| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/e2fsprogs-1.45.2-x86_64-1.txz: Upgraded.
d/Cython-0.29.9-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_47-x86_64-1.txz: Upgraded.
n/iptables-1.8.3-x86_64-1.txz: Upgraded.
n/libnftnl-1.1.3-x86_64-1.txz: Upgraded.
n/php-7.2.19-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Uninitialized read in gdImageCreateFromXbm
Out-of-bounds read in iconv.c:_php_iconv_mime_decode due to integer overflow
heap-buffer-overflow on php_jpg_get16
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11039
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11040
(* Security fix *)
x/xterm-346-x86_64-1.txz: Upgraded.
xap/gnuplot-5.2.7-x86_64-1.txz: Upgraded.
xap/network-manager-applet-1.8.22-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
a/openssl-solibs-1.1.1c-x86_64-1.txz: Upgraded.
l/libevent-2.1.10-x86_64-1.txz: Upgraded.
n/gnupg2-2.2.16-x86_64-1.txz: Upgraded.
n/gnutls-3.6.8-x86_64-1.txz: Upgraded.
n/openssl-1.1.1c-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Prevent over long nonces in ChaCha20-Poly1305.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1543
(* Security fix *)
|
| |
|
|
|
|
| |
l/babl-0.1.64-x86_64-1.txz: Upgraded.
l/harfbuzz-2.5.0-x86_64-1.txz: Upgraded.
n/mutt-1.12.0-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/gettext-0.20.1-x86_64-1.txz: Upgraded.
a/kernel-generic-4.19.46-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.46-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.46-x86_64-1.txz: Upgraded.
d/gcc-9.1.0-x86_64-6.txz: Rebuilt.
Patched to fix a format string error in the es locale that led to an
assertion failure when compiling the Linux kernel.
Thanks to USUARIONUEVO.
d/gcc-brig-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-g++-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-gdc-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-gfortran-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-gnat-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-go-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-objc-9.1.0-x86_64-6.txz: Rebuilt.
d/gettext-tools-0.20.1-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.46-x86-1.txz: Upgraded.
d/rust-1.35.0-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.46-noarch-1.txz: Upgraded.
l/python-urllib3-1.25.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/aaa_terminfo-6.1_20190518-x86_64-1.txz: Upgraded.
ap/qpdf-8.4.2-x86_64-1.txz: Upgraded.
l/libidn2-2.2.0-x86_64-1.txz: Upgraded.
l/ncurses-6.1_20190518-x86_64-1.txz: Upgraded.
n/p11-kit-0.23.16.1-x86_64-1.txz: Upgraded.
xap/rdesktop-1.8.6-x86_64-1.txz: Upgraded.
This is a small bug fix release for rdesktop 1.8.5. An issue was discovered
soon after release where it was impossible to connect to some servers. This
issue has now been fixed, but otherwise this release is identical to 1.8.5.
xfce/Thunar-1.8.6-x86_64-1.txz: Upgraded.
xfce/thunar-volman-0.9.2-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-generic-4.19.45-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.45-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.45-x86_64-1.txz: Upgraded.
ap/texinfo-6.6-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.30.0.
ap/vim-8.1.1365-x86_64-1.txz: Upgraded.
Compiled against perl-5.30.0.
d/bison-3.4.1-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.45-x86-1.txz: Upgraded.
d/parallel-20190522-noarch-1.txz: Upgraded.
d/perl-5.30.0-x86_64-1.txz: Upgraded.
Module upgraded: Net-SSLeay-1.88
d/strace-5.1-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.45-noarch-1.txz: Upgraded.
kde/perlkde-4.14.3-x86_64-8.txz: Rebuilt.
Recompiled against perl-5.30.0.
kde/perlqt-4.14.3-x86_64-9.txz: Rebuilt.
Recompiled against perl-5.30.0.
l/glib2-2.60.3-x86_64-1.txz: Upgraded.
n/curl-7.65.0-x86_64-1.txz: Upgraded.
This release fixes the following security issues:
Integer overflows in curl_url_set
tftp: use the current blksize for recvfrom()
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5435
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436
(* Security fix *)
n/epic5-2.1.1-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.30.0.
n/irssi-1.2.0-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.30.0.
n/net-snmp-5.8-x86_64-5.txz: Rebuilt.
Recompiled against perl-5.30.0.
n/ntp-4.2.8p13-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.30.0.
n/samba-4.10.4-x86_64-1.txz: Upgraded.
x/mesa-19.0.5-x86_64-1.txz: Upgraded.
xap/hexchat-2.14.2-x86_64-4.txz: Rebuilt.
Recompiled against perl-5.30.0.
xap/rxvt-unicode-9.22-x86_64-7.txz: Rebuilt.
Recompiled against perl-5.30.0.
xap/vim-gvim-8.1.1365-x86_64-1.txz: Upgraded.
