summaryrefslogtreecommitdiff
path: root/source/n
Commit message (Collapse)AuthorAge
* Wed Jul 3 21:02:58 UTC 201920190703210258Patrick J Volkerding2019-07-04
| | | | | | | | | | | | | | | | | | | | a/kernel-generic-4.19.57-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.57-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.57-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.57-x86-1.txz: Upgraded. k/kernel-source-4.19.57-noarch-1.txz: Upgraded. l/Mako-1.0.13-x86_64-1.txz: Upgraded. l/SDL2_image-2.0.5-x86_64-1.txz: Upgraded. n/postfix-3.4.6-x86_64-1.txz: Upgraded. xap/blueman-2.0.8-x86_64-2.txz: Rebuilt. Reverted to blueman-2.0.8 as I'm also seeing connection issues here with the newer version. xap/xscreensaver-5.43-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. testing/packages/blueman-2.1-x86_64-1.txz: Upgraded. This doesn't seem to be working properly. Any patches are welcome. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Tue Jul 2 20:36:38 UTC 201920190702203638Patrick J Volkerding2019-07-03
| | | | | | | d/python-setuptools-41.0.1-x86_64-2.txz: Rebuilt. l/freetype-2.10.1-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_51-x86_64-1.txz: Upgraded. n/php-7.3.7-x86_64-1.txz: Upgraded.
* Sat Jun 29 22:49:01 UTC 201920190629224901Patrick J Volkerding2019-06-30
| | | | | | | | | | | | | | a/hwdata-0.325-noarch-1.txz: Upgraded. ap/hplip-3.19.6-x86_64-1.txz: Upgraded. n/irssi-1.2.1-x86_64-1.txz: Upgraded. This update fixes a security issue: Use after free when sending SASL login to the server found by ilbelkyr. May affect the stability of Irssi. SASL logins may fail, especially during (manual and automated) reconnect. For more information, see: https://irssi.org/2019/06/29/irssi-1.2.1-1.1.3-1.0.8-released/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13045 (* Security fix *) xfce/Thunar-1.8.7-x86_64-1.txz: Upgraded.
* Fri Jun 28 18:44:41 UTC 201920190628184441Patrick J Volkerding2019-06-29
| | | | | | | | a/bzip2-1.0.7-x86_64-1.txz: Upgraded. a/kernel-firmware-20190628_70e4394-noarch-1.txz: Upgraded. l/libssh-0.9.0-x86_64-1.txz: Upgraded. n/dhcpcd-7.2.3-x86_64-1.txz: Upgraded. n/nfs-utils-2.4.1-x86_64-1.txz: Upgraded.
* Thu Jun 27 19:07:20 UTC 201920190627190720Patrick J Volkerding2019-06-28
| | | | | | | | | | | | | | ap/vim-8.1.1601-x86_64-1.txz: Upgraded. Built with --disable-canberra. Thanks to Markus Wiesner. l/harfbuzz-2.5.3-x86_64-1.txz: Upgraded. n/nettle-3.5.1-x86_64-1.txz: Upgraded. n/nftables-0.9.1-x86_64-1.txz: Upgraded. t/texlive-2019.190626-x86_64-1.txz: Upgraded. Shared library .so-version bump. Thanks to Johannes Schoepfer. xap/blueman-2.1-x86_64-1.txz: Upgraded. Thanks to Robby Workman. xap/vim-gvim-8.1.1601-x86_64-1.txz: Upgraded.
* Wed Jun 26 20:14:26 UTC 201920190626201426Patrick J Volkerding2019-06-27
| | | | | | | | | | | | | | | | | | | | | | | | l/giflib-5.2.1-x86_64-2.txz: Rebuilt. Install obsolete utilities (if they were built). If you'd like to see them continued, let upstream know. l/libarchive-3.4.0-x86_64-2.txz: Rebuilt. Recompiled against nettle-3.5. l/libzip-1.5.2-x86_64-2.txz: Rebuilt. Recompiled against nettle-3.5. n/gnutls-3.6.8-x86_64-2.txz: Rebuilt. Recompiled against nettle-3.5. n/nettle-3.5-x86_64-1.txz: Upgraded. Shared library .so-version bump. x/xorg-server-1.20.5-x86_64-2.txz: Rebuilt. Recompiled against nettle-3.5. x/xorg-server-xephyr-1.20.5-x86_64-2.txz: Rebuilt. Recompiled against nettle-3.5. x/xorg-server-xnest-1.20.5-x86_64-2.txz: Rebuilt. Recompiled against nettle-3.5. x/xorg-server-xvfb-1.20.5-x86_64-2.txz: Rebuilt. Recompiled against nettle-3.5. extra/tigervnc/tigervnc-1.9.0-x86_64-2.txz: Rebuilt. Recompiled against nettle-3.5.
* Mon Jun 24 18:47:52 UTC 201920190624184752Patrick J Volkerding2019-06-25
| | | | | | | | ap/mc-4.8.23-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_50-x86_64-1.txz: Upgraded. l/pygobject3-3.32.2-x86_64-1.txz: Upgraded. n/php-7.3.6-x86_64-1.txz: Upgraded. x/libinput-1.13.3-x86_64-1.txz: Upgraded.
* Thu Jun 20 18:08:56 UTC 201920190620180856Patrick J Volkerding2019-06-21
| | | | | | | | | | | | | | | l/cairo-1.17.2-x86_64-1.txz: Upgraded. l/expat-2.2.7-x86_64-1.txz: Upgraded. n/bind-9.14.3-x86_64-1.txz: Upgraded. Fixed a race condition in dns_dispatch_getnext() that could cause an assertion failure if a significant number of incoming packets were rejected. For more information, see: https://kb.isc.org/docs/cve-2019-6471 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6471 (* Security fix *) x/igt-gpu-tools-1.24-x86_64-1.txz: Upgraded. x/xorgproto-2019.1-x86_64-1.txz: Upgraded. xap/xlockmore-5.57-x86_64-1.txz: Upgraded.
* Tue Jun 18 21:46:31 UTC 201920190618214631Patrick J Volkerding2019-06-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/kernel-firmware-20190618_acb56f2-noarch-1.txz: Upgraded. a/kernel-generic-4.19.52-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.52-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.52-x86_64-1.txz: Upgraded. ap/mariadb-10.3.16-x86_64-1.txz: Upgraded. ap/nano-4.3-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.52-x86-1.txz: Upgraded. d/llvm-8.0.0-x86_64-3.txz: Rebuilt. Added lld-8.0.0. Thanks to TheRealGrogan. d/meson-0.51.0-x86_64-1.txz: Upgraded. d/vala-0.44.5-x86_64-1.txz: Upgraded. k/kernel-source-4.19.52-noarch-1.txz: Upgraded. This update fixes "SACK Panic", a remote denial-of-service issue. For more information, see: https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11477 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11478 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11479 (* Security fix *) l/SDL2-2.0.9-x86_64-4.txz: Rebuilt. Include libSDL2_test.a and libSDL2main.a. Thanks to dugan. l/gtk+3-3.24.9-x86_64-1.txz: Upgraded. n/ca-certificates-20190617-noarch-1.txz: Upgraded. x/encodings-1.0.5-noarch-1.txz: Upgraded. x/libX11-1.6.8-x86_64-1.txz: Upgraded. xap/mozilla-firefox-60.7.1esr-x86_64-1.txz: Upgraded. This release contains a security fix and improvements. The patched flaw is considered critical, and could be used to run attacker code and install software, requiring no user interaction beyond normal browsing. For more information, see: https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11707 (* Security fix *) isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Wed May 29 19:11:22 UTC 201920190529191122Patrick J Volkerding2019-05-30
| | | | | | | | | | | | | | | | | | | | | a/e2fsprogs-1.45.2-x86_64-1.txz: Upgraded. d/Cython-0.29.9-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_47-x86_64-1.txz: Upgraded. n/iptables-1.8.3-x86_64-1.txz: Upgraded. n/libnftnl-1.1.3-x86_64-1.txz: Upgraded. n/php-7.2.19-x86_64-1.txz: Upgraded. This update fixes bugs and security issues: Uninitialized read in gdImageCreateFromXbm Out-of-bounds read in iconv.c:_php_iconv_mime_decode due to integer overflow heap-buffer-overflow on php_jpg_get16 For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11039 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11040 (* Security fix *) x/xterm-346-x86_64-1.txz: Upgraded. xap/gnuplot-5.2.7-x86_64-1.txz: Upgraded. xap/network-manager-applet-1.8.22-x86_64-1.txz: Upgraded.
