summaryrefslogtreecommitdiffstats
path: root/source/l/apr
diff options
context:
space:
mode:
author Patrick J Volkerding <volkerdi@slackware.com>2023-02-01 22:27:31 +0000
committer Eric Hameleers <alien@slackware.com>2023-02-02 00:40:26 +0100
commita130ab0fdf8914fd1036e10345f118c3838a0472 (patch)
tree98f8804aba77b4f3f1255f638c513104327eab44 /source/l/apr
parent45d1307faeb72d3fefce6446c314c4b0d0d3a98a (diff)
downloadcurrent-a130ab0fdf8914fd1036e10345f118c3838a0472.tar.gz
current-a130ab0fdf8914fd1036e10345f118c3838a0472.tar.xz
Wed Feb 1 22:27:31 UTC 202320230201222731
a/kernel-firmware-20230125_5c11a37-noarch-1.txz: Upgraded. a/kernel-generic-6.1.9-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.9-x86_64-1.txz: Upgraded. a/kernel-modules-6.1.9-x86_64-1.txz: Upgraded. d/kernel-headers-6.1.9-x86-1.txz: Upgraded. k/kernel-source-6.1.9-noarch-1.txz: Upgraded. l/apr-1.7.2-x86_64-1.txz: Upgraded. This update fixes security issues: Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime (APR) allows an attacker to write beyond bounds of a buffer. (CVE-2022-24963) Restore fix for out-of-bounds array dereference in apr_time_exp*() functions. (This issue was addressed as CVE-2017-12613 in APR 1.6.3 and later 1.6.x releases, but was missing in 1.7.0.) (CVE-2021-35940) For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-24963 https://www.cve.org/CVERecord?id=CVE-2021-35940 https://www.cve.org/CVERecord?id=CVE-2017-12613 (* Security fix *) l/apr-util-1.6.3-x86_64-1.txz: Upgraded. This update fixes a security issue: Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. (CVE-2022-25147) For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-25147 (* Security fix *) l/libhandy-1.8.1-x86_64-1.txz: Upgraded. l/libjpeg-turbo-2.1.5-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-102.7.1-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/102.7.1/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-04/ https://www.cve.org/CVERecord?id=CVE-2023-0430 (* Security fix *) isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to '')
-rw-r--r--source/l/apr-util/apr-util-mariadb-upstream.patch128
-rwxr-xr-xsource/l/apr-util/apr-util.SlackBuild8
-rw-r--r--source/l/apr-util/apr-util.url4
-rwxr-xr-xsource/l/apr/apr.SlackBuild3
-rw-r--r--source/l/apr/apr.url4
5 files changed, 7 insertions, 140 deletions
diff --git a/source/l/apr-util/apr-util-mariadb-upstream.patch b/source/l/apr-util/apr-util-mariadb-upstream.patch
deleted file mode 100644
index dd1c5a3aa..000000000
--- a/source/l/apr-util/apr-util-mariadb-upstream.patch
+++ /dev/null
@@ -1,128 +0,0 @@
-Upstream patch for building with mariadb:
-Taken from https://bz.apache.org/bugzilla/show_bug.cgi?id=61517
-BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1494093
-
---- a/build/dbd.m4 2017-05-03 19:18:52.000000000 -0400
-+++ a/build/dbd.m4 2017-09-13 16:58:07.369546391 -0400
-@@ -163,10 +163,15 @@
- old_cppflags="$CPPFLAGS"
- old_ldflags="$LDFLAGS"
-
-+ my_library="mysqlclient"
-+
- AC_ARG_WITH([mysql], APR_HELP_STRING([--with-mysql=DIR], [enable MySQL DBD driver]),
- [
- if test "$withval" = "yes"; then
- AC_PATH_PROG([MYSQL_CONFIG],[mysql_config])
-+ if test "x$MYSQL_CONFIG" = "x"; then
-+ AC_PATH_PROG([MYSQL_CONFIG],[mariadb_config])
-+ fi
- if test "x$MYSQL_CONFIG" != 'x'; then
- mysql_CPPFLAGS="`$MYSQL_CONFIG --include`"
- mysql_LDFLAGS="`$MYSQL_CONFIG --libs_r | sed -e 's/-l[[^ ]]\+//g'`"
