summaryrefslogtreecommitdiffstats
path: root/source
diff options
context:
space:
mode:
author Patrick J Volkerding <volkerdi@slackware.com>2023-06-15 18:59:33 +0000
committer Eric Hameleers <alien@slackware.com>2023-06-15 21:34:54 +0200
commit6804b60830c68cf1122b6b9ce1cee807ef6e295b (patch)
treee58bb29a530b8f8e0090c9bc8c8ce8301efaf3b6 /source
parent2795ec931a3725d9a6fabb74e8edc91b9a434380 (diff)
downloadcurrent-6804b60830c68cf1122b6b9ce1cee807ef6e295b.tar.gz
current-6804b60830c68cf1122b6b9ce1cee807ef6e295b.tar.xz
Thu Jun 15 18:59:33 UTC 202320230615185933
a/btrfs-progs-6.3.2-x86_64-1.txz: Upgraded. l/a52dec-0.8.0-x86_64-1.txz: Upgraded. l/gjs-1.76.2-x86_64-1.txz: Upgraded. x/libX11-1.8.6-x86_64-1.txz: Upgraded. This update fixes buffer overflows in InitExt.c that could at least cause the client to crash due to memory corruption. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-3138 (* Security fix *)
Diffstat (limited to 'source')
-rw-r--r--source/ap/mc/mc-3605-extfs.c-fix-buffer-overflow.patch53
-rwxr-xr-xsource/ap/mc/mc.SlackBuild5
-rwxr-xr-xsource/l/a52dec/a52dec.SlackBuild23
-rw-r--r--source/l/a52dec/a52dec.url1
-rw-r--r--source/l/a52dec/slack-desc2
5 files changed, 20 insertions, 64 deletions
diff --git a/source/ap/mc/mc-3605-extfs.c-fix-buffer-overflow.patch b/source/ap/mc/mc-3605-extfs.c-fix-buffer-overflow.patch
deleted file mode 100644
index bf0761f39..000000000
--- a/source/ap/mc/mc-3605-extfs.c-fix-buffer-overflow.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-From 5cb89fd2150ac91d791b0360631d3fd08c5fb1d4 Mon Sep 17 00:00:00 2001
-From: Andreas Mohr <and@gmx.li>
-Date: Sat, 12 Mar 2016 16:20:43 +0000
-Subject: [PATCH] extfs.c: fix buffer overflow
-
-When handling with copy/move commands inside of archive we can lead into buffer overflow
-steps to roproduce:
- create simple 7z archive
- open it
- rename single filename
- hit buffer overflow
-
-found by clang/AddressSanitizer
-
-==17794==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x602000273593 at pc 0x00000045f2a9 bp 0x7ffc94aa8e20 sp 0x7ffc94aa85d0
-READ of size 2 at 0x602000273593 thread T0
- #0 0x45f2a8 in __interceptor_strchr.part.44 (/usr/bin/mc+0x45f2a8)
- #1 0x70fb72 in extfs_find_entry_int /tmp/portage/app-misc/mc-9999/work/mc-9999/src/vfs/extfs/extfs.c:312:13
- #2 0x70f562 in extfs_find_entry /tmp/portage/app-misc/mc-9999/work/mc-9999/src/vfs/extfs/extfs.c:331:11
- #3 0x712131 in extfs_internal_stat /tmp/portage/app-misc/mc-9999/work/mc-9999/src/vfs/extfs/extfs.c:1117:13
- #4 0x7f3de308ab59 in mc_stat /tmp/portage/app-misc/mc-9999/work/mc-9999/lib/vfs/interface.c:556:46
- #5 0x538575 in file_mask_dialog /tmp/portage/app-misc/mc-9999/work/mc-9999/src/filemanager/filegui.c:1340:25
- #6 0x6e0753 in panel_operate /tmp/portage/app-misc/mc-9999/work/mc-9999/src/filemanager/file.c:2718:13
- #7 0x6bdabd in rename_cmd /tmp/portage/app-misc/mc-9999/work/mc-9999/src/filemanager/cmd.c:811:9
- #8 0x551ef4 in midnight_execute_cmd /tmp/portage/app-misc/mc-9999/work/mc-9999/src/filemanager/midnight.c:1307:9
- #9 0x7f3de30a49e7 in buttonbar_callback /tmp/portage/app-misc/mc-9999/work/mc-9999/lib/widget/buttonbar.c:172:42
- #10 0x7f3de30b2305 in dlg_try_hotkey /tmp/portage/app-misc/mc-9999/work/mc-9999/lib/widget/dialog.c:464:23
- #11 0x7f3de30b199a in dlg_key_event /tmp/portage/app-misc/mc-9999/work/mc-9999/lib/widget/dialog.c:509:19
- #12 0x7f3de30b2ef9 in frontend_dlg_run /tmp/portage/app-misc/mc-9999/work/mc-9999/lib/widget/dialog.c:570:9
- #13 0x7f3de30b2af5 in dlg_run /tmp/portage/app-misc/mc-9999/work/mc-9999/lib/widget/dialog.c:1267:5
- #14 0x5507bb in do_nc /tmp/portage/app-misc/mc-9999/work/mc-9999/src/filemanager/midnight.c:1827:9
- #15 0x50b874 in main /tmp/portage/app-misc/mc-9999/work/mc-9999/src/main.c:403:21
- #16 0x7f3de1ec78fb in __libc_start_main (/lib64/libc.so.6+0x208fb)
- #17 0x427f48 in _start (/usr/bin/mc+0x427f48)
