summaryrefslogtreecommitdiff
path: root/source
Commit message (Collapse)AuthorAge
* Tue Apr 2 20:30:22 UTC 201920190402203022Patrick J Volkerding2019-04-03
| | | | | | | | | | | | | | | | | | | | | | | | | a/hwdata-0.322-noarch-1.txz: Upgraded. a/kernel-firmware-20190402_67b7579-noarch-1.txz: Upgraded. a/shadow-4.6-x86_64-2.txz: Rebuilt. adduser: reprompt on invalid user input. Thanks to ttk. ap/ghostscript-9.26-x86_64-2.txz: Rebuilt. Fixes security issues: A specially crafted PostScript file could have access to the file system outside of the constrains imposed by -dSAFER. Transient procedures can allow access to system operators, leading to remote code execution. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3838 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6116 (* Security fix *) d/vala-0.44.2-x86_64-1.txz: Upgraded. l/glib-networking-2.60.1-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_36-x86_64-1.txz: Upgraded. l/python-pillow-6.0.0-x86_64-1.txz: Upgraded. n/wget-1.20.2-x86_64-1.txz: Upgraded. Fixed an unspecified buffer overflow vulnerability. (* Security fix *)
* Sun Mar 31 18:51:16 UTC 201920190331185116Patrick J Volkerding2019-04-01
| | | | | | | | | | | a/quota-4.05-x86_64-1.txz: Upgraded. d/cmake-3.14.1-x86_64-1.txz: Upgraded. d/patchelf-0.10-x86_64-1.txz: Upgraded. l/harfbuzz-2.4.0-x86_64-1.txz: Upgraded. l/utf8proc-2.3.0-x86_64-1.txz: Upgraded. n/httpd-2.4.39-x86_64-1.txz: Upgraded. n/iputils-20190324-x86_64-1.txz: Upgraded. n/postfix-3.4.5-x86_64-1.txz: Upgraded.
* Fri Mar 29 18:24:36 UTC 201920190329182436Patrick J Volkerding2019-03-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/aaa_elflibs-15.0-x86_64-6.txz: Rebuilt. Upgraded: libelf-0.176.so, libpcre.so.1.2.11, libglib-2.0.so.0.6000.0, libgmodule-2.0.so.0.6000.0, libgobject-2.0.so.0.6000.0, libgthread-2.0.so.0.6000.0, libtdb.so.1.4.0. Temporarily added: libicudata.so.63.1, libicui18n.so.63.1, libicuio.so.63.1, libicutest.so.63.1, libicutu.so.63.1, libicuuc.so.63.1. a/xfsprogs-4.20.0-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. ap/sqlite-3.27.2-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. kde/calligra-2.9.11-x86_64-29.txz: Rebuilt. Recompiled against icu4c-64.1. kde/kdepimlibs-4.14.10-x86_64-7.txz: Rebuilt. Recompiled to pull in new gpgme++ header files. l/boost-1.69.0-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. l/ffmpeg-3.4.6-x86_64-1.txz: Upgraded. l/giflib-5.1.9-x86_64-1.txz: Upgraded. l/harfbuzz-2.3.1-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. l/icu4c-64.1-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/libical-3.0.4-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. l/libvisio-0.1.6-x86_64-6.txz: Rebuilt. Recompiled against icu4c-64.1. l/qt-4.8.7-x86_64-12.txz: Rebuilt. Recompiled against icu4c-64.1. l/raptor2-2.0.15-x86_64-7.txz: Rebuilt. Recompiled against icu4c-64.1. l/v4l-utils-1.16.5-x86_64-1.txz: Upgraded. n/dovecot-2.3.5.1-x86_64-1.txz: Upgraded. Missing input buffer size validation leads into arbitrary buffer overflow when reading fts or pop3 uidl header from Dovecot index. Exploiting this requires direct write access to the index files. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7524 (* Security fix *) Compiled against icu4c-64.1. n/gpgme-1.13.0-x86_64-1.txz: Upgraded. n/php-7.2.16-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. n/postfix-3.4.4-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. n/tin-2.4.3-x86_64-2.txz: Rebuilt. Recompiled against icu4c-64.1. n/whois-5.4.2-x86_64-1.txz: Upgraded. t/texlive-2018.180822-x86_64-5.txz: Rebuilt. Recompiled against icu4c-64.1. x/libinput-1.13.0-x86_64-1.txz: Upgraded. x/mesa-19.0.1-x86_64-1.txz: Upgraded. x/vulkan-sdk-1.1.101.0-x86_64-1.txz: Upgraded. extra/pure-alsa-system/ffmpeg-3.4.6-x86_64-1_alsa.txz: Upgraded.
