diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2023-02-01 22:27:31 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2023-02-02 00:40:26 +0100 |
commit | a130ab0fdf8914fd1036e10345f118c3838a0472 (patch) | |
tree | 98f8804aba77b4f3f1255f638c513104327eab44 /source/l/apr | |
parent | 45d1307faeb72d3fefce6446c314c4b0d0d3a98a (diff) | |
download | current-a130ab0fdf8914fd1036e10345f118c3838a0472.tar.gz current-a130ab0fdf8914fd1036e10345f118c3838a0472.tar.xz |
Wed Feb 1 22:27:31 UTC 202320230201222731
a/kernel-firmware-20230125_5c11a37-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.9-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.9-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.9-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.9-x86-1.txz: Upgraded.
k/kernel-source-6.1.9-noarch-1.txz: Upgraded.
l/apr-1.7.2-x86_64-1.txz: Upgraded.
This update fixes security issues:
Integer Overflow or Wraparound vulnerability in apr_encode functions of
Apache Portable Runtime (APR) allows an attacker to write beyond bounds
of a buffer. (CVE-2022-24963)
Restore fix for out-of-bounds array dereference in apr_time_exp*() functions.
(This issue was addressed as CVE-2017-12613 in APR 1.6.3 and
later 1.6.x releases, but was missing in 1.7.0.) (CVE-2021-35940)
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-24963
https://www.cve.org/CVERecord?id=CVE-2021-35940
https://www.cve.org/CVERecord?id=CVE-2017-12613
(* Security fix *)
l/apr-util-1.6.3-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Integer Overflow or Wraparound vulnerability in apr_base64 functions
of Apache Portable Runtime Utility (APR-util) allows an attacker to
write beyond bounds of a buffer. (CVE-2022-25147)
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-25147
(* Security fix *)
l/libhandy-1.8.1-x86_64-1.txz: Upgraded.
l/libjpeg-turbo-2.1.5-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-102.7.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.7.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-04/
https://www.cve.org/CVERecord?id=CVE-2023-0430
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to '')
-rw-r--r-- | source/l/apr-util/apr-util-mariadb-upstream.patch | 128 | ||||
-rwxr-xr-x | source/l/apr-util/apr-util.SlackBuild | 8 | ||||
-rw-r--r-- | source/l/apr-util/apr-util.url | 4 | ||||
-rwxr-xr-x | source/l/apr/apr.SlackBuild | 3 | ||||
-rw-r--r-- | source/l/apr/apr.url | 4 |
5 files changed, 7 insertions, 140 deletions
diff --git a/source/l/apr-util/apr-util-mariadb-upstream.patch b/source/l/apr-util/apr-util-mariadb-upstream.patch deleted file mode 100644 index dd1c5a3aa..000000000 --- a/source/l/apr-util/apr-util-mariadb-upstream.patch +++ /dev/null @@ -1,128 +0,0 @@ -Upstream patch for building with mariadb: -Taken from https://bz.apache.org/bugzilla/show_bug.cgi?id=61517 -BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1494093 - ---- a/build/dbd.m4 2017-05-03 19:18:52.000000000 -0400 -+++ a/build/dbd.m4 2017-09-13 16:58:07.369546391 -0400 -@@ -163,10 +163,15 @@ - old_cppflags="$CPPFLAGS" - old_ldflags="$LDFLAGS" - -+ my_library="mysqlclient" -+ - AC_ARG_WITH([mysql], APR_HELP_STRING([--with-mysql=DIR], [enable MySQL DBD driver]), - [ - if test "$withval" = "yes"; then - AC_PATH_PROG([MYSQL_CONFIG],[mysql_config]) -+ if test "x$MYSQL_CONFIG" = "x"; then -+ AC_PATH_PROG([MYSQL_CONFIG],[mariadb_config]) -+ fi - if test "x$MYSQL_CONFIG" != 'x'; then - mysql_CPPFLAGS="`$MYSQL_CONFIG --include`" - mysql_LDFLAGS="`$MYSQL_CONFIG --libs_r | sed -e 's/-l[[^ ]]\+//g'`" -@@ -174,32 +179,40 @@ - - APR_ADDTO(CPPFLAGS, [$mysql_CPPFLAGS]) - APR_ADDTO(LIBS, [$mysql_LIBS]) -+ -+ if $MYSQL_CONFIG --libs_r | grep -q mariadb; then -+ my_library="mariadb" -+ fi - fi - -- AC_CHECK_HEADERS([mysql.h my_global.h my_sys.h], -- AC_CHECK_LIB(mysqlclient, mysql_init, [apu_have_mysql=1]), -- [apu_have_mysql=0; break], -- [#include <my_global.h>]) -- if test "$apu_have_mysql" = "0"; then -- AC_CHECK_HEADERS([mysql/mysql.h mysql/my_global.h mysql/my_sys.h], -- AC_CHECK_LIB(mysqlclient, mysql_init, [apu_have_mysql=1]), -- [apu_have_mysql=0; break], -- [#include <mysql/my_global.h>]) -+ AC_CHECK_HEADERS([mysql.h errmsg.h], [apu_have_mysql=1], [apu_have_mysql=0; break]) -+ if test "$apr_have_mysql" = "0"; then -+ AC_CHECK_HEADERS([mysql/mysql.h mysql/errmsg.h], [apu_have_mysql=1], [apu_have_mysql=0; break]) - fi -- if test "$apu_have_mysql" != "0" && test "x$MYSQL_CONFIG" != 'x'; then -- APR_ADDTO(APRUTIL_PRIV_INCLUDES, [$mysql_CPPFLAGS]) -+ if test "$apr_have_mysql" = "1"; then -+ AC_CHECK_HEADERS([my_global.h my_sys.h mysql/my_global.h mysql/my_sys.h]) -+ AC_CHECK_LIB($my_library, mysql_init,, [apu_have_mysql=0]) -+ fi -+ if test "$apu_have_mysql" = "1" && test "x$MYSQL_CONFIG" != 'x'; then -+ APR_ADDTO(APRUTIL_PRIV_INCLUDES, [$mysql_CPPFLAGS]) - fi - elif test "$withval" = "no"; then - : - else - AC_PATH_PROG([MYSQL_CONFIG],[mysql_config],,[$withval/bin]) -+ if test "x$MYSQL_CONFIG" = "x"; then -+ AC_PATH_PROG([MYSQL_CONFIG],[mariadb_config],,[$withval/bin]) -+ fi - if test "x$MYSQL_CONFIG" != 'x'; then -- mysql_CPPFLAGS="`$MYSQL_CONFIG --include`" -- mysql_LDFLAGS="`$MYSQL_CONFIG --libs_r | sed -e 's/-l[[^ ]]\+//g'`" -- mysql_LIBS="`$MYSQL_CONFIG --libs_r`" -+ mysql_CPPFLAGS="`$MYSQL_CONFIG --include`" -+ mysql_LDFLAGS="`$MYSQL_CONFIG --libs_r | sed -e 's/-l[[^ ]]\+//g'`" -+ mysql_LIBS="`$MYSQL_CONFIG --libs_r`" -+ if $MYSQL_CONFIG --libs_r | grep -q mariadb; then -+ my_library="mariadb" -+ fi - else -- mysql_CPPFLAGS="-I$withval/include" -- mysql_LDFLAGS="-L$withval/lib " -+ mysql_CPPFLAGS="-I$withval/include" -+ mysql_LDFLAGS="-L$withval/lib " - fi - - APR_ADDTO(CPPFLAGS, [$mysql_CPPFLAGS]) -@@ -207,18 +220,15 @@ - APR_ADDTO(LIBS, [$mysql_LIBS]) - - AC_MSG_NOTICE(checking for mysql in $withval) -- AC_CHECK_HEADERS([mysql.h my_global.h my_sys.h], -- AC_CHECK_LIB(mysqlclient, mysql_init, [apu_have_mysql=1]), -- [apu_have_mysql=0; break], -- [#include <my_global.h>]) -- -- if test "$apu_have_mysql" != "1"; then -- AC_CHECK_HEADERS([mysql/mysql.h mysql/my_global.h mysql/my_sys.h], -- AC_CHECK_LIB(mysqlclient, mysql_init, [apu_have_mysql=1]), -- [apu_have_mysql=0; break], -- [#include <mysql/my_global.h>]) -+ AC_CHECK_HEADERS([mysql.h errmsg.h], [apu_have_mysql=1], [apu_have_mysql=0; break]) -+ if test "$apr_have_mysql" = "0"; then -+ AC_CHECK_HEADERS([mysql/mysql.h mysql/errmsg.h], [apu_have_mysql=1], [apu_have_mysql=0; break]) -+ fi -+ if test "$apr_have_mysql" = "1"; then -+ AC_CHECK_HEADERS([my_global.h