diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2021-01-25 20:42:50 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2021-01-26 08:59:51 +0100 |
commit | 3e99129ce30e9474c935b340011d77bf3e72842b (patch) | |
tree | 7c5c0e6cdbac8e8897143693a777135ecc175cc0 /source/n/ppp | |
parent | 6197acd604d6d8e70b3523d1a5abfa101270ddf3 (diff) | |
download | current-3e99129ce30e9474c935b340011d77bf3e72842b.tar.gz current-3e99129ce30e9474c935b340011d77bf3e72842b.tar.xz |
Mon Jan 25 20:42:50 UTC 202120210125204250
a/openssl10-solibs-1.0.2u-x86_64-2.txz: Removed.
d/make-4.3-x86_64-2.txz: Rebuilt.
We'll upgrade to make-4.3 again (with a few patches from Fedora) since this
is now working with all the sources that we ship.
l/gst-plugins-base0-0.10.36-x86_64-4.txz: Removed.
l/gst-plugins-good0-0.10.31-x86_64-4.txz: Removed.
l/gstreamer0-0.10.36-x86_64-3.txz: Removed.
l/libcap-2.47-x86_64-1.txz: Upgraded.
l/libsamplerate-0.2.1-x86_64-1.txz: Upgraded.
l/libvisual-plugins-0.4.0-x86_64-6.txz: Rebuilt.
Drop actor_gstreamer.so (requires gstreamer0).
l/mozjs78-78.7.0esr-x86_64-1.txz: Upgraded.
l/talloc-2.3.2-x86_64-1.txz: Upgraded.
n/NetworkManager-1.28.0-x86_64-4.txz: Rebuilt.
Rebuilt for ppp-2.4.9.
n/openssl10-1.0.2u-x86_64-2.txz: Removed.
n/ppp-2.4.9-x86_64-1.txz: Upgraded.
n/rp-pppoe-3.14-x86_64-3.txz: Rebuilt.
Rebuilt for ppp-2.4.9.
x/ibus-libpinyin-1.12.0-x86_64-1.txz: Upgraded.
x/ibus-table-1.12.4-x86_64-1.txz: Upgraded.
x/libpinyin-2.6.0-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-78.7.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/78.7.0/releasenotes/
(* Security fix *)
xfce/xfce4-whiskermenu-plugin-2.5.3-x86_64-1.txz: Upgraded.
Diffstat (limited to 'source/n/ppp')
-rw-r--r-- | source/n/ppp/ppp.CVE-2020-8597.patch | 37 | ||||
-rwxr-xr-x | source/n/ppp/ppp.SlackBuild | 17 | ||||
-rw-r--r-- | source/n/ppp/ppp.slack.diff | 85 |
3 files changed, 44 insertions, 95 deletions
diff --git a/source/n/ppp/ppp.CVE-2020-8597.patch b/source/n/ppp/ppp.CVE-2020-8597.patch deleted file mode 100644 index 5d7c51bca..000000000 --- a/source/n/ppp/ppp.CVE-2020-8597.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 8d7970b8f3db727fe798b65f3377fe6787575426 Mon Sep 17 00:00:00 2001 -From: Paul Mackerras <paulus@ozlabs.org> -Date: Mon, 3 Feb 2020 15:53:28 +1100 -Subject: [PATCH] pppd: Fix bounds check in EAP code - -Given that we have just checked vallen < len, it can never be the case -that vallen >= len + sizeof(rhostname). This fixes the check so we -actually avoid overflowing the rhostname array. - -Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> -Signed-off-by: Paul Mackerras <paulus@ozlabs.org> ---- - pppd/eap.