Code: Select all
Mon Aug 1 23:30:59 UTC 2022
a/cryptsetup-2.5.0-x86_64-2.txz: Rebuilt.
Use file descriptor 3 in rc.luks's main loop so that sdtin works properly for
cryptsetup and/or a keyscript. PiterPunk gave it to me like this and then I
proceeded to break it. Sorry about that.
+--------------------------+
Mon Aug 1 19:55:53 UTC 2022
a/cryptsetup-2.5.0-x86_64-1.txz: Upgraded.
Added rc.luks startup script called from rc.S.
Added support in /etc/crypttab for handling a keyscript.
Thanks to PiterPunk.
a/kernel-generic-5.19.0-x86_64-1.txz: Upgraded.
a/kernel-huge-5.19.0-x86_64-1.txz: Upgraded.
a/kernel-modules-5.19.0-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-15.1-noarch-1.txz: Upgraded.
rc.S: call the new rc.luks script to unlock encrypted partitions.
Thanks to PiterPunk.
rc.6: update $PATH hashes after unmounting remote filesystems.
Thanks to PiterPunk.
d/kernel-headers-5.19.0-x86-1.txz: Upgraded.
d/scons-4.4.0-x86_64-1.txz: Upgraded.
k/kernel-source-5.19.0-noarch-1.txz: Upgraded.
kde/kmymoney-5.1.3-x86_64-1.txz: Upgraded.
l/harfbuzz-5.1.0-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.0_45-x86_64-1.txz: Upgraded.
l/libbluray-1.3.2-x86_64-1.txz: Upgraded.
n/fetchmail-6.4.32-x86_64-2.txz: Rebuilt.
xap/mozilla-firefox-103.0.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/103.0.1/releasenotes/
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Fri Jul 29 19:59:03 UTC 2022
a/dialog-1.3_20220728-x86_64-1.txz: Upgraded.
a/kernel-generic-5.18.15-x86_64-1.txz: Upgraded.
a/kernel-huge-5.18.15-x86_64-1.txz: Upgraded.
a/kernel-modules-5.18.15-x86_64-1.txz: Upgraded.
ap/vim-9.0.0107-x86_64-1.txz: Upgraded.
d/cmake-3.23.3-x86_64-1.txz: Upgraded.
d/kernel-headers-5.18.15-x86-1.txz: Upgraded.
k/kernel-source-5.18.15-noarch-1.txz: Upgraded.
kde/kstars-3.6.0-x86_64-1.txz: Upgraded.
n/gnutls-3.7.7-x86_64-1.txz: Upgraded.
libgnutls: Fixed double free during verification of pkcs7 signatures.
Reported by Jaak Ristioja.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509
(* Security fix *)
xap/freerdp-2.8.0-x86_64-1.txz: Upgraded.
xap/vim-gvim-9.0.0107-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Thu Jul 28 23:48:36 UTC 2022
a/sysklogd-2.4.0-x86_64-1.txz: Upgraded.
ap/inxi-3.3.20_1-noarch-1.txz: Upgraded.
d/mercurial-6.2.1-x86_64-1.txz: Upgraded.
n/nettle-3.8.1-x86_64-1.txz: Upgraded.
x/libwacom-2.4.0-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-102.1.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.1.0/releasenotes/
https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird102.1
(* Security fix *)
xap/xsnow-3.5.1-x86_64-1.txz: Upgraded.
+--------------------------+
Wed Jul 27 19:17:38 UTC 2022
l/tevent-0.13.0-x86_64-1.txz: Upgraded.
n/samba-4.16.4-x86_64-1.txz: Upgraded.
This update fixes the following security issues:
Samba AD users can bypass certain restrictions associated with changing
passwords.
Samba AD users can forge password change requests for any user.
Samba AD users can crash the server process with an LDAP add or modify
request.
Samba AD users can induce a use-after-free in the server process with an
LDAP add or modify request.
Server memory information leak via SMB1.
For more information, see:
https://www.samba.org/samba/security/CVE-2022-2031.html
https://www.samba.org/samba/security/CVE-2022-32744.html
https://www.samba.org/samba/security/CVE-2022-32745.html
https://www.samba.org/samba/security/CVE-2022-32746.html
https://www.samba.org/samba/security/CVE-2022-32742.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742
(* Security fix *)
+--------------------------+
Tue Jul 26 19:27:53 UTC 2022
a/etc-15.1-x86_64-1.txz: Upgraded.
