summaryrefslogtreecommitdiffstats
path: root/source/n
diff options
context:
space:
mode:
author Patrick J Volkerding <volkerdi@slackware.com>2023-10-19 19:14:05 +0000
committer Eric Hameleers <alien@slackware.com>2023-10-19 22:14:29 +0200
commit80666c2496ecb09578daeb4a295b1fc90cd68bbb (patch)
tree0ed144db54ca99993f31e751ce2822cbfb99f401 /source/n
parentb36863e0974e59996232294d71dcb0cc357930b5 (diff)
downloadcurrent-80666c2496ecb09578daeb4a295b1fc90cd68bbb.tar.gz
current-80666c2496ecb09578daeb4a295b1fc90cd68bbb.tar.xz
Thu Oct 19 19:14:05 UTC 202320231019191405
ap/texinfo-7.1-x86_64-1.txz: Upgraded. kde/attica-5.111.0-x86_64-1.txz: Upgraded. kde/baloo-5.111.0-x86_64-1.txz: Upgraded. kde/bluez-qt-5.111.0-x86_64-1.txz: Upgraded. kde/breeze-icons-5.111.0-noarch-1.txz: Upgraded. kde/extra-cmake-modules-5.111.0-x86_64-1.txz: Upgraded. kde/frameworkintegration-5.111.0-x86_64-1.txz: Upgraded. kde/kactivities-5.111.0-x86_64-1.txz: Upgraded. kde/kactivities-stats-5.111.0-x86_64-1.txz: Upgraded. kde/kapidox-5.111.0-x86_64-1.txz: Upgraded. kde/karchive-5.111.0-x86_64-1.txz: Upgraded. kde/kauth-5.111.0-x86_64-1.txz: Upgraded. kde/kbookmarks-5.111.0-x86_64-1.txz: Upgraded. kde/kcalendarcore-5.111.0-x86_64-1.txz: Upgraded. kde/kcmutils-5.111.0-x86_64-1.txz: Upgraded. kde/kcodecs-5.111.0-x86_64-1.txz: Upgraded. kde/kcompletion-5.111.0-x86_64-1.txz: Upgraded. kde/kconfig-5.111.0-x86_64-1.txz: Upgraded. kde/kconfigwidgets-5.111.0-x86_64-1.txz: Upgraded. kde/kcontacts-5.111.0-x86_64-1.txz: Upgraded. kde/kcoreaddons-5.111.0-x86_64-1.txz: Upgraded. kde/kcrash-5.111.0-x86_64-1.txz: Upgraded. kde/kdav-5.111.0-x86_64-1.txz: Upgraded. kde/kdbusaddons-5.111.0-x86_64-1.txz: Upgraded. kde/kdeclarative-5.111.0-x86_64-1.txz: Upgraded. kde/kded-5.111.0-x86_64-1.txz: Upgraded. kde/kdelibs4support-5.111.0-x86_64-1.txz: Upgraded. kde/kdesignerplugin-5.111.0-x86_64-1.txz: Upgraded. kde/kdesu-5.111.0-x86_64-1.txz: Upgraded. kde/kdewebkit-5.111.0-x86_64-1.txz: Upgraded. kde/kdnssd-5.111.0-x86_64-1.txz: Upgraded. kde/kdoctools-5.111.0-x86_64-1.txz: Upgraded. kde/kemoticons-5.111.0-x86_64-1.txz: Upgraded. kde/kfilemetadata-5.111.0-x86_64-1.txz: Upgraded. kde/kglobalaccel-5.111.0-x86_64-1.txz: Upgraded. kde/kguiaddons-5.111.0-x86_64-1.txz: Upgraded. kde/kholidays-5.111.0-x86_64-1.txz: Upgraded. kde/khtml-5.111.0-x86_64-1.txz: Upgraded. kde/ki18n-5.111.0-x86_64-1.txz: Upgraded. kde/kiconthemes-5.111.0-x86_64-1.txz: Upgraded. kde/kidletime-5.111.0-x86_64-1.txz: Upgraded. kde/kimageformats-5.111.0-x86_64-1.txz: Upgraded. kde/kinit-5.111.0-x86_64-1.txz: Upgraded. kde/kio-5.111.0-x86_64-1.txz: Upgraded. kde/kirigami2-5.111.0-x86_64-1.txz: Upgraded. kde/kitemmodels-5.111.0-x86_64-1.txz: Upgraded. kde/kitemviews-5.111.0-x86_64-1.txz: Upgraded. kde/kjobwidgets-5.111.0-x86_64-1.txz: Upgraded. kde/kjs-5.111.0-x86_64-1.txz: Upgraded. kde/kjsembed-5.111.0-x86_64-1.txz: Upgraded. kde/kmediaplayer-5.111.0-x86_64-1.txz: Upgraded. kde/knewstuff-5.111.0-x86_64-1.txz: Upgraded. kde/knotifications-5.111.0-x86_64-1.txz: Upgraded. kde/knotifyconfig-5.111.0-x86_64-1.txz: Upgraded. kde/kpackage-5.111.0-x86_64-1.txz: Upgraded. kde/kparts-5.111.0-x86_64-1.txz: Upgraded. kde/kpeople-5.111.0-x86_64-1.txz: Upgraded. kde/kplotting-5.111.0-x86_64-1.txz: Upgraded. kde/kpty-5.111.0-x86_64-1.txz: Upgraded. kde/kquickcharts-5.111.0-x86_64-1.txz: Upgraded. kde/kross-5.111.0-x86_64-1.txz: Upgraded. kde/krunner-5.111.0-x86_64-1.txz: Upgraded. kde/kservice-5.111.0-x86_64-1.txz: Upgraded. kde/ktexteditor-5.111.0-x86_64-1.txz: Upgraded. kde/ktextwidgets-5.111.0-x86_64-1.txz: Upgraded. kde/kunitconversion-5.111.0-x86_64-1.txz: Upgraded. kde/kwallet-5.111.0-x86_64-1.txz: Upgraded. kde/kwayland-5.111.0-x86_64-1.txz: Upgraded. kde/kwidgetsaddons-5.111.0-x86_64-1.txz: Upgraded. kde/kwindowsystem-5.111.0-x86_64-1.txz: Upgraded. kde/kxmlgui-5.111.0-x86_64-1.txz: Upgraded. kde/kxmlrpcclient-5.111.0-x86_64-1.txz: Upgraded. kde/modemmanager-qt-5.111.0-x86_64-1.txz: Upgraded. kde/networkmanager-qt-5.111.0-x86_64-1.txz: Upgraded. kde/oxygen-icons5-5.111.0-noarch-1.txz: Upgraded. kde/plasma-framework-5.111.0-x86_64-1.txz: Upgraded. kde/prison-5.111.0-x86_64-1.txz: Upgraded. kde/purpose-5.111.0-x86_64-1.txz: Upgraded. kde/qqc2-desktop-style-5.111.0-x86_64-1.txz: Upgraded. kde/solid-5.111.0-x86_64-1.txz: Upgraded. kde/sonnet-5.111.0-x86_64-1.txz: Upgraded. kde/syndication-5.111.0-x86_64-1.txz: Upgraded. kde/syntax-highlighting-5.111.0-x86_64-1.txz: Upgraded. kde/threadweaver-5.111.0-x86_64-1.txz: Upgraded. l/harfbuzz-8.2.2-x86_64-1.txz: Upgraded. l/nodejs-21.0.0-x86_64-1.txz: Upgraded. l/pipewire-0.3.83-x86_64-1.txz: Upgraded. n/dhcpcd-10.0.4-x86_64-1.txz: Upgraded. n/httpd-2.4.58-x86_64-1.txz: Upgraded. This update fixes bugs and security issues: moderate: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST. low: mod_macro buffer over-read. low: Apache HTTP Server: DoS in HTTP/2 with initial windows size 0. For more information, see: https://downloads.apache.org/httpd/CHANGES_2.4.58 https://www.cve.org/CVERecord?id=CVE-2023-45802 https://www.cve.org/CVERecord?id=CVE-2023-31122 https://www.cve.org/CVERecord?id=CVE-2023-43622 (* Security fix *) n/nftables-1.0.9-x86_64-1.txz: Upgraded. x/egl-wayland-1.1.13-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-115.3.3-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/115.3.3/releasenotes/ xfce/xfce4-dev-tools-4.18.1-x86_64-1.txz: Upgraded.
Diffstat (limited to '')
-rwxr-xr-xsource/n/httpd/httpd.SlackBuild2
-rw-r--r--source/n/httpd/httpd.url4
-rw-r--r--source/n/nftables/5f1676ac9f1aeb36d7695c3c354dade013a1e4f3.patch248
-rwxr-xr-xsource/n/nftables/nftables.SlackBuild5
4 files changed, 4 insertions, 255 deletions
diff --git a/source/n/httpd/httpd.SlackBuild b/source/n/httpd/httpd.SlackBuild
index 36a3a91e3..438525eef 100755
--- a/source/n/httpd/httpd.SlackBuild
+++ b/source/n/httpd/httpd.SlackBuild
@@ -27,7 +27,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=httpd
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
diff --git a/source/n/httpd/httpd.url b/source/n/httpd/httpd.url
index a6083e679..fdbabad99 100644
--- a/source/n/httpd/httpd.url
+++ b/source/n/httpd/httpd.url
@@ -1,2 +1,2 @@
-http://www.apache.org/dist/httpd/httpd-2.4.57.tar.bz2
-http://www.apache.org/dist/httpd/httpd-2.4.57.tar.bz2.asc
+http://www.apache.org/dist/httpd/httpd-2.4.58.tar.bz2
+http://www.apache.org/dist/httpd/httpd-2.4.58.tar.bz2.asc
diff --git a/source/n/nftables/5f1676ac9f1aeb36d7695c3c354dade013a1e4f3.patch b/source/n/nftables/5f1676ac9f1aeb36d7695c3c354dade013a1e4f3.patch
deleted file mode 100644
index 26eb9b2fc..000000000
--- a/source/n/nftables/5f1676ac9f1aeb36d7695c3c354dade013a1e4f3.patch
+++ /dev/null
@@ -1,248 +0,0 @@
-From 5f1676ac9f1aeb36d7695c3c354dade013a1e4f3 Mon Sep 17 00:00:00 2001
-From: Pablo Neira Ayuso <pablo@netfilter.org>
-Date: Tue, 18 Jul 2023 23:10:01 +0200
-Subject: meta: stash context statement length when generating payload/meta
- dependency
-
-... meta mark set ip dscp
-
-generates an implicit dependency from the inet family to match on meta
-nfproto ip.
-
-The length of this implicit expression is incorrectly adjusted to the
-statement length, ie. relational to compare meta nfproto takes 4 bytes
-instead of 1 byte. The evaluation of 'ip dscp' under the meta mark
-statement triggers this implicit dependency which should not consider
-the context statement length since it is added before the statement
-itself.
-
-This problem shows when listing the ruleset, since netlink_parse_cmp()
-where left->len < right->len, hence handling the implicit dependency as
-a concatenation, but it is actually a bug in the evaluation step that
-leads to incorrect bytecode.
