Slackware-current ChangeLog
Thu Aug 13 19:46:50 UTC 2020
Packages
Rebuilt
- a/sysvinit-scripts-2.1-noarch-35.txz
rc.6: don't try to turn off swap if none is active. Thanks to stf92.
Upgraded
Wed Aug 12 18:07:02 UTC 2020
Packages
Upgraded
Tue Aug 11 20:14:22 UTC 2020
Packages
Upgraded
Rebuilt
Mon Aug 10 18:05:13 UTC 2020
Packages
Upgraded
Added
Sun Aug 9 18:35:29 UTC 2020
Packages
Upgraded
Fri Aug 7 21:45:43 UTC 2020
Packages
Upgraded
Rebuilt
Thu Aug 6 18:45:54 UTC 2020
Packages
Upgraded
Wed Aug 5 18:46:42 UTC 2020
Packages
Upgraded
Tue Aug 4 17:49:39 UTC 2020
Packages
Upgraded
- n/php-7.4.9-i586-1.txz
This update fixes bugs and a security issue:
Phar: Use of freed hash key in the phar_parse_zipfile function.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7068
(* Security fix *)
Mon Aug 3 20:03:30 UTC 2020
Packages
Upgraded
Rebuilt
- l/mozjs68-68.11.0esr-i586-2.txz
Fixed slack-desc. Thanks to USUARIONUEVO.
Sun Aug 2 18:20:30 UTC 2020
Packages
Upgraded
Rebuilt
- x/libX11-1.6.10-i586-2.txz
Fix size calculation in _XimAttributeToValue.
Thanks to chrisVV and Yichao Yu.
Sat Aug 1 19:08:49 UTC 2020
Packages
Rebuilt
- a/cryptsetup-2.3.3-i586-2.txz
Recompiled against json-c-0.15_20200726. - n/bind-9.16.5-i586-2.txz
Recompiled against json-c-0.15_20200726. - x/libmypaint-1.6.1-i586-2.txz
Recompiled against json-c-0.15_20200726. - xap/gimp-2.10.20-i586-2.txz
Recompiled against json-c-0.15_20200726.
Upgraded
- l/json-c-0.15_20200726-i586-1.txz
Shared library .so-version bump.
Removed
l/urwid-1.0.3-i586-5.txz
This is an ancient version that was only used by wicd.extra/wicd/wicd-1.7.4-i586-3.txz
This is unmaintained, possibly insecure, and doesn't work with Python
versions newer than 2.7.18. NetworkManager is a better choice these days.
Fri Jul 31 22:00:05 UTC 2020
Packages
Upgraded
- xap/mozilla-thunderbird-68.11.0-i686-1.txz
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.11.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2020-35/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15652
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6514
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6463
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15659
(* Security fix *)
Removed
Added
- l/mozjs68-68.11.0esr-i586-1.txz
IMPORTANT: This is needed for polkit-0.117.
Rebuilt
Wed Jul 29 19:35:55 UTC 2020
Packages
Upgraded
Added
- ap/inxi-20200728_6ce9149b-noarch-1.txz
A system information script. Not as flashy as neofetch, but with more useful
output options. Thanks to drgibbon for the suggestion. - x/hack-fonts-ttf-3.003-noarch-1.txz
Thanks to alienBOB. - x/noto-cjk-fonts-ttf-2.001-noarch-1.txz
Thanks to alienBOB. - x/noto-fonts-ttf-20171024-noarch-1.txz
Thanks to alienBOB.
Rebuilt
Wed Jul 29 04:46:21 UTC 2020
Packages
Upgraded
Added
Mon Jul 27 18:14:47 UTC 2020
Packages
Upgraded
- xap/mozilla-firefox-78.1.0esr-i686-1.txz
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/78.1.0/releasenotes/
(* Security fix *)
Sun Jul 26 18:59:24 UTC 2020
Packages
Rebuilt
- l/boost-1.73.0-i586-3.txz
Revert a change that broke building krita. Thanks to oneforall2.
Upgraded
Sat Jul 25 18:11:22 UTC 2020
Packages
Upgraded
- l/mozilla-nss-3.55-i586-1.txz
Fixed empty nspr-config. Thanks to saxa.
Fri Jul 24 18:44:56 UTC 2020
Packages
Upgraded
Thu Jul 23 20:08:16 UTC 2020
Packages
Upgraded
Rebuilt
- extra/sendmail/sendmail-8.16.1-i586-2.txz
Updated site.config.m4 and included -DDANE. Thanks to HQuest.
Wed Jul 22 20:27:42 UTC 2020
Packages
Upgraded
Rebuilt
Tue Jul 21 19:59:48 UTC 2020
Packages
Upgraded
- xap/pidgin-2.14.1-i586-1.txz
This update adds support for voice and video via Farstream.
Added
- l/farstream-0.2.9-i586-1.txz
Needed by pidgin-2.14.1. - l/libnice-0.1.17-i586-1.txz
Needed by farstream-0.2.9.
Mon Jul 20 17:37:10 UTC 2020
Packages
Upgraded
Rebuilt
Fri Jul 17 18:42:24 UTC 2020
Packages
Upgraded
Thu Jul 16 19:43:38 UTC 2020
Packages
Upgraded
Rebuilt
- xap/pan-0.146-i586-2.txz
Fix posting errors with GMime3. Thanks to Detlef Graef.
Tue Jul 14 18:26:33 UTC 2020
Packages
Upgraded
Mon Jul 13 18:31:31 UTC 2020
Packages
Upgraded
Sat Jul 11 18:57:11 UTC 2020
Packages
Upgraded
Fri Jul 10 18:27:57 UTC 2020
Packages
Upgraded
Fri Jul 10 00:40:43 UTC 2020
Packages
Upgraded
- a/kernel-generic-5.4.51-i586-1.txz
+EFI_CUSTOM_SSDT_OVERLAYS y - a/kernel-generic-smp-5.4.51_smp-i686-1.txz
+EFI_CUSTOM_SSDT_OVERLAYS y - a/kernel-huge-5.4.51-i586-1.txz
SPEAKUP y → m
SPEAKUP_SYNTH_ACNTPC y → m
SPEAKUP_SYNTH_ACNTSA y → m
SPEAKUP_SYNTH_APOLLO y → m
SPEAKUP_SYNTH_AUDPTR y → m
SPEAKUP_SYNTH_BNS y → m
SPEAKUP_SYNTH_DECEXT y → m
SPEAKUP_SYNTH_DECTLK y → m
SPEAKUP_SYNTH_DTLK y → m
SPEAKUP_SYNTH_DUMMY y → m
SPEAKUP_SYNTH_KEYPC y → m
SPEAKUP_SYNTH_LTLK y → m
SPEAKUP_SYNTH_SOFT y → m
SPEAKUP_SYNTH_SPKOUT y → m
SPEAKUP_SYNTH_TXPRT y → m
+EFI_CUSTOM_SSDT_OVERLAYS y - a/kernel-huge-smp-5.4.51_smp-i686-1.txz
SPEAKUP y → m
SPEAKUP_SYNTH_ACNTPC y → m
SPEAKUP_SYNTH_ACNTSA y → m
SPEAKUP_SYNTH_APOLLO y → m
SPEAKUP_SYNTH_AUDPTR y → m
SPEAKUP_SYNTH_BNS y → m
SPEAKUP_SYNTH_DECEXT y → m
SPEAKUP_SYNTH_DECTLK y → m
SPEAKUP_SYNTH_DTLK y → m
SPEAKUP_SYNTH_DUMMY y → m
SPEAKUP_SYNTH_KEYPC y → m
SPEAKUP_SYNTH_LTLK y → m
SPEAKUP_SYNTH_SOFT y → m
SPEAKUP_SYNTH_SPKOUT y → m
SPEAKUP_SYNTH_TXPRT y → m
+EFI_CUSTOM_SSDT_OVERLAYS y - k/kernel-source-5.4.51_smp-noarch-1.txz
+EFI_CUSTOM_SSDT_OVERLAYS y - xap/mozilla-firefox-78.0.2esr-i686-1.txz
This release contains a security fix and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/78.0.2/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2020-28/
(* Security fix *)
Rebuilt
- isolinux/initrd.img
Speakup is included as modules which will need to be loaded manually,
for now at least. - usb-and-pxe-installers/usbboot.img
Speakup is included as modules which will need to be loaded manually,
for now at least.
Wed Jul 8 20:56:51 UTC 2020
Packages
Upgraded
Tue Jul 7 20:51:59 UTC 2020
Packages
Upgraded
- xap/seamonkey-2.53.3-i686-1.txz
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.3
(* Security fix *)
Rebuilt
- xap/mozilla-firefox-78.0.1esr-i686-2.txz
Recompiled with –enable-default-toolkit=cairo-gtk3-wayland.
Sun Jul 5 19:43:59 UTC 2020
Packages
Upgraded
Sat Jul 4 18:59:06 UTC 2020
Packages
Upgraded
- l/libvorbis-1.3.7-i586-1.txz
Fix out-of-bounds read encoding very low sample rates.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10393
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14160
(* Security fix *)
Fri Jul 3 20:28:47 UTC 2020
Packages
Upgraded
- xap/mozilla-firefox-78.0.1esr-i686-1.txz
Updated to the new 78.x ESR release.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/78.0.1/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2020-24/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12416
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12417
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12418
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12419
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12420
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12402
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12421
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12422
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12423
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12424
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12425
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12426
(* Security fix *)
Rebuilt
- extra/pure-alsa-system/xfce4-mixer-4.11.0-i586-2_alsa.txz
Recompiled against keybinder3-3.0_0.3.2.
Thu Jul 2 19:18:33 UTC 2020
Packages
Upgraded
- xap/mozilla-thunderbird-68.10.0-i686-1.txz
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.10.0/releasenotes/
Wed Jul 1 19:15:58 UTC 2020
Packages
Upgraded
Rebuilt
Tue Jun 30 18:56:59 UTC 2020
Packages
Upgraded
- n/ca-certificates-20200630-noarch-1.txz
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
Rebuilt
- ap/mariadb-10.5.4-i586-2.txz
rc.mysqld: stop the database by PID to avoid improperly stopping other
instances that were not started by this script. Thanks to denydias.
Mon Jun 29 18:21:49 UTC 2020
Packages
Upgraded
- xap/mozilla-firefox-68.10.0esr-i686-1.txz
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.10.0/releasenotes/
(* Security fix *)
Rebuilt
- a/util-linux-2.35.2-i586-5.txz
Also fix chsh when linked with libreadline. Thanks to Karel Zak.
Sun Jun 28 21:57:58 UTC 2020
Packages
Rebuilt
- x/libwacom-1.4-i586-2.txz
Fix joystick property matching in udev rule. Thanks to Pixxt.
Sun Jun 28 19:37:44 UTC 2020
Packages
Rebuilt
- a/util-linux-2.35.2-i586-4.txz
Fix chfn line breaks when libreadline is used. Thanks to gouttegd.
Upgraded
Fri Jun 26 19:18:25 UTC 2020
Packages
Upgraded
- a/sysklogd-2.1.2-i586-1.txz
Make sure to move the .new init script and config into place for this.
