| Commit message (Expand) | Author | Age | Files | Lines |
* | Wed Mar 8 20:26:54 UTC 2023...Hey folks, just some more updates on the road to an eventual beta. :-)
At this point nothing remains linked with openssl-1.1.1 except for python2 and
modules, and vsftpd. I think nobody cares about trying to force python2 to use
openssl3... it's EOL but still a zombie, unfortunately. I have seen some
patches for vsftpd and intend to take a look at them. We've bumped PHP to 8.2
and just gone ahead and killed 8.0 and 8.1. Like 7.4, 8.0 is not compatible
with openssl3 and it doesn't seem worthwhile to try to patch it. And with 8.2
already out for several revisions, 8.1 does not seem particularly valuable.
If you make use of PHP you should be used to it being a moving target by now.
Enjoy, and let me know if anything isn't working right. Cheers!
a/aaa_libraries-15.1-x86_64-19.txz: Rebuilt.
Recompiled against openssl-3.0.8: libcups.so.2, libcurl.so.4.8.0,
libldap.so.2.0.200, libssh2.so.1.0.1.
a/cryptsetup-2.6.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
a/kmod-30-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
a/openssl-solibs-3.0.8-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
a/openssl11-solibs-1.1.1t-x86_64-1.txz: Added.
ap/cups-2.4.2-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/hplip-3.20.5-x86_64-7.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/lxc-4.0.12-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/mariadb-10.6.12-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/qpdf-11.3.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/sudo-1.9.13p3-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/cargo-vendor-filterer-0.5.7-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/cvs-1.11.23-x86_64-9.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/git-2.39.2-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/perl-5.36.0-x86_64-5.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/python3-3.9.16-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/ruby-3.2.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/rust-1.66.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/scons-4.5.1-x86_64-1.txz: Upgraded.
kde/falkon-22.12.3-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
kde/kitinerary-22.12.3-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/M2Crypto-0.38.0-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/SDL2-2.26.4-x86_64-1.txz: Upgraded.
l/gst-plugins-bad-free-1.22.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libarchive-3.6.2-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libevent-2.1.12-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libimobiledevice-20211124_2c6121d-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libssh2-1.10.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libvncserver-0.9.14-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/mlt-7.14.0-x86_64-1.txz: Upgraded.
l/neon-0.32.5-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/nodejs-19.7.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/opusfile-0.12-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/pipewire-0.3.66-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/pulseaudio-16.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/pycurl-7.44.1-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/qca-2.3.5-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/qt5-5.15.8_20230304_d8b881f0-x86_64-1.txz: Upgraded.
Compiled against openssl-3.0.8.
l/serf-1.3.9-x86_64-8.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/alpine-2.26-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/bind-9.18.12-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/curl-7.88.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/cyrus-sasl-2.1.28-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/dovecot-2.3.20-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/epic5-2.1.12-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/fetchmail-6.4.37-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/htdig-3.2.0b6-x86_64-9.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/httpd-2.4.56-x86_64-1.txz: Upgraded.
This update fixes two security issues:
HTTP Response Smuggling vulnerability via mod_proxy_uwsgi.
HTTP Request Smuggling attack via mod_rewrite and mod_proxy.
For more information, see:
https://downloads.apache.org/httpd/CHANGES_2.4.56
https://www.cve.org/CVERecord?id=CVE-2023-27522
https://www.cve.org/CVERecord?id=CVE-2023-25690
(* Security fix *)
NOTE: This package is compiled against openssl-3.0.8.
n/irssi-1.4.3-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/krb5-1.20.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/lftp-4.9.2-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/links-2.28-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/lynx-2.9.0dev.10-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/mutt-2.2.9-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/net-snmp-5.9.3-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/netatalk-3.1.14-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/nmap-7.93-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/ntp-4.2.8p15-x86_64-12.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/openldap-2.6.4-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/openssh-9.2p1-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/openssl-3.0.8-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/openssl11-1.1.1t-x86_64-1.txz: Added.
n/openvpn-2.6.0-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/php-8.2.3-x86_64-1.txz: Upgraded.
Compiled against openssl-3.0.8.
n/pidentd-3.0.19-x86_64-7.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/popa3d-1.0.3-x86_64-7.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/postfix-3.7.4-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/ppp-2.4.9-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/proftpd-1.3.8-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/rsync-3.2.7-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/s-nail-14.9.24-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/samba-4.18.0-x86_64-1.txz: Upgraded.
Build with the bundled Heimdal instead of the system MIT Kerberos.
Thanks again to rpenny.
n/slrn-1.0.3a-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/snownews-1.9-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/socat-1.7.4.4-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/stunnel-5.69-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/tcpdump-4.99.3-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/wget-1.21.3-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/wpa_supplicant-2.10-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/freerdp-2.10.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/gftp-2.9.1b-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/gkrellm-2.3.11-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/hexchat-2.16.1-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/sane-1.0.32-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/x3270-4.0ga14-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/xine-lib-1.2.13-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
y/bsd-games-2.17-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
extra/php80/php80-8.0.28-x86_64-1.txz: Removed.
extra/php81/php81-8.1.16-x86_64-1.txz: Removed.
extra/rust-for-mozilla/rust-1.60.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
extra/sendmail/sendmail-8.17.1-x86_64-7.txz: Rebuilt.
Recompiled against openssl-3.0.8.
extra/sendmail/sendmail-cf-8.17.1-noarch-7.txz: Rebuilt.
testing/packages/rust-1.67.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
testing/packages/samba-4.17.5-x86_64-2.txz: Removed.
20230308202654 | Patrick J Volkerding | 2023-03-08 | 1 | -2/+0 |
* | Wed Feb 15 03:05:40 UTC 2023...a/kernel-firmware-20230214_a253a37-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.12-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.12-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.12-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.12-x86-1.txz: Upgraded.
d/rust-1.66.1-x86_64-1.txz: Upgraded.
k/kernel-source-6.1.12-noarch-1.txz: Upgraded.
kde/bluedevil-5.27.0-x86_64-1.txz: Upgraded.
kde/breeze-5.27.0-x86_64-1.txz: Upgraded.
kde/breeze-grub-5.27.0-x86_64-1.txz: Upgraded.
kde/breeze-gtk-5.27.0-x86_64-1.txz: Upgraded.
kde/drkonqi-5.27.0-x86_64-1.txz: Upgraded.
kde/kactivitymanagerd-5.27.0-x86_64-1.txz: Upgraded.
kde/kde-cli-tools-5.27.0-x86_64-1.txz: Upgraded.
kde/kde-gtk-config-5.27.0-x86_64-1.txz: Upgraded.
kde/kdecoration-5.27.0-x86_64-1.txz: Upgraded.
kde/kdeplasma-addons-5.27.0-x86_64-1.txz: Upgraded.
kde/kgamma5-5.27.0-x86_64-1.txz: Upgraded.
kde/khotkeys-5.27.0-x86_64-1.txz: Upgraded.
kde/kinfocenter-5.27.0-x86_64-1.txz: Upgraded.
kde/kmenuedit-5.27.0-x86_64-1.txz: Upgraded.