* Wed Mar 27 20:37:56 UTC 201920190327203756Patrick J Volkerding2019-03-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/kernel-generic-4.19.32-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.32-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.32-x86_64-1.txz: Upgraded. ap/hplip-3.19.3-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.32-x86-1.txz: Upgraded. d/python3-3.7.3-x86_64-1.txz: Upgraded. Fixed bugs and the following security issues: bpo-36216: Changes urlsplit() to raise ValueError when the URL contains characters that decompose under IDNA encoding (NFKC-normalization) into characters that affect how the URL is parsed. bpo-35746: [CVE-2019-5010] Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Vulnerability (TALOS-2018-0758) reported by Colin Read and Nicolas Edet of Cisco. bpo-35121: Don't send cookies of domain A without Domain attribute to domain B when domain A is a suffix match of domain B while using a cookiejar with http.cookiejar.DefaultCookiePolicy policy. Patch by Karthikeyan Singaravelan. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5010 (* Security fix *) d/scons-3.0.5-x86_64-1.txz: Upgraded. k/kernel-source-4.19.32-noarch-1.txz: Upgraded. n/curl-7.64.1-x86_64-1.txz: Upgraded. n/gnutls-3.6.7-x86_64-1.txz: Upgraded. Fixes security issues: libgnutls, gnutls tools: Every gnutls_free() will automatically set the free'd pointer to NULL. This prevents possible use-after-free and double free issues. Use-after-free will be turned into NULL dereference. The counter-measure does not extend to applications using gnutls_free(). libgnutls: Fixed a memory corruption (double free) vulnerability in the certificate verification API. Reported by Tavis Ormandy; addressed with the change above. [GNUTLS-SA-2019-03-27, #694] libgnutls: Fixed an invalid pointer access via malformed TLS1.3 async messages; Found using tlsfuzzer. [GNUTLS-SA-2019-03-27, #704] libgnutls: enforce key usage limitations on certificates more actively. Previously we would enforce it for TLS1.2 protocol, now we enforce it even when TLS1.3 is negotiated, or on client certificates as well. When an inappropriate for TLS1.3 certificate is seen on the credentials structure GnuTLS will disable TLS1.3 support for that session (#690). libgnutls: enforce the equality of the two signature parameters fields in a certificate. We were already enforcing the signature algorithm, but there was a bug in parameter checking code. (* Security fix *) isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Tue Mar 26 23:04:49 UTC 201920190326230449Patrick J Volkerding2019-03-27
| | | | | | | | | | ap/cups-filters-1.22.3-x86_64-1.txz: Upgraded. ap/lsscsi-0.30-x86_64-1.txz: Upgraded. ap/soma-3.2.3-noarch-1.txz: Upgraded. ap/vim-8.1.1053-x86_64-1.txz: Upgraded. l/libssh2-1.8.2-x86_64-1.txz: Upgraded. n/gnupg2-2.2.15-x86_64-1.txz: Upgraded. xap/vim-gvim-8.1.1053-x86_64-1.txz: Upgraded.
* Mon Mar 25 22:36:26 UTC 201920190325223626Patrick J Volkerding2019-03-26
| | | | | | | | | | | | | | | ap/nano-4.0-x86_64-1.txz: Upgraded. l/Mako-1.0.8-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_35-x86_64-1.txz: Upgraded. l/libedit-20190324_3.1-x86_64-1.txz: Upgraded. l/shared-mime-info-1.12-x86_64-1.txz: Upgraded. x/xcompmgr-1.1.8-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-60.6.1-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/60.6.1/releasenotes/ https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html (* Security fix *)
* Sun Mar 24 03:53:12 UTC 201920190324035312Patrick J Volkerding2019-03-24
| | | | | | | | | | | | | | | | | a/kernel-generic-4.19.31-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.31-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.31-x86_64-1.txz: Upgraded. ap/cups-2.2.11-x86_64-1.txz: Upgraded. ap/sysstat-12.1.3-x86_64-1.txz: Upgraded. d/help2man-1.47.10-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.31-x86-1.txz: Upgraded. k/kernel-source-4.19.31-noarch-1.txz: Upgraded. n/samba-4.10.0-x86_64-2.txz: Rebuilt. Recompile dropping python2 support, since talloc no longer supports it. Thanks to ponce. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Fri Mar 22 20:41:23 UTC 201920190322204123Patrick J Volkerding2019-03-23
| | | | | | | | | | | | | | | d/parallel-20190322-noarch-1.txz: Upgraded. n/bind-9.14.0-x86_64-1.txz: Upgraded. xap/mozilla-firefox-60.6.1esr-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. The patched flaws are considered critical, and could be used to run attacker code and install software, requiring no user interaction beyond normal browsing. For more information, see: https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html https://www.mozilla.org/en-US/security/advisories/mfsa2019-10/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9810i https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9813 (* Security fix *)
* Thu Mar 21 21:18:49 UTC 201920190321211849Patrick J Volkerding2019-03-22
| | | | | | | l/talloc-2.2.0-x86_64-1.txz: Upgraded. l/tdb-1.4.0-x86_64-1.txz: Upgraded. l/tevent-0.10.0-x86_64-1.txz: Upgraded. x/mkfontscale-1.2.1-x86_64-1.txz: Upgraded.
* Thu Mar 21 04:48:24 UTC 201920190321044824Patrick J Volkerding2019-03-21
| | | | | | | | | | | | | | | | | | ap/lxc-2.0.11_8c238670-x86_64-1.txz: Upgraded. d/llvm-8.0.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. d/mercurial-4.9.1-x86_64-1.txz: Upgraded. l/glibmm-2.60.0-x86_64-1.txz: Upgraded. l/gtkmm3-3.24.1-x86_64-1.txz: Upgraded. n/iproute2-5.0.0-x86_64-1.txz: Upgraded. x/mesa-19.0.0-x86_64-2.txz: Rebuilt. Recompiled against llvm-8.0.0. x/xf86-video-amdgpu-19.0.1-x86_64-1.txz: Upgraded. x/xf86-video-ati-19.0.1-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-60.6.0-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/60.6.0/releasenotes/
* Tue Mar 19 20:06:28 UTC 201920190319200628Patrick J Volkerding2019-03-20
