Wed Apr  3 22:22:06 UTC 2024
l/PyQt-builder-1.16.0-x86_64-1.txz:  Upgraded.
l/gst-plugins-bad-free-1.24.1-x86_64-2.txz:  Rebuilt.
  Recompiled against aom-3.8.2 to build libgstaom.so.
l/nodejs-20.12.1-x86_64-1.txz:  Upgraded.
l/python-lxml-5.2.1-x86_64-1.txz:  Upgraded.
x/xorg-server-21.1.12-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Heap buffer overread/data leakage in ProcXIGetSelectedEvents.
  Heap buffer overread/data leakage in ProcXIPassiveGrabDevice.
  Heap buffer overread/data leakage in ProcAppleDRICreatePixmap.
  Use-after-free in ProcRenderAddGlyphs.
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-April/003497.html
    https://www.cve.org/CVERecord?id=CVE-2024-31080
    https://www.cve.org/CVERecord?id=CVE-2024-31081
    https://www.cve.org/CVERecord?id=CVE-2024-31082
    https://www.cve.org/CVERecord?id=CVE-2024-31083
  (* Security fix *)
x/xorg-server-xephyr-21.1.12-x86_64-1.txz:  Upgraded.
x/xorg-server-xnest-21.1.12-x86_64-1.txz:  Upgraded.
x/xorg-server-xvfb-21.1.12-x86_64-1.txz:  Upgraded.
x/xorg-server-xwayland-23.2.5-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Heap buffer overread/data leakage in ProcXIGetSelectedEvents.
  Heap buffer overread/data leakage in ProcXIPassiveGrabDevice.
  Use-after-free in ProcRenderAddGlyphs.
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-April/003497.html
    https://www.cve.org/CVERecord?id=CVE-2024-31080
    https://www.cve.org/CVERecord?id=CVE-2024-31081
    https://www.cve.org/CVERecord?id=CVE-2024-31083
  (* Security fix *)

Thu Apr  4 20:49:23 UTC 2024
a/hwdata-0.381-noarch-1.txz:  Upgraded.
a/kernel-generic-6.6.25-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.6.25-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.6.25-x86_64-1.txz:  Upgraded.
d/cmake-3.29.1-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.6.25-x86-1.txz:  Upgraded.
d/llvm-18.1.3-x86_64-1.txz:  Upgraded.
k/kernel-source-6.6.25-noarch-1.txz:  Upgraded.
kde/kstars-3.7.0-x86_64-1.txz:  Upgraded.
l/enchant-2.6.9-x86_64-1.txz:  Upgraded.
l/libclc-18.1.3-x86_64-1.txz:  Upgraded.
l/sof-firmware-2024.03-noarch-1.txz:  Upgraded.
n/gnutls-3.8.5-x86_64-1.txz:  Upgraded.
n/httpd-2.4.59-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  HTTP/2 DoS by memory exhaustion on endless continuation frames.
  HTTP Response Splitting in multiple modules.
  HTTP response splitting.
  For more information, see:
    https://downloads.apache.org/httpd/CHANGES_2.4.59
    https://www.cve.org/CVERecord?id=CVE-2024-27316
    https://www.cve.org/CVERecord?id=CVE-2024-24795
    https://www.cve.org/CVERecord?id=CVE-2023-38709
  (* Security fix *)
n/nghttp2-1.61.0-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  nghttp2 library keeps reading the unbounded number of HTTP/2 CONTINUATION
  frames even after a stream is reset to keep HPACK context in sync. This
  causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates
  this vulnerability by limiting the number of CONTINUATION frames it can
  accept after a HEADERS frame.
  For more information, see:
    https://github.com/nghttp2/nghttp2/security/advisories/GHSA-x6x3-gv8h-m57q
    https://www.kb.cert.org/vuls/id/421644
    https://www.cve.org/CVERecord?id=CVE-2024-28182
  (* Security fix *)
x/xdg-desktop-portal-1.18.3-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.

