diff options
17 files changed, 413 insertions, 66 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss index cb89f9731..e2bb37e0b 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,10 +11,46 @@ <description>Tracking Slackware development in git.</description> <language>en-us</language> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> - <pubDate>Tue, 12 Dec 2023 19:54:42 GMT</pubDate> - <lastBuildDate>Wed, 13 Dec 2023 12:30:30 GMT</lastBuildDate> + <pubDate>Wed, 13 Dec 2023 22:01:34 GMT</pubDate> + <lastBuildDate>Thu, 14 Dec 2023 12:39:12 GMT</lastBuildDate> <generator>maintain_current_git.sh v 1.17</generator> <item> + <title>Wed, 13 Dec 2023 22:01:34 GMT</title> + <pubDate>Wed, 13 Dec 2023 22:01:34 GMT</pubDate> + <link>https://git.slackware.nl/current/tag/?h=20231213220134</link> + <guid isPermaLink="false">20231213220134</guid> + <description> + <![CDATA[<pre> +patches/packages/libxml2-2.12.3-x86_64-1_slack15.0.txz: Upgraded. + This update addresses regressions when building against libxml2 that were + due to header file refactoring. +patches/packages/xorg-server-1.20.14-x86_64-10_slack15.0.txz: Rebuilt. + This update fixes two security issues: + Out-of-bounds memory write in XKB button actions. + Out-of-bounds memory read in RRChangeOutputProperty and + RRChangeProviderProperty. + For more information, see: + https://lists.x.org/archives/xorg/2023-December/061517.html + https://www.cve.org/CVERecord?id=CVE-2023-6377 + https://www.cve.org/CVERecord?id=CVE-2023-6478 + (* Security fix *) +patches/packages/xorg-server-xephyr-1.20.14-x86_64-10_slack15.0.txz: Rebuilt. +patches/packages/xorg-server-xnest-1.20.14-x86_64-10_slack15.0.txz: Rebuilt. +patches/packages/xorg-server-xvfb-1.20.14-x86_64-10_slack15.0.txz: Rebuilt. +patches/packages/xorg-server-xwayland-21.1.4-x86_64-9_slack15.0.txz: Rebuilt. + This update fixes two security issues: + Out-of-bounds memory write in XKB button actions. + Out-of-bounds memory read in RRChangeOutputProperty and + RRChangeProviderProperty. + For more information, see: + https://lists.x.org/archives/xorg/2023-December/061517.html + https://www.cve.org/CVERecord?id=CVE-2023-6377 + https://www.cve.org/CVERecord?id=CVE-2023-6478 + (* Security fix *) + </pre>]]> + </description> + </item> + <item> <title>Tue, 12 Dec 2023 19:54:42 GMT</title> <pubDate>Tue, 12 Dec 2023 19:54:42 GMT</pubDate> <link>https://git.slackware.nl/current/tag/?h=20231212195442</link> diff --git a/ChangeLog.txt b/ChangeLog.txt index 9682dae01..748ab7d69 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,31 @@ +Wed Dec 13 22:01:34 UTC 2023 +patches/packages/libxml2-2.12.3-x86_64-1_slack15.0.txz: Upgraded. + This update addresses regressions when building against libxml2 that were + due to header file refactoring. +patches/packages/xorg-server-1.20.14-x86_64-10_slack15.0.txz: Rebuilt. + This update fixes two security issues: + Out-of-bounds memory write in XKB button actions. + Out-of-bounds memory read in RRChangeOutputProperty and + RRChangeProviderProperty. + For more information, see: + https://lists.x.org/archives/xorg/2023-December/061517.html + https://www.cve.org/CVERecord?id=CVE-2023-6377 + https://www.cve.org/CVERecord?id=CVE-2023-6478 + (* Security fix *) +patches/packages/xorg-server-xephyr-1.20.14-x86_64-10_slack15.0.txz: Rebuilt. +patches/packages/xorg-server-xnest-1.20.14-x86_64-10_slack15.0.txz: Rebuilt. +patches/packages/xorg-server-xvfb-1.20.14-x86_64-10_slack15.0.txz: Rebuilt. +patches/packages/xorg-server-xwayland-21.1.4-x86_64-9_slack15.0.txz: Rebuilt. + This update fixes two security issues: + Out-of-bounds memory write in XKB button actions. + Out-of-bounds memory read in RRChangeOutputProperty and + RRChangeProviderProperty. + For more information, see: + https://lists.x.org/archives/xorg/2023-December/061517.html + https://www.cve.org/CVERecord?id=CVE-2023-6377 + https://www.cve.org/CVERecord?id=CVE-2023-6478 + (* Security fix *) ++--------------------------+ Tue Dec 12 19:54:42 UTC 2023 patches/packages/mozilla-thunderbird-115.5.2-x86_64-1_slack15.0.txz: Upgraded. This is a bugfix release. diff --git a/FILELIST.TXT b/FILELIST.TXT index 904f51b2c..71adcf3dd 100644 --- a/FILELIST.TXT +++ b/FILELIST.TXT @@ -1,20 +1,20 @@ -Tue Dec 12 19:58:25 UTC 2023 +Wed Dec 13 22:07:38 UTC 2023 Here is the file list for this directory. If you are using a mirror site and find missing or extra files in the disk subdirectories, please have the archive administrator refresh the mirror. -drwxr-xr-x 12 root root 4096 2023-12-12 19:54 . +drwxr-xr-x 12 root root 4096 2023-12-13 22:01 . -rw-r--r-- 1 root root 5767 2022-02-02 22:44 ./ANNOUNCE.15.0 -rw-r--r-- 1 root root 16609 2022-03-30 19:03 ./CHANGES_AND_HINTS.TXT --rw-r--r-- 1 root root 1203236 2023-12-10 01:17 ./CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2023-12-10 01:17 ./CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 1203236 2023-12-12 19:58 ./CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2023-12-12 19:58 ./CHECKSUMS.md5.asc -rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING -rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3 -rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT -rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT --rw-r--r-- 1 root root 2071565 2023-12-12 19:54 ./ChangeLog.txt +-rw-r--r-- 1 root root 2072975 2023-12-13 22:01 ./ChangeLog.txt drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT -rw-r--r-- 1 root root 1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi @@ -25,7 +25,7 @@ drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT -rwxr-xr-x 1 root root 2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh -rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg -rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg --rw-r--r-- 1 root root 1573010 2023-12-10 01:17 ./FILELIST.TXT +-rw-r--r-- 1 root root 1573010 2023-12-12 19:58 ./FILELIST.TXT -rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY -rw-r--r-- 1 root root 864745 2022-02-02 08:25 ./PACKAGES.TXT -rw-r--r-- 1 root root 8034 2022-02-02 03:36 ./README.TXT @@ -770,13 +770,13 @@ drwxr-xr-x 2 root root 4096 2022-12-17 19:52 ./pasture/source/samba -rw-r--r-- 1 root root 7921 2018-04-29 17:31 ./pasture/source/samba/smb.conf.default -rw-r--r-- 1 root root 7933 2018-01-14 20:41 ./pasture/source/samba/smb.conf.default.orig -rw-r--r-- 1 root root 536 2017-03-23 19:18 ./pasture/source/samba/smb.conf.diff.gz -drwxr-xr-x 4 root root 4096 2023-12-12 19:58 ./patches --rw-r--r-- 1 root root 91913 2023-12-12 19:58 ./patches/CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2023-12-12 19:58 ./patches/CHECKSUMS.md5.asc --rw-r--r-- 1 root root 125054 2023-12-12 19:58 ./patches/FILE_LIST --rw-r--r-- 1 root root 14547119 2023-12-12 19:58 ./patches/MANIFEST.bz2 --rw-r--r-- 1 root root 67679 2023-12-12 19:58 ./patches/PACKAGES.TXT -drwxr-xr-x 4 root root 28672 2023-12-12 19:58 ./patches/packages +drwxr-xr-x 4 root root 4096 2023-12-13 22:07 ./patches +-rw-r--r-- 1 root root 92291 2023-12-13 22:07 ./patches/CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2023-12-13 22:07 ./patches/CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 125500 2023-12-13 22:07 ./patches/FILE_LIST +-rw-r--r-- 1 root root 14538990 2023-12-13 22:07 ./patches/MANIFEST.bz2 +-rw-r--r-- 1 root root 67683 2023-12-13 22:07 ./patches/PACKAGES.TXT +drwxr-xr-x 4 root root 28672 2023-12-13 22:07 ./patches/packages -rw-r--r-- 1 root root 360 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 2389564 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txz.asc @@ -921,9 +921,9 @@ drwxr-xr-x 4 root root 28672 2023-12-12 19:58 ./patches/packages -rw-r--r-- 1 root root 498 2023-09-14 17:26 ./patches/packages/libwebp-1.3.2-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 358924 2023-09-14 17:26 ./patches/packages/libwebp-1.3.2-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2023-09-14 17:26 ./patches/packages/libwebp-1.3.2-x86_64-1_slack15.0.txz.asc --rw-r--r-- 1 root root 518 2023-12-10 00:58 ./patches/packages/libxml2-2.12.2-x86_64-1_slack15.0.txt --rw-r--r-- 1 root root 1162520 2023-12-10 00:58 ./patches/packages/libxml2-2.12.2-x86_64-1_slack15.0.txz --rw-r--r-- 1 root root 163 2023-12-10 00:58 ./patches/packages/libxml2-2.12.2-x86_64-1_slack15.0.txz.asc +-rw-r--r-- 1 root root 518 2023-12-13 20:18 ./patches/packages/libxml2-2.12.3-x86_64-1_slack15.0.txt +-rw-r--r-- 1 root root 1161892 2023-12-13 20:18 ./patches/packages/libxml2-2.12.3-x86_64-1_slack15.0.txz +-rw-r--r-- 1 root root 163 2023-12-13 20:18 ./patches/packages/libxml2-2.12.3-x86_64-1_slack15.0.txz.asc -rw-r--r-- 1 root root 219 2022-03-01 04:56 ./patches/packages/libxslt-1.1.35-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 375568 2022-03-01 04:56 ./patches/packages/libxslt-1.1.35-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2022-03-01 04:56 ./patches/packages/libxslt-1.1.35-x86_64-1_slack15.0.txz.asc @@ -1076,21 +1076,21 @@ drwxr-xr-x 2 root root 4096 2023-06-23 18:50 ./patches/packages/old-linux- -rw-r--r-- 1 root root 377 2022-11-17 01:47 ./patches/packages/xfce4-settings-4.16.5-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 801956 2022-11-17 01:47 ./patches/packages/xfce4-settings-4.16.5-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2022-11-17 01:47 ./patches/packages/xfce4-settings-4.16.5-x86_64-1_slack15.0.txz.asc --rw-r--r-- 1 root root 670 2023-10-25 18:43 ./patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txt --rw-r--r-- 1 root root 1779800 2023-10-25 18:43 ./patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txz --rw-r--r-- 1 root root 163 2023-10-25 18:43 ./patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txz.asc --rw-r--r-- 1 root root 370 2023-10-25 18:43 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txt --rw-r--r-- 1 root root 869132 2023-10-25 18:43 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txz --rw-r--r-- 1 root root 163 2023-10-25 18:43 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txz.asc --rw-r--r-- 1 root root 592 2023-10-25 18:43 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txt --rw-r--r-- 1 root root 605108 2023-10-25 18:43 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txz --rw-r--r-- 1 root root 163 2023-10-25 18:43 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txz.asc --rw-r--r-- 1 root root 689 2023-10-25 18:43 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txt --rw-r--r-- 1 root root 731384 2023-10-25 18:43 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txz --rw-r--r-- 1 root root 163 2023-10-25 18:43 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txz.asc --rw-r--r-- 1 root root 816 2023-10-25 18:37 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txt --rw-r--r-- 1 root root 816792 2023-10-25 18:37 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txz --rw-r--r-- 1 root root 163 2023-10-25 18:37 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txz.asc +-rw-r--r-- 1 root root 670 2023-12-13 20:09 ./patches/packages/xorg-server-1.20.14-x86_64-10_slack15.0.txt +-rw-r--r-- 1 root root 1780124 2023-12-13 20:09 ./patches/packages/xorg-server-1.20.14-x86_64-10_slack15.0.txz +-rw-r--r-- 1 root root 163 2023-12-13 20:09 ./patches/packages/xorg-server-1.20.14-x86_64-10_slack15.0.txz.asc +-rw-r--r-- 1 root root 370 2023-12-13 20:09 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-10_slack15.0.txt +-rw-r--r-- 1 root root 869204 2023-12-13 20:09 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-10_slack15.0.txz +-rw-r--r-- 1 root root 163 2023-12-13 20:09 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-10_slack15.0.txz.asc +-rw-r--r-- 1 root root 592 2023-12-13 20:09 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-10_slack15.0.txt +-rw-r--r-- 1 root root 605124 2023-12-13 20:09 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-10_slack15.0.txz +-rw-r--r-- 1 root root 163 2023-12-13 20:09 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-10_slack15.0.txz.asc +-rw-r--r-- 1 root root 689 2023-12-13 20:09 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-10_slack15.0.txt +-rw-r--r-- 1 root root 731156 2023-12-13 20:09 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-10_slack15.0.txz +-rw-r--r-- 1 root root 163 2023-12-13 20:09 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-10_slack15.0.txz.asc +-rw-r--r-- 1 root root 816 2023-12-13 20:12 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-9_slack15.0.txt +-rw-r--r-- 1 root root 816656 2023-12-13 20:12 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-9_slack15.0.txz +-rw-r--r-- 1 root root 163 2023-12-13 20:12 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-9_slack15.0.txz.asc -rw-r--r-- 1 root root 463 2023-03-05 20:29 ./patches/packages/xscreensaver-6.06-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 9161204 2023-03-05 20:29 ./patches/packages/xscreensaver-6.06-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2023-03-05 20:29 ./patches/packages/xscreensaver-6.06-x86_64-1_slack15.0.txz.asc @@ -1103,7 +1103,7 @@ drwxr-xr-x 2 root root 4096 2023-06-23 18:50 ./patches/packages/old-linux- -rw-r--r-- 1 root root 463 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 459652 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz.asc -drwxr-xr-x 97 root root 4096 2023-12-12 18:08 ./patches/source +drwxr-xr-x 97 root root 4096 2023-12-13 20:27 ./patches/source drwxr-xr-x 2 root root 4096 2023-09-26 19:22 ./patches/source/Cython -rw-r--r-- 1 root root 1623580 2023-07-04 19:24 ./patches/source/Cython/Cython-0.29.36.tar.lz -rwxr-xr-x 1 root root 3041 2023-09-26 19:23 ./patches/source/Cython/Cython.SlackBuild @@ -1501,9 +1501,9 @@ drwxr-xr-x 2 root root 4096 2023-09-14 17:24 ./patches/source/libwebp -rwxr-xr-x 1 root root 5226 2023-09-14 17:25 ./patches/source/libwebp/libwebp.SlackBuild -rw-r--r-- 1 root root 49 2022-01-21 19:13 ./patches/source/libwebp/libwebp.url -rw-r--r-- 1 root root 985 2018-02-27 06:12 ./patches/source/libwebp/slack-desc -drwxr-xr-x 2 root root 4096 2023-12-09 19:10 ./patches/source/libxml2 +drwxr-xr-x 2 root root 4096 2023-12-13 20:16 ./patches/source/libxml2 -rw-r--r-- 1 root root 1254 2023-12-06 00:00 ./patches/source/libxml2/libxml2-2.12.0-python3-unicode-errors.patch --rw-r--r-- 1 root root 2642336 2023-12-05 19:59 ./patches/source/libxml2/libxml2-2.12.2.tar.xz +-rw-r--r-- 1 root root 2641720 2023-12-12 14:59 ./patches/source/libxml2/libxml2-2.12.3.tar.xz -rwxr-xr-x 1 root root 5073 2023-12-10 00:55 ./patches/source/libxml2/libxml2.SlackBuild -rw-r--r-- 1 root root 114 2022-08-27 18:08 ./patches/source/libxml2/libxml2.url -rw-r--r-- 1 root root 973 2018-02-27 06:49 ./patches/source/libxml2/slack-desc @@ -2020,7 +2020,7 @@ drwxr-xr-x 2 root root 4096 2022-11-16 19:13 ./patches/source/xfce4-settin -rw-r--r-- 1 root root 83 2022-11-09 20:26 ./patches/source/xfce4-settings/xfce4-settings.url -rw-r--r-- 1 root root 543 2012-07-19 19:32 ./patches/source/xfce4-settings/xfce4-settings.xft.defaults.diff.gz drwxr-xr-x 10 root root 4096 2022-07-12 20:19 ./patches/source/xorg-server -drwxr-xr-x 2 root root 4096 2023-10-25 18:36 ./patches/source/xorg-server-xwayland +drwxr-xr-x 2 root root 4096 2023-12-13 20:11 ./patches/source/xorg-server-xwayland -rw-r--r-- 1 root root 1175 2022-07-12 17:02 ./patches/source/xorg-server-xwayland/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch.gz -rw-r--r-- 1 root root 2243 2022-07-12 17:03 ./patches/source/xorg-server-xwayland/0002-dd8caf39e9e15d8f302e54045dd08d8ebf1025dc.patch.gz -rw-r--r-- 1 root root 1923 2022-07-12 17:03 ./patches/source/xorg-server-xwayland/0003-6907b6ea2b4ce949cb07271f5b678d5966d9df42.patch.gz @@ -2037,13 +2037,15 @@ drwxr-xr-x 2 root root 4096 2023-10-25 18:36 ./patches/source/xorg-server- -rw-r--r-- 1 root root 605 2023-02-07 19:33 ./patches/source/xorg-server-xwayland/CVE-2023-0494.patch.gz -rw-r--r-- 1 root root 792 2023-03-29 18:09 ./patches/source/xorg-server-xwayland/CVE-2023-1393.patch.gz -rw-r--r-- 1 root root 1127 2023-10-25 18:35 ./patches/source/xorg-server-xwayland/CVE-2023-5367.patch.gz +-rw-r--r-- 1 root root 1150 2023-12-13 20:03 ./patches/source/xorg-server-xwayland/CVE-2023-6377.patch.gz +-rw-r--r-- 1 root root 972 2023-12-13 20:03 ./patches/source/xorg-server-xwayland/CVE-2023-6478.patch.gz -rw-r--r-- 1 root root 1287 2021-04-18 18:21 ./patches/source/xorg-server-xwayland/slack-desc --rwxr-xr-x 1 root root 6585 2023-10-25 18:37 ./patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild +-rwxr-xr-x 1 root root 6746 2023-12-13 20:11 ./patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild -rw-r--r-- 1 root root 1261712 2021-12-14 14:01 ./patches/source/xorg-server-xwayland/xwayland-21.1.4.tar.xz -rw-r--r-- 1 root root 95 2021-12-14 14:01 ./patches/source/xorg-server-xwayland/xwayland-21.1.4.tar.xz.sig -rw-r--r-- 1 root root 376 2021-01-16 18:58 ./patches/source/xorg-server/arch.use.flags drwxr-xr-x 2 root root 4096 2013-04-18 22:42 ./patches/source/xorg-server/build --rw-r--r-- 1 root root 12 2023-10-25 18:41 ./patches/source/xorg-server/build/xorg-server +-rw-r--r-- 1 root root 13 2023-12-13 20:06 ./patches/source/xorg-server/build/xorg-server drwxr-xr-x 2 root root 4096 2022-07-12 19:51 ./patches/source/xorg-server/configure -rw-r--r-- 1 root root 3140 2021-12-26 22:45 ./patches/source/xorg-server/configure/xorg-server drwxr-xr-x 2 root root 4096 2013-04-18 22:43 ./patches/source/xorg-server/doinst.sh @@ -2053,8 +2055,8 @@ drwxr-xr-x 2 root root 4096 2022-07-12 19:52 ./patches/source/xorg-server/ -rw-r--r-- 1 root root 1189 2018-05-03 12:16 ./patches/source/xorg-server/noarch -rw-r--r-- 1 root root 833 2019-12-09 18:56 ./patches/source/xorg-server/package-blacklist drwxr-xr-x 3 root root 4096 2023-02-07 20:15 ./patches/source/xorg-server/patch -drwxr-xr-x 2 root root 4096 2023-10-25 18:40 ./patches/source/xorg-server/patch/xorg-server --rw-r--r-- 1 root root 5193 2023-10-25 18:41 ./patches/source/xorg-server/patch/xorg-server.patch +drwxr-xr-x 2 root root 4096 2023-12-13 20:05 ./patches/source/xorg-server/patch/xorg-server +-rw-r--r-- 1 root root 5499 2023-12-13 20:05 ./patches/source/xorg-server/patch/xorg-server.patch -rw-r--r-- 1 root root 623 2018-07-15 18:32 ./patches/source/xorg-server/patch/xorg-server/0001-Always-install-vbe-and-int10-sdk-headers.patch.gz -rw-r--r-- 1 root root 3846 2018-07-15 18:32 ./patches/source/xorg-server/patch/xorg-server/0001-autobind-GPUs-to-the-screen.patch.gz -rw-r--r-- 1 root root 1175 2022-07-12 17:02 ./patches/source/xorg-server/patch/xorg-server/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch.gz @@ -2077,6 +2079,8 @@ drwxr-xr-x 2 root root 4096 2023-10-25 18:40 ./patches/source/xorg-server/ -rw-r--r-- 1 root root 792 2023-03-29 18:09 ./patches/source/xorg-server/patch/xorg-server/CVE-2023-1393.patch.gz -rw-r--r-- 1 root root 1127 2023-10-25 18:35 ./patches/source/xorg-server/patch/xorg-server/CVE-2023-5367.patch.gz -rw-r--r-- 1 root root 1534 2023-10-25 18:40 ./patches/source/xorg-server/patch/xorg-server/CVE-2023-5380.patch.gz +-rw-r--r-- 1 root root 1150 2023-12-13 20:03 ./patches/source/xorg-server/patch/xorg-server/CVE-2023-6377.patch.gz +-rw-r--r-- 1 root root 972 2023-12-13 20:03 ./patches/source/xorg-server/patch/xorg-server/CVE-2023-6478.patch.gz -rw-r--r-- 1 root root 298 2018-05-30 05:02 ./patches/source/xorg-server/patch/xorg-server/fix-nouveau-segfault.diff.gz -rw-r--r-- 1 root root 357 2020-09-11 18:38 ./patches/source/xorg-server/patch/xorg-server/fix-pci-segfault.diff.gz -rw-r--r-- 1 root root 340 2012-04-14 03:01 ./patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff.gz @@ -2706,12 +2710,12 @@ drwxr-xr-x 2 root root 20480 2022-02-02 04:20 ./slackware64/ap -rw-r--r-- 1 root root 163 2021-10-10 21:42 ./slackware64/ap/sc-im-20210927_64b1a41-x86_64-1.txz.asc -rw-r--r-- 1 root root 653 2022-02-02 02:13 ./slackware64/ap/screen-4.9.0-x86_64-1.txt -rw-r--r-- 1 root root 550196 2022-02-02 02:13 ./slackware64/ap/screen-4.9.0-x86_64-1.txz --rw-r--r-- 1 root root 163 2022-02-02 02:13 ./slackware64/ap/screen-4.9.0-x86_64-1.txz.asc --rw-r--r-- 1 root root 452 2021-02-13 11:43 ./slackware64/ap/seejpeg-1.10-x86_64-4.txt --rw-r--r-- 1 root root 56116 2021-02-13 11:43 ./slackware64/ap/seejpeg-1.10-x86_64-4.txz --rw-r--r-- 1 root root 163 2021-02-13 11:43 ./slackware64/ap/seejpeg-1.10-x86_64-4.txz.asc --rw-r--r-- 1 root root 556 2022-01-17 19:27 ./slackware64/ap/slackpkg-15.0.10-noarch-1.txt --rw-r--r-- 1 root root 179800 2022-01-17 19:27 ./slackware64/ap/slackpkg-15.0.10-noarch-1.txz +-rw-r--r-- 1 root root 163 2022-02-02 02:13 ./slackware64/ap/screen-4.9.0-x86_64-1.txz.asc +-rw-r--r-- 1 root root 452 2021-02-13 11:43 ./slackware64/ap/seejpeg-1.10-x86_64-4.txt +-rw-r--r-- 1 root root 56116 2021-02-13 11:43 ./slackware64/ap/seejpeg-1.10-x86_64-4.txz +-rw-r--r-- 1 root root 163 2021-02-13 