Current (pre-release) ChangeLog for x86_64 Thu Sep 17 19:04:29 UTC 2020

a/kernel-firmware-20200916_00a84c5-noarch-1.txz: Upgraded.

a/kernel-generic-5.4.66-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.66-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.66-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.66-x86-1.txz: Upgraded.

k/kernel-source-5.4.66-noarch-1.txz: Upgraded.

l/netpbm-10.91.04-x86_64-1.txz: Upgraded.

l/python-pygments-2.7.1-x86_64-1.txz: Upgraded.

n/bind-9.16.7-x86_64-1.txz: Upgraded.

x/mesa-20.1.8-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Tue Sep 15 18:51:00 UTC 2020

a/libgudev-234-x86_64-1.txz: Upgraded.

ap/htop-3.0.2-x86_64-1.txz: Upgraded.

l/glib2-2.66.0-x86_64-2.txz: Rebuilt.

Build against system gtk-doc and don't bundle a newer version. You'll need

to reinstall the linuxdoc-tools package to restore the correct version of

gtk-doc. Thanks to chrisVV.

l/mozjs68-68.11.0esr-x86_64-2.txz: Removed.

l/mozjs78-78.2.0esr-x86_64-1.txz: Added.

This is needed by the new version of polkit.

l/polkit-0.118-x86_64-1.txz: Upgraded.

This requires the new mozjs78 package.

x/libva-2.9.0-x86_64-1.txz: Upgraded.

x/libva-utils-2.9.0-x86_64-1.txz: Upgraded.

+--------------------------+

Mon Sep 14 19:26:01 UTC 2020

a/kernel-firmware-20200914_71338c2-noarch-1.txz: Upgraded.

ap/ghostscript-9.53.1-x86_64-1.txz: Upgraded.

l/PyQt5-5.15.1-x86_64-1.txz: Upgraded.

l/python-pygments-2.7.0-x86_64-1.txz: Upgraded.

+--------------------------+

Sat Sep 12 19:16:03 UTC 2020

a/kernel-generic-5.4.65-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.65-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.65-x86_64-1.txz: Upgraded.

ap/cups-filters-1.28.2-x86_64-1.txz: Upgraded.

ap/ghostscript-9.53.0-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.65-x86-1.txz: Upgraded.

d/meson-0.55.3-x86_64-1.txz: Upgraded.

d/vala-0.50.0-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.65-noarch-1.txz: Upgraded.

l/glib2-2.66.0-x86_64-1.txz: Upgraded.

l/librsvg-2.50.0-x86_64-1.txz: Upgraded.

l/libssh-0.9.5-x86_64-1.txz: Upgraded.

l/libxkbcommon-1.0.1-x86_64-1.txz: Upgraded.

x/xf86-video-vesa-2.5.0-x86_64-1.txz: Upgraded.

x/xorg-server-1.20.9-x86_64-3.txz: Rebuilt.

Applied upstream patch to fix a PCI related crash on some hardware.

Thanks to Jaroslaw Siebert.

x/xorg-server-xephyr-1.20.9-x86_64-3.txz: Rebuilt.

x/xorg-server-xnest-1.20.9-x86_64-3.txz: Rebuilt.

x/xorg-server-xvfb-1.20.9-x86_64-3.txz: Rebuilt.

x/xorg-server-xwayland-1.20.9-x86_64-3.txz: Rebuilt.

xap/mozilla-thunderbird-68.12.0-x86_64-1.txz: Upgraded.

This release contains security fixes and improvements.

For more information, see:

https://www.mozilla.org/en-US/thunderbird/68.12.0/releasenotes/

https://www.mozilla.org/en-US/security/advisories/mfsa2020-40/

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15663

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15664

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15669

(* Security fix *)

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Thu Sep 10 06:20:34 UTC 2020

a/kernel-generic-5.4.64-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.64-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.64-x86_64-1.txz: Upgraded.

ap/vim-8.2.1651-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.64-x86-1.txz: Upgraded.

d/python-pip-20.2.3-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.64-noarch-1.txz: Upgraded.

l/elfutils-0.181-x86_64-1.txz: Upgraded.

l/libcap-ng-0.8-x86_64-1.txz: Upgraded.

l/qt5-5.15.1-x86_64-1.txz: Upgraded.

xap/vim-gvim-8.2.1651-x86_64-1.txz: Upgraded.

extra/pure-alsa-system/qt5-5.15.1-x86_64-1_alsa.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Tue Sep 8 20:31:53 UTC 2020

l/gst-plugins-base-1.18.0-x86_64-1.txz: Upgraded.

l/gst-plugins-good-1.18.0-x86_64-1.txz: Upgraded.

l/gst-plugins-libav-1.18.0-x86_64-1.txz: Upgraded.

l/gstreamer-1.18.0-x86_64-1.txz: Upgraded.

l/jasper-2.0.20-x86_64-1.txz: Upgraded.

This update fixes a new varient of CVE-2016-9398 (denial-of-service).

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9398

(* Security fix *)

extra/pure-alsa-system/gst-plugins-good-1.18.0-x86_64-1_alsa.txz: Upgraded.

+--------------------------+

Tue Sep 8 05:51:39 UTC 2020

d/bison-3.7.2-x86_64-1.txz: Upgraded.

l/imagemagick-7.0.10_29-x86_64-1.txz: Upgraded.

l/libxkbcommon-1.0.0-x86_64-1.txz: Upgraded.

l/netpbm-10.91.03-x86_64-1.txz: Upgraded.

l/pycurl-7.43.0.6-x86_64-1.txz: Upgraded.

n/bluez-5.55-x86_64-1.txz: Upgraded.

n/mcabber-1.1.1-x86_64-1.txz: Upgraded.

n/openldap-2.4.53-x86_64-1.txz: Upgraded.

+--------------------------+

Sat Sep 5 19:27:47 UTC 2020

a/kernel-generic-5.4.63-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.63-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.63-x86_64-1.txz: Upgraded.

a/xfsprogs-5.8.0-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.63-x86-1.txz: Upgraded.

d/python-setuptools-50.3.0-x86_64-1.txz: Upgraded.

d/vala-0.48.10-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.63-noarch-1.txz: Upgraded.

l/at-spi2-core-2.36.1-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Fri Sep 4 18:55:26 UTC 2020

a/cryptsetup-2.3.4-x86_64-1.txz: Upgraded.

l/gtk+3-3.24.23-x86_64-1.txz: Upgraded.

n/cifs-utils-6.11-x86_64-1.txz: Upgraded.

n/fetchmail-6.4.12-x86_64-1.txz: Upgraded.

n/gnutls-3.6.15-x86_64-1.txz: Upgraded.

libgnutls: Fixed "no_renegotiation" alert handling at incorrect timing,

which could lead to an application crash.

[GNUTLS-SA-2020-09-04, CVSS: medium]

(* Security fix *)

+--------------------------+

Thu Sep 3 19:53:13 UTC 2020

a/hwdata-0.339-noarch-1.txz: Upgraded.

a/kernel-generic-5.4.62-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.62-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.62-x86_64-1.txz: Upgraded.

ap/htop-3.0.1-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.62-x86-1.txz: Upgraded.

d/python-setuptools-50.1.0-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.62-noarch-1.txz: Upgraded.

n/gnupg2-2.2.23-x86_64-1.txz: Upgraded.

x/mesa-20.1.7-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Wed Sep 2 18:07:02 UTC 2020

a/kernel-firmware-20200901_d5f9eea-noarch-1.txz: Upgraded.

d/mercurial-5.5.1-x86_64-1.txz: Upgraded.

d/python-setuptools-50.0.3-x86_64-1.txz: Upgraded.

l/netpbm-10.91.02-x86_64-1.txz: Upgraded.

n/php-7.4.10-x86_64-1.txz: Upgraded.

xap/xaos-4.2-x86_64-1.txz: Upgraded.

+--------------------------+

Mon Aug 31 18:35:29 UTC 2020

n/postfix-3.5.7-x86_64-1.txz: Upgraded.

x/libwacom-1.5-x86_64-1.txz: Upgraded.

+--------------------------+

Sun Aug 30 18:11:18 UTC 2020

a/mt-st-1.4-x86_64-1.txz: Upgraded.

n/mutt-1.14.7-x86_64-1.txz: Upgraded.

n/openldap-2.4.52-x86_64-1.txz: Upgraded.

testing/packages/mozilla-thunderbird-78.2.1-x86_64-1.txz: Upgraded.

This version enables OpenPGP by default, disables less secure algorithms,

and fixes some OpenPGP related bugs.

For more information, see:

https://www.mozilla.org/en-US/thunderbird/78.2.1/releasenotes/

+--------------------------+

Sat Aug 29 17:47:04 UTC 2020

ap/dash-0.5.11.2-x86_64-1.txz: Upgraded.

ap/htop-3.0.0-x86_64-1.txz: Upgraded.

d/patchelf-0.12-x86_64-1.txz: Upgraded.

l/harfbuzz-2.7.2-x86_64-1.txz: Upgraded.

+--------------------------+

Fri Aug 28 19:58:16 UTC 2020

x/xorg-server-1.20.9-x86_64-2.txz: Rebuilt.

Move /usr/share/fonts/misc to the head of the default FontPath.

Thanks to EdGr and GazL.

This fixes gv crashing at startup. Thanks to EdGr and gus3 for the bug report.

x/xorg-server-xephyr-1.20.9-x86_64-2.txz: Rebuilt.

x/xorg-server-xnest-1.20.9-x86_64-2.txz: Rebuilt.

x/xorg-server-xvfb-1.20.9-x86_64-2.txz: Rebuilt.

x/xorg-server-xwayland-1.20.9-x86_64-2.txz: Rebuilt.

+--------------------------+

Fri Aug 28 19:08:25 UTC 2020

d/nasm-2.15.05-x86_64-1.txz: Upgraded.

n/fetchmail-6.4.11-x86_64-1.txz: Upgraded.

n/iw-5.8-x86_64-1.txz: Upgraded.

+--------------------------+

Thu Aug 27 20:01:59 UTC 2020

a/kernel-firmware-20200827_7a237c6-noarch-1.txz: Upgraded.

ap/cups-filters-1.28.1-x86_64-1.txz: Upgraded.

d/rust-1.46.0-x86_64-1.txz: Upgraded.

l/brotli-1.0.9-x86_64-1.txz: Upgraded.

n/gnupg2-2.2.22-x86_64-1.txz: Upgraded.

+--------------------------+

Wed Aug 26 21:14:02 UTC 2020

a/f2fs-tools-1.14.0-x86_64-1.txz: Upgraded.

Shared library .so-version bump.

a/kernel-generic-5.4.61-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.61-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.61-x86_64-1.txz: Upgraded.

ap/cups-filters-1.28.0-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.61-x86-1.txz: Upgraded.

k/kernel-source-5.4.61-noarch-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Tue Aug 25 18:59:52 UTC 2020

a/kernel-firmware-20200824_74bd44f-noarch-1.txz: Upgraded.

ap/vim-8.2.1522-x86_64-1.txz: Upgraded.

l/libuv-1.39.0-x86_64-1.txz: Upgraded.

x/libX11-1.6.12-x86_64-1.txz: Upgraded.

x/xorg-server-1.20.9-x86_64-1.txz: Upgraded.

x/xorg-server-xephyr-1.20.9-x86_64-1.txz: Upgraded.

x/xorg-server-xnest-1.20.9-x86_64-1.txz: Upgraded.

x/xorg-server-xvfb-1.20.9-x86_64-1.txz: Upgraded.

x/xorg-server-xwayland-1.20.9-x86_64-1.txz: Upgraded.

xap/vim-gvim-8.2.1522-x86_64-1.txz: Upgraded.

testing/packages/mozilla-thunderbird-78.2.0-x86_64-1.txz: Added.

https://www.mozilla.org/en-US/thunderbird/78.2.0/releasenotes/

I'm putting this into /testing first so that any problems with OpenPGP can

be reported before it goes into the main tree. Here's the current status

from the release notes and Thunderbird:OpenPGP wiki page:

Add-on support: As of version 78.0, Thunderbird only supports MailExtensions.

Your favorite add-ons may not have been updated for compatibility. At this

time, users of the Enigmail Add-on should not update to Thunderbird 78.

OpenPGP in Thunderbird 78.2.0 has reached feature complete state, but it's

still disabled by default, to allow more time for testing, correctness, and

localization. See the wiki for how to enable and help with testing. If you

use OpenPGP for non-critical purposes, then you are welcome to enable it

manually and help with testing. To enable it in Thunderbird 78.0, use the

config editor and change the value of preference mail.openpgp.enable to true,

then restart Thunderbird. If you are running 78.x and have the previous

Enigmail Add-on installed, then Enigmail will update to version 2.2.x, which

is a minimal release that helps you to migrate the keys and settings to

Thunderbird 78. If you haven't used Enigmail previously, you can enable

OpenPGP for an email account in account settings.

See the release notes for more complete information about testing and

reporting bugs.

+--------------------------+

Mon Aug 24 20:48:03 UTC 2020

ap/nano-5.2-x86_64-1.txz: Upgraded.

d/doxygen-1.8.20-x86_64-1.txz: Upgraded.

d/nasm-2.15.03-x86_64-1.txz: Upgraded.

Reverted to previous nasm since the new version has problems with some of

the assembly included in Firefox.

d/parallel-20200822-noarch-1.txz: Upgraded.

l/libcap-ng-0.7.11-x86_64-1.txz: Upgraded.

n/libgpg-error-1.39-x86_64-1.txz: Upgraded.

n/libqmi-1.26.4-x86_64-1.txz: Upgraded.

xap/mozilla-firefox-78.2.0esr-x86_64-1.txz: Upgraded.

This release contains security fixes and improvements.

For more information, see:

https://www.mozilla.org/en-US/firefox/78.2.0/releasenotes/

(* Security fix *)

xap/sane-1.0.31-x86_64-1.txz: Upgraded.

+--------------------------+

Sat Aug 22 19:30:55 UTC 2020

ap/soma-3.3.6-noarch-1.txz: Upgraded.

d/re2c-2.0.3-x86_64-1.txz: Upgraded.

l/mozilla-nss-3.56-x86_64-1.txz: Upgraded.

n/iputils-20200821-x86_64-1.txz: Upgraded.

+--------------------------+

Fri Aug 21 20:23:38 UTC 2020

a/kernel-generic-5.4.60-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.60-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.60-x86_64-1.txz: Upgraded.

d/cmake-3.18.2-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.60-x86-1.txz: Upgraded.

d/nasm-2.15.04-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.60-noarch-1.txz: Upgraded.

l/xapian-core-1.4.17-x86_64-1.txz: Upgraded.

n/bind-9.16.6-x86_64-1.txz: Upgraded.

This update fixes five security issues:

"update-policy" rules of type "subdomain" were incorrectly treated as

"zonesub" rules, which allowed keys used in "subdomain" rules to update

names outside of the specified subdomains. The problem was fixed by making

sure "subdomain" rules are again processed as described in the ARM.

