ChangeLog for: 2016-03-03 06:41:26
a/aaa_elflibs-14.2-x86_64-10.txz: Rebuilt.
a/kernel-firmware-20160302git-noarch-1.txz: Upgraded.
a/openssl-solibs-1.0.2g-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-2.0-noarch-30.txz: Rebuilt.
rc.M: Start D-Bus and NetworkManager right after rc.inet1.
ap/ksh93-2012_08_01-x86_64-2.txz: Rebuilt.
Removed broken locale files. Thanks to Didier Spaier.
ap/nano-2.5.3-x86_64-1.txz: Upgraded.
ap/sqlite-3.11.0-x86_64-1.txz: Upgraded.
ap/vim-7.4.1424-x86_64-1.txz: Upgraded.
d/ruby-2.2.4-x86_64-1.txz: Upgraded.
l/libssh2-1.7.0-x86_64-1.txz: Moved.
Moved from N -> L series to be consistent with libssh.
l/poppler-0.41.0-x86_64-1.txz: Upgraded.
l/qca-2.1.1-x86_64-1.txz: Upgraded.
l/qca-cyrus-sasl-2.0.0_beta3-x86_64-2.txz: Removed.
l/qca-gnupg-2.0.0_beta3-x86_64-1.txz: Removed.
l/qca-ossl-2.0.0_beta3-x86_64-3.txz: Removed.
l/qt-4.8.7-x86_64-4.txz: Rebuilt.
Recompiled to drop support for OpenSSL SSLv2.
n/curl-7.47.1-x86_64-2.txz: Rebuilt.
Recompiled to drop support for OpenSSL SSLv2.
n/fetchmail-6.3.26-x86_64-2.txz: Rebuilt.
Recompiled to drop support for OpenSSL SSLv2.
n/httpd-2.4.18-x86_64-1.txz: Upgraded.
n/links-2.12-x86_64-2.txz: Rebuilt.
Recompiled to drop support for OpenSSL SSLv2.
n/mailx-12.5-x86_64-2.txz: Rebuilt.
Drop SSLv2 support (no longer supported by OpenSSL), and fix security issues
that could allow a local attacker to cause mailx to execute arbitrary
shell commands through the use of a specially-crafted email address.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2771
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7844
(* Security fix *)
n/openssl-1.0.2g-x86_64-1.txz: Upgraded.
This update fixes the following security issues:
Cross-protocol attack on TLS using SSLv2 (DROWN) (CVE-2016-0800)
Double-free in DSA code (CVE-2016-0705)
Memory leak in SRP database lookups (CVE-2016-0798)
BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption (CVE-2016-0797)
Fix memory issues in BIO_*printf functions (CVE-2016-0799)
Side channel attack on modular exponentiation (CVE-2016-0702)
Note that this package drops all support for SSLv2, which breaks the ABI for
any binaries that make use of SSLv2_client_method.
For more information, see:
https://www.openssl.org/news/secadv/20160301.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0800
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0705
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0798
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0797
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0799
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702
(* Security fix *)
n/php-5.6.18-x86_64-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
http://php.net/ChangeLog-5.php#5.6.18
(* Security fix *)
n/samba-4.3.5-x86_64-1.txz: Upgraded.
n/stunnel-5.30-x86_64-2.txz: Rebuilt.
Allow OpenSSL to use the default key size for DH in generate-stunnel-key.sh.
Thanks to Markus Reichelt.
Recompiled to drop support for OpenSSL SSLv2.
n/wget-1.17.1-x86_64-2.txz: Rebuilt.
Recompiled to drop support for OpenSSL SSLv2.
tcl/expect-5.45-x86_64-1.txz: Upgraded.
tcl/tcl-8.6.5-x86_64-1.txz: Upgraded.
tcl/tk-8.6.5-x86_64-1.txz: Upgraded.
x/xf86-video-intel-git_20160229_d167280-x86_64-1.txz: Upgraded.
x/xrandr-1.5.0-x86_64-1.txz: Upgraded.
xap/vim-gvim-7.4.1424-x86_64-1.txz: Upgraded.
xap/xpdf-3.04-x86_64-2.txz: Rebuilt.
isolinux/initrd.img: Rebuilt.
Another attempt to get /sbin/probe to reliably handle nvme partitions.
Thanks to w9cf and Grant Coady.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Another attempt to get /sbin/probe to reliably handle nvme partitions.
Thanks to w9cf and Grant Coady.