1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
2476
2477
2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
2529
2530
2531
2532
2533
2534
2535
2536
2537
2538
2539
2540
2541
2542
2543
2544
2545
2546
2547
2548
2549
2550
2551
2552
2553
2554
2555
2556
2557
2558
2559
2560
2561
2562
2563
2564
2565
2566
2567
2568
2569
2570
2571
2572
2573
2574
2575
2576
2577
2578
2579
2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
2621
2622
2623
2624
2625
2626
2627
2628
2629
2630
2631
2632
2633
2634
2635
2636
2637
2638
2639
2640
2641
2642
2643
2644
2645
2646
2647
2648
2649
2650
2651
2652
2653
2654
2655
2656
2657
2658
2659
2660
2661
2662
2663
2664
2665
2666
2667
2668
2669
2670
2671
2672
2673
2674
2675
2676
2677
2678
2679
2680
2681
2682
2683
2684
2685
2686
2687
2688
2689
2690
2691
2692
2693
2694
2695
2696
2697
2698
2699
2700
2701
2702
2703
2704
2705
2706
2707
2708
2709
2710
2711
2712
2713
2714
2715
2716
2717
2718
2719
2720
2721
2722
2723
2724
2725
2726
2727
2728
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
2750
2751
2752
2753
2754
2755
2756
2757
2758
2759
2760
2761
2762
2763
2764
2765
2766
2767
2768
2769
2770
2771
2772
2773
2774
2775
2776
2777
2778
2779
2780
2781
2782
2783
2784
2785
2786
2787
2788
2789
2790
2791
2792
2793
2794
2795
2796
2797
2798
2799
2800
2801
2802
2803
2804
2805
2806
2807
2808
2809
2810
2811
2812
2813
2814
2815
2816
2817
2818
2819
2820
2821
2822
2823
2824
2825
2826
2827
2828
2829
2830
2831
2832
2833
2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860
2861
2862
2863
2864
2865
2866
2867
2868
2869
2870
2871
2872
2873
2874
2875
2876
2877
2878
2879
2880
2881
2882
2883
2884
2885
2886
2887
2888
2889
2890
2891
2892
2893
2894
2895
2896
2897
2898
2899
2900
2901
2902
2903
2904
2905
2906
2907
2908
2909
2910
2911
2912
2913
2914
2915
2916
2917
2918
2919
2920
2921
2922
2923
2924
2925
2926
2927
2928
2929
2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
2940
2941
2942
2943
2944
2945
2946
2947
2948
2949
2950
2951
2952
2953
2954
2955
2956
2957
2958
2959
2960
2961
2962
2963
2964
2965
2966
2967
2968
2969
2970
2971
2972
2973
2974
2975
2976
|
Fri Jul 14 22:11:58 UTC 2017
ap/mariadb-10.0.31-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3308
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3309
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3453
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3456
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3464
(* Security fix *)
l/gst-plugins-base-1.12.2-x86_64-1.txz: Upgraded.
l/gst-plugins-good-1.12.2-x86_64-1.txz: Upgraded.
l/gst-plugins-libav-1.12.2-x86_64-1.txz: Upgraded.
l/gstreamer-1.12.2-x86_64-1.txz: Upgraded.
l/libjpeg-turbo-1.5.2-x86_64-1.txz: Upgraded.
n/samba-4.6.6-x86_64-1.txz: Upgraded.
This update fixes an authentication validation bypass security issue:
"Orpheus' Lyre mutual authentication validation bypass"
All versions of Samba from 4.0.0 onwards using embedded Heimdal
Kerberos are vulnerable to a man-in-the-middle attack impersonating
a trusted server, who may gain elevated access to the domain by
returning malicious replication or authorization data.
Samba binaries built against MIT Kerberos are not vulnerable.
For more information, see:
https://www.samba.org/samba/security/CVE-2017-11103.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11103
(* Security fix *)
x/mesa-17.1.5-x86_64-1.txz: Upgraded.
+--------------------------+
Thu Jul 13 19:24:36 UTC 2017
a/mkinitrd-1.4.11-x86_64-2.txz: Rebuilt.
Process initrd output filename template strings %KVER% and %SLACKVER%
after processing all other options to prevent depending on the command
line order for proper functioning. Thanks to SeB.
n/httpd-2.4.27-x86_64-1.txz: Upgraded.
This update fixes two security issues:
Read after free in mod_http2 (CVE-2017-9789)
Uninitialized memory reflection in mod_auth_digest (CVE-2017-9788)
Thanks to Robert Swiecki for reporting these issues.
For more information, see:
https://httpd.apache.org/security/vulnerabilities_24.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9789
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788
(* Security fix *)
+--------------------------+
Wed Jul 12 23:11:53 UTC 2017
a/kernel-generic-4.9.37-x86_64-1.txz: Upgraded.
a/kernel-huge-4.9.37-x86_64-1.txz: Upgraded.
a/kernel-modules-4.9.37-x86_64-1.txz: Upgraded.
a/mkinitrd-1.4.11-x86_64-1.txz: Upgraded.
Added support for including template strings %KVER% (kernel version) and
%SLACKVER% (Slackware version) in the output filename. Thanks to SeB.
a/pciutils-3.5.5-x86_64-1.txz: Upgraded.
ap/cgmanager-0.41-x86_64-2.txz: Rebuilt.
Fixed duplicate init scripts.
ap/mpg123-1.25.2-x86_64-1.txz: Upgraded.
ap/screen-4.6.1-x86_64-1.txz: Upgraded.
d/kernel-headers-4.9.37-x86-1.txz: Upgraded.
d/strace-4.18-x86_64-1.txz: Upgraded.
k/kernel-source-4.9.37-noarch-1.txz: Upgraded.
l/libarchive-3.3.2-x86_64-1.txz: Upgraded.
n/crda-3.18-x86_64-4.txz: Rebuilt.
Rebuilt using wireless-regdb-2017.03.07. Thanks to Robby Workman.
n/iproute2-4.12.0-x86_64-1.txz: Upgraded.
extra/bash-completion/bash-completion-2.7-noarch-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Mon Jul 10 21:43:37 UTC 2017
a/dbus-1.10.20-x86_64-1.txz: Upgraded.
a/lvm2-2.02.172-x86_64-1.txz: Upgraded.
ap/diffstat-1.61-x86_64-1.txz: Upgraded.
ap/hplip-3.17.6-x86_64-1.txz: Upgraded.
ap/sysstat-11.4.4-x86_64-1.txz: Upgraded.
d/git-2.13.2-x86_64-1.txz: Upgraded.
d/help2man-1.46.6-x86_64-1.txz: Upgraded.
d/strace-4.17-x86_64-1.txz: Upgraded.
l/hunspell-1.6.1-x86_64-1.txz: Upgraded.
l/libtiff-4.0.8-x86_64-1.txz: Upgraded.
n/libqmi-1.18.0-x86_64-1.txz: Upgraded.
n/libtirpc-1.0.1-x86_64-3.txz: Rebuilt.
Patched a bug which can cause a denial of service through memory exhaustion.
Thanks to Robby Workman.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8779
(* Security fix *)
n/rpcbind-0.2.4-x86_64-1.txz: Upgraded.
Patched a bug which can cause a denial of service through memory exhaustion.
Thanks to Robby Workman.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8779
(* Security fix *)
+--------------------------+
Sun Jul 9 20:38:08 UTC 2017
a/lilo-24.2-x86_64-5.txz: Rebuilt.
liloconfig: support /dev/vda in QEMU. Thanks to Robby Workman.
a/logrotate-3.12.2-x86_64-1.txz: Upgraded.
Thanks to Robby Workman.
a/sysvinit-scripts-2.0-noarch-37.txz: Rebuilt.
rc.cpufreq: document "schedutil" CPU scaling governor.
Thanks to Paul Blazejowski.
l/cairomm-1.12.2-x86_64-1.txz: Upgraded.
l/fuse-2.9.7-x86_64-1.txz: Upgraded.
l/gmm-4.3-noarch-1.txz: Upgraded.
l/gmp-6.1.2-x86_64-1.txz: Upgraded.
l/gnu-efi-3.0.6-x86_64-1.txz: Upgraded.
l/libaio-0.3.110-x86_64-1.txz: Upgraded.
l/libao-1.2.2-x86_64-1.txz: Upgraded.
l/libcap-ng-0.7.8-x86_64-1.txz: Upgraded.
l/libmowgli-1.0.0-x86_64-1.txz: Upgraded.
l/libnl3-3.3.0-x86_64-1.txz: Upgraded.
l/libyaml-0.1.7-x86_64-1.txz: Upgraded.
l/lzo-2.10-x86_64-1.txz: Upgraded.
l/shared-mime-info-1.8-x86_64-1.txz: Upgraded.
n/ethtool-4.11-x86_64-1.txz: Upgraded.
n/iproute2-4.11.0-x86_64-1.txz: Upgraded.
n/ipset-6.32-x86_64-1.txz: Upgraded.
n/irssi-1.0.4-x86_64-1.txz: Upgraded.
This release fixes two remote crash issues as well as a few bugs.
For more information, see:
https://irssi.org/security/irssi_sa_2017_07.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10965
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10966
(* Security fix *)
n/libmnl-1.0.4-x86_64-1.txz: Upgraded.
n/mtr-0.92-x86_64-1.txz: Upgraded.
n/nfs-utils-1.3.4-x86_64-1.txz: Upgraded.
x/motif-2.3.7-x86_64-2.txz: Rebuilt.
x/xterm-330-x86_64-1.txz: Upgraded.
xfce/Thunar-1.6.12-x86_64-1.txz: Upgraded.
+--------------------------+
Sat Jul 8 00:11:34 UTC 2017
a/aaa_elflibs-14.2-x86_64-30.txz: Rebuilt.
Added libidn2.so.0.
a/gettext-0.19.8.1-x86_64-4.txz: Rebuilt.
ap/cgmanager-0.41-x86_64-1.txz: Upgraded.
Maybe we don't really need this, but it likely doesn't hurt.
ap/ghostscript-9.21-x86_64-1.txz: Upgraded.
ap/gutenprint-5.2.12-x86_64-2.txz: Rebuilt.
Linked against libidn2-2.0.2 and libunistring-0.9.7.
ap/lxc-2.0.8-x86_64-3.txz: Rebuilt.
Linked against libidn2-2.0.2 and libunistring-0.9.7.
ap/texinfo-6.4-x86_64-1.txz: Upgraded.
d/gettext-tools-0.19.8.1-x86_64-4.txz: Rebuilt.
Linked against libunistring-0.9.7.
d/guile-2.0.14-x86_64-2.txz: Rebuilt.
Linked against libunistring-0.9.7.
d/mercurial-4.2.2-x86_64-1.txz: Upgraded.
l/fftw-3.3.6_pl2-x86_64-1.txz: Upgraded.
l/gc-7.4.4-x86_64-1.txz: Upgraded.
l/gcr-3.20.0-x86_64-1.txz: Upgraded.
l/glib-networking-2.50.0-x86_64-2.txz: Rebuilt.
Linked against libidn2-2.0.2 and libunistring-0.9.7.
l/gnome-keyring-3.20.1-x86_64-1.txz: Upgraded.
l/gtk+2-2.24.31-x86_64-2.txz: Rebuilt.
Linked against libidn2-2.0.2 and libunistring-0.9.7.
l/gtk+3-3.22.16-x86_64-2.txz: Rebuilt.
Linked against libidn2-2.0.2 and libunistring-0.9.7.
l/libidn2-2.0.2-x86_64-1.txz: Added.
l/libunistring-0.9.7-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libvncserver-0.9.11-x86_64-2.txz: Rebuilt.
Linked against libidn2-2.0.2 and libunistring-0.9.7.
l/pcre-8.41-x86_64-1.txz: Upgraded.
l/vte-0.44.3-x86_64-2.txz: Rebuilt.
Linked against libidn2-2.0.2 and libunistring-0.9.7.
n/NetworkManager-1.8.2-x86_64-1.txz: Upgraded.
n/ca-certificates-20161130-noarch-1.txz: Upgraded.
n/curl-7.54.1-x86_64-1.txz: Upgraded.
n/dhcp-4.3.5-x86_64-1.txz: Upgraded.
n/dnsmasq-2.77-x86_64-1.txz: Upgraded.
Linked against libidn2-2.0.2 and libunistring-0.9.7.
n/gnutls-3.5.14-x86_64-1.txz: Upgraded.
Linked against libidn2-2.0.2 and libunistring-0.9.7.
n/lftp-4.7.7-x86_64-1.txz: Upgraded.
n/php-5.6.31-x86_64-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
https://php.net/ChangeLog-5.php#5.6.31
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9224
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9226
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9227
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9228
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9229
(* Security fix *)
n/wget-1.19.1-x86_64-2.txz: Rebuilt.
Linked against libidn2-2.0.2 and libunistring-0.9.7.
n/whois-5.2.16-x86_64-1.txz: Upgraded.
Linked against libidn2-2.0.2 and libunistring-0.9.7.
x/fontconfig-2.12.4-x86_64-1.txz: Upgraded.
x/libinput-1.8.0-x86_64-1.txz: Upgraded.
extra/tigervnc/tigervnc-1.8.0-x86_64-2.txz: Rebuilt.
Linked against libidn2-2.0.2 and libunistring-0.9.7.
+--------------------------+
Thu Jul 6 00:38:21 UTC 2017
a/kernel-generic-4.9.36-x86_64-1.txz: Upgraded.
a/kernel-huge-4.9.36-x86_64-1.txz: Upgraded.
a/kernel-modules-4.9.36-x86_64-1.txz: Upgraded.
d/kernel-headers-4.9.36-x86-1.txz: Upgraded.
k/kernel-source-4.9.36-noarch-1.txz: Upgraded.
xap/xscreensaver-5.37-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Mon Jul 3 23:09:19 UTC 2017
a/grep-3.1-x86_64-1.txz: Upgraded.
ap/acct-6.6.4-x86_64-1.txz: Upgraded.
ap/cups-2.2.4-x86_64-1.txz: Upgraded.
ap/cups-filters-1.14.1-x86_64-1.txz: Upgraded.
ap/gphoto2-2.5.14-x86_64-1.txz: Upgraded.
ap/tmux-2.5-x86_64-1.txz: Upgraded.
l/apr-1.6.2-x86_64-1.txz: Upgraded.
l/apr-util-1.6.0-x86_64-1.txz: Upgraded.
l/libgphoto2-2.5.14-x86_64-1.txz: Upgraded.
l/libpng-1.6.30-x86_64-1.txz: Upgraded.
l/sound-theme-freedesktop-0.8-noarch-1.txz: Upgraded.
x/mesa-17.1.4-x86_64-1.txz: Upgraded.
+--------------------------+
Fri Jun 30 21:14:15 UTC 2017
a/glibc-solibs-2.25-x86_64-3.txz: Rebuilt.
(* Security fix *)
a/kernel-generic-4.9.35-x86_64-1.txz: Upgraded.
(* Security fix *)
a/kernel-huge-4.9.35-x86_64-1.txz: Upgraded.
(* Security fix *)
a/kernel-modules-4.9.35-x86_64-1.txz: Upgraded.
d/kernel-headers-4.9.35-x86-1.txz: Upgraded.
k/kernel-source-4.9.35-noarch-1.txz: Upgraded.
This kernel fixes security issues that include possible stack exhaustion,
memory corruption, and arbitrary code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7482
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000365
(* Security fix *)
l/glibc-2.25-x86_64-3.txz: Rebuilt.
Applied upstream security hardening patches from git.
For more information, see:
https://sourceware.org/git/?p=glibc.git;a=commit;h=3c7cd21290cabdadd72984fb69bc51e64ff1002d
https://sourceware.org/git/?p=glibc.git;a=commit;h=46703a3995aa3ca2b816814aa4ad05ed524194dd
https://sourceware.org/git/?p=glibc.git;a=commit;h=c69d4a0f680a24fdbe323764a50382ad324041e9
https://sourceware.org/git/?p=glibc.git;a=commit;h=3776f38fcd267c127ba5eb222e2c614c191744aa
https://sourceware.org/git/?p=glibc.git;a=commit;h=adc7e06fb412a2a1ee52f8cb788caf436335b9f3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000366
(* Security fix *)
l/glibc-i18n-2.25-x86_64-3.txz: Rebuilt.
l/glibc-profile-2.25-x86_64-3.txz: Rebuilt.
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Thu Jun 29 20:55:09 UTC 2017
a/mkinitrd-1.4.10-x86_64-1.txz: Upgraded.
Added support for -P option and MICROCODE_ARCH in mkinitrd.conf to specify
a microcode archive to be prepended to the initrd for early CPU microcode
patching by the kernel. Thanks to SeB.
ap/nano-2.8.5-x86_64-1.txz: Upgraded.
ap/screen-4.6.0-x86_64-1.txz: Upgraded.
d/llvm-4.0.1-x86_64-1.txz: Upgraded.
l/pcre-8.40-x86_64-1.txz: Upgraded.
l/readline-7.0.003-x86_64-1.txz: Upgraded.
n/bind-9.11.1_P2-x86_64-1.txz: Upgraded.
This update fixes a high severity security issue:
An error in TSIG handling could permit unauthorized zone transfers
or zone updates.
For more information, see:
https://kb.isc.org/article/AA-01503/0
https://kb.isc.org/article/AA-01504/0
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3142
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3143
(* Security fix *)
n/httpd-2.4.26-x86_64-1.txz: Upgraded.
This update fixes security issues which may lead to an authentication bypass
or a denial of service:
important: ap_get_basic_auth_pw() Authentication Bypass CVE-2017-3167
important: mod_ssl Null Pointer Dereference CVE-2017-3169
important: mod_http2 Null Pointer Dereference CVE-2017-7659
important: ap_find_token() Buffer Overread CVE-2017-7668
important: mod_mime Buffer Overread CVE-2017-7679
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7659
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
(* Security fix *)
n/libgcrypt-1.7.8-x86_64-1.txz: Upgraded.
Mitigate a local flush+reload side-channel attack on RSA secret keys
dubbed "Sliding right into disaster".
For more information, see:
https://eprint.iacr.org/2017/627
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7526
(* Security fix *)
xfce/xfdesktop-4.12.4-x86_64-1.txz: Upgraded.
+--------------------------+
Mon Jun 26 20:36:18 UTC 2017
a/kernel-firmware-20170626git-noarch-1.txz: Upgraded.
a/kernel-generic-4.9.34-x86_64-1.txz: Upgraded.
"Stack Clash" fixes -- see below.
(* Security fix *)
a/kernel-huge-4.9.34-x86_64-1.txz: Upgraded.
"Stack Clash" fixes -- see below.