| | | | | | | | | | | | | | | | | | a/bash-5.0.003-x86_64-1.txz: Upgraded. a/kernel-firmware-20190314_7bc2464-noarch-1.txz: Upgraded. a/kernel-generic-4.19.30-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.30-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.30-x86_64-1.txz: Upgraded. d/help2man-1.47.9-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.30-x86-1.txz: Upgraded. d/strace-5.0-x86_64-1.txz: Upgraded. k/kernel-source-4.19.30-noarch-1.txz: Upgraded. n/gnupg2-2.2.14-x86_64-1.txz: Upgraded. n/libgpg-error-1.36-x86_64-1.txz: Upgraded. n/samba-4.10.0-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Mon Mar 18 22:53:51 UTC 201920190318225351Patrick J Volkerding2019-03-19
| | | | | | | | | | | | | | | | | | | | | | | | | | ap/cups-filters-1.22.2-x86_64-1.txz: Upgraded. kde/calligra-2.9.11-x86_64-28.txz: Rebuilt. Patched to fix Calligra Plan crash. Thanks to Olek. l/adwaita-icon-theme-3.32.0-noarch-1.txz: Upgraded. l/giflib-5.1.8-x86_64-1.txz: Upgraded. l/libssh2-1.8.1-x86_64-1.txz: Upgraded. Fixed several security issues. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3855 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3856 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3857 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3858 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3859 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3860 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3861 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3862 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3863 (* Security fix *) x/scim-1.4.18-x86_64-1.txz: Upgraded. xap/mozilla-firefox-60.6.0esr-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/firefox/60.6.0/releasenotes/
* Sun Mar 17 20:40:15 UTC 201920190317204015Patrick J Volkerding2019-03-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Saint Patrick was a gentleman Who through strategy and stealth Drove all the snakes from Ireland Here's toasting to his health - But not too many toastings Lest you lose yourself, and then, Forget the good Saint Patrick And see all those snakes again. a/eudev-3.2.7-x86_64-3.txz: Rebuilt. Added tqmx86_wdt to watchdog.conf. Thanks to Robby Workman. d/vala-0.44.1-x86_64-1.txz: Upgraded. kde/ktorrent-4.3.1-x86_64-4.txz: Rebuilt. Embed a copy of the GeoIP database since the download link no longer works. l/glibmm-2.58.1-x86_64-1.txz: Upgraded. l/mozilla-nss-3.43-x86_64-1.txz: Upgraded. x/imake-1.0.8-x86_64-1.txz: Upgraded. x/libXdmcp-1.1.3-x86_64-1.txz: Upgraded. x/libXext-1.3.4-x86_64-1.txz: Upgraded. x/libXft-2.3.3-x86_64-1.txz: Upgraded. x/libXmu-1.1.3-x86_64-1.txz: Upgraded. x/libXrandr-1.5.2-x86_64-1.txz: Upgraded. x/libXvMC-1.0.11-x86_64-1.txz: Upgraded. x/libXxf86dga-1.1.5-x86_64-1.txz: Upgraded. x/libxkbfile-1.1.0-x86_64-1.txz: Upgraded. x/makedepend-1.0.6-x86_64-1.txz: Upgraded. x/x11perf-1.6.1-x86_64-1.txz: Upgraded. x/xf86-video-intel-20190301_6afed33b-x86_64-1.txz: Upgraded. x/xf86-video-savage-20190128_8579718-x86_64-1.txz: Upgraded. x/xf86-video-sis-20181217_22d3c79-x86_64-1.txz: Upgraded. x/xtrans-1.4.0-noarch-1.txz: Upgraded.
* Sat Mar 16 19:00:57 UTC 201920190316190057Patrick J Volkerding2019-03-17
| | | | | | | | | l/freetype-2.10.0-x86_64-2.txz: Rebuilt. Removed unneeded freetype.this.is.not.a.windows.system.diff.gz patch. Rebased freetype.subpixel.rendering.diff.gz patch. Thanks to Daedra. l/imagemagick-6.9.10_34-x86_64-1.txz: Upgraded. n/NetworkManager-1.16.0-x86_64-1.txz: Upgraded.
* Fri Mar 15 21:21:57 UTC 201920190315212157Patrick J Volkerding2019-03-16
| | | | | l/freetype-2.10.0-x86_64-1.txz: Upgraded. n/postfix-3.4.4-x86_64-1.txz: Upgraded.
* Thu Mar 14 21:22:54 UTC 201920190314212254Patrick J Volkerding2019-03-15
| | | | | | | | | | | ap/cgmanager-0.42-x86_64-1.txz: Upgraded. d/cmake-3.14.0-x86_64-1.txz: Upgraded. l/gexiv2-0.12.0-x86_64-1.txz: Upgraded. l/gsettings-desktop-schemas-3.32.0-x86_64-2.txz: Rebuilt. Don't override the system font defaults (especially with fonts that we don't include). Thanks to Markus Wiesner. l/libyaml-0.2.2-x86_64-1.txz: Upgraded. l/libzip-1.5.2-x86_64-1.txz: Upgraded.
* Thu Mar 14 03:41:42 UTC 201920190314034142Patrick J Volkerding2019-03-14
| | | | | | | | | | | | | | | | a/kernel-firmware-20190313_efd2c1c-noarch-1.txz: Upgraded. a/kernel-generic-4.19.29-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.29-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.29-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.29-x86-1.txz: Upgraded. k/kernel-source-4.19.29-noarch-1.txz: Upgraded. n/crda-3.18-x86_64-9.txz: Rebuilt. Upgraded to wireless-regdb-2019.03.01. n/ethtool-5.0-x86_64-1.txz: Upgraded. x/mesa-19.0.0-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Wed Mar 13 17:41:58 UTC 201920190313174158Patrick J Volkerding2019-03-13
| | | | | | | | | d/ruby-2.6.2-x86_64-1.txz: Upgraded. l/glib-networking-2.60.0.1-x86_64-1.txz: Upgraded. l/gtk+3-3.24.7-x86_64-1.txz: Upgraded. l/jasper-2.0.16-x86_64-1.txz: Upgraded. n/mutt-1.11.4-x86_64-1.txz: Upgraded. xap/gucharmap-12.0.1-x86_64-1.txz: Upgraded.
* Tue Mar 12 20:03:46 UTC 201920190312200346Patrick J Volkerding2019-03-13
| | | | | | | | | | | | | | | | | | a/kernel-firmware-20190312_b0d9583-noarch-1.txz: Upgraded. l/at-spi2-atk-2.32.0-x86_64-1.txz: Upgraded. l/at-spi2-core-2.32.0-x86_64-1.txz: Upgraded. l/atk-2.32.0-x86_64-1.txz: Upgraded. l/dconf-0.32.0-x86_64-1.txz: Upgraded. l/dconf-editor-3.32.0-x86_64-1.txz: Upgraded. l/glib-networking-2.60.0-x86_64-1.txz: Upgraded. l/gsettings-desktop-schemas-3.32.0-x86_64-1.txz: Upgraded. l/gvfs-1.40.0-x86_64-1.txz: Upgraded. l/libsoup-2.66.0-x86_64-1.txz: Upgraded. l/vte-0.56.0-x86_64-1.txz: Upgraded. n/mobile-broadband-provider-info-20190116-x86_64-1.txz: Upgraded. n/samba-4.9.5-x86_64-1.txz: Upgraded. x/liberation-fonts-ttf-2.00.5-noarch-1.txz: Upgraded. xap/gucharmap-12.0.0-x86_64-1.txz: Upgraded.
