diff options
author | 2023-06-02 20:56:35 +0000 | |
---|---|---|
committer | 2023-06-02 23:45:41 +0200 | |
commit | 8b137cd8352b84bf56b01414f58a6d55a99d22a6 (patch) | |
tree | f73aeff466f3d465f4e24864a08658966c0f8d80 /source/l/serf | |
parent | a9c0ca9f8fa5a0a244f0f0f7b0c2623df807b494 (diff) | |
download | current-8b137cd8352b84bf56b01414f58a6d55a99d22a6.tar.gz current-8b137cd8352b84bf56b01414f58a6d55a99d22a6.tar.xz |
Fri Jun 2 20:56:35 UTC 202320230602205635
a/hwdata-0.371-noarch-1.txz: Upgraded.
ap/cups-2.4.3-x86_64-1.txz: Upgraded.
Fixed a heap buffer overflow in _cups_strlcpy(), when the configuration file
cupsd.conf sets the value of loglevel to DEBUG, that could allow a remote
attacker to launch a denial of service (DoS) attack, or possibly execute
arbirary code.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-32324
(* Security fix *)
d/git-2.41.0-x86_64-1.txz: Upgraded.
d/llvm-16.0.5-x86_64-1.txz: Upgraded.
kde/calligra-3.2.1-x86_64-29.txz: Rebuilt.
Recompiled against Imath-3.1.9.
kde/kimageformats-5.106.0-x86_64-3.txz: Rebuilt.
Recompiled against Imath-3.1.9.
kde/kio-extras-23.04.1-x86_64-3.txz: Rebuilt.
Recompiled against Imath-3.1.9.
kde/krita-5.1.5-x86_64-9.txz: Rebuilt.
Recompiled against Imath-3.1.9.
l/Imath-3.1.9-x86_64-1.txz: Upgraded.
Evidently the shared library .so-version bump in Imath-3.1.8 should not have
happened, so this update reverts it to the previous value.
l/gst-plugins-bad-free-1.22.3-x86_64-3.txz: Rebuilt.
Recompiled against Imath-3.1.9.
l/imagemagick-7.1.1_11-x86_64-2.txz: Rebuilt.
Recompiled against Imath-3.1.9.
l/mozjs102-102.12.0esr-x86_64-1.txz: Upgraded.
l/openexr-3.1.7-x86_64-3.txz: Rebuilt.
Recompiled against Imath-3.1.9.
l/serf-1.3.10-x86_64-1.txz: Upgraded.
l/vte-0.72.2-x86_64-1.txz: Upgraded.
n/nettle-3.9.1-x86_64-1.txz: Upgraded.
n/ntp-4.2.8p16-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-26551
https://www.cve.org/CVERecord?id=CVE-2023-26552
https://www.cve.org/CVERecord?id=CVE-2023-26553
https://www.cve.org/CVERecord?id=CVE-2023-26554
https://www.cve.org/CVERecord?id=CVE-2023-26555
(* Security fix *)
n/samba-4.18.3-x86_64-1.txz: Upgraded.
tcl/tclx-8.6.2-x86_64-1.txz: Upgraded.
x/ibus-libpinyin-1.15.3-x86_64-1.txz: Upgraded.
x/libX11-1.8.5-x86_64-1.txz: Upgraded.
xap/gimp-2.10.34-x86_64-4.txz: Rebuilt.
Recompiled against Imath-3.1.9.
xfce/xfce4-pulseaudio-plugin-0.4.7-x86_64-1.txz: Upgraded.
Diffstat (limited to 'source/l/serf')
-rw-r--r-- | source/l/serf/serf-1.3.9-openssl3_fixes-1.patch | 41 | ||||
-rw-r--r-- | source/l/serf/serf.SConstruct.python3.diff | 24 | ||||
-rwxr-xr-x | source/l/serf/serf.SlackBuild | 8 | ||||
-rw-r--r-- | source/l/serf/slack-desc | 2 |
4 files changed, 2 insertions, 73 deletions
diff --git a/source/l/serf/serf-1.3.9-openssl3_fixes-1.patch b/source/l/serf/serf-1.3.9-openssl3_fixes-1.patch deleted file mode 100644 index 0a5c8768c..000000000 --- a/source/l/serf/serf-1.3.9-openssl3_fixes-1.patch +++ /dev/null @@ -1,41 +0,0 @@ -Submitted By: Douglas R. Reno <renodr at linuxfromscratch dot org> -Date: 2021-12-30 -Initial Package Version: 1.3.9 -Origin: Fedora Rawhide (https://src.fedoraproject.org/rpms/libserf/tree/rawhide) -Upstream Status: Merge Request -Description: Fixes a build error in Subversion caused by serf using - internal OpenSSL API functions for it's own use. Also - fixes a crash bug that happens due to a return value - being invalid. - -diff -Naurp serf-1.3.9.orig/buckets/ssl_buckets.c serf-1.3.9/buckets/ssl_buckets.c ---- serf-1.3.9.orig/buckets/ssl_buckets.c 2016-06-30 10:45:07.000000000 -0500 -+++ serf-1.3.9/buckets/ssl_buckets.c 2021-12-30 10:56:53.101158440 -0600 -@@ -407,7 +407,7 @@ static int bio_bucket_destroy(BIO *bio) - - static long bio_bucket_ctrl(BIO *bio, int cmd, long num, void *ptr) - { -- long ret = 1; -+ long ret = 0; - - switch (cmd) { - default: -@@ -415,6 +415,7 @@ static long bio_bucket_ctrl(BIO *bio, in - break; - case BIO_CTRL_FLUSH: - /* At this point we can't force a flush. */ -+ ret = 1; - break; - case BIO_CTRL_PUSH: - case BIO_CTRL_POP: -@@ -1204,6 +1205,10 @@ static void init_ssl_libraries(void) - } - } - -+#ifndef ERR_GET_FUNC -+#define ERR_GET_FUNC(ec) (0) -+#endif -+ - static int ssl_need_client_cert(SSL *ssl, X509 **cert, EVP_PKEY **pkey) - { - serf_ssl_context_t *ctx = SSL_get_app_data(ssl); diff --git a/source/l/serf/serf.SConstruct.python3.diff b/source/l/serf/serf.SConstruct.python3.diff deleted file mode 100644 index 144f5e39e..000000000 --- a/source/l/serf/serf.SConstruct.python3.diff +++ /dev/null @@ -1,24 +0,0 @@ ---- serf-1.3.9/SConstruct.orig 2019-07-26 17:49:30.910189251 +0000 -+++ serf-1.3.9/SConstruct 2019-07-26 17:49:54.073821735 +0000 -@@ -163,9 +163,9 @@ - suffix='.def', src_suffix='.h') - }) - --match = re.search('SERF_MAJOR_VERSION ([0-9]+).*' -- 'SERF_MINOR_VERSION ([0-9]+).*' -- 'SERF_PATCH_VERSION ([0-9]+)', -+match = re.search(b'SERF_MAJOR_VERSION ([0-9]+).*' -+ b'SERF_MINOR_VERSION ([0-9]+).*' -+ b'SERF_PATCH_VERSION ([0-9]+)', - env.File('serf.h').get_contents(), - re.DOTALL) - MAJOR, MINOR, PATCH = [int(x) for x in match.groups()] -@@ -183,7 +183,7 @@ - - unknown = opts.UnknownVariables() - if unknown: -- print 'Warning: Used unknown variables:', ', '.join(unknown.keys()) -+ print ('Warning: Used unknown variables:', ', '.join(unknown.keys())) - - apr = str(env['APR']) - apu = str(env['APU']) diff --git a/source/l/serf/serf.SlackBuild b/source/l/serf/serf.SlackBuild index 924972640..e890ea4e4 100755 --- a/source/l/serf/serf.SlackBuild +++ b/source/l/serf/serf.SlackBuild @@ -27,7 +27,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=serf VERSION=${VERSION:-$(echo serf-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-9} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -85,12 +85,6 @@ find . \ sed -i "/Default/s:lib_static,::" SConstruct sed -i "/Alias/s:install_static,::" SConstruct -# Fix for python3 based scons: -zcat $CWD/serf.SConstruct.python3.diff.gz | patch -p1 --verbose || exit 1 - -# Fix for openssl3: -zcat $CWD/serf-1.3.9-openssl3_fixes-1.patch.gz | patch -p1 --verbose || exit 1 - scons $NUMJOBS \ PREFIX=/usr \ LIBDIR=/usr/lib${LIBDIRSUFFIX} \ diff --git a/source/l/serf/slack-desc b/source/l/serf/slack-desc index 4e31ed2ec..a2f3198e5 100644 --- a/source/l/serf/slack-desc +++ b/source/l/serf/slack-desc @@ -15,5 +15,5 @@ serf: * SSL/TLS support, full HTTP pipelining, serf: * multiple authentication modes (Basic, Digest, Kerberos/NTLM), serf: * zero-copy support for increased throughput. serf: -serf: Homepage: http://serf.apache.org/ +serf: Homepage: https://serf.apache.org/ serf: |