-
-Signed-off-by: Andreas Mohr <and@gmx.li>
----
- src/vfs/extfs/extfs.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/src/vfs/extfs/extfs.c b/src/vfs/extfs/extfs.c
-index 2e7c87b..f7cdaee 100644
---- a/src/vfs/extfs/extfs.c
-+++ b/src/vfs/extfs/extfs.c
-@@ -307,6 +307,8 @@ extfs_find_entry_int (struct entry *dir, const char *name, GSList * list,
- }
- }
- /* Next iteration */
-+ if (c == '\0')
-+ break;
- *q = c;
- p = q + 1;
- q = strchr (p, PATH_SEP);
diff --git a/source/ap/mc/mc.SlackBuild b/source/ap/mc/mc.SlackBuild
index f4f74a83f..f39c73d37 100755
--- a/source/ap/mc/mc.SlackBuild
+++ b/source/ap/mc/mc.SlackBuild
@@ -1,6 +1,6 @@
#!/bin/bash
-# Copyright 2008, 2009, 2010, 2011, 2013, 2016, 2018, 2019 Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2011, 2013, 2016, 2018, 2019, 2023 Patrick J. Volkerding, Sebeka, MN, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
@@ -73,9 +73,6 @@ find . \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \+
-# Upstream fixes:
-zcat $CWD/mc-3605-extfs.c-fix-buffer-overflow.patch.gz | patch -p1 --verbose || exit 1
-
if [ ! -x ./configure ]; then
./autogen.sh
fi
diff --git a/source/l/a52dec/a52dec.SlackBuild b/source/l/a52dec/a52dec.SlackBuild
index 78822c6c1..eea35d85c 100755
--- a/source/l/a52dec/a52dec.SlackBuild
+++ b/source/l/a52dec/a52dec.SlackBuild
@@ -3,7 +3,7 @@
# Slackware build script for a52dec
#
# Copyright 2007 Niklas "Nille" Åkerström
-# Copyright 2014, 2016, 2018 Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2014, 2016, 2018, 2023 Patrick J. Volkerding, Sebeka, MN, USA
# Copyright 2014 Heinz Wiesinger, Amsterdam, NL
# All rights reserved.
#
@@ -27,8 +27,8 @@
cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=a52dec
-VERSION=${VERSION:-$(echo a52dec*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d- | rev)}
-BUILD=${BUILD:-5}
+VERSION=${VERSION:-$(echo a52dec*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d- | rev | tr -d v)}
+BUILD=${BUILD:-1}
if [ -z "$ARCH" ]; then
case "$( uname -m )" in
@@ -69,8 +69,8 @@ rm -rf $PKG
mkdir -p $TMP $PKG
cd $TMP
rm -rf $PKGNAM-$VERSION
-tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1
-cd $PKGNAM-$VERSION || exit 1
+tar xvf $CWD/$PKGNAM-v$VERSION.tar.?z* || exit 1
+cd $PKGNAM-v$VERSION || exit 1
chown -R root:root .
find -L . \
\( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 -o -perm 511 \) \
@@ -78,11 +78,22 @@ find -L . \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \+
+if [ ! -r configure ]; then
+ if [ -x ./autogen.sh ]; then
+ NOCONFIGURE=1 ./autogen.sh
+ else
+ autoreconf -vif
+ fi
+fi
CFLAGS="$SLKCFLAGS" \
CXXFLAGS="$SLKCFLAGS" \
./configure \
--prefix=/usr \
--libdir=/usr/lib${LIBDIRSUFFIX} \
+ --sysconfdir=/etc \
+ --localstatedir=/var \
+ --docdir=/usr/doc/$PKGNAM-$VERSION \
+ --mandir=/usr/man \
--enable-shared \
--disable-static \
--build=$ARCH-slackware-linux || exit 1
@@ -116,7 +127,7 @@ fi
mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
cp -a \
- AUTHORS COPYING* ChangeLog HISTORY INSTALL NEWS README* TODO \
+ AUTHORS* COPYING* ChangeLog* HISTORY* INSTALL* NEWS* README* TODO* \
$PKG/usr/doc/$PKGNAM-$VERSION
mkdir -p $PKG/install
diff --git a/source/l/a52dec/a52dec.url b/source/l/a52dec/a52dec.url
new file mode 100644
index 000000000..b237e1986
--- /dev/null
+++ b/source/l/a52dec/a52dec.url
@@ -0,0 +1 @@
+https://git.adelielinux.org/community/a52dec/
diff --git a/source/l/a52dec/slack-desc b/source/l/a52dec/slack-desc
index 998e1ec58..fd6b8bc1d 100644
--- a/source/l/a52dec/slack-desc
+++ b/source/l/a52dec/slack-desc
@@ -8,5 +8,5 @@ a52dec: library for decoding ATSC A/52 streams. The A/52 standard is used
a52dec: in a variety of applications, including digital television and DVD.
a52dec: It is also known as AC-3.
a52dec:
-a52dec: Homepage: http://liba52.sourceforge.net/
+a52dec: Homepage: https://git.adelielinux.org/community/a52dec/
a52dec: