a/bash-4.4.018-arm-1.txz

ap/cups-filters-1.20.0-arm-1.txz

ap/mariadb-10.2.12-arm-1.txz

d/gdb-8.1-arm-1.txz

l/dbus-glib-0.110-arm-1.txz

l/harfbuzz-1.7.5-arm-1.txz

l/libdvdnav-6.0.0-arm-1.txz

l/libdvdread-6.0.0-arm-1.txz

l/sip-4.19.7-arm-1.txz

n/dhcp-4.4.0-arm-1.txz

n/dovecot-2.3.0-arm-1.txz

n/postfix-3.2.5-arm-1.txz

n/rsync-3.1.3-arm-1.txz
This update fixes two security issues:
Fixed a buffer overrun in the protocol's handling of xattr names and
ensure that the received name is null terminated.
Fix an issue with –protect-args where the user could specify the arg in
the protected-arg list and short-circuit some of the arg-sanitizing code.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16548
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5764
(* Security fix *)

x/libevdev-1.5.8-arm-1.txz

d/perl-5.26.1-arm-2.txz
Removed dangling c2ph symlinks. Thanks to Tim Thomas.
Updated to DBD-mysql-4.044, DBI-1.640, URI-1.73, and libnet-3.11.

l/libunwind-1.2.1-arm-2.txz
Removed dangling .a symlink. Thanks to Tim Thomas.