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/pppd/eap.c b/pppd/eap.c -index 94407f56..1b93db01 100644 ---- a/pppd/eap.c -+++ b/pppd/eap.c -@@ -1420,7 +1420,7 @@ int len; - } - - /* Not so likely to happen. */ -- if (vallen >= len + sizeof (rhostname)) { -+ if (len - vallen >= sizeof (rhostname)) { - dbglog("EAP: trimming really long peer name down"); - BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1); - rhostname[sizeof (rhostname) - 1] = '\0'; -@@ -1846,7 +1846,7 @@ int len; - } - - /* Not so likely to happen. */ -- if (vallen >= len + sizeof (rhostname)) { -+ if (len - vallen >= sizeof (rhostname)) { - dbglog("EAP: trimming really long peer name down"); - BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1); - rhostname[sizeof (rhostname) - 1] = '\0'; diff --git a/source/n/ppp/ppp.SlackBuild b/source/n/ppp/ppp.SlackBuild index d7f3722cb..c1de9c39a 100755 --- a/source/n/ppp/ppp.SlackBuild +++ b/source/n/ppp/ppp.SlackBuild @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2008, 2009, 2010, 2013, 2015, 2018, 2020 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2013, 2015, 2018, 2020, 2021 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -23,10 +23,10 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=ppp -VERSION=2.4.8 +VERSION=2.4.9 RADVER=1.1.7 PPPVER=1.98 -BUILD=${BUILD:-4} +BUILD=${BUILD:-1} NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} @@ -65,8 +65,8 @@ echo "| ppp-$VERSION |" echo "+============+" cd $TMP rm -rf ppp-$VERSION ppp-ppp-$VERSION -tar xvf $CWD/ppp-$VERSION.tar.xz || exit 1 -cd ppp-ppp-$VERSION || ppp-$VERSION || exit 1 +tar xvf $CWD/ppp-$VERSION.tar.?z || exit 1 +cd ppp-$VERSION || cd ppp-ppp-$VERSION || exit 1 chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ @@ -81,7 +81,6 @@ sed -i -e "s#lib/pppd#lib${LIBDIRSUFFIX}/pppd#g" $(grep -lr 'lib/pppd' *) rm -f include/linux/if_pppol2tp.h zcat $CWD/ppp.CVE-2015-3310.diff.gz | patch -p1 --verbose || exit 1 -zcat $CWD/ppp.CVE-2020-8597.patch.gz | patch -p1 --verbose || exit 1 # Choose correct options depending on whether PAM is installed: if [ -L /lib${LIBDIRSUFFIX}/libpam.so.? ]; then @@ -134,7 +133,7 @@ echo "| freeradius-client-$RADVER |" echo "+====================+" cd $TMP rm -rf freeradius-client-$RADVER -tar xf $CWD/freeradius-client-$RADVER.tar.xz || exit 1 +tar xf $CWD/freeradius-client-$RADVER.tar.?z || exit 1 cd freeradius-client-$RADVER || exit 1 chown -R root:root . ./configure \ @@ -158,13 +157,15 @@ cp -a \ BUGS CHANGES COPYRIGHT README README.radexample doc/instop.html \ $PKG/usr/doc/freeradius-client-$RADVER chmod 644 $PKG/usr/doc/freeradius-client-$RADVER/* +# Don't ship the static library: +rm -f $PKG/usr/lib${LIBDIRSUFFIX}/libfreeradius-client.a echo "+===============+" echo "| pppsetup-$PPPVER |" echo "+===============+" cd $TMP rm -rf pppsetup-$PPPVER -tar xvf $CWD/pppsetup-$PPPVER.tar.xz || exit 1 +tar xvf $CWD/pppsetup-$PPPVER.tar.?z || exit 1 cd pppsetup-$PPPVER || exit 1 chown -R root:root . zcat $CWD/pppsetup-1.98.slack.diff.gz | patch -p1 --backup || exit diff --git a/source/n/ppp/ppp.slack.diff b/source/n/ppp/ppp.slack.diff index 6332324a7..585247d7c 100644 --- a/source/n/ppp/ppp.slack.diff +++ b/source/n/ppp/ppp.slack.diff @@ -1,7 +1,6 @@ -diff -Nur ppp-2.4.7.orig/chat/Makefile.linux ppp-2.4.7/chat/Makefile.linux ---- ppp-2.4.7.orig/chat/Makefile.linux 2014-08-09 07:31:39.000000000 -0500 -+++ ppp-2.4.7/chat/Makefile.linux 2014-08-09 17:10:27.423374415 -0500 -@@ -2,7 +2,7 @@ +--- ./chat/Makefile.linux.orig 2021-01-04 17:06:37.000000000 -0600 ++++ ./chat/Makefile.linux 2021-01-25 12:56:35.570645743 -0600 +@@ -4,7 +4,7 @@ DESTDIR = $(INSTROOT)@DESTDIR@ BINDIR = $(DESTDIR)/sbin @@ -10,22 +9,20 @@ diff -Nur ppp-2.4.7.orig/chat/Makefile.linux ppp-2.4.7/chat/Makefile.linux CDEF1= -DTERMIOS # Use the termios structure CDEF2= -DSIGTYPE=void # Standard definition -diff -Nur ppp-2.4.7.orig/linux/Makefile.top ppp-2.4.7/linux/Makefile.top ---- ppp-2.4.7.orig/linux/Makefile.top 2014-08-09 07:31:39.000000000 -0500 -+++ ppp-2.4.7/linux/Makefile.top 2014-08-09 17:11:14.156384165 -0500 -@@ -3,7 +3,7 @@ +--- ./pppdump/Makefile.linux.orig 2021-01-04 17:06:37.000000000 -0600 ++++ ./pppdump/Makefile.linux 2021-01-25 12:56:35.570645743 -0600 +@@ -4,7 +4,7 @@ + DESTDIR = $(INSTROOT)@DESTDIR@ BINDIR = $(DESTDIR)/sbin - INCDIR = $(DESTDIR)/include --MANDIR = $(DESTDIR)/share/man -+MANDIR = $(DESTDIR)/man - ETCDIR = $(INSTROOT)@SYSCONF@/ppp +-MANDIR = $(DESTDIR)/share/man/man8 ++MANDIR = $(DESTDIR)/man/man8 - # uid 0 = root -diff -Nur ppp-2.4.7.orig/pppd/Makefile.linux ppp-2.4.7/pppd/Makefile.linux ---- ppp-2.4.7.orig/pppd/Makefile.linux 2014-08-09 07:31:39.000000000 -0500 -+++ ppp-2.4.7/pppd/Makefile.linux 2014-08-09 17:07:27.458308345 -0500 -@@ -6,7 +6,7 @@ + CFLAGS = $(COPTS) -I../include/net + OBJS = pppdump.o bsd-comp.o deflate.o zlib.o +--- ./pppd/Makefile.linux.orig 2021-01-04 17:06:37.000000000 -0600 ++++ ./pppd/Makefile.linux 2021-01-25 12:56:35.570645743 -0600 +@@ -10,7 +10,7 @@ # Default installation locations DESTDIR = $(INSTROOT)@DESTDIR@ BINDIR = $(DESTDIR)/sbin @@ -34,16 +31,7 @@ diff -Nur ppp-2.4.7.orig/pppd/Makefile.linux ppp-2.4.7/pppd/Makefile.linux INCDIR = $(DESTDIR)/include TARGETS = pppd -@@ -32,7 +32,7 @@ - - # CC = gcc - # --COPTS = -O2 -pipe -Wall -g -+COPTS = -O2 -pipe -Wall - LIBS = - - # Uncomment the next 2 lines to include support for Microsoft's -@@ -68,7 +68,7 @@ +@@ -74,7 +74,7 @@ PLUGIN=y # Enable Microsoft proprietary Callback Control Protocol @@ -52,10 +40,9 @@ diff -Nur ppp-2.4.7.orig/pppd/Makefile.linux ppp-2.4.7/pppd/Makefile.linux # Enable EAP SRP-SHA1 authentication (requires libsrp) #USE_SRP=y -diff -Nur ppp-2.4.7.orig/pppd/plugins/Makefile.linux ppp-2.4.7/pppd/plugins/Makefile.linux ---- ppp-2.4.7.orig/pppd/plugins/Makefile.linux 2014-08-09 07:31:39.000000000 -0500 -+++ ppp-2.4.7/pppd/plugins/Makefile.linux 2014-08-09 17:11:10.734383553 -0500 -@@ -6,7 +6,7 @@ +--- ./pppd/plugins/Makefile.linux.orig 2021-01-04 17:06:37.000000000 -0600 ++++ ./pppd/plugins/Makefile.linux 2021-01-25 12:56:35.570645743 -0600 +@@ -4,7 +4,7 @@ DESTDIR = $(INSTROOT)@DESTDIR@ BINDIR = $(DESTDIR)/sbin @@ -63,12 +50,11 @@ diff -Nur ppp-2.4.7.orig/pppd/plugins/Makefile.linux ppp-2.4.7/pppd/plugins/Make +MANDIR = $(DESTDIR)/man/man8 LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION) - SUBDIRS := rp-pppoe pppoatm pppol2tp -diff -Nur ppp-2.4.7.orig/pppd/plugins/radius/Makefile.linux ppp-2.4.7/pppd/plugins/radius/Makefile.linux ---- ppp-2.4.7.orig/pppd/plugins/radius/Makefile.linux 2014-08-09 07:31:39.000000000 -0500 -+++ ppp-2.4.7/pppd/plugins/radius/Makefile.linux 2014-08-09 17:11:08.470383139 -0500 -@@ -4,7 +4,7 @@ - # + CFLAGS = $(COPTS) -I.. -I../../include -fPIC +--- ./pppd/plugins/radius/Makefile.linux.orig 2021-01-04 17:06:37.000000000 -0600 ++++ ./pppd/plugins/radius/Makefile.linux 2021-01-25 12:56:35.570645743 -0600 +@@ -8,7 +8,7 @@ + COPTS=@CFLAGS@ DESTDIR = $(INSTROOT)@DESTDIR@ -MANDIR = $(DESTDIR)/share/man/man8 @@ -76,22 +62,21 @@ diff -Nur ppp-2.4.7.orig/pppd/plugins/radius/Makefile.linux ppp-2.4.7/pppd/plugi LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION) VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h) -diff -Nur ppp-2.4.7.orig/pppdump/Makefile.linux ppp-2.4.7/pppdump/Makefile.linux ---- ppp-2.4.7.orig/pppdump/Makefile.linux 2014-08-09 07:31:39.000000000 -0500 -+++ ppp-2.4.7/pppdump/Makefile.linux 2014-08-09 17:10:35.672376354 -0500 -@@ -1,6 +1,6 @@ +--- ./linux/Makefile.top.orig 2021-01-04 17:06:37.000000000 -0600 ++++ ./linux/Makefile.top 2021-01-25 12:56:35.570645743 -0600 +@@ -3,7 +3,7 @@ DESTDIR = $(INSTROOT)@DESTDIR@ BINDIR = $(DESTDIR)/sbin --MANDIR = $(DESTDIR)/share/man/man8 -+MANDIR = $(DESTDIR)/man/man8 + INCDIR = $(DESTDIR)/include +-MANDIR = $(DESTDIR)/share/man ++MANDIR = $(DESTDIR)/man + ETCDIR = $(INSTROOT)@SYSCONF@/ppp + + # uid 0 = root +--- ./pppstats/Makefile.linux.orig 2021-01-04 17:06:37.000000000 -0600 ++++ ./pppstats/Makefile.linux 2021-01-25 12:56:35.570645743 -0600 +@@ -7,7 +7,7 @@ - CFLAGS= -O -I../include/net - OBJS = pppdump.o bsd-comp.o deflate.o zlib.o -diff -Nur ppp-2.4.7.orig/pppstats/Makefile.linux ppp-2.4.7/pppstats/Makefile.linux ---- ppp-2.4.7.orig/pppstats/Makefile.linux 2014-08-09 07:31:39.000000000 -0500 -+++ ppp-2.4.7/pppstats/Makefile.linux 2014-08-09 17:10:42.293377843 -0500 -@@ -4,7 +4,7 @@ - # DESTDIR = $(INSTROOT)@DESTDIR@ BINDIR = $(DESTDIR)/sbin -MANDIR = $(DESTDIR)/share/man/man8 |