summaryrefslogtreecommitdiffstats
path: root/source/n (follow)
Commit message (Expand)AuthorAgeFilesLines
* Tue May 7 00:11:33 UTC 2019...a/xfsprogs-5.0.0-x86_64-1.txz: Upgraded. d/gcc-9.1.0-x86_64-3.txz: Rebuilt. Patched to fix an internal compiler error (PR90303). Thanks to orbea. d/gcc-brig-9.1.0-x86_64-3.txz: Rebuilt. d/gcc-g++-9.1.0-x86_64-3.txz: Rebuilt. d/gcc-gdc-9.1.0-x86_64-3.txz: Rebuilt. d/gcc-gfortran-9.1.0-x86_64-3.txz: Rebuilt. d/gcc-gnat-9.1.0-x86_64-3.txz: Rebuilt. d/gcc-go-9.1.0-x86_64-3.txz: Rebuilt. d/gcc-objc-9.1.0-x86_64-3.txz: Rebuilt. n/postfix-3.4.5-x86_64-2.txz: Rebuilt. Added some additional tools. Thanks to Markus Wiesner. 20190507001133 Patrick J Volkerding2019-05-072-2/+14
* Sat May 4 18:44:36 UTC 2019...a/kernel-generic-4.19.39-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.39-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.39-x86_64-1.txz: Upgraded. d/gcc-9.1.0-x86_64-2.txz: Rebuilt. d/gcc-brig-9.1.0-x86_64-2.txz: Rebuilt. d/gcc-g++-9.1.0-x86_64-2.txz: Rebuilt. d/gcc-gdc-9.1.0-x86_64-2.txz: Added. This package contains the newly added D language support. The other GCC packages were rebuilt without any functional changes. d/gcc-gfortran-9.1.0-x86_64-2.txz: Rebuilt. d/gcc-gnat-9.1.0-x86_64-2.txz: Rebuilt. d/gcc-go-9.1.0-x86_64-2.txz: Rebuilt. d/gcc-objc-9.1.0-x86_64-2.txz: Rebuilt. d/kernel-headers-4.19.39-x86-1.txz: Upgraded. k/kernel-source-4.19.39-noarch-1.txz: Upgraded. l/imagemagick-6.9.10_44-x86_64-1.txz: Upgraded. l/v4l-utils-1.16.6-x86_64-1.txz: Upgraded. n/dhcpcd-7.2.2-x86_64-1.txz: Upgraded. x/vulkan-sdk-1.1.106.0-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20190504184436 Patrick J Volkerding2019-05-052-1/+1
* Wed May 1 19:49:49 UTC 2019...ap/tmux-2.9a-x86_64-1.txz: Upgraded. n/dovecot-2.3.6-x86_64-1.txz: Upgraded. This update fixes two security issues: Submission-login crashed with signal 11 due to null pointer access when authentication was aborted by disconnecting. Submission-login crashed when authentication was started over TLS secured channel and invalid authentication message was sent. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11494 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11499 (* Security fix *) n/php-7.2.18-x86_64-1.txz: Upgraded. This update fixes bugs and a security issue Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036 (* Security fix *) xfce/exo-0.12.5-x86_64-1.txz: Upgraded. 20190501194949 Patrick J Volkerding2019-05-023-41/+3
* Fri Apr 26 18:55:10 UTC 2019...ap/tmux-2.9-x86_64-1.txz: Upgraded. d/python-pip-19.1-x86_64-1.txz: Upgraded. d/rust-1.34.1-x86_64-1.txz: Upgraded. d/subversion-1.12.0-x86_64-1.txz: Upgraded. n/bind-9.14.1-x86_64-1.txz: Upgraded. This update fixes security issues: The TCP client quota set using the tcp-clients option could be exceeded in some cases. This could lead to exhaustion of file descriptors. In certain configurations, named could crash with an assertion failure if nxdomain-redirect was in use and a redirected query resulted in an NXDOMAIN from the cache. For more information, see: https://kb.isc.org/docs/cve-2018-5743 https://kb.isc.org/docs/cve-2019-6467 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6467 (* Security fix *) n/dhcpcd-7.2.1-x86_64-1.txz: Upgraded. 20190426185510 Patrick J Volkerding2019-04-273-2/+2
* Mon Apr 22 20:00:44 UTC 2019...a/aaa_terminfo-6.1_20190420-x86_64-1.txz: Upgraded. l/ncurses-6.1_20190420-x86_64-1.txz: Upgraded. n/wpa_supplicant-2.8-x86_64-1.txz: Upgraded. xap/xpdf-4.00-x86_64-4.txz: Rebuilt. Recompiled with -DSYSTEM_XPDFRC="/etc/xpdfrc". Thanks to J_W. 20190422200044 Patrick J Volkerding2019-04-234-78/+1
* Sun Apr 21 18:45:54 UTC 2019...a/bash-5.0.007-x86_64-1.txz: Upgraded. d/parallel-20190422-noarch-1.txz: Upgraded. n/NetworkManager-1.18.1-x86_64-1.txz: Upgraded. 20190421184554 Patrick J Volkerding2019-04-221-1/+1
* Thu Apr 18 21:13:58 UTC 2019...ap/ksh93-20190416_7d7bba3e-x86_64-1.txz: Upgraded. ap/sysstat-12.1.4-x86_64-1.txz: Upgraded. l/gvfs-1.40.1-x86_64-2.txz: Rebuilt. Recompiled against libcdio-2.1.0. l/icu4c-64.2-x86_64-1.txz: Upgraded. l/libcddb-1.3.2-x86_64-6.txz: Rebuilt. Recompiled against libcdio-2.1.0. l/libcdio-2.1.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/libcdio-paranoia-10.2+2.0.0-x86_64-2.txz: Rebuilt. Recompiled against libcdio-2.1.0. l/zstd-1.4.0-x86_64-1.txz: Upgraded. n/dhcpcd-7.2.0-x86_64-1.txz: Upgraded. n/dovecot-2.3.5.2-x86_64-1.txz: Upgraded. This update fixes a security issue: Trying to login with 8bit username containing invalid UTF8 input causes auth process to crash if auth policy is enabled. This could be used rather easily to cause a DoS. Similar crash also happens during mail delivery when using invalid UTF8 in From or Subject header when OX push notification driver is used. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10691 (* Security fix *) n/nghttp2-1.38.0-x86_64-1.txz: Upgraded. n/openssh-8.0p1-x86_64-1.txz: Upgraded. This release contains a mitigation for a weakness in the scp(1) tool and protocol (CVE-2019-6111): when copying files from a remote system to a local directory, scp(1) did not verify that the filenames that the server sent matched those requested by the client. This could allow a hostile server to create or clobber unexpected local files with attacker-controlled content. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111 (* Security fix *) xap/MPlayer-20190418-x86_64-1.txz: Upgraded. Compiled against libcdio-2.1.0. xap/audacious-plugins-3.10.1-x86_64-2.txz: Rebuilt. Recompiled against libcdio-2.1.0. extra/pure-alsa-system/MPlayer-20190418-x86_64-1_alsa.txz: Upgraded. Compiled against libcdio-2.1.0. extra/pure-alsa-system/audacious-plugins-3.10.1-x86_64-2_alsa.txz: Rebuilt. Recompiled against libcdio-2.1.0. 20190418211358 Patrick J Volkerding2019-04-193-13/+13
* Sat Apr 13 19:44:43 UTC 2019...l/imagemagick-6.9.10_40-x86_64-1.txz: Upgraded. l/opus-1.3.1-x86_64-1.txz: Upgraded. n/libqmi-1.22.4-x86_64-1.txz: Upgraded. 20190413194443 Patrick J Volkerding2019-04-143-1/+58
