| Commit message (Expand) | Author | Files | Lines |
2020-07-17 | Thu Jul 16 19:43:38 UTC 2020...a/kernel-generic-5.4.52-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.52-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.52-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.52-x86-1.txz: Upgraded.
d/rust-1.45.0-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.52-noarch-1.txz: Upgraded.
l/M2Crypto-0.36.0-x86_64-1.txz: Upgraded.
x/libevdev-1.9.1-x86_64-1.txz: Upgraded.
xap/pan-0.146-x86_64-2.txz: Rebuilt.
Fix posting errors with GMime3. Thanks to Detlef Graef.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20200716194338 | Patrick J Volkerding | 23 | -134/+483 |
2020-07-16 | Wed Jul 15 19:34:18 UTC 2020...a/kernel-firmware-20200715_69c7f0b-noarch-1.txz: Upgraded.
ap/soma-3.3.5-noarch-1.txz: Upgraded.
Thanks to David Woodfall.
d/cmake-3.18.0-x86_64-1.txz: Upgraded.
l/libzip-1.7.3-x86_64-1.txz: Upgraded.
20200715193418 | Patrick J Volkerding | 7 | -59/+90 |
2020-07-15 | Tue Jul 14 18:26:33 UTC 2020...d/python3-3.8.4-x86_64-1.txz: Upgraded.
n/NetworkManager-1.26.0-x86_64-1.txz: Upgraded.
n/bridge-utils-1.7-x86_64-1.txz: Upgraded.
20200714182633 | Patrick J Volkerding | 4 | -44/+62 |
2020-07-14 | Mon Jul 13 18:31:31 UTC 2020...a/kernel-firmware-20200713_3d3a06f-noarch-1.txz: Upgraded.
d/meson-0.55.0-x86_64-1.txz: Upgraded.
d/python-setuptools-49.2.0-x86_64-1.txz: Upgraded.
l/libcap-2.39-x86_64-1.txz: Upgraded.
l/libzip-1.7.2-x86_64-1.txz: Upgraded.
n/alpine-2.23.2-x86_64-1.txz: Upgraded.
n/libmilter-8.16.1-x86_64-1.txz: Upgraded.
n/mutt-1.14.6-x86_64-1.txz: Upgraded.
x/xterm-358-x86_64-1.txz: Upgraded.
extra/xfractint/xfractint-20.04p15-x86_64-1.txz: Upgraded.
20200713183131 | Patrick J Volkerding | 10 | -137/+127 |
2020-07-12 | Sat Jul 11 18:57:11 UTC 2020...a/bash-5.0.018-x86_64-1.txz: Upgraded.
d/python-setuptools-49.1.2-x86_64-1.txz: Upgraded.
l/ffmpeg-4.3.1-x86_64-1.txz: Upgraded.
xap/audacious-4.0.5-x86_64-1.txz: Upgraded.
xap/audacious-plugins-4.0.5-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/audacious-plugins-4.0.5-x86_64-1_alsa.txz: Upgraded.
extra/pure-alsa-system/ffmpeg-4.3.1-x86_64-1_alsa.txz: Upgraded.
20200711185711 | Patrick J Volkerding | 4 | -71/+144 |
2020-07-11 | Fri Jul 10 18:27:57 UTC 2020...a/logrotate-3.17.0-x86_64-1.txz: Upgraded.
ap/dash-0.5.11.1-x86_64-1.txz: Upgraded.
ap/neofetch-20200708_af2c02c-noarch-1.txz: Upgraded.
l/mpfr-4.1.0-x86_64-1.txz: Upgraded.
n/libmbim-1.24.2-x86_64-1.txz: Upgraded.
20200710182757 | Patrick J Volkerding | 4 | -54/+76 |
2020-07-10 | Fri Jul 10 00:40:43 UTC 2020...a/kernel-generic-5.4.51-x86_64-1.txz: Upgraded.
+EFI_CUSTOM_SSDT_OVERLAYS y
a/kernel-huge-5.4.51-x86_64-1.txz: Upgraded.
SPEAKUP y -> m
SPEAKUP_SYNTH_ACNTPC y -> m
SPEAKUP_SYNTH_ACNTSA y -> m
SPEAKUP_SYNTH_APOLLO y -> m
SPEAKUP_SYNTH_AUDPTR y -> m
SPEAKUP_SYNTH_BNS y -> m
SPEAKUP_SYNTH_DECEXT y -> m
SPEAKUP_SYNTH_DECTLK y -> m
SPEAKUP_SYNTH_DTLK y -> m
SPEAKUP_SYNTH_DUMMY y -> m
SPEAKUP_SYNTH_KEYPC y -> m
SPEAKUP_SYNTH_LTLK y -> m
SPEAKUP_SYNTH_SOFT y -> m
SPEAKUP_SYNTH_SPKOUT y -> m
SPEAKUP_SYNTH_TXPRT y -> m
+EFI_CUSTOM_SSDT_OVERLAYS y
a/kernel-modules-5.4.51-x86_64-1.txz: Upgraded.
ap/vim-8.2.1167-x86_64-1.txz: Upgraded.
d/Cython-0.29.21-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.51-x86-1.txz: Upgraded.
k/kernel-source-5.4.51-noarch-1.txz: Upgraded.
+EFI_CUSTOM_SSDT_OVERLAYS y
n/gnupg2-2.2.21-x86_64-1.txz: Upgraded.
x/mesa-20.1.3-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-78.0.2esr-x86_64-1.txz: Upgraded.
