From 8b19227b588fcfdd6e0e799637336f5e0c2bb3ad Mon Sep 17 00:00:00 2001
From: Patrick J Volkerding <volkerdi@slackware.com>
Date: Thu, 16 May 2024 02:31:40 +0000
Subject: Thu May 16 02:31:40 UTC 2024

a/bcachefs-tools-1.7.0-x86_64-1.txz:  Added.
a/kernel-generic-6.9.0-x86_64-2.txz:  Upgraded.
a/kernel-huge-6.9.0-x86_64-2.txz:  Upgraded.
a/kernel-modules-6.9.0-x86_64-2.txz:  Upgraded.
d/git-2.45.1-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
   Recursive clones on case-insensitive filesystems that support symbolic
   links are susceptible to case confusion that can be exploited to
   execute just-cloned code during the clone operation.
   Repositories can be configured to execute arbitrary code during local
   clones. To address this, the ownership checks introduced in v2.30.3
   are now extended to cover cloning local repositories.
   Local clones may end up hardlinking files into the target repository's
   object database when source and target repository reside on the same
   disk. If the source repository is owned by a different user, then
   those hardlinked files may be rewritten at any point in time by the
   untrusted user.
   When cloning a local source repository that contains symlinks via the
   filesystem, Git may create hardlinks to arbitrary user-readable files
   on the same filesystem as the target repository in the objects/
   directory.
   It is supposed to be safe to clone untrusted repositories, even those
   unpacked from zip archives or tarballs originating from untrusted
   sources, but Git can be tricked to run arbitrary code as part of the
   clone.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-32002
    https://www.cve.org/CVERecord?id=CVE-2024-32004
    https://www.cve.org/CVERecord?id=CVE-2024-32020
    https://www.cve.org/CVERecord?id=CVE-2024-32021
    https://www.cve.org/CVERecord?id=CVE-2024-32465
  (* Security fix *)
d/kernel-headers-6.9.0-x86-2.txz:  Upgraded.
d/strace-6.9-x86_64-1.txz:  Upgraded.
k/kernel-source-6.9.0-noarch-2.txz:  Upgraded.
  BCACHEFS_FS m -> y
  CRYPTO_CHACHA20 m -> y
  CRYPTO_LIB_CHACHA_GENERIC m -> y
  CRYPTO_LIB_POLY1305_GENERIC m -> y
  CRYPTO_POLY1305 m -> y
  MITIGATION_GDS_FORCE y -> n
kde/wcslib-8.3-x86_64-1.txz:  Upgraded.
l/gdk-pixbuf2-2.42.12-x86_64-1.txz:  Upgraded.
  ani: Reject files with multiple INA or IART chunks.
  ani: Reject files with multiple anih chunks.
  ani: validate chunk size.
  Thanks to 0xvhp, pedrib, and Benjamin Gilbert.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-48622
  (* Security fix *)
l/gtk+3-3.24.42-x86_64-1.txz:  Upgraded.
n/bind-9.18.27-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
n/popa3d-1.0.3-x86_64-8.txz:  Rebuilt.
  This is a bugfix release:
  Build with AUTH_PAM, not AUTH_SHADOW.
  Thanks to jayjwa.
x/xorg-server-xwayland-23.2.7-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
---
 source/k/build-all-kernels.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source/k/build-all-kernels.sh')

diff --git a/source/k/build-all-kernels.sh b/source/k/build-all-kernels.sh
index e4b907bae..91ecb9983 100755
--- a/source/k/build-all-kernels.sh
+++ b/source/k/build-all-kernels.sh
@@ -27,7 +27,7 @@
 
 cd $(dirname $0) ; CWD=$(pwd)
 
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 if [ -z "$VERSION" ]; then
   # Get the filename of the newest kernel tarball:
   KERNEL_SOURCE_FILE="$(/bin/ls -t linux-*.tar.?z | head -n 1 )"
-- 
cgit v1.2.3-80-g2a13