Slackware64-current ChangeLog

ChangeLog for: 2025-06-05 00:59:10

a/kernel-firmware-20250603_3b75d67-noarch-1.txz:  Upgraded.
a/kernel-generic-6.12.32-x86_64-1.txz:  Upgraded.
ap/squashfs-tools-4.7-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.12.32-x86-1.txz:  Upgraded.
d/lua-5.4.8-x86_64-1.txz:  Upgraded.
d/python3-3.12.11-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  gh-135034: [CVE-2024-12718] [CVE-2025-4138] [CVE-2025-4330] [CVE-2025-4435]
  [CVE-2025-4517] Fixes multiple issues that allowed tarfile extraction filters
  (filter="data" and filter="tar") to be bypassed using crafted symlinks and
  hard links.
  gh-133767: Fix use-after-free in the "unicode-escape" decoder with a
  non-"strict" error handler.
  gh-128840: Short-circuit the processing of long IPv6 addresses early in
  ipaddress to prevent excessive memory consumption and a minor denial-of-service.
  For more information, see:
    https://pythoninsider.blogspot.com/2025/06/python-3134-31211-31113-31018-and-3923.html
    https://www.cve.org/CVERecord?id=CVE-2024-12718
    https://www.cve.org/CVERecord?id=CVE-2025-4138
    https://www.cve.org/CVERecord?id=CVE-2025-4330
    https://www.cve.org/CVERecord?id=CVE-2025-4435
    https://www.cve.org/CVERecord?id=CVE-2025-4517
  (* Security fix *)
d/tree-sitter-0.25.6-x86_64-1.txz:  Upgraded.
k/kernel-source-6.12.32-noarch-1.txz:  Upgraded.
kde/calligra-3.2.1-x86_64-54.txz:  Rebuilt.
  Recompiled against poppler-25.06.0.
kde/cantor-23.08.5-x86_64-21.txz:  Rebuilt.
  Recompiled against poppler-25.06.0.
kde/kfilemetadata-5.116.0-x86_64-17.txz:  Rebuilt.
  Recompiled against poppler-25.06.0.
kde/kile-2.9.93-x86_64-47.txz:  Rebuilt.
  Recompiled against poppler-25.06.0.
kde/kitinerary-23.08.5-x86_64-19.txz:  Rebuilt.
  Recompiled against poppler-25.06.0.
kde/krita-5.2.9-x86_64-7.txz:  Rebuilt.
  Recompiled against poppler-25.06.0.
kde/labplot-2.11.1-x86_64-13.txz:  Rebuilt.
  Recompiled against poppler-25.06.0.
kde/okular-23.08.5-x86_64-18.txz:  Rebuilt.
  Recompiled against poppler-25.06.0.
l/pipewire-1.4.5-x86_64-1.txz:  Upgraded.
l/poppler-25.06.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
n/curl-8.14.1-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  WebSocket endless loop.
  For more information, see:
    https://curl.se/docs/CVE-2025-5399.html
    https://www.cve.org/CVERecord?id=CVE-2025-5399
  (* Security fix *)
x/mesa-25.1.2-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/linux-6.14.x/kernel-generic-6.14.10-x86_64-1.txz:  Upgraded.
testing/packages/linux-6.14.x/kernel-headers-6.14.10-x86-1.txz:  Upgraded.
testing/packages/linux-6.14.x/kernel-source-6.14.10-noarch-1.txz:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.