(* Security fix *)
a/kernel-modules-4.9.34-x86_64-1.txz: Upgraded.
a/lrzip-0.631-x86_64-1.txz: Upgraded.
a/lvm2-2.02.171-x86_64-1.txz: Upgraded.
a/time-1.7.2-x86_64-1.txz: Upgraded.
a/util-linux-2.30-x86_64-2.txz: Rebuilt.
Reverted an agetty commit that breaks backspacing over the first character
entered at the login prompt. Thanks to GazL.
ap/mpg123-1.25.0-x86_64-1.txz: Upgraded.
d/kernel-headers-4.9.34-x86-1.txz: Upgraded.
k/kernel-source-4.9.34-noarch-1.txz: Upgraded.
This kernel fixes two "Stack Clash" vulnerabilities reported by Qualys.
The first issue may allow attackers to execute arbitrary code with elevated
privileges. Failed attack attempts will likely result in denial-of-service
conditions. The second issue can be exploited to bypass certain security
restrictions and perform unauthorized actions.
For more information, see:
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000364
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000365
(* Security fix *)
l/glib2-2.52.3-x86_64-1.txz: Upgraded.
l/glibmm-2.52.0-x86_64-1.txz: Upgraded.
l/gtkmm3-3.22.1-x86_64-1.txz: Upgraded.
xap/gkrellm-2.3.10-x86_64-2.txz: Rebuilt.
Upgraded to gkrellm-countdown-0.1.1. Thanks to jmccue.
xap/mozilla-thunderbird-52.2.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Fri Jun 23 20:11:00 UTC 2017
a/dosfstools-4.1-x86_64-1.txz: Upgraded.
Thanks to Robby Workman.
a/file-5.31-x86_64-1.txz: Upgraded.
a/os-prober-1.75-x86_64-1.txz: Upgraded.
a/xfsprogs-4.11.0-x86_64-1.txz: Upgraded.
ap/at-3.1.20-x86_64-1.txz: Upgraded.
ap/diffutils-3.6-x86_64-1.txz: Upgraded.
d/automake-1.15.1-noarch-1.txz: Upgraded.
d/nasm-2.13.01-x86_64-1.txz: Upgraded.
l/gst-plugins-base-1.12.1-x86_64-1.txz: Upgraded.
l/gst-plugins-good-1.12.1-x86_64-1.txz: Upgraded.
l/gst-plugins-libav-1.12.1-x86_64-1.txz: Upgraded.
l/gstreamer-1.12.1-x86_64-1.txz: Upgraded.
l/gtk+3-3.22.16-x86_64-1.txz: Upgraded.
l/gtkmm2-2.24.5-x86_64-1.txz: Upgraded.
l/poppler-0.56.0-x86_64-1.txz: Upgraded.
+--------------------------+
Wed Jun 21 18:38:46 UTC 2017
ap/lxc-2.0.8-x86_64-2.txz: Rebuilt.
rc.lxc: Don't use screen for container startup. Thanks to franzen.
d/libtool-2.4.6-x86_64-5.txz: Rebuilt.
Recompiled to fix wrong embedded GCC version number.
Thanks to B Watson.
n/gnupg2-2.1.21-x86_64-2.txz: Rebuilt.
If the machine does not have smart card devices, do not issue a warning about
a missing smart card. Thanks to Willy Sudiarto Raharjo.
n/openvpn-2.4.3-x86_64-1.txz: Upgraded.
This update fixes several denial of service issues discovered
by Guido Vranken.
For more information, see:
https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7508
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7520
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7521
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7512
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7522
(* Security fix *)
xap/gnuplot-5.0.6-x86_64-1.txz: Upgraded.
+--------------------------+
Wed Jun 21 01:12:42 UTC 2017
kde/calligra-2.9.11-x86_64-11.txz: Rebuilt.
Recompiled against gsl-2.4.
kde/step-4.14.3-x86_64-5.txz: Rebuilt.
Recompiled against gsl-2.4.
l/gsl-2.4-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
+--------------------------+
Tue Jun 20 05:08:21 UTC 2017
a/udisks2-2.6.5-x86_64-1.txz: Upgraded.
Thanks to Robby Workman.
ap/linuxdoc-tools-0.9.72-x86_64-3.txz: Rebuilt.
Removed .la files. Thanks to Stuart Winter.
ap/lxc-2.0.8-x86_64-1.txz: Upgraded.
Added additional default container packages: cyrus-sasl, db48, gnutls,
iproute2, kmod, libcap-ng, libffi, libmnl, libtasn1, libunistring, nettle,
and p11-kit. Thanks to CTM.
Use configure option --enable-cgmanager=no. Thanks to Didier Spaier.
l/cairo-1.14.10-x86_64-1.txz: Upgraded.
l/libbluray-1.0.1-x86_64-1.txz: Upgraded.
l/polkit-0.113-x86_64-3.txz: Rebuilt.
Added upstream patches to fix a memory leak and increase security when
using GIO. Thanks to Robby Workman.
n/ModemManager-1.6.8-x86_64-1.txz: Upgraded.
n/nmap-7.50-x86_64-1.txz: Upgraded.
x/libepoxy-1.4.3-x86_64-1.txz: Upgraded.
x/libinput-1.7.3-x86_64-1.txz: Upgraded.
x/libwacom-0.25-x86_64-1.txz: Upgraded.
xfce/garcon-0.6.1-x86_64-1.txz: Upgraded.
xfce/tumbler-0.1.32-x86_64-1.txz: Upgraded.
+--------------------------+
Thu Jun 15 02:08:28 UTC 2017
ap/linuxdoc-tools-0.9.72-x86_64-2.txz: Rebuilt.
Switched to OpenJade-1.3.2 (from 1.3.3-pre1 which was segfaulting).
Upgraded to perl-XML-NamespaceSupport-1.12.
Upgraded to perl-XML-SAX-Base-1.09.
Updated build script to work with bash 4.4. Thanks to Heinz Wiesinger.
Support '.conf.new' for config files within /etc/asciidoc.
Thanks to franzen on LQ for the suggestion.
Thanks to Stuart Winter.
d/slacktrack-2.18-x86_64-1.txz: Upgraded.
Thanks to Stuart Winter.
n/NetworkManager-1.8.0-x86_64-3.txz: Upgraded.
Applied upstream patches from git. Thanks to Robby Workman.
n/bind-9.11.1_P1-x86_64-1.txz: Upgraded.
Fixed denial of service security issue:
Some RPZ configurations could go into an infinite query loop when
encountering responses with TTL=0.
For more information, see:
https://kb.isc.org/article/AA-01495
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3140
(* Security fix *)
xap/mozilla-firefox-52.2.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
xap/mozilla-thunderbird-52.2.0-x86_64-1.txz: Upgraded.
Switched to using GTK+ v3.
xap/network-manager-applet-1.8.2-x86_64-1.txz: Upgraded.
+--------------------------+
Tue Jun 13 19:54:24 UTC 2017
a/sysvinit-scripts-2.0-noarch-36.txz: Rebuilt.
In rc.6, rc.K, and rc.S, use this path setting:
PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin
Thanks to GazL.
ap/sqlite-3.19.3-x86_64-1.txz: Upgraded.
kde/calligra-2.9.11-x86_64-10.txz: Rebuilt.
Recompiled against libGLEW.so.2.0.0.
kde/kde-runtime-4.14.3-x86_64-4.txz: Rebuilt.
Recompiled to drop libgpgme-pthread dependency.
kde/kdepim-4.14.10-x86_64-2.txz: Rebuilt.
Recompiled to drop libgpgme-pthread dependency.
kde/kdepimlibs-4.14.10-x86_64-3.txz: Rebuilt.
Recompiled to drop libgpgme-pthread dependency.
kde/kget-4.14.3-x86_64-3.txz: Rebuilt.
Recompiled to drop libgpgme-pthread dependency.
kde/kopete-4.14.3-x86_64-4.txz: Rebuilt.
Recompiled to drop libgpgme-pthread dependency.
l/ffmpeg-3.3.2-x86_64-1.txz: Upgraded.
l/gmime-2.6.23-x86_64-2.txz: Rebuilt.
Recompiled to drop libgpgme-pthread dependency.
n/dirmngr-1.1.1-x86_64-3.txz: Removed.
n/gnupg2-2.1.21-x86_64-1.txz: Upgraded.
n/gpgme-1.9.0-x86_64-1.txz: Upgraded.
This eliminates the libgpgme-pthread library, so anything using that will
need to be recompiled.
n/libgcrypt-1.7.7-x86_64-1.txz: Upgraded.
n/libgpg-error-1.27-x86_64-1.txz: Upgraded.
n/npth-1.5-x86_64-1.txz: Added.
n/pth-2.0.7-x86_64-1.txz: Removed.
n/samba-4.6.5-x86_64-1.txz: Upgraded.
x/glew-2.0.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Fixed glew.pc. Thanks to Willy Sudiarto Raharjo.
x/mesa-17.1.2-x86_64-2.txz: Rebuilt.
Recompiled against libGLEW.so.2.0.0.
xap/fluxbox-1.3.7-x86_64-2.txz: Rebuilt.
Fixed volume settings in keys file. Thanks to i720.
+--------------------------+
Wed Jun 7 22:42:04 UTC 2017
a/kernel-generic-4.9.31-x86_64-1.txz: Upgraded.
a/kernel-huge-4.9.31-x86_64-1.txz: Upgraded.
a/kernel-modules-4.9.31-x86_64-1.txz: Upgraded.
d/kernel-headers-4.9.31-x86-1.txz: Upgraded.
k/kernel-source-4.9.31-noarch-1.txz: Upgraded.
n/irssi-1.0.3-x86_64-1.txz: Upgraded.
Fixed security issues that may result in a denial of service.
For more information, see:
https://irssi.org/security/irssi_sa_2017_06.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9468
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9469
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Tue Jun 6 02:50:21 UTC 2017
a/mcelog-152-x86_64-2.txz: Rebuilt.
rc.mcelog: Fixed 'status' option. Thanks to Tim Thomas.
x/libdrm-2.4.81-x86_64-1.txz: Upgraded.
x/mesa-17.1.2-x86_64-1.txz: Upgraded.
+--------------------------+
Mon Jun 5 20:13:13 UTC 2017
a/mcelog-152-x86_64-1.txz: Upgraded.
ap/joe-4.4-x86_64-1.txz: Upgraded.
d/gdb-8.0-x86_64-1.txz: Upgraded.
l/elfutils-0.169-x86_64-1.txz: Upgraded.
+--------------------------+
Sat Jun 3 19:24:12 UTC 2017
a/util-linux-2.30-x86_64-1.txz: Upgraded.
ap/sqlite-3.19.2-x86_64-1.txz: Upgraded.
Fixed OPT_FEATURE_FLAGS in ./configure. Thanks to Heinz Wiesinger.
l/libtasn1-4.12-x86_64-1.txz: Upgraded.
x/xkeyboard-config-2.21-noarch-1.txz: Upgraded.
x/xterm-328-x86_64-1.txz: Upgraded.
xap/gucharmap-3.18.2-x86_64-1.txz: Upgraded.
xap/sane-1.0.27-x86_64-1.txz: Upgraded.
+--------------------------+
Thu Jun 1 18:56:38 UTC 2017
d/cmake-3.8.2-x86_64-1.txz: Upgraded.
l/alsa-lib-1.1.4.1-x86_64-1.txz: Upgraded.
n/mutt-1.8.3-x86_64-1.txz: Upgraded.
x/xdm-1.1.11-x86_64-7.txz: Rebuilt.
In /etc/X11/xdm/xdm-config, specify MIT-MAGIC-COOKIE-1 authorization, as
the default XDM-AUTHORIZATION-1 doesn't work. This fixes issues with SDL2
apps as well as other authorization bugs when using XDM.
Thanks to Dan Church.
+--------------------------+
Wed May 31 23:07:23 UTC 2017
ap/sudo-1.8.20p2-x86_64-1.txz: Upgraded.
This is a bugfix release:
Fixed a bug parsing /proc/pid/stat when the process name contains
a newline. This is not exploitable due to the /dev traversal changes
made in sudo 1.8.20p1.
+--------------------------+
Tue May 30 17:39:17 UTC 2017
ap/sudo-1.8.20p1-x86_64-1.txz: Upgraded.
This update fixes a potential overwrite of arbitrary system files.
This bug was discovered and analyzed by Qualys, Inc.
For more information, see:
https://www.sudo.ws/alerts/linux_tty.html
http://www.openwall.com/lists/oss-security/2017/05/30/16
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000367
(* Security fix *)
n/lynx-2.8.8rel.2-x86_64-3.txz: Rebuilt.
Fixed lynx startup without a URL by correcting STARTFILE in lynx.cfg to use
the new URL for the Lynx homepage. Thanks to John David Yost.
+--------------------------+
Fri May 26 22:40:13 UTC 2017
a/kernel-generic-4.9.30-x86_64-1.txz: Upgraded.
a/kernel-huge-4.9.30-x86_64-1.txz: Upgraded.
a/kernel-modules-4.9.30-x86_64-1.txz: Upgraded.
d/kernel-headers-4.9.30-x86-1.txz: Upgraded.
k/kernel-source-4.9.30-noarch-1.txz: Upgraded.
n/NetworkManager-1.8.0-x86_64-2.txz: Rebuilt.
rc.networkmanager: Set XDG_CACHE_HOME=/root/.cache before starting.
Thanks to allend.
x/mesa-17.1.1-x86_64-1.txz: Upgraded.
Enabled Vulkan drivers for Intel and Radeon.
x/vulkan-sdk-1.0.26.0-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Wed May 24 19:38:59 UTC 2017
n/samba-4.6.4-x86_64-1.txz: Upgraded.
This update fixes a remote code execution vulnerability, allowing a
malicious client to upload a shared library to a writable share, and
then cause the server to load and execute it.
For more information, see:
https://www.samba.org/samba/security/CVE-2017-7494.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7494
(* Security fix *)
+--------------------------+
Wed May 24 04:51:46 UTC 2017
a/aaa_elflibs-14.2-x86_64-29.txz: Rebuilt.
a/aaa_terminfo-6.0-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-2.0-noarch-35.txz: Rebuilt.
rc.4: Support a custom rc.4.local display manager startup script.
Thanks to Robby Workman.
ap/sqlite-3.19.0-x86_64-1.txz: Upgraded.
ap/tmux-2.4-x86_64-2.txz: Rebuilt.
Added /etc/tmux.conf.new to set TERM=tmux-256color.
Removed tmux terminfo files, as these are packaged with ncurses.
l/ncurses-6.0-x86_64-3.txz: Rebuilt.
Drop --with-xterm-kbs=DEL option, taking the upstream default of ^H.
Added a modified tmux terminfo, setting kbs=\177, as it expects.
Default to upstream versions of everything else in the terminfo database.
Thanks to Xsane and GazL for some insights on a more correct configuration.
l/newt-0.52.20-x86_64-1.txz: Upgraded.
l/pango-1.40.6-x86_64-1.txz: Upgraded.
n/NetworkManager-1.8.0-x86_64-1.txz: Upgraded.
n/network-scripts-14.2-noarch-6.txz: Rebuilt.
rc.inet1: Change actual DHCP_TIMEOUT to 15. Thanks to pataphysician.
tcl/tcl-8.6.6-x86_64-1.txz: Upgraded.
tcl/tk-8.6.6-x86_64-1.txz: Upgraded.
xap/network-manager-applet-1.8.0-x86_64-1.txz: Upgraded.
extra/tigervnc/tigervnc-1.8.0-x86_64-1.txz: Upgraded.
+--------------------------+
Mon May 22 20:58:20 UTC 2017
a/bash-4.4.012-x86_64-1.txz: Upgraded.
a/kernel-generic-4.9.29-x86_64-1.txz: Upgraded.
a/kernel-huge-4.9.29-x86_64-1.txz: Upgraded.
a/kernel-modules-4.9.29-x86_64-1.txz: Upgraded.
a/less-487-x86_64-1.txz: Upgraded.
Support .tar.lz in lesspipe.sh.
a/lzip-1.19-x86_64-2.txz: Rebuilt.
CXXFLAGS need to be placed after ./configure to take effect.
Thanks to Matias Fonzo.
ap/alsa-utils-1.1.4-x86_64-1.txz: Upgraded.
ap/nano-2.8.4-x86_64-1.txz: Upgraded.
ap/vim-8.0.0600-x86_64-1.txz: Upgraded.
d/ccache-3.3.4-x86_64-1.txz: Upgraded.
d/gcc-7.1.0-x86_64-2.txz: Rebuilt.
Fixed regression where MMX opcodes are generated without EMMS.
Thanks to orbea.
d/gcc-brig-7.1.0-x86_64-2.txz: Rebuilt.
d/gcc-g++-7.1.0-x86_64-2.txz: Rebuilt.
d/gcc-gfortran-7.1.0-x86_64-2.txz: Rebuilt.
d/gcc-gnat-7.1.0-x86_64-2.txz: Rebuilt.
d/gcc-go-7.1.0-x86_64-2.txz: Rebuilt.
d/gcc-objc-7.1.0-x86_64-2.txz: Rebuilt.
d/kernel-headers-4.9.29-x86-1.txz: Upgraded.
k/kernel-source-4.9.29-noarch-1.txz: Upgraded.
l/alsa-lib-1.1.4-x86_64-1.txz: Upgraded.
l/alsa-plugins-1.1.4-x86_64-1.txz: Upgraded.
l/ffmpeg-3.3.1-x86_64-1.txz: Upgraded.
l/glib2-2.52.2-x86_64-2.txz: Rebuilt.
Added some patches from upstream git, one of which fixes a problem with
LibreOffice. Thanks to PeeBee.
l/slang-2.3.1a-x86_64-1.txz: Upgraded.
n/network-scripts-14.2-noarch-5.txz: Rebuilt.
rc.inet1: Increased default DHCP_TIMEOUT from 10 to 15 seconds.
xap/gkrellm-2.3.10-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-52.1.2esr-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.0.0600-x86_64-1.txz: Upgraded.
xfce/xfce4-terminal-0.8.5.1-x86_64-1.txz: Upgraded.
extra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild: Updated.
Fixed retrieving version number.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Tue May 16 20:11:03 UTC 2017
a/kernel-generic-4.9.28-x86_64-1.txz: Upgraded.
a/kernel-huge-4.9.28-x86_64-1.txz: Upgraded.
a/kernel-modules-4.9.28-x86_64-1.txz: Upgraded.
d/cmake-3.8.1-x86_64-1.txz: Upgraded.
d/kernel-headers-4.9.28-x86-1.txz: Upgraded.
k/kernel-source-4.9.28-noarch-1.txz: Upgraded.
CIFS_SMB2 n -> y
kde/kdelibs-4.14.32-x86_64-1.txz: Upgraded.
This update fixes a security issue with KAuth that can lead to gaining
root from an unprivileged account.
For more information, see:
http://www.openwall.com/lists/oss-security/2017/05/10/3
https://www.kde.org/info/security/advisory-20170510-1.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8422
(* Security fix *)
l/freetype-2.8-x86_64-1.txz: Upgraded.
This update fixes an out-of-bounds write caused by a heap-based buffer
overflow related to the t1_builder_close_contour function in psaux/psobjs.c.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8287
(* Security fix *)
l/gtk+3-3.22.15-x86_64-1.txz: Upgraded.
l/qt-4.8.7-x86_64-6.txz: Rebuilt.
Patched to fix moc problems with glibc-2.25 (parse error at "defined",
line 52 of a random header file).
Use -std=gnu++98 and patches to build with gcc-7.1.0.
xap/gimp-2.8.22-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-52.1.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Thu May 11 18:09:15 UTC 2017
l/gtk+3-3.22.14-x86_64-1.txz: Upgraded.
+--------------------------+
Wed May 10 22:58:28 UTC 2017
d/git-2.13.0-x86_64-1.txz: Upgraded.
l/gtk+3-3.22.13-x86_64-1.txz: Upgraded.
x/mesa-17.1.0-x86_64-1.txz: Upgraded.
+--------------------------+
Tue May 9 23:33:37 UTC 2017
a/elilo-3.16-x86_64-4.txz: Rebuilt.
In eliloconfig, fixed hardcoded /mnt in a few places. Thanks to alienBOB.
a/eudev-3.2.2-x86_64-2.txz: Rebuilt.
Added another watchdog module to the blacklist. Thanks to Robby Workman.
a/hdparm-9.52-x86_64-1.txz: Upgraded.
a/kernel-generic-4.9.27-x86_64-1.txz: Upgraded.
a/kernel-huge-4.9.27-x86_64-1.txz: Upgraded.
a/kernel-modules-4.9.27-x86_64-1.txz: Upgraded.
a/lzip-1.19-x86_64-1.txz: Upgraded.
a/mkinitrd-1.4.9-x86_64-2.txz: Rebuilt.
Mount devtmpfs with -o size=8M option.
Mount tmpfs on /run with -o size=32M,nodev,nosuid,noexec options.
Thanks to Robby Workman.
Fix error message when /lukstrim is missing. Thanks to _RDS_.
Add rules.d/85-regulatory.rules to LIBUDEV_BLACKLIST. Thanks to GazL.
a/sysvinit-scripts-2.0-noarch-34.txz: Rebuilt.
Cosmetic changes to make the output from "mount" and "df -h" look better:
rc.S: where "/sys/fs/cgroup" is mounted as a tmpfs, add "size=8M" to the
mount options.
rc.S: where /run is mounted, add "size=32M,nodev,nosuid,noexec" to the
mount options.
Thanks to Robby Workman.
ap/cups-filters-1.13.5-x86_64-1.txz: Upgraded.
d/kernel-headers-4.9.27-x86-1.txz: Upgraded.
k/kernel-source-4.9.27-noarch-1.txz: Upgraded.
9P_FS_POSIX_ACL n -> y
l/at-spi2-atk-2.24.1-x86_64-1.txz: Upgraded.
l/at-spi2-core-2.24.1-x86_64-1.txz: Upgraded.
l/glib2-2.52.2-x86_64-1.txz: Upgraded.
l/libsoup-2.58.1-x86_64-1.txz: Upgraded.
n/bluez-5.45-x86_64-1.txz: Upgraded.
x/libevdev-1.5.7-x86_64-1.txz: Upgraded.
x/xdg-utils-1.1.2-noarch-1.txz: Upgraded.
x/xf86-input-libinput-0.25.1-x86_64-1.txz: Upgraded.
x/xkbcomp-1.4.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
Use nosuid,nodev,noexec mount options for /dev/shm in installer-created
/etc/fstab. Thanks to Robby Workman.
Replace hardcoded /mnt with ${T_PX} in many places. Thanks to alienBOB.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Use nosuid,nodev,noexec mount options for /dev/shm in installer-created
/etc/fstab. Thanks to Robby Workman.
Replace hardcoded /mnt with ${T_PX} in many places. Thanks to alienBOB.
+--------------------------+
Sat May 6 23:12:02 UTC 2017
a/glibc-solibs-2.25-x86_64-2.txz: Rebuilt.
ap/cdrdao-1.2.3-x86_64-3.txz: Rebuilt.
Recompiled to support libmp3lame.
ap/sox-14.4.2-x86_64-4.txz: Rebuilt.
Recompiled to support libmp3lame.
d/flex-2.6.4-x86_64-1.txz: Upgraded.
kde/k3b-2.0.3-x86_64-3.txz: Rebuilt.
Patched to build with ffmpeg3 and gcc7.
l/ffmpeg-3.3-x86_64-1.txz: Upgraded.
Recompiled to support libmp3lame.
l/glibc-2.25-x86_64-2.txz: Rebuilt.
Reverted a patch that causes IFUNC errors to be emitted.
l/glibc-i18n-2.25-x86_64-2.txz: Rebuilt.
l/glibc-profile-2.25-x86_64-2.txz: Rebuilt.
l/gst-plugins-base-1.12.0-x86_64-1.txz: Upgraded.
l/gst-plugins-good-1.12.0-x86_64-1.txz: Upgraded.
l/gst-plugins-libav-1.12.0-x86_64-1.txz: Upgraded.
l/gstreamer-1.12.0-x86_64-1.txz: Upgraded.
l/lame-3.99.5-x86_64-1.txz: Added.
xap/MPlayer-1.3_20170208-x86_64-4.txz: Rebuilt.
Recompiled to support libmp3lame.
xap/audacious-plugins-3.8.2-x86_64-3.txz: Rebuilt.
Recompiled to support libmp3lame.
+--------------------------+
Thu May 4 22:14:08 UTC 2017
a/btrfs-progs-v4.10.2-x86_64-2.txz: Rebuilt.
Ship libbtrfs shared library. Thanks to Vincent Batts.
a/elilo-3.16-x86_64-3.txz: Rebuilt.
Patched eliloconfig to properly handle NVMe devices.
Thanks to Didier Spaier.
a/gettext-0.19.8.1-x86_64-3.txz: Rebuilt.
a/glibc-solibs-2.25-x86_64-1.txz: Upgraded.
a/kernel-firmware-20170504git-noarch-1.txz: Upgraded.
a/kernel-generic-4.9.26-x86_64-1.txz: Upgraded.
a/kernel-huge-4.9.26-x86_64-1.txz: Upgraded.
a/kernel-modules-4.9.26-x86_64-1.txz: Upgraded.
ap/nano-2.8.2-x86_64-1.txz: Upgraded.
d/flex-2.6.2-x86_64-1.txz: Upgraded.
Switched to flex-2.6.2 until there's a new release that fixes unexpected
symbol remapping macro definitions in flex-2.6.3.
See: https://github.com/westes/flex/issues/162
d/gcc-7.1.0-x86_64-1.txz: Upgraded.
d/gcc-brig-7.1.0-x86_64-1.txz: Added.
d/gcc-g++-7.1.0-x86_64-1.txz: Upgraded.
d/gcc-gfortran-7.1.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/gcc-gnat-7.1.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/gcc-go-7.1.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/gcc-java-5.4.0-x86_64-1.txz: Removed.
d/gcc-objc-7.1.0-x86_64-1.txz: Upgraded.
d/gettext-tools-0.19.8.1-x86_64-3.txz: Rebuilt.
d/kernel-headers-4.9.26-x86-1.txz: Upgraded.
k/kernel-source-4.9.26-noarch-1.txz: Upgraded.
l/glibc-2.25-x86_64-1.txz: Upgraded.
l/glibc-i18n-2.25-x86_64-1.txz: Upgraded.
l/glibc-profile-2.25-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
Patched SeTEFI and probe to fix NVMe device handling.
Thanks to Didier Spaier.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Patched SeTEFI and probe to fix NVMe device handling.
Thanks to Didier Spaier.
+--------------------------+
Mon May 1 23:31:02 UTC 2017
a/cryptsetup-1.7.5-x86_64-1.txz: Upgraded.
l/QScintilla-2.10-x86_64-2.txz: Rebuilt.
x/dejavu-fonts-ttf-2.37-noarch-2.txz: Rebuilt.
Rename 57-* fontconfig files to 61-* to avoid overriding font preferences
in fontconfig's 60-latin.conf.
x/fontconfig-2.12.1-x86_64-2.txz: Rebuilt.
Prefer Liberation fonts in 60-latin.conf.
x/libepoxy-1.4.2-x86_64-1.txz: Upgraded.
x/liberation-fonts-ttf-2.00.1-noarch-1.txz: Upgraded.
x/mesa-17.0.5-x86_64-1.txz: Upgraded.
x/urw-core35-fonts-otf-20160712_79bcdfb_git-noarch-1.txz: Added.
These are the URW++ core35 fonts also found in the ghostscript-fonts
package, but provided in OpenType Format for programs such as
LibreOffice which no longer support PostScript Type 1 fonts.
Thanks to Jonathan Woithe.
x/wqy-zenhei-font-ttf-0.8.38_1-noarch-3.txz: Rebuilt.
Rename 44-wqy-zenhei.conf to 64-wqy-zenhei.conf to avoid overriding
font preferences in fontconfig's 60-latin.conf.
Prefer Liberation over DejaVu in 64-wqy-zenhei.conf.
xap/mozilla-thunderbird-52.1.0-x86_64-1.txz: Upgraded.
xap/rxvt-2.7.10-x86_64-5.txz: Upgraded.
Patched an integer overflow that can crash rxvt with an escape sequence,
or possibly have unspecified other impact.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7483
(* Security fix *)
+--------------------------+
Thu Apr 27 23:03:54 UTC 2017
kde/pykde4-4.14.3-x86_64-5.txz: Rebuilt.
Patched to work with PyQt-4.12. Thanks to Heinz Wiesinger.
kde/qtruby-4.14.3-x86_64-6.txz: Rebuilt.
Reconfigured to compile with QScintilla-2.10. Thanks to Heinz Wiesinger.
kde/smokeqt-4.14.3-x86_64-4.txz: Rebuilt.
Reconfigured to compile with QScintilla-2.10. Thanks to Heinz Wiesinger.
l/PyQt-4.12-x86_64-1.txz: Upgraded.
l/QScintilla-2.10-x86_64-1.txz: Upgraded.
Thanks to Heinz Wiesinger.
l/freetype-2.7.1-x86_64-2.txz: Rebuilt.
Don't define anything in freetype.{csh,sh} by default, letting the new
minimal hinting method be automatically selected. Thanks to GazL.
Applied upstream patches from git that disable long family names for PCF
fonts. You'll need to run "fc-cache -f" to get the old names back.
+--------------------------+
Wed Apr 26 23:09:45 UTC 2017
Thanks to Robby Workman for help with these packages, especially with
preparing and testing updates to the GTK stack. :-)
a/btrfs-progs-v4.10.2-x86_64-1.txz: Upgraded.
a/grub-2.02-x86_64-1.txz: Upgraded.
a/lvm2-2.02.170-x86_64-1.txz: Upgraded.
a/xfsprogs-4.10.0-x86_64-1.txz: Upgraded.
ap/dmapi-2.2.12-x86_64-2.txz: Rebuilt.
ap/tmux-2.4-x86_64-1.txz: Upgraded.
d/swig-3.0.12-x86_64-1.txz: Upgraded.
l/adwaita-icon-theme-3.24.0-noarch-1.txz: Upgraded.
l/at-spi2-atk-2.24.0-x86_64-1.txz: Upgraded.
l/at-spi2-core-2.24.0-x86_64-1.txz: Upgraded.
l/atk-2.24.0-x86_64-1.txz: Upgraded.
l/dconf-0.26.0-x86_64-1.txz: Upgraded.
l/dconf-editor-3.22.3-x86_64-1.txz: Upgraded.
l/freetype-2.7.1-x86_64-1.txz: Upgraded.
Subpixel hinting has been enabled upstream by default, but you may adjust
this in /etc/profile.d/freetype.{csh,sh}.
l/gdk-pixbuf2-2.36.6-x86_64-1.txz: Upgraded.
l/glib-networking-2.50.0-x86_64-1.txz: Upgraded.
l/glib2-2.52.1-x86_64-1.txz: Upgraded.
l/glibmm-2.50.1-x86_64-1.txz: Upgraded.
l/gnome-themes-standard-3.22.3-x86_64-1.txz: Upgraded.
l/gobject-introspection-1.52.1-x86_64-1.txz: Upgraded.
l/gsettings-desktop-schemas-3.24.0-x86_64-1.txz: Upgraded.
l/gtk+3-3.22.12-x86_64-1.txz: Upgraded.
l/gtkmm3-3.22.0-x86_64-1.txz: Upgraded.
l/gvfs-1.32.1-x86_64-1.txz: Upgraded.
l/harfbuzz-1.4.6-x86_64-1.txz: Upgraded.
l/keyutils-1.5.10-x86_64-1.txz: Upgraded.
l/libcroco-0.6.12-x86_64-1.txz: Upgraded.
l/libgsf-1.14.41-x86_64-1.txz: Upgraded.
l/libnotify-0.7.7-x86_64-1.txz: Upgraded.
l/librsvg-2.40.17-x86_64-1.txz: Upgraded.
l/libsigc++-2.10.0-x86_64-1.txz: Upgraded.
l/libsoup-2.58.0-x86_64-1.txz: Upgraded.
l/libssh-0.7.5-x86_64-1.txz: Upgraded.
l/libssh2-1.8.0-x86_64-1.txz: Upgraded.
l/pango-1.40.5-x86_64-1.txz: Upgraded.
l/pangomm-2.40.1-x86_64-1.txz: Upgraded.
l/pygobject3-3.24.1-x86_64-1.txz: Upgraded.
l/shared-mime-info-1.7-x86_64-1.txz: Upgraded.
l/sip-4.19.2-x86_64-1.txz: Upgraded.
l/vte-0.44.3-x86_64-1.txz: Upgraded.
n/bluez-5.44-x86_64-1.txz: Upgraded.
n/iproute2-4.10.0-x86_64-1.txz: Upgraded.
x/libevdev-1.5.6-x86_64-1.txz: Upgraded.
x/xf86-video-nouveau-1.0.15-x86_64-1.txz: Upgraded.
xap/gparted-0.28.1-x86_64-1.txz: Upgraded.
xfce/garcon-0.6.0-x86_64-1.txz: Upgraded.
xfce/xfce4-pulseaudio-plugin-0.2.5-x86_64-1.txz: Upgraded.
xfce/xfce4-systemload-plugin-1.2.1-x86_64-1.txz: Upgraded.
xfce/xfce4-taskmanager-1.2.0-x86_64-1.txz: Upgraded.
xfce/xfce4-terminal-0.8.4-x86_64-1.txz: Upgraded.
xfce/xfce4-weather-plugin-0.8.9-x86_64-1.txz: Upgraded.
+--------------------------+
Mon Apr 24 18:06:06 UTC 2017
a/cryptsetup-1.7.4-x86_64-1.txz: Upgraded.
a/eudev-3.2.2-x86_64-1.txz: Upgraded.
a/mdadm-4.0-x86_64-1.txz: Upgraded.
ap/vim-8.0.0586-x86_64-1.txz: Upgraded.
e/emacs-25.2-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-52.1.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
xap/vim-gvim-8.0.0586-x86_64-1.txz: Upgraded.
+--------------------------+
Fri Apr 21 22:40:12 UTC 2017
a/etc-14.2-x86_64-10.txz: Rebuilt.
Added user:group for NTP (UID 44/GID 44).
ap/sudo-1.8.19p2-x86_64-1.txz: Upgraded.
d/git-2.12.2-x86_64-1.txz: Upgraded.
d/mercurial-4.1.3-x86_64-1.txz: Upgraded.
l/libgphoto2-2.5.13-x86_64-1.txz: Upgraded.
n/curl-7.54.0-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Switch off SSL session id when client cert is used.
For more information, see:
https://curl.haxx.se/docs/adv_20170419.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7468
(* Security fix *)
n/dhcpcd-6.11.5-x86_64-1.txz: Upgraded.
Thanks to Robby Workman.
n/ethtool-4.10-x86_64-1.txz: Upgraded.
n/getmail-4.54.0-x86_64-1.txz: Upgraded.
n/ntp-4.2.8p10-x86_64-1.txz: Upgraded.
There were some changes made to NTP setup in -current:
First, NTP drops privileges and runs as ntp:ntp. Be sure to install the
updated etc package to get the new user and group.
Some files have been relocated:
The ntp.keys file has moved from /etc/ntp/ to /etc/.
The drift and stats files now reside in /var/lib/ntp/.
The step-tickers file has been removed. It's actually been deprecated for
a while and nothing has referenced in for quite some time.
Be sure to move the new rc.ntpd.new into place, and move over or merge
from the .new config files.
Thanks to Robby Workman for help with these changes.
In addition to bug fixes and enhancements, this release fixes security
issues of medium and low severity:
Denial of Service via Malformed Config (Medium)
Authenticated DoS via Malicious Config Option (Medium)
Potential Overflows in ctl_put() functions (Medium)
Buffer Overflow in ntpq when fetching reslist from a malicious ntpd (Medium)
0rigin DoS (Medium)
Buffer Overflow in DPTS Clock (Low)
Improper use of snprintf() in mx4200_send() (Low)
The following issues do not apply to Linux systems:
Privileged execution of User Library code (WINDOWS PPSAPI ONLY) (Low)
Stack Buffer Overflow from Command Line (WINDOWS installer ONLY) (Low)
Data Structure terminated insufficiently (WINDOWS installer ONLY) (Low)
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6464
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6463
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6458
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6460
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9042
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6462
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6451
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6455
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6452
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6459
(* Security fix *)
n/proftpd-1.3.6-x86_64-1.txz: Upgraded.
This release fixes a security issue:
AllowChrootSymlinks off does not check entire DefaultRoot path for symlinks.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7418
(* Security fix *)
+--------------------------+
Wed Apr 19 04:46:45 UTC 2017
a/minicom-2.7.1-x86_64-1.txz: Upgraded.
Fix an out of bounds data access that can lead to remote code execution.
This issue was found by Solar Designer of Openwall during a security audit
of the Virtuozzo 7 product, which contains derived downstream code in its
prl-vzvncserver component.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7467
(* Security fix *)
a/usb_modeswitch-2.5.0-x86_64-1.txz: Upgraded.
ap/hplip-3.17.4-x86_64-1.txz: Upgraded.
l/wavpack-5.1.0-x86_64-1.txz: Upgraded.
n/mutt-1.8.1-x86_64-1.txz: Upgraded.
testing/packages/gcc-6.3.0-x86_64-2.txz: Rebuilt.
testing/packages/gcc-g++-6.3.0-x86_64-2.txz: Rebuilt.
Move some Python files into this package instead of the gcc-java package.