* Tue May 28 19:03:49 UTC 201920190528190349Patrick J Volkerding2019-05-29
| | | | | | | | | | | | | a/openssl-solibs-1.1.1c-x86_64-1.txz: Upgraded. l/libevent-2.1.10-x86_64-1.txz: Upgraded. n/gnupg2-2.2.16-x86_64-1.txz: Upgraded. n/gnutls-3.6.8-x86_64-1.txz: Upgraded. n/openssl-1.1.1c-x86_64-1.txz: Upgraded. This update fixes a security issue: Prevent over long nonces in ChaCha20-Poly1305. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1543 (* Security fix *)
* Wed May 22 23:30:54 UTC 201920190522233054Patrick J Volkerding2019-05-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/kernel-generic-4.19.45-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.45-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.45-x86_64-1.txz: Upgraded. ap/texinfo-6.6-x86_64-2.txz: Rebuilt. Recompiled against perl-5.30.0. ap/vim-8.1.1365-x86_64-1.txz: Upgraded. Compiled against perl-5.30.0. d/bison-3.4.1-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.45-x86-1.txz: Upgraded. d/parallel-20190522-noarch-1.txz: Upgraded. d/perl-5.30.0-x86_64-1.txz: Upgraded. Module upgraded: Net-SSLeay-1.88 d/strace-5.1-x86_64-1.txz: Upgraded. k/kernel-source-4.19.45-noarch-1.txz: Upgraded. kde/perlkde-4.14.3-x86_64-8.txz: Rebuilt. Recompiled against perl-5.30.0. kde/perlqt-4.14.3-x86_64-9.txz: Rebuilt. Recompiled against perl-5.30.0. l/glib2-2.60.3-x86_64-1.txz: Upgraded. n/curl-7.65.0-x86_64-1.txz: Upgraded. This release fixes the following security issues: Integer overflows in curl_url_set tftp: use the current blksize for recvfrom() For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5435 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436 (* Security fix *) n/epic5-2.1.1-x86_64-2.txz: Rebuilt. Recompiled against perl-5.30.0. n/irssi-1.2.0-x86_64-2.txz: Rebuilt. Recompiled against perl-5.30.0. n/net-snmp-5.8-x86_64-5.txz: Rebuilt. Recompiled against perl-5.30.0. n/ntp-4.2.8p13-x86_64-2.txz: Rebuilt. Recompiled against perl-5.30.0. n/samba-4.10.4-x86_64-1.txz: Upgraded. x/mesa-19.0.5-x86_64-1.txz: Upgraded. xap/hexchat-2.14.2-x86_64-4.txz: Rebuilt. Recompiled against perl-5.30.0. xap/rxvt-unicode-9.22-x86_64-7.txz: Rebuilt. Recompiled against perl-5.30.0. xap/vim-gvim-8.1.1365-x86_64-1.txz: Upgraded. Compiled against perl-5.30.0. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Sun May 19 01:10:53 UTC 201920190519011053Patrick J Volkerding2019-05-19
| | | | | | | | | | a/file-5.37-x86_64-1.txz: Upgraded. l/python-requests-2.22.0-x86_64-1.txz: Upgraded. n/iputils-20190515-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-60.7.0-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/60.7.0/releasenotes/
* Fri May 17 05:06:06 UTC 201920190517050606Patrick J Volkerding2019-05-17
| | | | | | | | | | | | | | | a/kernel-generic-4.19.44-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.44-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.44-x86_64-1.txz: Upgraded. ap/cups-filters-1.23.0-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.44-x86-1.txz: Upgraded. k/kernel-source-4.19.44-noarch-1.txz: Upgraded. l/libsoup-2.66.2-x86_64-1.txz: Upgraded. n/bind-9.14.2-x86_64-1.txz: Upgraded. n/stunnel-5.54-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Thu May 16 04:55:49 UTC 201920190516045549Patrick J Volkerding2019-05-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/kernel-firmware-20190514_711d329-noarch-1.txz: Upgraded. a/kernel-generic-4.19.43-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.43-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.43-x86_64-1.txz: Upgraded. ap/hplip-3.19.5-x86_64-1.txz: Upgraded. ap/mariadb-10.3.15-x86_64-1.txz: Upgraded. This update fixes denial-of-service security issues. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2627 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2628 (* Security fix *) d/cmake-3.14.4-x86_64-1.txz: Upgraded. d/gcc-9.1.0-x86_64-5.txz: Rebuilt. Rebuilt with --enable-clocale=gnu. This is recommended by Linux From Scratch, and while it doesn't seem to fix the issue with kernel compiles failing with some locales, it probably doesn't hurt. d/gcc-brig-9.1.0-x86_64-5.txz: Rebuilt. d/gcc-g++-9.1.0-x86_64-5.txz: Rebuilt. Applied patch: PR libstdc++/90397 fix std::variant friend declaration This fixes problems compiling programs that use std::variant with clang. Thanks to orbea. d/gcc-gdc-9.1.0-x86_64-5.txz: Rebuilt. d/gcc-gfortran-9.1.0-x86_64-5.txz: Rebuilt. d/gcc-gnat-9.1.0-x86_64-5.txz: Rebuilt. d/gcc-go-9.1.0-x86_64-5.txz: Rebuilt. d/gcc-objc-9.1.0-x86_64-5.txz: Rebuilt. d/kernel-headers-4.19.43-x86-1.txz: Upgraded. d/rust-1.34.2-x86_64-1.txz: Upgraded. k/kernel-source-4.19.43-noarch-1.txz: Upgraded. l/librsvg-2.44.14-x86_64-1.txz: Upgraded. n/samba-4.10.3-x86_64-1.txz: Upgraded. This is a security release in order to address the following defect: The checksum validation in the S4U2Self handler in the embedded Heimdal KDC did not first confirm that the checksum was keyed, allowing replacement of the requested target (client) principal. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16860 (* Security fix *) x/xterm-345-x86_64-1.txz: Upgraded. xap/rdesktop-1.8.5-x86_64-1.txz: Upgraded. This update fixes security issues: Add bounds checking to protocol handling in order to fix many security problems when communicating with a malicious server. (* Security fix *) isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Mon May 13 22:53:13 UTC 201920190513225313Patrick J Volkerding2019-05-14
| | | | | | | | | | | | | | | | | | | | | a/aaa_elflibs-15.0-x86_64-8.txz: Rebuilt. Upgraded: libcap.so.2.27, libglib-2.0.so.0.6000.2, libgmodule-2.0.so.0.6000.2, libgobject-2.0.so.0.6000.2, libgthread-2.0.so.0.6000.2, libpng16.so.16.37.0, libstdc++.so.6.0.26. a/e2fsprogs-1.45.1-x86_64-1.txz: Upgraded. ap/alsa-utils-1.1.9-x86_64-1.txz: Upgraded. ap/man-pages-5.01-noarch-1.txz: Upgraded. d/gdb-8.3-x86_64-1.txz: Upgraded. l/Mako-1.0.10-x86_64-1.txz: Upgraded. l/alsa-lib-1.1.9-x86_64-1.txz: Upgraded. l/alsa-plugins-1.1.9-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_45-x86_64-1.txz: Upgraded. l/mozilla-nss-3.44-x86_64-1.txz: Upgraded. l/utf8proc-2.4.0-x86_64-1.txz: Upgraded. n/iproute2-5.1.0-x86_64-1.txz: Upgraded. n/nfs-utils-2.3.4-x86_64-1.txz: Upgraded. extra/pure-alsa-system/alsa-lib-1.1.9-x86_64-1_alsa.txz: Upgraded. extra/pure-alsa-system/alsa-plugins-1.1.9-x86_64-1_alsa.txz: Upgraded.
