diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2023-02-03 20:04:33 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2023-02-03 21:35:10 +0100 |
| commit | 201ae578a4cd9577f795e2d25dd65ec8533c51d3 (patch) | |
| tree | 31b568866deffda8bd039d397044c8ccd6324f2a /source/l | |
| parent | 9de77f5e56e5de8a14904474ed645f2bdd6ed5bf (diff) | |
| download | current-201ae578a4cd9577f795e2d25dd65ec8533c51d3.tar.gz current-201ae578a4cd9577f795e2d25dd65ec8533c51d3.tar.xz | |
Fri Feb 3 20:04:33 UTC 202320230203200433
a/aaa_glibc-solibs-2.37-x86_64-2.txz: Rebuilt.
a/e2fsprogs-1.46.6-x86_64-1.txz: Upgraded.
a/hwdata-0.367-noarch-1.txz: Upgraded.
l/glibc-2.37-x86_64-2.txz: Rebuilt.
[PATCH] Account for grouping in printf width (bug 23432).
This issue could cause a overflow with sprintf in the corner case where an
application computes the size of buffer to be exactly enough to fit the
digits in question, but sprintf ends up writing a couple of extra bytes.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-25139
(* Security fix *)
l/glibc-i18n-2.37-x86_64-2.txz: Rebuilt.
l/glibc-profile-2.37-x86_64-2.txz: Rebuilt.
l/libcap-2.67-x86_64-1.txz: Upgraded.
l/poppler-data-0.4.12-noarch-1.txz: Upgraded.
extra/php81/php81-8.1.15-x86_64-1.txz: Upgraded.
testing/packages/samba-4.17.5-x86_64-2.txz: Rebuilt.
Build with the bundled Heimdal instead of the system MIT Kerberos, since MIT
Kerberos has more issues when Samba is used as an AD DC. I'd appreciate any
feedback on the "Samba on Slackware 15" thread on LQ about how well this
works. Although it's not the sort of change I'd normally make in a -stable
release such as Slackware 15.0, in this case I'm considering it if it can
be done painlessly for any existing users... but I'll need to see some
reports about this. I'd like to note that yes, of course we saw the
"experimental" label in the configure flag we used to build Samba, but we
also saw another prominent Linux distribution go ahead and use it anyway. :)
And the Samba package built against MIT Kerberos cooked in the previous
-current development cycle for a couple of years without any objections.
Anyway, hopefully we'll get some testing from folks out there with networks
that use AD and go from there.
Thanks to Rowland Penny of the Samba team for clarifying this situation.
Diffstat (limited to 'source/l')
| -rwxr-xr-x | source/l/glibc/glibc.SlackBuild | 2 | ||||
| -rw-r--r-- | source/l/glibc/patches/CVE-2023-25139.patch | 81 |
2 files changed, 82 insertions, 1 deletions
diff --git a/source/l/glibc/glibc.SlackBuild b/source/l/glibc/glibc.SlackBuild index 63eb00349..f8ed0d813 100755 --- a/source/l/glibc/glibc.SlackBuild +++ b/source/l/glibc/glibc.SlackBuild @@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=glibc VERSION=${VERSION:-$(echo glibc-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} CHECKOUT=${CHECKOUT:-""} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} # I was considering disabling NSCD, but MoZes talked me out of it. :) #DISABLE_NSCD=" --disable-nscd " diff --git a/source/l/glibc/patches/CVE-2023-25139.patch b/source/l/glibc/patches/CVE-2023-25139.patch new file mode 100644 index 000000000..3361e68fa --- /dev/null +++ b/source/l/glibc/patches/CVE-2023-25139.patch @@ -0,0 +1,81 @@ +This is a partial fix for mishandling of grouping when formatting +integers. It properly computes the width in presence of grouping +characteres when the precision is larger than the number of significant +digits. +--- + stdio-common/Makefile | 1 + + stdio-common/tst-grouping3.c | 37 +++++++++++++++++++++++++++++ + stdio-common/vfprintf-process-arg.c | 2 +- + 3 files changed, 39 insertions(+), 1 deletion(-) + create mode 100644 stdio-common/tst-grouping3.c + +diff --git a/stdio-common/Makefile b/stdio-common/Makefile +index 6e9d104524..b46d932a20 100644 +--- a/stdio-common/Makefile ++++ b/stdio-common/Makefile +@@ -195,6 +195,7 @@ tests := \ + tst-gets \ + tst-grouping \ + tst-grouping2 \ ++ tst-grouping3 \ + tst-long-dbl-fphex \ + tst-memstream-string \ + tst-obprintf \ +diff --git a/stdio-common/tst-grouping3.c b/stdio-common/tst-grouping3.c +new file mode 100644 +index 0000000000..0031ad4010 +--- /dev/null ++++ b/stdio-common/tst-grouping3.c +@@ -0,0 +1,37 @@ ++/* Test printf with grouping and padding (bug 23432) ++ Copyright (C) 2023 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ <https://www.gnu.org/licenses/>. */ ++ ++#include <locale.h> ++#include <stdio.h> ++#include <support/check.h> ++#include <support/support.h> ++ ++static int ++do_test (void) ++{ ++ char buf[80]; ++ ++ xsetlocale (LC_NUMERIC, "de_DE.UTF-8"); ++ ++ sprintf (buf, "%+-'13.9d", 1234567); ++ TEST_COMPARE_STRING (buf, "+001.234.567 "); ++ ++ return 0; ++} ++ ++#include <support/test-driver.c> +diff --git a/stdio-common/vfprintf-process-arg.c b/stdio-common/vfprintf-process-arg.c +index 2c651946df..cd3eaf5c0c 100644 +--- a/stdio-common/vfprintf-process-arg.c ++++ b/stdio-common/vfprintf-process-arg.c +@@ -257,7 +257,7 @@ LABEL (unsigned_number): /* Unsigned number of base BASE. */ + width -= 2; + } + +- width -= workend - string + prec; ++ width -= number_length + prec; + + Xprintf_buffer_pad (buf, L_('0'), prec); + +-- +2.39.1 |