From 2e4c4aae3633c4ddb6a1ef778187452de22371d7 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Tue, 3 Oct 2023 22:19:10 +0000 Subject: Tue Oct 3 22:19:10 UTC 2023 patches/packages/libX11-1.8.7-x86_64-1_slack15.0.txz: Upgraded. This update fixes security issues: libX11: out-of-bounds memory access in _XkbReadKeySyms(). libX11: stack exhaustion from infinite recursion in PutSubImage(). libX11: integer overflow in XCreateImage() leading to a heap overflow. For more information, see: https://lists.x.org/archives/xorg-announce/2023-October/003424.html https://www.cve.org/CVERecord?id=CVE-2023-43785 https://www.cve.org/CVERecord?id=CVE-2023-43786 https://www.cve.org/CVERecord?id=CVE-2023-43787 (* Security fix *) patches/packages/libXpm-3.5.17-x86_64-1_slack15.0.txz: Upgraded. This update fixes security issues: libXpm: out of bounds read in XpmCreateXpmImageFromBuffer(). libXpm: out of bounds read on XPM with corrupted colormap. For more information, see: https://lists.x.org/archives/xorg-announce/2023-October/003424.html https://www.cve.org/CVERecord?id=CVE-2023-43788 https://www.cve.org/CVERecord?id=CVE-2023-43789 (* Security fix *) --- ChangeLog.rss | 34 ++++++++++++++- ChangeLog.txt | 22 ++++++++++ FILELIST.TXT | 48 +++++++++++----------- .../packages/libX11-1.8.6-x86_64-1_slack15.0.txt | 11 ----- .../packages/libX11-1.8.7-x86_64-1_slack15.0.txt | 11 +++++ .../packages/libXpm-3.5.15-x86_64-1_slack15.0.txt | 11 ----- .../packages/libXpm-3.5.17-x86_64-1_slack15.0.txt | 11 +++++ 7 files changed, 100 insertions(+), 48 deletions(-) delete mode 100644 patches/packages/libX11-1.8.6-x86_64-1_slack15.0.txt create mode 100644 patches/packages/libX11-1.8.7-x86_64-1_slack15.0.txt delete mode 100644 patches/packages/libXpm-3.5.15-x86_64-1_slack15.0.txt create mode 100644 patches/packages/libXpm-3.5.17-x86_64-1_slack15.0.txt diff --git a/ChangeLog.rss b/ChangeLog.rss index ead4f5850..05eba03b4 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,9 +11,39 @@ Tracking Slackware development in git. en-us urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f - Sat, 30 Sep 2023 21:33:49 GMT - Sun, 1 Oct 2023 11:30:25 GMT + Tue, 3 Oct 2023 22:19:10 GMT + Wed, 4 Oct 2023 11:30:23 GMT maintain_current_git.sh v 1.17 + + Tue, 3 Oct 2023 22:19:10 GMT + Tue, 3 Oct 2023 22:19:10 GMT + https://git.slackware.nl/current/tag/?h=20231003221910 + 20231003221910 + + +patches/packages/libX11-1.8.7-x86_64-1_slack15.0.txz: Upgraded. + This update fixes security issues: + libX11: out-of-bounds memory access in _XkbReadKeySyms(). + libX11: stack exhaustion from infinite recursion in PutSubImage(). + libX11: integer overflow in XCreateImage() leading to a heap overflow. + For more information, see: + https://lists.x.org/archives/xorg-announce/2023-October/003424.html + https://www.cve.org/CVERecord?id=CVE-2023-43785 + https://www.cve.org/CVERecord?id=CVE-2023-43786 + https://www.cve.org/CVERecord?id=CVE-2023-43787 + (* Security fix *) +patches/packages/libXpm-3.5.17-x86_64-1_slack15.0.txz: Upgraded. + This update fixes security issues: + libXpm: out of bounds read in XpmCreateXpmImageFromBuffer(). + libXpm: out of bounds read on XPM with corrupted colormap. + For more information, see: + https://lists.x.org/archives/xorg-announce/2023-October/003424.html + https://www.cve.org/CVERecord?id=CVE-2023-43788 + https://www.cve.org/CVERecord?id=CVE-2023-43789 + (* Security fix *) + ]]> + + Sat, 30 Sep 2023 21:33:49 GMT Sat, 30 Sep 2023 21:33:49 GMT diff --git a/ChangeLog.txt b/ChangeLog.txt index 19492cee5..548ca668d 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,25 @@ +Tue Oct 3 22:19:10 UTC 2023 +patches/packages/libX11-1.8.7-x86_64-1_slack15.0.txz: Upgraded. + This update fixes security issues: + libX11: out-of-bounds memory access in _XkbReadKeySyms(). + libX11: stack exhaustion from infinite recursion in PutSubImage(). + libX11: integer overflow in XCreateImage() leading to a heap overflow. + For more information, see: + https://lists.x.org/archives/xorg-announce/2023-October/003424.html + https://www.cve.org/CVERecord?id=CVE-2023-43785 + https://www.cve.org/CVERecord?id=CVE-2023-43786 + https://www.cve.org/CVERecord?id=CVE-2023-43787 + (* Security fix *) +patches/packages/libXpm-3.5.17-x86_64-1_slack15.0.txz: Upgraded. + This update fixes security issues: + libXpm: out of bounds read in XpmCreateXpmImageFromBuffer(). + libXpm: out of bounds read on XPM with corrupted colormap. + For more information, see: + https://lists.x.org/archives/xorg-announce/2023-October/003424.html + https://www.cve.org/CVERecord?id=CVE-2023-43788 + https://www.cve.org/CVERecord?id=CVE-2023-43789 + (* Security fix *) ++--------------------------+ Sat Sep 30 21:33:49 UTC 2023 patches/packages/libvpx-1.12.0-x86_64-1_slack15.0.txz: Upgraded. This release contains two security related fixes -- one each for VP8 and VP9. diff --git a/FILELIST.TXT b/FILELIST.TXT index b6d17ea58..c959628b2 100644 --- a/FILELIST.TXT +++ b/FILELIST.TXT @@ -1,20 +1,20 @@ -Sat Sep 30 21:37:30 UTC 2023 +Tue Oct 3 22:25:16 UTC 2023 Here is the file list for this directory. If you are using a mirror site and find missing or extra files in the disk subdirectories, please have the archive administrator refresh the mirror. -drwxr-xr-x 12 root root 4096 2023-09-30 21:33 . +drwxr-xr-x 12 root root 4096 2023-10-03 22:19 . -rw-r--r-- 1 root root 5767 2022-02-02 22:44 ./ANNOUNCE.15.0 -rw-r--r-- 1 root root 16609 2022-03-30 19:03 ./CHANGES_AND_HINTS.TXT --rw-r--r-- 1 root root 1190026 2023-09-28 21:41 ./CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2023-09-28 21:41 ./CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 1190900 2023-09-30 21:37 ./CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2023-09-30 21:37 ./CHECKSUMS.md5.asc -rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING -rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3 -rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT -rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT --rw-r--r-- 1 root root 2046966 2023-09-30 21:33 ./ChangeLog.txt +-rw-r--r-- 1 root root 2048059 2023-10-03 22:19 ./ChangeLog.txt drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT -rw-r--r-- 1 root root 1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi @@ -25,7 +25,7 @@ drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT -rwxr-xr-x 1 root root 2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh -rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg -rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg --rw-r--r-- 1 root root 1556291 2023-09-28 21:40 ./FILELIST.TXT +-rw-r--r-- 1 root root 1557412 2023-09-30 21:37 ./FILELIST.TXT -rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY -rw-r--r-- 1 root root 864745 2022-02-02 08:25 ./PACKAGES.TXT -rw-r--r-- 1 root root 8034 2022-02-02 03:36 ./README.TXT @@ -752,13 +752,13 @@ drwxr-xr-x 2 root root 4096 2022-12-17 19:52 ./pasture/source/samba -rw-r--r-- 1 root root 7921 2018-04-29 17:31 ./pasture/source/samba/smb.conf.default -rw-r--r-- 1 root root 7933 2018-01-14 20:41 ./pasture/source/samba/smb.conf.default.orig -rw-r--r-- 1 root root 536 2017-03-23 19:18 ./pasture/source/samba/smb.conf.diff.gz -drwxr-xr-x 4 root root 4096 2023-09-30 21:37 ./patches --rw-r--r-- 1 root root 82432 2023-09-30 21:37 ./patches/CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2023-09-30 21:37 ./patches/CHECKSUMS.md5.asc --rw-r--r-- 1 root root 112703 2023-09-30 21:37 ./patches/FILE_LIST --rw-r--r-- 1 root root 13173335 2023-09-30 21:37 ./patches/MANIFEST.bz2 --rw-r--r-- 1 root root 59164 2023-09-30 