diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2022-02-01 04:37:04 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2022-02-01 08:59:52 +0100 |
commit | bd42aca52dc7532946a93fb3354a8454c4adfe94 (patch) | |
tree | 2314fe66b3c943fab158a4a4d9d55f1d012cee39 /source | |
parent | 84f05e024aee5a7b537c367e56755b48d34f629b (diff) | |
download | current-bd42aca52dc7532946a93fb3354a8454c4adfe94.tar.gz current-bd42aca52dc7532946a93fb3354a8454c4adfe94.tar.xz |
Tue Feb 1 04:37:04 UTC 202220220201043704
The sepulchral voice intones, "The cave is now closed."
kde/falkon-3.2.0-x86_64-1.txz: Upgraded.
kde/ktexteditor-5.90.0-x86_64-2.txz: Rebuilt.
[PATCH] only start programs in user's path.
[PATCH] only execute diff in path.
Thanks to gmgf.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23853
(* Security fix *)
l/libcanberra-0.30-x86_64-9.txz: Rebuilt.
Fix a bug crashing some applications in Wayland desktops.
Thanks to 01micko.
n/samba-4.15.5-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defects:
UNIX extensions in SMB1 disclose whether the outside target of a symlink
exists.
Out-of-Bound Read/Write on Samba vfs_fruit module. This vulnerability
allows remote attackers to execute arbitrary code as root on affected Samba
installations that use the VFS module vfs_fruit.
Re-adding an SPN skips subsequent SPN conflict checks. An attacker who has
the ability to write to an account can exploit this to perform a
denial-of-service attack by adding an SPN that matches an existing service.
Additionally, an attacker who can intercept traffic can impersonate existing
services, resulting in a loss of confidentiality and integrity.
For more information, see:
https://www.samba.org/samba/security/CVE-2021-44141.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44141
https://www.samba.org/samba/security/CVE-2021-44142.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142
https://www.samba.org/samba/security/CVE-2022-0336.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0336
(* Security fix *)
x/xterm-370-x86_64-7.txz: Rebuilt.
Rebuilt with --disable-sixel-graphics to fix a buffer overflow.
Thanks to gmgf.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24130
(* Security fix *)
testing/source/linux-5.16.4-configs/*: Added.
Sample config files to build 5.16.4 Linux kernels.
Diffstat (limited to 'source')
-rw-r--r-- | source/kde/kde/build/falkon | 2 | ||||
-rw-r--r-- | source/kde/kde/build/ktexteditor | 2 | ||||
-rw-r--r-- | source/kde/kde/patch/falkon.patch | 2 | ||||
-rw-r--r-- | source/kde/kde/patch/falkon/falkon.qt-5.15.diff | 20 | ||||
-rw-r--r-- | source/kde/kde/patch/ktexteditor.patch | 2 | ||||
-rw-r--r-- | source/kde/kde/patch/ktexteditor/804e4944.patch | 104 | ||||
-rw-r--r-- | source/kde/kde/patch/ktexteditor/c80f935c.patch | 55 | ||||
-rw-r--r-- | source/l/libcanberra/libcanberra-0.30-wayland-1.patch | 77 | ||||
-rwxr-xr-x | source/l/libcanberra/libcanberra.SlackBuild | 8 | ||||
-rw-r--r-- | source/n/samba/samba.url | 4 | ||||
-rwxr-xr-x | source/x/xterm/xterm.SlackBuild | 8 |
11 files changed, 252 insertions, 32 deletions
diff --git a/source/kde/kde/build/falkon b/source/kde/kde/build/falkon index b8626c4cf..d00491fd7 100644 --- a/source/kde/kde/build/falkon +++ b/source/kde/kde/build/falkon @@ -1 +1 @@ -4 +1 diff --git a/source/kde/kde/build/ktexteditor b/source/kde/kde/build/ktexteditor index d00491fd7..0cfbf0888 100644 --- a/source/kde/kde/build/ktexteditor +++ b/source/kde/kde/build/ktexteditor @@ -1 +1 @@ -1 +2 diff --git a/source/kde/kde/patch/falkon.patch b/source/kde/kde/patch/falkon.patch deleted file mode 100644 index 27a466836..000000000 --- a/source/kde/kde/patch/falkon.patch +++ /dev/null @@ -1,2 +0,0 @@ -# Fix build against Qt 5.15: -cat $CWD/patch/falkon/falkon.qt-5.15.diff | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } diff --git a/source/kde/kde/patch/falkon/falkon.qt-5.15.diff b/source/kde/kde/patch/falkon/falkon.qt-5.15.diff deleted file mode 100644 index 60f1699e8..000000000 --- a/source/kde/kde/patch/falkon/falkon.qt-5.15.diff +++ /dev/null @@ -1,20 +0,0 @@ ---- ./src/lib/tools/qztools.cpp.orig 2019-03-19 13:06:45.000000000 -0500 -+++ ./src/lib/tools/qztools.cpp 2020-07-18 15:00:08.881313780 -0500 -@@ -25,6 +25,7 @@ - #include <QByteArray> - #include <QPixmap> - #include <QPainter> -+#include <QPainterPath> - #include <QBuffer> - #include <QFile> - #include <QDir> ---- ./src/plugins/VerticalTabs/verticaltabsplugin.cpp.orig 2019-03-19 13:06:45.000000000 -0500 -+++ ./src/plugins/VerticalTabs/verticaltabsplugin.cpp 2020-07-18 15:03:16.468303404 -0500 -@@ -31,6 +31,7 @@ - #include "desktopfile.h" - - #include <QSettings> -+#include <QFile> - - VerticalTabsPlugin::VerticalTabsPlugin() - : QObject() diff --git a/source/kde/kde/patch/ktexteditor.patch b/source/kde/kde/patch/ktexteditor.patch new file mode 100644 index 000000000..c658b7739 --- /dev/null +++ b/source/kde/kde/patch/ktexteditor.patch @@ -0,0 +1,2 @@ +cat $CWD/patch/ktexteditor/804e4944.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +cat $CWD/patch/ktexteditor/c80f935c.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } diff --git a/source/kde/kde/patch/ktexteditor/804e4944.patch b/source/kde/kde/patch/ktexteditor/804e4944.patch new file mode 100644 index 000000000..854cf0da4 --- /dev/null +++ b/source/kde/kde/patch/ktexteditor/804e4944.patch @@ -0,0 +1,104 @@ +From 804e49444c093fe58ec0df2ab436565e50dc147e Mon Sep 17 00:00:00 2001 +From: Christoph Cullmann <cullmann@kde.org> +Date: Thu, 20 Jan 2022 09:46:34 +0100 +Subject: [PATCH] only start programs in user's path + +don't use QProcess with just program name +first search the right program in the user's path +--- + src/document/katedocument.cpp | 29 ++++++++++++++++------------ + src/swapfile/kateswapdiffcreator.cpp | 17 ++++++++++++---- + 2 files changed, 30 insertions(+), 16 deletions(-) + +diff --git a/src/document/katedocument.cpp b/src/document/katedocument.cpp +index 01f74da1..05d0e91b 100644 +--- a/src/document/katedocument.cpp ++++ b/src/document/katedocument.cpp +@@ -72,6 +72,7 @@ + #include <QMimeDatabase> + #include <QProcess> + #include <QRegularExpression> ++#include <QStandardPaths> + #include <QTemporaryFile> + #include <QTextCodec> + #include <QTextStream> +@@ -5054,18 +5055,22 @@ void KTextEditor::DocumentPrivate::slotDelayedHandleModOnHd() + // skip that, if document is modified! + // only do that, if the file is still there, else reload makes no sense! + if (m_modOnHd && !isModified() && QFile::exists(url().toLocalFile())) { +- QProcess git; +- const QStringList args{QStringLiteral("cat-file"), QStringLiteral("-e"), QString::fromUtf8(oldDigest)}; +- git.start(QStringLiteral("git"), args); +- if (git.waitForStarted()) { +- git.closeWriteChannel(); +- if (git.waitForFinished()) { +- if (git.exitCode() == 0) { +- // this hash exists still in git => just reload +- m_modOnHd = false; +- m_modOnHdReason = OnDiskUnmodified; +- m_prevModOnHdReason = OnDiskUnmodified; +- documentReload(); ++ // we only want to use git from PATH, cache this ++ static const QString fullGitPath = QStandardPaths::findExecutable(QStringLiteral("git")); ++ if (!fullGitPath.isEmpty()) { ++ QProcess git; ++ const QStringList args{QStringLiteral("cat-file"), QStringLiteral("-e"), QString::fromUtf8(oldDigest)}; ++ git.start(fullGitPath, args); ++ if (git.waitForStarted()) { ++ git.closeWriteChannel(); ++ if (git.waitForFinished()) { ++ if (git.exitCode() == 0) { ++ // this hash exists still in git => just reload ++ m_modOnHd = false; ++ m_modOnHdReason = OnDiskUnmodified; ++ m_prevModOnHdReason = OnDiskUnmodified; ++ documentReload(); ++ } + } + } + } +diff --git a/src/swapfile/kateswapdiffcreator.cpp b/src/swapfile/kateswapdiffcreator.cpp +index 5c515c45..a185123a 100644 +--- a/src/swapfile/kateswapdiffcreator.cpp ++++ b/src/swapfile/kateswapdiffcreator.cpp +@@ -14,6 +14,7 @@ + #include <KMessageBox> + + #include <QDir> ++#include <QStandardPaths> + #include <QTextCodec> + + // BEGIN SwapDiffCreator +@@ -85,17 +86,25 @@ void SwapDiffCreator::viewDiff() + connect(&m_proc, &QProcess::readyRead, this, &SwapDiffCreator::slotDataAvailable, Qt::UniqueConnection); + connect(&m_proc, &QProcess::finished, this, &SwapDiffCreator::slotDiffFinished, Qt::UniqueConnection); + +- // try to start diff process, if we can't be started be done with error +- m_proc.start(QStringLiteral("diff"), QStringList() << QStringLiteral("-u") << m_originalFile.fileName() << m_recoveredFile.fileName()); +- if (!m_proc.waitForStarted()) { ++ // use diff from PATH only => inform if not found at all ++ const QString fullDiffPath = QStandardPaths::findExecutable(QStringLiteral("diff")); ++ if (fullDiffPath.isEmpty()) { + KMessageBox::sorry(nullptr, +- i18n("The diff command could not be started. Please make sure that " ++ i18n("The diff command could not be found. Please make sure that " + "diff(1) is installed and in your PATH."), + i18n("Error Creating Diff")); + deleteLater(); + return; + } + ++ // try to start the diff program, might fail, too ++ m_proc.start(fullDiffPath, QStringList() << QStringLiteral("-u") << m_originalFile.fileName() << m_recoveredFile.fileName()); ++ if (!m_proc.waitForStarted()) { ++ KMessageBox::sorry(nullptr, i18n("The diff command '%1' could not be started.").arg(fullDiffPath), i18n("Error Creating Diff")); ++ deleteLater(); ++ return; ++ } ++ + // process is up and running, we can write data to it + QTextStream ts(&m_proc); + int lineCount = recoverDoc.lines(); +-- +GitLab + diff --git a/source/kde/kde/patch/ktexteditor/c80f935c.patch b/source/kde/kde/patch/ktexteditor/c80f935c.patch new file mode 100644 index 000000000..8cccfe3a9 --- /dev/null +++ b/source/kde/kde/patch/ktexteditor/c80f935c.patch @@ -0,0 +1,55 @@ +From c80f935c345de2e2fb10635202800839ca9697bf Mon Sep 17 00:00:00 2001 +From: Christoph Cullmann <cullmann@kde.org> +Date: Thu, 20 Jan 2022 10:30:20 +0100 +Subject: [PATCH] only execute diff in path + +--- + src/dialogs/katedialogs.cpp | 5 +++-- + src/dialogs/katedialogs.h | 1 + + 2 files changed, 4 insertions(+), 2 deletions(-) + +diff --git a/src/dialogs/katedialogs.cpp b/src/dialogs/katedialogs.cpp +index 5b949f36..63a58aee 100644 +--- a/src/dialogs/katedialogs.cpp ++++ b/src/dialogs/katedialogs.cpp +@@ -1317,6 +1317,7 @@ KateModOnHdPrompt::KateModOnHdPrompt(KTextEditor::DocumentPrivate *doc, KTextEdi + : QObject(doc) + , m_doc(doc) + , m_modtype(modtype) ++ , m_fullDiffPath(QStandardPaths::findExecutable(QStringLiteral("diff"))) + , m_proc(nullptr) + , m_diffFile(nullptr) + , m_diffAction(nullptr) +@@ -1334,7 +1335,7 @@ KateModOnHdPrompt::KateModOnHdPrompt(KTextEditor::DocumentPrivate *doc, KTextEdi + m_message->addAction(aAutoReload, false); + connect(aAutoReload, &QAction::triggered, this, &KateModOnHdPrompt::autoReloadTriggered); + +- if (!QStandardPaths::findExecutable(QStringLiteral("diff")).isEmpty()) { ++ if (!m_fullDiffPath.isEmpty()) { + m_diffAction = new QAction(i18n("View &Difference"), this); + m_diffAction->setIcon(QIcon::fromTheme(QStringLiteral("document-multiple"))); + m_diffAction->setToolTip(i18n("Shows a diff of the changes")); +@@ -1394,7 +1395,7 @@ void KateModOnHdPrompt::slotDiff() + // Start a KProcess that creates a diff + m_proc = new KProcess(this); + m_proc->setOutputChannelMode(KProcess::MergedChannels); +- *m_proc << QStringLiteral("diff") << QStringLiteral("-u") << QStringLiteral("-") << m_doc->url().toLocalFile(); ++ *m_proc << m_fullDiffPath << QStringLiteral("-u") << QStringLiteral("-") << m_doc->url().toLocalFile(); + connect(m_proc, &KProcess::readyRead, this, &KateModOnHdPrompt::slotDataAvailable); + connect(m_proc, &KProcess::finished, this, &KateModOnHdPrompt::slotPDone); + +diff --git a/src/dialogs/katedialogs.h b/src/dialogs/katedialogs.h +index 80b611d9..e5574023 100644 +--- a/src/dialogs/katedialogs.h ++++ b/src/dialogs/katedialogs.h +@@ -376,6 +376,7 @@ private: + KTextEditor::DocumentPrivate *m_doc; + QPointer<KTextEditor::Message> m_message; + KTextEditor::ModificationInterface::ModifiedOnDiskReason m_modtype; ++ QString m_fullDiffPath; + KProcess *m_proc; + QTemporaryFile *m_diffFile; + QAction *m_diffAction; +-- +GitLab + diff --git a/source/l/libcanberra/libcanberra-0.30-wayland-1.patch b/source/l/libcanberra/libcanberra-0.30-wayland-1.patch new file mode 100644 index 000000000..9196ad678 --- /dev/null +++ b/source/l/libcanberra/libcanberra-0.30-wayland-1.patch @@ -0,0 +1,77 @@ +Submitted by: Xi Ruoyao <xry111 at mengyan1223 dot wang> +Date: 2020-09-21 +Initial Package Version: 0.30 +Upstream Status: Commited +Origin: Upstream Git Repository +Description: Fix a bug crashing some applications in Wayland desktops. + +From c0620e432650e81062c1967cc669829dbd29b310 Mon Sep 17 00:00:00 2001 +From: Michael Meeks <michael.meeks@suse.com> +Date: Fri, 9 Nov 2012 16:16:40 +0000 +Subject: gtk: Don't assume all GdkDisplays are GdkX11Displays: + broadway/wayland + +--- + src/canberra-gtk-module.c | 15 +++++++++++++++ + src/canberra-gtk.c | 5 +++++ + 2 files changed, 20 insertions(+) + +diff --git a/src/canberra-gtk-module.c b/src/canberra-gtk-module.c +index 67791f0..c1532ab 100644 +--- a/src/canberra-gtk-module.c ++++ b/src/canberra-gtk-module.c +@@ -307,6 +307,11 @@ static gint window_get_desktop(GdkDisplay *d, GdkWindow *w) { + guchar *data = NULL; + gint ret = -1; + ++#ifdef GDK_IS_X11_DISPLAY ++ if (!GDK_IS_X11_DISPLAY(d)) ++ return 0; ++#endif ++ + if (XGetWindowProperty(GDK_DISPLAY_XDISPLAY(d), GDK_WINDOW_XID(w), + gdk_x11_get_xatom_by_name_for_display(d, "_NET_WM_DESKTOP"), + 0, G_MAXLONG, False, XA_CARDINAL, &type_return, +@@ -335,6 +340,11 @@ static gint display_get_desktop(GdkDisplay *d) { + guchar *data = NULL; + gint ret = -1; + ++#ifdef GDK_IS_X11_DISPLAY ++ if (!GDK_IS_X11_DISPLAY(d)) ++ return 0; ++#endif ++ + if (XGetWindowProperty(GDK_DISPLAY_XDISPLAY(d), DefaultRootWindow(GDK_DISPLAY_XDISPLAY(d)), + gdk_x11_get_xatom_by_name_for_display(d, "_NET_CURRENT_DESKTOP"), + 0, G_MAXLONG, False, XA_CARDINAL, &type_return, +@@ -365,6 +375,11 @@ static gboolean window_is_xembed(GdkDisplay *d, GdkWindow *w) { + gboolean ret = FALSE; + Atom xembed; + ++#ifdef GDK_IS_X11_DISPLAY ++ if (!GDK_IS_X11_DISPLAY(d)) ++ return FALSE; ++#endif ++ + /* Gnome Panel applets are XEMBED windows. We need to make sure we + * ignore them */ + +diff --git a/src/canberra-gtk.c b/src/canberra-gtk.c +index 34446f5..08cb668 100644 +--- a/src/canberra-gtk.c ++++ b/src/canberra-gtk.c +@@ -185,6 +185,11 @@ static gint window_get_desktop(GdkDisplay *d, GdkWindow *w) { + guchar *data = NULL; + gint ret = -1; + ++#ifdef GDK_IS_X11_DISPLAY ++ if (!GDK_IS_X11_DISPLAY(d)) ++ return 0; ++#endif ++ + if (XGetWindowProperty(GDK_DISPLAY_XDISPLAY(d), GDK_WINDOW_XID(w), + gdk_x11_get_xatom_by_name_for_display(d, "_NET_WM_DESKTOP"), + 0, G_MAXLONG, False, XA_CARDINAL, &type_return, +-- +cgit v1.2.1 + diff --git a/source/l/libcanberra/libcanberra.SlackBuild b/source/l/libcanberra/libcanberra.SlackBuild index f0c43ade0..6ae25e697 100755 --- a/source/l/libcanberra/libcanberra.SlackBuild +++ b/source/l/libcanberra/libcanberra.SlackBuild @@ -1,8 +1,6 @@ #!/bin/bash - -# Slackware build script for libcanberra - # Copyright 2010, 2011, 2012, 2015 Robby Workman, Tuscaloosa, Alabama, USA +# Copyright 2022 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -26,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=libcanberra VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-8} +BUILD=${BUILD:-9} if [ -z "$ARCH" ]; then case "$( uname -m )" in @@ -81,6 +79,8 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \+ +zcat $CWD/libcanberra-0.30-wayland-1.patch.gz | patch -p1 --verbose || exit 1 + CFLAGS="$SLKCFLAGS -I/usr/include/samba-4.0" \ CXXFLAGS="$SLKCFLAGS -I/usr/include/samba-4.0" \ ./configure \ diff --git a/source/n/samba/samba.url b/source/n/samba/samba.url index 8a75cddbd..a2d7b167a 100644 --- a/source/n/samba/samba.url +++ b/source/n/samba/samba.url @@ -1,2 +1,2 @@ -https://download.samba.org/pub/samba/stable/samba-4.15.4.tar.gz -https://download.samba.org/pub/samba/stable/samba-4.15.4.tar.asc +https://download.samba.org/pub/samba/stable/samba-4.15.5.tar.gz +https://download.samba.org/pub/samba/stable/samba-4.15.5.tar.asc diff --git a/source/x/xterm/xterm.SlackBuild b/source/x/xterm/xterm.SlackBuild index 0fb93661f..36f2bb3f9 100755 --- a/source/x/xterm/xterm.SlackBuild +++ b/source/x/xterm/xterm.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=xterm VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-6} +BUILD=${BUILD:-7} NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} @@ -97,12 +97,16 @@ CFLAGS="$SLKCFLAGS" \ --enable-88-color \ --enable-256-color \ --enable-regis-graphics \ - --enable-sixel-graphics \ + --disable-sixel-graphics \ --with-icon-theme=hicolor \ --with-icondir=/usr/share/icons \ --with-pixmapdir=/usr/share/pixmaps \ --build=$ARCH-slackware-linux || exit 1 +# Disabled due to currently unpatched buffer overflow. Besides, I'm not sure +# how useful this really is in the first place. +# --enable-sixel-graphics + # Build and install: make $NUMJOBS || make || exit 1 make install DESTDIR=$PKG || exit 1 |