kde/kpipewire-5.27.0-x86_64-1.txz: Upgraded.
kde/kscreen-5.27.0-x86_64-1.txz: Upgraded.
kde/kscreenlocker-5.27.0-x86_64-1.txz: Upgraded.
kde/ksshaskpass-5.27.0-x86_64-1.txz: Upgraded.
kde/ksystemstats-5.27.0-x86_64-1.txz: Upgraded.
kde/kwallet-pam-5.27.0-x86_64-1.txz: Upgraded.
kde/kwayland-integration-5.27.0-x86_64-1.txz: Upgraded.
kde/kwin-5.27.0-x86_64-1.txz: Upgraded.
kde/kwrited-5.27.0-x86_64-1.txz: Upgraded.
kde/layer-shell-qt-5.27.0-x86_64-1.txz: Upgraded.
kde/libkscreen-5.27.0-x86_64-1.txz: Upgraded.
kde/libksysguard-5.27.0-x86_64-1.txz: Upgraded.
kde/milou-5.27.0-x86_64-1.txz: Upgraded.
kde/oxygen-5.27.0-x86_64-1.txz: Upgraded.
kde/oxygen-sounds-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-browser-integration-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-desktop-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-disks-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-firewall-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-integration-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-nm-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-pa-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-sdk-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-systemmonitor-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-vault-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-workspace-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-workspace-wallpapers-5.27.0-x86_64-1.txz: Upgraded.
kde/polkit-kde-agent-1-5.27.0-x86_64-1.txz: Upgraded.
kde/powerdevil-5.27.0-x86_64-1.txz: Upgraded.
kde/qqc2-breeze-style-5.27.0-x86_64-1.txz: Upgraded.
kde/sddm-kcm-5.27.0-x86_64-1.txz: Upgraded.
kde/systemsettings-5.27.0-x86_64-1.txz: Upgraded.
kde/xdg-desktop-portal-kde-5.27.0-x86_64-1.txz: Upgraded.
l/mozjs102-102.8.0esr-x86_64-1.txz: Upgraded.
n/php-7.4.33-x86_64-3.txz: Rebuilt.
This update fixes security issues:
Core: Password_verify() always return true with some hash.
Core: 1-byte array overrun in common path resolve code.
SAPI: DOS vulnerability when parsing multipart request body.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0567
https://www.cve.org/CVERecord?id=CVE-2023-0568
https://www.cve.org/CVERecord?id=CVE-2023-0662
(* Security fix *)
xap/mozilla-firefox-110.0-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/110.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/
https://www.cve.org/CVERecord?id=CVE-2023-25728
https://www.cve.org/CVERecord?id=CVE-2023-25730
https://www.cve.org/CVERecord?id=CVE-2023-25743
https://www.cve.org/CVERecord?id=CVE-2023-0767
https://www.cve.org/CVERecord?id=CVE-2023-25735
https://www.cve.org/CVERecord?id=CVE-2023-25737
https://www.cve.org/CVERecord?id=CVE-2023-25738
https://www.cve.org/CVERecord?id=CVE-2023-25739
https://www.cve.org/CVERecord?id=CVE-2023-25729
https://www.cve.org/CVERecord?id=CVE-2023-25732
https://www.cve.org/CVERecord?id=CVE-2023-25734
https://www.cve.org/CVERecord?id=CVE-2023-25740
https://www.cve.org/CVERecord?id=CVE-2023-25731
https://www.cve.org/CVERecord?id=CVE-2023-25733
https://www.cve.org/CVERecord?id=CVE-2023-25736
https://www.cve.org/CVERecord?id=CVE-2023-25741
https://www.cve.org/CVERecord?id=CVE-2023-25742
https://www.cve.org/CVERecord?id=CVE-2023-25744
https://www.cve.org/CVERecord?id=CVE-2023-25745
(* Security fix *)
extra/php80/php80-8.0.28-x86_64-1.txz: Upgraded.
This update fixes security issues:
Core: Password_verify() always return true with some hash.
Core: 1-byte array overrun in common path resolve code.
SAPI: DOS vulnerability when parsing multipart request body.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0567
https://www.cve.org/CVERecord?id=CVE-2023-0568
https://www.cve.org/CVERecord?id=CVE-2023-0662
(* Security fix *)
extra/php81/php81-8.1.16-x86_64-1.txz: Upgraded.
This update fixes security issues:
Core: Password_verify() always return true with some hash.
Core: 1-byte array overrun in common path resolve code.
SAPI: DOS vulnerability when parsing multipart request body.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0567
https://www.cve.org/CVERecord?id=CVE-2023-0568
https://www.cve.org/CVERecord?id=CVE-2023-0662
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/rust-1.67.1-x86_64-1.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20230215030540 | Patrick J Volkerding | 2023-02-15 | 1 | -2/+2 |
* | Sat Jan 7 01:50:00 UTC 2023...a/btrfs-progs-6.1.2-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.87-x86_64-1.txz: Upgraded.
Fixed memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures.
For more information, see:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/
https://www.cve.org/CVERecord?id=CVE-2021-43527
(* Security fix *)
l/nodejs-19.4.0-x86_64-1.txz: Upgraded.
n/php-7.4.33-x86_64-2.txz: Rebuilt.
This update fixes a security issue:
PDO::quote() may return unquoted string.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-31631
(* Security fix *)
extra/php80/php80-8.0.27-x86_64-1.txz: Upgraded.
This update fixes a security issue:
PDO::quote() may return unquoted string.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-31631
(* Security fix *)
extra/php81/php81-8.1.14-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
PDO::quote() may return unquoted string.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-31631
(* Security fix *)
20230107015000 | Patrick J Volkerding | 2023-01-07 | 1 | -2/+2 |
* | Wed Nov 30 21:39:29 UTC 2022...kde/kstars-3.6.2-x86_64-1.txz: Upgraded.
l/libbluray-1.3.4-x86_64-1.txz: Upgraded.
l/newt-0.52.23-x86_64-1.txz: Upgraded.
l/nodejs-19.2.0-x86_64-1.txz: Upgraded.
x/wayland-protocols-1.31-noarch-1.txz: Upgraded.
extra/php80/php80-8.0.26-x86_64-1.txz: Upgraded.
extra/php81/php81-8.1.13-x86_64-1.txz: Upgraded.
20221130213929 | Patrick J Volkerding | 2022-12-01 | 1 | -2/+2 |
* | Mon Oct 31 23:31:36 UTC 2022...a/ntfs-3g-2022.10.3-x86_64-1.txz: Upgraded.
ap/mpg123-1.31.0-x86_64-1.txz: Upgraded.
ap/vim-9.0.0814-x86_64-1.txz: Upgraded.
A vulnerability was found in vim and classified as problematic. Affected by
this issue is the function qf_update_buffer of the file quickfix.c of the
component autocmd Handler. The manipulation leads to use after free. The
attack may be launched remotely. Upgrading to version 9.0.0805 is able to
address this issue.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-3705
(* Security fix *)
d/ccache-4.7.2-x86_64-1.txz: Upgraded.
d/make-4.4-x86_64-1.txz: Upgraded.
d/patchelf-0.16.1-x86_64-1.txz: Upgraded.
d/strace-6.0-x86_64-1.txz: Upgraded.
kde/kwin-5.26.2.1-x86_64-2.txz: Rebuilt.