This release contains a security fix and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/78.0.2/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2020-28/
(* Security fix *)
xap/vim-gvim-8.2.1167-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
Speakup is included as modules which will need to be loaded manually,
for now at least.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Speakup is included as modules which will need to be loaded manually,
for now at least.
20200710004043 | Patrick J Volkerding | 47 | -267/+372 |
2020-07-09 | Wed Jul 8 20:56:51 UTC 2020...a/kernel-firmware-20200702_74ac3b5-noarch-1.txz: Upgraded.
a/sysvinit-2.97-x86_64-1.txz: Upgraded.
n/bind-9.16.5-x86_64-1.txz: Upgraded.
x/xf86-video-intel-20191028_5ca3ac1a-x86_64-1.txz: Upgraded.
20200708205651 | Patrick J Volkerding | 13 | -72/+113 |
2020-07-08 | Tue Jul 7 20:51:59 UTC 2020...l/alsa-lib-1.2.3.2-x86_64-1.txz: Upgraded.
l/dconf-editor-3.36.4-x86_64-1.txz: Upgraded.
l/fribidi-1.0.10-x86_64-1.txz: Upgraded.
l/libcap-2.38-x86_64-1.txz: Upgraded.
n/libgcrypt-1.8.6-x86_64-1.txz: Upgraded.
n/php-7.4.8-x86_64-1.txz: Upgraded.
n/rsync-3.2.2-x86_64-1.txz: Upgraded.
x/xterm-357-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-78.0.1esr-x86_64-2.txz: Rebuilt.
Recompiled with --enable-default-toolkit=cairo-gtk3-wayland.
xap/seamonkey-2.53.3-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.3
(* Security fix *)
extra/pure-alsa-system/alsa-lib-1.2.3.2-x86_64-1_alsa.txz: Upgraded.
20200707205159 | Patrick J Volkerding | 7 | -104/+147 |
2020-07-06 | Sun Jul 5 19:43:59 UTC 2020...ap/mpg123-1.26.2-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.10_23-x86_64-1.txz: Upgraded.
l/libevent-2.1.12-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/mpg123-1.26.2-x86_64-1_alsa.txz: Upgraded.
extra/sendmail/sendmail-8.16.1-x86_64-1.txz: Upgraded.
extra/sendmail/sendmail-cf-8.16.1-noarch-1.txz: Upgraded.
20200705194359 | Patrick J Volkerding | 7 | -317/+98 |
2020-07-05 | Sat Jul 4 18:59:06 UTC 2020...a/hwdata-0.337-noarch-1.txz: Upgraded.
d/python-setuptools-49.1.0-x86_64-1.txz: Upgraded.
l/libcap-2.37-x86_64-1.txz: Upgraded.
l/librsvg-2.48.8-x86_64-1.txz: Upgraded.
l/libuv-1.38.1-x86_64-1.txz: Upgraded.
l/libvorbis-1.3.7-x86_64-1.txz: Upgraded.
Fix out-of-bounds read encoding very low sample rates.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10393
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14160
(* Security fix *)
20200704185906 | Patrick J Volkerding | 5 | -60/+97 |
2020-07-04 | Fri Jul 3 20:28:47 UTC 2020...a/btrfs-progs-5.7-x86_64-1.txz: Upgraded.
a/dbus-1.12.20-x86_64-1.txz: Upgraded.
d/help2man-1.47.16-x86_64-1.txz: Upgraded.
d/python-setuptools-48.0.0-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-78.0.1esr-x86_64-1.txz: Upgraded.
Updated to the new 78.x ESR release. :-)
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/78.0.1/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2020-24/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12416
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12417
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12418
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12419
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12420
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12402
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12421
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12422
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12423
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12424
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12425
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12426
(* Security fix *)
extra/pure-alsa-system/alsa-lib-1.2.3.1-x86_64-1_alsa.txz: Upgraded.
extra/pure-alsa-system/xfce4-mixer-4.11.0-x86_64-2_alsa.txz: Rebuilt.
Recompiled against keybinder3-3.0_0.3.2.
20200703202847 | Patrick J Volkerding | 6 | -72/+135 |
2020-07-03 | Thu Jul 2 19:18:33 UTC 2020...d/mercurial-5.4.2-x86_64-1.txz: Upgraded.
d/nasm-2.15.02-x86_64-1.txz: Upgraded.
l/glib2-2.64.4-x86_64-1.txz: Upgraded.
n/samba-4.12.5-x86_64-1.txz: Upgraded.
x/libXaw3dXft-1.6.2g-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-68.10.0-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.10.0/releasenotes/
20200702191833 | Patrick J Volkerding | 5 | -60/+92 |
2020-07-02 | Wed Jul 1 19:15:58 UTC 2020...a/kernel-generic-5.4.50-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.50-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.50-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.50-x86-1.txz: Upgraded.
k/kernel-source-5.4.50-noarch-1.txz: Upgraded.
l/netpbm-10.91.00-x86_64-1.txz: Upgraded.
l/python-pillow-7.2.0-x86_64-1.txz: Upgraded.
n/curl-7.71.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20200701191558 | Patrick J Volkerding | 20 | -165/+148 |
2020-07-01 | Tue Jun 30 18:56:59 UTC 2020...a/kernel-firmware-20200629_1a0c0c2-noarch-1.txz: Upgraded.
ap/mariadb-10.5.4-x86_64-2.txz: Rebuilt.
rc.mysqld: stop the database by PID to avoid improperly stopping other
instances that were not started by this script. Thanks to denydias.
d/vala-0.48.7-x86_64-1.txz: Upgraded.
l/opusfile-0.12-x86_64-1.txz: Upgraded.
n/ca-certificates-20200630-noarch-1.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
x/libwacom-1.4.1-x86_64-1.txz: Upgraded.
