ChangeLog for: 2017-10-06 07:32:32
a/kernel-generic-4.9.53-x86_64-1.txz: Upgraded.
a/kernel-huge-4.9.53-x86_64-1.txz: Upgraded.
a/kernel-modules-4.9.53-x86_64-1.txz: Upgraded.
ap/cups-filters-1.17.9-x86_64-1.txz: Upgraded.
ap/ghostscript-9.22-x86_64-1.txz: Upgraded.
ap/vim-8.0.1175-x86_64-1.txz: Upgraded.
Compiled using libperl.so from perl-5.26.1.
d/cmake-3.9.4-x86_64-1.txz: Upgraded.
d/kernel-headers-4.9.53-x86-1.txz: Upgraded.
d/perl-5.26.1-x86_64-1.txz: Upgraded.
Added the following perl modules to support git send-email (thanks to
Xsane): Authen-SASL-2.16, MIME-Base64-3.15, and Net-SMTP-SSL-1.04.
d/python3-3.6.3-x86_64-1.txz: Upgraded.
k/kernel-source-4.9.53-noarch-1.txz: Upgraded.
KSM n -> y (thanks to ivandi)
kde/perlkde-4.14.3-x86_64-4.txz: Rebuilt.
Recompiled using libperl.so from perl-5.26.1.
kde/perlqt-4.14.3-x86_64-4.txz: Rebuilt.
Recompiled using libperl.so from perl-5.26.1.
l/gtk+3-3.22.24-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.9_18-x86_64-1.txz: Upgraded.
l/libmtp-1.1.14-x86_64-1.txz: Upgraded.
l/librsvg-2.40.19-x86_64-1.txz: Upgraded.
l/openjpeg-2.3.0-x86_64-1.txz: Upgraded.
This update fixes security issues which may lead to a denial of service
or possibly remote code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9572
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9573
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9580
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9581
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12982
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14039
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14040
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14041
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14151
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14152
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14164
(* Security fix *)
l/vte-0.50.1-x86_64-1.txz: Upgraded.
n/curl-7.56.0-x86_64-1.txz: Upgraded.
This update fixes a security issue:
libcurl may read outside of a heap allocated buffer when doing FTP.
For more information, see:
https://curl.haxx.se/docs/adv_20171004.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254
(* Security fix *)
n/epic5-2.0.1-x86_64-2.txz: Rebuilt.
Recompiled using libperl.so from perl-5.26.1.
n/irssi-1.0.4-x86_64-2.txz: Rebuilt.
Recompiled using libperl.so from perl-5.26.1.
n/net-snmp-5.7.3-x86_64-6.txz: Rebuilt.
Recompiled using libperl.so from perl-5.26.1.
n/ntp-4.2.8p10-x86_64-2.txz: Rebuilt.
Recompiled using libperl.so from perl-5.26.1.
n/p11-kit-0.23.9-x86_64-1.txz: Upgraded.
x/libinput-1.8.3-x86_64-1.txz: Upgraded.
x/xorg-server-1.19.4-x86_64-1.txz: Upgraded.
This update fixes two security issues:
Xext/shm: Validate shmseg resource id, otherwise it can belong to a
non-existing client and abort X server with FatalError "client not
in use", or overwrite existing segment of another existing client.
Generating strings for XKB data used a single shared static buffer,
which offered several opportunities for errors. Use a ring of
resizable buffers instead, to avoid problems when strings end up
longer than anticipated.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13721
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13723
(* Security fix *)
x/xorg-server-xephyr-1.19.4-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-1.19.4-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-1.19.4-x86_64-1.txz: Upgraded.
xap/hexchat-2.12.4-x86_64-2.txz: Rebuilt.
Recompiled using libperl.so from perl-5.26.1.
Built with --enable-python=python3.
xap/pidgin-2.12.0-x86_64-2.txz: Rebuilt.
Recompiled using libperl.so from perl-5.26.1.
xap/vim-gvim-8.0.1175-x86_64-1.txz: Upgraded.
Compiled using libperl.so from perl-5.26.1.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.