summaryrefslogtreecommitdiff
path: root/ChangeLog.txt
diff options
context:
space:
mode:
authorPatrick J Volkerding <volkerdi@slackware.com>2018-05-28 19:12:29 +0000
committerEric Hameleers <alien@slackware.com>2018-05-31 23:39:35 +0200
commit646a5c1cbfd95873950a87b5f75d52073a967023 (patch)
treeb8b8d2ab3b0d432ea69ad1a64d1c789649d65020 /ChangeLog.txt
parentd31c50870d0bee042ce660e445c9294a59a3a65b (diff)
downloadcurrent-646a5c1cbfd95873950a87b5f75d52073a967023.tar.gz
Mon May 28 19:12:29 UTC 201820180528191229
a/pkgtools-15.0-noarch-13.txz: Rebuilt. installpkg: default line length for --terselength is the number of columns. removepkg: added --terse mode. upgradepkg: default line length for --terselength is the number of columns. upgradepkg: accept -option in addition to --option. ap/vim-8.1.0026-x86_64-1.txz: Upgraded. d/bison-3.0.5-x86_64-1.txz: Upgraded. e/emacs-26.1-x86_64-1.txz: Upgraded. kde/kopete-4.14.3-x86_64-8.txz: Rebuilt. Recompiled against libidn-1.35. n/conntrack-tools-1.4.5-x86_64-1.txz: Upgraded. n/libnetfilter_conntrack-1.0.7-x86_64-1.txz: Upgraded. n/libnftnl-1.1.0-x86_64-1.txz: Upgraded. n/links-2.16-x86_64-2.txz: Rebuilt. Rebuilt to enable X driver for -g mode. n/lynx-2.8.9dev.19-x86_64-1.txz: Upgraded. n/nftables-0.8.5-x86_64-1.txz: Upgraded. n/p11-kit-0.23.11-x86_64-1.txz: Upgraded. n/ulogd-2.0.7-x86_64-1.txz: Upgraded. n/whois-5.3.1-x86_64-1.txz: Upgraded. xap/network-manager-applet-1.8.12-x86_64-1.txz: Upgraded. xap/vim-gvim-8.1.0026-x86_64-1.txz: Upgraded.
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r--ChangeLog.txt15298
1 files changed, 8398 insertions, 6900 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt
index f603590b..754b9cf5 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,7218 +1,8716 @@
-Thu Jun 30 20:26:57 UTC 2016
-Slackware 14.2 x86_64 stable is released!
-
-The long development cycle (the Linux community has lately been living in
-"interesting times", as they say) is finally behind us, and we're proud to
-announce the release of Slackware 14.2. The new release brings many updates
-and modern tools, has switched from udev to eudev (no systemd), and adds
-well over a hundred new packages to the system. Thanks to the team, the
-upstream developers, the dedicated Slackware community, and everyone else
-who pitched in to help make this release a reality.
-
-The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a dual-sided
-32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
-project by picking up a copy from store.slackware.com. We're taking
-pre-orders now, and offer a discount if you sign up for a subscription.
-
-Have fun! :-)
-+--------------------------+
-Thu Jun 30 17:25:39 UTC 2016
-testing/packages/kernel-module-ecryptfs-4.4.14-x86_64-1.txz: Added.
- This package contains a fixed version of the eCryptfs kernel module.
-+--------------------------+
-Wed Jun 29 19:38:51 UTC 2016
-a/sysklogd-1.5.1-x86_64-2.txz: Rebuilt.
- Add a new -c option to disable suppression of repeated messages, which helps
- log parsing tools such as fail2ban work better.
-ap/at-3.1.19-x86_64-2.txz: Rebuilt.
- Removed broken at_deny.5 man page symlink.
-+--------------------------+
-Wed Jun 29 00:23:01 UTC 2016
-a/kernel-firmware-20160628git-noarch-1.txz: Upgraded.
-+--------------------------+
-Sun Jun 26 01:28:27 UTC 2016
-ap/screen-4.4.0-x86_64-1.txz: Upgraded.
-xfce/xfce4-pulseaudio-plugin-0.2.4-x86_64-3.txz: Rebuilt.
- Reverted the icon background color patch, which was causing artifacts around
- the icon or other issues such as the icon being too wide. These seemed
- worse than the background color issue, which at least doesn't affect the
- default Xfce theme. The patch remains in the source directory, commented
- out in case anyone wants to try it. Also, an alternate patch from
- Jean-Philippe Guillemin has been added to the source directory (commented
- out).
-+--------------------------+
-Fri Jun 24 23:37:19 UTC 2016
-Sorry about the delay, but we had to wait for this kernel. At least we were
-able to get some other good fixes in this week while we were waiting. :-)
-a/aaa_elflibs-14.2-x86_64-23.txz: Rebuilt.
-a/kernel-generic-4.4.14-x86_64-1.txz: Upgraded.
-a/kernel-huge-4.4.14-x86_64-1.txz: Upgraded.
-a/kernel-modules-4.4.14-x86_64-1.txz: Upgraded.
-ap/mariadb-10.0.26-x86_64-1.txz: Upgraded.
-d/kernel-headers-4.4.14-x86-1.txz: Upgraded.
-k/kernel-source-4.4.14-noarch-1.txz: Upgraded.
- This kernel release fixes two security issues:
- Corrupted offset allows for arbitrary decrements in compat
- IPT_SO_SET_REPLACE setsockopt. Risk: High. Impact: Kernel memory
- corruption, leading to elevation of privileges or kernel code execution.
- This occurs in a compat_setsockopt() call that is normally restricted to
- root, however, Linux 3/4 kernels that support user and network namespaces
- can allow an unprivileged user to trigger this functionality. This is
- exploitable from inside a container.
- Out of bounds reads when processing IPT_SO_SET_REPLACE setsockopt.
- Risk: Medium. Impact: Out of bounds heap memory access, leading to a
- Denial of Service (or possibly heap disclosure or further impact).
- This occurs in a setsockopt() call that is normally restricted to root,
- however, Linux 3/4 kernels that support user and network namespaces can
- allow an unprivileged user to trigger this functionality. This is
- exploitable from inside a container.
- For more information, see:
- http://www.openwall.com/lists/oss-security/2016/06/24/5
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4997
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4998
- (* Security fix *)
-l/libpng-1.6.23-x86_64-1.txz: Upgraded.
-l/librsvg-2.40.16-x86_64-1.txz: Upgraded.
-n/php-5.6.23-x86_64-1.txz: Upgraded.
- This release fixes bugs and security issues.
- For more information, see:
- http://php.net/ChangeLog-5.php#5.6.23
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5769
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5770
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5771
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5772
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5773
- (* Security fix *)
+Mon May 28 19:12:29 UTC 2018
+a/pkgtools-15.0-noarch-13.txz: Rebuilt.
+ installpkg: default line length for --terselength is the number of columns.
+ removepkg: added --terse mode.
+ upgradepkg: default line length for --terselength is the number of columns.
+ upgradepkg: accept -option in addition to --option.
+ap/vim-8.1.0026-x86_64-1.txz: Upgraded.
+d/bison-3.0.5-x86_64-1.txz: Upgraded.
+e/emacs-26.1-x86_64-1.txz: Upgraded.
+kde/kopete-4.14.3-x86_64-8.txz: Rebuilt.
+ Recompiled against libidn-1.35.
+n/conntrack-tools-1.4.5-x86_64-1.txz: Upgraded.
+n/libnetfilter_conntrack-1.0.7-x86_64-1.txz: Upgraded.
+n/libnftnl-1.1.0-x86_64-1.txz: Upgraded.
+n/links-2.16-x86_64-2.txz: Rebuilt.
+ Rebuilt to enable X driver for -g mode.
+n/lynx-2.8.9dev.19-x86_64-1.txz: Upgraded.
+n/nftables-0.8.5-x86_64-1.txz: Upgraded.
+n/p11-kit-0.23.11-x86_64-1.txz: Upgraded.
+n/ulogd-2.0.7-x86_64-1.txz: Upgraded.
+n/whois-5.3.1-x86_64-1.txz: Upgraded.
+xap/network-manager-applet-1.8.12-x86_64-1.txz: Upgraded.
+xap/vim-gvim-8.1.0026-x86_64-1.txz: Upgraded.
++--------------------------+
+Fri May 25 23:29:36 UTC 2018
+a/glibc-zoneinfo-2018e-noarch-2.txz: Rebuilt.
+ Handle removal of US/Pacific-New timezone. If we see that the machine is
+ using this, it will be automatically switched to US/Pacific.
+a/kernel-firmware-20180525_7518922-noarch-1.txz: Upgraded.
+a/kernel-generic-4.14.44-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.44-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.44-x86_64-1.txz: Upgraded.
+a/pkgtools-15.0-noarch-12.txz: Rebuilt.
+ installpkg: Suppport --terselength to set the maximum length of a line
+ output in --terse mode.
+ removepkg: Use file locking to allow only one instance at a time of ldconfig.
+ upgradepkg: Added --terse mode to output one line per upgraded package.
+ upgradepkg: Suppport --terselength to set the maximum length of a line
+ output in --terse mode.
+ap/hplip-3.18.5-x86_64-1.txz: Upgraded.
+ap/sc-7.16-x86_64-6.txz: Removed.
+ap/sc-im-0.7.0-x86_64-1.txz: Added.
+ This is an improved version of the SC spreadsheet program.
+d/kernel-headers-4.14.44-x86-1.txz: Upgraded.
+d/parallel-20180522-noarch-1.txz: Upgraded.
+k/kernel-source-4.14.44-noarch-1.txz: Upgraded.
+l/libunistring-0.9.10-x86_64-1.txz: Upgraded.
+l/mozilla-nss-3.37.1-x86_64-1.txz: Upgraded.
+n/nn-6.7.3-x86_64-6.txz: Rebuilt.
+ Don't include /etc/nntpserver.new - the network-scripts package already
+ ships a copy of this for all the packages that use it.
+n/php-7.2.6-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Thu Jun 23 22:59:25 UTC 2016
-kde/kde-workspace-4.11.22-x86_64-4.txz: Rebuilt.
- Fixed a bug with generating the initial panel where two Konqueror launchers
- would be created. Instead, there will be one launcher each for Dolphin,
- Konqueror, Firefox, and Konsole. Thanks to Eric Hameleers.
-+--------------------------+
-Thu Jun 23 08:04:53 UTC 2016
-ap/cups-filters-1.9.0-x86_64-2.txz: Rebuilt.
- Recompiled against poppler-0.45.0.
-kde/calligra-2.9.11-x86_64-5.txz: Rebuilt.
- Recompiled against poppler-0.45.0.
-l/poppler-0.45.0-x86_64-1.txz: Upgraded.
-xfce/tumbler-0.1.31-x86_64-8.txz: Rebuilt.
- Recompiled against poppler-0.45.0.
-+--------------------------+
-Wed Jun 22 21:56:53 UTC 2016
-a/etc-14.2-x86_64-7.txz: Rebuilt.
- Added root to the audio group.
-a/kernel-firmware-20160622git-noarch-1.txz: Upgraded.
-ap/nano-2.6.0-x86_64-1.txz: Upgraded.
-d/llvm-3.8.0-x86_64-2.txz: Rebuilt.
- Don't remove LLVMHello.so as it is referenced in LLVMExports.cmake breaking
- builds that use "find_package(LLVM 3.8 CONFIG)". Thanks to Hunter S.
-l/pulseaudio-9.0-x86_64-1.txz: Upgraded.
- This release fixes many bugs, including this one that was commonly reported
- during the Slackware 14.2 development cycle:
- "Automatic routing improvements:
- In 8.0, PulseAudio started to automatically switch to another profile when
- the device associated with the current profile is unplugged. That seemingly
- smart thing had some serious unintended consequences. One typical issue was
- that when unplugging headphones, PulseAudio might switch to S/PDIF output
- and not switch back to headphones when they are plugged in again. Another
- issue was that HDMI in many cases appears to get temporarily unplugged when
- the monitor goes to sleep mode, or even when switching the refresh rate of
- the monitor -- PulseAudio 8.0 would move audio away from the HDMI monitor in
- these cases and not move the audio back to HDMI when the monitor becomes
- available again. These issues are now fixed."
-l/sip-4.18-x86_64-1.txz: Upgraded.
-xfce/xfce4-pulseaudio-plugin-0.2.4-x86_64-2.txz: Rebuilt.
- Applied a patch to make the icon background match the theme (although this
- will only work if the theme has a GTK+3 subtheme). Thanks to DarkVision.
-+--------------------------+
-Tue Jun 21 19:11:38 UTC 2016
-a/aaa_elflibs-14.2-x86_64-22.txz: Rebuilt.
-l/gmp-6.1.1-x86_64-1.txz: Upgraded.
-testing/packages/screen-4.4.0-x86_64-1.txz: Added.
-+--------------------------+
-Tue Jun 21 17:50:21 UTC 2016
-a/bash-4.3.046-x86_64-1.txz: Upgraded.
-+--------------------------+
-Mon Jun 20 21:39:07 UTC 2016
-a/aaa_elflibs-14.2-x86_64-21.txz: Rebuilt.
-a/mkinitrd-1.4.8-x86_64-8.txz: Rebuilt.
- In mkinitrd_command_generator.sh, include a few more modules that might be
- needed to unlock a LUKS partition using a USB keyboard.
- Thanks to Eric Hameleers.
-l/cairo-1.14.6-x86_64-2.txz: Rebuilt.
- Patched an issue that was causing GTK3 applets to crash.
- See: https://github.com/mate-desktop/mate-panel/issues/369
- Thanks to Willy Sudiarto Raharjo.
-l/libarchive-3.2.1-x86_64-1.txz: Upgraded.
- This release fixes several critical bugs, including some with security
- implications.
- (* Security fix *)
-l/pcre-8.39-x86_64-1.txz: Upgraded.
- This release fixes bugs (including a couple of DoS security issues), and
- retrofits to PCRE1 some appropriate JIT improvements from PCRE2.
+Wed May 23 04:42:29 UTC 2018
+a/kernel-firmware-20180518_2a9b2cf-noarch-1.txz: Upgraded.
+a/kernel-generic-4.14.43-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.43-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.43-x86_64-1.txz: Upgraded.
+a/pkgtools-15.0-noarch-11.txz: Rebuilt.
+ installpkg: Implement locking to prevent screen output or install script
+ collisions if multiple copies of installpkg are running simultaneously.
+ installpkg: Use $(mcookie) instead of $$. Fall back on $$ if mcookie is
+ not available.
+ makepkg: Add --compress option, usually used to change the preset
+ compression level or block size. Thanks to shasta.
+a/procps-ng-3.3.15-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+ This update fixes bugs and security issues:
+ library: Fix integer overflow and LPE in file2strvec
+ library: Use size_t for alloc functions
+ pgrep: Fix stack-based buffer overflow
+ ps: Fix buffer overflow in output buffer, causing DOS
+ top: Don't use cwd for location of config
+ For more information, see:
+ https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1124
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1126
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1125
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1123
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1122
+ (* Security fix *)
+ap/cups-filters-1.20.3-x86_64-2.txz: Rebuilt.
+ Recompiled against poppler-0.65.0.
+ap/mariadb-10.2.15-x86_64-1.txz: Upgraded.
+ This update fixes bugs and security issues.
+ For more information, see:
+ https://mariadb.com/kb/en/mariadb-10215-release-notes/
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2786
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2759
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2777
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2810
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2782
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2784
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2787
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2766
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2755
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2819
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2817
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2761
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2781
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2771
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2813
+ (* Security fix *)
+ap/vim-8.1.0016-x86_64-1.txz: Upgraded.
+d/Cython-0.28.2-x86_64-1.txz: Upgraded.
+d/cmake-3.11.2-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.43-x86-1.txz: Upgraded.
+d/meson-0.46.1-x86_64-1.txz: Upgraded.
+k/kernel-source-4.14.43-noarch-1.txz: Upgraded.
+ Changes to .config (thanks to tumble):
+ TCP_CONG_ADVANCED n -> y
+ +DEFAULT_CUBIC y
+ +DEFAULT_RENO n
+ +TCP_CONG_BBR m
+ +TCP_CONG_BIC m
+ +TCP_CONG_CDG m
+ +TCP_CONG_DCTCP m
+ +TCP_CONG_HSTCP m
+ +TCP_CONG_HTCP m
+ +TCP_CONG_HYBLA m
+ +TCP_CONG_ILLINOIS m
+ +TCP_CONG_LP m
+ +TCP_CONG_NV m
+ +TCP_CONG_SCALABLE m
+ +TCP_CONG_VEGAS m
+ +TCP_CONG_VENO m
+ +TCP_CONG_WESTWOOD m
+ +TCP_CONG_YEAH m
+kde/calligra-2.9.11-x86_64-21.txz: Rebuilt.
+ Recompiled against poppler-0.65.0.
+l/QScintilla-2.10.4-x86_64-1.txz: Upgraded.
+l/babl-0.1.50-x86_64-1.txz: Upgraded.
+l/glib-networking-2.56.1-x86_64-1.txz: Upgraded.
+l/poppler-0.65.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/vte-0.52.2-x86_64-1.txz: Upgraded.
+n/crda-3.18-x86_64-7.txz: Rebuilt.
+ Upgraded to wireless-regdb-2018.05.09.
+n/mutt-1.10.0-x86_64-1.txz: Upgraded.
+n/postfix-3.3.1-x86_64-1.txz: Upgraded.
+n/stunnel-5.45-x86_64-1.txz: Upgraded.
+t/texlive-2017.171108-x86_64-6.txz: Rebuilt.
+ Recompiled against poppler-0.65.0.
+x/intel-gpu-tools-1.22-x86_64-3.txz: Rebuilt.
+ Recompiled against procps-ng-3.3.15.
+xap/gimp-2.10.2-x86_64-1.txz: Upgraded.
+xap/mozilla-thunderbird-52.8.0-x86_64-1.txz: Upgraded.
+ This release contains security fixes and improvements.
For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1283
+ https://www.mozilla.org/en-US/thunderbird/52.8.0/releasenotes/
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/
(* Security fix *)
+xap/vim-gvim-8.1.0016-x86_64-1.txz: Upgraded.
+xfce/tumbler-0.2.1-x86_64-3.txz: Rebuilt.
+ Recompiled against poppler-0.65.0.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Fri Jun 17 22:43:09 UTC 2016
-xap/imagemagick-6.9.4_9-x86_64-1.txz: Upgraded.
-+--------------------------+
-Thu Jun 16 21:52:57 UTC 2016
-l/gd-2.2.1-x86_64-1.txz: Upgraded.
- This update fixes the following security issues:
- Stack consumption vulnerability allows remote attackers to cause a denial of
- service via a crafted imagefilltoborder call.
- Integer signedness error allows remote attackers to cause a denial of service
- or potentially execute arbitrary code via crafted compressed gd2 data, which
- triggers a heap-based buffer overflow.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8874
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3074
- (* Security fix *)
-n/php-5.6.22-x86_64-2.txz: Rebuilt.
- Added option --with-vpx-dir=/usr. Thanks to Pierre ANDREENKO.
-+--------------------------+
-Thu Jun 16 18:13:55 UTC 2016
-testing/packages/tmux-2.2-x86_64-2.txz: Rebuilt.
- Added /usr/share/terminfo/tmux{,-256color}. Thanks to dugan.
-+--------------------------+
-Wed Jun 15 18:56:13 UTC 2016
-a/aaa_elflibs-14.2-x86_64-20.txz: Rebuilt.
-kde/kdelibs-4.14.21-x86_64-1.txz: Upgraded.
-l/libjpeg-turbo-1.5.0-x86_64-1.txz: Upgraded.
-n/libgcrypt-1.7.1-x86_64-1.txz: Upgraded.
-n/libgpg-error-1.23-x86_64-1.txz: Upgraded.
-+--------------------------+
-Wed Jun 15 06:13:17 UTC 2016
-a/aaa_elflibs-14.2-x86_64-19.txz: Rebuilt.
-ap/cups-2.1.4-x86_64-1.txz: Upgraded.
-+--------------------------+
-Wed Jun 15 01:57:05 UTC 2016
-a/glibc-zoneinfo-2016e-noarch-1.txz: Upgraded.
-a/pkgtools-14.2-noarch-10.txz: Rebuilt.
- In removepkg, fix package name matching so that (for example) "removepkg s"
- will not remove a package whose name begins and ends with "s".
- Thanks to Andreas Guldstrand.
- Added internationalized man pages.
- Thanks to Didier Spaier and the Slint translation team.
-ap/slackpkg-2.82.1-noarch-3.txz: Rebuilt.
- Added internationalized man pages.
- Thanks to Didier Spaier and the Slint translation team.
-ap/vim-7.4.1938-x86_64-1.txz: Upgraded.
-d/git-2.9.0-x86_64-1.txz: Upgraded.
-xap/gparted-0.26.1-x86_64-1.txz: Upgraded.
-xap/vim-gvim-7.4.1938-x86_64-1.txz: Upgraded.
+Sat May 19 04:24:47 UTC 2018
+a/aaa_elflibs-14.2-x86_64-39.txz: Rebuilt.
+ Restored libstdc++.so.5. Upgraded libidn and libidn2.
+ap/vim-8.1.0001-x86_64-1.txz: Upgraded.
+l/libidn2-2.0.5-x86_64-1.txz: Upgraded.
+x/mesa-18.0.4-x86_64-1.txz: Upgraded.
+x/xf86-video-mach64-6.9.6-x86_64-1.txz: Upgraded.
+x/xf86-video-rendition-4.2.7-x86_64-1.txz: Upgraded.
+xap/vim-gvim-8.1.0001-x86_64-1.txz: Upgraded.
++--------------------------+
+Thu May 17 20:49:42 UTC 2018
+l/babl-0.1.48-x86_64-1.txz: Upgraded.
+l/gegl-0.4.2-x86_64-1.txz: Upgraded.
+l/gst-plugins-base-1.14.1-x86_64-1.txz: Upgraded.
+l/gst-plugins-good-1.14.1-x86_64-1.txz: Upgraded.
+l/gst-plugins-libav-1.14.1-x86_64-1.txz: Upgraded.
+l/gstreamer-1.14.1-x86_64-1.txz: Upgraded.
+n/ca-certificates-20180409-noarch-1.txz: Upgraded.
+n/samba-4.8.2-x86_64-1.txz: Upgraded.
+x/libinput-1.10.7-x86_64-1.txz: Upgraded.
+x/xf86-video-vmware-13.3.0-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-60.0.1-x86_64-1.txz: Upgraded.
+extra/pure-alsa-system/gst-plugins-good-1.14.1-x86_64-1_alsa.txz: Upgraded.
++--------------------------+
+Thu May 17 04:13:16 UTC 2018
+a/e2fsprogs-1.44.2-x86_64-1.txz: Upgraded.
+a/kernel-generic-4.14.41-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.41-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.41-x86_64-1.txz: Upgraded.
+a/usbutils-010-x86_64-1.txz: Upgraded.
+ap/lsscsi-0.29-x86_64-1.txz: Upgraded.
+ap/nano-2.9.7-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.41-x86-1.txz: Upgraded.
+k/kernel-source-4.14.41-noarch-1.txz: Upgraded.
+l/libgphoto2-2.5.18-x86_64-1.txz: Upgraded.
+l/libimobiledevice-1.2.0-x86_64-5.txz: Rebuilt.
+ Patch to fix double free with OpenSSL-1.1.x. Thanks to ill323.
+n/curl-7.60.0-x86_64-1.txz: Upgraded.
+ This release contains security fixes:
+ FTP: shutdown response buffer overflow
+ RTSP: bad headers buffer over-read
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000300
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000301
+ (* Security fix *)
+n/links-2.16-x86_64-1.txz: Upgraded.
+x/xdg-utils-1.1.3-noarch-1.txz: Upgraded.
+xfce/xfce4-terminal-0.8.7.4-x86_64-1.txz: Upgraded.
+extra/tigervnc/tigervnc-1.8.0-x86_64-5.txz: Rebuilt.
+ Patched and recompiled for xorg-server-1.20.0. Thanks to Matteo Bernardini.
isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+pasture/php-5.6.36-x86_64-1.txz: Added.
+ Since some things still require php-5.6, here's an alternate package
+ compiled against openssl-1.1. Thanks to Darth Vader.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Tue Jun 14 03:48:17 UTC 2016
-xap/pidgin-2.10.12-x86_64-2.txz: Rebuilt.
- Use the much larger collection of SSL certs in /etc/ssl/certs rather
- than the ones that ship with Pidgin, otherwise certificates issued by
- Let's Encrypt (and others) cannot be verified. Thanks to Cesare.
-+--------------------------+
-Mon Jun 13 21:34:08 UTC 2016
-a/gettext-0.19.8.1-x86_64-1.txz: Upgraded.
-a/pkgtools-14.2-noarch-9.txz: Rebuilt.
- In setup.80.make-bootdisk, create a first bootable active primary partition
- rather than using a filesystem on the unpartitioned device. Some BIOSes
- won't boot it otherwise. Thanks to Richard Narron.
-d/gettext-tools-0.19.8.1-x86_64-1.txz: Upgraded.
-+--------------------------+
-Mon Jun 13 07:07:39 UTC 2016
-a/grub-2.00-x86_64-5.txz: Rebuilt.
- Use correct GRUB_DISABLE_RECOVERY option in /etc/default/grub.new.
- Thanks to Eugen Wissner.
-a/mkinitrd-1.4.8-x86_64-7.txz: Rebuilt.
- Fixed detecting USB partition in init, added proper USB storage modules
- to mkinitrd, and added missing USB keyboard modules to
- mkinitrd_command_generator.sh to fix entering LUKS password with some
- newer USB keyboards. Thanks to Eric Hameleers.
-a/sysvinit-scripts-2.0-noarch-33.txz: Rebuilt.
- rc.S: In cryptsetup script, support supplying a password of "none"
- (interactive entry) for non-swap partitions to allow specifying additional
- options. Support a new option "discard" to pass the --allow-discards option
- to cryptsetup when unlocking a volume, which can potentially improve
- performance and longevity on some SSDs. Thanks to Nathan Wallace.
-ap/cups-filters-1.9.0-x86_64-1.txz: Upgraded.
-ap/lxc-2.0.1-x86_64-4.txz: Rebuilt.
- Merged rc.S changes.
-l/hicolor-icon-theme-0.15-noarch-1.txz: Upgraded.
-n/NetworkManager-1.2.2-x86_64-2.txz: Rebuilt.
- Install udev rules in the correct directory. Thanks to gmgf.
-n/samba-4.4.4-x86_64-3.txz: Rebuilt.
- When installing, move any files existing in /etc/samba/private to
- /var/lib/samba/private, not just *.tdb files.
- Thanks to Maciej Goluchowski.
-n/vsftpd-3.0.3-x86_64-3.txz: Rebuilt.
- Patched to handle NULL returns from recent glibc crypt(). Thanks to nixi.
-n/wget-1.18-x86_64-1.txz: Upgraded.
- This version fixes a security vulnerability present in all old versions
- of wget. On a server redirect from HTTP to a FTP resource, wget would
- trust the HTTP server and use the name in the redirected URL as the
- destination filename. This behaviour was changed and now it works
- similarly as a redirect from HTTP to another HTTP resource so the original
- name is used as the destination file. To keep the previous behaviour the
- user must provide --trust-server-names.
- The vulnerability was discovered by Dawid Golunski and was reported by
- Beyond Security's SecuriTeam.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4971
- (* Security fix *)
-x/xterm-325-x86_64-1.txz: Upgraded.
-isolinux/efiboot.img: Rebuilt.
-+--------------------------+
-Thu Jun 9 18:13:44 UTC 2016
-a/e2fsprogs-1.43.1-x86_64-1.txz: Upgraded.
-ap/groff-1.22.3-x86_64-2.txz: Rebuilt.
- Use correct app-defaults directory. Thanks to DarkVision.
-kde/kdelibs-4.14.20-x86_64-1.txz: Upgraded.
-x/xf86-video-intel-git_20160601_b617f80-x86_64-1.txz: Upgraded.
- Rolling the git dice one more time since there are reports that this version
- fixes video corruption and freezes after resume. Please let me know quickly
- if it causes any regressions.
+Mon May 14 19:48:52 UTC 2018
+a/openssl-solibs-1.1.0h-x86_64-2.txz: Rebuilt.
+ap/gutenprint-5.2.14-x86_64-2.txz: Rebuilt.
+ Rebuilt without the gimp2 print plugin (not compatible with gimp-2.10.0).
+ap/vim-8.0.1839-x86_64-1.txz: Upgraded.
+n/openssl-1.1.0h-x86_64-2.txz: Rebuilt.
+ Fixed missing quotes in c_rehash. Thanks to Matteo Bernardini.
+ After updating this package, it may be required to reinstall the
+ ca-certificates package (or run: update-ca-certificates --fresh).
+x/libdmx-1.1.4-x86_64-1.txz: Upgraded.
+xap/vim-gvim-8.0.1839-x86_64-1.txz: Upgraded.
++--------------------------+
+Sat May 12 00:28:18 UTC 2018
+Where possible, the driver packages for X11 have been recompiled. However,
+there were some (xf86-video-geode, xf86-video-tseng, xf86-video-sis,
+xf86-video-savage, xf86-video-s3virge, xf86-video-rendition, xf86-video-r128,
+and xf86-video-mach64) that would not compile against xorg-server-1.20.0 and
+for which no patches seem to be available. Is anyone still using those, or are
+they finally obsolete? I'll hold off on removing them until I can find out one
+way or the other.
+a/aaa_elflibs-14.2-x86_64-38.txz: Rebuilt.
+a/bzip2-1.0.6-x86_64-3.txz: Rebuilt.
+ Added bzip2.pc.
+ap/ghostscript-9.23-x86_64-3.txz: Rebuilt.
+ Recompiled against libidn-1.35.
+d/rust-1.26.0-x86_64-1.txz: Upgraded.
+l/libidn-1.35-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/loudmouth-1.5.3-x86_64-3.txz: Rebuilt.
+ Recompiled against libidn-1.35.
+n/NetworkManager-1.10.8-x86_64-1.txz: Upgraded.
+n/bind-9.11.3-x86_64-4.txz: Rebuilt.
+ Recompiled against libidn-1.35.
+n/lynx-2.8.9dev.18-x86_64-1.txz: Upgraded.
+ Compiled against libidn-1.35.
+n/mcabber-1.0.5-x86_64-4.txz: Rebuilt.
+ Recompiled against libidn-1.35.
+n/mutt-1.9.5-x86_64-4.txz: Rebuilt.
+ Recompiled against libidn-1.35.
+x/xf86-input-acecad-1.5.0-x86_64-12.txz: Rebuilt.
+x/xf86-input-evdev-2.10.5-x86_64-3.txz: Rebuilt.
+x/xf86-input-joystick-1.6.3-x86_64-3.txz: Rebuilt.
+x/xf86-input-keyboard-1.9.0-x86_64-3.txz: Rebuilt.
+x/xf86-input-libinput-0.27.1-x86_64-3.txz: Rebuilt.
+x/xf86-input-mouse-1.9.2-x86_64-3.txz: Rebuilt.
+x/xf86-input-penmount-1.5.0-x86_64-12.txz: Rebuilt.
+x/xf86-input-synaptics-1.9.0-x86_64-3.txz: Rebuilt.
+x/xf86-input-vmmouse-13.1.0-x86_64-7.txz: Rebuilt.
+x/xf86-input-void-1.4.0-x86_64-12.txz: Rebuilt.
+x/xf86-input-wacom-0.36.1-x86_64-3.txz: Rebuilt.
+x/xf86-video-amdgpu-18.0.1-x86_64-3.txz: Rebuilt.
+x/xf86-video-apm-1.2.5-x86_64-11.txz: Rebuilt.
+x/xf86-video-ark-0.7.5-x86_64-11.txz: Rebuilt.
+x/xf86-video-ast-1.1.5-x86_64-5.txz: Rebuilt.
+x/xf86-video-ati-18.0.1-x86_64-3.txz: Rebuilt.
+x/xf86-video-chips-1.2.7-x86_64-3.txz: Rebuilt.
+x/xf86-video-cirrus-1.5.3-x86_64-5.txz: Rebuilt.
+x/xf86-video-dummy-0.3.8-x86_64-3.txz: Rebuilt.
+x/xf86-video-glint-1.2.9-x86_64-3.txz: Rebuilt.
+x/xf86-video-i128-1.3.6-x86_64-11.txz: Rebuilt.
+x/xf86-video-i740-1.3.6-x86_64-3.txz: Rebuilt.
+x/xf86-video-mga-1.6.5-x86_64-3.txz: Rebuilt.
+x/xf86-video-neomagic-1.2.9-x86_64-5.txz: Rebuilt.
+x/xf86-video-nouveau-1.0.15-x86_64-3.txz: Rebuilt.
+x/xf86-video-nv-2.1.21-x86_64-3.txz: Rebuilt.
+x/xf86-video-openchrome-0.6.0-x86_64-3.txz: Rebuilt.
+x/xf86-video-s3-0.6.5-x86_64-11.txz: Rebuilt.
+x/xf86-video-siliconmotion-1.7.9-x86_64-3.txz: Rebuilt.
+x/xf86-video-sisusb-0.9.7-x86_64-3.txz: Rebuilt.
+x/xf86-video-tdfx-1.4.7-x86_64-3.txz: Rebuilt.
+x/xf86-video-tga-1.2.2-x86_64-11.txz: Rebuilt.
+x/xf86-video-trident-1.3.8-x86_64-3.txz: Rebuilt.
+x/xf86-video-v4l-0.2.0-x86_64-16.txz: Rebuilt.
+x/xf86-video-vboxvideo-1.0.0-x86_64-3.txz: Rebuilt.
+x/xf86-video-vesa-2.4.0-x86_64-3.txz: Rebuilt.
+x/xf86-video-vmware-13.2.1-x86_64-7.txz: Rebuilt.
+x/xf86-video-voodoo-1.2.5-x86_64-12.txz: Rebuilt.
+xap/pidgin-2.13.0-x86_64-3.txz: Rebuilt.
+ Recompiled against libidn-1.35.
++--------------------------+
+Thu May 10 21:01:11 UTC 2018
+a/aaa_elflibs-14.2-x86_64-37.txz: Rebuilt.
+ Restored libpng14.so.14.
+n/nghttp2-1.32.0-x86_64-1.txz: Upgraded.
+x/libdrm-2.4.92-x86_64-1.txz: Upgraded.
+x/xf86-video-intel-git_20180315_e7bfc906-x86_64-1.txz: Upgraded.
+x/xorg-server-1.20.0-x86_64-1.txz: Upgraded.
+x/xorg-server-xephyr-1.20.0-x86_64-1.txz: Upgraded.
+x/xorg-server-xnest-1.20.0-x86_64-1.txz: Upgraded.
+x/xorg-server-xvfb-1.20.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Thu May 10 13:17:20 UTC 2018
+n/wpa_supplicant-2.6-x86_64-6.txz: Rebuilt.
+ Drop the use-system-openssl-ciphers patch. Thanks to GazL.
++--------------------------+
+Thu May 10 03:25:47 UTC 2018
+a/aaa_elflibs-14.2-x86_64-36.txz: Rebuilt.
+a/glibc-zoneinfo-2018e-noarch-1.txz: Upgraded.
+a/kernel-firmware-20180507_8fc2d4e-noarch-1.txz: Upgraded.
+a/kernel-generic-4.14.40-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.40-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.40-x86_64-1.txz: Upgraded.
+a/openssl-solibs-1.1.0h-x86_64-1.txz: Upgraded.
+a/openssl10-solibs-1.0.2o-x86_64-1.txz: Added.
+ Added compatibility libraries for binaries that need to remain compiled
+ against openssl-1.0.2.
+ap/hplip-3.18.4-x86_64-2.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+ap/mariadb-10.2.14-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+d/git-2.17.0-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+d/kernel-headers-4.14.40-x86-1.txz: Upgraded.
+d/perl-5.26.2-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+d/python-2.7.15-x86_64-2.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+d/python3-3.6.5-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+d/ruby-2.5.1-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+d/rust-1.25.0-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+k/kernel-source-4.14.40-noarch-1.txz: Upgraded.
+l/M2Crypto-0.27.0-x86_64-4.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+l/apr-util-1.6.1-x86_64-7.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+l/gnome-keyring-3.28.2-x86_64-1.txz: Upgraded.
+l/gvfs-1.36.2-x86_64-1.txz: Upgraded.
+l/libarchive-3.3.2-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+l/libevent-2.1.8-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+l/libimobiledevice-1.2.0-x86_64-4.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+l/librsvg-2.42.4-x86_64-1.txz: Upgraded.
+l/libsoup-2.62.2-x86_64-1.txz: Upgraded.
+l/libssh2-1.8.0-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+l/libvncserver-0.9.11-x86_64-4.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+l/libzip-1.5.1-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+l/neon-0.30.2-x86_64-1.txz: Upgraded.
+ Compiled against openssl-1.1.0h.
+l/opusfile-0.9-x86_64-4.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+l/pulseaudio-11.1-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+l/pycurl-7.43.0.1-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+l/qca-2.1.3-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+l/qt-4.8.7-x86_64-10.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+l/redland-1.0.17-x86_64-5.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+l/serf-1.3.9-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/alpine-2.21-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/bind-9.11.3-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/curl-7.59.0-x86_64-4.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/cyrus-sasl-2.1.27_rc7-x86_64-1.txz: Upgraded.
+ Compiled against openssl-1.1.0h.
+n/dovecot-2.3.1-x86_64-4.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/epic5-2.0.1-x86_64-5.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/fetchmail-6.3.26-x86_64-4.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/htdig-3.2.0b6-x86_64-6.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/httpd-2.4.33-x86_64-4.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/irssi-1.1.1-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/lftp-4.8.3-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/libgpg-error-1.31-x86_64-1.txz: Upgraded.
+n/links-2.14-x86_64-4.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/lynx-2.8.9dev.16-x86_64-2.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/mailx-12.5-x86_64-4.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/mutt-1.9.5-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/net-snmp-5.7.3-x86_64-8.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/nmap-7.70-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/ntp-4.2.8p11-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/openldap-client-2.4.46-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/openssh-7.7p1-x86_64-5.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+ Thanks to alienBOB for the patch.
+n/openssl-1.1.0h-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+n/openssl10-1.0.2o-x86_64-1.txz: Added.
+ Added a compatibility development package for sources that need to be
+ compiled against openssl-1.0.2o. To compile against openssl-1.0.2o, you'll
+ need to add lines like this to the build script:
+ export CFLAGS="$CFLAGS -I/usr/include/openssl-1.0"
+ export LIBS="-L/usr/lib${LIBDIRSUFFIX}/openssl-1.0"
+ Some sources may still make a mess of things, and in those cases it might be
+ easiest to temporarily remove the openssl (1.1.0h) package while compiling,
+ in addition to the changes shown above.
+ The shared libraries in this package (and also duplicated in the
+ openssl10-solibs package) have also been changed to use versioned symbols.
+ Old binaries and libraries will continue to run linked with these new
+ libraries, but it is suggested to recompile them if possible. This will
+ prevent problems in case something ends up linking both the 1.0.2 and the
+ 1.1.0 OpenSSL libraries.
+n/openvpn-2.4.6-x86_64-2.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/php-7.2.5-x86_64-2.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/pidentd-3.0.19-x86_64-4.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/popa3d-1.0.3-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/postfix-3.3.0-x86_64-4.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/proftpd-1.3.6-x86_64-4.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/slrn-1.0.2-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/snownews-1.5.13_20180507-x86_64-1.txz: Upgraded.
+ Compiled against openssl-1.1.0h.
+n/stunnel-5.44-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/tcpdump-4.9.2-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/ulogd-2.0.5-x86_64-4.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/vsftpd-3.0.3-x86_64-5.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+n/wget-1.19.5-x86_64-1.txz: Upgraded.
+ Fixed a security issue where a malicious web server could inject arbitrary
+ cookies into the cookie jar file.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0494
+ (* Security fix *)
+ Compiled against openssl-1.1.0h.
+n/wpa_supplicant-2.6-x86_64-5.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+t/fig2dev-3.2.7a-x86_64-1.txz: Upgraded.
+t/xfig-3.2.7a-x86_64-1.txz: Upgraded.
+x/mesa-18.0.3-x86_64-1.txz: Upgraded.
+xap/gftp-2.0.19-x86_64-7.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+xap/gkrellm-2.3.10-x86_64-4.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+xap/gnuplot-5.2.3-x86_64-1.txz: Upgraded.
+xap/hexchat-2.14.1-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+xap/mozilla-firefox-60.0-x86_64-1.txz: Upgraded.
+ This release contains security fixes and improvements.
+ For more information, see:
+ https://www.mozilla.org/security/known-vulnerabilities/firefox.html
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/
+ (* Security fix *)
+xap/rdesktop-1.8.3-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+xap/sane-1.0.27-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+xap/x3270-3.3.12ga7-x86_64-4.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+extra/sendmail/sendmail-8.15.2-x86_64-3.txz: Rebuilt.
+ Recompiled against openssl-1.1.0h.
+extra/sendmail/sendmail-cf-8.15.2-noarch-3.txz: Rebuilt.
isolinux/initrd.img: Rebuilt.
- Rebuilt to update e2fsprogs.
+kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
- Rebuilt to update e2fsprogs.
-+--------------------------+
-Wed Jun 8 21:20:46 UTC 2016
-a/kernel-generic-4.4.13-x86_64-1.txz: Upgraded.
-a/kernel-huge-4.4.13-x86_64-1.txz: Upgraded.
-a/kernel-modules-4.4.13-x86_64-1.txz: Upgraded.
-a/mkinitrd-1.4.8-x86_64-6.txz: Rebuilt.
- Support LABEL= and UUID= for resume device. Thanks to SeB.
-a/pkgtools-14.2-noarch-8.txz: Rebuilt.
- pkgtool: Correctly determine root device when running from the installer.
- Thanks to Richard Narron.
-d/kernel-headers-4.4.13-x86-1.txz: Upgraded.
-d/python-setuptools-22.0.5-x86_64-1.txz: Upgraded.
- Include documentation in package. Thanks to bassmadrigal.
-k/kernel-source-4.4.13-noarch-1.txz: Upgraded.
-l/sdl-1.2.15-x86_64-4.txz: Rebuilt.
- Patched an SDL_ttf bug that prevents shaded text from displaying.
- Thanks to Cheng Bao.
-n/samba-4.4.4-x86_64-2.txz: Rebuilt.
- Patched doinst.sh to fix a couple possible (harmless) error messages upon
- installation. Thanks to Maciej Goluchowski.
++--------------------------+
+Fri May 4 19:40:52 UTC 2018
+d/python-2.7.15-x86_64-1.txz: Upgraded.
+ Updated to the latest 2.7.x release.
+ This fixes some security issues in difflib and poplib (regexes vulnerable
+ to denial of service attacks), as well as security issues with the bundled
+ expat library.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0876
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5300
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9063
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9233
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061
+ (* Security fix *)
+e/emacs-25.3-x86_64-4.txz: Rebuilt.
+ Recompiled against imagemagick-6.9.9_42.
+l/virtuoso-ose-6.1.8-x86_64-9.txz: Rebuilt.
+ Recompiled against imagemagick-6.9.9_42.
+x/xterm-333-x86_64-1.txz: Upgraded.
+xap/xine-lib-1.2.9-x86_64-3.txz: Rebuilt.
+ Recompiled against imagemagick-6.9.9_42.
+xap/xlockmore-5.55-x86_64-1.txz: Upgraded.
+ Compiled against imagemagick-6.9.9_42.
++--------------------------+
+Thu May 3 22:42:35 UTC 2018
+l/imagemagick-6.9.9_42-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/seamonkey-solibs-2.49.3-x86_64-1.txz: Upgraded.
+xap/seamonkey-2.49.3-x86_64-1.txz: Upgraded.
+ This update contains security fixes and improvements.
+ For more information (when it appears), see:
+ http://www.seamonkey-project.org/releases/seamonkey2.49.3
+ (* Security fix *)
++--------------------------+
+Thu May 3 13:44:01 UTC 2018
+a/kernel-firmware-20180430_397a604-noarch-1.txz: Upgraded.
+a/kernel-generic-4.14.39-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.39-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.39-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.39-x86-1.txz: Upgraded.
+k/kernel-source-4.14.39-noarch-1.txz: Upgraded.
+l/LibRaw-0.18.10-x86_64-1.txz: Upgraded.
+ Fixes some minor security issues.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13735
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14265
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14348
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10528
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10529
+ (* Security fix *)
+l/libaio-0.3.111-x86_64-1.txz: Upgraded.
+n/dhcpcd-7.0.4-x86_64-1.txz: Upgraded.
+n/gnupg2-2.2.7-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
-testing/source/linux-4.5.4-configs/*: Removed.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Tue Jun 7 21:39:07 UTC 2016
-a/smartmontools-6.5-x86_64-1.txz: Upgraded.
-n/gnutls-3.4.13-x86_64-1.txz: Upgraded.
- Use secure_getenv() where available to obtain environment variables to
- fix an issue where setuid programs could potentially allow an attacker
- to overwrite and corrupt arbitrary files.
- This issue was only present in gnutls-3.4.12.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4456
- (* Security fix *)
-n/samba-4.4.4-x86_64-1.txz: Upgraded.
- Migrate any .tdb files in /etc/samba/private to /var/lib/samba/private.
- Thanks to ivandi.
-xap/gkrellm-2.3.7-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-45.2.0esr-x86_64-1.txz: Upgraded.
+Tue May 1 20:43:20 UTC 2018
+a/dbus-1.12.8-x86_64-1.txz: Upgraded.
+a/eudev-3.2.5-x86_64-3.txz: Rebuilt.
+ Don't treat bind actions as add/update actions. Fixes MTP with recent
+ kernels. Thanks to DarkVision for the link to the patch.
+a/xfsprogs-4.16.1-x86_64-1.txz: Upgraded.
+ap/hplip-3.18.4-x86_64-1.txz: Upgraded.
+ap/man-pages-4.16-noarch-1.txz: Upgraded.
+l/gegl-0.4.0-x86_64-1.txz: Upgraded.
+l/gexiv2-0.10.8-x86_64-1.txz: Added.
+ Required by gimp-2.10.0.
+l/json-c-0.13.1_20180305-x86_64-1.txz: Added.
+ Looks like we're getting this package back since libmypaint needs it.
+l/json-glib-1.4.2-x86_64-1.txz: Added.
+ Required by gegl-0.4.0 and gimp-2.10.0.
+x/libinput-1.10.6-x86_64-1.txz: Upgraded.
+x/libmypaint-1.3.0-x86_64-1.txz: Added.
+ Required by gimp-2.10.0.
+x/mypaint-brushes-1.3.0-noarch-1.txz: Added.
+ Required by gimp-2.10.0.
+xap/gimp-2.10.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Mon Apr 30 22:35:43 UTC 2018
+a/xz-5.2.4-x86_64-1.txz: Upgraded.
+ap/sudo-1.8.23-x86_64-1.txz: Upgraded.
+l/libwmf-0.2.8.4-x86_64-8.txz: Rebuilt.
+ Patched denial of service and possible execution of arbitrary code
+ security issues.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0941
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3376
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2756
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3472
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3473
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3477
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0848
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4588
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4695
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4696
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9011
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6362
+ (* Security fix *)
+ Symlink to system Type1 fonts.
+l/libwmf-docs-0.2.8.4-noarch-7.txz: Removed.
+ There's no good reason to split this package.
+xap/mozilla-firefox-59.0.3-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
+ https://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
+--------------------------+
-Tue Jun 7 06:03:13 UTC 2016
-a/pkgtools-14.2-noarch-7.txz: Rebuilt.
- In setup.80.make-bootdisk, use -i option with syslinux.
- Thanks to Richard Narron.
- In setup.80.make-bootdisk, try to use syslinux-nomtools. This is more
- reliable due to a race condition between udev and mtools when syslinux
- makes rapid calls to mtools. If syslinux-nomtools is not available, then
- run syslinux within strace which changes the timing enough that it works.
-l/aspell-en-7.1_0-x86_64-1.txz: Upgraded.
- On all of these aspell dictionary packages, use a proper $ARCH.
- Thanks to Didier Spaier.
-n/yptools-2.14-x86_64-7.txz: Rebuilt.
- Compile with --libexecdir=/usr/lib${LIBDIRSUFFIX}/yp or else ypserv will
- not be able to start ypxfr on 64-bit. Thanks to Jonathan Woithe.
-extra/aspell-word-lists/aspell-af-0.50_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-am-0.03_1-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-az-0.02_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-be-0.01-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-bg-4.1_0-x86_64-1.txz: Upgraded.
-extra/aspell-word-lists/aspell-bn-0.01.1_1-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-br-0.50_2-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-ca-20040130_1-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-cs-20040614_1-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-csb-0.02_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-cy-0.50_3-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-da-1.4.42_1-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-de-20030222_1-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-el-0.50_3-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-eo-2.1.20000225a_2-x86_64-1.txz: Upgraded.
-extra/aspell-word-lists/aspell-es-1.11_2-x86_64-1.txz: Upgraded.
-extra/aspell-word-lists/aspell-et-0.1.21_1-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-fa-0.11_0-x86_64-1.txz: Upgraded.
-extra/aspell-word-lists/aspell-fi-0.7_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-fo-0.2.16_1-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-fr-0.50_3-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-ga-4.5_0-x86_64-1.txz: Upgraded.
-extra/aspell-word-lists/aspell-gd-0.1.1_1-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-gl-0.5a_2-x86_64-1.txz: Upgraded.
-extra/aspell-word-lists/aspell-gu-0.03_0-x86_64-1.txz: Upgraded.
-extra/aspell-word-lists/aspell-gv-0.50_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-he-1.0_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-hi-0.02_0-x86_64-1.txz: Upgraded.
-extra/aspell-word-lists/aspell-hil-0.11_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-hr-0.51_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-hsb-0.02_0-x86_64-1.txz: Upgraded.
-extra/aspell-word-lists/aspell-hu-0.99.4.2_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-ia-0.50_1-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-id-1.2_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-is-0.51.1_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-it-2.2_20050523_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-ku-0.20_1-x86_64-1.txz: Upgraded.
-extra/aspell-word-lists/aspell-la-20020503_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-lt-1.2.1_0-x86_64-1.txz: Upgraded.
-extra/aspell-word-lists/aspell-lv-0.5.5_1-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-mg-0.03_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-mi-0.50_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-mk-0.50_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-mn-0.06_2-x86_64-1.txz: Upgraded.
-extra/aspell-word-lists/aspell-mr-0.10_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-ms-0.50_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-mt-0.50_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-nb-0.50.1_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-nds-0.01_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-nl-0.50_2-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-nn-0.50.1_1-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-no-0.50_2-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-ny-0.01_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-or-0.03_1-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-pa-0.01_1-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-pl-6.0_20061121_0-x86_64-1.txz: Upgraded.
-extra/aspell-word-lists/aspell-pt-0.50_2-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-pt_BR-20090702_0-x86_64-1.txz: Upgraded.
-extra/aspell-word-lists/aspell-qu-0.02_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-ro-3.3_2-x86_64-1.txz: Upgraded.
-extra/aspell-word-lists/aspell-ru-0.99f7_1-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-rw-0.50_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-sc-1.0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-sk-2.01_2-x86_64-1.txz: Upgraded.
-extra/aspell-word-lists/aspell-sl-0.50_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-sr-0.02-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-sv-0.51_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-sw-0.50_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-ta-20040424_1-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-te-0.01_2-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-tet-0.1.1-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-tl-0.02_1-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-tn-1.0.1_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-tr-0.50_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-uk-1.4.0_0-x86_64-1.txz: Upgraded.
-extra/aspell-word-lists/aspell-uz-0.6_0-x86_64-1.txz: Upgraded.
-extra/aspell-word-lists/aspell-vi-0.01.1_1-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-wa-0.50_0-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-yi-0.01.1_1-x86_64-5.txz: Rebuilt.
-extra/aspell-word-lists/aspell-zu-0.50_0-x86_64-5.txz: Rebuilt.
-+--------------------------+
-Sat Jun 4 20:56:31 UTC 2016
-d/pkg-config-0.29.1-x86_64-2.txz: Rebuilt.
- Added /usr/local/share/pkgconfig to $PKG_CONFIG_PATH.
- Thanks to bassmadrigal.
-n/nftables-0.6-x86_64-1.txz: Upgraded.
-n/samba-4.4.3-x86_64-2.txz: Rebuilt.
- Moved /etc/samba/private/ to /var/lib/samba/private/.
- Thanks to Pierre ANDREENKO.
-x/xf86-input-evdev-2.10.3-x86_64-1.txz: Upgraded.
-+--------------------------+
-Fri Jun 3 23:36:07 UTC 2016
-ap/lxc-2.0.1-x86_64-3.txz: Rebuilt.
- In /etc/inittab, use "shutdown -h now" for powerfail. Without this, lxc-stop
- will send SIGPWR to attempt to stop the container, and will then force stop
- it after a one minute timeout. Thanks to Andreas Vögele.
- In the init scripts, wrap $container in double quotes to prevent syntax
- errors if the variable is unset. Thanks to Jakub 'shasta' Jankowski.
-l/libxml2-2.9.4-x86_64-2.txz: Rebuilt.
- Fix attribute decoding during XML schema validation.
- Thanks to Andreas Vögele.
-n/net-snmp-5.7.3-x86_64-3.txz: Rebuilt.
- Include support for the ucd-snmp/diskio module.
- Thanks to Jakub 'shasta' Jankowski.
-n/ntp-4.2.8p8-x86_64-1.txz: Upgraded.
- This release patches one high and four low severity security issues:
- CVE-2016-4957: Crypto-NAK crash
- CVE-2016-4953: Bad authentication demobilizes ephemeral associations
- CVE-2016-4954: Processing spoofed server packets
- CVE-2016-4955: Autokey association reset
- CVE-2016-4956: Broadcast interleave
- For more information, see:
- http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4957
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4953
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4954
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4955
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4956
- (* Security fix *)
-xap/imagemagick-6.9.4_7-x86_64-1.txz: Upgraded.
-xfce/xfce4-panel-4.12.0-x86_64-3.txz: Rebuilt.
- Blink taskbar buttons for notification 4 times, not G_MAXUINT times.
- Thanks to Andrzej Telszewski.
-+--------------------------+
-Thu Jun 2 19:08:13 UTC 2016
-This could be the last batch of updates before 14.2 stable, so please test!
-a/kernel-firmware-20160601git-noarch-1.txz: Upgraded.
-a/kernel-generic-4.4.12-x86_64-1.txz: Upgraded.
-a/kernel-huge-4.4.12-x86_64-1.txz: Upgraded.
-a/kernel-modules-4.4.12-x86_64-1.txz: Upgraded.
-ap/hplip-3.16.5-x86_64-3.txz: Rebuilt.
- Patched setup.py to set LC_ALL=C, which should fix parsing CUPS output.
-d/gdb-7.11.1-x86_64-1.txz: Upgraded.
-d/kernel-headers-4.4.12-x86-1.txz: Upgraded.
-k/kernel-source-4.4.12-noarch-1.txz: Upgraded.
-l/harfbuzz-1.2.7-x86_64-1.txz: Upgraded.
-n/libnftnl-1.0.6-x86_64-1.txz: Upgraded.
-xap/imagemagick-6.9.4_6-x86_64-1.txz: Upgraded.
-xap/xscreensaver-5.35-x86_64-2.txz: Rebuilt.
- Fixed missing '\' in the build script which caused a few configure options
- to be skipped. Thanks to Stuart Winter.
+Mon Apr 30 01:34:10 UTC 2018
+a/kernel-generic-4.14.38-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.38-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.38-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.38-x86-1.txz: Upgraded.
+k/kernel-source-4.14.38-noarch-1.txz: Upgraded.
+l/libwebp-1.0.0-x86_64-1.txz: Upgraded.
+n/samba-4.8.1-x86_64-1.txz: Upgraded.
+x/x11-skel-7.7-x86_64-4.txz: Rebuilt.
+ xwmconfig: typo fix in comment. (fortune -m "only code")
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Tue May 31 20:05:12 UTC 2016
-ap/cdrtools-3.01-x86_64-3.txz: Rebuilt.
- Applied cdrtools-3.01-fix-20151126-mkisofs-isoinfo.patch. Thanks to gmgf.
-ap/hplip-3.16.5-x86_64-2.txz: Rebuilt.
- Recompiled with these changed paths:
- --with-hpppddir=/usr/share/ppd/HP
- --with-drvdir=/usr/share/cups/drv/HP
- This matches what is expected for Slackware in the distros.dat file and is
- hardcoded in core_install.py. Thanks to kjhambrick.
-l/LibRaw-0.17.2-x86_64-1.txz: Upgraded.
-l/lcms2-2.7-x86_64-2.txz: Rebuilt.
- Don't package PDF/RTF docs.
-n/bluez-5.40-x86_64-1.txz: Upgraded.
-extra/bash-completion/bash-completion-2.2-noarch-3.txz: Rebuilt.
- Removed mpv -> mplayer symlink. Thanks to Robby Workman.
-+--------------------------+
-Tue May 31 05:42:04 UTC 2016
-a/aaa_elflibs-14.2-x86_64-18.txz: Rebuilt.
-ap/tmux-2.1-x86_64-3.txz: Rebuilt.
- Added /usr/share/terminfo/tmux{,-256color}. Thanks to dugan.
-d/python-setuptools-21.2.2-x86_64-1.txz: Upgraded.
-n/curl-7.49.1-x86_64-1.txz: Upgraded.
-xap/blueman-2.0.4-x86_64-1.txz: Upgraded.
- Thanks to Robby Workman.
-xap/imagemagick-6.9.4_5-x86_64-1.txz: Upgraded.
- Removed popen() support to prevent another shell vulnerability. This
- issue was discovered by Bob Friesenhahn, of the GraphicsMagick project.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5118
- (* Security fix *)
-xap/mozilla-thunderbird-45.1.1-x86_64-1.txz: Upgraded.
- This release contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
- (* Security fix *)
-xap/xscreensaver-5.35-x86_64-1.txz: Upgraded.
-+--------------------------+
-Fri May 27 23:08:17 UTC 2016
-a/sysvinit-scripts-2.0-noarch-32.txz: Rebuilt.
- rc.S: Fixed cgroup, cgmanager, and cgproxy handling so that it works if /usr
- is a separate partition. Thanks to Richard Cranium and Matteo Bernardini.
-ap/ghostscript-9.19-x86_64-2.txz: Rebuilt.
- Use the bundled version of openjpeg, which includes patches needed by
- ghostscript. Thanks to qunying.
-ap/lxc-2.0.1-x86_64-2.txz: Rebuilt.
- Merged rc.S changes.
-l/libxml2-2.9.4-x86_64-1.txz: Upgraded.
- This release fixes bugs and security issues:
- Heap-based buffer underreads due to xmlParseName (CVE-2016-4447).
- Format string vulnerability (CVE-2016-4448).
- Inappropriate fetch of entities content (CVE-2016-4449).
- For more information, see:
- http://xmlsoft.org/news.html
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
- (* Security fix *)
-l/libxslt-1.1.29-x86_64-1.txz: Upgraded.
- This release fixes bugs and a security issue:
- Fix for type confusion in preprocessing attributes (Daniel Veillard).
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995
- (* Security fix *)
-n/php-5.6.22-x86_64-1.txz: Upgraded.
+Sun Apr 29 00:07:10 UTC 2018
+a/glibc-zoneinfo-2018d-noarch-3.txz: Rebuilt.
+ timeconfig: fixed some cosmetic issues with output spacing.
+a/gpm-1.20.7-x86_64-7.txz: Rebuilt.
+ setup.mouse: fixed some cosmetic issues with output spacing.
+a/pkgtools-15.0-noarch-10.txz: Rebuilt.
+ Fixed some cosmetic issues with output spacing.
+ap/slackpkg-2.82.2-noarch-3.txz: Rebuilt.
+ Edited the slack-desc to be properly formed (and more accurate).
+d/doxygen-1.8.14-x86_64-3.txz: Rebuilt.
+ Reverted patch that causes doxygen to segfault. Thanks to orbea.
+l/libvisio-0.1.6-x86_64-4.txz: Rebuilt.
+ Removed build script kludge to work around doxygen segfault.
+x/mesa-18.0.2-x86_64-1.txz: Upgraded.
+x/x11-skel-7.7-x86_64-3.txz: Rebuilt.
+ xwmconfig: fixed some cosmetic issues with output spacing.
++--------------------------+
+Fri Apr 27 23:15:41 UTC 2018
+ap/nano-2.9.6-x86_64-1.txz: Upgraded.
+e/emacs-25.3-x86_64-3.txz: Rebuilt.
+ Provide unversioned emacs-no-x11 and emacs-with-x11 symlinks.
+ Thanks to madridsecreto.
+n/openssh-7.7p1-x86_64-4.txz: Rebuilt.
+ Fixed tunnel forwarding with -w option. Thanks to Mario Preksavec.
+x/urw-core35-fonts-otf-20170801_91edd6e_git-noarch-1.txz: Upgraded.
++--------------------------+
+Fri Apr 27 03:58:48 UTC 2018
+a/kernel-generic-4.14.37-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.37-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.37-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.37-x86-1.txz: Upgraded.
+k/kernel-source-4.14.37-noarch-1.txz: Upgraded.
+n/openvpn-2.4.6-x86_64-1.txz: Upgraded.
+ This is a security update fixing a potential double-free() in Interactive
+ Service. This usually only leads to a process crash (DoS by an unprivileged
+ local account) but since it could possibly lead to memory corruption if
+ happening while multiple other threads are active at the same time,
+ CVE-2018-9336 has been assigned to acknowledge this risk.
+ For more information, see:
+ https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9336
+ (* Security fix *)
+n/php-7.2.5-x86_64-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
- http://php.net/ChangeLog-5.php#5.6.22
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7456
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5094
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5096
+ https://php.net/ChangeLog-7.php#7.2.5
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5712
(* Security fix *)
-xap/geeqie-1.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
- Make rc.dropbear executable. Thanks to Eduard Rozenberg.
+kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
- Make rc.dropbear executable. Thanks to Eduard Rozenberg.
-+--------------------------+
-Thu May 26 23:12:27 UTC 2016
-a/aaa_elflibs-14.2-x86_64-17.txz: Rebuilt.
-l/libpng-1.6.22-x86_64-1.txz: Upgraded.
-l/libtiff-4.0.6-x86_64-1.txz: Upgraded.
-n/bind-9.10.4_P1-x86_64-1.txz: Upgraded.
-x/libXfixes-5.0.2-x86_64-1.txz: Upgraded.
-x/xproto-7.0.29-noarch-1.txz: Upgraded.
-xap/imagemagick-6.9.4_4-x86_64-1.txz: Upgraded.
-+--------------------------+
-Thu May 26 20:30:18 UTC 2016
-ap/ghostscript-9.19-x86_64-1.txz: Upgraded.
- Dumped old unmaintained bundled libraries and linked with system libraries
- instead. There had been a crash previously with the GIMP plugin and
- ghostscript > 9.07, but now it works as expected. Thanks to qunying.
-+--------------------------+
-Wed May 25 23:37:36 UTC 2016
-x/xf86-input-wacom-0.33.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Thu Apr 26 01:34:12 UTC 2018
+Don't like PulseAudio? Well... I hear you. Personally, it works for me, and it
+makes it easier to switch between multiple audio inputs and outputs compared
+to using plain ALSA. PulseAudio got off to a rocky start in the Linux world,
+where it found itself adopted before it was ready (it was even billed on its
+own website at the time as "the software that currently breaks your audio").
+It's my opinion that the reputation that PulseAudio acquired due to problems
+back then isn't deserved any longer. If your hardware supports the sampling
+rate of the audio data you're trying to play, PulseAudio will not resample it
+(and if your hardware doesn't support that rate, resampling can hardly be
+avoided). The increased latency has not been an issue here. Nevertheless, I
+recognize that there are use cases where PulseAudio is still a detriment.
+While I don't generally recommend removing PulseAudio, I'm not going to cram
+it down your throat. So, if you'd like to be rid of PulseAudio, head over to
+the new extra/pure-alsa-system directory and follow the instructions in the
+README file there, and you'll have a PulseAudio-free pure ALSA system.
+Thanks to orbea who sent me a small patch for the mpg123.SlackBuild so that
+it would detect the lack of PulseAudio and not try to build in support, which
+got me to thinking about all of this. Cheers! :-)
+a/btrfs-progs-v4.16.1-x86_64-1.txz: Upgraded.
+kde/kopete-4.14.3-x86_64-7.txz: Rebuilt.
+ Dropped obsolete wlm (libmsn) protocol. Thanks to alienBOB.
+l/libmsn-4.2.1-x86_64-3.txz: Removed.
+l/poppler-data-0.4.9-noarch-1.txz: Upgraded.
+extra/pure-alsa-system/MPlayer-20180208-x86_64-3_alsa.txz: Rebuilt.
+extra/pure-alsa-system/alsa-lib-1.1.6-x86_64-3_alsa.txz: Rebuilt.
+extra/pure-alsa-system/alsa-plugins-1.1.6-x86_64-2_alsa.txz: Rebuilt.
+extra/pure-alsa-system/audacious-plugins-3.9-x86_64-4_alsa.txz: Rebuilt.
+extra/pure-alsa-system/ffmpeg-3.4.2-x86_64-2_alsa.txz: Rebuilt.
+extra/pure-alsa-system/fluidsynth-1.1.10-x86_64-2_alsa.txz: Rebuilt.
+extra/pure-alsa-system/gst-plugins-good-1.14.0-x86_64-2_alsa.txz: Rebuilt.
+extra/pure-alsa-system/gst-plugins-good0-0.10.31-x86_64-3_alsa.txz: Rebuilt.
+extra/pure-alsa-system/kde-runtime-4.14.3-x86_64-7_alsa.txz: Rebuilt.
+extra/pure-alsa-system/kmix-4.14.3-x86_64-4_alsa.txz: Rebuilt.
+extra/pure-alsa-system/libao-1.2.2-x86_64-2_alsa.txz: Rebuilt.
+extra/pure-alsa-system/libcanberra-0.30-x86_64-6_alsa.txz: Rebuilt.
+extra/pure-alsa-system/mpg123-1.25.10-x86_64-2_alsa.txz: Rebuilt.
+extra/pure-alsa-system/phonon-4.8.3-x86_64-3_alsa.txz: Rebuilt.
+extra/pure-alsa-system/sox-14.4.2-x86_64-5_alsa.txz: Rebuilt.
+extra/pure-alsa-system/xfce4-mixer-4.11.0-x86_64-1_alsa.txz: Upgraded.
+extra/pure-alsa-system/xfce4-volumed-0.1.13-x86_64-4_alsa.txz: Rebuilt.
+extra/pure-alsa-system/xine-lib-1.2.9-x86_64-2_alsa.txz: Rebuilt.
++--------------------------+
+Wed Apr 25 04:38:51 UTC 2018
+a/kernel-generic-4.14.36-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.36-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.36-x86_64-1.txz: Upgraded.
+d/gcc-7.3.0-x86_64-3.txz: Rebuilt.
+d/gcc-brig-7.3.0-x86_64-3.txz: Rebuilt.
+d/gcc-g++-7.3.0-x86_64-3.txz: Rebuilt.
+d/gcc-gfortran-7.3.0-x86_64-3.txz: Rebuilt.
+d/gcc-gnat-7.3.0-x86_64-3.txz: Rebuilt.
+ Rebuilt to fix missing shared libraries. Thanks to qunying.
+d/gcc-go-7.3.0-x86_64-3.txz: Rebuilt.
+d/gcc-objc-7.3.0-x86_64-3.txz: Rebuilt.
+d/kernel-headers-4.14.36-x86-1.txz: Upgraded.
+d/parallel-20180422-noarch-1.txz: Added.
+d/perl-5.26.2-x86_64-2.txz: Rebuilt.
+ Applied upstream patch to use net_buffer_length in DBD-mysql.
+ Thanks to Iouri Kharon.
+ Upgraded to URI-1.74.
+k/kernel-source-4.14.36-noarch-1.txz: Upgraded.
+l/imagemagick-6.9.9_40-x86_64-3.txz: Rebuilt.
+ Really disable OpenCL. Thanks to orbea.
isolinux/initrd.img: Rebuilt.
- In rc.dropbear, drop the option to use /etc/motd.net (this was preventing
- dropbear from starting properly). Thanks to Eduard Rozenberg.
+kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
- In rc.dropbear, drop the option to use /etc/motd.net (this was preventing
- dropbear from starting properly). Thanks to Eduard Rozenberg.
-+--------------------------+
-Wed May 25 04:20:09 UTC 2016
-a/aaa_elflibs-14.2-x86_64-16.txz: Rebuilt.
-a/e2fsprogs-1.43-x86_64-2.txz: Rebuilt.
- Do not use 64-bit by default on ext4, since some bootloaders cannot handle
- it yet. But use "auto_64-bit_support = 1", which will enable 64-bit if the
- number of blocks for the file system requires the feature to be enabled.
-a/syslinux-4.07-x86_64-1.txz: Upgraded.
-ap/cups-filters-1.8.3-x86_64-3.txz: Rebuilt.
- Recompiled against poppler-0.44.0.
-ap/mpg123-1.23.4-x86_64-1.txz: Upgraded.
-ap/slackpkg-2.82.1-noarch-2.txz: Rebuilt.
- Updated URLs for garr.it mirrors. Thanks to Andrej Sossi.
-d/git-2.8.3-x86_64-1.txz: Upgraded.
-kde/calligra-2.9.11-x86_64-4.txz: Rebuilt.
- Recompiled against poppler-0.44.0.
-l/libarchive-3.1.2-x86_64-3.txz: Rebuilt.
- Patched an issue with Zip archive handling that could allow an attacker
- to overwrite parts of the heap in a controlled fashion and execute
- arbitrary code.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541
- (* Security fix *)
-l/poppler-0.44.0-x86_64-1.txz: Upgraded.
- Shared library .so-version bump.
-n/gnutls-3.4.12-x86_64-1.txz: Upgraded.
-xap/MPlayer-1.2_20160125-x86_64-3.txz: Rebuilt.
- Recompiled with --disable-ossaudio.
-xfce/tumbler-0.1.31-x86_64-7.txz: Rebuilt.
- Recompiled against poppler-0.44.0.
++--------------------------+
+Mon Apr 23 22:17:42 UTC 2018
+ap/gutenprint-5.2.14-x86_64-1.txz: Upgraded.
+d/meson-0.46.0-x86_64-1.txz: Upgraded.
+d/python-pip-10.0.1-x86_64-1.txz: Upgraded.
++--------------------------+
+Sat Apr 21 17:39:25 UTC 2018
+a/lvm2-2.02.177-x86_64-1.txz: Upgraded.
+a/pkgtools-15.0-noarch-9.txz: Rebuilt.
+ installpkg: fixed occasional lack of package size reported by the installer.
+d/binutils-2.30-x86_64-3.txz: Rebuilt.
+ Fixed /usr/$TARGET/lib directory. Thanks to GazL.
+n/gpgme-1.11.1-x86_64-1.txz: Upgraded.
+n/ppp-2.4.7-x86_64-3.txz: Rebuilt.
+ Fixed rp-pppoe build. Thanks to voegelas for the bug report.
+xfce/xfce4-settings-4.12.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Fri May 20 21:20:29 UTC 2016
-a/aaa_base-14.2-x86_64-2.txz: Rebuilt.
- Updated your your initial email. ;-)
- Thanks to Tonus for the typo report.
-a/aaa_elflibs-14.2-x86_64-15.txz: Rebuilt.
-a/btrfs-progs-v4.5.3-x86_64-1.txz: Upgraded.
-a/e2fsprogs-1.43-x86_64-1.txz: Upgraded.
-a/gzip-1.8-x86_64-1.txz: Upgraded.
-a/kernel-generic-4.4.11-x86_64-1.txz: Upgraded.
-a/kernel-huge-4.4.11-x86_64-1.txz: Upgraded.
-a/kernel-modules-4.4.11-x86_64-1.txz: Upgraded.
-a/tar-1.29-x86_64-1.txz: Upgraded.
-ap/lxc-2.0.1-x86_64-1.txz: Upgraded.
-ap/sqlite-3.13.0-x86_64-1.txz: Upgraded.
-ap/vim-7.4.1832-x86_64-1.txz: Upgraded.
-d/kernel-headers-4.4.11-x86-1.txz: Upgraded.
-k/kernel-source-4.4.11-noarch-1.txz: Upgraded.
-n/curl-7.49.0-x86_64-1.txz: Upgraded.
- Fixed a TLS certificate check bypass with mbedTLS/PolarSSL.
- For more information, see:
- https://curl.haxx.se/docs/adv_20160518.html
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3739
- (* Security fix *)
-n/dnsmasq-2.76-x86_64-1.txz: Upgraded.
-n/lftp-4.7.2-x86_64-1.txz: Upgraded.
-xap/vim-gvim-7.4.1832-x86_64-1.txz: Upgraded.
+Fri Apr 20 03:32:21 UTC 2018
+a/kernel-generic-4.14.35-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.35-x86_64-1.txz: Upgraded.
+ SQUASHFS m -> y
+ Thanks to alienBOB.
+a/kernel-modules-4.14.35-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.35-x86-1.txz: Upgraded.
+k/kernel-source-4.14.35-noarch-1.txz: Upgraded.
+ RCU_EXPERT n -> y
+ +RCU_FANOUT 32
+ +RCU_FANOUT_LEAF 16
+ +RCU_FAST_NO_HZ y
+ +RCU_NOCB_CPU y
+ Thanks to alienBOB.
+kde/kde-runtime-4.14.3-x86_64-7.txz: Rebuilt.
+ Recompiled against gpgme-1.11.0.
+kde/kdepim-4.14.10-x86_64-4.txz: Rebuilt.
+ Recompiled against gpgme-1.11.0.
+kde/kdepimlibs-4.14.10-x86_64-6.txz: Rebuilt.
+ Recompiled against gpgme-1.11.0.
+kde/kget-4.14.3-x86_64-5.txz: Rebuilt.
+ Recompiled against gpgme-1.11.0.
+kde/kopete-4.14.3-x86_64-6.txz: Rebuilt.
+ Recompiled against gpgme-1.11.0.
+l/gmime-2.6.23-x86_64-4.txz: Rebuilt.
+ Recompiled against gpgme-1.11.0.
+n/gpa-0.9.10-x86_64-3.txz: Rebuilt.
+ Recompiled against gpgme-1.11.0.
+n/gpgme-1.11.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+n/mcabber-1.0.5-x86_64-3.txz: Rebuilt.
+ Recompiled against gpgme-1.11.0.
+n/mutt-1.9.5-x86_64-2.txz: Rebuilt.
+ Recompiled against gpgme-1.11.0.
+n/samba-4.7.7-x86_64-2.txz: Rebuilt.
+ Recompiled against gpgme-1.11.0.
+x/libinput-1.10.5-x86_64-1.txz: Upgraded.
+extra/fltk/fltk-1.3.4_2-x86_64-2.txz: Rebuilt.
+ Fixed fltk-config. Thanks to Matteo Bernardini.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Tue May 17 21:52:11 UTC 2016
-a/aaa_elflibs-14.2-x86_64-14.txz: Rebuilt.
-d/mercurial-3.8.2-x86_64-1.txz: Upgraded.
-l/gdbm-1.12-x86_64-1.txz: Upgraded.
-l/libmtp-1.1.11-x86_64-1.txz: Upgraded.
-n/libndp-1.6-x86_64-1.txz: Upgraded.
- This update fixes a security issue. It was found that libndp did
- not properly validate and check the origin of Neighbor Discovery
- Protocol (NDP) messages. An attacker on a non-local network could
- use this flaw to advertise a node as a router, allowing them to
- perform man-in-the-middle attacks on a connecting client, or
- disrupt the network connectivity of that client.
- Thanks to Julien Bernard (Viagénie) for reporting this issue.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3698
- (* Security fix *)
-xap/gnuplot-5.0.3-x86_64-2.txz: Rebuilt.
- Added libcaca support. Thanks to Andrew Clemons.
-+--------------------------+
-Tue May 17 05:06:44 UTC 2016
-a/kernel-firmware-20160516git-noarch-1.txz: Upgraded.
-a/lvm2-2.02.154-x86_64-1.txz: Upgraded.
-d/python-setuptools-21.0.0-x86_64-1.txz: Upgraded.
-n/lftp-4.7.1-x86_64-1.txz: Upgraded.
-xap/imagemagick-6.9.4_1-x86_64-2.txz: Rebuilt.
- Fixed .new config file installation. Thanks to ivandi.
-testing/source/linux-4.5.4-configs/*: Added.
-testing/source/linux-4.6-configs/*: Added.
-+--------------------------+
-Thu May 12 01:50:21 UTC 2016
-a/kernel-firmware-20160511git-noarch-1.txz: Upgraded.
-a/kernel-generic-4.4.10-x86_64-1.txz: Upgraded.
-a/kernel-huge-4.4.10-x86_64-1.txz: Upgraded.
-a/kernel-modules-4.4.10-x86_64-1.txz: Upgraded.
-ap/man-pages-4.06-noarch-1.txz: Upgraded.
-d/kernel-headers-4.4.10-x86-1.txz: Upgraded.
-k/kernel-source-4.4.10-noarch-1.txz: Upgraded.
-n/NetworkManager-1.2.2-x86_64-1.txz: Upgraded.
-xap/mozilla-thunderbird-45.1.0-x86_64-1.txz: Upgraded.
- This release contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
- (* Security fix *)
-xap/network-manager-applet-1.2.2-x86_64-1.txz: Upgraded.
+Thu Apr 19 01:04:06 UTC 2018
+Hi folks, and welcome to the third ever Slackware Mass Rebuild (and the
+longest ChangeLog entry in project history). There were two primary
+motivations for rebuilding everything in the main tree. The first was to
+switch to the new C++ ABI. The second was to get rid of all the .la files
+in the LD_LIBRARY_PATH. Really, having .la files installed has been mostly
+obsolete since things began to use pkg-config instead, but it's not easy
+to get rid of them unless you do it all at once. If you just take them out
+of one package, any other packages containing .la files that refer to the
+removed ones will be broken. We've removed a few here and there before
+(and then handled any packages that had referred to them with a rebuild),
+but it was time to finally remove all the ones in /lib{,64} and
+/usr/lib{,64}. One of the reasons that this really needed to happen is that
+many projects are starting to migrate to build systems other than autotools,
+and those systems do not generate .la files. So if we didn't get rid of them
+now, we might end up in a situation later on where they are being removed
+by upstream and then we would have to chase down the dependency breakage and
+recompile (possibly many) other packages. The .la files that are outside of
+the LD_LIBRARY_PATH were not removed (and shouldn't be) - those ones are
+often used by the lt_dlopen() function to load plugins and removing those
+ones can break things. But those ones don't cause problems... they aren't
+likely to try to infect .la files produced by other packages.
+IMPORTANT NOTE: If you have any third party or other packages installed on
+your system that don't come with Slackware, and those packages have installed
+any .la files, it is very likely that they refer to some .la files which we
+have just removed, and that trying to compile against these packages will no
+longer work. Luckily, the solution is simple: remove them. This command will
+remove any stale .la files from the LD_LIBRARY_PATH:
+rm /{,usr/}lib{,64}/*.la
+Moving forward, nothing shipped in Slackware will contain any .la files in
+those directories, and any SlackBuilds intended to be used with Slackware 15.0
+should contain this bit of script:
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
+In addition to those goals, the opportunity was taken to clean up slack-desc
+files and make many trivial fixes to build scripts. We've also made it easy
+to recompile everything again should there be a good reason to do so.
+You'll also find various updates scattered throughout this long list.
+Enjoy, and sorry about the bandwidth. ;-)
+a/aaa_base-14.2-x86_64-4.txz: Rebuilt.
+ In /etc/os-release, change PRETTY_NAME to:
+ PRETTY_NAME="Slackware 14.2 $ARCH (post 14.2 -current)"
+a/aaa_elflibs-14.2-x86_64-35.txz: Rebuilt.
+ Removed obsolete libraries: libudev.so.0.13.1, libgdbm.so.3.0.0,
+ libhistory.so.5.2, libjpeg.so.8.0.1, libmpfr.so.4.1.6, libpng14.so.14.18.0,
+ libreadline.so.5.2, libstdc++.so.5.0.7, libtiff.so.3.9.7,
+ and libtiffxx.so.3.9.7.
+ Don't create library symlinks in the install script - let installpkg's
+ ldconfig do the work.
+a/aaa_terminfo-6.1_20180324-x86_64-4.txz: Rebuilt.
+ Changed xterm definition as noted for the ncurses package below.
+a/acl-2.2.52-x86_64-2.txz: Rebuilt.
+a/acpid-2.0.29-x86_64-1.txz: Upgraded.
+a/attr-2.4.47-x86_64-2.txz: Rebuilt.
+a/bash-4.4.019-x86_64-3.txz: Rebuilt.
+a/bin-11.1-x86_64-2.txz: Rebuilt.
+a/btrfs-progs-v4.16-x86_64-2.txz: Rebuilt.
+a/bzip2-1.0.6-x86_64-2.txz: Rebuilt.
+a/coreutils-8.29-x86_64-2.txz: Rebuilt.
+a/cpio-2.12-x86_64-2.txz: Rebuilt.
+a/cpufrequtils-008-x86_64-2.txz: Rebuilt.
+a/cryptsetup-1.7.5-x86_64-2.txz: Rebuilt.
+a/dbus-1.12.6-x86_64-2.txz: Rebuilt.
+a/dcron-4.5-x86_64-6.txz: Rebuilt.
+a/dialog-1.3_20170509-x86_64-2.txz: Rebuilt.
+a/dosfstools-4.1-x86_64-2.txz: Rebuilt.
+a/e2fsprogs-1.44.1-x86_64-2.txz: Rebuilt.
+a/ed-1.14.2-x86_64-2.txz: Rebuilt.
+a/efibootmgr-0.5.4-x86_64-2.txz: Rebuilt.
+a/elilo-3.16-x86_64-6.txz: Rebuilt.
+a/elvis-2.2_0-x86_64-4.txz: Rebuilt.
+a/etc-15.0-x86_64-4.txz: Rebuilt.
+a/eudev-3.2.5-x86_64-2.txz: Rebuilt.
+a/file-5.33-x86_64-1.txz: Upgraded.
+a/findutils-4.4.2-x86_64-2.txz: Rebuilt.
+a/floppy-5.5-x86_64-2.txz: Rebuilt.
+a/gawk-4.2.1-x86_64-2.txz: Rebuilt.
+a/genpower-1.0.5-x86_64-3.txz: Rebuilt.
+a/gettext-0.19.8.1-x86_64-5.txz: Rebuilt.
+a/getty-ps-2.1.0b-x86_64-4.txz: Rebuilt.
+a/glibc-solibs-2.27-x86_64-2.txz: Rebuilt.
+a/glibc-zoneinfo-2018d-noarch-2.txz: Rebuilt.
+a/gpm-1.20.7-x86_64-6.txz: Rebuilt.
+a/gptfdisk-1.0.3-x86_64-2.txz: Rebuilt.
+a/grep-3.1-x86_64-2.txz: Rebuilt.
+a/grub-2.02-x86_64-2.txz: Rebuilt.
+a/gzip-1.9-x86_64-2.txz: Rebuilt.
+a/hdparm-9.56-x86_64-2.txz: Rebuilt.
+a/hostname-3.18-x86_64-2.txz: Rebuilt.
+a/hwdata-0.304-noarch-2.txz: Rebuilt.
+a/infozip-6.0-x86_64-4.txz: Rebuilt.
+a/inotify-tools-3.14-x86_64-2.txz: Rebuilt.
+a/jfsutils-1.1.15-x86_64-2.txz: Rebuilt.
+a/kbd-1.15.3-x86_64-4.txz: Rebuilt.
+a/kernel-firmware-20180409_b562d2f-noarch-1.txz: Upgraded.
+a/kmod-25-x86_64-2.txz: Rebuilt.
+a/lbzip2-2.5-x86_64-2.txz: Rebuilt.
+a/less-530-x86_64-3.txz: Rebuilt.
+a/lha-114i-x86_64-2.txz: Rebuilt.
+a/libcgroup-0.41-x86_64-3.txz: Rebuilt.
+a/libgudev-232-x86_64-2.txz: Rebuilt.
+a/lilo-24.2-x86_64-8.txz: Rebuilt.
+a/logrotate-3.14.0-x86_64-2.txz: Rebuilt.
+a/lrzip-0.631-x86_64-2.txz: Rebuilt.
+a/lvm2-2.02.176-x86_64-2.txz: Rebuilt.
+a/lzip-1.20-x86_64-3.txz: Rebuilt.
+a/lzlib-1.10-x86_64-3.txz: Rebuilt.
+a/mcelog-153-x86_64-2.txz: Rebuilt.
+a/mdadm-4.0-x86_64-2.txz: Rebuilt.
+a/minicom-2.7.1-x86_64-2.txz: Rebuilt.
+a/mkinitrd-1.4.11-x86_64-6.txz: Rebuilt.
+ Improved and documented UUID support. Thanks to Xsane.
+ Upgraded to busybox-1.28.3.
+a/mlocate-0.26-x86_64-2.txz: Rebuilt.
+a/mt-st-1.3-x86_64-2.txz: Rebuilt.
+a/mtx-1.3.12-x86_64-2.txz: Rebuilt.
+a/ncompress-4.2.4.4-x86_64-2.txz: Rebuilt.
+a/ntfs-3g-2017.3.23-x86_64-2.txz: Rebuilt.
+a/openssl-solibs-1.0.2o-x86_64-2.txz: Rebuilt.
+a/os-prober-1.76-x86_64-2.txz: Rebuilt.
+a/patch-2.7.6-x86_64-3.txz: Rebuilt.
+a/pciutils-3.5.6-x86_64-2.txz: Rebuilt.
+a/pcmciautils-018-x86_64-2.txz: Rebuilt.
+a/pkgtools-15.0-noarch-8.txz: Rebuilt.
+ installpkg: avoid messing with the system /install directory.
+ removepkg: also run ldconfig following package removal.
+a/plzip-1.7-x86_64-3.txz: Rebuilt.
+a/procps-ng-3.3.14-x86_64-2.txz: Rebuilt.
+a/quota-4.03-x86_64-2.txz: Rebuilt.
+a/reiserfsprogs-3.6.27-x86_64-2.txz: Rebuilt.
+a/rpm2tgz-1.2.2-x86_64-2.txz: Rebuilt.
+a/sdparm-1.10-x86_64-2.txz: Rebuilt.
+a/sed-4.5-x86_64-2.txz: Rebuilt.
+a/shadow-4.2.1-x86_64-4.txz: Rebuilt.
+a/sharutils-4.15.2-x86_64-2.txz: Rebuilt.
+a/smartmontools-6.6-x86_64-3.txz: Rebuilt.
+a/splitvt-1.6.6-x86_64-2.txz: Rebuilt.
+a/sysfsutils-2.1.0-x86_64-2.txz: Rebuilt.
+a/sysklogd-1.5.1-x86_64-3.txz: Rebuilt.
+a/syslinux-4.07-x86_64-2.txz: Rebuilt.
+a/sysvinit-2.88dsf-x86_64-5.txz: Rebuilt.
+a/sysvinit-functions-8.53-x86_64-3.txz: Rebuilt.
+a/sysvinit-scripts-2.1-noarch-9.txz: Rebuilt.
+a/tar-1.30-x86_64-2.txz: Rebuilt.
+a/tcsh-6.20.00-x86_64-2.txz: Rebuilt.
+a/time-1.9-x86_64-2.txz: Rebuilt.
+a/tree-1.7.0-x86_64-2.txz: Rebuilt.
+a/udisks-1.0.5-x86_64-4.txz: Rebuilt.
+a/udisks2-2.6.5-x86_64-2.txz: Rebuilt.
+a/unarj-265-x86_64-2.txz: Rebuilt.
+a/upower-0.9.23-x86_64-4.txz: Rebuilt.
+a/usb_modeswitch-2.5.1-x86_64-2.txz: Rebuilt.
+a/usbutils-009-x86_64-2.txz: Rebuilt.
+a/utempter-1.1.6-x86_64-3.txz: Rebuilt.
+a/util-linux-2.32-x86_64-2.txz: Rebuilt.
+a/which-2.21-x86_64-2.txz: Rebuilt.
+a/xfsprogs-4.15.1-x86_64-2.txz: Rebuilt.
+a/xz-5.2.3-x86_64-2.txz: Rebuilt.
+a/zoo-2.10_22-x86_64-2.txz: Rebuilt.
+ap/a2ps-4.14-x86_64-7.txz: Rebuilt.
+ap/acct-6.6.4-x86_64-2.txz: Rebuilt.
+ap/alsa-utils-1.1.6-x86_64-2.txz: Rebuilt.
+ap/amp-0.7.6-x86_64-2.txz: Rebuilt.
+ap/at-3.1.20-x86_64-2.txz: Rebuilt.
+ap/bc-1.07.1-x86_64-2.txz: Rebuilt.
+ap/bpe-2.01.00-x86_64-4.txz: Rebuilt.
+ap/cdparanoia-III_10.2-x86_64-2.txz: Rebuilt.
+ap/cdrdao-1.2.3-x86_64-4.txz: Rebuilt.
+ap/cdrtools-3.01-x86_64-4.txz: Rebuilt.
+ap/cgmanager-0.41-x86_64-4.txz: Rebuilt.
+ap/cups-2.2.7-x86_64-2.txz: Rebuilt.
+ap/cups-filters-1.20.3-x86_64-1.txz: Upgraded.
+ Recompiled against poppler-0.64.0.
+ap/dash-0.5.9.1-x86_64-2.txz: Rebuilt.
+ap/dc3dd-7.2.646-x86_64-2.txz: Rebuilt.
+ap/ddrescue-1.23-x86_64-2.txz: Rebuilt.
+ap/diffstat-1.61-x86_64-2.txz: Rebuilt.
+ap/diffutils-3.6-x86_64-2.txz: Rebuilt.
+ap/dmapi-2.2.12-x86_64-3.txz: Rebuilt.
+ap/dmidecode-3.1-x86_64-2.txz: Rebuilt.
+ap/dvd+rw-tools-7.1-x86_64-3.txz: Rebuilt.
+ap/enscript-1.6.6-x86_64-2.txz: Rebuilt.
+ap/flac-1.3.2-x86_64-2.txz: Rebuilt.
+ap/ghostscript-9.23-x86_64-2.txz: Rebuilt.
+ap/ghostscript-fonts-std-8.11-noarch-2.txz: Rebuilt.
+ap/gphoto2-2.5.17-x86_64-1.txz: Upgraded.
+ap/groff-1.22.3-x86_64-3.txz: Rebuilt.
+ap/gutenprint-5.2.13-x86_64-2.txz: Rebuilt.
+ap/hplip-3.18.3-x86_64-2.txz: Rebuilt.
+ap/htop-2.2.0-x86_64-2.txz: Rebuilt.
+ap/ispell-3.4.00-x86_64-2.txz: Rebuilt.
+ap/itstool-2.0.4-x86_64-3.txz: Rebuilt.
+ap/jed-0.99_19-x86_64-3.txz: Rebuilt.
+ap/joe-4.6-x86_64-2.txz: Rebuilt.
+ap/jove-4.16.0.73-x86_64-4.txz: Rebuilt.
+ap/ksh93-20180412_71e6fdad-x86_64-1.txz: Upgraded.
+ap/libx86-1.1-x86_64-3.txz: Rebuilt.
+ap/linuxdoc-tools-0.9.72-x86_64-5.txz: Rebuilt.
+ap/lm_sensors-3.4.0-x86_64-2.txz: Rebuilt.
+ap/lsof-4.91-x86_64-2.txz: Rebuilt.
+ap/lsscsi-0.28-x86_64-2.txz: Rebuilt.
+ap/lxc-2.0.9-x86_64-2.txz: Rebuilt.
+ap/madplay-0.15.2b-x86_64-5.txz: Rebuilt.
+ap/man-db-2.8.3-x86_64-2.txz: Rebuilt.
+ap/man-pages-4.15-noarch-2.txz: Rebuilt.
+ap/mariadb-10.2.14-x86_64-2.txz: Rebuilt.
+ap/mc-4.8.20-x86_64-2.txz: Rebuilt.
+ap/moc-2.5.2-x86_64-4.txz: Rebuilt.
+ap/most-5.0.0a-x86_64-3.txz: Rebuilt.
+ap/mpg123-1.25.10-x86_64-2.txz: Rebuilt.
+ap/nano-2.9.5-x86_64-2.txz: Rebuilt.
+ap/normalize-0.7.7-x86_64-3.txz: Rebuilt.
+ap/opus-tools-0.1.10-x86_64-2.txz: Rebuilt.
+ap/pamixer-1.3.1-x86_64-6.txz: Rebuilt.
+ Recompiled against boost-1.67.0.
+ap/pm-utils-1.4.1-x86_64-6.txz: Rebuilt.
+ap/powertop-2.8-x86_64-3.txz: Rebuilt.
+ap/qpdf-8.0.2-x86_64-2.txz: Rebuilt.
+ap/radeontool-1.6.3-x86_64-2.txz: Rebuilt.
+ap/rpm-4.14.1-x86_64-2.txz: Rebuilt.
+ap/rzip-2.1-x86_64-2.txz: Rebuilt.
+ap/sc-7.16-x86_64-6.txz: Rebuilt.
+ap/screen-4.6.2-x86_64-2.txz: Rebuilt.
+ap/seejpeg-1.10-x86_64-2.txz: Rebuilt.
+ap/slackpkg-2.82.2-noarch-2.txz: Rebuilt.
+ap/soma-2.12.3-noarch-2.txz: Rebuilt.
+ap/sox-14.4.2-x86_64-5.txz: Rebuilt.
+ap/sqlite-3.23.1-x86_64-2.txz: Rebuilt.
+ap/squashfs-tools-4.3-x86_64-3.txz: Rebuilt.
+ap/sudo-1.8.22-x86_64-2.txz: Rebuilt.
+ap/sysstat-11.6.3-x86_64-2.txz: Rebuilt.
+ap/terminus-font-4.40-noarch-2.txz: Rebuilt.
+ap/texinfo-6.5-x86_64-3.txz: Rebuilt.
+ Recompiled against perl-5.26.2.
+ap/tmux-2.7-x86_64-1.txz: Upgraded.
+ap/usbmuxd-1.1.0-x86_64-2.txz: Rebuilt.
+ap/vbetool-1.2.2-x86_64-2.txz: Rebuilt.
+ap/vim-8.0.1733-x86_64-1.txz: Upgraded.
+ Recompiled against perl-5.26.2.
+ap/vorbis-tools-1.4.0-x86_64-4.txz: Rebuilt.
+ap/xfsdump-3.1.8-x86_64-2.txz: Rebuilt.
+ap/xorriso-1.4.8-x86_64-2.txz: Rebuilt.
+ap/zsh-5.5.1-x86_64-1.txz: Upgraded.
+d/Cython-0.28.1-x86_64-2.txz: Rebuilt.
+d/autoconf-2.69-noarch-2.txz: Rebuilt.
+d/automake-1.16.1-noarch-2.txz: Rebuilt.
+d/binutils-2.30-x86_64-2.txz: Rebuilt.
+d/bison-3.0.4-x86_64-2.txz: Rebuilt.
+d/ccache-3.4.2-x86_64-2.txz: Rebuilt.
+d/clisp-2.49.20180409.0e4d38776f59-x86_64-1.txz: Upgraded.
+d/cmake-3.11.1-x86_64-1.txz: Upgraded.
+d/cscope-15.8b-x86_64-3.txz: Rebuilt.
+d/cvs-1.11.23-x86_64-3.txz: Rebuilt.
+d/dev86-0.16.21-x86_64-2.txz: Rebuilt.
+d/distcc-3.3-x86_64-2.txz: Rebuilt.
+d/doxygen-1.8.14-x86_64-2.txz: Rebuilt.
+d/flex-2.6.4-x86_64-3.txz: Rebuilt.
+d/gcc-7.3.0-x86_64-2.txz: Rebuilt.
+d/gcc-brig-7.3.0-x86_64-2.txz: Rebuilt.
+d/gcc-g++-7.3.0-x86_64-2.txz: Rebuilt.
+d/gcc-gfortran-7.3.0-x86_64-2.txz: Rebuilt.
+d/gcc-gnat-7.3.0-x86_64-2.txz: Rebuilt.
+d/gcc-go-7.3.0-x86_64-2.txz: Rebuilt.
+d/gcc-objc-7.3.0-x86_64-2.txz: Rebuilt.
+d/gdb-8.1-x86_64-2.txz: Rebuilt.
+d/gettext-tools-0.19.8.1-x86_64-5.txz: Rebuilt.
+d/git-2.17.0-x86_64-2.txz: Rebuilt.
+d/gnucobol-2.2-x86_64-2.txz: Rebuilt.
+d/gperf-3.1-x86_64-2.txz: Rebuilt.
+d/guile-2.2.3-x86_64-2.txz: Rebuilt.
+d/help2man-1.47.6-x86_64-2.txz: Rebuilt.
+d/indent-2.2.10-x86_64-2.txz: Rebuilt.
+d/intltool-0.51.0-x86_64-4.txz: Rebuilt.
+d/libtool-2.4.6-x86_64-7.txz: Rebuilt.
+d/llvm-6.0.0-x86_64-2.txz: Rebuilt.
+d/m4-1.4.18-x86_64-2.txz: Rebuilt.
+d/make-4.2.1-x86_64-3.txz: Rebuilt.
+d/mercurial-4.5.3-x86_64-2.txz: Rebuilt.
+d/meson-0.45.1-x86_64-2.txz: Rebuilt.
+d/nasm-2.13.03-x86_64-2.txz: Rebuilt.
+d/ninja-1.8.2-x86_64-2.txz: Rebuilt.
+d/opencl-headers-2.1-noarch-2.txz: Rebuilt.
+d/oprofile-1.2.0-x86_64-3.txz: Rebuilt.
+d/p2c-1.21alpha2-x86_64-4.txz: Rebuilt.
+d/patchelf-0.9-x86_64-2.txz: Rebuilt.
+d/perl-5.26.2-x86_64-1.txz: Upgraded.
+ Upgraded to DBD-mysql-4.046, DBI-1.641, and XML-Simple-2.25.
+d/pkg-config-0.29.2-x86_64-2.txz: Rebuilt.
+d/pmake-1.111-x86_64-5.txz: Rebuilt.
+d/python-2.7.14-x86_64-2.txz: Rebuilt.
+d/python-pip-9.0.3-x86_64-2.txz: Rebuilt.
+d/python-setuptools-39.0.1-x86_64-2.txz: Rebuilt.
+d/python3-3.6.5-x86_64-2.txz: Rebuilt.
+d/rcs-5.9.4-x86_64-2.txz: Rebuilt.
+d/re2c-1.0.3-x86_64-2.txz: Rebuilt.
+d/ruby-2.5.1-x86_64-2.txz: Rebuilt.
+d/rust-1.25.0-x86_64-2.txz: Rebuilt.
+d/scons-3.0.1-x86_64-2.txz: Rebuilt.
+d/slacktrack-2.18-x86_64-2.txz: Rebuilt.
+d/strace-4.22-x86_64-2.txz: Rebuilt.
+d/subversion-1.10.0-x86_64-1.txz: Upgraded.
+d/swig-3.0.12-x86_64-2.txz: Rebuilt.
+d/yasm-1.3.0-x86_64-2.txz: Rebuilt.
+e/emacs-25.3-x86_64-2.txz: Rebuilt.
+kde/amarok-2.9.0-x86_64-2.txz: Rebuilt.
+kde/amor-4.14.3-x86_64-3.txz: Rebuilt.
+kde/analitza-4.14.3-x86_64-4.txz: Rebuilt.
+kde/ark-4.14.3-x86_64-3.txz: Rebuilt.
+kde/artikulate-4.14.3-x86_64-3.txz: Rebuilt.
+kde/audiocd-kio-4.14.3-x86_64-3.txz: Rebuilt.
+kde/baloo-4.14.3-x86_64-4.txz: Rebuilt.
+kde/baloo-widgets-4.14.3-x86_64-3.txz: Rebuilt.
+kde/blinken-4.14.3-x86_64-3.txz: Rebuilt.
+kde/bluedevil-2.1.1-x86_64-4.txz: Rebuilt.
+kde/bomber-4.14.3-x86_64-3.txz: Rebuilt.
+kde/bovo-4.14.3-x86_64-3.txz: Rebuilt.
+kde/calligra-2.9.11-x86_64-20.txz: Rebuilt.
+ Recompiled against boost-1.67.0 and poppler-0.64.0.
+kde/cantor-4.14.3-x86_64-3.txz: Rebuilt.
+kde/cervisia-4.14.3-x86_64-3.txz: Rebuilt.
+kde/dolphin-plugins-4.14.3-x86_64-3.txz: Rebuilt.
+kde/dragon-4.14.3-x86_64-3.txz: Rebuilt.
+kde/filelight-4.14.3-x86_64-3.txz: Rebuilt.
+kde/granatier-4.14.3-x86_64-3.txz: Rebuilt.
+kde/gwenview-4.14.3-x86_64-4.txz: Rebuilt.
+kde/juk-4.14.3-x86_64-3.txz: Rebuilt.
+kde/k3b-2.0.3-x86_64-4.txz: Rebuilt.
+kde/kaccessible-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kactivities-4.13.3-x86_64-3.txz: Rebuilt.
+kde/kajongg-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kalgebra-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kalzium-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kamera-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kanagram-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kapman-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kapptemplate-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kate-4.14.3-x86_64-4.txz: Rebuilt.
+kde/katomic-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kaudiocreator-1.3-x86_64-3.txz: Rebuilt.
+kde/kblackbox-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kblocks-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kbounce-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kbreakout-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kbruch-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kcachegrind-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kcalc-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kcharselect-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kcolorchooser-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kcron-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kde-base-artwork-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kde-baseapps-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kde-dev-scripts-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kde-dev-utils-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kde-runtime-4.14.3-x86_64-6.txz: Rebuilt.
+kde/kde-wallpapers-4.14.3-noarch-2.txz: Rebuilt.
+kde/kde-workspace-4.11.22-x86_64-5.txz: Rebuilt.
+kde/kdeartwork-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kdeconnect-kde-0.8-x86_64-4.txz: Rebuilt.
+kde/kdegraphics-mobipocket-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kdegraphics-strigi-analyzer-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kdegraphics-thumbnailers-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kdelibs-4.14.38-x86_64-2.txz: Rebuilt.
+kde/kdenetwork-filesharing-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kdenetwork-strigi-analyzers-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kdepim-4.14.10-x86_64-3.txz: Rebuilt.
+kde/kdepim-runtime-4.14.10-x86_64-2.txz: Rebuilt.
+kde/kdepimlibs-4.14.10-x86_64-5.txz: Rebuilt.
+kde/kdeplasma-addons-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kdesdk-kioslaves-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kdesdk-strigi-analyzers-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kdesdk-thumbnailers-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kdev-python-1.7.3-x86_64-3.txz: Rebuilt.
+kde/kdevelop-4.7.4-x86_64-2.txz: Rebuilt.
+kde/kdevelop-pg-qt-1.0.0-x86_64-3.txz: Rebuilt.
+kde/kdevelop-php-1.7.4-x86_64-2.txz: Rebuilt.
+kde/kdevelop-php-docs-1.7.4-x86_64-2.txz: Rebuilt.
+kde/kdevplatform-1.7.4-x86_64-2.txz: Rebuilt.
+kde/kdewebdev-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kdf-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kdiamond-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kfilemetadata-4.14.3-x86_64-4.txz: Rebuilt.
+kde/kfloppy-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kfourinline-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kgamma-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kgeography-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kget-4.14.3-x86_64-4.txz: Rebuilt.
+kde/kgoldrunner-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kgpg-4.14.3-x86_64-3.txz: Rebuilt.
+kde/khangman-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kig-4.14.3-x86_64-8.txz: Rebuilt.
+kde/kigo-4.14.3-x86_64-3.txz: Rebuilt.
+kde/killbots-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kio-mtp-2063e75_20131020git-x86_64-4.txz: Rebuilt.
+kde/kiriki-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kiten-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kjumpingcube-4.14.3-x86_64-3.txz: Rebuilt.
+kde/klettres-4.14.3-x86_64-3.txz: Rebuilt.
+kde/klickety-4.14.3-x86_64-3.txz: Rebuilt.
+kde/klines-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kmag-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kmahjongg-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kmines-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kmix-4.14.3-x86_64-4.txz: Rebuilt.
+kde/kmousetool-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kmouth-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kmplot-4.14.3-x86_64-3.txz: Rebuilt.
+kde/knavalbattle-4.14.3-x86_64-3.txz: Rebuilt.
+kde/knetwalk-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kolf-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kollision-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kolourpaint-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kompare-4.14.3-x86_64-3.txz: Rebuilt.
+kde/konquest-4.14.3-x86_64-3.txz: Rebuilt.
+kde/konsole-4.14.3-x86_64-5.txz: Rebuilt.
+ Reverted TERM change, so by default TERM=xterm again.
+kde/kopete-4.14.3-x86_64-5.txz: Rebuilt.
+kde/korundum-4.14.3-x86_64-6.txz: Rebuilt.
+kde/kpat-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kplayer-0.7.2-x86_64-3.txz: Rebuilt.
+kde/kppp-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kqtquickcharts-4.14.3-x86_64-3.txz: Rebuilt.
+kde/krdc-4.14.3-x86_64-4.txz: Rebuilt.
+kde/kremotecontrol-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kreversi-4.14.3-x86_64-3.txz: Rebuilt.
+kde/krfb-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kross-interpreters-4.14.3-x86_64-4.txz: Rebuilt.
+kde/kruler-4.14.3-x86_64-3.txz: Rebuilt.
+kde/ksaneplugin-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kscreen-1.0.2.1-x86_64-3.txz: Rebuilt.
+kde/kshisen-4.14.3-x86_64-3.txz: Rebuilt.
+kde/ksirk-4.14.3-x86_64-3.txz: Rebuilt.
+kde/ksnakeduel-4.14.3-x86_64-3.txz: Rebuilt.
+kde/ksnapshot-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kspaceduel-4.14.3-x86_64-3.txz: Rebuilt.
+kde/ksquares-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kstars-4.14.3-x86_64-3.txz: Rebuilt.
+kde/ksudoku-4.14.3-x86_64-3.txz: Rebuilt.
+kde/ksystemlog-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kteatime-4.14.3-x86_64-3.txz: Rebuilt.
+kde/ktimer-4.14.3-x86_64-3.txz: Rebuilt.
+kde/ktorrent-4.3.1-x86_64-3.txz: Rebuilt.
+kde/ktouch-4.14.3-x86_64-4.txz: Rebuilt.
+kde/ktuberling-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kturtle-4.14.3-x86_64-3.txz: Rebuilt.
+kde/ktux-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kubrick-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kuser-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kwalletmanager-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kwebkitpart-1.3.4-x86_64-3.txz: Rebuilt.
+kde/kwordquiz-4.14.3-x86_64-3.txz: Rebuilt.
+kde/libkcddb-4.14.3-x86_64-3.txz: Rebuilt.
+kde/libkcompactdisc-4.14.3-x86_64-3.txz: Rebuilt.
+kde/libkdcraw-4.14.3-x86_64-5.txz: Rebuilt.
+kde/libkdeedu-4.14.3-x86_64-3.txz: Rebuilt.
+kde/libkdegames-4.14.3-x86_64-3.txz: Rebuilt.
+kde/libkexiv2-4.14.3-x86_64-4.txz: Rebuilt.
+kde/libkipi-4.14.3-x86_64-3.txz: Rebuilt.
+kde/libkmahjongg-4.14.3-x86_64-3.txz: Rebuilt.
+kde/libkomparediff2-4.14.3-x86_64-3.txz: Rebuilt.
+kde/libksane-4.14.3-x86_64-3.txz: Rebuilt.
+kde/libkscreen-1.0.5-x86_64-3.txz: Rebuilt.
+kde/libktorrent-1.3.1-x86_64-4.txz: Rebuilt.
+kde/libmm-qt-1.0.1-x86_64-3.txz: Rebuilt.
+kde/libnm-qt-0.9.8.3-x86_64-3.txz: Rebuilt.
+kde/lokalize-4.14.3-x86_64-4.txz: Rebuilt.
+kde/lskat-4.14.3-x86_64-4.txz: Rebuilt.
+kde/marble-4.14.3-x86_64-3.txz: Rebuilt.
+kde/mplayerthumbs-4.14.3-x86_64-3.txz: Rebuilt.
+kde/nepomuk-core-4.14.3-x86_64-4.txz: Rebuilt.
+kde/nepomuk-widgets-4.14.3-x86_64-3.txz: Rebuilt.