* Fri Apr 12 22:13:09 UTC 2019...a/gawk-5.0.0-x86_64-1.txz: Upgraded. ap/pamixer-1.4-x86_64-2.txz: Rebuilt. Recompiled against boost-1.70.0. ap/vim-8.1.1157-x86_64-1.txz: Upgraded. d/cmake-3.14.2-x86_64-1.txz: Upgraded. e/emacs-26.2-x86_64-1.txz: Upgraded. kde/calligra-2.9.11-x86_64-30.txz: Rebuilt. Recompiled against boost-1.70.0. l/akonadi-1.13.0-x86_64-12.txz: Rebuilt. Recompiled against boost-1.70.0. l/boost-1.70.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. Note: Boost now provides its own BoostConfig.cmake config file, and it may not work with all existing code (here, calligra stumbled over it). At this point it's not clear if the included cmake config files are buggy, or if affected projects need to change something in order to use them, but there's an easy workaround to use cmake's FindBoost.cmake (as was used previously). Add this to the call to cmake from any affected project (if cmake fails with an error: "No suitable build variant has been found."): -DBoost_NO_BOOST_CMAKE=ON n/libmbim-1.18.2-x86_64-1.txz: Upgraded. n/nfs-utils-2.3.3-x86_64-3.txz: Rebuilt. rc.nfsd: don't try to create the nfsv4recoverydir - the build script will determine the directory to use and include it in the package. rc.nfsd: drop 2.4 kernel support, and use better code for mounting the nfsd filesystem. Thanks to shasta. x/libwacom-0.33-x86_64-1.txz: Upgraded. xap/vim-gvim-8.1.1157-x86_64-1.txz: Upgraded. 20190412221309 Patrick J Volkerding2019-04-133-17/+17
* Mon Apr 8 20:39:32 UTC 2019...a/glibc-zoneinfo-2019a-noarch-1.txz: Upgraded. a/grub-2.02-x86_64-5.txz: Rebuilt. Support F2FS filesystem. Thanks to Nille_kungen. ap/cups-filters-1.22.5-x86_64-1.txz: Upgraded. ap/itstool-2.0.6-x86_64-1.txz: Upgraded. d/python-setuptools-41.0.0-x86_64-1.txz: Upgraded. l/gobject-introspection-1.60.1-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_39-x86_64-1.txz: Upgraded. l/libcroco-0.6.13-x86_64-1.txz: Upgraded. l/libnotify-0.7.8-x86_64-1.txz: Upgraded. n/cifs-utils-6.9-x86_64-1.txz: Upgraded. n/nfs-utils-2.3.3-x86_64-2.txz: Rebuilt. Include recovery directory. Thanks to upnort. n/samba-4.10.2-x86_64-1.txz: Upgraded. This is a security release in order to address the following defects: World writable files in Samba AD DC private/ dir. Save registry file outside share as unprivileged user. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3870 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3880 (* Security fix *) x/libva-2.4.1-x86_64-1.txz: Upgraded. x/pixman-0.38.2-x86_64-1.txz: Upgraded. xap/gimp-2.10.10-x86_64-1.txz: Upgraded. 20190408203932 Patrick J Volkerding2019-04-093-3/+14
* Thu Apr 4 00:45:18 UTC 2019...a/aaa_elflibs-15.0-x86_64-7.txz: Rebuilt. Added: libhistory.so.8.0, libreadline.so.8.0. a/gawk-4.2.1-x86_64-3.txz: Rebuilt. Recompiled against readline-8.0.000. a/kernel-generic-4.19.33-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.33-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.33-x86_64-1.txz: Upgraded. a/util-linux-2.33.1-x86_64-3.txz: Rebuilt. Recompiled against readline-8.0.000. ap/bc-1.07.1-x86_64-3.txz: Rebuilt. Recompiled against readline-8.0.000. ap/gphoto2-2.5.20-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. ap/gutenprint-5.3.1-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. ap/mariadb-10.3.14-x86_64-1.txz: Upgraded. ap/xorriso-1.5.0-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. d/clisp-2.49_20181112_df3b9f6fd-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. d/gdb-8.2.1-x86_64-3.txz: Rebuilt. Recompiled against readline-8.0.000. d/guile-2.2.4-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. d/kernel-headers-4.19.33-x86-1.txz: Upgraded. d/python-2.7.16-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. d/python3-3.7.3-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. d/ruby-2.6.2-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. k/kernel-source-4.19.33-noarch-1.txz: Upgraded. kde/analitza-4.14.3-x86_64-5.txz: Rebuilt. Recompiled against readline-8.0.000. l/fluidsynth-1.1.11-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. l/gdbm-1.18.1-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. l/hunspell-1.6.2-x86_64-3.txz: Rebuilt. Recompiled against readline-8.0.000. l/mozjs52-52.9.0esr-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. l/parted-3.2-x86_64-5.txz: Rebuilt. Recompiled against readline-8.0.000. l/pcre2-10.32-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. l/pilot-link-0.12.5-x86_64-14.txz: Rebuilt. Recompiled against readline-8.0.000. l/readline-8.0.000-x86_64-1.txz: Upgraded. Shared library .so-version bump. n/NetworkManager-1.16.0-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. n/bluez-5.50-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. n/gnupg-1.4.23-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. n/gnupg2-2.2.15-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. n/gnutls-3.6.7.1-x86_64-1.txz: Upgraded. n/lftp-4.8.4-x86_64-4.txz: Rebuilt. Recompiled against readline-8.0.000. n/netkit-ftp-0.17-x86_64-5.txz: Rebuilt. Recompiled against readline-8.0.000. n/nftables-0.9.0-x86_64-3.txz: Rebuilt. Recompiled against readline-8.0.000. n/php-7.2.17-x86_64-1.txz: Upgraded. This update fixes bugs and a security issue: rename() across the device may allow unwanted access during processing. (* Security fix *) n/samba-4.10.1-x86_64-1.txz: Upgraded. Compiled against readline-8.0.000. n/tftp-hpa-5.2-x86_64-5.txz: Rebuilt. Recompiled against readline-8.0.000. n/wpa_supplicant-2.7-x86_64-4.txz: Rebuilt. Recompiled against readline-8.0.000. xap/fvwm-2.6.8-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. xap/gftp-2.0.19-x86_64-8.txz: Rebuilt. Recompiled against readline-8.0.000. xap/gnuchess-6.2.5-x86_64-4.txz: Rebuilt. xap/xine-ui-0.99.10-x86_64-3.txz: Rebuilt. Recompiled against readline-8.0.000. extra/pure-alsa-system/fluidsynth-1.1.11-x86_64-2_alsa.txz: Rebuilt. Recompiled against readline-8.0.000. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20190404004518 Patrick J Volkerding2019-04-0414-16/+16
* Tue Apr 2 20:30:22 UTC 2019...a/hwdata-0.322-noarch-1.txz: Upgraded. a/kernel-firmware-20190402_67b7579-noarch-1.txz: Upgraded. a/shadow-4.6-x86_64-2.txz: Rebuilt. adduser: reprompt on invalid user input. Thanks to ttk. ap/ghostscript-9.26-x86_64-2.txz: Rebuilt. Fixes security issues: A specially crafted PostScript file could have access to the file system outside of the constrains imposed by -dSAFER. Transient procedures can allow access to system operators, leading to remote code execution. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3838 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6116 (* Security fix *) d/vala-0.44.2-x86_64-1.txz: Upgraded. l/glib-networking-2.60.1-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_36-x86_64-1.txz: Upgraded. l/python-pillow-6.0.0-x86_64-1.txz: Upgraded. n/wget-1.20.2-x86_64-1.txz: Upgraded. Fixed an unspecified buffer overflow vulnerability. (* Security fix *) 20190402203022 Patrick J Volkerding2019-04-031-1/+1