Compiled against perl-5.30.0.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
xap/mozilla-firefox-60.7.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements. Some of the patched
flaws are considered critical, and could be used to run attacker code and
install software, requiring no user interaction beyond normal browsing.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9815
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9816
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9817
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9818
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9819
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9820
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11691
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11692
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11693
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-7317
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9797
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2018-18511
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11694
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11698
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-5798
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9800
(* Security fix *)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
a/btrfs-progs-5.1-x86_64-1.txz: Upgraded.
a/dbus-1.12.14-x86_64-1.txz: Upgraded.
a/eudev-3.2.8-x86_64-1.txz: Upgraded.
d/bison-3.4-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_46-x86_64-1.txz: Upgraded.
l/pulseaudio-12.2-x86_64-2.txz: Rebuilt.
Patched to build against alsa-lib-1.1.9. Thanks to nobodino.
n/ethtool-5.1-x86_64-1.txz: Upgraded.
xfce/tumbler-0.2.4-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
| |
a/file-5.37-x86_64-1.txz: Upgraded.
l/python-requests-2.22.0-x86_64-1.txz: Upgraded.
n/iputils-20190515-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-60.7.0-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/60.7.0/releasenotes/
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-generic-4.19.44-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.44-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.44-x86_64-1.txz: Upgraded.
ap/cups-filters-1.23.0-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.44-x86-1.txz: Upgraded.
k/kernel-source-4.19.44-noarch-1.txz: Upgraded.
l/libsoup-2.66.2-x86_64-1.txz: Upgraded.
n/bind-9.14.2-x86_64-1.txz: Upgraded.
n/stunnel-5.54-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-firmware-20190514_711d329-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.43-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.43-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.43-x86_64-1.txz: Upgraded.
ap/hplip-3.19.5-x86_64-1.txz: Upgraded.
ap/mariadb-10.3.15-x86_64-1.txz: Upgraded.
This update fixes denial-of-service security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2614
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2627
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2628
(* Security fix *)
d/cmake-3.14.4-x86_64-1.txz: Upgraded.
d/gcc-9.1.0-x86_64-5.txz: Rebuilt.
Rebuilt with --enable-clocale=gnu. This is recommended by Linux From
Scratch, and while it doesn't seem to fix the issue with kernel compiles
failing with some locales, it probably doesn't hurt.
d/gcc-brig-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-g++-9.1.0-x86_64-5.txz: Rebuilt.
Applied patch: PR libstdc++/90397 fix std::variant friend declaration
This fixes problems compiling programs that use std::variant with clang.
Thanks to orbea.
d/gcc-gdc-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-gfortran-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-gnat-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-go-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-objc-9.1.0-x86_64-5.txz: Rebuilt.
d/kernel-headers-4.19.43-x86-1.txz: Upgraded.
d/rust-1.34.2-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.43-noarch-1.txz: Upgraded.
l/librsvg-2.44.14-x86_64-1.txz: Upgraded.
n/samba-4.10.3-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defect:
The checksum validation in the S4U2Self handler in the embedded Heimdal KDC
did not first confirm that the checksum was keyed, allowing replacement of
the requested target (client) principal.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16860
(* Security fix *)
x/xterm-345-x86_64-1.txz: Upgraded.
xap/rdesktop-1.8.5-x86_64-1.txz: Upgraded.
This update fixes security issues:
Add bounds checking to protocol handling in order to fix many
security problems when communicating with a malicious server.
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/aaa_elflibs-15.0-x86_64-8.txz: Rebuilt.
Upgraded: libcap.so.2.27, libglib-2.0.so.0.6000.2,
libgmodule-2.0.so.0.6000.2, libgobject-2.0.so.0.6000.2,
libgthread-2.0.so.0.6000.2, libpng16.so.16.37.0, libstdc++.so.6.0.26.
a/e2fsprogs-1.45.1-x86_64-1.txz: Upgraded.
ap/alsa-utils-1.1.9-x86_64-1.txz: Upgraded.
ap/man-pages-5.01-noarch-1.txz: Upgraded.
d/gdb-8.3-x86_64-1.txz: Upgraded.
l/Mako-1.0.10-x86_64-1.txz: Upgraded.
l/alsa-lib-1.1.9-x86_64-1.txz: Upgraded.
l/alsa-plugins-1.1.9-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_45-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.44-x86_64-1.txz: Upgraded.
l/utf8proc-2.4.0-x86_64-1.txz: Upgraded.
n/iproute2-5.1.0-x86_64-1.txz: Upgraded.
n/nfs-utils-2.3.4-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/alsa-lib-1.1.9-x86_64-1_alsa.txz: Upgraded.
extra/pure-alsa-system/alsa-plugins-1.1.9-x86_64-1_alsa.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-generic-4.19.42-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.42-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.42-x86_64-1.txz: Upgraded.
a/tcsh-6.21.00-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.42-x86-1.txz: Upgraded.
k/kernel-source-4.19.42-noarch-1.txz: Upgraded.
x/libglvnd-1.1.1-x86_64-1.txz: Added.
This is the GL Vendor-Neutral Dispatch library, which allows multiple
drivers from different vendors to coexist on the same machine. When
libglvnd is present, the NVIDIA driver will not overwrite any system
files. Note that this is known to work when installing the NVIDIA driver
using the .run installer. Other methods may require adjustment.
This library is now a dependency of Mesa.
Thanks to Heinz Wiesinger.
x/libinput-1.13.2-x86_64-1.txz: Upgraded.
x/mesa-19.0.4-x86_64-1.txz: Upgraded.
