From ba4a3a137963e8f2dd63d2c594cbbfd099a2bc47 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Wed, 6 Jan 2021 22:59:38 +0000 Subject: Wed Jan 6 22:59:38 UTC 2021 a/kernel-generic-5.10.5-x86_64-1.txz: Upgraded. a/kernel-huge-5.10.5-x86_64-1.txz: Upgraded. a/kernel-modules-5.10.5-x86_64-1.txz: Upgraded. d/kernel-headers-5.10.5-x86-1.txz: Upgraded. d/meson-0.56.1-x86_64-1.txz: Upgraded. k/kernel-source-5.10.5-noarch-1.txz: Upgraded. We'll turn off the silent stream feature as there's a known deadlock bug that remains in 5.10.5. Perhaps we'll restore it once that's patched... but we made it this far without the feature so I'll probably wait for a case to be made for it. Thanks to Petri Kaukasoina. Also build the intelfb module. This doesn't have anything to do with the lockups occurring on Intel systems, but we might as well provide the module. It remains blacklisted by default. FB_INTEL n -> m SND_HDA_INTEL_HDMI_SILENT_STREAM y -> n +FB_INTEL_DEBUG n +FB_INTEL_I2C y l/imagemagick-7.0.10_56-x86_64-1.txz: Upgraded. x/ibus-table-1.12.3-x86_64-1.txz: Upgraded. xap/mozilla-firefox-78.6.1esr-x86_64-1.txz: Upgraded. This release contains a security fix: A malicious peer could have modified a COOKIE-ECHO chunk in a SCTP packet in a way that potentially resulted in a use-after-free. We presume that with enough effort it could have been exploited to run arbitrary code. For more information, see: https://www.mozilla.org/en-US/firefox/78.6.1/releasenotes/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16044 (* Security fix *) isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. --- ChangeLog.txt | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) (limited to 'ChangeLog.txt') diff --git a/ChangeLog.txt b/ChangeLog.txt index bede171fe..8b021cd7f 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,36 @@ +Wed Jan 6 22:59:38 UTC 2021 +a/kernel-generic-5.10.5-x86_64-1.txz: Upgraded. +a/kernel-huge-5.10.5-x86_64-1.txz: Upgraded. +a/kernel-modules-5.10.5-x86_64-1.txz: Upgraded. +d/kernel-headers-5.10.5-x86-1.txz: Upgraded. +d/meson-0.56.1-x86_64-1.txz: Upgraded. +k/kernel-source-5.10.5-noarch-1.txz: Upgraded. + We'll turn off the silent stream feature as there's a known deadlock bug that + remains in 5.10.5. Perhaps we'll restore it once that's patched... but we + made it this far without the feature so I'll probably wait for a case to be + made for it. Thanks to Petri Kaukasoina. + Also build the intelfb module. This doesn't have anything to do with the + lockups occurring on Intel systems, but we might as well provide the module. + It remains blacklisted by default. + FB_INTEL n -> m + SND_HDA_INTEL_HDMI_SILENT_STREAM y -> n + +FB_INTEL_DEBUG n + +FB_INTEL_I2C y +l/imagemagick-7.0.10_56-x86_64-1.txz: Upgraded. +x/ibus-table-1.12.3-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-78.6.1esr-x86_64-1.txz: Upgraded. + This release contains a security fix: + A malicious peer could have modified a COOKIE-ECHO chunk in a SCTP packet + in a way that potentially resulted in a use-after-free. We presume that with + enough effort it could have been exploited to run arbitrary code. + For more information, see: + https://www.mozilla.org/en-US/firefox/78.6.1/releasenotes/ + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16044 + (* Security fix *) +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ Tue Jan 5 22:42:46 UTC 2021 a/lzlib-1.12-x86_64-1.txz: Upgraded. ap/qpdf-10.1.0-x86_64-1.txz: Upgraded. -- cgit v1.2.3