Move the Python files into a more correct directory.
Thanks to Heinz Wiesinger.
testing/packages/gcc-gfortran-6.3.0-x86_64-2.txz: Rebuilt.
testing/packages/gcc-gnat-6.3.0-x86_64-2.txz: Rebuilt.
testing/packages/gcc-go-6.3.0-x86_64-2.txz: Rebuilt.
testing/packages/gcc-java-6.3.0-x86_64-2.txz: Rebuilt.
Move some Python files from this package into the gcc-g++ package.
Move the Python files into a more correct directory.
Thanks to Heinz Wiesinger.
testing/packages/gcc-objc-6.3.0-x86_64-2.txz: Rebuilt.
+--------------------------+
Tue Apr 18 04:21:33 UTC 2017
x/libdrm-2.4.80-x86_64-1.txz: Upgraded.
x/mesa-17.0.4-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-52.0.1-x86_64-1.txz: Upgraded.
+--------------------------+
Thu Apr 13 21:19:45 UTC 2017
ap/nano-2.8.1-x86_64-1.txz: Upgraded.
n/bind-9.11.0_P5-x86_64-1.txz: Upgraded.
Fixed denial of service security issues.
For more information, see:
https://kb.isc.org/article/AA-01465
https://kb.isc.org/article/AA-01466
https://kb.isc.org/article/AA-01471
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3136
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3137
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3138
(* Security fix *)
x/motif-2.3.7-x86_64-1.txz: Upgraded.
xfce/tumbler-0.1.31-x86_64-11.txz: Rebuilt.
Fixed ffmpegthumbnailer bug. Thanks to Robby Workman.
+--------------------------+
Mon Apr 10 18:08:13 UTC 2017
ap/bc-1.07.1-x86_64-1.txz: Upgraded.
This fixes the input_char read bug that was causing kernel builds to hang.
x/m17n-lib-1.7.0-x86_64-1.txz: Upgraded.
xap/xlockmore-5.51-x86_64-2.txz: Rebuilt.
Fixed appdefaultdir location. Thanks to Richard Narron.
+--------------------------+
Sat Apr 8 16:24:35 UTC 2017
a/ntfs-3g-2017.3.23-x86_64-1.txz: Upgraded.
ap/acct-6.6.3-x86_64-1.txz: Upgraded.
ap/bc-1.07-x86_64-1.txz: Upgraded.
ap/cups-2.2.3-x86_64-1.txz: Upgraded.
ap/cups-filters-1.13.4-x86_64-1.txz: Upgraded.
ap/dc3dd-7.2.646-x86_64-1.txz: Upgraded.
ap/gutenprint-5.2.12-x86_64-1.txz: Upgraded.
e/emacs-25.1-x86_64-3.txz: Rebuilt.
kde/calligra-2.9.11-x86_64-9.txz: Rebuilt.
kde/kdelibs-4.14.30-x86_64-1.txz: Upgraded.
kde/kopete-4.14.3-x86_64-3.txz: Rebuilt.
kde/krdc-4.14.3-x86_64-3.txz: Rebuilt.
kde/libkdcraw-4.14.3-x86_64-4.txz: Rebuilt.
l/LibRaw-0.18.2-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/babl-0.1.24-x86_64-1.txz: Upgraded.
l/enchant-1.6.1-x86_64-1.txz: Upgraded.
l/ffmpeg-3.2.4-x86_64-4.txz: Rebuilt.
l/gegl-0.2.0-x86_64-4.txz: Rebuilt.
l/giflib-5.1.4-x86_64-1.txz: Upgraded.
l/gvfs-1.26.3-x86_64-2.txz: Rebuilt.
l/imagemagick-6.9.8_3-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/jasper-2.0.12-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Thanks to Heinz Wiesinger.
l/libarchive-3.3.1-x86_64-1.txz: Upgraded.
l/libbluray-1.0.0-x86_64-1.txz: Added.
Built with support for BD-J menus, but without the necessary .jar
file to use it. Thanks to Heinz Wiesinger.
l/libdiscid-0.6.2-x86_64-1.txz: Upgraded.
l/libmtp-1.1.13-x86_64-1.txz: Upgraded.
l/libraw1394-2.1.2-x86_64-1.txz: Upgraded.
l/libsamplerate-0.1.9-x86_64-1.txz: Upgraded.
l/libsndfile-1.0.28-x86_64-1.txz: Upgraded.
l/libspectre-0.2.8-x86_64-1.txz: Upgraded.
l/libtiff-4.0.7-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5875
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9448
(* Security fix *)
l/libvncserver-0.9.11-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/poppler-0.53.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/virtuoso-ose-6.1.8-x86_64-5.txz: Rebuilt.
n/openvpn-2.4.1-x86_64-1.txz: Upgraded.
x/libdrm-2.4.78-x86_64-1.txz: Upgraded.
x/libinput-1.7.0-x86_64-1.txz: Upgraded.
x/libpciaccess-0.13.5-x86_64-1.txz: Upgraded.
x/libva-1.8.0-x86_64-1.txz: Upgraded.
x/libva-intel-driver-1.7.3-x86_64-1.txz: Upgraded.
x/mesa-17.0.3-x86_64-1.txz: Upgraded.
xap/MPlayer-1.3_20170208-x86_64-3.txz: Rebuilt.
xap/gimp-2.8.20-x86_64-2.txz: Rebuilt.
xap/mozilla-thunderbird-52.0-x86_64-1.txz: Upgraded.
xap/xine-lib-1.2.8-x86_64-1.txz: Upgraded.
Thanks to Heinz Wiesinger.
xap/xlockmore-5.51-x86_64-1.txz: Upgraded.
xap/xv-3.10a-x86_64-8.txz: Rebuilt.
xfce/tumbler-0.1.31-x86_64-10.txz: Rebuilt.
+--------------------------+
Sat Apr 1 05:16:59 UTC 2017
ap/nano-2.8.0-x86_64-1.txz: Upgraded.
n/samba-4.6.2-x86_64-1.txz: Upgraded.
This is a bug fix release to address a regression introduced by the security
fixes for CVE-2017-2619 (Symlink race allows access outside share definition).
Please see https://bugzilla.samba.org/show_bug.cgi?id=12721 for details.
+--------------------------+
Thu Mar 30 20:18:17 UTC 2017
l/ffmpeg-3.2.4-x86_64-3.txz: Rebuilt.
Recompiled against libcdio-paranoia-10.2+0.94+1.
x/libwacom-0.24-x86_64-1.txz: Upgraded.
xap/MPlayer-1.3_20170208-x86_64-2.txz: Rebuilt.
Recompiled against libcdio-paranoia-10.2+0.94+1.
+--------------------------+
Tue Mar 28 20:30:50 UTC 2017
ap/mariadb-10.0.30-x86_64-1.txz: Upgraded.
This update fixes security issues:
Crash in libmysqlclient.so.
Difficult to exploit vulnerability allows low privileged attacker with
logon to compromise the server. Successful attacks of this vulnerability
can result in unauthorized access to data.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3302
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3313
(* Security fix *)
d/pkg-config-0.29.2-x86_64-1.txz: Upgraded.
l/libcdio-paranoia-10.2+0.94+1-x86_64-1.txz: Upgraded.
n/openssh-7.5p1-x86_64-1.txz: Upgraded.
This release deprecates the sshd_config UsePrivilegeSeparation option,
thereby making privilege separation mandatory. Note that privilege
separation has been on by default for almost 15 years and sandboxing
has been on by default for almost the last five, so this shouldn't
change anything for most users.
xap/mozilla-firefox-52.0.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
xfce/xfce4-notifyd-0.3.6-x86_64-1.txz: Upgraded.
+--------------------------+
Thu Mar 23 21:38:23 UTC 2017
a/glibc-zoneinfo-2017b-noarch-1.txz: Upgraded.
a/libgudev-231-x86_64-1.txz: Upgraded.
a/lilo-24.2-x86_64-4.txz: Rebuilt.
Issue a warning rather than a fatal error for colons in /dev/disk/by-id/
device names. Thanks to alex14641 on LQ.
d/cmake-3.7.2-x86_64-1.txz: Upgraded.
d/ruby-2.4.1-x86_64-1.txz: Upgraded.
n/mcabber-1.0.5-x86_64-1.txz: Upgraded.
This update fixes a security issue:
An incorrect implementation of XEP-0280: Message Carbons in multiple XMPP
clients allows a remote attacker to impersonate any user, including
contacts, in the vulnerable application's display. This allows for various
kinds of social engineering attacks.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5604
(* Security fix *)
n/samba-4.6.1-x86_64-1.txz: Upgraded.
This update fixes a security issue:
All versions of Samba prior to 4.6.1, 4.5.7, 4.4.12 are vulnerable to
a malicious client using a symlink race to allow access to areas of
the server file system not exported under the share definition.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2619
(* Security fix *)
+--------------------------+
Tue Mar 21 21:42:52 UTC 2017
a/dbus-1.10.16-x86_64-1.txz: Upgraded.
a/file-5.30-x86_64-1.txz: Upgraded.
a/pciutils-3.5.4-x86_64-1.txz: Upgraded.
l/gst-plugins-base-1.10.4-x86_64-1.txz: Upgraded.
l/gst-plugins-good-1.10.4-x86_64-1.txz: Upgraded.
l/gst-plugins-libav-1.10.4-x86_64-1.txz: Upgraded.
l/gstreamer-1.10.4-x86_64-1.txz: Upgraded.
l/libpng-1.6.29-x86_64-1.txz: Upgraded.
l/libusb-1.0.21-x86_64-1.txz: Upgraded.
l/zlib-1.2.11-x86_64-1.txz: Upgraded.
n/alpine-2.21-x86_64-1.txz: Upgraded.
n/imapd-2.21-x86_64-1.txz: Upgraded.
x/dejavu-fonts-ttf-2.37-noarch-1.txz: Upgraded.
xfce/Thunar-1.6.11-x86_64-1.txz: Upgraded.
+--------------------------+
Mon Mar 20 20:43:14 UTC 2017
a/e2fsprogs-1.43.4-x86_64-1.txz: Upgraded.
a/mkinitrd-1.4.9-x86_64-1.txz: Upgraded.
Support FSTRIM on LUKS devices unlocked at boot. Note that the expected name
of a root LUKS device has changed -- please see the revised README_CRYPT.TXT.
Thanks to Mason Loring Bliss for the initial patch, and Robby Workman
for a few adjustments and documentation.
a/udisks2-2.1.8-x86_64-1.txz: Upgraded.
ap/man-pages-4.10-noarch-1.txz: Upgraded.
n/gnutls-3.5.10-x86_64-1.txz: Upgraded.
n/mobile-broadband-provider-info-20170310-x86_64-1.txz: Upgraded.
x/libpthread-stubs-0.4-noarch-1.txz: Upgraded.
x/mesa-17.0.2-x86_64-1.txz: Upgraded.
x/xf86-video-amdgpu-1.3.0-x86_64-1.txz: Upgraded.
x/xf86-video-ati-7.9.0-x86_64-1.txz: Upgraded.
xap/audacious-plugins-3.8.2-x86_64-2.txz: Rebuilt.
Added ffmpeg support. Thanks to franzen.
xap/windowmaker-0.95.8-x86_64-1.txz: Upgraded.
+--------------------------+
Sun Mar 19 05:27:13 UTC 2017
l/SDL2-2.0.5-x86_64-1.txz: Added.
l/SDL2_gfx-1.0.3-x86_64-1.txz: Added.
l/SDL2_image-2.0.1-x86_64-1.txz: Added.
l/SDL2_mixer-2.0.1-x86_64-1.txz: Added.
l/SDL2_net-2.0.1-x86_64-1.txz: Added.
l/SDL2_ttf-2.0.14-x86_64-1.txz: Added.
l/ffmpeg-3.2.4-x86_64-2.txz: Rebuilt.
The package now includes ffplay, which required the SDL2 libraries.
xap/audacious-3.8.2-x86_64-1.txz: Upgraded.
xap/audacious-plugins-3.8.2-x86_64-1.txz: Upgraded.
+--------------------------+
Sat Mar 18 00:30:40 UTC 2017
xap/mozilla-firefox-52.0.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
+--------------------------+
Fri Mar 17 21:21:21 UTC 2017
a/mlocate-0.26-x86_64-1.txz: Added.
This replaces slocate as the system locate/updatedb utilities.
In tests here, mlocate was about 20% faster than slocate at creating a
new database. When updating an existing database, it was many times
faster. On my machine, the nightly database update took about 5 minutes
with slocate, but only a few seconds with mlocate.
I might miss (slightly) the heavy drive activity at 04:40 that would let
me know that it was time for bed. ;-)
Be sure to move the new /etc/updatedb.conf into place when installing
this package.
a/slocate-3.1-x86_64-4.txz: Removed.
xfce/xfwm4-4.12.4-x86_64-1.txz: Upgraded.
+--------------------------+
Thu Mar 16 01:37:05 UTC 2017
ap/jove-4.16.0.73-x86_64-3.txz: Rebuilt.
Ensure that the teach-jove file is installed. Thanks to bassmadrigal.
d/llvm-4.0.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/gdbm-1.13-x86_64-1.txz: Upgraded.
n/irssi-1.0.2-x86_64-1.txz: Upgraded.
x/mesa-17.0.1-x86_64-2.txz: Rebuilt.
Recompiled against libLLVM-4.0.so.
x/xf86-input-libinput-0.25.0-x86_64-1.txz: Upgraded.
x/xf86-video-intel-git_20170313_7e9e92c8-x86_64-1.txz: Upgraded.
x/xf86-video-nouveau-1.0.14-x86_64-1.txz: Upgraded.
x/xf86-video-vmware-13.2.1-x86_64-3.txz: Rebuilt.
Recompiled against libLLVM-4.0.so.
x/xorg-server-1.19.3-x86_64-1.txz: Upgraded.
x/xorg-server-xephyr-1.19.3-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-1.19.3-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-1.19.3-x86_64-1.txz: Upgraded.
xap/pidgin-2.12.0-x86_64-1.txz: Upgraded.
This update fixes a minor security issue (out of bounds memory read in
purple_markup_unescape_entity).
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2640
(* Security fix *)
+--------------------------+
Fri Mar 10 05:41:05 UTC 2017
a/coreutils-8.27-x86_64-1.txz: Upgraded.
ap/mc-4.8.19-x86_64-1.txz: Upgraded.
l/harfbuzz-1.4.4-x86_64-1.txz: Upgraded.
x/libepoxy-1.4.1-x86_64-1.txz: Upgraded.
x/libinput-1.6.3-x86_64-1.txz: Upgraded.
x/mesa-17.0.1-x86_64-1.txz: Upgraded.
x/motif-2.3.6-x86_64-1.txz: Upgraded.
xap/gimp-2.8.20-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-52.0-x86_64-2.txz: Rebuilt.
Recompiled with --enable-alsa option. Without this, there is no fallback
support for ALSA if PulseAudio is not present. Thanks to Ivan Kalvatchev.
xap/network-manager-applet-1.4.6-x86_64-1.txz: Upgraded.
+--------------------------+
Wed Mar 8 00:17:36 UTC 2017
a/kmod-24-x86_64-1.txz: Upgraded.
d/binutils-2.28-x86_64-1.txz: Upgraded.
d/oprofile-1.1.0-x86_64-3.txz: Rebuilt.
Recompiled against new libbfd from binutils-2.28.
l/ffmpeg-3.2.4-x86_64-1.txz: Upgraded.
Autodetect more optional dependencies in the build script.
Thanks to Heinz Wiesinger.
x/libX11-1.6.5-x86_64-1.txz: Upgraded.
x/libXi-1.7.9-x86_64-1.txz: Upgraded.
x/presentproto-1.1-x86_64-1.txz: Upgraded.
x/sessreg-1.1.1-x86_64-1.txz: Upgraded.
x/util-macros-1.19.1-noarch-1.txz: Upgraded.
x/xauth-1.0.10-x86_64-1.txz: Upgraded.
x/xconsole-1.0.7-x86_64-1.txz: Upgraded.
x/xf86-input-evdev-2.10.5-x86_64-1.txz: Upgraded.
x/xf86-input-libinput-0.24.0-x86_64-1.txz: Upgraded.
x/xf86-video-chips-1.2.7-x86_64-1.txz: Added.
x/xf86-video-glint-1.2.9-x86_64-1.txz: Added.
x/xf86-video-i740-1.3.6-x86_64-1.txz: Added.
x/xf86-video-intel-git_20170228_78d7a09b-x86_64-1.txz: Upgraded.
x/xf86-video-mga-1.6.5-x86_64-1.txz: Added.
x/xf86-video-nv-2.1.21-x86_64-1.txz: Added.
x/xf86-video-openchrome-0.6.0-x86_64-1.txz: Upgraded.
x/xf86-video-r128-6.10.2-x86_64-1.txz: Added.
x/xf86-video-savage-2.3.9-x86_64-1.txz: Added.
x/xf86-video-siliconmotion-1.7.9-x86_64-1.txz: Added.
x/xf86-video-sis-0.10.9-x86_64-1.txz: Added.
x/xf86-video-sisusb-0.9.7-x86_64-1.txz: Upgraded.
x/xf86-video-tdfx-1.4.7-x86_64-1.txz: Added.
x/xf86-video-trident-1.3.8-x86_64-1.txz: Added.
x/xorg-server-1.19.2-x86_64-1.txz: Upgraded.
x/xorg-server-xephyr-1.19.2-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-1.19.2-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-1.19.2-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-52.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
xap/mozilla-thunderbird-45.8.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
+--------------------------+
Tue Feb 28 23:51:55 UTC 2017
a/coreutils-8.26-x86_64-2.txz: Rebuilt.
Added a few more file extensions to /etc/DIR_COLORS, including .lz.
a/ed-1.14.2-x86_64-1.txz: Upgraded.
a/etc-14.2-x86_64-9.txz: Rebuilt.
Added cgred group to /etc/group.new. (cgred:x:41:)
a/glibc-zoneinfo-2017a-noarch-1.txz: Upgraded.
a/libcgroup-0.41-x86_64-2.txz: Rebuilt.
Fixed rc.cgred to source the correct config file.
Changed /usr/bin/cgexec from setuid root to setgid cgred.
Don't remove the entire cgroup file system with "rc.cgconfig stop".
Thanks to chris.willing.
a/shadow-4.2.1-x86_64-2.txz: Rebuilt.
Patched a potential security issue that allows any local user to send
SIGKILL to other processes with root privileges. Note that Slackware
is not vulnerable since the bug only affects systems that use PAM.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616
(* Security fix *)
a/util-linux-2.29.2-x86_64-1.txz: Upgraded.
