diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2022-12-14 21:19:34 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2022-12-14 23:46:49 +0100 |
| commit | fc0ff5a5d7c45f929eb214b3147aa538e736e2aa (patch) | |
| tree | 50597023627f75dde70715de78423e655589cdbd /source/a/bash/bash-5.2-patches/bash52-013 | |
| parent | ac5857bb77042a1843e9436852630091adc75982 (diff) | |
| download | current-fc0ff5a5d7c45f929eb214b3147aa538e736e2aa.tar.gz current-fc0ff5a5d7c45f929eb214b3147aa538e736e2aa.tar.xz | |
Wed Dec 14 21:19:34 UTC 202220221214211934
a/bash-5.2.015-x86_64-1.txz: Upgraded.
a/tcsh-6.24.06-x86_64-1.txz: Upgraded.
ap/inxi-3.3.24_1-noarch-1.txz: Upgraded.
ap/nano-7.1-x86_64-1.txz: Upgraded.
d/git-2.39.0-x86_64-1.txz: Upgraded.
d/rust-1.65.0-x86_64-1.txz: Upgraded.
d/strace-6.1-x86_64-1.txz: Upgraded.
kde/krita-5.1.4-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.0_54-x86_64-1.txz: Upgraded.
l/nodejs-19.3.0-x86_64-1.txz: Upgraded.
l/pcre2-10.42-x86_64-1.txz: Upgraded.
n/iproute2-6.1.0-x86_64-1.txz: Upgraded.
x/makedepend-1.0.8-x86_64-1.txz: Upgraded.
x/xhost-1.0.9-x86_64-1.txz: Upgraded.
x/xorg-server-21.1.5-x86_64-1.txz: Upgraded.
This release fixes 6 recently reported security vulnerabilities in
various extensions.
For more information, see:
https://lists.x.org/archives/xorg-announce/2022-December/003302.html
https://www.cve.org/CVERecord?id=CVE-2022-46340
https://www.cve.org/CVERecord?id=CVE-2022-46341
https://www.cve.org/CVERecord?id=CVE-2022-46342
https://www.cve.org/CVERecord?id=CVE-2022-46343
https://www.cve.org/CVERecord?id=CVE-2022-46344
https://www.cve.org/CVERecord?id=CVE-2022-4283
(* Security fix *)
x/xorg-server-xephyr-21.1.5-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-21.1.5-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-21.1.5-x86_64-1.txz: Upgraded.
x/xorg-server-xwayland-22.1.6-x86_64-1.txz: Upgraded.
This release fixes 6 recently reported security vulnerabilities in
various extensions.
For more information, see:
https://lists.x.org/archives/xorg-announce/2022-December/003302.html
https://www.cve.org/CVERecord?id=CVE-2022-46340
https://www.cve.org/CVERecord?id=CVE-2022-46341
https://www.cve.org/CVERecord?id=CVE-2022-46342
https://www.cve.org/CVERecord?id=CVE-2022-46343
https://www.cve.org/CVERecord?id=CVE-2022-46344
https://www.cve.org/CVERecord?id=CVE-2022-4283
(* Security fix *)
xap/mozilla-thunderbird-102.6.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-53/
https://www.cve.org/CVERecord?id=CVE-2022-46880
https://www.cve.org/CVERecord?id=CVE-2022-46872
https://www.cve.org/CVERecord?id=CVE-2022-46881
https://www.cve.org/CVERecord?id=CVE-2022-46874
https://www.cve.org/CVERecord?id=CVE-2022-46875
https://www.cve.org/CVERecord?id=CVE-2022-46882
https://www.cve.org/CVERecord?id=CVE-2022-46878
(* Security fix *)
xap/xscreensaver-6.06-x86_64-1.txz: Upgraded.
testing/packages/mozilla-firefox-108.0-x86_64-1.txz: Upgraded.
Starting this out in /testing for now, since I've been trying for 2 days to
get it to compile on 32-bit with no luck. It ends up failing with a bunch of
errors like this:
ld.lld: error: undefined hidden symbol: tabs_4d51_TabsStore_sync
Any help getting this to build on 32-bit would be greatly appreciated.
I've tried most of ponce's bag of tricks already. :-)
Diffstat (limited to 'source/a/bash/bash-5.2-patches/bash52-013')
| -rw-r--r-- | source/a/bash/bash-5.2-patches/bash52-013 | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/source/a/bash/bash-5.2-patches/bash52-013 b/source/a/bash/bash-5.2-patches/bash52-013 new file mode 100644 index 000000000..3051269c1 --- /dev/null +++ b/source/a/bash/bash-5.2-patches/bash52-013 @@ -0,0 +1,58 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.2 +Patch-ID: bash52-013 + +Bug-Reported-by: Ralf Oehler <Ralf@Oehler-Privat.de> +Bug-Reference-ID: <20221120140252.2fc6489b@bilbo> +Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2022-11/msg00082.html + +Bug-Description: + +Bash can leak memory when referencing a non-existent associative array +element. + +Patch (apply with `patch -p0'): + +*** ../bash-5.2-patched/subst.c 2022-11-05 17:27:48.000000000 -0400 +--- subst.c 2022-11-21 14:42:59.000000000 -0500 +*************** +*** 7498,7503 **** + : quote_escapes (temp); + rflags |= W_ARRAYIND; +- if (estatep) +- *estatep = es; /* structure copy */ + } + /* Note that array[*] and array[@] expanded to a quoted null string by +--- 7508,7511 ---- +*************** +*** 7508,7512 **** + rflags |= W_HASQUOTEDNULL; + +! if (estatep == 0) + flush_eltstate (&es); + } +--- 7516,7522 ---- + rflags |= W_HASQUOTEDNULL; + +! if (estatep) +! *estatep = es; /* structure copy */ +! else + flush_eltstate (&es); + } +*** ../bash-5.2/patchlevel.h 2020-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 12 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 13 + + #endif /* _PATCHLEVEL_H_ */ |