ChangeLog for: 2016-03-25 21:43:59
a/glibc-zoneinfo-2016c-noarch-1.txz: Upgraded.
a/kernel-firmware-20160325git-noarch-1.txz: Upgraded.
a/ntfs-3g-2016.2.22-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
ap/cups-filters-1.8.3-x86_64-1.txz: Upgraded.
ap/sudo-1.8.16-x86_64-1.txz: Upgraded.
ap/zsh-5.2-x86_64-1.txz: Upgraded.
kde/ktouch-4.14.3-x86_64-3.txz: Rebuilt.
Patched to fix performance issues. Thanks to Andrzej Telszewski.
l/libevent-2.0.22-x86_64-1.txz: Upgraded.
Multiple integer overflows in the evbuffer API allow context-dependent
attackers to cause a denial of service or possibly have other unspecified
impact via "insanely large inputs" to the (1) evbuffer_add,
(2) evbuffer_expand, or (3) bufferevent_write function, which triggers a
heap-based buffer overflow or an infinite loop.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6272
(* Security fix *)
l/polkit-0.113-x86_64-1.txz: Upgraded.
Polkit config format change: Uses ".rules" files rather than ".pkla", and
the rules files are JavaScript. Thanks to Robby Workman.
l/polkit-gnome-0.105-x86_64-1.txz: Upgraded.
Thanks to Robby Workman.
n/NetworkManager-1.0.10-x86_64-5.txz: Rebuilt.
Patched rc.networkmanager to only attempt to kill wpa_supplicant on shutdown
using the first .pid found in /var/run or /run. Otherwise if those
directories are symlinked or bind mounted together there will be a race
condition that may result in an error message.
I'm still not certain that rc.networkmanager should be messing with
wpa_supplicant. What about cases where NetworkManager might be configured to
*not* manage the wireless interfaces at all?
Luckily, there is rarely any reason for stopping NetworkManager (outside of
shutdown or reboot), or for restarting it.
n/irssi-0.8.19-x86_64-1.txz: Upgraded.
n/nmap-7.11-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-38.7.1-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)