summaryrefslogtreecommitdiffstats
path: root/source/x/x11/build (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Mon Jul 29 18:32:35 UTC 202420240729183235 Patrick J Volkerding2024-07-291-0/+1
| | | | | | | | | a/sysklogd-2.6.1-x86_64-1.txz: Upgraded. d/python-pip-24.2-x86_64-1.txz: Upgraded. d/python-setuptools-72.1.0-x86_64-1.txz: Upgraded. n/links-2.30-x86_64-1.txz: Upgraded. x/libX11-1.8.10-x86_64-1.txz: Upgraded. x/xinput_calibrator-0.8.0-x86_64-1.txz: Added.
* Wed Jul 10 17:48:01 UTC 202420240710174801 Patrick J Volkerding2024-07-101-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/grub-2.12-x86_64-11.txz: Rebuilt. Build using --with-dejavufont=/usr/share/fonts/TTF/DejaVuSans.ttf so that the starfield theme is included. Thanks to opty. d/mercurial-6.8-x86_64-1.txz: Upgraded. d/python-setuptools-70.3.0-x86_64-1.txz: Upgraded. d/rinutils-0.10.3-x86_64-1.txz: Upgraded. d/ruby-3.3.4-x86_64-1.txz: Upgraded. l/glib2-2.80.4-x86_64-1.txz: Upgraded. l/mozjs115-115.13.0esr-x86_64-1.txz: Upgraded. l/nodejs-20.15.1-x86_64-1.txz: Upgraded. l/qt6-6.7.2_20240610_3f005f1e-x86_64-2.txz: Rebuilt. [PATCH] Client: Ensure that guessed popup parent has a shell surface. Thanks to ctrlaltca. Add another patch to fix race conditions building with ninja. n/bluez-5.77-x86_64-1.txz: Upgraded. n/getmail-6.19.03-x86_64-1.txz: Upgraded. x/xdm-1.1.16-x86_64-2.txz: Rebuilt. Patched to fix an issue drawing/erasing text in the login dialog. Thanks to GazL. x/xorg-server-xwayland-24.1.1-x86_64-1.txz: Upgraded. xap/mozilla-firefox-128.0esr-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/128.0esr/releasenotes/ https://www.mozilla.org/security/advisories/mfsa2024-29/ https://www.cve.org/CVERecord?id=CVE-2024-6606 https://www.cve.org/CVERecord?id=CVE-2024-6607 https://www.cve.org/CVERecord?id=CVE-2024-6608 https://www.cve.org/CVERecord?id=CVE-2024-6609 https://www.cve.org/CVERecord?id=CVE-2024-6610 https://www.cve.org/CVERecord?id=CVE-2024-6600 https://www.cve.org/CVERecord?id=CVE-2024-6601 https://www.cve.org/CVERecord?id=CVE-2024-6602 https://www.cve.org/CVERecord?id=CVE-2024-6603 https://www.cve.org/CVERecord?id=CVE-2024-6611 https://www.cve.org/CVERecord?id=CVE-2024-6612 https://www.cve.org/CVERecord?id=CVE-2024-6613 https://www.cve.org/CVERecord?id=CVE-2024-6614 https://www.cve.org/CVERecord?id=CVE-2024-6604 https://www.cve.org/CVERecord?id=CVE-2024-6615 (* Security fix *)
* Sun May 26 00:07:39 UTC 202420240526000739 Patrick J Volkerding2024-05-261-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/kernel-firmware-20240519_ec8627e-noarch-1.txz: Upgraded. a/kernel-generic-6.9.2-x86_64-1.txz: Upgraded. a/kernel-huge-6.9.2-x86_64-1.txz: Upgraded. a/kernel-modules-6.9.2-x86_64-1.txz: Upgraded. d/kernel-headers-6.9.2-x86-1.txz: Upgraded. e/emacspeak-60.0-x86_64-2.txz: Rebuilt. Fixed dangling symlink. Thanks to marav. k/kernel-source-6.9.2-noarch-1.txz: Upgraded. kde/calligra-3.2.1-x86_64-40.txz: Rebuilt. Recompiled against gsl-2.8. kde/krita-5.2.2-x86_64-10.txz: Rebuilt. Recompiled against gsl-2.8. kde/kstars-3.7.0-x86_64-2.txz: Rebuilt. Recompiled against gsl-2.8. kde/libindi-2.0.7-x86_64-2.txz: Rebuilt. Recompiled against gsl-2.8. kde/stellarsolver-2.5-x86_64-2.txz: Rebuilt. Recompiled against gsl-2.8. kde/step-23.08.5-x86_64-3.txz: Rebuilt. Recompiled against gsl-2.8. l/dav1d-1.4.2-x86_64-1.txz: Upgraded. l/glib2-2.80.2-x86_64-2.txz: Rebuilt. [PATCH 1/2] gmenuexporter: Fix a NULL pointer dereference on an error handling path. [PATCH 2/2] gactiongroupexporter: Fix memory problems on an error handling path. Thanks to Philip Withnall and Arleson. l/gsl-2.8-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/librsvg-2.58.1-x86_64-1.txz: Upgraded. l/pipewire-1.0.7-x86_64-1.txz: Upgraded. n/ntp-4.2.8p18-x86_64-1.txz: Upgraded. x/igt-gpu-tools-1.28-x86_64-3.txz: Rebuilt. Recompiled against gsl-2.8. xap/sane-1.3.1-x86_64-1.txz: Upgraded. xap/xlockmore-5.78-x86_64-1.txz: Upgraded. xap/xsnow-3.7.9-x86_64-2.txz: Rebuilt. Recompiled against gsl-2.8. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Tue Apr 23 22:24:03 UTC 202420240423222403 Patrick J Volkerding2024-04-241-1/+1
| | | | | | | | | | | | | | | | | | | d/ruby-3.3.1-x86_64-1.txz: Upgraded. This update fixes security issues: Arbitrary memory address read vulnerability with Regex search. RCE vulnerability with .rdoc_options in RDoc. Buffer overread vulnerability in StringIO. For more information, see: https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/ https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/ https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/ https://www.cve.org/CVERecord?id=CVE-2024-27282 https://www.cve.org/CVERecord?id=CVE-2024-27281 https://www.cve.org/CVERecord?id=CVE-2024-27280 (* Security fix *) l/python-docutils-0.21.2-x86_64-1.txz: Upgraded. x/rendercheck-1.6-x86_64-1.txz: Upgraded. x/xcb-imdkit-1.0.8-x86_64-1.txz: Upgraded.
* Mon Apr 15 22:28:37 UTC 202420240415222837 Patrick J Volkerding2024-04-161-1/+1
| | | | | | | | | | | | | | | | ap/linuxdoc-tools-0.9.83-x86_64-1.txz: Upgraded. Upgraded to linuxdoc-tools-0.9.83, gtk-doc-1.34.0, and asciidoc-10.2.0. See the ChangeLog in source/ap/linuxdoc-tools for more details. Thanks to Stuart Winter. ap/sqlite-3.45.3-x86_64-1.txz: Upgraded. l/Mako-1.3.3-x86_64-1.txz: Upgraded. l/pipewire-1.0.5-x86_64-1.txz: Upgraded. l/python-hatchling-1.23.0-x86_64-1.txz: Upgraded. x/libwacom-2.11.0-x86_64-1.txz: Upgraded. x/xcb-proto-1.17.0-x86_64-1.txz: Upgraded. x/xf86-input-wacom-1.2.2-x86_64-1.txz: Upgraded. xap/pan-0.158-x86_64-1.txz: Upgraded. Let's process the git pull with NOCONFIGURE=1 ./autogen.sh for FTIO. :-)
* Fri Mar 29 20:39:11 UTC 202420240329203911 Patrick J Volkerding2024-03-291-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Everything in this batch besides aaa_libraries, xz, mcelog, and harfbuzz is a rebuild or upgrade to build against python-3.11.8. Looking at the python readiness page, it seems like a lot of stuff we use is not certified for python-3.12 yet (although to be fair, about half as much isn't certified for python-3.11 either). But 3.11 seems to be the safer choice even though the final bugfix update is scheduled for Monday. And, if we do decide to move ahead to 3.12 later on, it'll be a lot easier than this update was. Enjoy! :-) a/aaa_libraries-15.1-x86_64-29.txz: Rebuilt. Upgraded: libzstd.so.1.5.6, libexpat.so.1.9.2, libglib-2.0.so.0.8000.0, libgmodule-2.0.so.0.8000.0, libgobject-2.0.so.0.8000.0, libgthread-2.0.so.0.8000.0. Removed: libboost_*.so.1.83.0. a/libblockdev-2.28-x86_64-3.txz: Rebuilt. a/libbytesize-2.8-x86_64-2.txz: Rebuilt. a/libpwquality-1.4.5-x86_64-2.txz: Rebuilt. a/mcelog-198-x86_64-1.txz: Upgraded. a/util-linux-2.40-x86_64-2.txz: Rebuilt. a/volume_key-0.3.12-x86_64-8.txz: Rebuilt. a/xz-5.6.1-x86_64-2.txz: Rebuilt. Seems like a good idea to build this from a git pull rather than the signed release tarballs. :-) The liblzma in the previous packages were not found to be vulnerable by the detection script, but I'd rather not carry the bad m4 files in our sources. Here's a test script for anyone wanting to try it: if hexdump -ve '1/1 "%.2x"' /lib*/liblzma.so.5 | grep -q f30f1efa554889f54c89ce5389fb81e7000000804883ec28488954241848894c2410 ; then echo probably vulnerable else echo probably not vulnerable fi ap/hplip-3.23.12-x86_64-3.txz: Rebuilt. ap/linuxdoc-tools-0.9.82-x86_64-5.txz: Rebuilt. ap/rpm-4.19.1.1-x86_64-2.txz: Rebuilt. ap/undervolt-20210815_e39aea1-x86_64-3.txz: Rebuilt. ap/vim-9.1.0225-x86_64-1.txz: Upgraded. d/Cython-3.0.9-x86_64-2.txz: Rebuilt. d/distcc-3.4-x86_64-5.txz: Rebuilt. d/gdb-14.2-x86_64-2.txz: Rebuilt. d/gyp-20210831_d6c5dd51-x86_64-3.txz: Rebuilt. d/llvm-18.1.2-x86_64-2.txz: Rebuilt. d/mercurial-6.7.1-x86_64-2.txz: Rebuilt. d/meson-1.4.0-x86_64-2.txz: Rebuilt. d/python-pip-24.0-x86_64-2.txz: Rebuilt. d/python-setuptools-69.2.0-x86_64-2.txz: Rebuilt. d/python3-3.11.8-x86_64-1.txz: Upgraded. Shared library .so-version bump. d/scons-4.7.0-x86_64-2.txz: Rebuilt. kde/cantor-23.08.5-x86_64-4.txz: Rebuilt. kde/kapidox-5.115.0-x86_64-2.txz: Rebuilt. kde/kdev-python-23.08.5-x86_64-2.txz: Rebuilt. kde/kig-23.08.5-x86_64-2.txz: Rebuilt. kde/kmymoney-5.1.3-x86_64-4.txz: Rebuilt. kde/kopeninghours-23.08.5-x86_64-2.txz: Rebuilt. kde/krita-5.2.2-x86_64-6.txz: Rebuilt. l/M2Crypto-0.41.0-x86_64-2.txz: Rebuilt. l/Mako-1.3.2-x86_64-2.txz: Rebuilt. l/PyQt-builder-1.15.4-x86_64-2.txz: Rebuilt. l/PyQt5-5.15.10-x86_64-2.txz: Rebuilt. l/PyQt5_sip-12.13.0-x86_64-2.txz: Rebuilt. l/QScintilla-2.14.1-x86_64-3.txz: Rebuilt. l/avahi-20240306_709e60f-x86_64-2.txz: Rebuilt. l/brotli-1.1.0-x86_64-2.txz: Rebuilt. l/dbus-python-1.3.2-x86_64-2.txz: Rebuilt. l/gexiv2-0.14.2-x86_64-3.txz: Rebuilt. l/gi-docgen-2023.3-x86_64-2.txz: Rebuilt. l/glade-3.40.0-x86_64-2.txz: Rebuilt. l/gobject-introspection-1.80.0-x86_64-2.txz: Rebuilt. l/harfbuzz-8.4.0-x86_64-1.txz: Upgraded. l/lensfun-0.3.4-x86_64-2.txz: Rebuilt. l/libcaca-0.99.beta20-x86_64-2.txz: Rebuilt. l/libcap-ng-0.8.4-x86_64-2.txz: Rebuilt. l/libieee1284-0.2.11-x86_64-8.txz: Rebuilt. l/libimobiledevice-20231007_04c0233-x86_64-2.txz: Rebuilt. l/libnvme-1.8-x86_64-2.txz: Rebuilt. l/libplist-2.4.0-x86_64-2.txz: Rebuilt. l/libwebp-1.3.2-x86_64-3.txz: Rebuilt. l/libxml2-2.12.6-x86_64-3.txz: Rebuilt. l/libxslt-1.1.39-x86_64-2.txz: Rebuilt. l/newt-0.52.24-x86_64-3.txz: Rebuilt. l/protobuf-26.1-x86_64-2.txz: Rebuilt. l/pycairo-1.26.0-x86_64-3.txz: Rebuilt. l/pycups-2.0.1-x86_64-7.txz: Rebuilt. l/pycurl-7.45.3-x86_64-2.txz: Rebuilt. l/pygobject3-3.48.1-x86_64-2.txz: Rebuilt. l/pyparsing-3.1.2-x86_64-2.txz: Rebuilt. l/python-Jinja2-3.1.3-x86_64-2.txz: Rebuilt. l/python-MarkupSafe-2.1.5-x86_64-2.txz: Rebuilt. l/python-PyYAML-6.0.1-x86_64-3.txz: Rebuilt. l/python-alabaster-0.7.16-x86_64-2.txz: Rebuilt. l/python-appdirs-1.4.4-x86_64-7.txz: Rebuilt. l/python-babel-2.14.0-x86_64-2.txz: Rebuilt. l/python-build-1.2.1-x86_64-2.txz: Rebuilt. l/python-calver-2022.6.26-x86_64-2.txz: Rebuilt. l/python-certifi-2024.2.2-x86_64-2.txz: Rebuilt. l/python-cffi-1.16.0-x86_64-2.txz: Rebuilt. l/python-chardet-5.2.0-x86_64-2.txz: Rebuilt. l/python-charset-normalizer-3.3.2-x86_64-2.txz: Rebuilt. l/python-distro-1.9.0-x86_64-2.txz: Rebuilt. l/python-dnspython-2.6.1-x86_64-2.txz: Rebuilt. l/python-docutils-0.20.1-x86_64-2.txz: Rebuilt. l/python-doxypypy-0.8.8.7-x86_64-2.txz: Rebuilt. l/python-doxyqml-0.5.3-x86_64-2.txz: Rebuilt. l/python-editables-0.5-x86_64-2.txz: Rebuilt. l/python-flit-core-3.9.0-x86_64-2.txz: Rebuilt. l/python-future-1.0.0-x86_64-2.txz: Rebuilt. l/python-glad2-2.0.6-x86_64-2.txz: Rebuilt. l/python-hatchling-1.22.4-x86_64-2.txz: Rebuilt. l/python-html5lib-1.1-x86_64-2.txz: Rebuilt. l/python-idna-3.6-x86_64-2.txz: Rebuilt. l/python-imagesize-1.4.1-x86_64-2.txz: Rebuilt. l/python-importlib_metadata-7.1.0-x86_64-2.txz: Rebuilt. l/python-installer-0.7.0-x86_64-2.txz: Rebuilt. l/python-lxml-5.1.1-x86_64-1.txz: Upgraded. l/python-markdown-3.6-x86_64-2.txz: Rebuilt. l/python-notify2-0.3.1-x86_64-11.txz: Rebuilt. l/python-packaging-24.0-x86_64-2.txz: Rebuilt. l/python-pathspec-0.12.1-x86_64-2.txz: Rebuilt. l/python-pbr-6.0.0-x86_64-2.txz: Rebuilt. l/python-pillow-10.2.0-x86_64-2.txz: Rebuilt. l/python-pluggy-1.4.0-x86_64-2.txz: Rebuilt. l/python-ply-3.11-x86_64-9.txz: Rebuilt. l/python-psutil-5.9.8-x86_64-2.txz: Rebuilt. l/python-pycparser-2.21-x86_64-2.txz: Rebuilt. l/python-pygments-2.17.2-x86_64-2.txz: Rebuilt. l/python-pyproject-hooks-1.0.0-x86_64-2.txz: Rebuilt. l/python-pysol_cards-0.16.0-x86_64-2.txz: Rebuilt. l/python-pytz-2024.1-x86_64-2.txz: Rebuilt. l/python-random2-1.0.2-x86_64-2.txz: Rebuilt. l/python-requests-2.31.0-x86_64-2.txz: Rebuilt. l/python-sane-2.9.1-x86_64-6.txz: Rebuilt. l/python-setuptools_scm-8.0.4-x86_64-2.txz: Rebuilt. l/python-six-1.16.0-x86_64-4.txz: Rebuilt. l/python-smartypants-2.0.1-x86_64-2.txz: Rebuilt. l/python-snowballstemmer-2.2.0-x86_64-2.txz: Rebuilt. l/python-sphinx-7.2.6-x86_64-2.txz: Rebuilt. l/python-sphinx_rtd_theme-2.0.0-x86_64-2.txz: Rebuilt. l/python-tomli-2.0.1-x86_64-2.txz: Rebuilt. l/python-tomli-w-1.0.0-x86_64-2.txz: Rebuilt. l/python-trove-classifiers-2024.3.25-x86_64-2.txz: Rebuilt. l/python-typing_extensions-4.10.0-x86_64-2.txz: Rebuilt. l/python-typogrify-2.0.7-x86_64-2.txz: Rebuilt. l/python-urllib3-2.2.1-x86_64-2.txz: Rebuilt. l/python-webencodings-0.5.1-x86_64-2.txz: Rebuilt. l/python-wheel-0.43.0-x86_64-2.txz: Rebuilt. l/python-zipp-3.18.1-x86_64-2.txz: Rebuilt. l/sip-6.8.3-x86_64-2.txz: Rebuilt. l/speech-dispatcher-0.11.5-x86_64-2.txz: Rebuilt. l/system-config-printer-1.5.18-x86_64-2.txz: Rebuilt. l/talloc-2.4.2-x86_64-2.txz: Rebuilt. l/tdb-1.4.10-x86_64-2.txz: Rebuilt. l/tevent-0.16.1-x86_64-2.txz: Rebuilt. n/epic5-2.1.12-x86_64-7.txz: Rebuilt. n/fetchmail-6.4.38-x86_64-2.txz: Rebuilt. n/getmail-6.18.14-x86_64-2.txz: Rebuilt. n/gpgme-1.23.2-x86_64-3.txz: Rebuilt. n/net-snmp-5.9.4-x86_64-2.txz: Rebuilt. n/nftables-1.0.9-x86_64-2.txz: Rebuilt. n/nmap-7.94-x86_64-2.txz: Rebuilt. n/nss-pam-ldapd-0.9.12-x86_64-4.txz: Rebuilt. n/obexftp-0.24.2-x86_64-12.txz: Rebuilt. n/pssh-2.3.5-x86_64-2.txz: Rebuilt. n/samba-4.20.0-x86_64-2.txz: Rebuilt. x/ibus-1.5.29-x86_64-3.txz: Rebuilt. x/ibus-anthy-1.5.16-x86_64-2.txz: Rebuilt. x/ibus-hangul-1.5.5-x86_64-2.txz: Rebuilt. x/ibus-libpinyin-1.15.7-x86_64-2.txz: Rebuilt. x/ibus-table-1.17.4-x86_64-2.txz: Rebuilt. x/marisa-0.2.6-x86_64-9.txz: Rebuilt. x/pyxdg-0.28-x86_64-2.txz: Rebuilt. x/xcb-proto-1.16.0-x86_64-3.txz: Rebuilt. xap/blueman-2.3.5-x86_64-2.txz: Rebuilt. xap/hexchat-2.16.2-x86_64-2.txz: Rebuilt. xap/vim-gvim-9.1.0225-x86_64-1.txz: Upgraded. extra/brltty/brltty-6.6-x86_64-3.txz: Rebuilt.
* Sat Mar 23 19:34:02 UTC 202420240323193402 Patrick J Volkerding2024-03-231-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | ap/vim-9.1.0199-x86_64-1.txz: Upgraded. Dropped python2 support. Thanks to Audrius Kažukauskas. l/duktape-2.7.0-x86_64-1.txz: Added. Needed by polkit. l/gjs-1.80.1-x86_64-1.txz: Upgraded. l/libdeflate-1.20-x86_64-1.txz: Upgraded. l/mozjs102-102.15.1esr-x86_64-2.txz: Removed. l/mozjs115-115.9.1esr-x86_64-1.txz: Upgraded. l/polkit-123-x86_64-2.txz: Rebuilt. Use duktape instead of mozjs102 as the JavaScript engine. x/iceauth-1.0.10-x86_64-2.txz: Rebuilt. It's never too early to build with --enable-year2038. Thanks to bigbadaboum. xap/geeqie-2.4-x86_64-1.txz: Upgraded. xap/mozilla-firefox-115.9.1esr-x86_64-1.txz: Upgraded. This update fixes a critical security issue: An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. For more information, see: https://www.mozilla.org/en-US/firefox/115.9.1esr/releasenotes/ https://www.mozilla.org/security/advisories/mfsa2024-16/ https://www.cve.org/CVERecord?id=CVE-2024-29944 (* Security fix *) xap/vim-gvim-9.1.0199-x86_64-1.txz: Upgraded. Dropped python2 support. Thanks to Audrius Kažukauskas.
* Wed Mar 20 21:10:30 UTC 202420240320211030 Patrick J Volkerding2024-03-201-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/libblockdev-2.28-x86_64-2.txz: Rebuilt. Drop python2 support. a/sysvinit-scripts-15.1-noarch-15.txz: Rebuilt. rc.M: start rc.iceccd and rc.icecc-scheduler earlier. a/util-linux-2.39.3-x86_64-2.txz: Rebuilt. Drop python2 support. a/volume_key-0.3.12-x86_64-6.txz: Rebuilt. Drop python2 support. ap/man-pages-6.7-noarch-1.txz: Upgraded. d/cmake-3.28.4-x86_64-1.txz: Upgraded. d/llvm-18.1.2-x86_64-1.txz: Upgraded. d/python2-2.7.18-x86_64-7.txz: Rebuilt. Bundle the final python2 versions of pip and setuptools. Drop the /usr/bin/python symlink. d/python3-3.9.19-x86_64-1.txz: Upgraded. Point the /usr/bin/python symlink at python3.9. PEP 394 says we can do this, and in a world of ambigious shebangs, this is probably the best of the available options. This update also fixes security issues: bundled libexpat was updated to 2.6.0. zipfile is now protected from the "quoted-overlap" zipbomb. tempfile.TemporaryDirectory cleanup no longer dereferences symlinks when working around file system permission errors. For more information, see: https://pythoninsider.blogspot.com/2024/03/python-31014-3919-and-3819-is-now.html https://www.cve.org/CVERecord?id=CVE-2023-52425 https://www.cve.org/CVERecord?id=CVE-2024-0450 https://www.cve.org/CVERecord?id=CVE-2023-6597 (* Security fix *) d/strace-6.8-x86_64-1.txz: Upgraded. kde/kross-interpreters-23.08.5-x86_64-2.txz: Rebuilt. Drop python2 support. l/libxml2-2.12.6-x86_64-2.txz: Rebuilt. Drop python2 support. l/mozjs115-115.9.0esr-x86_64-2.txz: Rebuilt. Fixed installed library name. Thanks to reddog83. Fixed slack-desc. Thanks to r1w1s1. l/phonon-4.12.0-x86_64-1.txz: Upgraded. l/pilot-link-0.12.5-x86_64-17.txz: Rebuilt. Drop python2 support. l/python2-module-collection-2.7.18-x86_64-6.txz: Removed. Good bye! l/python2-pycairo-1.18.2-x86_64-1.txz: Added. We'll need this (along with pygtk and pygobject) until we get gimp3. Well, we could build gimp without python support, but I really don't think that's the route we want to take. n/bind-9.18.25-x86_64-1.txz: Upgraded. n/crda-4.15-x86_64-1.txz: Removed. The kernel is able to load from wireless-regdb directly. Obsolete. n/getmail-6.18.14-x86_64-1.txz: Upgraded. n/gpgme-1.23.2-x86_64-2.txz: Rebuilt. Drop python2 support. n/obexftp-0.24.2-x86_64-11.txz: Rebuilt. Drop python2 support. n/wireless-regdb-2024.01.23-x86_64-1.txz: Added. Wireless regulatory database, previously bundled with crda. x/ibus-1.5.29-x86_64-2.txz: Rebuilt. Drop python2 support. x/libkkc-0.3.5-x86_64-4.txz: Rebuilt. Still forcing python2 with this one, but perhaps a python3 marisa module could work around this. x/libkkc-data-0.2.7-x86_64-4.txz: Rebuilt. Still forcing python2 with this one, but perhaps a python3 marisa module could work around this. x/xcb-proto-1.16.0-x86_64-2.txz: Rebuilt. Drop python2 support. x/xpyb-1.3.1-x86_64-7.txz: Removed. Nothing uses it, and it was never updated for python3. Removed as obsolete.
* Sun Mar 3 20:50:24 UTC 202420240303205024 Patrick J Volkerding2024-03-031-1/+1
| | | | | | | | | | | | | | | | | | | | | d/gdb-14.2-x86_64-1.txz: Upgraded. l/python-PyYAML-6.0.1-x86_64-2.txz: Rebuilt. Fixed build with Cython >= 3. Thanks to Stuart Winter. l/qt6-6.6.2_20240210_15b7e743-x86_64-2.txz: Rebuilt. Fixed the sdpscanner6 symlink by moving INSTALL_LIBEXECDIR to the expected location. x/editres-1.0.9-x86_64-1.txz: Upgraded. x/encodings-1.1.0-noarch-1.txz: Upgraded. x/gccmakedep-1.0.4-noarch-1.txz: Upgraded. x/libXaw3d-1.6.6-x86_64-1.txz: Upgraded. x/libXcursor-1.2.2-x86_64-1.txz: Upgraded. x/libXdmcp-1.1.5-x86_64-1.txz: Upgraded. x/libfontenc-1.1.8-x86_64-1.txz: Upgraded. x/libxcb-1.16.1-x86_64-1.txz: Upgraded. x/listres-1.0.6-x86_64-1.txz: Upgraded. x/mkfontscale-1.2.3-x86_64-1.txz: Upgraded. x/xauth-1.1.3-x86_64-1.txz: Upgraded. x/xlsfonts-1.0.8-x86_64-1.txz: Upgraded.
* Wed Feb 14 04:31:08 UTC 202420240214043108 Patrick J Volkerding2024-02-141-1/+1
| | | | | | | | | | | | | | | | | | | | | l/exiv2-0.28.2-x86_64-1.txz: Upgraded. Fixes two low-severity security issues introduced in 0.28.x: Out-of-bounds read in QuickTimeVideo::NikonTagsDecoder. Denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder. For more information, see: https://www.cve.org/CVERecord?id=CVE-2024-24826 https://www.cve.org/CVERecord?id=CVE-2024-25112 (* Security fix *) l/gnome-keyring-46.1-x86_64-1.txz: Upgraded. n/dnsmasq-2.90-x86_64-1.txz: Upgraded. Add limits on the resources used to do DNSSEC validation. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-50387 https://www.cve.org/CVERecord?id=CVE-2023-50868 (* Security fix *) x/igt-gpu-tools-1.28-x86_64-2.txz: Rebuilt. Recompiled against /procps-ng-4.0.4.