Compiled with --enable-libglvnd.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/hwdata-0.323-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.41-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.41-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.41-x86_64-1.txz: Upgraded.
a/usbutils-012-x86_64-1.txz: Upgraded.
ap/lsof-4.93.2-x86_64-1.txz: Upgraded.
d/gcc-9.1.0-x86_64-4.txz: Rebuilt.
d/gcc-brig-9.1.0-x86_64-4.txz: Rebuilt.
d/gcc-g++-9.1.0-x86_64-4.txz: Rebuilt.
d/gcc-gdc-9.1.0-x86_64-4.txz: Rebuilt.
d/gcc-gfortran-9.1.0-x86_64-4.txz: Rebuilt.
d/gcc-gnat-9.1.0-x86_64-4.txz: Rebuilt.
d/gcc-go-9.1.0-x86_64-4.txz: Rebuilt.
d/gcc-objc-9.1.0-x86_64-4.txz: Rebuilt.
Add support for Objective-C++. Thanks to USUARIONUEVO.
d/kernel-headers-4.19.41-x86-1.txz: Upgraded.
d/python-pip-19.1.1-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.41-noarch-1.txz: Upgraded.
l/gegl-0.4.16-x86_64-1.txz: Upgraded.
l/vte-0.56.3-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-60.6.3esr-x86_64-1.txz: Upgraded.
This update provides further improvements to re-enable web extensions which
had been disabled for users with a master password set (Bug 1549249).
For more information, see:
https://www.mozilla.org/en-US/firefox/60.6.3/releasenotes/
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/xfsprogs-5.0.0-x86_64-1.txz: Upgraded.
d/gcc-9.1.0-x86_64-3.txz: Rebuilt.
Patched to fix an internal compiler error (PR90303).
Thanks to orbea.
d/gcc-brig-9.1.0-x86_64-3.txz: Rebuilt.
d/gcc-g++-9.1.0-x86_64-3.txz: Rebuilt.
d/gcc-gdc-9.1.0-x86_64-3.txz: Rebuilt.
d/gcc-gfortran-9.1.0-x86_64-3.txz: Rebuilt.
d/gcc-gnat-9.1.0-x86_64-3.txz: Rebuilt.
d/gcc-go-9.1.0-x86_64-3.txz: Rebuilt.
d/gcc-objc-9.1.0-x86_64-3.txz: Rebuilt.
n/postfix-3.4.5-x86_64-2.txz: Rebuilt.
Added some additional tools. Thanks to Markus Wiesner.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-generic-4.19.40-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.40-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.40-x86_64-1.txz: Upgraded.
ap/ksh93-20190505_4cb3a115-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.40-x86-1.txz: Upgraded.
k/kernel-source-4.19.40-noarch-1.txz: Upgraded.
l/libgsf-1.14.46-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-60.6.2esr-x86_64-1.txz: Upgraded.
This update addresses the issue of add-ons failing to load.
For more information, see:
https://www.mozilla.org/en-US/firefox/60.6.2/releasenotes/
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-generic-4.19.39-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.39-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.39-x86_64-1.txz: Upgraded.
d/gcc-9.1.0-x86_64-2.txz: Rebuilt.
d/gcc-brig-9.1.0-x86_64-2.txz: Rebuilt.
d/gcc-g++-9.1.0-x86_64-2.txz: Rebuilt.
d/gcc-gdc-9.1.0-x86_64-2.txz: Added.
This package contains the newly added D language support. The other GCC
packages were rebuilt without any functional changes.
d/gcc-gfortran-9.1.0-x86_64-2.txz: Rebuilt.
d/gcc-gnat-9.1.0-x86_64-2.txz: Rebuilt.
d/gcc-go-9.1.0-x86_64-2.txz: Rebuilt.
d/gcc-objc-9.1.0-x86_64-2.txz: Rebuilt.
d/kernel-headers-4.19.39-x86-1.txz: Upgraded.
k/kernel-source-4.19.39-noarch-1.txz: Upgraded.
l/imagemagick-6.9.10_44-x86_64-1.txz: Upgraded.
l/v4l-utils-1.16.6-x86_64-1.txz: Upgraded.
n/dhcpcd-7.2.2-x86_64-1.txz: Upgraded.
x/vulkan-sdk-1.1.106.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
d/gcc-9.1.0-x86_64-1.txz: Upgraded.
d/gcc-brig-9.1.0-x86_64-1.txz: Upgraded.
d/gcc-g++-9.1.0-x86_64-1.txz: Upgraded.
d/gcc-gfortran-9.1.0-x86_64-1.txz: Upgraded.
d/gcc-gnat-9.1.0-x86_64-1.txz: Upgraded.
d/gcc-go-9.1.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/gcc-objc-9.1.0-x86_64-1.txz: Upgraded.
d/libtool-2.4.6-x86_64-11.txz: Rebuilt.
Recompiled to update embedded GCC version number.
d/llvm-8.0.0-x86_64-2.txz: Rebuilt.
Recompiled with -DLLVM_INSTALL_UTILS=ON. Thanks to Lockywolf.
d/swig-4.0.0-x86_64-1.txz: Upgraded.
l/glib2-2.60.2-x86_64-1.txz: Upgraded.
l/qt-4.8.7-x86_64-13.txz: Rebuilt.