* Sun Mar 31 18:51:16 UTC 2019...a/quota-4.05-x86_64-1.txz: Upgraded. d/cmake-3.14.1-x86_64-1.txz: Upgraded. d/patchelf-0.10-x86_64-1.txz: Upgraded. l/harfbuzz-2.4.0-x86_64-1.txz: Upgraded. l/utf8proc-2.3.0-x86_64-1.txz: Upgraded. n/httpd-2.4.39-x86_64-1.txz: Upgraded. n/iputils-20190324-x86_64-1.txz: Upgraded. n/postfix-3.4.5-x86_64-1.txz: Upgraded. 20190331185116 Patrick J Volkerding2019-04-013-25/+32
* Fri Mar 29 18:24:36 UTC 2019...a/aaa_elflibs-15.0-x86_64-6.txz: Rebuilt. Upgraded: libelf-0.176.so, libpcre.so.1.2.11, libglib-2.0.so.0.6000.0, libgmodule-2.0.so.0.6000.0, libgobject-2.0.so.0.6000.0, libgthread-2.0.so.0.6000.0, libtdb.so.1.4.0. Temporarily added: libicudata.so.63.1, libicui18n.so.63.1, libicuio.so.63.1, libicutest.so.63.1, libicutu.so.63.1, libicuuc.so.63.1. a/xfsprogs-4.20.0-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. ap/sqlite-3.27.2-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. kde/calligra-2.9.11-x86_64-29.txz: Rebuilt. Recompiled against icu4c-64.1. kde/kdepimlibs-4.14.10-x86_64-7.txz: Rebuilt. Recompiled to pull in new gpgme++ header files. l/boost-1.69.0-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. l/ffmpeg-3.4.6-x86_64-1.txz: Upgraded. l/giflib-5.1.9-x86_64-1.txz: Upgraded. l/harfbuzz-2.3.1-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. l/icu4c-64.1-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/libical-3.0.4-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. l/libvisio-0.1.6-x86_64-6.txz: Rebuilt. Recompiled against icu4c-64.1. l/qt-4.8.7-x86_64-12.txz: Rebuilt. Recompiled against icu4c-64.1. l/raptor2-2.0.15-x86_64-7.txz: Rebuilt. Recompiled against icu4c-64.1. l/v4l-utils-1.16.5-x86_64-1.txz: Upgraded. n/dovecot-2.3.5.1-x86_64-1.txz: Upgraded. Missing input buffer size validation leads into arbitrary buffer overflow when reading fts or pop3 uidl header from Dovecot index. Exploiting this requires direct write access to the index files. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7524 (* Security fix *) Compiled against icu4c-64.1. n/gpgme-1.13.0-x86_64-1.txz: Upgraded. n/php-7.2.16-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. n/postfix-3.4.4-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. n/tin-2.4.3-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. n/whois-5.4.2-x86_64-1.txz: Upgraded. t/texlive-2018.180822-x86_64-5.txz: Rebuilt. Recompiled against icu4c-64.1. x/libinput-1.13.0-x86_64-1.txz: Upgraded. x/mesa-19.0.1-x86_64-1.txz: Upgraded. x/vulkan-sdk-1.1.101.0-x86_64-1.txz: Upgraded. extra/pure-alsa-system/ffmpeg-3.4.6-x86_64-1_alsa.txz: Upgraded. 20190329182436 Patrick J Volkerding2019-03-306-6/+6
* Wed Mar 27 20:37:56 UTC 2019...a/kernel-generic-4.19.32-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.32-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.32-x86_64-1.txz: Upgraded. ap/hplip-3.19.3-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.32-x86-1.txz: Upgraded. d/python3-3.7.3-x86_64-1.txz: Upgraded. Fixed bugs and the following security issues: bpo-36216: Changes urlsplit() to raise ValueError when the URL contains characters that decompose under IDNA encoding (NFKC-normalization) into characters that affect how the URL is parsed. bpo-35746: [CVE-2019-5010] Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Vulnerability (TALOS-2018-0758) reported by Colin Read and Nicolas Edet of Cisco. bpo-35121: Don't send cookies of domain A without Domain attribute to domain B when domain A is a suffix match of domain B while using a cookiejar with http.cookiejar.DefaultCookiePolicy policy. Patch by Karthikeyan Singaravelan. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5010 (* Security fix *) d/scons-3.0.5-x86_64-1.txz: Upgraded. k/kernel-source-4.19.32-noarch-1.txz: Upgraded. n/curl-7.64.1-x86_64-1.txz: Upgraded. n/gnutls-3.6.7-x86_64-1.txz: Upgraded. Fixes security issues: libgnutls, gnutls tools: Every gnutls_free() will automatically set the free'd pointer to NULL. This prevents possible use-after-free and double free issues. Use-after-free will be turned into NULL dereference. The counter-measure does not extend to applications using gnutls_free(). libgnutls: Fixed a memory corruption (double free) vulnerability in the certificate verification API. Reported by Tavis Ormandy; addressed with the change above. [GNUTLS-SA-2019-03-27, #694] libgnutls: Fixed an invalid pointer access via malformed TLS1.3 async messages; Found using tlsfuzzer. [GNUTLS-SA-2019-03-27, #704] libgnutls: enforce key usage limitations on certificates more actively. Previously we would enforce it for TLS1.2 protocol, now we enforce it even when TLS1.3 is negotiated, or on client certificates as well. When an inappropriate for TLS1.3 certificate is seen on the credentials structure GnuTLS will disable TLS1.3 support for that session (#690). libgnutls: enforce the equality of the two signature parameters fields in a certificate. We were already enforcing the signature algorithm, but there was a bug in parameter checking code. (* Security fix *) isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20190327203756 Patrick J Volkerding2019-03-283-31/+2
* Sun Mar 24 03:53:12 UTC 2019...a/kernel-generic-4.19.31-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.31-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.31-x86_64-1.txz: Upgraded. ap/cups-2.2.11-x86_64-1.txz: Upgraded. ap/sysstat-12.1.3-x86_64-1.txz: Upgraded. d/help2man-1.47.10-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.31-x86-1.txz: Upgraded. k/kernel-source-4.19.31-noarch-1.txz: Upgraded. n/samba-4.10.0-x86_64-2.txz: Rebuilt. Recompile dropping python2 support, since talloc no longer supports it. Thanks to ponce. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20190324035312 Patrick J Volkerding2019-03-241-3/+2
* Fri Mar 22 20:41:23 UTC 2019...d/parallel-20190322-noarch-1.txz: Upgraded. n/bind-9.14.0-x86_64-1.txz: Upgraded. xap/mozilla-firefox-60.6.1esr-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. The patched flaws are considered critical, and could be used to run attacker code and install software, requiring no user interaction beyond normal browsing. For more information, see: https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html https://www.mozilla.org/en-US/security/advisories/mfsa2019-10/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9810i https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9813 (* Security fix *) 20190322204123 Patrick J Volkerding2019-03-231-1/+1