-
-Fixes: 3c64ea7995cb ("evaluate: honor statement length in integer evaluation")
-Fixes: edecd58755a8 ("evaluate: support shifts larger than the width of the left operand")
-Tested-by: Brian Davidson <davidson.brian@gmail.com>
-Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
----
- src/payload.c | 13 +++++++
- tests/py/inet/meta.t | 5 +++
- tests/py/inet/meta.t.json | 86 ++++++++++++++++++++++++++++++++++++++++++++
- tests/py/inet/meta.t.payload | 40 +++++++++++++++++++++
- 4 files changed, 144 insertions(+)
-
-diff --git a/src/payload.c b/src/payload.c
-index f67b5407..7862745b 100644
---- a/src/payload.c
-+++ b/src/payload.c
-@@ -409,6 +409,7 @@ static int payload_add_dependency(struct eval_ctx *ctx,
- const struct proto_hdr_template *tmpl;
- struct expr *dep, *left, *right;
- struct proto_ctx *pctx;
-+ unsigned int stmt_len;
- struct stmt *stmt;
- int protocol;
-
-@@ -429,11 +430,16 @@ static int payload_add_dependency(struct eval_ctx *ctx,
- constant_data_ptr(protocol, tmpl->len));
-
- dep = relational_expr_alloc(&expr->location, OP_EQ, left, right);
-+
-+ stmt_len = ctx->stmt_len;
-+ ctx->stmt_len = 0;
-+
- stmt = expr_stmt_alloc(&dep->location, dep);
- if (stmt_evaluate(ctx, stmt) < 0) {
- return expr_error(ctx->msgs, expr,
- "dependency statement is invalid");
- }
-+ ctx->stmt_len = stmt_len;
-
- if (ctx->inner_desc) {
- if (tmpl->meta_key)
-@@ -543,6 +549,7 @@ int payload_gen_dependency(struct eval_ctx *ctx, const struct expr *expr,
- const struct hook_proto_desc *h;
- const struct proto_desc *desc;
- struct proto_ctx *pctx;
-+ unsigned int stmt_len;
- struct stmt *stmt;
- uint16_t type;
-
-@@ -559,12 +566,18 @@ int payload_gen_dependency(struct eval_ctx *ctx, const struct expr *expr,
- "protocol specification is invalid "
- "for this family");
-
-+ stmt_len = ctx->stmt_len;
-+ ctx->stmt_len = 0;
-+
- stmt = meta_stmt_meta_iiftype(&expr->location, type);
- if (stmt_evaluate(ctx, stmt) < 0) {
- return expr_error(ctx->msgs, expr,
- "dependency statement is invalid");
- }
- *res = stmt;
-+
-+ ctx->stmt_len = stmt_len;
-+
- return 0;
- }
-
-diff --git a/tests/py/inet/meta.t b/tests/py/inet/meta.t
-index 374738a7..5c062b39 100644
---- a/tests/py/inet/meta.t
-+++ b/tests/py/inet/meta.t
-@@ -25,3 +25,8 @@ meta mark set ct mark >> 8;ok
- meta mark . tcp dport { 0x0000000a-0x00000014 . 80-90, 0x00100000-0x00100123 . 100-120 };ok
- ip saddr . meta mark { 1.2.3.4 . 0x00000100 , 1.2.3.6-1.2.3.8 . 0x00000200-0x00000300 };ok
- ip saddr . meta mark { 1.2.3.4 . 0x00000100 , 5.6.7.8 . 0x00000200 };ok
-+
-+meta mark set ip dscp;ok
-+meta mark set ip dscp | 0x40;ok
-+meta mark set ip6 dscp;ok
-+meta mark set ip6 dscp | 0x40;ok
-diff --git a/tests/py/inet/meta.t.json b/tests/py/inet/meta.t.json
-index 92a1f9bf..3ba0fd1d 100644
---- a/tests/py/inet/meta.t.json
-+++ b/tests/py/inet/meta.t.json
-@@ -440,3 +440,89 @@
- }
- ]
-
-+# meta mark set ip dscp
-+[
-+ {
-+ "mangle": {
-+ "key": {
-+ "meta": {
-+ "key": "mark"
-+ }
-+ },
-+ "value": {
-+ "payload": {
-+ "field": "dscp",
-+ "protocol": "ip"
-+ }
-+ }
-+ }
-+ }
-+]
-+