21:37 ./patches/PACKAGES.TXT -drwxr-xr-x 3 root root 24576 2023-09-30 21:37 ./patches/packages +drwxr-xr-x 4 root root 4096 2023-10-03 22:25 ./patches +-rw-r--r-- 1 root root 82432 2023-10-03 22:25 ./patches/CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2023-10-03 22:25 ./patches/CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 112703 2023-10-03 22:25 ./patches/FILE_LIST +-rw-r--r-- 1 root root 13166617 2023-10-03 22:25 ./patches/MANIFEST.bz2 +-rw-r--r-- 1 root root 59164 2023-10-03 22:25 ./patches/PACKAGES.TXT +drwxr-xr-x 3 root root 24576 2023-10-03 22:25 ./patches/packages -rw-r--r-- 1 root root 360 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 2389564 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txz.asc @@ -858,12 +858,12 @@ drwxr-xr-x 3 root root 24576 2023-09-30 21:37 ./patches/packages -rw-r--r-- 1 root root 532 2023-06-14 18:09 ./patches/packages/ksh93-1.0.6-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 844160 2023-06-14 18:09 ./patches/packages/ksh93-1.0.6-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2023-06-14 18:09 ./patches/packages/ksh93-1.0.6-x86_64-1_slack15.0.txz.asc --rw-r--r-- 1 root root 305 2023-06-15 18:44 ./patches/packages/libX11-1.8.6-x86_64-1_slack15.0.txt --rw-r--r-- 1 root root 2600844 2023-06-15 18:44 ./patches/packages/libX11-1.8.6-x86_64-1_slack15.0.txz --rw-r--r-- 1 root root 163 2023-06-15 18:44 ./patches/packages/libX11-1.8.6-x86_64-1_slack15.0.txz.asc --rw-r--r-- 1 root root 313 2023-01-17 21:44 ./patches/packages/libXpm-3.5.15-x86_64-1_slack15.0.txt --rw-r--r-- 1 root root 93720 2023-01-17 21:44 ./patches/packages/libXpm-3.5.15-x86_64-1_slack15.0.txz --rw-r--r-- 1 root root 163 2023-01-17 21:44 ./patches/packages/libXpm-3.5.15-x86_64-1_slack15.0.txz.asc +-rw-r--r-- 1 root root 305 2023-10-03 19:39 ./patches/packages/libX11-1.8.7-x86_64-1_slack15.0.txt +-rw-r--r-- 1 root root 2570228 2023-10-03 19:39 ./patches/packages/libX11-1.8.7-x86_64-1_slack15.0.txz +-rw-r--r-- 1 root root 163 2023-10-03 19:39 ./patches/packages/libX11-1.8.7-x86_64-1_slack15.0.txz.asc +-rw-r--r-- 1 root root 313 2023-10-03 19:40 ./patches/packages/libXpm-3.5.17-x86_64-1_slack15.0.txt +-rw-r--r-- 1 root root 94968 2023-10-03 19:40 ./patches/packages/libXpm-3.5.17-x86_64-1_slack15.0.txz +-rw-r--r-- 1 root root 163 2023-10-03 19:40 ./patches/packages/libXpm-3.5.17-x86_64-1_slack15.0.txz.asc -rw-r--r-- 1 root root 402 2023-09-14 02:00 ./patches/packages/libarchive-3.7.2-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 522472 2023-09-14 02:00 ./patches/packages/libarchive-3.7.2-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2023-09-14 02:00 ./patches/packages/libarchive-3.7.2-x86_64-1_slack15.0.txz.asc @@ -1042,7 +1042,7 @@ drwxr-xr-x 2 root root 4096 2023-06-23 18:50 ./patches/packages/linux-5.15 -rw-r--r-- 1 root root 463 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 459652 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz.asc -drwxr-xr-x 87 root root 4096 2023-09-30 21:24 ./patches/source +drwxr-xr-x 87 root root 4096 2023-10-03 22:18 ./patches/source drwxr-xr-x 2 root root 4096 2023-09-26 19:22 ./patches/source/Cython -rw-r--r-- 1 root root 1623580 2023-07-04 19:24 ./patches/source/Cython/Cython-0.29.36.tar.lz -rwxr-xr-x 1 root root 3041 2023-09-26 19:23 ./patches/source/Cython/Cython.SlackBuild @@ -1333,8 +1333,8 @@ drwxr-xr-x 2 root root 4096 2016-10-26 20:10 ./patches/source/libX11/post- drwxr-xr-x 2 root root 4096 2016-10-26 20:10 ./patches/source/libX11/slack-desc -rw-r--r-- 1 root root 762 2012-04-08 02:42 ./patches/source/libX11/slack-desc/libX11 drwxr-xr-x 3 root root 4096 2016-10-26 20:10 ./patches/source/libX11/src -drwxr-xr-x 2 root root 4096 2023-06-15 18:32 ./patches/source/libX11/src/lib --rw-r--r-- 1 root root 1859460 2023-06-15 