* Tue Mar 19 20:06:28 UTC 2019...a/bash-5.0.003-x86_64-1.txz: Upgraded. a/kernel-firmware-20190314_7bc2464-noarch-1.txz: Upgraded. a/kernel-generic-4.19.30-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.30-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.30-x86_64-1.txz: Upgraded. d/help2man-1.47.9-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.30-x86-1.txz: Upgraded. d/strace-5.0-x86_64-1.txz: Upgraded. k/kernel-source-4.19.30-noarch-1.txz: Upgraded. n/gnupg2-2.2.14-x86_64-1.txz: Upgraded. n/libgpg-error-1.36-x86_64-1.txz: Upgraded. n/samba-4.10.0-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20190319200628 Patrick J Volkerding2019-03-203-4/+5
* Thu Mar 14 03:41:42 UTC 2019...a/kernel-firmware-20190313_efd2c1c-noarch-1.txz: Upgraded. a/kernel-generic-4.19.29-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.29-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.29-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.29-x86-1.txz: Upgraded. k/kernel-source-4.19.29-noarch-1.txz: Upgraded. n/crda-3.18-x86_64-9.txz: Rebuilt. Upgraded to wireless-regdb-2019.03.01. n/ethtool-5.0-x86_64-1.txz: Upgraded. x/mesa-19.0.0-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20190314034142 Patrick J Volkerding2019-03-141-2/+2
* Tue Mar 12 20:03:46 UTC 2019...a/kernel-firmware-20190312_b0d9583-noarch-1.txz: Upgraded. l/at-spi2-atk-2.32.0-x86_64-1.txz: Upgraded. l/at-spi2-core-2.32.0-x86_64-1.txz: Upgraded. l/atk-2.32.0-x86_64-1.txz: Upgraded. l/dconf-0.32.0-x86_64-1.txz: Upgraded. l/dconf-editor-3.32.0-x86_64-1.txz: Upgraded. l/glib-networking-2.60.0-x86_64-1.txz: Upgraded. l/gsettings-desktop-schemas-3.32.0-x86_64-1.txz: Upgraded. l/gvfs-1.40.0-x86_64-1.txz: Upgraded. l/libsoup-2.66.0-x86_64-1.txz: Upgraded. l/vte-0.56.0-x86_64-1.txz: Upgraded. n/mobile-broadband-provider-info-20190116-x86_64-1.txz: Upgraded. n/samba-4.9.5-x86_64-1.txz: Upgraded. x/liberation-fonts-ttf-2.00.5-noarch-1.txz: Upgraded. xap/gucharmap-12.0.0-x86_64-1.txz: Upgraded. 20190312200346 Patrick J Volkerding2019-03-134-9/+59
* Mon Mar 11 19:03:50 UTC 2019...a/coreutils-8.31-x86_64-1.txz: Upgraded. d/meson-0.50.0-x86_64-1.txz: Upgraded. l/giflib-5.1.7-x86_64-1.txz: Upgraded. l/python-certifi-2019.3.9-x86_64-1.txz: Upgraded. n/postfix-3.4.3-x86_64-1.txz: Upgraded. x/libFS-1.0.8-x86_64-1.txz: Upgraded. x/libXcomposite-0.4.5-x86_64-1.txz: Upgraded. x/libXcursor-1.2.0-x86_64-1.txz: Upgraded. x/libXdamage-1.1.5-x86_64-1.txz: Upgraded. 20190311190350 Patrick J Volkerding2019-03-121-1/+1
* Fri Mar 8 18:28:40 UTC 2019...a/bash-5.0.002-x86_64-3.txz: Rebuilt. Fix applying patches. Thanks to saahriktu. a/e2fsprogs-1.45.0-x86_64-1.txz: Upgraded. n/ca-certificates-20190308-noarch-1.txz: Upgraded. n/nghttp2-1.37.0-x86_64-1.txz: Upgraded. n/ntp-4.2.8p13-x86_64-1.txz: Upgraded. This release fixes a bug that allows an attacker with access to an explicitly trusted source to send a crafted malicious mode 6 (ntpq) packet that can trigger a NULL pointer dereference, crashing ntpd. It also provides 17 other bugfixes and 1 other improvement. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8936 (* Security fix *) n/postfix-3.4.1-x86_64-2.txz: Rebuilt. n/s-nail-14.9.13-x86_64-1.txz: Upgraded. 20190308182840 Patrick J Volkerding2019-03-094-4/+679
* Tue Mar 5 00:17:16 UTC 2019...d/gcc-8.3.0-x86_64-2.txz: Rebuilt. Reverted backported asm inline patches that broke "asm volatile". Thanks to nobodino. d/gcc-brig-8.3.0-x86_64-2.txz: Rebuilt. d/gcc-g++-8.3.0-x86_64-2.txz: Rebuilt. d/gcc-gfortran-8.3.0-x86_64-2.txz: Rebuilt. d/gcc-gnat-8.3.0-x86_64-2.txz: Rebuilt. d/gcc-go-8.3.0-x86_64-2.txz: Rebuilt. d/gcc-objc-8.3.0-x86_64-2.txz: Rebuilt. l/at-spi2-atk-2.30.1-x86_64-1.txz: Upgraded. l/at-spi2-core-2.30.1-x86_64-1.txz: Upgraded. l/gc-8.0.4-x86_64-1.txz: Upgraded. l/glib2-2.60.0-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_31-x86_64-1.txz: Upgraded. n/postfix-3.4.0-x86_64-2.txz: Rebuilt. Prevent the install script from making noise. x/xinit-1.4.1-x86_64-1.txz: Upgraded. x/xlogo-1.0.5-x86_64-1.txz: Upgraded. x/xmore-1.0.3-x86_64-1.txz: Upgraded. extra/fltk/fltk-1.3.5-x86_64-1.txz: Upgraded. 20190305001716 Patrick J Volkerding2019-03-052-3/+3
* Fri Mar 1 23:44:12 UTC 2019...a/eudev-3.2.7-x86_64-2.txz: Rebuilt. Don't require kvm group. 20190301234412 Patrick J Volkerding2019-03-021-1/+1
* Thu Feb 28 23:05:08 UTC 2019...d/Cython-0.29.6-x86_64-1.txz: Upgraded. d/rust-1.33.0-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_29-x86_64-1.txz: Upgraded. l/qjson-0.9.0-x86_64-1.txz: Upgraded. n/postfix-3.4.0-x86_64-1.txz: Upgraded. 20190228230508 Patrick J Volkerding2019-03-011-4/+4
* Wed Feb 27 23:21:15 UTC 2019...a/aaa_terminfo-6.1_20190223-x86_64-1.txz: Upgraded. a/kernel-firmware-20190221_9ee52be-noarch-1.txz: Upgraded. a/kernel-generic-4.19.26-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.26-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.26-x86_64-1.txz: Upgraded. ap/vim-8.1.0984-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.26-x86-1.txz: Upgraded. k/kernel-source-4.19.26-noarch-1.txz: Upgraded. l/ncurses-6.1_20190223-x86_64-1.txz: Upgraded. n/curl-7.64.0-x86_64-3.txz: Rebuilt. Applied upstream patch to fix log spam: [PATCH] multi: remove verbose "Expire in" ... messages Thanks to compassnet. n/postfix-3.3.3-x86_64-1.txz: Upgraded. xap/vim-gvim-8.1.0984-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20190227232115 Patrick J Volkerding2019-02-282-1/+30
* Wed Feb 27 03:09:41 UTC 2019...a/btrfs-progs-4.20.2-x86_64-1.txz: Upgraded. a/openssl-solibs-1.1.1b-x86_64-1.txz: Upgraded. ap/ddrescue-1.24-x86_64-1.txz: Upgraded. ap/sqlite-3.27.2-x86_64-1.txz: Upgraded. l/libssh-0.8.7-x86_64-1.txz: Upgraded. l/talloc-2.1.16-x86_64-1.txz: Upgraded. l/tdb-1.3.18-x86_64-1.txz: Upgraded. l/tevent-0.9.39-x86_64-1.txz: Upgraded. n/ca-certificates-20181210-noarch-2.txz: Rebuilt. Use "c_rehash" rather than "openssl rehash" for compatibility with all versions of OpenSSL. n/epic5-2.1.1-x86_64-1.txz: Upgraded. n/openssl-1.1.1b-x86_64-1.txz: Upgraded. x/xorg-server-1.20.4-x86_64-1.txz: Upgraded. x/xorg-server-xephyr-1.20.4-x86_64-1.txz: Upgraded. x/xorg-server-xnest-1.20.4-x86_64-1.txz: Upgraded. x/xorg-server-xvfb-1.20.4-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-60.5.2-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/60.5.2/releasenotes/ 20190227030941 Patrick J Volkerding2019-02-275-83/+22
* Sat Feb 23 03:33:52 UTC 2019...a/file-5.36-x86_64-1.txz: Upgraded. ap/mariadb-10.3.13-x86_64-1.txz: Upgraded. This update fixes bugs and security issues. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2510 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2537 (* Security fix *) d/p2c-2.01-x86_64-1.txz: Upgraded. d/python-pip-19.0.3-x86_64-1.txz: Upgraded. l/librsvg-2.44.13-x86_64-2.txz: Rebuilt. Recompiled with --enable-vala=yes. n/bind-9.12.3_P4-x86_64-1.txz: Upgraded. xap/mozilla-firefox-60.5.2esr-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/firefox/60.5.2/releasenotes/ 20190223033352 Patrick J Volkerding2019-02-231-2/+2
* Wed Feb 20 23:59:17 UTC 2019...a/kernel-generic-4.19.24-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.24-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.24-x86_64-1.txz: Upgraded. a/kmod-26-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. a/util-linux-2.33.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. ap/hplip-3.19.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. ap/linuxdoc-tools-0.9.73-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. ap/lxc-2.0.9_d3a03247-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. ap/rpm-4.14.2.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/Cython-0.29.5-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/distcc-3.3.2-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/gdb-8.2.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/kernel-headers-4.19.24-x86-1.txz: Upgraded. d/llvm-7.0.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/meson-0.49.2-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/python-pip-19.0.2-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/python-setuptools-40.8.0-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/python3-3.7.2-x86_64-1.txz: Upgraded. Shared library .so-version bump. k/kernel-source-4.19.24-noarch-1.txz: Upgraded. kde/pykde4-4.14.3-x86_64-8.txz: Rebuilt. Recompiled against python3-3.7.2. l/Mako-1.0.7-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/PyQt-4.12.1-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/QScintilla-2.10.8-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/alsa-lib-1.1.8-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/dbus-python-1.2.8-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/gexiv2-0.10.10-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/libcaca-0.99.beta19-x86_64-4.txz: Rebuilt. Recompiled against python3-3.7.2. l/libcap-ng-0.7.9-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/libjpeg-turbo-2.0.2-x86_64-1.txz: Upgraded. l/libproxy-0.4.15-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/libwebp-1.0.2-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/libxml2-2.9.9-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/newt-0.52.20-x86_64-4.txz: Rebuilt. Recompiled against python3-3.7.2. l/pycairo-1.18.0-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/pycups-1.9.74-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/pycurl-7.43.0.2-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/pygobject-2.28.7-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/pygobject3-3.30.4-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/pyparsing-2.3.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-appdirs-1.4.3-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-certifi-2018.11.29-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-chardet-3.0.4-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-docutils-0.14-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-idna-2.8-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-notify2-0.3.1-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-packaging-19.0-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-pillow-5.4.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-requests-2.21.0-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-sane-2.8.3-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-six-1.12.0-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-urllib3-1.24.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/sip-4.19.8-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/system-config-printer-1.5.11-x86_64-4.txz: Rebuilt. Recompiled against python3-3.7.2. l/talloc-2.1.15-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/tdb-1.3.17-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/tevent-0.9.38-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/urwid-1.0.3-x86_64-4.txz: Rebuilt. Recompiled against python3-3.7.2. n/gpgme-1.12.0-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. n/obexftp-0.24.2-x86_64-4.txz: Rebuilt. Recompiled against python3-3.7.2. n/openvpn-2.4.7-x86_64-1.txz: Upgraded. n/pssh-2.3.1-x86_64-4.txz: Rebuilt. Recompiled against python3-3.7.2. x/libfontenc-1.1.4-x86_64-1.txz: Upgraded. x/xcalc-1.0.7-x86_64-1.txz: Upgraded. x/xcb-proto-1.13-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. x/xclock-1.0.8-x86_64-1.txz: Upgraded. x/xev-1.2.3-x86_64-1.txz: Upgraded. x/xfsinfo-1.0.6-x86_64-1.txz: Upgraded. x/xhost-1.0.8-x86_64-1.txz: Upgraded. x/xlsatoms-1.1.3-x86_64-1.txz: Upgraded. x/xmodmap-1.0.10-x86_64-1.txz: Upgraded. x/xrdb-1.2.0-x86_64-1.txz: Upgraded. x/xstdcmap-1.0.4-x86_64-1.txz: Upgraded. x/xvinfo-1.1.4-x86_64-1.txz: Upgraded. xap/blueman-2.0.8-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. xap/hexchat-2.14.2-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. extra/pure-alsa-system/alsa-lib-1.1.8-x86_64-2_alsa.txz: Rebuilt. Recompiled against python3-3.7.2. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20190220235917 Patrick J Volkerding2019-02-215-8/+11
* Fri Feb 8 22:04:46 UTC 2019...a/aaa_elflibs-15.0-x86_64-5.txz: Rebuilt. Upgraded: libglib-2.0.so.0.5800.3, libgmodule-2.0.so.0.5800.3, libgobject-2.0.so.0.5800.3, libgthread-2.0.so.0.5800.3, libidn2.so.0.3.5, libmpfr.so.6.0.2, libtdb.so.1.3.17 Removed: libidn2.so.4.0.0 ap/sqlite-3.27.1-x86_64-1.txz: Upgraded. l/libdvdread-6.0.1-x86_64-1.txz: Upgraded. l/libidn2-2.1.1-x86_64-1.txz: Upgraded. Shared library .so-version bump. This reverted back to .so.0 as the previous bump was apparently a mistake. l/libpsl-0.20.2-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/bind-9.12.3_P1-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/curl-7.64.0-x86_64-2.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/dhcpcd-7.1.1-x86_64-1.txz: Upgraded. n/dnsmasq-2.80-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/getmail-5.9-x86_64-1.txz: Upgraded. n/gnutls-3.6.6-x86_64-2.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/iputils-20180629-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/lftp-4.8.4-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/s-nail-14.9.11-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/wget-1.20.1-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/whois-5.4.1-x86_64-2.txz: Rebuilt. Recompiled against libidn2-2.1.1. x/ttf-tlwg-0.7.1-noarch-1.txz: Upgraded. xfce/xfwm4-4.12.5-x86_64-1.txz: Upgraded. 20190208220446 Patrick J Volkerding2019-02-0911-13/+12
