diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2023-08-04 20:17:36 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2023-08-05 13:30:38 +0200 |
commit | 79e6c8efb811e73296062977a5f840c4c7cb0f1c (patch) | |
tree | d2bc8c1db1ae29eaffc32f50c61ba7a82b55955c /extra/source | |
parent | af3a1b13c3fc7185876bb746f520dcae15c94c8e (diff) | |
download | current-79e6c8efb811e73296062977a5f840c4c7cb0f1c.tar.gz current-79e6c8efb811e73296062977a5f840c4c7cb0f1c.tar.xz |
Fri Aug 4 20:17:36 UTC 202320230804201736_15.0
extra/php81/php81-8.1.22-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
Libxml: Fixed bug GHSA-3qrf-m4j2-pcrr (Security issue with external entity
loading in XML without enabling it).
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-3823
(* Security fix *)
extra/rust-for-mozilla/rust-1.70.0-x86_64-1_slack15.0.txz: Upgraded.
Upgraded the Rust compiler for Firefox 115.1.0 ESR and Thunderbird 115.1.0.
pasture/samba-4.15.13-x86_64-1_slack15.0.txz: Added.
We'll hang onto this just in case.
patches/packages/mozilla-firefox-115.1.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.1.0esr/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/
https://www.cve.org/CVERecord?id=CVE-2023-4045
https://www.cve.org/CVERecord?id=CVE-2023-4046
https://www.cve.org/CVERecord?id=CVE-2023-4047
https://www.cve.org/CVERecord?id=CVE-2023-4048
https://www.cve.org/CVERecord?id=CVE-2023-4049
https://www.cve.org/CVERecord?id=CVE-2023-4050
https://www.cve.org/CVERecord?id=CVE-2023-4052
https://www.cve.org/CVERecord?id=CVE-2023-4054
https://www.cve.org/CVERecord?id=CVE-2023-4055
https://www.cve.org/CVERecord?id=CVE-2023-4056
https://www.cve.org/CVERecord?id=CVE-2023-4057
(* Security fix *)
patches/packages/mozilla-thunderbird-115.1.0-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.1.0/releasenotes/
patches/packages/samba-4.18.5-x86_64-1_slack15.0.txz: Upgraded.
PLEASE NOTE: We are taking the unusual step of moving to the latest Samba
branch because Windows has made changes that break Samba 4.15.x. The last
4.15.x will be retained in /pasture as a fallback. There may be some
required configuration changes with this, but we've kept using MIT Kerberos
to try to have the behavior change as little as possible. Upgrade carefully.
This update fixes security issues:
When winbind is used for NTLM authentication, a maliciously crafted request
can trigger an out-of-bounds read in winbind and possibly crash it.
SMB2 packet signing is not enforced if an admin configured
"server signing = required" or for SMB2 connections to Domain Controllers
where SMB2 packet signing is mandatory.
An infinite loop bug in Samba's mdssvc RPC service for Spotlight can be
triggered by an unauthenticated attacker by issuing a malformed RPC request.
Missing type validation in Samba's mdssvc RPC service for Spotlight can be
used by an unauthenticated attacker to trigger a process crash in a shared
RPC mdssvc worker process.
As part of the Spotlight protocol Samba discloses the server-side absolute
path of shares and files and directories in search results.
For more information, see:
https://www.samba.org/samba/security/CVE-2022-2127.html
https://www.samba.org/samba/security/CVE-2023-3347.html
https://www.samba.org/samba/security/CVE-2023-34966.html
https://www.samba.org/samba/security/CVE-2023-34967.html
https://www.samba.org/samba/security/CVE-2023-34968.html
https://www.cve.org/CVERecord?id=CVE-2022-2127
https://www.cve.org/CVERecord?id=CVE-2023-3347
https://www.cve.org/CVERecord?id=CVE-2023-34966
https://www.cve.org/CVERecord?id=CVE-2023-34967
https://www.cve.org/CVERecord?id=CVE-2023-34968
(* Security fix *)
Diffstat (limited to 'extra/source')
-rwxr-xr-x | extra/source/php81/fetch-php.sh | 4 | ||||
-rwxr-xr-x | extra/source/rust-for-mozilla/rust.SlackBuild | 16 | ||||
-rw-r--r-- | extra/source/rust-for-mozilla/rust.url | 8 |
3 files changed, 14 insertions, 14 deletions
diff --git a/extra/source/php81/fetch-php.sh b/extra/source/php81/fetch-php.sh index 56281f011..8aed679d1 100755 --- a/extra/source/php81/fetch-php.sh +++ b/extra/source/php81/fetch-php.sh @@ -1,2 +1,2 @@ -lftpget http://us.php.net/distributions/php-8.1.20.tar.xz.asc -lftpget http://us.php.net/distributions/php-8.1.20.tar.xz +lftpget http://us.php.net/distributions/php-8.1.22.tar.xz.asc +lftpget http://us.php.net/distributions/php-8.1.22.tar.xz diff --git a/extra/source/rust-for-mozilla/rust.SlackBuild b/extra/source/rust-for-mozilla/rust.SlackBuild index 99686ea00..939a73336 100755 --- a/extra/source/rust-for-mozilla/rust.SlackBuild +++ b/extra/source/rust-for-mozilla/rust.SlackBuild @@ -1,7 +1,7 @@ #!/bin/bash # Copyright 2017 Andrew Clemons, Wellington, New Zealand -# Copyright 2017, 2018, 2019, 2020, 2021 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2017, 2018, 2019, 2020, 2021, 2022 Patrick J. Volkerding, Sebeka, Minnesota, USA # Copyright 2017 Stuart Winter # All rights reserved. # @@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=rust SRCNAM="${PKGNAM}c" -VERSION=${VERSION:-1.60.0} +VERSION=${VERSION:-1.70.0} BUILD=${BUILD:-1_slack15.0} # Set this to YES to build with the system LLVM, or NO to use the bundled LLVM. @@ -34,9 +34,9 @@ BUILD=${BUILD:-1_slack15.0} SYSTEM_LLVM=${SYSTEM_LLVM:-NO} # Bootstrap variables (might not be kept updated for latest Rust): -RSTAGE0_VERSION=${RSTAGE0_VERSION:-1.59.0} -RSTAGE0_DIR=${RSTAGE0_DIR:-2022-02-24} -CSTAGE0_VERSION=${CSTAGE0_VERSION:-1.59.0} +RSTAGE0_VERSION=${RSTAGE0_VERSION:-1.69.0} +RSTAGE0_DIR=${RSTAGE0_DIR:-2023-04-20} +CSTAGE0_VERSION=${CSTAGE0_VERSION:-1.69.0} CSTAGE0_DIR=${CSTAGE0_DIR:-$RSTAGE0_DIR} # Automatically determine the architecture we're building on: @@ -111,7 +111,7 @@ else fi TMP=${TMP:-/tmp} -OUTPUT=${OUTPUT:-/tmp} +OUTPUT=${OUTPUT:-$TMP} PKG=$TMP/package-$PKGNAM # Not needed, as the build will automatically use as many jobs as there are @@ -134,7 +134,8 @@ rm -rf $PKG mkdir -p $TMP $PKG $OUTPUT cd $TMP rm -rf $SRCNAM-$VERSION-src -tar xvf $CWD/$SRCNAM-$VERSION-src.tar.?z || exit 1 +echo "Extracting $CWD/$SRCNAM-$VERSION-src.tar.?z..." +tar xf $CWD/$SRCNAM-$VERSION-src.tar.?z || exit 1 cd $SRCNAM-$VERSION-src || exit 1 # Link with -lffi in case of using system LLVM: @@ -179,7 +180,6 @@ codegen-units = 0 channel = "stable" rpath = false codegen-tests = false -ignore-git = true EOF diff --git a/extra/source/rust-for-mozilla/rust.url b/extra/source/rust-for-mozilla/rust.url index 3e7ea75a2..98cc2f672 100644 --- a/extra/source/rust-for-mozilla/rust.url +++ b/extra/source/rust-for-mozilla/rust.url @@ -1,5 +1,5 @@ # Source code (repacked to .tar.lz): -VERSION=1.60.0 +VERSION=1.70.0 rm -f rustc-${VERSION}-src.tar.* lftpget https://static.rust-lang.org/dist/rustc-${VERSION}-src.tar.gz lftpget https://static.rust-lang.org/dist/rustc-${VERSION}-src.tar.gz.asc @@ -20,9 +20,9 @@ fi # update the settings below, look at src/stage0.json in the Rust sources. exit 0 -BOOTSTRAP_DATE=2022-02-24 -BOOTSTRAP_CARGO=1.59.0 -BOOTSTRAP_VERSION=1.59.0 +BOOTSTRAP_DATE=2023-04-20 +BOOTSTRAP_VERSION=1.69.0 +BOOTSTRAP_CARGO=$BOOTSTRAP_VERSION # i686 bootstrap: lftpget https://static.rust-lang.org/dist/${BOOTSTRAP_DATE}/cargo-${BOOTSTRAP_CARGO}-i686-unknown-linux-gnu.tar.xz |