[PATCH] x11window: revert more from 3a28c02f.
Thanks to Heinz Wiesinger.
[PATCH] x11: Don't force QT_NO_GLIB=1.
[PATCH] x11: Don't force QT_QPA_PLATFORM=xcb.
Thanks to marav.
l/libedit-20221030_3.1-x86_64-1.txz: Upgraded.
l/python-importlib_metadata-5.0.0-x86_64-1.txz: Upgraded.
l/taglib-1.13-x86_64-1.txz: Upgraded.
l/utf8proc-2.8.0-x86_64-1.txz: Upgraded.
n/openvpn-2.5.8-x86_64-1.txz: Upgraded.
n/socat-1.7.4.4-x86_64-1.txz: Upgraded.
x/libXext-1.3.5-x86_64-1.txz: Upgraded.
x/libXinerama-1.1.5-x86_64-1.txz: Upgraded.
x/makedepend-1.0.7-x86_64-1.txz: Upgraded.
x/rgb-1.1.0-x86_64-1.txz: Upgraded.
x/sessreg-1.1.3-x86_64-1.txz: Upgraded.
x/x11perf-1.6.2-x86_64-1.txz: Upgraded.
x/xsetroot-1.1.3-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-106.0.3-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/106.0.3/releasenotes/
xap/mozilla-thunderbird-102.4.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.4.1/releasenotes/
xap/vim-gvim-9.0.0814-x86_64-1.txz: Upgraded.
extra/php80/php80-8.0.25-x86_64-1.txz: Upgraded.
This update fixes security issues:
GD: OOB read due to insufficient input validation in imageloadfont().
Hash: buffer overflow in hash_update() on long parameter.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-31630
https://www.cve.org/CVERecord?id=CVE-2022-37454
(* Security fix *)
extra/php81/php81-8.1.12-x86_64-1.txz: Upgraded.
This update fixes security issues:
GD: OOB read due to insufficient input validation in imageloadfont().
Hash: buffer overflow in hash_update() on long parameter.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-31630
https://www.cve.org/CVERecord?id=CVE-2022-37454
(* Security fix *)
20221031233136 | Patrick J Volkerding | 2022-11-01 | 1 | -2/+2 |
* | Fri Sep 30 17:52:21 UTC 2022...a/dbus-1.14.2-x86_64-1.txz: Upgraded.
ap/powertop-2.15-x86_64-1.txz: Upgraded.
ap/sqlite-3.39.4-x86_64-1.txz: Upgraded.
ap/vim-9.0.0623-x86_64-1.txz: Upgraded.
Fixed use-after-free and stack-based buffer overflow.
Thanks to marav for the heads-up.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3352
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3324
(* Security fix *)
kde/digikam-7.8.0-x86_64-2.txz: Rebuilt.
Recompiled against lensfun-0.3.3.
kde/kstars-3.6.1-x86_64-1.txz: Upgraded.
kde/plasma-wayland-protocols-1.9.0-x86_64-1.txz: Upgraded.
l/lensfun-0.3.3-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/netpbm-11.00.00-x86_64-1.txz: Upgraded.
l/nodejs-18.10.0-x86_64-1.txz: Upgraded.
l/pipewire-0.3.59-x86_64-1.txz: Upgraded.
n/php-7.4.32-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
phar wrapper: DOS when using quine gzip file.
Don't mangle HTTP variable names that clash with ones that have a specific
semantic meaning.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629
(* Security fix *)
xap/mozilla-thunderbird-102.3.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.3.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-43/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39249
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39250
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39251
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39236
(* Security fix *)
xap/seamonkey-2.53.14-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.14
(* Security fix *)
xap/vim-gvim-9.0.0623-x86_64-1.txz: Upgraded.
xap/xsnow-3.5.3-x86_64-1.txz: Upgraded.
extra/php80/php80-8.0.24-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
phar wrapper: DOS when using quine gzip file.
Don't mangle HTTP variable names that clash with ones that have a specific
semantic meaning.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629
(* Security fix *)
extra/php81/php81-8.1.11-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
phar wrapper: DOS when using quine gzip file.
Don't mangle HTTP variable names that clash with ones that have a specific
semantic meaning.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629
(* Security fix *)
20220930175221 | Patrick J Volkerding | 2022-10-01 | 1 | -2/+2 |
* | Thu Sep 1 20:01:13 UTC 2022...d/mercurial-6.2.2-x86_64-1.txz: Upgraded.
kde/calligra-3.2.1-x86_64-22.txz: Rebuilt.
Recompiled against poppler-22.09.0.
kde/cantor-22.08.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-22.09.0.
kde/kfilemetadata-5.97.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-22.09.0.
kde/kile-2.9.93-x86_64-20.txz: Rebuilt.
Recompiled against poppler-22.09.0.
kde/kitinerary-22.08.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-22.09.0.
kde/krita-5.1.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-22.09.0.
kde/okular-22.08.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-22.09.0.
l/poppler-22.09.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
[PATCH] JBIG2Stream: Fix crash on broken file.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30860
(* Security fix *)
xap/mozilla-thunderbird-102.2.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.2.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-38/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3033
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3034
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36059
(* Security fix *)
extra/php80/php80-8.0.23-x86_64-1.txz: Upgraded.
extra/php81/php81-8.1.10-x86_64-1.txz: Upgraded.
20220901200113 | Patrick J Volkerding | 2022-09-02 | 1 | -2/+2 |
* | Fri Aug 5 21:04:39 UTC 2022...a/dcron-4.5-x86_64-12.txz: Rebuilt.
Rebase the run-parts script on the latest version from Fedora's crontabs
package. Thanks to avian.
a/elilo-3.16-x86_64-13.txz: Rebuilt.
Patched to disable the Confidential Computing blob for SEV-SNP, which
fixes booting a 5.19 kernel with the EFI stub enabled. If you use elilo,
be sure to either run eliloconfig again or manually copy (and rename) the
proper elilo binary to your EFI System Partition.
Thanks to PiterPunk.
a/sysklogd-2.4.2-x86_64-1.txz: Upgraded.
ap/most-5.2.0-x86_64-1.txz: Upgraded.
d/cmake-3.24.0-x86_64-1.txz: Upgraded.
x/ibus-table-1.16.10-x86_64-1.txz: Upgraded.
extra/brltty/brltty-6.5-x86_64-1.txz: Upgraded.
extra/php80/php80-8.0.22-x86_64-1.txz: Upgraded.
20220805210439 | Patrick J Volkerding | 2022-08-06 | 1 | -2/+2 |
* | Thu Jul 7 23:03:01 UTC 2022...a/kernel-generic-5.18.10-x86_64-1.txz: Upgraded.
a/kernel-huge-5.18.10-x86_64-1.txz: Upgraded.
a/kernel-modules-5.18.10-x86_64-1.txz: Upgraded.
d/kernel-headers-5.18.10-x86-1.txz: Upgraded.
k/kernel-source-5.18.10-noarch-1.txz: Upgraded.