When BIND 9 was compiled with native PKCS#11 support, it was possible to

trigger an assertion failure in code determining the number of bits in the

PKCS#11 RSA public key with a specially crafted packet.

named could crash in certain query resolution scenarios where QNAME

minimization and forwarding were both enabled.

It was possible to trigger an assertion failure by sending a specially

crafted large TCP DNS message.

It was possible to trigger an assertion failure when verifying the response

to a TSIG-signed request.

For more information, see:

https://kb.isc.org/docs/cve-2020-8624

https://kb.isc.org/docs/cve-2020-8623

https://kb.isc.org/docs/cve-2020-8621

https://kb.isc.org/docs/cve-2020-8620

https://kb.isc.org/docs/cve-2020-8622

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8621

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8620

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622

(* Security fix *)

n/getmail-6.03-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Thu Aug 20 22:50:55 UTC 2020

l/pango-1.46.1-x86_64-1.txz: Upgraded.

n/ModemManager-1.14.2-x86_64-1.txz: Upgraded.

n/NetworkManager-1.26.2-x86_64-1.txz: Upgraded.

x/libinput-1.16.1-x86_64-2.txz: Rebuilt.

Don't complain about lag unless it exceeds 75ms.

x/mesa-20.1.6-x86_64-1.txz: Upgraded.

+--------------------------+

Wed Aug 19 18:13:44 UTC 2020

a/kernel-generic-5.4.59-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.59-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.59-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.59-x86-1.txz: Upgraded.

d/ninja-1.10.1-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.59-noarch-1.txz: Upgraded.

n/curl-7.72.0-x86_64-1.txz: Upgraded.

This update fixes a security issue:

libcurl: wrong connect-only connection [98]

For more information, see:

https://curl.haxx.se/docs/CVE-2020-8231.html

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231

(* Security fix *)

n/p11-kit-0.23.21-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Tue Aug 18 19:21:14 UTC 2020

ap/terminus-font-4.48-noarch-2.txz: Rebuilt.

Added .otb fonts compatible with recent pango. Thanks to cycojesus and ponce.

l/glib2-2.64.5-x86_64-1.txz: Upgraded.

l/jemalloc-5.2.1-x86_64-1.txz: Upgraded.

l/libmpc-1.2.0-x86_64-1.txz: Upgraded.

l/pango-1.46.0-x86_64-2.txz: Rebuilt.

Reverted ABI change that broke gkrellm. Thanks to kgha.

x/xterm-359-x86_64-1.txz: Upgraded.

xap/sane-1.0.30-x86_64-3.txz: Rebuilt.

Rebuilt since it was compiled against unpatched pango-1.46.0.

+--------------------------+

Mon Aug 17 19:52:12 UTC 2020

a/kernel-firmware-20200817_7a30af1-noarch-1.txz: Upgraded.

d/meson-0.55.1-x86_64-1.txz: Upgraded.

l/imagemagick-7.0.10_28-x86_64-1.txz: Upgraded.

l/libcap-2.43-x86_64-1.txz: Upgraded.

l/libsndfile-1.0.29-x86_64-1.txz: Upgraded.

+--------------------------+

Sat Aug 15 19:54:20 UTC 2020

ap/hplip-3.20.6-x86_64-2.txz: Rebuilt.

Recompiled against net-snmp-5.9.

ap/pamixer-1.4-x86_64-6.txz: Rebuilt.

Recompiled against boost-1.74.0.

ap/sqlite-3.33.0-x86_64-1.txz: Upgraded.

kde/calligra-2.9.11-x86_64-37.txz: Rebuilt.

Recompiled against boost-1.74.0.

l/akonadi-1.13.0-x86_64-16.txz: Rebuilt.

Recompiled against boost-1.74.0.

l/boost-1.74.0-x86_64-1.txz: Upgraded.

Shared library .so-version bump.

l/libcroco-0.6.13-x86_64-1.txz: Removed.

n/getmail-6.02-x86_64-1.txz: Upgraded.

This is a new version that uses Python 3. The ChangeLog warns that it "loses

some backward compatibility"... please report any bugs.

n/net-snmp-5.9-x86_64-1.txz: Upgraded.

Shared library .so-version bump.

n/ntp-4.2.8p15-x86_64-2.txz: Rebuilt.

Recompiled against net-snmp-5.9.

n/php-7.4.9-x86_64-2.txz: Rebuilt.

Recompiled against net-snmp-5.9.

xap/sane-1.0.30-x86_64-2.txz: Rebuilt.

Recompiled against net-snmp-5.9.

xap/ssr-0.4.2-x86_64-1.txz: Added.

+--------------------------+

Fri Aug 14 18:56:08 UTC 2020

d/python-setuptools-49.6.0-x86_64-1.txz: Upgraded.

l/harfbuzz-2.7.1-x86_64-1.txz: Upgraded.

l/pango-1.46.0-x86_64-1.txz: Upgraded.

It would appear that there's no chance of upstream bringing back support for

bitmapped fonts, so it's time to stop dragging our feet and just accept this

upgrade. At least they've fixed it to provide readable (though badly spaced)

text for unsupported fonts. If you're using Terminus, I'd suggest switching

to the Hack font as a good replacement.

n/lftp-4.9.2-x86_64-1.txz: Upgraded.

xfce/garcon-0.6.4-x86_64-1.txz: Upgraded.

Switched back to 0.6.4 since that is actually the latest stable release.

xfce/tumbler-0.2.9-x86_64-1.txz: Upgraded.

Switched back to 0.2.9 since that is actually the latest stable release.

+--------------------------+

Thu Aug 13 19:46:50 UTC 2020

a/sysvinit-scripts-2.1-noarch-35.txz: Rebuilt.

rc.6: don't try to turn off swap if none is active. Thanks to stf92.

ap/man-pages-5.08-noarch-1.txz: Upgraded.

d/python-setuptools-49.4.0-x86_64-1.txz: Upgraded.

x/libinput-1.16.1-x86_64-1.txz: Upgraded.

xfce/tumbler-0.3.0-x86_64-1.txz: Upgraded.

+--------------------------+

Wed Aug 12 18:07:02 UTC 2020

ap/nano-5.1-x86_64-1.txz: Upgraded.

d/python-pip-20.2.2-x86_64-1.txz: Upgraded.

l/lmdb-0.9.26-x86_64-1.txz: Upgraded.

n/dovecot-2.3.11.3-x86_64-1.txz: Upgraded.

n/openldap-2.4.51-x86_64-1.txz: Upgraded.

xfce/garcon-0.7.0-x86_64-1.txz: Upgraded.

+--------------------------+

Tue Aug 11 20:14:22 UTC 2020

a/kernel-generic-5.4.58-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.58-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.58-x86_64-1.txz: Upgraded.

ap/mariadb-10.5.5-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.58-x86-1.txz: Upgraded.

e/emacs-27.1-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.58-noarch-1.txz: Upgraded.

l/imagemagick-7.0.10_27-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Mon Aug 10 18:05:13 UTC 2020

a/lvm2-2.03.10-x86_64-1.txz: Upgraded.

d/python-setuptools-49.3.1-x86_64-1.txz: Upgraded.

d/vala-0.48.9-x86_64-1.txz: Upgraded.

l/gtk+3-3.24.22-x86_64-1.txz: Upgraded.

l/qca-qt5-2.3.1-x86_64-1.txz: Added.

xfce/tumbler-0.2.9-x86_64-1.txz: Upgraded.

+--------------------------+

Sun Aug 9 18:35:29 UTC 2020

a/kernel-firmware-20200807_c331aa9-noarch-1.txz: Upgraded.

d/check-0.15.2-x86_64-1.txz: Upgraded.

d/doxygen-1.8.19-x86_64-1.txz: Upgraded.

d/re2c-2.0.2-x86_64-1.txz: Upgraded.

d/strace-5.8-x86_64-1.txz: Upgraded.

l/fuse3-3.9.3-x86_64-1.txz: Upgraded.

l/imagemagick-7.0.10_26-x86_64-1.txz: Upgraded.

n/iproute2-5.8.0-x86_64-1.txz: Upgraded.

n/pssh-2.3.4-x86_64-1.txz: Upgraded.

n/rsync-3.2.3-x86_64-1.txz: Upgraded.

x/font-alias-1.0.4-noarch-1.txz: Upgraded.

x/font-misc-ethiopic-1.0.4-noarch-1.txz: Upgraded.

+--------------------------+

Fri Aug 7 21:45:43 UTC 2020

a/kernel-generic-5.4.57-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.57-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.57-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.57-x86-1.txz: Upgraded.

k/kernel-source-5.4.57-noarch-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Thu Aug 6 18:45:54 UTC 2020

n/links-2.21-x86_64-1.txz: Upgraded.

x/libX11-1.6.11-x86_64-1.txz: Upgraded.

x/mesa-20.1.5-x86_64-1.txz: Upgraded.

+--------------------------+

Wed Aug 5 18:46:42 UTC 2020

a/aaa_terminfo-6.2_20200801-x86_64-1.txz: Upgraded.

a/hwdata-0.338-noarch-1.txz: Upgraded.

l/ncurses-6.2_20200801-x86_64-1.txz: Upgraded.

n/ethtool-5.8-x86_64-1.txz: Upgraded.

n/httpd-2.4.46-x86_64-1.txz: Upgraded.

+--------------------------+

Tue Aug 4 17:49:39 UTC 2020

ap/vim-8.2.1361-x86_64-1.txz: Upgraded.

d/mercurial-5.5-x86_64-1.txz: Upgraded.

d/python-pip-20.2.1-x86_64-1.txz: Upgraded.

l/gegl-0.4.26-x86_64-1.txz: Upgraded.

n/php-7.4.9-x86_64-1.txz: Upgraded.

This update fixes bugs and a security issue:

Phar: Use of freed hash key in the phar_parse_zipfile function.

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7068

(* Security fix *)

xap/vim-gvim-8.2.1361-x86_64-1.txz: Upgraded.

+--------------------------+

Mon Aug 3 20:03:30 UTC 2020

a/kernel-firmware-20200803_9bc3789-noarch-1.txz: Upgraded.

d/rust-1.45.2-x86_64-1.txz: Upgraded.

l/babl-0.1.80-x86_64-1.txz: Upgraded.

l/lmdb-0.9.25-x86_64-1.txz: Upgraded.

l/mozjs68-68.11.0esr-x86_64-2.txz: Rebuilt.

Fixed slack-desc. Thanks to USUARIONUEVO.

n/rsync-3.2.3pre1-x86_64-1.txz: Upgraded.

x/libinput-1.16.0-x86_64-1.txz: Upgraded.

+--------------------------+

Sun Aug 2 18:20:30 UTC 2020

d/bison-3.7.1-x86_64-1.txz: Upgraded.

d/python-setuptools-49.2.1-x86_64-1.txz: Upgraded.

l/libcap-2.42-x86_64-1.txz: Upgraded.

x/libX11-1.6.10-x86_64-2.txz: Rebuilt.

Fix size calculation in _XimAttributeToValue.

Thanks to chrisVV and Yichao Yu.

extra/xfractint/xfractint-20.04p16-x86_64-1.txz: Upgraded.

+--------------------------+

Sat Aug 1 19:08:49 UTC 2020

a/cryptsetup-2.3.3-x86_64-2.txz: Rebuilt.

Recompiled against json-c-0.15_20200726.

l/imagemagick-7.0.10_25-x86_64-1.txz: Upgraded.

l/json-c-0.15_20200726-x86_64-1.txz: Upgraded.

Shared library .so-version bump.

l/urwid-1.0.3-x86_64-5.txz: Removed.

This is an ancient version that was only used by wicd.

n/bind-9.16.5-x86_64-2.txz: Rebuilt.

Recompiled against json-c-0.15_20200726.

x/libmypaint-1.6.1-x86_64-2.txz: Rebuilt.

Recompiled against json-c-0.15_20200726.

xap/gimp-2.10.20-x86_64-2.txz: Rebuilt.

Recompiled against json-c-0.15_20200726.

extra/wicd/wicd-1.7.4-x86_64-3.txz: Removed.

This is unmaintained, possibly insecure, and doesn't work with Python

versions newer than 2.7.18. NetworkManager is a better choice these days.

+--------------------------+

Fri Jul 31 22:00:05 UTC 2020

a/kernel-generic-5.4.55-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.55-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.55-x86_64-1.txz: Upgraded.

ap/sysstat-12.4.0-x86_64-1.txz: Upgraded.

d/cmake-3.18.1-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.55-x86-1.txz: Upgraded.

d/python-pip-20.2-x86_64-1.txz: Upgraded.

d/re2c-2.0.1-x86_64-1.txz: Upgraded.

d/rust-1.45.1-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.55-noarch-1.txz: Upgraded.

l/libvpx-1.9.0-x86_64-1.txz: Upgraded.

l/mozjs60-60.9.0esr-x86_64-1.txz: Removed.

l/mozjs68-68.11.0esr-x86_64-1.txz: Added.

IMPORTANT: This is needed for polkit-0.117.

l/polkit-0.117-x86_64-1.txz: Upgraded.

x/libX11-1.6.10-x86_64-1.txz: Upgraded.

xap/mozilla-thunderbird-68.11.0-x86_64-1.txz: Upgraded.

This release contains security fixes and improvements.

For more information, see:

https://www.mozilla.org/en-US/thunderbird/68.11.0/releasenotes/

https://www.mozilla.org/en-US/security/advisories/mfsa2020-35/

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15652

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6514

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6463

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15659

(* Security fix *)

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Wed Jul 29 19:35:55 UTC 2020

a/kernel-generic-5.4.54-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.54-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.54-x86_64-1.txz: Upgraded.

ap/inxi-20200728_6ce9149b-noarch-1.txz: Added.

A system information script. Not as flashy as neofetch, but with more useful

output options. Thanks to drgibbon for the suggestion.

ap/nano-5.0-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.54-x86-1.txz: Upgraded.

d/vala-0.48.8-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.54-noarch-1.txz: Upgraded.

l/jasper-2.0.19-x86_64-1.txz: Upgraded.

x/hack-fonts-ttf-3.003-noarch-1.txz: Added.

Thanks to alienBOB.

x/noto-cjk-fonts-ttf-2.001-noarch-1.txz: Added.

Thanks to alienBOB.

x/noto-fonts-ttf-20171024-noarch-1.txz: Added.

Thanks to alienBOB.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Wed Jul 29 04:46:21 UTC 2020

d/git-2.28.0-x86_64-1.txz: Upgraded.

e/emacspeak-52.0-x86_64-1.txz: Added.

l/espeak-ng-1.50-x86_64-1.txz: Added.

l/pcaudiolib-1.1-x86_64-1.txz: Added.

l/xxHash-0.8.0-x86_64-1.txz: Upgraded.

xap/xaos-4.1-x86_64-1.txz: Upgraded.

+--------------------------+

Mon Jul 27 18:14:47 UTC 2020

a/gettext-0.21-x86_64-1.txz: Upgraded.

d/bison-3.7-x86_64-1.txz: Upgraded.

d/gettext-tools-0.21-x86_64-1.txz: Upgraded.

n/postfix-3.5.6-x86_64-1.txz: Upgraded.

xap/mozilla-firefox-78.1.0esr-x86_64-1.txz: Upgraded.

This release contains security fixes and improvements.

For more information, see:

https://www.mozilla.org/en-US/firefox/78.1.0/releasenotes/

(* Security fix *)

+--------------------------+

Sun Jul 26 18:59:24 UTC 2020

l/boost-1.73.0-x86_64-3.txz: Rebuilt.

Revert a change that broke building krita. Thanks to oneforall2.

l/libcap-2.41-x86_64-1.txz: Upgraded.

n/libqmi-1.26.2-x86_64-1.txz: Upgraded.

+--------------------------+

Sat Jul 25 18:11:22 UTC 2020

a/minicom-2.7.2-x86_64-1.txz: Upgraded.

a/xfsprogs-5.7.0-x86_64-1.txz: Upgraded.

l/harfbuzz-2.7.0-x86_64-1.txz: Upgraded.

l/mozilla-nss-3.55-x86_64-1.txz: Upgraded.

Fixed empty nspr-config. Thanks to saxa.

n/postfix-3.5.5-x86_64-1.txz: Upgraded.

extra/bash-completion/bash-completion-2.11-noarch-1.txz: Upgraded.

+--------------------------+

Fri Jul 24 18:44:56 UTC 2020

ap/vim-8.2.1288-x86_64-1.txz: Upgraded.

d/oprofile-1.4.0-x86_64-1.txz: Upgraded.

xap/vim-gvim-8.2.1288-x86_64-1.txz: Upgraded.

+--------------------------+

Thu Jul 23 20:08:16 UTC 2020

a/util-linux-2.36-x86_64-1.txz: Upgraded.

d/check-0.15.1-x86_64-1.txz: Upgraded.

d/parallel-20200722-noarch-1.txz: Upgraded.

x/mesa-20.1.4-x86_64-1.txz: Upgraded.

extra/sendmail/sendmail-8.16.1-x86_64-2.txz: Rebuilt.

Updated site.config.m4 and included -DDANE. Thanks to HQuest.

extra/sendmail/sendmail-cf-8.16.1-noarch-2.txz: Rebuilt.

testing/packages/gcc10/gcc-10.2.0-x86_64-1.txz: Upgraded.

testing/packages/gcc10/gcc-brig-10.2.0-x86_64-1.txz: Upgraded.

testing/packages/gcc10/gcc-g++-10.2.0-x86_64-1.txz: Upgraded.

testing/packages/gcc10/gcc-gdc-10.2.0-x86_64-1.txz: Upgraded.

testing/packages/gcc10/gcc-gfortran-10.2.0-x86_64-1.txz: Upgraded.

testing/packages/gcc10/gcc-gnat-10.2.0-x86_64-1.txz: Upgraded.

testing/packages/gcc10/gcc-go-10.2.0-x86_64-1.txz: Upgraded.

testing/packages/gcc10/gcc-objc-10.2.0-x86_64-1.txz: Upgraded.

+--------------------------+

Wed Jul 22 20:27:42 UTC 2020

a/kernel-generic-5.4.53-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.53-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.53-x86_64-1.txz: Upgraded.

ap/sudo-1.9.2-x86_64-1.txz: Upgraded.

d/ccache-3.7.11-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.53-x86-1.txz: Upgraded.

d/llvm-10.0.1-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.53-noarch-1.txz: Upgraded.

l/libidn-1.36-x86_64-1.txz: Upgraded.

l/netpbm-10.91.01-x86_64-1.txz: Upgraded.

l/python-urllib3-1.25.10-x86_64-1.txz: Upgraded.

xap/xlockmore-5.65-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Tue Jul 21 19:59:48 UTC 2020

a/kernel-firmware-20200721_2b823fc-noarch-1.txz: Upgraded.

d/python3-3.8.5-x86_64-1.txz: Upgraded.

d/re2c-2.0-x86_64-1.txz: Upgraded.

l/farstream-0.2.9-x86_64-1.txz: Added.

Needed by pidgin-2.14.1.

l/libnice-0.1.17-x86_64-1.txz: Added.

Needed by farstream-0.2.9.

n/iptraf-ng-1.2.1-x86_64-1.txz: Upgraded.

n/proftpd-1.3.7a-x86_64-1.txz: Upgraded.

xap/pidgin-2.14.1-x86_64-1.txz: Upgraded.

This update adds support for voice and video via Farstream.

+--------------------------+

Mon Jul 20 17:37:10 UTC 2020

a/kernel-firmware-20200716_1d1c80b-noarch-1.txz: Upgraded.

ap/mc-4.8.25-x86_64-1.txz: Upgraded.

d/nasm-2.15.03-x86_64-1.txz: Upgraded.

d/scons-4.0.1-x86_64-1.txz: Upgraded.

l/imagemagick-7.0.10_24-x86_64-1.txz: Upgraded.

l/jasper-2.0.18-x86_64-1.txz: Upgraded.

l/libcap-2.40-x86_64-1.txz: Upgraded.

l/libpsl-0.21.1-x86_64-2.txz: Rebuilt.

n/dnsmasq-2.82-x86_64-1.txz: Upgraded.

x/xev-1.2.4-x86_64-1.txz: Upgraded.

+--------------------------+

Fri Jul 17 18:42:24 UTC 2020

ap/mpg123-1.26.3-x86_64-1.txz: Upgraded.

n/gpgme-1.14.0-x86_64-1.txz: Upgraded.

xap/gnuplot-5.4.0-x86_64-1.txz: Upgraded.

extra/pure-alsa-system/mpg123-1.26.3-x86_64-1_alsa.txz: Upgraded.

+--------------------------+

Thu Jul 16 19:43:38 UTC 2020

a/kernel-generic-5.4.52-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.52-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.52-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.52-x86-1.txz: Upgraded.

d/rust-1.45.0-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.52-noarch-1.txz: Upgraded.

l/M2Crypto-0.36.0-x86_64-1.txz: Upgraded.

x/libevdev-1.9.1-x86_64-1.txz: Upgraded.

xap/pan-0.146-x86_64-2.txz: Rebuilt.

Fix posting errors with GMime3. Thanks to Detlef Graef.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Wed Jul 15 19:34:18 UTC 2020

a/kernel-firmware-20200715_69c7f0b-noarch-1.txz: Upgraded.

ap/soma-3.3.5-noarch-1.txz: Upgraded.

Thanks to David Woodfall.

d/cmake-3.18.0-x86_64-1.txz: Upgraded.

l/libzip-1.7.3-x86_64-1.txz: Upgraded.

+--------------------------+

Tue Jul 14 18:26:33 UTC 2020

d/python3-3.8.4-x86_64-1.txz: Upgraded.

n/NetworkManager-1.26.0-x86_64-1.txz: Upgraded.

n/bridge-utils-1.7-x86_64-1.txz: Upgraded.

+--------------------------+

Mon Jul 13 18:31:31 UTC 2020

a/kernel-firmware-20200713_3d3a06f-noarch-1.txz: Upgraded.

d/meson-0.55.0-x86_64-1.txz: Upgraded.

d/python-setuptools-49.2.0-x86_64-1.txz: Upgraded.

l/libcap-2.39-x86_64-1.txz: Upgraded.

l/libzip-1.7.2-x86_64-1.txz: Upgraded.

n/alpine-2.23.2-x86_64-1.txz: Upgraded.

n/libmilter-8.16.1-x86_64-1.txz: Upgraded.

n/mutt-1.14.6-x86_64-1.txz: Upgraded.

x/xterm-358-x86_64-1.txz: Upgraded.

extra/xfractint/xfractint-20.04p15-x86_64-1.txz: Upgraded.

+--------------------------+

Sat Jul 11 18:57:11 UTC 2020

a/bash-5.0.018-x86_64-1.txz: Upgraded.

d/python-setuptools-49.1.2-x86_64-1.txz: Upgraded.

l/ffmpeg-4.3.1-x86_64-1.txz: Upgraded.

xap/audacious-4.0.5-x86_64-1.txz: Upgraded.

xap/audacious-plugins-4.0.5-x86_64-1.txz: Upgraded.

extra/pure-alsa-system/audacious-plugins-4.0.5-x86_64-1_alsa.txz: Upgraded.

extra/pure-alsa-system/ffmpeg-4.3.1-x86_64-1_alsa.txz: Upgraded.

+--------------------------+

Fri Jul 10 18:27:57 UTC 2020

a/logrotate-3.17.0-x86_64-1.txz: Upgraded.

ap/dash-0.5.11.1-x86_64-1.txz: Upgraded.

ap/neofetch-20200708_af2c02c-noarch-1.txz: Upgraded.

l/mpfr-4.1.0-x86_64-1.txz: Upgraded.

n/libmbim-1.24.2-x86_64-1.txz: Upgraded.

+--------------------------+

Fri Jul 10 00:40:43 UTC 2020

a/kernel-generic-5.4.51-x86_64-1.txz: Upgraded.

+EFI_CUSTOM_SSDT_OVERLAYS y

a/kernel-huge-5.4.51-x86_64-1.txz: Upgraded.

SPEAKUP y -> m

SPEAKUP_SYNTH_ACNTPC y -> m

SPEAKUP_SYNTH_ACNTSA y -> m

SPEAKUP_SYNTH_APOLLO y -> m

SPEAKUP_SYNTH_AUDPTR y -> m

SPEAKUP_SYNTH_BNS y -> m

SPEAKUP_SYNTH_DECEXT y -> m

SPEAKUP_SYNTH_DECTLK y -> m

SPEAKUP_SYNTH_DTLK y -> m

SPEAKUP_SYNTH_DUMMY y -> m

SPEAKUP_SYNTH_KEYPC y -> m

SPEAKUP_SYNTH_LTLK y -> m

SPEAKUP_SYNTH_SOFT y -> m

SPEAKUP_SYNTH_SPKOUT y -> m

SPEAKUP_SYNTH_TXPRT y -> m

+EFI_CUSTOM_SSDT_OVERLAYS y

a/kernel-modules-5.4.51-x86_64-1.txz: Upgraded.

ap/vim-8.2.1167-x86_64-1.txz: Upgraded.

d/Cython-0.29.21-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.51-x86-1.txz: Upgraded.

k/kernel-source-5.4.51-noarch-1.txz: Upgraded.

+EFI_CUSTOM_SSDT_OVERLAYS y

n/gnupg2-2.2.21-x86_64-1.txz: Upgraded.

x/mesa-20.1.3-x86_64-1.txz: Upgraded.

xap/mozilla-firefox-78.0.2esr-x86_64-1.txz: Upgraded.

This release contains a security fix and improvements.

For more information, see:

https://www.mozilla.org/en-US/firefox/78.0.2/releasenotes/

https://www.mozilla.org/security/advisories/mfsa2020-28/

(* Security fix *)

xap/vim-gvim-8.2.1167-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

Speakup is included as modules which will need to be loaded manually,

for now at least.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

Speakup is included as modules which will need to be loaded manually,

for now at least.

+--------------------------+

Wed Jul 8 20:56:51 UTC 2020

a/kernel-firmware-20200702_74ac3b5-noarch-1.txz: Upgraded.

a/sysvinit-2.97-x86_64-1.txz: Upgraded.

n/bind-9.16.5-x86_64-1.txz: Upgraded.

x/xf86-video-intel-20191028_5ca3ac1a-x86_64-1.txz: Upgraded.

+--------------------------+

Tue Jul 7 20:51:59 UTC 2020

l/alsa-lib-1.2.3.2-x86_64-1.txz: Upgraded.

l/dconf-editor-3.36.4-x86_64-1.txz: Upgraded.

l/fribidi-1.0.10-x86_64-1.txz: Upgraded.

l/libcap-2.38-x86_64-1.txz: Upgraded.

n/libgcrypt-1.8.6-x86_64-1.txz: Upgraded.

n/php-7.4.8-x86_64-1.txz: Upgraded.

n/rsync-3.2.2-x86_64-1.txz: Upgraded.

x/xterm-357-x86_64-1.txz: Upgraded.

xap/mozilla-firefox-78.0.1esr-x86_64-2.txz: Rebuilt.

Recompiled with --enable-default-toolkit=cairo-gtk3-wayland.

xap/seamonkey-2.53.3-x86_64-1.txz: Upgraded.

This update contains security fixes and improvements.

For more information, see:

https://www.seamonkey-project.org/releases/seamonkey2.53.3

(* Security fix *)

extra/pure-alsa-system/alsa-lib-1.2.3.2-x86_64-1_alsa.txz: Upgraded.

+--------------------------+

Sun Jul 5 19:43:59 UTC 2020

ap/mpg123-1.26.2-x86_64-1.txz: Upgraded.

l/imagemagick-7.0.10_23-x86_64-1.txz: Upgraded.

l/libevent-2.1.12-x86_64-1.txz: Upgraded.

extra/pure-alsa-system/mpg123-1.26.2-x86_64-1_alsa.txz: Upgraded.

extra/sendmail/sendmail-8.16.1-x86_64-1.txz: Upgraded.

extra/sendmail/sendmail-cf-8.16.1-noarch-1.txz: Upgraded.

+--------------------------+

Sat Jul 4 18:59:06 UTC 2020

a/hwdata-0.337-noarch-1.txz: Upgraded.

d/python-setuptools-49.1.0-x86_64-1.txz: Upgraded.

l/libcap-2.37-x86_64-1.txz: Upgraded.

l/librsvg-2.48.8-x86_64-1.txz: Upgraded.

l/libuv-1.38.1-x86_64-1.txz: Upgraded.

l/libvorbis-1.3.7-x86_64-1.txz: Upgraded.

Fix out-of-bounds read encoding very low sample rates.

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10393

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14160

(* Security fix *)

+--------------------------+

Fri Jul 3 20:28:47 UTC 2020

a/btrfs-progs-5.7-x86_64-1.txz: Upgraded.

a/dbus-1.12.20-x86_64-1.txz: Upgraded.

d/help2man-1.47.16-x86_64-1.txz: Upgraded.

d/python-setuptools-48.0.0-x86_64-1.txz: Upgraded.

xap/mozilla-firefox-78.0.1esr-x86_64-1.txz: Upgraded.

Updated to the new 78.x ESR release. :-)

This release contains security fixes and improvements.

For more information, see:

https://www.mozilla.org/en-US/firefox/78.0.1/releasenotes/

https://www.mozilla.org/security/advisories/mfsa2020-24/

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12416

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12417

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12418

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12419

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12420

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12402

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12421

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12422

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12423

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12424

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12425

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12426

(* Security fix *)

extra/pure-alsa-system/alsa-lib-1.2.3.1-x86_64-1_alsa.txz: Upgraded.

extra/pure-alsa-system/xfce4-mixer-4.11.0-x86_64-2_alsa.txz: Rebuilt.

Recompiled against keybinder3-3.0_0.3.2.

+--------------------------+

Thu Jul 2 19:18:33 UTC 2020

d/mercurial-5.4.2-x86_64-1.txz: Upgraded.

d/nasm-2.15.02-x86_64-1.txz: Upgraded.

l/glib2-2.64.4-x86_64-1.txz: Upgraded.

n/samba-4.12.5-x86_64-1.txz: Upgraded.

x/libXaw3dXft-1.6.2g-x86_64-1.txz: Upgraded.

xap/mozilla-thunderbird-68.10.0-x86_64-1.txz: Upgraded.

This is a bugfix release.

For more information, see:

https://www.mozilla.org/en-US/thunderbird/68.10.0/releasenotes/

+--------------------------+

Wed Jul 1 19:15:58 UTC 2020

a/kernel-generic-5.4.50-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.50-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.50-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.50-x86-1.txz: Upgraded.

k/kernel-source-5.4.50-noarch-1.txz: Upgraded.

l/netpbm-10.91.00-x86_64-1.txz: Upgraded.

l/python-pillow-7.2.0-x86_64-1.txz: Upgraded.

n/curl-7.71.1-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Tue Jun 30 18:56:59 UTC 2020

a/kernel-firmware-20200629_1a0c0c2-noarch-1.txz: Upgraded.

ap/mariadb-10.5.4-x86_64-2.txz: Rebuilt.

rc.mysqld: stop the database by PID to avoid improperly stopping other

instances that were not started by this script. Thanks to denydias.

d/vala-0.48.7-x86_64-1.txz: Upgraded.

l/opusfile-0.12-x86_64-1.txz: Upgraded.

n/ca-certificates-20200630-noarch-1.txz: Upgraded.

This update provides the latest CA certificates to check for the

authenticity of SSL connections.

x/libwacom-1.4.1-x86_64-1.txz: Upgraded.

+--------------------------+

Mon Jun 29 18:21:49 UTC 2020

a/haveged-1.9.13-x86_64-1.txz: Upgraded.

a/util-linux-2.35.2-x86_64-5.txz: Rebuilt.

Also fix chsh when linked with libreadline. Thanks to Karel Zak.

l/gtk+3-3.24.21-x86_64-1.txz: Upgraded.

xap/mozilla-firefox-68.10.0esr-x86_64-1.txz: Upgraded.

This release contains security fixes and improvements.

For more information, see:

https://www.mozilla.org/en-US/firefox/68.10.0/releasenotes/

(* Security fix *)

+--------------------------+

Sun Jun 28 21:57:58 UTC 2020

x/libwacom-1.4-x86_64-2.txz: Rebuilt.

Fix joystick property matching in udev rule. Thanks to Pixxt.

+--------------------------+

Sun Jun 28 19:37:44 UTC 2020

a/util-linux-2.35.2-x86_64-4.txz: Rebuilt.

Fix chfn line breaks when libreadline is used. Thanks to gouttegd.

d/nasm-2.15.01-x86_64-1.txz: Upgraded.

l/imagemagick-7.0.10_22-x86_64-1.txz: Upgraded.

l/mozilla-nss-3.54-x86_64-1.txz: Upgraded.

l/python-idna-2.10-x86_64-1.txz: Upgraded.

n/postfix-3.5.4-x86_64-1.txz: Upgraded.

+--------------------------+

Fri Jun 26 19:18:25 UTC 2020

a/sysklogd-2.1.2-x86_64-1.txz: Upgraded.

Make sure to move the .new init script and config into place for this.

ap/undervolt-20200612_07d0c70-x86_64-1.txz: Added.

l/popt-1.18-x86_64-1.txz: Upgraded.

x/libglvnd-1.3.2-x86_64-1.txz: Upgraded.

x/libva-2.8.0-x86_64-1.txz: Upgraded.

x/libva-utils-2.8.0-x86_64-1.txz: Upgraded.

+--------------------------+

Thu Jun 25 18:15:39 UTC 2020

a/kernel-generic-5.4.49-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.49-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.49-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.49-x86-1.txz: Upgraded.

k/kernel-source-5.4.49-noarch-1.txz: Upgraded.

l/xxHash-0.7.4-x86_64-1.txz: Upgraded.

x/mesa-20.1.2-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Wed Jun 24 20:06:50 UTC 2020

ap/mariadb-10.5.4-x86_64-1.txz: Upgraded.

d/guile-3.0.4-x86_64-1.txz: Upgraded.

Shared library .so-version bump.

Looks like the previous bump was a mistake:

This release fixes the SONAME of libguile-3.0.so, which was erroneously

bumped in 3.0.3 compared to 3.0.2. Distributions are strongly

encouraged to use 3.0.4 instead of 3.0.3.

d/make-4.2.1-x86_64-7.txz: Rebuilt.

Recompiled against guile-3.0.4.

l/libjpeg-turbo-2.0.5-x86_64-1.txz: Upgraded.

This update fixes bugs and a security issue:

Fixed an issue in the PPM reader that caused a buffer overrun in cjpeg,

TJBench, or the `tjLoadImage()` function if one of the values in a binary

PPM/PGM input file exceeded the maximum value defined in the file's header

and that maximum value was less than 255.

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13790

(* Security fix *)

n/ModemManager-1.14.0-x86_64-1.txz: Upgraded.

n/curl-7.71.0-x86_64-1.txz: Upgraded.

This update fixes security issues:

curl overwrite local file with -J [111]

Partial password leak over DNS on HTTP redirect [48]

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169

(* Security fix *)

n/gnutls-3.6.14-x86_64-3.txz: Rebuilt.

Recompiled against guile-3.0.4.

n/mutt-1.14.5-x86_64-1.txz: Upgraded.

x/libwacom-1.4-x86_64-1.txz: Upgraded.

+--------------------------+

Tue Jun 23 21:49:49 UTC 2020

ap/man-db-2.9.3-x86_64-1.txz: Upgraded.

ap/mariadb-10.4.13-x86_64-3.txz: Rebuilt.

Recompiled to pick up lz4 support. Thanks to Heinz Wiesinger.

ap/squashfs-tools-4.4-x86_64-2.txz: Rebuilt.

Added lz4 support. Thanks to Heinz Wiesinger.

d/ccache-3.7.10-x86_64-1.txz: Upgraded.

d/parallel-20200622-noarch-1.txz: Upgraded.

d/subversion-1.14.0-x86_64-2.txz: Rebuilt.

Use the system lz4 library. Thanks to Heinz Wiesinger.

l/imagemagick-7.0.10_21-x86_64-1.txz: Upgraded.

l/libarchive-3.4.3-x86_64-2.txz: Rebuilt.

Recompiled to pick up lz4 support. Thanks to Heinz Wiesinger.

l/lz4-1.9.2-x86_64-1.txz: Added.

This is a new dependency for dovecot, libarchive, mariadb, rsync,

squashfs-tools, subversion, and zstd. Thanks to Heinz Wiesinger.

l/xxHash-0.7.3-x86_64-1.txz: Added.

This is a new dependency for rsync.

l/zstd-1.4.5-x86_64-2.txz: Rebuilt.

Recompiled to pick up lz4 support. Thanks to Heinz Wiesinger.

n/dovecot-2.3.10.1-x86_64-2.txz: Rebuilt.

Recompiled to pick up lz4 support. Thanks to Heinz Wiesinger.

n/libmbim-1.24.0-x86_64-1.txz: Upgraded.

n/nfs-utils-2.5.1-x86_64-1.txz: Upgraded.

n/ntp-4.2.8p15-x86_64-1.txz: Upgraded.

This release fixes one vulnerability: Associations that use CMAC

authentication between ntpd from versions 4.2.8p11/4.3.97 and

4.2.8p14/4.3.100 will leak a small amount of memory for each packet.

Eventually, ntpd will run out of memory and abort.

(* Security fix *)

n/rsync-3.2.1-x86_64-1.txz: Upgraded.

Please note that this update requires the new packages xxHash and lz4.

t/texlive-2020.200608-x86_64-1.txz: Upgraded.

Thanks to Johannes Schoepfer.

xap/blueman-2.1.3-x86_64-2.txz: Rebuilt.

As a matter of policy and since the rule already exists in

/usr/share/polkit-1/rules.d/, we should not install a rules file in /etc.

Note that since the file was installed as a .new, upgrading the package

will not remove it and it will need to be removed manually. It's harmless

if it remains, though.

Thanks to Robby Workman.

xap/network-manager-applet-1.18.0-x86_64-1.txz: Upgraded.

+--------------------------+

Mon Jun 22 20:20:12 UTC 2020

a/kernel-generic-5.4.48-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.48-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.48-x86_64-1.txz: Upgraded.

ap/neofetch-20200613_5b8eea9-x86_64-1.txz: Added.

All the cool kids are including this. ;-)

ap/texinfo-6.7-x86_64-2.txz: Rebuilt.

Recompiled against perl-5.32.0.

ap/vim-8.2.1039-x86_64-1.txz: Upgraded.

Compiled against perl-5.32.0.

d/check-0.15.0-x86_64-1.txz: Upgraded.

d/guile-3.0.3-x86_64-1.txz: Upgraded.

Shared library .so-version bump.

d/kernel-headers-5.4.48-x86-1.txz: Upgraded.

d/make-4.2.1-x86_64-6.txz: Rebuilt.

Recompiled against guile-3.0.3.

d/perl-5.32.0-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.48-noarch-1.txz: Upgraded.

kde/perlkde-4.14.3-x86_64-9.txz: Rebuilt.

Recompiled against perl-5.32.0.

kde/perlqt-4.14.3-x86_64-10.txz: Rebuilt.

Recompiled against perl-5.32.0.

l/harfbuzz-2.6.8-x86_64-1.txz: Upgraded.

l/imagemagick-7.0.10_20-x86_64-1.txz: Upgraded.

l/neon-0.31.2-x86_64-1.txz: Upgraded.

l/python-certifi-2020.6.20-x86_64-1.txz: Upgraded.

n/alpine-2.23-x86_64-1.txz: Upgraded.

n/epic5-2.1.2-x86_64-2.txz: Rebuilt.

Recompiled against perl-5.32.0.

n/gnutls-3.6.14-x86_64-2.txz: Rebuilt.

Recompiled against guile-3.0.3.

n/irssi-1.2.2-x86_64-3.txz: Rebuilt.

Recompiled against perl-5.32.0.

n/libqmi-1.26.0-x86_64-1.txz: Upgraded.

n/net-snmp-5.8-x86_64-6.txz: Rebuilt.

Recompiled against perl-5.32.0.

n/ntp-4.2.8p14-x86_64-2.txz: Rebuilt.

Recompiled against perl-5.32.0.

xap/hexchat-2.14.3-x86_64-3.txz: Rebuilt.

Recompiled against perl-5.32.0.

xap/rxvt-unicode-9.22-x86_64-8.txz: Rebuilt.

Recompiled against perl-5.32.0.

xap/vim-gvim-8.2.1039-x86_64-1.txz: Upgraded.

Compiled against perl-5.32.0.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Fri Jun 19 19:59:04 UTC 2020

a/haveged-1.9.12-x86_64-1.txz: Upgraded.

a/kernel-firmware-20200619_3890db3-noarch-1.txz: Upgraded.

a/sysvinit-scripts-2.1-noarch-34.txz: Rebuilt.

rc.M: check for elogind first so that we can ignore a stale CK2 package.

ap/sudo-1.9.1-x86_64-1.txz: Upgraded.

l/alsa-lib-1.2.3.1-x86_64-1.txz: Upgraded.

l/desktop-file-utils-0.26-x86_64-1.txz: Upgraded.

n/mutt-1.14.4-x86_64-1.txz: Upgraded.

x/libinput-1.15.6-x86_64-1.txz: Upgraded.

x/xinit-1.4.1-x86_64-2.txz: Rebuilt.

When using elogind, start the session on the current console.

Thanks to alienBOB.

+--------------------------+

Thu Jun 18 22:01:29 UTC 2020

a/kernel-generic-5.4.47-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.47-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.47-x86_64-1.txz: Upgraded.

a/sysvinit-scripts-2.1-noarch-33.txz: Rebuilt.

rc.M: add support for elogind. Thanks to alienBOB.

a/util-linux-2.35.2-x86_64-3.txz: Rebuilt.

/etc/pam.d/login: support pam_elogind.so. Thanks to alienBOB.

ap/sqlite-3.32.3-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.47-x86-1.txz: Upgraded.

d/rust-1.44.1-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.47-noarch-1.txz: Upgraded.

n/bind-9.16.4-x86_64-1.txz: Upgraded.

This update fixes two security issues:

It was possible to trigger an INSIST when determining whether a record would

fit into a TCP message buffer.

It was possible to trigger an INSIST in lib/dns/rbtdb.c:new_reference() with

a particular zone content and query patterns.

For more information, see:

https://kb.isc.org/docs/cve-2020-8618

https://kb.isc.org/docs/cve-2020-8619

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8618

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619

(* Security fix *)

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Wed Jun 17 19:42:26 UTC 2020

ap/nvme-cli-1.12-x86_64-1.txz: Upgraded.

d/python-setuptools-47.3.1-x86_64-1.txz: Upgraded.

l/lcms2-2.11-x86_64-1.txz: Upgraded.

l/mozilla-nss-3.53.1-x86_64-1.txz: Upgraded.

l/python-requests-2.24.0-x86_64-1.txz: Upgraded.

+--------------------------+

Tue Jun 16 20:50:41 UTC 2020

a/shadow-4.8.1-x86_64-10.txz: Rebuilt.

system-auth: auth required pam_unix.so [...], otherwise the stack exits

before pam_gnome_keyring.so executes. Thanks to pyllyukko.

Get rid of "auth required pam_deny.so" which seems like a mistake.

Still pending: consider GazL's comments on moving stuff out of system-auth.

a/upower-0.9.23-x86_64-5.txz: Rebuilt.

Recompiled against libimobiledevice-20200615_4791a82 and libplist-2.2.0.

The renaming mess initiated by libplist required a rebuild on this one to

keep things consistent for now, but don't worry - we aren't going to be

sticking to this version for long or anything.

ap/hplip-3.20.6-x86_64-1.txz: Upgraded.

ap/usbmuxd-20200615_3daa1e9-x86_64-1.txz: Upgraded.

Compiled against libimobiledevice-20200615_4791a82 and libplist-2.2.0.

d/bison-3.6.4-x86_64-1.txz: Upgraded.

d/meson-0.54.3-x86_64-1.txz: Upgraded.

d/python-setuptools-47.3.0-x86_64-1.txz: Upgraded.

l/ffmpeg-4.3-x86_64-1.txz: Upgraded.

l/gvfs-1.44.1-x86_64-2.txz: Rebuilt.

Recompiled against libimobiledevice-20200615_4791a82 and libplist-2.2.0.

l/libgpod-0.8.3-x86_64-7.txz: Rebuilt.

Recompiled against libimobiledevice-20200615_4791a82 and libplist-2.2.0.

l/libimobiledevice-20200615_4791a82-x86_64-1.txz: Upgraded.

Shared library .so-version bump.

l/libplist-2.2.0-x86_64-1.txz: Upgraded.

Shared library .so-version bump.

l/libusbmuxd-20200615_c7d7d1a-x86_64-1.txz: Upgraded.

Shared library .so-version bump.

n/fetchmail-6.4.8-x86_64-1.txz: Upgraded.

n/nftables-0.9.6-x86_64-1.txz: Upgraded.

extra/pure-alsa-system/ffmpeg-4.3-x86_64-1_alsa.txz: Upgraded.

+--------------------------+

Mon Jun 15 18:45:08 UTC 2020

a/file-5.39-x86_64-1.txz: Upgraded.

n/mutt-1.14.3-x86_64-1.txz: Upgraded.

n/postfix-3.5.3-x86_64-1.txz: Upgraded.

x/twm-1.0.11-x86_64-1.txz: Upgraded.

+--------------------------+

Sun Jun 14 19:29:20 UTC 2020

a/haveged-1.9.11-x86_64-1.txz: Upgraded.

l/libvncserver-0.9.13-x86_64-1.txz: Upgraded.

n/libnetfilter_queue-1.0.5-x86_64-1.txz: Upgraded.

x/vulkan-sdk-1.2.141.0-x86_64-1.txz: Upgraded.

xap/xlockmore-5.64-x86_64-1.txz: Upgraded.

+--------------------------+

Sat Jun 13 20:40:31 UTC 2020

a/pam-1.4.0-x86_64-1.txz: Upgraded.

IMPORTANT NOTE: This update removes the pam_cracklib and pam_tally2 modules.

None of our current configuration files in /etc/pam.d/ use either of those,

but if the configuration files on your machine do you'll need to comment out

or remove those lines, otherwise you may experience login failures.

a/shadow-4.8.1-x86_64-9.txz: Rebuilt.

/etc/pam.d/system-auth: prefix lines that call pam_gnome_keyring.so with '-'

to avoid spamming the logs about failures.

a/sysvinit-scripts-2.1-noarch-32.txz: Rebuilt.

rc.S: create /var/run/faillock directory for pam_faillock(8).

a/util-linux-2.35.2-x86_64-2.txz: Rebuilt.

/etc/pam.d/login: change the example for locking an account for too many

failed login attempts to use pam_faillock instead of pam_tally2.

l/imagemagick-7.0.10_19-x86_64-1.txz: Upgraded.

l/libzip-1.7.1-x86_64-1.txz: Upgraded.

n/openssh-8.3p1-x86_64-2.txz: Rebuilt.

/etc/pam.d/sshd: change the example for locking an account for too many

failed login attempts to use pam_faillock instead of pam_tally2.

+--------------------------+

Fri Jun 12 19:05:51 UTC 2020

ap/powertop-2.13-x86_64-1.txz: Upgraded.

l/elfutils-0.180-x86_64-1.txz: Upgraded.

l/fuse3-3.9.2-x86_64-1.txz: Upgraded.

n/alpine-2.22.1-x86_64-1.txz: Upgraded.

+--------------------------+

Thu Jun 11 21:17:43 UTC 2020

a/haveged-1.9.10-x86_64-1.txz: Upgraded.

ap/alsa-utils-1.2.3-x86_64-2.txz: Rebuilt.

This version seems good, but we'll recompile it against alsa-lib-1.2.2 just

to be on the safe side.

d/patchelf-0.11-x86_64-1.txz: Upgraded.

l/alsa-lib-1.2.2-x86_64-1.txz: Upgraded.

Revert to this version of alsa-lib due to the pulseaudio daemon crashing in

some cases where multiple audio devices are present.

extra/pure-alsa-system/alsa-lib-1.2.2-x86_64-1_alsa.txz: Upgraded.

Revert to this version of alsa-lib due to the pulseaudio daemon crashing in

some cases where multiple audio devices are present.

+--------------------------+

Wed Jun 10 23:15:33 UTC 2020

a/kernel-generic-5.4.46-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.46-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.46-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.46-x86-1.txz: Upgraded.

k/kernel-source-5.4.46-noarch-1.txz: Upgraded.

l/QScintilla-2.11.5-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Wed Jun 10 19:08:47 UTC 2020

a/kernel-firmware-20200610_887d2a1-noarch-1.txz: Upgraded.

ap/man-pages-5.07-noarch-1.txz: Upgraded.

d/Cython-0.29.20-x86_64-1.txz: Upgraded.

d/swig-4.0.2-x86_64-1.txz: Upgraded.

l/netpbm-10.90.04-x86_64-1.txz: Upgraded.

x/mesa-20.1.1-x86_64-1.txz: Upgraded.

+--------------------------+

Tue Jun 9 22:11:00 UTC 2020

ap/alsa-utils-1.2.3-x86_64-1.txz: Upgraded.

l/PyQt5-5.15.0-x86_64-1.txz: Upgraded.

l/alsa-lib-1.2.3-x86_64-1.txz: Upgraded.

l/imagemagick-7.0.10_18-x86_64-1.txz: Upgraded.

l/sip-4.19.23-x86_64-1.txz: Upgraded.

l/xapian-core-1.4.16-x86_64-1.txz: Upgraded.

n/php-7.4.7-x86_64-1.txz: Upgraded.

extra/pure-alsa-system/alsa-lib-1.2.3-x86_64-1_alsa.txz: Upgraded.

+--------------------------+

Mon Jun 8 19:35:33 UTC 2020

l/babl-0.1.78-x86_64-1.txz: Upgraded.

l/gegl-0.4.24-x86_64-1.txz: Upgraded.

l/qt5-webkit-5.212.0_alpha4-x86_64-3.txz: Rebuilt.

n/libnetfilter_queue-1.0.4-x86_64-1.txz: Upgraded.

x/liberation-fonts-ttf-2.1.1-noarch-1.txz: Upgraded.

xap/gimp-2.10.20-x86_64-1.txz: Upgraded.

+--------------------------+

Sun Jun 7 23:31:27 UTC 2020

a/kernel-generic-5.4.45-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.45-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.45-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.45-x86-1.txz: Upgraded.

k/kernel-source-5.4.45-noarch-1.txz: Upgraded.

l/imagemagick-7.0.10_17-x86_64-1.txz: Upgraded.

l/python-certifi-2020.4.5.2-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Sun Jun 7 01:56:26 UTC 2020

d/mercurial-5.4.1-x86_64-1.txz: Upgraded.

l/libzip-1.7.0-x86_64-1.txz: Upgraded.

n/libnftnl-1.1.7-x86_64-1.txz: Upgraded.

n/nftables-0.9.5-x86_64-1.txz: Upgraded.

+--------------------------+

Fri Jun 5 20:30:12 UTC 2020

ap/cups-filters-1.27.5-x86_64-1.txz: Upgraded.

ap/dash-0.5.11-x86_64-1.txz: Upgraded.

d/rust-1.44.0-x86_64-1.txz: Upgraded.

l/librsvg-2.48.7-x86_64-1.txz: Upgraded.

n/ethtool-5.7-x86_64-1.txz: Upgraded.

x/xkeyboard-config-2.30-noarch-1.txz: Upgraded.

+--------------------------+

Thu Jun 4 17:58:17 UTC 2020

ap/sqlite-3.32.2-x86_64-1.txz: Upgraded.

ap/vim-8.2.0901-x86_64-1.txz: Upgraded.

xap/mozilla-thunderbird-68.9.0-x86_64-1.txz: Upgraded.

This release contains security fixes and improvements.

For more information, see:

https://www.mozilla.org/en-US/thunderbird/68.9.0/releasenotes/

https://www.mozilla.org/en-US/security/advisories/mfsa2020-22/

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12398

(* Security fix *)

xap/vim-gvim-8.2.0901-x86_64-1.txz: Upgraded.

+--------------------------+

Wed Jun 3 20:21:52 UTC 2020

a/dbus-1.12.18-x86_64-1.txz: Upgraded.

a/kernel-generic-5.4.44-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.44-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.44-x86_64-1.txz: Upgraded.

d/bison-3.6.3-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.44-x86-1.txz: Upgraded.

d/subversion-1.14.0-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.44-noarch-1.txz: Upgraded.

l/harfbuzz-2.6.7-x86_64-1.txz: Upgraded.

l/libcap-2.36-x86_64-1.txz: Upgraded.

l/librsvg-2.48.6-x86_64-1.txz: Upgraded.

n/gnutls-3.6.14-x86_64-1.txz: Upgraded.

Fixed insecure session ticket key construction, since 3.6.4. The TLS server

would not bind the session ticket encryption key with a value supplied by

the application until the initial key rotation, allowing attacker to bypass

authentication in TLS 1.3 and recover previous conversations in TLS 1.2.

[GNUTLS-SA-2020-06-03, CVSS: high]

(* Security fix *)

n/iproute2-5.7.0-x86_64-1.txz: Upgraded.

n/iptables-1.8.5-x86_64-1.txz: Upgraded.

xap/audacious-4.0.4-x86_64-1.txz: Upgraded.

xap/audacious-plugins-4.0.4-x86_64-1.txz: Upgraded.

extra/pure-alsa-system/audacious-plugins-4.0.4-x86_64-1_alsa.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Tue Jun 2 19:31:39 UTC 2020

a/hwdata-0.336-noarch-1.txz: Upgraded.

ap/man-db-2.9.2-x86_64-1.txz: Upgraded.

d/git-2.27.0-x86_64-1.txz: Upgraded.

d/perl-5.30.3-x86_64-1.txz: Upgraded.

Upgraded to IO-Socket-SSL-2.068.

d/strace-5.7-x86_64-1.txz: Upgraded.

l/libyaml-0.2.5-x86_64-1.txz: Upgraded.

n/ca-certificates-20200602-noarch-1.txz: Upgraded.

This update provides the latest CA certificates to check for the

authenticity of SSL connections.

n/nghttp2-1.41.0-x86_64-1.txz: Upgraded.

This update fixes a security issue where an overly large HTTP/2 SETTINGS

frame payload causes a denial of service.

For more information, see:

https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11080

(* Security fix *)

n/proftpd-1.3.6d-x86_64-1.txz: Upgraded.

This is a bugfix release:

Fixed issue with FTPS uploads of large files using TLSv1.3 (Issue #959).

x/intel-vaapi-driver-2.4.1-x86_64-1.txz: Upgraded.

+--------------------------+

Mon Jun 1 18:27:22 UTC 2020

a/pciutils-3.7.0-x86_64-1.txz: Upgraded.

l/imagemagick-7.0.10_16-x86_64-1.txz: Upgraded.

l/lcms2-2.10-x86_64-1.txz: Upgraded.

l/netpbm-10.90.03-x86_64-1.txz: Upgraded.

l/qt5-5.15.0-x86_64-1.txz: Upgraded.

n/iptraf-ng-1.2.0-x86_64-1.txz: Upgraded.

xap/gnuchess-6.2.7-x86_64-1.txz: Upgraded.

xap/mozilla-firefox-68.9.0esr-x86_64-1.txz: Upgraded.

This release contains security fixes and improvements.

For more information, see:

https://www.mozilla.org/en-US/firefox/68.9.0/releasenotes/

https://www.mozilla.org/security/advisories/mfsa2020-21/

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410

(* Security fix *)

extra/pure-alsa-system/qt5-5.15.0-x86_64-1_alsa.txz: Upgraded.

+--------------------------+

Sat May 30 21:31:07 UTC 2020

ap/mpg123-1.26.1-x86_64-1.txz: Upgraded.

d/gyp-20200512_caa60026-x86_64-1.txz: Added.

l/Mako-1.1.3-x86_64-1.txz: Upgraded.

l/imagemagick-7.0.10_15-x86_64-1.txz: Upgraded.

l/librsvg-2.48.5-x86_64-1.txz: Upgraded.

l/mozilla-nss-3.53-x86_64-1.txz: Upgraded.

l/vte-0.60.3-x86_64-1.txz: Upgraded.

n/libgpg-error-1.38-x86_64-1.txz: Upgraded.

n/libqmi-1.24.14-x86_64-1.txz: Upgraded.

extra/pure-alsa-system/mpg123-1.26.1-x86_64-1_alsa.txz: Upgraded.

+--------------------------+

Fri May 29 21:27:09 UTC 2020

a/mcelog-170-x86_64-1.txz: Upgraded.

ap/nvme-cli-1.11.2-x86_64-1.txz: Upgraded.

d/python-setuptools-47.1.1-x86_64-1.txz: Upgraded.

l/glib-networking-2.64.3-x86_64-1.txz: Upgraded.

n/NetworkManager-1.24.2-x86_64-1.txz: Upgraded.

n/fetchmail-6.4.6-x86_64-1.txz: Upgraded.

+--------------------------+

Thu May 28 18:20:36 UTC 2020

a/cryptsetup-2.3.3-x86_64-1.txz: Upgraded.

a/kernel-generic-5.4.43-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.43-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.43-x86_64-1.txz: Upgraded.

d/cmake-3.17.3-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.43-x86-1.txz: Upgraded.

d/python-setuptools-47.1.0-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.43-noarch-1.txz: Upgraded.

l/babl-0.1.76-x86_64-1.txz: Upgraded.

n/openssh-8.3p1-x86_64-1.txz: Upgraded.

n/rp-pppoe-3.14-x86_64-1.txz: Upgraded.

x/libdrm-2.4.102-x86_64-1.txz: Upgraded.

x/mesa-20.1.0-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Tue May 26 20:35:03 UTC 2020

ap/mpg123-1.26.0-x86_64-1.txz: Upgraded.

ap/sqlite-3.32.1-x86_64-1.txz: Upgraded.

l/keybinder-0.3.1-x86_64-2.txz: Removed.

l/keybinder3-3.0_0.3.2-x86_64-1.txz: Added.

n/krb5-1.18.2-x86_64-1.txz: Upgraded.

n/mutt-1.14.2-x86_64-1.txz: Upgraded.

xap/gnuplot-5.2.8-x86_64-2.txz: Rebuilt.

Rebuilt with Qt5 (uses anti-aliasing to improve the plot output).

extra/aspell-word-lists/aspell-pt-0.50_2-x86_64-5.txz: Removed.

extra/aspell-word-lists/aspell-pt_PT-20190329_0-x86_64-1.txz: Upgraded.

Thanks to sairum for the link to a better word list.

extra/aspell-word-lists/aspell-pt_PT-preao-20190329_0-x86_64-1.txz: Added.

Thanks to sairum for the link to a better word list.

extra/pure-alsa-system/mpg123-1.26.0-x86_64-1_alsa.txz: Upgraded.

