Tue Oct 3 22:19:10 UTC 202320231003221910

a/aaa_glibc-solibs-2.37-x86_64-3.txz:  Rebuilt.
a/dialog-1.3_20231002-x86_64-1.txz:  Upgraded.
ap/mpg123-1.32.3-x86_64-1.txz:  Upgraded.
d/llvm-17.0.2-x86_64-1.txz:  Upgraded.
d/meson-1.2.2-x86_64-2.txz:  Rebuilt.
  [PATCH] Revert rust: apply global, project, and environment C args to bindgen.
  This fixes building Mesa.
  Thanks to lucabon and marav.
kde/calligra-3.2.1-x86_64-34.txz:  Rebuilt.
  Recompiled against poppler-23.10.0.
kde/cantor-23.08.1-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-23.10.0.
kde/kfilemetadata-5.110.0-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-23.10.0.
kde/kile-2.9.93-x86_64-28.txz:  Rebuilt.
  Recompiled against poppler-23.10.0.
kde/kitinerary-23.08.1-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-23.10.0.
kde/krita-5.1.5-x86_64-15.txz:  Rebuilt.
  Recompiled against poppler-23.10.0.
kde/okular-23.08.1-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-23.10.0.
l/glibc-2.37-x86_64-3.txz:  Rebuilt.
l/glibc-i18n-2.37-x86_64-3.txz:  Rebuilt.
  Patched to fix the "Looney Tunables" vulnerability, a local privilege
  escalation in ld.so. This vulnerability was introduced in April 2021
  (glibc 2.34) by commit 2ed18c.
  Thanks to Qualys Research Labs for reporting this issue.
  For more information, see:
    https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
    https://www.cve.org/CVERecord?id=CVE-2023-4911
  (* Security fix *)
l/glibc-profile-2.37-x86_64-3.txz:  Rebuilt.
l/mozilla-nss-3.94-x86_64-1.txz:  Upgraded.
l/poppler-23.10.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
n/NetworkManager-1.44.2-x86_64-1.txz:  Upgraded.
n/irssi-1.4.5-x86_64-1.txz:  Upgraded.
x/fcitx5-5.1.1-x86_64-1.txz:  Upgraded.
x/fcitx5-anthy-5.1.1-x86_64-1.txz:  Upgraded.
x/fcitx5-chinese-addons-5.1.1-x86_64-1.txz:  Upgraded.
x/fcitx5-gtk-5.1.0-x86_64-1.txz:  Upgraded.
x/fcitx5-hangul-5.1.0-x86_64-1.txz:  Upgraded.
x/fcitx5-kkc-5.1.0-x86_64-1.txz:  Upgraded.
x/fcitx5-m17n-5.1.0-x86_64-1.txz:  Upgraded.
x/fcitx5-qt-5.1.1-x86_64-1.txz:  Upgraded.
x/fcitx5-sayura-5.1.0-x86_64-1.txz:  Upgraded.
x/fcitx5-table-extra-5.1.0-x86_64-1.txz:  Upgraded.
x/fcitx5-table-other-5.1.0-x86_64-1.txz:  Upgraded.
x/fcitx5-unikey-5.1.1-x86_64-1.txz:  Upgraded.
x/libX11-1.8.7-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  libX11: out-of-bounds memory access in _XkbReadKeySyms().
  libX11: stack exhaustion from infinite recursion in PutSubImage().
  libX11: integer overflow in XCreateImage() leading to a heap overflow.
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2023-October/003424.html
    https://www.cve.org/CVERecord?id=CVE-2023-43785
    https://www.cve.org/CVERecord?id=CVE-2023-43786
    https://www.cve.org/CVERecord?id=CVE-2023-43787
  (* Security fix *)
x/libXpm-3.5.17-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  libXpm: out of bounds read in XpmCreateXpmImageFromBuffer().
  libXpm: out of bounds read on XPM with corrupted colormap.
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2023-October/003424.html
    https://www.cve.org/CVERecord?id=CVE-2023-43788
    https://www.cve.org/CVERecord?id=CVE-2023-43789
  (* Security fix *)
testing/packages/aaa_glibc-solibs-2.38-x86_64-2.txz:  Rebuilt.
testing/packages/glibc-2.38-x86_64-2.txz:  Rebuilt.
