From 08b21a9944735aee9b1c2acd8d363059e6018fc6 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Wed, 12 Jul 2023 20:41:16 +0000 Subject: Wed Jul 12 20:41:16 UTC 2023 patches/packages/krb5-1.19.2-x86_64-4_slack15.0.txz: Rebuilt. Fix potential uninitialized pointer free in kadm5 XDR parsing. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-36054 (* Security fix *) patches/packages/sudo-1.9.14p1-x86_64-1_slack15.0.txz: Upgraded. This is a bugfix release. --- ChangeLog.rss | 21 +++++++- ChangeLog.txt | 9 ++++ FILELIST.TXT | 61 ++++++++++----------- .../packages/krb5-1.19.2-x86_64-3_slack15.0.txt | 11 ---- .../packages/krb5-1.19.2-x86_64-4_slack15.0.txt | 11 ++++ .../packages/sudo-1.9.13p3-x86_64-1_slack15.0.txt | 11 ---- .../packages/sudo-1.9.14p1-x86_64-1_slack15.0.txt | 11 ++++ .../ef08b09c9459551aabbe7924fb176f1583053cdd.patch | 62 ++++++++++++++++++++++ patches/source/krb5/krb5.SlackBuild | 3 +- 9 files changed, 145 insertions(+), 55 deletions(-) delete mode 100644 patches/packages/krb5-1.19.2-x86_64-3_slack15.0.txt create mode 100644 patches/packages/krb5-1.19.2-x86_64-4_slack15.0.txt delete mode 100644 patches/packages/sudo-1.9.13p3-x86_64-1_slack15.0.txt create mode 100644 patches/packages/sudo-1.9.14p1-x86_64-1_slack15.0.txt create mode 100644 patches/source/krb5/ef08b09c9459551aabbe7924fb176f1583053cdd.patch diff --git a/ChangeLog.rss b/ChangeLog.rss index 301f4de13..91c53c811 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,9 +11,26 @@ Tracking Slackware development in git. en-us urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f - Fri, 7 Jul 2023 23:06:07 GMT - Sat, 8 Jul 2023 11:30:20 GMT + Wed, 12 Jul 2023 20:41:16 GMT + Thu, 13 Jul 2023 11:30:22 GMT maintain_current_git.sh v 1.17 + + Wed, 12 Jul 2023 20:41:16 GMT + Wed, 12 Jul 2023 20:41:16 GMT + https://git.slackware.nl/current/tag/?h=20230712204116 + 20230712204116 + + +patches/packages/krb5-1.19.2-x86_64-4_slack15.0.txz: Rebuilt. + Fix potential uninitialized pointer free in kadm5 XDR parsing. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2023-36054 + (* Security fix *) +patches/packages/sudo-1.9.14p1-x86_64-1_slack15.0.txz: Upgraded. + This is a bugfix release. + ]]> + + Fri, 7 Jul 2023 23:06:07 GMT Fri, 7 Jul 2023 23:06:07 GMT diff --git a/ChangeLog.txt b/ChangeLog.txt index 09a0a94a5..e0ae45a4a 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,12 @@ +Wed Jul 12 20:41:16 UTC 2023 +patches/packages/krb5-1.19.2-x86_64-4_slack15.0.txz: Rebuilt. + Fix potential uninitialized pointer free in kadm5 XDR parsing. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2023-36054 + (* Security fix *) +patches/packages/sudo-1.9.14p1-x86_64-1_slack15.0.txz: Upgraded. + This is a bugfix release. ++--------------------------+ Fri Jul 7 23:06:07 UTC 2023 patches/packages/mozilla-thunderbird-102.13.0-x86_64-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. diff --git a/FILELIST.TXT b/FILELIST.TXT index 0ba67d3f8..eebd6da26 100644 --- a/FILELIST.TXT +++ b/FILELIST.TXT @@ -1,20 +1,20 @@ -Fri Jul 7 23:09:41 UTC 2023 +Wed Jul 12 20:47:47 UTC 2023 Here is the file list for this directory. If you are using a mirror site and find missing or