* Mon Mar 11 19:03:50 UTC 201920190311190350Patrick J Volkerding2019-03-12
| | | | | | | | | | | | a/coreutils-8.31-x86_64-1.txz: Upgraded. d/meson-0.50.0-x86_64-1.txz: Upgraded. l/giflib-5.1.7-x86_64-1.txz: Upgraded. l/python-certifi-2019.3.9-x86_64-1.txz: Upgraded. n/postfix-3.4.3-x86_64-1.txz: Upgraded. x/libFS-1.0.8-x86_64-1.txz: Upgraded. x/libXcomposite-0.4.5-x86_64-1.txz: Upgraded. x/libXcursor-1.2.0-x86_64-1.txz: Upgraded. x/libXdamage-1.1.5-x86_64-1.txz: Upgraded.
* Sun Mar 10 21:02:41 UTC 201920190310210241Patrick J Volkerding2019-03-11
| | | | | | | | | | | | | | | | | | a/kernel-generic-4.19.28-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.28-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.28-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.28-x86-1.txz: Upgraded. d/vala-0.44.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. k/kernel-source-4.19.28-noarch-1.txz: Upgraded. l/gobject-introspection-1.60.0-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_33-x86_64-1.txz: Upgraded. l/pygobject3-3.32.0-x86_64-1.txz: Upgraded. x/xfd-1.1.3-x86_64-1.txz: Upgraded. x/xprop-1.2.4-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Sat Mar 9 21:33:33 UTC 201920190309213333Patrick J Volkerding2019-03-10
| | | | | | | a/e2fsprogs-1.45.0-x86_64-2.txz: Rebuilt. Removed /etc/cron.d/e2scrub_all file (systemd related junk). ap/vim-8.1.1002-x86_64-1.txz: Upgraded. xap/vim-gvim-8.1.1002-x86_64-1.txz: Upgraded.
* Fri Mar 8 18:28:40 UTC 201920190308182840Patrick J Volkerding2019-03-09
| | | | | | | | | | | | | | | | | | a/bash-5.0.002-x86_64-3.txz: Rebuilt. Fix applying patches. Thanks to saahriktu. a/e2fsprogs-1.45.0-x86_64-1.txz: Upgraded. n/ca-certificates-20190308-noarch-1.txz: Upgraded. n/nghttp2-1.37.0-x86_64-1.txz: Upgraded. n/ntp-4.2.8p13-x86_64-1.txz: Upgraded. This release fixes a bug that allows an attacker with access to an explicitly trusted source to send a crafted malicious mode 6 (ntpq) packet that can trigger a NULL pointer dereference, crashing ntpd. It also provides 17 other bugfixes and 1 other improvement. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8936 (* Security fix *) n/postfix-3.4.1-x86_64-2.txz: Rebuilt. n/s-nail-14.9.13-x86_64-1.txz: Upgraded.
* Thu Mar 7 21:26:58 UTC 201920190307212658Patrick J Volkerding2019-03-08
| | | | | | | | | | | a/e2fsprogs-1.44.6-x86_64-1.txz: Upgraded. ap/man-pages-5.00-noarch-1.txz: Upgraded. ap/most-5.1.0-x86_64-1.txz: Upgraded. n/php-7.2.16-x86_64-1.txz: Upgraded. x/xf86-video-amdgpu-19.0.0-x86_64-1.txz: Upgraded. x/xf86-video-ati-19.0.0-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-60.5.3-x86_64-1.txz: Upgraded. xap/pavucontrol-4.0-x86_64-1.txz: Upgraded.
* Tue Mar 5 22:54:06 UTC 201920190305225406Patrick J Volkerding2019-03-06
| | | | | | | | | | | | | | | | | a/hwdata-0.321-noarch-1.txz: Upgraded. a/kernel-generic-4.19.27-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.27-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.27-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.27-x86-1.txz: Upgraded. k/kernel-source-4.19.27-noarch-1.txz: Upgraded. l/M2Crypto-0.32.0-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_32-x86_64-1.txz: Upgraded. n/dovecot-2.3.5-x86_64-1.txz: Upgraded. x/xdm-1.1.11-x86_64-9.txz: Rebuilt. Reverted to xdm-1.1.11, as the new release after 7 years has some issues. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Tue Mar 5 00:17:16 UTC 201920190305001716Patrick J Volkerding2019-03-05
| | | | | | | | | | | | | | | | | | | | | | | d/gcc-8.3.0-x86_64-2.txz: Rebuilt. Reverted backported asm inline patches that broke "asm volatile". Thanks to nobodino. d/gcc-brig-8.3.0-x86_64-2.txz: Rebuilt. d/gcc-g++-8.3.0-x86_64-2.txz: Rebuilt. d/gcc-gfortran-8.3.0-x86_64-2.txz: Rebuilt. d/gcc-gnat-8.3.0-x86_64-2.txz: Rebuilt. d/gcc-go-8.3.0-x86_64-2.txz: Rebuilt. d/gcc-objc-8.3.0-x86_64-2.txz: Rebuilt. l/at-spi2-atk-2.30.1-x86_64-1.txz: Upgraded. l/at-spi2-core-2.30.1-x86_64-1.txz: Upgraded. l/gc-8.0.4-x86_64-1.txz: Upgraded. l/glib2-2.60.0-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_31-x86_64-1.txz: Upgraded. n/postfix-3.4.0-x86_64-2.txz: Rebuilt. Prevent the install script from making noise. x/xinit-1.4.1-x86_64-1.txz: Upgraded. x/xlogo-1.0.5-x86_64-1.txz: Upgraded. x/xmore-1.0.3-x86_64-1.txz: Upgraded. extra/fltk/fltk-1.3.5-x86_64-1.txz: Upgraded.
* Sun Mar 3 22:03:39 UTC 201920190303220339Patrick J Volkerding2019-03-04
| | | | | | | | | | | | | | | | | | | | | | | | a/mkinitrd-1.4.11-x86_64-12.txz: Rebuilt. Updated to busybox-1.30.1. mkinitrd: allow a colon-delimited list of kernel versions with -k mkinitrd_command_generator.sh: allow a colon-delimited list of kernel versions with -k setup.01.mkinitrd: simplify script by using -k with a version list ap/pamixer-1.4-x86_64-1.txz: Upgraded. d/python-2.7.16-x86_64-1.txz: Upgraded. Updated to the latest 2.7.x release, which fixes a few security issues. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1752 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5010 (* Security fix *) d/vala-0.42.6-x86_64-1.txz: Upgraded. l/gegl-0.4.14-x86_64-1.txz: Upgraded. l/libsecret-0.18.8-x86_64-1.txz: Upgraded. l/xapian-core-1.4.11-x86_64-1.txz: Upgraded. x/mkfontscale-1.2.0-x86_64-1.txz: Upgraded. x/xditview-1.0.5-x86_64-1.txz: Upgraded. x/xdm-1.1.12-x86_64-1.txz: Upgraded.
* Fri Mar 1 23:44:12 UTC 201920190301234412Patrick J Volkerding2019-03-02
| | | | | a/eudev-3.2.7-x86_64-2.txz: Rebuilt. Don't require kvm group.
* Thu Feb 28 23:05:08 UTC 201920190228230508Patrick J Volkerding2019-03-01
| | | | | | | | d/Cython-0.29.6-x86_64-1.txz: Upgraded. d/rust-1.33.0-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_29-x86_64-1.txz: Upgraded. l/qjson-0.9.0-x86_64-1.txz: Upgraded. n/postfix-3.4.0-x86_64-1.txz: Upgraded.
* Wed Feb 27 23:21:15 UTC 201920190227232115Patrick J Volkerding2019-02-28
| | | | | | | | | | | | | | | | | | | | | a/aaa_terminfo-6.1_20190223-x86_64-1.txz: Upgraded. a/kernel-firmware-20190221_9ee52be-noarch-1.txz: Upgraded. a/kernel-generic-4.19.26-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.26-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.26-x86_64-1.txz: Upgraded. ap/vim-8.1.0984-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.26-x86-1.txz: Upgraded. k/kernel-source-4.19.26-noarch-1.txz: Upgraded. l/ncurses-6.1_20190223-x86_64-1.txz: Upgraded. n/curl-7.64.0-x86_64-3.txz: Rebuilt. Applied upstream patch to fix log spam: [PATCH] multi: remove verbose "Expire in" ... messages Thanks to compassnet. n/postfix-3.3.3-x86_64-1.txz: Upgraded. xap/vim-gvim-8.1.0984-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Wed Feb 27 03:09:41 UTC 201920190227030941Patrick J Volkerding2019-02-27
| | | | | | | | | | | | | | | | | | | | | | | | a/btrfs-progs-4.20.2-x86_64-1.txz: Upgraded. a/openssl-solibs-1.1.1b-x86_64-1.txz: Upgraded. ap/ddrescue-1.24-x86_64-1.txz: Upgraded. ap/sqlite-3.27.2-x86_64-1.txz: Upgraded. l/libssh-0.8.7-x86_64-1.txz: Upgraded. l/talloc-2.1.16-x86_64-1.txz: Upgraded. l/tdb-1.3.18-x86_64-1.txz: Upgraded. l/tevent-0.9.39-x86_64-1.txz: Upgraded. n/ca-certificates-20181210-noarch-2.txz: Rebuilt. Use "c_rehash" rather than "openssl rehash" for compatibility with all versions of OpenSSL. n/epic5-2.1.1-x86_64-1.txz: Upgraded. n/openssl-1.1.1b-x86_64-1.txz: Upgraded. x/xorg-server-1.20.4-x86_64-1.txz: Upgraded. x/xorg-server-xephyr-1.20.4-x86_64-1.txz: Upgraded. x/xorg-server-xnest-1.20.4-x86_64-1.txz: Upgraded. x/xorg-server-xvfb-1.20.4-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-60.5.2-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/60.5.2/releasenotes/
* Sun Feb 24 21:32:51 UTC 201920190224213251Patrick J Volkerding2019-02-25
| | | | | | | | a/xfsprogs-4.20.0-x86_64-1.txz: Upgraded. d/git-2.21.0-x86_64-1.txz: Upgraded. l/pcre-8.43-x86_64-1.txz: Upgraded. n/getmail-5.13-x86_64-1.txz: Upgraded. extra/brltty/brltty-6.0-x86_64-1.txz: Upgraded.