This update fixes a potential security issue that allows any local user
to send SIGKILL to other processes with root privileges. Note that
Slackware is not vulnerable since we do not use /bin/su from util-linux,
and the bug only affects systems that use PAM.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616
(* Security fix *)
ap/nano-2.7.5-x86_64-1.txz: Upgraded.
ap/screen-4.5.1-x86_64-1.txz: Upgraded.
d/guile-2.0.14-x86_64-1.txz: Upgraded.
l/cairo-1.14.8-x86_64-1.txz: Upgraded.
l/fftw-3.3.6_pl1-x86_64-1.txz: Upgraded.
l/libimobiledevice-1.2.0-x86_64-2.txz: Rebuilt.
Patched to fix mounting iOS 10 devices. Thanks to qunying.
l/libsigsegv-2.11-x86_64-1.txz: Upgraded.
n/ModemManager-1.6.4-x86_64-1.txz: Upgraded.
n/NetworkManager-1.6.2-x86_64-1.txz: Upgraded.
n/curl-7.53.1-x86_64-1.txz: Upgraded.
Fixes SSL_VERIFYSTATUS ignored security issue.
(Issue only existed in Slackware -current, not in any -stable releases)
For more information, see:
https://curl.haxx.se/docs/adv_20170222.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2629
(* Security fix *)
n/libmbim-1.14.0-x86_64-1.txz: Upgraded.
n/libqmi-1.16.2-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
xap/windowmaker-0.95.7-x86_64-3.txz: Rebuilt.
Disabled overly verbose logging of warnings to syslog. Thanks to B Watson.
+--------------------------+
Mon Feb 13 06:21:22 UTC 2017
a/grep-3.0-x86_64-1.txz: Upgraded.
l/gst-plugins-libav-1.10.3-x86_64-1.txz: Added.
Thanks to alienBOB.
n/wget-1.19.1-x86_64-1.txz: Upgraded.
+--------------------------+
Fri Feb 10 21:07:35 UTC 2017
a/aaa_elflibs-14.2-x86_64-28.txz: Rebuilt.
a/grep-2.28-x86_64-1.txz: Upgraded.
a/hdparm-9.51-x86_64-1.txz: Upgraded.
a/openssl-solibs-1.0.2k-x86_64-1.txz: Upgraded.
a/sed-4.4-x86_64-1.txz: Upgraded.
a/util-linux-2.29.1-x86_64-1.txz: Upgraded.
ap/ddrescue-1.22-x86_64-1.txz: Upgraded.
ap/flac-1.3.2-x86_64-1.txz: Upgraded.
ap/sqlite-3.16.2-x86_64-1.txz: Upgraded.
ap/tmux-2.3-x86_64-2.txz: Rebuilt.
Recompiled against libevent-2.1.8.
d/llvm-3.9.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Added support for lldb and openmp to the package.
Thanks to Heinz Wiesinger.
d/opencl-headers-2.1-noarch-1.txz: Added.
d/scons-2.5.1-x86_64-1.txz: Upgraded.
l/ffmpeg-3.2.3-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
l/gmime-2.6.23-x86_64-1.txz: Upgraded.
l/gst-plugins-base-1.10.3-x86_64-1.txz: Upgraded.
l/gst-plugins-good-1.10.3-x86_64-1.txz: Upgraded.
l/gstreamer-1.10.3-x86_64-1.txz: Upgraded.
l/json-c-0.12-x86_64-1.txz: Removed.
This had been a required dep for PulseAudio, but has become optional. Since
being added to Slackware, a few other packages had begun to use it
(NetworkManager, BIND), but it's not really critical there either so we're
removing it from the main tree. If you require json-c for something, it is
expected that SBo will be picking it up.
l/libclc-20160921_520743b-x86_64-1.txz: Added.
This is needed by Mesa.
l/libedit-20160903_3.1-x86_64-1.txz: Added.
This is needed by lldb.
l/libevent-2.1.8-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libjpeg-turbo-1.5.1-x86_64-1.txz: Upgraded.
l/libnl3-3.2.29-x86_64-1.txz: Upgraded.
l/libpcap-1.8.1-x86_64-1.txz: Upgraded.
l/libvpx-1.6.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libzip-1.1.3-x86_64-1.txz: Upgraded.
l/ocl-icd-2.2.11-x86_64-1.txz: Added.
l/openjpeg-2.1.2-x86_64-1.txz: Upgraded.
l/pulseaudio-10.0-x86_64-1.txz: Upgraded.
l/python-six-1.10.0-x86_64-1.txz: Added.
This is needed by lldb.
l/rasqal-0.9.33-x86_64-1.txz: Upgraded.
l/redland-1.0.17-x86_64-1.txz: Upgraded.
l/serf-1.3.9-x86_64-1.txz: Upgraded.
n/NetworkManager-1.6.0-x86_64-1.txz: Upgraded.
n/bind-9.11.0_P3-x86_64-1.txz: Upgraded.
This update fixes a denial-of-service vulnerability. Under some conditions
when using both DNS64 and RPZ to rewrite query responses, query processing
can resume in an inconsistent state leading to either an INSIST assertion
failure or an attempt to read through a NULL pointer.
For more information, see:
https://kb.isc.org/article/AA-01453
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3135
(* Security fix *)
n/iproute2-4.9.0-x86_64-1.txz: Upgraded.
n/iptables-1.6.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/links-2.14-x86_64-2.txz: Rebuilt.
Recompiled against libevent-2.1.8.
n/mutt-1.7.2-x86_64-2.txz: Rebuilt.
Recompiled with --enable-sidebar option. Thanks to Corrado Franco.
n/nftables-0.7-x86_64-2.txz: Rebuilt.
Recompiled against iptables-1.6.1. Added libxtables support.
n/ntp-4.2.8p9-x86_64-3.txz: Rebuilt.
Recompiled against libevent-2.1.8.
n/openssl-1.0.2k-x86_64-1.txz: Upgraded.
This update fixes security issues:
Truncated packet could crash via OOB read (CVE-2017-3731)
BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)
Montgomery multiplication may produce incorrect results (CVE-2016-7055)
For more information, see:
https://www.openssl.org/news/secadv/20170126.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3731
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3732
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7055
(* Security fix *)
n/php-5.6.30-x86_64-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
https://php.net/ChangeLog-5.php#5.6.30
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10158
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10159
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10160
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10161
(* Security fix *)
n/samba-4.5.5-x86_64-1.txz: Upgraded.
n/tcpdump-4.9.0-x86_64-1.txz: Upgraded.
Fixed bugs which allow an attacker to crash tcpdump (denial of service).
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7922
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7923
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7924
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7925
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7926
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7927
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7928
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7929
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7930
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7931
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7932
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7933
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7934
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7935
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7936
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7937
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7938
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7939
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7940
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7973
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7974
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7975
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7983
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7984
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7985
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7986
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7992
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7993
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8574
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8575
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5202
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5203
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5204
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5205
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5341
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5342
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5482
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5483
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5484
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5485
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5486
(* Security fix *)
n/wget-1.19-x86_64-1.txz: Upgraded.
n/zd1211-firmware-1.5-fw-1.txz: Upgraded.
x/fontconfig-2.12.1-x86_64-1.txz: Upgraded.
Thanks to Robby Workman.
x/libdrm-2.4.75-x86_64-1.txz: Upgraded.
x/libinput-1.6.0-x86_64-1.txz: Upgraded.
x/mesa-13.0.4-x86_64-1.txz: Upgraded.
x/xf86-video-vmware-13.2.1-x86_64-2.txz: Rebuilt.
Recompiled against llvm-3.9.1.
xap/MPlayer-1.3_20170208-x86_64-1.txz: Upgraded.
Upgraded to 1.3 branch, compiled against system ffmpeg-3.2.3.
Thanks to Heinz Wiesinger.
xap/mozilla-thunderbird-45.7.1-x86_64-1.txz: Upgraded.
Fixed crash when viewing certain IMAP messages (introduced in 45.7.0)
xap/network-manager-applet-1.4.4-x86_64-1.txz: Upgraded.
xap/xine-lib-1.2.6-x86_64-10.txz: Rebuilt.
Recompiled against system ffmpeg-3.2.3.
+--------------------------+
Thu Jan 26 21:33:41 UTC 2017
xap/mozilla-firefox-51.0.1-x86_64-1.txz: Upgraded.
Fixed geolocation problems with Firefox 51.0.
xap/mozilla-thunderbird-45.7.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
(* Security fix *)
+--------------------------+
Mon Jan 23 21:30:13 UTC 2017
d/gdb-7.12.1-x86_64-1.txz: Upgraded.
xap/fvwm-2.6.7-x86_64-3.txz: Rebuilt.
Fixed the broken symlinks in a better way. Thanks to GazL for the patch.
xap/mozilla-firefox-51.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
+--------------------------+
Fri Jan 20 04:18:02 UTC 2017
l/seamonkey-solibs-2.46-x86_64-3.txz: Rebuilt.
xap/fvwm-2.6.7-x86_64-2.txz: Rebuilt.
Reverted an upstream patch that causes some broken symlinks to be installed.
Thanks to GazL.
xap/seamonkey-2.46-x86_64-3.txz: Rebuilt.
Recompiled with less aggressive optimization (-Os) to fix crashes.
+--------------------------+
Wed Jan 18 20:39:17 UTC 2017
ap/mariadb-10.0.29-x86_64-1.txz: Upgraded.
This update fixes several security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6664
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3238
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3243
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3244
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3257
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3258
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3265
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3291
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3312
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3317
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3318
(* Security fix *)
+--------------------------+
Wed Jan 18 02:33:18 UTC 2017
a/cryptsetup-1.7.3-x86_64-2.txz: Rebuilt.
Recompiled with --enable-cryptsetup-reencrypt option.
Thanks to Jakub Jankowski for the suggestion.
ap/screen-4.5.0-x86_64-1.txz: Upgraded.
l/libtasn1-4.10-x86_64-1.txz: Upgraded.
l/seamonkey-solibs-2.46-x86_64-2.txz: Rebuilt.
x/libinput-1.5.4-x86_64-1.txz: Added.
x/libwacom-0.22-x86_64-1.txz: Added.
This is needed for libinput.
x/xf86-input-libinput-0.23.0-x86_64-1.txz: Added.
This is the new generic X.Org input driver which replaces evdev for most
purposes. It does not (for now) replace xf86-input-synaptics or
xf86-input-vmmouse. If this driver package is missing then X will fall
back to using xf86-input-evdev as before.
Thanks to Robby Workman.
x/xorg-server-1.19.1-x86_64-2.txz: Rebuilt.
Rename 90-keyboard-layout.conf to 90-keyboard-layout-evdev.conf.
x/xorg-server-xephyr-1.19.1-x86_64-2.txz: Rebuilt.
x/xorg-server-xnest-1.19.1-x86_64-2.txz: Rebuilt.
x/xorg-server-xvfb-1.19.1-x86_64-2.txz: Rebuilt.
xap/seamonkey-2.46-x86_64-2.txz: Rebuilt.
Restored missing nspr/obsolete headers.
+--------------------------+
Sat Jan 14 05:34:32 UTC 2017
a/util-linux-2.29-x86_64-2.txz: Rebuilt.
Restored support for /etc/mtab.
n/iw-4.9-x86_64-1.txz: Upgraded.
x/scim-1.4.17-x86_64-1.txz: Upgraded.
extra/tigervnc/tigervnc-1.7.0-x86_64-2.txz: Rebuilt.
Recompiled for xorg-server-1.19.1.
+--------------------------+
Fri Jan 13 01:10:05 UTC 2017
a/grub-2.02_beta3-x86_64-2.txz: Rebuilt.
Make the package version number more sane.
+--------------------------+
Thu Jan 12 21:07:23 UTC 2017
ap/cups-filters-1.13.2-x86_64-1.txz: Upgraded.
ap/nano-2.7.4-x86_64-2.txz: Rebuilt.
Fixed /etc/nanorc.new. Thanks to SeB.
kde/calligra-2.9.11-x86_64-8.txz: Rebuilt.
l/poppler-0.50.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
xfce/tumbler-0.1.31-x86_64-9.txz: Rebuilt.
+--------------------------+
Thu Jan 12 01:15:52 UTC 2017
a/aaa_elflibs-14.2-x86_64-27.txz: Rebuilt.
Upgraded libcap.so.2.25, liblzma.so.5.2.3, and libz.so.1.2.10.
a/bash-4.4.005-x86_64-2.txz: Rebuilt.
a/dialog-1.3_20160828-x86_64-1.txz: Upgraded.
a/ed-1.14.1-x86_64-1.txz: Upgraded.
a/elvis-2.2_0-x86_64-3.txz: Rebuilt.
a/file-5.29-x86_64-1.txz: Upgraded.
a/gawk-4.1.4-x86_64-2.txz: Rebuilt.
a/gettext-0.19.8.1-x86_64-2.txz: Rebuilt.
a/getty-ps-2.1.0b-x86_64-3.txz: Rebuilt.
a/gpm-1.20.7-x86_64-4.txz: Rebuilt.
a/gptfdisk-1.0.1-x86_64-1.txz: Upgraded.
a/grub-2.02~beta3-x86_64-1.txz: Upgraded.
Thanks to Heinz Wiesinger.
Thanks to ReaperX7 for the updated dejavusansmono patch.
a/hwdata-0.291-noarch-1.txz: Upgraded.
a/less-481-x86_64-2.txz: Rebuilt.
a/minicom-2.7-x86_64-1.txz: Upgraded.
a/procps-ng-3.3.12-x86_64-1.txz: Upgraded.
a/sed-4.3-x86_64-1.txz: Upgraded.
a/splitvt-1.6.6-x86_64-1.txz: Upgraded.
a/tcsh-6.20.00-x86_64-1.txz: Upgraded.
a/util-linux-2.29-x86_64-1.txz: Upgraded.
a/xfsprogs-4.8.0-x86_64-1.txz: Upgraded.
a/xz-5.2.3-x86_64-1.txz: Upgraded.
ap/alsa-utils-1.1.3-x86_64-1.txz: Upgraded.
ap/bc-1.06.95-x86_64-4.txz: Rebuilt.
ap/bpe-2.01.00-x86_64-3.txz: Rebuilt.
ap/ghostscript-9.20-x86_64-2.txz: Rebuilt.
Restored /usr/bin/ijs-config.
ap/gphoto2-2.5.11-x86_64-1.txz: Upgraded.
ap/gutenprint-5.2.11-x86_64-3.txz: Rebuilt.
ap/htop-2.0.2-x86_64-1.txz: Upgraded.
ap/ispell-3.4.00-x86_64-1.txz: Upgraded.
ap/joe-4.3-x86_64-1.txz: Upgraded.
ap/jove-4.16.0.73-x86_64-2.txz: Rebuilt.
ap/mariadb-10.0.28-x86_64-2.txz: Rebuilt.
ap/mc-4.8.18-x86_64-1.txz: Upgraded.
ap/moc-2.5.2-x86_64-1.txz: Upgraded.
ap/nano-2.7.4-x86_64-1.txz: Upgraded.
ap/pamixer-1.3.1-x86_64-3.txz: Rebuilt.
ap/powertop-2.8-x86_64-2.txz: Rebuilt.
ap/sc-7.16-x86_64-5.txz: Rebuilt.
ap/screen-4.4.0-x86_64-3.txz: Rebuilt.
ap/sqlite-3.16.1-x86_64-1.txz: Upgraded.
ap/texinfo-6.3-x86_64-2.txz: Rebuilt.
ap/vim-8.0.0161-x86_64-1.txz: Upgraded.
ap/xfsdump-3.1.6-x86_64-2.txz: Rebuilt.
ap/zsh-5.3.1-x86_64-1.txz: Upgraded.
d/clisp-2.49.20161111-x86_64-1.txz: Upgraded.
d/cmake-3.7.1-x86_64-1.txz: Upgraded.
d/cscope-15.8b-x86_64-2.txz: Rebuilt.
d/flex-2.6.3-x86_64-1.txz: Upgraded.
d/gdb-7.12-x86_64-2.txz: Rebuilt.
d/gettext-tools-0.19.8.1-x86_64-2.txz: Rebuilt.
d/gnu-cobol-1.1-x86_64-2.txz: Rebuilt.
d/gperf-3.1-x86_64-1.txz: Upgraded.
d/guile-2.0.13-x86_64-2.txz: Rebuilt.
d/m4-1.4.18-x86_64-1.txz: Upgraded.
d/make-4.2.1-x86_64-1.txz: Upgraded.
d/perl-5.24.0-x86_64-1.txz: Upgraded.
Also upgraded to DBD-mysql-4.041 and TermReadKey-2.37.
d/ruby-2.4.0-x86_64-1.txz: Upgraded.
d/subversion-1.9.5-x86_64-1.txz: Upgraded.
e/emacs-25.1-x86_64-2.txz: Rebuilt.
kde/analitza-4.14.3-x86_64-3.txz: Rebuilt.
kde/calligra-2.9.11-x86_64-7.txz: Rebuilt.
kde/kdelibs-4.14.27-x86_64-1.txz: Upgraded.
kde/kig-4.14.3-x86_64-5.txz: Rebuilt.
kde/korundum-4.14.3-x86_64-4.txz: Rebuilt.
kde/lokalize-4.14.3-x86_64-3.txz: Rebuilt.
kde/perlkde-4.14.3-x86_64-3.txz: Rebuilt.
kde/perlqt-4.14.3-x86_64-3.txz: Rebuilt.
kde/qtruby-4.14.3-x86_64-5.txz: Rebuilt.
l/akonadi-1.13.0-x86_64-4.txz: Rebuilt.
l/alsa-lib-1.1.3-x86_64-1.txz: Upgraded.
l/aspell-0.60.6.1-x86_64-2.txz: Rebuilt.
l/boost-1.63.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/enchant-1.6.0-x86_64-2.txz: Rebuilt.
l/hunspell-1.6.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libcaca-0.99.beta19-x86_64-1.txz: Upgraded.
l/libcap-2.25-x86_64-1.txz: Upgraded.
l/libcdio-0.94-x86_64-2.txz: Rebuilt.
l/libgphoto2-2.5.11-x86_64-1.txz: Upgraded.
l/libnjb-2.2.7-x86_64-1.txz: Upgraded.
l/libproxy-0.4.13-x86_64-1.txz: Upgraded.
l/parted-3.2-x86_64-3.txz: Rebuilt.
l/pilot-link-0.12.5-x86_64-12.txz: Rebuilt.
l/taglib-1.11.1-x86_64-1.txz: Upgraded.
l/virtuoso-ose-6.1.8-x86_64-4.txz: Rebuilt.
l/vte-0.28.2-x86_64-5.txz: Rebuilt.
l/wavpack-5.0.0-x86_64-1.txz: Upgraded.
l/zlib-1.2.10-x86_64-1.txz: Upgraded.
n/NetworkManager-1.2.6-x86_64-2.txz: Rebuilt.
n/alpine-2.20-x86_64-3.txz: Rebuilt.
n/bind-9.11.0_P2-x86_64-1.txz: Upgraded.