  Patched to fix the "Looney Tunables" vulnerability, a local privilege
  escalation in ld.so. This vulnerability was introduced in April 2021
  (glibc 2.34) by commit 2ed18c.
  Thanks to Qualys Research Labs for reporting this issue.
  For more information, see:
    https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
    https://www.cve.org/CVERecord?id=CVE-2023-4911
  (* Security fix *)
testing/packages/glibc-i18n-2.38-x86_64-2.txz:  Rebuilt.
testing/packages/glibc-profile-2.38-x86_64-2.txz:  Rebuilt.

3 files changed, 173 insertions, 29 deletions

diff --git a/source/d/llvm/llvm.url b/source/d/llvm/llvm.url
index d91aa60a6..5afb5e973 100644
--- a/source/d/llvm/llvm.url
+++ b/source/d/llvm/llvm.url
@@ -1,29 +1,29 @@
-https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.1/llvm-17.0.1.src.tar.xz
-https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.1/clang-17.0.1.src.tar.xz
-https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.1/clang-tools-extra-17.0.1.src.tar.xz
-https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.1/compiler-rt-17.0.1.src.tar.xz
-https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.1/flang-17.0.1.src.tar.xz
-https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.1/lldb-17.0.1.src.tar.xz
-https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.1/openmp-17.0.1.src.tar.xz
-https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.1/polly-17.0.1.src.tar.xz
-https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.1/libcxx-17.0.1.src.tar.xz
-https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.1/libcxxabi-17.0.1.src.tar.xz
-https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.1/lld-17.0.1.src.tar.xz
-https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.1/libunwind-17.0.1.src.tar.xz
-https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.1/cmake-17.0.1.src.tar.xz
-https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.1/third-party-17.0.1.src.tar.xz
+https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.2/llvm-17.0.2.src.tar.xz
+https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.2/clang-17.0.2.src.tar.xz
+https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.2/clang-tools-extra-17.0.2.src.tar.xz
+https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.2/compiler-rt-17.0.2.src.tar.xz
+https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.2/flang-17.0.2.src.tar.xz
+https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.2/lldb-17.0.2.src.tar.xz
+https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.2/openmp-17.0.2.src.tar.xz
+https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.2/polly-17.0.2.src.tar.xz
+https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.2/libcxx-17.0.2.src.tar.xz
+https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.2/libcxxabi-17.0.2.src.tar.xz
+https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.2/lld-17.0.2.src.tar.xz
+https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.2/libunwind-17.0.2.src.tar.xz
+https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.2/cmake-17.0.2.src.tar.xz
+https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.2/third-party-17.0.2.src.tar.xz
 
-#http://llvm.org/releases/17.0.1/llvm-17.0.1.src.tar.xz
-#http://llvm.org/releases/17.0.1/clang-17.0.1.src.tar.xz
-#http://llvm.org/releases/17.0.1/clang-tools-extra-17.0.1.src.tar.xz
-#http://llvm.org/releases/17.0.1/compiler-rt-17.0.1.src.tar.xz
-#http://llvm.org/releases/17.0.1/flang-17.0.1.src.tar.xz
-#http://llvm.org/releases/17.0.1/lldb-17.0.1.src.tar.xz
-#http://llvm.org/releases/17.0.1/openmp-17.0.1.src.tar.xz
-#http://llvm.org/releases/17.0.1/polly-17.0.1.src.tar.xz
-#http://llvm.org/releases/17.0.1/libcxx-17.0.1.src.tar.xz
-#http://llvm.org/releases/17.0.1/libcxxabi-17.0.1.src.tar.xz