extra files in the disk subdirectories, please have the archive administrator refresh the mirror. -drwxr-xr-x 12 root root 4096 2023-07-07 23:06 . +drwxr-xr-x 12 root root 4096 2023-07-12 20:41 . -rw-r--r-- 1 root root 5767 2022-02-02 22:44 ./ANNOUNCE.15.0 -rw-r--r-- 1 root root 16609 2022-03-30 19:03 ./CHANGES_AND_HINTS.TXT --rw-r--r-- 1 root root 1186247 2023-07-04 20:30 ./CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2023-07-04 20:30 ./CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 1186247 2023-07-07 23:10 ./CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2023-07-07 23:10 ./CHECKSUMS.md5.asc -rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING -rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3 -rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT -rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT --rw-r--r-- 1 root root 2026132 2023-07-07 23:06 ./ChangeLog.txt +-rw-r--r-- 1 root root 2026514 2023-07-12 20:41 ./ChangeLog.txt drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT -rw-r--r-- 1 root root 1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi @@ -25,7 +25,7 @@ drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT -rwxr-xr-x 1 root root 2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh -rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg -rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg --rw-r--r-- 1 root root 1550546 2023-07-04 20:29 ./FILELIST.TXT +-rw-r--r-- 1 root root 1550546 2023-07-07 23:09 ./FILELIST.TXT -rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY -rw-r--r-- 1 root root 864745 2022-02-02 08:25 ./PACKAGES.TXT -rw-r--r-- 1 root root 8034 2022-02-02 03:36 ./README.TXT @@ -737,13 +737,13 @@ drwxr-xr-x 2 root root 4096 2008-05-07 05:21 ./pasture/source/php/pear -rwxr-xr-x 1 root root 9448 2018-05-16 22:38 ./pasture/source/php/php.SlackBuild -rw-r--r-- 1 root root 775 2017-07-07 19:25 ./pasture/source/php/php.ini-development.diff.gz -rw-r--r-- 1 root root 830 2005-12-09 05:18 ./pasture/source/php/slack-desc -drwxr-xr-x 4 root root 4096 2023-07-07 23:09 ./patches --rw-r--r-- 1 root root 79207 2023-07-07 23:09 ./patches/CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2023-07-07 23:09 ./patches/CHECKSUMS.md5.asc --rw-r--r-- 1 root root 107723 2023-07-07 23:09 ./patches/FILE_LIST --rw-r--r-- 1 root root 12617790 2023-07-07 23:09 ./patches/MANIFEST.bz2 --rw-r--r-- 1 root root 56668 2023-07-07 23:09 ./patches/PACKAGES.TXT -drwxr-xr-x 3 root root 20480 2023-07-07 23:09 ./patches/packages +drwxr-xr-x 4 root root 4096 2023-07-12 20:47 ./patches +-rw-r--r-- 1 root root 79302 2023-07-12 20:47 ./patches/CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2023-07-12 20:47 ./patches/CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 107835 2023-07-12 20:47 ./patches/FILE_LIST +-rw-r--r-- 1 root root 12614349 2023-07-12 20:47 ./patches/MANIFEST.bz2 +-rw-r--r-- 1 root root 56668 2023-07-12 20:47 ./patches/PACKAGES.TXT +drwxr-xr-x 3 root root 20480 2023-07-12 20:47 ./patches/packages -rw-r--r-- 1 root root 327 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txt -rw-r--r-- 1 root root 10716 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz -rw-r--r-- 1 root root 163 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz.asc @@ -831,9 +831,9 @@ drwxr-xr-x 3 root root 20480 2023-07-07 23:09 ./patches/packages -rw-r--r-- 1 root root 422 2023-06-21 17:18 ./patches/packages/kernel-firmware-20230620_045b213-noarch-1.txt -rw-r--r-- 1 root root 256699392 2023-06-21 17:18 ./patches/packages/kernel-firmware-20230620_045b213-noarch-1.txz -rw-r--r-- 1 root root 163 2023-06-21 17:18 ./patches/packages/kernel-firmware-20230620_045b213-noarch-1.txz.asc --rw-r--r-- 1 root root 304 2022-11-17 01:47 ./patches/packages/krb5-1.19.2-x86_64-3_slack15.0.txt --rw-r--r-- 1 root root 1210340 2022-11-17 01:47 ./patches/packages/krb5-1.19.2-x86_64-3_slack15.0.txz --rw-r--r-- 1 root root 163 2022-11-17 01:47 ./patches/packages/krb5-1.19.2-x86_64-3_slack15.0.txz.asc +-rw-r--r-- 1 root root 304 2023-07-12 20:40 ./patches/packages/krb5-1.19.2-x86_64-4_slack15.0.txt +-rw-r--r-- 1 root root 1210692 2023-07-12 20:40 ./patches/packages/krb5-1.19.2-x86_64-4_slack15.0.txz +-rw-r--r-- 1 root root 163 2023-07-12 20:40 ./patches/packages/krb5-1.19.2-x86_64-4_slack15.0.txz.asc -rw-r--r-- 1 root root 319 2022-12-02 20:24 ./patches/packages/krusader-2.8.0-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 3982252 2022-12-02 20:24 ./patches/packages/krusader-2.8.0-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2022-12-02 20:24 ./patches/packages/krusader-2.8.0-x86_64-1_slack15.0.txz.asc @@ -958,9 +958,9 @@ drwxr-xr-x 2 root root 4096 2023-06-23 18:50 ./patches/packages/linux-5.15 -rw-r--r-- 1 root root 392 2023-03-30 23:40 ./patches/packages/seamonkey-2.53.16-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 38435196 2023-03-30 23:40 ./patches/packages/seamonkey-2.53.16-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2023-03-30 23:40 ./patches/packages/seamonkey-2.53.16-x86_64-1_slack15.0.txz.asc --rw-r--r-- 1 root root 442 2023-03-06 19:49 ./patches/packages/sudo-1.9.13p3-x86_64-1_slack15.0.txt --rw-r--r-- 1 root root 1218736 2023-03-06 19:49 ./patches/packages/sudo-1.9.13p3-x86_64-1_slack15.0.txz --rw-r--r-- 1 root root 163 2023-03-06 19:49 ./patches/packages/sudo-1.9.13p3-x86_64-1_slack15.0.txz.asc +-rw-r--r-- 1 root root 442 2023-07-12 20:39 ./patches/packages/sudo-1.9.14p1-x86_64-1_slack15.0.txt +-rw-r--r-- 1 root root 1236436 2023-07-12 20:39 ./patches/packages/sudo-1.9.14p1-x86_64-1_slack15.0.txz +-rw-r--r-- 1 root root 163 2023-07-12 20:39 ./patches/packages/sudo-1.9.14p1-x86_64-1_slack15.0.txz.asc -rw-r--r-- 1 root root 403 2022-11-09 20:23 ./patches/packages/sysstat-12.7.1-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 360840 2022-11-09 20:23 ./patches/packages/sysstat-12.7.1-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2022-11-09 20:23 ./patches/packages/sysstat-12.7.1-x86_64-1_slack15.0.txz.asc @@ -1015,7 +1015,7 @@ drwxr-xr-x 2 root root 4096 2023-06-23 18:50 ./patches/packages/linux-5.15 -rw-r--r-- 1 root root 463 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 459652 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz.asc -drwxr-xr-x 82 root root 4096 2023-07-07 23:01 ./patches/source +drwxr-xr-x 82 root root 