-DEBUG_INFO y
-DEBUG_INFO_BTF n
-DEBUG_INFO_COMPRESSED n
-DEBUG_INFO_REDUCED n
-DEBUG_INFO_SPLIT n
-GDB_SCRIPTS n
-PAHOLE_HAS_SPLIT_BTF y
DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT y -> n
DEBUG_INFO_NONE n -> y
kde/akonadi-22.04.3-x86_64-1.txz: Upgraded.
kde/akonadi-calendar-22.04.3-x86_64-1.txz: Upgraded.
kde/akonadi-calendar-tools-22.04.3-x86_64-1.txz: Upgraded.
kde/akonadi-contacts-22.04.3-x86_64-1.txz: Upgraded.
kde/akonadi-import-wizard-22.04.3-x86_64-1.txz: Upgraded.
kde/akonadi-mime-22.04.3-x86_64-1.txz: Upgraded.
kde/akonadi-notes-22.04.3-x86_64-1.txz: Upgraded.
kde/akonadi-search-22.04.3-x86_64-1.txz: Upgraded.
kde/akonadiconsole-22.04.3-x86_64-1.txz: Upgraded.
kde/akregator-22.04.3-x86_64-1.txz: Upgraded.
kde/analitza-22.04.3-x86_64-1.txz: Upgraded.
kde/ark-22.04.3-x86_64-1.txz: Upgraded.
kde/artikulate-22.04.3-x86_64-1.txz: Upgraded.
kde/audiocd-kio-22.04.3-x86_64-1.txz: Upgraded.
kde/baloo-widgets-22.04.3-x86_64-1.txz: Upgraded.
kde/blinken-22.04.3-x86_64-1.txz: Upgraded.
kde/bomber-22.04.3-x86_64-1.txz: Upgraded.
kde/bovo-22.04.3-x86_64-1.txz: Upgraded.
kde/calendarsupport-22.04.3-x86_64-1.txz: Upgraded.
kde/cantor-22.04.3-x86_64-1.txz: Upgraded.
kde/cervisia-22.04.3-x86_64-1.txz: Upgraded.
kde/dolphin-22.04.3-x86_64-1.txz: Upgraded.
kde/dolphin-plugins-22.04.3-x86_64-1.txz: Upgraded.
kde/dragon-22.04.3-x86_64-1.txz: Upgraded.
kde/elisa-22.04.3-x86_64-1.txz: Upgraded.
kde/eventviews-22.04.3-x86_64-1.txz: Upgraded.
kde/falkon-22.04.3-x86_64-1.txz: Upgraded.
kde/ffmpegthumbs-22.04.3-x86_64-1.txz: Upgraded.
kde/filelight-22.04.3-x86_64-1.txz: Upgraded.
kde/granatier-22.04.3-x86_64-1.txz: Upgraded.
kde/grantlee-editor-22.04.3-x86_64-1.txz: Upgraded.
kde/grantleetheme-22.04.3-x86_64-1.txz: Upgraded.
kde/gwenview-22.04.3-x86_64-1.txz: Upgraded.
kde/incidenceeditor-22.04.3-x86_64-1.txz: Upgraded.
kde/itinerary-22.04.3-x86_64-1.txz: Upgraded.
kde/juk-22.04.3-x86_64-1.txz: Upgraded.
kde/k3b-22.04.3-x86_64-1.txz: Upgraded.
kde/kaddressbook-22.04.3-x86_64-1.txz: Upgraded.
kde/kalarm-22.04.3-x86_64-1.txz: Upgraded.
kde/kalendar-22.04.3-x86_64-1.txz: Upgraded.
kde/kalgebra-22.04.3-x86_64-1.txz: Upgraded.
kde/kalzium-22.04.3-x86_64-1.txz: Upgraded.
kde/kamera-22.04.3-x86_64-1.txz: Upgraded.
kde/kamoso-22.04.3-x86_64-1.txz: Upgraded.
kde/kanagram-22.04.3-x86_64-1.txz: Upgraded.
kde/kapman-22.04.3-x86_64-1.txz: Upgraded.
kde/kapptemplate-22.04.3-x86_64-1.txz: Upgraded.
kde/kate-22.04.3-x86_64-1.txz: Upgraded.
kde/katomic-22.04.3-x86_64-1.txz: Upgraded.
kde/kbackup-22.04.3-x86_64-1.txz: Upgraded.
kde/kblackbox-22.04.3-x86_64-1.txz: Upgraded.
kde/kblocks-22.04.3-x86_64-1.txz: Upgraded.
kde/kbounce-22.04.3-x86_64-1.txz: Upgraded.
kde/kbreakout-22.04.3-x86_64-1.txz: Upgraded.
kde/kbruch-22.04.3-x86_64-1.txz: Upgraded.
kde/kcachegrind-22.04.3-x86_64-1.txz: Upgraded.
kde/kcalc-22.04.3-x86_64-1.txz: Upgraded.
kde/kcalutils-22.04.3-x86_64-1.txz: Upgraded.
kde/kcharselect-22.04.3-x86_64-1.txz: Upgraded.
kde/kcolorchooser-22.04.3-x86_64-1.txz: Upgraded.
kde/kcron-22.04.3-x86_64-1.txz: Upgraded.
kde/kde-dev-scripts-22.04.3-x86_64-1.txz: Upgraded.
kde/kde-dev-utils-22.04.3-x86_64-1.txz: Upgraded.
kde/kdebugsettings-22.04.3-x86_64-1.txz: Upgraded.
kde/kdeconnect-kde-22.04.3-x86_64-1.txz: Upgraded.
kde/kdeedu-data-22.04.3-x86_64-1.txz: Upgraded.
kde/kdegraphics-mobipocket-22.04.3-x86_64-1.txz: Upgraded.
kde/kdegraphics-thumbnailers-22.04.3-x86_64-1.txz: Upgraded.
kde/kdenetwork-filesharing-22.04.3-x86_64-1.txz: Upgraded.
kde/kdenlive-22.04.3-x86_64-1.txz: Upgraded.
kde/kdepim-addons-22.04.3-x86_64-1.txz: Upgraded.
kde/kdepim-runtime-22.04.3-x86_64-1.txz: Upgraded.
kde/kdesdk-kioslaves-22.04.3-x86_64-1.txz: Upgraded.
kde/kdesdk-thumbnailers-22.04.3-x86_64-1.txz: Upgraded.
kde/kdev-php-22.04.3-x86_64-1.txz: Upgraded.
kde/kdev-python-22.04.3-x86_64-1.txz: Upgraded.
kde/kdevelop-22.04.3-x86_64-1.txz: Upgraded.
kde/kdf-22.04.3-x86_64-1.txz: Upgraded.
kde/kdialog-22.04.3-x86_64-1.txz: Upgraded.
kde/kdiamond-22.04.3-x86_64-1.txz: Upgraded.
kde/keditbookmarks-22.04.3-x86_64-1.txz: Upgraded.
