Wed Mar 29 20:56:21 UTC 202320230329205621_15.0

patches/packages/glibc-zoneinfo-2023c-noarch-1_slack15.0.txz: Upgraded. This package provides the latest timezone updates. patches/packages/mozilla-thunderbird-102.9.1-x86_64-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/102.9.1/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-12/ https://www.cve.org/CVERecord?id=CVE-2023-28427 (* Security fix *) patches/packages/xorg-server-1.20.14-x86_64-8_slack15.0.txz: Rebuilt. [PATCH] composite: Fix use-after-free of the COW. Fix use-after-free that can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. For more information, see: https://lists.x.org/archives/xorg-announce/2023-March/003374.html https://www.cve.org/CVERecord?id=CVE-2023-1393 (* Security fix *) patches/packages/xorg-server-xephyr-1.20.14-x86_64-8_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xnest-1.20.14-x86_64-8_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xvfb-1.20.14-x86_64-8_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xwayland-21.1.4-x86_64-7_slack15.0.txz: Rebuilt. [PATCH] composite: Fix use-after-free of the COW. Fix use-after-free that can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. For more information, see: https://lists.x.org/archives/xorg-announce/2023-March/003374.html https://www.cve.org/CVERecord?id=CVE-2023-1393 (* Security fix *)
author: Patrick J Volkerding <volkerdi@slackware.com> 2023-03-29 20:56:21 +0000
committer: Eric Hameleers <alien@slackware.com> 2023-03-30 13:30:41 +0200
commit: 5b606a9169015941ec3d0dfb0bf99299cf435240 (patch)
tree: af399e50cb4b650a300e1e8c13104d5558cff646
parent: 694953a02401ef2e4b4ee493a3ad3a1cc50e32bb (diff)
download: current-5b606a9169015941ec3d0dfb0bf99299cf435240.tar.gz
current-5b606a9169015941ec3d0dfb0bf99299cf435240.tar.xz
16 files changed, 230 insertions, 64 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss
index 10843f97c..fa1d7270d 100644
--- a/ChangeLog.rss
+++ b/ChangeLog.rss
@@ -11,10 +11,50 @@
       <description>Tracking Slackware development in git.</description>
       <language>en-us</language>
       <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
-      <pubDate>Fri, 24 Mar 2023 19:42:46 GMT</pubDate>
-      <lastBuildDate>Sat, 25 Mar 2023 12:30:22 GMT</lastBuildDate>
+      <pubDate>Wed, 29 Mar 2023 20:56:21 GMT</pubDate>
+      <lastBuildDate>Thu, 30 Mar 2023 11:30:28 GMT</lastBuildDate>
       <generator>maintain_current_git.sh v 1.17</generator>
       <item>
+         <title>Wed, 29 Mar 2023 20:56:21 GMT</title>
+         <pubDate>Wed, 29 Mar 2023 20:56:21 GMT</pubDate>
+         <link>https://git.slackware.nl/current/tag/?h=20230329205621</link>
+         <guid isPermaLink="false">20230329205621</guid>
+         <description>
+           <![CDATA[<pre>
+patches/packages/glibc-zoneinfo-2023c-noarch-1_slack15.0.txz:  Upgraded.
+  This package provides the latest timezone updates.
+patches/packages/mozilla-thunderbird-102.9.1-x86_64-1_slack15.0.txz:  Upgraded.
+  This release contains security fixes and improvements.
+  For more information, see:
+    https://www.mozilla.org/en-US/thunderbird/102.9.1/releasenotes/
+    https://www.mozilla.org/en-US/security/advisories/mfsa2023-12/
+    https://www.cve.org/CVERecord?id=CVE-2023-28427
+  (* Security fix *)
+patches/packages/xorg-server-1.20.14-x86_64-8_slack15.0.txz:  Rebuilt.
+  [PATCH] composite: Fix use-after-free of the COW.
+  Fix use-after-free that can lead to local privileges elevation on systems
+  where the X server is running privileged and remote code execution for ssh
+  X forwarding sessions.
+  For more information, see:
+    https://lists.x.org/archives/xorg-announce/2023-March/003374.html
+    https://www.cve.org/CVERecord?id=CVE-2023-1393
+  (* Security fix *)
+patches/packages/xorg-server-xephyr-1.20.14-x86_64-8_slack15.0.txz:  Rebuilt.
+patches/packages/xorg-server-xnest-1.20.14-x86_64-8_slack15.0.txz:  Rebuilt.
+patches/packages/xorg-server-xvfb-1.20.14-x86_64-8_slack15.0.txz:  Rebuilt.
+patches/packages/xorg-server-xwayland-21.1.4-x86_64-7_slack15.0.txz:  Rebuilt.
+  [PATCH] composite: Fix use-after-free of the COW.
+  Fix use-after-free that can lead to local privileges elevation on systems
+  where the X server is running privileged and remote code execution for ssh
+  X forwarding sessions.
+  For more information, see:
+    https://lists.x.org/archives/xorg-announce/2023-March/003374.html
+    https://www.cve.org/CVERecord?id=CVE-2023-1393
+  (* Security fix *)
+           </pre>]]>
+         </description>
+      </item>
+      <item>
          <title>Fri, 24 Mar 2023 19:42:46 GMT</title>
          <pubDate>Fri, 24 Mar 2023 19:42:46 GMT</pubDate>
          <link>https://git.slackware.nl/current/tag/?h=20230324194246</link>
diff --git a/ChangeLog.txt b/ChangeLog.txt
index 5ff2fd533..7549ac57a 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,35 @@
+Wed Mar 29 20:56:21 UTC 2023
+patches/packages/glibc-zoneinfo-2023c-noarch-1_slack15.0.txz:  Upgraded.
+  This package provides the latest timezone updates.
+patches/packages/mozilla-thunderbird-102.9.1-x86_64-1_slack15.0.txz:  Upgraded.
+  This release contains security fixes and improvements.
+  For more information, see:
+    https://www.mozilla.org/en-US/thunderbird/102.9.1/releasenotes/
+    https://www.mozilla.org/en-US/security/advisories/mfsa2023-12/
+    https://www.cve.org/CVERecord?id=CVE-2023-28427
+  (* Security fix *)
+patches/packages/xorg-server-1.20.14-x86_64-8_slack15.0.txz:  Rebuilt.
+  [PATCH] composite: Fix use-after-free of the COW.
+  Fix use-after-free that can lead to local privileges elevation on systems
+  where the X server is running privileged and remote code execution for ssh
+  X forwarding sessions.
+  For more information, see:
+    https://lists.x.org/archives/xorg-announce/2023-March/003374.html
+    https://www.cve.org/CVERecord?id=CVE-2023-1393
+  (* Security fix *)
+patches/packages/xorg-server-xephyr-1.20.14-x86_64-8_slack15.0.txz:  Rebuilt.
