| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
| |
a/btrfs-progs-5.19.1-x86_64-1.txz: Upgraded.
a/file-5.43-x86_64-1.txz: Upgraded.
a/kernel-firmware-20220913_f09bebf-noarch-1.txz: Upgraded.
d/cmake-3.24.2-x86_64-1.txz: Upgraded.
kde/krita-5.1.1-x86_64-1.txz: Upgraded.
l/kdsoap-2.1.0-x86_64-1.txz: Upgraded.
n/krb5-1.20-x86_64-2.txz: Rebuilt.
n/samba-4.17.0-x86_64-1.txz: Upgraded.
x/libXp-1.0.4-x86_64-1.txz: Upgraded.
|
|
|
|
|
|
|
|
|
| |
a/hdparm-9.65-x86_64-1.txz: Upgraded.
n/samba-4.16.5-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-102.2.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.2.2/releasenotes/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
l/tevent-0.13.0-x86_64-1.txz: Upgraded.
n/samba-4.16.4-x86_64-1.txz: Upgraded.
This update fixes the following security issues:
Samba AD users can bypass certain restrictions associated with changing
passwords.
Samba AD users can forge password change requests for any user.
Samba AD users can crash the server process with an LDAP add or modify
request.
Samba AD users can induce a use-after-free in the server process with an
LDAP add or modify request.
Server memory information leak via SMB1.
For more information, see:
https://www.samba.org/samba/security/CVE-2022-2031.html
https://www.samba.org/samba/security/CVE-2022-32744.html
https://www.samba.org/samba/security/CVE-2022-32745.html
https://www.samba.org/samba/security/CVE-2022-32746.html
https://www.samba.org/samba/security/CVE-2022-32742.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/aaa_libraries-15.1-x86_64-6.txz: Rebuilt.
Upgraded: libcap.so.2.65, libglib-2.0.so.0.7200.3, libgmodule-2.0.so.0.7200.3,
libgobject-2.0.so.0.7200.3, libgthread-2.0.so.0.7200.3, libidn2.so.0.3.8.
Removed: libboost_*.so.1.78.0.
a/kernel-firmware-20220719_4421586-noarch-1.txz: Upgraded.
d/python-setuptools-63.2.0-x86_64-1.txz: Upgraded.
d/rust-1.62.1-x86_64-1.txz: Upgraded.
kde/kio-5.96.0-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
l/libcap-2.65-x86_64-1.txz: Upgraded.
l/netpbm-10.99.01-x86_64-1.txz: Upgraded.
l/pipewire-0.3.56-x86_64-1.txz: Upgraded.
l/qt5-5.15.5_20220705_ea4efc06-x86_64-1.txz: Upgraded.
Compiled against krb5-1.19.3.
n/alpine-2.26-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
n/bind-9.18.5-x86_64-1.txz: Upgraded.
Compiled against krb5-1.19.3.
n/curl-7.84.0-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
n/fetchmail-6.4.31-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
n/krb5-1.19.3-x86_64-2.txz: Rebuilt.
Since Samba still won't link against krb5-1.20, I think it's best to drop
back to this version until it does. Perhaps it would be better to just use
the internal Heimdal libraries instead, but I don't really know if that has
all the same functionality or not. Hints welcome if you'd like to drop them
in the "regression on -current with samba (new krb5)" thread.
Also, just to be 100% sure the krb5 revert doesn't cause any ABI issues,
we'll recompile everything that we've linked to krb5 while krb5-1.20 was
in -current.
Thanks to nobodino.
n/php-7.4.30-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
n/samba-4.16.3-x86_64-1.txz: Upgraded.
Compiled against krb5-1.19.3.
xap/gnuplot-5.4.4-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-102.0.3-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.0.3/releasenotes/
extra/php80/php80-8.0.21-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
extra/php81/php81-8.1.8-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-generic-5.18.4-x86_64-1.txz: Upgraded.
a/kernel-huge-5.18.4-x86_64-1.txz: Upgraded.
a/kernel-modules-5.18.4-x86_64-1.txz: Upgraded.
ap/inxi-3.3.18_1-noarch-1.txz: Upgraded.
ap/sudo-1.9.11p2-x86_64-1.txz: Upgraded.
ap/tmux-3.3a-x86_64-1.txz: Upgraded.
d/kernel-headers-5.18.4-x86-1.txz: Upgraded.
k/kernel-source-5.18.4-noarch-1.txz: Upgraded.
kde/bluedevil-5.25.0-x86_64-1.txz: Upgraded.
kde/breeze-5.25.0-x86_64-1.txz: Upgraded.
kde/breeze-grub-5.25.0-x86_64-1.txz: Upgraded.
kde/breeze-gtk-5.25.0-x86_64-1.txz: Upgraded.
kde/drkonqi-5.25.0-x86_64-1.txz: Upgraded.
kde/kactivitymanagerd-5.25.0-x86_64-1.txz: Upgraded.
kde/kde-cli-tools-5.25.0-x86_64-1.txz: Upgraded.
kde/kde-gtk-config-5.25.0-x86_64-1.txz: Upgraded.
kde/kdecoration-5.25.0-x86_64-1.txz: Upgraded.
kde/kdeplasma-addons-5.25.0-x86_64-1.txz: Upgraded.
kde/kgamma5-5.25.0-x86_64-1.txz: Upgraded.
kde/khotkeys-5.25.0-x86_64-1.txz: Upgraded.
kde/kinfocenter-5.25.0-x86_64-1.txz: Upgraded.
kde/kmenuedit-5.25.0-x86_64-1.txz: Upgraded.
kde/kscreen-5.25.0-x86_64-1.txz: Upgraded.
kde/kscreenlocker-5.25.0-x86_64-1.txz: Upgraded.
kde/ksshaskpass-5.25.0-x86_64-1.txz: Upgraded.
kde/ksystemstats-5.25.0-x86_64-1.txz: Upgraded.
kde/kwallet-pam-5.25.0-x86_64-1.txz: Upgraded.
kde/kwayland-integration-5.25.0-x86_64-1.txz: Upgraded.
kde/kwayland-server-5.24.5-x86_64-1.txz: Removed.
kde/kwin-5.25.0-x86_64-1.txz: Upgraded.
kde/kwrited-5.25.0-x86_64-1.txz: Upgraded.
kde/layer-shell-qt-5.25.0-x86_64-1.txz: Upgraded.
kde/libkscreen-5.25.0-x86_64-1.txz: Upgraded.
kde/libksysguard-5.25.0-x86_64-1.txz: Upgraded.
kde/milou-5.25.0-x86_64-1.txz: Upgraded.
kde/oxygen-5.25.0-x86_64-1.txz: Upgraded.
kde/oxygen-sounds-5.25.0-x86_64-1.txz: Added.
kde/plasma-browser-integration-5.25.0-x86_64-1.txz: Upgraded.
kde/plasma-desktop-5.25.0-x86_64-1.txz: Upgraded.
kde/plasma-disks-5.25.0-x86_64-1.txz: Upgraded.
kde/plasma-firewall-5.25.0-x86_64-1.txz: Upgraded.
kde/plasma-framework-5.95.0-x86_64-2.txz: Rebuilt.
