summaryrefslogtreecommitdiffstats
path: root/source/l (follow)
Commit message (Expand)AuthorAgeFilesLines
* Wed Oct 11 06:37:21 UTC 2023...a/kernel-generic-6.1.57-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.57-x86_64-1.txz: Upgraded. a/kernel-modules-6.1.57-x86_64-1.txz: Upgraded. d/kernel-headers-6.1.57-x86-1.txz: Upgraded. k/kernel-source-6.1.57-noarch-1.txz: Upgraded. n/c-ares-1.20.1-x86_64-1.txz: Upgraded. n/curl-8.4.0-x86_64-1.txz: Upgraded. This update fixes security issues: Cookie injection with none file. SOCKS5 heap buffer overflow. For more information, see: https://curl.se/docs/CVE-2023-38546.html https://curl.se/docs/CVE-2023-38545.html https://www.cve.org/CVERecord?id=CVE-2023-38546 https://www.cve.org/CVERecord?id=CVE-2023-38545 (* Security fix *) n/nghttp2-1.57.0-x86_64-1.txz: Upgraded. This release has a fix to mitigate the HTTP/2 Rapid Reset vulnerability. For more information, see: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg https://www.cve.org/CVERecord?id=CVE-2023-44487 (* Security fix *) n/samba-4.19.1-x86_64-1.txz: Upgraded. This is a security release in order to address the following defects: Unsanitized pipe names allow SMB clients to connect as root to existing unix domain sockets on the file system. SMB client can truncate files to 0 bytes by opening files with OVERWRITE disposition when using the acl_xattr Samba VFS module with the smb.conf setting "acl_xattr:ignore system acls = yes" An RODC and a user with the GET_CHANGES right can view all attributes, including secrets and passwords. Additionally, the access check fails open on error conditions. Calls to the rpcecho server on the AD DC can request that the server block for a user-defined amount of time, denying service. Samba can be made to start multiple incompatible RPC listeners, disrupting service on the AD DC. For more information, see: https://www.samba.org/samba/security/CVE-2023-3961.html https://www.samba.org/samba/security/CVE-2023-4091.html https://www.samba.org/samba/security/CVE-2023-4154.html https://www.samba.org/samba/security/CVE-2023-42669.html https://www.samba.org/samba/security/CVE-2023-42670.html https://www.cve.org/CVERecord?id=CVE-2023-3961 https://www.cve.org/CVERecord?id=CVE-2023-4091 https://www.cve.org/CVERecord?id=CVE-2023-4154 https://www.cve.org/CVERecord?id=CVE-2023-42669 https://www.cve.org/CVERecord?id=CVE-2023-42670 (* Security fix *) xap/mozilla-thunderbird-115.3.2-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/115.3.2/releasenotes/ isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20231011063721 Patrick J Volkerding2023-10-111-1/+5
* Tue Oct 10 19:27:56 UTC 2023...ap/sqlite-3.43.2-x86_64-1.txz: Upgraded. l/libcue-2.2.1-x86_64-4.txz: Rebuilt. Fixed a bug which could allow memory corruption resulting in arbitrary code execution. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-43641 (* Security fix *) l/libnotify-0.8.3-x86_64-1.txz: Upgraded. This release contains a critical stability/minor security update which affects Electron applications that utilize Portal notifications (eg, through Flatpak). It is highly recommended that all users of libnotify 0.8.x update to this release. (* Security fix *) n/iptables-1.8.10-x86_64-1.txz: Upgraded. 20231010192756 Patrick J Volkerding2023-10-103-2/+28
* Mon Oct 9 18:10:01 UTC 2023...a/aaa_glibc-solibs-2.38-x86_64-2.txz: Rebuilt. ap/qpdf-11.6.2-x86_64-1.txz: Upgraded. ap/vim-9.0.2009-x86_64-1.txz: Upgraded. l/desktop-file-utils-0.27-x86_64-1.txz: Upgraded. l/glibc-2.38-x86_64-2.txz: Rebuilt. These glibc packages are the exact ones that were previously in /testing. A test mass rebuild was done here finding no new FTBFS, so I think these are good to go. :) l/glibc-i18n-2.38-x86_64-2.txz: Rebuilt. l/glibc-profile-2.38-x86_64-2.txz: Rebuilt. l/imagemagick-7.1.1_20-x86_64-1.txz: Upgraded. l/libxkbcommon-1.6.0-x86_64-1.txz: Upgraded. l/shared-mime-info-2.3-x86_64-1.txz: Upgraded. n/c-ares-1.20.0-x86_64-1.txz: Upgraded. n/libtirpc-1.3.4-x86_64-1.txz: Upgraded. n/proftpd-1.3.8a-x86_64-1.txz: Upgraded. n/whois-5.5.19-x86_64-1.txz: Upgraded. Fixed english support for Japanese queries to not add again the /e argument if it had already been provided by the user. (Closes: #1050171) Added the .ye and .*************** (.xn--54b7fta0cc, Bangladesh) TLD servers. Updated the .ba, .bb, .dk, .es, .gt, .jo, .ml, .mo, .pa, .pn, .sv, .uy, .a+-la-r+-d+.n+, (.xn--mgbayh7gpa, Jordan) and .****** (.xn--mix891f, Macao) TLD servers. Upgraded the TLD URLs to HTTPS whenever possible. Updated the charset for whois.jprs.jp. Removed 3 new gTLDs which are no longer active. Removed support for the obsolete as32 dot notation. x/xterm-386-x86_64-1.txz: Upgraded. xap/vim-gvim-9.0.2009-x86_64-1.txz: Upgraded. 20231009181001 Patrick J Volkerding2023-10-0913-270/+1084
* Thu Oct 5 21:44:34 UTC 2023...kde/krita-5.2.0-x86_64-1.txz: Upgraded. l/fftw-3.3.10-x86_64-2.txz: Rebuilt. Build and package missing FFTW3LibraryDepends.cmake. This is needed for krita-5.2.0. l/immer-0.8.1-x86_64-1.txz: Added. This is needed for krita-5.2.0. l/lager-0.1.0-x86_64-1.txz: Added. This is needed for krita-5.2.0. l/libunibreak-5.1-x86_64-1.txz: Added. This is needed for krita-5.2.0. l/zug-0.1.0-x86_64-1.txz: Added. This is needed for krita-5.2.0. xap/network-manager-applet-1.34.0-x86_64-1.txz: Upgraded. 20231005214434 Patrick J Volkerding2023-10-0613-2/+617