16:32 ./patches/source/libX11/src/lib/libX11-1.8.6.tar.xz +drwxr-xr-x 2 root root 4096 2023-10-03 19:34 ./patches/source/libX11/src/lib +-rw-r--r-- 1 root root 1859256 2023-10-03 16:43 ./patches/source/libX11/src/lib/libX11-1.8.7.tar.xz -rwxr-xr-x 1 root root 15219 2020-02-19 20:37 ./patches/source/libX11/x11.SlackBuild drwxr-xr-x 11 root root 4096 2023-01-17 21:41 ./patches/source/libXpm -rw-r--r-- 1 root root 376 2021-01-16 18:58 ./patches/source/libXpm/arch.use.flags @@ -1355,8 +1355,8 @@ drwxr-xr-x 2 root root 4096 2023-01-17 21:40 ./patches/source/libXpm/post- drwxr-xr-x 2 root root 4096 2023-01-17 21:37 ./patches/source/libXpm/slack-desc -rw-r--r-- 1 root root 770 2012-04-08 03:24 ./patches/source/libXpm/slack-desc/libXpm drwxr-xr-x 3 root root 4096 2023-01-17 21:37 ./patches/source/libXpm/src -drwxr-xr-x 2 root root 4096 2023-01-17 21:37 ./patches/source/libXpm/src/lib --rw-r--r-- 1 root root 459140 2023-01-17 16:33 ./patches/source/libXpm/src/lib/libXpm-3.5.15.tar.xz +drwxr-xr-x 2 root root 4096 2023-10-03 19:37 ./patches/source/libXpm/src/lib +-rw-r--r-- 1 root root 468964 2023-10-03 16:13 ./patches/source/libXpm/src/lib/libXpm-3.5.17.tar.xz -rwxr-xr-x 1 root root 15219 2020-02-19 20:37 ./patches/source/libXpm/x11.SlackBuild drwxr-xr-x 2 root root 4096 2023-09-13 19:02 ./patches/source/libarchive -rw-r--r-- 1 root root 5237056 2023-09-11 22:20 ./patches/source/libarchive/libarchive-3.7.2.tar.xz diff --git a/patches/packages/libX11-1.8.6-x86_64-1_slack15.0.txt b/patches/packages/libX11-1.8.6-x86_64-1_slack15.0.txt deleted file mode 100644 index 7a0038ff4..000000000 --- a/patches/packages/libX11-1.8.6-x86_64-1_slack15.0.txt +++ /dev/null @@ -1,11 +0,0 @@ -libX11: libX11 (Core X11 protocol client library) -libX11: -libX11: libX11 is part of X11. -libX11: -libX11: For more information about the X.Org Foundation (the providers of the -libX11: X.Org implementation of the X Window System), see their website: -libX11: -libX11: http://www.x.org -libX11: -libX11: -libX11: diff --git a/patches/packages/libX11-1.8.7-x86_64-1_slack15.0.txt b/patches/packages/libX11-1.8.7-x86_64-1_slack15.0.txt new file mode 100644 index 000000000..7a0038ff4 --- /dev/null +++ b/patches/packages/libX11-1.8.7-x86_64-1_slack15.0.txt @@ -0,0 +1,11 @@ +libX11: libX11 (Core X11 protocol client library) +libX11: +libX11: libX11 is part of X11. +libX11: +libX11: For more information about the X.Org Foundation (the providers of the +libX11: X.Org implementation of the X Window System), see their website: +libX11: +libX11: http://www.x.org +libX11: +libX11: +libX11: diff --git a/patches/packages/libXpm-3.5.15-x86_64-1_slack15.0.txt b/patches/packages/libXpm-3.5.15-x86_64-1_slack15.0.txt deleted file mode 100644 index d118ed104..000000000 --- a/patches/packages/libXpm-3.5.15-x86_64-1_slack15.0.txt +++ /dev/null @@ -1,11 +0,0 @@ -libXpm: libXpm (X Pixmap (XPM) image file format library) -libXpm: -libXpm: libXpm is part of X11. -libXpm: -libXpm: For more information about the X.Org Foundation (the providers of the -libXpm: X.Org implementation of the X Window System), see their website: -libXpm: -libXpm: http://www.x.org -libXpm: -libXpm: -libXpm: diff --git a/patches/packages/libXpm-3.5.17-x86_64-1_slack15.0.txt b/patches/packages/libXpm-3.5.17-x86_64-1_slack15.0.txt new file mode 100644 index 000000000..d118ed104 --- /dev/null +++ b/patches/packages/libXpm-3.5.17-x86_64-1_slack15.0.txt @@ -0,0 +1,11 @@ +libXpm: libXpm (X Pixmap (XPM) image file format library) +libXpm: +libXpm: libXpm is part of X11. +libXpm: +libXpm: For more information about the X.Org Foundation (the providers of the +libXpm: X.Org implementation of the X Window System), see their website: +libXpm: +libXpm: http://www.x.org +libXpm: +libXpm: +libXpm: -- cgit v1.2.3-65-gdbad