my_sys.h mysql/my_global.h mysql/my_sys.h]) -+ AC_CHECK_LIB($my_library, mysql_init,, [apu_have_mysql=0]) - fi -- if test "$apu_have_mysql" != "0"; then -+ if test "$apu_have_mysql" = "1"; then - APR_ADDTO(APRUTIL_PRIV_INCLUDES, [$mysql_CPPFLAGS]) - fi - fi -@@ -229,7 +239,7 @@ - dnl Since we have already done the AC_CHECK_LIB tests, if we have it, - dnl we know the library is there. - if test "$apu_have_mysql" = "1"; then -- APR_ADDTO(LDADD_dbd_mysql, [$mysql_LDFLAGS -lmysqlclient $mysql_LIBS]) -+ APR_ADDTO(LDADD_dbd_mysql, [$mysql_LDFLAGS -l$my_library $mysql_LIBS]) - fi - AC_SUBST(LDADD_dbd_mysql) - ---- a/dbd/apr_dbd_mysql.c 2017-05-03 19:18:52.000000000 -0400 -+++ a/dbd/apr_dbd_mysql.c 2017-09-13 19:15:20.894368809 -0400 -@@ -1262,7 +1262,9 @@ - - static void dbd_mysql_init(apr_pool_t *pool) - { -+#if MYSQL_VERSION_ID < 100000 - my_init(); -+#endif - mysql_thread_init(); - - /* FIXME: this is a guess; find out what it really does */ - diff --git a/source/l/apr-util/apr-util.SlackBuild b/source/l/apr-util/apr-util.SlackBuild index b14d3ba75..f41d51986 100755 --- a/source/l/apr-util/apr-util.SlackBuild +++ b/source/l/apr-util/apr-util.SlackBuild @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2018 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2018, 2023 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=apr-util VERSION=${VERSION:-$(echo apr-util-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-11} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -71,9 +71,6 @@ rm -rf apr-util-$VERSION tar xvf $CWD/apr-util-$VERSION.tar.bz2 || exit 1 cd apr-util-$VERSION || exit 1 -# Fix issues using recent mariadb: -zcat $CWD/apr-util-mariadb-upstream.patch.gz | patch -p1 --verbose || exit 1 - chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ @@ -127,4 +124,3 @@ cat $CWD/slack-desc > $PKG/install/slack-desc # Build the package: cd $PKG /sbin/makepkg -l y -c n $TMP/apr-util-$VERSION-$ARCH-$BUILD.txz - diff --git a/source/l/apr-util/apr-util.url b/source/l/apr-util/apr-util.url index 6a5299df2..9f0e7e332 100644 --- a/source/l/apr-util/apr-util.url +++ b/source/l/apr-util/apr-util.url @@ -1,2 +1,2 @@ -http://www.apache.org/dist/apr/apr-util-1.6.1.tar.bz2 -http://www.apache.org/dist/apr/apr-util-1.6.1.tar.bz2.asc +http://www.apache.org/dist/apr/apr-util-1.6.3.tar.bz2 +http://www.apache.org/dist/apr/apr-util-1.6.3.tar.bz2.asc diff --git a/source/l/apr/apr.SlackBuild b/source/l/apr/apr.SlackBuild index 22b645946..3a88f6850 100755 --- a/source/l/apr/apr.SlackBuild +++ b/source/l/apr/apr.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=apr VERSION=${VERSION:-$(echo apr-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-3} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -119,4 +119,3 @@ cat $CWD/slack-desc > $PKG/install/slack-desc # Build the package: cd $PKG /sbin/makepkg -l y -c n $TMP/apr-$VERSION-$ARCH-$BUILD.txz - diff --git a/source/l/apr/apr.url b/source/l/apr/apr.url index 6b19f30a1..064ec5fa6 100644 --- a/source/l/apr/apr.url +++ b/source/l/apr/apr.url @@ -1,2 +1,2 @@ -http://www.apache.org/dist/apr/apr-1.7.0.tar.bz2 -http://www.apache.org/dist/apr/apr-1.7.0.tar.bz2.asc +http://www.apache.org/dist/apr/apr-1.7.2.tar.bz2 +http://www.apache.org/dist/apr/apr-1.7.2.tar.bz2.asc |