Added
Thu Jun 25 18:15:39 UTC 2020
Packages
Upgraded
Rebuilt
Wed Jun 24 20:06:50 UTC 2020
Packages
Upgraded
- d/guile-3.0.4-i586-1.txz
Shared library .so-version bump.
Looks like the previous bump was a mistake:
This release fixes the SONAME of libguile-3.0.so, which was erroneously
bumped in 3.0.3 compared to 3.0.2. Distributions are strongly
encouraged to use 3.0.4 instead of 3.0.3. - l/libjpeg-turbo-2.0.5-i586-1.txz
This update fixes bugs and a security issue:
Fixed an issue in the PPM reader that caused a buffer overrun in cjpeg,
TJBench, or the `tjLoadImage()` function if one of the values in a binary
PPM/PGM input file exceeded the maximum value defined in the file's header
and that maximum value was less than 255.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13790
(* Security fix *) - n/curl-7.71.0-i586-1.txz
This update fixes security issues:
curl overwrite local file with -J [111]
Partial password leak over DNS on HTTP redirect [48]
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
(* Security fix *)
Rebuilt
- d/make-4.2.1-i586-7.txz
Recompiled against guile-3.0.4. - n/gnutls-3.6.14-i586-3.txz
Recompiled against guile-3.0.4.
Tue Jun 23 21:49:49 UTC 2020
Packages
Upgraded
- n/ntp-4.2.8p15-i586-1.txz
This release fixes one vulnerability: Associations that use CMAC
authentication between ntpd from versions 4.2.8p11/4.3.97 and
4.2.8p14/4.3.100 will leak a small amount of memory for each packet.
Eventually, ntpd will run out of memory and abort.
(* Security fix *) - n/rsync-3.2.1-i586-1.txz
Please note that this update requires the new packages xxHash and lz4. - t/texlive-2020.200608-i586-1.txz
Thanks to Johannes Schoepfer.
Rebuilt
- ap/mariadb-10.4.13-i586-3.txz
Recompiled to pick up lz4 support. Thanks to Heinz Wiesinger. - ap/squashfs-tools-4.4-i586-2.txz
Added lz4 support. Thanks to Heinz Wiesinger. - d/subversion-1.14.0-i586-2.txz
Use the system lz4 library. Thanks to Heinz Wiesinger. - l/libarchive-3.4.3-i586-2.txz
Recompiled to pick up lz4 support. Thanks to Heinz Wiesinger. - l/zstd-1.4.5-i586-2.txz
Recompiled to pick up lz4 support. - n/dovecot-2.3.10.1-i586-2.txz
Recompiled to pick up lz4 support. Thanks to Heinz Wiesinger. - xap/blueman-2.1.3-i586-2.txz
As a matter of policy and since the rule already exists in
/usr/share/polkit-1/rules.d/, we should not install a rules file in /etc.
Note that since the file was installed as a .new, upgrading the package
will not remove it and it will need to be removed manually. It's harmless
if it remains, though.
Thanks to Robby Workman.
Added
- l/lz4-1.9.2-i586-1.txz
This is a new dependency for dovecot, libarchive, mariadb, rsync,
squashfs-tools, subversion, and zstd. Thanks to Heinz Wiesinger. - l/xxHash-0.7.3-i586-1.txz
This is a new dependency for rsync.
Mon Jun 22 20:20:12 UTC 2020
Packages
Upgraded
- ap/vim-8.2.1039-i586-1.txz
Compiled against perl-5.32.0. - d/guile-3.0.3-i586-1.txz
Shared library .so-version bump. - xap/vim-gvim-8.2.1039-i586-1.txz
Compiled against perl-5.32.0.
Added
Rebuilt
- ap/texinfo-6.7-i586-2.txz
Recompiled against perl-5.32.0. - d/make-4.2.1-i586-6.txz
Recompiled against guile-3.0.3. - kde/perlkde-4.14.3-i586-9.txz
Recompiled against perl-5.32.0. - kde/perlqt-4.14.3-i586-10.txz
Recompiled against perl-5.32.0. - n/epic5-2.1.2-i586-2.txz
Recompiled against perl-5.32.0. - n/gnutls-3.6.14-i586-2.txz
Recompiled against guile-3.0.3. - n/irssi-1.2.2-i586-3.txz
Recompiled against perl-5.32.0. - n/net-snmp-5.8-i586-6.txz
Recompiled against perl-5.32.0. - n/ntp-4.2.8p14-i586-2.txz
Recompiled against perl-5.32.0. - xap/hexchat-2.14.3-i586-3.txz
Recompiled against perl-5.32.0. - xap/rxvt-unicode-9.22-i586-8.txz
Recompiled against perl-5.32.0.
Fri Jun 19 19:59:04 UTC 2020
Packages
Upgraded
Rebuilt
- a/sysvinit-scripts-2.1-noarch-34.txz
rc.M: check for elogind first so that we can ignore a stale CK2 package. - x/xinit-1.4.1-i586-2.txz
When using elogind, start the session on the current console.
Thanks to alienBOB.
Thu Jun 18 22:01:29 UTC 2020
Packages
Upgraded
- n/bind-9.16.4-i586-1.txz
This update fixes two security issues:
It was possible to trigger an INSIST when determining whether a record would
fit into a TCP message buffer.
It was possible to trigger an INSIST in lib/dns/rbtdb.c:new_reference() with
a particular zone content and query patterns.
For more information, see:
https://kb.isc.org/docs/cve-2020-8618
https://kb.isc.org/docs/cve-2020-8619
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8618
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619
(* Security fix *)
Rebuilt
- a/sysvinit-scripts-2.1-noarch-33.txz
rc.M: add support for elogind. Thanks to alienBOB. - a/util-linux-2.35.2-i586-3.txz
/etc/pam.d/login: support pam_elogind.so. Thanks to alienBOB.
Wed Jun 17 19:42:26 UTC 2020
Packages
Upgraded
Tue Jun 16 20:50:41 UTC 2020
Packages
Rebuilt
- a/shadow-4.8.1-i586-10.txz
system-auth: auth required pam_unix.so […], otherwise the stack exits
before pam_gnome_keyring.so executes. Thanks to pyllyukko.
Get rid of “auth required pam_deny.so” which seems like a mistake.
Still pending: consider GazL's comments on moving stuff out of system-auth. - a/upower-0.9.23-i586-5.txz
Recompiled against libimobiledevice-20200615_4791a82 and libplist-2.2.0.
The renaming mess initiated by libplist required a rebuild on this one to
keep things consistent for now, but don't worry - we aren't going to be
sticking to this version for long or anything. - l/gvfs-1.44.1-i586-2.txz
Recompiled against libimobiledevice-20200615_4791a82 and libplist-2.2.0. - l/libgpod-0.8.3-i586-7.txz
Recompiled against libimobiledevice-20200615_4791a82 and libplist-2.2.0.
Upgraded
- ap/usbmuxd-20200615_3daa1e9-i586-1.txz
Compiled against libimobiledevice-20200615_4791a82 and libplist-2.2.0. - l/libimobiledevice-20200615_4791a82-i586-1.txz
Shared library .so-version bump. - l/libplist-2.2.0-i586-1.txz
Shared library .so-version bump. - l/libusbmuxd-20200615_c7d7d1a-i586-1.txz
Shared library .so-version bump.
Mon Jun 15 18:45:08 UTC 2020
Packages
Upgraded
Sun Jun 14 19:29:20 UTC 2020
Packages
Upgraded
Sat Jun 13 20:40:31 UTC 2020
Packages
Upgraded
- a/pam-1.4.0-i586-1.txz
IMPORTANT NOTE: This update removes the pam_cracklib and pam_tally2 modules.
None of our current configuration files in /etc/pam.d/ use either of those,
but if the configuration files on your machine do you'll need to comment out
or remove those lines, otherwise you may experience login failures.
Rebuilt
- a/shadow-4.8.1-i586-9.txz
/etc/pam.d/system-auth: prefix lines that call pam_gnome_keyring.so with '-'
to avoid spamming the logs about failures. - a/sysvinit-scripts-2.1-noarch-32.txz
rc.S: create /var/run/faillock directory for pam_faillock(8). - a/util-linux-2.35.2-i586-2.txz
/etc/pam.d/login: change the example for locking an account for too many
failed login attempts to use pam_faillock instead of pam_tally2. - n/openssh-8.3p1-i586-2.txz
/etc/pam.d/sshd: change the example for locking an account for too many
failed login attempts to use pam_faillock instead of pam_tally2.
Fri Jun 12 19:05:51 UTC 2020
Packages
Upgraded
Thu Jun 11 21:17:43 UTC 2020
Packages
Upgraded
- l/alsa-lib-1.2.2-i586-1.txz
Revert to this version of alsa-lib due to the pulseaudio daemon crashing in
some cases where multiple audio devices are present. - extra/pure-alsa-system/alsa-lib-1.2.2-i586-1_alsa.txz
Revert to this version of alsa-lib due to the pulseaudio daemon crashing in
some cases where multiple audio devices are present.
Rebuilt
- ap/alsa-utils-1.2.3-i586-2.txz
This version seems good, but we'll recompile it against alsa-lib-1.2.2 just
to be on the safe side.
Wed Jun 10 23:15:33 UTC 2020
Packages
Upgraded
Rebuilt
Wed Jun 10 19:08:47 UTC 2020
Packages
Upgraded
Tue Jun 9 22:11:00 UTC 2020
Packages
Upgraded
Mon Jun 8 19:35:33 UTC 2020
Packages
Upgraded
Rebuilt
Sun Jun 7 23:31:27 UTC 2020
Packages
Upgraded
Rebuilt
Sun Jun 7 01:56:26 UTC 2020
Packages
Upgraded
Fri Jun 5 20:30:12 UTC 2020
Packages
Upgraded
Thu Jun 4 17:58:17 UTC 2020
Packages
Upgraded
- xap/mozilla-thunderbird-68.9.0-i686-1.txz
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.9.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2020-22/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12398
(* Security fix *)
Wed Jun 3 20:21:52 UTC 2020
Packages
Upgraded
- n/gnutls-3.6.14-i586-1.txz
Fixed insecure session ticket key construction, since 3.6.4. The TLS server
would not bind the session ticket encryption key with a value supplied by
the application until the initial key rotation, allowing attacker to bypass
authentication in TLS 1.3 and recover previous conversations in TLS 1.2.
[GNUTLS-SA-2020-06-03, CVSS: high]
(* Security fix *)
Rebuilt
Tue Jun 2 19:31:39 UTC 2020
Packages
Upgraded
- d/perl-5.30.3-i586-1.txz
Upgraded to IO-Socket-SSL-2.068. - n/ca-certificates-20200602-noarch-1.txz
This update provides the latest CA certificates to check for the
authenticity of SSL connections. - n/nghttp2-1.41.0-i586-1.txz
This update fixes a security issue where an overly large HTTP/2 SETTINGS
frame payload causes a denial of service.
For more information, see:
https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11080
(* Security fix *) - n/proftpd-1.3.6d-i586-1.txz
This is a bugfix release:
Fixed issue with FTPS uploads of large files using TLSv1.3 (Issue #959).