Backported upstream patch:
Revert "Use QT_FEATURE_foo to detect opengl* support, and TARGET for glesv2"
This fixes the taskbar thumbnails.
Thanks to LuckyCyborg, ctrlaltca, and Heinz Wiesinger.
kde/plasma-integration-5.25.0-x86_64-1.txz: Upgraded.
kde/plasma-nm-5.25.0-x86_64-1.txz: Upgraded.
kde/plasma-pa-5.25.0-x86_64-1.txz: Upgraded.
kde/plasma-sdk-5.25.0-x86_64-1.txz: Upgraded.
kde/plasma-systemmonitor-5.25.0-x86_64-1.txz: Upgraded.
kde/plasma-vault-5.25.0-x86_64-1.txz: Upgraded.
kde/plasma-workspace-5.25.0-x86_64-1.txz: Upgraded.
kde/plasma-workspace-wallpapers-5.25.0-x86_64-1.txz: Upgraded.
kde/polkit-kde-agent-1-5.25.0-x86_64-1.txz: Upgraded.
kde/powerdevil-5.25.0-x86_64-1.txz: Upgraded.
kde/qqc2-breeze-style-5.25.0-x86_64-1.txz: Upgraded.
kde/sddm-kcm-5.25.0-x86_64-1.txz: Upgraded.
kde/systemsettings-5.25.0-x86_64-1.txz: Upgraded.
kde/xdg-desktop-portal-kde-5.25.0-x86_64-1.txz: Upgraded.
l/libzip-1.9.0-x86_64-1.txz: Upgraded.
l/pipewire-0.3.52-x86_64-1.txz: Upgraded.
l/qt5-5.15.4_20220611_cc851c42-x86_64-1.txz: Upgraded.
Thanks to ctrlaltca for the link to the gcc12 patch.
l/talloc-2.3.4-x86_64-1.txz: Upgraded.
l/tdb-1.4.7-x86_64-1.txz: Upgraded.
l/tevent-0.12.1-x86_64-1.txz: Upgraded.
n/bind-9.18.4-x86_64-1.txz: Upgraded.
n/dovecot-2.3.19.1-x86_64-1.txz: Upgraded.
n/ethtool-5.18-x86_64-1.txz: Upgraded.
n/samba-4.16.2-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
Added liblz4 for fsck.f2fs. Thanks to Brent Earl.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Added liblz4 for fsck.f2fs. Thanks to Brent Earl.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/hwdata-0.359-noarch-1.txz: Upgraded.
a/kernel-firmware-20220502_c3624eb-noarch-1.txz: Upgraded.
ap/htop-3.2.0-x86_64-1.txz: Upgraded.
d/gdb-12.1-x86_64-1.txz: Upgraded.
kde/calligra-3.2.1-x86_64-17.txz: Rebuilt.
Recompiled against poppler-22.04.0.
kde/cantor-22.04.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-22.04.0.
kde/kfilemetadata-5.93.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-22.04.0.
kde/kile-2.9.93-x86_64-16.txz: Rebuilt.
Recompiled against poppler-22.04.0.
kde/kitinerary-22.04.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-22.04.0.
kde/krita-5.0.6-x86_64-3.txz: Rebuilt.
Recompiled against poppler-22.04.0.
kde/okular-22.04.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-22.04.0.
l/fuse3-3.11.0-x86_64-1.txz: Upgraded.
l/libxml2-2.9.14-x86_64-1.txz: Upgraded.
This update fixes bugs and the following security issues:
Fix integer overflow in xmlBuf and xmlBuffer.
Fix potential double-free in xmlXPtrStringRangeFunction.
Fix memory leak in xmlFindCharEncodingHandler.
Normalize XPath strings in-place.
Prevent integer-overflow in htmlSkipBlankChars() and xmlSkipBlankChars().
Fix leak of xmlElementContent.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824
(* Security fix *)
l/poppler-22.04.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/samba-4.16.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.samba.org/samba/history/samba-4.16.1.html
xap/mozilla-firefox-100.0-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/100.0/releasenotes/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ap/dash-0.5.11.5-x86_64-1.txz: Upgraded.
d/parallel-20220322-noarch-1.txz: Upgraded.
l/adwaita-icon-theme-42.0-noarch-1.txz: Upgraded.
l/gsettings-desktop-schemas-42.0-x86_64-1.txz: Upgraded.
l/harfbuzz-4.1.0-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.0_28-x86_64-1.txz: Upgraded.
l/libqalculate-4.1.0-x86_64-1.txz: Upgraded.
l/rubygem-asciidoctor-2.0.17-x86_64-1.txz: Upgraded.
Upgraded and built for Ruby 3.1.1. Thanks to marrowsuck.
n/NetworkManager-1.36.4-x86_64-1.txz: Upgraded.
n/fetchmail-6.4.29-x86_64-1.txz: Upgraded.
n/iproute2-5.17.0-x86_64-1.txz: Upgraded.
n/samba-4.16.0-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-98.0.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/98.0.2/releasenotes/
xap/network-manager-applet-1.26.0-x86_64-1.txz: Upgraded.
|
|
|
|
|
|
|
|
|
|
|
|
| |
l/jasper-3.0.3-x86_64-1.txz: Upgraded.
l/qt5-5.15.3_20220312_33a3f16f-x86_64-1.txz: Upgraded.
If a 32-bit userspace is detected, then:
export QTWEBENGINE_CHROMIUM_FLAGS="--disable-seccomp-filter-sandbox"
This works around crashes occuring with 32-bit QtWebEngine applications.
Thanks to alienBOB.
n/krb5-1.19.3-x86_64-1.txz: Upgraded.
n/samba-4.15.6-x86_64-1.txz: Upgraded.
n/stunnel-5.63-x86_64-1.txz: Upgraded.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The sepulchral voice intones, "The cave is now closed."
kde/falkon-3.2.0-x86_64-1.txz: Upgraded.
kde/ktexteditor-5.90.0-x86_64-2.txz: Rebuilt.
[PATCH] only start programs in user's path.
[PATCH] only execute diff in path.
Thanks to gmgf.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23853
(* Security fix *)
l/libcanberra-0.30-x86_64-9.txz: Rebuilt.
Fix a bug crashing some applications in Wayland desktops.
Thanks to 01micko.
n/samba-4.15.5-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defects:
UNIX extensions in SMB1 disclose whether the outside target of a symlink
exists.
Out-of-Bound Read/Write on Samba vfs_fruit module. This vulnerability
allows remote attackers to execute arbitrary code as root on affected Samba
installations that use the VFS module vfs_fruit.
Re-adding an SPN skips subsequent SPN conflict checks. An attacker who has
the ability to write to an account can exploit this to perform a
denial-of-service attack by adding an SPN that matches an existing service.
Additionally, an attacker who can intercept traffic can impersonate existing
services, resulting in a loss of confidentiality and integrity.
For more information, see:
https://www.samba.org/samba/security/CVE-2021-44141.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44141
https://www.samba.org/samba/security/CVE-2021-44142.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142
https://www.samba.org/samba/security/CVE-2022-0336.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0336
(* Security fix *)
x/xterm-370-x86_64-7.txz: Rebuilt.
