From 07f87f994f59b3e53d1385c2a078db7a9952492d Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Sat, 21 Dec 2019 01:04:26 +0000 Subject: Sat Dec 21 01:04:26 UTC 2019 a/aaa_elflibs-15.0-x86_64-17.txz: Rebuilt. Upgraded: libcap.so.2.28, libelf-0.178.so, libglib-2.0.so.0.6200.4, libgmodule-2.0.so.0.6200.4, libgobject-2.0.so.0.6200.4, libgthread-2.0.so.0.6200.4, libidn2.so.0.3.7, libpcre2-8.so.0.9.0, libtdb.so.1.4.3. Added: libffi.so.6.0.4, libffi.so.7.1.0. a/file-5.38-x86_64-2.txz: Rebuilt. Patched to fix ELF shared libraries misidentified as "statically linked." a/kernel-firmware-20191220_6871bff-noarch-1.txz: Upgraded. a/openssl10-solibs-1.0.2u-x86_64-1.txz: Upgraded. (* Security fix *) d/guile-2.2.6-x86_64-2.txz: Rebuilt. Recompiled against libffi-3.3. d/llvm-9.0.1-x86_64-1.txz: Upgraded. Compiled against libffi-3.3. d/python-2.7.17-x86_64-2.txz: Rebuilt. Recompiled against libffi-3.3. d/python3-3.7.6-x86_64-1.txz: Upgraded. Compiled against libffi-3.3. d/ruby-2.6.5-x86_64-2.txz: Rebuilt. Recompiled against libffi-3.3. l/glib2-2.62.4-x86_64-2.txz: Rebuilt. Recompiled against libffi-3.3. l/libffi-3.3-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/libvpx-1.8.2-x86_64-1.txz: Upgraded. l/pygobject-2.28.7-x86_64-4.txz: Rebuilt. Recompiled against libffi-3.3. l/pygobject3-3.34.0-x86_64-2.txz: Rebuilt. Recompiled against libffi-3.3. l/sip-4.19.20-x86_64-1.txz: Upgraded. n/cifs-utils-6.10-x86_64-1.txz: Upgraded. n/dhcpcd-8.1.3-x86_64-1.txz: Upgraded. n/openssl10-1.0.2u-x86_64-1.txz: Upgraded. This update fixes a low severity security issue: Fixed an an overflow bug in the x86_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. For more information, see: https://www.openssl.org/news/secadv/20191206.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551 (* Security fix *) n/p11-kit-0.23.18.1-x86_64-2.txz: Rebuilt. Recompiled against libffi-3.3. extra/tigervnc/tigervnc-1.10.1-x86_64-1.txz: Upgraded. From tigervnc.org: "This is a security release to fix a number of issues that were found by Kaspersky Lab. These issues affect both the client and server and could theoretically allow a malicious peer to take control over the software on the other side. No working exploit is known at this time, and the issues require the peer to first be authenticated. We still urge users to upgrade when possible." (* Security fix *) --- ChangeLog.txt | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) (limited to 'ChangeLog.txt') diff --git a/ChangeLog.txt b/ChangeLog.txt index efd678cb..3b93fae3 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,56 @@ +Sat Dec 21 01:04:26 UTC 2019 +a/aaa_elflibs-15.0-x86_64-17.txz: Rebuilt. + Upgraded: libcap.so.2.28, libelf-0.178.so, libglib-2.0.so.0.6200.4, + libgmodule-2.0.so.0.6200.4, libgobject-2.0.so.0.6200.4, + libgthread-2.0.so.0.6200.4, libidn2.so.0.3.7, libpcre2-8.so.0.9.0, + libtdb.so.1.4.3. + Added: libffi.so.6.0.4, libffi.so.7.1.0. +a/file-5.38-x86_64-2.txz: Rebuilt. + Patched to fix ELF shared libraries misidentified as "statically linked." +a/kernel-firmware-20191220_6871bff-noarch-1.txz: Upgraded. +a/openssl10-solibs-1.0.2u-x86_64-1.txz: Upgraded. + (* Security fix *) +d/guile-2.2.6-x86_64-2.txz: Rebuilt. + Recompiled against libffi-3.3. +d/llvm-9.0.1-x86_64-1.txz: Upgraded. + Compiled against libffi-3.3. +d/python-2.7.17-x86_64-2.txz: Rebuilt. + Recompiled against libffi-3.3. +d/python3-3.7.6-x86_64-1.txz: Upgraded. + Compiled against libffi-3.3. +d/ruby-2.6.5-x86_64-2.txz: Rebuilt. + Recompiled against libffi-3.3. +l/glib2-2.62.4-x86_64-2.txz: Rebuilt. + Recompiled against libffi-3.3. +l/libffi-3.3-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/libvpx-1.8.2-x86_64-1.txz: Upgraded. +l/pygobject-2.28.7-x86_64-4.txz: Rebuilt. + Recompiled against libffi-3.3. +l/pygobject3-3.34.0-x86_64-2.txz: Rebuilt. + Recompiled against libffi-3.3. +l/sip-4.19.20-x86_64-1.txz: Upgraded. +n/cifs-utils-6.10-x86_64-1.txz: Upgraded. +n/dhcpcd-8.1.3-x86_64-1.txz: Upgraded. +n/openssl10-1.0.2u-x86_64-1.txz: Upgraded. + This update fixes a low severity security issue: + Fixed an an overflow bug in the x86_64 Montgomery squaring procedure used in + exponentiation with 512-bit moduli. + For more information, see: + https://www.openssl.org/news/secadv/20191206.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551 + (* Security fix *) +n/p11-kit-0.23.18.1-x86_64-2.txz: Rebuilt. + Recompiled against libffi-3.3. +extra/tigervnc/tigervnc-1.10.1-x86_64-1.txz: Upgraded. + From tigervnc.org: "This is a security release to fix a number of issues + that were found by Kaspersky Lab. These issues affect both the client and + server and could theoretically allow a malicious peer to take control + over the software on the other side. No working exploit is known at this + time, and the issues require the peer to first be authenticated. We still + urge users to upgrade when possible." + (* Security fix *) ++--------------------------+ Thu Dec 19 23:02:54 UTC 2019 d/cmake-3.16.2-x86_64-1.txz: Upgraded. d/rust-1.40.0-x86_64-1.txz: Upgraded. -- cgit v1.2.3