Mon Jun 1 18:27:22 UTC 2020
Packages
Upgraded
- xap/mozilla-firefox-68.9.0esr-i686-1.txz
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.9.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2020-21/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410
(* Security fix *)
Sat May 30 21:31:07 UTC 2020
Packages
Upgraded
Added
Fri May 29 21:27:09 UTC 2020
Packages
Upgraded
Thu May 28 18:20:36 UTC 2020
Packages
Upgraded
Rebuilt
Tue May 26 20:35:03 UTC 2020
Packages
Upgraded
- extra/aspell-word-lists/aspell-pt_PT-20190329_0-i586-1.txz
Thanks to sairum for the link to a better word list.
Removed
Added
- extra/aspell-word-lists/aspell-pt_PT-preao-20190329_0-i586-1.txz
Thanks to sairum for the link to a better word list.
Rebuilt
- xap/gnuplot-5.2.8-i586-2.txz
Rebuilt with Qt5 (uses anti-aliasing to improve the plot output).
Sun May 24 18:35:29 UTC 2020
Packages
Upgraded
Sat May 23 00:13:54 UTC 2020
Packages
Upgraded
- xap/mozilla-thunderbird-68.8.1-i686-1.txz
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.8.1/releasenotes/
Fri May 22 04:29:34 UTC 2020
Packages
Upgraded
Rebuilt
- kde/kde-workspace-4.11.22-i586-9.txz
kde-np: by default, do not restrict passwordless login for UIDs below 1000,
but keep the option to do so in the file commented out.
Wed May 20 23:53:44 UTC 2020
Packages
Upgraded
Rebuilt
Tue May 19 19:47:49 UTC 2020
Packages
Rebuilt
- a/shadow-4.8.1-i586-8.txz
It seems that /etc/suauth is not supported when PAM is in use, even if
configure.ac is hacked to enable it. I've removed the man pages for it,
and would suggest using sudo as a replacement. - l/oniguruma-6.9.5_rev1-i586-2.txz
Rebuilt with –enable-posix-api. Thanks to MisterL.
Upgraded
- l/libexif-0.6.22-i586-1.txz
This update fixes bugs and security issues:
CVE-2018-20030: Fix for recursion DoS
CVE-2020-13114: Time consumption DoS when parsing canon array markers
CVE-2020-13113: Potential use of uninitialized memory
CVE-2020-13112: Various buffer overread fixes due to integer overflows
in maker notes
CVE-2020-0093: read overflow
CVE-2019-9278: replaced integer overflow checks the compiler could
optimize away by safer constructs
CVE-2020-12767: fixed division by zero
CVE-2016-6328: fixed integer overflow when parsing maker notes
CVE-2017-7544: fixed buffer overread
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20030
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13114
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13113
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13112
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9278
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12767
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6328
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7544
(* Security fix *) - n/bind-9.16.3-i586-1.txz
This update fixes a security issue:
A malicious actor who intentionally exploits the lack of effective
limitation on the number of fetches performed when processing referrals
can, through the use of specially crafted referrals, cause a recursing
server to issue a very large number of fetches in an attempt to process
the referral. This has at least two potential effects: The performance of
the recursing server can potentially be degraded by the additional work
required to perform these fetches, and the attacker can exploit this
behavior to use the recursing server as a reflector in a reflection attack
with a high amplification factor.
For more information, see:
https://kb.isc.org/docs/cve-2020-8616
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616
(* Security fix *)
Mon May 18 23:30:26 UTC 2020
Packages
Upgraded
Rebuilt
- kde/kde-workspace-4.11.22-i586-8.txz
Added /etc/pam.d/kde-np to fix KDM autologin.
Thanks to USUARIONUEVO for the bug report.
Mon May 18 19:17:21 UTC 2020
Greetings! After three months in /testing, the PAM merge into the main tree
is now complete. When updating, be sure to install the new pam, cracklib, and
libpwquality packages or you may find yourself locked out of your machine.
Otherwise, these changes should be completely transparent and you shouldn't
notice any obvious operational differences. Be careful if you make any changes
in /etc/pam.d/ - leaving an extra console logged in while testing PAM config
changes is a recommended standard procedure. Thanks again to Robby Workman,
Vincent Batts, Phantom X, and ivandi for help implementing this. It's not
done yet and there will be more fine-tuning of the config files, but now we
can move on to build some other updates. Enjoy!
Packages
Added
Upgraded
- ap/soma-3.3.0-noarch-1.txz
Thanks to David Woodfall. - l/icu4c-67.1-i586-1.txz
Shared library .so-version bump. - n/dovecot-2.3.10.1-i586-1.txz
Rebuilt to add PAM support.
Compiled against icu4c-67.1.
This update fixes several denial-of-service vulnerabilities.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10957
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10958
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10967
(* Security fix *) - n/postfix-3.5.2-i586-1.txz
Compiled against icu4c-67.1. - xap/sane-1.0.30-i586-1.txz
This update fixes several security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12867
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12862
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12863
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12865
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12866
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12861
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12864
(* Security fix *)
Rebuilt
- a/libcgroup-0.41-i586-7.txz
Rebuilt to add PAM support. - a/lilo-24.2-i586-9.txz
Enable the “compact” option by default.
liloconfig: correctly set the root partition. - a/shadow-4.8.1-i586-7.txz
Rebuilt to add PAM support. - a/util-linux-2.35.1-i586-6.txz
Rebuilt to add PAM support. - a/xfsprogs-5.6.0-i586-2.txz
Recompiled against icu4c-67.1. - ap/at-3.2.1-i586-2.txz
Rebuilt to add PAM support. - ap/cups-2.3.3-i586-2.txz
Rebuilt to add PAM support. - ap/hplip-3.20.5-i586-2.txz
Rebuilt to add PAM support. - ap/mariadb-10.4.13-i586-2.txz
Rebuilt to add PAM support. - ap/screen-4.8.0-i586-2.txz
Rebuilt to add PAM support. - ap/sqlite-3.31.1-i586-2.txz
Recompiled against icu4c-67.1. - ap/sudo-1.9.0-i586-2.txz
Rebuilt to add PAM support. - kde/calligra-2.9.11-i586-36.txz
Recompiled against icu4c-67.1. - kde/kde-workspace-4.11.22-i586-7.txz
Rebuilt to add PAM support. - l/ConsoleKit2-1.2.1-i586-4.txz
Rebuilt to add PAM support. - l/boost-1.73.0-i586-2.txz
Recompiled against icu4c-67.1. - l/gnome-keyring-3.36.0-i586-2.txz
Rebuilt to add PAM support. - l/harfbuzz-2.6.6-i586-2.txz
Recompiled against icu4c-67.1. - l/libcap-2.34-i586-2.txz
Rebuilt to add PAM support. - l/libical-3.0.8-i586-2.txz
Recompiled against icu4c-67.1. - l/libvisio-0.1.7-i586-3.txz
Recompiled against icu4c-67.1. - l/polkit-0.116-i586-3.txz
Rebuilt to add PAM support. - l/qt-4.8.7-i586-16.txz
Recompiled against icu4c-67.1. - l/qt5-5.13.2-i586-4.txz
Recompiled against icu4c-67.1. - l/qt5-webkit-5.212.0_alpha4-i586-2.txz
Recompiled against icu4c-67.1. - l/raptor2-2.0.15-i586-9.txz
Recompiled against icu4c-67.1. - l/system-config-printer-1.5.12-i586-4.txz
Rebuilt to add PAM support. - l/vte-0.60.2-i586-2.txz
Recompiled against icu4c-67.1. - n/cifs-utils-6.10-i586-4.txz
Rebuilt to add PAM support. - n/cyrus-sasl-2.1.27-i586-4.txz
Rebuilt to add PAM support. - n/netatalk-3.1.12-i586-3.txz
Rebuilt to add PAM support. - n/netkit-rsh-0.17-i586-3.txz
Rebuilt to add PAM support. - n/openssh-8.2p1-i586-3.txz
Rebuilt to add PAM support. - n/openvpn-2.4.9-i586-2.txz
Rebuilt to add PAM support. - n/php-7.4.6-i586-2.txz
Recompiled against icu4c-67.1. - n/popa3d-1.0.3-i586-4.txz
Rebuilt to add PAM support. - n/ppp-2.4.8-i586-2.txz
Rebuilt to add PAM support. - n/proftpd-1.3.6c-i586-2.txz
Rebuilt to add PAM support. - n/tin-2.4.4-i586-2.txz
Recompiled against icu4c-67.1. - n/vsftpd-3.0.3-i586-6.txz
Rebuilt to add PAM support. - t/texlive-2019.190626-i586-4.txz
Recompiled against icu4c-67.1. - x/xdm-1.1.11-i586-10.txz
Rebuilt to add PAM support. - xap/xlockmore-5.63-i586-2.txz
Rebuilt to add PAM support. - xap/xscreensaver-5.44-i586-2.txz
Rebuilt to add PAM support. - extra/brltty/brltty-6.1-i586-2.txz
Recompiled against icu4c-67.1. - extra/pure-alsa-system/qt5-5.13.2-i586-4_alsa.txz
Recompiled against icu4c-67.1. - isolinux/initrd.img
Added PAM libraries, security modules, and config files. - usb-and-pxe-installers/usbboot.img
Added PAM libraries, security modules, and config files.
Fri May 15 07:28:15 UTC 2020
Hey folks, just a heads-up that PAM is about to be merged into the main tree.
We can't have it blocking other upgrades any longer. The config files could be
improved (adding support for pam_krb5 and pam_ldap, for example), but they'll
do for now. Have a good weekend, and enjoy these updates!
Packages
Rebuilt
- a/aaa_elflibs-15.0-i586-23.txz
Upgraded: libcap.so.2.34, libelf-0.179.so, liblzma.so.5.2.5,
libglib-2.0.so.0.6400.2, libgmodule-2.0.so.0.6400.2,
libgobject-2.0.so.0.6400.2, libgthread-2.0.so.0.6400.2,
liblber-2.4.so.2.10.13, libldap-2.4.so.2.10.13, libpcre2-8.so.0.10.0.
Added temporarily in preparation for upgrading icu4c: libicudata.so.65.1,
libicui18n.so.65.1, libicuio.so.65.1, libicutest.so.65.1, libicutu.so.65.1,
libicuuc.so.65.1. - a/pkgtools-15.0-noarch-33.txz
setup.services: added support for rc.openldap and rc.openvpn.
Upgraded
Added
- n/openldap-2.4.50-i586-1.txz
This is a complete OpenLDAP package with both client and server support.
Thanks to Giuseppe Di Terlizzi for help with the server parts.
Removed
Wed May 13 20:01:12 UTC 2020
Packages
Rebuilt
- l/shared-mime-info-2.0-i586-2.txz
Disable fdatasync() usage.
Upgraded
Tue May 12 23:49:47 UTC 2020
Packages
Upgraded
- ap/mariadb-10.4.13-i586-1.txz
This update fixes potential denial-of-service vulnerabilities.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2752
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2812
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2814
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2760
(* Security fix *) - n/php-7.4.6-i586-1.txz
Built using –with-tidy=shared. Thanks to Thom1b.
