Age | Commit message (Collapse) | Author | Files | Lines |
|
Changes: the usual, better emulation for more systems.
|
|
Bump PKGREVISION.
openSUSE Security Update: dbus-1: fixes several issues
______________________________________________________________________________
Announcement ID: openSUSE-SU-2014:0926-1
Rating: moderate
References: #885241
Affected Products:
openSUSE 13.1
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
CVE-2014-3532 CVE-2014-3533 bnc#885241 fdo#80163 fdo#79694 fdo#80469
|
|
with minor changes to make them apply to 2.0.0. Bump PKGREVISION.
|
|
* Update EmuTOS image to 0.9.3
Changelog:
2013/04/12 - version 0.9.16 released @ atariada.cz
Major highlights of this release:
o JIT CPU compiler supported on 64-bit Linux and Mac OS X now!
(Jens made a miracle)
o MFPR FPU emulation should be perfect
(Andreas ironed out few remainings bugs)
o Ethernet support under Mac OS X should be way better
(Philipp added support for big packets and multi-packets)
o ARAnyM (with JIT?) now runs also on ARM platform driven by Linux
(is Jens planning on making a blazing fast ARAnyM on Android?)
o new config setting "LoadToFastRAM" to load kernel in FastRAM
(is Andreas working on fixing Linux-m68k issues in FastRAM?)
o David Gálvez improved NatFeat USB support (now requires FreeMiNT 1.17+)
There's also a small set of bugs fixed in this release - mainly in Mac OS X
thanks to Philipp but also some generic things like GPIP (Patrice).
|
|
|
|
|
|
|
|
Announcement ID: openSUSE-SU-2014:0821-1
Description:
dbus-1 was updated to fix a possible DoS (CVE-2014-3477).
Bump PKGREVISION.
|
|
Update fixes nine security issues
Announcement ID: openSUSE-SU-2014:0819-1
Description:
mozilla-nspr was updated to version 4.10.6 to fix one security issue:
* OOB write with sprintf and console functions (CVE-2014-1545)
Bump PKGREVISION.
|
|
Upstream changes (no English changelog):
20140607:
X11 dependent part:
Change filenames of config file and status files for xnp21 binary
built by --enable-build-all:
- config files
$(HOME)/.np2/np21rc
- status files
$(HOME)/.np2/sav/np21.sav
$(HOME)/.np2/sav/np21.s00 etc.
|
|
|
|
|
|
|
|
PDF, there's no point in building it, so disable TeX auto-detection.
|
|
|
|
openSUSE Security Update: openssl: update to version 1.0.1h
Description:
The openssl library was updated to version 1.0.1h fixing various security
issues and bugs:
Security issues fixed:
- CVE-2014-0224: Fix for SSL/TLS MITM flaw. An attacker using a carefully
crafted handshake can force the use of weak keying material in OpenSSL
SSL/TLS clients and servers.
- CVE-2014-0221: Fix DTLS recursion flaw. By sending an invalid DTLS
handshake to an OpenSSL DTLS client the code can be made to recurse
eventually crashing in a DoS attack.
- CVE-2014-0195: Fix DTLS invalid fragment vulnerability. A buffer
overrun attack can be triggered by sending invalid DTLS fragments to an
OpenSSL DTLS client or server. This is potentially exploitable to run
arbitrary code on a vulnerable client or server.
- CVE-2014-3470: Fix bug in TLS code where clients enable anonymous ECDH
ciphersuites are subject to a denial of service attack.
Bump PKGREVISION.
|
|
|
|
|
|
pkgsrc changes:
- remove xnp2-ia32 option
- always build both xnp2 (80286 core) and xnp21 (IA-32 core) binaries
Upstream changes (no English changelog):
- --enable-build-all option to configure that enables to build
both 80286 core and IA-32 core binaries is added
(per my request, thanks nonaka@)
|
|
expired (about 10 years ago).
Unconditionally switch to libgif.
As discussed on tech-pkg without dissent.
Bump PKGREVISION.
|
|
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
|
|
libxml2, python-libxml2: Prevent external entities from being loaded
Description:
Updated fix for openSUSE-SU-2014:0645-1 because of a regression that
caused xmllint to break.
Bump PKGREVISION.
|
|
|
|
|
|
|
|
libXfont: Fixed multiple vulnerabilities
An update that fixes three vulnerabilities is now available.
Description:
libxfont was updated to fix multiple vulnerabilities:
- Integer overflow of allocations in font metadata file parsing
(CVE-2014-0209).
- Unvalidated length fields when parsing xfs protocol replies
(CVE-2014-0210).
- Integer overflows calculating memory needs for xfs replies
(CVE-2014-0211).
These vulnerabilities could be used by a local, authenticated user to
raise privileges
or by a remote attacker with control of the font server to execute code
with the privileges of the X server.
|
|
Fixes big-endian runtime failure, PR pkg/48823.
Bump PKGREVISION.
|
|
|
|
|
|
easier.
|
|
of "man".
|
|
|
|
python3, since the default changed from python33 to python34.
I probably bumped too many. I hope I got them all.
|
|
|
|
|
|
Congratulations.
Bump PKGREVISION.
|
|
alsa-oss: bugfix update
Description:
The ALSA OSS plugin was updated to fix bugs:
- Fix for dmix with unaligned sample rate:
- Revert patch 0001-Fix-path-to-libaoss.so.patch, as this
causes regressions on multi-arch (bnc#874331)
Bump PKGREVISION.
|
|
libxml2
Description:
- fix for CVE-2014-0191 (bnc#876652)
* libxml2: external parameter entity loaded when entity substitution is
disabled
* added libxml2-CVE-2014-0191.patch
Bump PKGREVISION.
|
|
update for openssl
Description:
- Fixed bug[ bnc#876282], CVE-2014-0198 openssl: OpenSSL NULL pointer
dereference in do_ssl3_write Add file: CVE-2014-0198.patch
Bump PKGREVISION.
|
|
until proven otherwise.
|
|
update for libpng12
Description:
This libpng12 update fixes the following two security
issues.
- bnc#873123: Fixed integer overflow leading to a
heap-based buffer overflow in png_set_sPLT() and
png_set_text_2() (CVE-2013-7354).
- bnc#873124: Fixed integer overflow leading to a
heap-based buffer overflow in png_set_unknown_chunks()
(CVE-2013-7353).
Bump PKGREVISION.
|
|
|
|
|
|
|
|
Fix PR pkg/48777
|
|
|
|
update for MozillaFirefox
Description:
This is also a mozilla-nss update to version 3.16:
* required for Firefox 29
* bmo#903885 - (CVE-2014-1492) In a wildcard certificate,
the wildcard character should not be embedded within
the U-label of an internationalized domain name. See
the last bullet point in RFC 6125, Section 7.2.
* Supports the Linux x32 ABI. To build for the Linux x32
target, set the environment variable USE_X32=1 when
building NSS. New Functions:
* NSS_CMSSignerInfo_Verify New Macros
* TLS_RSA_WITH_RC4_128_SHA,
TLS_RSA_WITH_3DES_EDE_CBC_SHA, etc., cipher suites that
were first defined in SSL 3.0 can now be referred to
with their official IANA names in TLS, with the TLS_
prefix. Previously, they had to be referred to with
their names in SSL 3.0, with the SSL_ prefix. Notable
Changes:
* ECC is enabled by default. It is no longer necessary to
set the environment variable NSS_ENABLE_ECC=1 when
building NSS. To disable ECC, set the environment
variable NSS_DISABLE_ECC=1 when building NSS.
* libpkix should not include the common name of CA as DNS
names when evaluating name constraints.
* AESKeyWrap_Decrypt should not return SECSuccess for
invalid keys.
* Fix a memory corruption in sec_pkcs12_new_asafe.
* If the NSS_SDB_USE_CACHE environment variable is set,
skip the runtime test sdb_measureAccess.
* The built-in roots module has been updated to version
1.97, which adds, removes, and distrusts several
certificates.
* The atob utility has been improved to automatically
ignore lines of text that aren't in base64 format.
* The certutil utility has been improved to support
creation of version 1 and version 2 certificates, in
addition to the existing version 3 support.
Bump PKGREVISION.
|
|
update for curl
Description:
This curl update fixes two security issues:
- bnc#868627: Fixed wrong re-use of connections
(CVE-2014-0138).
- bnc#868629: Fixed IP address wildcard certificate
validation (CVE-2014-0139).
Bump PKGREVISION.
|
|
OpenSSL: Fixed a use-after-free race condition in OpenSSL's read buffer.
Description:
A use-after-free race condition in OpenSSL's read buffer
was fixed that could cause connections to drop
(CVE-2010-5298).
Bump PKGREVISION.
|
|
|