+kde/okteta-4.14.3-x86_64-3.txz: Rebuilt.
+kde/okular-4.14.3-x86_64-3.txz: Rebuilt.
+kde/oxygen-gtk2-1.4.6-x86_64-3.txz: Rebuilt.
+kde/oxygen-icons-4.14.3-x86_64-3.txz: Rebuilt.
+kde/pairs-4.14.3-x86_64-3.txz: Rebuilt.
+kde/palapeli-4.14.3-x86_64-3.txz: Rebuilt.
+kde/parley-4.14.3-x86_64-3.txz: Rebuilt.
+kde/partitionmanager-1.1.1-x86_64-3.txz: Rebuilt.
+kde/perlkde-4.14.3-x86_64-5.txz: Rebuilt.
+ Recompiled against perl-5.26.2.
+kde/perlqt-4.14.3-x86_64-6.txz: Rebuilt.
+ Recompiled against perl-5.26.2.
+kde/picmi-4.14.3-x86_64-3.txz: Rebuilt.
+kde/plasma-nm-0.9.3.6-x86_64-2.txz: Rebuilt.
+kde/polkit-kde-agent-1-9d74ae3_20120104git-x86_64-3.txz: Rebuilt.
+kde/polkit-kde-kcmodules-1-001bdf7_20120111git-x86_64-3.txz: Rebuilt.
+kde/poxml-4.14.3-x86_64-3.txz: Rebuilt.
+kde/print-manager-4.14.3-x86_64-3.txz: Rebuilt.
+kde/pykde4-4.14.3-x86_64-7.txz: Rebuilt.
+kde/qtruby-4.14.3-x86_64-8.txz: Rebuilt.
+kde/rocs-4.14.3-x86_64-3.txz: Rebuilt.
+kde/skanlite-1.1-x86_64-3.txz: Rebuilt.
+kde/smokegen-4.14.3-x86_64-3.txz: Rebuilt.
+kde/smokekde-4.14.3-x86_64-3.txz: Rebuilt.
+kde/smokeqt-4.14.3-x86_64-5.txz: Rebuilt.
+kde/step-4.14.3-x86_64-6.txz: Rebuilt.
+kde/superkaramba-4.14.3-x86_64-4.txz: Rebuilt.
+kde/svgpart-4.14.3-x86_64-3.txz: Rebuilt.
+kde/sweeper-4.14.3-x86_64-3.txz: Rebuilt.
+kde/umbrello-4.14.3-x86_64-3.txz: Rebuilt.
+kde/wicd-kde-0.3.0_bcf27d8-x86_64-3.txz: Rebuilt.
+kde/zeroconf-ioslave-4.14.3-x86_64-3.txz: Rebuilt.
+l/ConsoleKit2-1.0.0-x86_64-4.txz: Rebuilt.
+l/GConf-3.2.6-x86_64-4.txz: Rebuilt.
+l/LibRaw-0.18.8-x86_64-2.txz: Rebuilt.
+l/M2Crypto-0.27.0-x86_64-3.txz: Rebuilt.
+l/Mako-1.0.7-x86_64-2.txz: Rebuilt.
+l/PyQt-4.12.1-x86_64-2.txz: Rebuilt.
+l/QScintilla-2.10.2-x86_64-2.txz: Rebuilt.
+l/SDL2-2.0.8-x86_64-2.txz: Rebuilt.
+l/SDL2_gfx-1.0.3-x86_64-2.txz: Rebuilt.
+l/SDL2_image-2.0.3-x86_64-2.txz: Rebuilt.
+l/SDL2_mixer-2.0.2-x86_64-3.txz: Rebuilt.
+l/SDL2_net-2.0.1-x86_64-2.txz: Rebuilt.
+l/SDL2_ttf-2.0.14-x86_64-2.txz: Rebuilt.
+l/a52dec-0.7.4-x86_64-3.txz: Rebuilt.
+l/aalib-1.4rc5-x86_64-6.txz: Rebuilt.
+l/adwaita-icon-theme-3.28.0-noarch-2.txz: Rebuilt.
+l/akonadi-1.13.0-x86_64-9.txz: Rebuilt.
+ Recompiled against boost-1.67.0.
+l/alsa-lib-1.1.6-x86_64-3.txz: Rebuilt.
+l/alsa-oss-1.1.6-x86_64-2.txz: Rebuilt.
+l/alsa-plugins-1.1.6-x86_64-2.txz: Rebuilt.
+l/apr-1.6.3-x86_64-2.txz: Rebuilt.
+l/apr-util-1.6.1-x86_64-6.txz: Rebuilt.
+l/aspell-0.60.6.1-x86_64-3.txz: Rebuilt.
+l/aspell-en-2018.04.16_0-x86_64-1.txz: Upgraded.
+l/at-spi2-atk-2.26.2-x86_64-2.txz: Rebuilt.
+l/at-spi2-core-2.28.0-x86_64-2.txz: Rebuilt.
+l/atk-2.28.1-x86_64-2.txz: Rebuilt.
+l/atkmm-2.24.2-x86_64-2.txz: Rebuilt.
+l/attica-0.4.2-x86_64-2.txz: Rebuilt.
+l/audiofile-0.3.6-x86_64-2.txz: Rebuilt.
+l/automoc4-0.9.88-x86_64-2.txz: Rebuilt.
+l/babl-0.1.46-x86_64-1.txz: Upgraded.
+l/boost-1.67.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/cairo-1.15.12-x86_64-2.txz: Rebuilt.
+l/cairomm-1.12.2-x86_64-2.txz: Rebuilt.
+l/chmlib-0.40-x86_64-3.txz: Rebuilt.
+l/clucene-2.3.3.4-x86_64-3.txz: Rebuilt.
+l/db42-4.2.52-x86_64-4.txz: Rebuilt.
+l/db44-4.4.20-x86_64-4.txz: Rebuilt.
+l/db48-4.8.30-x86_64-3.txz: Rebuilt.
+l/dbus-glib-0.110-x86_64-2.txz: Rebuilt.
+l/dbus-python-1.2.6-x86_64-2.txz: Rebuilt.
+l/dconf-0.26.1-x86_64-2.txz: Rebuilt.
+l/dconf-editor-3.26.2-x86_64-2.txz: Rebuilt.
+l/desktop-file-utils-0.23-x86_64-2.txz: Rebuilt.
+l/djvulibre-3.5.27-x86_64-2.txz: Rebuilt.
+l/ebook-tools-0.2.2-x86_64-5.txz: Rebuilt.
+l/eigen2-2.0.17-x86_64-2.txz: Rebuilt.
+l/eigen3-3.2.10-x86_64-2.txz: Rebuilt.
+l/elfutils-0.170-x86_64-2.txz: Rebuilt.
+l/enchant-1.6.1-x86_64-2.txz: Rebuilt.
+l/esound-0.2.41-x86_64-3.txz: Rebuilt.
+l/exiv2-0.26-x86_64-3.txz: Rebuilt.
+l/expat-2.2.5-x86_64-2.txz: Rebuilt.
+l/ffmpeg-3.4.2-x86_64-2.txz: Rebuilt.
+l/fftw-3.3.7-x86_64-2.txz: Rebuilt.
+l/fluidsynth-1.1.10-x86_64-2.txz: Rebuilt.
+l/freetype-2.9-x86_64-2.txz: Rebuilt.
+l/fribidi-0.19.7-x86_64-2.txz: Rebuilt.
+l/fuse-2.9.7-x86_64-2.txz: Rebuilt.
+l/gamin-0.1.10-x86_64-6.txz: Rebuilt.
+l/gc-7.6.4-x86_64-2.txz: Rebuilt.
+l/gcr-3.28.0-x86_64-2.txz: Rebuilt.
+l/gd-2.2.5-x86_64-1.txz: Upgraded.
+ This update fixes two security issues:
+ Double-free in gdImagePngPtr() (denial of service).
+ Buffer over-read into uninitialized memory (information leak).
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6362
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7890
+ (* Security fix *)
+l/gdbm-1.13-x86_64-2.txz: Rebuilt.
+l/gdk-pixbuf2-2.36.12-x86_64-2.txz: Rebuilt.
+l/gegl-0.2.0-x86_64-7.txz: Rebuilt.
+l/giflib-5.1.4-x86_64-2.txz: Rebuilt.
+l/glade3-3.8.6-x86_64-2.txz: Rebuilt.
+l/glib-1.2.10-x86_64-6.txz: Rebuilt.
+l/glib-networking-2.56.0-x86_64-2.txz: Rebuilt.
+l/glib2-2.56.1-x86_64-2.txz: Rebuilt.
+l/glibc-2.27-x86_64-2.txz: Rebuilt.
+ [PATCH] Linux: use reserved name __key in pkey_get [BZ #22797]
+l/glibc-i18n-2.27-x86_64-2.txz: Rebuilt.
+l/glibc-profile-2.27-x86_64-2.txz: Rebuilt.
+l/glibmm-2.56.0-x86_64-1.txz: Upgraded.
+l/gmime-2.6.23-x86_64-3.txz: Rebuilt.
+l/gmm-4.3-noarch-2.txz: Rebuilt.
+l/gmp-6.1.2-x86_64-2.txz: Rebuilt.
+l/gnome-keyring-3.28.0.2-x86_64-2.txz: Rebuilt.
+l/gnome-themes-standard-3.22.3-x86_64-2.txz: Rebuilt.
+l/gnu-efi-3.0.6-x86_64-2.txz: Rebuilt.
+l/gobject-introspection-1.56.1-x86_64-2.txz: Rebuilt.
+l/grantlee-0.5.1-x86_64-2.txz: Rebuilt.
+l/gsettings-desktop-schemas-3.28.0-x86_64-2.txz: Rebuilt.
+l/gsl-2.4-x86_64-2.txz: Rebuilt.
+l/gst-plugins-base-1.14.0-x86_64-2.txz: Rebuilt.
+l/gst-plugins-base0-0.10.36-x86_64-3.txz: Rebuilt.
+l/gst-plugins-good-1.14.0-x86_64-2.txz: Rebuilt.
+l/gst-plugins-good0-0.10.31-x86_64-3.txz: Rebuilt.
+l/gst-plugins-libav-1.14.0-x86_64-2.txz: Rebuilt.
+l/gstreamer-1.14.0-x86_64-2.txz: Rebuilt.
+l/gstreamer0-0.10.36-x86_64-2.txz: Rebuilt.
+l/gtk+-1.2.10-x86_64-7.txz: Rebuilt.
+l/gtk+2-2.24.32-x86_64-2.txz: Rebuilt.
+l/gtk+3-3.22.30-x86_64-1.txz: Upgraded.
+l/gtkmm2-2.24.5-x86_64-2.txz: Rebuilt.
+l/gtkmm3-3.22.2-x86_64-2.txz: Rebuilt.
+l/gtkspell-2.0.16-x86_64-4.txz: Rebuilt.
+l/gvfs-1.36.1-x86_64-2.txz: Rebuilt.
+l/harfbuzz-1.7.6-x86_64-3.txz: Rebuilt.
+l/hicolor-icon-theme-0.17-noarch-2.txz: Rebuilt.
+l/hunspell-1.6.2-x86_64-2.txz: Rebuilt.
+l/icon-naming-utils-0.8.90-x86_64-3.txz: Rebuilt.
+l/icu4c-61.1-x86_64-2.txz: Rebuilt.
+l/id3lib-3.8.3-x86_64-2.txz: Rebuilt.
+l/ilmbase-2.2.0-x86_64-2.txz: Rebuilt.
+l/imagemagick-6.9.9_40-x86_64-2.txz: Rebuilt.
+ Don't use OpenCL. Thanks to EdGr.
+l/iso-codes-3.76-noarch-2.txz: Rebuilt.
+l/jansson-2.11-x86_64-2.txz: Rebuilt.
+l/jasper-2.0.12-x86_64-2.txz: Rebuilt.
+l/jemalloc-4.5.0-x86_64-2.txz: Rebuilt.
+l/js185-1.0.0-x86_64-2.txz: Rebuilt.
+l/judy-1.0.5-x86_64-2.txz: Rebuilt.
+l/keybinder-0.3.1-x86_64-2.txz: Rebuilt.
+l/keyutils-1.5.10-x86_64-2.txz: Rebuilt.
+l/lame-3.100-x86_64-2.txz: Rebuilt.
+l/lcms-1.19-x86_64-4.txz: Rebuilt.
+l/lcms2-2.9-x86_64-2.txz: Rebuilt.
+l/libaio-0.3.110-x86_64-2.txz: Rebuilt.
+l/libao-1.2.2-x86_64-2.txz: Rebuilt.
+l/libarchive-3.3.2-x86_64-2.txz: Rebuilt.
+l/libart_lgpl-2.3.21-x86_64-2.txz: Rebuilt.
+l/libasyncns-0.8-x86_64-2.txz: Rebuilt.
+l/libatasmart-0.19-x86_64-3.txz: Rebuilt.
+l/libbluedevil-2.1-x86_64-2.txz: Rebuilt.
+l/libbluray-1.0.1-x86_64-2.txz: Rebuilt.
+l/libcaca-0.99.beta19-x86_64-3.txz: Rebuilt.
+l/libcanberra-0.30-x86_64-6.txz: Rebuilt.
+l/libcap-2.25-x86_64-2.txz: Rebuilt.
+l/libcap-ng-0.7.8-x86_64-3.txz: Rebuilt.
+l/libcddb-1.3.2-x86_64-5.txz: Rebuilt.
+l/libcdio-2.0.0-x86_64-2.txz: Rebuilt.
+l/libcdio-paranoia-10.2+0.94+2-x86_64-3.txz: Rebuilt.
+l/libclc-20180223_3554053-x86_64-2.txz: Rebuilt.
+l/libcroco-0.6.12-x86_64-2.txz: Rebuilt.
+l/libdbusmenu-qt-0.9.2-x86_64-3.txz: Rebuilt.
+l/libdiscid-0.6.2-x86_64-2.txz: Rebuilt.
+l/libdvdnav-6.0.0-x86_64-2.txz: Rebuilt.
+l/libdvdread-6.0.0-x86_64-3.txz: Rebuilt.
+l/libedit-20170329_3.1-x86_64-2.txz: Rebuilt.
+l/libevent-2.1.8-x86_64-2.txz: Rebuilt.
+l/libexif-0.6.21-x86_64-2.txz: Rebuilt.
+l/libfakekey-0.3-x86_64-2.txz: Rebuilt.
+l/libffi-3.2.1-x86_64-2.txz: Rebuilt.
+l/libglade-2.6.4-x86_64-6.txz: Rebuilt.
+l/libgnome-keyring-3.12.0-x86_64-2.txz: Rebuilt.
+l/libgphoto2-2.5.17-x86_64-1.txz: Upgraded.
+l/libgpod-0.8.3-x86_64-5.txz: Rebuilt.
+l/libgsf-1.14.42-x86_64-2.txz: Rebuilt.
+l/libical-3.0.1-x86_64-3.txz: Rebuilt.
+l/libid3tag-0.15.1b-x86_64-5.txz: Rebuilt.
+l/libidl-0.8.14-x86_64-2.txz: Rebuilt.
+l/libidn-1.34-x86_64-2.txz: Rebuilt.
+l/libidn2-2.0.4-x86_64-2.txz: Rebuilt.
+l/libieee1284-0.2.11-x86_64-4.txz: Rebuilt.
+l/libimobiledevice-1.2.0-x86_64-3.txz: Rebuilt.
+l/libiodbc-3.52.10-x86_64-3.txz: Rebuilt.
+l/libjpeg-turbo-1.5.3-x86_64-2.txz: Rebuilt.
+l/libkarma-0.1.1-x86_64-3.txz: Rebuilt.
+l/liblastfm-1.0.9-x86_64-2.txz: Rebuilt.
+l/libmad-0.15.1b-x86_64-4.txz: Rebuilt.
+l/libmcrypt-2.5.8-x86_64-2.txz: Rebuilt.
+l/libmng-2.0.3-x86_64-2.txz: Rebuilt.
+l/libmpc-1.1.0-x86_64-2.txz: Rebuilt.
+l/libmsn-4.2.1-x86_64-3.txz: Rebuilt.
+l/libmtp-1.1.15-x86_64-2.txz: Rebuilt.
+l/libnih-1.0.3-x86_64-3.txz: Rebuilt.
+l/libnjb-2.2.7-x86_64-2.txz: Rebuilt.
+l/libnl-1.1.4-x86_64-2.txz: Rebuilt.
+l/libnl3-3.4.0-x86_64-2.txz: Rebuilt.
+l/libnotify-0.7.7-x86_64-2.txz: Rebuilt.
+l/libodfgen-0.1.6-x86_64-2.txz: Rebuilt.
+l/libogg-1.3.3-x86_64-2.txz: Rebuilt.
+l/liboggz-1.1.1-x86_64-3.txz: Rebuilt.
+l/liboil-0.3.17-x86_64-2.txz: Rebuilt.
+l/libpcap-1.8.1-x86_64-2.txz: Rebuilt.
+l/libplist-2.0.0-x86_64-2.txz: Rebuilt.
+l/libpng-1.6.34-x86_64-2.txz: Rebuilt.
+l/libproxy-0.4.15-x86_64-2.txz: Rebuilt.
+l/libraw1394-2.1.2-x86_64-2.txz: Rebuilt.
+l/librevenge-0.0.4-x86_64-2.txz: Rebuilt.
+l/librsvg-2.42.3-x86_64-3.txz: Rebuilt.
+l/libsamplerate-0.1.9-x86_64-2.txz: Rebuilt.
+l/libsecret-0.18.6-x86_64-2.txz: Rebuilt.
+l/libsigc++-2.10.0-x86_64-2.txz: Rebuilt.
+l/libsigsegv-2.12-x86_64-2.txz: Rebuilt.
+l/libsndfile-1.0.28-x86_64-2.txz: Rebuilt.
+l/libsodium-1.0.16-x86_64-2.txz: Rebuilt.
+l/libsoup-2.62.1-x86_64-2.txz: Rebuilt.
+l/libspectre-0.2.8-x86_64-2.txz: Rebuilt.
+l/libssh-0.7.5-x86_64-2.txz: Rebuilt.
+l/libssh2-1.8.0-x86_64-2.txz: Rebuilt.
+l/libtasn1-4.13-x86_64-2.txz: Rebuilt.
+l/libtheora-1.1.1-x86_64-2.txz: Rebuilt.
+l/libtiff-4.0.9-x86_64-2.txz: Rebuilt.
+l/libunistring-0.9.9-x86_64-2.txz: Rebuilt.
+l/libunwind-1.2.1-x86_64-3.txz: Rebuilt.
+l/libusb-1.0.22-x86_64-2.txz: Rebuilt.
+l/libusb-compat-0.1.5-x86_64-3.txz: Rebuilt.
+l/libusbmuxd-1.0.10-x86_64-2.txz: Rebuilt.
+l/libvisio-0.1.6-x86_64-3.txz: Rebuilt.
+l/libvisual-0.4.0-x86_64-4.txz: Rebuilt.
+l/libvisual-plugins-0.4.0-x86_64-3.txz: Rebuilt.
+l/libvncserver-0.9.11-x86_64-3.txz: Rebuilt.
+l/libvorbis-1.3.6-x86_64-2.txz: Rebuilt.
+l/libvpx-1.7.0-x86_64-2.txz: Rebuilt.
+l/libwebp-0.6.1-x86_64-2.txz: Rebuilt.
+l/libwmf-0.2.8.4-x86_64-7.txz: Rebuilt.
+l/libwmf-docs-0.2.8.4-noarch-7.txz: Rebuilt.
+l/libwnck-2.31.0-x86_64-3.txz: Rebuilt.
+l/libwpd-0.10.1-x86_64-2.txz: Rebuilt.
+l/libwpg-0.3.1-x86_64-2.txz: Rebuilt.
+l/libxklavier-5.4-x86_64-2.txz: Rebuilt.
+l/libxml2-2.9.8-x86_64-2.txz: Rebuilt.
+l/libxslt-1.1.32-x86_64-2.txz: Rebuilt.
+l/libyaml-0.1.7-x86_64-2.txz: Rebuilt.
+l/libzip-1.5.1-x86_64-2.txz: Rebuilt.
+l/loudmouth-1.5.3-x86_64-2.txz: Rebuilt.
+l/lzo-2.10-x86_64-2.txz: Rebuilt.
+l/media-player-info-23-noarch-2.txz: Rebuilt.
+l/mhash-0.9.9.9-x86_64-4.txz: Rebuilt.
+l/mm-1.4.2-x86_64-3.txz: Rebuilt.
+l/mozilla-nss-3.36.1-x86_64-2.txz: Rebuilt.
+l/mpfr-4.0.1-x86_64-2.txz: Rebuilt.
+l/ncurses-6.1_20180324-x86_64-4.txz: Rebuilt.
+ Change the xterm entry in xterm.terminfo (way down at the bottom, where it
+ says "customization begins here" and that we may need to change the xterm
+ entry since it is used "for a variety of incompatible terminal emulations")
+ to drop the use of use=rep+ansi. In addition to causing Konsole breakage, I
+ have verification that rep= was causing problems with terminals connecting
+ from OSX. Only the xterm entry has changed. Previously this was an alias for
+ xterm-new, which has not been altered. Feel free to use xterm-new instead if
+ it suits your needs better.
+l/neon-0.30.1-x86_64-3.txz: Rebuilt.
+l/netpbm-10.66.02-x86_64-5.txz: Rebuilt.
+l/newt-0.52.20-x86_64-3.txz: Rebuilt.
+l/ocl-icd-2.2.12-x86_64-2.txz: Rebuilt.
+l/openexr-2.2.0-x86_64-3.txz: Rebuilt.
+l/openjpeg-2.3.0-x86_64-2.txz: Rebuilt.
+l/opus-1.3_beta-x86_64-2.txz: Rebuilt.
+l/opusfile-0.9-x86_64-3.txz: Rebuilt.
+l/orc-0.4.28-x86_64-2.txz: Rebuilt.
+l/pango-1.42.1-x86_64-2.txz: Rebuilt.
+l/pangomm-2.40.1-x86_64-2.txz: Rebuilt.
+l/parted-3.2-x86_64-4.txz: Rebuilt.
+l/pcre-8.42-x86_64-2.txz: Rebuilt.
+l/pcre2-10.31-x86_64-2.txz: Rebuilt.
+l/phonon-4.8.3-x86_64-3.txz: Rebuilt.
+l/phonon-gstreamer-4.8.2-x86_64-2.txz: Rebuilt.
+l/pilot-link-0.12.5-x86_64-13.txz: Rebuilt.
+l/polkit-0.113-x86_64-4.txz: Rebuilt.
+l/polkit-gnome-0.105-x86_64-2.txz: Rebuilt.
+l/polkit-qt-1-0.112.0-x86_64-2.txz: Rebuilt.
+l/poppler-0.64.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/poppler-data-0.4.8-noarch-2.txz: Rebuilt.
+l/popt-1.16-x86_64-3.txz: Rebuilt.
+l/pulseaudio-11.1-x86_64-2.txz: Rebuilt.
+l/pycairo-1.16.3-x86_64-2.txz: Rebuilt.
+l/pycups-1.9.73-x86_64-4.txz: Rebuilt.
+l/pycurl-7.43.0.1-x86_64-2.txz: Rebuilt.
+l/pygobject-2.28.7-x86_64-2.txz: Rebuilt.
+l/pygobject3-3.28.2-x86_64-2.txz: Rebuilt.
+l/pygtk-2.24.0-x86_64-5.txz: Rebuilt.
+l/pyparsing-2.2.0-x86_64-2.txz: Rebuilt.
+l/python-appdirs-1.4.3-x86_64-2.txz: Rebuilt.
+l/python-certifi-2018.1.18-x86_64-2.txz: Rebuilt.
+l/python-chardet-3.0.4-x86_64-2.txz: Rebuilt.
+l/python-docutils-0.14-x86_64-2.txz: Rebuilt.
+l/python-idna-2.6-x86_64-2.txz: Rebuilt.
+l/python-notify2-0.3.1-x86_64-2.txz: Rebuilt.
+l/python-packaging-16.8-x86_64-2.txz: Rebuilt.
+l/python-pillow-5.1.0-x86_64-2.txz: Rebuilt.
+l/python-requests-2.18.4-x86_64-2.txz: Rebuilt.
+l/python-sane-2.8.3-x86_64-2.txz: Rebuilt.
+l/python-six-1.11.0-x86_64-2.txz: Rebuilt.
+l/python-urllib3-1.22-x86_64-2.txz: Rebuilt.
+l/qca-2.1.3-x86_64-2.txz: Rebuilt.
+l/qimageblitz-0.0.6-x86_64-2.txz: Rebuilt.
+l/qjson-0.8.1-x86_64-2.txz: Rebuilt.
+l/qt-4.8.7-x86_64-9.txz: Rebuilt.
+l/qt-gstreamer-1.2.0-x86_64-2.txz: Rebuilt.
+l/qtscriptgenerator-0.2.0-x86_64-3.txz: Rebuilt.
+l/raptor2-2.0.15-x86_64-5.txz: Rebuilt.
+l/rasqal-0.9.33-x86_64-3.txz: Rebuilt.
+l/readline-7.0.003-x86_64-2.txz: Rebuilt.
+l/redland-1.0.17-x86_64-4.txz: Rebuilt.
+l/sbc-1.3-x86_64-2.txz: Rebuilt.
+l/sdl-1.2.15-x86_64-7.txz: Rebuilt.
+l/seamonkey-solibs-2.49.2-x86_64-2.txz: Rebuilt.
+l/serf-1.3.9-x86_64-2.txz: Rebuilt.
+l/sg3_utils-1.42-x86_64-2.txz: Rebuilt.
+l/shared-desktop-ontologies-0.11.0-x86_64-2.txz: Rebuilt.
+l/shared-mime-info-1.9-x86_64-2.txz: Rebuilt.
+l/sip-4.19.8-x86_64-2.txz: Rebuilt.
+l/slang-2.3.2-x86_64-3.txz: Rebuilt.
+l/slang1-1.4.9-x86_64-2.txz: Rebuilt.
+l/soprano-2.9.4-x86_64-2.txz: Rebuilt.
+l/sound-theme-freedesktop-0.8-noarch-2.txz: Rebuilt.
+l/speex-1.2.0-x86_64-2.txz: Rebuilt.
+l/speexdsp-1.2rc3-x86_64-2.txz: Rebuilt.
+l/startup-notification-0.12-x86_64-3.txz: Rebuilt.
+l/strigi-0.7.8-x86_64-4.txz: Rebuilt.
+l/svgalib-1.9.25-x86_64-4.txz: Rebuilt.
+l/system-config-printer-1.5.11-x86_64-3.txz: Rebuilt.
+l/t1lib-5.1.2-x86_64-4.txz: Rebuilt.
+l/taglib-1.11.1-x86_64-3.txz: Rebuilt.
+l/taglib-extras-1.0.1-x86_64-2.txz: Rebuilt.
+l/talloc-2.1.13-x86_64-1.txz: Upgraded.
+l/tango-icon-theme-0.8.90-noarch-2.txz: Rebuilt.
+l/tango-icon-theme-extras-0.1.0-noarch-2.txz: Rebuilt.
+l/tdb-1.3.15-x86_64-2.txz: Rebuilt.
+l/tevent-0.9.36-x86_64-2.txz: Rebuilt.
+l/urwid-1.0.3-x86_64-3.txz: Rebuilt.
+l/utf8proc-2.1.0-x86_64-1.txz: Added.
+ This library is required by subversion-1.10.0.
+l/v4l-utils-1.14.2-x86_64-2.txz: Rebuilt.
+l/virtuoso-ose-6.1.8-x86_64-8.txz: Rebuilt.
+l/vte-0.52.1-x86_64-2.txz: Rebuilt.
+l/wavpack-5.1.0-x86_64-2.txz: Rebuilt.
+l/xapian-core-1.4.5-x86_64-2.txz: Rebuilt.
+l/zlib-1.2.11-x86_64-2.txz: Rebuilt.
+n/ModemManager-1.6.12-x86_64-2.txz: Rebuilt.
+n/NetworkManager-1.10.6-x86_64-3.txz: Rebuilt.
+n/alpine-2.21-x86_64-2.txz: Rebuilt.
+n/autofs-5.1.4-x86_64-2.txz: Rebuilt.
+n/biff+comsat-0.17-x86_64-2.txz: Rebuilt.
+n/bind-9.11.3-x86_64-2.txz: Rebuilt.
+n/bluez-5.49-x86_64-3.txz: Rebuilt.
+n/bluez-firmware-1.2-x86_64-2.txz: Rebuilt.
+n/bootp-2.4.3-x86_64-3.txz: Rebuilt.
+n/bridge-utils-1.5-x86_64-2.txz: Rebuilt.
+n/bsd-finger-0.17-x86_64-3.txz: Rebuilt.
+n/ca-certificates-20170717-noarch-2.txz: Rebuilt.
+n/cifs-utils-6.7-x86_64-2.txz: Rebuilt.
+n/conntrack-tools-1.4.4-x86_64-2.txz: Rebuilt.
+n/crda-3.18-x86_64-6.txz: Rebuilt.
+n/curl-7.59.0-x86_64-3.txz: Rebuilt.
+n/cyrus-sasl-2.1.26-x86_64-4.txz: Rebuilt.
+n/dhcp-4.4.1-x86_64-2.txz: Rebuilt.
+n/dhcpcd-7.0.3-x86_64-2.txz: Rebuilt.
+n/dnsmasq-2.79-x86_64-2.txz: Rebuilt.
+n/dovecot-2.3.1-x86_64-3.txz: Rebuilt.
+ Recompiled using --with-lucene. Thanks to kj25vm.
+n/ebtables-2.0.10-x86_64-2.txz: Rebuilt.
+n/elm-2.5.8-x86_64-5.txz: Rebuilt.
+n/epic5-2.0.1-x86_64-4.txz: Rebuilt.
+ Recompiled against perl-5.26.2.
+n/ethtool-4.16-x86_64-1.txz: Upgraded.
+n/fetchmail-6.3.26-x86_64-3.txz: Rebuilt.
+n/getmail-5.6-x86_64-2.txz: Rebuilt.
+n/gnupg-1.4.22-x86_64-2.txz: Rebuilt.
+n/gnupg2-2.2.6-x86_64-2.txz: Rebuilt.
+n/gnutls-3.6.2-x86_64-2.txz: Rebuilt.
+n/gpa-0.9.10-x86_64-2.txz: Rebuilt.
+n/gpgme-1.10.0-x86_64-2.txz: Rebuilt.
+n/htdig-3.2.0b6-x86_64-5.txz: Rebuilt.
+n/httpd-2.4.33-x86_64-3.txz: Rebuilt.
+n/icmpinfo-1.11-x86_64-3.txz: Rebuilt.
+n/iftop-1.0pre4-x86_64-2.txz: Rebuilt.
+n/inetd-1.79s-x86_64-11.txz: Rebuilt.
+n/iproute2-4.16.0-x86_64-2.txz: Rebuilt.
+n/ipset-6.38-x86_64-1.txz: Upgraded.
+n/iptables-1.6.2-x86_64-2.txz: Rebuilt.
+n/iptraf-ng-1.1.4-x86_64-3.txz: Rebuilt.
+n/iputils-s20140519-x86_64-2.txz: Rebuilt.
+n/irssi-1.1.1-x86_64-2.txz: Rebuilt.
+ Recompiled against perl-5.26.2.
+n/iw-4.14-x86_64-2.txz: Rebuilt.
+n/lftp-4.8.3-x86_64-2.txz: Rebuilt.
+n/libassuan-2.5.1-x86_64-2.txz: Rebuilt.
+n/libgcrypt-1.8.2-x86_64-2.txz: Rebuilt.
+n/libgpg-error-1.29-x86_64-2.txz: Rebuilt.
+n/libksba-1.3.5-x86_64-2.txz: Rebuilt.
+n/libmbim-1.16.0-x86_64-2.txz: Rebuilt.
+n/libmilter-8.15.2-x86_64-2.txz: Rebuilt.
+n/libmnl-1.0.4-x86_64-3.txz: Rebuilt.
+n/libndp-1.6-x86_64-2.txz: Rebuilt.
+n/libnetfilter_acct-1.0.3-x86_64-2.txz: Rebuilt.
+n/libnetfilter_conntrack-1.0.6-x86_64-2.txz: Rebuilt.
+n/libnetfilter_cthelper-1.0.0-x86_64-2.txz: Rebuilt.
+n/libnetfilter_cttimeout-1.0.0-x86_64-2.txz: Rebuilt.
+n/libnetfilter_log-1.0.1-x86_64-2.txz: Rebuilt.
+n/libnetfilter_queue-1.0.3-x86_64-2.txz: Rebuilt.
+n/libnfnetlink-1.0.1-x86_64-2.txz: Rebuilt.
+n/libnftnl-1.0.9-x86_64-2.txz: Rebuilt.
+n/libqmi-1.20.0-x86_64-2.txz: Rebuilt.
+n/libtirpc-1.0.3-x86_64-2.txz: Rebuilt.
+n/links-2.14-x86_64-3.txz: Rebuilt.
+n/lynx-2.8.9dev.16-x86_64-1.txz: Upgraded.
+n/mailx-12.5-x86_64-3.txz: Rebuilt.
+n/mcabber-1.0.5-x86_64-2.txz: Rebuilt.
+n/metamail-2.7-x86_64-7.txz: Rebuilt.
+n/mobile-broadband-provider-info-20170310-x86_64-2.txz: Rebuilt.
+n/mtr-0.92-x86_64-2.txz: Rebuilt.
+n/mutt-1.9.5-x86_64-1.txz: Upgraded.
+n/nc-1.10-x86_64-2.txz: Rebuilt.
+n/ncftp-3.2.6-x86_64-2.txz: Rebuilt.
+n/net-snmp-5.7.3-x86_64-7.txz: Rebuilt.
+ Recompiled against perl-5.26.2.
+n/net-tools-20170208_479bb4a-x86_64-2.txz: Rebuilt.
+n/netatalk-2.2.3-x86_64-7.txz: Rebuilt.
+n/netdate-bsd4-x86_64-2.txz: Rebuilt.
+n/netkit-bootparamd-0.17-x86_64-3.txz: Rebuilt.
+n/netkit-ftp-0.17-x86_64-4.txz: Rebuilt.
+n/netkit-ntalk-0.17-x86_64-5.txz: Rebuilt.
+n/netkit-routed-0.17-x86_64-2.txz: Rebuilt.
+n/netkit-rsh-0.17-x86_64-2.txz: Rebuilt.
+n/netkit-rusers-0.17-x86_64-2.txz: Rebuilt.
+n/netkit-rwall-0.17-x86_64-2.txz: Rebuilt.
+n/netkit-rwho-0.17-x86_64-3.txz: Rebuilt.
+n/netkit-timed-0.17-x86_64-2.txz: Rebuilt.
+n/netpipes-4.2-x86_64-2.txz: Rebuilt.
+n/nettle-3.4-x86_64-2.txz: Rebuilt.
+n/netwatch-1.3.1_2-x86_64-3.txz: Rebuilt.
+n/network-scripts-15.0-noarch-7.txz: Rebuilt.
+n/netwrite-0.17-x86_64-2.txz: Rebuilt.
+n/newspost-2.1.1-x86_64-2.txz: Rebuilt.
+n/nfacct-1.0.2-x86_64-2.txz: Rebuilt.
+n/nfs-utils-2.3.1-x86_64-2.txz: Rebuilt.
+n/nftables-0.8.2-x86_64-2.txz: Rebuilt.
+n/nghttp2-1.31.1-x86_64-1.txz: Upgraded.
+ This update fixes a security issue:
+ Denial of service due to NULL pointer dereference.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000168
+ (* Security fix *)
+n/nmap-7.70-x86_64-2.txz: Rebuilt.
+n/nn-6.7.3-x86_64-5.txz: Rebuilt.
+n/npth-1.5-x86_64-2.txz: Rebuilt.
+n/ntp-4.2.8p11-x86_64-2.txz: Rebuilt.
+ Recompiled against perl-5.26.2.
+n/obexftp-0.24.2-x86_64-3.txz: Rebuilt.
+n/openldap-client-2.4.46-x86_64-2.txz: Rebuilt.
+n/openobex-1.7.2-x86_64-2.txz: Rebuilt.
+n/openssh-7.7p1-x86_64-3.txz: Rebuilt.
+n/openssl-1.0.2o-x86_64-2.txz: Rebuilt.
+n/openvpn-2.4.5-x86_64-2.txz: Rebuilt.
+n/p11-kit-0.23.10-x86_64-2.txz: Rebuilt.
+n/php-7.2.4-x86_64-2.txz: Rebuilt.
+n/pidentd-3.0.19-x86_64-3.txz: Rebuilt.
+n/pinentry-1.1.0-x86_64-2.txz: Rebuilt.
+n/popa3d-1.0.3-x86_64-2.txz: Rebuilt.
+n/postfix-3.3.0-x86_64-3.txz: Rebuilt.
+n/ppp-2.4.7-x86_64-2.txz: Rebuilt.
+n/procmail-3.22-x86_64-3.txz: Rebuilt.
+n/proftpd-1.3.6-x86_64-3.txz: Rebuilt.
+n/pssh-2.3.1-x86_64-3.txz: Rebuilt.
+n/rdist-6.1.5-x86_64-3.txz: Rebuilt.
+n/rp-pppoe-3.12-x86_64-2.txz: Rebuilt.
+n/rpcbind-0.2.4-x86_64-4.txz: Rebuilt.
+n/rsync-3.1.3-x86_64-2.txz: Rebuilt.
+n/samba-4.7.7-x86_64-1.txz: Upgraded.
+n/slrn-1.0.2-x86_64-2.txz: Rebuilt.
+n/snownews-1.5.12-x86_64-4.txz: Rebuilt.
+n/sshfs-2.10-x86_64-2.txz: Rebuilt.
+n/stunnel-5.44-x86_64-2.txz: Rebuilt.
+n/tcp_wrappers-7.6-x86_64-2.txz: Rebuilt.
+n/tcpdump-4.9.2-x86_64-2.txz: Rebuilt.
+n/telnet-0.17-x86_64-4.txz: Rebuilt.
+n/tftp-hpa-5.2-x86_64-4.txz: Rebuilt.
+n/tin-2.4.2-x86_64-3.txz: Rebuilt.
+n/traceroute-2.1.0-x86_64-2.txz: Rebuilt.
+n/ulogd-2.0.5-x86_64-3.txz: Rebuilt.
+n/uucp-1.07-x86_64-2.txz: Rebuilt.
+n/vlan-1.9-x86_64-3.txz: Rebuilt.
+n/vsftpd-3.0.3-x86_64-4.txz: Rebuilt.
+n/wget-1.19.4-x86_64-3.txz: Rebuilt.
+n/whois-5.3.0-x86_64-2.txz: Rebuilt.
+n/wireless_tools-29-x86_64-12.txz: Rebuilt.
+n/wpa_supplicant-2.6-x86_64-4.txz: Rebuilt.
+n/yptools-2.14-x86_64-10.txz: Rebuilt.
+n/ytalk-3.3.0-x86_64-4.txz: Rebuilt.
+n/zd1211-firmware-1.5-fw-2.txz: Rebuilt.
+t/fig2dev-3.2.7-x86_64-1.txz: Upgraded.
+t/texlive-2017.171108-x86_64-5.txz: Rebuilt.
+ Recompiled against poppler-0.64.0.
+t/xfig-3.2.7-x86_64-1.txz: Upgraded.
+tcl/expect-5.45.4-x86_64-2.txz: Rebuilt.
+tcl/hfsutils-3.2.6-x86_64-6.txz: Rebuilt.
+tcl/tcl-8.6.8-x86_64-3.txz: Rebuilt.
+tcl/tclx-8.4.1-x86_64-4.txz: Rebuilt.
+tcl/tix-8.4.3-x86_64-4.txz: Rebuilt.
+tcl/tk-8.6.8-x86_64-2.txz: Rebuilt.
+x/anthy-9100h-x86_64-2.txz: Rebuilt.
+x/appres-1.0.5-x86_64-2.txz: Rebuilt.
+x/bdftopcf-1.1-x86_64-2.txz: Rebuilt.
+x/beforelight-1.0.5-x86_64-3.txz: Rebuilt.
+x/bitmap-1.0.8-x86_64-3.txz: Rebuilt.
+x/compiz-0.8.8-x86_64-5.txz: Rebuilt.
+x/dejavu-fonts-ttf-2.37-noarch-3.txz: Rebuilt.
+x/editres-1.0.7-x86_64-2.txz: Rebuilt.
+x/encodings-1.0.4-noarch-2.txz: Rebuilt.
+x/font-adobe-100dpi-1.0.3-noarch-2.txz: Rebuilt.
+x/font-adobe-75dpi-1.0.3-noarch-2.txz: Rebuilt.
+x/font-adobe-utopia-100dpi-1.0.4-noarch-2.txz: Rebuilt.
+x/font-adobe-utopia-75dpi-1.0.4-noarch-2.txz: Rebuilt.
+x/font-adobe-utopia-type1-1.0.4-noarch-2.txz: Rebuilt.
+x/font-alias-1.0.3-noarch-2.txz: Rebuilt.
+x/font-arabic-misc-1.0.3-noarch-2.txz: Rebuilt.
+x/font-bh-100dpi-1.0.3-noarch-2.txz: Rebuilt.
+x/font-bh-75dpi-1.0.3-noarch-2.txz: Rebuilt.
+x/font-bh-lucidatypewriter-100dpi-1.0.3-noarch-2.txz: Rebuilt.
+x/font-bh-lucidatypewriter-75dpi-1.0.3-noarch-2.txz: Rebuilt.
+x/font-bh-ttf-1.0.3-noarch-2.txz: Rebuilt.
+x/font-bh-type1-1.0.3-noarch-2.txz: Rebuilt.
+x/font-bitstream-100dpi-1.0.3-noarch-2.txz: Rebuilt.
+x/font-bitstream-75dpi-1.0.3-noarch-2.txz: Rebuilt.
+x/font-bitstream-speedo-1.0.2-noarch-2.txz: Rebuilt.
+x/font-bitstream-type1-1.0.3-noarch-2.txz: Rebuilt.
+x/font-cronyx-cyrillic-1.0.3-noarch-2.txz: Rebuilt.
+x/font-cursor-misc-1.0.3-noarch-2.txz: Rebuilt.
+x/font-daewoo-misc-1.0.3-noarch-2.txz: Rebuilt.
+x/font-dec-misc-1.0.3-noarch-2.txz: Rebuilt.
+x/font-ibm-type1-1.0.3-noarch-2.txz: Rebuilt.
+x/font-isas-misc-1.0.3-noarch-2.txz: Rebuilt.
+x/font-jis-misc-1.0.3-noarch-2.txz: Rebuilt.
+x/font-micro-misc-1.0.3-noarch-2.txz: Rebuilt.
+x/font-misc-cyrillic-1.0.3-noarch-2.txz: Rebuilt.
+x/font-misc-ethiopic-1.0.3-noarch-2.txz: Rebuilt.
+x/font-misc-meltho-1.0.3-noarch-2.txz: Rebuilt.
+x/font-misc-misc-1.1.2-noarch-2.txz: Rebuilt.
+x/font-mutt-misc-1.0.3-noarch-2.txz: Rebuilt.
+x/font-schumacher-misc-1.1.2-noarch-2.txz: Rebuilt.
+x/font-screen-cyrillic-1.0.4-noarch-2.txz: Rebuilt.
+x/font-sony-misc-1.0.3-noarch-2.txz: Rebuilt.
+x/font-sun-misc-1.0.3-noarch-2.txz: Rebuilt.
+x/font-util-1.3.1-x86_64-3.txz: Rebuilt.
+x/font-winitzki-cyrillic-1.0.3-noarch-2.txz: Rebuilt.
+x/font-xfree86-type1-1.0.4-noarch-2.txz: Rebuilt.
+x/fontconfig-2.12.6-x86_64-2.txz: Rebuilt.
+x/fonttosfnt-1.0.4-x86_64-3.txz: Rebuilt.
+x/freeglut-3.0.0-x86_64-2.txz: Rebuilt.
+x/fslsfonts-1.0.5-x86_64-3.txz: Rebuilt.
+x/fstobdf-1.0.6-x86_64-3.txz: Rebuilt.
+x/gccmakedep-1.0.3-noarch-2.txz: Rebuilt.
+x/glew-2.1.0-x86_64-2.txz: Rebuilt.
+x/glu-9.0.0-x86_64-2.txz: Rebuilt.
+x/iceauth-1.0.8-x86_64-2.txz: Rebuilt.
+x/ico-1.0.5-x86_64-2.txz: Rebuilt.
+x/imake-1.0.7-x86_64-3.txz: Rebuilt.
+x/intel-gpu-tools-1.22-x86_64-2.txz: Rebuilt.
+x/intel-vaapi-driver-2.1.0-x86_64-2.txz: Rebuilt.
+x/libFS-1.0.7-x86_64-2.txz: Rebuilt.
+x/libICE-1.0.9-x86_64-3.txz: Rebuilt.
+x/libSM-1.2.2-x86_64-3.txz: Rebuilt.
+x/libX11-1.6.5-x86_64-2.txz: Rebuilt.
+x/libXScrnSaver-1.2.2-x86_64-3.txz: Rebuilt.
+x/libXau-1.0.8-x86_64-3.txz: Rebuilt.
+x/libXaw-1.0.13-x86_64-2.txz: Rebuilt.
+x/libXaw3d-1.6.2-x86_64-4.txz: Rebuilt.
+x/libXaw3dXft-1.6.2d-x86_64-3.txz: Rebuilt.
+x/libXcm-0.5.2-x86_64-3.txz: Rebuilt.
+x/libXcomposite-0.4.4-x86_64-3.txz: Rebuilt.
+x/libXcursor-1.1.15-x86_64-2.txz: Rebuilt.
+x/libXdamage-1.1.4-x86_64-3.txz: Rebuilt.
+x/libXdmcp-1.1.2-x86_64-3.txz: Rebuilt.
+x/libXevie-1.0.3-x86_64-3.txz: Rebuilt.
+x/libXext-1.3.3-x86_64-3.txz: Rebuilt.
+x/libXfixes-5.0.3-x86_64-2.txz: Rebuilt.
+x/libXfont2-2.0.3-x86_64-2.txz: Rebuilt.
+x/libXfontcache-1.0.5-x86_64-3.txz: Rebuilt.
+x/libXft-2.3.2-x86_64-4.txz: Rebuilt.
+x/libXi-1.7.9-x86_64-2.txz: Rebuilt.
+x/libXinerama-1.1.3-x86_64-3.txz: Rebuilt.
+x/libXmu-1.1.2-x86_64-3.txz: Rebuilt.
+x/libXp-1.0.3-x86_64-3.txz: Rebuilt.
+x/libXpm-3.5.12-x86_64-2.txz: Rebuilt.
+x/libXpresent-1.0.0-x86_64-2.txz: Rebuilt.
+x/libXrandr-1.5.1-x86_64-2.txz: Rebuilt.
+x/libXrender-0.9.10-x86_64-2.txz: Rebuilt.
+x/libXres-1.2.0-x86_64-2.txz: Rebuilt.
+x/libXt-1.1.5-x86_64-2.txz: Rebuilt.
+x/libXtst-1.2.3-x86_64-2.txz: Rebuilt.
+x/libXv-1.0.11-x86_64-2.txz: Rebuilt.
+x/libXvMC-1.0.10-x86_64-2.txz: Rebuilt.
+x/libXxf86dga-1.1.4-x86_64-3.txz: Rebuilt.
+x/libXxf86misc-1.0.3-x86_64-3.txz: Rebuilt.
+x/libXxf86vm-1.1.4-x86_64-3.txz: Rebuilt.
+x/libdmx-1.1.3-x86_64-3.txz: Rebuilt.
+x/libdrm-2.4.91-x86_64-2.txz: Rebuilt.
+x/libepoxy-1.4.3-x86_64-2.txz: Rebuilt.
+x/liberation-fonts-ttf-2.00.1-noarch-2.txz: Rebuilt.
+x/libevdev-1.5.9-x86_64-2.txz: Rebuilt.
+x/libfontenc-1.1.3-x86_64-2.txz: Rebuilt.
+x/libhangul-0.1.0-x86_64-2.txz: Rebuilt.
+x/libinput-1.10.4-x86_64-2.txz: Rebuilt.
+x/libpciaccess-0.14-x86_64-2.txz: Rebuilt.
+x/libpthread-stubs-0.4-noarch-2.txz: Rebuilt.
+x/libva-2.1.0-x86_64-2.txz: Rebuilt.
+x/libva-utils-2.1.0-x86_64-2.txz: Rebuilt.
+x/libvdpau-1.1.1-x86_64-2.txz: Rebuilt.
+x/libwacom-0.29-x86_64-2.txz: Rebuilt.
+x/libxcb-1.13-x86_64-2.txz: Rebuilt.
+x/libxkbfile-1.0.9-x86_64-2.txz: Rebuilt.
+x/libxshmfence-1.3-x86_64-2.txz: Rebuilt.
+x/listres-1.0.4-x86_64-2.txz: Rebuilt.
+x/lndir-1.0.3-x86_64-3.txz: Rebuilt.
+x/luit-1.1.1-x86_64-3.txz: Rebuilt.
+x/m17n-lib-1.8.0-x86_64-2.txz: Rebuilt.
+x/makedepend-1.0.5-x86_64-3.txz: Rebuilt.
+x/mesa-18.0.1-x86_64-1.txz: Upgraded.
+x/mkcomposecache-1.2.1-x86_64-3.txz: Rebuilt.
+x/mkfontdir-1.0.7-noarch-2.txz: Rebuilt.
+x/mkfontscale-1.1.3-x86_64-2.txz: Rebuilt.
+x/motif-2.3.8-x86_64-2.txz: Rebuilt.
+x/mtdev-1.1.5-x86_64-2.txz: Rebuilt.
+x/oclock-1.0.4-x86_64-2.txz: Rebuilt.
+x/pixman-0.34.0-x86_64-2.txz: Rebuilt.
+x/rendercheck-1.5-x86_64-2.txz: Rebuilt.
+x/rgb-1.0.6-x86_64-3.txz: Rebuilt.
+x/sazanami-fonts-ttf-20040629-noarch-2.txz: Rebuilt.
+x/scim-1.4.17-x86_64-2.txz: Rebuilt.
+x/scim-anthy-1.2.7-x86_64-2.txz: Rebuilt.
+x/scim-hangul-0.4.0-x86_64-2.txz: Rebuilt.
+x/scim-input-pad-0.1.3.1-x86_64-2.txz: Rebuilt.
+x/scim-m17n-0.2.3-x86_64-2.txz: Rebuilt.
+x/scim-pinyin-0.5.92-x86_64-2.txz: Rebuilt.
+x/scim-tables-0.5.14.1-x86_64-2.txz: Rebuilt.
+x/sessreg-1.1.1-x86_64-2.txz: Rebuilt.
+x/setxkbmap-1.3.1-x86_64-2.txz: Rebuilt.
+x/showfont-1.0.5-x86_64-3.txz: Rebuilt.
+x/sinhala_lklug-font-ttf-20060929-noarch-2.txz: Rebuilt.
+x/smproxy-1.0.6-x86_64-2.txz: Rebuilt.
+x/tibmachuni-font-ttf-1.901b-noarch-2.txz: Rebuilt.
+x/transset-1.0.2-x86_64-2.txz: Rebuilt.
+x/ttf-indic-fonts-0.5.14-noarch-2.txz: Rebuilt.
+x/ttf-tlwg-0.6.4-noarch-2.txz: Rebuilt.
+x/twm-1.0.10-x86_64-2.txz: Rebuilt.
+x/urw-core35-fonts-otf-20160712_79bcdfb_git-noarch-2.txz: Rebuilt.
+x/util-macros-1.19.2-noarch-2.txz: Rebuilt.
+x/viewres-1.0.5-x86_64-2.txz: Rebuilt.
+x/vulkan-sdk-1.1.70.0-x86_64-2.txz: Rebuilt.
+x/wqy-zenhei-font-ttf-0.8.38_1-noarch-5.txz: Rebuilt.
+x/x11-skel-7.7-x86_64-2.txz: Rebuilt.
+x/x11perf-1.6.0-x86_64-2.txz: Rebuilt.
+x/xauth-1.0.10-x86_64-2.txz: Rebuilt.
+x/xbacklight-1.2.2-x86_64-2.txz: Rebuilt.
+x/xbiff-1.0.3-x86_64-3.txz: Rebuilt.
+x/xbitmaps-1.1.2-x86_64-2.txz: Rebuilt.
+x/xcalc-1.0.6-x86_64-3.txz: Rebuilt.
+x/xcb-proto-1.13-x86_64-2.txz: Rebuilt.
+x/xcb-util-0.4.0-x86_64-3.txz: Rebuilt.
+x/xcb-util-cursor-0.1.3-x86_64-2.txz: Rebuilt.
+x/xcb-util-errors-1.0-x86_64-2.txz: Rebuilt.
+x/xcb-util-image-0.4.0-x86_64-3.txz: Rebuilt.
+x/xcb-util-keysyms-0.4.0-x86_64-3.txz: Rebuilt.
+x/xcb-util-renderutil-0.3.9-x86_64-3.txz: Rebuilt.
+x/xcb-util-wm-0.4.1-x86_64-3.txz: Rebuilt.
+x/xclipboard-1.1.3-x86_64-3.txz: Rebuilt.
+x/xclock-1.0.7-x86_64-3.txz: Rebuilt.
+x/xcm-0.5.2-x86_64-3.txz: Rebuilt.
+x/xcmsdb-1.0.5-x86_64-2.txz: Rebuilt.
+x/xcompmgr-1.1.7-x86_64-2.txz: Rebuilt.
+x/xconsole-1.0.7-x86_64-2.txz: Rebuilt.
+x/xcursor-themes-1.0.5-noarch-2.txz: Rebuilt.
+x/xcursorgen-1.0.6-x86_64-4.txz: Rebuilt.
+x/xdbedizzy-1.1.0-x86_64-3.txz: Rebuilt.
+x/xdg-user-dirs-0.15-x86_64-2.txz: Rebuilt.
+x/xdg-utils-1.1.2-noarch-2.txz: Rebuilt.
+x/xditview-1.0.4-x86_64-2.txz: Rebuilt.
+x/xdm-1.1.11-x86_64-8.txz: Rebuilt.
+x/xdpyinfo-1.3.2-x86_64-2.txz: Rebuilt.
+x/xdriinfo-1.0.6-x86_64-2.txz: Rebuilt.
+x/xedit-1.2.2-x86_64-3.txz: Rebuilt.
+x/xev-1.2.2-x86_64-2.txz: Rebuilt.
+x/xeyes-1.1.2-x86_64-2.txz: Rebuilt.
+x/xf86-input-acecad-1.5.0-x86_64-11.txz: Rebuilt.
+x/xf86-input-evdev-2.10.5-x86_64-2.txz: Rebuilt.
+x/xf86-input-joystick-1.6.3-x86_64-2.txz: Rebuilt.
+x/xf86-input-keyboard-1.9.0-x86_64-2.txz: Rebuilt.
+x/xf86-input-libinput-0.27.1-x86_64-2.txz: Rebuilt.
+x/xf86-input-mouse-1.9.2-x86_64-2.txz: Rebuilt.
+x/xf86-input-penmount-1.5.0-x86_64-11.txz: Rebuilt.
+x/xf86-input-synaptics-1.9.0-x86_64-2.txz: Rebuilt.
+x/xf86-input-vmmouse-13.1.0-x86_64-6.txz: Rebuilt.
+x/xf86-input-void-1.4.0-x86_64-11.txz: Rebuilt.
+x/xf86-input-wacom-0.36.1-x86_64-2.txz: Rebuilt.
+x/xf86-video-amdgpu-18.0.1-x86_64-2.txz: Rebuilt.
+x/xf86-video-apm-1.2.5-x86_64-10.txz: Rebuilt.
+x/xf86-video-ark-0.7.5-x86_64-10.txz: Rebuilt.
+x/xf86-video-ast-1.1.5-x86_64-4.txz: Rebuilt.
+x/xf86-video-ati-18.0.1-x86_64-2.txz: Rebuilt.
+x/xf86-video-chips-1.2.7-x86_64-2.txz: Rebuilt.
+x/xf86-video-cirrus-1.5.3-x86_64-4.txz: Rebuilt.
+x/xf86-video-dummy-0.3.8-x86_64-2.txz: Rebuilt.
+x/xf86-video-glint-1.2.9-x86_64-2.txz: Rebuilt.
+x/xf86-video-i128-1.3.6-x86_64-10.txz: Rebuilt.
+x/xf86-video-i740-1.3.6-x86_64-2.txz: Rebuilt.
+x/xf86-video-intel-git_20180206_aa36399c-x86_64-2.txz: Rebuilt.
+x/xf86-video-mach64-6.9.5-x86_64-4.txz: Rebuilt.
+x/xf86-video-mga-1.6.5-x86_64-2.txz: Rebuilt.
+x/xf86-video-neomagic-1.2.9-x86_64-4.txz: Rebuilt.
+x/xf86-video-nouveau-1.0.15-x86_64-2.txz: Rebuilt.
+x/xf86-video-nv-2.1.21-x86_64-2.txz: Rebuilt.
+x/xf86-video-openchrome-0.6.0-x86_64-2.txz: Rebuilt.
+x/xf86-video-r128-6.10.2-x86_64-2.txz: Rebuilt.
+x/xf86-video-rendition-4.2.6-x86_64-3.txz: Rebuilt.
+x/xf86-video-s3-0.6.5-x86_64-10.txz: Rebuilt.
+x/xf86-video-s3virge-1.10.7-x86_64-4.txz: Rebuilt.
+x/xf86-video-savage-2.3.9-x86_64-2.txz: Rebuilt.
+x/xf86-video-siliconmotion-1.7.9-x86_64-2.txz: Rebuilt.
+x/xf86-video-sis-0.10.9-x86_64-2.txz: Rebuilt.
+x/xf86-video-sisusb-0.9.7-x86_64-2.txz: Rebuilt.
+x/xf86-video-tdfx-1.4.7-x86_64-2.txz: Rebuilt.
+x/xf86-video-tga-1.2.2-x86_64-10.txz: Rebuilt.
+x/xf86-video-trident-1.3.8-x86_64-2.txz: Rebuilt.
+x/xf86-video-tseng-1.2.5-x86_64-10.txz: Rebuilt.
+x/xf86-video-v4l-0.2.0-x86_64-15.txz: Rebuilt.
+x/xf86-video-vboxvideo-1.0.0-x86_64-2.txz: Rebuilt.
+x/xf86-video-vesa-2.4.0-x86_64-2.txz: Rebuilt.
+x/xf86-video-vmware-13.2.1-x86_64-6.txz: Rebuilt.
+x/xf86-video-voodoo-1.2.5-x86_64-11.txz: Rebuilt.
+x/xf86dga-1.0.3-x86_64-3.txz: Rebuilt.
+x/xfd-1.1.2-x86_64-3.txz: Rebuilt.
+x/xfontsel-1.0.6-x86_64-2.txz: Rebuilt.
+x/xfs-1.2.0-x86_64-2.txz: Rebuilt.
+x/xfsinfo-1.0.5-x86_64-3.txz: Rebuilt.
+x/xgamma-1.0.6-x86_64-2.txz: Rebuilt.
+x/xgc-1.0.5-x86_64-2.txz: Rebuilt.
+x/xhost-1.0.7-x86_64-2.txz: Rebuilt.
+x/xinit-1.4.0-x86_64-2.txz: Rebuilt.
+x/xinput-1.6.2-x86_64-2.txz: Rebuilt.
+x/xkbcomp-1.4.1-x86_64-2.txz: Rebuilt.
+x/xkbevd-1.1.4-x86_64-2.txz: Rebuilt.
+x/xkbprint-1.0.4-x86_64-2.txz: Rebuilt.
+x/xkbutils-1.0.4-x86_64-3.txz: Rebuilt.
+x/xkeyboard-config-2.22-noarch-2.txz: Rebuilt.
+x/xkill-1.0.5-x86_64-2.txz: Rebuilt.
+x/xload-1.1.3-x86_64-2.txz: Rebuilt.
+x/xlogo-1.0.4-x86_64-3.txz: Rebuilt.
+x/xlsatoms-1.1.2-x86_64-2.txz: Rebuilt.
+x/xlsclients-1.1.4-x86_64-2.txz: Rebuilt.
+x/xlsfonts-1.0.6-x86_64-2.txz: Rebuilt.
+x/xmag-1.0.6-x86_64-2.txz: Rebuilt.
+x/xman-1.1.4-x86_64-3.txz: Rebuilt.
+x/xmessage-1.0.5-x86_64-2.txz: Rebuilt.
+x/xmh-1.0.3-x86_64-2.txz: Rebuilt.
+x/xmodmap-1.0.9-x86_64-2.txz: Rebuilt.
+x/xmore-1.0.2-x86_64-3.txz: Rebuilt.
+x/xorg-cf-files-1.0.6-x86_64-3.txz: Rebuilt.
+x/xorg-docs-1.7.1-noarch-2.txz: Rebuilt.
+x/xorg-server-1.19.6-x86_64-3.txz: Rebuilt.
+x/xorg-server-xephyr-1.19.6-x86_64-3.txz: Rebuilt.
+x/xorg-server-xnest-1.19.6-x86_64-3.txz: Rebuilt.
+x/xorg-server-xvfb-1.19.6-x86_64-3.txz: Rebuilt.
+x/xorg-sgml-doctools-1.11-x86_64-3.txz: Rebuilt.
+x/xorgproto-2018.4-x86_64-3.txz: Rebuilt.
+x/xpr-1.0.5-x86_64-2.txz: Rebuilt.
+x/xprop-1.2.3-x86_64-2.txz: Rebuilt.
+x/xpyb-1.3.1-x86_64-5.txz: Rebuilt.
+x/xrandr-1.5.0-x86_64-2.txz: Rebuilt.
+x/xrdb-1.1.1-x86_64-2.txz: Rebuilt.
+x/xrefresh-1.0.6-x86_64-2.txz: Rebuilt.
+x/xscope-1.4.1-x86_64-3.txz: Rebuilt.
+x/xset-1.2.4-x86_64-2.txz: Rebuilt.
+x/xsetroot-1.1.2-x86_64-2.txz: Rebuilt.
+x/xsm-1.0.4-x86_64-2.txz: Rebuilt.
+x/xstdcmap-1.0.3-x86_64-3.txz: Rebuilt.
+x/xterm-332-x86_64-1.txz: Upgraded.
+x/xtrans-1.3.5-noarch-2.txz: Rebuilt.
+x/xvidtune-1.0.3-x86_64-3.txz: Rebuilt.
+x/xvinfo-1.1.3-x86_64-2.txz: Rebuilt.
+x/xwd-1.0.7-x86_64-2.txz: Rebuilt.
+x/xwininfo-1.1.4-x86_64-2.txz: Rebuilt.
+x/xwud-1.0.5-x86_64-2.txz: Rebuilt.
+xap/MPlayer-20180208-x86_64-3.txz: Rebuilt.
+xap/audacious-3.9-x86_64-2.txz: Rebuilt.
+xap/audacious-plugins-3.9-x86_64-4.txz: Rebuilt.
+xap/blackbox-0.70.1-x86_64-8.txz: Rebuilt.
+xap/blueman-2.0.5-x86_64-2.txz: Rebuilt.
+xap/ddd-3.3.12-x86_64-6.txz: Rebuilt.
+xap/easytag-2.4.2-x86_64-2.txz: Rebuilt.
+xap/electricsheep-20090306-x86_64-5.txz: Rebuilt.
+xap/fluxbox-1.3.7-x86_64-3.txz: Rebuilt.
+xap/fvwm-2.6.7-x86_64-4.txz: Rebuilt.
+xap/geeqie-1.4-x86_64-2.txz: Rebuilt.
+xap/gftp-2.0.19-x86_64-6.txz: Rebuilt.
+xap/gimp-2.8.22-x86_64-2.txz: Rebuilt.
+xap/gkrellm-2.3.10-x86_64-3.txz: Rebuilt.
+xap/gnuchess-6.2.5-x86_64-2.txz: Rebuilt.
+xap/gnuplot-5.2.2-x86_64-2.txz: Rebuilt.
+xap/gparted-0.31.0-x86_64-2.txz: Rebuilt.
+xap/gucharmap-10.0.3-x86_64-2.txz: Rebuilt.
+xap/gv-3.7.4-x86_64-2.txz: Rebuilt.
+xap/hexchat-2.14.1-x86_64-2.txz: Rebuilt.
+ Recompiled against perl-5.26.2.
+xap/mozilla-firefox-59.0.2-x86_64-2.txz: Rebuilt.
+xap/mozilla-thunderbird-52.7.0-x86_64-2.txz: Rebuilt.
+xap/network-manager-applet-1.8.10-x86_64-5.txz: Rebuilt.
+xap/pan-0.143-x86_64-4.txz: Rebuilt.
+xap/pavucontrol-3.0-x86_64-2.txz: Rebuilt.
+xap/pidgin-2.13.0-x86_64-2.txz: Rebuilt.
+xap/rdesktop-1.8.3-x86_64-2.txz: Rebuilt.
+xap/rxvt-unicode-9.22-x86_64-4.txz: Rebuilt.
+xap/sane-1.0.27-x86_64-2.txz: Rebuilt.
+xap/seamonkey-2.49.2-x86_64-2.txz: Rebuilt.
+xap/seyon-2.20c-x86_64-4.txz: Rebuilt.
+xap/vim-gvim-8.0.1733-x86_64-1.txz: Upgraded.
+ Recompiled against perl-5.26.2.
+xap/windowmaker-0.95.8-x86_64-2.txz: Rebuilt.
+xap/x11-ssh-askpass-1.2.4.1-x86_64-3.txz: Rebuilt.
+xap/x3270-3.3.12ga7-x86_64-3.txz: Rebuilt.
+xap/xaos-3.6-x86_64-2.txz: Rebuilt.
+xap/xfractint-20.04p13-x86_64-2.txz: Rebuilt.
+xap/xgames-0.3-x86_64-5.txz: Rebuilt.
+xap/xine-lib-1.2.9-x86_64-2.txz: Rebuilt.
+xap/xine-ui-0.99.10-x86_64-2.txz: Rebuilt.
+xap/xlockmore-5.54-x86_64-3.txz: Rebuilt.
+xap/xmms-1.2.11-x86_64-6.txz: Rebuilt.
+xap/xpaint-2.10.2-x86_64-2.txz: Rebuilt.
+xap/xpdf-4.00-x86_64-3.txz: Rebuilt.
+xap/xsane-0.999-x86_64-2.txz: Rebuilt.
+xap/xscreensaver-5.39-x86_64-1.txz: Upgraded.
+xap/xv-3.10a-x86_64-9.txz: Rebuilt.
+xfce/Thunar-1.6.15-x86_64-2.txz: Rebuilt.
+xfce/exo-0.12.0-x86_64-2.txz: Rebuilt.
+xfce/garcon-0.6.1-x86_64-2.txz: Rebuilt.
+xfce/gtk-xfce-engine-2.10.1-x86_64-3.txz: Rebuilt.
+xfce/libxfce4ui-4.12.1-x86_64-3.txz: Rebuilt.
+xfce/libxfce4util-4.12.1-x86_64-4.txz: Rebuilt.
+xfce/orage-4.12.1-x86_64-5.txz: Rebuilt.
+xfce/thunar-volman-0.8.1-x86_64-3.txz: Rebuilt.
+xfce/tumbler-0.2.1-x86_64-2.txz: Rebuilt.
+ Recompiled against poppler-0.64.0.
+xfce/xfce4-appfinder-4.12.0-x86_64-3.txz: Rebuilt.
+xfce/xfce4-clipman-plugin-1.4.2-x86_64-2.txz: Rebuilt.
+xfce/xfce4-dev-tools-4.12.0-x86_64-3.txz: Rebuilt.
+xfce/xfce4-notifyd-0.4.2-x86_64-2.txz: Rebuilt.
+xfce/xfce4-panel-4.12.2-x86_64-2.txz: Rebuilt.
+xfce/xfce4-power-manager-1.4.4-x86_64-5.txz: Rebuilt.
+xfce/xfce4-pulseaudio-plugin-0.4.0-x86_64-2.txz: Rebuilt.
+xfce/xfce4-screenshooter-1.8.2-x86_64-5.txz: Rebuilt.
+xfce/xfce4-session-4.12.1-x86_64-3.txz: Rebuilt.
+xfce/xfce4-settings-4.12.2-x86_64-2.txz: Rebuilt.
+xfce/xfce4-systemload-plugin-1.2.1-x86_64-2.txz: Rebuilt.
+ Patched to fix tooltips. Thanks to Rod3775.
+xfce/xfce4-taskmanager-1.2.0-x86_64-2.txz: Rebuilt.
+xfce/xfce4-terminal-0.8.7.3-x86_64-2.txz: Rebuilt.
+xfce/xfce4-weather-plugin-0.8.10-x86_64-4.txz: Rebuilt.
+xfce/xfconf-4.12.1-x86_64-2.txz: Rebuilt.
+xfce/xfdesktop-4.12.4-x86_64-2.txz: Rebuilt.
+xfce/xfwm4-4.12.4-x86_64-2.txz: Rebuilt.
+y/bsd-games-2.13-x86_64-13.txz: Rebuilt.
+extra/aspell-word-lists/aspell-el-0.08_0-x86_64-1.txz: Upgraded.
+extra/aspell-word-lists/aspell-hus-0.03_1-x86_64-1.txz: Added.
+extra/aspell-word-lists/aspell-kn-0.01_1-x86_64-1.txz: Added.
+extra/fltk/fltk-1.3.4_2-x86_64-1.txz: Upgraded.
+extra/mplayerplug-in/mplayerplug-in-3.55-x86_64-1.txz: Removed.
+extra/tigervnc/tigervnc-1.8.0-x86_64-4.txz: Rebuilt.
isolinux/initrd.img: Rebuilt.
-kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Wed May 11 05:20:01 UTC 2016
-a/dcron-4.5-x86_64-5.txz: Rebuilt.
- Patched bug where cron.update is not picked up while jobs are still running.
- Thanks to Jeroen Hendriks.
-ap/lxc-2.0.0-x86_64-4.txz: Rebuilt.
- Applied "[PATCH] cgfsng: don't require that systemd subsystem be mounted".
- Thanks to Johannes Schöpfer.
-ap/moc-2.5.1-x86_64-1.txz: Upgraded.
-ap/slackpkg-2.82.1-noarch-1.txz: Upgraded.
- Updated x86* mirrors lists for Slackware 14.2.
-n/openvpn-2.3.11-x86_64-1.txz: Upgraded.
-x/mesa-11.2.2-x86_64-1.txz: Upgraded.
-xap/imagemagick-6.9.4_1-x86_64-1.txz: Upgraded.
- This release addresses several security issues in ImageMagick, including:
- Insufficient shell characters filtering allows code execution (CVE-2016-3714)
- Server Side Request Forgery (CVE-2016-3718)
- File deletion (CVE-2016-3715)
- File moving (CVE-2016-3716)
- Local file read (CVE-2016-3717)
- In addition, the default policy.xml config file has been modified to disable
- all of the previously vulnerable coders, and to disable indirect reads.
- For more information, see:
- https://imagetragick.com
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3714
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3718
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3715
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3716
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3717
- (* Security fix *)
-+--------------------------+
-Thu May 5 05:17:19 UTC 2016
-a/kernel-generic-4.4.9-x86_64-1.txz: Upgraded.
-a/kernel-huge-4.4.9-x86_64-1.txz: Upgraded.
-a/kernel-modules-4.4.9-x86_64-1.txz: Upgraded.
-a/sysvinit-scripts-2.0-noarch-31.txz: Rebuilt.
- In rc.M, bluetooth must start before NetworkManager (like it did in Slackware
- 14.1) in order to enable bluetooth networking. Thanks to James Marca.
-ap/lxc-2.0.0-x86_64-3.txz: Rebuilt.
- Merged rc.M changes.
-d/kernel-headers-4.4.9-x86-1.txz: Upgraded.
-k/kernel-source-4.4.9-noarch-1.txz: Upgraded.
-n/mutt-1.6.1-x86_64-1.txz: Upgraded.
+Thu Apr 12 23:00:51 UTC 2018
+a/aaa_base-14.2-x86_64-3.txz: Rebuilt.
+ If the system is running -current, append a "+" to /etc/slackware-version.
+ Identify the system as stable or current in /etc/os-release by setting
+ VERSION_CODENAME to either stable or current. In PRETTY_NAME, really
+ spell it out, e.g: PRETTY_NAME="Slackware 14.2 (pre-15.0 -current)"
+a/kernel-generic-4.14.34-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.34-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.34-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.34-x86-1.txz: Upgraded.
+k/kernel-source-4.14.34-noarch-1.txz: Upgraded.
+ SND_HDA_INPUT_BEEP n -> y
+ +SND_HDA_INPUT_BEEP_MODE 0
+ Thanks to GazL.
+l/cairo-1.15.12-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Wed May 4 19:24:29 UTC 2016
-ap/hplip-3.16.5-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-45.1.1esr-x86_64-1.txz: Upgraded.
+Wed Apr 11 20:38:06 UTC 2018
+a/lbzip2-2.5-x86_64-1.txz: Added.
+a/pkgtools-15.0-noarch-7.txz: Rebuilt.
+ explodepkg: support parallel bzip2 (lbzip2). Thanks to ruario.
+ installpkg: support parallel bzip2 (lbzip2). Thanks to ruario.
+ makepkg: support parallel bzip2 (lbzip2). Thanks to ruario.
+ pkgdiff: added tool to compare the file contents of two packages.
+ap/sqlite-3.23.1-x86_64-1.txz: Upgraded.
+l/libzip-1.5.1-x86_64-1.txz: Upgraded.
+l/mozilla-nss-3.36.1-x86_64-1.txz: Upgraded.
+n/libgpg-error-1.29-x86_64-1.txz: Upgraded.
++--------------------------+
+Tue Apr 10 23:38:57 UTC 2018
+a/procps-ng-3.3.14-x86_64-1.txz: Upgraded.
+ap/htop-2.2.0-x86_64-1.txz: Upgraded.
+l/vte-0.52.1-x86_64-1.txz: Upgraded.
+n/gnupg2-2.2.6-x86_64-1.txz: Upgraded.
+x/xf86-input-libinput-0.27.1-x86_64-1.txz: Upgraded.
++--------------------------+
+Mon Apr 9 23:03:06 UTC 2018
+l/gobject-introspection-1.56.1-x86_64-1.txz: Upgraded.
+l/gvfs-1.36.1-x86_64-1.txz: Upgraded.
+l/libsoup-2.62.1-x86_64-1.txz: Upgraded.
+n/wireless-tools-29-x86_64-10.txz: Removed.
+n/wireless_tools-29-x86_64-11.txz: Added.
+ Renamed package to match upstream tarball name.
+x/libinput-1.10.4-x86_64-1.txz: Upgraded.
++--------------------------+
+Sun Apr 8 22:22:25 UTC 2018
+a/kernel-firmware-20180329_8c1e439-noarch-1.txz: Upgraded.
+a/kernel-generic-4.14.33-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.33-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.33-x86_64-1.txz: Upgraded.
+d/ccache-3.4.2-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.33-x86-1.txz: Upgraded.
+k/kernel-source-4.14.33-noarch-1.txz: Upgraded.
+ FAT_DEFAULT_UTF8 n -> y
+ Thanks to USUARIONUEVO.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Tue May 3 20:30:53 UTC 2016
-a/openssl-solibs-1.0.2h-x86_64-1.txz: Upgraded.
-n/bind-9.10.4-x86_64-1.txz: Upgraded.
-n/openssl-1.0.2h-x86_64-1.txz: Upgraded.
- This update fixes the following security issues:
- Memory corruption in the ASN.1 encoder (CVE-2016-2108)
- Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
- EVP_EncodeUpdate overflow (CVE-2016-2105)
- EVP_EncryptUpdate overflow (CVE-2016-2106)
- ASN.1 BIO excessive memory allocation (CVE-2016-2109)
- EBCDIC overread (CVE-2016-2176)
- For more information, see:
- https://www.openssl.org/news/secadv/20160503.txt
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2107
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2105
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2106
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2109
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2176
- (* Security fix *)
-xap/hexchat-2.12.1-x86_64-1.txz: Upgraded.
-testing/packages/tmux-2.2-x86_64-1.txz: Added.
- For those using a UTF8 locale, I'm adding back the latest tmux in /testing.
- Most likely we'll throw the switch on "UTF8 by default" shortly into the
- next development cycle, but now isn't the time for it.
-+--------------------------+
-Mon May 2 19:42:54 UTC 2016
-ap/tmux-2.1-x86_64-2.txz: Rebuilt.
- Reverted to tmux-2.1, because tmux-2.2 has dropped support for non-UTF8
- character sets "since supporting multiple character sets is a pain".
- Thanks to Dan Church for the bug report.
-d/mercurial-3.8.1-x86_64-1.txz: Upgraded.
- This update fixes possible arbitrary code execution when converting Git
- repos. Mercurial prior to 3.8 allowed arbitrary code execution when using
- the convert extension on Git repos with hostile names. This could affect
- automated code conversion services that allow arbitrary repository names.
- This is a further side-effect of Git CVE-2015-7545.
- Reported and fixed by Blake Burkhart.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3105
- (* Security fix *)
-l/icu4c-56.1-x86_64-2.txz: Rebuilt.
- Patched pkgdata crash when using "-m". Thanks to Fabio Bas.
-l/librsvg-2.40.15-x86_64-2.txz: Rebuilt.
- Reverted upstream patch that broke the rsvg-convert scaling functionality.
- Thanks to haary.
-n/samba-4.4.3-x86_64-1.txz: Upgraded.
-xap/imagemagick-6.9.3_9-x86_64-1.txz: Upgraded.
-+--------------------------+
-Sat Apr 30 20:28:33 UTC 2016
-a/aaa_elflibs-14.2-x86_64-13.txz: Rebuilt.
-a/lvm2-2.02.152-x86_64-1.txz: Upgraded.
-ap/gphoto2-2.5.10-x86_64-1.txz: Upgraded.
-ap/mariadb-10.0.25-x86_64-1.txz: Upgraded.
-ap/vim-7.4.1811-x86_64-1.txz: Upgraded.
-d/git-2.8.2-x86_64-1.txz: Upgraded.
-d/ruby-2.2.5-x86_64-1.txz: Upgraded.
-d/subversion-1.9.4-x86_64-1.txz: Upgraded.
- This release fixes two security issues:
- CVE-2016-2167: svnserve/sasl may authenticate users using the wrong realm.
- CVE-2016-2168: Remotely triggerable DoS vulnerability in mod_authz_svn
- during COPY/MOVE authorization check.
- For more information, see:
- http://subversion.apache.org/security/CVE-2016-2167-advisory.txt
- http://subversion.apache.org/security/CVE-2016-2168-advisory.txt
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2167
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2168
- (* Security fix *)
-l/libgphoto2-2.5.10-x86_64-1.txz: Upgraded.
-n/whois-5.2.12-x86_64-1.txz: Upgraded.
-n/yptools-2.14-x86_64-6.txz: Rebuilt.
- Don't remove unmerged .new config files. Thanks to christian laubscher.
-x/xf86-input-evdev-2.10.2-x86_64-1.txz: Upgraded.
-xap/vim-gvim-7.4.1811-x86_64-1.txz: Upgraded.
-+--------------------------+
-Sat Apr 30 05:51:33 UTC 2016
-d/perl-5.22.2-x86_64-1.txz: Upgraded.
-+--------------------------+
-Fri Apr 29 20:54:01 UTC 2016
-ap/cups-filters-1.8.3-x86_64-2.txz: Rebuilt.
- Recompiled against poppler-0.43.0.
-kde/calligra-2.9.11-x86_64-3.txz: Rebuilt.
- Recompiled against poppler-0.43.0.
-l/poppler-0.43.0-x86_64-1.txz: Upgraded.
+Sun Apr 8 03:39:55 UTC 2018
+ap/joe-4.6-x86_64-1.txz: Upgraded.
+l/gdk-pixbuf2-2.36.12-x86_64-1.txz: Upgraded.
+n/bluez-5.49-x86_64-2.txz: Rebuilt.
+ Patched to fix bluetoothd crashes. Thanks to SeB.
++--------------------------+
+Sat Apr 7 21:00:57 UTC 2018
+a/btrfs-progs-v4.16-x86_64-1.txz: Upgraded.
+ap/sysstat-11.6.3-x86_64-1.txz: Upgraded.
+kde/kdev-python-1.7.3-x86_64-2.txz: Rebuilt.
+ Make shared libraries executable.
+l/exiv2-0.26-x86_64-2.txz: Rebuilt.
+ Make shared libraries executable.
+l/glib-1.2.10-x86_64-5.txz: Rebuilt.
+ Make shared libraries executable.
+l/glib2-2.56.1-x86_64-1.txz: Upgraded.
+l/pango-1.42.1-x86_64-1.txz: Upgraded.
+l/slang-2.3.2-x86_64-2.txz: Rebuilt.
+ Make shared libraries executable.
+n/dhcpcd-7.0.3-x86_64-1.txz: Upgraded.
+xfce/libxfce4util-4.12.1-x86_64-3.txz: Rebuilt.
+ Make shared libraries executable.
++--------------------------+
+Fri Apr 6 20:47:43 UTC 2018
+a/patch-2.7.6-x86_64-2.txz: Rebuilt.
+ Fix arbitrary shell execution possible with obsolete ed format patches.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000156
+ (* Security fix *)
+d/strace-4.22-x86_64-1.txz: Upgraded.
+xfce/Thunar-1.6.15-x86_64-1.txz: Upgraded.
++--------------------------+
+Thu Apr 5 21:21:24 UTC 2018
+a/procps-ng-3.3.13-x86_64-1.txz: Upgraded.
+ap/man-db-2.8.3-x86_64-1.txz: Upgraded.
+d/git-2.17.0-x86_64-1.txz: Upgraded.
+l/python-pillow-5.1.0-x86_64-1.txz: Upgraded.
+n/openssh-7.7p1-x86_64-2.txz: Rebuilt.
+ Restored tcp_wrappers support. Thanks to ecd102 for the patch.
++--------------------------+
+Wed Apr 4 22:07:03 UTC 2018
+l/alsa-lib-1.1.6-x86_64-2.txz: Rebuilt.
+ Restored missing mixer modules.
++--------------------------+
+Wed Apr 4 21:12:00 UTC 2018
+ap/alsa-utils-1.1.6-x86_64-1.txz: Upgraded.
+d/mercurial-4.5.3-x86_64-1.txz: Upgraded.
+l/alsa-lib-1.1.6-x86_64-1.txz: Upgraded.
+l/alsa-oss-1.1.6-x86_64-1.txz: Upgraded.
+l/alsa-plugins-1.1.6-x86_64-1.txz: Upgraded.
+l/gvfs-1.36.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Wed Apr 4 00:16:40 UTC 2018
+a/pkgtools-15.0-noarch-6.txz: Rebuilt.
+ pkgtool: don't use LANG=C.
+ installpkg: don't use LANG=C, but set LC_ALL=C prior to running dd (where we
+ need to parse the output) and sort (where we need predictable collation).
+ap/cups-filters-1.20.2-x86_64-1.txz: Upgraded.
+ap/sqlite-3.23.0-x86_64-1.txz: Upgraded.
+l/adwaita-icon-theme-3.28.0-noarch-1.txz: Upgraded.
+l/at-spi2-atk-2.26.2-x86_64-1.txz: Upgraded.
+l/at-spi2-core-2.28.0-x86_64-1.txz: Upgraded.
+l/atk-2.28.1-x86_64-1.txz: Upgraded.
+l/gcr-3.28.0-x86_64-1.txz: Upgraded.
+l/glib-networking-2.56.0-x86_64-1.txz: Upgraded.
+l/glib2-2.56.0-x86_64-1.txz: Upgraded.
+l/gnome-keyring-3.28.0.2-x86_64-1.txz: Upgraded.
+l/gobject-introspection-1.56.0-x86_64-1.txz: Upgraded.
+l/gsettings-desktop-schemas-3.28.0-x86_64-1.txz: Upgraded.
+l/gtk+3-3.22.29-x86_64-1.txz: Upgraded.
+l/libsecret-0.18.6-x86_64-1.txz: Upgraded.
+l/libsoup-2.62.0-x86_64-1.txz: Upgraded.
+l/pango-1.42.0-x86_64-1.txz: Upgraded.
+l/pygobject3-3.28.2-x86_64-1.txz: Upgraded.
+l/vte-0.52.0-x86_64-1.txz: Upgraded.
+n/getmail-5.6-x86_64-1.txz: Upgraded.
+n/iproute2-4.16.0-x86_64-1.txz: Upgraded.
+n/openssh-7.7p1-x86_64-1.txz: Upgraded.
+ The patch to restore tcp_wrappers no longer works (applies, but breaks
+ incoming connections), so tcp_wrappers is no longer supported. This support
+ was dropped by upstream years ago, and there are many better ways to filter
+ incoming ports since the days when tcp_wrappers was the only choice.
+ There is very little chance that we will try to add support for tcp_wrappers
+ again here. Migrate to a better port filtering solution (e.g., iptables or
+ nftables), or (I suppose) you could try asking for the support to be
+ reinstated upstream. ;-)
+xap/rxvt-unicode-9.22-x86_64-3.txz: Rebuilt.
+ Don't modify the default terminfo definitions. Thanks to GazL.
++--------------------------+
+Sun Apr 1 21:05:03 UTC 2018
+a/aaa_terminfo-6.1-x86_64-3.txz: Rebuilt.
+a/sed-4.5-x86_64-1.txz: Upgraded.
+ap/lsof-4.91-x86_64-1.txz: Upgraded.
+ap/vim-8.0.1655-x86_64-1.txz: Upgraded.
+kde/konsole-4.14.3-x86_64-4.txz: Rebuilt.
+ Use TERM=konsole.
+l/libidn-1.34-x86_64-1.txz: Upgraded.
+ This update fixes security issues:
+ Fix integer overflow in combine_hangul()
+ Fix integer overflow in punycode decoder
+ Fix NULL pointer dereference in g_utf8_normalize()
+ Fix NULL pointer dereference in stringprep_ucs4_nfkc_normalize()
+ (* Security fix *)
+l/ncurses-6.1_20180324-x86_64-3.txz: Upgraded.
+ Use unmodified upstream terminfo definitions rather than break a feature
+ of the xterm-new definition for the benefit of a program that can't pick
+ the right TERM= setting. Thanks to GazL.
+xap/rxvt-unicode-9.22-x86_64-2.txz: Rebuilt.
+ In the urxvt terminfo definitions, set kbs=^H.
+xap/vim-gvim-8.0.1655-x86_64-1.txz: Upgraded.
+extra/brltty/brltty-5.6-x86_64-1.txz: Upgraded.
++--------------------------+
+Sun Apr 1 02:53:26 UTC 2018
+a/aaa_terminfo-6.1-x86_64-2.txz: Rebuilt.
+a/kernel-firmware-20180330_a3be6d4-noarch-1.txz: Upgraded.
+a/kernel-generic-4.14.32-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.32-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.32-x86_64-1.txz: Upgraded.
+ap/cups-filters-1.20.1-x86_64-3.txz: Rebuilt.
+ Recompiled against poppler-0.63.0.
+ap/sqlite-3.22.0-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-61.1.
+d/kernel-headers-4.14.32-x86-1.txz: Upgraded.
+d/rust-1.25.0-x86_64-1.txz: Upgraded.
+d/subversion-1.9.7-x86_64-4.txz: Rebuilt.
+ Recompiled against icu4c-61.1.
+k/kernel-source-4.14.32-noarch-1.txz: Upgraded.
+kde/calligra-2.9.11-x86_64-19.txz: Rebuilt.
+ Recompiled against icu4c-61.1 and poppler-0.63.0.
+l/apr-util-1.6.1-x86_64-5.txz: Rebuilt.
+ Recompiled against icu4c-61.1.
+l/boost-1.66.0-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-61.1.
+l/gvfs-1.34.2.1-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-61.1.
+l/harfbuzz-1.7.6-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-61.1.
+l/icu4c-61.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
-n/ntp-4.2.8p7-x86_64-1.txz: Upgraded.
- This release patches several low and medium severity security issues:
- CVE-2016-1551: Refclock impersonation vulnerability, AKA: refclock-peering
- CVE-2016-1549: Sybil vulnerability: ephemeral association attack,
- AKA: ntp-sybil - MITIGATION ONLY
- CVE-2016-2516: Duplicate IPs on unconfig directives will cause an assertion
- botch
- CVE-2016-2517: Remote configuration trustedkey/requestkey values are not
- properly validated
- CVE-2016-2518: Crafted addpeer with hmode > 7 causes array wraparound with
- MATCH_ASSOC
- CVE-2016-2519: ctl_getitem() return value not always checked
- CVE-2016-1547: Validate crypto-NAKs, AKA: nak-dos
- CVE-2016-1548: Interleave-pivot - MITIGATION ONLY
- CVE-2015-7704: KoD fix: peer associations were broken by the fix for
- NtpBug2901, AKA: Symmetric active/passive mode is broken
- CVE-2015-8138: Zero Origin Timestamp Bypass, AKA: Additional KoD Checks
- CVE-2016-1550: Improve NTP security against buffer comparison timing attacks,
- authdecrypt-timing, AKA: authdecrypt-timing
- For more information, see:
- http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8138
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1547
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1548
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1549
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1550
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1551
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2516
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2517
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2518
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2519
- (* Security fix *)
-n/php-5.6.21-x86_64-1.txz: Upgraded.
- This release fixes bugs and security issues.
+l/libgpod-0.8.3-x86_64-4.txz: Rebuilt.
+ Recompiled against icu4c-61.1.
+l/libical-3.0.1-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-61.1.
+l/libvisio-0.1.6-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-61.1.
+l/ncurses-6.1_20180324-x86_64-2.txz: Rebuilt.
+ Removed "rep=%p1%c\E[%p2%{1}%-%db," from the xterm-new definition. It was not
+ present in the xterm-new definition shipped in Slackware 14.2 and is causing
+ problems with dialog.
+l/poppler-0.63.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/raptor2-2.0.15-x86_64-4.txz: Rebuilt.
+ Recompiled against icu4c-61.1.
+n/NetworkManager-1.10.6-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-61.1.
+n/dovecot-2.3.1-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-61.1.
+n/httpd-2.4.33-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-61.1.
+n/php-7.2.4-x86_64-1.txz: Upgraded.
+ This update fixes a security issue where sensitive data belonging to other
+ accounts might be accessed by a local user.
+ For more information, see:
+ http://bugs.php.net/75605
+ (* Security fix *)
+ Compiled against icu4c-61.1.
+n/postfix-3.3.0-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-61.1.
+n/tin-2.4.2-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-61.1.
+t/texlive-2017.171108-x86_64-4.txz: Rebuilt.
+ Recompiled against icu4c-61.1.
+xap/network-manager-applet-1.8.10-x86_64-4.txz: Rebuilt.
+ Recompiled against icu4c-61.1.
+xap/rxvt-2.7.10-x86_64-5.txz: Removed.
+xap/rxvt-unicode-9.22-x86_64-1.txz: Added.
+ Thanks to MadMaverick9 for the utempter support patch.
+xfce/tumbler-0.2.1-x86_64-1.txz: Upgraded.
+ Compiled against poppler-0.63.0.
+xfce/xfce4-screenshooter-1.8.2-x86_64-4.txz: Rebuilt.
+ Recompiled against icu4c-61.1.
+xfce/xfce4-weather-plugin-0.8.10-x86_64-3.txz: Rebuilt.
+ Recompiled against icu4c-61.1.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Thu Mar 29 20:48:28 UTC 2018
+a/bash-4.4.019-x86_64-2.txz: Rebuilt.
+ Fixed builtins.1 and rbash.1 manpages to work properly with strict
+ implementations (such as mandoc). Thanks to orbea.
+ap/cups-2.2.7-x86_64-1.txz: Upgraded.
+ap/mariadb-10.2.14-x86_64-1.txz: Upgraded.
+ap/nano-2.9.5-x86_64-1.txz: Upgraded.
+d/cmake-3.11.0-x86_64-1.txz: Upgraded.
+d/flex-2.6.4-x86_64-2.txz: Rebuilt.
+ Fix flex compiled with recent glibc. Thanks to nobodino.
+d/python-pip-9.0.3-x86_64-1.txz: Upgraded.
+d/python3-3.6.5-x86_64-1.txz: Upgraded.
+ Refactored difflib and poplib to fix potential DoS vectors.
+ Thanks to Jamie Davis for the patch.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061
+ (* Security fix *)
+d/ruby-2.5.1-x86_64-1.txz: Upgraded.
+ This release includes some bug fixes and some security fixes:
+ HTTP response splitting in WEBrick.
+ Unintentional file and directory creation with directory traversal in
+ tempfile and tmpdir.
+ DoS by large request in WEBrick.
+ Buffer under-read in String#unpack.
+ Unintentional socket creation by poisoned NUL byte in UNIXServer
+ and UNIXSocket.
+ Unintentional directory traversal by poisoned NUL byte in Dir.
+ Multiple vulnerabilities in RubyGems.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
+ (* Security fix *)
+d/subversion-1.9.7-x86_64-3.txz: Rebuilt.
+ Recompiled for ruby-2.5.1.
+kde/korundum-4.14.3-x86_64-5.txz: Rebuilt.
+ Recompiled for ruby-2.5.1.
+kde/qtruby-4.14.3-x86_64-7.txz: Rebuilt.
+ Recompiled for ruby-2.5.1.
+l/apr-util-1.6.1-x86_64-4.txz: Rebuilt.
+ Merged upstream patch to fix httpd build.
+n/dhcpcd-7.0.2-x86_64-1.txz: Upgraded.
+n/dovecot-2.3.1-x86_64-1.txz: Upgraded.
+n/epic5-2.0.1-x86_64-3.txz: Rebuilt.
+ Recompiled for ruby-2.5.1.
+x/mesa-18.0.0-x86_64-1.txz: Upgraded.
+xfce/xfce4-terminal-0.8.7.3-x86_64-1.txz: Upgraded.
++--------------------------+
+Thu Mar 29 01:02:50 UTC 2018
+a/etc-15.0-x86_64-3.txz: Rebuilt.
+ When adding an sddm user, use $HOME = /var/lib/sddm.
+ Make sure the sddm user is a member of the video group.
+a/kernel-generic-4.14.31-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.31-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.31-x86_64-1.txz: Upgraded.
+a/openssl-solibs-1.0.2o-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.31-x86-1.txz: Upgraded.
+k/kernel-source-4.14.31-noarch-1.txz: Upgraded.
+n/openssl-1.0.2o-x86_64-1.txz: Upgraded.
+ This update fixes a security issue:
+ Constructed ASN.1 types with a recursive definition could exceed the stack.
For more information, see:
- http://php.net/ChangeLog-5.php#5.6.21
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3074
- (* Security fix *)
-x/libdrm-2.4.68-x86_64-1.txz: Upgraded.
-xfce/tumbler-0.1.31-x86_64-6.txz: Rebuilt.
- Recompiled against poppler-0.43.0.
-+--------------------------+
-Wed Apr 27 21:16:37 UTC 2016
-n/yptools-2.14-x86_64-5.txz: Rebuilt.
- Use /usr/lib$LIBDIRSUFFIX/yp in /var/yp/Makefile.new. Thanks to alex14641.
-xap/mozilla-firefox-45.1.0esr-x86_64-2.txz: Rebuilt.
- Fixed $RELEASEVER to avoid installing extra files and placing a few files in
- the wrong location. Thanks to Mikhail Zotov.
-xfce/xfce4-settings-4.12.0-x86_64-3.txz: Rebuilt.
- Patched a bug that may prevent a display from waking up from standby mode
- when running a 4.4.x (or newer) kernel. Thanks to Matthias Schuster.
-+--------------------------+
-Wed Apr 27 04:20:57 UTC 2016
-xap/mozilla-firefox-45.1.0esr-x86_64-1.txz: Upgraded.
+ https://www.openssl.org/news/secadv/20180327.txt
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0739
+ (* Security fix *)
+extra/recordmydesktop/recordmydesktop-0.3.8.1-x86_64-4.txz: Rebuilt.
+ Applied bitrate patches from Arch. Thanks to USUARIONUEVO.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Mon Mar 26 22:06:38 UTC 2018
+a/aaa_terminfo-6.1-x86_64-1.txz: Upgraded.
+a/etc-15.0-x86_64-2.txz: Rebuilt.
+ Don't include /etc/termcap-* files here. They aren't needed by anything
+ shipped with Slackware, and shouldn't be needed by much of anything at all.
+ But we'll ship a full /etc/termcap with the ncurses package just in case.
+a/hdparm-9.56-x86_64-1.txz: Upgraded.
+l/apr-util-1.6.1-x86_64-3.txz: Rebuilt.
+ Recompiled using --with-mysql=/usr option.
+l/libusb-1.0.22-x86_64-1.txz: Upgraded.
+l/ncurses-6.1_20180324-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-59.0.2-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
- (* Security fix *)
-+--------------------------+
-Tue Apr 26 05:16:02 UTC 2016
-ap/lxc-2.0.0-x86_64-2.txz: Rebuilt.
- rc.lxc: Stop containers with lxc-stop rather than having lxc-attach call
- /sbin/halt. Thanks to linuxxer and Matteo Bernardini.
-xfce/xfce4-weather-plugin-0.8.7-x86_64-1.txz: Upgraded.
-+--------------------------+
-Sun Apr 24 03:44:25 UTC 2016
-a/grep-2.25-x86_64-1.txz: Upgraded.
-a/kernel-generic-4.4.8-x86_64-1.txz: Upgraded.
-a/kernel-huge-4.4.8-x86_64-1.txz: Upgraded.
- Needed to be built into the huge kernel since virtio is. Thanks to Cal Peake.
- NET_9P m -> y
- NET_9P_VIRTIO m -> y
-a/kernel-modules-4.4.8-x86_64-1.txz: Upgraded.
-a/lilo-24.2-x86_64-2.txz: Rebuilt.
- Patched usable memory bug. Thanks to Sl4ck3ver.
-ap/lxc-2.0.0-x86_64-1.txz: Upgraded.
-ap/sqlite-3.12.2-x86_64-1.txz: Upgraded.
-d/kernel-headers-4.4.8-x86-1.txz: Upgraded.
-k/kernel-source-4.4.8-noarch-1.txz: Upgraded.
-n/NetworkManager-1.2.0-x86_64-1.txz: Upgraded.
- Thanks to Robby Workman.
-n/ca-certificates-20160104-noarch-1.txz: Upgraded.
- Thanks to Cal Peake for fixing a build script typo that created duplicate
- certificates with each successive build.
-n/gnupg2-2.0.30-x86_64-1.txz: Upgraded.
-x/motif-2.3.5-x86_64-1.txz: Upgraded.
-xap/network-manager-applet-1.2.0-x86_64-1.txz: Upgraded.
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-10/
+ https://www.mozilla.org/security/known-vulnerabilities/firefox.html
+ (* Security fix *)
++--------------------------+
+Mon Mar 26 03:28:26 UTC 2018
+a/e2fsprogs-1.44.1-x86_64-1.txz: Upgraded.
+a/kbd-1.15.3-x86_64-3.txz: Rebuilt.
+ setconsolefont: generate font list on the fly. Thanks to David Woodhouse.
+a/kernel-generic-4.14.30-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.30-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.30-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.30-x86-1.txz: Upgraded.
+k/kernel-source-4.14.30-noarch-1.txz: Upgraded.
+l/imagemagick-6.9.9_40-x86_64-1.txz: Upgraded.
+l/libdvdread-6.0.0-x86_64-2.txz: Rebuilt.
+ Fixed misplaced files under /usr/share/doc.
+l/libmtp-1.1.15-x86_64-1.txz: Upgraded.
+l/liboggz-1.1.1-x86_64-2.txz: Rebuilt.
+ Removed spurious /usr/share/doc directory.
+l/librsvg-2.42.3-x86_64-2.txz: Rebuilt.
+ Fixed misplaced files under /usr/share/doc.
+xfce/xfce4-pulseaudio-plugin-0.4.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
- Patched busybox umask bug. Thanks to Goran "CHUPCKO" Lazic.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
- Patched busybox umask bug. Thanks to Goran "CHUPCKO" Lazic.
-+--------------------------+
-Tue Apr 19 18:59:10 UTC 2016
-x/xf86-video-intel-git_20160418_562ae1f-x86_64-1.txz: Upgraded.
- Bumped to latest git, dropped glamor fallback patch.
-+--------------------------+
-Mon Apr 18 22:21:58 UTC 2016
-a/coreutils-8.25-x86_64-2.txz: Rebuilt.
- Reverted new default ls quoting.
-a/glibc-zoneinfo-2016d-noarch-1.txz: Upgraded.
-ap/vim-7.4.1752-x86_64-1.txz: Upgraded.
-d/cmake-3.5.2-x86_64-1.txz: Upgraded.
-d/perl-5.22.1-x86_64-2.txz: Rebuilt.
- Patched security issue "loss of taint in canonpath()". Thanks to ttk.
- Patched to recognize gcc 5.x to allow using -D_FORTIFY_SOURCE=2.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8607
- (* Security fix *)
-n/bluez-5.39-x86_64-2.txz: Rebuilt.
- In rc.bluetooth, don't attempt to start/stop rfcomm. Thanks to e5150.
-n/libgcrypt-1.7.0-x86_64-1.txz: Upgraded.
-x/mesa-11.2.1-x86_64-1.txz: Upgraded.
-x/xf86-video-intel-git_20160417_81029be-x86_64-1.txz: Upgraded.
- Removed --with-default-dri=2 --with-default-accel=uxa options
- Added patch for modesetting + glamor fallback on gen9+.
- Hopefully the latest git, these option changes, and fallback patch will solve
- the issues reported on LQ. Please test!
-xap/imagemagick-6.9.3_8-x86_64-1.txz: Upgraded.
-xap/vim-gvim-7.4.1752-x86_64-1.txz: Upgraded.
-+--------------------------+
-Fri Apr 15 20:37:37 UTC 2016
-Finally got some fixes we were waiting for in this new kernel.
-It's been almost a month since 14.2rc1 so we'll call this Slackware
-14.2 release candidate 2. Almost there. Get in any last-minute
-bug reports quickly. :-)
-a/kernel-generic-4.4.7-x86_64-1.txz: Upgraded.
-a/kernel-huge-4.4.7-x86_64-1.txz: Upgraded.
- BLK_DEV_NVME m -> y
-a/kernel-modules-4.4.7-x86_64-1.txz: Upgraded.
-d/kernel-headers-4.4.7-x86-1.txz: Upgraded.
-k/kernel-source-4.4.7-noarch-1.txz: Upgraded.
-l/alsa-lib-1.1.1-x86_64-2.txz: Rebuilt.
- Applied upstream patch to fix error EBADFD. Thanks to e5150.
-l/glibmm-2.46.4-x86_64-1.txz: Upgraded.
-l/gst-plugins-base-1.6.4-x86_64-1.txz: Upgraded.
-l/gst-plugins-good-1.6.4-x86_64-1.txz: Upgraded.
-l/gstreamer-1.6.4-x86_64-1.txz: Upgraded.
-l/gtkmm3-3.18.1-x86_64-1.txz: Upgraded.
-l/qca-2.1.1-x86_64-2.txz: Rebuilt.
- Install crypto.prf in the correct directory. Thanks to David Spencer.
-n/gnutls-3.4.11-x86_64-1.txz: Upgraded.
-n/nfs-utils-1.3.3-x86_64-2.txz: Rebuilt.
- Fix nfsd startup on kernels without IPv6 support. Thanks to Mario Preksavec.
-n/samba-4.4.2-x86_64-1.txz: Upgraded.
- This update fixes the security issues known as "badlock" (or "sadlock"),
- which may allow man-in-the-middle or denial-of-service attacks:
- CVE-2015-5370 (Multiple errors in DCE-RPC code)
- CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
- CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
- CVE-2016-2112 (LDAP client and server don't enforce integrity)
- CVE-2016-2113 (Missing TLS certificate validation)
- CVE-2016-2114 ("server signing = mandatory" not enforced)
- CVE-2016-2115 (SMB IPC traffic is not integrity protected)
- CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118
- (* Security fix *)
-x/xf86-video-intel-git_20160224_d167280-x86_64-1.txz: Upgraded.
- So far, this version seems to be the most stable of the ones tested.
- Thanks to Andrzej Telszewski.
-x/xf86-video-openchrome-0.4.0-x86_64-1.txz: Upgraded.
-x/xorg-server-1.18.3-x86_64-2.txz: Rebuilt.
- Applied a patch from https://bugs.freedesktop.org/show_bug.cgi?id=49950
- to fix applying keyboard layout settings when using a keyboard/mouse combo
- device such as a Logitech wireless keyboard with the unifying receiver.
- Thanks to Jean-Philippe Guillemin.
-x/xorg-server-xephyr-1.18.3-x86_64-2.txz: Rebuilt.
-x/xorg-server-xnest-1.18.3-x86_64-2.txz: Rebuilt.
-x/xorg-server-xvfb-1.18.3-x86_64-2.txz: Rebuilt.
-xap/geeqie-1.2.3-x86_64-1.txz: Upgraded.
-xap/mozilla-thunderbird-45.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Sat Mar 24 19:47:01 UTC 2018
+a/sysvinit-scripts-2.1-noarch-8.txz: Rebuilt.
+ rc.M: Set default hostname using FQDN. Thanks to Andrzej Telszewski.
+l/jansson-2.11-x86_64-1.txz: Added.
+n/curl-7.59.0-x86_64-2.txz: Rebuilt.
+ Recompiled to pick up HTTP/2 support from libnghttp2.
+n/httpd-2.4.33-x86_64-1.txz: Upgraded.
+ Added HTTP/2 support (requires jansson and nghttp2).
+n/nghttp2-1.31.0-x86_64-1.txz: Added.
++--------------------------+
+Fri Mar 23 22:28:20 UTC 2018
+a/glibc-zoneinfo-2018d-noarch-1.txz: Upgraded.
+d/git-2.16.3-x86_64-1.txz: Upgraded.
+n/openldap-client-2.4.46-x86_64-1.txz: Upgraded.
+x/libwacom-0.29-x86_64-1.txz: Upgraded.
+x/xf86-input-wacom-0.36.1-x86_64-1.txz: Upgraded.
+xap/mozilla-thunderbird-52.7.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
- (* Security fix *)
+ https://www.mozilla.org/en-US/thunderbird/52.7.0/releasenotes/
+ (* Security fix *)
++--------------------------+
+Thu Mar 22 07:12:40 UTC 2018
+a/kernel-firmware-20180319_44476f2-noarch-1.txz: Upgraded.
+a/kernel-generic-4.14.29-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.29-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.29-x86_64-1.txz: Upgraded.
+a/util-linux-2.32-x86_64-1.txz: Upgraded.
+ap/ghostscript-9.23-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.29-x86-1.txz: Upgraded.
+d/meson-0.45.1-x86_64-1.txz: Upgraded.
+k/kernel-source-4.14.29-noarch-1.txz: Upgraded.
+l/pcre-8.42-x86_64-1.txz: Upgraded.
+x/mesa-17.3.7-x86_64-1.txz: Upgraded.
+x/vulkan-sdk-1.1.70.0-x86_64-1.txz: Upgraded.
+ Thanks to dugan for help updating the build script.
+x/xf86-input-libinput-0.27.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Tue Apr 12 05:37:20 UTC 2016
-a/aaa_elflibs-14.2-x86_64-12.txz: Rebuilt.
- Added libtdb.so.1.3.8.
-a/lvm2-2.02.150-x86_64-1.txz: Upgraded.
-ap/sqlite-3.12.1-x86_64-1.txz: Upgraded.
-ap/tmux-2.2-x86_64-1.txz: Upgraded.
-l/QScintilla-2.9.1-x86_64-1.txz: Upgraded.
-l/harfbuzz-1.2.6-x86_64-1.txz: Upgraded.
-l/libpng-1.6.21-x86_64-1.txz: Upgraded.
-l/libtasn1-4.8-x86_64-1.txz: Upgraded.
-l/sip-4.17-x86_64-1.txz: Upgraded.
-n/epic5-2.0-x86_64-1.txz: Upgraded.
-n/httpd-2.4.20-x86_64-1.txz: Upgraded.
-n/nmap-7.12-x86_64-1.txz: Upgraded.
-n/proftpd-1.3.5b-x86_64-1.txz: Upgraded.
- Compiled with --enable-dso. Thanks to David M. Syzdek.
- Compiled with --enable-nls. Thanks to Olek.
