Slackware64-current ChangeLog

ChangeLog for: 2025-09-17 23:13:56

a/bcachefs-tools-1.31.0-x86_64-1.txz:  Upgraded.
  Perhaps this package should be considered for removal?
a/btrfs-progs-6.16.1-x86_64-2.txz:  Rebuilt.
  Recompiled to drop dependency on libreiserfscore.
a/inotify-tools-4.25.9.0-x86_64-1.txz:  Upgraded.
a/openssl-solibs-3.5.3-x86_64-1.txz:  Upgraded.
a/reiserfsprogs-3.6.27-x86_64-5.txz:  Removed.
ap/vim-9.1.1766-x86_64-1.txz:  Upgraded.
d/jq-1.8.1-x86_64-1.txz:  Added.
d/ruby-3.4.6-x86_64-1.txz:  Upgraded.
l/expat-2.7.2-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  Disallow use of disproportional amounts of dynamic memory from within an
  Expat parser (e.g. previously a ~250 KiB sized document was able to cause
  allocation of ~800 MiB from the heap, i.e. an "amplification" of factor
  ~3,300); once a threshold (that defaults to 64 MiB) is reached, a maximum
  amplification factor (that defaults to 100.0) is enforced, and violating
  documents are rejected with an out-of-memory error.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2025-59375
  (* Security fix *)
l/gjs-1.86.0-x86_64-1.txz:  Upgraded.
l/mozjs140-140.3.0esr-x86_64-1.txz:  Upgraded.
l/protobuf-32.1-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/qt6-6.9.2_20250818_af7939f2-x86_64-3.txz:  Rebuilt.
  Recompiled against protobuf-32.1.
n/mosh-1.4.0-x86_64-10.txz:  Rebuilt.
  Recompiled against protobuf-32.1.
n/openssl-3.5.3-x86_64-1.txz:  Upgraded.
  Reverted upstream change to how OPENSSL_VERSION_NUMBER is generated which
  pointlessly breaks openssh.
x/mesa-25.2.3-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-140.3.0esr-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/140.3.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2025-75
    https://www.cve.org/CVERecord?id=CVE-2025-10527
    https://www.cve.org/CVERecord?id=CVE-2025-10528
    https://www.cve.org/CVERecord?id=CVE-2025-10529
    https://www.cve.org/CVERecord?id=CVE-2025-10532
    https://www.cve.org/CVERecord?id=CVE-2025-10533
    https://www.cve.org/CVERecord?id=CVE-2025-10536
    https://www.cve.org/CVERecord?id=CVE-2025-10537
  (* Security fix *)
xap/mozilla-thunderbird-140.3.0esr-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/140.3.0esr/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2025-78/
    https://www.cve.org/CVERecord?id=CVE-2025-10527
    https://www.cve.org/CVERecord?id=CVE-2025-10528
    https://www.cve.org/CVERecord?id=CVE-2025-10529
    https://www.cve.org/CVERecord?id=CVE-2025-10532
    https://www.cve.org/CVERecord?id=CVE-2025-10533
    https://www.cve.org/CVERecord?id=CVE-2025-10536
    https://www.cve.org/CVERecord?id=CVE-2025-10537
  (* Security fix *)
xap/pavucontrol-6.2-x86_64-1.txz:  Upgraded.
xap/vim-gvim-9.1.1766-x86_64-1.txz:  Upgraded.