* Tue Oct 3 22:19:10 UTC 2023...a/aaa_glibc-solibs-2.37-x86_64-3.txz: Rebuilt. a/dialog-1.3_20231002-x86_64-1.txz: Upgraded. ap/mpg123-1.32.3-x86_64-1.txz: Upgraded. d/llvm-17.0.2-x86_64-1.txz: Upgraded. d/meson-1.2.2-x86_64-2.txz: Rebuilt. [PATCH] Revert rust: apply global, project, and environment C args to bindgen. This fixes building Mesa. Thanks to lucabon and marav. kde/calligra-3.2.1-x86_64-34.txz: Rebuilt. Recompiled against poppler-23.10.0. kde/cantor-23.08.1-x86_64-2.txz: Rebuilt. Recompiled against poppler-23.10.0. kde/kfilemetadata-5.110.0-x86_64-2.txz: Rebuilt. Recompiled against poppler-23.10.0. kde/kile-2.9.93-x86_64-28.txz: Rebuilt. Recompiled against poppler-23.10.0. kde/kitinerary-23.08.1-x86_64-2.txz: Rebuilt. Recompiled against poppler-23.10.0. kde/krita-5.1.5-x86_64-15.txz: Rebuilt. Recompiled against poppler-23.10.0. kde/okular-23.08.1-x86_64-2.txz: Rebuilt. Recompiled against poppler-23.10.0. l/glibc-2.37-x86_64-3.txz: Rebuilt. l/glibc-i18n-2.37-x86_64-3.txz: Rebuilt. Patched to fix the "Looney Tunables" vulnerability, a local privilege escalation in ld.so. This vulnerability was introduced in April 2021 (glibc 2.34) by commit 2ed18c. Thanks to Qualys Research Labs for reporting this issue. For more information, see: https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt https://www.cve.org/CVERecord?id=CVE-2023-4911 (* Security fix *) l/glibc-profile-2.37-x86_64-3.txz: Rebuilt. l/mozilla-nss-3.94-x86_64-1.txz: Upgraded. l/poppler-23.10.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. n/NetworkManager-1.44.2-x86_64-1.txz: Upgraded. n/irssi-1.4.5-x86_64-1.txz: Upgraded. x/fcitx5-5.1.1-x86_64-1.txz: Upgraded. x/fcitx5-anthy-5.1.1-x86_64-1.txz: Upgraded. x/fcitx5-chinese-addons-5.1.1-x86_64-1.txz: Upgraded. x/fcitx5-gtk-5.1.0-x86_64-1.txz: Upgraded. x/fcitx5-hangul-5.1.0-x86_64-1.txz: Upgraded. x/fcitx5-kkc-5.1.0-x86_64-1.txz: Upgraded. x/fcitx5-m17n-5.1.0-x86_64-1.txz: Upgraded. x/fcitx5-qt-5.1.1-x86_64-1.txz: Upgraded. x/fcitx5-sayura-5.1.0-x86_64-1.txz: Upgraded. x/fcitx5-table-extra-5.1.0-x86_64-1.txz: Upgraded. x/fcitx5-table-other-5.1.0-x86_64-1.txz: Upgraded. x/fcitx5-unikey-5.1.1-x86_64-1.txz: Upgraded. x/libX11-1.8.7-x86_64-1.txz: Upgraded. This update fixes security issues: libX11: out-of-bounds memory access in _XkbReadKeySyms(). libX11: stack exhaustion from infinite recursion in PutSubImage(). libX11: integer overflow in XCreateImage() leading to a heap overflow. For more information, see: https://lists.x.org/archives/xorg-announce/2023-October/003424.html https://www.cve.org/CVERecord?id=CVE-2023-43785 https://www.cve.org/CVERecord?id=CVE-2023-43786 https://www.cve.org/CVERecord?id=CVE-2023-43787 (* Security fix *) x/libXpm-3.5.17-x86_64-1.txz: Upgraded. This update fixes security issues: libXpm: out of bounds read in XpmCreateXpmImageFromBuffer(). libXpm: out of bounds read on XPM with corrupted colormap. For more information, see: https://lists.x.org/archives/xorg-announce/2023-October/003424.html https://www.cve.org/CVERecord?id=CVE-2023-43788 https://www.cve.org/CVERecord?id=CVE-2023-43789 (* Security fix *) testing/packages/aaa_glibc-solibs-2.38-x86_64-2.txz: Rebuilt. testing/packages/glibc-2.38-x86_64-2.txz: Rebuilt. Patched to fix the "Looney Tunables" vulnerability, a local privilege escalation in ld.so. This vulnerability was introduced in April 2021 (glibc 2.34) by commit 2ed18c. Thanks to Qualys Research Labs for reporting this issue. For more information, see: https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt https://www.cve.org/CVERecord?id=CVE-2023-4911 (* Security fix *) testing/packages/glibc-i18n-2.38-x86_64-2.txz: Rebuilt. testing/packages/glibc-profile-2.38-x86_64-2.txz: Rebuilt. 20231003221910 Patrick J Volkerding2023-10-044-3/+75
* Mon Oct 2 19:12:58 UTC 2023...kde/kwin-5.27.8-x86_64-2.txz: Rebuilt. [PATCH] fix segfault in EglGbmBackend::textureForOutput. Thanks to marav. l/SDL2-2.28.4-x86_64-1.txz: Upgraded. l/mlt-7.20.0-x86_64-1.txz: Upgraded. l/netpbm-11.04.02-x86_64-1.txz: Upgraded. x/xterm-385-x86_64-1.txz: Upgraded. xfce/xfce4-pulseaudio-plugin-0.4.8-x86_64-1.txz: Upgraded. 20231002191258 Patrick J Volkerding2023-10-022-48/+42
* Sun Oct 1 19:08:38 UTC 2023...l/cairo-1.18.0-x86_64-2.txz: Rebuilt. Rebuilt with -Dsymbol-lookup=disabled to avoid linking to libbfd. l/imagemagick-7.1.1_19-x86_64-1.txz: Upgraded. 20231001190838 Patrick J Volkerding2023-10-011-1/+2
* Sat Sep 30 21:33:49 UTC 2023...a/kmod-31-x86_64-1.txz: Upgraded. l/libvpx-1.13.1-x86_64-1.txz: Upgraded. This release contains two security related fixes -- one each for VP8 and VP9. For more information, see: https://crbug.com/1486441 https://www.cve.org/CVERecord?id=CVE-2023-5217 (* Security fix *) n/conntrack-tools-1.4.8-x86_64-1.txz: Upgraded. x/libime-1.1.2-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-115.3.1-x86_64-1.txz: Upgraded. This release contains a security fix for a critical heap buffer overflow in the libvpx VP8 encoder. For more information, see: https://www.mozilla.org/en-US/thunderbird/115.3.1/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/ https://www.cve.org/CVERecord?id=CVE-2023-5217 (* Security fix *) 20230930213349 Patrick J Volkerding2023-10-012-0/+49
* Fri Sep 29 19:45:18 UTC 2023...d/meson-1.2.2-x86_64-1.txz: Upgraded. l/nodejs-20.8.0-x86_64-1.txz: Upgraded. l/sof-firmware-2023.09-noarch-1.txz: Upgraded. n/bluez-5.70-x86_64-1.txz: Upgraded. n/php-8.2.11-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.php.net/ChangeLog-8.php#8.2.11 x/mesa-23.2.1-x86_64-1.txz: Upgraded. x/xman-1.1.6-x86_64-1.txz: Upgraded. xfce/xfce4-clipman-plugin-1.6.5-x86_64-1.txz: Upgraded. 20230929194518 Patrick J Volkerding2023-09-291-8/+8
* Thu Sep 28 21:37:06 UTC 2023...ap/mpg123-1.32.2-x86_64-1.txz: Upgraded. l/cairo-1.18.0-x86_64-1.txz: Upgraded. l/gtk4-4.12.3-x86_64-1.txz: Upgraded. x/fonttosfnt-1.2.3-x86_64-1.txz: Upgraded. xap/geeqie-2.1-x86_64-2.txz: Rebuilt. Patched and recompiled against lua-5.4.6. xap/mozilla-firefox-115.3.1esr-x86_64-1.txz: Upgraded. This update contains a security fix. For more information, see: https://www.mozilla.org/en-US/firefox/115.3.1/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/ https://www.cve.org/CVERecord?id=CVE-2023-5217 (* Security fix *) xfce/xfce4-panel-4.18.5-x86_64-1.txz: Upgraded. testing/packages/aaa_glibc-solibs-2.38-x86_64-1.txz: Added. testing/packages/glibc-2.38-x86_64-1.txz: Added. Instead of building the deprecated glibc crypt library, bundle libxcrypt-4.4.36 (both .so.1 compat version and .so.2 new API version). testing/packages/glibc-i18n-2.38-x86_64-1.txz: Added. testing/packages/glibc-profile-2.38-x86_64-1.txz: Added. 20230928213706 Patrick J Volkerding2023-09-291-46/+20
* Wed Sep 27 23:51:07 UTC 2023...kde/ktextaddons-1.5.2-x86_64-1.txz: Upgraded. l/fluidsynth-2.3.4-x86_64-1.txz: Upgraded. l/opencv-4.8.1-x86_64-1.txz: Upgraded. l/openexr-3.2.1-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-115.3.0-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/115.3.0/releasenotes/ 20230927235107 Patrick J Volkerding2023-09-281-1/+1