+--------------------------+

Sun May 24 18:35:29 UTC 2020

ap/nano-4.9.3-x86_64-1.txz: Upgraded.

ap/sqlite-3.32.0-x86_64-1.txz: Upgraded.

d/gdb-9.2-x86_64-1.txz: Upgraded.

d/parallel-20200522-noarch-1.txz: Upgraded.

l/imagemagick-7.0.10_14-x86_64-1.txz: Upgraded.

l/libgphoto2-2.5.25-x86_64-1.txz: Upgraded.

n/libksba-1.4.0-x86_64-1.txz: Upgraded.

xfce/thunar-1.8.15-x86_64-1.txz: Upgraded.

+--------------------------+

Sat May 23 00:13:54 UTC 2020

l/libarchive-3.4.3-x86_64-1.txz: Upgraded.

l/python-six-1.15.0-x86_64-1.txz: Upgraded.

l/zstd-1.4.5-x86_64-1.txz: Upgraded.

xap/mozilla-thunderbird-68.8.1-x86_64-1.txz: Upgraded.

This is a bugfix release.

For more information, see:

https://www.mozilla.org/en-US/thunderbird/68.8.1/releasenotes/

+--------------------------+

Fri May 22 04:29:34 UTC 2020

d/Cython-0.29.19-x86_64-1.txz: Upgraded.

kde/kde-workspace-4.11.22-x86_64-9.txz: Rebuilt.

kde-np: by default, do not restrict passwordless login for UIDs below 1000,

but keep the option to do so in the file commented out.

l/ffmpeg-4.2.3-x86_64-1.txz: Upgraded.

l/iso-codes-4.5.0-noarch-1.txz: Upgraded.

l/v4l-utils-1.20.0-x86_64-1.txz: Upgraded.

extra/pure-alsa-system/ffmpeg-4.2.3-x86_64-1_alsa.txz: Upgraded.

+--------------------------+

Wed May 20 23:53:44 UTC 2020

a/kernel-firmware-20200519_8ba6fa6-noarch-1.txz: Upgraded.

a/kernel-generic-5.4.42-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.42-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.42-x86_64-1.txz: Upgraded.

a/util-linux-2.35.2-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.42-x86-1.txz: Upgraded.

d/python-pip-20.1.1-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.42-noarch-1.txz: Upgraded.

l/glib2-2.64.3-x86_64-1.txz: Upgraded.

l/mozilla-nss-3.52.1-x86_64-1.txz: Upgraded.

n/samba-4.12.3-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Tue May 19 19:47:49 UTC 2020

a/shadow-4.8.1-x86_64-8.txz: Rebuilt.

It seems that /etc/suauth is not supported when PAM is in use, even if

configure.ac is hacked to enable it. I've removed the man pages for it,

and would suggest using sudo as a replacement.

l/libexif-0.6.22-x86_64-1.txz: Upgraded.

This update fixes bugs and security issues:

CVE-2018-20030: Fix for recursion DoS

CVE-2020-13114: Time consumption DoS when parsing canon array markers

CVE-2020-13113: Potential use of uninitialized memory

CVE-2020-13112: Various buffer overread fixes due to integer overflows

in maker notes

CVE-2020-0093: read overflow

CVE-2019-9278: replaced integer overflow checks the compiler could

optimize away by safer constructs

CVE-2020-12767: fixed division by zero

CVE-2016-6328: fixed integer overflow when parsing maker notes

CVE-2017-7544: fixed buffer overread

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20030

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13114

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13113

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13112

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0093

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9278

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12767

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6328

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7544

(* Security fix *)

l/oniguruma-6.9.5_rev1-x86_64-2.txz: Rebuilt.

Rebuilt with --enable-posix-api. Thanks to MisterL.

l/python-packaging-20.4-x86_64-1.txz: Upgraded.

n/bind-9.16.3-x86_64-1.txz: Upgraded.

This update fixes a security issue:

A malicious actor who intentionally exploits the lack of effective

limitation on the number of fetches performed when processing referrals

can, through the use of specially crafted referrals, cause a recursing

server to issue a very large number of fetches in an attempt to process

the referral. This has at least two potential effects: The performance of

the recursing server can potentially be degraded by the additional work

required to perform these fetches, and the attacker can exploit this

behavior to use the recursing server as a reflector in a reflection attack

with a high amplification factor.

For more information, see:

https://kb.isc.org/docs/cve-2020-8616

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616

(* Security fix *)

x/fontconfig-2.13.92-x86_64-1.txz: Upgraded.

x/xf86-input-libinput-0.30.0-x86_64-1.txz: Upgraded.

+--------------------------+

Mon May 18 23:30:26 UTC 2020

d/Cython-0.29.18-x86_64-1.txz: Upgraded.

kde/kde-workspace-4.11.22-x86_64-8.txz: Rebuilt.

Added /etc/pam.d/kde-np to fix KDM autologin.

Thanks to USUARIONUEVO for the bug report.

l/gnu-efi-3.0.12-x86_64-1.txz: Upgraded.

+--------------------------+

Mon May 18 19:17:21 UTC 2020

Greetings! After three months in /testing, the PAM merge into the main tree

is now complete. When updating, be sure to install the new pam, cracklib, and

libpwquality packages or you may find yourself locked out of your machine.

Otherwise, these changes should be completely transparent and you shouldn't

notice any obvious operational differences. Be careful if you make any changes

in /etc/pam.d/ - leaving an extra console logged in while testing PAM config

changes is a recommended standard procedure. Thanks again to Robby Workman,

Vincent Batts, Phantom X, and ivandi for help implementing this. It's not

done yet and there will be more fine-tuning of the config files, but now we

can move on to build some other updates. Enjoy!

a/cracklib-2.9.7-x86_64-1.txz: Added.

a/kernel-firmware-20200517_f8d32e4-noarch-1.txz: Upgraded.

a/libcgroup-0.41-x86_64-7.txz: Rebuilt.

Rebuilt to add PAM support.

a/libpwquality-1.4.2-x86_64-1.txz: Added.

a/lilo-24.2-x86_64-9.txz: Rebuilt.

Enable the "compact" option by default.

liloconfig: correctly set the root partition.

a/pam-1.3.1-x86_64-1.txz: Added.

a/shadow-4.8.1-x86_64-7.txz: Rebuilt.

Rebuilt to add PAM support.

a/utempter-1.2.0-x86_64-1.txz: Upgraded.

a/util-linux-2.35.1-x86_64-6.txz: Rebuilt.

Rebuilt to add PAM support.

a/xfsprogs-5.6.0-x86_64-2.txz: Rebuilt.

Recompiled against icu4c-67.1.

ap/at-3.2.1-x86_64-2.txz: Rebuilt.

Rebuilt to add PAM support.

ap/cups-2.3.3-x86_64-2.txz: Rebuilt.

Rebuilt to add PAM support.

ap/hplip-3.20.5-x86_64-2.txz: Rebuilt.

Rebuilt to add PAM support.

ap/mariadb-10.4.13-x86_64-2.txz: Rebuilt.

Rebuilt to add PAM support.

ap/screen-4.8.0-x86_64-2.txz: Rebuilt.

Rebuilt to add PAM support.

ap/soma-3.3.0-noarch-1.txz: Upgraded.

Thanks to David Woodfall.

ap/sqlite-3.31.1-x86_64-2.txz: Rebuilt.

Recompiled against icu4c-67.1.

ap/sudo-1.9.0-x86_64-2.txz: Rebuilt.

Rebuilt to add PAM support.

ap/vim-8.2.0788-x86_64-1.txz: Upgraded.

d/bison-3.6.2-x86_64-1.txz: Upgraded.

d/meson-0.54.2-x86_64-1.txz: Upgraded.

d/python-setuptools-46.4.0-x86_64-1.txz: Upgraded.

d/vala-0.48.6-x86_64-1.txz: Upgraded.

kde/calligra-2.9.11-x86_64-36.txz: Rebuilt.

Recompiled against icu4c-67.1.

kde/kde-workspace-4.11.22-x86_64-7.txz: Rebuilt.

Rebuilt to add PAM support.

l/ConsoleKit2-1.2.1-x86_64-4.txz: Rebuilt.

Rebuilt to add PAM support.

l/boost-1.73.0-x86_64-2.txz: Rebuilt.

Recompiled against icu4c-67.1.

l/gnome-keyring-3.36.0-x86_64-2.txz: Rebuilt.

Rebuilt to add PAM support.

l/harfbuzz-2.6.6-x86_64-2.txz: Rebuilt.

Recompiled against icu4c-67.1.

l/icu4c-67.1-x86_64-1.txz: Upgraded.

Shared library .so-version bump.

l/imagemagick-7.0.10_13-x86_64-1.txz: Upgraded.

l/libcap-2.34-x86_64-2.txz: Rebuilt.

Rebuilt to add PAM support.

l/libical-3.0.8-x86_64-2.txz: Rebuilt.

Recompiled against icu4c-67.1.

l/libuv-1.38.0-x86_64-1.txz: Upgraded.

l/libvisio-0.1.7-x86_64-3.txz: Rebuilt.

Recompiled against icu4c-67.1.

l/polkit-0.116-x86_64-3.txz: Rebuilt.

Rebuilt to add PAM support.

l/qt-4.8.7-x86_64-16.txz: Rebuilt.

Recompiled against icu4c-67.1.

l/qt5-5.13.2-x86_64-4.txz: Rebuilt.

Recompiled against icu4c-67.1.

l/qt5-webkit-5.212.0_alpha4-x86_64-2.txz: Rebuilt.

Recompiled against icu4c-67.1.

l/raptor2-2.0.15-x86_64-9.txz: Rebuilt.

Recompiled against icu4c-67.1.

l/system-config-printer-1.5.12-x86_64-4.txz: Rebuilt.

Rebuilt to add PAM support.

l/vte-0.60.2-x86_64-2.txz: Rebuilt.

Recompiled against icu4c-67.1.

n/cifs-utils-6.10-x86_64-4.txz: Rebuilt.

Rebuilt to add PAM support.

n/cyrus-sasl-2.1.27-x86_64-4.txz: Rebuilt.

Rebuilt to add PAM support.

n/dovecot-2.3.10.1-x86_64-1.txz: Upgraded.

Rebuilt to add PAM support.

Compiled against icu4c-67.1.

This update fixes several denial-of-service vulnerabilities.

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10957

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10958

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10967

(* Security fix *)

n/mutt-1.14.1-x86_64-1.txz: Upgraded.

n/netatalk-3.1.12-x86_64-3.txz: Rebuilt.

Rebuilt to add PAM support.

n/netkit-rsh-0.17-x86_64-3.txz: Rebuilt.

Rebuilt to add PAM support.

n/nss-pam-ldapd-0.9.11-x86_64-1.txz: Added.

n/openssh-8.2p1-x86_64-3.txz: Rebuilt.

Rebuilt to add PAM support.

n/openvpn-2.4.9-x86_64-2.txz: Rebuilt.

Rebuilt to add PAM support.

n/pam-krb5-4.9-x86_64-1.txz: Added.

n/php-7.4.6-x86_64-2.txz: Rebuilt.

Recompiled against icu4c-67.1.

n/popa3d-1.0.3-x86_64-4.txz: Rebuilt.

Rebuilt to add PAM support.

n/postfix-3.5.2-x86_64-1.txz: Upgraded.

Compiled against icu4c-67.1.

n/ppp-2.4.8-x86_64-2.txz: Rebuilt.

Rebuilt to add PAM support.

n/proftpd-1.3.6c-x86_64-2.txz: Rebuilt.

Rebuilt to add PAM support.

n/samba-4.12.2-x86_64-2.txz: Rebuilt.

Rebuilt to add PAM support.

Recompiled against icu4c-67.1.

n/tin-2.4.4-x86_64-2.txz: Rebuilt.

Recompiled against icu4c-67.1.

n/vsftpd-3.0.3-x86_64-6.txz: Rebuilt.

Rebuilt to add PAM support.

t/texlive-2019.190626-x86_64-4.txz: Rebuilt.

Recompiled against icu4c-67.1.

x/vulkan-sdk-1.2.135.0-x86_64-1.txz: Upgraded.

x/xdm-1.1.11-x86_64-10.txz: Rebuilt.

Rebuilt to add PAM support.

x/xisxwayland-1-x86_64-1.txz: Added.

xap/sane-1.0.30-x86_64-1.txz: Upgraded.

This update fixes several security issues.

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12867

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12862

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12863

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12865

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12866

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12861

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12864

(* Security fix *)

xap/vim-gvim-8.2.0788-x86_64-1.txz: Upgraded.

xap/xlockmore-5.63-x86_64-2.txz: Rebuilt.

Rebuilt to add PAM support.

xap/xscreensaver-5.44-x86_64-2.txz: Rebuilt.

Rebuilt to add PAM support.

extra/brltty/brltty-6.1-x86_64-2.txz: Rebuilt.

Recompiled against icu4c-67.1.

extra/pure-alsa-system/qt5-5.13.2-x86_64-4_alsa.txz: Rebuilt.

Recompiled against icu4c-67.1.

isolinux/initrd.img: Rebuilt.

Added PAM libraries, security modules, and config files.

usb-and-pxe-installers/usbboot.img: Rebuilt.

Added PAM libraries, security modules, and config files.

+--------------------------+

Fri May 15 07:28:15 UTC 2020

Hey folks, just a heads-up that PAM is about to be merged into the main tree.

We can't have it blocking other upgrades any longer. The config files could be

improved (adding support for pam_krb5 and pam_ldap, for example), but they'll

do for now. Have a good weekend, and enjoy these updates! :-)

a/aaa_elflibs-15.0-x86_64-23.txz: Rebuilt.

Upgraded: libcap.so.2.34, libelf-0.179.so, liblzma.so.5.2.5,

libglib-2.0.so.0.6400.2, libgmodule-2.0.so.0.6400.2,

libgobject-2.0.so.0.6400.2, libgthread-2.0.so.0.6400.2,

liblber-2.4.so.2.10.13, libldap-2.4.so.2.10.13, libpcre2-8.so.0.10.0.

Added temporarily in preparation for upgrading icu4c: libicudata.so.65.1,

libicui18n.so.65.1, libicuio.so.65.1, libicutest.so.65.1, libicutu.so.65.1,

libicuuc.so.65.1.

a/etc-15.0-x86_64-11.txz: Rebuilt.

/etc/passwd: Added ldap (UID 330).

/etc/group: Added ldap (GID 330).

a/kernel-generic-5.4.41-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.41-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.41-x86_64-1.txz: Upgraded.

a/pkgtools-15.0-noarch-33.txz: Rebuilt.

setup.services: added support for rc.openldap and rc.openvpn.

ap/hplip-3.20.5-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.41-x86-1.txz: Upgraded.

d/python-setuptools-46.3.0-x86_64-1.txz: Upgraded.

d/python3-3.8.3-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.41-noarch-1.txz: Upgraded.

n/openldap-2.4.50-x86_64-1.txz: Added.

This is a complete OpenLDAP package with both client and server support.