+patches/packages/xorg-server-xnest-1.20.14-x86_64-8_slack15.0.txz:  Rebuilt.
+patches/packages/xorg-server-xvfb-1.20.14-x86_64-8_slack15.0.txz:  Rebuilt.
+patches/packages/xorg-server-xwayland-21.1.4-x86_64-7_slack15.0.txz:  Rebuilt.
+  [PATCH] composite: Fix use-after-free of the COW.
+  Fix use-after-free that can lead to local privileges elevation on systems
+  where the X server is running privileged and remote code execution for ssh
+  X forwarding sessions.
+  For more information, see:
+    https://lists.x.org/archives/xorg-announce/2023-March/003374.html
+    https://www.cve.org/CVERecord?id=CVE-2023-1393
+  (* Security fix *)
++--------------------------+
 Fri Mar 24 19:42:46 UTC 2023
 patches/packages/glibc-zoneinfo-2023b-noarch-1_slack15.0.txz:  Upgraded.
   This package provides the latest timezone updates.
diff --git a/FILELIST.TXT b/FILELIST.TXT
index 29401b700..51a074fb0 100644
--- a/FILELIST.TXT
+++ b/FILELIST.TXT
@@ -1,20 +1,20 @@
-Fri Mar 24 19:47:55 UTC 2023
+Wed Mar 29 21:02:43 UTC 2023
 
 Here is the file list for this directory.  If you are using a 
 mirror site and find missing or extra files in the disk 
 subdirectories, please have the archive administrator refresh
 the mirror.
 
-drwxr-xr-x 12 root root      4096 2023-03-24 19:42 .
+drwxr-xr-x 12 root root      4096 2023-03-29 20:56 .
 -rw-r--r--  1 root root      5767 2022-02-02 22:44 ./ANNOUNCE.15.0
 -rw-r--r--  1 root root     16609 2022-03-30 19:03 ./CHANGES_AND_HINTS.TXT
--rw-r--r--  1 root root   1173557 2023-03-20 18:31 ./CHECKSUMS.md5
--rw-r--r--  1 root root       163 2023-03-20 18:31 ./CHECKSUMS.md5.asc
+-rw-r--r--  1 root root   1174404 2023-03-24 19:48 ./CHECKSUMS.md5
+-rw-r--r--  1 root root       163 2023-03-24 19:48 ./CHECKSUMS.md5.asc
 -rw-r--r--  1 root root     17976 1994-06-10 02:28 ./COPYING
 -rw-r--r--  1 root root     35147 2007-06-30 04:21 ./COPYING3
 -rw-r--r--  1 root root     19573 2016-06-23 20:08 ./COPYRIGHT.TXT
 -rw-r--r--  1 root root       616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT
--rw-r--r--  1 root root   1999555 2023-03-24 19:42 ./ChangeLog.txt
+-rw-r--r--  1 root root   2001296 2023-03-29 20:56 ./ChangeLog.txt
 drwxr-xr-x  3 root root      4096 2013-03-20 22:17 ./EFI
 drwxr-xr-x  2 root root      4096 2022-02-02 08:21 ./EFI/BOOT
 -rw-r--r--  1 root root   1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi
@@ -25,7 +25,7 @@ drwxr-xr-x  2 root root      4096 2022-02-02 08:21 ./EFI/BOOT
 -rwxr-xr-x  1 root root      2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh
 -rw-r--r--  1 root root     10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg
 -rw-r--r--  1 root root      1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg
--rw-r--r--  1 root root   1530417 2023-03-20 18:31 ./FILELIST.TXT
+-rw-r--r--  1 root root   1531519 2023-03-24 19:47 ./FILELIST.TXT
 -rw-r--r--  1 root root      1572 2012-08-29 18:27 ./GPG-KEY
 -rw-r--r--  1 root root    864745 2022-02-02 08:25 ./PACKAGES.TXT
 -rw-r--r--  1 root root      8034 2022-02-02 03:36 ./README.TXT
@@ -739,13 +739,13 @@ drwxr-xr-x  2 root root      4096 2008-05-07 05:21 ./pasture/source/php/pear
 -rwxr-xr-x  1 root root      9448 2018-05-16 22:38 ./pasture/source/php/php.SlackBuild
 -rw-r--r--  1 root root       775 2017-07-07 19:25 ./pasture/source/php/php.ini-development.diff.gz
 -rw-r--r--  1 root root       830 2005-12-09 05:18 ./pasture/source/php/slack-desc
-drwxr-xr-x  4 root root      4096 2023-03-24 19:47 ./patches
--rw-r--r--  1 root root     68342 2023-03-24 19:47 ./patches/CHECKSUMS.md5
--rw-r--r--  1 root root       163 2023-03-24 19:47 ./patches/CHECKSUMS.md5.asc
--rw-r--r--  1 root root     92615 2023-03-24 19:47 ./patches/FILE_LIST
--rw-r--r--  1 root root  11991250 2023-03-24 19:47 ./patches/MANIFEST.bz2
--rw-r--r--  1 root root     49167 2023-03-24 19:47 ./patches/PACKAGES.TXT
-drwxr-xr-x  3 root root     20480 2023-03-24 19:47 ./patches/packages
+drwxr-xr-x  4 root root      4096 2023-03-29 21:02 ./patches
+-rw-r--r--  1 root root     68525 2023-03-29 21:02 ./patches/CHECKSUMS.md5
+-rw-r--r--  1 root root       163 2023-03-29 21:02 ./patches/CHECKSUMS.md5.asc
+-rw-r--r--  1 root root     92832 2023-03-29 21:02 ./patches/FILE_LIST
+-rw-r--r--  1 root root  11993780 2023-03-29 21:02 ./patches/MANIFEST.bz2
+-rw-r--r--  1 root root     49167 2023-03-29 21:02 ./patches/PACKAGES.TXT
+drwxr-xr-x  3 root root     20480 2023-03-29 21:02 ./patches/packages
 -rw-r--r--  1 root root       327 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txt
 -rw-r--r--  1 root root     10716 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz
 -rw-r--r--  1 root root       163 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz.asc
@@ -800,9 +800,9 @@ drwxr-xr-x  3 root root     20480 2023-03-24 19:47 ./patches/packages
 -rw-r--r--  1 root root       397 2023-02-15 19:29 ./patches/packages/git-2.35.7-x86_64-1_slack15.0.txt
 -rw-r--r--  1 root root   6653480 2023-02-15 19:29 ./patches/packages/git-2.35.7-x86_64-1_slack15.0.txz
 -rw-r--r--  1 root root       163 2023-02-15 19:29 ./patches/packages/git-2.35.7-x86_64-1_slack15.0.txz.asc
