| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Changes:
- use flock() on disk images to avoid accidents
- improve gdb interface to treat CPUs as "threads"
- rework tty handling; now behaves when backgrounded
- change disk image names in sample config to match OS/161 usage
- rework timing code and fix bug with bogus large idle counts
- rework and retune main loop; much faster
- use more gcc warnings
|
|
|
|
______________________________________________________________________________
Announcement ID: openSUSE-SU-2014:0977-1
Rating: low
References: #886016 #888697
Cross-References: CVE-2014-4341 CVE-2014-4342 CVE-2014-4343
CVE-2014-4344
Affected Products:
openSUSE 13.1
openSUSE 12.3
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
The following security isses are fixed in this update:
CVE-2014-4341 CVE-2014-4342: denial of service flaws when handling RFC
1964 tokens (bnc#886016)
CVE-2014-4343 CVE-2014-4344: multiple flaws in SPNEGO (bnc#888697)
|
|
______________________________________________________________________________
Announcement ID: openSUSE-SU-2014:0978-1
Rating: moderate
References: #870855
Cross-References: CVE-2013-6369
Affected Products:
openSUSE 13.1
openSUSE 12.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
The following security issue is fixed in this update
- [bnc#870855] - CVE-2013-6369: jbigkit buffer overflow
|
|
______________________________________________________________________________
Announcement ID: openSUSE-SU-2014:1052-1
Rating: moderate
References: #890764 #890765 #890766 #890767 #890768 #890769
#890770 #890771 #890772
Cross-References: CVE-2014-3505 CVE-2014-3506 CVE-2014-3507
CVE-2014-3508 CVE-2014-3509 CVE-2014-3510
CVE-2014-3511 CVE-2014-3512 CVE-2014-5139
Affected Products:
openSUSE 13.1
openSUSE 12.3
______________________________________________________________________________
An update that fixes 9 vulnerabilities is now available.
Description:
This openssl update fixes the following security issues:
- openssl 1.0.1i
* Information leak in pretty printing functions (CVE-2014-3508)
* Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139)
* Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)
* Double Free when processing DTLS packets (CVE-2014-3505)
* DTLS memory exhaustion (CVE-2014-3506)
* DTLS memory leak from zero-length fragments (CVE-2014-3507)
* OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)
* OpenSSL TLS protocol downgrade attack (CVE-2014-3511)
* SRP buffer overrun (CVE-2014-3512)
|
|
|
|
Incompatible changes:
---------------------
The 82573L NIC was incorrectly treated as an 8254xx model. It no longer works correctly on either Linux (3.14.*) or Windows 7 and has been removed.
On x86, migration from QEMU 1.7 to QEMU 2.0 was broken if the guest had PCI bridges or for some number of CPUs (12, 13, 14, 54, 55, 56, 97, 98, 99, 139, 140) are the only ones). QEMU 2.1 fixes this, so that migration from QEMU 1.7 to QEMU 2.1 should always work. However, the fix breaks the following scenarios instead:
migration from QEMU 2.0 to QEMU 2.1 with PCI bridges and machine types pc-i440fx-1.7/pc-i440fx-2.0
migration from QEMU 2.0 to QEMU 2.1 with the aforementioned number of CPUs and machine type pc-i440fx-1.7
Future incompatible changes:
----------------------------
Three options are using different names on the command line and in configuration file. In particular:
The "acpi" configuration file section matches command-line option "acpitable";
The "boot-opts" configuration file section matches command-line option "boot";
The "smp-opts" configuration file section matches command-line option "smp".
Starting with QEMU xyz.jkl, -readconfig will standardize on the name for the command line option.
ARM
---
Firmware can be passed to the vexpress machine via -bios.
Improvements to Allwinner SoC emulation.
AArch64 TCG system emulation support.
AArch64 SHA and Crypto instruction support.
LM32
----
Support for semihosting.
Microblaze
----------
Support for u-boot initrd images.
MIPS
----
Support for KVM in the Malta board.
more...
|
|
Bump PKGREVISION.
|
|
Changes: the usual, better emulation for more systems.
|
|
Bump PKGREVISION.
openSUSE Security Update: dbus-1: fixes several issues
______________________________________________________________________________
Announcement ID: openSUSE-SU-2014:0926-1
Rating: moderate
References: #885241
Affected Products:
openSUSE 13.1
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
CVE-2014-3532 CVE-2014-3533 bnc#885241 fdo#80163 fdo#79694 fdo#80469
|
|
with minor changes to make them apply to 2.0.0. Bump PKGREVISION.
|
|
* Update EmuTOS image to 0.9.3
Changelog:
2013/04/12 - version 0.9.16 released @ atariada.cz
Major highlights of this release:
o JIT CPU compiler supported on 64-bit Linux and Mac OS X now!
