| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
Ok jperkin
|
|
|
|
|
|
|
|
openSUSE Security Update: curl
______________________________________________________________________________
Announcement ID: openSUSE-SU-2014:1139-1
Rating: important
References: #894575 #895991
Cross-References: CVE-2014-3613 CVE-2014-3620
Affected Products:
openSUSE 13.1
openSUSE 12.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
libcurl was updated to fix security issues:
CVE-2014-3613: Cookies for hosts specified by numeric IP could be assigned
or used for other numeric IP hosts if portions of the numerics were the
same.
CVE-2014-3620: libcurl allowed cookies to be set for toplevel domains,
making them to broad.
|
|
openSUSE Security Update: glibc
______________________________________________________________________________
Announcement ID: openSUSE-SU-2014:1115-1
Rating: important
References: #887022 #892073 #894553
Cross-References: CVE-2014-0475 CVE-2014-5119 CVE-2014-6040
Affected Products:
openSUSE 13.1
openSUSE 12.3
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
glibc was updated to fix three security issues:
- A directory traversal in locale environment handling was fixed
(CVE-2014-0475, bnc#887022, GLIBC BZ #17137)
- Disable gconv transliteration module loading which could be used for
code execution (CVE-2014-5119, bnc#892073, GLIBC BZ #17187)
- Fix crashes on invalid input in IBM gconv modules (CVE-2014-6040,
bnc#894553, BZ #17325)
|
|
|
|
|
|
|
|
LibDsk is a library intended to give transparent access to floppy
drives and to the "disc image files" used by emulators to represent
floppy drives. It currently supports the following disc image
formats:
- Raw "dd if=foo of=bar" images;
- Raw images in logical filesystem order;
- CPCEMU-format .DSK images (normal and extended);
- CFI-format disc images, as produced by FDCOPY.COM;
- ApriDisk-format disc images;
- NanoWasp-format disc images, used by the eponymous emulator;
- Yaze 'ydsk' disc images, created by the 'yaze' emulators;
- Disc images created by Teledisk and CopyQM (read only);
- The floppy drive under Linux.
|
|
simulavr asks for libiberty.a.
With avr-gcc 4.5.3 and avr-binutils-2.23.2, binutils is installing
libiberty.a
But with new binutils-2.24, it won't install libiberty. Instead,
avr-gcc-4.8.3 will provied libiberty.
Makefile (of simulavr) now has pointer to PATH of libiberty now
as:
CONFIGURE_ARGS+= --with-libiberty=${PREFIX}/lib/gcc/avr
(Add patches)
patch-src_systemclock_cpp (rename from patch-src_systemclock.cpp)
patch-src_systemclock_h
patch-src_traceval_cpp
patch-src_traceval_h
clang flags as resize unresolved reference,
backport from git repository (as of 2013-09-15).
patch-examples_atmel_key_StdDefs_c Status: Locally Added
passing argument 1 of 'strlen' differ in signedness [-Wpointer-sign]
|
|
Changes:
- use flock() on disk images to avoid accidents
- improve gdb interface to treat CPUs as "threads"
- rework tty handling; now behaves when backgrounded
- change disk image names in sample config to match OS/161 usage
- rework timing code and fix bug with bogus large idle counts
- rework and retune main loop; much faster
- use more gcc warnings
|
|
|
|
______________________________________________________________________________
Announcement ID: openSUSE-SU-2014:0977-1
Rating: low
References: #886016 #888697
Cross-References: CVE-2014-4341 CVE-2014-4342 CVE-2014-4343
CVE-2014-4344
Affected Products:
openSUSE 13.1
openSUSE 12.3
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
The following security isses are fixed in this update:
CVE-2014-4341 CVE-2014-4342: denial of service flaws when handling RFC
1964 tokens (bnc#886016)
CVE-2014-4343 CVE-2014-4344: multiple flaws in SPNEGO (bnc#888697)
|
|
______________________________________________________________________________
Announcement ID: openSUSE-SU-2014:0978-1
Rating: moderate
References: #870855
Cross-References: CVE-2013-6369
Affected Products:
openSUSE 13.1
openSUSE 12.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
The following security issue is fixed in this update
- [bnc#870855] - CVE-2013-6369: jbigkit buffer overflow
|
|
______________________________________________________________________________
Announcement ID: openSUSE-SU-2014:1052-1
Rating: moderate
References: #890764 #890765 #890766 #890767 #890768 #890769
#890770 #890771 #890772
Cross-References: CVE-2014-3505 CVE-2014-3506 CVE-2014-3507
CVE-2014-3508 CVE-2014-3509 CVE-2014-3510
CVE-2014-3511 CVE-2014-3512 CVE-2014-5139
Affected Products:
openSUSE 13.1
openSUSE 12.3
______________________________________________________________________________
An update that fixes 9 vulnerabilities is now available.