Rebuilt with --disable-sixel-graphics to fix a buffer overflow.
Thanks to gmgf.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24130
(* Security fix *)
testing/source/linux-5.16.4-configs/*: Added.
Sample config files to build 5.16.4 Linux kernels.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ap/inxi-3.3.12_1-noarch-1.txz: Upgraded.
ap/man-db-2.9.4-x86_64-3.txz: Rebuilt.
Don't use --no-purge in the daily cron job to update the databases.
l/gst-plugins-bad-free-1.18.5-x86_64-4.txz: Rebuilt.
Link against neon-0.32.2. Thanks to marav.
n/bind-9.16.25-x86_64-1.txz: Upgraded.
n/ethtool-5.16-x86_64-1.txz: Upgraded.
n/samba-4.15.4-x86_64-1.txz: Upgraded.
n/wpa_supplicant-2.10-x86_64-1.txz: Upgraded.
The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant
before 2.10 are vulnerable to side-channel attacks as a result of cache
access patterns.
NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23303
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23304
(* Security fix *)
x/xterm-370-x86_64-6.txz: Rebuilt.
XTerm-console: improve the font settings. Thanks to GazL.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-generic-5.15.7-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.7-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.7-x86_64-1.txz: Upgraded.
d/kernel-headers-5.15.7-x86-1.txz: Upgraded.
k/kernel-source-5.15.7-noarch-1.txz: Upgraded.
n/samba-4.15.3-x86_64-1.txz: Upgraded.
This release fixes bugs and these regressions in the 4.15.2 release:
CVE-2020-25717: A user on the domain can become root on domain members.
https://www.samba.org/samba/security/CVE-2020-25717.html
PLEASE [RE-]READ!
The instructions have been updated and some workarounds initially advised
for 4.15.2 are no longer required and should be reverted in most cases.
BUG-14902: User with multiple spaces (eg Fred<space><space>Nurk) become
un-deletable. While this release should fix this bug, it is advised to have
a look at the bug report for more detailed information, see:
https://bugzilla.samba.org/show_bug.cgi?id=14902
For more information, see:
https://www.samba.org/samba/security/CVE-2020-25717.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717
(* Security fix *)
x/libX11-1.7.3-x86_64-1.txz: Upgraded.
x/xscope-1.4.2-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-91.4.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.4.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-54/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528
(* Security fix *)
xfce/exo-4.16.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
d/python3-3.9.8-x86_64-1.txz: Upgraded.
l/libtasn1-4.18.0-x86_64-1.txz: Upgraded.
n/curl-7.80.0-x86_64-1.txz: Upgraded.
n/ethtool-5.15-x86_64-1.txz: Upgraded.
n/samba-4.15.2-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defects:
SMB1 client connections can be downgraded to plaintext authentication.
A user on the domain can become root on domain members.
Samba AD DC did not correctly sandbox Kerberos tickets issued by an RODC.
Samba AD DC did not always rely on the SID and PAC in Kerberos tickets.
Kerberos acceptors need easy access to stable AD identifiers (eg objectSid).
Samba AD DC did not do suffienct access and conformance checking of data
stored.
Use after free in Samba AD DC RPC server.
Subsequent DCE/RPC fragment injection vulnerability.
For more information, see:
https://www.samba.org/samba/security/CVE-2016-2124.html
https://www.samba.org/samba/security/CVE-2020-25717.html
^^ (PLEASE READ! There are important behaviour changes described)
https://www.samba.org/samba/security/CVE-2020-25718.html
https://www.samba.org/samba/security/CVE-2020-25719.html
https://www.samba.org/samba/security/CVE-2020-25721.html
https://www.samba.org/samba/security/CVE-2020-25722.html
https://www.samba.org/samba/security/CVE-2021-3738.html
https://www.samba.org/samba/security/CVE-2021-23192.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192
(* Security fix *)
x/xorg-server-xwayland-21.1.3-x86_64-1.txz: Upgraded.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-generic-5.14.15-x86_64-1.txz: Upgraded.
a/kernel-huge-5.14.15-x86_64-1.txz: Upgraded.
a/kernel-modules-5.14.15-x86_64-1.txz: Upgraded.
d/cmake-3.21.4-x86_64-1.txz: Upgraded.
d/kernel-headers-5.14.15-x86-1.txz: Upgraded.
k/kernel-source-5.14.15-noarch-1.txz: Upgraded.
We're going to go ahead and take both of those changes that were considered
in /testing. GazL almost had me talked out of the autogroup change, but it's
easy to disable if traditional "nice" behavior is important to someone.
-DRM_I810 n
-INLINE_READ_UNLOCK y
-INLINE_READ_UNLOCK_IRQ y
-INLINE_SPIN_UNLOCK_IRQ y
-INLINE_WRITE_UNLOCK y
-INLINE_WRITE_UNLOCK_IRQ y
PREEMPT n -> y
PREEMPT_VOLUNTARY y -> n
SCHED_AUTOGROUP n -> y
+CEC_GPIO n
+DEBUG_PREEMPT y
+PREEMPTION y
+PREEMPT_COUNT y
+PREEMPT_DYNAMIC y
+PREEMPT_RCU y
+PREEMPT_TRACER n
+RCU_BOOST n
+TASKS_RCU y
+UNINLINE_SPIN_UNLOCK y
kde/plasma-desktop-5.23.2.1-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.0_12-x86_64-1.txz: Upgraded.
l/librsvg-2.52.3-x86_64-1.txz: Upgraded.
n/bind-9.16.22-x86_64-1.txz: Upgraded.
This update fixes bugs and the following security issue:
The "lame-ttl" option is now forcibly set to 0. This effectively disables
the lame server cache, as it could previously be abused by an attacker to
significantly degrade resolver performance.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219
(* Security fix *)
n/c-ares-1.18.1-x86_64-1.txz: Upgraded.
n/samba-4.15.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/acpid-2.0.33-x86_64-1.txz: Upgraded.
n/nghttp2-1.45.0-x86_64-1.txz: Upgraded.
n/samba-4.15.0-x86_64-1.txz: Upgraded.
x/libXi-1.8-x86_64-1.txz: Upgraded.
x/libva-2.13.0-x86_64-1.txz: Upgraded.
Build with enable_va_messaging=false to avoid console spam. Thanks to GazL.
x/wayland-protocols-1.23-noarch-1.txz: Upgraded.
x/xf86-input-libinput-1.2.0-x86_64-1.txz: Upgraded.
x/xorgproto-2021.5-x86_64-1.txz: Upgraded.
xap/pan-0.147-x86_64-1.txz: Upgraded.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/openssl-solibs-1.1.1l-x86_64-1.txz: Upgraded.
kde/krita-4.4.8-x86_64-1.txz: Upgraded.
l/json-glib-1.6.6-x86_64-1.txz: Upgraded.
l/libarchive-3.5.2-x86_64-1.txz: Upgraded.
n/bluez-5.61-x86_64-1.txz: Upgraded.
n/openssl-1.1.1l-x86_64-1.txz: Upgraded.
Fixed an SM2 Decryption Buffer Overflow.