--rw-r--r--  1 root root       503 2023-03-24 18:52 ./patches/packages/glibc-zoneinfo-2023b-noarch-1_slack15.0.txt
--rw-r--r--  1 root root    207692 2023-03-24 18:52 ./patches/packages/glibc-zoneinfo-2023b-noarch-1_slack15.0.txz
--rw-r--r--  1 root root       163 2023-03-24 18:52 ./patches/packages/glibc-zoneinfo-2023b-noarch-1_slack15.0.txz.asc
+-rw-r--r--  1 root root       503 2023-03-29 20:53 ./patches/packages/glibc-zoneinfo-2023c-noarch-1_slack15.0.txt
+-rw-r--r--  1 root root    207136 2023-03-29 20:53 ./patches/packages/glibc-zoneinfo-2023c-noarch-1_slack15.0.txz
+-rw-r--r--  1 root root       163 2023-03-29 20:53 ./patches/packages/glibc-zoneinfo-2023c-noarch-1_slack15.0.txz.asc
 -rw-r--r--  1 root root       598 2022-07-07 18:24 ./patches/packages/gnupg2-2.2.36-x86_64-1_slack15.0.txt
 -rw-r--r--  1 root root   2368640 2022-07-07 18:24 ./patches/packages/gnupg2-2.2.36-x86_64-1_slack15.0.txz
 -rw-r--r--  1 root root       163 2022-07-07 18:24 ./patches/packages/gnupg2-2.2.36-x86_64-1_slack15.0.txz.asc
@@ -873,9 +873,9 @@ drwxr-xr-x  2 root root      4096 2023-02-18 02:05 ./patches/packages/linux-5.15
 -rw-r--r--  1 root root       564 2023-01-06 19:37 ./patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txt
 -rw-r--r--  1 root root   1838968 2023-01-06 19:37 ./patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txz
 -rw-r--r--  1 root root       163 2023-01-06 19:37 ./patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txz.asc
--rw-r--r--  1 root root       663 2023-03-16 19:29 ./patches/packages/mozilla-thunderbird-102.9.0-x86_64-1_slack15.0.txt
--rw-r--r--  1 root root  56263644 2023-03-16 19:29 ./patches/packages/mozilla-thunderbird-102.9.0-x86_64-1_slack15.0.txz
--rw-r--r--  1 root root       163 2023-03-16 19:29 ./patches/packages/mozilla-thunderbird-102.9.0-x86_64-1_slack15.0.txz.asc
+-rw-r--r--  1 root root       663 2023-03-29 18:42 ./patches/packages/mozilla-thunderbird-102.9.1-x86_64-1_slack15.0.txt
+-rw-r--r--  1 root root  56292400 2023-03-29 18:42 ./patches/packages/mozilla-thunderbird-102.9.1-x86_64-1_slack15.0.txz
+-rw-r--r--  1 root root       163 2023-03-29 18:42 ./patches/packages/mozilla-thunderbird-102.9.1-x86_64-1_slack15.0.txz.asc
 -rw-r--r--  1 root root       451 2022-07-21 17:53 ./patches/packages/net-snmp-5.9.3-x86_64-1_slack15.0.txt
 -rw-r--r--  1 root root   1598024 2022-07-21 17:53 ./patches/packages/net-snmp-5.9.3-x86_64-1_slack15.0.txz
 -rw-r--r--  1 root root       163 2022-07-21 17:53 ./patches/packages/net-snmp-5.9.3-x86_64-1_slack15.0.txz.asc
@@ -957,21 +957,21 @@ drwxr-xr-x  2 root root      4096 2023-02-18 02:05 ./patches/packages/linux-5.15
 -rw-r--r--  1 root root       377 2022-11-17 01:47 ./patches/packages/xfce4-settings-4.16.5-x86_64-1_slack15.0.txt
 -rw-r--r--  1 root root    801956 2022-11-17 01:47 ./patches/packages/xfce4-settings-4.16.5-x86_64-1_slack15.0.txz
 -rw-r--r--  1 root root       163 2022-11-17 01:47 ./patches/packages/xfce4-settings-4.16.5-x86_64-1_slack15.0.txz.asc
--rw-r--r--  1 root root       670 2023-02-07 20:25 ./patches/packages/xorg-server-1.20.14-x86_64-7_slack15.0.txt
--rw-r--r--  1 root root   1779564 2023-02-07 20:25 ./patches/packages/xorg-server-1.20.14-x86_64-7_slack15.0.txz
--rw-r--r--  1 root root       163 2023-02-07 20:25 ./patches/packages/xorg-server-1.20.14-x86_64-7_slack15.0.txz.asc
--rw-r--r--  1 root root       370 2023-02-07 20:25 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-7_slack15.0.txt
--rw-r--r--  1 root root    868428 2023-02-07 20:25 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-7_slack15.0.txz
--rw-r--r--  1 root root       163 2023-02-07 20:25 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-7_slack15.0.txz.asc
--rw-r--r--  1 root root       592 2023-02-07 20:25 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-7_slack15.0.txt
--rw-r--r--  1 root root    604984 2023-02-07 20:25 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-7_slack15.0.txz
--rw-r--r--  1 root root       163 2023-02-07 20:25 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-7_slack15.0.txz.asc
--rw-r--r--  1 root root       689 2023-02-07 20:25 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-7_slack15.0.txt
--rw-r--r--  1 root root    730940 2023-02-07 20:25 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-7_slack15.0.txz
--rw-r--r--  1 root root       163 2023-02-07 20:25 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-7_slack15.0.txz.asc
--rw-r--r--  1 root root       816 2023-02-07 20:26 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-6_slack15.0.txt
--rw-r--r--  1 root root    816632 2023-02-07 20:26 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-6_slack15.0.txz
--rw-r--r--  1 root root       163 2023-02-07 20:26 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-6_slack15.0.txz.asc
+-rw-r--r--  1 root root       670 2023-03-29 18:44 ./patches/packages/xorg-server-1.20.14-x86_64-8_slack15.0.txt
+-rw-r--r--  1 root root   1779708 2023-03-29 18:44 ./patches/packages/xorg-server-1.20.14-x86_64-8_slack15.0.txz