Patched to fix FTBFS with gcc9 (also fixes FTBFS with qtscriptgenerator and
possibly other projects that use qt4).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-firmware-20190502_92e17d0-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.38-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.38-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.38-x86_64-1.txz: Upgraded.
d/ccache-3.7.1-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.38-x86-1.txz: Upgraded.
d/mercurial-5.0-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.38-noarch-1.txz: Upgraded.
l/glib-networking-2.60.2-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_43-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ap/tmux-2.9a-x86_64-1.txz: Upgraded.
n/dovecot-2.3.6-x86_64-1.txz: Upgraded.
This update fixes two security issues:
Submission-login crashed with signal 11 due to null pointer access when
authentication was aborted by disconnecting.
Submission-login crashed when authentication was started over TLS secured
channel and invalid authentication message was sent.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11494
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11499
(* Security fix *)
n/php-7.2.18-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue
Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036
(* Security fix *)
xfce/exo-0.12.5-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
ap/vim-8.1.1239-x86_64-1.txz: Upgraded.
l/python-urllib3-1.25.2-x86_64-1.txz: Upgraded.
xap/easytag-2.4.3-x86_64-2.txz: Rebuilt.
Upgraded (again) to easytag-2.4.3.
Reverted the upstream commit that was corrupting ogg and opus files.
In a new configuration, don't add freedb.musicbrainz.org as an automatic
CDDB server. Musicbrainz shut down this service permanently on March 18
and easytag breaks/hangs if it attempts to contact it. If your account
has already run easytag previously, you should go to Edit -> Preferences ->
CDDB and blank out the hostname field containing "freedb.musicbrainz.org".
xap/vim-gvim-8.1.1239-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
| |
ap/qpdf-8.4.1-x86_64-1.txz: Upgraded.
l/M2Crypto-0.33.0-x86_64-1.txz: Upgraded.
l/python-requests-2.21.0-x86_64-4.txz: Rebuilt.
Also patch __init__.py to allow a newer urllib3. Thanks to petslack.
x/xkeyboard-config-2.26-noarch-2.txz: Rebuilt.
Fixed broken pt keymap. Thanks to sairum.
extra/bash-completion/bash-completion-2.9-noarch-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-generic-4.19.37-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.37-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.37-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.37-x86-1.txz: Upgraded.
k/kernel-source-4.19.37-noarch-1.txz: Upgraded.
l/python-requests-2.21.0-x86_64-3.txz: Rebuilt.
Increase maximum allowed version of urllib3. Thanks to Lockywolf.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ap/tmux-2.9-x86_64-1.txz: Upgraded.
d/python-pip-19.1-x86_64-1.txz: Upgraded.
d/rust-1.34.1-x86_64-1.txz: Upgraded.
d/subversion-1.12.0-x86_64-1.txz: Upgraded.
n/bind-9.14.1-x86_64-1.txz: Upgraded.
This update fixes security issues:
The TCP client quota set using the tcp-clients option could be exceeded
in some cases. This could lead to exhaustion of file descriptors.
In certain configurations, named could crash with an assertion failure if
nxdomain-redirect was in use and a redirected query resulted in an NXDOMAIN
from the cache.
For more information, see:
https://kb.isc.org/docs/cve-2018-5743
https://kb.isc.org/docs/cve-2019-6467
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6467
(* Security fix *)
n/dhcpcd-7.2.1-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
| |
a/kernel-firmware-20190424_4b6cf2b-noarch-1.txz: Upgraded.
ap/nano-4.2-x86_64-1.txz: Upgraded.
d/ccache-3.7-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_42-x86_64-1.txz: Upgraded.
l/python-urllib3-1.25.1-x86_64-1.txz: Upgraded.
l/vte-0.56.2-x86_64-1.txz: Upgraded.
x/mesa-19.0.3-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
| |
d/cmake-3.14.3-x86_64-1.txz: Upgraded.
d/python-setuptools-41.0.1-x86_64-1.txz: Upgraded.
kde/libnm-qt-0.9.8.4-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
| |
a/aaa_terminfo-6.1_20190420-x86_64-1.txz: Upgraded.
l/ncurses-6.1_20190420-x86_64-1.txz: Upgraded.
n/wpa_supplicant-2.8-x86_64-1.txz: Upgraded.
xap/xpdf-4.00-x86_64-4.txz: Rebuilt.
Recompiled with -DSYSTEM_XPDFRC="/etc/xpdfrc". Thanks to J_W.
|
| |
|
|
|
|
| |
a/bash-5.0.007-x86_64-1.txz: Upgraded.
d/parallel-20190422-noarch-1.txz: Upgraded.
n/NetworkManager-1.18.1-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-generic-4.19.36-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.36-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.36-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.36-x86-1.txz: Upgraded.
k/kernel-source-4.19.36-noarch-1.txz: Upgraded.
l/imagemagick-6.9.10_41-x86_64-1.txz: Upgraded.
l/pycairo-1.18.1-x86_64-1.txz: Upgraded.
l/pygobject3-3.32.1-x86_64-1.txz: Upgraded.
l/v4l-utils-1.16.5-x86_64-2.txz: Rebuilt.