* Tue May 7 00:11:33 UTC 201920190507001133Patrick J Volkerding2019-05-07
| | | | | | | | | | | | | | | | a/xfsprogs-5.0.0-x86_64-1.txz: Upgraded. d/gcc-9.1.0-x86_64-3.txz: Rebuilt. Patched to fix an internal compiler error (PR90303). Thanks to orbea. d/gcc-brig-9.1.0-x86_64-3.txz: Rebuilt. d/gcc-g++-9.1.0-x86_64-3.txz: Rebuilt. d/gcc-gdc-9.1.0-x86_64-3.txz: Rebuilt. d/gcc-gfortran-9.1.0-x86_64-3.txz: Rebuilt. d/gcc-gnat-9.1.0-x86_64-3.txz: Rebuilt. d/gcc-go-9.1.0-x86_64-3.txz: Rebuilt. d/gcc-objc-9.1.0-x86_64-3.txz: Rebuilt. n/postfix-3.4.5-x86_64-2.txz: Rebuilt. Added some additional tools. Thanks to Markus Wiesner.
* Sat May 4 18:44:36 UTC 201920190504184436Patrick J Volkerding2019-05-05
| | | | | | | | | | | | | | | | | | | | | | | | | a/kernel-generic-4.19.39-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.39-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.39-x86_64-1.txz: Upgraded. d/gcc-9.1.0-x86_64-2.txz: Rebuilt. d/gcc-brig-9.1.0-x86_64-2.txz: Rebuilt. d/gcc-g++-9.1.0-x86_64-2.txz: Rebuilt. d/gcc-gdc-9.1.0-x86_64-2.txz: Added. This package contains the newly added D language support. The other GCC packages were rebuilt without any functional changes. d/gcc-gfortran-9.1.0-x86_64-2.txz: Rebuilt. d/gcc-gnat-9.1.0-x86_64-2.txz: Rebuilt. d/gcc-go-9.1.0-x86_64-2.txz: Rebuilt. d/gcc-objc-9.1.0-x86_64-2.txz: Rebuilt. d/kernel-headers-4.19.39-x86-1.txz: Upgraded. k/kernel-source-4.19.39-noarch-1.txz: Upgraded. l/imagemagick-6.9.10_44-x86_64-1.txz: Upgraded. l/v4l-utils-1.16.6-x86_64-1.txz: Upgraded. n/dhcpcd-7.2.2-x86_64-1.txz: Upgraded. x/vulkan-sdk-1.1.106.0-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Wed May 1 19:49:49 UTC 201920190501194949Patrick J Volkerding2019-05-02
| | | | | | | | | | | | | | | | | | | | | ap/tmux-2.9a-x86_64-1.txz: Upgraded. n/dovecot-2.3.6-x86_64-1.txz: Upgraded. This update fixes two security issues: Submission-login crashed with signal 11 due to null pointer access when authentication was aborted by disconnecting. Submission-login crashed when authentication was started over TLS secured channel and invalid authentication message was sent. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11494 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11499 (* Security fix *) n/php-7.2.18-x86_64-1.txz: Upgraded. This update fixes bugs and a security issue Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036 (* Security fix *) xfce/exo-0.12.5-x86_64-1.txz: Upgraded.
* Fri Apr 26 18:55:10 UTC 201920190426185510Patrick J Volkerding2019-04-27
| | | | | | | | | | | | | | | | | | | | | ap/tmux-2.9-x86_64-1.txz: Upgraded. d/python-pip-19.1-x86_64-1.txz: Upgraded. d/rust-1.34.1-x86_64-1.txz: Upgraded. d/subversion-1.12.0-x86_64-1.txz: Upgraded. n/bind-9.14.1-x86_64-1.txz: Upgraded. This update fixes security issues: The TCP client quota set using the tcp-clients option could be exceeded in some cases. This could lead to exhaustion of file descriptors. In certain configurations, named could crash with an assertion failure if nxdomain-redirect was in use and a redirected query resulted in an NXDOMAIN from the cache. For more information, see: https://kb.isc.org/docs/cve-2018-5743 https://kb.isc.org/docs/cve-2019-6467 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6467 (* Security fix *) n/dhcpcd-7.2.1-x86_64-1.txz: Upgraded.
* Mon Apr 22 20:00:44 UTC 201920190422200044Patrick J Volkerding2019-04-23
| | | | | | | | a/aaa_terminfo-6.1_20190420-x86_64-1.txz: Upgraded. l/ncurses-6.1_20190420-x86_64-1.txz: Upgraded. n/wpa_supplicant-2.8-x86_64-1.txz: Upgraded. xap/xpdf-4.00-x86_64-4.txz: Rebuilt. Recompiled with -DSYSTEM_XPDFRC="/etc/xpdfrc". Thanks to J_W.
* Sun Apr 21 18:45:54 UTC 201920190421184554Patrick J Volkerding2019-04-22
| | | | | | a/bash-5.0.007-x86_64-1.txz: Upgraded. d/parallel-20190422-noarch-1.txz: Upgraded. n/NetworkManager-1.18.1-x86_64-1.txz: Upgraded.
* Thu Apr 18 21:13:58 UTC 201920190418211358Patrick J Volkerding2019-04-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ap/ksh93-20190416_7d7bba3e-x86_64-1.txz: Upgraded. ap/sysstat-12.1.4-x86_64-1.txz: Upgraded. l/gvfs-1.40.1-x86_64-2.txz: Rebuilt. Recompiled against libcdio-2.1.0. l/icu4c-64.2-x86_64-1.txz: Upgraded. l/libcddb-1.3.2-x86_64-6.txz: Rebuilt. Recompiled against libcdio-2.1.0. l/libcdio-2.1.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/libcdio-paranoia-10.2+2.0.0-x86_64-2.txz: Rebuilt. Recompiled against libcdio-2.1.0. l/zstd-1.4.0-x86_64-1.txz: Upgraded. n/dhcpcd-7.2.0-x86_64-1.txz: Upgraded. n/dovecot-2.3.5.2-x86_64-1.txz: Upgraded. This update fixes a security issue: Trying to login with 8bit username containing invalid UTF8 input causes auth process to crash if auth policy is enabled. This could be used rather easily to cause a DoS. Similar crash also happens during mail delivery when using invalid UTF8 in From or Subject header when OX push notification driver is used. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10691 (* Security fix *) n/nghttp2-1.38.0-x86_64-1.txz: Upgraded. n/openssh-8.0p1-x86_64-1.txz: Upgraded. This release contains a mitigation for a weakness in the scp(1) tool and protocol (CVE-2019-6111): when copying files from a remote system to a local directory, scp(1) did not verify that the filenames that the server sent matched those requested by the client. This could allow a hostile server to create or clobber unexpected local files with attacker-controlled content. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111 (* Security fix *) xap/MPlayer-20190418-x86_64-1.txz: Upgraded. Compiled against libcdio-2.1.0. xap/audacious-plugins-3.10.1-x86_64-2.txz: Rebuilt. Recompiled against libcdio-2.1.0. extra/pure-alsa-system/MPlayer-20190418-x86_64-1_alsa.txz: Upgraded. Compiled against libcdio-2.1.0. extra/pure-alsa-system/audacious-plugins-3.10.1-x86_64-2_alsa.txz: Rebuilt. Recompiled against libcdio-2.1.0.
* Sat Apr 13 19:44:43 UTC 201920190413194443Patrick J Volkerding2019-04-14
| | | | | | l/imagemagick-6.9.10_40-x86_64-1.txz: Upgraded. l/opus-1.3.1-x86_64-1.txz: Upgraded. n/libqmi-1.22.4-x86_64-1.txz: Upgraded.
* Fri Apr 12 22:13:09 UTC 201920190412221309Patrick J Volkerding2019-04-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/gawk-5.0.0-x86_64-1.txz: Upgraded. ap/pamixer-1.4-x86_64-2.txz: Rebuilt. Recompiled against boost-1.70.0. ap/vim-8.1.1157-x86_64-1.txz: Upgraded. d/cmake-3.14.2-x86_64-1.txz: Upgraded. e/emacs-26.2-x86_64-1.txz: Upgraded. kde/calligra-2.9.11-x86_64-30.txz: Rebuilt. Recompiled against boost-1.70.0. l/akonadi-1.13.0-x86_64-12.txz: Rebuilt. Recompiled against boost-1.70.0. l/boost-1.70.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. Note: Boost now provides its own BoostConfig.cmake config file, and it may not work with all existing code (here, calligra stumbled over it). At this point it's not clear if the included cmake config files are buggy, or if affected projects need to change something in order to use them, but there's an easy workaround to use cmake's FindBoost.cmake (as was used previously). Add this to the call to cmake from any affected project (if cmake fails with an error: "No suitable build variant has been found."): -DBoost_NO_BOOST_CMAKE=ON n/libmbim-1.18.2-x86_64-1.txz: Upgraded. n/nfs-utils-2.3.3-x86_64-3.txz: Rebuilt. rc.nfsd: don't try to create the nfsv4recoverydir - the build script will determine the directory to use and include it in the package. rc.nfsd: drop 2.4 kernel support, and use better code for mounting the nfsd filesystem. Thanks to shasta. x/libwacom-0.33-x86_64-1.txz: Upgraded. xap/vim-gvim-8.1.1157-x86_64-1.txz: Upgraded.
* Mon Apr 8 20:39:32 UTC 201920190408203932Patrick J Volkerding2019-04-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | a/glibc-zoneinfo-2019a-noarch-1.txz: Upgraded. a/grub-2.02-x86_64-5.txz: Rebuilt. Support F2FS filesystem. Thanks to Nille_kungen. ap/cups-filters-1.22.5-x86_64-1.txz: Upgraded. ap/itstool-2.0.6-x86_64-1.txz: Upgraded. d/python-setuptools-41.0.0-x86_64-1.txz: Upgraded. l/gobject-introspection-1.60.1-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_39-x86_64-1.txz: Upgraded. l/libcroco-0.6.13-x86_64-1.txz: Upgraded. l/libnotify-0.7.8-x86_64-1.txz: Upgraded. n/cifs-utils-6.9-x86_64-1.txz: Upgraded. n/nfs-utils-2.3.3-x86_64-2.txz: Rebuilt. Include recovery directory. Thanks to upnort. n/samba-4.10.2-x86_64-1.txz: Upgraded. This is a security release in order to address the following defects: World writable files in Samba AD DC private/ dir. Save registry file outside share as unprivileged user. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3870 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3880 (* Security fix *) x/libva-2.4.1-x86_64-1.txz: Upgraded. x/pixman-0.38.2-x86_64-1.txz: Upgraded. xap/gimp-2.10.10-x86_64-1.txz: Upgraded.
* Thu Apr 4 00:45:18 UTC 201920190404004518Patrick J Volkerding2019-04-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/aaa_elflibs-15.0-x86_64-7.txz: Rebuilt. Added: libhistory.so.8.0, libreadline.so.8.0. a/gawk-4.2.1-x86_64-3.txz: Rebuilt. Recompiled against readline-8.0.000. a/kernel-generic-4.19.33-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.33-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.33-x86_64-1.txz: Upgraded. a/util-linux-2.33.1-x86_64-3.txz: Rebuilt. Recompiled against readline-8.0.000. ap/bc-1.07.1-x86_64-3.txz: Rebuilt. Recompiled against readline-8.0.000. ap/gphoto2-2.5.20-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. ap/gutenprint-5.3.1-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. ap/mariadb-10.3.14-x86_64-1.txz: Upgraded. ap/xorriso-1.5.0-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. d/clisp-2.49_20181112_df3b9f6fd-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. d/gdb-8.2.1-x86_64-3.txz: Rebuilt. Recompiled against readline-8.0.000. d/guile-2.2.4-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. d/kernel-headers-4.19.33-x86-1.txz: Upgraded. d/python-2.7.16-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. d/python3-3.7.3-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. d/ruby-2.6.2-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. k/kernel-source-4.19.33-noarch-1.txz: Upgraded. kde/analitza-4.14.3-x86_64-5.txz: Rebuilt. Recompiled against readline-8.0.000. l/fluidsynth-1.1.11-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. l/gdbm-1.18.1-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. l/hunspell-1.6.2-x86_64-3.txz: Rebuilt. Recompiled against readline-8.0.000. l/mozjs52-52.9.0esr-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. l/parted-3.2-x86_64-5.txz: Rebuilt. Recompiled against readline-8.0.000. l/pcre2-10.32-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. l/pilot-link-0.12.5-x86_64-14.txz: Rebuilt. Recompiled against readline-8.0.000. l/readline-8.0.000-x86_64-1.txz: Upgraded. Shared library .so-version bump. n/NetworkManager-1.16.0-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. n/bluez-5.50-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. n/gnupg-1.4.23-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. n/gnupg2-2.2.15-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. n/gnutls-3.6.7.1-x86_64-1.txz: Upgraded. n/lftp-4.8.4-x86_64-4.txz: Rebuilt. Recompiled against readline-8.0.000. n/netkit-ftp-0.17-x86_64-5.txz: Rebuilt. Recompiled against readline-8.0.000. n/nftables-0.9.0-x86_64-3.txz: Rebuilt. Recompiled against readline-8.0.000. n/php-7.2.17-x86_64-1.txz: Upgraded. This update fixes bugs and a security issue: rename() across the device may allow unwanted access during processing. (* Security fix *) n/samba-4.10.1-x86_64-1.txz: Upgraded. Compiled against readline-8.0.000. n/tftp-hpa-5.2-x86_64-5.txz: Rebuilt. Recompiled against readline-8.0.000. n/wpa_supplicant-2.7-x86_64-4.txz: Rebuilt. Recompiled against readline-8.0.000. xap/fvwm-2.6.8-x86_64-2.txz: Rebuilt. Recompiled against readline-8.0.000. xap/gftp-2.0.19-x86_64-8.txz: Rebuilt. Recompiled against readline-8.0.000. xap/gnuchess-6.2.5-x86_64-4.txz: Rebuilt. xap/xine-ui-0.99.10-x86_64-3.txz: Rebuilt. Recompiled against readline-8.0.000. extra/pure-alsa-system/fluidsynth-1.1.11-x86_64-2_alsa.txz: Rebuilt. Recompiled against readline-8.0.000. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Tue Apr 2 20:30:22 UTC 201920190402203022Patrick J Volkerding2019-04-03
| | | | | | | | | | | | | | | | | | | | | | | | | a/hwdata-0.322-noarch-1.txz: Upgraded. a/kernel-firmware-20190402_67b7579-noarch-1.txz: Upgraded. a/shadow-4.6-x86_64-2.txz: Rebuilt. adduser: reprompt on invalid user input. Thanks to ttk. ap/ghostscript-9.26-x86_64-2.txz: Rebuilt. Fixes security issues: A specially crafted PostScript file could have access to the file system outside of the constrains imposed by -dSAFER. Transient procedures can allow access to system operators, leading to remote code execution. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3838 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6116 (* Security fix *) d/vala-0.44.2-x86_64-1.txz: Upgraded. l/glib-networking-2.60.1-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_36-x86_64-1.txz: Upgraded. l/python-pillow-6.0.0-x86_64-1.txz: Upgraded. n/wget-1.20.2-x86_64-1.txz: Upgraded. Fixed an unspecified buffer overflow vulnerability. (* Security fix *)
* Sun Mar 31 18:51:16 UTC 201920190331185116Patrick J Volkerding2019-04-01
| | | | | | | | | | | a/quota-4.05-x86_64-1.txz: Upgraded. d/cmake-3.14.1-x86_64-1.txz: Upgraded. d/patchelf-0.10-x86_64-1.txz: Upgraded. l/harfbuzz-2.4.0-x86_64-1.txz: Upgraded. l/utf8proc-2.3.0-x86_64-1.txz: Upgraded. n/httpd-2.4.39-x86_64-1.txz: Upgraded. n/iputils-20190324-x86_64-1.txz: Upgraded. n/postfix-3.4.5-x86_64-1.txz: Upgraded.
* Fri Mar 29 18:24:36 UTC 201920190329182436Patrick J Volkerding2019-03-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/aaa_elflibs-15.0-x86_64-6.txz: Rebuilt. Upgraded: libelf-0.176.so, libpcre.so.1.2.11, libglib-2.0.so.0.6000.0, libgmodule-2.0.so.0.6000.0, libgobject-2.0.so.0.6000.0, libgthread-2.0.so.0.6000.0, libtdb.so.1.4.0. Temporarily added: libicudata.so.63.1, libicui18n.so.63.1, libicuio.so.63.1, libicutest.so.63.1, libicutu.so.63.1, libicuuc.so.63.1. a/xfsprogs-4.20.0-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. ap/sqlite-3.27.2-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. kde/calligra-2.9.11-x86_64-29.txz: Rebuilt. Recompiled against icu4c-64.1. kde/kdepimlibs-4.14.10-x86_64-7.txz: Rebuilt. Recompiled to pull in new gpgme++ header files. l/boost-1.69.0-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. l/ffmpeg-3.4.6-x86_64-1.txz: Upgraded. l/giflib-5.1.9-x86_64-1.txz: Upgraded. l/harfbuzz-2.3.1-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. l/icu4c-64.1-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/libical-3.0.4-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. l/libvisio-0.1.6-x86_64-6.txz: Rebuilt. Recompiled against icu4c-64.1. l/qt-4.8.7-x86_64-12.txz: Rebuilt. Recompiled against icu4c-64.1. l/raptor2-2.0.15-x86_64-7.txz: Rebuilt. Recompiled against icu4c-64.1. l/v4l-utils-1.16.5-x86_64-1.txz: Upgraded. n/dovecot-2.3.5.1-x86_64-1.txz: Upgraded. Missing input buffer size validation leads into arbitrary buffer overflow when reading fts or pop3 uidl header from Dovecot index. Exploiting this requires direct write access to the index files. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7524 (* Security fix *) Compiled against icu4c-64.1. n/gpgme-1.13.0-x86_64-1.txz: Upgraded. n/php-7.2.16-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. n/postfix-3.4.4-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. n/tin-2.4.3-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. n/whois-5.4.2-x86_64-1.txz: Upgraded. t/texlive-2018.180822-x86_64-5.txz: Rebuilt. Recompiled against icu4c-64.1. x/libinput-1.13.0-x86_64-1.txz: Upgraded. x/mesa-19.0.1-x86_64-1.txz: Upgraded. x/vulkan-sdk-1.1.101.0-x86_64-1.txz: Upgraded. extra/pure-alsa-system/ffmpeg-3.4.6-x86_64-1_alsa.txz: Upgraded.
* Wed Mar 27 20:37:56 UTC 201920190327203756Patrick J Volkerding2019-03-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/kernel-generic-4.19.32-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.32-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.32-x86_64-1.txz: Upgraded. ap/hplip-3.19.3-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.32-x86-1.txz: Upgraded. d/python3-3.7.3-x86_64-1.txz: Upgraded. Fixed bugs and the following security issues: bpo-36216: Changes urlsplit() to raise ValueError when the URL contains characters that decompose under IDNA encoding (NFKC-normalization) into characters that affect how the URL is parsed. bpo-35746: [CVE-2019-5010] Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Vulnerability (TALOS-2018-0758) reported by Colin Read and Nicolas Edet of Cisco. bpo-35121: Don't send cookies of domain A without Domain attribute to domain B when domain A is a suffix match of domain B while using a cookiejar with http.cookiejar.DefaultCookiePolicy policy. Patch by Karthikeyan Singaravelan. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5010 (* Security fix *) d/scons-3.0.5-x86_64-1.txz: Upgraded. k/kernel-source-4.19.32-noarch-1.txz: Upgraded. n/curl-7.64.1-x86_64-1.txz: Upgraded. n/gnutls-3.6.7-x86_64-1.txz: Upgraded. Fixes security issues: libgnutls, gnutls tools: Every gnutls_free() will automatically set the free'd pointer to NULL. This prevents possible use-after-free and double free issues. Use-after-free will be turned into NULL dereference. The counter-measure does not extend to applications using gnutls_free(). libgnutls: Fixed a memory corruption (double free) vulnerability in the certificate verification API. Reported by Tavis Ormandy; addressed with the change above. [GNUTLS-SA-2019-03-27, #694] libgnutls: Fixed an invalid pointer access via malformed TLS1.3 async messages; Found using tlsfuzzer. [GNUTLS-SA-2019-03-27, #704] libgnutls: enforce key usage limitations on certificates more actively. Previously we would enforce it for TLS1.2 protocol, now we enforce it even when TLS1.3 is negotiated, or on client certificates as well. When an inappropriate for TLS1.3 certificate is seen on the credentials structure GnuTLS will disable TLS1.3 support for that session (#690). libgnutls: enforce the equality of the two signature parameters fields in a certificate. We were already enforcing the signature algorithm, but there was a bug in parameter checking code. (* Security fix *) isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Sun Mar 24 03:53:12 UTC 201920190324035312Patrick J Volkerding2019-03-24
| | | | | | | | | | | | | | | | | a/kernel-generic-4.19.31-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.31-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.31-x86_64-1.txz: Upgraded. ap/cups-2.2.11-x86_64-1.txz: Upgraded. ap/sysstat-12.1.3-x86_64-1.txz: Upgraded. d/help2man-1.47.10-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.31-x86-1.txz: Upgraded. k/kernel-source-4.19.31-noarch-1.txz: Upgraded. n/samba-4.10.0-x86_64-2.txz: Rebuilt. Recompile dropping python2 support, since talloc no longer supports it. Thanks to ponce. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Fri Mar 22 20:41:23 UTC 201920190322204123Patrick J Volkerding2019-03-23
| | | | | | | | | | | | | | | d/parallel-20190322-noarch-1.txz: Upgraded. n/bind-9.14.0-x86_64-1.txz: Upgraded. xap/mozilla-firefox-60.6.1esr-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. The patched flaws are considered critical, and could be used to run attacker code and install software, requiring no user interaction beyond normal browsing. For more information, see: https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html https://www.mozilla.org/en-US/security/advisories/mfsa2019-10/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9810i https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9813 (* Security fix *)
* Tue Mar 19 20:06:28 UTC 201920190319200628Patrick J Volkerding2019-03-20
| | | | | | | | | | | | | | | | | | a/bash-5.0.003-x86_64-1.txz: Upgraded. a/kernel-firmware-20190314_7bc2464-noarch-1.txz: Upgraded. a/kernel-generic-4.19.30-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.30-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.30-x86_64-1.txz: Upgraded. d/help2man-1.47.9-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.30-x86-1.txz: Upgraded. d/strace-5.0-x86_64-1.txz: Upgraded. k/kernel-source-4.19.30-noarch-1.txz: Upgraded. n/gnupg2-2.2.14-x86_64-1.txz: Upgraded. n/libgpg-error-1.36-x86_64-1.txz: Upgraded. n/samba-4.10.0-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Thu Mar 14 03:41:42 UTC 201920190314034142Patrick J Volkerding2019-03-14
| | | | | | | | | | | | | | | | a/kernel-firmware-20190313_efd2c1c-noarch-1.txz: Upgraded. a/kernel-generic-4.19.29-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.29-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.29-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.29-x86-1.txz: Upgraded. k/kernel-source-4.19.29-noarch-1.txz: Upgraded. n/crda-3.18-x86_64-9.txz: Rebuilt. Upgraded to wireless-regdb-2019.03.01. n/ethtool-5.0-x86_64-1.txz: Upgraded. x/mesa-19.0.0-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Tue Mar 12 20:03:46 UTC 201920190312200346Patrick J Volkerding2019-03-13
| | | | | | | | | | | | | | | | | | a/kernel-firmware-20190312_b0d9583-noarch-1.txz: Upgraded. l/at-spi2-atk-2.32.0-x86_64-1.txz: Upgraded. l/at-spi2-core-2.32.0-x86_64-1.txz: Upgraded. l/atk-2.32.0-x86_64-1.txz: Upgraded. l/dconf-0.32.0-x86_64-1.txz: Upgraded. l/dconf-editor-3.32.0-x86_64-1.txz: Upgraded. l/glib-networking-2.60.0-x86_64-1.txz: Upgraded. l/gsettings-desktop-schemas-3.32.0-x86_64-1.txz: Upgraded. l/gvfs-1.40.0-x86_64-1.txz: Upgraded. l/libsoup-2.66.0-x86_64-1.txz: Upgraded. l/vte-0.56.0-x86_64-1.txz: Upgraded. n/mobile-broadband-provider-info-20190116-x86_64-1.txz: Upgraded. n/samba-4.9.5-x86_64-1.txz: Upgraded. x/liberation-fonts-ttf-2.00.5-noarch-1.txz: Upgraded. xap/gucharmap-12.0.0-x86_64-1.txz: Upgraded.
* Mon Mar 11 19:03:50 UTC 201920190311190350Patrick J Volkerding2019-03-12
| | | | | | | | | | | | a/coreutils-8.31-x86_64-1.txz: Upgraded. d/meson-0.50.0-x86_64-1.txz: Upgraded. l/giflib-5.1.7-x86_64-1.txz: Upgraded. l/python-certifi-2019.3.9-x86_64-1.txz: Upgraded. n/postfix-3.4.3-x86_64-1.txz: Upgraded. x/libFS-1.0.8-x86_64-1.txz: Upgraded. x/libXcomposite-0.4.5-x86_64-1.txz: Upgraded. x/libXcursor-1.2.0-x86_64-1.txz: Upgraded. x/libXdamage-1.1.5-x86_64-1.txz: Upgraded.
* Fri Mar 8 18:28:40 UTC 201920190308182840Patrick J Volkerding2019-03-09
| | | | | | | | | | | | | | | | | | a/bash-5.0.002-x86_64-3.txz: Rebuilt. Fix applying patches. Thanks to saahriktu. a/e2fsprogs-1.45.0-x86_64-1.txz: Upgraded. n/ca-certificates-20190308-noarch-1.txz: Upgraded. n/nghttp2-1.37.0-x86_64-1.txz: Upgraded. n/ntp-4.2.8p13-x86_64-1.txz: Upgraded. This release fixes a bug that allows an attacker with access to an explicitly trusted source to send a crafted malicious mode 6 (ntpq) packet that can trigger a NULL pointer dereference, crashing ntpd. It also provides 17 other bugfixes and 1 other improvement. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8936 (* Security fix *) n/postfix-3.4.1-x86_64-2.txz: Rebuilt. n/s-nail-14.9.13-x86_64-1.txz: Upgraded.
* Tue Mar 5 00:17:16 UTC 201920190305001716Patrick J Volkerding2019-03-05
| | | | | | | | | | | | | | | | | | | | | | | d/gcc-8.3.0-x86_64-2.txz: Rebuilt. Reverted backported asm inline patches that broke "asm volatile". Thanks to nobodino. d/gcc-brig-8.3.0-x86_64-2.txz: Rebuilt. d/gcc-g++-8.3.0-x86_64-2.txz: Rebuilt. d/gcc-gfortran-8.3.0-x86_64-2.txz: Rebuilt. d/gcc-gnat-8.3.0-x86_64-2.txz: Rebuilt. d/gcc-go-8.3.0-x86_64-2.txz: Rebuilt. d/gcc-objc-8.3.0-x86_64-2.txz: Rebuilt. l/at-spi2-atk-2.30.1-x86_64-1.txz: Upgraded. l/at-spi2-core-2.30.1-x86_64-1.txz: Upgraded. l/gc-8.0.4-x86_64-1.txz: Upgraded. l/glib2-2.60.0-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_31-x86_64-1.txz: Upgraded. n/postfix-3.4.0-x86_64-2.txz: Rebuilt. Prevent the install script from making noise. x/xinit-1.4.1-x86_64-1.txz: Upgraded. x/xlogo-1.0.5-x86_64-1.txz: Upgraded. x/xmore-1.0.3-x86_64-1.txz: Upgraded. extra/fltk/fltk-1.3.5-x86_64-1.txz: Upgraded.
* Fri Mar 1 23:44:12 UTC 201920190301234412Patrick J Volkerding2019-03-02
| | | | | a/eudev-3.2.7-x86_64-2.txz: Rebuilt. Don't require kvm group.
* Thu Feb 28 23:05:08 UTC 201920190228230508Patrick J Volkerding2019-03-01
| | | | | | | | d/Cython-0.29.6-x86_64-1.txz: Upgraded. d/rust-1.33.0-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_29-x86_64-1.txz: Upgraded. l/qjson-0.9.0-x86_64-1.txz: Upgraded. n/postfix-3.4.0-x86_64-1.txz: Upgraded.
* Wed Feb 27 23:21:15 UTC 201920190227232115Patrick J Volkerding2019-02-28
| | | | | | | | | | | | | | | | | | | | | a/aaa_terminfo-6.1_20190223-x86_64-1.txz: Upgraded. a/kernel-firmware-20190221_9ee52be-noarch-1.txz: Upgraded. a/kernel-generic-4.19.26-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.26-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.26-x86_64-1.txz: Upgraded. ap/vim-8.1.0984-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.26-x86-1.txz: Upgraded. k/kernel-source-4.19.26-noarch-1.txz: Upgraded. l/ncurses-6.1_20190223-x86_64-1.txz: Upgraded. n/curl-7.64.0-x86_64-3.txz: Rebuilt. Applied upstream patch to fix log spam: [PATCH] multi: remove verbose "Expire in" ... messages Thanks to compassnet. n/postfix-3.3.3-x86_64-1.txz: Upgraded. xap/vim-gvim-8.1.0984-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Wed Feb 27 03:09:41 UTC 201920190227030941Patrick J Volkerding2019-02-27
| | | | | | | | | | | | | | | | | | | | | | | | a/btrfs-progs-4.20.2-x86_64-1.txz: Upgraded. a/openssl-solibs-1.1.1b-x86_64-1.txz: Upgraded. ap/ddrescue-1.24-x86_64-1.txz: Upgraded. ap/sqlite-3.27.2-x86_64-1.txz: Upgraded. l/libssh-0.8.7-x86_64-1.txz: Upgraded. l/talloc-2.1.16-x86_64-1.txz: Upgraded. l/tdb-1.3.18-x86_64-1.txz: Upgraded. l/tevent-0.9.39-x86_64-1.txz: Upgraded. n/ca-certificates-20181210-noarch-2.txz: Rebuilt. Use "c_rehash" rather than "openssl rehash" for compatibility with all versions of OpenSSL. n/epic5-2.1.1-x86_64-1.txz: Upgraded. n/openssl-1.1.1b-x86_64-1.txz: Upgraded. x/xorg-server-1.20.4-x86_64-1.txz: Upgraded. x/xorg-server-xephyr-1.20.4-x86_64-1.txz: Upgraded. x/xorg-server-xnest-1.20.4-x86_64-1.txz: Upgraded. x/xorg-server-xvfb-1.20.4-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-60.5.2-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/60.5.2/releasenotes/
* Sat Feb 23 03:33:52 UTC 201920190223033352Patrick J Volkerding2019-02-23
| | | | | | | | | | | | | | | | | | | a/file-5.36-x86_64-1.txz: Upgraded. ap/mariadb-10.3.13-x86_64-1.txz: Upgraded. This update fixes bugs and security issues. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2510 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2537 (* Security fix *) d/p2c-2.01-x86_64-1.txz: Upgraded. d/python-pip-19.0.3-x86_64-1.txz: Upgraded. l/librsvg-2.44.13-x86_64-2.txz: Rebuilt. Recompiled with --enable-vala=yes. n/bind-9.12.3_P4-x86_64-1.txz: Upgraded. xap/mozilla-firefox-60.5.2esr-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/firefox/60.5.2/releasenotes/
* Wed Feb 20 23:59:17 UTC 201920190220235917Patrick J Volkerding2019-02-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/kernel-generic-4.19.24-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.24-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.24-x86_64-1.txz: Upgraded. a/kmod-26-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. a/util-linux-2.33.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. ap/hplip-3.19.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. ap/linuxdoc-tools-0.9.73-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. ap/lxc-2.0.9_d3a03247-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. ap/rpm-4.14.2.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/Cython-0.29.5-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/distcc-3.3.2-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/gdb-8.2.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/kernel-headers-4.19.24-x86-1.txz: Upgraded. d/llvm-7.0.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/meson-0.49.2-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/python-pip-19.0.2-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/python-setuptools-40.8.0-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/python3-3.7.2-x86_64-1.txz: Upgraded. Shared library .so-version bump. k/kernel-source-4.19.24-noarch-1.txz: Upgraded. kde/pykde4-4.14.3-x86_64-8.txz: Rebuilt. Recompiled against python3-3.7.2. l/Mako-1.0.7-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/PyQt-4.12.1-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/QScintilla-2.10.8-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/alsa-lib-1.1.8-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/dbus-python-1.2.8-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/gexiv2-0.10.10-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/libcaca-0.99.beta19-x86_64-4.txz: Rebuilt. Recompiled against python3-3.7.2. l/libcap-ng-0.7.9-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/libjpeg-turbo-2.0.2-x86_64-1.txz: Upgraded. l/libproxy-0.4.15-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/libwebp-1.0.2-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/libxml2-2.9.9-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/newt-0.52.20-x86_64-4.txz: Rebuilt. Recompiled against python3-3.7.2. l/pycairo-1.18.0-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/pycups-1.9.74-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/pycurl-7.43.0.2-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/pygobject-2.28.7-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/pygobject3-3.30.4-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/pyparsing-2.3.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-appdirs-1.4.3-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-certifi-2018.11.29-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-chardet-3.0.4-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-docutils-0.14-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-idna-2.8-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-notify2-0.3.1-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-packaging-19.0-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-pillow-5.4.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-requests-2.21.0-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-sane-2.8.3-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-six-1.12.0-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-urllib3-1.24.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/sip-4.19.8-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/system-config-printer-1.5.11-x86_64-4.txz: Rebuilt. Recompiled against python3-3.7.2. l/talloc-2.1.15-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/tdb-1.3.17-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/tevent-0.9.38-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/urwid-1.0.3-x86_64-4.txz: Rebuilt. Recompiled against python3-3.7.2. n/gpgme-1.12.0-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. n/obexftp-0.24.2-x86_64-4.txz: Rebuilt. Recompiled against python3-3.7.2. n/openvpn-2.4.7-x86_64-1.txz: Upgraded. n/pssh-2.3.1-x86_64-4.txz: Rebuilt. Recompiled against python3-3.7.2. x/libfontenc-1.1.4-x86_64-1.txz: Upgraded. x/xcalc-1.0.7-x86_64-1.txz: Upgraded. x/xcb-proto-1.13-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. x/xclock-1.0.8-x86_64-1.txz: Upgraded. x/xev-1.2.3-x86_64-1.txz: Upgraded. x/xfsinfo-1.0.6-x86_64-1.txz: Upgraded. x/xhost-1.0.8-x86_64-1.txz: Upgraded. x/xlsatoms-1.1.3-x86_64-1.txz: Upgraded. x/xmodmap-1.0.10-x86_64-1.txz: Upgraded. x/xrdb-1.2.0-x86_64-1.txz: Upgraded. x/xstdcmap-1.0.4-x86_64-1.txz: Upgraded. x/xvinfo-1.1.4-x86_64-1.txz: Upgraded. xap/blueman-2.0.8-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. xap/hexchat-2.14.2-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. extra/pure-alsa-system/alsa-lib-1.1.8-x86_64-2_alsa.txz: Rebuilt. Recompiled against python3-3.7.2. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Fri Feb 8 22:04:46 UTC 201920190208220446Patrick J Volkerding2019-02-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/aaa_elflibs-15.0-x86_64-5.txz: Rebuilt. Upgraded: libglib-2.0.so.0.5800.3, libgmodule-2.0.so.0.5800.3, libgobject-2.0.so.0.5800.3, libgthread-2.0.so.0.5800.3, libidn2.so.0.3.5, libmpfr.so.6.0.2, libtdb.so.1.3.17 Removed: libidn2.so.4.0.0 ap/sqlite-3.27.1-x86_64-1.txz: Upgraded. l/libdvdread-6.0.1-x86_64-1.txz: Upgraded. l/libidn2-2.1.1-x86_64-1.txz: Upgraded. Shared library .so-version bump. This reverted back to .so.0 as the previous bump was apparently a mistake. l/libpsl-0.20.2-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/bind-9.12.3_P1-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/curl-7.64.0-x86_64-2.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/dhcpcd-7.1.1-x86_64-1.txz: Upgraded. n/dnsmasq-2.80-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/getmail-5.9-x86_64-1.txz: Upgraded. n/gnutls-3.6.6-x86_64-2.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/iputils-20180629-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/lftp-4.8.4-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/s-nail-14.9.11-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/wget-1.20.1-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/whois-5.4.1-x86_64-2.txz: Rebuilt. Recompiled against libidn2-2.1.1. x/ttf-tlwg-0.7.1-noarch-1.txz: Upgraded. xfce/xfwm4-4.12.5-x86_64-1.txz: Upgraded.
* Thu Feb 7 22:28:19 UTC 201920190207222819Patrick J Volkerding2019-02-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | n/php-7.2.15-x86_64-1.txz: Upgraded. xap/network-manager-applet-1.8.20-x86_64-1.txz: Upgraded. extra/pure-alsa-system/ffmpeg-3.4.5-x86_64-2_alsa.txz: Rebuilt. Recompiled against libvpx-1.8.0. Reenabled libsmbclient support. extra/pure-alsa-system/gst-plugins-good-1.14.4-x86_64-2_alsa.txz: Rebuilt. Recompiled against libvpx-1.8.0. extra/pure-alsa-system/xine-lib-1.2.9-x86_64-4_alsa.txz: Rebuilt. Recompiled against libvpx-1.8.0. pasture/php-5.6.40-x86_64-1.txz: Upgraded. Several security bugs have been fixed in this release: GD: Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads to use-after-free). Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap). Mbstring: Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token). Fixed bug #77371 (heap buffer overflow in mb regex functions - compile_string_node). Fixed bug #77381 (heap buffer overflow in multibyte match_at). Fixed bug #77382 (heap buffer overflow due to incorrect length in expand_case_fold_string). Fixed bug #77385 (buffer overflow in fetch_token). Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode). Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code). Phar: Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext). Xmlrpc: Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()). Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code). For more information, see: https://php.net/ChangeLog-5.php#5.6.40 (* Security fix *)
* Wed Feb 6 22:44:32 UTC 201920190206224432Patrick J Volkerding2019-02-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/hwdata-0.320-noarch-1.txz: Upgraded. a/kernel-generic-4.19.20-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.20-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.20-x86_64-1.txz: Upgraded. a/mcelog-162-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.20-x86-1.txz: Upgraded. d/opencl-headers-2.2-noarch-2.txz: Rebuilt. Don't trigger "#pragma message" in cl_version.h when falling back on a default version of OpenCL to target. Applications such as ffmpeg detect this as an error and fail to compile. k/kernel-source-4.19.20-noarch-1.txz: Upgraded. l/ffmpeg-3.4.5-x86_64-2.txz: Rebuilt. Recompiled against libvpx-1.8.0. Reenabled libsmbclient support. l/gst-plugins-good-1.14.4-x86_64-2.txz: Rebuilt. Recompiled against libvpx-1.8.0. l/libvpx-1.8.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. n/curl-7.64.0-x86_64-1.txz: Upgraded. This release fixes the following security issues: NTLM type-2 out-of-bounds buffer read. NTLMv2 type-3 header stack buffer overflow. SMTP end-of-response out-of-bounds read. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823 (* Security fix *) n/samba-4.9.4-x86_64-2.txz: Rebuilt. Added time.h to libsmbclient.h to fix ffmpeg compatibility. Thanks to USUARIONUEVO. xap/xine-lib-1.2.9-x86_64-4.txz: Rebuilt. Recompiled against libvpx-1.8.0. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Wed Feb 6 00:29:25 UTC 201920190206002925Patrick J Volkerding2019-02-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | ap/linuxdoc-tools-0.9.73-x86_64-1.txz: Upgraded. Upgraded to gtk-doc-1.29. Upgraded to asciidoc-8.6.10. Upgraded to perl-XML-SAX-1.00. Thanks to Stuart Winter. d/meson-0.49.2-x86_64-1.txz: Upgraded. d/python-setuptools-40.8.0-x86_64-1.txz: Upgraded. d/slacktrack-2.19-x86_64-1.txz: Upgraded. Thanks to Stuart Winter. l/imagemagick-6.9.10_26-x86_64-1.txz: Upgraded. n/dovecot-2.3.4.1-x86_64-1.txz: Upgraded. This update addresses security issues: CVE-2019-3814: If imap/pop3/managesieve/submission client has trusted certificate with missing username field (ssl_cert_username_field), under some configurations Dovecot mistakenly trusts the username provided via authentication instead of failing. ssl_cert_username_field setting was ignored with external SMTP AUTH, because none of the MTAs (Postfix, Exim) currently send the cert_username field. This may have allowed users with trusted certificate to specify any username in the authentication. This bug didn't affect Dovecot's Submission service. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3814 (* Security fix *)
* Sun Feb 3 20:26:34 UTC 201920190203202634Patrick J Volkerding2019-02-04
| | | | | | | | d/bison-3.3.2-x86_64-1.txz: Upgraded. n/dovecot-2.3.4-x86_64-2.txz: Rebuilt. Patched double free when used with MariaDB 10.3.x. Thanks to Thom1b. x/xkeyboard-config-2.26-noarch-1.txz: Upgraded. extra/bittorrent/bittorrent-4.4.0-noarch-4.txz: Removed.