| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/pam-1.4.0-x86_64-1.txz: Upgraded.
IMPORTANT NOTE: This update removes the pam_cracklib and pam_tally2 modules.
None of our current configuration files in /etc/pam.d/ use either of those,
but if the configuration files on your machine do you'll need to comment out
or remove those lines, otherwise you may experience login failures.
a/shadow-4.8.1-x86_64-9.txz: Rebuilt.
/etc/pam.d/system-auth: prefix lines that call pam_gnome_keyring.so with '-'
to avoid spamming the logs about failures.
a/sysvinit-scripts-2.1-noarch-32.txz: Rebuilt.
rc.S: create /var/run/faillock directory for pam_faillock(8).
a/util-linux-2.35.2-x86_64-2.txz: Rebuilt.
/etc/pam.d/login: change the example for locking an account for too many
failed login attempts to use pam_faillock instead of pam_tally2.
l/imagemagick-7.0.10_19-x86_64-1.txz: Upgraded.
l/libzip-1.7.1-x86_64-1.txz: Upgraded.
n/openssh-8.3p1-x86_64-2.txz: Rebuilt.
/etc/pam.d/sshd: change the example for locking an account for too many
failed login attempts to use pam_faillock instead of pam_tally2.
|
| |
|
|
|
|
|
|
|
| |
ap/cups-filters-1.27.5-x86_64-1.txz: Upgraded.
ap/dash-0.5.11-x86_64-1.txz: Upgraded.
d/rust-1.44.0-x86_64-1.txz: Upgraded.
l/librsvg-2.48.7-x86_64-1.txz: Upgraded.
n/ethtool-5.7-x86_64-1.txz: Upgraded.
x/xkeyboard-config-2.30-noarch-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/pciutils-3.7.0-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.10_16-x86_64-1.txz: Upgraded.
l/lcms2-2.10-x86_64-1.txz: Upgraded.
l/netpbm-10.90.03-x86_64-1.txz: Upgraded.
l/qt5-5.15.0-x86_64-1.txz: Upgraded.
n/iptraf-ng-1.2.0-x86_64-1.txz: Upgraded.
xap/gnuchess-6.2.7-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.9.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.9.0/releasenotes/
(* Security fix *)
extra/pure-alsa-system/qt5-5.15.0-x86_64-1_alsa.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
ap/mpg123-1.26.1-x86_64-1.txz: Upgraded.
d/gyp-20200512_caa60026-x86_64-1.txz: Added.
l/Mako-1.1.3-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.10_15-x86_64-1.txz: Upgraded.
l/librsvg-2.48.5-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.53-x86_64-1.txz: Upgraded.
l/vte-0.60.3-x86_64-1.txz: Upgraded.
n/libgpg-error-1.38-x86_64-1.txz: Upgraded.
n/libqmi-1.24.14-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/mpg123-1.26.1-x86_64-1_alsa.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/cryptsetup-2.3.3-x86_64-1.txz: Upgraded.
a/kernel-generic-5.4.43-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.43-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.43-x86_64-1.txz: Upgraded.
d/cmake-3.17.3-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.43-x86-1.txz: Upgraded.
d/python-setuptools-47.1.0-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.43-noarch-1.txz: Upgraded.
l/babl-0.1.76-x86_64-1.txz: Upgraded.
n/openssh-8.3p1-x86_64-1.txz: Upgraded.
n/rp-pppoe-3.14-x86_64-1.txz: Upgraded.
x/libdrm-2.4.102-x86_64-1.txz: Upgraded.
x/mesa-20.1.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
| |
l/libarchive-3.4.3-x86_64-1.txz: Upgraded.
l/python-six-1.15.0-x86_64-1.txz: Upgraded.
l/zstd-1.4.5-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-68.8.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.8.1/releasenotes/
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/shadow-4.8.1-x86_64-8.txz: Rebuilt.
It seems that /etc/suauth is not supported when PAM is in use, even if
configure.ac is hacked to enable it. I've removed the man pages for it,
and would suggest using sudo as a replacement.
l/libexif-0.6.22-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
CVE-2018-20030: Fix for recursion DoS
CVE-2020-13114: Time consumption DoS when parsing canon array markers
CVE-2020-13113: Potential use of uninitialized memory
CVE-2020-13112: Various buffer overread fixes due to integer overflows
in maker notes
CVE-2020-0093: read overflow
CVE-2019-9278: replaced integer overflow checks the compiler could
optimize away by safer constructs
CVE-2020-12767: fixed division by zero
CVE-2016-6328: fixed integer overflow when parsing maker notes
CVE-2017-7544: fixed buffer overread
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20030
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13114
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13113
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13112
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9278
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12767
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6328
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7544
(* Security fix *)
l/oniguruma-6.9.5_rev1-x86_64-2.txz: Rebuilt.
Rebuilt with --enable-posix-api. Thanks to MisterL.
l/python-packaging-20.4-x86_64-1.txz: Upgraded.
n/bind-9.16.3-x86_64-1.txz: Upgraded.
This update fixes a security issue:
A malicious actor who intentionally exploits the lack of effective
limitation on the number of fetches performed when processing referrals
can, through the use of specially crafted referrals, cause a recursing
server to issue a very large number of fetches in an attempt to process
the referral. This has at least two potential effects: The performance of
the recursing server can potentially be degraded by the additional work
required to perform these fetches, and the attacker can exploit this
behavior to use the recursing server as a reflector in a reflection attack
with a high amplification factor.
For more information, see:
https://kb.isc.org/docs/cve-2020-8616
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616
(* Security fix *)
x/fontconfig-2.13.92-x86_64-1.txz: Upgraded.
x/xf86-input-libinput-0.30.0-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Greetings! After three months in /testing, the PAM merge into the main tree
is now complete. When updating, be sure to install the new pam, cracklib, and
libpwquality packages or you may find yourself locked out of your machine.
Otherwise, these changes should be completely transparent and you shouldn't
notice any obvious operational differences. Be careful if you make any changes
in /etc/pam.d/ - leaving an extra console logged in while testing PAM config
changes is a recommended standard procedure. Thanks again to Robby Workman,
Vincent Batts, Phantom X, and ivandi for help implementing this. It's not
done yet and there will be more fine-tuning of the config files, but now we
can move on to build some other updates. Enjoy!
a/cracklib-2.9.7-x86_64-1.txz: Added.
a/kernel-firmware-20200517_f8d32e4-noarch-1.txz: Upgraded.
a/libcgroup-0.41-x86_64-7.txz: Rebuilt.
Rebuilt to add PAM support.
a/libpwquality-1.4.2-x86_64-1.txz: Added.
a/lilo-24.2-x86_64-9.txz: Rebuilt.
Enable the "compact" option by default.
liloconfig: correctly set the root partition.
a/pam-1.3.1-x86_64-1.txz: Added.
a/shadow-4.8.1-x86_64-7.txz: Rebuilt.
Rebuilt to add PAM support.
a/utempter-1.2.0-x86_64-1.txz: Upgraded.
a/util-linux-2.35.1-x86_64-6.txz: Rebuilt.
Rebuilt to add PAM support.
a/xfsprogs-5.6.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
ap/at-3.2.1-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
ap/cups-2.3.3-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
ap/hplip-3.20.5-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
ap/mariadb-10.4.13-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
ap/screen-4.8.0-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
ap/soma-3.3.0-noarch-1.txz: Upgraded.
Thanks to David Woodfall.
ap/sqlite-3.31.1-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
ap/sudo-1.9.0-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
ap/vim-8.2.0788-x86_64-1.txz: Upgraded.
d/bison-3.6.2-x86_64-1.txz: Upgraded.
d/meson-0.54.2-x86_64-1.txz: Upgraded.
d/python-setuptools-46.4.0-x86_64-1.txz: Upgraded.
d/vala-0.48.6-x86_64-1.txz: Upgraded.
kde/calligra-2.9.11-x86_64-36.txz: Rebuilt.
Recompiled against icu4c-67.1.
kde/kde-workspace-4.11.22-x86_64-7.txz: Rebuilt.
Rebuilt to add PAM support.
l/ConsoleKit2-1.2.1-x86_64-4.txz: Rebuilt.
