* | Wed Mar 20 00:08:59 UTC 2024...a/sysvinit-scripts-15.1-noarch-14.txz: Rebuilt.
rc.S: fix motd matching so that it works on a fresh install.
d/scons-4.7.0-x86_64-1.txz: Upgraded.
l/adwaita-icon-theme-46.0-noarch-1.txz: Upgraded.
l/at-spi2-core-2.52.0-x86_64-1.txz: Upgraded.
l/gcr4-4.2.1-x86_64-1.txz: Added.
l/gjs-1.80.0-x86_64-1.txz: Upgraded.
l/glib-networking-2.80.0-x86_64-1.txz: Upgraded.
l/glib2-2.80.0-x86_64-1.txz: Upgraded.
l/gobject-introspection-1.80.0-x86_64-1.txz: Upgraded.
l/gsettings-desktop-schemas-46.0-x86_64-1.txz: Upgraded.
l/gtk4-4.14.1-x86_64-1.txz: Upgraded.
l/gvfs-1.54.0-x86_64-1.txz: Upgraded.
l/librsvg-2.58.0-x86_64-1.txz: Upgraded.
l/mozjs115-115.9.0esr-x86_64-1.txz: Added.
Needed by gjs-1.80.0.
l/newt-0.52.24-x86_64-2.txz: Rebuilt.
Drop python2 support.
l/pygobject3-3.48.1-x86_64-1.txz: Upgraded.
l/python-glad2-2.0.6-x86_64-1.txz: Upgraded.
l/python-hatchling-1.22.3-x86_64-1.txz: Upgraded.
l/vte-0.76.0-x86_64-1.txz: Upgraded.
l/wireplumber-0.5.0-x86_64-1.txz: Upgraded.
n/gnutls-3.8.4-x86_64-1.txz: Upgraded.
This update fixes two medium severity security issues:
libgnutls: Fix side-channel in the deterministic ECDSA.
Reported by George Pantelakis (#1516).
libgnutls: Fixed a bug where certtool crashed when verifying a certificate
chain with more than 16 certificates. Reported by William Woodruff (#1525)
and yixiangzhike (#1527).
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-28834
https://www.cve.org/CVERecord?id=CVE-2024-28835
(* Security fix *)
xap/mozilla-firefox-115.9.0esr-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.9.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2024-13/
https://www.cve.org/CVERecord?id=CVE-2024-0743
https://www.cve.org/CVERecord?id=CVE-2024-2605
https://www.cve.org/CVERecord?id=CVE-2024-2607
https://www.cve.org/CVERecord?id=CVE-2024-2608
https://www.cve.org/CVERecord?id=CVE-2024-2616
https://www.cve.org/CVERecord?id=CVE-2023-5388
https://www.cve.org/CVERecord?id=CVE-2024-2610
https://www.cve.org/CVERecord?id=CVE-2024-2611
https://www.cve.org/CVERecord?id=CVE-2024-2612
https://www.cve.org/CVERecord?id=CVE-2024-2614
(* Security fix *)
xap/mozilla-thunderbird-115.9.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.9.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/
https://www.cve.org/CVERecord?id=CVE-2024-0743
https://www.cve.org/CVERecord?id=CVE-2024-2605
https://www.cve.org/CVERecord?id=CVE-2024-2607
https://www.cve.org/CVERecord?id=CVE-2024-2608
https://www.cve.org/CVERecord?id=CVE-2024-2616
https://www.cve.org/CVERecord?id=CVE-2023-5388
https://www.cve.org/CVERecord?id=CVE-2024-2610
https://www.cve.org/CVERecord?id=CVE-2024-2611
https://www.cve.org/CVERecord?id=CVE-2024-2612
https://www.cve.org/CVERecord?id=CVE-2024-2614
(* Security fix *)
20240320000859 | Patrick J Volkerding | 2024-03-20 | 3 | -0/+164 |