4096 2023-07-12 20:40 ./patches/source drwxr-xr-x 2 root root 4096 2022-01-16 05:07 ./patches/source/aaa_base -rw-r--r-- 1 root root 11041 2022-02-15 04:49 ./patches/source/aaa_base/_aaa_base.tar.gz -rwxr-xr-x 1 root root 3894 2022-02-15 05:07 ./patches/source/aaa_base/aaa_base.SlackBuild @@ -1224,7 +1224,7 @@ drwxr-xr-x 2 root root 4096 2023-04-02 18:17 ./patches/source/irssi -rw-r--r-- 1 root root 195 2023-04-02 18:16 ./patches/source/irssi/irssi-1.4.4.tar.xz.asc -rwxr-xr-x 1 root root 4806 2023-04-02 18:20 ./patches/source/irssi/irssi.SlackBuild -rw-r--r-- 1 root root 784 2018-02-27 06:13 ./patches/source/irssi/slack-desc -drwxr-xr-x 3 root root 4096 2022-11-16 19:45 ./patches/source/krb5 +drwxr-xr-x 3 root root 4096 2023-07-12 19:58 ./patches/source/krb5 -rw-r--r-- 1 root root 1558 2022-11-16 19:44 ./patches/source/krb5/5ad465bc8e0d957a4945218bea487b77622bf433.patch drwxr-xr-x 2 root root 4096 2020-01-21 18:39 ./patches/source/krb5/conf -rw-r--r-- 1 root root 92 2019-12-10 20:45 ./patches/source/krb5/conf/kadmind @@ -1239,8 +1239,9 @@ drwxr-xr-x 2 root root 4096 2020-01-21 18:39 ./patches/source/krb5/conf -rw-r--r-- 1 root root 357 2019-12-10 20:54 ./patches/source/krb5/doinst.sh.gz -rw-r--r-- 1 root root 2252 2022-11-16 19:41 ./patches/source/krb5/e134d9a6b6332bd085093e9075c949ece784fcd0.patch -rw-r--r-- 1 root root 3600 2022-11-16 19:32 ./patches/source/krb5/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583.patch +-rw-r--r-- 1 root root 2144 2023-07-12 19:57 ./patches/source/krb5/ef08b09c9459551aabbe7924fb176f1583053cdd.patch -rw-r--r-- 1 root root 6035610 2021-07-22 15:58 ./patches/source/krb5/krb5-1.19.2.tar.lz --rwxr-xr-x 1 root root 6453 2022-11-16 19:45 ./patches/source/krb5/krb5.SlackBuild +-rwxr-xr-x 1 root root 6541 2023-07-12 19:58 ./patches/source/krb5/krb5.SlackBuild -rw-r--r-- 1 root root 39 2017-09-30 20:08 ./patches/source/krb5/krb5.url -rw-r--r-- 1 root root 756 2020-01-21 18:49 ./patches/source/krb5/slack-desc drwxr-xr-x 16 root root 4096 2022-12-02 20:05 ./patches/source/krusader @@ -1708,10 +1709,10 @@ drwxr-xr-x 2 root root 4096 2016-07-03 18:05 ./patches/source/seamonkey/au -rw-r--r-- 1 root root 234 2023-03-30 23:24 ./patches/source/seamonkey/seamonkey.minimum_rust_version.diff.gz -rw-r--r-- 1 root root 849 2020-03-01 04:26 ./patches/source/seamonkey/slack-desc -rw-r--r-- 1 root root 341 2017-07-21 16:21 ./patches/source/seamonkey/sm.ui.scrollToClick.diff.gz -drwxr-xr-x 2 root root 4096 2023-03-06 19:47 ./patches/source/sudo +drwxr-xr-x 2 root root 4096 2023-07-12 19:47 ./patches/source/sudo -rw-r--r-- 1 root root 275 2004-09-19 00:25 ./patches/source/sudo/doinst.sh.gz -rw-r--r-- 1 root root 894 2018-02-27 06:12 ./patches/source/sudo/slack-desc --rw-r--r-- 1 root root 2787164 2023-03-04 17:00 ./patches/source/sudo/sudo-1.9.13p3.tar.xz +-rw-r--r-- 1 root root 2858692 2023-07-11 22:17 ./patches/source/sudo/sudo-1.9.14p1.tar.xz -rwxr-xr-x 1 root root 4582 2022-11-05 19:13 ./patches/source/sudo/sudo.SlackBuild -rw-r--r-- 1 root root 25 2020-06-19 19:00 ./patches/source/sudo/sudo.url drwxr-xr-x 2 root root 4096 2022-11-09 20:22 ./patches/source/sysstat @@ -2747,7 +2748,7 @@ drwxr-xr-x 