* Mon Sep 25 19:19:27 UTC 2023...ap/man-db-2.12.0-x86_64-1.txz: Upgraded. ap/mpg123-1.32.1-x86_64-1.txz: Upgraded. d/llvm-17.0.1-x86_64-1.txz: Upgraded. Shared library .so-version bump. d/lua-5.4.6-x86_64-4.txz: Rebuilt. Fixed prefix and $LIBDIRSUFFIX in lua.pc. Thanks to ArTourter. d/parallel-20230922-noarch-1.txz: Upgraded. kde/kdevelop-23.08.1-x86_64-2.txz: Rebuilt. Recompiled against llvm-17.0.1. l/imagemagick-7.1.1_18-x86_64-1.txz: Upgraded. l/libclc-17.0.1-x86_64-1.txz: Upgraded. l/qt5-5.15.10_20230923_6e8e373e-x86_64-1.txz: Upgraded. Compiled against llvm-17.0.1. l/spirv-llvm-translator-17.0.0-x86_64-1.txz: Upgraded. Compiled against llvm-17.0.1. x/mesa-23.2.0_rc4-x86_64-1.txz: Upgraded. Compiled against llvm-17.0.1. 20230925191927 Patrick J Volkerding2023-09-255-95/+4
* Thu Sep 21 19:32:42 UTC 2023...a/gettext-0.22.2-x86_64-1.txz: Upgraded. ap/cups-2.4.7-x86_64-1.txz: Upgraded. This update fixes bugs and a security issue: Fixed Heap-based buffer overflow when reading Postscript in PPD files. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-4504 (* Security fix *) d/cmake-3.27.6-x86_64-1.txz: Upgraded. d/gettext-tools-0.22.2-x86_64-1.txz: Upgraded. l/dconf-editor-45.0.1-x86_64-1.txz: Upgraded. l/gst-plugins-bad-free-1.22.6-x86_64-1.txz: Upgraded. l/gst-plugins-base-1.22.6-x86_64-1.txz: Upgraded. l/gst-plugins-good-1.22.6-x86_64-1.txz: Upgraded. l/gst-plugins-libav-1.22.6-x86_64-1.txz: Upgraded. l/gstreamer-1.22.6-x86_64-1.txz: Upgraded. l/gtk4-4.12.2-x86_64-1.txz: Upgraded. l/imagemagick-7.1.1_17-x86_64-1.txz: Upgraded. n/bind-9.18.19-x86_64-1.txz: Upgraded. This update fixes bugs and security issues: Limit the amount of recursion that can be performed by isccc_cc_fromwire. Fix use-after-free error in TLS DNS code when sending data. For more information, see: https://kb.isc.org/docs/cve-2023-3341 https://www.cve.org/CVERecord?id=CVE-2023-3341 https://kb.isc.org/docs/cve-2023-4236 https://www.cve.org/CVERecord?id=CVE-2023-4236 (* Security fix *) n/stunnel-5.71-x86_64-1.txz: Upgraded. x/mesa-23.1.8-x86_64-1.txz: Upgraded. x/xorg-server-xwayland-23.2.1-x86_64-1.txz: Upgraded. xap/freerdp-2.11.2-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-115.2.3-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/115.2.3/releasenotes/ xap/seamonkey-2.53.17.1-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.seamonkey-project.org/releases/seamonkey2.53.17.1 https://www.cve.org/CVERecord?id=CVE-2023-4863 (* Security fix *) 20230921193242 Patrick J Volkerding2023-09-212-2/+2
* Mon Sep 18 18:40:04 UTC 2023...a/sysklogd-2.5.2-x86_64-1.txz: Upgraded. d/cargo-vendor-filterer-0.5.11-x86_64-1.txz: Upgraded. l/adwaita-icon-theme-45.0-noarch-1.txz: Upgraded. l/gsettings-desktop-schemas-45.0-x86_64-1.txz: Upgraded. l/imagemagick-7.1.1_16-x86_64-1.txz: Upgraded. l/libdeflate-1.19-x86_64-1.txz: Upgraded. l/libqalculate-4.8.1-x86_64-1.txz: Upgraded. l/vte-0.74.0-x86_64-1.txz: Upgraded. n/netatalk-3.1.17-x86_64-1.txz: Upgraded. This update fixes bugs and a security issue: Validate data type in dalloc_value_for_key(). This flaw could allow a malicious actor to cause Netatalk's afpd daemon to crash, or possibly to execute arbitrary code. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-42464 (* Security fix *) 20230918184004 Patrick J Volkerding2023-09-183-45/+35
* Sat Sep 16 18:48:39 UTC 2023...ap/vim-9.0.1903-x86_64-1.txz: Upgraded. l/at-spi2-atk-2.38.0-x86_64-3.txz: Removed. l/at-spi2-core-2.50.0-x86_64-1.txz: Upgraded. This now includes the features from the former at-spi2-atk and atk packages. l/atk-2.38.0-x86_64-1.txz: Removed. l/cairo-1.17.6-x86_64-1.txz: Upgraded. l/glib-networking-2.78.0-x86_64-1.txz: Upgraded. l/gobject-introspection-1.78.1-x86_64-1.txz: Upgraded. l/json-glib-1.8.0-x86_64-1.txz: Upgraded. l/libsoup3-3.4.3-x86_64-1.txz: Upgraded. xap/vim-gvim-9.0.1903-x86_64-1.txz: Upgraded. 20230916184839 Patrick J Volkerding2023-09-168-307/+19
* Fri Sep 15 19:48:39 UTC 2023...ap/ksh93-1.0.7-x86_64-1.txz: Upgraded. d/cmake-3.27.5-x86_64-1.txz: Upgraded. d/python3-3.9.18-x86_64-1.txz: Upgraded. This update fixes a security issue: Fixed an issue where instances of ssl.SSLSocket were vulnerable to a bypass of the TLS handshake and included protections (like certificate verification) and treating sent unencrypted data as if it were post-handshake TLS encrypted data. Security issue reported by Aapo Oksman; patch by Gregory P. Smith. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-40217 (* Security fix *) l/gvfs-1.52.0-x86_64-1.txz: Upgraded. l/mozjs102-102.15.1esr-x86_64-1.txz: Upgraded. n/dovecot-2.3.21-x86_64-1.txz: Upgraded. x/ibus-table-1.17.3-x86_64-1.txz: Upgraded. x/igt-gpu-tools-1.28-x86_64-1.txz: Upgraded. x/libva-2.20.0-x86_64-1.txz: Upgraded. x/libva-utils-2.20.0-x86_64-1.txz: Upgraded. xfce/elementary-xfce-0.18-x86_64-1.txz: Upgraded. 20230915194839 Patrick J Volkerding2023-09-151-0/+1
* Thu Sep 14 02:38:14 UTC 2023...a/kernel-firmware-20230907_dfa1146-noarch-1.txz: Upgraded. a/kernel-generic-6.1.53-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.53-x86_64-1.txz: Upgraded. a/kernel-modules-6.1.53-x86_64-1.txz: Upgraded. ap/ghostscript-10.02.0-x86_64-1.txz: Upgraded. ap/vim-9.0.1897-x86_64-2.txz: Rebuilt. Recompiled against libsodium-1.0.19. d/cbindgen-0.26.0-x86_64-1.txz: Upgraded. d/kernel-headers-6.1.53-x86-1.txz: Upgraded. k/kernel-source-6.1.53-noarch-1.txz: Upgraded. kde/keysmith-23.08.0-x86_64-2.txz: Rebuilt. Recompiled against libsodium-1.0.19. l/glib2-2.78.0-x86_64-2.txz: Rebuilt. [PATCH] gthreadedresolver: Fix race between source callbacks and finalize. Thanks to marav. l/libarchive-3.7.2-x86_64-1.txz: Upgraded. This update fixes multiple security vulnerabilities in the PAX writer: Heap overflow in url_encode() in archive_write_set_format_pax.c. NULL dereference in archive_write_pax_header_xattrs(). Another NULL dereference in archive_write_pax_header_xattrs(). NULL dereference in archive_write_pax_header_xattr(). (* Security fix *) l/librsvg-2.56.4-x86_64-1.txz: Upgraded. l/libsodium-1.0.19-x86_64-1.txz: Upgraded. Shared library .so-version bump. n/curl-8.3.0-x86_64-1.txz: Upgraded. This update fixes a security issue: HTTP headers eat all memory. https://curl.se/docs/CVE-2023-38039.html https://www.cve.org/CVERecord?id=CVE-2023-38039 (* Security fix *) n/dovecot-2.3.20-x86_64-4.txz: Rebuilt. Recompiled against libsodium-1.0.19. n/netatalk-3.1.16-x86_64-1.txz: Upgraded. This update fixes bugs and security issues. Shared library .so-version bump. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-23121 https://www.cve.org/CVERecord?id=CVE-2022-23123 (* Security fix *) n/openldap-2.6.6-x86_64-2.txz: Rebuilt. Recompiled against libsodium-1.0.19. n/php-8.2.10-x86_64-2.txz: Rebuilt. Recompiled against libsodium-1.0.19. n/proftpd-1.3.8-x86_64-4.txz: Rebuilt. Recompiled against libsodium-1.0.19. x/libglvnd-1.7.0-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-115.2.2-x86_64-1.txz: Upgraded. This release contains a security fix for a critical heap buffer overflow. For more information, see: https://www.mozilla.org/en-US/thunderbird/115.2.2/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/ https://www.cve.org/CVERecord?id=CVE-2023-4863 (* Security fix *) xap/vim-gvim-9.0.1897-x86_64-2.txz: Rebuilt. Recompiled against libsodium-1.0.19. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20230914023814 Patrick J Volkerding2023-09-143-5/+139
* Sat Sep 9 18:05:16 UTC 2023...a/mcelog-195-x86_64-1.txz: Upgraded. d/rust-1.70.0-x86_64-2.txz: Rebuilt. Fixed path in rust-lldb. Thanks to gildbg. l/glib2-2.78.0-x86_64-1.txz: Upgraded. l/gobject-introspection-1.78.0-x86_64-1.txz: Upgraded. l/harfbuzz-8.2.0-x86_64-1.txz: Upgraded. l/nodejs-20.6.1-x86_64-1.txz: Upgraded. n/mutt-2.2.12-x86_64-1.txz: Upgraded. x/font-util-1.4.1-x86_64-1.txz: Upgraded. testing/packages/rust-1.72.0-x86_64-2.txz: Rebuilt. Fixed path in rust-lldb. Thanks to gildbg. 20230909180516 Patrick J Volkerding2023-09-092-78/+1
* Thu Sep 7 19:41:00 UTC 2023...d/rust-bindgen-0.68.1-x86_64-1.txz: Upgraded. l/glib2-2.76.5-x86_64-2.txz: Rebuilt. [PATCH] gkeyfile: Temporarily re-allow invalid escapes when parsing strings. l/netpbm-11.03.05-x86_64-1.txz: Upgraded. n/iproute2-6.5.0-x86_64-2.txz: Rebuilt. Fixed build/install script issues due to config files moving from /etc. 20230907194100 Patrick J Volkerding2023-09-072-1/+78
* Thu Sep 7 02:04:52 UTC 2023...a/kernel-firmware-20230906_ad03b85-noarch-1.txz: Upgraded. a/kernel-generic-6.1.52-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.52-x86_64-1.txz: Upgraded. a/kernel-modules-6.1.52-x86_64-1.txz: Upgraded. d/kernel-headers-6.1.52-x86-1.txz: Upgraded. d/lua-5.4.6-x86_64-3.txz: Rebuilt. Set MYCFLAGS rather than CFLAGS in the build script to keep the other default CFLAGS in src/Makefile. This automatically sets -DLUA_USE_LINUX as well as -DLUA_COMPAT_5_3. d/mercurial-6.5.2-x86_64-1.txz: Upgraded. k/kernel-source-6.1.52-noarch-1.txz: Upgraded. kde/alkimia-8.1.2-x86_64-1.txz: Upgraded. kde/calligra-3.2.1-x86_64-33.txz: Rebuilt. Recompiled against poppler-23.09.0. kde/cantor-23.08.0-x86_64-2.txz: Rebuilt. Recompiled against poppler-23.09.0. kde/kfilemetadata-5.109.0-x86_64-2.txz: Rebuilt. Recompiled against poppler-23.09.0. kde/kile-2.9.93-x86_64-27.txz: Rebuilt. Recompiled against poppler-23.09.0. kde/kitinerary-23.08.0-x86_64-2.txz: Rebuilt. Recompiled against poppler-23.09.0. kde/krita-5.1.5-x86_64-14.txz: Rebuilt. Recompiled against poppler-23.09.0. kde/ktextaddons-1.5.0-x86_64-1.txz: Upgraded. kde/okular-23.08.0-x86_64-2.txz: Rebuilt. Recompiled against poppler-23.09.0. l/poppler-23.09.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/zstd-1.5.5-x86_64-3.txz: Rebuilt. Fix library path in zstdTargets-release.cmake. Thanks to Steven Voges and gian_d. Use additional build options: -DZSTD_BUILD_STATIC=OFF -DZSTD_PROGRAMS_LINK_SHARED=ON -DZSTD_LZ4_SUPPORT=ON -DZSTD_LZMA_SUPPORT=ON -DZSTD_ZLIB_SUPPORT=ON Thanks to USUARIONUEVO. n/iproute2-6.5.0-x86_64-1.txz: Upgraded. t/texlive-2023.230322-x86_64-5.txz: Rebuilt. Recompiled against zlib-1.3 to fix lualatex. Thanks to unInstance and marav. x/ibus-libpinyin-1.15.4-x86_64-1.txz: Upgraded. x/mesa-23.1.7-x86_64-1.txz: Upgraded. xap/gnuplot-5.4.9-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20230907020452 Patrick J Volkerding2023-09-071-3/+11
* Mon Sep 4 20:13:03 UTC 2023...ap/vim-9.0.1863-x86_64-1.txz: Upgraded. Compiled with --enable-luainterp=dynamic. l/gtk4-4.12.1-x86_64-1.txz: Upgraded. n/nghttp2-1.56.0-x86_64-1.txz: Upgraded. n/samba-4.19.0-x86_64-1.txz: Upgraded. xap/freerdp-2.11.1-x86_64-1.txz: Upgraded. xap/vim-gvim-9.0.1863-x86_64-1.txz: Upgraded. Compiled with --enable-luainterp=dynamic. 20230904201303 Patrick J Volkerding2023-09-041-3/+4
* Sun Sep 3 19:37:21 UTC 2023...l/zstd-1.5.5-x86_64-2.txz: Rebuilt. Build with cmake. Thanks to F0nix. n/postfix-3.8.2-x86_64-1.txz: Upgraded. 20230903193721 Patrick J Volkerding2023-09-031-13/+18
* Sun Sep 3 04:27:04 UTC 2023...a/dbus-1.14.10-x86_64-1.txz: Upgraded. a/kernel-firmware-20230901_bb4f658-noarch-1.txz: Upgraded. a/kernel-generic-6.1.51-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.51-x86_64-1.txz: Upgraded. a/kernel-modules-6.1.51-x86_64-1.txz: Upgraded. a/pkgtools-15.1-noarch-7.txz: Rebuilt. pkgtool: Make the "Setup" menu (rerun selected installer scripts) larger. Thanks to Stuart Winter. ap/alsa-utils-1.2.10-x86_64-1.txz: Upgraded. d/kernel-headers-6.1.51-x86-1.txz: Upgraded. d/strace-6.5-x86_64-1.txz: Upgraded. k/kernel-source-6.1.51-noarch-1.txz: Upgraded. l/SDL2-2.28.3-x86_64-1.txz: Upgraded. l/alsa-lib-1.2.10-x86_64-1.txz: Upgraded. l/at-spi2-core-2.48.4-x86_64-1.txz: Upgraded. l/gmime-3.2.14-x86_64-1.txz: Upgraded. l/libgphoto2-2.5.31-x86_64-1.txz: Upgraded. xfce/thunar-4.18.7-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20230903042704 Patrick J Volkerding2023-09-031-1/+1