Fixed install script to avoid a warning from chown that "." should be ":".
a/kernel-firmware-20220725_150864a-noarch-1.txz: Upgraded.
a/tar-1.34-x86_64-2.txz: Rebuilt.
Sergey Poznyakoff added options to GNU tar back in 2013 to make it possible
to use it in the pkgtools, and with help from gnashley and ruario we
switched to using the latest version of tar in makepkg over 4 years ago.
Still, we kept the old tar-1.13 around. It's finally time to let go of this
old artifact. Farewell tar-1.13, thanks for everything. :-)
l/gnome-keyring-42.1-x86_64-1.txz: Upgraded.
l/harfbuzz-5.0.1-x86_64-1.txz: Upgraded.
l/iso-codes-4.11.0-noarch-1.txz: Upgraded.
n/mobile-broadband-provider-info-20220725-x86_64-1.txz: Upgraded.
+--------------------------+
Mon Jul 25 20:53:49 UTC 2022
d/perl-5.36.0-x86_64-2.txz: Rebuilt.
Upgraded to URI-5.12.
Added a symlink to libperl.so in /usr/${LIBDIRSUFFIX} since net-snmp (and
possibly other programs) might have trouble linking with it since it's not
in the LD_LIBRARY_PATH. Thanks to oneforall.
d/poke-2.4-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.0_44-x86_64-1.txz: Upgraded.
n/bluez-5.65-x86_64-1.txz: Upgraded.
n/proftpd-1.3.7e-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-103.0-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/103.0/releasenotes/
(* Security fix *)
+--------------------------+
Sun Jul 24 22:00:30 UTC 2022
a/kernel-generic-5.18.14-x86_64-1.txz: Upgraded.
a/kernel-huge-5.18.14-x86_64-1.txz: Upgraded.
a/kernel-modules-5.18.14-x86_64-1.txz: Upgraded.
d/kernel-headers-5.18.14-x86-1.txz: Upgraded.
d/parallel-20220722-noarch-1.txz: Upgraded.
k/kernel-source-5.18.14-noarch-1.txz: Upgraded.
+CC_HAS_RETURN_THUNK y
+CPU_IBPB_ENTRY y
+CPU_IBRS_ENTRY y
+CPU_UNRET_ENTRY y
+RETHUNK y
+SPECULATION_MITIGATIONS y
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Fri Jul 22 18:32:37 UTC 2022
a/kernel-generic-5.18.13-x86_64-1.txz: Upgraded.
a/kernel-huge-5.18.13-x86_64-1.txz: Upgraded.
a/kernel-modules-5.18.13-x86_64-1.txz: Upgraded.
d/kernel-headers-5.18.13-x86-1.txz: Upgraded.
k/kernel-source-5.18.13-noarch-1.txz: Upgraded.
l/mozilla-nss-3.81-x86_64-1.txz: Upgraded.
x/xdg-desktop-portal-1.14.5-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Thu Jul 21 18:13:18 UTC 2022
ap/sqlite-3.39.2-x86_64-1.txz: Upgraded.
n/net-snmp-5.9.3-x86_64-1.txz: Upgraded.
This update fixes security issues:
A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause
an out-of-bounds memory access.
A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL
pointer dereference.
Improper Input Validation when SETing malformed OIDs in master agent and
subagent simultaneously.
A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable
can cause an out-of-bounds memory access.
A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a
NULL pointer dereference.
A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer
dereference.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810
(* Security fix *)
x/libxcvt-0.1.2-x86_64-1.txz: Upgraded.
+--------------------------+
Code: Select all
Mon Aug 1 23:30:59 UTC 2022
a/cryptsetup-2.5.0-i586-2.txz: Rebuilt.
Use file descriptor 3 in rc.luks's main loop so that sdtin works properly for
cryptsetup and/or a keyscript. PiterPunk gave it to me like this and then I
proceeded to break it. Sorry about that.
+--------------------------+
Mon Aug 1 19:55:53 UTC 2022
a/cryptsetup-2.5.0-i586-1.txz: Upgraded.
Added rc.luks startup script called from rc.S.
Added support in /etc/crypttab for handling a keyscript.
Thanks to PiterPunk.
a/kernel-generic-5.19.0-i586-1.txz: Upgraded.
a/kernel-generic-smp-5.19.0_smp-i686-1.txz: Upgraded.
a/kernel-huge-5.19.0-i586-1.txz: Upgraded.
a/kernel-huge-smp-5.19.0_smp-i686-1.txz: Upgraded.
a/kernel-modules-5.19.0-i586-1.txz: Upgraded.
a/kernel-modules-smp-5.19.0_smp-i686-1.txz: Upgraded.
a/sysvinit-scripts-15.1-noarch-1.txz: Upgraded.
rc.S: call the new rc.luks script to unlock encrypted partitions.
Thanks to PiterPunk.
rc.6: update $PATH hashes after unmounting remote filesystems.
Thanks to PiterPunk.
d/kernel-headers-5.19.0_smp-x86-1.txz: Upgraded.
d/scons-4.4.0-i586-1.txz: Upgraded.
k/kernel-source-5.19.0_smp-noarch-1.txz: Upgraded.
kde/kmymoney-5.1.3-i586-1.txz: Upgraded.
l/harfbuzz-5.1.0-i586-1.txz: Upgraded.
l/imagemagick-7.1.0_45-i586-1.txz: Upgraded.
l/libbluray-1.3.2-i586-1.txz: Upgraded.
n/fetchmail-6.4.32-i586-2.txz: Rebuilt.
xap/mozilla-firefox-103.0.1-i686-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/103.0.1/releasenotes/
extra/linux-5.19.0-nosmp-sdk/*: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Fri Jul 29 19:59:03 UTC 2022
a/dialog-1.3_20220728-i586-1.txz: Upgraded.
a/kernel-generic-5.18.15-i586-1.txz: Upgraded.
a/kernel-generic-smp-5.18.15_smp-i686-1.txz: Upgraded.
a/kernel-huge-5.18.15-i586-1.txz: Upgraded.
a/kernel-huge-smp-5.18.15_smp-i686-1.txz: Upgraded.
a/kernel-modules-5.18.15-i586-1.txz: Upgraded.
a/kernel-modules-smp-5.18.15_smp-i686-1.txz: Upgraded.
ap/vim-9.0.0107-i586-1.txz: Upgraded.
d/cmake-3.23.3-i586-1.txz: Upgraded.
d/kernel-headers-5.18.15_smp-x86-1.txz: Upgraded.
k/kernel-source-5.18.15_smp-noarch-1.txz: Upgraded.
kde/kstars-3.6.0-i586-1.txz: Upgraded.
n/gnutls-3.7.7-i586-1.txz: Upgraded.
libgnutls: Fixed double free during verification of pkcs7 signatures.
Reported by Jaak Ristioja.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509
(* Security fix *)
xap/freerdp-2.8.0-i586-1.txz: Upgraded.
xap/vim-gvim-9.0.0107-i586-1.txz: Upgraded.
extra/linux-5.18.15-nosmp-sdk/*: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Thu Jul 28 23:48:36 UTC 2022
a/sysklogd-2.4.0-i586-1.txz: Upgraded.
ap/inxi-3.3.20_1-noarch-1.txz: Upgraded.
d/mercurial-6.2.1-i586-1.txz: Upgraded.
n/nettle-3.8.1-i586-1.txz: Upgraded.
x/libwacom-2.4.0-i586-1.txz: Upgraded.
xap/mozilla-thunderbird-102.1.0-i686-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.1.0/releasenotes/
https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird102.1
(* Security fix *)
xap/xsnow-3.5.1-i586-1.txz: Upgraded.
+--------------------------+
Wed Jul 27 19:17:38 UTC 2022
l/tevent-0.13.0-i586-1.txz: Upgraded.
n/samba-4.16.4-i586-1.txz: Upgraded.
This update fixes the following security issues:
Samba AD users can bypass certain restrictions associated with changing
passwords.
Samba AD users can forge password change requests for any user.
Samba AD users can crash the server process with an LDAP add or modify
request.
Samba AD users can induce a use-after-free in the server process with an
LDAP add or modify request.
Server memory information leak via SMB1.
For more information, see:
https://www.samba.org/samba/security/CVE-2022-2031.html
https://www.samba.org/samba/security/CVE-2022-32744.html
https://www.samba.org/samba/security/CVE-2022-32745.html
https://www.samba.org/samba/security/CVE-2022-32746.html
https://www.samba.org/samba/security/CVE-2022-32742.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742
(* Security fix *)
+--------------------------+
Tue Jul 26 19:27:53 UTC 2022
a/etc-15.1-i586-1.txz: Upgraded.
