diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2023-01-07 01:50:00 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2023-01-07 13:30:29 +0100 |
commit | 585883b9b5ec51fd1a9d4729c3e2a20c5c928eae (patch) | |
tree | c7560a1ba53c89bd4b4d9be6e39fcb855799e51f /patches | |
parent | 7920ad758b5bb8e8e4ac56a580608a3964f4ced3 (diff) | |
download | current-585883b9b5ec51fd1a9d4729c3e2a20c5c928eae.tar.gz current-585883b9b5ec51fd1a9d4729c3e2a20c5c928eae.tar.xz |
Sat Jan 7 01:50:00 UTC 202320230107015000_15.0
extra/php80/php80-8.0.27-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
PDO::quote() may return unquoted string.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-31631
(* Security fix *)
extra/php81/php81-8.1.14-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and a security issue:
PDO::quote() may return unquoted string.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-31631
(* Security fix *)
patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txz: Upgraded.
Fixed memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures.
For more information, see:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/
https://www.cve.org/CVERecord?id=CVE-2021-43527
(* Security fix *)
patches/packages/php-7.4.33-x86_64-2_slack15.0.txz: Rebuilt.
This update fixes a security issue:
PDO::quote() may return unquoted string.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-31631
(* Security fix *)
Diffstat (limited to 'patches')
-rw-r--r-- | patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txt (renamed from patches/packages/mozilla-nss-3.84-x86_64-1_slack15.0.txt) | 0 | ||||
-rw-r--r-- | patches/packages/php-7.4.33-x86_64-2_slack15.0.txt (renamed from patches/packages/php-7.4.33-x86_64-1_slack15.0.txt) | 0 | ||||
-rw-r--r-- | patches/source/mozilla-nss/CVE-2022-3479.patch | 23 | ||||
-rwxr-xr-x | patches/source/mozilla-nss/mozilla-nss.SlackBuild | 5 | ||||
-rw-r--r-- | patches/source/php/CVE-2022-31631.patch | 50 | ||||
-rwxr-xr-x | patches/source/php/php.SlackBuild | 8 |
6 files changed, 57 insertions, 29 deletions
diff --git a/patches/packages/mozilla-nss-3.84-x86_64-1_slack15.0.txt b/patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txt index 9d2fe7086..9d2fe7086 100644 --- a/patches/packages/mozilla-nss-3.84-x86_64-1_slack15.0.txt +++ b/patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txt diff --git a/patches/packages/php-7.4.33-x86_64-1_slack15.0.txt b/patches/packages/php-7.4.33-x86_64-2_slack15.0.txt index 88937e9e0..88937e9e0 100644 --- a/patches/packages/php-7.4.33-x86_64-1_slack15.0.txt +++ b/patches/packages/php-7.4.33-x86_64-2_slack15.0.txt diff --git a/patches/source/mozilla-nss/CVE-2022-3479.patch b/patches/source/mozilla-nss/CVE-2022-3479.patch deleted file mode 100644 index 5f80fdc09..000000000 --- a/patches/source/mozilla-nss/CVE-2022-3479.patch +++ /dev/null @@ -1,23 +0,0 @@ -diff --git a/lib/ssl/authcert.c b/lib/ssl/authcert.c ---- a/lib/ssl/authcert.c -+++ b/lib/ssl/authcert.c -@@ -212,17 +212,17 @@ NSS_GetClientAuthData(void *arg, - pw_arg); - } else { - int nnames = 0; - char **names = ssl_DistNamesToStrings(caNames, &nnames); - rv = CERT_FilterCertListByCANames(certList, nnames, names, - certUsageSSLClient); - ssl_FreeDistNamesStrings(names, nnames); - } -- if ((rv != SECSuccess) || CERT_LIST_EMPTY(certList)) { -+ if ((rv != SECSuccess) || (certList && CERT_LIST_EMPTY(certList))) { - CERT_DestroyCertList(certList); - certList = NULL; - } - } - if (certList == NULL) { - /* no user certs meeting the nickname/usage requirements found */ - return SECFailure; - } - diff --git a/patches/source/mozilla-nss/mozilla-nss.SlackBuild b/patches/source/mozilla-nss/mozilla-nss.SlackBuild index 34756cff5..ae1ed1e3e 100755 --- a/patches/source/mozilla-nss/mozilla-nss.SlackBuild +++ b/patches/source/mozilla-nss/mozilla-nss.SlackBuild @@ -1,6 +1,6 @@ #!/bin/bash # Copyright 2005, 2006, 2008, 2009, 2010, 2012 Eric Hameleers, Eindhoven, NL -# Copyright 2013, 2014, 2015, 2017, 2018, 2019, 2020 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2013, 2014, 2015, 2017, 2018, 2019, 2020, 2023 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Permission to use, copy, modify, and distribute this software for @@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=mozilla-nss SRCNAM=nss -VERSION=${VERSION:-3.84} +VERSION=${VERSION:-3.87} NSPR=${NSPR:-4.35} BUILD=${BUILD:-1_slack15.0} @@ -93,7 +93,6 @@ find . \ -exec chmod 644 {} \+ cd nss -zcat $CWD/CVE-2022-3479.patch.gz | patch -p1 --verbose || exit 1 ./build.sh -v $NUMJOBS --opt --system-sqlite --enable-libpkix --disable-tests cd - diff --git a/patches/source/php/CVE-2022-31631.patch b/patches/source/php/CVE-2022-31631.patch new file mode 100644 index 000000000..6aa309549 --- /dev/null +++ b/patches/source/php/CVE-2022-31631.patch @@ -0,0 +1,50 @@ +From 921b6813da3237a83e908998483f46ae3d8bacba Mon Sep 17 00:00:00 2001 +From: "Christoph M. Becker" <cmbecker69@gmx.de> +Date: Mon, 31 Oct 2022 17:20:23 +0100 +Subject: [PATCH] Fix #81740: PDO::quote() may return unquoted string + +`sqlite3_snprintf()` expects its first parameter to be `int`; we need +to avoid overflow. +--- + ext/pdo_sqlite/sqlite_driver.c | 3 +++ + ext/pdo_sqlite/tests/bug81740.phpt | 17 +++++++++++++++++ + 2 files changed, 20 insertions(+) + create mode 100644 ext/pdo_sqlite/tests/bug81740.phpt + +diff --git a/ext/pdo_sqlite/sqlite_driver.c b/ext/pdo_sqlite/sqlite_driver.c +index 4233ff10ff2e..5a72a1eda23f 100644 +--- a/ext/pdo_sqlite/sqlite_driver.c ++++ b/ext/pdo_sqlite/sqlite_driver.c +@@ -232,6 +232,9 @@ static char *pdo_sqlite_last_insert_id(pdo_dbh_t *dbh, const char *name, size_t + /* NB: doesn't handle binary strings... use prepared stmts for that */ + static int sqlite_handle_quoter(pdo_dbh_t *dbh, const char *unquoted, size_t unquotedlen, char **quoted, size_t *quotedlen, enum pdo_param_type paramtype ) + { ++ if (unquotedlen > (INT_MAX - 3) / 2) { ++ return 0; ++ } + *quoted = safe_emalloc(2, unquotedlen, 3); + sqlite3_snprintf(2*unquotedlen + 3, *quoted, "'%q'", unquoted); + *quotedlen = strlen(*quoted); +diff --git a/ext/pdo_sqlite/tests/bug81740.phpt b/ext/pdo_sqlite/tests/bug81740.phpt +new file mode 100644 +index 000000000000..99fb07c3048b +--- /dev/null ++++ b/ext/pdo_sqlite/tests/bug81740.phpt +@@ -0,0 +1,17 @@ ++--TEST-- ++Bug #81740 (PDO::quote() may return unquoted string) ++--SKIPIF-- ++<?php ++if (!extension_loaded('pdo_sqlite')) print 'skip not loaded'; ++if (getenv("SKIP_SLOW_TESTS")) die("skip slow test"); ++?> ++--INI-- ++memory_limit=-1 ++--FILE-- ++<?php ++$pdo = new PDO("sqlite::memory:"); ++$string = str_repeat("a", 0x80000000); ++var_dump($pdo->quote($string)); ++?> ++--EXPECT-- ++bool(false) diff --git a/patches/source/php/php.SlackBuild b/patches/source/php/php.SlackBuild index 518bb7ec6..8773717c8 100755 --- a/patches/source/php/php.SlackBuild +++ b/patches/source/php/php.SlackBuild @@ -3,7 +3,7 @@ # Build and package mod_php on Slackware. # by: David Cantrell <david@slackware.com> # Modified for PHP 4-5 by volkerdi@slackware.com -# Copyright 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2015, 2017, 2019, 2020, 2021 Patrick Volkerding, Sebeka, MN, USA +# Copyright 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2015, 2017, 2019, 2020, 2021, 2023 Patrick Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -27,8 +27,8 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=php VERSION=${VERSION:-$(echo php-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -ALPINE=2.25 -BUILD=${BUILD:-1_slack15.0} +ALPINE=2.26 +BUILD=${BUILD:-2_slack15.0} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -127,6 +127,8 @@ rm -rf php-$VERSION tar xvf $CWD/php-$VERSION.tar.xz || exit 1 cd php-$VERSION || exit 1 +zcat $CWD/CVE-2022-31631.patch.gz | patch -p1 --verbose || exit 1 + # cleanup: find . -name "*.orig" -delete |