+-rw-r--r--  1 root root       163 2023-03-29 18:44 ./patches/packages/xorg-server-1.20.14-x86_64-8_slack15.0.txz.asc
+-rw-r--r--  1 root root       370 2023-03-29 18:44 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-8_slack15.0.txt
+-rw-r--r--  1 root root    868684 2023-03-29 18:44 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-8_slack15.0.txz
+-rw-r--r--  1 root root       163 2023-03-29 18:44 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-8_slack15.0.txz.asc
+-rw-r--r--  1 root root       592 2023-03-29 18:44 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-8_slack15.0.txt
+-rw-r--r--  1 root root    605096 2023-03-29 18:44 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-8_slack15.0.txz
+-rw-r--r--  1 root root       163 2023-03-29 18:44 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-8_slack15.0.txz.asc
+-rw-r--r--  1 root root       689 2023-03-29 18:44 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-8_slack15.0.txt
+-rw-r--r--  1 root root    731508 2023-03-29 18:44 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-8_slack15.0.txz
+-rw-r--r--  1 root root       163 2023-03-29 18:44 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-8_slack15.0.txz.asc
+-rw-r--r--  1 root root       816 2023-03-29 18:44 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-7_slack15.0.txt
+-rw-r--r--  1 root root    816820 2023-03-29 18:44 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-7_slack15.0.txz
+-rw-r--r--  1 root root       163 2023-03-29 18:44 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-7_slack15.0.txz.asc
 -rw-r--r--  1 root root       463 2023-03-05 20:29 ./patches/packages/xscreensaver-6.06-x86_64-1_slack15.0.txt
 -rw-r--r--  1 root root   9161204 2023-03-05 20:29 ./patches/packages/xscreensaver-6.06-x86_64-1_slack15.0.txz
 -rw-r--r--  1 root root       163 2023-03-05 20:29 ./patches/packages/xscreensaver-6.06-x86_64-1_slack15.0.txz.asc
@@ -981,7 +981,7 @@ drwxr-xr-x  2 root root      4096 2023-02-18 02:05 ./patches/packages/linux-5.15
 -rw-r--r--  1 root root       388 2022-10-15 04:05 ./patches/packages/zlib-1.2.13-x86_64-1_slack15.0.txt
 -rw-r--r--  1 root root    105356 2022-10-15 04:05 ./patches/packages/zlib-1.2.13-x86_64-1_slack15.0.txz
 -rw-r--r--  1 root root       163 2022-10-15 04:05 ./patches/packages/zlib-1.2.13-x86_64-1_slack15.0.txz.asc
-drwxr-xr-x 70 root root      4096 2023-03-24 19:38 ./patches/source
+drwxr-xr-x 70 root root      4096 2023-03-29 20:55 ./patches/source
 drwxr-xr-x  2 root root      4096 2022-01-16 05:07 ./patches/source/aaa_base
 -rw-r--r--  1 root root     11041 2022-02-15 04:49 ./patches/source/aaa_base/_aaa_base.tar.gz
 -rwxr-xr-x  1 root root      3894 2022-02-15 05:07 ./patches/source/aaa_base/aaa_base.SlackBuild
@@ -1124,7 +1124,7 @@ drwxr-xr-x  2 root root      4096 2023-02-15 19:23 ./patches/source/git
 -rwxr-xr-x  1 root root      5491 2022-04-14 20:18 ./patches/source/git/git.SlackBuild
 -rw-r--r--  1 root root        45 2015-09-01 20:04 ./patches/source/git/git.url
 -rw-r--r--  1 root root       848 2018-02-27 06:13 ./patches/source/git/slack-desc
-drwxr-xr-x  3 root root      4096 2023-03-24 18:51 ./patches/source/glibc-zoneinfo
+drwxr-xr-x  3 root root      4096 2023-03-29 19:08 ./patches/source/glibc-zoneinfo
 -rw-r--r--  1 root root      1221 2021-04-19 18:23 ./patches/source/glibc-zoneinfo/doinst.sh.gz
 -rwxr-xr-x  1 root root      5596 2022-03-19 18:39 ./patches/source/glibc-zoneinfo/glibc-zoneinfo.SlackBuild
 -rw-r--r--  1 root root       965 2021-05-11 18:44 ./patches/source/glibc-zoneinfo/slack-desc
@@ -1139,10 +1139,10 @@ drwxr-xr-x  2 root root      4096 2006-12-03 23:10 ./patches/source/glibc-zonein
 -rw-r--r--  1 root root        87 2006-12-03 23:10 ./patches/source/glibc-zoneinfo/timezone-scripts/parts/README
 -rw-r--r--  1 root root        66 2003-02-16 21:17 ./patches/source/glibc-zoneinfo/timezone-scripts/setup.timeconfig
 -rw-r--r--  1 root root     28680 2020-12-09 20:12 ./patches/source/glibc-zoneinfo/timezone-scripts/timeconfig
--rw-r--r--  1 root root    292492 2023-03-24 03:10 ./patches/source/glibc-zoneinfo/tzcode2023b.tar.gz
--rw-r--r--  1 root root       833 2023-03-24 03:10 ./patches/source/glibc-zoneinfo/tzcode2023b.tar.gz.asc
--rw-r--r--  1 root root    443019 2023-03-24 03:10 ./patches/source/glibc-zoneinfo/tzdata2023b.tar.gz
--rw-r--r--  1 root root       833 2023-03-24 03:10 ./patches/source/glibc-zoneinfo/tzdata2023b.tar.gz.asc
+-rw-r--r--  1 root root    292852 2023-03-28 20:25 ./patches/source/glibc-zoneinfo/tzcode2023c.tar.gz
+-rw-r--r--  1 root root       833 2023-03-28 20:25 ./patches/source/glibc-zoneinfo/tzcode2023c.tar.gz.asc
+-rw-r--r--  1 root root    443902 2023-03-28 20:25 ./patches/source/glibc-zoneinfo/tzdata2023c.tar.gz
+-rw-r--r--  1 root root       833 2023-03-28 20:25 ./patches/source/glibc-zoneinfo/tzdata2023c.tar.gz.asc
 -rw-r--r--  1 root root       178 2020-10-12 18:03 ./patches/source/glibc-zoneinfo/zic.default.fat.diff.gz
 drwxr-xr-x  2 root root      4096 2022-07-07 18:21 ./patches/source/gnupg2