This update fixes bugs and security issues:
Core: Long variables cause OOM and temp files are not cleaned.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11048
(* Security fix *) - x/libmypaint-1.6.1-i586-1.txz
Shared library .so-version bump. - testing/packages/PAM/mariadb-10.4.13-i586-1_pam.txz
This update fixes potential denial-of-service vulnerabilities.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2752
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2812
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2814
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2760
(* Security fix *)
Added
Rebuilt
- xap/gimp-2.10.18-i586-2.txz
Recompiled against libmypaint-1.6.1.
Mon May 11 19:13:27 UTC 2020
Packages
Upgraded
Sun May 10 23:34:28 UTC 2020
Packages
Upgraded
Rebuilt
Sat May 9 20:49:43 UTC 2020
Packages
Rebuilt
- ap/pamixer-1.4-i586-5.txz
Recompiled against boost-1.73.0. - d/Cython-0.29.17-i586-2.txz
Added cython3 symlink. - kde/calligra-2.9.11-i586-35.txz
Recompiled against boost-1.73.0. - l/akonadi-1.13.0-i586-15.txz
Recompiled against boost-1.73.0.
Upgraded
- l/boost-1.73.0-i586-1.txz
Shared library .so-version bump.
Added
- testing/packages/PAM/pam-krb5-4.9-i586-1_pam.txz
Thanks to Bart van der Hall for the packaging hints.
Fri May 8 21:25:24 UTC 2020
Packages
Rebuilt
- a/shadow-4.8.1-i586-6.txz
Include manpages for sulogin(8). - testing/packages/PAM/shadow-4.8.1-i586-6_pam.txz
Include manpages for sulogin(8).
Use this version of /bin/su. - testing/packages/PAM/util-linux-2.35.1-i586-5_pam.txz
Don't use this version of /bin/su.
Upgraded
Fri May 8 04:23:14 UTC 2020
Packages
Rebuilt
- a/sysvinit-scripts-2.1-noarch-31.txz
rc.M: start rc.nss-pam-ldapd.
Upgraded
Added
- testing/packages/gcc10/gcc-10.1.0-i586-1.txz
Shared library .so-version bump. - testing/packages/gcc10/gcc-go-10.1.0-i586-1.txz
Shared library .so-version bump.
Thu May 7 01:30:11 UTC 2020
Packages
Upgraded
- k/kernel-source-5.4.39_smp-noarch-1.txz
HUGETLBFS n → y
JUMP_LABEL n → y
+CGROUP_HUGETLB n
+HUGETLB_PAGE y
+STATIC_KEYS_SELFTEST n
Thanks to camerabambai.
Rebuilt
Tue May 5 20:21:27 UTC 2020
Packages
Upgraded
- xap/mozilla-firefox-68.8.0esr-i686-1.txz
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.8.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2020-17/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12387
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12388
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12389
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6831
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12392
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12393
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12395
(* Security fix *) - xap/mozilla-thunderbird-68.8.0-i686-1.txz
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.8.0/releasenotes/
(* Security fix *)
Rebuilt
- n/nfs-utils-2.4.3-i586-3.txz
Added /var/lib/nfs/nfsdcltrack database directory for nfsdcltrack.
Thanks to upnort.
Added
- xap/NetworkManager-openvpn-1.8.12-i586-1.txz
Thanks to Robby Workman.
Sun May 3 06:47:41 UTC 2020
Packages
Upgraded
- xap/seamonkey-2.53.2-i686-1.txz
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.2
(* Security fix *)
Rebuilt
Fri May 1 18:05:38 UTC 2020
Packages
Upgraded
- d/Cython-0.29.17-i586-1.txz
Dropped python2 support. - d/python-pip-20.1-i586-1.txz
Dropped python2 support. - d/python-setuptools-46.1.3-i586-1.txz
Dropped python2 support. - l/pycairo-1.19.1-i586-1.txz
Dropped python2 support. - l/pycups-2.0.1-i586-1.txz
Dropped python2 support. - l/pycurl-7.43.0.5-i586-1.txz
Dropped python2 support. - l/pyparsing-2.4.7-i586-1.txz
Dropped python2 support. - l/python-certifi-2020.4.5.1-i586-1.txz
Dropped python2 support. - l/python-pygments-2.6.1-i586-1.txz
Dropped python2 support. - l/python-urllib3-1.25.9-i586-1.txz
Dropped python2 support. - n/nettle-3.6-i586-1.txz
Shared library .so-version bump.
Rebuilt
- a/sysvinit-scripts-2.1-noarch-30.txz
rc.S: contents of mounts below /run or /var/run should be visible in both
/run and /var/run. Thanks to Markus Wiesner. - l/M2Crypto-0.35.2-i586-5.txz
Dropped python2 support. - l/Mako-1.1.2-i586-2.txz
Dropped python2 support. - l/libzip-1.6.1-i586-2.txz
Recompiled against nettle-3.6. - l/python-appdirs-1.4.3-i586-5.txz
Dropped python2 support. - l/python-chardet-3.0.4-i586-5.txz
Dropped python2 support. - l/python-docutils-0.16-i586-3.txz
Dropped python2 support. - l/python-future-0.18.2-i586-2.txz
Dropped python2 support. - l/python-idna-2.9-i586-2.txz
Dropped python2 support. - l/python-notify2-0.3.1-i586-5.txz
Dropped python2 support. - l/python-packaging-20.3-i586-2.txz
Dropped python2 support. - l/python-ply-3.11-i586-3.txz
Dropped python2 support. - l/python-requests-2.23.0-i586-2.txz
Dropped python2 support. - l/python-sane-2.8.3-i586-5.txz
Dropped python2 support. - l/python-six-1.14.0-i586-2.txz
Dropped python2 support. - n/dnsmasq-2.81-i586-2.txz
Recompiled against nettle-3.6. - n/gnutls-3.6.13-i586-2.txz
Recompiled against nettle-3.6. - x/pyxdg-0.26-i586-3.txz
Dropped python2 support. - x/xorg-server-1.20.8-i586-2.txz
Recompiled against nettle-3.6. - x/xorg-server-xephyr-1.20.8-i586-2.txz
Recompiled against nettle-3.6. - x/xorg-server-xnest-1.20.8-i586-2.txz
Recompiled against nettle-3.6. - x/xorg-server-xvfb-1.20.8-i586-2.txz
Recompiled against nettle-3.6. - x/xorg-server-xwayland-1.20.8-i586-2.txz
Recompiled against nettle-3.6. - xap/rdesktop-1.9.0-i586-2.txz
Recompiled against nettle-3.6. - extra/tigervnc/tigervnc-1.10.1-i586-3.txz
Recompiled against nettle-3.6.
Removed
Added
- l/python2-module-collection-2.7.18-i586-1.txz
Time to quarantine these python2 modules and pin the versions where they
are (or in the case of setuptools, downgrade to the last version that doesn't
complain). This will keep most of the standard python2 add-ons in one package
so that we can upgrade modules for python3 without having to worry about
python2 support getting dropped upstream.
Thu Apr 30 04:58:02 UTC 2020
Packages
Upgraded
Rebuilt
Wed Apr 29 20:19:12 UTC 2020
Packages
Upgraded
Tue Apr 28 20:18:40 UTC 2020
Packages
Upgraded
- ap/cups-2.3.3-i586-1.txz
This update fixes two security issues:
The ppdOpen function did not handle invalid UI constraint.
ppdcSource::get_resolution function did not handle invalid resolution strings.
The ippReadIO function may under-read an extension.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3898
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842
(* Security fix *) - n/samba-4.12.2-i586-1.txz
This update fixes two security issues:
A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a
use-after-free in Samba's AD DC LDAP server.
A deeply nested filter in an un-authenticated LDAP search can exhaust the
LDAP server's stack memory causing a SIGSEGV.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10700
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10704
(* Security fix *) - testing/packages/PAM/cups-2.3.3-i586-1_pam.txz
This update fixes two security issues:
The ppdOpen function did not handle invalid UI constraint.
ppdcSource::get_resolution function did not handle invalid resolution strings.
The ippReadIO function may under-read an extension.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3898
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842
(* Security fix *) - testing/packages/PAM/samba-4.12.2-i586-1_pam.txz
This update fixes two security issues:
A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a
use-after-free in Samba's AD DC LDAP server.
A deeply nested filter in an un-authenticated LDAP search can exhaust the
LDAP server's stack memory causing a SIGSEGV.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10700
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10704
(* Security fix *)
Mon Apr 27 20:27:30 UTC 2020
Packages
Rebuilt
- a/mkinitrd-1.4.11-i586-15.txz
Use the standard mktemp utility from GNU coreutils, not the old tempfile. - n/irssi-1.2.2-i586-2.txz
Fixed ctrl-space killing input with recent glib.
Thanks to tramtrist and Urchlay.
Upgraded
Sun Apr 26 18:28:01 UTC 2020
Packages
Upgraded
Sun Apr 26 03:34:28 UTC 2020
Packages
Rebuilt
- d/rust-1.43.0-i686-2.txz
Patched and recompiled with the system LLVM 10 instead of the bundled LLVM 9.
Sat Apr 25 18:49:34 UTC 2020
Packages
Upgraded
- a/glibc-zoneinfo-2020a-noarch-1.txz
This package provides the latest timezone updates.
Rebuilt
- d/clisp-2.50_20191103_c26de7873-i586-2.txz
Upgraded to libffcall-2.2.
Patched to fix undefined symbol errors in rawsock and other modules.
Thanks to badbetty for the bug report and Jerry James for the patch. - l/PyQt5-5.13.2-i586-2.txz
Added python2 modules, as Plasma 5 needs these for now.
We will eliminate python2 as soon as possible, but not sooner.
Added
- l/python-enum34-1.1.10-i586-1.txz
This is needed for python2 support in PyQt5.
Fri Apr 24 18:54:41 UTC 2020
Packages
Upgraded
Rebuilt
Wed Apr 22 02:19:37 UTC 2020
Packages
Upgraded
- d/git-2.26.2-i586-1.txz
This update fixes a security issue:
With a crafted URL that contains a newline or empty host, or lacks
a scheme, the credential helper machinery can be fooled into
providing credential information that is not appropriate for the
protocol in use and host being contacted.
Unlike the vulnerability CVE-2020-5260 fixed in v2.17.4, the
credentials are not for a host of the attacker's choosing; instead,
they are for some unspecified host (based on how the configured
credential helper handles an absent “host” parameter).
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11008
(* Security fix *) - k/kernel-source-5.4.34_smp-noarch-1.txz
INFINIBAND_CXGB3 n → m
INFINIBAND_IPOIB_CM n → y
INFINIBAND_IPOIB_DEBUG_DATA n → y
Thanks to Karl Magnus Kolstø. - n/openssl-1.1.1g-i586-1.txz
This update fixes a security issue:
Fixed segmentation fault in SSL_check_chain() that could be exploited by a
malicious peer in a Denial of Service attack.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967
(* Security fix *) - testing/packages/PAM/openvpn-2.4.9-i586-1_pam.txz
This update fixes a security issue:
Fix illegal client float. Thanks to Lev Stipakov.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11810
(* Security fix *)
Rebuilt
- l/M2Crypto-0.35.2-i586-4.txz
Don't package typing-3.7.4.1 for python3.