* Thu Feb 7 22:28:19 UTC 2019...n/php-7.2.15-x86_64-1.txz: Upgraded. xap/network-manager-applet-1.8.20-x86_64-1.txz: Upgraded. extra/pure-alsa-system/ffmpeg-3.4.5-x86_64-2_alsa.txz: Rebuilt. Recompiled against libvpx-1.8.0. Reenabled libsmbclient support. extra/pure-alsa-system/gst-plugins-good-1.14.4-x86_64-2_alsa.txz: Rebuilt. Recompiled against libvpx-1.8.0. extra/pure-alsa-system/xine-lib-1.2.9-x86_64-4_alsa.txz: Rebuilt. Recompiled against libvpx-1.8.0. pasture/php-5.6.40-x86_64-1.txz: Upgraded. Several security bugs have been fixed in this release: GD: Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads to use-after-free). Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap). Mbstring: Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token). Fixed bug #77371 (heap buffer overflow in mb regex functions - compile_string_node). Fixed bug #77381 (heap buffer overflow in multibyte match_at). Fixed bug #77382 (heap buffer overflow due to incorrect length in expand_case_fold_string). Fixed bug #77385 (buffer overflow in fetch_token). Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode). Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code). Phar: Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext). Xmlrpc: Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()). Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code). For more information, see: https://php.net/ChangeLog-5.php#5.6.40 (* Security fix *) 20190207222819 Patrick J Volkerding2019-02-081-2/+2
* Wed Feb 6 22:44:32 UTC 2019...a/hwdata-0.320-noarch-1.txz: Upgraded. a/kernel-generic-4.19.20-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.20-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.20-x86_64-1.txz: Upgraded. a/mcelog-162-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.20-x86-1.txz: Upgraded. d/opencl-headers-2.2-noarch-2.txz: Rebuilt. Don't trigger "#pragma message" in cl_version.h when falling back on a default version of OpenCL to target. Applications such as ffmpeg detect this as an error and fail to compile. k/kernel-source-4.19.20-noarch-1.txz: Upgraded. l/ffmpeg-3.4.5-x86_64-2.txz: Rebuilt. Recompiled against libvpx-1.8.0. Reenabled libsmbclient support. l/gst-plugins-good-1.14.4-x86_64-2.txz: Rebuilt. Recompiled against libvpx-1.8.0. l/libvpx-1.8.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. n/curl-7.64.0-x86_64-1.txz: Upgraded. This release fixes the following security issues: NTLM type-2 out-of-bounds buffer read. NTLMv2 type-3 header stack buffer overflow. SMTP end-of-response out-of-bounds read. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823 (* Security fix *) n/samba-4.9.4-x86_64-2.txz: Rebuilt. Added time.h to libsmbclient.h to fix ffmpeg compatibility. Thanks to USUARIONUEVO. xap/xine-lib-1.2.9-x86_64-4.txz: Rebuilt. Recompiled against libvpx-1.8.0. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20190206224432 Patrick J Volkerding2019-02-075-5/+201
* Wed Feb 6 00:29:25 UTC 2019...ap/linuxdoc-tools-0.9.73-x86_64-1.txz: Upgraded. Upgraded to gtk-doc-1.29. Upgraded to asciidoc-8.6.10. Upgraded to perl-XML-SAX-1.00. Thanks to Stuart Winter. d/meson-0.49.2-x86_64-1.txz: Upgraded. d/python-setuptools-40.8.0-x86_64-1.txz: Upgraded. d/slacktrack-2.19-x86_64-1.txz: Upgraded. Thanks to Stuart Winter. l/imagemagick-6.9.10_26-x86_64-1.txz: Upgraded. n/dovecot-2.3.4.1-x86_64-1.txz: Upgraded. This update addresses security issues: CVE-2019-3814: If imap/pop3/managesieve/submission client has trusted certificate with missing username field (ssl_cert_username_field), under some configurations Dovecot mistakenly trusts the username provided via authentication instead of failing. ssl_cert_username_field setting was ignored with external SMTP AUTH, because none of the MTAs (Postfix, Exim) currently send the cert_username field. This may have allowed users with trusted certificate to specify any username in the authentication. This bug didn't affect Dovecot's Submission service. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3814 (* Security fix *) 20190206002925 Patrick J Volkerding2019-02-061-1/+1
* Sun Feb 3 20:26:34 UTC 2019...d/bison-3.3.2-x86_64-1.txz: Upgraded. n/dovecot-2.3.4-x86_64-2.txz: Rebuilt. Patched double free when used with MariaDB 10.3.x. Thanks to Thom1b. x/xkeyboard-config-2.26-noarch-1.txz: Upgraded. extra/bittorrent/bittorrent-4.4.0-noarch-4.txz: Removed. 20190203202634 Patrick J Volkerding2019-02-042-1/+39
* Sat Feb 2 22:09:17 UTC 2019...ap/qpdf-8.4.0-x86_64-1.txz: Upgraded. d/Cython-0.29.4-x86_64-1.txz: Upgraded. d/binutils-2.32-x86_64-1.txz: Upgraded. Shared library .so-version bump. Is it safe to use --enable-initfini-array yet? Guess we'll find out. d/cmake-3.13.4-x86_64-1.txz: Upgraded. d/mercurial-4.9-x86_64-1.txz: Upgraded. d/oprofile-1.3.0-x86_64-2.txz: Rebuilt. Recompiled against binutils-2.32. n/iw-5.0-x86_64-1.txz: Upgraded. n/mutt-1.11.3-x86_64-1.txz: Upgraded. x/libva-utils-2.4.0-x86_64-1.txz: Upgraded. 20190202220917 Patrick J Volkerding2019-02-032-5/+4
* Wed Jan 30 04:27:03 UTC 2019...d/bison-3.3.1-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_25-x86_64-1.txz: Upgraded. l/mozilla-nss-3.42-x86_64-1.txz: Upgraded. n/libgpg-error-1.35-x86_64-1.txz: Upgraded. n/whois-5.4.1-x86_64-1.txz: Upgraded. x/xf86-video-nouveau-1.0.16-x86_64-1.txz: Upgraded. xap/mozilla-firefox-60.5.0esr-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html https://www.mozilla.org/en-US/security/advisories/mfsa2019-02/ https://www.mozilla.org/en-US/security/advisories/mfsa2019-02/#CVE-2018-18500 https://www.mozilla.org/en-US/security/advisories/mfsa2019-02/#CVE-2018-18505 https://www.mozilla.org/en-US/security/advisories/mfsa2019-02/#CVE-2018-18501 (* Security fix *) xap/mozilla-thunderbird-60.5.0-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/60.5.0/releasenotes/ xfce/Thunar-1.8.4-x86_64-1.txz: Upgraded. 20190130042703 Patrick J Volkerding2019-01-301-1/+1
* Sat Jan 26 04:15:08 UTC 2019...a/mkinitrd-1.4.11-x86_64-11.txz: Rebuilt. setup.01.mkinitrd: revert to the previous command line for mkinitrd_command_generator.sh (the new one fails when called from the installer). 20190126041508 Patrick J Volkerding2019-01-261-1/+1