 -rw-r--r--  1 root root   5158914 2022-07-06 18:20 ./patches/source/gnupg2/gnupg-2.2.36.tar.lz
@@ -1351,7 +1351,7 @@ drwxr-xr-x  2 root root      4096 2023-01-06 19:30 ./patches/source/mozilla-nss
 -rw-r--r--  1 root root  37770371 2023-01-05 18:00 ./patches/source/mozilla-nss/nss-3.87.tar.lz
 -rw-r--r--  1 root root      2488 2012-04-29 21:05 ./patches/source/mozilla-nss/nss-config.in
 -rw-r--r--  1 root root      1023 2018-02-27 06:12 ./patches/source/mozilla-nss/slack-desc
-drwxr-xr-x  4 root root      4096 2023-03-16 18:15 ./patches/source/mozilla-thunderbird
+drwxr-xr-x  4 root root      4096 2023-03-29 17:33 ./patches/source/mozilla-thunderbird
 -rw-r--r--  1 root root       266 2022-08-06 19:40 ./patches/source/mozilla-thunderbird/arc4random_buf.glibc-2.36.diff.gz
 drwxr-xr-x  2 root root      4096 2016-07-03 18:05 ./patches/source/mozilla-thunderbird/autoconf
 -rw-r--r--  1 root root      5869 2016-07-03 18:04 ./patches/source/mozilla-thunderbird/autoconf/autoconf-2.13-consolidated_fixes-1.patch.gz
@@ -1377,8 +1377,8 @@ drwxr-xr-x  2 root root      4096 2023-03-15 17:09 ./patches/source/mozilla-thun
 -rw-r--r--  1 root root      3378 2005-03-08 05:13 ./patches/source/mozilla-thunderbird/mozilla-thunderbird.desktop
 -rw-r--r--  1 root root      1130 2018-02-27 06:47 ./patches/source/mozilla-thunderbird/slack-desc
 -rw-r--r--  1 root root       330 2019-08-27 16:35 ./patches/source/mozilla-thunderbird/tb.ui.scrollToClick.diff.gz
--rw-r--r--  1 root root 503081436 2023-03-15 14:01 ./patches/source/mozilla-thunderbird/thunderbird-102.9.0.source.tar.xz
--rw-r--r--  1 root root       833 2023-03-15 14:01 ./patches/source/mozilla-thunderbird/thunderbird-102.9.0.source.tar.xz.asc
+-rw-r--r--  1 root root 503181696 2023-03-28 21:28 ./patches/source/mozilla-thunderbird/thunderbird-102.9.1.source.tar.xz
+-rw-r--r--  1 root root       833 2023-03-28 21:28 ./patches/source/mozilla-thunderbird/thunderbird-102.9.1.source.tar.xz.asc
 drwxr-xr-x  2 root root      4096 2022-07-21 17:44 ./patches/source/net-snmp
 -rw-r--r--  1 root root       356 2021-12-21 18:38 ./patches/source/net-snmp/doinst.sh.gz
 -rw-r--r--  1 root root       607 2018-07-20 09:39 ./patches/source/net-snmp/net-snmp-5.7.2-cert-path.patch.gz
@@ -1649,7 +1649,7 @@ drwxr-xr-x  2 root root      4096 2022-11-16 19:13 ./patches/source/xfce4-settin
 -rw-r--r--  1 root root        83 2022-11-09 20:26 ./patches/source/xfce4-settings/xfce4-settings.url
 -rw-r--r--  1 root root       543 2012-07-19 19:32 ./patches/source/xfce4-settings/xfce4-settings.xft.defaults.diff.gz
 drwxr-xr-x 10 root root      4096 2022-07-12 20:19 ./patches/source/xorg-server
-drwxr-xr-x  2 root root      4096 2023-02-07 20:24 ./patches/source/xorg-server-xwayland
+drwxr-xr-x  2 root root      4096 2023-03-29 18:18 ./patches/source/xorg-server-xwayland
 -rw-r--r--  1 root root      1175 2022-07-12 17:02 ./patches/source/xorg-server-xwayland/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch.gz
 -rw-r--r--  1 root root      2243 2022-07-12 17:03 ./patches/source/xorg-server-xwayland/0002-dd8caf39e9e15d8f302e54045dd08d8ebf1025dc.patch.gz
 -rw-r--r--  1 root root      1923 2022-07-12 17:03 ./patches/source/xorg-server-xwayland/0003-6907b6ea2b4ce949cb07271f5b678d5966d9df42.patch.gz
@@ -1664,13 +1664,14 @@ drwxr-xr-x  2 root root      4096 2023-02-07 20:24 ./patches/source/xorg-server-
 -rw-r--r--  1 root root       863 2022-12-14 19:22 ./patches/source/xorg-server-xwayland/CVE-2022-46343.patch.gz
 -rw-r--r--  1 root root      1049 2022-12-14 19:23 ./patches/source/xorg-server-xwayland/CVE-2022-46344.patch.gz
 -rw-r--r--  1 root root       605 2023-02-07 19:33 ./patches/source/xorg-server-xwayland/CVE-2023-0494.patch.gz
+-rw-r--r--  1 root root       792 2023-03-29 18:09 ./patches/source/xorg-server-xwayland/CVE-2023-1393.patch.gz
 -rw-r--r--  1 root root      1287 2021-04-18 18:21 ./patches/source/xorg-server-xwayland/slack-desc
--rwxr-xr-x  1 root root      6383 2023-02-07 20:25 ./patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild
+-rwxr-xr-x  1 root root      6481 2023-03-29 18:18 ./patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild
 -rw-r--r--  1 root root   1261712 2021-12-14 14:01 ./patches/source/xorg-server-xwayland/xwayland-21.1.4.tar.xz
 -rw-r--r--  1 root root        95 2021-12-14 14:01 ./patches/source/xorg-server-xwayland/xwayland-21.1.4.tar.xz.sig
 -rw-r--r--  1 root root       376 2021-01-16 18:58 ./patches/source/xorg-server/arch.use.flags
 drwxr-xr-x  2 root root      4096 2013-04-18 22:42 ./patches/source/xorg-server/build
--rw-r--r--  1 root root        12 2023-02-07 20:23 ./patches/source/xorg-server/build/xorg-server
+-rw-r--r--  1 root root        12 2023-03-29 18:14 ./patches/source/xorg-server/build/xorg-server
 drwxr-xr-x  2 root root      4096 2022-07-12 19:51 ./patches/source/xorg-server/configure
 -rw-r--r--  1 root root      3140 2021-12-26 22:45 ./patches/source/xorg-server/configure/xorg-server
 drwxr-xr-x  2 root root      4096 2013-04-18 22:43 ./patches/source/xorg-server/doinst.sh