Tue Apr 21 02:45:06 UTC 2020
Packages
Removed
Added
- d/python2-2.7.18-i586-1.txz
OK, I know a few people got excited seeing python-2 removed in the previous
entry, but it's just being renamed to python2 for consistency with the
python3 package. It's DOA though, and is the final release of the already EOL
python 2 branch (a “commemorative” release as they say in the announcement).
Rebuilt
- l/M2Crypto-0.35.2-i586-3.txz
Added python3 modules. Thanks to sombragris and ponce.
Upgraded
Sun Apr 19 21:06:43 UTC 2020
Packages
Upgraded
Fri Apr 17 21:38:36 UTC 2020
Packages
Upgraded
Rebuilt
- l/libuv-1.36.0-i586-2.txz
Revert commits that cause BIND to crash. Thanks to Markus Wiesner.
Fri Apr 17 04:03:54 UTC 2020
Packages
Rebuilt
- ap/rpm-4.15.1-i586-3.txz
Dropped python2 modules. - l/libcaca-0.99.beta19-i586-6.txz
Dropped python2 modules. - l/libwebp-1.1.0-i586-2.txz
Dropped python2 modules. - l/python-distro-1.4.0-i586-2.txz
Dropped python2 modules. - l/python-docutils-0.16-i586-2.txz
Replace /usr/bin scripts with python3 versions. - l/system-config-printer-1.5.12-i586-3.txz
Dropped python2 modules.
Upgraded
- n/openvpn-2.4.9-i586-1.txz
This update fixes a security issue:
Fix illegal client float. Thanks to Lev Stipakov.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11810
(* Security fix *)
Added
- extra/xf86-video-nouveau-blacklist/xf86-video-nouveau-blacklist-1.0-noarch-1.txz
If it is easier for people using slackpkg to leave xf86-video-nouveau
installed and change the name of this package from xf86-video-nouveau to
xf86-video-nouveau-blacklist with a $VERSION of 1.0, then so be it.
Removed
Wed Apr 15 19:52:52 UTC 2020
Packages
Upgraded
- n/bind-9.16.2-i586-1.txz
This update fixes a security issue:
DNS rebinding protection was ineffective when BIND 9 is configured as a
forwarding DNS server. Found and responsibly reported by Tobias Klein.
[GL #1574]
(* Security fix *)
Rebuilt
- l/gtk+3-3.24.18-i586-2.txz
Fixed the version number embedded in pkg-config files and elsewhere.
Thanks to davjohn for the bug report.
Tue Apr 14 22:26:11 UTC 2020
Packages
Upgraded
- d/git-2.26.1-i586-1.txz
This update fixes a security issue:
With a crafted URL that contains a newline in it, the credential helper
machinery can be fooled to give credential information for a wrong host.
The attack has been made impossible by forbidding a newline character in
any value passed via the credential protocol. Credit for finding the
vulnerability goes to Felix Wilhelm of Google Project Zero.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5260
(* Security fix *)
Mon Apr 13 22:16:49 UTC 2020
Packages
Upgraded
Rebuilt
Sun Apr 12 20:02:28 UTC 2020
Packages
Upgraded
Fri Apr 10 20:33:06 UTC 2020
Packages
Upgraded
Thu Apr 9 22:20:10 UTC 2020
Packages
Upgraded
- l/libssh-0.9.4-i586-1.txz
Fixed possible DoS in client and server when handling AES-CTR keys
with OpenSSL.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1730
(* Security fix *)
Thu Apr 9 00:53:59 UTC 2020
Packages
Upgraded
- xap/mozilla-thunderbird-68.7.0-i686-1.txz
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.7.0/releasenotes/
(* Security fix *)
Rebuilt
Tue Apr 7 22:23:02 UTC 2020
Packages
Upgraded
Tue Apr 7 21:19:42 UTC 2020
Packages
Upgraded
- ap/qpdf-10.0.0-i586-1.txz
Shared library .so-version bump. - xap/mozilla-firefox-68.7.0esr-i686-1.txz
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.7.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6828
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6827
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6821
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6822
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6825
(* Security fix *)
Rebuilt
- ap/cups-filters-1.27.3-i586-2.txz
Recompiled against qpdf-10.0.0. - l/python-pygments-2.5.2-i586-2.txz
Rebuilt to fix stale signature on some mirrors.
Thanks to Xsane and Petri Kaukasoina.
Mon Apr 6 21:23:19 UTC 2020
Packages
Upgraded
Sun Apr 5 21:02:32 UTC 2020
Packages
Upgraded
Rebuilt
- kde/k3b-2.0.3-i586-7.txz
Recompiled against libdvdread-6.1.1. - l/libdvdnav-6.1.0-i586-2.txz
Recompiled against libdvdread-6.1.1.
Who bumps an .soname and only boosts the version number by 0.0.1?
Anyway, sorry to drop the ball a second time. I'll try to avoid this.
Thanks to gmgf for the bug report. - xap/MPlayer-20200103-i586-2.txz
Recompiled against libdvdread-6.1.1. - xap/xine-lib-1.2.10-i586-2.txz
Recompiled against libdvdread-6.1.1. - extra/pure-alsa-system/MPlayer-20200103-i586-2_alsa.txz
Recompiled against libdvdread-6.1.1. - extra/pure-alsa-system/xine-lib-1.2.10-i586-2_alsa.txz
Recompiled against libdvdread-6.1.1.
Sun Apr 5 01:33:45 UTC 2020
Packages
Rebuilt
- kde/calligra-2.9.11-i586-34.txz
Recompiled against glew-2.2.0.
The libGLEW.so.2.2 .soname (rather than libGLEW.so.2) gets me every time.
Thanks to marrowsuck for the bug report. - x/mesa-20.0.4-i586-2.txz
Recompiled against glew-2.2.0.
Upgraded
- l/libdvdread-6.1.1-i586-1.txz
Shared library .so-version bump.
Sat Apr 4 19:22:23 UTC 2020
Packages
Rebuilt
- ap/sc-7.16-i586-8.txz
Fixed permissions on installed binaries. Thanks to mats_b_tegner.
Upgraded
- ap/sc-im-20200210_862c273-i586-1.txz
Switched to pulling from git to fix various crashes. - x/glew-2.2.0-i586-1.txz
Shared library .so-version bump.
Fri Apr 3 23:07:16 UTC 2020
Packages
Rebuilt
- ap/lsof-4.93.2-i586-2.txz
Fixed the manpage. Thanks to kaott. - ap/sc-7.16-i586-7.txz
Brought back the classic SC. Thanks to dive.
Upgraded
- xap/mozilla-firefox-68.6.1esr-i686-1.txz
This release contains critical security fixes and improvements.
“Under certain conditions, when running the nsDocShell destructor, a race
condition can cause a use-after-free. We are aware of targeted attacks in
the wild abusing this flaw.”
“Under certain conditions, when handling a ReadableStream, a race condition
can cause a use-after-free. We are aware of targeted attacks in the wild
abusing this flaw.”
For more information, see:
https://www.mozilla.org/en-US/firefox/68.6.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6819
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6820
(* Security fix *)
Thu Apr 2 22:13:11 UTC 2020
Packages
Upgraded
Rebuilt
- xap/network-manager-applet-1.16.0-i586-2.txz
Rebuilt using meson. Thanks to bassmadrigal.
Thu Apr 2 06:07:52 UTC 2020
Packages
Upgraded
- d/ruby-2.7.1-i586-1.txz
This update fixes security issues:
Unsafe Object Creation Vulnerability in JSON (Additional fix).
Heap exposure vulnerability in the socket library.
For more information, see:
https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/
https://www.ruby-lang.org/en/news/2020/03/31/heap-exposure-in-socket-cve-2020-10933/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10663
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10933
(* Security fix *)
Rebuilt
- a/pkgtools-15.0-noarch-32.txz
installpkg: handle the uninstall script packaged as /install/douninst.sh.
removepkg: add –skip-douninst option to skip running the uninstall script.
Save removed douninst.sh in /var/log/pkgtools/removed_uninstall_scripts. - ap/groff-1.22.4-i586-2.txz
Fixed docdir. Thanks to Xsane. - d/gcc-gfortran-9.3.0-i586-2.txz
Patched a compiler bug concerning assumed-shape vs. deferred-shape arrays.
Thanks to Lockywolf.
Tue Mar 31 19:01:17 UTC 2020
Packages
Upgraded
- n/gnutls-3.6.13-i586-1.txz
This update fixes a security issue:
libgnutls: Fix a DTLS-protocol regression (caused by TLS1.3 support),
since 3.6.3. The DTLS client would not contribute any randomness to the
DTLS negotiation, breaking the security guarantees of the DTLS protocol.
[GNUTLS-SA-2020-03-31, CVSS: high]
(* Security fix *)
Tue Mar 31 04:00:43 UTC 2020
Packages
Rebuilt
- a/pkgtools-15.0-noarch-31.txz
removepkg: support an uninstall script. See removepkg(8).
Upgraded
Sun Mar 29 23:05:46 UTC 2020
Packages
Upgraded
Rebuilt
- d/llvm-10.0.0-i586-2.txz
Ensure that lit-cpuid is built and installed. Thanks to jkh2cpu. - n/nfs-utils-2.4.3-i586-2.txz
Rebuilt with –with-pluginpath=/usr/lib${LIBDIRSUFFIX}/libnfsidmap.
Thanks to lecho.
Sat Mar 28 05:48:42 UTC 2020
Packages
Upgraded
Rebuilt
- xap/audacious-4.0-i586-3.txz
Also support GTK+ interface, including a .desktop file for it. - xap/audacious-plugins-4.0-i586-3.txz
Rebuilt with –enable-gtk. - extra/pure-alsa-system/audacious-plugins-4.0-i586-3_alsa.txz
Rebuilt with –enable-gtk.
Added
Wed Mar 25 22:53:06 UTC 2020
Packages
Rebuilt
- a/e2fsprogs-1.45.6-i586-2.txz
Fixed RELEASE-NOTES dangling symlink. - d/rust-1.42.0-i686-2.txz
Recompiled against llvm-10.0.0. - d/scons-3.1.2-i586-3.txz
Fixed shebangs for python3, removed useless .bat files.
Thanks to teeemcee and ponce. - l/qt5-5.13.2-i586-3.txz
Recompiled against llvm-10.0.0. - x/mesa-20.0.2-i586-2.txz
Recompiled against llvm-10.0.0.
Upgraded
- d/llvm-10.0.0-i586-1.txz
Shared library .so-version bump.
Tue Mar 24 05:08:25 UTC 2020
Packages
Rebuilt
- n/curl-7.69.1-i586-3.txz
Removed –with-ca-bundle=/usr/share/curl/ca-bundle.crt and
added –without-ca-bundle. Thanks to drgibbon and Willy Sudiarto Raharjo.
Mon Mar 23 20:03:39 UTC 2020
Packages
Upgraded
- l/gd-2.3.0-i586-1.txz
This update fixes bugs and security issues:
Potential double-free in gdImage*Ptr().
gdImageColorMatch() out of bounds write on heap.