20200630185659 | Patrick J Volkerding | 9 | -1290/+678 |
2020-06-30 | Mon Jun 29 18:21:49 UTC 2020...a/haveged-1.9.13-x86_64-1.txz: Upgraded.
a/util-linux-2.35.2-x86_64-5.txz: Rebuilt.
Also fix chsh when linked with libreadline. Thanks to Karel Zak.
l/gtk+3-3.24.21-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.10.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.10.0/releasenotes/
(* Security fix *)
20200629182149 | Patrick J Volkerding | 7 | -68/+159 |
2020-06-29 | Sun Jun 28 21:57:58 UTC 2020...x/libwacom-1.4-x86_64-2.txz: Rebuilt.
Fix joystick property matching in udev rule. Thanks to Pixxt.
20200628215758 | Patrick J Volkerding | 11 | -74/+170 |
2020-06-27 | Fri Jun 26 19:18:25 UTC 2020...a/sysklogd-2.1.2-x86_64-1.txz: Upgraded.
Make sure to move the .new init script and config into place for this.
ap/undervolt-20200612_07d0c70-x86_64-1.txz: Added.
l/popt-1.18-x86_64-1.txz: Upgraded.
x/libglvnd-1.3.2-x86_64-1.txz: Upgraded.
x/libva-2.8.0-x86_64-1.txz: Upgraded.
x/libva-utils-2.8.0-x86_64-1.txz: Upgraded.
20200626191825 | Patrick J Volkerding | 23 | -275/+405 |
2020-06-26 | Thu Jun 25 18:15:39 UTC 2020...a/kernel-generic-5.4.49-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.49-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.49-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.49-x86-1.txz: Upgraded.
k/kernel-source-5.4.49-noarch-1.txz: Upgraded.
l/xxHash-0.7.4-x86_64-1.txz: Upgraded.
x/mesa-20.1.2-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20200625181539 | Patrick J Volkerding | 16 | -104/+136 |
2020-06-25 | Wed Jun 24 20:06:50 UTC 2020...ap/mariadb-10.5.4-x86_64-1.txz: Upgraded.
d/guile-3.0.4-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Looks like the previous bump was a mistake:
This release fixes the SONAME of libguile-3.0.so, which was erroneously
bumped in 3.0.3 compared to 3.0.2. Distributions are strongly
encouraged to use 3.0.4 instead of 3.0.3.
d/make-4.2.1-x86_64-7.txz: Rebuilt.
Recompiled against guile-3.0.4.
l/libjpeg-turbo-2.0.5-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
Fixed an issue in the PPM reader that caused a buffer overrun in cjpeg,
TJBench, or the `tjLoadImage()` function if one of the values in a binary
PPM/PGM input file exceeded the maximum value defined in the file's header
and that maximum value was less than 255.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13790
(* Security fix *)
n/ModemManager-1.14.0-x86_64-1.txz: Upgraded.
n/curl-7.71.0-x86_64-1.txz: Upgraded.
This update fixes security issues:
curl overwrite local file with -J [111]
Partial password leak over DNS on HTTP redirect [48]
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
(* Security fix *)
n/gnutls-3.6.14-x86_64-3.txz: Rebuilt.
Recompiled against guile-3.0.4.
n/mutt-1.14.5-x86_64-1.txz: Upgraded.
x/libwacom-1.4-x86_64-1.txz: Upgraded.
20200624200650 | Patrick J Volkerding | 8 | -3458/+3533 |
2020-06-24 | Tue Jun 23 21:49:49 UTC 2020...ap/man-db-2.9.3-x86_64-1.txz: Upgraded.
ap/mariadb-10.4.13-x86_64-3.txz: Rebuilt.
Recompiled to pick up lz4 support. Thanks to Heinz Wiesinger.
ap/squashfs-tools-4.4-x86_64-2.txz: Rebuilt.
Added lz4 support. Thanks to Heinz Wiesinger.
d/ccache-3.7.10-x86_64-1.txz: Upgraded.
d/parallel-20200622-noarch-1.txz: Upgraded.
d/subversion-1.14.0-x86_64-2.txz: Rebuilt.
Use the system lz4 library. Thanks to Heinz Wiesinger.
l/imagemagick-7.0.10_21-x86_64-1.txz: Upgraded.
l/libarchive-3.4.3-x86_64-2.txz: Rebuilt.
Recompiled to pick up lz4 support. Thanks to Heinz Wiesinger.
l/lz4-1.9.2-x86_64-1.txz: Added.
This is a new dependency for dovecot, libarchive, mariadb, rsync,
squashfs-tools, subversion, and zstd. Thanks to Heinz Wiesinger.
l/xxHash-0.7.3-x86_64-1.txz: Added.
This is a new dependency for rsync.
l/zstd-1.4.5-x86_64-2.txz: Rebuilt.
Recompiled to pick up lz4 support. Thanks to Heinz Wiesinger.
n/dovecot-2.3.10.1-x86_64-2.txz: Rebuilt.
