diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2022-12-20 20:40:18 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2022-12-20 22:34:22 +0100 |
| commit | a1d6f79ce8795d190466bd6e4cc3c191df8741e9 (patch) | |
| tree | 27389af065425da0b60d20a760ccde265489ebc7 /source/l/sdl/sdl.SlackBuild | |
| parent | 4f53dfead2169d2c8e9d22b1cdb5ed71083fb9b4 (diff) | |
| download | current-a1d6f79ce8795d190466bd6e4cc3c191df8741e9.tar.gz current-a1d6f79ce8795d190466bd6e4cc3c191df8741e9.tar.xz | |
Tue Dec 20 20:40:18 UTC 202220221220204018
d/p2c-2.02-x86_64-1.txz: Upgraded.
kde/dolphin-22.12.0-x86_64-2.txz: Rebuilt.
[PATCH] Revert "portalize drag urls"
Thanks to marav.
l/gst-plugins-bad-free-1.20.5-x86_64-1.txz: Upgraded.
l/gst-plugins-base-1.20.5-x86_64-1.txz: Upgraded.
l/gst-plugins-good-1.20.5-x86_64-1.txz: Upgraded.
l/gst-plugins-libav-1.20.5-x86_64-1.txz: Upgraded.
l/gstreamer-1.20.5-x86_64-1.txz: Upgraded.
l/libqalculate-4.5.0-x86_64-1.txz: Upgraded.
l/libvncserver-0.9.14-x86_64-1.txz: Upgraded.
l/sdl-1.2.15-x86_64-14.txz: Rebuilt.
This update fixes a heap overflow problem in video/SDL_pixels.c in SDL.
By crafting a malicious .BMP file, an attacker can cause the application
using this library to crash, denial of service, or code execution.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2021-33657
(* Security fix *)
n/gnupg2-2.2.41-x86_64-1.txz: Upgraded.
n/libksba-1.6.3-x86_64-1.txz: Upgraded.
Fix another integer overflow in the CRL's signature parser.
(* Security fix *)
x/libSM-1.2.4-x86_64-1.txz: Upgraded.
x/xcb-util-0.4.1-x86_64-1.txz: Upgraded.
x/xdriinfo-1.0.7-x86_64-1.txz: Upgraded.
Diffstat (limited to 'source/l/sdl/sdl.SlackBuild')
| -rwxr-xr-x | source/l/sdl/sdl.SlackBuild | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/source/l/sdl/sdl.SlackBuild b/source/l/sdl/sdl.SlackBuild index 4660aad86..6b1cfb4cf 100755 --- a/source/l/sdl/sdl.SlackBuild +++ b/source/l/sdl/sdl.SlackBuild @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2008, 2009, 2010, 2011, 2013, 2016, 2018, 2020 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2008, 2009, 2010, 2011, 2013, 2016, 2018, 2020, 2022 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -30,7 +30,7 @@ NET=${NET:-$(echo SDL_net-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev SOUND=${SOUND:-$(echo SDL_sound-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} TTF=${TTF:-$(echo SDL_ttf-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-13} +BUILD=${BUILD:-14} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -84,6 +84,7 @@ find . \ zcat $CWD/libsdl-1.2.15-resizing.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/sdl-1.2.14-fix-mouse-clicking.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/CVE-2021-33657.patch.gz | patch -p1 --verbose || exit 1 # We must use --disable-x11-shared or programs linked with SDL will # crash on machines that use the closed source nVidia drivers. |