Fri Apr  5 20:11:23 UTC 2024
a/etc-15.1-x86_64-10.txz:  Rebuilt.
  Added nut user (218) and nut group (218).
a/genpower-1.0.5-x86_64-5.txz:  Removed.
a/nut-2.8.2-x86_64-1.txz:  Added.
  This is a package to support uninterruptible power supplies, and replaces
  the obsolete genpower package.
  Thanks to V'yacheslav Stetskevych for the original SBo script.
a/sysvinit-scripts-15.1-noarch-16.txz:  Rebuilt.
  rc.M: start the NUT init scripts rc.nut-drvctl, rc.nut-upsd, and
  rc.nut-upsmon. Remove the genpower block.
  rc.6: support stopping the UPS inverter on the way down if we see
  /etc/killpower. Remove the genpower block.
a/tcsh-6.24.12-x86_64-1.txz:  Upgraded.
ap/man-db-2.12.1-x86_64-1.txz:  Upgraded.
ap/mpg123-1.32.6-x86_64-1.txz:  Upgraded.
ap/vim-9.1.0265-x86_64-1.txz:  Upgraded.
d/cargo-vendor-filterer-0.5.14-x86_64-1.txz:  Upgraded.
d/nasm-2.16.02-x86_64-1.txz:  Upgraded.
l/libproxy-0.5.5-x86_64-1.txz:  Upgraded.
l/python-hatchling-1.22.5-x86_64-1.txz:  Upgraded.
l/python-typing_extensions-4.11.0-x86_64-1.txz:  Upgraded.
x/xdm-1.1.16-x86_64-1.txz:  Upgraded.
xap/vim-gvim-9.1.0265-x86_64-1.txz:  Upgraded.
extra/bash-completion/bash-completion-2.13.0-noarch-1.txz:  Upgraded.
extra/tigervnc/tigervnc-1.13.1-x86_64-5.txz:  Rebuilt.
  Recompiled against xorg-server-21.1.12 to fix security issues:
  Heap buffer overread/data leakage in ProcXIGetSelectedEvents.
  Heap buffer overread/data leakage in ProcXIPassiveGrabDevice.
  Heap buffer overread/data leakage in ProcAppleDRICreatePixmap.
  Use-after-free in ProcRenderAddGlyphs.
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-April/003497.html
    https://www.cve.org/CVERecord?id=CVE-2024-31080
    https://www.cve.org/CVERecord?id=CVE-2024-31081
    https://www.cve.org/CVERecord?id=CVE-2024-31082
    https://www.cve.org/CVERecord?id=CVE-2024-31083
  (* Security fix *)

Sat Apr  6 17:19:58 UTC 2024
a/pciutils-3.12.0-x86_64-1.txz:  Upgraded.
l/pygobject-2.28.7-x86_64-10.txz:  Rebuilt.
  Build with PYTHON=python2 so that we don't have a call to unversioned python
  in pygobject-codegen-2.0. Fixes building gimp from git.
  Thanks to Petri Kaukasoina.
l/pygobject3-3.48.2-x86_64-1.txz:  Upgraded.
x/libX11-1.8.9-x86_64-1.txz:  Upgraded.
x/mtdev-1.1.7-x86_64-1.txz:  Upgraded.

Mon Apr  8 18:44:37 UTC 2024
l/imagemagick-7.1.1_30-x86_64-1.txz:  Upgraded.
l/libarchive-3.7.3-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  Fix possible vulnerability in tar error reporting introduced in f27c173
  by JiaT75.
  For more information, see:
    https://github.com/libarchive/libarchive/commit/f27c173d17dc807733b3a4f8c11207c3f04ff34f
    https://github.com/libarchive/libarchive/pull/2101
  (* Security fix *)
n/net-snmp-5.9.4-x86_64-3.txz:  Rebuilt.
  [PATCH] Add Linux 6.7 compatibility parsing /proc/net/snmp.
  Thanks to walecha.
n/rsync-3.3.0-x86_64-1.txz:  Upgraded.
x/xorg-sgml-doctools-1.12.1-x86_64-1.txz:  Upgraded.
xap/gimp-2.10.36-x86_64-3.txz:  Rebuilt.
  [PATCH] QuitDialog: disconnect signal handler on dialog destroy.
  This fixes a crash on quit.
  Thanks to USUARIONUEVO.
xap/xlockmore-5.77-x86_64-1.txz:  Upgraded.

Tue Apr  9 18:14:27 UTC 2024
l/abseil-cpp-20240116.2-x86_64-1.txz:  Upgraded.
l/dotconf-1.4.1-x86_64-1.txz:  Upgraded.
t/texlive-2024.240409-x86_64-1.txz:  Upgraded.
  Thanks to Johannes Schoepfer.
x/xorg-server-xwayland-23.2.6-x86_64-1.txz:  Upgraded.
xap/blueman-2.4.1-x86_64-1.txz:  Upgraded.