* Fri Sep 1 20:16:14 UTC 2023...a/btrfs-progs-6.5-x86_64-1.txz: Upgraded. kde/kimageformats-5.109.0-x86_64-2.txz: Rebuilt. Recompiled against openexr-3.2.0. kde/kio-extras-23.08.0-x86_64-2.txz: Rebuilt. Recompiled against openexr-3.2.0. kde/krita-5.1.5-x86_64-13.txz: Rebuilt. Recompiled against openexr-3.2.0. l/brotli-1.1.0-x86_64-1.txz: Upgraded. l/gegl-0.4.46-x86_64-2.txz: Rebuilt. Recompiled against openexr-3.2.0. l/glib2-2.76.5-x86_64-1.txz: Upgraded. l/gst-plugins-bad-free-1.22.5-x86_64-2.txz: Rebuilt. Recompiled against openexr-3.2.0. l/imagemagick-7.1.1_15-x86_64-2.txz: Rebuilt. Recompiled against openexr-3.2.0. l/libdeflate-1.18-x86_64-1.txz: Added. This is needed for openexr-3.2.0. l/mozilla-nss-3.93-x86_64-1.txz: Upgraded. l/opencv-4.8.0-x86_64-2.txz: Rebuilt. Recompiled against openexr-3.2.0. l/openexr-3.2.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. n/php-8.2.10-x86_64-1.txz: Upgraded. n/wget2-2.1.0-x86_64-1.txz: Upgraded. x/libwacom-2.8.0-x86_64-1.txz: Upgraded. xap/gimp-2.10.34-x86_64-6.txz: Rebuilt. Recompiled against openexr-3.2.0. xap/xscreensaver-6.07-x86_64-1.txz: Upgraded. 20230901201614 Patrick J Volkerding2023-09-0111-43/+144
* Wed Aug 30 21:58:04 UTC 2023...a/dcron-4.5-x86_64-13.txz: Rebuilt. rc.crond: ensure world-writable permissions on /run/cron, needed for crontab -e with some editors. Thanks to lostintime. a/kernel-firmware-20230830_5ebb591-noarch-1.txz: Upgraded. a/kernel-generic-6.1.50-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.50-x86_64-1.txz: Upgraded. a/kernel-modules-6.1.50-x86_64-1.txz: Upgraded. d/ccache-4.8.3-x86_64-1.txz: Upgraded. d/clinfo-3.0.23.01.25-x86_64-1.txz: Added. Thanks to Heinz Wiesinger. d/kernel-headers-6.1.50-x86-1.txz: Upgraded. d/vala-0.56.13-x86_64-1.txz: Upgraded. k/kernel-source-6.1.50-noarch-1.txz: Upgraded. l/libnl3-3.8.0-x86_64-1.txz: Upgraded. l/mozjs102-102.15.0esr-x86_64-1.txz: Upgraded. x/mesa-23.1.6-x86_64-1.txz: Upgraded. It appears that mesa-23.2.0 was pulled and replaced with mesa-23.2.0-rc2 sometime after we upgraded to it. I've tested this version and it does not suffer from the "radeon: failed testing IB on GFX ring" bug that was happening with mesa-23.1.3, so let's use it for now. xap/mozilla-firefox-115.2.0esr-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/115.2.0/releasenotes/ https://www.mozilla.org/security/advisories/mfsa2023-36/ https://www.cve.org/CVERecord?id=CVE-2023-4573 https://www.cve.org/CVERecord?id=CVE-2023-4574 https://www.cve.org/CVERecord?id=CVE-2023-4575 https://www.cve.org/CVERecord?id=CVE-2023-4576 https://www.cve.org/CVERecord?id=CVE-2023-4577 https://www.cve.org/CVERecord?id=CVE-2023-4051 https://www.cve.org/CVERecord?id=CVE-2023-4578 https://www.cve.org/CVERecord?id=CVE-2023-4053 https://www.cve.org/CVERecord?id=CVE-2023-4580 https://www.cve.org/CVERecord?id=CVE-2023-4581 https://www.cve.org/CVERecord?id=CVE-2023-4582 https://www.cve.org/CVERecord?id=CVE-2023-4583 https://www.cve.org/CVERecord?id=CVE-2023-4584 https://www.cve.org/CVERecord?id=CVE-2023-4585 (* Security fix *) xap/mozilla-thunderbird-115.2.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/115.2.0/releasenotes/ (* Security fix *) isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20230830215804 Patrick J Volkerding2023-08-311-2/+3
* Tue Aug 29 18:55:59 UTC 2023...a/coreutils-9.4-x86_64-1.txz: Upgraded. d/cbindgen-0.25.0-x86_64-1.txz: Upgraded. l/ffmpeg-5.1.3-x86_64-2.txz: Rebuilt. Patched and recompiled against vulkan-sdk-1.3.250.0. Thanks to lucabon. l/pipewire-0.3.79-x86_64-1.txz: Upgraded. xfce/xfce4-whiskermenu-plugin-2.8.0-x86_64-1.txz: Upgraded. 20230829185559 Patrick J Volkerding2023-08-292-1/+19
* Tue Aug 29 00:06:09 UTC 2023...l/fmt-10.1.1-x86_64-1.txz: Upgraded. l/libedit-20230828_3.1-x86_64-1.txz: Upgraded. n/daemon-0.8.4-x86_64-1.txz: Upgraded. x/vulkan-sdk-1.3.250.0-x86_64-1.txz: Upgraded. Thanks to Heinz Wiesinger. xap/freerdp-2.11.0-x86_64-1.txz: Upgraded. 20230829000609 Patrick J Volkerding2023-08-292-12/+0
* Mon Aug 28 00:38:01 UTC 2023...a/kernel-generic-6.1.49-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.49-x86_64-1.txz: Upgraded. a/kernel-modules-6.1.49-x86_64-1.txz: Upgraded. ap/sqlite-3.43.0-x86_64-2.txz: Rebuilt. Build/package sqldiff and sqlite3_analyzer. Thanks to Heinz Wiesinger. d/doxygen-1.9.8-x86_64-1.txz: Upgraded. d/kernel-headers-6.1.49-x86-1.txz: Upgraded. k/kernel-source-6.1.49-noarch-1.txz: Upgraded. l/libedit-20230827_3.1-x86_64-1.txz: Upgraded. x/m17n-lib-1.8.4-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20230828003801 Patrick J Volkerding2023-08-282-0/+12
* Sat Aug 26 05:08:30 UTC 2023...kde/calligra-3.2.1-x86_64-32.txz: Rebuilt. Recompiled against okular-23.08.0. l/freetype-2.13.2-x86_64-1.txz: Upgraded. n/bluez-5.69-x86_64-1.txz: Upgraded. t/fig2dev-3.2.9-x86_64-1.txz: Upgraded. t/xfig-3.2.9-x86_64-1.txz: Upgraded. x/libinput-1.24.0-x86_64-1.txz: Upgraded. x/xf86-input-libinput-1.4.0-x86_64-1.txz: Upgraded. testing/packages/rust-1.72.0-x86_64-1.txz: Upgraded. 20230826050830 Patrick J Volkerding2023-08-261-1/+1
* Tue Aug 22 19:28:18 UTC 2023...l/mpfr-4.2.1-x86_64-1.txz: Upgraded. l/pipewire-0.3.78-x86_64-1.txz: Upgraded. n/getmail-6.18.13-x86_64-1.txz: Upgraded. x/ibus-anthy-1.5.15-x86_64-1.txz: Upgraded. x/ibus-m17n-1.4.22-x86_64-1.txz: Upgraded. x/ibus-table-1.17.2-x86_64-1.txz: Upgraded. x/libime-1.1.0-x86_64-1.txz: Upgraded. xfce/xfce4-terminal-1.1.0-x86_64-1.txz: Upgraded. 20230822192818 Patrick J Volkerding2023-08-2212-2194/+0
* Wed Aug 16 20:45:00 UTC 2023...a/kernel-firmware-20230814_0e048b0-noarch-1.txz: Upgraded. a/kernel-generic-6.1.46-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.46-x86_64-1.txz: Upgraded. a/kernel-modules-6.1.46-x86_64-1.txz: Upgraded. ap/inxi-3.3.29_1-noarch-1.txz: Upgraded. d/kernel-headers-6.1.46-x86-1.txz: Upgraded. k/kernel-source-6.1.46-noarch-1.txz: Upgraded. -ACPI_TINY_POWER_BUTTON n ACPI_AC m -> y ACPI_BATTERY m -> y ACPI_BUTTON m -> y ACPI_FAN m -> y ACPI_THERMAL m -> y kde/kirigami-addons-0.11.0-x86_64-1.txz: Upgraded. n/bind-9.18.18-x86_64-1.txz: Upgraded. n/httpd-2.4.57-x86_64-2.txz: Rebuilt. rc.httpd: wait using pwait after stopping, fix usage to show force-restart. Thanks to metaed. n/net-snmp-5.9.4-x86_64-1.txz: Upgraded. n/openvpn-2.6.6-x86_64-1.txz: Upgraded. n/php-8.2.9-x86_64-1.txz: Upgraded. This update fixes bugs and security issues: Security issue with external entity loading in XML without enabling it. Buffer mismanagement in phar_dir_read(). For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824 (* Security fix *) x/xorg-server-xwayland-23.2.0-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-115.1.1-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/115.1.1/releasenotes/ isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20230816204500 Patrick J Volkerding2023-08-161-0/+4