Rebuilt to add PAM support.
l/boost-1.73.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/gnome-keyring-3.36.0-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
l/harfbuzz-2.6.6-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/icu4c-67.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/imagemagick-7.0.10_13-x86_64-1.txz: Upgraded.
l/libcap-2.34-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
l/libical-3.0.8-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/libuv-1.38.0-x86_64-1.txz: Upgraded.
l/libvisio-0.1.7-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/polkit-0.116-x86_64-3.txz: Rebuilt.
Rebuilt to add PAM support.
l/qt-4.8.7-x86_64-16.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/qt5-5.13.2-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/qt5-webkit-5.212.0_alpha4-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/raptor2-2.0.15-x86_64-9.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/system-config-printer-1.5.12-x86_64-4.txz: Rebuilt.
Rebuilt to add PAM support.
l/vte-0.60.2-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
n/cifs-utils-6.10-x86_64-4.txz: Rebuilt.
Rebuilt to add PAM support.
n/cyrus-sasl-2.1.27-x86_64-4.txz: Rebuilt.
Rebuilt to add PAM support.
n/dovecot-2.3.10.1-x86_64-1.txz: Upgraded.
Rebuilt to add PAM support.
Compiled against icu4c-67.1.
This update fixes several denial-of-service vulnerabilities.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10957
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10958
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10967
(* Security fix *)
n/mutt-1.14.1-x86_64-1.txz: Upgraded.
n/netatalk-3.1.12-x86_64-3.txz: Rebuilt.
Rebuilt to add PAM support.
n/netkit-rsh-0.17-x86_64-3.txz: Rebuilt.
Rebuilt to add PAM support.
n/nss-pam-ldapd-0.9.11-x86_64-1.txz: Added.
n/openssh-8.2p1-x86_64-3.txz: Rebuilt.
Rebuilt to add PAM support.
n/openvpn-2.4.9-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
n/pam-krb5-4.9-x86_64-1.txz: Added.
n/php-7.4.6-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
n/popa3d-1.0.3-x86_64-4.txz: Rebuilt.
Rebuilt to add PAM support.
n/postfix-3.5.2-x86_64-1.txz: Upgraded.
Compiled against icu4c-67.1.
n/ppp-2.4.8-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
n/proftpd-1.3.6c-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
n/samba-4.12.2-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
Recompiled against icu4c-67.1.
n/tin-2.4.4-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
n/vsftpd-3.0.3-x86_64-6.txz: Rebuilt.
Rebuilt to add PAM support.
t/texlive-2019.190626-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-67.1.
x/vulkan-sdk-1.2.135.0-x86_64-1.txz: Upgraded.
x/xdm-1.1.11-x86_64-10.txz: Rebuilt.
Rebuilt to add PAM support.
x/xisxwayland-1-x86_64-1.txz: Added.
xap/sane-1.0.30-x86_64-1.txz: Upgraded.
This update fixes several security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12867
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12862
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12863
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12865
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12866
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12861
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12864
(* Security fix *)
xap/vim-gvim-8.2.0788-x86_64-1.txz: Upgraded.
xap/xlockmore-5.63-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
xap/xscreensaver-5.44-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
extra/brltty/brltty-6.1-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
extra/pure-alsa-system/qt5-5.13.2-x86_64-4_alsa.txz: Rebuilt.
Recompiled against icu4c-67.1.
isolinux/initrd.img: Rebuilt.
Added PAM libraries, security modules, and config files.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Added PAM libraries, security modules, and config files.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Hey folks, just a heads-up that PAM is about to be merged into the main tree.
We can't have it blocking other upgrades any longer. The config files could be
improved (adding support for pam_krb5 and pam_ldap, for example), but they'll
do for now. Have a good weekend, and enjoy these updates! :-)
a/aaa_elflibs-15.0-x86_64-23.txz: Rebuilt.
Upgraded: libcap.so.2.34, libelf-0.179.so, liblzma.so.5.2.5,
libglib-2.0.so.0.6400.2, libgmodule-2.0.so.0.6400.2,
libgobject-2.0.so.0.6400.2, libgthread-2.0.so.0.6400.2,
liblber-2.4.so.2.10.13, libldap-2.4.so.2.10.13, libpcre2-8.so.0.10.0.
Added temporarily in preparation for upgrading icu4c: libicudata.so.65.1,
libicui18n.so.65.1, libicuio.so.65.1, libicutest.so.65.1, libicutu.so.65.1,
libicuuc.so.65.1.
a/etc-15.0-x86_64-11.txz: Rebuilt.
/etc/passwd: Added ldap (UID 330).
/etc/group: Added ldap (GID 330).
a/kernel-generic-5.4.41-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.41-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.41-x86_64-1.txz: Upgraded.
a/pkgtools-15.0-noarch-33.txz: Rebuilt.
setup.services: added support for rc.openldap and rc.openvpn.
ap/hplip-3.20.5-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.41-x86-1.txz: Upgraded.
d/python-setuptools-46.3.0-x86_64-1.txz: Upgraded.
d/python3-3.8.3-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.41-noarch-1.txz: Upgraded.
n/openldap-2.4.50-x86_64-1.txz: Added.
This is a complete OpenLDAP package with both client and server support.
Thanks to Giuseppe Di Terlizzi for help with the server parts.
n/openldap-client-2.4.50-x86_64-1.txz: Removed.
x/mesa-20.0.7-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/PAM/hplip-3.20.5-x86_64-1_pam.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/btrfs-progs-5.6.1-x86_64-1.txz: Upgraded.
a/kernel-generic-5.4.40-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.40-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.40-x86_64-1.txz: Upgraded.
d/bison-3.6.1-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.40-x86-1.txz: Upgraded.
d/python-setuptools-46.2.0-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.40-noarch-1.txz: Upgraded.
l/pcre2-10.35-x86_64-1.txz: Upgraded.
l/shared-mime-info-2.0-x86_64-1.txz: Upgraded.
n/ModemManager-1.12.10-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ap/pamixer-1.4-x86_64-5.txz: Rebuilt.
Recompiled against boost-1.73.0.
d/Cython-0.29.17-x86_64-2.txz: Rebuilt.
Added cython3 symlink.
kde/calligra-2.9.11-x86_64-35.txz: Rebuilt.
Recompiled against boost-1.73.0.
l/akonadi-1.13.0-x86_64-15.txz: Rebuilt.
Recompiled against boost-1.73.0.
l/boost-1.73.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/freetype-2.10.2-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.10_11-x86_64-1.txz: Upgraded.
n/libqmi-1.24.12-x86_64-1.txz: Upgraded.
xap/blueman-2.1.3-x86_64-1.txz: Upgraded.
testing/packages/PAM/pam-krb5-4.9-x86_64-1_pam.txz: Added.
Thanks to Bart van der Hall for the packaging hints.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/shadow-4.8.1-x86_64-6.txz: Rebuilt.
Include manpages for sulogin(8).
a/util-linux-2.35.1-x86_64-5.txz: Rebuilt.
ap/sysstat-12.3.3-x86_64-1.txz: Upgraded.
d/bison-3.6-x86_64-1.txz: Upgraded.
l/jansson-2.13.1-x86_64-1.txz: Upgraded.
n/NetworkManager-1.24.0-x86_64-1.txz: Upgraded.
n/fetchmail-6.4.5-x86_64-1.txz: Upgraded.
testing/packages/PAM/shadow-4.8.1-x86_64-6_pam.txz: Rebuilt.
Include manpages for sulogin(8).
Use this version of /bin/su.
testing/packages/PAM/util-linux-2.35.1-x86_64-5_pam.txz: Rebuilt.
Don't use this version of /bin/su.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/hwdata-0.335-noarch-1.txz: Upgraded.
ap/tmux-3.1b-x86_64-1.txz: Upgraded.
l/libcap-2.34-x86_64-1.txz: Upgraded.
n/mutt-1.14.0-x86_64-1.txz: Upgraded.
n/nfs-utils-2.4.3-x86_64-3.txz: Rebuilt.
Added /var/lib/nfs/nfsdcltrack database directory for nfsdcltrack.
Thanks to upnort.
x/xterm-356-x86_64-1.txz: Upgraded.
xap/NetworkManager-openvpn-1.8.12-x86_64-1.txz: Added.
Thanks to Robby Workman.
xap/mozilla-firefox-68.8.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.8.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2020-17/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12387
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12388
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12389
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6831
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12392
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12393
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12395
(* Security fix *)
xap/mozilla-thunderbird-68.8.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.8.0/releasenotes/
(* Security fix *)
testing/packages/PAM/libcap-2.34-x86_64-1_pam.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-generic-5.4.38-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.38-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.38-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.38-x86-1.txz: Upgraded.
d/mercurial-5.4-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.38-noarch-1.txz: Upgraded.
l/mozilla-nss-3.52-x86_64-1.txz: Upgraded.
l/python-distro-1.5.0-x86_64-1.txz: Upgraded.
l/python-pillow-7.1.2-x86_64-1.txz: Upgraded.
l/v4l-utils-1.18.1-x86_64-1.txz: Upgraded.
xap/seamonkey-2.53.2-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.2
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/mkinitrd-1.4.11-x86_64-15.txz: Rebuilt.
Use the standard mktemp utility from GNU coreutils, not the old tempfile.
d/help2man-1.47.15-x86_64-1.txz: Upgraded.
l/aspell-en-2019.10.06_0-x86_64-1.txz: Upgraded.
l/gtk+3-3.24.20-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.10_9-x86_64-1.txz: Upgraded.
n/irssi-1.2.2-x86_64-2.txz: Rebuilt.
Fixed ctrl-space killing input with recent glib.
Thanks to tramtrist and Urchlay.
x/xterm-354-x86_64-1.txz: Upgraded.
extra/aspell-word-lists/aspell-de-20161207_7_0-x86_64-1.txz: Upgraded.
extra/aspell-word-lists/aspell-ga-5.1_0-x86_64-1.txz: Upgraded.
extra/aspell-word-lists/aspell-it-2.4_20070901_0-x86_64-1.txz: Upgraded.
extra/aspell-word-lists/aspell-ml-0.04_1-x86_64-1.txz: Upgraded.
extra/aspell-word-lists/aspell-pl-6.0_20200327_0-x86_64-1.txz: Upgraded.
extra/aspell-word-lists/aspell-pt_BR-20131030_12_0-x86_64-1.txz: Upgraded.
extra/aspell-word-lists/aspell-pt_PT-20190329_1_0-x86_64-1.txz: Upgraded.
extra/aspell-word-lists/aspell-sk-2.02_0-x86_64-1.txz: Upgraded.
extra/aspell-word-lists/aspell-tl-0.4_0-x86_64-1.txz: Upgraded.
|
| |
|
|
|
| |
d/rust-1.43.0-x86_64-2.txz: Rebuilt.
Patched and recompiled with the system LLVM 10 instead of the bundled LLVM 9.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
d/python-2.7.17-x86_64-2.txz: Removed.
d/python2-2.7.18-x86_64-1.txz: Added.
OK, I know a few people got excited seeing python-2 removed in the previous
entry, but it's just being renamed to python2 for consistency with the
python3 package. It's DOA though, and is the final release of the already EOL
python 2 branch (a "commemorative" release as they say in the announcement).
l/M2Crypto-0.35.2-x86_64-3.txz: Rebuilt.
Added python3 modules. Thanks to sombragris and ponce.
l/harfbuzz-2.6.5-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.10_7-x86_64-1.txz: Upgraded.
l/libuv-1.37.0-x86_64-1.txz: Upgraded.
l/libyaml-0.2.4-x86_64-1.txz: Upgraded.
l/oniguruma-6.9.5-x86_64-1.txz: Upgraded.
x/pixman-0.40.0-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-firmware-20200417_6314fa0-noarch-1.txz: Upgraded.
a/kernel-generic-5.4.33-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.33-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.33-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.33-x86-1.txz: Upgraded.
k/kernel-source-5.4.33-noarch-1.txz: Upgraded.
l/adwaita-icon-theme-3.36.1-noarch-1.txz: Upgraded.
l/libuv-1.36.0-x86_64-2.txz: Rebuilt.
Revert commits that cause BIND to crash. Thanks to Markus Wiesner.
l/wavpack-5.3.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
a/xfsprogs-5.6.0-x86_64-1.txz: Upgraded.
l/gtk+3-3.24.18-x86_64-2.txz: Rebuilt.
Fixed the version number embedded in pkg-config files and elsewhere.
Thanks to davjohn for the bug report.
n/bind-9.16.2-x86_64-1.txz: Upgraded.
This update fixes a security issue:
DNS rebinding protection was ineffective when BIND 9 is configured as a
forwarding DNS server. Found and responsibly reported by Tobias Klein.
[GL #1574]
(* Security fix *)
|
| |
|
|
|
|
|
| |
ap/man-pages-5.06-noarch-1.txz: Upgraded.
l/libyaml-0.2.3-x86_64-1.txz: Upgraded.
n/dnsmasq-2.81-x86_64-1.txz: Upgraded.
x/libinput-1.15.5-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
ap/vim-8.2.0521-x86_64-1.txz: Upgraded.
d/vala-0.48.3-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.10_5-x86_64-1.txz: Upgraded.
x/compiz-0.8.18-x86_64-1.txz: Upgraded.
xap/audacious-4.0.1-x86_64-1.txz: Upgraded.
xap/audacious-plugins-4.0.1-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.2.0521-x86_64-1.txz: Upgraded.
extra/brltty/brltty-6.1-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/audacious-plugins-4.0.1-x86_64-1_alsa.txz: Upgraded.
testing/packages/PAM/sudo-1.8.31p1-x86_64-1_pam.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
d/bison-3.5.4-x86_64-1.txz: Upgraded.
kde/k3b-2.0.3-x86_64-7.txz: Rebuilt.
Recompiled against libdvdread-6.1.1.
l/gobject-introspection-1.64.1-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.10_4-x86_64-1.txz: Upgraded.
l/libdvdnav-6.1.0-x86_64-2.txz: Rebuilt.
Recompiled against libdvdread-6.1.1.
Who bumps an .soname and only boosts the version number by 0.0.1?
Anyway, sorry to drop the ball a second time. I'll try to avoid this.
Thanks to gmgf for the bug report.
n/fetchmail-6.4.3-x86_64-1.txz: Upgraded.
tcl/tclx-8.4.4-x86_64-1.txz: Upgraded.
xap/MPlayer-20200103-x86_64-2.txz: Rebuilt.
Recompiled against libdvdread-6.1.1.
xap/windowmaker-0.95.9-x86_64-1.txz: Upgraded.
xap/xine-lib-1.2.10-x86_64-2.txz: Rebuilt.
Recompiled against libdvdread-6.1.1.
extra/pure-alsa-system/MPlayer-20200103-x86_64-2_alsa.txz: Rebuilt.
Recompiled against libdvdread-6.1.1.
extra/pure-alsa-system/xine-lib-1.2.10-x86_64-2_alsa.txz: Rebuilt.
Recompiled against libdvdread-6.1.1.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ap/lsof-4.93.2-x86_64-2.txz: Rebuilt.
Fixed the manpage. Thanks to kaott.
ap/sc-7.16-x86_64-7.txz: Rebuilt.
Brought back the classic SC. Thanks to dive.
d/Cython-0.29.16-x86_64-1.txz: Upgraded.
d/mercurial-5.3.2-x86_64-1.txz: Upgraded.
l/gtk+3-3.24.17-x86_64-1.txz: Upgraded.
n/dhcpcd-8.1.7-x86_64-1.txz: Upgraded.
n/iproute2-5.6.0-x86_64-1.txz: Upgraded.
x/libdrm-2.4.101-x86_64-1.txz: Upgraded.
x/mesa-20.0.4-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.6.1esr-x86_64-1.txz: Upgraded.
This release contains critical security fixes and improvements.
"Under certain conditions, when running the nsDocShell destructor, a race
condition can cause a use-after-free. We are aware of targeted attacks in
the wild abusing this flaw."
"Under certain conditions, when handling a ReadableStream, a race condition
can cause a use-after-free. We are aware of targeted attacks in the wild
abusing this flaw."
For more information, see:
https://www.mozilla.org/en-US/firefox/68.6.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6819
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6820
(* Security fix *)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/hwdata-0.334-noarch-1.txz: Upgraded.
a/kernel-generic-5.4.29-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.29-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.29-x86_64-1.txz: Upgraded.
a/pkgtools-15.0-noarch-32.txz: Rebuilt.
installpkg: handle the uninstall script packaged as /install/douninst.sh.
removepkg: add --skip-douninst option to skip running the uninstall script.
Save removed douninst.sh in /var/log/pkgtools/removed_uninstall_scripts.
ap/groff-1.22.4-x86_64-2.txz: Rebuilt.
Fixed docdir. Thanks to Xsane.
d/gcc-9.3.0-x86_64-2.txz: Rebuilt.
d/gcc-brig-9.3.0-x86_64-2.txz: Rebuilt.
d/gcc-g++-9.3.0-x86_64-2.txz: Rebuilt.
d/gcc-gdc-9.3.0-x86_64-2.txz: Rebuilt.
d/gcc-gfortran-9.3.0-x86_64-2.txz: Rebuilt.
Patched a compiler bug concerning assumed-shape vs. deferred-shape arrays.
Thanks to Lockywolf.
d/gcc-gnat-9.3.0-x86_64-2.txz: Rebuilt.
d/gcc-go-9.3.0-x86_64-2.txz: Rebuilt.
d/gcc-objc-9.3.0-x86_64-2.txz: Rebuilt.
d/kernel-headers-5.4.29-x86-1.txz: Upgraded.
d/ruby-2.7.1-x86_64-1.txz: Upgraded.
This update fixes security issues:
Unsafe Object Creation Vulnerability in JSON (Additional fix).
Heap exposure vulnerability in the socket library.
For more information, see:
https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/
https://www.ruby-lang.org/en/news/2020/03/31/heap-exposure-in-socket-cve-2020-10933/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10663
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10933
(* Security fix *)
k/kernel-source-5.4.29-noarch-1.txz: Upgraded.
l/graphite2-1.3.14-x86_64-1.txz: Upgraded.
l/librsvg-2.48.2-x86_64-1.txz: Upgraded.
l/utf8proc-2.5.0-x86_64-1.txz: Upgraded.
x/libva-2.7.0-x86_64-1.txz: Upgraded.
x/libva-utils-2.7.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/lvm2-2.03.09-x86_64-1.txz: Upgraded.
d/guile-3.0.2-x86_64-1.txz: Upgraded.
l/glib-networking-2.64.1-x86_64-1.txz: Upgraded.
l/gtk+3-3.24.16-x86_64-1.txz: Upgraded.
l/gvfs-1.44.1-x86_64-1.txz: Upgraded.
l/librsvg-2.48.1-x86_64-1.txz: Upgraded.
l/vte-0.60.1-x86_64-1.txz: Upgraded.
xap/audacious-4.0-x86_64-3.txz: Rebuilt.
Also support GTK+ interface, including a .desktop file for it.
xap/audacious-plugins-4.0-x86_64-3.txz: Rebuilt.
Rebuilt with --enable-gtk.
extra/pure-alsa-system/audacious-plugins-4.0-x86_64-3_alsa.txz: Rebuilt.
Rebuilt with --enable-gtk.
extra/pure-alsa-system/qt5-5.13.2-x86_64-3_alsa.txz: Added.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/e2fsprogs-1.45.6-x86_64-2.txz: Rebuilt.
Fixed RELEASE-NOTES dangling symlink.
a/kernel-generic-5.4.28-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.28-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.28-x86_64-1.txz: Upgraded.
ap/nano-4.9-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.28-x86-1.txz: Upgraded.
d/llvm-10.0.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/rust-1.42.0-x86_64-2.txz: Rebuilt.
Recompiled against llvm-10.0.0.
d/scons-3.1.2-x86_64-3.txz: Rebuilt.
Fixed shebangs for python3, removed useless .bat files.
Thanks to teeemcee and ponce.
d/vala-0.48.2-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.28-noarch-1.txz: Upgraded.
l/libgsf-1.14.47-x86_64-1.txz: Upgraded.
l/neon-0.31.0-x86_64-1.txz: Upgraded.
l/netpbm-10.89.03-x86_64-1.txz: Upgraded.
l/qt5-5.13.2-x86_64-3.txz: Rebuilt.
Recompiled against llvm-10.0.0.
x/mesa-20.0.2-x86_64-2.txz: Rebuilt.
Recompiled against llvm-10.0.0.
xfce/thunar-1.8.14-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
| |
n/curl-7.69.1-x86_64-3.txz: Rebuilt.
Removed --with-ca-bundle=/usr/share/curl/ca-bundle.crt and
added --without-ca-bundle. Thanks to drgibbon and Willy Sudiarto Raharjo.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-generic-5.4.27-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.27-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.27-x86_64-1.txz: Upgraded.
a/tcsh-6.22.02-x86_64-3.txz: Rebuilt.
Actually apply the shell history patch this time. Thanks to jmccue.
ap/cups-filters-1.27.3-x86_64-1.txz: Upgraded.
d/automake-1.16.2-noarch-1.txz: Upgraded.
d/kernel-headers-5.4.27-x86-1.txz: Upgraded.
d/parallel-20200322-noarch-1.txz: Upgraded.
k/kernel-source-5.4.27-noarch-1.txz: Upgraded.
l/gmime-3.2.7-x86_64-1.txz: Upgraded.
l/pangomm-2.42.1-x86_64-1.txz: Upgraded.
n/gnupg2-2.2.20-x86_64-1.txz: Upgraded.
xap/xaos-3.7-x86_64-1.txz: Upgraded.
xap/xscreensaver-5.44-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/PAM/xscreensaver-5.44-x86_64-1_pam.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
| |
ap/ghostscript-9.52-x86_64-1.txz: Upgraded.
l/PyQt5-5.13.2-x86_64-1.txz: Added.
l/QScintilla-2.11.4-x86_64-3.txz: Rebuilt.
Added PyQt5 support. Thanks to alienBOB.
l/sip-4.19.21-x86_64-2.txz: Rebuilt.
Recompiled to pick up Qt5 support.
n/gpgme-1.13.1-x86_64-3.txz: Rebuilt.
Added Qt5 bindings. Thanks to alienBOB.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Don't bother with 5.4.26 folks, just wait for the next one. Trust me.
a/tcsh-6.22.02-x86_64-2.txz: Rebuilt.
Fixed merging history from multiple shells. Thanks to jmccue.
a/xz-5.2.5-x86_64-1.txz: Upgraded.
d/git-2.25.2-x86_64-1.txz: Upgraded.
l/glibmm-2.64.1-x86_64-1.txz: Upgraded.
n/bind-9.16.1-x86_64-1.txz: Upgraded.
n/dovecot-2.3.10-x86_64-2.txz: Rebuilt.
x/libinput-1.15.4-x86_64-1.txz: Upgraded.
x/mesa-20.0.2-x86_64-1.txz: Upgraded.
testing/packages/PAM/dovecot-2.3.10-x86_64-2_pam.txz: Rebuilt.
Recompiled using --with-pam. Thanks to HQuest.
|
| |
|
|
|
|
|
|
| |
a/kernel-firmware-20200316_8eb0b28-noarch-1.txz: Upgraded.
l/imagemagick-7.0.10_1-x86_64-1.txz: Upgraded.
l/qt5-webkit-5.212.0_alpha4-x86_64-1.txz: Upgraded.
n/libqmi-1.24.8-x86_64-1.txz: Upgraded.
n/postfix-3.5.0-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
ap/hplip-3.20.3-x86_64-1.txz: Upgraded.
d/vala-0.48.1-x86_64-1.txz: Upgraded.
l/SDL2-2.0.12-x86_64-1.txz: Upgraded.
l/gcr-3.36.0-x86_64-1.txz: Upgraded.
l/glib2-2.64.1-x86_64-1.txz: Upgraded.
l/gnome-keyring-3.36.0-x86_64-1.txz: Upgraded.
l/libsecret-0.20.2-x86_64-1.txz: Upgraded.
n/curl-7.69.1-x86_64-1.txz: Upgraded.
testing/packages/PAM/gnome-keyring-3.36.0-x86_64-1_pam.txz: Upgraded.
testing/packages/PAM/hplip-3.20.3-x86_64-1_pam.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
d/guile-3.0.1-x86_64-1.txz: Upgraded.
l/SDL2-2.0.10-x86_64-2.txz: Rebuilt.
Rebuilt to pick up wayland support. Thanks to franzen.
l/dconf-0.36.0-x86_64-1.txz: Upgraded.
l/dconf-editor-3.36.0-x86_64-1.txz: Upgraded.
l/gsettings-desktop-schemas-3.36.0-x86_64-1.txz: Upgraded.
l/python-pygments-2.5.2-x86_64-1.txz: Upgraded.
