ChangeLog for: 2017-07-19 00:10:25
a/kernel-generic-4.9.38-x86_64-1.txz: Upgraded.
a/kernel-huge-4.9.38-x86_64-1.txz: Upgraded.
a/kernel-modules-4.9.38-x86_64-1.txz: Upgraded.
a/mkinitrd-1.4.11-x86_64-3.txz: Upgraded.
Support btrfs and ocfs2 volume ids in busybox. Thanks to bam80.
Handle rootflags in init script. Thanks to davjohn.
a/openssl-solibs-1.0.2l-x86_64-1.txz: Upgraded.
ap/gutenprint-5.2.13-x86_64-1.txz: Upgraded.
d/cmake-3.9.0-x86_64-1.txz: Upgraded.
d/kernel-headers-4.9.38-x86-1.txz: Upgraded.
k/kernel-source-4.9.38-noarch-1.txz: Upgraded.
kde/calligra-2.9.11-x86_64-12.txz: Rebuilt.
Linked against exiv2-0.26.
kde/gwenview-4.14.3-x86_64-3.txz: Rebuilt.
Linked against exiv2-0.26.
kde/kde-runtime-4.14.3-x86_64-5.txz: Rebuilt.
Linked against exiv2-0.26 and libwebp-0.6.0.
kde/kdelibs-4.14.34-x86_64-1.txz: Upgraded.
kde/kfilemetadata-4.14.3-x86_64-3.txz: Rebuilt.
Linked against exiv2-0.26.
kde/libkexiv2-4.14.3-x86_64-3.txz: Rebuilt.
Linked against exiv2-0.26.
kde/nepomuk-core-4.14.3-x86_64-3.txz: Rebuilt.
Linked against exiv2-0.26.
l/SDL2_image-2.0.1-x86_64-2.txz: Rebuilt.
Linked against libwebp-0.6.0.
l/exiv2-0.26-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/expat-2.2.2-x86_64-1.txz: Upgraded.
Fixes security issues including:
External entity infinite loop DoS
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9233
https://libexpat.github.io/doc/cve-2017-9233/
(* Security fix *)
l/ffmpeg-3.3.2-x86_64-2.txz: Rebuilt.
Linked against libwebp-0.6.0.
l/gd-2.2.4-x86_64-1.txz: Upgraded.
Linked against libwebp-0.6.0.
Fixes security issues:
gdImageCreate() doesn't check for oversized images and as such is prone to
DoS vulnerabilities. (CVE-2016-9317)
double-free in gdImageWebPtr() (CVE-2016-6912)
potential unsigned underflow in gd_interpolation.c (CVE-2016-10166)
DOS vulnerability in gdImageCreateFromGd2Ctx() (CVE-2016-10167)
Signed Integer Overflow gd_io.c (CVE-2016-10168)
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168
(* Security fix *)
l/imagemagick-6.9.9_0-x86_64-1.txz: Upgraded.
Linked against libwebp-0.6.0.
l/libwebp-0.6.0-x86_64-1.txz: Added.
Thanks to powtrix.
l/orc-0.4.27-x86_64-1.txz: Upgraded.
l/pango-1.40.7-x86_64-1.txz: Upgraded.
l/strigi-0.7.8-x86_64-3.txz: Rebuilt.
Linked against exiv2-0.26.
n/bluez-5.46-x86_64-1.txz: Upgraded.
n/libtirpc-1.0.2-x86_64-1.txz: Upgraded.
n/nfs-utils-1.3.4-x86_64-2.txz: Rebuilt.
Added /etc/default/nfs config file for setting additional options.
Thanks to shasta and Robby Workman.
n/openssh-7.5p1-x86_64-2.txz: Rebuilt.
Added /etc/default/sshd config file for setting additional options.
Thanks to shasta and Robby Workman.
n/openssl-1.0.2l-x86_64-1.txz: Upgraded.
n/rpcbind-0.2.4-x86_64-2.txz: Rebuilt.
Fixed a bug in a previous patch where a svc_freeargs() call ended up freeing
a static pointer causing rpcbind to crash. Thanks to Jonathan Woithe,
Rafael Jorge Csura Szendrodi, and Robby Workman for identifying the problem
and helping to test a fix.
Added /etc/default/rpc config file (useful for setting static port
assignments). Thanks to shasta and Robby Workman.
n/stunnel-5.42-x86_64-1.txz: Upgraded.
n/yptools-2.14-x86_64-8.txz: Rebuilt.
Added /etc/default/yp config file for setting additional options.
Thanks to shasta and Robby Workman.
xap/geeqie-1.3-x86_64-2.txz: Rebuilt.
Linked against exiv2-0.26.
xfce/xfce4-terminal-0.8.6-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.