Reverted commit from upstream git that broke DVB. Thanks to Andrea Peluso.
x/libdrm-2.4.98-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
d/perl-5.28.2-x86_64-1.txz: Upgraded.
Modules upgraded:
DBD-mysql-4.050, IO-Socket-SSL-2.066, TermReadKey-2.38, URI-1.76.
l/gst-plugins-base-1.16.0-x86_64-1.txz: Upgraded.
l/gst-plugins-good-1.16.0-x86_64-1.txz: Upgraded.
l/gst-plugins-libav-1.16.0-x86_64-1.txz: Upgraded.
l/gstreamer-1.16.0-x86_64-1.txz: Upgraded.
l/python-urllib3-1.24.2-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/gst-plugins-good-1.16.0-x86_64-1_alsa.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ap/ksh93-20190416_7d7bba3e-x86_64-1.txz: Upgraded.
ap/sysstat-12.1.4-x86_64-1.txz: Upgraded.
l/gvfs-1.40.1-x86_64-2.txz: Rebuilt.
Recompiled against libcdio-2.1.0.
l/icu4c-64.2-x86_64-1.txz: Upgraded.
l/libcddb-1.3.2-x86_64-6.txz: Rebuilt.
Recompiled against libcdio-2.1.0.
l/libcdio-2.1.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libcdio-paranoia-10.2+2.0.0-x86_64-2.txz: Rebuilt.
Recompiled against libcdio-2.1.0.
l/zstd-1.4.0-x86_64-1.txz: Upgraded.
n/dhcpcd-7.2.0-x86_64-1.txz: Upgraded.
n/dovecot-2.3.5.2-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Trying to login with 8bit username containing invalid UTF8 input causes
auth process to crash if auth policy is enabled. This could be used rather
easily to cause a DoS. Similar crash also happens during mail delivery
when using invalid UTF8 in From or Subject header when OX push
notification driver is used.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10691
(* Security fix *)
n/nghttp2-1.38.0-x86_64-1.txz: Upgraded.
n/openssh-8.0p1-x86_64-1.txz: Upgraded.
This release contains a mitigation for a weakness in the scp(1) tool
and protocol (CVE-2019-6111): when copying files from a remote system
to a local directory, scp(1) did not verify that the filenames that
the server sent matched those requested by the client. This could
allow a hostile server to create or clobber unexpected local files
with attacker-controlled content.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111
(* Security fix *)
xap/MPlayer-20190418-x86_64-1.txz: Upgraded.
Compiled against libcdio-2.1.0.
xap/audacious-plugins-3.10.1-x86_64-2.txz: Rebuilt.
Recompiled against libcdio-2.1.0.
extra/pure-alsa-system/MPlayer-20190418-x86_64-1_alsa.txz: Upgraded.
Compiled against libcdio-2.1.0.
extra/pure-alsa-system/audacious-plugins-3.10.1-x86_64-2_alsa.txz: Rebuilt.
Recompiled against libcdio-2.1.0.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-generic-4.19.35-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.35-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.35-x86_64-1.txz: Upgraded.
ap/sqlite-3.28.0-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.35-x86-1.txz: Upgraded.
d/meson-0.50.1-x86_64-1.txz: Upgraded.
d/ruby-2.6.3-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.35-noarch-1.txz: Upgraded.
l/Mako-1.0.9-x86_64-1.txz: Upgraded.
l/libcap-2.27-x86_64-1.txz: Upgraded.
l/libpng-1.6.37-x86_64-1.txz: Upgraded.
This update fixes security issues:
Fixed a use-after-free vulnerability (CVE-2019-7317) in png_image_free.
Fixed a memory leak in the ARM NEON implementation of png_do_expand_palette.
Fixed a memory leak in pngtest.c.
Fixed two vulnerabilities (CVE-2018-14048, CVE-2018-14550) in
contrib/pngminus; refactor.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14048
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14550
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317
(* Security fix *)
l/libpsl-0.21.0-x86_64-1.txz: Upgraded.
l/pcre2-10.33-x86_64-1.txz: Upgraded.
l/pyparsing-2.4.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
| |
ap/nano-4.1-x86_64-1.txz: Upgraded.
l/giflib-5.1.9-x86_64-2.txz: Rebuilt.
Restore GifQuantizeBuffer and other deprecated functions to the shared
library. Thanks to Skaendo.
l/glib2-2.60.1-x86_64-1.txz: Upgraded.
l/orc-0.4.29-x86_64-1.txz: Upgraded.
|
| |
|
|
| |
d/Cython-0.29.7-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
| |
l/imagemagick-6.9.10_40-x86_64-1.txz: Upgraded.
l/opus-1.3.1-x86_64-1.txz: Upgraded.
n/libqmi-1.22.4-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/gawk-5.0.0-x86_64-1.txz: Upgraded.
ap/pamixer-1.4-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.70.0.
ap/vim-8.1.1157-x86_64-1.txz: Upgraded.
d/cmake-3.14.2-x86_64-1.txz: Upgraded.
e/emacs-26.2-x86_64-1.txz: Upgraded.
kde/calligra-2.9.11-x86_64-30.txz: Rebuilt.