* Sun Feb 4 19:20:00 UTC 202420240204192000 Patrick J Volkerding2024-02-041-1/+1
| | | | | | | | | | | | | | | | | | | | ap/pamixer-1.6-x86_64-1.txz: Upgraded. d/rust-bindgen-0.69.4-x86_64-1.txz: Upgraded. l/cxxopts-3.1.1-x86_64-1.txz: Added. Needed by pamixer-1.6. l/gc-8.2.6-x86_64-1.txz: Upgraded. l/libxml2-2.12.5-x86_64-1.txz: Upgraded. Fix the following security issue: xmlreader: Don't expand XIncludes when backtracking. For more information, see: https://www.cve.org/CVERecord?id=CVE-2024-25062 (* Security fix *) x/bitmap-1.1.1-x86_64-1.txz: Upgraded. x/xditview-1.0.7-x86_64-1.txz: Upgraded. x/xkbcomp-1.4.7-x86_64-1.txz: Upgraded. x/xkbutils-1.0.6-x86_64-1.txz: Upgraded. x/xmore-1.0.4-x86_64-1.txz: Upgraded. x/xprop-1.2.7-x86_64-1.txz: Upgraded.
* Sun Jan 21 20:50:08 UTC 202420240121205008 Patrick J Volkerding2024-01-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | a/ed-1.20-x86_64-1.txz: Upgraded. l/SDL2_ttf-2.22.0-x86_64-1.txz: Upgraded. l/imagemagick-7.1.1_27-x86_64-1.txz: Upgraded. l/libproxy-0.5.3-x86_64-1.txz: Upgraded. n/nghttp2-1.59.0-x86_64-1.txz: Upgraded. x/xbiff-1.0.5-x86_64-1.txz: Upgraded. extra/tigervnc/tigervnc-1.13.1-x86_64-3.txz: Rebuilt. Recompiled against xorg-server-21.1.11, including the latest patches for several security issues. Thanks to marav. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-6377 https://www.cve.org/CVERecord?id=CVE-2023-6478 https://www.cve.org/CVERecord?id=CVE-2023-6816 https://www.cve.org/CVERecord?id=CVE-2024-0229 https://www.cve.org/CVERecord?id=CVE-2024-0408 https://www.cve.org/CVERecord?id=CVE-2024-0409 https://www.cve.org/CVERecord?id=CVE-2024-21885 https://www.cve.org/CVERecord?id=CVE-2024-21886 https://www.cve.org/CVERecord?id=CVE-2024-21886 (* Security fix *)
* Fri Sep 29 19:45:18 UTC 202320230929194518 Patrick J Volkerding2023-09-291-1/+1
| | | | | | | | | | | | | | d/meson-1.2.2-x86_64-1.txz: Upgraded. l/nodejs-20.8.0-x86_64-1.txz: Upgraded. l/sof-firmware-2023.09-noarch-1.txz: Upgraded. n/bluez-5.70-x86_64-1.txz: Upgraded. n/php-8.2.11-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.php.net/ChangeLog-8.php#8.2.11 x/mesa-23.2.1-x86_64-1.txz: Upgraded. x/xman-1.1.6-x86_64-1.txz: Upgraded. xfce/xfce4-clipman-plugin-1.6.5-x86_64-1.txz: Upgraded.
* Thu Jul 20 19:55:25 UTC 202320230720195525 Patrick J Volkerding2023-07-201-1/+1
| | | | | | | | | | | | | | | | | | | d/re2c-3.1-x86_64-1.txz: Upgraded. l/gst-plugins-bad-free-1.22.5-x86_64-1.txz: Upgraded. l/gst-plugins-base-1.22.5-x86_64-1.txz: Upgraded. l/gst-plugins-good-1.22.5-x86_64-1.txz: Upgraded. l/gst-plugins-libav-1.22.5-x86_64-1.txz: Upgraded. l/gstreamer-1.22.5-x86_64-1.txz: Upgraded. l/libptytty-2.0-x86_64-1.txz: Added. This is required by rxvt-unicode-9.31. x/libpthread-stubs-0.5-x86_64-1.txz: Upgraded. xap/rxvt-unicode-9.31-x86_64-1.txz: Upgraded. Compiled against libptytty-2.0. testing/packages/mozilla-thunderbird-115.0.1-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/115.0.1/releasenotes/ (* Security fix *)
* Sun Jun 4 19:16:13 UTC 202320230604191613 Patrick J Volkerding2023-06-042-2/+2
| | | | | | | | | | | | | | l/ocl-icd-2.3.2-x86_64-1.txz: Upgraded. n/libmilter-8.17.2-x86_64-1.txz: Upgraded. x/egl-wayland-1.1.12-x86_64-1.txz: Upgraded. x/libdmx-1.1.5-x86_64-1.txz: Upgraded. x/xrdb-1.2.2-x86_64-1.txz: Upgraded. x/xscope-1.4.4-x86_64-1.txz: Upgraded. x/xtrans-1.5.0-noarch-1.txz: Upgraded. x/xwd-1.0.9-x86_64-1.txz: Upgraded. extra/sendmail/sendmail-8.17.2-x86_64-1.txz: Upgraded. This is a bugfix release. extra/sendmail/sendmail-cf-8.17.2-noarch-1.txz: Upgraded.
* Mon May 8 23:42:23 UTC 202320230508234223 Patrick J Volkerding2023-05-091-1/+1
| | | | | | | | | | a/less-633-x86_64-1.txz: Upgraded. ap/inxi-3.3.27_1-noarch-1.txz: Upgraded. d/rust-1.68.2-x86_64-2.txz: Upgraded. l/mlt-7.16.0-x86_64-1.txz: Upgraded. x/m17n-lib-1.8.1-x86_64-1.txz: Upgraded. x/xf86-video-dummy-0.4.1-x86_64-1.txz: Upgraded. testing/packages/rust-1.69.0-x86_64-1.txz: Upgraded.
* Fri Apr 28 18:25:13 UTC 202320230428182513 Patrick J Volkerding2023-04-281-1/+1
| | | | | | | | | | | kde/kalk-23.04.0-x86_64-1.txz: Removed. kde/ktextaddons-1.2.1-x86_64-1.txz: Upgraded. Revert to this version until a newer one works. kde/qcoro-0.9.0-x86_64-1.txz: Upgraded. l/iso-codes-4.15.0-noarch-1.txz: Upgraded. n/lynx-2.9.0dev.12-x86_64-1.txz: Upgraded. x/xdpyinfo-1.3.4-x86_64-1.txz: Upgraded. x/xinput-1.6.4-x86_64-1.txz: Upgraded.
* Tue Apr 11 18:49:02 UTC 202320230411184902 Patrick J Volkerding2023-04-114-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/mcelog-194-x86_64-1.txz: Upgraded. a/tcsh-6.24.08-x86_64-1.txz: Upgraded. d/meson-1.1.0-x86_64-1.txz: Upgraded. d/rust-bindgen-0.65.0-x86_64-1.txz: Upgraded. l/mozjs102-102.10.0esr-x86_64-1.txz: Upgraded. l/nodejs-19.9.0-x86_64-1.txz: Upgraded. l/parted-3.6-x86_64-1.txz: Upgraded. x/ibus-table-1.17.0-x86_64-1.txz: Upgraded. x/libXfixes-6.0.1-x86_64-1.txz: Upgraded. x/libXt-1.3.0-x86_64-1.txz: Upgraded. x/xf86-video-neomagic-1.3.1-x86_64-1.txz: Added. x/xf86-video-savage-2.4.0-x86_64-1.txz: Added. x/xwininfo-1.1.6-x86_64-1.txz: Upgraded. xap/mozilla-firefox-112.0-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/112.0/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-13 https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/#MFSA-TMP-2023-0001 https://www.cve.org/CVERecord?id=CVE-2023-29531 https://www.cve.org/CVERecord?id=CVE-2023-29532 https://www.cve.org/CVERecord?id=CVE-2023-29533 https://www.cve.org/CVERecord?id=CVE-2023-29534 https://www.cve.org/CVERecord?id=CVE-2023-29535 https://www.cve.org/CVERecord?id=CVE-2023-29536 https://www.cve.org/CVERecord?id=CVE-2023-29537 https://www.cve.org/CVERecord?id=CVE-2023-29538 https://www.cve.org/CVERecord?id=CVE-2023-29539 https://www.cve.org/CVERecord?id=CVE-2023-29540 https://www.cve.org/CVERecord?id=CVE-2023-29541 https://www.cve.org/CVERecord?id=CVE-2023-29542 https://www.cve.org/CVERecord?id=CVE-2023-29543 https://www.cve.org/CVERecord?id=CVE-2023-29544 https://www.cve.org/CVERecord?id=CVE-2023-29545 https://www.cve.org/CVERecord?id=CVE-2023-29546 https://www.cve.org/CVERecord?id=CVE-2023-29547 https://www.cve.org/CVERecord?id=CVE-2023-29548 https://www.cve.org/CVERecord?id=CVE-2023-29549 https://www.cve.org/CVERecord?id=CVE-2023-29550 https://www.cve.org/CVERecord?id=CVE-2023-29551 (* Security fix *)
* Tue Apr 4 20:15:38 UTC 202320230404201538 Patrick J Volkerding2023-04-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/mcelog-193-x86_64-1.txz: Upgraded. d/vala-0.56.6-x86_64-1.txz: Upgraded. kde/bluedevil-5.27.4-x86_64-1.txz: Upgraded. kde/breeze-5.27.4-x86_64-1.txz: Upgraded. kde/breeze-grub-5.27.4-x86_64-1.txz: Upgraded. kde/breeze-gtk-5.27.4-x86_64-1.txz: Upgraded. kde/drkonqi-5.27.4-x86_64-1.txz: Upgraded. kde/kactivitymanagerd-5.27.4-x86_64-1.txz: Upgraded. kde/kde-cli-tools-5.27.4-x86_64-1.txz: Upgraded. kde/kde-gtk-config-5.27.4-x86_64-1.txz: Upgraded. kde/kdecoration-5.27.4-x86_64-1.txz: Upgraded. kde/kdeplasma-addons-5.27.4-x86_64-1.txz: Upgraded. kde/kgamma5-5.27.4-x86_64-1.txz: Upgraded. kde/khotkeys-5.27.4-x86_64-1.txz: Upgraded. kde/kinfocenter-5.27.4-x86_64-1.txz: Upgraded. kde/kmenuedit-5.27.4-x86_64-1.txz: Upgraded. kde/kpipewire-5.27.4-x86_64-1.txz: Upgraded. kde/kscreen-5.27.4-x86_64-1.txz: Upgraded. kde/kscreenlocker-5.27.4-x86_64-1.txz: Upgraded. kde/ksshaskpass-5.27.4-x86_64-1.txz: Upgraded. kde/ksystemstats-5.27.4-x86_64-1.txz: Upgraded. kde/kwallet-pam-5.27.4-x86_64-1.txz: Upgraded. kde/kwayland-integration-5.27.4-x86_64-1.txz: Upgraded. kde/kwin-5.27.4-x86_64-1.txz: Upgraded. kde/kwrited-5.27.4-x86_64-1.txz: Upgraded. kde/layer-shell-qt-5.27.4-x86_64-1.txz: Upgraded. kde/libkscreen-5.27.4-x86_64-1.txz: Upgraded. kde/libksysguard-5.27.4-x86_64-1.txz: Upgraded. kde/milou-5.27.4-x86_64-1.txz: Upgraded. kde/oxygen-5.27.4-x86_64-1.txz: Upgraded. kde/oxygen-sounds-5.27.4-x86_64-1.txz: Upgraded. kde/plasma-browser-integration-5.27.4-x86_64-1.txz: Upgraded. kde/plasma-desktop-5.27.4-x86_64-1.txz: Upgraded. kde/plasma-disks-5.27.4-x86_64-1.txz: Upgraded. kde/plasma-firewall-5.27.4-x86_64-1.txz: Upgraded. kde/plasma-integration-5.27.4-x86_64-1.txz: Upgraded. kde/plasma-nm-5.27.4-x86_64-1.txz: Upgraded. kde/plasma-pa-5.27.4-x86_64-1.txz: Upgraded. kde/plasma-sdk-5.27.4-x86_64-1.txz: Upgraded. kde/plasma-systemmonitor-5.27.4-x86_64-1.txz: Upgraded. kde/plasma-vault-5.27.4.1-x86_64-1.txz: Upgraded. kde/plasma-workspace-5.27.4.1-x86_64-1.txz: Upgraded. kde/plasma-workspace-wallpapers-5.27.4.1-x86_64-1.txz: Upgraded. kde/polkit-kde-agent-1-5.27.4.1-x86_64-1.txz: Upgraded. kde/powerdevil-5.27.4.1-x86_64-1.txz: Upgraded. kde/qqc2-breeze-style-5.27.4-x86_64-1.txz: Upgraded. kde/sddm-kcm-5.27.4.1-x86_64-1.txz: Upgraded. kde/systemsettings-5.27.4.1-x86_64-1.txz: Upgraded. kde/xdg-desktop-portal-kde-5.27.4.1-x86_64-1.txz: Upgraded. n/daemon-0.8.2-x86_64-1.txz: Upgraded. x/wayland-1.22.0-x86_64-1.txz: Upgraded. x/xf86-input-libinput-1.3.0-x86_64-1.txz: Upgraded.