(Jens made a miracle)
o MFPR FPU emulation should be perfect
(Andreas ironed out few remainings bugs)
o Ethernet support under Mac OS X should be way better
(Philipp added support for big packets and multi-packets)
o ARAnyM (with JIT?) now runs also on ARM platform driven by Linux
(is Jens planning on making a blazing fast ARAnyM on Android?)
o new config setting "LoadToFastRAM" to load kernel in FastRAM
(is Andreas working on fixing Linux-m68k issues in FastRAM?)
o David Gálvez improved NatFeat USB support (now requires FreeMiNT 1.17+)
There's also a small set of bugs fixed in this release - mainly in Mac OS X
thanks to Philipp but also some generic things like GPIP (Patrice).
|
|
|
|
|
|
|
|
Announcement ID: openSUSE-SU-2014:0821-1
Description:
dbus-1 was updated to fix a possible DoS (CVE-2014-3477).
Bump PKGREVISION.
|
|
Update fixes nine security issues
Announcement ID: openSUSE-SU-2014:0819-1
Description:
mozilla-nspr was updated to version 4.10.6 to fix one security issue:
* OOB write with sprintf and console functions (CVE-2014-1545)
Bump PKGREVISION.
|
|
Upstream changes (no English changelog):
20140607:
X11 dependent part:
Change filenames of config file and status files for xnp21 binary
built by --enable-build-all:
- config files
$(HOME)/.np2/np21rc
- status files
$(HOME)/.np2/sav/np21.sav
$(HOME)/.np2/sav/np21.s00 etc.
|
|
|
|
|
|
|
|
PDF, there's no point in building it, so disable TeX auto-detection.
|
|
|
|
openSUSE Security Update: openssl: update to version 1.0.1h
Description:
The openssl library was updated to version 1.0.1h fixing various security
issues and bugs:
Security issues fixed:
- CVE-2014-0224: Fix for SSL/TLS MITM flaw. An attacker using a carefully
crafted handshake can force the use of weak keying material in OpenSSL
SSL/TLS clients and servers.
- CVE-2014-0221: Fix DTLS recursion flaw. By sending an invalid DTLS
handshake to an OpenSSL DTLS client the code can be made to recurse
eventually crashing in a DoS attack.
- CVE-2014-0195: Fix DTLS invalid fragment vulnerability. A buffer
overrun attack can be triggered by sending invalid DTLS fragments to an
OpenSSL DTLS client or server. This is potentially exploitable to run
arbitrary code on a vulnerable client or server.
- CVE-2014-3470: Fix bug in TLS code where clients enable anonymous ECDH
ciphersuites are subject to a denial of service attack.
Bump PKGREVISION.
|
|
|
|
|
|
pkgsrc changes:
- remove xnp2-ia32 option
- always build both xnp2 (80286 core) and xnp21 (IA-32 core) binaries
Upstream changes (no English changelog):
- --enable-build-all option to configure that enables to build
both 80286 core and IA-32 core binaries is added
(per my request, thanks nonaka@)
|
|
expired (about 10 years ago).
Unconditionally switch to libgif.
As discussed on tech-pkg without dissent.
Bump PKGREVISION.
|
|
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
|
|
libxml2, python-libxml2: Prevent external entities from being loaded
Description:
Updated fix for openSUSE-SU-2014:0645-1 because of a regression that
caused xmllint to break.
Bump PKGREVISION.
|
|
|
|
|
|
|
|
libXfont: Fixed multiple vulnerabilities
An update that fixes three vulnerabilities is now available.
Description:
libxfont was updated to fix multiple vulnerabilities:
- Integer overflow of allocations in font metadata file parsing
(CVE-2014-0209).
- Unvalidated length fields when parsing xfs protocol replies
(CVE-2014-0210).
- Integer overflows calculating memory needs for xfs replies
(CVE-2014-0211).
These vulnerabilities could be used by a local, authenticated user to
raise privileges
or by a remote attacker with control of the font server to execute code
with the privileges of the X server.
|
|
Fixes big-endian runtime failure, PR pkg/48823.
Bump PKGREVISION.
|
|
|
|
|
|
easier.
|
|
of "man".
|
|
|
|
python3, since the default changed from python33 to python34.
I probably bumped too many. I hope I got them all.
|
|
|
|
|
|
Congratulations.
Bump PKGREVISION.
|
|
alsa-oss: bugfix update
Description:
The ALSA OSS plugin was updated to fix bugs:
- Fix for dmix with unaligned sample rate:
- Revert patch 0001-Fix-path-to-libaoss.so.patch, as this
causes regressions on multi-arch (bnc#874331)
Bump PKGREVISION.
|
|
libxml2
Description:
- fix for CVE-2014-0191 (bnc#876652)
* libxml2: external parameter entity loaded when entity substitution is
disabled
* added libxml2-CVE-2014-0191.patch
Bump PKGREVISION.
|
|
update for openssl
Description:
- Fixed bug[ bnc#876282], CVE-2014-0198 openssl: OpenSSL NULL pointer
dereference in do_ssl3_write Add file: CVE-2014-0198.patch
Bump PKGREVISION.
|
|
until proven otherwise.
|
|
update for libpng12
Description:
This libpng12 update fixes the following two security
issues.
- bnc#873123: Fixed integer overflow leading to a
heap-based buffer overflow in png_set_sPLT() and
png_set_text_2() (CVE-2013-7354).
- bnc#873124: Fixed integer overflow leading to a
heap-based buffer overflow in png_set_unknown_chunks()
(CVE-2013-7353).
Bump PKGREVISION.
|
|
|