-n/samba-4.4.0-x86_64-1.txz: Upgraded.
- This will probably be a very short-lived package, but it would be good to
- hear about any bugs before 4.4.1 is packaged (probably tomorrow).
-n/vsftpd-3.0.3-x86_64-2.txz: Rebuilt.
- In /etc/vsftpd.conf.new, set seccomp_sandbox=NO to work around bugs.
-x/xf86-video-amdgpu-1.1.0-x86_64-1.txz: Upgraded.
-x/xf86-video-ati-7.7.0-x86_64-1.txz: Upgraded.
-x/xf86-video-intel-git_20160411_a7526ea-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-45.0.2-x86_64-1.txz: Upgraded.
-+--------------------------+
-Wed Apr 6 05:07:44 UTC 2016
-d/git-2.8.1-x86_64-1.txz: Upgraded.
-d/nasm-2.12.01-x86_64-1.txz: Upgraded.
-d/strace-4.11-x86_64-1.txz: Upgraded.
-d/subversion-1.9.3-x86_64-1.txz: Upgraded.
- Subversion servers and clients are vulnerable to remotely triggerable
- heap-based buffer overflows and out-of-bounds reads that may allow remote
- attackers to cause a denial of service or possibly execute arbitrary code
- under the context of the targeted process.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5259
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5343
- (* Security fix *)
-l/harfbuzz-1.2.5-x86_64-1.txz: Upgraded.
-l/librsvg-2.40.15-x86_64-1.txz: Upgraded.
-n/bluez-5.39-x86_64-1.txz: Upgraded.
-x/mesa-11.2.0-x86_64-1.txz: Upgraded.
-x/xf86-video-intel-git_20160405_afddc9f-x86_64-1.txz: Upgraded.
-x/xorg-server-1.18.3-x86_64-1.txz: Upgraded.
-x/xorg-server-xephyr-1.18.3-x86_64-1.txz: Upgraded.
-x/xorg-server-xnest-1.18.3-x86_64-1.txz: Upgraded.
-x/xorg-server-xvfb-1.18.3-x86_64-1.txz: Upgraded.
-x/xterm-324-x86_64-1.txz: Upgraded.
-extra/tigervnc/tigervnc-1.6.0-x86_64-3.txz: Rebuilt.
- Rebuilt for xorg-server-1.18.3.
-+--------------------------+
-Mon Apr 4 19:54:22 UTC 2016
-a/lvm2-2.02.149-x86_64-1.txz: Upgraded.
-ap/sqlite-3.12.0-x86_64-1.txz: Upgraded.
-d/make-4.1-x86_64-2.txz: Rebuilt.
- Applied patch: Handle NULL returns from ttyname(). Thanks to e5150.
-l/iso-codes-3.67-noarch-1.txz: Upgraded.
-n/NetworkManager-1.0.12-x86_64-1.txz: Upgraded.
-n/bluez-5.38-x86_64-3.txz: Rebuilt.
- Added another patch from upstream git. Thanks to gmgf.
-n/mutt-1.6.0-x86_64-1.txz: Upgraded.
-x/inputproto-2.3.2-noarch-1.txz: Upgraded.
-xap/mozilla-thunderbird-38.7.2-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
- (* Security fix *)
+Tue Mar 20 22:52:16 UTC 2018
+l/gst-plugins-base-1.14.0-x86_64-1.txz: Upgraded.
+l/gst-plugins-good-1.14.0-x86_64-1.txz: Upgraded.
+l/gst-plugins-libav-1.14.0-x86_64-1.txz: Upgraded.
+l/gstreamer-1.14.0-x86_64-1.txz: Upgraded.
+n/nmap-7.70-x86_64-1.txz: Upgraded.
+x/fontconfig-2.12.6-x86_64-1.txz: Upgraded.
+ Reverted to previous version. There are problem reports with the latest
+ version, and I see no upside to staying on the bleeding edge right now.
++--------------------------+
+Mon Mar 19 19:03:32 UTC 2018
+a/kernel-generic-4.14.28-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.28-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.28-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.28-x86-1.txz: Upgraded.
+k/kernel-source-4.14.28-noarch-1.txz: Upgraded.
+xap/gparted-0.31.0-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Fri Apr 1 21:17:37 UTC 2016
-a/elilo-3.16-x86_64-2.txz: Rebuilt.
- eliloconfig: strip alphabetic characters from $EFI_PARTITION.
- Rebuilt /boot/elilo-x86_64.efi against gnu-efi-3.0.4.
-a/kernel-firmware-20160401git-noarch-1.txz: Upgraded.
-ap/alsa-utils-1.1.1-x86_64-1.txz: Upgraded.
- Don't run rc.alsa by default.
-ap/at-3.1.19-x86_64-1.txz: Upgraded.
-d/mercurial-3.7.3-x86_64-1.txz: Upgraded.
- This update fixes security issues and bugs, including remote code execution
- in binary delta decoding, arbitrary code execution with Git subrepos, and
- arbitrary code execution when converting Git repos.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3630
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3068
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3069
- (* Security fix *)
-f/linux-howtos-20160401-noarch-1.txz: Upgraded.
-l/alsa-lib-1.1.1-x86_64-1.txz: Upgraded.
-l/alsa-plugins-1.1.1-x86_64-1.txz: Upgraded.
-l/gnu-efi-3.0.4-x86_64-1.txz: Upgraded.
-l/newt-0.52.19-x86_64-1.txz: Upgraded.
-n/ModemManager-1.4.14-x86_64-1.txz: Upgraded.
-n/dhcp-4.3.4-x86_64-1.txz: Upgraded.
- This update fixes bugs and (previously patched) security issues.
-n/php-5.6.20-x86_64-1.txz: Upgraded.
- This release fixes bugs and security issues.
+Sun Mar 18 21:42:00 UTC 2018
+d/Cython-0.28.1-x86_64-1.txz: Upgraded.
+d/python-setuptools-39.0.1-x86_64-1.txz: Upgraded.
+n/dnsmasq-2.79-x86_64-1.txz: Upgraded.
++--------------------------+
+Sun Mar 18 00:55:39 UTC 2018
+a/sysvinit-scripts-2.1-noarch-7.txz: Rebuilt.
+ rc.M: start consolekit before Bluetooth and NetworkManager. Thanks to allend.
+d/python-setuptools-39.0.0-x86_64-1.txz: Upgraded.
+l/libvorbis-1.3.6-x86_64-1.txz: Upgraded.
+ This release fixes security issues.
For more information, see:
- http://php.net/ChangeLog-5.php#5.6.20
- (* Security fix *)
-xap/audacious-3.7.2-x86_64-1.txz: Upgraded.
-xap/audacious-plugins-3.7.2-x86_64-1.txz: Upgraded.
-+--------------------------+
-Tue Mar 29 07:43:02 UTC 2016
-d/git-2.8.0-x86_64-1.txz: Upgraded.
-n/iptables-1.6.0-x86_64-2.txz: Rebuilt.
- Moved /usr/etc/ethertypes to /etc/ethertypes. Thanks to e5150.
-usb-and-pxe-installers/usbimg2disk.sh: Patched.
- Exclude any dangling symlinks when copying files. Thanks to gsl.
- Add new option -e (or --errors) to abort on any errors.
-+--------------------------+
-Sun Mar 27 19:39:10 UTC 2016
-a/dbus-1.10.8-x86_64-1.txz: Upgraded.
-a/grub-2.00-x86_64-4.txz: Rebuilt.
- Include support for 32-bit EFI. Thanks to Eric Hameleers.
-a/lvm2-2.02.148-x86_64-1.txz: Upgraded.
-ap/hplip-3.16.3-x86_64-1.txz: Upgraded.
-l/dbus-python-1.2.4-x86_64-1.txz: Upgraded.
-extra/brltty/brltty-5.3.1-x86_64-2.txz: Rebuilt.
- Added upstream patch to prefer a blank if the same glyph is used for other
- characters. Added udev rules. Thanks to Didier Spaier.
-testing/source/linux-4.6-rc1-configs/*: Added.
-+--------------------------+
-Sat Mar 26 23:20:34 UTC 2016
-a/etc-14.2-x86_64-6.txz: Rebuilt.
- Added polkitd user (UID 87) and group (GID 87).
-ap/mc-4.8.16-x86_64-2.txz: Rebuilt.
- Applied some upstream patches. Thanks to th_r.
-d/cmake-3.5.1-x86_64-1.txz: Upgraded.
-l/iso-codes-3.66-noarch-1.txz: Upgraded.
-l/libsecret-0.18.5-x86_64-1.txz: Upgraded.
-l/polkit-0.113-x86_64-2.txz: Rebuilt.
- Ensure that polkitd user (UID 87) and group (GID 87) exist.
- Ensure correct permissions on /etc/polkit-1/rules.d.
- Remove obsolete .pkla rules and /etc/polkit-1/localauthority directory.
- Don't build and install examples.
-l/urwid-1.0.3-x86_64-1.txz: Upgraded.
- Switch to version 1.0.3, since wicd has problems with newer versions.
-n/bluez-5.38-x86_64-2.txz: Rebuilt.
- Use reset=1 when loading the btusb module.
- Applied upstream patch to fix a crash when connecting to audio controllers.
- Thanks to gmgf.
-n/curl-7.48.0-x86_64-1.txz: Upgraded.
-n/mtr-0.86-x86_64-1.txz: Upgraded.
-x/xkeyboard-config-2.17-noarch-1.txz: Upgraded.
-xap/fvwm-2.6.6-x86_64-1.txz: Upgraded.
-extra/brltty/brltty-5.3.1-x86_64-1.txz: Upgraded.
-extra/wicd/wicd-1.7.4-x86_64-2.txz: Rebuilt.
- Fix wicd-curses crash bugs. Thanks to foobaru, Tonus, and comet.berkeley.
-+--------------------------+
-Fri Mar 25 20:43:59 UTC 2016
-a/glibc-zoneinfo-2016c-noarch-1.txz: Upgraded.
-a/kernel-firmware-20160325git-noarch-1.txz: Upgraded.
-a/ntfs-3g-2016.2.22-x86_64-1.txz: Upgraded.
- Shared library .so-version bump.
-ap/cups-filters-1.8.3-x86_64-1.txz: Upgraded.
-ap/sudo-1.8.16-x86_64-1.txz: Upgraded.
-ap/zsh-5.2-x86_64-1.txz: Upgraded.
-kde/ktouch-4.14.3-x86_64-3.txz: Rebuilt.
- Patched to fix performance issues. Thanks to Andrzej Telszewski.
-l/libevent-2.0.22-x86_64-1.txz: Upgraded.
- Multiple integer overflows in the evbuffer API allow context-dependent
- attackers to cause a denial of service or possibly have other unspecified
- impact via "insanely large inputs" to the (1) evbuffer_add,
- (2) evbuffer_expand, or (3) bufferevent_write function, which triggers a
- heap-based buffer overflow or an infinite loop.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6272
- (* Security fix *)
-l/polkit-0.113-x86_64-1.txz: Upgraded.
- Polkit config format change: Uses ".rules" files rather than ".pkla", and
- the rules files are JavaScript. Thanks to Robby Workman.
-l/polkit-gnome-0.105-x86_64-1.txz: Upgraded.
- Thanks to Robby Workman.
-n/NetworkManager-1.0.10-x86_64-5.txz: Rebuilt.
- Patched rc.networkmanager to only attempt to kill wpa_supplicant on shutdown
- using the first .pid found in /var/run or /run. Otherwise if those
- directories are symlinked or bind mounted together there will be a race
- condition that may result in an error message.
- I'm still not certain that rc.networkmanager should be messing with
- wpa_supplicant. What about cases where NetworkManager might be configured to
- *not* manage the wireless interfaces at all?
- Luckily, there is rarely any reason for stopping NetworkManager (outside of
- shutdown or reboot), or for restarting it.
-n/irssi-0.8.19-x86_64-1.txz: Upgraded.
-n/nmap-7.11-x86_64-1.txz: Upgraded.
-xap/mozilla-thunderbird-38.7.1-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14632
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14633
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146
+ (* Security fix *)
+l/pycairo-1.16.3-x86_64-1.txz: Upgraded.
+n/bluez-5.49-x86_64-1.txz: Upgraded.
+x/xorgproto-2018.4-x86_64-2.txz: Rebuilt.
+ Include support for legacy protocols. Thanks to nobodino.
+extra/bash-completion/bash-completion-2.8-noarch-1.txz: Upgraded.
++--------------------------+
+Sat Mar 17 03:25:26 UTC 2018
+Beannachtai na le Padraig oraibh!
+a/hdparm-9.55-x86_64-1.txz: Upgraded.
+ap/dmidecode-3.1-x86_64-1.txz: Upgraded.
+d/cmake-3.10.3-x86_64-1.txz: Upgraded.
+n/libtirpc-1.0.3-x86_64-1.txz: Upgraded.
+x/xf86-video-amdgpu-18.0.1-x86_64-1.txz: Upgraded.
+x/xf86-video-ati-18.0.1-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-59.0.1-x86_64-1.txz: Upgraded.
+ This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
- (* Security fix *)
-+--------------------------+
-Mon Mar 21 03:19:48 UTC 2016
-a/aaa_elflibs-14.2-x86_64-11.txz: Rebuilt.
-a/lvm2-2.02.147-x86_64-1.txz: Upgraded.
-a/pciutils-3.4.1-x86_64-2.txz: Rebuilt.
- Use a shared libpci, not a static one. This fixes linking some programs as
- the static library won't pull in other recent dependencies such as libudev.
- Thanks to 55020.
-a/pkgtools-14.2-noarch-6.txz: Rebuilt.
- In installpkg's terse mode, make some dots connecting the description to the
- uncompressed package size.
-a/utempter-1.1.6-x86_64-2.txz: Rebuilt.
- Fixed manpage symlinks. Thanks to elyk.
-ap/cups-filters-1.8.2-x86_64-2.txz: Rebuilt.
- Recompiled against poppler-0.42.0.
-ap/ddrescue-1.21-x86_64-1.txz: Upgraded.
-ap/man-pages-4.05-noarch-1.txz: Upgraded.
-ap/mc-4.8.16-x86_64-1.txz: Upgraded.
-kde/calligra-2.9.11-x86_64-2.txz: Rebuilt.
- Recompiled against poppler-0.42.0.
-kde/kde-workspace-4.11.22-x86_64-3.txz: Rebuilt.
- Recompiled against shared library from pciutils-3.4.1.
-kde/lskat-4.14.3-x86_64-3.txz: Rebuilt.
- Fixed a typo in slack-desc.
-l/harfbuzz-1.2.4-x86_64-1.txz: Upgraded.
-l/libodfgen-0.1.6-x86_64-1.txz: Upgraded.
- Thanks to Heinz Wiesinger.
-l/librevenge-0.0.4-x86_64-1.txz: Upgraded.
- Thanks to Heinz Wiesinger.
-l/libvisio-0.1.5-x86_64-1.txz: Upgraded.
- Thanks to Heinz Wiesinger.
-l/libwpd-0.10.1-x86_64-1.txz: Upgraded.
- Thanks to Heinz Wiesinger.
-l/libzip-1.0.1-x86_64-2.txz: Rebuilt.
- Fixed manpage symlinks. Thanks to elyk.
-l/poppler-0.42.0-x86_64-1.txz: Upgraded.
- Shared library .so-version bump.
-l/taglib-1.10-x86_64-1.txz: Upgraded.
- Thanks to Heinz Wiesinger.
-l/wavpack-4.75.2-x86_64-1.txz: Upgraded.
- Thanks to Heinz Wiesinger.
-n/NetworkManager-1.0.10-x86_64-4.txz: Rebuilt.
- When stopping NetworkManager, ensure that wpa_supplicant is also stopped.
- Thanks to allend.
-n/bluez-5.38-x86_64-1.txz: Upgraded.
-tcl/tcl-8.6.5-x86_64-2.txz: Rebuilt.
- Fixed manpage symlinks. Thanks to elyk.
-tcl/tk-8.6.5-x86_64-2.txz: Rebuilt.
-xap/hexchat-2.12.0-x86_64-2.txz: Rebuilt.
- Recompiled against shared library from pciutils-3.4.1.
-xfce/tumbler-0.1.31-x86_64-5.txz: Rebuilt.
- Recompiled against poppler-0.42.0.
-xfce/xfce4-power-manager-1.4.4-x86_64-4.txz: Rebuilt.
- Removed dead symlinks in documentation. Thanks to elyk.
-extra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild: Patched.
- Scrape the webpage to determine the latest version.
- Thanks to Eric Hameleers.
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/
+ https://www.mozilla.org/security/known-vulnerabilities/firefox.html
+ (* Security fix *)
++--------------------------+
+Fri Mar 16 02:29:29 UTC 2018
+a/kernel-firmware-20180314_4c0bf11-noarch-1.txz: Upgraded.
+a/kernel-generic-4.14.27-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.27-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.27-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.27-x86-1.txz: Upgraded.
+k/kernel-source-4.14.27-noarch-1.txz: Upgraded.
+ TRANSPARENT_HUGEPAGE_ALWAYS y -> n
+ TRANSPARENT_HUGEPAGE_MADVISE n -> y
+ Thanks to Darth Vader.
+n/bind-9.11.3-x86_64-1.txz: Upgraded.
+n/curl-7.59.0-x86_64-1.txz: Upgraded.
+ This update fixes security issues:
+ FTP path trickery leads to NIL byte out of bounds write
+ LDAP NULL pointer dereference
+ RTSP RTP buffer over-read
+ For more information, see:
+ https://curl.haxx.se/docs/adv_2018-9cd6.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120
+ https://curl.haxx.se/docs/adv_2018-97a2.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121
+ https://curl.haxx.se/docs/adv_2018-b047.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122
+ (* Security fix *)
+x/libinput-1.10.3-x86_64-1.txz: Upgraded.
+xap/hexchat-2.14.1-x86_64-1.txz: Upgraded.
+xfce/xfce4-terminal-0.8.7.2-x86_64-1.txz: Upgraded.
+extra/wicd/wicd-1.7.4-x86_64-3.txz: Rebuilt.
+ Patched to fix saving settings with wicd-curses. Thanks to justwantin.
isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
-usb-and-pxe-installers/usbimg2disk.sh: Patched.
- Fixed the call to sfdisk to make the first partition active.
- Thanks to Jonathan Woithe.
- Leave syslinux files in the USB stick root rather than trying to move them.
-+--------------------------+
-Fri Mar 18 20:02:40 UTC 2016
-d/git-2.7.4-x86_64-1.txz: Upgraded.
- NOTE: Issuing this patch again since the bug reporter listed the
- wrong git version (2.7.1) as fixed. The vulnerability was actually
- patched in git-2.7.4.
- Fixed buffer overflows allowing server and client side remote code
- execution in all git versions before 2.7.4.
- For more information, see:
- http://seclists.org/oss-sec/2016/q1/645
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2315
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2324
- (* Security fix *)
-xap/hexchat-2.12.0-x86_64-1.txz: Upgraded.
-xap/mozilla-thunderbird-38.7.0-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
- (* Security fix *)
-extra/bash-completion/bash-completion-2.2-noarch-2.txz: Rebuilt.
- Applied upstream patches to fix tar filename completion and related issues.
- Thanks to Robby Workman.
+--------------------------+
-Thu Mar 17 22:09:16 UTC 2016
-Good hello, let's call this Slackware 14.2 release candidate 1. We still
-have a bit of work to do before this is fully ready to go, but we're done
-doing every little upgrade that comes along. Well, mostly.
-Have a great day, and beannachtai na Feile Padraig oraibh!
-a/kernel-generic-4.4.6-x86_64-1.txz: Upgraded.
-a/kernel-huge-4.4.6-x86_64-1.txz: Upgraded.
-a/kernel-modules-4.4.6-x86_64-1.txz: Upgraded.
-d/kernel-headers-4.4.6-x86-1.txz: Upgraded.
-d/perl-5.22.1-x86_64-1.txz: Upgraded.
- Also upgraded to DBD-mysql-4.033, URI-1.71, and XML-Simple-2.22.
-k/kernel-source-4.4.6-noarch-1.txz: Upgraded.
-l/M2Crypto-0.23.0-x86_64-1.txz: Upgraded.
-n/crda-3.18-x86_64-3.txz: Rebuilt.
- Upgraded to wireless-regdb-2016.02.08. Thanks to USUARIONUEVO.
-n/nmap-7.10-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-45.0.1-x86_64-1.txz: Upgraded.
+Tue Mar 13 21:12:51 UTC 2018
+a/time-1.9-x86_64-1.txz: Upgraded.
+d/automake-1.16.1-noarch-1.txz: Upgraded.
+l/imagemagick-6.9.9_38-x86_64-1.txz: Upgraded.
+n/samba-4.7.6-x86_64-1.txz: Upgraded.
+ This is a security update in order to patch the following defects:
+ On a Samba 4 AD DC the LDAP server in all versions of Samba from
+ 4.0.0 onwards incorrectly validates permissions to modify passwords
+ over LDAP allowing authenticated users to change any other users`
+ passwords, including administrative users.
+ All versions of Samba from 4.0.0 onwards are vulnerable to a denial of
+ service attack when the RPC spoolss service is configured to be run as
+ an external daemon. Missing input sanitization checks on some of the
+ input parameters to spoolss RPC calls could cause the print spooler
+ service to crash. There is no known vulnerability associated with this
+ error, merely a denial of service. If the RPC spoolss service is left by
+ default as an internal service, all a client can do is crash its own
+ authenticated connection.
+ For more information, see:
+ https://www.samba.org/samba/security/CVE-2018-1057.html
+ https://wiki.samba.org/index.php/CVE-2018-1057
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050
+ (* Security fix *)
+xap/mozilla-firefox-59.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
- (* Security fix *)
-extra/tigervnc/tigervnc-1.6.0-x86_64-2.txz: Rebuilt.
- Rebuilt for xorg-server-1.18.2.
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
+ https://www.mozilla.org/security/known-vulnerabilities/firefox.html
+ (* Security fix *)
++--------------------------+
+Tue Mar 13 04:24:58 UTC 2018
+ap/hplip-3.18.3-x86_64-1.txz: Upgraded.
+ap/vim-8.0.1601-x86_64-1.txz: Upgraded.
+n/NetworkManager-1.10.6-x86_64-1.txz: Upgraded.
+x/bigreqsproto-1.1.2-noarch-1.txz: Removed.
+x/compositeproto-0.4.2-noarch-1.txz: Removed.
+x/damageproto-1.2.1-noarch-1.txz: Removed.
+x/dmxproto-2.3.1-noarch-1.txz: Removed.
+x/dri2proto-2.8-x86_64-2.txz: Removed.
+x/dri3proto-1.0-x86_64-2.txz: Removed.
+x/evieext-1.1.1-noarch-1.txz: Removed.
+x/fixesproto-5.0-x86_64-2.txz: Removed.
+x/fontcacheproto-0.1.3-noarch-1.txz: Removed.
+x/fontsproto-2.1.3-noarch-1.txz: Removed.
+x/glproto-1.4.17-noarch-1.txz: Removed.
+x/inputproto-2.3.2-noarch-1.txz: Removed.
+x/kbproto-1.0.7-noarch-1.txz: Removed.
+x/presentproto-1.1-x86_64-1.txz: Removed.
+x/printproto-1.0.5-noarch-1.txz: Removed.
+x/randrproto-1.5.0-noarch-1.txz: Removed.
+x/recordproto-1.14.2-noarch-1.txz: Removed.
+x/renderproto-0.11.1-noarch-1.txz: Removed.
+x/resourceproto-1.2.0-noarch-1.txz: Removed.
+x/scrnsaverproto-1.2.2-noarch-1.txz: Removed.
+x/videoproto-2.3.3-noarch-1.txz: Removed.
+x/xcmiscproto-1.2.2-noarch-1.txz: Removed.
+x/xextproto-7.3.0-x86_64-2.txz: Removed.
+x/xf86bigfontproto-1.2.0-noarch-1.txz: Removed.
+x/xf86dgaproto-2.1-noarch-1.txz: Removed.
+x/xf86driproto-2.1.1-noarch-1.txz: Removed.
+x/xf86miscproto-0.9.3-noarch-1.txz: Removed.
+x/xf86vidmodeproto-2.3.1-noarch-1.txz: Removed.
+x/xineramaproto-1.2.1-noarch-1.txz: Removed.
+x/xorgproto-2018.4-x86_64-1.txz: Added.
+x/xproto-7.0.31-noarch-1.txz: Removed.
+xap/vim-gvim-8.0.1601-x86_64-1.txz: Upgraded.
++--------------------------+
+Mon Mar 12 07:16:15 UTC 2018
+a/kernel-generic-4.14.26-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.26-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.26-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.26-x86-1.txz: Upgraded.
+k/kernel-source-4.14.26-noarch-1.txz: Upgraded.
+x/ico-1.0.5-x86_64-1.txz: Upgraded.
+x/intel-gpu-tools-1.22-x86_64-1.txz: Upgraded.
+x/transset-1.0.2-x86_64-1.txz: Upgraded.
+x/xbacklight-1.2.2-x86_64-1.txz: Upgraded.
+x/xbitmaps-1.1.2-x86_64-1.txz: Upgraded.
+x/xcursor-themes-1.0.5-noarch-1.txz: Upgraded.
+x/xeyes-1.1.2-x86_64-1.txz: Upgraded.
+x/xf86-video-intel-git_20180206_aa36399c-x86_64-1.txz: Upgraded.
+x/xfontsel-1.0.6-x86_64-1.txz: Upgraded.
+x/xinit-1.4.0-x86_64-1.txz: Upgraded.
+x/xkill-1.0.5-x86_64-1.txz: Upgraded.
+x/xload-1.1.3-x86_64-1.txz: Upgraded.
+x/xlsclients-1.1.4-x86_64-1.txz: Upgraded.
+x/xlsfonts-1.0.6-x86_64-1.txz: Upgraded.
+x/xmessage-1.0.5-x86_64-1.txz: Upgraded.
+x/xpr-1.0.5-x86_64-1.txz: Upgraded.
+x/xprop-1.2.3-x86_64-1.txz: Upgraded.
+x/xpyb-1.3.1-x86_64-4.txz: Rebuilt.
+ Patched and recompiled against xcb-proto-1.13.
+x/xrdb-1.1.1-x86_64-1.txz: Upgraded.
+x/xrefresh-1.0.6-x86_64-1.txz: Upgraded.
+x/xset-1.2.4-x86_64-1.txz: Upgraded.
+x/xsetroot-1.1.2-x86_64-1.txz: Upgraded.
+x/xsm-1.0.4-x86_64-1.txz: Upgraded.
+x/xwd-1.0.7-x86_64-1.txz: Upgraded.
+x/xwininfo-1.1.4-x86_64-1.txz: Upgraded.
+x/xwud-1.0.5-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
-testing/source/linux-4.5-configs/*: Added.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Tue Mar 15 23:53:18 UTC 2016
-a/glibc-zoneinfo-2016b-noarch-1.txz: Upgraded.
-a/procps-ng-3.3.11-x86_64-1.txz: Upgraded.
-d/git-2.7.3-x86_64-1.txz: Upgraded.
- Fixed buffer overflows allowing server and client side remote code
- execution in all git versions before 2.7.1.
- For more information, see:
- http://seclists.org/oss-sec/2016/q1/645
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2315
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2324
- (* Security fix *)
-kde/kdelibs-4.14.18-x86_64-1.txz: Upgraded.
-l/seamonkey-solibs-2.40-x86_64-1.txz: Upgraded.
-n/ethtool-4.5-x86_64-1.txz: Upgraded.
-xap/gnuplot-5.0.3-x86_64-1.txz: Upgraded.
-xap/seamonkey-2.40-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.seamonkey-project.org/releases/seamonkey2.40
- (* Security fix *)
-xfce/xfce4-clipman-plugin-1.2.6-x86_64-1.txz: Upgraded.
-+--------------------------+
-Mon Mar 14 02:18:20 UTC 2016
-a/grep-2.24-x86_64-1.txz: Upgraded.
-ap/sudo-1.8.15-x86_64-1.txz: Upgraded.
- New options: --with-insults --with-all-insults --with-pc-insults.
- Sorry about this, I know it's a bit silly. ;-)
- Thanks to chytraeus for the suggestion.
-x/videoproto-2.3.3-noarch-1.txz: Upgraded.
-x/xorg-server-1.18.2-x86_64-1.txz: Upgraded.
-x/xorg-server-xephyr-1.18.2-x86_64-1.txz: Upgraded.
-x/xorg-server-xnest-1.18.2-x86_64-1.txz: Upgraded.
-x/xorg-server-xvfb-1.18.2-x86_64-1.txz: Upgraded.
-xap/MPlayer-1.2_20160125-x86_64-2.txz: Rebuilt.
- Rebuilt against ffmpeg-2.8.6.
- Force lavf for flac because the native demuxer can't handle embedded album
- art. As a bonus (or a regression) you'll also get album art if it exists.
-xap/xine-lib-1.2.6-x86_64-8.txz: Rebuilt.
- Rebuilt against ffmpeg-2.8.6.
-+--------------------------+
-Thu Mar 10 23:43:47 UTC 2016
-a/kernel-firmware-20160310git-noarch-1.txz: Upgraded.
-a/kernel-generic-4.4.5-x86_64-1.txz: Upgraded.
-a/kernel-huge-4.4.5-x86_64-1.txz: Upgraded.
-a/kernel-modules-4.4.5-x86_64-1.txz: Upgraded.
-ap/vim-7.4.1530-x86_64-1.txz: Upgraded.
- When building vim, we now fetch a prepatched archive from github rather than
- applying hundreds or thousands of patches to the original sources. As a side
- benefit, all you need to do in order to build the latest version of vim is
- remove the existing tarball and run the SlackBuild again. It will scrape the
- vim page at github for the latest version number and then fetch that version.
- Thanks to USUARIONUEVO for posting a URL that got me thinking about it.
-d/git-2.7.2-x86_64-1.txz: Upgraded.
-d/kernel-headers-4.4.5-x86-1.txz: Upgraded.
-k/kernel-source-4.4.5-noarch-1.txz: Upgraded.
-l/gtk+3-3.18.9-x86_64-1.txz: Upgraded.
-n/openssh-7.2p2-x86_64-1.txz: Upgraded.
- This release fixes a security bug:
- sshd(8): sanitise X11 authentication credentials to avoid xauth
- command injection when X11Forwarding is enabled.
- For more information, see:
- http://www.openssh.com/txt/x11fwd.adv
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3115
- (* Security fix *)
-xap/vim-gvim-7.4.1530-x86_64-1.txz: Upgraded.
+Sun Mar 11 06:02:10 UTC 2018
+a/e2fsprogs-1.44.0-x86_64-1.txz: Upgraded.
+a/kernel-generic-4.14.25-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.25-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.25-x86_64-1.txz: Upgraded.
+a/logrotate-3.14.0-x86_64-1.txz: Upgraded.
+ap/nano-2.9.4-x86_64-1.txz: Upgraded.
+d/distcc-3.3-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.25-x86-1.txz: Upgraded.
+d/llvm-6.0.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+d/rust-1.24.1-x86_64-2.txz: Rebuilt.
+ Use the bundled LLVM compiler since Rust will usually not be ready to be
+ built with the latest LLVM. Thanks to Andrew Clemons.
+k/kernel-source-4.14.25-noarch-1.txz: Upgraded.
+l/fluidsynth-1.1.10-x86_64-1.txz: Upgraded.
+l/libxml2-2.9.8-x86_64-1.txz: Upgraded.
+n/dovecot-2.3.0.1-x86_64-2.txz: Rebuilt.
+ Recompiled with --with-ldap=plugin option. Thanks to AlexSlack.
+x/libevdev-1.5.9-x86_64-1.txz: Upgraded.
+x/mesa-17.3.6-x86_64-2.txz: Rebuilt.
+ Recompiled against llvm-6.0.0.
+x/xf86-video-vmware-13.2.1-x86_64-5.txz: Rebuilt.
+ Recompiled against llvm-6.0.0.
+xap/pidgin-2.13.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
- Use "mkfs.brtfs -f" in SeTpartitions. Thanks to Didier Spaier.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
- Use "mkfs.brtfs -f" in SeTpartitions. Thanks to Didier Spaier.
-+--------------------------+
-Thu Mar 10 02:46:49 UTC 2016
-a/cryptsetup-1.7.1-x86_64-1.txz: Upgraded.
-a/grep-2.23-x86_64-1.txz: Upgraded.
-ap/htop-2.0.1-x86_64-1.txz: Upgraded.
-d/cmake-3.5.0-x86_64-1.txz: Upgraded.
-kde/calligra-2.9.11-x86_64-1.txz: Upgraded.
-kde/kdelibs-4.14.17-x86_64-1.txz: Upgraded.
-kdei/calligra-l10n-bs-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ca-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ca\@valencia-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-cs-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-da-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-de-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-el-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-en_GB-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-es-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-et-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-fi-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-fr-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-gl-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-hu-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-it-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ja-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-kk-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-nb-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-nl-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pl-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pt-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pt_BR-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ru-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-sk-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-sv-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-tr-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-uk-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-zh_CN-2.9.11-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-zh_TW-2.9.11-noarch-1.txz: Upgraded.
-l/mozilla-nss-3.23-x86_64-1.txz: Upgraded.
- Upgraded to nss-3.23 and nspr-4.12.
- This release contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/nss.html
- (* Security fix *)
-n/bind-9.10.3_P4-x86_64-1.txz: Upgraded.
- Fixed security issues:
- Duplicate EDNS COOKIE options in a response could trigger an assertion
- failure. (CVE-2016-2088) [RT #41809]
- Fix resolver assertion failure due to improper DNAME handling when
- parsing fetch reply messages. (CVE-2016-1286) [RT #41753]
- Malformed control messages can trigger assertions in named and rndc.
- (CVE-2016-1285) [RT #41666]
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2088
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285
- (* Security fix *)
-n/gnupg-1.4.20-x86_64-1.txz: Upgraded.
-n/lynx-2.8.8rel.2-x86_64-1.txz: Upgraded.
-x/xf86-video-openchrome-git_20160309_74e95a6-x86_64-1.txz: Upgraded.
+--------------------------+
-Wed Mar 9 01:36:14 UTC 2016
-d/llvm-3.8.0-x86_64-1.txz: Upgraded.
+Thu Mar 8 21:52:05 UTC 2018
+a/kernel-modules-4.14.24-x86_64-2.txz: Rebuilt.
+ Fixed "build" and "source" symlinks.
++--------------------------+
+Thu Mar 8 07:07:45 UTC 2018
+a/dbus-1.12.6-x86_64-1.txz: Upgraded.
+a/kernel-generic-4.14.24-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.24-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.24-x86_64-1.txz: Upgraded.
+ap/cups-filters-1.20.1-x86_64-2.txz: Rebuilt.
+ Recompiled against qpdf-8.0.2.
+ap/qpdf-8.0.2-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
-x/mesa-11.1.2-x86_64-2.txz: Rebuilt.
- Recompiled against libLLVM-3.8.
-x/xf86-video-vmware-13.1.0-x86_64-7.txz: Rebuilt.
- Recompiled against libLLVM-3.8.
-+--------------------------+
-Tue Mar 8 20:30:19 UTC 2016
-l/shared-mime-info-1.6-x86_64-1.txz: Upgraded.
-n/samba-4.3.6-x86_64-1.txz: Upgraded.
- This update fixes bugs, and two security issues:
- Incorrect ACL get/set allowed on symlink path (CVE-2015-7560).
- Out-of-bounds read in internal DNS server (CVE-2016-0771).
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771
- (* Security fix *)
-xap/mozilla-firefox-45.0-x86_64-1.txz: Upgraded.
- This release contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
- (* Security fix *)
+d/kernel-headers-4.14.24-x86-1.txz: Upgraded.
+d/mercurial-4.5.2-x86_64-1.txz: Upgraded.
+d/meson-0.45.0-x86_64-1.txz: Upgraded.
+d/rust-1.24.1-x86_64-1.txz: Upgraded.
+k/kernel-source-4.14.24-noarch-1.txz: Upgraded.
+kde/amarok-2.9.0-x86_64-1.txz: Upgraded.
+l/SDL2_image-2.0.3-x86_64-1.txz: Upgraded.
+l/cairo-1.15.10-x86_64-1.txz: Upgraded.
+l/gvfs-1.34.2.1-x86_64-1.txz: Upgraded.
+l/harfbuzz-1.7.6-x86_64-1.txz: Upgraded.
+l/libclc-20180223_3554053-x86_64-1.txz: Upgraded.
+l/librsvg-2.42.3-x86_64-1.txz: Upgraded.
+l/mozilla-nss-3.36-x86_64-1.txz: Upgraded.
+ Upgraded to nss-3.36 and nspr-4.19.
+l/slang-2.3.2-x86_64-1.txz: Upgraded.
+n/mutt-1.9.4-x86_64-1.txz: Upgraded.
+n/php-7.2.3-x86_64-1.txz: Upgraded.
+ This update fixes a stack buffer overflow vulnerability.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7584
+ (* Security fix *)
+x/appres-1.0.5-x86_64-1.txz: Upgraded.
+x/editres-1.0.7-x86_64-1.txz: Upgraded.
+x/fontconfig-2.13.0-x86_64-1.txz: Upgraded.
+x/iceauth-1.0.8-x86_64-1.txz: Upgraded.
+x/libdrm-2.4.91-x86_64-1.txz: Upgraded.
+x/libinput-1.10.2-x86_64-1.txz: Upgraded.
+x/libxcb-1.13-x86_64-1.txz: Upgraded.
+x/listres-1.0.4-x86_64-1.txz: Upgraded.
+x/mkfontscale-1.1.3-x86_64-1.txz: Upgraded.
+x/oclock-1.0.4-x86_64-1.txz: Upgraded.
+x/twm-1.0.10-x86_64-1.txz: Upgraded.
+x/util-macros-1.19.2-noarch-1.txz: Upgraded.
+x/viewres-1.0.5-x86_64-1.txz: Upgraded.
+x/wqy-zenhei-font-ttf-0.8.38_1-noarch-4.txz: Rebuilt.
+ Fix .conf files to not produce warnings with fontconfig-2.13.0.
+x/xcb-proto-1.13-x86_64-1.txz: Upgraded.
+x/xdriinfo-1.0.6-x86_64-1.txz: Upgraded.
+x/xf86-video-amdgpu-18.0.0-x86_64-1.txz: Upgraded.
+x/xf86-video-ati-18.0.0-x86_64-1.txz: Upgraded.
+x/xkbcomp-1.4.1-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Tue Mar 8 01:54:33 UTC 2016
-A few more updates. Thanks to Robby Workman for prepping most of
-the minor version bumps.
-a/acpid-2.0.26-x86_64-1.txz: Upgraded.
-a/ed-1.13-x86_64-1.txz: Upgraded.
-a/hwdata-0.284-noarch-1.txz: Upgraded.
-a/lvm2-2.02.145-x86_64-1.txz: Upgraded.
-a/pciutils-3.4.1-x86_64-1.txz: Upgraded.
-ap/cups-filters-1.8.2-x86_64-1.txz: Upgraded.
-ap/diffstat-1.60-x86_64-1.txz: Upgraded.
-ap/enscript-1.6.6-x86_64-1.txz: Upgraded.
-ap/foomatic-filters-4.0.17-x86_64-1.txz: Removed.
- The cups-filters package contains these programs.
-ap/lxc-1.1.5-x86_64-3.txz: Rebuilt.
- Added modified versions of a few init scripts instead of having the
- lxc-slackware template try to patch them (which invariably led to the
- template breaking every time any of the other files were changed).
-ap/man-pages-4.04-noarch-1.txz: Upgraded.
-ap/sysstat-11.2.1.1-x86_64-1.txz: Upgraded.
-d/binutils-2.26-x86_64-3.txz: Rebuilt.
- Rebuilt with --enable-install-libiberty, since the binutils version of
- libiberty.a will be built with -fPIC where needed.
-d/cscope-15.8b-x86_64-1.txz: Upgraded.
-d/gcc-5.3.0-x86_64-3.txz: Rebuilt.
- Rebuilt with --disable-install-libiberty.
-d/gcc-g++-5.3.0-x86_64-3.txz: Rebuilt.
-d/gcc-gfortran-5.3.0-x86_64-3.txz: Rebuilt.
-d/gcc-gnat-5.3.0-x86_64-3.txz: Rebuilt.
-d/gcc-go-5.3.0-x86_64-3.txz: Rebuilt.
-d/gcc-java-5.3.0-x86_64-3.txz: Rebuilt.
-d/gcc-objc-5.3.0-x86_64-3.txz: Rebuilt.
-d/pkg-config-0.29.1-x86_64-1.txz: Upgraded.
-d/python-setuptools-20.1.1-x86_64-1.txz: Upgraded.
-l/LibRaw-0.17.1-x86_64-1.txz: Upgraded.
-l/aspell-0.60.6.1-x86_64-1.txz: Upgraded.
-l/fribidi-0.19.7-x86_64-1.txz: Upgraded.
-l/fuse-2.9.5-x86_64-1.txz: Upgraded.
-l/gtk+2-2.24.30-x86_64-1.txz: Upgraded.
-l/gvfs-1.26.3-x86_64-1.txz: Upgraded.
-l/libgsf-1.14.36-x86_64-1.txz: Upgraded.
-l/libnl3-3.2.27-x86_64-1.txz: Upgraded.
-l/libsecret-0.18.4-x86_64-1.txz: Upgraded.
-l/libwpg-0.3.1-x86_64-1.txz: Upgraded.
-l/mpfr-3.1.4-x86_64-1.txz: Upgraded.
-l/pycurl-7.43.0-x86_64-1.txz: Upgraded.
-l/v4l-utils-1.10.0-x86_64-1.txz: Upgraded.
-n/lftp-4.6.5-x86_64-1.txz: Upgraded.
-n/nettle-3.2-x86_64-1.txz: Upgraded.
-n/netwatch-1.3.1_2-x86_64-1.txz: Upgraded.
-n/openssh-7.2p1-x86_64-1.txz: Upgraded.
- Thanks to Alan Brantley for updating the libwrap patch.
-n/p11-kit-0.23.2-x86_64-1.txz: Upgraded.
-n/php-5.6.19-x86_64-1.txz: Upgraded.
- This release fixes bugs and security issues.
- For more information, see:
- http://php.net/ChangeLog-5.php#5.6.19
- (* Security fix *)
-x/libdrm-2.4.67-x86_64-1.txz: Upgraded.
-x/libva-1.6.2-x86_64-1.txz: Upgraded.
-x/libva-intel-driver-1.6.2-x86_64-1.txz: Upgraded.
-x/xorg-server-1.18.1-x86_64-2.txz: Rebuilt.
- Applied a patch to fix crashes when making MPlayer (and some other video
- players) go fullscreen after a resume. Thanks to orbea.
-x/xorg-server-xephyr-1.18.1-x86_64-2.txz: Rebuilt.
-x/xorg-server-xnest-1.18.1-x86_64-2.txz: Rebuilt.
-x/xorg-server-xvfb-1.18.1-x86_64-2.txz: Rebuilt.
-xap/geeqie-1.2.1-x86_64-2.txz: Rebuilt.
- Patched to fix crashes and high CPU usage when used with modern versions
- of GTK+. Thanks to Jas for pointing out the patch in upstream git.
-extra/bash-completion/bash-completion-2.2-noarch-1.txz: Upgraded.
-+--------------------------+
-Fri Mar 4 18:22:42 UTC 2016
-a/kernel-generic-4.4.4-x86_64-1.txz: Upgraded.
-a/kernel-huge-4.4.4-x86_64-1.txz: Upgraded.
-a/kernel-modules-4.4.4-x86_64-1.txz: Upgraded.
-a/lvm2-2.02.144-x86_64-1.txz: Upgraded.
-a/mdadm-3.3.4-x86_64-1.txz: Upgraded.
-a/upower-0.9.23-x86_64-3.txz: Rebuilt.
- Added several patches from the git master branch, including one to prevent
- a bluetooth mouse or keyboard from being improperly detected as a power
- source. Thanks to Robby Workman.
-ap/texinfo-6.1-x86_64-1.txz: Upgraded.
-d/kernel-headers-4.4.4-x86-1.txz: Upgraded.
-k/kernel-source-4.4.4-noarch-1.txz: Upgraded.
-l/dbus-glib-0.106-x86_64-1.txz: Upgraded.
-l/dbus-python-1.2.2-x86_64-1.txz: Upgraded.
-n/conntrack-tools-1.4.3-x86_64-1.txz: Upgraded.
-n/gnutls-3.4.10-x86_64-1.txz: Upgraded.
-n/iproute2-4.4.0-x86_64-1.txz: Upgraded.
-n/iptables-1.6.0-x86_64-1.txz: Upgraded.
-n/irssi-0.8.18-x86_64-1.txz: Upgraded.
-n/libnetfilter_conntrack-1.0.5-x86_64-1.txz: Upgraded.
-n/libnftnl-1.0.5-x86_64-1.txz: Upgraded.
-n/nftables-0.5-x86_64-1.txz: Upgraded.
-n/stunnel-5.31-x86_64-1.txz: Upgraded.
+Thu Mar 1 23:24:54 UTC 2018
+a/kernel-generic-4.14.23-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.23-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.23-x86_64-1.txz: Upgraded.
+a/lilo-24.2-x86_64-7.txz: Rebuilt.
+ liloconfig: prevent extraneous Windows partitions from being added
+ to lilo.conf. Thanks to allend.
+ liloconfig: display a notice when the script is scanning for partitions
+ (which may take some time) so that it doesn't appear to be stalled.
+a/xfsprogs-4.15.1-x86_64-1.txz: Upgraded.
+ap/man-db-2.8.2-x86_64-1.txz: Upgraded.
+ap/mpg123-1.25.10-x86_64-1.txz: Upgraded.
+d/help2man-1.47.6-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.23-x86-1.txz: Upgraded.
+k/kernel-source-4.14.23-noarch-1.txz: Upgraded.
+l/SDL2-2.0.8-x86_64-1.txz: Upgraded.
+l/libunistring-0.9.9-x86_64-1.txz: Upgraded.
+l/mozilla-nss-3.35-x86_64-1.txz: Upgraded.
+ Upgraded to nss-3.35 and nspr-4.18.
+l/sip-4.19.8-x86_64-1.txz: Upgraded.
+l/tevent-0.9.36-x86_64-1.txz: Upgraded.
+n/dhcp-4.4.1-x86_64-1.txz: Upgraded.
+ This update fixes two security issues:
+ Corrected an issue where large sized 'X/x' format options were causing
+ option handling logic to overwrite memory when expanding them to human
+ readable form. Reported by Felix Wilhelm, Google Security Team.
+ Option reference count was not correctly decremented in error path
+ when parsing buffer for options. Reported by Felix Wilhelm, Google
+ Security Team.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5732
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5733
+ (* Security fix *)
+n/dovecot-2.3.0.1-x86_64-1.txz: Upgraded.
+ This release addresses three security issues in dovecot:
+ TLS SNI config lookups may lead to excessive memory usage, causing
+ imap-login/pop3-login VSZ limit to be reached and the process restarted.
+ Parsing invalid email addresses may cause a crash or leak memory contents
+ to attacker. First discovered by Aleksandar Nikolic of Cisco Talos.
+ Independently also discovered by "flxflndy" via HackerOne.
+ Aborted SASL authentication leaks memory in login process.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15130
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14461
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15132
+ (* Security fix *)
+n/ntp-4.2.8p11-x86_64-1.txz: Upgraded.
+ This release addresses five security issues in ntpd:
+ * LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU#961909: Sybil vulnerability:
+ ephemeral association attack. While fixed in ntp-4.2.8p7, there are
+ significant additional protections for this issue in 4.2.8p11.
+ Reported by Matt Van Gundy of Cisco.
+ * INFO/MEDIUM: Sec 3412 / CVE-2018-7182 / VU#961909: ctl_getitem(): buffer
+ read overrun leads to undefined behavior and information leak.
+ Reported by Yihan Lian of Qihoo 360.
+ * LOW: Sec 3415 / CVE-2018-7170 / VU#961909: Multiple authenticated
+ ephemeral associations. Reported on the questions@ list.
+ * LOW: Sec 3453 / CVE-2018-7184 / VU#961909: Interleaved symmetric mode
+ cannot recover from bad state. Reported by Miroslav Lichvar of Red Hat.
+ * LOW/MEDIUM: Sec 3454 / CVE-2018-7185 / VU#961909: Unauthenticated packet
+ can reset authenticated interleaved association.
+ Reported by Miroslav Lichvar of Red Hat.
+ For more information, see:
+ http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1549
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7182
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7170
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7184
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7185
+ (* Security fix *)
+n/openvpn-2.4.5-x86_64-1.txz: Upgraded.
+ rc.openvpn: handle multiple config files.
+ Thanks to Daniel Junior, Thomas Choi, and BrokenCog for helpful hints.
+n/p11-kit-0.23.10-x86_64-1.txz: Upgraded.
+x/libinput-1.10.1-x86_64-1.txz: Upgraded.
+x/libxshmfence-1.3-x86_64-1.txz: Upgraded.
+xfce/xfce4-notifyd-0.4.2-x86_64-1.txz: Upgraded.
+xfce/xfce4-settings-4.12.2-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Thu Mar 3 20:05:41 UTC 2016
-ap/mariadb-10.0.24-x86_64-2.txz: Rebuilt.
- Recompiled with patched binutils.
-d/binutils-2.26-x86_64-2.txz: Rebuilt.
- Applied upstream patches for several bugs, including:
- PR ld/19698
- * elflink.c (bfd_elf_record_link_assignment): Set versioned if
- symbol version is unknown.
- Which was causing MariaDB to fail to start properly for Akonadi.
-d/python-2.7.11-x86_64-2.txz: Rebuilt.
- Recompiled to drop support for OpenSSL SSLv2.
- Thanks to Matteo Bernardini.
-l/neon-0.30.1-x86_64-2.txz: Rebuilt.
- Recompiled to drop support for OpenSSL SSLv2.
- Thanks to Matteo Bernardini.
+Tue Feb 27 06:51:04 UTC 2018
+d/ccache-3.4.1-x86_64-1.txz: Upgraded.
+x/mesa-17.3.6-x86_64-1.txz: Upgraded.
++--------------------------+
+Mon Feb 26 21:32:03 UTC 2018
+a/gawk-4.2.1-x86_64-1.txz: Upgraded.
+a/kernel-generic-4.14.22-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.22-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.22-x86_64-1.txz: Upgraded.
+a/lilo-24.2-x86_64-6.txz: Rebuilt.
+ Support NVMe devices. Thanks to timsoft.
+ap/cups-filters-1.20.1-x86_64-1.txz: Upgraded.
+d/automake-1.16-noarch-1.txz: Upgraded.
+d/kernel-headers-4.14.22-x86-1.txz: Upgraded.
+k/kernel-source-4.14.22-noarch-1.txz: Upgraded.
+l/pycurl-7.43.0.1-x86_64-1.txz: Upgraded.
+n/gnupg2-2.2.5-x86_64-1.txz: Upgraded.
+x/libwacom-0.28-x86_64-1.txz: Upgraded.
+xfce/xfce4-terminal-0.8.7.1-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Thu Mar 3 05:41:26 UTC 2016
-a/aaa_elflibs-14.2-x86_64-10.txz: Rebuilt.
-a/kernel-firmware-20160302git-noarch-1.txz: Upgraded.
-a/openssl-solibs-1.0.2g-x86_64-1.txz: Upgraded.
-a/sysvinit-scripts-2.0-noarch-30.txz: Rebuilt.
- rc.M: Start D-Bus and NetworkManager right after rc.inet1.
-ap/ksh93-2012_08_01-x86_64-2.txz: Rebuilt.
- Removed broken locale files. Thanks to Didier Spaier.
-ap/nano-2.5.3-x86_64-1.txz: Upgraded.
-ap/sqlite-3.11.0-x86_64-1.txz: Upgraded.
-ap/vim-7.4.1424-x86_64-1.txz: Upgraded.
-d/ruby-2.2.4-x86_64-1.txz: Upgraded.
-l/libssh2-1.7.0-x86_64-1.txz: Moved.
- Moved from N -> L series to be consistent with libssh.
-l/poppler-0.41.0-x86_64-1.txz: Upgraded.
-l/qca-2.1.1-x86_64-1.txz: Upgraded.
-l/qca-cyrus-sasl-2.0.0_beta3-x86_64-2.txz: Removed.
-l/qca-gnupg-2.0.0_beta3-x86_64-1.txz: Removed.
-l/qca-ossl-2.0.0_beta3-x86_64-3.txz: Removed.
-l/qt-4.8.7-x86_64-4.txz: Rebuilt.
- Recompiled to drop support for OpenSSL SSLv2.
-n/curl-7.47.1-x86_64-2.txz: Rebuilt.
- Recompiled to drop support for OpenSSL SSLv2.
-n/fetchmail-6.3.26-x86_64-2.txz: Rebuilt.
- Recompiled to drop support for OpenSSL SSLv2.
-n/httpd-2.4.18-x86_64-1.txz: Upgraded.
-n/links-2.12-x86_64-2.txz: Rebuilt.
- Recompiled to drop support for OpenSSL SSLv2.
-n/mailx-12.5-x86_64-2.txz: Rebuilt.
- Drop SSLv2 support (no longer supported by OpenSSL), and fix security issues
- that could allow a local attacker to cause mailx to execute arbitrary
- shell commands through the use of a specially-crafted email address.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2771
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7844
- (* Security fix *)
-n/openssl-1.0.2g-x86_64-1.txz: Upgraded.
- This update fixes the following security issues:
- Cross-protocol attack on TLS using SSLv2 (DROWN) (CVE-2016-0800)
- Double-free in DSA code (CVE-2016-0705)
- Memory leak in SRP database lookups (CVE-2016-0798)
- BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption (CVE-2016-0797)
- Fix memory issues in BIO_*printf functions (CVE-2016-0799)
- Side channel attack on modular exponentiation (CVE-2016-0702)
- Note that this package drops all support for SSLv2, which breaks the ABI for
- any binaries that make use of SSLv2_client_method.
- For more information, see:
- https://www.openssl.org/news/secadv/20160301.txt
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0800
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0705
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0798
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0797
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0799
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702
- (* Security fix *)
-n/php-5.6.18-x86_64-1.txz: Upgraded.
- This release fixes bugs and security issues.
+Sat Feb 24 20:51:49 UTC 2018
+a/xfsprogs-4.15.0-x86_64-1.txz: Upgraded.
+l/LibRaw-0.18.8-x86_64-1.txz: Upgraded.
+t/fig2dev-3.2.6a-x86_64-1.txz: Added.
+t/transfig-3.2.5e-x86_64-3.txz: Removed.
+ This package has been renamed fig2dev.
+t/xfig-3.2.6a-x86_64-1.txz: Upgraded.
++--------------------------+
+Sat Feb 24 07:41:40 UTC 2018
+a/kernel-firmware-20180222_7344ec9-noarch-1.txz: Upgraded.
+a/kernel-generic-4.14.21-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.21-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.21-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.21-x86-1.txz: Upgraded.
+k/kernel-source-4.14.21-noarch-1.txz: Upgraded.
+l/SDL2_mixer-2.0.2-x86_64-2.txz: Rebuilt.
+ Recompiled to use FluidSynth.
+l/fluidsynth-1.1.9-x86_64-1.txz: Added.
+l/notify-python-0.1.1-x86_64-5.txz: Removed.
+l/python-notify2-0.3.1-x86_64-1.txz: Added.
+l/sdl-1.2.15-x86_64-6.txz: Rebuilt.
+ Recompiled so that libSDL_mixer will use FluidSynth.
+n/proftpd-1.3.6-x86_64-2.txz: Rebuilt.
+ Support ProFTPD modules mod_sftp and mod_facl.
+n/wget-1.19.4-x86_64-2.txz: Rebuilt.
+ Applied upstream patch to fix logging in background mode.
+ Thanks to Willy Sudiarto Raharjo.
+x/ttf-tlwg-0.6.4-noarch-1.txz: Added.
+xap/audacious-plugins-3.9-x86_64-3.txz: Rebuilt.
+ Recompiled to add a FluidSynth-based MIDI plugin.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Thu Feb 22 19:36:43 UTC 2018
+a/pkgtools-15.0-noarch-5.txz: Rebuilt.
+ setup.services: add rc.smartd to setup menu.
+a/smartmontools-6.6-x86_64-2.txz: Rebuilt.
+ Add rc.smartd init script.
+a/sysvinit-scripts-2.1-noarch-6.txz: Rebuilt.
+ rc.M: start rc.smartd if it is executable.
+d/meson-0.44.1-x86_64-1.txz: Upgraded.
+l/system-config-printer-1.5.11-x86_64-2.txz: Rebuilt.
+ Applied upstream patch to fix the auth dialog.
+n/postfix-3.3.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Thu Feb 22 04:34:23 UTC 2018
+a/less-530-x86_64-2.txz: Rebuilt.
+ Fixed lesspipe.sh permissions.
+ap/lsof-4.90-x86_64-1.txz: Upgraded.
+n/network-scripts-15.0-noarch-6.txz: Rebuilt.
+ rc.inet2: start rc.openvpn if it is executable.
+n/openvpn-2.4.4-x86_64-2.txz: Rebuilt.
+ Added rc.openvpn. Include all the sample files, and link to the sample
+ configs in /etc/openvpn. Thanks to bifferos.
+x/m17n-lib-1.8.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Tue Feb 20 06:34:11 UTC 2018
+a/bash-4.4.019-x86_64-1.txz: Upgraded.
+a/kernel-generic-4.14.20-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.20-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.20-x86_64-1.txz: Upgraded.
+a/less-530-x86_64-1.txz: Upgraded.
+a/lzip-1.20-x86_64-2.txz: Rebuilt.
+ Don't move lzip to /bin.
+a/lzlib-1.10-x86_64-2.txz: Rebuilt.
+ Let the library stay in /usr/lib{,64}. There's not much point in moving it
+ since plzip will require libstdc++.so in /usr/lib{,64}, and we're not going
+ to move that one. And realistically, there's also not much point in worrying
+ about whether the package tools will work with /usr unavailable.
+a/pkgtools-15.0-noarch-4.txz: Rebuilt.
+ makepkg: use find and sed instead of a tar transform. Thanks to Seb.
+ installpkg: if a package was not made with makepkg, filter the filelist
+ through sed on the way to /var/log/packages/ to try to clean it up.
+a/plzip-1.7-x86_64-2.txz: Rebuilt.
+ Don't move plzip to /bin.
+d/kernel-headers-4.14.20-x86-1.txz: Upgraded.
+k/kernel-source-4.14.20-noarch-1.txz: Upgraded.
+n/whois-5.3.0-x86_64-1.txz: Upgraded.
+tcl/expect-5.45.4-x86_64-1.txz: Upgraded.
+x/libdrm-2.4.90-x86_64-1.txz: Upgraded.
+x/mesa-17.3.5-x86_64-1.txz: Upgraded.
+xfce/exo-0.12.0-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Sat Feb 17 06:06:29 UTC 2018
+a/btrfs-progs-v4.15.1-x86_64-1.txz: Upgraded.
+a/pkgtools-15.0-noarch-3.txz: Rebuilt.
+ installpkg: support multiple threads for xz. Thanks to ivandi.
+ Default threads for plzip is now equal to the number of CPU threads on
+ the system rather than the number of physical cores. Default number of
+ threads on xz is set to 2, to avoid a memory allocation problem when
+ using too many threads on 32-bit. Not that it matters... they still
+ haven't implemented multi-threaded xz decompression.
+ makepkg: refactored setting compression type by requested extension.
+ap/ddrescue-1.23-x86_64-1.txz: Upgraded.
+d/git-2.16.2-x86_64-1.txz: Upgraded.
+l/gc-7.6.4-x86_64-1.txz: Upgraded.
+l/ocl-icd-2.2.12-x86_64-1.txz: Upgraded.
+l/v4l-utils-1.14.2-x86_64-1.txz: Upgraded.
+n/gnutls-3.6.2-x86_64-1.txz: Upgraded.
+x/intel-vaapi-driver-2.1.0-x86_64-1.txz: Upgraded.
+x/xf86-video-vesa-2.4.0-x86_64-1.txz: Upgraded.
+xfce/Thunar-1.6.14-x86_64-1.txz: Upgraded.
++--------------------------+
+Fri Feb 16 03:19:36 UTC 2018
+a/lzip-1.20-x86_64-1.txz: Upgraded.
+a/sysvinit-scripts-2.1-noarch-5.txz: Rebuilt.
+ rc.{6,K}: Use -M option with fuser. Thanks to Markus Wiesner.
+l/gtk+3-3.22.28-x86_64-1.txz: Upgraded.
+n/irssi-1.1.1-x86_64-1.txz: Upgraded.
+ This update fixes bugs and security issues.
For more information, see:
- http://php.net/ChangeLog-5.php#5.6.18
- (* Security fix *)
-n/samba-4.3.5-x86_64-1.txz: Upgraded.
-n/stunnel-5.30-x86_64-2.txz: Rebuilt.
- Allow OpenSSL to use the default key size for DH in generate-stunnel-key.sh.
- Thanks to Markus Reichelt.
- Recompiled to drop support for OpenSSL SSLv2.
-n/wget-1.17.1-x86_64-2.txz: Rebuilt.
- Recompiled to drop support for OpenSSL SSLv2.
-tcl/expect-5.45-x86_64-1.txz: Upgraded.
-tcl/tcl-8.6.5-x86_64-1.txz: Upgraded.
-tcl/tk-8.6.5-x86_64-1.txz: Upgraded.
-x/xf86-video-intel-git_20160229_d167280-x86_64-1.txz: Upgraded.
-x/xrandr-1.5.0-x86_64-1.txz: Upgraded.
-xap/vim-gvim-7.4.1424-x86_64-1.txz: Upgraded.
-xap/xpdf-3.04-x86_64-2.txz: Rebuilt.
+ https://irssi.org/security/html/irssi_sa_2018_02
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7054
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7053
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7050
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7052
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7051
+ (* Security fix *)
+n/network-scripts-15.0-noarch-5.txz: Rebuilt.
+ rc.inet1: set the broadcast address, and flush the ip address from interfaces
+ when shutting them down. Thanks to Markus Wiesner.
+ netconfig: don't write hostname to NetworkManager.conf.
+ Thanks to Andrzej Telszewski.
+x/libva-2.1.0-x86_64-1.txz: Upgraded.
+x/libva-utils-2.1.0-x86_64-1.txz: Upgraded.
+x/mesa-17.3.4-x86_64-1.txz: Upgraded.
++--------------------------+
+Wed Feb 14 19:48:51 UTC 2018
+a/gpm-1.20.7-x86_64-5.txz: Rebuilt.
+ setup.mouse: fix USB mouse autodection. Thanks to Didier Spaier.
+a/kernel-firmware-20180211_6d51311-noarch-1.txz: Upgraded.
+a/kernel-generic-4.14.19-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.19-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.19-x86_64-1.txz: Upgraded.
+a/lzlib-1.10-x86_64-1.txz: Upgraded.
+a/pkgtools-15.0-noarch-2.txz: Rebuilt.
+ Use tar-1.30. Thanks to gnashley and ruario for the help.
+ Change .tlz to mean .tar.lz. We never really used the previous definition
+ (which was tar.lzma), and .lz is a probably a better format than xz or lzma.
+ Reference: https://www.nongnu.org/lzip/xz_inadequate.html
+ For xz/lzip based packages, support multithreaded compression/decompression.
+ Thanks to Erik Jan Tromp for assistance and advice with testing the changes
+ for lzip and thread support, as well for as getting a bug in lzlib/plzip
+ fixed upstream.
+ Support extended attributes and POSIX ACLs in packages.
+a/plzip-1.7-x86_64-1.txz: Upgraded.
+a/tar-1.30-x86_64-1.txz: Upgraded.
+ap/man-db-2.8.1-x86_64-1.txz: Upgraded.
+ man-db.conf: Don't list /usr/share/man in $MANPATH, since it's a duplicate
+ link to /usr/man.
+ man-db.cron: Unset $MANPATH before updating the database for consistent
+ results even if man-db.cron is manually invoked.
+ Thanks to GazL.
+ap/mariadb-10.2.13-x86_64-1.txz: Upgraded.
+ This update fixes bugs and security issues.
+ For more information, see:
+ https://mariadb.com/kb/en/mariadb-10213-release-notes/
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2562
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2622
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2640
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2665
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2668
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2612
+ (* Security fix *)
+ap/vim-8.0.1519-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.19-x86-1.txz: Upgraded.
+d/strace-4.21-x86_64-1.txz: Upgraded.
+k/kernel-source-4.14.19-noarch-1.txz: Upgraded.
+l/LibRaw-0.18.7-x86_64-1.txz: Upgraded.
+l/ffmpeg-3.4.2-x86_64-1.txz: Upgraded.
+l/freetype-2.9-x86_64-1.txz: Upgraded.
+l/libwebp-0.6.1-x86_64-1.txz: Upgraded.
+l/pcre2-10.31-x86_64-1.txz: Upgraded.
+l/seamonkey-solibs-2.49.2-x86_64-1.txz: Upgraded.
+n/NetworkManager-1.10.4-x86_64-1.txz: Upgraded.
+x/libinput-1.10.0-x86_64-1.txz: Upgraded.
+xap/seamonkey-2.49.2-x86_64-1.txz: Upgraded.
+xap/vim-gvim-8.0.1519-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
- Another attempt to get /sbin/probe to reliably handle nvme partitions.
- Thanks to w9cf and Grant Coady.
+kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
- Another attempt to get /sbin/probe to reliably handle nvme partitions.
- Thanks to w9cf and Grant Coady.
-+--------------------------+
-Fri Feb 26 22:54:05 UTC 2016
-a/btrfs-progs-v4.4.1-x86_64-1.txz: Upgraded.
-a/kernel-generic-4.4.3-x86_64-1.txz: Upgraded.
-a/kernel-huge-4.4.3-x86_64-1.txz: Upgraded.
-a/kernel-modules-4.4.3-x86_64-1.txz: Upgraded.
-a/sdparm-1.10-x86_64-1.txz: Upgraded.
-ap/mariadb-10.0.24-x86_64-1.txz: Upgraded.
-d/gdb-7.11-x86_64-1.txz: Upgraded.
-d/kernel-headers-4.4.3-x86-1.txz: Upgraded.
-k/kernel-source-4.4.3-noarch-1.txz: Upgraded.
-kde/kdepimlibs-4.14.10-x86_64-2.txz: Rebuilt.
- Recompiled against libical-2.0.0.
-l/gtk+3-3.18.8-x86_64-1.txz: Upgraded.
-l/libical-2.0.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Fri Feb 9 19:59:54 UTC 2018
+a/e2fsprogs-1.43.9-x86_64-1.txz: Upgraded.
+l/ffmpeg-3.4.1-x86_64-4.txz: Rebuilt.
+ Recompiled against libcdio-2.0.0.
+l/gvfs-1.34.2-x86_64-2.txz: Rebuilt.
+ Recompiled against libcdio-2.0.0.
+l/libcddb-1.3.2-x86_64-4.txz: Rebuilt.
+ Recompiled against libcdio-2.0.0.
+l/libcdio-2.0.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
-l/libssh-0.7.3-x86_64-1.txz: Upgraded.
- Fixed weak key generation. Due to a bug in the ephemeral secret key
- generation for the diffie-hellman-group1 and diffie-hellman-group14
- methods, ephemeral secret keys of size 128 bits are generated, instead
- of the recommended sizes of 1024 and 2048 bits, giving a practical
- security of 63 bits.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0739
- (* Security fix *)
-l/sg3_utils-1.42-x86_64-1.txz: Upgraded.
-n/bluez-5.37-x86_64-2.txz: Rebuilt.
- Recompiled against libical-2.0.0.
-n/libssh2-1.7.0-x86_64-1.txz: Upgraded.
- Fixed weak key generation. During the SSHv2 handshake when libssh2 is to
- get a suitable value for 'group order' in the Diffle Hellman negotiation,
- it would pass in number of bytes to a function that expected number of bits.
- This would result in the library generating numbers using only an 8th the
- number of random bits than what were intended: 128 or 256 bits instead of
- 1023 or 2047. Using such drastically reduced amount of random bits for
- Diffie Hellman weakended the handshake security significantly.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0787
- (* Security fix *)
-x/mesa-11.1.2-x86_64-1.txz: Upgraded.
-xfce/orage-4.12.1-x86_64-3.txz: Rebuilt.
- Recompiled against libical-2.0.0.
+l/libcdio-paranoia-10.2+0.94+2-x86_64-2.txz: Rebuilt.
+ Recompiled against libcdio-2.0.0.
+tcl/tcl-8.6.8-x86_64-2.txz: Rebuilt.
+ Recompiled to drop reference to -lieee in tcl.pc. That was just a dummy
+ library, provided for things that expected it, but removed from glibc-2.27.
+ Let me know if you spot anything else that needs it, but a quick scan here
+ didn't turn up anything.
+xap/MPlayer-20180208-x86_64-2.txz: Rebuilt.
+ Recompiled against libcdio-2.0.0.
+xap/audacious-plugins-3.9-x86_64-2.txz: Rebuilt.
+ Recompiled against libcdio-2.0.0.
++--------------------------+
+Fri Feb 9 02:50:56 UTC 2018
+a/dbus-1.12.4-x86_64-1.txz: Upgraded.
+a/kernel-generic-4.14.18-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.18-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.18-x86_64-1.txz: Upgraded.
+ap/man-db-2.8.0-x86_64-2.txz: Rebuilt.
+ Fixed ownership of the man2html script.
+ap/qpdf-7.1.1-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.18-x86-1.txz: Upgraded.
+d/nasm-2.13.03-x86_64-1.txz: Upgraded.
+k/kernel-source-4.14.18-noarch-1.txz: Upgraded.
+l/mpfr-4.0.1-x86_64-1.txz: Upgraded.
+n/samba-4.7.5-x86_64-1.txz: Upgraded.
+xap/MPlayer-20180208-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-58.0.2-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Tue Feb 23 19:31:59 UTC 2016
-a/glibc-solibs-2.23-x86_64-1.txz: Upgraded.
-a/kernel-generic-4.4.2-x86_64-1.txz: Upgraded.
-a/kernel-huge-4.4.2-x86_64-1.txz: Upgraded.
-a/kernel-modules-4.4.2-x86_64-1.txz: Upgraded.
-a/procps-ng-3.3.10-x86_64-5.txz: Rebuilt.
- Restored FROM field in w. Thanks to Stuart Winter.
-ap/cups-2.1.3-x86_64-2.txz: Rebuilt.
- Corrected CXXFLAGS to fix build for older CPUs. Thanks to ecd102.
-ap/mc-4.8.15-x86_64-2.txz: Rebuilt.
- Patched to fix displaying man pages. Thanks to DarkVision.
-d/kernel-headers-4.4.2-x86-1.txz: Upgraded.
-k/kernel-source-4.4.2-noarch-1.txz: Upgraded.
- Key .config changes for this kernel update:
- CHECKPOINT_RESTORE n -> y
- DEBUG_KERNEL n -> y
- EXPERT n -> y
- NR_CPUS 128 -> 256
- KALLSYMS_ALL y
- LIVEPATCH y
-l/GConf-3.2.6-x86_64-3.txz: Rebuilt.
- Patched "GConf-WARNING **: Client failed to connect to the D-BUS daemon:"
- and added a couple other patches from git. Thanks to Robby Workman.
-l/alsa-lib-1.1.0-x86_64-3.txz: Rebuilt.
- Changed the default /etc/asound.conf.new to use a different configuration
- for PulseAudio that is less likely to cause issues than the previous one,
- especially on machines where the analog output is not recognized as card 0
- by the BIOS. Thanks to Ryan P.C. McQuen who went above and beyond on this
- bug report by convincing upstream to recommend this on their website in
- order to convince me to make the change. :-)
-l/glibc-2.23-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- Of the security fixes, the most important and well-publicized is the
- stack-based buffer overflow in libresolv that could allow specially
- crafted DNS responses to seize control of execution flow in the DNS
- client (CVE-2015-7547). However, due to a patch applied to Slackware's
- glibc back in 2009 (don't use the gethostbyname4() lookup method as it
- was causing some cheap routers to misbehave), we were not vulnerable to
- that issue. The rest of the fixed security issues are less critical.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8776
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8777
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8778
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8779
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9761
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7547
- (* Security fix *)
-l/glibc-i18n-2.23-x86_64-1.txz: Upgraded.
-l/glibc-profile-2.23-x86_64-1.txz: Upgraded.
-l/libproxy-0.4.12-x86_64-1.txz: Upgraded.
-n/bind-9.10.3_P3-x86_64-1.txz: Upgraded.
- This release fixes two possible denial-of-service issues:
- render_ecs errors were mishandled when printing out a OPT record resulting
- in a assertion failure. (CVE-2015-8705) [RT #41397]
- Specific APL data could trigger a INSIST. (CVE-2015-8704) [RT #41396]
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8705
- (* Security fix *)
-n/libgcrypt-1.6.5-x86_64-1.txz: Upgraded.
- Mitigate side-channel attack on ECDH with Weierstrass curves.
- For more information, see:
- http://www.cs.tau.ac.IL/~tromer/ecdh/
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7511
- (* Security fix *)
-n/nmap-7.01-x86_64-1.txz: Upgraded.
-n/ntp-4.2.8p6-x86_64-1.txz: Upgraded.
- In addition to bug fixes and enhancements, this release fixes
- several low and medium severity vulnerabilities.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5300
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7973
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7974
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7975
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7976
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7977
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7978
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7979
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8138
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8158
- (* Security fix *)
-x/xf86-video-amdgpu-1.0.1-x86_64-1.txz: Upgraded.
-xap/blueman-2.0.3-x86_64-2.txz: Rebuilt.
- Rewrite launcher scripts to use #!/usr/bin/python2.7 rather than
- #!/usr/bin/env python.
- For details, see: https://github.com/blueman-project/blueman/issues/435
- Thanks to zakame and Robby Workman.
-extra/tigervnc/tigervnc-1.6.0-x86_64-1.txz: Upgraded.
+Wed Feb 7 04:28:48 UTC 2018
+a/glibc-solibs-2.27-x86_64-1.txz: Upgraded.
+a/hdparm-9.54-x86_64-1.txz: Upgraded.
+a/kernel-firmware-20180201_2aa2ac2-noarch-1.txz: Upgraded.
+a/patch-2.7.6-x86_64-1.txz: Upgraded.
+ap/htop-2.1.0-x86_64-1.txz: Upgraded.
+ap/man-db-2.8.0-x86_64-1.txz: Upgraded.
+d/python-setuptools-38.5.1-x86_64-1.txz: Upgraded.
+l/glibc-2.27-x86_64-1.txz: Upgraded.
+l/glibc-i18n-2.27-x86_64-1.txz: Upgraded.
+l/glibc-profile-2.27-x86_64-1.txz: Upgraded.
+l/gvfs-1.34.2-x86_64-1.txz: Upgraded.
+l/libgphoto2-2.5.16-x86_64-2.txz: Rebuilt.
+ Generate rules and hwdb for udev >= 201. Thanks to gmgf.
++--------------------------+
+Mon Feb 5 07:41:10 UTC 2018
+d/clisp-2.49.20180203.ca011c249da5-x86_64-1.txz: Upgraded.
+l/imagemagick-6.9.9_34-x86_64-1.txz: Upgraded.
+n/crda-3.18-x86_64-5.txz: Rebuilt.
+ Upgraded to wireless-regdb-2017.12.23.
++--------------------------+
+Sun Feb 4 05:13:27 UTC 2018
+a/btrfs-progs-v4.15-x86_64-1.txz: Upgraded.
+a/kernel-generic-4.14.17-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.17-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.17-x86_64-1.txz: Upgraded.
+ap/man-pages-4.15-noarch-1.txz: Upgraded.
+ap/workbone-2.40-x86_64-4.txz: Removed.
+ This compiles, but hasn't actually worked in a long time. I think it requires
+ kernel interfaces that were removed in linux-2.6.x.
+d/kernel-headers-4.14.17-x86-1.txz: Upgraded.
+d/mercurial-4.5-x86_64-1.txz: Upgraded.
+d/python-setuptools-38.4.1-x86_64-1.txz: Upgraded.
+k/kernel-source-4.14.17-noarch-1.txz: Upgraded.
+l/M2Crypto-0.27.0-x86_64-2.txz: Rebuilt.
+ Include required typing module.
+l/dbus-python-1.2.6-x86_64-1.txz: Upgraded.
+l/glib-1.2.10-x86_64-4.txz: Rebuilt.
+ Patched to fix builds with glib-1.x.
+l/gtk+-1.2.10-x86_64-6.txz: Rebuilt.
+ Patched to fix builds with gtk+-1.x.
+l/librsvg-2.42.2-x86_64-1.txz: Upgraded.
+l/v4l-utils-1.14.1-x86_64-1.txz: Upgraded.
+n/ethtool-4.15-x86_64-1.txz: Upgraded.
+n/iptables-1.6.2-x86_64-1.txz: Upgraded.
+n/nfs-utils-2.3.1-x86_64-1.txz: Upgraded.
+n/nftables-0.8.2-x86_64-1.txz: Upgraded.
+n/php-7.2.2-x86_64-1.txz: Upgraded.
+n/rpcbind-0.2.4-x86_64-3.txz: Rebuilt.
+ Move some more configuration to /etc/default/rpc.
+x/xterm-331-x86_64-2.txz: Rebuilt.
+ Add options --enable-regis-graphics and --enable-sixel-graphics.
+ Thanks to saahriktu.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Sun Feb 14 19:40:04 UTC 2016
-xap/mozilla-thunderbird-38.6.0-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
+Thu Feb 1 18:24:15 UTC 2018
+a/bash-4.4.018-x86_64-1.txz: Upgraded.
+a/kernel-generic-4.14.16-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.16-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.16-x86_64-1.txz: Upgraded.
+ap/cups-filters-1.20.0-x86_64-1.txz: Upgraded.
+ap/mariadb-10.2.12-x86_64-1.txz: Upgraded.
+d/gdb-8.1-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.16-x86-1.txz: Upgraded.
+d/perl-5.26.1-x86_64-4.txz: Rebuilt.
+ Removed dangling c2ph symlinks. Thanks to Tim Thomas.
+ Updated to DBD-mysql-4.044, DBI-1.640, URI-1.73, and libnet-3.11.
+k/kernel-source-4.14.16-noarch-1.txz: Upgraded.
+l/dbus-glib-0.110-x86_64-1.txz: Upgraded.
+l/harfbuzz-1.7.5-x86_64-1.txz: Upgraded.
+l/libdvdnav-6.0.0-x86_64-1.txz: Upgraded.
+l/libdvdread-6.0.0-x86_64-1.txz: Upgraded.
+l/libunwind-1.2.1-x86_64-2.txz: Rebuilt.
+ Removed dangling .a symlink. Thanks to Tim Thomas.
+l/sip-4.19.7-x86_64-1.txz: Upgraded.
+n/dhcp-4.4.0-x86_64-1.txz: Upgraded.
+n/dovecot-2.3.0-x86_64-1.txz: Upgraded.
+n/postfix-3.2.5-x86_64-1.txz: Upgraded.
+n/rsync-3.1.3-x86_64-1.txz: Upgraded.
+ This update fixes two security issues:
+ Fixed a buffer overrun in the protocol's handling of xattr names and
+ ensure that the received name is null terminated.
+ Fix an issue with --protect-args where the user could specify the arg in
+ the protected-arg list and short-circuit some of the arg-sanitizing code.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16548
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5764
(* Security fix *)
+x/libevdev-1.5.8-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Thu Feb 11 21:56:21 UTC 2016
-a/sysvinit-scripts-2.0-noarch-29.txz: Rebuilt.
- rc.S: Avoid mounting /dev/shm twice.
- Thanks to Andrzej Telszewski and GazL.
- rc.6, rc.K: Match 'type nfs ' rather than 'type nfs' to avoid false hits
- (and error messages) from matching nfsd pseudo-filesystems.
- Thanks to Jonathan Woithe.
-ap/hplip-3.16.2-x86_64-1.txz: Upgraded.
-ap/htop-2.0.0-x86_64-1.txz: Upgraded.
-l/freetype-2.6.3-x86_64-1.txz: Upgraded.
-l/libcap-ng-0.7.7-x86_64-1.txz: Added.
- This is needed by mount.cifs in order to support making it setuid so that
- normal users can mount remote CIFS partitions. And it is expected that
- other programs will begin to use it in preference to the older libcap.
-n/cifs-utils-6.4-x86_64-2.txz: Rebuilt.
- Recompiled against libcap-ng. Now mount.cifs will work for normal users
- if setuid root. By default, mount.cifs remains NOT setuid root, though.
-x/pixman-0.34.0-x86_64-1.txz: Upgraded.
-x/xf86-video-r128-6.10.1-x86_64-1.txz: Upgraded.
-x/xorg-server-1.18.1-x86_64-1.txz: Upgraded.
-x/xorg-server-xephyr-1.18.1-x86_64-1.txz: Upgraded.
-x/xorg-server-xnest-1.18.1-x86_64-1.txz: Upgraded.
-x/xorg-server-xvfb-1.18.1-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-44.0.2-x86_64-1.txz: Upgraded.
+Mon Jan 29 20:56:56 UTC 2018
+ap/nano-2.9.3-x86_64-1.txz: Upgraded.
+n/dhcpcd-7.0.1-x86_64-1.txz: Upgraded.
+n/iproute2-4.15.0-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-58.0.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-05/
+ https://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
+--------------------------+
-Mon Feb 8 22:08:35 UTC 2016
-a/mkinitrd-1.4.8-x86_64-5.txz: Rebuilt.
- Blacklisted rules.d/60-openobex.rules to prevent error messages at boot.
- Thanks to Eric Hameleers.
-ap/cups-2.1.3-x86_64-1.txz: Upgraded.
-ap/ghostscript-9.07-x86_64-3.txz: Rebuilt.
- Reverted back to ghostscript-9.07, since any newer version causes the GIMP
- ps plugin to crash when attempting to import a .ps or .eps file. Whatever
- is causing the problem happened between gs-9.07 and gs-9.09, and is probably
- also dependent on the libraries in use and perhaps the compiler, since some
- other distributions appear to be using the latest ghostscript without issues.
- If anyone can figure it out, hints are welcome. Meanwhile this gets
- everything working again.
-d/gcc-5.3.0-x86_64-2.txz: Rebuilt.
- Patched to fix internal compiler error building Wine.
- Thanks to Kirill Smirnov.
-d/gcc-g++-5.3.0-x86_64-2.txz: Rebuilt.
-d/gcc-gfortran-5.3.0-x86_64-2.txz: Rebuilt.
-d/gcc-gnat-5.3.0-x86_64-2.txz: Rebuilt.
-d/gcc-go-5.3.0-x86_64-2.txz: Rebuilt.
-d/gcc-java-5.3.0-x86_64-2.txz: Rebuilt.
-d/gcc-objc-5.3.0-x86_64-2.txz: Rebuilt.
-l/libsndfile-1.0.26-x86_64-1.txz: Upgraded.
- This release fixes security issues which may allow attackers to cause
- a denial of service, or possibly execute arbitrary code.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9496
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9756
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7805
- (* Security fix *)
-l/loudmouth-1.5.2-x86_64-1.txz: Upgraded.
-n/curl-7.47.1-x86_64-1.txz: Upgraded.
- This update fixes a security issue where NTLM credentials are not checked
- for proxy connection reuse. The effects of this flaw is that the application
- could be reusing a proxy connection using the previously used credentials
- and thus it could be given to or prevented access from resources that it
- wasn't intended to. Thanks to Isaac Boukris.
- For more information, see:
- https://curl.haxx.se/docs/adv_20160127A.html
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0755
- (* Security fix *)
-n/mcabber-1.0.1-x86_64-1.txz: Upgraded.
-n/stunnel-5.30-x86_64-1.txz: Upgraded.
-x/xf86-video-intel-git_20160208_8b8c9a3-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-44.0.1-x86_64-1.txz: Upgraded.
-extra/wicd/wicd-1.7.4-x86_64-1.txz: Upgraded.
-+--------------------------+
-Wed Feb 3 22:39:25 UTC 2016
-Welcome to Slackware 14.2 beta 2. Getting closer. :-)
-a/coreutils-8.25-x86_64-1.txz: Upgraded.
-a/glibc-zoneinfo-2016a-noarch-1.txz: Upgraded.
-a/kernel-firmware-20160201git-noarch-1.txz: Upgraded.
-a/kernel-generic-4.4.1-x86_64-1.txz: Upgraded.
-a/kernel-huge-4.4.1-x86_64-1.txz: Upgraded.
-a/kernel-modules-4.4.1-x86_64-1.txz: Upgraded.
-a/lvm2-2.02.141-x86_64-1.txz: Upgraded.
-a/openssl-solibs-1.0.2f-x86_64-1.txz: Upgraded.
-a/sysvinit-scripts-2.0-noarch-28.txz: Rebuilt.
- rc.6: Change command variable to shutdown_command to avoid conflicting with
- a same-named variable in rc.networkmanager. Thanks to Antonio Maretzek.
- Added new script rc.cpufreq to set CPU frequency scaling.
- If executable, it will be run from rc.M.
-ap/cups-filters-1.8.1-x86_64-1.txz: Upgraded.
-ap/dmidecode-3.0-x86_64-1.txz: Upgraded.
-ap/gutenprint-5.2.11-x86_64-2.txz: Rebuilt.
- Run cups-genppdupdate after installing. Thanks to Lukasz Wieczorek.
-ap/soma-2.10.4-noarch-1.txz: Upgraded.
-d/binutils-2.26-x86_64-1.txz: Upgraded.
-d/cmake-3.4.3-x86_64-1.txz: Upgraded.
-d/kernel-headers-4.4.1-x86-1.txz: Upgraded.
-d/mercurial-3.6.3-x86_64-1.txz: Upgraded.
-d/oprofile-1.1.0-x86_64-1.txz: Upgraded.
-d/python-setuptools-19.6-x86_64-1.txz: Upgraded.
-k/kernel-source-4.4.1-noarch-1.txz: Upgraded.
- CPU_FREQ_DEFAULT_GOV_ONDEMAND n -> y
- CPU_FREQ_DEFAULT_GOV_USERSPACE y -> n
- CPU_FREQ_GOV_CONSERVATIVE m -> y
- CPU_FREQ_GOV_ONDEMAND m -> y
- CPU_FREQ_GOV_PERFORMANCE m -> y
- CPU_FREQ_GOV_POWERSAVE m -> y
-l/gst-plugins-base-1.6.3-x86_64-1.txz: Upgraded.
-l/gst-plugins-good-1.6.3-x86_64-1.txz: Upgraded.
-l/gstreamer-1.6.3-x86_64-1.txz: Upgraded.
-l/gtk+2-2.24.29-x86_64-2.txz: Rebuilt.
- In /usr/share/gtk-2.0/gtkrc, specify Adwaita as the icon theme, and Tango as
- a fallback. This fixes icon issues when using fluxbox and other more basic
- window managers. Thanks to schmatzler and dTd.
-l/gtk+3-3.18.7-x86_64-1.txz: Upgraded.
-l/harfbuzz-1.1.3-x86_64-1.txz: Upgraded.
-l/librsvg-2.40.13-x86_64-1.txz: Upgraded.
-l/pulseaudio-8.0-x86_64-1.txz: Upgraded.
- Set "flat-volumes = no" in daemon.conf.new by default.
-l/seamonkey-solibs-2.39-x86_64-3.txz: Rebuilt.
-n/openssl-1.0.2f-x86_64-1.txz: Upgraded.
- This update fixes the following security issues:
- DH small subgroups (CVE-2016-0701).
- SSLv2 doesn't block disabled ciphers (CVE-2015-3197).
- For more information, see:
- https://openssl.org/news/secadv/20160128.txt
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3197
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0701
- (* Security fix *)
-n/php-5.6.17-x86_64-1.txz: Upgraded.
- This release fixes security issues.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1903
- (* Security fix *)
-n/proftpd-1.3.5a-x86_64-1.txz: Upgraded.
-n/traceroute-2.0.21-x86_64-1.txz: Upgraded.
-x/xterm-322-x86_64-1.txz: Upgraded.
-xap/MPlayer-1.2_20160125-x86_64-1.txz: Upgraded.
- This is the latest MPlayer-1.2 branch, identical to the 1.2.1 stable release.
- The bundled ffmpeg has been upgraded to 2.8.5, which fixes two security
- issues by which a remote attacker may conduct a cross-origin attack and read
- arbitrary files on the system.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1897
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1898
- (* Security fix *)
-xap/gparted-0.25.0-x86_64-1.txz: Added.
- Thanks to Erik W. Hanson.
-xap/hexchat-2.10.2-x86_64-1.txz: Added.
- This package replaces xchat.
-xap/mozilla-firefox-44.0-x86_64-1.txz: Upgraded.
- This compiles properly with -O2 optimization again.
+Sun Jan 28 04:44:45 UTC 2018
+a/btrfs-progs-v4.14.1-x86_64-1.txz: Upgraded.
+d/binutils-2.30-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+d/oprofile-1.2.0-x86_64-2.txz: Rebuilt.
+ Recompiled against binutils-2.30.
+l/ffmpeg-3.4.1-x86_64-3.txz: Rebuilt.
+ Recompiled against libvpx-1.7.0.
+l/gst-plugins-good-1.12.4-x86_64-3.txz: Rebuilt.
+ Recompiled against libvpx-1.7.0.
+l/libvpx-1.7.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+n/mutt-1.9.3-x86_64-1.txz: Upgraded.
+xap/xine-lib-1.2.9-x86_64-1.txz: Upgraded.
+ Compiled against libvpx-1.7.0.
+xap/xine-ui-0.99.10-x86_64-1.txz: Upgraded.
++--------------------------+
+Fri Jan 26 03:46:16 UTC 2018
+a/kernel-firmware-20180118_2a713be-noarch-1.txz: Upgraded.
+a/kernel-generic-4.14.15-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.15-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.15-x86_64-1.txz: Upgraded.
+ap/itstool-2.0.4-x86_64-2.txz: Rebuilt.
+ Fixed a memory exhaustion crash bug. Thanks to Stuart Winter.
+d/gcc-7.3.0-x86_64-1.txz: Upgraded.
+ This compiler supports -mindirect-branch=thunk-extern, allowing full
+ mitigation of Spectre v2 in the kernel (when CONFIG_RETPOLINE is used).
+d/gcc-brig-7.3.0-x86_64-1.txz: Upgraded.
+d/gcc-g++-7.3.0-x86_64-1.txz: Upgraded.
+d/gcc-gfortran-7.3.0-x86_64-1.txz: Upgraded.
+d/gcc-gnat-7.3.0-x86_64-1.txz: Upgraded.
+d/gcc-go-7.3.0-x86_64-1.txz: Upgraded.
+d/gcc-objc-7.3.0-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.15-x86-1.txz: Upgraded.
+k/kernel-source-4.14.15-noarch-1.txz: Upgraded.
+ .config changes (thanks to ivandi):
+ -CIFS_DEBUG2 n
+ -CIFS_DEBUG_DUMP_KEYS n
+ CIFS_DEBUG y -> n
+ CIFS_UPCALL n -> y
+ CIFS_XATTR n -> y
+ NFS_V4_1 n -> y
+ +CIFS_ACL y
+ +CIFS_POSIX y
+ +NFS_V4_1_IMPLEMENTATION_ID_DOMAIN "kernel.org"
+ +NFS_V4_1_MIGRATION n
+ +NFS_V4_2 n
+ +PNFS_BLOCK y
+ +PNFS_FILE_LAYOUT y
+ +PNFS_FLEXFILE_LAYOUT m
+ +SUNRPC_BACKCHANNEL y
+n/curl-7.58.0-x86_64-2.txz: Rebuilt.
+ Recompiled using --with-libssh2, which is evidently no longer a default
+ option. Thanks to Markus Wiesner.
+xap/mozilla-thunderbird-52.6.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
- (* Security fix *)
-xap/pidgin-2.10.12-x86_64-1.txz: Upgraded.
-xap/seamonkey-2.39-x86_64-3.txz: Rebuilt.
- Recompiled with -Os optimization to fix random crashes.
-xap/xchat-2.8.8-x86_64-11.txz: Removed.
-xap/xine-lib-1.2.6-x86_64-7.txz: Rebuilt.
- Rebuilt against ffmpeg-2.8.5, which fixes two security issues by which a
- remote attacker may conduct a cross-origin attack and read arbitrary files
- on the system.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1897
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1898
+ https://www.mozilla.org/en-US/thunderbird/52.6.0/releasenotes/
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Sun Jan 17 07:24:08 UTC 2016
-a/sysvinit-scripts-2.0-noarch-27.txz: Upgraded.
- rc.M: If rc.pulseaudio is executable, run it (not recommended though).
-ap/alsa-utils-1.1.0-x86_64-3.txz: Rebuilt.
- On a fresh system, install rc.alsa as executable. It's apparently still
- useful for loading some mixer defaults even when PulseAudio is used.
-ap/cups-filters-1.6.0-x86_64-1.txz: Upgraded.
-ap/gutenprint-5.2.11-x86_64-1.txz: Upgraded.
-ap/lxc-1.1.5-x86_64-2.txz: Rebuilt.
- Fixed failed rc.M patch with lxc-create, and rebased against recent scripts.
- Thanks to Jakub Jankowski.
-ap/mpg123-1.22.4-x86_64-3.txz: Rebuilt.
- Don't depend on libpulsecommon-7.1.
-ap/sox-14.4.2-x86_64-3.txz: Rebuilt.
- Don't depend on libpulsecommon-7.1.
-d/llvm-3.7.1-x86_64-1.txz: Upgraded.
-kde/calligra-2.9.10-x86_64-1.txz: Upgraded.
-kdei/calligra-l10n-bs-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ca-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ca@valencia-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-cs-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-da-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-de-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-el-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-en_GB-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-es-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-et-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-fi-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-fr-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-gl-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-hu-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-it-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ja-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-kk-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-nb-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-nl-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pl-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pt-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pt_BR-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ru-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-sk-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-sv-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-tr-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-uk-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-zh_CN-2.9.10-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-zh_TW-2.9.10-noarch-1.txz: Upgraded.
-l/a52dec-0.7.4-x86_64-2.txz: Rebuilt.
- Include a52_internal.h header. Thanks to Johannes Schöpfer.
-l/alsa-plugins-1.1.0-x86_64-2.txz: Rebuilt.
- Don't depend on libpulsecommon-7.1.
-l/libao-1.2.0-x86_64-3.txz: Rebuilt.
- Don't depend on libpulsecommon-7.1.
-l/libcanberra-0.30-x86_64-5.txz: Rebuilt.
- Don't depend on libpulsecommon-7.1.
-l/poppler-0.40.0-x86_64-1.txz: Upgraded.
-l/pulseaudio-7.1-x86_64-2.txz: Rebuilt.
- Removed .la files to avoid linking things to libpulsecommon-7.1.
- Thanks to chrisVV.
- If autospawn is off, start the daemon manually in start-pulseaudio-x11.
- And yes, if you're allergic to PulseAudio that means you might also need to
- disable /etc/xdg/autostart/pulseaudio.desktop...
-n/NetworkManager-1.0.10-x86_64-3.txz: Rebuilt.
- Fixed build script to properly apply the patches.
- Thanks to K4rolis and rworkman.
-n/bluez-hcidump-2.5-x86_64-1.txz: Removed.
- hcidump is included in the main bluez package.
- Thanks to Audrius Kazukauskas.
-x/mesa-11.1.1-x86_64-1.txz: Upgraded.
-x/xf86-input-vmmouse-13.1.0-x86_64-4.txz: Rebuilt.
- Put udev rules in correct directory. Thanks to chrisVV.
-x/xf86-video-vmware-13.1.0-x86_64-6.txz: Rebuilt.
-xfce/tumbler-0.1.31-x86_64-4.txz: Rebuilt.
-+--------------------------+
-Fri Jan 15 02:29:54 UTC 2016
-l/gtkmm2-2.24.4-x86_64-1.txz: Added.
-n/openssh-7.1p2-x86_64-1.txz: Upgraded.
- This update fixes an information leak and a buffer overflow. In particular,
- the information leak allows a malicious SSH server to steal the client's
- private keys. Thanks to Qualys for reporting this issue.
- For more information, see:
- https://www.qualys.com/2016/01/14/cve-2016-0777-cve-2016-0778/openssh-cve-2016-0777-cve-2016-0778.txt
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778
- (* Security fix *)
-+--------------------------+
-Wed Jan 13 00:01:23 UTC 2016
-Hey folks, happy new year!
-After upgrading to BlueZ 5 recently, everything seemed to be working great,
-but then it was pointed out that Bluetooth audio was no longer working.
-The reason was that the newer BlueZ branch had dropped ALSA support and now
-required PulseAudio. So with some trepidation, we began investigating adding
-PulseAudio to Slackware. Going back to BlueZ 4 wasn't an option with various
-dependent projects either having dropped support for it, or considering doing
-so. After several iterations here refining the foundation packages and
-recompiling and tweaking other packages to use PulseAudio, it's working well
-and you'll likely not notice much of a change. But if you're using Bluetooth
-audio, or needing to direct audio through HDMI, you'll probably find it a lot
-easier to accomplish that.
-Best of all, we're finally a modern, relevant Linux distro! ;-)
-Thanks to Mario Preksavec, Heinz Wiesinger, and Robby Workman for a lot of
-help and testing. Bug reports, complaints, and threats can go to me.
-Also, enjoy a shiny new LTS 4.4.0 kernel and consider this 14.2 beta 1.
-a/apmd-3.2.2-x86_64-3.txz: Removed.
- APM is no longer used in the shipped kernels, xapm was broken, and
- it no longer compiles. It's time to remove it.
-a/etc-14.2-x86_64-5.txz: Rebuilt.
- Added user (pulse) and group (pulse) for PulseAudio.
- Added pulse user to the audio group.
-a/eudev-3.1.5-x86_64-8.txz: Rebuilt.
- Blacklisted new watchdog modules (bcm7038_wdt, max63xx_wdt).
-a/kernel-generic-4.4-x86_64-1.txz: Upgraded.
-a/kernel-huge-4.4-x86_64-1.txz: Upgraded.
-a/kernel-modules-4.4-x86_64-1.txz: Upgraded.
-a/sysvinit-scripts-2.0-noarch-26.txz: Rebuilt.
- rc.M: Don't try to start apmd.
-ap/alsa-utils-1.1.0-x86_64-2.txz: Rebuilt.
- Change perms on /etc/rc.d/rc.alsa to 644.
-ap/ghostscript-9.18-x86_64-2.txz: Rebuilt.
- Applied upstream patch to fix missing gerrors.h.
-ap/mpg123-1.22.4-x86_64-2.txz: Rebuilt.
- Add support for PulseAudio and use it for output by default.
-ap/pamixer-1.3.1-x86_64-1.txz: Added.
- A command-line mixer for PulseAudio.
-ap/sox-14.4.2-x86_64-2.txz: Rebuilt.
-d/kernel-headers-4.4-x86-1.txz: Upgraded.
-d/perl-5.22.0-x86_64-2.txz: Rebuilt.
- Added TermReadKey for MariaDB's mytop. Thanks to Larry Hajali.
- Removed dangling s2p symlinks. Thanks to DarkVision.
-k/kernel-source-4.4-noarch-1.txz: Upgraded.
-kde/kde-runtime-4.14.3-x86_64-3.txz: Rebuilt.
-kde/kmix-4.14.3-x86_64-3.txz: Rebuilt.
-l/alsa-lib-1.1.0-x86_64-2.txz: Rebuilt.
- Added a default /etc/asound.conf redirecting ALSA output to PulseAudio.
-l/alsa-plugins-1.1.0-x86_64-1.txz: Added.
- This provides a plugin to redirect ALSA output to PulseAudio.
-l/atkmm-2.24.2-x86_64-1.txz: Added.
-l/cairomm-1.12.0-x86_64-1.txz: Added.
-l/glibmm-2.46.3-x86_64-1.txz: Added.
-l/gst-plugins-good-1.6.2-x86_64-2.txz: Rebuilt.
-l/gst-plugins-good0-0.10.31-x86_64-2.txz: Rebuilt.
-l/gtkmm3-3.18.0-x86_64-1.txz: Added.
-l/json-c-0.12-x86_64-1.txz: Added.
- This is needed by PulseAudio.
-l/keybinder-0.3.1-x86_64-1.txz: Upgraded.
- Add support for GTK+3, which is needed by xfce4-pulseaudio-plugin to grab
- multimedia keys.
-l/libao-1.2.0-x86_64-2.txz: Rebuilt.
-l/libasyncns-0.8-x86_64-1.txz: Added.
- This is needed by PulseAudio.
-l/libcanberra-0.30-x86_64-4.txz: Rebuilt.
-l/libsigc++-2.6.2-x86_64-1.txz: Added.
-l/pangomm-2.38.1-x86_64-1.txz: Added.
-l/phonon-4.8.3-x86_64-2.txz: Rebuilt.
-l/pulseaudio-7.1-x86_64-1.txz: Added.
-l/qt-4.8.7-x86_64-3.txz: Rebuilt.
- Make sure that .pc and .la files use $LIBDIRSUFFIX in the X11 library path.
- Thanks to Dhaby Xiloj.
-l/sdl-1.2.15-x86_64-3.txz: Rebuilt.
-l/seamonkey-solibs-2.39-x86_64-2.txz: Rebuilt.
-l/speexdsp-1.2rc3-x86_64-1.txz: Added.
- This is needed by PulseAudio.
-l/xapian-core-1.2.22-x86_64-1.txz: Upgraded.
-n/NetworkManager-1.0.10-x86_64-2.txz: Rebuilt.
- Added patches from the upstream stable git branch.
- Added back the pm-utils hook.
- Thanks to Robby Workman.
-n/bluez-5.37-x86_64-1.txz: Upgraded.
-n/dhcp-4.3.3_P1-x86_64-1.txz: Upgraded.
- This update fixes a denial-of-service vulnerability.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8605
- (* Security fix *)
-n/dirmngr-1.1.1-x86_64-3.txz: Rebuilt.
- Patched to fix problems when using libgcrypt-1.6.x. Thanks to xflow7.
-n/inetd-1.79s-x86_64-9.txz: Rebuilt.
- Patched segfault of daytime. Thanks to tfonz.
-x/libdrm-2.4.66-x86_64-1.txz: Upgraded.
-x/xf86-input-evdev-2.10.1-x86_64-1.txz: Upgraded.
-x/xf86-video-amdgpu-1.0.0-x86_64-1.txz: Added.
-x/xf86-video-modesetting-0.9.0-x86_64-5.txz: Removed.
- This driver has been incorporated into the xorg-server package.
- Thanks to ReaperX.
-x/xorg-cf-files-1.0.6-x86_64-2.txz: Rebuilt.
- Don't use noarch. Thanks to DarkVision.
-xap/MPlayer-20150721-x86_64-4.txz: Rebuilt.
-xap/audacious-3.7.1-x86_64-1.txz: Upgraded.
-xap/audacious-plugins-3.7.1-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-43.0.4-x86_64-1.txz: Upgraded.
-xap/mozilla-thunderbird-38.5.1-x86_64-1.txz: Upgraded.
-xap/pavucontrol-3.0-x86_64-1.txz: Added.
- A mixer for PulseAudio. Requires the GTKmm stack.
-xap/seamonkey-2.39-x86_64-2.txz: Rebuilt.
-xap/xine-lib-1.2.6-x86_64-6.txz: Rebuilt.
-xfce/Thunar-1.6.10-x86_64-3.txz: Rebuilt.
- Fix some crashes that occur with file moves.
- Thanks to Jean-Philippe Guillemin.
-xfce/xfce4-mixer-4.10.0-x86_64-2.txz: Removed.
- Replaced by xfce4-pulseaudio-plugin.
-xfce/xfce4-power-manager-1.4.4-x86_64-3.txz: Rebuilt.
- Don't include NetworkManager; let pm-utils handle it.
- Thanks to Robby Workman.
-xfce/xfce4-pulseaudio-plugin-0.2.4-x86_64-1.txz: Added.
- This replaces xfce4-mixer and xfce4-volumed.
-xfce/xfce4-volumed-0.1.13-x86_64-3.txz: Removed.
- Replaced by xfce4-pulseaudio-plugin.
-extra/bash-completion/bash-completion-2.1-noarch-4.txz: Rebuilt.
- Corrected information in slack-desc. Thanks to Arkadiusz Drabczyk.
+Thu Jan 25 02:24:04 UTC 2018
+l/system-config-printer-1.5.11-x86_64-1.txz: Upgraded.
+n/curl-7.58.0-x86_64-1.txz: Upgraded.
+ This update fixes security issues:
+ HTTP authentication leak in redirects
+ HTTP/2 trailer out-of-bounds read
+ For more information, see:
+ https://curl.haxx.se/docs/adv_2018-b3bf.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007
+ https://curl.haxx.se/docs/adv_2018-824a.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000005
+ (* Security fix *)
+x/libwacom-0.27-x86_64-1.txz: Upgraded.
+x/xf86-input-wacom-0.36.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Wed Jan 24 04:21:44 UTC 2018
+a/glibc-zoneinfo-2018c-noarch-1.txz: Upgraded.
+ap/sqlite-3.22.0-x86_64-1.txz: Upgraded.
+d/python-setuptools-38.4.0-x86_64-1.txz: Upgraded.
+l/librsvg-2.42.1-x86_64-1.txz: Upgraded.
+l/python-certifi-2018.1.18-x86_64-1.txz: Upgraded.
++--------------------------+
+Mon Jan 22 22:47:47 UTC 2018
+a/aaa_elflibs-14.2-x86_64-34.txz: Rebuilt.
+d/git-2.16.1-x86_64-1.txz: Upgraded.
+n/ModemManager-1.6.12-x86_64-1.txz: Upgraded.
+n/libmbim-1.16.0-x86_64-1.txz: Upgraded.
+n/libqmi-1.20.0-x86_64-1.txz: Upgraded.
+n/wget-1.19.4-x86_64-1.txz: Upgraded.
+ More bug fixes:
+ A major bug that caused GZip'ed pages to never be decompressed has been fixed
+ Support for Content-Encoding and Transfer-Encoding have been marked as
+ experimental and disabled by default
++--------------------------+
+Sat Jan 20 16:00:51 UTC 2018
+d/cmake-3.10.2-x86_64-1.txz: Upgraded.
+d/git-2.16.0-x86_64-1.txz: Upgraded.
+d/rust-1.23.0-x86_64-1.txz: Upgraded.
+n/wget-1.19.3-x86_64-1.txz: Upgraded.
+ This update fixes various non-security bugs, including this one:
+ Prevent erroneous decompression of .gz and .tgz files with broken servers.
+x/mesa-17.3.3-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-58.0-x86_64-1.txz: Upgraded.
+ Thanks to Matteo Bernardini for the build script update to use mach.
++--------------------------+
+Fri Jan 19 00:08:31 UTC 2018
+ap/sudo-1.8.22-x86_64-1.txz: Upgraded.
+l/glib2-2.54.3-x86_64-2.txz: Rebuilt.
+ Applied upstream patch from git (94b38beff, gmain: Partial revert of recent
+ wakeup changes to gmain.c) to address CPU usage issues with LibreOffice.
++--------------------------+
+Wed Jan 17 21:36:23 UTC 2018
+a/aaa_elflibs-14.2-x86_64-33.txz: Rebuilt.
+a/kernel-generic-4.14.14-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.14-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.14-x86_64-1.txz: Upgraded.
+ap/rpm-4.14.1-x86_64-1.txz: Upgraded.
+ap/sysstat-11.6.2-x86_64-1.txz: Upgraded.
+ap/vim-8.0.1428-x86_64-1.txz: Upgraded.
+d/gcc-7.2.0-x86_64-2.txz: Rebuilt.
+ Recompiled against mpfr-4.0.0.
+d/gcc-brig-7.2.0-x86_64-2.txz: Rebuilt.
+ Recompiled against mpfr-4.0.0.
+d/gcc-g++-7.2.0-x86_64-2.txz: Rebuilt.
+ Recompiled against mpfr-4.0.0.
+d/gcc-gfortran-7.2.0-x86_64-2.txz: Rebuilt.
+ Recompiled against mpfr-4.0.0.
+d/gcc-gnat-7.2.0-x86_64-2.txz: Rebuilt.
+ Recompiled against mpfr-4.0.0.
+d/gcc-go-7.2.0-x86_64-2.txz: Rebuilt.
+ Recompiled against mpfr-4.0.0.
+d/gcc-objc-7.2.0-x86_64-2.txz: Rebuilt.
+ Recompiled against mpfr-4.0.0.
+d/kernel-headers-4.14.14-x86-1.txz: Upgraded.
+k/kernel-source-4.14.14-noarch-1.txz: Upgraded.
