diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2023-04-25 21:20:19 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2023-04-26 13:30:34 +0200 |
commit | 2093f0f263e395b16da50cd7b06897805daa90a1 (patch) | |
tree | 31428509b8e0a191b03169dcba2b46ffc7fe4db3 | |
parent | 3a86ead054c0d1379df718aafb11c61762ab0dd3 (diff) | |
download | current-2093f0f263e395b16da50cd7b06897805daa90a1.tar.gz current-2093f0f263e395b16da50cd7b06897805daa90a1.tar.xz |
Tue Apr 25 21:20:19 UTC 202320230425212019_15.0
patches/packages/git-2.35.8-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
By feeding specially crafted input to `git apply --reject`, a
path outside the working tree can be overwritten with partially
controlled contents (corresponding to the rejected hunk(s) from
the given patch).
When Git is compiled with runtime prefix support and runs without
translated messages, it still used the gettext machinery to
display messages, which subsequently potentially looked for
translated messages in unexpected places. This allowed for
malicious placement of crafted messages.
When renaming or deleting a section from a configuration file,
certain malicious configuration values may be misinterpreted as
the beginning of a new configuration section, leading to arbitrary
configuration injection.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-25652
https://www.cve.org/CVERecord?id=CVE-2023-25815
https://www.cve.org/CVERecord?id=CVE-2023-29007
(* Security fix *)
patches/packages/mozilla-thunderbird-102.10.1-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.10.1/releasenotes/
-rw-r--r-- | ChangeLog.rss | 38 | ||||
-rw-r--r-- | ChangeLog.txt | 26 | ||||
-rw-r--r-- | FILELIST.TXT | 56 | ||||
-rw-r--r-- | patches/packages/git-2.35.8-x86_64-1_slack15.0.txt (renamed from patches/packages/git-2.35.7-x86_64-1_slack15.0.txt) | 0 | ||||
-rw-r--r-- | patches/packages/mozilla-thunderbird-102.10.1-x86_64-1_slack15.0.txt (renamed from patches/packages/mozilla-thunderbird-102.10.0-x86_64-1_slack15.0.txt) | 0 |
5 files changed, 90 insertions, 30 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss index 5890c86e3..c9867dfb6 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,10 +11,44 @@ <description>Tracking Slackware development in git.</description> <language>en-us</language> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> - <pubDate>Wed, 19 Apr 2023 19:17:14 GMT</pubDate> - <lastBuildDate>Thu, 20 Apr 2023 11:39:34 GMT</lastBuildDate> + <pubDate>Tue, 25 Apr 2023 21:20:19 GMT</pubDate> + <lastBuildDate>Wed, 26 Apr 2023 11:30:21 GMT</lastBuildDate> <generator>maintain_current_git.sh v 1.17</generator> <item> + <title>Tue, 25 Apr 2023 21:20:19 GMT</title> + <pubDate>Tue, 25 Apr 2023 21:20:19 GMT</pubDate> + <link>https://git.slackware.nl/current/tag/?h=20230425212019</link> + <guid isPermaLink="false">20230425212019</guid> + <description> + <![CDATA[<pre> +patches/packages/git-2.35.8-x86_64-1_slack15.0.txz: Upgraded. + This update fixes security issues: + By feeding specially crafted input to `git apply --reject`, a + path outside the working tree can be overwritten with partially + controlled contents (corresponding to the rejected hunk(s) from + the given patch). + When Git is compiled with runtime prefix support and runs without + translated messages, it still used the gettext machinery to + display messages, which subsequently potentially looked for + translated messages in unexpected places. This allowed for + malicious placement of crafted messages. + When renaming or deleting a section from a configuration file, + certain malicious configuration values may be misinterpreted as + the beginning of a new configuration section, leading to arbitrary + configuration injection. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2023-25652 + https://www.cve.org/CVERecord?id=CVE-2023-25815 + https://www.cve.org/CVERecord?id=CVE-2023-29007 + (* Security fix *) +patches/packages/mozilla-thunderbird-102.10.1-x86_64-1_slack15.0.txz: Upgraded. + This is a bugfix release. + For more information, see: + https://www.mozilla.org/en-US/thunderbird/102.10.1/releasenotes/ + </pre>]]> + </description> + </item> + <item> <title>Wed, 19 Apr 2023 19:17:14 GMT</title> <pubDate>Wed, 19 Apr 2023 19:17:14 GMT</pubDate> <link>https://git.slackware.nl/current/tag/?h=20230419191714</link> diff --git a/ChangeLog.txt b/ChangeLog.txt index b8ef4d856..508238ffb 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,29 @@ +Tue Apr 25 21:20:19 UTC 2023 +patches/packages/git-2.35.8-x86_64-1_slack15.0.txz: Upgraded. + This update fixes security issues: + By feeding specially crafted input to `git apply --reject`, a + path outside the working tree can be overwritten with partially + controlled contents (corresponding to the rejected hunk(s) from + the given patch). + When Git is compiled with runtime prefix support and runs without + translated messages, it still used the gettext machinery to + display messages, which subsequently potentially looked for + translated messages in unexpected places. This allowed for + malicious placement of crafted messages. + When renaming or deleting a section from a configuration file, + certain malicious configuration values may be misinterpreted as + the beginning of a new configuration section, leading to arbitrary + configuration injection. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2023-25652 + https://www.cve.org/CVERecord?id=CVE-2023-25815 + https://www.cve.org/CVERecord?id=CVE-2023-29007 + (* Security fix *) +patches/packages/mozilla-thunderbird-102.10.1-x86_64-1_slack15.0.txz: Upgraded. + This is a bugfix release. + For more information, see: + https://www.mozilla.org/en-US/thunderbird/102.10.1/releasenotes/ ++--------------------------+ Wed Apr 19 19:17:14 UTC 2023 patches/packages/bind-9.16.40-x86_64-1_slack15.0.txz: Upgraded. This is a bugfix release. diff --git a/FILELIST.TXT b/FILELIST.TXT index 5390ee7d7..d3170499f 100644 --- a/FILELIST.TXT +++ b/FILELIST.TXT @@ -1,20 +1,20 @@ -Wed Apr 19 19:19:45 UTC 2023 +Tue Apr 25 21:26:50 UTC 2023 Here is the file list for this directory. If you are using a mirror site and find missing or extra files in the disk subdirectories, please have the archive administrator refresh the mirror. -drwxr-xr-x 12 root root 4096 2023-04-19 19:17 . +drwxr-xr-x 12 root root 4096 2023-04-25 21:20 . -rw-r--r-- 1 root root 5767 2022-02-02 22:44 ./ANNOUNCE.15.0 -rw-r--r-- 1 root root 16609 2022-03-30 19:03 ./CHANGES_AND_HINTS.TXT --rw-r--r-- 1 root root 1175929 2023-04-13 22:26 ./CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2023-04-13 22:26 ./CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 1175929 2023-04-19 19:20 ./CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2023-04-19 19:20 ./CHECKSUMS.md5.asc -rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING -rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3 -rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT -rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT --rw-r--r-- 1 root root 2005731 2023-04-19 19:17 ./ChangeLog.txt +-rw-r--r-- 1 root root 2007041 2023-04-25 21:20 ./ChangeLog.txt drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT -rw-r--r-- 1 root root 1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi @@ -25,7 +25,7 @@ drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT -rwxr-xr-x 1 root root 2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh -rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg -rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg --rw-r--r-- 1 root root 1533494 2023-04-13 22:25 ./FILELIST.TXT +-rw-r--r-- 1 root root 1533494 2023-04-19 19:19 ./FILELIST.TXT -rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY -rw-r--r-- 1 root root 864745 2022-02-02 08:25 ./PACKAGES.TXT -rw-r--r-- 1 root root 8034 2022-02-02 03:36 ./README.TXT @@ -738,13 +738,13 @@ drwxr-xr-x 2 root root 4096 2008-05-07 05:21 ./pasture/source/php/pear -rwxr-xr-x 1 root root 9448 2018-05-16 22:38 ./pasture/source/php/php.SlackBuild -rw-r--r-- 1 root root 775 2017-07-07 19:25 ./pasture/source/php/php.ini-development.diff.gz -rw-r--r-- 1 root root 830 2005-12-09 05:18 ./pasture/source/php/slack-desc -drwxr-xr-x 4 root root 4096 2023-04-19 19:19 ./patches --rw-r--r-- 1 root root 69783 2023-04-19 19:19 ./patches/CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2023-04-19 19:19 ./patches/CHECKSUMS.md5.asc --rw-r--r-- 1 root root 94510 2023-04-19 19:19 ./patches/FILE_LIST --rw-r--r-- 1 root root 12011694 2023-04-19 19:19 ./patches/MANIFEST.bz2 --rw-r--r-- 1 root root 50310 2023-04-19 19:19 ./patches/PACKAGES.TXT -drwxr-xr-x 3 root root 20480 2023-04-19 19:19 ./patches/packages +drwxr-xr-x 4 root root 4096 2023-04-25 21:26 ./patches +-rw-r--r-- 1 root root 69783 2023-04-25 21:26 ./patches/CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2023-04-25 21:26 ./patches/CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 94510 2023-04-25 21:26 ./patches/FILE_LIST +-rw-r--r-- 1 root root 12015944 2023-04-25 21:26 ./patches/MANIFEST.bz2 +-rw-r--r-- 1 root root 50310 2023-04-25 21:26 ./patches/PACKAGES.TXT +drwxr-xr-x 3 root root 20480 2023-04-25 21:26 ./patches/packages -rw-r--r-- 1 root root 327 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txt -rw-r--r-- 1 root root 10716 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz -rw-r--r-- 1 root root 163 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz.asc @@ -796,9 +796,9 @@ drwxr-xr-x 3 root root 20480 2023-04-19 19:19 ./patches/packages -rw-r--r-- 1 root root 278 2022-11-17 19:39 ./patches/packages/freerdp-2.9.0-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 1649516 2022-11-17 19:39 ./patches/packages/freerdp-2.9.0-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2022-11-17 19:39 ./patches/packages/freerdp-2.9.0-x86_64-1_slack15.0.txz.asc --rw-r--r-- 1 root root 397 2023-02-15 19:29 ./patches/packages/git-2.35.7-x86_64-1_slack15.0.txt --rw-r--r-- 1 root root 6653480 2023-02-15 19:29 ./patches/packages/git-2.35.7-x86_64-1_slack15.0.txz --rw-r--r-- 1 root root 163 2023-02-15 19:29 ./patches/packages/git-2.35.7-x86_64-1_slack15.0.txz.asc +-rw-r--r-- 1 root root 397 2023-04-25 21:09 ./patches/packages/git-2.35.8-x86_64-1_slack15.0.txt +-rw-r--r-- 1 root root 6689412 2023-04-25 21:09 ./patches/packages/git-2.35.8-x86_64-1_slack15.0.txz +-rw-r--r-- 1 root root 163 2023-04-25 21:09 ./patches/packages/git-2.35.8-x86_64-1_slack15.0.txz.asc -rw-r--r-- 1 root root 503 2023-03-29 20:53 ./patches/packages/glibc-zoneinfo-2023c-noarch-1_slack15.0.txt -rw-r--r-- 1 root root 207136 2023-03-29 20:53 ./patches/packages/glibc-zoneinfo-2023c-noarch-1_slack15.0.txz -rw-r--r-- 1 root root 163 2023-03-29 20:53 ./patches/packages/glibc-zoneinfo-2023c-noarch-1_slack15.0.txz.asc @@ -875,9 +875,9 @@ drwxr-xr-x 2 root root 4096 2023-02-18 02:05 ./patches/packages/linux-5.15 -rw-r--r-- 1 root root 564 2023-01-06 19:37 ./patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 1838968 2023-01-06 19:37 ./patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2023-01-06 19:37 ./patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txz.asc --rw-r--r-- 1 root root 663 2023-04-12 20:01 ./patches/packages/mozilla-thunderbird-102.10.0-x86_64-1_slack15.0.txt --rw-r--r-- 1 root root 56293068 2023-04-12 20:01 ./patches/packages/mozilla-thunderbird-102.10.0-x86_64-1_slack15.0.txz --rw-r--r-- 1 root root 163 2023-04-12 20:01 ./patches/packages/mozilla-thunderbird-102.10.0-x86_64-1_slack15.0.txz.asc +-rw-r--r-- 1 root root 663 2023-04-25 18:02 ./patches/packages/mozilla-thunderbird-102.10.1-x86_64-1_slack15.0.txt +-rw-r--r-- 1 root root 56298928 2023-04-25 18:02 ./patches/packages/mozilla-thunderbird-102.10.1-x86_64-1_slack15.0.txz +-rw-r--r-- 1 root root 163 2023-04-25 18:02 ./patches/packages/mozilla-thunderbird-102.10.1-x86_64-1_slack15.0.txz.asc -rw-r--r-- 1 root root 451 2022-07-21 17:53 ./patches/packages/net-snmp-5.9.3-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 1598024 2022-07-21 17:53 ./patches/packages/net-snmp-5.9.3-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2022-07-21 17:53 ./patches/packages/net-snmp-5.9.3-x86_64-1_slack15.0.txz.asc @@ -986,7 +986,7 @@ drwxr-xr-x 2 root root 4096 2023-02-18 02:05 ./patches/packages/linux-5.15 -rw-r--r-- 1 root root 463 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 459652 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz.asc -drwxr-xr-x 72 root root 4096 2023-04-19 18:53 ./patches/source +drwxr-xr-x 72 root root 4096 2023-04-25 21:10 ./patches/source drwxr-xr-x 2 root root 4096 2022-01-16 05:07 ./patches/source/aaa_base -rw-r--r-- 1 root root 11041 2022-02-15 04:49 ./patches/source/aaa_base/_aaa_base.tar.gz -rwxr-xr-x 1 root root 3894 2022-02-15 05:07 ./patches/source/aaa_base/aaa_base.SlackBuild @@ -1123,9 +1123,9 @@ drwxr-xr-x 2 root root 4096 2022-11-17 19:38 ./patches/source/freerdp -rwxr-xr-x 1 root root 4654 2022-10-13 01:12 ./patches/source/freerdp/freerdp.SlackBuild -rw-r--r-- 1 root root 34 2021-09-23 18:07 ./patches/source/freerdp/freerdp.url -rw-r--r-- 1 root root 765 2021-09-23 18:18 ./patches/source/freerdp/slack-desc -drwxr-xr-x 2 root root 4096 2023-02-15 19:23 ./patches/source/git --rw-r--r-- 1 root root 566 2023-02-14 17:54 ./patches/source/git/git-2.35.7.tar.sign --rw-r--r-- 1 root root 6884912 2023-02-14 17:54 ./patches/source/git/git-2.35.7.tar.xz +drwxr-xr-x 2 root root 4096 2023-04-25 20:46 ./patches/source/git +-rw-r--r-- 1 root root 566 2023-04-25 17:00 ./patches/source/git/git-2.35.8.tar.sign +-rw-r--r-- 1 root root 6885832 2023-04-25 17:00 ./patches/source/git/git-2.35.8.tar.xz -rwxr-xr-x 1 root root 5491 2022-04-14 20:18 ./patches/source/git/git.SlackBuild -rw-r--r-- 1 root root 45 2015-09-01 20:04 ./patches/source/git/git.url -rw-r--r-- 1 root root 848 2018-02-27 06:13 ./patches/source/git/slack-desc @@ -1362,7 +1362,7 @@ drwxr-xr-x 2 root root 4096 2023-01-06 19:30 ./patches/source/mozilla-nss -rw-r--r-- 1 root root 37770371 2023-01-05 18:00 ./patches/source/mozilla-nss/nss-3.87.tar.lz -rw-r--r-- 1 root root 2488 2012-04-29 21:05 ./patches/source/mozilla-nss/nss-config.in -rw-r--r-- 1 root root 1023 2018-02-27 06:12 ./patches/source/mozilla-nss/slack-desc -drwxr-xr-x 4 root root 4096 2023-04-12 18:35 ./patches/source/mozilla-thunderbird +drwxr-xr-x 4 root root 4096 2023-04-25 16:53 ./patches/source/mozilla-thunderbird -rw-r--r-- 1 root root 266 2022-08-06 19:40 ./patches/source/mozilla-thunderbird/arc4random_buf.glibc-2.36.diff.gz drwxr-xr-x 2 root root 4096 2016-07-03 18:05 ./patches/source/mozilla-thunderbird/autoconf -rw-r--r-- 1 root root 5869 2016-07-03 18:04 ./patches/source/mozilla-thunderbird/autoconf/autoconf-2.13-consolidated_fixes-1.patch.gz @@ -1378,8 +1378,8 @@ drwxr-xr-x 2 root root 4096 2022-06-13 00:06 ./patches/source/mozilla-thun -rw-r--r-- 1 root root 150253 2022-04-21 16:48 ./patches/source/mozilla-thunderbird/build-deps/cbindgen/cbindgen-0.23.0.tar.lz -rwxr-xr-x 1 root root 2032 2022-06-14 16:39 ./patches/source/mozilla-thunderbird/build-deps/cbindgen/cbindgen.build -rw-r--r-- 1 root root 35 2021-06-25 03:11 ./patches/source/mozilla-thunderbird/build-deps/cbindgen/cbindgen.url -drwxr-xr-x 2 root root 4096 2023-04-11 17:09 ./patches/source/mozilla-thunderbird/build-deps/nodejs --rw-r--r-- 1 root root 40783032 2023-04-10 20:05 ./patches/source/mozilla-thunderbird/build-deps/nodejs/node-v19.9.0.tar.xz +drwxr-xr-x 2 root root 4096 2023-04-19 18:28 ./patches/source/mozilla-thunderbird/build-deps/nodejs +-rw-r--r-- 1 root root 41279796 2023-04-19 18:28 ./patches/source/mozilla-thunderbird/build-deps/nodejs/node-v20.0.0.tar.xz -rwxr-xr-x 1 root root 3013 2021-08-13 18:10 ./patches/source/mozilla-thunderbird/build-deps/nodejs/nodejs.build -rw-r--r-- 1 root root 86 2019-07-08 21:02 ./patches/source/mozilla-thunderbird/build-deps/nodejs/nodejs.url -rw-r--r-- 1 root root 263 2022-06-30 18:42 ./patches/source/mozilla-thunderbird/double_t.x86.diff.gz @@ -1388,8 +1388,8 @@ drwxr-xr-x 2 root root 4096 2023-04-11 17:09 ./patches/source/mozilla-thun -rw-r--r-- 1 root root 3378 2005-03-08 05:13 ./patches/source/mozilla-thunderbird/mozilla-thunderbird.desktop -rw-r--r-- 1 root root 1130 2018-02-27 06:47 ./patches/source/mozilla-thunderbird/slack-desc -rw-r--r-- 1 root root 330 2019-08-27 16:35 ./patches/source/mozilla-thunderbird/tb.ui.scrollToClick.diff.gz --rw-r--r-- 1 root root 500949660 2023-04-11 16:10 ./patches/source/mozilla-thunderbird/thunderbird-102.10.0.source.tar.xz --rw-r--r-- 1 root root 833 2023-04-11 16:10 ./patches/source/mozilla-thunderbird/thunderbird-102.10.0.source.tar.xz.asc +-rw-r--r-- 1 root root 506975996 2023-04-24 18:51 ./patches/source/mozilla-thunderbird/thunderbird-102.10.1.source.tar.xz +-rw-r--r-- 1 root root 833 2023-04-24 18:51 ./patches/source/mozilla-thunderbird/thunderbird-102.10.1.source.tar.xz.asc drwxr-xr-x 2 root root 4096 2022-07-21 17:44 ./patches/source/net-snmp -rw-r--r-- 1 root root 356 2021-12-21 18:38 ./patches/source/net-snmp/doinst.sh.gz -rw-r--r-- 1 root root 607 2018-07-20 09:39 ./patches/source/net-snmp/net-snmp-5.7.2-cert-path.patch.gz diff --git a/patches/packages/git-2.35.7-x86_64-1_slack15.0.txt b/patches/packages/git-2.35.8-x86_64-1_slack15.0.txt index 059a95baf..059a95baf 100644 --- a/patches/packages/git-2.35.7-x86_64-1_slack15.0.txt +++ b/patches/packages/git-2.35.8-x86_64-1_slack15.0.txt diff --git a/patches/packages/mozilla-thunderbird-102.10.0-x86_64-1_slack15.0.txt b/patches/packages/mozilla-thunderbird-102.10.1-x86_64-1_slack15.0.txt index 5acb7b92e..5acb7b92e 100644 --- a/patches/packages/mozilla-thunderbird-102.10.0-x86_64-1_slack15.0.txt +++ b/patches/packages/mozilla-thunderbird-102.10.1-x86_64-1_slack15.0.txt |