This update fixes a denial-of-service vulnerability. An error in handling
certain queries can cause an assertion failure when a server is using the
nxdomain-redirect feature to cover a zone for which it is also providing
authoritative service. A vulnerable server could be intentionally stopped
by an attacker if it was using a configuration that met the criteria for
the vulnerability and if the attacker could cause it to accept a query
that possessed the required attributes.
Please note: This vulnerability affects the "nxdomain-redirect" feature,
which is one of two methods of handling NXDOMAIN redirection, and is only
available in certain versions of BIND. Redirection using zones of type
"redirect" is not affected by this vulnerability.
For more information, see:
https://kb.isc.org/article/AA-01442
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9778
(* Security fix *)
n/bluez-5.43-x86_64-1.txz: Upgraded.
n/elm-2.5.8-x86_64-4.txz: Rebuilt.
n/epic5-2.0.1-x86_64-1.txz: Upgraded.
n/gnupg-1.4.21-x86_64-2.txz: Rebuilt.
n/gnupg2-2.0.30-x86_64-2.txz: Rebuilt.
n/gnutls-3.5.8-x86_64-1.txz: Upgraded.
This update fixes some bugs and security issues.
For more information, see:
https://gnutls.org/security.html#GNUTLS-SA-2017-1
https://gnutls.org/security.html#GNUTLS-SA-2017-2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5334
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5335
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5336
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5337
(* Security fix *)
n/iftop-1.0pre4-x86_64-1.txz: Upgraded.
n/imapd-2.20-x86_64-3.txz: Rebuilt.
n/iptraf-ng-1.1.4-x86_64-2.txz: Rebuilt.
n/irssi-0.8.21-x86_64-1.txz: Upgraded.
Fixed security issues that may result in a denial of service.
For more information, see:
https://irssi.org/security/irssi_sa_2017_01.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5193
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5194
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5195
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5196
(* Security fix *)
n/lftp-4.7.5-x86_64-1.txz: Upgraded.
n/libnftnl-1.0.7-x86_64-1.txz: Upgraded.
n/links-2.14-x86_64-1.txz: Upgraded.
n/lynx-2.8.8rel.2-x86_64-2.txz: Rebuilt.
n/mcabber-1.0.4-x86_64-2.txz: Rebuilt.
n/metamail-2.7-x86_64-6.txz: Rebuilt.
n/mtr-0.87-x86_64-1.txz: Upgraded.
n/mutt-1.7.2-x86_64-1.txz: Upgraded.
n/ncftp-3.2.6-x86_64-1.txz: Upgraded.
n/net-snmp-5.7.3-x86_64-4.txz: Rebuilt.
n/netkit-ftp-0.17-x86_64-3.txz: Rebuilt.
n/netkit-ntalk-0.17-x86_64-4.txz: Rebuilt.
n/netwatch-1.3.1_2-x86_64-2.txz: Rebuilt.
n/nftables-0.7-x86_64-1.txz: Upgraded.
n/nn-6.7.3-x86_64-4.txz: Rebuilt.
n/ntp-4.2.8p9-x86_64-2.txz: Rebuilt.
n/obexftp-0.24.2-x86_64-1.txz: Upgraded.
n/openobex-1.7.2-x86_64-1.txz: Upgraded.
n/pinentry-1.0.0-x86_64-2.txz: Rebuilt.
n/proftpd-1.3.5b-x86_64-2.txz: Rebuilt.
n/snownews-1.5.12-x86_64-3.txz: Rebuilt.
n/telnet-0.17-x86_64-3.txz: Rebuilt.
n/tftp-hpa-5.2-x86_64-3.txz: Rebuilt.
n/tin-2.4.1-x86_64-1.txz: Upgraded.
n/trn-3.6-x86_64-2.txz: Removed.
n/wpa_supplicant-2.6-x86_64-1.txz: Upgraded.
n/ytalk-3.3.0-x86_64-3.txz: Rebuilt.
x/xf86-video-intel-git_20170103_028c946d-x86_64-1.txz: Upgraded.
x/xorg-server-1.19.1-x86_64-1.txz: Upgraded.
x/xorg-server-xephyr-1.19.1-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-1.19.1-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-1.19.1-x86_64-1.txz: Upgraded.
x/xterm-327-x86_64-1.txz: Upgraded.
xap/MPlayer-1.2_20160125-x86_64-4.txz: Rebuilt.
Upgraded to ffmpeg-2.8.10.
xap/ddd-3.3.12-x86_64-5.txz: Rebuilt.
xap/fvwm-2.6.7-x86_64-1.txz: Upgraded.
xap/gftp-2.0.19-x86_64-5.txz: Rebuilt.
xap/gnuchess-6.2.4-x86_64-2.txz: Rebuilt.
xap/gparted-0.27.0-x86_64-1.txz: Upgraded.
xap/hexchat-2.12.4-x86_64-1.txz: Upgraded.
xap/imagemagick-6.9.7_3-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
xap/pidgin-2.11.0-x86_64-2.txz: Rebuilt.
xap/vim-gvim-8.0.0161-x86_64-1.txz: Upgraded.
xap/xine-lib-1.2.6-x86_64-9.txz: Rebuilt.
Upgraded to ffmpeg-2.8.10.
xap/xine-ui-0.99.9-x86_64-2.txz: Rebuilt.
xap/xlockmore-5.50-x86_64-1.txz: Upgraded.
extra/brltty/brltty-5.4-x86_64-2.txz: Rebuilt.
Patched /lib/udev/rules.d/40-usb-brltty.rules to fix a syntax error.
Thanks to Willy Sudiarto Raharjo.
+--------------------------+
Fri Dec 30 19:29:13 UTC 2016
a/aaa_elflibs-14.2-x86_64-26.txz: Rebuilt.
a/btrfs-progs-v4.9-x86_64-1.txz: Upgraded.
ap/hplip-3.16.11-x86_64-1.txz: Upgraded.
ap/tmux-2.3-x86_64-1.txz: Upgraded.
l/elfutils-0.168-x86_64-1.txz: Upgraded.
l/libpng-1.6.27-x86_64-1.txz: Upgraded.
This release fixes an old NULL pointer dereference bug in png_set_text_2()
discovered and patched by Patrick Keshishian. The potential "NULL
dereference" bug has existed in libpng since version 0.71 of June 26, 1995.
To be vulnerable, an application has to load a text chunk into the png
structure, then delete all text, then add another text chunk to the same
png structure, which seems to be an unlikely sequence, but it has happened.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087
(* Security fix *)
l/seamonkey-solibs-2.46-x86_64-1.txz: Upgraded.
n/openvpn-2.4.0-x86_64-1.txz: Upgraded.
x/libXpm-3.5.12-x86_64-1.txz: Upgraded.
x/libdrm-2.4.74-x86_64-1.txz: Upgraded.
x/mesa-13.0.2-x86_64-1.txz: Upgraded.
x/xf86-video-dummy-0.3.8-x86_64-1.txz: Upgraded.
x/xf86-video-intel-git_20161117_169c74fa-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-45.6.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
(* Security fix *)
xap/seamonkey-2.46-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.seamonkey-project.org/releases/seamonkey2.46
(* Security fix *)
xfce/xfce4-panel-4.12.1-x86_64-1.txz: Upgraded.
xfce/xfce4-settings-4.12.1-x86_64-1.txz: Upgraded.
xfce/xfconf-4.12.1-x86_64-1.txz: Upgraded.
+--------------------------+
Wed Dec 28 21:05:19 UTC 2016
ap/nano-2.7.3-x86_64-1.txz: Upgraded.
d/python-2.7.13-x86_64-1.txz: Upgraded.
This release fixes security issues:
Issue #27850: Remove 3DES from ssl module's default cipher list to counter
measure sweet32 attack (CVE-2016-2183).
Issue #27568: Prevent HTTPoxy attack (CVE-2016-1000110). Ignore the
HTTP_PROXY variable when REQUEST_METHOD environment is set, which indicates
that the script is in CGI mode.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000110
(* Security fix *)
n/samba-4.5.3-x86_64-1.txz: Upgraded.
This release fixes security issues:
CVE-2016-2123 (Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer
Overflow Remote Code Execution Vulnerability).
CVE-2016-2125 (Unconditional privilege delegation to Kerberos servers
in trusted realms).
CVE-2016-2126 (Flaws in Kerberos PAC validation can trigger privilege
elevation).
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126
(* Security fix *)
+--------------------------+
Sat Dec 24 18:14:51 UTC 2016
a/aaa_elflibs-14.2-x86_64-25.txz: Upgraded.
l/expat-2.2.0-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Multiple integer overflows in XML_GetBuffer.
Fix crash on malformed input.
Improve insufficient fix to CVE-2015-1283 / CVE-2015-2716.
Use more entropy for hash initialization.
Resolve troublesome internal call to srand.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5300
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6702
(* Security fix *)
l/ncurses-6.0-x86_64-2.txz: Rebuilt.
Fixed install script to correctly remove "lint" from the 5.x package.
+--------------------------+
Sat Dec 24 02:36:05 UTC 2016
a/aaa_elflibs-14.2-x86_64-24.txz: Rebuilt.
Added libform.so.6.0, libformw.so.6.0, libhistory.so.7.0, libmenu.so.6.0,
libmenuw.so.6.0, libncurses.so.6.0, libncursesw.so.6.0, libpanel.so.6.0,
libpanelw.so.6.0, libreadline.so.7.0, and libtinfo.so.6.0.
l/libtermcap-1.2.3-x86_64-7.txz: Removed.
Replaced by equivalent functionality in the ncurses package.
l/ncurses-6.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Rebuild of linked binaries pending, but the old library versions are
in the aaa_elflibs package.
l/readline-7.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Rebuild of linked binaries pending, but the old library versions are
in the aaa_elflibs package.
n/curl-7.52.1-x86_64-1.txz: Upgraded.
n/gpa-0.9.10-x86_64-1.txz: Upgraded.
n/gpgme-1.7.1-x86_64-1.txz: Upgraded.
n/httpd-2.4.25-x86_64-1.txz: Upgraded.
This update fixes the following security issues:
* CVE-2016-8740: mod_http2: Mitigate DoS memory exhaustion via endless
CONTINUATION frames.
* CVE-2016-5387: core: Mitigate [f]cgi "httpoxy" issues.
* CVE-2016-2161: mod_auth_digest: Prevent segfaults during client entry
allocation when the shared memory space is exhausted.
* CVE-2016-0736: mod_session_crypto: Authenticate the session data/cookie
with a MAC (SipHash) to prevent deciphering or tampering with a padding
oracle attack.
* CVE-2016-8743: Enforce HTTP request grammar corresponding to RFC7230 for
request lines and request headers, to prevent response splitting and
cache pollution by malicious clients or downstream proxies.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8740
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
(* Security fix *)
n/lftp-4.7.4-x86_64-1.txz: Upgraded.
n/libassuan-2.4.3-x86_64-1.txz: Upgraded.
n/libgcrypt-1.7.5-x86_64-1.txz: Upgraded.
n/libksba-1.3.5-x86_64-1.txz: Upgraded.
n/nettle-3.3-x86_64-1.txz: Upgraded.
n/nmap-7.40-x86_64-1.txz: Upgraded.
n/openssh-7.4p1-x86_64-1.txz: Upgraded.
This is primarily a bugfix release, and also addresses security issues.
ssh-agent(1): Will now refuse to load PKCS#11 modules from paths outside
a trusted whitelist.
sshd(8): When privilege separation is disabled, forwarded Unix-domain
sockets would be created by sshd(8) with the privileges of 'root'.
sshd(8): Avoid theoretical leak of host private key material to
privilege-separated child processes via realloc().
sshd(8): The shared memory manager used by pre-authentication compression
support had a bounds checks that could be elided by some optimising
compilers to potentially allow attacks against the privileged monitor.
process from the sandboxed privilege-separation process.
sshd(8): Validate address ranges for AllowUser and DenyUsers directives at
configuration load time and refuse to accept invalid ones. It was
previously possible to specify invalid CIDR address ranges
(e.g. user@127.1.2.3/55) and these would always match, possibly resulting
in granting access where it was not intended.
For more information, see:
https://www.openssh.com/txt/release-7.4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10009
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10010
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10011
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10012
(* Security fix *)
n/pinentry-1.0.0-x86_64-1.txz: Upgraded.
xfce/xfce4-weather-plugin-0.8.8-x86_64-1.txz: Upgraded.
Package upgraded to fix the API used to fetch weather data.
Thanks to Robby Workman.
testing/packages/gcc-6.3.0-x86_64-1.txz: Upgraded.
testing/packages/gcc-g++-6.3.0-x86_64-1.txz: Upgraded.
testing/packages/gcc-gfortran-6.3.0-x86_64-1.txz: Upgraded.
testing/packages/gcc-gnat-6.3.0-x86_64-1.txz: Upgraded.
testing/packages/gcc-go-6.3.0-x86_64-1.txz: Upgraded.
testing/packages/gcc-java-6.3.0-x86_64-1.txz: Upgraded.
testing/packages/gcc-objc-6.3.0-x86_64-1.txz: Upgraded.
+--------------------------+
Sun Dec 18 05:20:25 UTC 2016
a/glibc-zoneinfo-2016j-noarch-1.txz: Upgraded.
+--------------------------+
Tue Dec 13 22:14:13 UTC 2016
Thanks to Robby Workman for most of these updates.
a/acpid-2.0.28-x86_64-1.txz: Upgraded.
a/cryptsetup-1.7.3-x86_64-1.txz: Upgraded.
a/dbus-1.10.14-x86_64-1.txz: Upgraded.
a/lvm2-2.02.168-x86_64-1.txz: Upgraded.
ap/alsa-utils-1.1.2-x86_64-1.txz: Upgraded.
ap/man-pages-4.09-noarch-1.txz: Upgraded.
d/git-2.11.0-x86_64-1.txz: Upgraded.
l/alsa-lib-1.1.2-x86_64-1.txz: Upgraded.
l/dbus-glib-0.108-x86_64-1.txz: Upgraded.
n/NetworkManager-1.2.6-x86_64-1.txz: Upgraded.
n/bluez-5.42-x86_64-1.txz: Upgraded.
n/conntrack-tools-1.4.4-x86_64-1.txz: Upgraded.
n/libnetfilter_acct-1.0.3-x86_64-1.txz: Upgraded.
n/libnetfilter_conntrack-1.0.6-x86_64-1.txz: Upgraded.
n/nfacct-1.0.2-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-50.1.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
xap/network-manager-applet-1.2.6-x86_64-1.txz: Upgraded.
extra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild: Updated.
Fixed filename and URL for new version 24. Thanks to alienBOB.
+--------------------------+
Mon Dec 12 21:25:50 UTC 2016
a/coreutils-8.26-x86_64-1.txz: Upgraded.
a/grep-2.27-x86_64-1.txz: Upgraded.
a/kernel-firmware-20161211git-noarch-1.txz: Upgraded.
a/kernel-generic-4.4.38-x86_64-1.txz: Upgraded.
This kernel fixes a security issue with a race condition in
net/packet/af_packet.c that can be exploited to gain kernel code execution
from unprivileged processes.
Thanks to Philip Pettersson for discovering the bug and providing a patch.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
For more information, see:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8655
(* Security fix *)
a/kernel-huge-4.4.38-x86_64-1.txz: Upgraded.
(* Security fix *)
a/kernel-modules-4.4.38-x86_64-1.txz: Upgraded.
ap/nano-2.7.2-x86_64-1.txz: Upgraded.
d/kernel-headers-4.4.38-x86-1.txz: Upgraded.
k/kernel-source-4.4.38-noarch-1.txz: Upgraded.
(* Security fix *)
l/gsl-2.3-x86_64-1.txz: Upgraded.
l/loudmouth-1.5.3-x86_64-1.txz: Upgraded.
n/mcabber-1.0.4-x86_64-1.txz: Upgraded.
This update fixes a security issue which can lead to a malicious actor
MITMing a conversation, or adding themselves as an entity on a third
parties roster (thereby granting themselves the associated priviledges
such as observing when the user is online).
For more information, see:
https://gultsch.de/gajim_roster_push_and_message_interception.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9928
(* Security fix *)
n/php-5.6.29-x86_64-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
https://php.net/ChangeLog-5.php#5.6.29
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9935
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Thu Dec 1 08:49:20 UTC 2016
d/intltool-0.51.0-x86_64-3.txz: Rebuilt.
Added a patch to fix issues when $(builddir) != $(srcdir). This avoids
possible build failures when intltool is used with automake >= 1.15.
Thanks to Willy Sudiarto Raharjo.
xap/mozilla-firefox-50.0.2-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefox.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9078
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079
(* Security fix *)
xap/mozilla-thunderbird-45.5.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079
(* Security fix *)
+--------------------------+
Mon Nov 21 19:21:22 UTC 2016
n/ntp-4.2.8p9-x86_64-1.txz: Upgraded.
In addition to bug fixes and enhancements, this release fixes the
following 1 high- (Windows only :-), 2 medium-, 2 medium-/low, and
5 low-severity vulnerabilities, and provides 28 other non-security
fixes and improvements.
CVE-2016-9311: Trap crash
CVE-2016-9310: Mode 6 unauthenticated trap info disclosure and DDoS vector
CVE-2016-7427: Broadcast Mode Replay Prevention DoS
CVE-2016-7428: Broadcast Mode Poll Interval Enforcement DoS
CVE-2016-9312: Windows: ntpd DoS by oversized UDP packet
CVE-2016-7431: Regression: 010-origin: Zero Origin Timestamp Bypass
CVE-2016-7434: Null pointer dereference in _IO_str_init_static_internal()
CVE-2016-7429: Interface selection attack
CVE-2016-7426: Client rate limiting and server responses
CVE-2016-7433: Reboot sync calculation problem
For more information, see:
https://www.kb.cert.org/vuls/id/633847
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9311
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9310
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7427
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7428
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9312
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7431
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7434
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7429
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7426
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7433
(* Security fix *)
+--------------------------+
Sat Nov 19 22:45:38 UTC 2016
a/grep-2.26-x86_64-2.txz: Rebuilt.
Reverted a speedup patch that is causing regressions when output is directed
to /dev/null. Thanks to SeB.