Recompiled against boost-1.70.0.
l/akonadi-1.13.0-x86_64-12.txz: Rebuilt.
Recompiled against boost-1.70.0.
l/boost-1.70.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Note: Boost now provides its own BoostConfig.cmake config file, and it may
not work with all existing code (here, calligra stumbled over it). At this
point it's not clear if the included cmake config files are buggy, or if
affected projects need to change something in order to use them, but there's
an easy workaround to use cmake's FindBoost.cmake (as was used previously).
Add this to the call to cmake from any affected project (if cmake fails with
an error: "No suitable build variant has been found."):
-DBoost_NO_BOOST_CMAKE=ON
n/libmbim-1.18.2-x86_64-1.txz: Upgraded.
n/nfs-utils-2.3.3-x86_64-3.txz: Rebuilt.
rc.nfsd: don't try to create the nfsv4recoverydir - the build script will
determine the directory to use and include it in the package.
rc.nfsd: drop 2.4 kernel support, and use better code for mounting the nfsd
filesystem.
Thanks to shasta.
x/libwacom-0.33-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.1.1157-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
| |
d/rust-1.34.0-x86_64-1.txz: Upgraded.
l/gtk+3-3.24.8-x86_64-1.txz: Upgraded.
n/stunnel-5.53-x86_64-1.txz: Upgraded.
x/mesa-19.0.2-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
| |
a/kernel-firmware-20190409_260cb35-noarch-1.txz: Upgraded.
x/libva-utils-2.4.1-x86_64-1.txz: Upgraded.
x/pixman-0.38.4-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
a/util-linux-2.33.2-x86_64-1.txz: Upgraded.
d/vala-0.44.3-x86_64-1.txz: Upgraded.
l/apr-1.7.0-x86_64-1.txz: Upgraded.
l/at-spi2-core-2.32.1-x86_64-1.txz: Upgraded.
l/gvfs-1.40.1-x86_64-1.txz: Upgraded.
l/libbluray-1.1.1-x86_64-1.txz: Upgraded.
l/libsoup-2.66.1-x86_64-1.txz: Upgraded.
l/vte-0.56.1-x86_64-1.txz: Upgraded.
n/stunnel-5.52-x86_64-1.txz: Upgraded.
x/libinput-1.13.1-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/glibc-zoneinfo-2019a-noarch-1.txz: Upgraded.
a/grub-2.02-x86_64-5.txz: Rebuilt.
Support F2FS filesystem. Thanks to Nille_kungen.
ap/cups-filters-1.22.5-x86_64-1.txz: Upgraded.
ap/itstool-2.0.6-x86_64-1.txz: Upgraded.
d/python-setuptools-41.0.0-x86_64-1.txz: Upgraded.
l/gobject-introspection-1.60.1-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_39-x86_64-1.txz: Upgraded.
l/libcroco-0.6.13-x86_64-1.txz: Upgraded.
l/libnotify-0.7.8-x86_64-1.txz: Upgraded.
n/cifs-utils-6.9-x86_64-1.txz: Upgraded.
n/nfs-utils-2.3.3-x86_64-2.txz: Rebuilt.
Include recovery directory. Thanks to upnort.
n/samba-4.10.2-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defects:
World writable files in Samba AD DC private/ dir.
Save registry file outside share as unprivileged user.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3870
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3880
(* Security fix *)
x/libva-2.4.1-x86_64-1.txz: Upgraded.
x/pixman-0.38.2-x86_64-1.txz: Upgraded.
xap/gimp-2.10.10-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-generic-4.19.34-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.34-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.34-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.34-x86-1.txz: Upgraded.
k/kernel-source-4.19.34-noarch-1.txz: Upgraded.
SPEAKUP y -> m
SPEAKUP_SYNTH_ACNTPC y -> m
SPEAKUP_SYNTH_ACNTSA y -> m
SPEAKUP_SYNTH_APOLLO y -> m
SPEAKUP_SYNTH_AUDPTR y -> m
SPEAKUP_SYNTH_BNS y -> m
SPEAKUP_SYNTH_DECEXT y -> m
SPEAKUP_SYNTH_DECTLK y -> m
SPEAKUP_SYNTH_DTLK y -> m
SPEAKUP_SYNTH_DUMMY y -> m
SPEAKUP_SYNTH_KEYPC y -> m
SPEAKUP_SYNTH_LTLK y -> m
SPEAKUP_SYNTH_SOFT y -> m
SPEAKUP_SYNTH_SPKOUT y -> m
SPEAKUP_SYNTH_TXPRT y -> m
Thanks to Didier Spaier.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ap/vim-8.1.1119-x86_64-1.txz: Upgraded.
l/openjpeg-2.3.1-x86_64-1.txz: Upgraded.
Includes many bug fixes (including security fixes).
(* Security fix *)
n/links-2.19-x86_64-1.txz: Upgraded.
n/stunnel-5.51-x86_64-1.txz: Upgraded.
n/wget-1.20.3-x86_64-1.txz: Upgraded.