Fixed various read buffer overruns processing ASN.1 strings.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712
(* Security fix *)
n/samba-4.14.7-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-91.0.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.0.2/releasenotes/
|
|
|
|
|
| |
xap/seamonkey-2.53.8-x86_64-2.txz: Rebuilt.
Fixed desktop files changing Terminal=0 to Terminal=false. Thanks to marav.
|
|
|
|
|
|
| |
l/gsl-2.7-x86_64-1.txz: Upgraded.
l/mozjs78-78.11.0esr-x86_64-1.txz: Upgraded.
n/samba-4.14.5-x86_64-1.txz: Upgraded.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/less-581.2-x86_64-1.txz: Upgraded.
ap/nano-5.7-x86_64-1.txz: Upgraded.
d/cmake-3.20.2-x86_64-1.txz: Upgraded.
n/httpd-2.4.47-x86_64-1.txz: Upgraded.
n/samba-4.14.4-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defect:
Negative idmap cache entries can cause incorrect group entries in the
Samba file server process token.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20254
https://www.samba.org/samba/security/CVE-2021-20254.html
(* Security fix *)
extra/php8/php8-8.0.5-x86_64-1.txz: Upgraded.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ap/slackpkg-15.0.2-noarch-1.txz: Upgraded.
Fix break error messages (dive)
Remove now pointless if/then/else (dive)
Safer config sourcing (dive)
files/slackpkg: replace #!/bin/sh with #!/bin/bash (Eugen Wissner)
Don't create blacklist when running update (dive)
Add show-changelog & help to non-root commands (dive)
Improve search blacklisting (dive)
Fix package duplicate bug (PiterPunk)
Thanks to Robby Workman.
ap/sqlite-3.35.5-x86_64-1.txz: Upgraded.
kde/kwin-5.21.4-x86_64-2.txz: Rebuilt.
Delay closing Wayland streams. Thanks to LuckyCyborg.
kde/okteta-0.26.6-x86_64-1.txz: Upgraded.
l/libtiff-4.3.0-x86_64-1.txz: Upgraded.
n/libgcrypt-1.9.3-x86_64-1.txz: Upgraded.
n/samba-4.14.3-x86_64-1.txz: Upgraded.
x/xorg-cf-files-1.0.6-x86_64-6.txz: Rebuilt.
Patched to fix an incompatibility introduced by binutils-2.36.
Thanks to BenCollver.
xap/seamonkey-2.53.7.1-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.7.1
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
|
| |
ap/vim-8.2.2585-x86_64-1.txz: Upgraded.
d/git-2.30.2-x86_64-1.txz: Upgraded.
l/python-dnspython-2.1.0-x86_64-1.txz: Added.
This is needed by samba-4.14.0.
l/python-markdown-3.3.4-x86_64-1.txz: Added.
This is needed by samba-4.14.0.
n/samba-4.14.0-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.2.2585-x86_64-1.txz: Upgraded.
xfce/elementary-xfce-0.15.2-x86_64-1.txz: Upgraded.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-generic-5.10.22-x86_64-1.txz: Upgraded.
a/kernel-huge-5.10.22-x86_64-1.txz: Upgraded.
a/kernel-modules-5.10.22-x86_64-1.txz: Upgraded.
a/sysklogd-2.2.2-x86_64-1.txz: Upgraded.
d/bison-3.7.6-x86_64-1.txz: Upgraded.
d/kernel-headers-5.10.22-x86-1.txz: Upgraded.
d/mercurial-5.7.1-x86_64-1.txz: Upgraded.
k/kernel-source-5.10.22-noarch-1.txz: Upgraded.
l/netpbm-10.93.01-x86_64-1.txz: Upgraded.
n/samba-4.13.5-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-78.8.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/78.8.1/releasenotes/
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/linux-5.11.x/kernel-generic-5.11.5-x86_64-1.txz: Upgraded.
testing/packages/linux-5.11.x/kernel-headers-5.11.5-x86-1.txz: Upgraded.
testing/packages/linux-5.11.x/kernel-huge-5.11.5-x86_64-1.txz: Upgraded.
testing/packages/linux-5.11.x/kernel-modules-5.11.5-x86_64-1.txz: Upgraded.
testing/packages/linux-5.11.x/kernel-source-5.11.5-noarch-1.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-generic-5.10.11-x86_64-1.txz: Upgraded.
a/kernel-huge-5.10.11-x86_64-1.txz: Upgraded.
a/kernel-modules-5.10.11-x86_64-1.txz: Upgraded.
a/libbytesize-2.5-x86_64-1.txz: Upgraded.
d/kernel-headers-5.10.11-x86-1.txz: Upgraded.
k/kernel-source-5.10.11-noarch-1.txz: Upgraded.
l/imagemagick-7.0.10_60-x86_64-1.txz: Upgraded.
l/python-urllib3-1.26.3-x86_64-1.txz: Upgraded.
n/samba-4.13.4-x86_64-1.txz: Upgraded.
x/wayland-1.19.0-x86_64-1.txz: Upgraded.
xfce/xfce4-panel-4.16.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
d/python-pip-20.3.3-x86_64-1.txz: Upgraded.
kde/sddm-0.19.0-x86_64-3.txz: Rebuilt.
In SDDM's Xsession script, don't source $HOME/.xsession as this may launch
the wrong session type or cause dbus-run-session to start twice breaking
logout.
l/orc-0.4.32-x86_64-1.txz: Upgraded.
l/pipewire-0.3.18-x86_64-1.txz: Upgraded.
l/python-chardet-4.0.0-x86_64-1.txz: Upgraded.
l/python-packaging-20.8-x86_64-1.txz: Upgraded.
n/samba-4.13.3-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-78.6.0-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/78.6.0/releasenotes/
xfce/mousepad-0.5.0-x86_64-1.txz: Upgraded.
|
|
|
|
|
|
|
|
|
|
| |
ap/mariadb-10.5.7-x86_64-1.txz: Upgraded.
l/libcap-2.45-x86_64-1.txz: Upgraded.
l/poppler-data-0.4.10-noarch-1.txz: Upgraded.
n/samba-4.13.2-x86_64-1.txz: Upgraded.
x/libdrm-2.4.103-x86_64-1.txz: Upgraded.
testing/packages/vtown/kde/sddm-0.18.1-x86_64-1_vtown_2.txz: Rebuilt.
Fixed installation of pam.d files. Thanks to alienBOB.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/aaa_elflibs-15.0-x86_64-26.txz: Rebuilt.
Upgraded: liblber-2.4.so.2.11.3, libldap-2.4.so.2.11.3, libmpc.so.3.2.1.
Added temporarily to allow for third-party packages to be recompiled:
libHalf.so.12.0.0, libIex-2_2.so.12.0.0, libIexMath-2_2.so.12.0.0,
libIlmImf-2_2.so.22.0.0, libIlmImfUtil-2_2.so.22.0.0,
libIlmThread-2_2.so.12.0.0, libImath-2_2.so.12.0.0,
libpoppler-qt4.so.4.11.0, libpoppler.so.79.0.0.
a/kernel-generic-5.4.73-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.73-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.73-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.73-x86-1.txz: Upgraded.
k/kernel-source-5.4.73-noarch-1.txz: Upgraded.
l/LibRaw-0.20.2-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/exiv2-0.27.3-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/gegl-0.4.26-x86_64-2.txz: Rebuilt.