* Wed Jan 23 22:02:34 UTC 2019...a/bash-5.0.002-x86_64-2.txz: Rebuilt. Rebuilt with --libdir=/usr/lib${LIBDIRSUFFIX}. Thanks to RandomTroll. a/btrfs-progs-4.20.1-x86_64-1.txz: Upgraded. a/mkinitrd-1.4.11-x86_64-9.txz: Rebuilt. Automatically generate an initial ramdisk from the installer. Added 'geninitrd' script to generate an initial ramdisk for the kernel that /boot/vmlinuz-generic (and/or /boot/vmlinuz-generic-smp) points to. ap/man-db-2.8.5-x86_64-2.txz: Rebuilt. Comment out all the options in /etc/profile.d/man-db.{csh,sh} and let the user decide whether or not to choose anything. d/python-pip-19.0.1-x86_64-1.txz: Upgraded. l/mozilla-nss-3.41.1-x86_64-1.txz: Upgraded. n/dhcpcd-7.1.0-x86_64-1.txz: Upgraded. 20190123220234 Patrick J Volkerding2019-01-243-4/+4
* Wed Jan 23 04:39:04 UTC 2019...a/kernel-generic-4.19.17-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.17-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.17-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.17-x86-1.txz: Upgraded. d/scons-3.0.4-x86_64-1.txz: Upgraded. d/vala-0.42.5-x86_64-1.txz: Upgraded. k/kernel-source-4.19.17-noarch-1.txz: Upgraded. n/httpd-2.4.38-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. mod_session: mod_session_cookie does not respect expiry time allowing sessions to be reused. [Hank Ibell] mod_http2: fixes a DoS attack vector. By sending slow request bodies to resources not consuming them, httpd cleanup code occupies a server thread unnecessarily. This was changed to an immediate stream reset which discards all stream state and incoming data. [Stefan Eissing] mod_ssl: Fix infinite loop triggered by a client-initiated renegotiation in TLSv1.2 (or earlier) with OpenSSL 1.1.1 and later. PR 63052. [Joe Orton] For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0190 (* Security fix *) x/libdrm-2.4.97-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20190123043904 Patrick J Volkerding2019-01-231-2/+2
* Fri Jan 11 21:15:41 UTC 2019...a/bash-5.0.000-x86_64-1.txz: Upgraded. a/glibc-zoneinfo-2018i-noarch-1.txz: Upgraded. a/lzlib-1.11-x86_64-1.txz: Upgraded. ap/vim-8.1.0727-x86_64-1.txz: Upgraded. Fixed vimrc to work with "crontab -e" again now that cron's files have been moved into /run/cron/. Thanks to Andreas Vögel. d/subversion-1.11.1-x86_64-1.txz: Upgraded. n/irssi-1.1.2-x86_64-1.txz: Upgraded. This update addresses bugs including security and stability issues: A NULL pointer dereference occurs for an "empty" nick. Certain nick names could result in out-of-bounds access when printing theme strings. Crash due to a NULL pointer dereference w hen the number of windows exceeds the available space. Use-after-free when SASL messages are received in an unexpected order. Use-after-free when a server is disconnected during netsplits. Use-after-free when hidden lines were expired from the scroll buffer. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7050 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7051 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7052 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7053 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7054 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5882 (* Security fix *) xap/vim-gvim-8.1.0727-x86_64-1.txz: Upgraded. 20190111211541 Patrick J Volkerding2019-01-121-1/+1
* Thu Jan 10 22:32:08 UTC 2019...ap/qpdf-8.3.0-x86_64-1.txz: Upgraded. l/argon2-20171227-x86_64-1.txz: Added. This is a new dependency for the PHP package. n/libmbim-1.18.0-x86_64-1.txz: Upgraded. n/libqmi-1.22.0-x86_64-1.txz: Upgraded. n/php-7.2.14-x86_64-1.txz: Upgraded. Use --with-password-argon2. PHP now requires the new argon2 package. 20190110223208 Patrick J Volkerding2019-01-112-2/+3
* Wed Jan 9 03:21:06 UTC 2019...ap/alsa-utils-1.1.8-x86_64-1.txz: Upgraded. ap/gutenprint-5.3.1-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/alsa-lib-1.1.8-x86_64-1.txz: Upgraded. l/alsa-oss-1.1.8-x86_64-1.txz: Upgraded. l/alsa-plugins-1.1.8-x86_64-1.txz: Upgraded. extra/pure-alsa-system/alsa-lib-1.1.8-x86_64-1_alsa.txz: Upgraded. extra/pure-alsa-system/alsa-plugins-1.1.8-x86_64-1_alsa.txz: Upgraded. 20190109032106 Patrick J Volkerding2019-01-0924-1643/+760
* Sat Jan 5 20:04:43 UTC 2019...a/aaa_elflibs-15.0-x86_64-4.txz: Rebuilt. Upgraded: libfuse.so.2.9.9, libidn2.so.4.0.0. Kept (for now): libidn2.so.0.3.4. ap/vim-8.1.0693-x86_64-1.txz: Upgraded. l/fuse-2.9.9-x86_64-1.txz: Upgraded. l/libidn2-2.1.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/libpsl-0.20.2-x86_64-2.txz: Rebuilt. Recompiled against libidn2-2.1.0. n/bind-9.12.3_P1-x86_64-2.txz: Rebuilt. Recompiled against libidn2-2.1.0. n/curl-7.63.0-x86_64-2.txz: Rebuilt. Recompiled against libidn2-2.1.0. n/dnsmasq-2.80-x86_64-2.txz: Rebuilt. Recompiled against libidn2-2.1.0. n/gnutls-3.6.5-x86_64-2.txz: Rebuilt. Recompiled against libidn2-2.1.0. n/iputils-s20180629-x86_64-2.txz: Rebuilt. Recompiled against libidn2-2.1.0. n/lftp-4.8.4-x86_64-2.txz: Rebuilt. Recompiled against libidn2-2.1.0. n/s-nail-14.9.11-x86_64-2.txz: Rebuilt. Recompiled against libidn2-2.1.0. n/wget-1.20.1-x86_64-2.txz: Rebuilt. Recompiled against libidn2-2.1.0. n/whois-5.4.0-x86_64-2.txz: Rebuilt. Recompiled against libidn2-2.1.0. xap/vim-gvim-8.1.0693-x86_64-1.txz: Upgraded. 20190105200443 Patrick J Volkerding2019-01-0610-10/+10
* Mon Dec 31 21:33:54 UTC 2018...a/efibootmgr-17-x86_64-1.txz: Upgraded. a/efivar-37-x86_64-1.txz: Upgraded. d/cmake-3.13.2-x86_64-2.txz: Rebuilt. Work around build failures with recent doxygen. d/ruby-2.6.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. d/subversion-1.11.0-x86_64-2.txz: Rebuilt. Recompiled against ruby-2.6.0. kde/korundum-4.14.3-x86_64-7.txz: Rebuilt. Recompiled against ruby-2.6.0. kde/qtruby-4.14.3-x86_64-9.txz: Rebuilt. Recompiled against ruby-2.6.0. l/gobject-introspection-1.58.3-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_22-x86_64-1.txz: Upgraded. l/libssh-0.8.6-x86_64-1.txz: Upgraded. n/epic5-2.0.1-x86_64-8.txz: Rebuilt. Recompiled against ruby-2.6.0. n/tin-2.4.3-x86_64-1.txz: Upgraded. n/wireless_tools-30.pre9-x86_64-1.txz: Upgraded. x/xterm-341-x86_64-2.txz: Rebuilt. Install xterm app-defaults that resemble the Linux console. Thanks to GazL. 20181231213354 Patrick J Volkerding2019-01-015-19/+9
* Sat Dec 29 23:13:15 UTC 2018...a/kernel-generic-4.19.13-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.13-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.13-x86_64-1.txz: Upgraded. d/doxygen-1.8.15-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.13-x86-1.txz: Upgraded. k/kernel-source-4.19.13-noarch-1.txz: Upgraded. FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER y -> n l/libsecret-0.18.7-x86_64-1.txz: Upgraded. n/wpa_supplicant-2.6-x86_64-6.txz: Upgraded. It seems we're not the only ones with broken WPA2-Enterprise support with wpa_supplicant-2.7, so we'll fix it the same way as everyone else - by reverting to wpa_supplicant-2.6 for now. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. testing/packages/wpa_supplicant-2.7-x86_64-2.txz: Upgraded. Applied a patch from Gentoo to allow building CONFIG_IEEE80211X=y without the experimental CONFIG_FILS=y option. usb-and-pxe-installers/usbboot.img: Rebuilt. 20181229231315 Patrick J Volkerding2018-12-3015-585/+1586
* Fri Dec 28 00:23:43 UTC 2018...a/aaa_elflibs-15.0-x86_64-3.txz: Rebuilt. Moved libsigsegv.so.2 from /usr/lib{,64} to /lib{,64}. Upgraded: libcap.so.2.26, libelf-0.175.so, libfuse.so.2.9.8, libexpat.so.1.6.8, libglib-2.0.so.0.5800.2, libgmodule-2.0.so.0.5800.2, libgobject-2.0.so.0.5800.2, libgthread-2.0.so.0.5800.2, libjpeg.so.62.3.0, liblber-2.4.so.2.10.10, libldap-2.4.so.2.10.10, libpng16.so.16.36.0, libstdc++.so.6.0.25, libtdb.so.1.3.16, libtiff.so.5.4.0, libtiffxx.so.5.4.0, libturbojpeg.so.0.2.0. ap/vim-8.1.0648-x86_64-1.txz: Upgraded. d/nasm-2.14.02-x86_64-1.txz: Upgraded. d/strace-4.26-x86_64-1.txz: Upgraded. l/libsigsegv-2.12-x86_64-3.txz: Rebuilt. Moved shared library into /lib{,64} to avoid problems when /usr is on a separate partition. Thanks to TommyC7. But please note: that has never been a recommended configuration (it was always a bad idea prone to corner-case bugs), and with basically everyone else moving everything into /usr, no upstream is developing with this scenario in mind these days. Some of the problems caused by separate /usr are simply not possibly to fix in a straightforward fashion. Consider it a completely unsupported configuration choice. While it's not my style to make the installer refuse to allow it, I won't be bending over backwards to try to fix bugs related to this in the future. If I recall properly, the original rationale was to make it possible for /usr to reside on a shared network partition, which might have made sense back when 40MB was a typical hard drive size. I can think of no good rationale now (and no, I don't think making /usr read-only helps security in any tangible way). n/wget-1.20.1-x86_64-1.txz: Upgraded. x/xf86-video-chips-1.3.0-x86_64-1.txz: Upgraded. x/xf86-video-neomagic-1.3.0-x86_64-1.txz: Upgraded. x/xterm-341-x86_64-1.txz: Upgraded. xap/audacious-3.10.1-x86_64-1.txz: Upgraded. xap/audacious-plugins-3.10.1-x86_64-1.txz: Upgraded. xap/vim-gvim-8.1.0648-x86_64-1.txz: Upgraded. 20181228002343 Patrick J Volkerding2018-12-281-0/+1
* Sat Dec 22 04:38:27 UTC 2018...a/coreutils-8.30-x86_64-3.txz: Rebuilt. Support tmux terms in DIR_COLORS. Thanks to qunying. a/grep-3.3-x86_64-1.txz: Upgraded. a/kernel-generic-4.19.12-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.12-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.12-x86_64-1.txz: Upgraded. a/sed-4.7-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.12-x86-1.txz: Upgraded. d/rust-1.31.1-x86_64-1.txz: Upgraded. k/kernel-source-4.19.12-noarch-1.txz: Upgraded. l/graphite2-1.3.13-x86_64-1.txz: Upgraded. l/harfbuzz-2.3.0-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_19-x86_64-1.txz: Upgraded. l/lmdb-0.9.23-x86_64-1.txz: Upgraded. l/v4l-utils-1.16.3-x86_64-1.txz: Upgraded. n/netatalk-3.1.12-x86_64-1.txz: Upgraded. Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1160 (* Security fix *) n/openldap-client-2.4.47-x86_64-1.txz: Upgraded. n/samba-4.9.4-x86_64-1.txz: Upgraded. x/intel-vaapi-driver-2.3.0-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20181222043827 Patrick J Volkerding2018-12-223-4/+4
* Fri Dec 14 01:49:19 UTC 2018...a/kernel-generic-4.19.9-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.9-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.9-x86_64-1.txz: Upgraded. a/logrotate-3.15.0-x86_64-1.txz: Upgraded. d/cmake-3.13.2-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.9-x86-1.txz: Upgraded. d/python-setuptools-40.6.3-x86_64-1.txz: Upgraded. k/kernel-source-4.19.9-noarch-1.txz: Upgraded. l/gtk+3-3.24.2-x86_64-1.txz: Upgraded. l/libedit-20181209_3.1-x86_64-1.txz: Upgraded. l/python-six-1.12.0-x86_64-2.txz: Rebuilt. n/bind-9.12.3_P1-x86_64-1.txz: Upgraded. n/curl-7.63.0-x86_64-1.txz: Upgraded. n/ipset-7.1-x86_64-1.txz: Upgraded. n/libassuan-2.5.2-x86_64-1.txz: Upgraded. x/xf86-input-void-1.4.1-x86_64-1.txz: Upgraded. x/xterm-339-x86_64-1.txz: Upgraded. xap/gparted-0.33.0-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20181214014919 Patrick J Volkerding2018-12-143-26/+4
* Wed Dec 12 04:09:54 UTC 2018...l/librsvg-2.44.10-x86_64-1.txz: Upgraded. l/vte-0.54.3-x86_64-1.txz: Upgraded. n/ca-certificates-20181210-noarch-1.txz: Upgraded. x/mesa-18.3.1-x86_64-1.txz: Upgraded. x/xf86-video-i128-1.4.0-x86_64-1.txz: Upgraded. x/xf86-video-mga-2.0.0-x86_64-1.txz: Upgraded. x/xterm-338-x86_64-1.txz: Upgraded. xap/mozilla-firefox-60.4.0esr-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/ https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/#CVE-2018-17466 https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/#CVE-2018-18492 https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/#CVE-2018-18493 https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/#CVE-2018-18494 https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/#CVE-2018-18498 https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/#CVE-2018-12405 (* Security fix *) 20181212040954 Patrick J Volkerding2018-12-125-62/+23203
* Sat Dec 8 04:10:45 UTC 2018...a/btrfs-progs-v4.19.1-x86_64-1.txz: Upgraded. a/dbus-1.12.12-x86_64-1.txz: Upgraded. ap/cups-2.2.10-x86_64-1.txz: Upgraded. ap/cups-filters-1.21.5-x86_64-1.txz: Upgraded. ap/hplip-3.18.12-x86_64-1.txz: Upgraded. d/mercurial-4.8.1-x86_64-1.txz: Upgraded. d/rust-1.31.0-x86_64-1.txz: Upgraded. l/libpng-1.6.36-x86_64-1.txz: Upgraded. l/python-idna-2.8-x86_64-1.txz: Upgraded. n/ntp-4.2.8p12-x86_64-5.txz: Rebuilt. Fixed logrotate file. Thanks to allend and rworkman. n/php-7.2.13-x86_64-1.txz: Upgraded. This is a security release which also contains several minor bug fixes. For more information, see: https://php.net/ChangeLog-7.php#7.2.13 (* Security fix *) n/wpa_supplicant-2.7-x86_64-1.txz: Upgraded. x/mesa-18.3.0-x86_64-1.txz: Upgraded. x/xf86-video-i740-1.4.0-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-60.3.3-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/60.3.3/releasenotes/ xfce/thunar-volman-0.9.1-x86_64-1.txz: Upgraded. 20181208041045 Patrick J Volkerding2018-12-0819-1590/+590