diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2023-10-03 22:19:10 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2023-10-04 01:08:21 +0200 |
| commit | 7a2ee07f950f14ce482ae370d28b18de8fcbde69 (patch) | |
| tree | b1ff69f347e10c2054f5faa019944d89990d1596 /recompress.sh | |
| parent | cb4e8726f423a41c65ca89c8b8346b0974417940 (diff) | |
| download | current-7a2ee07f950f14ce482ae370d28b18de8fcbde69.tar.gz current-7a2ee07f950f14ce482ae370d28b18de8fcbde69.tar.xz | |
Tue Oct 3 22:19:10 UTC 202320231003221910
a/aaa_glibc-solibs-2.37-x86_64-3.txz: Rebuilt.
a/dialog-1.3_20231002-x86_64-1.txz: Upgraded.
ap/mpg123-1.32.3-x86_64-1.txz: Upgraded.
d/llvm-17.0.2-x86_64-1.txz: Upgraded.
d/meson-1.2.2-x86_64-2.txz: Rebuilt.
[PATCH] Revert rust: apply global, project, and environment C args to bindgen.
This fixes building Mesa.
Thanks to lucabon and marav.
kde/calligra-3.2.1-x86_64-34.txz: Rebuilt.
Recompiled against poppler-23.10.0.
kde/cantor-23.08.1-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.10.0.
kde/kfilemetadata-5.110.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.10.0.
kde/kile-2.9.93-x86_64-28.txz: Rebuilt.
Recompiled against poppler-23.10.0.
kde/kitinerary-23.08.1-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.10.0.
kde/krita-5.1.5-x86_64-15.txz: Rebuilt.
Recompiled against poppler-23.10.0.
kde/okular-23.08.1-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.10.0.
l/glibc-2.37-x86_64-3.txz: Rebuilt.
l/glibc-i18n-2.37-x86_64-3.txz: Rebuilt.
Patched to fix the "Looney Tunables" vulnerability, a local privilege
escalation in ld.so. This vulnerability was introduced in April 2021
(glibc 2.34) by commit 2ed18c.
Thanks to Qualys Research Labs for reporting this issue.
For more information, see:
https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
https://www.cve.org/CVERecord?id=CVE-2023-4911
(* Security fix *)
l/glibc-profile-2.37-x86_64-3.txz: Rebuilt.
l/mozilla-nss-3.94-x86_64-1.txz: Upgraded.
l/poppler-23.10.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/NetworkManager-1.44.2-x86_64-1.txz: Upgraded.
n/irssi-1.4.5-x86_64-1.txz: Upgraded.
x/fcitx5-5.1.1-x86_64-1.txz: Upgraded.
x/fcitx5-anthy-5.1.1-x86_64-1.txz: Upgraded.
x/fcitx5-chinese-addons-5.1.1-x86_64-1.txz: Upgraded.
x/fcitx5-gtk-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-hangul-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-kkc-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-m17n-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-qt-5.1.1-x86_64-1.txz: Upgraded.
x/fcitx5-sayura-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-table-extra-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-table-other-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-unikey-5.1.1-x86_64-1.txz: Upgraded.
x/libX11-1.8.7-x86_64-1.txz: Upgraded.
This update fixes security issues:
libX11: out-of-bounds memory access in _XkbReadKeySyms().
libX11: stack exhaustion from infinite recursion in PutSubImage().
libX11: integer overflow in XCreateImage() leading to a heap overflow.
For more information, see:
https://lists.x.org/archives/xorg-announce/2023-October/003424.html
https://www.cve.org/CVERecord?id=CVE-2023-43785
https://www.cve.org/CVERecord?id=CVE-2023-43786
https://www.cve.org/CVERecord?id=CVE-2023-43787
(* Security fix *)
x/libXpm-3.5.17-x86_64-1.txz: Upgraded.
This update fixes security issues:
libXpm: out of bounds read in XpmCreateXpmImageFromBuffer().
libXpm: out of bounds read on XPM with corrupted colormap.