Recompiled to pick up lz4 support. Thanks to Heinz Wiesinger.
n/libmbim-1.24.0-x86_64-1.txz: Upgraded.
n/nfs-utils-2.5.1-x86_64-1.txz: Upgraded.
n/ntp-4.2.8p15-x86_64-1.txz: Upgraded.
This release fixes one vulnerability: Associations that use CMAC
authentication between ntpd from versions 4.2.8p11/4.3.97 and
4.2.8p14/4.3.100 will leak a small amount of memory for each packet.
Eventually, ntpd will run out of memory and abort.
(* Security fix *)
n/rsync-3.2.1-x86_64-1.txz: Upgraded.
Please note that this update requires the new packages xxHash and lz4.
t/texlive-2020.200608-x86_64-1.txz: Upgraded.
Thanks to Johannes Schoepfer.
xap/blueman-2.1.3-x86_64-2.txz: Rebuilt.
As a matter of policy and since the rule already exists in
/usr/share/polkit-1/rules.d/, we should not install a rules file in /etc.
Note that since the file was installed as a .new, upgrading the package
will not remove it and it will need to be removed manually. It's harmless
if it remains, though.
Thanks to Robby Workman.
xap/network-manager-applet-1.18.0-x86_64-1.txz: Upgraded.
20200623214949 | Patrick J Volkerding | 41 | -7829/+4149 |
2020-06-23 | Mon Jun 22 20:20:12 UTC 2020...a/kernel-generic-5.4.48-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.48-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.48-x86_64-1.txz: Upgraded.
ap/neofetch-20200613_5b8eea9-x86_64-1.txz: Added.
All the cool kids are including this. ;-)
ap/texinfo-6.7-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.32.0.
ap/vim-8.2.1039-x86_64-1.txz: Upgraded.
Compiled against perl-5.32.0.
d/check-0.15.0-x86_64-1.txz: Upgraded.
d/guile-3.0.3-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/kernel-headers-5.4.48-x86-1.txz: Upgraded.
d/make-4.2.1-x86_64-6.txz: Rebuilt.
Recompiled against guile-3.0.3.
d/perl-5.32.0-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.48-noarch-1.txz: Upgraded.
kde/perlkde-4.14.3-x86_64-9.txz: Rebuilt.
Recompiled against perl-5.32.0.
kde/perlqt-4.14.3-x86_64-10.txz: Rebuilt.
Recompiled against perl-5.32.0.
l/harfbuzz-2.6.8-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.10_20-x86_64-1.txz: Upgraded.
l/neon-0.31.2-x86_64-1.txz: Upgraded.
l/python-certifi-2020.6.20-x86_64-1.txz: Upgraded.
n/alpine-2.23-x86_64-1.txz: Upgraded.
n/epic5-2.1.2-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.32.0.
n/gnutls-3.6.14-x86_64-2.txz: Rebuilt.
Recompiled against guile-3.0.3.
n/irssi-1.2.2-x86_64-3.txz: Rebuilt.
Recompiled against perl-5.32.0.
n/libqmi-1.26.0-x86_64-1.txz: Upgraded.
n/net-snmp-5.8-x86_64-6.txz: Rebuilt.
Recompiled against perl-5.32.0.
n/ntp-4.2.8p14-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.32.0.
xap/hexchat-2.14.3-x86_64-3.txz: Rebuilt.
Recompiled against perl-5.32.0.
xap/rxvt-unicode-9.22-x86_64-8.txz: Rebuilt.
Recompiled against perl-5.32.0.
xap/vim-gvim-8.2.1039-x86_64-1.txz: Upgraded.
Compiled against perl-5.32.0.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20200622202012 | Patrick J Volkerding | 47 | -255/+565 |
2020-06-19 | Fri Jun 19 19:59:04 UTC 2020...a/haveged-1.9.12-x86_64-1.txz: Upgraded.
a/kernel-firmware-20200619_3890db3-noarch-1.txz: Upgraded.
a/sysvinit-scripts-2.1-noarch-34.txz: Rebuilt.
rc.M: check for elogind first so that we can ignore a stale CK2 package.
ap/sudo-1.9.1-x86_64-1.txz: Upgraded.
l/alsa-lib-1.2.3.1-x86_64-1.txz: Upgraded.
l/desktop-file-utils-0.26-x86_64-1.txz: Upgraded.
n/mutt-1.14.4-x86_64-1.txz: Upgraded.
x/libinput-1.15.6-x86_64-1.txz: Upgraded.
x/xinit-1.4.1-x86_64-2.txz: Rebuilt.
When using elogind, start the session on the current console.
Thanks to alienBOB.
20200619195904 | Patrick J Volkerding | 10 | -85/+125 |
2020-06-19 | Thu Jun 18 22:01:29 UTC 2020...a/kernel-generic-5.4.47-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.47-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.47-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-2.1-noarch-33.txz: Rebuilt.
rc.M: add support for elogind. Thanks to alienBOB.
a/util-linux-2.35.2-x86_64-3.txz: Rebuilt.
/etc/pam.d/login: support pam_elogind.so. Thanks to alienBOB.
ap/sqlite-3.32.3-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.47-x86-1.txz: Upgraded.
d/rust-1.44.1-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.47-noarch-1.txz: Upgraded.
n/bind-9.16.4-x86_64-1.txz: Upgraded.