11:43 ./slackware64/ap/seejpeg-1.10-x86_64-4.txz.asc +-rw-r--r-- 1 root root 556 2022-01-17 19:27 ./slackware64/ap/slackpkg-15.0.10-noarch-1.txt +-rw-r--r-- 1 root root 179800 2022-01-17 19:27 ./slackware64/ap/slackpkg-15.0.10-noarch-1.txz -rw-r--r-- 1 root root 163 2022-01-17 19:27 ./slackware64/ap/slackpkg-15.0.10-noarch-1.txz.asc -rw-r--r-- 1 root root 298 2021-02-13 11:43 ./slackware64/ap/soma-3.3.7-noarch-2.txt -rw-r--r-- 1 root root 31044 2021-02-13 11:43 ./slackware64/ap/soma-3.3.7-noarch-2.txz @@ -5444,10 +5448,10 @@ drwxr-xr-x 2 root root 32768 2022-02-01 04:47 ./slackware64/n -rw-r--r-- 1 root root 413 2021-02-13 12:10 ./slackware64/n/libnetfilter_acct-1.0.3-x86_64-4.txt -rw-r--r-- 1 root root 14808 2021-02-13 12:10 ./slackware64/n/libnetfilter_acct-1.0.3-x86_64-4.txz -rw-r--r-- 1 root root 163 2021-02-13 12:10 ./slackware64/n/libnetfilter_acct-1.0.3-x86_64-4.txz.asc --rw-r--r-- 1 root root 600 2021-02-13 12:10 ./slackware64/n/libnetfilter_conntrack-1.0.8-x86_64-3.txt --rw-r--r-- 1 root root 49656 2021-02-13 12:10 ./slackware64/n/libnetfilter_conntrack-1.0.8-x86_64-3.txz --rw-r--r-- 1 root root 163 2021-02-13 12:10 ./slackware64/n/libnetfilter_conntrack-1.0.8-x86_64-3.txz.asc --rw-r--r-- 1 root root 617 2021-02-13 12:10 ./slackware64/n/libnetfilter_cthelper-1.0.0-x86_64-4.txt +-rw-r--r-- 1 root root 600 2021-02-13 12:10 ./slackware64/n/libnetfilter_conntrack-1.0.8-x86_64-3.txt +-rw-r--r-- 1 root root 49656 2021-02-13 12:10 ./slackware64/n/libnetfilter_conntrack-1.0.8-x86_64-3.txz +-rw-r--r-- 1 root root 163 2021-02-13 12:10 ./slackware64/n/libnetfilter_conntrack-1.0.8-x86_64-3.txz.asc +-rw-r--r-- 1 root root 617 2021-02-13 12:10 ./slackware64/n/libnetfilter_cthelper-1.0.0-x86_64-4.txt -rw-r--r-- 1 root root 12932 2021-02-13 12:10 ./slackware64/n/libnetfilter_cthelper-1.0.0-x86_64-4.txz -rw-r--r-- 1 root root 163 2021-02-13 12:10 ./slackware64/n/libnetfilter_cthelper-1.0.0-x86_64-4.txz.asc -rw-r--r-- 1 root root 584 2021-02-13 12:10 ./slackware64/n/libnetfilter_cttimeout-1.0.0-x86_64-4.txt @@ -8502,13 +8506,13 @@ drwxr-xr-x 2 root root 4096 2022-02-02 02:08 ./source/ap/screen -rw-r--r-- 1 root root 693 2014-07-26 12:01 ./source/ap/screen/52fix_screen_utf8_nfd.patch.gz -rw-r--r-- 1 root root 341 2016-08-23 17:08 ./source/ap/screen/60-revert-screenrc-change.diff.gz -rw-r--r-- 1 root root 350 2020-02-07 00:25 ./source/ap/screen/doinst.sh.gz --rw-r--r-- 1 root root 571934 2022-02-01 16:01 ./source/ap/screen/screen-4.9.0.tar.lz --rwxr-xr-x 1 root root 5380 2022-02-02 02:13 ./source/ap/screen/screen.SlackBuild --rw-r--r-- 1 root root 77 2014-07-26 21:04 ./source/ap/screen/screen.pam --rw-r--r-- 1 root root 1107 2018-02-27 06:12 ./source/ap/screen/slack-desc -drwxr-xr-x 2 root root 4096 2021-02-13 05:31 ./source/ap/seejpeg --rw-r--r-- 1 root root 227 2000-04-30 06:01 ./source/ap/seejpeg/_seejpeg.tar.gz --rw-r--r-- 1 root root 500701 1996-07-25 23:00 ./source/ap/seejpeg/libjpeg-6a.tar.gz +-rw-r--r-- 1 root root 571934 2022-02-01 16:01 ./source/ap/screen/screen-4.9.0.tar.lz +-rwxr-xr-x 1 root root 5380 2022-02-02 02:13 ./source/ap/screen/screen.SlackBuild +-rw-r--r-- 1 root root 77 2014-07-26 21:04 ./source/ap/screen/screen.pam +-rw-r--r-- 1 root root 1107 2018-02-27 06:12 ./source/ap/screen/slack-desc +drwxr-xr-x 2 root root 4096 2021-02-13 05:31 ./source/ap/seejpeg +-rw-r--r-- 1 root root 227 2000-04-30 06:01 ./source/ap/seejpeg/_seejpeg.tar.gz +-rw-r--r-- 1 root root 500701 1996-07-25 23:00 ./source/ap/seejpeg/libjpeg-6a.tar.gz -rw-r--r-- 1 root root 654 2000-04-30 05:52 ./source/ap/seejpeg/seejpeg-1.10.diff.gz -rw-r--r-- 1 root root 855 1999-11-09 00:03 ./source/ap/seejpeg/seejpeg-1.10.lsm -rw-r--r-- 1 root root 46550 1999-11-09 00:03 ./source/ap/seejpeg/seejpeg-1.10.tgz @@ -14987,12 +14991,12 @@ drwxr-xr-x 2 root root 12288 2021-11-29 19:51 ./source/x/x11/build -rw-r--r-- 1 root root 3 2021-02-13 05:35 ./source/x/x11/build/xdm -rw-r--r-- 1 root root 2 2021-02-13 05:35 ./source/x/x11/build/xdpyinfo -rw-r--r-- 1 root root 2 2021-02-13 05:35 ./source/x/x11/build/xdriinfo --rw-r--r-- 1 root root 2 2021-02-13 05:35 ./source/x/x11/build/xedit --rw-r--r-- 1 root root 2 2021-02-13 05:35 ./source/x/x11/build/xev --rw-r--r-- 1 root root 2 2021-02-13 05:35 ./source/x/x11/build/xextproto --rw-r--r-- 1 root root 2 2021-08-02 17:59 ./source/x/x11/build/xeyes --rw-r--r-- 1 root root 3 2021-02-13 05:35 ./source/x/x11/build/xf86-input-acecad --rw-r--r-- 1 root root 3 2021-02-13 05:35 ./source/x/x11/build/xf86-input-aiptek +-rw-r--r-- 1 root root 2 2021-02-13 05:35 ./source/x/x11/build/xedit +-rw-r--r-- 1 root root 2 2021-02-13 05:35 ./source/x/x11/build/xev +-rw-r--r-- 1 root root 2 2021-02-13 05:35 ./source/x/x11/build/xextproto +-rw-r--r-- 1 root root 2 2021-08-02 17:59 ./source/x/x11/build/xeyes +-rw-r--r-- 1 root root 3 2021-02-13 05:35 ./source/x/x11/build/xf86-input-acecad +-rw-r--r-- 1 root root 3 2021-02-13 05:35 ./source/x/x11/build/xf86-input-aiptek -rw-r--r-- 1 root root 2 2021-02-13 05:35 ./source/x/x11/build/xf86-input-evdev -rw-r--r-- 1 root root 2 2021-02-13 05:35 ./source/x/x11/build/xf86-input-joystick -rw-r--r-- 1 root root 2 2021-02-13 05:35 ./source/x/x11/build/xf86-input-keyboard diff --git