It seems like the pragmatic thing to do here is to revert this one to fix
the python2 programs and modules that depend on it. We'll have to do a bit
more research to determine what the best course of action is regarding
python2 in general, though. Certainly we shouldn't be requiring python2
for anything important moving forward, but even that will take some work.
Plasma 5 as currently built has multiple dependencies on python2, for
example.
n/bind-9.16.0-x86_64-4.txz: Rebuilt.
Drop python2 support and switch to python3.
x/liberation-fonts-ttf-2.1.0-noarch-1.txz: Upgraded.
xap/mozilla-firefox-68.6.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.6.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2020-09/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814
(* Security fix *)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/cryptsetup-2.3.0-x86_64-2.txz: Rebuilt.
Include some additional documentation. Thanks to regdub.
a/sdparm-1.11-x86_64-1.txz: Upgraded.
ap/moc-2.5.2-x86_64-6.txz: Rebuilt.
Fixed docs permissions. Thanks to regdub.
l/glib-networking-2.64.0-x86_64-1.txz: Upgraded.
l/glib2-2.64.0-x86_64-1.txz: Upgraded.
l/gvfs-1.44.0-x86_64-1.txz: Upgraded.
l/libnl-1.1.4-x86_64-3.txz: Rebuilt.
Fixed docs permissions. Thanks to regdub.
l/tdb-1.4.3-x86_64-3.txz: Rebuilt.
Fixed docs permissions. Thanks to regdub.
l/tevent-0.10.2-x86_64-3.txz: Rebuilt.
Fixed docs permissions. Thanks to regdub.
n/bind-9.16.0-x86_64-3.txz: Rebuilt.
Applied upstream patch to fix a discrepancy in the quota code that can
result in a situation where the count is not properly decremented in
some cases.
n/dovecot-2.3.10-x86_64-1.txz: Upgraded.
n/rp-pppoe-3.13-x86_64-2.txz: Rebuilt.
This needed a rebuild for ppp-2.4.8. Thanks to regdub.
x/libinput-1.15.3-x86_64-1.txz: Upgraded.
testing/packages/PAM/dovecot-2.3.10-x86_64-1_pam.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/sdparm-1.10-x86_64-3.txz: Rebuilt.
Recompiled against sg3_utils-1.45.
a/udisks-1.0.5-x86_64-5.txz: Rebuilt.
Recompiled against sg3_utils-1.45.
d/cmake-3.16.5-x86_64-1.txz: Upgraded.
l/libgpod-0.8.3-x86_64-6.txz: Rebuilt.
Recompiled against sg3_utils-1.45.
n/curl-7.69.0-x86_64-1.txz: Upgraded.
n/cyrus-sasl-2.1.27-x86_64-3.txz: Rebuilt.
Added SQL support via MariaDB. Thanks to niksoggia.
n/ntp-4.2.8p14-x86_64-1.txz: Upgraded.
n/ppp-2.4.8-x86_64-1.txz: Upgraded.
This update fixes a security issue:
By sending an unsolicited EAP packet to a vulnerable ppp client or server,
an unauthenticated remote attacker could cause memory corruption in the
pppd process, which may allow for arbitrary code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8597
(* Security fix *)
testing/packages/PAM/cyrus-sasl-2.1.27-x86_64-3_pam.txz: Rebuilt.
Added SQL support via MariaDB. Thanks to niksoggia.
testing/packages/PAM/ppp-2.4.8-x86_64-1_pam.txz: Upgraded.
This update fixes a security issue:
By sending an unsolicited EAP packet to a vulnerable ppp client or server,
an unauthenticated remote attacker could cause memory corruption in the
pppd process, which may allow for arbitrary code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8597
(* Security fix *)
|
| |
|
|
|
| |
xap/seamonkey-2.53.1-x86_64-2.txz: Rebuilt.
Fixed $LIBDIRSUFFIX for 32-bit. Thanks to ljb643.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/dialog-1.3_20200228-x86_64-1.txz: Upgraded.
l/Mako-1.1.2-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.9_27-x86_64-1.txz: Upgraded.
l/libcap-2.33-x86_64-1.txz: Upgraded.
n/bind-9.16.0-x86_64-2.txz: Rebuilt.
rc.bind: ensure /var/run/named exists before starting named. Thanks to MarcT.
rc.bind: when stopping named, only kill processes in the current namespace.
x/libevdev-1.9.0-x86_64-1.txz: Upgraded.
x/wayland-protocols-1.20-noarch-1.txz: Upgraded.
xap/seamonkey-2.53.1-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.1
(* Security fix *)
testing/packages/PAM/libcap-2.33-x86_64-1_pam.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
| |
ap/lsscsi-0.31-x86_64-1.txz: Upgraded.
l/libxkbcommon-0.10.0-x86_64-2.txz: Rebuilt.
Rebuilt to add wayland support.
n/dnsmasq-2.80-x86_64-4.txz: Rebuilt.
Rebuilt with: -DHAVE_DNSSEC -DHAVE_DBUS -DHAVE_LIBIDN2 -DHAVE_CONNTRACK
x/intel-vaapi-driver-2.4.0-x86_64-2.txz: Rebuilt.
Rebuilt to add wayland support.
x/libglvnd-1.3.1-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/gptfdisk-1.0.5-x86_64-1.txz: Upgraded.
a/kernel-firmware-20200219_2277987-noarch-1.txz: Upgraded.
a/kernel-generic-5.4.21-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.21-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.21-x86_64-1.txz: Upgraded.
a/shadow-4.8.1-x86_64-5.txz: Rebuilt.
a/util-linux-2.35.1-x86_64-4.txz: Rebuilt.
ap/cdparanoia-III_10.2-x86_64-3.txz: Rebuilt.
Moved man page from /usr/man/jp/man1/ to /usr/man/ja/man1/. Thanks to Xsane.
Don't ship the static libraries.
d/kernel-headers-5.4.21-x86-1.txz: Upgraded.
k/kernel-source-5.4.21-noarch-1.txz: Upgraded.