* Tue Feb 28 21:33:32 UTC 202320230228213332 Patrick J Volkerding2023-02-2835-35/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/mkinitrd-1.4.11-x86_64-31.txz: Rebuilt. Fix the check to ensure -R is added when the root partition is a partition of a RAID device. Thanks to perrin4869 and drumz. ap/vim-9.0.1362-x86_64-1.txz: Upgraded. kde/bluedevil-5.27.2-x86_64-1.txz: Upgraded. kde/breeze-5.27.2-x86_64-1.txz: Upgraded. kde/breeze-grub-5.27.2-x86_64-1.txz: Upgraded. kde/breeze-gtk-5.27.2-x86_64-1.txz: Upgraded. kde/drkonqi-5.27.2-x86_64-1.txz: Upgraded. kde/kactivitymanagerd-5.27.2-x86_64-1.txz: Upgraded. kde/kde-cli-tools-5.27.2-x86_64-1.txz: Upgraded. kde/kde-gtk-config-5.27.2-x86_64-1.txz: Upgraded. kde/kdecoration-5.27.2-x86_64-1.txz: Upgraded. kde/kdeplasma-addons-5.27.2-x86_64-1.txz: Upgraded. kde/kgamma5-5.27.2-x86_64-1.txz: Upgraded. kde/khotkeys-5.27.2-x86_64-1.txz: Upgraded. kde/kinfocenter-5.27.2-x86_64-1.txz: Upgraded. kde/kmenuedit-5.27.2-x86_64-1.txz: Upgraded. kde/kpipewire-5.27.2-x86_64-1.txz: Upgraded. kde/kscreen-5.27.2-x86_64-1.txz: Upgraded. kde/kscreenlocker-5.27.2-x86_64-1.txz: Upgraded. kde/ksshaskpass-5.27.2-x86_64-1.txz: Upgraded. kde/ksystemstats-5.27.2-x86_64-1.txz: Upgraded. kde/kwallet-pam-5.27.2-x86_64-1.txz: Upgraded. kde/kwayland-integration-5.27.2-x86_64-1.txz: Upgraded. kde/kwin-5.27.2-x86_64-1.txz: Upgraded. kde/kwrited-5.27.2-x86_64-1.txz: Upgraded. kde/layer-shell-qt-5.27.2-x86_64-1.txz: Upgraded. kde/libkscreen-5.27.2-x86_64-1.txz: Upgraded. kde/libksysguard-5.27.2-x86_64-1.txz: Upgraded. kde/milou-5.27.2-x86_64-1.txz: Upgraded. kde/oxygen-5.27.2-x86_64-1.txz: Upgraded. kde/oxygen-sounds-5.27.2-x86_64-1.txz: Upgraded. kde/plasma-browser-integration-5.27.2-x86_64-1.txz: Upgraded. kde/plasma-desktop-5.27.2-x86_64-1.txz: Upgraded. kde/plasma-disks-5.27.2-x86_64-1.txz: Upgraded. kde/plasma-firewall-5.27.2-x86_64-1.txz: Upgraded. kde/plasma-integration-5.27.2-x86_64-1.txz: Upgraded. kde/plasma-nm-5.27.2-x86_64-1.txz: Upgraded. kde/plasma-pa-5.27.2-x86_64-1.txz: Upgraded. kde/plasma-sdk-5.27.2-x86_64-1.txz: Upgraded. kde/plasma-systemmonitor-5.27.2-x86_64-1.txz: Upgraded. kde/plasma-vault-5.27.2-x86_64-1.txz: Upgraded. kde/plasma-workspace-5.27.2-x86_64-1.txz: Upgraded. kde/plasma-workspace-wallpapers-5.27.2-x86_64-1.txz: Upgraded. kde/polkit-kde-agent-1-5.27.2-x86_64-1.txz: Upgraded. kde/powerdevil-5.27.2-x86_64-1.txz: Upgraded. kde/qqc2-breeze-style-5.27.2-x86_64-1.txz: Upgraded. kde/sddm-kcm-5.27.2-x86_64-1.txz: Upgraded. kde/systemsettings-5.27.2-x86_64-1.txz: Upgraded. kde/xdg-desktop-portal-kde-5.27.2-x86_64-1.txz: Upgraded. l/iso-codes-4.13.0-noarch-1.txz: Upgraded. n/whois-5.5.16-x86_64-1.txz: Upgraded. Add bash completion support, courtesy of Ville Skytta. Updated the .tr TLD server. Removed support for -metu NIC handles. x/encodings-1.0.7-noarch-1.txz: Upgraded. x/font-adobe-100dpi-1.0.4-noarch-1.txz: Upgraded. x/font-adobe-75dpi-1.0.4-noarch-1.txz: Upgraded. x/font-adobe-utopia-100dpi-1.0.5-noarch-1.txz: Upgraded. x/font-adobe-utopia-75dpi-1.0.5-noarch-1.txz: Upgraded. x/font-adobe-utopia-type1-1.0.5-noarch-1.txz: Upgraded. x/font-alias-1.0.5-noarch-1.txz: Upgraded. x/font-arabic-misc-1.0.4-noarch-1.txz: Upgraded. x/font-bh-100dpi-1.0.4-noarch-1.txz: Upgraded. x/font-bh-75dpi-1.0.4-noarch-1.txz: Upgraded. x/font-bh-lucidatypewriter-100dpi-1.0.4-noarch-1.txz: Upgraded. x/font-bh-lucidatypewriter-75dpi-1.0.4-noarch-1.txz: Upgraded. x/font-bh-ttf-1.0.4-noarch-1.txz: Upgraded. x/font-bh-type1-1.0.4-noarch-1.txz: Upgraded. x/font-bitstream-100dpi-1.0.4-noarch-1.txz: Upgraded. x/font-bitstream-75dpi-1.0.4-noarch-1.txz: Upgraded. x/font-bitstream-type1-1.0.4-noarch-1.txz: Upgraded. x/font-cronyx-cyrillic-1.0.4-noarch-1.txz: Upgraded. x/font-cursor-misc-1.0.4-noarch-1.txz: Upgraded. x/font-daewoo-misc-1.0.4-noarch-1.txz: Upgraded. x/font-dec-misc-1.0.4-noarch-1.txz: Upgraded. x/font-ibm-type1-1.0.4-noarch-1.txz: Upgraded. x/font-isas-misc-1.0.4-noarch-1.txz: Upgraded. x/font-jis-misc-1.0.4-noarch-1.txz: Upgraded. x/font-micro-misc-1.0.4-noarch-1.txz: Upgraded. x/font-misc-cyrillic-1.0.4-noarch-1.txz: Upgraded. x/font-misc-ethiopic-1.0.5-noarch-1.txz: Upgraded. x/font-misc-meltho-1.0.4-noarch-1.txz: Upgraded. x/font-misc-misc-1.1.3-noarch-1.txz: Upgraded. x/font-mutt-misc-1.0.4-noarch-1.txz: Upgraded. x/font-schumacher-misc-1.1.3-noarch-1.txz: Upgraded. x/font-screen-cyrillic-1.0.5-noarch-1.txz: Upgraded. x/font-sony-misc-1.0.4-noarch-1.txz: Upgraded. x/font-sun-misc-1.0.4-noarch-1.txz: Upgraded. x/font-winitzki-cyrillic-1.0.4-noarch-1.txz: Upgraded. x/font-xfree86-type1-1.0.5-noarch-1.txz: Upgraded. xap/mozilla-firefox-110.0.1-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/firefox/110.0.1/releasenotes/ xap/vim-gvim-9.0.1362-x86_64-1.txz: Upgraded. xfce/xfce4-notifyd-0.8.2-x86_64-1.txz: Upgraded.
* Thu Feb 23 20:47:06 UTC 202320230223204706 Patrick J Volkerding2023-02-233-3/+3
| | | | | | | | | | | | | | | | | | | | | ap/sqlite-3.41.0-x86_64-1.txz: Upgraded. d/parallel-20230222-noarch-1.txz: Upgraded. kde/kidletime-5.103.0-x86_64-2.txz: Rebuilt. [PATCH] wayland: Guard wayland object destructors. Thanks to marav. l/glib2-2.74.6-x86_64-1.txz: Upgraded. l/nodejs-19.7.0-x86_64-1.txz: Upgraded. l/v4l-utils-1.24.0-x86_64-1.txz: Upgraded. n/NetworkManager-1.42.2-x86_64-1.txz: Upgraded. x/font-util-1.4.0-x86_64-1.txz: Upgraded. x/mesa-22.3.6-x86_64-1.txz: Upgraded. x/xbitmaps-1.1.3-x86_64-1.txz: Upgraded. x/xcursor-themes-1.0.7-noarch-1.txz: Upgraded. x/xf86-video-amdgpu-23.0.0-x86_64-1.txz: Upgraded. x/xorg-cf-files-1.0.8-x86_64-1.txz: Upgraded. xap/gimp-2.10.34-x86_64-1.txz: Upgraded. xap/gparted-1.5.0-x86_64-1.txz: Upgraded. xfce/thunar-4.18.4-x86_64-1.txz: Upgraded.
* Thu Feb 16 22:07:06 UTC 202320230216220706 Patrick J Volkerding2023-02-162-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ap/vim-9.0.1314-x86_64-1.txz: Upgraded. l/pipewire-0.3.66-x86_64-1.txz: Upgraded. n/bind-9.18.12-x86_64-1.txz: Upgraded. x/xf86-video-s3virge-1.11.1-x86_64-1.txz: Added. x/xf86-video-trident-1.4.0-x86_64-1.txz: Added. x/xterm-379-x86_64-1.txz: Upgraded. xap/freerdp-2.10.0-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-102.8.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/102.8.0/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/ https://www.cve.org/CVERecord?id=CVE-2023-0616 https://www.cve.org/CVERecord?id=CVE-2023-25728 https://www.cve.org/CVERecord?id=CVE-2023-25730 https://www.cve.org/CVERecord?id=CVE-2023-0767 https://www.cve.org/CVERecord?id=CVE-2023-25735 https://www.cve.org/CVERecord?id=CVE-2023-25737 https://www.cve.org/CVERecord?id=CVE-2023-25738 https://www.cve.org/CVERecord?id=CVE-2023-25739 https://www.cve.org/CVERecord?id=CVE-2023-25729 https://www.cve.org/CVERecord?id=CVE-2023-25732 https://www.cve.org/CVERecord?id=CVE-2023-25734 https://www.cve.org/CVERecord?id=CVE-2023-25742 https://www.cve.org/CVERecord?id=CVE-2023-25746 (* Security fix *) xap/vim-gvim-9.0.1314-x86_64-1.txz: Upgraded.
* Mon Feb 13 20:03:36 UTC 202320230213200336 Patrick J Volkerding2023-02-131-1/+1
| | | | | | | | | | ap/man-pages-6.03-noarch-1.txz: Upgraded. l/atkmm-2.28.3-x86_64-1.txz: Upgraded. l/cairomm-1.14.4-x86_64-1.txz: Upgraded. l/glibmm-2.66.5-x86_64-1.txz: Upgraded. l/imagemagick-7.1.0_62-x86_64-1.txz: Upgraded. n/nghttp2-1.52.0-x86_64-1.txz: Upgraded. x/util-macros-1.20.0-noarch-1.txz: Upgraded.
* Sun Feb 5 20:39:36 UTC 202320230205203936 Patrick J Volkerding2023-02-052-2/+2
| | | | | | | | | | | ap/htop-3.2.2-x86_64-1.txz: Upgraded. l/fuse3-3.13.1-x86_64-1.txz: Upgraded. l/pangomm-2.46.3-x86_64-1.txz: Upgraded. l/tevent-0.14.1-x86_64-1.txz: Upgraded. n/dnsmasq-2.89-x86_64-1.txz: Upgraded. x/libX11-1.8.4-x86_64-1.txz: Upgraded. x/xkeyboard-config-2.38-noarch-1.txz: Upgraded. x/xvidtune-1.0.4-x86_64-1.txz: Upgraded.
* Sun Jan 29 19:01:47 UTC 202320230129190147 Patrick J Volkerding2023-01-291-1/+1
| | | | | | | l/imagemagick-7.1.0_59-x86_64-1.txz: Upgraded. n/c-ares-1.19.0-x86_64-1.txz: Upgraded. n/fetchmail-6.4.36-x86_64-1.txz: Upgraded. x/beforelight-1.0.6-x86_64-1.txz: Upgraded.
* Thu Jan 19 21:07:32 UTC 202320230119210732 Patrick J Volkerding2023-01-191-1/+1
| | | | | | | | | | | | | | | | | | | a/pkgtools-15.1-noarch-4.txz: Rebuilt. makepkg: also let xz decide how many threads to use on ARM platforms aarch64 and riscv64. Thanks to Stuart Winter. installpkg: fix reversed test for if a --threads option was given. It appears that it's been wrong for years but since xz didn't support threaded decompression yet it wasn't noticed. a/xz-5.4.1-x86_64-2.txz: Rebuilt. Reduce default verbosity from V_WARNING to V_ERROR to avoid sending non-fatal memory usage information to stderr. kde/plasma-wayland-protocols-1.10.0-x86_64-1.txz: Upgraded. l/exiv2-0.27.6-x86_64-1.txz: Upgraded. l/tdb-1.4.8-x86_64-1.txz: Upgraded. x/igt-gpu-tools-1.27.1-x86_64-1.txz: Upgraded. x/libX11-1.8.3-x86_64-2.txz: Rebuilt. [PATCH] Fix a9e845 and 797755 Allow X*IfEvent() to reenter libX11 Thanks to marav.