+--------------------------+
Sat Nov 19 03:33:33 UTC 2016
a/bash-4.4.005-x86_64-1.txz: Upgraded.
a/kernel-firmware-20161118git-noarch-1.txz: Upgraded.
a/kernel-generic-4.4.32-x86_64-1.txz: Upgraded.
a/kernel-huge-4.4.32-x86_64-1.txz: Upgraded.
a/kernel-modules-4.4.32-x86_64-1.txz: Upgraded.
ap/ghostscript-9.20-x86_64-1.txz: Upgraded.
d/kernel-headers-4.4.32-x86-1.txz: Upgraded.
k/kernel-source-4.4.32-noarch-1.txz: Upgraded.
n/nmap-7.31-x86_64-1.txz: Upgraded.
n/samba-4.5.1-x86_64-1.txz: Upgraded.
x/freeglut-3.0.0-x86_64-1.txz: Upgraded.
x/libXfont2-2.0.1-x86_64-1.txz: Added.
x/libdrm-2.4.73-x86_64-1.txz: Upgraded.
x/libxcb-1.12-x86_64-1.txz: Upgraded.
x/mesa-13.0.1-x86_64-1.txz: Upgraded.
x/xcb-proto-1.12-x86_64-1.txz: Upgraded.
x/xcb-util-cursor-0.1.3-x86_64-1.txz: Upgraded.
x/xf86-input-acecad-1.5.0-x86_64-10.txz: Rebuilt.
x/xf86-input-evdev-2.10.4-x86_64-1.txz: Upgraded.
x/xf86-input-joystick-1.6.3-x86_64-1.txz: Upgraded.
x/xf86-input-keyboard-1.9.0-x86_64-1.txz: Upgraded.
x/xf86-input-mouse-1.9.2-x86_64-1.txz: Upgraded.
x/xf86-input-penmount-1.5.0-x86_64-10.txz: Rebuilt.
x/xf86-input-synaptics-1.9.0-x86_64-1.txz: Upgraded.
x/xf86-input-vmmouse-13.1.0-x86_64-5.txz: Rebuilt.
x/xf86-input-void-1.4.0-x86_64-10.txz: Rebuilt.
x/xf86-input-wacom-0.33.0-x86_64-2.txz: Rebuilt.
x/xf86-video-amdgpu-1.2.0-x86_64-1.txz: Upgraded.
x/xf86-video-apm-1.2.5-x86_64-9.txz: Rebuilt.
x/xf86-video-ark-0.7.5-x86_64-9.txz: Rebuilt.
x/xf86-video-ast-1.1.5-x86_64-3.txz: Rebuilt.
x/xf86-video-ati-7.8.0-x86_64-1.txz: Upgraded.
x/xf86-video-chips-1.2.6-x86_64-2.txz: Removed.
x/xf86-video-cirrus-1.5.3-x86_64-3.txz: Rebuilt.
x/xf86-video-dummy-0.3.7-x86_64-6.txz: Rebuilt.
x/xf86-video-glint-1.2.8-x86_64-8.txz: Removed.
x/xf86-video-i128-1.3.6-x86_64-9.txz: Rebuilt.
x/xf86-video-i740-1.3.5-x86_64-3.txz: Removed.
x/xf86-video-intel-git_20161115_a1a0f76-x86_64-1.txz: Upgraded.
x/xf86-video-mach64-6.9.5-x86_64-3.txz: Rebuilt.
x/xf86-video-mga-1.6.4-x86_64-3.txz: Removed.
x/xf86-video-neomagic-1.2.9-x86_64-3.txz: Rebuilt.
x/xf86-video-nouveau-1.0.13-x86_64-1.txz: Upgraded.
x/xf86-video-nv-2.1.20-x86_64-9.txz: Removed.
x/xf86-video-openchrome-0.5.0-x86_64-2.txz: Rebuilt.
x/xf86-video-r128-6.10.1-x86_64-1.txz: Removed.
x/xf86-video-rendition-4.2.6-x86_64-2.txz: Rebuilt.
x/xf86-video-s3-0.6.5-x86_64-9.txz: Rebuilt.
x/xf86-video-s3virge-1.10.7-x86_64-3.txz: Rebuilt.
x/xf86-video-savage-2.3.8-x86_64-2.txz: Removed.
x/xf86-video-siliconmotion-1.7.8-x86_64-2.txz: Removed.
x/xf86-video-sis-0.10.8-x86_64-2.txz: Removed.
x/xf86-video-sisusb-0.9.6-x86_64-9.txz: Rebuilt.
x/xf86-video-tdfx-1.4.6-x86_64-3.txz: Removed.
x/xf86-video-tga-1.2.2-x86_64-9.txz: Rebuilt.
x/xf86-video-trident-1.3.7-x86_64-3.txz: Removed.
x/xf86-video-tseng-1.2.5-x86_64-9.txz: Rebuilt.
x/xf86-video-v4l-0.2.0-x86_64-14.txz: Rebuilt.
x/xf86-video-vesa-2.3.4-x86_64-3.txz: Rebuilt.
x/xf86-video-vmware-13.2.1-x86_64-1.txz: Upgraded.
x/xf86-video-voodoo-1.2.5-x86_64-10.txz: Rebuilt.
x/xf86-video-xgi-1.6.1-x86_64-2.txz: Removed.
x/xf86-video-xgixp-1.8.1-x86_64-8.txz: Removed.
x/xorg-server-1.19.0-x86_64-1.txz: Upgraded.
x/xorg-server-xephyr-1.19.0-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-1.19.0-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-1.19.0-x86_64-1.txz: Upgraded.
x/xproto-7.0.31-noarch-1.txz: Upgraded.
x/xterm-326-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-50.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
extra/tigervnc/tigervnc-1.7.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Fri Nov 4 03:31:38 UTC 2016
a/glibc-zoneinfo-2016i-noarch-1.txz: Upgraded.
ap/nano-2.7.1-x86_64-1.txz: Upgraded.
ap/vim-8.0.0055-x86_64-1.txz: Upgraded.
l/libcdio-paranoia-10.2+0.93+1-x86_64-2.txz: Rebuilt.
n/bind-9.10.4_P4-x86_64-1.txz: Upgraded.
This update fixes a denial-of-service vulnerability. A defect in BIND's
handling of responses containing a DNAME answer can cause a resolver to exit
after encountering an assertion failure in db.c or resolver.c. A server
encountering either of these error conditions will stop, resulting in denial
of service to clients. The risk to authoritative servers is minimal;
recursive servers are chiefly at risk.
For more information, see:
https://kb.isc.org/article/AA-01434
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8864
(* Security fix *)
n/curl-7.51.0-x86_64-1.txz: Upgraded.
This release fixes security issues:
CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host
For more information, see:
https://curl.haxx.se/docs/adv_20161102A.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
https://curl.haxx.se/docs/adv_20161102B.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
https://curl.haxx.se/docs/adv_20161102C.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
https://curl.haxx.se/docs/adv_20161102D.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
https://curl.haxx.se/docs/adv_20161102E.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
https://curl.haxx.se/docs/adv_20161102F.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
https://curl.haxx.se/docs/adv_20161102G.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
https://curl.haxx.se/docs/adv_20161102H.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
https://curl.haxx.se/docs/adv_20161102I.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
https://curl.haxx.se/docs/adv_20161102J.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
https://curl.haxx.se/docs/adv_20161102K.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8625
(* Security fix *)
xap/gnuchess-6.2.4-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.0.0055-x86_64-1.txz: Upgraded.
+--------------------------+
Mon Oct 31 23:38:24 UTC 2016
a/grep-2.26-x86_64-1.txz: Upgraded.
a/kernel-generic-4.4.29-x86_64-1.txz: Upgraded.
Fixes a security issue (Dirty COW).
(* Security fix *)
a/kernel-huge-4.4.29-x86_64-1.txz: Upgraded.
Fixes a security issue (Dirty COW).
(* Security fix *)
a/kernel-modules-4.4.29-x86_64-1.txz: Upgraded.
ap/mariadb-10.0.28-x86_64-1.txz: Upgraded.
This update fixes several security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5616
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5624
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5626
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3492
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5629
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8283
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7440
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5584
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6663
(* Security fix *)
d/gdb-7.12-x86_64-1.txz: Upgraded.
d/guile-2.0.13-x86_64-1.txz: Upgraded.
d/kernel-headers-4.4.29-x86-1.txz: Upgraded.
k/kernel-source-4.4.29-noarch-1.txz: Upgraded.
This kernel fixes a security issue known as "Dirty COW". A race
condition was found in the way the Linux kernel's memory subsystem
handled the copy-on-write (COW) breakage of private read-only
memory mappings. An unprivileged local user could use this flaw to
gain write access to otherwise read-only memory mappings and thus
increase their privileges on the system.
For more information, see:
https://dirtycow.ninja/
https://www.kb.cert.org/vuls/id/243144
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5195
(* Security fix *)
l/libcdio-0.94-x86_64-1.txz: Upgraded.
n/nmap-7.30-x86_64-1.txz: Upgraded.
n/php-5.6.27-x86_64-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
https://php.net/ChangeLog-5.php#5.6.27
(* Security fix *)
x/libX11-1.6.4-x86_64-1.txz: Upgraded.
Insufficient validation of data from the X server can cause out of boundary
memory read in XGetImage() or write in XListFonts().
Affected versions libX11 <= 1.6.3.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7942
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7943
(* Security fix *)
x/libXfixes-5.0.3-x86_64-1.txz: Upgraded.
Insufficient validation of data from the X server can cause an integer
overflow on 32 bit architectures.
Affected versions : libXfixes <= 5.0.2.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7944
(* Security fix *)
x/libXi-1.7.8-x86_64-1.txz: Upgraded.
Insufficient validation of data from the X server can cause out of boundary
memory access or endless loops (Denial of Service).
Affected versions libXi <= 1.7.6.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7945
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7946
(* Security fix *)
x/libXrandr-1.5.1-x86_64-1.txz: Upgraded.
Insufficient validation of data from the X server can cause out of boundary
memory writes.
Affected versions: libXrandr <= 1.5.0.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7947
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7948
(* Security fix *)
x/libXrender-0.9.10-x86_64-1.txz: Upgraded.
Insufficient validation of data from the X server can cause out of boundary
memory writes.
Affected version: libXrender <= 0.9.9.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7949
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7950
(* Security fix *)
x/libXtst-1.2.3-x86_64-1.txz: Upgraded.
Insufficient validation of data from the X server can cause out of boundary
memory access or endless loops (Denial of Service).
Affected version libXtst <= 1.2.2.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7951
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7952
(* Security fix *)
x/libXv-1.0.11-x86_64-1.txz: Upgraded.
Insufficient validation of data from the X server can cause out of boundary
memory and memory corruption.
Affected version libXv <= 1.0.10.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5407
(* Security fix *)
x/libXvMC-1.0.10-x86_64-1.txz: Upgraded.
Insufficient validation of data from the X server can cause a one byte buffer
read underrun.
Affected version: libXvMC <= 1.0.9.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7953
(* Security fix *)
xap/mozilla-firefox-49.0.2-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
xap/xscreensaver-5.36-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Sat Oct 1 17:11:13 UTC 2016
a/kernel-firmware-20161001git-noarch-1.txz: Upgraded.
a/kernel-generic-4.4.23-x86_64-1.txz: Upgraded.
a/kernel-huge-4.4.23-x86_64-1.txz: Upgraded.
a/kernel-modules-4.4.23-x86_64-1.txz: Upgraded.
a/lvm2-2.02.166-x86_64-1.txz: Upgraded.
d/kernel-headers-4.4.23-x86-1.txz: Upgraded.
k/kernel-source-4.4.23-noarch-1.txz: Upgraded.
n/mutt-1.7.0-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-45.4.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Wed Sep 28 23:24:37 UTC 2016
a/glibc-zoneinfo-2016g-noarch-1.txz: Upgraded.
This package provides the latest timezone updates.
l/mpfr-3.1.5-x86_64-1.txz: Upgraded.
+--------------------------+
Tue Sep 27 19:16:56 UTC 2016
ap/hplip-3.16.9-x86_64-1.txz: Upgraded.
Reenabled parallel port support. Thanks to Jas for the bug report.
n/bind-9.10.4_P3-x86_64-1.txz: Upgraded.
This update fixes a denial-of-service vulnerability. Testing by ISC has
uncovered a critical error condition which can occur when a nameserver is
constructing a response. A defect in the rendering of messages into
packets can cause named to exit with an assertion failure in buffer.c while
constructing a response to a query that meets certain criteria.
For more information, see:
https://kb.isc.org/article/AA-01419/0
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776
(* Security fix *)
xap/gnuchess-6.2.3-x86_64-1.txz: Upgraded.
Upgraded to gnuchess-6.2.3 and xboard-4.9.1.
+--------------------------+
Mon Sep 26 18:14:08 UTC 2016
a/openssl-solibs-1.0.2j-x86_64-1.txz: Upgraded.
a/pkgtools-14.2-noarch-13.txz: Rebuilt.
removepkg: Fixed removing filenames containing "%".
Thanks to SeB for the bug report, and to Jim Hawkins for the patch.
n/openssl-1.0.2j-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Missing CRL sanity check (CVE-2016-7052)
For more information, see:
https://www.openssl.org/news/secadv/20160926.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7052
(* Security fix *)
+--------------------------+
Sun Sep 25 02:32:25 UTC 2016
a/kernel-firmware-20160924git-noarch-1.txz: Upgraded.
a/kernel-generic-4.4.22-x86_64-1.txz: Upgraded.
a/kernel-huge-4.4.22-x86_64-1.txz: Upgraded.
a/kernel-modules-4.4.22-x86_64-1.txz: Upgraded.
d/kernel-headers-4.4.22-x86-1.txz: Upgraded.
k/kernel-source-4.4.22-noarch-1.txz: Upgraded.
n/sshfs-2.8-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Fri Sep 23 23:30:53 UTC 2016
n/php-5.6.26-x86_64-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
https://php.net/ChangeLog-5.php#5.6.26
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418
(* Security fix *)
+--------------------------+
Thu Sep 22 18:38:07 UTC 2016
a/openssl-solibs-1.0.2i-x86_64-1.txz: Upgraded.
n/openssl-1.0.2i-x86_64-1.txz: Upgraded.
This update fixes denial-of-service and other security issues.
For more information, see:
https://www.openssl.org/news/secadv/20160922.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6305
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6307
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6308
(* Security fix *)
+--------------------------+
Wed Sep 21 21:10:52 UTC 2016
n/irssi-0.8.20-x86_64-1.txz: Upgraded.
This update fixes two remote crash and heap corruption vulnerabilites
in Irssi's format parsing code. Impact: Remote crash and heap
corruption. Remote code execution seems difficult since only Nuls are
written. Bugs discovered by, and patches provided by Gabriel Campana
and Adrien Guinet from Quarkslab.
For more information, see:
https://irssi.org/security/irssi_sa_2016.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7044
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7045
(* Security fix *)
+--------------------------+
Wed Sep 21 15:54:06 UTC 2016
a/mkinitrd-1.4.8-x86_64-9.txz: Rebuilt.
When generating the initrd, include dmsetup whenever LUKS is requested.
Thanks to TracyTiger for the bug report and Eric Hameleers for the patch.
e/emacs-25.1-x86_64-1.txz: Upgraded.
l/qt-4.8.7-x86_64-5.txz: Rebuilt.
In the .prl files, make sure to use -L/usr/X11R6/lib64 on 64-bit to avoid
ld warnings when using qmake on a multilib system.
Thanks to Jonathan Woithe for the bug report and fix.
n/network-scripts-14.2-noarch-4.txz: Rebuilt.
rc.inet1.new: Use return (not continue) to leave the if_up() function.
Thanks to Tim Thomas for the bug report.
xap/mozilla-firefox-49.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
xap/pidgin-2.11.0-x86_64-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
https://www.pidgin.im/news/security/
(* Security fix *)
+--------------------------+
Thu Sep 15 22:54:52 UTC 2016
a/bash-4.4.0-x86_64-1.txz: Upgraded.
a/btrfs-progs-v4.7.2-x86_64-1.txz: Upgraded.
a/e2fsprogs-1.43.3-x86_64-1.txz: Upgraded.
a/pkgtools-14.2-noarch-12.txz: Rebuilt.
removepkg: Fixed removing packages with >= 3 hyphens in the package name
when using just the package name rather than the full name including
version, arch, and build.
Thanks to coralfang for the bug report, Jim Hawkins and Stuart Winter for
the patch, and SeB for testing and feedback.
removepkg: Handle filenames that contain backslashes.
Thanks to aaazen for the bug report and patch.
ap/vim-8.0.0005-x86_64-1.txz: Upgraded.
n/curl-7.50.3-x86_64-1.txz: Upgraded.
Fixed heap overflows in four libcurl functions: curl_escape(),
curl_easy_escape(), curl_unescape() and curl_easy_unescape().
For more information, see:
https://curl.haxx.se/docs/adv_20160914.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7167
(* Security fix *)
xap/vim-gvim-8.0.0005-x86_64-1.txz: Upgraded.
+--------------------------+
Tue Sep 13 18:13:32 UTC 2016
ap/mariadb-10.0.27-x86_64-1.txz: Upgraded.
This update fixes a critical vulnerability which can allow local and
remote attackers to inject malicious settings into MySQL configuration
files (my.cnf). A successful exploitation could allow attackers to
execute arbitrary code with root privileges which would then allow them
to fully compromise the server.
This issue was discovered and reported by Dawid Golunski.
For more information, see:
http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
https://jira.mariadb.org/browse/MDEV-10465
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6662
(* Security fix *)
ap/vim-8.0.0003-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.0.0003-x86_64-1.txz: Upgraded.
+--------------------------+
Mon Sep 12 18:39:03 UTC 2016
ap/texinfo-6.3-x86_64-1.txz: Upgraded.
d/guile-2.0.12-x86_64-2.txz: Rebuilt.
Match timestamps across all $ARCH on *.go and *.scm files, otherwise
on multilib systems the compiled (go) files may be detected as older
than the source (scm) files, causing guile to attempt to recompile
itself with every use.
l/sdl-1.2.15-x86_64-5.txz: Rebuilt.
Fixed a regression that broke MOD support. Thanks to B Watson.
x/libXfont-1.5.2-x86_64-1.txz: Upgraded.
x/mesa-12.0.2-x86_64-1.txz: Upgraded.
+--------------------------+
Sat Sep 10 18:04:42 UTC 2016
l/gtk+2-2.24.31-x86_64-1.txz: Upgraded.
This update fixes a security issue: Integer overflow in the
gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c allows remote
attackers to cause a denial of service (crash) via a large image file,
which triggers a large memory allocation.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7447
(* Security fix *)
n/gnutls-3.4.15-x86_64-1.txz: Upgraded.
libgnutls: Corrected the comparison of the serial size in OCSP response.
Previously the OCSP certificate check wouldn't verify the serial length
and could succeed in cases it shouldn't (GNUTLS-SA-2016-3).
Reported by Stefan Buehler.