This update fixes two security issues:
It was possible to trigger an INSIST when determining whether a record would
fit into a TCP message buffer.
It was possible to trigger an INSIST in lib/dns/rbtdb.c:new_reference() with
a particular zone content and query patterns.
For more information, see:
https://kb.isc.org/docs/cve-2020-8618
https://kb.isc.org/docs/cve-2020-8619
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8618
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20200618220129 | Patrick J Volkerding | 22 | -132/+199 |
2020-06-18 | Wed Jun 17 19:42:26 UTC 2020...ap/nvme-cli-1.12-x86_64-1.txz: Upgraded.
d/python-setuptools-47.3.1-x86_64-1.txz: Upgraded.
l/lcms2-2.11-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.53.1-x86_64-1.txz: Upgraded.
l/python-requests-2.24.0-x86_64-1.txz: Upgraded.
20200617194226 | Patrick J Volkerding | 6 | -56/+78 |
2020-06-17 | Tue Jun 16 20:50:41 UTC 2020...a/shadow-4.8.1-x86_64-10.txz: Rebuilt.
system-auth: auth required pam_unix.so [...], otherwise the stack exits
before pam_gnome_keyring.so executes. Thanks to pyllyukko.
Get rid of "auth required pam_deny.so" which seems like a mistake.
Still pending: consider GazL's comments on moving stuff out of system-auth.
a/upower-0.9.23-x86_64-5.txz: Rebuilt.
Recompiled against libimobiledevice-20200615_4791a82 and libplist-2.2.0.
The renaming mess initiated by libplist required a rebuild on this one to
keep things consistent for now, but don't worry - we aren't going to be
sticking to this version for long or anything.
ap/hplip-3.20.6-x86_64-1.txz: Upgraded.
ap/usbmuxd-20200615_3daa1e9-x86_64-1.txz: Upgraded.
Compiled against libimobiledevice-20200615_4791a82 and libplist-2.2.0.
d/bison-3.6.4-x86_64-1.txz: Upgraded.
d/meson-0.54.3-x86_64-1.txz: Upgraded.
d/python-setuptools-47.3.0-x86_64-1.txz: Upgraded.
l/ffmpeg-4.3-x86_64-1.txz: Upgraded.
l/gvfs-1.44.1-x86_64-2.txz: Rebuilt.
Recompiled against libimobiledevice-20200615_4791a82 and libplist-2.2.0.
l/libgpod-0.8.3-x86_64-7.txz: Rebuilt.
Recompiled against libimobiledevice-20200615_4791a82 and libplist-2.2.0.
l/libimobiledevice-20200615_4791a82-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libplist-2.2.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libusbmuxd-20200615_c7d7d1a-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/fetchmail-6.4.8-x86_64-1.txz: Upgraded.
n/nftables-0.9.6-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/ffmpeg-4.3-x86_64-1_alsa.txz: Upgraded.
20200616205041 | Patrick J Volkerding | 12 | -123/+214 |
2020-06-16 | Mon Jun 15 18:45:08 UTC 2020...a/file-5.39-x86_64-1.txz: Upgraded.
n/mutt-1.14.3-x86_64-1.txz: Upgraded.
n/postfix-3.5.3-x86_64-1.txz: Upgraded.
x/twm-1.0.11-x86_64-1.txz: Upgraded.
20200615184508 | Patrick J Volkerding | 6 | -49/+69 |
2020-06-15 | Sun Jun 14 19:29:20 UTC 2020...a/haveged-1.9.11-x86_64-1.txz: Upgraded.
l/libvncserver-0.9.13-x86_64-1.txz: Upgraded.
n/libnetfilter_queue-1.0.5-x86_64-1.txz: Upgraded.
x/vulkan-sdk-1.2.141.0-x86_64-1.txz: Upgraded.
xap/xlockmore-5.64-x86_64-1.txz: Upgraded.
20200614192920 | Patrick J Volkerding | 12 | -167/+100 |
2020-06-14 | Sat Jun 13 20:40:31 UTC 2020...a/pam-1.4.0-x86_64-1.txz: Upgraded.
IMPORTANT NOTE: This update removes the pam_cracklib and pam_tally2 modules.
None of our current configuration files in /etc/pam.d/ use either of those,
but if the configuration files on your machine do you'll need to comment out
or remove those lines, otherwise you may experience login failures.
a/shadow-4.8.1-x86_64-9.txz: Rebuilt.
/etc/pam.d/system-auth: prefix lines that call pam_gnome_keyring.so with '-'
to avoid spamming the logs about failures.
a/sysvinit-scripts-2.1-noarch-32.txz: Rebuilt.
rc.S: create /var/run/faillock directory for pam_faillock(8).
a/util-linux-2.35.2-x86_64-2.txz: Rebuilt.
/etc/pam.d/login: change the example for locking an account for too many
failed login attempts to use pam_faillock instead of pam_tally2.
l/imagemagick-7.0.10_19-x86_64-1.txz: Upgraded.
l/libzip-1.7.1-x86_64-1.txz: Upgraded.
n/openssh-8.3p1-x86_64-2.txz: Rebuilt.
/etc/pam.d/sshd: change the example for locking an account for too many
failed login attempts to use pam_faillock instead of pam_tally2.