a/patches/packages/libxml2-2.12.2-x86_64-1_slack15.0.txt b/patches/packages/libxml2-2.12.3-x86_64-1_slack15.0.txt index 2bea28102..2bea28102 100644 --- a/patches/packages/libxml2-2.12.2-x86_64-1_slack15.0.txt +++ b/patches/packages/libxml2-2.12.3-x86_64-1_slack15.0.txt diff --git a/patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txt b/patches/packages/xorg-server-1.20.14-x86_64-10_slack15.0.txt index ec0248ea9..ec0248ea9 100644 --- a/patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txt +++ b/patches/packages/xorg-server-1.20.14-x86_64-10_slack15.0.txt diff --git a/patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txt b/patches/packages/xorg-server-xephyr-1.20.14-x86_64-10_slack15.0.txt index 2ffb35f60..2ffb35f60 100644 --- a/patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txt +++ b/patches/packages/xorg-server-xephyr-1.20.14-x86_64-10_slack15.0.txt diff --git a/patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txt b/patches/packages/xorg-server-xnest-1.20.14-x86_64-10_slack15.0.txt index 9c7075278..9c7075278 100644 --- a/patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txt +++ b/patches/packages/xorg-server-xnest-1.20.14-x86_64-10_slack15.0.txt diff --git a/patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txt b/patches/packages/xorg-server-xvfb-1.20.14-x86_64-10_slack15.0.txt index 675c628db..675c628db 100644 --- a/patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txt +++ b/patches/packages/xorg-server-xvfb-1.20.14-x86_64-10_slack15.0.txt diff --git a/patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txt b/patches/packages/xorg-server-xwayland-21.1.4-x86_64-9_slack15.0.txt index 44e18f2cf..44e18f2cf 100644 --- a/patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txt +++ b/patches/packages/xorg-server-xwayland-21.1.4-x86_64-9_slack15.0.txt diff --git a/patches/source/xorg-server-xwayland/CVE-2023-6377.patch b/patches/source/xorg-server-xwayland/CVE-2023-6377.patch new file mode 100644 index 000000000..4e2fca615 --- /dev/null +++ b/patches/source/xorg-server-xwayland/CVE-2023-6377.patch @@ -0,0 +1,75 @@ +From 0c1a93d319558fe3ab2d94f51d174b4f93810afd Mon Sep 17 00:00:00 2001 +From: Peter Hutterer <peter.hutterer@who-t.net> +Date: Tue, 28 Nov 2023 15:19:04 +1000 +Subject: [PATCH] Xi: allocate enough XkbActions for our buttons + +button->xkb_acts is supposed to be an array sufficiently large for all +our buttons, not just a single XkbActions struct. Allocating +insufficient memory here means when we memcpy() later in +XkbSetDeviceInfo we write into memory that wasn't ours to begin with, +leading to the usual security ooopsiedaisies. + +CVE-2023-6377, ZDI-CAN-22412, ZDI-CAN-22413 + +This vulnerability was discovered by: +Jan-Niklas Sohn working with Trend Micro Zero Day Initiative +--- + Xi/exevents.c | 12 ++++++------ + dix/devices.c | 10 ++++++++++ + 2 files changed, 16 insertions(+), 6 deletions(-) + +diff --git a/Xi/exevents.c b/Xi/exevents.c +index dcd4efb3bc..54ea11a938 100644 +--- a/Xi/exevents.c ++++ b/Xi/exevents.c +@@ -611,13 +611,13 @@ DeepCopyPointerClasses(DeviceIntPtr from, DeviceIntPtr to) + } + + if (from->button->xkb_acts) { +- if (!to->button->xkb_acts) { +- to->button->xkb_acts = calloc(1, sizeof(XkbAction)); +- if (!to->button->xkb_acts) +- FatalError("[Xi] not enough memory for xkb_acts.\n"); +- } ++ size_t maxbuttons = max(to->button->numButtons, from->button->numButtons); ++ to->button->xkb_acts = xnfreallocarray(to->button->xkb_acts, ++ maxbuttons, ++ sizeof(XkbAction)); ++ memset(to->button->xkb_acts, 0, maxbuttons * sizeof(XkbAction)); + memcpy(to->button->xkb_acts, from->button->xkb_acts, +- sizeof(XkbAction)); ++ from->button->numButtons * sizeof(XkbAction)); + } + else { + free(to->button->xkb_acts); +diff --git a/dix/devices.c b/dix/devices.c +index b063128df0..3f3224d626 100644 +--- a/dix/devices.c ++++ b/dix/devices.c +@@ -2539,6 +2539,8 @@ RecalculateMasterButtons(DeviceIntPtr slave) + + if (master->button && master->button->numButtons != maxbuttons) { + int i; ++ int last_num_buttons = master->button->numButtons; ++ + DeviceChangedEvent event = { + .header = ET_Internal, + .type = ET_DeviceChanged, +@@ -2549,6 +2551,14 @@ RecalculateMasterButtons(DeviceIntPtr slave) + }; + + master->button->numButtons = maxbuttons; ++ if (last_num_buttons < maxbuttons) { ++ master->button->xkb_acts = xnfreallocarray(master->button->xkb_acts, ++ maxbuttons, ++ sizeof(XkbAction)); ++ memset(&master->button->xkb_acts[last_num_buttons], ++ 0, ++ (maxbuttons - last_num_buttons) * sizeof(XkbAction)); ++ } + + memcpy(&event.buttons.names, master->button->labels, maxbuttons * + sizeof(Atom)); +-- +GitLab + diff --git a/patches/source/xorg-server-xwayland/CVE-2023-6478.patch b/patches/source/xorg-server-xwayland/CVE-2023-6478.patch new file mode 100644 index 000000000..ed2044c7d --- /dev/null +++ b/patches/source/xorg-server-xwayland/CVE-2023-6478.patch @@ -0,0 +1,59 @@ +From 14f480010a93ff962fef66a16412fafff81ad632 Mon Sep 17 00:00:00 2001 +From: Peter Hutterer <peter.hutterer@who-t.net> +Date: Mon, 27 Nov 2023 16:27:49 +1000 +Subject: [PATCH] randr: avoid integer truncation in length check of + ProcRRChange*Property + +Affected are ProcRRChangeProviderProperty and ProcRRChangeOutputProperty. +See also xserver@8f454b79 where this same bug was fixed for the core +protocol and XI. + +This fixes an OOB read and the resulting information disclosure. + +Length calculation for the request was clipped to a 32-bit integer. With +the correct stuff->nUnits value the expected request size was +truncated, passing the REQUEST_FIXED_SIZE check. + +The server then proceeded with reading at least stuff->num_items bytes +(depending on stuff->format) from the request and stuffing whatever it +finds into the property. In the process it would also allocate at least +stuff->nUnits bytes, i.e. 4GB. + +CVE-2023-6478, ZDI-CAN-22561 + +This vulnerability was discovered by: +Jan-Niklas Sohn working with Trend Micro Zero Day Initiative +--- + randr/rrproperty.c | 2 +- + randr/rrproviderproperty.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/randr/rrproperty.c b/randr/rrproperty.c +index 25469f57b2..c4fef8a1f6 100644 +--- a/randr/rrproperty.c ++++ b/randr/rrproperty.c +@@ -530,7 +530,7 @@ ProcRRChangeOutputProperty(ClientPtr client) + char format, mode; + unsigned long len; + int sizeInBytes; +- int totalSize; ++ uint64_t totalSize; + int err; + + REQUEST_AT_LEAST_SIZE(xRRChangeOutputPropertyReq); +diff --git a/randr/rrproviderproperty.c b/randr/rrproviderproperty.c +index b79c17f9bf..90c5a9a933 100644 +--- a/randr/rrproviderproperty.c ++++ b/randr/rrproviderproperty.c +@@ -498,7 +498,7 @@ ProcRRChangeProviderProperty(ClientPtr client) + char format, mode; + unsigned long len; + int sizeInBytes; +- int totalSize; ++ uint64_t totalSize; + int err; + + REQUEST_AT_LEAST_SIZE(xRRChangeProviderPropertyReq); +-- +GitLab + diff --git a/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild b/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild index 16b56263b..fe617accc 100755 --- a/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild +++ b/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild @@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=xorg-server-xwayland SRCNAM=xwayland VERSION=${VERSION:-$(echo $SRCNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-8_slack15.0} +BUILD=${BUILD:-9_slack15.0} # Default font paths to be used by the X server: DEF_FONTPATH="/usr/share/fonts/misc,/usr/share/fonts/local,/usr/share/fonts/TTF,/usr/share/fonts/OTF,/usr/share/fonts/Type1,/usr/share/fonts/CID,/usr/share/fonts/75dpi/:unscaled,/usr/share/fonts/100dpi/:unscaled,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/cyrillic" @@ -113,6 +113,10 @@ zcat $CWD/857.patch.gz | patch -p1 --verbose || exit 1 # Patch another security issue: zcat $CWD/CVE-2023-5367.patch.gz | patch -p1 --verbose || exit 1 +# Patch more security issues: +zcat $CWD/CVE-2023-6377.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/CVE-2023-6478.patch.gz | patch -p1 --verbose || exit 1 + # Configure, build, and install: export CFLAGS="$SLKCFLAGS" export CXXFLAGS="$SLKCFLAGS" diff --git a/patches/source/xorg-server/build/xorg-server b/patches/source/xorg-server/build/xorg-server index 7970fef66..92794e1d7 100644 --- a/patches/source/xorg-server/build/xorg-server +++ b/patches/source/xorg-server/build/xorg-server @@ -1 +1 @@ -9_slack15.0 +10_slack15.0 diff --git a/patches/source/xorg-server/patch/xorg-server.patch b/patches/source/xorg-server/patch/xorg-server.patch index a9dc46a2f..fa924f1f7 100644 --- a/patches/source/xorg-server/patch/xorg-server.patch +++ b/patches/source/xorg-server/patch/xorg-server.patch @@ -64,3 +64,6 @@ zcat $CWD/patch/xorg-server/CVE-2023-1393.patch.gz | patch -p1 --verbose || { to zcat $CWD/patch/xorg-server/CVE-2023-5367.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } zcat $CWD/patch/xorg-server/CVE-2023-5380.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +# Patch more security issues: +zcat $CWD/patch/xorg-server/CVE-2023-6377.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/xorg-server/CVE-2023-6478.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } diff --git a/patches/source/xorg-server/patch/xorg-server/CVE-2023-6377.patch b/patches/source/xorg-server/patch/xorg-server/CVE-2023-6377.patch new file mode 100644 index 000000000..4e2fca615 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/CVE-2023-6377.patch @@ -0,0 +1,75 @@ +From 0c1a93d319558fe3ab2d94f51d174b4f93810afd Mon Sep 17 00:00:00 2001 +From: Peter Hutterer <peter.hutterer@who-t.net> +Date: Tue, 28 Nov 2023 15:19:04 +1000 +Subject: [PATCH] Xi: allocate enough XkbActions for our buttons + +button->xkb_acts is supposed to be an array sufficiently large for all +our buttons, not just a single XkbActions struct. Allocating +insufficient memory here means when we memcpy() later in +XkbSetDeviceInfo we write into memory that wasn't ours to begin with, +leading to the usual security ooopsiedaisies. + +CVE-2023-6377, ZDI-CAN-22412, ZDI-CAN-22413 + +This vulnerability was discovered by: +Jan-Niklas Sohn working with Trend Micro Zero Day Initiative +--- + Xi/exevents.c | 12 ++++++------ + dix/devices.c | 10 ++++++++++ + 2 files changed, 16 insertions(+), 6 deletions(-) + +diff --git a/Xi/exevents.c b/Xi/exevents.c +index dcd4efb3bc..54ea11a938 100644 +--- a/Xi/exevents.c ++++ b/Xi/exevents.c +@@ -611,13 +611,13 @@ DeepCopyPointerClasses(DeviceIntPtr from, DeviceIntPtr to) + } + + if (from->button->xkb_acts) { +- if (!to->button->xkb_acts) { +- to->button->xkb_acts = calloc(1, sizeof(XkbAction)); +- if (!to->button->xkb_acts) +- FatalError("[Xi] not enough memory for xkb_acts.