For more information, see:
https://www.gnutls.org/security.html
(* Security fix *)
+--------------------------+
Thu Sep 8 21:35:02 UTC 2016
a/kernel-generic-4.4.20-x86_64-1.txz: Upgraded.
a/kernel-huge-4.4.20-x86_64-1.txz: Upgraded.
a/kernel-modules-4.4.20-x86_64-1.txz: Upgraded.
a/kmod-23-x86_64-2.txz: Rebuilt.
a/util-linux-2.28.2-x86_64-1.txz: Upgraded.
ap/hplip-3.16.8-x86_64-1.txz: Upgraded.
ap/nano-2.7.0-x86_64-1.txz: Upgraded.
ap/pamixer-1.3.1-x86_64-2.txz: Rebuilt.
ap/rpm-4.12.0.1-x86_64-2.txz: Rebuilt.
ap/vim-7.4.2342-x86_64-1.txz: Upgraded.
d/Cython-0.24.1-x86_64-1.txz: Upgraded.
d/gdb-7.11.1-x86_64-2.txz: Rebuilt.
d/kernel-headers-4.4.20-x86-1.txz: Upgraded.
d/mercurial-3.9.1-x86_64-1.txz: Upgraded.
d/python-2.7.12-x86_64-1.txz: Upgraded.
Compiled using --enable-unicode=ucs4.
The upstream default for Python Unicode is ucs2, but ucs4 is more widely
used and recommended now. Any Python scripts or binaries that use UCS-2
will need to be recompiled. These can be identified with the following
grep command: grep -r -l PyUnicodeUCS2 /usr 2> /dev/null
k/kernel-source-4.4.20-noarch-1.txz: Upgraded.
kde/calligra-2.9.11-x86_64-6.txz: Rebuilt.
kde/kate-4.14.3-x86_64-3.txz: Rebuilt.
kde/kdev-python-1.7.2-x86_64-2.txz: Rebuilt.
kde/kig-4.14.3-x86_64-4.txz: Rebuilt.
kde/kross-interpreters-4.14.3-x86_64-3.txz: Rebuilt.
kde/pykde4-4.14.3-x86_64-4.txz: Rebuilt.
kde/superkaramba-4.14.3-x86_64-3.txz: Rebuilt.
l/PyQt-4.11.4-x86_64-2.txz: Rebuilt.
l/akonadi-1.13.0-x86_64-3.txz: Rebuilt.
l/boost-1.61.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/dbus-python-1.2.4-x86_64-2.txz: Rebuilt.
l/gdbm-1.12-x86_64-2.txz: Rebuilt.
l/glib2-2.46.2-x86_64-4.txz: Rebuilt.
l/gobject-introspection-1.46.0-x86_64-2.txz: Rebuilt.
l/libxml2-2.9.4-x86_64-3.txz: Rebuilt.
l/pilot-link-0.12.5-x86_64-11.txz: Rebuilt.
l/pycups-1.9.73-x86_64-2.txz: Rebuilt.
l/pycurl-7.43.0-x86_64-2.txz: Rebuilt.
l/pygobject-2.28.6-x86_64-3.txz: Rebuilt.
l/pygobject3-3.18.2-x86_64-2.txz: Rebuilt.
l/pygtk-2.24.0-x86_64-3.txz: Rebuilt.
l/python-pillow-3.0.0-x86_64-2.txz: Rebuilt.
l/sip-4.18.1-x86_64-1.txz: Upgraded.
n/php-5.6.25-x86_64-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
http://php.net/ChangeLog-5.php#5.6.25
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7133
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7134
(* Security fix *)
n/samba-4.5.0-x86_64-1.txz: Upgraded.
xap/blueman-2.0.4-x86_64-2.txz: Rebuilt.
xap/gimp-2.8.18-x86_64-2.txz: Rebuilt.
xap/vim-gvim-7.4.2342-x86_64-1.txz: Upgraded.
extra/brltty/brltty-5.4-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Wed Aug 31 20:43:10 UTC 2016
l/gsl-2.2.1-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-45.3.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
+--------------------------+
Tue Aug 30 22:10:31 UTC 2016
testing/packages/gcc-6.2.0-x86_64-1.txz: Added.
testing/packages/gcc-g++-6.2.0-x86_64-1.txz: Added.
testing/packages/gcc-gfortran-6.2.0-x86_64-1.txz: Added.
testing/packages/gcc-gnat-6.2.0-x86_64-1.txz: Added.
testing/packages/gcc-go-6.2.0-x86_64-1.txz: Added.
testing/packages/gcc-java-6.2.0-x86_64-1.txz: Added.
Please note that if you install this package, gettext (specifically the
gettext-tools package) will need to be recompiled.
testing/packages/gcc-objc-6.2.0-x86_64-1.txz: Added.
+--------------------------+
Mon Aug 29 22:51:27 UTC 2016
a/gawk-4.1.4-x86_64-1.txz: Upgraded.
l/gsl-2.2-x86_64-1.txz: Upgraded.
+--------------------------+
Wed Aug 24 19:37:40 UTC 2016
xap/mozilla-firefox-48.0.2-x86_64-1.txz: Upgraded.
+--------------------------+
Tue Aug 23 19:45:33 UTC 2016
a/glibc-solibs-2.24-x86_64-2.txz: Rebuilt.
a/kernel-firmware-20160823git-noarch-1.txz: Upgraded.
a/kernel-generic-4.4.19-x86_64-1.txz: Upgraded.
A flaw was found in the implementation of the Linux kernels handling of
networking challenge ack where an attacker is able to determine the shared
counter. This may allow an attacker located on different subnet to inject
or take over a TCP connection between a server and client without having to
be a traditional Man In the Middle (MITM) style attack.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5389
(* Security fix *)
a/kernel-huge-4.4.19-x86_64-1.txz: Upgraded.
A flaw was found in the implementation of the Linux kernels handling of
networking challenge ack where an attacker is able to determine the shared
counter. This may allow an attacker located on different subnet to inject
or take over a TCP connection between a server and client without having to
be a traditional Man In the Middle (MITM) style attack.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5389
(* Security fix *)
a/kernel-modules-4.4.19-x86_64-1.txz: Upgraded.
ap/diffutils-3.5-x86_64-1.txz: Upgraded.
ap/linuxdoc-tools-0.9.72-x86_64-1.txz: Upgraded.
Thanks to Stuart Winter.
ap/screen-4.4.0-x86_64-2.txz: Rebuilt.
Reverted a change to /etc/screenrc.new that prevented the console from being
cleared when a screen session was detached. Thanks to Stuart Winter.
d/binutils-2.27-x86_64-2.txz: Rebuilt.
Recompiled with --disable-compressed-debug-sections, since other tools are
not yet capable of parsing that.
Thanks to Vincent Batts, Heinz Wiesinger, and Stuart Winter.
d/kernel-headers-4.4.19-x86-1.txz: Upgraded.
k/kernel-source-4.4.19-noarch-1.txz: Upgraded.
A flaw was found in the implementation of the Linux kernels handling of
networking challenge ack where an attacker is able to determine the shared
counter. This may allow an attacker located on different subnet to inject
or take over a TCP connection between a server and client without having to
be a traditional Man In the Middle (MITM) style attack.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5389
(* Security fix *)
l/glib2-2.46.2-x86_64-3.txz: Rebuilt.
Applied upstream patch to fix a use-before-allocate bug in libgio. Without
this fix, Thunar will crash if $HOME is on an NFS volume.
Thanks to Jonathan Woithe.
l/glibc-2.24-x86_64-2.txz: Rebuilt.
If libm.so is a linker script, don't clobber it with a symlink.
Thanks to guanx.
l/glibc-i18n-2.24-x86_64-2.txz: Rebuilt.
l/glibc-profile-2.24-x86_64-2.txz: Rebuilt.
n/gnupg-1.4.21-x86_64-1.txz: Upgraded.
Fix critical security bug in the RNG [CVE-2016-6313]. An attacker who
obtains 580 bytes from the standard RNG can trivially predict the next
20 bytes of output. (This is according to the NEWS file included in the
source. According to the annoucement linked below, an attacker who obtains
4640 bits from the RNG can trivially predict the next 160 bits of output.)
Problem detected by Felix Doerre and Vladimir Klebanov, KIT.
For more information, see:
https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313
(* Security fix *)
n/libgcrypt-1.7.3-x86_64-1.txz: Upgraded.
Fix critical security bug in the RNG [CVE-2016-6313]. An attacker who
obtains 580 bytes from the standard RNG can trivially predict the next
20 bytes of output. (This is according to the NEWS file included in the
source. According to the annoucement linked below, an attacker who obtains
4640 bits from the RNG can trivially predict the next 160 bits of output.)
Problem detected by Felix Doerre and Vladimir Klebanov, KIT.
For more information, see:
https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313
(* Security fix *)
n/network-scripts-14.2-noarch-3.txz: Rebuilt.
In rc.inet1, skip interfaces that are not configured in rc.inet1.conf
to speed up the boot time slightly.
Thanks to Amritpal Bath.
n/stunnel-5.35-x86_64-2.txz: Rebuilt.
Fixed incorrect config file name in generate-stunnel-key.sh.
Thanks to Ebben Aries.
xap/mozilla-firefox-48.0.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Thu Aug 11 18:24:29 UTC 2016
a/glibc-solibs-2.24-x86_64-1.txz: Upgraded.
a/glibc-zoneinfo-2016f-noarch-1.txz: Upgraded.
a/kernel-generic-4.4.17-x86_64-1.txz: Upgraded.
a/kernel-huge-4.4.17-x86_64-1.txz: Upgraded.
a/kernel-modules-4.4.17-x86_64-1.txz: Upgraded.
ap/diffutils-3.4-x86_64-1.txz: Upgraded.
ap/vim-7.4.2196-x86_64-1.txz: Upgraded.
d/binutils-2.27-x86_64-1.txz: Upgraded.
d/gcc-5.4.0-x86_64-1.txz: Upgraded.
d/gcc-g++-5.4.0-x86_64-1.txz: Upgraded.
d/gcc-gfortran-5.4.0-x86_64-1.txz: Upgraded.
d/gcc-gnat-5.4.0-x86_64-1.txz: Upgraded.
d/gcc-go-5.4.0-x86_64-1.txz: Upgraded.
d/gcc-java-5.4.0-x86_64-1.txz: Upgraded.
d/gcc-objc-5.4.0-x86_64-1.txz: Upgraded.
d/kernel-headers-4.4.17-x86-1.txz: Upgraded.
d/llvm-3.8.1-x86_64-1.txz: Upgraded.
d/oprofile-1.1.0-x86_64-2.txz: Rebuilt.
k/kernel-source-4.4.17-noarch-1.txz: Upgraded.
l/glibc-2.24-x86_64-1.txz: Upgraded.
l/glibc-i18n-2.24-x86_64-1.txz: Upgraded.
l/glibc-profile-2.24-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-48.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
xap/vim-gvim-7.4.2196-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Sat Aug 6 19:29:16 UTC 2016
n/curl-7.50.1-x86_64-1.txz: Upgraded.
This release fixes security issues:
TLS: switch off SSL session id when client cert is used
TLS: only reuse connections with the same client cert
curl_multi_cleanup: clear connection pointer for easy handles
For more information, see:
https://curl.haxx.se/docs/adv_20160803A.html
https://curl.haxx.se/docs/adv_20160803B.html
https://curl.haxx.se/docs/adv_20160803C.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421
(* Security fix *)
n/mutt-1.6.2-x86_64-1.txz: Upgraded.
n/openssh-7.3p1-x86_64-1.txz: Upgraded.
This is primarily a bugfix release, and also addresses security issues.
sshd(8): Mitigate a potential denial-of-service attack against the system's
crypt(3) function via sshd(8).
sshd(8): Mitigate timing differences in password authentication that could
be used to discern valid from invalid account names when long passwords were
sent and particular password hashing algorithms are in use on the server.
ssh(1), sshd(8): Fix observable timing weakness in the CBC padding oracle
countermeasures.
ssh(1), sshd(8): Improve operation ordering of MAC verification for
Encrypt-then-MAC (EtM) mode transport MAC algorithms to verify the MAC
before decrypting any ciphertext.
sshd(8): (portable only) Ignore PAM environment vars when UseLogin=yes.
For more information, see:
http://www.openssh.com/txt/release-7.3
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6210
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8325
(* Security fix *)
n/stunnel-5.35-x86_64-1.txz: Upgraded.
Fixes security issues:
Fixed malfunctioning "verify = 4".
Fixed incorrectly enforced client certificate requests.
(* Security fix *)
+--------------------------+
Thu Jul 28 19:44:25 UTC 2016
a/kernel-generic-4.4.16-x86_64-1.txz: Upgraded.
a/kernel-huge-4.4.16-x86_64-1.txz: Upgraded.
a/kernel-modules-4.4.16-x86_64-1.txz: Upgraded.
d/kernel-headers-4.4.16-x86-1.txz: Upgraded.
k/kernel-source-4.4.16-noarch-1.txz: Upgraded.
l/libidn-1.33-x86_64-1.txz: Upgraded.
Fixed out-of-bounds read bugs. Fixed crashes on invalid UTF-8.
Thanks to Hanno Böck.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8948
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6261
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6262
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6263
(* Security fix *)
l/libtasn1-4.9-x86_64-1.txz: Upgraded.
n/bluez-5.41-x86_64-1.txz: Upgraded.
extra/tigervnc/tigervnc-1.6.0-x86_64-4.txz: Rebuilt.
Recompiled for xorg-server-1.18.4.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Mon Jul 25 19:59:06 UTC 2016
a/pkgtools-14.2-noarch-11.txz: Rebuilt.
Changes to pkgtool:
Remove option to install from floppy disks.
Don't use the --file option, which appears to be broken in the latest version
of dialog. The only reason --file was ever used in the first place was to
work around the Linux ARG_MAX limit of 131072 bytes, and since Linux 2.6.23 a
much larger limit is in place making it unlikely to become an issue again.
So we'll go back to passing the package list on the command line.
Thanks to David Miller for the bug report.
+--------------------------+
Fri Jul 22 20:51:23 UTC 2016
a/dialog-1.3_20160424-x86_64-1.txz: Upgraded.
a/kmod-23-x86_64-1.txz: Upgraded.
a/lvm2-2.02.161-x86_64-1.txz: Upgraded.
d/git-2.9.2-x86_64-1.txz: Upgraded.
l/desktop-file-utils-0.23-x86_64-1.txz: Upgraded.
l/freetype-2.6.5-x86_64-1.txz: Upgraded.
l/harfbuzz-1.3.0-x86_64-1.txz: Upgraded.
n/bind-9.10.4_P2-x86_64-1.txz: Upgraded.
Fixed a security issue:
getrrsetbyname with a non absolute name could trigger an infinite
recursion bug in lwresd and named with lwres configured if when
combined with a search list entry the resulting name is too long.
(CVE-2016-2775) [RT #42694]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2775
(* Security fix *)
n/httpd-2.4.23-x86_64-1.txz: Upgraded.
n/lftp-4.7.3-x86_64-1.txz: Upgraded.
n/links-2.13-x86_64-1.txz: Upgraded.
x/xf86-video-openchrome-0.5.0-x86_64-1.txz: Upgraded.
x/xkeyboard-config-2.18-noarch-1.txz: Upgraded.
x/xorg-server-1.18.4-x86_64-1.txz: Upgraded.
x/xorg-server-xephyr-1.18.4-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-1.18.4-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-1.18.4-x86_64-1.txz: Upgraded.
+--------------------------+
Thu Jul 21 23:25:54 UTC 2016
ap/tmux-2.2-x86_64-2.txz: Upgraded.
Moved from /testing.
d/guile-2.0.12-x86_64-1.txz: Upgraded.
l/freetype-2.6.4-x86_64-1.txz: Upgraded.
n/libgcrypt-1.7.2-x86_64-1.txz: Upgraded.
n/network-scripts-14.2-noarch-2.txz: Rebuilt.
In rc.inet1.new, use -L option to dhcpcd to disable Zeroconf. This is
(almost) never going to be wanted, and ends up used accidentally on slower
systems (such as some ARM platforms), preventing a proper DHCP lease.
Thanks to Stuart Winter.
n/php-5.6.24-x86_64-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
http://php.net/ChangeLog-5.php#5.6.24
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5385
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6207
(* Security fix *)
xap/gimp-2.8.18-x86_64-1.txz: Upgraded.
This release fixes a security issue:
Use-after-free vulnerability in the xcf_load_image function in
app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of
service (program crash) or possibly execute arbitrary code via a crafted
XCF file.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4994
(* Security fix *)
+--------------------------+
Tue Jul 12 03:48:34 UTC 2016
a/etc-14.2-x86_64-8.txz: Rebuilt.
In /etc/profile.d/lang.{csh,sh}.new, make en_US.UTF-8 the default locale.
a/kernel-generic-4.4.15-x86_64-1.txz: Upgraded.
a/kernel-huge-4.4.15-x86_64-1.txz: Upgraded.
a/kernel-modules-4.4.15-x86_64-1.txz: Upgraded.
a/lilo-24.2-x86_64-3.txz: Rebuilt.
In liloconfig: Skip the menu asking if the user wants a UTF-8 virtual
console, and use the kernel default (currently this is UTF-8 active).
d/kernel-headers-4.4.15-x86-1.txz: Upgraded.
k/kernel-source-4.4.15-noarch-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Sat Jul 9 18:35:56 UTC 2016
x/mesa-12.0.1-x86_64-1.txz: Upgraded.
+--------------------------+
Fri Jul 8 23:17:22 UTC 2016
x/mesa-12.0.0-x86_64-1.txz: Upgraded.
+--------------------------+
Thu Jul 7 19:52:36 UTC 2016
n/samba-4.4.5-x86_64-1.txz: Upgraded.
This release fixes a security issue:
Client side SMB2/3 required signing can be downgraded.
It's possible for an attacker to downgrade the required signing for an
SMB2/3 client connection, by injecting the SMB2_SESSION_FLAG_IS_GUEST or
SMB2_SESSION_FLAG_IS_NULL flags. This means that the attacker can
impersonate a server being connected to by Samba, and return malicious
results.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119
(* Security fix *)
+--------------------------+
Tue Jul 5 04:52:45 UTC 2016
xap/mozilla-thunderbird-45.2.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
+--------------------------+
Sun Jul 3 19:29:33 UTC 2016
a/file-5.28-x86_64-1.txz: Upgraded.
a/util-linux-2.28-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-47.0.1-x86_64-1.txz: Upgraded.
+--------------------------+
Thu Jun 30 20:26:57 UTC 2016
Slackware 14.2 x86_64 stable is released!
The long development cycle (the Linux community has lately been living in
"interesting times", as they say) is finally behind us, and we're proud to
announce the release of Slackware 14.2. The new release brings many updates
and modern tools, has switched from udev to eudev (no systemd), and adds
well over a hundred new packages to the system. Thanks to the team, the
upstream developers, the dedicated Slackware community, and everyone else
who pitched in to help make this release a reality.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.
Have fun! :-)
|