@@ -1680,8 +1681,8 @@ drwxr-xr-x  2 root root      4096 2022-07-12 19:52 ./patches/source/xorg-server/
 -rw-r--r--  1 root root      1189 2018-05-03 12:16 ./patches/source/xorg-server/noarch
 -rw-r--r--  1 root root       833 2019-12-09 18:56 ./patches/source/xorg-server/package-blacklist
 drwxr-xr-x  3 root root      4096 2023-02-07 20:15 ./patches/source/xorg-server/patch
-drwxr-xr-x  2 root root      4096 2023-02-07 20:15 ./patches/source/xorg-server/patch/xorg-server
--rw-r--r--  1 root root      4714 2023-02-07 20:20 ./patches/source/xorg-server/patch/xorg-server.patch
+drwxr-xr-x  2 root root      4096 2023-03-29 18:15 ./patches/source/xorg-server/patch/xorg-server
+-rw-r--r--  1 root root      4885 2023-03-29 18:15 ./patches/source/xorg-server/patch/xorg-server.patch
 -rw-r--r--  1 root root       623 2018-07-15 18:32 ./patches/source/xorg-server/patch/xorg-server/0001-Always-install-vbe-and-int10-sdk-headers.patch.gz
 -rw-r--r--  1 root root      3846 2018-07-15 18:32 ./patches/source/xorg-server/patch/xorg-server/0001-autobind-GPUs-to-the-screen.patch.gz
 -rw-r--r--  1 root root      1175 2022-07-12 17:02 ./patches/source/xorg-server/patch/xorg-server/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch.gz
@@ -1701,6 +1702,7 @@ drwxr-xr-x  2 root root      4096 2023-02-07 20:15 ./patches/source/xorg-server/
 -rw-r--r--  1 root root       863 2022-12-14 19:22 ./patches/source/xorg-server/patch/xorg-server/CVE-2022-46343.patch.gz
 -rw-r--r--  1 root root      1049 2022-12-14 19:23 ./patches/source/xorg-server/patch/xorg-server/CVE-2022-46344.patch.gz
 -rw-r--r--  1 root root       605 2023-02-07 19:33 ./patches/source/xorg-server/patch/xorg-server/CVE-2023-0494.patch.gz
+-rw-r--r--  1 root root       792 2023-03-29 18:09 ./patches/source/xorg-server/patch/xorg-server/CVE-2023-1393.patch.gz
 -rw-r--r--  1 root root       298 2018-05-30 05:02 ./patches/source/xorg-server/patch/xorg-server/fix-nouveau-segfault.diff.gz
 -rw-r--r--  1 root root       357 2020-09-11 18:38 ./patches/source/xorg-server/patch/xorg-server/fix-pci-segfault.diff.gz
 -rw-r--r--  1 root root       340 2012-04-14 03:01 ./patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff.gz
@@ -2748,8 +2750,8 @@ drwxr-xr-x  2 root root     69632 2022-02-01 08:29 ./slackware64/kde
 -rw-r--r--  1 root root   1928396 2022-01-06 22:19 ./slackware64/kde/elisa-21.12.1-x86_64-1.txz
 -rw-r--r--  1 root root       163 2022-01-06 22:19 ./slackware64/kde/elisa-21.12.1-x86_64-1.txz.asc
 -rw-r--r--  1 root root       210 2022-01-06 21:43 ./slackware64/kde/eventviews-21.12.1-x86_64-1.txt
--rw-r--r--  1 root root    613608 2022-01-06 21:43 ./slackware64/kde/eventviews-21.12.1-x86_64-1.txz
--rw-r--r--  1 root root       163 2022-01-06 21:43 ./slackware64/kde/eventviews-21.12.1-x86_64-1.txz.asc
+-rw-r--r-- 1 root root   613608 2022-01-06 21:43 ./slackware64/kde/eventviews-21.12.1-x86_64-1.txz
+-rw-r--r-- 1 root root      163 2022-01-06 21:43 ./slackware64/kde/eventviews-21.12.1-x86_64-1.txz.asc
 -rw-r--r-- 1 root root      365 2022-01-08 22:25 ./slackware64/kde/extra-cmake-modules-5.90.0-x86_64-1.txt
 -rw-r--r-- 1 root root   131456 2022-01-08 22:25 ./slackware64/kde/extra-cmake-modules-5.90.0-x86_64-1.txz
 -rw-r--r-- 1 root root      163 2022-01-08 22:25 ./slackware64/kde/extra-cmake-modules-5.90.0-x86_64-1.txz.asc
@@ -5482,8 +5484,8 @@ drwxr-xr-x 2 root root    65536 2022-02-01 04:47 ./slackware64/x
 -rw-r--r-- 1 root root      163 2021-02-13 13:19 ./slackware64/x/font-alias-1.0.4-noarch-3.txz.asc
 -rw-r--r-- 1 root root      423 2021-02-13 13:19 ./slackware64/x/font-arabic-misc-1.0.3-noarch-5.txt
 -rw-r--r-- 1 root root    22136 2021-02-13 13:19 ./slackware64/x/font-arabic-misc-1.0.3-noarch-5.txz
--rw-r--r-- 1 root root      163 2021-02-13 13:19 ./slackware64/x/font-arabic-misc-1.0.3-noarch-5.txz.asc
--rw-r--r-- 1 root root      397 2021-02-13 13:19 ./slackware64/x/font-bh-100dpi-1.0.3-noarch-5.txt
+-rw-r--r--   1 root root      163 2021-02-13 13:19 ./slackware64/x/font-arabic-misc-1.0.3-noarch-5.txz.asc
+-rw-r--r--   1 root root      397 2021-02-13 13:19 ./slackware64/x/font-bh-100dpi-1.0.3-noarch-5.txt
 -rw-r--r--   1 root root  3779208 2021-02-13 13:19 ./slackware64/x/font-bh-100dpi-1.0.3-noarch-5.txz
 -rw-r--r--   1 root root      163 2021-02-13 13:19 ./slackware64/x/font-bh-100dpi-1.0.3-noarch-5.txz.asc
 -rw-r--r--   1 root root      384 2021-02-13 13:19 ./slackware64/x/font-bh-75dpi-1.0.3-noarch-5.txt
@@ -8637,9 +8639,9 @@ drwxr-xr-x   2 root root     4096 2022-01-28 20:33 ./source/d/poke
 drwxr-xr-x   2 root root     4096 2021-11-02 19:02 ./source/d/python-pip
 -rw-r--r--   1 root root  1168884 2021-10-22 15:57 ./source/d/python-pip/pip-21.3.1.tar.lz
 -rw-r--r--   1 root root       33 2018-03-29 06:10 ./source/d/python-pip/pip.url
--rwxr-xr-x   1 root root     2876 2021-11-02 19:02 ./source/d/python-pip/python-pip.SlackBuild
--rw-r--r--   1 root root      760 2018-02-27 06:13 ./source/d/python-pip/slack-desc
-drwxr-xr-x   2 root root     4096 2021-11-02 19:02 ./source/d/python-setuptools
+-rwxr-xr-x   1 root root      2876 2021-11-02 19:02 ./source/d/python-pip/python-pip.SlackBuild