-@@ -174,32 +179,40 @@
-
- APR_ADDTO(CPPFLAGS, [$mysql_CPPFLAGS])
- APR_ADDTO(LIBS, [$mysql_LIBS])
-+
-+ if $MYSQL_CONFIG --libs_r | grep -q mariadb; then
-+ my_library="mariadb"
-+ fi
- fi
-
-- AC_CHECK_HEADERS([mysql.h my_global.h my_sys.h],
-- AC_CHECK_LIB(mysqlclient, mysql_init, [apu_have_mysql=1]),
-- [apu_have_mysql=0; break],
-- [#include <my_global.h>])
-- if test "$apu_have_mysql" = "0"; then
-- AC_CHECK_HEADERS([mysql/mysql.h mysql/my_global.h mysql/my_sys.h],
-- AC_CHECK_LIB(mysqlclient, mysql_init, [apu_have_mysql=1]),
-- [apu_have_mysql=0; break],
-- [#include <mysql/my_global.h>])
-+ AC_CHECK_HEADERS([mysql.h errmsg.h], [apu_have_mysql=1], [apu_have_mysql=0; break])
-+ if test "$apr_have_mysql" = "0"; then
-+ AC_CHECK_HEADERS([mysql/mysql.h mysql/errmsg.h], [apu_have_mysql=1], [apu_have_mysql=0; break])
- fi
-- if test "$apu_have_mysql" != "0" && test "x$MYSQL_CONFIG" != 'x'; then
-- APR_ADDTO(APRUTIL_PRIV_INCLUDES, [$mysql_CPPFLAGS])
-+ if test "$apr_have_mysql" = "1"; then
-+ AC_CHECK_HEADERS([my_global.h my_sys.h mysql/my_global.h mysql/my_sys.h])
-+ AC_CHECK_LIB($my_library, mysql_init,, [apu_have_mysql=0])
-+ fi
-+ if test "$apu_have_mysql" = "1" && test "x$MYSQL_CONFIG" != 'x'; then
-+ APR_ADDTO(APRUTIL_PRIV_INCLUDES, [$mysql_CPPFLAGS])
- fi
- elif test "$withval" = "no"; then
- :
- else
- AC_PATH_PROG([MYSQL_CONFIG],[mysql_config],,[$withval/bin])
-+ if test "x$MYSQL_CONFIG" = "x"; then
-+ AC_PATH_PROG([MYSQL_CONFIG],[mariadb_config],,[$withval/bin])
-+ fi
- if test "x$MYSQL_CONFIG" != 'x'; then
-- mysql_CPPFLAGS="`$MYSQL_CONFIG --include`"
-- mysql_LDFLAGS="`$MYSQL_CONFIG --libs_r | sed -e 's/-l[[^ ]]\+//g'`"
-- mysql_LIBS="`$MYSQL_CONFIG --libs_r`"
-+ mysql_CPPFLAGS="`$MYSQL_CONFIG --include`"
-+ mysql_LDFLAGS="`$MYSQL_CONFIG --libs_r | sed -e 's/-l[[^ ]]\+//g'`"
-+ mysql_LIBS="`$MYSQL_CONFIG --libs_r`"
-+ if $MYSQL_CONFIG --libs_r | grep -q mariadb; then
-+ my_library="mariadb"
-+ fi
- else
-- mysql_CPPFLAGS="-I$withval/include"
-- mysql_LDFLAGS="-L$withval/lib "
-+ mysql_CPPFLAGS="-I$withval/include"
-+ mysql_LDFLAGS="-L$withval/lib "
- fi
-
- APR_ADDTO(CPPFLAGS, [$mysql_CPPFLAGS])
-@@ -207,18 +220,15 @@
- APR_ADDTO(LIBS, [$mysql_LIBS])
-
- AC_MSG_NOTICE(checking for mysql in $withval)
-- AC_CHECK_HEADERS([mysql.h my_global.h my_sys.h],
-- AC_CHECK_LIB(mysqlclient, mysql_init, [apu_have_mysql=1]),
-- [apu_have_mysql=0; break],
-- [#include <my_global.h>])
--
-- if test "$apu_have_mysql" != "1"; then
-- AC_CHECK_HEADERS([mysql/mysql.h mysql/my_global.h mysql/my_sys.h],
-- AC_CHECK_LIB(mysqlclient, mysql_init, [apu_have_mysql=1]),
-- [apu_have_mysql=0; break],
-- [#include <mysql/my_global.h>])
-+ AC_CHECK_HEADERS([mysql.h errmsg.h], [apu_have_mysql=1], [apu_have_mysql=0; break])
-+ if test "$apr_have_mysql" = "0"; then
-+ AC_CHECK_HEADERS([mysql/mysql.h mysql/errmsg.h], [apu_have_mysql=1], [apu_have_mysql=0; break])
-+ fi
-+ if test "$apr_have_mysql" = "1"; then
-+ AC_CHECK_HEADERS([my_global.h my_sys.h mysql/my_global.h mysql/my_sys.h])
-+ AC_CHECK_LIB($my_library, mysql_init,, [apu_have_mysql=0])
- fi
-- if test "$apu_have_mysql" != "0"; then
-+ if test "$apu_have_mysql" = "1"; then
- APR_ADDTO(APRUTIL_PRIV_INCLUDES, [$mysql_CPPFLAGS])
- fi
- fi
-@@ -229,7 +239,7 @@
- dnl Since we have already done the AC_CHECK_LIB tests, if we have it,
- dnl we know the library is there.
- if test "$apu_have_mysql" = "1"; then
-- APR_ADDTO(LDADD_dbd_mysql, [$mysql_LDFLAGS -lmysqlclient $mysql_LIBS])
-+ APR_ADDTO(LDADD_dbd_mysql, [$mysql_LDFLAGS -l$my_library $mysql_LIBS])
- fi
- AC_SUBST(LDADD_dbd_mysql)
-
---- a/dbd/apr_dbd_mysql.c 2017-05-03 19:18:52.000000000 -0400
-+++ a/dbd/apr_dbd_mysql.c 2017-09-13 19:15:20.894368809 -0400
-@@ -1262,7 +1262,9 @@
-
- static void dbd_mysql_init(apr_pool_t *pool)
- {
-+#if MYSQL_VERSION_ID < 100000
- my_init();
-+#endif
- mysql_thread_init();
-
- /* FIXME: this is a guess; find out what it really does */
-
diff --git a/source/l/apr-util/apr-util.SlackBuild b/source/l/apr-util/apr-util.SlackBuild
index b14d3ba75..f41d51986 100755
--- a/source/l/apr-util/apr-util.SlackBuild
+++ b/source/l/apr-util/apr-util.SlackBuild
@@ -1,6 +1,6 @@
#!/bin/bash
-# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2018 Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2018, 2023 Patrick J. Volkerding, Sebeka, Minnesota, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
@@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=apr-util
VERSION=${VERSION:-$(echo apr-util-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-11}
+BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
@@ -71,9 +71,6 @@ rm -rf apr-util-$VERSION
tar xvf $CWD/apr-util-$VERSION.tar.bz2 || exit 1
cd apr-util-$VERSION || exit 1
-# Fix issues using recent mariadb:
-zcat $CWD/apr-util-mariadb-upstream.patch.gz | patch -p1 --verbose || exit 1
-
chown -R root:root .
find . \
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
@@ -127,4 +124,3 @@ cat $CWD/slack-desc > $PKG/install/slack-desc
# Build the package:
cd $PKG
/sbin/makepkg -l y -c n $TMP/apr-util-$VERSION-$ARCH-$BUILD.txz
-
diff --git a/source/l/apr-util/apr-util.url b/source/l/apr-util/apr-util.url
index 6a5299df2..9f0e7e332 100644
--- a/source/l/apr-util/apr-util.url
+++ b/source/l/apr-util/apr-util.url
@@ -1,2 +1,2 @@
-http://www.apache.org/dist/apr/apr-util-1.6.1.tar.bz2
-http://www.apache.org/dist/apr/apr-util-1.6.1.tar.bz2.asc
+http://www.apache.org/dist/apr/apr-util-1.6.3.tar.bz2
+http://www.apache.org/dist/apr/apr-util-1.6.3.tar.bz2.asc
diff --git a/source/l/apr/apr.SlackBuild b/source/l/apr/apr.SlackBuild
index 22b645946..3a88f6850 100755
--- a/source/l/apr/apr.SlackBuild
+++ b/source/l/apr/apr.SlackBuild
@@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=apr
VERSION=${VERSION:-$(echo apr-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-3}
+BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
@@ -119,4 +119,3 @@ cat $CWD/slack-desc > $PKG/install/slack-desc
# Build the package:
cd $PKG
/sbin/makepkg -l y -c n $TMP/apr-$VERSION-$ARCH-$BUILD.txz
-
diff --git a/source/l/apr/apr.url b/source/l/apr/apr.url
index 6b19f30a1..064ec5fa6 100644
--- a/source/l/apr/apr.url
+++ b/source/l/apr/apr.url
@@ -1,2 +1,2 @@
-http://www.apache.org/dist/apr/apr-1.7.0.tar.bz2
-http://www.apache.org/dist/apr/apr-1.7.0.tar.bz2.asc
+http://www.apache.org/dist/apr/apr-1.7.2.tar.bz2
+http://www.apache.org/dist/apr/apr-1.7.2.tar.bz2.asc