+l/libsigsegv-2.12-x86_64-1.txz: Upgraded.
+l/libtasn1-4.13-x86_64-1.txz: Upgraded.
+l/libunwind-1.2.1-x86_64-1.txz: Added.
+ The latest intel-gpu-tools requires this library.
+l/mpfr-4.0.0-x86_64-2.txz: Rebuilt.
+ Removed static libmpfr.a library. I'm not sure why that was there, but it
+ probably wouldn't have worked anyway without a static libgmp.a to go with it.
+l/redland-1.0.17-x86_64-3.txz: Rebuilt.
+ Removed librdf.la that was still referencing the removed mpfr.la file.
+ Thanks to Matteo Bernardini.
+l/talloc-2.1.11-x86_64-1.txz: Upgraded.
+n/bind-9.11.2_P1-x86_64-1.txz: Upgraded.
+ This update fixes a high severity security issue:
+ Improper sequencing during cleanup can lead to a use-after-free error,
+ triggering an assertion failure and crash in named.
+ For more information, see:
+ https://kb.isc.org/article/AA-01542
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3145
+ (* Security fix *)
+n/irssi-1.1.0-x86_64-1.txz: Upgraded.
+n/nftables-0.8.1-x86_64-1.txz: Upgraded.
+t/texlive-2017.171108-x86_64-3.txz: Rebuilt.
+ Recompiled against mpfr-4.0.0.
+x/intel-gpu-tools-1.21-x86_64-1.txz: Upgraded.
+xap/vim-gvim-8.0.1428-x86_64-1.txz: Upgraded.
+ Cleaned up the gvim.desktop file. Thanks to Didier Spaier.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
-pasture/apmd-3.2.2-x86_64-3.txz: Moved to /pasture.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Tue Dec 29 04:45:53 UTC 2015
-a/aaa_base-14.2-x86_64-1.txz: Upgraded.
- Removed obsolete /var/rwho symlink. Thanks to yars.
- Bumped version to 14.2.
-a/glibc-solibs-2.22-x86_64-4.txz: Rebuilt.
-a/quota-4.03-x86_64-1.txz: Upgraded.
-l/glibc-2.22-x86_64-4.txz: Rebuilt.
- Removed /usr/include/rpcsvc/rquota.{h,x}, as these are provided by the
- quota package. Thanks to BrZ.
-l/glibc-i18n-2.22-x86_64-4.txz: Rebuilt.
-l/glibc-profile-2.22-x86_64-4.txz: Rebuilt.
-l/pycurl-7.19.5.3-x86_64-2.txz: Rebuilt.
- Added --with-ssl to use libssl. Thanks to walecha.
-xap/mozilla-firefox-43.0.3-x86_64-1.txz: Upgraded.
-+--------------------------+
-Thu Dec 24 20:49:54 UTC 2015
-isolinux/initrd.img: Rebuilt.
- Patched /sbin/probe to handle nvme partitions. Thanks to Didier Spaier.
-usb-and-pxe-installers/usbboot.img: Rebuilt.
- Patched /sbin/probe to handle nvme partitions. Thanks to Didier Spaier.
-+--------------------------+
-Wed Dec 23 22:44:58 UTC 2015
-a/lvm2-2.02.138-x86_64-1.txz: Upgraded.
-ap/ghostscript-9.18-x86_64-1.txz: Upgraded.
-ap/lsof-4.89-x86_64-1.txz: Upgraded.
-l/pycups-1.9.73-x86_64-1.txz: Upgraded.
-l/pycurl-7.19.5.3-x86_64-1.txz: Upgraded.
-n/NetworkManager-1.0.10-x86_64-1.txz: Upgraded.
-n/curl-7.46.0-x86_64-1.txz: Upgraded.
-n/links-2.12-x86_64-1.txz: Upgraded.
-n/obexfs-0.12-x86_64-1.txz: Removed.
- This functionality is now included in the obexftp package.
-n/obexftp-0.24-x86_64-1.txz: Upgraded.
- Thanks to Robby Workman.
-n/openobex-1.7.1-x86_64-1.txz: Upgraded.
+Mon Jan 15 23:13:01 UTC 2018
+a/gawk-4.2.0-x86_64-3.txz: Rebuilt.
+ Recompiled against mpfr-4.0.0.
+a/hdparm-9.53-x86_64-1.txz: Upgraded.
+a/kernel-generic-4.14.13-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.13-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.13-x86_64-1.txz: Upgraded.
+a/kmod-25-x86_64-1.txz: Upgraded.
+ap/cups-filters-1.19.0-x86_64-1.txz: Upgraded.
+ap/man-db-2.7.6.1-x86_64-2.txz: Rebuilt.
+ Include Thomas Dickey's man2html script.
+ Thanks to Robby Workman, and to Willy Sudiarto Raharjo for the bug report.
+d/doxygen-1.8.14-x86_64-1.txz: Upgraded.
+ Compiled against xapian-core-1.4.5.
+ Build script updated for CMake. Thanks to Robby Workman.
+d/kernel-headers-4.14.13-x86-1.txz: Upgraded.
+k/kernel-source-4.14.13-noarch-1.txz: Upgraded.
+kde/baloo-4.14.3-x86_64-3.txz: Rebuilt.
+ Recompiled against xapian-core-1.4.5.
+l/glib2-2.54.3-x86_64-1.txz: Upgraded.
+l/gtk+2-2.24.32-x86_64-1.txz: Upgraded.
+l/gvfs-1.34.1-x86_64-3.txz: Rebuilt.
+ Applied upstream bugfix patches from git:
+ Fix a bug in gvfs<-->udev interaction
+ Fix reads past EOF on Android devices
+ Fix crashes on recent file changes
+ Fix relative trash paths
Thanks to Robby Workman.
-n/rsync-3.1.2-x86_64-1.txz: Upgraded.
-x/libXi-1.7.6-x86_64-1.txz: Upgraded.
-x/pixman-0.33.6-x86_64-1.txz: Upgraded.
-x/xorg-cf-files-1.0.6-noarch-1.txz: Upgraded.
-xap/mozilla-firefox-43.0.2-x86_64-2.txz: Rebuilt.
- Compile with -Os instead of -O2 to work around crash issues.
- Recent betas are working fine with -O2, so we'll probably be
- able to switch back to that again soon. Thanks to j_v.
-xap/mozilla-thunderbird-38.5.0-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
- (* Security fix *)
-xap/network-manager-applet-1.0.10-x86_64-1.txz: Upgraded.
-+--------------------------+
-Wed Dec 23 05:20:09 UTC 2015
-a/glibc-solibs-2.22-x86_64-3.txz: Rebuilt.
-a/sharutils-4.15.2-x86_64-1.txz: Upgraded.
-ap/cups-filters-1.5.0-x86_64-1.txz: Upgraded.
-ap/libx86-1.1-x86_64-2.txz: Rebuilt.
- Add a pkgconfig file.
-ap/rpm-4.12.0.1-x86_64-1.txz: Upgraded.
-ap/vbetool-1.2.2-x86_64-1.txz: Upgraded.
-d/Cython-0.23.4-x86_64-1.txz: Added.
- Cython is required to build blueman.
-kde/bluedevil-2.1.1-x86_64-3.txz: Rebuilt.
-l/M2Crypto-0.22.5-x86_64-1.txz: Upgraded.
-l/djvulibre-3.5.27-x86_64-1.txz: Upgraded.
-l/fuse-2.9.4-x86_64-1.txz: Upgraded.
-l/glibc-2.22-x86_64-3.txz: Rebuilt.
- Fixed empty /etc/nscd.conf.new. Thanks to Jakub Jankowski.
-l/glibc-i18n-2.22-x86_64-3.txz: Rebuilt.
-l/glibc-profile-2.22-x86_64-3.txz: Rebuilt.
-l/libcroco-0.6.11-x86_64-1.txz: Upgraded.
-l/libssh-0.7.2-x86_64-1.txz: Upgraded.
-l/libxml2-2.9.3-x86_64-1.txz: Upgraded.
-l/loudmouth-1.5.1-x86_64-1.txz: Upgraded.
-l/sbc-1.3-x86_64-1.txz: Added.
- Sub Band Codec is an audio library for bluetooth.
-n/ModemManager-1.4.12-x86_64-1.txz: Upgraded.
-n/NetworkManager-1.0.8-x86_64-2.txz: Rebuilt.
- Removed obsolete 55NetworkManager script.
-n/bluez-5.36-x86_64-1.txz: Upgraded.
- Thanks to Dugan Chen and Robby Workman.
-n/cifs-utils-6.4-x86_64-1.txz: Upgraded.
-n/libtirpc-1.0.1-x86_64-2.txz: Rebuilt.
- Fixed typo in slack-desc. Thanks to Ricardo Nabinger Sanchez.
-n/mcabber-1.0.0-x86_64-1.txz: Upgraded.
-n/nfs-utils-1.3.3-x86_64-1.txz: Upgraded.
-n/obex-data-server-0.4.6-x86_64-3.txz: Removed.
-n/openvpn-2.3.9-x86_64-1.txz: Upgraded.
-x/mesa-11.0.8-x86_64-1.txz: Upgraded.
-xap/blueman-2.0.3-x86_64-1.txz: Upgraded.
- Thanks to Robby Workman.
- This update fixes a local privilege escalation vulnerability.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8612
- (* Security fix *)
-xap/mozilla-firefox-43.0.2-x86_64-1.txz: Upgraded.
+l/libmpc-1.1.0-x86_64-1.txz: Upgraded.
+ Compiled against mpfr-4.0.0.
+l/librsvg-2.42.0-x86_64-1.txz: Upgraded.
+l/libsoup-2.60.3-x86_64-1.txz: Upgraded.
+l/libzip-1.4.0-x86_64-1.txz: Upgraded.
+l/mpfr-4.0.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/rasqal-0.9.33-x86_64-2.txz: Rebuilt.
+ Recompiled against mpfr-4.0.0.
+l/xapian-core-1.4.5-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+n/ca-certificates-20170717-noarch-1.txz: Upgraded.
+n/ipset-6.35-x86_64-1.txz: Upgraded.
+n/iw-4.14-x86_64-1.txz: Upgraded.
+n/libnftnl-1.0.9-x86_64-1.txz: Upgraded.
+n/tin-2.4.2-x86_64-1.txz: Upgraded.
+x/mesa-17.3.2-x86_64-1.txz: Upgraded.
+xap/geeqie-1.4-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
- Fixed NFS install. Thanks to Stuart Winter.
- Added nvme and sdhci-acpi kernel modules.
+kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
- Fixed NFS install. Thanks to Stuart Winter.
- Added nvme and sdhci-acpi kernel modules.
-+--------------------------+
-Fri Dec 18 05:28:25 UTC 2015
-a/aaa_elflibs-14.2-x86_64-9.txz: Rebuilt.
- Added libstdc++.so.5.0.7. Thanks to schmatzler.
-a/glibc-solibs-2.22-x86_64-2.txz: Rebuilt.
-a/glibc-zoneinfo-2015g-noarch-2.txz: Rebuilt.
- This is now built independently from glibc.
- Don't list posix/ and right/ zones in the timeconfig menu.
- Hardlink more files in /usr/share/zoneinfo/posix/ to save space.
- Fix a bug in timeconfig when the zone selection in text mode is left empty.
- Thanks to Xsane for the suggestions... I used some of them. :) But,
- in my opinion, listing only the canonical timezone names in zone1970.tab
- goes a bit too far. Many of the non-canonical names are commonly used
- (such as US/Central vs. America/Chicago).
-a/grub-2.00-x86_64-3.txz: Rebuilt.
- Patched bug where password protection during system startup may be
- bypassed by hitting the backspace key 28 times giving a rescue shell.
- Thanks to Hector Marco and Ismael Ripoll.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8370
- (* Security fix *)
-a/mcelog-128-x86_64-1.txz: Upgraded.
-a/os-prober-1.70-x86_64-1.txz: Upgraded.
-a/pcmciautils-018-x86_64-1.txz: Upgraded.
-a/sdparm-1.09-x86_64-1.txz: Upgraded.
-a/usbutils-008-x86_64-1.txz: Upgraded.
-ap/joe-4.1-x86_64-1.txz: Upgraded.
-ap/mpg123-1.22.4-x86_64-1.txz: Upgraded.
-l/M2Crypto-0.22.3-x86_64-1.txz: Upgraded.
-l/glibc-2.22-x86_64-2.txz: Rebuilt.
- Don't include a copy of the timezone database or timeconfig script.
- Only ship locale files for C, POSIX, and en_US in the main package.
-l/glibc-i18n-2.22-x86_64-2.txz: Rebuilt.
- Add a C.UTF-8 locale.
-l/glibc-profile-2.22-x86_64-2.txz: Rebuilt.
-l/keyutils-1.5.9-x86_64-1.txz: Upgraded.
-l/sg3_utils-1.41-x86_64-1.txz: Upgraded.
-n/gnupg2-2.0.29-x86_64-1.txz: Upgraded.
-n/gpa-0.9.9-x86_64-1.txz: Upgraded.
-n/gpgme-1.6.0-x86_64-1.txz: Upgraded.
-n/libassuan-2.4.2-x86_64-1.txz: Upgraded.
-n/libgcrypt-1.6.4-x86_64-1.txz: Upgraded.
-n/libgpg-error-1.21-x86_64-1.txz: Upgraded.
-n/libksba-1.3.3-x86_64-1.txz: Upgraded.
-n/pinentry-0.9.7-x86_64-1.txz: Upgraded.
-n/ulogd-2.0.5-x86_64-1.txz: Upgraded.
-extra/bash-completion/bash-completion-2.1-noarch-3.txz: Rebuilt.
- Create /etc/bash_completion.d/ in the bash-completion package.
- Thanks to Robby Workman.
+--------------------------+
-Wed Dec 16 07:03:12 UTC 2015
-ap/slackpkg-2.82.0-noarch-16.txz: Rebuilt.
- Bugfix for a syntax error in core-functions.sh.
-+--------------------------+
-Wed Dec 16 04:21:07 UTC 2015
-a/aaa_elflibs-14.2-x86_64-8.txz: Rebuilt.
-a/kernel-firmware-20151215git-noarch-1.txz: Upgraded.
-a/kernel-generic-4.1.15-x86_64-1.txz: Upgraded.
-a/kernel-huge-4.1.15-x86_64-1.txz: Upgraded.
-a/kernel-modules-4.1.15-x86_64-1.txz: Upgraded.
-a/lrzip-0.621-x86_64-1.txz: Upgraded.
-a/lvm2-2.02.137-x86_64-1.txz: Upgraded.
-a/ncompress-4.2.4.4-x86_64-1.txz: Upgraded.
-a/openssl-solibs-1.0.2e-x86_64-1.txz: Upgraded.
-a/patch-2.7.5-x86_64-1.txz: Upgraded.
-a/sysklogd-1.5.1-x86_64-1.txz: Upgraded.
- rc.syslog: Don't run klogd in a container.
-a/sysvinit-scripts-2.0-noarch-25.txz: Rebuilt.
- rc.modules: New simplfied module dep script.
- NOTE: This will be installed as /etc/rc.d/rc.modules.new by default.
- To use it, remove the existing rc.modules symlink and move the new
- file into place.
- rc.modules.local: New local module loading script.
- Thanks to GazL and rworkman for helping clean out the rc.modules cruft.
- rc.S: If executable, start rc.cgmanager.
- rc.6: If executable, stop rc.cgmanager.
-a/tree-1.7.0-x86_64-1.txz: Upgraded.
-a/usb_modeswitch-2.2.6-x86_64-1.txz: Upgraded.
-a/utempter-1.1.6-x86_64-1.txz: Upgraded.
-a/util-linux-2.27.1-x86_64-1.txz: Upgraded.
-a/which-2.21-x86_64-1.txz: Upgraded.
-a/xfsprogs-4.3.0-x86_64-1.txz: Upgraded.
-ap/cgmanager-0.39-x86_64-1.txz: Upgraded.
- Thanks to Matteo Bernardini and Robby Workman.
-ap/cups-2.1.2-x86_64-1.txz: Upgraded.
-ap/cups-filters-1.4.0-x86_64-1.txz: Upgraded.
- foomatic-rip: SECURITY FIX: Also consider the back tick ('`') as an illegal
- shell escape character.
- Thanks to Michal Kowalczyk from the Google Security Team for the hint.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8327
- (* Security fix *)
-ap/man-pages-4.03-noarch-1.txz: Upgraded.
-ap/nano-2.5.0-x86_64-1.txz: Upgraded.
-ap/qpdf-6.0.0-x86_64-1.txz: Upgraded.
- Shared library .so-version bump.
-ap/slackpkg-2.82.0-noarch-15.txz: Rebuilt.
- Don't blacklist aaa_elflibs. Upgrade it right after glibc-solibs.
- Suggest http://mirrors.slackware.com rather than ftp (which won't redirect).
- Prompt to restart the upgrade process if slackpkg is upgraded.
- Thanks to Robby Workman.
-ap/terminus-font-4.40-noarch-1.txz: Upgraded.
-ap/xfsdump-3.1.6-x86_64-1.txz: Upgraded.
-d/cmake-3.4.1-x86_64-1.txz: Upgraded.
-d/flex-2.6.0-x86_64-1.txz: Upgraded.
-d/gcc-5.3.0-x86_64-1.txz: Upgraded.
-d/gcc-g++-5.3.0-x86_64-1.txz: Upgraded.
-d/gcc-gfortran-5.3.0-x86_64-1.txz: Upgraded.
-d/gcc-gnat-5.3.0-x86_64-1.txz: Upgraded.
-d/gcc-go-5.3.0-x86_64-1.txz: Upgraded.
-d/gcc-java-5.3.0-x86_64-1.txz: Upgraded.
-d/gcc-objc-5.3.0-x86_64-1.txz: Upgraded.
-d/gdb-7.10.1-x86_64-1.txz: Upgraded.
-d/git-2.6.4-x86_64-1.txz: Upgraded.
-d/kernel-headers-4.1.15-x86-1.txz: Upgraded.
-d/libtool-2.4.6-x86_64-4.txz: Rebuilt.
- Rebuilt to fix embedded GCC version number.
-d/nasm-2.11.08-x86_64-1.txz: Upgraded.
-d/python-2.7.11-x86_64-1.txz: Upgraded.
-d/scons-2.4.1-x86_64-1.txz: Upgraded.
-k/kernel-source-4.1.15-noarch-1.txz: Upgraded.
-l/cairo-1.14.6-x86_64-1.txz: Upgraded.
-l/dconf-editor-3.18.2-x86_64-1.txz: Upgraded.
-l/gdk-pixbuf2-2.32.3-x86_64-1.txz: Upgraded.
-l/gst-plugins-base-1.6.2-x86_64-1.txz: Upgraded.
-l/gst-plugins-good-1.6.2-x86_64-1.txz: Upgraded.
-l/gstreamer-1.6.2-x86_64-1.txz: Upgraded.
-l/gtk+2-2.24.29-x86_64-1.txz: Upgraded.
-l/gtk+3-3.18.6-x86_64-1.txz: Upgraded.
-l/iso-codes-3.63-noarch-1.txz: Upgraded.
-l/libcroco-0.6.10-x86_64-1.txz: Upgraded.
-l/libgphoto2-2.5.9-x86_64-2.txz: Rebuilt.
- Patched to fix Nikon CoolPix Sxxxx detection.
- Thanks to Ondrej Kubecka and Marcus Meissner.
-l/libnih-1.0.3-x86_64-2.txz: Rebuilt.
- Write .pid files in /run, not /var/run.
-l/libpng-1.6.20-x86_64-1.txz: Upgraded.
- Fixed incorrect implementation of png_set_PLTE() that uses png_ptr
- not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126
- vulnerability.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8472
- (* Security fix *)
-l/libraw1394-2.1.1-x86_64-1.txz: Upgraded.
-l/neon-0.30.1-x86_64-1.txz: Upgraded.
-n/bind-9.10.3_P2-x86_64-1.txz: Upgraded.
- This update fixes three security issues:
- Update allowed OpenSSL versions as named is potentially vulnerable
- to CVE-2015-3193.
- Insufficient testing when parsing a message allowed records with an
- incorrect class to be be accepted, triggering a REQUIRE failure when
- those records were subsequently cached. (CVE-2015-8000)
- Address fetch context reference count handling error on socket error.
- (CVE-2015-8461)
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3193
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8461
- (* Security fix *)
-n/dhcp-4.3.3-x86_64-1.txz: Upgraded.
-n/dnsmasq-2.75-x86_64-1.txz: Upgraded.
-n/ethtool-4.2-x86_64-1.txz: Upgraded.
-n/iw-4.3-x86_64-1.txz: Upgraded.
-n/libtirpc-1.0.1-x86_64-1.txz: Added.
- This is needed by rpcbind. Thanks to Jan Rafaj.
-n/mobile-broadband-provider-info-20151214-x86_64-1.txz: Upgraded.
-n/openssl-1.0.2e-x86_64-1.txz: Upgraded.
- This update fixes the following security issues:
- BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193).
- Certificate verify crash with missing PSS parameter (CVE-2015-3194).
- X509_ATTRIBUTE memory leak (CVE-2015-3195).
- Race condition handling PSK identify hint (CVE-2015-3196).
- Anon DH ServerKeyExchange with 0 p parameter (CVE-2015-1794).
- For more information, see:
- https://openssl.org/news/secadv_20151203.txt
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1794
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3193
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3196
- (* Security fix *)
-n/portmap-6.0-x86_64-1.txz: Removed.
- This is replaced by the new libtirpc and rpcbind packages.
-n/rpcbind-0.2.3-x86_64-1.txz: Added.
- This replaces the portmap package. Thanks to Jan Rafaj.
-n/samba-4.3.2-x86_64-1.txz: Upgraded.
-n/wget-1.17.1-x86_64-1.txz: Upgraded.
-n/wpa_supplicant-2.5-x86_64-1.txz: Upgraded.
-x/liberation-fonts-ttf-1.07.4-noarch-1.txz: Upgraded.
-x/mesa-11.0.7-x86_64-1.txz: Upgraded.
-x/xf86-video-nouveau-1.0.12-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-43.0-x86_64-1.txz: Upgraded.
- This release contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
- (* Security fix *)
-extra/fltk/fltk-1.3.3-x86_64-2.txz: Rebuilt.
- Patched to fix undefined reference to `Fl_XFont_On_Demand::value()'.
- Build shared libraries, not static.
- Thanks to Stefan Steier.
-extra/tigervnc/tigervnc-1.5.0-x86_64-2.txz: Rebuilt.
- Recompiled against shared fltk libraries.
+Tue Jan 9 19:35:41 UTC 2018
+xap/easytag-2.4.2-x86_64-1.txz: Upgraded.
+ Downgraded to 2.4.2 since 2.4.3 has a bug that can corrupt Ogg containers
+ (commonly used to store Vorbis and Opus streams) when a tag is written.
+ Thanks to arcctgx for the heads-up.
++--------------------------+
+Tue Jan 9 00:54:19 UTC 2018
+a/gzip-1.9-x86_64-1.txz: Upgraded.
+a/kernel-firmware-20180104_65b1c68-noarch-1.txz: Upgraded.
+a/kernel-generic-4.14.12-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.12-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.12-x86_64-1.txz: Upgraded.
+a/sysvinit-scripts-2.1-noarch-4.txz: Rebuilt.
+ rc.S: Fix grep match when displaying mounts. Thanks to Markus Wiesner.
+ap/cups-filters-1.18.0-x86_64-2.txz: Rebuilt.
+ Fixed install script. Thanks to DarkVision.
+d/kernel-headers-4.14.12-x86-1.txz: Upgraded.
+k/kernel-source-4.14.12-noarch-1.txz: Upgraded.
+l/id3lib-3.8.3-x86_64-1.txz: Added.
+ Thanks to alienBOB for hints on the build script.
+n/irssi-1.0.6-x86_64-1.txz: Upgraded.
+ This update fixes multiple security vulnerabilities.
+ For more information, see:
+ https://irssi.org/security/irssi_sa_2018_01.txt
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5205
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5206
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5207
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5208
+ (* Security fix *)
+xap/easytag-2.4.3-x86_64-1.txz: Added.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Thu Dec 3 07:28:30 UTC 2015
-a/cpio-2.12-x86_64-1.txz: Upgraded.
-a/dbus-1.10.6-x86_64-1.txz: Upgraded.
-a/eudev-3.1.5-x86_64-7.txz: Rebuilt.
- In rc.udev, create static nodes with better initial permissions.
-a/lvm2-2.02.136-x86_64-1.txz: Upgraded.
-a/openssl-solibs-1.0.2d-x86_64-1.txz: Upgraded.
-a/pkgtools-14.2-noarch-5.txz: Rebuilt.
- Set LANG=C in pkgtool.
-a/tar-1.28-x86_64-1.txz: Upgraded.
-ap/cups-2.1.0-x86_64-1.txz: Upgraded.
-kde/kio-mtp-2063e75_20131020git-x86_64-3.txz: Rebuilt.
- Fix invalid UTF-8 sequence in slack-desc. Thanks to turtleli.
-l/eigen3-3.2.7-x86_64-2.txz: Rebuilt.
- Fixed eigen3.pc include directory. Thanks to chris.willing.
-l/freetype-2.6.2-x86_64-1.txz: Upgraded.
-l/glib2-2.46.2-x86_64-2.txz: Rebuilt.
- Applied upstream patch to fix a memory leak.
-l/gmp-6.1.0-x86_64-1.txz: Upgraded.
-l/harfbuzz-1.1.2-x86_64-1.txz: Upgraded.
-l/libmtp-1.1.10-x86_64-2.txz: Rebuilt.
- Put the udev stuff in the right directory. Thanks to yars.
-l/libpng-1.6.19-x86_64-1.txz: Upgraded.
- Fixed buffer overflows in the png_set_PLTE(), png_get_PLTE(),
- png_set_tIME(), and png_convert_to_rfc1123() functions that allow
- attackers to cause a denial of service (application crash) or
- possibly have unspecified other impact via a small bit-depth value
- in an IHDR (aka image header) chunk in a PNG image.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7981
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8126.
- (* Security fix *)
-l/librsvg-2.40.12-x86_64-1.txz: Upgraded.
-n/openssl-1.0.2d-x86_64-1.txz: Upgraded.
-xap/mozilla-thunderbird-38.4.0-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
+Fri Jan 5 06:37:17 UTC 2018
+n/php-7.2.1-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-57.0.4-x86_64-1.txz: Upgraded.
+ This release contains security fixes and improvements, in particular a
+ mitigation for a speculative execution side-channel attack ("Spectre").
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/
+ https://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
+--------------------------+
-Wed Nov 25 06:36:06 UTC 2015
-a/aaa_elflibs-14.2-x86_64-7.txz: Rebuilt.
- Added libudev.so.1.
-a/eudev-3.1.5-x86_64-6.txz: Rebuilt.
- rc.udev: create all static modes in /dev before starting udevd.
- Thanks to Robby Workman.
- Support loading additional devices from /etc/udev/devices.
- Set correct permissions on /dev/ppp.
-a/pkgtools-14.2-noarch-4.txz: Rebuilt.
- installpkg: calculate installed package size using numfmt.
-a/sysvinit-scripts-2.0-noarch-24.txz: Rebuilt.
- In rc.K and rc.6, don't kill mdmon. If it's running at shutdown, it needs
- to stay up through the shutdown of userspace in order to prevent a hang
- followed by the rebuilding of the RAID array after the power is cycled.
- Thanks to Csaba Biegl.
-l/pcre-8.38-x86_64-1.txz: Upgraded.
- Fixed overflows that could lead to a denial of service or the execution
- of arbitrary code.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3210
- (* Security fix *)
+Wed Jan 3 19:24:12 UTC 2018
+a/kernel-huge-4.14.11-x86_64-2.txz: Rebuilt.
+ Used correct config-huge-4.14.11.x64 .config this time.
+kernels/huge.s/*: Rebuilt.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Wed Jan 3 05:45:43 UTC 2018
+a/e2fsprogs-1.43.8-x86_64-1.txz: Upgraded.
+a/kernel-firmware-20180102git-noarch-1.txz: Upgraded.
+a/kernel-generic-4.14.11-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.11-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.11-x86_64-1.txz: Upgraded.
+ap/nano-2.9.2-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.11-x86-1.txz: Upgraded.
+k/kernel-source-4.14.11-noarch-1.txz: Upgraded.
+n/dhcpcd-7.0.0-x86_64-1.txz: Upgraded.
+x/xterm-331-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
- Calculate partition sizes with numfmt. Thanks to bassmadrigal.
+kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
- Calculate partition sizes with numfmt. Thanks to bassmadrigal.
-+--------------------------+
-Tue Nov 24 03:31:43 UTC 2015
-a/dbus-1.10.4-x86_64-1.txz: Upgraded.
-a/kmod-22-x86_64-1.txz: Upgraded.
-a/lilo-24.2-x86_64-1.txz: Upgraded.
-a/sysvinit-scripts-2.0-noarch-23.txz: Rebuilt.
- rc.6: Don't clear /var/lock/subsys.
- rc.S: Clear /var/lock/subsys here instead, so that the directory will be
- cleared out on startup after a power failure.
- rc.sysvinit: Run kill scripts for the current, not previous, runlevel.
- Thanks to Sl4ck3ver.
-a/upower-0.9.23-x86_64-2.txz: Rebuilt.
-ap/cups-filters-1.0.76-x86_64-2.txz: Rebuilt.
-ap/lm_sensors-3.4.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Fri Dec 29 23:09:14 UTC 2017
+a/coreutils-8.29-x86_64-1.txz: Upgraded.
+n/bluez-5.48-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-57.0.3-x86_64-1.txz: Upgraded.
++--------------------------+
+Mon Dec 25 21:43:14 UTC 2017
+l/speex-1.2.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Mon Dec 25 20:16:03 UTC 2017
+Whoops, it looks like a little test residue on my build machine caused me to
+wrap a couple of presents wrong. All fixed up, Merry Christmas everyone!
+ap/moc-2.5.2-x86_64-3.txz: Rebuilt.
+ap/vorbis-tools-1.4.0-x86_64-3.txz: Rebuilt.
+l/opusfile-0.9-x86_64-2.txz: Rebuilt.
+n/samba-4.7.4-x86_64-2.txz: Rebuilt.
++--------------------------+
+Mon Dec 25 00:00:16 UTC 2017
+a/coreutils-8.28-x86_64-3.txz: Rebuilt.
+ Added .opus extension to /etc/DIR_COLORS.
+ap/cups-filters-1.18.0-x86_64-1.txz: Upgraded.
+ap/moc-2.5.2-x86_64-2.txz: Rebuilt.
+ Recompiled to add decoder plugins for Speex and FFmpeg.
+ap/opus-tools-0.1.10-x86_64-1.txz: Added.
+ap/vorbis-tools-1.4.0-x86_64-2.txz: Rebuilt.
+ Added Opus support to ogg123.
+d/cmake-3.10.1-x86_64-1.txz: Upgraded.
+l/ffmpeg-3.4.1-x86_64-2.txz: Rebuilt.
+ Recompiled to add support for Speex and Opus.
+l/gst-plugins-base-1.12.4-x86_64-2.txz: Rebuilt.
+ Recompiled to add support for Opus.
+l/gst-plugins-good-1.12.4-x86_64-2.txz: Rebuilt.
+ Recompiled to add support for Speex.
+l/harfbuzz-1.7.4-x86_64-1.txz: Upgraded.
+l/icu4c-60.2-x86_64-1.txz: Upgraded.
+l/libjpeg-turbo-1.5.3-x86_64-1.txz: Upgraded.
+l/opus-1.3_beta-x86_64-1.txz: Added.
+l/opusfile-0.9-x86_64-1.txz: Added.
+l/speex-1.2rc2-x86_64-1.txz: Added.
+n/autofs-5.1.4-x86_64-1.txz: Upgraded.
+n/gnupg2-2.2.4-x86_64-1.txz: Upgraded.
+n/samba-4.7.4-x86_64-1.txz: Upgraded.
+x/xorg-server-1.19.6-x86_64-2.txz: Rebuilt.
+ Bumped Slackware version number reported by xorg-server to 15.0.
+x/xorg-server-xephyr-1.19.6-x86_64-2.txz: Rebuilt.
+x/xorg-server-xnest-1.19.6-x86_64-2.txz: Rebuilt.
+x/xorg-server-xvfb-1.19.6-x86_64-2.txz: Rebuilt.
+xap/xscreensaver-5.38-x86_64-1.txz: Upgraded.
++--------------------------+
+Fri Dec 22 21:49:01 UTC 2017
+tcl/tcl-8.6.8-x86_64-1.txz: Upgraded.
+tcl/tk-8.6.8-x86_64-1.txz: Upgraded.
+xap/mozilla-thunderbird-52.5.2-x86_64-1.txz: Upgraded.
+ This release contains security fixes and improvements.
+ For more information, see:
+ https://www.mozilla.org/en-US/thunderbird/52.5.2/releasenotes/
+ (* Security fix *)
+xap/network-manager-applet-1.8.10-x86_64-3.txz: Rebuilt.
+ Merged upstream patches that may fix the openvpn breakage.
Thanks to Robby Workman.
-d/intltool-0.51.0-x86_64-2.txz: Rebuilt.
- Fix warnings with perl-5.22.0. Thanks to Stuart Winter.
-d/llvm-3.7.0-x86_64-2.txz: Rebuilt.
- Build using cmake and clang. This results in a smaller package size, fixes
- compiler-rt, and changes the shared library name from libLLVM-3.7.so to
- libLLVM.so.3.7.0 (which requires recompiling any binaries linked to libLLVM).
- Thanks to Heinz Wiesinger.
-kde/calligra-2.9.9-x86_64-3.txz: Rebuilt.
-l/babl-0.1.14-x86_64-1.txz: Upgraded.
-l/harfbuzz-1.1.0-x86_64-1.txz: Upgraded.
-l/poppler-0.38.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Fri Dec 22 07:09:35 UTC 2017
+d/llvm-5.0.1-x86_64-1.txz: Upgraded.
+ Added libcxx and libcxxabi.
+l/Mako-1.0.7-x86_64-1.txz: Added.
+ Mako is needed by the new version of Mesa.
+x/libdrm-2.4.89-x86_64-1.txz: Upgraded.
+x/mesa-17.3.1-x86_64-1.txz: Upgraded.
++--------------------------+
+Wed Dec 20 22:56:42 UTC 2017
+a/util-linux-2.31.1-x86_64-1.txz: Upgraded.
+l/ffmpeg-3.4.1-x86_64-1.txz: Upgraded.
+x/xorg-server-1.19.6-x86_64-1.txz: Upgraded.
+x/xorg-server-xephyr-1.19.6-x86_64-1.txz: Upgraded.
+x/xorg-server-xnest-1.19.6-x86_64-1.txz: Upgraded.
+x/xorg-server-xvfb-1.19.6-x86_64-1.txz: Upgraded.
+xap/network-manager-applet-1.8.10-x86_64-2.txz: Rebuilt.
+ Patched to fix crash with NetworkManager-openvpn. Thanks to USUARIONUEVO.
++--------------------------+
+Wed Dec 20 03:05:58 UTC 2017
+ap/pamixer-1.3.1-x86_64-5.txz: Rebuilt.
+ Recompiled against boost-1.66.0.
+ap/vim-8.0.1415-x86_64-1.txz: Upgraded.
+d/meson-0.44.0-x86_64-1.txz: Upgraded.
+d/python3-3.6.4-x86_64-1.txz: Upgraded.
+d/ruby-2.4.3-x86_64-1.txz: Upgraded.
+ This update fixes a security issue:
+ Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile
+ use Kernel#open to open a local file. If the localfile argument starts with
+ the pipe character "|", the command following the pipe character is executed.
+ The default value of localfile is File.basename(remotefile), so malicious FTP
+ servers could cause arbitrary command execution.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
+ (* Security fix *)
+kde/calligra-2.9.11-x86_64-18.txz: Rebuilt.
+ Recompiled against boost-1.66.0.
+kde/kig-4.14.3-x86_64-7.txz: Rebuilt.
+ Recompiled against boost-1.66.0.
+l/LibRaw-0.18.6-x86_64-1.txz: Upgraded.
+l/akonadi-1.13.0-x86_64-8.txz: Rebuilt.
+ Recompiled against boost-1.66.0.
+l/boost-1.66.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
-n/NetworkManager-1.0.8-x86_64-1.txz: Upgraded.
-n/lftp-4.6.4-x86_64-1.txz: Upgraded.
-n/wget-1.17-x86_64-1.txz: Upgraded.
-x/glew-1.13.0-x86_64-1.txz: Upgraded.
+l/gmime-2.6.23-x86_64-2.txz: Upgraded.
+ Revert to gmime-2 until the issues with pan are worked out. Nothing else in
+ Slackware is using this library.
+l/lcms2-2.9-x86_64-1.txz: Upgraded.
+l/libogg-1.3.3-x86_64-1.txz: Upgraded.
+l/librsvg-2.40.20-x86_64-1.txz: Upgraded.
+l/pygobject-2.28.7-x86_64-1.txz: Upgraded.
+n/NetworkManager-1.10.2-x86_64-1.txz: Upgraded.
+n/gpgme-1.10.0-x86_64-1.txz: Upgraded.
+n/libassuan-2.5.1-x86_64-1.txz: Upgraded.
+n/libgcrypt-1.8.2-x86_64-1.txz: Upgraded.
+n/mutt-1.9.2-x86_64-1.txz: Upgraded.
+n/pinentry-1.1.0-x86_64-1.txz: Upgraded.
+xap/network-manager-applet-1.8.10-x86_64-1.txz: Upgraded.
+xap/pan-0.143-x86_64-3.txz: Rebuilt.
+ Recompiled against gmime-2.
+xap/vim-gvim-8.0.1415-x86_64-1.txz: Upgraded.
+xfce/xfce4-notifyd-0.4.1-x86_64-1.txz: Upgraded.
+testing/packages/linux-4.14.7/kernel-generic-4.14.7-x86_64-1.txz: Upgraded.
+testing/packages/linux-4.14.7/kernel-headers-4.14.7-x86-1.txz: Upgraded.
+testing/packages/linux-4.14.7/kernel-huge-4.14.7-x86_64-1.txz: Upgraded.
+testing/packages/linux-4.14.7/kernel-modules-4.14.7-x86_64-1.txz: Upgraded.
+testing/packages/linux-4.14.7/kernel-source-4.14.7-noarch-1.txz: Upgraded.
+ These sources have been patched with two patches that have been submitted
+ upstream but have yet to appear in the mainline or stable kernels. With the
+ patches applied this kernel seems stable now on both 32 and 64-bit x86.
+ Thanks to Michele Ballabio for reporting the issue to the upstream kernel
+ developers, and to Ming Lei for the fix. Once these patches appear in the
+ 4.14.x kernel series (and barring any other major regressions), we'll be
+ moving these kernels back into the main tree.
++--------------------------+
+Thu Dec 14 23:27:14 UTC 2017
+l/gst-plugins-base-1.12.4-x86_64-1.txz: Upgraded.
+l/gst-plugins-good-1.12.4-x86_64-1.txz: Upgraded.
+l/gst-plugins-libav-1.12.4-x86_64-1.txz: Upgraded.
+l/gstreamer-1.12.4-x86_64-1.txz: Upgraded.
+l/libsodium-1.0.16-x86_64-1.txz: Upgraded.
+n/wpa_supplicant-2.6-x86_64-3.txz: Rebuilt.
+ Added options and patches from Fedora that may help with reconnection
+ issues. Thanks to Robby Workman.
+x/mesa-17.2.7-x86_64-1.txz: Upgraded.
+xfce/xfce4-panel-4.12.2-x86_64-1.txz: Upgraded.
++--------------------------+
+Sat Dec 9 00:02:28 UTC 2017
+a/openssl-solibs-1.0.2n-x86_64-1.txz: Upgraded.
+n/openssl-1.0.2n-x86_64-1.txz: Upgraded.
+ This update fixes security issues:
+ Read/write after SSL object in error state
+ rsaz_1024_mul_avx2 overflow bug on x86_64
+ For more information, see:
+ https://www.openssl.org/news/secadv/20171207.txt
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3737
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3738
+ (* Security fix *)
++--------------------------+
+Fri Dec 8 05:54:21 UTC 2017
+l/cairo-1.14.12-x86_64-1.txz: Upgraded.
+l/qt-4.8.7-x86_64-8.txz: Rebuilt.
+ Don't warn if libicu* appears to be missing at runtime.
+x/motif-2.3.8-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-57.0.2-x86_64-1.txz: Upgraded.
++--------------------------+
+Wed Dec 6 14:13:48 UTC 2017
+a/kernel-generic-4.9.67-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.9.67-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.9.67-x86_64-1.txz: Upgraded.
+ap/cups-filters-1.17.9-x86_64-2.txz: Rebuilt.
+ Recompiled against poppler-0.62.0.
+ap/sqlite-3.21.0-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-60.1.
+d/kernel-headers-4.9.67-x86-1.txz: Upgraded.
+d/python-setuptools-38.2.4-x86_64-1.txz: Upgraded.
+d/subversion-1.9.7-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-60.1.
+k/kernel-source-4.9.67-noarch-1.txz: Upgraded.
+kde/calligra-2.9.11-x86_64-17.txz: Rebuilt.
+ Recompiled against icu4c-60.1 and poppler-0.62.0.
+kde/kdepimlibs-4.14.10-x86_64-4.txz: Rebuilt.
+ Recompiled against libical-3.0.1.
+l/apr-util-1.6.1-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-60.1.
+l/boost-1.65.1-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-60.1.
+l/eigen3-3.2.10-x86_64-1.txz: Upgraded.
+l/gmime-3.0.5-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
-x/mesa-11.0.6-x86_64-1.txz: Upgraded.
- Patched to find the new LLVM library.
- Thanks to Heinz Wiesinger.
-x/xf86-video-vmware-13.1.0-x86_64-5.txz: Rebuilt.
-xap/gimp-2.8.16-x86_64-1.txz: Upgraded.
-xap/network-manager-applet-1.0.8-x86_64-1.txz: Upgraded.
-xap/windowmaker-0.95.7-x86_64-2.txz: Rebuilt.
- Patch to fix a segfault in wmmenugen.c. Thanks to imitheos.
-xfce/tumbler-0.1.31-x86_64-3.txz: Rebuilt.
-+--------------------------+
-Sun Nov 22 23:37:53 UTC 2015
-a/eudev-3.1.5-x86_64-5.txz: Rebuilt.
- Add eudev startup message for kmsg. Thanks to Richard Narron.
- Blacklist some more watchdog modules to work around broken hardware.
- Thanks to Robby Workman.
- Added /dev/net/tun.
-a/kernel-firmware-20151122git-noarch-1.txz: Upgraded.
-+--------------------------+
-Sat Nov 21 19:18:17 UTC 2015
-Some more recompiles and a couple upgrades. Most of these were needed to
-fix packages on 32-bit that were needlessly linking the old libudev.so.0.
-Thanks to bormant for spotting these. After rebuilding them, they no longer
-link to libudev at all... Since this got us close to having Xfce built
-entirely for 586 on 32-bit, those packages were rebuilt as well.
-l/gcr-3.16.0-x86_64-2.txz: Rebuilt.
-l/gtk+2-2.24.28-x86_64-3.txz: Rebuilt.
-l/gtkspell-2.0.16-x86_64-3.txz: Rebuilt.
-l/libiodbc-3.52.10-x86_64-2.txz: Rebuilt.
-l/libwnck-2.31.0-x86_64-2.txz: Rebuilt.
-l/polkit-gnome-0.102-x86_64-3.txz: Rebuilt.
-l/virtuoso-ose-6.1.8-x86_64-3.txz: Rebuilt.
-l/vte-0.28.2-x86_64-4.txz: Rebuilt.
-x/compiz-0.8.8-x86_64-4.txz: Rebuilt.
-xap/blueman-r708-x86_64-5.txz: Rebuilt.
-xap/gucharmap-3.12.1-x86_64-2.txz: Rebuilt.
-xap/imagemagick-6.9.2_6-x86_64-1.txz: Upgraded.
-xap/pidgin-2.10.11-x86_64-4.txz: Rebuilt.
-xfce/Thunar-1.6.10-x86_64-2.txz: Rebuilt.
-xfce/garcon-0.4.0-x86_64-2.txz: Rebuilt.
-xfce/gtk-xfce-engine-2.10.1-x86_64-2.txz: Rebuilt.
-xfce/libxfce4ui-4.12.1-x86_64-2.txz: Rebuilt.
-xfce/libxfce4util-4.12.1-x86_64-2.txz: Rebuilt.
-xfce/orage-4.12.1-x86_64-2.txz: Rebuilt.
-xfce/thunar-volman-0.8.1-x86_64-2.txz: Rebuilt.
-xfce/xfce4-appfinder-4.12.0-x86_64-2.txz: Rebuilt.
-xfce/xfce4-clipman-plugin-1.2.3-x86_64-4.txz: Rebuilt.
-xfce/xfce4-dev-tools-4.12.0-x86_64-2.txz: Rebuilt.
-xfce/xfce4-mixer-4.10.0-x86_64-2.txz: Rebuilt.
-xfce/xfce4-notifyd-0.2.4-x86_64-3.txz: Rebuilt.
-xfce/xfce4-panel-4.12.0-x86_64-2.txz: Rebuilt.
-xfce/xfce4-power-manager-1.4.4-x86_64-2.txz: Rebuilt.
-xfce/xfce4-session-4.12.1-x86_64-2.txz: Rebuilt.
-xfce/xfce4-settings-4.12.0-x86_64-2.txz: Rebuilt.
-xfce/xfce4-systemload-plugin-1.1.2-x86_64-2.txz: Rebuilt.
-xfce/xfce4-taskmanager-1.1.0-x86_64-2.txz: Rebuilt.
-xfce/xfce4-terminal-0.6.3-x86_64-2.txz: Rebuilt.
-xfce/xfce4-volumed-0.1.13-x86_64-3.txz: Rebuilt.
-xfce/xfconf-4.12.0-x86_64-2.txz: Rebuilt.
-xfce/xfdesktop-4.12.3-x86_64-2.txz: Rebuilt.
-xfce/xfwm4-4.12.3-x86_64-1.txz: Upgraded.
-+--------------------------+
-Fri Nov 20 21:52:15 UTC 2015
-a/eudev-3.1.5-x86_64-4.txz: Rebuilt.
- rc.udev: Don't update the hardware database index until / is read-write.
- Remove obsolete /lib/udev/udevd symlink.
-a/udisks-1.0.5-x86_64-3.txz: Rebuilt.
- Eliminate redundant udev rule trying to call pci-db.
-+--------------------------+
-Fri Nov 20 05:25:18 UTC 2015
-We've made the switch from udev to eudev, and everything seems to be working
-perfectly. Big thanks to the eudev team for helping us bring Slackware's
-udev up to date! Make sure you remove the old udev and install both of the
-new packages (eudev and libgudev), and then the changeover to eudev should
-go as smooth as silk. Really, the icu4c upgrade seemed more disruptive. :)
-A reboot after this is probably better than "/etc/rc.d/rc.udev force-restart",
-but that worked fine here, too. It would also be a good idea to regenerate
-the initrd so that it uses eudev, but once again things worked fine here
-either way. Have fun!
-a/aaa_elflibs-14.2-x86_64-6.txz: Rebuilt.
-a/etc-14.2-x86_64-4.txz: Rebuilt.
- Added input group, GID 71.
- Added SDDM user/group, UID 64, GID 64.
-a/eudev-3.1.5-x86_64-3.txz: Added.
- This replaces the udev package.
- rc.udev: Fix mounting /dev/shm.
- rc.udev: Remove devtmpfs check.
- rc.udev: Remove persistent CD rules support.
- udev.conf: Remove obsolete udev_root setting.
- Patch 60-cdrom_id.rules to create alternate device names.
- Move system installed hwdb files under /lib.
- Remove obsolete udev_root references from the manpages, and install them.
- Thanks to Robby Workman.
-a/libgudev-230-x86_64-1.txz: Added.
- This library is required to use eudev.
-a/lvm2-2.02.134-x86_64-1.txz: Upgraded.
-a/sysvinit-scripts-2.0-noarch-22.txz: Rebuilt.
- rc.S: Remove obsolete UMSDOS related error messages.
-a/udev-182-x86_64-7.txz: Removed.
- This is replaced by the eudev and libgudev packages.
-a/udisks-1.0.5-x86_64-2.txz: Rebuilt.
-a/udisks2-2.1.5-x86_64-2.txz: Rebuilt.
-a/usbutils-007-x86_64-3.txz: Rebuilt.
-a/util-linux-2.26.2-x86_64-2.txz: Rebuilt.
-ap/gphoto2-2.5.9-x86_64-1.txz: Upgraded.
-ap/gutenprint-5.2.10-x86_64-2.txz: Rebuilt.
-ap/hplip-3.15.11-x86_64-1.txz: Upgraded.
-ap/nano-2.4.3-x86_64-1.txz: Upgraded.
-ap/sqlite-3.9.2-x86_64-2.txz: Rebuilt.
-ap/usbmuxd-1.1.0-x86_64-1.txz: Upgraded.
-d/gcc-5.2.0-x86_64-2.txz: Rebuilt.
- Patched to fix problems with Wine (and possibly other things.)
- Thanks to Spinlock.
-d/gcc-g++-5.2.0-x86_64-2.txz: Rebuilt.
-d/gcc-gfortran-5.2.0-x86_64-2.txz: Rebuilt.
-d/gcc-gnat-5.2.0-x86_64-2.txz: Rebuilt.
-d/gcc-go-5.2.0-x86_64-2.txz: Rebuilt.
-d/gcc-java-5.2.0-x86_64-2.txz: Rebuilt.
-d/gcc-objc-5.2.0-x86_64-2.txz: Rebuilt.
-d/mercurial-3.6.1-x86_64-1.txz: Upgraded.
- Renamed bash-completion file from mercurial to hg, otherwise it doesn't work.
- Thanks to Audrius Kazukauskas.
-d/subversion-1.9.2-x86_64-3.txz: Rebuilt.
-kde/calligra-2.9.9-x86_64-2.txz: Rebuilt.
-kde/kde-workspace-4.11.22-x86_64-2.txz: Rebuilt.
-kde/kdeconnect-kde-0.8-x86_64-3.txz: Rebuilt.
- Patched to fix problems with OpenSSH 7.x. Thanks to Eric Hameleers.
-kde/kdelibs-4.14.14-x86_64-2.txz: Rebuilt.
-kde/kig-4.14.3-x86_64-3.txz: Rebuilt.
-l/ConsoleKit2-1.0.0-x86_64-3.txz: Rebuilt.
-l/akonadi-1.13.0-x86_64-2.txz: Rebuilt.
-l/apr-util-1.5.4-x86_64-2.txz: Rebuilt.
-l/boost-1.59.0-x86_64-1.txz: Upgraded.
+l/gvfs-1.34.1-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-60.1.
+l/harfbuzz-1.7.2-x86_64-1.txz: Upgraded.
+ Compiled against icu4c-60.1.
+l/icu4c-60.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
-l/gtk+3-3.18.5-x86_64-1.txz: Upgraded.
-l/gvfs-1.26.2-x86_64-2.txz: Rebuilt.
-l/harfbuzz-1.0.6-x86_64-1.txz: Upgraded.
-l/icu4c-56.1-x86_64-1.txz: Upgraded.
+l/libgpod-0.8.3-x86_64-3.txz: Rebuilt.
+ Recompiled against icu4c-60.1.
+l/libical-3.0.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
-l/libatasmart-0.19-x86_64-2.txz: Rebuilt.
-l/libcanberra-0.30-x86_64-3.txz: Rebuilt.
-l/libgphoto2-2.5.9-x86_64-1.txz: Upgraded.
-l/libgpod-0.8.3-x86_64-2.txz: Rebuilt.
-l/libmtp-1.1.10-x86_64-1.txz: Upgraded.
-l/libsoup-2.52.2-x86_64-2.txz: Rebuilt.
-l/libusb-1.0.20-x86_64-1.txz: Upgraded.
-l/libusb-compat-0.1.5-x86_64-2.txz: Rebuilt.
-l/libvisio-0.1.3-x86_64-2.txz: Rebuilt.
-l/qt-4.8.7-x86_64-2.txz: Rebuilt.
-l/raptor2-2.0.15-x86_64-2.txz: Rebuilt.
-l/system-config-printer-1.3.13-x86_64-2.txz: Rebuilt.
-n/ModemManager-1.4.10-x86_64-2.txz: Rebuilt.
-n/NetworkManager-1.0.6-x86_64-2.txz: Rebuilt.
-n/bluez-4.101-x86_64-2.txz: Rebuilt.
-n/dhcpcd-6.8.2-x86_64-2.txz: Rebuilt.
-n/httpd-2.4.17-x86_64-2.txz: Rebuilt.
-n/libmbim-1.12.2-x86_64-2.txz: Rebuilt.
-n/network-scripts-14.2-noarch-1.txz: Upgraded.
- Add loopback up/down/start/stop features.
- Fix bringing down a single non-bridge interface.
- Thanks to Xsane.
-n/nmap-7.00-x86_64-1.txz: Upgraded.
-n/php-5.6.15-x86_64-1.txz: Upgraded.
-n/tin-2.2.1-x86_64-3.txz: Rebuilt.
-x/intel-gpu-tools-1.9-x86_64-2.txz: Rebuilt.
-x/xf86-input-evdev-2.10.0-x86_64-3.txz: Rebuilt.
-x/xf86-input-vmmouse-13.1.0-x86_64-3.txz: Rebuilt.
-x/xf86-video-ati-7.6.1-x86_64-2.txz: Rebuilt.
-x/xf86-video-intel-git_20151119_666f25b-x86_64-1.txz: Upgraded.
-x/xf86-video-modesetting-0.9.0-x86_64-5.txz: Rebuilt.
-x/xf86-video-nouveau-git_20151119_6e6d8ac-x86_64-1.txz: Upgraded.
-x/xf86-video-openchrome-0.3.3-x86_64-7.txz: Rebuilt.
-x/xorg-server-1.18.0-x86_64-2.txz: Rebuilt.
-x/xorg-server-xephyr-1.18.0-x86_64-2.txz: Rebuilt.
-x/xorg-server-xnest-1.18.0-x86_64-2.txz: Rebuilt.
-x/xorg-server-xvfb-1.18.0-x86_64-2.txz: Rebuilt.
-xap/audacious-3.7-x86_64-1.txz: Upgraded.
-xap/audacious-plugins-3.7-x86_64-1.txz: Upgraded.
-xap/network-manager-applet-1.0.6-x86_64-2.txz: Rebuilt.
-xap/sane-1.0.25-x86_64-2.txz: Rebuilt.
-xfce/exo-0.10.7-x86_64-1.txz: Upgraded.
-xfce/xfce4-screenshooter-1.8.2-x86_64-2.txz: Rebuilt.
-xfce/xfce4-weather-plugin-0.8.6-x86_64-2.txz: Rebuilt.
+ Compiled against icu4c-60.1.
+l/libsodium-1.0.15-x86_64-1.txz: Added.
+l/libvisio-0.1.6-x86_64-1.txz: Upgraded.
+ Compiled against icu4c-60.1.
+l/poppler-0.62.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/raptor2-2.0.15-x86_64-3.txz: Rebuilt.
+ Recompiled against icu4c-60.1.
+n/NetworkManager-1.10.0-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-60.1.
+n/autofs-5.1.3-x86_64-2.txz: Rebuilt.
+ Fixed incorrect /etc/default/autofs.{,new}. Thanks to alienBOB.
+n/bluez-5.47-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-60.1.
+ Recompiled against libical-3.0.1.
+n/dovecot-2.2.33.2-x86_64-3.txz: Rebuilt.
+ Recompiled against icu4c-60.1.
+n/httpd-2.4.29-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-60.1.
+n/php-7.2.0-x86_64-2.txz: Upgraded.
+ Upgraded from php-5.6.32.
+ Compiled against icu4c-60.1.
+ Compiled against libsodium-1.0.15.
+n/postfix-3.2.4-x86_64-3.txz: Rebuilt.
+ Recompiled against icu4c-60.1.
+n/tin-2.4.1-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-60.1.
+n/whois-5.2.18-x86_64-2.txz: Rebuilt.
+ Ship the mkpasswd program. Thanks to Adrien Nader.
+t/texlive-2017.171108-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-60.1.
+tcl/expect-5.45.3-x86_64-2.txz: Rebuilt.
+ Don't install the mkpasswd example program, which is inferior to the
+ version shipped with the whois sources.
+xap/network-manager-applet-1.8.6-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-60.1.
+xap/pan-0.143-x86_64-2.txz: Rebuilt.
+ Recompiled against gmime-3.0.5.
+xfce/orage-4.12.1-x86_64-4.txz: Rebuilt.
+ Recompiled against icu4c-60.1.
+ Recompiled against libical-3.0.1.
+xfce/tumbler-0.2.0-x86_64-3.txz: Rebuilt.
+ Recompiled against poppler-0.62.0.
+xfce/xfce4-screenshooter-1.8.2-x86_64-3.txz: Rebuilt.
+ Recompiled against icu4c-60.1.
+xfce/xfce4-weather-plugin-0.8.10-x86_64-2.txz: Rebuilt.
+ Recompiled against icu4c-60.1.
isolinux/initrd.img: Rebuilt.
- Removed udev, added eudev and libgudev.
- Fixed partition size output.
+kernels/*: Upgraded.
+testing/packages/linux-4.14.4/kernel-generic-4.14.4-x86_64-1.txz: Upgraded.
+testing/packages/linux-4.14.4/kernel-headers-4.14.4-x86-1.txz: Upgraded.
+testing/packages/linux-4.14.4/kernel-huge-4.14.4-x86_64-1.txz: Upgraded.
+testing/packages/linux-4.14.4/kernel-modules-4.14.4-x86_64-1.txz: Upgraded.
+testing/packages/linux-4.14.4/kernel-source-4.14.4-noarch-1.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
- Removed udev, added eudev and libgudev.
- Fixed partition size output.
-+--------------------------+
-Sun Nov 15 20:26:58 UTC 2015
-testing/packages/eudev-3.1.5-x86_64-2.txz: Rebuilt.
- Use --with-rootlibexecdir=/lib/udev regardless of $ARCH.
-+--------------------------+
-Sat Nov 14 21:35:57 UTC 2015
-Please enjoy "almost a beta." Sorry we missed Friday the 13th this time.
-a/aaa_elflibs-14.2-x86_64-5.txz: Rebuilt.
-a/bash-4.3.042-x86_64-1.txz: Upgraded.
-a/e2fsprogs-1.42.13-x86_64-2.txz: Rebuilt.
- Fixed uncompressed manpages.
-a/file-5.25-x86_64-1.txz: Upgraded.
-a/gettext-0.19.6-x86_64-1.txz: Upgraded.
-a/hwdata-0.283-noarch-1.txz: Added.
- Thanks to Robby Workman.
-a/kernel-firmware-20151112git-noarch-1.txz: Upgraded.
-a/kernel-generic-4.1.13-x86_64-1.txz: Upgraded.
-a/kernel-huge-4.1.13-x86_64-1.txz: Upgraded.
-a/kernel-modules-4.1.13-x86_64-1.txz: Upgraded.
-a/pciutils-3.4.0-x86_64-1.txz: Upgraded.
- Thanks to Robby Workman.
-a/tcsh-6.19.00-x86_64-1.txz: Upgraded.
-a/usbutils-007-x86_64-2.txz: Rebuilt.
- Use the usb.ids from the hwdata package.
-ap/alsa-utils-1.1.0-x86_64-1.txz: Upgraded.
-ap/lxc-1.1.5-x86_64-1.txz: Upgraded.
-ap/man-1.6g-x86_64-3.txz: Rebuilt.
- Fixed conditional in makewhatis. Thanks to mancha.
-ap/man-pages-4.02-noarch-1.txz: Upgraded.
-ap/mc-4.8.15-x86_64-1.txz: Upgraded.
-ap/powertop-2.8-x86_64-1.txz: Upgraded.
-ap/sqlite-3.9.2-x86_64-1.txz: Upgraded.
-ap/squashfs-tools-4.3-x86_64-1.txz: Added.
- Thanks to Eric Hameleers.
-d/cmake-3.4.0-x86_64-1.txz: Upgraded.
-d/gcc-5.2.0-x86_64-1.txz: Upgraded.
-d/gcc-g++-5.2.0-x86_64-1.txz: Upgraded.
-d/gcc-gfortran-5.2.0-x86_64-1.txz: Upgraded.
-d/gcc-gnat-5.2.0-x86_64-1.txz: Upgraded.
-d/gcc-go-5.2.0-x86_64-1.txz: Upgraded.
- Shared library .so-version bump.
-d/gcc-java-5.2.0-x86_64-1.txz: Upgraded.
- Shared library .so-version bump.
-d/gcc-objc-5.2.0-x86_64-1.txz: Upgraded.
-d/gettext-tools-0.19.6-x86_64-1.txz: Upgraded.
-d/git-2.6.3-x86_64-1.txz: Upgraded.
-d/intltool-0.51.0-x86_64-1.txz: Upgraded.
-d/kernel-headers-4.1.13-x86-1.txz: Upgraded.
-d/libtool-2.4.6-x86_64-3.txz: Rebuilt.
-d/subversion-1.9.2-x86_64-2.txz: Rebuilt.
- Moved DAV SVN modules to the correct Apache directory. Thanks to cendryon.
-k/kernel-source-4.1.13-noarch-1.txz: Upgraded.
- MICROCODE m -> y
- X86_CPUID m -> y
- X86_MSR m -> y
- +MICROCODE_AMD_EARLY y
- +MICROCODE_EARLY y
- +MICROCODE_INTEL_EARLY y
-kde/calligra-2.9.9-x86_64-1.txz: Upgraded.
-kde/kdelibs-4.14.14-x86_64-1.txz: Upgraded.
-kde/libkdcraw-4.14.3-x86_64-3.txz: Rebuilt.
-kde/step-4.14.3-x86_64-4.txz: Rebuilt.
-kdei/calligra-l10n-bs-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ca-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ca\@valencia-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-cs-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-da-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-de-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-el-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-en_GB-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-es-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-et-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-fi-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-fr-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-gl-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-hu-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-it-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ja-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-kk-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-nb-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-nl-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pl-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pt-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pt_BR-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ru-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-sk-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-sv-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-tr-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-uk-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-zh_CN-2.9.9-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-zh_TW-2.9.9-noarch-1.txz: Upgraded.
-l/ConsoleKit2-1.0.0-x86_64-2.txz: Rebuilt.
- Fixed uncompressed manpage.
-l/LibRaw-0.17.0-x86_64-1.txz: Upgraded.
- Shared library .so-version bump.
-l/alsa-lib-1.1.0-x86_64-1.txz: Upgraded.
-l/at-spi2-core-2.18.3-x86_64-1.txz: Upgraded.
-l/eigen2-2.0.17-x86_64-1.txz: Upgraded.
-l/eigen3-3.2.7-x86_64-1.txz: Upgraded.
-l/gdk-pixbuf2-2.32.2-x86_64-1.txz: Upgraded.
-l/glib2-2.46.2-x86_64-1.txz: Upgraded.
-l/gnome-keyring-3.16.0-x86_64-2.txz: Rebuilt.
- Fixed uncompressed manpages.
-l/gsl-2.1-x86_64-1.txz: Upgraded.
++--------------------------+
+Mon Dec 4 14:04:45 UTC 2017
+xap/pan-0.143-x86_64-1.txz: Upgraded.
++--------------------------+
+Sun Dec 3 22:42:47 UTC 2017
+a/btrfs-progs-v4.14-x86_64-1.txz: Upgraded.
+a/logrotate-3.13.0-x86_64-1.txz: Upgraded.
+a/pciutils-3.5.6-x86_64-1.txz: Upgraded.
+a/reiserfsprogs-3.6.27-x86_64-1.txz: Upgraded.
+a/xfsprogs-4.14.0-x86_64-1.txz: Upgraded.
+ap/itstool-2.0.4-x86_64-1.txz: Upgraded.
+ap/mariadb-10.2.11-x86_64-2.txz: Rebuilt.
+ Removed a Darwin-only symbol from the TOKUDB_OK cmake test to fix TokuDB.
+ap/mpg123-1.25.8-x86_64-1.txz: Upgraded.
+ap/xfsdump-3.1.8-x86_64-1.txz: Upgraded.
+d/nasm-2.13.02-x86_64-1.txz: Upgraded.
+l/M2Crypto-0.27.0-x86_64-1.txz: Upgraded.
+l/babl-0.1.38-x86_64-1.txz: Upgraded.
+l/python-six-1.11.0-x86_64-1.txz: Upgraded.
+l/shared-mime-info-1.9-x86_64-1.txz: Upgraded.
+n/autofs-5.1.3-x86_64-1.txz: Upgraded.
+n/getmail-5.4-x86_64-1.txz: Upgraded.
+n/sshfs-2.10-x86_64-1.txz: Upgraded.
+n/traceroute-2.1.0-x86_64-1.txz: Upgraded.
+xfce/xfce4-terminal-0.8.6-x86_64-2.txz: Rebuilt.
+ Applied upstream patch to add utempter support. Thanks to Robby Workman.
++--------------------------+
+Sat Dec 2 20:32:45 UTC 2017
+We're moving back to the 4.9.x kernel series in the main tree until we can
+figure out a fix for unstable 4.14.x kernels (especially on 32-bit). Guessing
+it's probably going to be fixable with .config changes, since a greatly
+simplified .config is stable. Meanwhile, the latest 4.14.x kernels can now be
+found in the testing/ directory.
+a/kernel-firmware-20171130git-noarch-1.txz: Upgraded.
+a/kernel-generic-4.9.66-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.9.66-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.9.66-x86_64-1.txz: Upgraded.
+ap/soma-2.12.3-noarch-1.txz: Upgraded.
+d/gdb-8.0.1-x86_64-3.txz: Rebuilt.
+ Compiled --without-guile until guile-2.2 support is fixed.
+d/guile-2.2.3-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
-l/gst-plugins-good-1.6.1-x86_64-2.txz: Rebuilt.
-l/gtk+3-3.18.4-x86_64-1.txz: Upgraded.
-l/gvfs-1.26.2-x86_64-1.txz: Upgraded.
-l/libsoup-2.52.2-x86_64-1.txz: Upgraded.
-l/libvpx-1.5.0-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.9.66-x86-1.txz: Upgraded.
+d/make-4.2.1-x86_64-2.txz: Rebuilt.
+ Recompiled against libguile-2.2.
+d/mercurial-4.4.2-x86_64-1.txz: Upgraded.
+k/kernel-source-4.9.66-noarch-1.txz: Upgraded.
+l/adwaita-icon-theme-3.26.1-noarch-1.txz: Upgraded.
+l/fftw-3.3.7-x86_64-1.txz: Upgraded.
+l/libunistring-0.9.8-x86_64-1.txz: Upgraded.
+l/libzip-1.3.2-x86_64-2.txz: Rebuilt.
+ Restored missing zipconf.h. Thanks to orbea.
+n/gnutls-3.6.1-x86_64-2.txz: Rebuilt.
+ Recompiled against libguile-2.2.
+n/stunnel-5.44-x86_64-1.txz: Upgraded.
+x/xf86-video-vboxvideo-1.0.0-x86_64-1.txz: Added.
+xap/mozilla-firefox-57.0.1-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+testing/packages/linux-4.14.3/kernel-generic-4.14.3-x86_64-1.txz: Added.
+testing/packages/linux-4.14.3/kernel-headers-4.14.3-x86-1.txz: Added.
+testing/packages/linux-4.14.3/kernel-huge-4.14.3-x86_64-1.txz: Added.
+testing/packages/linux-4.14.3/kernel-modules-4.14.3-x86_64-1.txz: Added.
+testing/packages/linux-4.14.3/kernel-source-4.14.3-noarch-1.txz: Added.
+testing/packages/php-7.2.0-x86_64-1.txz: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Wed Nov 29 21:48:33 UTC 2017
+n/curl-7.57.0-x86_64-1.txz: Upgraded.
+ This update fixes security issues:
+ SSL out of buffer access
+ FTP wildcard out of bounds read
+ NTLM buffer overflow via integer overflow
+ For more information, see:
+ https://curl.haxx.se/docs/adv_2017-af0a.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8818
+ https://curl.haxx.se/docs/adv_2017-ae72.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817
+ https://curl.haxx.se/docs/adv_2017-12e7.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816
+ (* Security fix *)
++--------------------------+
+Wed Nov 29 08:15:09 UTC 2017
+a/coreutils-8.28-x86_64-2.txz: Rebuilt.
+ Removed ancient (1992) aliases "dir, vdir, d, v" from the profile scripts.
+a/lzlib-1.9-x86_64-1.txz: Added.
+a/plzip-1.6-x86_64-1.txz: Added.
+ap/man-1.6g-x86_64-3.txz: Removed.
+ap/man-db-2.7.6.1-x86_64-1.txz: Added.
+ This package replaces the good old man package. Thanks to B. Watson.
+ap/man-pages-4.14-noarch-2.txz: Rebuilt.
+ Don't ship a whatis database, since man-db doesn't need one.
+ap/mariadb-10.2.11-x86_64-1.txz: Upgraded.
+d/git-2.15.1-x86_64-1.txz: Upgraded.
+d/python-setuptools-38.2.3-x86_64-1.txz: Upgraded.
+x/libXcursor-1.1.15-x86_64-1.txz: Upgraded.
+ Fix heap overflows when parsing malicious files. (CVE-2017-16612)
+ It is possible to trigger heap overflows due to an integer overflow
+ while parsing images and a signedness issue while parsing comments.
+ The integer overflow occurs because the chosen limit 0x10000 for
+ dimensions is too large for 32 bit systems, because each pixel takes
+ 4 bytes. Properly chosen values allow an overflow which in turn will
+ lead to less allocated memory than needed for subsequent reads.
+ The signedness bug is triggered by reading the length of a comment
+ as unsigned int, but casting it to int when calling the function
+ XcursorCommentCreate. Turning length into a negative value allows the
+ check against XCURSOR_COMMENT_MAX_LEN to pass, and the following
+ addition of sizeof (XcursorComment) + 1 makes it possible to allocate
+ less memory than needed for subsequent reads.
+ For more information, see:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16612
+ (* Security fix *)
+x/libXfont-1.5.3-x86_64-1.txz: Removed.
+x/libXfont2-2.0.3-x86_64-1.txz: Upgraded.
+ Open files with O_NOFOLLOW. (CVE-2017-16611)
+ A non-privileged X client can instruct X server running under root
+ to open any file by creating own directory with "fonts.dir",
+ "fonts.alias" or any font file being a symbolic link to any other
+ file in the system. X server will then open it. This can be issue
+ with special files such as /dev/watchdog (which could then reboot
+ the system).
+ For more information, see:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16611
+ (* Security fix *)
+x/xfs-1.2.0-x86_64-1.txz: Upgraded.
+testing/packages/php-7.1.12-x86_64-2.txz: Rebuilt.
+ Load mysqlnd.so before mysqli.so in etc/php.ini*. Thanks to KewlCat.
+ Load libphp7.so in mod_php.conf.example. Thanks to Willy Sudiarto Raharjo.
++--------------------------+
+Tue Nov 28 06:20:03 UTC 2017
+a/eudev-3.2.5-x86_64-1.txz: Upgraded.
+a/kernel-firmware-20171126git-noarch-1.txz: Upgraded.
+ Remove /lib/firmware/iwlwifi-*-34.ucode until after the next kernel release.
+a/usbutils-009-x86_64-1.txz: Upgraded.
+ap/hplip-3.17.11-x86_64-2.txz: Rebuilt.
+ Fixed a few Python scripts that did not have a proper python3 shebang.
+ Thanks to dugan.
+ap/lxc-2.0.9-x86_64-1.txz: Upgraded.
+ap/man-pages-4.14-noarch-1.txz: Upgraded.
+ap/mc-4.8.20-x86_64-1.txz: Upgraded.
+ap/nano-2.9.1-x86_64-1.txz: Upgraded.
+kde/konsole-4.14.3-x86_64-3.txz: Rebuilt.
+ Fixed scrollUp behavior. Thanks to Andrzej Telszewski.
+l/QScintilla-2.10.2-x86_64-1.txz: Upgraded.
+l/ffmpeg-3.4-x86_64-2.txz: Rebuilt.
+ Recompiled against libva.so.2.0.0.
+l/sip-4.19.6-x86_64-1.txz: Upgraded.
+l/talloc-2.1.10-x86_64-1.txz: Added.
+l/tdb-1.3.15-x86_64-1.txz: Added.
+l/tevent-0.9.34-x86_64-1.txz: Added.
+n/cyrus-sasl-2.1.26-x86_64-3.txz: Rebuilt.
+ Use /dev/urandom rather than /dev/random to avoid entropy starvation.
+ Thanks to mr.spuratic.
+n/dhcpcd-6.11.5-x86_64-2.txz: Rebuilt.
+ Use hostname_short in dhcpcd.conf. Thanks to KewlCat.
+n/network-scripts-15.0-noarch-4.txz: Rebuilt.
+ Script cleanups from Jakub Jankowski:
+ netconfig: Add comment to netconfig-generated rc.inet1.conf
+ rc.inet1: Check for iface in /sys/class/net, not /proc/net/dev
+ rc.inet1: Remove unnecessary unset num
+ rc.inet1: Factor DEBUG_ETH_UP logging to a separate function
+ rc.inet1: Use ${array[*]} not ${array[@]} to produce a string
+ rc.inet1: Avoid de-/configuring ifaces with indexes >=MAXNICS
+ rc.inet1: Avoid code duplication by combining case/esac
+ rc.inet1: Add missing 'dev' keyword
+ rc.inet1: Remove unnecessary $(echo)
+ rc.inet1*: Simplify virtif_* code, add note to example config
+ rc.inet1: Test for loopback being "state UNKNOWN" too.
+ rc.inet1: Use simple test (-n/-z) for non-empty/empty
+ rc.inet1: Replace [ test1 -a test2 ] with [ test1 ] && [ test2 ]
+n/openldap-client-2.4.45-x86_64-1.txz: Upgraded.
+n/samba-4.7.3-x86_64-1.txz: Upgraded.
+ This is a security release in order to address the following defects:
+ CVE-2017-14746 (Use-after-free vulnerability.)
+ All versions of Samba from 4.0.0 onwards are vulnerable to a use after
+ free vulnerability, where a malicious SMB1 request can be used to
+ control the contents of heap memory via a deallocated heap pointer. It
+ is possible this may be used to compromise the SMB server.
+ CVE-2017-15275 (Server heap memory information leak.)
+ All versions of Samba from 3.6.0 onwards are vulnerable to a heap
+ memory information leak, where server allocated heap memory may be
+ returned to the client without being cleared.
+ For more information, see:
+ https://www.samba.org/samba/security/CVE-2017-14746.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746
+ https://www.samba.org/samba/security/CVE-2017-15275.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275
+ (* Security fix *)
+x/intel-vaapi-driver-2.0.0-x86_64-1.txz: Added.
+ This is the replacement for libva-intel-driver (renamed upstream).
+x/libva-2.0.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
-l/pilot-link-0.12.5-x86_64-10.txz: Rebuilt.
- Fixed uncompressed manpage.
-l/readline-6.3-x86_64-2.txz: Rebuilt.
- Applied two upstream patches. Thanks to gmgf.
-l/seamonkey-solibs-2.39-x86_64-1.txz: Upgraded.
-l/xapian-core-1.2.21-x86_64-1.txz: Upgraded.
-n/bind-9.10.3-x86_64-1.txz: Upgraded.
-n/rp-pppoe-3.12-x86_64-1.txz: Upgraded.
-n/whois-5.2.10-x86_64-1.txz: Upgraded.
-tcl/tcl-8.6.4-x86_64-2.txz: Rebuilt.
- Fixed uncompressed manpages.
-x/mesa-11.0.5-x86_64-1.txz: Upgraded.
-x/xf86-input-acecad-1.5.0-x86_64-9.txz: Rebuilt.
-x/xf86-input-aiptek-1.4.1-x86_64-8.txz: Removed.
- This driver is unmaintained and no longer compiles.
-x/xf86-input-evdev-2.10.0-x86_64-2.txz: Rebuilt.
-x/xf86-input-joystick-1.6.1-x86_64-9.txz: Rebuilt.
-x/xf86-input-keyboard-1.8.1-x86_64-2.txz: Rebuilt.
-x/xf86-input-mouse-1.9.1-x86_64-4.txz: Rebuilt.
-x/xf86-input-penmount-1.5.0-x86_64-9.txz: Rebuilt.
-x/xf86-input-synaptics-1.8.3-x86_64-2.txz: Rebuilt.
-x/xf86-input-vmmouse-13.1.0-x86_64-2.txz: Rebuilt.
-x/xf86-input-void-1.4.0-x86_64-9.txz: Rebuilt.
-x/xf86-input-wacom-0.19.0-x86_64-8.txz: Rebuilt.
-x/xf86-video-apm-1.2.5-x86_64-8.txz: Rebuilt.
-x/xf86-video-ark-0.7.5-x86_64-8.txz: Rebuilt.
-x/xf86-video-ast-1.1.5-x86_64-2.txz: Rebuilt.
-x/xf86-video-ati-7.6.1-x86_64-1.txz: Upgraded.
-x/xf86-video-chips-1.2.6-x86_64-2.txz: Rebuilt.
-x/xf86-video-cirrus-1.5.3-x86_64-2.txz: Rebuilt.
-x/xf86-video-dummy-0.3.7-x86_64-5.txz: Rebuilt.
-x/xf86-video-glint-1.2.8-x86_64-8.txz: Rebuilt.
-x/xf86-video-i128-1.3.6-x86_64-8.txz: Rebuilt.
-x/xf86-video-i740-1.3.5-x86_64-3.txz: Rebuilt.
-x/xf86-video-intel-git_20151112_7490b9e-x86_64-1.txz: Upgraded.
-x/xf86-video-mach64-6.9.5-x86_64-2.txz: Rebuilt.
-x/xf86-video-mga-1.6.4-x86_64-3.txz: Rebuilt.
-x/xf86-video-modesetting-0.9.0-x86_64-4.txz: Rebuilt.
-x/xf86-video-neomagic-1.2.9-x86_64-2.txz: Rebuilt.
-x/xf86-video-nouveau-git_20151112_1ff13a9-x86_64-1.txz: Upgraded.
-x/xf86-video-nv-2.1.20-x86_64-9.txz: Rebuilt.
-x/xf86-video-openchrome-0.3.3-x86_64-6.txz: Rebuilt.
-x/xf86-video-r128-6.10.0-x86_64-2.txz: Rebuilt.
-x/xf86-video-rendition-4.2.6-x86_64-1.txz: Upgraded.
-x/xf86-video-s3-0.6.5-x86_64-8.txz: Rebuilt.
-x/xf86-video-s3virge-1.10.7-x86_64-2.txz: Rebuilt.
-x/xf86-video-savage-2.3.8-x86_64-2.txz: Rebuilt.
-x/xf86-video-siliconmotion-1.7.8-x86_64-2.txz: Rebuilt.
-x/xf86-video-sis-0.10.8-x86_64-2.txz: Rebuilt.
-x/xf86-video-sisusb-0.9.6-x86_64-8.txz: Rebuilt.
-x/xf86-video-tdfx-1.4.6-x86_64-3.txz: Rebuilt.
-x/xf86-video-tga-1.2.2-x86_64-8.txz: Rebuilt.
-x/xf86-video-trident-1.3.7-x86_64-3.txz: Rebuilt.
-x/xf86-video-tseng-1.2.5-x86_64-8.txz: Rebuilt.
-x/xf86-video-v4l-0.2.0-x86_64-13.txz: Rebuilt.
-x/xf86-video-vesa-2.3.4-x86_64-2.txz: Rebuilt.
-x/xf86-video-vmware-13.1.0-x86_64-4.txz: Rebuilt.
-x/xf86-video-voodoo-1.2.5-x86_64-9.txz: Rebuilt.
-x/xf86-video-xgi-1.6.1-x86_64-2.txz: Rebuilt.
-x/xf86-video-xgixp-1.8.1-x86_64-8.txz: Rebuilt.
-x/xorg-server-1.18.0-x86_64-1.txz: Upgraded.
-x/xorg-server-xephyr-1.18.0-x86_64-1.txz: Upgraded.
-x/xorg-server-xnest-1.18.0-x86_64-1.txz: Upgraded.
-x/xorg-server-xvfb-1.18.0-x86_64-1.txz: Upgraded.
-x/xterm-320-x86_64-1.txz: Upgraded.
-xap/MPlayer-20150721-x86_64-3.txz: Rebuilt.
-xap/gnuplot-5.0.1-x86_64-1.txz: Upgraded.
-xap/seamonkey-2.39-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
- (* Security fix *)
-xap/windowmaker-0.95.7-x86_64-1.txz: Upgraded.
-xap/xine-lib-1.2.6-x86_64-5.txz: Rebuilt.
-xap/xscreensaver-5.34-x86_64-1.txz: Upgraded.
-extra/fltk/fltk-1.3.3-x86_64-1.txz: Added.
- FLTK is needed to compile tigervnc.
-extra/tigervnc/tigervnc-1.5.0-x86_64-1.txz: Upgraded.
- Thanks to Eric Hameleers.
-extra/xf86-video-fbdev/xf86-video-fbdev-0.4.4-x86_64-4.txz: Rebuilt.
+x/libva-intel-driver-1.7.3-x86_64-1.txz: Removed.
+x/libva-utils-2.0.0-x86_64-1.txz: Added.
+x/mesa-17.2.6-x86_64-1.txz: Upgraded.
+x/xkeyboard-config-2.22-noarch-1.txz: Upgraded.
+xap/gparted-0.30.0-x86_64-1.txz: Upgraded.
+xap/xine-lib-1.2.8-x86_64-4.txz: Rebuilt.
+ Recompiled against libva.so.2.0.0.
+xfce/Thunar-1.6.13-x86_64-1.txz: Upgraded.
+testing/packages/php-7.1.12-x86_64-1.txz: Added.
++--------------------------+
+Sat Nov 25 07:44:07 UTC 2017
+a/kernel-firmware-20171124git-noarch-1.txz: Upgraded.
+a/kernel-generic-4.14.2-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.2-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.2-x86_64-1.txz: Upgraded.
+ap/hplip-3.17.11-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.2-x86-1.txz: Upgraded.
+d/rust-1.22.1-x86_64-1.txz: Upgraded.
+k/kernel-source-4.14.2-noarch-1.txz: Upgraded.
+l/libclc-20171115_3d994f2-x86_64-1.txz: Upgraded.
+l/libfakekey-0.3-x86_64-1.txz: Upgraded.
+xap/mozilla-thunderbird-52.5.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
-testing/packages/eudev-3.1.5-x86_64-1.txz: Added.
- Thanks to Jean-Philippe Guillemin.
- Expect problems (especially with an initrd) unless everything depending upon
- libudev.so.0 is recompiled. Those packages include: ConsoleKit2,
- ModemManager, NetworkManager, aaa_elflibs, bluez, dhcpcd, gutenprint, gvfs,
- intel-gpu-tools, kde-workspace, kdelibs, libatasmart, libcanberra, libgphoto2,
- libgpod, libmbim, libmtp, libusb, libusb-compat, lvm2, network-manager-applet,
- qt, sane, system-config-printer, udisks, udisks2, usbmuxd, usbutils,
- util-linux, xf86-input-evdev, xf86-input-vmmouse, xf86-video-ati,
- xf86-video-intel, xf86-video-modesetting, xf86-video-nouveau,
- xf86-video-openchrome, and xorg-server.
-testing/packages/libgudev-230-x86_64-1.txz: Added.
- This package is also needed in order to test eudev.
usb-and-pxe-installers/usbboot.img: Rebuilt.
-usb-and-pxe-installers/usbimg2disk.sh: Upgraded.
- Patched to handle spaces in the FAT label. Thanks to Eric Hameleers.
- Patched to fix directory layout for UEFI boot. Thanks to Didier Spaier.
+--------------------------+
-Fri Nov 6 01:15:43 UTC 2015
-l/mozilla-nss-3.20.1-x86_64-1.txz: Upgraded.
- Upgraded to nss-3.20.1 and nspr-4.10.10.
+Wed Nov 22 05:27:06 UTC 2017
+a/kernel-generic-4.14.1-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.1-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.1-x86_64-1.txz: Upgraded.
+a/mt-st-1.3-x86_64-1.txz: Upgraded.
+a/shadow-4.2.1-x86_64-3.txz: Rebuilt.
+ Patched to display the short hostname on the login prompt.
+a/sysvinit-scripts-2.1-noarch-3.txz: Rebuilt.
+ On second thought, let's keep using the short hostname on the login prompt
+ like we always have before. I'm with GazL on this one. :-)
+d/kernel-headers-4.14.1-x86-1.txz: Upgraded.
+k/kernel-source-4.14.1-noarch-1.txz: Upgraded.
+n/ntp-4.2.8p10-x86_64-3.txz: Rebuilt.
+ Fixed a missing "}" in the logrotate file. Thanks to Jakub Jankowski.
+xap/blueman-2.0.5-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+ SeTEFI: Don't use fdisk to detect gpt (it's not neccessary).
+ Thanks to Didier Spaier.
+ SetEFI: Scan /dev/mmcblk[0-9]. Thanks to zerouno.
+ probe: Filter another possible EFI partition label. Thanks to Didier Spaier.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
+ SeTEFI: Don't use fdisk to detect gpt (it's not neccessary).
+ Thanks to Didier Spaier.
+ SetEFI: Scan /dev/mmcblk[0-9]. Thanks to zerouno.
+ probe: Filter another possible EFI partition label. Thanks to Didier Spaier.
++--------------------------+
+Tue Nov 21 05:05:41 UTC 2017
+a/elilo-3.16-x86_64-5.txz: Rebuilt.
+ Double the allowable kernel image size from 8MB to 16MB.
+ Thanks to Didier Spaier.
+ Patched eliloconfig to work with MMC devices. Thanks to zerouno.
+a/sysvinit-scripts-2.1-noarch-2.txz: Rebuilt.
+ inittab: Have agetty display the FQDN, since /bin/login does.
+d/cmake-3.10.0-x86_64-1.txz: Upgraded.
+l/elfutils-0.170-x86_64-1.txz: Upgraded.
+ Moved the shared libraries to /lib{,64}. Thanks to ivandi.
+l/libgsf-1.14.42-x86_64-1.txz: Upgraded.
+l/libtiff-4.0.9-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7183
- (* Security fix *)
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5318
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10095
+ (* Security fix *)
+l/libxml2-2.9.7-x86_64-1.txz: Upgraded.
+l/libxslt-1.1.32-x86_64-1.txz: Upgraded.
+l/libzip-1.3.2-x86_64-1.txz: Upgraded.
+l/orc-0.4.28-x86_64-1.txz: Upgraded.
+n/dovecot-2.2.33.2-x86_64-2.txz: Rebuilt.
+ rc.dovecot: Use doveadm to shut down the service. Add status option.
+ Thanks to Thom1b.
+n/gnupg2-2.2.3-x86_64-1.txz: Upgraded.
+n/iptables-1.6.1-x86_64-2.txz: Rebuilt.
+n/libmnl-1.0.4-x86_64-2.txz: Rebuilt.
+ Moved the shared library to /lib{,64}. Thanks to ivandi.
+n/libnetfilter_queue-1.0.3-x86_64-1.txz: Upgraded.
+n/libnftnl-1.0.8-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+n/nettle-3.4-x86_64-1.txz: Upgraded.
+n/network-scripts-15.0-noarch-3.txz: Rebuilt.
+ rc.inet1, rc.inet1.conf: Fix DHCP timeout which was changed from 15 seconds
+ back to the 14.2 default of 10 seconds. Thanks to Eduard Rozenberg.
+n/nftables-0.8-x86_64-1.txz: Upgraded.
++--------------------------+
+Sun Nov 19 03:36:30 UTC 2017
+a/eudev-3.2.4-x86_64-3.txz: Rebuilt.
+ Blacklist all EDAC modules by default as they make some systems unstable.
+a/kernel-generic-4.14.0-x86_64-2.txz: Upgraded.
+a/kernel-huge-4.14.0-x86_64-2.txz: Upgraded.
+a/kernel-modules-4.14.0-x86_64-2.txz: Upgraded.
+a/sysvinit-scripts-2.1-noarch-1.txz: Upgraded.
+ rc.M: Don't try to run rc.sendmail unless /usr/sbin/makemap is present.
+ rc.M: Don't try to run rc.postfix unless /usr/sbin/postdrop is present.
+ rc.S: Source /etc/default/adjtimex.
+ap/cgmanager-0.41-x86_64-3.txz: Rebuilt.
+ Prevent the rc.cgmanger script from killing itself at shutdown.
+ap/joe-4.5-x86_64-1.txz: Upgraded.
+ap/nano-2.9.0-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.0-x86-2.txz: Upgraded.
+k/kernel-source-4.14.0-noarch-2.txz: Upgraded.
+ -BOOTPARAM_HARDLOCKUP_PANIC n
+ -BOOTPARAM_HARDLOCKUP_PANIC_VALUE 0
+ -BOOTPARAM_SOFTLOCKUP_PANIC n
+ -BOOTPARAM_SOFTLOCKUP_PANIC_VALUE 0
+ -HARDLOCKUP_DETECTOR_PERF y
+ -LOCKUP_DETECTOR y
+ BLK_DEV_IO_TRACE y -> n
+ BUG_ON_DATA_CORRUPTION y -> n
+ DEBUG_LIST y -> n
+ DRM_AMDGPU_CIK n -> y
+ DRM_AMDGPU_SI n -> y
+ EDAC_DECODE_MCE y -> m
+ HARDLOCKUP_DETECTOR y -> n
+ SOFTLOCKUP_DETECTOR y -> n
+n/postfix-3.2.4-x86_64-2.txz: Rebuilt.
+ Make the start message in postfix-script look a bit more correct for when
+ it shows up during boot.
+n/yptools-2.14-x86_64-9.txz: Rebuilt.
+ rc.yp: Fix setting nisdomainname.
+extra/tigervnc/tigervnc-1.8.0-x86_64-3.txz: Rebuilt.
+ Rebuilt against xorg-server-1.19.5.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Tue Nov 3 19:50:31 UTC 2015
-a/aaa_elflibs-14.2-x86_64-4.txz: Rebuilt.
-l/pcre-8.37-x86_64-1.txz: Upgraded.
- Moved libraries into /lib{,64} since grep needs them.
- Thanks to Michal Cieslakiewicz.
-xap/mozilla-firefox-42.0-x86_64-1.txz: Upgraded.
+Fri Nov 17 06:49:47 UTC 2017
+n/network-scripts-15.0-noarch-2.txz: Rebuilt.
+ netconfig: Added $GATEWAY that was accidentally dropped from the script.
+ Thanks to Robby Workman for pointing out my mistake.
++--------------------------+
+Fri Nov 17 00:56:25 UTC 2017
+a/dbus-1.12.2-x86_64-1.txz: Upgraded.
+a/eject-2.1.5-x86_64-4.txz: Removed.
+a/etc-15.0-x86_64-1.txz: Upgraded.
+ /etc/passwd: Added postfix (UID 91), postdrop (UID 92), dovecot (UID 94),
+ and dovenull (UID 95).
+ /etc/group: Added postfix (GID 91), postdrop (GID 92), dovecot (GID 94),
+ and dovenull (GID 95).
+a/hostname-3.18-x86_64-1.txz: Added.
+ This is the latest version of the hostname utility, broken out into a new
+ package to get rid of duplication between util-linux and net-tools.
+a/kernel-firmware-20171109git-noarch-1.txz: Upgraded.
+a/kernel-generic-4.14.0-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.14.0-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.14.0-x86_64-1.txz: Upgraded.
+a/lvm2-2.02.176-x86_64-1.txz: Upgraded.
+a/pkgtools-15.0-noarch-1.txz: Upgraded.
+ Added Postfix and Dovecot to the services setup menu.
+a/smartmontools-6.6-x86_64-1.txz: Upgraded.
+a/sysvinit-scripts-2.0-noarch-39.txz: Rebuilt.
+ rc.M: Set the hostname returned by "hostname" with no arguments to be the
+ FQDN (Fully Qualified Domain Name). Technically, it should work either way
+ (and mostly does), but in practice there are a few things that either refuse
+ to work (mostly commercial software), or require additional configuration if
+ hostname returns the short hostname rather than the FQDN.
+ rc.M: If rc.sendmail is not present and executable, try rc.postfix.
+ rc.M: Run rc.dovecot if it is executable.
+ rc.*: Don't source any init scripts.
+a/time-1.8-x86_64-1.txz: Upgraded.
+a/util-linux-2.31-x86_64-2.txz: Rebuilt.
+ Don't add hostname, domainname, dnsdomainname, nisdomainname, or ypdomainname
+ to the util-linux package. These are provided by the new hostname package.
+ Allow the eject utility to build.
+ap/alsa-utils-1.1.5-x86_64-1.txz: Upgraded.
+ap/linuxdoc-tools-0.9.72-x86_64-4.txz: Rebuilt.
+ Upgraded to DocBook XSL Stylesheets 1.79.2. Thanks to Stuart Winter.
+ Applied patch to fix bus error with xsltproc. Thanks to ecd102 on LQ.
+ap/soma-2.11.3-noarch-1.txz: Upgraded.
+ap/sysstat-11.6.1-x86_64-1.txz: Upgraded.
+d/Cython-0.27.3-x86_64-1.txz: Upgraded.
+d/cmake-3.9.6-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.14.0-x86-1.txz: Upgraded.
+d/re2c-1.0.3-x86_64-1.txz: Upgraded.
+d/scons-3.0.1-x86_64-1.txz: Upgraded.
+d/strace-4.20-x86_64-1.txz: Upgraded.
+k/kernel-source-4.14.0-noarch-1.txz: Upgraded.
+kde/kdelibs-4.14.38-x86_64-1.txz: Upgraded.
+l/SDL2_image-2.0.2-x86_64-1.txz: Upgraded.
+l/alsa-lib-1.1.5-x86_64-1.txz: Upgraded.
+l/alsa-plugins-1.1.5-x86_64-1.txz: Upgraded.
+l/at-spi2-atk-2.26.1-x86_64-1.txz: Upgraded.
+l/at-spi2-core-2.26.2-x86_64-1.txz: Upgraded.
+l/dconf-editor-3.26.2-x86_64-1.txz: Upgraded.
+l/glib-networking-2.54.1-x86_64-1.txz: Upgraded.
+l/glib2-2.54.2-x86_64-1.txz: Upgraded.
+l/gtk+2-2.24.31-x86_64-3.txz: Rebuilt.
+ Added more patches from upstream git. Thanks to Robby Workman.
+l/gtk+3-3.22.26-x86_64-1.txz: Upgraded.
+l/harfbuzz-1.7.1-x86_64-1.txz: Upgraded.
+l/libplist-2.0.0-x86_64-1.txz: Upgraded.
+ This update fixes several security issues.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6440
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6439
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6438
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6437
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6436
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6435
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5836
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5835
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5834
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5545
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5209
+ (* Security fix *)
+l/libsoup-2.60.2-x86_64-1.txz: Upgraded.
+l/mozilla-nss-3.34-x86_64-1.txz: Upgraded.
+ Upgraded to nss-3.34 and nspr-4.17.
+l/pango-1.40.14-x86_64-1.txz: Upgraded.
+l/pygobject3-3.26.1-x86_64-1.txz: Upgraded.
+l/sip-4.19.5-x86_64-1.txz: Upgraded.
+l/vte-0.50.2-x86_64-1.txz: Upgraded.
+n/NetworkManager-1.10.0-x86_64-1.txz: Upgraded.
+ Use the FQDN (Fully Qualified Domain Name) for the hostname as reported by
+ "hostname" with no arguments.
+n/cyrus-sasl-2.1.26-x86_64-2.txz: Rebuilt.
+ Create /etc/sasl2 configuration directory.
+n/dovecot-2.2.33.2-x86_64-1.txz: Added.
+ This will be the new IMAP/POP3 server in the next Slackware release.
+ Thanks to Alan Hicks, Mario Preksavec, and /dev/rob0 for assistance.
+n/ethtool-4.13-x86_64-1.txz: Upgraded.
+n/gnupg2-2.2.2-x86_64-1.txz: Upgraded.
+n/imapd-2.21-x86_64-1.txz: Removed.
+n/inetd-1.79s-x86_64-10.txz: Rebuilt.
+ Do not run inetd (rc.inetd is now shipped non-executable), or open any ports
+ in inetd.conf by default.
+n/iproute2-4.14.1-x86_64-1.txz: Upgraded.
+n/libmilter-8.15.2-x86_64-1.txz: Added.
+ This is a compile-time dependency of Postfix.
+n/net-tools-20170208_479bb4a-x86_64-1.txz: Upgraded.
+ Don't include hostname, domainname, dnsdomainname, nisdomainname,
+ or ypdomainname. These are provided by the new hostname package.
+n/network-scripts-15.0-noarch-1.txz: Upgraded.
+ Switch to using ip instead of ifconfig and route.
+ Supports create/destroy of virtual tun/tap interfaces and adding
+ them to bridges.
+ Supports additional IP addresses added to interfaces in a way
+ that's compatible with net-tools.
+ Thanks to Robby Workman.
+n/postfix-3.2.4-x86_64-1.txz: Added.
+ This will be the default MTA in the next Slackware release. Thanks to
+ Alan Hicks, Mario Preksavec, and /dev/rob0 for assistance.
+n/samba-4.6.10-x86_64-1.txz: Upgraded.
+n/sendmail-8.15.2-x86_64-2.txz: Removed.
+ Moved to /extra.
+n/sendmail-cf-8.15.2-noarch-2.txz: Removed.
+ Moved to /extra.
+n/stunnel-5.43-x86_64-1.txz: Upgraded.
+n/wireless-tools-29-x86_64-10.txz: Rebuilt.
+ Use ip instead of ifconfig. Thanks to Robby Workman.
+t/texlive-2017.171108-x86_64-1.txz: Upgraded.
+ Fixes, cleanups, and logging support in texmf_get.sh.
+ Support for many more languages.
+ More manpages and info files included.
+ TeX packages moved to texlive-extra (hosted on slackbuilds.org): cc-pl,
+ cmexb, cs, ghsystem, kerkis, pl, quran, tipa, and udesoftec.
+ Tex packages excluded as obsolete: aleph and its support files, and cslatex.
+ PDF files removed from koma-script docs.
+ Compiled with --disable-dump-share for better performance.
+ TeXLive fonts are now optionally available to other system applications
+ through a fontconfig file (/etc/fonts/conf.avail/09-texlive.conf).
+ Thanks to Johannes Schoepfer for all of these improvements.
+x/bdftopcf-1.1-x86_64-1.txz: Upgraded.
+x/intel-gpu-tools-1.20-x86_64-1.txz: Upgraded.
+x/libXfont-1.5.3-x86_64-1.txz: Upgraded.
+x/libdrm-2.4.88-x86_64-1.txz: Upgraded.
+x/libpciaccess-0.14-x86_64-1.txz: Upgraded.
+x/mesa-17.2.5-x86_64-1.txz: Upgraded.
+xap/gnuplot-5.2.2-x86_64-1.txz: Upgraded.
+xap/gucharmap-10.0.3-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-57.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
- (* Security fix *)
+ https://www.mozilla.org/security/known-vulnerabilities/firefox.html
+ (* Security fix *)
+xap/network-manager-applet-1.8.6-x86_64-1.txz: Upgraded.
+xap/xpaint-2.10.2-x86_64-1.txz: Upgraded.
+extra/bash-completion/bash-completion-2.7-noarch-2.txz: Rebuilt.
+ Applied some patches from upstream git, including one that unclobbers the
+ rfkill completion from util-linux. Don't clobber mount and umount
+ completions from util-linux. Thanks to ill323 on LQ for the heads-up.
+extra/sendmail/sendmail-8.15.2-x86_64-2.txz: Added.
+ Moved here from the N series. This is still a solid choice for an MTA, and
+ probably the most flexible (although it can be difficult to configure - it
+ has been said that the M4 macro language resembles line noise).
+ Thanks to Eric Allman and everyone at Sendmail for all the years of work.
+extra/sendmail/sendmail-cf-8.15.2-noarch-2.txz: Added.
+ Moved here from the N series.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Mon Nov 2 19:34:58 UTC 2015
-a/grep-2.22-x86_64-1.txz: Upgraded.
-a/lvm2-2.02.133-x86_64-1.txz: Upgraded.
-ap/mariadb-10.0.22-x86_64-1.txz: Upgraded.
-l/gst-plugins-base-1.6.1-x86_64-1.txz: Upgraded.
-l/gst-plugins-good-1.6.1-x86_64-1.txz: Upgraded.
-l/gstreamer-1.6.1-x86_64-1.txz: Upgraded.
-x/xf86-input-evdev-2.10.0-x86_64-1.txz: Upgraded.
-x/xf86-input-synaptics-1.8.3-x86_64-1.txz: Upgraded.
-x/xorg-server-1.17.4-x86_64-1.txz: Upgraded.
-x/xorg-server-xephyr-1.17.4-x86_64-1.txz: Upgraded.
-x/xorg-server-xnest-1.17.4-x86_64-1.txz: Upgraded.
-x/xorg-server-xvfb-1.17.4-x86_64-1.txz: Upgraded.
-+--------------------------+
-Sun Nov 1 17:11:32 UTC 2015
-kde/calligra-2.9.8-x86_64-2.txz: Rebuilt.
- Recompiled against gsl-2.0.
-kde/step-4.14.3-x86_64-3.txz: Rebuilt.
- Recompiled against gsl-2.0.
-l/cairo-1.14.4-x86_64-1.txz: Upgraded.
-l/gsl-2.0-x86_64-1.txz: Upgraded.
-l/orc-0.4.24-x86_64-1.txz: Upgraded.
-+--------------------------+
-Sat Oct 31 17:39:05 UTC 2015
-a/lvm2-2.02.132-x86_64-1.txz: Upgraded.
-a/pkgtools-14.2-noarch-3.txz: Rebuilt.
- Fix unnecessary bashism "==" in makepkg. Thanks to Lars Lindqvist.
-a/xz-5.2.2-x86_64-1.txz: Upgraded.
-x/xdg-utils-1.1.1-noarch-1.txz: Upgraded.
-xap/sane-1.0.25-x86_64-1.txz: Upgraded.
-+--------------------------+
-Sat Oct 31 00:13:40 UTC 2015
-a/dbus-1.10.2-x86_64-1.txz: Upgraded.
-l/glib2-2.46.1-x86_64-2.txz: Rebuilt.
- Applied upstream patch to work around an issue with Java.
- Thanks to Robby Workman.
-l/gvfs-1.26.1.1-x86_64-1.txz: Upgraded.
-n/bridge-utils-1.5-x86_64-1.txz: Upgraded.
- Thanks to Stuart Winter.
+Fri Nov 3 18:42:23 UTC 2017
+a/openssl-solibs-1.0.2m-x86_64-1.txz: Upgraded.
+--------------------------+
-Thu Oct 29 20:12:14 UTC 2015
-a/aaa_elflibs-14.2-x86_64-3.txz: Rebuilt.
- Added libgdbm.so.4.
- Added libssh2.so.1.
- Added libudev.so.0.
- Added libgudev-1.0.so.0.
-a/btrfs-progs-v4.2.3-x86_64-1.txz: Upgraded.
-a/cryptsetup-1.6.8-x86_64-1.txz: Upgraded.
-a/dbus-1.10.0-x86_64-1.txz: Upgraded.
+Fri Nov 3 03:31:56 UTC 2017
+a/sysvinit-scripts-2.0-noarch-38.txz: Rebuilt.
+ Check that rc.mysqld is executable before attempting to shut down the
+ database server. Checking for the mysql.pid is not enough, as /var/run/mysql
+ might be bind mounted into a container. Thanks to Jakub Jankowski.
+ap/cups-2.2.6-x86_64-1.txz: Upgraded.
+ap/mariadb-10.2.10-x86_64-1.txz: Upgraded.
+ This update fixes bugs and security issues.
+ For more information, see:
+ https://jira.mariadb.org/browse/MDEV-13819
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10268
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10378
+ (* Security fix *)
+l/expat-2.2.5-x86_64-1.txz: Upgraded.
+l/gegl-0.2.0-x86_64-6.txz: Rebuilt.
+ Replaced deprecated functions in ff-load module. Thanks to Theodore Kilgore.
+n/openssl-1.0.2m-x86_64-1.txz: Upgraded.
+ This update fixes a security issue:
+ There is a carry propagating bug in the x64 Montgomery squaring procedure.
+ No EC algorithms are affected. Analysis suggests that attacks against RSA
+ and DSA as a result of this defect would be very difficult to perform and
+ are not believed likely. Attacks against DH are considered just feasible
+ (although very difficult) because most of the work necessary to deduce
+ information about a private key may be performed offline. The amount of
+ resources required for such an attack would be very significant and likely
+ only accessible to a limited number of attackers. An attacker would
+ additionally need online access to an unpatched system using the target
+ private key in a scenario with persistent DH parameters and a private
+ key that is shared between multiple clients.
+ This only affects processors that support the BMI1, BMI2 and ADX extensions
+ like Intel Broadwell (5th generation) and later or AMD Ryzen.
+ For more information, see:
+ https://www.openssl.org/news/secadv/20171102.txt
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3736
+ (* Security fix *)
++--------------------------+
+Tue Oct 31 23:53:38 UTC 2017
+a/aaa_elflibs-14.2-x86_64-32.txz: Rebuilt.
+ Added libatomic, and updated versions of libcurl, libexpat, libglib-2.0,
+ libgmodule-2.0, libgobject-2.0, libgthread-2.0, libidn2, libmpfr, and
+ libpng16.
+x/libdrm-2.4.87-x86_64-1.txz: Upgraded.
+x/mesa-17.2.4-x86_64-1.txz: Upgraded.
++--------------------------+
+Fri Oct 27 20:34:35 UTC 2017
+ap/rpm-4.14.0-x86_64-2.txz: Rebuilt.
+ Recompiled to fix linking to old library versions. Thanks to USUARIONUEVO.
+l/SDL2_mixer-2.0.2-x86_64-1.txz: Upgraded.
+l/libmcs-0.7.2-x86_64-1.txz: Removed.
+l/libmowgli-1.0.0-x86_64-1.txz: Removed.
+l/pyrex-0.9.9-x86_64-2.txz: Removed.
+n/php-5.6.32-x86_64-1.txz: Upgraded.
+ Several security bugs were fixed in this release:
+ Out of bounds read in timelib_meridian().
+ The arcfour encryption stream filter crashes PHP.
+ Applied upstream patch for PCRE (CVE-2016-1283).
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1283
+ (* Security fix *)
+n/wget-1.19.2-x86_64-1.txz: Upgraded.
+ This update fixes stack and heap overflows in in HTTP protocol handling.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13089
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13090
+ (* Security fix *)
++--------------------------+
+Wed Oct 25 19:09:26 UTC 2017
+a/btrfs-progs-v4.13.3-x86_64-1.txz: Upgraded.
+a/e2fsprogs-1.43.7-x86_64-1.txz: Upgraded.
+a/gawk-4.2.0-x86_64-2.txz: Rebuilt.
+ Put the profile scripts in the right place. Thanks to gmgf.
+a/glibc-zoneinfo-2017c-noarch-1.txz: Upgraded.
+ap/hplip-3.17.10-x86_64-1.txz: Upgraded.
+ap/rpm-4.14.0-x86_64-1.txz: Upgraded.
+ap/sqlite-3.21.0-x86_64-1.txz: Upgraded.
+d/git-2.14.2-x86_64-1.txz: Upgraded.
+d/scons-3.0.0-x86_64-1.txz: Upgraded.
+l/SDL2-2.0.7-x86_64-1.txz: Upgraded.
+l/apr-1.6.3-x86_64-1.txz: Upgraded.
+l/apr-util-1.6.1-x86_64-1.txz: Upgraded.
+l/atk-2.26.1-x86_64-1.txz: Upgraded.
+l/imagemagick-6.9.9_20-x86_64-1.txz: Upgraded.
+l/lame-3.100-x86_64-1.txz: Upgraded.
+l/libgphoto2-2.5.16-x86_64-1.txz: Upgraded.
+l/libsoup-2.60.1-x86_64-1.txz: Upgraded.
+l/polkit-qt-1-0.112.0-x86_64-1.txz: Upgraded.
+n/ModemManager-1.6.10-x86_64-1.txz: Upgraded.
+n/gnutls-3.6.1-x86_64-1.txz: Upgraded.
+n/httpd-2.4.29-x86_64-1.txz: Upgraded.
+n/irssi-1.0.5-x86_64-1.txz: Upgraded.