20200613204031 | Patrick J Volkerding | 17 | -161/+201 |
2020-06-13 | Fri Jun 12 19:05:51 UTC 2020...ap/powertop-2.13-x86_64-1.txz: Upgraded.
l/elfutils-0.180-x86_64-1.txz: Upgraded.
l/fuse3-3.9.2-x86_64-1.txz: Upgraded.
n/alpine-2.22.1-x86_64-1.txz: Upgraded.
20200612190551 | Patrick J Volkerding | 5 | -49/+69 |
2020-06-12 | Thu Jun 11 21:17:43 UTC 2020...a/haveged-1.9.10-x86_64-1.txz: Upgraded.
ap/alsa-utils-1.2.3-x86_64-2.txz: Rebuilt.
This version seems good, but we'll recompile it against alsa-lib-1.2.2 just
to be on the safe side.
d/patchelf-0.11-x86_64-1.txz: Upgraded.
l/alsa-lib-1.2.2-x86_64-1.txz: Upgraded.
Revert to this version of alsa-lib due to the pulseaudio daemon crashing in
some cases where multiple audio devices are present.
extra/pure-alsa-system/alsa-lib-1.2.2-x86_64-1_alsa.txz: Upgraded.
Revert to this version of alsa-lib due to the pulseaudio daemon crashing in
some cases where multiple audio devices are present.
20200611211743 | Patrick J Volkerding | 9 | -66/+103 |
2020-06-11 | Wed Jun 10 23:15:33 UTC 2020...a/kernel-generic-5.4.46-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.46-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.46-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.46-x86-1.txz: Upgraded.
k/kernel-source-5.4.46-noarch-1.txz: Upgraded.
l/QScintilla-2.11.5-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20200610231533 | Patrick J Volkerding | 17 | -130/+184 |
2020-06-10 | Tue Jun 9 22:11:00 UTC 2020...ap/alsa-utils-1.2.3-x86_64-1.txz: Upgraded.
l/PyQt5-5.15.0-x86_64-1.txz: Upgraded.
l/alsa-lib-1.2.3-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.10_18-x86_64-1.txz: Upgraded.
l/sip-4.19.23-x86_64-1.txz: Upgraded.
l/xapian-core-1.4.16-x86_64-1.txz: Upgraded.
n/php-7.4.7-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/alsa-lib-1.2.3-x86_64-1_alsa.txz: Upgraded.
20200609221100 | Patrick J Volkerding | 7 | -83/+113 |
2020-06-08 | Mon Jun 8 19:35:33 UTC 2020...l/babl-0.1.78-x86_64-1.txz: Upgraded.
l/gegl-0.4.24-x86_64-1.txz: Upgraded.
l/qt5-webkit-5.212.0_alpha4-x86_64-3.txz: Rebuilt.
n/libnetfilter_queue-1.0.4-x86_64-1.txz: Upgraded.
x/liberation-fonts-ttf-2.1.1-noarch-1.txz: Upgraded.
xap/gimp-2.10.20-x86_64-1.txz: Upgraded.
20200608193533 | Patrick J Volkerding | 8 | -63/+91 |
2020-06-08 | Sun Jun 7 23:31:27 UTC 2020...a/kernel-generic-5.4.45-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.45-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.45-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.45-x86-1.txz: Upgraded.
k/kernel-source-5.4.45-noarch-1.txz: Upgraded.
l/imagemagick-7.0.10_17-x86_64-1.txz: Upgraded.
l/python-certifi-2020.4.5.2-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20200607233127 | Patrick J Volkerding | 19 | -123/+160 |
2020-06-07 | Sun Jun 7 01:56:26 UTC 2020...d/mercurial-5.4.1-x86_64-1.txz: Upgraded.
l/libzip-1.7.0-x86_64-1.txz: Upgraded.
n/libnftnl-1.1.7-x86_64-1.txz: Upgraded.
n/nftables-0.9.5-x86_64-1.txz: Upgraded.
20200607015626 | Patrick J Volkerding | 4 | -44/+64 |
2020-06-06 | Fri Jun 5 20:30:12 UTC 2020...ap/cups-filters-1.27.5-x86_64-1.txz: Upgraded.
ap/dash-0.5.11-x86_64-1.txz: Upgraded.
d/rust-1.44.0-x86_64-1.txz: Upgraded.
l/librsvg-2.48.7-x86_64-1.txz: Upgraded.
n/ethtool-5.7-x86_64-1.txz: Upgraded.
x/xkeyboard-config-2.30-noarch-1.txz: Upgraded.
20200605203012 | Patrick J Volkerding | 13 | -330/+107 |
2020-06-05 | Thu Jun 4 17:58:17 UTC 2020...ap/sqlite-3.32.2-x86_64-1.txz: Upgraded.
ap/vim-8.2.0901-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-68.9.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.9.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2020-22/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12398
(* Security fix *)
xap/vim-gvim-8.2.0901-x86_64-1.txz: Upgraded.
20200604175817 | Patrick J Volkerding | 3 | -41/+91 |
2020-06-04 | Wed Jun 3 20:21:52 UTC 2020...a/dbus-1.12.18-x86_64-1.txz: Upgraded.
a/kernel-generic-5.4.44-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.44-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.44-x86_64-1.txz: Upgraded.
d/bison-3.6.3-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.44-x86-1.txz: Upgraded.
d/subversion-1.14.0-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.44-noarch-1.txz: Upgraded.
l/harfbuzz-2.6.7-x86_64-1.txz: Upgraded.
l/libcap-2.36-x86_64-1.txz: Upgraded.
l/librsvg-2.48.6-x86_64-1.txz: Upgraded.
n/gnutls-3.6.14-x86_64-1.txz: Upgraded.
Fixed insecure session ticket key construction, since 3.6.4. The TLS server
would not bind the session ticket encryption key with a value supplied by
the application until the initial key rotation, allowing attacker to bypass
authentication in TLS 1.3 and recover previous conversations in TLS 1.2.
[GNUTLS-SA-2020-06-03, CVSS: high]
(* Security fix *)
n/iproute2-5.7.0-x86_64-1.txz: Upgraded.
n/iptables-1.8.5-x86_64-1.txz: Upgraded.
xap/audacious-4.0.4-x86_64-1.txz: Upgraded.
xap/audacious-plugins-4.0.4-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/audacious-plugins-4.0.4-x86_64-1_alsa.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20200603202152 | Patrick J Volkerding | 22 | -189/+262 |
2020-06-03 | Tue Jun 2 19:31:39 UTC 2020...a/hwdata-0.336-noarch-1.txz: Upgraded.
ap/man-db-2.9.2-x86_64-1.txz: Upgraded.
d/git-2.27.0-x86_64-1.txz: Upgraded.
d/perl-5.30.3-x86_64-1.txz: Upgraded.
Upgraded to IO-Socket-SSL-2.068.
d/strace-5.7-x86_64-1.txz: Upgraded.
l/libyaml-0.2.5-x86_64-1.txz: Upgraded.
n/ca-certificates-20200602-noarch-1.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
n/nghttp2-1.41.0-x86_64-1.txz: Upgraded.
This update fixes a security issue where an overly large HTTP/2 SETTINGS
frame payload causes a denial of service.
For more information, see:
https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11080
(* Security fix *)
n/proftpd-1.3.6d-x86_64-1.txz: Upgraded.
This is a bugfix release:
Fixed issue with FTPS uploads of large files using TLSv1.3 (Issue #959).
x/intel-vaapi-driver-2.4.1-x86_64-1.txz: Upgraded.
20200602193139 | Patrick J Volkerding | 7 | -105/+205 |
2020-06-02 | Mon Jun 1 18:27:22 UTC 2020...a/pciutils-3.7.0-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.10_16-x86_64-1.txz: Upgraded.
l/lcms2-2.10-x86_64-1.txz: Upgraded.
l/netpbm-10.90.03-x86_64-1.txz: Upgraded.
l/qt5-5.15.0-x86_64-1.txz: Upgraded.
n/iptraf-ng-1.2.0-x86_64-1.txz: Upgraded.
xap/gnuchess-6.2.7-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.9.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.9.0/releasenotes/
(* Security fix *)
extra/pure-alsa-system/qt5-5.15.0-x86_64-1_alsa.txz: Upgraded.
20200601182722 | Patrick J Volkerding | 15 | -3048/+3005 |
2020-05-31 | Sat May 30 21:31:07 UTC 2020...ap/mpg123-1.26.1-x86_64-1.txz: Upgraded.
d/gyp-20200512_caa60026-x86_64-1.txz: Added.
l/Mako-1.1.3-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.10_15-x86_64-1.txz: Upgraded.
l/librsvg-2.48.5-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.53-x86_64-1.txz: Upgraded.
l/vte-0.60.3-x86_64-1.txz: Upgraded.
n/libgpg-error-1.38-x86_64-1.txz: Upgraded.
n/libqmi-1.24.14-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/mpg123-1.26.1-x86_64-1_alsa.txz: Upgraded.
20200530213107 | Patrick J Volkerding | 19 | -133/+523 |
2020-05-30 | Fri May 29 21:27:09 UTC 2020...a/mcelog-170-x86_64-1.txz: Upgraded.
ap/nvme-cli-1.11.2-x86_64-1.txz: Upgraded.
d/python-setuptools-47.1.1-x86_64-1.txz: Upgraded.
l/glib-networking-2.64.3-x86_64-1.txz: Upgraded.
n/NetworkManager-1.24.2-x86_64-1.txz: Upgraded.
n/fetchmail-6.4.6-x86_64-1.txz: Upgraded.
20200529212709 | Patrick J Volkerding | 3 | -55/+79 |
2020-05-29 | Thu May 28 18:20:36 UTC 2020...a/cryptsetup-2.3.3-x86_64-1.txz: Upgraded.
a/kernel-generic-5.4.43-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.43-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.43-x86_64-1.txz: Upgraded.
d/cmake-3.17.3-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.43-x86-1.txz: Upgraded.
d/python-setuptools-47.1.0-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.43-noarch-1.txz: Upgraded.
l/babl-0.1.76-x86_64-1.txz: Upgraded.
n/openssh-8.3p1-x86_64-1.txz: Upgraded.
n/rp-pppoe-3.14-x86_64-1.txz: Upgraded.
x/libdrm-2.4.102-x86_64-1.txz: Upgraded.
x/mesa-20.1.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20200528182036 | Patrick J Volkerding | 20 | -166/+208 |
2020-05-26 | Tue May 26 20:35:03 UTC 2020...ap/mpg123-1.26.0-x86_64-1.txz: Upgraded.
ap/sqlite-3.32.1-x86_64-1.txz: Upgraded.
l/keybinder-0.3.1-x86_64-2.txz: Removed.
l/keybinder3-3.0_0.3.2-x86_64-1.txz: Added.
n/krb5-1.18.2-x86_64-1.txz: Upgraded.
n/mutt-1.14.2-x86_64-1.txz: Upgraded.
xap/gnuplot-5.2.8-x86_64-2.txz: Rebuilt.