\n"); +- } ++ size_t maxbuttons = max(to->button->numButtons, from->button->numButtons); ++ to->button->xkb_acts = xnfreallocarray(to->button->xkb_acts, ++ maxbuttons, ++ sizeof(XkbAction)); ++ memset(to->button->xkb_acts, 0, maxbuttons * sizeof(XkbAction)); + memcpy(to->button->xkb_acts, from->button->xkb_acts, +- sizeof(XkbAction)); ++ from->button->numButtons * sizeof(XkbAction)); + } + else { + free(to->button->xkb_acts); +diff --git a/dix/devices.c b/dix/devices.c +index b063128df0..3f3224d626 100644 +--- a/dix/devices.c ++++ b/dix/devices.c +@@ -2539,6 +2539,8 @@ RecalculateMasterButtons(DeviceIntPtr slave) + + if (master->button && master->button->numButtons != maxbuttons) { + int i; ++ int last_num_buttons = master->button->numButtons; ++ + DeviceChangedEvent event = { + .header = ET_Internal, + .type = ET_DeviceChanged, +@@ -2549,6 +2551,14 @@ RecalculateMasterButtons(DeviceIntPtr slave) + }; + + master->button->numButtons = maxbuttons; ++ if (last_num_buttons < maxbuttons) { ++ master->button->xkb_acts = xnfreallocarray(master->button->xkb_acts, ++ maxbuttons, ++ sizeof(XkbAction)); ++ memset(&master->button->xkb_acts[last_num_buttons], ++ 0, ++ (maxbuttons - last_num_buttons) * sizeof(XkbAction)); ++ } + + memcpy(&event.buttons.names, master->button->labels, maxbuttons * + sizeof(Atom)); +-- +GitLab + diff --git a/patches/source/xorg-server/patch/xorg-server/CVE-2023-6478.patch b/patches/source/xorg-server/patch/xorg-server/CVE-2023-6478.patch new file mode 100644 index 000000000..ed2044c7d --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/CVE-2023-6478.patch @@ -0,0 +1,59 @@ +From 14f480010a93ff962fef66a16412fafff81ad632 Mon Sep 17 00:00:00 2001 +From: Peter Hutterer <peter.hutterer@who-t.net> +Date: Mon, 27 Nov 2023 16:27:49 +1000 +Subject: [PATCH] randr: avoid integer truncation in length check of + ProcRRChange*Property + +Affected are ProcRRChangeProviderProperty and ProcRRChangeOutputProperty. +See also xserver@8f454b79 where this same bug was fixed for the core +protocol and XI. + +This fixes an OOB read and the resulting information disclosure. + +Length calculation for the request was clipped to a 32-bit integer. With +the correct stuff->nUnits value the expected request size was +truncated, passing the REQUEST_FIXED_SIZE check. + +The server then proceeded with reading at least stuff->num_items bytes +(depending on stuff->format) from the request and stuffing whatever it +finds into the property. In the process it would also allocate at least +stuff->nUnits bytes, i.e. 4GB. + +CVE-2023-6478, ZDI-CAN-22561 + +This vulnerability was discovered by: +Jan-Niklas Sohn working with Trend Micro Zero Day Initiative +--- + randr/rrproperty.c | 2 +- + randr/rrproviderproperty.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/randr/rrproperty.c b/randr/rrproperty.c +index 25469f57b2..c4fef8a1f6 100644 +--- a/randr/rrproperty.c ++++ b/randr/rrproperty.c +@@ -530,7 +530,7 @@ ProcRRChangeOutputProperty(ClientPtr client) + char format, mode; + unsigned long len; + int sizeInBytes; +- int totalSize; ++ uint64_t totalSize; + int err; + + REQUEST_AT_LEAST_SIZE(xRRChangeOutputPropertyReq); +diff --git a/randr/rrproviderproperty.c b/randr/rrproviderproperty.c +index b79c17f9bf..90c5a9a933 100644 +--- a/randr/rrproviderproperty.c ++++ b/randr/rrproviderproperty.c +@@ -498,7 +498,7 @@ ProcRRChangeProviderProperty(ClientPtr client) + char format, mode; + unsigned long len; + int sizeInBytes; +- int totalSize; ++ uint64_t totalSize; + int err; + + REQUEST_AT_LEAST_SIZE(xRRChangeProviderPropertyReq); +-- +GitLab + diff --git a/recompress.sh b/recompress.sh index 8e4aef9bc..601fba1a2 100755 --- a/recompress.sh +++ b/recompress.sh @@ -1201,6 +1201,8 @@ gzip ./patches/source/texlive/texlive.unicode5.0.diff gzip ./patches/source/sysstat/doinst.sh gzip ./patches/source/xorg-server-xwayland/CVE-2022-46342.patch gzip ./patches/source/xorg-server-xwayland/CVE-2022-46343.patch +gzip ./patches/source/xorg-server-xwayland/CVE-2023-6377.patch +gzip ./patches/source/xorg-server-xwayland/CVE-2023-6478.patch gzip ./patches/source/xorg-server-xwayland/CVE-2022-46340.patch gzip ./patches/source/xorg-server-xwayland/CVE-2023-0494.patch gzip ./patches/source/xorg-server-xwayland/CVE-2022-46340.correction.patch @@ -1261,6 +1263,8 @@ gzip ./patches/source/emacs/doinst.sh gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-46342.patch gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2023-5380.patch gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-46343.patch +gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2023-6377.patch +gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2023-6478.patch gzip ./patches/source/xorg-server/patch/xorg-server/xorg-server.combo.mouse.keyboard.layout.patch gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-3553.patch gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-46340.patch |