+ This update fixes some remote denial of service issues.
+ For more information, see:
+ https://irssi.org/security/irssi_sa_2017_10.txt
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15228
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15227
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15721
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15723
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15722
+ (* Security fix *)
+tcl/expect-5.45.3-x86_64-1.txz: Upgraded.
+x/libdrm-2.4.85-x86_64-1.txz: Upgraded.
+xfce/xfce4-notifyd-0.4.0-x86_64-1.txz: Upgraded.
+xfce/xfce4-weather-plugin-0.8.10-x86_64-1.txz: Upgraded.
+ This has a bugfix related to setting the location:
+ https://bugzilla.xfce.org/show_bug.cgi?id=13877
++--------------------------+
+Tue Oct 24 05:31:18 UTC 2017
+a/util-linux-2.31-x86_64-1.txz: Upgraded.
+ap/screen-4.6.2-x86_64-1.txz: Upgraded.
+l/seamonkey-solibs-2.49.1-x86_64-1.txz: Upgraded.
+n/curl-7.56.1-x86_64-1.txz: Upgraded.
+ This update fixes a security issue:
+ IMAP FETCH response out of bounds read may cause a crash or information leak.
+ For more information, see:
+ https://curl.haxx.se/docs/adv_20171023.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000257
+ (* Security fix *)
+n/rfkill-0.5-x86_64-1.txz: Removed.
+xap/seamonkey-2.49.1-x86_64-1.txz: Upgraded.
++--------------------------+
+Fri Oct 20 04:44:44 UTC 2017
+a/gawk-4.2.0-x86_64-1.txz: Upgraded.
+d/patchelf-0.9-x86_64-1.txz: Added.
+d/rust-1.21.0-x86_64-1.txz: Upgraded.
+ Thanks to Stuart Winter for adding ARM compatibility to the build script, and
+ to Andrew Clemons for help getting the 32-bit x86 build working again.
+l/ffmpeg-3.4-x86_64-1.txz: Upgraded.
+x/libdrm-2.4.84-x86_64-1.txz: Upgraded.
+x/mesa-17.2.3-x86_64-1.txz: Upgraded.
++--------------------------+
+Wed Oct 18 18:21:18 UTC 2017
+ap/cups-2.2.5-x86_64-1.txz: Upgraded.
+n/wpa_supplicant-2.6-x86_64-2.txz: Rebuilt.
+ This update includes patches to mitigate the WPA2 protocol issues known
+ as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data,
+ hijack TCP connections, and to forge and inject packets. This is the
+ list of vulnerabilities that are addressed here:
+ CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the
+ 4-way handshake.
+ CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
+ CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way
+ handshake.
+ CVE-2017-13080: Reinstallation of the group key (GTK) in the group key
+ handshake.
+ CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group
+ key handshake.
+ CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)
+ Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)
+ while processing it.
+ CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
+ CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
+ PeerKey (TPK) key in the TDLS handshake.
+ CVE-2017-13087: reinstallation of the group key (GTK) when processing a
+ Wireless Network Management (WNM) Sleep Mode Response frame.
+ CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
+ processing a Wireless Network Management (WNM) Sleep Mode Response frame.
+ For more information, see:
+ https://www.krackattacks.com/
+ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088
+ (* Security fix *)
+x/libXfont2-2.0.2-x86_64-1.txz: Upgraded.
+ This update is a collection of minor fixes since 2.0.1, including
+ CVE-2017-13720 and CVE-2017-13722.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13720
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13722
+ (* Security fix *)
+x/libXres-1.2.0-x86_64-1.txz: Upgraded.
+ Integer overflows may allow X servers to trigger allocation of insufficient
+ memory and a buffer overflow via vectors related to the (1)
+ XResQueryClients and (2) XResQueryClientResources functions.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1988
+ (* Security fix *)
+x/xorg-server-1.19.5-x86_64-1.txz: Upgraded.
+ This update fixes integer overflows and other possible security issues.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12176
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12177
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12178
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12179
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12180
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12181
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12182
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12183
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12184
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12185
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12186
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12187
+ (* Security fix *)
+x/xorg-server-xephyr-1.19.5-x86_64-1.txz: Upgraded.
+x/xorg-server-xnest-1.19.5-x86_64-1.txz: Upgraded.
+x/xorg-server-xvfb-1.19.5-x86_64-1.txz: Upgraded.
++--------------------------+
+Tue Oct 10 18:08:31 UTC 2017
+a/eudev-3.2.4-x86_64-2.txz: Rebuilt.
+ Fixed a typo in configure.ac. Thanks to Robby Workman.
+a/lvm2-2.02.175-x86_64-1.txz: Upgraded.
+a/mkinitrd-1.4.11-x86_64-5.txz: Rebuilt.
+ Save a copy of the command line used to create the initrd as "command_line"
+ in /boot/initrd-tree/ and within the initrd itself. Also save a copy of
+ /etc/mkinitrd.conf if it exists.
+ap/slackpkg-2.82.2-noarch-1.txz: Upgraded.
+ Updated mirrors-x86*.sample to remove dead mirrors and clarify
+ intent to use mirrors.slackware.com.
+ Add /usr/share/vim/ and /var/yp/ to search path for .new files.
+ Minor tweaks to default blacklist file.
+ Minor tweaks to manual pages.
Thanks to Robby Workman.
-a/e2fsprogs-1.42.13-x86_64-1.txz: Upgraded.
-a/etc-14.2-x86_64-3.txz: Rebuilt.
- Improved comments in lang.{csh,sh} concerning UTF-8.
+ap/tmux-2.6-x86_64-1.txz: Upgraded.
+d/meson-0.43.0-x86_64-1.txz: Upgraded.
+d/perl-5.26.1-x86_64-3.txz: Rebuilt.
+ Don't install a perllocal.pod with information on the vendor_perl bundled
+ modules (that file is for local additions) -- ship the file as
+ vendor_perl.pod instead. Thanks to Robby Workman.
+kde/perlqt-4.14.3-x86_64-5.txz: Rebuilt.
+ Added support for QScintilla. Thanks to oneforall.
+l/ffmpeg-3.3.4-x86_64-2.txz: Rebuilt.
+ Patched to build against openjpeg-2.3.0. Thanks to Matteo Bernardini.
+l/glib2-2.54.1-x86_64-2.txz: Rebuilt.
+ Applied an upstream patch to fix a race condition. Thanks to Robby Workman.
+l/herqq-1.0.0-x86_64-1.txz: Removed.
+l/imagemagick-6.9.9_19-x86_64-1.txz: Upgraded.
+l/libnl3-3.4.0-x86_64-1.txz: Upgraded.
+n/lftp-4.8.3-x86_64-1.txz: Upgraded.
++--------------------------+
+Sat Oct 7 02:53:31 UTC 2017
+a/btrfs-progs-v4.13.2-x86_64-1.txz: Upgraded.
+ap/texinfo-6.5-x86_64-2.txz: Rebuilt.
+ Rebuilt for perl-5.26.1.
+d/perl-5.26.1-x86_64-2.txz: Rebuilt.
+ Replaced Net-SMTP-SSL-1.04 (deprecated upstream) with libnet-3.10.
+ Thanks to Matteo Bernardini.
+l/libxml2-2.9.6-x86_64-1.txz: Upgraded.
+l/libxslt-1.1.31-x86_64-1.txz: Upgraded.
+xap/mozilla-thunderbird-52.4.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Fri Oct 6 06:32:32 UTC 2017
+a/kernel-generic-4.9.53-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.9.53-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.9.53-x86_64-1.txz: Upgraded.
+ap/cups-filters-1.17.9-x86_64-1.txz: Upgraded.
+ap/ghostscript-9.22-x86_64-1.txz: Upgraded.
+ap/vim-8.0.1175-x86_64-1.txz: Upgraded.
+ Compiled using libperl.so from perl-5.26.1.
+d/cmake-3.9.4-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.9.53-x86-1.txz: Upgraded.
+d/perl-5.26.1-x86_64-1.txz: Upgraded.
+ Added the following perl modules to support git send-email (thanks to
+ Xsane): Authen-SASL-2.16, MIME-Base64-3.15, and Net-SMTP-SSL-1.04.
+d/python3-3.6.3-x86_64-1.txz: Upgraded.
+k/kernel-source-4.9.53-noarch-1.txz: Upgraded.
+ KSM n -> y (thanks to ivandi)
+kde/perlkde-4.14.3-x86_64-4.txz: Rebuilt.
+ Recompiled using libperl.so from perl-5.26.1.
+kde/perlqt-4.14.3-x86_64-4.txz: Rebuilt.
+ Recompiled using libperl.so from perl-5.26.1.
+l/gtk+3-3.22.24-x86_64-1.txz: Upgraded.
+l/imagemagick-6.9.9_18-x86_64-1.txz: Upgraded.
+l/libmtp-1.1.14-x86_64-1.txz: Upgraded.
+l/librsvg-2.40.19-x86_64-1.txz: Upgraded.
+l/openjpeg-2.3.0-x86_64-1.txz: Upgraded.
+ This update fixes security issues which may lead to a denial of service
+ or possibly remote code execution.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9572
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9573
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9580
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9581
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12982
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14039
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14040
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14041
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14151
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14152
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14164
+ (* Security fix *)
+l/vte-0.50.1-x86_64-1.txz: Upgraded.
+n/curl-7.56.0-x86_64-1.txz: Upgraded.
+ This update fixes a security issue:
+ libcurl may read outside of a heap allocated buffer when doing FTP.
+ For more information, see:
+ https://curl.haxx.se/docs/adv_20171004.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254
+ (* Security fix *)
+n/epic5-2.0.1-x86_64-2.txz: Rebuilt.
+ Recompiled using libperl.so from perl-5.26.1.
+n/irssi-1.0.4-x86_64-2.txz: Rebuilt.
+ Recompiled using libperl.so from perl-5.26.1.
+n/net-snmp-5.7.3-x86_64-6.txz: Rebuilt.
+ Recompiled using libperl.so from perl-5.26.1.
+n/ntp-4.2.8p10-x86_64-2.txz: Rebuilt.
+ Recompiled using libperl.so from perl-5.26.1.
+n/p11-kit-0.23.9-x86_64-1.txz: Upgraded.
+x/libinput-1.8.3-x86_64-1.txz: Upgraded.
+x/xorg-server-1.19.4-x86_64-1.txz: Upgraded.
+ This update fixes two security issues:
+ Xext/shm: Validate shmseg resource id, otherwise it can belong to a
+ non-existing client and abort X server with FatalError "client not
+ in use", or overwrite existing segment of another existing client.
+ Generating strings for XKB data used a single shared static buffer,
+ which offered several opportunities for errors. Use a ring of
+ resizable buffers instead, to avoid problems when strings end up
+ longer than anticipated.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13721
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13723
+ (* Security fix *)
+x/xorg-server-xephyr-1.19.4-x86_64-1.txz: Upgraded.
+x/xorg-server-xnest-1.19.4-x86_64-1.txz: Upgraded.
+x/xorg-server-xvfb-1.19.4-x86_64-1.txz: Upgraded.
+xap/hexchat-2.12.4-x86_64-2.txz: Rebuilt.
+ Recompiled using libperl.so from perl-5.26.1.
+ Built with --enable-python=python3.
+xap/pidgin-2.12.0-x86_64-2.txz: Rebuilt.
+ Recompiled using libperl.so from perl-5.26.1.
+xap/vim-gvim-8.0.1175-x86_64-1.txz: Upgraded.
+ Compiled using libperl.so from perl-5.26.1.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Tue Oct 3 21:06:59 UTC 2017
+ap/gphoto2-2.5.15-x86_64-1.txz: Upgraded.
+l/dconf-0.26.1-x86_64-1.txz: Upgraded.
+l/dconf-editor-3.26.1-x86_64-1.txz: Upgraded.
+l/gdk-pixbuf2-2.36.11-x86_64-1.txz: Upgraded.
+l/glib2-2.54.1-x86_64-1.txz: Upgraded.
+l/gobject-introspection-1.54.1-x86_64-1.txz: Upgraded.
+l/gtk+3-3.22.22-x86_64-1.txz: Upgraded.
+l/gvfs-1.34.1-x86_64-1.txz: Upgraded.
+l/libgphoto2-2.5.15-x86_64-1.txz: Upgraded.
+l/seamonkey-solibs-2.48-x86_64-3.txz: Rebuilt.
+n/openssh-7.6p1-x86_64-1.txz: Upgraded.
+x/mesa-17.2.2-x86_64-1.txz: Upgraded.
+xap/gucharmap-10.0.2-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-56.0-x86_64-2.txz: Rebuilt.
+ Recompiled with --enable-accessibility.
Thanks to Didier Spaier.
-a/hdparm-9.48-x86_64-1.txz: Upgraded.
-a/kernel-generic-4.1.12-x86_64-1.txz: Upgraded.
-a/kernel-huge-4.1.12-x86_64-1.txz: Upgraded.
-a/kernel-modules-4.1.12-x86_64-1.txz: Upgraded.
-a/less-481-x86_64-1.txz: Upgraded.
-a/pkgtools-14.2-noarch-2.txz: Rebuilt.
- Sort the file lists in /var/log/packages when installing.
- Thanks to Erik Jan Tromp.
-ap/cups-filters-1.0.76-x86_64-1.txz: Upgraded.
-ap/dc3dd-7.2.641-x86_64-1.txz: Upgraded.
-ap/linuxdoc-tools-0.9.69-x86_64-5.txz: Rebuilt.
-ap/moc-2.5.0-x86_64-2.txz: Rebuilt.
-ap/tmux-2.1-x86_64-1.txz: Upgraded.
-ap/vim-7.4.898-x86_64-1.txz: Upgraded.
-ap/zsh-5.1.1-x86_64-1.txz: Upgraded.
-d/automake-1.15-noarch-1.txz: Upgraded.
-d/ccache-3.2.4-x86_64-1.txz: Upgraded.
-d/cmake-3.3.2-x86_64-1.txz: Upgraded.
-d/dev86-0.16.21-x86_64-1.txz: Upgraded.
- Thanks to Heinz Wiesinger.
-d/git-2.6.2-x86_64-1.txz: Upgraded.
-d/kernel-headers-4.1.12-x86-1.txz: Upgraded.
-d/make-4.1-x86_64-1.txz: Upgraded.
-d/perl-5.22.0-x86_64-1.txz: Upgraded.
- Upgraded perl modules: DBD-mysql-4.032, DBI-1.634, URI-1.69,
- XML-Parser-2.44, gettext-1.07.
-d/python-2.7.10-x86_64-2.txz: Rebuilt.
-d/python-setuptools-18.4-x86_64-1.txz: Upgraded.
-d/ruby-2.2.3-x86_64-3.txz: Rebuilt.
-d/scons-2.4.0-x86_64-1.txz: Added.
- Thanks to Heinz Wiesinger.
-d/subversion-1.9.2-x86_64-1.txz: Upgraded.
- Thanks to Heinz Wiesinger.
-k/kernel-source-4.1.12-noarch-1.txz: Upgraded.
-kde/amarok-2.8.0-x86_64-3.txz: Rebuilt.
-kde/amor-4.14.3-x86_64-2.txz: Rebuilt.
-kde/analitza-4.14.3-x86_64-2.txz: Rebuilt.
-kde/ark-4.14.3-x86_64-2.txz: Rebuilt.
-kde/artikulate-4.14.3-x86_64-2.txz: Rebuilt.
-kde/audiocd-kio-4.14.3-x86_64-2.txz: Rebuilt.
-kde/baloo-4.14.3-x86_64-2.txz: Rebuilt.
-kde/baloo-widgets-4.14.3-x86_64-2.txz: Rebuilt.
-kde/blinken-4.14.3-x86_64-2.txz: Rebuilt.
-kde/bluedevil-2.1.1-x86_64-2.txz: Rebuilt.
-kde/bomber-4.14.3-x86_64-2.txz: Rebuilt.
-kde/bovo-4.14.3-x86_64-2.txz: Rebuilt.
-kde/calligra-2.9.8-x86_64-1.txz: Upgraded.
-kde/cantor-4.14.3-x86_64-2.txz: Rebuilt.
-kde/cervisia-4.14.3-x86_64-2.txz: Rebuilt.
-kde/dolphin-plugins-4.14.3-x86_64-2.txz: Rebuilt.
-kde/dragon-4.14.3-x86_64-2.txz: Rebuilt.
-kde/filelight-4.14.3-x86_64-2.txz: Rebuilt.
-kde/granatier-4.14.3-x86_64-2.txz: Rebuilt.
-kde/gwenview-4.14.3-x86_64-2.txz: Rebuilt.
-kde/juk-4.14.3-x86_64-2.txz: Rebuilt.
-kde/k3b-2.0.3-x86_64-2.txz: Rebuilt.
-kde/kaccessible-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kactivities-4.13.3-x86_64-2.txz: Rebuilt.
-kde/kajongg-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kalgebra-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kalzium-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kamera-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kanagram-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kapman-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kapptemplate-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kate-4.14.3-x86_64-2.txz: Rebuilt.
-kde/katomic-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kaudiocreator-1.3-x86_64-2.txz: Rebuilt.
-kde/kblackbox-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kblocks-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kbounce-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kbreakout-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kbruch-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kcachegrind-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kcalc-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kcharselect-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kcolorchooser-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kcron-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kde-base-artwork-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kde-baseapps-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kde-dev-scripts-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kde-dev-utils-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kde-runtime-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kde-workspace-4.11.22-x86_64-1.txz: Upgraded.
-kde/kdeartwork-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kdeconnect-kde-0.8-x86_64-2.txz: Rebuilt.
-kde/kdegraphics-mobipocket-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kdegraphics-strigi-analyzer-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kdegraphics-thumbnailers-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kdelibs-4.14.13-x86_64-1.txz: Upgraded.
-kde/kdenetwork-filesharing-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kdenetwork-strigi-analyzers-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kdepim-4.14.10-x86_64-1.txz: Upgraded.
-kde/kdepim-runtime-4.14.10-x86_64-1.txz: Upgraded.
-kde/kdepimlibs-4.14.10-x86_64-1.txz: Upgraded.
-kde/kdeplasma-addons-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kdesdk-kioslaves-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kdesdk-strigi-analyzers-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kdesdk-thumbnailers-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kdev-python-1.7.2-x86_64-1.txz: Upgraded.
-kde/kdevelop-4.7.2-x86_64-1.txz: Upgraded.
-kde/kdevelop-pg-qt-1.0.0-x86_64-2.txz: Rebuilt.
-kde/kdevelop-php-1.7.2-x86_64-1.txz: Upgraded.
-kde/kdevelop-php-docs-1.7.2-x86_64-1.txz: Upgraded.
-kde/kdevplatform-1.7.2-x86_64-1.txz: Upgraded.
-kde/kdewebdev-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kdf-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kdiamond-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kfilemetadata-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kfloppy-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kfourinline-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kgamma-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kgeography-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kget-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kgoldrunner-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kgpg-4.14.3-x86_64-2.txz: Rebuilt.
-kde/khangman-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kig-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kigo-4.14.3-x86_64-2.txz: Rebuilt.
-kde/killbots-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kio-mtp-2063e75_20131020git-x86_64-2.txz: Rebuilt.
-kde/kiriki-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kiten-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kjumpingcube-4.14.3-x86_64-2.txz: Rebuilt.
-kde/klettres-4.14.3-x86_64-2.txz: Rebuilt.
-kde/klickety-4.14.3-x86_64-2.txz: Rebuilt.
-kde/klines-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kmag-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kmahjongg-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kmines-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kmix-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kmousetool-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kmouth-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kmplot-4.14.3-x86_64-2.txz: Rebuilt.
-kde/knavalbattle-4.14.3-x86_64-2.txz: Rebuilt.
-kde/knetwalk-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kolf-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kollision-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kolourpaint-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kompare-4.14.3-x86_64-2.txz: Rebuilt.
-kde/konquest-4.14.3-x86_64-2.txz: Rebuilt.
-kde/konsole-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kopete-4.14.3-x86_64-2.txz: Rebuilt.
-kde/korundum-4.14.3-x86_64-3.txz: Rebuilt.
-kde/kpat-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kplayer-0.7.2-x86_64-2.txz: Rebuilt.
-kde/kppp-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kqtquickcharts-4.14.3-x86_64-2.txz: Rebuilt.
-kde/krdc-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kremotecontrol-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kreversi-4.14.3-x86_64-2.txz: Rebuilt.
-kde/krfb-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kross-interpreters-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kruler-4.14.3-x86_64-2.txz: Rebuilt.
-kde/ksaneplugin-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kscreen-1.0.2.1-x86_64-2.txz: Rebuilt.
-kde/kshisen-4.14.3-x86_64-2.txz: Rebuilt.
-kde/ksirk-4.14.3-x86_64-2.txz: Rebuilt.
-kde/ksnakeduel-4.14.3-x86_64-2.txz: Rebuilt.
-kde/ksnapshot-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kspaceduel-4.14.3-x86_64-2.txz: Rebuilt.
-kde/ksquares-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kstars-4.14.3-x86_64-2.txz: Rebuilt.
-kde/ksudoku-4.14.3-x86_64-2.txz: Rebuilt.
-kde/ksystemlog-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kteatime-4.14.3-x86_64-2.txz: Rebuilt.
-kde/ktimer-4.14.3-x86_64-2.txz: Rebuilt.
-kde/ktorrent-4.3.1-x86_64-2.txz: Rebuilt.
-kde/ktouch-4.14.3-x86_64-2.txz: Rebuilt.
-kde/ktuberling-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kturtle-4.14.3-x86_64-2.txz: Rebuilt.
-kde/ktux-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kubrick-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kuser-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kwalletmanager-4.14.3-x86_64-2.txz: Rebuilt.
-kde/kwebkitpart-1.3.4-x86_64-2.txz: Rebuilt.
-kde/kwordquiz-4.14.3-x86_64-2.txz: Rebuilt.
-kde/libkcddb-4.14.3-x86_64-2.txz: Rebuilt.
-kde/libkcompactdisc-4.14.3-x86_64-2.txz: Rebuilt.
-kde/libkdcraw-4.14.3-x86_64-2.txz: Rebuilt.
-kde/libkdeedu-4.14.3-x86_64-2.txz: Rebuilt.
-kde/libkdegames-4.14.3-x86_64-2.txz: Rebuilt.
-kde/libkexiv2-4.14.3-x86_64-2.txz: Rebuilt.
-kde/libkipi-4.14.3-x86_64-2.txz: Rebuilt.
-kde/libkmahjongg-4.14.3-x86_64-2.txz: Rebuilt.
-kde/libkomparediff2-4.14.3-x86_64-2.txz: Rebuilt.
-kde/libksane-4.14.3-x86_64-2.txz: Rebuilt.
-kde/libkscreen-1.0.5-x86_64-2.txz: Rebuilt.
-kde/libktorrent-1.3.1-x86_64-3.txz: Rebuilt.
-kde/libmm-qt-1.0.1-x86_64-2.txz: Rebuilt.
-kde/libnm-qt-0.9.8.3-x86_64-2.txz: Rebuilt.
-kde/lokalize-4.14.3-x86_64-2.txz: Rebuilt.
-kde/lskat-4.14.3-x86_64-2.txz: Rebuilt.
-kde/marble-4.14.3-x86_64-2.txz: Rebuilt.
-kde/mplayerthumbs-4.14.3-x86_64-2.txz: Rebuilt.
-kde/nepomuk-core-4.14.3-x86_64-2.txz: Rebuilt.
-kde/nepomuk-widgets-4.14.3-x86_64-2.txz: Rebuilt.
-kde/okteta-4.14.3-x86_64-2.txz: Rebuilt.
-kde/okular-4.14.3-x86_64-2.txz: Rebuilt.
-kde/oxygen-gtk2-1.4.6-x86_64-2.txz: Rebuilt.
-kde/oxygen-icons-4.14.3-x86_64-2.txz: Rebuilt.
-kde/pairs-4.14.3-x86_64-2.txz: Rebuilt.
-kde/palapeli-4.14.3-x86_64-2.txz: Rebuilt.
-kde/parley-4.14.3-x86_64-2.txz: Rebuilt.
-kde/partitionmanager-1.1.1-x86_64-2.txz: Rebuilt.
-kde/perlkde-4.14.3-x86_64-2.txz: Rebuilt.
-kde/perlqt-4.14.3-x86_64-2.txz: Rebuilt.
-kde/picmi-4.14.3-x86_64-2.txz: Rebuilt.
-kde/plasma-nm-0.9.3.6-x86_64-1.txz: Upgraded.
-kde/polkit-kde-agent-1-9d74ae3_20120104git-x86_64-2.txz: Rebuilt.
-kde/polkit-kde-kcmodules-1-001bdf7_20120111git-x86_64-2.txz: Rebuilt.
-kde/poxml-4.14.3-x86_64-2.txz: Rebuilt.
-kde/print-manager-4.14.3-x86_64-2.txz: Rebuilt.
-kde/pykde4-4.14.3-x86_64-3.txz: Rebuilt.
-kde/qtruby-4.14.3-x86_64-4.txz: Rebuilt.
-kde/rocs-4.14.3-x86_64-2.txz: Rebuilt.
-kde/skanlite-1.1-x86_64-2.txz: Rebuilt.
-kde/smokegen-4.14.3-x86_64-2.txz: Rebuilt.
-kde/smokekde-4.14.3-x86_64-2.txz: Rebuilt.
-kde/smokeqt-4.14.3-x86_64-3.txz: Rebuilt.
-kde/step-4.14.3-x86_64-2.txz: Rebuilt.
-kde/superkaramba-4.14.3-x86_64-2.txz: Rebuilt.
-kde/svgpart-4.14.3-x86_64-2.txz: Rebuilt.
-kde/sweeper-4.14.3-x86_64-2.txz: Rebuilt.
-kde/umbrello-4.14.3-x86_64-2.txz: Rebuilt.
-kde/wicd-kde-0.3.0_bcf27d8-x86_64-2.txz: Rebuilt.
-kde/zeroconf-ioslave-4.14.3-x86_64-2.txz: Rebuilt.
-kdei/calligra-l10n-bs-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ca-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ca@valencia-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-cs-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-da-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-de-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-el-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-en_GB-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-es-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-et-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-fi-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-fr-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-gl-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-hu-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-it-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ja-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-kk-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-nb-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-nl-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pl-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pt-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pt_BR-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ru-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-sk-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-sv-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-tr-2.9.8-noarch-1.txz: Added.
-kdei/calligra-l10n-uk-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-zh_CN-2.9.8-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-zh_TW-2.9.8-noarch-1.txz: Upgraded.
-l/ConsoleKit-0.4.5-x86_64-1.txz: Removed.
-l/ConsoleKit2-1.0.0-x86_64-1.txz: Added.
- This replaces the ConsoleKit package.
- Thanks to Eric Hameleers and Robby Workman.
-l/GConf-3.2.6-x86_64-2.txz: Rebuilt.
-l/adwaita-icon-theme-3.18.0-noarch-1.txz: Upgraded.
-l/apr-1.5.2-x86_64-1.txz: Upgraded.
-l/apr-util-1.5.4-x86_64-1.txz: Upgraded.
-l/at-spi2-atk-2.18.1-x86_64-1.txz: Upgraded.
-l/at-spi2-core-2.18.1-x86_64-1.txz: Upgraded.
-l/atk-2.18.0-x86_64-1.txz: Upgraded.
-l/dconf-editor-3.18.1-x86_64-1.txz: Upgraded.
-l/ebook-tools-0.2.2-x86_64-3.txz: Rebuilt.
- Applied upstream patch to support epub3 fixed layout.
- Thanks to Heinz Wiesinger.
-l/exiv2-0.25-x86_64-1.txz: Upgraded.
- Shared library .so-version bump. Thanks to Heinz Wiesinger.
-l/freetype-2.6.1-x86_64-1.txz: Upgraded.
-l/gdbm-1.11-x86_64-1.txz: Upgraded.
- Shared library .so-version bump. Thanks to Heinz Wiesinger.
-l/gdk-pixbuf2-2.32.1-x86_64-1.txz: Upgraded.
-l/glib-networking-2.46.1-x86_64-1.txz: Upgraded.
-l/glib2-2.46.1-x86_64-1.txz: Upgraded.
- Thanks to Robby Workman for preparing the most recent gtk/glib stack
- that's marked as stable.
-l/gnome-themes-standard-3.18.0-x86_64-1.txz: Upgraded.
-l/gobject-introspection-1.46.0-x86_64-1.txz: Upgraded.
-l/gsettings-desktop-schemas-3.18.1-x86_64-1.txz: Upgraded.
-l/gsl-1.16-x86_64-1.txz: Added.
-l/gst-plugins-base-1.6.0-x86_64-1.txz: Upgraded.
-l/gst-plugins-good-1.6.0-x86_64-1.txz: Upgraded.
-l/gstreamer-1.6.0-x86_64-1.txz: Upgraded.
-l/gtk+3-3.18.2-x86_64-1.txz: Upgraded.
-l/gvfs-1.26.1-x86_64-1.txz: Upgraded.
-l/jasper-1.900.1-x86_64-5.txz: Rebuilt.
- Applied many security and bug fixes.
- Thanks to Heinz Wiesinger.
+xap/mozilla-thunderbird-52.3.0-x86_64-2.txz: Rebuilt.
+ Recompiled with --enable-accessibility and Google API support.
+ Thanks to Didier Spaier.
+xap/seamonkey-2.48-x86_64-3.txz: Rebuilt.
+ Recompiled with --enable-accessibility and Google API support.
+ Thanks to Didier Spaier.
++--------------------------+
+Mon Oct 2 17:16:06 UTC 2017
+n/dnsmasq-2.78-x86_64-1.txz: Upgraded.
+ This update fixes bugs and remotely exploitable security issues that may
+ have impacts including denial of service, information leak, and execution
+ of arbitrary code. Thanks to Felix Wilhelm, Fermin J. Serna, Gabriel Campana,
+ Kevin Hamacher, Ron Bowes, and Gynvael Coldwind of the Google Security Team.
+ For more information, see:
+ https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13704
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14495
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14496
+ (* Security fix *)
+isolinux/initrd.img: Rebuilt.
+ When doing a network install, don't download a package if the tagfile is
+ going to skip installing it. Thanks to ivandi.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Sun Oct 1 20:00:22 UTC 2017
+a/kernel-generic-4.9.52-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.9.52-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.9.52-x86_64-1.txz: Upgraded.
+ap/a2ps-4.14-x86_64-6.txz: Rebuilt.
+ Removed embedded copy of psutils (already included in TeXLive).
+d/kernel-headers-4.9.52-x86-1.txz: Upgraded.
+k/kernel-source-4.9.52-noarch-1.txz: Upgraded.
+l/openexr-2.2.0-x86_64-2.txz: Rebuilt.
+ Patched bugs that may lead to program crashes or possibly execution of
+ arbitrary code. Thanks to Thomas Choi for the patch.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9110
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9111
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9112
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9113
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9114
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9115
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9116
+ (* Security fix *)
+t/texlive-2017.170622-x86_64-2.txz: Rebuilt.
+ Corrected slack-desc. Thanks to Johannes Schoepfer.
+xap/gnuplot-5.2.0-x86_64-1.txz: Upgraded.
+ Thanks to Johannes Schoepfer for the path fixes.
+xap/xpdf-4.00-x86_64-2.txz: Rebuilt.
+ Added a config option to fix broken printing.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Fri Sep 29 22:58:54 UTC 2017
+ap/cups-filters-1.17.8-x86_64-1.txz: Upgraded.
+l/libpng-1.6.34-x86_64-1.txz: Upgraded.
+t/tetex-3.0-x86_64-10.txz: Removed.
+ Thanks to Thomas Esser -- teTeX had a good long run. :-)
+t/tetex-doc-3.0-x86_64-10.txz: Removed.
+t/texlive-2017.170622-x86_64-1.txz: Added.
+ Thanks very much to Johannes Schoepfer for the great work on this!
+ Also thanks to Robby Workman for adjustments and testing.
++--------------------------+
+Thu Sep 28 21:03:26 UTC 2017
+ap/mariadb-10.2.9-x86_64-1.txz: Upgraded.
+l/pcre2-10.30-x86_64-2.txz: Rebuilt.
+ Remove the .la files before they have a chance to creep into any other ones.
+ These generally aren't helpful for libraries that support pkg-config.
+n/net-snmp-5.7.3-x86_64-5.txz: Rebuilt.
+ Recompiled with MariaDB support. Thanks to Kris Karas.
+xap/mozilla-firefox-56.0-x86_64-1.txz: Upgraded.
+ This release contains security fixes and improvements.
For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3522
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4516
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4517
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8138
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8157
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8158
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9029
- (* Security fix *)
-l/libcanberra-0.30-x86_64-2.txz: Rebuilt.
- Fixed building against tdb. Thanks to Heinz Wiesinger.
-l/libodfgen-0.1.4-x86_64-1.txz: Upgraded.
-l/libproxy-0.4.11-x86_64-3.txz: Rebuilt.
-l/librsvg-2.40.11-x86_64-1.txz: Upgraded.
-l/libsoup-2.52.1-x86_64-1.txz: Upgraded.
-l/libtiff-4.0.5-x86_64-1.txz: Upgraded.
- Thanks to Heinz Wiesinger.
-l/libvisio-0.1.3-x86_64-1.txz: Added.
- Thanks to Heinz Wiesinger.
-l/libvpx-1.4.0-x86_64-1.txz: Upgraded.
- Shared library .so-version bump. Thanks to Heinz Wiesinger.
-l/libwpg-0.3.0-x86_64-1.txz: Added.
- Thanks to Heinz Wiesinger.
-l/libzip-1.0.1-x86_64-1.txz: Upgraded.
- Shared library .so-version bump. Thanks to Heinz Wiesinger.
-l/pango-1.38.1-x86_64-1.txz: Upgraded.
-l/pilot-link-0.12.5-x86_64-9.txz: Rebuilt.
-l/poppler-0.37.0-x86_64-1.txz: Upgraded.
+ https://www.mozilla.org/security/known-vulnerabilities/firefox.html
+ (* Security fix *)
++--------------------------+
+Thu Sep 28 05:31:20 UTC 2017
+Thanks to Robby Workman for preparing nearly all of the updates in this batch.
+a/dbus-1.10.24-x86_64-1.txz: Upgraded.
+a/hwdata-0.304-noarch-1.txz: Upgraded.
+a/lvm2-2.02.174-x86_64-1.txz: Upgraded.
+a/mcelog-153-x86_64-1.txz: Upgraded.
+a/xfsprogs-4.13.1-x86_64-1.txz: Upgraded.
+ap/mpg123-1.25.7-x86_64-1.txz: Upgraded.
+ap/sysstat-11.6.0-x86_64-1.txz: Upgraded.
+d/Cython-0.27-x86_64-1.txz: Upgraded.
+l/adwaita-icon-theme-3.26.0-noarch-1.txz: Upgraded.
+l/at-spi2-atk-2.26.0-x86_64-1.txz: Upgraded.
+l/at-spi2-core-2.26.0-x86_64-1.txz: Upgraded.
+l/atk-2.26.0-x86_64-1.txz: Upgraded.
+l/babl-0.1.30-x86_64-1.txz: Upgraded.
+l/gc-7.6.0-x86_64-1.txz: Upgraded.
+l/gegl-0.2.0-x86_64-5.txz: Rebuilt.
+ Patched integer overflows in operations/external/ppm-load.c that could allow
+ a denial of service (application crash) or possibly the execution of
+ arbitrary code via a large width or height value in a ppm image.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4433
+ (* Security fix *)
+l/glib-networking-2.54.0-x86_64-1.txz: Upgraded.
+l/glib2-2.54.0-x86_64-1.txz: Upgraded.
+l/glibmm-2.54.1-x86_64-1.txz: Upgraded.
+l/gobject-introspection-1.54.0-x86_64-1.txz: Upgraded.
+l/gsettings-desktop-schemas-3.24.1-x86_64-1.txz: Upgraded.
+l/gst-plugins-base-1.12.3-x86_64-1.txz: Upgraded.
+l/gst-plugins-good-1.12.3-x86_64-1.txz: Upgraded.
+l/gst-plugins-libav-1.12.3-x86_64-1.txz: Upgraded.
+l/gstreamer-1.12.3-x86_64-1.txz: Upgraded.
+l/gtkmm3-3.22.2-x86_64-1.txz: Upgraded.
+l/hicolor-icon-theme-0.17-noarch-1.txz: Upgraded.
+l/hunspell-1.6.2-x86_64-1.txz: Upgraded.
+l/iso-codes-3.76-noarch-1.txz: Upgraded.
+l/libsoup-2.60.0-x86_64-1.txz: Upgraded.
+l/media-player-info-23-noarch-1.txz: Upgraded.
+l/pcre2-10.30-x86_64-1.txz: Added.
+ Thanks to Larry Hajali.
+l/pygobject3-3.26.0-x86_64-1.txz: Upgraded.
+l/qca-2.1.3-x86_64-1.txz: Upgraded.
+n/cifs-utils-6.7-x86_64-1.txz: Upgraded.
+n/gnupg2-2.2.1-x86_64-1.txz: Upgraded.
+n/ipset-6.34-x86_64-1.txz: Upgraded.
+n/libmbim-1.14.2-x86_64-1.txz: Upgraded.
+n/openvpn-2.4.4-x86_64-1.txz: Upgraded.
+n/p11-kit-0.23.8-x86_64-1.txz: Upgraded.
+x/libwacom-0.26-x86_64-1.txz: Upgraded.
+xap/gucharmap-10.0.1-x86_64-1.txz: Upgraded.
+xap/xpdf-4.00-x86_64-1.txz: Upgraded.
+xfce/xfce4-clipman-plugin-1.4.2-x86_64-1.txz: Upgraded.
++--------------------------+
+Tue Sep 26 02:37:01 UTC 2017
+l/libxslt-1.1.30-x86_64-3.txz: Rebuilt.
+ Fixed bashism in configure.in that resulted in pkg-config not being used
+ properly unless /bin/sh was bash. Thanks to Willy Sudiarto Raharjo.
++--------------------------+
+Tue Sep 26 00:39:15 UTC 2017
+a/util-linux-2.30.2-x86_64-2.txz: Rebuilt.
+ Renamed old BSD version of strings to "strings-BSD".
+ap/cups-filters-1.17.7-x86_64-2.txz: Rebuilt.
+ Recompiled against poppler-0.59.0 and qpdf-7.0.0.
+ap/qpdf-7.0.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+d/binutils-2.29.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
-l/pygobject3-3.18.2-x86_64-1.txz: Added.
-l/python-pillow-3.0.0-x86_64-1.txz: Upgraded.
- Upgraded to Pillow 3.0.0 and Sane 2.8.2.
-l/qca-2.0.3-x86_64-1.txz: Upgraded.
-l/qca-cyrus-sasl-2.0.0_beta3-x86_64-2.txz: Rebuilt.
-l/serf-1.3.8-x86_64-1.txz: Added.
+ Don't rename strings to "strings-GNU", but provide a symlink from strings-GNU
+ to strings in case any user-created scripts are using the name we gave the
+ GNU version of strings for many years. The GNU version of strings has more
+ features and is what most scripts expect to find installed. Any existing
+ scripts that use BSD specific options may need to be patched to use
+ equivalent GNU options (or to use strings-BSD instead).
+d/meson-0.42.1-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
-l/strigi-0.7.8-x86_64-2.txz: Rebuilt.
-l/virtuoso-ose-6.1.8-x86_64-2.txz: Rebuilt.
-n/alpine-2.20-x86_64-2.txz: Rebuilt.
-n/curl-7.45.0-x86_64-1.txz: Upgraded.
- This is now compiled against libssh2 for sftp support.
- Thanks to Jonathan Woithe.
- Fixes some security issues.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3144
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3145
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3236
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3237
+d/ninja-1.8.2-x86_64-1.txz: Added.
+ Thanks to alienBOB.
+d/oprofile-1.2.0-x86_64-1.txz: Upgraded.
+ Compiled against binutils-2.29.1.
+d/re2c-1.0.2-x86_64-1.txz: Added.
+ Thanks to LukenShiro.
+kde/calligra-2.9.11-x86_64-16.txz: Rebuilt.
+ Recompiled against poppler-0.59.0.
+l/LibRaw-0.18.5-x86_64-1.txz: Upgraded.
+l/libxslt-1.1.30-x86_64-2.txz: Rebuilt.
+ Be a bit more generous with xsltMaxDepth to avoid a false positive on
+ infinite recursion. This fixes building the Samba docs.
+l/poppler-0.59.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+xfce/tumbler-0.2.0-x86_64-2.txz: Rebuilt.
+ Recompiled against poppler-0.59.0.
++--------------------------+
+Sun Sep 24 19:03:35 UTC 2017
+a/os-prober-1.76-x86_64-1.txz: Upgraded.
+ap/cups-filters-1.17.7-x86_64-1.txz: Upgraded.
+d/help2man-1.47.5-x86_64-1.txz: Upgraded.
+l/SDL2-2.0.6-x86_64-1.txz: Upgraded.
+l/imagemagick-6.9.9_15-x86_64-1.txz: Upgraded.
+l/pulseaudio-11.1-x86_64-1.txz: Upgraded.
+x/fontconfig-2.12.6-x86_64-1.txz: Upgraded.
+xap/audacious-3.9-x86_64-1.txz: Upgraded.
+xap/audacious-plugins-3.9-x86_64-1.txz: Upgraded.
++--------------------------+
+Sat Sep 23 01:02:32 UTC 2017
+Good hello! Python 3 has made its entry into -current. :-) Huge thanks are due
+to Heinz Wiesinger for a great effort maintaining and testing this on the side
+for months now, and for queuing it up for an easy merge without all that many
+changes needed, and to Audrius Kažukauskas for maintaining the Python 3
+build scripts on slackbuilds.org for years (on which our Python 3 SlackBuild
+was based). Enjoy!
+a/glibc-solibs-2.26-x86_64-3.txz: Rebuilt.
+a/kmod-24-x86_64-2.txz: Rebuilt.
+ Added python3 bindings.
+a/util-linux-2.30.2-x86_64-1.txz: Upgraded.
+ Added python3 bindings.
+ap/hplip-3.17.9-x86_64-1.txz: Upgraded.
+ Switch to using python3.
+ap/pamixer-1.3.1-x86_64-4.txz: Rebuilt.
+ Compiled against boost-1.65.1.
+ap/rpm-4.13.0.1-x86_64-1.txz: Upgraded.
+d/Cython-0.26.1-x86_64-1.txz: Upgraded.
+d/cmake-3.9.3-x86_64-1.txz: Upgraded.
+d/gdb-8.0.1-x86_64-2.txz: Rebuilt.
+ Switch to using python3.
+d/python-2.7.14-x86_64-1.txz: Upgraded.
+ Updated to the latest 2.7.x release.
+ This fixes some security issues related to the bundled expat library.
+ Note that -current is now using the system expat library instead.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9063
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9233
+ (* Security fix *)
+d/python-pip-9.0.1-x86_64-1.txz: Added.
+d/python-setuptools-36.5.0-x86_64-1.txz: Upgraded.
+d/python3-3.6.2-x86_64-1.txz: Added.
+kde/calligra-2.9.11-x86_64-15.txz: Rebuilt.
+ Compiled against boost-1.65.1.
+kde/kdev-python-1.7.3-x86_64-1.txz: Upgraded.
+kde/kdevelop-4.7.4-x86_64-1.txz: Upgraded.
+kde/kdevelop-php-1.7.4-x86_64-1.txz: Upgraded.
+kde/kdevelop-php-docs-1.7.4-x86_64-1.txz: Upgraded.
+kde/kdevplatform-1.7.4-x86_64-1.txz: Upgraded.
+kde/kig-4.14.3-x86_64-6.txz: Rebuilt.
+ Compiled against boost-1.65.1.
+kde/pykde4-4.14.3-x86_64-6.txz: Rebuilt.
+ Added python3 version.
+l/M2Crypto-0.26.2-x86_64-1.txz: Upgraded.
+l/PyQt-4.12.1-x86_64-1.txz: Upgraded.
+ Added python3 version.
+l/QScintilla-2.10.1-x86_64-1.txz: Upgraded.
+l/akonadi-1.13.0-x86_64-7.txz: Rebuilt.
+ Compiled against boost-1.65.1.
+l/boost-1.65.1-x86_64-1.txz: Upgraded.
+ Added libboost_python3.
+ Shared library .so-version bump.
+l/dbus-python-1.2.4-x86_64-3.txz: Rebuilt.
+ Added python3 version.
+l/glibc-2.26-x86_64-3.txz: Rebuilt.
+ Applied an upstream patch to fix finding the location of shared libraries
+ with some Steam games and possibly other programs. Thanks to sbolokanov.
+l/glibc-i18n-2.26-x86_64-3.txz: Rebuilt.
+l/glibc-profile-2.26-x86_64-3.txz: Rebuilt.
+l/libcaca-0.99.beta19-x86_64-2.txz: Rebuilt.
+ Added python3 bindings.
+l/libcap-ng-0.7.8-x86_64-2.txz: Rebuilt.
+ Added python3 bindings.
+l/libproxy-0.4.15-x86_64-1.txz: Upgraded.
+l/libwebp-0.6.0-x86_64-2.txz: Rebuilt.
+ Added python3 bindings.
+l/libxml2-2.9.5-x86_64-1.txz: Upgraded.
+ Added python3 version.
+ This release fixes some security issues:
+ Detect infinite recursion in parameter entities (Nick Wellnhofer),
+ Fix handling of parameter-entity references (Nick Wellnhofer),
+ Disallow namespace nodes in XPointer ranges (Nick Wellnhofer),
+ Fix XPointer paths beginning with range-to (Nick Wellnhofer).
+ (* Security fix *)
+l/libxslt-1.1.30-x86_64-1.txz: Upgraded.
+l/newt-0.52.20-x86_64-2.txz: Rebuilt.
+ Added python3 bindings.
+l/pycairo-1.15.3-x86_64-1.txz: Upgraded.
+ Added python3 version.
+l/pycups-1.9.73-x86_64-3.txz: Rebuilt.
+ Added python3 version.
+l/pycurl-7.43.0-x86_64-3.txz: Rebuilt.
+ Added python3 version.
+l/pygobject-2.28.6-x86_64-4.txz: Rebuilt.
+ Added python3 version.
+l/pygobject3-3.24.1-x86_64-2.txz: Rebuilt.
+ Added python3 version.
+l/pygtk-2.24.0-x86_64-4.txz: Rebuilt.
+l/pyparsing-2.2.0-x86_64-1.txz: Added.
+l/python-appdirs-1.4.3-x86_64-1.txz: Added.
+l/python-certifi-2017.7.27.1-x86_64-1.txz: Added.
+l/python-chardet-3.0.4-x86_64-1.txz: Added.
+l/python-docutils-0.14-x86_64-1.txz: Added.
+l/python-idna-2.6-x86_64-1.txz: Added.
+l/python-packaging-16.8-x86_64-1.txz: Added.
+l/python-pillow-4.2.1-x86_64-1.txz: Upgraded.
+l/python-requests-2.18.4-x86_64-1.txz: Added.
+l/python-sane-2.8.3-x86_64-1.txz: Added.
+l/python-six-1.10.0-x86_64-2.txz: Rebuilt.
+l/python-urllib3-1.22-x86_64-1.txz: Added.
+l/sip-4.19.3-x86_64-1.txz: Upgraded.
+l/system-config-printer-1.5.9-x86_64-1.txz: Upgraded.
+l/taglib-1.11.1-x86_64-2.txz: Rebuilt.
+ Compiled against boost-1.65.1.
+l/urwid-1.0.3-x86_64-2.txz: Rebuilt.
+ Added python3 version.
+n/NetworkManager-1.8.4-x86_64-1.txz: Upgraded.
+n/getmail-5.1-x86_64-1.txz: Upgraded.
+n/gpgme-1.9.0-x86_64-2.txz: Rebuilt.
+ Added python3 bindings.
+n/obexftp-0.24.2-x86_64-2.txz: Rebuilt.
+ Added python3 version.
+n/pssh-2.3.1-x86_64-2.txz: Rebuilt.
+ Switch to using python3.
+x/intel-gpu-tools-1.19-x86_64-1.txz: Upgraded.
+x/vulkan-sdk-1.0.61.1-x86_64-1.txz: Upgraded.
+x/xcb-proto-1.12-x86_64-2.txz: Rebuilt.
+ Added python3 version.
+xap/blueman-2.0.4-x86_64-3.txz: Rebuilt.
+ Switch to using python3.
+ Don't autostart applet in KDE. Thanks to Robby Workman.
+xap/network-manager-applet-1.8.4-x86_64-1.txz: Upgraded.
++--------------------------+
+Thu Sep 21 01:23:24 UTC 2017
+n/samba-4.6.8-x86_64-1.txz: Upgraded.
+ This is a security release in order to address the following defects:
+ SMB1/2/3 connections may not require signing where they should. A man in the
+ middle attack may hijack client connections.
+ SMB3 connections don't keep encryption across DFS redirects. A man in the
+ middle attack can read and may alter confidential documents transferred via
+ a client connection, which are reached via DFS redirect when the original
+ connection used SMB3.
+ Server memory information leak over SMB1. Client with write access to a share
+ can cause server memory contents to be written into a file or printer.
+ For more information, see:
+ https://www.samba.org/samba/security/CVE-2017-12150.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150
+ https://www.samba.org/samba/security/CVE-2017-12151.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151
+ https://www.samba.org/samba/security/CVE-2017-12163.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163
+ (* Security fix *)
++--------------------------+
+Tue Sep 19 20:49:07 UTC 2017
+l/freetype-2.8-x86_64-1.txz: Upgraded.
+ Reverted due to rendering issues with programs such as Firefox that violate
+ the Freetype API. We'll revisit this after upstream programs have some time
+ to catch up.
+x/libinput-1.8.2-x86_64-1.txz: Upgraded.
++--------------------------+
+Mon Sep 18 19:15:03 UTC 2017
+a/eudev-3.2.4-x86_64-1.txz: Upgraded.
+a/libgudev-232-x86_64-1.txz: Upgraded.
+a/usb_modeswitch-2.5.1-x86_64-1.txz: Upgraded.
+ap/man-pages-4.13-noarch-1.txz: Upgraded.
+d/cmake-3.9.2-x86_64-1.txz: Upgraded.
+d/ruby-2.4.2-x86_64-1.txz: Upgraded.
+ This release includes several security fixes.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0898
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10784
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14033
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14064
+ (* Security fix *)
+l/akonadi-1.13.0-x86_64-6.txz: Rebuilt.
+ Fixed using akonadi with an external database. Thanks to Heinz Wiesinger.
+l/freetype-2.8.1-x86_64-1.txz: Upgraded.
+n/httpd-2.4.27-x86_64-3.txz: Rebuilt.
+ This update patches a security issue ("Optionsbleed") with the OPTIONS http
+ method which may leak arbitrary pieces of memory to a potential attacker.
+ Thanks to Hanno Bo:ck.
+ For more information, see:
+ http://seclists.org/oss-sec/2017/q3/477
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798
+ (* Security fix *)
+x/fontconfig-2.12.5-x86_64-1.txz: Upgraded.
+x/mesa-17.2.1-x86_64-1.txz: Upgraded.
+x/xf86-input-libinput-0.26.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Fri Sep 15 17:31:57 UTC 2017
+a/kernel-firmware-20170914git-noarch-1.txz: Upgraded.
+a/kernel-generic-4.9.50-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.9.50-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.9.50-x86_64-1.txz: Upgraded.
+ Fixed BlueBorne vulnerability in bluetooth.ko module.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000251
+ https://www.armis.com/blueborne
+ (* Security fix *)
+ap/texinfo-6.5-x86_64-1.txz: Upgraded.
+ap/xorriso-1.4.8-x86_64-1.txz: Added.
+d/kernel-headers-4.9.50-x86-1.txz: Upgraded.
+k/kernel-source-4.9.50-noarch-1.txz: Upgraded.
+ This update fixes the security vulnerability known as "BlueBorne".
+ The native Bluetooth stack in the Linux Kernel (BlueZ), starting at
+ Linux kernel version 3.3-rc1 is vulnerable to a stack overflow in
+ the processing of L2CAP configuration responses resulting in remote
+ code execution in kernel space.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000251
+ https://www.armis.com/blueborne
+ (* Security fix *)
+l/ffmpeg-3.3.4-x86_64-1.txz: Upgraded.
+l/gvfs-1.34.0-x86_64-1.txz: Upgraded.
+ Don't set AutoMount=false in network.mount (fixes tree view in Thunar).
+ Thanks to PROBLEMCHYLD.
+n/bluez-5.47-x86_64-1.txz: Upgraded.
+ Fixed an information disclosure vulnerability which allows remote attackers
+ to obtain sensitive information from the bluetoothd process memory. This
+ vulnerability lies in the processing of SDP search attribute requests.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000250
(* Security fix *)
-n/cyrus-sasl-2.1.26-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Tue Sep 12 22:18:51 UTC 2017
+ap/cups-filters-1.17.4-x86_64-1.txz: Upgraded.
+e/emacs-25.3-x86_64-1.txz: Upgraded.
+ This update fixes a security vulnerability in Emacs. Gnus no longer
+ supports "richtext" and "enriched" inline MIME objects. This support
+ was disabled to avoid evaluation of arbitrary Lisp code contained in
+ email messages and news articles.
+ For more information, see:
+ http://seclists.org/oss-sec/2017/q3/422
+ https://bugs.gnu.org/28350
+ (* Security fix *)
+l/ebook-tools-0.2.2-x86_64-4.txz: Rebuilt.
+ Recompiled against libzip-1.3.0.
+l/gdk-pixbuf2-2.36.10-x86_64-1.txz: Upgraded.
+l/libzip-1.3.0-x86_64-1.txz: Upgraded.
+ Fix a denial of service and possible code execution issue.
Shared library .so-version bump.
-n/epic5-1.4-x86_64-1.txz: Upgraded.
-n/httpd-2.4.17-x86_64-1.txz: Upgraded.
-n/icmpinfo-1.11-x86_64-2.txz: Rebuilt.
- Patched to avoid a segfault on 64-bit systems. Thanks to Zoltán Pósfai.
-n/imapd-2.20-x86_64-2.txz: Rebuilt.
-n/irssi-0.8.17-x86_64-2.txz: Rebuilt.
-n/libssh2-1.6.0-x86_64-1.txz: Added.
- Apologies to Jonathan Woithe for taking so long to add this one. :-)
-n/mutt-1.5.24-x86_64-2.txz: Rebuilt.
-n/net-snmp-5.7.3-x86_64-2.txz: Rebuilt.
-n/netatalk-2.2.3-x86_64-6.txz: Rebuilt.
-n/ntp-4.2.8p4-x86_64-1.txz: Upgraded.
- In addition to bug fixes and enhancements, this release fixes
- several low and medium severity vulnerabilities.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9750
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5196
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7691
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7692
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7701
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7702
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7705
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7848
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7849
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7850
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7851
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7852
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7853
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7854
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7855
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7871
- (* Security fix *)
-n/obexftp-0.23-x86_64-11.txz: Rebuilt.
-n/openldap-client-2.4.42-x86_64-1.txz: Upgraded.
-n/php-5.6.14-x86_64-1.txz: Upgraded.
- This update fixes some bugs and security issues.
For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7803
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7804
- (* Security fix *)
-n/samba-4.3.1-x86_64-1.txz: Upgraded.
-n/sendmail-8.15.2-x86_64-2.txz: Rebuilt.
-n/sendmail-cf-8.15.2-noarch-2.txz: Rebuilt.
-n/vsftpd-3.0.3-x86_64-1.txz: Upgraded.
-n/yptools-2.14-x86_64-4.txz: Rebuilt.
- Upgraded to ypbind-mt-1.38 and ypserv-2.32.1.
-x/libdrm-2.4.65-x86_64-1.txz: Upgraded.
-x/libva-1.6.1-x86_64-1.txz: Upgraded.
-x/libva-intel-driver-1.6.1-x86_64-1.txz: Upgraded.
-x/mesa-11.0.4-x86_64-1.txz: Upgraded.
-x/pixman-0.33.4-x86_64-1.txz: Upgraded.
-x/scim-1.4.15-x86_64-2.txz: Rebuilt.
- Applied upstream patch to fix segfault with GTK3 apps.
- Thanks to Heinz Wiesinger.
-x/scim-anthy-1.2.7-x86_64-1.txz: Upgraded.
-x/scim-hangul-0.4.0-x86_64-1.txz: Upgraded.
-x/scim-input-pad-0.1.3.1-x86_64-1.txz: Upgraded.
-x/scim-pinyin-0.5.92-x86_64-1.txz: Upgraded.
-x/scim-tables-0.5.14.1-x86_64-1.txz: Upgraded.
-x/xinput-1.6.2-x86_64-1.txz: Upgraded.
-x/xorg-server-1.17.3-x86_64-1.txz: Upgraded.
-x/xorg-server-xephyr-1.17.3-x86_64-1.txz: Upgraded.
-x/xorg-server-xnest-1.17.3-x86_64-1.txz: Upgraded.
-x/xorg-server-xvfb-1.17.3-x86_64-1.txz: Upgraded.
-xap/MPlayer-20150721-x86_64-2.txz: Rebuilt.
-xap/audacious-3.6.2-x86_64-1.txz: Upgraded.
-xap/audacious-plugins-3.6.2-x86_64-1.txz: Upgraded.
-xap/geeqie-1.2.1-x86_64-1.txz: Upgraded.
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12858
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14107
+ (* Security fix *)
++--------------------------+
+Tue Sep 12 06:52:52 UTC 2017
+a/btrfs-progs-v4.13-x86_64-1.txz: Upgraded.
+a/kernel-generic-4.9.49-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.9.49-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.9.49-x86_64-1.txz: Upgraded.
+ap/ash-0.4.0-x86_64-2.txz: Removed.
+ap/dash-0.5.9.1-x86_64-1.txz: Added.
+ap/zsh-5.4.2-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.9.49-x86-1.txz: Upgraded.
+d/strace-4.19-x86_64-1.txz: Upgraded.
+k/kernel-source-4.9.49-noarch-1.txz: Upgraded.
+l/expat-2.2.4-x86_64-1.txz: Upgraded.
+l/glibmm-2.52.1-x86_64-1.txz: Upgraded.
+l/gtk+3-3.22.21-x86_64-1.txz: Upgraded.
+l/pango-1.40.12-x86_64-1.txz: Upgraded.
+x/xf86-video-amdgpu-1.4.0-x86_64-1.txz: Upgraded.
+x/xf86-video-ati-7.10.0-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Fri Sep 8 17:56:01 UTC 2017
+a/coreutils-8.28-x86_64-1.txz: Upgraded.
+ A bug in the embedded gnulib allows "date" and "touch" to overwrite the
+ heap with large user specified TZ values, possibly executing arbitrary
+ code. Bug introduced in coreutils-8.27.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7476
+ (* Security fix *)
+a/file-5.32-x86_64-1.txz: Upgraded.
+ap/mariadb-10.2.8-x86_64-2.txz: Rebuilt.
+ap/sudo-1.8.21p2-x86_64-1.txz: Upgraded.
+d/gdb-8.0.1-x86_64-1.txz: Upgraded.
+d/gnu-cobol-1.1-x86_64-2.txz: Removed.
+d/gnucobol-2.2-x86_64-1.txz: Added.
+ Package upgraded and renamed to new upstream name "gnucobol".
+d/llvm-5.0.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+d/rust-1.20.0-x86_64-1.txz: Upgraded.
+kde/kdelibs-4.14.36-x86_64-1.txz: Upgraded.
+l/harfbuzz-1.5.1-x86_64-1.txz: Upgraded.
+l/jemalloc-4.5.0-x86_64-1.txz: Upgraded.
+ Downgraded from version 5.0.1 due to problems with mariadb (which is
+ currently the only thing using jemalloc). Thanks to Heinz Wiesinger.
+l/libidn2-2.0.4-x86_64-1.txz: Upgraded.
+l/mozilla-nss-3.31.1-x86_64-1.txz: Upgraded.
+ Upgraded to nss-3.31.1 and nspr-4.16.
+l/mpfr-3.1.6-x86_64-1.txz: Upgraded.
+n/iproute2-4.13.0-x86_64-1.txz: Upgraded.
+n/tcpdump-4.9.2-x86_64-1.txz: Upgraded.
+ This update fixes bugs and many security issues (see the included
+ CHANGES file).
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11541
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11541
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11542
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11542
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11543
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11543
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12893
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12894
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12895
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12896
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12897
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12898
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12899
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12900
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12901
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12902
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12985
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12986
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12987
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12988
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12989
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12990
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12991
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12992
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12994
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12995
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12996
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12997
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12998
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12999
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13000
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13001
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13002
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13003
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13004
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13005
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13006
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13007
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13008
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13009
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13010
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13011
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13012
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13013
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13014
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13015
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13016
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13017
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13018
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13019
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13020
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13021
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13022
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13023
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13024
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13025
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13026
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13027
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13028
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13029
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13030
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13031
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13032
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13033
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13034
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13035
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13036
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13037
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13038
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13039
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13040
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13041
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13042
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13043
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13044
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13045
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13046
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13047
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13048
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13049
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13050
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13051
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13052
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13053
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13054
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13055
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13687
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13688
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13689
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13690
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13725
+ (* Security fix *)
+x/mesa-17.2.0-x86_64-1.txz: Upgraded.
+ Compiled against llvm-5.0.0.
+x/xf86-video-vmware-13.2.1-x86_64-4.txz: Rebuilt.
+ Recompiled against llvm-5.0.0.
++--------------------------+
+Thu Aug 31 21:14:43 UTC 2017
+l/akonadi-1.13.0-x86_64-5.txz: Rebuilt.
+ Merged an upstream patch and global config change to allow akonadi to work
+ properly with mariadb-10.2.8. Thanks to Heinz Wiesinger.
+l/glib2-2.52.3-x86_64-2.txz: Rebuilt.
+ Fixed a race condition bug when using /etc/mtab. Thanks to ChrisVV.
++--------------------------+
+Wed Aug 30 22:34:34 UTC 2017
+a/e2fsprogs-1.43.6-x86_64-1.txz: Upgraded.
+ap/sqlite-3.20.1-x86_64-1.txz: Upgraded.
+d/perl-5.24.0-x86_64-2.txz: Rebuilt.
+ Recompiled against mariadb-10.2.8.
+ Upgraded to DBD-mysql-4.043, DBI-1.637, URI-1.72, and XML-Simple-2.24.
+kde/amarok-2.8.0-x86_64-4.txz: Rebuilt.
+ Recompiled against mariadb-10.2.8.
+kde/calligra-2.9.11-x86_64-14.txz: Rebuilt.
+ Recompiled against mariadb-10.2.8.
+l/qt-4.8.7-x86_64-7.txz: Rebuilt.
+ Recompiled against mariadb-10.2.8.
+l/redland-1.0.17-x86_64-2.txz: Rebuilt.
+ Recompiled against mariadb-10.2.8.
+n/ulogd-2.0.5-x86_64-2.txz: Rebuilt.
+ Recompiled against mariadb-10.2.8.
++--------------------------+
+Wed Aug 30 02:41:28 UTC 2017
+a/logrotate-3.12.3-x86_64-1.txz: Upgraded.
+ Thanks to Robby Workman.
+ap/cups-filters-1.17.2-x86_64-1.txz: Upgraded.
+ap/mariadb-10.2.8-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump / change.
Thanks to Heinz Wiesinger.
-xap/gnuchess-6.2.2-x86_64-1.txz: Upgraded.
-xap/imagemagick-6.9.2_4-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-41.0.2-x86_64-1.txz: Upgraded.
+ap/nano-2.8.7-x86_64-1.txz: Upgraded.
+d/cargo-0.20.0-x86_64-1.txz: Removed.
+ I wanted to put "Oxidized" here, but that would have confused slackpkg. ;-)
+d/rust-1.19.0-x86_64-2.txz: Rebuilt.
+ Build with "extended = true" option to produce the extended Rust tool
+ set which is not only the compiler but also tools such as Cargo. This
+ is what upstream recommends now since they'll be dropping standalone
+ Cargo from the repository. Thanks to Andrew Clemons.
+l/glade3-3.8.6-x86_64-1.txz: Upgraded.
+l/jemalloc-5.0.1-x86_64-1.txz: Upgraded.
+l/libpng-1.6.32-x86_64-1.txz: Upgraded.
+n/bsd-finger-0.17-x86_64-2.txz: Rebuilt.
+ Patched to fix segfault with glibc-2.26.
+ Thanks to Karl Magnus Kolstø.
+n/libgcrypt-1.8.1-x86_64-1.txz: Upgraded.
+ Mitigate a local side-channel attack on Curve25519 dubbed "May
+ the Fourth be With You".
+ For more information, see:
+ https://eprint.iacr.org/2017/806
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0379
+ (* Security fix *)
+x/mesa-17.1.8-x86_64-1.txz: Upgraded.
++--------------------------+
+Fri Aug 25 18:38:28 UTC 2017
+a/dialog-1.3_20170509-x86_64-1.txz: Upgraded.
+a/kernel-generic-4.9.45-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.9.45-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.9.45-x86_64-1.txz: Upgraded.
+ap/cups-filters-1.17.0-x86_64-1.txz: Upgraded.
+ap/sudo-1.8.21-x86_64-1.txz: Upgraded.
+d/cargo-0.20.0-x86_64-1.txz: Added.
+ Thanks to Andrew Clemons.
+d/kernel-headers-4.9.45-x86-1.txz: Upgraded.
+d/rust-1.19.0-x86_64-1.txz: Added.
+ Thanks to Andrew Clemons.
+k/kernel-source-4.9.45-noarch-1.txz: Upgraded.
+kde/kdelibs-4.14.35-x86_64-1.txz: Upgraded.
+l/gtk+3-3.22.19-x86_64-1.txz: Upgraded.
+l/harfbuzz-1.5.0-x86_64-1.txz: Upgraded.
+l/libcdio-paranoia-10.2+0.94+2-x86_64-1.txz: Upgraded.
+l/libedit-20170329_3.1-x86_64-1.txz: Upgraded.
+n/gnutls-3.6.0-x86_64-1.txz: Upgraded.
+n/whois-5.2.18-x86_64-1.txz: Upgraded.
+x/libdrm-2.4.83-x86_64-1.txz: Upgraded.
+x/mesa-17.1.7-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-55.0.3-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Thu Aug 17 05:36:28 UTC 2017
+a/kernel-generic-4.9.44-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.9.44-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.9.44-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.9.44-x86-1.txz: Upgraded.
+k/kernel-source-4.9.44-noarch-1.txz: Upgraded.
+xap/mozilla-thunderbird-52.3.0-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Tue Aug 15 22:16:12 UTC 2017
+a/aaa_elflibs-14.2-x86_64-31.txz: Rebuilt.
+a/kernel-generic-4.9.43-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.9.43-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.9.43-x86_64-1.txz: Upgraded.
+ap/cups-2.2.4-x86_64-2.txz: Rebuilt.
+ Don't return an empty printer list when there is no default printer.
+ Thanks to Jurgen Van Ham.
+d/gcc-7.2.0-x86_64-1.txz: Upgraded.
+d/gcc-brig-7.2.0-x86_64-1.txz: Upgraded.
+d/gcc-g++-7.2.0-x86_64-1.txz: Upgraded.
+d/gcc-gfortran-7.2.0-x86_64-1.txz: Upgraded.
+d/gcc-gnat-7.2.0-x86_64-1.txz: Upgraded.
+d/gcc-go-7.2.0-x86_64-1.txz: Upgraded.
+d/gcc-objc-7.2.0-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.9.43-x86-1.txz: Upgraded.
+d/libtool-2.4.6-x86_64-6.txz: Rebuilt.
+ Recompiled to update embedded GCC version number.
+k/kernel-source-4.9.43-noarch-1.txz: Upgraded.
+l/poppler-data-0.4.8-noarch-1.txz: Upgraded.
+x/xorg-server-1.19.3-x86_64-2.txz: Rebuilt.
+ This update fixes two security issues:
+ A user authenticated to an X Session could crash or execute code in the
+ context of the X Server by exploiting a stack overflow in the endianness
+ conversion of X Events.
+ Uninitialized data in endianness conversion in the XEvent handling of the
+ X.Org X Server allowed authenticated malicious users to access potentially
+ privileged data from the X server.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10971
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10972
+ (* Security fix *)
+x/xorg-server-xephyr-1.19.3-x86_64-2.txz: Rebuilt.
+x/xorg-server-xnest-1.19.3-x86_64-2.txz: Rebuilt.
+x/xorg-server-xvfb-1.19.3-x86_64-2.txz: Rebuilt.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Fri Aug 11 23:02:43 UTC 2017
+ap/cups-filters-1.16.1-x86_64-1.txz: Upgraded.
+ap/mariadb-10.0.32-x86_64-1.txz: Upgraded.
+ap/mpg123-1.25.6-x86_64-1.txz: Upgraded.
+d/cmake-3.9.1-x86_64-1.txz: Upgraded.
+d/git-2.14.1-x86_64-1.txz: Upgraded.
+ Fixes security issues:
+ A "ssh://..." URL can result in a "ssh" command line with a hostname that
+ begins with a dash "-", which would cause the "ssh" command to instead
+ (mis)treat it as an option. This is now prevented by forbidding such a
+ hostname (which should not impact any real-world usage).
+ Similarly, when GIT_PROXY_COMMAND is configured, the command is run with
+ host and port that are parsed out from "ssh://..." URL; a poorly written
+ GIT_PROXY_COMMAND could be tricked into treating a string that begins with a
+ dash "-" as an option. This is now prevented by forbidding such a hostname
+ and port number (again, which should not impact any real-world usage).
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000117
+ (* Security fix *)
+d/mercurial-4.3.1-x86_64-1.txz: Upgraded.
+ Fixes security issues:
+ Mercurial's symlink auditing was incomplete prior to 4.3, and could
+ be abused to write to files outside the repository.
+ Mercurial was not sanitizing hostnames passed to ssh, allowing
+ shell injection attacks on clients by specifying a hostname starting
+ with -oProxyCommand.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000115
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000116
+ (* Security fix *)
+d/subversion-1.9.7-x86_64-1.txz: Upgraded.
+ Fixed client side arbitrary code execution vulnerability.
+ For more information, see:
+ https://subversion.apache.org/security/CVE-2017-9800-advisory.txt
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9800
+ (* Security fix *)
+l/libsoup-2.58.2-x86_64-1.txz: Upgraded.
+ Fixed a chunked decoding buffer overrun that could be exploited against
+ either clients or servers.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2885
+ (* Security fix *)
+n/samba-4.6.7-x86_64-1.txz: Upgraded.
+tcl/tcl-8.6.7-x86_64-1.txz: Upgraded.
+tcl/tk-8.6.7-x86_64-1.txz: Upgraded.
++--------------------------+
+Wed Aug 9 20:23:16 UTC 2017
+a/kernel-generic-4.9.41-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.9.41-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.9.41-x86_64-1.txz: Upgraded.
+ap/cups-filters-1.16.0-x86_64-2.txz: Rebuilt.
+ Linked against poppler-0.57.0.
+ap/mpg123-1.25.5-x86_64-1.txz: Upgraded.
+d/gcc-7.1.0-x86_64-3.txz: Rebuilt.
+ Recompiled with upstream patches for glibc-2.26 compatibility.
+d/gcc-brig-7.1.0-x86_64-3.txz: Rebuilt.
+d/gcc-g++-7.1.0-x86_64-3.txz: Rebuilt.
+d/gcc-gfortran-7.1.0-x86_64-3.txz: Rebuilt.
+d/gcc-gnat-7.1.0-x86_64-3.txz: Rebuilt.
+d/gcc-go-7.1.0-x86_64-3.txz: Rebuilt.
+d/gcc-objc-7.1.0-x86_64-3.txz: Rebuilt.
+d/kernel-headers-4.9.41-x86-1.txz: Upgraded.
+d/llvm-4.0.1-x86_64-2.txz: Rebuilt.
+ Fixed garbled output from lldb. Thanks to Ebben Aries.
+ Patched to compile with glibc-2.26.
+k/kernel-source-4.9.41-noarch-1.txz: Upgraded.
+kde/calligra-2.9.11-x86_64-13.txz: Rebuilt.
+ Linked against glew-2.1.0 and poppler-0.57.0.
+l/gdk-pixbuf2-2.36.8-x86_64-1.txz: Upgraded.
+l/gtk+3-3.22.18-x86_64-1.txz: Upgraded.
+l/harfbuzz-1.4.8-x86_64-1.txz: Upgraded.
+l/libxslt-1.1.29-x86_64-2.txz: Rebuilt.
+ Don't include xlocale.h in libxslt/xsltlocale.h, as it has been removed from
+ glibc-2.26. Thanks to Matteo Bernardini.
+l/pango-1.40.9-x86_64-1.txz: Upgraded.
+l/poppler-0.57.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+n/curl-7.55.0-x86_64-1.txz: Upgraded.
+ This update fixes three security issues:
+ URL globbing out of bounds read
+ TFTP sends more than buffer size
+ FILE buffer read out of bounds
+ For more information, see:
+ https://curl.haxx.se/docs/adv_20170809A.html
+ https://curl.haxx.se/docs/adv_20170809B.html
+ https://curl.haxx.se/docs/adv_20170809C.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000099
+ (* Security fix *)
+n/httpd-2.4.27-x86_64-2.txz: Rebuilt.
+ Recompiled against glibc-2.26 to fix relocation error.
+ Thanks to Willy Sudiarto Raharjo.
+x/glew-2.1.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+x/libdrm-2.4.82-x86_64-1.txz: Upgraded.
+x/mesa-17.1.6-x86_64-1.txz: Upgraded.
+ Linked against glew-2.1.0.
+xap/gparted-0.29.0-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-52.3.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
+ https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
-xap/pidgin-2.10.11-x86_64-3.txz: Rebuilt.
-xap/vim-gvim-7.4.898-x86_64-1.txz: Upgraded.
-xap/xchat-2.8.8-x86_64-11.txz: Rebuilt.
-xap/xine-lib-1.2.6-x86_64-4.txz: Rebuilt.
-xfce/tumbler-0.1.31-x86_64-2.txz: Rebuilt.
-extra/xf86-video-fbdev/xf86-video-fbdev-0.4.4-x86_64-3.txz: Rebuilt.
+xfce/tumbler-0.2.0-x86_64-1.txz: Upgraded.
+ Linked against poppler-0.57.0.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Thu Oct 8 23:09:33 UTC 2015
-d/ccache-3.2.3-x86_64-2.txz: Rebuilt.
- Recompiled with --sysconfdir=/etc so that ccache will look there for a
- system-wide config (not in /usr/etc). Thanks to David Spencer.
-d/libtool-2.4.6-x86_64-2.txz: Rebuilt.
-xap/mozilla-thunderbird-38.3.0-x86_64-2.txz: Rebuilt.
- Recompiled with --enable-calendar.
-xap/xine-lib-1.2.6-x86_64-3.txz: Rebuilt.
- Removed broken .la files. Thanks to David Spencer.
-+--------------------------+
-Mon Oct 5 17:24:30 UTC 2015
-a/glibc-zoneinfo-2015g-noarch-1.txz: Upgraded.
- Upgraded to tzcode2015g and tzdata2015g.
-ap/cdrtools-3.01-x86_64-2.txz: Rebuilt.
- Removed useless man pages in /usr/man/man3. Thanks to Adrien Nader.
-+--------------------------+
-Thu Oct 1 21:21:36 UTC 2015
-a/pkgtools-14.2-noarch-1.txz: Upgraded.
- Patched makepkg and removepkg to support spaces in symlinks. Spaces in file
- and directory names also work, so support should be complete.
- Thanks to Erik Jan Tromp.
- Patched makepkg to ensure that the root of a package is chmod 755.
- Patched installpkg to speed up several parts of the script, especially when
- symlinks are created by an install script. If bash is available, install
- scripts will be translated to avoid spawning two subshells per link.
- Also, reduced UUOC! :-)
- Patched removepkg to speed up several parts of the script.
- Thanks to Stuart Winter and Jim Hawkins.
- Patched upgradepkg to speed up several parts of the script by using native
- bash rather than calling out to sed. (Similar changes might be applied to
- installpkg/removepkg in the future, but upgradepkg looping against the full
- set of packages is where the most improvement is seen)
- Thanks to Michal "mina86" Nazarewicz.
-l/mozilla-nss-3.20-x86_64-1.txz: Upgraded.
- Upgraded to nss-3.20 and nspr-4.10.9.
-l/seamonkey-solibs-2.38-x86_64-1.txz: Upgraded.
-n/php-5.6.13-x86_64-1.txz: Upgraded.
- This update fixes some bugs and security issues.
+Sun Aug 6 05:29:56 UTC 2017
+a/e2fsprogs-1.43.5-x86_64-1.txz: Upgraded.
+a/glibc-solibs-2.26-x86_64-2.txz: Rebuilt.
+ap/vim-8.0.0876-x86_64-1.txz: Upgraded.
+d/git-2.14.0-x86_64-1.txz: Upgraded.
+l/glibc-2.26-x86_64-2.txz: Rebuilt.
+ Recompiled to add libnss_compat-2.26.so, libnss_nis-2.26.so,
+ libnss_nisplus-2.26.so, and headers to restore missing/broken
+ NIS functionality.
+l/glibc-i18n-2.26-x86_64-2.txz: Rebuilt.
+l/glibc-profile-2.26-x86_64-2.txz: Rebuilt.
+xap/vim-gvim-8.0.0876-x86_64-1.txz: Upgraded.
++--------------------------+
+Fri Aug 4 19:22:07 UTC 2017
+a/glibc-solibs-2.26-x86_64-1.txz: Upgraded.
+ap/sqlite-3.20.0-x86_64-1.txz: Upgraded.
+l/glibc-2.26-x86_64-1.txz: Upgraded.
+l/glibc-i18n-2.26-x86_64-1.txz: Upgraded.
+l/glibc-profile-2.26-x86_64-1.txz: Upgraded.
+l/imagemagick-6.9.9_5-x86_64-1.txz: Upgraded.
+l/pango-1.40.7-x86_64-2.txz: Rebuilt.
+ Patched to fix Unicode emoji handling issue caused by width changes in glibc.
+n/bind-9.11.2-x86_64-1.txz: Upgraded.
+n/dhcp-4.3.6-x86_64-1.txz: Upgraded.
+n/nmap-7.60-x86_64-1.txz: Upgraded.
++--------------------------+
+Wed Aug 2 03:43:51 UTC 2017
+a/btrfs-progs-v4.12-x86_64-1.txz: Upgraded.
+l/ffmpeg-3.3.3-x86_64-1.txz: Upgraded.
+l/seamonkey-solibs-2.48-x86_64-2.txz: Rebuilt.
+n/bluez-5.46-x86_64-2.txz: Rebuilt.
+ Added /usr/bin/gatttool.
+n/gnupg-1.4.22-x86_64-1.txz: Upgraded.
+ Mitigate a flush+reload side-channel attack on RSA secret keys dubbed
+ "Sliding right into disaster".
+ For more information, see:
+ https://eprint.iacr.org/2017/627
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7526
+ (* Security fix *)
+n/gnupg2-2.1.22-x86_64-1.txz: Upgraded.
+x/xf86-input-wacom-0.35.0-x86_64-1.txz: Upgraded.
+xap/seamonkey-2.48-x86_64-2.txz: Rebuilt.
+ Recompiled with -fno-delete-null-pointer-checks to fix crashes caused by
+ aggressive gcc7 optimization. Thanks to KewlCat for the bug report.
++--------------------------+
+Fri Jul 28 20:29:47 UTC 2017
+a/dbus-1.10.22-x86_64-1.txz: Upgraded.
+a/gptfdisk-1.0.3-x86_64-1.txz: Upgraded.
+a/kernel-generic-4.9.40-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.9.40-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.9.40-x86_64-1.txz: Upgraded.
+a/mkinitrd-1.4.11-x86_64-4.txz: Rebuilt.
+ Upgraded to busybox-1.27.1.
+ap/cups-filters-1.16.0-x86_64-1.txz: Upgraded.
+ap/hplip-3.17.7-x86_64-1.txz: Upgraded.
+ap/squashfs-tools-4.3-x86_64-2.txz: Rebuilt.
+ Patched a couple of denial of service issues and other bugs.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4645
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4646
+ (* Security fix *)
+d/kernel-headers-4.9.40-x86-1.txz: Upgraded.
+k/kernel-source-4.9.40-noarch-1.txz: Upgraded.
+l/libpng-1.6.31-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+ Upgraded to busybox-1.27.1.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
+ Upgraded to busybox-1.27.1.
++--------------------------+
+Thu Jul 27 01:03:02 UTC 2017
+a/dbus-1.10.20-x86_64-2.txz: Rebuilt.
+ Don't demand high-quality entropy from expat-2.2.2+ because 1) dbus doesn't
+ need it and 2) it can cause the boot process to hang if dbus times out.
+ Thanks to SeB for a link to the bug report and patch.
++--------------------------+
+Tue Jul 25 21:09:42 UTC 2017
+n/bind-9.11.1_P3-x86_64-1.txz: Upgraded.
+ Fix a regression in the previous BIND release that broke verification
+ of TSIG signed TCP message sequences where not all the messages contain
+ TSIG records.
+ Compiled to use libidn rather than the deprecated (and broken) idnkit.
+n/idnkit-1.0-x86_64-1.txz: Removed.
++--------------------------+
+Tue Jul 25 03:45:44 UTC 2017
+a/lvm2-2.02.173-x86_64-1.txz: Upgraded.
+a/xfsprogs-4.12.0-x86_64-1.txz: Upgraded.
+ap/vim-8.0.0771-x86_64-1.txz: Upgraded.
+e/emacs-25.2-x86_64-3.txz: Rebuilt.
+ Linked against imagemagick-6.9.9-3 and gtk+3-3.22.17.
+l/imagemagick-6.9.9_3-x86_64-1.txz: Upgraded.
+ Compiled with --enable-hdri option.
+ Shared library .so-version bump.
+l/virtuoso-ose-6.1.8-x86_64-7.txz: Rebuilt.
+ Linked against imagemagick-6.9.9-3.
+xap/gnuchess-6.2.5-x86_64-1.txz: Upgraded.
+xap/vim-gvim-8.0.0771-x86_64-1.txz: Upgraded.
+ Linked against gtk+3-3.22.17.
+xap/xine-lib-1.2.8-x86_64-3.txz: Rebuilt.
+ Linked against imagemagick-6.9.9-3.
+xap/xlockmore-5.54-x86_64-2.txz: Rebuilt.
+ Linked against imagemagick-6.9.9-3.
++--------------------------+
+Mon Jul 24 19:59:34 UTC 2017
+ap/man-pages-4.12-noarch-1.txz: Upgraded.
+ap/mpg123-1.25.4-x86_64-1.txz: Upgraded.
+ap/nano-2.8.6-x86_64-1.txz: Upgraded.
+d/binutils-2.29-x86_64-1.txz: Upgraded.
+d/oprofile-1.1.0-x86_64-4.txz: Rebuilt.
+ Recompiled against new libbfd from binutils-2.29.
+l/gdk-pixbuf2-2.36.7-x86_64-2.txz: Rebuilt.
+ Restored greyscale support. Thanks to brobr.
+ Fixed handling cache updates on multilib. Thanks to SeB.
+l/libidn2-2.0.3-x86_64-1.txz: Upgraded.
+n/tcpdump-4.9.1-x86_64-1.txz: Upgraded.
+ This update fixes an issue where tcpdump 4.9.0 allows remote attackers
+ to cause a denial of service (heap-based buffer over-read and application
+ crash) via crafted packet data.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11108
+ (* Security fix *)
+xap/pan-0.142-x86_64-1.txz: Upgraded.
++--------------------------+
+Fri Jul 21 20:09:49 UTC 2017
+l/seamonkey-solibs-2.48-x86_64-1.txz: Upgraded.
+xap/seamonkey-2.48-x86_64-1.txz: Upgraded.
+ This update contains security fixes and improvements.
For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6834
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6835
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6836
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6837
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6838
- (* Security fix *)
-x/libXi-1.7.5-x86_64-1.txz: Upgraded.
-x/libxcb-1.11.1-x86_64-1.txz: Upgraded.
-x/mesa-11.0.2-x86_64-1.txz: Upgraded.
-x/xf86-video-chips-1.2.6-x86_64-1.txz: Upgraded.
-x/xf86-video-s3virge-1.10.7-x86_64-1.txz: Upgraded.
-x/xf86-video-sis-0.10.8-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-41.0.1-x86_64-1.txz: Upgraded.
- This release contains security fixes and improvements.
+ http://www.seamonkey-project.org/releases/seamonkey2.48
+ (* Security fix *)
++--------------------------+
+Thu Jul 20 21:06:53 UTC 2017
+a/util-linux-2.30.1-x86_64-1.txz: Upgraded.
+l/lcms2-2.8-x86_64-1.txz: Upgraded.
+l/librsvg-2.40.18-x86_64-1.txz: Upgraded.
+x/libinput-1.8.1-x86_64-1.txz: Upgraded.
++--------------------------+
+Wed Jul 19 20:58:46 UTC 2017
+e/emacs-25.2-x86_64-2.txz: Rebuilt.
+ Linked against imagemagick-6.9.9-0.
+l/gdk-pixbuf2-2.36.7-x86_64-1.txz: Upgraded.
+l/gtk+3-3.22.17-x86_64-1.txz: Upgraded.
+l/harfbuzz-1.4.7-x86_64-1.txz: Upgraded.
+l/virtuoso-ose-6.1.8-x86_64-6.txz: Rebuilt.
+ Linked against imagemagick-6.9.9-0.
+n/libgcrypt-1.8.0-x86_64-1.txz: Upgraded.
+xap/xine-lib-1.2.8-x86_64-2.txz: Rebuilt.
+ Linked against imagemagick-6.9.9-0.
+xap/xlockmore-5.54-x86_64-1.txz: Upgraded.
+ Linked against imagemagick-6.9.9-0.
++--------------------------+
+Tue Jul 18 23:10:25 UTC 2017
+a/kernel-generic-4.9.38-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.9.38-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.9.38-x86_64-1.txz: Upgraded.
+a/mkinitrd-1.4.11-x86_64-3.txz: Upgraded.
+ Support btrfs and ocfs2 volume ids in busybox. Thanks to bam80.
+ Handle rootflags in init script. Thanks to davjohn.
+a/openssl-solibs-1.0.2l-x86_64-1.txz: Upgraded.
+ap/gutenprint-5.2.13-x86_64-1.txz: Upgraded.
+d/cmake-3.9.0-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.9.38-x86-1.txz: Upgraded.
+k/kernel-source-4.9.38-noarch-1.txz: Upgraded.
+kde/calligra-2.9.11-x86_64-12.txz: Rebuilt.
+ Linked against exiv2-0.26.
+kde/gwenview-4.14.3-x86_64-3.txz: Rebuilt.
+ Linked against exiv2-0.26.
+kde/kde-runtime-4.14.3-x86_64-5.txz: Rebuilt.
+ Linked against exiv2-0.26 and libwebp-0.6.0.
+kde/kdelibs-4.14.34-x86_64-1.txz: Upgraded.
+kde/kfilemetadata-4.14.3-x86_64-3.txz: Rebuilt.
+ Linked against exiv2-0.26.
+kde/libkexiv2-4.14.3-x86_64-3.txz: Rebuilt.
+ Linked against exiv2-0.26.
+kde/nepomuk-core-4.14.3-x86_64-3.txz: Rebuilt.
+ Linked against exiv2-0.26.
+l/SDL2_image-2.0.1-x86_64-2.txz: Rebuilt.
+ Linked against libwebp-0.6.0.
+l/exiv2-0.26-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/expat-2.2.2-x86_64-1.txz: Upgraded.
+ Fixes security issues including:
+ External entity infinite loop DoS
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9233
+ https://libexpat.github.io/doc/cve-2017-9233/
+ (* Security fix *)
+l/ffmpeg-3.3.2-x86_64-2.txz: Rebuilt.
+ Linked against libwebp-0.6.0.
+l/gd-2.2.4-x86_64-1.txz: Upgraded.
+ Linked against libwebp-0.6.0.
+ Fixes security issues:
+ gdImageCreate() doesn't check for oversized images and as such is prone to
+ DoS vulnerabilities. (CVE-2016-9317)
+ double-free in gdImageWebPtr() (CVE-2016-6912)
+ potential unsigned underflow in gd_interpolation.c (CVE-2016-10166)
+ DOS vulnerability in gdImageCreateFromGd2Ctx() (CVE-2016-10167)
+ Signed Integer Overflow gd_io.c (CVE-2016-10168)
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168
+ (* Security fix *)
+l/imagemagick-6.9.9_0-x86_64-1.txz: Upgraded.
+ Linked against libwebp-0.6.0.
+ Shared library .so-version bump.
+l/libwebp-0.6.0-x86_64-1.txz: Added.
+ Thanks to powtrix.
+l/orc-0.4.27-x86_64-1.txz: Upgraded.
+l/pango-1.40.7-x86_64-1.txz: Upgraded.
+l/strigi-0.7.8-x86_64-3.txz: Rebuilt.
+ Linked against exiv2-0.26.
+n/bluez-5.46-x86_64-1.txz: Upgraded.
+n/libtirpc-1.0.2-x86_64-1.txz: Upgraded.
+n/nfs-utils-1.3.4-x86_64-2.txz: Rebuilt.
+ Added /etc/default/nfs config file for setting additional options.
+ Thanks to shasta and Robby Workman.
+n/openssh-7.5p1-x86_64-2.txz: Rebuilt.
+ Added /etc/default/sshd config file for setting additional options.
+ Thanks to shasta and Robby Workman.
+n/openssl-1.0.2l-x86_64-1.txz: Upgraded.
+n/rpcbind-0.2.4-x86_64-2.txz: Rebuilt.
+ Fixed a bug in a previous patch where a svc_freeargs() call ended up freeing
+ a static pointer causing rpcbind to crash. Thanks to Jonathan Woithe,
+ Rafael Jorge Csura Szendrodi, and Robby Workman for identifying the problem
+ and helping to test a fix.
+ Added /etc/default/rpc config file (useful for setting static port
+ assignments). Thanks to shasta and Robby Workman.
+n/stunnel-5.42-x86_64-1.txz: Upgraded.
+n/yptools-2.14-x86_64-8.txz: Rebuilt.
+ Added /etc/default/yp config file for setting additional options.
+ Thanks to shasta and Robby Workman.
+xap/geeqie-1.3-x86_64-2.txz: Rebuilt.
+ Linked against exiv2-0.26.
+xfce/xfce4-terminal-0.8.6-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Fri Jul 14 22:11:58 UTC 2017
+ap/mariadb-10.0.31-x86_64-1.txz: Upgraded.
+ This update fixes bugs and security issues.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
- (* Security fix *)
-xap/mozilla-thunderbird-38.3.0-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3308
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3309
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3453
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3456
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3464
+ (* Security fix *)
+l/gst-plugins-base-1.12.2-x86_64-1.txz: Upgraded.
+l/gst-plugins-good-1.12.2-x86_64-1.txz: Upgraded.
+l/gst-plugins-libav-1.12.2-x86_64-1.txz: Upgraded.
+l/gstreamer-1.12.2-x86_64-1.txz: Upgraded.
+l/libjpeg-turbo-1.5.2-x86_64-1.txz: Upgraded.
+n/samba-4.6.6-x86_64-1.txz: Upgraded.
+ This update fixes an authentication validation bypass security issue:
+ "Orpheus' Lyre mutual authentication validation bypass"
+ All versions of Samba from 4.0.0 onwards using embedded Heimdal
+ Kerberos are vulnerable to a man-in-the-middle attack impersonating
+ a trusted server, who may gain elevated access to the domain by
+ returning malicious replication or authorization data.
+ Samba binaries built against MIT Kerberos are not vulnerable.
+ For more information, see:
+ https://www.samba.org/samba/security/CVE-2017-11103.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11103
+ (* Security fix *)
+x/mesa-17.1.5-x86_64-1.txz: Upgraded.
++--------------------------+
+Thu Jul 13 19:24:36 UTC 2017
+a/mkinitrd-1.4.11-x86_64-2.txz: Rebuilt.
+ Process initrd output filename template strings %KVER% and %SLACKVER%
+ after processing all other options to prevent depending on the command
+ line order for proper functioning. Thanks to SeB.
+n/httpd-2.4.27-x86_64-1.txz: Upgraded.
+ This update fixes two security issues:
+ Read after free in mod_http2 (CVE-2017-9789)
+ Uninitialized memory reflection in mod_auth_digest (CVE-2017-9788)
+ Thanks to Robert Swiecki for reporting these issues.
+ For more information, see:
+ https://httpd.apache.org/security/vulnerabilities_24.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9789
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788
+ (* Security fix *)
++--------------------------+
+Wed Jul 12 23:11:53 UTC 2017
+a/kernel-generic-4.9.37-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.9.37-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.9.37-x86_64-1.txz: Upgraded.
+a/mkinitrd-1.4.11-x86_64-1.txz: Upgraded.
+ Added support for including template strings %KVER% (kernel version) and
+ %SLACKVER% (Slackware version) in the output filename. Thanks to SeB.
+a/pciutils-3.5.5-x86_64-1.txz: Upgraded.
+ap/cgmanager-0.41-x86_64-2.txz: Rebuilt.
+ Fixed duplicate init scripts.
+ap/mpg123-1.25.2-x86_64-1.txz: Upgraded.
+ap/screen-4.6.1-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.9.37-x86-1.txz: Upgraded.
+d/strace-4.18-x86_64-1.txz: Upgraded.
+k/kernel-source-4.9.37-noarch-1.txz: Upgraded.
+l/libarchive-3.3.2-x86_64-1.txz: Upgraded.
+n/crda-3.18-x86_64-4.txz: Rebuilt.
+ Rebuilt using wireless-regdb-2017.03.07. Thanks to Robby Workman.
+n/iproute2-4.12.0-x86_64-1.txz: Upgraded.
+extra/bash-completion/bash-completion-2.7-noarch-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Mon Jul 10 21:43:37 UTC 2017
+a/dbus-1.10.20-x86_64-1.txz: Upgraded.
+a/lvm2-2.02.172-x86_64-1.txz: Upgraded.
+ap/diffstat-1.61-x86_64-1.txz: Upgraded.
+ap/hplip-3.17.6-x86_64-1.txz: Upgraded.
+ap/sysstat-11.4.4-x86_64-1.txz: Upgraded.
+d/git-2.13.2-x86_64-1.txz: Upgraded.
+d/help2man-1.46.6-x86_64-1.txz: Upgraded.
+d/strace-4.17-x86_64-1.txz: Upgraded.
+l/hunspell-1.6.1-x86_64-1.txz: Upgraded.
+l/libtiff-4.0.8-x86_64-1.txz: Upgraded.
+n/libqmi-1.18.0-x86_64-1.txz: Upgraded.
+n/libtirpc-1.0.1-x86_64-3.txz: Rebuilt.
+ Patched a bug which can cause a denial of service through memory exhaustion.
+ Thanks to Robby Workman.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8779
(* Security fix *)
-xap/seamonkey-2.38-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
+n/rpcbind-0.2.4-x86_64-1.txz: Upgraded.
+ Patched a bug which can cause a denial of service through memory exhaustion.
+ Thanks to Robby Workman.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
- (* Security fix *)
-+--------------------------+
-Wed Sep 23 01:10:36 UTC 2015
-a/smartmontools-6.4-x86_64-1.txz: Upgraded.
-ap/cdrtools-3.01-x86_64-1.txz: Upgraded.
-ap/ddrescue-1.20-x86_64-1.txz: Upgraded.
-d/ccache-3.2.3-x86_64-1.txz: Upgraded.
-l/gc-7.4.2-x86_64-3.txz: Rebuilt.
- Build without --disable-static, but don't package the extra static libraries.
- This ensures that all the symbols are exported in the shared libraries.
-l/libjpeg-turbo-1.4.2-x86_64-1.txz: Upgraded.
-l/libtasn1-4.7-x86_64-1.txz: Upgraded.
-l/notify-python-0.1.1-x86_64-5.txz: Rebuilt.
- Patched to fix hplip-tools. Thanks to gmgf.
-n/stunnel-5.23-x86_64-2.txz: Rebuilt.
- Server certificate config file name changed from stunnel.cnf to openssl.cnf.
- Thanks to Iouri Kharon.
-xap/mozilla-firefox-41.0-x86_64-1.txz: Upgraded.
- This release contains security fixes and improvements.
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8779
+ (* Security fix *)
++--------------------------+
+Sun Jul 9 20:38:08 UTC 2017
+a/lilo-24.2-x86_64-5.txz: Rebuilt.
+ liloconfig: support /dev/vda in QEMU. Thanks to Robby Workman.
+a/logrotate-3.12.2-x86_64-1.txz: Upgraded.
+ Thanks to Robby Workman.
+a/sysvinit-scripts-2.0-noarch-37.txz: Rebuilt.
+ rc.cpufreq: document "schedutil" CPU scaling governor.
+ Thanks to Paul Blazejowski.
+l/cairomm-1.12.2-x86_64-1.txz: Upgraded.
+l/fuse-2.9.7-x86_64-1.txz: Upgraded.
+l/gmm-4.3-noarch-1.txz: Upgraded.
+l/gmp-6.1.2-x86_64-1.txz: Upgraded.
+l/gnu-efi-3.0.6-x86_64-1.txz: Upgraded.
+l/libaio-0.3.110-x86_64-1.txz: Upgraded.
+l/libao-1.2.2-x86_64-1.txz: Upgraded.
+l/libcap-ng-0.7.8-x86_64-1.txz: Upgraded.
+l/libmowgli-1.0.0-x86_64-1.txz: Upgraded.
+l/libnl3-3.3.0-x86_64-1.txz: Upgraded.
+l/libyaml-0.1.7-x86_64-1.txz: Upgraded.
+l/lzo-2.10-x86_64-1.txz: Upgraded.
+l/shared-mime-info-1.8-x86_64-1.txz: Upgraded.
+n/ethtool-4.11-x86_64-1.txz: Upgraded.
+n/iproute2-4.11.0-x86_64-1.txz: Upgraded.
+n/ipset-6.32-x86_64-1.txz: Upgraded.
+n/irssi-1.0.4-x86_64-1.txz: Upgraded.
+ This release fixes two remote crash issues as well as a few bugs.
+ For more information, see:
+ https://irssi.org/security/irssi_sa_2017_07.txt
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10965
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10966
+ (* Security fix *)
+n/libmnl-1.0.4-x86_64-1.txz: Upgraded.
+n/mtr-0.92-x86_64-1.txz: Upgraded.
+n/nfs-utils-1.3.4-x86_64-1.txz: Upgraded.
+x/motif-2.3.7-x86_64-2.txz: Rebuilt.
+x/xterm-330-x86_64-1.txz: Upgraded.
+xfce/Thunar-1.6.12-x86_64-1.txz: Upgraded.
++--------------------------+
+Sat Jul 8 00:11:34 UTC 2017
+a/aaa_elflibs-14.2-x86_64-30.txz: Rebuilt.
+ Added libidn2.so.0.
+a/gettext-0.19.8.1-x86_64-4.txz: Rebuilt.
+ap/cgmanager-0.41-x86_64-1.txz: Upgraded.
+ Maybe we don't really need this, but it likely doesn't hurt.
+ap/ghostscript-9.21-x86_64-1.txz: Upgraded.
+ap/gutenprint-5.2.12-x86_64-2.txz: Rebuilt.
+ Linked against libidn2-2.0.2 and libunistring-0.9.7.
+ap/lxc-2.0.8-x86_64-3.txz: Rebuilt.
+ Linked against libidn2-2.0.2 and libunistring-0.9.7.
+ap/texinfo-6.4-x86_64-1.txz: Upgraded.
+d/gettext-tools-0.19.8.1-x86_64-4.txz: Rebuilt.
+ Linked against libunistring-0.9.7.
+d/guile-2.0.14-x86_64-2.txz: Rebuilt.
+ Linked against libunistring-0.9.7.
+d/mercurial-4.2.2-x86_64-1.txz: Upgraded.
+l/fftw-3.3.6_pl2-x86_64-1.txz: Upgraded.
+l/gc-7.4.4-x86_64-1.txz: Upgraded.
+l/gcr-3.20.0-x86_64-1.txz: Upgraded.
+l/glib-networking-2.50.0-x86_64-2.txz: Rebuilt.
+ Linked against libidn2-2.0.2 and libunistring-0.9.7.
+l/gnome-keyring-3.20.1-x86_64-1.txz: Upgraded.
+l/gtk+2-2.24.31-x86_64-2.txz: Rebuilt.
+ Linked against libidn2-2.0.2 and libunistring-0.9.7.
+l/gtk+3-3.22.16-x86_64-2.txz: Rebuilt.
+ Linked against libidn2-2.0.2 and libunistring-0.9.7.
+l/libidn2-2.0.2-x86_64-1.txz: Added.
+l/libunistring-0.9.7-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/libvncserver-0.9.11-x86_64-2.txz: Rebuilt.
+ Linked against libidn2-2.0.2 and libunistring-0.9.7.
+l/pcre-8.41-x86_64-1.txz: Upgraded.
+l/vte-0.44.3-x86_64-2.txz: Rebuilt.
+ Linked against libidn2-2.0.2 and libunistring-0.9.7.
+n/NetworkManager-1.8.2-x86_64-1.txz: Upgraded.
+n/ca-certificates-20161130-noarch-1.txz: Upgraded.
+n/curl-7.54.1-x86_64-1.txz: Upgraded.
+n/dhcp-4.3.5-x86_64-1.txz: Upgraded.
+n/dnsmasq-2.77-x86_64-1.txz: Upgraded.
+ Linked against libidn2-2.0.2 and libunistring-0.9.7.
+n/gnutls-3.5.14-x86_64-1.txz: Upgraded.
+ Linked against libidn2-2.0.2 and libunistring-0.9.7.
+n/lftp-4.7.7-x86_64-1.txz: Upgraded.
+n/php-5.6.31-x86_64-1.txz: Upgraded.
+ This release fixes bugs and security issues.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
+ https://php.net/ChangeLog-5.php#5.6.31
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9224
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9226
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9227
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9228
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9229
+ (* Security fix *)
+n/wget-1.19.1-x86_64-2.txz: Rebuilt.
+ Linked against libidn2-2.0.2 and libunistring-0.9.7.
+n/whois-5.2.16-x86_64-1.txz: Upgraded.
+ Linked against libidn2-2.0.2 and libunistring-0.9.7.
+x/fontconfig-2.12.4-x86_64-1.txz: Upgraded.
+x/libinput-1.8.0-x86_64-1.txz: Upgraded.
+extra/tigervnc/tigervnc-1.8.0-x86_64-2.txz: Rebuilt.
+ Linked against libidn2-2.0.2 and libunistring-0.9.7.
++--------------------------+
+Thu Jul 6 00:38:21 UTC 2017
+a/kernel-generic-4.9.36-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.9.36-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.9.36-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.9.36-x86-1.txz: Upgraded.
+k/kernel-source-4.9.36-noarch-1.txz: Upgraded.
+xap/xscreensaver-5.37-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Mon Jul 3 23:09:19 UTC 2017
+a/grep-3.1-x86_64-1.txz: Upgraded.
+ap/acct-6.6.4-x86_64-1.txz: Upgraded.
+ap/cups-2.2.4-x86_64-1.txz: Upgraded.
+ap/cups-filters-1.14.1-x86_64-1.txz: Upgraded.
+ap/gphoto2-2.5.14-x86_64-1.txz: Upgraded.
+ap/tmux-2.5-x86_64-1.txz: Upgraded.
+l/apr-1.6.2-x86_64-1.txz: Upgraded.
+l/apr-util-1.6.0-x86_64-1.txz: Upgraded.
+l/libgphoto2-2.5.14-x86_64-1.txz: Upgraded.
+l/libpng-1.6.30-x86_64-1.txz: Upgraded.
+l/sound-theme-freedesktop-0.8-noarch-1.txz: Upgraded.
+x/mesa-17.1.4-x86_64-1.txz: Upgraded.
++--------------------------+
+Fri Jun 30 21:14:15 UTC 2017
+a/glibc-solibs-2.25-x86_64-3.txz: Rebuilt.
+ (* Security fix *)
+a/kernel-generic-4.9.35-x86_64-1.txz: Upgraded.
+ (* Security fix *)
+a/kernel-huge-4.9.35-x86_64-1.txz: Upgraded.
+ (* Security fix *)
+a/kernel-modules-4.9.35-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.9.35-x86-1.txz: Upgraded.
+k/kernel-source-4.9.35-noarch-1.txz: Upgraded.
+ This kernel fixes security issues that include possible stack exhaustion,
+ memory corruption, and arbitrary code execution.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7482
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000365
+ (* Security fix *)
+l/glibc-2.25-x86_64-3.txz: Rebuilt.
+ Applied upstream security hardening patches from git.
+ For more information, see:
+ https://sourceware.org/git/?p=glibc.git;a=commit;h=3c7cd21290cabdadd72984fb69bc51e64ff1002d
+ https://sourceware.org/git/?p=glibc.git;a=commit;h=46703a3995aa3ca2b816814aa4ad05ed524194dd
+ https://sourceware.org/git/?p=glibc.git;a=commit;h=c69d4a0f680a24fdbe323764a50382ad324041e9
+ https://sourceware.org/git/?p=glibc.git;a=commit;h=3776f38fcd267c127ba5eb222e2c614c191744aa
+ https://sourceware.org/git/?p=glibc.git;a=commit;h=adc7e06fb412a2a1ee52f8cb788caf436335b9f3
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000366
+ (* Security fix *)
+l/glibc-i18n-2.25-x86_64-3.txz: Rebuilt.
+l/glibc-profile-2.25-x86_64-3.txz: Rebuilt.
(* Security fix *)
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Tue Sep 15 22:36:17 UTC 2015
-ap/hplip-3.15.9-x86_64-1.txz: Upgraded.
-ap/sqlite-3.8.11.1-x86_64-1.txz: Upgraded.
-d/llvm-3.7.0-x86_64-1.txz: Upgraded.
-n/ca-certificates-20150426-noarch-2.txz: Rebuilt.
- Patched update-ca-certificates to remove incompatible command operators
- used to call 'run-parts'. Thanks to Stuart Winter.
-n/stunnel-5.23-x86_64-1.txz: Upgraded.
-x/mesa-11.0.0-x86_64-1.txz: Upgraded.
-x/xf86-video-intel-git_20150915_23986f0-x86_64-1.txz: Upgraded.
- Set default acceleration method to DRI2/UXA.
-x/xf86-video-vmware-13.1.0-x86_64-3.txz: Rebuilt.
-+--------------------------+
-Thu Sep 10 14:12:07 UTC 2015
-d/gdb-7.10-x86_64-1.txz: Upgraded.
-l/gobject-introspection-1.44.0-x86_64-1.txz: Upgraded.
-l/netpbm-10.66.02-x86_64-4.txz: Rebuilt.
- Removed junk /usr/pkgconfig_template and /usr/bin/manweb files.
- Thanks to j_v on LQ.
-l/parted-3.2-x86_64-2.txz: Rebuilt.
-n/sendmail-8.15.2-x86_64-1.txz: Upgraded.
-n/sendmail-cf-8.15.2-noarch-1.txz: Upgraded.
-x/mesa-10.6.6-x86_64-1.txz: Upgraded.
-+--------------------------+
-Thu Sep 3 22:02:39 UTC 2015
-l/seamonkey-solibs-2.35-x86_64-1.txz: Upgraded.
-n/mutt-1.5.24-x86_64-1.txz: Upgraded.
-x/mesa-10.6.5-x86_64-2.txz: Rebuilt.
- Recompiled with --enable-nine.
-xap/seamonkey-2.35-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
+Thu Jun 29 20:55:09 UTC 2017
+a/mkinitrd-1.4.10-x86_64-1.txz: Upgraded.
+ Added support for -P option and MICROCODE_ARCH in mkinitrd.conf to specify
+ a microcode archive to be prepended to the initrd for early CPU microcode
+ patching by the kernel. Thanks to SeB.
+ap/nano-2.8.5-x86_64-1.txz: Upgraded.
+ap/screen-4.6.0-x86_64-1.txz: Upgraded.
+d/llvm-4.0.1-x86_64-1.txz: Upgraded.
+l/pcre-8.40-x86_64-1.txz: Upgraded.
+l/readline-7.0.003-x86_64-1.txz: Upgraded.
+n/bind-9.11.1_P2-x86_64-1.txz: Upgraded.
+ This update fixes a high severity security issue:
+ An error in TSIG handling could permit unauthorized zone transfers
+ or zone updates.
+ For more information, see:
+ https://kb.isc.org/article/AA-01503/0
+ https://kb.isc.org/article/AA-01504/0
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3142
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3143
+ (* Security fix *)
+n/httpd-2.4.26-x86_64-1.txz: Upgraded.