+-rw-r--r--   1 root root       760 2018-02-27 06:13 ./source/d/python-pip/slack-desc
+drwxr-xr-x   2 root root      4096 2021-11-02 19:02 ./source/d/python-setuptools
 -rwxr-xr-x   1 root root      3206 2021-11-02 19:02 ./source/d/python-setuptools/python-setuptools.SlackBuild
 -rw-r--r--   1 root root        40 2017-11-28 22:11 ./source/d/python-setuptools/python-setuptools.url
 -rw-r--r--   1 root root   1262272 2021-09-04 15:12 ./source/d/python-setuptools/setuptools-57.5.0.tar.lz
@@ -15060,11 +15062,11 @@ drwxr-xr-x   2 root root     12288 2020-05-18 17:50 ./source/x/x11/slack-desc
 -rw-r--r--   1 root root      1003 2012-04-08 03:30 ./source/x/x11/slack-desc/libpthread-stubs
 -rw-r--r--   1 root root       900 2018-02-26 22:57 ./source/x/x11/slack-desc/libxcb
 -rw-r--r--   1 root root       824 2012-04-08 02:45 ./source/x/x11/slack-desc/libxkbfile
--rw-r--r--   1 root root       847 2014-05-13 05:34 ./source/x/x11/slack-desc/libxshmfence
--rw-r--r--   1 root root       707 2012-04-08 03:30 ./source/x/x11/slack-desc/listres
--rw-r--r--   1 root root       778 2012-04-08 03:31 ./source/x/x11/slack-desc/lndir
--rw-r--r--   1 root root       826 2018-02-26 22:57 ./source/x/x11/slack-desc/luit
--rw-r--r--   1 root root       818 2012-04-08 03:31 ./source/x/x11/slack-desc/makedepend
+-rw-r--r--  1 root root       847 2014-05-13 05:34 ./source/x/x11/slack-desc/libxshmfence
+-rw-r--r--  1 root root       707 2012-04-08 03:30 ./source/x/x11/slack-desc/listres
+-rw-r--r--  1 root root       778 2012-04-08 03:31 ./source/x/x11/slack-desc/lndir
+-rw-r--r--  1 root root       826 2018-02-26 22:57 ./source/x/x11/slack-desc/luit
+-rw-r--r--  1 root root       818 2012-04-08 03:31 ./source/x/x11/slack-desc/makedepend
 -rw-r--r--  1 root root       890 2012-04-08 03:31 ./source/x/x11/slack-desc/mkcomposecache
 -rw-r--r--  1 root root       837 2019-10-28 19:03 ./source/x/x11/slack-desc/mkfontscale
 -rw-r--r--  1 root root       679 2012-04-08 03:32 ./source/x/x11/slack-desc/oclock
diff --git a/patches/packages/glibc-zoneinfo-2023b-noarch-1_slack15.0.txt b/patches/packages/glibc-zoneinfo-2023c-noarch-1_slack15.0.txt
index c6e7a698e..c6e7a698e 100644
--- a/patches/packages/glibc-zoneinfo-2023b-noarch-1_slack15.0.txt
+++ b/patches/packages/glibc-zoneinfo-2023c-noarch-1_slack15.0.txt
diff --git a/patches/packages/mozilla-thunderbird-102.9.0-x86_64-1_slack15.0.txt b/patches/packages/mozilla-thunderbird-102.9.1-x86_64-1_slack15.0.txt
index 5acb7b92e..5acb7b92e 100644
--- a/patches/packages/mozilla-thunderbird-102.9.0-x86_64-1_slack15.0.txt
+++ b/patches/packages/mozilla-thunderbird-102.9.1-x86_64-1_slack15.0.txt
diff --git a/patches/packages/xorg-server-1.20.14-x86_64-7_slack15.0.txt b/patches/packages/xorg-server-1.20.14-x86_64-8_slack15.0.txt
index ec0248ea9..ec0248ea9 100644
--- a/patches/packages/xorg-server-1.20.14-x86_64-7_slack15.0.txt
+++ b/patches/packages/xorg-server-1.20.14-x86_64-8_slack15.0.txt
diff --git a/patches/packages/xorg-server-xephyr-1.20.14-x86_64-7_slack15.0.txt b/patches/packages/xorg-server-xephyr-1.20.14-x86_64-8_slack15.0.txt
index 2ffb35f60..2ffb35f60 100644
--- a/patches/packages/xorg-server-xephyr-1.20.14-x86_64-7_slack15.0.txt
+++ b/patches/packages/xorg-server-xephyr-1.20.14-x86_64-8_slack15.0.txt
diff --git a/patches/packages/xorg-server-xnest-1.20.14-x86_64-7_slack15.0.txt b/patches/packages/xorg-server-xnest-1.20.14-x86_64-8_slack15.0.txt
index 9c7075278..9c7075278 100644
--- a/patches/packages/xorg-server-xnest-1.20.14-x86_64-7_slack15.0.txt
+++ b/patches/packages/xorg-server-xnest-1.20.14-x86_64-8_slack15.0.txt
diff --git a/patches/packages/xorg-server-xvfb-1.20.14-x86_64-7_slack15.0.txt b/patches/packages/xorg-server-xvfb-1.20.14-x86_64-8_slack15.0.txt
index 675c628db..675c628db 100644
--- a/patches/packages/xorg-server-xvfb-1.20.14-x86_64-7_slack15.0.txt
+++ b/patches/packages/xorg-server-xvfb-1.20.14-x86_64-8_slack15.0.txt
diff --git a/patches/packages/xorg-server-xwayland-21.1.4-x86_64-6_slack15.0.txt b/patches/packages/xorg-server-xwayland-21.1.4-x86_64-7_slack15.0.txt
index 44e18f2cf..44e18f2cf 100644
--- a/patches/packages/xorg-server-xwayland-21.1.4-x86_64-6_slack15.0.txt
+++ b/patches/packages/xorg-server-xwayland-21.1.4-x86_64-7_slack15.0.txt
diff --git a/patches/source/xorg-server-xwayland/CVE-2023-1393.patch b/patches/source/xorg-server-xwayland/CVE-2023-1393.patch
new file mode 100644
index 000000000..0d859d6c1
--- /dev/null
+++ b/patches/source/xorg-server-xwayland/CVE-2023-1393.patch
@@ -0,0 +1,42 @@
+From 26ef545b3502f61ca722a7a3373507e88ef64110 Mon Sep 17 00:00:00 2001
+From: Olivier Fourdan <ofourdan@redhat.com>
+Date: Mon, 13 Mar 2023 11:08:47 +0100
+Subject: [PATCH] composite: Fix use-after-free of the COW
+
+ZDI-CAN-19866/CVE-2023-1393
+
+If a client explicitly destroys the compositor overlay window (aka COW),
+we would leave a dangling pointer to that window in the CompScreen
+structure, which will trigger a use-after-free later.
+
+Make sure to clear the CompScreen pointer to the COW when the latter gets
+destroyed explicitly by the client.
+
+This vulnerability was discovered by:
+Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
+
+Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
+Reviewed-by: Adam Jackson <ajax@redhat.com>
+---
+ composite/compwindow.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/composite/compwindow.c b/composite/compwindow.c
+index 4e2494b86b..b30da589e9 100644
+--- a/composite/compwindow.c
++++ b/composite/compwindow.c
+@@ -620,6 +620,11 @@ compDestroyWindow(WindowPtr pWin)
+     ret = (*pScreen->DestroyWindow) (pWin);
+     cs->DestroyWindow = pScreen->DestroyWindow;
+     pScreen->DestroyWindow = compDestroyWindow;
++
++    /* Did we just destroy the overlay window? */
++    if (pWin == cs->pOverlayWin)
++        cs->pOverlayWin = NULL;
++
+ /*    compCheckTree (pWin->drawable.pScreen); can't check -- tree isn't good*/
+     return ret;
+ }
+-- 
+GitLab
+
diff --git a/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild b/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild
index 47e83e8ff..7d7d88d20 100755
--- a/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild
+++ b/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild
@@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd)
 PKGNAM=xorg-server-xwayland
 SRCNAM=xwayland
 VERSION=${VERSION:-$(echo $SRCNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-6_slack15.0}
+BUILD=${BUILD:-7_slack15.0}
 
 # Default font paths to be used by the X server:
 DEF_FONTPATH="/usr/share/fonts/misc,/usr/share/fonts/local,/usr/share/fonts/TTF,/usr/share/fonts/OTF,/usr/share/fonts/Type1,/usr/share/fonts/CID,/usr/share/fonts/75dpi/:unscaled,/usr/share/fonts/100dpi/:unscaled,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/cyrillic"
@@ -103,6 +103,9 @@ zcat $CWD/CVE-2022-46340.correction.patch.gz | patch -p1 --verbose || exit 1
 # Patch another security issue:
 zcat $CWD/CVE-2023-0494.patch.gz | patch -p1 --verbose || exit 1
 
+# Patch another security issue:
+zcat $CWD/CVE-2023-1393.patch.gz | patch -p1 --verbose || exit 1
+
 # [PATCH] present: Check for NULL to prevent crash.
 # This prevents a crash with recent NVIDIA drivers.
 zcat $CWD/857.patch.gz | patch -p1 --verbose || exit 1
diff --git a/patches/source/xorg-server/build/xorg-server b/patches/source/xorg-server/build/xorg-server
index 7952b0566..05965f95a 100644
--- a/patches/source/xorg-server/build/xorg-server
+++ b/patches/source/xorg-server/build/xorg-server
@@ -1 +1 @@
-7_slack15.0
+8_slack15.0
diff --git a/patches/source/xorg-server/patch/xorg-server.patch b/patches/source/xorg-server/patch/xorg-server.patch
index c0a9b1426..e95f8b86f 100644
--- a/patches/source/xorg-server/patch/xorg-server.patch
+++ b/patches/source/xorg-server/patch/xorg-server.patch
@@ -56,3 +56,6 @@ zcat $CWD/patch/xorg-server/CVE-2023-0494.patch.gz | patch -p1 --verbose || { to
 # [PATCH] present: Check for NULL to prevent crash.
 # This prevents a crash with recent NVIDIA drivers.
 zcat $CWD/patch/xorg-server/857.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
+
+# Patch another security issue:
+zcat $CWD/patch/xorg-server/CVE-2023-1393.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
diff --git a/patches/source/xorg-server/patch/xorg-server/CVE-2023-1393.patch b/patches/source/xorg-server/patch/xorg-server/CVE-2023-1393.patch
new file mode 100644
index 000000000..0d859d6c1
--- /dev/null
+++ b/patches/source/xorg-server/patch/xorg-server/CVE-2023-1393.patch
@@ -0,0 +1,42 @@
+From 26ef545b3502f61ca722a7a3373507e88ef64110 Mon Sep 17 00:00:00 2001
+From: Olivier Fourdan <ofourdan@redhat.com>
+Date: Mon, 13 Mar 2023 11:08:47 +0100
+Subject: [PATCH] composite: Fix use-after-free of the COW
+
+ZDI-CAN-19866/CVE-2023-1393
+
+If a client explicitly destroys the compositor overlay window (aka COW),
+we would leave a dangling pointer to that window in the CompScreen
+structure, which will trigger a use-after-free later.
+
+Make sure to clear the CompScreen pointer to the COW when the latter gets
+destroyed explicitly by the client.
+
+This vulnerability was discovered by:
+Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
+
+Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
+Reviewed-by: Adam Jackson <ajax@redhat.com>
+---
+ composite/compwindow.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/composite/compwindow.c b/composite/compwindow.c
+index 4e2494b86b..b30da589e9 100644
+--- a/composite/compwindow.c
++++ b/composite/compwindow.c
+@@ -620,6 +620,11 @@ compDestroyWindow(WindowPtr pWin)
+     ret = (*pScreen->DestroyWindow) (pWin);
+     cs->DestroyWindow = pScreen->DestroyWindow;
+     pScreen->DestroyWindow = compDestroyWindow;
++
++    /* Did we just destroy the overlay window? */
++    if (pWin == cs->pOverlayWin)
++        cs->pOverlayWin = NULL;
++
+ /*    compCheckTree (pWin->drawable.pScreen); can't check -- tree isn't good*/
+     return ret;
+ }
+-- 
+GitLab
+
diff --git a/recompress.sh b/recompress.sh
index aeae3b802..35c79c131 100755
--- a/recompress.sh
+++ b/recompress.sh
@@ -1192,6 +1192,7 @@ gzip ./patches/source/xorg-server-xwayland/857.patch
 gzip ./patches/source/xorg-server-xwayland/0003-6907b6ea2b4ce949cb07271f5b678d5966d9df42.patch
 gzip ./patches/source/xorg-server-xwayland/CVE-2022-3551.patch
 gzip ./patches/source/xorg-server-xwayland/CVE-2022-4283.patch
+gzip ./patches/source/xorg-server-xwayland/CVE-2023-1393.patch
 gzip ./patches/source/xorg-server-xwayland/CVE-2022-46341.patch
 gzip ./patches/source/xorg-server-xwayland/0002-dd8caf39e9e15d8f302e54045dd08d8ebf1025dc.patch
 gzip ./patches/source/xorg-server-xwayland/CVE-2022-3550.patch
@@ -1247,6 +1248,7 @@ gzip ./patches/source/xorg-server/patch/xorg-server/857.patch
 gzip ./patches/source/xorg-server/patch/xorg-server/0003-6907b6ea2b4ce949cb07271f5b678d5966d9df42.patch
 gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-3551.patch
 gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-4283.patch
+gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2023-1393.patch
 gzip ./patches/source/xorg-server/patch/xorg-server/fix-nouveau-segfault.diff
 gzip ./patches/source/xorg-server/patch/xorg-server/fix-pci-segfault.diff
 gzip ./patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff
author	Patrick J Volkerding <volkerdi@slackware.com>	2023-03-29 20:56:21 +0000
committer	Eric Hameleers <alien@slackware.com>	2023-03-30 13:30:41 +0200
commit	5b606a9169015941ec3d0dfb0bf99299cf435240 (patch)
tree	af399e50cb4b650a300e1e8c13104d5558cff646
parent	694953a02401ef2e4b4ee493a3ad3a1cc50e32bb (diff)
download	current-5b606a9169015941ec3d0dfb0bf99299cf435240.tar.gz current-5b606a9169015941ec3d0dfb0bf99299cf435240.tar.xz