ChangeLog for: 2015-12-03 08:28:30
a/cpio-2.12-x86_64-1.txz: Upgraded.
a/dbus-1.10.6-x86_64-1.txz: Upgraded.
a/eudev-3.1.5-x86_64-7.txz: Rebuilt.
In rc.udev, create static nodes with better initial permissions.
a/lvm2-2.02.136-x86_64-1.txz: Upgraded.
a/openssl-solibs-1.0.2d-x86_64-1.txz: Upgraded.
a/pkgtools-14.2-noarch-5.txz: Rebuilt.
Set LANG=C in pkgtool.
a/tar-1.28-x86_64-1.txz: Upgraded.
ap/cups-2.1.0-x86_64-1.txz: Upgraded.
kde/kio-mtp-2063e75_20131020git-x86_64-3.txz: Rebuilt.
Fix invalid UTF-8 sequence in slack-desc. Thanks to turtleli.
l/eigen3-3.2.7-x86_64-2.txz: Rebuilt.
Fixed eigen3.pc include directory. Thanks to comet.berkeley.
l/freetype-2.6.2-x86_64-1.txz: Upgraded.
l/glib2-2.46.2-x86_64-2.txz: Rebuilt.
Applied upstream patch to fix a memory leak.
l/gmp-6.1.0-x86_64-1.txz: Upgraded.
l/harfbuzz-1.1.2-x86_64-1.txz: Upgraded.
l/libmtp-1.1.10-x86_64-2.txz: Rebuilt.
Put the udev stuff in the right directory. Thanks to yars.
l/libpng-1.6.19-x86_64-1.txz: Upgraded.
Fixed buffer overflows in the png_set_PLTE(), png_get_PLTE(),
png_set_tIME(), and png_convert_to_rfc1123() functions that allow
attackers to cause a denial of service (application crash) or
possibly have unspecified other impact via a small bit-depth value
in an IHDR (aka image header) chunk in a PNG image.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7981
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8126.
(* Security fix *)
l/librsvg-2.40.12-x86_64-1.txz: Upgraded.
n/openssl-1.0.2d-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-38.4.0-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)