ChangeLog for: 2016-02-26 23:54:05
a/btrfs-progs-v4.4.1-x86_64-1.txz: Upgraded.
a/kernel-generic-4.4.3-x86_64-1.txz: Upgraded.
a/kernel-huge-4.4.3-x86_64-1.txz: Upgraded.
a/kernel-modules-4.4.3-x86_64-1.txz: Upgraded.
a/sdparm-1.10-x86_64-1.txz: Upgraded.
ap/mariadb-10.0.24-x86_64-1.txz: Upgraded.
d/gdb-7.11-x86_64-1.txz: Upgraded.
d/kernel-headers-4.4.3-x86-1.txz: Upgraded.
k/kernel-source-4.4.3-noarch-1.txz: Upgraded.
kde/kdepimlibs-4.14.10-x86_64-2.txz: Rebuilt.
Recompiled against libical-2.0.0.
l/gtk+3-3.18.8-x86_64-1.txz: Upgraded.
l/libical-2.0.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libssh-0.7.3-x86_64-1.txz: Upgraded.
Fixed weak key generation. Due to a bug in the ephemeral secret key
generation for the diffie-hellman-group1 and diffie-hellman-group14
methods, ephemeral secret keys of size 128 bits are generated, instead
of the recommended sizes of 1024 and 2048 bits, giving a practical
security of 63 bits.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0739
(* Security fix *)
l/sg3_utils-1.42-x86_64-1.txz: Upgraded.
n/bluez-5.37-x86_64-2.txz: Rebuilt.
Recompiled against libical-2.0.0.
n/libssh2-1.7.0-x86_64-1.txz: Upgraded.
Fixed weak key generation. During the SSHv2 handshake when libssh2 is to
get a suitable value for 'group order' in the Diffle Hellman negotiation,
it would pass in number of bytes to a function that expected number of bits.
This would result in the library generating numbers using only an 8th the
number of random bits than what were intended: 128 or 256 bits instead of
1023 or 2047. Using such drastically reduced amount of random bits for
Diffie Hellman weakended the handshake security significantly.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0787
(* Security fix *)
x/mesa-11.1.2-x86_64-1.txz: Upgraded.
xfce/orage-4.12.1-x86_64-3.txz: Rebuilt.
Recompiled against libical-2.0.0.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.