kernel-source-4.14.22-noarch-1.txz: Upgraded. +l/pycurl-7.43.0.1-x86_64-1.txz: Upgraded. +n/gnupg2-2.2.5-x86_64-1.txz: Upgraded. +x/libwacom-0.28-x86_64-1.txz: Upgraded. +xfce/xfce4-terminal-0.8.7.1-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Thu Mar 3 05:41:26 UTC 2016 -a/aaa_elflibs-14.2-x86_64-10.txz: Rebuilt. -a/kernel-firmware-20160302git-noarch-1.txz: Upgraded. -a/openssl-solibs-1.0.2g-x86_64-1.txz: Upgraded. -a/sysvinit-scripts-2.0-noarch-30.txz: Rebuilt. - rc.M: Start D-Bus and NetworkManager right after rc.inet1. -ap/ksh93-2012_08_01-x86_64-2.txz: Rebuilt. - Removed broken locale files. Thanks to Didier Spaier. -ap/nano-2.5.3-x86_64-1.txz: Upgraded. -ap/sqlite-3.11.0-x86_64-1.txz: Upgraded. -ap/vim-7.4.1424-x86_64-1.txz: Upgraded. -d/ruby-2.2.4-x86_64-1.txz: Upgraded. -l/libssh2-1.7.0-x86_64-1.txz: Moved. - Moved from N -> L series to be consistent with libssh. -l/poppler-0.41.0-x86_64-1.txz: Upgraded. -l/qca-2.1.1-x86_64-1.txz: Upgraded. -l/qca-cyrus-sasl-2.0.0_beta3-x86_64-2.txz: Removed. -l/qca-gnupg-2.0.0_beta3-x86_64-1.txz: Removed. -l/qca-ossl-2.0.0_beta3-x86_64-3.txz: Removed. -l/qt-4.8.7-x86_64-4.txz: Rebuilt. - Recompiled to drop support for OpenSSL SSLv2. -n/curl-7.47.1-x86_64-2.txz: Rebuilt. - Recompiled to drop support for OpenSSL SSLv2. -n/fetchmail-6.3.26-x86_64-2.txz: Rebuilt. - Recompiled to drop support for OpenSSL SSLv2. -n/httpd-2.4.18-x86_64-1.txz: Upgraded. -n/links-2.12-x86_64-2.txz: Rebuilt. - Recompiled to drop support for OpenSSL SSLv2. -n/mailx-12.5-x86_64-2.txz: Rebuilt. - Drop SSLv2 support (no longer supported by OpenSSL), and fix security issues - that could allow a local attacker to cause mailx to execute arbitrary - shell commands through the use of a specially-crafted email address. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2771 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7844 - (* Security fix *) -n/openssl-1.0.2g-x86_64-1.txz: Upgraded. - This update fixes the following security issues: - Cross-protocol attack on TLS using SSLv2 (DROWN) (CVE-2016-0800) - Double-free in DSA code (CVE-2016-0705) - Memory leak in SRP database lookups (CVE-2016-0798) - BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption (CVE-2016-0797) - Fix memory issues in BIO_*printf functions (CVE-2016-0799) - Side channel attack on modular exponentiation (CVE-2016-0702) - Note that this package drops all support for SSLv2, which breaks the ABI for - any binaries that make use of SSLv2_client_method. - For more information, see: - https://www.openssl.org/news/secadv/20160301.txt - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0800 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0705 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0798 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0797 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0799 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702 - (* Security fix *) -n/php-5.6.18-x86_64-1.txz: Upgraded. - This release fixes bugs and security issues. +Sat Feb 24 20:51:49 UTC 2018 +a/xfsprogs-4.15.0-x86_64-1.txz: Upgraded. +l/LibRaw-0.18.8-x86_64-1.txz: Upgraded. +t/fig2dev-3.2.6a-x86_64-1.txz: Added. +t/transfig-3.2.5e-x86_64-3.txz: Removed. + This package has been renamed fig2dev. +t/xfig-3.2.6a-x86_64-1.txz: Upgraded. ++--------------------------+ +Sat Feb 24 07:41:40 UTC 2018 +a/kernel-firmware-20180222_7344ec9-noarch-1.txz: Upgraded. +a/kernel-generic-4.14.21-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.21-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.21-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.21-x86-1.txz: Upgraded. +k/kernel-source-4.14.21-noarch-1.txz: Upgraded. +l/SDL2_mixer-2.0.2-x86_64-2.txz: Rebuilt. + Recompiled to use FluidSynth. +l/fluidsynth-1.1.9-x86_64-1.txz: Added. +l/notify-python-0.1.1-x86_64-5.txz: Removed. +l/python-notify2-0.3.1-x86_64-1.txz: Added. +l/sdl-1.2.15-x86_64-6.txz: Rebuilt. + Recompiled so that libSDL_mixer will use FluidSynth. +n/proftpd-1.3.6-x86_64-2.txz: Rebuilt. + Support ProFTPD modules mod_sftp and mod_facl. +n/wget-1.19.4-x86_64-2.txz: Rebuilt. + Applied upstream patch to fix logging in background mode. + Thanks to Willy Sudiarto Raharjo. +x/ttf-tlwg-0.6.4-noarch-1.txz: Added. +xap/audacious-plugins-3.9-x86_64-3.txz: Rebuilt. + Recompiled to add a FluidSynth-based MIDI plugin. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ +Thu Feb 22 19:36:43 UTC 2018 +a/pkgtools-15.0-noarch-5.txz: Rebuilt. + setup.services: add rc.smartd to setup menu. +a/smartmontools-6.6-x86_64-2.txz: Rebuilt. + Add rc.smartd init script. +a/sysvinit-scripts-2.1-noarch-6.txz: Rebuilt. + rc.M: start rc.smartd if it is executable. +d/meson-0.44.1-x86_64-1.txz: Upgraded. +l/system-config-printer-1.5.11-x86_64-2.txz: Rebuilt. + Applied upstream patch to fix the auth dialog. +n/postfix-3.3.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Thu Feb 22 04:34:23 UTC 2018 +a/less-530-x86_64-2.txz: Rebuilt. + Fixed lesspipe.sh permissions. +ap/lsof-4.90-x86_64-1.txz: Upgraded. +n/network-scripts-15.0-noarch-6.txz: Rebuilt. + rc.inet2: start rc.openvpn if it is executable. +n/openvpn-2.4.4-x86_64-2.txz: Rebuilt. + Added rc.openvpn. Include all the sample files, and link to the sample + configs in /etc/openvpn. Thanks to bifferos. +x/m17n-lib-1.8.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Tue Feb 20 06:34:11 UTC 2018 +a/bash-4.4.019-x86_64-1.txz: Upgraded. +a/kernel-generic-4.14.20-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.20-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.20-x86_64-1.txz: Upgraded. +a/less-530-x86_64-1.txz: Upgraded. +a/lzip-1.20-x86_64-2.txz: Rebuilt. + Don't move lzip to /bin. +a/lzlib-1.10-x86_64-2.txz: Rebuilt. + Let the library stay in /usr/lib{,64}. There's not much point in moving it + since plzip will require libstdc++.so in /usr/lib{,64}, and we're not going + to move that one. And realistically, there's also not much point in worrying + about whether the package tools will work with /usr unavailable. +a/pkgtools-15.0-noarch-4.txz: Rebuilt. + makepkg: use find and sed instead of a tar transform. Thanks to Seb. + installpkg: if a package was not made with makepkg, filter the filelist + through sed on the way to /var/log/packages/ to try to clean it up. +a/plzip-1.7-x86_64-2.txz: Rebuilt. + Don't move plzip to /bin. +d/kernel-headers-4.14.20-x86-1.txz: Upgraded. +k/kernel-source-4.14.20-noarch-1.txz: Upgraded. +n/whois-5.3.0-x86_64-1.txz: Upgraded. +tcl/expect-5.45.4-x86_64-1.txz: Upgraded. +x/libdrm-2.4.90-x86_64-1.txz: Upgraded. +x/mesa-17.3.5-x86_64-1.txz: Upgraded. +xfce/exo-0.12.0-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ +Sat Feb 17 06:06:29 UTC 2018 +a/btrfs-progs-v4.15.1-x86_64-1.txz: Upgraded. +a/pkgtools-15.0-noarch-3.txz: Rebuilt. + installpkg: support multiple threads for xz. Thanks to ivandi. + Default threads for plzip is now equal to the number of CPU threads on + the system rather than the number of physical cores. Default number of + threads on xz is set to 2, to avoid a memory allocation problem when + using too many threads on 32-bit. Not that it matters... they still + haven't implemented multi-threaded xz decompression. + makepkg: refactored setting compression type by requested extension. +ap/ddrescue-1.23-x86_64-1.txz: Upgraded. +d/git-2.16.2-x86_64-1.txz: Upgraded. +l/gc-7.6.4-x86_64-1.txz: Upgraded. +l/ocl-icd-2.2.12-x86_64-1.txz: Upgraded. +l/v4l-utils-1.14.2-x86_64-1.txz: Upgraded. +n/gnutls-3.6.2-x86_64-1.txz: Upgraded. +x/intel-vaapi-driver-2.1.0-x86_64-1.txz: Upgraded. +x/xf86-video-vesa-2.4.0-x86_64-1.txz: Upgraded. +xfce/Thunar-1.6.14-x86_64-1.txz: Upgraded. ++--------------------------+ +Fri Feb 16 03:19:36 UTC 2018 +a/lzip-1.20-x86_64-1.txz: Upgraded. +a/sysvinit-scripts-2.1-noarch-5.txz: Rebuilt. + rc.{6,K}: Use -M option with fuser. Thanks to Markus Wiesner. +l/gtk+3-3.22.28-x86_64-1.txz: Upgraded. +n/irssi-1.1.1-x86_64-1.txz: Upgraded. + This update fixes bugs and security issues. + For more information, see: + https://irssi.org/security/html/irssi_sa_2018_02 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7054 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7053 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7050 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7052 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7051 + (* Security fix *) +n/network-scripts-15.0-noarch-5.txz: Rebuilt. + rc.inet1: set the broadcast address, and flush the ip address from interfaces + when shutting them down. Thanks to Markus Wiesner. + netconfig: don't write hostname to NetworkManager.conf. + Thanks to Andrzej Telszewski. +x/libva-2.1.0-x86_64-1.txz: Upgraded. +x/libva-utils-2.1.0-x86_64-1.txz: Upgraded. +x/mesa-17.3.4-x86_64-1.txz: Upgraded. ++--------------------------+ +Wed Feb 14 19:48:51 UTC 2018 +a/gpm-1.20.7-x86_64-5.txz: Rebuilt. + setup.mouse: fix USB mouse autodection. Thanks to Didier Spaier. +a/kernel-firmware-20180211_6d51311-noarch-1.txz: Upgraded. +a/kernel-generic-4.14.19-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.19-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.19-x86_64-1.txz: Upgraded. +a/lzlib-1.10-x86_64-1.txz: Upgraded. +a/pkgtools-15.0-noarch-2.txz: Rebuilt. + Use tar-1.30. Thanks to gnashley and ruario for the help. + Change .tlz to mean .tar.lz. We never really used the previous definition + (which was tar.lzma), and .lz is a probably a better format than xz or lzma. + Reference: https://www.nongnu.org/lzip/xz_inadequate.html + For xz/lzip based packages, support multithreaded compression/decompression. + Thanks to Erik Jan Tromp for assistance and advice with testing the changes + for lzip and thread support, as well for as getting a bug in lzlib/plzip + fixed upstream. + Support extended attributes and POSIX ACLs in packages. +a/plzip-1.7-x86_64-1.txz: Upgraded. +a/tar-1.30-x86_64-1.txz: Upgraded. +ap/man-db-2.8.1-x86_64-1.txz: Upgraded. + man-db.conf: Don't list /usr/share/man in $MANPATH, since it's a duplicate + link to /usr/man. + man-db.cron: Unset $MANPATH before updating the database for consistent + results even if man-db.cron is manually invoked. + Thanks to GazL. +ap/mariadb-10.2.13-x86_64-1.txz: Upgraded. + This update fixes bugs and security issues. For more information, see: - http://php.net/ChangeLog-5.php#5.6.18 - (* Security fix *) -n/samba-4.3.5-x86_64-1.txz: Upgraded. -n/stunnel-5.30-x86_64-2.txz: Rebuilt. - Allow OpenSSL to use the default key size for DH in generate-stunnel-key.sh. - Thanks to Markus Reichelt. - Recompiled to drop support for OpenSSL SSLv2. -n/wget-1.17.1-x86_64-2.txz: Rebuilt. - Recompiled to drop support for OpenSSL SSLv2. -tcl/expect-5.45-x86_64-1.txz: Upgraded. -tcl/tcl-8.6.5-x86_64-1.txz: Upgraded. -tcl/tk-8.6.5-x86_64-1.txz: Upgraded. -x/xf86-video-intel-git_20160229_d167280-x86_64-1.txz: Upgraded. -x/xrandr-1.5.0-x86_64-1.txz: Upgraded. -xap/vim-gvim-7.4.1424-x86_64-1.txz: Upgraded. -xap/xpdf-3.04-x86_64-2.txz: Rebuilt. + https://mariadb.com/kb/en/mariadb-10213-release-notes/ + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2562 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2622 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2640 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2665 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2668 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2612 + (* Security fix *) +ap/vim-8.0.1519-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.19-x86-1.txz: Upgraded. +d/strace-4.21-x86_64-1.txz: Upgraded. +k/kernel-source-4.14.19-noarch-1.txz: Upgraded. +l/LibRaw-0.18.7-x86_64-1.txz: Upgraded. +l/ffmpeg-3.4.2-x86_64-1.txz: Upgraded. +l/freetype-2.9-x86_64-1.txz: Upgraded. +l/libwebp-0.6.1-x86_64-1.txz: Upgraded. +l/pcre2-10.31-x86_64-1.txz: Upgraded. +l/seamonkey-solibs-2.49.2-x86_64-1.txz: Upgraded. +n/NetworkManager-1.10.4-x86_64-1.txz: Upgraded. +x/libinput-1.10.0-x86_64-1.txz: Upgraded. +xap/seamonkey-2.49.2-x86_64-1.txz: Upgraded. +xap/vim-gvim-8.0.1519-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. - Another attempt to get /sbin/probe to reliably handle nvme partitions. - Thanks to w9cf and Grant Coady. +kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. - Another attempt to get /sbin/probe to reliably handle nvme partitions. - Thanks to w9cf and Grant Coady. -+--------------------------+ -Fri Feb 26 22:54:05 UTC 2016 -a/btrfs-progs-v4.4.1-x86_64-1.txz: Upgraded. -a/kernel-generic-4.4.3-x86_64-1.txz: Upgraded. -a/kernel-huge-4.4.3-x86_64-1.txz: Upgraded. -a/kernel-modules-4.4.3-x86_64-1.txz: Upgraded. -a/sdparm-1.10-x86_64-1.txz: Upgraded. -ap/mariadb-10.0.24-x86_64-1.txz: Upgraded. -d/gdb-7.11-x86_64-1.txz: Upgraded. -d/kernel-headers-4.4.3-x86-1.txz: Upgraded. -k/kernel-source-4.4.3-noarch-1.txz: Upgraded. -kde/kdepimlibs-4.14.10-x86_64-2.txz: Rebuilt. - Recompiled against libical-2.0.0. -l/gtk+3-3.18.8-x86_64-1.txz: Upgraded. -l/libical-2.0.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Fri Feb 9 19:59:54 UTC 2018 +a/e2fsprogs-1.43.9-x86_64-1.txz: Upgraded. +l/ffmpeg-3.4.1-x86_64-4.txz: Rebuilt. + Recompiled against libcdio-2.0.0. +l/gvfs-1.34.2-x86_64-2.txz: Rebuilt. + Recompiled against libcdio-2.0.0. +l/libcddb-1.3.2-x86_64-4.txz: Rebuilt. + Recompiled against libcdio-2.0.0. +l/libcdio-2.0.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. -l/libssh-0.7.3-x86_64-1.txz: Upgraded. - Fixed weak key generation. Due to a bug in the ephemeral secret key - generation for the diffie-hellman-group1 and diffie-hellman-group14 - methods, ephemeral secret keys of size 128 bits are generated, instead - of the recommended sizes of 1024 and 2048 bits, giving a practical - security of 63 bits. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0739 - (* Security fix *) -l/sg3_utils-1.42-x86_64-1.txz: Upgraded. -n/bluez-5.37-x86_64-2.txz: Rebuilt. - Recompiled against libical-2.0.0. -n/libssh2-1.7.0-x86_64-1.txz: Upgraded. - Fixed weak key generation. During the SSHv2 handshake when libssh2 is to - get a suitable value for 'group order' in the Diffle Hellman negotiation, - it would pass in number of bytes to a function that expected number of bits. - This would result in the library generating numbers using only an 8th the - number of random bits than what were intended: 128 or 256 bits instead of - 1023 or 2047. Using such drastically reduced amount of random bits for - Diffie Hellman weakended the handshake security significantly. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0787 - (* Security fix *) -x/mesa-11.1.2-x86_64-1.txz: Upgraded. -xfce/orage-4.12.1-x86_64-3.txz: Rebuilt. - Recompiled against libical-2.0.0. +l/libcdio-paranoia-10.2+0.94+2-x86_64-2.txz: Rebuilt. + Recompiled against libcdio-2.0.0. +tcl/tcl-8.6.8-x86_64-2.txz: Rebuilt. + Recompiled to drop reference to -lieee in tcl.pc. That was just a dummy + library, provided for things that expected it, but removed from glibc-2.27. + Let me know if you spot anything else that needs it, but a quick scan here + didn't turn up anything. +xap/MPlayer-20180208-x86_64-2.txz: Rebuilt. + Recompiled against libcdio-2.0.0. +xap/audacious-plugins-3.9-x86_64-2.txz: Rebuilt. + Recompiled against libcdio-2.0.0. ++--------------------------+ +Fri Feb 9 02:50:56 UTC 2018 +a/dbus-1.12.4-x86_64-1.txz: Upgraded. +a/kernel-generic-4.14.18-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.18-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.18-x86_64-1.txz: Upgraded. +ap/man-db-2.8.0-x86_64-2.txz: Rebuilt. + Fixed ownership of the man2html script. +ap/qpdf-7.1.1-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.18-x86-1.txz: Upgraded. +d/nasm-2.13.03-x86_64-1.txz: Upgraded. +k/kernel-source-4.14.18-noarch-1.txz: Upgraded. +l/mpfr-4.0.1-x86_64-1.txz: Upgraded. +n/samba-4.7.5-x86_64-1.txz: Upgraded. +xap/MPlayer-20180208-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-58.0.2-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Tue Feb 23 19:31:59 UTC 2016 -a/glibc-solibs-2.23-x86_64-1.txz: Upgraded. -a/kernel-generic-4.4.2-x86_64-1.txz: Upgraded. -a/kernel-huge-4.4.2-x86_64-1.txz: Upgraded. -a/kernel-modules-4.4.2-x86_64-1.txz: Upgraded. -a/procps-ng-3.3.10-x86_64-5.txz: Rebuilt. - Restored FROM field in w. Thanks to Stuart Winter. -ap/cups-2.1.3-x86_64-2.txz: Rebuilt. - Corrected CXXFLAGS to fix build for older CPUs. Thanks to ecd102. -ap/mc-4.8.15-x86_64-2.txz: Rebuilt. - Patched to fix displaying man pages. Thanks to DarkVision. -d/kernel-headers-4.4.2-x86-1.txz: Upgraded. -k/kernel-source-4.4.2-noarch-1.txz: Upgraded. - Key .config changes for this kernel update: - CHECKPOINT_RESTORE n -> y - DEBUG_KERNEL n -> y - EXPERT n -> y - NR_CPUS 128 -> 256 - KALLSYMS_ALL y - LIVEPATCH y -l/GConf-3.2.6-x86_64-3.txz: Rebuilt. - Patched "GConf-WARNING **: Client failed to connect to the D-BUS daemon:" - and added a couple other patches from git. Thanks to Robby Workman. -l/alsa-lib-1.1.0-x86_64-3.txz: Rebuilt. - Changed the default /etc/asound.conf.new to use a different configuration - for PulseAudio that is less likely to cause issues than the previous one, - especially on machines where the analog output is not recognized as card 0 - by the BIOS. Thanks to Ryan P.C. McQuen who went above and beyond on this - bug report by convincing upstream to recommend this on their website in - order to convince me to make the change. :-) -l/glibc-2.23-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - Of the security fixes, the most important and well-publicized is the - stack-based buffer overflow in libresolv that could allow specially - crafted DNS responses to seize control of execution flow in the DNS - client (CVE-2015-7547). However, due to a patch applied to Slackware's - glibc back in 2009 (don't use the gethostbyname4() lookup method as it - was causing some cheap routers to misbehave), we were not vulnerable to - that issue. The rest of the fixed security issues are less critical. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8776 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8777 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8778 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8779 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9761 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7547 - (* Security fix *) -l/glibc-i18n-2.23-x86_64-1.txz: Upgraded. -l/glibc-profile-2.23-x86_64-1.txz: Upgraded. -l/libproxy-0.4.12-x86_64-1.txz: Upgraded. -n/bind-9.10.3_P3-x86_64-1.txz: Upgraded. - This release fixes two possible denial-of-service issues: - render_ecs errors were mishandled when printing out a OPT record resulting - in a assertion failure. (CVE-2015-8705) [RT #41397] - Specific APL data could trigger a INSIST. (CVE-2015-8704) [RT #41396] - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8705 - (* Security fix *) -n/libgcrypt-1.6.5-x86_64-1.txz: Upgraded. - Mitigate side-channel attack on ECDH with Weierstrass curves. - For more information, see: - http://www.cs.tau.ac.IL/~tromer/ecdh/ - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7511 - (* Security fix *) -n/nmap-7.01-x86_64-1.txz: Upgraded. -n/ntp-4.2.8p6-x86_64-1.txz: Upgraded. - In addition to bug fixes and enhancements, this release fixes - several low and medium severity vulnerabilities. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5300 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7973 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7974 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7975 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7976 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7977 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7978 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7979 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8138 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8158 - (* Security fix *) -x/xf86-video-amdgpu-1.0.1-x86_64-1.txz: Upgraded. -xap/blueman-2.0.3-x86_64-2.txz: Rebuilt. - Rewrite launcher scripts to use #!/usr/bin/python2.7 rather than - #!/usr/bin/env python. - For details, see: https://github.com/blueman-project/blueman/issues/435 - Thanks to zakame and Robby Workman. -extra/tigervnc/tigervnc-1.6.0-x86_64-1.txz: Upgraded. +Wed Feb 7 04:28:48 UTC 2018 +a/glibc-solibs-2.27-x86_64-1.txz: Upgraded. +a/hdparm-9.54-x86_64-1.txz: Upgraded. +a/kernel-firmware-20180201_2aa2ac2-noarch-1.txz: Upgraded. +a/patch-2.7.6-x86_64-1.txz: Upgraded. +ap/htop-2.1.0-x86_64-1.txz: Upgraded. +ap/man-db-2.8.0-x86_64-1.txz: Upgraded. +d/python-setuptools-38.5.1-x86_64-1.txz: Upgraded. +l/glibc-2.27-x86_64-1.txz: Upgraded. +l/glibc-i18n-2.27-x86_64-1.txz: Upgraded. +l/glibc-profile-2.27-x86_64-1.txz: Upgraded. +l/gvfs-1.34.2-x86_64-1.txz: Upgraded. +l/libgphoto2-2.5.16-x86_64-2.txz: Rebuilt. + Generate rules and hwdb for udev >= 201. Thanks to gmgf. ++--------------------------+ +Mon Feb 5 07:41:10 UTC 2018 +d/clisp-2.49.20180203.ca011c249da5-x86_64-1.txz: Upgraded. +l/imagemagick-6.9.9_34-x86_64-1.txz: Upgraded. +n/crda-3.18-x86_64-5.txz: Rebuilt. + Upgraded to wireless-regdb-2017.12.23. ++--------------------------+ +Sun Feb 4 05:13:27 UTC 2018 +a/btrfs-progs-v4.15-x86_64-1.txz: Upgraded. +a/kernel-generic-4.14.17-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.17-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.17-x86_64-1.txz: Upgraded. +ap/man-pages-4.15-noarch-1.txz: Upgraded. +ap/workbone-2.40-x86_64-4.txz: Removed. + This compiles, but hasn't actually worked in a long time. I think it requires + kernel interfaces that were removed in linux-2.6.x. +d/kernel-headers-4.14.17-x86-1.txz: Upgraded. +d/mercurial-4.5-x86_64-1.txz: Upgraded. +d/python-setuptools-38.4.1-x86_64-1.txz: Upgraded. +k/kernel-source-4.14.17-noarch-1.txz: Upgraded. +l/M2Crypto-0.27.0-x86_64-2.txz: Rebuilt. + Include required typing module. +l/dbus-python-1.2.6-x86_64-1.txz: Upgraded. +l/glib-1.2.10-x86_64-4.txz: Rebuilt. + Patched to fix builds with glib-1.x. +l/gtk+-1.2.10-x86_64-6.txz: Rebuilt. + Patched to fix builds with gtk+-1.x. +l/librsvg-2.42.2-x86_64-1.txz: Upgraded. +l/v4l-utils-1.14.1-x86_64-1.txz: Upgraded. +n/ethtool-4.15-x86_64-1.txz: Upgraded. +n/iptables-1.6.2-x86_64-1.txz: Upgraded. +n/nfs-utils-2.3.1-x86_64-1.txz: Upgraded. +n/nftables-0.8.2-x86_64-1.txz: Upgraded. +n/php-7.2.2-x86_64-1.txz: Upgraded. +n/rpcbind-0.2.4-x86_64-3.txz: Rebuilt. + Move some more configuration to /etc/default/rpc. +x/xterm-331-x86_64-2.txz: Rebuilt. + Add options --enable-regis-graphics and --enable-sixel-graphics. + Thanks to saahriktu. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Sun Feb 14 19:40:04 UTC 2016 -xap/mozilla-thunderbird-38.6.0-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. +Thu Feb 1 18:24:15 UTC 2018 +a/bash-4.4.018-x86_64-1.txz: Upgraded. +a/kernel-generic-4.14.16-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.16-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.16-x86_64-1.txz: Upgraded. +ap/cups-filters-1.20.0-x86_64-1.txz: Upgraded. +ap/mariadb-10.2.12-x86_64-1.txz: Upgraded. +d/gdb-8.1-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.16-x86-1.txz: Upgraded. +d/perl-5.26.1-x86_64-4.txz: Rebuilt. + Removed dangling c2ph symlinks. Thanks to Tim Thomas. + Updated to DBD-mysql-4.044, DBI-1.640, URI-1.73, and libnet-3.11. +k/kernel-source-4.14.16-noarch-1.txz: Upgraded. +l/dbus-glib-0.110-x86_64-1.txz: Upgraded. +l/harfbuzz-1.7.5-x86_64-1.txz: Upgraded. +l/libdvdnav-6.0.0-x86_64-1.txz: Upgraded. +l/libdvdread-6.0.0-x86_64-1.txz: Upgraded. +l/libunwind-1.2.1-x86_64-2.txz: Rebuilt. + Removed dangling .a symlink. Thanks to Tim Thomas. +l/sip-4.19.7-x86_64-1.txz: Upgraded. +n/dhcp-4.4.0-x86_64-1.txz: Upgraded. +n/dovecot-2.3.0-x86_64-1.txz: Upgraded. +n/postfix-3.2.5-x86_64-1.txz: Upgraded. +n/rsync-3.1.3-x86_64-1.txz: Upgraded. + This update fixes two security issues: + Fixed a buffer overrun in the protocol's handling of xattr names and + ensure that the received name is null terminated. + Fix an issue with --protect-args where the user could specify the arg in + the protected-arg list and short-circuit some of the arg-sanitizing code. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16548 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5764 (* Security fix *) +x/libevdev-1.5.8-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Thu Feb 11 21:56:21 UTC 2016 -a/sysvinit-scripts-2.0-noarch-29.txz: Rebuilt. - rc.S: Avoid mounting /dev/shm twice. - Thanks to Andrzej Telszewski and GazL. - rc.6, rc.K: Match 'type nfs ' rather than 'type nfs' to avoid false hits - (and error messages) from matching nfsd pseudo-filesystems. - Thanks to Jonathan Woithe. -ap/hplip-3.16.2-x86_64-1.txz: Upgraded. -ap/htop-2.0.0-x86_64-1.txz: Upgraded. -l/freetype-2.6.3-x86_64-1.txz: Upgraded. -l/libcap-ng-0.7.7-x86_64-1.txz: Added. - This is needed by mount.cifs in order to support making it setuid so that - normal users can mount remote CIFS partitions. And it is expected that - other programs will begin to use it in preference to the older libcap. -n/cifs-utils-6.4-x86_64-2.txz: Rebuilt. - Recompiled against libcap-ng. Now mount.cifs will work for normal users - if setuid root. By default, mount.cifs remains NOT setuid root, though. -x/pixman-0.34.0-x86_64-1.txz: Upgraded. -x/xf86-video-r128-6.10.1-x86_64-1.txz: Upgraded. -x/xorg-server-1.18.1-x86_64-1.txz: Upgraded. -x/xorg-server-xephyr-1.18.1-x86_64-1.txz: Upgraded. -x/xorg-server-xnest-1.18.1-x86_64-1.txz: Upgraded. -x/xorg-server-xvfb-1.18.1-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-44.0.2-x86_64-1.txz: Upgraded. +Mon Jan 29 20:56:56 UTC 2018 +ap/nano-2.9.3-x86_64-1.txz: Upgraded. +n/dhcpcd-7.0.1-x86_64-1.txz: Upgraded. +n/iproute2-4.15.0-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-58.0.1-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html + https://www.mozilla.org/en-US/security/advisories/mfsa2018-05/ + https://www.mozilla.org/security/known-vulnerabilities/firefox.html (* Security fix *) +--------------------------+ -Mon Feb 8 22:08:35 UTC 2016 -a/mkinitrd-1.4.8-x86_64-5.txz: Rebuilt. - Blacklisted rules.d/60-openobex.rules to prevent error messages at boot. - Thanks to Eric Hameleers. -ap/cups-2.1.3-x86_64-1.txz: Upgraded. -ap/ghostscript-9.07-x86_64-3.txz: Rebuilt. - Reverted back to ghostscript-9.07, since any newer version causes the GIMP - ps plugin to crash when attempting to import a .ps or .eps file. Whatever - is causing the problem happened between gs-9.07 and gs-9.09, and is probably - also dependent on the libraries in use and perhaps the compiler, since some - other distributions appear to be using the latest ghostscript without issues. - If anyone can figure it out, hints are welcome. Meanwhile this gets - everything working again. -d/gcc-5.3.0-x86_64-2.txz: Rebuilt. - Patched to fix internal compiler error building Wine. - Thanks to Kirill Smirnov. -d/gcc-g++-5.3.0-x86_64-2.txz: Rebuilt. -d/gcc-gfortran-5.3.0-x86_64-2.txz: Rebuilt. -d/gcc-gnat-5.3.0-x86_64-2.txz: Rebuilt. -d/gcc-go-5.3.0-x86_64-2.txz: Rebuilt. -d/gcc-java-5.3.0-x86_64-2.txz: Rebuilt. -d/gcc-objc-5.3.0-x86_64-2.txz: Rebuilt. -l/libsndfile-1.0.26-x86_64-1.txz: Upgraded. - This release fixes security issues which may allow attackers to cause - a denial of service, or possibly execute arbitrary code. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9496 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9756 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7805 - (* Security fix *) -l/loudmouth-1.5.2-x86_64-1.txz: Upgraded. -n/curl-7.47.1-x86_64-1.txz: Upgraded. - This update fixes a security issue where NTLM credentials are not checked - for proxy connection reuse. The effects of this flaw is that the application - could be reusing a proxy connection using the previously used credentials - and thus it could be given to or prevented access from resources that it - wasn't intended to. Thanks to Isaac Boukris. - For more information, see: - https://curl.haxx.se/docs/adv_20160127A.html - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0755 - (* Security fix *) -n/mcabber-1.0.1-x86_64-1.txz: Upgraded. -n/stunnel-5.30-x86_64-1.txz: Upgraded. -x/xf86-video-intel-git_20160208_8b8c9a3-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-44.0.1-x86_64-1.txz: Upgraded. -extra/wicd/wicd-1.7.4-x86_64-1.txz: Upgraded. -+--------------------------+ -Wed Feb 3 22:39:25 UTC 2016 -Welcome to Slackware 14.2 beta 2. Getting closer. :-) -a/coreutils-8.25-x86_64-1.txz: Upgraded. -a/glibc-zoneinfo-2016a-noarch-1.txz: Upgraded. -a/kernel-firmware-20160201git-noarch-1.txz: Upgraded. -a/kernel-generic-4.4.1-x86_64-1.txz: Upgraded. -a/kernel-huge-4.4.1-x86_64-1.txz: Upgraded. -a/kernel-modules-4.4.1-x86_64-1.txz: Upgraded. -a/lvm2-2.02.141-x86_64-1.txz: Upgraded. -a/openssl-solibs-1.0.2f-x86_64-1.txz: Upgraded. -a/sysvinit-scripts-2.0-noarch-28.txz: Rebuilt. - rc.6: Change command variable to shutdown_command to avoid conflicting with - a same-named variable in rc.networkmanager. Thanks to Antonio Maretzek. - Added new script rc.cpufreq to set CPU frequency scaling. - If executable, it will be run from rc.M. -ap/cups-filters-1.8.1-x86_64-1.txz: Upgraded. -ap/dmidecode-3.0-x86_64-1.txz: Upgraded. -ap/gutenprint-5.2.11-x86_64-2.txz: Rebuilt. - Run cups-genppdupdate after installing. Thanks to Lukasz Wieczorek. -ap/soma-2.10.4-noarch-1.txz: Upgraded. -d/binutils-2.26-x86_64-1.txz: Upgraded. -d/cmake-3.4.3-x86_64-1.txz: Upgraded. -d/kernel-headers-4.4.1-x86-1.txz: Upgraded. -d/mercurial-3.6.3-x86_64-1.txz: Upgraded. -d/oprofile-1.1.0-x86_64-1.txz: Upgraded. -d/python-setuptools-19.6-x86_64-1.txz: Upgraded. -k/kernel-source-4.4.1-noarch-1.txz: Upgraded. - CPU_FREQ_DEFAULT_GOV_ONDEMAND n -> y - CPU_FREQ_DEFAULT_GOV_USERSPACE y -> n - CPU_FREQ_GOV_CONSERVATIVE m -> y - CPU_FREQ_GOV_ONDEMAND m -> y - CPU_FREQ_GOV_PERFORMANCE m -> y - CPU_FREQ_GOV_POWERSAVE m -> y -l/gst-plugins-base-1.6.3-x86_64-1.txz: Upgraded. -l/gst-plugins-good-1.6.3-x86_64-1.txz: Upgraded. -l/gstreamer-1.6.3-x86_64-1.txz: Upgraded. -l/gtk+2-2.24.29-x86_64-2.txz: Rebuilt. - In /usr/share/gtk-2.0/gtkrc, specify Adwaita as the icon theme, and Tango as - a fallback. This fixes icon issues when using fluxbox and other more basic - window managers. Thanks to schmatzler and dTd. -l/gtk+3-3.18.7-x86_64-1.txz: Upgraded. -l/harfbuzz-1.1.3-x86_64-1.txz: Upgraded. -l/librsvg-2.40.13-x86_64-1.txz: Upgraded. -l/pulseaudio-8.0-x86_64-1.txz: Upgraded. - Set "flat-volumes = no" in daemon.conf.new by default. -l/seamonkey-solibs-2.39-x86_64-3.txz: Rebuilt. -n/openssl-1.0.2f-x86_64-1.txz: Upgraded. - This update fixes the following security issues: - DH small subgroups (CVE-2016-0701). - SSLv2 doesn't block disabled ciphers (CVE-2015-3197). - For more information, see: - https://openssl.org/news/secadv/20160128.txt - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3197 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0701 - (* Security fix *) -n/php-5.6.17-x86_64-1.txz: Upgraded. - This release fixes security issues. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1903 - (* Security fix *) -n/proftpd-1.3.5a-x86_64-1.txz: Upgraded. -n/traceroute-2.0.21-x86_64-1.txz: Upgraded. -x/xterm-322-x86_64-1.txz: Upgraded. -xap/MPlayer-1.2_20160125-x86_64-1.txz: Upgraded. - This is the latest MPlayer-1.2 branch, identical to the 1.2.1 stable release. - The bundled ffmpeg has been upgraded to 2.8.5, which fixes two security - issues by which a remote attacker may conduct a cross-origin attack and read - arbitrary files on the system. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1897 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1898 - (* Security fix *) -xap/gparted-0.25.0-x86_64-1.txz: Added. - Thanks to Erik W. Hanson. -xap/hexchat-2.10.2-x86_64-1.txz: Added. - This package replaces xchat. -xap/mozilla-firefox-44.0-x86_64-1.txz: Upgraded. - This compiles properly with -O2 optimization again. +Sun Jan 28 04:44:45 UTC 2018 +a/btrfs-progs-v4.14.1-x86_64-1.txz: Upgraded. +d/binutils-2.30-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +d/oprofile-1.2.0-x86_64-2.txz: Rebuilt. + Recompiled against binutils-2.30. +l/ffmpeg-3.4.1-x86_64-3.txz: Rebuilt. + Recompiled against libvpx-1.7.0. +l/gst-plugins-good-1.12.4-x86_64-3.txz: Rebuilt. + Recompiled against libvpx-1.7.0. +l/libvpx-1.7.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +n/mutt-1.9.3-x86_64-1.txz: Upgraded. +xap/xine-lib-1.2.9-x86_64-1.txz: Upgraded. + Compiled against libvpx-1.7.0. +xap/xine-ui-0.99.10-x86_64-1.txz: Upgraded. ++--------------------------+ +Fri Jan 26 03:46:16 UTC 2018 +a/kernel-firmware-20180118_2a713be-noarch-1.txz: Upgraded. +a/kernel-generic-4.14.15-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.15-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.15-x86_64-1.txz: Upgraded. +ap/itstool-2.0.4-x86_64-2.txz: Rebuilt. + Fixed a memory exhaustion crash bug. Thanks to Stuart Winter. +d/gcc-7.3.0-x86_64-1.txz: Upgraded. + This compiler supports -mindirect-branch=thunk-extern, allowing full + mitigation of Spectre v2 in the kernel (when CONFIG_RETPOLINE is used). +d/gcc-brig-7.3.0-x86_64-1.txz: Upgraded. +d/gcc-g++-7.3.0-x86_64-1.txz: Upgraded. +d/gcc-gfortran-7.3.0-x86_64-1.txz: Upgraded. +d/gcc-gnat-7.3.0-x86_64-1.txz: Upgraded. +d/gcc-go-7.3.0-x86_64-1.txz: Upgraded. +d/gcc-objc-7.3.0-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.15-x86-1.txz: Upgraded. +k/kernel-source-4.14.15-noarch-1.txz: Upgraded. + .config changes (thanks to ivandi): + -CIFS_DEBUG2 n + -CIFS_DEBUG_DUMP_KEYS n + CIFS_DEBUG y -> n + CIFS_UPCALL n -> y + CIFS_XATTR n -> y + NFS_V4_1 n -> y + +CIFS_ACL y + +CIFS_POSIX y + +NFS_V4_1_IMPLEMENTATION_ID_DOMAIN "kernel.org" + +NFS_V4_1_MIGRATION n + +NFS_V4_2 n + +PNFS_BLOCK y + +PNFS_FILE_LAYOUT y + +PNFS_FLEXFILE_LAYOUT m + +SUNRPC_BACKCHANNEL y +n/curl-7.58.0-x86_64-2.txz: Rebuilt. + Recompiled using --with-libssh2, which is evidently no longer a default + option. Thanks to Markus Wiesner. +xap/mozilla-thunderbird-52.6.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html - (* Security fix *) -xap/pidgin-2.10.12-x86_64-1.txz: Upgraded. -xap/seamonkey-2.39-x86_64-3.txz: Rebuilt. - Recompiled with -Os optimization to fix random crashes. -xap/xchat-2.8.8-x86_64-11.txz: Removed. -xap/xine-lib-1.2.6-x86_64-7.txz: Rebuilt. - Rebuilt against ffmpeg-2.8.5, which fixes two security issues by which a - remote attacker may conduct a cross-origin attack and read arbitrary files - on the system. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1897 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1898 + https://www.mozilla.org/en-US/thunderbird/52.6.0/releasenotes/ (* Security fix *) isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Sun Jan 17 07:24:08 UTC 2016 -a/sysvinit-scripts-2.0-noarch-27.txz: Upgraded. - rc.M: If rc.pulseaudio is executable, run it (not recommended though). -ap/alsa-utils-1.1.0-x86_64-3.txz: Rebuilt. - On a fresh system, install rc.alsa as executable. It's apparently still - useful for loading some mixer defaults even when PulseAudio is used. -ap/cups-filters-1.6.0-x86_64-1.txz: Upgraded. -ap/gutenprint-5.2.11-x86_64-1.txz: Upgraded. -ap/lxc-1.1.5-x86_64-2.txz: Rebuilt. - Fixed failed rc.M patch with lxc-create, and rebased against recent scripts. - Thanks to Jakub Jankowski. -ap/mpg123-1.22.4-x86_64-3.txz: Rebuilt. - Don't depend on libpulsecommon-7.1. -ap/sox-14.4.2-x86_64-3.txz: Rebuilt. - Don't depend on libpulsecommon-7.1. -d/llvm-3.7.1-x86_64-1.txz: Upgraded. -kde/calligra-2.9.10-x86_64-1.txz: Upgraded. -kdei/calligra-l10n-bs-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ca-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ca@valencia-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-cs-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-da-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-de-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-el-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-en_GB-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-es-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-et-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-fi-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-fr-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-gl-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-hu-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-it-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ja-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-kk-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-nb-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-nl-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pl-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pt-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pt_BR-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ru-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-sk-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-sv-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-tr-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-uk-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-zh_CN-2.9.10-noarch-1.txz: Upgraded. -kdei/calligra-l10n-zh_TW-2.9.10-noarch-1.txz: Upgraded. -l/a52dec-0.7.4-x86_64-2.txz: Rebuilt. - Include a52_internal.h header. Thanks to Johannes Schöpfer. -l/alsa-plugins-1.1.0-x86_64-2.txz: Rebuilt. - Don't depend on libpulsecommon-7.1. -l/libao-1.2.0-x86_64-3.txz: Rebuilt. - Don't depend on libpulsecommon-7.1. -l/libcanberra-0.30-x86_64-5.txz: Rebuilt. - Don't depend on libpulsecommon-7.1. -l/poppler-0.40.0-x86_64-1.txz: Upgraded. -l/pulseaudio-7.1-x86_64-2.txz: Rebuilt. - Removed .la files to avoid linking things to libpulsecommon-7.1. - Thanks to chrisVV. - If autospawn is off, start the daemon manually in start-pulseaudio-x11. - And yes, if you're allergic to PulseAudio that means you might also need to - disable /etc/xdg/autostart/pulseaudio.desktop... -n/NetworkManager-1.0.10-x86_64-3.txz: Rebuilt. - Fixed build script to properly apply the patches. - Thanks to K4rolis and rworkman. -n/bluez-hcidump-2.5-x86_64-1.txz: Removed. - hcidump is included in the main bluez package. - Thanks to Audrius Kazukauskas. -x/mesa-11.1.1-x86_64-1.txz: Upgraded. -x/xf86-input-vmmouse-13.1.0-x86_64-4.txz: Rebuilt. - Put udev rules in correct directory. Thanks to chrisVV. -x/xf86-video-vmware-13.1.0-x86_64-6.txz: Rebuilt. -xfce/tumbler-0.1.31-x86_64-4.txz: Rebuilt. -+--------------------------+ -Fri Jan 15 02:29:54 UTC 2016 -l/gtkmm2-2.24.4-x86_64-1.txz: Added. -n/openssh-7.1p2-x86_64-1.txz: Upgraded. - This update fixes an information leak and a buffer overflow. In particular, - the information leak allows a malicious SSH server to steal the client's - private keys. Thanks to Qualys for reporting this issue. - For more information, see: - https://www.qualys.com/2016/01/14/cve-2016-0777-cve-2016-0778/openssh-cve-2016-0777-cve-2016-0778.txt - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778 - (* Security fix *) -+--------------------------+ -Wed Jan 13 00:01:23 UTC 2016 -Hey folks, happy new year! -After upgrading to BlueZ 5 recently, everything seemed to be working great, -but then it was pointed out that Bluetooth audio was no longer working. -The reason was that the newer BlueZ branch had dropped ALSA support and now -required PulseAudio. So with some trepidation, we began investigating adding -PulseAudio to Slackware. Going back to BlueZ 4 wasn't an option with various -dependent projects either having dropped support for it, or considering doing -so. After several iterations here refining the foundation packages and -recompiling and tweaking other packages to use PulseAudio, it's working well -and you'll likely not notice much of a change. But if you're using Bluetooth -audio, or needing to direct audio through HDMI, you'll probably find it a lot -easier to accomplish that. -Best of all, we're finally a modern, relevant Linux distro! ;-) -Thanks to Mario Preksavec, Heinz Wiesinger, and Robby Workman for a lot of -help and testing. Bug reports, complaints, and threats can go to me. -Also, enjoy a shiny new LTS 4.4.0 kernel and consider this 14.2 beta 1. -a/apmd-3.2.2-x86_64-3.txz: Removed. - APM is no longer used in the shipped kernels, xapm was broken, and - it no longer compiles. It's time to remove it. -a/etc-14.2-x86_64-5.txz: Rebuilt. - Added user (pulse) and group (pulse) for PulseAudio. - Added pulse user to the audio group. -a/eudev-3.1.5-x86_64-8.txz: Rebuilt. - Blacklisted new watchdog modules (bcm7038_wdt, max63xx_wdt). -a/kernel-generic-4.4-x86_64-1.txz: Upgraded. -a/kernel-huge-4.4-x86_64-1.txz: Upgraded. -a/kernel-modules-4.4-x86_64-1.txz: Upgraded. -a/sysvinit-scripts-2.0-noarch-26.txz: Rebuilt. - rc.M: Don't try to start apmd. -ap/alsa-utils-1.1.0-x86_64-2.txz: Rebuilt. - Change perms on /etc/rc.d/rc.alsa to 644. -ap/ghostscript-9.18-x86_64-2.txz: Rebuilt. - Applied upstream patch to fix missing gerrors.h. -ap/mpg123-1.22.4-x86_64-2.txz: Rebuilt. - Add support for PulseAudio and use it for output by default. -ap/pamixer-1.3.1-x86_64-1.txz: Added. - A command-line mixer for PulseAudio. -ap/sox-14.4.2-x86_64-2.txz: Rebuilt. -d/kernel-headers-4.4-x86-1.txz: Upgraded. -d/perl-5.22.0-x86_64-2.txz: Rebuilt. - Added TermReadKey for MariaDB's mytop. Thanks to Larry Hajali. - Removed dangling s2p symlinks. Thanks to DarkVision. -k/kernel-source-4.4-noarch-1.txz: Upgraded. -kde/kde-runtime-4.14.3-x86_64-3.txz: Rebuilt. -kde/kmix-4.14.3-x86_64-3.txz: Rebuilt. -l/alsa-lib-1.1.0-x86_64-2.txz: Rebuilt. - Added a default /etc/asound.conf redirecting ALSA output to PulseAudio. -l/alsa-plugins-1.1.0-x86_64-1.txz: Added. - This provides a plugin to redirect ALSA output to PulseAudio. -l/atkmm-2.24.2-x86_64-1.txz: Added. -l/cairomm-1.12.0-x86_64-1.txz: Added. -l/glibmm-2.46.3-x86_64-1.txz: Added. -l/gst-plugins-good-1.6.2-x86_64-2.txz: Rebuilt. -l/gst-plugins-good0-0.10.31-x86_64-2.txz: Rebuilt. -l/gtkmm3-3.18.0-x86_64-1.txz: Added. -l/json-c-0.12-x86_64-1.txz: Added. - This is needed by PulseAudio. -l/keybinder-0.3.1-x86_64-1.txz: Upgraded. - Add support for GTK+3, which is needed by xfce4-pulseaudio-plugin to grab - multimedia keys. -l/libao-1.2.0-x86_64-2.txz: Rebuilt. -l/libasyncns-0.8-x86_64-1.txz: Added. - This is needed by PulseAudio. -l/libcanberra-0.30-x86_64-4.txz: Rebuilt. -l/libsigc++-2.6.2-x86_64-1.txz: Added. -l/pangomm-2.38.1-x86_64-1.txz: Added. -l/phonon-4.8.3-x86_64-2.txz: Rebuilt. -l/pulseaudio-7.1-x86_64-1.txz: Added. -l/qt-4.8.7-x86_64-3.txz: Rebuilt. - Make sure that .pc and .la files use $LIBDIRSUFFIX in the X11 library path. - Thanks to Dhaby Xiloj. -l/sdl-1.2.15-x86_64-3.txz: Rebuilt. -l/seamonkey-solibs-2.39-x86_64-2.txz: Rebuilt. -l/speexdsp-1.2rc3-x86_64-1.txz: Added. - This is needed by PulseAudio. -l/xapian-core-1.2.22-x86_64-1.txz: Upgraded. -n/NetworkManager-1.0.10-x86_64-2.txz: Rebuilt. - Added patches from the upstream stable git branch. - Added back the pm-utils hook. - Thanks to Robby Workman. -n/bluez-5.37-x86_64-1.txz: Upgraded. -n/dhcp-4.3.3_P1-x86_64-1.txz: Upgraded. - This update fixes a denial-of-service vulnerability. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8605 - (* Security fix *) -n/dirmngr-1.1.1-x86_64-3.txz: Rebuilt. - Patched to fix problems when using libgcrypt-1.6.x. Thanks to xflow7. -n/inetd-1.79s-x86_64-9.txz: Rebuilt. - Patched segfault of daytime. Thanks to tfonz. -x/libdrm-2.4.66-x86_64-1.txz: Upgraded. -x/xf86-input-evdev-2.10.1-x86_64-1.txz: Upgraded. -x/xf86-video-amdgpu-1.0.0-x86_64-1.txz: Added. -x/xf86-video-modesetting-0.9.0-x86_64-5.txz: Removed. - This driver has been incorporated into the xorg-server package. - Thanks to ReaperX. -x/xorg-cf-files-1.0.6-x86_64-2.txz: Rebuilt. - Don't use noarch. Thanks to DarkVision. -xap/MPlayer-20150721-x86_64-4.txz: Rebuilt. -xap/audacious-3.7.1-x86_64-1.txz: Upgraded. -xap/audacious-plugins-3.7.1-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-43.0.4-x86_64-1.txz: Upgraded. -xap/mozilla-thunderbird-38.5.1-x86_64-1.txz: Upgraded. -xap/pavucontrol-3.0-x86_64-1.txz: Added. - A mixer for PulseAudio. Requires the GTKmm stack. -xap/seamonkey-2.39-x86_64-2.txz: Rebuilt. -xap/xine-lib-1.2.6-x86_64-6.txz: Rebuilt. -xfce/Thunar-1.6.10-x86_64-3.txz: Rebuilt. - Fix some crashes that occur with file moves. - Thanks to Jean-Philippe Guillemin. -xfce/xfce4-mixer-4.10.0-x86_64-2.txz: Removed. - Replaced by xfce4-pulseaudio-plugin. -xfce/xfce4-power-manager-1.4.4-x86_64-3.txz: Rebuilt. - Don't include NetworkManager; let pm-utils handle it. - Thanks to Robby Workman. -xfce/xfce4-pulseaudio-plugin-0.2.4-x86_64-1.txz: Added. - This replaces xfce4-mixer and xfce4-volumed. -xfce/xfce4-volumed-0.1.13-x86_64-3.txz: Removed. - Replaced by xfce4-pulseaudio-plugin. -extra/bash-completion/bash-completion-2.1-noarch-4.txz: Rebuilt. - Corrected information in slack-desc. Thanks to Arkadiusz Drabczyk. +Thu Jan 25 02:24:04 UTC 2018 +l/system-config-printer-1.5.11-x86_64-1.txz: Upgraded. +n/curl-7.58.0-x86_64-1.txz: Upgraded. + This update fixes security issues: + HTTP authentication leak in redirects + HTTP/2 trailer out-of-bounds read + For more information, see: + https://curl.haxx.se/docs/adv_2018-b3bf.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007 + https://curl.haxx.se/docs/adv_2018-824a.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000005 + (* Security fix *) +x/libwacom-0.27-x86_64-1.txz: Upgraded. +x/xf86-input-wacom-0.36.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Wed Jan 24 04:21:44 UTC 2018 +a/glibc-zoneinfo-2018c-noarch-1.txz: Upgraded. +ap/sqlite-3.22.0-x86_64-1.txz: Upgraded. +d/python-setuptools-38.4.0-x86_64-1.txz: Upgraded. +l/librsvg-2.42.1-x86_64-1.txz: Upgraded. +l/python-certifi-2018.1.18-x86_64-1.txz: Upgraded. ++--------------------------+ +Mon Jan 22 22:47:47 UTC 2018 +a/aaa_elflibs-14.2-x86_64-34.txz: Rebuilt. +d/git-2.16.1-x86_64-1.txz: Upgraded. +n/ModemManager-1.6.12-x86_64-1.txz: Upgraded. +n/libmbim-1.16.0-x86_64-1.txz: Upgraded. +n/libqmi-1.20.0-x86_64-1.txz: Upgraded. +n/wget-1.19.4-x86_64-1.txz: Upgraded. + More bug fixes: + A major bug that caused GZip'ed pages to never be decompressed has been fixed + Support for Content-Encoding and Transfer-Encoding have been marked as + experimental and disabled by default ++--------------------------+ +Sat Jan 20 16:00:51 UTC 2018 +d/cmake-3.10.2-x86_64-1.txz: Upgraded. +d/git-2.16.0-x86_64-1.txz: Upgraded. +d/rust-1.23.0-x86_64-1.txz: Upgraded. +n/wget-1.19.3-x86_64-1.txz: Upgraded. + This update fixes various non-security bugs, including this one: + Prevent erroneous decompression of .gz and .tgz files with broken servers. +x/mesa-17.3.3-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-58.0-x86_64-1.txz: Upgraded. + Thanks to Matteo Bernardini for the build script update to use mach. ++--------------------------+ +Fri Jan 19 00:08:31 UTC 2018 +ap/sudo-1.8.22-x86_64-1.txz: Upgraded. +l/glib2-2.54.3-x86_64-2.txz: Rebuilt. + Applied upstream patch from git (94b38beff, gmain: Partial revert of recent + wakeup changes to gmain.c) to address CPU usage issues with LibreOffice. ++--------------------------+ +Wed Jan 17 21:36:23 UTC 2018 +a/aaa_elflibs-14.2-x86_64-33.txz: Rebuilt. +a/kernel-generic-4.14.14-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.14-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.14-x86_64-1.txz: Upgraded. +ap/rpm-4.14.1-x86_64-1.txz: Upgraded. +ap/sysstat-11.6.2-x86_64-1.txz: Upgraded. +ap/vim-8.0.1428-x86_64-1.txz: Upgraded. +d/gcc-7.2.0-x86_64-2.txz: Rebuilt. + Recompiled against mpfr-4.0.0. +d/gcc-brig-7.2.0-x86_64-2.txz: Rebuilt. + Recompiled against mpfr-4.0.0. +d/gcc-g++-7.2.0-x86_64-2.txz: Rebuilt. + Recompiled against mpfr-4.0.0. +d/gcc-gfortran-7.2.0-x86_64-2.txz: Rebuilt. + Recompiled against mpfr-4.0.0. +d/gcc-gnat-7.2.0-x86_64-2.txz: Rebuilt. + Recompiled against mpfr-4.0.0. +d/gcc-go-7.2.0-x86_64-2.txz: Rebuilt. + Recompiled against mpfr-4.0.0. +d/gcc-objc-7.2.0-x86_64-2.txz: Rebuilt. + Recompiled against mpfr-4.0.0. +d/kernel-headers-4.14.14-x86-1.txz: Upgraded. +k/kernel-source-4.14.14-noarch-1.txz: Upgraded. +l/libsigsegv-2.12-x86_64-1.txz: Upgraded. +l/libtasn1-4.13-x86_64-1.txz: Upgraded. +l/libunwind-1.2.1-x86_64-1.txz: Added. + The latest intel-gpu-tools requires this library. +l/mpfr-4.0.0-x86_64-2.txz: Rebuilt. + Removed static libmpfr.a library. I'm not sure why that was there, but it + probably wouldn't have worked anyway without a static libgmp.a to go with it. +l/redland-1.0.17-x86_64-3.txz: Rebuilt. + Removed librdf.la that was still referencing the removed mpfr.la file. + Thanks to Matteo Bernardini. +l/talloc-2.1.11-x86_64-1.txz: Upgraded. +n/bind-9.11.2_P1-x86_64-1.txz: Upgraded. + This update fixes a high severity security issue: + Improper sequencing during cleanup can lead to a use-after-free error, + triggering an assertion failure and crash in named. + For more information, see: + https://kb.isc.org/article/AA-01542 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3145 + (* Security fix *) +n/irssi-1.1.0-x86_64-1.txz: Upgraded. +n/nftables-0.8.1-x86_64-1.txz: Upgraded. +t/texlive-2017.171108-x86_64-3.txz: Rebuilt. + Recompiled against mpfr-4.0.0. +x/intel-gpu-tools-1.21-x86_64-1.txz: Upgraded. +xap/vim-gvim-8.0.1428-x86_64-1.txz: Upgraded. + Cleaned up the gvim.desktop file. Thanks to Didier Spaier. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. -pasture/apmd-3.2.2-x86_64-3.txz: Moved to /pasture. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Tue Dec 29 04:45:53 UTC 2015 -a/aaa_base-14.2-x86_64-1.txz: Upgraded. - Removed obsolete /var/rwho symlink. Thanks to yars. - Bumped version to 14.2. -a/glibc-solibs-2.22-x86_64-4.txz: Rebuilt. -a/quota-4.03-x86_64-1.txz: Upgraded. -l/glibc-2.22-x86_64-4.txz: Rebuilt. - Removed /usr/include/rpcsvc/rquota.{h,x}, as these are provided by the - quota package. Thanks to BrZ. -l/glibc-i18n-2.22-x86_64-4.txz: Rebuilt. -l/glibc-profile-2.22-x86_64-4.txz: Rebuilt. -l/pycurl-7.19.5.3-x86_64-2.txz: Rebuilt. - Added --with-ssl to use libssl. Thanks to walecha. -xap/mozilla-firefox-43.0.3-x86_64-1.txz: Upgraded. -+--------------------------+ -Thu Dec 24 20:49:54 UTC 2015 -isolinux/initrd.img: Rebuilt. - Patched /sbin/probe to handle nvme partitions. Thanks to Didier Spaier. -usb-and-pxe-installers/usbboot.img: Rebuilt. - Patched /sbin/probe to handle nvme partitions. Thanks to Didier Spaier. -+--------------------------+ -Wed Dec 23 22:44:58 UTC 2015 -a/lvm2-2.02.138-x86_64-1.txz: Upgraded. -ap/ghostscript-9.18-x86_64-1.txz: Upgraded. -ap/lsof-4.89-x86_64-1.txz: Upgraded. -l/pycups-1.9.73-x86_64-1.txz: Upgraded. -l/pycurl-7.19.5.3-x86_64-1.txz: Upgraded. -n/NetworkManager-1.0.10-x86_64-1.txz: Upgraded. -n/curl-7.46.0-x86_64-1.txz: Upgraded. -n/links-2.12-x86_64-1.txz: Upgraded. -n/obexfs-0.12-x86_64-1.txz: Removed. - This functionality is now included in the obexftp package. -n/obexftp-0.24-x86_64-1.txz: Upgraded. - Thanks to Robby Workman. -n/openobex-1.7.1-x86_64-1.txz: Upgraded. - Thanks to Robby Workman. -n/rsync-3.1.2-x86_64-1.txz: Upgraded. -x/libXi-1.7.6-x86_64-1.txz: Upgraded. -x/pixman-0.33.6-x86_64-1.txz: Upgraded. -x/xorg-cf-files-1.0.6-noarch-1.txz: Upgraded. -xap/mozilla-firefox-43.0.2-x86_64-2.txz: Rebuilt. - Compile with -Os instead of -O2 to work around crash issues. - Recent betas are working fine with -O2, so we'll probably be - able to switch back to that again soon. Thanks to j_v. -xap/mozilla-thunderbird-38.5.0-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html - (* Security fix *) -xap/network-manager-applet-1.0.10-x86_64-1.txz: Upgraded. -+--------------------------+ -Wed Dec 23 05:20:09 UTC 2015 -a/glibc-solibs-2.22-x86_64-3.txz: Rebuilt. -a/sharutils-4.15.2-x86_64-1.txz: Upgraded. -ap/cups-filters-1.5.0-x86_64-1.txz: Upgraded. -ap/libx86-1.1-x86_64-2.txz: Rebuilt. - Add a pkgconfig file. -ap/rpm-4.12.0.1-x86_64-1.txz: Upgraded. -ap/vbetool-1.2.2-x86_64-1.txz: Upgraded. -d/Cython-0.23.4-x86_64-1.txz: Added. - Cython is required to build blueman. -kde/bluedevil-2.1.1-x86_64-3.txz: Rebuilt. -l/M2Crypto-0.22.5-x86_64-1.txz: Upgraded. -l/djvulibre-3.5.27-x86_64-1.txz: Upgraded. -l/fuse-2.9.4-x86_64-1.txz: Upgraded. -l/glibc-2.22-x86_64-3.txz: Rebuilt. - Fixed empty /etc/nscd.conf.new. Thanks to Jakub Jankowski. -l/glibc-i18n-2.22-x86_64-3.txz: Rebuilt. -l/glibc-profile-2.22-x86_64-3.txz: Rebuilt. -l/libcroco-0.6.11-x86_64-1.txz: Upgraded. -l/libssh-0.7.2-x86_64-1.txz: Upgraded. -l/libxml2-2.9.3-x86_64-1.txz: Upgraded. -l/loudmouth-1.5.1-x86_64-1.txz: Upgraded. -l/sbc-1.3-x86_64-1.txz: Added. - Sub Band Codec is an audio library for bluetooth. -n/ModemManager-1.4.12-x86_64-1.txz: Upgraded. -n/NetworkManager-1.0.8-x86_64-2.txz: Rebuilt. - Removed obsolete 55NetworkManager script. -n/bluez-5.36-x86_64-1.txz: Upgraded. - Thanks to Dugan Chen and Robby Workman. -n/cifs-utils-6.4-x86_64-1.txz: Upgraded. -n/libtirpc-1.0.1-x86_64-2.txz: Rebuilt. - Fixed typo in slack-desc. Thanks to Ricardo Nabinger Sanchez. -n/mcabber-1.0.0-x86_64-1.txz: Upgraded. -n/nfs-utils-1.3.3-x86_64-1.txz: Upgraded. -n/obex-data-server-0.4.6-x86_64-3.txz: Removed. -n/openvpn-2.3.9-x86_64-1.txz: Upgraded. -x/mesa-11.0.8-x86_64-1.txz: Upgraded. -xap/blueman-2.0.3-x86_64-1.txz: Upgraded. +Mon Jan 15 23:13:01 UTC 2018 +a/gawk-4.2.0-x86_64-3.txz: Rebuilt. + Recompiled against mpfr-4.0.0. +a/hdparm-9.53-x86_64-1.txz: Upgraded. +a/kernel-generic-4.14.13-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.13-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.13-x86_64-1.txz: Upgraded. +a/kmod-25-x86_64-1.txz: Upgraded. +ap/cups-filters-1.19.0-x86_64-1.txz: Upgraded. +ap/man-db-2.7.6.1-x86_64-2.txz: Rebuilt. + Include Thomas Dickey's man2html script. + Thanks to Robby Workman, and to Willy Sudiarto Raharjo for the bug report. +d/doxygen-1.8.14-x86_64-1.txz: Upgraded. + Compiled against xapian-core-1.4.5. + Build script updated for CMake. Thanks to Robby Workman. +d/kernel-headers-4.14.13-x86-1.txz: Upgraded. +k/kernel-source-4.14.13-noarch-1.txz: Upgraded. +kde/baloo-4.14.3-x86_64-3.txz: Rebuilt. + Recompiled against xapian-core-1.4.5. +l/glib2-2.54.3-x86_64-1.txz: Upgraded. +l/gtk+2-2.24.32-x86_64-1.txz: Upgraded. +l/gvfs-1.34.1-x86_64-3.txz: Rebuilt. + Applied upstream bugfix patches from git: + Fix a bug in gvfs<-->udev interaction + Fix reads past EOF on Android devices + Fix crashes on recent file changes + Fix relative trash paths Thanks to Robby Workman. - This update fixes a local privilege escalation vulnerability. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8612 - (* Security fix *) -xap/mozilla-firefox-43.0.2-x86_64-1.txz: Upgraded. +l/libmpc-1.1.0-x86_64-1.txz: Upgraded. + Compiled against mpfr-4.0.0. +l/librsvg-2.42.0-x86_64-1.txz: Upgraded. +l/libsoup-2.60.3-x86_64-1.txz: Upgraded. +l/libzip-1.4.0-x86_64-1.txz: Upgraded. +l/mpfr-4.0.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/rasqal-0.9.33-x86_64-2.txz: Rebuilt. + Recompiled against mpfr-4.0.0. +l/xapian-core-1.4.5-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +n/ca-certificates-20170717-noarch-1.txz: Upgraded. +n/ipset-6.35-x86_64-1.txz: Upgraded. +n/iw-4.14-x86_64-1.txz: Upgraded. +n/libnftnl-1.0.9-x86_64-1.txz: Upgraded. +n/tin-2.4.2-x86_64-1.txz: Upgraded. +x/mesa-17.3.2-x86_64-1.txz: Upgraded. +xap/geeqie-1.4-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. - Fixed NFS install. Thanks to Stuart Winter. - Added nvme and sdhci-acpi kernel modules. +kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. - Fixed NFS install. Thanks to Stuart Winter. - Added nvme and sdhci-acpi kernel modules. -+--------------------------+ -Fri Dec 18 05:28:25 UTC 2015 -a/aaa_elflibs-14.2-x86_64-9.txz: Rebuilt. - Added libstdc++.so.5.0.7. Thanks to schmatzler. -a/glibc-solibs-2.22-x86_64-2.txz: Rebuilt. -a/glibc-zoneinfo-2015g-noarch-2.txz: Rebuilt. - This is now built independently from glibc. - Don't list posix/ and right/ zones in the timeconfig menu. - Hardlink more files in /usr/share/zoneinfo/posix/ to save space. - Fix a bug in timeconfig when the zone selection in text mode is left empty. - Thanks to Xsane for the suggestions... I used some of them. :) But, - in my opinion, listing only the canonical timezone names in zone1970.tab - goes a bit too far. Many of the non-canonical names are commonly used - (such as US/Central vs. America/Chicago). -a/grub-2.00-x86_64-3.txz: Rebuilt. - Patched bug where password protection during system startup may be - bypassed by hitting the backspace key 28 times giving a rescue shell. - Thanks to Hector Marco and Ismael Ripoll. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8370 - (* Security fix *) -a/mcelog-128-x86_64-1.txz: Upgraded. -a/os-prober-1.70-x86_64-1.txz: Upgraded. -a/pcmciautils-018-x86_64-1.txz: Upgraded. -a/sdparm-1.09-x86_64-1.txz: Upgraded. -a/usbutils-008-x86_64-1.txz: Upgraded. -ap/joe-4.1-x86_64-1.txz: Upgraded. -ap/mpg123-1.22.4-x86_64-1.txz: Upgraded. -l/M2Crypto-0.22.3-x86_64-1.txz: Upgraded. -l/glibc-2.22-x86_64-2.txz: Rebuilt. - Don't include a copy of the timezone database or timeconfig script. - Only ship locale files for C, POSIX, and en_US in the main package. -l/glibc-i18n-2.22-x86_64-2.txz: Rebuilt. - Add a C.UTF-8 locale. -l/glibc-profile-2.22-x86_64-2.txz: Rebuilt. -l/keyutils-1.5.9-x86_64-1.txz: Upgraded. -l/sg3_utils-1.41-x86_64-1.txz: Upgraded. -n/gnupg2-2.0.29-x86_64-1.txz: Upgraded. -n/gpa-0.9.9-x86_64-1.txz: Upgraded. -n/gpgme-1.6.0-x86_64-1.txz: Upgraded. -n/libassuan-2.4.2-x86_64-1.txz: Upgraded. -n/libgcrypt-1.6.4-x86_64-1.txz: Upgraded. -n/libgpg-error-1.21-x86_64-1.txz: Upgraded. -n/libksba-1.3.3-x86_64-1.txz: Upgraded. -n/pinentry-0.9.7-x86_64-1.txz: Upgraded. -n/ulogd-2.0.5-x86_64-1.txz: Upgraded. -extra/bash-completion/bash-completion-2.1-noarch-3.txz: Rebuilt. - Create /etc/bash_completion.d/ in the bash-completion package. - Thanks to Robby Workman. +--------------------------+ -Wed Dec 16 07:03:12 UTC 2015 -ap/slackpkg-2.82.0-noarch-16.txz: Rebuilt. - Bugfix for a syntax error in core-functions.sh. -+--------------------------+ -Wed Dec 16 04:21:07 UTC 2015 -a/aaa_elflibs-14.2-x86_64-8.txz: Rebuilt. -a/kernel-firmware-20151215git-noarch-1.txz: Upgraded. -a/kernel-generic-4.1.15-x86_64-1.txz: Upgraded. -a/kernel-huge-4.1.15-x86_64-1.txz: Upgraded. -a/kernel-modules-4.1.15-x86_64-1.txz: Upgraded. -a/lrzip-0.621-x86_64-1.txz: Upgraded. -a/lvm2-2.02.137-x86_64-1.txz: Upgraded. -a/ncompress-4.2.4.4-x86_64-1.txz: Upgraded. -a/openssl-solibs-1.0.2e-x86_64-1.txz: Upgraded. -a/patch-2.7.5-x86_64-1.txz: Upgraded. -a/sysklogd-1.5.1-x86_64-1.txz: Upgraded. - rc.syslog: Don't run klogd in a container. -a/sysvinit-scripts-2.0-noarch-25.txz: Rebuilt. - rc.modules: New simplfied module dep script. - NOTE: This will be installed as /etc/rc.d/rc.modules.new by default. - To use it, remove the existing rc.modules symlink and move the new - file into place. - rc.modules.local: New local module loading script. - Thanks to GazL and rworkman for helping clean out the rc.modules cruft. - rc.S: If executable, start rc.cgmanager. - rc.6: If executable, stop rc.cgmanager. -a/tree-1.7.0-x86_64-1.txz: Upgraded. -a/usb_modeswitch-2.2.6-x86_64-1.txz: Upgraded. -a/utempter-1.1.6-x86_64-1.txz: Upgraded. -a/util-linux-2.27.1-x86_64-1.txz: Upgraded. -a/which-2.21-x86_64-1.txz: Upgraded. -a/xfsprogs-4.3.0-x86_64-1.txz: Upgraded. -ap/cgmanager-0.39-x86_64-1.txz: Upgraded. - Thanks to Matteo Bernardini and Robby Workman. -ap/cups-2.1.2-x86_64-1.txz: Upgraded. -ap/cups-filters-1.4.0-x86_64-1.txz: Upgraded. - foomatic-rip: SECURITY FIX: Also consider the back tick ('`') as an illegal - shell escape character. - Thanks to Michal Kowalczyk from the Google Security Team for the hint. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8327 - (* Security fix *) -ap/man-pages-4.03-noarch-1.txz: Upgraded. -ap/nano-2.5.0-x86_64-1.txz: Upgraded. -ap/qpdf-6.0.0-x86_64-1.txz: Upgraded. - Shared library .so-version bump. -ap/slackpkg-2.82.0-noarch-15.txz: Rebuilt. - Don't blacklist aaa_elflibs. Upgrade it right after glibc-solibs. - Suggest http://mirrors.slackware.com rather than ftp (which won't redirect). - Prompt to restart the upgrade process if slackpkg is upgraded. - Thanks to Robby Workman. -ap/terminus-font-4.40-noarch-1.txz: Upgraded. -ap/xfsdump-3.1.6-x86_64-1.txz: Upgraded. -d/cmake-3.4.1-x86_64-1.txz: Upgraded. -d/flex-2.6.0-x86_64-1.txz: Upgraded. -d/gcc-5.3.0-x86_64-1.txz: Upgraded. -d/gcc-g++-5.3.0-x86_64-1.txz: Upgraded. -d/gcc-gfortran-5.3.0-x86_64-1.txz: Upgraded. -d/gcc-gnat-5.3.0-x86_64-1.txz: Upgraded. -d/gcc-go-5.3.0-x86_64-1.txz: Upgraded. -d/gcc-java-5.3.0-x86_64-1.txz: Upgraded. -d/gcc-objc-5.3.0-x86_64-1.txz: Upgraded. -d/gdb-7.10.1-x86_64-1.txz: Upgraded. -d/git-2.6.4-x86_64-1.txz: Upgraded. -d/kernel-headers-4.1.15-x86-1.txz: Upgraded. -d/libtool-2.4.6-x86_64-4.txz: Rebuilt. - Rebuilt to fix embedded GCC version number. -d/nasm-2.11.08-x86_64-1.txz: Upgraded. -d/python-2.7.11-x86_64-1.txz: Upgraded. -d/scons-2.4.1-x86_64-1.txz: Upgraded. -k/kernel-source-4.1.15-noarch-1.txz: Upgraded. -l/cairo-1.14.6-x86_64-1.txz: Upgraded. -l/dconf-editor-3.18.2-x86_64-1.txz: Upgraded. -l/gdk-pixbuf2-2.32.3-x86_64-1.txz: Upgraded. -l/gst-plugins-base-1.6.2-x86_64-1.txz: Upgraded. -l/gst-plugins-good-1.6.2-x86_64-1.txz: Upgraded. -l/gstreamer-1.6.2-x86_64-1.txz: Upgraded. -l/gtk+2-2.24.29-x86_64-1.txz: Upgraded. -l/gtk+3-3.18.6-x86_64-1.txz: Upgraded. -l/iso-codes-3.63-noarch-1.txz: Upgraded. -l/libcroco-0.6.10-x86_64-1.txz: Upgraded. -l/libgphoto2-2.5.9-x86_64-2.txz: Rebuilt. - Patched to fix Nikon CoolPix Sxxxx detection. - Thanks to Ondrej Kubecka and Marcus Meissner. -l/libnih-1.0.3-x86_64-2.txz: Rebuilt. - Write .pid files in /run, not /var/run. -l/libpng-1.6.20-x86_64-1.txz: Upgraded. - Fixed incorrect implementation of png_set_PLTE() that uses png_ptr - not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126 - vulnerability. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8472 - (* Security fix *) -l/libraw1394-2.1.1-x86_64-1.txz: Upgraded. -l/neon-0.30.1-x86_64-1.txz: Upgraded. -n/bind-9.10.3_P2-x86_64-1.txz: Upgraded. - This update fixes three security issues: - Update allowed OpenSSL versions as named is potentially vulnerable - to CVE-2015-3193. - Insufficient testing when parsing a message allowed records with an - incorrect class to be be accepted, triggering a REQUIRE failure when - those records were subsequently cached. (CVE-2015-8000) - Address fetch context reference count handling error on socket error. - (CVE-2015-8461) - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3193 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8461 - (* Security fix *) -n/dhcp-4.3.3-x86_64-1.txz: Upgraded. -n/dnsmasq-2.75-x86_64-1.txz: Upgraded. -n/ethtool-4.2-x86_64-1.txz: Upgraded. -n/iw-4.3-x86_64-1.txz: Upgraded. -n/libtirpc-1.0.1-x86_64-1.txz: Added. - This is needed by rpcbind. Thanks to Jan Rafaj. -n/mobile-broadband-provider-info-20151214-x86_64-1.txz: Upgraded. -n/openssl-1.0.2e-x86_64-1.txz: Upgraded. - This update fixes the following security issues: - BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193). - Certificate verify crash with missing PSS parameter (CVE-2015-3194). - X509_ATTRIBUTE memory leak (CVE-2015-3195). - Race condition handling PSK identify hint (CVE-2015-3196). - Anon DH ServerKeyExchange with 0 p parameter (CVE-2015-1794). - For more information, see: - https://openssl.org/news/secadv_20151203.txt - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1794 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3193 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3196 - (* Security fix *) -n/portmap-6.0-x86_64-1.txz: Removed. - This is replaced by the new libtirpc and rpcbind packages. -n/rpcbind-0.2.3-x86_64-1.txz: Added. - This replaces the portmap package. Thanks to Jan Rafaj. -n/samba-4.3.2-x86_64-1.txz: Upgraded. -n/wget-1.17.1-x86_64-1.txz: Upgraded. -n/wpa_supplicant-2.5-x86_64-1.txz: Upgraded. -x/liberation-fonts-ttf-1.07.4-noarch-1.txz: Upgraded. -x/mesa-11.0.7-x86_64-1.txz: Upgraded. -x/xf86-video-nouveau-1.0.12-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-43.0-x86_64-1.txz: Upgraded. - This release contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html - (* Security fix *) -extra/fltk/fltk-1.3.3-x86_64-2.txz: Rebuilt. - Patched to fix undefined reference to `Fl_XFont_On_Demand::value()'. - Build shared libraries, not static. - Thanks to Stefan Steier. -extra/tigervnc/tigervnc-1.5.0-x86_64-2.txz: Rebuilt. - Recompiled against shared fltk libraries. +Tue Jan 9 19:35:41 UTC 2018 +xap/easytag-2.4.2-x86_64-1.txz: Upgraded. + Downgraded to 2.4.2 since 2.4.3 has a bug that can corrupt Ogg containers + (commonly used to store Vorbis and Opus streams) when a tag is written. + Thanks to arcctgx for the heads-up. ++--------------------------+ +Tue Jan 9 00:54:19 UTC 2018 +a/gzip-1.9-x86_64-1.txz: Upgraded. +a/kernel-firmware-20180104_65b1c68-noarch-1.txz: Upgraded. +a/kernel-generic-4.14.12-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.12-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.12-x86_64-1.txz: Upgraded. +a/sysvinit-scripts-2.1-noarch-4.txz: Rebuilt. + rc.S: Fix grep match when displaying mounts. Thanks to Markus Wiesner. +ap/cups-filters-1.18.0-x86_64-2.txz: Rebuilt. + Fixed install script. Thanks to DarkVision. +d/kernel-headers-4.14.12-x86-1.txz: Upgraded. +k/kernel-source-4.14.12-noarch-1.txz: Upgraded. +l/id3lib-3.8.3-x86_64-1.txz: Added. + Thanks to alienBOB for hints on the build script. +n/irssi-1.0.6-x86_64-1.txz: Upgraded. + This update fixes multiple security vulnerabilities. + For more information, see: + https://irssi.org/security/irssi_sa_2018_01.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5205 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5206 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5207 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5208 + (* Security fix *) +xap/easytag-2.4.3-x86_64-1.txz: Added. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Thu Dec 3 07:28:30 UTC 2015 -a/cpio-2.12-x86_64-1.txz: Upgraded. -a/dbus-1.10.6-x86_64-1.txz: Upgraded. -a/eudev-3.1.5-x86_64-7.txz: Rebuilt. - In rc.udev, create static nodes with better initial permissions. -a/lvm2-2.02.136-x86_64-1.txz: Upgraded. -a/openssl-solibs-1.0.2d-x86_64-1.txz: Upgraded. -a/pkgtools-14.2-noarch-5.txz: Rebuilt. - Set LANG=C in pkgtool. -a/tar-1.28-x86_64-1.txz: Upgraded. -ap/cups-2.1.0-x86_64-1.txz: Upgraded. -kde/kio-mtp-2063e75_20131020git-x86_64-3.txz: Rebuilt. - Fix invalid UTF-8 sequence in slack-desc. Thanks to turtleli. -l/eigen3-3.2.7-x86_64-2.txz: Rebuilt. - Fixed eigen3.pc include directory. Thanks to chris.willing. -l/freetype-2.6.2-x86_64-1.txz: Upgraded. -l/glib2-2.46.2-x86_64-2.txz: Rebuilt. - Applied upstream patch to fix a memory leak. -l/gmp-6.1.0-x86_64-1.txz: Upgraded. -l/harfbuzz-1.1.2-x86_64-1.txz: Upgraded. -l/libmtp-1.1.10-x86_64-2.txz: Rebuilt. - Put the udev stuff in the right directory. Thanks to yars. -l/libpng-1.6.19-x86_64-1.txz: Upgraded. - Fixed buffer overflows in the png_set_PLTE(), png_get_PLTE(), - png_set_tIME(), and png_convert_to_rfc1123() functions that allow - attackers to cause a denial of service (application crash) or - possibly have unspecified other impact via a small bit-depth value - in an IHDR (aka image header) chunk in a PNG image. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7981 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8126. - (* Security fix *) -l/librsvg-2.40.12-x86_64-1.txz: Upgraded. -n/openssl-1.0.2d-x86_64-1.txz: Upgraded. -xap/mozilla-thunderbird-38.4.0-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. +Fri Jan 5 06:37:17 UTC 2018 +n/php-7.2.1-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-57.0.4-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements, in particular a + mitigation for a speculative execution side-channel attack ("Spectre"). For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html + https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/ + https://www.mozilla.org/security/known-vulnerabilities/firefox.html (* Security fix *) +--------------------------+ -Wed Nov 25 06:36:06 UTC 2015 -a/aaa_elflibs-14.2-x86_64-7.txz: Rebuilt. - Added libudev.so.1. -a/eudev-3.1.5-x86_64-6.txz: Rebuilt. - rc.udev: create all static modes in /dev before starting udevd. - Thanks to Robby Workman. - Support loading additional devices from /etc/udev/devices. - Set correct permissions on /dev/ppp. -a/pkgtools-14.2-noarch-4.txz: Rebuilt. - installpkg: calculate installed package size using numfmt. -a/sysvinit-scripts-2.0-noarch-24.txz: Rebuilt. - In rc.K and rc.6, don't kill mdmon. If it's running at shutdown, it needs - to stay up through the shutdown of userspace in order to prevent a hang - followed by the rebuilding of the RAID array after the power is cycled. - Thanks to Csaba Biegl. -l/pcre-8.38-x86_64-1.txz: Upgraded. - Fixed overflows that could lead to a denial of service or the execution - of arbitrary code. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3210 - (* Security fix *) +Wed Jan 3 19:24:12 UTC 2018 +a/kernel-huge-4.14.11-x86_64-2.txz: Rebuilt. + Used correct config-huge-4.14.11.x64 .config this time. +kernels/huge.s/*: Rebuilt. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ +Wed Jan 3 05:45:43 UTC 2018 +a/e2fsprogs-1.43.8-x86_64-1.txz: Upgraded. +a/kernel-firmware-20180102git-noarch-1.txz: Upgraded. +a/kernel-generic-4.14.11-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.11-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.11-x86_64-1.txz: Upgraded. +ap/nano-2.9.2-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.11-x86-1.txz: Upgraded. +k/kernel-source-4.14.11-noarch-1.txz: Upgraded. +n/dhcpcd-7.0.0-x86_64-1.txz: Upgraded. +x/xterm-331-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. - Calculate partition sizes with numfmt. Thanks to bassmadrigal. +kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. - Calculate partition sizes with numfmt. Thanks to bassmadrigal. -+--------------------------+ -Tue Nov 24 03:31:43 UTC 2015 -a/dbus-1.10.4-x86_64-1.txz: Upgraded. -a/kmod-22-x86_64-1.txz: Upgraded. -a/lilo-24.2-x86_64-1.txz: Upgraded. -a/sysvinit-scripts-2.0-noarch-23.txz: Rebuilt. - rc.6: Don't clear /var/lock/subsys. - rc.S: Clear /var/lock/subsys here instead, so that the directory will be - cleared out on startup after a power failure. - rc.sysvinit: Run kill scripts for the current, not previous, runlevel. - Thanks to Sl4ck3ver. -a/upower-0.9.23-x86_64-2.txz: Rebuilt. -ap/cups-filters-1.0.76-x86_64-2.txz: Rebuilt. -ap/lm_sensors-3.4.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Fri Dec 29 23:09:14 UTC 2017 +a/coreutils-8.29-x86_64-1.txz: Upgraded. +n/bluez-5.48-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-57.0.3-x86_64-1.txz: Upgraded. ++--------------------------+ +Mon Dec 25 21:43:14 UTC 2017 +l/speex-1.2.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Mon Dec 25 20:16:03 UTC 2017 +Whoops, it looks like a little test residue on my build machine caused me to +wrap a couple of presents wrong. All fixed up, Merry Christmas everyone! +ap/moc-2.5.2-x86_64-3.txz: Rebuilt. +ap/vorbis-tools-1.4.0-x86_64-3.txz: Rebuilt. +l/opusfile-0.9-x86_64-2.txz: Rebuilt. +n/samba-4.7.4-x86_64-2.txz: Rebuilt. ++--------------------------+ +Mon Dec 25 00:00:16 UTC 2017 +a/coreutils-8.28-x86_64-3.txz: Rebuilt. + Added .opus extension to /etc/DIR_COLORS. +ap/cups-filters-1.18.0-x86_64-1.txz: Upgraded. +ap/moc-2.5.2-x86_64-2.txz: Rebuilt. + Recompiled to add decoder plugins for Speex and FFmpeg. +ap/opus-tools-0.1.10-x86_64-1.txz: Added. +ap/vorbis-tools-1.4.0-x86_64-2.txz: Rebuilt. + Added Opus support to ogg123. +d/cmake-3.10.1-x86_64-1.txz: Upgraded. +l/ffmpeg-3.4.1-x86_64-2.txz: Rebuilt. + Recompiled to add support for Speex and Opus. +l/gst-plugins-base-1.12.4-x86_64-2.txz: Rebuilt. + Recompiled to add support for Opus. +l/gst-plugins-good-1.12.4-x86_64-2.txz: Rebuilt. + Recompiled to add support for Speex. +l/harfbuzz-1.7.4-x86_64-1.txz: Upgraded. +l/icu4c-60.2-x86_64-1.txz: Upgraded. +l/libjpeg-turbo-1.5.3-x86_64-1.txz: Upgraded. +l/opus-1.3_beta-x86_64-1.txz: Added. +l/opusfile-0.9-x86_64-1.txz: Added. +l/speex-1.2rc2-x86_64-1.txz: Added. +n/autofs-5.1.4-x86_64-1.txz: Upgraded. +n/gnupg2-2.2.4-x86_64-1.txz: Upgraded. +n/samba-4.7.4-x86_64-1.txz: Upgraded. +x/xorg-server-1.19.6-x86_64-2.txz: Rebuilt. + Bumped Slackware version number reported by xorg-server to 15.0. +x/xorg-server-xephyr-1.19.6-x86_64-2.txz: Rebuilt. +x/xorg-server-xnest-1.19.6-x86_64-2.txz: Rebuilt. +x/xorg-server-xvfb-1.19.6-x86_64-2.txz: Rebuilt. +xap/xscreensaver-5.38-x86_64-1.txz: Upgraded. ++--------------------------+ +Fri Dec 22 21:49:01 UTC 2017 +tcl/tcl-8.6.8-x86_64-1.txz: Upgraded. +tcl/tk-8.6.8-x86_64-1.txz: Upgraded. +xap/mozilla-thunderbird-52.5.2-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. + For more information, see: + https://www.mozilla.org/en-US/thunderbird/52.5.2/releasenotes/ + (* Security fix *) +xap/network-manager-applet-1.8.10-x86_64-3.txz: Rebuilt. + Merged upstream patches that may fix the openvpn breakage. Thanks to Robby Workman. -d/intltool-0.51.0-x86_64-2.txz: Rebuilt. - Fix warnings with perl-5.22.0. Thanks to Stuart Winter. -d/llvm-3.7.0-x86_64-2.txz: Rebuilt. - Build using cmake and clang. This results in a smaller package size, fixes - compiler-rt, and changes the shared library name from libLLVM-3.7.so to - libLLVM.so.3.7.0 (which requires recompiling any binaries linked to libLLVM). - Thanks to Heinz Wiesinger. -kde/calligra-2.9.9-x86_64-3.txz: Rebuilt. -l/babl-0.1.14-x86_64-1.txz: Upgraded. -l/harfbuzz-1.1.0-x86_64-1.txz: Upgraded. -l/poppler-0.38.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Fri Dec 22 07:09:35 UTC 2017 +d/llvm-5.0.1-x86_64-1.txz: Upgraded. + Added libcxx and libcxxabi. +l/Mako-1.0.7-x86_64-1.txz: Added. + Mako is needed by the new version of Mesa. +x/libdrm-2.4.89-x86_64-1.txz: Upgraded. +x/mesa-17.3.1-x86_64-1.txz: Upgraded. ++--------------------------+ +Wed Dec 20 22:56:42 UTC 2017 +a/util-linux-2.31.1-x86_64-1.txz: Upgraded. +l/ffmpeg-3.4.1-x86_64-1.txz: Upgraded. +x/xorg-server-1.19.6-x86_64-1.txz: Upgraded. +x/xorg-server-xephyr-1.19.6-x86_64-1.txz: Upgraded. +x/xorg-server-xnest-1.19.6-x86_64-1.txz: Upgraded. +x/xorg-server-xvfb-1.19.6-x86_64-1.txz: Upgraded. +xap/network-manager-applet-1.8.10-x86_64-2.txz: Rebuilt. + Patched to fix crash with NetworkManager-openvpn. Thanks to USUARIONUEVO. ++--------------------------+ +Wed Dec 20 03:05:58 UTC 2017 +ap/pamixer-1.3.1-x86_64-5.txz: Rebuilt. + Recompiled against boost-1.66.0. +ap/vim-8.0.1415-x86_64-1.txz: Upgraded. +d/meson-0.44.0-x86_64-1.txz: Upgraded. +d/python3-3.6.4-x86_64-1.txz: Upgraded. +d/ruby-2.4.3-x86_64-1.txz: Upgraded. + This update fixes a security issue: + Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile + use Kernel#open to open a local file. If the localfile argument starts with + the pipe character "|", the command following the pipe character is executed. + The default value of localfile is File.basename(remotefile), so malicious FTP + servers could cause arbitrary command execution. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405 + (* Security fix *) +kde/calligra-2.9.11-x86_64-18.txz: Rebuilt. + Recompiled against boost-1.66.0. +kde/kig-4.14.3-x86_64-7.txz: Rebuilt. + Recompiled against boost-1.66.0. +l/LibRaw-0.18.6-x86_64-1.txz: Upgraded. +l/akonadi-1.13.0-x86_64-8.txz: Rebuilt. + Recompiled against boost-1.66.0. +l/boost-1.66.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. -n/NetworkManager-1.0.8-x86_64-1.txz: Upgraded. -n/lftp-4.6.4-x86_64-1.txz: Upgraded. -n/wget-1.17-x86_64-1.txz: Upgraded. -x/glew-1.13.0-x86_64-1.txz: Upgraded. +l/gmime-2.6.23-x86_64-2.txz: Upgraded. + Revert to gmime-2 until the issues with pan are worked out. Nothing else in + Slackware is using this library. +l/lcms2-2.9-x86_64-1.txz: Upgraded. +l/libogg-1.3.3-x86_64-1.txz: Upgraded. +l/librsvg-2.40.20-x86_64-1.txz: Upgraded. +l/pygobject-2.28.7-x86_64-1.txz: Upgraded. +n/NetworkManager-1.10.2-x86_64-1.txz: Upgraded. +n/gpgme-1.10.0-x86_64-1.txz: Upgraded. +n/libassuan-2.5.1-x86_64-1.txz: Upgraded. +n/libgcrypt-1.8.2-x86_64-1.txz: Upgraded. +n/mutt-1.9.2-x86_64-1.txz: Upgraded. +n/pinentry-1.1.0-x86_64-1.txz: Upgraded. +xap/network-manager-applet-1.8.10-x86_64-1.txz: Upgraded. +xap/pan-0.143-x86_64-3.txz: Rebuilt. + Recompiled against gmime-2. +xap/vim-gvim-8.0.1415-x86_64-1.txz: Upgraded. +xfce/xfce4-notifyd-0.4.1-x86_64-1.txz: Upgraded. +testing/packages/linux-4.14.7/kernel-generic-4.14.7-x86_64-1.txz: Upgraded. +testing/packages/linux-4.14.7/kernel-headers-4.14.7-x86-1.txz: Upgraded. +testing/packages/linux-4.14.7/kernel-huge-4.14.7-x86_64-1.txz: Upgraded. +testing/packages/linux-4.14.7/kernel-modules-4.14.7-x86_64-1.txz: Upgraded. +testing/packages/linux-4.14.7/kernel-source-4.14.7-noarch-1.txz: Upgraded. + These sources have been patched with two patches that have been submitted + upstream but have yet to appear in the mainline or stable kernels. With the + patches applied this kernel seems stable now on both 32 and 64-bit x86. + Thanks to Michele Ballabio for reporting the issue to the upstream kernel + developers, and to Ming Lei for the fix. Once these patches appear in the + 4.14.x kernel series (and barring any other major regressions), we'll be + moving these kernels back into the main tree. ++--------------------------+ +Thu Dec 14 23:27:14 UTC 2017 +l/gst-plugins-base-1.12.4-x86_64-1.txz: Upgraded. +l/gst-plugins-good-1.12.4-x86_64-1.txz: Upgraded. +l/gst-plugins-libav-1.12.4-x86_64-1.txz: Upgraded. +l/gstreamer-1.12.4-x86_64-1.txz: Upgraded. +l/libsodium-1.0.16-x86_64-1.txz: Upgraded. +n/wpa_supplicant-2.6-x86_64-3.txz: Rebuilt. + Added options and patches from Fedora that may help with reconnection + issues. Thanks to Robby Workman. +x/mesa-17.2.7-x86_64-1.txz: Upgraded. +xfce/xfce4-panel-4.12.2-x86_64-1.txz: Upgraded. ++--------------------------+ +Sat Dec 9 00:02:28 UTC 2017 +a/openssl-solibs-1.0.2n-x86_64-1.txz: Upgraded. +n/openssl-1.0.2n-x86_64-1.txz: Upgraded. + This update fixes security issues: + Read/write after SSL object in error state + rsaz_1024_mul_avx2 overflow bug on x86_64 + For more information, see: + https://www.openssl.org/news/secadv/20171207.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3737 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3738 + (* Security fix *) ++--------------------------+ +Fri Dec 8 05:54:21 UTC 2017 +l/cairo-1.14.12-x86_64-1.txz: Upgraded. +l/qt-4.8.7-x86_64-8.txz: Rebuilt. + Don't warn if libicu* appears to be missing at runtime. +x/motif-2.3.8-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-57.0.2-x86_64-1.txz: Upgraded. ++--------------------------+ +Wed Dec 6 14:13:48 UTC 2017 +a/kernel-generic-4.9.67-x86_64-1.txz: Upgraded. +a/kernel-huge-4.9.67-x86_64-1.txz: Upgraded. +a/kernel-modules-4.9.67-x86_64-1.txz: Upgraded. +ap/cups-filters-1.17.9-x86_64-2.txz: Rebuilt. + Recompiled against poppler-0.62.0. +ap/sqlite-3.21.0-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-60.1. +d/kernel-headers-4.9.67-x86-1.txz: Upgraded. +d/python-setuptools-38.2.4-x86_64-1.txz: Upgraded. +d/subversion-1.9.7-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-60.1. +k/kernel-source-4.9.67-noarch-1.txz: Upgraded. +kde/calligra-2.9.11-x86_64-17.txz: Rebuilt. + Recompiled against icu4c-60.1 and poppler-0.62.0. +kde/kdepimlibs-4.14.10-x86_64-4.txz: Rebuilt. + Recompiled against libical-3.0.1. +l/apr-util-1.6.1-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-60.1. +l/boost-1.65.1-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-60.1. +l/eigen3-3.2.10-x86_64-1.txz: Upgraded. +l/gmime-3.0.5-x86_64-1.txz: Upgraded. Shared library .so-version bump. -x/mesa-11.0.6-x86_64-1.txz: Upgraded. - Patched to find the new LLVM library. - Thanks to Heinz Wiesinger. -x/xf86-video-vmware-13.1.0-x86_64-5.txz: Rebuilt. -xap/gimp-2.8.16-x86_64-1.txz: Upgraded. -xap/network-manager-applet-1.0.8-x86_64-1.txz: Upgraded. -xap/windowmaker-0.95.7-x86_64-2.txz: Rebuilt. - Patch to fix a segfault in wmmenugen.c. Thanks to imitheos. -xfce/tumbler-0.1.31-x86_64-3.txz: Rebuilt. -+--------------------------+ -Sun Nov 22 23:37:53 UTC 2015 -a/eudev-3.1.5-x86_64-5.txz: Rebuilt. - Add eudev startup message for kmsg. Thanks to Richard Narron. - Blacklist some more watchdog modules to work around broken hardware. - Thanks to Robby Workman. - Added /dev/net/tun. -a/kernel-firmware-20151122git-noarch-1.txz: Upgraded. -+--------------------------+ -Sat Nov 21 19:18:17 UTC 2015 -Some more recompiles and a couple upgrades. Most of these were needed to -fix packages on 32-bit that were needlessly linking the old libudev.so.0. -Thanks to bormant for spotting these. After rebuilding them, they no longer -link to libudev at all... Since this got us close to having Xfce built -entirely for 586 on 32-bit, those packages were rebuilt as well. -l/gcr-3.16.0-x86_64-2.txz: Rebuilt. -l/gtk+2-2.24.28-x86_64-3.txz: Rebuilt. -l/gtkspell-2.0.16-x86_64-3.txz: Rebuilt. -l/libiodbc-3.52.10-x86_64-2.txz: Rebuilt. -l/libwnck-2.31.0-x86_64-2.txz: Rebuilt. -l/polkit-gnome-0.102-x86_64-3.txz: Rebuilt. -l/virtuoso-ose-6.1.8-x86_64-3.txz: Rebuilt. -l/vte-0.28.2-x86_64-4.txz: Rebuilt. -x/compiz-0.8.8-x86_64-4.txz: Rebuilt. -xap/blueman-r708-x86_64-5.txz: Rebuilt. -xap/gucharmap-3.12.1-x86_64-2.txz: Rebuilt. -xap/imagemagick-6.9.2_6-x86_64-1.txz: Upgraded. -xap/pidgin-2.10.11-x86_64-4.txz: Rebuilt. -xfce/Thunar-1.6.10-x86_64-2.txz: Rebuilt. -xfce/garcon-0.4.0-x86_64-2.txz: Rebuilt. -xfce/gtk-xfce-engine-2.10.1-x86_64-2.txz: Rebuilt. -xfce/libxfce4ui-4.12.1-x86_64-2.txz: Rebuilt. -xfce/libxfce4util-4.12.1-x86_64-2.txz: Rebuilt. -xfce/orage-4.12.1-x86_64-2.txz: Rebuilt. -xfce/thunar-volman-0.8.1-x86_64-2.txz: Rebuilt. -xfce/xfce4-appfinder-4.12.0-x86_64-2.txz: Rebuilt. -xfce/xfce4-clipman-plugin-1.2.3-x86_64-4.txz: Rebuilt. -xfce/xfce4-dev-tools-4.12.0-x86_64-2.txz: Rebuilt. -xfce/xfce4-mixer-4.10.0-x86_64-2.txz: Rebuilt. -xfce/xfce4-notifyd-0.2.4-x86_64-3.txz: Rebuilt. -xfce/xfce4-panel-4.12.0-x86_64-2.txz: Rebuilt. -xfce/xfce4-power-manager-1.4.4-x86_64-2.txz: Rebuilt. -xfce/xfce4-session-4.12.1-x86_64-2.txz: Rebuilt. -xfce/xfce4-settings-4.12.0-x86_64-2.txz: Rebuilt. -xfce/xfce4-systemload-plugin-1.1.2-x86_64-2.txz: Rebuilt. -xfce/xfce4-taskmanager-1.1.0-x86_64-2.txz: Rebuilt. -xfce/xfce4-terminal-0.6.3-x86_64-2.txz: Rebuilt. -xfce/xfce4-volumed-0.1.13-x86_64-3.txz: Rebuilt. -xfce/xfconf-4.12.0-x86_64-2.txz: Rebuilt. -xfce/xfdesktop-4.12.3-x86_64-2.txz: Rebuilt. -xfce/xfwm4-4.12.3-x86_64-1.txz: Upgraded. -+--------------------------+ -Fri Nov 20 21:52:15 UTC 2015 -a/eudev-3.1.5-x86_64-4.txz: Rebuilt. - rc.udev: Don't update the hardware database index until / is read-write. - Remove obsolete /lib/udev/udevd symlink. -a/udisks-1.0.5-x86_64-3.txz: Rebuilt. - Eliminate redundant udev rule trying to call pci-db. -+--------------------------+ -Fri Nov 20 05:25:18 UTC 2015 -We've made the switch from udev to eudev, and everything seems to be working -perfectly. Big thanks to the eudev team for helping us bring Slackware's -udev up to date! Make sure you remove the old udev and install both of the -new packages (eudev and libgudev), and then the changeover to eudev should -go as smooth as silk. Really, the icu4c upgrade seemed more disruptive. :) -A reboot after this is probably better than "/etc/rc.d/rc.udev force-restart", -but that worked fine here, too. It would also be a good idea to regenerate -the initrd so that it uses eudev, but once again things worked fine here -either way. Have fun! -a/aaa_elflibs-14.2-x86_64-6.txz: Rebuilt. -a/etc-14.2-x86_64-4.txz: Rebuilt. - Added input group, GID 71. - Added SDDM user/group, UID 64, GID 64. -a/eudev-3.1.5-x86_64-3.txz: Added. - This replaces the udev package. - rc.udev: Fix mounting /dev/shm. - rc.udev: Remove devtmpfs check. - rc.udev: Remove persistent CD rules support. - udev.conf: Remove obsolete udev_root setting. - Patch 60-cdrom_id.rules to create alternate device names. - Move system installed hwdb files under /lib. - Remove obsolete udev_root references from the manpages, and install them. - Thanks to Robby Workman. -a/libgudev-230-x86_64-1.txz: Added. - This library is required to use eudev. -a/lvm2-2.02.134-x86_64-1.txz: Upgraded. -a/sysvinit-scripts-2.0-noarch-22.txz: Rebuilt. - rc.S: Remove obsolete UMSDOS related error messages. -a/udev-182-x86_64-7.txz: Removed. - This is replaced by the eudev and libgudev packages. -a/udisks-1.0.5-x86_64-2.txz: Rebuilt. -a/udisks2-2.1.5-x86_64-2.txz: Rebuilt. -a/usbutils-007-x86_64-3.txz: Rebuilt. -a/util-linux-2.26.2-x86_64-2.txz: Rebuilt. -ap/gphoto2-2.5.9-x86_64-1.txz: Upgraded. -ap/gutenprint-5.2.10-x86_64-2.txz: Rebuilt. -ap/hplip-3.15.11-x86_64-1.txz: Upgraded. -ap/nano-2.4.3-x86_64-1.txz: Upgraded. -ap/sqlite-3.9.2-x86_64-2.txz: Rebuilt. -ap/usbmuxd-1.1.0-x86_64-1.txz: Upgraded. -d/gcc-5.2.0-x86_64-2.txz: Rebuilt. - Patched to fix problems with Wine (and possibly other things.) - Thanks to Spinlock. -d/gcc-g++-5.2.0-x86_64-2.txz: Rebuilt. -d/gcc-gfortran-5.2.0-x86_64-2.txz: Rebuilt. -d/gcc-gnat-5.2.0-x86_64-2.txz: Rebuilt. -d/gcc-go-5.2.0-x86_64-2.txz: Rebuilt. -d/gcc-java-5.2.0-x86_64-2.txz: Rebuilt. -d/gcc-objc-5.2.0-x86_64-2.txz: Rebuilt. -d/mercurial-3.6.1-x86_64-1.txz: Upgraded. - Renamed bash-completion file from mercurial to hg, otherwise it doesn't work. - Thanks to Audrius Kazukauskas. -d/subversion-1.9.2-x86_64-3.txz: Rebuilt. -kde/calligra-2.9.9-x86_64-2.txz: Rebuilt. -kde/kde-workspace-4.11.22-x86_64-2.txz: Rebuilt. -kde/kdeconnect-kde-0.8-x86_64-3.txz: Rebuilt. - Patched to fix problems with OpenSSH 7.x. Thanks to Eric Hameleers. -kde/kdelibs-4.14.14-x86_64-2.txz: Rebuilt. -kde/kig-4.14.3-x86_64-3.txz: Rebuilt. -l/ConsoleKit2-1.0.0-x86_64-3.txz: Rebuilt. -l/akonadi-1.13.0-x86_64-2.txz: Rebuilt. -l/apr-util-1.5.4-x86_64-2.txz: Rebuilt. -l/boost-1.59.0-x86_64-1.txz: Upgraded. +l/gvfs-1.34.1-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-60.1. +l/harfbuzz-1.7.2-x86_64-1.txz: Upgraded. + Compiled against icu4c-60.1. +l/icu4c-60.1-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/libgpod-0.8.3-x86_64-3.txz: Rebuilt. + Recompiled against icu4c-60.1. +l/libical-3.0.1-x86_64-1.txz: Upgraded. Shared library .so-version bump. -l/gtk+3-3.18.5-x86_64-1.txz: Upgraded. -l/gvfs-1.26.2-x86_64-2.txz: Rebuilt. -l/harfbuzz-1.0.6-x86_64-1.txz: Upgraded. -l/icu4c-56.1-x86_64-1.txz: Upgraded. + Compiled against icu4c-60.1. +l/libsodium-1.0.15-x86_64-1.txz: Added. +l/libvisio-0.1.6-x86_64-1.txz: Upgraded. + Compiled against icu4c-60.1. +l/poppler-0.62.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. -l/libatasmart-0.19-x86_64-2.txz: Rebuilt. -l/libcanberra-0.30-x86_64-3.txz: Rebuilt. -l/libgphoto2-2.5.9-x86_64-1.txz: Upgraded. -l/libgpod-0.8.3-x86_64-2.txz: Rebuilt. -l/libmtp-1.1.10-x86_64-1.txz: Upgraded. -l/libsoup-2.52.2-x86_64-2.txz: Rebuilt. -l/libusb-1.0.20-x86_64-1.txz: Upgraded. -l/libusb-compat-0.1.5-x86_64-2.txz: Rebuilt. -l/libvisio-0.1.3-x86_64-2.txz: Rebuilt. -l/qt-4.8.7-x86_64-2.txz: Rebuilt. -l/raptor2-2.0.15-x86_64-2.txz: Rebuilt. -l/system-config-printer-1.3.13-x86_64-2.txz: Rebuilt. -n/ModemManager-1.4.10-x86_64-2.txz: Rebuilt. -n/NetworkManager-1.0.6-x86_64-2.txz: Rebuilt. -n/bluez-4.101-x86_64-2.txz: Rebuilt. -n/dhcpcd-6.8.2-x86_64-2.txz: Rebuilt. -n/httpd-2.4.17-x86_64-2.txz: Rebuilt. -n/libmbim-1.12.2-x86_64-2.txz: Rebuilt. -n/network-scripts-14.2-noarch-1.txz: Upgraded. - Add loopback up/down/start/stop features. - Fix bringing down a single non-bridge interface. - Thanks to Xsane. -n/nmap-7.00-x86_64-1.txz: Upgraded. -n/php-5.6.15-x86_64-1.txz: Upgraded. -n/tin-2.2.1-x86_64-3.txz: Rebuilt. -x/intel-gpu-tools-1.9-x86_64-2.txz: Rebuilt. -x/xf86-input-evdev-2.10.0-x86_64-3.txz: Rebuilt. -x/xf86-input-vmmouse-13.1.0-x86_64-3.txz: Rebuilt. -x/xf86-video-ati-7.6.1-x86_64-2.txz: Rebuilt. -x/xf86-video-intel-git_20151119_666f25b-x86_64-1.txz: Upgraded. -x/xf86-video-modesetting-0.9.0-x86_64-5.txz: Rebuilt. -x/xf86-video-nouveau-git_20151119_6e6d8ac-x86_64-1.txz: Upgraded. -x/xf86-video-openchrome-0.3.3-x86_64-7.txz: Rebuilt. -x/xorg-server-1.18.0-x86_64-2.txz: Rebuilt. -x/xorg-server-xephyr-1.18.0-x86_64-2.txz: Rebuilt. -x/xorg-server-xnest-1.18.0-x86_64-2.txz: Rebuilt. -x/xorg-server-xvfb-1.18.0-x86_64-2.txz: Rebuilt. -xap/audacious-3.7-x86_64-1.txz: Upgraded. -xap/audacious-plugins-3.7-x86_64-1.txz: Upgraded. -xap/network-manager-applet-1.0.6-x86_64-2.txz: Rebuilt. -xap/sane-1.0.25-x86_64-2.txz: Rebuilt. -xfce/exo-0.10.7-x86_64-1.txz: Upgraded. -xfce/xfce4-screenshooter-1.8.2-x86_64-2.txz: Rebuilt. -xfce/xfce4-weather-plugin-0.8.6-x86_64-2.txz: Rebuilt. +l/raptor2-2.0.15-x86_64-3.txz: Rebuilt. + Recompiled against icu4c-60.1. +n/NetworkManager-1.10.0-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-60.1. +n/autofs-5.1.3-x86_64-2.txz: Rebuilt. + Fixed incorrect /etc/default/autofs.{,new}. Thanks to alienBOB. +n/bluez-5.47-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-60.1. + Recompiled against libical-3.0.1. +n/dovecot-2.2.33.2-x86_64-3.txz: Rebuilt. + Recompiled against icu4c-60.1. +n/httpd-2.4.29-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-60.1. +n/php-7.2.0-x86_64-2.txz: Upgraded. + Upgraded from php-5.6.32. + Compiled against icu4c-60.1. + Compiled against libsodium-1.0.15. +n/postfix-3.2.4-x86_64-3.txz: Rebuilt. + Recompiled against icu4c-60.1. +n/tin-2.4.1-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-60.1. +n/whois-5.2.18-x86_64-2.txz: Rebuilt. + Ship the mkpasswd program. Thanks to Adrien Nader. +t/texlive-2017.171108-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-60.1. +tcl/expect-5.45.3-x86_64-2.txz: Rebuilt. + Don't install the mkpasswd example program, which is inferior to the + version shipped with the whois sources. +xap/network-manager-applet-1.8.6-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-60.1. +xap/pan-0.143-x86_64-2.txz: Rebuilt. + Recompiled against gmime-3.0.5. +xfce/orage-4.12.1-x86_64-4.txz: Rebuilt. + Recompiled against icu4c-60.1. + Recompiled against libical-3.0.1. +xfce/tumbler-0.2.0-x86_64-3.txz: Rebuilt. + Recompiled against poppler-0.62.0. +xfce/xfce4-screenshooter-1.8.2-x86_64-3.txz: Rebuilt. + Recompiled against icu4c-60.1. +xfce/xfce4-weather-plugin-0.8.10-x86_64-2.txz: Rebuilt. + Recompiled against icu4c-60.1. isolinux/initrd.img: Rebuilt. - Removed udev, added eudev and libgudev. - Fixed partition size output. +kernels/*: Upgraded. +testing/packages/linux-4.14.4/kernel-generic-4.14.4-x86_64-1.txz: Upgraded. +testing/packages/linux-4.14.4/kernel-headers-4.14.4-x86-1.txz: Upgraded. +testing/packages/linux-4.14.4/kernel-huge-4.14.4-x86_64-1.txz: Upgraded. +testing/packages/linux-4.14.4/kernel-modules-4.14.4-x86_64-1.txz: Upgraded. +testing/packages/linux-4.14.4/kernel-source-4.14.4-noarch-1.txz: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. - Removed udev, added eudev and libgudev. - Fixed partition size output. -+--------------------------+ -Sun Nov 15 20:26:58 UTC 2015 -testing/packages/eudev-3.1.5-x86_64-2.txz: Rebuilt. - Use --with-rootlibexecdir=/lib/udev regardless of $ARCH. -+--------------------------+ -Sat Nov 14 21:35:57 UTC 2015 -Please enjoy "almost a beta." Sorry we missed Friday the 13th this time. -a/aaa_elflibs-14.2-x86_64-5.txz: Rebuilt. -a/bash-4.3.042-x86_64-1.txz: Upgraded. -a/e2fsprogs-1.42.13-x86_64-2.txz: Rebuilt. - Fixed uncompressed manpages. -a/file-5.25-x86_64-1.txz: Upgraded. -a/gettext-0.19.6-x86_64-1.txz: Upgraded. -a/hwdata-0.283-noarch-1.txz: Added. - Thanks to Robby Workman. -a/kernel-firmware-20151112git-noarch-1.txz: Upgraded. -a/kernel-generic-4.1.13-x86_64-1.txz: Upgraded. -a/kernel-huge-4.1.13-x86_64-1.txz: Upgraded. -a/kernel-modules-4.1.13-x86_64-1.txz: Upgraded. -a/pciutils-3.4.0-x86_64-1.txz: Upgraded. - Thanks to Robby Workman. -a/tcsh-6.19.00-x86_64-1.txz: Upgraded. -a/usbutils-007-x86_64-2.txz: Rebuilt. - Use the usb.ids from the hwdata package. -ap/alsa-utils-1.1.0-x86_64-1.txz: Upgraded. -ap/lxc-1.1.5-x86_64-1.txz: Upgraded. -ap/man-1.6g-x86_64-3.txz: Rebuilt. - Fixed conditional in makewhatis. Thanks to mancha. -ap/man-pages-4.02-noarch-1.txz: Upgraded. -ap/mc-4.8.15-x86_64-1.txz: Upgraded. -ap/powertop-2.8-x86_64-1.txz: Upgraded. -ap/sqlite-3.9.2-x86_64-1.txz: Upgraded. -ap/squashfs-tools-4.3-x86_64-1.txz: Added. - Thanks to Eric Hameleers. -d/cmake-3.4.0-x86_64-1.txz: Upgraded. -d/gcc-5.2.0-x86_64-1.txz: Upgraded. -d/gcc-g++-5.2.0-x86_64-1.txz: Upgraded. -d/gcc-gfortran-5.2.0-x86_64-1.txz: Upgraded. -d/gcc-gnat-5.2.0-x86_64-1.txz: Upgraded. -d/gcc-go-5.2.0-x86_64-1.txz: Upgraded. - Shared library .so-version bump. -d/gcc-java-5.2.0-x86_64-1.txz: Upgraded. - Shared library .so-version bump. -d/gcc-objc-5.2.0-x86_64-1.txz: Upgraded. -d/gettext-tools-0.19.6-x86_64-1.txz: Upgraded. -d/git-2.6.3-x86_64-1.txz: Upgraded. -d/intltool-0.51.0-x86_64-1.txz: Upgraded. -d/kernel-headers-4.1.13-x86-1.txz: Upgraded. -d/libtool-2.4.6-x86_64-3.txz: Rebuilt. -d/subversion-1.9.2-x86_64-2.txz: Rebuilt. - Moved DAV SVN modules to the correct Apache directory. Thanks to cendryon. -k/kernel-source-4.1.13-noarch-1.txz: Upgraded. - MICROCODE m -> y - X86_CPUID m -> y - X86_MSR m -> y - +MICROCODE_AMD_EARLY y - +MICROCODE_EARLY y - +MICROCODE_INTEL_EARLY y -kde/calligra-2.9.9-x86_64-1.txz: Upgraded. -kde/kdelibs-4.14.14-x86_64-1.txz: Upgraded. -kde/libkdcraw-4.14.3-x86_64-3.txz: Rebuilt. -kde/step-4.14.3-x86_64-4.txz: Rebuilt. -kdei/calligra-l10n-bs-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ca-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ca\@valencia-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-cs-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-da-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-de-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-el-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-en_GB-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-es-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-et-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-fi-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-fr-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-gl-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-hu-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-it-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ja-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-kk-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-nb-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-nl-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pl-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pt-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pt_BR-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ru-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-sk-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-sv-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-tr-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-uk-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-zh_CN-2.9.9-noarch-1.txz: Upgraded. -kdei/calligra-l10n-zh_TW-2.9.9-noarch-1.txz: Upgraded. -l/ConsoleKit2-1.0.0-x86_64-2.txz: Rebuilt. - Fixed uncompressed manpage. -l/LibRaw-0.17.0-x86_64-1.txz: Upgraded. - Shared library .so-version bump. -l/alsa-lib-1.1.0-x86_64-1.txz: Upgraded. -l/at-spi2-core-2.18.3-x86_64-1.txz: Upgraded. -l/eigen2-2.0.17-x86_64-1.txz: Upgraded. -l/eigen3-3.2.7-x86_64-1.txz: Upgraded. -l/gdk-pixbuf2-2.32.2-x86_64-1.txz: Upgraded. -l/glib2-2.46.2-x86_64-1.txz: Upgraded. -l/gnome-keyring-3.16.0-x86_64-2.txz: Rebuilt. - Fixed uncompressed manpages. -l/gsl-2.1-x86_64-1.txz: Upgraded. ++--------------------------+ +Mon Dec 4 14:04:45 UTC 2017 +xap/pan-0.143-x86_64-1.txz: Upgraded. ++--------------------------+ +Sun Dec 3 22:42:47 UTC 2017 +a/btrfs-progs-v4.14-x86_64-1.txz: Upgraded. +a/logrotate-3.13.0-x86_64-1.txz: Upgraded. +a/pciutils-3.5.6-x86_64-1.txz: Upgraded. +a/reiserfsprogs-3.6.27-x86_64-1.txz: Upgraded. +a/xfsprogs-4.14.0-x86_64-1.txz: Upgraded. +ap/itstool-2.0.4-x86_64-1.txz: Upgraded. +ap/mariadb-10.2.11-x86_64-2.txz: Rebuilt. + Removed a Darwin-only symbol from the TOKUDB_OK cmake test to fix TokuDB. +ap/mpg123-1.25.8-x86_64-1.txz: Upgraded. +ap/xfsdump-3.1.8-x86_64-1.txz: Upgraded. +d/nasm-2.13.02-x86_64-1.txz: Upgraded. +l/M2Crypto-0.27.0-x86_64-1.txz: Upgraded. +l/babl-0.1.38-x86_64-1.txz: Upgraded. +l/python-six-1.11.0-x86_64-1.txz: Upgraded. +l/shared-mime-info-1.9-x86_64-1.txz: Upgraded. +n/autofs-5.1.3-x86_64-1.txz: Upgraded. +n/getmail-5.4-x86_64-1.txz: Upgraded. +n/sshfs-2.10-x86_64-1.txz: Upgraded. +n/traceroute-2.1.0-x86_64-1.txz: Upgraded. +xfce/xfce4-terminal-0.8.6-x86_64-2.txz: Rebuilt. + Applied upstream patch to add utempter support. Thanks to Robby Workman. ++--------------------------+ +Sat Dec 2 20:32:45 UTC 2017 +We're moving back to the 4.9.x kernel series in the main tree until we can +figure out a fix for unstable 4.14.x kernels (especially on 32-bit). Guessing +it's probably going to be fixable with .config changes, since a greatly +simplified .config is stable. Meanwhile, the latest 4.14.x kernels can now be +found in the testing/ directory. +a/kernel-firmware-20171130git-noarch-1.txz: Upgraded. +a/kernel-generic-4.9.66-x86_64-1.txz: Upgraded. +a/kernel-huge-4.9.66-x86_64-1.txz: Upgraded. +a/kernel-modules-4.9.66-x86_64-1.txz: Upgraded. +ap/soma-2.12.3-noarch-1.txz: Upgraded. +d/gdb-8.0.1-x86_64-3.txz: Rebuilt. + Compiled --without-guile until guile-2.2 support is fixed. +d/guile-2.2.3-x86_64-1.txz: Upgraded. Shared library .so-version bump. -l/gst-plugins-good-1.6.1-x86_64-2.txz: Rebuilt. -l/gtk+3-3.18.4-x86_64-1.txz: Upgraded. -l/gvfs-1.26.2-x86_64-1.txz: Upgraded. -l/libsoup-2.52.2-x86_64-1.txz: Upgraded. -l/libvpx-1.5.0-x86_64-1.txz: Upgraded. +d/kernel-headers-4.9.66-x86-1.txz: Upgraded. +d/make-4.2.1-x86_64-2.txz: Rebuilt. + Recompiled against libguile-2.2. +d/mercurial-4.4.2-x86_64-1.txz: Upgraded. +k/kernel-source-4.9.66-noarch-1.txz: Upgraded. +l/adwaita-icon-theme-3.26.1-noarch-1.txz: Upgraded. +l/fftw-3.3.7-x86_64-1.txz: Upgraded. +l/libunistring-0.9.8-x86_64-1.txz: Upgraded. +l/libzip-1.3.2-x86_64-2.txz: Rebuilt. + Restored missing zipconf.h. Thanks to orbea. +n/gnutls-3.6.1-x86_64-2.txz: Rebuilt. + Recompiled against libguile-2.2. +n/stunnel-5.44-x86_64-1.txz: Upgraded. +x/xf86-video-vboxvideo-1.0.0-x86_64-1.txz: Added. +xap/mozilla-firefox-57.0.1-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +testing/packages/linux-4.14.3/kernel-generic-4.14.3-x86_64-1.txz: Added. +testing/packages/linux-4.14.3/kernel-headers-4.14.3-x86-1.txz: Added. +testing/packages/linux-4.14.3/kernel-huge-4.14.3-x86_64-1.txz: Added. +testing/packages/linux-4.14.3/kernel-modules-4.14.3-x86_64-1.txz: Added. +testing/packages/linux-4.14.3/kernel-source-4.14.3-noarch-1.txz: Added. +testing/packages/php-7.2.0-x86_64-1.txz: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ +Wed Nov 29 21:48:33 UTC 2017 +n/curl-7.57.0-x86_64-1.txz: Upgraded. + This update fixes security issues: + SSL out of buffer access + FTP wildcard out of bounds read + NTLM buffer overflow via integer overflow + For more information, see: + https://curl.haxx.se/docs/adv_2017-af0a.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8818 + https://curl.haxx.se/docs/adv_2017-ae72.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817 + https://curl.haxx.se/docs/adv_2017-12e7.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816 + (* Security fix *) ++--------------------------+ +Wed Nov 29 08:15:09 UTC 2017 +a/coreutils-8.28-x86_64-2.txz: Rebuilt. + Removed ancient (1992) aliases "dir, vdir, d, v" from the profile scripts. +a/lzlib-1.9-x86_64-1.txz: Added. +a/plzip-1.6-x86_64-1.txz: Added. +ap/man-1.6g-x86_64-3.txz: Removed. +ap/man-db-2.7.6.1-x86_64-1.txz: Added. + This package replaces the good old man package. Thanks to B. Watson. +ap/man-pages-4.14-noarch-2.txz: Rebuilt. + Don't ship a whatis database, since man-db doesn't need one. +ap/mariadb-10.2.11-x86_64-1.txz: Upgraded. +d/git-2.15.1-x86_64-1.txz: Upgraded. +d/python-setuptools-38.2.3-x86_64-1.txz: Upgraded. +x/libXcursor-1.1.15-x86_64-1.txz: Upgraded. + Fix heap overflows when parsing malicious files. (CVE-2017-16612) + It is possible to trigger heap overflows due to an integer overflow + while parsing images and a signedness issue while parsing comments. + The integer overflow occurs because the chosen limit 0x10000 for + dimensions is too large for 32 bit systems, because each pixel takes + 4 bytes. Properly chosen values allow an overflow which in turn will + lead to less allocated memory than needed for subsequent reads. + The signedness bug is triggered by reading the length of a comment + as unsigned int, but casting it to int when calling the function + XcursorCommentCreate. Turning length into a negative value allows the + check against XCURSOR_COMMENT_MAX_LEN to pass, and the following + addition of sizeof (XcursorComment) + 1 makes it possible to allocate + less memory than needed for subsequent reads. + For more information, see: + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16612 + (* Security fix *) +x/libXfont-1.5.3-x86_64-1.txz: Removed. +x/libXfont2-2.0.3-x86_64-1.txz: Upgraded. + Open files with O_NOFOLLOW. (CVE-2017-16611) + A non-privileged X client can instruct X server running under root + to open any file by creating own directory with "fonts.dir", + "fonts.alias" or any font file being a symbolic link to any other + file in the system. X server will then open it. This can be issue + with special files such as /dev/watchdog (which could then reboot + the system). + For more information, see: + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16611 + (* Security fix *) +x/xfs-1.2.0-x86_64-1.txz: Upgraded. +testing/packages/php-7.1.12-x86_64-2.txz: Rebuilt. + Load mysqlnd.so before mysqli.so in etc/php.ini*. Thanks to KewlCat. + Load libphp7.so in mod_php.conf.example. Thanks to Willy Sudiarto Raharjo. ++--------------------------+ +Tue Nov 28 06:20:03 UTC 2017 +a/eudev-3.2.5-x86_64-1.txz: Upgraded. +a/kernel-firmware-20171126git-noarch-1.txz: Upgraded. + Remove /lib/firmware/iwlwifi-*-34.ucode until after the next kernel release. +a/usbutils-009-x86_64-1.txz: Upgraded. +ap/hplip-3.17.11-x86_64-2.txz: Rebuilt. + Fixed a few Python scripts that did not have a proper python3 shebang. + Thanks to dugan. +ap/lxc-2.0.9-x86_64-1.txz: Upgraded. +ap/man-pages-4.14-noarch-1.txz: Upgraded. +ap/mc-4.8.20-x86_64-1.txz: Upgraded. +ap/nano-2.9.1-x86_64-1.txz: Upgraded. +kde/konsole-4.14.3-x86_64-3.txz: Rebuilt. + Fixed scrollUp behavior. Thanks to Andrzej Telszewski. +l/QScintilla-2.10.2-x86_64-1.txz: Upgraded. +l/ffmpeg-3.4-x86_64-2.txz: Rebuilt. + Recompiled against libva.so.2.0.0. +l/sip-4.19.6-x86_64-1.txz: Upgraded. +l/talloc-2.1.10-x86_64-1.txz: Added. +l/tdb-1.3.15-x86_64-1.txz: Added. +l/tevent-0.9.34-x86_64-1.txz: Added. +n/cyrus-sasl-2.1.26-x86_64-3.txz: Rebuilt. + Use /dev/urandom rather than /dev/random to avoid entropy starvation. + Thanks to mr.spuratic. +n/dhcpcd-6.11.5-x86_64-2.txz: Rebuilt. + Use hostname_short in dhcpcd.conf. Thanks to KewlCat. +n/network-scripts-15.0-noarch-4.txz: Rebuilt. + Script cleanups from Jakub Jankowski: + netconfig: Add comment to netconfig-generated rc.inet1.conf + rc.inet1: Check for iface in /sys/class/net, not /proc/net/dev + rc.inet1: Remove unnecessary unset num + rc.inet1: Factor DEBUG_ETH_UP logging to a separate function + rc.inet1: Use ${array[*]} not ${array[@]} to produce a string + rc.inet1: Avoid de-/configuring ifaces with indexes >=MAXNICS + rc.inet1: Avoid code duplication by combining case/esac + rc.inet1: Add missing 'dev' keyword + rc.inet1: Remove unnecessary $(echo) + rc.inet1*: Simplify virtif_* code, add note to example config + rc.inet1: Test for loopback being "state UNKNOWN" too. + rc.inet1: Use simple test (-n/-z) for non-empty/empty + rc.inet1: Replace [ test1 -a test2 ] with [ test1 ] && [ test2 ] +n/openldap-client-2.4.45-x86_64-1.txz: Upgraded. +n/samba-4.7.3-x86_64-1.txz: Upgraded. + This is a security release in order to address the following defects: + CVE-2017-14746 (Use-after-free vulnerability.) + All versions of Samba from 4.0.0 onwards are vulnerable to a use after + free vulnerability, where a malicious SMB1 request can be used to + control the contents of heap memory via a deallocated heap pointer. It + is possible this may be used to compromise the SMB server. + CVE-2017-15275 (Server heap memory information leak.) + All versions of Samba from 3.6.0 onwards are vulnerable to a heap + memory information leak, where server allocated heap memory may be + returned to the client without being cleared. + For more information, see: + https://www.samba.org/samba/security/CVE-2017-14746.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746 + https://www.samba.org/samba/security/CVE-2017-15275.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275 + (* Security fix *) +x/intel-vaapi-driver-2.0.0-x86_64-1.txz: Added. + This is the replacement for libva-intel-driver (renamed upstream). +x/libva-2.0.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. -l/pilot-link-0.12.5-x86_64-10.txz: Rebuilt. - Fixed uncompressed manpage. -l/readline-6.3-x86_64-2.txz: Rebuilt. - Applied two upstream patches. Thanks to gmgf. -l/seamonkey-solibs-2.39-x86_64-1.txz: Upgraded. -l/xapian-core-1.2.21-x86_64-1.txz: Upgraded. -n/bind-9.10.3-x86_64-1.txz: Upgraded. -n/rp-pppoe-3.12-x86_64-1.txz: Upgraded. -n/whois-5.2.10-x86_64-1.txz: Upgraded. -tcl/tcl-8.6.4-x86_64-2.txz: Rebuilt. - Fixed uncompressed manpages. -x/mesa-11.0.5-x86_64-1.txz: Upgraded. -x/xf86-input-acecad-1.5.0-x86_64-9.txz: Rebuilt. -x/xf86-input-aiptek-1.4.1-x86_64-8.txz: Removed. - This driver is unmaintained and no longer compiles. -x/xf86-input-evdev-2.10.0-x86_64-2.txz: Rebuilt. -x/xf86-input-joystick-1.6.1-x86_64-9.txz: Rebuilt. -x/xf86-input-keyboard-1.8.1-x86_64-2.txz: Rebuilt. -x/xf86-input-mouse-1.9.1-x86_64-4.txz: Rebuilt. -x/xf86-input-penmount-1.5.0-x86_64-9.txz: Rebuilt. -x/xf86-input-synaptics-1.8.3-x86_64-2.txz: Rebuilt. -x/xf86-input-vmmouse-13.1.0-x86_64-2.txz: Rebuilt. -x/xf86-input-void-1.4.0-x86_64-9.txz: Rebuilt. -x/xf86-input-wacom-0.19.0-x86_64-8.txz: Rebuilt. -x/xf86-video-apm-1.2.5-x86_64-8.txz: Rebuilt. -x/xf86-video-ark-0.7.5-x86_64-8.txz: Rebuilt. -x/xf86-video-ast-1.1.5-x86_64-2.txz: Rebuilt. -x/xf86-video-ati-7.6.1-x86_64-1.txz: Upgraded. -x/xf86-video-chips-1.2.6-x86_64-2.txz: Rebuilt. -x/xf86-video-cirrus-1.5.3-x86_64-2.txz: Rebuilt. -x/xf86-video-dummy-0.3.7-x86_64-5.txz: Rebuilt. -x/xf86-video-glint-1.2.8-x86_64-8.txz: Rebuilt. -x/xf86-video-i128-1.3.6-x86_64-8.txz: Rebuilt. -x/xf86-video-i740-1.3.5-x86_64-3.txz: Rebuilt. -x/xf86-video-intel-git_20151112_7490b9e-x86_64-1.txz: Upgraded. -x/xf86-video-mach64-6.9.5-x86_64-2.txz: Rebuilt. -x/xf86-video-mga-1.6.4-x86_64-3.txz: Rebuilt. -x/xf86-video-modesetting-0.9.0-x86_64-4.txz: Rebuilt. -x/xf86-video-neomagic-1.2.9-x86_64-2.txz: Rebuilt. -x/xf86-video-nouveau-git_20151112_1ff13a9-x86_64-1.txz: Upgraded. -x/xf86-video-nv-2.1.20-x86_64-9.txz: Rebuilt. -x/xf86-video-openchrome-0.3.3-x86_64-6.txz: Rebuilt. -x/xf86-video-r128-6.10.0-x86_64-2.txz: Rebuilt. -x/xf86-video-rendition-4.2.6-x86_64-1.txz: Upgraded. -x/xf86-video-s3-0.6.5-x86_64-8.txz: Rebuilt. -x/xf86-video-s3virge-1.10.7-x86_64-2.txz: Rebuilt. -x/xf86-video-savage-2.3.8-x86_64-2.txz: Rebuilt. -x/xf86-video-siliconmotion-1.7.8-x86_64-2.txz: Rebuilt. -x/xf86-video-sis-0.10.8-x86_64-2.txz: Rebuilt. -x/xf86-video-sisusb-0.9.6-x86_64-8.txz: Rebuilt. -x/xf86-video-tdfx-1.4.6-x86_64-3.txz: Rebuilt. -x/xf86-video-tga-1.2.2-x86_64-8.txz: Rebuilt. -x/xf86-video-trident-1.3.7-x86_64-3.txz: Rebuilt. -x/xf86-video-tseng-1.2.5-x86_64-8.txz: Rebuilt. -x/xf86-video-v4l-0.2.0-x86_64-13.txz: Rebuilt. -x/xf86-video-vesa-2.3.4-x86_64-2.txz: Rebuilt. -x/xf86-video-vmware-13.1.0-x86_64-4.txz: Rebuilt. -x/xf86-video-voodoo-1.2.5-x86_64-9.txz: Rebuilt. -x/xf86-video-xgi-1.6.1-x86_64-2.txz: Rebuilt. -x/xf86-video-xgixp-1.8.1-x86_64-8.txz: Rebuilt. -x/xorg-server-1.18.0-x86_64-1.txz: Upgraded. -x/xorg-server-xephyr-1.18.0-x86_64-1.txz: Upgraded. -x/xorg-server-xnest-1.18.0-x86_64-1.txz: Upgraded. -x/xorg-server-xvfb-1.18.0-x86_64-1.txz: Upgraded. -x/xterm-320-x86_64-1.txz: Upgraded. -xap/MPlayer-20150721-x86_64-3.txz: Rebuilt. -xap/gnuplot-5.0.1-x86_64-1.txz: Upgraded. -xap/seamonkey-2.39-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html - (* Security fix *) -xap/windowmaker-0.95.7-x86_64-1.txz: Upgraded. -xap/xine-lib-1.2.6-x86_64-5.txz: Rebuilt. -xap/xscreensaver-5.34-x86_64-1.txz: Upgraded. -extra/fltk/fltk-1.3.3-x86_64-1.txz: Added. - FLTK is needed to compile tigervnc. -extra/tigervnc/tigervnc-1.5.0-x86_64-1.txz: Upgraded. - Thanks to Eric Hameleers. -extra/xf86-video-fbdev/xf86-video-fbdev-0.4.4-x86_64-4.txz: Rebuilt. +x/libva-intel-driver-1.7.3-x86_64-1.txz: Removed. +x/libva-utils-2.0.0-x86_64-1.txz: Added. +x/mesa-17.2.6-x86_64-1.txz: Upgraded. +x/xkeyboard-config-2.22-noarch-1.txz: Upgraded. +xap/gparted-0.30.0-x86_64-1.txz: Upgraded. +xap/xine-lib-1.2.8-x86_64-4.txz: Rebuilt. + Recompiled against libva.so.2.0.0. +xfce/Thunar-1.6.13-x86_64-1.txz: Upgraded. +testing/packages/php-7.1.12-x86_64-1.txz: Added. ++--------------------------+ +Sat Nov 25 07:44:07 UTC 2017 +a/kernel-firmware-20171124git-noarch-1.txz: Upgraded. +a/kernel-generic-4.14.2-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.2-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.2-x86_64-1.txz: Upgraded. +ap/hplip-3.17.11-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.2-x86-1.txz: Upgraded. +d/rust-1.22.1-x86_64-1.txz: Upgraded. +k/kernel-source-4.14.2-noarch-1.txz: Upgraded. +l/libclc-20171115_3d994f2-x86_64-1.txz: Upgraded. +l/libfakekey-0.3-x86_64-1.txz: Upgraded. +xap/mozilla-thunderbird-52.5.0-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. -testing/packages/eudev-3.1.5-x86_64-1.txz: Added. - Thanks to Jean-Philippe Guillemin. - Expect problems (especially with an initrd) unless everything depending upon - libudev.so.0 is recompiled. Those packages include: ConsoleKit2, - ModemManager, NetworkManager, aaa_elflibs, bluez, dhcpcd, gutenprint, gvfs, - intel-gpu-tools, kde-workspace, kdelibs, libatasmart, libcanberra, libgphoto2, - libgpod, libmbim, libmtp, libusb, libusb-compat, lvm2, network-manager-applet, - qt, sane, system-config-printer, udisks, udisks2, usbmuxd, usbutils, - util-linux, xf86-input-evdev, xf86-input-vmmouse, xf86-video-ati, - xf86-video-intel, xf86-video-modesetting, xf86-video-nouveau, - xf86-video-openchrome, and xorg-server. -testing/packages/libgudev-230-x86_64-1.txz: Added. - This package is also needed in order to test eudev. usb-and-pxe-installers/usbboot.img: Rebuilt. -usb-and-pxe-installers/usbimg2disk.sh: Upgraded. - Patched to handle spaces in the FAT label. Thanks to Eric Hameleers. - Patched to fix directory layout for UEFI boot. Thanks to Didier Spaier. +--------------------------+ -Fri Nov 6 01:15:43 UTC 2015 -l/mozilla-nss-3.20.1-x86_64-1.txz: Upgraded. - Upgraded to nss-3.20.1 and nspr-4.10.10. +Wed Nov 22 05:27:06 UTC 2017 +a/kernel-generic-4.14.1-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.1-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.1-x86_64-1.txz: Upgraded. +a/mt-st-1.3-x86_64-1.txz: Upgraded. +a/shadow-4.2.1-x86_64-3.txz: Rebuilt. + Patched to display the short hostname on the login prompt. +a/sysvinit-scripts-2.1-noarch-3.txz: Rebuilt. + On second thought, let's keep using the short hostname on the login prompt + like we always have before. I'm with GazL on this one. :-) +d/kernel-headers-4.14.1-x86-1.txz: Upgraded. +k/kernel-source-4.14.1-noarch-1.txz: Upgraded. +n/ntp-4.2.8p10-x86_64-3.txz: Rebuilt. + Fixed a missing "}" in the logrotate file. Thanks to Jakub Jankowski. +xap/blueman-2.0.5-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. + SeTEFI: Don't use fdisk to detect gpt (it's not neccessary). + Thanks to Didier Spaier. + SetEFI: Scan /dev/mmcblk[0-9]. Thanks to zerouno. + probe: Filter another possible EFI partition label. Thanks to Didier Spaier. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. + SeTEFI: Don't use fdisk to detect gpt (it's not neccessary). + Thanks to Didier Spaier. + SetEFI: Scan /dev/mmcblk[0-9]. Thanks to zerouno. + probe: Filter another possible EFI partition label. Thanks to Didier Spaier. ++--------------------------+ +Tue Nov 21 05:05:41 UTC 2017 +a/elilo-3.16-x86_64-5.txz: Rebuilt. + Double the allowable kernel image size from 8MB to 16MB. + Thanks to Didier Spaier. + Patched eliloconfig to work with MMC devices. Thanks to zerouno. +a/sysvinit-scripts-2.1-noarch-2.txz: Rebuilt. + inittab: Have agetty display the FQDN, since /bin/login does. +d/cmake-3.10.0-x86_64-1.txz: Upgraded. +l/elfutils-0.170-x86_64-1.txz: Upgraded. + Moved the shared libraries to /lib{,64}. Thanks to ivandi. +l/libgsf-1.14.42-x86_64-1.txz: Upgraded. +l/libtiff-4.0.9-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7183 - (* Security fix *) + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5318 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10095 + (* Security fix *) +l/libxml2-2.9.7-x86_64-1.txz: Upgraded. +l/libxslt-1.1.32-x86_64-1.txz: Upgraded. +l/libzip-1.3.2-x86_64-1.txz: Upgraded. +l/orc-0.4.28-x86_64-1.txz: Upgraded. +n/dovecot-2.2.33.2-x86_64-2.txz: Rebuilt. + rc.dovecot: Use doveadm to shut down the service. Add status option. + Thanks to Thom1b. +n/gnupg2-2.2.3-x86_64-1.txz: Upgraded. +n/iptables-1.6.1-x86_64-2.txz: Rebuilt. +n/libmnl-1.0.4-x86_64-2.txz: Rebuilt. + Moved the shared library to /lib{,64}. Thanks to ivandi. +n/libnetfilter_queue-1.0.3-x86_64-1.txz: Upgraded. +n/libnftnl-1.0.8-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +n/nettle-3.4-x86_64-1.txz: Upgraded. +n/network-scripts-15.0-noarch-3.txz: Rebuilt. + rc.inet1, rc.inet1.conf: Fix DHCP timeout which was changed from 15 seconds + back to the 14.2 default of 10 seconds. Thanks to Eduard Rozenberg. +n/nftables-0.8-x86_64-1.txz: Upgraded. ++--------------------------+ +Sun Nov 19 03:36:30 UTC 2017 +a/eudev-3.2.4-x86_64-3.txz: Rebuilt. + Blacklist all EDAC modules by default as they make some systems unstable. +a/kernel-generic-4.14.0-x86_64-2.txz: Upgraded. +a/kernel-huge-4.14.0-x86_64-2.txz: Upgraded. +a/kernel-modules-4.14.0-x86_64-2.txz: Upgraded. +a/sysvinit-scripts-2.1-noarch-1.txz: Upgraded. + rc.M: Don't try to run rc.sendmail unless /usr/sbin/makemap is present. + rc.M: Don't try to run rc.postfix unless /usr/sbin/postdrop is present. + rc.S: Source /etc/default/adjtimex. +ap/cgmanager-0.41-x86_64-3.txz: Rebuilt. + Prevent the rc.cgmanger script from killing itself at shutdown. +ap/joe-4.5-x86_64-1.txz: Upgraded. +ap/nano-2.9.0-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.0-x86-2.txz: Upgraded. +k/kernel-source-4.14.0-noarch-2.txz: Upgraded. + -BOOTPARAM_HARDLOCKUP_PANIC n + -BOOTPARAM_HARDLOCKUP_PANIC_VALUE 0 + -BOOTPARAM_SOFTLOCKUP_PANIC n + -BOOTPARAM_SOFTLOCKUP_PANIC_VALUE 0 + -HARDLOCKUP_DETECTOR_PERF y + -LOCKUP_DETECTOR y + BLK_DEV_IO_TRACE y -> n + BUG_ON_DATA_CORRUPTION y -> n + DEBUG_LIST y -> n + DRM_AMDGPU_CIK n -> y + DRM_AMDGPU_SI n -> y + EDAC_DECODE_MCE y -> m + HARDLOCKUP_DETECTOR y -> n + SOFTLOCKUP_DETECTOR y -> n +n/postfix-3.2.4-x86_64-2.txz: Rebuilt. + Make the start message in postfix-script look a bit more correct for when + it shows up during boot. +n/yptools-2.14-x86_64-9.txz: Rebuilt. + rc.yp: Fix setting nisdomainname. +extra/tigervnc/tigervnc-1.8.0-x86_64-3.txz: Rebuilt. + Rebuilt against xorg-server-1.19.5. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Tue Nov 3 19:50:31 UTC 2015 -a/aaa_elflibs-14.2-x86_64-4.txz: Rebuilt. -l/pcre-8.37-x86_64-1.txz: Upgraded. - Moved libraries into /lib{,64} since grep needs them. - Thanks to Michal Cieslakiewicz. -xap/mozilla-firefox-42.0-x86_64-1.txz: Upgraded. +Fri Nov 17 06:49:47 UTC 2017 +n/network-scripts-15.0-noarch-2.txz: Rebuilt. + netconfig: Added $GATEWAY that was accidentally dropped from the script. + Thanks to Robby Workman for pointing out my mistake. ++--------------------------+ +Fri Nov 17 00:56:25 UTC 2017 +a/dbus-1.12.2-x86_64-1.txz: Upgraded. +a/eject-2.1.5-x86_64-4.txz: Removed. +a/etc-15.0-x86_64-1.txz: Upgraded. + /etc/passwd: Added postfix (UID 91), postdrop (UID 92), dovecot (UID 94), + and dovenull (UID 95). + /etc/group: Added postfix (GID 91), postdrop (GID 92), dovecot (GID 94), + and dovenull (GID 95). +a/hostname-3.18-x86_64-1.txz: Added. + This is the latest version of the hostname utility, broken out into a new + package to get rid of duplication between util-linux and net-tools. +a/kernel-firmware-20171109git-noarch-1.txz: Upgraded. +a/kernel-generic-4.14.0-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.0-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.0-x86_64-1.txz: Upgraded. +a/lvm2-2.02.176-x86_64-1.txz: Upgraded. +a/pkgtools-15.0-noarch-1.txz: Upgraded. + Added Postfix and Dovecot to the services setup menu. +a/smartmontools-6.6-x86_64-1.txz: Upgraded. +a/sysvinit-scripts-2.0-noarch-39.txz: Rebuilt. + rc.M: Set the hostname returned by "hostname" with no arguments to be the + FQDN (Fully Qualified Domain Name). Technically, it should work either way + (and mostly does), but in practice there are a few things that either refuse + to work (mostly commercial software), or require additional configuration if + hostname returns the short hostname rather than the FQDN. + rc.M: If rc.sendmail is not present and executable, try rc.postfix. + rc.M: Run rc.dovecot if it is executable. + rc.*: Don't source any init scripts. +a/time-1.8-x86_64-1.txz: Upgraded. +a/util-linux-2.31-x86_64-2.txz: Rebuilt. + Don't add hostname, domainname, dnsdomainname, nisdomainname, or ypdomainname + to the util-linux package. These are provided by the new hostname package. + Allow the eject utility to build. +ap/alsa-utils-1.1.5-x86_64-1.txz: Upgraded. +ap/linuxdoc-tools-0.9.72-x86_64-4.txz: Rebuilt. + Upgraded to DocBook XSL Stylesheets 1.79.2. Thanks to Stuart Winter. + Applied patch to fix bus error with xsltproc. Thanks to ecd102 on LQ. +ap/soma-2.11.3-noarch-1.txz: Upgraded. +ap/sysstat-11.6.1-x86_64-1.txz: Upgraded. +d/Cython-0.27.3-x86_64-1.txz: Upgraded. +d/cmake-3.9.6-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.0-x86-1.txz: Upgraded. +d/re2c-1.0.3-x86_64-1.txz: Upgraded. +d/scons-3.0.1-x86_64-1.txz: Upgraded. +d/strace-4.20-x86_64-1.txz: Upgraded. +k/kernel-source-4.14.0-noarch-1.txz: Upgraded. +kde/kdelibs-4.14.38-x86_64-1.txz: Upgraded. +l/SDL2_image-2.0.2-x86_64-1.txz: Upgraded. +l/alsa-lib-1.1.5-x86_64-1.txz: Upgraded. +l/alsa-plugins-1.1.5-x86_64-1.txz: Upgraded. +l/at-spi2-atk-2.26.1-x86_64-1.txz: Upgraded. +l/at-spi2-core-2.26.2-x86_64-1.txz: Upgraded. +l/dconf-editor-3.26.2-x86_64-1.txz: Upgraded. +l/glib-networking-2.54.1-x86_64-1.txz: Upgraded. +l/glib2-2.54.2-x86_64-1.txz: Upgraded. +l/gtk+2-2.24.31-x86_64-3.txz: Rebuilt. + Added more patches from upstream git. Thanks to Robby Workman. +l/gtk+3-3.22.26-x86_64-1.txz: Upgraded. +l/harfbuzz-1.7.1-x86_64-1.txz: Upgraded. +l/libplist-2.0.0-x86_64-1.txz: Upgraded. + This update fixes several security issues. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6440 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6439 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6438 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6437 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6436 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6435 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5836 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5835 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5834 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5545 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5209 + (* Security fix *) +l/libsoup-2.60.2-x86_64-1.txz: Upgraded. +l/mozilla-nss-3.34-x86_64-1.txz: Upgraded. + Upgraded to nss-3.34 and nspr-4.17. +l/pango-1.40.14-x86_64-1.txz: Upgraded. +l/pygobject3-3.26.1-x86_64-1.txz: Upgraded. +l/sip-4.19.5-x86_64-1.txz: Upgraded. +l/vte-0.50.2-x86_64-1.txz: Upgraded. +n/NetworkManager-1.10.0-x86_64-1.txz: Upgraded. + Use the FQDN (Fully Qualified Domain Name) for the hostname as reported by + "hostname" with no arguments. +n/cyrus-sasl-2.1.26-x86_64-2.txz: Rebuilt. + Create /etc/sasl2 configuration directory. +n/dovecot-2.2.33.2-x86_64-1.txz: Added. + This will be the new IMAP/POP3 server in the next Slackware release. + Thanks to Alan Hicks, Mario Preksavec, and /dev/rob0 for assistance. +n/ethtool-4.13-x86_64-1.txz: Upgraded. +n/gnupg2-2.2.2-x86_64-1.txz: Upgraded. +n/imapd-2.21-x86_64-1.txz: Removed. +n/inetd-1.79s-x86_64-10.txz: Rebuilt. + Do not run inetd (rc.inetd is now shipped non-executable), or open any ports + in inetd.conf by default. +n/iproute2-4.14.1-x86_64-1.txz: Upgraded. +n/libmilter-8.15.2-x86_64-1.txz: Added. + This is a compile-time dependency of Postfix. +n/net-tools-20170208_479bb4a-x86_64-1.txz: Upgraded. + Don't include hostname, domainname, dnsdomainname, nisdomainname, + or ypdomainname. These are provided by the new hostname package. +n/network-scripts-15.0-noarch-1.txz: Upgraded. + Switch to using ip instead of ifconfig and route. + Supports create/destroy of virtual tun/tap interfaces and adding + them to bridges. + Supports additional IP addresses added to interfaces in a way + that's compatible with net-tools. + Thanks to Robby Workman. +n/postfix-3.2.4-x86_64-1.txz: Added. + This will be the default MTA in the next Slackware release. Thanks to + Alan Hicks, Mario Preksavec, and /dev/rob0 for assistance. +n/samba-4.6.10-x86_64-1.txz: Upgraded. +n/sendmail-8.15.2-x86_64-2.txz: Removed. + Moved to /extra. +n/sendmail-cf-8.15.2-noarch-2.txz: Removed. + Moved to /extra. +n/stunnel-5.43-x86_64-1.txz: Upgraded. +n/wireless-tools-29-x86_64-10.txz: Rebuilt. + Use ip instead of ifconfig. Thanks to Robby Workman. +t/texlive-2017.171108-x86_64-1.txz: Upgraded. + Fixes, cleanups, and logging support in texmf_get.sh. + Support for many more languages. + More manpages and info files included. + TeX packages moved to texlive-extra (hosted on slackbuilds.org): cc-pl, + cmexb, cs, ghsystem, kerkis, pl, quran, tipa, and udesoftec. + Tex packages excluded as obsolete: aleph and its support files, and cslatex. + PDF files removed from koma-script docs. + Compiled with --disable-dump-share for better performance. + TeXLive fonts are now optionally available to other system applications + through a fontconfig file (/etc/fonts/conf.avail/09-texlive.conf). + Thanks to Johannes Schoepfer for all of these improvements. +x/bdftopcf-1.1-x86_64-1.txz: Upgraded. +x/intel-gpu-tools-1.20-x86_64-1.txz: Upgraded. +x/libXfont-1.5.3-x86_64-1.txz: Upgraded. +x/libdrm-2.4.88-x86_64-1.txz: Upgraded. +x/libpciaccess-0.14-x86_64-1.txz: Upgraded. +x/mesa-17.2.5-x86_64-1.txz: Upgraded. +xap/gnuplot-5.2.2-x86_64-1.txz: Upgraded. +xap/gucharmap-10.0.3-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-57.