| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Changes: https://gitlab.freedesktop.org/xorg/xserver/-/compare/47d331746...102764b68
(cherry picked from commit a588833d5ee02efd3954440c6d168ac35fa331e4)
|
|
|
|
|
|
| |
Security: 6601c08d-a46c-11ec-8be6-d4c9ef517024
MFH: 2022Q1
(cherry picked from commit 2f6e31015256b03b53ae2890fc427e6355256028)
|
|
|
|
|
|
|
| |
PR: 258599
Reported by: pkubaj
(cherry picked from commit 26b2984ebe7ae384565c6ae763c5db5679111646)
|
|
|
|
|
| |
Changes: https://gitlab.freedesktop.org/mesa/mesa/-/compare/d65dbe80189...2170c3ac630
(cherry picked from commit 812a57dbcabf9835dce0e198718348ed5e989995)
|
|
|
|
| |
(cherry picked from commit 50151d51817b7924697ec69c81a3fd878d487060)
|
|
|
|
|
| |
Changes: https://github.com/yuzu-emu/yuzu/compare/5c74dd646...cd07a4372
(cherry picked from commit 339cebb1d14e754e8fa421d8e4d7ce94514b5d4d)
|
|
|
|
|
|
|
| |
Changes: https://github.com/mikf/gallery-dl/releases/tag/v1.21.0
Reported by: GitHub (watch releases)
(cherry picked from commit 5cdb485a9ac40c6200eb8cd702e205248d2fd4be)
|
|
|
|
|
|
|
| |
PR: 262134
Reported by: Robert Clausecker <fuz@fuz.su>
(cherry picked from commit d7347075f1ecaf154d4226c186db09a9115bcbc2)
|
|
|
|
| |
(cherry picked from commit 781318579368033bdeafa477b22e3b1e1576fb6e)
|
|
|
|
|
|
|
|
|
| |
While HEAD was already pushed with latest, 7.3 branch of LibreOffice suite,
we're announcing LibreOffice 7.2.6, with 50+ bugfixes, to the quarterly users.
Read more: https://blog.documentfoundation.org/blog/2022/03/10/announcement-of-libreoffice-7-2-6-community/
Sponsored by: Netzkommune GmbH
|
|
|
|
|
|
|
| |
Release Notes (soon):
https://www.mozilla.org/en-US/firefox/91.7.1/releasenotes/
(cherry picked from commit c3bc75bcf3ea8da93ed22fb9d80c4dd726f71f33)
|
|
|
|
|
|
|
| |
Release Notes (soon):
https://www.mozilla.org/en-US/firefox/98.0.1/releasenotes/
(cherry picked from commit 6754a2e0272a71b1ffa17913b2a5ef547593f148)
|
|
|
|
|
|
|
|
|
| |
Details:
- Mostly fixes, see
https://github.com/zellij-org/zellij/releases/tag/v0.26.0
MFH: 2022Q1
(cherry picked from commit 4af7e0dd2431570bd3822b4f1b8ffb76d12e8eb4)
|
|
|
|
|
| |
Changes: https://gitlab.freedesktop.org/mesa/mesa/-/compare/45770ac286b...d65dbe80189
(cherry picked from commit d09582c49c48aae66f8b5c9b8fde4ac27e96d6ba)
|
|
|
|
|
| |
Changes: https://github.com/yuzu-emu/yuzu/compare/6f670381c...5c74dd646
(cherry picked from commit 3518c83fe8dbbd40455f04a38792fc66017dd74f)
|
|
|
|
|
| |
Changes: https://gitlab.freedesktop.org/xorg/xserver/-/compare/6ad6517a7...47d331746
(cherry picked from commit fd333ec197c392f60962986c426d8a16332fca49)
|
|
|
|
|
|
| |
Sponsored by: Rubicon Communications, LLC ("Netgate")
(cherry picked from commit e463b285db609a9e7161db8401352a83ab095381)
|
|
|
|
|
|
|
|
| |
swapoff was MFC'd Dec 20th to stable/13, pull in changes to fix that.
Sponsored by: Netflix
(cherry picked from commit 4617d31a41ea3958798db6157b994c5cf666f0d4)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The swapoff(2) syscall recently changed from taking a single
argument to taking two (adding a field used for a "force" flag);
this broke qemu-user, since it translates system calls from
guest to host architecture.
Thanks to: imp
With hat: re@
Sponsored by: https://www.patreon.com/cperciva
(cherry picked from commit 688bd028652dc3c6bfe606fd690359060bbd949d)
|
|
|
|
| |
(cherry picked from commit 6e7868010f1b392ae94397db8f64b8c6b9a85d40)
|
|
|
|
| |
(cherry picked from commit 34c4b7ca124a03d9e77164a92a592849bc8a7f93)
|
|
|
|
|
|
|
|
| |
Changes: https://github.com/Alexays/Waybar/releases/tag/0.9.11
Changes: https://github.com/Alexays/Waybar/releases/tag/0.9.12
Reported by: GitHub (watch releases)
(cherry picked from commit 9f4fb0777e6c5b25be9bedab80281ea5a1a0ba8c)
|
|
|
|
|
|
|
| |
Changes: https://github.com/swaywm/swaybg/releases/tag/v1.1.1
Reported by: GitHub (watch releases)
(cherry picked from commit 0bbb30284d11e451d186951cff9039ce781f2c66)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From [1]:
Release 2.4.7 Fri March 4 2022
Bug fixes:
#572 #577 Relax fix to CVE-2022-25236 (introduced with release 2.4.5)
with regard to all valid URI characters (RFC 3986),
i.e. the following set (excluding whitespace):
ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz
0123456789 % -._~ :/?#[]@ !$&'()*+,;=
Other changes:
#555 #570 #581 CMake|Windows: Store Expat version in the DLL
#577 Document consequences of namespace separator choices not just
in doc/reference.html but also in header <expat.h>
#577 Document Expat's lack of validation of namespace URIs against
RFC 3986, and that the XML 1.0r4 specification doesn't
require Expat to validate namespace URIs, and that Expat
may do more in that regard in future releases.
If you find need for strict RFC 3986 URI validation on
application level today, https://uriparser.github.io/ may
be of interest.
#579 Fix documentation of XML_EndDoctypeDeclHandler in <expat.h>
#575 Document that a call to XML_FreeContentModel can be done at
a later time from outside the element declaration handler
#574 Make hardcoded namespace URIs easier to find in code
#573 Update documentation on use of XML_POOR_ENTOPY on Solaris
#569 #571 tests: Resolve use of macros NAN and INFINITY for GNU G++
4.8.2 on Solaris.
#578 #580 Version info bumped from 9:6:8 to 9:7:8;
see https://verbump.de/ for what these numbers do
Special thanks to:
Jeffrey Walton
Johnny Jazeix
Thijs Schreijer
Release 2.4.6 Sun February 20 2022
Bug fixes:
#566 Fix a regression introduced by the fix for CVE-2022-25313
in release 2.4.5 that affects applications that (1)
call function XML_SetElementDeclHandler and (2) are
parsing XML that contains nested element declarations
(e.g. "<!ELEMENT junk ((bar|foo|xyz+), zebra*)>").
Other changes:
#567 #568 Version info bumped from 9:5:8 to 9:6:8;
see https://verbump.de/ for what these numbers do
Special thanks to:
Matt Sergeant
Samanta Navarro
Sergei Trofimovich
and
NixOS
Perl XML::Parser
Release 2.4.5 Fri February 18 2022
Security fixes:
#562 CVE-2022-25235 -- Passing malformed 2- and 3-byte UTF-8
sequences (e.g. from start tag names) to the XML
processing application on top of Expat can cause
arbitrary damage (e.g. code execution) depending
on how invalid UTF-8 is handled inside the XML
processor; validation was not their job but Expat's.
Exploits with code execution are known to exist.
#561 CVE-2022-25236 -- Passing (one or more) namespace separator
characters in "xmlns[:prefix]" attribute values
made Expat send malformed tag names to the XML
processor on top of Expat which can cause
arbitrary damage (e.g. code execution) depending
on such unexpectable cases are handled inside the XML
processor; validation was not their job but Expat's.
Exploits with code execution are known to exist.
#558 CVE-2022-25313 -- Fix stack exhaustion in doctype parsing
that could be triggered by e.g. a 2 megabytes
file with a large number of opening braces.
Expected impact is denial of service or potentially
arbitrary code execution.
#560 CVE-2022-25314 -- Fix integer overflow in function copyString;
only affects the encoding name parameter at parser creation
time which is often hardcoded (rather than user input),
takes a value in the gigabytes to trigger, and a 64-bit
machine. Expected impact is denial of service.
#559 CVE-2022-25315 -- Fix integer overflow in function storeRawNames;
needs input in the gigabytes and a 64-bit machine.
Expected impact is denial of service or potentially
arbitrary code execution.
Other changes:
#557 #564 Version info bumped from 9:4:8 to 9:5:8;
see https://verbump.de/ for what these numbers do
Special thanks to:
Ivan Fratric
Samanta Navarro
and
Google Project Zero
JetBrains
[1] Changelog:
https://github.com/libexpat/libexpat/blob/R_2_4_7/expat/Changes
Exp-run by: antoine
PR: 262381
Security: CVE-2022-25235
Security: CVE-2022-25236
Security: CVE-2022-25313
Security: CVE-2022-25314
Security: CVE-2022-25315
(cherry picked from commit 5a4db4dfb5abda7978bcb9cb146cd6e74725e43e)
|
|
|
|
|
| |
Changes: https://gitlab.freedesktop.org/mesa/mesa/-/compare/4a03619d811...45770ac286b
(cherry picked from commit 159bf5bb4c5952b3dce73d2c0aa7b2ff83bbd430)
|
|
|
|
|
| |
Changes: https://github.com/yuzu-emu/yuzu/compare/58b52f488...6f670381c
(cherry picked from commit d97f404a30b8d8f69bde2a475ca1e7028aa9c0f5)
|
|
|
|
| |
(cherry picked from commit 117177cea6786f0a76a588c458de10690d521a70)
|
|
|
|
|
|
|
|
|
|
|
| |
Changes:
Fix a theoretical memory corruption during authentication if the
process runs out of memory. The server does not do much memory
allocation prior to authentication, this is mostly academic.
MFH: 2022Q1
(cherry picked from commit 6e7811fdeb3bcae3f7ce64f650a44601b2bf17e3)
|
|
|
|
|
|
| |
src/meson.build:53:0: ERROR: Invalid version of dependency, need 'gtk4' ['>=4.6.1'] found '4.4.1'.
Reported by: pkg-fallout
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
=> Fetched file size mismatch (expected 5526, actual 5534)
-index 4c0827cc..4f32f9cf 100644
+index 4c0827cc7..4f32f9cfa 100644
-index bf6d4201..d3639911 100644
+index bf6d42019..d36399117 100644
-index 9c456c2f..e183d2e7 100644
+index 9c456c2f0..e183d2e72 100644
-index 00000000..b04b2b1c
+index 000000000..b04b2b1c8
Reported by: pkg-fallout
|
|
|
|
| |
(cherry picked from commit eb5c9adba6c99b971b7eb61af7bcb3f5c2388754)
|
|
|
|
|
| |
Changes: https://gitlab.freedesktop.org/mesa/mesa/-/compare/ba18799ca12...4a03619d811
(cherry picked from commit 407017962fff78e330f0367988eeee056c3826cf)
|
|
|
|
|
|
| |
Adapt https://github.com/oneapi-src/oneVPL/commit/60ba33f7a618
(cherry picked from commit 5245d86b5ca77f6845a080add15c9b54a2ae9a0b)
|
|
|
|
|
| |
Changes: https://github.com/yuzu-emu/yuzu/compare/a31c19574...58b52f488
(cherry picked from commit d667539c2706e1a0de0187255e09e8f9ca66acfb)
|
|
|
|
|
|
|
|
| |
Changes: https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/W13LB93wep4
Changes: https://hg.mozilla.org/projects/nss/shortlog/NSS_3_76_RTM
Reported by: Repology
(cherry picked from commit 932a4a5fb1d16633044a7d38e7a234d212884160)
|
|
|
|
|
|
|
| |
Release Notes (soon):
https://www.thunderbird.net/en-US/thunderbird/91.7.0/releasenotes/
(cherry picked from commit 238fc3b1f0ac546880510028a59643bab8c32d42)
|
|
|
|
|
|
|
| |
PR: 262341
Security: CVE-2020-5248
MFH: 2022Q1
(cherry picked from commit 2bb33dbf6636d76fc32c69536342d018f368fafd)
|
|
|
|
|
|
|
| |
Use ar, nm, and readelf from base LLVM, drop build dependency
on devel/binutils port. Bump PORTREVISION.
(cherry picked from commit 189d2aa322672e82c9f0604c64766c3fa60a7bdd)
|
|
|
|
|
|
|
|
|
|
| |
Bank data is valid from 2022-03-07 - 2022-06-05.
Update check digit calculation for methods 45, B1, and C2.
Add check digit caluclation for method E4.
MFH: 2022Q1
(cherry picked from commit 9b1fe5df80c20028de9847767cf144595ffa4ba7)
(cherry picked from commit be1d9733d1258d1f1565412164f2844e3bd26679)
|
|
|
|
|
|
|
| |
Changes: https://github.com/oneapi-src/oneVPL/compare/v2022.0.5...v2022.0.6
Reported by: Repology
(cherry picked from commit e1dfb1b154e482225e460bc996c124038e64e976)
|
|
|
|
|
|
|
| |
Changes: https://github.com/celluloid-player/celluloid/releases/tag/v0.23
Reported by: GitHub (watch releases)
(cherry picked from commit 13e69fd1eeb160b67d00e65be584a54cbf1a307b)
|
|
|
|
|
|
|
|
| |
../src/celluloid-video-area.c:28:10: fatal error: 'gdk/x11/gdkx.h' file not found
#include <gdk/x11/gdkx.h>
^~~~~~~~~~~~~~~~
(cherry picked from commit 492fe7fbe48b568258866d01863de5eb0216b513)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BREAKING CHANGES:
* Bump wolfSSL minimum required version to 5.1.1 to pull in security fix.
FIXES:
* When using wolfSSL 5.0.0, work around a bug that appears to hit wolfSSL when
receiving handshake records while still in SSL_peek(). Workaround is to read
1 byte and cache it, then call SSL_peek() again.
This affects only some servers. https://github.com/wolfSSL/wolfssl/issues/4593
TRANSLATIONS: language translations were updated by this fine people:
* es: Cristian Othón Martínez Vera [Spanish]
* ro: Remus-Gabriel Chelu [Romanian]
* sr: Мирослав Николић (Miroslav Nikolić) [Serbian]
MFH: 2022Q1
PR: 262362
Approved by: Corey Halpin (maintainer)
(cherry picked from commit e1839db543a7d79daf9e6728a783714cdcbccafe)
|
|
|
|
|
|
|
| |
Changes: https://github.com/Alexays/Waybar/releases/tag/0.9.10
Reported by: GitHub (watch releases)
(cherry picked from commit 23533e1c1213777ad1da76d5cb2d6f0d4a42c19e)
|
|
|
|
| |
(cherry picked from commit a2d7d40ebef0a0d0860d81be569c42eca27ccc8a)
|
|
|
|
| |
(cherry picked from commit b3e4ac879d4026a18d671b345867d9f640705a7c)
|
|
|
|
| |
(cherry picked from commit d8e2f9a0e8e618110c4539de4d24f9eeb1852851)
|
|
|
|
|
|
|
|
| |
PR: 262365
Reported by: o.hushchenkov@gmail.com
Tested by: o.hushchenkov@gmail.com
(cherry picked from commit fd50b0334df1c720befc62ae613bfa8862efb336)
|
|
|
|
|
|
|
| |
Changes: https://github.com/francma/wob/releases/tag/0.13
Reported by: GitHub (watch releases)
(cherry picked from commit 84cbe38c93acb703362c0c681e777f5aa47f8afa)
|
|
|
|
|
| |
Changes: https://gitlab.freedesktop.org/mesa/mesa/-/compare/d2e498b6a5d...ba18799ca12
(cherry picked from commit 9f6d2b33b7248b1968ad5ad0e4b3915326b78353)
|