SND_SOC n -> m
SPI n -> y
VFIO_PCI_VGA n -> y
+ADE7854_SPI m
+ADT7316_SPI m
+BMC150_ACCEL_SPI m
+BMG160_SPI m
+BMP280_SPI m
+FXAS21002C_SPI m
+HTS221_SPI m
+IIO_ST_ACCEL_SPI_3AXIS m
+IIO_ST_GYRO_SPI_3AXIS m
+IIO_ST_MAGN_SPI_3AXIS m
+IIO_ST_PRESS_SPI m
+IIO_ST_SENSORS_SPI m
+INPUT_AD714X_SPI m
+INPUT_ADXL34X_SPI m
+KXSD9_SPI m
+REGMAP_SPI m
+SND_COMPRESS_OFFLOAD m
+SND_DESIGNWARE_I2S m
+SND_DESIGNWARE_PCM y
+SND_DMAENGINE_PCM m
+SND_HDA_EXT_CORE m
+SND_I2S_HI6210_I2S m
+SND_PCM_ELD y
+SND_PCM_IEC958 y
+SND_SIMPLE_CARD m
+SND_SIMPLE_CARD_UTILS m
+SND_SOC_AC97_BUS y
+SND_SOC_AC97_CODEC m
+SND_SOC_ACPI m
+SND_SOC_ACPI_INTEL_MATCH m
+SND_SOC_ADAU1761 m
+SND_SOC_ADAU1761_I2C m
+SND_SOC_ADAU1761_SPI m
+SND_SOC_ADAU17X1 m
+SND_SOC_ADAU7002 m
+SND_SOC_ADAU_UTILS m
+SND_SOC_AMD_ACP m
+SND_SOC_AMD_ACP3x m
+SND_SOC_AMD_CZ_DA7219MX98357_MACH m
+SND_SOC_AMD_CZ_RT5645_MACH m
+SND_SOC_BD28623 m
+SND_SOC_COMPRESS y
+SND_SOC_CROS_EC_CODEC m
+SND_SOC_CS35L34 m
+SND_SOC_CS35L35 m
+SND_SOC_CS35L36 m
+SND_SOC_CS42L42 m
+SND_SOC_CS43130 m
+SND_SOC_CX2072X m
+SND_SOC_DA7213 m
+SND_SOC_DA7219 m
+SND_SOC_DMIC m
+SND_SOC_ES7134 m
+SND_SOC_ES7241 m
+SND_SOC_ES8316 m
+SND_SOC_ES8328 m
+SND_SOC_ES8328_I2C m
+SND_SOC_ES8328_SPI m
+SND_SOC_GENERIC_DMAENGINE_PCM y
+SND_SOC_HDAC_HDA m
+SND_SOC_HDAC_HDMI m
+SND_SOC_HDMI_CODEC m
+SND_SOC_I2C_AND_SPI m
+SND_SOC_INTEL_APL m
+SND_SOC_INTEL_BDW_RT5677_MACH m
+SND_SOC_INTEL_BROADWELL_MACH m
+SND_SOC_INTEL_BXT_DA7219_MAX98357A_MACH m
+SND_SOC_INTEL_BXT_RT298_MACH m
+SND_SOC_INTEL_BYTCR_RT5640_MACH m
+SND_SOC_INTEL_BYTCR_RT5651_MACH m
+SND_SOC_INTEL_BYT_CHT_CX2072X_MACH m
+SND_SOC_INTEL_BYT_CHT_DA7213_MACH m
+SND_SOC_INTEL_BYT_CHT_ES8316_MACH m
+SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH m
+SND_SOC_INTEL_CFL m
+SND_SOC_INTEL_CHT_BSW_MAX98090_TI_MACH m
+SND_SOC_INTEL_CHT_BSW_NAU8824_MACH m
+SND_SOC_INTEL_CHT_BSW_RT5645_MACH m
+SND_SOC_INTEL_CHT_BSW_RT5672_MACH m
+SND_SOC_INTEL_CML_H m
+SND_SOC_INTEL_CML_LP m
+SND_SOC_INTEL_CNL m
+SND_SOC_INTEL_DA7219_MAX98357A_GENERIC m
+SND_SOC_INTEL_GLK m
+SND_SOC_INTEL_GLK_RT5682_MAX98357A_MACH m
+SND_SOC_INTEL_HASWELL m
+SND_SOC_INTEL_HASWELL_MACH m
+SND_SOC_INTEL_KBL m
+SND_SOC_INTEL_KBL_DA7219_MAX98357A_MACH m
+SND_SOC_INTEL_KBL_DA7219_MAX98927_MACH m
+SND_SOC_INTEL_KBL_RT5660_MACH m
+SND_SOC_INTEL_KBL_RT5663_MAX98927_MACH m
+SND_SOC_INTEL_MACH y
+SND_SOC_INTEL_SKL m
+SND_SOC_INTEL_SKL_NAU88L25_MAX98357A_MACH m
+SND_SOC_INTEL_SKL_NAU88L25_SSM4567_MACH m
+SND_SOC_INTEL_SKL_RT286_MACH m
+SND_SOC_INTEL_SKYLAKE m
+SND_SOC_INTEL_SKYLAKE_COMMON m
+SND_SOC_INTEL_SKYLAKE_FAMILY m
+SND_SOC_INTEL_SKYLAKE_HDAUDIO_CODEC y
+SND_SOC_INTEL_SKYLAKE_SSP_CLK m
+SND_SOC_INTEL_SST m
+SND_SOC_INTEL_SST_ACPI m
+SND_SOC_INTEL_SST_FIRMWARE m
+SND_SOC_INTEL_SST_TOPLEVEL y
+SND_SOC_MAX9759 m
+SND_SOC_MAX98088 m
+SND_SOC_MAX98090 m
+SND_SOC_MAX98357A m
+SND_SOC_MAX98373 m
+SND_SOC_MAX9867 m
+SND_SOC_MAX98927 m
+SND_SOC_NAU8540 m
+SND_SOC_NAU8824 m
+SND_SOC_NAU8825 m
+SND_SOC_PCM1789 m
+SND_SOC_PCM1789_I2C m
+SND_SOC_PCM186X m
+SND_SOC_PCM186X_I2C m
+SND_SOC_PCM186X_SPI m
+SND_SOC_PCM3060 m
+SND_SOC_PCM3060_I2C m
+SND_SOC_PCM3060_SPI m
+SND_SOC_RL6231 m
+SND_SOC_RL6347A m
+SND_SOC_RT286 m
+SND_SOC_RT298 m
+SND_SOC_RT5640 m
+SND_SOC_RT5645 m
+SND_SOC_RT5651 m
+SND_SOC_RT5660 m
+SND_SOC_RT5663 m
+SND_SOC_RT5670 m
+SND_SOC_RT5677 m
+SND_SOC_RT5677_SPI m
+SND_SOC_RT5682 m
+SND_SOC_SIGMADSP m
+SND_SOC_SIGMADSP_REGMAP m
+SND_SOC_SIMPLE_AMPLIFIER m
+SND_SOC_SOF m
+SND_SOC_SOF_ACPI m
+SND_SOC_SOF_APOLLOLAKE m
+SND_SOC_SOF_APOLLOLAKE_SUPPORT y
+SND_SOC_SOF_BAYTRAIL m
+SND_SOC_SOF_BAYTRAIL_SUPPORT y
+SND_SOC_SOF_CANNONLAKE m
+SND_SOC_SOF_CANNONLAKE_SUPPORT y
+SND_SOC_SOF_COFFEELAKE m
+SND_SOC_SOF_COFFEELAKE_SUPPORT y
+SND_SOC_SOF_COMETLAKE_H m
+SND_SOC_SOF_COMETLAKE_H_SUPPORT y
+SND_SOC_SOF_COMETLAKE_LP m
+SND_SOC_SOF_COMETLAKE_LP_SUPPORT y
+SND_SOC_SOF_ELKHARTLAKE m
+SND_SOC_SOF_ELKHARTLAKE_SUPPORT y
+SND_SOC_SOF_GEMINILAKE m
+SND_SOC_SOF_GEMINILAKE_SUPPORT y
+SND_SOC_SOF_HDA m
+SND_SOC_SOF_HDA_AUDIO_CODEC y
+SND_SOC_SOF_HDA_COMMON m
+SND_SOC_SOF_HDA_LINK y
+SND_SOC_SOF_HDA_LINK_BASELINE m
+SND_SOC_SOF_ICELAKE m
+SND_SOC_SOF_ICELAKE_SUPPORT y
+SND_SOC_SOF_INTEL_ACPI m
+SND_SOC_SOF_INTEL_ATOM_HIFI_EP m
+SND_SOC_SOF_INTEL_COMMON m
+SND_SOC_SOF_INTEL_HIFI_EP_IPC m
+SND_SOC_SOF_INTEL_PCI m
+SND_SOC_SOF_INTEL_TOPLEVEL y
+SND_SOC_SOF_MERRIFIELD m
+SND_SOC_SOF_MERRIFIELD_SUPPORT y
+SND_SOC_SOF_OPTIONS m
+SND_SOC_SOF_PCI m
+SND_SOC_SOF_PROBE_WORK_QUEUE y
+SND_SOC_SOF_TIGERLAKE m
+SND_SOC_SOF_TIGERLAKE_SUPPORT y
+SND_SOC_SOF_TOPLEVEL y
+SND_SOC_SOF_XTENSA m
+SND_SOC_SPDIF m
+SND_SOC_SSM4567 m
+SND_SOC_TAS6424 m
+SND_SOC_TDA7419 m
+SND_SOC_TLV320AIC32X4 m
+SND_SOC_TLV320AIC32X4_I2C m
+SND_SOC_TLV320AIC32X4_SPI m
+SND_SOC_TOPOLOGY y
+SND_SOC_TS3A227E m
+SND_SOC_TSCS42XX m
+SND_SOC_WM8524 m
+SND_SPI y
+SND_SST_ATOM_HIFI2_PLATFORM m
+SND_SST_ATOM_HIFI2_PLATFORM_ACPI m
+SND_SST_ATOM_HIFI2_PLATFORM_PCI m
+SND_SST_IPC m
+SND_SST_IPC_ACPI m
+SND_SST_IPC_PCI m
+SPI_MASTER y
+ST_UVIS25_SPI m
l/gegl-0.4.22-x86_64-1.txz: Upgraded.
l/glib2-2.62.5-x86_64-1.txz: Upgraded.
l/python-requests-2.23.0-x86_64-1.txz: Upgraded.
n/NetworkManager-1.22.8-x86_64-1.txz: Upgraded.
n/openssh-8.2p1-x86_64-2.txz: Rebuilt.
n/php-7.4.3-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Phar: Files added to tar with Phar::buildFromIterator have
all-access permissions.
Phar: heap-buffer-overflow in phar_extract_file.
Session: Null Pointer Dereference in PHP Session Upload Progress.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7063
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7061
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7062
(* Security fix *)
x/mesa-20.0.0-x86_64-1.txz: Upgraded.
Added Wayland platform support.
x/wayland-1.18.0-x86_64-1.txz: Added.
x/wayland-protocols-1.18-noarch-1.txz: Added.
x/xorg-server-1.20.7-x86_64-2.txz: Rebuilt.
x/xorg-server-xephyr-1.20.7-x86_64-2.txz: Rebuilt.
x/xorg-server-xnest-1.20.7-x86_64-2.txz: Rebuilt.
x/xorg-server-xvfb-1.20.7-x86_64-2.txz: Rebuilt.
x/xorg-server-xwayland-1.20.7-x86_64-2.txz: Added.
xap/gimp-2.10.16-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/PAM/openssh-8.2p1-x86_64-2_pam.txz: Rebuilt.
/etc/pam.d/sshd: add commented out pam_tally2 example.
testing/packages/PAM/shadow-4.8.1-x86_64-5_pam.txz: Rebuilt.
/etc/pam.d/system-auth: add support for pam_group, remove pam_tally2.
Thanks to ivandi.
/etc/pam.d/*: Don't use tabs.
testing/packages/PAM/util-linux-2.35.1-x86_64-4_pam.txz: Rebuilt.
/etc/pam.d/login: add commented out pam_tally2 example.
/etc/pam.d/*: Don't use tabs.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ap/ksh93-20200131_e4fea8c5-x86_64-1.txz: Upgraded.
ap/zsh-5.8-x86_64-1.txz: Upgraded.
l/brotli-1.0.7-x86_64-1.txz: Added.
l/gmime-3.2.6-x86_64-1.txz: Upgraded.
l/hyphen-2.8.8-x86_64-1.txz: Added.
l/openal-soft-1.20.1-x86_64-1.txz: Upgraded.
Thanks to Skaendo and Willy Sudiarto Raharjo.
l/qt5-webkit-5.212.0_alpha3-x86_64-1.txz: Added.
Thanks to alienBOB.
l/woff2-20180531_a0d0ed7-x86_64-1.txz: Added.
n/bluez-5.53-x86_64-1.txz: Upgraded.
n/mutt-1.13.4-x86_64-1.txz: Upgraded.
n/samba-4.11.6-x86_64-3.txz: Rebuilt.
n/socat-1.7.3.4-x86_64-1.txz: Added.
n/whois-5.5.6-x86_64-1.txz: Upgraded.
testing/packages/PAM/samba-4.11.6-x86_64-3_pam.txz: Rebuilt.
Added patches to fix joining a DC when using krb5. Looks like the patches are
already upstreamed in the latest 4.12.0-rc. Thanks to camerabambai.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-generic-5.4.20-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.20-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.20-x86_64-1.txz: Upgraded.
a/shadow-4.8.1-x86_64-3.txz: Rebuilt.
a/util-linux-2.35.1-x86_64-3.txz: Rebuilt.
d/kernel-headers-5.4.20-x86-1.txz: Upgraded.
k/kernel-source-5.4.20-noarch-1.txz: Upgraded.
l/ConsoleKit2-1.2.1-x86_64-2.txz: Rebuilt.
l/dconf-editor-3.34.4-x86_64-1.txz: Upgraded.
l/libxkbcommon-0.10.0-x86_64-1.txz: Added.
l/openal-soft-1.19.1-x86_64-1.txz: Added.
l/qt5-5.13.2-x86_64-1.txz: Added.
Thanks to alienBOB.
n/openssh-8.2p1-x86_64-1.txz: Upgraded.
Potentially incompatible changes:
* ssh(1), sshd(8): the removal of "ssh-rsa" from the accepted
CASignatureAlgorithms list.
* ssh(1), sshd(8): this release removes diffie-hellman-group14-sha1
from the default key exchange proposal for both the client and
server.
* ssh-keygen(1): the command-line options related to the generation
and screening of safe prime numbers used by the
diffie-hellman-group-exchange-* key exchange algorithms have
changed. Most options have been folded under the -O flag.
* sshd(8): the sshd listener process title visible to ps(1) has
changed to include information about the number of connections that
are currently attempting authentication and the limits configured
by MaxStartups.
x/mesa-19.3.4-x86_64-2.txz: Rebuilt.
Reverted "[PATCH] swr: Fix GCC 4.9 checks." which makes X fail to start with
an illegal instruction on some hardware.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/PAM/ConsoleKit2-1.2.1-x86_64-2_pam.txz: Rebuilt.
Rebuilt with --disable-libcgmanager to fix setting limits on PAM.
Thanks to gattocarlo.
testing/packages/PAM/openssh-8.2p1-x86_64-1_pam.txz: Upgraded.
testing/packages/PAM/shadow-4.8.1-x86_64-3_pam.txz: Rebuilt.
Moved some of the /etc/pam.d/ file to the util-linux package where they
more properly belong.
testing/packages/PAM/util-linux-2.35.1-x86_64-3_pam.txz: Rebuilt.
Added some /etc/pam.d/ files previously in the shadow package.
Changed /etc/pam.d/{chfn,chsh} and made chfn/chsh setuid root to fix them.
Added /etc/pam.d/{runuser,runuser-l}.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Hey folks! PAM has finally landed in /testing. Some here wanted it to go
right into the main tree immediately, and in a more normal development cycle
I'd have been inclined to agree (it is -current, after all). But it's
probably better for it to appear in /testing first, to make sure we didn't
miss any bugs and also to serve as a warning shot that we'll be shaking up
the tree pretty good over the next few weeks. I'd like to see this merged
into the main tree in a day or two, so any testing is greatly appreciated.
Switching to the PAM packages (or reverting from them) is as easy as
installing all of them with upgradepkg --install-new, and if reverting then
remove the three leftover _pam packages. After reverting, a bit of residue
will remain in /etc/pam.d/ and /etc/security/ which can either be manually
deleted or simply ignored. While there are many more features available in
PAM compared with plain shadow, out of the box about the only noticable
change is the use of cracklib and libpwquality to check the quality of a
user-supplied password. Hopefully having PAM and krb5 will get us on track
to having proper Active Directory integration as well as using code paths
that are likely better audited these days. The attack surface *might* be
bigger, but it's also a lot better scrutinized.
Thanks to Robby Workman and Vincent Batts who did most of the initial heavy
lifting on the core PAM packages as a side project for many years. Thanks
also to Phantom X whose PAM related SlackBuilds were a valuable reference.
And thanks as well to ivandi - I learned a lot from the SlackMATE build
scripts and was even occasionally thankful for the amusing ways you would
kick my ass on LQ. ;-) You're more than welcome to let us know where we've
messed up this time.
The binutils and glibc packages in /testing were removed and are off the
table for now. I'm not seeing much upside to heading down that rabbit hole
at the moment. Next we need to be looking at Xfce 4.14 and Plasma 5.18 LTS
and some other things that have been held back since KDE4 couldn't use them.
Cheers! :-)
a/kernel-generic-5.4.19-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.19-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.19-x86_64-1.txz: Upgraded.
a/lvm2-2.03.08-x86_64-1.txz: Upgraded.
a/shadow-4.8.1-x86_64-2.txz: Rebuilt.
Automatically backup /etc/login.defs and install the new version if
incompatible PAM options are detected.
d/kernel-headers-5.4.19-x86-1.txz: Upgraded.
k/kernel-source-5.4.19-noarch-1.txz: Upgraded.