Fixed a buffer overflow vulnerability:
src/iri.c(do_conversion): Reallocate the output buffer to a larger
size if it is already full.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5953
(* Security fix *)
xap/vim-gvim-8.1.1119-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
| |
ap/ghostscript-9.27-x86_64-1.txz: Upgraded.
d/python-setuptools-40.9.0-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_37-x86_64-1.txz: Upgraded.
l/readline-8.0.000-x86_64-2.txz: Rebuilt.
Recompiled to link rlfe against the new libreadline. Thanks to Toutatis.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/aaa_elflibs-15.0-x86_64-7.txz: Rebuilt.
Added: libhistory.so.8.0, libreadline.so.8.0.
a/gawk-4.2.1-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
a/kernel-generic-4.19.33-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.33-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.33-x86_64-1.txz: Upgraded.
a/util-linux-2.33.1-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
ap/bc-1.07.1-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
ap/gphoto2-2.5.20-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
ap/gutenprint-5.3.1-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
ap/mariadb-10.3.14-x86_64-1.txz: Upgraded.
ap/xorriso-1.5.0-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
d/clisp-2.49_20181112_df3b9f6fd-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
d/gdb-8.2.1-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
d/guile-2.2.4-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
d/kernel-headers-4.19.33-x86-1.txz: Upgraded.
d/python-2.7.16-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
d/python3-3.7.3-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
d/ruby-2.6.2-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
k/kernel-source-4.19.33-noarch-1.txz: Upgraded.
kde/analitza-4.14.3-x86_64-5.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/fluidsynth-1.1.11-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/gdbm-1.18.1-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/hunspell-1.6.2-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/mozjs52-52.9.0esr-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/parted-3.2-x86_64-5.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/pcre2-10.32-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/pilot-link-0.12.5-x86_64-14.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/readline-8.0.000-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/NetworkManager-1.16.0-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/bluez-5.50-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/gnupg-1.4.23-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/gnupg2-2.2.15-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/gnutls-3.6.7.1-x86_64-1.txz: Upgraded.
n/lftp-4.8.4-x86_64-4.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/netkit-ftp-0.17-x86_64-5.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/nftables-0.9.0-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/php-7.2.17-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
rename() across the device may allow unwanted access during processing.
(* Security fix *)
n/samba-4.10.1-x86_64-1.txz: Upgraded.
Compiled against readline-8.0.000.
n/tftp-hpa-5.2-x86_64-5.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/wpa_supplicant-2.7-x86_64-4.txz: Rebuilt.
Recompiled against readline-8.0.000.
xap/fvwm-2.6.8-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
xap/gftp-2.0.19-x86_64-8.txz: Rebuilt.
Recompiled against readline-8.0.000.
xap/gnuchess-6.2.5-x86_64-4.txz: Rebuilt.
xap/xine-ui-0.99.10-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
extra/pure-alsa-system/fluidsynth-1.1.11-x86_64-2_alsa.txz: Rebuilt.
Recompiled against readline-8.0.000.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/hwdata-0.322-noarch-1.txz: Upgraded.
a/kernel-firmware-20190402_67b7579-noarch-1.txz: Upgraded.
a/shadow-4.6-x86_64-2.txz: Rebuilt.
adduser: reprompt on invalid user input. Thanks to ttk.
ap/ghostscript-9.26-x86_64-2.txz: Rebuilt.
Fixes security issues:
A specially crafted PostScript file could have access to the file system
outside of the constrains imposed by -dSAFER.
Transient procedures can allow access to system operators, leading to
remote code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3835
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3838
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6116
(* Security fix *)
d/vala-0.44.2-x86_64-1.txz: Upgraded.
l/glib-networking-2.60.1-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_36-x86_64-1.txz: Upgraded.
l/python-pillow-6.0.0-x86_64-1.txz: Upgraded.
n/wget-1.20.2-x86_64-1.txz: Upgraded.
Fixed an unspecified buffer overflow vulnerability.
(* Security fix *)
|
| |
|
|
|
|
|
|
|
|
|
| |
a/quota-4.05-x86_64-1.txz: Upgraded.
d/cmake-3.14.1-x86_64-1.txz: Upgraded.
d/patchelf-0.10-x86_64-1.txz: Upgraded.
l/harfbuzz-2.4.0-x86_64-1.txz: Upgraded.
l/utf8proc-2.3.0-x86_64-1.txz: Upgraded.
n/httpd-2.4.39-x86_64-1.txz: Upgraded.
n/iputils-20190324-x86_64-1.txz: Upgraded.
n/postfix-3.4.5-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/aaa_elflibs-15.0-x86_64-6.txz: Rebuilt.
Upgraded: libelf-0.176.so, libpcre.so.1.2.11, libglib-2.0.so.0.6000.0,
libgmodule-2.0.so.0.6000.0, libgobject-2.0.so.0.6000.0,
libgthread-2.0.so.0.6000.0, libtdb.so.1.4.0.
Temporarily added: libicudata.so.63.1, libicui18n.so.63.1, libicuio.so.63.1,
libicutest.so.63.1, libicutu.so.63.1, libicuuc.so.63.1.
a/xfsprogs-4.20.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-64.1.
ap/sqlite-3.27.2-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-64.1.
kde/calligra-2.9.11-x86_64-29.txz: Rebuilt.