+ This update fixes security issues which may lead to an authentication bypass
+ or a denial of service:
+ important: ap_get_basic_auth_pw() Authentication Bypass CVE-2017-3167
+ important: mod_ssl Null Pointer Dereference CVE-2017-3169
+ important: mod_http2 Null Pointer Dereference CVE-2017-7659
+ important: ap_find_token() Buffer Overread CVE-2017-7668
+ important: mod_mime Buffer Overread CVE-2017-7679
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7659
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
+ (* Security fix *)
+n/libgcrypt-1.7.8-x86_64-1.txz: Upgraded.
+ Mitigate a local flush+reload side-channel attack on RSA secret keys
+ dubbed "Sliding right into disaster".
+ For more information, see:
+ https://eprint.iacr.org/2017/627
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7526
+ (* Security fix *)
+xfce/xfdesktop-4.12.4-x86_64-1.txz: Upgraded.
++--------------------------+
+Mon Jun 26 20:36:18 UTC 2017
+a/kernel-firmware-20170626git-noarch-1.txz: Upgraded.
+a/kernel-generic-4.9.34-x86_64-1.txz: Upgraded.
+ "Stack Clash" fixes -- see below.
+ (* Security fix *)
+a/kernel-huge-4.9.34-x86_64-1.txz: Upgraded.
+ "Stack Clash" fixes -- see below.
+ (* Security fix *)
+a/kernel-modules-4.9.34-x86_64-1.txz: Upgraded.
+a/lrzip-0.631-x86_64-1.txz: Upgraded.
+a/lvm2-2.02.171-x86_64-1.txz: Upgraded.
+a/time-1.7.2-x86_64-1.txz: Upgraded.
+a/util-linux-2.30-x86_64-2.txz: Rebuilt.
+ Reverted an agetty commit that breaks backspacing over the first character
+ entered at the login prompt. Thanks to GazL.
+ap/mpg123-1.25.0-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.9.34-x86-1.txz: Upgraded.
+k/kernel-source-4.9.34-noarch-1.txz: Upgraded.
+ This kernel fixes two "Stack Clash" vulnerabilities reported by Qualys.
+ The first issue may allow attackers to execute arbitrary code with elevated
+ privileges. Failed attack attempts will likely result in denial-of-service
+ conditions. The second issue can be exploited to bypass certain security
+ restrictions and perform unauthorized actions.
+ For more information, see:
+ https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000364
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000365
+ (* Security fix *)
+l/glib2-2.52.3-x86_64-1.txz: Upgraded.
+l/glibmm-2.52.0-x86_64-1.txz: Upgraded.
+l/gtkmm3-3.22.1-x86_64-1.txz: Upgraded.
+xap/gkrellm-2.3.10-x86_64-2.txz: Rebuilt.
+ Upgraded to gkrellm-countdown-0.1.1. Thanks to jmccue.
+xap/mozilla-thunderbird-52.2.1-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Fri Jun 23 20:11:00 UTC 2017
+a/dosfstools-4.1-x86_64-1.txz: Upgraded.
+ Thanks to Robby Workman.
+a/file-5.31-x86_64-1.txz: Upgraded.
+a/os-prober-1.75-x86_64-1.txz: Upgraded.
+a/xfsprogs-4.11.0-x86_64-1.txz: Upgraded.
+ap/at-3.1.20-x86_64-1.txz: Upgraded.
+ap/diffutils-3.6-x86_64-1.txz: Upgraded.
+d/automake-1.15.1-noarch-1.txz: Upgraded.
+d/nasm-2.13.01-x86_64-1.txz: Upgraded.
+l/gst-plugins-base-1.12.1-x86_64-1.txz: Upgraded.
+l/gst-plugins-good-1.12.1-x86_64-1.txz: Upgraded.
+l/gst-plugins-libav-1.12.1-x86_64-1.txz: Upgraded.
+l/gstreamer-1.12.1-x86_64-1.txz: Upgraded.
+l/gtk+3-3.22.16-x86_64-1.txz: Upgraded.
+l/gtkmm2-2.24.5-x86_64-1.txz: Upgraded.
+l/poppler-0.56.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Wed Jun 21 18:38:46 UTC 2017
+ap/lxc-2.0.8-x86_64-2.txz: Rebuilt.
+ rc.lxc: Don't use screen for container startup. Thanks to franzen.
+d/libtool-2.4.6-x86_64-5.txz: Rebuilt.
+ Recompiled to fix wrong embedded GCC version number.
+ Thanks to B Watson.
+n/gnupg2-2.1.21-x86_64-2.txz: Rebuilt.
+ If the machine does not have smart card devices, do not issue a warning about
+ a missing smart card. Thanks to Willy Sudiarto Raharjo.
+n/openvpn-2.4.3-x86_64-1.txz: Upgraded.
+ This update fixes several denial of service issues discovered
+ by Guido Vranken.
+ For more information, see:
+ https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7508
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7520
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7521
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7512
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7522
+ (* Security fix *)
+xap/gnuplot-5.0.6-x86_64-1.txz: Upgraded.
++--------------------------+
+Wed Jun 21 01:12:42 UTC 2017
+kde/calligra-2.9.11-x86_64-11.txz: Rebuilt.
+ Recompiled against gsl-2.4.
+kde/step-4.14.3-x86_64-5.txz: Rebuilt.
+ Recompiled against gsl-2.4.
+l/gsl-2.4-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
++--------------------------+
+Tue Jun 20 05:08:21 UTC 2017
+a/udisks2-2.6.5-x86_64-1.txz: Upgraded.
+ Thanks to Robby Workman.
+ap/linuxdoc-tools-0.9.72-x86_64-3.txz: Rebuilt.
+ Removed .la files. Thanks to Stuart Winter.
+ap/lxc-2.0.8-x86_64-1.txz: Upgraded.
+ Added additional default container packages: cyrus-sasl, db48, gnutls,
+ iproute2, kmod, libcap-ng, libffi, libmnl, libtasn1, libunistring, nettle,
+ and p11-kit. Thanks to CTM.
+ Use configure option --enable-cgmanager=no. Thanks to Didier Spaier.
+l/cairo-1.14.10-x86_64-1.txz: Upgraded.
+l/libbluray-1.0.1-x86_64-1.txz: Upgraded.
+l/polkit-0.113-x86_64-3.txz: Rebuilt.
+ Added upstream patches to fix a memory leak and increase security when
+ using GIO. Thanks to Robby Workman.
+n/ModemManager-1.6.8-x86_64-1.txz: Upgraded.
+n/nmap-7.50-x86_64-1.txz: Upgraded.
+x/libepoxy-1.4.3-x86_64-1.txz: Upgraded.
+x/libinput-1.7.3-x86_64-1.txz: Upgraded.
+x/libwacom-0.25-x86_64-1.txz: Upgraded.
+xfce/garcon-0.6.1-x86_64-1.txz: Upgraded.
+xfce/tumbler-0.1.32-x86_64-1.txz: Upgraded.
++--------------------------+
+Thu Jun 15 02:08:28 UTC 2017
+ap/linuxdoc-tools-0.9.72-x86_64-2.txz: Rebuilt.
+ Switched to OpenJade-1.3.2 (from 1.3.3-pre1 which was segfaulting).
+ Upgraded to perl-XML-NamespaceSupport-1.12.
+ Upgraded to perl-XML-SAX-Base-1.09.
+ Updated build script to work with bash 4.4. Thanks to Heinz Wiesinger.
+ Support '.conf.new' for config files within /etc/asciidoc.
+ Thanks to franzen on LQ for the suggestion.
+ Thanks to Stuart Winter.
+d/slacktrack-2.18-x86_64-1.txz: Upgraded.
+ Thanks to Stuart Winter.
+n/NetworkManager-1.8.0-x86_64-3.txz: Upgraded.
+ Applied upstream patches from git. Thanks to Robby Workman.
+n/bind-9.11.1_P1-x86_64-1.txz: Upgraded.
+ Fixed denial of service security issue:
+ Some RPZ configurations could go into an infinite query loop when
+ encountering responses with TTL=0.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
- (* Security fix *)
-+--------------------------+
-Wed Sep 2 19:36:31 UTC 2015
-n/bind-9.10.2_P4-x86_64-1.txz: Upgraded.
- This update fixes two denial-of-service vulnerabilities:
- + CVE-2015-5722 is a denial-of-service vector which can be
- exploited remotely against a BIND server that is performing
- validation on DNSSEC-signed records. Validating recursive
- resolvers are at the greatest risk from this defect, but it has not
- been ruled out that it could be exploited against an
- authoritative-only nameserver under limited conditions. Servers
- that are not performing validation are not vulnerable. However,
- ISC does not recommend disabling validation as a workaround to
- this issue as it exposes the server to other types of attacks.
- Upgrading to the patched versions is the recommended solution.
- All versions of BIND since 9.0.0 are vulnerable to CVE-2015-5722.
- + CVE-2015-5986 is a denial-of-service vector which can be used
- against a BIND server that is performing recursion. Validation
- is not required. Recursive resolvers are at the greatest risk
- from this defect, but it has not been ruled out that it could
- be exploited against an authoritative-only nameserver under
- limited conditions.
- Only versions of BIND since 9.9.7 and 9.10.2 are vulnerable to
- CVE-2015-5986.
- For more information, see:
- https://kb.isc.org/article/AA-01287/0
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5722
- https://kb.isc.org/article/AA-01291/0
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5986
- (* Security fix *)
-+--------------------------+
-Tue Sep 1 23:29:22 UTC 2015
-a/aaa_elflibs-14.2-x86_64-2.txz: Rebuilt.
-a/cryptsetup-1.6.7-x86_64-1.txz: Upgraded.
-a/lvm2-2.02.129-x86_64-1.txz: Upgraded.
-ap/lxc-1.1.3-x86_64-1.txz: Upgraded.
-d/git-2.5.1-x86_64-1.txz: Upgraded.
-l/dconf-editor-3.16.1-x86_64-1.txz: Added.
-l/gdk-pixbuf2-2.31.7-x86_64-1.txz: Upgraded.
- Gustavo Grieco discovered a heap overflow in the processing of BMP images
- which may result in the execution of arbitrary code if a malformed image
- is opened.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491
- (* Security fix *)
-n/ModemManager-1.4.10-x86_64-1.txz: Upgraded.
-n/NetworkManager-1.0.6-x86_64-1.txz: Upgraded.
-n/openssh-7.1p1-x86_64-1.txz: Upgraded.
-x/libvdpau-1.1.1-x86_64-1.txz: Upgraded.
- libvdpau versions 1.1 and earlier, when used in setuid or setgid
- applications, contain vulnerabilities related to environment variable
- handling that could allow an attacker to execute arbitrary code or
- overwrite arbitrary files. This release uses the secure_getenv()
- function to fix these problems.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5198
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5199
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5200
- (* Security fix *)
-x/mesa-10.6.5-x86_64-1.txz: Upgraded.
-xap/network-manager-applet-1.0.6-x86_64-1.txz: Upgraded.
-+--------------------------+
-Sun Aug 30 22:43:36 UTC 2015
-l/adwaita-icon-theme-3.16.2-noarch-2.txz: Rebuilt.
- Patched to remove bogus /usr/locale/ directory tree. Thanks to ponce.
-l/gvfs-1.24.2-x86_64-2.txz: Rebuilt.
- Rebuilt to fix missing CIFS filesystem support. Thanks to lems.
-x/xorg-server-1.17.2-x86_64-2.txz: Rebuilt.
- Recompiled with stability patches from upstream. Thanks to ponce.
-x/xorg-server-xephyr-1.17.2-x86_64-2.txz: Rebuilt.
-x/xorg-server-xnest-1.17.2-x86_64-2.txz: Rebuilt.
-x/xorg-server-xvfb-1.17.2-x86_64-2.txz: Rebuilt.
-+--------------------------+
-Sat Aug 29 05:27:29 UTC 2015
-a/procps-ng-3.3.10-x86_64-4.txz: Rebuilt.
- Recompiled without --enable-timeout-stat to fix fuser hang.
-kde/oxygen-gtk3-1.4.1-x86_64-1.txz: Removed.
-x/libXaw3dXft-1.6.2d-x86_64-2.txz: Rebuilt.
-xap/mozilla-firefox-40.0.3-x86_64-1.txz: Upgraded.
+ https://kb.isc.org/article/AA-01495
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3140
+ (* Security fix *)
+xap/mozilla-firefox-52.2.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
+ https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
+ (* Security fix *)
+xap/mozilla-thunderbird-52.2.0-x86_64-1.txz: Upgraded.
+ Switched to using GTK+ v3.
+xap/network-manager-applet-1.8.2-x86_64-1.txz: Upgraded.
++--------------------------+
+Tue Jun 13 19:54:24 UTC 2017
+a/sysvinit-scripts-2.0-noarch-36.txz: Rebuilt.
+ In rc.6, rc.K, and rc.S, use this path setting:
+ PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin
+ Thanks to GazL.
+ap/sqlite-3.19.3-x86_64-1.txz: Upgraded.
+kde/calligra-2.9.11-x86_64-10.txz: Rebuilt.
+ Recompiled against libGLEW.so.2.0.0.
+kde/kde-runtime-4.14.3-x86_64-4.txz: Rebuilt.
+ Recompiled to drop libgpgme-pthread dependency.
+kde/kdepim-4.14.10-x86_64-2.txz: Rebuilt.
+ Recompiled to drop libgpgme-pthread dependency.
+kde/kdepimlibs-4.14.10-x86_64-3.txz: Rebuilt.
+ Recompiled to drop libgpgme-pthread dependency.
+kde/kget-4.14.3-x86_64-3.txz: Rebuilt.
+ Recompiled to drop libgpgme-pthread dependency.
+kde/kopete-4.14.3-x86_64-4.txz: Rebuilt.
+ Recompiled to drop libgpgme-pthread dependency.
+l/ffmpeg-3.3.2-x86_64-1.txz: Upgraded.
+l/gmime-2.6.23-x86_64-2.txz: Rebuilt.
+ Recompiled to drop libgpgme-pthread dependency.
+n/dirmngr-1.1.1-x86_64-3.txz: Removed.
+n/gnupg2-2.1.21-x86_64-1.txz: Upgraded.
+n/gpgme-1.9.0-x86_64-1.txz: Upgraded.
+ This eliminates the libgpgme-pthread library, so anything using that will
+ need to be recompiled.
+n/libgcrypt-1.7.7-x86_64-1.txz: Upgraded.
+n/libgpg-error-1.27-x86_64-1.txz: Upgraded.
+n/npth-1.5-x86_64-1.txz: Added.
+n/pth-2.0.7-x86_64-1.txz: Removed.
+n/samba-4.6.5-x86_64-1.txz: Upgraded.
+x/glew-2.0.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+ Fixed glew.pc. Thanks to Willy Sudiarto Raharjo.
+x/mesa-17.1.2-x86_64-2.txz: Rebuilt.
+ Recompiled against libGLEW.so.2.0.0.
+xap/fluxbox-1.3.7-x86_64-2.txz: Rebuilt.
+ Fixed volume settings in keys file. Thanks to i720.
++--------------------------+
+Wed Jun 7 22:42:04 UTC 2017
+a/kernel-generic-4.9.31-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.9.31-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.9.31-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.9.31-x86-1.txz: Upgraded.
+k/kernel-source-4.9.31-noarch-1.txz: Upgraded.
+n/irssi-1.0.3-x86_64-1.txz: Upgraded.
+ Fixed security issues that may result in a denial of service.
+ For more information, see:
+ https://irssi.org/security/irssi_sa_2017_06.txt
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9468
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9469
(* Security fix *)
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Mon Aug 24 19:03:07 UTC 2015
-d/ruby-2.2.3-x86_64-2.txz: Rebuilt.
-x/intel-gpu-tools-1.9-x86_64-1.txz: Upgraded.
-x/xf86-video-intel-git_20150824_3e07681-x86_64-1.txz: Upgraded.
- Thanks to ponce for helpful hints on getting this working again.
-x/xf86-video-xgi-1.6.1-x86_64-1.txz: Upgraded.
-+--------------------------+
-Fri Aug 21 21:17:48 UTC 2015
-a/aaa_elflibs-14.2-x86_64-1.txz: Upgraded.
-a/dosfstools-3.0.28-x86_64-1.txz: Upgraded.
-a/etc-14.2-x86_64-2.txz: Rebuilt.
-a/glibc-solibs-2.22-x86_64-1.txz: Upgraded.
-a/glibc-zoneinfo-2015f-noarch-1.txz: Upgraded.
-a/kernel-firmware-20150820git-noarch-1.txz: Upgraded.
-a/kernel-generic-4.1.6-x86_64-1.txz: Upgraded.
-a/kernel-huge-4.1.6-x86_64-1.txz: Upgraded.
-a/kernel-modules-4.1.6-x86_64-1.txz: Upgraded.
-a/procps-ng-3.3.10-x86_64-3.txz: Rebuilt.
- Fix "fuser -s $FILE" with patch from upstream git.
+Tue Jun 6 02:50:21 UTC 2017
+a/mcelog-152-x86_64-2.txz: Rebuilt.
+ rc.mcelog: Fixed 'status' option. Thanks to Tim Thomas.
+x/libdrm-2.4.81-x86_64-1.txz: Upgraded.
+x/mesa-17.1.2-x86_64-1.txz: Upgraded.
++--------------------------+
+Mon Jun 5 20:13:13 UTC 2017
+a/mcelog-152-x86_64-1.txz: Upgraded.
+ap/joe-4.4-x86_64-1.txz: Upgraded.
+d/gdb-8.0-x86_64-1.txz: Upgraded.
+l/elfutils-0.169-x86_64-1.txz: Upgraded.
++--------------------------+
+Sat Jun 3 19:24:12 UTC 2017
+a/util-linux-2.30-x86_64-1.txz: Upgraded.
+ap/sqlite-3.19.2-x86_64-1.txz: Upgraded.
+ Fixed OPT_FEATURE_FLAGS in ./configure. Thanks to Heinz Wiesinger.
+l/libtasn1-4.12-x86_64-1.txz: Upgraded.
+x/xkeyboard-config-2.21-noarch-1.txz: Upgraded.
+x/xterm-328-x86_64-1.txz: Upgraded.
+xap/gucharmap-3.18.2-x86_64-1.txz: Upgraded.
+xap/sane-1.0.27-x86_64-1.txz: Upgraded.
++--------------------------+
+Thu Jun 1 18:56:38 UTC 2017
+d/cmake-3.8.2-x86_64-1.txz: Upgraded.
+l/alsa-lib-1.1.4.1-x86_64-1.txz: Upgraded.
+n/mutt-1.8.3-x86_64-1.txz: Upgraded.
+x/xdm-1.1.11-x86_64-7.txz: Rebuilt.
+ In /etc/X11/xdm/xdm-config, specify MIT-MAGIC-COOKIE-1 authorization, as
+ the default XDM-AUTHORIZATION-1 doesn't work. This fixes issues with SDL2
+ apps as well as other authorization bugs when using XDM.
Thanks to Dan Church.
-ap/cups-2.0.4-x86_64-2.txz: Rebuilt.
-ap/cups-filters-1.0.73-x86_64-1.txz: Upgraded.
-ap/hplip-3.15.7-x86_64-2.txz: Rebuilt.
- Patched a bug. Thanks to gmgf.
-ap/linuxdoc-tools-0.9.69-x86_64-4.txz: Rebuilt.
- Upgraded to asciidoc-8.6.9 and gtk-doc-1.24.
- Thanks to Stuart Winter.
-d/gcc-4.9.3-x86_64-1.txz: Upgraded.
-d/gcc-g++-4.9.3-x86_64-1.txz: Upgraded.
-d/gcc-gfortran-4.9.3-x86_64-1.txz: Upgraded.
-d/gcc-gnat-4.9.3-x86_64-1.txz: Upgraded.
-d/gcc-go-4.9.3-x86_64-1.txz: Upgraded.
-d/gcc-java-4.9.3-x86_64-1.txz: Upgraded.
-d/gcc-objc-4.9.3-x86_64-1.txz: Upgraded.
-d/kernel-headers-4.1.6-x86-1.txz: Upgraded.
-d/pkg-config-0.28-x86_64-2.txz: Rebuilt.
-d/ruby-2.2.3-x86_64-1.txz: Upgraded.
- Thanks to Vincent Batts.
-e/emacs-24.5-x86_64-2.txz: Rebuilt.
-k/kernel-source-4.1.6-noarch-1.txz: Upgraded.
-kde/korundum-4.14.3-x86_64-2.txz: Rebuilt.
-kde/qtruby-4.14.3-x86_64-3.txz: Rebuilt.
-l/elfutils-0.163-x86_64-1.txz: Added.
-l/glib-networking-2.44.0-x86_64-2.txz: Rebuilt.
-l/glibc-2.22-x86_64-1.txz: Upgraded.
-l/glibc-i18n-2.22-x86_64-1.txz: Upgraded.
-l/glibc-profile-2.22-x86_64-1.txz: Upgraded.
-l/gtk+2-2.24.28-x86_64-2.txz: Rebuilt.
-l/gtk+3-3.16.6-x86_64-1.txz: Upgraded.
-l/gvfs-1.24.2-x86_64-1.txz: Upgraded.
-l/libarchive-3.1.2-x86_64-2.txz: Rebuilt.
-l/libelf-0.8.13-x86_64-5.txz: Removed.
-l/libmng-2.0.3-x86_64-1.txz: Upgraded.
-l/librsvg-2.40.10-x86_64-1.txz: Upgraded.
-l/libvncserver-0.9.10-x86_64-2.txz: Rebuilt.
-l/loudmouth-1.5.0_20121201-x86_64-2.txz: Rebuilt.
-l/pango-1.36.8-x86_64-2.txz: Rebuilt.
-l/urwid-1.3.0-x86_64-1.txz: Upgraded.
-n/gnutls-3.4.4.1-x86_64-1.txz: Upgraded.
- This update fixes some bugs and security issues.
- For more information, see:
- http://www.gnutls.org/security.html#GNUTLS-SA-2015-2
- http://www.gnutls.org/security.html#GNUTLS-SA-2015-3
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6251
- (* Security fix *)
-n/iputils-s20140519-x86_64-1.txz: Upgraded.
-n/nettle-3.1.1-x86_64-1.txz: Upgraded.
-n/obexftp-0.23-x86_64-10.txz: Rebuilt.
-n/samba-4.2.3-x86_64-1.txz: Upgraded.
- Modified wscript files to install talloc, tevent, and tdb directly.
- Thanks to Christoph Willing.
-x/appres-1.0.4-x86_64-2.txz: Rebuilt.
-x/bdftopcf-1.0.5-x86_64-2.txz: Rebuilt.
-x/beforelight-1.0.5-x86_64-2.txz: Rebuilt.
-x/bitmap-1.0.8-x86_64-2.txz: Rebuilt.
-x/compiz-0.8.8-x86_64-3.txz: Rebuilt.
-x/dri2proto-2.8-x86_64-2.txz: Rebuilt.
-x/dri3proto-1.0-x86_64-2.txz: Rebuilt.
-x/editres-1.0.6-x86_64-2.txz: Rebuilt.
-x/fixesproto-5.0-x86_64-2.txz: Rebuilt.
-x/font-util-1.3.1-x86_64-2.txz: Rebuilt.
-x/fonttosfnt-1.0.4-x86_64-2.txz: Rebuilt.
-x/fslsfonts-1.0.5-x86_64-2.txz: Rebuilt.
-x/fstobdf-1.0.6-x86_64-2.txz: Rebuilt.
-x/glamor-egl-0.6.0-x86_64-1.txz: Removed.
-x/iceauth-1.0.7-x86_64-2.txz: Rebuilt.
-x/ico-1.0.4-x86_64-2.txz: Rebuilt.
-x/imake-1.0.7-x86_64-2.txz: Rebuilt.
-x/intel-gpu-tools-1.3-x86_64-2.txz: Rebuilt.
-x/kbproto-1.0.7-noarch-1.txz: Upgraded.
-x/libFS-1.0.7-x86_64-1.txz: Upgraded.
-x/libICE-1.0.9-x86_64-2.txz: Rebuilt.
-x/libSM-1.2.2-x86_64-2.txz: Rebuilt.
-x/libX11-1.6.3-x86_64-2.txz: Rebuilt.
-x/libXScrnSaver-1.2.2-x86_64-2.txz: Rebuilt.
-x/libXau-1.0.8-x86_64-2.txz: Rebuilt.
-x/libXaw-1.0.13-x86_64-1.txz: Upgraded.
-x/libXaw3d-1.6.2-x86_64-3.txz: Rebuilt.
-x/libXcm-0.5.2-x86_64-2.txz: Rebuilt.
-x/libXcomposite-0.4.4-x86_64-2.txz: Rebuilt.
-x/libXcursor-1.1.14-x86_64-2.txz: Rebuilt.
-x/libXdamage-1.1.4-x86_64-2.txz: Rebuilt.
-x/libXdmcp-1.1.2-x86_64-2.txz: Rebuilt.
-x/libXevie-1.0.3-x86_64-2.txz: Rebuilt.
-x/libXext-1.3.3-x86_64-2.txz: Rebuilt.
-x/libXfixes-5.0.1-x86_64-2.txz: Rebuilt.
-x/libXfont-1.5.1-x86_64-2.txz: Rebuilt.
-x/libXfontcache-1.0.5-x86_64-2.txz: Rebuilt.
-x/libXft-2.3.2-x86_64-3.txz: Rebuilt.
-x/libXi-1.7.4-x86_64-2.txz: Rebuilt.
-x/libXinerama-1.1.3-x86_64-2.txz: Rebuilt.
-x/libXmu-1.1.2-x86_64-2.txz: Rebuilt.
-x/libXp-1.0.3-x86_64-2.txz: Rebuilt.
-x/libXpm-3.5.11-x86_64-2.txz: Rebuilt.
-x/libXpresent-1.0.0-x86_64-1.txz: Added.
-x/libXrandr-1.5.0-x86_64-1.txz: Upgraded.
-x/libXrender-0.9.9-x86_64-1.txz: Upgraded.
-x/libXres-1.0.7-x86_64-2.txz: Rebuilt.
-x/libXt-1.1.5-x86_64-1.txz: Upgraded.
-x/libXtst-1.2.2-x86_64-2.txz: Rebuilt.
-x/libXv-1.0.10-x86_64-2.txz: Rebuilt.
-x/libXvMC-1.0.9-x86_64-2.txz: Rebuilt.
-x/libXxf86dga-1.1.4-x86_64-2.txz: Rebuilt.
-x/libXxf86misc-1.0.3-x86_64-2.txz: Rebuilt.
-x/libXxf86vm-1.1.4-x86_64-2.txz: Rebuilt.
-x/libdmx-1.1.3-x86_64-2.txz: Rebuilt.
-x/libdrm-2.4.64-x86_64-1.txz: Upgraded.
-x/libepoxy-1.3.1-x86_64-1.txz: Added.
-x/libfontenc-1.1.3-x86_64-1.txz: Upgraded.
-x/libpciaccess-0.13.4-x86_64-1.txz: Upgraded.
-x/libxcb-1.11-x86_64-2.txz: Rebuilt.
-x/libxkbfile-1.0.9-x86_64-1.txz: Upgraded.
-x/libxshmfence-1.2-x86_64-2.txz: Rebuilt.
-x/listres-1.0.3-x86_64-2.txz: Rebuilt.
-x/lndir-1.0.3-x86_64-2.txz: Rebuilt.
-x/luit-1.1.1-x86_64-2.txz: Rebuilt.
-x/makedepend-1.0.5-x86_64-2.txz: Rebuilt.
-x/mesa-10.6.4-x86_64-1.txz: Upgraded.
-x/mkcomposecache-1.2.1-x86_64-2.txz: Rebuilt.
-x/mkfontscale-1.1.2-x86_64-2.txz: Rebuilt.
-x/oclock-1.0.3-x86_64-2.txz: Rebuilt.
-x/pixman-0.33.2-x86_64-1.txz: Upgraded.
-x/presentproto-1.0-x86_64-2.txz: Rebuilt.
-x/randrproto-1.5.0-noarch-1.txz: Upgraded.
-x/rendercheck-1.5-x86_64-1.txz: Upgraded.
-x/rgb-1.0.6-x86_64-2.txz: Rebuilt.
-x/sessreg-1.1.0-x86_64-2.txz: Rebuilt.
-x/setxkbmap-1.3.1-x86_64-1.txz: Upgraded.
-x/showfont-1.0.5-x86_64-2.txz: Rebuilt.
-x/smproxy-1.0.6-x86_64-1.txz: Upgraded.
-x/transset-1.0.1-x86_64-2.txz: Rebuilt.
-x/twm-1.0.9-x86_64-1.txz: Upgraded.
-x/viewres-1.0.4-x86_64-2.txz: Rebuilt.
-x/x11perf-1.6.0-x86_64-1.txz: Upgraded.
-x/xauth-1.0.9-x86_64-2.txz: Rebuilt.
-x/xbacklight-1.2.1-x86_64-2.txz: Rebuilt.
-x/xbiff-1.0.3-x86_64-2.txz: Rebuilt.
-x/xbitmaps-1.1.1-x86_64-2.txz: Rebuilt.
-x/xcalc-1.0.6-x86_64-2.txz: Rebuilt.
-x/xcb-proto-1.11-x86_64-2.txz: Rebuilt.
-x/xcb-util-0.4.0-x86_64-2.txz: Rebuilt.
-x/xcb-util-cursor-0.1.2-x86_64-2.txz: Rebuilt.
-x/xcb-util-errors-1.0-x86_64-1.txz: Added.
-x/xcb-util-image-0.4.0-x86_64-2.txz: Rebuilt.
-x/xcb-util-keysyms-0.4.0-x86_64-2.txz: Rebuilt.
-x/xcb-util-renderutil-0.3.9-x86_64-2.txz: Rebuilt.
-x/xcb-util-wm-0.4.1-x86_64-2.txz: Rebuilt.
-x/xclipboard-1.1.3-x86_64-2.txz: Rebuilt.
-x/xclock-1.0.7-x86_64-2.txz: Rebuilt.
-x/xcm-0.5.2-x86_64-2.txz: Rebuilt.
-x/xcmsdb-1.0.5-x86_64-1.txz: Upgraded.
-x/xcompmgr-1.1.7-x86_64-1.txz: Upgraded.
-x/xconsole-1.0.6-x86_64-2.txz: Rebuilt.
-x/xcursorgen-1.0.6-x86_64-3.txz: Rebuilt.
-x/xdbedizzy-1.1.0-x86_64-2.txz: Rebuilt.
-x/xditview-1.0.4-x86_64-1.txz: Upgraded.
-x/xdm-1.1.11-x86_64-6.txz: Rebuilt.
-x/xdpyinfo-1.3.2-x86_64-1.txz: Upgraded.
-x/xdriinfo-1.0.5-x86_64-1.txz: Upgraded.
-x/xedit-1.2.2-x86_64-2.txz: Rebuilt.
-x/xev-1.2.2-x86_64-1.txz: Upgraded.
-x/xextproto-7.3.0-x86_64-2.txz: Rebuilt.
-x/xeyes-1.1.1-x86_64-2.txz: Rebuilt.
-x/xf86-input-acecad-1.5.0-x86_64-8.txz: Rebuilt.
-x/xf86-input-aiptek-1.4.1-x86_64-8.txz: Rebuilt.
-x/xf86-input-evdev-2.9.2-x86_64-2.txz: Rebuilt.
-x/xf86-input-joystick-1.6.1-x86_64-8.txz: Rebuilt.
-x/xf86-input-keyboard-1.8.1-x86_64-1.txz: Upgraded.
-x/xf86-input-mouse-1.9.1-x86_64-3.txz: Rebuilt.
-x/xf86-input-penmount-1.5.0-x86_64-8.txz: Rebuilt.
-x/xf86-input-synaptics-1.8.2-x86_64-2.txz: Rebuilt.
-x/xf86-input-vmmouse-13.1.0-x86_64-1.txz: Upgraded.
-x/xf86-input-void-1.4.0-x86_64-8.txz: Rebuilt.
-x/xf86-input-wacom-0.19.0-x86_64-7.txz: Rebuilt.
-x/xf86-video-apm-1.2.5-x86_64-7.txz: Rebuilt.
-x/xf86-video-ark-0.7.5-x86_64-7.txz: Rebuilt.
-x/xf86-video-ast-1.1.5-x86_64-1.txz: Upgraded.
-x/xf86-video-ati-7.5.0-x86_64-2.txz: Rebuilt.
-x/xf86-video-chips-1.2.5-x86_64-7.txz: Rebuilt.
-x/xf86-video-cirrus-1.5.3-x86_64-1.txz: Upgraded.
-x/xf86-video-dummy-0.3.7-x86_64-4.txz: Rebuilt.
-x/xf86-video-glint-1.2.8-x86_64-7.txz: Rebuilt.
-x/xf86-video-i128-1.3.6-x86_64-7.txz: Rebuilt.
-x/xf86-video-i740-1.3.5-x86_64-2.txz: Rebuilt.
-x/xf86-video-intel-2.99.917-x86_64-2.txz: Rebuilt.
-x/xf86-video-mach64-6.9.5-x86_64-1.txz: Upgraded.
-x/xf86-video-mga-1.6.4-x86_64-2.txz: Rebuilt.
-x/xf86-video-modesetting-0.9.0-x86_64-3.txz: Rebuilt.
-x/xf86-video-neomagic-1.2.9-x86_64-1.txz: Upgraded.
-x/xf86-video-nouveau-1.0.11-x86_64-2.txz: Rebuilt.
-x/xf86-video-nv-2.1.20-x86_64-8.txz: Rebuilt.
-x/xf86-video-openchrome-0.3.3-x86_64-5.txz: Rebuilt.
-x/xf86-video-r128-6.10.0-x86_64-1.txz: Upgraded.
-x/xf86-video-rendition-4.2.5-x86_64-7.txz: Rebuilt.
-x/xf86-video-s3-0.6.5-x86_64-7.txz: Rebuilt.
-x/xf86-video-s3virge-1.10.6-x86_64-8.txz: Rebuilt.
-x/xf86-video-savage-2.3.8-x86_64-1.txz: Upgraded.
-x/xf86-video-siliconmotion-1.7.8-x86_64-1.txz: Upgraded.
-x/xf86-video-sis-0.10.7-x86_64-8.txz: Rebuilt.
-x/xf86-video-sisusb-0.9.6-x86_64-7.txz: Rebuilt.
-x/xf86-video-tdfx-1.4.6-x86_64-2.txz: Rebuilt.
-x/xf86-video-tga-1.2.2-x86_64-7.txz: Rebuilt.
-x/xf86-video-trident-1.3.7-x86_64-2.txz: Rebuilt.
-x/xf86-video-tseng-1.2.5-x86_64-7.txz: Rebuilt.
-x/xf86-video-v4l-0.2.0-x86_64-12.txz: Rebuilt.
-x/xf86-video-vesa-2.3.4-x86_64-1.txz: Upgraded.
-x/xf86-video-vmware-13.1.0-x86_64-2.txz: Rebuilt.
-x/xf86-video-voodoo-1.2.5-x86_64-8.txz: Rebuilt.
-x/xf86-video-xgi-git_5a3e0de677b7-x86_64-2.txz: Rebuilt.
-x/xf86-video-xgixp-1.8.1-x86_64-7.txz: Rebuilt.
-x/xf86dga-1.0.3-x86_64-2.txz: Rebuilt.
-x/xfd-1.1.2-x86_64-2.txz: Rebuilt.
-x/xfontsel-1.0.5-x86_64-2.txz: Rebuilt.
-x/xfs-1.1.4-x86_64-2.txz: Rebuilt.
-x/xfsinfo-1.0.5-x86_64-2.txz: Rebuilt.
-x/xgamma-1.0.6-x86_64-1.txz: Upgraded.
-x/xgc-1.0.5-x86_64-1.txz: Upgraded.
-x/xhost-1.0.7-x86_64-1.txz: Upgraded.
-x/xinit-1.3.4-x86_64-2.txz: Rebuilt.
-x/xinput-1.6.1-x86_64-2.txz: Rebuilt.
-x/xkbcomp-1.3.0-x86_64-2.txz: Rebuilt.
-x/xkbevd-1.1.4-x86_64-1.txz: Upgraded.
-x/xkbprint-1.0.4-x86_64-1.txz: Upgraded.
-x/xkbutils-1.0.4-x86_64-2.txz: Rebuilt.
-x/xkill-1.0.4-x86_64-2.txz: Rebuilt.
-x/xload-1.1.2-x86_64-2.txz: Rebuilt.
-x/xlogo-1.0.4-x86_64-2.txz: Rebuilt.
-x/xlsatoms-1.1.2-x86_64-1.txz: Upgraded.
-x/xlsclients-1.1.3-x86_64-2.txz: Rebuilt.
-x/xlsfonts-1.0.5-x86_64-1.txz: Upgraded.
-x/xmag-1.0.6-x86_64-1.txz: Upgraded.
-x/xman-1.1.4-x86_64-2.txz: Rebuilt.
-x/xmessage-1.0.4-x86_64-2.txz: Rebuilt.
-x/xmh-1.0.3-x86_64-1.txz: Upgraded.
-x/xmodmap-1.0.9-x86_64-1.txz: Upgraded.
-x/xmore-1.0.2-x86_64-2.txz: Rebuilt.
-x/xorg-docs-1.7.1-noarch-1.txz: Upgraded.
-x/xorg-server-1.17.2-x86_64-1.txz: Upgraded.
-x/xorg-server-xephyr-1.17.2-x86_64-1.txz: Upgraded.
-x/xorg-server-xnest-1.17.2-x86_64-1.txz: Upgraded.
-x/xorg-server-xvfb-1.17.2-x86_64-1.txz: Upgraded.
-x/xorg-sgml-doctools-1.11-x86_64-2.txz: Rebuilt.
-x/xpr-1.0.4-x86_64-2.txz: Rebuilt.
-x/xprop-1.2.2-x86_64-2.txz: Rebuilt.
-x/xproto-7.0.28-noarch-1.txz: Upgraded.
-x/xpyb-1.3.1-x86_64-3.txz: Rebuilt.
-x/xrandr-1.4.3-x86_64-2.txz: Rebuilt.
-x/xrdb-1.1.0-x86_64-2.txz: Rebuilt.
-x/xrefresh-1.0.5-x86_64-2.txz: Rebuilt.
-x/xscope-1.4.1-x86_64-2.txz: Rebuilt.
-x/xset-1.2.3-x86_64-2.txz: Rebuilt.
-x/xsetroot-1.1.1-x86_64-2.txz: Rebuilt.
-x/xsm-1.0.3-x86_64-2.txz: Rebuilt.
-x/xstdcmap-1.0.3-x86_64-2.txz: Rebuilt.
-x/xvidtune-1.0.3-x86_64-2.txz: Rebuilt.
-x/xvinfo-1.1.3-x86_64-1.txz: Upgraded.
-x/xwd-1.0.6-x86_64-2.txz: Rebuilt.
-x/xwininfo-1.1.3-x86_64-2.txz: Rebuilt.
-x/xwud-1.0.4-x86_64-2.txz: Rebuilt.
-xap/MPlayer-20150721-x86_64-1.txz: Upgraded.
++--------------------------+
+Wed May 31 23:07:23 UTC 2017
+ap/sudo-1.8.20p2-x86_64-1.txz: Upgraded.
+ This is a bugfix release:
+ Fixed a bug parsing /proc/pid/stat when the process name contains
+ a newline. This is not exploitable due to the /dev traversal changes
+ made in sudo 1.8.20p1.
++--------------------------+
+Tue May 30 17:39:17 UTC 2017
+ap/sudo-1.8.20p1-x86_64-1.txz: Upgraded.
+ This update fixes a potential overwrite of arbitrary system files.
+ This bug was discovered and analyzed by Qualys, Inc.
+ For more information, see:
+ https://www.sudo.ws/alerts/linux_tty.html
+ http://www.openwall.com/lists/oss-security/2017/05/30/16
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000367
+ (* Security fix *)
+n/lynx-2.8.8rel.2-x86_64-3.txz: Rebuilt.
+ Fixed lynx startup without a URL by correcting STARTFILE in lynx.cfg to use
+ the new URL for the Lynx homepage. Thanks to John David Yost.
++--------------------------+
+Fri May 26 22:40:13 UTC 2017
+a/kernel-generic-4.9.30-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.9.30-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.9.30-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.9.30-x86-1.txz: Upgraded.
+k/kernel-source-4.9.30-noarch-1.txz: Upgraded.
+n/NetworkManager-1.8.0-x86_64-2.txz: Rebuilt.
+ rc.networkmanager: Set XDG_CACHE_HOME=/root/.cache before starting.
+ Thanks to allend.
+x/mesa-17.1.1-x86_64-1.txz: Upgraded.
+ Enabled Vulkan drivers for Intel and Radeon.
+x/vulkan-sdk-1.0.26.0-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
-xap/ddd-3.3.12-x86_64-4.txz: Rebuilt.
-xap/pan-0.139-x86_64-3.txz: Rebuilt.
-xap/xine-lib-1.2.6-x86_64-2.txz: Rebuilt.
-extra/wicd/wicd-1.7.3-x86_64-1.txz: Upgraded.
- Probably better to use NetworkManager, but this seems to work for now.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Fri Aug 14 19:31:42 UTC 2015
-ap/hplip-3.15.7-x86_64-1.txz: Upgraded.
-kde/pykde4-4.14.3-x86_64-2.txz: Rebuilt.
-kde/qtruby-4.14.3-x86_64-2.txz: Rebuilt.
-kde/smokeqt-4.14.3-x86_64-2.txz: Rebuilt.
-l/PyQt-4.11.4-x86_64-1.txz: Upgraded.
-l/QScintilla-2.9-x86_64-1.txz: Upgraded.
-n/dhcpcd-6.8.2-x86_64-1.txz: Upgraded.
- Tested and found to work here. We'll probably avoid the 6.9.x series
- until the bugs get worked out (or we have a real need to upgrade).
-xap/mozilla-thunderbird-38.2.0-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
+Wed May 24 19:38:59 UTC 2017
+n/samba-4.6.4-x86_64-1.txz: Upgraded.
+ This update fixes a remote code execution vulnerability, allowing a
+ malicious client to upload a shared library to a writable share, and
+ then cause the server to load and execute it.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
+ https://www.samba.org/samba/security/CVE-2017-7494.html
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7494
(* Security fix *)
+--------------------------+
-Wed Aug 12 05:50:41 UTC 2015
-n/openssh-7.0p1-x86_64-1.txz: Upgraded.
+Wed May 24 04:51:46 UTC 2017
+a/aaa_elflibs-14.2-x86_64-29.txz: Rebuilt.
+a/aaa_terminfo-6.0-x86_64-1.txz: Upgraded.
+a/sysvinit-scripts-2.0-noarch-35.txz: Rebuilt.
+ rc.4: Support a custom rc.4.local display manager startup script.
+ Thanks to Robby Workman.
+ap/sqlite-3.19.0-x86_64-1.txz: Upgraded.
+ap/tmux-2.4-x86_64-2.txz: Rebuilt.
+ Added /etc/tmux.conf.new to set TERM=tmux-256color.
+ Removed tmux terminfo files, as these are packaged with ncurses.
+l/ncurses-6.0-x86_64-3.txz: Rebuilt.
+ Drop --with-xterm-kbs=DEL option, taking the upstream default of ^H.
+ Added a modified tmux terminfo, setting kbs=\177, as it expects.
+ Default to upstream versions of everything else in the terminfo database.
+ Thanks to Xsane and GazL for some insights on a more correct configuration.
+l/newt-0.52.20-x86_64-1.txz: Upgraded.
+l/pango-1.40.6-x86_64-1.txz: Upgraded.
+n/NetworkManager-1.8.0-x86_64-1.txz: Upgraded.
+n/network-scripts-14.2-noarch-6.txz: Rebuilt.
+ rc.inet1: Change actual DHCP_TIMEOUT to 15. Thanks to pataphysician.
+tcl/tcl-8.6.6-x86_64-1.txz: Upgraded.
+tcl/tk-8.6.6-x86_64-1.txz: Upgraded.
+xap/network-manager-applet-1.8.0-x86_64-1.txz: Upgraded.
+extra/tigervnc/tigervnc-1.8.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Mon May 22 20:58:20 UTC 2017
+a/bash-4.4.012-x86_64-1.txz: Upgraded.
+a/kernel-generic-4.9.29-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.9.29-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.9.29-x86_64-1.txz: Upgraded.
+a/less-487-x86_64-1.txz: Upgraded.
+ Support .tar.lz in lesspipe.sh.
+a/lzip-1.19-x86_64-2.txz: Rebuilt.
+ CXXFLAGS need to be placed after ./configure to take effect.
+ Thanks to Matias Fonzo.
+ap/alsa-utils-1.1.4-x86_64-1.txz: Upgraded.
+ap/nano-2.8.4-x86_64-1.txz: Upgraded.
+ap/vim-8.0.0600-x86_64-1.txz: Upgraded.
+d/ccache-3.3.4-x86_64-1.txz: Upgraded.
+d/gcc-7.1.0-x86_64-2.txz: Rebuilt.
+ Fixed regression where MMX opcodes are generated without EMMS.
+ Thanks to orbea.
+d/gcc-brig-7.1.0-x86_64-2.txz: Rebuilt.
+d/gcc-g++-7.1.0-x86_64-2.txz: Rebuilt.
+d/gcc-gfortran-7.1.0-x86_64-2.txz: Rebuilt.
+d/gcc-gnat-7.1.0-x86_64-2.txz: Rebuilt.
+d/gcc-go-7.1.0-x86_64-2.txz: Rebuilt.
+d/gcc-objc-7.1.0-x86_64-2.txz: Rebuilt.
+d/kernel-headers-4.9.29-x86-1.txz: Upgraded.
+k/kernel-source-4.9.29-noarch-1.txz: Upgraded.
+l/alsa-lib-1.1.4-x86_64-1.txz: Upgraded.
+l/alsa-plugins-1.1.4-x86_64-1.txz: Upgraded.
+l/ffmpeg-3.3.1-x86_64-1.txz: Upgraded.
+l/glib2-2.52.2-x86_64-2.txz: Rebuilt.
+ Added some patches from upstream git, one of which fixes a problem with
+ LibreOffice. Thanks to PeeBee.
+l/slang-2.3.1a-x86_64-1.txz: Upgraded.
+n/network-scripts-14.2-noarch-5.txz: Rebuilt.
+ rc.inet1: Increased default DHCP_TIMEOUT from 10 to 15 seconds.
+xap/gkrellm-2.3.10-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-52.1.2esr-x86_64-1.txz: Upgraded.
+xap/vim-gvim-8.0.0600-x86_64-1.txz: Upgraded.
+xfce/xfce4-terminal-0.8.5.1-x86_64-1.txz: Upgraded.
+extra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild: Updated.
+ Fixed retrieving version number.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Tue May 16 20:11:03 UTC 2017
+a/kernel-generic-4.9.28-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.9.28-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.9.28-x86_64-1.txz: Upgraded.
+d/cmake-3.8.1-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.9.28-x86-1.txz: Upgraded.
+k/kernel-source-4.9.28-noarch-1.txz: Upgraded.
+ CIFS_SMB2 n -> y
+kde/kdelibs-4.14.32-x86_64-1.txz: Upgraded.
+ This update fixes a security issue with KAuth that can lead to gaining
+ root from an unprivileged account.
+ For more information, see:
+ http://www.openwall.com/lists/oss-security/2017/05/10/3
+ https://www.kde.org/info/security/advisory-20170510-1.txt
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8422
+ (* Security fix *)
+l/freetype-2.8-x86_64-1.txz: Upgraded.
+ This update fixes an out-of-bounds write caused by a heap-based buffer
+ overflow related to the t1_builder_close_contour function in psaux/psobjs.c.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8287
+ (* Security fix *)
+l/gtk+3-3.22.15-x86_64-1.txz: Upgraded.
+l/qt-4.8.7-x86_64-6.txz: Rebuilt.
+ Patched to fix moc problems with glibc-2.25 (parse error at "defined",
+ line 52 of a random header file).
+ Use -std=gnu++98 and patches to build with gcc-7.1.0.
+xap/gimp-2.8.22-x86_64-1.txz: Upgraded.
+xap/mozilla-thunderbird-52.1.1-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Thu May 11 18:09:15 UTC 2017
+l/gtk+3-3.22.14-x86_64-1.txz: Upgraded.
++--------------------------+
+Wed May 10 22:58:28 UTC 2017
+d/git-2.13.0-x86_64-1.txz: Upgraded.
+l/gtk+3-3.22.13-x86_64-1.txz: Upgraded.
+x/mesa-17.1.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Tue May 9 23:33:37 UTC 2017
+a/elilo-3.16-x86_64-4.txz: Rebuilt.
+ In eliloconfig, fixed hardcoded /mnt in a few places. Thanks to alienBOB.
+a/eudev-3.2.2-x86_64-2.txz: Rebuilt.
+ Added another watchdog module to the blacklist. Thanks to Robby Workman.
+a/hdparm-9.52-x86_64-1.txz: Upgraded.
+a/kernel-generic-4.9.27-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.9.27-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.9.27-x86_64-1.txz: Upgraded.
+a/lzip-1.19-x86_64-1.txz: Upgraded.
+a/mkinitrd-1.4.9-x86_64-2.txz: Rebuilt.
+ Mount devtmpfs with -o size=8M option.
+ Mount tmpfs on /run with -o size=32M,nodev,nosuid,noexec options.
+ Thanks to Robby Workman.
+ Fix error message when /lukstrim is missing. Thanks to _RDS_.
+ Add rules.d/85-regulatory.rules to LIBUDEV_BLACKLIST. Thanks to GazL.
+a/sysvinit-scripts-2.0-noarch-34.txz: Rebuilt.
+ Cosmetic changes to make the output from "mount" and "df -h" look better:
+ rc.S: where "/sys/fs/cgroup" is mounted as a tmpfs, add "size=8M" to the
+ mount options.
+ rc.S: where /run is mounted, add "size=32M,nodev,nosuid,noexec" to the
+ mount options.
+ Thanks to Robby Workman.
+ap/cups-filters-1.13.5-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.9.27-x86-1.txz: Upgraded.
+k/kernel-source-4.9.27-noarch-1.txz: Upgraded.
+ 9P_FS_POSIX_ACL n -> y
+l/at-spi2-atk-2.24.1-x86_64-1.txz: Upgraded.
+l/at-spi2-core-2.24.1-x86_64-1.txz: Upgraded.
+l/glib2-2.52.2-x86_64-1.txz: Upgraded.
+l/libsoup-2.58.1-x86_64-1.txz: Upgraded.
+n/bluez-5.45-x86_64-1.txz: Upgraded.
+x/libevdev-1.5.7-x86_64-1.txz: Upgraded.
+x/xdg-utils-1.1.2-noarch-1.txz: Upgraded.
+x/xf86-input-libinput-0.25.1-x86_64-1.txz: Upgraded.
+x/xkbcomp-1.4.0-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+ Use nosuid,nodev,noexec mount options for /dev/shm in installer-created
+ /etc/fstab. Thanks to Robby Workman.
+ Replace hardcoded /mnt with ${T_PX} in many places. Thanks to alienBOB.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
+ Use nosuid,nodev,noexec mount options for /dev/shm in installer-created
+ /etc/fstab. Thanks to Robby Workman.
+ Replace hardcoded /mnt with ${T_PX} in many places. Thanks to alienBOB.
++--------------------------+
+Sat May 6 23:12:02 UTC 2017
+a/glibc-solibs-2.25-x86_64-2.txz: Rebuilt.
+ap/cdrdao-1.2.3-x86_64-3.txz: Rebuilt.
+ Recompiled to support libmp3lame.
+ap/sox-14.4.2-x86_64-4.txz: Rebuilt.
+ Recompiled to support libmp3lame.
+d/flex-2.6.4-x86_64-1.txz: Upgraded.
+kde/k3b-2.0.3-x86_64-3.txz: Rebuilt.
+ Patched to build with ffmpeg3 and gcc7.
+l/ffmpeg-3.3-x86_64-1.txz: Upgraded.
+ Recompiled to support libmp3lame.
+l/glibc-2.25-x86_64-2.txz: Rebuilt.
+ Reverted a patch that causes IFUNC errors to be emitted.
+l/glibc-i18n-2.25-x86_64-2.txz: Rebuilt.
+l/glibc-profile-2.25-x86_64-2.txz: Rebuilt.
+l/gst-plugins-base-1.12.0-x86_64-1.txz: Upgraded.
+l/gst-plugins-good-1.12.0-x86_64-1.txz: Upgraded.
+l/gst-plugins-libav-1.12.0-x86_64-1.txz: Upgraded.
+l/gstreamer-1.12.0-x86_64-1.txz: Upgraded.
+l/lame-3.99.5-x86_64-1.txz: Added.
+xap/MPlayer-1.3_20170208-x86_64-4.txz: Rebuilt.
+ Recompiled to support libmp3lame.
+xap/audacious-plugins-3.8.2-x86_64-3.txz: Rebuilt.
+ Recompiled to support libmp3lame.
++--------------------------+
+Thu May 4 22:14:08 UTC 2017
+a/btrfs-progs-v4.10.2-x86_64-2.txz: Rebuilt.
+ Ship libbtrfs shared library. Thanks to Vincent Batts.
+a/elilo-3.16-x86_64-3.txz: Rebuilt.
+ Patched eliloconfig to properly handle NVMe devices.
+ Thanks to Didier Spaier.
+a/gettext-0.19.8.1-x86_64-3.txz: Rebuilt.
+a/glibc-solibs-2.25-x86_64-1.txz: Upgraded.
+a/kernel-firmware-20170504git-noarch-1.txz: Upgraded.
+a/kernel-generic-4.9.26-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.9.26-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.9.26-x86_64-1.txz: Upgraded.
+ap/nano-2.8.2-x86_64-1.txz: Upgraded.
+d/flex-2.6.2-x86_64-1.txz: Upgraded.
+ Switched to flex-2.6.2 until there's a new release that fixes unexpected
+ symbol remapping macro definitions in flex-2.6.3.
+ See: https://github.com/westes/flex/issues/162
+d/gcc-7.1.0-x86_64-1.txz: Upgraded.
+d/gcc-brig-7.1.0-x86_64-1.txz: Added.
+d/gcc-g++-7.1.0-x86_64-1.txz: Upgraded.
+d/gcc-gfortran-7.1.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+d/gcc-gnat-7.1.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+d/gcc-go-7.1.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+d/gcc-java-5.4.0-x86_64-1.txz: Removed.
+d/gcc-objc-7.1.0-x86_64-1.txz: Upgraded.
+d/gettext-tools-0.19.8.1-x86_64-3.txz: Rebuilt.
+d/kernel-headers-4.9.26-x86-1.txz: Upgraded.
+k/kernel-source-4.9.26-noarch-1.txz: Upgraded.
+l/glibc-2.25-x86_64-1.txz: Upgraded.
+l/glibc-i18n-2.25-x86_64-1.txz: Upgraded.
+l/glibc-profile-2.25-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+ Patched SeTEFI and probe to fix NVMe device handling.
+ Thanks to Didier Spaier.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
+ Patched SeTEFI and probe to fix NVMe device handling.
+ Thanks to Didier Spaier.
+--------------------------+
-Tue Aug 11 18:11:12 UTC 2015
-a/procps-ng-3.3.10-x86_64-2.txz: Rebuilt.
- Recompiled with --disable-modern-top to restore classic display defaults.
-l/libjpeg-turbo-1.4.1-x86_64-1.txz: Upgraded.
-l/sip-4.16.9-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-40.0-x86_64-1.txz: Upgraded.
+Mon May 1 23:31:02 UTC 2017
+a/cryptsetup-1.7.5-x86_64-1.txz: Upgraded.
+l/QScintilla-2.10-x86_64-2.txz: Rebuilt.
+x/dejavu-fonts-ttf-2.37-noarch-2.txz: Rebuilt.
+ Rename 57-* fontconfig files to 61-* to avoid overriding font preferences
+ in fontconfig's 60-latin.conf.
+x/fontconfig-2.12.1-x86_64-2.txz: Rebuilt.
+ Prefer Liberation fonts in 60-latin.conf.
+x/libepoxy-1.4.2-x86_64-1.txz: Upgraded.
+x/liberation-fonts-ttf-2.00.1-noarch-1.txz: Upgraded.
+x/mesa-17.0.5-x86_64-1.txz: Upgraded.
+x/urw-core35-fonts-otf-20160712_79bcdfb_git-noarch-1.txz: Added.
+ These are the URW++ core35 fonts also found in the ghostscript-fonts
+ package, but provided in OpenType Format for programs such as
+ LibreOffice which no longer support PostScript Type 1 fonts.
+ Thanks to Jonathan Woithe.
+x/wqy-zenhei-font-ttf-0.8.38_1-noarch-3.txz: Rebuilt.
+ Rename 44-wqy-zenhei.conf to 64-wqy-zenhei.conf to avoid overriding
+ font preferences in fontconfig's 60-latin.conf.
+ Prefer Liberation over DejaVu in 64-wqy-zenhei.conf.
+xap/mozilla-thunderbird-52.1.0-x86_64-1.txz: Upgraded.
+xap/rxvt-2.7.10-x86_64-5.txz: Upgraded.
+ Patched an integer overflow that can crash rxvt with an escape sequence,
+ or possibly have unspecified other impact.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7483
+ (* Security fix *)
++--------------------------+
+Thu Apr 27 23:03:54 UTC 2017
+kde/pykde4-4.14.3-x86_64-5.txz: Rebuilt.
+ Patched to work with PyQt-4.12. Thanks to Heinz Wiesinger.
+kde/qtruby-4.14.3-x86_64-6.txz: Rebuilt.
+ Reconfigured to compile with QScintilla-2.10. Thanks to Heinz Wiesinger.
+kde/smokeqt-4.14.3-x86_64-4.txz: Rebuilt.
+ Reconfigured to compile with QScintilla-2.10. Thanks to Heinz Wiesinger.
+l/PyQt-4.12-x86_64-1.txz: Upgraded.
+l/QScintilla-2.10-x86_64-1.txz: Upgraded.
+ Thanks to Heinz Wiesinger.
+l/freetype-2.7.1-x86_64-2.txz: Rebuilt.
+ Don't define anything in freetype.{csh,sh} by default, letting the new
+ minimal hinting method be automatically selected. Thanks to GazL.
+ Applied upstream patches from git that disable long family names for PCF
+ fonts. You'll need to run "fc-cache -f" to get the old names back.
++--------------------------+
+Wed Apr 26 23:09:45 UTC 2017
+Thanks to Robby Workman for help with these packages, especially with
+preparing and testing updates to the GTK stack. :-)
+a/btrfs-progs-v4.10.2-x86_64-1.txz: Upgraded.
+a/grub-2.02-x86_64-1.txz: Upgraded.
+a/lvm2-2.02.170-x86_64-1.txz: Upgraded.
+a/xfsprogs-4.10.0-x86_64-1.txz: Upgraded.
+ap/dmapi-2.2.12-x86_64-2.txz: Rebuilt.
+ap/tmux-2.4-x86_64-1.txz: Upgraded.
+d/swig-3.0.12-x86_64-1.txz: Upgraded.
+l/adwaita-icon-theme-3.24.0-noarch-1.txz: Upgraded.
+l/at-spi2-atk-2.24.0-x86_64-1.txz: Upgraded.
+l/at-spi2-core-2.24.0-x86_64-1.txz: Upgraded.
+l/atk-2.24.0-x86_64-1.txz: Upgraded.
+l/dconf-0.26.0-x86_64-1.txz: Upgraded.
+l/dconf-editor-3.22.3-x86_64-1.txz: Upgraded.
+l/freetype-2.7.1-x86_64-1.txz: Upgraded.
+ Subpixel hinting has been enabled upstream by default, but you may adjust
+ this in /etc/profile.d/freetype.{csh,sh}.
+l/gdk-pixbuf2-2.36.6-x86_64-1.txz: Upgraded.
+l/glib-networking-2.50.0-x86_64-1.txz: Upgraded.
+l/glib2-2.52.1-x86_64-1.txz: Upgraded.
+l/glibmm-2.50.1-x86_64-1.txz: Upgraded.
+l/gnome-themes-standard-3.22.3-x86_64-1.txz: Upgraded.
+l/gobject-introspection-1.52.1-x86_64-1.txz: Upgraded.
+l/gsettings-desktop-schemas-3.24.0-x86_64-1.txz: Upgraded.
+l/gtk+3-3.22.12-x86_64-1.txz: Upgraded.
+l/gtkmm3-3.22.0-x86_64-1.txz: Upgraded.
+l/gvfs-1.32.1-x86_64-1.txz: Upgraded.
+l/harfbuzz-1.4.6-x86_64-1.txz: Upgraded.
+l/keyutils-1.5.10-x86_64-1.txz: Upgraded.
+l/libcroco-0.6.12-x86_64-1.txz: Upgraded.
+l/libgsf-1.14.41-x86_64-1.txz: Upgraded.
+l/libnotify-0.7.7-x86_64-1.txz: Upgraded.
+l/librsvg-2.40.17-x86_64-1.txz: Upgraded.
+l/libsigc++-2.10.0-x86_64-1.txz: Upgraded.
+l/libsoup-2.58.0-x86_64-1.txz: Upgraded.
+l/libssh-0.7.5-x86_64-1.txz: Upgraded.
+l/libssh2-1.8.0-x86_64-1.txz: Upgraded.
+l/pango-1.40.5-x86_64-1.txz: Upgraded.
+l/pangomm-2.40.1-x86_64-1.txz: Upgraded.
+l/pygobject3-3.24.1-x86_64-1.txz: Upgraded.
+l/shared-mime-info-1.7-x86_64-1.txz: Upgraded.
+l/sip-4.19.2-x86_64-1.txz: Upgraded.
+l/vte-0.44.3-x86_64-1.txz: Upgraded.
+n/bluez-5.44-x86_64-1.txz: Upgraded.
+n/iproute2-4.10.0-x86_64-1.txz: Upgraded.
+x/libevdev-1.5.6-x86_64-1.txz: Upgraded.
+x/xf86-video-nouveau-1.0.15-x86_64-1.txz: Upgraded.
+xap/gparted-0.28.1-x86_64-1.txz: Upgraded.
+xfce/garcon-0.6.0-x86_64-1.txz: Upgraded.
+xfce/xfce4-pulseaudio-plugin-0.2.5-x86_64-1.txz: Upgraded.
+xfce/xfce4-systemload-plugin-1.2.1-x86_64-1.txz: Upgraded.
+xfce/xfce4-taskmanager-1.2.0-x86_64-1.txz: Upgraded.
+xfce/xfce4-terminal-0.8.4-x86_64-1.txz: Upgraded.
+xfce/xfce4-weather-plugin-0.8.9-x86_64-1.txz: Upgraded.
++--------------------------+
+Mon Apr 24 18:06:06 UTC 2017
+a/cryptsetup-1.7.4-x86_64-1.txz: Upgraded.
+a/eudev-3.2.2-x86_64-1.txz: Upgraded.
+a/mdadm-4.0-x86_64-1.txz: Upgraded.
+ap/vim-8.0.0586-x86_64-1.txz: Upgraded.
+e/emacs-25.2-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-52.1.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
- Thanks to Matteo Bernardini and Stephen M. Wright II for help with some
- build script improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
+ https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
+xap/vim-gvim-8.0.0586-x86_64-1.txz: Upgraded.
+--------------------------+
-Sun Aug 9 19:42:38 UTC 2015
-a/file-5.24-x86_64-1.txz: Upgraded.
-ap/slackpkg-2.82.0-noarch-14.tgz: Rebuilt.
- Patched to avoid false package name matches when the full name of a
- package is a substring of another package's name, as happened recently
- with atk-2.16.0 and at-spi2-atk-2.16.0. Thanks to Eric Hameleers.
-n/dhcpcd-6.9.1-x86_64-2.txz: Rebuilt.
- Recompiled with --rundir=/run.
-+--------------------------+
-Fri Aug 7 23:32:05 UTC 2015
-Thanks to rworkman for help on many of these!
-a/bash-4.3.039-x86_64-1.txz: Upgraded.
-a/coreutils-8.24-x86_64-1.txz: Upgraded.
-a/dbus-1.8.20-x86_64-1.txz: Upgraded.
-a/file-5.23-x86_64-1.txz: Upgraded.
-a/gawk-4.1.3-x86_64-1.txz: Upgraded.
-a/kmod-21-x86_64-1.txz: Upgraded.
-a/lvm2-2.02.125-x86_64-1.txz: Upgraded.
-a/procps-3.2.8-x86_64-4.txz: Removed.
-a/procps-ng-3.3.10-x86_64-1.txz: Added.
- Thanks to Larry Hajali for the initial SlackBuild diff.
-a/sysvinit-2.88dsf-x86_64-4.txz: Rebuilt.
- Removed pidof which is now part of the procps-ng package.
-a/sysvinit-scripts-2.0-noarch-21.txz: Rebuilt.
- Handle changed sysctl syntax in rc.S.
-a/util-linux-2.26.2-x86_64-1.txz: Upgraded.
-a/xfsprogs-3.2.4-x86_64-1.txz: Upgraded.
-ap/cups-2.0.4-x86_64-1.txz: Upgraded.
-ap/mc-4.8.14-x86_64-1.txz: Upgraded.
-ap/sc-7.16-x86_64-4.txz: Rebuilt.
- Added SC.MACROS to the documentation. Thanks to Dario Niedermann.
-ap/screen-4.3.1-x86_64-2.txz: Rebuilt.
- Drop dependency on libelf.
-ap/tmux-2.0-x86_64-1.txz: Upgraded.
-d/binutils-2.25.1-x86_64-1.txz: Upgraded.
-d/gcc-4.9.2-x86_64-3.txz: Rebuilt.
- Added c89 and c99 shell scripts.
-d/gcc-g++-4.9.2-x86_64-3.txz: Rebuilt.
-d/gcc-gfortran-4.9.2-x86_64-3.txz: Rebuilt.
-d/gcc-gnat-4.9.2-x86_64-3.txz: Rebuilt.
-d/gcc-go-4.9.2-x86_64-3.txz: Rebuilt.
-d/gcc-java-4.9.2-x86_64-3.txz: Rebuilt.
-d/gcc-objc-4.9.2-x86_64-3.txz: Rebuilt.
-d/git-2.5.0-x86_64-1.txz: Upgraded.
-d/llvm-3.6.2-x86_64-1.txz: Upgraded.
-d/mercurial-3.5-x86_64-1.txz: Upgraded.
-d/oprofile-1.0.0-x86_64-1.txz: Upgraded.
-d/swig-3.0.7-x86_64-1.txz: Upgraded.
-l/adwaita-icon-theme-3.16.2-noarch-1.txz: Upgraded.
-l/at-spi2-atk-2.16.0-x86_64-1.txz: Upgraded.
-l/at-spi2-core-2.16.0-x86_64-1.txz: Upgraded.
-l/atk-2.16.0-x86_64-1.txz: Upgraded.
-l/dconf-0.24.0-x86_64-1.txz: Upgraded.
-l/freetype-2.6-x86_64-1.txz: Upgraded.
-l/gcr-3.16.0-x86_64-1.txz: Upgraded.
-l/glib-networking-2.44.0-x86_64-1.txz: Upgraded.
-l/glib2-2.44.1-x86_64-1.txz: Upgraded.
- Drop dependency on libelf.
-l/gnome-keyring-3.16.0-x86_64-1.txz: Upgraded.
-l/gnome-themes-standard-3.16.2-x86_64-1.txz: Upgraded.
-l/gsettings-desktop-schemas-3.16.1-x86_64-1.txz: Upgraded.
-l/gtk+2-2.24.28-x86_64-1.txz: Upgraded.
-l/gvfs-1.24.1-x86_64-1.txz: Upgraded.
-l/harfbuzz-1.0.1-x86_64-1.txz: Upgraded.
-l/libgsf-1.14.34-x86_64-1.txz: Upgraded.
-l/libpcap-1.7.4-x86_64-1.txz: Upgraded.
-l/libsecret-0.18.3-x86_64-1.txz: Upgraded.
-l/libsoup-2.50.0-x86_64-1.txz: Upgraded.
-l/mozilla-nss-3.19.2-x86_64-1.txz: Upgraded.
- This release contains security fixes and improvements.
+Fri Apr 21 22:40:12 UTC 2017
+a/etc-14.2-x86_64-10.txz: Rebuilt.
+ Added user:group for NTP (UID 44/GID 44).
+ap/sudo-1.8.19p2-x86_64-1.txz: Upgraded.
+d/git-2.12.2-x86_64-1.txz: Upgraded.
+d/mercurial-4.1.3-x86_64-1.txz: Upgraded.
+l/libgphoto2-2.5.13-x86_64-1.txz: Upgraded.
+n/curl-7.54.0-x86_64-1.txz: Upgraded.
+ This update fixes a security issue:
+ Switch off SSL session id when client cert is used.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/nss.html
+ https://curl.haxx.se/docs/adv_20170419.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7468
(* Security fix *)
-l/mpfr-3.1.3-x86_64-1.txz: Upgraded.
-n/NetworkManager-1.0.4-x86_64-1.txz: Upgraded.
-n/ca-certificates-20150426-noarch-1.txz: Upgraded.
- This package updates to the latest CA certificates.
-n/dhcpcd-6.9.1-x86_64-1.txz: Upgraded.
-n/lftp-4.6.3a-x86_64-1.txz: Upgraded.
-n/tcpdump-4.7.4-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-39.0.3-x86_64-1.txz: Upgraded.
+n/dhcpcd-6.11.5-x86_64-1.txz: Upgraded.
+ Thanks to Robby Workman.
+n/ethtool-4.10-x86_64-1.txz: Upgraded.
+n/getmail-4.54.0-x86_64-1.txz: Upgraded.
+n/ntp-4.2.8p10-x86_64-1.txz: Upgraded.
+ There were some changes made to NTP setup in -current:
+ First, NTP drops privileges and runs as ntp:ntp. Be sure to install the
+ updated etc package to get the new user and group.
+ Some files have been relocated:
+ The ntp.keys file has moved from /etc/ntp/ to /etc/.
+ The drift and stats files now reside in /var/lib/ntp/.
+ The step-tickers file has been removed. It's actually been deprecated for
+ a while and nothing has referenced in for quite some time.
+ Be sure to move the new rc.ntpd.new into place, and move over or merge
+ from the .new config files.
+ Thanks to Robby Workman for help with these changes.
+ In addition to bug fixes and enhancements, this release fixes security
+ issues of medium and low severity:
+ Denial of Service via Malformed Config (Medium)
+ Authenticated DoS via Malicious Config Option (Medium)
+ Potential Overflows in ctl_put() functions (Medium)
+ Buffer Overflow in ntpq when fetching reslist from a malicious ntpd (Medium)
+ 0rigin DoS (Medium)
+ Buffer Overflow in DPTS Clock (Low)
+ Improper use of snprintf() in mx4200_send() (Low)
+ The following issues do not apply to Linux systems:
+ Privileged execution of User Library code (WINDOWS PPSAPI ONLY) (Low)
+ Stack Buffer Overflow from Command Line (WINDOWS installer ONLY) (Low)
+ Data Structure terminated insufficiently (WINDOWS installer ONLY) (Low)
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6464
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6463
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6458
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6460
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9042
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6462
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6451
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6455
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6452
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6459
+ (* Security fix *)
+n/proftpd-1.3.6-x86_64-1.txz: Upgraded.
+ This release fixes a security issue:
+ AllowChrootSymlinks off does not check entire DefaultRoot path for symlinks.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7418
+ (* Security fix *)
++--------------------------+
+Wed Apr 19 04:46:45 UTC 2017
+a/minicom-2.7.1-x86_64-1.txz: Upgraded.
+ Fix an out of bounds data access that can lead to remote code execution.
+ This issue was found by Solar Designer of Openwall during a security audit
+ of the Virtuozzo 7 product, which contains derived downstream code in its
+ prl-vzvncserver component.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7467
+ (* Security fix *)
+a/usb_modeswitch-2.5.0-x86_64-1.txz: Upgraded.
+ap/hplip-3.17.4-x86_64-1.txz: Upgraded.
+l/wavpack-5.1.0-x86_64-1.txz: Upgraded.
+n/mutt-1.8.1-x86_64-1.txz: Upgraded.
+testing/packages/gcc-6.3.0-x86_64-2.txz: Rebuilt.
+testing/packages/gcc-g++-6.3.0-x86_64-2.txz: Rebuilt.
+ Move some Python files into this package instead of the gcc-java package.
+ Move the Python files into a more correct directory.
+ Thanks to Heinz Wiesinger.
+testing/packages/gcc-gfortran-6.3.0-x86_64-2.txz: Rebuilt.
+testing/packages/gcc-gnat-6.3.0-x86_64-2.txz: Rebuilt.
+testing/packages/gcc-go-6.3.0-x86_64-2.txz: Rebuilt.
+testing/packages/gcc-java-6.3.0-x86_64-2.txz: Rebuilt.
+ Move some Python files from this package into the gcc-g++ package.
+ Move the Python files into a more correct directory.
+ Thanks to Heinz Wiesinger.
+testing/packages/gcc-objc-6.3.0-x86_64-2.txz: Rebuilt.
++--------------------------+
+Tue Apr 18 04:21:33 UTC 2017
+x/libdrm-2.4.80-x86_64-1.txz: Upgraded.
+x/mesa-17.0.4-x86_64-1.txz: Upgraded.
+xap/mozilla-thunderbird-52.0.1-x86_64-1.txz: Upgraded.
++--------------------------+
+Thu Apr 13 21:19:45 UTC 2017
+ap/nano-2.8.1-x86_64-1.txz: Upgraded.
+n/bind-9.11.0_P5-x86_64-1.txz: Upgraded.
+ Fixed denial of service security issues.
+ For more information, see:
+ https://kb.isc.org/article/AA-01465
+ https://kb.isc.org/article/AA-01466
+ https://kb.isc.org/article/AA-01471
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3136
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3137
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3138
+ (* Security fix *)
+x/motif-2.3.7-x86_64-1.txz: Upgraded.
+xfce/tumbler-0.1.31-x86_64-11.txz: Rebuilt.
+ Fixed ffmpegthumbnailer bug. Thanks to Robby Workman.
++--------------------------+
+Mon Apr 10 18:08:13 UTC 2017
+ap/bc-1.07.1-x86_64-1.txz: Upgraded.
+ This fixes the input_char read bug that was causing kernel builds to hang.
+x/m17n-lib-1.7.0-x86_64-1.txz: Upgraded.
+xap/xlockmore-5.51-x86_64-2.txz: Rebuilt.
+ Fixed appdefaultdir location. Thanks to Richard Narron.
++--------------------------+
+Sat Apr 8 16:24:35 UTC 2017
+a/ntfs-3g-2017.3.23-x86_64-1.txz: Upgraded.
+ap/acct-6.6.3-x86_64-1.txz: Upgraded.
+ap/bc-1.07-x86_64-1.txz: Upgraded.
+ap/cups-2.2.3-x86_64-1.txz: Upgraded.
+ap/cups-filters-1.13.4-x86_64-1.txz: Upgraded.
+ap/dc3dd-7.2.646-x86_64-1.txz: Upgraded.
+ap/gutenprint-5.2.12-x86_64-1.txz: Upgraded.
+e/emacs-25.1-x86_64-3.txz: Rebuilt.
+kde/calligra-2.9.11-x86_64-9.txz: Rebuilt.
+kde/kdelibs-4.14.30-x86_64-1.txz: Upgraded.
+kde/kopete-4.14.3-x86_64-3.txz: Rebuilt.
+kde/krdc-4.14.3-x86_64-3.txz: Rebuilt.
+kde/libkdcraw-4.14.3-x86_64-4.txz: Rebuilt.
+l/LibRaw-0.18.2-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/babl-0.1.24-x86_64-1.txz: Upgraded.
+l/enchant-1.6.1-x86_64-1.txz: Upgraded.
+l/ffmpeg-3.2.4-x86_64-4.txz: Rebuilt.
+l/gegl-0.2.0-x86_64-4.txz: Rebuilt.
+l/giflib-5.1.4-x86_64-1.txz: Upgraded.
+l/gvfs-1.26.3-x86_64-2.txz: Rebuilt.
+l/imagemagick-6.9.8_3-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/jasper-2.0.12-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+ Thanks to Heinz Wiesinger.
+l/libarchive-3.3.1-x86_64-1.txz: Upgraded.
+l/libbluray-1.0.0-x86_64-1.txz: Added.
+ Built with support for BD-J menus, but without the necessary .jar
+ file to use it. Thanks to Heinz Wiesinger.
+l/libdiscid-0.6.2-x86_64-1.txz: Upgraded.
+l/libmtp-1.1.13-x86_64-1.txz: Upgraded.
+l/libraw1394-2.1.2-x86_64-1.txz: Upgraded.
+l/libsamplerate-0.1.9-x86_64-1.txz: Upgraded.
+l/libsndfile-1.0.28-x86_64-1.txz: Upgraded.
+l/libspectre-0.2.8-x86_64-1.txz: Upgraded.
+l/libtiff-4.0.7-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
- (* Security fix *)
-xap/network-manager-applet-1.0.4-x86_64-1.txz: Upgraded.
-xfce/Thunar-1.6.10-x86_64-1.txz: Upgraded.
-xfce/exo-0.10.6-x86_64-1.txz: Upgraded.
-xfce/xfce4-weather-plugin-0.8.6-x86_64-1.txz: Upgraded.
-xfce/xfdesktop-4.12.3-x86_64-1.txz: Upgraded.
-+--------------------------+
-Tue Jul 28 19:36:39 UTC 2015
-n/bind-9.10.2_P3-x86_64-1.txz: Upgraded.
- This update fixes a security issue where an error in the handling of TKEY
- queries can be exploited by an attacker for use as a denial-of-service
- vector, as a constructed packet can use the defect to trigger a REQUIRE
- assertion failure, causing BIND to exit.
- Impact:
- Both recursive and authoritative servers are vulnerable to this defect.
- Additionally, exposure is not prevented by either ACLs or configuration
- options limiting or denying service because the exploitable code occurs
- early in the packet handling, before checks enforcing those boundaries.
- Operators should take steps to upgrade to a patched version as soon as
- possible.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5477
- https://kb.isc.org/article/AA-01272
- (* Security fix *)
-+--------------------------+
-Fri Jul 17 19:38:52 UTC 2015
-n/httpd-2.4.16-x86_64-1.txz: Upgraded.
- This update fixes the following security issues:
- * CVE-2015-0253: Fix a crash with ErrorDocument 400 pointing to a local
- URL-path with the INCLUDES filter active, introduced in 2.4.11.
- * CVE-2015-0228: mod_lua: A maliciously crafted websockets PING after a
- script calls r:wsupgrade() can cause a child process crash.
- * CVE-2015-3183: core: Fix chunk header parsing defect. Remove
- apr_brigade_flatten(), buffering and duplicated code from the HTTP_IN
- filter, parse chunks in a single pass with zero copy. Limit accepted
- chunk-size to 2^63-1 and be strict about chunk-ext authorized characters.
- * CVE-2015-3185: Replacement of ap_some_auth_required (unusable in Apache
- httpd 2.4) with new ap_some_authn_required and ap_force_authn hook.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0228
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0253
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185
- (* Security fix *)
-n/php-5.6.11-x86_64-1.txz: Upgraded.
- This update fixes some bugs and security issues.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2325
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2326
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3152
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4642
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4643
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4644
- (* Security fix *)
-xap/xscreensaver-5.33-x86_64-1.txz: Upgraded.
-+--------------------------+
-Sun Jul 12 04:28:10 UTC 2015
-xap/mozilla-thunderbird-38.1.0-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5875
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9448
+ (* Security fix *)
+l/libvncserver-0.9.11-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/poppler-0.53.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/virtuoso-ose-6.1.8-x86_64-5.txz: Rebuilt.
+n/openvpn-2.4.1-x86_64-1.txz: Upgraded.
+x/libdrm-2.4.78-x86_64-1.txz: Upgraded.
+x/libinput-1.7.0-x86_64-1.txz: Upgraded.
+x/libpciaccess-0.13.5-x86_64-1.txz: Upgraded.
+x/libva-1.8.0-x86_64-1.txz: Upgraded.
+x/libva-intel-driver-1.7.3-x86_64-1.txz: Upgraded.
+x/mesa-17.0.3-x86_64-1.txz: Upgraded.
+xap/MPlayer-1.3_20170208-x86_64-3.txz: Rebuilt.
+xap/gimp-2.8.20-x86_64-2.txz: Rebuilt.
+xap/mozilla-thunderbird-52.0-x86_64-1.txz: Upgraded.
+xap/xine-lib-1.2.8-x86_64-1.txz: Upgraded.
+ Thanks to Heinz Wiesinger.
+xap/xlockmore-5.51-x86_64-1.txz: Upgraded.
+xap/xv-3.10a-x86_64-8.txz: Rebuilt.
+xfce/tumbler-0.1.31-x86_64-10.txz: Rebuilt.
++--------------------------+
+Sat Apr 1 05:16:59 UTC 2017
+ap/nano-2.8.0-x86_64-1.txz: Upgraded.
+n/samba-4.6.2-x86_64-1.txz: Upgraded.
+ This is a bug fix release to address a regression introduced by the security
+ fixes for CVE-2017-2619 (Symlink race allows access outside share definition).
+ Please see https://bugzilla.samba.org/show_bug.cgi?id=12721 for details.
++--------------------------+
+Thu Mar 30 20:18:17 UTC 2017
+l/ffmpeg-3.2.4-x86_64-3.txz: Rebuilt.
+ Recompiled against libcdio-paranoia-10.2+0.94+1.
+x/libwacom-0.24-x86_64-1.txz: Upgraded.
+xap/MPlayer-1.3_20170208-x86_64-2.txz: Rebuilt.
+ Recompiled against libcdio-paranoia-10.2+0.94+1.
++--------------------------+
+Tue Mar 28 20:30:50 UTC 2017
+ap/mariadb-10.0.30-x86_64-1.txz: Upgraded.
+ This update fixes security issues:
+ Crash in libmysqlclient.so.
+ Difficult to exploit vulnerability allows low privileged attacker with
+ logon to compromise the server. Successful attacks of this vulnerability
+ can result in unauthorized access to data.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3302
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3313
+ (* Security fix *)
+d/pkg-config-0.29.2-x86_64-1.txz: Upgraded.
+l/libcdio-paranoia-10.2+0.94+1-x86_64-1.txz: Upgraded.
+n/openssh-7.5p1-x86_64-1.txz: Upgraded.
+ This release deprecates the sshd_config UsePrivilegeSeparation option,
+ thereby making privilege separation mandatory. Note that privilege
+ separation has been on by default for almost 15 years and sandboxing
+ has been on by default for almost the last five, so this shouldn't
+ change anything for most users.
+xap/mozilla-firefox-52.0.2-x86_64-1.txz: Upgraded.
+ This is a bugfix release.
+xfce/xfce4-notifyd-0.3.6-x86_64-1.txz: Upgraded.
++--------------------------+
+Thu Mar 23 21:38:23 UTC 2017
+a/glibc-zoneinfo-2017b-noarch-1.txz: Upgraded.
+a/libgudev-231-x86_64-1.txz: Upgraded.
+a/lilo-24.2-x86_64-4.txz: Rebuilt.
+ Issue a warning rather than a fatal error for colons in /dev/disk/by-id/
+ device names. Thanks to alex14641 on LQ.
+d/cmake-3.7.2-x86_64-1.txz: Upgraded.
+d/ruby-2.4.1-x86_64-1.txz: Upgraded.
+n/mcabber-1.0.5-x86_64-1.txz: Upgraded.
+ This update fixes a security issue:
+ An incorrect implementation of XEP-0280: Message Carbons in multiple XMPP
+ clients allows a remote attacker to impersonate any user, including
+ contacts, in the vulnerable application's display. This allows for various
+ kinds of social engineering attacks.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5604
(* Security fix *)
-testing/packages/e2fsprogs-1.43_WIP_20150518-x86_64-1.txz: Added.
-+--------------------------+
-Thu Jul 9 18:29:23 UTC 2015
-a/kernel-firmware-20150709git-noarch-1.txz: Upgraded.
-a/openssl-solibs-1.0.1p-x86_64-1.txz: Upgraded.
-n/openssl-1.0.1p-x86_64-1.txz: Upgraded.
- This update fixes the following security issue:
- Alternative chains certificate forgery (CVE-2015-1793).
- During certificate verification, OpenSSL (starting from version 1.0.1n and
- 1.0.2b) will attempt to find an alternative certificate chain if the first
- attempt to build such a chain fails. An error in the implementation of this
- logic can mean that an attacker could cause certain checks on untrusted
- certificates to be bypassed, such as the CA flag, enabling them to use a
- valid leaf certificate to act as a CA and "issue" an invalid certificate.
- This issue will impact any application that verifies certificates including
- SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication.
- This issue affects OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n and 1.0.1o.
- This issue was reported to OpenSSL on 24th June 2015 by Adam Langley/David
- Benjamin (Google/BoringSSL). The fix was developed by the BoringSSL project.
- For more information, see:
- https://openssl.org/news/secadv_20150709.txt
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1793
- (* Security fix *)
-+--------------------------+
-Tue Jul 7 22:59:17 UTC 2015
-ap/cups-2.0.3-x86_64-1.txz: Upgraded.
- This release fixes bugs and a couple of security issues:
- CWE-911: Improper Update of Reference Count - CVE-2015-1158
- This bug could allow an attacker to upload a replacement CUPS
- configuration file and mount further attacks.
- CWE-79: Improper Neutralization of Input During Web Page Generation
- (Cross-site Scripting) - CVE-2015-1159
- A cross-site scripting bug in the CUPS templating engine allows this
- bug to be exploited when a user browses the web. In certain cases,
- the CGI template can echo user input to file rather than escaping the
- text first. This may be used to set up a reflected XSS attack in
- the QUERY parameter of the web interface help page.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1158
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1159
- (* Security fix *)
-ap/cups-filters-1.0.71-x86_64-1.txz: Upgraded.
- Fixed overflows and lack of bounds checking in texttopdf.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3258
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3259
- (* Security fix *)
-ap/lm_sensors-3.3.5-x86_64-1.txz: Upgraded.
-ap/nano-2.4.2-x86_64-1.txz: Upgraded.
-ap/screen-4.3.1-x86_64-1.txz: Upgraded.
-d/make-3.82-x86_64-6.txz: Rebuilt.
- Added whitespace handling patch from upstream. Thanks to Michele Ballabio.
-d/python-2.7.10-x86_64-1.txz: Upgraded.
-l/glade3-3.8.5-x86_64-2.txz: Rebuilt.
- Recompiled to eliminate remaining libpng14 references in .la files.
-l/gst-plugins-base-1.4.5-x86_64-1.txz: Upgraded.
-l/gst-plugins-base0-0.10.36-x86_64-2.txz: Rebuilt.
- Recompiled to eliminate remaining libpng14 references in .la files.
-l/gst-plugins-good-1.4.5-x86_64-1.txz: Upgraded.
-l/gstreamer-1.4.5-x86_64-1.txz: Upgraded.
-l/notify-python-0.1.1-x86_64-4.txz: Rebuilt.
- Recompiled to eliminate remaining libpng14 references in .la files.
-l/pygtk-2.24.0-x86_64-2.txz: Rebuilt.
- Recompiled to eliminate remaining libpng14 references in .la files.
-n/bind-9.10.2_P2-x86_64-1.txz: Upgraded.
- This update fixes a security issue where an attacker who can cause
- a validating resolver to query a zone containing specifically constructed
- contents can cause that resolver to fail an assertion and terminate due
- to a defect in validation code. This means that a recursive resolver that
- is performing DNSSEC validation can be deliberately stopped by an attacker
- who can cause the resolver to perform a query against a
- maliciously-constructed zone. This will result in a denial of service to
- clients who rely on that resolver.
- For more information, see:
- https://kb.isc.org/article/AA-01267/
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4620
- (* Security fix *)
-n/ntp-4.2.8p3-x86_64-1.txz: Upgraded.
- This update fixes a security issue where under specific circumstances an
- attacker can send a crafted packet to cause a vulnerable ntpd instance to
- crash. Since this requires 1) ntpd set up to allow remote configuration
- (not allowed by default), and 2) knowledge of the configuration password,
- and 3) access to a computer entrusted to perform remote configuration,
- the vulnerability is considered low-risk.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5146
- (* Security fix *)
-x/scim-hangul-0.3.2-x86_64-4.txz: Rebuilt.
- Recompiled to eliminate remaining libpng14 references in .la files.
-xap/imagemagick-6.9.1_7-x86_64-1.txz: Upgraded.
- Added --with-gcc-arch=$ARCH to fix illegal instruction errors on 32-bit
- platforms with non-AMD processors. Thanks to Kirils Solovjovs.
-xap/mozilla-firefox-39.0-x86_64-1.txz: Upgraded.
+n/samba-4.6.1-x86_64-1.txz: Upgraded.
+ This update fixes a security issue:
+ All versions of Samba prior to 4.6.1, 4.5.7, 4.4.12 are vulnerable to
+ a malicious client using a symlink race to allow access to areas of
+ the server file system not exported under the share definition.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2619
+ (* Security fix *)
++--------------------------+
+Tue Mar 21 21:42:52 UTC 2017
+a/dbus-1.10.16-x86_64-1.txz: Upgraded.
+a/file-5.30-x86_64-1.txz: Upgraded.
+a/pciutils-3.5.4-x86_64-1.txz: Upgraded.
+l/gst-plugins-base-1.10.4-x86_64-1.txz: Upgraded.
+l/gst-plugins-good-1.10.4-x86_64-1.txz: Upgraded.
+l/gst-plugins-libav-1.10.4-x86_64-1.txz: Upgraded.
+l/gstreamer-1.10.4-x86_64-1.txz: Upgraded.
+l/libpng-1.6.29-x86_64-1.txz: Upgraded.
+l/libusb-1.0.21-x86_64-1.txz: Upgraded.
+l/zlib-1.2.11-x86_64-1.txz: Upgraded.
+n/alpine-2.21-x86_64-1.txz: Upgraded.
+n/imapd-2.21-x86_64-1.txz: Upgraded.
+x/dejavu-fonts-ttf-2.37-noarch-1.txz: Upgraded.
+xfce/Thunar-1.6.11-x86_64-1.txz: Upgraded.
++--------------------------+
+Mon Mar 20 20:43:14 UTC 2017
+a/e2fsprogs-1.43.4-x86_64-1.txz: Upgraded.
+a/mkinitrd-1.4.9-x86_64-1.txz: Upgraded.
+ Support FSTRIM on LUKS devices unlocked at boot. Note that the expected name
+ of a root LUKS device has changed -- please see the revised README_CRYPT.TXT.
+ Thanks to Mason Loring Bliss for the initial patch, and Robby Workman
+ for a few adjustments and documentation.
+a/udisks2-2.1.8-x86_64-1.txz: Upgraded.
+ap/man-pages-4.10-noarch-1.txz: Upgraded.
+n/gnutls-3.5.10-x86_64-1.txz: Upgraded.
+n/mobile-broadband-provider-info-20170310-x86_64-1.txz: Upgraded.
+x/libpthread-stubs-0.4-noarch-1.txz: Upgraded.
+x/mesa-17.0.2-x86_64-1.txz: Upgraded.
+x/xf86-video-amdgpu-1.3.0-x86_64-1.txz: Upgraded.
+x/xf86-video-ati-7.9.0-x86_64-1.txz: Upgraded.
+xap/audacious-plugins-3.8.2-x86_64-2.txz: Rebuilt.
+ Added ffmpeg support. Thanks to franzen.
+xap/windowmaker-0.95.8-x86_64-1.txz: Upgraded.
++--------------------------+
+Sun Mar 19 05:27:13 UTC 2017
+l/SDL2-2.0.5-x86_64-1.txz: Added.
+l/SDL2_gfx-1.0.3-x86_64-1.txz: Added.
+l/SDL2_image-2.0.1-x86_64-1.txz: Added.
+l/SDL2_mixer-2.0.1-x86_64-1.txz: Added.
+l/SDL2_net-2.0.1-x86_64-1.txz: Added.
+l/SDL2_ttf-2.0.14-x86_64-1.txz: Added.
+l/ffmpeg-3.2.4-x86_64-2.txz: Rebuilt.
+ The package now includes ffplay, which required the SDL2 libraries.
+xap/audacious-3.8.2-x86_64-1.txz: Upgraded.
+xap/audacious-plugins-3.8.2-x86_64-1.txz: Upgraded.
++--------------------------+
+Sat Mar 18 00:30:40 UTC 2017
+xap/mozilla-firefox-52.0.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
- (* Security fix *)
-xap/pidgin-2.10.11-x86_64-2.txz: Rebuilt.
- Patched to use gstreamer-1.x. Thanks to Heinz Wiesinger.
-testing/source/config-testing-4.1.1/*: Added.
-+--------------------------+
-Fri Jun 12 17:58:45 UTC 2015
-a/openssl-solibs-1.0.1o-x86_64-1.txz: Upgraded.
-n/openssl-1.0.1o-x86_64-1.txz: Upgraded.
- New release to resolve 1.0.1n HMAC ABI incompatibility.
-+--------------------------+
-Thu Jun 11 21:31:47 UTC 2015
-a/openssl-solibs-1.0.1n-x86_64-1.txz: Upgraded.
-ap/screen-4.2.1-x86_64-2.txz: Rebuilt.
- Added some patches to fix corruption when using screen with a serial port.
- Thanks to Stuart Winter.
-d/gdb-7.9.1-x86_64-1.txz: Upgraded.
-l/qt-4.8.7-x86_64-1.txz: Upgraded.
-n/openssl-1.0.1n-x86_64-1.txz: Upgraded.
- Fixes several bugs and security issues:
- o Malformed ECParameters causes infinite loop (CVE-2015-1788)
- o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
- o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
- o CMS verify infinite loop with unknown hash function (CVE-2015-1792)
- o Race condition handling NewSessionTicket (CVE-2015-1791)
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791
- (* Security fix *)
-n/php-5.6.9-x86_64-1.txz: Upgraded.
- This update fixes some bugs and security issues.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7243
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2325
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2326
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4021
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4022
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4024
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4025
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4026
- (* Security fix *)
-xap/mozilla-firefox-38.0.6-x86_64-1.txz: Upgraded.
-xap/mozilla-thunderbird-38.0.1-x86_64-1.txz: Upgraded.
-+--------------------------+
-Sun May 17 04:35:46 UTC 2015
-xap/mozilla-firefox-38.0.1-x86_64-1.txz: Upgraded.
-xap/mozilla-thunderbird-31.7.0-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
+ https://www.mozilla.org/security/known-vulnerabilities/firefox.html
+ (* Security fix *)
++--------------------------+
+Fri Mar 17 21:21:21 UTC 2017
+a/mlocate-0.26-x86_64-1.txz: Added.
+ This replaces slocate as the system locate/updatedb utilities.
+ In tests here, mlocate was about 20% faster than slocate at creating a
+ new database. When updating an existing database, it was many times
+ faster. On my machine, the nightly database update took about 5 minutes
+ with slocate, but only a few seconds with mlocate.
+ I might miss (slightly) the heavy drive activity at 04:40 that would let
+ me know that it was time for bed. ;-)
+ Be sure to move the new /etc/updatedb.conf into place when installing
+ this package.
+a/slocate-3.1-x86_64-4.txz: Removed.
+xfce/xfwm4-4.12.4-x86_64-1.txz: Upgraded.
++--------------------------+
+Thu Mar 16 01:37:05 UTC 2017
+ap/jove-4.16.0.73-x86_64-3.txz: Rebuilt.
+ Ensure that the teach-jove file is installed. Thanks to bassmadrigal.
+d/llvm-4.0.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/gdbm-1.13-x86_64-1.txz: Upgraded.
+n/irssi-1.0.2-x86_64-1.txz: Upgraded.
+x/mesa-17.0.1-x86_64-2.txz: Rebuilt.
+ Recompiled against libLLVM-4.0.so.
+x/xf86-input-libinput-0.25.0-x86_64-1.txz: Upgraded.
+x/xf86-video-intel-git_20170313_7e9e92c8-x86_64-1.txz: Upgraded.
+x/xf86-video-nouveau-1.0.14-x86_64-1.txz: Upgraded.
+x/xf86-video-vmware-13.2.1-x86_64-3.txz: Rebuilt.
+ Recompiled against libLLVM-4.0.so.
+x/xorg-server-1.19.3-x86_64-1.txz: Upgraded.
+x/xorg-server-xephyr-1.19.3-x86_64-1.txz: Upgraded.
+x/xorg-server-xnest-1.19.3-x86_64-1.txz: Upgraded.
+x/xorg-server-xvfb-1.19.3-x86_64-1.txz: Upgraded.
+xap/pidgin-2.12.0-x86_64-1.txz: Upgraded.
+ This update fixes a minor security issue (out of bounds memory read in
+ purple_markup_unescape_entity).
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2640
+ (* Security fix *)
++--------------------------+
+Fri Mar 10 05:41:05 UTC 2017
+a/coreutils-8.27-x86_64-1.txz: Upgraded.
+ap/mc-4.8.19-x86_64-1.txz: Upgraded.
+l/harfbuzz-1.4.4-x86_64-1.txz: Upgraded.
+x/libepoxy-1.4.1-x86_64-1.txz: Upgraded.
+x/libinput-1.6.3-x86_64-1.txz: Upgraded.
+x/mesa-17.0.1-x86_64-1.txz: Upgraded.
+x/motif-2.3.6-x86_64-1.txz: Upgraded.
+xap/gimp-2.8.20-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-52.0-x86_64-2.txz: Rebuilt.
+ Recompiled with --enable-alsa option. Without this, there is no fallback
+ support for ALSA if PulseAudio is not present. Thanks to Ivan Kalvatchev.
+xap/network-manager-applet-1.4.6-x86_64-1.txz: Upgraded.
++--------------------------+
+Wed Mar 8 00:17:36 UTC 2017
+a/kmod-24-x86_64-1.txz: Upgraded.
+d/binutils-2.28-x86_64-1.txz: Upgraded.
+d/oprofile-1.1.0-x86_64-3.txz: Rebuilt.
+ Recompiled against new libbfd from binutils-2.28.
+l/ffmpeg-3.2.4-x86_64-1.txz: Upgraded.
+ Autodetect more optional dependencies in the build script.
+ Thanks to Heinz Wiesinger.
+x/libX11-1.6.5-x86_64-1.txz: Upgraded.
+x/libXi-1.7.9-x86_64-1.txz: Upgraded.
+x/presentproto-1.1-x86_64-1.txz: Upgraded.
+x/sessreg-1.1.1-x86_64-1.txz: Upgraded.
+x/util-macros-1.19.1-noarch-1.txz: Upgraded.
+x/xauth-1.0.10-x86_64-1.txz: Upgraded.
+x/xconsole-1.0.7-x86_64-1.txz: Upgraded.
+x/xf86-input-evdev-2.10.5-x86_64-1.txz: Upgraded.
+x/xf86-input-libinput-0.24.0-x86_64-1.txz: Upgraded.
+x/xf86-video-chips-1.2.7-x86_64-1.txz: Added.
+x/xf86-video-glint-1.2.9-x86_64-1.txz: Added.
+x/xf86-video-i740-1.3.6-x86_64-1.txz: Added.
+x/xf86-video-intel-git_20170228_78d7a09b-x86_64-1.txz: Upgraded.
+x/xf86-video-mga-1.6.5-x86_64-1.txz: Added.
+x/xf86-video-nv-2.1.21-x86_64-1.txz: Added.
+x/xf86-video-openchrome-0.6.0-x86_64-1.txz: Upgraded.
+x/xf86-video-r128-6.10.2-x86_64-1.txz: Added.
+x/xf86-video-savage-2.3.9-x86_64-1.txz: Added.
+x/xf86-video-siliconmotion-1.7.9-x86_64-1.txz: Added.
+x/xf86-video-sis-0.10.9-x86_64-1.txz: Added.
+x/xf86-video-sisusb-0.9.7-x86_64-1.txz: Upgraded.
+x/xf86-video-tdfx-1.4.7-x86_64-1.txz: Added.
+x/xf86-video-trident-1.3.8-x86_64-1.txz: Added.
+x/xorg-server-1.19.2-x86_64-1.txz: Upgraded.
+x/xorg-server-xephyr-1.19.2-x86_64-1.txz: Upgraded.
+x/xorg-server-xnest-1.19.2-x86_64-1.txz: Upgraded.
+x/xorg-server-xvfb-1.19.2-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-52.0-x86_64-1.txz: Upgraded.
+ This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
+ https://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
-+--------------------------+
-Wed May 13 02:29:39 UTC 2015
-xap/mozilla-firefox-38.0-x86_64-1.txz: Upgraded.
+xap/mozilla-thunderbird-45.8.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
- (* Security fix *)
-+--------------------------+
-Tue May 12 07:17:33 UTC 2015
-ap/mariadb-10.0.18-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
+ https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
+ (* Security fix *)
++--------------------------+
+Tue Feb 28 23:51:55 UTC 2017
+a/coreutils-8.26-x86_64-2.txz: Rebuilt.
+ Added a few more file extensions to /etc/DIR_COLORS, including .lz.
+a/ed-1.14.2-x86_64-1.txz: Upgraded.
+a/etc-14.2-x86_64-9.txz: Rebuilt.
+ Added cgred group to /etc/group.new. (cgred:x:41:)
+a/glibc-zoneinfo-2017a-noarch-1.txz: Upgraded.
+a/libcgroup-0.41-x86_64-2.txz: Rebuilt.
+ Fixed rc.cgred to source the correct config file.
+ Changed /usr/bin/cgexec from setuid root to setgid cgred.
+ Don't remove the entire cgroup file system with "rc.cgconfig stop".
+ Thanks to chris.willing.
+a/shadow-4.2.1-x86_64-2.txz: Rebuilt.
+ Patched a potential security issue that allows any local user to send
+ SIGKILL to other processes with root privileges. Note that Slackware
+ is not vulnerable since the bug only affects systems that use PAM.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616
+ (* Security fix *)
+a/util-linux-2.29.2-x86_64-1.txz: Upgraded.
+ This update fixes a potential security issue that allows any local user
+ to send SIGKILL to other processes with root privileges. Note that
+ Slackware is not vulnerable since we do not use /bin/su from util-linux,
+ and the bug only affects systems that use PAM.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616
+ (* Security fix *)
+ap/nano-2.7.5-x86_64-1.txz: Upgraded.
+ap/screen-4.5.1-x86_64-1.txz: Upgraded.
+d/guile-2.0.14-x86_64-1.txz: Upgraded.
+l/cairo-1.14.8-x86_64-1.txz: Upgraded.
+l/fftw-3.3.6_pl1-x86_64-1.txz: Upgraded.
+l/libimobiledevice-1.2.0-x86_64-2.txz: Rebuilt.
+ Patched to fix mounting iOS 10 devices. Thanks to qunying.
+l/libsigsegv-2.11-x86_64-1.txz: Upgraded.
+n/ModemManager-1.6.4-x86_64-1.txz: Upgraded.
+n/NetworkManager-1.6.2-x86_64-1.txz: Upgraded.
+n/curl-7.53.1-x86_64-1.txz: Upgraded.
+ Fixes SSL_VERIFYSTATUS ignored security issue.
+ (Issue only existed in Slackware -current, not in any -stable releases)
+ For more information, see:
+ https://curl.haxx.se/docs/adv_20170222.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2629
+ (* Security fix *)
+n/libmbim-1.14.0-x86_64-1.txz: Upgraded.
+n/libqmi-1.16.2-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+xap/windowmaker-0.95.7-x86_64-3.txz: Rebuilt.
+ Disabled overly verbose logging of warnings to syslog. Thanks to B Watson.
++--------------------------+
+Mon Feb 13 06:21:22 UTC 2017
+a/grep-3.0-x86_64-1.txz: Upgraded.
+l/gst-plugins-libav-1.10.3-x86_64-1.txz: Added.
+ Thanks to alienBOB.
+n/wget-1.19.1-x86_64-1.txz: Upgraded.
++--------------------------+
+Fri Feb 10 21:07:35 UTC 2017
+a/aaa_elflibs-14.2-x86_64-28.txz: Rebuilt.
+a/grep-2.28-x86_64-1.txz: Upgraded.
+a/hdparm-9.51-x86_64-1.txz: Upgraded.
+a/openssl-solibs-1.0.2k-x86_64-1.txz: Upgraded.
+a/sed-4.4-x86_64-1.txz: Upgraded.
+a/util-linux-2.29.1-x86_64-1.txz: Upgraded.
+ap/ddrescue-1.22-x86_64-1.txz: Upgraded.
+ap/flac-1.3.2-x86_64-1.txz: Upgraded.
+ap/sqlite-3.16.2-x86_64-1.txz: Upgraded.
+ap/tmux-2.3-x86_64-2.txz: Rebuilt.
+ Recompiled against libevent-2.1.8.
+d/llvm-3.9.1-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+ Added support for lldb and openmp to the package.
+ Thanks to Heinz Wiesinger.
+d/opencl-headers-2.1-noarch-1.txz: Added.
+d/scons-2.5.1-x86_64-1.txz: Upgraded.
+l/ffmpeg-3.2.3-x86_64-1.txz: Added.
+ Thanks to Heinz Wiesinger.
+l/gmime-2.6.23-x86_64-1.txz: Upgraded.
+l/gst-plugins-base-1.10.3-x86_64-1.txz: Upgraded.
+l/gst-plugins-good-1.10.3-x86_64-1.txz: Upgraded.
+l/gstreamer-1.10.3-x86_64-1.txz: Upgraded.
+l/json-c-0.12-x86_64-1.txz: Removed.
+ This had been a required dep for PulseAudio, but has become optional. Since
+ being added to Slackware, a few other packages had begun to use it
+ (NetworkManager, BIND), but it's not really critical there either so we're
+ removing it from the main tree. If you require json-c for something, it is
+ expected that SBo will be picking it up.
+l/libclc-20160921_520743b-x86_64-1.txz: Added.
+ This is needed by Mesa.
+l/libedit-20160903_3.1-x86_64-1.txz: Added.
+ This is needed by lldb.
+l/libevent-2.1.8-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/libjpeg-turbo-1.5.1-x86_64-1.txz: Upgraded.
+l/libnl3-3.2.29-x86_64-1.txz: Upgraded.
+l/libpcap-1.8.1-x86_64-1.txz: Upgraded.
+l/libvpx-1.6.1-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/libzip-1.1.3-x86_64-1.txz: Upgraded.
+l/ocl-icd-2.2.11-x86_64-1.txz: Added.
+l/openjpeg-2.1.2-x86_64-1.txz: Upgraded.
+l/pulseaudio-10.0-x86_64-1.txz: Upgraded.
+l/python-six-1.10.0-x86_64-1.txz: Added.
+ This is needed by lldb.
+l/rasqal-0.9.33-x86_64-1.txz: Upgraded.
+l/redland-1.0.17-x86_64-1.txz: Upgraded.
+l/serf-1.3.9-x86_64-1.txz: Upgraded.
+n/NetworkManager-1.6.0-x86_64-1.txz: Upgraded.
+n/bind-9.11.0_P3-x86_64-1.txz: Upgraded.
+ This update fixes a denial-of-service vulnerability. Under some conditions
+ when using both DNS64 and RPZ to rewrite query responses, query processing
+ can resume in an inconsistent state leading to either an INSIST assertion
+ failure or an attempt to read through a NULL pointer.
+ For more information, see:
+ https://kb.isc.org/article/AA-01453
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3135
+ (* Security fix *)
+n/iproute2-4.9.0-x86_64-1.txz: Upgraded.
+n/iptables-1.6.1-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+n/links-2.14-x86_64-2.txz: Rebuilt.
+ Recompiled against libevent-2.1.8.
+n/mutt-1.7.2-x86_64-2.txz: Rebuilt.
+ Recompiled with --enable-sidebar option. Thanks to Corrado Franco.
+n/nftables-0.7-x86_64-2.txz: Rebuilt.
+ Recompiled against iptables-1.6.1. Added libxtables support.
+n/ntp-4.2.8p9-x86_64-3.txz: Rebuilt.
+ Recompiled against libevent-2.1.8.
+n/openssl-1.0.2k-x86_64-1.txz: Upgraded.
+ This update fixes security issues:
+ Truncated packet could crash via OOB read (CVE-2017-3731)
+ BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)
+ Montgomery multiplication may produce incorrect results (CVE-2016-7055)
+ For more information, see:
+ https://www.openssl.org/news/secadv/20170126.txt
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3731
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3732
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7055
+ (* Security fix *)
+n/php-5.6.30-x86_64-1.txz: Upgraded.