-#http://llvm.org/releases/17.0.1/lld-17.0.1.src.tar.xz
-#http://llvm.org/releases/17.0.1/libunwind-17.0.1.src.tar.xz
-#http://llvm.org/releases/17.0.1/cmake-17.0.1.src.tar.xz
-#http://llvm.org/releases/17.0.1/third-party-17.0.1.src.tar.xz
+#http://llvm.org/releases/17.0.2/llvm-17.0.2.src.tar.xz
+#http://llvm.org/releases/17.0.2/clang-17.0.2.src.tar.xz
+#http://llvm.org/releases/17.0.2/clang-tools-extra-17.0.2.src.tar.xz
+#http://llvm.org/releases/17.0.2/compiler-rt-17.0.2.src.tar.xz
+#http://llvm.org/releases/17.0.2/flang-17.0.2.src.tar.xz
+#http://llvm.org/releases/17.0.2/lldb-17.0.2.src.tar.xz
+#http://llvm.org/releases/17.0.2/openmp-17.0.2.src.tar.xz
+#http://llvm.org/releases/17.0.2/polly-17.0.2.src.tar.xz
+#http://llvm.org/releases/17.0.2/libcxx-17.0.2.src.tar.xz
+#http://llvm.org/releases/17.0.2/libcxxabi-17.0.2.src.tar.xz
+#http://llvm.org/releases/17.0.2/lld-17.0.2.src.tar.xz
+#http://llvm.org/releases/17.0.2/libunwind-17.0.2.src.tar.xz
+#http://llvm.org/releases/17.0.2/cmake-17.0.2.src.tar.xz
+#http://llvm.org/releases/17.0.2/third-party-17.0.2.src.tar.xz
diff --git a/source/d/meson/9d1d4ae746ce39d1916dfe71fd6dcc5fce27e828.patch b/source/d/meson/9d1d4ae746ce39d1916dfe71fd6dcc5fce27e828.patch
new file mode 100644
index 000000000..34fa9d8d6
--- /dev/null
+++ b/source/d/meson/9d1d4ae746ce39d1916dfe71fd6dcc5fce27e828.patch
@@ -0,0 +1,142 @@
+From 9d1d4ae746ce39d1916dfe71fd6dcc5fce27e828 Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Tue, 3 Oct 2023 16:52:56 +0100
+Subject: [PATCH 7/7] Revert "rust: apply global, project, and environment C
+ args to bindgen"
+
+This reverts commit 36210f64f22dc10d324db76bb1a7988c9cd5b14e.
+
+This ended up not doing what was intended - see https://github.com/mesonbuild/meson/issues/12065#issuecomment-1742263677.
+
+Bug: https://bugs.gentoo.org/914989
+Bug: https://bugs.gentoo.org/915014
+Signed-off-by: Sam James <sam@gentoo.org>
+---
+ mesonbuild/modules/rust.py                     |  6 ------
+ test cases/rust/12 bindgen/meson.build         | 18 ------------------
+ .../rust/12 bindgen/src/global-project.h       | 10 ----------
+ test cases/rust/12 bindgen/src/global.c        |  5 -----
+ test cases/rust/12 bindgen/src/global.rs       | 14 --------------
+ test cases/rust/12 bindgen/test.json           |  5 +----
+ 6 files changed, 1 insertion(+), 57 deletions(-)
+ delete mode 100644 test cases/rust/12 bindgen/src/global-project.h
+ delete mode 100644 test cases/rust/12 bindgen/src/global.c
+ delete mode 100644 test cases/rust/12 bindgen/src/global.rs
+
+diff --git a/mesonbuild/modules/rust.py b/mesonbuild/modules/rust.py
+index e6e5c633f..3514412e6 100644
+--- a/mesonbuild/modules/rust.py
++++ b/mesonbuild/modules/rust.py
+@@ -232,12 +232,6 @@ class RustModule(ExtensionModule):
+                 elif isinstance(s, CustomTarget):
+                     depends.append(s)
+ 
+-        clang_args.extend(state.global_args.get('c', []))
+-        clang_args.extend(state.project_args.get('c', []))
+-        cargs = state.get_option('args', state.subproject, lang='c')
+-        assert isinstance(cargs, list), 'for mypy'
+-        clang_args.extend(cargs)
+-
+         if self._bindgen_bin is None:
+             self._bindgen_bin = state.find_program('bindgen')
+ 
+diff --git a/test cases/rust/12 bindgen/meson.build b/test cases/rust/12 bindgen/meson.build
+index e7cb5f3db..c05cc0631 100644
+--- a/test cases/rust/12 bindgen/meson.build	
++++ b/test cases/rust/12 bindgen/meson.build	
+@@ -8,9 +8,6 @@ if not prog_bindgen.found()
+   error('MESON_SKIP_TEST bindgen not found')
+ endif
+ 
+-add_project_arguments('-DPROJECT_ARG', language : 'c')
+-add_global_arguments('-DGLOBAL_ARG', language : 'c')
+-
+ # This seems to happen on windows when libclang.dll is not in path or is not
+ # valid. We must try to process a header file for this to work.