-+# meta mark set ip dscp | 0x40
-+[
-+ {
-+ "mangle": {
-+ "key": {
-+ "meta": {
-+ "key": "mark"
-+ }
-+ },
-+ "value": {
-+ "|": [
-+ {
-+ "payload": {
-+ "field": "dscp",
-+ "protocol": "ip"
-+ }
-+ },
-+ 64
-+ ]
-+ }
-+ }
-+ }
-+]
-+
-+# meta mark set ip6 dscp
-+[
-+ {
-+ "mangle": {
-+ "key": {
-+ "meta": {
-+ "key": "mark"
-+ }
-+ },
-+ "value": {
-+ "payload": {
-+ "field": "dscp",
-+ "protocol": "ip6"
-+ }
-+ }
-+ }
-+ }
-+]
-+
-+# meta mark set ip6 dscp | 0x40
-+[
-+ {
-+ "mangle": {
-+ "key": {
-+ "meta": {
-+ "key": "mark"
-+ }
-+ },
-+ "value": {
-+ "|": [
-+ {
-+ "payload": {
-+ "field": "dscp",
-+ "protocol": "ip6"
-+ }
-+ },
-+ 64
-+ ]
-+ }
-+ }
-+ }
-+]
-+
-diff --git a/tests/py/inet/meta.t.payload b/tests/py/inet/meta.t.payload
-index ea540907..c53b5077 100644
---- a/tests/py/inet/meta.t.payload
-+++ b/tests/py/inet/meta.t.payload
-@@ -133,3 +133,43 @@ inet test-inet input
- [ meta load mark => reg 9 ]
- [ lookup reg 1 set __set%d ]
-
-+# meta mark set ip dscp
-+inet test-inet input
-+ [ meta load nfproto => reg 1 ]
-+ [ cmp eq reg 1 0x00000002 ]
-+ [ payload load 1b @ network header + 1 => reg 1 ]
-+ [ bitwise reg 1 = ( reg 1 & 0x000000fc ) ^ 0x00000000 ]
-+ [ bitwise reg 1 = ( reg 1 >> 0x00000002 ) ]
-+ [ meta set mark with reg 1 ]
-+
-+# meta mark set ip dscp | 0x40
-+inet test-inet input
-+ [ meta load nfproto => reg 1 ]
-+ [ cmp eq reg 1 0x00000002 ]
-+ [ payload load 1b @ network header + 1 => reg 1 ]
-+ [ bitwise reg 1 = ( reg 1 & 0x000000fc ) ^ 0x00000000 ]
-+ [ bitwise reg 1 = ( reg 1 >> 0x00000002 ) ]
-+ [ bitwise reg 1 = ( reg 1 & 0xffffffbf ) ^ 0x00000040 ]
-+ [ meta set mark with reg 1 ]
-+
-+# meta mark set ip6 dscp
-+inet test-inet input
-+ [ meta load nfproto => reg 1 ]
-+ [ cmp eq reg 1 0x0000000a ]
-+ [ payload load 2b @ network header + 0 => reg 1 ]
-+ [ bitwise reg 1 = ( reg 1 & 0x0000c00f ) ^ 0x00000000 ]
-+ [ byteorder reg 1 = ntoh(reg 1, 2, 2) ]
-+ [ bitwise reg 1 = ( reg 1 >> 0x00000006 ) ]
-+ [ meta set mark with reg 1 ]
-+
-+# meta mark set ip6 dscp | 0x40
-+inet test-inet input
-+ [ meta load nfproto => reg 1 ]
-+ [ cmp eq reg 1 0x0000000a ]
-+ [ payload load 2b @ network header + 0 => reg 1 ]
-+ [ bitwise reg 1 = ( reg 1 & 0x0000c00f ) ^ 0x00000000 ]
-+ [ byteorder reg 1 = ntoh(reg 1, 2, 2) ]
-+ [ bitwise reg 1 = ( reg 1 >> 0x00000006 ) ]
-+ [ bitwise reg 1 = ( reg 1 & 0xffffffbf ) ^ 0x00000040 ]
-+ [ meta set mark with reg 1 ]
-+
---
-cgit v1.2.3
-
diff --git a/source/n/nftables/nftables.SlackBuild b/source/n/nftables/nftables.SlackBuild
index a48cd1c32..c5d15fe72 100755
--- a/source/n/nftables/nftables.SlackBuild
+++ b/source/n/nftables/nftables.SlackBuild
@@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=nftables
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-1}
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}
@@ -78,9 +78,6 @@ find . \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \+
-# Upstream patch:
-cat $CWD/5f1676ac9f1aeb36d7695c3c354dade013a1e4f3.patch | patch -p1 --verbose || exit 1
-
CFLAGS="$SLKCFLAGS" \
CXXFLAGS="$SLKCFLAGS" \
LIBS="-lncursesw" \