+ This release fixes bugs and security issues.
For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0501
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2571
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0505
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0499
- (* Security fix *)
-ap/terminus-font-4.39-noarch-1.txz: Upgraded.
-d/slacktrack-2.17-x86_64-1.txz: Upgraded.
- Thanks to Stuart Winter.
-l/libcanberra-0.30-x86_64-1.txz: Upgraded.
-l/qt-4.8.6-x86_64-4.txz: Rebuilt.
- QNAM: Fix upload corruptions when server closes connection
- This patch fixes several upload corruptions if the server closes the
- connection while/before we send data into it.
- cherry picked from commit: qtbase/cff39fba10ffc10ee4dcfdc66ff6528eb
-n/wpa_supplicant-2.4-x86_64-2.txz: Rebuilt.
- This update fixes potential denial of service issues.
- For more information, see:
- http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt
- http://w1.fi/security/2015-2/wps-upnp-http-chunked-transfer-encoding.txt
- http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt
- http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1863
- (* Security fix *)
-+--------------------------+
-Mon May 4 04:15:20 UTC 2015
-a/aaa_terminfo-5.9-x86_64-1.txz: Upgraded.
-a/btrfs-progs-v3.18.2-x86_64-1.txz: Upgraded.
-ap/cups-2.0.2-x86_64-3.txz: Rebuilt.
- Removed files that overlap with the cups-filter package.
-ap/cups-filters-1.0.68-x86_64-2.txz: Rebuilt.
- Removed bundled version of foomatic-rip.
-kde/calligra-2.9.4-x86_64-1.txz: Upgraded.
-kdei/calligra-l10n-bs-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ca-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ca@valencia-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-cs-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-da-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-de-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-el-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-en_GB-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-es-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-et-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-fi-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-fr-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-gl-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-hu-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-it-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ja-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-kk-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-nb-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-nl-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pl-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pt-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pt_BR-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ru-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-sk-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-sv-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-tr-2.9.2-noarch-1.txz: Removed.
-kdei/calligra-l10n-uk-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-zh_CN-2.9.4-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-zh_TW-2.9.4-noarch-1.txz: Upgraded.
-l/libidn-1.30-x86_64-1.txz: Upgraded.
- This is reported to fix hangs with Emacs and other programs.
- Thanks to 55020.
-l/ncurses-5.9-x86_64-4.txz: Rebuilt.
- Applied upstream patch ncurses-5.9-20141206-patch.sh.
-l/qt-4.8.6-x86_64-3.txz: Rebuilt.
- Upgraded the WebKit components to version 2.3.4, which uses gstreamer-1
- instead of gstreamer-0. This should fix conflicts with programs that
- use both WebKit and phonon. Thanks to Heinz Wiesinger.
-x/libdrm-2.4.60-x86_64-1.txz: Upgraded.
-x/mesa-10.5.4-x86_64-1.txz: Upgraded.
-xfce/xfwm4-4.12.2-x86_64-2.txz: Rebuilt.
- Reverted to older xinitrc.xfce to fix problems starting Xfce from XDM.
- Thanks to comet.berkeley.
-+--------------------------+
-Wed Apr 29 05:10:52 UTC 2015
-l/libxml2-2.9.2-x86_64-2.txz: Rebuilt.
- Reverted a patch that breaks the catalog. Thanks to Stuart Winter.
-n/gnupg-1.4.19-x86_64-2.txz: Rebuilt.
- Patched to fix spurious debug messages that may break sbopkg and slackpkg.
- Thanks to Willy Sudiarto Raharjo.
-+--------------------------+
-Sun Apr 26 18:56:37 UTC 2015
-l/shared-mime-info-1.3-x86_64-2.txz: Rebuilt.
- Patched to not hammer the system with fsync.
-+--------------------------+
-Sun Apr 26 16:50:47 UTC 2015
-ap/cups-2.0.2-x86_64-2.txz: Rebuilt.
- Patched to fix high CPU load on one core when adding or removing printers.
-+--------------------------+
-Sat Apr 25 23:13:15 UTC 2015
-ap/sqlite-3.8.9-x86_64-1.txz: Upgraded.
-l/netpbm-10.66.02-x86_64-3.txz: Rebuilt.
- Fixed missing pnmtops. Thanks to Richard David Sherman.
-n/gnupg2-2.0.27-x86_64-2.txz: Rebuilt.
- Patched to fix spurious debug messages that may break sbopkg and slackpkg.
- Thanks to Willy Sudiarto Raharjo.
-tcl/tcl-8.6.4-x86_64-1.txz: Upgraded.
-tcl/tk-8.6.4-x86_64-1.txz: Upgraded.
-xap/MPlayer-20150425-x86_64-1.txz: Upgraded.
- Fixed runtime CPU detection. Thanks to Daniil Bratashov.
-+--------------------------+
-Sat Apr 25 02:37:47 UTC 2015
-a/aaa_elflibs-14.1-x86_64-6.txz: Rebuilt.
- Added libstdc++.so.6.0.20.
-a/cxxlibs-6.0.18-x86_64-1.txz: Removed.
-a/mkinitrd-1.4.8-x86_64-4.txz: Rebuilt.
- In mkinitrd_command_generator.sh: fixed the kernel version detection, and
- muted the error about missing /sys hcd module directories.
- Blacklisted iphone-set-info to prevent the initrd from uselessly bloating.
- Thanks to Ryan P.C. McQuen, Eric Hameleers, and Dan Church.
-d/gcc-4.9.2-x86_64-2.txz: Rebuilt.
- Recompiled with --enable-install-libiberty. Thanks to fskmh.
-d/gcc-g++-4.9.2-x86_64-2.txz: Rebuilt.
-d/gcc-gfortran-4.9.2-x86_64-2.txz: Rebuilt.
-d/gcc-gnat-4.9.2-x86_64-2.txz: Rebuilt.
-d/gcc-go-4.9.2-x86_64-2.txz: Rebuilt.
-d/gcc-java-4.9.2-x86_64-2.txz: Rebuilt.
-d/gcc-objc-4.9.2-x86_64-2.txz: Rebuilt.
-d/llvm-3.6.0-x86_64-2.txz: Rebuilt.
- Fixed overly restrictive permissions on c++-analyzer, ccc-analyzer,
- scan-build, set-xcode-analyzer, and scan-view.
- Thanks to Ricardo Nabinger Sanchez.
-l/gc-7.4.2-x86_64-2.txz: Rebuilt.
- Patched to fix "undefined reference to `GC_setup_mark_lock'", noticed while
- building inkscape. Thanks to Matteo Bernardini.
-l/libmpc-1.0.3-x86_64-1.txz: Upgraded.
- Thanks to fskmh.
-l/lzo-2.09-x86_64-1.txz: Upgraded.
-l/netpbm-10.66.02-x86_64-2.txz: Rebuilt.
- Fixed libnetpbm.so symlink. Thanks to Matteo Bernardini.
-n/crda-3.18-x86_64-2.txz: Rebuilt.
- Ensure libreg.so is installed in the proper lib directory.
+ https://php.net/ChangeLog-5.php#5.6.30
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10158
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10159
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10160
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10161
+ (* Security fix *)
+n/samba-4.5.5-x86_64-1.txz: Upgraded.
+n/tcpdump-4.9.0-x86_64-1.txz: Upgraded.
+ Fixed bugs which allow an attacker to crash tcpdump (denial of service).
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7922
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7923
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7924
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7925
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7926
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7927
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7928
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7929
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7930
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7931
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7932
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7933
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7934
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7935
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7936
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7937
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7938
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7939
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7940
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7973
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7974
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7975
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7983
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7984
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7985
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7986
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7992
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7993
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8574
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8575
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5202
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5203
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5204
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5205
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5341
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5342
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5482
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5483
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5484
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5485
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5486
+ (* Security fix *)
+n/wget-1.19-x86_64-1.txz: Upgraded.
+n/zd1211-firmware-1.5-fw-1.txz: Upgraded.
+x/fontconfig-2.12.1-x86_64-1.txz: Upgraded.
Thanks to Robby Workman.
-n/iproute2-3.18.0-x86_64-2.txz: Rebuilt.
- Properly handle /etc/iproute2/nl_protos.new config file.
- Thanks to Wim Speekenbrink.
-n/libgpg-error-1.18-x86_64-2.txz: Rebuilt.
- Compress info file, and remove /usr/info/dir from package.
- Thanks to Edward Trumbo.
- Don't build static library.
-n/php-5.6.8-x86_64-2.txz: Rebuilt.
- Fixed permissions on /etc/httpd/. Thanks to Francisco Ambrozio.
-n/rsync-3.1.1-x86_64-1.txz: Upgraded.
-+--------------------------+
-Tue Apr 21 23:44:00 UTC 2015
-Greetings! It has indeed been far too long. I apologize for the absence
-of updates lately, but we've been using the time to get some good work done.
-This is not a beta (probably not even an alpha release yet), but it is also
-not a drill. ;-) We've spared you all most of the pain while we
-transitioned to a lot of new libraries that got major version number bumps,
-and have tested everything to ensure that this will be a smooth upgrade.
-Still, I'd be surprised if all this didn't introduce any regressions, so if
-you find any problems let us know. Huge thanks are due to Robby Workman,
-Heinz Wiesinger, Eric Hameleers, and Stuart Winter for all the help. Have fun!
-a/aaa_elflibs-14.1-x86_64-5.txz: Rebuilt.
-a/acl-2.2.52-x86_64-1.txz: Upgraded.
-a/acpid-2.0.23-x86_64-1.txz: Upgraded.
-a/attr-2.4.47-x86_64-1.txz: Upgraded.
-a/cryptsetup-1.6.6-x86_64-1.txz: Upgraded.
-a/dbus-1.8.16-x86_64-1.txz: Upgraded.
-a/dosfstools-3.0.26-x86_64-1.txz: Upgraded.
-a/ed-1.11-x86_64-1.txz: Upgraded.
-a/etc-14.2-x86_64-1.txz: Upgraded.
- Added usbmux user to /etc/passwd.
-a/file-5.22-x86_64-1.txz: Upgraded.
- Include the flat files in the package again.
- Compile /etc/file/magic.mgc from the flat files upon installation,
- and include a script in /etc/file/ to recompile from the flat files
- to handle any local additions.
- Thanks to Marco Maggi and Kees Theunissen.
-a/gawk-4.1.1-x86_64-3.txz: Rebuilt.
-a/gettext-0.19.4-x86_64-1.txz: Upgraded.
-a/glibc-solibs-2.21-x86_64-2.txz: Rebuilt.
-a/glibc-zoneinfo-2015c-noarch-1.txz: Upgraded.
-a/gptfdisk-1.0.0-x86_64-1.txz: Upgraded.
-a/hdparm-9.45-x86_64-1.txz: Upgraded.
-a/infozip-6.0-x86_64-3.txz: Rebuilt.
-a/kernel-generic-3.18.11-x86_64-1.txz: Upgraded.
-a/kernel-huge-3.18.11-x86_64-1.txz: Upgraded.
- Config changes for the huge kernel:
- HW_RANDOM_VIRTIO m -> y
- SCSI_VIRTIO m -> y
- VIRTIO m -> y
- VIRTIO_BALLOON m -> y
- VIRTIO_BLK m -> y
- VIRTIO_CONSOLE m -> y
- VIRTIO_MMIO m -> y
- VIRTIO_NET m -> y
- VIRTIO_PCI m -> y
-a/kernel-modules-3.18.11-x86_64-1.txz: Upgraded.
-a/kmod-20-x86_64-1.txz: Upgraded.
-a/less-458-x86_64-1.txz: Upgraded.
-a/logrotate-3.8.9-x86_64-1.txz: Upgraded.
-a/lvm2-2.02.118-x86_64-1.txz: Upgraded.
-a/mdadm-3.3.2-x86_64-1.txz: Upgraded.
-a/mkinitrd-1.4.8-x86_64-3.txz: Rebuilt.
- Patched to fix a minor bug passing kernel options with -m.
- Thanks to hutyerah.
-a/ntfs-3g-2015.3.14-x86_64-1.txz: Upgraded.
-a/openssl-solibs-1.0.1m-x86_64-1.txz: Upgraded.
- Dropped the old .so.0 libraries.
-a/reiserfsprogs-3.6.24-x86_64-1.txz: Upgraded.
-a/smartmontools-6.3-x86_64-1.txz: Upgraded.
-a/sysvinit-scripts-2.0-noarch-20.txz: Rebuilt.
- Initialize the system clock frequency and tick in rc.S, and various other
- clock handling improvements. Thanks to Xsane.
- Filter errors from .gvfs when unmounting local filesystems.
- Look for SDDM in rc.4.
-a/udisks2-2.1.5-x86_64-1.txz: Upgraded.
-a/upower-0.9.23-x86_64-1.txz: Upgraded.
-a/usb_modeswitch-2.2.1-x86_64-1.txz: Upgraded.
-a/xfsprogs-3.2.2-x86_64-1.txz: Upgraded.
-a/xz-5.2.1-x86_64-1.tgz: Upgraded.
-ap/alsa-utils-1.0.29-x86_64-1.txz: Upgraded.
-ap/bc-1.06.95-x86_64-3.txz: Rebuilt.
-ap/cdrtools-3.01a24-x86_64-1.txz: Upgraded.
-ap/cups-2.0.2-x86_64-1.txz: Upgraded.
-ap/cups-filters-1.0.68-x86_64-1.txz: Added.
-ap/dmidecode-2.12-x86_64-1.txz: Upgraded.
-ap/flac-1.3.1-x86_64-1.txz: Upgraded.
-ap/foomatic-filters-4.0.17-x86_64-1.txz: Upgraded.
-ap/ghostscript-9.16-x86_64-1.txz: Upgraded.
-ap/gphoto2-2.5.6-x86_64-1.txz: Upgraded.
-ap/gutenprint-5.2.10-x86_64-1.txz: Upgraded.
-ap/hplip-3.15.2-x86_64-1.txz: Upgraded.
-ap/htop-1.0.3-x86_64-1.txz: Upgraded.
-ap/itstool-2.0.2-x86_64-1.txz: Upgraded.
-ap/lsscsi-0.28-x86_64-1.txz: Upgraded.
-ap/lzip-1.16-x86_64-1.txz: Upgraded.
-ap/man-pages-3.82-noarch-1.txz: Upgraded.
-ap/mariadb-10.0.17-x86_64-1.txz: Upgraded.
-ap/nano-2.4.1-x86_64-1.txz: Upgraded.
-ap/qpdf-5.1.2-x86_64-1.txz: Added.
-ap/radeontool-1.6.3-x86_64-1.txz: Upgraded.
-ap/sox-14.4.2-x86_64-1.txz: Upgraded.
-ap/sqlite-3.8.8.3-x86_64-1.txz: Upgraded.
-ap/tmux-1.9a-x86_64-1.txz: Upgraded.
-ap/usbmuxd-1.0.9-x86_64-1.txz: Added.
-ap/vim-7.4.692-x86_64-1.txz: Upgraded.
-ap/xfsdump-3.1.4-x86_64-1.txz: Upgraded.
-ap/zsh-5.0.7-x86_64-1.txz: Upgraded.
-d/bison-3.0.4-x86_64-1.txz: Upgraded.
-d/clisp-2.49-x86_64-3.txz: Rebuilt.
-d/cmake-3.1.3-x86_64-1.txz: Upgraded.
-d/doxygen-1.8.9.1-x86_64-1.txz: Upgraded.
-d/flex-2.5.39-x86_64-1.txz: Upgraded.
-d/gcc-4.9.2-x86_64-1.txz: Upgraded.
-d/gcc-g++-4.9.2-x86_64-1.txz: Upgraded.
-d/gcc-gfortran-4.9.2-x86_64-1.txz: Upgraded.
-d/gcc-gnat-4.9.2-x86_64-1.txz: Upgraded.
-d/gcc-go-4.9.2-x86_64-1.txz: Upgraded.
-d/gcc-java-4.9.2-x86_64-1.txz: Upgraded.
-d/gcc-objc-4.9.2-x86_64-1.txz: Upgraded.
-d/gettext-tools-0.19.4-x86_64-1.txz: Upgraded.
-d/git-2.3.5-x86_64-1.txz: Upgraded.
-d/help2man-1.46.5-x86_64-1.txz: Upgraded.
-d/kernel-headers-3.18.11-x86-1.txz: Upgraded.
-d/libtool-2.4.6-x86_64-1.txz: Upgraded.
-d/llvm-3.6.0-x86_64-1.txz: Upgraded.
+x/libdrm-2.4.75-x86_64-1.txz: Upgraded.
+x/libinput-1.6.0-x86_64-1.txz: Upgraded.
+x/mesa-13.0.4-x86_64-1.txz: Upgraded.
+x/xf86-video-vmware-13.2.1-x86_64-2.txz: Rebuilt.
+ Recompiled against llvm-3.9.1.
+xap/MPlayer-1.3_20170208-x86_64-1.txz: Upgraded.
+ Upgraded to 1.3 branch, compiled against system ffmpeg-3.2.3.
Thanks to Heinz Wiesinger.
-d/pkg-config-0.28-x86_64-1.txz: Upgraded.
-d/python-2.7.9-x86_64-1.txz: Upgraded.
-d/python-setuptools-14.3-x86_64-1.txz: Added.
-d/rcs-5.9.4-x86_64-1.txz: Upgraded.
-d/ruby-1.9.3_p551-x86_64-1.txz: Upgraded.
-d/strace-4.10-x86_64-1.txz: Upgraded.
-d/swig-2.0.12-x86_64-1.txz: Upgraded.
-d/yasm-1.3.0-x86_64-1.txz: Upgraded.
-e/emacs-24.5-x86_64-1.txz: Upgraded.
-k/kernel-source-3.18.11-noarch-1.txz: Upgraded.
-kde/amarok-2.8.0-x86_64-2.txz: Rebuilt.
-kde/amor-4.14.3-x86_64-1.txz: Added.
-kde/analitza-4.14.3-x86_64-1.txz: Upgraded.
-kde/ark-4.14.3-x86_64-1.txz: Upgraded.
-kde/artikulate-4.14.3-x86_64-1.txz: Added.
-kde/audiocd-kio-4.14.3-x86_64-1.txz: Upgraded.
-kde/baloo-4.14.3-x86_64-1.txz: Added.
-kde/baloo-widgets-4.14.3-x86_64-1.txz: Added.
-kde/blinken-4.14.3-x86_64-1.txz: Upgraded.
-kde/bluedevil-2.1.1-x86_64-1.txz: Upgraded.
-kde/bomber-4.14.3-x86_64-1.txz: Upgraded.
-kde/bovo-4.14.3-x86_64-1.txz: Upgraded.
-kde/calligra-2.9.2-x86_64-1.txz: Upgraded.
-kde/cantor-4.14.3-x86_64-1.txz: Upgraded.
-kde/cervisia-4.14.3-x86_64-1.txz: Added.
-kde/dolphin-plugins-4.14.3-x86_64-1.txz: Added.
-kde/dragon-4.14.3-x86_64-1.txz: Upgraded.
-kde/filelight-4.14.3-x86_64-1.txz: Upgraded.
-kde/granatier-4.14.3-x86_64-1.txz: Upgraded.
-kde/gwenview-4.14.3-x86_64-1.txz: Upgraded.
-kde/juk-4.14.3-x86_64-1.txz: Upgraded.
-kde/k3b-2.0.3-x86_64-1.txz: Upgraded.
-kde/kaccessible-4.14.3-x86_64-1.txz: Upgraded.
-kde/kactivities-4.13.3-x86_64-1.txz: Upgraded.
-kde/kajongg-4.14.3-x86_64-1.txz: Added.
-kde/kalgebra-4.14.3-x86_64-1.txz: Upgraded.
-kde/kalzium-4.14.3-x86_64-1.txz: Upgraded.
-kde/kamera-4.14.3-x86_64-1.txz: Upgraded.
-kde/kanagram-4.14.3-x86_64-1.txz: Upgraded.
-kde/kapman-4.14.3-x86_64-1.txz: Upgraded.
-kde/kapptemplate-4.14.3-x86_64-1.txz: Added.
-kde/kate-4.14.3-x86_64-1.txz: Upgraded.
-kde/katomic-4.14.3-x86_64-1.txz: Upgraded.
-kde/kblackbox-4.14.3-x86_64-1.txz: Upgraded.
-kde/kblocks-4.14.3-x86_64-1.txz: Upgraded.
-kde/kbounce-4.14.3-x86_64-1.txz: Upgraded.
-kde/kbreakout-4.14.3-x86_64-1.txz: Upgraded.
-kde/kbruch-4.14.3-x86_64-1.txz: Upgraded.
-kde/kcachegrind-4.14.3-x86_64-1.txz: Added.
-kde/kcalc-4.14.3-x86_64-1.txz: Upgraded.
-kde/kcharselect-4.14.3-x86_64-1.txz: Upgraded.
-kde/kcolorchooser-4.14.3-x86_64-1.txz: Upgraded.
-kde/kcron-4.14.3-x86_64-1.txz: Added.
-kde/kde-base-artwork-4.14.3-x86_64-1.txz: Upgraded.
-kde/kde-baseapps-4.14.3-x86_64-1.txz: Upgraded.
-kde/kde-dev-scripts-4.14.3-x86_64-1.txz: Added.
-kde/kde-dev-utils-4.14.3-x86_64-1.txz: Added.
-kde/kde-runtime-4.14.3-x86_64-1.txz: Upgraded.
-kde/kde-wallpapers-4.14.3-noarch-1.txz: Upgraded.
-kde/kde-workspace-4.11.17-x86_64-1.txz: Upgraded.
-kde/kdeadmin-4.10.5-x86_64-1.txz: Removed.
-kde/kdeartwork-4.14.3-x86_64-1.txz: Upgraded.
-kde/kdeconnect-kde-0.8-x86_64-1.txz: Added.
-kde/kdegraphics-mobipocket-4.14.3-x86_64-1.txz: Upgraded.
-kde/kdegraphics-strigi-analyzer-4.14.3-x86_64-1.txz: Upgraded.
-kde/kdegraphics-thumbnailers-4.14.3-x86_64-1.txz: Upgraded.
-kde/kdelibs-4.14.6-x86_64-1.txz: Upgraded.
-kde/kdenetwork-4.10.5-x86_64-1.txz: Removed.
-kde/kdenetwork-filesharing-4.14.3-x86_64-1.txz: Added.
-kde/kdenetwork-strigi-analyzers-4.14.3-x86_64-1.txz: Added.
-kde/kdepim-4.14.6-x86_64-1.txz: Upgraded.
-kde/kdepim-runtime-4.14.6-x86_64-1.txz: Upgraded.
-kde/kdepimlibs-4.14.6-x86_64-1.txz: Upgraded.
-kde/kdeplasma-addons-4.14.3-x86_64-1.txz: Upgraded.
-kde/kdesdk-4.10.5-x86_64-1.txz: Removed.
-kde/kdesdk-kioslaves-4.14.3-x86_64-1.txz: Added.
-kde/kdesdk-strigi-analyzers-4.14.3-x86_64-1.txz: Added.
-kde/kdesdk-thumbnailers-4.14.3-x86_64-1.txz: Added.
-kde/kdetoys-4.10.5-x86_64-1.txz: Removed.
-kde/kdev-python-1.7.1-x86_64-1.txz: Added.
-kde/kdevelop-4.7.1-x86_64-1.txz: Upgraded.
-kde/kdevelop-php-1.7.1-x86_64-1.txz: Upgraded.
-kde/kdevelop-php-docs-1.7.1-x86_64-1.txz: Upgraded.
-kde/kdevplatform-1.7.1-x86_64-1.txz: Upgraded.
-kde/kdewebdev-4.14.3-x86_64-1.txz: Upgraded.
-kde/kdf-4.14.3-x86_64-1.txz: Upgraded.
-kde/kdiamond-4.14.3-x86_64-1.txz: Upgraded.
-kde/kfilemetadata-4.14.3-x86_64-1.txz: Added.
-kde/kfloppy-4.14.3-x86_64-1.txz: Upgraded.
-kde/kfourinline-4.14.3-x86_64-1.txz: Upgraded.
-kde/kgamma-4.14.3-x86_64-1.txz: Upgraded.
-kde/kgeography-4.14.3-x86_64-1.txz: Upgraded.
-kde/kget-4.14.3-x86_64-1.txz: Added.
-kde/kgoldrunner-4.14.3-x86_64-1.txz: Upgraded.
-kde/kgpg-4.14.3-x86_64-1.txz: Upgraded.
-kde/khangman-4.14.3-x86_64-1.txz: Upgraded.
-kde/kig-4.14.3-x86_64-1.txz: Upgraded.
-kde/kigo-4.14.3-x86_64-1.txz: Upgraded.
-kde/killbots-4.14.3-x86_64-1.txz: Upgraded.
-kde/kio-mtp-2063e75_20131020git-x86_64-1.txz: Upgraded.
-kde/kiriki-4.14.3-x86_64-1.txz: Upgraded.
-kde/kiten-4.14.3-x86_64-1.txz: Upgraded.
-kde/kjumpingcube-4.14.3-x86_64-1.txz: Upgraded.
-kde/klettres-4.14.3-x86_64-1.txz: Upgraded.
-kde/klickety-4.14.3-x86_64-1.txz: Upgraded.
-kde/klines-4.14.3-x86_64-1.txz: Upgraded.
-kde/kmag-4.14.3-x86_64-1.txz: Upgraded.
-kde/kmahjongg-4.14.3-x86_64-1.txz: Upgraded.
-kde/kmines-4.14.3-x86_64-1.txz: Upgraded.
-kde/kmix-4.14.3-x86_64-1.txz: Upgraded.
-kde/kmousetool-4.14.3-x86_64-1.txz: Upgraded.
-kde/kmouth-4.14.3-x86_64-1.txz: Upgraded.
-kde/kmplot-4.14.3-x86_64-1.txz: Upgraded.
-kde/knavalbattle-4.14.3-x86_64-1.txz: Upgraded.
-kde/knetwalk-4.14.3-x86_64-1.txz: Upgraded.
-kde/kolf-4.14.3-x86_64-1.txz: Upgraded.
-kde/kollision-4.14.3-x86_64-1.txz: Upgraded.
-kde/kolourpaint-4.14.3-x86_64-1.txz: Upgraded.
-kde/kompare-4.14.3-x86_64-1.txz: Added.
-kde/konquest-4.14.3-x86_64-1.txz: Upgraded.
-kde/konsole-4.14.3-x86_64-1.txz: Upgraded.
-kde/kopete-4.14.3-x86_64-1.txz: Added.
-kde/korundum-4.14.3-x86_64-1.txz: Upgraded.
-kde/kpat-4.14.3-x86_64-1.txz: Upgraded.
-kde/kppp-4.14.3-x86_64-1.txz: Added.
-kde/kqtquickcharts-4.14.3-x86_64-1.txz: Added.
-kde/krdc-4.14.3-x86_64-1.txz: Added.
-kde/kremotecontrol-4.14.3-x86_64-1.txz: Upgraded.
-kde/kreversi-4.14.3-x86_64-1.txz: Upgraded.
-kde/krfb-4.14.3-x86_64-1.txz: Added.
-kde/kross-interpreters-4.14.3-x86_64-1.txz: Upgraded.
-kde/kruler-4.14.3-x86_64-1.txz: Upgraded.
-kde/ksaneplugin-4.14.3-x86_64-1.txz: Upgraded.
-kde/kscreen-1.0.2.1-x86_64-1.txz: Upgraded.
-kde/kshisen-4.14.3-x86_64-1.txz: Upgraded.
-kde/ksirk-4.14.3-x86_64-1.txz: Upgraded.
-kde/ksnakeduel-4.14.3-x86_64-1.txz: Upgraded.
-kde/ksnapshot-4.14.3-x86_64-1.txz: Upgraded.
-kde/kspaceduel-4.14.3-x86_64-1.txz: Upgraded.
-kde/ksquares-4.14.3-x86_64-1.txz: Upgraded.
-kde/kstars-4.14.3-x86_64-1.txz: Upgraded.
-kde/ksudoku-4.14.3-x86_64-1.txz: Upgraded.
-kde/ksystemlog-4.14.3-x86_64-1.txz: Added.
-kde/kteatime-4.14.3-x86_64-1.txz: Added.
-kde/ktimer-4.14.3-x86_64-1.txz: Upgraded.
-kde/ktouch-4.14.3-x86_64-1.txz: Upgraded.
-kde/ktuberling-4.14.3-x86_64-1.txz: Upgraded.
-kde/kturtle-4.14.3-x86_64-1.txz: Upgraded.
-kde/ktux-4.14.3-x86_64-1.txz: Added.
-kde/kubrick-4.14.3-x86_64-1.txz: Upgraded.
-kde/kuser-4.14.3-x86_64-1.txz: Added.
-kde/kwallet-4.10.5-x86_64-1.txz: Removed.
-kde/kwalletmanager-4.14.3-x86_64-1.txz: Added.
-kde/kwebkitpart-1.3.4-x86_64-1.txz: Upgraded.
-kde/kwordquiz-4.14.3-x86_64-1.txz: Upgraded.
-kde/libkcddb-4.14.3-x86_64-1.txz: Upgraded.
-kde/libkcompactdisc-4.14.3-x86_64-1.txz: Upgraded.
-kde/libkdcraw-4.14.3-x86_64-1.txz: Upgraded.
-kde/libkdeedu-4.14.3-x86_64-1.txz: Upgraded.
-kde/libkdegames-4.14.3-x86_64-1.txz: Upgraded.
-kde/libkexiv2-4.14.3-x86_64-1.txz: Upgraded.
-kde/libkipi-4.14.3-x86_64-1.txz: Upgraded.
-kde/libkmahjongg-4.14.3-x86_64-1.txz: Upgraded.
-kde/libkomparediff2-4.14.3-x86_64-1.txz: Added.
-kde/libksane-4.14.3-x86_64-1.txz: Upgraded.
-kde/libkscreen-1.0.5-x86_64-1.txz: Upgraded.
-kde/libktorrent-1.3.1-x86_64-2.txz: Rebuilt.
-kde/libmm-qt-1.0.1-x86_64-1.txz: Added.
-kde/libnm-qt-0.9.8.3-x86_64-1.txz: Added.
-kde/lokalize-4.14.3-x86_64-1.txz: Added.
-kde/lskat-4.14.3-x86_64-1.txz: Upgraded.
-kde/marble-4.14.3-x86_64-1.txz: Upgraded.
-kde/mplayerthumbs-4.14.3-x86_64-1.txz: Upgraded.
-kde/nepomuk-core-4.14.3-x86_64-1.txz: Upgraded.
-kde/nepomuk-widgets-4.14.3-x86_64-1.txz: Upgraded.
-kde/networkmanagement-0.9.0.9-x86_64-1.txz: Removed.
-kde/okteta-4.14.3-x86_64-1.txz: Added.
-kde/okular-4.14.3-x86_64-1.txz: Upgraded.
-kde/oxygen-gtk2-1.4.6-x86_64-1.txz: Upgraded.
-kde/oxygen-gtk3-1.4.1-x86_64-1.txz: Upgraded.
-kde/oxygen-icons-4.14.3-x86_64-1.txz: Upgraded.
-kde/pairs-4.14.3-x86_64-1.txz: Upgraded.
-kde/palapeli-4.14.3-x86_64-1.txz: Upgraded.
-kde/parley-4.14.3-x86_64-1.txz: Upgraded.
-kde/partitionmanager-1.1.1-x86_64-1.txz: Added.
-kde/perlkde-4.14.3-x86_64-1.txz: Upgraded.
-kde/perlqt-4.14.3-x86_64-1.txz: Upgraded.
-kde/picmi-4.14.3-x86_64-1.txz: Upgraded.
-kde/plasma-nm-0.9.3.5-x86_64-1.txz: Added.
-kde/poxml-4.14.3-x86_64-1.txz: Added.
-kde/print-manager-4.14.3-x86_64-1.txz: Upgraded.
-kde/pykde4-4.14.3-x86_64-1.txz: Upgraded.
-kde/qtruby-4.14.3-x86_64-1.txz: Upgraded.
-kde/rocs-4.14.3-x86_64-1.txz: Upgraded.
-kde/skanlite-1.1-x86_64-1.txz: Upgraded.
-kde/smokegen-4.14.3-x86_64-1.txz: Upgraded.
-kde/smokekde-4.14.3-x86_64-1.txz: Upgraded.
-kde/smokeqt-4.14.3-x86_64-1.txz: Upgraded.
-kde/step-4.14.3-x86_64-1.txz: Upgraded.
-kde/superkaramba-4.14.3-x86_64-1.txz: Upgraded.
-kde/svgpart-4.14.3-x86_64-1.txz: Upgraded.
-kde/sweeper-4.14.3-x86_64-1.txz: Upgraded.
-kde/umbrello-4.14.3-x86_64-1.txz: Added.
-kde/zeroconf-ioslave-4.14.3-x86_64-1.txz: Added.
-kdei/calligra-l10n-bs-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ca-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ca@valencia-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-cs-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-da-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-de-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-el-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-en_GB-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-es-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-et-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-eu-2.8.5-noarch-1.txz: Removed.
-kdei/calligra-l10n-fi-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-fr-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-gl-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-hu-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-it-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ja-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-kk-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-nb-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-nds-2.8.5-noarch-1.txz: Removed.
-kdei/calligra-l10n-nl-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pl-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pt-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pt_BR-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ru-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-sk-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-sv-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-tr-2.9.2-noarch-1.txz: Added.
-kdei/calligra-l10n-uk-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-zh_CN-2.9.2-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-zh_TW-2.9.2-noarch-1.txz: Upgraded.
-kdei/kde-l10n-ar-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-bg-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-bs-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-ca-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-ca@valencia-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-cs-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-da-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-de-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-el-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-en_GB-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-es-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-et-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-eu-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-fa-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-fi-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-fr-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-ga-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-gl-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-he-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-hi-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-hr-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-hu-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-ia-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-id-4.14.3-noarch-1.txz: Added.
-kdei/kde-l10n-is-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-it-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-ja-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-kk-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-km-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-ko-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-lt-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-lv-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-mr-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-nb-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-nds-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-nl-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-nn-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-pa-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-pl-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-pt-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-pt_BR-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-ro-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-ru-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-si-4.10.5-noarch-1.txz: Removed.
-kdei/kde-l10n-sk-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-sl-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-sr-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-sv-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-tg-4.10.5-noarch-1.txz: Removed.
-kdei/kde-l10n-th-4.10.5-noarch-1.txz: Removed.
-kdei/kde-l10n-tr-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-ug-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-uk-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-vi-4.10.5-noarch-1.txz: Removed.
-kdei/kde-l10n-wa-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-zh_CN-4.14.3-noarch-1.txz: Upgraded.
-kdei/kde-l10n-zh_TW-4.14.3-noarch-1.txz: Upgraded.
-l/LibRaw-0.16.0-x86_64-1.txz: Added.
-l/a52dec-0.7.4-x86_64-1.txz: Added.
-l/adwaita-icon-theme-3.14.1-noarch-1.txz: Added.
-l/akonadi-1.13.0-x86_64-1.txz: Upgraded.
-l/alsa-lib-1.0.29-x86_64-1.txz: Upgraded.
-l/alsa-oss-1.0.28-x86_64-1.txz: Upgraded.
-l/at-spi2-atk-2.14.1-x86_64-1.txz: Upgraded.
-l/at-spi2-core-2.14.1-x86_64-1.txz: Upgraded.
-l/atk-2.14.0-x86_64-1.txz: Upgraded.
-l/attica-0.4.2-x86_64-1.txz: Upgraded.
-l/boost-1.58.0-x86_64-1.txz: Upgraded.
-l/cairo-1.14.2-x86_64-1.txz: Upgraded.
-l/dbus-glib-0.104-x86_64-1.txz: Upgraded.
-l/dconf-0.22.0-x86_64-1.txz: Upgraded.
-l/desktop-file-utils-0.22-x86_64-1.txz: Upgraded.
-l/djvulibre-3.5.25.3-x86_64-2.txz: Rebuilt.
-l/eigen3-3.2.4-x86_64-1.txz: Added.
-l/exiv2-0.24-x86_64-1.txz: Upgraded.
-l/fftw-3.3.4-x86_64-1.txz: Upgraded.
-l/freetype-2.5.5-x86_64-2.txz: Rebuilt.
-l/fuse-2.9.3-x86_64-1.txz: Upgraded.
-l/gc-7.4.2-x86_64-1.txz: Upgraded.
-l/gcr-3.14.0-x86_64-1.txz: Upgraded.
-l/gd-2.1.1-x86_64-1.txz: Upgraded.
-l/gdk-pixbuf2-2.30.8-x86_64-1.txz: Upgraded.
-l/gegl-0.2.0-x86_64-3.txz: Rebuilt.
-l/giflib-5.1.1-x86_64-1.txz: Upgraded.
-l/glade3-3.8.5-x86_64-1.txz: Upgraded.
-l/glib-networking-2.42.1-x86_64-1.txz: Upgraded.
-l/glib2-2.42.2-x86_64-1.txz: Upgraded.
-l/glibc-2.21-x86_64-2.txz: Rebuilt.
-l/glibc-i18n-2.21-x86_64-2.txz: Rebuilt.
-l/glibc-profile-2.21-x86_64-2.txz: Rebuilt.
-l/gmime-2.6.20-x86_64-1.txz: Upgraded.
-l/gnome-icon-theme-3.8.3-x86_64-1.txz: Removed.
- This has been replaced by the adwaita-icon-theme package.
-l/gnome-keyring-3.14.0-x86_64-1.txz: Upgraded.
-l/gnome-themes-standard-3.14.2.3-x86_64-1.txz: Upgraded.
-l/gobject-introspection-1.42.0-x86_64-1.txz: Upgraded.
-l/grantlee-0.5.1-x86_64-1.txz: Upgraded.
-l/gsettings-desktop-schemas-3.14.1-x86_64-1.txz: Upgraded.
-l/gst-plugins-base-1.4.4-x86_64-1.txz: Upgraded.
-l/gst-plugins-base0-0.10.36-x86_64-1.txz: Added.
-l/gst-plugins-good-1.4.4-x86_64-1.txz: Upgraded.
-l/gst-plugins-good0-0.10.31-x86_64-1.txz: Added.
-l/gstreamer-1.4.4-x86_64-1.txz: Upgraded.
-l/gstreamer0-0.10.36-x86_64-1.txz: Added.
-l/gtk+2-2.24.27-x86_64-1.txz: Upgraded.
-l/gtk+3-3.14.12-x86_64-1.txz: Upgraded.
-l/gtkspell-2.0.16-x86_64-2.txz: Rebuilt.
-l/gvfs-1.22.4-x86_64-1.txz: Upgraded.
-l/harfbuzz-0.9.40-x86_64-1.txz: Upgraded.
-l/hicolor-icon-theme-0.13-noarch-1.txz: Upgraded.
-l/hunspell-1.3.3-x86_64-1.txz: Upgraded.
-l/icu4c-54.1-x86_64-1.txz: Upgraded.
-l/ilmbase-2.2.0-x86_64-1.txz: Upgraded.
-l/imlib-1.9.15-x86_64-7.txz: Removed.
-l/iso-codes-3.57-noarch-1.txz: Upgraded.
-l/jasper-1.900.1-x86_64-4.txz: Rebuilt.
-l/jemalloc-3.6.0-x86_64-1.txz: Added.
-l/judy-1.0.5-x86_64-1.txz: Added.
-l/lcms-1.19-x86_64-3.txz: Rebuilt.
-l/lcms2-2.7-x86_64-1.txz: Upgraded.
-l/libao-1.2.0-x86_64-1.txz: Upgraded.
-l/libbluedevil-2.1-x86_64-1.txz: Upgraded.
-l/libcanberra-0.29-x86_64-2.txz: Rebuilt.
-l/libcddb-1.3.2-x86_64-3.txz: Rebuilt.
-l/libcdio-0.93-x86_64-1.txz: Upgraded.
-l/libcdio-paranoia-10.2+0.93+1-x86_64-1.txz: Added.
-l/libdiscid-0.6.1-x86_64-1.txz: Upgraded.
-l/libdvdnav-5.0.3-x86_64-1.txz: Added.
-l/libdvdread-5.0.3-x86_64-1.txz: Upgraded.
-l/libelf-0.8.13-x86_64-5.txz: Rebuilt.
-l/libfakekey-0.1-x86_64-1.txz: Added.
-l/libffi-3.2.1-x86_64-1.txz: Upgraded.
-l/libglade-2.6.4-x86_64-5.txz: Rebuilt.
-l/libgnome-keyring-3.12.0-x86_64-1.txz: Upgraded.
-l/libgphoto2-2.5.7-x86_64-1.txz: Upgraded.
-l/libgpod-0.8.3-x86_64-1.txz: Upgraded.
-l/libgsf-1.14.33-x86_64-1.txz: Upgraded.
-l/libimobiledevice-1.2.0-x86_64-1.txz: Added.
-l/libiodbc-3.52.10-x86_64-1.txz: Upgraded.
-l/libjpeg-turbo-1.4.0-x86_64-1.txz: Added.
-l/libjpeg-v8a-x86_64-2.txz: Removed.
-l/liblastfm-1.0.9-x86_64-1.txz: Upgraded.
-l/libmng-2.0.2-x86_64-1.txz: Upgraded.
-l/libmtp-1.1.8-x86_64-1.txz: Upgraded.
-l/libnl3-3.2.25-x86_64-1.txz: Upgraded.
-l/libnotify-0.7.6-x86_64-1.txz: Upgraded.
-l/libodfgen-0.1.3-x86_64-1.txz: Added.
-l/libogg-1.3.2-x86_64-1.txz: Upgraded.
-l/libplist-1.12-x86_64-1.txz: Upgraded.
-l/libpng-1.6.16-x86_64-1.txz: Upgraded.
-l/libraw1394-2.1.0-x86_64-1.txz: Upgraded.
-l/librevenge-0.0.2-x86_64-1.txz: Added.
-l/librsvg-2.40.9-x86_64-1.txz: Upgraded.
-l/libsecret-0.18-x86_64-1.txz: Upgraded.
-l/libsigsegv-2.10-x86_64-1.txz: Added.
-l/libsoup-2.48.1-x86_64-1.txz: Upgraded.
-l/libssh-0.6.4-x86_64-1.txz: Upgraded.
- This update fixes some security issues.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0017
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8132
- (* Security fix *)
-l/libtasn1-4.3-x86_64-1.txz: Upgraded.
-l/libtiff-4.0.3-x86_64-1.txz: Upgraded.
-l/libusbmuxd-1.0.10-x86_64-1.txz: Added.
-l/libvncserver-0.9.10-x86_64-1.txz: Upgraded.
-l/libvorbis-1.3.5-x86_64-1.txz: Upgraded.
-l/libvpx-1.3.0-x86_64-1.txz: Added.
-l/libwmf-0.2.8.4-x86_64-6.txz: Rebuilt.
-l/libwmf-docs-0.2.8.4-noarch-6.txz: Rebuilt.
-l/libwnck-2.31.0-x86_64-1.txz: Upgraded.
-l/libwpd-0.10.0-x86_64-1.txz: Upgraded.
-l/libxklavier-5.4-x86_64-1.txz: Upgraded.
-l/libxml2-2.9.2-x86_64-1.txz: Upgraded.
-l/libxslt-1.1.28-x86_64-2.txz: Rebuilt.
-l/lzo-2.08-x86_64-1.txz: Upgraded.
-l/netpbm-10.66.02-x86_64-1.txz: Upgraded.
-l/newt-0.52.18-x86_64-1.txz: Added.
-l/openexr-2.2.0-x86_64-1.txz: Upgraded.
-l/openjpeg-2.1.0-x86_64-1.txz: Added.
-l/orc-0.4.22-x86_64-1.txz: Added.
-l/pango-1.36.8-x86_64-1.txz: Upgraded.
-l/pcre-8.36-x86_64-1.txz: Upgraded.
-l/phonon-4.8.3-x86_64-1.txz: Upgraded.
-l/phonon-gstreamer-4.8.2-x86_64-1.txz: Upgraded.
-l/phonon-mplayer-1b1fd1f_20110823git-x86_64-1.txz: Removed.
-l/phonon-xine-4.4.4-x86_64-1.txz: Removed.
-l/pil-1.1.7-x86_64-4.txz: Removed.
-l/pilot-link-0.12.5-x86_64-8.txz: Rebuilt.
-l/polkit-gnome-0.102-x86_64-2.txz: Rebuilt.
-l/poppler-0.32.0-x86_64-1.txz: Upgraded.
-l/poppler-data-0.4.7-noarch-1.txz: Upgraded.
-l/pycairo-1.10.0-x86_64-1.txz: Upgraded.
-l/pycups-1.9.70-x86_64-1.txz: Upgraded.
-l/python-pillow-2.7.0-x86_64-1.txz: Added.
-l/qt-4.8.6-x86_64-2.txz: Rebuilt.
- Fixed issues with BMP, ICO, and GIF handling that could lead to a denial
- of service or the execution of arbitrary code when processing malformed
- images.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0295
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1858
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1859
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1860
- (* Security fix *)
-l/qt-gstreamer-1.2.0-x86_64-1.txz: Added.
-l/raptor2-2.0.15-x86_64-1.txz: Upgraded.
-l/sdl-1.2.15-x86_64-2.txz: Rebuilt.
-l/seamonkey-solibs-2.33.1-x86_64-1.txz: Upgraded.
-l/shared-desktop-ontologies-0.11.0-x86_64-1.txz: Upgraded.
-l/shared-mime-info-1.3-x86_64-1.txz: Upgraded.
-l/slang-2.3.0-x86_64-1.txz: Upgraded.
-l/soprano-2.9.4-x86_64-1.txz: Upgraded.
-l/strigi-0.7.8-x86_64-1.txz: Upgraded.
-l/svgalib-1.9.25-x86_64-3.txz: Rebuilt.
-l/v4l-utils-1.6.2-x86_64-1.txz: Upgraded.
-l/virtuoso-ose-6.1.8-x86_64-1.txz: Upgraded.
-l/vte-0.28.2-x86_64-3.txz: Rebuilt.
-l/wavpack-4.70.0-x86_64-1.txz: Upgraded.
-l/xapian-core-1.2.17-x86_64-1.txz: Added.
-n/ModemManager-1.4.4-x86_64-1.txz: Upgraded.
-n/NetworkManager-1.0.0-x86_64-1.txz: Upgraded.
-n/bind-9.10.2-x86_64-1.txz: Upgraded.
- Fix some denial-of-service and other security issues.
- For more information, see:
- https://kb.isc.org/article/AA-01166/
- https://kb.isc.org/article/AA-01161/
- https://kb.isc.org/article/AA-01167/
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1349
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8680
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3214
- (* Security fix *)
-n/bluez-4.101-x86_64-1.txz: Upgraded.
-n/bluez-hcidump-2.5-x86_64-1.txz: Upgraded.
-n/crda-3.18-x86_64-1.txz: Upgraded.
-n/curl-7.41.0-x86_64-1.txz: Upgraded.
-n/dhcp-4.3.2-x86_64-1.txz: Upgraded.
-n/dhcpcd-6.8.1-x86_64-1.txz: Upgraded.
-n/dirmngr-1.1.1-x86_64-2.txz: Rebuilt.
-n/dnsmasq-2.72-x86_64-1.txz: Upgraded.
-n/fetchmail-6.3.26-x86_64-1.txz: Upgraded.
-n/getmail-4.47.0-x86_64-1.txz: Upgraded.
-n/gnupg-1.4.19-x86_64-1.txz: Upgraded.
- * Use ciphertext blinding for Elgamal decryption [CVE-2014-3591].
- See http://www.cs.tau.ac.il/~tromer/radioexp/ for details.
- * Fixed data-dependent timing variations in modular exponentiation
- [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
- are Practical].
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3591
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0837
- (* Security fix *)
-n/gnupg2-2.0.27-x86_64-1.txz: Upgraded.
-n/gpa-0.9.7-x86_64-1.txz: Upgraded.
-n/gpgme-1.5.3-x86_64-1.txz: Upgraded.
-n/httpd-2.4.12-x86_64-1.txz: Upgraded.
- This update fixes the following security issues:
- * CVE-2014-3583 mod_proxy_fcgi: Fix a potential crash due to buffer
- over-read, with response headers' size above 8K.
- * CVE-2014-3581 mod_cache: Avoid a crash when Content-Type has an
- empty value. PR 56924.
- * CVE-2014-8109 mod_lua: Fix handling of the Require line when a
- LuaAuthzProvider is used in multiple Require directives with
- different arguments. PR57204.
- * CVE-2013-5704 core: HTTP trailers could be used to replace HTTP
- headers late during request processing, potentially undoing or
- otherwise confusing modules that examined or modified request
- headers earlier. Adds "MergeTrailers" directive to restore legacy
- behavior.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3583
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3581
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8109
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704
- (* Security fix *)
-n/iproute2-3.18.0-x86_64-1.txz: Upgraded.
-n/iptables-1.4.21-x86_64-1.txz: Upgraded.
-n/irssi-0.8.17-x86_64-1.txz: Upgraded.
-n/lftp-4.6.1-x86_64-1.txz: Upgraded.
-n/libassuan-2.2.0-x86_64-1.txz: Upgraded.
-n/libgcrypt-1.6.3-x86_64-1.txz: Upgraded.
- * Use ciphertext blinding for Elgamal decryption [CVE-2014-3591].
- See http://www.cs.tau.ac.il/~tromer/radioexp/ for details.
- * Fixed data-dependent timing variations in modular exponentiation
- [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
- are Practical].
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3591
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0837
- (* Security fix *)
-n/libgpg-error-1.18-x86_64-1.txz: Upgraded.
-n/libksba-1.3.2-x86_64-1.txz: Upgraded.
-n/libmbim-1.12.2-x86_64-1.txz: Upgraded.
-n/libndp-1.4-x86_64-1.txz: Added.
-n/libnftnl-1.0.3-x86_64-1.txz: Upgraded.
-n/libqmi-1.12.6-x86_64-1.txz: Upgraded.
-n/links-2.9-x86_64-1.txz: Upgraded.
-n/mutt-1.5.23-x86_64-2.txz: Rebuilt.
- Patched a vulnerability where malformed headers can cause mutt to crash.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9116
- (* Security fix *)
-n/net-snmp-5.7.3-x86_64-1.txz: Upgraded.
-n/netatalk-2.2.3-x86_64-5.txz: Rebuilt.
-n/netkit-ftp-0.17-x86_64-2.txz: Rebuilt.
-n/nfs-utils-1.3.1-x86_64-1.txz: Upgraded.
-n/nftables-0.4-x86_64-1.txz: Upgraded.
-n/ntp-4.2.8p2-x86_64-1.txz: Upgraded.
- In addition to bug fixes and enhancements, this release fixes the
- following medium-severity vulnerabilities involving private key
- authentication:
- * ntpd accepts unauthenticated packets with symmetric key crypto.
- * Authentication doesn't protect symmetric associations against DoS attacks.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1798
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1799
- (* Security fix *)
-n/obex-data-server-0.4.6-x86_64-3.txz: Rebuilt.
-n/openssl-1.0.1m-x86_64-1.txz: Upgraded.
- Fixes several bugs and security issues:
- o Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286)
- o ASN.1 structure reuse memory corruption fix (CVE-2015-0287)
- o PKCS7 NULL pointer dereferences fix (CVE-2015-0289)
- o DoS via reachable assert in SSLv2 servers fix (CVE-2015-0293)
- o Use After Free following d2i_ECPrivatekey error fix (CVE-2015-0209)
- o X509_to_X509_REQ NULL pointer deref fix (CVE-2015-0288)
- o Removed the export ciphers from the DEFAULT ciphers
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288
- (* Security fix *)
-n/p11-kit-0.23.1-x86_64-1.txz: Upgraded.
-n/php-5.6.8-x86_64-1.txz: Upgraded.
- This update fixes some security issues.
- Please note that this package build also moves the configuration files
- from /etc/httpd to /etc, /etc/php.d, and /etc/php-fpm.d.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1351
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1352
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2305
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2331
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3330
- (* Security fix *)
-n/pinentry-0.9.1-x86_64-1.txz: Upgraded.
-n/popa3d-1.0.3-x86_64-1.txz: Upgraded.
-n/ppp-2.4.7-x86_64-1.txz: Upgraded.
- Fixed a potential security issue in parsing option files.
- Fixed remotely triggerable PID overflow that causes pppd to crash.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3158
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3310
- (* Security fix *)
-n/proftpd-1.3.5-x86_64-1.txz: Upgraded.
- Patched an issue where mod_copy allowed unauthenticated copying
- of files via SITE CPFR/CPTO.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3306
- (* Security fix *)
-n/samba-4.2.1-x86_64-1.txz: Upgraded.
-n/slrn-1.0.2-x86_64-1.txz: Upgraded.
-n/tftp-hpa-5.2-x86_64-2.txz: Rebuilt.
-n/tin-2.2.1-x86_64-2.txz: Rebuilt.
-n/wget-1.16.3-x86_64-1.txz: Upgraded.
-n/whois-5.2.7-x86_64-1.txz: Upgraded.
-n/wpa_supplicant-2.4-x86_64-1.txz: Upgraded.
-t/tetex-3.0-x86_64-10.txz: Rebuilt.
-t/tetex-doc-3.0-x86_64-10.txz: Rebuilt.
-t/transfig-3.2.5e-x86_64-3.txz: Rebuilt.
-t/xfig-3.2.5c-x86_64-3.txz: Rebuilt.
-x/bdftopcf-1.0.5-x86_64-1.txz: Upgraded.
-x/bitmap-1.0.8-x86_64-1.txz: Upgraded.
-x/compiz-0.8.8-x86_64-2.txz: Rebuilt.
-x/font-util-1.3.1-x86_64-1.txz: Upgraded.
-x/fontconfig-2.11.1-x86_64-2.txz: Rebuilt.
-x/fontsproto-2.1.3-noarch-1.txz: Upgraded.
-x/fslsfonts-1.0.5-x86_64-1.txz: Upgraded.
-x/fstobdf-1.0.6-x86_64-1.txz: Upgraded.
-x/iceauth-1.0.7-x86_64-1.txz: Upgraded.
-x/libX11-1.6.3-x86_64-1.txz: Upgraded.
-x/libXaw3dXft-1.6.2d-x86_64-1.txz: Added.
-x/libXdmcp-1.1.2-x86_64-1.txz: Upgraded.
-x/libXfont-1.5.1-x86_64-1.txz: Upgraded.
-x/libXft-2.3.2-x86_64-2.txz: Rebuilt.
-x/libXp-1.0.3-x86_64-1.txz: Upgraded.
-x/libXvMC-1.0.9-x86_64-1.txz: Upgraded.
-x/libXxf86vm-1.1.4-x86_64-1.txz: Upgraded.
-x/libevdev-1.4.1-x86_64-1.txz: Upgraded.
-x/libpciaccess-0.13.3-x86_64-1.txz: Upgraded.
-x/libva-1.5.1-x86_64-1.txz: Added.
-x/libva-intel-driver-1.5.1-x86_64-1.txz: Added.
-x/libvdpau-1.1-x86_64-1.txz: Upgraded.
-x/libxshmfence-1.2-x86_64-1.txz: Upgraded.
-x/mesa-10.5.3-x86_64-1.txz: Upgraded.
- Thanks to Robby Workman and Heinz Wiesinger.
-x/mkfontscale-1.1.2-x86_64-1.txz: Upgraded.
-x/motif-2.3.4-x86_64-2.txz: Rebuilt.
-x/randrproto-1.4.1-noarch-1.txz: Upgraded.
-x/rgb-1.0.6-x86_64-1.txz: Upgraded.
-x/scim-1.4.15-x86_64-1.txz: Upgraded.
-x/sessreg-1.1.0-x86_64-1.txz: Upgraded.
-x/showfont-1.0.5-x86_64-1.txz: Upgraded.
-x/xcalc-1.0.6-x86_64-1.txz: Upgraded.
-x/xcb-util-0.4.0-x86_64-1.txz: Upgraded.
-x/xcb-util-cursor-0.1.2-x86_64-1.txz: Upgraded.
-x/xcb-util-image-0.4.0-x86_64-1.txz: Upgraded.
-x/xcb-util-keysyms-0.4.0-x86_64-1.txz: Upgraded.
-x/xcursorgen-1.0.6-x86_64-2.txz: Rebuilt.
-x/xdg-utils-1.1.0_rc3-noarch-1.txz: Upgraded.
-x/xdm-1.1.11-x86_64-5.txz: Rebuilt.
-x/xedit-1.2.2-x86_64-1.txz: Upgraded.
-x/xf86-input-acecad-1.5.0-x86_64-7.txz: Rebuilt.
-x/xf86-input-aiptek-1.4.1-x86_64-7.txz: Rebuilt.
-x/xf86-input-evdev-2.9.2-x86_64-1.txz: Upgraded.
-x/xf86-input-joystick-1.6.1-x86_64-7.txz: Rebuilt.
-x/xf86-input-keyboard-1.8.0-x86_64-2.txz: Rebuilt.
-x/xf86-input-mouse-1.9.1-x86_64-2.txz: Rebuilt.
-x/xf86-input-penmount-1.5.0-x86_64-7.txz: Rebuilt.
-x/xf86-input-synaptics-1.8.2-x86_64-1.txz: Upgraded.
-x/xf86-input-vmmouse-13.0.0-x86_64-6.txz: Rebuilt.
-x/xf86-input-void-1.4.0-x86_64-7.txz: Rebuilt.
-x/xf86-input-wacom-0.19.0-x86_64-6.txz: Rebuilt.
-x/xf86-video-apm-1.2.5-x86_64-6.txz: Rebuilt.
-x/xf86-video-ark-0.7.5-x86_64-6.txz: Rebuilt.
-x/xf86-video-ast-1.0.1-x86_64-2.txz: Rebuilt.
-x/xf86-video-ati-7.5.0-x86_64-1.txz: Upgraded.
-x/xf86-video-chips-1.2.5-x86_64-6.txz: Rebuilt.
-x/xf86-video-cirrus-1.5.2-x86_64-6.txz: Rebuilt.
-x/xf86-video-dummy-0.3.7-x86_64-3.txz: Rebuilt.
-x/xf86-video-glint-1.2.8-x86_64-6.txz: Rebuilt.
-x/xf86-video-i128-1.3.6-x86_64-6.txz: Rebuilt.
-x/xf86-video-i740-1.3.5-x86_64-1.txz: Upgraded.
-x/xf86-video-intel-2.99.917-x86_64-1.txz: Upgraded.
-x/xf86-video-mach64-6.9.4-x86_64-6.txz: Rebuilt.
-x/xf86-video-mga-1.6.4-x86_64-1.txz: Upgraded.
-x/xf86-video-modesetting-0.9.0-x86_64-2.txz: Rebuilt.
-x/xf86-video-neomagic-1.2.8-x86_64-4.txz: Rebuilt.
-x/xf86-video-nouveau-1.0.11-x86_64-1.txz: Upgraded.
-x/xf86-video-nv-2.1.20-x86_64-7.txz: Rebuilt.
-x/xf86-video-openchrome-0.3.3-x86_64-4.txz: Rebuilt.
-x/xf86-video-r128-6.9.2-x86_64-3.txz: Rebuilt.
-x/xf86-video-rendition-4.2.5-x86_64-6.txz: Rebuilt.
-x/xf86-video-s3-0.6.5-x86_64-6.txz: Rebuilt.
-x/xf86-video-s3virge-1.10.6-x86_64-7.txz: Rebuilt.
-x/xf86-video-savage-2.3.7-x86_64-3.txz: Rebuilt.
-x/xf86-video-siliconmotion-1.7.7-x86_64-7.txz: Rebuilt.
-x/xf86-video-sis-0.10.7-x86_64-7.txz: Rebuilt.
-x/xf86-video-sisusb-0.9.6-x86_64-6.txz: Rebuilt.
-x/xf86-video-tdfx-1.4.6-x86_64-1.txz: Upgraded.
-x/xf86-video-tga-1.2.2-x86_64-6.txz: Rebuilt.
-x/xf86-video-trident-1.3.7-x86_64-1.txz: Upgraded.
-x/xf86-video-tseng-1.2.5-x86_64-6.txz: Rebuilt.
-x/xf86-video-v4l-0.2.0-x86_64-11.txz: Rebuilt.
-x/xf86-video-vesa-2.3.3-x86_64-3.txz: Rebuilt.
-x/xf86-video-vmware-13.1.0-x86_64-1.txz: Upgraded.
-x/xf86-video-voodoo-1.2.5-x86_64-7.txz: Rebuilt.
-x/xf86-video-xgi-git_5a3e0de677b7-x86_64-1.txz: Upgraded.
-x/xf86-video-xgixp-1.8.1-x86_64-6.txz: Rebuilt.
-x/xfsinfo-1.0.5-x86_64-1.txz: Upgraded.
-x/xinit-1.3.4-x86_64-1.txz: Upgraded.
-x/xkbcomp-1.3.0-x86_64-1.txz: Upgraded.
-x/xman-1.1.4-x86_64-1.txz: Upgraded.
-x/xorg-server-1.16.4-x86_64-1.txz: Upgraded.
-x/xorg-server-xephyr-1.16.4-x86_64-1.txz: Upgraded.
-x/xorg-server-xnest-1.16.4-x86_64-1.txz: Upgraded.
-x/xorg-server-xvfb-1.16.4-x86_64-1.txz: Upgraded.
-x/xproto-7.0.27-noarch-1.txz: Upgraded.
-x/xterm-318-x86_64-1.txz: Upgraded.
-x/xtrans-1.3.5-noarch-1.txz: Upgraded.
-xap/MPlayer-20150403-x86_64-1.txz: Upgraded.
- Upgraded to MPlayer from trunk built against ffmpeg-2.6.1.
-xap/audacious-3.6.1-x86_64-1.txz: Upgraded.
-xap/audacious-plugins-3.6.1-x86_64-1.txz: Upgraded.
-xap/blueman-r708-x86_64-4.txz: Rebuilt.
-xap/electricsheep-20090306-x86_64-4.txz: Rebuilt.
-xap/fvwm-2.6.5-x86_64-7.txz: Rebuilt.
-xap/geeqie-20150329git-x86_64-1.txz: Upgraded.
-xap/gftp-2.0.19-x86_64-4.txz: Rebuilt.
-xap/gimp-2.8.14-x86_64-2.txz: Rebuilt.
-xap/gnuchess-6.2.1-x86_64-1.txz: Upgraded.
- Upgraded to gnuchess-6.2.1 and xboard-4.8.0.
-xap/gnuplot-4.6.6-x86_64-1.txz: Upgraded.
-xap/gucharmap-3.12.1-x86_64-1.txz: Upgraded.
-xap/imagemagick-6.9.0_10-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-37.0.2-x86_64-1.txz: Upgraded.
+xap/mozilla-thunderbird-45.7.1-x86_64-1.txz: Upgraded.
+ Fixed crash when viewing certain IMAP messages (introduced in 45.7.0)
+xap/network-manager-applet-1.4.4-x86_64-1.txz: Upgraded.
+xap/xine-lib-1.2.6-x86_64-10.txz: Rebuilt.
+ Recompiled against system ffmpeg-3.2.3.
++--------------------------+
+Thu Jan 26 21:33:41 UTC 2017
+xap/mozilla-firefox-51.0.1-x86_64-1.txz: Upgraded.
+ Fixed geolocation problems with Firefox 51.0.
+xap/mozilla-thunderbird-45.7.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
- (* Security fix *)
-xap/mozilla-thunderbird-31.6.0-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
- (* Security fix *)
-xap/network-manager-applet-1.0.0-x86_64-1.txz: Upgraded.
-xap/rdesktop-1.8.3-x86_64-1.txz: Upgraded.
-xap/sane-1.0.24-x86_64-2.txz: Rebuilt.
-xap/seamonkey-2.33.1-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
- (* Security fix *)
-xap/vim-gvim-7.4.692-x86_64-1.txz: Upgraded.
-xap/windowmaker-0.95.6-x86_64-1.txz: Upgraded.
-xap/xaos-3.6-x86_64-1.txz: Upgraded.
-xap/xchat-2.8.8-x86_64-10.txz: Rebuilt.
-xap/xfractint-20.04p13-x86_64-1.txz: Upgraded.
-xap/xine-lib-1.2.6-x86_64-1.txz: Upgraded.
-xap/xine-ui-0.99.9-x86_64-1.txz: Upgraded.
-xap/xlockmore-5.46-x86_64-1.txz: Upgraded.
-xap/xpaint-2.9.10.3-x86_64-1.txz: Upgraded.
-xap/xsane-0.999-x86_64-1.txz: Upgraded.
-xap/xscreensaver-5.32-x86_64-1.txz: Upgraded.
-xap/xv-3.10a-x86_64-7.txz: Rebuilt.
-xfce/Thunar-1.6.7-x86_64-1.txz: Upgraded.
-xfce/exo-0.10.4-x86_64-1.txz: Upgraded.
-xfce/garcon-0.4.0-x86_64-1.txz: Upgraded.
-xfce/gtk-xfce-engine-2.10.1-x86_64-1.txz: Upgraded.
-xfce/libxfce4ui-4.12.1-x86_64-1.txz: Upgraded.
-xfce/libxfce4util-4.12.1-x86_64-1.txz: Upgraded.
-xfce/libxfcegui4-4.10.0-x86_64-2.txz: Removed.
-xfce/orage-4.12.1-x86_64-1.txz: Upgraded.
-xfce/thunar-volman-0.8.1-x86_64-1.txz: Upgraded.
-xfce/tumbler-0.1.31-x86_64-1.txz: Upgraded.
-xfce/xfce4-appfinder-4.12.0-x86_64-1.txz: Upgraded.
-xfce/xfce4-clipman-plugin-1.2.3-x86_64-3.txz: Rebuilt.
-xfce/xfce4-dev-tools-4.12.0-x86_64-1.txz: Upgraded.
-xfce/xfce4-mixer-4.10.0-x86_64-1.txz: Upgraded.
-xfce/xfce4-notifyd-0.2.4-x86_64-2.txz: Rebuilt.
-xfce/xfce4-panel-4.12.0-x86_64-1.txz: Upgraded.
-xfce/xfce4-power-manager-1.4.4-x86_64-1.txz: Upgraded.
-xfce/xfce4-screenshooter-1.8.2-x86_64-1.txz: Upgraded.
-xfce/xfce4-session-4.12.1-x86_64-1.txz: Upgraded.
-xfce/xfce4-settings-4.12.0-x86_64-1.txz: Upgraded.
-xfce/xfce4-systemload-plugin-1.1.2-x86_64-1.txz: Upgraded.
-xfce/xfce4-taskmanager-1.1.0-x86_64-1.txz: Upgraded.
-xfce/xfce4-terminal-0.6.3-x86_64-1.txz: Upgraded.
-xfce/xfce4-volumed-0.1.13-x86_64-2.txz: Rebuilt.
-xfce/xfce4-weather-plugin-0.8.5-x86_64-1.txz: Upgraded.
-xfce/xfconf-4.12.0-x86_64-1.txz: Upgraded.
-xfce/xfdesktop-4.12.1-x86_64-1.txz: Upgraded.
-xfce/xfwm4-4.12.2-x86_64-1.txz: Upgraded.
-xfce/xfwm4-themes-4.10.0-x86_64-1.txz: Removed.
-isolinux/initrd.img: Rebuilt.
-kernels/*: Upgraded.
-testing/source/config-testing-4.0/*: Added.
-usb-and-pxe-installers/usbboot.img: Rebuilt.
-usb-and-pxe-installers/usbimg2disk.sh: Patched to fix sfdisk bug.
- Thanks to Tim Thomas.
-+--------------------------+
-Thu Mar 5 21:56:15 UTC 2015
-a/util-linux-2.26-x86_64-2.txz: Rebuilt.
- Removed dangling tunelp symlink. Thanks to Jesu Feran.
-n/samba-4.2.0-x86_64-1.txz: Upgraded.
- This package fixes security issues since the last update:
- BUG 11077: CVE-2015-0240: talloc free on uninitialized stack pointer
- in netlogon server could lead to security vulnerability.
- BUG 11077: CVE-2015-0240: s3-netlogon: Make sure we do not deference
- a NULL pointer.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0240
- (* Security fix *)
-n/wget-1.16.2-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-36.0.1-x86_64-1.txz: Upgraded.
-extra/google-chrome/google-chrome.SlackBuild: Patched.
- Fixed google-chrome repackaging script due to the change from lzma to xz.
- Thanks to Jennifer Doering.
-+--------------------------+
-Thu Feb 26 01:06:11 UTC 2015
-ap/vim-7.4.640-x86_64-1.txz: Upgraded.
-d/gdb-7.9-x86_64-1.txz: Upgraded.
-n/nmap-6.47-x86_64-1.txz: Upgraded.
-x/glew-1.10.0-x86_64-2.txz: Rebuilt.
- Added libGLEWmx to the package. Thanks to Klaatu and Larry Hajali.
-xap/fluxbox-1.3.7-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-36.0-x86_64-1.txz: Upgraded.
+ https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
+ (* Security fix *)
++--------------------------+
+Mon Jan 23 21:30:13 UTC 2017
+d/gdb-7.12.1-x86_64-1.txz: Upgraded.
+xap/fvwm-2.6.7-x86_64-3.txz: Rebuilt.
+ Fixed the broken symlinks in a better way. Thanks to GazL for the patch.
+xap/mozilla-firefox-51.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
- (* Security fix *)
-xap/mozilla-thunderbird-31.5.0-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
- (* Security fix *)
-xap/vim-gvim-7.4.640-x86_64-1.txz: Upgraded.
-xap/xchat-2.8.8-x86_64-9.txz: Rebuilt.
- Don't force the use of SSLv3, since many sites are dropping support for it.
- Thanks to Schism.
-+--------------------------+
-Sat Feb 21 00:00:27 UTC 2015
-a/lilo-24.1-x86_64-1.txz: Upgraded.
- Filter fdisk output to fix detecting Linux partitions.
-a/sysvinit-scripts-2.0-noarch-19.txz: Rebuilt.
- Removed -w from grep in rc.S to detect rtc ioports correctly.
- Thanks to Xsane.
-a/util-linux-2.26-x86_64-1.txz: Upgraded.
-isolinux/initrd.img: Rebuilt.
- Patched to fix issues with EFI and GPT since switching to the new fdisk.
- Thanks to Ryan P.C. McQuen and Jonathan Li for the helpful hints.
-usb-and-pxe-installers/usbboot.img: Rebuilt.
- Patched to fix issues with EFI and GPT since switching to the new fdisk.
- Thanks to Ryan P.C. McQuen and Jonathan Li for the helpful hints.
-+--------------------------+
-Mon Feb 16 19:33:36 UTC 2015
-a/aaa_elflibs-14.1-x86_64-4.txz: Rebuilt.
-a/btrfs-progs-20150213-x86_64-1.txz: Upgraded.
-a/coreutils-8.23-x86_64-1.txz: Upgraded.
-a/e2fsprogs-1.42.12-x86_64-1.txz: Upgraded.
-a/glibc-solibs-2.21-x86_64-1.txz: Upgraded.
-a/glibc-zoneinfo-2015a-noarch-1.txz: Upgraded.
-a/kernel-firmware-20150212git-noarch-1.txz: Upgraded.
-a/kernel-generic-3.14.33-x86_64-1.txz: Upgraded.
-a/kernel-huge-3.14.33-x86_64-1.txz: Upgraded.
-a/kernel-modules-3.14.33-x86_64-1.txz: Upgraded.
-a/patch-2.7.4-x86_64-1.txz: Upgraded.
- Patch no longer follows symbolic links to input and output files. This
- ensures that symbolic links created by git-style patches cannot cause
- patch to write outside the working directory.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1196
- (* Security fix *)
-a/sharutils-4.15-x86_64-1.txz: Upgraded.
-a/sysvinit-scripts-2.0-noarch-18.txz: Rebuilt.
- Patched the init scripts to produce nicer output from the new versions
- of mount/umount. Run the GTK+/FDo registry rebuilds in the background
- to speed up boot time. Optimize the search for icon cache files by only
- looking in the directories they might be in, rather than all directories
- under /usr/share/icons.
-a/util-linux-2.25.2-x86_64-1.txz: Upgraded.
-ap/sudo-1.8.12-x86_64-1.txz: Upgraded.
- This update fixes a potential security issue by only passing the TZ
- environment variable it is considered safe. This prevents exploiting bugs
- in glibc's TZ parser that could be used to read files that the user does
- not have access to, or to cause a denial of service.
- For more information, see:
- http://www.sudo.ws/sudo/alerts/tz.html
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9680
- (* Security fix *)
-d/guile-2.0.11-x86_64-2.txz: Rebuilt.
- Recompiled against readline-6.3.
-d/kernel-headers-3.14.33-x86-1.txz: Upgraded.
-k/kernel-source-3.14.33-noarch-1.txz: Upgraded.
-l/glibc-2.21-x86_64-1.txz: Upgraded.
-l/glibc-i18n-2.21-x86_64-1.txz: Upgraded.
-l/glibc-profile-2.21-x86_64-1.txz: Upgraded.
-l/parted-3.2-x86_64-1.txz: Upgraded.
-l/readline-6.3-x86_64-1.txz: Upgraded.
-l/seamonkey-solibs-2.32.1-x86_64-1.txz: Upgraded.
-n/ntp-4.2.8p1-x86_64-1.txz: Upgraded.
- Changed rc.ntpd to no longer save the system time to the hardware clock.
- This had been done in an effort to stop a time skew that may well have
- been caused by other issues with hwclock and the kernel. If removing
- this code causes any issues to return, let me know. Thanks to Xsane.
-xap/seamonkey-2.32.1-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
+ https://www.mozilla.org/security/known-vulnerabilities/firefox.html
+ (* Security fix *)
++--------------------------+
+Fri Jan 20 04:18:02 UTC 2017
+l/seamonkey-solibs-2.46-x86_64-3.txz: Rebuilt.
+xap/fvwm-2.6.7-x86_64-2.txz: Rebuilt.
+ Reverted an upstream patch that causes some broken symlinks to be installed.
+ Thanks to GazL.
+xap/seamonkey-2.46-x86_64-3.txz: Rebuilt.
+ Recompiled with less aggressive optimization (-Os) to fix crashes.
++--------------------------+
+Wed Jan 18 20:39:17 UTC 2017
+ap/mariadb-10.0.29-x86_64-1.txz: Upgraded.
+ This update fixes several security issues.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6664
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3238
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3243
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3244
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3257
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3258
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3265
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3291
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3312
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3317
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3318
+ (* Security fix *)
++--------------------------+
+Wed Jan 18 02:33:18 UTC 2017
+a/cryptsetup-1.7.3-x86_64-2.txz: Rebuilt.
+ Recompiled with --enable-cryptsetup-reencrypt option.
+ Thanks to Jakub Jankowski for the suggestion.
+ap/screen-4.5.0-x86_64-1.txz: Upgraded.
+l/libtasn1-4.10-x86_64-1.txz: Upgraded.
+l/seamonkey-solibs-2.46-x86_64-2.txz: Rebuilt.
+x/libinput-1.5.4-x86_64-1.txz: Added.
+x/libwacom-0.22-x86_64-1.txz: Added.
+ This is needed for libinput.
+x/xf86-input-libinput-0.23.0-x86_64-1.txz: Added.
+ This is the new generic X.Org input driver which replaces evdev for most
+ purposes. It does not (for now) replace xf86-input-synaptics or
+ xf86-input-vmmouse. If this driver package is missing then X will fall
+ back to using xf86-input-evdev as before.
+ Thanks to Robby Workman.
+x/xorg-server-1.19.1-x86_64-2.txz: Rebuilt.
+ Rename 90-keyboard-layout.conf to 90-keyboard-layout-evdev.conf.
+x/xorg-server-xephyr-1.19.1-x86_64-2.txz: Rebuilt.
+x/xorg-server-xnest-1.19.1-x86_64-2.txz: Rebuilt.
+x/xorg-server-xvfb-1.19.1-x86_64-2.txz: Rebuilt.
+xap/seamonkey-2.46-x86_64-2.txz: Rebuilt.
+ Restored missing nspr/obsolete headers.
++--------------------------+
+Sat Jan 14 05:34:32 UTC 2017
+a/util-linux-2.29-x86_64-2.txz: Rebuilt.
+ Restored support for /etc/mtab.
+n/iw-4.9-x86_64-1.txz: Upgraded.
+x/scim-1.4.17-x86_64-1.txz: Upgraded.
+extra/tigervnc/tigervnc-1.7.0-x86_64-2.txz: Rebuilt.
+ Recompiled for xorg-server-1.19.1.
++--------------------------+
+Fri Jan 13 01:10:05 UTC 2017
+a/grub-2.02_beta3-x86_64-2.txz: Rebuilt.
+ Make the package version number more sane.
++--------------------------+
+Thu Jan 12 21:07:23 UTC 2017
+ap/cups-filters-1.13.2-x86_64-1.txz: Upgraded.
+ap/nano-2.7.4-x86_64-2.txz: Rebuilt.
+ Fixed /etc/nanorc.new. Thanks to SeB.
+kde/calligra-2.9.11-x86_64-8.txz: Rebuilt.
+l/poppler-0.50.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+xfce/tumbler-0.1.31-x86_64-9.txz: Rebuilt.
++--------------------------+
+Thu Jan 12 01:15:52 UTC 2017
+a/aaa_elflibs-14.2-x86_64-27.txz: Rebuilt.
+ Upgraded libcap.so.2.25, liblzma.so.5.2.3, and libz.so.1.2.10.
+a/bash-4.4.005-x86_64-2.txz: Rebuilt.
+a/dialog-1.3_20160828-x86_64-1.txz: Upgraded.
+a/ed-1.14.1-x86_64-1.txz: Upgraded.
+a/elvis-2.2_0-x86_64-3.txz: Rebuilt.
+a/file-5.29-x86_64-1.txz: Upgraded.
+a/gawk-4.1.4-x86_64-2.txz: Rebuilt.
+a/gettext-0.19.8.1-x86_64-2.txz: Rebuilt.
+a/getty-ps-2.1.0b-x86_64-3.txz: Rebuilt.
+a/gpm-1.20.7-x86_64-4.txz: Rebuilt.
+a/gptfdisk-1.0.1-x86_64-1.txz: Upgraded.
+a/grub-2.02~beta3-x86_64-1.txz: Upgraded.
+ Thanks to Heinz Wiesinger.
+ Thanks to ReaperX7 for the updated dejavusansmono patch.
+a/hwdata-0.291-noarch-1.txz: Upgraded.
+a/less-481-x86_64-2.txz: Rebuilt.
+a/minicom-2.7-x86_64-1.txz: Upgraded.
+a/procps-ng-3.3.12-x86_64-1.txz: Upgraded.
+a/sed-4.3-x86_64-1.txz: Upgraded.
+a/splitvt-1.6.6-x86_64-1.txz: Upgraded.
+a/tcsh-6.20.00-x86_64-1.txz: Upgraded.
+a/util-linux-2.29-x86_64-1.txz: Upgraded.
+a/xfsprogs-4.8.0-x86_64-1.txz: Upgraded.
+a/xz-5.2.3-x86_64-1.txz: Upgraded.
+ap/alsa-utils-1.1.3-x86_64-1.txz: Upgraded.
+ap/bc-1.06.95-x86_64-4.txz: Rebuilt.
+ap/bpe-2.01.00-x86_64-3.txz: Rebuilt.
+ap/ghostscript-9.20-x86_64-2.txz: Rebuilt.
+ Restored /usr/bin/ijs-config.
+ap/gphoto2-2.5.11-x86_64-1.txz: Upgraded.
+ap/gutenprint-5.2.11-x86_64-3.txz: Rebuilt.
+ap/htop-2.0.2-x86_64-1.txz: Upgraded.
+ap/ispell-3.4.00-x86_64-1.txz: Upgraded.
+ap/joe-4.3-x86_64-1.txz: Upgraded.
+ap/jove-4.16.0.73-x86_64-2.txz: Rebuilt.
+ap/mariadb-10.0.28-x86_64-2.txz: Rebuilt.
+ap/mc-4.8.18-x86_64-1.txz: Upgraded.
+ap/moc-2.5.2-x86_64-1.txz: Upgraded.
+ap/nano-2.7.4-x86_64-1.txz: Upgraded.
+ap/pamixer-1.3.1-x86_64-3.txz: Rebuilt.
+ap/powertop-2.8-x86_64-2.txz: Rebuilt.
+ap/sc-7.16-x86_64-5.txz: Rebuilt.
+ap/screen-4.4.0-x86_64-3.txz: Rebuilt.
+ap/sqlite-3.16.1-x86_64-1.txz: Upgraded.
+ap/texinfo-6.3-x86_64-2.txz: Rebuilt.
+ap/vim-8.0.0161-x86_64-1.txz: Upgraded.
+ap/xfsdump-3.1.6-x86_64-2.txz: Rebuilt.
+ap/zsh-5.3.1-x86_64-1.txz: Upgraded.
+d/clisp-2.49.20161111-x86_64-1.txz: Upgraded.
+d/cmake-3.7.1-x86_64-1.txz: Upgraded.
+d/cscope-15.8b-x86_64-2.txz: Rebuilt.
+d/flex-2.6.3-x86_64-1.txz: Upgraded.
+d/gdb-7.12-x86_64-2.txz: Rebuilt.
+d/gettext-tools-0.19.8.1-x86_64-2.txz: Rebuilt.
+d/gnu-cobol-1.1-x86_64-2.txz: Rebuilt.
+d/gperf-3.1-x86_64-1.txz: Upgraded.
+d/guile-2.0.13-x86_64-2.txz: Rebuilt.
+d/m4-1.4.18-x86_64-1.txz: Upgraded.
+d/make-4.2.1-x86_64-1.txz: Upgraded.
+d/perl-5.24.0-x86_64-1.txz: Upgraded.
+ Also upgraded to DBD-mysql-4.041 and TermReadKey-2.37.
+d/ruby-2.4.0-x86_64-1.txz: Upgraded.
+d/subversion-1.9.5-x86_64-1.txz: Upgraded.
+e/emacs-25.1-x86_64-2.txz: Rebuilt.
+kde/analitza-4.14.3-x86_64-3.txz: Rebuilt.
+kde/calligra-2.9.11-x86_64-7.txz: Rebuilt.
+kde/kdelibs-4.14.27-x86_64-1.txz: Upgraded.
+kde/kig-4.14.3-x86_64-5.txz: Rebuilt.
+kde/korundum-4.14.3-x86_64-4.txz: Rebuilt.
+kde/lokalize-4.14.3-x86_64-3.txz: Rebuilt.
+kde/perlkde-4.14.3-x86_64-3.txz: Rebuilt.
+kde/perlqt-4.14.3-x86_64-3.txz: Rebuilt.
+kde/qtruby-4.14.3-x86_64-5.txz: Rebuilt.
+l/akonadi-1.13.0-x86_64-4.txz: Rebuilt.
+l/alsa-lib-1.1.3-x86_64-1.txz: Upgraded.
+l/aspell-0.60.6.1-x86_64-2.txz: Rebuilt.
+l/boost-1.63.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/enchant-1.6.0-x86_64-2.txz: Rebuilt.
+l/hunspell-1.6.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/libcaca-0.99.beta19-x86_64-1.txz: Upgraded.
+l/libcap-2.25-x86_64-1.txz: Upgraded.
+l/libcdio-0.94-x86_64-2.txz: Rebuilt.
+l/libgphoto2-2.5.11-x86_64-1.txz: Upgraded.
+l/libnjb-2.2.7-x86_64-1.txz: Upgraded.
+l/libproxy-0.4.13-x86_64-1.txz: Upgraded.
+l/parted-3.2-x86_64-3.txz: Rebuilt.
+l/pilot-link-0.12.5-x86_64-12.txz: Rebuilt.
+l/taglib-1.11.1-x86_64-1.txz: Upgraded.
+l/virtuoso-ose-6.1.8-x86_64-4.txz: Rebuilt.
+l/vte-0.28.2-x86_64-5.txz: Rebuilt.
+l/wavpack-5.0.0-x86_64-1.txz: Upgraded.
+l/zlib-1.2.10-x86_64-1.txz: Upgraded.
+n/NetworkManager-1.2.6-x86_64-2.txz: Rebuilt.
+n/alpine-2.20-x86_64-3.txz: Rebuilt.
+n/bind-9.11.0_P2-x86_64-1.txz: Upgraded.
+ This update fixes a denial-of-service vulnerability. An error in handling
+ certain queries can cause an assertion failure when a server is using the
+ nxdomain-redirect feature to cover a zone for which it is also providing
+ authoritative service. A vulnerable server could be intentionally stopped
+ by an attacker if it was using a configuration that met the criteria for
+ the vulnerability and if the attacker could cause it to accept a query
+ that possessed the required attributes.
+ Please note: This vulnerability affects the "nxdomain-redirect" feature,
+ which is one of two methods of handling NXDOMAIN redirection, and is only
+ available in certain versions of BIND. Redirection using zones of type
+ "redirect" is not affected by this vulnerability.
+ For more information, see:
+ https://kb.isc.org/article/AA-01442
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9778
+ (* Security fix *)
+n/bluez-5.43-x86_64-1.txz: Upgraded.
+n/elm-2.5.8-x86_64-4.txz: Rebuilt.
+n/epic5-2.0.1-x86_64-1.txz: Upgraded.
+n/gnupg-1.4.21-x86_64-2.txz: Rebuilt.
+n/gnupg2-2.0.30-x86_64-2.txz: Rebuilt.
+n/gnutls-3.5.8-x86_64-1.txz: Upgraded.
+ This update fixes some bugs and security issues.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
- (* Security fix *)
-isolinux/initrd.img: Rebuilt.
-kernels/*: Upgraded.
-usb-and-pxe-installers/usbboot.img: Rebuilt.
+ https://gnutls.org/security.html#GNUTLS-SA-2017-1
+ https://gnutls.org/security.html#GNUTLS-SA-2017-2
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5334
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5335
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5336
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5337
+ (* Security fix *)
+n/iftop-1.0pre4-x86_64-1.txz: Upgraded.
+n/imapd-2.20-x86_64-3.txz: Rebuilt.
+n/iptraf-ng-1.1.4-x86_64-2.txz: Rebuilt.
+n/irssi-0.8.21-x86_64-1.txz: Upgraded.
+ Fixed security issues that may result in a denial of service.
+ For more information, see:
+ https://irssi.org/security/irssi_sa_2017_01.txt
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5193
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5194
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5195
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5196
+ (* Security fix *)
+n/lftp-4.7.5-x86_64-1.txz: Upgraded.
+n/libnftnl-1.0.7-x86_64-1.txz: Upgraded.
+n/links-2.14-x86_64-1.txz: Upgraded.
+n/lynx-2.8.8rel.2-x86_64-2.txz: Rebuilt.
+n/mcabber-1.0.4-x86_64-2.txz: Rebuilt.
+n/metamail-2.7-x86_64-6.txz: Rebuilt.
+n/mtr-0.87-x86_64-1.txz: Upgraded.
+n/mutt-1.7.2-x86_64-1.txz: Upgraded.
+n/ncftp-3.2.6-x86_64-1.txz: Upgraded.
+n/net-snmp-5.7.3-x86_64-4.txz: Rebuilt.
+n/netkit-ftp-0.17-x86_64-3.txz: Rebuilt.
+n/netkit-ntalk-0.17-x86_64-4.txz: Rebuilt.
+n/netwatch-1.3.1_2-x86_64-2.txz: Rebuilt.
+n/nftables-0.7-x86_64-1.txz: Upgraded.
+n/nn-6.7.3-x86_64-4.txz: Rebuilt.
+n/ntp-4.2.8p9-x86_64-2.txz: Rebuilt.
+n/obexftp-0.24.2-x86_64-1.txz: Upgraded.
+n/openobex-1.7.2-x86_64-1.txz: Upgraded.
+n/pinentry-1.0.0-x86_64-2.txz: Rebuilt.
+n/proftpd-1.3.5b-x86_64-2.txz: Rebuilt.
+n/snownews-1.5.12-x86_64-3.txz: Rebuilt.
+n/telnet-0.17-x86_64-3.txz: Rebuilt.
+n/tftp-hpa-5.2-x86_64-3.txz: Rebuilt.
+n/tin-2.4.1-x86_64-1.txz: Upgraded.
+n/trn-3.6-x86_64-2.txz: Removed.
+n/wpa_supplicant-2.6-x86_64-1.txz: Upgraded.
+n/ytalk-3.3.0-x86_64-3.txz: Rebuilt.
+x/xf86-video-intel-git_20170103_028c946d-x86_64-1.txz: Upgraded.
+x/xorg-server-1.19.1-x86_64-1.txz: Upgraded.
+x/xorg-server-xephyr-1.19.1-x86_64-1.txz: Upgraded.
+x/xorg-server-xnest-1.19.1-x86_64-1.txz: Upgraded.
+x/xorg-server-xvfb-1.19.1-x86_64-1.txz: Upgraded.
+x/xterm-327-x86_64-1.txz: Upgraded.
+xap/MPlayer-1.2_20160125-x86_64-4.txz: Rebuilt.
+ Upgraded to ffmpeg-2.8.10.
+xap/ddd-3.3.12-x86_64-5.txz: Rebuilt.
+xap/fvwm-2.6.7-x86_64-1.txz: Upgraded.
+xap/gftp-2.0.19-x86_64-5.txz: Rebuilt.
+xap/gnuchess-6.2.4-x86_64-2.txz: Rebuilt.
+xap/gparted-0.27.0-x86_64-1.txz: Upgraded.
+xap/hexchat-2.12.4-x86_64-1.txz: Upgraded.
+xap/imagemagick-6.9.7_3-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+xap/pidgin-2.11.0-x86_64-2.txz: Rebuilt.
+xap/vim-gvim-8.0.0161-x86_64-1.txz: Upgraded.
+xap/xine-lib-1.2.6-x86_64-9.txz: Rebuilt.
+ Upgraded to ffmpeg-2.8.10.
+xap/xine-ui-0.99.9-x86_64-2.txz: Rebuilt.
+xap/xlockmore-5.50-x86_64-1.txz: Upgraded.
+extra/brltty/brltty-5.4-x86_64-2.txz: Rebuilt.
+ Patched /lib/udev/rules.d/40-usb-brltty.rules to fix a syntax error.
+ Thanks to Willy Sudiarto Raharjo.
+--------------------------+
-Wed Jan 28 19:23:00 UTC 2015
-a/glibc-zoneinfo-2014j-noarch-1.txz: Upgraded.
- Upgraded to tzcode2014j and tzdata2014j.
-a/patch-2.7.2-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-35.0.1-x86_64-1.txz: Upgraded.
-+--------------------------+
-Wed Jan 21 03:10:01 UTC 2015
-d/gdb-7.8.2-x86_64-1.txz: Upgraded.
-n/alpine-2.20-x86_64-1.txz: Upgraded.
-n/imapd-2.20-x86_64-1.txz: Upgraded.
-n/samba-4.1.16-x86_64-1.txz: Upgraded.
- This update is a security release in order to address CVE-2014-8143
- (Elevation of privilege to Active Directory Domain Controller).
- Samba's AD DC allows the administrator to delegate creation of user or
- computer accounts to specific users or groups. However, all released
- versions of Samba's AD DC did not implement the additional required
- check on the UF_SERVER_TRUST_ACCOUNT bit in the userAccountControl
- attributes. Most Samba deployments are not of the AD Domain Controller,
- but are of the classic domain controller, the file server or print server.
- Only the Active Directory Domain Controller is affected by this issue.
- Additionally, most sites running the AD Domain Controller do not configure
- delegation for the creation of user or computer accounts, and so are not
- vulnerable to this issue, as no writes are permitted to the
- userAccountControl attribute, no matter what the value.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8143
- (* Security fix *)
-+--------------------------+
-Sat Jan 17 04:26:41 UTC 2015
-a/kernel-generic-3.14.29-x86_64-1.txz: Upgraded.
-a/kernel-huge-3.14.29-x86_64-1.txz: Upgraded.
-a/kernel-modules-3.14.29-x86_64-1.txz: Upgraded.
-d/gcc-4.8.4-x86_64-1.txz: Upgraded.
-d/gcc-g++-4.8.4-x86_64-1.txz: Upgraded.
-d/gcc-gfortran-4.8.4-x86_64-1.txz: Upgraded.
-d/gcc-gnat-4.8.4-x86_64-1.txz: Upgraded.
-d/gcc-go-4.8.4-x86_64-1.txz: Upgraded.
-d/gcc-java-4.8.4-x86_64-1.txz: Upgraded.
-d/gcc-objc-4.8.4-x86_64-1.txz: Upgraded.
-d/kernel-headers-3.14.29-x86-1.txz: Upgraded.
-d/libtool-2.4.4-x86_64-1.txz: Upgraded.
-k/kernel-source-3.14.29-noarch-1.txz: Upgraded.
-l/freetype-2.5.5-x86_64-1.txz: Upgraded.
- This release fixes a security bug that could cause freetype to crash
- or run programs upon opening a specially crafted file.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2240
- (* Security fix *)
-l/seamonkey-solibs-2.32-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-35.0-x86_64-1.txz: Upgraded.
+Fri Dec 30 19:29:13 UTC 2016
+a/aaa_elflibs-14.2-x86_64-26.txz: Rebuilt.
+a/btrfs-progs-v4.9-x86_64-1.txz: Upgraded.
+ap/hplip-3.16.11-x86_64-1.txz: Upgraded.
+ap/tmux-2.3-x86_64-1.txz: Upgraded.
+l/elfutils-0.168-x86_64-1.txz: Upgraded.
+l/libpng-1.6.27-x86_64-1.txz: Upgraded.
+ This release fixes an old NULL pointer dereference bug in png_set_text_2()
+ discovered and patched by Patrick Keshishian. The potential "NULL
+ dereference" bug has existed in libpng since version 0.71 of June 26, 1995.
+ To be vulnerable, an application has to load a text chunk into the png
+ structure, then delete all text, then add another text chunk to the same
+ png structure, which seems to be an unlikely sequence, but it has happened.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087
+ (* Security fix *)
+l/seamonkey-solibs-2.46-x86_64-1.txz: Upgraded.
+n/openvpn-2.4.0-x86_64-1.txz: Upgraded.
+x/libXpm-3.5.12-x86_64-1.txz: Upgraded.
+x/libdrm-2.4.74-x86_64-1.txz: Upgraded.
+x/mesa-13.0.2-x86_64-1.txz: Upgraded.
+x/xf86-video-dummy-0.3.8-x86_64-1.txz: Upgraded.
+x/xf86-video-intel-git_20161117_169c74fa-x86_64-1.txz: Upgraded.
+xap/mozilla-thunderbird-45.6.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
+ https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
(* Security fix *)
-xap/mozilla-thunderbird-31.4.0-x86_64-1.txz: Upgraded.
+xap/seamonkey-2.46-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
- (* Security fix *)
-xap/seamonkey-2.32-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
+ http://www.seamonkey-project.org/releases/seamonkey2.46
+ (* Security fix *)
+xfce/xfce4-panel-4.12.1-x86_64-1.txz: Upgraded.
+xfce/xfce4-settings-4.12.1-x86_64-1.txz: Upgraded.
+xfce/xfconf-4.12.1-x86_64-1.txz: Upgraded.
++--------------------------+
+Wed Dec 28 21:05:19 UTC 2016
+ap/nano-2.7.3-x86_64-1.txz: Upgraded.
+d/python-2.7.13-x86_64-1.txz: Upgraded.
+ This release fixes security issues:
+ Issue #27850: Remove 3DES from ssl module's default cipher list to counter
+ measure sweet32 attack (CVE-2016-2183).
+ Issue #27568: Prevent HTTPoxy attack (CVE-2016-1000110). Ignore the
+ HTTP_PROXY variable when REQUEST_METHOD environment is set, which indicates
+ that the script is in CGI mode.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000110
+ (* Security fix *)
+n/samba-4.5.3-x86_64-1.txz: Upgraded.
+ This release fixes security issues:
+ CVE-2016-2123 (Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer
+ Overflow Remote Code Execution Vulnerability).
+ CVE-2016-2125 (Unconditional privilege delegation to Kerberos servers
+ in trusted realms).
+ CVE-2016-2126 (Flaws in Kerberos PAC validation can trigger privilege
+ elevation).
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126
+ (* Security fix *)
++--------------------------+
+Sat Dec 24 18:14:51 UTC 2016
+a/aaa_elflibs-14.2-x86_64-25.txz: Upgraded.
+l/expat-2.2.0-x86_64-1.txz: Upgraded.
+ This update fixes bugs and security issues:
+ Multiple integer overflows in XML_GetBuffer.
+ Fix crash on malformed input.
+ Improve insufficient fix to CVE-2015-1283 / CVE-2015-2716.
+ Use more entropy for hash initialization.
+ Resolve troublesome internal call to srand.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5300
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6702
+ (* Security fix *)
+l/ncurses-6.0-x86_64-2.txz: Rebuilt.
+ Fixed install script to correctly remove "lint" from the 5.x package.
++--------------------------+
+Sat Dec 24 02:36:05 UTC 2016
+a/aaa_elflibs-14.2-x86_64-24.txz: Rebuilt.
+ Added libform.so.6.0, libformw.so.6.0, libhistory.so.7.0, libmenu.so.6.0,
+ libmenuw.so.6.0, libncurses.so.6.0, libncursesw.so.6.0, libpanel.so.6.0,
+ libpanelw.so.6.0, libreadline.so.7.0, and libtinfo.so.6.0.
+l/libtermcap-1.2.3-x86_64-7.txz: Removed.
+ Replaced by equivalent functionality in the ncurses package.
+l/ncurses-6.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+ Rebuild of linked binaries pending, but the old library versions are
+ in the aaa_elflibs package.
+l/readline-7.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+ Rebuild of linked binaries pending, but the old library versions are
+ in the aaa_elflibs package.
+n/curl-7.52.1-x86_64-1.txz: Upgraded.
+n/gpa-0.9.10-x86_64-1.txz: Upgraded.
+n/gpgme-1.7.1-x86_64-1.txz: Upgraded.
+n/httpd-2.4.25-x86_64-1.txz: Upgraded.
+ This update fixes the following security issues:
+ * CVE-2016-8740: mod_http2: Mitigate DoS memory exhaustion via endless
+ CONTINUATION frames.
+ * CVE-2016-5387: core: Mitigate [f]cgi "httpoxy" issues.
+ * CVE-2016-2161: mod_auth_digest: Prevent segfaults during client entry
+ allocation when the shared memory space is exhausted.
+ * CVE-2016-0736: mod_session_crypto: Authenticate the session data/cookie
+ with a MAC (SipHash) to prevent deciphering or tampering with a padding
+ oracle attack.
+ * CVE-2016-8743: Enforce HTTP request grammar corresponding to RFC7230 for
+ request lines and request headers, to prevent response splitting and
+ cache pollution by malicious clients or downstream proxies.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8740
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
+ (* Security fix *)
+n/lftp-4.7.4-x86_64-1.txz: Upgraded.
+n/libassuan-2.4.3-x86_64-1.txz: Upgraded.
+n/libgcrypt-1.7.5-x86_64-1.txz: Upgraded.
+n/libksba-1.3.5-x86_64-1.txz: Upgraded.
+n/nettle-3.3-x86_64-1.txz: Upgraded.
+n/nmap-7.40-x86_64-1.txz: Upgraded.
+n/openssh-7.4p1-x86_64-1.txz: Upgraded.
+ This is primarily a bugfix release, and also addresses security issues.
+ ssh-agent(1): Will now refuse to load PKCS#11 modules from paths outside
+ a trusted whitelist.
+ sshd(8): When privilege separation is disabled, forwarded Unix-domain
+ sockets would be created by sshd(8) with the privileges of 'root'.
+ sshd(8): Avoid theoretical leak of host private key material to
+ privilege-separated child processes via realloc().
+ sshd(8): The shared memory manager used by pre-authentication compression
+ support had a bounds checks that could be elided by some optimising
+ compilers to potentially allow attacks against the privileged monitor.
+ process from the sandboxed privilege-separation process.
+ sshd(8): Validate address ranges for AllowUser and DenyUsers directives at
+ configuration load time and refuse to accept invalid ones. It was
+ previously possible to specify invalid CIDR address ranges
+ (e.g. user@127.1.2.3/55) and these would always match, possibly resulting
+ in granting access where it was not intended.
+ For more information, see:
+ https://www.openssh.com/txt/release-7.4
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10009
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10010
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10011
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10012
+ (* Security fix *)
+n/pinentry-1.0.0-x86_64-1.txz: Upgraded.
+xfce/xfce4-weather-plugin-0.8.8-x86_64-1.txz: Upgraded.
+ Package upgraded to fix the API used to fetch weather data.
+ Thanks to Robby Workman.
+testing/packages/gcc-6.3.0-x86_64-1.txz: Upgraded.
+testing/packages/gcc-g++-6.3.0-x86_64-1.txz: Upgraded.
+testing/packages/gcc-gfortran-6.3.0-x86_64-1.txz: Upgraded.
+testing/packages/gcc-gnat-6.3.0-x86_64-1.txz: Upgraded.
+testing/packages/gcc-go-6.3.0-x86_64-1.txz: Upgraded.
+testing/packages/gcc-java-6.3.0-x86_64-1.txz: Upgraded.
+testing/packages/gcc-objc-6.3.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Sun Dec 18 05:20:25 UTC 2016
+a/glibc-zoneinfo-2016j-noarch-1.txz: Upgraded.
++--------------------------+
+Tue Dec 13 22:14:13 UTC 2016
+Thanks to Robby Workman for most of these updates.
+a/acpid-2.0.28-x86_64-1.txz: Upgraded.
+a/cryptsetup-1.7.3-x86_64-1.txz: Upgraded.
+a/dbus-1.10.14-x86_64-1.txz: Upgraded.
+a/lvm2-2.02.168-x86_64-1.txz: Upgraded.
+ap/alsa-utils-1.1.2-x86_64-1.txz: Upgraded.
+ap/man-pages-4.09-noarch-1.txz: Upgraded.
+d/git-2.11.0-x86_64-1.txz: Upgraded.
+l/alsa-lib-1.1.2-x86_64-1.txz: Upgraded.
+l/dbus-glib-0.108-x86_64-1.txz: Upgraded.
+n/NetworkManager-1.2.6-x86_64-1.txz: Upgraded.
+n/bluez-5.42-x86_64-1.txz: Upgraded.
+n/conntrack-tools-1.4.4-x86_64-1.txz: Upgraded.
+n/libnetfilter_acct-1.0.3-x86_64-1.txz: Upgraded.
+n/libnetfilter_conntrack-1.0.6-x86_64-1.txz: Upgraded.
+n/nfacct-1.0.2-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-50.1.0-x86_64-1.txz: Upgraded.
+ This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
- (* Security fix *)
-isolinux/initrd.img: Rebuilt.
-kernels/*: Upgraded.
-usb-and-pxe-installers/usbboot.img: Rebuilt.
-+--------------------------+
-Fri Jan 9 17:47:53 UTC 2015
-a/openssl-solibs-1.0.1k-x86_64-1.txz: Upgraded.
- (* Security fix *)
-n/openssl-1.0.1k-x86_64-1.txz: Upgraded.
- This update fixes several security issues:
- DTLS segmentation fault in dtls1_get_record (CVE-2014-3571)
- DTLS memory leak in dtls1_buffer_record (CVE-2015-0206)
- no-ssl3 configuration sets method to NULL (CVE-2014-3569)
- ECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)
- RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)
- DH client certificates accepted without verification [Server] (CVE-2015-0205)
- Certificate fingerprints can be modified (CVE-2014-8275)
- Bignum squaring may produce incorrect results (CVE-2014-3570)
- For more information, see:
- https://www.openssl.org/news/secadv_20150108.txt
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570
- (* Security fix *)
-xap/fluxbox-1.3.6-x86_64-1.txz: Upgraded.
-+--------------------------+
-Tue Dec 23 00:05:23 UTC 2014
-a/kernel-generic-3.14.27-x86_64-1.txz: Upgraded.
-a/kernel-huge-3.14.27-x86_64-1.txz: Upgraded.
-a/kernel-modules-3.14.27-x86_64-1.txz: Upgraded.
-ap/vim-7.4.560-x86_64-1.txz: Upgraded.
-d/kernel-headers-3.14.27-x86-1.txz: Upgraded.
-k/kernel-source-3.14.27-noarch-1.txz: Upgraded.
-l/libusb-1.0.19-x86_64-1.txz: Upgraded.
-l/libusb-compat-0.1.5-x86_64-1.txz: Upgraded.
-n/ntp-4.2.8-x86_64-1.txz: Upgraded.
- In addition to bug fixes and enhancements, this release fixes
- several high-severity vulnerabilities discovered by Neel Mehta
- and Stephen Roettger of the Google Security Team.
- For more information, see:
- https://www.kb.cert.org/vuls/id/852879
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296
- (* Security fix *)
-n/php-5.4.36-x86_64-1.txz: Upgraded.
- This update fixes bugs and security issues.
- #68545 (NULL pointer dereference in unserialize.c).
- #68594 (Use after free vulnerability in unserialize()). (CVE-2014-8142)
- #68283 (fileinfo: out-of-bounds read in elf note headers). (CVE-2014-3710)
+ https://www.mozilla.org/security/known-vulnerabilities/firefox.html
+ (* Security fix *)
+xap/network-manager-applet-1.2.6-x86_64-1.txz: Upgraded.
+extra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild: Updated.
+ Fixed filename and URL for new version 24. Thanks to alienBOB.
++--------------------------+
+Mon Dec 12 21:25:50 UTC 2016
+a/coreutils-8.26-x86_64-1.txz: Upgraded.
+a/grep-2.27-x86_64-1.txz: Upgraded.
+a/kernel-firmware-20161211git-noarch-1.txz: Upgraded.
+a/kernel-generic-4.4.38-x86_64-1.txz: Upgraded.
+ This kernel fixes a security issue with a race condition in
+ net/packet/af_packet.c that can be exploited to gain kernel code execution
+ from unprivileged processes.
+ Thanks to Philip Pettersson for discovering the bug and providing a patch.
+ Be sure to upgrade your initrd after upgrading the kernel packages.
+ If you use lilo to boot your machine, be sure lilo.conf points to the correct
+ kernel and initrd and run lilo as root to update the bootloader.
+ If you use elilo to boot your machine, you should run eliloconfig to copy the
+ kernel and initrd to the EFI System Partition.
+ For more information, see:
+ https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8655
+ (* Security fix *)
+a/kernel-huge-4.4.38-x86_64-1.txz: Upgraded.
+ (* Security fix *)
+a/kernel-modules-4.4.38-x86_64-1.txz: Upgraded.
+ap/nano-2.7.2-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.4.38-x86-1.txz: Upgraded.
+k/kernel-source-4.4.38-noarch-1.txz: Upgraded.
+ (* Security fix *)
+l/gsl-2.3-x86_64-1.txz: Upgraded.
+l/loudmouth-1.5.3-x86_64-1.txz: Upgraded.
+n/mcabber-1.0.4-x86_64-1.txz: Upgraded.
+ This update fixes a security issue which can lead to a malicious actor
+ MITMing a conversation, or adding themselves as an entity on a third
+ parties roster (thereby granting themselves the associated priviledges
+ such as observing when the user is online).
+ For more information, see:
+ https://gultsch.de/gajim_roster_push_and_message_interception.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9928
+ (* Security fix *)
+n/php-5.6.29-x86_64-1.txz: Upgraded.
+ This release fixes bugs and security issues.
For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142
+ https://php.net/ChangeLog-5.php#5.6.29
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9935
(* Security fix *)
-x/libdrm-2.4.58-x86_64-1.txz: Upgraded.
-x/libvdpau-0.9-x86_64-1.txz: Added.
- Thanks to Heinz Wiesinger.
-x/mesa-10.3.5-x86_64-1.txz: Upgraded.
-x/xorg-server-1.15.2-x86_64-3.txz: Rebuilt.
- This update fixes many security issues discovered by Ilja van Sprundel,
- a security researcher with IOActive.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8091
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8092
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8093
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8094
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8095
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8096
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8097
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8098
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8099
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8100
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8101
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8102
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8103
- (* Security fix *)
-x/xorg-server-xephyr-1.15.2-x86_64-3.txz: Rebuilt.
-x/xorg-server-xnest-1.15.2-x86_64-3.txz: Rebuilt.
-x/xorg-server-xvfb-1.15.2-x86_64-3.txz: Rebuilt.
-xap/MPlayer-1.1_20130819-x86_64-3.txz: Rebuilt.
- Recompiled with support for libvdpau.
-xap/vim-gvim-7.4.560-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
-testing/source/config-testing-3.18.1/*: Added.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Thu Dec 11 01:18:35 UTC 2014
-a/gptfdisk-0.8.10-x86_64-1.txz: Upgraded.
