| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ap/ksh93-20190416_7d7bba3e-x86_64-1.txz: Upgraded.
ap/sysstat-12.1.4-x86_64-1.txz: Upgraded.
l/gvfs-1.40.1-x86_64-2.txz: Rebuilt.
Recompiled against libcdio-2.1.0.
l/icu4c-64.2-x86_64-1.txz: Upgraded.
l/libcddb-1.3.2-x86_64-6.txz: Rebuilt.
Recompiled against libcdio-2.1.0.
l/libcdio-2.1.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libcdio-paranoia-10.2+2.0.0-x86_64-2.txz: Rebuilt.
Recompiled against libcdio-2.1.0.
l/zstd-1.4.0-x86_64-1.txz: Upgraded.
n/dhcpcd-7.2.0-x86_64-1.txz: Upgraded.
n/dovecot-2.3.5.2-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Trying to login with 8bit username containing invalid UTF8 input causes
auth process to crash if auth policy is enabled. This could be used rather
easily to cause a DoS. Similar crash also happens during mail delivery
when using invalid UTF8 in From or Subject header when OX push
notification driver is used.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10691
(* Security fix *)
n/nghttp2-1.38.0-x86_64-1.txz: Upgraded.
n/openssh-8.0p1-x86_64-1.txz: Upgraded.
This release contains a mitigation for a weakness in the scp(1) tool
and protocol (CVE-2019-6111): when copying files from a remote system
to a local directory, scp(1) did not verify that the filenames that
the server sent matched those requested by the client. This could
allow a hostile server to create or clobber unexpected local files
with attacker-controlled content.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111
(* Security fix *)
xap/MPlayer-20190418-x86_64-1.txz: Upgraded.
Compiled against libcdio-2.1.0.
xap/audacious-plugins-3.10.1-x86_64-2.txz: Rebuilt.
Recompiled against libcdio-2.1.0.
extra/pure-alsa-system/MPlayer-20190418-x86_64-1_alsa.txz: Upgraded.
Compiled against libcdio-2.1.0.
extra/pure-alsa-system/audacious-plugins-3.10.1-x86_64-2_alsa.txz: Rebuilt.
Recompiled against libcdio-2.1.0.
|
|
|
a/aaa_elflibs-15.0-x86_64-5.txz: Rebuilt.
Upgraded: libglib-2.0.so.0.5800.3, libgmodule-2.0.so.0.5800.3,
libgobject-2.0.so.0.5800.3, libgthread-2.0.so.0.5800.3, libidn2.so.0.3.5,
libmpfr.so.6.0.2, libtdb.so.1.3.17
Removed: libidn2.so.4.0.0
ap/sqlite-3.27.1-x86_64-1.txz: Upgraded.
l/libdvdread-6.0.1-x86_64-1.txz: Upgraded.
l/libidn2-2.1.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
This reverted back to .so.0 as the previous bump was apparently a mistake.
l/libpsl-0.20.2-x86_64-3.txz: Rebuilt.
Recompiled against libidn2-2.1.1.
n/bind-9.12.3_P1-x86_64-3.txz: Rebuilt.
Recompiled against libidn2-2.1.1.
n/curl-7.64.0-x86_64-2.txz: Rebuilt.
Recompiled against libidn2-2.1.1.
n/dhcpcd-7.1.1-x86_64-1.txz: Upgraded.
n/dnsmasq-2.80-x86_64-3.txz: Rebuilt.
Recompiled against libidn2-2.1.1.
n/getmail-5.9-x86_64-1.txz: Upgraded.
n/gnutls-3.6.6-x86_64-2.txz: Rebuilt.
Recompiled against libidn2-2.1.1.
n/iputils-20180629-x86_64-3.txz: Rebuilt.
Recompiled against libidn2-2.1.1.
n/lftp-4.8.4-x86_64-3.txz: Rebuilt.
Recompiled against libidn2-2.1.1.
n/s-nail-14.9.11-x86_64-3.txz: Rebuilt.
Recompiled against libidn2-2.1.1.
n/wget-1.20.1-x86_64-3.txz: Rebuilt.
Recompiled against libidn2-2.1.1.
n/whois-5.4.1-x86_64-2.txz: Rebuilt.
Recompiled against libidn2-2.1.1.
x/ttf-tlwg-0.7.1-noarch-1.txz: Upgraded.
xfce/xfwm4-4.12.5-x86_64-1.txz: Upgraded.
|
Patrick J Volkerding