Uninitialized read in gdImageCreateFromXbm().
Double-free in gdImageBmp.
Potential NULL pointer dereference in gdImageClone().
Potential infinite loop in gdImageCreateFromGifCtx().
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14553
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5711
(* Security fix *)
Rebuilt
- n/curl-7.69.1-i586-2.txz
Use –with-ca-path=/etc/ssl/certs instead of
–with-ca-bundle=/usr/share/curl/ca-bundle.crt. Thanks to shastah. - xap/audacious-4.0-i586-2.txz
Rebuilt with autotools to fix French language support. Thanks to gmgf. - xap/audacious-plugins-4.0-i586-2.txz
Rebuilt with autotools.
Sun Mar 22 19:58:16 UTC 2020
Packages
Upgraded
Added
- l/libcue-2.2.1-i586-1.txz
The initial use for this is adding CUE support to audacious-plugins.
Sun Mar 22 01:55:55 UTC 2020
Packages
Upgraded
Rebuilt
- a/tcsh-6.22.02-i586-3.txz
Actually apply the shell history patch this time. Thanks to jmccue.
Fri Mar 20 18:58:08 UTC 2020
Packages
Upgraded
Thu Mar 19 22:01:05 UTC 2020
Packages
Upgraded
Added
Rebuilt
- l/QScintilla-2.11.4-i586-3.txz
Added PyQt5 support. Thanks to alienBOB. - l/sip-4.19.21-i586-2.txz
Recompiled to pick up Qt5 support. - n/gpgme-1.13.1-i586-3.txz
Added Qt5 bindings. Thanks to alienBOB.
Thu Mar 19 01:45:30 UTC 2020
Don't bother with 5.4.26 folks, just wait for the next one. Trust me.
Packages
Rebuilt
- a/tcsh-6.22.02-i586-2.txz
Fixed merging history from multiple shells. Thanks to jmccue. - testing/packages/PAM/dovecot-2.3.10-i586-2_pam.txz
Recompiled using –with-pam. Thanks to HQuest.
Upgraded
Tue Mar 17 22:11:07 UTC 2020
Happy Feast of Saint Patrick. Stay safe everyone.
Packages
Upgraded
- n/openssl-1.1.1e-i586-1.txz
Fixed an overflow bug in the x64_64 Montgomery squaring procedure
used in exponentiation with 512-bit moduli.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551
(* Security fix *) - n/php-7.4.4-i586-1.txz
This update fixes bugs and security issues:
Core: get_headers() silently truncates after a null byte
EXIF: Use-of-uninitialized-value in exif
MBstring: mb_strtolower: stack-buffer-overflow at php_unicode_tolower_full
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7066
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7064
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7065
(* Security fix *)
Mon Mar 16 21:20:17 UTC 2020
Packages
Upgraded
Sun Mar 15 19:50:24 UTC 2020
Packages
Rebuilt
- a/aaa_elflibs-15.0-i586-22.txz
Upgraded: libcap.so.2.33, libncurses.so.6.2, libncursesw.so.6.2,
libpcre.so.1.2.12, libpcreposix.so.0.0.7, libtinfo.so.6.2, libform.so.6.2,
libformw.so.6.2, libglib-2.0.so.0.6400.1, libgmodule-2.0.so.0.6400.1,
libgobject-2.0.so.0.6400.1, libgthread-2.0.so.0.6400.1,
liblber-2.4.so.2.10.12, libldap-2.4.so.2.10.12, libmenu.so.6.2,
libmenuw.so.6.2, libpanel.so.6.2, libpanelw.so.6.2, libstdc++.so.6.0.28.
Upgraded
- ap/sudo-1.8.31p1-i586-1.txz
This is a bugfix release:
Sudo once again ignores a failure to restore the RLIMIT_CORE resource limit,
as it did prior to version 1.8.29. Linux containers don't allow RLIMIT_CORE
to be set back to RLIM_INFINITY if we set the limit to zero, even for root,
which resulted in a warning from sudo. - d/perl-5.30.2-i586-1.txz
Also upgraded to Devel-CheckLib-1.14, DBI-1.643, and IO-Socket-SSL-2.067.
Fri Mar 13 20:15:29 UTC 2020
Packages
Upgraded
- k/kernel-source-5.4.25_smp-noarch-1.txz
GCC_VERSION 90200 → 90300 - xap/mozilla-thunderbird-68.6.0-i686-1.txz
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.6.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2020-10/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814
(* Security fix *)
Rebuilt
- d/libtool-2.4.6-i586-13.txz
Recompiled to update embedded GCC version number. - d/scons-3.1.2-i586-2.txz
Drop python2 support and switch to python3. - xap/blueman-2.1.2-i586-2.txz
This needed a rebuild for glib2-2.64.1. Thanks to Lockywolf.
Wed Mar 11 19:54:51 UTC 2020
Packages
Upgraded
Tue Mar 10 19:53:39 UTC 2020
Packages
Upgraded
- l/python-pygments-2.5.2-i586-1.txz
It seems like the pragmatic thing to do here is to revert this one to fix
the python2 programs and modules that depend on it. We'll have to do a bit
more research to determine what the best course of action is regarding
python2 in general, though. Certainly we shouldn't be requiring python2
for anything important moving forward, but even that will take some work.
Plasma 5 as currently built has multiple dependencies on python2, for
example. - xap/mozilla-firefox-68.6.0esr-i686-1.txz
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.6.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2020-09/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814
(* Security fix *)
Rebuilt
- l/SDL2-2.0.10-i586-2.txz
Rebuilt to pick up wayland support. Thanks to franzen. - n/bind-9.16.0-i586-4.txz
Drop python2 support and switch to python3.
Sun Mar 8 19:42:26 UTC 2020
Packages
Upgraded
Sat Mar 7 20:25:36 UTC 2020
Packages
Upgraded
- xap/network-manager-applet-1.16.0-i586-1.txz
This requires the new libnma package.
Added
- xap/libnma-1.8.28-i586-1.txz
This is the NetworkManager GUI client library, which was previously
provided by network-manager-applet. It's now a standalone project, and
is required by network-manager-applet and other NetworkManager frontends.
Fri Mar 6 22:10:25 UTC 2020
Packages
Rebuilt
- a/cryptsetup-2.3.0-i586-2.txz
Include some additional documentation. Thanks to regdub. - ap/moc-2.5.2-i586-6.txz
Fixed docs permissions. Thanks to regdub. - l/libnl-1.1.4-i586-3.txz
Fixed docs permissions. Thanks to regdub. - l/tdb-1.4.3-i586-3.txz
Fixed docs permissions. Thanks to regdub. - l/tevent-0.10.2-i586-3.txz
Fixed docs permissions. Thanks to regdub. - n/bind-9.16.0-i586-3.txz
Applied upstream patch to fix a discrepancy in the quota code that can
result in a situation where the count is not properly decremented in
some cases. - n/rp-pppoe-3.13-i586-2.txz
This needed a rebuild for ppp-2.4.8. Thanks to regdub.
Upgraded
Fri Mar 6 02:45:42 UTC 2020
Packages
Upgraded
- k/kernel-source-5.4.24_smp-noarch-1.txz
-HEADER_TEST n
Rebuilt
Wed Mar 4 22:03:30 UTC 2020
Packages
Rebuilt
- a/sdparm-1.10-i586-3.txz
Recompiled against sg3_utils-1.45. - a/udisks-1.0.5-i586-5.txz
Recompiled against sg3_utils-1.45. - l/libgpod-0.8.3-i586-6.txz
Recompiled against sg3_utils-1.45. - n/cyrus-sasl-2.1.27-i586-3.txz
Added SQL support via MariaDB. Thanks to niksoggia. - testing/packages/PAM/cyrus-sasl-2.1.27-i586-3_pam.txz
Added SQL support via MariaDB. Thanks to niksoggia.
Upgraded
- n/ppp-2.4.8-i586-1.txz
This update fixes a security issue:
By sending an unsolicited EAP packet to a vulnerable ppp client or server,
an unauthenticated remote attacker could cause memory corruption in the
pppd process, which may allow for arbitrary code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8597
(* Security fix *) - testing/packages/PAM/ppp-2.4.8-i586-1_pam.txz
This update fixes a security issue:
By sending an unsolicited EAP packet to a vulnerable ppp client or server,
an unauthenticated remote attacker could cause memory corruption in the
pppd process, which may allow for arbitrary code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8597
(* Security fix *)
Wed Mar 4 01:39:54 UTC 2020
Packages
Rebuilt
- xap/seamonkey-2.53.1-i686-2.txz
Fixed $LIBDIRSUFFIX for 32-bit. Thanks to ljb643.
Tue Mar 3 22:39:20 UTC 2020
Packages
Upgraded
- l/sg3_utils-1.45-i586-1.txz
Shared library .so-version bump.
Rebuilt
- d/perl-5.30.1-i586-2.txz
Added Parse-Yapp-1.21, needed to build the parser for the Samba compile.
Mon Mar 2 19:05:10 UTC 2020
Packages
Upgraded
- xap/seamonkey-2.53.1-i686-1.txz
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.1
(* Security fix *)
Rebuilt
- n/bind-9.16.0-i586-2.txz
rc.bind: ensure /var/run/named exists before starting named. Thanks to MarcT.
rc.bind: when stopping named, only kill processes in the current namespace.
Sat Feb 29 19:20:21 UTC 2020
Packages
Upgraded
Rebuilt
Fri Feb 28 03:53:37 UTC 2020
Packages
Upgraded
Tue Feb 25 22:23:47 UTC 2020
Packages
Upgraded
- ap/man-db-2.9.1-i586-1.txz
Upgraded to libpipeline-1.5.2 and man-db-2.9.1.
Mon Feb 24 20:56:07 UTC 2020
Packages
Upgraded
Rebuilt
- x/vulkan-sdk-1.2.131.1-i586-2.txz
Rebuilt with -DBUILD_WSI_WAYLAND_SUPPORT=On. Thanks to mumahendras3.
Sat Feb 22 19:31:36 UTC 2020
Packages
Upgraded
Rebuilt
- l/libxkbcommon-0.10.0-i586-2.txz
Rebuilt to add wayland support. - n/dnsmasq-2.80-i586-4.txz
Rebuilt with: -DHAVE_DNSSEC -DHAVE_DBUS -DHAVE_LIBIDN2 -DHAVE_CONNTRACK - x/intel-vaapi-driver-2.4.0-i586-2.txz
Rebuilt to add wayland support.
Sat Feb 22 05:41:50 UTC 2020
Packages
Upgraded
Rebuilt
- x/libva-2.6.1-i586-2.txz
Rebuilt to add libva-wayland. Thanks to hadack.
Thu Feb 20 23:40:12 UTC 2020
Packages
Upgraded
- n/bind-9.16.0-i586-1.txz
rc.bind: don't change file ownerships in /var/named. Thanks to voegelas. - n/proftpd-1.3.6c-i586-1.txz
No CVEs assigned, but this sure looks like a security issue:
Use-after-free vulnerability in memory pools during data transfer.
(* Security fix *) - testing/packages/PAM/proftpd-1.3.6c-i586-1_pam.txz
No CVEs assigned, but this sure looks like a security issue:
Use-after-free vulnerability in memory pools during data transfer.
(* Security fix *)
Rebuilt
- l/gtk+3-3.24.14-i586-3.txz
Rebuilt to add wayland backend.
Added
- l/libuv-1.34.2-i586-1.txz
This is needed by bind-9.16.0.
Thu Feb 20 04:50:54 UTC 2020
Packages
Upgraded
- k/kernel-source-5.4.21_smp-noarch-1.txz
SND_SOC n → m
SPI n → y
VFIO_PCI_VGA n → y
+ADE7854_SPI m
+ADT7316_SPI m
+BMC150_ACCEL_SPI m
+BMG160_SPI m
+BMP280_SPI m
+FXAS21002C_SPI m
+HTS221_SPI m
+IIO_ST_ACCEL_SPI_3AXIS m
+IIO_ST_GYRO_SPI_3AXIS m
+IIO_ST_MAGN_SPI_3AXIS m
+IIO_ST_PRESS_SPI m
+IIO_ST_SENSORS_SPI m
+INPUT_AD714X_SPI m
+INPUT_ADXL34X_SPI m
+KXSD9_SPI m
+REGMAP_SPI m
+SND_COMPRESS_OFFLOAD m
+SND_DESIGNWARE_I2S m
+SND_DESIGNWARE_PCM y
+SND_DMAENGINE_PCM m
+SND_HDA_EXT_CORE m
+SND_I2S_HI6210_I2S m
+SND_PCM_ELD y
+SND_PCM_IEC958 y
+SND_SIMPLE_CARD m
+SND_SIMPLE_CARD_UTILS m
+SND_SOC_AC97_BUS y
+SND_SOC_AC97_CODEC m
+SND_SOC_ACPI m
+SND_SOC_ACPI_INTEL_MATCH m
+SND_SOC_ADAU1761 m
+SND_SOC_ADAU1761_I2C m
+SND_SOC_ADAU1761_SPI m
+SND_SOC_ADAU17X1 m
+SND_SOC_ADAU7002 m
+SND_SOC_ADAU_UTILS m
+SND_SOC_AMD_ACP m
+SND_SOC_AMD_ACP3x m
+SND_SOC_AMD_CZ_DA7219MX98357_MACH m
+SND_SOC_AMD_CZ_RT5645_MACH m
+SND_SOC_BD28623 m
+SND_SOC_COMPRESS y
+SND_SOC_CROS_EC_CODEC m
+SND_SOC_CS35L34 m
+SND_SOC_CS35L35 m
+SND_SOC_CS35L36 m
+SND_SOC_CS42L42 m
+SND_SOC_CS43130 m
+SND_SOC_CX2072X m
+SND_SOC_DA7213 m
+SND_SOC_DA7219 m
+SND_SOC_DMIC m
+SND_SOC_ES7134 m
+SND_SOC_ES7241 m
+SND_SOC_ES8316 m
+SND_SOC_ES8328 m
+SND_SOC_ES8328_I2C m
+SND_SOC_ES8328_SPI m
+SND_SOC_GENERIC_DMAENGINE_PCM y
+SND_SOC_HDAC_HDA m
+SND_SOC_HDAC_HDMI m
+SND_SOC_HDMI_CODEC m
+SND_SOC_I2C_AND_SPI m
+SND_SOC_INTEL_APL m
+SND_SOC_INTEL_BDW_RT5677_MACH m
+SND_SOC_INTEL_BROADWELL_MACH m
+SND_SOC_INTEL_BXT_DA7219_MAX98357A_MACH m
+SND_SOC_INTEL_BXT_RT298_MACH m
+SND_SOC_INTEL_BYTCR_RT5640_MACH m
+SND_SOC_INTEL_BYTCR_RT5651_MACH m
+SND_SOC_INTEL_BYT_CHT_CX2072X_MACH m
+SND_SOC_INTEL_BYT_CHT_DA7213_MACH m
+SND_SOC_INTEL_BYT_CHT_ES8316_MACH m
+SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH m
+SND_SOC_INTEL_CFL m
+SND_SOC_INTEL_CHT_BSW_MAX98090_TI_MACH m
+SND_SOC_INTEL_CHT_BSW_NAU8824_MACH m
+SND_SOC_INTEL_CHT_BSW_RT5645_MACH m
+SND_SOC_INTEL_CHT_BSW_RT5672_MACH m
+SND_SOC_INTEL_CML_H m
+SND_SOC_INTEL_CML_LP m
+SND_SOC_INTEL_CNL m
+SND_SOC_INTEL_DA7219_MAX98357A_GENERIC m
+SND_SOC_INTEL_GLK m
+SND_SOC_INTEL_GLK_RT5682_MAX98357A_MACH m
+SND_SOC_INTEL_HASWELL m
+SND_SOC_INTEL_HASWELL_MACH m
+SND_SOC_INTEL_KBL m
+SND_SOC_INTEL_KBL_DA7219_MAX98357A_MACH m
+SND_SOC_INTEL_KBL_DA7219_MAX98927_MACH m
+SND_SOC_INTEL_KBL_RT5660_MACH m
+SND_SOC_INTEL_KBL_RT5663_MAX98927_MACH m
+SND_SOC_INTEL_MACH y
+SND_SOC_INTEL_SKL m
+SND_SOC_INTEL_SKL_NAU88L25_MAX98357A_MACH m
+SND_SOC_INTEL_SKL_NAU88L25_SSM4567_MACH m
+SND_SOC_INTEL_SKL_RT286_MACH m
+SND_SOC_INTEL_SKYLAKE m
+SND_SOC_INTEL_SKYLAKE_COMMON m
+SND_SOC_INTEL_SKYLAKE_FAMILY m
+SND_SOC_INTEL_SKYLAKE_HDAUDIO_CODEC y
+SND_SOC_INTEL_SKYLAKE_SSP_CLK m
+SND_SOC_INTEL_SST m
+SND_SOC_INTEL_SST_ACPI m
+SND_SOC_INTEL_SST_FIRMWARE m
+SND_SOC_INTEL_SST_TOPLEVEL y
+SND_SOC_MAX9759 m
+SND_SOC_MAX98088 m
+SND_SOC_MAX98090 m
+SND_SOC_MAX98357A m
+SND_SOC_MAX98373 m
+SND_SOC_MAX9867 m
+SND_SOC_MAX98927 m
+SND_SOC_NAU8540 m
+SND_SOC_NAU8824 m
+SND_SOC_NAU8825 m
+SND_SOC_PCM1789 m
+SND_SOC_PCM1789_I2C m
+SND_SOC_PCM186X m
+SND_SOC_PCM186X_I2C m
+SND_SOC_PCM186X_SPI m
+SND_SOC_PCM3060 m
+SND_SOC_PCM3060_I2C m
+SND_SOC_PCM3060_SPI m
+SND_SOC_RL6231 m
+SND_SOC_RL6347A m
+SND_SOC_RT286 m
+SND_SOC_RT298 m
+SND_SOC_RT5640 m
+SND_SOC_RT5645 m
+SND_SOC_RT5651 m
+SND_SOC_RT5660 m
+SND_SOC_RT5663 m
+SND_SOC_RT5670 m
+SND_SOC_RT5677 m
+SND_SOC_RT5677_SPI m
+SND_SOC_RT5682 m
+SND_SOC_SIGMADSP m
+SND_SOC_SIGMADSP_REGMAP m
+SND_SOC_SIMPLE_AMPLIFIER m
+SND_SOC_SOF m
+SND_SOC_SOF_ACPI m
+SND_SOC_SOF_APOLLOLAKE m
+SND_SOC_SOF_APOLLOLAKE_SUPPORT y
+SND_SOC_SOF_BAYTRAIL m
+SND_SOC_SOF_BAYTRAIL_SUPPORT y
+SND_SOC_SOF_CANNONLAKE m
+SND_SOC_SOF_CANNONLAKE_SUPPORT y
+SND_SOC_SOF_COFFEELAKE m
+SND_SOC_SOF_COFFEELAKE_SUPPORT y
+SND_SOC_SOF_COMETLAKE_H m
+SND_SOC_SOF_COMETLAKE_H_SUPPORT y
+SND_SOC_SOF_COMETLAKE_LP m
+SND_SOC_SOF_COMETLAKE_LP_SUPPORT y
+SND_SOC_SOF_ELKHARTLAKE m
+SND_SOC_SOF_ELKHARTLAKE_SUPPORT y
+SND_SOC_SOF_GEMINILAKE m
+SND_SOC_SOF_GEMINILAKE_SUPPORT y
+SND_SOC_SOF_HDA m
+SND_SOC_SOF_HDA_AUDIO_CODEC y
+SND_SOC_SOF_HDA_COMMON m
+SND_SOC_SOF_HDA_LINK y
+SND_SOC_SOF_HDA_LINK_BASELINE m
+SND_SOC_SOF_ICELAKE m
+SND_SOC_SOF_ICELAKE_SUPPORT y
+SND_SOC_SOF_INTEL_ACPI m
+SND_SOC_SOF_INTEL_ATOM_HIFI_EP m
+SND_SOC_SOF_INTEL_COMMON m
+SND_SOC_SOF_INTEL_HIFI_EP_IPC m
+SND_SOC_SOF_INTEL_PCI m
+SND_SOC_SOF_INTEL_TOPLEVEL y
+SND_SOC_SOF_MERRIFIELD m
+SND_SOC_SOF_MERRIFIELD_SUPPORT y
+SND_SOC_SOF_OPTIONS m
+SND_SOC_SOF_PCI m
+SND_SOC_SOF_PROBE_WORK_QUEUE y
+SND_SOC_SOF_TIGERLAKE m
+SND_SOC_SOF_TIGERLAKE_SUPPORT y
+SND_SOC_SOF_TOPLEVEL y
+SND_SOC_SOF_XTENSA m
+SND_SOC_SPDIF m
+SND_SOC_SSM4567 m
+SND_SOC_TAS6424 m
+SND_SOC_TDA7419 m
+SND_SOC_TLV320AIC32X4 m
+SND_SOC_TLV320AIC32X4_I2C m
+SND_SOC_TLV320AIC32X4_SPI m
+SND_SOC_TOPOLOGY y
+SND_SOC_TS3A227E m
+SND_SOC_TSCS42XX m
+SND_SOC_WM8524 m
+SND_SPI y
+SND_SST_ATOM_HIFI2_PLATFORM m
+SND_SST_ATOM_HIFI2_PLATFORM_ACPI m
+SND_SST_ATOM_HIFI2_PLATFORM_PCI m
+SND_SST_IPC m
+SND_SST_IPC_ACPI m
+SND_SST_IPC_PCI m
+SPI_MASTER y
+ST_UVIS25_SPI m - n/php-7.4.3-i586-1.txz
This update fixes bugs and security issues:
Phar: Files added to tar with Phar::buildFromIterator have
all-access permissions.
Phar: heap-buffer-overflow in phar_extract_file.
Session: Null Pointer Dereference in PHP Session Upload Progress.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7063
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7061
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7062
(* Security fix *) - x/mesa-20.0.0-i586-1.txz
Added Wayland platform support.