Description:
This openssl update fixes the following security issues:
- openssl 1.0.1i
* Information leak in pretty printing functions (CVE-2014-3508)
* Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139)
* Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)
* Double Free when processing DTLS packets (CVE-2014-3505)
* DTLS memory exhaustion (CVE-2014-3506)
* DTLS memory leak from zero-length fragments (CVE-2014-3507)
* OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)
* OpenSSL TLS protocol downgrade attack (CVE-2014-3511)
* SRP buffer overrun (CVE-2014-3512)
|
|
|
|
Incompatible changes:
---------------------
The 82573L NIC was incorrectly treated as an 8254xx model. It no longer works correctly on either Linux (3.14.*) or Windows 7 and has been removed.
On x86, migration from QEMU 1.7 to QEMU 2.0 was broken if the guest had PCI bridges or for some number of CPUs (12, 13, 14, 54, 55, 56, 97, 98, 99, 139, 140) are the only ones). QEMU 2.1 fixes this, so that migration from QEMU 1.7 to QEMU 2.1 should always work. However, the fix breaks the following scenarios instead:
migration from QEMU 2.0 to QEMU 2.1 with PCI bridges and machine types pc-i440fx-1.7/pc-i440fx-2.0
migration from QEMU 2.0 to QEMU 2.1 with the aforementioned number of CPUs and machine type pc-i440fx-1.7
Future incompatible changes:
----------------------------
Three options are using different names on the command line and in configuration file. In particular:
The "acpi" configuration file section matches command-line option "acpitable";
The "boot-opts" configuration file section matches command-line option "boot";
The "smp-opts" configuration file section matches command-line option "smp".
Starting with QEMU xyz.jkl, -readconfig will standardize on the name for the command line option.
ARM
---
Firmware can be passed to the vexpress machine via -bios.
Improvements to Allwinner SoC emulation.
AArch64 TCG system emulation support.
AArch64 SHA and Crypto instruction support.
LM32
----
Support for semihosting.
Microblaze
----------
Support for u-boot initrd images.
MIPS
----
Support for KVM in the Malta board.
more...
|
|
Bump PKGREVISION.
|
|
Changes: the usual, better emulation for more systems.
|
|
Bump PKGREVISION.
openSUSE Security Update: dbus-1: fixes several issues
______________________________________________________________________________
Announcement ID: openSUSE-SU-2014:0926-1
Rating: moderate
References: #885241
Affected Products:
openSUSE 13.1
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
CVE-2014-3532 CVE-2014-3533 bnc#885241 fdo#80163 fdo#79694 fdo#80469
|
|
with minor changes to make them apply to 2.0.0. Bump PKGREVISION.
|
|
* Update EmuTOS image to 0.9.3
Changelog:
2013/04/12 - version 0.9.16 released @ atariada.cz
Major highlights of this release:
o JIT CPU compiler supported on 64-bit Linux and Mac OS X now!