2 root root 16384 2022-02-02 08:24 ./slackware64/d -rw-r--r-- 1 root root 163 2021-11-03 01:06 ./slackware64/d/scons-4.2.0-x86_64-2.txz.asc -rw-r--r-- 1 root root 467 2021-11-14 17:09 ./slackware64/d/slacktrack-2.22-x86_64-1.txt -rw-r--r-- 1 root root 100612 2021-11-14 17:09 ./slackware64/d/slacktrack-2.22-x86_64-1.txz --rw-r--r-- 1 root root 163 2021-11-14 17:09 ./slackware64/d/slacktrack-2.22-x86_64-1.txz.asc +-rw-r--r-- 1 root root 163 2021-11-14 17:09 ./slackware64/d/slacktrack-2.22-x86_64-1.txz.asc -rw-r--r-- 1 root root 547 2022-01-10 21:03 ./slackware64/d/strace-5.16-x86_64-1.txt -rw-r--r-- 1 root root 447740 2022-01-10 21:03 ./slackware64/d/strace-5.16-x86_64-1.txz -rw-r--r-- 1 root root 163 2022-01-10 21:03 ./slackware64/d/strace-5.16-x86_64-1.txz.asc @@ -5481,7 +5482,7 @@ drwxr-xr-x 2 root root 32768 2022-02-01 04:47 ./slackware64/n -rw-r--r-- 1 root root 163 2021-02-13 12:32 ./slackware64/n/uucp-1.07-x86_64-5.txz.asc -rw-r--r-- 1 root root 432 2021-02-13 12:32 ./slackware64/n/vlan-1.9-x86_64-5.txt -rw-r--r-- 1 root root 24320 2021-02-13 12:32 ./slackware64/n/vlan-1.9-x86_64-5.txz --rw-r--r-- 1 root root 163 2021-02-13 12:32 ./slackware64/n/vlan-1.9-x86_64-5.txz.asc +-rw-r--r-- 1 root root 163 2021-02-13 12:32 ./slackware64/n/vlan-1.9-x86_64-5.txz.asc -rw-r--r-- 1 root root 498 2021-08-04 19:53 ./slackware64/n/vsftpd-3.0.5-x86_64-1.txt -rw-r--r-- 1 root root 112332 2021-08-04 19:53 ./slackware64/n/vsftpd-3.0.5-x86_64-1.txz -rw-r--r-- 1 root root 163 2021-08-04 19:53 ./slackware64/n/vsftpd-3.0.5-x86_64-1.txz.asc @@ -8583,8 +8584,8 @@ drwxr-xr-x 3 root root 4096 2021-08-08 05:35 ./source/d/gcc -rw-r--r-- 1 root root 215 2015-08-03 18:13 ./source/d/gcc/c99.sh -rw-r--r-- 1 root root 80888824 2021-07-28 07:30 ./source/d/gcc/gcc-11.2.0.tar.xz -rw-r--r-- 1 root root 310 2021-07-28 07:30 ./source/d/gcc/gcc-11.2.0.tar.xz.sig --rwxr-xr-x 1 root root 22757 2021-08-25 08:09 ./source/d/gcc/gcc.SlackBuild -drwxr-xr-x 2 root root 4096 2021-08-25 17:54 ./source/d/gcc/patches +-rwxr-xr-x 1 root root 22757 2021-08-25 08:09 ./source/d/gcc/gcc.SlackBuild +drwxr-xr-x 2 root root 4096 2021-08-25 17:54 ./source/d/gcc/patches -rw-r--r-- 1 root root 600 2021-08-25 08:13 ./source/d/gcc/patches/7185690.diff.gz -rw-r--r-- 1 root root 964 2021-06-08 18:13 ./source/d/gcc/patches/PR100102-2.a1b3484a8e6c53c8084723e3f1738d402374198e.patch.gz -rw-r--r-- 1 root root 535 2018-05-02 17:26 ./source/d/gcc/patches/gcc-no_fixincludes.diff.gz @@ -15049,8 +15050,8 @@ drwxr-xr-x 10 root root 4096 2019-10-28 19:02 ./source/x/x11/post-install -rw-r--r-- 37 root root 275 2007-02-13 21:50 ./source/x/x11/post-install/font-bitstream-100dpi.post-install -rw-r--r-- 37 root root 275 2007-02-13 21:50 ./source/x/x11/post-install/font-bitstream-75dpi.post-install -rw-r--r-- 37 root root 275 2007-02-13 21:50 ./source/x/x11/post-install/font-bitstream-speedo.post-install --rw-r--r-- 37 root root 275 2007-02-13 21:50 ./source/x/x11/post-install/font-bitstream-type1.post-install --rw-r--r-- 37 root root 275 2007-02-13 21:50 ./source/x/x11/post-install/font-cronyx-cyrillic.post-install +-rw-r--r-- 37 root root 275 2007-02-13 21:50 ./source/x/x11/post-install/font-bitstream-type1.post-install +-rw-r--r-- 37 root root 275 2007-02-13 21:50 ./source/x/x11/post-install/font-cronyx-cyrillic.post-install -rw-r--r-- 37 root root 275 2007-02-13 21:50 ./source/x/x11/post-install/font-cursor-misc.post-install -rw-r--r-- 37 root root 275 2007-02-13 21:50 ./source/x/x11/post-install/font-daewoo-misc.post-install -rw-r--r-- 37 root root 275 2007-02-13 21:50 ./source/x/x11/post-install/font-dec-misc.post-install diff --git a/patches/packages/krb5-1.19.2-x86_64-3_slack15.0.txt b/patches/packages/krb5-1.19.2-x86_64-3_slack15.0.txt deleted file mode 100644 index cd70c71bb..000000000 --- a/patches/packages/krb5-1.19.2-x86_64-3_slack15.0.txt +++ /dev/null @@ -1,11 +0,0 @@ -krb5: krb5 (Network authentication protocol) -krb5: -krb5: Kerberos is a network authentication protocol. It is designed to -krb5: provide strong authentication for client/server applications by using -krb5: secret-key cryptography. -krb5: -krb5: Homepage: http://web.mit.edu/kerberos/ -krb5: -krb5: -krb5: -krb5: diff --git a/patches/packages/krb5-1.19.2-x86_64-4_slack15.0.txt b/patches/packages/krb5-1.19.2-x86_64-4_slack15.0.txt new file mode 100644 index 000000000..cd70c71bb --- /dev/null +++ b/patches/packages/krb5-1.19.2-x86_64-4_slack15.0.txt @@ -0,0 +1,11 @@ +krb5: krb5 (Network authentication protocol) +krb5: +krb5: Kerberos is a network authentication protocol. It is designed to +krb5: provide strong authentication for client/server applications by using +krb5: secret-key cryptography. +krb5: +krb5: Homepage: http://web.mit.edu/kerberos/ +krb5: +krb5: +krb5: +krb5: diff --git a/patches/packages/sudo-1.9.13p3-x86_64-1_slack15.0.txt b/patches/packages/sudo-1.9.13p3-x86_64-1_slack15.0.txt deleted file mode 100644 index 427ea5539..000000000 --- a/patches/packages/sudo-1.9.13p3-x86_64-1_slack15.0.txt +++ /dev/null @@ -1,11 +0,0 @@ -sudo: sudo (give limited root privileges to certain users) -sudo: -sudo: 'sudo' is a command that allows users to execute some commands as -sudo: root. The /etc/sudoers file (edited with 'visudo') specifies which -sudo: users have access to sudo and which commands they can run. 'sudo' -sudo: logs all its activities to /var/log/ so the system administrator -sudo: can keep an eye on things. -sudo: -sudo: Homepage: https://www.sudo.ws -sudo: -sudo: diff --git a/patches/packages/sudo-1.9.14p1-x86_64-1_slack15.0.txt b/patches/packages/sudo-1.9.14p1-x86_64-1_slack15.0.txt new file mode 100644 index 000000000..427ea5539 --- /dev/null +++ b/patches/packages/sudo-1.9.14p1-x86_64-1_slack15.0.txt @@ -0,0 +1,11 @@ +sudo: sudo (give limited root privileges to certain users) +sudo: +sudo: 'sudo' is a command that allows users to execute some commands as +sudo: root. The /etc/sudoers file (edited with 'visudo') specifies which +sudo: users have access to sudo and which commands they can run. 