* Mon Aug 14 19:04:41 UTC 2023...ap/mariadb-10.11.5-x86_64-1.txz: Upgraded. ap/mc-4.8.30-x86_64-1.txz: Upgraded. d/vala-0.56.11-x86_64-1.txz: Upgraded. l/json-c-0.17_20230812-x86_64-1.txz: Upgraded. l/libsndfile-1.2.2-x86_64-1.txz: Upgraded. l/openexr-3.1.11-x86_64-1.txz: Upgraded. 20230814190441 Patrick J Volkerding2023-08-144-32/+8
* Sat Aug 12 00:43:19 UTC 2023...a/aaa_libraries-15.1-x86_64-21.txz: Rebuilt. Upgraded: libcap.so.2.69, liblzma.so.5.4.4, libboost*.so.1.82.0, libglib-2.0.so.0.7600.4, libgmodule-2.0.so.0.7600.4, libgmp.so.10.5.0, libgmpxx.so.4.7.0, libgobject-2.0.so.0.7600.4, libgthread-2.0.so.0.7600.4, libjpeg.so.62.4.0, libpng16.so.16.40.0, libstdc++.so.6.0.32, libtdb.so.1.4.9, libturbojpeg.so.0.3.0. a/kernel-firmware-20230809_789aa81-noarch-1.txz: Upgraded. a/kernel-generic-6.1.45-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.45-x86_64-1.txz: Upgraded. a/kernel-modules-6.1.45-x86_64-1.txz: Upgraded. ap/pamixer-1.5-x86_64-7.txz: Rebuilt. Recompiled against boost-1.83.0. d/kernel-headers-6.1.45-x86-1.txz: Upgraded. k/kernel-source-6.1.45-noarch-1.txz: Upgraded. kde/kig-23.04.3-x86_64-2.txz: Rebuilt. Recompiled against boost-1.83.0. kde/kopeninghours-23.04.3-x86_64-2.txz: Rebuilt. Recompiled against boost-1.83.0. kde/krita-5.1.5-x86_64-12.txz: Rebuilt. Recompiled against boost-1.83.0. l/boost-1.83.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. The shared libraries from the previous version will stick around in the aaa_libraries package for at least a month. l/cryfs-0.10.3-x86_64-9.txz: Rebuilt. Recompiled against boost-1.83.0. x/fcitx5-chinese-addons-5.0.17-x86_64-3.txz: Rebuilt. Recompiled against boost-1.83.0. x/libime-1.0.17-x86_64-3.txz: Rebuilt. Recompiled against boost-1.83.0. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20230812004319 Patrick J Volkerding2023-08-121-1/+1
* Thu Aug 10 20:23:33 UTC 2023...Thanks to Heinz Wiesinger for these added python packages to implement PEP 427 and PEP 517! Python modules are phasing out setup.py in favor of building wheels, and then using python-installer to install them. These are the bits needed to make that happen. l/python-build-0.10.0-x86_64-1.txz: Added. l/python-flit-core-3.9.0-x86_64-1.txz: Added. l/python-glad2-2.0.4-x86_64-1.txz: Added. l/python-installer-0.7.0-x86_64-1.txz: Added. l/python-lxml-4.9.3-x86_64-1.txz: Added. l/python-pyproject-hooks-1.0.0-x86_64-1.txz: Added. l/python-tomli-w-1.0.0-x86_64-1.txz: Added. l/python-wheel-0.41.1-x86_64-1.txz: Added. n/nftables-1.0.8-x86_64-2.txz: Rebuilt. Correctly generate nftables Python module using PEP 427/517 method. Thanks to marav. n/openssh-9.4p1-x86_64-1.txz: Upgraded. 20230810202333 Patrick J Volkerding2023-08-1024-0/+921
* Mon Aug 7 19:22:02 UTC 2023...a/sdparm-1.12-x86_64-3.txz: Rebuilt. Recompiled against sg3_utils-1.48. a/udisks-1.0.5-x86_64-11.txz: Rebuilt. Recompiled against sg3_utils-1.48. Does anything still need this? ap/vim-9.0.1678-x86_64-1.txz: Upgraded. Applied the last patch from Bram Moolenaar. RIP Bram, and thanks for your great work on VIM and your kindness to the orphan children in Uganda. If you'd like to honor Bram with a donation to his charity, please visit: https://iccf-holland.org/ d/mercurial-6.5.1-x86_64-1.txz: Upgraded. d/vala-0.56.10-x86_64-1.txz: Upgraded. kde/plasma-desktop-5.27.7.1-x86_64-1.txz: Upgraded. kde/sddm-0.20.0-x86_64-2.txz: Rebuilt. Eliminate duplicate log messages polluting the first virtual console. l/gtk4-4.10.5-x86_64-1.txz: Upgraded. l/gvfs-1.50.6-x86_64-1.txz: Upgraded. l/libgpod-0.8.3-x86_64-12.txz: Rebuilt. Recompiled against sg3_utils-1.48. l/netpbm-11.03.02-x86_64-1.txz: Upgraded. l/sg3_utils-1.48-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/speech-dispatcher-0.11.5-x86_64-1.txz: Upgraded. n/gnutls-3.8.1-x86_64-1.txz: Upgraded. n/nfs-utils-2.6.3-x86_64-2.txz: Rebuilt. Move 99-nfs.rules to the proper directory. Thanks to Petri Kaukasoina. xap/vim-gvim-9.0.1678-x86_64-1.txz: Upgraded. 20230807192202 Patrick J Volkerding2023-08-071-1/+1
* Fri Aug 4 20:17:36 UTC 2023...a/hwdata-0.373-noarch-1.txz: Upgraded. a/kernel-firmware-20230731_253cc17-noarch-1.txz: Upgraded. a/kernel-generic-6.1.43-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.43-x86_64-1.txz: Upgraded. a/kernel-modules-6.1.43-x86_64-1.txz: Upgraded. a/sysklogd-2.5.1-x86_64-1.txz: Upgraded. a/xz-5.4.4-x86_64-1.txz: Upgraded. ap/man-pages-6.05.01-noarch-1.txz: Upgraded. d/kernel-headers-6.1.43-x86-1.txz: Upgraded. k/kernel-source-6.1.43-noarch-1.txz: Upgraded. kde/ktextaddons-1.4.0-x86_64-1.txz: Upgraded. l/SDL2-2.28.2-x86_64-1.txz: Upgraded. l/harfbuzz-8.1.1-x86_64-1.txz: Upgraded. l/mozjs102-102.14.0esr-x86_64-1.txz: Upgraded. l/netpbm-11.03.01-x86_64-1.txz: Upgraded. l/openexr-3.1.10-x86_64-1.txz: Upgraded. l/pipewire-0.3.77-x86_64-1.txz: Upgraded. l/poppler-23.08.0-x86_64-1.txz: Upgraded. xap/mozilla-firefox-115.1.0esr-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/115.1.0esr/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/ https://www.cve.org/CVERecord?id=CVE-2023-4045 https://www.cve.org/CVERecord?id=CVE-2023-4046 https://www.cve.org/CVERecord?id=CVE-2023-4047 https://www.cve.org/CVERecord?id=CVE-2023-4048 https://www.cve.org/CVERecord?id=CVE-2023-4049 https://www.cve.org/CVERecord?id=CVE-2023-4050 https://www.cve.org/CVERecord?id=CVE-2023-4052 https://www.cve.org/CVERecord?id=CVE-2023-4054 https://www.cve.org/CVERecord?id=CVE-2023-4055 https://www.cve.org/CVERecord?id=CVE-2023-4056 https://www.cve.org/CVERecord?id=CVE-2023-4057 (* Security fix *) xap/mozilla-thunderbird-115.1.0-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/115.1.0/releasenotes/ isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. testing/packages/rust-1.71.1-x86_64-1.txz: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20230804201736 Patrick J Volkerding2023-08-044-1/+84
* Sun Jul 30 20:33:52 UTC 2023...d/binutils-2.41-x86_64-1.txz: Upgraded. d/oprofile-1.4.0-x86_64-12.txz: Rebuilt. Recompiled against binutils-2.41. d/tree-sitter-0.20.8-x86_64-1.txz: Added. This is a dependency for an interesting new feature of emacs-29.1. e/emacs-29.1-x86_64-1.txz: Upgraded. Compiled against tree-sitter-0.20.8. Grammar libraries for this can be downloaded and installed from within Emacs - see the NEWS file for details. l/gmp-6.3.0-x86_64-1.txz: Upgraded. l/libarchive-3.7.1-x86_64-1.txz: Upgraded. l/polkit-123-x86_64-1.txz: Upgraded. 20230730203352 Patrick J Volkerding2023-07-301-1/+1
* Fri Jul 28 19:47:22 UTC 2023...a/file-5.45-x86_64-1.txz: Upgraded. l/mozilla-nss-3.92-x86_64-1.txz: Upgraded. l/pipewire-0.3.76-x86_64-1.txz: Upgraded. 20230728194722 Patrick J Volkerding2023-07-283-30/+2
* Mon Jul 24 19:26:18 UTC 2023...ap/tmux-3.3a-x86_64-2.txz: Rebuilt. Patched to fix a crash when copying text. Thanks to nullptr, gnw, and Daedra. d/parallel-20230722-noarch-1.txz: Upgraded. l/libarchive-3.7.0-x86_64-1.txz: Upgraded. l/pipewire-0.3.75-x86_64-2.txz: Rebuilt. [PATCH] pipewire: add missing stdbool.h include to version.h.in. Thanks to marav. n/network-scripts-15.1-noarch-1.txz: Upgraded. Added netconfig.8 manpage. Thanks to metaed. extra/brltty/brltty-6.6-x86_64-1.txz: Upgraded. 20230724192618 Patrick J Volkerding2023-07-243-3/+39
* Fri Jul 21 19:35:45 UTC 2023...l/librsvg-2.56.3-x86_64-1.txz: Upgraded. l/nodejs-20.5.0-x86_64-1.txz: Upgraded. l/pipewire-0.3.75-x86_64-1.txz: Upgraded. l/talloc-2.4.1-x86_64-1.txz: Upgraded. l/tdb-1.4.9-x86_64-1.txz: Upgraded. l/tevent-0.15.0-x86_64-1.txz: Upgraded. l/xxHash-0.8.2-x86_64-1.txz: Upgraded. n/ca-certificates-20230721-noarch-1.txz: Upgraded. This update provides the latest CA certificates to check for the authenticity of SSL connections. 20230721193545 Patrick J Volkerding2023-07-211-1/+1
* Thu Jul 20 19:55:25 UTC 2023...d/re2c-3.1-x86_64-1.txz: Upgraded. l/gst-plugins-bad-free-1.22.5-x86_64-1.txz: Upgraded. l/gst-plugins-base-1.22.5-x86_64-1.txz: Upgraded. l/gst-plugins-good-1.22.5-x86_64-1.txz: Upgraded. l/gst-plugins-libav-1.22.5-x86_64-1.txz: Upgraded. l/gstreamer-1.22.5-x86_64-1.txz: Upgraded. l/libptytty-2.0-x86_64-1.txz: Added. This is required by rxvt-unicode-9.31. x/libpthread-stubs-0.5-x86_64-1.txz: Upgraded. xap/rxvt-unicode-9.31-x86_64-1.txz: Upgraded. Compiled against libptytty-2.0. testing/packages/mozilla-thunderbird-115.0.1-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/115.0.1/releasenotes/ (* Security fix *) 20230720195525 Patrick J Volkerding2023-07-205-2/+142
* Wed Jul 19 20:36:46 UTC 2023...a/kernel-firmware-20230707_d3f6606-noarch-1.txz: Upgraded. a/kernel-generic-6.1.39-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.39-x86_64-1.txz: Upgraded. a/kernel-modules-6.1.39-x86_64-1.txz: Upgraded. a/xfsprogs-6.4.0-x86_64-1.txz: Upgraded. d/cmake-3.27.0-x86_64-1.txz: Upgraded. d/kernel-headers-6.1.39-x86-1.txz: Upgraded. k/kernel-source-6.1.39-noarch-1.txz: Upgraded. l/mpfr-4.2.0p12-x86_64-1.txz: Upgraded. n/bind-9.18.17-x86_64-1.txz: Upgraded. n/curl-8.2.0-x86_64-1.txz: Upgraded. This update fixes a security issue: fopen race condition. For more information, see: https://curl.se/docs/CVE-2023-32001.html https://www.cve.org/CVERecord?id=CVE-2023-32001 (* Security fix *) n/dhcpcd-10.0.2-x86_64-1.txz: Upgraded. n/openssh-9.3p2-x86_64-1.txz: Upgraded. This update fixes a security issue: ssh-agent(1) in OpenSSH between and 5.5 and 9.3p1 (inclusive): remote code execution relating to PKCS#11 providers. The PKCS#11 support ssh-agent(1) could be abused to achieve remote code execution via a forwarded agent socket if the following conditions are met: * Exploitation requires the presence of specific libraries on the victim system. * Remote exploitation requires that the agent was forwarded to an attacker-controlled system. Exploitation can also be prevented by starting ssh-agent(1) with an empty PKCS#11/FIDO allowlist (ssh-agent -P '') or by configuring an allowlist that contains only specific provider libraries. This vulnerability was discovered and demonstrated to be exploitable by the Qualys Security Advisory team. Potentially-incompatible changes: * ssh-agent(8): the agent will now refuse requests to load PKCS#11 modules issued by remote clients by default. A flag has been added to restore the previous behaviour: "-Oallow-remote-pkcs11". For more information, see: https://www.openssh.com/txt/release-9.3p2 https://www.cve.org/CVERecord?id=CVE-2023-38408 (* Security fix *) n/samba-4.18.5-x86_64-1.txz: Upgraded. This update fixes security issues: When winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in winbind and possibly crash it. SMB2 packet signing is not enforced if an admin configured "server signing = required" or for SMB2 connections to Domain Controllers where SMB2 packet signing is mandatory. An infinite loop bug in Samba's mdssvc RPC service for Spotlight can be triggered by an unauthenticated attacker by issuing a malformed RPC request. Missing type validation in Samba's mdssvc RPC service for Spotlight can be used by an unauthenticated attacker to trigger a process crash in a shared RPC mdssvc worker process. As part of the Spotlight protocol Samba discloses the server-side absolute path of shares and files and directories in search results. For more information, see: https://www.samba.org/samba/security/CVE-2022-2127.html https://www.samba.org/samba/security/CVE-2023-3347.html https://www.samba.org/samba/security/CVE-2023-34966.html https://www.samba.org/samba/security/CVE-2023-34967.html https://www.samba.org/samba/security/CVE-2023-34968.html https://www.cve.org/CVERecord?id=CVE-2022-2127 https://www.cve.org/CVERecord?id=CVE-2023-3347 https://www.cve.org/CVERecord?id=CVE-2023-34966 https://www.cve.org/CVERecord?id=CVE-2023-34967 https://www.cve.org/CVERecord?id=CVE-2023-34968 (* Security fix *) xap/mozilla-firefox-115.0.3esr-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/firefox/115.0.3esr/releasenotes/ isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20230719203646 Patrick J Volkerding2023-07-193-0/+148
* Mon Jul 17 19:17:19 UTC 2023...ap/sudo-1.9.14p2-x86_64-1.txz: Upgraded. This is a bugfix release. d/meson-1.2.0-x86_64-1.txz: Upgraded. xap/sane-1.2.1-x86_64-1.txz: Upgraded. extra/xv/xv-4.2.0-x86_64-1.txz: Upgraded. 20230717191719 Patrick J Volkerding2023-07-171-1/+3
* Sun Jul 16 20:35:56 UTC 2023...Hey folks! It's time to acknowledge another one of those milestones... 30 (!) years since I made the post linked below announcing Slackware's first stable release after months of beta testing. Thanks to all of our dedicated contributors, loyal users, and those who have helped us to keep the lights on here. It's really been a remarkable journey that I couldn't have anticipated starting out back in 1993. Cheers! :-) https://www.slackware.com/announce/1.0.php kde/sddm-0.20.0-x86_64-1.txz: Upgraded. l/imagemagick-7.1.1_13-x86_64-1.txz: Upgraded. n/nghttp2-1.55.1-x86_64-1.txz: Upgraded. xap/xlockmore-5.72-x86_64-1.txz: Upgraded. 20230716203556 Patrick J Volkerding2023-07-161-1/+1
* Wed Jul 12 20:41:16 UTC 2023...ap/inxi-3.3.28_1-noarch-1.txz: Upgraded. ap/sudo-1.9.14p1-x86_64-1.txz: Upgraded. d/rust-1.70.0-x86_64-1.txz: Upgraded. l/harfbuzz-8.0.1-x86_64-1.txz: Upgraded. l/lmdb-0.9.31-x86_64-1.txz: Upgraded. l/pipewire-0.3.74-x86_64-1.txz: Upgraded. n/krb5-1.21.1-x86_64-1.txz: Upgraded. Fix potential uninitialized pointer free in kadm5 XDR parsing. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-36054 (* Security fix *) n/libnftnl-1.2.6-x86_64-1.txz: Upgraded. n/nghttp2-1.55.0-x86_64-1.txz: Upgraded. n/openldap-2.6.5-x86_64-1.txz: Upgraded. x/ibus-table-1.17.1-x86_64-1.txz: Upgraded. x/xterm-384-x86_64-1.txz: Upgraded. xap/mozilla-firefox-115.0.2esr-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/115.0.2esr/releasenotes/ https://www.mozilla.org/security/advisories/mfsa2023-26/ https://www.cve.org/CVERecord?id=CVE-2023-3600 (* Security fix *) testing/packages/mozilla-thunderbird-115.0-x86_64-1.txz: Added. 20230712204116 Patrick J Volkerding2023-07-121-1/+1
* Mon Jul 3 20:19:22 UTC 2023...a/hwdata-0.372-noarch-1.txz: Upgraded. ap/vim-9.0.1672-x86_64-1.txz: Upgraded. Patched (should be merged upstream soon) to build against perl-5.38.0. d/perl-5.38.0-x86_64-1.txz: Upgraded. Upgraded: IO-Socket-SSL-2.083, URI-5.19. d/subversion-1.14.2-x86_64-5.txz: Rebuilt. Recompiled against perl-5.38.0. l/imagemagick-7.1.1_12-x86_64-2.txz: Rebuilt. Recompiled against perl-5.38.0. l/libnss_nis-3.2-x86_64-1.txz: Upgraded. l/libqalculate-4.7.0-x86_64-1.txz: Upgraded. n/epic5-2.1.12-x86_64-5.txz: Rebuilt. Recompiled against perl-5.38.0. n/irssi-1.4.4-x86_64-2.txz: Rebuilt. Recompiled against perl-5.38.0. n/net-snmp-5.9.3-x86_64-4.txz: Rebuilt. Recompiled against perl-5.38.0. n/ntp-4.2.8p17-x86_64-3.txz: Rebuilt. Recompiled against perl-5.38.0. n/openldap-2.6.4-x86_64-4.txz: Rebuilt. Recompiled against perl-5.38.0. x/wayland-protocols-1.32-noarch-1.txz: Upgraded. xap/hexchat-2.16.1-x86_64-4.txz: Rebuilt. Recompiled against perl-5.38.0. xap/rxvt-unicode-9.26-x86_64-6.txz: Rebuilt. Recompiled against perl-5.38.0. xap/vim-gvim-9.0.1672-x86_64-1.txz: Upgraded. Patched (should be merged upstream soon) to build against perl-5.38.0. 20230703201922 Patrick J Volkerding2023-07-032-2/+2
* Sun Jul 2 18:44:20 UTC 2023...d/vala-0.56.9-x86_64-1.txz: Upgraded. l/SDL2-2.28.1-x86_64-1.txz: Upgraded. 20230702184420 Patrick J Volkerding2023-07-021-1/+1
* Sat Jul 1 19:22:28 UTC 2023...a/kernel-generic-6.1.37-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.37-x86_64-1.txz: Upgraded. a/kernel-modules-6.1.37-x86_64-1.txz: Upgraded. d/kernel-headers-6.1.37-x86-1.txz: Upgraded. k/kernel-source-6.1.37-noarch-1.txz: Upgraded. l/librsvg-2.56.2-x86_64-1.txz: Upgraded. l/libuv-1.46.0-x86_64-1.txz: Upgraded. l/taglib-1.13.1-x86_64-1.txz: Upgraded. n/bluez-5.68-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20230701192228 Patrick J Volkerding2023-07-012-1/+2
* Fri Jun 30 20:20:35 UTC 2023...a/util-linux-2.39.1-x86_64-2.txz: Rebuilt. Since libmount has dropped support for the traditional /etc/mtab file, if we find one replace it with a symlink to /proc/mounts. kde/digikam-8.0.0-x86_64-4.txz: Rebuilt. Recompiled against opencv-4.8.0. kde/kirigami-addons-0.9.0-x86_64-1.txz: Upgraded. l/glib-networking-2.76.1-x86_64-1.txz: Upgraded. l/gst-plugins-bad-free-1.22.4-x86_64-2.txz: Rebuilt. Recompiled against opencv-4.8.0. l/gvfs-1.50.5-x86_64-1.txz: Upgraded. l/libpaper-2.1.1-x86_64-1.txz: Upgraded. l/libwebp-1.3.1-x86_64-1.txz: Upgraded. l/mozilla-nss-3.91-x86_64-1.txz: Upgraded. l/netpbm-11.03.00-x86_64-1.txz: Upgraded. l/opencv-4.8.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. n/bluez-5.67-x86_64-1.txz: Upgraded. n/openresolv-3.13.2-noarch-1.txz: Upgraded. n/p11-kit-0.25.0-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. Make /etc/mtab a symlink to /proc/mounts. (I thought we did this before?) Remove /etc/mounts symlink. In rc.S, don't try to initialize /etc/mtab or fake mount /. usb-and-pxe-installers/usbboot.img: Rebuilt. Make /etc/mtab a symlink to /proc/mounts. (I thought we did this before?) Remove /etc/mounts symlink. In rc.S, don't try to initialize /etc/mtab or fake mount /. 20230630202035 Patrick J Volkerding2023-06-302-2/+2
* Mon Jun 26 19:44:44 UTC 2023...ap/vim-9.0.1667-x86_64-1.txz: Upgraded. This fixes a rare divide-by-zero bug that could cause vim to crash. In an interactive program such as vim, I can't really see this qualifying as a security issue, but since it was brought up as such on LQ we'll just go along with it this time. :) Thanks to marav for the heads-up. (* Security fix *) l/freetype-2.13.1-x86_64-2.txz: Rebuilt. The profile scripts still mentioned three options to choose from when there are now only two. This has been fixed. Thanks to burdi01. l/gegl-0.4.46-x86_64-1.txz: Upgraded. l/imagemagick-7.1.1_12-x86_64-1.txz: Upgraded. l/librsvg-2.56.1-x86_64-1.txz: Upgraded. l/openexr-3.1.9-x86_64-1.txz: Upgraded. l/pipewire-0.3.72-x86_64-1.txz: Upgraded. n/network-scripts-15.0-noarch-19.txz: Rebuilt. This update fixes a bug and adds a new feature: Re-add support for the DHCP_IPADDR parameter from rc.inet1.conf. Expand the help text for DHCP_IPADDR in rc.inet1.conf. Add support for a DHCP_OPTS parameter. Thanks to ljb643 and Darren 'Tadgy' Austin. xap/vim-gvim-9.0.1667-x86_64-1.txz: Upgraded. 20230626194444 Patrick J Volkerding2023-06-264-4/+4