kde/kfind-22.04.3-x86_64-1.txz: Upgraded.
kde/kfloppy-22.04.3-x86_64-1.txz: Upgraded.
kde/kfourinline-22.04.3-x86_64-1.txz: Upgraded.
kde/kgeography-22.04.3-x86_64-1.txz: Upgraded.
kde/kget-22.04.3-x86_64-1.txz: Upgraded.
kde/kgoldrunner-22.04.3-x86_64-1.txz: Upgraded.
kde/kgpg-22.04.3-x86_64-1.txz: Upgraded.
kde/khangman-22.04.3-x86_64-1.txz: Upgraded.
kde/khelpcenter-22.04.3-x86_64-1.txz: Upgraded.
kde/kidentitymanagement-22.04.3-x86_64-1.txz: Upgraded.
kde/kig-22.04.3-x86_64-1.txz: Upgraded.
kde/kigo-22.04.3-x86_64-1.txz: Upgraded.
kde/killbots-22.04.3-x86_64-1.txz: Upgraded.
kde/kimagemapeditor-22.04.3-x86_64-1.txz: Upgraded.
kde/kimap-22.04.3-x86_64-1.txz: Upgraded.
kde/kio-extras-22.04.3-x86_64-1.txz: Upgraded.
kde/kio-gdrive-22.04.3-x86_64-1.txz: Upgraded.
kde/kipi-plugins-22.04.3-x86_64-1.txz: Upgraded.
kde/kirigami-gallery-22.04.3-x86_64-1.txz: Upgraded.
kde/kiriki-22.04.3-x86_64-1.txz: Upgraded.
kde/kiten-22.04.3-x86_64-1.txz: Upgraded.
kde/kitinerary-22.04.3-x86_64-1.txz: Upgraded.
kde/kjumpingcube-22.04.3-x86_64-1.txz: Upgraded.
kde/kldap-22.04.3-x86_64-1.txz: Upgraded.
kde/kleopatra-22.04.3-x86_64-1.txz: Upgraded.
kde/klickety-22.04.3-x86_64-1.txz: Upgraded.
kde/klines-22.04.3-x86_64-1.txz: Upgraded.
kde/kmag-22.04.3-x86_64-1.txz: Upgraded.
kde/kmahjongg-22.04.3-x86_64-1.txz: Upgraded.
kde/kmail-22.04.3-x86_64-1.txz: Upgraded.
kde/kmail-account-wizard-22.04.3-x86_64-1.txz: Upgraded.
kde/kmailtransport-22.04.3-x86_64-1.txz: Upgraded.
kde/kmbox-22.04.3-x86_64-1.txz: Upgraded.
kde/kmime-22.04.3-x86_64-1.txz: Upgraded.
kde/kmines-22.04.3-x86_64-1.txz: Upgraded.
kde/kmix-22.04.3-x86_64-1.txz: Upgraded.
kde/kmousetool-22.04.3-x86_64-1.txz: Upgraded.
kde/kmouth-22.04.3-x86_64-1.txz: Upgraded.
kde/kmplot-22.04.3-x86_64-1.txz: Upgraded.
kde/knavalbattle-22.04.3-x86_64-1.txz: Upgraded.
kde/knetwalk-22.04.3-x86_64-1.txz: Upgraded.
kde/knights-22.04.3-x86_64-1.txz: Upgraded.
kde/knotes-22.04.3-x86_64-1.txz: Upgraded.
kde/kolf-22.04.3-x86_64-1.txz: Upgraded.
kde/kollision-22.04.3-x86_64-1.txz: Upgraded.
kde/kolourpaint-22.04.3-x86_64-1.txz: Upgraded.
kde/kompare-22.04.3-x86_64-1.txz: Upgraded.
kde/konqueror-22.04.3-x86_64-1.txz: Upgraded.
kde/konquest-22.04.3-x86_64-1.txz: Upgraded.
kde/konsole-22.04.3-x86_64-1.txz: Upgraded.
kde/kontact-22.04.3-x86_64-1.txz: Upgraded.
kde/kontactinterface-22.04.3-x86_64-1.txz: Upgraded.
kde/kontrast-22.04.3-x86_64-1.txz: Upgraded.
kde/konversation-22.04.3-x86_64-1.txz: Upgraded.
kde/kopeninghours-22.04.3-x86_64-1.txz: Upgraded.
kde/kopete-22.04.3-x86_64-1.txz: Upgraded.
kde/korganizer-22.04.3-x86_64-1.txz: Upgraded.
kde/kosmindoormap-22.04.3-x86_64-1.txz: Upgraded.
kde/kpat-22.04.3-x86_64-1.txz: Upgraded.
kde/kpimtextedit-22.04.3-x86_64-1.txz: Upgraded.
kde/kpkpass-22.04.3-x86_64-1.txz: Upgraded.
kde/kpmcore-22.04.3-x86_64-1.txz: Upgraded.
kde/kpublictransport-22.04.3-x86_64-1.txz: Upgraded.
kde/kqtquickcharts-22.04.3-x86_64-1.txz: Upgraded.
kde/krdc-22.04.3-x86_64-1.txz: Upgraded.
kde/kreversi-22.04.3-x86_64-1.txz: Upgraded.
kde/krfb-22.04.3-x86_64-1.txz: Upgraded.
kde/kross-interpreters-22.04.3-x86_64-1.txz: Upgraded.
kde/kruler-22.04.3-x86_64-1.txz: Upgraded.
kde/kshisen-22.04.3-x86_64-1.txz: Upgraded.
kde/ksirk-22.04.3-x86_64-1.txz: Upgraded.
kde/ksmtp-22.04.3-x86_64-1.txz: Upgraded.
kde/ksnakeduel-22.04.3-x86_64-1.txz: Upgraded.
kde/kspaceduel-22.04.3-x86_64-1.txz: Upgraded.
kde/ksquares-22.04.3-x86_64-1.txz: Upgraded.
kde/ksudoku-22.04.3-x86_64-1.txz: Upgraded.
kde/ksystemlog-22.04.3-x86_64-1.txz: Upgraded.
kde/kteatime-22.04.3-x86_64-1.txz: Upgraded.
kde/ktimer-22.04.3-x86_64-1.txz: Upgraded.
kde/ktnef-22.04.3-x86_64-1.txz: Upgraded.
kde/ktorrent-22.04.3-x86_64-1.txz: Upgraded.
kde/ktouch-22.04.3-x86_64-1.txz: Upgraded.
kde/kturtle-22.04.3-x86_64-1.txz: Upgraded.
kde/kubrick-22.04.3-x86_64-1.txz: Upgraded.
kde/kwalletmanager-22.04.3-x86_64-1.txz: Upgraded.
kde/kwave-22.04.3-x86_64-1.txz: Upgraded.
kde/kwordquiz-22.04.3-x86_64-1.txz: Upgraded.
kde/libgravatar-22.04.3-x86_64-1.txz: Upgraded.
kde/libkcddb-22.04.3-x86_64-1.txz: Upgraded.
kde/libkcompactdisc-22.04.3-x86_64-1.txz: Upgraded.
kde/libkdcraw-22.04.3-x86_64-1.txz: Upgraded.
kde/libkdegames-22.04.3-x86_64-1.txz: Upgraded.
kde/libkdepim-22.04.3-x86_64-1.txz: Upgraded.
kde/libkeduvocdocument-22.04.3-x86_64-1.txz: Upgraded.
kde/libkexiv2-22.04.3-x86_64-1.txz: Upgraded.
kde/libkgapi-22.04.3-x86_64-1.txz: Upgraded.
kde/libkipi-22.04.3-x86_64-1.txz: Upgraded.
kde/libkleo-22.04.3-x86_64-1.txz: Upgraded.
kde/libkmahjongg-22.04.3-x86_64-1.txz: Upgraded.
kde/libkomparediff2-22.04.3-x86_64-1.txz: Upgraded.
kde/libksane-22.04.3-x86_64-1.txz: Upgraded.
kde/libksieve-22.04.3-x86_64-1.txz: Upgraded.
kde/libktorrent-22.04.3-x86_64-1.txz: Upgraded.
kde/lokalize-22.04.3-x86_64-1.txz: Upgraded.
kde/lskat-22.04.3-x86_64-1.txz: Upgraded.
kde/mailcommon-22.04.3-x86_64-1.txz: Upgraded.
kde/mailimporter-22.04.3-x86_64-1.txz: Upgraded.
kde/marble-22.04.3-x86_64-1.txz: Upgraded.
kde/markdownpart-22.04.3-x86_64-1.txz: Upgraded.
kde/mbox-importer-22.04.3-x86_64-1.txz: Upgraded.
kde/messagelib-22.04.3-x86_64-1.txz: Upgraded.
kde/minuet-22.04.3-x86_64-1.txz: Upgraded.
kde/okular-22.04.3-x86_64-1.txz: Upgraded.
kde/palapeli-22.04.3-x86_64-1.txz: Upgraded.
kde/parley-22.04.3-x86_64-1.txz: Upgraded.
kde/partitionmanager-22.04.3-x86_64-1.txz: Upgraded.
kde/picmi-22.04.3-x86_64-1.txz: Upgraded.
kde/pim-data-exporter-22.04.3-x86_64-1.txz: Upgraded.
kde/pim-sieve-editor-22.04.3-x86_64-1.txz: Upgraded.
kde/pimcommon-22.04.3-x86_64-1.txz: Upgraded.
kde/poxml-22.04.3-x86_64-1.txz: Upgraded.
kde/print-manager-22.04.3-x86_64-1.txz: Upgraded.
kde/rocs-22.04.3-x86_64-1.txz: Upgraded.
kde/skanlite-22.04.3-x86_64-1.txz: Upgraded.
kde/skanpage-22.04.3-x86_64-1.txz: Upgraded.
kde/spectacle-22.04.3-x86_64-1.txz: Upgraded.
kde/step-22.04.3-x86_64-1.txz: Upgraded.
kde/svgpart-22.04.3-x86_64-1.txz: Upgraded.
kde/sweeper-22.04.3-x86_64-1.txz: Upgraded.
kde/umbrello-22.04.3-x86_64-1.txz: Upgraded.
kde/yakuake-22.04.3-x86_64-1.txz: Upgraded.
kde/zanshin-22.04.3-x86_64-1.txz: Upgraded.
kde/zeroconf-ioslave-22.04.3-x86_64-1.txz: Upgraded.
l/SDL2_ttf-2.20.0-x86_64-1.txz: Upgraded.
l/pipewire-0.3.54-x86_64-1.txz: Upgraded.
n/gnupg2-2.2.36-x86_64-1.txz: Upgraded.
g10: Fix possibly garbled status messages in NOTATION_DATA. This bug could
trick GPGME and other parsers to accept faked status lines.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903
(* Security fix *)
extra/php80/php80-8.0.21-x86_64-1.txz: Upgraded.
extra/php81/php81-8.1.8-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
Fileinfo: Fixed bug #81723 (Heap buffer overflow in finfo_buffer).
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31627
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20220707230301 | Patrick J Volkerding | 2022-07-08 | 1 | -2/+2 |
* | Mon Jun 13 21:02:58 UTC 2022...a/file-5.42-x86_64-1.txz: Upgraded.
a/inotify-tools-3.22.6.0-x86_64-1.txz: Upgraded.
ap/inxi-3.3.17_1-noarch-1.txz: Upgraded.
kde/attica-5.95.0-x86_64-1.txz: Upgraded.
kde/baloo-5.95.0-x86_64-1.txz: Upgraded.
kde/bluez-qt-5.95.0-x86_64-1.txz: Upgraded.
kde/breeze-icons-5.95.0-noarch-1.txz: Upgraded.
kde/extra-cmake-modules-5.95.0-x86_64-1.txz: Upgraded.
kde/frameworkintegration-5.95.0-x86_64-1.txz: Upgraded.
kde/kactivities-5.95.0-x86_64-1.txz: Upgraded.
kde/kactivities-stats-5.95.0-x86_64-1.txz: Upgraded.
kde/kapidox-5.95.0-x86_64-1.txz: Upgraded.
kde/karchive-5.95.0-x86_64-1.txz: Upgraded.
kde/kauth-5.95.0-x86_64-1.txz: Upgraded.
kde/kbookmarks-5.95.0-x86_64-1.txz: Upgraded.
kde/kcalendarcore-5.95.0-x86_64-1.txz: Upgraded.
kde/kcmutils-5.95.0-x86_64-1.txz: Upgraded.
kde/kcodecs-5.95.0-x86_64-1.txz: Upgraded.
kde/kcompletion-5.95.0-x86_64-1.txz: Upgraded.
kde/kconfig-5.95.0-x86_64-1.txz: Upgraded.
kde/kconfigwidgets-5.95.0-x86_64-1.txz: Upgraded.
kde/kcontacts-5.95.0-x86_64-1.txz: Upgraded.
kde/kcoreaddons-5.95.0-x86_64-1.txz: Upgraded.
kde/kcrash-5.95.0-x86_64-1.txz: Upgraded.
kde/kdav-5.95.0-x86_64-1.txz: Upgraded.
kde/kdbusaddons-5.95.0-x86_64-1.txz: Upgraded.
kde/kdeclarative-5.95.0-x86_64-1.txz: Upgraded.
kde/kded-5.95.0-x86_64-1.txz: Upgraded.
kde/kdelibs4support-5.95.0-x86_64-1.txz: Upgraded.
kde/kdesignerplugin-5.95.0-x86_64-1.txz: Upgraded.
kde/kdesu-5.95.0-x86_64-1.txz: Upgraded.
kde/kdewebkit-5.95.0-x86_64-1.txz: Upgraded.
kde/kdnssd-5.95.0-x86_64-1.txz: Upgraded.
kde/kdoctools-5.95.0-x86_64-1.txz: Upgraded.
kde/kemoticons-5.95.0-x86_64-1.txz: Upgraded.
kde/kfilemetadata-5.95.0-x86_64-1.txz: Upgraded.