'sudo' +sudo: logs all its activities to /var/log/ so the system administrator +sudo: can keep an eye on things. +sudo: +sudo: Homepage: https://www.sudo.ws +sudo: +sudo: diff --git a/patches/source/krb5/ef08b09c9459551aabbe7924fb176f1583053cdd.patch b/patches/source/krb5/ef08b09c9459551aabbe7924fb176f1583053cdd.patch new file mode 100644 index 000000000..9159bc3e8 --- /dev/null +++ b/patches/source/krb5/ef08b09c9459551aabbe7924fb176f1583053cdd.patch @@ -0,0 +1,62 @@ +From ef08b09c9459551aabbe7924fb176f1583053cdd Mon Sep 17 00:00:00 2001 +From: Greg Hudson +Date: Wed, 21 Jun 2023 10:57:39 -0400 +Subject: [PATCH] Ensure array count consistency in kadm5 RPC + +In _xdr_kadm5_principal_ent_rec(), ensure that n_key_data matches the +key_data array count when decoding. Otherwise when the structure is +later freed, xdr_array() could iterate over the wrong number of +elements, either leaking some memory or freeing uninitialized +pointers. Reported by Robert Morris. + +CVE-2023-36054: + +An authenticated attacker can cause a kadmind process to crash by +freeing uninitialized pointers. Remote code execution is unlikely. +An attacker with control of a kadmin server can cause a kadmin client +to crash by freeing uninitialized pointers. + +ticket: 9099 (new) +tags: pullup +target_version: 1.21-next +target_version: 1.20-next +--- + src/lib/kadm5/kadm_rpc_xdr.c | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/src/lib/kadm5/kadm_rpc_xdr.c b/src/lib/kadm5/kadm_rpc_xdr.c +index 0411c3fd3f4..287cae750f9 100644 +--- a/src/lib/kadm5/kadm_rpc_xdr.c ++++ b/src/lib/kadm5/kadm_rpc_xdr.c +@@ -390,6 +390,7 @@ _xdr_kadm5_principal_ent_rec(XDR *xdrs, kadm5_principal_ent_rec *objp, + int v) + { + unsigned int n; ++ bool_t r; + + if (!xdr_krb5_principal(xdrs, &objp->principal)) { + return (FALSE); +@@ -443,6 +444,9 @@ _xdr_kadm5_principal_ent_rec(XDR *xdrs, kadm5_principal_ent_rec *objp, + if (!xdr_krb5_int16(xdrs, &objp->n_key_data)) { + return (FALSE); + } ++ if (xdrs->x_op == XDR_DECODE && objp->n_key_data < 0) { ++ return (FALSE); ++ } + if (!xdr_krb5_int16(xdrs, &objp->n_tl_data)) { + return (FALSE); + } +@@ -451,9 +455,10 @@ _xdr_kadm5_principal_ent_rec(XDR *xdrs, kadm5_principal_ent_rec *objp, + return FALSE; + } + n = objp->n_key_data; +- if (!xdr_array(xdrs, (caddr_t *) &objp->key_data, +- &n, ~0, sizeof(krb5_key_data), +- xdr_krb5_key_data_nocontents)) { ++ r = xdr_array(xdrs, (caddr_t *) &objp->key_data, &n, objp->n_key_data, ++ sizeof(krb5_key_data), xdr_krb5_key_data_nocontents); ++ objp->n_key_data = n; ++ if (!r) { + return (FALSE); + } + diff --git a/patches/source/krb5/krb5.SlackBuild b/patches/source/krb5/krb5.SlackBuild index 49ea6646d..3db26386d 100755 --- a/patches/source/krb5/krb5.SlackBuild +++ b/patches/source/krb5/krb5.SlackBuild @@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=krb5 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-3_slack15.0} +BUILD=${BUILD:-4_slack15.0} if [ -z "$ARCH" ]; then case "$( uname -m )" in @@ -83,6 +83,7 @@ cat $CWD/d775c95af7606a51bf79547a94fa52ddd1cb7f49.patch | patch -p1 --verbose || cat $CWD/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583.patch | patch -p1 --verbose || exit 1 cat $CWD/e134d9a6b6332bd085093e9075c949ece784fcd0.patch | patch -p1 --verbose || exit 1 cat $CWD/5ad465bc8e0d957a4945218bea487b77622bf433.patch | patch -p1 --verbose || exit 1 +cat $CWD/ef08b09c9459551aabbe7924fb176f1583053cdd.patch | patch -p1 --verbose || exit 1 cd src -- cgit v1.2.3-65-gdbad