* Sat Feb 23 20:41:38 UTC 201920190223204138Patrick J Volkerding2019-02-23
| | | | | | | | | | | | | | | | | | | | | | | | | a/kernel-firmware-20190221_54b0a74-noarch-1.txz: Upgraded. a/kernel-generic-4.19.25-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.25-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.25-x86_64-1.txz: Upgraded. a/tar-1.32-x86_64-1.txz: Upgraded. d/gcc-8.3.0-x86_64-1.txz: Upgraded. d/gcc-brig-8.3.0-x86_64-1.txz: Upgraded. d/gcc-g++-8.3.0-x86_64-1.txz: Upgraded. d/gcc-gfortran-8.3.0-x86_64-1.txz: Upgraded. d/gcc-gnat-8.3.0-x86_64-1.txz: Upgraded. d/gcc-go-8.3.0-x86_64-1.txz: Upgraded. d/gcc-objc-8.3.0-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.25-x86-1.txz: Upgraded. d/libtool-2.4.6-x86_64-10.txz: Rebuilt. Recompiled to update embedded GCC version number. d/parallel-20190222-noarch-1.txz: Upgraded. k/kernel-source-4.19.25-noarch-1.txz: Upgraded. n/NetworkManager-1.14.6-x86_64-1.txz: Upgraded. x/pyxdg-0.26-x86_64-1.txz: Added. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Sat Feb 23 03:33:52 UTC 201920190223033352Patrick J Volkerding2019-02-23
| | | | | | | | | | | | | | | | | | | a/file-5.36-x86_64-1.txz: Upgraded. ap/mariadb-10.3.13-x86_64-1.txz: Upgraded. This update fixes bugs and security issues. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2510 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2537 (* Security fix *) d/p2c-2.01-x86_64-1.txz: Upgraded. d/python-pip-19.0.3-x86_64-1.txz: Upgraded. l/librsvg-2.44.13-x86_64-2.txz: Rebuilt. Recompiled with --enable-vala=yes. n/bind-9.12.3_P4-x86_64-1.txz: Upgraded. xap/mozilla-firefox-60.5.2esr-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/firefox/60.5.2/releasenotes/
* Wed Feb 20 23:59:17 UTC 201920190220235917Patrick J Volkerding2019-02-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/kernel-generic-4.19.24-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.24-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.24-x86_64-1.txz: Upgraded. a/kmod-26-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. a/util-linux-2.33.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. ap/hplip-3.19.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. ap/linuxdoc-tools-0.9.73-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. ap/lxc-2.0.9_d3a03247-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. ap/rpm-4.14.2.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/Cython-0.29.5-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/distcc-3.3.2-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/gdb-8.2.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/kernel-headers-4.19.24-x86-1.txz: Upgraded. d/llvm-7.0.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/meson-0.49.2-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/python-pip-19.0.2-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/python-setuptools-40.8.0-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. d/python3-3.7.2-x86_64-1.txz: Upgraded. Shared library .so-version bump. k/kernel-source-4.19.24-noarch-1.txz: Upgraded. kde/pykde4-4.14.3-x86_64-8.txz: Rebuilt. Recompiled against python3-3.7.2. l/Mako-1.0.7-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/PyQt-4.12.1-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/QScintilla-2.10.8-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/alsa-lib-1.1.8-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/dbus-python-1.2.8-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/gexiv2-0.10.10-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/libcaca-0.99.beta19-x86_64-4.txz: Rebuilt. Recompiled against python3-3.7.2. l/libcap-ng-0.7.9-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/libjpeg-turbo-2.0.2-x86_64-1.txz: Upgraded. l/libproxy-0.4.15-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/libwebp-1.0.2-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/libxml2-2.9.9-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/newt-0.52.20-x86_64-4.txz: Rebuilt. Recompiled against python3-3.7.2. l/pycairo-1.18.0-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/pycups-1.9.74-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/pycurl-7.43.0.2-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/pygobject-2.28.7-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/pygobject3-3.30.4-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/pyparsing-2.3.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-appdirs-1.4.3-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-certifi-2018.11.29-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-chardet-3.0.4-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-docutils-0.14-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-idna-2.8-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-notify2-0.3.1-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-packaging-19.0-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-pillow-5.4.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-requests-2.21.0-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-sane-2.8.3-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-six-1.12.0-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/python-urllib3-1.24.1-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/sip-4.19.8-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. l/system-config-printer-1.5.11-x86_64-4.txz: Rebuilt. Recompiled against python3-3.7.2. l/talloc-2.1.15-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/tdb-1.3.17-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/tevent-0.9.38-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. l/urwid-1.0.3-x86_64-4.txz: Rebuilt. Recompiled against python3-3.7.2. n/gpgme-1.12.0-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. n/obexftp-0.24.2-x86_64-4.txz: Rebuilt. Recompiled against python3-3.7.2. n/openvpn-2.4.7-x86_64-1.txz: Upgraded. n/pssh-2.3.1-x86_64-4.txz: Rebuilt. Recompiled against python3-3.7.2. x/libfontenc-1.1.4-x86_64-1.txz: Upgraded. x/xcalc-1.0.7-x86_64-1.txz: Upgraded. x/xcb-proto-1.13-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. x/xclock-1.0.8-x86_64-1.txz: Upgraded. x/xev-1.2.3-x86_64-1.txz: Upgraded. x/xfsinfo-1.0.6-x86_64-1.txz: Upgraded. x/xhost-1.0.8-x86_64-1.txz: Upgraded. x/xlsatoms-1.1.3-x86_64-1.txz: Upgraded. x/xmodmap-1.0.10-x86_64-1.txz: Upgraded. x/xrdb-1.2.0-x86_64-1.txz: Upgraded. x/xstdcmap-1.0.4-x86_64-1.txz: Upgraded. x/xvinfo-1.1.4-x86_64-1.txz: Upgraded. xap/blueman-2.0.8-x86_64-2.txz: Rebuilt. Recompiled against python3-3.7.2. xap/hexchat-2.14.2-x86_64-3.txz: Rebuilt. Recompiled against python3-3.7.2. extra/pure-alsa-system/alsa-lib-1.1.8-x86_64-2_alsa.txz: Rebuilt. Recompiled against python3-3.7.2. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Sun Feb 17 23:44:53 UTC 201920190217234453Patrick J Volkerding2019-02-18
| | | | | ap/cups-filters-1.22.1-x86_64-1.txz: Upgraded. y/bsd-games-2.17-x86_64-1.txz: Upgraded.
* Sun Feb 17 01:45:20 UTC 201920190217014520Patrick J Volkerding2019-02-17
| | | | | | | | | | | | | | | a/glibc-solibs-2.29-x86_64-3.txz: Rebuilt. ap/texinfo-6.6-x86_64-1.txz: Upgraded. l/elfutils-0.176-x86_64-1.txz: Upgraded. l/glibc-2.29-x86_64-3.txz: Rebuilt. l/glibc-i18n-2.29-x86_64-3.txz: Rebuilt. Go back to using the glibc.locale.no-archive.diff patch rather than the new built-in no-archive locale target. Avoiding hardlinks is not worth 700MB of useless bloat. Thanks to baldzhang. l/glibc-profile-2.29-x86_64-3.txz: Rebuilt. l/librsvg-2.44.13-x86_64-1.txz: Upgraded. x/xf86-video-chips-1.4.0-x86_64-1.txz: Upgraded. x/xf86-video-tdfx-1.5.0-x86_64-1.txz: Upgraded.
