ChangeLog for: 2016-05-28 00:08:17
a/sysvinit-scripts-2.0-noarch-32.txz: Rebuilt.
rc.S: Fixed cgroup, cgmanager, and cgproxy handling so that it works if /usr
is a separate partition. Thanks to Richard Cranium and Matteo Bernardini.
ap/ghostscript-9.19-x86_64-2.txz: Rebuilt.
Use the bundled version of openjpeg, which includes patches needed by
ghostscript. Thanks to qunying.
ap/lxc-2.0.1-x86_64-2.txz: Rebuilt.
Merged rc.S changes.
l/libxml2-2.9.4-x86_64-1.txz: Upgraded.
This release fixes bugs and security issues:
Heap-based buffer underreads due to xmlParseName (CVE-2016-4447).
Format string vulnerability (CVE-2016-4448).
Inappropriate fetch of entities content (CVE-2016-4449).
For more information, see:
http://xmlsoft.org/news.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
(* Security fix *)
l/libxslt-1.1.29-x86_64-1.txz: Upgraded.
This release fixes bugs and a security issue:
Fix for type confusion in preprocessing attributes (Daniel Veillard).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995
(* Security fix *)
n/php-5.6.22-x86_64-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
http://php.net/ChangeLog-5.php#5.6.22
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5094
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5096
(* Security fix *)
xap/geeqie-1.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
Make rc.dropbear executable. Thanks to Eduard Rozenberg.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Make rc.dropbear executable. Thanks to Eduard Rozenberg.