VALIDATE_FS_PARSER y -> n
xap/mozilla-thunderbird-68.5.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.5.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6793
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6794
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6795
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6797
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6792
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/PAM/ConsoleKit2-1.2.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/at-3.2.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/cifs-utils-6.10-x86_64-2_pam.txz: Added.
testing/packages/PAM/cracklib-2.9.7-x86_64-1_pam.txz: Added.
testing/packages/PAM/cups-2.3.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/cyrus-sasl-2.1.27-x86_64-2_pam.txz: Added.
testing/packages/PAM/dovecot-2.3.9.2-x86_64-1_pam.txz: Added.
testing/packages/PAM/gnome-keyring-3.34.0-x86_64-1_pam.txz: Added.
testing/packages/PAM/hplip-3.19.12-x86_64-2_pam.txz: Added.
testing/packages/PAM/kde-workspace-4.11.22-x86_64-6_pam.txz: Added.
testing/packages/PAM/libcap-2.31-x86_64-1_pam.txz: Added.
testing/packages/PAM/libcgroup-0.41-x86_64-5_pam.txz: Added.
testing/packages/PAM/libpwquality-1.4.2-x86_64-1_pam.txz: Added.
testing/packages/PAM/mariadb-10.4.12-x86_64-1_pam.txz: Added.
testing/packages/PAM/netatalk-3.1.12-x86_64-2_pam.txz: Added.
testing/packages/PAM/netkit-rsh-0.17-x86_64-2_pam.txz: Added.
testing/packages/PAM/openssh-8.1p1-x86_64-1_pam.txz: Added.
testing/packages/PAM/openvpn-2.4.8-x86_64-1_pam.txz: Added.
testing/packages/PAM/pam-1.3.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/polkit-0.116-x86_64-1_pam.txz: Added.
testing/packages/PAM/popa3d-1.0.3-x86_64-3_pam.txz: Added.
testing/packages/PAM/ppp-2.4.7-x86_64-3_pam.txz: Added.
testing/packages/PAM/proftpd-1.3.6b-x86_64-1_pam.txz: Added.
testing/packages/PAM/samba-4.11.6-x86_64-1_pam.txz: Added.
testing/packages/PAM/screen-4.8.0-x86_64-1_pam.txz: Added.
testing/packages/PAM/shadow-4.8.1-x86_64-2_pam.txz: Added.
testing/packages/PAM/sudo-1.8.31-x86_64-1_pam.txz: Added.
testing/packages/PAM/system-config-printer-1.5.12-x86_64-2_pam.txz: Added.
testing/packages/PAM/util-linux-2.35.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/vsftpd-3.0.3-x86_64-5_pam.txz: Added.
testing/packages/PAM/xdm-1.1.11-x86_64-9_pam.txz: Added.
testing/packages/PAM/xlockmore-5.62-x86_64-1_pam.txz: Added.
testing/packages/PAM/xscreensaver-5.43-x86_64-1_pam.txz: Added.
testing/packages/binutils-2.34-x86_64-1.txz: Removed.
testing/packages/glibc-2.31-x86_64-1.txz: Removed.
testing/packages/glibc-i18n-2.31-x86_64-1.txz: Removed.
testing/packages/glibc-profile-2.31-x86_64-1.txz: Removed.
testing/packages/glibc-solibs-2.31-x86_64-1.txz: Removed.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
ap/man-pages-5.05-noarch-2.txz: Rebuilt.
Clean up /usr/man directory moving miscellaneous documentation to
/usr/doc/man-pages-5.05. Thanks to Xsane.
d/python-setuptools-45.2.0-x86_64-1.txz: Upgraded.
n/nfs-utils-2.4.3-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.5.0esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.5.0/releasenotes/
|
| |
|
|
|
|
|
|
| |
ap/man-pages-5.05-noarch-1.txz: Upgraded.
d/vala-0.46.6-x86_64-1.txz: Upgraded.
extra/tigervnc/tigervnc-1.10.1-x86_64-2.txz: Rebuilt.
Removed redundant .desktop file. Thanks to upnort.
Patched for latest xorg-server.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
a/bash-5.0.016-x86_64-1.txz: Upgraded.
a/kernel-firmware-20200207_6f89735-noarch-1.txz: Upgraded.
ap/nvme-cli-1.10.1-x86_64-1.txz: Added.
d/gdb-9.1-x86_64-1.txz: Upgraded.
l/ConsoleKit2-1.2.1-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.9_22-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.50-x86_64-1.txz: Upgraded.
Upgraded to nss-3.50 and nspr-4.25.
l/readline-8.0.004-x86_64-1.txz: Upgraded.
n/libgpg-error-1.37-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/kernel-firmware-20200206_5351afe-noarch-1.txz: Upgraded.
ap/ghostscript-9.50-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.17.1.
ap/gutenprint-5.3.3-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.17.1.
ap/nano-4.8-x86_64-1.txz: Upgraded.
ap/screen-4.8.0-x86_64-1.txz: Upgraded.
ap/vim-8.2.0224-x86_64-1.txz: Upgraded.
d/cvs-1.11.23-x86_64-4.txz: Rebuilt.
Recompiled against krb5-1.17.1.
d/strace-5.5-x86_64-1.txz: Upgraded.
kde/kdelibs-4.14.38-x86_64-6.txz: Rebuilt.
Recompiled against krb5-1.17.1.
l/gtk+2-2.24.32-x86_64-3.txz: Rebuilt.
Recompiled against krb5-1.17.1.
l/gtk+3-3.24.13-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.17.1.
l/libsoup-2.68.3-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.17.1.
l/libssh-0.9.3-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.17.1.
l/loudmouth-1.5.3-x86_64-4.txz: Rebuilt.
Recompiled against krb5-1.17.1.
l/neon-0.30.2-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.17.1.
n/cifs-utils-6.10-x86_64-2.txz: Rebuilt.
Recompiled to build cifs.upcall.
n/curl-7.68.0-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.17.1.
n/cyrus-sasl-2.1.27-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.17.1.
xap/vim-gvim-8.2.0224-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/hwdata-0.332-noarch-1.txz: Upgraded.
a/kernel-firmware-20200204_b791e15-noarch-1.txz: Upgraded.
a/kernel-generic-5.4.18-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.18-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.18-x86_64-1.txz: Upgraded.
d/cmake-3.16.4-x86_64-1.txz: Upgraded.
d/icecream-1.3.1-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.18-x86-1.txz: Upgraded.
k/kernel-source-5.4.18-noarch-1.txz: Upgraded.
xap/xlockmore-5.62-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/cryptsetup-2.3.0-x86_64-1.txz: Upgraded.
a/kernel-firmware-20200203_6d9f399-noarch-1.txz: Upgraded.
ap/xfsdump-3.1.9-x86_64-1.txz: Upgraded.
d/mercurial-5.3-x86_64-1.txz: Upgraded.
l/libzip-1.6.1-x86_64-1.txz: Upgraded.
n/nfs-utils-2.4.2-x86_64-3.txz: Rebuilt.
Added /etc/exports.d directory.
Removed the bogus sanity checks. Sure, we could try to "fix" them, but this
seems to be the path of least resistance.
n/postfix-3.4.9-x86_64-1.txz: Upgraded.
x/libinput-1.15.1-x86_64-1.txz: Upgraded.
x/vulkan-sdk-1.2.131.1-x86_64-1.txz: Upgraded.
xap/sane-1.0.29-x86_64-1.txz: Upgraded.
|
| |
|
|
|
|
|
|
| |
testing/packages/binutils-2.34-x86_64-1.txz: Added.
testing/packages/glibc-2.31-x86_64-1.txz: Added.
testing/packages/glibc-i18n-2.31-x86_64-1.txz: Added.
testing/packages/glibc-profile-2.31-x86_64-1.txz: Added.
testing/packages/glibc-solibs-2.31-x86_64-1.txz: Added.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/aaa_elflibs-15.0-x86_64-21.txz: Rebuilt.
Upgraded: libisl.so.22.0.1.
Added: libkeyutils.so.1.9.
a/kernel-generic-5.4.15-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.15-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.15-x86_64-1.txz: Upgraded.
a/pciutils-3.6.4-x86_64-1.txz: Upgraded.
a/shadow-4.8.1-x86_64-1.txz: Upgraded.
d/check-0.14.0-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.15-x86-1.txz: Upgraded.
d/make-4.2.1-x86_64-5.txz: Rebuilt.
Drop back to make-4.2.1 since make-4.3 is breaking a few builds. We'll
revisit it later after sources have caught up to it or regressions have
been patched upstream.
d/python-pip-20.0.2-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.15-noarch-1.txz: Upgraded.
l/imagemagick-7.0.9_18-x86_64-1.txz: Upgraded.
l/python-packaging-20.1-x86_64-1.txz: Upgraded.
n/php-7.4.2-x86_64-3.txz: Rebuilt.
php.ini: Added extension=gd and extension=zip. Thanks to avian.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