* Fri Feb 15 21:02:33 UTC 201920190215210233Patrick J Volkerding2019-02-16
| | | | | | | | | | | | | a/kernel-firmware-20190213_710963f-noarch-1.txz: Upgraded. a/kernel-generic-4.19.23-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.23-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.23-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.23-x86-1.txz: Upgraded. k/kernel-source-4.19.23-noarch-1.txz: Upgraded. x/xcursor-themes-1.0.6-noarch-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Fri Feb 15 01:22:13 UTC 201920190215012213Patrick J Volkerding2019-02-15
| | | | extra/pure-alsa-system/fluidsynth-1.1.11-x86_64-1_alsa.txz: Upgraded.
* Wed Feb 13 23:01:59 UTC 201920190213230159Patrick J Volkerding2019-02-14
| | | | | | | | | | | | | | | l/giflib-5.1.6-x86_64-1.txz: Upgraded. n/getmail-5.11-x86_64-1.txz: Upgraded. x/xterm-344-x86_64-1.txz: Upgraded. xap/mozilla-firefox-60.5.1esr-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/ https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2018-18356 https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2019-5785 https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2018-18335 (* Security fix *)
* Wed Feb 13 00:22:29 UTC 201920190213002229Patrick J Volkerding2019-02-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/kernel-firmware-20190212_28f5f7d-noarch-1.txz: Upgraded. a/kernel-generic-4.19.21-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.21-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.21-x86_64-1.txz: Upgraded. ap/lxc-2.0.9_d3a03247-x86_64-1.txz: Upgraded. This update fixes a security issue where a malicious privileged container could overwrite the host binary and thus gain root-level code execution on the host. As the LXC project considers privileged containers to be unsafe no CVE has been assigned for this issue for LXC. To prevent this attack, LXC has been patched to create a temporary copy of the calling binary itself when it starts or attaches to containers. To do this LXC creates an anonymous, in-memory file using the memfd_create() system call and copies itself into the temporary in-memory file, which is then sealed to prevent further modifications. LXC then executes this sealed, in-memory file instead of the original on-disk binary. For more information, see: https://seclists.org/oss-sec/2019/q1/119 (* Security fix *) d/kernel-headers-4.19.21-x86-1.txz: Upgraded. k/kernel-source-4.19.21-noarch-1.txz: Upgraded. l/libbluray-1.1.0-x86_64-1.txz: Upgraded. l/libcap-2.26-x86_64-2.txz: Rebuilt. Don't ship static library. l/xapian-core-1.4.10-x86_64-1.txz: Upgraded. n/gnupg2-2.2.13-x86_64-1.txz: Upgraded. n/irssi-1.2.0-x86_64-1.txz: Upgraded. n/libassuan-2.5.3-x86_64-1.txz: Upgraded. x/bitmap-1.0.9-x86_64-1.txz: Upgraded. x/libXau-1.0.9-x86_64-1.txz: Upgraded. x/pixman-0.38.0-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Sun Feb 10 20:55:14 UTC 201920190210205514Patrick J Volkerding2019-02-11
| | | | | | | d/python-pip-19.0.2-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_27-x86_64-1.txz: Upgraded. x/xf86-video-apm-1.3.0-x86_64-1.txz: Upgraded. x/xf86-video-s3virge-1.11.0-x86_64-1.txz: Upgraded.
* Sat Feb 9 22:46:17 UTC 201920190209224617Patrick J Volkerding2019-02-10
| | | | | | a/kmod-26-x86_64-1.txz: Upgraded. d/Cython-0.29.5-x86_64-1.txz: Upgraded. l/libidn2-2.1.1a-x86_64-1.txz: Upgraded.
* Fri Feb 8 22:04:46 UTC 201920190208220446Patrick J Volkerding2019-02-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/aaa_elflibs-15.0-x86_64-5.txz: Rebuilt. Upgraded: libglib-2.0.so.0.5800.3, libgmodule-2.0.so.0.5800.3, libgobject-2.0.so.0.5800.3, libgthread-2.0.so.0.5800.3, libidn2.so.0.3.5, libmpfr.so.6.0.2, libtdb.so.1.3.17 Removed: libidn2.so.4.0.0 ap/sqlite-3.27.1-x86_64-1.txz: Upgraded. l/libdvdread-6.0.1-x86_64-1.txz: Upgraded. l/libidn2-2.1.1-x86_64-1.txz: Upgraded. Shared library .so-version bump. This reverted back to .so.0 as the previous bump was apparently a mistake. l/libpsl-0.20.2-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/bind-9.12.3_P1-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/curl-7.64.0-x86_64-2.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/dhcpcd-7.1.1-x86_64-1.txz: Upgraded. n/dnsmasq-2.80-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/getmail-5.9-x86_64-1.txz: Upgraded. n/gnutls-3.6.6-x86_64-2.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/iputils-20180629-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/lftp-4.8.4-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/s-nail-14.9.11-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/wget-1.20.1-x86_64-3.txz: Rebuilt. Recompiled against libidn2-2.1.1. n/whois-5.4.1-x86_64-2.txz: Rebuilt. Recompiled against libidn2-2.1.1. x/ttf-tlwg-0.7.1-noarch-1.txz: Upgraded. xfce/xfwm4-4.12.5-x86_64-1.txz: Upgraded.