Recompiled against openexr-2.5.3.
l/gexiv2-0.12.1-x86_64-1.txz: Upgraded.
Compiled against exiv2-0.27.3.
l/graphene-1.10.2-x86_64-1.txz: Added.
l/gst-plugins-base-1.18.1-x86_64-2.txz: Rebuilt.
Recompiled against system libgraphene.
l/ilmbase-2.2.0-x86_64-2.txz: Removed.
These libraries are now part of openexr.
l/imagemagick-7.0.10_34-x86_64-2.txz: Rebuilt.
Recompiled against LibRaw-0.20.2 and openexr-2.5.3.
l/openexr-2.5.3-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/poppler-20.10.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Qt4 support dropped.
n/samba-4.13.1-x86_64-1.txz: Upgraded.
This update fixes security issues:
Missing handle permissions check in SMB1/2/3 ChangeNotify.
Denial-of-service vulnerabilities.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14318
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14323
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14383
(* Security fix *)
xap/geeqie-1.5.1-x86_64-2.txz: Rebuilt.
Recompiled against exiv2-0.27.3.
xap/gimp-2.10.22-x86_64-2.txz: Rebuilt.
Recompiled against openexr-2.5.3.
xap/xlockmore-5.66-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
|
|
|
|
|
|
|
|
|
|
|
| |
d/mercurial-5.4.2-x86_64-1.txz: Upgraded.
d/nasm-2.15.02-x86_64-1.txz: Upgraded.
l/glib2-2.64.4-x86_64-1.txz: Upgraded.
n/samba-4.12.5-x86_64-1.txz: Upgraded.
x/libXaw3dXft-1.6.2g-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-68.10.0-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.10.0/releasenotes/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-firmware-20200519_8ba6fa6-noarch-1.txz: Upgraded.
a/kernel-generic-5.4.42-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.42-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.42-x86_64-1.txz: Upgraded.
a/util-linux-2.35.2-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.42-x86-1.txz: Upgraded.
d/python-pip-20.1.1-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.42-noarch-1.txz: Upgraded.
l/glib2-2.64.3-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.52.1-x86_64-1.txz: Upgraded.
n/samba-4.12.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ap/cups-2.3.3-x86_64-1.txz: Upgraded.
This update fixes two security issues:
The ppdOpen function did not handle invalid UI constraint.
ppdcSource::get_resolution function did not handle invalid resolution strings.
The ippReadIO function may under-read an extension.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3898
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842
(* Security fix *)
l/imagemagick-7.0.10_10-x86_64-1.txz: Upgraded.
n/samba-4.12.2-x86_64-1.txz: Upgraded.
This update fixes two security issues:
A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a
use-after-free in Samba's AD DC LDAP server.
A deeply nested filter in an un-authenticated LDAP search can exhaust the
LDAP server's stack memory causing a SIGSEGV.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10700
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10704
(* Security fix *)
testing/packages/PAM/cups-2.3.3-x86_64-1_pam.txz: Upgraded.
This update fixes two security issues:
The ppdOpen function did not handle invalid UI constraint.
ppdcSource::get_resolution function did not handle invalid resolution strings.
The ippReadIO function may under-read an extension.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3898
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842
(* Security fix *)
testing/packages/PAM/samba-4.12.2-x86_64-1_pam.txz: Upgraded.
This update fixes two security issues:
A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a
use-after-free in Samba's AD DC LDAP server.
A deeply nested filter in an un-authenticated LDAP search can exhaust the
LDAP server's stack memory causing a SIGSEGV.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10700
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10704
(* Security fix *)
|
|
|
|
| |
testing/packages/PAM/samba-4.12.1-x86_64-1_pam.txz: Upgraded.
|
|
|
|
|
| |
xap/seamonkey-2.53.1-x86_64-2.txz: Rebuilt.
Fixed $LIBDIRSUFFIX for 32-bit. Thanks to ljb643.
|
|
|
|
|
|
|
|
|
|
|
|
| |
ap/mariadb-10.4.12-x86_64-1.txz: Upgraded.
This fixes a potential denial-of-service vulnerability.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2574
(* Security fix *)
l/imagemagick-7.0.9_20-x86_64-1.txz: Upgraded.
n/dhcpcd-8.1.6-x86_64-1.txz: Upgraded.
n/samba-4.11.6-x86_64-1.txz: Upgraded.
x/mesa-19.3.3-x86_64-1.txz: Upgraded.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/aaa_elflibs-15.0-x86_64-19.txz: Rebuilt.
Upgraded: libcap.so.2.31, libgmp.so.10.4.0, libgmpxx.so.4.6.0.
Added: libgssapi_krb5.so.2.2, libk5crypto.so.3.1, libkrb5.so.3.3,
libkrb5support.so.0.1.
a/util-linux-2.35-x86_64-1.txz: Upgraded.
d/python-pip-20.0.1-x86_64-1.txz: Upgraded.
l/Mako-1.1.1-x86_64-1.txz: Upgraded.
l/keyutils-1.6.1-x86_64-1.txz: Upgraded.
n/krb5-1.17-x86_64-1.txz: Added.
Nothing links to this yet, but we'll need it soon enough. :-)
n/php-7.4.2-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Standard: OOB read in php_strip_tags_ex
Mbstring: global buffer-overflow in 'mbfl_filt_conv_big5_wchar'
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7059
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7060
(* Security fix *)
n/samba-4.11.5-x86_64-1.txz: Upgraded.
This update fixes the following security issues:
Replication of ACLs set to inherit down a subtree on AD Directory
not automatic.
Crash after failed character conversion at log level 3 or above.
Use after free during DNS zone scavenging in Samba AD DC.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14902
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14907
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19344
(* Security fix *)
xap/gparted-1.1.0-x86_64-1.txz: Upgraded.
|
|
|
|
|
|
|
|
|
|
|
| |
a/usb_modeswitch-2.5.2-x86_64-2.txz: Rebuilt.
Seems there's a regression in usb_modeswitch-2.6.0, so let's revert to
usb_modeswitch-2.5.2 but keep the latest usb-modeswitch-data-20191128.
Thanks to Lockywolf.
l/fuse3-3.9.0-x86_64-2.txz: Rebuilt.
Install fuse.conf as fuse.conf.new. This won't prevent an existing config
file from being overwritten with this upgrade, but it will prevent that
from happening again moving forward. Thanks to chrisVV.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
l/dconf-0.34.0-x86_64-2.txz: Rebuilt.
Rebuilt using the sed replacements suggested by LFS. This fixes a
subsequent build of dconf-editor.
l/glib-networking-2.62.2-x86_64-1.txz: Upgraded.
n/samba-4.11.3-x86_64-1.txz: Upgraded.
This update fixes the following security issues:
Samba AD DC zone-named record Denial of Service in DNS management server.
DelegationNotAllowed was not enforced in protocol transition on Samba AD DC.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14861
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14870
(* Security fix *)
x/vulkan-sdk-1.1.126.0-x86_64-1.txz: Upgraded.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/aaa_elflibs-15.0-x86_64-14.txz: Rebuilt.
Upgraded: libglib-2.0.so.0.6200.2, libgmodule-2.0.so.0.6200.2,
libgobject-2.0.so.0.6200.2, libgthread-2.0.so.0.6200.2.
Added: libgomp.so.1.0.0.
a/kernel-firmware-20191029_4065643-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.81-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.81-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.81-x86_64-1.txz: Upgraded.
ap/sudo-1.8.29-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.81-x86-1.txz: Upgraded.
d/python-setuptools-41.6.0-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.81-noarch-1.txz: Upgraded.
l/harfbuzz-2.6.3-x86_64-1.txz: Upgraded.
n/samba-4.11.2-x86_64-1.txz: Upgraded.
This update fixes bugs and these security issues:
Client code can return filenames containing path separators.
Samba AD DC check password script does not receive the full password.
User with "get changes" permission can crash AD DC LDAP server via dirsync.
For more information, see:
https://www.samba.org/samba/security/CVE-2019-10218.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10218
https://www.samba.org/samba/security/CVE-2019-14833.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14833
https://www.samba.org/samba/security/CVE-2019-14847.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14847
(* Security fix *)
x/libglvnd-1.2.0-x86_64-4.txz: Rebuilt.
Applied upstream patches to fix EGL/eglplatform.h.
x/xorg-server-1.20.5-x86_64-3.txz: Rebuilt.
#define EGL_NO_X11 to fix glamor build against libglvnd-1.2.0.
x/xorg-server-xephyr-1.20.5-x86_64-3.txz: Rebuilt.
x/xorg-server-xnest-1.20.5-x86_64-3.txz: Rebuilt.
x/xorg-server-xvfb-1.20.5-x86_64-3.txz: Rebuilt.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/getty-ps-2.1.0b-x86_64-4.txz: Removed.
a/lha-114i-x86_64-2.txz: Removed.
Removed due to vague licensing terms.
a/lhasa-0.3.1-x86_64-1.txz: Added.
This is an extraction-only LHA utility with an OSI approved license.
a/shadow-4.7-x86_64-2.txz: Rebuilt.
Added /etc/environment.new to fix "sudo -i" noise.
ap/lm_sensors-3.6.0-x86_64-1.txz: Upgraded.
ap/vim-8.1.2174-x86_64-1.txz: Upgraded.
l/netpbm-10.88.00-x86_64-1.txz: Upgraded.
n/ca-certificates-20191018-noarch-1.txz: Upgraded.
n/samba-4.11.1-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.1.2174-x86_64-1.txz: Upgraded.
xap/xfractint-20.04p13-x86_64-2.txz: Removed.
xap/xv-3.10a-x86_64-9.txz: Removed.
extra/getty-ps/getty-ps-2.1.0b-x86_64-4.txz: Rebuilt.
Moved here from the A series due to commercial use restrictions.
extra/xfractint/xfractint-20.04p14-x86_64-1.txz: Upgraded.
Moved here from the XAP series due to commercial use restrictions.
extra/xv/xv-3.10a-x86_64-9.txz: Rebuilt.
Moved here from the XAP series due to non-commercial use shareware license.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/aaa_elflibs-15.0-x86_64-12.txz: Rebuilt.
Upgraded: libexpat.so.1.6.11, libglib-2.0.so.0.6200.1,
libgmodule-2.0.so.0.6200.1, libgobject-2.0.so.0.6200.1,
libgthread-2.0.so.0.6200.1.
Added temporarily until third party packages have been recompiled:
libicudata.so.64.2, libicui18n.so.64.2, libicuio.so.64.2,
libicutest.so.64.2, libicutu.so.64.2, libicuuc.so.64.2.
a/xfsprogs-5.2.1-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-65.1.
ap/sqlite-3.30.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-65.1.
kde/calligra-2.9.11-x86_64-32.txz: Rebuilt.
Recompiled against icu4c-65.1.
l/boost-1.71.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-65.1.
l/harfbuzz-2.6.2-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-65.1.
l/icu4c-65.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libical-3.0.6-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-65.1.
l/libvisio-0.1.7-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-65.1.
l/qt-4.8.7-x86_64-14.txz: Rebuilt.
Recompiled against icu4c-65.1.
l/raptor2-2.0.15-x86_64-8.txz: Rebuilt.
Recompiled against icu4c-65.1.
n/dovecot-2.3.7.2-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-65.1.
n/php-7.3.10-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-65.1.
n/postfix-3.4.7-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-65.1.
n/samba-4.11.0-x86_64-1.txz: Upgraded.
n/tin-2.4.3-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-65.1.
t/texlive-2019.190626-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-65.1.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
l/dbus-python-1.2.10-x86_64-1.txz: Upgraded.
l/glib2-2.60.7-x86_64-1.txz: Upgraded.
l/librsvg-2.44.15-x86_64-1.txz: Upgraded.
l/pyparsing-2.4.2-x86_64-1.txz: Upgraded.
n/samba-4.10.8-x86_64-1.txz: Upgraded.
This update addresses a security issue:
On a Samba SMB server for all versions of Samba from 4.9.0 clients are
able to escape outside the share root directory if certain
configuration parameters set in the smb.conf file.
For more information, see:
https://www.samba.org/samba/security/CVE-2019-10197.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10197
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-firmware-20190821_c0fb3d9-noarch-1.txz: Upgraded.
a/xfsprogs-5.2.1-x86_64-1.txz: Upgraded.
ap/cups-filters-1.25.3-x86_64-1.txz: Upgraded.
d/python-setuptools-41.2.0-x86_64-1.txz: Upgraded.
d/swig-4.0.1-x86_64-1.txz: Upgraded.
n/bind-9.14.5-x86_64-1.txz: Upgraded.
n/dhcpcd-8.0.3-x86_64-1.txz: Upgraded.
n/samba-4.10.7-x86_64-1.txz: Upgraded.
xap/geeqie-1.5.1-x86_64-1.txz: Upgraded.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/glibc-zoneinfo-2019b-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.58-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.58-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.58-x86_64-1.txz: Upgraded.
d/Cython-0.29.12-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.58-x86-1.txz: Upgraded.
d/mercurial-5.0.2-x86_64-1.txz: Upgraded.
d/python3-3.7.4-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.58-noarch-1.txz: Upgraded.
l/glib2-2.60.5-x86_64-1.txz: Upgraded.
n/gnupg2-2.2.17-x86_64-1.txz: Upgraded.
n/iproute2-5.2.0-x86_64-1.txz: Upgraded.
n/samba-4.10.6-x86_64-1.txz: Upgraded.
x/libva-utils-2.5.0-x86_64-1.txz: Upgraded.
x/mesa-19.1.2-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements. Some of the patched
flaws are considered critical, and could be used to run attacker code and
install software, requiring no user interaction beyond normal browsing.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9811
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11711
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11712
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11713
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11729
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11715
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11717
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11719
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11730
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11709
(* Security fix *)
xap/mozilla-thunderbird-60.8.0-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/60.8.0/releasenotes/
xfce/garcon-0.6.3-x86_64-2.txz: Rebuilt.
Patched crash bug.
Installed gtk-doc HTML docs.
Thanks to Robby Workman.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/blueman-2.1.1-x86_64-1.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-generic-4.19.45-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.45-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.45-x86_64-1.txz: Upgraded.
ap/texinfo-6.6-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.30.0.
ap/vim-8.1.1365-x86_64-1.txz: Upgraded.
Compiled against perl-5.30.0.
d/bison-3.4.1-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.45-x86-1.txz: Upgraded.
d/parallel-20190522-noarch-1.txz: Upgraded.
d/perl-5.30.0-x86_64-1.txz: Upgraded.
Module upgraded: Net-SSLeay-1.88
d/strace-5.1-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.45-noarch-1.txz: Upgraded.
kde/perlkde-4.14.3-x86_64-8.txz: Rebuilt.
Recompiled against perl-5.30.0.
kde/perlqt-4.14.3-x86_64-9.txz: Rebuilt.
Recompiled against perl-5.30.0.
l/glib2-2.60.3-x86_64-1.txz: Upgraded.
n/curl-7.65.0-x86_64-1.txz: Upgraded.
This release fixes the following security issues:
Integer overflows in curl_url_set
tftp: use the current blksize for recvfrom()
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5435
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436
(* Security fix *)
n/epic5-2.1.1-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.30.0.
n/irssi-1.2.0-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.30.0.
n/net-snmp-5.8-x86_64-5.txz: Rebuilt.
Recompiled against perl-5.30.0.
n/ntp-4.2.8p13-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.30.0.
n/samba-4.10.4-x86_64-1.txz: Upgraded.
x/mesa-19.0.5-x86_64-1.txz: Upgraded.
xap/hexchat-2.14.2-x86_64-4.txz: Rebuilt.
Recompiled against perl-5.30.0.
xap/rxvt-unicode-9.22-x86_64-7.txz: Rebuilt.
Recompiled against perl-5.30.0.
xap/vim-gvim-8.1.1365-x86_64-1.txz: Upgraded.
Compiled against perl-5.30.0.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-firmware-20190514_711d329-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.43-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.43-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.43-x86_64-1.txz: Upgraded.
ap/hplip-3.19.5-x86_64-1.txz: Upgraded.
ap/mariadb-10.3.15-x86_64-1.txz: Upgraded.
This update fixes denial-of-service security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2614
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2627
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2628
(* Security fix *)
d/cmake-3.14.4-x86_64-1.txz: Upgraded.
d/gcc-9.1.0-x86_64-5.txz: Rebuilt.
Rebuilt with --enable-clocale=gnu. This is recommended by Linux From
Scratch, and while it doesn't seem to fix the issue with kernel compiles
failing with some locales, it probably doesn't hurt.
d/gcc-brig-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-g++-9.1.0-x86_64-5.txz: Rebuilt.
Applied patch: PR libstdc++/90397 fix std::variant friend declaration
This fixes problems compiling programs that use std::variant with clang.
Thanks to orbea.
d/gcc-gdc-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-gfortran-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-gnat-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-go-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-objc-9.1.0-x86_64-5.txz: Rebuilt.
d/kernel-headers-4.19.43-x86-1.txz: Upgraded.
d/rust-1.34.2-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.43-noarch-1.txz: Upgraded.
l/librsvg-2.44.14-x86_64-1.txz: Upgraded.
n/samba-4.10.3-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defect:
The checksum validation in the S4U2Self handler in the embedded Heimdal KDC
did not first confirm that the checksum was keyed, allowing replacement of
the requested target (client) principal.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16860
(* Security fix *)
x/xterm-345-x86_64-1.txz: Upgraded.
xap/rdesktop-1.8.5-x86_64-1.txz: Upgraded.
This update fixes security issues:
Add bounds checking to protocol handling in order to fix many
security problems when communicating with a malicious server.
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/glibc-zoneinfo-2019a-noarch-1.txz: Upgraded.
a/grub-2.02-x86_64-5.txz: Rebuilt.
Support F2FS filesystem. Thanks to Nille_kungen.
ap/cups-filters-1.22.5-x86_64-1.txz: Upgraded.
ap/itstool-2.0.6-x86_64-1.txz: Upgraded.
d/python-setuptools-41.0.0-x86_64-1.txz: Upgraded.
l/gobject-introspection-1.60.1-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_39-x86_64-1.txz: Upgraded.
l/libcroco-0.6.13-x86_64-1.txz: Upgraded.
l/libnotify-0.7.8-x86_64-1.txz: Upgraded.
n/cifs-utils-6.9-x86_64-1.txz: Upgraded.
n/nfs-utils-2.3.3-x86_64-2.txz: Rebuilt.
Include recovery directory. Thanks to upnort.
n/samba-4.10.2-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defects:
World writable files in Samba AD DC private/ dir.
Save registry file outside share as unprivileged user.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3870
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3880
(* Security fix *)
x/libva-2.4.1-x86_64-1.txz: Upgraded.
x/pixman-0.38.2-x86_64-1.txz: Upgraded.
xap/gimp-2.10.10-x86_64-1.txz: Upgraded.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/aaa_elflibs-15.0-x86_64-7.txz: Rebuilt.
Added: libhistory.so.8.0, libreadline.so.8.0.
a/gawk-4.2.1-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
a/kernel-generic-4.19.33-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.33-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.33-x86_64-1.txz: Upgraded.
a/util-linux-2.33.1-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
ap/bc-1.07.1-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
ap/gphoto2-2.5.20-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
ap/gutenprint-5.3.1-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
ap/mariadb-10.3.14-x86_64-1.txz: Upgraded.
ap/xorriso-1.5.0-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
d/clisp-2.49_20181112_df3b9f6fd-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
d/gdb-8.2.1-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
d/guile-2.2.4-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
d/kernel-headers-4.19.33-x86-1.txz: Upgraded.
d/python-2.7.16-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
d/python3-3.7.3-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
d/ruby-2.6.2-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
k/kernel-source-4.19.33-noarch-1.txz: Upgraded.
kde/analitza-4.14.3-x86_64-5.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/fluidsynth-1.1.11-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/gdbm-1.18.1-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/hunspell-1.6.2-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/mozjs52-52.9.0esr-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/parted-3.2-x86_64-5.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/pcre2-10.32-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/pilot-link-0.12.5-x86_64-14.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/readline-8.0.000-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/NetworkManager-1.16.0-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/bluez-5.50-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/gnupg-1.4.23-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/gnupg2-2.2.15-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/gnutls-3.6.7.1-x86_64-1.txz: Upgraded.
n/lftp-4.8.4-x86_64-4.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/netkit-ftp-0.17-x86_64-5.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/nftables-0.9.0-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/php-7.2.17-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
rename() across the device may allow unwanted access during processing.
(* Security fix *)
n/samba-4.10.1-x86_64-1.txz: Upgraded.
Compiled against readline-8.0.000.
n/tftp-hpa-5.2-x86_64-5.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/wpa_supplicant-2.7-x86_64-4.txz: Rebuilt.
Recompiled against readline-8.0.000.
xap/fvwm-2.6.8-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
xap/gftp-2.0.19-x86_64-8.txz: Rebuilt.
Recompiled against readline-8.0.000.
xap/gnuchess-6.2.5-x86_64-4.txz: Rebuilt.
xap/xine-ui-0.99.10-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
extra/pure-alsa-system/fluidsynth-1.1.11-x86_64-2_alsa.txz: Rebuilt.
Recompiled against readline-8.0.000.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/bash-5.0.003-x86_64-1.txz: Upgraded.
a/kernel-firmware-20190314_7bc2464-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.30-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.30-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.30-x86_64-1.txz: Upgraded.
d/help2man-1.47.9-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.30-x86-1.txz: Upgraded.
d/strace-5.0-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.30-noarch-1.txz: Upgraded.
n/gnupg2-2.2.14-x86_64-1.txz: Upgraded.
n/libgpg-error-1.36-x86_64-1.txz: Upgraded.
n/samba-4.10.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-firmware-20190312_b0d9583-noarch-1.txz: Upgraded.
l/at-spi2-atk-2.32.0-x86_64-1.txz: Upgraded.
l/at-spi2-core-2.32.0-x86_64-1.txz: Upgraded.
l/atk-2.32.0-x86_64-1.txz: Upgraded.
l/dconf-0.32.0-x86_64-1.txz: Upgraded.
l/dconf-editor-3.32.0-x86_64-1.txz: Upgraded.
l/glib-networking-2.60.0-x86_64-1.txz: Upgraded.
l/gsettings-desktop-schemas-3.32.0-x86_64-1.txz: Upgraded.
l/gvfs-1.40.0-x86_64-1.txz: Upgraded.
l/libsoup-2.66.0-x86_64-1.txz: Upgraded.
l/vte-0.56.0-x86_64-1.txz: Upgraded.
n/mobile-broadband-provider-info-20190116-x86_64-1.txz: Upgraded.
n/samba-4.9.5-x86_64-1.txz: Upgraded.
x/liberation-fonts-ttf-2.00.5-noarch-1.txz: Upgraded.
xap/gucharmap-12.0.0-x86_64-1.txz: Upgraded.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/coreutils-8.30-x86_64-3.txz: Rebuilt.
Support tmux terms in DIR_COLORS. Thanks to qunying.
a/grep-3.3-x86_64-1.txz: Upgraded.
a/kernel-generic-4.19.12-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.12-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.12-x86_64-1.txz: Upgraded.
a/sed-4.7-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.12-x86-1.txz: Upgraded.
d/rust-1.31.1-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.12-noarch-1.txz: Upgraded.
l/graphite2-1.3.13-x86_64-1.txz: Upgraded.
l/harfbuzz-2.3.0-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_19-x86_64-1.txz: Upgraded.
l/lmdb-0.9.23-x86_64-1.txz: Upgraded.
l/v4l-utils-1.16.3-x86_64-1.txz: Upgraded.
n/netatalk-3.1.12-x86_64-1.txz: Upgraded.
Netatalk before 3.1.12 is vulnerable to an out of bounds write in
dsi_opensess.c. This is due to lack of bounds checking on attacker
controlled data. A remote unauthenticated attacker can leverage
this vulnerability to achieve arbitrary code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1160
(* Security fix *)
n/openldap-client-2.4.47-x86_64-1.txz: Upgraded.
n/samba-4.9.4-x86_64-1.txz: Upgraded.
x/intel-vaapi-driver-2.3.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/sysvinit-scripts-2.1-noarch-23.txz: Rebuilt.
rc.S: simplify test for F2FS filesystem on /. Thanks to GazL.
ap/soma-3.2.0-noarch-1.txz: Upgraded.
d/cmake-3.13.1-x86_64-1.txz: Upgraded.
l/jansson-2.12-x86_64-1.txz: Upgraded.
n/rp-pppoe-3.13-x86_64-1.txz: Upgraded.
n/samba-4.9.3-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
CVE-2018-14629: Unprivileged adding of CNAME record causing loop in AD
Internal DNS server
CVE-2018-16841: Double-free in Samba AD DC KDC with PKINIT
CVE-2018-16851: NULL pointer de-reference in Samba AD DC LDAP server
CVE-2018-16852: NULL pointer de-reference in Samba AD DC DNS servers
CVE-2018-16853: Samba AD DC S4U2Self crash in experimental MIT Kerberos
configuration (unsupported)
CVE-2018-16857: Bad password count in AD DC not always effective
For more information, see:
https://www.samba.org/samba/security/CVE-2018-14629.html
https://www.samba.org/samba/security/CVE-2018-16841.html
https://www.samba.org/samba/security/CVE-2018-16851.html
https://www.samba.org/samba/security/CVE-2018-16852.html
https://www.samba.org/samba/security/CVE-2018-16853.html
https://www.samba.org/samba/security/CVE-2018-16857.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16852
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16853
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16857
(* Security fix *)
x/mesa-18.2.6-x86_64-1.txz: Upgraded.
x/vulkan-sdk-1.1.92.1-x86_64-1.txz: Upgraded.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/efibootmgr-16-x86_64-2.txz: Rebuilt.
Reverted to previous version. We'd tried this before and it still doesn't
work. Thanks to _RDS_.
a/efivar-35-x86_64-1.txz: Upgraded.
Reverted to previous version. We'd tried this before and it still doesn't
work. Thanks to _RDS_.
a/hwdata-0.317-noarch-1.txz: Upgraded.
a/lvm2-2.03.01-x86_64-1.txz: Upgraded.
a/quota-4.04-x86_64-1.txz: Upgraded.
ap/cups-2.2.9-x86_64-1.txz: Upgraded.
ap/sysstat-12.0.2-x86_64-1.txz: Upgraded.
d/cscope-15.9-x86_64-1.txz: Upgraded.
d/distcc-3.3.2-x86_64-1.txz: Upgraded.
d/nasm-2.14-x86_64-1.txz: Upgraded.
d/oprofile-1.3.0-x86_64-1.txz: Upgraded.
d/rust-1.30.1-x86_64-1.txz: Upgraded.
l/elfutils-0.174-x86_64-1.txz: Upgraded.
l/shared-mime-info-1.10-x86_64-1.txz: Upgraded.
n/samba-4.9.2-x86_64-1.txz: Upgraded.
xap/gimp-2.10.8-x86_64-1.txz: Upgraded.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-generic-4.19.0-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.0-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.0-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.0-x86-1.txz: Upgraded.
d/parallel-20181022-noarch-1.txz: Upgraded.
k/kernel-source-4.19.0-noarch-1.txz: Upgraded.
[581 lines of diffconfig output omitted here]
l/alsa-plugins-1.1.7-x86_64-3.txz: Rebuilt.
Reverted two patches that have been reported to cause crashes with USB audio
devices. Thanks to Jean-Philippe Guillemin.
l/harfbuzz-1.9.0-x86_64-2.txz: Rebuilt.
Reverted (for now) to harfbuzz-1.9.0 to fix build failures with texlive, php,
and calligra caused by API changes. Thanks to nobodino.
l/libpng-1.6.35-x86_64-1.txz: Upgraded.
n/samba-4.9.1-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-60.3.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
extra/pure-alsa-system/alsa-plugins-1.1.7-x86_64-3_alsa.txz: Rebuilt.
Reverted two patches that have been reported to cause crashes with USB audio
devices. Thanks to Jean-Philippe Guillemin.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|