(Jens made a miracle)
o MFPR FPU emulation should be perfect
(Andreas ironed out few remainings bugs)
o Ethernet support under Mac OS X should be way better
(Philipp added support for big packets and multi-packets)
o ARAnyM (with JIT?) now runs also on ARM platform driven by Linux
(is Jens planning on making a blazing fast ARAnyM on Android?)
o new config setting "LoadToFastRAM" to load kernel in FastRAM
(is Andreas working on fixing Linux-m68k issues in FastRAM?)
o David Gálvez improved NatFeat USB support (now requires FreeMiNT 1.17+)
There's also a small set of bugs fixed in this release - mainly in Mac OS X
thanks to Philipp but also some generic things like GPIP (Patrice).
|
|
|
|
|
|
|
|
Announcement ID: openSUSE-SU-2014:0821-1
Description:
dbus-1 was updated to fix a possible DoS (CVE-2014-3477).
Bump PKGREVISION.
|
|
Update fixes nine security issues
Announcement ID: openSUSE-SU-2014:0819-1
Description:
mozilla-nspr was updated to version 4.10.6 to fix one security issue:
* OOB write with sprintf and console functions (CVE-2014-1545)
Bump PKGREVISION.
|
|
Upstream changes (no English changelog):
20140607:
X11 dependent part:
Change filenames of config file and status files for xnp21 binary
built by --enable-build-all:
- config files
$(HOME)/.np2/np21rc
- status files
$(HOME)/.np2/sav/np21.sav
$(HOME)/.np2/sav/np21.s00 etc.
|
|
|
|
|
|
|
|
PDF, there's no point in building it, so disable TeX auto-detection.
|
|
|
|
openSUSE Security Update: openssl: update to version 1.0.1h
Description:
The openssl library was updated to version 1.0.1h fixing various security
issues and bugs:
Security issues fixed:
- CVE-2014-0224: Fix for SSL/TLS MITM flaw. An attacker using a carefully
crafted handshake can force the use of weak keying material in OpenSSL
SSL/TLS clients and servers.
- CVE-2014-0221: Fix DTLS recursion flaw. By sending an invalid DTLS
handshake to an OpenSSL DTLS client the code can be made to recurse
eventually crashing in a DoS attack.
- CVE-2014-0195: Fix DTLS invalid fragment vulnerability. A buffer
overrun attack can be triggered by sending invalid DTLS fragments to an
OpenSSL DTLS client or server. This is potentially exploitable to run
arbitrary code on a vulnerable client or server.
- CVE-2014-3470: Fix bug in TLS code where clients enable anonymous ECDH
ciphersuites are subject to a denial of service attack.
Bump PKGREVISION.
|
|
|
|
|
|
pkgsrc changes:
- remove xnp2-ia32 option
- always build both xnp2 (80286 core) and xnp21 (IA-32 core) binaries
Upstream changes (no English changelog):
- --enable-build-all option to configure that enables to build
both 80286 core and IA-32 core binaries is added
(per my request, thanks nonaka@)
|
|
expired (about 10 years ago).
Unconditionally switch to libgif.
As discussed on tech-pkg without dissent.
Bump PKGREVISION.
|
|
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
|
|
libxml2, python-libxml2: Prevent external entities from being loaded
Description:
Updated fix for openSUSE-SU-2014:0645-1 because of a regression that
caused xmllint to break.
Bump PKGREVISION.
|
|
|
|
|
|
|
|
libXfont: Fixed multiple vulnerabilities
An update that fixes three vulnerabilities is now available.
Description:
libxfont was updated to fix multiple vulnerabilities:
- Integer overflow of allocations in font metadata file parsing
(CVE-2014-0209).
- Unvalidated length fields when parsing xfs protocol replies
(CVE-2014-0210).
- Integer overflows calculating memory needs for xfs replies
(CVE-2014-0211).
These vulnerabilities could be used by a local, authenticated user to
raise privileges
or by a remote attacker with control of the font server to execute code
with the privileges of the X server.
|
|
Fixes big-endian runtime failure, PR pkg/48823.
Bump PKGREVISION.
|
|
|
|
|