* Wed Jan 18 06:11:54 UTC 202320230118061154 Patrick J Volkerding2023-01-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ap/diffutils-3.9-x86_64-1.txz: Upgraded. ap/lsof-4.97.0-x86_64-1.txz: Upgraded. ap/mpg123-1.31.2-x86_64-1.txz: Upgraded. d/binutils-2.40-x86_64-1.txz: Upgraded. Shared library .so-version bump. d/git-2.39.1-x86_64-1.txz: Upgraded. d/oprofile-1.4.0-x86_64-11.txz: Rebuilt. Recompiled against binutils-2.40. n/httpd-2.4.55-x86_64-1.txz: Upgraded. This update fixes bugs and the following security issues: mod_proxy allows a backend to trigger HTTP response splitting. mod_proxy_ajp possible request smuggling. mod_dav out of bounds read, or write of zero byte. For more information, see: https://downloads.apache.org/httpd/CHANGES_2.4.55 https://www.cve.org/CVERecord?id=CVE-2022-37436 https://www.cve.org/CVERecord?id=CVE-2022-36760 https://www.cve.org/CVERecord?id=CVE-2006-20001 (* Security fix *) x/ibus-libpinyin-1.15.0-x86_64-1.txz: Upgraded. Compiled against libpinyin-2.8.1. x/igt-gpu-tools-1.27-x86_64-1.txz: Upgraded. x/libXpm-3.5.15-x86_64-1.txz: Upgraded. This update fixes security issues: Infinite loop on unclosed comments. Runaway loop with width of 0 and enormous height. Compression commands depend on $PATH. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-46285 https://www.cve.org/CVERecord?id=CVE-2022-44617 https://www.cve.org/CVERecord?id=CVE-2022-4883 (* Security fix *) x/libinput-1.22.1-x86_64-1.txz: Upgraded. x/libpinyin-2.8.1-x86_64-1.txz: Upgraded. Shared library .so-version bump. xap/mozilla-firefox-109.0-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. Thanks to marav for the build help. For more information, see: https://www.mozilla.org/en-US/firefox/109.0/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-01/ https://www.cve.org/CVERecord?id=CVE-2023-23597 https://www.cve.org/CVERecord?id=CVE-2023-23598 https://www.cve.org/CVERecord?id=CVE-2023-23599 https://www.cve.org/CVERecord?id=CVE-2023-23600 https://www.cve.org/CVERecord?id=CVE-2023-23601 https://www.cve.org/CVERecord?id=CVE-2023-23602 https://www.cve.org/CVERecord?id=CVE-2023-23603 https://www.cve.org/CVERecord?id=CVE-2023-23604 https://www.cve.org/CVERecord?id=CVE-2023-23605 https://www.cve.org/CVERecord?id=CVE-2023-23606 (* Security fix *)
* Tue Dec 20 20:40:18 UTC 202220221220204018 Patrick J Volkerding2022-12-203-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | d/p2c-2.02-x86_64-1.txz: Upgraded. kde/dolphin-22.12.0-x86_64-2.txz: Rebuilt. [PATCH] Revert "portalize drag urls" Thanks to marav. l/gst-plugins-bad-free-1.20.5-x86_64-1.txz: Upgraded. l/gst-plugins-base-1.20.5-x86_64-1.txz: Upgraded. l/gst-plugins-good-1.20.5-x86_64-1.txz: Upgraded. l/gst-plugins-libav-1.20.5-x86_64-1.txz: Upgraded. l/gstreamer-1.20.5-x86_64-1.txz: Upgraded. l/libqalculate-4.5.0-x86_64-1.txz: Upgraded. l/libvncserver-0.9.14-x86_64-1.txz: Upgraded. l/sdl-1.2.15-x86_64-14.txz: Rebuilt. This update fixes a heap overflow problem in video/SDL_pixels.c in SDL. By crafting a malicious .BMP file, an attacker can cause the application using this library to crash, denial of service, or code execution. Thanks to marav for the heads-up. For more information, see: https://www.cve.org/CVERecord?id=CVE-2021-33657 (* Security fix *) n/gnupg2-2.2.41-x86_64-1.txz: Upgraded. n/libksba-1.6.3-x86_64-1.txz: Upgraded. Fix another integer overflow in the CRL's signature parser. (* Security fix *) x/libSM-1.2.4-x86_64-1.txz: Upgraded. x/xcb-util-0.4.1-x86_64-1.txz: Upgraded. x/xdriinfo-1.0.7-x86_64-1.txz: Upgraded.
* Wed Dec 14 21:19:34 UTC 202220221214211934 Patrick J Volkerding2022-12-142-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/bash-5.2.015-x86_64-1.txz: Upgraded. a/tcsh-6.24.06-x86_64-1.txz: Upgraded. ap/inxi-3.3.24_1-noarch-1.txz: Upgraded. ap/nano-7.1-x86_64-1.txz: Upgraded. d/git-2.39.0-x86_64-1.txz: Upgraded. d/rust-1.65.0-x86_64-1.txz: Upgraded. d/strace-6.1-x86_64-1.txz: Upgraded. kde/krita-5.1.4-x86_64-1.txz: Upgraded. l/imagemagick-7.1.0_54-x86_64-1.txz: Upgraded. l/nodejs-19.3.0-x86_64-1.txz: Upgraded. l/pcre2-10.42-x86_64-1.txz: Upgraded. n/iproute2-6.1.0-x86_64-1.txz: Upgraded. x/makedepend-1.0.8-x86_64-1.txz: Upgraded. x/xhost-1.0.9-x86_64-1.txz: Upgraded. x/xorg-server-21.1.5-x86_64-1.txz: Upgraded. This release fixes 6 recently reported security vulnerabilities in various extensions. For more information, see: https://lists.x.org/archives/xorg-announce/2022-December/003302.html https://www.cve.org/CVERecord?id=CVE-2022-46340 https://www.cve.org/CVERecord?id=CVE-2022-46341 https://www.cve.org/CVERecord?id=CVE-2022-46342 https://www.cve.org/CVERecord?id=CVE-2022-46343 https://www.cve.org/CVERecord?id=CVE-2022-46344 https://www.cve.org/CVERecord?id=CVE-2022-4283 (* Security fix *) x/xorg-server-xephyr-21.1.5-x86_64-1.txz: Upgraded. x/xorg-server-xnest-21.1.5-x86_64-1.txz: Upgraded. x/xorg-server-xvfb-21.1.5-x86_64-1.txz: Upgraded. x/xorg-server-xwayland-22.1.6-x86_64-1.txz: Upgraded. This release fixes 6 recently reported security vulnerabilities in various extensions. For more information, see: https://lists.x.org/archives/xorg-announce/2022-December/003302.html https://www.cve.org/CVERecord?id=CVE-2022-46340 https://www.cve.org/CVERecord?id=CVE-2022-46341 https://www.cve.org/CVERecord?id=CVE-2022-46342 https://www.cve.org/CVERecord?id=CVE-2022-46343 https://www.cve.org/CVERecord?id=CVE-2022-46344 https://www.cve.org/CVERecord?id=CVE-2022-4283 (* Security fix *) xap/mozilla-thunderbird-102.6.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/security/advisories/mfsa2022-53/ https://www.cve.org/CVERecord?id=CVE-2022-46880 https://www.cve.org/CVERecord?id=CVE-2022-46872 https://www.cve.org/CVERecord?id=CVE-2022-46881 https://www.cve.org/CVERecord?id=CVE-2022-46874 https://www.cve.org/CVERecord?id=CVE-2022-46875 https://www.cve.org/CVERecord?id=CVE-2022-46882 https://www.cve.org/CVERecord?id=CVE-2022-46878 (* Security fix *) xap/xscreensaver-6.06-x86_64-1.txz: Upgraded. testing/packages/mozilla-firefox-108.0-x86_64-1.txz: Upgraded. Starting this out in /testing for now, since I've been trying for 2 days to get it to compile on 32-bit with no luck. It ends up failing with a bunch of errors like this: ld.lld: error: undefined hidden symbol: tabs_4d51_TabsStore_sync Any help getting this to build on 32-bit would be greatly appreciated. I've tried most of ponce's bag of tricks already. :-)
* Sat Dec 10 19:28:02 UTC 202220221210192802 Patrick J Volkerding2022-12-101-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | kde/attica-5.101.0-x86_64-1.txz: Upgraded. kde/baloo-5.101.0-x86_64-1.txz: Upgraded. kde/bluez-qt-5.101.0-x86_64-1.txz: Upgraded. kde/breeze-icons-5.101.0-noarch-1.txz: Upgraded. kde/extra-cmake-modules-5.101.0-x86_64-1.txz: Upgraded. kde/frameworkintegration-5.101.0-x86_64-1.txz: Upgraded. kde/kactivities-5.101.0-x86_64-1.txz: Upgraded. kde/kactivities-stats-5.101.0-x86_64-1.txz: Upgraded. kde/kapidox-5.101.0-x86_64-1.txz: Upgraded. kde/karchive-5.101.0-x86_64-1.txz: Upgraded. kde/kauth-5.101.0-x86_64-1.txz: Upgraded. kde/kbookmarks-5.101.0-x86_64-1.txz: Upgraded. kde/kcalendarcore-5.101.0-x86_64-1.txz: Upgraded. kde/kcmutils-5.101.0-x86_64-1.txz: Upgraded. kde/kcodecs-5.101.0-x86_64-1.txz: Upgraded. kde/kcompletion-5.101.0-x86_64-1.txz: Upgraded. kde/kconfig-5.101.0-x86_64-1.txz: Upgraded. kde/kconfigwidgets-5.101.0-x86_64-1.txz: Upgraded. kde/kcontacts-5.101.0-x86_64-1.txz: Upgraded. kde/kcoreaddons-5.101.0-x86_64-1.txz: Upgraded. kde/kcrash-5.101.0-x86_64-1.txz: Upgraded. kde/kdav-5.101.0-x86_64-1.txz: Upgraded. kde/kdbusaddons-5.101.0-x86_64-1.txz: Upgraded. kde/kdeclarative-5.101.0-x86_64-1.txz: Upgraded. kde/kded-5.101.0-x86_64-1.txz: Upgraded. kde/kdelibs4support-5.101.0-x86_64-1.txz: Upgraded. kde/kdesignerplugin-5.101.0-x86_64-1.txz: Upgraded. kde/kdesu-5.101.0-x86_64-1.txz: Upgraded. kde/kdewebkit-5.101.0-x86_64-1.txz: Upgraded. kde/kdnssd-5.101.0-x86_64-1.txz: Upgraded. kde/kdoctools-5.101.0-x86_64-1.txz: Upgraded. kde/kemoticons-5.101.0-x86_64-1.txz: Upgraded. kde/kfilemetadata-5.101.0-x86_64-1.txz: Upgraded. kde/kglobalaccel-5.101.0-x86_64-1.txz: Upgraded. kde/kguiaddons-5.101.0-x86_64-1.txz: Upgraded. kde/kholidays-5.101.0-x86_64-1.txz: Upgraded. kde/khtml-5.101.0-x86_64-1.txz: Upgraded. kde/ki18n-5.101.0-x86_64-1.txz: Upgraded. kde/kiconthemes-5.101.0-x86_64-1.txz: Upgraded. kde/kidletime-5.101.0-x86_64-1.txz: Upgraded. kde/kimageformats-5.101.0-x86_64-1.txz: Upgraded. kde/kinit-5.101.0-x86_64-1.txz: Upgraded. kde/kio-5.101.0-x86_64-1.txz: Upgraded. kde/kirigami2-5.101.0-x86_64-1.txz: Upgraded. kde/kitemmodels-5.101.0-x86_64-1.txz: Upgraded. kde/kitemviews-5.101.0-x86_64-1.txz: Upgraded. kde/kjobwidgets-5.101.0-x86_64-1.txz: Upgraded. kde/kjs-5.101.0-x86_64-1.txz: Upgraded. kde/kjsembed-5.101.0-x86_64-1.txz: Upgraded. kde/kmediaplayer-5.101.0-x86_64-1.txz: Upgraded. kde/knewstuff-5.101.0-x86_64-1.txz: Upgraded. kde/knotifications-5.101.0-x86_64-1.txz: Upgraded. kde/knotifyconfig-5.101.0-x86_64-1.txz: Upgraded. kde/kpackage-5.101.0-x86_64-1.txz: Upgraded. kde/kparts-5.101.0-x86_64-1.txz: Upgraded. kde/kpeople-5.101.0-x86_64-1.txz: Upgraded. kde/kplotting-5.101.0-x86_64-1.txz: Upgraded. kde/kpty-5.101.0-x86_64-1.txz: Upgraded. kde/kquickcharts-5.101.0-x86_64-1.txz: Upgraded. kde/kross-5.101.0-x86_64-1.txz: Upgraded. kde/krunner-5.101.0-x86_64-1.txz: Upgraded. kde/kservice-5.101.0-x86_64-1.txz: Upgraded. kde/ktexteditor-5.101.0-x86_64-1.txz: Upgraded. kde/ktextwidgets-5.101.0-x86_64-1.txz: Upgraded. kde/kunitconversion-5.101.0-x86_64-1.txz: Upgraded. kde/kwallet-5.101.0-x86_64-1.txz: Upgraded. kde/kwayland-5.101.0-x86_64-1.txz: Upgraded. kde/kwidgetsaddons-5.101.0-x86_64-1.txz: Upgraded. kde/kwindowsystem-5.101.0-x86_64-1.txz: Upgraded. kde/kxmlgui-5.101.0-x86_64-1.txz: Upgraded. kde/kxmlrpcclient-5.101.0-x86_64-1.txz: Upgraded. kde/modemmanager-qt-5.101.0-x86_64-1.txz: Upgraded. kde/networkmanager-qt-5.101.0-x86_64-1.txz: Upgraded. kde/oxygen-icons5-5.101.0-noarch-1.txz: Upgraded. kde/plasma-framework-5.101.0-x86_64-1.txz: Upgraded. kde/prison-5.101.0-x86_64-1.txz: Upgraded. kde/purpose-5.101.0-x86_64-1.txz: Upgraded. kde/qqc2-desktop-style-5.101.0-x86_64-1.txz: Upgraded. kde/solid-5.101.0-x86_64-1.txz: Upgraded. kde/sonnet-5.101.0-x86_64-1.txz: Upgraded. kde/syndication-5.101.0-x86_64-1.txz: Upgraded. kde/syntax-highlighting-5.101.0-x86_64-1.txz: Upgraded. kde/threadweaver-5.101.0-x86_64-1.txz: Upgraded. x/xf86-video-vesa-2.6.0-x86_64-1.txz: Upgraded.