kde/kglobalaccel-5.95.0-x86_64-1.txz: Upgraded.
kde/kguiaddons-5.95.0-x86_64-1.txz: Upgraded.
kde/kholidays-5.95.0-x86_64-1.txz: Upgraded.
kde/khtml-5.95.0-x86_64-1.txz: Upgraded.
kde/ki18n-5.95.0-x86_64-1.txz: Upgraded.
kde/kiconthemes-5.95.0-x86_64-1.txz: Upgraded.
kde/kidletime-5.95.0-x86_64-1.txz: Upgraded.
kde/kimageformats-5.95.0-x86_64-1.txz: Upgraded.
kde/kinit-5.95.0-x86_64-1.txz: Upgraded.
kde/kio-5.95.0-x86_64-1.txz: Upgraded.
kde/kirigami2-5.95.0-x86_64-1.txz: Upgraded.
kde/kitemmodels-5.95.0-x86_64-1.txz: Upgraded.
kde/kitemviews-5.95.0-x86_64-1.txz: Upgraded.
kde/kjobwidgets-5.95.0-x86_64-1.txz: Upgraded.
kde/kjs-5.95.0-x86_64-1.txz: Upgraded.
kde/kjsembed-5.95.0-x86_64-1.txz: Upgraded.
kde/kmediaplayer-5.95.0-x86_64-1.txz: Upgraded.
kde/knewstuff-5.95.0-x86_64-1.txz: Upgraded.
kde/knotifications-5.95.0-x86_64-1.txz: Upgraded.
kde/knotifyconfig-5.95.0-x86_64-1.txz: Upgraded.
kde/kpackage-5.95.0-x86_64-1.txz: Upgraded.
kde/kparts-5.95.0-x86_64-1.txz: Upgraded.
kde/kpeople-5.95.0-x86_64-1.txz: Upgraded.
kde/kplotting-5.95.0-x86_64-1.txz: Upgraded.
kde/kpty-5.95.0-x86_64-1.txz: Upgraded.
kde/kquickcharts-5.95.0-x86_64-1.txz: Upgraded.
kde/kross-5.95.0-x86_64-1.txz: Upgraded.
kde/krunner-5.95.0-x86_64-1.txz: Upgraded.
kde/kservice-5.95.0-x86_64-1.txz: Upgraded.
kde/ktexteditor-5.95.0-x86_64-1.txz: Upgraded.
kde/ktextwidgets-5.95.0-x86_64-1.txz: Upgraded.
kde/kunitconversion-5.95.0-x86_64-1.txz: Upgraded.
kde/kwallet-5.95.0-x86_64-1.txz: Upgraded.
kde/kwayland-5.95.0-x86_64-1.txz: Upgraded.
kde/kwidgetsaddons-5.95.0-x86_64-1.txz: Upgraded.
kde/kwindowsystem-5.95.0-x86_64-1.txz: Upgraded.
kde/kxmlgui-5.95.0-x86_64-1.txz: Upgraded.
kde/kxmlrpcclient-5.95.0-x86_64-1.txz: Upgraded.
kde/modemmanager-qt-5.95.0-x86_64-1.txz: Upgraded.
kde/networkmanager-qt-5.95.0-x86_64-1.txz: Upgraded.
kde/okteta-0.26.9-x86_64-1.txz: Upgraded.
kde/oxygen-icons5-5.95.0-noarch-1.txz: Upgraded.
kde/plasma-framework-5.95.0-x86_64-1.txz: Upgraded.
kde/prison-5.95.0-x86_64-1.txz: Upgraded.
kde/purpose-5.95.0-x86_64-1.txz: Upgraded.
kde/qqc2-desktop-style-5.95.0-x86_64-1.txz: Upgraded.
kde/solid-5.95.0-x86_64-1.txz: Upgraded.
kde/sonnet-5.95.0-x86_64-1.txz: Upgraded.
kde/syndication-5.95.0-x86_64-1.txz: Upgraded.
kde/syntax-highlighting-5.95.0-x86_64-1.txz: Upgraded.
kde/threadweaver-5.95.0-x86_64-1.txz: Upgraded.
n/php-7.4.30-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
mysqlnd/pdo password buffer overflow.
Uninitialized array in pg_query_params().
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31626
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31625
(* Security fix *)
x/libinput-1.21.0-x86_64-1.txz: Upgraded.
xap/gimp-2.10.32-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-101.0.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/101.0.1/releasenotes/
xfce/exo-4.16.4-x86_64-1.txz: Upgraded.
extra/php80/php80-8.0.20-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
mysqlnd/pdo password buffer overflow.
Uninitialized array in pg_query_params().
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31626
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31625
(* Security fix *)
extra/php81/php81-8.1.7-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
mysqlnd/pdo password buffer overflow.
Uninitialized array in pg_query_params().
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31626
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31625
(* Security fix *)
20220613210258 | Patrick J Volkerding | 2022-06-14 | 1 | -2/+2 |
* | Fri May 13 19:10:20 UTC 2022...a/tcsh-6.24.01-x86_64-1.txz: Upgraded.
n/gnutls-3.7.5-x86_64-1.txz: Upgraded.
extra/php80/php80-8.0.19-x86_64-1.txz: Upgraded.
extra/php81/php81-8.1.6-x86_64-1.txz: Upgraded.
20220513191020 | Patrick J Volkerding | 2022-05-14 | 1 | -2/+2 |
* | Fri Apr 15 20:01:44 UTC 2022...a/aaa_libraries-15.1-x86_64-4.txz: Rebuilt.
Upgraded: libaio.so.1.0.2.
Added: libboost_atomic.so.1.78.0, libboost_chrono.so.1.78.0,
libboost_container.so.1.78.0, libboost_context.so.1.78.0,
libboost_contract.so.1.78.0, libboost_coroutine.so.1.78.0,
libboost_date_time.so.1.78.0, libboost_fiber.so.1.78.0,
libboost_filesystem.so.1.78.0, libboost_graph.so.1.78.0,
libboost_iostreams.so.1.78.0, libboost_json.so.1.78.0,
libboost_locale.so.1.78.0, libboost_log.so.1.78.0,
libboost_log_setup.so.1.78.0, libboost_math_c99.so.1.78.0,
libboost_math_c99f.so.1.78.0, libboost_math_c99l.so.1.78.0,
libboost_math_tr1.so.1.78.0, libboost_math_tr1f.so.1.78.0,
libboost_math_tr1l.so.1.78.0, libboost_nowide.so.1.78.0,
libboost_prg_exec_monitor.so.1.78.0, libboost_program_options.so.1.78.0,
libboost_python27.so.1.78.0, libboost_python39.so.1.78.0,
libboost_random.so.1.78.0, libboost_regex.so.1.78.0,
libboost_serialization.so.1.78.0, libboost_stacktrace_addr2line.so.1.78.0,
libboost_stacktrace_basic.so.1.78.0, libboost_stacktrace_noop.so.1.78.0,
libboost_system.so.1.78.0, libboost_thread.so.1.78.0,
libboost_timer.so.1.78.0, libboost_type_erasure.so.1.78.0,
libboost_unit_test_framework.so.1.78.0, libboost_wave.so.1.78.0,
libboost_wserialization.so.1.78.0.