-l/seamonkey-solibs-2.31-x86_64-1.txz: Upgraded.
-n/bind-9.10.1_P1-x86_64-1.txz: Upgraded.
- This update fixes a security issue where a failure to place limits on
- delegation chaining can allow an attacker to crash BIND or cause memory
- exhaustion.
- For more information, see:
- https://kb.isc.org/article/AA-01216
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500
- (* Security fix *)
-n/openssh-6.7p1-x86_64-2.txz: Rebuilt.
- Restored support for tcpwrappers that was dropped by upstream.
- Thanks to mancha.
-n/openvpn-2.3.6-x86_64-1.txz: Upgraded.
- This update fixes a security issue that allows remote authenticated
- users to cause a denial of service (server crash) via a small control
- channel packet.
- For more information, see:
- https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8104
- (* Security fix *)
-n/wpa_supplicant-2.3-x86_64-1.txz: Upgraded.
- This update fixes a remote command-execution vulnerability caused by a
- failure to adequately sanitize user-supplied input.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686
- (* Security fix *)
-xap/pidgin-2.10.11-x86_64-1.txz: Upgraded.
- This update contains login fixes for MSN and some XMPP servers.
-xap/seamonkey-2.31-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
+Thu Dec 1 08:49:20 UTC 2016
+d/intltool-0.51.0-x86_64-3.txz: Rebuilt.
+ Added a patch to fix issues when $(builddir) != $(srcdir). This avoids
+ possible build failures when intltool is used with automake >= 1.15.
+ Thanks to Willy Sudiarto Raharjo.
+xap/mozilla-firefox-50.0.2-x86_64-1.txz: Upgraded.
+ This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
+ https://www.mozilla.org/security/known-vulnerabilities/firefox.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9078
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079
(* Security fix *)
-+--------------------------+
-Wed Dec 3 07:03:12 UTC 2014
-xap/mozilla-thunderbird-31.3.0-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
+xap/mozilla-thunderbird-45.5.1-x86_64-1.txz: Upgraded.
+ This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
+ https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079
(* Security fix *)
+--------------------------+
-Mon Dec 1 23:57:40 UTC 2014
-a/grep-2.21-x86_64-1.txz: Upgraded.
-ap/groff-1.22.3-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-34.0.5-x86_64-1.txz: Upgraded.
+Mon Nov 21 19:21:22 UTC 2016
+n/ntp-4.2.8p9-x86_64-1.txz: Upgraded.
+ In addition to bug fixes and enhancements, this release fixes the
+ following 1 high- (Windows only :-), 2 medium-, 2 medium-/low, and
+ 5 low-severity vulnerabilities, and provides 28 other non-security
+ fixes and improvements.
+ CVE-2016-9311: Trap crash
+ CVE-2016-9310: Mode 6 unauthenticated trap info disclosure and DDoS vector
+ CVE-2016-7427: Broadcast Mode Replay Prevention DoS
+ CVE-2016-7428: Broadcast Mode Poll Interval Enforcement DoS
+ CVE-2016-9312: Windows: ntpd DoS by oversized UDP packet
+ CVE-2016-7431: Regression: 010-origin: Zero Origin Timestamp Bypass
+ CVE-2016-7434: Null pointer dereference in _IO_str_init_static_internal()
+ CVE-2016-7429: Interface selection attack
+ CVE-2016-7426: Client rate limiting and server responses
+ CVE-2016-7433: Reboot sync calculation problem
+ For more information, see:
+ https://www.kb.cert.org/vuls/id/633847
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9311
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9310
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7427
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7428
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9312
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7431
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7434
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7429
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7426
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7433
+ (* Security fix *)
++--------------------------+
+Sat Nov 19 22:45:38 UTC 2016
+a/grep-2.26-x86_64-2.txz: Rebuilt.
+ Reverted a speedup patch that is causing regressions when output is directed
+ to /dev/null. Thanks to SeB.
++--------------------------+
+Sat Nov 19 03:33:33 UTC 2016
+a/bash-4.4.005-x86_64-1.txz: Upgraded.
+a/kernel-firmware-20161118git-noarch-1.txz: Upgraded.
+a/kernel-generic-4.4.32-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.4.32-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.4.32-x86_64-1.txz: Upgraded.
+ap/ghostscript-9.20-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.4.32-x86-1.txz: Upgraded.
+k/kernel-source-4.4.32-noarch-1.txz: Upgraded.
+n/nmap-7.31-x86_64-1.txz: Upgraded.
+n/samba-4.5.1-x86_64-1.txz: Upgraded.
+x/freeglut-3.0.0-x86_64-1.txz: Upgraded.
+x/libXfont2-2.0.1-x86_64-1.txz: Added.
+x/libdrm-2.4.73-x86_64-1.txz: Upgraded.
+x/libxcb-1.12-x86_64-1.txz: Upgraded.
+x/mesa-13.0.1-x86_64-1.txz: Upgraded.
+x/xcb-proto-1.12-x86_64-1.txz: Upgraded.
+x/xcb-util-cursor-0.1.3-x86_64-1.txz: Upgraded.
+x/xf86-input-acecad-1.5.0-x86_64-10.txz: Rebuilt.
+x/xf86-input-evdev-2.10.4-x86_64-1.txz: Upgraded.
+x/xf86-input-joystick-1.6.3-x86_64-1.txz: Upgraded.
+x/xf86-input-keyboard-1.9.0-x86_64-1.txz: Upgraded.
+x/xf86-input-mouse-1.9.2-x86_64-1.txz: Upgraded.
+x/xf86-input-penmount-1.5.0-x86_64-10.txz: Rebuilt.
+x/xf86-input-synaptics-1.9.0-x86_64-1.txz: Upgraded.
+x/xf86-input-vmmouse-13.1.0-x86_64-5.txz: Rebuilt.
+x/xf86-input-void-1.4.0-x86_64-10.txz: Rebuilt.
+x/xf86-input-wacom-0.33.0-x86_64-2.txz: Rebuilt.
+x/xf86-video-amdgpu-1.2.0-x86_64-1.txz: Upgraded.
+x/xf86-video-apm-1.2.5-x86_64-9.txz: Rebuilt.
+x/xf86-video-ark-0.7.5-x86_64-9.txz: Rebuilt.
+x/xf86-video-ast-1.1.5-x86_64-3.txz: Rebuilt.
+x/xf86-video-ati-7.8.0-x86_64-1.txz: Upgraded.
+x/xf86-video-chips-1.2.6-x86_64-2.txz: Removed.
+x/xf86-video-cirrus-1.5.3-x86_64-3.txz: Rebuilt.
+x/xf86-video-dummy-0.3.7-x86_64-6.txz: Rebuilt.
+x/xf86-video-glint-1.2.8-x86_64-8.txz: Removed.
+x/xf86-video-i128-1.3.6-x86_64-9.txz: Rebuilt.
+x/xf86-video-i740-1.3.5-x86_64-3.txz: Removed.
+x/xf86-video-intel-git_20161115_a1a0f76-x86_64-1.txz: Upgraded.
+x/xf86-video-mach64-6.9.5-x86_64-3.txz: Rebuilt.
+x/xf86-video-mga-1.6.4-x86_64-3.txz: Removed.
+x/xf86-video-neomagic-1.2.9-x86_64-3.txz: Rebuilt.
+x/xf86-video-nouveau-1.0.13-x86_64-1.txz: Upgraded.
+x/xf86-video-nv-2.1.20-x86_64-9.txz: Removed.
+x/xf86-video-openchrome-0.5.0-x86_64-2.txz: Rebuilt.
+x/xf86-video-r128-6.10.1-x86_64-1.txz: Removed.
+x/xf86-video-rendition-4.2.6-x86_64-2.txz: Rebuilt.
+x/xf86-video-s3-0.6.5-x86_64-9.txz: Rebuilt.
+x/xf86-video-s3virge-1.10.7-x86_64-3.txz: Rebuilt.
+x/xf86-video-savage-2.3.8-x86_64-2.txz: Removed.
+x/xf86-video-siliconmotion-1.7.8-x86_64-2.txz: Removed.
+x/xf86-video-sis-0.10.8-x86_64-2.txz: Removed.
+x/xf86-video-sisusb-0.9.6-x86_64-9.txz: Rebuilt.
+x/xf86-video-tdfx-1.4.6-x86_64-3.txz: Removed.
+x/xf86-video-tga-1.2.2-x86_64-9.txz: Rebuilt.
+x/xf86-video-trident-1.3.7-x86_64-3.txz: Removed.
+x/xf86-video-tseng-1.2.5-x86_64-9.txz: Rebuilt.
+x/xf86-video-v4l-0.2.0-x86_64-14.txz: Rebuilt.
+x/xf86-video-vesa-2.3.4-x86_64-3.txz: Rebuilt.
+x/xf86-video-vmware-13.2.1-x86_64-1.txz: Upgraded.
+x/xf86-video-voodoo-1.2.5-x86_64-10.txz: Rebuilt.
+x/xf86-video-xgi-1.6.1-x86_64-2.txz: Removed.
+x/xf86-video-xgixp-1.8.1-x86_64-8.txz: Removed.
+x/xorg-server-1.19.0-x86_64-1.txz: Upgraded.
+x/xorg-server-xephyr-1.19.0-x86_64-1.txz: Upgraded.
+x/xorg-server-xnest-1.19.0-x86_64-1.txz: Upgraded.
+x/xorg-server-xvfb-1.19.0-x86_64-1.txz: Upgraded.
+x/xproto-7.0.31-noarch-1.txz: Upgraded.
+x/xterm-326-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-50.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
-+--------------------------+
-Sun Nov 16 22:41:20 UTC 2014
-a/kernel-generic-3.14.24-x86_64-1.txz: Upgraded.
-a/kernel-huge-3.14.24-x86_64-1.txz: Upgraded.
-a/kernel-modules-3.14.24-x86_64-1.txz: Upgraded.
-d/kernel-headers-3.14.24-x86-1.txz: Upgraded.
-k/kernel-source-3.14.24-noarch-1.txz: Upgraded.
-xap/mozilla-firefox-33.1.1-x86_64-1.txz: Upgraded.
-isolinux/initrd.img: Rebuilt.
-kernels/*: Upgraded.
-testing/source/config-testing-3.17.3/*: Added.
-usb-and-pxe-installers/usbboot.img: Rebuilt.
-+--------------------------+
-Thu Nov 13 20:45:54 UTC 2014
-ap/mariadb-5.5.40-x86_64-2.txz: Rebuilt.
- Reverted change to my_config.h that breaks compiling many applications
- that link against the MariaDB libraries.
- Thanks to Willy Sudiarto Raharjo.
-xap/pidgin-2.10.10-x86_64-2.txz: Rebuilt.
- Fix Gadu-Gadu protocol when GnuTLS is not used. Thanks to mancha.
-+--------------------------+
-Tue Nov 11 04:53:57 UTC 2014
-xap/mozilla-firefox-33.1-x86_64-1.txz: Upgraded.
-+--------------------------+
-Fri Nov 7 21:02:55 UTC 2014
-a/bash-4.3.030-x86_64-1.txz: Upgraded.
- Applied all upstream patches. The previously applied patch requiring
- a specific prefix/suffix in order to parse variables for functions
- closed all of the known vulnerabilities anyway, but it's clear that
- until all the patches were applied that the "is this still vulnerable"
- questions were not going to end...
-a/btrfs-progs-20141107-x86_64-1.txz: Upgraded.
- Added the header files to the package. Thanks to Vincent Batts.
-a/kernel-firmware-20141106git-noarch-1.txz: Upgraded.
-a/kernel-generic-3.14.23-x86_64-1.txz: Upgraded.
-a/kernel-huge-3.14.23-x86_64-1.txz: Upgraded.
-a/kernel-modules-3.14.23-x86_64-1.txz: Upgraded.
-ap/mpg123-1.21.0-x86_64-1.txz: Upgraded.
-d/kernel-headers-3.14.23-x86-1.txz: Upgraded.
-k/kernel-source-3.14.23-noarch-1.txz: Upgraded.
-xfce/xfce4-weather-plugin-0.8.4-x86_64-1.txz: Upgraded.
+extra/tigervnc/tigervnc-1.7.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Tue Nov 4 00:05:23 UTC 2014
-ap/mariadb-5.5.40-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464
- (* Security fix *)
-l/seamonkey-solibs-2.30-x86_64-1.txz: Upgraded.
-n/php-5.4.34-x86_64-1.txz: Upgraded.
- This update fixes bugs and security issues.
- #68044 (Integer overflow in unserialize() (32-bits only)). (CVE-2014-3669)
- #68113 (Heap corruption in exif_thumbnail()). (CVE-2014-3670)
- #68027 (Global buffer overflow in mkgmtime() function). (CVE-2014-3668)
+Fri Nov 4 03:31:38 UTC 2016
+a/glibc-zoneinfo-2016i-noarch-1.txz: Upgraded.
+ap/nano-2.7.1-x86_64-1.txz: Upgraded.
+ap/vim-8.0.0055-x86_64-1.txz: Upgraded.
+l/libcdio-paranoia-10.2+0.93+1-x86_64-2.txz: Rebuilt.
+n/bind-9.10.4_P4-x86_64-1.txz: Upgraded.
+ This update fixes a denial-of-service vulnerability. A defect in BIND's
+ handling of responses containing a DNAME answer can cause a resolver to exit
+ after encountering an assertion failure in db.c or resolver.c. A server
+ encountering either of these error conditions will stop, resulting in denial
+ of service to clients. The risk to authoritative servers is minimal;
+ recursive servers are chiefly at risk.
+ For more information, see:
+ https://kb.isc.org/article/AA-01434
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8864
+ (* Security fix *)
+n/curl-7.51.0-x86_64-1.txz: Upgraded.
+ This release fixes security issues:
+ CVE-2016-8615: cookie injection for other servers
+ CVE-2016-8616: case insensitive password comparison
+ CVE-2016-8617: OOB write via unchecked multiplication
+ CVE-2016-8618: double-free in curl_maprintf
+ CVE-2016-8619: double-free in krb5 code
+ CVE-2016-8620: glob parser write/read out of bounds
+ CVE-2016-8621: curl_getdate read out of bounds
+ CVE-2016-8622: URL unescape heap overflow via integer truncation
+ CVE-2016-8623: Use-after-free via shared cookies
+ CVE-2016-8624: invalid URL parsing with '#'
+ CVE-2016-8625: IDNA 2003 makes curl use wrong host
+ For more information, see:
+ https://curl.haxx.se/docs/adv_20161102A.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
+ https://curl.haxx.se/docs/adv_20161102B.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
+ https://curl.haxx.se/docs/adv_20161102C.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
+ https://curl.haxx.se/docs/adv_20161102D.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
+ https://curl.haxx.se/docs/adv_20161102E.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
+ https://curl.haxx.se/docs/adv_20161102F.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
+ https://curl.haxx.se/docs/adv_20161102G.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
+ https://curl.haxx.se/docs/adv_20161102H.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
+ https://curl.haxx.se/docs/adv_20161102I.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
+ https://curl.haxx.se/docs/adv_20161102J.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
+ https://curl.haxx.se/docs/adv_20161102K.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8625
+ (* Security fix *)
+xap/gnuchess-6.2.4-x86_64-1.txz: Upgraded.
+xap/vim-gvim-8.0.0055-x86_64-1.txz: Upgraded.
++--------------------------+
+Mon Oct 31 23:38:24 UTC 2016
+a/grep-2.26-x86_64-1.txz: Upgraded.
+a/kernel-generic-4.4.29-x86_64-1.txz: Upgraded.
+ Fixes a security issue (Dirty COW).
+ (* Security fix *)
+a/kernel-huge-4.4.29-x86_64-1.txz: Upgraded.
+ Fixes a security issue (Dirty COW).
+ (* Security fix *)
+a/kernel-modules-4.4.29-x86_64-1.txz: Upgraded.
+ap/mariadb-10.0.28-x86_64-1.txz: Upgraded.
+ This update fixes several security issues.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5616
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5624
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5626
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3492
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5629
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8283
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7440
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5584
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6663
+ (* Security fix *)
+d/gdb-7.12-x86_64-1.txz: Upgraded.
+d/guile-2.0.13-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.4.29-x86-1.txz: Upgraded.
+k/kernel-source-4.4.29-noarch-1.txz: Upgraded.
+ This kernel fixes a security issue known as "Dirty COW". A race
+ condition was found in the way the Linux kernel's memory subsystem
+ handled the copy-on-write (COW) breakage of private read-only
+ memory mappings. An unprivileged local user could use this flaw to
+ gain write access to otherwise read-only memory mappings and thus
+ increase their privileges on the system.
+ For more information, see:
+ https://dirtycow.ninja/
+ https://www.kb.cert.org/vuls/id/243144
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5195
+ (* Security fix *)
+l/libcdio-0.94-x86_64-1.txz: Upgraded.
+n/nmap-7.30-x86_64-1.txz: Upgraded.
+n/php-5.6.27-x86_64-1.txz: Upgraded.
+ This release fixes bugs and security issues.
For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668
+ https://php.net/ChangeLog-5.php#5.6.27
(* Security fix *)
-xap/mozilla-firefox-33.0.2-x86_64-1.txz: Upgraded.
- This release contains security fixes and improvements.
+x/libX11-1.6.4-x86_64-1.txz: Upgraded.
+ Insufficient validation of data from the X server can cause out of boundary
+ memory read in XGetImage() or write in XListFonts().
+ Affected versions libX11 <= 1.6.3.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7942
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7943
(* Security fix *)
-xap/seamonkey-2.30-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
- (* Security fix *)
-+--------------------------+
-Wed Oct 29 18:21:12 UTC 2014
-ap/moc-2.5.0-x86_64-1.txz: Upgraded.
-n/wget-1.16-x86_64-1.txz: Upgraded.
- This update fixes a symlink vulnerability that could allow an attacker
- to write outside of the expected directory.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877
- (* Security fix *)
-+--------------------------+
-Sat Oct 25 04:30:31 UTC 2014
-xap/gimp-2.8.14-x86_64-1.txz: Upgraded.
-+--------------------------+
-Fri Oct 24 21:11:15 UTC 2014
-a/glibc-solibs-2.20-x86_64-2.txz: Rebuilt.
-d/gcc-4.8.3-x86_64-2.txz: Rebuilt.
- Patched bug pr61801, which caused some failures with glibc-2.20.
-d/gcc-g++-4.8.3-x86_64-2.txz: Rebuilt.
-d/gcc-gfortran-4.8.3-x86_64-2.txz: Rebuilt.
-d/gcc-gnat-4.8.3-x86_64-2.txz: Rebuilt.
-d/gcc-go-4.8.3-x86_64-2.txz: Rebuilt.
-d/gcc-java-4.8.3-x86_64-2.txz: Rebuilt.
-d/gcc-objc-4.8.3-x86_64-2.txz: Rebuilt.
-l/glibc-2.20-x86_64-2.txz: Rebuilt.
- Recompiled with patched gcc.
-l/glibc-i18n-2.20-x86_64-2.txz: Rebuilt.
-l/glibc-profile-2.20-x86_64-2.txz: Rebuilt.
-+--------------------------+
-Fri Oct 24 04:55:44 UTC 2014
-a/glibc-solibs-2.20-x86_64-1.txz: Upgraded.
-a/glibc-zoneinfo-2014i-noarch-1.txz: Upgraded.
- Upgraded to tzcode2014i and tzdata2014i.
-l/glibc-2.20-x86_64-1.txz: Upgraded.
- This update fixes several security issues, and adds an extra security
- hardening patch from Florian Weimer. Thanks to mancha for help with
- tracking and backporting patches.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4424
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4412
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4237
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4788
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4458
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4043
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0475
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6040
- (* Security fix *)
-l/glibc-i18n-2.20-x86_64-1.txz: Upgraded.
-l/glibc-profile-2.20-x86_64-1.txz: Upgraded.
-xap/pidgin-2.10.10-x86_64-1.txz: Upgraded.
- This update fixes several security issues:
- Insufficient SSL certificate validation (CVE-2014-3694)
- Remote crash parsing malformed MXit emoticon (CVE-2014-3695)
- Remote crash parsing malformed Groupwise message (CVE-2014-3696)
- Malicious smiley themes could alter arbitrary files (CVE-2014-3697)
- Potential information leak from XMPP (CVE-2014-3698)
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3694
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3695
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3696
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3697
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3698
- (* Security fix *)
-+--------------------------+
-Tue Oct 21 02:10:33 UTC 2014
-e/emacs-24.4-x86_64-1.txz: Upgraded.
-+--------------------------+
-Mon Oct 20 22:21:45 UTC 2014
-n/openssh-6.7p1-x86_64-1.txz: Upgraded.
- This update fixes a security issue that allows remote servers to trigger
- the skipping of SSHFP DNS RR checking by presenting an unacceptable
- HostCertificate.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653
- (* Security fix *)
-+--------------------------+
-Wed Oct 15 17:28:59 UTC 2014
-a/openssl-solibs-1.0.1j-x86_64-1.txz: Upgraded.
- (* Security fix *)
-n/openssl-1.0.1j-x86_64-1.tx: Upgraded.
- This update fixes several security issues:
- SRTP Memory Leak (CVE-2014-3513):
- A flaw in the DTLS SRTP extension parsing code allows an attacker, who
- sends a carefully crafted handshake message, to cause OpenSSL to fail
- to free up to 64k of memory causing a memory leak. This could be
- exploited in a Denial Of Service attack.
- Session Ticket Memory Leak (CVE-2014-3567):
- When an OpenSSL SSL/TLS/DTLS server receives a session ticket the
- integrity of that ticket is first verified. In the event of a session
- ticket integrity check failing, OpenSSL will fail to free memory
- causing a memory leak. By sending a large number of invalid session
- tickets an attacker could exploit this issue in a Denial Of Service
- attack.
- SSL 3.0 Fallback protection:
- OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications
- to block the ability for a MITM attacker to force a protocol
- downgrade.
- Some client applications (such as browsers) will reconnect using a
- downgraded protocol to work around interoperability bugs in older
- servers. This could be exploited by an active man-in-the-middle to
- downgrade connections to SSL 3.0 even if both sides of the connection
- support higher protocols. SSL 3.0 contains a number of weaknesses
- including POODLE (CVE-2014-3566).
- Build option no-ssl3 is incomplete (CVE-2014-3568):
- When OpenSSL is configured with "no-ssl3" as a build option, servers
- could accept and complete a SSL 3.0 handshake, and clients could be
- configured to send them.
- For more information, see:
- https://www.openssl.org/news/secadv_20141015.txt
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568
- (* Security fix *)
-+--------------------------+
-Tue Oct 14 23:45:01 UTC 2014
-xap/mozilla-firefox-33.0-x86_64-1.txz: Upgraded.
- This release contains security fixes and improvements.
+x/libXfixes-5.0.3-x86_64-1.txz: Upgraded.
+ Insufficient validation of data from the X server can cause an integer
+ overflow on 32 bit architectures.
+ Affected versions : libXfixes <= 5.0.2.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7944
(* Security fix *)
-xap/mozilla-thunderbird-31.2.0-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
+x/libXi-1.7.8-x86_64-1.txz: Upgraded.
+ Insufficient validation of data from the X server can cause out of boundary
+ memory access or endless loops (Denial of Service).
+ Affected versions libXi <= 1.7.6.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7945
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7946
(* Security fix *)
-+--------------------------+
-Sun Oct 5 00:38:31 UTC 2014
-a/elilo-3.16-x86_64-1.txz: Upgraded.
- Thanks to fsLeg for the extra bit of sed that was needed to build the
- latest version.
-+--------------------------+
-Mon Sep 29 18:41:23 UTC 2014
-a/bash-4.3.027-x86_64-1.txz: Upgraded.
- Another bash update. Here's some information included with the patch:
- "This patch changes the encoding bash uses for exported functions to avoid
- clashes with shell variables and to avoid depending only on an environment
- variable's contents to determine whether or not to interpret it as a shell
- function."
- After this update, an environment variable will not go through the parser
- unless it follows this naming structure: BASH_FUNC_*%%
- Most scripts never expected to import functions from environment variables,
- so this change (although not backwards compatible) is not likely to break
- many existing scripts. It will, however, close off access to the parser as
- an attack surface in the vast majority of cases. There's already another
- vulnerability similar to CVE-2014-6271 for which there is not yet a fix,
- but this hardening patch prevents it (and likely many more similar ones).
- Thanks to Florian Weimer and Chet Ramey.
- (* Security fix *)
-+--------------------------+
-Sun Sep 28 23:07:39 UTC 2014
-l/seamonkey-solibs-2.29.1-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-32.0.3-x86_64-1.txz: Upgraded.
- This release contains security fixes and improvements.
+x/libXrandr-1.5.1-x86_64-1.txz: Upgraded.
+ Insufficient validation of data from the X server can cause out of boundary
+ memory writes.
+ Affected versions: libXrandr <= 1.5.0.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7947
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7948
(* Security fix *)
-xap/mozilla-thunderbird-31.1.2-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
+x/libXrender-0.9.10-x86_64-1.txz: Upgraded.
+ Insufficient validation of data from the X server can cause out of boundary
+ memory writes.
+ Affected version: libXrender <= 0.9.9.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7949
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7950
(* Security fix *)
-xap/seamonkey-2.29.1-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
+x/libXtst-1.2.3-x86_64-1.txz: Upgraded.
+ Insufficient validation of data from the X server can cause out of boundary
+ memory access or endless loops (Denial of Service).
+ Affected version libXtst <= 1.2.2.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7951
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7952
(* Security fix *)
-+--------------------------+
-Fri Sep 26 22:23:32 UTC 2014
-a/bash-4.3.026-x86_64-1.txz: Upgraded.
- This is essentially a rebuild as the preliminary patch for CVE-2014-7169
- has been accepted by upstream and is now signed. This also bumps the
- patchlevel, making it easy to tell this is the fixed version.
- Possibly more changes to come, given the ongoing discussions on oss-sec.
-+--------------------------+
-Thu Sep 25 19:55:13 UTC 2014
-a/bash-4.3.025-x86_64-2.txz: Rebuilt.
- Patched an additional trailing string processing vulnerability discovered
- by Tavis Ormandy.
+x/libXv-1.0.11-x86_64-1.txz: Upgraded.
+ Insufficient validation of data from the X server can cause out of boundary
+ memory and memory corruption.
+ Affected version libXv <= 1.0.10.
For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5407
(* Security fix *)
-ap/lxc-1.0.6-x86_64-1.txz: Upgraded.
- Fixed bash completion file. Thanks to dunric.
-+--------------------------+
-Wed Sep 24 22:52:53 UTC 2014
-a/bash-4.3.025-x86_64-1.txz: Upgraded.
- This update fixes a vulnerability in bash related to how environment
- variables are processed: trailing code in function definitions was
- executed, independent of the variable name. In many common configurations
- (such as the use of CGI scripts), this vulnerability is exploitable over
- the network. Thanks to Stephane Chazelas for discovering this issue.
+x/libXvMC-1.0.10-x86_64-1.txz: Upgraded.
+ Insufficient validation of data from the X server can cause a one byte buffer
+ read underrun.
+ Affected version: libXvMC <= 1.0.9.
For more information, see:
- http://seclists.org/oss-sec/2014/q3/650
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7953
(* Security fix *)
-l/mozilla-nss-3.16.5-x86_64-1.txz: Upgraded.
- Fixed an RSA Signature Forgery vulnerability.
+xap/mozilla-firefox-49.0.2-x86_64-1.txz: Upgraded.
+ This release contains security fixes and improvements.
For more information, see:
- https://www.mozilla.org/security/announce/2014/mfsa2014-73.html
- (* Security fix *)
-+--------------------------+
-Tue Sep 9 22:48:58 UTC 2014
-a/btrfs-progs-20140909-x86_64-1.txz: Upgraded.
-n/net-snmp-5.7.2.1-x86_64-1.txz: Upgraded.
- Patched to properly report Btrfs mounts in hrFS/hrStorage tables.
- Thanks to Jakub Jankowski.
-+--------------------------+
-Tue Sep 9 18:01:05 UTC 2014
-a/kernel-firmware-20140909git-noarch-1.txz: Upgraded.
-a/kernel-generic-3.14.18-x86_64-1.txz: Upgraded.
-a/kernel-huge-3.14.18-x86_64-1.txz: Upgraded.
-a/kernel-modules-3.14.18-x86_64-1.txz: Upgraded.
-d/kernel-headers-3.14.18-x86-1.txz: Upgraded.
-k/kernel-source-3.14.18-noarch-1.txz: Upgraded.
-l/seamonkey-solibs-2.29-x86_64-1.txz: Upgraded.
-xap/rdesktop-1.8.2-x86_64-1.txz: Upgraded.
-xap/seamonkey-2.29-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
+ http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
+xap/xscreensaver-5.36-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
- Use syslinux-nomtools on the installer. Thanks to Didier Spaier.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
- Use syslinux-nomtools on the installer. Thanks to Didier Spaier.
+--------------------------+
-Thu Sep 4 19:43:25 UTC 2014
-xap/mozilla-firefox-32.0-x86_64-1.txz: Upgraded.
+Sat Oct 1 17:11:13 UTC 2016
+a/kernel-firmware-20161001git-noarch-1.txz: Upgraded.
+a/kernel-generic-4.4.23-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.4.23-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.4.23-x86_64-1.txz: Upgraded.
+a/lvm2-2.02.166-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.4.23-x86-1.txz: Upgraded.
+k/kernel-source-4.4.23-noarch-1.txz: Upgraded.
+n/mutt-1.7.0-x86_64-1.txz: Upgraded.
+xap/mozilla-thunderbird-45.4.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
- (* Security fix *)
-xap/mozilla-thunderbird-31.1.0-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
-n/php-5.4.32-x86_64-1.txz: Upgraded.
- This update fixes bugs and security issues.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4698
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5120
- (* Security fix *)
-+--------------------------+
-Thu Aug 28 23:17:47 UTC 2014
-l/mozilla-nss-3.16.4-x86_64-1.txz: Upgraded.
- Upgraded to nss-3.16.4 and nspr-4.10.7.
-+--------------------------+
-Mon Aug 25 22:02:08 UTC 2014
-a/kernel-generic-3.14.17-x86_64-1.txz: Upgraded.
-a/kernel-huge-3.14.17-x86_64-1.txz: Upgraded.
-a/kernel-modules-3.14.17-x86_64-1.txz: Upgraded.
-a/libcgroup-0.41-x86_64-1.txz: Upgraded.
-d/kernel-headers-3.14.17-x86-1.txz: Upgraded.
-k/kernel-source-3.14.17-noarch-1.txz: Upgraded.
- Changed these kernel options:
- CONNECTOR m -> y
- +PROC_EVENTS y
- Thanks to linuxxer.
-l/freetype-2.5.3-x86_64-1.txz: Upgraded.
-n/tin-2.2.1-x86_64-1.txz: Upgraded.
-x/libxcb-1.11-x86_64-1.txz: Upgraded.
-x/mesa-10.2.6-x86_64-1.txz: Upgraded.
- Upgraded to MesaLib-10.2.6 and mesa-demos-8.2.0.
-x/xcb-proto-1.11-x86_64-1.txz: Upgraded.
-x/xf86-input-mouse-1.9.1-x86_64-1.txz: Upgraded.
-x/xf86-video-ast-1.0.1-x86_64-1.txz: Upgraded.
-x/xfs-1.1.4-x86_64-1.txz: Upgraded.
-x/xorg-server-1.15.2-x86_64-2.txz: Rebuilt.
- Added these explicit options for all X servers:
- --enable-kdrive-evdev --enable-kdrive-kbd --enable-kdrive-mouse
- Thanks to Dinithion.
-x/xorg-server-xephyr-1.15.2-x86_64-2.txz: Rebuilt.
-x/xorg-server-xnest-1.15.2-x86_64-2.txz: Rebuilt.
-x/xorg-server-xvfb-1.15.2-x86_64-2.txz: Rebuilt.
-x/xrandr-1.4.3-x86_64-1.txz: Upgraded.
-extra/xf86-video-fbdev/xf86-video-fbdev-0.4.4-x86_64-2.txz: Rebuilt.
- Fix ABI mismatch. Thanks to dr.s.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Fri Aug 8 19:02:50 UTC 2014
-Welcome pi kernel! Unless we reach kernel 3.14.159, this is probably the best
-approximation we're going to get. :-)
-a/kernel-firmware-20140807git-noarch-1.txz: Upgraded.
-a/kernel-generic-3.14.16-x86_64-1.txz: Upgraded.
-a/kernel-huge-3.14.16-x86_64-1.txz: Upgraded.
-a/kernel-modules-3.14.16-x86_64-1.txz: Upgraded.
-a/openssl-solibs-1.0.1i-x86_64-1.txz: Upgraded.
- (* Security fix *)
-d/kernel-headers-3.14.16-x86-1.txz: Upgraded.
-k/kernel-source-3.14.16-noarch-1.txz: Upgraded.
-n/openssl-1.0.1i-x86_64-1.txz: Upgraded.
- This update fixes several security issues:
- Double Free when processing DTLS packets (CVE-2014-3505)
- DTLS memory exhaustion (CVE-2014-3506)
- DTLS memory leak from zero-length fragments (CVE-2014-3507)
- Information leak in pretty printing functions (CVE-2014-3508)
- Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)
- OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)
- OpenSSL TLS protocol downgrade attack (CVE-2014-3511)
- SRP buffer overrun (CVE-2014-3512)
- Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139)
- For more information, see:
- https://www.openssl.org/news/secadv_20140806.txt
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139
+Wed Sep 28 23:24:37 UTC 2016
+a/glibc-zoneinfo-2016g-noarch-1.txz: Upgraded.
+ This package provides the latest timezone updates.
+l/mpfr-3.1.5-x86_64-1.txz: Upgraded.
++--------------------------+
+Tue Sep 27 19:16:56 UTC 2016
+ap/hplip-3.16.9-x86_64-1.txz: Upgraded.
+ Reenabled parallel port support. Thanks to Jas for the bug report.
+n/bind-9.10.4_P3-x86_64-1.txz: Upgraded.
+ This update fixes a denial-of-service vulnerability. Testing by ISC has
+ uncovered a critical error condition which can occur when a nameserver is
+ constructing a response. A defect in the rendering of messages into
+ packets can cause named to exit with an assertion failure in buffer.c while
+ constructing a response to a query that meets certain criteria.
+ For more information, see:
+ https://kb.isc.org/article/AA-01419/0
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776
+ (* Security fix *)
+xap/gnuchess-6.2.3-x86_64-1.txz: Upgraded.
+ Upgraded to gnuchess-6.2.3 and xboard-4.9.1.
++--------------------------+
+Mon Sep 26 18:14:08 UTC 2016
+a/openssl-solibs-1.0.2j-x86_64-1.txz: Upgraded.
+a/pkgtools-14.2-noarch-13.txz: Rebuilt.
+ removepkg: Fixed removing filenames containing "%".
+ Thanks to SeB for the bug report, and to Jim Hawkins for the patch.
+n/openssl-1.0.2j-x86_64-1.txz: Upgraded.
+ This update fixes a security issue:
+ Missing CRL sanity check (CVE-2016-7052)
+ For more information, see:
+ https://www.openssl.org/news/secadv/20160926.txt
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7052
(* Security fix *)
++--------------------------+
+Sun Sep 25 02:32:25 UTC 2016
+a/kernel-firmware-20160924git-noarch-1.txz: Upgraded.
+a/kernel-generic-4.4.22-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.4.22-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.4.22-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.4.22-x86-1.txz: Upgraded.
+k/kernel-source-4.4.22-noarch-1.txz: Upgraded.
+n/sshfs-2.8-x86_64-1.txz: Added.
+ Thanks to Heinz Wiesinger.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Mon Aug 4 20:55:26 UTC 2014
-a/gpm-1.20.7-x86_64-3.txz: Rebuilt.
- Removed the mouse-t.el file, which is older than the version in Emacs.
- Thanks to Richard Cranium.
-+--------------------------+
-Fri Aug 1 21:13:18 UTC 2014
-n/dhcpcd-6.0.5-x86_64-3.txz: Rebuilt.
- This update fixes a security issue where a specially crafted packet
- received from a malicious DHCP server causes dhcpcd to enter an infinite
- loop causing a denial of service.
- Thanks to Tobias Stoeckmann for the bug report.
- (* Security fix *)
-n/samba-4.1.11-x86_64-1.txz: Upgraded.
- This update fixes a remote code execution attack on unauthenticated nmbd
- NetBIOS name services. A malicious browser can send packets that may
- overwrite the heap of the target nmbd NetBIOS name services daemon.
- It may be possible to use this to generate a remote code execution
- vulnerability as the superuser (root).
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3560
- (* Security fix *)
-xap/xscreensaver-5.29-x86_64-2.txz: Rebuilt.
- Disabled nag screen that says "This version of XScreenSaver is very old!
- Please upgrade!" when the age of the software exceeds 12 months.
-+--------------------------+
-Wed Jul 30 00:08:00 UTC 2014
-d/gdb-7.8-x86_64-1.txz: Upgraded.
-d/guile-2.0.11-x86_64-1.txz: Upgraded.
-x/libXext-1.3.3-x86_64-1.txz: Upgraded.
-x/libXi-1.7.4-x86_64-1.txz: Upgraded.
-x/xf86-video-intel-2.99.914-x86_64-1.txz: Upgraded.
-x/xterm-310-x86_64-1.txz: Upgraded.
-+--------------------------+
-Wed Jul 23 23:00:34 UTC 2014
-a/kernel-generic-3.14.13-x86_64-1.txz: Upgraded.
-a/kernel-huge-3.14.13-x86_64-1.txz: Upgraded.
-a/kernel-modules-3.14.13-x86_64-1.txz: Upgraded.
-ap/nano-2.3.6-x86_64-1.txz: Upgraded.
-d/kernel-headers-3.14.13-x86-1.txz: Upgraded.
-e/emacs-24.3-x86_64-4.txz: Rebuilt.
- Renamed ctags manpage that conflicts with Exuberant Ctags. Thanks to Jim.
-k/kernel-source-3.14.13-noarch-1.txz: Upgraded.
-n/httpd-2.4.10-x86_64-1.txz: Upgraded.
- This update fixes the following security issues:
- *) SECURITY: CVE-2014-0117 (cve.mitre.org)
- mod_proxy: Fix crash in Connection header handling which
- allowed a denial of service attack against a reverse proxy
- with a threaded MPM. [Ben Reser]
- *) SECURITY: CVE-2014-0118 (cve.mitre.org)
- mod_deflate: The DEFLATE input filter (inflates request bodies) now
- limits the length and compression ratio of inflated request bodies to
- avoid denial of sevice via highly compressed bodies. See directives
- DeflateInflateLimitRequestBody, DeflateInflateRatioLimit,
- and DeflateInflateRatioBurst. [Yann Ylavic, Eric Covener]
- *) SECURITY: CVE-2014-0226 (cve.mitre.org)
- Fix a race condition in scoreboard handling, which could lead to
- a heap buffer overflow. [Joe Orton, Eric Covener]
- *) SECURITY: CVE-2014-0231 (cve.mitre.org)
- mod_cgid: Fix a denial of service against CGI scripts that do
- not consume stdin that could lead to lingering HTTPD child processes
- filling up the scoreboard and eventually hanging the server. By
- default, the client I/O timeout (Timeout directive) now applies to
- communication with scripts. The CGIDScriptTimeout directive can be
- used to set a different timeout for communication with scripts.
- [Rainer Jung, Eric Covener, Yann Ylavic]
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
- (* Security fix *)
-xap/mozilla-firefox-31.0-x86_64-1.txz: Upgraded.
+Fri Sep 23 23:30:53 UTC 2016
+n/php-5.6.26-x86_64-1.txz: Upgraded.
+ This release fixes bugs and security issues.
+ For more information, see:
+ https://php.net/ChangeLog-5.php#5.6.26
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418
+ (* Security fix *)
++--------------------------+
+Thu Sep 22 18:38:07 UTC 2016
+a/openssl-solibs-1.0.2i-x86_64-1.txz: Upgraded.
+n/openssl-1.0.2i-x86_64-1.txz: Upgraded.
+ This update fixes denial-of-service and other security issues.
+ For more information, see:
+ https://www.openssl.org/news/secadv/20160922.txt
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6305
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6307
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6308
+ (* Security fix *)
++--------------------------+
+Wed Sep 21 21:10:52 UTC 2016
+n/irssi-0.8.20-x86_64-1.txz: Upgraded.
+ This update fixes two remote crash and heap corruption vulnerabilites
+ in Irssi's format parsing code. Impact: Remote crash and heap
+ corruption. Remote code execution seems difficult since only Nuls are
+ written. Bugs discovered by, and patches provided by Gabriel Campana
+ and Adrien Guinet from Quarkslab.
+ For more information, see:
+ https://irssi.org/security/irssi_sa_2016.txt
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7044
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7045
+ (* Security fix *)
++--------------------------+
+Wed Sep 21 15:54:06 UTC 2016
+a/mkinitrd-1.4.8-x86_64-9.txz: Rebuilt.
+ When generating the initrd, include dmsetup whenever LUKS is requested.
+ Thanks to TracyTiger for the bug report and Eric Hameleers for the patch.
+e/emacs-25.1-x86_64-1.txz: Upgraded.
+l/qt-4.8.7-x86_64-5.txz: Rebuilt.
+ In the .prl files, make sure to use -L/usr/X11R6/lib64 on 64-bit to avoid
+ ld warnings when using qmake on a multilib system.
+ Thanks to Jonathan Woithe for the bug report and fix.
+n/network-scripts-14.2-noarch-4.txz: Rebuilt.
+ rc.inet1.new: Use return (not continue) to leave the if_up() function.
+ Thanks to Tim Thomas for the bug report.
+xap/mozilla-firefox-49.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
-xap/mozilla-thunderbird-31.0-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
+xap/pidgin-2.11.0-x86_64-1.txz: Upgraded.
+ This release fixes bugs and security issues.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
- (* Security fix *)
-isolinux/initrd.img: Rebuilt.
-kernels/*: Upgraded.
-usb-and-pxe-installers/usbboot.img: Rebuilt.
-+--------------------------+
-Sun Jul 20 05:00:36 UTC 2014
-x/mesa-10.2.4-x86_64-1.txz: Upgraded.
- Added --with-egl-platforms="drm,x11". Without this, the EGL support for drm
- is not built leading to crashes with newer radeon hardware.
- Thanks to sberthelot and Robby Workman.
-+--------------------------+
-Wed Jul 16 05:31:30 UTC 2014
-x/xf86-video-intel-2.99.912-x86_64-1.txz: Upgraded.
- Looks like the stable driver won't compile with the new xorg-server, so
- we'll try this one.
-+--------------------------+
-Tue Jul 15 23:53:10 UTC 2014
-Enjoy some new X related updates! Thanks to Robby Workman for lots of help
-on the X.Org upgrades, and to alienBOB for an earlier SlackBuild for Motif
-that I used as a reference for configure options and other fixes.
-You can blame me for picking xorg-server-1.15.2 over xorg-server-1.14.7. ;-)
-If you're using a proprietary video driver you'll probably need to recompile it
-for the new X server... if you can.
-ap/linuxdoc-tools-0.9.69-x86_64-2.txz: Rebuilt.
- Renamed /usr/bin/sgmlspl.pl back to /usr/bin/sgmlspl.
- Thanks to Matteo Bernardini for the report.
-ap/lxc-1.0.5-x86_64-1.txz: Upgraded.
-d/automake-1.14.1-noarch-1.txz: Upgraded.
-d/llvm-3.4.2-x86_64-1.txz: Upgraded.
-kde/calligra-2.8.5-x86_64-1.txz: Upgraded.
-kdei/calligra-l10n-bs-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ca-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ca\@valencia-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-cs-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-da-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-de-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-el-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-en_GB-2.8.5-noarch-1.txz: Added.
-kdei/calligra-l10n-es-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-et-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-eu-2.8.5-noarch-1.txz: Added.
-kdei/calligra-l10n-fi-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-fr-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-gl-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-hu-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ia-2.7.5-noarch-1.txz: Removed.
-kdei/calligra-l10n-it-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ja-2.8.5-noarch-1.txz: Added.
-kdei/calligra-l10n-kk-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-nb-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-nds-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-nl-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pl-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pt-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pt_BR-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ru-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-sk-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-sl-2.7.5-noarch-1.txz: Removed.
-kdei/calligra-l10n-sv-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-tr-2.7.5-noarch-1.txz: Removed.
-kdei/calligra-l10n-uk-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-zh_CN-2.8.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-zh_TW-2.8.5-noarch-1.txz: Upgraded.
-l/lesstif-0.95.2-x86_64-1.txz: Removed.
- LessTif is making way for real Motif.
- Thanks to the Hungry Programmers for a great run. :-)
-t/tetex-3.0-x86_64-9.txz: Rebuilt.
- Recompiled /usr/bin/xdvi-motif.bin against Motif.
-x/dri3proto-1.0-x86_64-1.txz: Added.
-x/fontconfig-2.11.1-x86_64-1.txz: Upgraded.
-x/freeglut-2.8.1-x86_64-1.txz: Upgraded.
-x/gccmakedep-1.0.3-noarch-1.txz: Upgraded.
-x/glamor-egl-0.6.0-x86_64-1.txz: Added.
-x/glew-1.10.0-x86_64-1.txz: Upgraded.
-x/glproto-1.4.17-noarch-1.txz: Upgraded.
-x/imake-1.0.7-x86_64-1.txz: Upgraded.
-x/inputproto-2.3.1-noarch-1.txz: Upgraded.
-x/libFS-1.0.6-x86_64-1.txz: Upgraded.
-x/libICE-1.0.9-x86_64-1.txz: Upgraded.
-x/libXfont-1.4.8-x86_64-1.txz: Upgraded.
-x/libXft-2.3.2-x86_64-1.txz: Upgraded.
-x/libXi-1.7.3-x86_64-1.txz: Upgraded.
-x/libdrm-2.4.54-x86_64-1.txz: Upgraded.
-x/libevdev-1.2-x86_64-1.txz: Added.
-x/libxcb-1.10-x86_64-1.txz: Upgraded.
-x/libxshmfence-1.1-x86_64-1.txz: Added.
-x/makedepend-1.0.5-x86_64-1.txz: Upgraded.
-x/mesa-10.1.5-x86_64-1.txz: Upgraded.
-x/motif-2.3.4-x86_64-1.txz: Added.
-x/mtdev-1.1.5-x86_64-1.txz: Upgraded.
-x/pixman-0.32.6-x86_64-1.txz: Upgraded.
-x/presentproto-1.0-x86_64-1.txz: Added.
-x/util-macros-1.19.0-noarch-1.txz: Upgraded.
-x/xauth-1.0.9-x86_64-1.txz: Upgraded.
-x/xcb-proto-1.10-x86_64-1.txz: Upgraded.
-x/xcb-util-cursor-0.1.1-x86_64-1.txz: Upgraded.
-x/xcb-util-renderutil-0.3.9-x86_64-1.txz: Upgraded.
-x/xcb-util-wm-0.4.1-x86_64-1.txz: Upgraded.
-x/xcursorgen-1.0.6-x86_64-1.txz: Upgraded.
-x/xdg-user-dirs-0.15-x86_64-1.txz: Upgraded.
-x/xextproto-7.3.0-x86_64-1.txz: Upgraded.
-x/xf86-input-acecad-1.5.0-x86_64-6.txz: Rebuilt.
-x/xf86-input-aiptek-1.4.1-x86_64-6.txz: Rebuilt.
-x/xf86-input-evdev-2.9.0-x86_64-1.txz: Upgraded.
-x/xf86-input-joystick-1.6.1-x86_64-6.txz: Rebuilt.
-x/xf86-input-keyboard-1.8.0-x86_64-1.txz: Upgraded.
-x/xf86-input-mouse-1.9.0-x86_64-4.txz: Rebuilt.
-x/xf86-input-penmount-1.5.0-x86_64-6.txz: Rebuilt.
-x/xf86-input-synaptics-1.8.0-x86_64-1.txz: Upgraded.
-x/xf86-input-vmmouse-13.0.0-x86_64-5.txz: Rebuilt.
-x/xf86-input-void-1.4.0-x86_64-6.txz: Rebuilt.
-x/xf86-input-wacom-0.19.0-x86_64-5.txz: Rebuilt.
-x/xf86-video-apm-1.2.5-x86_64-5.txz: Rebuilt.
-x/xf86-video-ark-0.7.5-x86_64-5.txz: Rebuilt.
-x/xf86-video-ast-0.99.9-x86_64-1.txz: Upgraded.
-x/xf86-video-ati-7.4.0-x86_64-1.txz: Upgraded.
-x/xf86-video-chips-1.2.5-x86_64-5.txz: Rebuilt.
-x/xf86-video-cirrus-1.5.2-x86_64-5.txz: Rebuilt.
-x/xf86-video-dummy-0.3.7-x86_64-2.txz: Rebuilt.
-x/xf86-video-glint-1.2.8-x86_64-5.txz: Rebuilt.
-x/xf86-video-i128-1.3.6-x86_64-5.txz: Rebuilt.
-x/xf86-video-i740-1.3.4-x86_64-5.txz: Rebuilt.
-x/xf86-video-mach64-6.9.4-x86_64-5.txz: Rebuilt.
-x/xf86-video-mga-1.6.3-x86_64-1.txz: Upgraded.
-x/xf86-video-modesetting-0.9.0-x86_64-2.txz: Rebuilt.
-x/xf86-video-neomagic-1.2.8-x86_64-3.txz: Rebuilt.
-x/xf86-video-nouveau-1.0.10-x86_64-1.txz: Upgraded.
-x/xf86-video-nv-2.1.20-x86_64-6.txz: Rebuilt.
-x/xf86-video-openchrome-0.3.3-x86_64-3.txz: Rebuilt.
-x/xf86-video-r128-6.9.2-x86_64-2.txz: Rebuilt.
-x/xf86-video-rendition-4.2.5-x86_64-5.txz: Rebuilt.
-x/xf86-video-s3-0.6.5-x86_64-5.txz: Rebuilt.
-x/xf86-video-s3virge-1.10.6-x86_64-6.txz: Rebuilt.
-x/xf86-video-savage-2.3.7-x86_64-2.txz: Rebuilt.
-x/xf86-video-siliconmotion-1.7.7-x86_64-6.txz: Rebuilt.
-x/xf86-video-sis-0.10.7-x86_64-5.txz: Rebuilt.
-x/xf86-video-sisusb-0.9.6-x86_64-5.txz: Rebuilt.
-x/xf86-video-tdfx-1.4.5-x86_64-5.txz: Rebuilt.
-x/xf86-video-tga-1.2.2-x86_64-5.txz: Rebuilt.
-x/xf86-video-trident-1.3.6-x86_64-5.txz: Rebuilt.
-x/xf86-video-tseng-1.2.5-x86_64-5.txz: Rebuilt.
-x/xf86-video-v4l-0.2.0-x86_64-10.txz: Rebuilt.
-x/xf86-video-vesa-2.3.3-x86_64-2.txz: Rebuilt.
-x/xf86-video-vmware-13.0.2-x86_64-1.txz: Upgraded.
-x/xf86-video-voodoo-1.2.5-x86_64-6.txz: Rebuilt.
-x/xf86-video-xgi-git_be3abf8570a-x86_64-5.txz: Rebuilt.
-x/xf86-video-xgixp-1.8.1-x86_64-5.txz: Rebuilt.
-x/xkeyboard-config-2.11-noarch-1.txz: Upgraded.
-x/xorg-cf-files-1.0.5-noarch-1.txz: Upgraded.
-x/xorg-server-1.15.2-x86_64-1.txz: Upgraded.
-x/xorg-server-xephyr-1.15.2-x86_64-1.txz: Upgraded.
-x/xorg-server-xnest-1.15.2-x86_64-1.txz: Upgraded.
-x/xorg-server-xvfb-1.15.2-x86_64-1.txz: Upgraded.
-x/xproto-7.0.26-noarch-1.txz: Upgraded.
-x/xrandr-1.4.2-x86_64-1.txz: Upgraded.
-x/xscope-1.4.1-x86_64-1.txz: Upgraded.
-x/xterm-309-x86_64-1.txz: Upgraded.
-x/xtrans-1.3.4-noarch-1.txz: Upgraded.
-xap/ddd-3.3.12-x86_64-3.txz: Rebuilt.
- Recompiled against Motif.
-xap/xpdf-3.04-x86_64-1.txz: Upgraded.
-+--------------------------+
-Sat Jul 12 17:34:47 UTC 2014
-ap/nano-2.3.5-x86_64-2.txz: Rebuilt.
- Provide --datadir to ./configure to work around a bug that installed the
- locale files in the wrong directory.
- Thanks to Wim Speekenbrink.
-+--------------------------+
-Sat Jul 12 02:24:10 UTC 2014
-a/bash-4.3.018-x86_64-1.txz: Upgraded.
-a/kernel-firmware-20140710git-noarch-1.txz: Upgraded.
-a/kernel-generic-3.14.12-x86_64-1.txz: Upgraded.
-a/kernel-huge-3.14.12-x86_64-1.txz: Upgraded.
-a/kernel-modules-3.14.12-x86_64-1.txz: Upgraded.
-a/shadow-4.2.1-x86_64-1.txz: Upgraded.
- This adds support for subuid and subgid needed for unprivileged containers.
- Thanks to Christoph Willing.
-ap/cgmanager-20140710_986cd44-x86_64-1.txz: Added.
- Thanks to Matteo Bernardini.
-ap/linuxdoc-tools-0.9.69-x86_64-1.txz: Upgraded.
- Thanks to Stuart Winter.
-ap/lxc-1.0.3-x86_64-1.txz: Upgraded.
- This adds a template for for lxc-create to create a minimal Slackware
- container using slackpkg. For example, this will create a container
- named "current":
- lxc-create -n current -t slackware
- There's an rc.lxc init script added to autorun/autostop containers, but it's
- not currently hooked in to the main init scripts, so if you want to use it
- you'll need to add it to your rc.local and rc.local_shutdown (and make it
- executable). The script will look for "lxc.start.auto = 1" in the container
- config file to determine if a container should be autostarted (1) or not (0).
- Thanks to Matteo Bernardini.
-ap/lzip-1.15-x86_64-1.txz: Added.
-ap/nano-2.3.5-x86_64-1.txz: Upgraded.
-ap/slackpkg-2.82.0-noarch-13.tgz: Rebuilt.
- Patched to support $ROOT and $CONF environment variables.
- Thanks to Matteo Bernardini.
-d/gnu-cobol-1.1-x86_64-1.txz: Added.
-d/kernel-headers-3.14.12-x86-1.txz: Upgraded.
-d/open-cobol-1.1-x86_64-2.txz: Removed.
- This project has been renamed GNU Cobol.
-d/slacktrack-2.16-x86_64-1.txz: Upgraded.
- Thanks to Stuart Winter.
-k/kernel-source-3.14.12-noarch-1.txz: Upgraded.
- Added back CONFIG_USER_NS=y now that it no longer conflicts with XFS.
- Thanks to Christoph Willing.
-l/libnih-1.0.3-x86_64-1.txz: Added.
- Thanks to Matteo Bernardini.
-l/taglib-1.9.1-x86_64-1.txz: Upgraded.
- Linked with -lstdc++. Thanks to comet.berkeley.
-n/php-5.4.30-x86_64-1.txz: Upgraded.
- This update fixes bugs and security issues.
+ https://www.pidgin.im/news/security/
+ (* Security fix *)
++--------------------------+
+Thu Sep 15 22:54:52 UTC 2016
+a/bash-4.4.0-x86_64-1.txz: Upgraded.
+a/btrfs-progs-v4.7.2-x86_64-1.txz: Upgraded.
+a/e2fsprogs-1.43.3-x86_64-1.txz: Upgraded.
+a/pkgtools-14.2-noarch-12.txz: Rebuilt.
+ removepkg: Fixed removing packages with >= 3 hyphens in the package name
+ when using just the package name rather than the full name including
+ version, arch, and build.
+ Thanks to coralfang for the bug report, Jim Hawkins and Stuart Winter for
+ the patch, and SeB for testing and feedback.
+ removepkg: Handle filenames that contain backslashes.
+ Thanks to aaazen for the bug report and patch.
+ap/vim-8.0.0005-x86_64-1.txz: Upgraded.
+n/curl-7.50.3-x86_64-1.txz: Upgraded.
+ Fixed heap overflows in four libcurl functions: curl_escape(),
+ curl_easy_escape(), curl_unescape() and curl_easy_unescape().
+ For more information, see:
+ https://curl.haxx.se/docs/adv_20160914.html
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7167
+ (* Security fix *)
+xap/vim-gvim-8.0.0005-x86_64-1.txz: Upgraded.
++--------------------------+
+Tue Sep 13 18:13:32 UTC 2016
+ap/mariadb-10.0.27-x86_64-1.txz: Upgraded.
+ This update fixes a critical vulnerability which can allow local and
+ remote attackers to inject malicious settings into MySQL configuration
+ files (my.cnf). A successful exploitation could allow attackers to
+ execute arbitrary code with root privileges which would then allow them
+ to fully compromise the server.
+ This issue was discovered and reported by Dawid Golunski.
+ For more information, see:
+ http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
+ https://jira.mariadb.org/browse/MDEV-10465
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6662
+ (* Security fix *)
+ap/vim-8.0.0003-x86_64-1.txz: Upgraded.
+xap/vim-gvim-8.0.0003-x86_64-1.txz: Upgraded.
++--------------------------+
+Mon Sep 12 18:39:03 UTC 2016
+ap/texinfo-6.3-x86_64-1.txz: Upgraded.
+d/guile-2.0.12-x86_64-2.txz: Rebuilt.
+ Match timestamps across all $ARCH on *.go and *.scm files, otherwise
+ on multilib systems the compiled (go) files may be detected as older
+ than the source (scm) files, causing guile to attempt to recompile
+ itself with every use.
+l/sdl-1.2.15-x86_64-5.txz: Rebuilt.
+ Fixed a regression that broke MOD support. Thanks to B Watson.
+x/libXfont-1.5.2-x86_64-1.txz: Upgraded.
+x/mesa-12.0.2-x86_64-1.txz: Upgraded.
++--------------------------+
+Sat Sep 10 18:04:42 UTC 2016
+l/gtk+2-2.24.31-x86_64-1.txz: Upgraded.
+ This update fixes a security issue: Integer overflow in the
+ gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c allows remote
+ attackers to cause a denial of service (crash) via a large image file,
+ which triggers a large memory allocation.
+ For more information, see:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7447
+ (* Security fix *)
+n/gnutls-3.4.15-x86_64-1.txz: Upgraded.
+ libgnutls: Corrected the comparison of the serial size in OCSP response.
+ Previously the OCSP certificate check wouldn't verify the serial length
+ and could succeed in cases it shouldn't (GNUTLS-SA-2016-3).
+ Reported by Stefan Buehler.
+ For more information, see:
+ https://www.gnutls.org/security.html
+ (* Security fix *)
++--------------------------+
+Thu Sep 8 21:35:02 UTC 2016
+a/kernel-generic-4.4.20-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.4.20-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.4.20-x86_64-1.txz: Upgraded.
+a/kmod-23-x86_64-2.txz: Rebuilt.
+a/util-linux-2.28.2-x86_64-1.txz: Upgraded.
+ap/hplip-3.16.8-x86_64-1.txz: Upgraded.
+ap/nano-2.7.0-x86_64-1.txz: Upgraded.
+ap/pamixer-1.3.1-x86_64-2.txz: Rebuilt.
+ap/rpm-4.12.0.1-x86_64-2.txz: Rebuilt.
+ap/vim-7.4.2342-x86_64-1.txz: Upgraded.
+d/Cython-0.24.1-x86_64-1.txz: Upgraded.
+d/gdb-7.11.1-x86_64-2.txz: Rebuilt.
+d/kernel-headers-4.4.20-x86-1.txz: Upgraded.
+d/mercurial-3.9.1-x86_64-1.txz: Upgraded.
+d/python-2.7.12-x86_64-1.txz: Upgraded.
+ Compiled using --enable-unicode=ucs4.
+ The upstream default for Python Unicode is ucs2, but ucs4 is more widely
+ used and recommended now. Any Python scripts or binaries that use UCS-2
+ will need to be recompiled. These can be identified with the following
+ grep command: grep -r -l PyUnicodeUCS2 /usr 2> /dev/null
+k/kernel-source-4.4.20-noarch-1.txz: Upgraded.
+kde/calligra-2.9.11-x86_64-6.txz: Rebuilt.
+kde/kate-4.14.3-x86_64-3.txz: Rebuilt.
+kde/kdev-python-1.7.2-x86_64-2.txz: Rebuilt.
+kde/kig-4.14.3-x86_64-4.txz: Rebuilt.
+kde/kross-interpreters-4.14.3-x86_64-3.txz: Rebuilt.
+kde/pykde4-4.14.3-x86_64-4.txz: Rebuilt.
+kde/superkaramba-4.14.3-x86_64-3.txz: Rebuilt.
+l/PyQt-4.11.4-x86_64-2.txz: Rebuilt.
+l/akonadi-1.13.0-x86_64-3.txz: Rebuilt.
+l/boost-1.61.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/dbus-python-1.2.4-x86_64-2.txz: Rebuilt.
+l/gdbm-1.12-x86_64-2.txz: Rebuilt.
+l/glib2-2.46.2-x86_64-4.txz: Rebuilt.
+l/gobject-introspection-1.46.0-x86_64-2.txz: Rebuilt.
+l/libxml2-2.9.4-x86_64-3.txz: Rebuilt.
+l/pilot-link-0.12.5-x86_64-11.txz: Rebuilt.
+l/pycups-1.9.73-x86_64-2.txz: Rebuilt.
+l/pycurl-7.43.0-x86_64-2.txz: Rebuilt.
+l/pygobject-2.28.6-x86_64-3.txz: Rebuilt.
+l/pygobject3-3.18.2-x86_64-2.txz: Rebuilt.
+l/pygtk-2.24.0-x86_64-3.txz: Rebuilt.
+l/python-pillow-3.0.0-x86_64-2.txz: Rebuilt.
+l/sip-4.18.1-x86_64-1.txz: Upgraded.
+n/php-5.6.25-x86_64-1.txz: Upgraded.
+ This release fixes bugs and security issues.
For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049
- (* Security fix *)
+ http://php.net/ChangeLog-5.php#5.6.25
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7133
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7134
+ (* Security fix *)
+n/samba-4.5.0-x86_64-1.txz: Upgraded.
+xap/blueman-2.0.4-x86_64-2.txz: Rebuilt.
+xap/gimp-2.8.18-x86_64-2.txz: Rebuilt.
+xap/vim-gvim-7.4.2342-x86_64-1.txz: Upgraded.
+extra/brltty/brltty-5.4-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
-testing/source/config-testing-3.15.5/*: Added.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Tue Jun 24 22:35:07 UTC 2014
-ap/man-1.6g-x86_64-2.txz: Rebuilt.
- Moved config file to /etc.
-ap/man-pages-3.69-noarch-1.txz: Upgraded.
-l/seamonkey-solibs-2.26.1-x86_64-1.txz: Upgraded.
-n/bind-9.9.5_P1-x86_64-1.txz: Upgraded.
- This fixes security issues and other bugs. Please note that the first
- CVE only affects Windows, and the second one was claimed to be fixed by
- an earlier version of BIND. But we'll update anyway just in case. :-)
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6230
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591
- (* Security fix *)
-n/gnupg-1.4.17-x86_64-1.txz: Upgraded.
- This release includes a security fix to stop a denial of service using
- garbled compressed data packets which can be used to put gpg into an
- infinite loop.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617
- (* Security fix *)
-n/gnupg2-2.0.24-x86_64-1.txz: Upgraded.
- This release includes a security fix to stop a denial of service using
- garbled compressed data packets which can be used to put gpg into an
- infinite loop.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617
- (* Security fix *)
-n/samba-4.1.9-x86_64-1.txz: Upgraded.
- This update fixes bugs and security issues, including a flaw in Samba's
- internal DNS server which can be exploited to cause a denial of service,
- a flaw in SRV_SNAPSHOT_ARRAY that permits attackers to leverage
- configurations that use shadow_copy* for vfs objects to reveal potentially
- private server information, a denial of service on the nmbd NetBIOS name
- services daemon, and a denial of service crash involving overwriting
- memory on an authenticated connection to the smbd file server.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0239
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493
- (* Security fix *)
-xap/seamonkey-2.26.1-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
- (* Security fix *)
-testing/packages/bind-9.10.0_P2-x86_64-1.txz: Added.
-+--------------------------+
-Tue Jun 17 22:19:30 UTC 2014
-l/ncurses-5.9-x86_64-3.txz: Rebuilt.
- Applied upstream patch ncurses-5.9-20140308-patch.sh.
- Thanks to comet.berkeley.
-n/yptools-2.14-x86_64-3.txz: Rebuilt.
- Corrected yppasswd patch that was causing password changes to fail.
- Thanks to Henrik Carlqvist.
-xap/xscreensaver-5.29-x86_64-1.txz: Upgraded.
-+--------------------------+
-Thu Jun 12 05:11:52 UTC 2014
-ap/ddrescue-1.18.1-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-30.0-x86_64-1.txz: Upgraded.
+Wed Aug 31 20:43:10 UTC 2016
+l/gsl-2.2.1-x86_64-1.txz: Upgraded.
+xap/mozilla-thunderbird-45.3.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
- (* Security fix *)
-xap/mozilla-thunderbird-24.6.0-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
+--------------------------+
-Mon Jun 9 20:16:02 UTC 2014
-n/php-5.4.29-x86_64-1.txz: Upgraded.
- This update fixes bugs and security issues, including a possible denial
- of service, and an issue where insecure default permissions on the FPM
- socket may allow local users to run arbitrary code as the apache user.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
- (* Security fix *)
-+--------------------------+
-Fri Jun 6 04:27:01 UTC 2014
-a/openssl-solibs-1.0.1h-x86_64-1.txz: Upgraded.
- (* Security fix *)
-ap/nano-2.3.4-x86_64-1.txz: Upgraded.
-l/libtasn1-3.6-x86_64-1.txz: Upgraded.
- Multiple security issues have been corrected in the libtasn1 library.
- These errors allow a remote attacker to cause a denial of service, or
- possibly to execute arbitrary code.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469
- (* Security fix *)
-n/gnutls-3.2.15-x86_64-1.txz: Upgraded.
- A security issue has been corrected in gnutls. This vulnerability
- affects the client side of the gnutls library. A server that sends
- a specially crafted ServerHello could corrupt the memory of a requesting
- client. This may allow a remote attacker to execute arbitrary code.
- Additional vulnerabilities in the embedded libtasn1 library have also
- been patched.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3465
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469
- (* Security fix *)
-n/irssi-0.8.16-x86_64-1.txz: Upgraded.
-n/openssl-1.0.1h-x86_64-1.txz: Upgraded.
- Multiple security issues have been corrected, including a possible
- man-in-the-middle attack where weak keying material is forced, denial
- of service, and the execution of arbitrary code.
- For more information, see:
- http://www.openssl.org/news/secadv_20140605.txt
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470
- (* Security fix *)
-n/sendmail-8.14.9-x86_64-1.txz: Upgraded.
- This release fixes one security related bug by properly closing file
- descriptors (except stdin, stdout, and stderr) before executing programs.
- This bug could enable local users to interfere with an open SMTP
- connection if they can execute their own program for mail delivery
- (e.g., via procmail or the prog mailer).
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956
- (* Security fix *)
-n/sendmail-cf-8.14.9-noarch-1.txz: Upgraded.
-+--------------------------+
-Sun Jun 1 19:48:54 UTC 2014
-a/gawk-4.1.1-x86_64-2.txz: Rebuilt.
- Removed pgawk.1.gz symlink in man1 since pgawk no longer exists.
- Compressed the man pages in man3.
-a/kernel-generic-3.14.5-x86_64-1.txz: Upgraded.
-a/kernel-huge-3.14.5-x86_64-1.txz: Upgraded.
-a/kernel-modules-3.14.5-x86_64-1.txz: Upgraded.
-ap/mariadb-5.5.37-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0384
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2419
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2430
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2431
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2432
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2436
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2438
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2440
- (* Security fix *)
-ap/nano-2.3.3-x86_64-1.txz: Upgraded.
-d/gcc-4.8.3-x86_64-1.txz: Upgraded.
-d/gcc-g++-4.8.3-x86_64-1.txz: Upgraded.
-d/gcc-gfortran-4.8.3-x86_64-1.txz: Upgraded.
-d/gcc-gnat-4.8.3-x86_64-1.txz: Upgraded.
-d/gcc-go-4.8.3-x86_64-1.txz: Upgraded.
-d/gcc-java-4.8.3-x86_64-1.txz: Upgraded.
-d/gcc-objc-4.8.3-x86_64-1.txz: Upgraded.
-d/kernel-headers-3.14.5-x86-1.txz: Upgraded.
-d/make-3.82-x86_64-5.txz: Rebuilt.
- Patched to fix a bug with parallel builds.
- Thanks to Danny Schmarsel.
-k/kernel-source-3.14.5-noarch-1.txz: Upgraded.
+Tue Aug 30 22:10:31 UTC 2016
+testing/packages/gcc-6.2.0-x86_64-1.txz: Added.
+testing/packages/gcc-g++-6.2.0-x86_64-1.txz: Added.
+testing/packages/gcc-gfortran-6.2.0-x86_64-1.txz: Added.
+testing/packages/gcc-gnat-6.2.0-x86_64-1.txz: Added.
+testing/packages/gcc-go-6.2.0-x86_64-1.txz: Added.
+testing/packages/gcc-java-6.2.0-x86_64-1.txz: Added.
+ Please note that if you install this package, gettext (specifically the
+ gettext-tools package) will need to be recompiled.
+testing/packages/gcc-objc-6.2.0-x86_64-1.txz: Added.
++--------------------------+
+Mon Aug 29 22:51:27 UTC 2016
+a/gawk-4.1.4-x86_64-1.txz: Upgraded.
+l/gsl-2.2-x86_64-1.txz: Upgraded.
++--------------------------+
+Wed Aug 24 19:37:40 UTC 2016
+xap/mozilla-firefox-48.0.2-x86_64-1.txz: Upgraded.
++--------------------------+
+Tue Aug 23 19:45:33 UTC 2016
+a/glibc-solibs-2.24-x86_64-2.txz: Rebuilt.
+a/kernel-firmware-20160823git-noarch-1.txz: Upgraded.
+a/kernel-generic-4.4.19-x86_64-1.txz: Upgraded.
+ A flaw was found in the implementation of the Linux kernels handling of
+ networking challenge ack where an attacker is able to determine the shared
+ counter. This may allow an attacker located on different subnet to inject
+ or take over a TCP connection between a server and client without having to
+ be a traditional Man In the Middle (MITM) style attack.
+ For more information, see:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5389
+ (* Security fix *)
+a/kernel-huge-4.4.19-x86_64-1.txz: Upgraded.
+ A flaw was found in the implementation of the Linux kernels handling of
+ networking challenge ack where an attacker is able to determine the shared
+ counter. This may allow an attacker located on different subnet to inject
+ or take over a TCP connection between a server and client without having to
+ be a traditional Man In the Middle (MITM) style attack.
+ For more information, see:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5389
+ (* Security fix *)
+a/kernel-modules-4.4.19-x86_64-1.txz: Upgraded.
+ap/diffutils-3.5-x86_64-1.txz: Upgraded.
+ap/linuxdoc-tools-0.9.72-x86_64-1.txz: Upgraded.
+ Thanks to Stuart Winter.
+ap/screen-4.4.0-x86_64-2.txz: Rebuilt.
+ Reverted a change to /etc/screenrc.new that prevented the console from being
+ cleared when a screen session was detached. Thanks to Stuart Winter.
+d/binutils-2.27-x86_64-2.txz: Rebuilt.
+ Recompiled with --disable-compressed-debug-sections, since other tools are
+ not yet capable of parsing that.
+ Thanks to Vincent Batts, Heinz Wiesinger, and Stuart Winter.
+d/kernel-headers-4.4.19-x86-1.txz: Upgraded.
+k/kernel-source-4.4.19-noarch-1.txz: Upgraded.
+ A flaw was found in the implementation of the Linux kernels handling of
+ networking challenge ack where an attacker is able to determine the shared
+ counter. This may allow an attacker located on different subnet to inject
+ or take over a TCP connection between a server and client without having to
+ be a traditional Man In the Middle (MITM) style attack.
+ For more information, see:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5389
+ (* Security fix *)
+l/glib2-2.46.2-x86_64-3.txz: Rebuilt.
+ Applied upstream patch to fix a use-before-allocate bug in libgio. Without
+ this fix, Thunar will crash if $HOME is on an NFS volume.
+ Thanks to Jonathan Woithe.
+l/glibc-2.24-x86_64-2.txz: Rebuilt.
+ If libm.so is a linker script, don't clobber it with a symlink.
+ Thanks to guanx.
+l/glibc-i18n-2.24-x86_64-2.txz: Rebuilt.
+l/glibc-profile-2.24-x86_64-2.txz: Rebuilt.
+n/gnupg-1.4.21-x86_64-1.txz: Upgraded.
+ Fix critical security bug in the RNG [CVE-2016-6313]. An attacker who
+ obtains 580 bytes from the standard RNG can trivially predict the next
+ 20 bytes of output. (This is according to the NEWS file included in the
+ source. According to the annoucement linked below, an attacker who obtains
+ 4640 bits from the RNG can trivially predict the next 160 bits of output.)
+ Problem detected by Felix Doerre and Vladimir Klebanov, KIT.
+ For more information, see:
+ https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313
+ (* Security fix *)
+n/libgcrypt-1.7.3-x86_64-1.txz: Upgraded.
+ Fix critical security bug in the RNG [CVE-2016-6313]. An attacker who
+ obtains 580 bytes from the standard RNG can trivially predict the next
+ 20 bytes of output. (This is according to the NEWS file included in the
+ source. According to the annoucement linked below, an attacker who obtains
+ 4640 bits from the RNG can trivially predict the next 160 bits of output.)
+ Problem detected by Felix Doerre and Vladimir Klebanov, KIT.
+ For more information, see:
+ https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313
+ (* Security fix *)
+n/network-scripts-14.2-noarch-3.txz: Rebuilt.
+ In rc.inet1, skip interfaces that are not configured in rc.inet1.conf
+ to speed up the boot time slightly.
+ Thanks to Amritpal Bath.
+n/stunnel-5.35-x86_64-2.txz: Rebuilt.
+ Fixed incorrect config file name in generate-stunnel-key.sh.
+ Thanks to Ebben Aries.
+xap/mozilla-firefox-48.0.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Tue May 13 22:31:28 UTC 2014
-l/libelf-0.8.13-x86_64-4.txz: Rebuilt.
- Use -D_FILE_OFFSET_BITS=64 on 32-bit x86 (needed for Chromium).
- Requested by alienBOB. :-)
-+--------------------------+
-Tue May 13 20:25:35 UTC 2014
-a/kernel-generic-3.14.4-x86_64-1.txz: Upgraded.
-a/kernel-huge-3.14.4-x86_64-1.txz: Upgraded.
-a/kernel-modules-3.14.4-x86_64-1.txz: Upgraded.
-d/gdb-7.7.1-x86_64-1.txz: Upgraded.
-d/kernel-headers-3.14.4-x86-1.txz: Upgraded.
-k/kernel-source-3.14.4-noarch-1.txz: Upgraded.
- Disabled CONFIG_DEBUG_KERNEL, which had the effect of turning off seven
- other kernel debugging options. Besides fixing the nVidia issues, I wonder
- if getting rid of this stuff will speed the kernel up?
-l/libelf-0.8.13-x86_64-3.txz: Rebuilt.
- Symlink headers to /usr/include, since Mesa wants them there.
- Thanks to Robby Workman.
-xap/ddd-3.3.12-x86_64-2.txz: Rebuilt.
- Patched to fix the machine code view. Thanks to Christopher Oliver.
+Thu Aug 11 18:24:29 UTC 2016
+a/glibc-solibs-2.24-x86_64-1.txz: Upgraded.
+a/glibc-zoneinfo-2016f-noarch-1.txz: Upgraded.
+a/kernel-generic-4.4.17-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.4.17-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.4.17-x86_64-1.txz: Upgraded.
+ap/diffutils-3.4-x86_64-1.txz: Upgraded.
+ap/vim-7.4.2196-x86_64-1.txz: Upgraded.
+d/binutils-2.27-x86_64-1.txz: Upgraded.
+d/gcc-5.4.0-x86_64-1.txz: Upgraded.
+d/gcc-g++-5.4.0-x86_64-1.txz: Upgraded.
+d/gcc-gfortran-5.4.0-x86_64-1.txz: Upgraded.
+d/gcc-gnat-5.4.0-x86_64-1.txz: Upgraded.
+d/gcc-go-5.4.0-x86_64-1.txz: Upgraded.
+d/gcc-java-5.4.0-x86_64-1.txz: Upgraded.
+d/gcc-objc-5.4.0-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.4.17-x86-1.txz: Upgraded.
+d/llvm-3.8.1-x86_64-1.txz: Upgraded.
+d/oprofile-1.1.0-x86_64-2.txz: Rebuilt.
+k/kernel-source-4.4.17-noarch-1.txz: Upgraded.
+l/glibc-2.24-x86_64-1.txz: Upgraded.
+l/glibc-i18n-2.24-x86_64-1.txz: Upgraded.
+l/glibc-profile-2.24-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-48.0-x86_64-1.txz: Upgraded.
+ This release contains security fixes and improvements.
+ For more information, see:
+ http://www.mozilla.org/security/known-vulnerabilities/firefox.html
+ (* Security fix *)
+xap/vim-gvim-7.4.2196-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Mon May 12 02:24:36 UTC 2014
-l/seamonkey-solibs-2.26-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-29.0.1-x86_64-1.txz: Upgraded.
-xap/seamonkey-2.26-x86_64-1.tx: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
- (* Security fix *)
-+--------------------------+
-Fri May 9 01:47:42 UTC 2014
-a/glibc-solibs-2.19-x86_64-1.txz: Upgraded.
-a/glibc-zoneinfo-2014b-noarch-1.txz: Upgraded.
-a/kernel-firmware-20140506git-noarch-1.txz: Upgraded.
-a/kernel-generic-3.14.3-x86_64-1.txz: Upgraded.
-a/kernel-huge-3.14.3-x86_64-1.txz: Upgraded.
-a/kernel-modules-3.14.3-x86_64-1.txz: Upgraded.
-d/binutils-2.24.51.0.3-x86_64-1.txz: Upgraded.
-d/gcc-4.8.2-x86_64-2.txz: Rebuilt.
- Include libiberty.a since that's no longer in the binutils package.
-d/gcc-g++-4.8.2-x86_64-2.txz: Rebuilt.
-d/gcc-gfortran-4.8.2-x86_64-2.txz: Rebuilt.
-d/gcc-gnat-4.8.2-x86_64-2.txz: Rebuilt.
-d/gcc-go-4.8.2-x86_64-2.txz: Rebuilt.
-d/gcc-java-4.8.2-x86_64-2.txz: Rebuilt.
-d/gcc-objc-4.8.2-x86_64-2.txz: Rebuilt.
-d/kernel-headers-3.14.3-x86-1.txz: Upgraded.
-d/oprofile-0.9.7-x86_64-5.txz: Rebuilt.
-k/kernel-source-3.14.3-noarch-1.txz: Upgraded.
-l/glibc-2.19-x86_64-1.txz: Upgraded.
-l/glibc-i18n-2.19-x86_64-1.txz: Upgraded.
-l/glibc-profile-2.19-x86_64-1.txz: Upgraded.
-n/libnftnl-1.0.1-x86_64-1.txz: Added.
-n/nftables-0.2-x86_64-1.txz: Added.
-extra/bash-completion/bash-completion-2.1-noarch-2.txz: Rebuilt.
- Patched to fix an issue with bash-4.3. Thanks to ponce.
+Sat Aug 6 19:29:16 UTC 2016
+n/curl-7.50.1-x86_64-1.txz: Upgraded.
+ This release fixes security issues:
+ TLS: switch off SSL session id when client cert is used
+ TLS: only reuse connections with the same client cert
+ curl_multi_cleanup: clear connection pointer for easy handles
+ For more information, see:
+ https://curl.haxx.se/docs/adv_20160803A.html
+ https://curl.haxx.se/docs/adv_20160803B.html
+ https://curl.haxx.se/docs/adv_20160803C.html
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421
+ (* Security fix *)
+n/mutt-1.6.2-x86_64-1.txz: Upgraded.
+n/openssh-7.3p1-x86_64-1.txz: Upgraded.
+ This is primarily a bugfix release, and also addresses security issues.
+ sshd(8): Mitigate a potential denial-of-service attack against the system's
+ crypt(3) function via sshd(8).
+ sshd(8): Mitigate timing differences in password authentication that could
+ be used to discern valid from invalid account names when long passwords were
+ sent and particular password hashing algorithms are in use on the server.
+ ssh(1), sshd(8): Fix observable timing weakness in the CBC padding oracle
+ countermeasures.
+ ssh(1), sshd(8): Improve operation ordering of MAC verification for
+ Encrypt-then-MAC (EtM) mode transport MAC algorithms to verify the MAC
+ before decrypting any ciphertext.
+ sshd(8): (portable only) Ignore PAM environment vars when UseLogin=yes.
+ For more information, see:
+ http://www.openssh.com/txt/release-7.3
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6210
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8325
+ (* Security fix *)
+n/stunnel-5.35-x86_64-1.txz: Upgraded.
+ Fixes security issues:
+ Fixed malfunctioning "verify = 4".
+ Fixed incorrectly enforced client certificate requests.
+ (* Security fix *)
++--------------------------+
+Thu Jul 28 19:44:25 UTC 2016
+a/kernel-generic-4.4.16-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.4.16-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.4.16-x86_64-1.txz: Upgraded.
+d/kernel-headers-4.4.16-x86-1.txz: Upgraded.
+k/kernel-source-4.4.16-noarch-1.txz: Upgraded.
+l/libidn-1.33-x86_64-1.txz: Upgraded.
+ Fixed out-of-bounds read bugs. Fixed crashes on invalid UTF-8.
+ Thanks to Hanno Böck.
+ For more information, see:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8948
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6261
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6262
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6263
+ (* Security fix *)
+l/libtasn1-4.9-x86_64-1.txz: Upgraded.
+n/bluez-5.41-x86_64-1.txz: Upgraded.
+extra/tigervnc/tigervnc-1.6.0-x86_64-4.txz: Rebuilt.
+ Recompiled for xorg-server-1.18.4.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Tue Apr 29 23:35:59 UTC 2014
-ap/screen-4.2.1-x86_64-1.txz: Upgraded.
-l/qt-4.8.6-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-29.0-x86_64-1.txz: Upgraded.
- This release contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
- (* Security fix *)
-xap/mozilla-thunderbird-24.5.0-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
- (* Security fix *)
-+--------------------------+
-Tue Apr 22 17:31:48 UTC 2014
-a/bash-4.3.011-x86_64-1.txz: Upgraded.
-a/gawk-4.1.1-x86_64-1.txz: Upgraded.
-a/grep-2.18-x86_64-1.txz: Upgraded.
-ap/vim-7.4.258-x86_64-1.txz: Upgraded.
-n/openssh-6.6p1-x86_64-2.txz: Rebuilt.
- Fixed a bug with curve25519-sha256 that caused a key exchange failure in
- about 1 in 512 connection attempts.
-xap/vim-gvim-7.4.258-x86_64-1.txz: Upgraded.
-+--------------------------+
-Mon Apr 21 20:09:48 UTC 2014
-l/libyaml-0.1.6-x86_64-1.txz: Upgraded.
- This update fixes a heap overflow in URI escape parsing of YAML in Ruby,
- where a specially crafted string could cause a heap overflow leading to
- arbitrary code execution.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2525
- https://www.ruby-lang.org/en/news/2014/03/29/heap-overflow-in-yaml-uri-escape-parsing-cve-2014-2525/
- (* Security fix *)
-n/php-5.4.27-x86_64-1.txz: Upgraded.
- This update fixes a security issue in the in the awk script detector
- which allows context-dependent attackers to cause a denial of service
- (CPU consumption) via a crafted ASCII file that triggers a large amount
- of backtracking.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345
- (* Security fix *)
-+--------------------------+
-Tue Apr 8 14:19:51 UTC 2014
-a/openssl-solibs-1.0.1g-x86_64-1.txz: Upgraded.
-n/openssl-1.0.1g-x86_64-1.txz: Upgraded.
- This update fixes two security issues:
- A missing bounds check in the handling of the TLS heartbeat extension
- can be used to reveal up to 64k of memory to a connected client or server.
- Thanks for Neel Mehta of Google Security for discovering this bug and to
- Adam Langley <agl@chromium.org> and Bodo Moeller <bmoeller@acm.org> for
- preparing the fix.
- Fix for the attack described in the paper "Recovering OpenSSL
- ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
- by Yuval Yarom and Naomi Benger. Details can be obtained from:
- http://eprint.iacr.org/2014/140
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076
- (* Security fix *)
-+--------------------------+
-Mon Mar 31 20:30:28 UTC 2014
-l/apr-1.5.0-x86_64-1.txz: Upgraded.
-l/apr-util-1.5.3-x86_64-1.txz: Upgraded.
-n/httpd-2.4.9-x86_64-2.txz: Rebuilt.
- Recompiled against new apr/apr-util to restore missing mod_mpm_event.so.
-+--------------------------+
-Fri Mar 28 03:43:11 UTC 2014
-l/mozilla-nss-3.16-x86_64-1.txz: Upgraded.
- This update fixes a security issue:
- The cert_TestHostName function in lib/certdb/certdb.c in the
- certificate-checking implementation in Mozilla Network Security Services
- (NSS) before 3.16 accepts a wildcard character that is embedded in an
- internationalized domain name's U-label, which might allow man-in-the-middle
- attackers to spoof SSL servers via a crafted certificate.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1492
- (* Security fix *)
-l/seamonkey-solibs-2.25-x86_64-1.txz: Upgraded.
-n/curl-7.36.0-x86_64-1.txz: Upgraded.
- This update fixes four security issues.
- For more information, see:
- http://curl.haxx.se/docs/adv_20140326A.html
- http://curl.haxx.se/docs/adv_20140326B.html
- http://curl.haxx.se/docs/adv_20140326C.html
- http://curl.haxx.se/docs/adv_20140326D.html
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1263
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2522
- (* Security fix *)
-n/httpd-2.4.9-x86_64-1.txz: Upgraded.
- This update addresses two security issues.
- Segfaults with truncated cookie logging. mod_log_config: Prevent segfaults
- when logging truncated cookies. Clean up the cookie logging parser to
- recognize only the cookie=value pairs, not valueless cookies.
- mod_dav: Keep track of length of cdata properly when removing leading
- spaces. Eliminates a potential denial of service from specifically crafted
- DAV WRITE requests.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438
- (* Security fix *)
-n/openssh-6.6p1-x86_64-1.txz: Upgraded.
- This update fixes a security issue when using environment passing with
- a sshd_config(5) AcceptEnv pattern with a wildcard. OpenSSH could be
- tricked into accepting any environment variable that contains the
- characters before the wildcard character.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532
- (* Security fix *)
-n/tin-2.2.0-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-28.0-x86_64-1.txz: Upgraded.
- This release contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
- (* Security fix *)
-xap/mozilla-thunderbird-24.4.0-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
- (* Security fix *)
-xap/seamonkey-2.25-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
- (* Security fix *)
-+--------------------------+
-Sun Mar 16 02:52:28 UTC 2014
-n/php-5.4.26-x86_64-1.txz: Upgraded.
- This update fixes a flaw where a specially crafted data file may cause a
- segfault or 100% CPU consumption when a web page uses fileinfo() on it.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943
- (* Security fix *)
-+--------------------------+
-Fri Mar 14 00:44:48 UTC 2014
-n/samba-4.1.6-x86_64-1.txz: Upgraded.
- This update fixes two security issues:
- CVE-2013-4496:
- Samba versions 3.4.0 and above allow the administrator to implement
- locking out Samba accounts after a number of bad password attempts.
- However, all released versions of Samba did not implement this check for
- password changes, such as are available over multiple SAMR and RAP
- interfaces, allowing password guessing attacks.
- CVE-2013-6442:
- Samba versions 4.0.0 and above have a flaw in the smbcacls command. If
- smbcacls is used with the "-C|--chown name" or "-G|--chgrp name"
- command options it will remove the existing ACL on the object being
- modified, leaving the file or directory unprotected.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4496
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6442
- (* Security fix *)
-+--------------------------+
-Thu Mar 13 03:32:38 UTC 2014
-n/mutt-1.5.23-x86_64-1.txz: Upgraded.
- This update fixes a buffer overflow where malformed RFC2047 header
- lines could result in denial of service or potentially the execution
- of arbitrary code as the user running mutt.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467
- (* Security fix *)
-+--------------------------+
-Tue Mar 11 07:06:18 UTC 2014
-a/udisks-1.0.5-x86_64-1.txz: Upgraded.
- This update fixes a stack-based buffer overflow when handling long path
- names. A malicious, local user could use this flaw to create a
- specially-crafted directory structure that could lead to arbitrary code
- execution with the privileges of the udisks daemon (root).
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0004
- (* Security fix *)
-a/udisks2-2.1.3-x86_64-1.txz: Upgraded.
- This update fixes a stack-based buffer overflow when handling long path
- names. A malicious, local user could use this flaw to create a
- specially-crafted directory structure that could lead to arbitrary code
- execution with the privileges of the udisks daemon (root).
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0004
- (* Security fix *)
-+--------------------------+
-Thu Mar 6 04:14:23 UTC 2014
-ap/sudo-1.8.9p5-x86_64-1.txz: Upgraded.
-+--------------------------+
-Mon Mar 3 23:32:18 UTC 2014
-n/gnutls-3.1.22-x86_64-1.txz: Upgraded.
- Fixed a security issue where a specially crafted certificate could
- bypass certificate validation checks.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0092
- (* Security fix *)
-+--------------------------+
-Thu Feb 27 20:43:28 UTC 2014
-d/subversion-1.7.16-x86_64-1.txz: Upgraded.
- Fix denial of service bugs.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4505
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4558
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0032
- (* Security fix *)
-+--------------------------+
-Thu Feb 20 00:30:49 UTC 2014
-a/kernel-firmware-20140215git-noarch-1.txz: Upgraded.
-a/kernel-generic-3.10.30-x86_64-1.txz: Upgraded.
- These are new kernels that fix CVE-2014-0038, a bug that can allow local
- users to gain a root shell.
- Be sure to reinstall LILO (run "lilo" as root) after upgrading the kernel
- packages, or on UEFI systems, copy the appropriate kernel to
- /boot/efi/EFI/Slackware/vmlinuz).
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0038
- (* Security fix *)
-a/kernel-huge-3.10.30-x86_64-1.txz: Upgraded.
- These are new kernels that fix CVE-2014-0038, a bug that can allow local
- users to gain a root shell.
- Be sure to reinstall LILO (run "lilo" as root) after upgrading the kernel
- packages, or on UEFI systems, copy the appropriate kernel to
- /boot/efi/EFI/Slackware/vmlinuz).
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0038
- (* Security fix *)
-a/kernel-modules-3.10.30-x86_64-1.txz: Upgraded.
-a/shadow-4.1.5.1-x86_64-3.txz: Rebuilt.
- Shadow 4.1.5 addressed a tty-hijacking vulnerability in "su -c"
- (CVE-2005-4890) by detaching the controlling terminal in the non-PAM
- case via a TIOCNOTTY request. Bi-directional protection is excessive
- and breaks a commonly-used methods for privilege escalation on non-PAM
- systems (e.g. xterm -e /bin/su -s /bin/bash -c /bin/bash myscript).
- This update relaxes the restriction and only detaches the controlling
- tty when the callee is not root (which is, after all, the threat vector).
- Thanks to mancha for the patch (and the above information).
-ap/mariadb-5.5.35-x86_64-1.txz: Upgraded.
- This update fixes a buffer overflow in the mysql command line client which
- may allow malicious or compromised database servers to cause a denial of
- service (crash) and possibly execute arbitrary code via a long server
- version string.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001
- (* Security fix *)
-d/kernel-headers-3.10.30-x86-1.txz: Upgraded.
-k/kernel-source-3.10.30-noarch-1.txz: Upgraded.
- These are new kernels that fix CVE-2014-0038, a bug that can allow local
- users to gain a root shell.
- Be sure to reinstall LILO (run "lilo" as root) after upgrading the kernel
- packages, or on UEFI systems, copy the appropriate kernel to
- /boot/efi/EFI/Slackware/vmlinuz).
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0038
- (* Security fix *)
-n/gnutls-3.1.21-x86_64-1.txz: Upgraded.
- This update fixes a flaw where a version 1 intermediate certificate would be
- considered as a CA certificate by GnuTLS by default.
+Mon Jul 25 19:59:06 UTC 2016
+a/pkgtools-14.2-noarch-11.txz: Rebuilt.
+ Changes to pkgtool:
+ Remove option to install from floppy disks.
+ Don't use the --file option, which appears to be broken in the latest version
+ of dialog. The only reason --file was ever used in the first place was to
+ work around the Linux ARG_MAX limit of 131072 bytes, and since Linux 2.6.23 a
+ much larger limit is in place making it unlikely to become an issue again.
+ So we'll go back to passing the package list on the command line.
+ Thanks to David Miller for the bug report.
++--------------------------+
+Fri Jul 22 20:51:23 UTC 2016
+a/dialog-1.3_20160424-x86_64-1.txz: Upgraded.
+a/kmod-23-x86_64-1.txz: Upgraded.
+a/lvm2-2.02.161-x86_64-1.txz: Upgraded.
+d/git-2.9.2-x86_64-1.txz: Upgraded.
+l/desktop-file-utils-0.23-x86_64-1.txz: Upgraded.
+l/freetype-2.6.5-x86_64-1.txz: Upgraded.
+l/harfbuzz-1.3.0-x86_64-1.txz: Upgraded.
+n/bind-9.10.4_P2-x86_64-1.txz: Upgraded.
+ Fixed a security issue:
+ getrrsetbyname with a non absolute name could trigger an infinite
+ recursion bug in lwresd and named with lwres configured if when
+ combined with a search list entry the resulting name is too long.
+ (CVE-2016-2775) [RT #42694]
+ For more information, see:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2775
+ (* Security fix *)
+n/httpd-2.4.23-x86_64-1.txz: Upgraded.
+n/lftp-4.7.3-x86_64-1.txz: Upgraded.
+n/links-2.13-x86_64-1.txz: Upgraded.
+x/xf86-video-openchrome-0.5.0-x86_64-1.txz: Upgraded.
+x/xkeyboard-config-2.18-noarch-1.txz: Upgraded.
+x/xorg-server-1.18.4-x86_64-1.txz: Upgraded.
+x/xorg-server-xephyr-1.18.4-x86_64-1.txz: Upgraded.
+x/xorg-server-xnest-1.18.4-x86_64-1.txz: Upgraded.
+x/xorg-server-xvfb-1.18.4-x86_64-1.txz: Upgraded.
++--------------------------+
+Thu Jul 21 23:25:54 UTC 2016
+ap/tmux-2.2-x86_64-2.txz: Upgraded.
+ Moved from /testing.
+d/guile-2.0.12-x86_64-1.txz: Upgraded.
+l/freetype-2.6.4-x86_64-1.txz: Upgraded.
+n/libgcrypt-1.7.2-x86_64-1.txz: Upgraded.
+n/network-scripts-14.2-noarch-2.txz: Rebuilt.
+ In rc.inet1.new, use -L option to dhcpcd to disable Zeroconf. This is
+ (almost) never going to be wanted, and ends up used accidentally on slower
+ systems (such as some ARM platforms), preventing a proper DHCP lease.
+ Thanks to Stuart Winter.
+n/php-5.6.24-x86_64-1.txz: Upgraded.
+ This release fixes bugs and security issues.
For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1959
- (* Security fix *)
-xap/mozilla-firefox-27.0.1-x86_64-1.txz: Upgraded.
+ http://php.net/ChangeLog-5.php#5.6.24
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5385
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6207
+ (* Security fix *)
+xap/gimp-2.8.18-x86_64-1.txz: Upgraded.
+ This release fixes a security issue:
+ Use-after-free vulnerability in the xcf_load_image function in
+ app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of
+ service (program crash) or possibly execute arbitrary code via a crafted
+ XCF file.
+ For more information, see:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4994
+ (* Security fix *)
++--------------------------+
+Tue Jul 12 03:48:34 UTC 2016
+a/etc-14.2-x86_64-8.txz: Rebuilt.
+ In /etc/profile.d/lang.{csh,sh}.new, make en_US.UTF-8 the default locale.
+a/kernel-generic-4.4.15-x86_64-1.txz: Upgraded.
+a/kernel-huge-4.4.15-x86_64-1.txz: Upgraded.
+a/kernel-modules-4.4.15-x86_64-1.txz: Upgraded.
+a/lilo-24.2-x86_64-3.txz: Rebuilt.
+ In liloconfig: Skip the menu asking if the user wants a UTF-8 virtual
+ console, and use the kernel default (currently this is UTF-8 active).
+d/kernel-headers-4.4.15-x86-1.txz: Upgraded.
+k/kernel-source-4.4.15-noarch-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
-Thu Feb 13 23:45:53 UTC 2014
-n/curl-7.35.0-x86_64-1.txz: Upgraded.
- This update fixes a flaw where libcurl could, in some circumstances, reuse
- the wrong connection when asked to do an NTLM-authenticated HTTP or HTTPS
- request.
- For more information, see:
- http://curl.haxx.se/docs/adv_20140129.html
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015
- (* Security fix *)
-n/ntp-4.2.6p5-x86_64-5.txz: Rebuilt.
- All stable versions of NTP remain vulnerable to a remote attack where the
- "ntpdc -c monlist" command can be used to amplify network traffic as part
- of a denial of service attack. By default, Slackware is not vulnerable
- since it includes "noquery" as a default restriction. However, it is
- vulnerable if this restriction is removed. To help mitigate this flaw,
- "disable monitor" has been added to the default ntp.conf (which will disable
- the monlist command even if other queries are allowed), and the default
- restrictions have been extended to IPv6 as well.
- All users of the NTP daemon should make sure that their ntp.conf contains
- "disable monitor" to prevent misuse of the NTP service. The new ntp.conf
- file will be installed as /etc/ntp.conf.new with a package upgrade, but the
- changes will need to be merged into any existing ntp.conf file by the admin.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5211
- http://www.kb.cert.org/vuls/id/348126
- (* Security fix *)
-+--------------------------+
-Sat Feb 8 18:41:15 UTC 2014
-l/seamonkey-solibs-2.24-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-27.0-x86_64-1.txz: Upgraded.
- This release contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
- (* Security fix *)
-xap/mozilla-thunderbird-24.3.0-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
- (* Security fix *)
-xap/seamonkey-2.24-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
- (* Security fix *)
+Sat Jul 9 18:35:56 UTC 2016
+x/mesa-12.0.1-x86_64-1.txz: Upgraded.
+--------------------------+
-Mon Feb 3 20:58:32 UTC 2014
-xap/pidgin-2.10.9-x86_64-1.txz: Upgraded.
- This update fixes various security issues and other bugs.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6152
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6477
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6478
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6479
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6481
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6482
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6483
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6484
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6485
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6486
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6487
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6489
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6490
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0020
- (* Security fix *)
-+--------------------------+
-Thu Jan 30 21:30:11 UTC 2014
-n/openssh-6.5p1-x86_64-1.txz: Upgraded.
+Fri Jul 8 23:17:22 UTC 2016
+x/mesa-12.0.0-x86_64-1.txz: Upgraded.
+--------------------------+
-Tue Jan 28 21:07:13 UTC 2014
-l/mozilla-nss-3.15.4-x86_64-1.txz: Upgraded.
- Upgraded to nss-3.15.4 and nspr-4.10.3.
- Fixes a possible man-in-the-middle issue.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1740
- (* Security fix *)
-n/bind-9.9.4_P2-x86_64-1.txz: Upgraded.
- This update fixes a defect in the handling of NSEC3-signed zones that can
- cause BIND to be crashed by a specific set of queries.
- NOTE: According to the second link below, Slackware is probably not
- vulnerable since we aren't using glibc-2.18 yet. Might as well fix it
- anyway, though.
+Thu Jul 7 19:52:36 UTC 2016
+n/samba-4.4.5-x86_64-1.txz: Upgraded.
+ This release fixes a security issue:
+ Client side SMB2/3 required signing can be downgraded.
+ It's possible for an attacker to downgrade the required signing for an
+ SMB2/3 client connection, by injecting the SMB2_SESSION_FLAG_IS_GUEST or
+ SMB2_SESSION_FLAG_IS_NULL flags. This means that the attacker can
+ impersonate a server being connected to by Samba, and return malicious
+ results.
For more information, see:
- https://kb.isc.org/article/AA-01078
- https://kb.isc.org/article/AA-01085
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119
(* Security fix *)
+--------------------------+
-Tue Jan 14 03:54:48 UTC 2014
-a/openssl-solibs-1.0.1f-x86_64-1.txz: Upgraded.
-d/llvm-3.4-x86_64-1.txz: Upgraded.
-n/openssl-1.0.1f-x86_64-1.txz: Upgraded.
- This update fixes the following security issues:
- Fix for TLS record tampering bug CVE-2013-4353
- Fix for TLS version checking bug CVE-2013-6449
- Fix for DTLS retransmission bug CVE-2013-6450
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4353
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6449
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450
- (* Security fix *)
-n/php-5.4.24-x86_64-1.txz: Upgraded.
- The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before
- 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly
- parse (1) notBefore and (2) notAfter timestamps in X.509 certificates,
- which allows remote attackers to execute arbitrary code or cause a denial
- of service (memory corruption) via a crafted certificate that is not
- properly handled by the openssl_x509_parse function.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420
- (* Security fix *)
-n/samba-4.1.4-x86_64-1.txz: Upgraded.
- This update fixes a heap-based buffer overflow that may allow AD domain
- controllers to execute arbitrary code via an invalid fragment length in
- a DCE-RPC packet.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408
- (* Security fix *)
-x/libXfont-1.4.7-x86_64-1.txz: Upgraded.
- This update fixes a stack overflow when reading a BDF font file containing
- a longer than expected string, which could lead to crashes or privilege
- escalation.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6462
- (* Security fix *)
-+--------------------------+
-Fri Dec 20 22:46:09 UTC 2013
-n/gnupg-1.4.16-x86_64-1.txz: Upgraded.
- Fixed the RSA Key Extraction via Low-Bandwidth Acoustic
- Cryptanalysis attack as described by Genkin, Shamir, and Tromer.
- For more information, see:
- http://www.cs.tau.ac.il/~tromer/acoustic/
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4576
- (* Security fix *)
-+--------------------------+
-Mon Dec 16 20:51:01 UTC 2013
-d/llvm-3.3-x86_64-3.txz: Rebuilt.
- The LLVM package included binaries with an rpath pointing to the build
- location in /tmp. This allows an attacker with write access to /tmp to
- add modified libraries (and execute arbitrary code) as any user running
- the LLVM binaries. This updated package rebuilds LLVM to exclude the
- build directories from the rpath information.
- Thanks to Christopher Oliver for the bug report.
- (* Security fix *)
-d/ruby-1.9.3_p484-x86_64-1.txz: Upgraded.
- This update fixes a heap overflow in floating point parsing. A specially
- crafted string could cause a heap overflow leading to a denial of service
- attack via segmentation faults and possibly arbitrary code execution.
- For more information, see:
- https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164/
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4164
- (* Security fix *)
-l/cairo-1.12.16-x86_64-1.txz: Upgraded.
- Removed --enable-xcb-shm (may cause instability with GTK+3).
- Removed --enable-xlib-xcb (causes GIMP slowdown).
- Added --enable-ft and --enable-gl.
- If there are no problems reported with this update, perhaps it should be
- issued as a 14.1 bugfix?
-l/libiodbc-3.52.8-x86_64-1.txz: Upgraded.
- This update fixes an rpath pointing to a location in /tmp that was found in
- two test programs (iodbctest and iodbctestw). This could have allowed a
- local attacker with write access to /tmp to add modified libraries (and
- execute arbitrary code) as any user running the test programs.
- Thanks to Christopher Oliver for the bug report.
- (* Security fix *)
-l/libjpeg-v8a-x86_64-2.txz: Rebuilt.
- Fix use of uninitialized memory when decoding images with missing SOS data
- for the luminance component (Y) in presence of valid chroma data (Cr, Cb).
- This could allow remote attackers to obtain sensitive information from
- uninitialized memory locations via a crafted JPEG image.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629
- (* Security fix *)
-l/seamonkey-solibs-2.23-x86_64-1.txz: Upgraded.
-xap/mozilla-firefox-26.0-x86_64-1.txz: Upgraded.
+Tue Jul 5 04:52:45 UTC 2016
+xap/mozilla-thunderbird-45.2.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
- (* Security fix *)
-xap/mozilla-thunderbird-24.2.0-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
- (* Security fix *)
-xap/seamonkey-2.23-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
- (* Security fix *)
-+--------------------------+
-Thu Dec 5 22:20:36 UTC 2013
-kde/calligra-2.7.5-x86_64-1.txz: Upgraded.
-kdei/calligra-l10n-bs-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ca-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ca\@valencia-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-cs-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-da-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-de-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-el-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-es-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-et-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-fi-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-fr-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-gl-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-hu-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ia-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-it-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-kk-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-nb-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-nds-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-nl-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pl-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pt-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-pt_BR-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-ru-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-sk-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-sl-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-sv-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-tr-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-uk-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-zh_CN-2.7.5-noarch-1.txz: Upgraded.
-kdei/calligra-l10n-zh_TW-2.7.5-noarch-1.txz: Upgraded.
-l/mozilla-nss-3.15.3-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/announce/2013/mfsa2013-103.html
- (* Security fix *)
-l/seamonkey-solibs-2.22.1-x86_64-1.txz: Upgraded.
-xap/gimp-2.8.10-x86_64-1.txz: Upgraded.
-xap/mozilla-thunderbird-24.1.1-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
-xap/seamonkey-2.22.1-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
- (* Security fix *)
+--------------------------+
-Mon Nov 18 20:52:16 UTC 2013
-l/seamonkey-solibs-2.22-x86_64-1.txz: Upgraded.
-n/openssh-6.4p1-x86_64-1.txz: Upgraded.
- sshd(8): fix a memory corruption problem triggered during rekeying
- when an AES-GCM cipher is selected.
- For more information, see:
- http://www.openssh.com/txt/gcmrekey.adv
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4548
- (* Security fix *)
-n/php-5.4.22-x86_64-1.txz: Upgraded.
- This is a bugfix release.
-n/samba-4.1.1-x86_64-1.txz: Upgraded.
- This update fixes two security issues:
- * Samba versions 3.2.0 and above do not check the underlying file or
- directory ACL when opening an alternate data stream.
- * In setups which provide ldap(s) and/or https services, the private key
- for SSL/TLS encryption might be world readable. This typically happens
- in active directory domain controller setups.
- For more information, see:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4476
- (* Security fix *)
- Added tdb.h, tdb.pc, and a libtdb.so symlink. Thanks to Matteo Bernardini.
-xap/mozilla-firefox-25.0.1-x86_64-1.txz: Upgraded.
- This release contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/firefox.html
- (* Security fix *)
-xap/seamonkey-2.22-x86_64-1.txz: Upgraded.
- This update contains security fixes and improvements.
- For more information, see:
- http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
- (* Security fix *)
+Sun Jul 3 19:29:33 UTC 2016
+a/file-5.28-x86_64-1.txz: Upgraded.
+a/util-linux-2.28-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-47.0.1-x86_64-1.txz: Upgraded.
+--------------------------+
-Mon Nov 4 17:08:47 UTC 2013
-Slackware 14.1 x86_64 stable is released!
+Thu Jun 30 20:26:57 UTC 2016
+Slackware 14.2 x86_64 stable is released!
-It's been another interesting release cycle here at Slackware bringing
-new features like support for UEFI machines, updated compilers and
-development tools, the switch from MySQL to MariaDB, and many more
-improvements throughout the system. Thanks to the team, the upstream
-developers, the dedicated Slackware community, and everyone else who
-pitched in to help make this release a reality.
+The long development cycle (the Linux community has lately been living in
+"interesting times", as they say) is finally behind us, and we're proud to
+announce the release of Slackware 14.2. The new release brings many updates
+and modern tools, has switched from udev to eudev (no systemd), and adds
+well over a hundred new packages to the system. Thanks to the team, the
+upstream developers, the dedicated Slackware community, and everyone else
+who pitched in to help make this release a reality.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware