diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2023-05-25 00:24:33 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2023-05-25 13:30:31 +0200 |
commit | 73b668742a86c06c84cde2da658b5135367d23fe (patch) | |
tree | ff414f05e1499907a1970b1f062918ab73b7f4ef /recompress.sh | |
parent | 8e0b115ff3be360a6e31635f57629008062a66f3 (diff) | |
download | current-73b668742a86c06c84cde2da658b5135367d23fe.tar.gz current-73b668742a86c06c84cde2da658b5135367d23fe.tar.xz |
Thu May 25 00:24:33 UTC 202320230525002433_15.0
patches/packages/curl-8.1.1-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
patches/packages/texlive-2023.230322-x86_64-1_slack15.0.txz: Upgraded.
This update patches a security issue:
LuaTeX before 1.17.0 allows execution of arbitrary shell commands when
compiling a TeX file obtained from an untrusted source. This occurs
because luatex-core.lua lets the original io.popen be accessed. This also
affects TeX Live before 2023 r66984 and MiKTeX before 23.5.
Thanks to Johannes Schoepfer.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-32700
(* Security fix *)
Diffstat (limited to 'recompress.sh')
-rwxr-xr-x | recompress.sh | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/recompress.sh b/recompress.sh index 25c8ba397..9a19972e5 100755 --- a/recompress.sh +++ b/recompress.sh @@ -1181,6 +1181,9 @@ gzip ./patches/source/python3/python3.no-static-library.diff gzip ./patches/source/python3/python3.readline.set_pre_input_hook.diff gzip ./patches/source/python3/python3.setup.py.x86_64.diff gzip ./patches/source/python3/python3.distutils.x86_64.diff +gzip ./patches/source/texlive/texlive-20230313-source-security_fix-1.patch +gzip ./patches/source/texlive/doinst.sh +gzip ./patches/source/texlive/texlive.unicode5.0.diff gzip ./patches/source/sysstat/doinst.sh gzip ./patches/source/xorg-server-xwayland/CVE-2022-46342.patch gzip ./patches/source/xorg-server-xwayland/CVE-2022-46343.patch |