+ #
+@@ -84,18 +81,3 @@ test('generated header', rust_bin2)
+ 
+ subdir('sub')
+ subdir('dependencies')
+-
+-gp = rust.bindgen(
+-  input : 'src/global-project.h',
+-  output : 'global-project.rs',
+-)
+-
+-gp_lib = static_library('gp_lib', 'src/global.c')
+-
+-gp_exe = executable(
+-  'gp_exe',
+-  structured_sources(['src/global.rs', gp]),
+-  link_with : gp_lib,
+-)
+-
+-test('global and project arguments', gp_exe)
+diff --git a/test cases/rust/12 bindgen/src/global-project.h b/test cases/rust/12 bindgen/src/global-project.h
+deleted file mode 100644
+index 6084e8ed6..000000000
+--- a/test cases/rust/12 bindgen/src/global-project.h	
++++ /dev/null
+@@ -1,10 +0,0 @@
+-#ifndef GLOBAL_ARG
+-char * success(void);
+-#endif
+-#ifndef PROJECT_ARG
+-char * success(void);
+-#endif
+-#ifndef CMD_ARG
+-char * success(void);
+-#endif
+-int success(void);
+diff --git a/test cases/rust/12 bindgen/src/global.c b/test cases/rust/12 bindgen/src/global.c
+deleted file mode 100644
+index 10f6676f7..000000000
+--- a/test cases/rust/12 bindgen/src/global.c	
++++ /dev/null
+@@ -1,5 +0,0 @@
+-#include "src/global-project.h"
+-
+-int success(void) {
+-    return 0;
+-}
+diff --git a/test cases/rust/12 bindgen/src/global.rs b/test cases/rust/12 bindgen/src/global.rs
+deleted file mode 100644
+index 4b70b1ecc..000000000
+--- a/test cases/rust/12 bindgen/src/global.rs	
++++ /dev/null
+@@ -1,14 +0,0 @@
+-// SPDX-license-identifer: Apache-2.0
+-// Copyright © 2023 Intel Corporation
+-
+-#![allow(non_upper_case_globals)]
+-#![allow(non_camel_case_types)]
+-#![allow(non_snake_case)]
+-
+-include!("global-project.rs");
+-
+-fn main() {
+-    unsafe {
+-        std::process::exit(success());
+-    };
+-}
+diff --git a/test cases/rust/12 bindgen/test.json b/test cases/rust/12 bindgen/test.json
+index b3a758562..f94ee85f9 100644
+--- a/test cases/rust/12 bindgen/test.json	
++++ b/test cases/rust/12 bindgen/test.json	
+@@ -1,10 +1,7 @@
+ {
+-  "env": {
+-    "CFLAGS": "-DCMD_ARG"
+-  },
+   "stdout": [
+     {
+-      "line": "test cases/rust/12 bindgen/meson.build:30: WARNING: Project targets '>= 0.63' but uses feature introduced in '1.0.0': \"rust.bindgen\" keyword argument \"include_directories\" of type array[str]."
++      "line": "test cases/rust/12 bindgen/meson.build:27: WARNING: Project targets '>= 0.63' but uses feature introduced in '1.0.0': \"rust.bindgen\" keyword argument \"include_directories\" of type array[str]."
+     }
+   ]
+ }
+-- 
+2.42.0
+
+
diff --git a/source/d/meson/meson.SlackBuild b/source/d/meson/meson.SlackBuild
index 6e0faba19..25d08985a 100755
--- a/source/d/meson/meson.SlackBuild
+++ b/source/d/meson/meson.SlackBuild
@@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=meson
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
@@ -60,6 +60,8 @@ find -L . \
  \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
   -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \+
 
+cat $CWD/9d1d4ae746ce39d1916dfe71fd6dcc5fce27e828.patch | patch -p1 --verbose || exit 1
+
 python3 setup.py install --root=$PKG || exit 1
 
 mv $PKG/usr/share/man $PKG/usr/