Thanks to Giuseppe Di Terlizzi for help with the server parts.

n/openldap-client-2.4.50-x86_64-1.txz: Removed.

x/mesa-20.0.7-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

testing/packages/PAM/hplip-3.20.5-x86_64-1_pam.txz: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Wed May 13 20:01:12 UTC 2020

l/shared-mime-info-2.0-x86_64-2.txz: Rebuilt.

Disable fdatasync() usage.

n/ethtool-5.6-x86_64-1.txz: Upgraded.

+--------------------------+

Tue May 12 23:49:47 UTC 2020

ap/mariadb-10.4.13-x86_64-1.txz: Upgraded.

This update fixes potential denial-of-service vulnerabilities.

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2752

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2812

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2814

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2760

(* Security fix *)

ap/sudo-1.9.0-x86_64-1.txz: Upgraded.

l/harfbuzz-2.6.6-x86_64-1.txz: Upgraded.

l/tidy-html5-5.6.0-x86_64-1.txz: Added.

n/epic5-2.1.2-x86_64-1.txz: Upgraded.

n/php-7.4.6-x86_64-1.txz: Upgraded.

Built using --with-tidy=shared. Thanks to Thom1b.

This update fixes bugs and security issues:

Core: Long variables cause OOM and temp files are not cleaned.

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11048

(* Security fix *)

x/libmypaint-1.6.1-x86_64-1.txz: Upgraded.

Shared library .so-version bump.

xap/gimp-2.10.18-x86_64-2.txz: Rebuilt.

Recompiled against libmypaint-1.6.1.

testing/packages/PAM/mariadb-10.4.13-x86_64-1_pam.txz: Upgraded.

This update fixes potential denial-of-service vulnerabilities.

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2752

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2812

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2814

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2760

(* Security fix *)

testing/packages/PAM/sudo-1.9.0-x86_64-1_pam.txz: Upgraded.

+--------------------------+

Mon May 11 19:13:27 UTC 2020

l/python-appdirs-1.4.4-x86_64-1.txz: Upgraded.

xap/xlockmore-5.63-x86_64-1.txz: Upgraded.

testing/packages/PAM/xlockmore-5.63-x86_64-1_pam.txz: Upgraded.

+--------------------------+

Sun May 10 23:34:28 UTC 2020

a/btrfs-progs-5.6.1-x86_64-1.txz: Upgraded.

a/kernel-generic-5.4.40-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.40-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.40-x86_64-1.txz: Upgraded.

d/bison-3.6.1-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.40-x86-1.txz: Upgraded.

d/python-setuptools-46.2.0-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.40-noarch-1.txz: Upgraded.

l/pcre2-10.35-x86_64-1.txz: Upgraded.

l/shared-mime-info-2.0-x86_64-1.txz: Upgraded.

n/ModemManager-1.12.10-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Sat May 9 20:49:43 UTC 2020

ap/pamixer-1.4-x86_64-5.txz: Rebuilt.

Recompiled against boost-1.73.0.

d/Cython-0.29.17-x86_64-2.txz: Rebuilt.

Added cython3 symlink.

kde/calligra-2.9.11-x86_64-35.txz: Rebuilt.

Recompiled against boost-1.73.0.

l/akonadi-1.13.0-x86_64-15.txz: Rebuilt.

Recompiled against boost-1.73.0.

l/boost-1.73.0-x86_64-1.txz: Upgraded.

Shared library .so-version bump.

l/freetype-2.10.2-x86_64-1.txz: Upgraded.

l/imagemagick-7.0.10_11-x86_64-1.txz: Upgraded.

n/libqmi-1.24.12-x86_64-1.txz: Upgraded.

xap/blueman-2.1.3-x86_64-1.txz: Upgraded.

testing/packages/PAM/pam-krb5-4.9-x86_64-1_pam.txz: Added.

Thanks to Bart van der Hall for the packaging hints.

+--------------------------+

Fri May 8 21:25:24 UTC 2020

a/shadow-4.8.1-x86_64-6.txz: Rebuilt.

Include manpages for sulogin(8).

a/util-linux-2.35.1-x86_64-5.txz: Rebuilt.

ap/sysstat-12.3.3-x86_64-1.txz: Upgraded.

d/bison-3.6-x86_64-1.txz: Upgraded.

l/jansson-2.13.1-x86_64-1.txz: Upgraded.

n/NetworkManager-1.24.0-x86_64-1.txz: Upgraded.

n/fetchmail-6.4.5-x86_64-1.txz: Upgraded.

testing/packages/PAM/shadow-4.8.1-x86_64-6_pam.txz: Rebuilt.

Include manpages for sulogin(8).

Use this version of /bin/su.

testing/packages/PAM/util-linux-2.35.1-x86_64-5_pam.txz: Rebuilt.

Don't use this version of /bin/su.

+--------------------------+

Fri May 8 04:23:14 UTC 2020

a/sysvinit-scripts-2.1-noarch-31.txz: Rebuilt.

rc.M: start rc.nss-pam-ldapd.

d/rust-1.43.1-x86_64-1.txz: Upgraded.

l/netpbm-10.90.02-x86_64-1.txz: Upgraded.

testing/packages/PAM/nss-pam-ldapd-0.9.11-x86_64-1_pam.txz: Added.

testing/packages/gcc10/gcc-10.1.0-x86_64-1.txz: Added.

Shared library .so-version bump.

testing/packages/gcc10/gcc-brig-10.1.0-x86_64-1.txz: Added.

testing/packages/gcc10/gcc-g++-10.1.0-x86_64-1.txz: Added.

testing/packages/gcc10/gcc-gdc-10.1.0-x86_64-1.txz: Added.

testing/packages/gcc10/gcc-gfortran-10.1.0-x86_64-1.txz: Added.

testing/packages/gcc10/gcc-gnat-10.1.0-x86_64-1.txz: Added.

testing/packages/gcc10/gcc-go-10.1.0-x86_64-1.txz: Added.

Shared library .so-version bump.

testing/packages/gcc10/gcc-objc-10.1.0-x86_64-1.txz: Added.

+--------------------------+

Thu May 7 01:30:11 UTC 2020

a/kernel-generic-5.4.39-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.39-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.39-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.39-x86-1.txz: Upgraded.

k/kernel-source-5.4.39-noarch-1.txz: Upgraded.

HUGETLBFS n -> y

JUMP_LABEL n -> y

+CGROUP_HUGETLB n

+HUGETLB_PAGE y

+STATIC_KEYS_SELFTEST n

Thanks to camerabambai.

l/libspectre-0.2.9-x86_64-1.txz: Upgraded.

l/pygobject3-3.36.1-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Tue May 5 20:21:27 UTC 2020

a/hwdata-0.335-noarch-1.txz: Upgraded.

ap/tmux-3.1b-x86_64-1.txz: Upgraded.

l/libcap-2.34-x86_64-1.txz: Upgraded.

n/mutt-1.14.0-x86_64-1.txz: Upgraded.

n/nfs-utils-2.4.3-x86_64-3.txz: Rebuilt.

Added /var/lib/nfs/nfsdcltrack database directory for nfsdcltrack.

Thanks to upnort.

x/xterm-356-x86_64-1.txz: Upgraded.

xap/NetworkManager-openvpn-1.8.12-x86_64-1.txz: Added.

Thanks to Robby Workman.

xap/mozilla-firefox-68.8.0esr-x86_64-1.txz: Upgraded.

This release contains security fixes and improvements.

For more information, see:

https://www.mozilla.org/en-US/firefox/68.8.0/releasenotes/

https://www.mozilla.org/security/advisories/mfsa2020-17/

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12387

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12388

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12389

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6831

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12392

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12393

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12395

(* Security fix *)

xap/mozilla-thunderbird-68.8.0-x86_64-1.txz: Upgraded.

This release contains security fixes and improvements.

For more information, see:

https://www.mozilla.org/en-US/thunderbird/68.8.0/releasenotes/

(* Security fix *)

testing/packages/PAM/libcap-2.34-x86_64-1_pam.txz: Upgraded.

+--------------------------+

Sun May 3 06:47:41 UTC 2020

a/kernel-generic-5.4.38-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.38-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.38-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.38-x86-1.txz: Upgraded.

d/mercurial-5.4-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.38-noarch-1.txz: Upgraded.

l/mozilla-nss-3.52-x86_64-1.txz: Upgraded.

l/python-distro-1.5.0-x86_64-1.txz: Upgraded.

l/python-pillow-7.1.2-x86_64-1.txz: Upgraded.

l/v4l-utils-1.18.1-x86_64-1.txz: Upgraded.

xap/seamonkey-2.53.2-x86_64-1.txz: Upgraded.

This update contains security fixes and improvements.

For more information, see:

https://www.seamonkey-project.org/releases/seamonkey2.53.2

(* Security fix *)

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Fri May 1 18:05:38 UTC 2020

a/cryptsetup-2.3.2-x86_64-1.txz: Upgraded.

a/sysvinit-scripts-2.1-noarch-30.txz: Rebuilt.

rc.S: contents of mounts below /run or /var/run should be visible in both

/run and /var/run. Thanks to Markus Wiesner.

d/Cython-0.29.17-x86_64-1.txz: Upgraded.

Dropped python2 support.

d/python-pip-20.1-x86_64-1.txz: Upgraded.

Dropped python2 support.

d/python-setuptools-46.1.3-x86_64-1.txz: Upgraded.

Dropped python2 support.

l/M2Crypto-0.35.2-x86_64-5.txz: Rebuilt.

Dropped python2 support.

l/Mako-1.1.2-x86_64-2.txz: Rebuilt.

Dropped python2 support.

l/gsettings-desktop-schemas-3.36.1-x86_64-1.txz: Upgraded.

l/libzip-1.6.1-x86_64-2.txz: Rebuilt.

Recompiled against nettle-3.6.

l/oniguruma-6.9.5_rev1-x86_64-1.txz: Upgraded.

l/pycairo-1.19.1-x86_64-1.txz: Upgraded.

Dropped python2 support.

l/pycups-2.0.1-x86_64-1.txz: Upgraded.

Dropped python2 support.

l/pycurl-7.43.0.5-x86_64-1.txz: Upgraded.

Dropped python2 support.

l/pyparsing-2.4.7-x86_64-1.txz: Upgraded.

Dropped python2 support.

l/python-appdirs-1.4.3-x86_64-5.txz: Rebuilt.

Dropped python2 support.

l/python-certifi-2020.4.5.1-x86_64-1.txz: Upgraded.

Dropped python2 support.

l/python-chardet-3.0.4-x86_64-5.txz: Rebuilt.

Dropped python2 support.

l/python-docutils-0.16-x86_64-3.txz: Rebuilt.

Dropped python2 support.

l/python-enum34-1.1.10-x86_64-1.txz: Removed.

l/python-future-0.18.2-x86_64-2.txz: Rebuilt.

Dropped python2 support.

l/python-idna-2.9-x86_64-2.txz: Rebuilt.

Dropped python2 support.

l/python-notify2-0.3.1-x86_64-5.txz: Rebuilt.

Dropped python2 support.

l/python-packaging-20.3-x86_64-2.txz: Rebuilt.

Dropped python2 support.

l/python-ply-3.11-x86_64-3.txz: Rebuilt.

Dropped python2 support.

l/python-pygments-2.6.1-x86_64-1.txz: Upgraded.

Dropped python2 support.

l/python-requests-2.23.0-x86_64-2.txz: Rebuilt.

Dropped python2 support.

l/python-sane-2.8.3-x86_64-5.txz: Rebuilt.

Dropped python2 support.

l/python-six-1.14.0-x86_64-2.txz: Rebuilt.

Dropped python2 support.

l/python-urllib3-1.25.9-x86_64-1.txz: Upgraded.

Dropped python2 support.

l/python2-module-collection-2.7.18-x86_64-1.txz: Added.

Time to quarantine these python2 modules and pin the versions where they

are (or in the case of setuptools, downgrade to the last version that doesn't

complain). This will keep most of the standard python2 add-ons in one package

so that we can upgrade modules for python3 without having to worry about

python2 support getting dropped upstream.

n/dnsmasq-2.81-x86_64-2.txz: Rebuilt.

Recompiled against nettle-3.6.

n/gnutls-3.6.13-x86_64-2.txz: Rebuilt.

Recompiled against nettle-3.6.

n/nettle-3.6-x86_64-1.txz: Upgraded.

Shared library .so-version bump.

x/mesa-20.0.6-x86_64-1.txz: Upgraded.

x/pyxdg-0.26-x86_64-3.txz: Rebuilt.

Dropped python2 support.

x/ttf-tlwg-0.7.2-noarch-1.txz: Upgraded.

x/xorg-server-1.20.8-x86_64-2.txz: Rebuilt.

Recompiled against nettle-3.6.

x/xorg-server-xephyr-1.20.8-x86_64-2.txz: Rebuilt.

Recompiled against nettle-3.6.

x/xorg-server-xnest-1.20.8-x86_64-2.txz: Rebuilt.

Recompiled against nettle-3.6.

x/xorg-server-xvfb-1.20.8-x86_64-2.txz: Rebuilt.

Recompiled against nettle-3.6.

x/xorg-server-xwayland-1.20.8-x86_64-2.txz: Rebuilt.

Recompiled against nettle-3.6.

x/xterm-355-x86_64-1.txz: Upgraded.

xap/rdesktop-1.9.0-x86_64-2.txz: Rebuilt.

Recompiled against nettle-3.6.

extra/tigervnc/tigervnc-1.10.1-x86_64-3.txz: Rebuilt.

Recompiled against nettle-3.6.

+--------------------------+

Thu Apr 30 04:58:02 UTC 2020

a/kernel-generic-5.4.36-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.36-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.36-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.36-x86-1.txz: Upgraded.

k/kernel-source-5.4.36-noarch-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Wed Apr 29 20:19:12 UTC 2020

ap/tmux-3.1a-x86_64-1.txz: Upgraded.

d/cmake-3.17.2-x86_64-1.txz: Upgraded.

n/curl-7.70.0-x86_64-1.txz: Upgraded.

n/openldap-client-2.4.50-x86_64-1.txz: Upgraded.

xap/audacious-4.0.3-x86_64-1.txz: Upgraded.

xap/audacious-plugins-4.0.3-x86_64-1.txz: Upgraded.

extra/pure-alsa-system/audacious-plugins-4.0.3-x86_64-1_alsa.txz: Upgraded.

+--------------------------+

Tue Apr 28 20:18:40 UTC 2020

ap/cups-2.3.3-x86_64-1.txz: Upgraded.

This update fixes two security issues:

The ppdOpen function did not handle invalid UI constraint.

ppdcSource::get_resolution function did not handle invalid resolution strings.

The ippReadIO function may under-read an extension.

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3898

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842

(* Security fix *)

l/imagemagick-7.0.10_10-x86_64-1.txz: Upgraded.

n/samba-4.12.2-x86_64-1.txz: Upgraded.

This update fixes two security issues:

A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a

use-after-free in Samba's AD DC LDAP server.

A deeply nested filter in an un-authenticated LDAP search can exhaust the

LDAP server's stack memory causing a SIGSEGV.