Rebuilt
- ap/cdparanoia-III_10.2-i586-3.txz
Moved man page from /usr/man/jp/man1/ to /usr/man/ja/man1/. Thanks to Xsane.
Don't ship the static libraries. - testing/packages/PAM/openssh-8.2p1-i586-2_pam.txz
/etc/pam.d/sshd: add commented out pam_tally2 example. - testing/packages/PAM/shadow-4.8.1-i586-5_pam.txz
/etc/pam.d/system-auth: add support for pam_group, remove pam_tally2.
Thanks to ivandi.
/etc/pam.d/*: Don't use tabs. - testing/packages/PAM/util-linux-2.35.1-i586-4_pam.txz
/etc/pam.d/login: add commented out pam_tally2 example.
/etc/pam.d/*: Don't use tabs.
Added
Tue Feb 18 05:20:50 UTC 2020
Packages
Rebuilt
- l/gtk+3-3.24.14-i586-2.txz
Rebuilt with -DG_ENABLE_DEBUG. Thanks to Bindestreck.
Also built with -DG_DISABLE_CAST_CHECKS and -Dbroadway_backend=true. - n/bind-9.14.10-i586-2.txz
rc.bind: make sure it works with a non-root user specified in $NAMED_OPTIONS.
Thanks to Luigi Trovato.
Upgraded
Mon Feb 17 21:32:15 UTC 2020
Packages
Rebuilt
- a/shadow-4.8.1-i586-4.txz
Recompiled using –with-group-name-max-length=32. Thanks to Bart van der Hall. - testing/packages/PAM/shadow-4.8.1-i586-4_pam.txz
Recompiled using –with-group-name-max-length=32. Thanks to Bart van der Hall.
Upgraded
Mon Feb 17 06:03:43 UTC 2020
Packages
Upgraded
- l/openal-soft-1.20.1-i586-1.txz
Thanks to Skaendo and Willy Sudiarto Raharjo.
Added
- l/qt5-webkit-5.212.0_alpha3-i586-1.txz
Thanks to alienBOB.
Rebuilt
- testing/packages/PAM/samba-4.11.6-i586-3_pam.txz
Added patches to fix joining a DC when using krb5. Looks like the patches are
already upstreamed in the latest 4.12.0-rc. Thanks to camerabambai.
Sat Feb 15 22:57:25 UTC 2020
Packages
Rebuilt
- d/cmake-3.16.4-i586-2.txz
Recompiled against qt5-5.13.2. - d/doxygen-1.8.17-i586-2.txz
Recompiled against qt5-5.13.2. - l/v4l-utils-1.18.0-i586-2.txz
Recompiled against qt5-5.13.2. - n/pinentry-1.1.0-i586-3.txz
Recompiled against qt5-5.13.2. - n/wpa_supplicant-2.9-i586-2.txz
Recompiled against qt5-5.13.2. - xap/xpdf-4.02-i586-3.txz
Recompiled against qt5-5.13.2. - testing/packages/PAM/ConsoleKit2-1.2.1-i586-3_pam.txz
Put the pam security modules in /lib${LIBDIRSUFFIX}/security.
Remove .la files in /lib${LIBDIRSUFFIX}/security. - testing/packages/PAM/cifs-utils-6.10-i586-3_pam.txz
Put the pam security modules in /lib${LIBDIRSUFFIX}/security. - testing/packages/PAM/gnome-keyring-3.34.0-i586-2_pam.txz
Put the pam security modules in /lib${LIBDIRSUFFIX}/security.
Remove .la files in /lib${LIBDIRSUFFIX}/security. - testing/packages/PAM/libcgroup-0.41-i586-6_pam.txz
Put the pam security modules in /lib${LIBDIRSUFFIX}/security.
Remove .la files in /lib${LIBDIRSUFFIX}/security. - testing/packages/PAM/libpwquality-1.4.2-i586-2_pam.txz
Put the pam security modules in /lib${LIBDIRSUFFIX}/security.
Remove .la files in /lib${LIBDIRSUFFIX}/security. - testing/packages/PAM/mariadb-10.4.12-i586-2_pam.txz
Put the pam security modules in /lib${LIBDIRSUFFIX}/security. - testing/packages/PAM/pam-1.3.1-i586-2_pam.txz
Put the pam security modules in /lib${LIBDIRSUFFIX}/security to support
multilib. Thanks to GazL. - testing/packages/PAM/polkit-0.116-i586-2_pam.txz
Rebuilt using –with-pam-module-dir=/lib${LIBDIRSUFFIX}/security. - testing/packages/PAM/samba-4.11.6-i586-2_pam.txz
Put the pam security modules in /lib${LIBDIRSUFFIX}/security.
Upgraded
Added
- l/python-future-0.18.2-i586-1.txz
This is needed by fetchmailconf and will probably see additional use as
projects jump off of the sinking Python 2 ship.
Sat Feb 15 02:42:28 UTC 2020
Packages
Upgraded
- n/openssh-8.2p1-i586-1.txz
Potentially incompatible changes:
* ssh(1), sshd(8): the removal of “ssh-rsa” from the accepted
CASignatureAlgorithms list.
* ssh(1), sshd(8): this release removes diffie-hellman-group14-sha1
from the default key exchange proposal for both the client and
server.
* ssh-keygen(1): the command-line options related to the generation
and screening of safe prime numbers used by the
diffie-hellman-group-exchange-* key exchange algorithms have
changed. Most options have been folded under the -O flag.
* sshd(8): the sshd listener process title visible to ps(1) has
changed to include information about the number of connections that
are currently attempting authentication and the limits configured
by MaxStartups.
Rebuilt
- x/mesa-19.3.4-i586-2.txz
Reverted “[PATCH] swr: Fix GCC 4.9 checks.” which makes X fail to start with
an illegal instruction on some hardware. - testing/packages/PAM/ConsoleKit2-1.2.1-i586-2_pam.txz
Rebuilt with –disable-libcgmanager to fix setting limits on PAM.
Thanks to gattocarlo. - testing/packages/PAM/shadow-4.8.1-i586-3_pam.txz
Moved some of the /etc/pam.d/ file to the util-linux package where they
more properly belong. - testing/packages/PAM/util-linux-2.35.1-i586-3_pam.txz
Added some /etc/pam.d/ files previously in the shadow package.
Changed /etc/pam.d/{chfn,chsh} and made chfn/chsh setuid root to fix them.
Added /etc/pam.d/{runuser,runuser-l}.
Added
- l/qt5-5.13.2-i586-1.txz
Thanks to alienBOB.
Thu Feb 13 20:17:58 UTC 2020
Packages
Rebuilt
- a/sysvinit-scripts-2.1-noarch-29.txz
rc.S: make /var/run a bind mount to /run. Thanks to Robby Workman.
rc.S: make a few adjustments to temporary file cleanup.
rc.M: drop additional checks on starting rc.syslog. - l/sdl-1.2.15-i586-9.txz
Replaced missing SDL_ttf docs. Thanks to Stuart Winter. - testing/packages/PAM/util-linux-2.35.1-i586-2_pam.txz
Added /etc/default/su containing 'ALWAYS_SET_PATH yes' to ensure that
ENV_SUPATH from /etc/login.defs is used for the $PATH with plain 'su'.
Upgraded
Wed Feb 12 21:51:35 UTC 2020
Packages
Upgraded
- l/libarchive-3.4.2-i586-1.txz
This update includes security fixes in the RAR5 reader.
(* Security fix *) - testing/packages/PAM/dovecot-2.3.9.3-i586-1_pam.txz
Fixed missing /etc/pam.d/dovecot.
Rebuilt
- d/git-2.25.0-i586-2.txz
Fixed uncompressed Git.3pm man page. Thanks to Xsane. - d/gnucobol-2.2-i586-3.txz
Fixed uncompressed man pages. Thanks to Xsane. - l/sdl-1.2.15-i586-8.txz
Added SDL_sound-1.0.3. - n/NetworkManager-1.22.6-i586-2.txz
Fixed hardlinked/uncompressed man pages. Thanks to Xsane.
Wed Feb 12 05:05:50 UTC 2020
Hey folks! PAM has finally landed in /testing. Some here wanted it to go
right into the main tree immediately, and in a more normal development cycle
I'd have been inclined to agree (it is -current, after all). But it's
probably better for it to appear in /testing first, to make sure we didn't
miss any bugs and also to serve as a warning shot that we'll be shaking up
the tree pretty good over the next few weeks. I'd like to see this merged
into the main tree in a day or two, so any testing is greatly appreciated.
Switching to the PAM packages (or reverting from them) is as easy as
installing all of them with upgradepkg –install-new, and if reverting then
remove the three leftover _pam packages. After reverting, a bit of residue
will remain in /etc/pam.d/ and /etc/security/ which can either be manually
deleted or simply ignored. While there are many more features available in
PAM compared with plain shadow, out of the box about the only noticable
change is the use of cracklib and libpwquality to check the quality of a
user-supplied password. Hopefully having PAM and krb5 will get us on track
to having proper Active Directory integration as well as using code paths
that are likely better audited these days. The attack surface *might* be
bigger, but it's also a lot better scrutinized.
Thanks to Robby Workman and Vincent Batts who did most of the initial heavy
lifting on the core PAM packages as a side project for many years. Thanks
also to Phantom X whose PAM related SlackBuilds were a valuable reference.
And thanks as well to ivandi - I learned a lot from the SlackMATE build
scripts and was even occasionally thankful for the amusing ways you would
kick my ass on LQ.You're more than welcome to let us know where we've
messed up this time.
The binutils and glibc packages in /testing were removed and are off the
table for now. I'm not seeing much upside to heading down that rabbit hole
at the moment. Next we need to be looking at Xfce 4.14 and Plasma 5.18 LTS
and some other things that have been held back since KDE4 couldn't use them.
Cheers!
Packages
Upgraded
- k/kernel-source-5.4.19_smp-noarch-1.txz
VALIDATE_FS_PARSER y → n - xap/mozilla-thunderbird-68.5.0-i686-1.txz
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.5.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6793
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6794
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6795
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6797
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6792
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800
(* Security fix *)
Rebuilt
- a/shadow-4.8.1-i586-2.txz
Automatically backup /etc/login.defs and install the new version if
incompatible PAM options are detected.
Added
Removed
Tue Feb 11 04:45:36 UTC 2020
Packages
Rebuilt
- ap/man-pages-5.05-noarch-2.txz
Clean up /usr/man directory moving miscellaneous documentation to
/usr/doc/man-pages-5.05. Thanks to Xsane.
Upgraded
- xap/mozilla-firefox-68.5.0esr-i686-1.txz
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.5.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2020-06/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6796
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6797
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6799
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800
(* Security fix *)
Sun Feb 9 23:04:46 UTC 2020
Packages
Upgraded
Rebuilt
- extra/tigervnc/tigervnc-1.10.1-i586-2.txz
Removed redundant .desktop file. Thanks to upnort.
Patched for latest xorg-server.
Sat Feb 8 21:20:28 UTC 2020
Packages
Upgraded
- l/mozilla-nss-3.50-i586-1.txz
Upgraded to nss-3.50 and nspr-4.25.