ChangeLog for: 2020-03-23 21:03:39
a/e2fsprogs-1.45.6-x86_64-1.txz: Upgraded.
d/git-2.26.0-x86_64-1.txz: Upgraded.
l/gd-2.3.0-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Potential double-free in gdImage*Ptr().
gdImageColorMatch() out of bounds write on heap.
Uninitialized read in gdImageCreateFromXbm().
Double-free in gdImageBmp.
Potential NULL pointer dereference in gdImageClone().
Potential infinite loop in gdImageCreateFromGifCtx().
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14553
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5711
(* Security fix *)
l/libbluray-1.2.0-x86_64-1.txz: Upgraded.
n/curl-7.69.1-x86_64-2.txz: Rebuilt.
Use --with-ca-path=/etc/ssl/certs instead of
--with-ca-bundle=/usr/share/curl/ca-bundle.crt. Thanks to shastah.
xap/audacious-4.0-x86_64-2.txz: Rebuilt.
Rebuilt with autotools to fix French language support. Thanks to gmgf.
xap/audacious-plugins-4.0-x86_64-2.txz: Rebuilt.
Rebuilt with autotools.
extra/pure-alsa-system/audacious-plugins-4.0-x86_64-2_alsa.txz: Rebuilt.