From a130ab0fdf8914fd1036e10345f118c3838a0472 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Wed, 1 Feb 2023 22:27:31 +0000 Subject: Wed Feb 1 22:27:31 UTC 2023 a/kernel-firmware-20230125_5c11a37-noarch-1.txz: Upgraded. a/kernel-generic-6.1.9-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.9-x86_64-1.txz: Upgraded. a/kernel-modules-6.1.9-x86_64-1.txz: Upgraded. d/kernel-headers-6.1.9-x86-1.txz: Upgraded. k/kernel-source-6.1.9-noarch-1.txz: Upgraded. l/apr-1.7.2-x86_64-1.txz: Upgraded. This update fixes security issues: Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime (APR) allows an attacker to write beyond bounds of a buffer. (CVE-2022-24963) Restore fix for out-of-bounds array dereference in apr_time_exp*() functions. (This issue was addressed as CVE-2017-12613 in APR 1.6.3 and later 1.6.x releases, but was missing in 1.7.0.) (CVE-2021-35940) For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-24963 https://www.cve.org/CVERecord?id=CVE-2021-35940 https://www.cve.org/CVERecord?id=CVE-2017-12613 (* Security fix *) l/apr-util-1.6.3-x86_64-1.txz: Upgraded. This update fixes a security issue: Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. (CVE-2022-25147) For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-25147 (* Security fix *) l/libhandy-1.8.1-x86_64-1.txz: Upgraded. l/libjpeg-turbo-2.1.5-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-102.7.1-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/102.7.1/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-04/ https://www.cve.org/CVERecord?id=CVE-2023-0430 (* Security fix *) isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. --- source/l/apr-util/apr-util.SlackBuild | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) (limited to 'source/l/apr-util/apr-util.SlackBuild') diff --git a/source/l/apr-util/apr-util.SlackBuild b/source/l/apr-util/apr-util.SlackBuild index b14d3ba75..f41d51986 100755 --- a/source/l/apr-util/apr-util.SlackBuild +++ b/source/l/apr-util/apr-util.SlackBuild @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2018 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2018, 2023 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=apr-util VERSION=${VERSION:-$(echo apr-util-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-11} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -71,9 +71,6 @@ rm -rf apr-util-$VERSION tar xvf $CWD/apr-util-$VERSION.tar.bz2 || exit 1 cd apr-util-$VERSION || exit 1 -# Fix issues using recent mariadb: -zcat $CWD/apr-util-mariadb-upstream.patch.gz | patch -p1 --verbose || exit 1 - chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ @@ -127,4 +124,3 @@ cat $CWD/slack-desc > $PKG/install/slack-desc # Build the package: cd $PKG /sbin/makepkg -l y -c n $TMP/apr-util-$VERSION-$ARCH-$BUILD.txz - -- cgit v1.2.3-65-gdbad