The boost libraries are from the previous package (for temporary
compatibility) and will be removed in a month or so.
a/dialog-1.3_20220414-x86_64-1.txz: Upgraded.
a/gptfdisk-1.0.9-x86_64-1.txz: Upgraded.
ap/pamixer-1.5-x86_64-3.txz: Rebuilt.
Recompiled against boost-1.79.0.
kde/kig-21.12.3-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.79.0.
kde/kopeninghours-21.12.3-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.79.0.
kde/krita-5.0.5-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.79.0.
l/boost-1.79.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/cfitsio-4.1.0-x86_64-1.txz: Upgraded.
l/cryfs-0.10.3-x86_64-5.txz: Rebuilt.
Recompiled against boost-1.79.0.
l/openexr-2.5.7-x86_64-6.txz: Rebuilt.
Recompiled against boost-1.79.0.
extra/php80/php80-8.0.18-x86_64-1.txz: Upgraded.
20220415200144 | Patrick J Volkerding | 2022-04-15 | 1 | -2/+2 |
* | Fri Mar 18 20:16:12 UTC 2022...ap/man-db-2.10.2-x86_64-1.txz: Upgraded.
d/python3-3.9.11-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
libexpat upgraded from 2.4.1 to 2.4.7
bundled pip upgraded from 21.2.4 to 22.0.4
authorization bypass fixed in urllib.request
REDoS avoided in importlib.metadata
For more information, see:
https://pythoninsider.blogspot.com/2022/03/python-3103-3911-3813-and-3713-are-now.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28363
(* Security fix *)
l/nodejs-16.14.2-x86_64-1.txz: Upgraded.
n/gnutls-3.7.4-x86_64-1.txz: Upgraded.
extra/php80/php80-8.0.17-x86_64-1.txz: Upgraded.
extra/php81/php81-8.1.4-x86_64-1.txz: Upgraded.
20220318201612 | Patrick J Volkerding | 2022-03-19 | 1 | -2/+2 |
* | Fri Feb 18 05:29:00 UTC 2022...a/btrfs-progs-5.16.2-x86_64-1.txz: Upgraded.
a/kernel-generic-5.16.10-x86_64-1.txz: Upgraded.
a/kernel-huge-5.16.10-x86_64-1.txz: Upgraded.
a/kernel-modules-5.16.10-x86_64-1.txz: Upgraded.
ap/cups-filters-1.28.12-x86_64-1.txz: Upgraded.
ap/qpdf-10.6.2-x86_64-1.txz: Upgraded.
d/kernel-headers-5.16.10-x86-1.txz: Upgraded.
k/kernel-source-5.16.10-noarch-1.txz: Upgraded.
AMD_PTDMA n -> m
Thanks to walecha.
l/imagemagick-7.1.0_25-x86_64-1.txz: Upgraded.
l/librsvg-2.52.6-x86_64-1.txz: Upgraded.
l/pipewire-0.3.46-x86_64-1.txz: Upgraded.
n/php-7.4.28-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
UAF due to php_filter_float() failing for ints.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21708
(* Security fix *)
x/libdrm-2.4.110-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-97.0.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/97.0.1/releasenotes/
xap/mozilla-thunderbird-91.6.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.6.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-07/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0566
(* Security fix *)
extra/php80/php80-8.0.16-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
UAF due to php_filter_float() failing for ints.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21708
(* Security fix *)
extra/php81/php81-8.1.3-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
UAF due to php_filter_float() failing for ints.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21708
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20220218052900 | Patrick J Volkerding | 2022-02-18 | 1 | -2/+2 |
* | Fri Jan 21 05:47:49 UTC 2022...a/aaa_libraries-15.0-x86_64-15.txz: Rebuilt.
Upgraded: libzstd.so.1.5.2.
a/kernel-firmware-20220119_0c6a7b3-noarch-1.txz: Upgraded.
a/kernel-generic-5.15.16-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.16-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.16-x86_64-1.txz: Upgraded.
ap/vim-8.2.4166-x86_64-1.txz: Upgraded.
d/kernel-headers-5.15.16-x86-1.txz: Upgraded.
d/rust-1.58.1-x86_64-1.txz: Upgraded.
k/kernel-source-5.15.16-noarch-1.txz: Upgraded.
l/qt5-5.15.3_20211130_014c375b-x86_64-2.txz: Rebuilt.
Applied upstream patch:
[PATCH] Move the wayland socket polling to a separate event thread.
Thanks to LuckyCyborg.
l/svgalib-1.9.25-x86_64-7.txz: Rebuilt.
Don't try to use the (broken) assembly. Thanks to nobodino.
l/zstd-1.5.2-x86_64-1.txz: Upgraded.
x/ibus-m17n-1.4.9-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.2.4166-x86_64-1.txz: Upgraded.
extra/php80/php80-8.0.15-x86_64-1.txz: Upgraded.
extra/php81/php81-8.1.2-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20220121054749 | Patrick J Volkerding | 2022-01-21 | 1 | -2/+2 |
* | Fri Dec 17 20:47:13 UTC 2021...a/kernel-generic-5.15.10-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.10-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.10-x86_64-1.txz: Upgraded.
ap/inxi-3.3.11_1-noarch-1.txz: Upgraded.
ap/ksh93-1.0_20211217_ce3e080c-x86_64-1.txz: Upgraded.
ap/neofetch-20211210_ccd5d9f5-noarch-1.txz: Upgraded.
d/Cython-0.29.26-x86_64-1.txz: Upgraded.
d/kernel-headers-5.15.10-x86-1.txz: Upgraded.
k/kernel-source-5.15.10-noarch-1.txz: Upgraded.
l/utf8proc-2.7.0-x86_64-1.txz: Upgraded.
n/ca-certificates-20211216-noarch-1.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
xap/xine-ui-0.99.13-x86_64-1.txz: Upgraded.
extra/php80/php80-8.0.14-x86_64-1.txz: Upgraded.
extra/php81/php81-8.1.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20211217204713 | Patrick J Volkerding | 2021-12-18 | 1 | -2/+2 |
* | Fri Dec 3 20:07:20 UTC 2021...ap/rpm-4.16.1.3-x86_64-4.txz: Rebuilt.
Patched to handle non-compliant RPMs created by install4j. Thanks to alienBOB.
d/poke-1.4-x86_64-1.txz: Upgraded.
l/enchant-2.3.2-x86_64-1.txz: Upgraded.
l/freetype-2.11.1-x86_64-1.txz: Upgraded.
l/glib2-2.70.2-x86_64-1.txz: Upgraded.
n/lynx-2.9.0dev.10-x86_64-1.txz: Upgraded.
extra/php8/php8-8.1.0-x86_64-1.txz: Removed.
extra/php80/php80-8.0.13-x86_64-1.txz: Added.
extra/php81/php81-8.1.0-x86_64-1.txz: Added.
20211203200720 | Patrick J Volkerding | 2021-12-04 | 1 | -0/+2 |