Fixed install script to avoid a warning from chown that "." should be ":".
a/kernel-firmware-20220725_150864a-noarch-1.txz: Upgraded.
a/tar-1.34-i586-2.txz: Rebuilt.
Sergey Poznyakoff added options to GNU tar back in 2013 to make it possible
to use it in the pkgtools, and with help from gnashley and ruario we
switched to using the latest version of tar in makepkg over 4 years ago.
Still, we kept the old tar-1.13 around. It's finally time to let go of this
old artifact. Farewell tar-1.13, thanks for everything. :-)
l/gnome-keyring-42.1-i586-1.txz: Upgraded.
l/harfbuzz-5.0.1-i586-1.txz: Upgraded.
l/iso-codes-4.11.0-noarch-1.txz: Upgraded.
n/mobile-broadband-provider-info-20220725-i586-1.txz: Upgraded.
+--------------------------+
Mon Jul 25 20:53:49 UTC 2022
d/perl-5.36.0-i586-2.txz: Rebuilt.
Upgraded to URI-5.12.
Added a symlink to libperl.so in /usr/${LIBDIRSUFFIX} since net-snmp (and
possibly other programs) might have trouble linking with it since it's not
in the LD_LIBRARY_PATH. Thanks to oneforall.
d/poke-2.4-i586-1.txz: Upgraded.
l/imagemagick-7.1.0_44-i586-1.txz: Upgraded.
n/bluez-5.65-i586-1.txz: Upgraded.
n/proftpd-1.3.7e-i586-1.txz: Upgraded.
xap/mozilla-firefox-103.0-i686-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/103.0/releasenotes/
(* Security fix *)
+--------------------------+
Sun Jul 24 22:00:30 UTC 2022
a/kernel-generic-5.18.14-i586-1.txz: Upgraded.
a/kernel-generic-smp-5.18.14_smp-i686-1.txz: Upgraded.
a/kernel-huge-5.18.14-i586-1.txz: Upgraded.
a/kernel-huge-smp-5.18.14_smp-i686-1.txz: Upgraded.
a/kernel-modules-5.18.14-i586-1.txz: Upgraded.
a/kernel-modules-smp-5.18.14_smp-i686-1.txz: Upgraded.
d/kernel-headers-5.18.14_smp-x86-1.txz: Upgraded.
d/parallel-20220722-noarch-1.txz: Upgraded.
k/kernel-source-5.18.14_smp-noarch-1.txz: Upgraded.
+CC_HAS_RETURN_THUNK y
+CPU_IBPB_ENTRY y
+CPU_IBRS_ENTRY y
+CPU_UNRET_ENTRY y
+RETHUNK y
+SPECULATION_MITIGATIONS y
extra/linux-5.18.14-nosmp-sdk/*: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Fri Jul 22 18:32:37 UTC 2022
a/kernel-generic-5.18.13-i586-1.txz: Upgraded.
a/kernel-generic-smp-5.18.13_smp-i686-1.txz: Upgraded.
a/kernel-huge-5.18.13-i586-1.txz: Upgraded.
a/kernel-huge-smp-5.18.13_smp-i686-1.txz: Upgraded.
a/kernel-modules-5.18.13-i586-1.txz: Upgraded.
a/kernel-modules-smp-5.18.13_smp-i686-1.txz: Upgraded.
d/kernel-headers-5.18.13_smp-x86-1.txz: Upgraded.
k/kernel-source-5.18.13_smp-noarch-1.txz: Upgraded.
l/mozilla-nss-3.81-i586-1.txz: Upgraded.
x/xdg-desktop-portal-1.14.5-i586-1.txz: Upgraded.
extra/linux-5.18.13-nosmp-sdk/*: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Thu Jul 21 18:13:18 UTC 2022
ap/sqlite-3.39.2-i586-1.txz: Upgraded.
n/net-snmp-5.9.3-i586-1.txz: Upgraded.
This update fixes security issues:
A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause
an out-of-bounds memory access.
A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL
pointer dereference.
Improper Input Validation when SETing malformed OIDs in master agent and
subagent simultaneously.
A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable
can cause an out-of-bounds memory access.
A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a
NULL pointer dereference.
A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer
dereference.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810
(* Security fix *)
x/libxcvt-0.1.2-i586-1.txz: Upgraded.
+--------------------------+