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html - (* Security fix *) + https://www.mozilla.org/security/known-vulnerabilities/firefox.html + (* Security fix *) +xap/network-manager-applet-1.8.6-x86_64-1.txz: Upgraded. +xap/xpaint-2.10.2-x86_64-1.txz: Upgraded. +extra/bash-completion/bash-completion-2.7-noarch-2.txz: Rebuilt. + Applied some patches from upstream git, including one that unclobbers the + rfkill completion from util-linux. Don't clobber mount and umount + completions from util-linux. Thanks to ill323 on LQ for the heads-up. +extra/sendmail/sendmail-8.15.2-x86_64-2.txz: Added. + Moved here from the N series. This is still a solid choice for an MTA, and + probably the most flexible (although it can be difficult to configure - it + has been said that the M4 macro language resembles line noise). + Thanks to Eric Allman and everyone at Sendmail for all the years of work. +extra/sendmail/sendmail-cf-8.15.2-noarch-2.txz: Added. + Moved here from the N series. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Mon Nov 2 19:34:58 UTC 2015 -a/grep-2.22-x86_64-1.txz: Upgraded. -a/lvm2-2.02.133-x86_64-1.txz: Upgraded. -ap/mariadb-10.0.22-x86_64-1.txz: Upgraded. -l/gst-plugins-base-1.6.1-x86_64-1.txz: Upgraded. -l/gst-plugins-good-1.6.1-x86_64-1.txz: Upgraded. -l/gstreamer-1.6.1-x86_64-1.txz: Upgraded. -x/xf86-input-evdev-2.10.0-x86_64-1.txz: Upgraded. -x/xf86-input-synaptics-1.8.3-x86_64-1.txz: Upgraded. -x/xorg-server-1.17.4-x86_64-1.txz: Upgraded. -x/xorg-server-xephyr-1.17.4-x86_64-1.txz: Upgraded. -x/xorg-server-xnest-1.17.4-x86_64-1.txz: Upgraded. -x/xorg-server-xvfb-1.17.4-x86_64-1.txz: Upgraded. -+--------------------------+ -Sun Nov 1 17:11:32 UTC 2015 -kde/calligra-2.9.8-x86_64-2.txz: Rebuilt. - Recompiled against gsl-2.0. -kde/step-4.14.3-x86_64-3.txz: Rebuilt. - Recompiled against gsl-2.0. -l/cairo-1.14.4-x86_64-1.txz: Upgraded. -l/gsl-2.0-x86_64-1.txz: Upgraded. -l/orc-0.4.24-x86_64-1.txz: Upgraded. -+--------------------------+ -Sat Oct 31 17:39:05 UTC 2015 -a/lvm2-2.02.132-x86_64-1.txz: Upgraded. -a/pkgtools-14.2-noarch-3.txz: Rebuilt. - Fix unnecessary bashism "==" in makepkg. Thanks to Lars Lindqvist. -a/xz-5.2.2-x86_64-1.txz: Upgraded. -x/xdg-utils-1.1.1-noarch-1.txz: Upgraded. -xap/sane-1.0.25-x86_64-1.txz: Upgraded. -+--------------------------+ -Sat Oct 31 00:13:40 UTC 2015 -a/dbus-1.10.2-x86_64-1.txz: Upgraded. -l/glib2-2.46.1-x86_64-2.txz: Rebuilt. - Applied upstream patch to work around an issue with Java. - Thanks to Robby Workman. -l/gvfs-1.26.1.1-x86_64-1.txz: Upgraded. -n/bridge-utils-1.5-x86_64-1.txz: Upgraded. - Thanks to Stuart Winter. +Fri Nov 3 18:42:23 UTC 2017 +a/openssl-solibs-1.0.2m-x86_64-1.txz: Upgraded. +--------------------------+ -Thu Oct 29 20:12:14 UTC 2015 -a/aaa_elflibs-14.2-x86_64-3.txz: Rebuilt. - Added libgdbm.so.4. - Added libssh2.so.1. - Added libudev.so.0. - Added libgudev-1.0.so.0. -a/btrfs-progs-v4.2.3-x86_64-1.txz: Upgraded. -a/cryptsetup-1.6.8-x86_64-1.txz: Upgraded. -a/dbus-1.10.0-x86_64-1.txz: Upgraded. - Thanks to Robby Workman. -a/e2fsprogs-1.42.13-x86_64-1.txz: Upgraded. -a/etc-14.2-x86_64-3.txz: Rebuilt. - Improved comments in lang.{csh,sh} concerning UTF-8. - Thanks to Didier Spaier. -a/hdparm-9.48-x86_64-1.txz: Upgraded. -a/kernel-generic-4.1.12-x86_64-1.txz: Upgraded. -a/kernel-huge-4.1.12-x86_64-1.txz: Upgraded. -a/kernel-modules-4.1.12-x86_64-1.txz: Upgraded. -a/less-481-x86_64-1.txz: Upgraded. -a/pkgtools-14.2-noarch-2.txz: Rebuilt. - Sort the file lists in /var/log/packages when installing. - Thanks to Erik Jan Tromp. -ap/cups-filters-1.0.76-x86_64-1.txz: Upgraded. -ap/dc3dd-7.2.641-x86_64-1.txz: Upgraded. -ap/linuxdoc-tools-0.9.69-x86_64-5.txz: Rebuilt. -ap/moc-2.5.0-x86_64-2.txz: Rebuilt. -ap/tmux-2.1-x86_64-1.txz: Upgraded. -ap/vim-7.4.898-x86_64-1.txz: Upgraded. -ap/zsh-5.1.1-x86_64-1.txz: Upgraded. -d/automake-1.15-noarch-1.txz: Upgraded. -d/ccache-3.2.4-x86_64-1.txz: Upgraded. -d/cmake-3.3.2-x86_64-1.txz: Upgraded. -d/dev86-0.16.21-x86_64-1.txz: Upgraded. - Thanks to Heinz Wiesinger. -d/git-2.6.2-x86_64-1.txz: Upgraded. -d/kernel-headers-4.1.12-x86-1.txz: Upgraded. -d/make-4.1-x86_64-1.txz: Upgraded. -d/perl-5.22.0-x86_64-1.txz: Upgraded. - Upgraded perl modules: DBD-mysql-4.032, DBI-1.634, URI-1.69, - XML-Parser-2.44, gettext-1.07. -d/python-2.7.10-x86_64-2.txz: Rebuilt. -d/python-setuptools-18.4-x86_64-1.txz: Upgraded. -d/ruby-2.2.3-x86_64-3.txz: Rebuilt. -d/scons-2.4.0-x86_64-1.txz: Added. - Thanks to Heinz Wiesinger. -d/subversion-1.9.2-x86_64-1.txz: Upgraded. - Thanks to Heinz Wiesinger. -k/kernel-source-4.1.12-noarch-1.txz: Upgraded. -kde/amarok-2.8.0-x86_64-3.txz: Rebuilt. -kde/amor-4.14.3-x86_64-2.txz: Rebuilt. -kde/analitza-4.14.3-x86_64-2.txz: Rebuilt. -kde/ark-4.14.3-x86_64-2.txz: Rebuilt. -kde/artikulate-4.14.3-x86_64-2.txz: Rebuilt. -kde/audiocd-kio-4.14.3-x86_64-2.txz: Rebuilt. -kde/baloo-4.14.3-x86_64-2.txz: Rebuilt. -kde/baloo-widgets-4.14.3-x86_64-2.txz: Rebuilt. -kde/blinken-4.14.3-x86_64-2.txz: Rebuilt. -kde/bluedevil-2.1.1-x86_64-2.txz: Rebuilt. -kde/bomber-4.14.3-x86_64-2.txz: Rebuilt. -kde/bovo-4.14.3-x86_64-2.txz: Rebuilt. -kde/calligra-2.9.8-x86_64-1.txz: Upgraded. -kde/cantor-4.14.3-x86_64-2.txz: Rebuilt. -kde/cervisia-4.14.3-x86_64-2.txz: Rebuilt. -kde/dolphin-plugins-4.14.3-x86_64-2.txz: Rebuilt. -kde/dragon-4.14.3-x86_64-2.txz: Rebuilt. -kde/filelight-4.14.3-x86_64-2.txz: Rebuilt. -kde/granatier-4.14.3-x86_64-2.txz: Rebuilt. -kde/gwenview-4.14.3-x86_64-2.txz: Rebuilt. -kde/juk-4.14.3-x86_64-2.txz: Rebuilt. -kde/k3b-2.0.3-x86_64-2.txz: Rebuilt. -kde/kaccessible-4.14.3-x86_64-2.txz: Rebuilt. -kde/kactivities-4.13.3-x86_64-2.txz: Rebuilt. -kde/kajongg-4.14.3-x86_64-2.txz: Rebuilt. -kde/kalgebra-4.14.3-x86_64-2.txz: Rebuilt. -kde/kalzium-4.14.3-x86_64-2.txz: Rebuilt. -kde/kamera-4.14.3-x86_64-2.txz: Rebuilt. -kde/kanagram-4.14.3-x86_64-2.txz: Rebuilt. -kde/kapman-4.14.3-x86_64-2.txz: Rebuilt. -kde/kapptemplate-4.14.3-x86_64-2.txz: Rebuilt. -kde/kate-4.14.3-x86_64-2.txz: Rebuilt. -kde/katomic-4.14.3-x86_64-2.txz: Rebuilt. -kde/kaudiocreator-1.3-x86_64-2.txz: Rebuilt. -kde/kblackbox-4.14.3-x86_64-2.txz: Rebuilt. -kde/kblocks-4.14.3-x86_64-2.txz: Rebuilt. -kde/kbounce-4.14.3-x86_64-2.txz: Rebuilt. -kde/kbreakout-4.14.3-x86_64-2.txz: Rebuilt. -kde/kbruch-4.14.3-x86_64-2.txz: Rebuilt. -kde/kcachegrind-4.14.3-x86_64-2.txz: Rebuilt. -kde/kcalc-4.14.3-x86_64-2.txz: Rebuilt. -kde/kcharselect-4.14.3-x86_64-2.txz: Rebuilt. -kde/kcolorchooser-4.14.3-x86_64-2.txz: Rebuilt. -kde/kcron-4.14.3-x86_64-2.txz: Rebuilt. -kde/kde-base-artwork-4.14.3-x86_64-2.txz: Rebuilt. -kde/kde-baseapps-4.14.3-x86_64-2.txz: Rebuilt. -kde/kde-dev-scripts-4.14.3-x86_64-2.txz: Rebuilt. -kde/kde-dev-utils-4.14.3-x86_64-2.txz: Rebuilt. -kde/kde-runtime-4.14.3-x86_64-2.txz: Rebuilt. -kde/kde-workspace-4.11.22-x86_64-1.txz: Upgraded. -kde/kdeartwork-4.14.3-x86_64-2.txz: Rebuilt. -kde/kdeconnect-kde-0.8-x86_64-2.txz: Rebuilt. -kde/kdegraphics-mobipocket-4.14.3-x86_64-2.txz: Rebuilt. -kde/kdegraphics-strigi-analyzer-4.14.3-x86_64-2.txz: Rebuilt. -kde/kdegraphics-thumbnailers-4.14.3-x86_64-2.txz: Rebuilt. -kde/kdelibs-4.14.13-x86_64-1.txz: Upgraded. -kde/kdenetwork-filesharing-4.14.3-x86_64-2.txz: Rebuilt. -kde/kdenetwork-strigi-analyzers-4.14.3-x86_64-2.txz: Rebuilt. -kde/kdepim-4.14.10-x86_64-1.txz: Upgraded. -kde/kdepim-runtime-4.14.10-x86_64-1.txz: Upgraded. -kde/kdepimlibs-4.14.10-x86_64-1.txz: Upgraded. -kde/kdeplasma-addons-4.14.3-x86_64-2.txz: Rebuilt. -kde/kdesdk-kioslaves-4.14.3-x86_64-2.txz: Rebuilt. -kde/kdesdk-strigi-analyzers-4.14.3-x86_64-2.txz: Rebuilt. -kde/kdesdk-thumbnailers-4.14.3-x86_64-2.txz: Rebuilt. -kde/kdev-python-1.7.2-x86_64-1.txz: Upgraded. -kde/kdevelop-4.7.2-x86_64-1.txz: Upgraded. -kde/kdevelop-pg-qt-1.0.0-x86_64-2.txz: Rebuilt. -kde/kdevelop-php-1.7.2-x86_64-1.txz: Upgraded. -kde/kdevelop-php-docs-1.7.2-x86_64-1.txz: Upgraded. -kde/kdevplatform-1.7.2-x86_64-1.txz: Upgraded. -kde/kdewebdev-4.14.3-x86_64-2.txz: Rebuilt. -kde/kdf-4.14.3-x86_64-2.txz: Rebuilt. -kde/kdiamond-4.14.3-x86_64-2.txz: Rebuilt. -kde/kfilemetadata-4.14.3-x86_64-2.txz: Rebuilt. -kde/kfloppy-4.14.3-x86_64-2.txz: Rebuilt. -kde/kfourinline-4.14.3-x86_64-2.txz: Rebuilt. -kde/kgamma-4.14.3-x86_64-2.txz: Rebuilt. -kde/kgeography-4.14.3-x86_64-2.txz: Rebuilt. -kde/kget-4.14.3-x86_64-2.txz: Rebuilt. -kde/kgoldrunner-4.14.3-x86_64-2.txz: Rebuilt. -kde/kgpg-4.14.3-x86_64-2.txz: Rebuilt. -kde/khangman-4.14.3-x86_64-2.txz: Rebuilt. -kde/kig-4.14.3-x86_64-2.txz: Rebuilt. -kde/kigo-4.14.3-x86_64-2.txz: Rebuilt. -kde/killbots-4.14.3-x86_64-2.txz: Rebuilt. -kde/kio-mtp-2063e75_20131020git-x86_64-2.txz: Rebuilt. -kde/kiriki-4.14.3-x86_64-2.txz: Rebuilt. -kde/kiten-4.14.3-x86_64-2.txz: Rebuilt. -kde/kjumpingcube-4.14.3-x86_64-2.txz: Rebuilt. -kde/klettres-4.14.3-x86_64-2.txz: Rebuilt. -kde/klickety-4.14.3-x86_64-2.txz: Rebuilt. -kde/klines-4.14.3-x86_64-2.txz: Rebuilt. -kde/kmag-4.14.3-x86_64-2.txz: Rebuilt. -kde/kmahjongg-4.14.3-x86_64-2.txz: Rebuilt. -kde/kmines-4.14.3-x86_64-2.txz: Rebuilt. -kde/kmix-4.14.3-x86_64-2.txz: Rebuilt. -kde/kmousetool-4.14.3-x86_64-2.txz: Rebuilt. -kde/kmouth-4.14.3-x86_64-2.txz: Rebuilt. -kde/kmplot-4.14.3-x86_64-2.txz: Rebuilt. -kde/knavalbattle-4.14.3-x86_64-2.txz: Rebuilt. -kde/knetwalk-4.14.3-x86_64-2.txz: Rebuilt. -kde/kolf-4.14.3-x86_64-2.txz: Rebuilt. -kde/kollision-4.14.3-x86_64-2.txz: Rebuilt. -kde/kolourpaint-4.14.3-x86_64-2.txz: Rebuilt. -kde/kompare-4.14.3-x86_64-2.txz: Rebuilt. -kde/konquest-4.14.3-x86_64-2.txz: Rebuilt. -kde/konsole-4.14.3-x86_64-2.txz: Rebuilt. -kde/kopete-4.14.3-x86_64-2.txz: Rebuilt. -kde/korundum-4.14.3-x86_64-3.txz: Rebuilt. -kde/kpat-4.14.3-x86_64-2.txz: Rebuilt. -kde/kplayer-0.7.2-x86_64-2.txz: Rebuilt. -kde/kppp-4.14.3-x86_64-2.txz: Rebuilt. -kde/kqtquickcharts-4.14.3-x86_64-2.txz: Rebuilt. -kde/krdc-4.14.3-x86_64-2.txz: Rebuilt. -kde/kremotecontrol-4.14.3-x86_64-2.txz: Rebuilt. -kde/kreversi-4.14.3-x86_64-2.txz: Rebuilt. -kde/krfb-4.14.3-x86_64-2.txz: Rebuilt. -kde/kross-interpreters-4.14.3-x86_64-2.txz: Rebuilt. -kde/kruler-4.14.3-x86_64-2.txz: Rebuilt. -kde/ksaneplugin-4.14.3-x86_64-2.txz: Rebuilt. -kde/kscreen-1.0.2.1-x86_64-2.txz: Rebuilt. -kde/kshisen-4.14.3-x86_64-2.txz: Rebuilt. -kde/ksirk-4.14.3-x86_64-2.txz: Rebuilt. -kde/ksnakeduel-4.14.3-x86_64-2.txz: Rebuilt. -kde/ksnapshot-4.14.3-x86_64-2.txz: Rebuilt. -kde/kspaceduel-4.14.3-x86_64-2.txz: Rebuilt. -kde/ksquares-4.14.3-x86_64-2.txz: Rebuilt. -kde/kstars-4.14.3-x86_64-2.txz: Rebuilt. -kde/ksudoku-4.14.3-x86_64-2.txz: Rebuilt. -kde/ksystemlog-4.14.3-x86_64-2.txz: Rebuilt. -kde/kteatime-4.14.3-x86_64-2.txz: Rebuilt. -kde/ktimer-4.14.3-x86_64-2.txz: Rebuilt. -kde/ktorrent-4.3.1-x86_64-2.txz: Rebuilt. -kde/ktouch-4.14.3-x86_64-2.txz: Rebuilt. -kde/ktuberling-4.14.3-x86_64-2.txz: Rebuilt. -kde/kturtle-4.14.3-x86_64-2.txz: Rebuilt. -kde/ktux-4.14.3-x86_64-2.txz: Rebuilt. -kde/kubrick-4.14.3-x86_64-2.txz: Rebuilt. -kde/kuser-4.14.3-x86_64-2.txz: Rebuilt. -kde/kwalletmanager-4.14.3-x86_64-2.txz: Rebuilt. -kde/kwebkitpart-1.3.4-x86_64-2.txz: Rebuilt. -kde/kwordquiz-4.14.3-x86_64-2.txz: Rebuilt. -kde/libkcddb-4.14.3-x86_64-2.txz: Rebuilt. -kde/libkcompactdisc-4.14.3-x86_64-2.txz: Rebuilt. -kde/libkdcraw-4.14.3-x86_64-2.txz: Rebuilt. -kde/libkdeedu-4.14.3-x86_64-2.txz: Rebuilt. -kde/libkdegames-4.14.3-x86_64-2.txz: Rebuilt. -kde/libkexiv2-4.14.3-x86_64-2.txz: Rebuilt. -kde/libkipi-4.14.3-x86_64-2.txz: Rebuilt. -kde/libkmahjongg-4.14.3-x86_64-2.txz: Rebuilt. -kde/libkomparediff2-4.14.3-x86_64-2.txz: Rebuilt. -kde/libksane-4.14.3-x86_64-2.txz: Rebuilt. -kde/libkscreen-1.0.5-x86_64-2.txz: Rebuilt. -kde/libktorrent-1.3.1-x86_64-3.txz: Rebuilt. -kde/libmm-qt-1.0.1-x86_64-2.txz: Rebuilt. -kde/libnm-qt-0.9.8.3-x86_64-2.txz: Rebuilt. -kde/lokalize-4.14.3-x86_64-2.txz: Rebuilt. -kde/lskat-4.14.3-x86_64-2.txz: Rebuilt. -kde/marble-4.14.3-x86_64-2.txz: Rebuilt. -kde/mplayerthumbs-4.14.3-x86_64-2.txz: Rebuilt. -kde/nepomuk-core-4.14.3-x86_64-2.txz: Rebuilt. -kde/nepomuk-widgets-4.14.3-x86_64-2.txz: Rebuilt. -kde/okteta-4.14.3-x86_64-2.txz: Rebuilt. -kde/okular-4.14.3-x86_64-2.txz: Rebuilt. -kde/oxygen-gtk2-1.4.6-x86_64-2.txz: Rebuilt. -kde/oxygen-icons-4.14.3-x86_64-2.txz: Rebuilt. -kde/pairs-4.14.3-x86_64-2.txz: Rebuilt. -kde/palapeli-4.14.3-x86_64-2.txz: Rebuilt. -kde/parley-4.14.3-x86_64-2.txz: Rebuilt. -kde/partitionmanager-1.1.1-x86_64-2.txz: Rebuilt. -kde/perlkde-4.14.3-x86_64-2.txz: Rebuilt. -kde/perlqt-4.14.3-x86_64-2.txz: Rebuilt. -kde/picmi-4.14.3-x86_64-2.txz: Rebuilt. -kde/plasma-nm-0.9.3.6-x86_64-1.txz: Upgraded. -kde/polkit-kde-agent-1-9d74ae3_20120104git-x86_64-2.txz: Rebuilt. -kde/polkit-kde-kcmodules-1-001bdf7_20120111git-x86_64-2.txz: Rebuilt. -kde/poxml-4.14.3-x86_64-2.txz: Rebuilt. -kde/print-manager-4.14.3-x86_64-2.txz: Rebuilt. -kde/pykde4-4.14.3-x86_64-3.txz: Rebuilt. -kde/qtruby-4.14.3-x86_64-4.txz: Rebuilt. -kde/rocs-4.14.3-x86_64-2.txz: Rebuilt. -kde/skanlite-1.1-x86_64-2.txz: Rebuilt. -kde/smokegen-4.14.3-x86_64-2.txz: Rebuilt. -kde/smokekde-4.14.3-x86_64-2.txz: Rebuilt. -kde/smokeqt-4.14.3-x86_64-3.txz: Rebuilt. -kde/step-4.14.3-x86_64-2.txz: Rebuilt. -kde/superkaramba-4.14.3-x86_64-2.txz: Rebuilt. -kde/svgpart-4.14.3-x86_64-2.txz: Rebuilt. -kde/sweeper-4.14.3-x86_64-2.txz: Rebuilt. -kde/umbrello-4.14.3-x86_64-2.txz: Rebuilt. -kde/wicd-kde-0.3.0_bcf27d8-x86_64-2.txz: Rebuilt. -kde/zeroconf-ioslave-4.14.3-x86_64-2.txz: Rebuilt. -kdei/calligra-l10n-bs-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ca-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ca@valencia-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-cs-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-da-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-de-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-el-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-en_GB-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-es-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-et-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-fi-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-fr-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-gl-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-hu-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-it-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ja-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-kk-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-nb-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-nl-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pl-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pt-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pt_BR-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ru-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-sk-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-sv-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-tr-2.9.8-noarch-1.txz: Added. -kdei/calligra-l10n-uk-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-zh_CN-2.9.8-noarch-1.txz: Upgraded. -kdei/calligra-l10n-zh_TW-2.9.8-noarch-1.txz: Upgraded. -l/ConsoleKit-0.4.5-x86_64-1.txz: Removed. -l/ConsoleKit2-1.0.0-x86_64-1.txz: Added. - This replaces the ConsoleKit package. - Thanks to Eric Hameleers and Robby Workman. -l/GConf-3.2.6-x86_64-2.txz: Rebuilt. -l/adwaita-icon-theme-3.18.0-noarch-1.txz: Upgraded. -l/apr-1.5.2-x86_64-1.txz: Upgraded. -l/apr-util-1.5.4-x86_64-1.txz: Upgraded. -l/at-spi2-atk-2.18.1-x86_64-1.txz: Upgraded. -l/at-spi2-core-2.18.1-x86_64-1.txz: Upgraded. -l/atk-2.18.0-x86_64-1.txz: Upgraded. -l/dconf-editor-3.18.1-x86_64-1.txz: Upgraded. -l/ebook-tools-0.2.2-x86_64-3.txz: Rebuilt. - Applied upstream patch to support epub3 fixed layout. - Thanks to Heinz Wiesinger. -l/exiv2-0.25-x86_64-1.txz: Upgraded. - Shared library .so-version bump. Thanks to Heinz Wiesinger. -l/freetype-2.6.1-x86_64-1.txz: Upgraded. -l/gdbm-1.11-x86_64-1.txz: Upgraded. - Shared library .so-version bump. Thanks to Heinz Wiesinger. -l/gdk-pixbuf2-2.32.1-x86_64-1.txz: Upgraded. -l/glib-networking-2.46.1-x86_64-1.txz: Upgraded. -l/glib2-2.46.1-x86_64-1.txz: Upgraded. - Thanks to Robby Workman for preparing the most recent gtk/glib stack - that's marked as stable. -l/gnome-themes-standard-3.18.0-x86_64-1.txz: Upgraded. -l/gobject-introspection-1.46.0-x86_64-1.txz: Upgraded. -l/gsettings-desktop-schemas-3.18.1-x86_64-1.txz: Upgraded. -l/gsl-1.16-x86_64-1.txz: Added. -l/gst-plugins-base-1.6.0-x86_64-1.txz: Upgraded. -l/gst-plugins-good-1.6.0-x86_64-1.txz: Upgraded. -l/gstreamer-1.6.0-x86_64-1.txz: Upgraded. -l/gtk+3-3.18.2-x86_64-1.txz: Upgraded. -l/gvfs-1.26.1-x86_64-1.txz: Upgraded. -l/jasper-1.900.1-x86_64-5.txz: Rebuilt. - Applied many security and bug fixes. - Thanks to Heinz Wiesinger. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3522 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4516 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4517 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8138 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8157 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8158 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9029 - (* Security fix *) -l/libcanberra-0.30-x86_64-2.txz: Rebuilt. - Fixed building against tdb. Thanks to Heinz Wiesinger. -l/libodfgen-0.1.4-x86_64-1.txz: Upgraded. -l/libproxy-0.4.11-x86_64-3.txz: Rebuilt. -l/librsvg-2.40.11-x86_64-1.txz: Upgraded. -l/libsoup-2.52.1-x86_64-1.txz: Upgraded. -l/libtiff-4.0.5-x86_64-1.txz: Upgraded. - Thanks to Heinz Wiesinger. -l/libvisio-0.1.3-x86_64-1.txz: Added. - Thanks to Heinz Wiesinger. -l/libvpx-1.4.0-x86_64-1.txz: Upgraded. - Shared library .so-version bump. Thanks to Heinz Wiesinger. -l/libwpg-0.3.0-x86_64-1.txz: Added. - Thanks to Heinz Wiesinger. -l/libzip-1.0.1-x86_64-1.txz: Upgraded. - Shared library .so-version bump. Thanks to Heinz Wiesinger. -l/pango-1.38.1-x86_64-1.txz: Upgraded. -l/pilot-link-0.12.5-x86_64-9.txz: Rebuilt. -l/poppler-0.37.0-x86_64-1.txz: Upgraded. - Shared library .so-version bump. -l/pygobject3-3.18.2-x86_64-1.txz: Added. -l/python-pillow-3.0.0-x86_64-1.txz: Upgraded. - Upgraded to Pillow 3.0.0 and Sane 2.8.2. -l/qca-2.0.3-x86_64-1.txz: Upgraded. -l/qca-cyrus-sasl-2.0.0_beta3-x86_64-2.txz: Rebuilt. -l/serf-1.3.8-x86_64-1.txz: Added. - Thanks to Heinz Wiesinger. -l/strigi-0.7.8-x86_64-2.txz: Rebuilt. -l/virtuoso-ose-6.1.8-x86_64-2.txz: Rebuilt. -n/alpine-2.20-x86_64-2.txz: Rebuilt. -n/curl-7.45.0-x86_64-1.txz: Upgraded. - This is now compiled against libssh2 for sftp support. - Thanks to Jonathan Woithe. - Fixes some security issues. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3144 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3145 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3236 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3237 - (* Security fix *) -n/cyrus-sasl-2.1.26-x86_64-1.txz: Upgraded. - Shared library .so-version bump. -n/epic5-1.4-x86_64-1.txz: Upgraded. -n/httpd-2.4.17-x86_64-1.txz: Upgraded. -n/icmpinfo-1.11-x86_64-2.txz: Rebuilt. - Patched to avoid a segfault on 64-bit systems. Thanks to Zoltán Pósfai. -n/imapd-2.20-x86_64-2.txz: Rebuilt. -n/irssi-0.8.17-x86_64-2.txz: Rebuilt. -n/libssh2-1.6.0-x86_64-1.txz: Added. - Apologies to Jonathan Woithe for taking so long to add this one. :-) -n/mutt-1.5.24-x86_64-2.txz: Rebuilt. -n/net-snmp-5.7.3-x86_64-2.txz: Rebuilt. -n/netatalk-2.2.3-x86_64-6.txz: Rebuilt. -n/ntp-4.2.8p4-x86_64-1.txz: Upgraded. - In addition to bug fixes and enhancements, this release fixes - several low and medium severity vulnerabilities. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9750 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5196 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7691 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7692 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7701 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7702 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7705 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7848 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7849 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7850 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7851 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7852 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7853 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7854 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7855 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7871 - (* Security fix *) -n/obexftp-0.23-x86_64-11.txz: Rebuilt. -n/openldap-client-2.4.42-x86_64-1.txz: Upgraded. -n/php-5.6.14-x86_64-1.txz: Upgraded. - This update fixes some bugs and security issues. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7803 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7804 - (* Security fix *) -n/samba-4.3.1-x86_64-1.txz: Upgraded. -n/sendmail-8.15.2-x86_64-2.txz: Rebuilt. -n/sendmail-cf-8.15.2-noarch-2.txz: Rebuilt. -n/vsftpd-3.0.3-x86_64-1.txz: Upgraded. -n/yptools-2.14-x86_64-4.txz: Rebuilt. - Upgraded to ypbind-mt-1.38 and ypserv-2.32.1. -x/libdrm-2.4.65-x86_64-1.txz: Upgraded. -x/libva-1.6.1-x86_64-1.txz: Upgraded. -x/libva-intel-driver-1.6.1-x86_64-1.txz: Upgraded. -x/mesa-11.0.4-x86_64-1.txz: Upgraded. -x/pixman-0.33.4-x86_64-1.txz: Upgraded. -x/scim-1.4.15-x86_64-2.txz: Rebuilt. - Applied upstream patch to fix segfault with GTK3 apps. - Thanks to Heinz Wiesinger. -x/scim-anthy-1.2.7-x86_64-1.txz: Upgraded. -x/scim-hangul-0.4.0-x86_64-1.txz: Upgraded. -x/scim-input-pad-0.1.3.1-x86_64-1.txz: Upgraded. -x/scim-pinyin-0.5.92-x86_64-1.txz: Upgraded. -x/scim-tables-0.5.14.1-x86_64-1.txz: Upgraded. -x/xinput-1.6.2-x86_64-1.txz: Upgraded. -x/xorg-server-1.17.3-x86_64-1.txz: Upgraded. -x/xorg-server-xephyr-1.17.3-x86_64-1.txz: Upgraded. -x/xorg-server-xnest-1.17.3-x86_64-1.txz: Upgraded. -x/xorg-server-xvfb-1.17.3-x86_64-1.txz: Upgraded. -xap/MPlayer-20150721-x86_64-2.txz: Rebuilt. -xap/audacious-3.6.2-x86_64-1.txz: Upgraded. -xap/audacious-plugins-3.6.2-x86_64-1.txz: Upgraded. -xap/geeqie-1.2.1-x86_64-1.txz: Upgraded. - Thanks to Heinz Wiesinger. -xap/gnuchess-6.2.2-x86_64-1.txz: Upgraded. -xap/imagemagick-6.9.2_4-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-41.0.2-x86_64-1.txz: Upgraded. - This release contains security fixes and improvements. +Fri Nov 3 03:31:56 UTC 2017 +a/sysvinit-scripts-2.0-noarch-38.txz: Rebuilt. + Check that rc.mysqld is executable before attempting to shut down the + database server. Checking for the mysql.pid is not enough, as /var/run/mysql + might be bind mounted into a container. Thanks to Jakub Jankowski. +ap/cups-2.2.6-x86_64-1.txz: Upgraded. +ap/mariadb-10.2.10-x86_64-1.txz: Upgraded. + This update fixes bugs and security issues. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html + https://jira.mariadb.org/browse/MDEV-13819 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10268 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10378 (* Security fix *) -xap/pidgin-2.10.11-x86_64-3.txz: Rebuilt. -xap/vim-gvim-7.4.898-x86_64-1.txz: Upgraded. -xap/xchat-2.8.8-x86_64-11.txz: Rebuilt. -xap/xine-lib-1.2.6-x86_64-4.txz: Rebuilt. -xfce/tumbler-0.1.31-x86_64-2.txz: Rebuilt. -extra/xf86-video-fbdev/xf86-video-fbdev-0.4.4-x86_64-3.txz: Rebuilt. +l/expat-2.2.5-x86_64-1.txz: Upgraded. +l/gegl-0.2.0-x86_64-6.txz: Rebuilt. + Replaced deprecated functions in ff-load module. Thanks to Theodore Kilgore. +n/openssl-1.0.2m-x86_64-1.txz: Upgraded. + This update fixes a security issue: + There is a carry propagating bug in the x64 Montgomery squaring procedure. + No EC algorithms are affected. Analysis suggests that attacks against RSA + and DSA as a result of this defect would be very difficult to perform and + are not believed likely. Attacks against DH are considered just feasible + (although very difficult) because most of the work necessary to deduce + information about a private key may be performed offline. The amount of + resources required for such an attack would be very significant and likely + only accessible to a limited number of attackers. An attacker would + additionally need online access to an unpatched system using the target + private key in a scenario with persistent DH parameters and a private + key that is shared between multiple clients. + This only affects processors that support the BMI1, BMI2 and ADX extensions + like Intel Broadwell (5th generation) and later or AMD Ryzen. + For more information, see: + https://www.openssl.org/news/secadv/20171102.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3736 + (* Security fix *) ++--------------------------+ +Tue Oct 31 23:53:38 UTC 2017 +a/aaa_elflibs-14.2-x86_64-32.txz: Rebuilt. + Added libatomic, and updated versions of libcurl, libexpat, libglib-2.0, + libgmodule-2.0, libgobject-2.0, libgthread-2.0, libidn2, libmpfr, and + libpng16. +x/libdrm-2.4.87-x86_64-1.txz: Upgraded. +x/mesa-17.2.4-x86_64-1.txz: Upgraded. ++--------------------------+ +Fri Oct 27 20:34:35 UTC 2017 +ap/rpm-4.14.0-x86_64-2.txz: Rebuilt. + Recompiled to fix linking to old library versions. Thanks to USUARIONUEVO. +l/SDL2_mixer-2.0.2-x86_64-1.txz: Upgraded. +l/libmcs-0.7.2-x86_64-1.txz: Removed. +l/libmowgli-1.0.0-x86_64-1.txz: Removed. +l/pyrex-0.9.9-x86_64-2.txz: Removed. +n/php-5.6.32-x86_64-1.txz: Upgraded. + Several security bugs were fixed in this release: + Out of bounds read in timelib_meridian(). + The arcfour encryption stream filter crashes PHP. + Applied upstream patch for PCRE (CVE-2016-1283). + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1283 + (* Security fix *) +n/wget-1.19.2-x86_64-1.txz: Upgraded. + This update fixes stack and heap overflows in in HTTP protocol handling. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13089 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13090 + (* Security fix *) ++--------------------------+ +Wed Oct 25 19:09:26 UTC 2017 +a/btrfs-progs-v4.13.3-x86_64-1.txz: Upgraded. +a/e2fsprogs-1.43.7-x86_64-1.txz: Upgraded. +a/gawk-4.2.0-x86_64-2.txz: Rebuilt. + Put the profile scripts in the right place. Thanks to gmgf. +a/glibc-zoneinfo-2017c-noarch-1.txz: Upgraded. +ap/hplip-3.17.10-x86_64-1.txz: Upgraded. +ap/rpm-4.14.0-x86_64-1.txz: Upgraded. +ap/sqlite-3.21.0-x86_64-1.txz: Upgraded. +d/git-2.14.2-x86_64-1.txz: Upgraded. +d/scons-3.0.0-x86_64-1.txz: Upgraded. +l/SDL2-2.0.7-x86_64-1.txz: Upgraded. +l/apr-1.6.3-x86_64-1.txz: Upgraded. +l/apr-util-1.6.1-x86_64-1.txz: Upgraded. +l/atk-2.26.1-x86_64-1.txz: Upgraded. +l/imagemagick-6.9.9_20-x86_64-1.txz: Upgraded. +l/lame-3.100-x86_64-1.txz: Upgraded. +l/libgphoto2-2.5.16-x86_64-1.txz: Upgraded. +l/libsoup-2.60.1-x86_64-1.txz: Upgraded. +l/polkit-qt-1-0.112.0-x86_64-1.txz: Upgraded. +n/ModemManager-1.6.10-x86_64-1.txz: Upgraded. +n/gnutls-3.6.1-x86_64-1.txz: Upgraded. +n/httpd-2.4.29-x86_64-1.txz: Upgraded. +n/irssi-1.0.5-x86_64-1.txz: Upgraded. + This update fixes some remote denial of service issues. + For more information, see: + https://irssi.org/security/irssi_sa_2017_10.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15228 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15227 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15721 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15723 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15722 + (* Security fix *) +tcl/expect-5.45.3-x86_64-1.txz: Upgraded. +x/libdrm-2.4.85-x86_64-1.txz: Upgraded. +xfce/xfce4-notifyd-0.4.0-x86_64-1.txz: Upgraded. +xfce/xfce4-weather-plugin-0.8.10-x86_64-1.txz: Upgraded. + This has a bugfix related to setting the location: + https://bugzilla.xfce.org/show_bug.cgi?id=13877 ++--------------------------+ +Tue Oct 24 05:31:18 UTC 2017 +a/util-linux-2.31-x86_64-1.txz: Upgraded. +ap/screen-4.6.2-x86_64-1.txz: Upgraded. +l/seamonkey-solibs-2.49.1-x86_64-1.txz: Upgraded. +n/curl-7.56.1-x86_64-1.txz: Upgraded. + This update fixes a security issue: + IMAP FETCH response out of bounds read may cause a crash or information leak. + For more information, see: + https://curl.haxx.se/docs/adv_20171023.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000257 + (* Security fix *) +n/rfkill-0.5-x86_64-1.txz: Removed. +xap/seamonkey-2.49.1-x86_64-1.txz: Upgraded. ++--------------------------+ +Fri Oct 20 04:44:44 UTC 2017 +a/gawk-4.2.0-x86_64-1.txz: Upgraded. +d/patchelf-0.9-x86_64-1.txz: Added. +d/rust-1.21.0-x86_64-1.txz: Upgraded. + Thanks to Stuart Winter for adding ARM compatibility to the build script, and + to Andrew Clemons for help getting the 32-bit x86 build working again. +l/ffmpeg-3.4-x86_64-1.txz: Upgraded. +x/libdrm-2.4.84-x86_64-1.txz: Upgraded. +x/mesa-17.2.3-x86_64-1.txz: Upgraded. ++--------------------------+ +Wed Oct 18 18:21:18 UTC 2017 +ap/cups-2.2.5-x86_64-1.txz: Upgraded. +n/wpa_supplicant-2.6-x86_64-2.txz: Rebuilt. + This update includes patches to mitigate the WPA2 protocol issues known + as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, + hijack TCP connections, and to forge and inject packets. This is the + list of vulnerabilities that are addressed here: + CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the + 4-way handshake. + CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake. + CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way + handshake. + CVE-2017-13080: Reinstallation of the group key (GTK) in the group key + handshake. + CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group + key handshake. + CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) + Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) + while processing it. + CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake. + CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) + PeerKey (TPK) key in the TDLS handshake. + CVE-2017-13087: reinstallation of the group key (GTK) when processing a + Wireless Network Management (WNM) Sleep Mode Response frame. + CVE-2017-13088: reinstallation of the integrity group key (IGTK) when + processing a Wireless Network Management (WNM) Sleep Mode Response frame. + For more information, see: + https://www.krackattacks.com/ + https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 + (* Security fix *) +x/libXfont2-2.0.2-x86_64-1.txz: Upgraded. + This update is a collection of minor fixes since 2.0.1, including + CVE-2017-13720 and CVE-2017-13722. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13720 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13722 + (* Security fix *) +x/libXres-1.2.0-x86_64-1.txz: Upgraded. + Integer overflows may allow X servers to trigger allocation of insufficient + memory and a buffer overflow via vectors related to the (1) + XResQueryClients and (2) XResQueryClientResources functions. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1988 + (* Security fix *) +x/xorg-server-1.19.5-x86_64-1.txz: Upgraded. + This update fixes integer overflows and other possible security issues. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12176 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12177 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12178 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12179 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12180 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12181 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12182 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12183 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12184 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12185 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12186 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12187 + (* Security fix *) +x/xorg-server-xephyr-1.19.5-x86_64-1.txz: Upgraded. +x/xorg-server-xnest-1.19.5-x86_64-1.txz: Upgraded. +x/xorg-server-xvfb-1.19.5-x86_64-1.txz: Upgraded. ++--------------------------+ +Tue Oct 10 18:08:31 UTC 2017 +a/eudev-3.2.4-x86_64-2.txz: Rebuilt. + Fixed a typo in configure.ac. Thanks to Robby Workman. +a/lvm2-2.02.175-x86_64-1.txz: Upgraded. +a/mkinitrd-1.4.11-x86_64-5.txz: Rebuilt. + Save a copy of the command line used to create the initrd as "command_line" + in /boot/initrd-tree/ and within the initrd itself. Also save a copy of + /etc/mkinitrd.conf if it exists. +ap/slackpkg-2.82.2-noarch-1.txz: Upgraded. + Updated mirrors-x86*.sample to remove dead mirrors and clarify + intent to use mirrors.slackware.com. + Add /usr/share/vim/ and /var/yp/ to search path for .new files. + Minor tweaks to default blacklist file. + Minor tweaks to manual pages. + Thanks to Robby Workman. +ap/tmux-2.6-x86_64-1.txz: Upgraded. +d/meson-0.43.0-x86_64-1.txz: Upgraded. +d/perl-5.26.1-x86_64-3.txz: Rebuilt. + Don't install a perllocal.pod with information on the vendor_perl bundled + modules (that file is for local additions) -- ship the file as + vendor_perl.pod instead. Thanks to Robby Workman. +kde/perlqt-4.14.3-x86_64-5.txz: Rebuilt. + Added support for QScintilla. Thanks to oneforall. +l/ffmpeg-3.3.4-x86_64-2.txz: Rebuilt. + Patched to build against openjpeg-2.3.0. Thanks to Matteo Bernardini. +l/glib2-2.54.1-x86_64-2.txz: Rebuilt. + Applied an upstream patch to fix a race condition. Thanks to Robby Workman. +l/herqq-1.0.0-x86_64-1.txz: Removed. +l/imagemagick-6.9.9_19-x86_64-1.txz: Upgraded. +l/libnl3-3.4.0-x86_64-1.txz: Upgraded. +n/lftp-4.8.3-x86_64-1.txz: Upgraded. ++--------------------------+ +Sat Oct 7 02:53:31 UTC 2017 +a/btrfs-progs-v4.13.2-x86_64-1.txz: Upgraded. +ap/texinfo-6.5-x86_64-2.txz: Rebuilt. + Rebuilt for perl-5.26.1. +d/perl-5.26.1-x86_64-2.txz: Rebuilt. + Replaced Net-SMTP-SSL-1.04 (deprecated upstream) with libnet-3.10. + Thanks to Matteo Bernardini. +l/libxml2-2.9.6-x86_64-1.txz: Upgraded. +l/libxslt-1.1.31-x86_64-1.txz: Upgraded. +xap/mozilla-thunderbird-52.4.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Fri Oct 6 06:32:32 UTC 2017 +a/kernel-generic-4.9.53-x86_64-1.txz: Upgraded. +a/kernel-huge-4.9.53-x86_64-1.txz: Upgraded. +a/kernel-modules-4.9.53-x86_64-1.txz: Upgraded. +ap/cups-filters-1.17.9-x86_64-1.txz: Upgraded. +ap/ghostscript-9.22-x86_64-1.txz: Upgraded. +ap/vim-8.0.1175-x86_64-1.txz: Upgraded. + Compiled using libperl.so from perl-5.26.1. +d/cmake-3.9.4-x86_64-1.txz: Upgraded. +d/kernel-headers-4.9.53-x86-1.txz: Upgraded. +d/perl-5.26.1-x86_64-1.txz: Upgraded. + Added the following perl modules to support git send-email (thanks to + Xsane): Authen-SASL-2.16, MIME-Base64-3.15, and Net-SMTP-SSL-1.04. +d/python3-3.6.3-x86_64-1.txz: Upgraded. +k/kernel-source-4.9.53-noarch-1.txz: Upgraded. + KSM n -> y (thanks to ivandi) +kde/perlkde-4.14.3-x86_64-4.txz: Rebuilt. + Recompiled using libperl.so from perl-5.26.1. +kde/perlqt-4.14.3-x86_64-4.txz: Rebuilt. + Recompiled using libperl.so from perl-5.26.1. +l/gtk+3-3.22.24-x86_64-1.txz: Upgraded. +l/imagemagick-6.9.9_18-x86_64-1.txz: Upgraded. +l/libmtp-1.1.14-x86_64-1.txz: Upgraded. +l/librsvg-2.40.19-x86_64-1.txz: Upgraded. +l/openjpeg-2.3.0-x86_64-1.txz: Upgraded. + This update fixes security issues which may lead to a denial of service + or possibly remote code execution. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9572 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9573 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9580 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9581 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12982 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14039 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14040 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14041 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14151 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14152 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14164 + (* Security fix *) +l/vte-0.50.1-x86_64-1.txz: Upgraded. +n/curl-7.56.0-x86_64-1.txz: Upgraded. + This update fixes a security issue: + libcurl may read outside of a heap allocated buffer when doing FTP. + For more information, see: + https://curl.haxx.se/docs/adv_20171004.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254 + (* Security fix *) +n/epic5-2.0.1-x86_64-2.txz: Rebuilt. + Recompiled using libperl.so from perl-5.26.1. +n/irssi-1.0.4-x86_64-2.txz: Rebuilt. + Recompiled using libperl.so from perl-5.26.1. +n/net-snmp-5.7.3-x86_64-6.txz: Rebuilt. + Recompiled using libperl.so from perl-5.26.1. +n/ntp-4.2.8p10-x86_64-2.txz: Rebuilt. + Recompiled using libperl.so from perl-5.26.1. +n/p11-kit-0.23.9-x86_64-1.txz: Upgraded. +x/libinput-1.8.3-x86_64-1.txz: Upgraded. +x/xorg-server-1.19.4-x86_64-1.txz: Upgraded. + This update fixes two security issues: + Xext/shm: Validate shmseg resource id, otherwise it can belong to a + non-existing client and abort X server with FatalError "client not + in use", or overwrite existing segment of another existing client. + Generating strings for XKB data used a single shared static buffer, + which offered several opportunities for errors. Use a ring of + resizable buffers instead, to avoid problems when strings end up + longer than anticipated. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13721 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13723 + (* Security fix *) +x/xorg-server-xephyr-1.19.4-x86_64-1.txz: Upgraded. +x/xorg-server-xnest-1.19.4-x86_64-1.txz: Upgraded. +x/xorg-server-xvfb-1.19.4-x86_64-1.txz: Upgraded. +xap/hexchat-2.12.4-x86_64-2.txz: Rebuilt. + Recompiled using libperl.so from perl-5.26.1. + Built with --enable-python=python3. +xap/pidgin-2.12.0-x86_64-2.txz: Rebuilt. + Recompiled using libperl.so from perl-5.26.1. +xap/vim-gvim-8.0.1175-x86_64-1.txz: Upgraded. + Compiled using libperl.so from perl-5.26.1. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Thu Oct 8 23:09:33 UTC 2015 -d/ccache-3.2.3-x86_64-2.txz: Rebuilt. - Recompiled with --sysconfdir=/etc so that ccache will look there for a - system-wide config (not in /usr/etc). Thanks to David Spencer. -d/libtool-2.4.6-x86_64-2.txz: Rebuilt. -xap/mozilla-thunderbird-38.3.0-x86_64-2.txz: Rebuilt. - Recompiled with --enable-calendar. -xap/xine-lib-1.2.6-x86_64-3.txz: Rebuilt. - Removed broken .la files. Thanks to David Spencer. -+--------------------------+ -Mon Oct 5 17:24:30 UTC 2015 -a/glibc-zoneinfo-2015g-noarch-1.txz: Upgraded. - Upgraded to tzcode2015g and tzdata2015g. -ap/cdrtools-3.01-x86_64-2.txz: Rebuilt. - Removed useless man pages in /usr/man/man3. Thanks to Adrien Nader. -+--------------------------+ -Thu Oct 1 21:21:36 UTC 2015 -a/pkgtools-14.2-noarch-1.txz: Upgraded. - Patched makepkg and removepkg to support spaces in symlinks. Spaces in file - and directory names also work, so support should be complete. - Thanks to Erik Jan Tromp. - Patched makepkg to ensure that the root of a package is chmod 755. - Patched installpkg to speed up several parts of the script, especially when - symlinks are created by an install script. If bash is available, install - scripts will be translated to avoid spawning two subshells per link. - Also, reduced UUOC! :-) - Patched removepkg to speed up several parts of the script. - Thanks to Stuart Winter and Jim Hawkins. - Patched upgradepkg to speed up several parts of the script by using native - bash rather than calling out to sed. (Similar changes might be applied to - installpkg/removepkg in the future, but upgradepkg looping against the full - set of packages is where the most improvement is seen) - Thanks to Michal "mina86" Nazarewicz. -l/mozilla-nss-3.20-x86_64-1.txz: Upgraded. - Upgraded to nss-3.20 and nspr-4.10.9. -l/seamonkey-solibs-2.38-x86_64-1.txz: Upgraded. -n/php-5.6.13-x86_64-1.txz: Upgraded. - This update fixes some bugs and security issues. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6834 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6835 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6836 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6837 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6838 - (* Security fix *) -x/libXi-1.7.5-x86_64-1.txz: Upgraded. -x/libxcb-1.11.1-x86_64-1.txz: Upgraded. -x/mesa-11.0.2-x86_64-1.txz: Upgraded. -x/xf86-video-chips-1.2.6-x86_64-1.txz: Upgraded. -x/xf86-video-s3virge-1.10.7-x86_64-1.txz: Upgraded. -x/xf86-video-sis-0.10.8-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-41.0.1-x86_64-1.txz: Upgraded. - This release contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html - (* Security fix *) -xap/mozilla-thunderbird-38.3.0-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html - (* Security fix *) -xap/seamonkey-2.38-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html - (* Security fix *) -+--------------------------+ -Wed Sep 23 01:10:36 UTC 2015 -a/smartmontools-6.4-x86_64-1.txz: Upgraded. -ap/cdrtools-3.01-x86_64-1.txz: Upgraded. -ap/ddrescue-1.20-x86_64-1.txz: Upgraded. -d/ccache-3.2.3-x86_64-1.txz: Upgraded. -l/gc-7.4.2-x86_64-3.txz: Rebuilt. - Build without --disable-static, but don't package the extra static libraries. - This ensures that all the symbols are exported in the shared libraries. -l/libjpeg-turbo-1.4.2-x86_64-1.txz: Upgraded. -l/libtasn1-4.7-x86_64-1.txz: Upgraded. -l/notify-python-0.1.1-x86_64-5.txz: Rebuilt. - Patched to fix hplip-tools. Thanks to gmgf. -n/stunnel-5.23-x86_64-2.txz: Rebuilt. - Server certificate config file name changed from stunnel.cnf to openssl.cnf. - Thanks to Iouri Kharon. -xap/mozilla-firefox-41.0-x86_64-1.txz: Upgraded. - This release contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html - (* Security fix *) +Tue Oct 3 21:06:59 UTC 2017 +ap/gphoto2-2.5.15-x86_64-1.txz: Upgraded. +l/dconf-0.26.1-x86_64-1.txz: Upgraded. +l/dconf-editor-3.26.1-x86_64-1.txz: Upgraded. +l/gdk-pixbuf2-2.36.11-x86_64-1.txz: Upgraded. +l/glib2-2.54.1-x86_64-1.txz: Upgraded. +l/gobject-introspection-1.54.1-x86_64-1.txz: Upgraded. +l/gtk+3-3.22.22-x86_64-1.txz: Upgraded. +l/gvfs-1.34.1-x86_64-1.txz: Upgraded. +l/libgphoto2-2.5.15-x86_64-1.txz: Upgraded. +l/seamonkey-solibs-2.48-x86_64-3.txz: Rebuilt. +n/openssh-7.6p1-x86_64-1.txz: Upgraded. +x/mesa-17.2.2-x86_64-1.txz: Upgraded. +xap/gucharmap-10.0.2-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-56.0-x86_64-2.txz: Rebuilt. + Recompiled with --enable-accessibility. + Thanks to Didier Spaier. +xap/mozilla-thunderbird-52.3.0-x86_64-2.txz: Rebuilt. + Recompiled with --enable-accessibility and Google API support. + Thanks to Didier Spaier. +xap/seamonkey-2.48-x86_64-3.txz: Rebuilt. + Recompiled with --enable-accessibility and Google API support. + Thanks to Didier Spaier. +--------------------------+ -Tue Sep 15 22:36:17 UTC 2015 -ap/hplip-3.15.9-x86_64-1.txz: Upgraded. -ap/sqlite-3.8.11.1-x86_64-1.txz: Upgraded. -d/llvm-3.7.0-x86_64-1.txz: Upgraded. -n/ca-certificates-20150426-noarch-2.txz: Rebuilt. - Patched update-ca-certificates to remove incompatible command operators - used to call 'run-parts'. Thanks to Stuart Winter. -n/stunnel-5.23-x86_64-1.txz: Upgraded. -x/mesa-11.0.0-x86_64-1.txz: Upgraded. -x/xf86-video-intel-git_20150915_23986f0-x86_64-1.txz: Upgraded. - Set default acceleration method to DRI2/UXA. -x/xf86-video-vmware-13.1.0-x86_64-3.txz: Rebuilt. -+--------------------------+ -Thu Sep 10 14:12:07 UTC 2015 -d/gdb-7.10-x86_64-1.txz: Upgraded. -l/gobject-introspection-1.44.0-x86_64-1.txz: Upgraded. -l/netpbm-10.66.02-x86_64-4.txz: Rebuilt. - Removed junk /usr/pkgconfig_template and /usr/bin/manweb files. - Thanks to j_v on LQ. -l/parted-3.2-x86_64-2.txz: Rebuilt. -n/sendmail-8.15.2-x86_64-1.txz: Upgraded. -n/sendmail-cf-8.15.2-noarch-1.txz: Upgraded. -x/mesa-10.6.6-x86_64-1.txz: Upgraded. -+--------------------------+ -Thu Sep 3 22:02:39 UTC 2015 -l/seamonkey-solibs-2.35-x86_64-1.txz: Upgraded. -n/mutt-1.5.24-x86_64-1.txz: Upgraded. -x/mesa-10.6.5-x86_64-2.txz: Rebuilt. - Recompiled with --enable-nine. -xap/seamonkey-2.35-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html - (* Security fix *) -+--------------------------+ -Wed Sep 2 19:36:31 UTC 2015 -n/bind-9.10.2_P4-x86_64-1.txz: Upgraded. - This update fixes two denial-of-service vulnerabilities: - + CVE-2015-5722 is a denial-of-service vector which can be - exploited remotely against a BIND server that is performing - validation on DNSSEC-signed records. Validating recursive - resolvers are at the greatest risk from this defect, but it has not - been ruled out that it could be exploited against an - authoritative-only nameserver under limited conditions. Servers - that are not performing validation are not vulnerable. However, - ISC does not recommend disabling validation as a workaround to - this issue as it exposes the server to other types of attacks. - Upgrading to the patched versions is the recommended solution. - All versions of BIND since 9.0.0 are vulnerable to CVE-2015-5722. - + CVE-2015-5986 is a denial-of-service vector which can be used - against a BIND server that is performing recursion. Validation - is not required. Recursive resolvers are at the greatest risk - from this defect, but it has not been ruled out that it could - be exploited against an authoritative-only nameserver under - limited conditions. - Only versions of BIND since 9.9.7 and 9.10.2 are vulnerable to - CVE-2015-5986. - For more information, see: - https://kb.isc.org/article/AA-01287/0 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5722 - https://kb.isc.org/article/AA-01291/0 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5986 - (* Security fix *) -+--------------------------+ -Tue Sep 1 23:29:22 UTC 2015 -a/aaa_elflibs-14.2-x86_64-2.txz: Rebuilt. -a/cryptsetup-1.6.7-x86_64-1.txz: Upgraded. -a/lvm2-2.02.129-x86_64-1.txz: Upgraded. -ap/lxc-1.1.3-x86_64-1.txz: Upgraded. -d/git-2.5.1-x86_64-1.txz: Upgraded. -l/dconf-editor-3.16.1-x86_64-1.txz: Added. -l/gdk-pixbuf2-2.31.7-x86_64-1.txz: Upgraded. - Gustavo Grieco discovered a heap overflow in the processing of BMP images - which may result in the execution of arbitrary code if a malformed image - is opened. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491 - (* Security fix *) -n/ModemManager-1.4.10-x86_64-1.txz: Upgraded. -n/NetworkManager-1.0.6-x86_64-1.txz: Upgraded. -n/openssh-7.1p1-x86_64-1.txz: Upgraded. -x/libvdpau-1.1.1-x86_64-1.txz: Upgraded. - libvdpau versions 1.1 and earlier, when used in setuid or setgid - applications, contain vulnerabilities related to environment variable - handling that could allow an attacker to execute arbitrary code or - overwrite arbitrary files. This release uses the secure_getenv() - function to fix these problems. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5198 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5199 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5200 - (* Security fix *) -x/mesa-10.6.5-x86_64-1.txz: Upgraded. -xap/network-manager-applet-1.0.6-x86_64-1.txz: Upgraded. -+--------------------------+ -Sun Aug 30 22:43:36 UTC 2015 -l/adwaita-icon-theme-3.16.2-noarch-2.txz: Rebuilt. - Patched to remove bogus /usr/locale/ directory tree. Thanks to ponce. -l/gvfs-1.24.2-x86_64-2.txz: Rebuilt. - Rebuilt to fix missing CIFS filesystem support. Thanks to lems. -x/xorg-server-1.17.2-x86_64-2.txz: Rebuilt. - Recompiled with stability patches from upstream. Thanks to ponce. -x/xorg-server-xephyr-1.17.2-x86_64-2.txz: Rebuilt. -x/xorg-server-xnest-1.17.2-x86_64-2.txz: Rebuilt. -x/xorg-server-xvfb-1.17.2-x86_64-2.txz: Rebuilt. -+--------------------------+ -Sat Aug 29 05:27:29 UTC 2015 -a/procps-ng-3.3.10-x86_64-4.txz: Rebuilt. - Recompiled without --enable-timeout-stat to fix fuser hang. -kde/oxygen-gtk3-1.4.1-x86_64-1.txz: Removed. -x/libXaw3dXft-1.6.2d-x86_64-2.txz: Rebuilt. -xap/mozilla-firefox-40.0.3-x86_64-1.txz: Upgraded. - This release contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html +Mon Oct 2 17:16:06 UTC 2017 +n/dnsmasq-2.78-x86_64-1.txz: Upgraded. + This update fixes bugs and remotely exploitable security issues that may + have impacts including denial of service, information leak, and execution + of arbitrary code. Thanks to Felix Wilhelm, Fermin J. Serna, Gabriel Campana, + Kevin Hamacher, Ron Bowes, and Gynvael Coldwind of the Google Security Team. + For more information, see: + https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13704 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14495 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14496 (* Security fix *) +isolinux/initrd.img: Rebuilt. + When doing a network install, don't download a package if the tagfile is + going to skip installing it. Thanks to ivandi. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Mon Aug 24 19:03:07 UTC 2015 -d/ruby-2.2.3-x86_64-2.txz: Rebuilt. -x/intel-gpu-tools-1.9-x86_64-1.txz: Upgraded. -x/xf86-video-intel-git_20150824_3e07681-x86_64-1.txz: Upgraded. - Thanks to ponce for helpful hints on getting this working again. -x/xf86-video-xgi-1.6.1-x86_64-1.txz: Upgraded. -+--------------------------+ -Fri Aug 21 21:17:48 UTC 2015 -a/aaa_elflibs-14.2-x86_64-1.txz: Upgraded. -a/dosfstools-3.0.28-x86_64-1.txz: Upgraded. -a/etc-14.2-x86_64-2.txz: Rebuilt. -a/glibc-solibs-2.22-x86_64-1.txz: Upgraded. -a/glibc-zoneinfo-2015f-noarch-1.txz: Upgraded. -a/kernel-firmware-20150820git-noarch-1.txz: Upgraded. -a/kernel-generic-4.1.6-x86_64-1.txz: Upgraded. -a/kernel-huge-4.1.6-x86_64-1.txz: Upgraded. -a/kernel-modules-4.1.6-x86_64-1.txz: Upgraded. -a/procps-ng-3.3.10-x86_64-3.txz: Rebuilt. - Fix "fuser -s $FILE" with patch from upstream git. - Thanks to Dan Church. -ap/cups-2.0.4-x86_64-2.txz: Rebuilt. -ap/cups-filters-1.0.73-x86_64-1.txz: Upgraded. -ap/hplip-3.15.7-x86_64-2.txz: Rebuilt. - Patched a bug. Thanks to gmgf. -ap/linuxdoc-tools-0.9.69-x86_64-4.txz: Rebuilt. - Upgraded to asciidoc-8.6.9 and gtk-doc-1.24. - Thanks to Stuart Winter. -d/gcc-4.9.3-x86_64-1.txz: Upgraded. -d/gcc-g++-4.9.3-x86_64-1.txz: Upgraded. -d/gcc-gfortran-4.9.3-x86_64-1.txz: Upgraded. -d/gcc-gnat-4.9.3-x86_64-1.txz: Upgraded. -d/gcc-go-4.9.3-x86_64-1.txz: Upgraded. -d/gcc-java-4.9.3-x86_64-1.txz: Upgraded. -d/gcc-objc-4.9.3-x86_64-1.txz: Upgraded. -d/kernel-headers-4.1.6-x86-1.txz: Upgraded. -d/pkg-config-0.28-x86_64-2.txz: Rebuilt. -d/ruby-2.2.3-x86_64-1.txz: Upgraded. - Thanks to Vincent Batts. -e/emacs-24.5-x86_64-2.txz: Rebuilt. -k/kernel-source-4.1.6-noarch-1.txz: Upgraded. -kde/korundum-4.14.3-x86_64-2.txz: Rebuilt. -kde/qtruby-4.14.3-x86_64-3.txz: Rebuilt. -l/elfutils-0.163-x86_64-1.txz: Added. -l/glib-networking-2.44.0-x86_64-2.txz: Rebuilt. -l/glibc-2.22-x86_64-1.txz: Upgraded. -l/glibc-i18n-2.22-x86_64-1.txz: Upgraded. -l/glibc-profile-2.22-x86_64-1.txz: Upgraded. -l/gtk+2-2.24.28-x86_64-2.txz: Rebuilt. -l/gtk+3-3.16.6-x86_64-1.txz: Upgraded. -l/gvfs-1.24.2-x86_64-1.txz: Upgraded. -l/libarchive-3.1.2-x86_64-2.txz: Rebuilt. -l/libelf-0.8.13-x86_64-5.txz: Removed. -l/libmng-2.0.3-x86_64-1.txz: Upgraded. -l/librsvg-2.40.10-x86_64-1.txz: Upgraded. -l/libvncserver-0.9.10-x86_64-2.txz: Rebuilt. -l/loudmouth-1.5.0_20121201-x86_64-2.txz: Rebuilt. -l/pango-1.36.8-x86_64-2.txz: Rebuilt. -l/urwid-1.3.0-x86_64-1.txz: Upgraded. -n/gnutls-3.4.4.1-x86_64-1.txz: Upgraded. - This update fixes some bugs and security issues. - For more information, see: - http://www.gnutls.org/security.html#GNUTLS-SA-2015-2 - http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6251 - (* Security fix *) -n/iputils-s20140519-x86_64-1.txz: Upgraded. -n/nettle-3.1.1-x86_64-1.txz: Upgraded. -n/obexftp-0.23-x86_64-10.txz: Rebuilt. -n/samba-4.2.3-x86_64-1.txz: Upgraded. - Modified wscript files to install talloc, tevent, and tdb directly. - Thanks to Christoph Willing. -x/appres-1.0.4-x86_64-2.txz: Rebuilt. -x/bdftopcf-1.0.5-x86_64-2.txz: Rebuilt. -x/beforelight-1.0.5-x86_64-2.txz: Rebuilt. -x/bitmap-1.0.8-x86_64-2.txz: Rebuilt. -x/compiz-0.8.8-x86_64-3.txz: Rebuilt. -x/dri2proto-2.8-x86_64-2.txz: Rebuilt. -x/dri3proto-1.0-x86_64-2.txz: Rebuilt. -x/editres-1.0.6-x86_64-2.txz: Rebuilt. -x/fixesproto-5.0-x86_64-2.txz: Rebuilt. -x/font-util-1.3.1-x86_64-2.txz: Rebuilt. -x/fonttosfnt-1.0.4-x86_64-2.txz: Rebuilt. -x/fslsfonts-1.0.5-x86_64-2.txz: Rebuilt. -x/fstobdf-1.0.6-x86_64-2.txz: Rebuilt. -x/glamor-egl-0.6.0-x86_64-1.txz: Removed. -x/iceauth-1.0.7-x86_64-2.txz: Rebuilt. -x/ico-1.0.4-x86_64-2.txz: Rebuilt. -x/imake-1.0.7-x86_64-2.txz: Rebuilt. -x/intel-gpu-tools-1.3-x86_64-2.txz: Rebuilt. -x/kbproto-1.0.7-noarch-1.txz: Upgraded. -x/libFS-1.0.7-x86_64-1.txz: Upgraded. -x/libICE-1.0.9-x86_64-2.txz: Rebuilt. -x/libSM-1.2.2-x86_64-2.txz: Rebuilt. -x/libX11-1.6.3-x86_64-2.txz: Rebuilt. -x/libXScrnSaver-1.2.2-x86_64-2.txz: Rebuilt. -x/libXau-1.0.8-x86_64-2.txz: Rebuilt. -x/libXaw-1.0.13-x86_64-1.txz: Upgraded. -x/libXaw3d-1.6.2-x86_64-3.txz: Rebuilt. -x/libXcm-0.5.2-x86_64-2.txz: Rebuilt. -x/libXcomposite-0.4.4-x86_64-2.txz: Rebuilt. -x/libXcursor-1.1.14-x86_64-2.txz: Rebuilt. -x/libXdamage-1.1.4-x86_64-2.txz: Rebuilt. -x/libXdmcp-1.1.2-x86_64-2.txz: Rebuilt. -x/libXevie-1.0.3-x86_64-2.txz: Rebuilt. -x/libXext-1.3.3-x86_64-2.txz: Rebuilt. -x/libXfixes-5.0.1-x86_64-2.txz: Rebuilt. -x/libXfont-1.5.1-x86_64-2.txz: Rebuilt. -x/libXfontcache-1.0.5-x86_64-2.txz: Rebuilt. -x/libXft-2.3.2-x86_64-3.txz: Rebuilt. -x/libXi-1.7.4-x86_64-2.txz: Rebuilt. -x/libXinerama-1.1.3-x86_64-2.txz: Rebuilt. -x/libXmu-1.1.2-x86_64-2.txz: Rebuilt. -x/libXp-1.0.3-x86_64-2.txz: Rebuilt. -x/libXpm-3.5.11-x86_64-2.txz: Rebuilt. -x/libXpresent-1.0.0-x86_64-1.txz: Added. -x/libXrandr-1.5.0-x86_64-1.txz: Upgraded. -x/libXrender-0.9.9-x86_64-1.txz: Upgraded. -x/libXres-1.0.7-x86_64-2.txz: Rebuilt. -x/libXt-1.1.5-x86_64-1.txz: Upgraded. -x/libXtst-1.2.2-x86_64-2.txz: Rebuilt. -x/libXv-1.0.10-x86_64-2.txz: Rebuilt. -x/libXvMC-1.0.9-x86_64-2.txz: Rebuilt. -x/libXxf86dga-1.1.4-x86_64-2.txz: Rebuilt. -x/libXxf86misc-1.0.3-x86_64-2.txz: Rebuilt. -x/libXxf86vm-1.1.4-x86_64-2.txz: Rebuilt. -x/libdmx-1.1.3-x86_64-2.txz: Rebuilt. -x/libdrm-2.4.64-x86_64-1.txz: Upgraded. -x/libepoxy-1.3.1-x86_64-1.txz: Added. -x/libfontenc-1.1.3-x86_64-1.txz: Upgraded. -x/libpciaccess-0.13.4-x86_64-1.txz: Upgraded. -x/libxcb-1.11-x86_64-2.txz: Rebuilt. -x/libxkbfile-1.0.9-x86_64-1.txz: Upgraded. -x/libxshmfence-1.2-x86_64-2.txz: Rebuilt. -x/listres-1.0.3-x86_64-2.txz: Rebuilt. -x/lndir-1.0.3-x86_64-2.txz: Rebuilt. -x/luit-1.1.1-x86_64-2.txz: Rebuilt. -x/makedepend-1.0.5-x86_64-2.txz: Rebuilt. -x/mesa-10.6.4-x86_64-1.txz: Upgraded. -x/mkcomposecache-1.2.1-x86_64-2.txz: Rebuilt. -x/mkfontscale-1.1.2-x86_64-2.txz: Rebuilt. -x/oclock-1.0.3-x86_64-2.txz: Rebuilt. -x/pixman-0.33.2-x86_64-1.txz: Upgraded. -x/presentproto-1.0-x86_64-2.txz: Rebuilt. -x/randrproto-1.5.0-noarch-1.txz: Upgraded. -x/rendercheck-1.5-x86_64-1.txz: Upgraded. -x/rgb-1.0.6-x86_64-2.txz: Rebuilt. -x/sessreg-1.1.0-x86_64-2.txz: Rebuilt. -x/setxkbmap-1.3.1-x86_64-1.txz: Upgraded. -x/showfont-1.0.5-x86_64-2.txz: Rebuilt. -x/smproxy-1.0.6-x86_64-1.txz: Upgraded. -x/transset-1.0.1-x86_64-2.txz: Rebuilt. -x/twm-1.0.9-x86_64-1.txz: Upgraded. -x/viewres-1.0.4-x86_64-2.txz: Rebuilt. -x/x11perf-1.6.0-x86_64-1.txz: Upgraded. -x/xauth-1.0.9-x86_64-2.txz: Rebuilt. -x/xbacklight-1.2.1-x86_64-2.txz: Rebuilt. -x/xbiff-1.0.3-x86_64-2.txz: Rebuilt. -x/xbitmaps-1.1.1-x86_64-2.txz: Rebuilt. -x/xcalc-1.0.6-x86_64-2.txz: Rebuilt. -x/xcb-proto-1.11-x86_64-2.txz: Rebuilt. -x/xcb-util-0.4.0-x86_64-2.txz: Rebuilt. -x/xcb-util-cursor-0.1.2-x86_64-2.txz: Rebuilt. -x/xcb-util-errors-1.0-x86_64-1.txz: Added. -x/xcb-util-image-0.4.0-x86_64-2.txz: Rebuilt. -x/xcb-util-keysyms-0.4.0-x86_64-2.txz: Rebuilt. -x/xcb-util-renderutil-0.3.9-x86_64-2.txz: Rebuilt. -x/xcb-util-wm-0.4.1-x86_64-2.txz: Rebuilt. -x/xclipboard-1.1.3-x86_64-2.txz: Rebuilt. -x/xclock-1.0.7-x86_64-2.txz: Rebuilt. -x/xcm-0.5.2-x86_64-2.txz: Rebuilt. -x/xcmsdb-1.0.5-x86_64-1.txz: Upgraded. -x/xcompmgr-1.1.7-x86_64-1.txz: Upgraded. -x/xconsole-1.0.6-x86_64-2.txz: Rebuilt. -x/xcursorgen-1.0.6-x86_64-3.txz: Rebuilt. -x/xdbedizzy-1.1.0-x86_64-2.txz: Rebuilt. -x/xditview-1.0.4-x86_64-1.txz: Upgraded. -x/xdm-1.1.11-x86_64-6.txz: Rebuilt. -x/xdpyinfo-1.3.2-x86_64-1.txz: Upgraded. -x/xdriinfo-1.0.5-x86_64-1.txz: Upgraded. -x/xedit-1.2.2-x86_64-2.txz: Rebuilt. -x/xev-1.2.2-x86_64-1.txz: Upgraded. -x/xextproto-7.3.0-x86_64-2.txz: Rebuilt. -x/xeyes-1.1.1-x86_64-2.txz: Rebuilt. -x/xf86-input-acecad-1.5.0-x86_64-8.txz: Rebuilt. -x/xf86-input-aiptek-1.4.1-x86_64-8.txz: Rebuilt. -x/xf86-input-evdev-2.9.2-x86_64-2.txz: Rebuilt. -x/xf86-input-joystick-1.6.1-x86_64-8.txz: Rebuilt. -x/xf86-input-keyboard-1.8.1-x86_64-1.txz: Upgraded. -x/xf86-input-mouse-1.9.1-x86_64-3.txz: Rebuilt. -x/xf86-input-penmount-1.5.0-x86_64-8.txz: Rebuilt. -x/xf86-input-synaptics-1.8.2-x86_64-2.txz: Rebuilt. -x/xf86-input-vmmouse-13.1.0-x86_64-1.txz: Upgraded. -x/xf86-input-void-1.4.0-x86_64-8.txz: Rebuilt. -x/xf86-input-wacom-0.19.0-x86_64-7.txz: Rebuilt. -x/xf86-video-apm-1.2.5-x86_64-7.txz: Rebuilt. -x/xf86-video-ark-0.7.5-x86_64-7.txz: Rebuilt. -x/xf86-video-ast-1.1.5-x86_64-1.txz: Upgraded. -x/xf86-video-ati-7.5.0-x86_64-2.txz: Rebuilt. -x/xf86-video-chips-1.2.5-x86_64-7.txz: Rebuilt. -x/xf86-video-cirrus-1.5.3-x86_64-1.txz: Upgraded. -x/xf86-video-dummy-0.3.7-x86_64-4.txz: Rebuilt. -x/xf86-video-glint-1.2.8-x86_64-7.txz: Rebuilt. -x/xf86-video-i128-1.3.6-x86_64-7.txz: Rebuilt. -x/xf86-video-i740-1.3.5-x86_64-2.txz: Rebuilt. -x/xf86-video-intel-2.99.917-x86_64-2.txz: Rebuilt. -x/xf86-video-mach64-6.9.5-x86_64-1.txz: Upgraded. -x/xf86-video-mga-1.6.4-x86_64-2.txz: Rebuilt. -x/xf86-video-modesetting-0.9.0-x86_64-3.txz: Rebuilt. -x/xf86-video-neomagic-1.2.9-x86_64-1.txz: Upgraded. -x/xf86-video-nouveau-1.0.11-x86_64-2.txz: Rebuilt. -x/xf86-video-nv-2.1.20-x86_64-8.txz: Rebuilt. -x/xf86-video-openchrome-0.3.3-x86_64-5.txz: Rebuilt. -x/xf86-video-r128-6.10.0-x86_64-1.txz: Upgraded. -x/xf86-video-rendition-4.2.5-x86_64-7.txz: Rebuilt. -x/xf86-video-s3-0.6.5-x86_64-7.txz: Rebuilt. -x/xf86-video-s3virge-1.10.6-x86_64-8.txz: Rebuilt. -x/xf86-video-savage-2.3.8-x86_64-1.txz: Upgraded. -x/xf86-video-siliconmotion-1.7.8-x86_64-1.txz: Upgraded. -x/xf86-video-sis-0.10.7-x86_64-8.txz: Rebuilt. -x/xf86-video-sisusb-0.9.6-x86_64-7.txz: Rebuilt. -x/xf86-video-tdfx-1.4.6-x86_64-2.txz: Rebuilt. -x/xf86-video-tga-1.2.2-x86_64-7.txz: Rebuilt. -x/xf86-video-trident-1.3.7-x86_64-2.txz: Rebuilt. -x/xf86-video-tseng-1.2.5-x86_64-7.txz: Rebuilt. -x/xf86-video-v4l-0.2.0-x86_64-12.txz: Rebuilt. -x/xf86-video-vesa-2.3.4-x86_64-1.txz: Upgraded. -x/xf86-video-vmware-13.1.0-x86_64-2.txz: Rebuilt. -x/xf86-video-voodoo-1.2.5-x86_64-8.txz: Rebuilt. -x/xf86-video-xgi-git_5a3e0de677b7-x86_64-2.txz: Rebuilt. -x/xf86-video-xgixp-1.8.1-x86_64-7.txz: Rebuilt. -x/xf86dga-1.0.3-x86_64-2.txz: Rebuilt. -x/xfd-1.1.2-x86_64-2.txz: Rebuilt. -x/xfontsel-1.0.5-x86_64-2.txz: Rebuilt. -x/xfs-1.1.4-x86_64-2.txz: Rebuilt. -x/xfsinfo-1.0.5-x86_64-2.txz: Rebuilt. -x/xgamma-1.0.6-x86_64-1.txz: Upgraded. -x/xgc-1.0.5-x86_64-1.txz: Upgraded. -x/xhost-1.0.7-x86_64-1.txz: Upgraded. -x/xinit-1.3.4-x86_64-2.txz: Rebuilt. -x/xinput-1.6.1-x86_64-2.txz: Rebuilt. -x/xkbcomp-1.3.0-x86_64-2.txz: Rebuilt. -x/xkbevd-1.1.4-x86_64-1.txz: Upgraded. -x/xkbprint-1.0.4-x86_64-1.txz: Upgraded. -x/xkbutils-1.0.4-x86_64-2.txz: Rebuilt. -x/xkill-1.0.4-x86_64-2.txz: Rebuilt. -x/xload-1.1.2-x86_64-2.txz: Rebuilt. -x/xlogo-1.0.4-x86_64-2.txz: Rebuilt. -x/xlsatoms-1.1.2-x86_64-1.txz: Upgraded. -x/xlsclients-1.1.3-x86_64-2.txz: Rebuilt. -x/xlsfonts-1.0.5-x86_64-1.txz: Upgraded. -x/xmag-1.0.6-x86_64-1.txz: Upgraded. -x/xman-1.1.4-x86_64-2.txz: Rebuilt. -x/xmessage-1.0.4-x86_64-2.txz: Rebuilt. -x/xmh-1.0.3-x86_64-1.txz: Upgraded. -x/xmodmap-1.0.9-x86_64-1.txz: Upgraded. -x/xmore-1.0.2-x86_64-2.txz: Rebuilt. -x/xorg-docs-1.7.1-noarch-1.txz: Upgraded. -x/xorg-server-1.17.2-x86_64-1.txz: Upgraded. -x/xorg-server-xephyr-1.17.2-x86_64-1.txz: Upgraded. -x/xorg-server-xnest-1.17.2-x86_64-1.txz: Upgraded. -x/xorg-server-xvfb-1.17.2-x86_64-1.txz: Upgraded. -x/xorg-sgml-doctools-1.11-x86_64-2.txz: Rebuilt. -x/xpr-1.0.4-x86_64-2.txz: Rebuilt. -x/xprop-1.2.2-x86_64-2.txz: Rebuilt. -x/xproto-7.0.28-noarch-1.txz: Upgraded. -x/xpyb-1.3.1-x86_64-3.txz: Rebuilt. -x/xrandr-1.4.3-x86_64-2.txz: Rebuilt. -x/xrdb-1.1.0-x86_64-2.txz: Rebuilt. -x/xrefresh-1.0.5-x86_64-2.txz: Rebuilt. -x/xscope-1.4.1-x86_64-2.txz: Rebuilt. -x/xset-1.2.3-x86_64-2.txz: Rebuilt. -x/xsetroot-1.1.1-x86_64-2.txz: Rebuilt. -x/xsm-1.0.3-x86_64-2.txz: Rebuilt. -x/xstdcmap-1.0.3-x86_64-2.txz: Rebuilt. -x/xvidtune-1.0.3-x86_64-2.txz: Rebuilt. -x/xvinfo-1.1.3-x86_64-1.txz: Upgraded. -x/xwd-1.0.6-x86_64-2.txz: Rebuilt. -x/xwininfo-1.1.3-x86_64-2.txz: Rebuilt. -x/xwud-1.0.4-x86_64-2.txz: Rebuilt. -xap/MPlayer-20150721-x86_64-1.txz: Upgraded. - Thanks to Heinz Wiesinger. -xap/ddd-3.3.12-x86_64-4.txz: Rebuilt. -xap/pan-0.139-x86_64-3.txz: Rebuilt. -xap/xine-lib-1.2.6-x86_64-2.txz: Rebuilt. -extra/wicd/wicd-1.7.3-x86_64-1.txz: Upgraded. - Probably better to use NetworkManager, but this seems to work for now. +Sun Oct 1 20:00:22 UTC 2017 +a/kernel-generic-4.9.52-x86_64-1.txz: Upgraded. +a/kernel-huge-4.9.52-x86_64-1.txz: Upgraded. +a/kernel-modules-4.9.52-x86_64-1.txz: Upgraded. +ap/a2ps-4.14-x86_64-6.txz: Rebuilt. + Removed embedded copy of psutils (already included in TeXLive). +d/kernel-headers-4.9.52-x86-1.txz: Upgraded. +k/kernel-source-4.9.52-noarch-1.txz: Upgraded. +l/openexr-2.2.0-x86_64-2.txz: Rebuilt. + Patched bugs that may lead to program crashes or possibly execution of + arbitrary code. Thanks to Thomas Choi for the patch. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9110 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9111 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9112 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9113 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9114 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9115 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9116 + (* Security fix *) +t/texlive-2017.170622-x86_64-2.txz: Rebuilt. + Corrected slack-desc. Thanks to Johannes Schoepfer. +xap/gnuplot-5.2.0-x86_64-1.txz: Upgraded. + Thanks to Johannes Schoepfer for the path fixes. +xap/xpdf-4.00-x86_64-2.txz: Rebuilt. + Added a config option to fix broken printing. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Fri Aug 14 19:31:42 UTC 2015 -ap/hplip-3.15.7-x86_64-1.txz: Upgraded. -kde/pykde4-4.14.3-x86_64-2.txz: Rebuilt. -kde/qtruby-4.14.3-x86_64-2.txz: Rebuilt. -kde/smokeqt-4.14.3-x86_64-2.txz: Rebuilt. -l/PyQt-4.11.4-x86_64-1.txz: Upgraded. -l/QScintilla-2.9-x86_64-1.txz: Upgraded. -n/dhcpcd-6.8.2-x86_64-1.txz: Upgraded. - Tested and found to work here. We'll probably avoid the 6.9.x series - until the bugs get worked out (or we have a real need to upgrade). -xap/mozilla-thunderbird-38.2.0-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html - (* Security fix *) -+--------------------------+ -Wed Aug 12 05:50:41 UTC 2015 -n/openssh-7.0p1-x86_64-1.txz: Upgraded. -+--------------------------+ -Tue Aug 11 18:11:12 UTC 2015 -a/procps-ng-3.3.10-x86_64-2.txz: Rebuilt. - Recompiled with --disable-modern-top to restore classic display defaults. -l/libjpeg-turbo-1.4.1-x86_64-1.txz: Upgraded. -l/sip-4.16.9-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-40.0-x86_64-1.txz: Upgraded. +Fri Sep 29 22:58:54 UTC 2017 +ap/cups-filters-1.17.8-x86_64-1.txz: Upgraded. +l/libpng-1.6.34-x86_64-1.txz: Upgraded. +t/tetex-3.0-x86_64-10.txz: Removed. + Thanks to Thomas Esser -- teTeX had a good long run. :-) +t/tetex-doc-3.0-x86_64-10.txz: Removed. +t/texlive-2017.170622-x86_64-1.txz: Added. + Thanks very much to Johannes Schoepfer for the great work on this! + Also thanks to Robby Workman for adjustments and testing. ++--------------------------+ +Thu Sep 28 21:03:26 UTC 2017 +ap/mariadb-10.2.9-x86_64-1.txz: Upgraded. +l/pcre2-10.30-x86_64-2.txz: Rebuilt. + Remove the .la files before they have a chance to creep into any other ones. + These generally aren't helpful for libraries that support pkg-config. +n/net-snmp-5.7.3-x86_64-5.txz: Rebuilt. + Recompiled with MariaDB support. Thanks to Kris Karas. +xap/mozilla-firefox-56.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. - Thanks to Matteo Bernardini and Stephen M. Wright II for help with some - build script improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html + https://www.mozilla.org/security/known-vulnerabilities/firefox.html + (* Security fix *) ++--------------------------+ +Thu Sep 28 05:31:20 UTC 2017 +Thanks to Robby Workman for preparing nearly all of the updates in this batch. +a/dbus-1.10.24-x86_64-1.txz: Upgraded. +a/hwdata-0.304-noarch-1.txz: Upgraded. +a/lvm2-2.02.174-x86_64-1.txz: Upgraded. +a/mcelog-153-x86_64-1.txz: Upgraded. +a/xfsprogs-4.13.1-x86_64-1.txz: Upgraded. +ap/mpg123-1.25.7-x86_64-1.txz: Upgraded. +ap/sysstat-11.6.0-x86_64-1.txz: Upgraded. +d/Cython-0.27-x86_64-1.txz: Upgraded. +l/adwaita-icon-theme-3.26.0-noarch-1.txz: Upgraded. +l/at-spi2-atk-2.26.0-x86_64-1.txz: Upgraded. +l/at-spi2-core-2.26.0-x86_64-1.txz: Upgraded. +l/atk-2.26.0-x86_64-1.txz: Upgraded. +l/babl-0.1.30-x86_64-1.txz: Upgraded. +l/gc-7.6.0-x86_64-1.txz: Upgraded. +l/gegl-0.2.0-x86_64-5.txz: Rebuilt. + Patched integer overflows in operations/external/ppm-load.c that could allow + a denial of service (application crash) or possibly the execution of + arbitrary code via a large width or height value in a ppm image. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4433 + (* Security fix *) +l/glib-networking-2.54.0-x86_64-1.txz: Upgraded. +l/glib2-2.54.0-x86_64-1.txz: Upgraded. +l/glibmm-2.54.1-x86_64-1.txz: Upgraded. +l/gobject-introspection-1.54.0-x86_64-1.txz: Upgraded. +l/gsettings-desktop-schemas-3.24.1-x86_64-1.txz: Upgraded. +l/gst-plugins-base-1.12.3-x86_64-1.txz: Upgraded. +l/gst-plugins-good-1.12.3-x86_64-1.txz: Upgraded. +l/gst-plugins-libav-1.12.3-x86_64-1.txz: Upgraded. +l/gstreamer-1.12.3-x86_64-1.txz: Upgraded. +l/gtkmm3-3.22.2-x86_64-1.txz: Upgraded. +l/hicolor-icon-theme-0.17-noarch-1.txz: Upgraded. +l/hunspell-1.6.2-x86_64-1.txz: Upgraded. +l/iso-codes-3.76-noarch-1.txz: Upgraded. +l/libsoup-2.60.0-x86_64-1.txz: Upgraded. +l/media-player-info-23-noarch-1.txz: Upgraded. +l/pcre2-10.30-x86_64-1.txz: Added. + Thanks to Larry Hajali. +l/pygobject3-3.26.0-x86_64-1.txz: Upgraded. +l/qca-2.1.3-x86_64-1.txz: Upgraded. +n/cifs-utils-6.7-x86_64-1.txz: Upgraded. +n/gnupg2-2.2.1-x86_64-1.txz: Upgraded. +n/ipset-6.34-x86_64-1.txz: Upgraded. +n/libmbim-1.14.2-x86_64-1.txz: Upgraded. +n/openvpn-2.4.4-x86_64-1.txz: Upgraded. +n/p11-kit-0.23.8-x86_64-1.txz: Upgraded. +x/libwacom-0.26-x86_64-1.txz: Upgraded. +xap/gucharmap-10.0.1-x86_64-1.txz: Upgraded. +xap/xpdf-4.00-x86_64-1.txz: Upgraded. +xfce/xfce4-clipman-plugin-1.4.2-x86_64-1.txz: Upgraded. ++--------------------------+ +Tue Sep 26 02:37:01 UTC 2017 +l/libxslt-1.1.30-x86_64-3.txz: Rebuilt. + Fixed bashism in configure.in that resulted in pkg-config not being used + properly unless /bin/sh was bash. Thanks to Willy Sudiarto Raharjo. ++--------------------------+ +Tue Sep 26 00:39:15 UTC 2017 +a/util-linux-2.30.2-x86_64-2.txz: Rebuilt. + Renamed old BSD version of strings to "strings-BSD". +ap/cups-filters-1.17.7-x86_64-2.txz: Rebuilt. + Recompiled against poppler-0.59.0 and qpdf-7.0.0. +ap/qpdf-7.0.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +d/binutils-2.29.1-x86_64-1.txz: Upgraded. + Shared library .so-version bump. + Don't rename strings to "strings-GNU", but provide a symlink from strings-GNU + to strings in case any user-created scripts are using the name we gave the + GNU version of strings for many years. The GNU version of strings has more + features and is what most scripts expect to find installed. Any existing + scripts that use BSD specific options may need to be patched to use + equivalent GNU options (or to use strings-BSD instead). +d/meson-0.42.1-x86_64-1.txz: Added. + Thanks to Heinz Wiesinger. +d/ninja-1.8.2-x86_64-1.txz: Added. + Thanks to alienBOB. +d/oprofile-1.2.0-x86_64-1.txz: Upgraded. + Compiled against binutils-2.29.1. +d/re2c-1.0.2-x86_64-1.txz: Added. + Thanks to LukenShiro. +kde/calligra-2.9.11-x86_64-16.txz: Rebuilt. + Recompiled against poppler-0.59.0. +l/LibRaw-0.18.5-x86_64-1.txz: Upgraded. +l/libxslt-1.1.30-x86_64-2.txz: Rebuilt. + Be a bit more generous with xsltMaxDepth to avoid a false positive on + infinite recursion. This fixes building the Samba docs. +l/poppler-0.59.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +xfce/tumbler-0.2.0-x86_64-2.txz: Rebuilt. + Recompiled against poppler-0.59.0. ++--------------------------+ +Sun Sep 24 19:03:35 UTC 2017 +a/os-prober-1.76-x86_64-1.txz: Upgraded. +ap/cups-filters-1.17.7-x86_64-1.txz: Upgraded. +d/help2man-1.47.5-x86_64-1.txz: Upgraded. +l/SDL2-2.0.6-x86_64-1.txz: Upgraded. +l/imagemagick-6.9.9_15-x86_64-1.txz: Upgraded. +l/pulseaudio-11.1-x86_64-1.txz: Upgraded. +x/fontconfig-2.12.6-x86_64-1.txz: Upgraded. +xap/audacious-3.9-x86_64-1.txz: Upgraded. +xap/audacious-plugins-3.9-x86_64-1.txz: Upgraded. ++--------------------------+ +Sat Sep 23 01:02:32 UTC 2017 +Good hello! Python 3 has made its entry into -current. :-) Huge thanks are due +to Heinz Wiesinger for a great effort maintaining and testing this on the side +for months now, and for queuing it up for an easy merge without all that many +changes needed, and to Audrius KaĹľukauskas for maintaining the Python 3 +build scripts on slackbuilds.org for years (on which our Python 3 SlackBuild +was based). Enjoy! +a/glibc-solibs-2.26-x86_64-3.txz: Rebuilt. +a/kmod-24-x86_64-2.txz: Rebuilt. + Added python3 bindings. +a/util-linux-2.30.2-x86_64-1.txz: Upgraded. + Added python3 bindings. +ap/hplip-3.17.9-x86_64-1.txz: Upgraded. + Switch to using python3. +ap/pamixer-1.3.1-x86_64-4.txz: Rebuilt. + Compiled against boost-1.65.1. +ap/rpm-4.13.0.1-x86_64-1.txz: Upgraded. +d/Cython-0.26.1-x86_64-1.txz: Upgraded. +d/cmake-3.9.3-x86_64-1.txz: Upgraded. +d/gdb-8.0.1-x86_64-2.txz: Rebuilt. + Switch to using python3. +d/python-2.7.14-x86_64-1.txz: Upgraded. + Updated to the latest 2.7.x release. + This fixes some security issues related to the bundled expat library. + Note that -current is now using the system expat library instead. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9063 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9233 + (* Security fix *) +d/python-pip-9.0.1-x86_64-1.txz: Added. +d/python-setuptools-36.5.0-x86_64-1.txz: Upgraded. +d/python3-3.6.2-x86_64-1.txz: Added. +kde/calligra-2.9.11-x86_64-15.txz: Rebuilt. + Compiled against boost-1.65.1. +kde/kdev-python-1.7.3-x86_64-1.txz: Upgraded. +kde/kdevelop-4.7.4-x86_64-1.txz: Upgraded. +kde/kdevelop-php-1.7.4-x86_64-1.txz: Upgraded. +kde/kdevelop-php-docs-1.7.4-x86_64-1.txz: Upgraded. +kde/kdevplatform-1.7.4-x86_64-1.txz: Upgraded. +kde/kig-4.14.3-x86_64-6.txz: Rebuilt. + Compiled against boost-1.65.1. +kde/pykde4-4.14.3-x86_64-6.txz: Rebuilt. + Added python3 version. +l/M2Crypto-0.26.2-x86_64-1.txz: Upgraded. +l/PyQt-4.12.1-x86_64-1.txz: Upgraded. + Added python3 version. +l/QScintilla-2.10.1-x86_64-1.txz: Upgraded. +l/akonadi-1.13.0-x86_64-7.txz: Rebuilt. + Compiled against boost-1.65.1. +l/boost-1.65.1-x86_64-1.txz: Upgraded. + Added libboost_python3. + Shared library .so-version bump. +l/dbus-python-1.2.4-x86_64-3.txz: Rebuilt. + Added python3 version. +l/glibc-2.26-x86_64-3.txz: Rebuilt. + Applied an upstream patch to fix finding the location of shared libraries + with some Steam games and possibly other programs. Thanks to sbolokanov. +l/glibc-i18n-2.26-x86_64-3.txz: Rebuilt. +l/glibc-profile-2.26-x86_64-3.txz: Rebuilt. +l/libcaca-0.99.beta19-x86_64-2.txz: Rebuilt. + Added python3 bindings. +l/libcap-ng-0.7.8-x86_64-2.txz: Rebuilt. + Added python3 bindings. +l/libproxy-0.4.15-x86_64-1.txz: Upgraded. +l/libwebp-0.6.0-x86_64-2.txz: Rebuilt. + Added python3 bindings. +l/libxml2-2.9.5-x86_64-1.txz: Upgraded. + Added python3 version. + This release fixes some security issues: + Detect infinite recursion in parameter entities (Nick Wellnhofer), + Fix handling of parameter-entity references (Nick Wellnhofer), + Disallow namespace nodes in XPointer ranges (Nick Wellnhofer), + Fix XPointer paths beginning with range-to (Nick Wellnhofer). + (* Security fix *) +l/libxslt-1.1.30-x86_64-1.txz: Upgraded. +l/newt-0.52.20-x86_64-2.txz: Rebuilt. + Added python3 bindings. +l/pycairo-1.15.3-x86_64-1.txz: Upgraded. + Added python3 version. +l/pycups-1.9.73-x86_64-3.txz: Rebuilt. + Added python3 version. +l/pycurl-7.43.0-x86_64-3.txz: Rebuilt. + Added python3 version. +l/pygobject-2.28.6-x86_64-4.txz: Rebuilt. + Added python3 version. +l/pygobject3-3.24.1-x86_64-2.txz: Rebuilt. + Added python3 version. +l/pygtk-2.24.0-x86_64-4.txz: Rebuilt. +l/pyparsing-2.2.0-x86_64-1.txz: Added. +l/python-appdirs-1.4.3-x86_64-1.txz: Added. +l/python-certifi-2017.7.27.1-x86_64-1.txz: Added. +l/python-chardet-3.0.4-x86_64-1.txz: Added. +l/python-docutils-0.14-x86_64-1.txz: Added. +l/python-idna-2.6-x86_64-1.txz: Added. +l/python-packaging-16.8-x86_64-1.txz: Added. +l/python-pillow-4.2.1-x86_64-1.txz: Upgraded. +l/python-requests-2.18.4-x86_64-1.txz: Added. +l/python-sane-2.8.3-x86_64-1.txz: Added. +l/python-six-1.10.0-x86_64-2.txz: Rebuilt. +l/python-urllib3-1.22-x86_64-1.txz: Added. +l/sip-4.19.3-x86_64-1.txz: Upgraded. +l/system-config-printer-1.5.9-x86_64-1.txz: Upgraded. +l/taglib-1.11.1-x86_64-2.txz: Rebuilt. + Compiled against boost-1.65.1. +l/urwid-1.0.3-x86_64-2.txz: Rebuilt. + Added python3 version. +n/NetworkManager-1.8.4-x86_64-1.txz: Upgraded. +n/getmail-5.1-x86_64-1.txz: Upgraded. +n/gpgme-1.9.0-x86_64-2.txz: Rebuilt. + Added python3 bindings. +n/obexftp-0.24.2-x86_64-2.txz: Rebuilt. + Added python3 version. +n/pssh-2.3.1-x86_64-2.txz: Rebuilt. + Switch to using python3. +x/intel-gpu-tools-1.19-x86_64-1.txz: Upgraded. +x/vulkan-sdk-1.0.61.1-x86_64-1.txz: Upgraded. +x/xcb-proto-1.12-x86_64-2.txz: Rebuilt. + Added python3 version. +xap/blueman-2.0.4-x86_64-3.txz: Rebuilt. + Switch to using python3. + Don't autostart applet in KDE. Thanks to Robby Workman. +xap/network-manager-applet-1.8.4-x86_64-1.txz: Upgraded. ++--------------------------+ +Thu Sep 21 01:23:24 UTC 2017 +n/samba-4.6.8-x86_64-1.txz: Upgraded. + This is a security release in order to address the following defects: + SMB1/2/3 connections may not require signing where they should. A man in the + middle attack may hijack client connections. + SMB3 connections don't keep encryption across DFS redirects. A man in the + middle attack can read and may alter confidential documents transferred via + a client connection, which are reached via DFS redirect when the original + connection used SMB3. + Server memory information leak over SMB1. Client with write access to a share + can cause server memory contents to be written into a file or printer. + For more information, see: + https://www.samba.org/samba/security/CVE-2017-12150.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150 + https://www.samba.org/samba/security/CVE-2017-12151.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151 + https://www.samba.org/samba/security/CVE-2017-12163.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163 + (* Security fix *) ++--------------------------+ +Tue Sep 19 20:49:07 UTC 2017 +l/freetype-2.8-x86_64-1.txz: Upgraded. + Reverted due to rendering issues with programs such as Firefox that violate + the Freetype API. We'll revisit this after upstream programs have some time + to catch up. +x/libinput-1.8.2-x86_64-1.txz: Upgraded. ++--------------------------+ +Mon Sep 18 19:15:03 UTC 2017 +a/eudev-3.2.4-x86_64-1.txz: Upgraded. +a/libgudev-232-x86_64-1.txz: Upgraded. +a/usb_modeswitch-2.5.1-x86_64-1.txz: Upgraded. +ap/man-pages-4.13-noarch-1.txz: Upgraded. +d/cmake-3.9.2-x86_64-1.txz: Upgraded. +d/ruby-2.4.2-x86_64-1.txz: Upgraded. + This release includes several security fixes. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0898 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10784 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14033 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14064 + (* Security fix *) +l/akonadi-1.13.0-x86_64-6.txz: Rebuilt. + Fixed using akonadi with an external database. Thanks to Heinz Wiesinger. +l/freetype-2.8.1-x86_64-1.txz: Upgraded. +n/httpd-2.4.27-x86_64-3.txz: Rebuilt. + This update patches a security issue ("Optionsbleed") with the OPTIONS http + method which may leak arbitrary pieces of memory to a potential attacker. + Thanks to Hanno Bo:ck. + For more information, see: + http://seclists.org/oss-sec/2017/q3/477 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798 + (* Security fix *) +x/fontconfig-2.12.5-x86_64-1.txz: Upgraded. +x/mesa-17.2.1-x86_64-1.txz: Upgraded. +x/xf86-input-libinput-0.26.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Fri Sep 15 17:31:57 UTC 2017 +a/kernel-firmware-20170914git-noarch-1.txz: Upgraded. +a/kernel-generic-4.9.50-x86_64-1.txz: Upgraded. +a/kernel-huge-4.9.50-x86_64-1.txz: Upgraded. +a/kernel-modules-4.9.50-x86_64-1.txz: Upgraded. + Fixed BlueBorne vulnerability in bluetooth.ko module. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000251 + https://www.armis.com/blueborne + (* Security fix *) +ap/texinfo-6.5-x86_64-1.txz: Upgraded. +ap/xorriso-1.4.8-x86_64-1.txz: Added. +d/kernel-headers-4.9.50-x86-1.txz: Upgraded. +k/kernel-source-4.9.50-noarch-1.txz: Upgraded. + This update fixes the security vulnerability known as "BlueBorne". + The native Bluetooth stack in the Linux Kernel (BlueZ), starting at + Linux kernel version 3.3-rc1 is vulnerable to a stack overflow in + the processing of L2CAP configuration responses resulting in remote + code execution in kernel space. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000251 + https://www.armis.com/blueborne + (* Security fix *) +l/ffmpeg-3.3.4-x86_64-1.txz: Upgraded. +l/gvfs-1.34.0-x86_64-1.txz: Upgraded. + Don't set AutoMount=false in network.mount (fixes tree view in Thunar). + Thanks to PROBLEMCHYLD. +n/bluez-5.47-x86_64-1.txz: Upgraded. + Fixed an information disclosure vulnerability which allows remote attackers + to obtain sensitive information from the bluetoothd process memory. This + vulnerability lies in the processing of SDP search attribute requests. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000250 (* Security fix *) +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Sun Aug 9 19:42:38 UTC 2015 -a/file-5.24-x86_64-1.txz: Upgraded. -ap/slackpkg-2.82.0-noarch-14.tgz: Rebuilt. - Patched to avoid false package name matches when the full name of a - package is a substring of another package's name, as happened recently - with atk-2.16.0 and at-spi2-atk-2.16.0. Thanks to Eric Hameleers. -n/dhcpcd-6.9.1-x86_64-2.txz: Rebuilt. - Recompiled with --rundir=/run. -+--------------------------+ -Fri Aug 7 23:32:05 UTC 2015 -Thanks to rworkman for help on many of these! -a/bash-4.3.039-x86_64-1.txz: Upgraded. -a/coreutils-8.24-x86_64-1.txz: Upgraded. -a/dbus-1.8.20-x86_64-1.txz: Upgraded. -a/file-5.23-x86_64-1.txz: Upgraded. -a/gawk-4.1.3-x86_64-1.txz: Upgraded. -a/kmod-21-x86_64-1.txz: Upgraded. -a/lvm2-2.02.125-x86_64-1.txz: Upgraded. -a/procps-3.2.8-x86_64-4.txz: Removed. -a/procps-ng-3.3.10-x86_64-1.txz: Added. - Thanks to Larry Hajali for the initial SlackBuild diff. -a/sysvinit-2.88dsf-x86_64-4.txz: Rebuilt. - Removed pidof which is now part of the procps-ng package. -a/sysvinit-scripts-2.0-noarch-21.txz: Rebuilt. - Handle changed sysctl syntax in rc.S. -a/util-linux-2.26.2-x86_64-1.txz: Upgraded. -a/xfsprogs-3.2.4-x86_64-1.txz: Upgraded. -ap/cups-2.0.4-x86_64-1.txz: Upgraded. -ap/mc-4.8.14-x86_64-1.txz: Upgraded. -ap/sc-7.16-x86_64-4.txz: Rebuilt. - Added SC.MACROS to the documentation. Thanks to Dario Niedermann. -ap/screen-4.3.1-x86_64-2.txz: Rebuilt. - Drop dependency on libelf. -ap/tmux-2.0-x86_64-1.txz: Upgraded. -d/binutils-2.25.1-x86_64-1.txz: Upgraded. -d/gcc-4.9.2-x86_64-3.txz: Rebuilt. - Added c89 and c99 shell scripts. -d/gcc-g++-4.9.2-x86_64-3.txz: Rebuilt. -d/gcc-gfortran-4.9.2-x86_64-3.txz: Rebuilt. -d/gcc-gnat-4.9.2-x86_64-3.txz: Rebuilt. -d/gcc-go-4.9.2-x86_64-3.txz: Rebuilt. -d/gcc-java-4.9.2-x86_64-3.txz: Rebuilt. -d/gcc-objc-4.9.2-x86_64-3.txz: Rebuilt. -d/git-2.5.0-x86_64-1.txz: Upgraded. -d/llvm-3.6.2-x86_64-1.txz: Upgraded. -d/mercurial-3.5-x86_64-1.txz: Upgraded. -d/oprofile-1.0.0-x86_64-1.txz: Upgraded. -d/swig-3.0.7-x86_64-1.txz: Upgraded. -l/adwaita-icon-theme-3.16.2-noarch-1.txz: Upgraded. -l/at-spi2-atk-2.16.0-x86_64-1.txz: Upgraded. -l/at-spi2-core-2.16.0-x86_64-1.txz: Upgraded. -l/atk-2.16.0-x86_64-1.txz: Upgraded. -l/dconf-0.24.0-x86_64-1.txz: Upgraded. -l/freetype-2.6-x86_64-1.txz: Upgraded. -l/gcr-3.16.0-x86_64-1.txz: Upgraded. -l/glib-networking-2.44.0-x86_64-1.txz: Upgraded. -l/glib2-2.44.1-x86_64-1.txz: Upgraded. - Drop dependency on libelf. -l/gnome-keyring-3.16.0-x86_64-1.txz: Upgraded. -l/gnome-themes-standard-3.16.2-x86_64-1.txz: Upgraded. -l/gsettings-desktop-schemas-3.16.1-x86_64-1.txz: Upgraded. -l/gtk+2-2.24.28-x86_64-1.txz: Upgraded. -l/gvfs-1.24.1-x86_64-1.txz: Upgraded. -l/harfbuzz-1.0.1-x86_64-1.txz: Upgraded. -l/libgsf-1.14.34-x86_64-1.txz: Upgraded. -l/libpcap-1.7.4-x86_64-1.txz: Upgraded. -l/libsecret-0.18.3-x86_64-1.txz: Upgraded. -l/libsoup-2.50.0-x86_64-1.txz: Upgraded. -l/mozilla-nss-3.19.2-x86_64-1.txz: Upgraded. - This release contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/nss.html - (* Security fix *) -l/mpfr-3.1.3-x86_64-1.txz: Upgraded. -n/NetworkManager-1.0.4-x86_64-1.txz: Upgraded. -n/ca-certificates-20150426-noarch-1.txz: Upgraded. - This package updates to the latest CA certificates. -n/dhcpcd-6.9.1-x86_64-1.txz: Upgraded. -n/lftp-4.6.3a-x86_64-1.txz: Upgraded. -n/tcpdump-4.7.4-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-39.0.3-x86_64-1.txz: Upgraded. - This release contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html - (* Security fix *) -xap/network-manager-applet-1.0.4-x86_64-1.txz: Upgraded. -xfce/Thunar-1.6.10-x86_64-1.txz: Upgraded. -xfce/exo-0.10.6-x86_64-1.txz: Upgraded. -xfce/xfce4-weather-plugin-0.8.6-x86_64-1.txz: Upgraded. -xfce/xfdesktop-4.12.3-x86_64-1.txz: Upgraded. -+--------------------------+ -Tue Jul 28 19:36:39 UTC 2015 -n/bind-9.10.2_P3-x86_64-1.txz: Upgraded. - This update fixes a security issue where an error in the handling of TKEY - queries can be exploited by an attacker for use as a denial-of-service - vector, as a constructed packet can use the defect to trigger a REQUIRE - assertion failure, causing BIND to exit. - Impact: - Both recursive and authoritative servers are vulnerable to this defect. - Additionally, exposure is not prevented by either ACLs or configuration - options limiting or denying service because the exploitable code occurs - early in the packet handling, before checks enforcing those boundaries. - Operators should take steps to upgrade to a patched version as soon as - possible. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5477 - https://kb.isc.org/article/AA-01272 - (* Security fix *) -+--------------------------+ -Fri Jul 17 19:38:52 UTC 2015 -n/httpd-2.4.16-x86_64-1.txz: Upgraded. - This update fixes the following security issues: - * CVE-2015-0253: Fix a crash with ErrorDocument 400 pointing to a local - URL-path with the INCLUDES filter active, introduced in 2.4.11. - * CVE-2015-0228: mod_lua: A maliciously crafted websockets PING after a - script calls r:wsupgrade() can cause a child process crash. - * CVE-2015-3183: core: Fix chunk header parsing defect. Remove - apr_brigade_flatten(), buffering and duplicated code from the HTTP_IN - filter, parse chunks in a single pass with zero copy. Limit accepted - chunk-size to 2^63-1 and be strict about chunk-ext authorized characters. - * CVE-2015-3185: Replacement of ap_some_auth_required (unusable in Apache - httpd 2.4) with new ap_some_authn_required and ap_force_authn hook. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0228 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0253 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185 - (* Security fix *) -n/php-5.6.11-x86_64-1.txz: Upgraded. - This update fixes some bugs and security issues. +Tue Sep 12 22:18:51 UTC 2017 +ap/cups-filters-1.17.4-x86_64-1.txz: Upgraded. +e/emacs-25.3-x86_64-1.txz: Upgraded. + This update fixes a security vulnerability in Emacs. Gnus no longer + supports "richtext" and "enriched" inline MIME objects. This support + was disabled to avoid evaluation of arbitrary Lisp code contained in + email messages and news articles. + For more information, see: + http://seclists.org/oss-sec/2017/q3/422 + https://bugs.gnu.org/28350 + (* Security fix *) +l/ebook-tools-0.2.2-x86_64-4.txz: Rebuilt. + Recompiled against libzip-1.3.0. +l/gdk-pixbuf2-2.36.10-x86_64-1.txz: Upgraded. +l/libzip-1.3.0-x86_64-1.txz: Upgraded. + Fix a denial of service and possible code execution issue. + Shared library .so-version bump. For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2325 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2326 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3152 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4642 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4643 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4644 - (* Security fix *) -xap/xscreensaver-5.33-x86_64-1.txz: Upgraded. + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12858 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14107 + (* Security fix *) ++--------------------------+ +Tue Sep 12 06:52:52 UTC 2017 +a/btrfs-progs-v4.13-x86_64-1.txz: Upgraded. +a/kernel-generic-4.9.49-x86_64-1.txz: Upgraded. +a/kernel-huge-4.9.49-x86_64-1.txz: Upgraded. +a/kernel-modules-4.9.49-x86_64-1.txz: Upgraded. +ap/ash-0.4.0-x86_64-2.txz: Removed. +ap/dash-0.5.9.1-x86_64-1.txz: Added. +ap/zsh-5.4.2-x86_64-1.txz: Upgraded. +d/kernel-headers-4.9.49-x86-1.txz: Upgraded. +d/strace-4.19-x86_64-1.txz: Upgraded. +k/kernel-source-4.9.49-noarch-1.txz: Upgraded. +l/expat-2.2.4-x86_64-1.txz: Upgraded. +l/glibmm-2.52.1-x86_64-1.txz: Upgraded. +l/gtk+3-3.22.21-x86_64-1.txz: Upgraded. +l/pango-1.40.12-x86_64-1.txz: Upgraded. +x/xf86-video-amdgpu-1.4.0-x86_64-1.txz: Upgraded. +x/xf86-video-ati-7.10.0-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Sun Jul 12 04:28:10 UTC 2015 -xap/mozilla-thunderbird-38.1.0-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html - (* Security fix *) -testing/packages/e2fsprogs-1.43_WIP_20150518-x86_64-1.txz: Added. -+--------------------------+ -Thu Jul 9 18:29:23 UTC 2015 -a/kernel-firmware-20150709git-noarch-1.txz: Upgraded. -a/openssl-solibs-1.0.1p-x86_64-1.txz: Upgraded. -n/openssl-1.0.1p-x86_64-1.txz: Upgraded. - This update fixes the following security issue: - Alternative chains certificate forgery (CVE-2015-1793). - During certificate verification, OpenSSL (starting from version 1.0.1n and - 1.0.2b) will attempt to find an alternative certificate chain if the first - attempt to build such a chain fails. An error in the implementation of this - logic can mean that an attacker could cause certain checks on untrusted - certificates to be bypassed, such as the CA flag, enabling them to use a - valid leaf certificate to act as a CA and "issue" an invalid certificate. - This issue will impact any application that verifies certificates including - SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication. - This issue affects OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n and 1.0.1o. - This issue was reported to OpenSSL on 24th June 2015 by Adam Langley/David - Benjamin (Google/BoringSSL). The fix was developed by the BoringSSL project. - For more information, see: - https://openssl.org/news/secadv_20150709.txt - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1793 - (* Security fix *) -+--------------------------+ -Tue Jul 7 22:59:17 UTC 2015 -ap/cups-2.0.3-x86_64-1.txz: Upgraded. - This release fixes bugs and a couple of security issues: - CWE-911: Improper Update of Reference Count - CVE-2015-1158 - This bug could allow an attacker to upload a replacement CUPS - configuration file and mount further attacks. - CWE-79: Improper Neutralization of Input During Web Page Generation - (Cross-site Scripting) - CVE-2015-1159 - A cross-site scripting bug in the CUPS templating engine allows this - bug to be exploited when a user browses the web. In certain cases, - the CGI template can echo user input to file rather than escaping the - text first. This may be used to set up a reflected XSS attack in - the QUERY parameter of the web interface help page. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1158 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1159 - (* Security fix *) -ap/cups-filters-1.0.71-x86_64-1.txz: Upgraded. - Fixed overflows and lack of bounds checking in texttopdf. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3258 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3259 - (* Security fix *) -ap/lm_sensors-3.3.5-x86_64-1.txz: Upgraded. -ap/nano-2.4.2-x86_64-1.txz: Upgraded. -ap/screen-4.3.1-x86_64-1.txz: Upgraded. -d/make-3.82-x86_64-6.txz: Rebuilt. - Added whitespace handling patch from upstream. Thanks to Michele Ballabio. -d/python-2.7.10-x86_64-1.txz: Upgraded. -l/glade3-3.8.5-x86_64-2.txz: Rebuilt. - Recompiled to eliminate remaining libpng14 references in .la files. -l/gst-plugins-base-1.4.5-x86_64-1.txz: Upgraded. -l/gst-plugins-base0-0.10.36-x86_64-2.txz: Rebuilt. - Recompiled to eliminate remaining libpng14 references in .la files. -l/gst-plugins-good-1.4.5-x86_64-1.txz: Upgraded. -l/gstreamer-1.4.5-x86_64-1.txz: Upgraded. -l/notify-python-0.1.1-x86_64-4.txz: Rebuilt. - Recompiled to eliminate remaining libpng14 references in .la files. -l/pygtk-2.24.0-x86_64-2.txz: Rebuilt. - Recompiled to eliminate remaining libpng14 references in .la files. -n/bind-9.10.2_P2-x86_64-1.txz: Upgraded. - This update fixes a security issue where an attacker who can cause - a validating resolver to query a zone containing specifically constructed - contents can cause that resolver to fail an assertion and terminate due - to a defect in validation code. This means that a recursive resolver that - is performing DNSSEC validation can be deliberately stopped by an attacker - who can cause the resolver to perform a query against a - maliciously-constructed zone. This will result in a denial of service to - clients who rely on that resolver. - For more information, see: - https://kb.isc.org/article/AA-01267/ - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4620 - (* Security fix *) -n/ntp-4.2.8p3-x86_64-1.txz: Upgraded. - This update fixes a security issue where under specific circumstances an - attacker can send a crafted packet to cause a vulnerable ntpd instance to - crash. Since this requires 1) ntpd set up to allow remote configuration - (not allowed by default), and 2) knowledge of the configuration password, - and 3) access to a computer entrusted to perform remote configuration, - the vulnerability is considered low-risk. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5146 - (* Security fix *) -x/scim-hangul-0.3.2-x86_64-4.txz: Rebuilt. - Recompiled to eliminate remaining libpng14 references in .la files. -xap/imagemagick-6.9.1_7-x86_64-1.txz: Upgraded. - Added --with-gcc-arch=$ARCH to fix illegal instruction errors on 32-bit - platforms with non-AMD processors. Thanks to Kirils Solovjovs. -xap/mozilla-firefox-39.0-x86_64-1.txz: Upgraded. - This release contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html - (* Security fix *) -xap/pidgin-2.10.11-x86_64-2.txz: Rebuilt. - Patched to use gstreamer-1.x. Thanks to Heinz Wiesinger. -testing/source/config-testing-4.1.1/*: Added. +Fri Sep 8 17:56:01 UTC 2017 +a/coreutils-8.28-x86_64-1.txz: Upgraded. + A bug in the embedded gnulib allows "date" and "touch" to overwrite the + heap with large user specified TZ values, possibly executing arbitrary + code. Bug introduced in coreutils-8.27. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7476 + (* Security fix *) +a/file-5.32-x86_64-1.txz: Upgraded. +ap/mariadb-10.2.8-x86_64-2.txz: Rebuilt. +ap/sudo-1.8.21p2-x86_64-1.txz: Upgraded. +d/gdb-8.0.1-x86_64-1.txz: Upgraded. +d/gnu-cobol-1.1-x86_64-2.txz: Removed. +d/gnucobol-2.2-x86_64-1.txz: Added. + Package upgraded and renamed to new upstream name "gnucobol". +d/llvm-5.0.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +d/rust-1.20.0-x86_64-1.txz: Upgraded. +kde/kdelibs-4.14.36-x86_64-1.txz: Upgraded. +l/harfbuzz-1.5.1-x86_64-1.txz: Upgraded. +l/jemalloc-4.5.0-x86_64-1.txz: Upgraded. + Downgraded from version 5.0.1 due to problems with mariadb (which is + currently the only thing using jemalloc). Thanks to Heinz Wiesinger. +l/libidn2-2.0.4-x86_64-1.txz: Upgraded. +l/mozilla-nss-3.31.1-x86_64-1.txz: Upgraded. + Upgraded to nss-3.31.1 and nspr-4.16. +l/mpfr-3.1.6-x86_64-1.txz: Upgraded. +n/iproute2-4.13.0-x86_64-1.txz: Upgraded. +n/tcpdump-4.9.2-x86_64-1.txz: Upgraded. + This update fixes bugs and many security issues (see the included + CHANGES file). + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11541 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11541 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11542 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11542 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11543 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11543 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12893 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12894 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12895 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12896 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12897 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12898 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12899 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12900 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12901 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12902 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12985 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12986 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12987 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12988 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12989 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12990 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12991 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12992 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12994 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12995 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12996 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12997 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12998 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12999 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13000 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13001 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13002 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13003 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13004 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13005 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13006 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13007 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13008 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13009 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13010 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13011 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13012 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13013 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13014 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13015 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13016 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13017 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13018 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13019 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13020 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13021 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13022 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13023 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13024 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13025 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13026 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13027 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13028 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13029 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13030 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13031 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13032 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13033 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13034 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13035 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13036 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13037 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13038 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13039 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13040 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13041 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13042 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13043 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13044 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13045 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13046 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13047 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13048 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13049 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13050 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13051 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13052 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13053 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13054 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13055 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13687 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13688 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13689 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13690 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13725 + (* Security fix *) +x/mesa-17.2.0-x86_64-1.txz: Upgraded. + Compiled against llvm-5.0.0. +x/xf86-video-vmware-13.2.1-x86_64-4.txz: Rebuilt. + Recompiled against llvm-5.0.0. ++--------------------------+ +Thu Aug 31 21:14:43 UTC 2017 +l/akonadi-1.13.0-x86_64-5.txz: Rebuilt. + Merged an upstream patch and global config change to allow akonadi to work + properly with mariadb-10.2.8. Thanks to Heinz Wiesinger. +l/glib2-2.52.3-x86_64-2.txz: Rebuilt. + Fixed a race condition bug when using /etc/mtab. Thanks to ChrisVV. ++--------------------------+ +Wed Aug 30 22:34:34 UTC 2017 +a/e2fsprogs-1.43.6-x86_64-1.txz: Upgraded. +ap/sqlite-3.20.1-x86_64-1.txz: Upgraded. +d/perl-5.24.0-x86_64-2.txz: Rebuilt. + Recompiled against mariadb-10.2.8. + Upgraded to DBD-mysql-4.043, DBI-1.637, URI-1.72, and XML-Simple-2.24. +kde/amarok-2.8.0-x86_64-4.txz: Rebuilt. + Recompiled against mariadb-10.2.8. +kde/calligra-2.9.11-x86_64-14.txz: Rebuilt. + Recompiled against mariadb-10.2.8. +l/qt-4.8.7-x86_64-7.txz: Rebuilt. + Recompiled against mariadb-10.2.8. +l/redland-1.0.17-x86_64-2.txz: Rebuilt. + Recompiled against mariadb-10.2.8. +n/ulogd-2.0.5-x86_64-2.txz: Rebuilt. + Recompiled against mariadb-10.2.8. ++--------------------------+ +Wed Aug 30 02:41:28 UTC 2017 +a/logrotate-3.12.3-x86_64-1.txz: Upgraded. + Thanks to Robby Workman. +ap/cups-filters-1.17.2-x86_64-1.txz: Upgraded. +ap/mariadb-10.2.8-x86_64-1.txz: Upgraded. + Shared library .so-version bump / change. + Thanks to Heinz Wiesinger. +ap/nano-2.8.7-x86_64-1.txz: Upgraded. +d/cargo-0.20.0-x86_64-1.txz: Removed. + I wanted to put "Oxidized" here, but that would have confused slackpkg. ;-) +d/rust-1.19.0-x86_64-2.txz: Rebuilt. + Build with "extended = true" option to produce the extended Rust tool + set which is not only the compiler but also tools such as Cargo. This + is what upstream recommends now since they'll be dropping standalone + Cargo from the repository. Thanks to Andrew Clemons. +l/glade3-3.8.6-x86_64-1.txz: Upgraded. +l/jemalloc-5.0.1-x86_64-1.txz: Upgraded. +l/libpng-1.6.32-x86_64-1.txz: Upgraded. +n/bsd-finger-0.17-x86_64-2.txz: Rebuilt. + Patched to fix segfault with glibc-2.26. + Thanks to Karl Magnus Kolstø. +n/libgcrypt-1.8.1-x86_64-1.txz: Upgraded. + Mitigate a local side-channel attack on Curve25519 dubbed "May + the Fourth be With You". + For more information, see: + https://eprint.iacr.org/2017/806 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0379 + (* Security fix *) +x/mesa-17.1.8-x86_64-1.txz: Upgraded. ++--------------------------+ +Fri Aug 25 18:38:28 UTC 2017 +a/dialog-1.3_20170509-x86_64-1.txz: Upgraded. +a/kernel-generic-4.9.45-x86_64-1.txz: Upgraded. +a/kernel-huge-4.9.45-x86_64-1.txz: Upgraded. +a/kernel-modules-4.9.45-x86_64-1.txz: Upgraded. +ap/cups-filters-1.17.0-x86_64-1.txz: Upgraded. +ap/sudo-1.8.21-x86_64-1.txz: Upgraded. +d/cargo-0.20.0-x86_64-1.txz: Added. + Thanks to Andrew Clemons. +d/kernel-headers-4.9.45-x86-1.txz: Upgraded. +d/rust-1.19.0-x86_64-1.txz: Added. + Thanks to Andrew Clemons. +k/kernel-source-4.9.45-noarch-1.txz: Upgraded. +kde/kdelibs-4.14.35-x86_64-1.txz: Upgraded. +l/gtk+3-3.22.19-x86_64-1.txz: Upgraded. +l/harfbuzz-1.5.0-x86_64-1.txz: Upgraded. +l/libcdio-paranoia-10.2+0.94+2-x86_64-1.txz: Upgraded. +l/libedit-20170329_3.1-x86_64-1.txz: Upgraded. +n/gnutls-3.6.0-x86_64-1.txz: Upgraded. +n/whois-5.2.18-x86_64-1.txz: Upgraded. +x/libdrm-2.4.83-x86_64-1.txz: Upgraded. +x/mesa-17.1.7-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-55.0.3-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Fri Jun 12 17:58:45 UTC 2015 -a/openssl-solibs-1.0.1o-x86_64-1.txz: Upgraded. -n/openssl-1.0.1o-x86_64-1.txz: Upgraded. - New release to resolve 1.0.1n HMAC ABI incompatibility. +Thu Aug 17 05:36:28 UTC 2017 +a/kernel-generic-4.9.44-x86_64-1.txz: Upgraded. +a/kernel-huge-4.9.44-x86_64-1.txz: Upgraded. +a/kernel-modules-4.9.44-x86_64-1.txz: Upgraded. +d/kernel-headers-4.9.44-x86-1.txz: Upgraded. +k/kernel-source-4.9.44-noarch-1.txz: Upgraded. +xap/mozilla-thunderbird-52.3.0-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Thu Jun 11 21:31:47 UTC 2015 -a/openssl-solibs-1.0.1n-x86_64-1.txz: Upgraded. -ap/screen-4.2.1-x86_64-2.txz: Rebuilt. - Added some patches to fix corruption when using screen with a serial port. - Thanks to Stuart Winter. -d/gdb-7.9.1-x86_64-1.txz: Upgraded. -l/qt-4.8.7-x86_64-1.txz: Upgraded. -n/openssl-1.0.1n-x86_64-1.txz: Upgraded. - Fixes several bugs and security issues: - o Malformed ECParameters causes infinite loop (CVE-2015-1788) - o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789) - o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790) - o CMS verify infinite loop with unknown hash function (CVE-2015-1792) - o Race condition handling NewSessionTicket (CVE-2015-1791) - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791 - (* Security fix *) -n/php-5.6.9-x86_64-1.txz: Upgraded. - This update fixes some bugs and security issues. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7243 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2325 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2326 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4021 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4022 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4024 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4025 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4026 - (* Security fix *) -xap/mozilla-firefox-38.0.6-x86_64-1.txz: Upgraded. -xap/mozilla-thunderbird-38.0.1-x86_64-1.txz: Upgraded. -+--------------------------+ -Sun May 17 04:35:46 UTC 2015 -xap/mozilla-firefox-38.0.1-x86_64-1.txz: Upgraded. -xap/mozilla-thunderbird-31.7.0-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html - (* Security fix *) +Tue Aug 15 22:16:12 UTC 2017 +a/aaa_elflibs-14.2-x86_64-31.txz: Rebuilt. +a/kernel-generic-4.9.43-x86_64-1.txz: Upgraded. +a/kernel-huge-4.9.43-x86_64-1.txz: Upgraded. +a/kernel-modules-4.9.43-x86_64-1.txz: Upgraded. +ap/cups-2.2.4-x86_64-2.txz: Rebuilt. + Don't return an empty printer list when there is no default printer. + Thanks to Jurgen Van Ham. +d/gcc-7.2.0-x86_64-1.txz: Upgraded. +d/gcc-brig-7.2.0-x86_64-1.txz: Upgraded. +d/gcc-g++-7.2.0-x86_64-1.txz: Upgraded. +d/gcc-gfortran-7.2.0-x86_64-1.txz: Upgraded. +d/gcc-gnat-7.2.0-x86_64-1.txz: Upgraded. +d/gcc-go-7.2.0-x86_64-1.txz: Upgraded. +d/gcc-objc-7.2.0-x86_64-1.txz: Upgraded. +d/kernel-headers-4.9.43-x86-1.txz: Upgraded. +d/libtool-2.4.6-x86_64-6.txz: Rebuilt. + Recompiled to update embedded GCC version number. +k/kernel-source-4.9.43-noarch-1.txz: Upgraded. +l/poppler-data-0.4.8-noarch-1.txz: Upgraded. +x/xorg-server-1.19.3-x86_64-2.txz: Rebuilt. + This update fixes two security issues: + A user authenticated to an X Session could crash or execute code in the + context of the X Server by exploiting a stack overflow in the endianness + conversion of X Events. + Uninitialized data in endianness conversion in the XEvent handling of the + X.Org X Server allowed authenticated malicious users to access potentially + privileged data from the X server. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10971 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10972 + (* Security fix *) +x/xorg-server-xephyr-1.19.3-x86_64-2.txz: Rebuilt. +x/xorg-server-xnest-1.19.3-x86_64-2.txz: Rebuilt. +x/xorg-server-xvfb-1.19.3-x86_64-2.txz: Rebuilt. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Wed May 13 02:29:39 UTC 2015 -xap/mozilla-firefox-38.0-x86_64-1.txz: Upgraded. +Fri Aug 11 23:02:43 UTC 2017 +ap/cups-filters-1.16.1-x86_64-1.txz: Upgraded. +ap/mariadb-10.0.32-x86_64-1.txz: Upgraded. +ap/mpg123-1.25.6-x86_64-1.txz: Upgraded. +d/cmake-3.9.1-x86_64-1.txz: Upgraded. +d/git-2.14.1-x86_64-1.txz: Upgraded. + Fixes security issues: + A "ssh://..." URL can result in a "ssh" command line with a hostname that + begins with a dash "-", which would cause the "ssh" command to instead + (mis)treat it as an option. This is now prevented by forbidding such a + hostname (which should not impact any real-world usage). + Similarly, when GIT_PROXY_COMMAND is configured, the command is run with + host and port that are parsed out from "ssh://..." URL; a poorly written + GIT_PROXY_COMMAND could be tricked into treating a string that begins with a + dash "-" as an option. This is now prevented by forbidding such a hostname + and port number (again, which should not impact any real-world usage). + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000117 + (* Security fix *) +d/mercurial-4.3.1-x86_64-1.txz: Upgraded. + Fixes security issues: + Mercurial's symlink auditing was incomplete prior to 4.3, and could + be abused to write to files outside the repository. + Mercurial was not sanitizing hostnames passed to ssh, allowing + shell injection attacks on clients by specifying a hostname starting + with -oProxyCommand. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000115 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000116 + (* Security fix *) +d/subversion-1.9.7-x86_64-1.txz: Upgraded. + Fixed client side arbitrary code execution vulnerability. + For more information, see: + https://subversion.apache.org/security/CVE-2017-9800-advisory.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9800 + (* Security fix *) +l/libsoup-2.58.2-x86_64-1.txz: Upgraded. + Fixed a chunked decoding buffer overrun that could be exploited against + either clients or servers. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2885 + (* Security fix *) +n/samba-4.6.7-x86_64-1.txz: Upgraded. +tcl/tcl-8.6.7-x86_64-1.txz: Upgraded. +tcl/tk-8.6.7-x86_64-1.txz: Upgraded. ++--------------------------+ +Wed Aug 9 20:23:16 UTC 2017 +a/kernel-generic-4.9.41-x86_64-1.txz: Upgraded. +a/kernel-huge-4.9.41-x86_64-1.txz: Upgraded. +a/kernel-modules-4.9.41-x86_64-1.txz: Upgraded. +ap/cups-filters-1.16.0-x86_64-2.txz: Rebuilt. + Linked against poppler-0.57.0. +ap/mpg123-1.25.5-x86_64-1.txz: Upgraded. +d/gcc-7.1.0-x86_64-3.txz: Rebuilt. + Recompiled with upstream patches for glibc-2.26 compatibility. +d/gcc-brig-7.1.0-x86_64-3.txz: Rebuilt. +d/gcc-g++-7.1.0-x86_64-3.txz: Rebuilt. +d/gcc-gfortran-7.1.0-x86_64-3.txz: Rebuilt. +d/gcc-gnat-7.1.0-x86_64-3.txz: Rebuilt. +d/gcc-go-7.1.0-x86_64-3.txz: Rebuilt. +d/gcc-objc-7.1.0-x86_64-3.txz: Rebuilt. +d/kernel-headers-4.9.41-x86-1.txz: Upgraded. +d/llvm-4.0.1-x86_64-2.txz: Rebuilt. + Fixed garbled output from lldb. Thanks to Ebben Aries. + Patched to compile with glibc-2.26. +k/kernel-source-4.9.41-noarch-1.txz: Upgraded. +kde/calligra-2.9.11-x86_64-13.txz: Rebuilt. + Linked against glew-2.1.0 and poppler-0.57.0. +l/gdk-pixbuf2-2.36.8-x86_64-1.txz: Upgraded. +l/gtk+3-3.22.18-x86_64-1.txz: Upgraded. +l/harfbuzz-1.4.8-x86_64-1.txz: Upgraded. +l/libxslt-1.1.29-x86_64-2.txz: Rebuilt. + Don't include xlocale.h in libxslt/xsltlocale.h, as it has been removed from + glibc-2.26. Thanks to Matteo Bernardini. +l/pango-1.40.9-x86_64-1.txz: Upgraded. +l/poppler-0.57.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +n/curl-7.55.0-x86_64-1.txz: Upgraded. + This update fixes three security issues: + URL globbing out of bounds read + TFTP sends more than buffer size + FILE buffer read out of bounds + For more information, see: + https://curl.haxx.se/docs/adv_20170809A.html + https://curl.haxx.se/docs/adv_20170809B.html + https://curl.haxx.se/docs/adv_20170809C.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000099 + (* Security fix *) +n/httpd-2.4.27-x86_64-2.txz: Rebuilt. + Recompiled against glibc-2.26 to fix relocation error. + Thanks to Willy Sudiarto Raharjo. +x/glew-2.1.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +x/libdrm-2.4.82-x86_64-1.txz: Upgraded. +x/mesa-17.1.6-x86_64-1.txz: Upgraded. + Linked against glew-2.1.0. +xap/gparted-0.29.0-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-52.3.0esr-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html + https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html (* Security fix *) +xfce/tumbler-0.2.0-x86_64-1.txz: Upgraded. + Linked against poppler-0.57.0. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Tue May 12 07:17:33 UTC 2015 -ap/mariadb-10.0.18-x86_64-1.txz: Upgraded. +Sun Aug 6 05:29:56 UTC 2017 +a/e2fsprogs-1.43.5-x86_64-1.txz: Upgraded. +a/glibc-solibs-2.26-x86_64-2.txz: Rebuilt. +ap/vim-8.0.0876-x86_64-1.txz: Upgraded. +d/git-2.14.0-x86_64-1.txz: Upgraded. +l/glibc-2.26-x86_64-2.txz: Rebuilt. + Recompiled to add libnss_compat-2.26.so, libnss_nis-2.26.so, + libnss_nisplus-2.26.so, and headers to restore missing/broken + NIS functionality. +l/glibc-i18n-2.26-x86_64-2.txz: Rebuilt. +l/glibc-profile-2.26-x86_64-2.txz: Rebuilt. +xap/vim-gvim-8.0.0876-x86_64-1.txz: Upgraded. ++--------------------------+ +Fri Aug 4 19:22:07 UTC 2017 +a/glibc-solibs-2.26-x86_64-1.txz: Upgraded. +ap/sqlite-3.20.0-x86_64-1.txz: Upgraded. +l/glibc-2.26-x86_64-1.txz: Upgraded. +l/glibc-i18n-2.26-x86_64-1.txz: Upgraded. +l/glibc-profile-2.26-x86_64-1.txz: Upgraded. +l/imagemagick-6.9.9_5-x86_64-1.txz: Upgraded. +l/pango-1.40.7-x86_64-2.txz: Rebuilt. + Patched to fix Unicode emoji handling issue caused by width changes in glibc. +n/bind-9.11.2-x86_64-1.txz: Upgraded. +n/dhcp-4.3.6-x86_64-1.txz: Upgraded. +n/nmap-7.60-x86_64-1.txz: Upgraded. ++--------------------------+ +Wed Aug 2 03:43:51 UTC 2017 +a/btrfs-progs-v4.12-x86_64-1.txz: Upgraded. +l/ffmpeg-3.3.3-x86_64-1.txz: Upgraded. +l/seamonkey-solibs-2.48-x86_64-2.txz: Rebuilt. +n/bluez-5.46-x86_64-2.txz: Rebuilt. + Added /usr/bin/gatttool. +n/gnupg-1.4.22-x86_64-1.txz: Upgraded. + Mitigate a flush+reload side-channel attack on RSA secret keys dubbed + "Sliding right into disaster". + For more information, see: + https://eprint.iacr.org/2017/627 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7526 + (* Security fix *) +n/gnupg2-2.1.22-x86_64-1.txz: Upgraded. +x/xf86-input-wacom-0.35.0-x86_64-1.txz: Upgraded. +xap/seamonkey-2.48-x86_64-2.txz: Rebuilt. + Recompiled with -fno-delete-null-pointer-checks to fix crashes caused by + aggressive gcc7 optimization. Thanks to KewlCat for the bug report. ++--------------------------+ +Fri Jul 28 20:29:47 UTC 2017 +a/dbus-1.10.22-x86_64-1.txz: Upgraded. +a/gptfdisk-1.0.3-x86_64-1.txz: Upgraded. +a/kernel-generic-4.9.40-x86_64-1.txz: Upgraded. +a/kernel-huge-4.9.40-x86_64-1.txz: Upgraded. +a/kernel-modules-4.9.40-x86_64-1.txz: Upgraded. +a/mkinitrd-1.4.11-x86_64-4.txz: Rebuilt. + Upgraded to busybox-1.27.1. +ap/cups-filters-1.16.0-x86_64-1.txz: Upgraded. +ap/hplip-3.17.7-x86_64-1.txz: Upgraded. +ap/squashfs-tools-4.3-x86_64-2.txz: Rebuilt. + Patched a couple of denial of service issues and other bugs. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4645 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4646 + (* Security fix *) +d/kernel-headers-4.9.40-x86-1.txz: Upgraded. +k/kernel-source-4.9.40-noarch-1.txz: Upgraded. +l/libpng-1.6.31-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. + Upgraded to busybox-1.27.1. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. + Upgraded to busybox-1.27.1. ++--------------------------+ +Thu Jul 27 01:03:02 UTC 2017 +a/dbus-1.10.20-x86_64-2.txz: Rebuilt. + Don't demand high-quality entropy from expat-2.2.2+ because 1) dbus doesn't + need it and 2) it can cause the boot process to hang if dbus times out. + Thanks to SeB for a link to the bug report and patch. ++--------------------------+ +Tue Jul 25 21:09:42 UTC 2017 +n/bind-9.11.1_P3-x86_64-1.txz: Upgraded. + Fix a regression in the previous BIND release that broke verification + of TSIG signed TCP message sequences where not all the messages contain + TSIG records. + Compiled to use libidn rather than the deprecated (and broken) idnkit. +n/idnkit-1.0-x86_64-1.txz: Removed. ++--------------------------+ +Tue Jul 25 03:45:44 UTC 2017 +a/lvm2-2.02.173-x86_64-1.txz: Upgraded. +a/xfsprogs-4.12.0-x86_64-1.txz: Upgraded. +ap/vim-8.0.0771-x86_64-1.txz: Upgraded. +e/emacs-25.2-x86_64-3.txz: Rebuilt. + Linked against imagemagick-6.9.9-3 and gtk+3-3.22.17. +l/imagemagick-6.9.9_3-x86_64-1.txz: Upgraded. + Compiled with --enable-hdri option. + Shared library .so-version bump. +l/virtuoso-ose-6.1.8-x86_64-7.txz: Rebuilt. + Linked against imagemagick-6.9.9-3. +xap/gnuchess-6.2.5-x86_64-1.txz: Upgraded. +xap/vim-gvim-8.0.0771-x86_64-1.txz: Upgraded. + Linked against gtk+3-3.22.17. +xap/xine-lib-1.2.8-x86_64-3.txz: Rebuilt. + Linked against imagemagick-6.9.9-3. +xap/xlockmore-5.54-x86_64-2.txz: Rebuilt. + Linked against imagemagick-6.9.9-3. ++--------------------------+ +Mon Jul 24 19:59:34 UTC 2017 +ap/man-pages-4.12-noarch-1.txz: Upgraded. +ap/mpg123-1.25.4-x86_64-1.txz: Upgraded. +ap/nano-2.8.6-x86_64-1.txz: Upgraded. +d/binutils-2.29-x86_64-1.txz: Upgraded. +d/oprofile-1.1.0-x86_64-4.txz: Rebuilt. + Recompiled against new libbfd from binutils-2.29. +l/gdk-pixbuf2-2.36.7-x86_64-2.txz: Rebuilt. + Restored greyscale support. Thanks to brobr. + Fixed handling cache updates on multilib. Thanks to SeB. +l/libidn2-2.0.3-x86_64-1.txz: Upgraded. +n/tcpdump-4.9.1-x86_64-1.txz: Upgraded. + This update fixes an issue where tcpdump 4.9.0 allows remote attackers + to cause a denial of service (heap-based buffer over-read and application + crash) via crafted packet data. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11108 + (* Security fix *) +xap/pan-0.142-x86_64-1.txz: Upgraded. ++--------------------------+ +Fri Jul 21 20:09:49 UTC 2017 +l/seamonkey-solibs-2.48-x86_64-1.txz: Upgraded. +xap/seamonkey-2.48-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0501 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2571 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0505 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0499 - (* Security fix *) -ap/terminus-font-4.39-noarch-1.txz: Upgraded. -d/slacktrack-2.17-x86_64-1.txz: Upgraded. - Thanks to Stuart Winter. -l/libcanberra-0.30-x86_64-1.txz: Upgraded. -l/qt-4.8.6-x86_64-4.txz: Rebuilt. - QNAM: Fix upload corruptions when server closes connection - This patch fixes several upload corruptions if the server closes the - connection while/before we send data into it. - cherry picked from commit: qtbase/cff39fba10ffc10ee4dcfdc66ff6528eb -n/wpa_supplicant-2.4-x86_64-2.txz: Rebuilt. - This update fixes potential denial of service issues. - For more information, see: - http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt - http://w1.fi/security/2015-2/wps-upnp-http-chunked-transfer-encoding.txt - http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt - http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1863 - (* Security fix *) -+--------------------------+ -Mon May 4 04:15:20 UTC 2015 -a/aaa_terminfo-5.9-x86_64-1.txz: Upgraded. -a/btrfs-progs-v3.18.2-x86_64-1.txz: Upgraded. -ap/cups-2.0.2-x86_64-3.txz: Rebuilt. - Removed files that overlap with the cups-filter package. -ap/cups-filters-1.0.68-x86_64-2.txz: Rebuilt. - Removed bundled version of foomatic-rip. -kde/calligra-2.9.4-x86_64-1.txz: Upgraded. -kdei/calligra-l10n-bs-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ca-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ca@valencia-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-cs-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-da-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-de-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-el-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-en_GB-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-es-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-et-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-fi-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-fr-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-gl-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-hu-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-it-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ja-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-kk-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-nb-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-nl-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pl-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pt-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pt_BR-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ru-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-sk-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-sv-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-tr-2.9.2-noarch-1.txz: Removed. -kdei/calligra-l10n-uk-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-zh_CN-2.9.4-noarch-1.txz: Upgraded. -kdei/calligra-l10n-zh_TW-2.9.4-noarch-1.txz: Upgraded. -l/libidn-1.30-x86_64-1.txz: Upgraded. - This is reported to fix hangs with Emacs and other programs. - Thanks to 55020. -l/ncurses-5.9-x86_64-4.txz: Rebuilt. - Applied upstream patch ncurses-5.9-20141206-patch.sh. -l/qt-4.8.6-x86_64-3.txz: Rebuilt. - Upgraded the WebKit components to version 2.3.4, which uses gstreamer-1 - instead of gstreamer-0. This should fix conflicts with programs that - use both WebKit and phonon. Thanks to Heinz Wiesinger. -x/libdrm-2.4.60-x86_64-1.txz: Upgraded. -x/mesa-10.5.4-x86_64-1.txz: Upgraded. -xfce/xfwm4-4.12.2-x86_64-2.txz: Rebuilt. - Reverted to older xinitrc.xfce to fix problems starting Xfce from XDM. - Thanks to comet.berkeley. -+--------------------------+ -Wed Apr 29 05:10:52 UTC 2015 -l/libxml2-2.9.2-x86_64-2.txz: Rebuilt. - Reverted a patch that breaks the catalog. Thanks to Stuart Winter. -n/gnupg-1.4.19-x86_64-2.txz: Rebuilt. - Patched to fix spurious debug messages that may break sbopkg and slackpkg. - Thanks to Willy Sudiarto Raharjo. -+--------------------------+ -Sun Apr 26 18:56:37 UTC 2015 -l/shared-mime-info-1.3-x86_64-2.txz: Rebuilt. - Patched to not hammer the system with fsync. + http://www.seamonkey-project.org/releases/seamonkey2.48 + (* Security fix *) ++--------------------------+ +Thu Jul 20 21:06:53 UTC 2017 +a/util-linux-2.30.1-x86_64-1.txz: Upgraded. +l/lcms2-2.8-x86_64-1.txz: Upgraded. +l/librsvg-2.40.18-x86_64-1.txz: Upgraded. +x/libinput-1.8.1-x86_64-1.txz: Upgraded. ++--------------------------+ +Wed Jul 19 20:58:46 UTC 2017 +e/emacs-25.2-x86_64-2.txz: Rebuilt. + Linked against imagemagick-6.9.9-0. +l/gdk-pixbuf2-2.36.7-x86_64-1.txz: Upgraded. +l/gtk+3-3.22.17-x86_64-1.txz: Upgraded. +l/harfbuzz-1.4.7-x86_64-1.txz: Upgraded. +l/virtuoso-ose-6.1.8-x86_64-6.txz: Rebuilt. + Linked against imagemagick-6.9.9-0. +n/libgcrypt-1.8.0-x86_64-1.txz: Upgraded. +xap/xine-lib-1.2.8-x86_64-2.txz: Rebuilt. + Linked against imagemagick-6.9.9-0. +xap/xlockmore-5.54-x86_64-1.txz: Upgraded. + Linked against imagemagick-6.9.9-0. ++--------------------------+ +Tue Jul 18 23:10:25 UTC 2017 +a/kernel-generic-4.9.38-x86_64-1.txz: Upgraded. +a/kernel-huge-4.9.38-x86_64-1.txz: Upgraded. +a/kernel-modules-4.9.38-x86_64-1.txz: Upgraded. +a/mkinitrd-1.4.11-x86_64-3.txz: Upgraded. + Support btrfs and ocfs2 volume ids in busybox. Thanks to bam80. + Handle rootflags in init script. Thanks to davjohn. +a/openssl-solibs-1.0.2l-x86_64-1.txz: Upgraded. +ap/gutenprint-5.2.13-x86_64-1.txz: Upgraded. +d/cmake-3.9.0-x86_64-1.txz: Upgraded. +d/kernel-headers-4.9.38-x86-1.txz: Upgraded. +k/kernel-source-4.9.38-noarch-1.txz: Upgraded. +kde/calligra-2.9.11-x86_64-12.txz: Rebuilt. + Linked against exiv2-0.26. +kde/gwenview-4.14.3-x86_64-3.txz: Rebuilt. + Linked against exiv2-0.26. +kde/kde-runtime-4.14.3-x86_64-5.txz: Rebuilt. + Linked against exiv2-0.26 and libwebp-0.6.0. +kde/kdelibs-4.14.34-x86_64-1.txz: Upgraded. +kde/kfilemetadata-4.14.3-x86_64-3.txz: Rebuilt. + Linked against exiv2-0.26. +kde/libkexiv2-4.14.3-x86_64-3.txz: Rebuilt. + Linked against exiv2-0.26. +kde/nepomuk-core-4.14.3-x86_64-3.txz: Rebuilt. + Linked against exiv2-0.26. +l/SDL2_image-2.0.1-x86_64-2.txz: Rebuilt. + Linked against libwebp-0.6.0. +l/exiv2-0.26-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/expat-2.2.2-x86_64-1.txz: Upgraded. + Fixes security issues including: + External entity infinite loop DoS + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9233 + https://libexpat.github.io/doc/cve-2017-9233/ + (* Security fix *) +l/ffmpeg-3.3.2-x86_64-2.txz: Rebuilt. + Linked against libwebp-0.6.0. +l/gd-2.2.4-x86_64-1.txz: Upgraded. + Linked against libwebp-0.6.0. + Fixes security issues: + gdImageCreate() doesn't check for oversized images and as such is prone to + DoS vulnerabilities. (CVE-2016-9317) + double-free in gdImageWebPtr() (CVE-2016-6912) + potential unsigned underflow in gd_interpolation.c (CVE-2016-10166) + DOS vulnerability in gdImageCreateFromGd2Ctx() (CVE-2016-10167) + Signed Integer Overflow gd_io.c (CVE-2016-10168) + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168 + (* Security fix *) +l/imagemagick-6.9.9_0-x86_64-1.txz: Upgraded. + Linked against libwebp-0.6.0. + Shared library .so-version bump. +l/libwebp-0.6.0-x86_64-1.txz: Added. + Thanks to powtrix. +l/orc-0.4.27-x86_64-1.txz: Upgraded. +l/pango-1.40.7-x86_64-1.txz: Upgraded. +l/strigi-0.7.8-x86_64-3.txz: Rebuilt. + Linked against exiv2-0.26. +n/bluez-5.46-x86_64-1.txz: Upgraded. +n/libtirpc-1.0.2-x86_64-1.txz: Upgraded. +n/nfs-utils-1.3.4-x86_64-2.txz: Rebuilt. + Added /etc/default/nfs config file for setting additional options. + Thanks to shasta and Robby Workman. +n/openssh-7.5p1-x86_64-2.txz: Rebuilt. + Added /etc/default/sshd config file for setting additional options. + Thanks to shasta and Robby Workman. +n/openssl-1.0.2l-x86_64-1.txz: Upgraded. +n/rpcbind-0.2.4-x86_64-2.txz: Rebuilt. + Fixed a bug in a previous patch where a svc_freeargs() call ended up freeing + a static pointer causing rpcbind to crash. Thanks to Jonathan Woithe, + Rafael Jorge Csura Szendrodi, and Robby Workman for identifying the problem + and helping to test a fix. + Added /etc/default/rpc config file (useful for setting static port + assignments). Thanks to shasta and Robby Workman. +n/stunnel-5.42-x86_64-1.txz: Upgraded. +n/yptools-2.14-x86_64-8.txz: Rebuilt. + Added /etc/default/yp config file for setting additional options. + Thanks to shasta and Robby Workman. +xap/geeqie-1.3-x86_64-2.txz: Rebuilt. + Linked against exiv2-0.26. +xfce/xfce4-terminal-0.8.6-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Sun Apr 26 16:50:47 UTC 2015 -ap/cups-2.0.2-x86_64-2.txz: Rebuilt. - Patched to fix high CPU load on one core when adding or removing printers. +Fri Jul 14 22:11:58 UTC 2017 +ap/mariadb-10.0.31-x86_64-1.txz: Upgraded. + This update fixes bugs and security issues. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3308 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3309 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3453 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3456 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3464 + (* Security fix *) +l/gst-plugins-base-1.12.2-x86_64-1.txz: Upgraded. +l/gst-plugins-good-1.12.2-x86_64-1.txz: Upgraded. +l/gst-plugins-libav-1.12.2-x86_64-1.txz: Upgraded. +l/gstreamer-1.12.2-x86_64-1.txz: Upgraded. +l/libjpeg-turbo-1.5.2-x86_64-1.txz: Upgraded. +n/samba-4.6.6-x86_64-1.txz: Upgraded. + This update fixes an authentication validation bypass security issue: + "Orpheus' Lyre mutual authentication validation bypass" + All versions of Samba from 4.0.0 onwards using embedded Heimdal + Kerberos are vulnerable to a man-in-the-middle attack impersonating + a trusted server, who may gain elevated access to the domain by + returning malicious replication or authorization data. + Samba binaries built against MIT Kerberos are not vulnerable. + For more information, see: + https://www.samba.org/samba/security/CVE-2017-11103.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11103 + (* Security fix *) +x/mesa-17.1.5-x86_64-1.txz: Upgraded. ++--------------------------+ +Thu Jul 13 19:24:36 UTC 2017 +a/mkinitrd-1.4.11-x86_64-2.txz: Rebuilt. + Process initrd output filename template strings %KVER% and %SLACKVER% + after processing all other options to prevent depending on the command + line order for proper functioning. Thanks to SeB. +n/httpd-2.4.27-x86_64-1.txz: Upgraded. + This update fixes two security issues: + Read after free in mod_http2 (CVE-2017-9789) + Uninitialized memory reflection in mod_auth_digest (CVE-2017-9788) + Thanks to Robert Swiecki for reporting these issues. + For more information, see: + https://httpd.apache.org/security/vulnerabilities_24.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9789 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788 + (* Security fix *) ++--------------------------+ +Wed Jul 12 23:11:53 UTC 2017 +a/kernel-generic-4.9.37-x86_64-1.txz: Upgraded. +a/kernel-huge-4.9.37-x86_64-1.txz: Upgraded. +a/kernel-modules-4.9.37-x86_64-1.txz: Upgraded. +a/mkinitrd-1.4.11-x86_64-1.txz: Upgraded. + Added support for including template strings %KVER% (kernel version) and + %SLACKVER% (Slackware version) in the output filename. Thanks to SeB. +a/pciutils-3.5.5-x86_64-1.txz: Upgraded. +ap/cgmanager-0.41-x86_64-2.txz: Rebuilt. + Fixed duplicate init scripts. +ap/mpg123-1.25.2-x86_64-1.txz: Upgraded. +ap/screen-4.6.1-x86_64-1.txz: Upgraded. +d/kernel-headers-4.9.37-x86-1.txz: Upgraded. +d/strace-4.18-x86_64-1.txz: Upgraded. +k/kernel-source-4.9.37-noarch-1.txz: Upgraded. +l/libarchive-3.3.2-x86_64-1.txz: Upgraded. +n/crda-3.18-x86_64-4.txz: Rebuilt. + Rebuilt using wireless-regdb-2017.03.07. Thanks to Robby Workman. +n/iproute2-4.12.0-x86_64-1.txz: Upgraded. +extra/bash-completion/bash-completion-2.7-noarch-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Sat Apr 25 23:13:15 UTC 2015 -ap/sqlite-3.8.9-x86_64-1.txz: Upgraded. -l/netpbm-10.66.02-x86_64-3.txz: Rebuilt. - Fixed missing pnmtops. Thanks to Richard David Sherman. -n/gnupg2-2.0.27-x86_64-2.txz: Rebuilt. - Patched to fix spurious debug messages that may break sbopkg and slackpkg. - Thanks to Willy Sudiarto Raharjo. -tcl/tcl-8.6.4-x86_64-1.txz: Upgraded. -tcl/tk-8.6.4-x86_64-1.txz: Upgraded. -xap/MPlayer-20150425-x86_64-1.txz: Upgraded. - Fixed runtime CPU detection. Thanks to Daniil Bratashov. -+--------------------------+ -Sat Apr 25 02:37:47 UTC 2015 -a/aaa_elflibs-14.1-x86_64-6.txz: Rebuilt. - Added libstdc++.so.6.0.20. -a/cxxlibs-6.0.18-x86_64-1.txz: Removed. -a/mkinitrd-1.4.8-x86_64-4.txz: Rebuilt. - In mkinitrd_command_generator.sh: fixed the kernel version detection, and - muted the error about missing /sys hcd module directories. - Blacklisted iphone-set-info to prevent the initrd from uselessly bloating. - Thanks to Ryan P.C. McQuen, Eric Hameleers, and Dan Church. -d/gcc-4.9.2-x86_64-2.txz: Rebuilt. - Recompiled with --enable-install-libiberty. Thanks to fskmh. -d/gcc-g++-4.9.2-x86_64-2.txz: Rebuilt. -d/gcc-gfortran-4.9.2-x86_64-2.txz: Rebuilt. -d/gcc-gnat-4.9.2-x86_64-2.txz: Rebuilt. -d/gcc-go-4.9.2-x86_64-2.txz: Rebuilt. -d/gcc-java-4.9.2-x86_64-2.txz: Rebuilt. -d/gcc-objc-4.9.2-x86_64-2.txz: Rebuilt. -d/llvm-3.6.0-x86_64-2.txz: Rebuilt. - Fixed overly restrictive permissions on c++-analyzer, ccc-analyzer, - scan-build, set-xcode-analyzer, and scan-view. - Thanks to Ricardo Nabinger Sanchez. -l/gc-7.4.2-x86_64-2.txz: Rebuilt. - Patched to fix "undefined reference to `GC_setup_mark_lock'", noticed while - building inkscape. Thanks to Matteo Bernardini. -l/libmpc-1.0.3-x86_64-1.txz: Upgraded. - Thanks to fskmh. -l/lzo-2.09-x86_64-1.txz: Upgraded. -l/netpbm-10.66.02-x86_64-2.txz: Rebuilt. - Fixed libnetpbm.so symlink. Thanks to Matteo Bernardini. -n/crda-3.18-x86_64-2.txz: Rebuilt. - Ensure libreg.so is installed in the proper lib directory. +Mon Jul 10 21:43:37 UTC 2017 +a/dbus-1.10.20-x86_64-1.txz: Upgraded. +a/lvm2-2.02.172-x86_64-1.txz: Upgraded. +ap/diffstat-1.61-x86_64-1.txz: Upgraded. +ap/hplip-3.17.6-x86_64-1.txz: Upgraded. +ap/sysstat-11.4.4-x86_64-1.txz: Upgraded. +d/git-2.13.2-x86_64-1.txz: Upgraded. +d/help2man-1.46.6-x86_64-1.txz: Upgraded. +d/strace-4.17-x86_64-1.txz: Upgraded. +l/hunspell-1.6.1-x86_64-1.txz: Upgraded. +l/libtiff-4.0.8-x86_64-1.txz: Upgraded. +n/libqmi-1.18.0-x86_64-1.txz: Upgraded. +n/libtirpc-1.0.1-x86_64-3.txz: Rebuilt. + Patched a bug which can cause a denial of service through memory exhaustion. Thanks to Robby Workman. -n/iproute2-3.18.0-x86_64-2.txz: Rebuilt. - Properly handle /etc/iproute2/nl_protos.new config file. - Thanks to Wim Speekenbrink. -n/libgpg-error-1.18-x86_64-2.txz: Rebuilt. - Compress info file, and remove /usr/info/dir from package. - Thanks to Edward Trumbo. - Don't build static library. -n/php-5.6.8-x86_64-2.txz: Rebuilt. - Fixed permissions on /etc/httpd/. Thanks to Francisco Ambrozio. -n/rsync-3.1.1-x86_64-1.txz: Upgraded. -+--------------------------+ -Tue Apr 21 23:44:00 UTC 2015 -Greetings! It has indeed been far too long. I apologize for the absence -of updates lately, but we've been using the time to get some good work done. -This is not a beta (probably not even an alpha release yet), but it is also -not a drill. ;-) We've spared you all most of the pain while we -transitioned to a lot of new libraries that got major version number bumps, -and have tested everything to ensure that this will be a smooth upgrade. -Still, I'd be surprised if all this didn't introduce any regressions, so if -you find any problems let us know. Huge thanks are due to Robby Workman, -Heinz Wiesinger, Eric Hameleers, and Stuart Winter for all the help. Have fun! -a/aaa_elflibs-14.1-x86_64-5.txz: Rebuilt. -a/acl-2.2.52-x86_64-1.txz: Upgraded. -a/acpid-2.0.23-x86_64-1.txz: Upgraded. -a/attr-2.4.47-x86_64-1.txz: Upgraded. -a/cryptsetup-1.6.6-x86_64-1.txz: Upgraded. -a/dbus-1.8.16-x86_64-1.txz: Upgraded. -a/dosfstools-3.0.26-x86_64-1.txz: Upgraded. -a/ed-1.11-x86_64-1.txz: Upgraded. -a/etc-14.2-x86_64-1.txz: Upgraded. - Added usbmux user to /etc/passwd. -a/file-5.22-x86_64-1.txz: Upgraded. - Include the flat files in the package again. - Compile /etc/file/magic.mgc from the flat files upon installation, - and include a script in /etc/file/ to recompile from the flat files - to handle any local additions. - Thanks to Marco Maggi and Kees Theunissen. -a/gawk-4.1.1-x86_64-3.txz: Rebuilt. -a/gettext-0.19.4-x86_64-1.txz: Upgraded. -a/glibc-solibs-2.21-x86_64-2.txz: Rebuilt. -a/glibc-zoneinfo-2015c-noarch-1.txz: Upgraded. -a/gptfdisk-1.0.0-x86_64-1.txz: Upgraded. -a/hdparm-9.45-x86_64-1.txz: Upgraded. -a/infozip-6.0-x86_64-3.txz: Rebuilt. -a/kernel-generic-3.18.11-x86_64-1.txz: Upgraded. -a/kernel-huge-3.18.11-x86_64-1.txz: Upgraded. - Config changes for the huge kernel: - HW_RANDOM_VIRTIO m -> y - SCSI_VIRTIO m -> y - VIRTIO m -> y - VIRTIO_BALLOON m -> y - VIRTIO_BLK m -> y - VIRTIO_CONSOLE m -> y - VIRTIO_MMIO m -> y - VIRTIO_NET m -> y - VIRTIO_PCI m -> y -a/kernel-modules-3.18.11-x86_64-1.txz: Upgraded. -a/kmod-20-x86_64-1.txz: Upgraded. -a/less-458-x86_64-1.txz: Upgraded. -a/logrotate-3.8.9-x86_64-1.txz: Upgraded. -a/lvm2-2.02.118-x86_64-1.txz: Upgraded. -a/mdadm-3.3.2-x86_64-1.txz: Upgraded. -a/mkinitrd-1.4.8-x86_64-3.txz: Rebuilt. - Patched to fix a minor bug passing kernel options with -m. - Thanks to hutyerah. -a/ntfs-3g-2015.3.14-x86_64-1.txz: Upgraded. -a/openssl-solibs-1.0.1m-x86_64-1.txz: Upgraded. - Dropped the old .so.0 libraries. -a/reiserfsprogs-3.6.24-x86_64-1.txz: Upgraded. -a/smartmontools-6.3-x86_64-1.txz: Upgraded. -a/sysvinit-scripts-2.0-noarch-20.txz: Rebuilt. - Initialize the system clock frequency and tick in rc.S, and various other - clock handling improvements. Thanks to Xsane. - Filter errors from .gvfs when unmounting local filesystems. - Look for SDDM in rc.4. -a/udisks2-2.1.5-x86_64-1.txz: Upgraded. -a/upower-0.9.23-x86_64-1.txz: Upgraded. -a/usb_modeswitch-2.2.1-x86_64-1.txz: Upgraded. -a/xfsprogs-3.2.2-x86_64-1.txz: Upgraded. -a/xz-5.2.1-x86_64-1.tgz: Upgraded. -ap/alsa-utils-1.0.29-x86_64-1.txz: Upgraded. -ap/bc-1.06.95-x86_64-3.txz: Rebuilt. -ap/cdrtools-3.01a24-x86_64-1.txz: Upgraded. -ap/cups-2.0.2-x86_64-1.txz: Upgraded. -ap/cups-filters-1.0.68-x86_64-1.txz: Added. -ap/dmidecode-2.12-x86_64-1.txz: Upgraded. -ap/flac-1.3.1-x86_64-1.txz: Upgraded. -ap/foomatic-filters-4.0.17-x86_64-1.txz: Upgraded. -ap/ghostscript-9.16-x86_64-1.txz: Upgraded. -ap/gphoto2-2.5.6-x86_64-1.txz: Upgraded. -ap/gutenprint-5.2.10-x86_64-1.txz: Upgraded. -ap/hplip-3.15.2-x86_64-1.txz: Upgraded. -ap/htop-1.0.3-x86_64-1.txz: Upgraded. -ap/itstool-2.0.2-x86_64-1.txz: Upgraded. -ap/lsscsi-0.28-x86_64-1.txz: Upgraded. -ap/lzip-1.16-x86_64-1.txz: Upgraded. -ap/man-pages-3.82-noarch-1.txz: Upgraded. -ap/mariadb-10.0.17-x86_64-1.txz: Upgraded. -ap/nano-2.4.1-x86_64-1.txz: Upgraded. -ap/qpdf-5.1.2-x86_64-1.txz: Added. -ap/radeontool-1.6.3-x86_64-1.txz: Upgraded. -ap/sox-14.4.2-x86_64-1.txz: Upgraded. -ap/sqlite-3.8.8.3-x86_64-1.txz: Upgraded. -ap/tmux-1.9a-x86_64-1.txz: Upgraded. -ap/usbmuxd-1.0.9-x86_64-1.txz: Added. -ap/vim-7.4.692-x86_64-1.txz: Upgraded. -ap/xfsdump-3.1.4-x86_64-1.txz: Upgraded. -ap/zsh-5.0.7-x86_64-1.txz: Upgraded. -d/bison-3.0.4-x86_64-1.txz: Upgraded. -d/clisp-2.49-x86_64-3.txz: Rebuilt. -d/cmake-3.1.3-x86_64-1.txz: Upgraded. -d/doxygen-1.8.9.1-x86_64-1.txz: Upgraded. -d/flex-2.5.39-x86_64-1.txz: Upgraded. -d/gcc-4.9.2-x86_64-1.txz: Upgraded. -d/gcc-g++-4.9.2-x86_64-1.txz: Upgraded. -d/gcc-gfortran-4.9.2-x86_64-1.txz: Upgraded. -d/gcc-gnat-4.9.2-x86_64-1.txz: Upgraded. -d/gcc-go-4.9.2-x86_64-1.txz: Upgraded. -d/gcc-java-4.9.2-x86_64-1.txz: Upgraded. -d/gcc-objc-4.9.2-x86_64-1.txz: Upgraded. -d/gettext-tools-0.19.4-x86_64-1.txz: Upgraded. -d/git-2.3.5-x86_64-1.txz: Upgraded. -d/help2man-1.46.5-x86_64-1.txz: Upgraded. -d/kernel-headers-3.18.11-x86-1.txz: Upgraded. -d/libtool-2.4.6-x86_64-1.txz: Upgraded. -d/llvm-3.6.0-x86_64-1.txz: Upgraded. - Thanks to Heinz Wiesinger. -d/pkg-config-0.28-x86_64-1.txz: Upgraded. -d/python-2.7.9-x86_64-1.txz: Upgraded. -d/python-setuptools-14.3-x86_64-1.txz: Added. -d/rcs-5.9.4-x86_64-1.txz: Upgraded. -d/ruby-1.9.3_p551-x86_64-1.txz: Upgraded. -d/strace-4.10-x86_64-1.txz: Upgraded. -d/swig-2.0.12-x86_64-1.txz: Upgraded. -d/yasm-1.3.0-x86_64-1.txz: Upgraded. -e/emacs-24.5-x86_64-1.txz: Upgraded. -k/kernel-source-3.18.11-noarch-1.txz: Upgraded. -kde/amarok-2.8.0-x86_64-2.txz: Rebuilt. -kde/amor-4.14.3-x86_64-1.txz: Added. -kde/analitza-4.14.3-x86_64-1.txz: Upgraded. -kde/ark-4.14.3-x86_64-1.txz: Upgraded. -kde/artikulate-4.14.3-x86_64-1.txz: Added. -kde/audiocd-kio-4.14.3-x86_64-1.txz: Upgraded. -kde/baloo-4.14.3-x86_64-1.txz: Added. -kde/baloo-widgets-4.14.3-x86_64-1.txz: Added. -kde/blinken-4.14.3-x86_64-1.txz: Upgraded. -kde/bluedevil-2.1.1-x86_64-1.txz: Upgraded. -kde/bomber-4.14.3-x86_64-1.txz: Upgraded. -kde/bovo-4.14.3-x86_64-1.txz: Upgraded. -kde/calligra-2.9.2-x86_64-1.txz: Upgraded. -kde/cantor-4.14.3-x86_64-1.txz: Upgraded. -kde/cervisia-4.14.3-x86_64-1.txz: Added. -kde/dolphin-plugins-4.14.3-x86_64-1.txz: Added. -kde/dragon-4.14.3-x86_64-1.txz: Upgraded. -kde/filelight-4.14.3-x86_64-1.txz: Upgraded. -kde/granatier-4.14.3-x86_64-1.txz: Upgraded. -kde/gwenview-4.14.3-x86_64-1.txz: Upgraded. -kde/juk-4.14.3-x86_64-1.txz: Upgraded. -kde/k3b-2.0.3-x86_64-1.txz: Upgraded. -kde/kaccessible-4.14.3-x86_64-1.txz: Upgraded. -kde/kactivities-4.13.3-x86_64-1.txz: Upgraded. -kde/kajongg-4.14.3-x86_64-1.txz: Added. -kde/kalgebra-4.14.3-x86_64-1.txz: Upgraded. -kde/kalzium-4.14.3-x86_64-1.txz: Upgraded. -kde/kamera-4.14.3-x86_64-1.txz: Upgraded. -kde/kanagram-4.14.3-x86_64-1.txz: Upgraded. -kde/kapman-4.14.3-x86_64-1.txz: Upgraded. -kde/kapptemplate-4.14.3-x86_64-1.txz: Added. -kde/kate-4.14.3-x86_64-1.txz: Upgraded. -kde/katomic-4.14.3-x86_64-1.txz: Upgraded. -kde/kblackbox-4.14.3-x86_64-1.txz: Upgraded. -kde/kblocks-4.14.3-x86_64-1.txz: Upgraded. -kde/kbounce-4.14.3-x86_64-1.txz: Upgraded. -kde/kbreakout-4.14.3-x86_64-1.txz: Upgraded. -kde/kbruch-4.14.3-x86_64-1.txz: Upgraded. -kde/kcachegrind-4.14.3-x86_64-1.txz: Added. -kde/kcalc-4.14.3-x86_64-1.txz: Upgraded. -kde/kcharselect-4.14.3-x86_64-1.txz: Upgraded. -kde/kcolorchooser-4.14.3-x86_64-1.txz: Upgraded. -kde/kcron-4.14.3-x86_64-1.txz: Added. -kde/kde-base-artwork-4.14.3-x86_64-1.txz: Upgraded. -kde/kde-baseapps-4.14.3-x86_64-1.txz: Upgraded. -kde/kde-dev-scripts-4.14.3-x86_64-1.txz: Added. -kde/kde-dev-utils-4.14.3-x86_64-1.txz: Added. -kde/kde-runtime-4.14.3-x86_64-1.txz: Upgraded. -kde/kde-wallpapers-4.14.3-noarch-1.txz: Upgraded. -kde/kde-workspace-4.11.17-x86_64-1.txz: Upgraded. -kde/kdeadmin-4.10.5-x86_64-1.txz: Removed. -kde/kdeartwork-4.14.3-x86_64-1.txz: Upgraded. -kde/kdeconnect-kde-0.8-x86_64-1.txz: Added. -kde/kdegraphics-mobipocket-4.14.3-x86_64-1.txz: Upgraded. -kde/kdegraphics-strigi-analyzer-4.14.3-x86_64-1.txz: Upgraded. -kde/kdegraphics-thumbnailers-4.14.3-x86_64-1.txz: Upgraded. -kde/kdelibs-4.14.6-x86_64-1.txz: Upgraded. -kde/kdenetwork-4.10.5-x86_64-1.txz: Removed. -kde/kdenetwork-filesharing-4.14.3-x86_64-1.txz: Added. -kde/kdenetwork-strigi-analyzers-4.14.3-x86_64-1.txz: Added. -kde/kdepim-4.14.6-x86_64-1.txz: Upgraded. -kde/kdepim-runtime-4.14.6-x86_64-1.txz: Upgraded. -kde/kdepimlibs-4.14.6-x86_64-1.txz: Upgraded. -kde/kdeplasma-addons-4.14.3-x86_64-1.txz: Upgraded. -kde/kdesdk-4.10.5-x86_64-1.txz: Removed. -kde/kdesdk-kioslaves-4.14.3-x86_64-1.txz: Added. -kde/kdesdk-strigi-analyzers-4.14.3-x86_64-1.txz: Added. -kde/kdesdk-thumbnailers-4.14.3-x86_64-1.txz: Added. -kde/kdetoys-4.10.5-x86_64-1.txz: Removed. -kde/kdev-python-1.7.1-x86_64-1.txz: Added. -kde/kdevelop-4.7.1-x86_64-1.txz: Upgraded. -kde/kdevelop-php-1.7.1-x86_64-1.txz: Upgraded. -kde/kdevelop-php-docs-1.7.1-x86_64-1.txz: Upgraded. -kde/kdevplatform-1.7.1-x86_64-1.txz: Upgraded. -kde/kdewebdev-4.14.3-x86_64-1.txz: Upgraded. -kde/kdf-4.14.3-x86_64-1.txz: Upgraded. -kde/kdiamond-4.14.3-x86_64-1.txz: Upgraded. -kde/kfilemetadata-4.14.3-x86_64-1.txz: Added. -kde/kfloppy-4.14.3-x86_64-1.txz: Upgraded. -kde/kfourinline-4.14.3-x86_64-1.txz: Upgraded. -kde/kgamma-4.14.3-x86_64-1.txz: Upgraded. -kde/kgeography-4.14.3-x86_64-1.txz: Upgraded. -kde/kget-4.14.3-x86_64-1.txz: Added. -kde/kgoldrunner-4.14.3-x86_64-1.txz: Upgraded. -kde/kgpg-4.14.3-x86_64-1.txz: Upgraded. -kde/khangman-4.14.3-x86_64-1.txz: Upgraded. -kde/kig-4.14.3-x86_64-1.txz: Upgraded. -kde/kigo-4.14.3-x86_64-1.txz: Upgraded. -kde/killbots-4.14.3-x86_64-1.txz: Upgraded. -kde/kio-mtp-2063e75_20131020git-x86_64-1.txz: Upgraded. -kde/kiriki-4.14.3-x86_64-1.txz: Upgraded. -kde/kiten-4.14.3-x86_64-1.txz: Upgraded. -kde/kjumpingcube-4.14.3-x86_64-1.txz: Upgraded. -kde/klettres-4.14.3-x86_64-1.txz: Upgraded. -kde/klickety-4.14.3-x86_64-1.txz: Upgraded. -kde/klines-4.14.3-x86_64-1.txz: Upgraded. -kde/kmag-4.14.3-x86_64-1.txz: Upgraded. -kde/kmahjongg-4.14.3-x86_64-1.txz: Upgraded. -kde/kmines-4.14.3-x86_64-1.txz: Upgraded. -kde/kmix-4.14.3-x86_64-1.txz: Upgraded. -kde/kmousetool-4.14.3-x86_64-1.txz: Upgraded. -kde/kmouth-4.14.3-x86_64-1.txz: Upgraded. -kde/kmplot-4.14.3-x86_64-1.txz: Upgraded. -kde/knavalbattle-4.14.3-x86_64-1.txz: Upgraded. -kde/knetwalk-4.14.3-x86_64-1.txz: Upgraded. -kde/kolf-4.14.3-x86_64-1.txz: Upgraded. -kde/kollision-4.14.3-x86_64-1.txz: Upgraded. -kde/kolourpaint-4.14.3-x86_64-1.txz: Upgraded. -kde/kompare-4.14.3-x86_64-1.txz: Added. -kde/konquest-4.14.3-x86_64-1.txz: Upgraded. -kde/konsole-4.14.3-x86_64-1.txz: Upgraded. -kde/kopete-4.14.3-x86_64-1.txz: Added. -kde/korundum-4.14.3-x86_64-1.txz: Upgraded. -kde/kpat-4.14.3-x86_64-1.txz: Upgraded. -kde/kppp-4.14.3-x86_64-1.txz: Added. -kde/kqtquickcharts-4.14.3-x86_64-1.txz: Added. -kde/krdc-4.14.3-x86_64-1.txz: Added. -kde/kremotecontrol-4.14.3-x86_64-1.txz: Upgraded. -kde/kreversi-4.14.3-x86_64-1.txz: Upgraded. -kde/krfb-4.14.3-x86_64-1.txz: Added. -kde/kross-interpreters-4.14.3-x86_64-1.txz: Upgraded. -kde/kruler-4.14.3-x86_64-1.txz: Upgraded. -kde/ksaneplugin-4.14.3-x86_64-1.txz: Upgraded. -kde/kscreen-1.0.2.1-x86_64-1.txz: Upgraded. -kde/kshisen-4.14.3-x86_64-1.txz: Upgraded. -kde/ksirk-4.14.3-x86_64-1.txz: Upgraded. -kde/ksnakeduel-4.14.3-x86_64-1.txz: Upgraded. -kde/ksnapshot-4.14.3-x86_64-1.txz: Upgraded. -kde/kspaceduel-4.14.3-x86_64-1.txz: Upgraded. -kde/ksquares-4.14.3-x86_64-1.txz: Upgraded. -kde/kstars-4.14.3-x86_64-1.txz: Upgraded. -kde/ksudoku-4.14.3-x86_64-1.txz: Upgraded. -kde/ksystemlog-4.14.3-x86_64-1.txz: Added. -kde/kteatime-4.14.3-x86_64-1.txz: Added. -kde/ktimer-4.14.3-x86_64-1.txz: Upgraded. -kde/ktouch-4.14.3-x86_64-1.txz: Upgraded. -kde/ktuberling-4.14.3-x86_64-1.txz: Upgraded. -kde/kturtle-4.14.3-x86_64-1.txz: Upgraded. -kde/ktux-4.14.3-x86_64-1.txz: Added. -kde/kubrick-4.14.3-x86_64-1.txz: Upgraded. -kde/kuser-4.14.3-x86_64-1.txz: Added. -kde/kwallet-4.10.5-x86_64-1.txz: Removed. -kde/kwalletmanager-4.14.3-x86_64-1.txz: Added. -kde/kwebkitpart-1.3.4-x86_64-1.txz: Upgraded. -kde/kwordquiz-4.14.3-x86_64-1.txz: Upgraded. -kde/libkcddb-4.14.3-x86_64-1.txz: Upgraded. -kde/libkcompactdisc-4.14.3-x86_64-1.txz: Upgraded. -kde/libkdcraw-4.14.3-x86_64-1.txz: Upgraded. -kde/libkdeedu-4.14.3-x86_64-1.txz: Upgraded. -kde/libkdegames-4.14.3-x86_64-1.txz: Upgraded. -kde/libkexiv2-4.14.3-x86_64-1.txz: Upgraded. -kde/libkipi-4.14.3-x86_64-1.txz: Upgraded. -kde/libkmahjongg-4.14.3-x86_64-1.txz: Upgraded. -kde/libkomparediff2-4.14.3-x86_64-1.txz: Added. -kde/libksane-4.14.3-x86_64-1.txz: Upgraded. -kde/libkscreen-1.0.5-x86_64-1.txz: Upgraded. -kde/libktorrent-1.3.1-x86_64-2.txz: Rebuilt. -kde/libmm-qt-1.0.1-x86_64-1.txz: Added. -kde/libnm-qt-0.9.8.3-x86_64-1.txz: Added. -kde/lokalize-4.14.3-x86_64-1.txz: Added. -kde/lskat-4.14.3-x86_64-1.txz: Upgraded. -kde/marble-4.14.3-x86_64-1.txz: Upgraded. -kde/mplayerthumbs-4.14.3-x86_64-1.txz: Upgraded. -kde/nepomuk-core-4.14.3-x86_64-1.txz: Upgraded. -kde/nepomuk-widgets-4.14.3-x86_64-1.txz: Upgraded. -kde/networkmanagement-0.9.0.9-x86_64-1.txz: Removed. -kde/okteta-4.14.3-x86_64-1.txz: Added. -kde/okular-4.14.3-x86_64-1.txz: Upgraded. -kde/oxygen-gtk2-1.4.6-x86_64-1.txz: Upgraded. -kde/oxygen-gtk3-1.4.1-x86_64-1.txz: Upgraded. -kde/oxygen-icons-4.14.3-x86_64-1.txz: Upgraded. -kde/pairs-4.14.3-x86_64-1.txz: Upgraded. -kde/palapeli-4.14.3-x86_64-1.txz: Upgraded. -kde/parley-4.14.3-x86_64-1.txz: Upgraded. -kde/partitionmanager-1.1.1-x86_64-1.txz: Added. -kde/perlkde-4.14.3-x86_64-1.txz: Upgraded. -kde/perlqt-4.14.3-x86_64-1.txz: Upgraded. -kde/picmi-4.14.3-x86_64-1.txz: Upgraded. -kde/plasma-nm-0.9.3.5-x86_64-1.txz: Added. -kde/poxml-4.14.3-x86_64-1.txz: Added. -kde/print-manager-4.14.3-x86_64-1.txz: Upgraded. -kde/pykde4-4.14.3-x86_64-1.txz: Upgraded. -kde/qtruby-4.14.3-x86_64-1.txz: Upgraded. -kde/rocs-4.14.3-x86_64-1.txz: Upgraded. -kde/skanlite-1.1-x86_64-1.txz: Upgraded. -kde/smokegen-4.14.3-x86_64-1.txz: Upgraded. -kde/smokekde-4.14.3-x86_64-1.txz: Upgraded. -kde/smokeqt-4.14.3-x86_64-1.txz: Upgraded. -kde/step-4.14.3-x86_64-1.txz: Upgraded. -kde/superkaramba-4.14.3-x86_64-1.txz: Upgraded. -kde/svgpart-4.14.3-x86_64-1.txz: Upgraded. -kde/sweeper-4.14.3-x86_64-1.txz: Upgraded. -kde/umbrello-4.14.3-x86_64-1.txz: Added. -kde/zeroconf-ioslave-4.14.3-x86_64-1.txz: Added. -kdei/calligra-l10n-bs-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ca-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ca@valencia-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-cs-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-da-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-de-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-el-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-en_GB-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-es-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-et-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-eu-2.8.5-noarch-1.txz: Removed. -kdei/calligra-l10n-fi-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-fr-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-gl-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-hu-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-it-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ja-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-kk-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-nb-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-nds-2.8.5-noarch-1.txz: Removed. -kdei/calligra-l10n-nl-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pl-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pt-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pt_BR-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ru-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-sk-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-sv-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-tr-2.9.2-noarch-1.txz: Added. -kdei/calligra-l10n-uk-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-zh_CN-2.9.2-noarch-1.txz: Upgraded. -kdei/calligra-l10n-zh_TW-2.9.2-noarch-1.txz: Upgraded. -kdei/kde-l10n-ar-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-bg-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-bs-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-ca-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-ca@valencia-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-cs-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-da-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-de-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-el-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-en_GB-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-es-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-et-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-eu-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-fa-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-fi-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-fr-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-ga-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-gl-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-he-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-hi-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-hr-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-hu-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-ia-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-id-4.14.3-noarch-1.txz: Added. -kdei/kde-l10n-is-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-it-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-ja-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-kk-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-km-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-ko-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-lt-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-lv-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-mr-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-nb-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-nds-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-nl-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-nn-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-pa-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-pl-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-pt-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-pt_BR-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-ro-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-ru-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-si-4.10.5-noarch-1.txz: Removed. -kdei/kde-l10n-sk-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-sl-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-sr-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-sv-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-tg-4.10.5-noarch-1.txz: Removed. -kdei/kde-l10n-th-4.10.5-noarch-1.txz: Removed. -kdei/kde-l10n-tr-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-ug-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-uk-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-vi-4.10.5-noarch-1.txz: Removed. -kdei/kde-l10n-wa-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-zh_CN-4.14.3-noarch-1.txz: Upgraded. -kdei/kde-l10n-zh_TW-4.14.3-noarch-1.txz: Upgraded. -l/LibRaw-0.16.0-x86_64-1.txz: Added. -l/a52dec-0.7.4-x86_64-1.txz: Added. -l/adwaita-icon-theme-3.14.1-noarch-1.txz: Added. -l/akonadi-1.13.0-x86_64-1.txz: Upgraded. -l/alsa-lib-1.0.29-x86_64-1.txz: Upgraded. -l/alsa-oss-1.0.28-x86_64-1.txz: Upgraded. -l/at-spi2-atk-2.14.1-x86_64-1.txz: Upgraded. -l/at-spi2-core-2.14.1-x86_64-1.txz: Upgraded. -l/atk-2.14.0-x86_64-1.txz: Upgraded. -l/attica-0.4.2-x86_64-1.txz: Upgraded. -l/boost-1.58.0-x86_64-1.txz: Upgraded. -l/cairo-1.14.2-x86_64-1.txz: Upgraded. -l/dbus-glib-0.104-x86_64-1.txz: Upgraded. -l/dconf-0.22.0-x86_64-1.txz: Upgraded. -l/desktop-file-utils-0.22-x86_64-1.txz: Upgraded. -l/djvulibre-3.5.25.3-x86_64-2.txz: Rebuilt. -l/eigen3-3.2.4-x86_64-1.txz: Added. -l/exiv2-0.24-x86_64-1.txz: Upgraded. -l/fftw-3.3.4-x86_64-1.txz: Upgraded. -l/freetype-2.5.5-x86_64-2.txz: Rebuilt. -l/fuse-2.9.3-x86_64-1.txz: Upgraded. -l/gc-7.4.2-x86_64-1.txz: Upgraded. -l/gcr-3.14.0-x86_64-1.txz: Upgraded. -l/gd-2.1.1-x86_64-1.txz: Upgraded. -l/gdk-pixbuf2-2.30.8-x86_64-1.txz: Upgraded. -l/gegl-0.2.0-x86_64-3.txz: Rebuilt. -l/giflib-5.1.1-x86_64-1.txz: Upgraded. -l/glade3-3.8.5-x86_64-1.txz: Upgraded. -l/glib-networking-2.42.1-x86_64-1.txz: Upgraded. -l/glib2-2.42.2-x86_64-1.txz: Upgraded. -l/glibc-2.21-x86_64-2.txz: Rebuilt. -l/glibc-i18n-2.21-x86_64-2.txz: Rebuilt. -l/glibc-profile-2.21-x86_64-2.txz: Rebuilt. -l/gmime-2.6.20-x86_64-1.txz: Upgraded. -l/gnome-icon-theme-3.8.3-x86_64-1.txz: Removed. - This has been replaced by the adwaita-icon-theme package. -l/gnome-keyring-3.14.0-x86_64-1.txz: Upgraded. -l/gnome-themes-standard-3.14.2.3-x86_64-1.txz: Upgraded. -l/gobject-introspection-1.42.0-x86_64-1.txz: Upgraded. -l/grantlee-0.5.1-x86_64-1.txz: Upgraded. -l/gsettings-desktop-schemas-3.14.1-x86_64-1.txz: Upgraded. -l/gst-plugins-base-1.4.4-x86_64-1.txz: Upgraded. -l/gst-plugins-base0-0.10.36-x86_64-1.txz: Added. -l/gst-plugins-good-1.4.4-x86_64-1.txz: Upgraded. -l/gst-plugins-good0-0.10.31-x86_64-1.txz: Added. -l/gstreamer-1.4.4-x86_64-1.txz: Upgraded. -l/gstreamer0-0.10.36-x86_64-1.txz: Added. -l/gtk+2-2.24.27-x86_64-1.txz: Upgraded. -l/gtk+3-3.14.12-x86_64-1.txz: Upgraded. -l/gtkspell-2.0.16-x86_64-2.txz: Rebuilt. -l/gvfs-1.22.4-x86_64-1.txz: Upgraded. -l/harfbuzz-0.9.40-x86_64-1.txz: Upgraded. -l/hicolor-icon-theme-0.13-noarch-1.txz: Upgraded. -l/hunspell-1.3.3-x86_64-1.txz: Upgraded. -l/icu4c-54.1-x86_64-1.txz: Upgraded. -l/ilmbase-2.2.0-x86_64-1.txz: Upgraded. -l/imlib-1.9.15-x86_64-7.txz: Removed. -l/iso-codes-3.57-noarch-1.txz: Upgraded. -l/jasper-1.900.1-x86_64-4.txz: Rebuilt. -l/jemalloc-3.6.0-x86_64-1.txz: Added. -l/judy-1.0.5-x86_64-1.txz: Added. -l/lcms-1.19-x86_64-3.txz: Rebuilt. -l/lcms2-2.7-x86_64-1.txz: Upgraded. -l/libao-1.2.0-x86_64-1.txz: Upgraded. -l/libbluedevil-2.1-x86_64-1.txz: Upgraded. -l/libcanberra-0.29-x86_64-2.txz: Rebuilt. -l/libcddb-1.3.2-x86_64-3.txz: Rebuilt. -l/libcdio-0.93-x86_64-1.txz: Upgraded. -l/libcdio-paranoia-10.2+0.93+1-x86_64-1.txz: Added. -l/libdiscid-0.6.1-x86_64-1.txz: Upgraded. -l/libdvdnav-5.0.3-x86_64-1.txz: Added. -l/libdvdread-5.0.3-x86_64-1.txz: Upgraded. -l/libelf-0.8.13-x86_64-5.txz: Rebuilt. -l/libfakekey-0.1-x86_64-1.txz: Added. -l/libffi-3.2.1-x86_64-1.txz: Upgraded. -l/libglade-2.6.4-x86_64-5.txz: Rebuilt. -l/libgnome-keyring-3.12.0-x86_64-1.txz: Upgraded. -l/libgphoto2-2.5.7-x86_64-1.txz: Upgraded. -l/libgpod-0.8.3-x86_64-1.txz: Upgraded. -l/libgsf-1.14.33-x86_64-1.txz: Upgraded. -l/libimobiledevice-1.2.0-x86_64-1.txz: Added. -l/libiodbc-3.52.10-x86_64-1.txz: Upgraded. -l/libjpeg-turbo-1.4.0-x86_64-1.txz: Added. -l/libjpeg-v8a-x86_64-2.txz: Removed. -l/liblastfm-1.0.9-x86_64-1.txz: Upgraded. -l/libmng-2.0.2-x86_64-1.txz: Upgraded. -l/libmtp-1.1.8-x86_64-1.txz: Upgraded. -l/libnl3-3.2.25-x86_64-1.txz: Upgraded. -l/libnotify-0.7.6-x86_64-1.txz: Upgraded. -l/libodfgen-0.1.3-x86_64-1.txz: Added. -l/libogg-1.3.2-x86_64-1.txz: Upgraded. -l/libplist-1.12-x86_64-1.txz: Upgraded. -l/libpng-1.6.16-x86_64-1.txz: Upgraded. -l/libraw1394-2.1.0-x86_64-1.txz: Upgraded. -l/librevenge-0.0.2-x86_64-1.txz: Added. -l/librsvg-2.40.9-x86_64-1.txz: Upgraded. -l/libsecret-0.18-x86_64-1.txz: Upgraded. -l/libsigsegv-2.10-x86_64-1.txz: Added. -l/libsoup-2.48.1-x86_64-1.txz: Upgraded. -l/libssh-0.6.4-x86_64-1.txz: Upgraded. - This update fixes some security issues. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0017 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8132 - (* Security fix *) -l/libtasn1-4.3-x86_64-1.txz: Upgraded. -l/libtiff-4.0.3-x86_64-1.txz: Upgraded. -l/libusbmuxd-1.0.10-x86_64-1.txz: Added. -l/libvncserver-0.9.10-x86_64-1.txz: Upgraded. -l/libvorbis-1.3.5-x86_64-1.txz: Upgraded. -l/libvpx-1.3.0-x86_64-1.txz: Added. -l/libwmf-0.2.8.4-x86_64-6.txz: Rebuilt. -l/libwmf-docs-0.2.8.4-noarch-6.txz: Rebuilt. -l/libwnck-2.31.0-x86_64-1.txz: Upgraded. -l/libwpd-0.10.0-x86_64-1.txz: Upgraded. -l/libxklavier-5.4-x86_64-1.txz: Upgraded. -l/libxml2-2.9.2-x86_64-1.txz: Upgraded. -l/libxslt-1.1.28-x86_64-2.txz: Rebuilt. -l/lzo-2.08-x86_64-1.txz: Upgraded. -l/netpbm-10.66.02-x86_64-1.txz: Upgraded. -l/newt-0.52.18-x86_64-1.txz: Added. -l/openexr-2.2.0-x86_64-1.txz: Upgraded. -l/openjpeg-2.1.0-x86_64-1.txz: Added. -l/orc-0.4.22-x86_64-1.txz: Added. -l/pango-1.36.8-x86_64-1.txz: Upgraded. -l/pcre-8.36-x86_64-1.txz: Upgraded. -l/phonon-4.8.3-x86_64-1.txz: Upgraded. -l/phonon-gstreamer-4.8.2-x86_64-1.txz: Upgraded. -l/phonon-mplayer-1b1fd1f_20110823git-x86_64-1.txz: Removed. -l/phonon-xine-4.4.4-x86_64-1.txz: Removed. -l/pil-1.1.7-x86_64-4.txz: Removed. -l/pilot-link-0.12.5-x86_64-8.txz: Rebuilt. -l/polkit-gnome-0.102-x86_64-2.txz: Rebuilt. -l/poppler-0.32.0-x86_64-1.txz: Upgraded. -l/poppler-data-0.4.7-noarch-1.txz: Upgraded. -l/pycairo-1.10.0-x86_64-1.txz: Upgraded. -l/pycups-1.9.70-x86_64-1.txz: Upgraded. -l/python-pillow-2.7.0-x86_64-1.txz: Added. -l/qt-4.8.6-x86_64-2.txz: Rebuilt. - Fixed issues with BMP, ICO, and GIF handling that could lead to a denial - of service or the execution of arbitrary code when processing malformed - images. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0295 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1858 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1859 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1860 - (* Security fix *) -l/qt-gstreamer-1.2.0-x86_64-1.txz: Added. -l/raptor2-2.0.15-x86_64-1.txz: Upgraded. -l/sdl-1.2.15-x86_64-2.txz: Rebuilt. -l/seamonkey-solibs-2.33.1-x86_64-1.txz: Upgraded. -l/shared-desktop-ontologies-0.11.0-x86_64-1.txz: Upgraded. -l/shared-mime-info-1.3-x86_64-1.txz: Upgraded. -l/slang-2.3.0-x86_64-1.txz: Upgraded. -l/soprano-2.9.4-x86_64-1.txz: Upgraded. -l/strigi-0.7.8-x86_64-1.txz: Upgraded. -l/svgalib-1.9.25-x86_64-3.txz: Rebuilt. -l/v4l-utils-1.6.2-x86_64-1.txz: Upgraded. -l/virtuoso-ose-6.1.8-x86_64-1.txz: Upgraded. -l/vte-0.28.2-x86_64-3.txz: Rebuilt. -l/wavpack-4.70.0-x86_64-1.txz: Upgraded. -l/xapian-core-1.2.17-x86_64-1.txz: Added. -n/ModemManager-1.4.4-x86_64-1.txz: Upgraded. -n/NetworkManager-1.0.0-x86_64-1.txz: Upgraded. -n/bind-9.10.2-x86_64-1.txz: Upgraded. - Fix some denial-of-service and other security issues. - For more information, see: - https://kb.isc.org/article/AA-01166/ - https://kb.isc.org/article/AA-01161/ - https://kb.isc.org/article/AA-01167/ - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1349 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8680 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3214 - (* Security fix *) -n/bluez-4.101-x86_64-1.txz: Upgraded. -n/bluez-hcidump-2.5-x86_64-1.txz: Upgraded. -n/crda-3.18-x86_64-1.txz: Upgraded. -n/curl-7.41.0-x86_64-1.txz: Upgraded. -n/dhcp-4.3.2-x86_64-1.txz: Upgraded. -n/dhcpcd-6.8.1-x86_64-1.txz: Upgraded. -n/dirmngr-1.1.1-x86_64-2.txz: Rebuilt. -n/dnsmasq-2.72-x86_64-1.txz: Upgraded. -n/fetchmail-6.3.26-x86_64-1.txz: Upgraded. -n/getmail-4.47.0-x86_64-1.txz: Upgraded. -n/gnupg-1.4.19-x86_64-1.txz: Upgraded. - * Use ciphertext blinding for Elgamal decryption [CVE-2014-3591]. - See http://www.cs.tau.ac.il/~tromer/radioexp/ for details. - * Fixed data-dependent timing variations in modular exponentiation - [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks - are Practical]. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3591 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0837 - (* Security fix *) -n/gnupg2-2.0.27-x86_64-1.txz: Upgraded. -n/gpa-0.9.7-x86_64-1.txz: Upgraded. -n/gpgme-1.5.3-x86_64-1.txz: Upgraded. -n/httpd-2.4.12-x86_64-1.txz: Upgraded. - This update fixes the following security issues: - * CVE-2014-3583 mod_proxy_fcgi: Fix a potential crash due to buffer - over-read, with response headers' size above 8K. - * CVE-2014-3581 mod_cache: Avoid a crash when Content-Type has an - empty value. PR 56924. - * CVE-2014-8109 mod_lua: Fix handling of the Require line when a - LuaAuthzProvider is used in multiple Require directives with - different arguments. PR57204. - * CVE-2013-5704 core: HTTP trailers could be used to replace HTTP - headers late during request processing, potentially undoing or - otherwise confusing modules that examined or modified request - headers earlier. Adds "MergeTrailers" directive to restore legacy - behavior. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3583 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3581 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8109 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704 - (* Security fix *) -n/iproute2-3.18.0-x86_64-1.txz: Upgraded. -n/iptables-1.4.21-x86_64-1.txz: Upgraded. -n/irssi-0.8.17-x86_64-1.txz: Upgraded. -n/lftp-4.6.1-x86_64-1.txz: Upgraded. -n/libassuan-2.2.0-x86_64-1.txz: Upgraded. -n/libgcrypt-1.6.3-x86_64-1.txz: Upgraded. - * Use ciphertext blinding for Elgamal decryption [CVE-2014-3591]. - See http://www.cs.tau.ac.il/~tromer/radioexp/ for details. - * Fixed data-dependent timing variations in modular exponentiation - [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks - are Practical]. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3591 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0837 - (* Security fix *) -n/libgpg-error-1.18-x86_64-1.txz: Upgraded. -n/libksba-1.3.2-x86_64-1.txz: Upgraded. -n/libmbim-1.12.2-x86_64-1.txz: Upgraded. -n/libndp-1.4-x86_64-1.txz: Added. -n/libnftnl-1.0.3-x86_64-1.txz: Upgraded. -n/libqmi-1.12.6-x86_64-1.txz: Upgraded. -n/links-2.9-x86_64-1.txz: Upgraded. -n/mutt-1.5.23-x86_64-2.txz: Rebuilt. - Patched a vulnerability where malformed headers can cause mutt to crash. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9116 - (* Security fix *) -n/net-snmp-5.7.3-x86_64-1.txz: Upgraded. -n/netatalk-2.2.3-x86_64-5.txz: Rebuilt. -n/netkit-ftp-0.17-x86_64-2.txz: Rebuilt. -n/nfs-utils-1.3.1-x86_64-1.txz: Upgraded. -n/nftables-0.4-x86_64-1.txz: Upgraded. -n/ntp-4.2.8p2-x86_64-1.txz: Upgraded. - In addition to bug fixes and enhancements, this release fixes the - following medium-severity vulnerabilities involving private key - authentication: - * ntpd accepts unauthenticated packets with symmetric key crypto. - * Authentication doesn't protect symmetric associations against DoS attacks. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1798 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1799 - (* Security fix *) -n/obex-data-server-0.4.6-x86_64-3.txz: Rebuilt. -n/openssl-1.0.1m-x86_64-1.txz: Upgraded. - Fixes several bugs and security issues: - o Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286) - o ASN.1 structure reuse memory corruption fix (CVE-2015-0287) - o PKCS7 NULL pointer dereferences fix (CVE-2015-0289) - o DoS via reachable assert in SSLv2 servers fix (CVE-2015-0293) - o Use After Free following d2i_ECPrivatekey error fix (CVE-2015-0209) - o X509_to_X509_REQ NULL pointer deref fix (CVE-2015-0288) - o Removed the export ciphers from the DEFAULT ciphers - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288 - (* Security fix *) -n/p11-kit-0.23.1-x86_64-1.txz: Upgraded. -n/php-5.6.8-x86_64-1.txz: Upgraded. - This update fixes some security issues. - Please note that this package build also moves the configuration files - from /etc/httpd to /etc, /etc/php.d, and /etc/php-fpm.d. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1351 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1352 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2305 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2331 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3330 - (* Security fix *) -n/pinentry-0.9.1-x86_64-1.txz: Upgraded. -n/popa3d-1.0.3-x86_64-1.txz: Upgraded. -n/ppp-2.4.7-x86_64-1.txz: Upgraded. - Fixed a potential security issue in parsing option files. - Fixed remotely triggerable PID overflow that causes pppd to crash. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3158 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3310 - (* Security fix *) -n/proftpd-1.3.5-x86_64-1.txz: Upgraded. - Patched an issue where mod_copy allowed unauthenticated copying - of files via SITE CPFR/CPTO. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3306 - (* Security fix *) -n/samba-4.2.1-x86_64-1.txz: Upgraded. -n/slrn-1.0.2-x86_64-1.txz: Upgraded. -n/tftp-hpa-5.2-x86_64-2.txz: Rebuilt. -n/tin-2.2.1-x86_64-2.txz: Rebuilt. -n/wget-1.16.3-x86_64-1.txz: Upgraded. -n/whois-5.2.7-x86_64-1.txz: Upgraded. -n/wpa_supplicant-2.4-x86_64-1.txz: Upgraded. -t/tetex-3.0-x86_64-10.txz: Rebuilt. -t/tetex-doc-3.0-x86_64-10.txz: Rebuilt. -t/transfig-3.2.5e-x86_64-3.txz: Rebuilt. -t/xfig-3.2.5c-x86_64-3.txz: Rebuilt. -x/bdftopcf-1.0.5-x86_64-1.txz: Upgraded. -x/bitmap-1.0.8-x86_64-1.txz: Upgraded. -x/compiz-0.8.8-x86_64-2.txz: Rebuilt. -x/font-util-1.3.1-x86_64-1.txz: Upgraded. -x/fontconfig-2.11.1-x86_64-2.txz: Rebuilt. -x/fontsproto-2.1.3-noarch-1.txz: Upgraded. -x/fslsfonts-1.0.5-x86_64-1.txz: Upgraded. -x/fstobdf-1.0.6-x86_64-1.txz: Upgraded. -x/iceauth-1.0.7-x86_64-1.txz: Upgraded. -x/libX11-1.6.3-x86_64-1.txz: Upgraded. -x/libXaw3dXft-1.6.2d-x86_64-1.txz: Added. -x/libXdmcp-1.1.2-x86_64-1.txz: Upgraded. -x/libXfont-1.5.1-x86_64-1.txz: Upgraded. -x/libXft-2.3.2-x86_64-2.txz: Rebuilt. -x/libXp-1.0.3-x86_64-1.txz: Upgraded. -x/libXvMC-1.0.9-x86_64-1.txz: Upgraded. -x/libXxf86vm-1.1.4-x86_64-1.txz: Upgraded. -x/libevdev-1.4.1-x86_64-1.txz: Upgraded. -x/libpciaccess-0.13.3-x86_64-1.txz: Upgraded. -x/libva-1.5.1-x86_64-1.txz: Added. -x/libva-intel-driver-1.5.1-x86_64-1.txz: Added. -x/libvdpau-1.1-x86_64-1.txz: Upgraded. -x/libxshmfence-1.2-x86_64-1.txz: Upgraded. -x/mesa-10.5.3-x86_64-1.txz: Upgraded. - Thanks to Robby Workman and Heinz Wiesinger. -x/mkfontscale-1.1.2-x86_64-1.txz: Upgraded. -x/motif-2.3.4-x86_64-2.txz: Rebuilt. -x/randrproto-1.4.1-noarch-1.txz: Upgraded. -x/rgb-1.0.6-x86_64-1.txz: Upgraded. -x/scim-1.4.15-x86_64-1.txz: Upgraded. -x/sessreg-1.1.0-x86_64-1.txz: Upgraded. -x/showfont-1.0.5-x86_64-1.txz: Upgraded. -x/xcalc-1.0.6-x86_64-1.txz: Upgraded. -x/xcb-util-0.4.0-x86_64-1.txz: Upgraded. -x/xcb-util-cursor-0.1.2-x86_64-1.txz: Upgraded. -x/xcb-util-image-0.4.0-x86_64-1.txz: Upgraded. -x/xcb-util-keysyms-0.4.0-x86_64-1.txz: Upgraded. -x/xcursorgen-1.0.6-x86_64-2.txz: Rebuilt. -x/xdg-utils-1.1.0_rc3-noarch-1.txz: Upgraded. -x/xdm-1.1.11-x86_64-5.txz: Rebuilt. -x/xedit-1.2.2-x86_64-1.txz: Upgraded. -x/xf86-input-acecad-1.5.0-x86_64-7.txz: Rebuilt. -x/xf86-input-aiptek-1.4.1-x86_64-7.txz: Rebuilt. -x/xf86-input-evdev-2.9.2-x86_64-1.txz: Upgraded. -x/xf86-input-joystick-1.6.1-x86_64-7.txz: Rebuilt. -x/xf86-input-keyboard-1.8.0-x86_64-2.txz: Rebuilt. -x/xf86-input-mouse-1.9.1-x86_64-2.txz: Rebuilt. -x/xf86-input-penmount-1.5.0-x86_64-7.txz: Rebuilt. -x/xf86-input-synaptics-1.8.2-x86_64-1.txz: Upgraded. -x/xf86-input-vmmouse-13.0.0-x86_64-6.txz: Rebuilt. -x/xf86-input-void-1.4.0-x86_64-7.txz: Rebuilt. -x/xf86-input-wacom-0.19.0-x86_64-6.txz: Rebuilt. -x/xf86-video-apm-1.2.5-x86_64-6.txz: Rebuilt. -x/xf86-video-ark-0.7.5-x86_64-6.txz: Rebuilt. -x/xf86-video-ast-1.0.1-x86_64-2.txz: Rebuilt. -x/xf86-video-ati-7.5.0-x86_64-1.txz: Upgraded. -x/xf86-video-chips-1.2.5-x86_64-6.txz: Rebuilt. -x/xf86-video-cirrus-1.5.2-x86_64-6.txz: Rebuilt. -x/xf86-video-dummy-0.3.7-x86_64-3.txz: Rebuilt. -x/xf86-video-glint-1.2.8-x86_64-6.txz: Rebuilt. -x/xf86-video-i128-1.3.6-x86_64-6.txz: Rebuilt. -x/xf86-video-i740-1.3.5-x86_64-1.txz: Upgraded. -x/xf86-video-intel-2.99.917-x86_64-1.txz: Upgraded. -x/xf86-video-mach64-6.9.4-x86_64-6.txz: Rebuilt. -x/xf86-video-mga-1.6.4-x86_64-1.txz: Upgraded. -x/xf86-video-modesetting-0.9.0-x86_64-2.txz: Rebuilt. -x/xf86-video-neomagic-1.2.8-x86_64-4.txz: Rebuilt. -x/xf86-video-nouveau-1.0.11-x86_64-1.txz: Upgraded. -x/xf86-video-nv-2.1.20-x86_64-7.txz: Rebuilt. -x/xf86-video-openchrome-0.3.3-x86_64-4.txz: Rebuilt. -x/xf86-video-r128-6.9.2-x86_64-3.txz: Rebuilt. -x/xf86-video-rendition-4.2.5-x86_64-6.txz: Rebuilt. -x/xf86-video-s3-0.6.5-x86_64-6.txz: Rebuilt. -x/xf86-video-s3virge-1.10.6-x86_64-7.txz: Rebuilt. -x/xf86-video-savage-2.3.7-x86_64-3.txz: Rebuilt. -x/xf86-video-siliconmotion-1.7.7-x86_64-7.txz: Rebuilt. -x/xf86-video-sis-0.10.7-x86_64-7.txz: Rebuilt. -x/xf86-video-sisusb-0.9.6-x86_64-6.txz: Rebuilt. -x/xf86-video-tdfx-1.4.6-x86_64-1.txz: Upgraded. -x/xf86-video-tga-1.2.2-x86_64-6.txz: Rebuilt. -x/xf86-video-trident-1.3.7-x86_64-1.txz: Upgraded. -x/xf86-video-tseng-1.2.5-x86_64-6.txz: Rebuilt. -x/xf86-video-v4l-0.2.0-x86_64-11.txz: Rebuilt. -x/xf86-video-vesa-2.3.3-x86_64-3.txz: Rebuilt. -x/xf86-video-vmware-13.1.0-x86_64-1.txz: Upgraded. -x/xf86-video-voodoo-1.2.5-x86_64-7.txz: Rebuilt. -x/xf86-video-xgi-git_5a3e0de677b7-x86_64-1.txz: Upgraded. -x/xf86-video-xgixp-1.8.1-x86_64-6.txz: Rebuilt. -x/xfsinfo-1.0.5-x86_64-1.txz: Upgraded. -x/xinit-1.3.4-x86_64-1.txz: Upgraded. -x/xkbcomp-1.3.0-x86_64-1.txz: Upgraded. -x/xman-1.1.4-x86_64-1.txz: Upgraded. -x/xorg-server-1.16.4-x86_64-1.txz: Upgraded. -x/xorg-server-xephyr-1.16.4-x86_64-1.txz: Upgraded. -x/xorg-server-xnest-1.16.4-x86_64-1.txz: Upgraded. -x/xorg-server-xvfb-1.16.4-x86_64-1.txz: Upgraded. -x/xproto-7.0.27-noarch-1.txz: Upgraded. -x/xterm-318-x86_64-1.txz: Upgraded. -x/xtrans-1.3.5-noarch-1.txz: Upgraded. -xap/MPlayer-20150403-x86_64-1.txz: Upgraded. - Upgraded to MPlayer from trunk built against ffmpeg-2.6.1. -xap/audacious-3.6.1-x86_64-1.txz: Upgraded. -xap/audacious-plugins-3.6.1-x86_64-1.txz: Upgraded. -xap/blueman-r708-x86_64-4.txz: Rebuilt. -xap/electricsheep-20090306-x86_64-4.txz: Rebuilt. -xap/fvwm-2.6.5-x86_64-7.txz: Rebuilt. -xap/geeqie-20150329git-x86_64-1.txz: Upgraded. -xap/gftp-2.0.19-x86_64-4.txz: Rebuilt. -xap/gimp-2.8.14-x86_64-2.txz: Rebuilt. -xap/gnuchess-6.2.1-x86_64-1.txz: Upgraded. - Upgraded to gnuchess-6.2.1 and xboard-4.8.0. -xap/gnuplot-4.6.6-x86_64-1.txz: Upgraded. -xap/gucharmap-3.12.1-x86_64-1.txz: Upgraded. -xap/imagemagick-6.9.0_10-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-37.0.2-x86_64-1.txz: Upgraded. - This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8779 (* Security fix *) -xap/mozilla-thunderbird-31.6.0-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. +n/rpcbind-0.2.4-x86_64-1.txz: Upgraded. + Patched a bug which can cause a denial of service through memory exhaustion. + Thanks to Robby Workman. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8779 (* Security fix *) -xap/network-manager-applet-1.0.0-x86_64-1.txz: Upgraded. -xap/rdesktop-1.8.3-x86_64-1.txz: Upgraded. -xap/sane-1.0.24-x86_64-2.txz: Rebuilt. -xap/seamonkey-2.33.1-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. ++--------------------------+ +Sun Jul 9 20:38:08 UTC 2017 +a/lilo-24.2-x86_64-5.txz: Rebuilt. + liloconfig: support /dev/vda in QEMU. Thanks to Robby Workman. +a/logrotate-3.12.2-x86_64-1.txz: Upgraded. + Thanks to Robby Workman. +a/sysvinit-scripts-2.0-noarch-37.txz: Rebuilt. + rc.cpufreq: document "schedutil" CPU scaling governor. + Thanks to Paul Blazejowski. +l/cairomm-1.12.2-x86_64-1.txz: Upgraded. +l/fuse-2.9.7-x86_64-1.txz: Upgraded. +l/gmm-4.3-noarch-1.txz: Upgraded. +l/gmp-6.1.2-x86_64-1.txz: Upgraded. +l/gnu-efi-3.0.6-x86_64-1.txz: Upgraded. +l/libaio-0.3.110-x86_64-1.txz: Upgraded. +l/libao-1.2.2-x86_64-1.txz: Upgraded. +l/libcap-ng-0.7.8-x86_64-1.txz: Upgraded. +l/libmowgli-1.0.0-x86_64-1.txz: Upgraded. +l/libnl3-3.3.0-x86_64-1.txz: Upgraded. +l/libyaml-0.1.7-x86_64-1.txz: Upgraded. +l/lzo-2.10-x86_64-1.txz: Upgraded. +l/shared-mime-info-1.8-x86_64-1.txz: Upgraded. +n/ethtool-4.11-x86_64-1.txz: Upgraded. +n/iproute2-4.11.0-x86_64-1.txz: Upgraded. +n/ipset-6.32-x86_64-1.txz: Upgraded. +n/irssi-1.0.4-x86_64-1.txz: Upgraded. + This release fixes two remote crash issues as well as a few bugs. + For more information, see: + https://irssi.org/security/irssi_sa_2017_07.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10965 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10966 + (* Security fix *) +n/libmnl-1.0.4-x86_64-1.txz: Upgraded. +n/mtr-0.92-x86_64-1.txz: Upgraded. +n/nfs-utils-1.3.4-x86_64-1.txz: Upgraded. +x/motif-2.3.7-x86_64-2.txz: Rebuilt. +x/xterm-330-x86_64-1.txz: Upgraded. +xfce/Thunar-1.6.12-x86_64-1.txz: Upgraded. ++--------------------------+ +Sat Jul 8 00:11:34 UTC 2017 +a/aaa_elflibs-14.2-x86_64-30.txz: Rebuilt. + Added libidn2.so.0. +a/gettext-0.19.8.1-x86_64-4.txz: Rebuilt. +ap/cgmanager-0.41-x86_64-1.txz: Upgraded. + Maybe we don't really need this, but it likely doesn't hurt. +ap/ghostscript-9.21-x86_64-1.txz: Upgraded. +ap/gutenprint-5.2.12-x86_64-2.txz: Rebuilt. + Linked against libidn2-2.0.2 and libunistring-0.9.7. +ap/lxc-2.0.8-x86_64-3.txz: Rebuilt. + Linked against libidn2-2.0.2 and libunistring-0.9.7. +ap/texinfo-6.4-x86_64-1.txz: Upgraded. +d/gettext-tools-0.19.8.1-x86_64-4.txz: Rebuilt. + Linked against libunistring-0.9.7. +d/guile-2.0.14-x86_64-2.txz: Rebuilt. + Linked against libunistring-0.9.7. +d/mercurial-4.2.2-x86_64-1.txz: Upgraded. +l/fftw-3.3.6_pl2-x86_64-1.txz: Upgraded. +l/gc-7.4.4-x86_64-1.txz: Upgraded. +l/gcr-3.20.0-x86_64-1.txz: Upgraded. +l/glib-networking-2.50.0-x86_64-2.txz: Rebuilt. + Linked against libidn2-2.0.2 and libunistring-0.9.7. +l/gnome-keyring-3.20.1-x86_64-1.txz: Upgraded. +l/gtk+2-2.24.31-x86_64-2.txz: Rebuilt. + Linked against libidn2-2.0.2 and libunistring-0.9.7. +l/gtk+3-3.22.16-x86_64-2.txz: Rebuilt. + Linked against libidn2-2.0.2 and libunistring-0.9.7. +l/libidn2-2.0.2-x86_64-1.txz: Added. +l/libunistring-0.9.7-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/libvncserver-0.9.11-x86_64-2.txz: Rebuilt. + Linked against libidn2-2.0.2 and libunistring-0.9.7. +l/pcre-8.41-x86_64-1.txz: Upgraded. +l/vte-0.44.3-x86_64-2.txz: Rebuilt. + Linked against libidn2-2.0.2 and libunistring-0.9.7. +n/NetworkManager-1.8.2-x86_64-1.txz: Upgraded. +n/ca-certificates-20161130-noarch-1.txz: Upgraded. +n/curl-7.54.1-x86_64-1.txz: Upgraded. +n/dhcp-4.3.5-x86_64-1.txz: Upgraded. +n/dnsmasq-2.77-x86_64-1.txz: Upgraded. + Linked against libidn2-2.0.2 and libunistring-0.9.7. +n/gnutls-3.5.14-x86_64-1.txz: Upgraded. + Linked against libidn2-2.0.2 and libunistring-0.9.7. +n/lftp-4.7.7-x86_64-1.txz: Upgraded. +n/php-5.6.31-x86_64-1.txz: Upgraded. + This release fixes bugs and security issues. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html - (* Security fix *) -xap/vim-gvim-7.4.692-x86_64-1.txz: Upgraded. -xap/windowmaker-0.95.6-x86_64-1.txz: Upgraded. -xap/xaos-3.6-x86_64-1.txz: Upgraded. -xap/xchat-2.8.8-x86_64-10.txz: Rebuilt. -xap/xfractint-20.04p13-x86_64-1.txz: Upgraded. -xap/xine-lib-1.2.6-x86_64-1.txz: Upgraded. -xap/xine-ui-0.99.9-x86_64-1.txz: Upgraded. -xap/xlockmore-5.46-x86_64-1.txz: Upgraded. -xap/xpaint-2.9.10.3-x86_64-1.txz: Upgraded. -xap/xsane-0.999-x86_64-1.txz: Upgraded. -xap/xscreensaver-5.32-x86_64-1.txz: Upgraded. -xap/xv-3.10a-x86_64-7.txz: Rebuilt. -xfce/Thunar-1.6.7-x86_64-1.txz: Upgraded. -xfce/exo-0.10.4-x86_64-1.txz: Upgraded. -xfce/garcon-0.4.0-x86_64-1.txz: Upgraded. -xfce/gtk-xfce-engine-2.10.1-x86_64-1.txz: Upgraded. -xfce/libxfce4ui-4.12.1-x86_64-1.txz: Upgraded. -xfce/libxfce4util-4.12.1-x86_64-1.txz: Upgraded. -xfce/libxfcegui4-4.10.0-x86_64-2.txz: Removed. -xfce/orage-4.12.1-x86_64-1.txz: Upgraded. -xfce/thunar-volman-0.8.1-x86_64-1.txz: Upgraded. -xfce/tumbler-0.1.31-x86_64-1.txz: Upgraded. -xfce/xfce4-appfinder-4.12.0-x86_64-1.txz: Upgraded. -xfce/xfce4-clipman-plugin-1.2.3-x86_64-3.txz: Rebuilt. -xfce/xfce4-dev-tools-4.12.0-x86_64-1.txz: Upgraded. -xfce/xfce4-mixer-4.10.0-x86_64-1.txz: Upgraded. -xfce/xfce4-notifyd-0.2.4-x86_64-2.txz: Rebuilt. -xfce/xfce4-panel-4.12.0-x86_64-1.txz: Upgraded. -xfce/xfce4-power-manager-1.4.4-x86_64-1.txz: Upgraded. -xfce/xfce4-screenshooter-1.8.2-x86_64-1.txz: Upgraded. -xfce/xfce4-session-4.12.1-x86_64-1.txz: Upgraded. -xfce/xfce4-settings-4.12.0-x86_64-1.txz: Upgraded. -xfce/xfce4-systemload-plugin-1.1.2-x86_64-1.txz: Upgraded. -xfce/xfce4-taskmanager-1.1.0-x86_64-1.txz: Upgraded. -xfce/xfce4-terminal-0.6.3-x86_64-1.txz: Upgraded. -xfce/xfce4-volumed-0.1.13-x86_64-2.txz: Rebuilt. -xfce/xfce4-weather-plugin-0.8.5-x86_64-1.txz: Upgraded. -xfce/xfconf-4.12.0-x86_64-1.txz: Upgraded. -xfce/xfdesktop-4.12.1-x86_64-1.txz: Upgraded. -xfce/xfwm4-4.12.2-x86_64-1.txz: Upgraded. -xfce/xfwm4-themes-4.10.0-x86_64-1.txz: Removed. + https://php.net/ChangeLog-5.php#5.6.31 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9224 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9226 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9227 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9228 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9229 + (* Security fix *) +n/wget-1.19.1-x86_64-2.txz: Rebuilt. + Linked against libidn2-2.0.2 and libunistring-0.9.7. +n/whois-5.2.16-x86_64-1.txz: Upgraded. + Linked against libidn2-2.0.2 and libunistring-0.9.7. +x/fontconfig-2.12.4-x86_64-1.txz: Upgraded. +x/libinput-1.8.0-x86_64-1.txz: Upgraded. +extra/tigervnc/tigervnc-1.8.0-x86_64-2.txz: Rebuilt. + Linked against libidn2-2.0.2 and libunistring-0.9.7. ++--------------------------+ +Thu Jul 6 00:38:21 UTC 2017 +a/kernel-generic-4.9.36-x86_64-1.txz: Upgraded. +a/kernel-huge-4.9.36-x86_64-1.txz: Upgraded. +a/kernel-modules-4.9.36-x86_64-1.txz: Upgraded. +d/kernel-headers-4.9.36-x86-1.txz: Upgraded. +k/kernel-source-4.9.36-noarch-1.txz: Upgraded. +xap/xscreensaver-5.37-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. -testing/source/config-testing-4.0/*: Added. usb-and-pxe-installers/usbboot.img: Rebuilt. -usb-and-pxe-installers/usbimg2disk.sh: Patched to fix sfdisk bug. - Thanks to Tim Thomas. -+--------------------------+ -Thu Mar 5 21:56:15 UTC 2015 -a/util-linux-2.26-x86_64-2.txz: Rebuilt. - Removed dangling tunelp symlink. Thanks to Jesu Feran. -n/samba-4.2.0-x86_64-1.txz: Upgraded. - This package fixes security issues since the last update: - BUG 11077: CVE-2015-0240: talloc free on uninitialized stack pointer - in netlogon server could lead to security vulnerability. - BUG 11077: CVE-2015-0240: s3-netlogon: Make sure we do not deference - a NULL pointer. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0240 - (* Security fix *) -n/wget-1.16.2-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-36.0.1-x86_64-1.txz: Upgraded. -extra/google-chrome/google-chrome.SlackBuild: Patched. - Fixed google-chrome repackaging script due to the change from lzma to xz. - Thanks to Jennifer Doering. -+--------------------------+ -Thu Feb 26 01:06:11 UTC 2015 -ap/vim-7.4.640-x86_64-1.txz: Upgraded. -d/gdb-7.9-x86_64-1.txz: Upgraded. -n/nmap-6.47-x86_64-1.txz: Upgraded. -x/glew-1.10.0-x86_64-2.txz: Rebuilt. - Added libGLEWmx to the package. Thanks to Klaatu and Larry Hajali. -xap/fluxbox-1.3.7-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-36.0-x86_64-1.txz: Upgraded. - This release contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html - (* Security fix *) -xap/mozilla-thunderbird-31.5.0-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html ++--------------------------+ +Mon Jul 3 23:09:19 UTC 2017 +a/grep-3.1-x86_64-1.txz: Upgraded. +ap/acct-6.6.4-x86_64-1.txz: Upgraded. +ap/cups-2.2.4-x86_64-1.txz: Upgraded. +ap/cups-filters-1.14.1-x86_64-1.txz: Upgraded. +ap/gphoto2-2.5.14-x86_64-1.txz: Upgraded. +ap/tmux-2.5-x86_64-1.txz: Upgraded. +l/apr-1.6.2-x86_64-1.txz: Upgraded. +l/apr-util-1.6.0-x86_64-1.txz: Upgraded. +l/libgphoto2-2.5.14-x86_64-1.txz: Upgraded. +l/libpng-1.6.30-x86_64-1.txz: Upgraded. +l/sound-theme-freedesktop-0.8-noarch-1.txz: Upgraded. +x/mesa-17.1.4-x86_64-1.txz: Upgraded. ++--------------------------+ +Fri Jun 30 21:14:15 UTC 2017 +a/glibc-solibs-2.25-x86_64-3.txz: Rebuilt. + (* Security fix *) +a/kernel-generic-4.9.35-x86_64-1.txz: Upgraded. + (* Security fix *) +a/kernel-huge-4.9.35-x86_64-1.txz: Upgraded. + (* Security fix *) +a/kernel-modules-4.9.35-x86_64-1.txz: Upgraded. +d/kernel-headers-4.9.35-x86-1.txz: Upgraded. +k/kernel-source-4.9.35-noarch-1.txz: Upgraded. + This kernel fixes security issues that include possible stack exhaustion, + memory corruption, and arbitrary code execution. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7482 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000365 + (* Security fix *) +l/glibc-2.25-x86_64-3.txz: Rebuilt. + Applied upstream security hardening patches from git. + For more information, see: + https://sourceware.org/git/?p=glibc.git;a=commit;h=3c7cd21290cabdadd72984fb69bc51e64ff1002d + https://sourceware.org/git/?p=glibc.git;a=commit;h=46703a3995aa3ca2b816814aa4ad05ed524194dd + https://sourceware.org/git/?p=glibc.git;a=commit;h=c69d4a0f680a24fdbe323764a50382ad324041e9 + https://sourceware.org/git/?p=glibc.git;a=commit;h=3776f38fcd267c127ba5eb222e2c614c191744aa + https://sourceware.org/git/?p=glibc.git;a=commit;h=adc7e06fb412a2a1ee52f8cb788caf436335b9f3 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000366 + (* Security fix *) +l/glibc-i18n-2.25-x86_64-3.txz: Rebuilt. +l/glibc-profile-2.25-x86_64-3.txz: Rebuilt. (* Security fix *) -xap/vim-gvim-7.4.640-x86_64-1.txz: Upgraded. -xap/xchat-2.8.8-x86_64-9.txz: Rebuilt. - Don't force the use of SSLv3, since many sites are dropping support for it. - Thanks to Schism. -+--------------------------+ -Sat Feb 21 00:00:27 UTC 2015 -a/lilo-24.1-x86_64-1.txz: Upgraded. - Filter fdisk output to fix detecting Linux partitions. -a/sysvinit-scripts-2.0-noarch-19.txz: Rebuilt. - Removed -w from grep in rc.S to detect rtc ioports correctly. - Thanks to Xsane. -a/util-linux-2.26-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. - Patched to fix issues with EFI and GPT since switching to the new fdisk. - Thanks to Ryan P.C. McQuen and Jonathan Li for the helpful hints. +kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. - Patched to fix issues with EFI and GPT since switching to the new fdisk. - Thanks to Ryan P.C. McQuen and Jonathan Li for the helpful hints. -+--------------------------+ -Mon Feb 16 19:33:36 UTC 2015 -a/aaa_elflibs-14.1-x86_64-4.txz: Rebuilt. -a/btrfs-progs-20150213-x86_64-1.txz: Upgraded. -a/coreutils-8.23-x86_64-1.txz: Upgraded. -a/e2fsprogs-1.42.12-x86_64-1.txz: Upgraded. -a/glibc-solibs-2.21-x86_64-1.txz: Upgraded. -a/glibc-zoneinfo-2015a-noarch-1.txz: Upgraded. -a/kernel-firmware-20150212git-noarch-1.txz: Upgraded. -a/kernel-generic-3.14.33-x86_64-1.txz: Upgraded. -a/kernel-huge-3.14.33-x86_64-1.txz: Upgraded. -a/kernel-modules-3.14.33-x86_64-1.txz: Upgraded. -a/patch-2.7.4-x86_64-1.txz: Upgraded. - Patch no longer follows symbolic links to input and output files. This - ensures that symbolic links created by git-style patches cannot cause - patch to write outside the working directory. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1196 - (* Security fix *) -a/sharutils-4.15-x86_64-1.txz: Upgraded. -a/sysvinit-scripts-2.0-noarch-18.txz: Rebuilt. - Patched the init scripts to produce nicer output from the new versions - of mount/umount. Run the GTK+/FDo registry rebuilds in the background - to speed up boot time. Optimize the search for icon cache files by only - looking in the directories they might be in, rather than all directories - under /usr/share/icons. -a/util-linux-2.25.2-x86_64-1.txz: Upgraded. -ap/sudo-1.8.12-x86_64-1.txz: Upgraded. - This update fixes a potential security issue by only passing the TZ - environment variable it is considered safe. This prevents exploiting bugs - in glibc's TZ parser that could be used to read files that the user does - not have access to, or to cause a denial of service. - For more information, see: - http://www.sudo.ws/sudo/alerts/tz.html - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9680 - (* Security fix *) -d/guile-2.0.11-x86_64-2.txz: Rebuilt. - Recompiled against readline-6.3. -d/kernel-headers-3.14.33-x86-1.txz: Upgraded. -k/kernel-source-3.14.33-noarch-1.txz: Upgraded. -l/glibc-2.21-x86_64-1.txz: Upgraded. -l/glibc-i18n-2.21-x86_64-1.txz: Upgraded. -l/glibc-profile-2.21-x86_64-1.txz: Upgraded. -l/parted-3.2-x86_64-1.txz: Upgraded. -l/readline-6.3-x86_64-1.txz: Upgraded. -l/seamonkey-solibs-2.32.1-x86_64-1.txz: Upgraded. -n/ntp-4.2.8p1-x86_64-1.txz: Upgraded. - Changed rc.ntpd to no longer save the system time to the hardware clock. - This had been done in an effort to stop a time skew that may well have - been caused by other issues with hwclock and the kernel. If removing - this code causes any issues to return, let me know. Thanks to Xsane. -xap/seamonkey-2.32.1-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html - (* Security fix *) ++--------------------------+ +Thu Jun 29 20:55:09 UTC 2017 +a/mkinitrd-1.4.10-x86_64-1.txz: Upgraded. + Added support for -P option and MICROCODE_ARCH in mkinitrd.conf to specify + a microcode archive to be prepended to the initrd for early CPU microcode + patching by the kernel. Thanks to SeB. +ap/nano-2.8.5-x86_64-1.txz: Upgraded. +ap/screen-4.6.0-x86_64-1.txz: Upgraded. +d/llvm-4.0.1-x86_64-1.txz: Upgraded. +l/pcre-8.40-x86_64-1.txz: Upgraded. +l/readline-7.0.003-x86_64-1.txz: Upgraded. +n/bind-9.11.1_P2-x86_64-1.txz: Upgraded. + This update fixes a high severity security issue: + An error in TSIG handling could permit unauthorized zone transfers + or zone updates. + For more information, see: + https://kb.isc.org/article/AA-01503/0 + https://kb.isc.org/article/AA-01504/0 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3142 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3143 + (* Security fix *) +n/httpd-2.4.26-x86_64-1.txz: Upgraded. + This update fixes security issues which may lead to an authentication bypass + or a denial of service: + important: ap_get_basic_auth_pw() Authentication Bypass CVE-2017-3167 + important: mod_ssl Null Pointer Dereference CVE-2017-3169 + important: mod_http2 Null Pointer Dereference CVE-2017-7659 + important: ap_find_token() Buffer Overread CVE-2017-7668 + important: mod_mime Buffer Overread CVE-2017-7679 + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7659 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679 + (* Security fix *) +n/libgcrypt-1.7.8-x86_64-1.txz: Upgraded. + Mitigate a local flush+reload side-channel attack on RSA secret keys + dubbed "Sliding right into disaster". + For more information, see: + https://eprint.iacr.org/2017/627 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7526 + (* Security fix *) +xfce/xfdesktop-4.12.4-x86_64-1.txz: Upgraded. ++--------------------------+ +Mon Jun 26 20:36:18 UTC 2017 +a/kernel-firmware-20170626git-noarch-1.txz: Upgraded. +a/kernel-generic-4.9.34-x86_64-1.txz: Upgraded. + "Stack Clash" fixes -- see below. + (* Security fix *) +a/kernel-huge-4.9.34-x86_64-1.txz: Upgraded. + "Stack Clash" fixes -- see below. + (* Security fix *) +a/kernel-modules-4.9.34-x86_64-1.txz: Upgraded. +a/lrzip-0.631-x86_64-1.txz: Upgraded. +a/lvm2-2.02.171-x86_64-1.txz: Upgraded. +a/time-1.7.2-x86_64-1.txz: Upgraded. +a/util-linux-2.30-x86_64-2.txz: Rebuilt. + Reverted an agetty commit that breaks backspacing over the first character + entered at the login prompt. Thanks to GazL. +ap/mpg123-1.25.0-x86_64-1.txz: Upgraded. +d/kernel-headers-4.9.34-x86-1.txz: Upgraded. +k/kernel-source-4.9.34-noarch-1.txz: Upgraded. + This kernel fixes two "Stack Clash" vulnerabilities reported by Qualys. + The first issue may allow attackers to execute arbitrary code with elevated + privileges. Failed attack attempts will likely result in denial-of-service + conditions. The second issue can be exploited to bypass certain security + restrictions and perform unauthorized actions. + For more information, see: + https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000364 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000365 + (* Security fix *) +l/glib2-2.52.3-x86_64-1.txz: Upgraded. +l/glibmm-2.52.0-x86_64-1.txz: Upgraded. +l/gtkmm3-3.22.1-x86_64-1.txz: Upgraded. +xap/gkrellm-2.3.10-x86_64-2.txz: Rebuilt. + Upgraded to gkrellm-countdown-0.1.1. Thanks to jmccue. +xap/mozilla-thunderbird-52.2.1-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Wed Jan 28 19:23:00 UTC 2015 -a/glibc-zoneinfo-2014j-noarch-1.txz: Upgraded. - Upgraded to tzcode2014j and tzdata2014j. -a/patch-2.7.2-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-35.0.1-x86_64-1.txz: Upgraded. -+--------------------------+ -Wed Jan 21 03:10:01 UTC 2015 -d/gdb-7.8.2-x86_64-1.txz: Upgraded. -n/alpine-2.20-x86_64-1.txz: Upgraded. -n/imapd-2.20-x86_64-1.txz: Upgraded. -n/samba-4.1.16-x86_64-1.txz: Upgraded. - This update is a security release in order to address CVE-2014-8143 - (Elevation of privilege to Active Directory Domain Controller). - Samba's AD DC allows the administrator to delegate creation of user or - computer accounts to specific users or groups. However, all released - versions of Samba's AD DC did not implement the additional required - check on the UF_SERVER_TRUST_ACCOUNT bit in the userAccountControl - attributes. Most Samba deployments are not of the AD Domain Controller, - but are of the classic domain controller, the file server or print server. - Only the Active Directory Domain Controller is affected by this issue. - Additionally, most sites running the AD Domain Controller do not configure - delegation for the creation of user or computer accounts, and so are not - vulnerable to this issue, as no writes are permitted to the - userAccountControl attribute, no matter what the value. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8143 - (* Security fix *) -+--------------------------+ -Sat Jan 17 04:26:41 UTC 2015 -a/kernel-generic-3.14.29-x86_64-1.txz: Upgraded. -a/kernel-huge-3.14.29-x86_64-1.txz: Upgraded. -a/kernel-modules-3.14.29-x86_64-1.txz: Upgraded. -d/gcc-4.8.4-x86_64-1.txz: Upgraded. -d/gcc-g++-4.8.4-x86_64-1.txz: Upgraded. -d/gcc-gfortran-4.8.4-x86_64-1.txz: Upgraded. -d/gcc-gnat-4.8.4-x86_64-1.txz: Upgraded. -d/gcc-go-4.8.4-x86_64-1.txz: Upgraded. -d/gcc-java-4.8.4-x86_64-1.txz: Upgraded. -d/gcc-objc-4.8.4-x86_64-1.txz: Upgraded. -d/kernel-headers-3.14.29-x86-1.txz: Upgraded. -d/libtool-2.4.4-x86_64-1.txz: Upgraded. -k/kernel-source-3.14.29-noarch-1.txz: Upgraded. -l/freetype-2.5.5-x86_64-1.txz: Upgraded. - This release fixes a security bug that could cause freetype to crash - or run programs upon opening a specially crafted file. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2240 - (* Security fix *) -l/seamonkey-solibs-2.32-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-35.0-x86_64-1.txz: Upgraded. - This release contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html - (* Security fix *) -xap/mozilla-thunderbird-31.4.0-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. +Fri Jun 23 20:11:00 UTC 2017 +a/dosfstools-4.1-x86_64-1.txz: Upgraded. + Thanks to Robby Workman. +a/file-5.31-x86_64-1.txz: Upgraded. +a/os-prober-1.75-x86_64-1.txz: Upgraded. +a/xfsprogs-4.11.0-x86_64-1.txz: Upgraded. +ap/at-3.1.20-x86_64-1.txz: Upgraded. +ap/diffutils-3.6-x86_64-1.txz: Upgraded. +d/automake-1.15.1-noarch-1.txz: Upgraded. +d/nasm-2.13.01-x86_64-1.txz: Upgraded. +l/gst-plugins-base-1.12.1-x86_64-1.txz: Upgraded. +l/gst-plugins-good-1.12.1-x86_64-1.txz: Upgraded. +l/gst-plugins-libav-1.12.1-x86_64-1.txz: Upgraded. +l/gstreamer-1.12.1-x86_64-1.txz: Upgraded. +l/gtk+3-3.22.16-x86_64-1.txz: Upgraded. +l/gtkmm2-2.24.5-x86_64-1.txz: Upgraded. +l/poppler-0.56.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Wed Jun 21 18:38:46 UTC 2017 +ap/lxc-2.0.8-x86_64-2.txz: Rebuilt. + rc.lxc: Don't use screen for container startup. Thanks to franzen. +d/libtool-2.4.6-x86_64-5.txz: Rebuilt. + Recompiled to fix wrong embedded GCC version number. + Thanks to B Watson. +n/gnupg2-2.1.21-x86_64-2.txz: Rebuilt. + If the machine does not have smart card devices, do not issue a warning about + a missing smart card. Thanks to Willy Sudiarto Raharjo. +n/openvpn-2.4.3-x86_64-1.txz: Upgraded. + This update fixes several denial of service issues discovered + by Guido Vranken. + For more information, see: + https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7508 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7520 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7521 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7512 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7522 + (* Security fix *) +xap/gnuplot-5.0.6-x86_64-1.txz: Upgraded. ++--------------------------+ +Wed Jun 21 01:12:42 UTC 2017 +kde/calligra-2.9.11-x86_64-11.txz: Rebuilt. + Recompiled against gsl-2.4. +kde/step-4.14.3-x86_64-5.txz: Rebuilt. + Recompiled against gsl-2.4. +l/gsl-2.4-x86_64-1.txz: Upgraded. + Shared library .so-version bump. ++--------------------------+ +Tue Jun 20 05:08:21 UTC 2017 +a/udisks2-2.6.5-x86_64-1.txz: Upgraded. + Thanks to Robby Workman. +ap/linuxdoc-tools-0.9.72-x86_64-3.txz: Rebuilt. + Removed .la files. Thanks to Stuart Winter. +ap/lxc-2.0.8-x86_64-1.txz: Upgraded. + Added additional default container packages: cyrus-sasl, db48, gnutls, + iproute2, kmod, libcap-ng, libffi, libmnl, libtasn1, libunistring, nettle, + and p11-kit. Thanks to CTM. + Use configure option --enable-cgmanager=no. Thanks to Didier Spaier. +l/cairo-1.14.10-x86_64-1.txz: Upgraded. +l/libbluray-1.0.1-x86_64-1.txz: Upgraded. +l/polkit-0.113-x86_64-3.txz: Rebuilt. + Added upstream patches to fix a memory leak and increase security when + using GIO. Thanks to Robby Workman. +n/ModemManager-1.6.8-x86_64-1.txz: Upgraded. +n/nmap-7.50-x86_64-1.txz: Upgraded. +x/libepoxy-1.4.3-x86_64-1.txz: Upgraded. +x/libinput-1.7.3-x86_64-1.txz: Upgraded. +x/libwacom-0.25-x86_64-1.txz: Upgraded. +xfce/garcon-0.6.1-x86_64-1.txz: Upgraded. +xfce/tumbler-0.1.32-x86_64-1.txz: Upgraded. ++--------------------------+ +Thu Jun 15 02:08:28 UTC 2017 +ap/linuxdoc-tools-0.9.72-x86_64-2.txz: Rebuilt. + Switched to OpenJade-1.3.2 (from 1.3.3-pre1 which was segfaulting). + Upgraded to perl-XML-NamespaceSupport-1.12. + Upgraded to perl-XML-SAX-Base-1.09. + Updated build script to work with bash 4.4. Thanks to Heinz Wiesinger. + Support '.conf.new' for config files within /etc/asciidoc. + Thanks to franzen on LQ for the suggestion. + Thanks to Stuart Winter. +d/slacktrack-2.18-x86_64-1.txz: Upgraded. + Thanks to Stuart Winter. +n/NetworkManager-1.8.0-x86_64-3.txz: Upgraded. + Applied upstream patches from git. Thanks to Robby Workman. +n/bind-9.11.1_P1-x86_64-1.txz: Upgraded. + Fixed denial of service security issue: + Some RPZ configurations could go into an infinite query loop when + encountering responses with TTL=0. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html + https://kb.isc.org/article/AA-01495 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3140 (* Security fix *) -xap/seamonkey-2.32-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. +xap/mozilla-firefox-52.2.0esr-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html + https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html + (* Security fix *) +xap/mozilla-thunderbird-52.2.0-x86_64-1.txz: Upgraded. + Switched to using GTK+ v3. +xap/network-manager-applet-1.8.2-x86_64-1.txz: Upgraded. ++--------------------------+ +Tue Jun 13 19:54:24 UTC 2017 +a/sysvinit-scripts-2.0-noarch-36.txz: Rebuilt. + In rc.6, rc.K, and rc.S, use this path setting: + PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin + Thanks to GazL. +ap/sqlite-3.19.3-x86_64-1.txz: Upgraded. +kde/calligra-2.9.11-x86_64-10.txz: Rebuilt. + Recompiled against libGLEW.so.2.0.0. +kde/kde-runtime-4.14.3-x86_64-4.txz: Rebuilt. + Recompiled to drop libgpgme-pthread dependency. +kde/kdepim-4.14.10-x86_64-2.txz: Rebuilt. + Recompiled to drop libgpgme-pthread dependency. +kde/kdepimlibs-4.14.10-x86_64-3.txz: Rebuilt. + Recompiled to drop libgpgme-pthread dependency. +kde/kget-4.14.3-x86_64-3.txz: Rebuilt. + Recompiled to drop libgpgme-pthread dependency. +kde/kopete-4.14.3-x86_64-4.txz: Rebuilt. + Recompiled to drop libgpgme-pthread dependency. +l/ffmpeg-3.3.2-x86_64-1.txz: Upgraded. +l/gmime-2.6.23-x86_64-2.txz: Rebuilt. + Recompiled to drop libgpgme-pthread dependency. +n/dirmngr-1.1.1-x86_64-3.txz: Removed. +n/gnupg2-2.1.21-x86_64-1.txz: Upgraded. +n/gpgme-1.9.0-x86_64-1.txz: Upgraded. + This eliminates the libgpgme-pthread library, so anything using that will + need to be recompiled. +n/libgcrypt-1.7.7-x86_64-1.txz: Upgraded. +n/libgpg-error-1.27-x86_64-1.txz: Upgraded. +n/npth-1.5-x86_64-1.txz: Added. +n/pth-2.0.7-x86_64-1.txz: Removed. +n/samba-4.6.5-x86_64-1.txz: Upgraded. +x/glew-2.0.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. + Fixed glew.pc. Thanks to Willy Sudiarto Raharjo. +x/mesa-17.1.2-x86_64-2.txz: Rebuilt. + Recompiled against libGLEW.so.2.0.0. +xap/fluxbox-1.3.7-x86_64-2.txz: Rebuilt. + Fixed volume settings in keys file. Thanks to i720. ++--------------------------+ +Wed Jun 7 22:42:04 UTC 2017 +a/kernel-generic-4.9.31-x86_64-1.txz: Upgraded. +a/kernel-huge-4.9.31-x86_64-1.txz: Upgraded. +a/kernel-modules-4.9.31-x86_64-1.txz: Upgraded. +d/kernel-headers-4.9.31-x86-1.txz: Upgraded. +k/kernel-source-4.9.31-noarch-1.txz: Upgraded. +n/irssi-1.0.3-x86_64-1.txz: Upgraded. + Fixed security issues that may result in a denial of service. + For more information, see: + https://irssi.org/security/irssi_sa_2017_06.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9468 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9469 (* Security fix *) isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Fri Jan 9 17:47:53 UTC 2015 -a/openssl-solibs-1.0.1k-x86_64-1.txz: Upgraded. - (* Security fix *) -n/openssl-1.0.1k-x86_64-1.txz: Upgraded. - This update fixes several security issues: - DTLS segmentation fault in dtls1_get_record (CVE-2014-3571) - DTLS memory leak in dtls1_buffer_record (CVE-2015-0206) - no-ssl3 configuration sets method to NULL (CVE-2014-3569) - ECDHE silently downgrades to ECDH [Client] (CVE-2014-3572) - RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204) - DH client certificates accepted without verification [Server] (CVE-2015-0205) - Certificate fingerprints can be modified (CVE-2014-8275) - Bignum squaring may produce incorrect results (CVE-2014-3570) - For more information, see: - https://www.openssl.org/news/secadv_20150108.txt - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570 - (* Security fix *) -xap/fluxbox-1.3.6-x86_64-1.txz: Upgraded. -+--------------------------+ -Tue Dec 23 00:05:23 UTC 2014 -a/kernel-generic-3.14.27-x86_64-1.txz: Upgraded. -a/kernel-huge-3.14.27-x86_64-1.txz: Upgraded. -a/kernel-modules-3.14.27-x86_64-1.txz: Upgraded. -ap/vim-7.4.560-x86_64-1.txz: Upgraded. -d/kernel-headers-3.14.27-x86-1.txz: Upgraded. -k/kernel-source-3.14.27-noarch-1.txz: Upgraded. -l/libusb-1.0.19-x86_64-1.txz: Upgraded. -l/libusb-compat-0.1.5-x86_64-1.txz: Upgraded. -n/ntp-4.2.8-x86_64-1.txz: Upgraded. - In addition to bug fixes and enhancements, this release fixes - several high-severity vulnerabilities discovered by Neel Mehta - and Stephen Roettger of the Google Security Team. - For more information, see: - https://www.kb.cert.org/vuls/id/852879 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296 - (* Security fix *) -n/php-5.4.36-x86_64-1.txz: Upgraded. - This update fixes bugs and security issues. - #68545 (NULL pointer dereference in unserialize.c). - #68594 (Use after free vulnerability in unserialize()). (CVE-2014-8142) - #68283 (fileinfo: out-of-bounds read in elf note headers). (CVE-2014-3710) - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142 - (* Security fix *) -x/libdrm-2.4.58-x86_64-1.txz: Upgraded. -x/libvdpau-0.9-x86_64-1.txz: Added. +Tue Jun 6 02:50:21 UTC 2017 +a/mcelog-152-x86_64-2.txz: Rebuilt. + rc.mcelog: Fixed 'status' option. Thanks to Tim Thomas. +x/libdrm-2.4.81-x86_64-1.txz: Upgraded. +x/mesa-17.1.2-x86_64-1.txz: Upgraded. ++--------------------------+ +Mon Jun 5 20:13:13 UTC 2017 +a/mcelog-152-x86_64-1.txz: Upgraded. +ap/joe-4.4-x86_64-1.txz: Upgraded. +d/gdb-8.0-x86_64-1.txz: Upgraded. +l/elfutils-0.169-x86_64-1.txz: Upgraded. ++--------------------------+ +Sat Jun 3 19:24:12 UTC 2017 +a/util-linux-2.30-x86_64-1.txz: Upgraded. +ap/sqlite-3.19.2-x86_64-1.txz: Upgraded. + Fixed OPT_FEATURE_FLAGS in ./configure. Thanks to Heinz Wiesinger. +l/libtasn1-4.12-x86_64-1.txz: Upgraded. +x/xkeyboard-config-2.21-noarch-1.txz: Upgraded. +x/xterm-328-x86_64-1.txz: Upgraded. +xap/gucharmap-3.18.2-x86_64-1.txz: Upgraded. +xap/sane-1.0.27-x86_64-1.txz: Upgraded. ++--------------------------+ +Thu Jun 1 18:56:38 UTC 2017 +d/cmake-3.8.2-x86_64-1.txz: Upgraded. +l/alsa-lib-1.1.4.1-x86_64-1.txz: Upgraded. +n/mutt-1.8.3-x86_64-1.txz: Upgraded. +x/xdm-1.1.11-x86_64-7.txz: Rebuilt. + In /etc/X11/xdm/xdm-config, specify MIT-MAGIC-COOKIE-1 authorization, as + the default XDM-AUTHORIZATION-1 doesn't work. This fixes issues with SDL2 + apps as well as other authorization bugs when using XDM. + Thanks to Dan Church. ++--------------------------+ +Wed May 31 23:07:23 UTC 2017 +ap/sudo-1.8.20p2-x86_64-1.txz: Upgraded. + This is a bugfix release: + Fixed a bug parsing /proc/pid/stat when the process name contains + a newline. This is not exploitable due to the /dev traversal changes + made in sudo 1.8.20p1. ++--------------------------+ +Tue May 30 17:39:17 UTC 2017 +ap/sudo-1.8.20p1-x86_64-1.txz: Upgraded. + This update fixes a potential overwrite of arbitrary system files. + This bug was discovered and analyzed by Qualys, Inc. + For more information, see: + https://www.sudo.ws/alerts/linux_tty.html + http://www.openwall.com/lists/oss-security/2017/05/30/16 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000367 + (* Security fix *) +n/lynx-2.8.8rel.2-x86_64-3.txz: Rebuilt. + Fixed lynx startup without a URL by correcting STARTFILE in lynx.cfg to use + the new URL for the Lynx homepage. Thanks to John David Yost. ++--------------------------+ +Fri May 26 22:40:13 UTC 2017 +a/kernel-generic-4.9.30-x86_64-1.txz: Upgraded. +a/kernel-huge-4.9.30-x86_64-1.txz: Upgraded. +a/kernel-modules-4.9.30-x86_64-1.txz: Upgraded. +d/kernel-headers-4.9.30-x86-1.txz: Upgraded. +k/kernel-source-4.9.30-noarch-1.txz: Upgraded. +n/NetworkManager-1.8.0-x86_64-2.txz: Rebuilt. + rc.networkmanager: Set XDG_CACHE_HOME=/root/.cache before starting. + Thanks to allend. +x/mesa-17.1.1-x86_64-1.txz: Upgraded. + Enabled Vulkan drivers for Intel and Radeon. +x/vulkan-sdk-1.0.26.0-x86_64-1.txz: Added. Thanks to Heinz Wiesinger. -x/mesa-10.3.5-x86_64-1.txz: Upgraded. -x/xorg-server-1.15.2-x86_64-3.txz: Rebuilt. - This update fixes many security issues discovered by Ilja van Sprundel, - a security researcher with IOActive. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8091 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8092 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8093 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8094 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8095 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8096 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8097 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8098 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8099 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8100 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8101 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8102 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8103 - (* Security fix *) -x/xorg-server-xephyr-1.15.2-x86_64-3.txz: Rebuilt. -x/xorg-server-xnest-1.15.2-x86_64-3.txz: Rebuilt. -x/xorg-server-xvfb-1.15.2-x86_64-3.txz: Rebuilt. -xap/MPlayer-1.1_20130819-x86_64-3.txz: Rebuilt. - Recompiled with support for libvdpau. -xap/vim-gvim-7.4.560-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. -testing/source/config-testing-3.18.1/*: Added. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Thu Dec 11 01:18:35 UTC 2014 -a/gptfdisk-0.8.10-x86_64-1.txz: Upgraded. -l/seamonkey-solibs-2.31-x86_64-1.txz: Upgraded. -n/bind-9.10.1_P1-x86_64-1.txz: Upgraded. - This update fixes a security issue where a failure to place limits on - delegation chaining can allow an attacker to crash BIND or cause memory - exhaustion. - For more information, see: - https://kb.isc.org/article/AA-01216 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500 - (* Security fix *) -n/openssh-6.7p1-x86_64-2.txz: Rebuilt. - Restored support for tcpwrappers that was dropped by upstream. - Thanks to mancha. -n/openvpn-2.3.6-x86_64-1.txz: Upgraded. - This update fixes a security issue that allows remote authenticated - users to cause a denial of service (server crash) via a small control - channel packet. - For more information, see: - https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8104 - (* Security fix *) -n/wpa_supplicant-2.3-x86_64-1.txz: Upgraded. - This update fixes a remote command-execution vulnerability caused by a - failure to adequately sanitize user-supplied input. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686 - (* Security fix *) -xap/pidgin-2.10.11-x86_64-1.txz: Upgraded. - This update contains login fixes for MSN and some XMPP servers. -xap/seamonkey-2.31-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html - (* Security fix *) -+--------------------------+ -Wed Dec 3 07:03:12 UTC 2014 -xap/mozilla-thunderbird-31.3.0-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. +Wed May 24 19:38:59 UTC 2017 +n/samba-4.6.4-x86_64-1.txz: Upgraded. + This update fixes a remote code execution vulnerability, allowing a + malicious client to upload a shared library to a writable share, and + then cause the server to load and execute it. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html + https://www.samba.org/samba/security/CVE-2017-7494.html + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7494 (* Security fix *) +--------------------------+ -Mon Dec 1 23:57:40 UTC 2014 -a/grep-2.21-x86_64-1.txz: Upgraded. -ap/groff-1.22.3-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-34.0.5-x86_64-1.txz: Upgraded. - This release contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html - (* Security fix *) +Wed May 24 04:51:46 UTC 2017 +a/aaa_elflibs-14.2-x86_64-29.txz: Rebuilt. +a/aaa_terminfo-6.0-x86_64-1.txz: Upgraded. +a/sysvinit-scripts-2.0-noarch-35.txz: Rebuilt. + rc.4: Support a custom rc.4.local display manager startup script. + Thanks to Robby Workman. +ap/sqlite-3.19.0-x86_64-1.txz: Upgraded. +ap/tmux-2.4-x86_64-2.txz: Rebuilt. + Added /etc/tmux.conf.new to set TERM=tmux-256color. + Removed tmux terminfo files, as these are packaged with ncurses. +l/ncurses-6.0-x86_64-3.txz: Rebuilt. + Drop --with-xterm-kbs=DEL option, taking the upstream default of ^H. + Added a modified tmux terminfo, setting kbs=\177, as it expects. + Default to upstream versions of everything else in the terminfo database. + Thanks to Xsane and GazL for some insights on a more correct configuration. +l/newt-0.52.20-x86_64-1.txz: Upgraded. +l/pango-1.40.6-x86_64-1.txz: Upgraded. +n/NetworkManager-1.8.0-x86_64-1.txz: Upgraded. +n/network-scripts-14.2-noarch-6.txz: Rebuilt. + rc.inet1: Change actual DHCP_TIMEOUT to 15. Thanks to pataphysician. +tcl/tcl-8.6.6-x86_64-1.txz: Upgraded. +tcl/tk-8.6.6-x86_64-1.txz: Upgraded. +xap/network-manager-applet-1.8.0-x86_64-1.txz: Upgraded. +extra/tigervnc/tigervnc-1.8.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Mon May 22 20:58:20 UTC 2017 +a/bash-4.4.012-x86_64-1.txz: Upgraded. +a/kernel-generic-4.9.29-x86_64-1.txz: Upgraded. +a/kernel-huge-4.9.29-x86_64-1.txz: Upgraded. +a/kernel-modules-4.9.29-x86_64-1.txz: Upgraded. +a/less-487-x86_64-1.txz: Upgraded. + Support .tar.lz in lesspipe.sh. +a/lzip-1.19-x86_64-2.txz: Rebuilt. + CXXFLAGS need to be placed after ./configure to take effect. + Thanks to Matias Fonzo. +ap/alsa-utils-1.1.4-x86_64-1.txz: Upgraded. +ap/nano-2.8.4-x86_64-1.txz: Upgraded. +ap/vim-8.0.0600-x86_64-1.txz: Upgraded. +d/ccache-3.3.4-x86_64-1.txz: Upgraded. +d/gcc-7.1.0-x86_64-2.txz: Rebuilt. + Fixed regression where MMX opcodes are generated without EMMS. + Thanks to orbea. +d/gcc-brig-7.1.0-x86_64-2.txz: Rebuilt. +d/gcc-g++-7.1.0-x86_64-2.txz: Rebuilt. +d/gcc-gfortran-7.1.0-x86_64-2.txz: Rebuilt. +d/gcc-gnat-7.1.0-x86_64-2.txz: Rebuilt. +d/gcc-go-7.1.0-x86_64-2.txz: Rebuilt. +d/gcc-objc-7.1.0-x86_64-2.txz: Rebuilt. +d/kernel-headers-4.9.29-x86-1.txz: Upgraded. +k/kernel-source-4.9.29-noarch-1.txz: Upgraded. +l/alsa-lib-1.1.4-x86_64-1.txz: Upgraded. +l/alsa-plugins-1.1.4-x86_64-1.txz: Upgraded. +l/ffmpeg-3.3.1-x86_64-1.txz: Upgraded. +l/glib2-2.52.2-x86_64-2.txz: Rebuilt. + Added some patches from upstream git, one of which fixes a problem with + LibreOffice. Thanks to PeeBee. +l/slang-2.3.1a-x86_64-1.txz: Upgraded. +n/network-scripts-14.2-noarch-5.txz: Rebuilt. + rc.inet1: Increased default DHCP_TIMEOUT from 10 to 15 seconds. +xap/gkrellm-2.3.10-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-52.1.2esr-x86_64-1.txz: Upgraded. +xap/vim-gvim-8.0.0600-x86_64-1.txz: Upgraded. +xfce/xfce4-terminal-0.8.5.1-x86_64-1.txz: Upgraded. +extra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild: Updated. + Fixed retrieving version number. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Sun Nov 16 22:41:20 UTC 2014 -a/kernel-generic-3.14.24-x86_64-1.txz: Upgraded. -a/kernel-huge-3.14.24-x86_64-1.txz: Upgraded. -a/kernel-modules-3.14.24-x86_64-1.txz: Upgraded. -d/kernel-headers-3.14.24-x86-1.txz: Upgraded. -k/kernel-source-3.14.24-noarch-1.txz: Upgraded. -xap/mozilla-firefox-33.1.1-x86_64-1.txz: Upgraded. +Tue May 16 20:11:03 UTC 2017 +a/kernel-generic-4.9.28-x86_64-1.txz: Upgraded. +a/kernel-huge-4.9.28-x86_64-1.txz: Upgraded. +a/kernel-modules-4.9.28-x86_64-1.txz: Upgraded. +d/cmake-3.8.1-x86_64-1.txz: Upgraded. +d/kernel-headers-4.9.28-x86-1.txz: Upgraded. +k/kernel-source-4.9.28-noarch-1.txz: Upgraded. + CIFS_SMB2 n -> y +kde/kdelibs-4.14.32-x86_64-1.txz: Upgraded. + This update fixes a security issue with KAuth that can lead to gaining + root from an unprivileged account. + For more information, see: + http://www.openwall.com/lists/oss-security/2017/05/10/3 + https://www.kde.org/info/security/advisory-20170510-1.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8422 + (* Security fix *) +l/freetype-2.8-x86_64-1.txz: Upgraded. + This update fixes an out-of-bounds write caused by a heap-based buffer + overflow related to the t1_builder_close_contour function in psaux/psobjs.c. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8287 + (* Security fix *) +l/gtk+3-3.22.15-x86_64-1.txz: Upgraded. +l/qt-4.8.7-x86_64-6.txz: Rebuilt. + Patched to fix moc problems with glibc-2.25 (parse error at "defined", + line 52 of a random header file). + Use -std=gnu++98 and patches to build with gcc-7.1.0. +xap/gimp-2.8.22-x86_64-1.txz: Upgraded. +xap/mozilla-thunderbird-52.1.1-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. -testing/source/config-testing-3.17.3/*: Added. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Thu Nov 13 20:45:54 UTC 2014 -ap/mariadb-5.5.40-x86_64-2.txz: Rebuilt. - Reverted change to my_config.h that breaks compiling many applications - that link against the MariaDB libraries. - Thanks to Willy Sudiarto Raharjo. -xap/pidgin-2.10.10-x86_64-2.txz: Rebuilt. - Fix Gadu-Gadu protocol when GnuTLS is not used. Thanks to mancha. -+--------------------------+ -Tue Nov 11 04:53:57 UTC 2014 -xap/mozilla-firefox-33.1-x86_64-1.txz: Upgraded. -+--------------------------+ -Fri Nov 7 21:02:55 UTC 2014 -a/bash-4.3.030-x86_64-1.txz: Upgraded. - Applied all upstream patches. The previously applied patch requiring - a specific prefix/suffix in order to parse variables for functions - closed all of the known vulnerabilities anyway, but it's clear that - until all the patches were applied that the "is this still vulnerable" - questions were not going to end... -a/btrfs-progs-20141107-x86_64-1.txz: Upgraded. - Added the header files to the package. Thanks to Vincent Batts. -a/kernel-firmware-20141106git-noarch-1.txz: Upgraded. -a/kernel-generic-3.14.23-x86_64-1.txz: Upgraded. -a/kernel-huge-3.14.23-x86_64-1.txz: Upgraded. -a/kernel-modules-3.14.23-x86_64-1.txz: Upgraded. -ap/mpg123-1.21.0-x86_64-1.txz: Upgraded. -d/kernel-headers-3.14.23-x86-1.txz: Upgraded. -k/kernel-source-3.14.23-noarch-1.txz: Upgraded. -xfce/xfce4-weather-plugin-0.8.4-x86_64-1.txz: Upgraded. +Thu May 11 18:09:15 UTC 2017 +l/gtk+3-3.22.14-x86_64-1.txz: Upgraded. ++--------------------------+ +Wed May 10 22:58:28 UTC 2017 +d/git-2.13.0-x86_64-1.txz: Upgraded. +l/gtk+3-3.22.13-x86_64-1.txz: Upgraded. +x/mesa-17.1.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Tue May 9 23:33:37 UTC 2017 +a/elilo-3.16-x86_64-4.txz: Rebuilt. + In eliloconfig, fixed hardcoded /mnt in a few places. Thanks to alienBOB. +a/eudev-3.2.2-x86_64-2.txz: Rebuilt. + Added another watchdog module to the blacklist. Thanks to Robby Workman. +a/hdparm-9.52-x86_64-1.txz: Upgraded. +a/kernel-generic-4.9.27-x86_64-1.txz: Upgraded. +a/kernel-huge-4.9.27-x86_64-1.txz: Upgraded. +a/kernel-modules-4.9.27-x86_64-1.txz: Upgraded. +a/lzip-1.19-x86_64-1.txz: Upgraded. +a/mkinitrd-1.4.9-x86_64-2.txz: Rebuilt. + Mount devtmpfs with -o size=8M option. + Mount tmpfs on /run with -o size=32M,nodev,nosuid,noexec options. + Thanks to Robby Workman. + Fix error message when /lukstrim is missing. Thanks to _RDS_. + Add rules.d/85-regulatory.rules to LIBUDEV_BLACKLIST. Thanks to GazL. +a/sysvinit-scripts-2.0-noarch-34.txz: Rebuilt. + Cosmetic changes to make the output from "mount" and "df -h" look better: + rc.S: where "/sys/fs/cgroup" is mounted as a tmpfs, add "size=8M" to the + mount options. + rc.S: where /run is mounted, add "size=32M,nodev,nosuid,noexec" to the + mount options. + Thanks to Robby Workman. +ap/cups-filters-1.13.5-x86_64-1.txz: Upgraded. +d/kernel-headers-4.9.27-x86-1.txz: Upgraded. +k/kernel-source-4.9.27-noarch-1.txz: Upgraded. + 9P_FS_POSIX_ACL n -> y +l/at-spi2-atk-2.24.1-x86_64-1.txz: Upgraded. +l/at-spi2-core-2.24.1-x86_64-1.txz: Upgraded. +l/glib2-2.52.2-x86_64-1.txz: Upgraded. +l/libsoup-2.58.1-x86_64-1.txz: Upgraded. +n/bluez-5.45-x86_64-1.txz: Upgraded. +x/libevdev-1.5.7-x86_64-1.txz: Upgraded. +x/xdg-utils-1.1.2-noarch-1.txz: Upgraded. +x/xf86-input-libinput-0.25.1-x86_64-1.txz: Upgraded. +x/xkbcomp-1.4.0-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. + Use nosuid,nodev,noexec mount options for /dev/shm in installer-created + /etc/fstab. Thanks to Robby Workman. + Replace hardcoded /mnt with ${T_PX} in many places. Thanks to alienBOB. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. + Use nosuid,nodev,noexec mount options for /dev/shm in installer-created + /etc/fstab. Thanks to Robby Workman. + Replace hardcoded /mnt with ${T_PX} in many places. Thanks to alienBOB. ++--------------------------+ +Sat May 6 23:12:02 UTC 2017 +a/glibc-solibs-2.25-x86_64-2.txz: Rebuilt. +ap/cdrdao-1.2.3-x86_64-3.txz: Rebuilt. + Recompiled to support libmp3lame. +ap/sox-14.4.2-x86_64-4.txz: Rebuilt. + Recompiled to support libmp3lame. +d/flex-2.6.4-x86_64-1.txz: Upgraded. +kde/k3b-2.0.3-x86_64-3.txz: Rebuilt. + Patched to build with ffmpeg3 and gcc7. +l/ffmpeg-3.3-x86_64-1.txz: Upgraded. + Recompiled to support libmp3lame. +l/glibc-2.25-x86_64-2.txz: Rebuilt. + Reverted a patch that causes IFUNC errors to be emitted. +l/glibc-i18n-2.25-x86_64-2.txz: Rebuilt. +l/glibc-profile-2.25-x86_64-2.txz: Rebuilt. +l/gst-plugins-base-1.12.0-x86_64-1.txz: Upgraded. +l/gst-plugins-good-1.12.0-x86_64-1.txz: Upgraded. +l/gst-plugins-libav-1.12.0-x86_64-1.txz: Upgraded. +l/gstreamer-1.12.0-x86_64-1.txz: Upgraded. +l/lame-3.99.5-x86_64-1.txz: Added. +xap/MPlayer-1.3_20170208-x86_64-4.txz: Rebuilt. + Recompiled to support libmp3lame. +xap/audacious-plugins-3.8.2-x86_64-3.txz: Rebuilt. + Recompiled to support libmp3lame. ++--------------------------+ +Thu May 4 22:14:08 UTC 2017 +a/btrfs-progs-v4.10.2-x86_64-2.txz: Rebuilt. + Ship libbtrfs shared library. Thanks to Vincent Batts. +a/elilo-3.16-x86_64-3.txz: Rebuilt. + Patched eliloconfig to properly handle NVMe devices. + Thanks to Didier Spaier. +a/gettext-0.19.8.1-x86_64-3.txz: Rebuilt. +a/glibc-solibs-2.25-x86_64-1.txz: Upgraded. +a/kernel-firmware-20170504git-noarch-1.txz: Upgraded. +a/kernel-generic-4.9.26-x86_64-1.txz: Upgraded. +a/kernel-huge-4.9.26-x86_64-1.txz: Upgraded. +a/kernel-modules-4.9.26-x86_64-1.txz: Upgraded. +ap/nano-2.8.2-x86_64-1.txz: Upgraded. +d/flex-2.6.2-x86_64-1.txz: Upgraded. + Switched to flex-2.6.2 until there's a new release that fixes unexpected + symbol remapping macro definitions in flex-2.6.3. + See: https://github.com/westes/flex/issues/162 +d/gcc-7.1.0-x86_64-1.txz: Upgraded. +d/gcc-brig-7.1.0-x86_64-1.txz: Added. +d/gcc-g++-7.1.0-x86_64-1.txz: Upgraded. +d/gcc-gfortran-7.1.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +d/gcc-gnat-7.1.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +d/gcc-go-7.1.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +d/gcc-java-5.4.0-x86_64-1.txz: Removed. +d/gcc-objc-7.1.0-x86_64-1.txz: Upgraded. +d/gettext-tools-0.19.8.1-x86_64-3.txz: Rebuilt. +d/kernel-headers-4.9.26-x86-1.txz: Upgraded. +k/kernel-source-4.9.26-noarch-1.txz: Upgraded. +l/glibc-2.25-x86_64-1.txz: Upgraded. +l/glibc-i18n-2.25-x86_64-1.txz: Upgraded. +l/glibc-profile-2.25-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. + Patched SeTEFI and probe to fix NVMe device handling. + Thanks to Didier Spaier. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. + Patched SeTEFI and probe to fix NVMe device handling. + Thanks to Didier Spaier. +--------------------------+ -Tue Nov 4 00:05:23 UTC 2014 -ap/mariadb-5.5.40-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464 - (* Security fix *) -l/seamonkey-solibs-2.30-x86_64-1.txz: Upgraded. -n/php-5.4.34-x86_64-1.txz: Upgraded. - This update fixes bugs and security issues. - #68044 (Integer overflow in unserialize() (32-bits only)). (CVE-2014-3669) - #68113 (Heap corruption in exif_thumbnail()). (CVE-2014-3670) - #68027 (Global buffer overflow in mkgmtime() function). (CVE-2014-3668) - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668 - (* Security fix *) -xap/mozilla-firefox-33.0.2-x86_64-1.txz: Upgraded. +Mon May 1 23:31:02 UTC 2017 +a/cryptsetup-1.7.5-x86_64-1.txz: Upgraded. +l/QScintilla-2.10-x86_64-2.txz: Rebuilt. +x/dejavu-fonts-ttf-2.37-noarch-2.txz: Rebuilt. + Rename 57-* fontconfig files to 61-* to avoid overriding font preferences + in fontconfig's 60-latin.conf. +x/fontconfig-2.12.1-x86_64-2.txz: Rebuilt. + Prefer Liberation fonts in 60-latin.conf. +x/libepoxy-1.4.2-x86_64-1.txz: Upgraded. +x/liberation-fonts-ttf-2.00.1-noarch-1.txz: Upgraded. +x/mesa-17.0.5-x86_64-1.txz: Upgraded. +x/urw-core35-fonts-otf-20160712_79bcdfb_git-noarch-1.txz: Added. + These are the URW++ core35 fonts also found in the ghostscript-fonts + package, but provided in OpenType Format for programs such as + LibreOffice which no longer support PostScript Type 1 fonts. + Thanks to Jonathan Woithe. +x/wqy-zenhei-font-ttf-0.8.38_1-noarch-3.txz: Rebuilt. + Rename 44-wqy-zenhei.conf to 64-wqy-zenhei.conf to avoid overriding + font preferences in fontconfig's 60-latin.conf. + Prefer Liberation over DejaVu in 64-wqy-zenhei.conf. +xap/mozilla-thunderbird-52.1.0-x86_64-1.txz: Upgraded. +xap/rxvt-2.7.10-x86_64-5.txz: Upgraded. + Patched an integer overflow that can crash rxvt with an escape sequence, + or possibly have unspecified other impact. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7483 + (* Security fix *) ++--------------------------+ +Thu Apr 27 23:03:54 UTC 2017 +kde/pykde4-4.14.3-x86_64-5.txz: Rebuilt. + Patched to work with PyQt-4.12. Thanks to Heinz Wiesinger. +kde/qtruby-4.14.3-x86_64-6.txz: Rebuilt. + Reconfigured to compile with QScintilla-2.10. Thanks to Heinz Wiesinger. +kde/smokeqt-4.14.3-x86_64-4.txz: Rebuilt. + Reconfigured to compile with QScintilla-2.10. Thanks to Heinz Wiesinger. +l/PyQt-4.12-x86_64-1.txz: Upgraded. +l/QScintilla-2.10-x86_64-1.txz: Upgraded. + Thanks to Heinz Wiesinger. +l/freetype-2.7.1-x86_64-2.txz: Rebuilt. + Don't define anything in freetype.{csh,sh} by default, letting the new + minimal hinting method be automatically selected. Thanks to GazL. + Applied upstream patches from git that disable long family names for PCF + fonts. You'll need to run "fc-cache -f" to get the old names back. ++--------------------------+ +Wed Apr 26 23:09:45 UTC 2017 +Thanks to Robby Workman for help with these packages, especially with +preparing and testing updates to the GTK stack. :-) +a/btrfs-progs-v4.10.2-x86_64-1.txz: Upgraded. +a/grub-2.02-x86_64-1.txz: Upgraded. +a/lvm2-2.02.170-x86_64-1.txz: Upgraded. +a/xfsprogs-4.10.0-x86_64-1.txz: Upgraded. +ap/dmapi-2.2.12-x86_64-2.txz: Rebuilt. +ap/tmux-2.4-x86_64-1.txz: Upgraded. +d/swig-3.0.12-x86_64-1.txz: Upgraded. +l/adwaita-icon-theme-3.24.0-noarch-1.txz: Upgraded. +l/at-spi2-atk-2.24.0-x86_64-1.txz: Upgraded. +l/at-spi2-core-2.24.0-x86_64-1.txz: Upgraded. +l/atk-2.24.0-x86_64-1.txz: Upgraded. +l/dconf-0.26.0-x86_64-1.txz: Upgraded. +l/dconf-editor-3.22.3-x86_64-1.txz: Upgraded. +l/freetype-2.7.1-x86_64-1.txz: Upgraded. + Subpixel hinting has been enabled upstream by default, but you may adjust + this in /etc/profile.d/freetype.{csh,sh}. +l/gdk-pixbuf2-2.36.6-x86_64-1.txz: Upgraded. +l/glib-networking-2.50.0-x86_64-1.txz: Upgraded. +l/glib2-2.52.1-x86_64-1.txz: Upgraded. +l/glibmm-2.50.1-x86_64-1.txz: Upgraded. +l/gnome-themes-standard-3.22.3-x86_64-1.txz: Upgraded. +l/gobject-introspection-1.52.1-x86_64-1.txz: Upgraded. +l/gsettings-desktop-schemas-3.24.0-x86_64-1.txz: Upgraded. +l/gtk+3-3.22.12-x86_64-1.txz: Upgraded. +l/gtkmm3-3.22.0-x86_64-1.txz: Upgraded. +l/gvfs-1.32.1-x86_64-1.txz: Upgraded. +l/harfbuzz-1.4.6-x86_64-1.txz: Upgraded. +l/keyutils-1.5.10-x86_64-1.txz: Upgraded. +l/libcroco-0.6.12-x86_64-1.txz: Upgraded. +l/libgsf-1.14.41-x86_64-1.txz: Upgraded. +l/libnotify-0.7.7-x86_64-1.txz: Upgraded. +l/librsvg-2.40.17-x86_64-1.txz: Upgraded. +l/libsigc++-2.10.0-x86_64-1.txz: Upgraded. +l/libsoup-2.58.0-x86_64-1.txz: Upgraded. +l/libssh-0.7.5-x86_64-1.txz: Upgraded. +l/libssh2-1.8.0-x86_64-1.txz: Upgraded. +l/pango-1.40.5-x86_64-1.txz: Upgraded. +l/pangomm-2.40.1-x86_64-1.txz: Upgraded. +l/pygobject3-3.24.1-x86_64-1.txz: Upgraded. +l/shared-mime-info-1.7-x86_64-1.txz: Upgraded. +l/sip-4.19.2-x86_64-1.txz: Upgraded. +l/vte-0.44.3-x86_64-1.txz: Upgraded. +n/bluez-5.44-x86_64-1.txz: Upgraded. +n/iproute2-4.10.0-x86_64-1.txz: Upgraded. +x/libevdev-1.5.6-x86_64-1.txz: Upgraded. +x/xf86-video-nouveau-1.0.15-x86_64-1.txz: Upgraded. +xap/gparted-0.28.1-x86_64-1.txz: Upgraded. +xfce/garcon-0.6.0-x86_64-1.txz: Upgraded. +xfce/xfce4-pulseaudio-plugin-0.2.5-x86_64-1.txz: Upgraded. +xfce/xfce4-systemload-plugin-1.2.1-x86_64-1.txz: Upgraded. +xfce/xfce4-taskmanager-1.2.0-x86_64-1.txz: Upgraded. +xfce/xfce4-terminal-0.8.4-x86_64-1.txz: Upgraded. +xfce/xfce4-weather-plugin-0.8.9-x86_64-1.txz: Upgraded. ++--------------------------+ +Mon Apr 24 18:06:06 UTC 2017 +a/cryptsetup-1.7.4-x86_64-1.txz: Upgraded. +a/eudev-3.2.2-x86_64-1.txz: Upgraded. +a/mdadm-4.0-x86_64-1.txz: Upgraded. +ap/vim-8.0.0586-x86_64-1.txz: Upgraded. +e/emacs-25.2-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-52.1.0esr-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html + https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html (* Security fix *) -xap/seamonkey-2.30-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. +xap/vim-gvim-8.0.0586-x86_64-1.txz: Upgraded. ++--------------------------+ +Fri Apr 21 22:40:12 UTC 2017 +a/etc-14.2-x86_64-10.txz: Rebuilt. + Added user:group for NTP (UID 44/GID 44). +ap/sudo-1.8.19p2-x86_64-1.txz: Upgraded. +d/git-2.12.2-x86_64-1.txz: Upgraded. +d/mercurial-4.1.3-x86_64-1.txz: Upgraded. +l/libgphoto2-2.5.13-x86_64-1.txz: Upgraded. +n/curl-7.54.0-x86_64-1.txz: Upgraded. + This update fixes a security issue: + Switch off SSL session id when client cert is used. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html - (* Security fix *) -+--------------------------+ -Wed Oct 29 18:21:12 UTC 2014 -ap/moc-2.5.0-x86_64-1.txz: Upgraded. -n/wget-1.16-x86_64-1.txz: Upgraded. - This update fixes a symlink vulnerability that could allow an attacker - to write outside of the expected directory. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877 - (* Security fix *) -+--------------------------+ -Sat Oct 25 04:30:31 UTC 2014 -xap/gimp-2.8.14-x86_64-1.txz: Upgraded. -+--------------------------+ -Fri Oct 24 21:11:15 UTC 2014 -a/glibc-solibs-2.20-x86_64-2.txz: Rebuilt. -d/gcc-4.8.3-x86_64-2.txz: Rebuilt. - Patched bug pr61801, which caused some failures with glibc-2.20. -d/gcc-g++-4.8.3-x86_64-2.txz: Rebuilt. -d/gcc-gfortran-4.8.3-x86_64-2.txz: Rebuilt. -d/gcc-gnat-4.8.3-x86_64-2.txz: Rebuilt. -d/gcc-go-4.8.3-x86_64-2.txz: Rebuilt. -d/gcc-java-4.8.3-x86_64-2.txz: Rebuilt. -d/gcc-objc-4.8.3-x86_64-2.txz: Rebuilt. -l/glibc-2.20-x86_64-2.txz: Rebuilt. - Recompiled with patched gcc. -l/glibc-i18n-2.20-x86_64-2.txz: Rebuilt. -l/glibc-profile-2.20-x86_64-2.txz: Rebuilt. -+--------------------------+ -Fri Oct 24 04:55:44 UTC 2014 -a/glibc-solibs-2.20-x86_64-1.txz: Upgraded. -a/glibc-zoneinfo-2014i-noarch-1.txz: Upgraded. - Upgraded to tzcode2014i and tzdata2014i. -l/glibc-2.20-x86_64-1.txz: Upgraded. - This update fixes several security issues, and adds an extra security - hardening patch from Florian Weimer. Thanks to mancha for help with - tracking and backporting patches. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4424 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4412 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4237 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4788 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4458 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4043 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0475 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6040 - (* Security fix *) -l/glibc-i18n-2.20-x86_64-1.txz: Upgraded. -l/glibc-profile-2.20-x86_64-1.txz: Upgraded. -xap/pidgin-2.10.10-x86_64-1.txz: Upgraded. - This update fixes several security issues: - Insufficient SSL certificate validation (CVE-2014-3694) - Remote crash parsing malformed MXit emoticon (CVE-2014-3695) - Remote crash parsing malformed Groupwise message (CVE-2014-3696) - Malicious smiley themes could alter arbitrary files (CVE-2014-3697) - Potential information leak from XMPP (CVE-2014-3698) - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3694 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3695 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3696 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3697 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3698 - (* Security fix *) -+--------------------------+ -Tue Oct 21 02:10:33 UTC 2014 -e/emacs-24.4-x86_64-1.txz: Upgraded. -+--------------------------+ -Mon Oct 20 22:21:45 UTC 2014 -n/openssh-6.7p1-x86_64-1.txz: Upgraded. - This update fixes a security issue that allows remote servers to trigger - the skipping of SSHFP DNS RR checking by presenting an unacceptable - HostCertificate. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653 - (* Security fix *) -+--------------------------+ -Wed Oct 15 17:28:59 UTC 2014 -a/openssl-solibs-1.0.1j-x86_64-1.txz: Upgraded. - (* Security fix *) -n/openssl-1.0.1j-x86_64-1.tx: Upgraded. - This update fixes several security issues: - SRTP Memory Leak (CVE-2014-3513): - A flaw in the DTLS SRTP extension parsing code allows an attacker, who - sends a carefully crafted handshake message, to cause OpenSSL to fail - to free up to 64k of memory causing a memory leak. This could be - exploited in a Denial Of Service attack. - Session Ticket Memory Leak (CVE-2014-3567): - When an OpenSSL SSL/TLS/DTLS server receives a session ticket the - integrity of that ticket is first verified. In the event of a session - ticket integrity check failing, OpenSSL will fail to free memory - causing a memory leak. By sending a large number of invalid session - tickets an attacker could exploit this issue in a Denial Of Service - attack. - SSL 3.0 Fallback protection: - OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications - to block the ability for a MITM attacker to force a protocol - downgrade. - Some client applications (such as browsers) will reconnect using a - downgraded protocol to work around interoperability bugs in older - servers. This could be exploited by an active man-in-the-middle to - downgrade connections to SSL 3.0 even if both sides of the connection - support higher protocols. SSL 3.0 contains a number of weaknesses - including POODLE (CVE-2014-3566). - Build option no-ssl3 is incomplete (CVE-2014-3568): - When OpenSSL is configured with "no-ssl3" as a build option, servers - could accept and complete a SSL 3.0 handshake, and clients could be - configured to send them. - For more information, see: - https://www.openssl.org/news/secadv_20141015.txt - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568 - (* Security fix *) -+--------------------------+ -Tue Oct 14 23:45:01 UTC 2014 -xap/mozilla-firefox-33.0-x86_64-1.txz: Upgraded. + https://curl.haxx.se/docs/adv_20170419.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7468 + (* Security fix *) +n/dhcpcd-6.11.5-x86_64-1.txz: Upgraded. + Thanks to Robby Workman. +n/ethtool-4.10-x86_64-1.txz: Upgraded. +n/getmail-4.54.0-x86_64-1.txz: Upgraded. +n/ntp-4.2.8p10-x86_64-1.txz: Upgraded. + There were some changes made to NTP setup in -current: + First, NTP drops privileges and runs as ntp:ntp. Be sure to install the + updated etc package to get the new user and group. + Some files have been relocated: + The ntp.keys file has moved from /etc/ntp/ to /etc/. + The drift and stats files now reside in /var/lib/ntp/. + The step-tickers file has been removed. It's actually been deprecated for + a while and nothing has referenced in for quite some time. + Be sure to move the new rc.ntpd.new into place, and move over or merge + from the .new config files. + Thanks to Robby Workman for help with these changes. + In addition to bug fixes and enhancements, this release fixes security + issues of medium and low severity: + Denial of Service via Malformed Config (Medium) + Authenticated DoS via Malicious Config Option (Medium) + Potential Overflows in ctl_put() functions (Medium) + Buffer Overflow in ntpq when fetching reslist from a malicious ntpd (Medium) + 0rigin DoS (Medium) + Buffer Overflow in DPTS Clock (Low) + Improper use of snprintf() in mx4200_send() (Low) + The following issues do not apply to Linux systems: + Privileged execution of User Library code (WINDOWS PPSAPI ONLY) (Low) + Stack Buffer Overflow from Command Line (WINDOWS installer ONLY) (Low) + Data Structure terminated insufficiently (WINDOWS installer ONLY) (Low) + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6464 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6463 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6458 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6460 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9042 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6462 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6451 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6455 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6452 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6459 + (* Security fix *) +n/proftpd-1.3.6-x86_64-1.txz: Upgraded. + This release fixes a security issue: + AllowChrootSymlinks off does not check entire DefaultRoot path for symlinks. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7418 + (* Security fix *) ++--------------------------+ +Wed Apr 19 04:46:45 UTC 2017 +a/minicom-2.7.1-x86_64-1.txz: Upgraded. + Fix an out of bounds data access that can lead to remote code execution. + This issue was found by Solar Designer of Openwall during a security audit + of the Virtuozzo 7 product, which contains derived downstream code in its + prl-vzvncserver component. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7467 + (* Security fix *) +a/usb_modeswitch-2.5.0-x86_64-1.txz: Upgraded. +ap/hplip-3.17.4-x86_64-1.txz: Upgraded. +l/wavpack-5.1.0-x86_64-1.txz: Upgraded. +n/mutt-1.8.1-x86_64-1.txz: Upgraded. +testing/packages/gcc-6.3.0-x86_64-2.txz: Rebuilt. +testing/packages/gcc-g++-6.3.0-x86_64-2.txz: Rebuilt. + Move some Python files into this package instead of the gcc-java package. + Move the Python files into a more correct directory. + Thanks to Heinz Wiesinger. +testing/packages/gcc-gfortran-6.3.0-x86_64-2.txz: Rebuilt. +testing/packages/gcc-gnat-6.3.0-x86_64-2.txz: Rebuilt. +testing/packages/gcc-go-6.3.0-x86_64-2.txz: Rebuilt. +testing/packages/gcc-java-6.3.0-x86_64-2.txz: Rebuilt. + Move some Python files from this package into the gcc-g++ package. + Move the Python files into a more correct directory. + Thanks to Heinz Wiesinger. +testing/packages/gcc-objc-6.3.0-x86_64-2.txz: Rebuilt. ++--------------------------+ +Tue Apr 18 04:21:33 UTC 2017 +x/libdrm-2.4.80-x86_64-1.txz: Upgraded. +x/mesa-17.0.4-x86_64-1.txz: Upgraded. +xap/mozilla-thunderbird-52.0.1-x86_64-1.txz: Upgraded. ++--------------------------+ +Thu Apr 13 21:19:45 UTC 2017 +ap/nano-2.8.1-x86_64-1.txz: Upgraded. +n/bind-9.11.0_P5-x86_64-1.txz: Upgraded. + Fixed denial of service security issues. + For more information, see: + https://kb.isc.org/article/AA-01465 + https://kb.isc.org/article/AA-01466 + https://kb.isc.org/article/AA-01471 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3136 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3137 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3138 + (* Security fix *) +x/motif-2.3.7-x86_64-1.txz: Upgraded. +xfce/tumbler-0.1.31-x86_64-11.txz: Rebuilt. + Fixed ffmpegthumbnailer bug. Thanks to Robby Workman. ++--------------------------+ +Mon Apr 10 18:08:13 UTC 2017 +ap/bc-1.07.1-x86_64-1.txz: Upgraded. + This fixes the input_char read bug that was causing kernel builds to hang. +x/m17n-lib-1.7.0-x86_64-1.txz: Upgraded. +xap/xlockmore-5.51-x86_64-2.txz: Rebuilt. + Fixed appdefaultdir location. Thanks to Richard Narron. ++--------------------------+ +Sat Apr 8 16:24:35 UTC 2017 +a/ntfs-3g-2017.3.23-x86_64-1.txz: Upgraded. +ap/acct-6.6.3-x86_64-1.txz: Upgraded. +ap/bc-1.07-x86_64-1.txz: Upgraded. +ap/cups-2.2.3-x86_64-1.txz: Upgraded. +ap/cups-filters-1.13.4-x86_64-1.txz: Upgraded. +ap/dc3dd-7.2.646-x86_64-1.txz: Upgraded. +ap/gutenprint-5.2.12-x86_64-1.txz: Upgraded. +e/emacs-25.1-x86_64-3.txz: Rebuilt. +kde/calligra-2.9.11-x86_64-9.txz: Rebuilt. +kde/kdelibs-4.14.30-x86_64-1.txz: Upgraded. +kde/kopete-4.14.3-x86_64-3.txz: Rebuilt. +kde/krdc-4.14.3-x86_64-3.txz: Rebuilt. +kde/libkdcraw-4.14.3-x86_64-4.txz: Rebuilt. +l/LibRaw-0.18.2-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/babl-0.1.24-x86_64-1.txz: Upgraded. +l/enchant-1.6.1-x86_64-1.txz: Upgraded. +l/ffmpeg-3.2.4-x86_64-4.txz: Rebuilt. +l/gegl-0.2.0-x86_64-4.txz: Rebuilt. +l/giflib-5.1.4-x86_64-1.txz: Upgraded. +l/gvfs-1.26.3-x86_64-2.txz: Rebuilt. +l/imagemagick-6.9.8_3-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/jasper-2.0.12-x86_64-1.txz: Upgraded. + Shared library .so-version bump. + Thanks to Heinz Wiesinger. +l/libarchive-3.3.1-x86_64-1.txz: Upgraded. +l/libbluray-1.0.0-x86_64-1.txz: Added. + Built with support for BD-J menus, but without the necessary .jar + file to use it. Thanks to Heinz Wiesinger. +l/libdiscid-0.6.2-x86_64-1.txz: Upgraded. +l/libmtp-1.1.13-x86_64-1.txz: Upgraded. +l/libraw1394-2.1.2-x86_64-1.txz: Upgraded. +l/libsamplerate-0.1.9-x86_64-1.txz: Upgraded. +l/libsndfile-1.0.28-x86_64-1.txz: Upgraded. +l/libspectre-0.2.8-x86_64-1.txz: Upgraded. +l/libtiff-4.0.7-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html - (* Security fix *) -xap/mozilla-thunderbird-31.2.0-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5875 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9448 + (* Security fix *) +l/libvncserver-0.9.11-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/poppler-0.53.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/virtuoso-ose-6.1.8-x86_64-5.txz: Rebuilt. +n/openvpn-2.4.1-x86_64-1.txz: Upgraded. +x/libdrm-2.4.78-x86_64-1.txz: Upgraded. +x/libinput-1.7.0-x86_64-1.txz: Upgraded. +x/libpciaccess-0.13.5-x86_64-1.txz: Upgraded. +x/libva-1.8.0-x86_64-1.txz: Upgraded. +x/libva-intel-driver-1.7.3-x86_64-1.txz: Upgraded. +x/mesa-17.0.3-x86_64-1.txz: Upgraded. +xap/MPlayer-1.3_20170208-x86_64-3.txz: Rebuilt. +xap/gimp-2.8.20-x86_64-2.txz: Rebuilt. +xap/mozilla-thunderbird-52.0-x86_64-1.txz: Upgraded. +xap/xine-lib-1.2.8-x86_64-1.txz: Upgraded. + Thanks to Heinz Wiesinger. +xap/xlockmore-5.51-x86_64-1.txz: Upgraded. +xap/xv-3.10a-x86_64-8.txz: Rebuilt. +xfce/tumbler-0.1.31-x86_64-10.txz: Rebuilt. ++--------------------------+ +Sat Apr 1 05:16:59 UTC 2017 +ap/nano-2.8.0-x86_64-1.txz: Upgraded. +n/samba-4.6.2-x86_64-1.txz: Upgraded. + This is a bug fix release to address a regression introduced by the security + fixes for CVE-2017-2619 (Symlink race allows access outside share definition). + Please see https://bugzilla.samba.org/show_bug.cgi?id=12721 for details. ++--------------------------+ +Thu Mar 30 20:18:17 UTC 2017 +l/ffmpeg-3.2.4-x86_64-3.txz: Rebuilt. + Recompiled against libcdio-paranoia-10.2+0.94+1. +x/libwacom-0.24-x86_64-1.txz: Upgraded. +xap/MPlayer-1.3_20170208-x86_64-2.txz: Rebuilt. + Recompiled against libcdio-paranoia-10.2+0.94+1. ++--------------------------+ +Tue Mar 28 20:30:50 UTC 2017 +ap/mariadb-10.0.30-x86_64-1.txz: Upgraded. + This update fixes security issues: + Crash in libmysqlclient.so. + Difficult to exploit vulnerability allows low privileged attacker with + logon to compromise the server. Successful attacks of this vulnerability + can result in unauthorized access to data. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3302 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3313 + (* Security fix *) +d/pkg-config-0.29.2-x86_64-1.txz: Upgraded. +l/libcdio-paranoia-10.2+0.94+1-x86_64-1.txz: Upgraded. +n/openssh-7.5p1-x86_64-1.txz: Upgraded. + This release deprecates the sshd_config UsePrivilegeSeparation option, + thereby making privilege separation mandatory. Note that privilege + separation has been on by default for almost 15 years and sandboxing + has been on by default for almost the last five, so this shouldn't + change anything for most users. +xap/mozilla-firefox-52.0.2-x86_64-1.txz: Upgraded. + This is a bugfix release. +xfce/xfce4-notifyd-0.3.6-x86_64-1.txz: Upgraded. ++--------------------------+ +Thu Mar 23 21:38:23 UTC 2017 +a/glibc-zoneinfo-2017b-noarch-1.txz: Upgraded. +a/libgudev-231-x86_64-1.txz: Upgraded. +a/lilo-24.2-x86_64-4.txz: Rebuilt. + Issue a warning rather than a fatal error for colons in /dev/disk/by-id/ + device names. Thanks to alex14641 on LQ. +d/cmake-3.7.2-x86_64-1.txz: Upgraded. +d/ruby-2.4.1-x86_64-1.txz: Upgraded. +n/mcabber-1.0.5-x86_64-1.txz: Upgraded. + This update fixes a security issue: + An incorrect implementation of XEP-0280: Message Carbons in multiple XMPP + clients allows a remote attacker to impersonate any user, including + contacts, in the vulnerable application's display. This allows for various + kinds of social engineering attacks. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5604 (* Security fix *) -+--------------------------+ -Sun Oct 5 00:38:31 UTC 2014 -a/elilo-3.16-x86_64-1.txz: Upgraded. - Thanks to fsLeg for the extra bit of sed that was needed to build the - latest version. -+--------------------------+ -Mon Sep 29 18:41:23 UTC 2014 -a/bash-4.3.027-x86_64-1.txz: Upgraded. - Another bash update. Here's some information included with the patch: - "This patch changes the encoding bash uses for exported functions to avoid - clashes with shell variables and to avoid depending only on an environment - variable's contents to determine whether or not to interpret it as a shell - function." - After this update, an environment variable will not go through the parser - unless it follows this naming structure: BASH_FUNC_*%% - Most scripts never expected to import functions from environment variables, - so this change (although not backwards compatible) is not likely to break - many existing scripts. It will, however, close off access to the parser as - an attack surface in the vast majority of cases. There's already another - vulnerability similar to CVE-2014-6271 for which there is not yet a fix, - but this hardening patch prevents it (and likely many more similar ones). - Thanks to Florian Weimer and Chet Ramey. - (* Security fix *) -+--------------------------+ -Sun Sep 28 23:07:39 UTC 2014 -l/seamonkey-solibs-2.29.1-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-32.0.3-x86_64-1.txz: Upgraded. +n/samba-4.6.1-x86_64-1.txz: Upgraded. + This update fixes a security issue: + All versions of Samba prior to 4.6.1, 4.5.7, 4.4.12 are vulnerable to + a malicious client using a symlink race to allow access to areas of + the server file system not exported under the share definition. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2619 + (* Security fix *) ++--------------------------+ +Tue Mar 21 21:42:52 UTC 2017 +a/dbus-1.10.16-x86_64-1.txz: Upgraded. +a/file-5.30-x86_64-1.txz: Upgraded. +a/pciutils-3.5.4-x86_64-1.txz: Upgraded. +l/gst-plugins-base-1.10.4-x86_64-1.txz: Upgraded. +l/gst-plugins-good-1.10.4-x86_64-1.txz: Upgraded. +l/gst-plugins-libav-1.10.4-x86_64-1.txz: Upgraded. +l/gstreamer-1.10.4-x86_64-1.txz: Upgraded. +l/libpng-1.6.29-x86_64-1.txz: Upgraded. +l/libusb-1.0.21-x86_64-1.txz: Upgraded. +l/zlib-1.2.11-x86_64-1.txz: Upgraded. +n/alpine-2.21-x86_64-1.txz: Upgraded. +n/imapd-2.21-x86_64-1.txz: Upgraded. +x/dejavu-fonts-ttf-2.37-noarch-1.txz: Upgraded. +xfce/Thunar-1.6.11-x86_64-1.txz: Upgraded. ++--------------------------+ +Mon Mar 20 20:43:14 UTC 2017 +a/e2fsprogs-1.43.4-x86_64-1.txz: Upgraded. +a/mkinitrd-1.4.9-x86_64-1.txz: Upgraded. + Support FSTRIM on LUKS devices unlocked at boot. Note that the expected name + of a root LUKS device has changed -- please see the revised README_CRYPT.TXT. + Thanks to Mason Loring Bliss for the initial patch, and Robby Workman + for a few adjustments and documentation. +a/udisks2-2.1.8-x86_64-1.txz: Upgraded. +ap/man-pages-4.10-noarch-1.txz: Upgraded. +n/gnutls-3.5.10-x86_64-1.txz: Upgraded. +n/mobile-broadband-provider-info-20170310-x86_64-1.txz: Upgraded. +x/libpthread-stubs-0.4-noarch-1.txz: Upgraded. +x/mesa-17.0.2-x86_64-1.txz: Upgraded. +x/xf86-video-amdgpu-1.3.0-x86_64-1.txz: Upgraded. +x/xf86-video-ati-7.9.0-x86_64-1.txz: Upgraded. +xap/audacious-plugins-3.8.2-x86_64-2.txz: Rebuilt. + Added ffmpeg support. Thanks to franzen. +xap/windowmaker-0.95.8-x86_64-1.txz: Upgraded. ++--------------------------+ +Sun Mar 19 05:27:13 UTC 2017 +l/SDL2-2.0.5-x86_64-1.txz: Added. +l/SDL2_gfx-1.0.3-x86_64-1.txz: Added. +l/SDL2_image-2.0.1-x86_64-1.txz: Added. +l/SDL2_mixer-2.0.1-x86_64-1.txz: Added. +l/SDL2_net-2.0.1-x86_64-1.txz: Added. +l/SDL2_ttf-2.0.14-x86_64-1.txz: Added. +l/ffmpeg-3.2.4-x86_64-2.txz: Rebuilt. + The package now includes ffplay, which required the SDL2 libraries. +xap/audacious-3.8.2-x86_64-1.txz: Upgraded. +xap/audacious-plugins-3.8.2-x86_64-1.txz: Upgraded. ++--------------------------+ +Sat Mar 18 00:30:40 UTC 2017 +xap/mozilla-firefox-52.0.1-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html - (* Security fix *) -xap/mozilla-thunderbird-31.1.2-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. + https://www.mozilla.org/security/known-vulnerabilities/firefox.html + (* Security fix *) ++--------------------------+ +Fri Mar 17 21:21:21 UTC 2017 +a/mlocate-0.26-x86_64-1.txz: Added. + This replaces slocate as the system locate/updatedb utilities. + In tests here, mlocate was about 20% faster than slocate at creating a + new database. When updating an existing database, it was many times + faster. On my machine, the nightly database update took about 5 minutes + with slocate, but only a few seconds with mlocate. + I might miss (slightly) the heavy drive activity at 04:40 that would let + me know that it was time for bed. ;-) + Be sure to move the new /etc/updatedb.conf into place when installing + this package. +a/slocate-3.1-x86_64-4.txz: Removed. +xfce/xfwm4-4.12.4-x86_64-1.txz: Upgraded. ++--------------------------+ +Thu Mar 16 01:37:05 UTC 2017 +ap/jove-4.16.0.73-x86_64-3.txz: Rebuilt. + Ensure that the teach-jove file is installed. Thanks to bassmadrigal. +d/llvm-4.0.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/gdbm-1.13-x86_64-1.txz: Upgraded. +n/irssi-1.0.2-x86_64-1.txz: Upgraded. +x/mesa-17.0.1-x86_64-2.txz: Rebuilt. + Recompiled against libLLVM-4.0.so. +x/xf86-input-libinput-0.25.0-x86_64-1.txz: Upgraded. +x/xf86-video-intel-git_20170313_7e9e92c8-x86_64-1.txz: Upgraded. +x/xf86-video-nouveau-1.0.14-x86_64-1.txz: Upgraded. +x/xf86-video-vmware-13.2.1-x86_64-3.txz: Rebuilt. + Recompiled against libLLVM-4.0.so. +x/xorg-server-1.19.3-x86_64-1.txz: Upgraded. +x/xorg-server-xephyr-1.19.3-x86_64-1.txz: Upgraded. +x/xorg-server-xnest-1.19.3-x86_64-1.txz: Upgraded. +x/xorg-server-xvfb-1.19.3-x86_64-1.txz: Upgraded. +xap/pidgin-2.12.0-x86_64-1.txz: Upgraded. + This update fixes a minor security issue (out of bounds memory read in + purple_markup_unescape_entity). + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2640 + (* Security fix *) ++--------------------------+ +Fri Mar 10 05:41:05 UTC 2017 +a/coreutils-8.27-x86_64-1.txz: Upgraded. +ap/mc-4.8.19-x86_64-1.txz: Upgraded. +l/harfbuzz-1.4.4-x86_64-1.txz: Upgraded. +x/libepoxy-1.4.1-x86_64-1.txz: Upgraded. +x/libinput-1.6.3-x86_64-1.txz: Upgraded. +x/mesa-17.0.1-x86_64-1.txz: Upgraded. +x/motif-2.3.6-x86_64-1.txz: Upgraded. +xap/gimp-2.8.20-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-52.0-x86_64-2.txz: Rebuilt. + Recompiled with --enable-alsa option. Without this, there is no fallback + support for ALSA if PulseAudio is not present. Thanks to Ivan Kalvatchev. +xap/network-manager-applet-1.4.6-x86_64-1.txz: Upgraded. ++--------------------------+ +Wed Mar 8 00:17:36 UTC 2017 +a/kmod-24-x86_64-1.txz: Upgraded. +d/binutils-2.28-x86_64-1.txz: Upgraded. +d/oprofile-1.1.0-x86_64-3.txz: Rebuilt. + Recompiled against new libbfd from binutils-2.28. +l/ffmpeg-3.2.4-x86_64-1.txz: Upgraded. + Autodetect more optional dependencies in the build script. + Thanks to Heinz Wiesinger. +x/libX11-1.6.5-x86_64-1.txz: Upgraded. +x/libXi-1.7.9-x86_64-1.txz: Upgraded. +x/presentproto-1.1-x86_64-1.txz: Upgraded. +x/sessreg-1.1.1-x86_64-1.txz: Upgraded. +x/util-macros-1.19.1-noarch-1.txz: Upgraded. +x/xauth-1.0.10-x86_64-1.txz: Upgraded. +x/xconsole-1.0.7-x86_64-1.txz: Upgraded. +x/xf86-input-evdev-2.10.5-x86_64-1.txz: Upgraded. +x/xf86-input-libinput-0.24.0-x86_64-1.txz: Upgraded. +x/xf86-video-chips-1.2.7-x86_64-1.txz: Added. +x/xf86-video-glint-1.2.9-x86_64-1.txz: Added. +x/xf86-video-i740-1.3.6-x86_64-1.txz: Added. +x/xf86-video-intel-git_20170228_78d7a09b-x86_64-1.txz: Upgraded. +x/xf86-video-mga-1.6.5-x86_64-1.txz: Added. +x/xf86-video-nv-2.1.21-x86_64-1.txz: Added. +x/xf86-video-openchrome-0.6.0-x86_64-1.txz: Upgraded. +x/xf86-video-r128-6.10.2-x86_64-1.txz: Added. +x/xf86-video-savage-2.3.9-x86_64-1.txz: Added. +x/xf86-video-siliconmotion-1.7.9-x86_64-1.txz: Added. +x/xf86-video-sis-0.10.9-x86_64-1.txz: Added. +x/xf86-video-sisusb-0.9.7-x86_64-1.txz: Upgraded. +x/xf86-video-tdfx-1.4.7-x86_64-1.txz: Added. +x/xf86-video-trident-1.3.8-x86_64-1.txz: Added. +x/xorg-server-1.19.2-x86_64-1.txz: Upgraded. +x/xorg-server-xephyr-1.19.2-x86_64-1.txz: Upgraded. +x/xorg-server-xnest-1.19.2-x86_64-1.txz: Upgraded. +x/xorg-server-xvfb-1.19.2-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-52.0-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html + https://www.mozilla.org/security/known-vulnerabilities/firefox.html (* Security fix *) -xap/seamonkey-2.29.1-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. +xap/mozilla-thunderbird-45.8.0-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html - (* Security fix *) -+--------------------------+ -Fri Sep 26 22:23:32 UTC 2014 -a/bash-4.3.026-x86_64-1.txz: Upgraded. - This is essentially a rebuild as the preliminary patch for CVE-2014-7169 - has been accepted by upstream and is now signed. This also bumps the - patchlevel, making it easy to tell this is the fixed version. - Possibly more changes to come, given the ongoing discussions on oss-sec. -+--------------------------+ -Thu Sep 25 19:55:13 UTC 2014 -a/bash-4.3.025-x86_64-2.txz: Rebuilt. - Patched an additional trailing string processing vulnerability discovered - by Tavis Ormandy. + https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html + (* Security fix *) ++--------------------------+ +Tue Feb 28 23:51:55 UTC 2017 +a/coreutils-8.26-x86_64-2.txz: Rebuilt. + Added a few more file extensions to /etc/DIR_COLORS, including .lz. +a/ed-1.14.2-x86_64-1.txz: Upgraded. +a/etc-14.2-x86_64-9.txz: Rebuilt. + Added cgred group to /etc/group.new. (cgred:x:41:) +a/glibc-zoneinfo-2017a-noarch-1.txz: Upgraded. +a/libcgroup-0.41-x86_64-2.txz: Rebuilt. + Fixed rc.cgred to source the correct config file. + Changed /usr/bin/cgexec from setuid root to setgid cgred. + Don't remove the entire cgroup file system with "rc.cgconfig stop". + Thanks to chris.willing. +a/shadow-4.2.1-x86_64-2.txz: Rebuilt. + Patched a potential security issue that allows any local user to send + SIGKILL to other processes with root privileges. Note that Slackware + is not vulnerable since the bug only affects systems that use PAM. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616 + (* Security fix *) +a/util-linux-2.29.2-x86_64-1.txz: Upgraded. + This update fixes a potential security issue that allows any local user + to send SIGKILL to other processes with root privileges. Note that + Slackware is not vulnerable since we do not use /bin/su from util-linux, + and the bug only affects systems that use PAM. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616 + (* Security fix *) +ap/nano-2.7.5-x86_64-1.txz: Upgraded. +ap/screen-4.5.1-x86_64-1.txz: Upgraded. +d/guile-2.0.14-x86_64-1.txz: Upgraded. +l/cairo-1.14.8-x86_64-1.txz: Upgraded. +l/fftw-3.3.6_pl1-x86_64-1.txz: Upgraded. +l/libimobiledevice-1.2.0-x86_64-2.txz: Rebuilt. + Patched to fix mounting iOS 10 devices. Thanks to qunying. +l/libsigsegv-2.11-x86_64-1.txz: Upgraded. +n/ModemManager-1.6.4-x86_64-1.txz: Upgraded. +n/NetworkManager-1.6.2-x86_64-1.txz: Upgraded. +n/curl-7.53.1-x86_64-1.txz: Upgraded. + Fixes SSL_VERIFYSTATUS ignored security issue. + (Issue only existed in Slackware -current, not in any -stable releases) + For more information, see: + https://curl.haxx.se/docs/adv_20170222.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2629 + (* Security fix *) +n/libmbim-1.14.0-x86_64-1.txz: Upgraded. +n/libqmi-1.16.2-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +xap/windowmaker-0.95.7-x86_64-3.txz: Rebuilt. + Disabled overly verbose logging of warnings to syslog. Thanks to B Watson. ++--------------------------+ +Mon Feb 13 06:21:22 UTC 2017 +a/grep-3.0-x86_64-1.txz: Upgraded. +l/gst-plugins-libav-1.10.3-x86_64-1.txz: Added. + Thanks to alienBOB. +n/wget-1.19.1-x86_64-1.txz: Upgraded. ++--------------------------+ +Fri Feb 10 21:07:35 UTC 2017 +a/aaa_elflibs-14.2-x86_64-28.txz: Rebuilt. +a/grep-2.28-x86_64-1.txz: Upgraded. +a/hdparm-9.51-x86_64-1.txz: Upgraded. +a/openssl-solibs-1.0.2k-x86_64-1.txz: Upgraded. +a/sed-4.4-x86_64-1.txz: Upgraded. +a/util-linux-2.29.1-x86_64-1.txz: Upgraded. +ap/ddrescue-1.22-x86_64-1.txz: Upgraded. +ap/flac-1.3.2-x86_64-1.txz: Upgraded. +ap/sqlite-3.16.2-x86_64-1.txz: Upgraded. +ap/tmux-2.3-x86_64-2.txz: Rebuilt. + Recompiled against libevent-2.1.8. +d/llvm-3.9.1-x86_64-1.txz: Upgraded. + Shared library .so-version bump. + Added support for lldb and openmp to the package. + Thanks to Heinz Wiesinger. +d/opencl-headers-2.1-noarch-1.txz: Added. +d/scons-2.5.1-x86_64-1.txz: Upgraded. +l/ffmpeg-3.2.3-x86_64-1.txz: Added. + Thanks to Heinz Wiesinger. +l/gmime-2.6.23-x86_64-1.txz: Upgraded. +l/gst-plugins-base-1.10.3-x86_64-1.txz: Upgraded. +l/gst-plugins-good-1.10.3-x86_64-1.txz: Upgraded. +l/gstreamer-1.10.3-x86_64-1.txz: Upgraded. +l/json-c-0.12-x86_64-1.txz: Removed. + This had been a required dep for PulseAudio, but has become optional. Since + being added to Slackware, a few other packages had begun to use it + (NetworkManager, BIND), but it's not really critical there either so we're + removing it from the main tree. If you require json-c for something, it is + expected that SBo will be picking it up. +l/libclc-20160921_520743b-x86_64-1.txz: Added. + This is needed by Mesa. +l/libedit-20160903_3.1-x86_64-1.txz: Added. + This is needed by lldb. +l/libevent-2.1.8-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/libjpeg-turbo-1.5.1-x86_64-1.txz: Upgraded. +l/libnl3-3.2.29-x86_64-1.txz: Upgraded. +l/libpcap-1.8.1-x86_64-1.txz: Upgraded. +l/libvpx-1.6.1-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/libzip-1.1.3-x86_64-1.txz: Upgraded. +l/ocl-icd-2.2.11-x86_64-1.txz: Added. +l/openjpeg-2.1.2-x86_64-1.txz: Upgraded. +l/pulseaudio-10.0-x86_64-1.txz: Upgraded. +l/python-six-1.10.0-x86_64-1.txz: Added. + This is needed by lldb. +l/rasqal-0.9.33-x86_64-1.txz: Upgraded. +l/redland-1.0.17-x86_64-1.txz: Upgraded. +l/serf-1.3.9-x86_64-1.txz: Upgraded. +n/NetworkManager-1.6.0-x86_64-1.txz: Upgraded. +n/bind-9.11.0_P3-x86_64-1.txz: Upgraded. + This update fixes a denial-of-service vulnerability. Under some conditions + when using both DNS64 and RPZ to rewrite query responses, query processing + can resume in an inconsistent state leading to either an INSIST assertion + failure or an attempt to read through a NULL pointer. + For more information, see: + https://kb.isc.org/article/AA-01453 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3135 + (* Security fix *) +n/iproute2-4.9.0-x86_64-1.txz: Upgraded. +n/iptables-1.6.1-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +n/links-2.14-x86_64-2.txz: Rebuilt. + Recompiled against libevent-2.1.8. +n/mutt-1.7.2-x86_64-2.txz: Rebuilt. + Recompiled with --enable-sidebar option. Thanks to Corrado Franco. +n/nftables-0.7-x86_64-2.txz: Rebuilt. + Recompiled against iptables-1.6.1. Added libxtables support. +n/ntp-4.2.8p9-x86_64-3.txz: Rebuilt. + Recompiled against libevent-2.1.8. +n/openssl-1.0.2k-x86_64-1.txz: Upgraded. + This update fixes security issues: + Truncated packet could crash via OOB read (CVE-2017-3731) + BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732) + Montgomery multiplication may produce incorrect results (CVE-2016-7055) + For more information, see: + https://www.openssl.org/news/secadv/20170126.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3731 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3732 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7055 + (* Security fix *) +n/php-5.6.30-x86_64-1.txz: Upgraded. + This release fixes bugs and security issues. For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169 - (* Security fix *) -ap/lxc-1.0.6-x86_64-1.txz: Upgraded. - Fixed bash completion file. Thanks to dunric. -+--------------------------+ -Wed Sep 24 22:52:53 UTC 2014 -a/bash-4.3.025-x86_64-1.txz: Upgraded. - This update fixes a vulnerability in bash related to how environment - variables are processed: trailing code in function definitions was - executed, independent of the variable name. In many common configurations - (such as the use of CGI scripts), this vulnerability is exploitable over - the network. Thanks to Stephane Chazelas for discovering this issue. + https://php.net/ChangeLog-5.php#5.6.30 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10158 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10159 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10160 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10161 + (* Security fix *) +n/samba-4.5.5-x86_64-1.txz: Upgraded. +n/tcpdump-4.9.0-x86_64-1.txz: Upgraded. + Fixed bugs which allow an attacker to crash tcpdump (denial of service). + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7922 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7923 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7924 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7925 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7926 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7927 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7928 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7929 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7930 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7931 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7932 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7933 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7934 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7935 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7936 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7937 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7938 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7939 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7940 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7973 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7974 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7975 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7983 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7984 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7985 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7986 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7992 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7993 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8574 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8575 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5202 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5203 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5204 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5205 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5341 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5342 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5482 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5483 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5484 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5485 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5486 + (* Security fix *) +n/wget-1.19-x86_64-1.txz: Upgraded. +n/zd1211-firmware-1.5-fw-1.txz: Upgraded. +x/fontconfig-2.12.1-x86_64-1.txz: Upgraded. + Thanks to Robby Workman. +x/libdrm-2.4.75-x86_64-1.txz: Upgraded. +x/libinput-1.6.0-x86_64-1.txz: Upgraded. +x/mesa-13.0.4-x86_64-1.txz: Upgraded. +x/xf86-video-vmware-13.2.1-x86_64-2.txz: Rebuilt. + Recompiled against llvm-3.9.1. +xap/MPlayer-1.3_20170208-x86_64-1.txz: Upgraded. + Upgraded to 1.3 branch, compiled against system ffmpeg-3.2.3. + Thanks to Heinz Wiesinger. +xap/mozilla-thunderbird-45.7.1-x86_64-1.txz: Upgraded. + Fixed crash when viewing certain IMAP messages (introduced in 45.7.0) +xap/network-manager-applet-1.4.4-x86_64-1.txz: Upgraded. +xap/xine-lib-1.2.6-x86_64-10.txz: Rebuilt. + Recompiled against system ffmpeg-3.2.3. ++--------------------------+ +Thu Jan 26 21:33:41 UTC 2017 +xap/mozilla-firefox-51.0.1-x86_64-1.txz: Upgraded. + Fixed geolocation problems with Firefox 51.0. +xap/mozilla-thunderbird-45.7.0-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. For more information, see: - http://seclists.org/oss-sec/2014/q3/650 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271 - (* Security fix *) -l/mozilla-nss-3.16.5-x86_64-1.txz: Upgraded. - Fixed an RSA Signature Forgery vulnerability. + https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373 + (* Security fix *) ++--------------------------+ +Mon Jan 23 21:30:13 UTC 2017 +d/gdb-7.12.1-x86_64-1.txz: Upgraded. +xap/fvwm-2.6.7-x86_64-3.txz: Rebuilt. + Fixed the broken symlinks in a better way. Thanks to GazL for the patch. +xap/mozilla-firefox-51.0-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. For more information, see: - https://www.mozilla.org/security/announce/2014/mfsa2014-73.html - (* Security fix *) -+--------------------------+ -Tue Sep 9 22:48:58 UTC 2014 -a/btrfs-progs-20140909-x86_64-1.txz: Upgraded. -n/net-snmp-5.7.2.1-x86_64-1.txz: Upgraded. - Patched to properly report Btrfs mounts in hrFS/hrStorage tables. - Thanks to Jakub Jankowski. -+--------------------------+ -Tue Sep 9 18:01:05 UTC 2014 -a/kernel-firmware-20140909git-noarch-1.txz: Upgraded. -a/kernel-generic-3.14.18-x86_64-1.txz: Upgraded. -a/kernel-huge-3.14.18-x86_64-1.txz: Upgraded. -a/kernel-modules-3.14.18-x86_64-1.txz: Upgraded. -d/kernel-headers-3.14.18-x86-1.txz: Upgraded. -k/kernel-source-3.14.18-noarch-1.txz: Upgraded. -l/seamonkey-solibs-2.29-x86_64-1.txz: Upgraded. -xap/rdesktop-1.8.2-x86_64-1.txz: Upgraded. -xap/seamonkey-2.29-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - (* Security fix *) -isolinux/initrd.img: Rebuilt. - Use syslinux-nomtools on the installer. Thanks to Didier Spaier. -kernels/*: Upgraded. -usb-and-pxe-installers/usbboot.img: Rebuilt. - Use syslinux-nomtools on the installer. Thanks to Didier Spaier. + https://www.mozilla.org/security/known-vulnerabilities/firefox.html + (* Security fix *) ++--------------------------+ +Fri Jan 20 04:18:02 UTC 2017 +l/seamonkey-solibs-2.46-x86_64-3.txz: Rebuilt. +xap/fvwm-2.6.7-x86_64-2.txz: Rebuilt. + Reverted an upstream patch that causes some broken symlinks to be installed. + Thanks to GazL. +xap/seamonkey-2.46-x86_64-3.txz: Rebuilt. + Recompiled with less aggressive optimization (-Os) to fix crashes. ++--------------------------+ +Wed Jan 18 20:39:17 UTC 2017 +ap/mariadb-10.0.29-x86_64-1.txz: Upgraded. + This update fixes several security issues. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6664 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3238 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3243 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3244 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3257 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3258 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3265 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3291 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3312 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3317 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3318 + (* Security fix *) ++--------------------------+ +Wed Jan 18 02:33:18 UTC 2017 +a/cryptsetup-1.7.3-x86_64-2.txz: Rebuilt. + Recompiled with --enable-cryptsetup-reencrypt option. + Thanks to Jakub Jankowski for the suggestion. +ap/screen-4.5.0-x86_64-1.txz: Upgraded. +l/libtasn1-4.10-x86_64-1.txz: Upgraded. +l/seamonkey-solibs-2.46-x86_64-2.txz: Rebuilt. +x/libinput-1.5.4-x86_64-1.txz: Added. +x/libwacom-0.22-x86_64-1.txz: Added. + This is needed for libinput. +x/xf86-input-libinput-0.23.0-x86_64-1.txz: Added. + This is the new generic X.Org input driver which replaces evdev for most + purposes. It does not (for now) replace xf86-input-synaptics or + xf86-input-vmmouse. If this driver package is missing then X will fall + back to using xf86-input-evdev as before. + Thanks to Robby Workman. +x/xorg-server-1.19.1-x86_64-2.txz: Rebuilt. + Rename 90-keyboard-layout.conf to 90-keyboard-layout-evdev.conf. +x/xorg-server-xephyr-1.19.1-x86_64-2.txz: Rebuilt. +x/xorg-server-xnest-1.19.1-x86_64-2.txz: Rebuilt. +x/xorg-server-xvfb-1.19.1-x86_64-2.txz: Rebuilt. +xap/seamonkey-2.46-x86_64-2.txz: Rebuilt. + Restored missing nspr/obsolete headers. ++--------------------------+ +Sat Jan 14 05:34:32 UTC 2017 +a/util-linux-2.29-x86_64-2.txz: Rebuilt. + Restored support for /etc/mtab. +n/iw-4.9-x86_64-1.txz: Upgraded. +x/scim-1.4.17-x86_64-1.txz: Upgraded. +extra/tigervnc/tigervnc-1.7.0-x86_64-2.txz: Rebuilt. + Recompiled for xorg-server-1.19.1. ++--------------------------+ +Fri Jan 13 01:10:05 UTC 2017 +a/grub-2.02_beta3-x86_64-2.txz: Rebuilt. + Make the package version number more sane. ++--------------------------+ +Thu Jan 12 21:07:23 UTC 2017 +ap/cups-filters-1.13.2-x86_64-1.txz: Upgraded. +ap/nano-2.7.4-x86_64-2.txz: Rebuilt. + Fixed /etc/nanorc.new. Thanks to SeB. +kde/calligra-2.9.11-x86_64-8.txz: Rebuilt. +l/poppler-0.50.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +xfce/tumbler-0.1.31-x86_64-9.txz: Rebuilt. ++--------------------------+ +Thu Jan 12 01:15:52 UTC 2017 +a/aaa_elflibs-14.2-x86_64-27.txz: Rebuilt. + Upgraded libcap.so.2.25, liblzma.so.5.2.3, and libz.so.1.2.10. +a/bash-4.4.005-x86_64-2.txz: Rebuilt. +a/dialog-1.3_20160828-x86_64-1.txz: Upgraded. +a/ed-1.14.1-x86_64-1.txz: Upgraded. +a/elvis-2.2_0-x86_64-3.txz: Rebuilt. +a/file-5.29-x86_64-1.txz: Upgraded. +a/gawk-4.1.4-x86_64-2.txz: Rebuilt. +a/gettext-0.19.8.1-x86_64-2.txz: Rebuilt. +a/getty-ps-2.1.0b-x86_64-3.txz: Rebuilt. +a/gpm-1.20.7-x86_64-4.txz: Rebuilt. +a/gptfdisk-1.0.1-x86_64-1.txz: Upgraded. +a/grub-2.02~beta3-x86_64-1.txz: Upgraded. + Thanks to Heinz Wiesinger. + Thanks to ReaperX7 for the updated dejavusansmono patch. +a/hwdata-0.291-noarch-1.txz: Upgraded. +a/less-481-x86_64-2.txz: Rebuilt. +a/minicom-2.7-x86_64-1.txz: Upgraded. +a/procps-ng-3.3.12-x86_64-1.txz: Upgraded. +a/sed-4.3-x86_64-1.txz: Upgraded. +a/splitvt-1.6.6-x86_64-1.txz: Upgraded. +a/tcsh-6.20.00-x86_64-1.txz: Upgraded. +a/util-linux-2.29-x86_64-1.txz: Upgraded. +a/xfsprogs-4.8.0-x86_64-1.txz: Upgraded. +a/xz-5.2.3-x86_64-1.txz: Upgraded. +ap/alsa-utils-1.1.3-x86_64-1.txz: Upgraded. +ap/bc-1.06.95-x86_64-4.txz: Rebuilt. +ap/bpe-2.01.00-x86_64-3.txz: Rebuilt. +ap/ghostscript-9.20-x86_64-2.txz: Rebuilt. + Restored /usr/bin/ijs-config. +ap/gphoto2-2.5.11-x86_64-1.txz: Upgraded. +ap/gutenprint-5.2.11-x86_64-3.txz: Rebuilt. +ap/htop-2.0.2-x86_64-1.txz: Upgraded. +ap/ispell-3.4.00-x86_64-1.txz: Upgraded. +ap/joe-4.3-x86_64-1.txz: Upgraded. +ap/jove-4.16.0.73-x86_64-2.txz: Rebuilt. +ap/mariadb-10.0.28-x86_64-2.txz: Rebuilt. +ap/mc-4.8.18-x86_64-1.txz: Upgraded. +ap/moc-2.5.2-x86_64-1.txz: Upgraded. +ap/nano-2.7.4-x86_64-1.txz: Upgraded. +ap/pamixer-1.3.1-x86_64-3.txz: Rebuilt. +ap/powertop-2.8-x86_64-2.txz: Rebuilt. +ap/sc-7.16-x86_64-5.txz: Rebuilt. +ap/screen-4.4.0-x86_64-3.txz: Rebuilt. +ap/sqlite-3.16.1-x86_64-1.txz: Upgraded. +ap/texinfo-6.3-x86_64-2.txz: Rebuilt. +ap/vim-8.0.0161-x86_64-1.txz: Upgraded. +ap/xfsdump-3.1.6-x86_64-2.txz: Rebuilt. +ap/zsh-5.3.1-x86_64-1.txz: Upgraded. +d/clisp-2.49.20161111-x86_64-1.txz: Upgraded. +d/cmake-3.7.1-x86_64-1.txz: Upgraded. +d/cscope-15.8b-x86_64-2.txz: Rebuilt. +d/flex-2.6.3-x86_64-1.txz: Upgraded. +d/gdb-7.12-x86_64-2.txz: Rebuilt. +d/gettext-tools-0.19.8.1-x86_64-2.txz: Rebuilt. +d/gnu-cobol-1.1-x86_64-2.txz: Rebuilt. +d/gperf-3.1-x86_64-1.txz: Upgraded. +d/guile-2.0.13-x86_64-2.txz: Rebuilt. +d/m4-1.4.18-x86_64-1.txz: Upgraded. +d/make-4.2.1-x86_64-1.txz: Upgraded. +d/perl-5.24.0-x86_64-1.txz: Upgraded. + Also upgraded to DBD-mysql-4.041 and TermReadKey-2.37. +d/ruby-2.4.0-x86_64-1.txz: Upgraded. +d/subversion-1.9.5-x86_64-1.txz: Upgraded. +e/emacs-25.1-x86_64-2.txz: Rebuilt. +kde/analitza-4.14.3-x86_64-3.txz: Rebuilt. +kde/calligra-2.9.11-x86_64-7.txz: Rebuilt. +kde/kdelibs-4.14.27-x86_64-1.txz: Upgraded. +kde/kig-4.14.3-x86_64-5.txz: Rebuilt. +kde/korundum-4.14.3-x86_64-4.txz: Rebuilt. +kde/lokalize-4.14.3-x86_64-3.txz: Rebuilt. +kde/perlkde-4.14.3-x86_64-3.txz: Rebuilt. +kde/perlqt-4.14.3-x86_64-3.txz: Rebuilt. +kde/qtruby-4.14.3-x86_64-5.txz: Rebuilt. +l/akonadi-1.13.0-x86_64-4.txz: Rebuilt. +l/alsa-lib-1.1.3-x86_64-1.txz: Upgraded. +l/aspell-0.60.6.1-x86_64-2.txz: Rebuilt. +l/boost-1.63.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/enchant-1.6.0-x86_64-2.txz: Rebuilt. +l/hunspell-1.6.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/libcaca-0.99.beta19-x86_64-1.txz: Upgraded. +l/libcap-2.25-x86_64-1.txz: Upgraded. +l/libcdio-0.94-x86_64-2.txz: Rebuilt. +l/libgphoto2-2.5.11-x86_64-1.txz: Upgraded. +l/libnjb-2.2.7-x86_64-1.txz: Upgraded. +l/libproxy-0.4.13-x86_64-1.txz: Upgraded. +l/parted-3.2-x86_64-3.txz: Rebuilt. +l/pilot-link-0.12.5-x86_64-12.txz: Rebuilt. +l/taglib-1.11.1-x86_64-1.txz: Upgraded. +l/virtuoso-ose-6.1.8-x86_64-4.txz: Rebuilt. +l/vte-0.28.2-x86_64-5.txz: Rebuilt. +l/wavpack-5.0.0-x86_64-1.txz: Upgraded. +l/zlib-1.2.10-x86_64-1.txz: Upgraded. +n/NetworkManager-1.2.6-x86_64-2.txz: Rebuilt. +n/alpine-2.20-x86_64-3.txz: Rebuilt. +n/bind-9.11.0_P2-x86_64-1.txz: Upgraded. + This update fixes a denial-of-service vulnerability. An error in handling + certain queries can cause an assertion failure when a server is using the + nxdomain-redirect feature to cover a zone for which it is also providing + authoritative service. A vulnerable server could be intentionally stopped + by an attacker if it was using a configuration that met the criteria for + the vulnerability and if the attacker could cause it to accept a query + that possessed the required attributes. + Please note: This vulnerability affects the "nxdomain-redirect" feature, + which is one of two methods of handling NXDOMAIN redirection, and is only + available in certain versions of BIND. Redirection using zones of type + "redirect" is not affected by this vulnerability. + For more information, see: + https://kb.isc.org/article/AA-01442 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9778 + (* Security fix *) +n/bluez-5.43-x86_64-1.txz: Upgraded. +n/elm-2.5.8-x86_64-4.txz: Rebuilt. +n/epic5-2.0.1-x86_64-1.txz: Upgraded. +n/gnupg-1.4.21-x86_64-2.txz: Rebuilt. +n/gnupg2-2.0.30-x86_64-2.txz: Rebuilt. +n/gnutls-3.5.8-x86_64-1.txz: Upgraded. + This update fixes some bugs and security issues. + For more information, see: + https://gnutls.org/security.html#GNUTLS-SA-2017-1 + https://gnutls.org/security.html#GNUTLS-SA-2017-2 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5334 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5335 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5336 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5337 + (* Security fix *) +n/iftop-1.0pre4-x86_64-1.txz: Upgraded. +n/imapd-2.20-x86_64-3.txz: Rebuilt. +n/iptraf-ng-1.1.4-x86_64-2.txz: Rebuilt. +n/irssi-0.8.21-x86_64-1.txz: Upgraded. + Fixed security issues that may result in a denial of service. + For more information, see: + https://irssi.org/security/irssi_sa_2017_01.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5193 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5194 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5195 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5196 + (* Security fix *) +n/lftp-4.7.5-x86_64-1.txz: Upgraded. +n/libnftnl-1.0.7-x86_64-1.txz: Upgraded. +n/links-2.14-x86_64-1.txz: Upgraded. +n/lynx-2.8.8rel.2-x86_64-2.txz: Rebuilt. +n/mcabber-1.0.4-x86_64-2.txz: Rebuilt. +n/metamail-2.7-x86_64-6.txz: Rebuilt. +n/mtr-0.87-x86_64-1.txz: Upgraded. +n/mutt-1.7.2-x86_64-1.txz: Upgraded. +n/ncftp-3.2.6-x86_64-1.txz: Upgraded. +n/net-snmp-5.7.3-x86_64-4.txz: Rebuilt. +n/netkit-ftp-0.17-x86_64-3.txz: Rebuilt. +n/netkit-ntalk-0.17-x86_64-4.txz: Rebuilt. +n/netwatch-1.3.1_2-x86_64-2.txz: Rebuilt. +n/nftables-0.7-x86_64-1.txz: Upgraded. +n/nn-6.7.3-x86_64-4.txz: Rebuilt. +n/ntp-4.2.8p9-x86_64-2.txz: Rebuilt. +n/obexftp-0.24.2-x86_64-1.txz: Upgraded. +n/openobex-1.7.2-x86_64-1.txz: Upgraded. +n/pinentry-1.0.0-x86_64-2.txz: Rebuilt. +n/proftpd-1.3.5b-x86_64-2.txz: Rebuilt. +n/snownews-1.5.12-x86_64-3.txz: Rebuilt. +n/telnet-0.17-x86_64-3.txz: Rebuilt. +n/tftp-hpa-5.2-x86_64-3.txz: Rebuilt. +n/tin-2.4.1-x86_64-1.txz: Upgraded. +n/trn-3.6-x86_64-2.txz: Removed. +n/wpa_supplicant-2.6-x86_64-1.txz: Upgraded. +n/ytalk-3.3.0-x86_64-3.txz: Rebuilt. +x/xf86-video-intel-git_20170103_028c946d-x86_64-1.txz: Upgraded. +x/xorg-server-1.19.1-x86_64-1.txz: Upgraded. +x/xorg-server-xephyr-1.19.1-x86_64-1.txz: Upgraded. +x/xorg-server-xnest-1.19.1-x86_64-1.txz: Upgraded. +x/xorg-server-xvfb-1.19.1-x86_64-1.txz: Upgraded. +x/xterm-327-x86_64-1.txz: Upgraded. +xap/MPlayer-1.2_20160125-x86_64-4.txz: Rebuilt. + Upgraded to ffmpeg-2.8.10. +xap/ddd-3.3.12-x86_64-5.txz: Rebuilt. +xap/fvwm-2.6.7-x86_64-1.txz: Upgraded. +xap/gftp-2.0.19-x86_64-5.txz: Rebuilt. +xap/gnuchess-6.2.4-x86_64-2.txz: Rebuilt. +xap/gparted-0.27.0-x86_64-1.txz: Upgraded. +xap/hexchat-2.12.4-x86_64-1.txz: Upgraded. +xap/imagemagick-6.9.7_3-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +xap/pidgin-2.11.0-x86_64-2.txz: Rebuilt. +xap/vim-gvim-8.0.0161-x86_64-1.txz: Upgraded. +xap/xine-lib-1.2.6-x86_64-9.txz: Rebuilt. + Upgraded to ffmpeg-2.8.10. +xap/xine-ui-0.99.9-x86_64-2.txz: Rebuilt. +xap/xlockmore-5.50-x86_64-1.txz: Upgraded. +extra/brltty/brltty-5.4-x86_64-2.txz: Rebuilt. + Patched /lib/udev/rules.d/40-usb-brltty.rules to fix a syntax error. + Thanks to Willy Sudiarto Raharjo. +--------------------------+ -Thu Sep 4 19:43:25 UTC 2014 -xap/mozilla-firefox-32.0-x86_64-1.txz: Upgraded. +Fri Dec 30 19:29:13 UTC 2016 +a/aaa_elflibs-14.2-x86_64-26.txz: Rebuilt. +a/btrfs-progs-v4.9-x86_64-1.txz: Upgraded. +ap/hplip-3.16.11-x86_64-1.txz: Upgraded. +ap/tmux-2.3-x86_64-1.txz: Upgraded. +l/elfutils-0.168-x86_64-1.txz: Upgraded. +l/libpng-1.6.27-x86_64-1.txz: Upgraded. + This release fixes an old NULL pointer dereference bug in png_set_text_2() + discovered and patched by Patrick Keshishian. The potential "NULL + dereference" bug has existed in libpng since version 0.71 of June 26, 1995. + To be vulnerable, an application has to load a text chunk into the png + structure, then delete all text, then add another text chunk to the same + png structure, which seems to be an unlikely sequence, but it has happened. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087 + (* Security fix *) +l/seamonkey-solibs-2.46-x86_64-1.txz: Upgraded. +n/openvpn-2.4.0-x86_64-1.txz: Upgraded. +x/libXpm-3.5.12-x86_64-1.txz: Upgraded. +x/libdrm-2.4.74-x86_64-1.txz: Upgraded. +x/mesa-13.0.2-x86_64-1.txz: Upgraded. +x/xf86-video-dummy-0.3.8-x86_64-1.txz: Upgraded. +x/xf86-video-intel-git_20161117_169c74fa-x86_64-1.txz: Upgraded. +xap/mozilla-thunderbird-45.6.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html + https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899 (* Security fix *) -xap/mozilla-thunderbird-31.1.0-x86_64-1.txz: Upgraded. +xap/seamonkey-2.46-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html - (* Security fix *) -n/php-5.4.32-x86_64-1.txz: Upgraded. - This update fixes bugs and security issues. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4698 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5120 - (* Security fix *) -+--------------------------+ -Thu Aug 28 23:17:47 UTC 2014 -l/mozilla-nss-3.16.4-x86_64-1.txz: Upgraded. - Upgraded to nss-3.16.4 and nspr-4.10.7. -+--------------------------+ -Mon Aug 25 22:02:08 UTC 2014 -a/kernel-generic-3.14.17-x86_64-1.txz: Upgraded. -a/kernel-huge-3.14.17-x86_64-1.txz: Upgraded. -a/kernel-modules-3.14.17-x86_64-1.txz: Upgraded. -a/libcgroup-0.41-x86_64-1.txz: Upgraded. -d/kernel-headers-3.14.17-x86-1.txz: Upgraded. -k/kernel-source-3.14.17-noarch-1.txz: Upgraded. - Changed these kernel options: - CONNECTOR m -> y - +PROC_EVENTS y - Thanks to linuxxer. -l/freetype-2.5.3-x86_64-1.txz: Upgraded. -n/tin-2.2.1-x86_64-1.txz: Upgraded. -x/libxcb-1.11-x86_64-1.txz: Upgraded. -x/mesa-10.2.6-x86_64-1.txz: Upgraded. - Upgraded to MesaLib-10.2.6 and mesa-demos-8.2.0. -x/xcb-proto-1.11-x86_64-1.txz: Upgraded. -x/xf86-input-mouse-1.9.1-x86_64-1.txz: Upgraded. -x/xf86-video-ast-1.0.1-x86_64-1.txz: Upgraded. -x/xfs-1.1.4-x86_64-1.txz: Upgraded. -x/xorg-server-1.15.2-x86_64-2.txz: Rebuilt. - Added these explicit options for all X servers: - --enable-kdrive-evdev --enable-kdrive-kbd --enable-kdrive-mouse - Thanks to Dinithion. -x/xorg-server-xephyr-1.15.2-x86_64-2.txz: Rebuilt. -x/xorg-server-xnest-1.15.2-x86_64-2.txz: Rebuilt. -x/xorg-server-xvfb-1.15.2-x86_64-2.txz: Rebuilt. -x/xrandr-1.4.3-x86_64-1.txz: Upgraded. -extra/xf86-video-fbdev/xf86-video-fbdev-0.4.4-x86_64-2.txz: Rebuilt. - Fix ABI mismatch. Thanks to dr.s. -isolinux/initrd.img: Rebuilt. -kernels/*: Upgraded. -usb-and-pxe-installers/usbboot.img: Rebuilt. -+--------------------------+ -Fri Aug 8 19:02:50 UTC 2014 -Welcome pi kernel! Unless we reach kernel 3.14.159, this is probably the best -approximation we're going to get. :-) -a/kernel-firmware-20140807git-noarch-1.txz: Upgraded. -a/kernel-generic-3.14.16-x86_64-1.txz: Upgraded. -a/kernel-huge-3.14.16-x86_64-1.txz: Upgraded. -a/kernel-modules-3.14.16-x86_64-1.txz: Upgraded. -a/openssl-solibs-1.0.1i-x86_64-1.txz: Upgraded. - (* Security fix *) -d/kernel-headers-3.14.16-x86-1.txz: Upgraded. -k/kernel-source-3.14.16-noarch-1.txz: Upgraded. -n/openssl-1.0.1i-x86_64-1.txz: Upgraded. - This update fixes several security issues: - Double Free when processing DTLS packets (CVE-2014-3505) - DTLS memory exhaustion (CVE-2014-3506) - DTLS memory leak from zero-length fragments (CVE-2014-3507) - Information leak in pretty printing functions (CVE-2014-3508) - Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509) - OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510) - OpenSSL TLS protocol downgrade attack (CVE-2014-3511) - SRP buffer overrun (CVE-2014-3512) - Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139) - For more information, see: - https://www.openssl.org/news/secadv_20140806.txt - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139 - (* Security fix *) -isolinux/initrd.img: Rebuilt. -kernels/*: Upgraded. -usb-and-pxe-installers/usbboot.img: Rebuilt. -+--------------------------+ -Mon Aug 4 20:55:26 UTC 2014 -a/gpm-1.20.7-x86_64-3.txz: Rebuilt. - Removed the mouse-t.el file, which is older than the version in Emacs. - Thanks to Richard Cranium. -+--------------------------+ -Fri Aug 1 21:13:18 UTC 2014 -n/dhcpcd-6.0.5-x86_64-3.txz: Rebuilt. - This update fixes a security issue where a specially crafted packet - received from a malicious DHCP server causes dhcpcd to enter an infinite - loop causing a denial of service. - Thanks to Tobias Stoeckmann for the bug report. - (* Security fix *) -n/samba-4.1.11-x86_64-1.txz: Upgraded. - This update fixes a remote code execution attack on unauthenticated nmbd - NetBIOS name services. A malicious browser can send packets that may - overwrite the heap of the target nmbd NetBIOS name services daemon. - It may be possible to use this to generate a remote code execution - vulnerability as the superuser (root). - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3560 - (* Security fix *) -xap/xscreensaver-5.29-x86_64-2.txz: Rebuilt. - Disabled nag screen that says "This version of XScreenSaver is very old! - Please upgrade!" when the age of the software exceeds 12 months. -+--------------------------+ -Wed Jul 30 00:08:00 UTC 2014 -d/gdb-7.8-x86_64-1.txz: Upgraded. -d/guile-2.0.11-x86_64-1.txz: Upgraded. -x/libXext-1.3.3-x86_64-1.txz: Upgraded. -x/libXi-1.7.4-x86_64-1.txz: Upgraded. -x/xf86-video-intel-2.99.914-x86_64-1.txz: Upgraded. -x/xterm-310-x86_64-1.txz: Upgraded. -+--------------------------+ -Wed Jul 23 23:00:34 UTC 2014 -a/kernel-generic-3.14.13-x86_64-1.txz: Upgraded. -a/kernel-huge-3.14.13-x86_64-1.txz: Upgraded. -a/kernel-modules-3.14.13-x86_64-1.txz: Upgraded. -ap/nano-2.3.6-x86_64-1.txz: Upgraded. -d/kernel-headers-3.14.13-x86-1.txz: Upgraded. -e/emacs-24.3-x86_64-4.txz: Rebuilt. - Renamed ctags manpage that conflicts with Exuberant Ctags. Thanks to Jim. -k/kernel-source-3.14.13-noarch-1.txz: Upgraded. -n/httpd-2.4.10-x86_64-1.txz: Upgraded. + http://www.seamonkey-project.org/releases/seamonkey2.46 + (* Security fix *) +xfce/xfce4-panel-4.12.1-x86_64-1.txz: Upgraded. +xfce/xfce4-settings-4.12.1-x86_64-1.txz: Upgraded. +xfce/xfconf-4.12.1-x86_64-1.txz: Upgraded. ++--------------------------+ +Wed Dec 28 21:05:19 UTC 2016 +ap/nano-2.7.3-x86_64-1.txz: Upgraded. +d/python-2.7.13-x86_64-1.txz: Upgraded. + This release fixes security issues: + Issue #27850: Remove 3DES from ssl module's default cipher list to counter + measure sweet32 attack (CVE-2016-2183). + Issue #27568: Prevent HTTPoxy attack (CVE-2016-1000110). Ignore the + HTTP_PROXY variable when REQUEST_METHOD environment is set, which indicates + that the script is in CGI mode. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000110 + (* Security fix *) +n/samba-4.5.3-x86_64-1.txz: Upgraded. + This release fixes security issues: + CVE-2016-2123 (Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer + Overflow Remote Code Execution Vulnerability). + CVE-2016-2125 (Unconditional privilege delegation to Kerberos servers + in trusted realms). + CVE-2016-2126 (Flaws in Kerberos PAC validation can trigger privilege + elevation). + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126 + (* Security fix *) ++--------------------------+ +Sat Dec 24 18:14:51 UTC 2016 +a/aaa_elflibs-14.2-x86_64-25.txz: Upgraded. +l/expat-2.2.0-x86_64-1.txz: Upgraded. + This update fixes bugs and security issues: + Multiple integer overflows in XML_GetBuffer. + Fix crash on malformed input. + Improve insufficient fix to CVE-2015-1283 / CVE-2015-2716. + Use more entropy for hash initialization. + Resolve troublesome internal call to srand. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5300 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6702 + (* Security fix *) +l/ncurses-6.0-x86_64-2.txz: Rebuilt. + Fixed install script to correctly remove "lint" from the 5.x package. ++--------------------------+ +Sat Dec 24 02:36:05 UTC 2016 +a/aaa_elflibs-14.2-x86_64-24.txz: Rebuilt. + Added libform.so.6.0, libformw.so.6.0, libhistory.so.7.0, libmenu.so.6.0, + libmenuw.so.6.0, libncurses.so.6.0, libncursesw.so.6.0, libpanel.so.6.0, + libpanelw.so.6.0, libreadline.so.7.0, and libtinfo.so.6.0. +l/libtermcap-1.2.3-x86_64-7.txz: Removed. + Replaced by equivalent functionality in the ncurses package. +l/ncurses-6.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. + Rebuild of linked binaries pending, but the old library versions are + in the aaa_elflibs package. +l/readline-7.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. + Rebuild of linked binaries pending, but the old library versions are + in the aaa_elflibs package. +n/curl-7.52.1-x86_64-1.txz: Upgraded. +n/gpa-0.9.10-x86_64-1.txz: Upgraded. +n/gpgme-1.7.1-x86_64-1.txz: Upgraded. +n/httpd-2.4.25-x86_64-1.txz: Upgraded. This update fixes the following security issues: - *) SECURITY: CVE-2014-0117 (cve.mitre.org) - mod_proxy: Fix crash in Connection header handling which - allowed a denial of service attack against a reverse proxy - with a threaded MPM. [Ben Reser] - *) SECURITY: CVE-2014-0118 (cve.mitre.org) - mod_deflate: The DEFLATE input filter (inflates request bodies) now - limits the length and compression ratio of inflated request bodies to - avoid denial of sevice via highly compressed bodies. See directives - DeflateInflateLimitRequestBody, DeflateInflateRatioLimit, - and DeflateInflateRatioBurst. [Yann Ylavic, Eric Covener] - *) SECURITY: CVE-2014-0226 (cve.mitre.org) - Fix a race condition in scoreboard handling, which could lead to - a heap buffer overflow. [Joe Orton, Eric Covener] - *) SECURITY: CVE-2014-0231 (cve.mitre.org) - mod_cgid: Fix a denial of service against CGI scripts that do - not consume stdin that could lead to lingering HTTPD child processes - filling up the scoreboard and eventually hanging the server. By - default, the client I/O timeout (Timeout directive) now applies to - communication with scripts. The CGIDScriptTimeout directive can be - used to set a different timeout for communication with scripts. - [Rainer Jung, Eric Covener, Yann Ylavic] - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231 - (* Security fix *) -xap/mozilla-firefox-31.0-x86_64-1.txz: Upgraded. + * CVE-2016-8740: mod_http2: Mitigate DoS memory exhaustion via endless + CONTINUATION frames. + * CVE-2016-5387: core: Mitigate [f]cgi "httpoxy" issues. + * CVE-2016-2161: mod_auth_digest: Prevent segfaults during client entry + allocation when the shared memory space is exhausted. + * CVE-2016-0736: mod_session_crypto: Authenticate the session data/cookie + with a MAC (SipHash) to prevent deciphering or tampering with a padding + oracle attack. + * CVE-2016-8743: Enforce HTTP request grammar corresponding to RFC7230 for + request lines and request headers, to prevent response splitting and + cache pollution by malicious clients or downstream proxies. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8740 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743 + (* Security fix *) +n/lftp-4.7.4-x86_64-1.txz: Upgraded. +n/libassuan-2.4.3-x86_64-1.txz: Upgraded. +n/libgcrypt-1.7.5-x86_64-1.txz: Upgraded. +n/libksba-1.3.5-x86_64-1.txz: Upgraded. +n/nettle-3.3-x86_64-1.txz: Upgraded. +n/nmap-7.40-x86_64-1.txz: Upgraded. +n/openssh-7.4p1-x86_64-1.txz: Upgraded. + This is primarily a bugfix release, and also addresses security issues. + ssh-agent(1): Will now refuse to load PKCS#11 modules from paths outside + a trusted whitelist. + sshd(8): When privilege separation is disabled, forwarded Unix-domain + sockets would be created by sshd(8) with the privileges of 'root'. + sshd(8): Avoid theoretical leak of host private key material to + privilege-separated child processes via realloc(). + sshd(8): The shared memory manager used by pre-authentication compression + support had a bounds checks that could be elided by some optimising + compilers to potentially allow attacks against the privileged monitor. + process from the sandboxed privilege-separation process. + sshd(8): Validate address ranges for AllowUser and DenyUsers directives at + configuration load time and refuse to accept invalid ones. It was + previously possible to specify invalid CIDR address ranges + (e.g. user@127.1.2.3/55) and these would always match, possibly resulting + in granting access where it was not intended. + For more information, see: + https://www.openssh.com/txt/release-7.4 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10009 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10010 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10011 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10012 + (* Security fix *) +n/pinentry-1.0.0-x86_64-1.txz: Upgraded. +xfce/xfce4-weather-plugin-0.8.8-x86_64-1.txz: Upgraded. + Package upgraded to fix the API used to fetch weather data. + Thanks to Robby Workman. +testing/packages/gcc-6.3.0-x86_64-1.txz: Upgraded. +testing/packages/gcc-g++-6.3.0-x86_64-1.txz: Upgraded. +testing/packages/gcc-gfortran-6.3.0-x86_64-1.txz: Upgraded. +testing/packages/gcc-gnat-6.3.0-x86_64-1.txz: Upgraded. +testing/packages/gcc-go-6.3.0-x86_64-1.txz: Upgraded. +testing/packages/gcc-java-6.3.0-x86_64-1.txz: Upgraded. +testing/packages/gcc-objc-6.3.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Sun Dec 18 05:20:25 UTC 2016 +a/glibc-zoneinfo-2016j-noarch-1.txz: Upgraded. ++--------------------------+ +Tue Dec 13 22:14:13 UTC 2016 +Thanks to Robby Workman for most of these updates. +a/acpid-2.0.28-x86_64-1.txz: Upgraded. +a/cryptsetup-1.7.3-x86_64-1.txz: Upgraded. +a/dbus-1.10.14-x86_64-1.txz: Upgraded. +a/lvm2-2.02.168-x86_64-1.txz: Upgraded. +ap/alsa-utils-1.1.2-x86_64-1.txz: Upgraded. +ap/man-pages-4.09-noarch-1.txz: Upgraded. +d/git-2.11.0-x86_64-1.txz: Upgraded. +l/alsa-lib-1.1.2-x86_64-1.txz: Upgraded. +l/dbus-glib-0.108-x86_64-1.txz: Upgraded. +n/NetworkManager-1.2.6-x86_64-1.txz: Upgraded. +n/bluez-5.42-x86_64-1.txz: Upgraded. +n/conntrack-tools-1.4.4-x86_64-1.txz: Upgraded. +n/libnetfilter_acct-1.0.3-x86_64-1.txz: Upgraded. +n/libnetfilter_conntrack-1.0.6-x86_64-1.txz: Upgraded. +n/nfacct-1.0.2-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-50.1.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html - (* Security fix *) -xap/mozilla-thunderbird-31.0-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. + https://www.mozilla.org/security/known-vulnerabilities/firefox.html + (* Security fix *) +xap/network-manager-applet-1.2.6-x86_64-1.txz: Upgraded. +extra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild: Updated. + Fixed filename and URL for new version 24. Thanks to alienBOB. ++--------------------------+ +Mon Dec 12 21:25:50 UTC 2016 +a/coreutils-8.26-x86_64-1.txz: Upgraded. +a/grep-2.27-x86_64-1.txz: Upgraded. +a/kernel-firmware-20161211git-noarch-1.txz: Upgraded. +a/kernel-generic-4.4.38-x86_64-1.txz: Upgraded. + This kernel fixes a security issue with a race condition in + net/packet/af_packet.c that can be exploited to gain kernel code execution + from unprivileged processes. + Thanks to Philip Pettersson for discovering the bug and providing a patch. + Be sure to upgrade your initrd after upgrading the kernel packages. + If you use lilo to boot your machine, be sure lilo.conf points to the correct + kernel and initrd and run lilo as root to update the bootloader. + If you use elilo to boot your machine, you should run eliloconfig to copy the + kernel and initrd to the EFI System Partition. + For more information, see: + https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8655 + (* Security fix *) +a/kernel-huge-4.4.38-x86_64-1.txz: Upgraded. + (* Security fix *) +a/kernel-modules-4.4.38-x86_64-1.txz: Upgraded. +ap/nano-2.7.2-x86_64-1.txz: Upgraded. +d/kernel-headers-4.4.38-x86-1.txz: Upgraded. +k/kernel-source-4.4.38-noarch-1.txz: Upgraded. + (* Security fix *) +l/gsl-2.3-x86_64-1.txz: Upgraded. +l/loudmouth-1.5.3-x86_64-1.txz: Upgraded. +n/mcabber-1.0.4-x86_64-1.txz: Upgraded. + This update fixes a security issue which can lead to a malicious actor + MITMing a conversation, or adding themselves as an entity on a third + parties roster (thereby granting themselves the associated priviledges + such as observing when the user is online). + For more information, see: + https://gultsch.de/gajim_roster_push_and_message_interception.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9928 + (* Security fix *) +n/php-5.6.29-x86_64-1.txz: Upgraded. + This release fixes bugs and security issues. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html + https://php.net/ChangeLog-5.php#5.6.29 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9935 (* Security fix *) isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Sun Jul 20 05:00:36 UTC 2014 -x/mesa-10.2.4-x86_64-1.txz: Upgraded. - Added --with-egl-platforms="drm,x11". Without this, the EGL support for drm - is not built leading to crashes with newer radeon hardware. - Thanks to sberthelot and Robby Workman. -+--------------------------+ -Wed Jul 16 05:31:30 UTC 2014 -x/xf86-video-intel-2.99.912-x86_64-1.txz: Upgraded. - Looks like the stable driver won't compile with the new xorg-server, so - we'll try this one. -+--------------------------+ -Tue Jul 15 23:53:10 UTC 2014 -Enjoy some new X related updates! Thanks to Robby Workman for lots of help -on the X.Org upgrades, and to alienBOB for an earlier SlackBuild for Motif -that I used as a reference for configure options and other fixes. -You can blame me for picking xorg-server-1.15.2 over xorg-server-1.14.7. ;-) -If you're using a proprietary video driver you'll probably need to recompile it -for the new X server... if you can. -ap/linuxdoc-tools-0.9.69-x86_64-2.txz: Rebuilt. - Renamed /usr/bin/sgmlspl.pl back to /usr/bin/sgmlspl. - Thanks to Matteo Bernardini for the report. -ap/lxc-1.0.5-x86_64-1.txz: Upgraded. -d/automake-1.14.1-noarch-1.txz: Upgraded. -d/llvm-3.4.2-x86_64-1.txz: Upgraded. -kde/calligra-2.8.5-x86_64-1.txz: Upgraded. -kdei/calligra-l10n-bs-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ca-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ca\@valencia-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-cs-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-da-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-de-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-el-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-en_GB-2.8.5-noarch-1.txz: Added. -kdei/calligra-l10n-es-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-et-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-eu-2.8.5-noarch-1.txz: Added. -kdei/calligra-l10n-fi-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-fr-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-gl-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-hu-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ia-2.7.5-noarch-1.txz: Removed. -kdei/calligra-l10n-it-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ja-2.8.5-noarch-1.txz: Added. -kdei/calligra-l10n-kk-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-nb-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-nds-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-nl-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pl-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pt-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pt_BR-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ru-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-sk-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-sl-2.7.5-noarch-1.txz: Removed. -kdei/calligra-l10n-sv-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-tr-2.7.5-noarch-1.txz: Removed. -kdei/calligra-l10n-uk-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-zh_CN-2.8.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-zh_TW-2.8.5-noarch-1.txz: Upgraded. -l/lesstif-0.95.2-x86_64-1.txz: Removed. - LessTif is making way for real Motif. - Thanks to the Hungry Programmers for a great run. :-) -t/tetex-3.0-x86_64-9.txz: Rebuilt. - Recompiled /usr/bin/xdvi-motif.bin against Motif. -x/dri3proto-1.0-x86_64-1.txz: Added. -x/fontconfig-2.11.1-x86_64-1.txz: Upgraded. -x/freeglut-2.8.1-x86_64-1.txz: Upgraded. -x/gccmakedep-1.0.3-noarch-1.txz: Upgraded. -x/glamor-egl-0.6.0-x86_64-1.txz: Added. -x/glew-1.10.0-x86_64-1.txz: Upgraded. -x/glproto-1.4.17-noarch-1.txz: Upgraded. -x/imake-1.0.7-x86_64-1.txz: Upgraded. -x/inputproto-2.3.1-noarch-1.txz: Upgraded. -x/libFS-1.0.6-x86_64-1.txz: Upgraded. -x/libICE-1.0.9-x86_64-1.txz: Upgraded. -x/libXfont-1.4.8-x86_64-1.txz: Upgraded. -x/libXft-2.3.2-x86_64-1.txz: Upgraded. -x/libXi-1.7.3-x86_64-1.txz: Upgraded. -x/libdrm-2.4.54-x86_64-1.txz: Upgraded. -x/libevdev-1.2-x86_64-1.txz: Added. -x/libxcb-1.10-x86_64-1.txz: Upgraded. -x/libxshmfence-1.1-x86_64-1.txz: Added. -x/makedepend-1.0.5-x86_64-1.txz: Upgraded. -x/mesa-10.1.5-x86_64-1.txz: Upgraded. -x/motif-2.3.4-x86_64-1.txz: Added. -x/mtdev-1.1.5-x86_64-1.txz: Upgraded. -x/pixman-0.32.6-x86_64-1.txz: Upgraded. -x/presentproto-1.0-x86_64-1.txz: Added. -x/util-macros-1.19.0-noarch-1.txz: Upgraded. -x/xauth-1.0.9-x86_64-1.txz: Upgraded. -x/xcb-proto-1.10-x86_64-1.txz: Upgraded. -x/xcb-util-cursor-0.1.1-x86_64-1.txz: Upgraded. -x/xcb-util-renderutil-0.3.9-x86_64-1.txz: Upgraded. -x/xcb-util-wm-0.4.1-x86_64-1.txz: Upgraded. -x/xcursorgen-1.0.6-x86_64-1.txz: Upgraded. -x/xdg-user-dirs-0.15-x86_64-1.txz: Upgraded. -x/xextproto-7.3.0-x86_64-1.txz: Upgraded. -x/xf86-input-acecad-1.5.0-x86_64-6.txz: Rebuilt. -x/xf86-input-aiptek-1.4.1-x86_64-6.txz: Rebuilt. -x/xf86-input-evdev-2.9.0-x86_64-1.txz: Upgraded. -x/xf86-input-joystick-1.6.1-x86_64-6.txz: Rebuilt. -x/xf86-input-keyboard-1.8.0-x86_64-1.txz: Upgraded. -x/xf86-input-mouse-1.9.0-x86_64-4.txz: Rebuilt. -x/xf86-input-penmount-1.5.0-x86_64-6.txz: Rebuilt. -x/xf86-input-synaptics-1.8.0-x86_64-1.txz: Upgraded. -x/xf86-input-vmmouse-13.0.0-x86_64-5.txz: Rebuilt. -x/xf86-input-void-1.4.0-x86_64-6.txz: Rebuilt. -x/xf86-input-wacom-0.19.0-x86_64-5.txz: Rebuilt. -x/xf86-video-apm-1.2.5-x86_64-5.txz: Rebuilt. -x/xf86-video-ark-0.7.5-x86_64-5.txz: Rebuilt. -x/xf86-video-ast-0.99.9-x86_64-1.txz: Upgraded. -x/xf86-video-ati-7.4.0-x86_64-1.txz: Upgraded. -x/xf86-video-chips-1.2.5-x86_64-5.txz: Rebuilt. -x/xf86-video-cirrus-1.5.2-x86_64-5.txz: Rebuilt. -x/xf86-video-dummy-0.3.7-x86_64-2.txz: Rebuilt. -x/xf86-video-glint-1.2.8-x86_64-5.txz: Rebuilt. -x/xf86-video-i128-1.3.6-x86_64-5.txz: Rebuilt. -x/xf86-video-i740-1.3.4-x86_64-5.txz: Rebuilt. -x/xf86-video-mach64-6.9.4-x86_64-5.txz: Rebuilt. -x/xf86-video-mga-1.6.3-x86_64-1.txz: Upgraded. -x/xf86-video-modesetting-0.9.0-x86_64-2.txz: Rebuilt. -x/xf86-video-neomagic-1.2.8-x86_64-3.txz: Rebuilt. -x/xf86-video-nouveau-1.0.10-x86_64-1.txz: Upgraded. -x/xf86-video-nv-2.1.20-x86_64-6.txz: Rebuilt. -x/xf86-video-openchrome-0.3.3-x86_64-3.txz: Rebuilt. -x/xf86-video-r128-6.9.2-x86_64-2.txz: Rebuilt. -x/xf86-video-rendition-4.2.5-x86_64-5.txz: Rebuilt. -x/xf86-video-s3-0.6.5-x86_64-5.txz: Rebuilt. -x/xf86-video-s3virge-1.10.6-x86_64-6.txz: Rebuilt. -x/xf86-video-savage-2.3.7-x86_64-2.txz: Rebuilt. -x/xf86-video-siliconmotion-1.7.7-x86_64-6.txz: Rebuilt. -x/xf86-video-sis-0.10.7-x86_64-5.txz: Rebuilt. -x/xf86-video-sisusb-0.9.6-x86_64-5.txz: Rebuilt. -x/xf86-video-tdfx-1.4.5-x86_64-5.txz: Rebuilt. -x/xf86-video-tga-1.2.2-x86_64-5.txz: Rebuilt. -x/xf86-video-trident-1.3.6-x86_64-5.txz: Rebuilt. -x/xf86-video-tseng-1.2.5-x86_64-5.txz: Rebuilt. -x/xf86-video-v4l-0.2.0-x86_64-10.txz: Rebuilt. -x/xf86-video-vesa-2.3.3-x86_64-2.txz: Rebuilt. -x/xf86-video-vmware-13.0.2-x86_64-1.txz: Upgraded. -x/xf86-video-voodoo-1.2.5-x86_64-6.txz: Rebuilt. -x/xf86-video-xgi-git_be3abf8570a-x86_64-5.txz: Rebuilt. -x/xf86-video-xgixp-1.8.1-x86_64-5.txz: Rebuilt. -x/xkeyboard-config-2.11-noarch-1.txz: Upgraded. -x/xorg-cf-files-1.0.5-noarch-1.txz: Upgraded. -x/xorg-server-1.15.2-x86_64-1.txz: Upgraded. -x/xorg-server-xephyr-1.15.2-x86_64-1.txz: Upgraded. -x/xorg-server-xnest-1.15.2-x86_64-1.txz: Upgraded. -x/xorg-server-xvfb-1.15.2-x86_64-1.txz: Upgraded. -x/xproto-7.0.26-noarch-1.txz: Upgraded. -x/xrandr-1.4.2-x86_64-1.txz: Upgraded. -x/xscope-1.4.1-x86_64-1.txz: Upgraded. -x/xterm-309-x86_64-1.txz: Upgraded. -x/xtrans-1.3.4-noarch-1.txz: Upgraded. -xap/ddd-3.3.12-x86_64-3.txz: Rebuilt. - Recompiled against Motif. -xap/xpdf-3.04-x86_64-1.txz: Upgraded. -+--------------------------+ -Sat Jul 12 17:34:47 UTC 2014 -ap/nano-2.3.5-x86_64-2.txz: Rebuilt. - Provide --datadir to ./configure to work around a bug that installed the - locale files in the wrong directory. - Thanks to Wim Speekenbrink. -+--------------------------+ -Sat Jul 12 02:24:10 UTC 2014 -a/bash-4.3.018-x86_64-1.txz: Upgraded. -a/kernel-firmware-20140710git-noarch-1.txz: Upgraded. -a/kernel-generic-3.14.12-x86_64-1.txz: Upgraded. -a/kernel-huge-3.14.12-x86_64-1.txz: Upgraded. -a/kernel-modules-3.14.12-x86_64-1.txz: Upgraded. -a/shadow-4.2.1-x86_64-1.txz: Upgraded. - This adds support for subuid and subgid needed for unprivileged containers. - Thanks to Christoph Willing. -ap/cgmanager-20140710_986cd44-x86_64-1.txz: Added. - Thanks to Matteo Bernardini. -ap/linuxdoc-tools-0.9.69-x86_64-1.txz: Upgraded. - Thanks to Stuart Winter. -ap/lxc-1.0.3-x86_64-1.txz: Upgraded. - This adds a template for for lxc-create to create a minimal Slackware - container using slackpkg. For example, this will create a container - named "current": - lxc-create -n current -t slackware - There's an rc.lxc init script added to autorun/autostop containers, but it's - not currently hooked in to the main init scripts, so if you want to use it - you'll need to add it to your rc.local and rc.local_shutdown (and make it - executable). The script will look for "lxc.start.auto = 1" in the container - config file to determine if a container should be autostarted (1) or not (0). - Thanks to Matteo Bernardini. -ap/lzip-1.15-x86_64-1.txz: Added. -ap/nano-2.3.5-x86_64-1.txz: Upgraded. -ap/slackpkg-2.82.0-noarch-13.tgz: Rebuilt. - Patched to support $ROOT and $CONF environment variables. - Thanks to Matteo Bernardini. -d/gnu-cobol-1.1-x86_64-1.txz: Added. -d/kernel-headers-3.14.12-x86-1.txz: Upgraded. -d/open-cobol-1.1-x86_64-2.txz: Removed. - This project has been renamed GNU Cobol. -d/slacktrack-2.16-x86_64-1.txz: Upgraded. - Thanks to Stuart Winter. -k/kernel-source-3.14.12-noarch-1.txz: Upgraded. - Added back CONFIG_USER_NS=y now that it no longer conflicts with XFS. - Thanks to Christoph Willing. -l/libnih-1.0.3-x86_64-1.txz: Added. - Thanks to Matteo Bernardini. -l/taglib-1.9.1-x86_64-1.txz: Upgraded. - Linked with -lstdc++. Thanks to comet.berkeley. -n/php-5.4.30-x86_64-1.txz: Upgraded. - This update fixes bugs and security issues. +Thu Dec 1 08:49:20 UTC 2016 +d/intltool-0.51.0-x86_64-3.txz: Rebuilt. + Added a patch to fix issues when $(builddir) != $(srcdir). This avoids + possible build failures when intltool is used with automake >= 1.15. + Thanks to Willy Sudiarto Raharjo. +xap/mozilla-firefox-50.0.2-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049 + https://www.mozilla.org/security/known-vulnerabilities/firefox.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9078 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079 (* Security fix *) -isolinux/initrd.img: Rebuilt. -kernels/*: Upgraded. -testing/source/config-testing-3.15.5/*: Added. -usb-and-pxe-installers/usbboot.img: Rebuilt. -+--------------------------+ -Tue Jun 24 22:35:07 UTC 2014 -ap/man-1.6g-x86_64-2.txz: Rebuilt. - Moved config file to /etc. -ap/man-pages-3.69-noarch-1.txz: Upgraded. -l/seamonkey-solibs-2.26.1-x86_64-1.txz: Upgraded. -n/bind-9.9.5_P1-x86_64-1.txz: Upgraded. - This fixes security issues and other bugs. Please note that the first - CVE only affects Windows, and the second one was claimed to be fixed by - an earlier version of BIND. But we'll update anyway just in case. :-) - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6230 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591 - (* Security fix *) -n/gnupg-1.4.17-x86_64-1.txz: Upgraded. - This release includes a security fix to stop a denial of service using - garbled compressed data packets which can be used to put gpg into an - infinite loop. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617 - (* Security fix *) -n/gnupg2-2.0.24-x86_64-1.txz: Upgraded. - This release includes a security fix to stop a denial of service using - garbled compressed data packets which can be used to put gpg into an - infinite loop. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617 - (* Security fix *) -n/samba-4.1.9-x86_64-1.txz: Upgraded. - This update fixes bugs and security issues, including a flaw in Samba's - internal DNS server which can be exploited to cause a denial of service, - a flaw in SRV_SNAPSHOT_ARRAY that permits attackers to leverage - configurations that use shadow_copy* for vfs objects to reveal potentially - private server information, a denial of service on the nmbd NetBIOS name - services daemon, and a denial of service crash involving overwriting - memory on an authenticated connection to the smbd file server. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0239 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493 - (* Security fix *) -xap/seamonkey-2.26.1-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. +xap/mozilla-thunderbird-45.5.1-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html + https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079 (* Security fix *) -testing/packages/bind-9.10.0_P2-x86_64-1.txz: Added. -+--------------------------+ -Tue Jun 17 22:19:30 UTC 2014 -l/ncurses-5.9-x86_64-3.txz: Rebuilt. - Applied upstream patch ncurses-5.9-20140308-patch.sh. - Thanks to comet.berkeley. -n/yptools-2.14-x86_64-3.txz: Rebuilt. - Corrected yppasswd patch that was causing password changes to fail. - Thanks to Henrik Carlqvist. -xap/xscreensaver-5.29-x86_64-1.txz: Upgraded. +--------------------------+ -Thu Jun 12 05:11:52 UTC 2014 -ap/ddrescue-1.18.1-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-30.0-x86_64-1.txz: Upgraded. +Mon Nov 21 19:21:22 UTC 2016 +n/ntp-4.2.8p9-x86_64-1.txz: Upgraded. + In addition to bug fixes and enhancements, this release fixes the + following 1 high- (Windows only :-), 2 medium-, 2 medium-/low, and + 5 low-severity vulnerabilities, and provides 28 other non-security + fixes and improvements. + CVE-2016-9311: Trap crash + CVE-2016-9310: Mode 6 unauthenticated trap info disclosure and DDoS vector + CVE-2016-7427: Broadcast Mode Replay Prevention DoS + CVE-2016-7428: Broadcast Mode Poll Interval Enforcement DoS + CVE-2016-9312: Windows: ntpd DoS by oversized UDP packet + CVE-2016-7431: Regression: 010-origin: Zero Origin Timestamp Bypass + CVE-2016-7434: Null pointer dereference in _IO_str_init_static_internal() + CVE-2016-7429: Interface selection attack + CVE-2016-7426: Client rate limiting and server responses + CVE-2016-7433: Reboot sync calculation problem + For more information, see: + https://www.kb.cert.org/vuls/id/633847 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9311 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9310 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7427 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7428 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9312 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7431 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7434 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7429 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7426 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7433 + (* Security fix *) ++--------------------------+ +Sat Nov 19 22:45:38 UTC 2016 +a/grep-2.26-x86_64-2.txz: Rebuilt. + Reverted a speedup patch that is causing regressions when output is directed + to /dev/null. Thanks to SeB. ++--------------------------+ +Sat Nov 19 03:33:33 UTC 2016 +a/bash-4.4.005-x86_64-1.txz: Upgraded. +a/kernel-firmware-20161118git-noarch-1.txz: Upgraded. +a/kernel-generic-4.4.32-x86_64-1.txz: Upgraded. +a/kernel-huge-4.4.32-x86_64-1.txz: Upgraded. +a/kernel-modules-4.4.32-x86_64-1.txz: Upgraded. +ap/ghostscript-9.20-x86_64-1.txz: Upgraded. +d/kernel-headers-4.4.32-x86-1.txz: Upgraded. +k/kernel-source-4.4.32-noarch-1.txz: Upgraded. +n/nmap-7.31-x86_64-1.txz: Upgraded. +n/samba-4.5.1-x86_64-1.txz: Upgraded. +x/freeglut-3.0.0-x86_64-1.txz: Upgraded. +x/libXfont2-2.0.1-x86_64-1.txz: Added. +x/libdrm-2.4.73-x86_64-1.txz: Upgraded. +x/libxcb-1.12-x86_64-1.txz: Upgraded. +x/mesa-13.0.1-x86_64-1.txz: Upgraded. +x/xcb-proto-1.12-x86_64-1.txz: Upgraded. +x/xcb-util-cursor-0.1.3-x86_64-1.txz: Upgraded. +x/xf86-input-acecad-1.5.0-x86_64-10.txz: Rebuilt. +x/xf86-input-evdev-2.10.4-x86_64-1.txz: Upgraded. +x/xf86-input-joystick-1.6.3-x86_64-1.txz: Upgraded. +x/xf86-input-keyboard-1.9.0-x86_64-1.txz: Upgraded. +x/xf86-input-mouse-1.9.2-x86_64-1.txz: Upgraded. +x/xf86-input-penmount-1.5.0-x86_64-10.txz: Rebuilt. +x/xf86-input-synaptics-1.9.0-x86_64-1.txz: Upgraded. +x/xf86-input-vmmouse-13.1.0-x86_64-5.txz: Rebuilt. +x/xf86-input-void-1.4.0-x86_64-10.txz: Rebuilt. +x/xf86-input-wacom-0.33.0-x86_64-2.txz: Rebuilt. +x/xf86-video-amdgpu-1.2.0-x86_64-1.txz: Upgraded. +x/xf86-video-apm-1.2.5-x86_64-9.txz: Rebuilt. +x/xf86-video-ark-0.7.5-x86_64-9.txz: Rebuilt. +x/xf86-video-ast-1.1.5-x86_64-3.txz: Rebuilt. +x/xf86-video-ati-7.8.0-x86_64-1.txz: Upgraded. +x/xf86-video-chips-1.2.6-x86_64-2.txz: Removed. +x/xf86-video-cirrus-1.5.3-x86_64-3.txz: Rebuilt. +x/xf86-video-dummy-0.3.7-x86_64-6.txz: Rebuilt. +x/xf86-video-glint-1.2.8-x86_64-8.txz: Removed. +x/xf86-video-i128-1.3.6-x86_64-9.txz: Rebuilt. +x/xf86-video-i740-1.3.5-x86_64-3.txz: Removed. +x/xf86-video-intel-git_20161115_a1a0f76-x86_64-1.txz: Upgraded. +x/xf86-video-mach64-6.9.5-x86_64-3.txz: Rebuilt. +x/xf86-video-mga-1.6.4-x86_64-3.txz: Removed. +x/xf86-video-neomagic-1.2.9-x86_64-3.txz: Rebuilt. +x/xf86-video-nouveau-1.0.13-x86_64-1.txz: Upgraded. +x/xf86-video-nv-2.1.20-x86_64-9.txz: Removed. +x/xf86-video-openchrome-0.5.0-x86_64-2.txz: Rebuilt. +x/xf86-video-r128-6.10.1-x86_64-1.txz: Removed. +x/xf86-video-rendition-4.2.6-x86_64-2.txz: Rebuilt. +x/xf86-video-s3-0.6.5-x86_64-9.txz: Rebuilt. +x/xf86-video-s3virge-1.10.7-x86_64-3.txz: Rebuilt. +x/xf86-video-savage-2.3.8-x86_64-2.txz: Removed. +x/xf86-video-siliconmotion-1.7.8-x86_64-2.txz: Removed. +x/xf86-video-sis-0.10.8-x86_64-2.txz: Removed. +x/xf86-video-sisusb-0.9.6-x86_64-9.txz: Rebuilt. +x/xf86-video-tdfx-1.4.6-x86_64-3.txz: Removed. +x/xf86-video-tga-1.2.2-x86_64-9.txz: Rebuilt. +x/xf86-video-trident-1.3.7-x86_64-3.txz: Removed. +x/xf86-video-tseng-1.2.5-x86_64-9.txz: Rebuilt. +x/xf86-video-v4l-0.2.0-x86_64-14.txz: Rebuilt. +x/xf86-video-vesa-2.3.4-x86_64-3.txz: Rebuilt. +x/xf86-video-vmware-13.2.1-x86_64-1.txz: Upgraded. +x/xf86-video-voodoo-1.2.5-x86_64-10.txz: Rebuilt. +x/xf86-video-xgi-1.6.1-x86_64-2.txz: Removed. +x/xf86-video-xgixp-1.8.1-x86_64-8.txz: Removed. +x/xorg-server-1.19.0-x86_64-1.txz: Upgraded. +x/xorg-server-xephyr-1.19.0-x86_64-1.txz: Upgraded. +x/xorg-server-xnest-1.19.0-x86_64-1.txz: Upgraded. +x/xorg-server-xvfb-1.19.0-x86_64-1.txz: Upgraded. +x/xproto-7.0.31-noarch-1.txz: Upgraded. +x/xterm-326-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-50.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox.html (* Security fix *) -xap/mozilla-thunderbird-24.6.0-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html - (* Security fix *) -+--------------------------+ -Mon Jun 9 20:16:02 UTC 2014 -n/php-5.4.29-x86_64-1.txz: Upgraded. - This update fixes bugs and security issues, including a possible denial - of service, and an issue where insecure default permissions on the FPM - socket may allow local users to run arbitrary code as the apache user. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238 - (* Security fix *) -+--------------------------+ -Fri Jun 6 04:27:01 UTC 2014 -a/openssl-solibs-1.0.1h-x86_64-1.txz: Upgraded. - (* Security fix *) -ap/nano-2.3.4-x86_64-1.txz: Upgraded. -l/libtasn1-3.6-x86_64-1.txz: Upgraded. - Multiple security issues have been corrected in the libtasn1 library. - These errors allow a remote attacker to cause a denial of service, or - possibly to execute arbitrary code. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469 - (* Security fix *) -n/gnutls-3.2.15-x86_64-1.txz: Upgraded. - A security issue has been corrected in gnutls. This vulnerability - affects the client side of the gnutls library. A server that sends - a specially crafted ServerHello could corrupt the memory of a requesting - client. This may allow a remote attacker to execute arbitrary code. - Additional vulnerabilities in the embedded libtasn1 library have also - been patched. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3465 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469 - (* Security fix *) -n/irssi-0.8.16-x86_64-1.txz: Upgraded. -n/openssl-1.0.1h-x86_64-1.txz: Upgraded. - Multiple security issues have been corrected, including a possible - man-in-the-middle attack where weak keying material is forced, denial - of service, and the execution of arbitrary code. - For more information, see: - http://www.openssl.org/news/secadv_20140605.txt - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 - (* Security fix *) -n/sendmail-8.14.9-x86_64-1.txz: Upgraded. - This release fixes one security related bug by properly closing file - descriptors (except stdin, stdout, and stderr) before executing programs. - This bug could enable local users to interfere with an open SMTP - connection if they can execute their own program for mail delivery - (e.g., via procmail or the prog mailer). - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956 - (* Security fix *) -n/sendmail-cf-8.14.9-noarch-1.txz: Upgraded. -+--------------------------+ -Sun Jun 1 19:48:54 UTC 2014 -a/gawk-4.1.1-x86_64-2.txz: Rebuilt. - Removed pgawk.1.gz symlink in man1 since pgawk no longer exists. - Compressed the man pages in man3. -a/kernel-generic-3.14.5-x86_64-1.txz: Upgraded. -a/kernel-huge-3.14.5-x86_64-1.txz: Upgraded. -a/kernel-modules-3.14.5-x86_64-1.txz: Upgraded. -ap/mariadb-5.5.37-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0384 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2419 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2430 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2431 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2432 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2436 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2438 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2440 - (* Security fix *) -ap/nano-2.3.3-x86_64-1.txz: Upgraded. -d/gcc-4.8.3-x86_64-1.txz: Upgraded. -d/gcc-g++-4.8.3-x86_64-1.txz: Upgraded. -d/gcc-gfortran-4.8.3-x86_64-1.txz: Upgraded. -d/gcc-gnat-4.8.3-x86_64-1.txz: Upgraded. -d/gcc-go-4.8.3-x86_64-1.txz: Upgraded. -d/gcc-java-4.8.3-x86_64-1.txz: Upgraded. -d/gcc-objc-4.8.3-x86_64-1.txz: Upgraded. -d/kernel-headers-3.14.5-x86-1.txz: Upgraded. -d/make-3.82-x86_64-5.txz: Rebuilt. - Patched to fix a bug with parallel builds. - Thanks to Danny Schmarsel. -k/kernel-source-3.14.5-noarch-1.txz: Upgraded. +extra/tigervnc/tigervnc-1.7.0-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Tue May 13 22:31:28 UTC 2014 -l/libelf-0.8.13-x86_64-4.txz: Rebuilt. - Use -D_FILE_OFFSET_BITS=64 on 32-bit x86 (needed for Chromium). - Requested by alienBOB. :-) -+--------------------------+ -Tue May 13 20:25:35 UTC 2014 -a/kernel-generic-3.14.4-x86_64-1.txz: Upgraded. -a/kernel-huge-3.14.4-x86_64-1.txz: Upgraded. -a/kernel-modules-3.14.4-x86_64-1.txz: Upgraded. -d/gdb-7.7.1-x86_64-1.txz: Upgraded. -d/kernel-headers-3.14.4-x86-1.txz: Upgraded. -k/kernel-source-3.14.4-noarch-1.txz: Upgraded. - Disabled CONFIG_DEBUG_KERNEL, which had the effect of turning off seven - other kernel debugging options. Besides fixing the nVidia issues, I wonder - if getting rid of this stuff will speed the kernel up? -l/libelf-0.8.13-x86_64-3.txz: Rebuilt. - Symlink headers to /usr/include, since Mesa wants them there. - Thanks to Robby Workman. -xap/ddd-3.3.12-x86_64-2.txz: Rebuilt. - Patched to fix the machine code view. Thanks to Christopher Oliver. -isolinux/initrd.img: Rebuilt. -kernels/*: Upgraded. -usb-and-pxe-installers/usbboot.img: Rebuilt. -+--------------------------+ -Mon May 12 02:24:36 UTC 2014 -l/seamonkey-solibs-2.26-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-29.0.1-x86_64-1.txz: Upgraded. -xap/seamonkey-2.26-x86_64-1.tx: Upgraded. - This update contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html - (* Security fix *) -+--------------------------+ -Fri May 9 01:47:42 UTC 2014 -a/glibc-solibs-2.19-x86_64-1.txz: Upgraded. -a/glibc-zoneinfo-2014b-noarch-1.txz: Upgraded. -a/kernel-firmware-20140506git-noarch-1.txz: Upgraded. -a/kernel-generic-3.14.3-x86_64-1.txz: Upgraded. -a/kernel-huge-3.14.3-x86_64-1.txz: Upgraded. -a/kernel-modules-3.14.3-x86_64-1.txz: Upgraded. -d/binutils-2.24.51.0.3-x86_64-1.txz: Upgraded. -d/gcc-4.8.2-x86_64-2.txz: Rebuilt. - Include libiberty.a since that's no longer in the binutils package. -d/gcc-g++-4.8.2-x86_64-2.txz: Rebuilt. -d/gcc-gfortran-4.8.2-x86_64-2.txz: Rebuilt. -d/gcc-gnat-4.8.2-x86_64-2.txz: Rebuilt. -d/gcc-go-4.8.2-x86_64-2.txz: Rebuilt. -d/gcc-java-4.8.2-x86_64-2.txz: Rebuilt. -d/gcc-objc-4.8.2-x86_64-2.txz: Rebuilt. -d/kernel-headers-3.14.3-x86-1.txz: Upgraded. -d/oprofile-0.9.7-x86_64-5.txz: Rebuilt. -k/kernel-source-3.14.3-noarch-1.txz: Upgraded. -l/glibc-2.19-x86_64-1.txz: Upgraded. -l/glibc-i18n-2.19-x86_64-1.txz: Upgraded. -l/glibc-profile-2.19-x86_64-1.txz: Upgraded. -n/libnftnl-1.0.1-x86_64-1.txz: Added. -n/nftables-0.2-x86_64-1.txz: Added. -extra/bash-completion/bash-completion-2.1-noarch-2.txz: Rebuilt. - Patched to fix an issue with bash-4.3. Thanks to ponce. -isolinux/initrd.img: Rebuilt. -kernels/*: Upgraded. -usb-and-pxe-installers/usbboot.img: Rebuilt. -+--------------------------+ -Tue Apr 29 23:35:59 UTC 2014 -ap/screen-4.2.1-x86_64-1.txz: Upgraded. -l/qt-4.8.6-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-29.0-x86_64-1.txz: Upgraded. - This release contains security fixes and improvements. +Fri Nov 4 03:31:38 UTC 2016 +a/glibc-zoneinfo-2016i-noarch-1.txz: Upgraded. +ap/nano-2.7.1-x86_64-1.txz: Upgraded. +ap/vim-8.0.0055-x86_64-1.txz: Upgraded. +l/libcdio-paranoia-10.2+0.93+1-x86_64-2.txz: Rebuilt. +n/bind-9.10.4_P4-x86_64-1.txz: Upgraded. + This update fixes a denial-of-service vulnerability. A defect in BIND's + handling of responses containing a DNAME answer can cause a resolver to exit + after encountering an assertion failure in db.c or resolver.c. A server + encountering either of these error conditions will stop, resulting in denial + of service to clients. The risk to authoritative servers is minimal; + recursive servers are chiefly at risk. + For more information, see: + https://kb.isc.org/article/AA-01434 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8864 + (* Security fix *) +n/curl-7.51.0-x86_64-1.txz: Upgraded. + This release fixes security issues: + CVE-2016-8615: cookie injection for other servers + CVE-2016-8616: case insensitive password comparison + CVE-2016-8617: OOB write via unchecked multiplication + CVE-2016-8618: double-free in curl_maprintf + CVE-2016-8619: double-free in krb5 code + CVE-2016-8620: glob parser write/read out of bounds + CVE-2016-8621: curl_getdate read out of bounds + CVE-2016-8622: URL unescape heap overflow via integer truncation + CVE-2016-8623: Use-after-free via shared cookies + CVE-2016-8624: invalid URL parsing with '#' + CVE-2016-8625: IDNA 2003 makes curl use wrong host + For more information, see: + https://curl.haxx.se/docs/adv_20161102A.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615 + https://curl.haxx.se/docs/adv_20161102B.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616 + https://curl.haxx.se/docs/adv_20161102C.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617 + https://curl.haxx.se/docs/adv_20161102D.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618 + https://curl.haxx.se/docs/adv_20161102E.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619 + https://curl.haxx.se/docs/adv_20161102F.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620 + https://curl.haxx.se/docs/adv_20161102G.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621 + https://curl.haxx.se/docs/adv_20161102H.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622 + https://curl.haxx.se/docs/adv_20161102I.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623 + https://curl.haxx.se/docs/adv_20161102J.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624 + https://curl.haxx.se/docs/adv_20161102K.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8625 + (* Security fix *) +xap/gnuchess-6.2.4-x86_64-1.txz: Upgraded. +xap/vim-gvim-8.0.0055-x86_64-1.txz: Upgraded. ++--------------------------+ +Mon Oct 31 23:38:24 UTC 2016 +a/grep-2.26-x86_64-1.txz: Upgraded. +a/kernel-generic-4.4.29-x86_64-1.txz: Upgraded. + Fixes a security issue (Dirty COW). + (* Security fix *) +a/kernel-huge-4.4.29-x86_64-1.txz: Upgraded. + Fixes a security issue (Dirty COW). + (* Security fix *) +a/kernel-modules-4.4.29-x86_64-1.txz: Upgraded. +ap/mariadb-10.0.28-x86_64-1.txz: Upgraded. + This update fixes several security issues. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5616 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5624 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5626 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3492 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5629 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8283 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7440 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5584 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6663 + (* Security fix *) +d/gdb-7.12-x86_64-1.txz: Upgraded. +d/guile-2.0.13-x86_64-1.txz: Upgraded. +d/kernel-headers-4.4.29-x86-1.txz: Upgraded. +k/kernel-source-4.4.29-noarch-1.txz: Upgraded. + This kernel fixes a security issue known as "Dirty COW". A race + condition was found in the way the Linux kernel's memory subsystem + handled the copy-on-write (COW) breakage of private read-only + memory mappings. An unprivileged local user could use this flaw to + gain write access to otherwise read-only memory mappings and thus + increase their privileges on the system. + For more information, see: + https://dirtycow.ninja/ + https://www.kb.cert.org/vuls/id/243144 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5195 + (* Security fix *) +l/libcdio-0.94-x86_64-1.txz: Upgraded. +n/nmap-7.30-x86_64-1.txz: Upgraded. +n/php-5.6.27-x86_64-1.txz: Upgraded. + This release fixes bugs and security issues. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html + https://php.net/ChangeLog-5.php#5.6.27 (* Security fix *) -xap/mozilla-thunderbird-24.5.0-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. +x/libX11-1.6.4-x86_64-1.txz: Upgraded. + Insufficient validation of data from the X server can cause out of boundary + memory read in XGetImage() or write in XListFonts(). + Affected versions libX11 <= 1.6.3. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7942 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7943 (* Security fix *) -+--------------------------+ -Tue Apr 22 17:31:48 UTC 2014 -a/bash-4.3.011-x86_64-1.txz: Upgraded. -a/gawk-4.1.1-x86_64-1.txz: Upgraded. -a/grep-2.18-x86_64-1.txz: Upgraded. -ap/vim-7.4.258-x86_64-1.txz: Upgraded. -n/openssh-6.6p1-x86_64-2.txz: Rebuilt. - Fixed a bug with curve25519-sha256 that caused a key exchange failure in - about 1 in 512 connection attempts. -xap/vim-gvim-7.4.258-x86_64-1.txz: Upgraded. -+--------------------------+ -Mon Apr 21 20:09:48 UTC 2014 -l/libyaml-0.1.6-x86_64-1.txz: Upgraded. - This update fixes a heap overflow in URI escape parsing of YAML in Ruby, - where a specially crafted string could cause a heap overflow leading to - arbitrary code execution. +x/libXfixes-5.0.3-x86_64-1.txz: Upgraded. + Insufficient validation of data from the X server can cause an integer + overflow on 32 bit architectures. + Affected versions : libXfixes <= 5.0.2. For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2525 - https://www.ruby-lang.org/en/news/2014/03/29/heap-overflow-in-yaml-uri-escape-parsing-cve-2014-2525/ + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7944 (* Security fix *) -n/php-5.4.27-x86_64-1.txz: Upgraded. - This update fixes a security issue in the in the awk script detector - which allows context-dependent attackers to cause a denial of service - (CPU consumption) via a crafted ASCII file that triggers a large amount - of backtracking. +x/libXi-1.7.8-x86_64-1.txz: Upgraded. + Insufficient validation of data from the X server can cause out of boundary + memory access or endless loops (Denial of Service). + Affected versions libXi <= 1.7.6. For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7945 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7946 (* Security fix *) -+--------------------------+ -Tue Apr 8 14:19:51 UTC 2014 -a/openssl-solibs-1.0.1g-x86_64-1.txz: Upgraded. -n/openssl-1.0.1g-x86_64-1.txz: Upgraded. - This update fixes two security issues: - A missing bounds check in the handling of the TLS heartbeat extension - can be used to reveal up to 64k of memory to a connected client or server. - Thanks for Neel Mehta of Google Security for discovering this bug and to - Adam Langley and Bodo Moeller for - preparing the fix. - Fix for the attack described in the paper "Recovering OpenSSL - ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" - by Yuval Yarom and Naomi Benger. Details can be obtained from: - http://eprint.iacr.org/2014/140 - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 - (* Security fix *) -+--------------------------+ -Mon Mar 31 20:30:28 UTC 2014 -l/apr-1.5.0-x86_64-1.txz: Upgraded. -l/apr-util-1.5.3-x86_64-1.txz: Upgraded. -n/httpd-2.4.9-x86_64-2.txz: Rebuilt. - Recompiled against new apr/apr-util to restore missing mod_mpm_event.so. -+--------------------------+ -Fri Mar 28 03:43:11 UTC 2014 -l/mozilla-nss-3.16-x86_64-1.txz: Upgraded. - This update fixes a security issue: - The cert_TestHostName function in lib/certdb/certdb.c in the - certificate-checking implementation in Mozilla Network Security Services - (NSS) before 3.16 accepts a wildcard character that is embedded in an - internationalized domain name's U-label, which might allow man-in-the-middle - attackers to spoof SSL servers via a crafted certificate. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1492 - (* Security fix *) -l/seamonkey-solibs-2.25-x86_64-1.txz: Upgraded. -n/curl-7.36.0-x86_64-1.txz: Upgraded. - This update fixes four security issues. - For more information, see: - http://curl.haxx.se/docs/adv_20140326A.html - http://curl.haxx.se/docs/adv_20140326B.html - http://curl.haxx.se/docs/adv_20140326C.html - http://curl.haxx.se/docs/adv_20140326D.html - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1263 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2522 - (* Security fix *) -n/httpd-2.4.9-x86_64-1.txz: Upgraded. - This update addresses two security issues. - Segfaults with truncated cookie logging. mod_log_config: Prevent segfaults - when logging truncated cookies. Clean up the cookie logging parser to - recognize only the cookie=value pairs, not valueless cookies. - mod_dav: Keep track of length of cdata properly when removing leading - spaces. Eliminates a potential denial of service from specifically crafted - DAV WRITE requests. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438 - (* Security fix *) -n/openssh-6.6p1-x86_64-1.txz: Upgraded. - This update fixes a security issue when using environment passing with - a sshd_config(5) AcceptEnv pattern with a wildcard. OpenSSH could be - tricked into accepting any environment variable that contains the - characters before the wildcard character. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532 - (* Security fix *) -n/tin-2.2.0-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-28.0-x86_64-1.txz: Upgraded. - This release contains security fixes and improvements. +x/libXrandr-1.5.1-x86_64-1.txz: Upgraded. + Insufficient validation of data from the X server can cause out of boundary + memory writes. + Affected versions: libXrandr <= 1.5.0. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7947 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7948 (* Security fix *) -xap/mozilla-thunderbird-24.4.0-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. +x/libXrender-0.9.10-x86_64-1.txz: Upgraded. + Insufficient validation of data from the X server can cause out of boundary + memory writes. + Affected version: libXrender <= 0.9.9. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7949 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7950 (* Security fix *) -xap/seamonkey-2.25-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. +x/libXtst-1.2.3-x86_64-1.txz: Upgraded. + Insufficient validation of data from the X server can cause out of boundary + memory access or endless loops (Denial of Service). + Affected version libXtst <= 1.2.2. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7951 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7952 (* Security fix *) -+--------------------------+ -Sun Mar 16 02:52:28 UTC 2014 -n/php-5.4.26-x86_64-1.txz: Upgraded. - This update fixes a flaw where a specially crafted data file may cause a - segfault or 100% CPU consumption when a web page uses fileinfo() on it. +x/libXv-1.0.11-x86_64-1.txz: Upgraded. + Insufficient validation of data from the X server can cause out of boundary + memory and memory corruption. + Affected version libXv <= 1.0.10. For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5407 (* Security fix *) -+--------------------------+ -Fri Mar 14 00:44:48 UTC 2014 -n/samba-4.1.6-x86_64-1.txz: Upgraded. - This update fixes two security issues: - CVE-2013-4496: - Samba versions 3.4.0 and above allow the administrator to implement - locking out Samba accounts after a number of bad password attempts. - However, all released versions of Samba did not implement this check for - password changes, such as are available over multiple SAMR and RAP - interfaces, allowing password guessing attacks. - CVE-2013-6442: - Samba versions 4.0.0 and above have a flaw in the smbcacls command. If - smbcacls is used with the "-C|--chown name" or "-G|--chgrp name" - command options it will remove the existing ACL on the object being - modified, leaving the file or directory unprotected. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4496 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6442 - (* Security fix *) -+--------------------------+ -Thu Mar 13 03:32:38 UTC 2014 -n/mutt-1.5.23-x86_64-1.txz: Upgraded. - This update fixes a buffer overflow where malformed RFC2047 header - lines could result in denial of service or potentially the execution - of arbitrary code as the user running mutt. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467 - (* Security fix *) -+--------------------------+ -Tue Mar 11 07:06:18 UTC 2014 -a/udisks-1.0.5-x86_64-1.txz: Upgraded. - This update fixes a stack-based buffer overflow when handling long path - names. A malicious, local user could use this flaw to create a - specially-crafted directory structure that could lead to arbitrary code - execution with the privileges of the udisks daemon (root). - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0004 - (* Security fix *) -a/udisks2-2.1.3-x86_64-1.txz: Upgraded. - This update fixes a stack-based buffer overflow when handling long path - names. A malicious, local user could use this flaw to create a - specially-crafted directory structure that could lead to arbitrary code - execution with the privileges of the udisks daemon (root). - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0004 - (* Security fix *) -+--------------------------+ -Thu Mar 6 04:14:23 UTC 2014 -ap/sudo-1.8.9p5-x86_64-1.txz: Upgraded. -+--------------------------+ -Mon Mar 3 23:32:18 UTC 2014 -n/gnutls-3.1.22-x86_64-1.txz: Upgraded. - Fixed a security issue where a specially crafted certificate could - bypass certificate validation checks. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0092 - (* Security fix *) -+--------------------------+ -Thu Feb 27 20:43:28 UTC 2014 -d/subversion-1.7.16-x86_64-1.txz: Upgraded. - Fix denial of service bugs. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4505 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4558 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0032 - (* Security fix *) -+--------------------------+ -Thu Feb 20 00:30:49 UTC 2014 -a/kernel-firmware-20140215git-noarch-1.txz: Upgraded. -a/kernel-generic-3.10.30-x86_64-1.txz: Upgraded. - These are new kernels that fix CVE-2014-0038, a bug that can allow local - users to gain a root shell. - Be sure to reinstall LILO (run "lilo" as root) after upgrading the kernel - packages, or on UEFI systems, copy the appropriate kernel to - /boot/efi/EFI/Slackware/vmlinuz). - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0038 - (* Security fix *) -a/kernel-huge-3.10.30-x86_64-1.txz: Upgraded. - These are new kernels that fix CVE-2014-0038, a bug that can allow local - users to gain a root shell. - Be sure to reinstall LILO (run "lilo" as root) after upgrading the kernel - packages, or on UEFI systems, copy the appropriate kernel to - /boot/efi/EFI/Slackware/vmlinuz). - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0038 - (* Security fix *) -a/kernel-modules-3.10.30-x86_64-1.txz: Upgraded. -a/shadow-4.1.5.1-x86_64-3.txz: Rebuilt. - Shadow 4.1.5 addressed a tty-hijacking vulnerability in "su -c" - (CVE-2005-4890) by detaching the controlling terminal in the non-PAM - case via a TIOCNOTTY request. Bi-directional protection is excessive - and breaks a commonly-used methods for privilege escalation on non-PAM - systems (e.g. xterm -e /bin/su -s /bin/bash -c /bin/bash myscript). - This update relaxes the restriction and only detaches the controlling - tty when the callee is not root (which is, after all, the threat vector). - Thanks to mancha for the patch (and the above information). -ap/mariadb-5.5.35-x86_64-1.txz: Upgraded. - This update fixes a buffer overflow in the mysql command line client which - may allow malicious or compromised database servers to cause a denial of - service (crash) and possibly execute arbitrary code via a long server - version string. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001 - (* Security fix *) -d/kernel-headers-3.10.30-x86-1.txz: Upgraded. -k/kernel-source-3.10.30-noarch-1.txz: Upgraded. - These are new kernels that fix CVE-2014-0038, a bug that can allow local - users to gain a root shell. - Be sure to reinstall LILO (run "lilo" as root) after upgrading the kernel - packages, or on UEFI systems, copy the appropriate kernel to - /boot/efi/EFI/Slackware/vmlinuz). +x/libXvMC-1.0.10-x86_64-1.txz: Upgraded. + Insufficient validation of data from the X server can cause a one byte buffer + read underrun. + Affected version: libXvMC <= 1.0.9. For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0038 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7953 (* Security fix *) -n/gnutls-3.1.21-x86_64-1.txz: Upgraded. - This update fixes a flaw where a version 1 intermediate certificate would be - considered as a CA certificate by GnuTLS by default. +xap/mozilla-firefox-49.0.2-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1959 + http://www.mozilla.org/security/known-vulnerabilities/firefox.html (* Security fix *) -xap/mozilla-firefox-27.0.1-x86_64-1.txz: Upgraded. +xap/xscreensaver-5.36-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Thu Feb 13 23:45:53 UTC 2014 -n/curl-7.35.0-x86_64-1.txz: Upgraded. - This update fixes a flaw where libcurl could, in some circumstances, reuse - the wrong connection when asked to do an NTLM-authenticated HTTP or HTTPS - request. - For more information, see: - http://curl.haxx.se/docs/adv_20140129.html - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015 - (* Security fix *) -n/ntp-4.2.6p5-x86_64-5.txz: Rebuilt. - All stable versions of NTP remain vulnerable to a remote attack where the - "ntpdc -c monlist" command can be used to amplify network traffic as part - of a denial of service attack. By default, Slackware is not vulnerable - since it includes "noquery" as a default restriction. However, it is - vulnerable if this restriction is removed. To help mitigate this flaw, - "disable monitor" has been added to the default ntp.conf (which will disable - the monlist command even if other queries are allowed), and the default - restrictions have been extended to IPv6 as well. - All users of the NTP daemon should make sure that their ntp.conf contains - "disable monitor" to prevent misuse of the NTP service. The new ntp.conf - file will be installed as /etc/ntp.conf.new with a package upgrade, but the - changes will need to be merged into any existing ntp.conf file by the admin. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5211 - http://www.kb.cert.org/vuls/id/348126 - (* Security fix *) -+--------------------------+ -Sat Feb 8 18:41:15 UTC 2014 -l/seamonkey-solibs-2.24-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-27.0-x86_64-1.txz: Upgraded. +Sat Oct 1 17:11:13 UTC 2016 +a/kernel-firmware-20161001git-noarch-1.txz: Upgraded. +a/kernel-generic-4.4.23-x86_64-1.txz: Upgraded. +a/kernel-huge-4.4.23-x86_64-1.txz: Upgraded. +a/kernel-modules-4.4.23-x86_64-1.txz: Upgraded. +a/lvm2-2.02.166-x86_64-1.txz: Upgraded. +d/kernel-headers-4.4.23-x86-1.txz: Upgraded. +k/kernel-source-4.4.23-noarch-1.txz: Upgraded. +n/mutt-1.7.0-x86_64-1.txz: Upgraded. +xap/mozilla-thunderbird-45.4.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html - (* Security fix *) -xap/mozilla-thunderbird-24.3.0-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html (* Security fix *) -xap/seamonkey-2.24-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html - (* Security fix *) +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Mon Feb 3 20:58:32 UTC 2014 -xap/pidgin-2.10.9-x86_64-1.txz: Upgraded. - This update fixes various security issues and other bugs. +Wed Sep 28 23:24:37 UTC 2016 +a/glibc-zoneinfo-2016g-noarch-1.txz: Upgraded. + This package provides the latest timezone updates. +l/mpfr-3.1.5-x86_64-1.txz: Upgraded. ++--------------------------+ +Tue Sep 27 19:16:56 UTC 2016 +ap/hplip-3.16.9-x86_64-1.txz: Upgraded. + Reenabled parallel port support. Thanks to Jas for the bug report. +n/bind-9.10.4_P3-x86_64-1.txz: Upgraded. + This update fixes a denial-of-service vulnerability. Testing by ISC has + uncovered a critical error condition which can occur when a nameserver is + constructing a response. A defect in the rendering of messages into + packets can cause named to exit with an assertion failure in buffer.c while + constructing a response to a query that meets certain criteria. + For more information, see: + https://kb.isc.org/article/AA-01419/0 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776 + (* Security fix *) +xap/gnuchess-6.2.3-x86_64-1.txz: Upgraded. + Upgraded to gnuchess-6.2.3 and xboard-4.9.1. ++--------------------------+ +Mon Sep 26 18:14:08 UTC 2016 +a/openssl-solibs-1.0.2j-x86_64-1.txz: Upgraded. +a/pkgtools-14.2-noarch-13.txz: Rebuilt. + removepkg: Fixed removing filenames containing "%". + Thanks to SeB for the bug report, and to Jim Hawkins for the patch. +n/openssl-1.0.2j-x86_64-1.txz: Upgraded. + This update fixes a security issue: + Missing CRL sanity check (CVE-2016-7052) For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6152 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6477 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6478 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6479 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6481 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6482 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6483 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6484 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6485 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6486 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6487 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6489 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6490 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0020 + https://www.openssl.org/news/secadv/20160926.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7052 (* Security fix *) +--------------------------+ -Thu Jan 30 21:30:11 UTC 2014 -n/openssh-6.5p1-x86_64-1.txz: Upgraded. +Sun Sep 25 02:32:25 UTC 2016 +a/kernel-firmware-20160924git-noarch-1.txz: Upgraded. +a/kernel-generic-4.4.22-x86_64-1.txz: Upgraded. +a/kernel-huge-4.4.22-x86_64-1.txz: Upgraded. +a/kernel-modules-4.4.22-x86_64-1.txz: Upgraded. +d/kernel-headers-4.4.22-x86-1.txz: Upgraded. +k/kernel-source-4.4.22-noarch-1.txz: Upgraded. +n/sshfs-2.8-x86_64-1.txz: Added. + Thanks to Heinz Wiesinger. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Tue Jan 28 21:07:13 UTC 2014 -l/mozilla-nss-3.15.4-x86_64-1.txz: Upgraded. - Upgraded to nss-3.15.4 and nspr-4.10.3. - Fixes a possible man-in-the-middle issue. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1740 - (* Security fix *) -n/bind-9.9.4_P2-x86_64-1.txz: Upgraded. - This update fixes a defect in the handling of NSEC3-signed zones that can - cause BIND to be crashed by a specific set of queries. - NOTE: According to the second link below, Slackware is probably not - vulnerable since we aren't using glibc-2.18 yet. Might as well fix it - anyway, though. +Fri Sep 23 23:30:53 UTC 2016 +n/php-5.6.26-x86_64-1.txz: Upgraded. + This release fixes bugs and security issues. For more information, see: - https://kb.isc.org/article/AA-01078 - https://kb.isc.org/article/AA-01085 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591 - (* Security fix *) -+--------------------------+ -Tue Jan 14 03:54:48 UTC 2014 -a/openssl-solibs-1.0.1f-x86_64-1.txz: Upgraded. -d/llvm-3.4-x86_64-1.txz: Upgraded. -n/openssl-1.0.1f-x86_64-1.txz: Upgraded. - This update fixes the following security issues: - Fix for TLS record tampering bug CVE-2013-4353 - Fix for TLS version checking bug CVE-2013-6449 - Fix for DTLS retransmission bug CVE-2013-6450 - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4353 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6449 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450 - (* Security fix *) -n/php-5.4.24-x86_64-1.txz: Upgraded. - The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before - 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly - parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, - which allows remote attackers to execute arbitrary code or cause a denial - of service (memory corruption) via a crafted certificate that is not - properly handled by the openssl_x509_parse function. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420 - (* Security fix *) -n/samba-4.1.4-x86_64-1.txz: Upgraded. - This update fixes a heap-based buffer overflow that may allow AD domain - controllers to execute arbitrary code via an invalid fragment length in - a DCE-RPC packet. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408 - (* Security fix *) -x/libXfont-1.4.7-x86_64-1.txz: Upgraded. - This update fixes a stack overflow when reading a BDF font file containing - a longer than expected string, which could lead to crashes or privilege - escalation. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6462 - (* Security fix *) -+--------------------------+ -Fri Dec 20 22:46:09 UTC 2013 -n/gnupg-1.4.16-x86_64-1.txz: Upgraded. - Fixed the RSA Key Extraction via Low-Bandwidth Acoustic - Cryptanalysis attack as described by Genkin, Shamir, and Tromer. - For more information, see: - http://www.cs.tau.ac.il/~tromer/acoustic/ - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4576 - (* Security fix *) -+--------------------------+ -Mon Dec 16 20:51:01 UTC 2013 -d/llvm-3.3-x86_64-3.txz: Rebuilt. - The LLVM package included binaries with an rpath pointing to the build - location in /tmp. This allows an attacker with write access to /tmp to - add modified libraries (and execute arbitrary code) as any user running - the LLVM binaries. This updated package rebuilds LLVM to exclude the - build directories from the rpath information. - Thanks to Christopher Oliver for the bug report. - (* Security fix *) -d/ruby-1.9.3_p484-x86_64-1.txz: Upgraded. - This update fixes a heap overflow in floating point parsing. A specially - crafted string could cause a heap overflow leading to a denial of service - attack via segmentation faults and possibly arbitrary code execution. - For more information, see: - https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164/ - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4164 - (* Security fix *) -l/cairo-1.12.16-x86_64-1.txz: Upgraded. - Removed --enable-xcb-shm (may cause instability with GTK+3). - Removed --enable-xlib-xcb (causes GIMP slowdown). - Added --enable-ft and --enable-gl. - If there are no problems reported with this update, perhaps it should be - issued as a 14.1 bugfix? -l/libiodbc-3.52.8-x86_64-1.txz: Upgraded. - This update fixes an rpath pointing to a location in /tmp that was found in - two test programs (iodbctest and iodbctestw). This could have allowed a - local attacker with write access to /tmp to add modified libraries (and - execute arbitrary code) as any user running the test programs. - Thanks to Christopher Oliver for the bug report. - (* Security fix *) -l/libjpeg-v8a-x86_64-2.txz: Rebuilt. - Fix use of uninitialized memory when decoding images with missing SOS data - for the luminance component (Y) in presence of valid chroma data (Cr, Cb). - This could allow remote attackers to obtain sensitive information from - uninitialized memory locations via a crafted JPEG image. - For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629 - (* Security fix *) -l/seamonkey-solibs-2.23-x86_64-1.txz: Upgraded. -xap/mozilla-firefox-26.0-x86_64-1.txz: Upgraded. + https://php.net/ChangeLog-5.php#5.6.26 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418 + (* Security fix *) ++--------------------------+ +Thu Sep 22 18:38:07 UTC 2016 +a/openssl-solibs-1.0.2i-x86_64-1.txz: Upgraded. +n/openssl-1.0.2i-x86_64-1.txz: Upgraded. + This update fixes denial-of-service and other security issues. + For more information, see: + https://www.openssl.org/news/secadv/20160922.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6305 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6307 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6308 + (* Security fix *) ++--------------------------+ +Wed Sep 21 21:10:52 UTC 2016 +n/irssi-0.8.20-x86_64-1.txz: Upgraded. + This update fixes two remote crash and heap corruption vulnerabilites + in Irssi's format parsing code. Impact: Remote crash and heap + corruption. Remote code execution seems difficult since only Nuls are + written. Bugs discovered by, and patches provided by Gabriel Campana + and Adrien Guinet from Quarkslab. + For more information, see: + https://irssi.org/security/irssi_sa_2016.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7044 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7045 + (* Security fix *) ++--------------------------+ +Wed Sep 21 15:54:06 UTC 2016 +a/mkinitrd-1.4.8-x86_64-9.txz: Rebuilt. + When generating the initrd, include dmsetup whenever LUKS is requested. + Thanks to TracyTiger for the bug report and Eric Hameleers for the patch. +e/emacs-25.1-x86_64-1.txz: Upgraded. +l/qt-4.8.7-x86_64-5.txz: Rebuilt. + In the .prl files, make sure to use -L/usr/X11R6/lib64 on 64-bit to avoid + ld warnings when using qmake on a multilib system. + Thanks to Jonathan Woithe for the bug report and fix. +n/network-scripts-14.2-noarch-4.txz: Rebuilt. + rc.inet1.new: Use return (not continue) to leave the if_up() function. + Thanks to Tim Thomas for the bug report. +xap/mozilla-firefox-49.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox.html (* Security fix *) -xap/mozilla-thunderbird-24.2.0-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html - (* Security fix *) -xap/seamonkey-2.23-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. +xap/pidgin-2.11.0-x86_64-1.txz: Upgraded. + This release fixes bugs and security issues. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html - (* Security fix *) -+--------------------------+ -Thu Dec 5 22:20:36 UTC 2013 -kde/calligra-2.7.5-x86_64-1.txz: Upgraded. -kdei/calligra-l10n-bs-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ca-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ca\@valencia-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-cs-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-da-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-de-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-el-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-es-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-et-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-fi-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-fr-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-gl-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-hu-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ia-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-it-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-kk-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-nb-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-nds-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-nl-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pl-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pt-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-pt_BR-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-ru-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-sk-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-sl-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-sv-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-tr-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-uk-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-zh_CN-2.7.5-noarch-1.txz: Upgraded. -kdei/calligra-l10n-zh_TW-2.7.5-noarch-1.txz: Upgraded. -l/mozilla-nss-3.15.3-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. + https://www.pidgin.im/news/security/ + (* Security fix *) ++--------------------------+ +Thu Sep 15 22:54:52 UTC 2016 +a/bash-4.4.0-x86_64-1.txz: Upgraded. +a/btrfs-progs-v4.7.2-x86_64-1.txz: Upgraded. +a/e2fsprogs-1.43.3-x86_64-1.txz: Upgraded. +a/pkgtools-14.2-noarch-12.txz: Rebuilt. + removepkg: Fixed removing packages with >= 3 hyphens in the package name + when using just the package name rather than the full name including + version, arch, and build. + Thanks to coralfang for the bug report, Jim Hawkins and Stuart Winter for + the patch, and SeB for testing and feedback. + removepkg: Handle filenames that contain backslashes. + Thanks to aaazen for the bug report and patch. +ap/vim-8.0.0005-x86_64-1.txz: Upgraded. +n/curl-7.50.3-x86_64-1.txz: Upgraded. + Fixed heap overflows in four libcurl functions: curl_escape(), + curl_easy_escape(), curl_unescape() and curl_easy_unescape(). + For more information, see: + https://curl.haxx.se/docs/adv_20160914.html + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7167 + (* Security fix *) +xap/vim-gvim-8.0.0005-x86_64-1.txz: Upgraded. ++--------------------------+ +Tue Sep 13 18:13:32 UTC 2016 +ap/mariadb-10.0.27-x86_64-1.txz: Upgraded. + This update fixes a critical vulnerability which can allow local and + remote attackers to inject malicious settings into MySQL configuration + files (my.cnf). A successful exploitation could allow attackers to + execute arbitrary code with root privileges which would then allow them + to fully compromise the server. + This issue was discovered and reported by Dawid Golunski. + For more information, see: + http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html + https://jira.mariadb.org/browse/MDEV-10465 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6662 + (* Security fix *) +ap/vim-8.0.0003-x86_64-1.txz: Upgraded. +xap/vim-gvim-8.0.0003-x86_64-1.txz: Upgraded. ++--------------------------+ +Mon Sep 12 18:39:03 UTC 2016 +ap/texinfo-6.3-x86_64-1.txz: Upgraded. +d/guile-2.0.12-x86_64-2.txz: Rebuilt. + Match timestamps across all $ARCH on *.go and *.scm files, otherwise + on multilib systems the compiled (go) files may be detected as older + than the source (scm) files, causing guile to attempt to recompile + itself with every use. +l/sdl-1.2.15-x86_64-5.txz: Rebuilt. + Fixed a regression that broke MOD support. Thanks to B Watson. +x/libXfont-1.5.2-x86_64-1.txz: Upgraded. +x/mesa-12.0.2-x86_64-1.txz: Upgraded. ++--------------------------+ +Sat Sep 10 18:04:42 UTC 2016 +l/gtk+2-2.24.31-x86_64-1.txz: Upgraded. + This update fixes a security issue: Integer overflow in the + gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c allows remote + attackers to cause a denial of service (crash) via a large image file, + which triggers a large memory allocation. + For more information, see: + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7447 + (* Security fix *) +n/gnutls-3.4.15-x86_64-1.txz: Upgraded. + libgnutls: Corrected the comparison of the serial size in OCSP response. + Previously the OCSP certificate check wouldn't verify the serial length + and could succeed in cases it shouldn't (GNUTLS-SA-2016-3). + Reported by Stefan Buehler. + For more information, see: + https://www.gnutls.org/security.html + (* Security fix *) ++--------------------------+ +Thu Sep 8 21:35:02 UTC 2016 +a/kernel-generic-4.4.20-x86_64-1.txz: Upgraded. +a/kernel-huge-4.4.20-x86_64-1.txz: Upgraded. +a/kernel-modules-4.4.20-x86_64-1.txz: Upgraded. +a/kmod-23-x86_64-2.txz: Rebuilt. +a/util-linux-2.28.2-x86_64-1.txz: Upgraded. +ap/hplip-3.16.8-x86_64-1.txz: Upgraded. +ap/nano-2.7.0-x86_64-1.txz: Upgraded. +ap/pamixer-1.3.1-x86_64-2.txz: Rebuilt. +ap/rpm-4.12.0.1-x86_64-2.txz: Rebuilt. +ap/vim-7.4.2342-x86_64-1.txz: Upgraded. +d/Cython-0.24.1-x86_64-1.txz: Upgraded. +d/gdb-7.11.1-x86_64-2.txz: Rebuilt. +d/kernel-headers-4.4.20-x86-1.txz: Upgraded. +d/mercurial-3.9.1-x86_64-1.txz: Upgraded. +d/python-2.7.12-x86_64-1.txz: Upgraded. + Compiled using --enable-unicode=ucs4. + The upstream default for Python Unicode is ucs2, but ucs4 is more widely + used and recommended now. Any Python scripts or binaries that use UCS-2 + will need to be recompiled. These can be identified with the following + grep command: grep -r -l PyUnicodeUCS2 /usr 2> /dev/null +k/kernel-source-4.4.20-noarch-1.txz: Upgraded. +kde/calligra-2.9.11-x86_64-6.txz: Rebuilt. +kde/kate-4.14.3-x86_64-3.txz: Rebuilt. +kde/kdev-python-1.7.2-x86_64-2.txz: Rebuilt. +kde/kig-4.14.3-x86_64-4.txz: Rebuilt. +kde/kross-interpreters-4.14.3-x86_64-3.txz: Rebuilt. +kde/pykde4-4.14.3-x86_64-4.txz: Rebuilt. +kde/superkaramba-4.14.3-x86_64-3.txz: Rebuilt. +l/PyQt-4.11.4-x86_64-2.txz: Rebuilt. +l/akonadi-1.13.0-x86_64-3.txz: Rebuilt. +l/boost-1.61.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/dbus-python-1.2.4-x86_64-2.txz: Rebuilt. +l/gdbm-1.12-x86_64-2.txz: Rebuilt. +l/glib2-2.46.2-x86_64-4.txz: Rebuilt. +l/gobject-introspection-1.46.0-x86_64-2.txz: Rebuilt. +l/libxml2-2.9.4-x86_64-3.txz: Rebuilt. +l/pilot-link-0.12.5-x86_64-11.txz: Rebuilt. +l/pycups-1.9.73-x86_64-2.txz: Rebuilt. +l/pycurl-7.43.0-x86_64-2.txz: Rebuilt. +l/pygobject-2.28.6-x86_64-3.txz: Rebuilt. +l/pygobject3-3.18.2-x86_64-2.txz: Rebuilt. +l/pygtk-2.24.0-x86_64-3.txz: Rebuilt. +l/python-pillow-3.0.0-x86_64-2.txz: Rebuilt. +l/sip-4.18.1-x86_64-1.txz: Upgraded. +n/php-5.6.25-x86_64-1.txz: Upgraded. + This release fixes bugs and security issues. For more information, see: - http://www.mozilla.org/security/announce/2013/mfsa2013-103.html - (* Security fix *) -l/seamonkey-solibs-2.22.1-x86_64-1.txz: Upgraded. -xap/gimp-2.8.10-x86_64-1.txz: Upgraded. -xap/mozilla-thunderbird-24.1.1-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. + http://php.net/ChangeLog-5.php#5.6.25 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7133 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7134 + (* Security fix *) +n/samba-4.5.0-x86_64-1.txz: Upgraded. +xap/blueman-2.0.4-x86_64-2.txz: Rebuilt. +xap/gimp-2.8.18-x86_64-2.txz: Rebuilt. +xap/vim-gvim-7.4.2342-x86_64-1.txz: Upgraded. +extra/brltty/brltty-5.4-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ +Wed Aug 31 20:43:10 UTC 2016 +l/gsl-2.2.1-x86_64-1.txz: Upgraded. +xap/mozilla-thunderbird-45.3.0-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html (* Security fix *) -xap/seamonkey-2.22.1-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. ++--------------------------+ +Tue Aug 30 22:10:31 UTC 2016 +testing/packages/gcc-6.2.0-x86_64-1.txz: Added. +testing/packages/gcc-g++-6.2.0-x86_64-1.txz: Added. +testing/packages/gcc-gfortran-6.2.0-x86_64-1.txz: Added. +testing/packages/gcc-gnat-6.2.0-x86_64-1.txz: Added. +testing/packages/gcc-go-6.2.0-x86_64-1.txz: Added. +testing/packages/gcc-java-6.2.0-x86_64-1.txz: Added. + Please note that if you install this package, gettext (specifically the + gettext-tools package) will need to be recompiled. +testing/packages/gcc-objc-6.2.0-x86_64-1.txz: Added. ++--------------------------+ +Mon Aug 29 22:51:27 UTC 2016 +a/gawk-4.1.4-x86_64-1.txz: Upgraded. +l/gsl-2.2-x86_64-1.txz: Upgraded. ++--------------------------+ +Wed Aug 24 19:37:40 UTC 2016 +xap/mozilla-firefox-48.0.2-x86_64-1.txz: Upgraded. ++--------------------------+ +Tue Aug 23 19:45:33 UTC 2016 +a/glibc-solibs-2.24-x86_64-2.txz: Rebuilt. +a/kernel-firmware-20160823git-noarch-1.txz: Upgraded. +a/kernel-generic-4.4.19-x86_64-1.txz: Upgraded. + A flaw was found in the implementation of the Linux kernels handling of + networking challenge ack where an attacker is able to determine the shared + counter. This may allow an attacker located on different subnet to inject + or take over a TCP connection between a server and client without having to + be a traditional Man In the Middle (MITM) style attack. + For more information, see: + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5389 + (* Security fix *) +a/kernel-huge-4.4.19-x86_64-1.txz: Upgraded. + A flaw was found in the implementation of the Linux kernels handling of + networking challenge ack where an attacker is able to determine the shared + counter. This may allow an attacker located on different subnet to inject + or take over a TCP connection between a server and client without having to + be a traditional Man In the Middle (MITM) style attack. + For more information, see: + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5389 + (* Security fix *) +a/kernel-modules-4.4.19-x86_64-1.txz: Upgraded. +ap/diffutils-3.5-x86_64-1.txz: Upgraded. +ap/linuxdoc-tools-0.9.72-x86_64-1.txz: Upgraded. + Thanks to Stuart Winter. +ap/screen-4.4.0-x86_64-2.txz: Rebuilt. + Reverted a change to /etc/screenrc.new that prevented the console from being + cleared when a screen session was detached. Thanks to Stuart Winter. +d/binutils-2.27-x86_64-2.txz: Rebuilt. + Recompiled with --disable-compressed-debug-sections, since other tools are + not yet capable of parsing that. + Thanks to Vincent Batts, Heinz Wiesinger, and Stuart Winter. +d/kernel-headers-4.4.19-x86-1.txz: Upgraded. +k/kernel-source-4.4.19-noarch-1.txz: Upgraded. + A flaw was found in the implementation of the Linux kernels handling of + networking challenge ack where an attacker is able to determine the shared + counter. This may allow an attacker located on different subnet to inject + or take over a TCP connection between a server and client without having to + be a traditional Man In the Middle (MITM) style attack. + For more information, see: + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5389 + (* Security fix *) +l/glib2-2.46.2-x86_64-3.txz: Rebuilt. + Applied upstream patch to fix a use-before-allocate bug in libgio. Without + this fix, Thunar will crash if $HOME is on an NFS volume. + Thanks to Jonathan Woithe. +l/glibc-2.24-x86_64-2.txz: Rebuilt. + If libm.so is a linker script, don't clobber it with a symlink. + Thanks to guanx. +l/glibc-i18n-2.24-x86_64-2.txz: Rebuilt. +l/glibc-profile-2.24-x86_64-2.txz: Rebuilt. +n/gnupg-1.4.21-x86_64-1.txz: Upgraded. + Fix critical security bug in the RNG [CVE-2016-6313]. An attacker who + obtains 580 bytes from the standard RNG can trivially predict the next + 20 bytes of output. (This is according to the NEWS file included in the + source. According to the annoucement linked below, an attacker who obtains + 4640 bits from the RNG can trivially predict the next 160 bits of output.) + Problem detected by Felix Doerre and Vladimir Klebanov, KIT. + For more information, see: + https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313 + (* Security fix *) +n/libgcrypt-1.7.3-x86_64-1.txz: Upgraded. + Fix critical security bug in the RNG [CVE-2016-6313]. An attacker who + obtains 580 bytes from the standard RNG can trivially predict the next + 20 bytes of output. (This is according to the NEWS file included in the + source. According to the annoucement linked below, an attacker who obtains + 4640 bits from the RNG can trivially predict the next 160 bits of output.) + Problem detected by Felix Doerre and Vladimir Klebanov, KIT. + For more information, see: + https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313 + (* Security fix *) +n/network-scripts-14.2-noarch-3.txz: Rebuilt. + In rc.inet1, skip interfaces that are not configured in rc.inet1.conf + to speed up the boot time slightly. + Thanks to Amritpal Bath. +n/stunnel-5.35-x86_64-2.txz: Rebuilt. + Fixed incorrect config file name in generate-stunnel-key.sh. + Thanks to Ebben Aries. +xap/mozilla-firefox-48.0.1-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ +Thu Aug 11 18:24:29 UTC 2016 +a/glibc-solibs-2.24-x86_64-1.txz: Upgraded. +a/glibc-zoneinfo-2016f-noarch-1.txz: Upgraded. +a/kernel-generic-4.4.17-x86_64-1.txz: Upgraded. +a/kernel-huge-4.4.17-x86_64-1.txz: Upgraded. +a/kernel-modules-4.4.17-x86_64-1.txz: Upgraded. +ap/diffutils-3.4-x86_64-1.txz: Upgraded. +ap/vim-7.4.2196-x86_64-1.txz: Upgraded. +d/binutils-2.27-x86_64-1.txz: Upgraded. +d/gcc-5.4.0-x86_64-1.txz: Upgraded. +d/gcc-g++-5.4.0-x86_64-1.txz: Upgraded. +d/gcc-gfortran-5.4.0-x86_64-1.txz: Upgraded. +d/gcc-gnat-5.4.0-x86_64-1.txz: Upgraded. +d/gcc-go-5.4.0-x86_64-1.txz: Upgraded. +d/gcc-java-5.4.0-x86_64-1.txz: Upgraded. +d/gcc-objc-5.4.0-x86_64-1.txz: Upgraded. +d/kernel-headers-4.4.17-x86-1.txz: Upgraded. +d/llvm-3.8.1-x86_64-1.txz: Upgraded. +d/oprofile-1.1.0-x86_64-2.txz: Rebuilt. +k/kernel-source-4.4.17-noarch-1.txz: Upgraded. +l/glibc-2.24-x86_64-1.txz: Upgraded. +l/glibc-i18n-2.24-x86_64-1.txz: Upgraded. +l/glibc-profile-2.24-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-48.0-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html + http://www.mozilla.org/security/known-vulnerabilities/firefox.html (* Security fix *) +xap/vim-gvim-7.4.2196-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ +Sat Aug 6 19:29:16 UTC 2016 +n/curl-7.50.1-x86_64-1.txz: Upgraded. + This release fixes security issues: + TLS: switch off SSL session id when client cert is used + TLS: only reuse connections with the same client cert + curl_multi_cleanup: clear connection pointer for easy handles + For more information, see: + https://curl.haxx.se/docs/adv_20160803A.html + https://curl.haxx.se/docs/adv_20160803B.html + https://curl.haxx.se/docs/adv_20160803C.html + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421 + (* Security fix *) +n/mutt-1.6.2-x86_64-1.txz: Upgraded. +n/openssh-7.3p1-x86_64-1.txz: Upgraded. + This is primarily a bugfix release, and also addresses security issues. + sshd(8): Mitigate a potential denial-of-service attack against the system's + crypt(3) function via sshd(8). + sshd(8): Mitigate timing differences in password authentication that could + be used to discern valid from invalid account names when long passwords were + sent and particular password hashing algorithms are in use on the server. + ssh(1), sshd(8): Fix observable timing weakness in the CBC padding oracle + countermeasures. + ssh(1), sshd(8): Improve operation ordering of MAC verification for + Encrypt-then-MAC (EtM) mode transport MAC algorithms to verify the MAC + before decrypting any ciphertext. + sshd(8): (portable only) Ignore PAM environment vars when UseLogin=yes. + For more information, see: + http://www.openssh.com/txt/release-7.3 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6210 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8325 + (* Security fix *) +n/stunnel-5.35-x86_64-1.txz: Upgraded. + Fixes security issues: + Fixed malfunctioning "verify = 4". + Fixed incorrectly enforced client certificate requests. + (* Security fix *) ++--------------------------+ +Thu Jul 28 19:44:25 UTC 2016 +a/kernel-generic-4.4.16-x86_64-1.txz: Upgraded. +a/kernel-huge-4.4.16-x86_64-1.txz: Upgraded. +a/kernel-modules-4.4.16-x86_64-1.txz: Upgraded. +d/kernel-headers-4.4.16-x86-1.txz: Upgraded. +k/kernel-source-4.4.16-noarch-1.txz: Upgraded. +l/libidn-1.33-x86_64-1.txz: Upgraded. + Fixed out-of-bounds read bugs. Fixed crashes on invalid UTF-8. + Thanks to Hanno Böck. + For more information, see: + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8948 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6261 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6262 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6263 + (* Security fix *) +l/libtasn1-4.9-x86_64-1.txz: Upgraded. +n/bluez-5.41-x86_64-1.txz: Upgraded. +extra/tigervnc/tigervnc-1.6.0-x86_64-4.txz: Rebuilt. + Recompiled for xorg-server-1.18.4. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. +--------------------------+ -Mon Nov 18 20:52:16 UTC 2013 -l/seamonkey-solibs-2.22-x86_64-1.txz: Upgraded. -n/openssh-6.4p1-x86_64-1.txz: Upgraded. - sshd(8): fix a memory corruption problem triggered during rekeying - when an AES-GCM cipher is selected. +Mon Jul 25 19:59:06 UTC 2016 +a/pkgtools-14.2-noarch-11.txz: Rebuilt. + Changes to pkgtool: + Remove option to install from floppy disks. + Don't use the --file option, which appears to be broken in the latest version + of dialog. The only reason --file was ever used in the first place was to + work around the Linux ARG_MAX limit of 131072 bytes, and since Linux 2.6.23 a + much larger limit is in place making it unlikely to become an issue again. + So we'll go back to passing the package list on the command line. + Thanks to David Miller for the bug report. ++--------------------------+ +Fri Jul 22 20:51:23 UTC 2016 +a/dialog-1.3_20160424-x86_64-1.txz: Upgraded. +a/kmod-23-x86_64-1.txz: Upgraded. +a/lvm2-2.02.161-x86_64-1.txz: Upgraded. +d/git-2.9.2-x86_64-1.txz: Upgraded. +l/desktop-file-utils-0.23-x86_64-1.txz: Upgraded. +l/freetype-2.6.5-x86_64-1.txz: Upgraded. +l/harfbuzz-1.3.0-x86_64-1.txz: Upgraded. +n/bind-9.10.4_P2-x86_64-1.txz: Upgraded. + Fixed a security issue: + getrrsetbyname with a non absolute name could trigger an infinite + recursion bug in lwresd and named with lwres configured if when + combined with a search list entry the resulting name is too long. + (CVE-2016-2775) [RT #42694] + For more information, see: + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2775 + (* Security fix *) +n/httpd-2.4.23-x86_64-1.txz: Upgraded. +n/lftp-4.7.3-x86_64-1.txz: Upgraded. +n/links-2.13-x86_64-1.txz: Upgraded. +x/xf86-video-openchrome-0.5.0-x86_64-1.txz: Upgraded. +x/xkeyboard-config-2.18-noarch-1.txz: Upgraded. +x/xorg-server-1.18.4-x86_64-1.txz: Upgraded. +x/xorg-server-xephyr-1.18.4-x86_64-1.txz: Upgraded. +x/xorg-server-xnest-1.18.4-x86_64-1.txz: Upgraded. +x/xorg-server-xvfb-1.18.4-x86_64-1.txz: Upgraded. ++--------------------------+ +Thu Jul 21 23:25:54 UTC 2016 +ap/tmux-2.2-x86_64-2.txz: Upgraded. + Moved from /testing. +d/guile-2.0.12-x86_64-1.txz: Upgraded. +l/freetype-2.6.4-x86_64-1.txz: Upgraded. +n/libgcrypt-1.7.2-x86_64-1.txz: Upgraded. +n/network-scripts-14.2-noarch-2.txz: Rebuilt. + In rc.inet1.new, use -L option to dhcpcd to disable Zeroconf. This is + (almost) never going to be wanted, and ends up used accidentally on slower + systems (such as some ARM platforms), preventing a proper DHCP lease. + Thanks to Stuart Winter. +n/php-5.6.24-x86_64-1.txz: Upgraded. + This release fixes bugs and security issues. For more information, see: - http://www.openssh.com/txt/gcmrekey.adv - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4548 - (* Security fix *) -n/php-5.4.22-x86_64-1.txz: Upgraded. - This is a bugfix release. -n/samba-4.1.1-x86_64-1.txz: Upgraded. - This update fixes two security issues: - * Samba versions 3.2.0 and above do not check the underlying file or - directory ACL when opening an alternate data stream. - * In setups which provide ldap(s) and/or https services, the private key - for SSL/TLS encryption might be world readable. This typically happens - in active directory domain controller setups. + http://php.net/ChangeLog-5.php#5.6.24 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5385 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6207 + (* Security fix *) +xap/gimp-2.8.18-x86_64-1.txz: Upgraded. + This release fixes a security issue: + Use-after-free vulnerability in the xcf_load_image function in + app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of + service (program crash) or possibly execute arbitrary code via a crafted + XCF file. + For more information, see: + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4994 + (* Security fix *) ++--------------------------+ +Tue Jul 12 03:48:34 UTC 2016 +a/etc-14.2-x86_64-8.txz: Rebuilt. + In /etc/profile.d/lang.{csh,sh}.new, make en_US.UTF-8 the default locale. +a/kernel-generic-4.4.15-x86_64-1.txz: Upgraded. +a/kernel-huge-4.4.15-x86_64-1.txz: Upgraded. +a/kernel-modules-4.4.15-x86_64-1.txz: Upgraded. +a/lilo-24.2-x86_64-3.txz: Rebuilt. + In liloconfig: Skip the menu asking if the user wants a UTF-8 virtual + console, and use the kernel default (currently this is UTF-8 active). +d/kernel-headers-4.4.15-x86-1.txz: Upgraded. +k/kernel-source-4.4.15-noarch-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ +Sat Jul 9 18:35:56 UTC 2016 +x/mesa-12.0.1-x86_64-1.txz: Upgraded. ++--------------------------+ +Fri Jul 8 23:17:22 UTC 2016 +x/mesa-12.0.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Thu Jul 7 19:52:36 UTC 2016 +n/samba-4.4.5-x86_64-1.txz: Upgraded. + This release fixes a security issue: + Client side SMB2/3 required signing can be downgraded. + It's possible for an attacker to downgrade the required signing for an + SMB2/3 client connection, by injecting the SMB2_SESSION_FLAG_IS_GUEST or + SMB2_SESSION_FLAG_IS_NULL flags. This means that the attacker can + impersonate a server being connected to by Samba, and return malicious + results. For more information, see: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4476 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119 (* Security fix *) - Added tdb.h, tdb.pc, and a libtdb.so symlink. Thanks to Matteo Bernardini. -xap/mozilla-firefox-25.0.1-x86_64-1.txz: Upgraded. ++--------------------------+ +Tue Jul 5 04:52:45 UTC 2016 +xap/mozilla-thunderbird-45.2.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/firefox.html - (* Security fix *) -xap/seamonkey-2.22-x86_64-1.txz: Upgraded. - This update contains security fixes and improvements. - For more information, see: - http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html + http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html (* Security fix *) +--------------------------+ -Mon Nov 4 17:08:47 UTC 2013 -Slackware 14.1 x86_64 stable is released! +Sun Jul 3 19:29:33 UTC 2016 +a/file-5.28-x86_64-1.txz: Upgraded. +a/util-linux-2.28-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-47.0.1-x86_64-1.txz: Upgraded. ++--------------------------+ +Thu Jun 30 20:26:57 UTC 2016 +Slackware 14.2 x86_64 stable is released! -It's been another interesting release cycle here at Slackware bringing -new features like support for UEFI machines, updated compilers and -development tools, the switch from MySQL to MariaDB, and many more -improvements throughout the system. Thanks to the team, the upstream -developers, the dedicated Slackware community, and everyone else who -pitched in to help make this release a reality. +The long development cycle (the Linux community has lately been living in +"interesting times", as they say) is finally behind us, and we're proud to +announce the release of Slackware 14.2. The new release brings many updates +and modern tools, has switched from udev to eudev (no systemd), and adds +well over a hundred new packages to the system. Thanks to the team, the +upstream developers, the dedicated Slackware community, and everyone else +who pitched in to help make this release a reality. The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a dual-sided 32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware -- cgit v1.2.3-79-gdb01