diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2023-05-25 00:24:33 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2023-05-25 03:50:00 +0200 |
| commit | ed49432ad9d734d447d1bda6657b2d221a7fb3a8 (patch) | |
| tree | fbd372b018ab43e211a275280da8a02597203800 /source/t/texlive/texlive.SlackBuild | |
| parent | b2fa3fdbd7ee8367f9ea371367850e010a58dfee (diff) | |
| download | current-ed49432ad9d734d447d1bda6657b2d221a7fb3a8.tar.gz current-ed49432ad9d734d447d1bda6657b2d221a7fb3a8.tar.xz | |
Thu May 25 00:24:33 UTC 202320230525002433
a/elilo-3.16-x86_64-16.txz: Rebuilt.
eliloconfig: don't mess with mounting efivarfs. This should be handled by
rc.S, or by whatever the admin put in /etc/fstab.
a/kernel-firmware-20230523_1ba3519-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.30-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.30-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.30-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-15.1-noarch-5.txz: Rebuilt.
rc.S: mount efivarfs rw, may be overridden in /etc/default/efivarfs.
ap/sc-im-0.8.3-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.30-x86-1.txz: Upgraded.
d/parallel-20230522-noarch-1.txz: Upgraded.
k/kernel-source-6.1.30-noarch-1.txz: Upgraded.
l/enchant-2.4.0-x86_64-1.txz: Upgraded.
l/glib2-2.76.3-x86_64-1.txz: Upgraded.
l/gtk+3-3.24.38-x86_64-1.txz: Upgraded.
l/qt5-5.15.9_20230523_245f369c-x86_64-1.txz: Upgraded.
This update fixes a security issue.
Qt-based clients may mismatch HSTS headers (Strict-Transport-Security),
which would prevent the client from switching to a secure HTTPS
connection as requested by a server.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-32762
(* Security fix *)
n/curl-8.1.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
t/texlive-2023.230322-x86_64-3.txz: Rebuilt.
This update patches a security issue:
LuaTeX before 1.17.0 allows execution of arbitrary shell commands when
compiling a TeX file obtained from an untrusted source. This occurs
because luatex-core.lua lets the original io.popen be accessed. This also
affects TeX Live before 2023 r66984 and MiKTeX before 23.5.
Thanks to Johannes Schoepfer.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-32700
(* Security fix *)
xap/mozilla-firefox-113.0.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/113.0.2/releasenotes/
xfce/libxfce4ui-4.18.4-x86_64-1.txz: Upgraded.
xfce/xfce4-panel-4.18.4-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to '')
| -rwxr-xr-x | source/t/texlive/texlive.SlackBuild | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/source/t/texlive/texlive.SlackBuild b/source/t/texlive/texlive.SlackBuild index 3617dd8d0..03534999c 100755 --- a/source/t/texlive/texlive.SlackBuild +++ b/source/t/texlive/texlive.SlackBuild @@ -34,7 +34,7 @@ PKGNAM=texlive SOURCEVERSION=${SOURCEVERSION:-20230311} TEXMFVERSION=${TEXMFVERSION:-230322} VERSION=${VERSION:-2023.$TEXMFVERSION} -BUILD=${BUILD:-2} +BUILD=${BUILD:-3} TMP=${TMP:-/tmp} PKG=$TMP/package-texlive @@ -77,6 +77,9 @@ cd texlive-$SOURCEVERSION-source || exit 1 chown -R root:root . chmod -R u+w,go-w,a+rX-st . +# CVE-2023-32700: +zcat $CWD/texlive-20230313-source-security_fix-1.patch.gz | patch -p1 --verbose || exit 1 + mkdir build cd build CFLAGS="$SLKCFLAGS" \ |