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10700

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10704

(* Security fix *)

testing/packages/PAM/cups-2.3.3-x86_64-1_pam.txz: Upgraded.

This update fixes two security issues:

The ppdOpen function did not handle invalid UI constraint.

ppdcSource::get_resolution function did not handle invalid resolution strings.

The ippReadIO function may under-read an extension.

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3898

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842

(* Security fix *)

testing/packages/PAM/samba-4.12.2-x86_64-1_pam.txz: Upgraded.

This update fixes two security issues:

A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a

use-after-free in Samba's AD DC LDAP server.

A deeply nested filter in an un-authenticated LDAP search can exhaust the

LDAP server's stack memory causing a SIGSEGV.

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10700

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10704

(* Security fix *)

+--------------------------+

Mon Apr 27 20:27:30 UTC 2020

a/mkinitrd-1.4.11-x86_64-15.txz: Rebuilt.

Use the standard mktemp utility from GNU coreutils, not the old tempfile.

d/help2man-1.47.15-x86_64-1.txz: Upgraded.

l/aspell-en-2019.10.06_0-x86_64-1.txz: Upgraded.

l/gtk+3-3.24.20-x86_64-1.txz: Upgraded.

l/imagemagick-7.0.10_9-x86_64-1.txz: Upgraded.

n/irssi-1.2.2-x86_64-2.txz: Rebuilt.

Fixed ctrl-space killing input with recent glib.

Thanks to tramtrist and Urchlay.

x/xterm-354-x86_64-1.txz: Upgraded.

extra/aspell-word-lists/aspell-de-20161207_7_0-x86_64-1.txz: Upgraded.

extra/aspell-word-lists/aspell-ga-5.1_0-x86_64-1.txz: Upgraded.

extra/aspell-word-lists/aspell-it-2.4_20070901_0-x86_64-1.txz: Upgraded.

extra/aspell-word-lists/aspell-ml-0.04_1-x86_64-1.txz: Upgraded.

extra/aspell-word-lists/aspell-pl-6.0_20200327_0-x86_64-1.txz: Upgraded.

extra/aspell-word-lists/aspell-pt_BR-20131030_12_0-x86_64-1.txz: Upgraded.

extra/aspell-word-lists/aspell-pt_PT-20190329_1_0-x86_64-1.txz: Upgraded.

extra/aspell-word-lists/aspell-sk-2.02_0-x86_64-1.txz: Upgraded.

extra/aspell-word-lists/aspell-tl-0.4_0-x86_64-1.txz: Upgraded.

+--------------------------+

Sun Apr 26 18:28:01 UTC 2020

d/meson-0.54.1-x86_64-1.txz: Upgraded.

l/vte-0.60.2-x86_64-1.txz: Upgraded.

n/fetchmail-6.4.4-x86_64-1.txz: Upgraded.

n/s-nail-14.9.19-x86_64-1.txz: Upgraded.

+--------------------------+

Sun Apr 26 03:34:28 UTC 2020

d/rust-1.43.0-x86_64-2.txz: Rebuilt.

Patched and recompiled with the system LLVM 10 instead of the bundled LLVM 9.

+--------------------------+

Sat Apr 25 18:49:34 UTC 2020

a/glibc-zoneinfo-2020a-noarch-1.txz: Upgraded.

This package provides the latest timezone updates.

a/kernel-firmware-20200424_b2cad6a-noarch-1.txz: Upgraded.

ap/vim-8.2.0639-x86_64-1.txz: Upgraded.

d/clisp-2.50_20191103_c26de7873-x86_64-2.txz: Rebuilt.

Upgraded to libffcall-2.2.

Patched to fix undefined symbol errors in rawsock and other modules.

Thanks to badbetty for the bug report and Jerry James for the patch.

d/help2man-1.47.14-x86_64-1.txz: Upgraded.

l/PyQt5-5.13.2-x86_64-2.txz: Rebuilt.

Added python2 modules, as Plasma 5 needs these for now.

We will eliminate python2 as soon as possible, but not sooner.

l/dconf-editor-3.36.2-x86_64-1.txz: Upgraded.

l/imagemagick-7.0.10_8-x86_64-1.txz: Upgraded.

l/python-enum34-1.1.10-x86_64-1.txz: Added.

This is needed for python2 support in PyQt5.

xap/vim-gvim-8.2.0639-x86_64-1.txz: Upgraded.

+--------------------------+

Fri Apr 24 18:54:41 UTC 2020

a/bash-5.0.017-x86_64-1.txz: Upgraded.

a/kernel-generic-5.4.35-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.35-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.35-x86_64-1.txz: Upgraded.

a/mcelog-169-x86_64-1.txz: Upgraded.

ap/nvme-cli-1.11.1-x86_64-1.txz: Upgraded.

ap/powertop-2.12-x86_64-1.txz: Upgraded.

ap/tmux-3.1-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.35-x86-1.txz: Upgraded.

d/parallel-20200422-noarch-1.txz: Upgraded.

d/rust-1.43.0-x86_64-1.txz: Upgraded.

d/vala-0.48.5-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.35-noarch-1.txz: Upgraded.

l/gmm-5.4-noarch-1.txz: Upgraded.

l/librsvg-2.48.4-x86_64-1.txz: Upgraded.

l/sip-4.19.22-x86_64-1.txz: Upgraded.

n/dhcpcd-8.1.9-x86_64-1.txz: Upgraded.

x/mesa-20.0.5-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Wed Apr 22 02:19:37 UTC 2020

a/kernel-firmware-20200421_78c0348-noarch-1.txz: Upgraded.

a/kernel-generic-5.4.34-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.34-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.34-x86_64-1.txz: Upgraded.

a/openssl-solibs-1.1.1g-x86_64-1.txz: Upgraded.

d/git-2.26.2-x86_64-1.txz: Upgraded.

This update fixes a security issue:

With a crafted URL that contains a newline or empty host, or lacks

a scheme, the credential helper machinery can be fooled into

providing credential information that is not appropriate for the

protocol in use and host being contacted.

Unlike the vulnerability CVE-2020-5260 fixed in v2.17.4, the

credentials are not for a host of the attacker's choosing; instead,

they are for some unspecified host (based on how the configured

credential helper handles an absent "host" parameter).

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11008

(* Security fix *)

d/kernel-headers-5.4.34-x86-1.txz: Upgraded.

d/vala-0.48.4-x86_64-1.txz: Upgraded.

k/kernel-source-5.4.34-noarch-1.txz: Upgraded.

INFINIBAND_CXGB3 n -> m

INFINIBAND_IPOIB_CM n -> y

INFINIBAND_IPOIB_DEBUG_DATA n -> y

Thanks to Karl Magnus KolstÃ¸.

l/M2Crypto-0.35.2-x86_64-4.txz: Rebuilt.

Don't package typing-3.7.4.1 for python3.

l/netpbm-10.90.01-x86_64-1.txz: Upgraded.

n/openssl-1.1.1g-x86_64-1.txz: Upgraded.

This update fixes a security issue:

Fixed segmentation fault in SSL_check_chain() that could be exploited by a

malicious peer in a Denial of Service attack.

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967

(* Security fix *)

x/libva-2.7.1-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

testing/packages/PAM/openvpn-2.4.9-x86_64-1_pam.txz: Upgraded.

This update fixes a security issue:

Fix illegal client float. Thanks to Lev Stipakov.

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11810

(* Security fix *)

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Tue Apr 21 02:45:06 UTC 2020

d/python-2.7.17-x86_64-2.txz: Removed.

d/python2-2.7.18-x86_64-1.txz: Added.

OK, I know a few people got excited seeing python-2 removed in the previous

entry, but it's just being renamed to python2 for consistency with the

python3 package. It's DOA though, and is the final release of the already EOL

python 2 branch (a "commemorative" release as they say in the announcement).

l/M2Crypto-0.35.2-x86_64-3.txz: Rebuilt.

Added python3 modules. Thanks to sombragris and ponce.

l/harfbuzz-2.6.5-x86_64-1.txz: Upgraded.

l/imagemagick-7.0.10_7-x86_64-1.txz: Upgraded.

l/libuv-1.37.0-x86_64-1.txz: Upgraded.

l/libyaml-0.2.4-x86_64-1.txz: Upgraded.

l/oniguruma-6.9.5-x86_64-1.txz: Upgraded.

x/pixman-0.40.0-x86_64-1.txz: Upgraded.

+--------------------------+

Sun Apr 19 21:06:43 UTC 2020

l/neon-0.31.1-x86_64-1.txz: Upgraded.

n/postfix-3.5.1-x86_64-1.txz: Upgraded.

n/s-nail-14.9.18-x86_64-1.txz: Upgraded.

xap/gnuchess-6.2.6-x86_64-1.txz: Upgraded.

+--------------------------+

Fri Apr 17 21:38:36 UTC 2020

a/kernel-firmware-20200417_6314fa0-noarch-1.txz: Upgraded.

a/kernel-generic-5.4.33-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.33-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.33-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.33-x86-1.txz: Upgraded.

k/kernel-source-5.4.33-noarch-1.txz: Upgraded.

l/adwaita-icon-theme-3.36.1-noarch-1.txz: Upgraded.

l/libuv-1.36.0-x86_64-2.txz: Rebuilt.

Revert commits that cause BIND to crash. Thanks to Markus Wiesner.

l/wavpack-5.3.0-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Fri Apr 17 04:03:54 UTC 2020

ap/rpm-4.15.1-x86_64-3.txz: Rebuilt.

Dropped python2 modules.

l/libcaca-0.99.beta19-x86_64-6.txz: Rebuilt.

Dropped python2 modules.

l/libuv-1.36.0-x86_64-1.txz: Upgraded.

l/libwebp-1.1.0-x86_64-2.txz: Rebuilt.

Dropped python2 modules.

l/python-distro-1.4.0-x86_64-2.txz: Rebuilt.

Dropped python2 modules.

l/python-docutils-0.16-x86_64-2.txz: Rebuilt.

Replace /usr/bin scripts with python3 versions.

l/system-config-printer-1.5.12-x86_64-3.txz: Rebuilt.

Dropped python2 modules.

n/openvpn-2.4.9-x86_64-1.txz: Upgraded.

This update fixes a security issue:

Fix illegal client float. Thanks to Lev Stipakov.

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11810

(* Security fix *)

extra/xf86-video-nouveau-blacklist/xf86-video-nouveau-blacklist-1.0-noarch-1.txz: Added.

If it is easier for people using slackpkg to leave xf86-video-nouveau

installed and change the name of this package from xf86-video-nouveau to

xf86-video-nouveau-blacklist with a $VERSION of 1.0, then so be it.

extra/xf86-video-nouveau-blacklist/xf86-video-nouveau-blacklist-noarch-1.txz: Removed.

+--------------------------+

Wed Apr 15 19:52:52 UTC 2020

a/xfsprogs-5.6.0-x86_64-1.txz: Upgraded.

l/gtk+3-3.24.18-x86_64-2.txz: Rebuilt.

Fixed the version number embedded in pkg-config files and elsewhere.

Thanks to davjohn for the bug report.

n/bind-9.16.2-x86_64-1.txz: Upgraded.

This update fixes a security issue:

DNS rebinding protection was ineffective when BIND 9 is configured as a

forwarding DNS server. Found and responsibly reported by Tobias Klein.

[GL #1574]

(* Security fix *)

+--------------------------+

Tue Apr 14 22:26:11 UTC 2020

a/gawk-5.1.0-x86_64-1.txz: Upgraded.

a/gettext-0.20.2-x86_64-1.txz: Upgraded.

d/gettext-tools-0.20.2-x86_64-1.txz: Upgraded.

d/git-2.26.1-x86_64-1.txz: Upgraded.

This update fixes a security issue:

With a crafted URL that contains a newline in it, the credential helper

machinery can be fooled to give credential information for a wrong host.

The attack has been made impossible by forbidding a newline character in

any value passed via the credential protocol. Credit for finding the

vulnerability goes to Felix Wilhelm of Google Project Zero.

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5260

(* Security fix *)

l/glib-networking-2.64.2-x86_64-1.txz: Upgraded.

l/libsecret-0.20.3-x86_64-1.txz: Upgraded.

n/php-7.4.5-x86_64-1.txz: Upgraded.

x/xorgproto-2020.1-x86_64-1.txz: Upgraded.

xap/audacious-4.0.2-x86_64-1.txz: Upgraded.

xap/audacious-plugins-4.0.2-x86_64-1.txz: Upgraded.

extra/pure-alsa-system/audacious-plugins-4.0.2-x86_64-1_alsa.txz: Upgraded.

+--------------------------+

Mon Apr 13 22:16:49 UTC 2020

a/kernel-firmware-20200413_64dba0f-noarch-1.txz: Upgraded.

a/kernel-generic-5.4.32-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.32-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.32-x86_64-1.txz: Upgraded.

d/doxygen-1.8.18-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.32-x86-1.txz: Upgraded.

k/kernel-source-5.4.32-noarch-1.txz: Upgraded.

n/dhcpcd-8.1.8-x86_64-1.txz: Upgraded.

x/libvdpau-1.4-x86_64-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.

kernels/*: Upgraded.

usb-and-pxe-installers/usbboot.img: Rebuilt.

+--------------------------+

Sun Apr 12 20:02:28 UTC 2020

ap/man-pages-5.06-noarch-1.txz: Upgraded.

l/libyaml-0.2.3-x86_64-1.txz: Upgraded.

n/dnsmasq-2.81-x86_64-1.txz: Upgraded.

x/libinput-1.15.5-x86_64-1.txz: Upgraded.

+--------------------------+

Fri Apr 10 20:33:06 UTC 2020

ap/cups-filters-1.27.4-x86_64-1.txz: Upgraded.

ap/qpdf-10.0.1-x86_64-1.txz: Upgraded.

ap/sysstat-12.3.2-x86_64-1.txz: Upgraded.

l/gtk+3-3.24.18-x86_64-1.txz: Upgraded.

l/librsvg-2.48.3-x86_64-1.txz: Upgraded.

n/libqmi-1.24.10-x86_64-1.txz: Upgraded.

n/libtirpc-1.2.6-x86_64-1.txz: Upgraded.

+--------------------------+

Thu Apr 9 22:20:10 UTC 2020

d/cmake-3.17.1-x86_64-1.txz: Upgraded.

l/glib2-2.64.2-x86_64-1.txz: Upgraded.

l/libssh-0.9.4-x86_64-1.txz: Upgraded.

Fixed possible DoS in client and server when handling AES-CTR keys

with OpenSSL.

For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1730

(* Security fix *)

+--------------------------+

Thu Apr 9 00:53:59 UTC 2020

a/kernel-generic-5.4.31-x86_64-1.txz: Upgraded.

a/kernel-huge-5.4.31-x86_64-1.txz: Upgraded.

a/kernel-modules-5.4.31-x86_64-1.txz: Upgraded.

d/kernel-headers-5.4.31-x86-1.txz: Upgraded.

k/kernel-source-5