For more information, see:
https://lists.x.org/archives/xorg-announce/2023-October/003424.html
https://www.cve.org/CVERecord?id=CVE-2023-43788
https://www.cve.org/CVERecord?id=CVE-2023-43789
(* Security fix *)
testing/packages/aaa_glibc-solibs-2.38-x86_64-2.txz: Rebuilt.
testing/packages/glibc-2.38-x86_64-2.txz: Rebuilt.
Patched to fix the "Looney Tunables" vulnerability, a local privilege
escalation in ld.so. This vulnerability was introduced in April 2021
(glibc 2.34) by commit 2ed18c.
Thanks to Qualys Research Labs for reporting this issue.
For more information, see:
https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
https://www.cve.org/CVERecord?id=CVE-2023-4911
(* Security fix *)
testing/packages/glibc-i18n-2.38-x86_64-2.txz: Rebuilt.
testing/packages/glibc-profile-2.38-x86_64-2.txz: Rebuilt.
Diffstat (limited to 'recompress.sh')
| -rwxr-xr-x | recompress.sh | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/recompress.sh b/recompress.sh index ab07e27aa..e607708e2 100755 --- a/recompress.sh +++ b/recompress.sh @@ -682,6 +682,7 @@ gzip ./source/t/xfig/xfig.fig.ad.diff gzip ./source/l/glibc/glibc.ru_RU.CP1251.diff gzip ./source/l/glibc/glibc.locale.no-archive.diff gzip ./source/l/glibc/patches/reenable_DT_HASH.patch +gzip ./source/l/glibc/patches/glibc-2.37.CVE-2023-4911.patch gzip ./source/l/glibc/patches/CVE-2023-25139.patch gzip ./source/l/glibc/glibc-2.32.en_US.no.am.pm.date.format.diff gzip ./source/l/fuse/fuse2-0007-util-ulockmgr_server.c-conditionally-define-closefro.patch @@ -1044,7 +1045,6 @@ gzip ./source/installer/sources/dnsmasq/dnsmasq.libidn2.diff gzip ./source/x/liberation-fonts-ttf/doinst.sh gzip ./source/x/xdg-utils/xdg-open.no.relative.paths.diff gzip ./source/x/xdg-utils/doinst.sh -gzip ./source/x/fcitx5-kkc/0001-remove-std-c-11-from-gui-CMakeLists.txt.patch gzip ./source/x/ttf-indic-fonts/doinst.sh gzip ./source/x/noto-fonts-ttf/doinst.sh gzip ./source/x/libinput/libinput.less.lag.complaining.diff @@ -1116,7 +1116,6 @@ gzip ./source/x/x11/patch/xinit/xinit.remove.systemd.kludge.diff gzip ./source/x/x11/patch/xf86-video-intel/0001-sna-Avoid-clobbering-output-physical-size-with-xf86O.patch gzip ./source/x/x11/patch/xorg-cf-files/Imake.tmpl-binutils-ar-2.36.patch gzip ./source/x/fcitx5/doinst.sh -gzip ./source/x/fcitx5/7fb3a5500270877d93b61b11b2a17b9b8f6a506b.patch gzip ./source/x/ibus/NamesList.txt gzip ./source/x/ibus/Blocks.txt gzip ./source/x/ibus/doinst.sh @@ -1127,5 +1126,6 @@ gzip ./testing/source/glibc/glibc.ru_RU.CP1251.diff gzip ./testing/source/glibc/glibc.locale.no-archive.diff gzip ./testing/source/glibc/patches/glibc-2.38-upstream_fixes-1.patch gzip ./testing/source/glibc/patches/reenable_DT_HASH.patch +gzip ./testing/source/glibc/patches/glibc.CVE-2023-4911.patch gzip ./testing/source/glibc/glibc-2.32.en_US.no.am.pm.date.format.diff gzip ./testing/source/rust/link_libffi.diff |