Rebuilt with Qt5 (uses anti-aliasing to improve the plot output).
extra/aspell-word-lists/aspell-pt-0.50_2-x86_64-5.txz: Removed.
extra/aspell-word-lists/aspell-pt_PT-20190329_0-x86_64-1.txz: Upgraded.
Thanks to sairum for the link to a better word list.
extra/aspell-word-lists/aspell-pt_PT-preao-20190329_0-x86_64-1.txz: Added.
Thanks to sairum for the link to a better word list.
extra/pure-alsa-system/mpg123-1.26.0-x86_64-1_alsa.txz: Upgraded.
20200526203503 | Patrick J Volkerding | 21 | -225/+213 |
2020-05-25 | Sun May 24 18:35:29 UTC 2020...ap/nano-4.9.3-x86_64-1.txz: Upgraded.
ap/sqlite-3.32.0-x86_64-1.txz: Upgraded.
d/gdb-9.2-x86_64-1.txz: Upgraded.
d/parallel-20200522-noarch-1.txz: Upgraded.
l/imagemagick-7.0.10_14-x86_64-1.txz: Upgraded.
l/libgphoto2-2.5.25-x86_64-1.txz: Upgraded.
n/libksba-1.4.0-x86_64-1.txz: Upgraded.
xfce/thunar-1.8.15-x86_64-1.txz: Upgraded.
20200524183529 | Patrick J Volkerding | 7 | -78/+108 |
2020-05-23 | Sat May 23 00:13:54 UTC 2020...l/libarchive-3.4.3-x86_64-1.txz: Upgraded.
l/python-six-1.15.0-x86_64-1.txz: Upgraded.
l/zstd-1.4.5-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-68.8.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.8.1/releasenotes/
20200523001354 | Patrick J Volkerding | 8 | -86/+77 |
2020-05-22 | Fri May 22 04:29:34 UTC 2020...d/Cython-0.29.19-x86_64-1.txz: Upgraded.
kde/kde-workspace-4.11.22-x86_64-9.txz: Rebuilt.
kde-np: by default, do not restrict passwordless login for UIDs below 1000,
but keep the option to do so in the file commented out.
l/ffmpeg-4.2.3-x86_64-1.txz: Upgraded.
l/iso-codes-4.5.0-noarch-1.txz: Upgraded.
l/v4l-utils-1.20.0-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/ffmpeg-4.2.3-x86_64-1_alsa.txz: Upgraded.
20200522042934 | Patrick J Volkerding | 5 | -60/+90 |
2020-05-21 | Wed May 20 23:53:44 UTC 2020...a/kernel-firmware-20200519_8ba6fa6-noarch-1.txz: Upgraded.
a/kernel-generic-5.4.42-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.42-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.42-x86_64-1.txz: Upgraded.
a/util-linux-2.35.2-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.42-x86-1.txz: Upgraded.
d/python-pip-20.1.1-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.42-noarch-1.txz: Upgraded.
l/glib2-2.64.3-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.52.1-x86_64-1.txz: Upgraded.
n/samba-4.12.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20200520235344 | Patrick J Volkerding | 20 | -139/+173 |
2020-05-20 | Tue May 19 19:47:49 UTC 2020...a/shadow-4.8.1-x86_64-8.txz: Rebuilt.
It seems that /etc/suauth is not supported when PAM is in use, even if
configure.ac is hacked to enable it. I've removed the man pages for it,
and would suggest using sudo as a replacement.
l/libexif-0.6.22-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
CVE-2018-20030: Fix for recursion DoS
CVE-2020-13114: Time consumption DoS when parsing canon array markers
CVE-2020-13113: Potential use of uninitialized memory
CVE-2020-13112: Various buffer overread fixes due to integer overflows
in maker notes
CVE-2020-0093: read overflow
CVE-2019-9278: replaced integer overflow checks the compiler could
optimize away by safer constructs
CVE-2020-12767: fixed division by zero
CVE-2016-6328: fixed integer overflow when parsing maker notes
CVE-2017-7544: fixed buffer overread
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20030
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13114
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13113
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13112
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9278
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12767
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6328
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7544
(* Security fix *)
l/oniguruma-6.9.5_rev1-x86_64-2.txz: Rebuilt.
Rebuilt with --enable-posix-api. Thanks to MisterL.
l/python-packaging-20.4-x86_64-1.txz: Upgraded.
n/bind-9.16.3-x86_64-1.txz: Upgraded.
This update fixes a security issue:
A malicious actor who intentionally exploits the lack of effective
limitation on the number of fetches performed when processing referrals
can, through the use of specially crafted referrals, cause a recursing
server to issue a very large number of fetches in an attempt to process
the referral. This has at least two potential effects: The performance of
the recursing server can potentially be degraded by the additional work
required to perform these fetches, and the attacker can exploit this
behavior to use the recursing server as a reflector in a reflection attack
with a high amplification factor.
For more information, see:
https://kb.isc.org/docs/cve-2020-8616
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616
(* Security fix *)
x/fontconfig-2.13.92-x86_64-1.txz: Upgraded.
x/xf86-input-libinput-0.30.0-x86_64-1.txz: Upgraded.
20200519194749 | Patrick J Volkerding | 26 | -102/+3170 |