* Wed Dec 7 18:48:07 UTC 202220221207184807 Patrick J Volkerding2022-12-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | d/cargo-vendor-filterer-0.5.7-x86_64-1.txz: Added. Thanks to Heinz Wiesinger. d/cbindgen-0.24.3-x86_64-1.txz: Added. d/python3-3.9.16-x86_64-1.txz: Upgraded. This update fixes security issues: gh-98739: Updated bundled libexpat to 2.5.0 to fix CVE-2022-43680 (heap use-after-free). gh-98433: The IDNA codec decoder used on DNS hostnames by socket or asyncio related name resolution functions no longer involves a quadratic algorithm to fix CVE-2022-45061. This prevents a potential CPU denial of service if an out-of-spec excessive length hostname involving bidirectional characters were decoded. Some protocols such as urllib http 3xx redirects potentially allow for an attacker to supply such a name. gh-100001: python -m http.server no longer allows terminal control characters sent within a garbage request to be printed to the stderr server log. gh-87604: Avoid publishing list of active per-interpreter audit hooks via the gc module. gh-97514: On Linux the multiprocessing module returns to using filesystem backed unix domain sockets for communication with the forkserver process instead of the Linux abstract socket namespace. Only code that chooses to use the "forkserver" start method is affected. This prevents Linux CVE-2022-42919 (potential privilege escalation) as abstract sockets have no permissions and could allow any user on the system in the same network namespace (often the whole system) to inject code into the multiprocessing forkserver process. Filesystem based socket permissions restrict this to the forkserver process user as was the default in Python 3.8 and earlier. gh-98517: Port XKCP's fix for the buffer overflows in SHA-3 to fix CVE-2022-37454. gh-68966: The deprecated mailcap module now refuses to inject unsafe text (filenames, MIME types, parameters) into shell commands to address CVE-2015-20107. Instead of using such text, it will warn and act as if a match was not found (or for test commands, as if the test failed). For more information, see: https://pythoninsider.blogspot.com/2022/12/python-3111-3109-3916-3816-3716-and.html https://www.cve.org/CVERecord?id=CVE-2022-43680 https://www.cve.org/CVERecord?id=CVE-2022-45061 https://www.cve.org/CVERecord?id=CVE-2022-42919 https://www.cve.org/CVERecord?id=CVE-2022-37454 https://www.cve.org/CVERecord?id=CVE-2015-20107 (* Security fix *) d/rust-bindgen-0.63.0-x86_64-1.txz: Added. Thanks to Heinz Wiesinger. l/pcre2-10.41-x86_64-1.txz: Upgraded. n/proftpd-1.3.8-x86_64-1.txz: Upgraded. x/mesa-22.3.0-x86_64-1.txz: Upgraded. Compiled with Rusticl support. Thanks to Heinz Wiesinger. x/xdm-1.1.14-x86_64-1.txz: Upgraded.
* Mon Dec 5 02:40:12 UTC 202220221205024012 Patrick J Volkerding2022-12-0515-15/+15
| | | | | | | | | | | x/OpenCC-1.1.5-x86_64-1.txz: Upgraded. x/libXScrnSaver-1.2.4-x86_64-1.txz: Upgraded. x/libXcomposite-0.4.6-x86_64-1.txz: Upgraded. x/libXdamage-1.1.6-x86_64-1.txz: Upgraded. x/libXres-1.2.2-x86_64-1.txz: Upgraded. x/libXv-1.0.12-x86_64-1.txz: Upgraded. x/libXxf86dga-1.1.6-x86_64-1.txz: Upgraded. x/lndir-1.0.4-x86_64-1.txz: Upgraded.
* Sat Dec 3 21:07:32 UTC 202220221203210732 Patrick J Volkerding2022-12-042-2/+2
| | | | | | | | a/tcsh-6.24.04-x86_64-1.txz: Upgraded. ap/texinfo-7.0.1-x86_64-1.txz: Upgraded. l/vte-0.70.2-x86_64-1.txz: Upgraded. x/transset-1.0.3-x86_64-1.txz: Upgraded. x/xcursorgen-1.0.8-x86_64-1.txz: Upgraded.
* Mon Nov 21 20:23:13 UTC 202220221121202313 Patrick J Volkerding2022-11-223-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | a/libpwquality-1.4.5-x86_64-1.txz: Upgraded. a/pciutils-3.9.0-x86_64-1.txz: Upgraded. ap/qpdf-11.2.0-x86_64-1.txz: Upgraded. d/mercurial-6.3.1-x86_64-1.txz: Upgraded. kde/krusader-2.8.0-x86_64-1.txz: Upgraded. l/libpng-1.6.39-x86_64-1.txz: Upgraded. l/mlt-7.12.0-x86_64-1.txz: Upgraded. x/fcitx5-5.0.20-x86_64-1.txz: Upgraded. x/fcitx5-anthy-5.0.13-x86_64-1.txz: Upgraded. x/fcitx5-chinese-addons-5.0.16-x86_64-1.txz: Upgraded. x/fcitx5-gtk-5.0.20-x86_64-1.txz: Upgraded. x/fcitx5-kkc-5.0.11-x86_64-1.txz: Upgraded. x/fcitx5-m17n-5.0.11-x86_64-1.txz: Upgraded. x/fcitx5-qt-5.0.16-x86_64-1.txz: Upgraded. x/fcitx5-table-extra-5.0.12-x86_64-1.txz: Upgraded. x/fcitx5-unikey-5.0.12-x86_64-1.txz: Upgraded. x/libXdmcp-1.1.4-x86_64-1.txz: Upgraded. x/libXpm-3.5.14-x86_64-1.txz: Upgraded. x/libXrandr-1.5.3-x86_64-1.txz: Upgraded. x/libime-1.0.15-x86_64-1.txz: Upgraded. x/libinput-1.22.0-x86_64-1.txz: Upgraded. x/xcb-imdkit-1.0.4-x86_64-1.txz: Upgraded.
* Tue Nov 15 01:28:38 UTC 202220221115012838 Patrick J Volkerding2022-11-156-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/xz-5.2.8-x86_64-1.txz: Upgraded. d/mercurial-6.3.0-x86_64-1.txz: Upgraded. d/rust-1.64.0-x86_64-1.txz: Upgraded. kde/attica-5.100.0-x86_64-1.txz: Upgraded. kde/baloo-5.100.0-x86_64-1.txz: Upgraded. kde/bluez-qt-5.100.0-x86_64-1.txz: Upgraded. kde/breeze-icons-5.100.0-noarch-1.txz: Upgraded. kde/extra-cmake-modules-5.100.0-x86_64-1.txz: Upgraded. kde/frameworkintegration-5.100.0-x86_64-1.txz: Upgraded. kde/kactivities-5.100.0-x86_64-1.txz: Upgraded. kde/kactivities-stats-5.100.0-x86_64-1.txz: Upgraded. kde/kapidox-5.100.0-x86_64-1.txz: Upgraded. kde/karchive-5.100.0-x86_64-1.txz: Upgraded. kde/kauth-5.100.0-x86_64-1.txz: Upgraded. kde/kbookmarks-5.100.0-x86_64-1.txz: Upgraded. kde/kcalendarcore-5.100.0-x86_64-1.txz: Upgraded. kde/kcmutils-5.100.0-x86_64-1.txz: Upgraded. kde/kcodecs-5.100.0-x86_64-1.txz: Upgraded. kde/kcompletion-5.100.0-x86_64-1.txz: Upgraded. kde/kconfig-5.100.0-x86_64-1.txz: Upgraded. kde/kconfigwidgets-5.100.0-x86_64-1.txz: Upgraded. kde/kcontacts-5.100.0-x86_64-1.txz: Upgraded. kde/kcoreaddons-5.100.0-x86_64-1.txz: Upgraded. kde/kcrash-5.100.0-x86_64-1.txz: Upgraded. kde/kdav-5.100.0-x86_64-1.txz: Upgraded. kde/kdbusaddons-5.100.0-x86_64-1.txz: Upgraded. kde/kdeclarative-5.100.0-x86_64-1.txz: Upgraded. kde/kded-5.100.0-x86_64-1.txz: Upgraded. kde/kdelibs4support-5.100.0-x86_64-1.txz: Upgraded. kde/kdesignerplugin-5.100.0-x86_64-1.txz: Upgraded. kde/kdesu-5.100.0-x86_64-1.txz: Upgraded. kde/kdewebkit-5.100.0-x86_64-1.txz: Upgraded. kde/kdnssd-5.100.0-x86_64-1.txz: Upgraded. kde/kdoctools-5.100.0-x86_64-1.txz: Upgraded. kde/kemoticons-5.100.0-x86_64-1.txz: Upgraded. kde/kfilemetadata-5.100.0-x86_64-1.txz: Upgraded. kde/kglobalaccel-5.100.0-x86_64-1.txz: Upgraded. kde/kguiaddons-5.100.0-x86_64-1.txz: Upgraded. kde/kholidays-5.100.0-x86_64-1.txz: Upgraded. kde/khtml-5.100.0-x86_64-1.txz: Upgraded. kde/ki18n-5.100.0-x86_64-1.txz: Upgraded. kde/kiconthemes-5.100.0-x86_64-1.txz: Upgraded. kde/kidletime-5.100.0-x86_64-1.txz: Upgraded. kde/kimageformats-5.100.0-x86_64-1.txz: Upgraded. kde/kinit-5.100.0-x86_64-1.txz: Upgraded. kde/kio-5.100.0-x86_64-1.txz: Upgraded. kde/kirigami2-5.100.0-x86_64-1.txz: Upgraded. kde/kitemmodels-5.100.0-x86_64-1.txz: Upgraded. kde/kitemviews-5.100.0-x86_64-1.txz: Upgraded. kde/kjobwidgets-5.100.0-x86_64-1.txz: Upgraded. kde/kjs-5.100.0-x86_64-1.txz: Upgraded. kde/kjsembed-5.100.0-x86_64-1.txz: Upgraded. kde/kmediaplayer-5.100.0-x86_64-1.txz: Upgraded. kde/knewstuff-5.100.0-x86_64-1.txz: Upgraded. kde/knotifications-5.100.0-x86_64-1.txz: Upgraded. kde/knotifyconfig-5.100.0-x86_64-1.txz: Upgraded. kde/kpackage-5.100.0-x86_64-1.txz: Upgraded. kde/kparts-5.100.0-x86_64-1.txz: Upgraded. kde/kpeople-5.100.0-x86_64-1.txz: Upgraded. kde/kplotting-5.100.0-x86_64-1.txz: Upgraded. kde/kpty-5.100.0-x86_64-1.txz: Upgraded. kde/kquickcharts-5.100.0-x86_64-1.txz: Upgraded. kde/kross-5.100.0-x86_64-1.txz: Upgraded. kde/krunner-5.100.0-x86_64-1.txz: Upgraded. kde/kservice-5.100.0-x86_64-1.txz: Upgraded. kde/ktexteditor-5.100.0-x86_64-1.txz: Upgraded. kde/ktextwidgets-5.100.0-x86_64-1.txz: Upgraded. kde/kunitconversion-5.100.0-x86_64-1.txz: Upgraded. kde/kwallet-5.100.0-x86_64-1.txz: Upgraded. kde/kwayland-5.100.0-x86_64-1.txz: Upgraded. kde/kwidgetsaddons-5.100.0-x86_64-1.txz: Upgraded. kde/kwindowsystem-5.100.0-x86_64-1.txz: Upgraded. kde/kxmlgui-5.100.0-x86_64-1.txz: Upgraded. kde/kxmlrpcclient-5.100.0-x86_64-1.txz: Upgraded. kde/modemmanager-qt-5.100.0-x86_64-1.txz: Upgraded. kde/networkmanager-qt-5.100.0-x86_64-1.txz: Upgraded. kde/oxygen-icons5-5.100.0-noarch-1.txz: Upgraded. kde/plasma-framework-5.100.0-x86_64-1.txz: Upgraded. kde/prison-5.100.0-x86_64-1.txz: Upgraded. kde/purpose-5.100.0-x86_64-1.txz: Upgraded. kde/qqc2-desktop-style-5.100.0-x86_64-1.txz: Upgraded. kde/solid-5.100.0-x86_64-1.txz: Upgraded. kde/sonnet-5.100.0-x86_64-1.txz: Upgraded. kde/syndication-5.100.0-x86_64-1.txz: Upgraded. kde/syntax-highlighting-5.100.0-x86_64-1.txz: Upgraded. kde/threadweaver-5.100.0-x86_64-1.txz: Upgraded. l/babl-0.1.98-x86_64-1.txz: Upgraded. l/gegl-0.4.40-x86_64-1.txz: Upgraded. l/grantlee-5.3.1-x86_64-1.txz: Upgraded. l/nodejs-19.1.0-x86_64-1.txz: Upgraded. n/libqmi-1.32.2-x86_64-1.txz: Upgraded. n/mutt-2.2.9-x86_64-1.txz: Upgraded. n/nghttp2-1.51.0-x86_64-1.txz: Upgraded. x/xcompmgr-1.1.9-x86_64-1.txz: Upgraded. x/xkbevd-1.1.5-x86_64-1.txz: Upgraded. x/xkill-1.0.6-x86_64-1.txz: Upgraded. x/xlogo-1.0.6-x86_64-1.txz: Upgraded. x/xlsatoms-1.1.4-x86_64-1.txz: Upgraded. x/xlsclients-1.1.5-x86_64-1.txz: Upgraded. testing/packages/rust-1.65.0-x86_64-1.txz: Upgraded.
