ChangeLog for: 2018-09-06 07:15:46
a/acpid-2.0.30-x86_64-1.txz: Upgraded.
a/etc-15.0-x86_64-9.txz: Rebuilt.
Added support for /etc/ld.so.conf.d/. Thanks to Qury.
a/kernel-firmware-20180904_85c5d90-noarch-1.txz: Upgraded.
a/kernel-generic-4.14.68-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.68-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.68-x86_64-1.txz: Upgraded.
a/pkgtools-15.0-noarch-22.txz: Rebuilt.
installpkg: prevent noise from the "stray cat" if tar hands it a broken
pipe. Thanks to ivandi.
Also (in the comments) provide a possibly better but untested solution.
Thanks to SeB.
a/sysvinit-2.90-x86_64-2.txz: Rebuilt.
sysvinit-2.90 added an undocumented feature that tries to spawn agetty
if it sees console= in the kernel command line. Avoiding the debate about
whether this code belongs in init at all, at least such a change should
be documented, and probably made opt-in. This patch disables the new
behavior unless "sysvinit_agetty" is also seen in the kernel command line.
It seems like this might have been something added for Hurd, and it might
be wise to stick to what we've got rather than following upstream on this
particular package. If anyone notices any other odd behavior, please let
me know. Thanks to shastah.
a/sysvinit-scripts-2.1-noarch-19.txz: Rebuilt.
When checking for intel_pstate, direct the stderr to /dev/null in case
the file doesn't exist in /sys. Thanks to ivandi.
Allow forcing an option by editing /etc/default/cpufreq.
ap/cups-filters-1.21.2-x86_64-1.txz: Upgraded.
ap/ghostscript-9.24-x86_64-1.txz: Upgraded.
Patched multiple -dSAFER sandbox bypass vulnerabilities.
Thanks to Tavis Ormandy.
For more information, see:
https://www.ghostscript.com/doc/9.24/News.htm
https://www.kb.cert.org/vuls/id/332928
(* Security fix *)
ap/sudo-1.8.25-x86_64-1.txz: Upgraded.
d/binutils-2.31.1-x86_64-2.txz: Rebuilt.
elf.c (_bfd_elf_get_symbol_version_string): Return _("") for
corrupt symbol version info.
elflink.c (bfd_elf_record_link_assignment): Always clear h->verinfo.verdef
when overriding a dynamic definition.
Thanks to Michael Short for pointing out the upstream patches.
d/ccache-3.4.3-x86_64-1.txz: Upgraded.
d/kernel-headers-4.14.68-x86-1.txz: Upgraded.
d/llvm-6.0.1-x86_64-2.txz: Rebuilt.
Recompiled with -DCLANG_BUILD_SHARED_LIBS=ON to fix issues when multiple
OpenCL drivers are installed. Thanks to Heinz Wiesinger.
d/mercurial-4.7.1-x86_64-1.txz: Upgraded.
k/kernel-source-4.14.68-noarch-1.txz: Upgraded.
l/mozilla-nss-3.39-x86_64-1.txz: Upgraded.
n/curl-7.61.1-x86_64-1.txz: Upgraded.
This update fixes an NTLM password overflow via integer overflow.
For more information, see:
https://curl.haxx.se/docs/CVE-2018-14618.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14618
(* Security fix *)
n/gnupg2-2.2.10-x86_64-1.txz: Upgraded.
n/libtirpc-1.1.4-x86_64-1.txz: Upgraded.
n/netatalk-3.1.11-x86_64-2.txz: Rebuilt.
rc.atalk: fixed errors in status output. Thanks to marav.
n/nghttp2-1.33.0-x86_64-1.txz: Upgraded.
n/p11-kit-0.23.14-x86_64-1.txz: Upgraded.
n/stunnel-5.49-x86_64-1.txz: Upgraded.
x/libdrm-2.4.94-x86_64-1.txz: Upgraded.
x/xf86-video-ati-20180824_de88ea27-x86_64-1.txz: Upgraded.
xap/hexchat-2.14.2-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-60.2.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
xap/xlockmore-5.56-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.