From 823a8c2cb79520c3c7692bbf4a4be64989a047e2 Mon Sep 17 00:00:00 2001
From: Patrick J Volkerding <volkerdi@slackware.com>
Date: Wed, 13 Dec 2023 22:01:34 +0000
Subject: Wed Dec 13 22:01:34 UTC 2023

patches/packages/libxml2-2.12.3-x86_64-1_slack15.0.txz:  Upgraded.
  This update addresses regressions when building against libxml2 that were
  due to header file refactoring.
patches/packages/xorg-server-1.20.14-x86_64-10_slack15.0.txz:  Rebuilt.
  This update fixes two security issues:
  Out-of-bounds memory write in XKB button actions.
  Out-of-bounds memory read in RRChangeOutputProperty and
  RRChangeProviderProperty.
  For more information, see:
    https://lists.x.org/archives/xorg/2023-December/061517.html
    https://www.cve.org/CVERecord?id=CVE-2023-6377
    https://www.cve.org/CVERecord?id=CVE-2023-6478
  (* Security fix *)
patches/packages/xorg-server-xephyr-1.20.14-x86_64-10_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-x86_64-10_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-x86_64-10_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xwayland-21.1.4-x86_64-9_slack15.0.txz:  Rebuilt.
  This update fixes two security issues:
  Out-of-bounds memory write in XKB button actions.
  Out-of-bounds memory read in RRChangeOutputProperty and
  RRChangeProviderProperty.
  For more information, see:
    https://lists.x.org/archives/xorg/2023-December/061517.html
    https://www.cve.org/CVERecord?id=CVE-2023-6377
    https://www.cve.org/CVERecord?id=CVE-2023-6478
  (* Security fix *)
---
 recompress.sh | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'recompress.sh')

diff --git a/recompress.sh b/recompress.sh
index 8e4aef9bc..601fba1a2 100755
--- a/recompress.sh
+++ b/recompress.sh
@@ -1201,6 +1201,8 @@ gzip ./patches/source/texlive/texlive.unicode5.0.diff
 gzip ./patches/source/sysstat/doinst.sh
 gzip ./patches/source/xorg-server-xwayland/CVE-2022-46342.patch
 gzip ./patches/source/xorg-server-xwayland/CVE-2022-46343.patch
+gzip ./patches/source/xorg-server-xwayland/CVE-2023-6377.patch
+gzip ./patches/source/xorg-server-xwayland/CVE-2023-6478.patch
 gzip ./patches/source/xorg-server-xwayland/CVE-2022-46340.patch
 gzip ./patches/source/xorg-server-xwayland/CVE-2023-0494.patch
 gzip ./patches/source/xorg-server-xwayland/CVE-2022-46340.correction.patch
@@ -1261,6 +1263,8 @@ gzip ./patches/source/emacs/doinst.sh
 gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-46342.patch
 gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2023-5380.patch
 gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-46343.patch
+gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2023-6377.patch
+gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2023-6478.patch
 gzip ./patches/source/xorg-server/patch/xorg-server/xorg-server.combo.mouse.keyboard.layout.patch
 gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-3553.patch
 gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-46340.patch
-- 
cgit v1.2.3-79-gdb01