* Mon Oct 31 23:31:36 UTC 202220221031233136 Patrick J Volkerding2022-11-017-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/ntfs-3g-2022.10.3-x86_64-1.txz: Upgraded. ap/mpg123-1.31.0-x86_64-1.txz: Upgraded. ap/vim-9.0.0814-x86_64-1.txz: Upgraded. A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this issue. Thanks to marav for the heads-up. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-3705 (* Security fix *) d/ccache-4.7.2-x86_64-1.txz: Upgraded. d/make-4.4-x86_64-1.txz: Upgraded. d/patchelf-0.16.1-x86_64-1.txz: Upgraded. d/strace-6.0-x86_64-1.txz: Upgraded. kde/kwin-5.26.2.1-x86_64-2.txz: Rebuilt. [PATCH] x11window: revert more from 3a28c02f. Thanks to Heinz Wiesinger. [PATCH] x11: Don't force QT_NO_GLIB=1. [PATCH] x11: Don't force QT_QPA_PLATFORM=xcb. Thanks to marav. l/libedit-20221030_3.1-x86_64-1.txz: Upgraded. l/python-importlib_metadata-5.0.0-x86_64-1.txz: Upgraded. l/taglib-1.13-x86_64-1.txz: Upgraded. l/utf8proc-2.8.0-x86_64-1.txz: Upgraded. n/openvpn-2.5.8-x86_64-1.txz: Upgraded. n/socat-1.7.4.4-x86_64-1.txz: Upgraded. x/libXext-1.3.5-x86_64-1.txz: Upgraded. x/libXinerama-1.1.5-x86_64-1.txz: Upgraded. x/makedepend-1.0.7-x86_64-1.txz: Upgraded. x/rgb-1.1.0-x86_64-1.txz: Upgraded. x/sessreg-1.1.3-x86_64-1.txz: Upgraded. x/x11perf-1.6.2-x86_64-1.txz: Upgraded. x/xsetroot-1.1.3-x86_64-1.txz: Upgraded. xap/mozilla-firefox-106.0.3-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/firefox/106.0.3/releasenotes/ xap/mozilla-thunderbird-102.4.1-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/102.4.1/releasenotes/ xap/vim-gvim-9.0.0814-x86_64-1.txz: Upgraded. extra/php80/php80-8.0.25-x86_64-1.txz: Upgraded. This update fixes security issues: GD: OOB read due to insufficient input validation in imageloadfont(). Hash: buffer overflow in hash_update() on long parameter. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-31630 https://www.cve.org/CVERecord?id=CVE-2022-37454 (* Security fix *) extra/php81/php81-8.1.12-x86_64-1.txz: Upgraded. This update fixes security issues: GD: OOB read due to insufficient input validation in imageloadfont(). Hash: buffer overflow in hash_update() on long parameter. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-31630 https://www.cve.org/CVERecord?id=CVE-2022-37454 (* Security fix *)
* Sat Oct 22 18:40:34 UTC 202220221022184034 Patrick J Volkerding2022-10-232-2/+2
| | | | | | | d/parallel-20221022-noarch-1.txz: Upgraded. l/gc-8.2.2-x86_64-1.txz: Upgraded. x/libXrender-0.9.11-x86_64-1.txz: Upgraded. x/xfsinfo-1.0.7-x86_64-1.txz: Upgraded.
* Wed Oct 19 20:06:33 UTC 2022 Patrick J Volkerding2022-10-206-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/aaa_libraries-15.1-x86_64-11.txz: Rebuilt. Upgraded: libcap.so.2.66, liblzma.so.5.2.7, libpopt.so.0.0.2, libexpat.so.1.8.9, libglib-2.0.so.0.7200.4, libgmodule-2.0.so.0.7200.4, libgobject-2.0.so.0.7200.4, libgthread-2.0.so.0.7200.4, libhistory.so.8.2, libreadline.so.8.2. Added: libunistring.so.2.1.0, libunistring.so.5.0.0. Removed: libffi.so.7.1.0. a/gettext-0.21.1-x86_64-2.txz: Rebuilt. ap/lsof-4.96.4-x86_64-1.txz: Upgraded. ap/man-pages-6.01-noarch-1.txz: Upgraded. d/clisp-2.50_20220927_acb1266ee-x86_64-1.txz: Upgraded. Compiled against libunistring-1.1. d/gettext-tools-0.21.1-x86_64-2.txz: Rebuilt. Recompiled against libunistring-1.1. d/guile-3.0.8-x86_64-3.txz: Rebuilt. Recompiled against libunistring-1.1. kde/kguiaddons-5.99.0-x86_64-2.txz: Rebuilt. [PATCH] systemclipboard: Don't signal data source cancellation. Thanks to marav. l/libidn2-2.3.3-x86_64-2.txz: Rebuilt. l/libpsl-0.21.1-x86_64-5.txz: Rebuilt. Recompiled against libunistring-1.1. l/libunistring-1.1-x86_64-1.txz: Upgraded. Shared library .so-version bump. n/bind-9.18.8-x86_64-1.txz: Upgraded. n/gnutls-3.7.8-x86_64-2.txz: Rebuilt. Recompiled against libunistring-1.1. n/samba-4.17.1-x86_64-1.txz: Upgraded. This update fixes the following security issue: Bad password count not incremented atomically. For more information, see: https://bugzilla.samba.org/show_bug.cgi?id=14611 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20251 (* Security fix *) n/wget-1.21.3-x86_64-2.txz: Rebuilt. Recompiled against libunistring-1.1. x/imake-1.0.9-x86_64-1.txz: Upgraded. x/xcb-util-errors-1.0.1-x86_64-1.txz: Upgraded. x/xcb-util-image-0.4.1-x86_64-1.txz: Upgraded. x/xcb-util-keysyms-0.4.1-x86_64-1.txz: Upgraded. x/xcb-util-renderutil-0.3.10-x86_64-1.txz: Upgraded. x/xcb-util-wm-0.4.2-x86_64-1.txz: Upgraded.
* Tue Oct 18 20:29:54 UTC 202220221018202954 Patrick J Volkerding2022-10-197-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ap/vim-9.0.0790-x86_64-1.txz: Upgraded. d/ccache-4.7-x86_64-1.txz: Upgraded. d/git-2.38.1-x86_64-1.txz: Upgraded. This release fixes two security issues: * CVE-2022-39253: When relying on the `--local` clone optimization, Git dereferences symbolic links in the source repository before creating hardlinks (or copies) of the dereferenced link in the destination repository. This can lead to surprising behavior where arbitrary files are present in a repository's `$GIT_DIR` when cloning from a malicious repository. Git will no longer dereference symbolic links via the `--local` clone mechanism, and will instead refuse to clone repositories that have symbolic links present in the `$GIT_DIR/objects` directory. Additionally, the value of `protocol.file.allow` is changed to be "user" by default. * CVE-2022-39260: An overly-long command string given to `git shell` can result in overflow in `split_cmdline()`, leading to arbitrary heap writes and remote code execution when `git shell` is exposed and the directory `$HOME/git-shell-commands` exists. `git shell` is taught to refuse interactive commands that are longer than 4MiB in size. `split_cmdline()` is hardened to reject inputs larger than 2GiB. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260 (* Security fix *) kde/bluedevil-5.26.1-x86_64-1.txz: Upgraded. kde/breeze-5.26.1-x86_64-1.txz: Upgraded. kde/breeze-grub-5.26.1-x86_64-1.txz: Upgraded. kde/breeze-gtk-5.26.1-x86_64-1.txz: Upgraded. kde/drkonqi-5.26.1-x86_64-1.txz: Upgraded. kde/kactivitymanagerd-5.26.1-x86_64-1.txz: Upgraded. kde/kde-cli-tools-5.26.1-x86_64-1.txz: Upgraded. kde/kde-gtk-config-5.26.1-x86_64-1.txz: Upgraded. kde/kdecoration-5.26.1-x86_64-1.txz: Upgraded. kde/kdeplasma-addons-5.26.1-x86_64-1.txz: Upgraded. kde/kgamma5-5.26.1-x86_64-1.txz: Upgraded. kde/khotkeys-5.26.1-x86_64-1.txz: Upgraded. kde/kinfocenter-5.26.1-x86_64-1.txz: Upgraded. kde/kmenuedit-5.26.1-x86_64-1.txz: Upgraded. kde/kpipewire-5.26.1-x86_64-1.txz: Upgraded. kde/kscreen-5.26.1-x86_64-1.txz: Upgraded. kde/kscreenlocker-5.26.1-x86_64-1.txz: Upgraded. kde/ksshaskpass-5.26.1-x86_64-1.txz: Upgraded. kde/ksystemstats-5.26.1-x86_64-1.txz: Upgraded. kde/kwallet-pam-5.26.1-x86_64-1.txz: Upgraded. kde/kwayland-integration-5.26.1-x86_64-1.txz: Upgraded. kde/kwin-5.26.1-x86_64-1.txz: Upgraded. kde/kwrited-5.26.1-x86_64-1.txz: Upgraded. kde/layer-shell-qt-5.26.1-x86_64-1.txz: Upgraded. kde/libkscreen-5.26.1-x86_64-1.txz: Upgraded. kde/libksysguard-5.26.1-x86_64-1.txz: Upgraded. kde/milou-5.26.1-x86_64-1.txz: Upgraded. kde/oxygen-5.26.1-x86_64-1.txz: Upgraded. kde/oxygen-sounds-5.26.1-x86_64-1.txz: Upgraded. kde/plasma-browser-integration-5.26.1-x86_64-1.txz: Upgraded. kde/plasma-desktop-5.26.1-x86_64-1.txz: Upgraded. kde/plasma-disks-5.26.1-x86_64-1.txz: Upgraded. kde/plasma-firewall-5.26.1-x86_64-1.txz: Upgraded. kde/plasma-integration-5.26.1-x86_64-1.txz: Upgraded. kde/plasma-nm-5.26.1-x86_64-1.txz: Upgraded. kde/plasma-pa-5.26.1-x86_64-1.txz: Upgraded. kde/plasma-sdk-5.26.1-x86_64-1.txz: Upgraded. kde/plasma-systemmonitor-5.26.1-x86_64-1.txz: Upgraded. kde/plasma-vault-5.26.1-x86_64-1.txz: Upgraded. kde/plasma-workspace-5.26.1-x86_64-1.txz: Upgraded. kde/plasma-workspace-wallpapers-5.26.1-x86_64-1.txz: Upgraded. kde/polkit-kde-agent-1-5.26.1-x86_64-1.txz: Upgraded. kde/powerdevil-5.26.1-x86_64-1.txz: Upgraded. kde/qqc2-breeze-style-5.26.1-x86_64-1.txz: Upgraded. kde/sddm-kcm-5.26.1-x86_64-1.txz: Upgraded. kde/systemsettings-5.26.1-x86_64-1.txz: Upgraded. kde/xdg-desktop-portal-kde-5.26.1-x86_64-1.txz: Upgraded. l/libical-3.0.16-x86_64-1.txz: Upgraded. l/nodejs-19.0.0-x86_64-1.txz: Upgraded. n/NetworkManager-1.40.2-x86_64-1.txz: Upgraded. n/whois-5.5.14-x86_64-1.txz: Upgraded. x/libXmu-1.1.4-x86_64-1.txz: Upgraded. x/libXpresent-1.0.1-x86_64-1.txz: Upgraded. x/libpciaccess-0.17-x86_64-1.txz: Upgraded. x/libxkbfile-1.1.1-x86_64-1.txz: Upgraded. x/libxshmfence-1.3.1-x86_64-1.txz: Upgraded. x/pixman-0.42.0-x86_64-1.txz: Upgraded. x/xcb-util-cursor-0.1.4-x86_64-1.txz: Upgraded. xap/mozilla-firefox-106.0-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/106.0/releasenotes/ https://www.mozilla.org/security/advisories/mfsa2022-44/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42927 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42928 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42929 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42930 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42931 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42932 (* Security fix *) xap/vim-gvim-9.0.0790-x86_64-1.txz: Upgraded.
* Mon Oct 17 19:31:45 UTC 202220221017193145 Patrick J Volkerding2022-10-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | | l/libqalculate-4.4.0-x86_64-1.txz: Upgraded. l/netpbm-11.00.01-x86_64-1.txz: Upgraded. x/xorg-server-21.1.4-x86_64-2.txz: Rebuilt. xkb: proof GetCountedString against request length attacks. xkb: fix some possible memleaks in XkbGetKbdByName. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551 (* Security fix *) x/xorg-server-xephyr-21.1.4-x86_64-2.txz: Rebuilt. x/xorg-server-xnest-21.1.4-x86_64-2.txz: Rebuilt. x/xorg-server-xvfb-21.1.4-x86_64-2.txz: Rebuilt. x/xorg-server-xwayland-22.1.3-x86_64-2.txz: Rebuilt. xkb: proof GetCountedString against request length attacks. xkb: fix some possible memleaks in XkbGetKbdByName. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551 (* Security fix *) xap/blueman-2.3.4-x86_64-1.txz: Upgraded.
* Sat Oct 15 20:28:34 UTC 202220221015202834 Patrick J Volkerding2022-10-167-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/kernel-firmware-20221013_49fccf6-noarch-1.txz: Upgraded. a/kernel-generic-5.19.16-x86_64-1.txz: Upgraded. a/kernel-huge-5.19.16-x86_64-1.txz: Upgraded. a/kernel-modules-5.19.16-x86_64-1.txz: Upgraded. ap/man-db-2.11.0-x86_64-1.txz: Upgraded. ap/man-pages-6.00-noarch-1.txz: Upgraded. d/kernel-headers-5.19.16-x86-1.txz: Upgraded. k/kernel-source-5.19.16-noarch-1.txz: Upgraded. l/libedit-20221009_3.1-x86_64-1.txz: Upgraded. l/mozilla-nss-3.84-x86_64-1.txz: Upgraded. l/nodejs-18.11.0-x86_64-1.txz: Upgraded. l/zlib-1.2.13-x86_64-1.txz: Upgraded. Fixed a bug when getting a gzip header extra field with inflateGetHeader(). For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434 (* Security fix *) n/fetchmail-6.4.34-x86_64-1.txz: Upgraded. n/gnupg2-2.2.40-x86_64-1.txz: Upgraded. x/bdftopcf-1.1.1-x86_64-1.txz: Upgraded. x/libwacom-2.5.0-x86_64-1.txz: Upgraded. x/smproxy-1.0.7-x86_64-1.txz: Upgraded. x/viewres-1.0.7-x86_64-1.txz: Upgraded. x/xditview-1.0.6-x86_64-1.txz: Upgraded. x/xf86-input-vmmouse-13.2.0-x86_64-1.txz: Added. x/xgc-1.0.6-x86_64-1.txz: Upgraded. x/xkbprint-1.0.6-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Sat Oct 8 19:23:31 UTC 202220221008192331 Patrick J Volkerding2022-10-091-1/+1
| | | | | | | | | | | | | | | | | | | ap/inxi-3.3.22_1-noarch-1.txz: Upgraded. n/conntrack-tools-1.4.7-x86_64-1.txz: Upgraded. n/libgpg-error-1.46-x86_64-1.txz: Upgraded. n/libksba-1.6.2-x86_64-1.txz: Upgraded. Detect a possible overflow directly in the TLV parser. This patch detects possible integer overflows immmediately when creating the TI object. Reported-by: ZDI-CAN-18927, ZDI-CAN-18928, ZDI-CAN-18929 (* Security fix *) n/postfix-3.7.3-x86_64-1.txz: Upgraded. x/freeglut-3.4.0-x86_64-1.txz: Upgraded. x/fstobdf-1.0.7-x86_64-1.txz: Upgraded. xap/mozilla-firefox-105.0.3-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/firefox/105.0.3/releasenotes/
* Tue Sep 27 21:19:17 UTC 202220220927211917 Patrick J Volkerding2022-09-282-2/+2
| | | | | | | | | | | a/kernel-firmware-20220927_0958301-noarch-1.txz: Upgraded. n/pinentry-1.2.1-x86_64-2.txz: Rebuilt. Build pinentry-tty. Thanks to pek. Build pinentry-emacs. x/fcitx5-gtk-5.0.19-x86_64-1.txz: Upgraded. x/libXtst-1.2.4-x86_64-1.txz: Upgraded. x/libXxf86vm-1.1.5-x86_64-1.txz: Upgraded. x/mesa-22.2.0-x86_64-1.txz: Upgraded.
* Wed Sep 14 04:53:53 UTC 202220220914045353 Patrick J Volkerding2022-09-141-1/+1
| | | | | | | | | | | | a/btrfs-progs-5.19.1-x86_64-1.txz: Upgraded. a/file-5.43-x86_64-1.txz: Upgraded. a/kernel-firmware-20220913_f09bebf-noarch-1.txz: Upgraded. d/cmake-3.24.2-x86_64-1.txz: Upgraded. kde/krita-5.1.1-x86_64-1.txz: Upgraded. l/kdsoap-2.1.0-x86_64-1.txz: Upgraded. n/krb5-1.20-x86_64-2.txz: Rebuilt. n/samba-4.17.0-x86_64-1.txz: Upgraded. x/libXp-1.0.4-x86_64-1.txz: Upgraded.
* Sat Sep 10 18:29:38 UTC 202220220910182938 Patrick J Volkerding2022-09-111-1/+1
| | | | | | | | | | | n/ModemManager-1.18.12-x86_64-1.txz: Upgraded. n/rsync-3.2.6-x86_64-1.txz: Upgraded. x/fslsfonts-1.0.6-x86_64-1.txz: Upgraded. x/ibus-m17n-1.4.13-x86_64-1.txz: Upgraded. x/ibus-table-1.16.12-x86_64-1.txz: Upgraded. x/libXft-2.3.6-x86_64-1.txz: Upgraded. xap/libnma-1.10.2-x86_64-1.txz: Upgraded. xap/xscreensaver-6.05-x86_64-1.txz: Upgraded.
* Thu Sep 1 03:08:39 UTC 202220220901030839 Patrick J Volkerding2022-09-014-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/aaa_glibc-solibs-2.36-x86_64-3.txz: Rebuilt. a/kernel-generic-5.19.6-x86_64-1.txz: Upgraded. a/kernel-huge-5.19.6-x86_64-1.txz: Upgraded. a/kernel-modules-5.19.6-x86_64-1.txz: Upgraded. d/git-2.37.3-x86_64-1.txz: Upgraded. d/kernel-headers-5.19.6-x86-1.txz: Upgraded. d/ninja-1.11.1-x86_64-1.txz: Upgraded. k/kernel-source-5.19.6-noarch-1.txz: Upgraded. kde/krename-5.0.2-x86_64-1.txz: Upgraded. l/glibc-2.36-x86_64-3.txz: Rebuilt. Applied all post-release patches from the 2.36 branch. This fixes a security issue introduced in glibc-2.36: When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap. Thanks to marav. The patches also help with several packages failing to build from source. Thanks to nobodino. l/glibc-i18n-2.36-x86_64-3.txz: Rebuilt. l/glibc-profile-2.36-x86_64-3.txz: Rebuilt. l/libssh-0.10.1-x86_64-1.txz: Upgraded. n/curl-7.85.0-x86_64-1.txz: Upgraded. This update fixes a security issue: control code in cookie denial of service. For more information, see: https://curl.se/docs/CVE-2022-35252.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35252 (* Security fix *) x/fcitx5-gtk-5.0.18-x86_64-1.txz: Upgraded. x/fcitx5-qt-5.0.15-x86_64-1.txz: Upgraded. x/ico-1.0.6-x86_64-1.txz: Upgraded. x/libdrm-2.4.113-x86_64-1.txz: Upgraded. x/libfontenc-1.1.6-x86_64-1.txz: Upgraded. x/oclock-1.0.5-x86_64-1.txz: Upgraded. x/showfont-1.0.6-x86_64-1.txz: Upgraded. x/xmh-1.0.4-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Sat Aug 27 18:13:36 UTC 202220220827181336 Patrick J Volkerding2022-08-284-4/+4
| | | | | | | | | | | | | | | | ap/ksh93-1.0_20220825_b16c91f0-x86_64-1.txz: Upgraded. d/doxygen-1.9.5-x86_64-1.txz: Upgraded. d/python-pip-22.2.2-x86_64-1.txz: Upgraded. l/librsvg-2.54.5-x86_64-1.txz: Upgraded. l/libssh-0.10.0-x86_64-1.txz: Upgraded. n/NetworkManager-1.40.0-x86_64-1.txz: Upgraded. n/fetchmail-6.4.33-x86_64-1.txz: Upgraded. x/libFS-1.0.9-x86_64-1.txz: Upgraded. x/libXau-1.0.10-x86_64-1.txz: Upgraded. x/libXaw3d-1.6.4-x86_64-1.txz: Upgraded. x/libXfont2-2.0.6-x86_64-1.txz: Upgraded. x/libfontenc-1.1.5-x86_64-1.txz: Upgraded. xfce/xfce4-terminal-1.0.4-x86_64-1.txz: Upgraded.
* Fri Aug 26 04:02:20 UTC 202220220826040220 Patrick J Volkerding2022-08-261-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/kernel-generic-5.19.4-x86_64-1.txz: Upgraded. a/kernel-huge-5.19.4-x86_64-1.txz: Upgraded. a/kernel-modules-5.19.4-x86_64-1.txz: Upgraded. a/mcelog-189-x86_64-1.txz: Upgraded. ap/cups-filters-1.28.16-x86_64-1.txz: Upgraded. ap/vim-9.0.0270-x86_64-1.txz: Upgraded. Fixed use after free and null pointer dereference. Thanks to marav for the heads-up. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2946 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2923 (* Security fix *) d/kernel-headers-5.19.4-x86-1.txz: Upgraded. d/pahole-1.24-x86_64-1.txz: Upgraded. k/kernel-source-5.19.4-noarch-1.txz: Upgraded. l/babl-0.1.96-x86_64-1.txz: Upgraded. l/libtasn1-4.19.0-x86_64-1.txz: Upgraded. l/nodejs-18.8.0-x86_64-1.txz: Upgraded. n/gnupg2-2.2.37-x86_64-1.txz: Upgraded. n/pinentry-1.2.1-x86_64-1.txz: Upgraded. x/xisxwayland-2-x86_64-1.txz: Upgraded. xap/vim-gvim-9.0.0270-x86_64-1.txz: Upgraded. xap/xsnow-3.5.2-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Sun Aug 14 18:32:51 UTC 202220220814183251 Patrick J Volkerding2022-08-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/sysklogd-2.4.4-x86_64-1.txz: Upgraded. kde/attica-5.97.0-x86_64-1.txz: Upgraded. kde/baloo-5.97.0-x86_64-1.txz: Upgraded. kde/bluez-qt-5.97.0-x86_64-1.txz: Upgraded. kde/breeze-icons-5.97.0-noarch-1.txz: Upgraded. kde/extra-cmake-modules-5.97.0-x86_64-1.txz: Upgraded. kde/frameworkintegration-5.97.0-x86_64-1.txz: Upgraded. kde/kactivities-5.97.0-x86_64-1.txz: Upgraded. kde/kactivities-stats-5.97.0-x86_64-1.txz: Upgraded. kde/kapidox-5.97.0-x86_64-1.txz: Upgraded. kde/karchive-5.97.0-x86_64-1.txz: Upgraded. kde/kauth-5.97.0-x86_64-1.txz: Upgraded. kde/kbookmarks-5.97.0-x86_64-1.txz: Upgraded. kde/kcalendarcore-5.97.0-x86_64-1.txz: Upgraded. kde/kcmutils-5.97.0-x86_64-1.txz: Upgraded. kde/kcodecs-5.97.0-x86_64-1.txz: Upgraded. kde/kcompletion-5.97.0-x86_64-1.txz: Upgraded. kde/kconfig-5.97.0-x86_64-1.txz: Upgraded. kde/kconfigwidgets-5.97.0-x86_64-1.txz: Upgraded. kde/kcontacts-5.97.0-x86_64-1.txz: Upgraded. kde/kcoreaddons-5.97.0-x86_64-1.txz: Upgraded. kde/kcrash-5.97.0-x86_64-1.txz: Upgraded. kde/kdav-5.97.0-x86_64-1.txz: Upgraded. kde/kdbusaddons-5.97.0-x86_64-1.txz: Upgraded. kde/kdeclarative-5.97.0-x86_64-1.txz: Upgraded. kde/kded-5.97.0-x86_64-1.txz: Upgraded. kde/kdelibs4support-5.97.0-x86_64-1.txz: Upgraded. kde/kdesignerplugin-5.97.0-x86_64-1.txz: Upgraded. kde/kdesu-5.97.0-x86_64-1.txz: Upgraded. kde/kdewebkit-5.97.0-x86_64-1.txz: Upgraded. kde/kdnssd-5.97.0-x86_64-1.txz: Upgraded. kde/kdoctools-5.97.0-x86_64-1.txz: Upgraded. kde/kemoticons-5.97.0-x86_64-1.txz: Upgraded. kde/kfilemetadata-5.97.0-x86_64-1.txz: Upgraded. kde/kglobalaccel-5.97.0-x86_64-1.txz: Upgraded. kde/kguiaddons-5.97.0-x86_64-1.txz: Upgraded. kde/kholidays-5.97.0-x86_64-1.txz: Upgraded. kde/khtml-5.97.0-x86_64-1.txz: Upgraded. kde/ki18n-5.97.0-x86_64-1.txz: Upgraded. kde/kiconthemes-5.97.0-x86_64-1.txz: Upgraded. kde/kidletime-5.97.0-x86_64-1.txz: Upgraded. kde/kimageformats-5.97.0-x86_64-1.txz: Upgraded. kde/kinit-5.97.0-x86_64-1.txz: Upgraded. kde/kio-5.97.0-x86_64-1.txz: Upgraded. kde/kirigami2-5.97.0-x86_64-1.txz: Upgraded. kde/kitemmodels-5.97.0-x86_64-1.txz: Upgraded. kde/kitemviews-5.97.0-x86_64-1.txz: Upgraded. kde/kjobwidgets-5.97.0-x86_64-1.txz: Upgraded. kde/kjs-5.97.0-x86_64-1.txz: Upgraded. kde/kjsembed-5.97.0-x86_64-1.txz: Upgraded. kde/kmediaplayer-5.97.0-x86_64-1.txz: Upgraded. kde/knewstuff-5.97.0-x86_64-1.txz: Upgraded. kde/knotifications-5.97.0-x86_64-1.txz: Upgraded. kde/knotifyconfig-5.97.0-x86_64-1.txz: Upgraded. kde/kpackage-5.97.0-x86_64-1.txz: Upgraded. kde/kparts-5.97.0-x86_64-1.txz: Upgraded. kde/kpeople-5.97.0-x86_64-1.txz: Upgraded. kde/kplotting-5.97.0-x86_64-1.txz: Upgraded. kde/kpty-5.97.0-x86_64-1.txz: Upgraded. kde/kquickcharts-5.97.0-x86_64-1.txz: Upgraded. kde/kross-5.97.0-x86_64-1.txz: Upgraded. kde/krunner-5.97.0-x86_64-1.txz: Upgraded. kde/kservice-5.97.0-x86_64-1.txz: Upgraded. kde/ktexteditor-5.97.0-x86_64-1.txz: Upgraded. kde/ktextwidgets-5.97.0-x86_64-1.txz: Upgraded. kde/kunitconversion-5.97.0-x86_64-1.txz: Upgraded. kde/kwallet-5.97.0-x86_64-1.txz: Upgraded. kde/kwayland-5.97.0-x86_64-1.txz: Upgraded. kde/kwidgetsaddons-5.97.0-x86_64-1.txz: Upgraded. kde/kwindowsystem-5.97.0-x86_64-1.txz: Upgraded. kde/kxmlgui-5.97.0-x86_64-1.txz: Upgraded. kde/kxmlrpcclient-5.97.0-x86_64-1.txz: Upgraded. kde/modemmanager-qt-5.97.0-x86_64-1.txz: Upgraded. kde/networkmanager-qt-5.97.0-x86_64-1.txz: Upgraded. kde/oxygen-icons5-5.97.0-noarch-1.txz: Upgraded. kde/plasma-framework-5.97.0-x86_64-1.txz: Upgraded. kde/prison-5.97.0-x86_64-1.txz: Upgraded. kde/purpose-5.97.0-x86_64-1.txz: Upgraded. kde/qqc2-desktop-style-5.97.0-x86_64-1.txz: Upgraded. kde/solid-5.97.0-x86_64-1.txz: Upgraded. kde/sonnet-5.97.0-x86_64-1.txz: Upgraded. kde/syndication-5.97.0-x86_64-1.txz: Upgraded. kde/syntax-highlighting-5.97.0-x86_64-1.txz: Upgraded. kde/threadweaver-5.97.0-x86_64-1.txz: Upgraded. x/xf86-video-mach64-6.9.7-x86_64-1.txz: Added. x/xf86-video-mga-2.0.1-x86_64-1.txz: Added. x/xf86-video-r128-20220127_7b0941d-x86_64-1.txz: Added.
* Tue Aug 9 19:25:22 UTC 202220220809192522 Patrick J Volkerding2022-08-101-1/+1
| | | | | | | | | | | | | a/mcelog-187-x86_64-1.txz: Upgraded. l/zlib-1.2.12-x86_64-2.txz: Rebuilt. Applied an upstream patch to restore the handling of CRC inputs to be the same as in previous releases of zlib. This fixes an issue with OpenJDK. Thanks to alienBOB. x/xf86-input-wacom-1.1.0-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-102.1.2-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/102.1.2/releasenotes/