Wed Apr 10 19:09:14 UTC 2024
a/cryptsetup-2.7.2-x86_64-1.txz:  Upgraded.
a/kernel-firmware-20240410_53438f8-noarch-1.txz:  Upgraded.
a/kernel-generic-6.6.26-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.6.26-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.6.26-x86_64-1.txz:  Upgraded.
a/openssl-solibs-3.3.0-x86_64-1.txz:  Upgraded.
a/pam-1.6.1-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.6.26-x86-1.txz:  Upgraded.
d/rust-1.77.2-x86_64-1.txz:  Upgraded.
  [PATCH] compiler: Use wasm-ld for wasm targets.
  Thanks to Heinz Wiesinger.
k/kernel-source-6.6.26-noarch-1.txz:  Upgraded.
  +SPECTRE_BHI_AUTO n
  +SPECTRE_BHI_OFF n
  +SPECTRE_BHI_ON y
l/gst-plugins-bad-free-1.24.2-x86_64-1.txz:  Upgraded.
l/gst-plugins-base-1.24.2-x86_64-1.txz:  Upgraded.
l/gst-plugins-good-1.24.2-x86_64-1.txz:  Upgraded.
l/gst-plugins-libav-1.24.2-x86_64-1.txz:  Upgraded.
l/gstreamer-1.24.2-x86_64-1.txz:  Upgraded.
l/libcap-ng-0.8.5-x86_64-1.txz:  Upgraded.
l/nodejs-20.12.2-x86_64-1.txz:  Upgraded.
l/python-trove-classifiers-2024.4.10-x86_64-1.txz:  Upgraded.
n/gnutls-3.8.5-x86_64-2.txz:  Rebuilt.
  [PATCH] Fix RSAES-PKCS1-v1_5 system-wide configuration.
  Thanks to bortolotto.
n/openssl-3.3.0-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.

Thu Apr 11 19:05:36 UTC 2024
a/elogind-255.4-x86_64-1.txz:  Upgraded.
a/libblockdev-3.1.1_1-x86_64-1.txz:  Upgraded.
a/libbytesize-2.10-x86_64-1.txz:  Upgraded.
a/libgudev-238-x86_64-1.txz:  Upgraded.
a/udisks-1.0.5-x86_64-11.txz:  Removed.
a/udisks2-2.10.1-x86_64-1.txz:  Upgraded.
a/upower-1.90.4-x86_64-1.txz:  Upgraded.
l/python-docutils-0.21.1-x86_64-1.txz:  Upgraded.
l/python-idna-3.7-x86_64-1.txz:  Upgraded.
n/php-8.3.5-x86_64-1.txz:  Upgraded.
  This update fixes bugs and security issues.
  For more information, see:
    https://www.php.net/ChangeLog-8.php#8.3.6
  (* Security fix *)
x/ibus-m17n-1.4.29-x86_64-1.txz:  Upgraded.
x/mesa-24.0.5-x86_64-1.txz:  Upgraded.

Thu Apr 11 21:36:28 UTC 2024
d/cmake-3.29.2-x86_64-1.txz:  Upgraded.
l/polkit-124-x86_64-1.txz:  Upgraded.
  Thanks to marav for the patches.

Fri Apr 12 19:08:59 UTC 2024
a/less-653-x86_64-1.txz:  Upgraded.
d/ninja-1.12.0-x86_64-1.txz:  Upgraded.
d/valgrind-3.22.0-x86_64-1.txz:  Added.
  Thanks to Kyle Guinn, Peter Wang, and Willy Sudiarto Raharjo.
l/netpbm-11.06.01-x86_64-1.txz:  Upgraded.
n/php-8.3.6-x86_64-1.txz:  Upgraded.
  This update fixes bugs and security issues.
  For more information, see:
    https://www.php.net/ChangeLog-8.php#8.3.6
  (* Security fix *)

Sat Apr 13 00:59:20 UTC 2024
l/python-docutils-0.21.1-x86_64-2.txz:  Rebuilt.
  Fix ridiculous broken symlink. Thanks to marav.

Sat Apr 13 18:44:55 UTC 2024
a/kernel-firmware-20240412_5da74b1-noarch-1.txz:  Upgraded.
a/kernel-generic-6.6.27-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.6.27-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.6.27-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.6.27-x86-1.txz:  Upgraded.
d/python-setuptools-69.5.0-x86_64-1.txz:  Upgraded.
k/kernel-source-6.6.27-noarch-1.txz:  Upgraded.
l/libwebp-1.4.0-x86_64-1.txz:  Upgraded.
l/opus-1.5.2-x86_64-1.txz:  Upgraded.
x/xorg-server-21.1.13-x86_64-1.txz:  Upgraded.
x/xorg-server-xephyr-21.1.13-x86_64-1.txz:  Upgraded.
x/xorg-server-xnest-21.1.13-x86_64-1.txz:  Upgraded.
x/xorg-server-xvfb-21.1.13-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.

Sat Apr 13 19:45:25 UTC 2024
l/imagemagick-7.1.1_29-x86_64-1.txz:  Upgraded.
  Revert to the previous ImageMagick because the latest one is destroying SVG
  files if "identify" or "display" is used on them.
  Thanks to pc2005.