* Thu Feb 7 22:28:19 UTC 201920190207222819Patrick J Volkerding2019-02-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | n/php-7.2.15-x86_64-1.txz: Upgraded. xap/network-manager-applet-1.8.20-x86_64-1.txz: Upgraded. extra/pure-alsa-system/ffmpeg-3.4.5-x86_64-2_alsa.txz: Rebuilt. Recompiled against libvpx-1.8.0. Reenabled libsmbclient support. extra/pure-alsa-system/gst-plugins-good-1.14.4-x86_64-2_alsa.txz: Rebuilt. Recompiled against libvpx-1.8.0. extra/pure-alsa-system/xine-lib-1.2.9-x86_64-4_alsa.txz: Rebuilt. Recompiled against libvpx-1.8.0. pasture/php-5.6.40-x86_64-1.txz: Upgraded. Several security bugs have been fixed in this release: GD: Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads to use-after-free). Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap). Mbstring: Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token). Fixed bug #77371 (heap buffer overflow in mb regex functions - compile_string_node). Fixed bug #77381 (heap buffer overflow in multibyte match_at). Fixed bug #77382 (heap buffer overflow due to incorrect length in expand_case_fold_string). Fixed bug #77385 (buffer overflow in fetch_token). Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode). Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code). Phar: Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext). Xmlrpc: Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()). Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code). For more information, see: https://php.net/ChangeLog-5.php#5.6.40 (* Security fix *)
* Wed Feb 6 22:44:32 UTC 201920190206224432Patrick J Volkerding2019-02-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a/hwdata-0.320-noarch-1.txz: Upgraded. a/kernel-generic-4.19.20-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.20-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.20-x86_64-1.txz: Upgraded. a/mcelog-162-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.20-x86-1.txz: Upgraded. d/opencl-headers-2.2-noarch-2.txz: Rebuilt. Don't trigger "#pragma message" in cl_version.h when falling back on a default version of OpenCL to target. Applications such as ffmpeg detect this as an error and fail to compile. k/kernel-source-4.19.20-noarch-1.txz: Upgraded. l/ffmpeg-3.4.5-x86_64-2.txz: Rebuilt. Recompiled against libvpx-1.8.0. Reenabled libsmbclient support. l/gst-plugins-good-1.14.4-x86_64-2.txz: Rebuilt. Recompiled against libvpx-1.8.0. l/libvpx-1.8.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. n/curl-7.64.0-x86_64-1.txz: Upgraded. This release fixes the following security issues: NTLM type-2 out-of-bounds buffer read. NTLMv2 type-3 header stack buffer overflow. SMTP end-of-response out-of-bounds read. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823 (* Security fix *) n/samba-4.9.4-x86_64-2.txz: Rebuilt. Added time.h to libsmbclient.h to fix ffmpeg compatibility. Thanks to USUARIONUEVO. xap/xine-lib-1.2.9-x86_64-4.txz: Rebuilt. Recompiled against libvpx-1.8.0. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
* Wed Feb 6 00:29:25 UTC 201920190206002925Patrick J Volkerding2019-02-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | ap/linuxdoc-tools-0.9.73-x86_64-1.txz: Upgraded. Upgraded to gtk-doc-1.29. Upgraded to asciidoc-8.6.10. Upgraded to perl-XML-SAX-1.00. Thanks to Stuart Winter. d/meson-0.49.2-x86_64-1.txz: Upgraded. d/python-setuptools-40.8.0-x86_64-1.txz: Upgraded. d/slacktrack-2.19-x86_64-1.txz: Upgraded. Thanks to Stuart Winter. l/imagemagick-6.9.10_26-x86_64-1.txz: Upgraded. n/dovecot-2.3.4.1-x86_64-1.txz: Upgraded. This update addresses security issues: CVE-2019-3814: If imap/pop3/managesieve/submission client has trusted certificate with missing username field (ssl_cert_username_field), under some configurations Dovecot mistakenly trusts the username provided via authentication instead of failing. ssl_cert_username_field setting was ignored with external SMTP AUTH, because none of the MTAs (Postfix, Exim) currently send the cert_username field. This may have allowed users with trusted certificate to specify any username in the authentication. This bug didn't affect Dovecot's Submission service. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3814 (* Security fix *)
* Mon Feb 4 21:50:36 UTC 201920190204215036Patrick J Volkerding2019-02-05
| | | | | | | | | ap/zsh-5.7.1-x86_64-1.txz: Upgraded. d/python-setuptools-40.7.3-x86_64-1.txz: Upgraded. l/babl-0.1.62-x86_64-1.txz: Upgraded. l/gtk+3-3.24.5-x86_64-1.txz: Upgraded. n/iw-5.0.1-x86_64-1.txz: Upgraded. x/xf86-input-libinput-0.28.2-x86_64-1.txz: Upgraded.
* Sun Feb 3 20:26:34 UTC 201920190203202634Patrick J Volkerding2019-02-04
| | | | | | | | d/bison-3.3.2-x86_64-1.txz: Upgraded. n/dovecot-2.3.4-x86_64-2.txz: Rebuilt. Patched double free when used with MariaDB 10.3.x. Thanks to Thom1b. x/xkeyboard-config-2.26-noarch-1.txz: Upgraded. extra/bittorrent/bittorrent-4.4.0-noarch-4.txz: Removed.
* Sat Feb 2 22:09:17 UTC 201920190202220917Patrick J Volkerding2019-02-03
| | | | | | | | | | | | | | | ap/qpdf-8.4.0-x86_64-1.txz: Upgraded. d/Cython-0.29.4-x86_64-1.txz: Upgraded. d/binutils-2.32-x86_64-1.txz: Upgraded. Shared library .so-version bump. Is it safe to use --enable-initfini-array yet? Guess we'll find out. d/cmake-3.13.4-x86_64-1.txz: Upgraded. d/mercurial-4.9-x86_64-1.txz: Upgraded. d/oprofile-1.3.0-x86_64-2.txz: Rebuilt. Recompiled against binutils-2.32. n/iw-5.0-x86_64-1.txz: Upgraded. n/mutt-1.11.3-x86_64-1.txz: Upgraded. x/libva-utils-2.4.0-x86_64-1.txz: Upgraded.