Recompiled against icu4c-64.1.
kde/kdepimlibs-4.14.10-x86_64-7.txz: Rebuilt.
Recompiled to pull in new gpgme++ header files.
l/boost-1.69.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-64.1.
l/ffmpeg-3.4.6-x86_64-1.txz: Upgraded.
l/giflib-5.1.9-x86_64-1.txz: Upgraded.
l/harfbuzz-2.3.1-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-64.1.
l/icu4c-64.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libical-3.0.4-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-64.1.
l/libvisio-0.1.6-x86_64-6.txz: Rebuilt.
Recompiled against icu4c-64.1.
l/qt-4.8.7-x86_64-12.txz: Rebuilt.
Recompiled against icu4c-64.1.
l/raptor2-2.0.15-x86_64-7.txz: Rebuilt.
Recompiled against icu4c-64.1.
l/v4l-utils-1.16.5-x86_64-1.txz: Upgraded.
n/dovecot-2.3.5.1-x86_64-1.txz: Upgraded.
Missing input buffer size validation leads into arbitrary buffer overflow
when reading fts or pop3 uidl header from Dovecot index. Exploiting this
requires direct write access to the index files.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7524
(* Security fix *)
Compiled against icu4c-64.1.
n/gpgme-1.13.0-x86_64-1.txz: Upgraded.
n/php-7.2.16-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-64.1.
n/postfix-3.4.4-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-64.1.
n/tin-2.4.3-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-64.1.
n/whois-5.4.2-x86_64-1.txz: Upgraded.
t/texlive-2018.180822-x86_64-5.txz: Rebuilt.
Recompiled against icu4c-64.1.
x/libinput-1.13.0-x86_64-1.txz: Upgraded.
x/mesa-19.0.1-x86_64-1.txz: Upgraded.
x/vulkan-sdk-1.1.101.0-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/ffmpeg-3.4.6-x86_64-1_alsa.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-generic-4.19.32-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.32-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.32-x86_64-1.txz: Upgraded.
ap/hplip-3.19.3-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.32-x86-1.txz: Upgraded.
d/python3-3.7.3-x86_64-1.txz: Upgraded.
Fixed bugs and the following security issues:
bpo-36216: Changes urlsplit() to raise ValueError when the URL contains
characters that decompose under IDNA encoding (NFKC-normalization) into
characters that affect how the URL is parsed.
bpo-35746: [CVE-2019-5010] Fix a NULL pointer deref in ssl module. The
cert parser did not handle CRL distribution points with empty DP or URI
correctly. A malicious or buggy certificate can result into segfault.
Vulnerability (TALOS-2018-0758) reported by Colin Read and Nicolas Edet
of Cisco.
bpo-35121: Don't send cookies of domain A without Domain attribute to
domain B when domain A is a suffix match of domain B while using a
cookiejar with http.cookiejar.DefaultCookiePolicy policy.
Patch by Karthikeyan Singaravelan.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5010
(* Security fix *)
d/scons-3.0.5-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.32-noarch-1.txz: Upgraded.
n/curl-7.64.1-x86_64-1.txz: Upgraded.
n/gnutls-3.6.7-x86_64-1.txz: Upgraded.
Fixes security issues:
libgnutls, gnutls tools: Every gnutls_free() will automatically set
the free'd pointer to NULL. This prevents possible use-after-free and
double free issues. Use-after-free will be turned into NULL dereference.
The counter-measure does not extend to applications using gnutls_free().
libgnutls: Fixed a memory corruption (double free) vulnerability in the
certificate verification API. Reported by Tavis Ormandy; addressed with
the change above. [GNUTLS-SA-2019-03-27, #694]
libgnutls: Fixed an invalid pointer access via malformed TLS1.3 async
messages; Found using tlsfuzzer. [GNUTLS-SA-2019-03-27, #704]
libgnutls: enforce key usage limitations on certificates more actively.
Previously we would enforce it for TLS1.2 protocol, now we enforce it
even when TLS1.3 is negotiated, or on client certificates as well. When
an inappropriate for TLS1.3 certificate is seen on the credentials
structure GnuTLS will disable TLS1.3 support for that session (#690).
libgnutls: enforce the equality of the two signature parameters fields
in a certificate. We were already enforcing the signature algorithm,
but there was a bug in parameter checking code.
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
| |
ap/cups-filters-1.22.3-x86_64-1.txz: Upgraded.
ap/lsscsi-0.30-x86_64-1.txz: Upgraded.
ap/soma-3.2.3-noarch-1.txz: Upgraded.
ap/vim-8.1.1053-x86_64-1.txz: Upgraded.
l/libssh2-1.8.2-x86_64-1.txz: Upgraded.
n/gnupg2-2.2.15-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.1.1053-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ap/nano-4.0-x86_64-1.txz: Upgraded.
l/Mako-1.0.8-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_35-x86_64-1.txz: Upgraded.
l/libedit-20190324_3.1-x86_64-1.txz: Upgraded.
l/shared-mime-info-1.12-x86_64-1.txz: Upgraded.
x/xcompmgr-1.1.8-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-60.6.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/60.6.1/releasenotes/
https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
|
Patrick J Volkerding