diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2023-12-19 21:24:05 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2023-12-19 23:05:28 +0100 |
| commit | 90c1d5c2c0b15a877ad7b260895a7815bdd4d03c (patch) | |
| tree | e83aca23a86ea9853c0f3621b7a8a363071ea235 /source | |
| parent | 1e5164fb6d699f5f0feea33ff1ad0d0468ec6f62 (diff) | |
| download | current-90c1d5c2c0b15a877ad7b260895a7815bdd4d03c.tar.gz current-90c1d5c2c0b15a877ad7b260895a7815bdd4d03c.tar.xz | |
Tue Dec 19 21:24:05 UTC 202320231219212405
a/sysvinit-scripts-15.1-noarch-9.txz: Rebuilt.
rc.cpufreq: also default to "performance" for amd-pstate-epp.
Thanks to pghvlaans.
l/LibRaw-0.21.2-x86_64-1.txz: Upgraded.
l/gtk+3-3.24.39-x86_64-1.txz: Upgraded.
l/libssh-0.10.6-x86_64-1.txz: Upgraded.
This update fixes security issues:
Command injection using proxycommand.
Potential downgrade attack using strict kex.
Missing checks for return values of MD functions.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-6004
https://www.cve.org/CVERecord?id=CVE-2023-48795
https://www.cve.org/CVERecord?id=CVE-2023-6918
(* Security fix *)
l/mozilla-nss-3.96.1-x86_64-1.txz: Upgraded.
n/bluez-5.71-x86_64-2.txz: Rebuilt.
Fix a regression in bluez-5.71:
[PATCH] adapter: Fix link key address type for old kernels.
Thanks to marav.
xap/mozilla-firefox-115.6.0esr-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.6.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2023-54/
https://www.cve.org/CVERecord?id=CVE-2023-6856
https://www.cve.org/CVERecord?id=CVE-2023-6865
https://www.cve.org/CVERecord?id=CVE-2023-6857
https://www.cve.org/CVERecord?id=CVE-2023-6858
https://www.cve.org/CVERecord?id=CVE-2023-6859
https://www.cve.org/CVERecord?id=CVE-2023-6860
https://www.cve.org/CVERecord?id=CVE-2023-6867
https://www.cve.org/CVERecord?id=CVE-2023-6861
https://www.cve.org/CVERecord?id=CVE-2023-6862
https://www.cve.org/CVERecord?id=CVE-2023-6863
https://www.cve.org/CVERecord?id=CVE-2023-6864
(* Security fix *)
xap/mozilla-thunderbird-115.6.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.thunderbird.net/en-US/thunderbird/115.6.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/
https://www.cve.org/CVERecord?id=CVE-2023-50762
https://www.cve.org/CVERecord?id=CVE-2023-50761
https://www.cve.org/CVERecord?id=CVE-2023-6856
https://www.cve.org/CVERecord?id=CVE-2023-6857
https://www.cve.org/CVERecord?id=CVE-2023-6858
https://www.cve.org/CVERecord?id=CVE-2023-6859
https://www.cve.org/CVERecord?id=CVE-2023-6860
https://www.cve.org/CVERecord?id=CVE-2023-6861
https://www.cve.org/CVERecord?id=CVE-2023-6862
https://www.cve.org/CVERecord?id=CVE-2023-6863
https://www.cve.org/CVERecord?id=CVE-2023-6864
(* Security fix *)
Diffstat (limited to 'source')
| -rw-r--r-- | source/a/sysvinit-scripts/scripts/rc.cpufreq | 6 | ||||
| -rwxr-xr-x | source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild | 2 | ||||
| -rw-r--r-- | source/l/LibRaw/9ab70f6dca19229cb5caad7cc31af4e7501bac93.patch | 22 | ||||
| -rwxr-xr-x | source/l/LibRaw/LibRaw.SlackBuild | 7 | ||||
| -rwxr-xr-x | source/l/mozilla-nss/mozilla-nss.SlackBuild | 2 | ||||
| -rw-r--r-- | source/n/bluez/1528118a8f84b4b178729c1f9fc3f6d858c04f9f.patch | 35 | ||||
| -rwxr-xr-x | source/n/bluez/bluez.SlackBuild | 5 |
7 files changed, 45 insertions, 34 deletions
diff --git a/source/a/sysvinit-scripts/scripts/rc.cpufreq b/source/a/sysvinit-scripts/scripts/rc.cpufreq index 739d99b86..82936d545 100644 --- a/source/a/sysvinit-scripts/scripts/rc.cpufreq +++ b/source/a/sysvinit-scripts/scripts/rc.cpufreq @@ -29,11 +29,11 @@ # also provides information about the recent load. SCALING_GOVERNOR=ondemand -# For CPUs using intel_pstate, always use the performance governor. This also -# provides power savings on Intel processors while avoiding the ramp-up lag +# For CPUs using intel_pstate or amd-pstate-epp, always use the performance +# governor. This also provides power savings while avoiding the ramp-up lag # present when using the powersave governor (which is the default if ondemand # is requested on these machines): -if [ "$(cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_driver 2> /dev/null)" = "intel_pstate" ]; then +if [ "$(cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_driver 2> /dev/null)" = "intel_pstate" -o "$(cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_driver 2> /dev/null)" = "amd-pstate-epp" ]; then SCALING_GOVERNOR="performance" fi diff --git a/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild b/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild index 6aa936345..11476671f 100755 --- a/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild +++ b/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild @@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=sysvinit-scripts VERSION=${VERSION:-15.1} ARCH=noarch -BUILD=${BUILD:-8} +BUILD=${BUILD:-9} # If the variable PRINT_PACKAGE_NAME is set, then this script will report what # the name of the created package would be, and then exit. This information diff --git a/source/l/LibRaw/9ab70f6dca19229cb5caad7cc31af4e7501bac93.patch b/source/l/LibRaw/9ab70f6dca19229cb5caad7cc31af4e7501bac93.patch deleted file mode 100644 index 427b3c852..000000000 --- a/source/l/LibRaw/9ab70f6dca19229cb5caad7cc31af4e7501bac93.patch +++ /dev/null @@ -1,22 +0,0 @@ -From 9ab70f6dca19229cb5caad7cc31af4e7501bac93 Mon Sep 17 00:00:00 2001 -From: Alex Tutubalin <lexa@lexa.ru> -Date: Sat, 14 Jan 2023 18:32:59 +0300 -Subject: [PATCH] do not set shrink flag for 3/4 component images - ---- - src/preprocessing/raw2image.cpp | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/src/preprocessing/raw2image.cpp b/src/preprocessing/raw2image.cpp -index e65e2ad7..702cf290 100644 ---- a/src/preprocessing/raw2image.cpp -+++ b/src/preprocessing/raw2image.cpp -@@ -43,6 +43,8 @@ void LibRaw::raw2image_start() - - // adjust for half mode! - IO.shrink = -+ !imgdata.rawdata.color4_image && !imgdata.rawdata.color3_image && -+ !imgdata.rawdata.float4_image && !imgdata.rawdata.float3_image && - P1.filters && - (O.half_size || ((O.threshold || O.aber[0] != 1 || O.aber[2] != 1))); - diff --git a/source/l/LibRaw/LibRaw.SlackBuild b/source/l/LibRaw/LibRaw.SlackBuild index 277765b9a..3ca1052b0 100755 --- a/source/l/LibRaw/LibRaw.SlackBuild +++ b/source/l/LibRaw/LibRaw.SlackBuild @@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=LibRaw VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-1} NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} @@ -93,11 +93,6 @@ find . \ # Don't use icecream: PATH=$(echo $PATH | sed "s|/usr/libexec/icecc/bin||g" | tr -s : | sed "s/^://g" | sed "s/:$//g") -# CVE-2023-1729: -cat $CWD/9ab70f6dca19229cb5caad7cc31af4e7501bac93.patch | patch -p1 --verbose || exit 1 - -autoreconf -vif - CFLAGS="$SLKCFLAGS" \ CXXFLAGS="$SLKCFLAGS" \ ./configure \ diff --git a/source/l/mozilla-nss/mozilla-nss.SlackBuild b/source/l/mozilla-nss/mozilla-nss.SlackBuild index b2400faea..467fadfa7 100755 --- a/source/l/mozilla-nss/mozilla-nss.SlackBuild +++ b/source/l/mozilla-nss/mozilla-nss.SlackBuild @@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=mozilla-nss SRCNAM=nss -VERSION=${VERSION:-3.96} +VERSION=${VERSION:-3.96.1} NSPR=${NSPR:-4.35} BUILD=${BUILD:-1} diff --git a/source/n/bluez/1528118a8f84b4b178729c1f9fc3f6d858c04f9f.patch b/source/n/bluez/1528118a8f84b4b178729c1f9fc3f6d858c04f9f.patch new file mode 100644 index 000000000..c09a54daf --- /dev/null +++ b/source/n/bluez/1528118a8f84b4b178729c1f9fc3f6d858c04f9f.patch @@ -0,0 +1,35 @@ +From 1528118a8f84b4b178729c1f9fc3f6d858c04f9f Mon Sep 17 00:00:00 2001 +From: Xiao Yao <xiaoyao@rock-chips.com> +Date: Sun, 17 Dec 2023 21:50:12 +0800 +Subject: [PATCH] adapter: Fix link key address type for old kernels + +Fixes: https://github.com/bluez/bluez/issues/686 + +Signed-off-by: Xiao Yao <xiaoyao@rock-chips.com> +--- + src/adapter.c | 12 +++++++++++- + 1 file changed, 11 insertions(+), 1 deletion(-) + +diff --git a/src/adapter.c b/src/adapter.c +index ee70b00d2..b4628a411 100644 +--- a/src/adapter.c ++++ b/src/adapter.c +@@ -4347,7 +4347,17 @@ static void load_link_keys(struct btd_adapter *adapter, GSList *keys, + struct link_key_info *info = l->data; + + bacpy(&key->addr.bdaddr, &info->bdaddr); +- key->addr.type = info->bdaddr_type; ++ ++ /* ++ * According to the Bluetooth specification, the address ++ * type of the link key is not fixed. However, the ++ * load_link_keys function in the old kernel code requires ++ * that the address type must be BREDR. Since the address ++ * type is not actually used by the link key, to maintain ++ * compatibility with older kernel versions, the addr.type ++ * of the link key is set to BDADDR_BREDR. ++ */ ++ key->addr.type = BDADDR_BREDR; + key->type = info->type; + memcpy(key->val, info->key, 16); + key->pin_len = info->pin_len; diff --git a/source/n/bluez/bluez.SlackBuild b/source/n/bluez/bluez.SlackBuild index de035ce03..a58c6902d 100755 --- a/source/n/bluez/bluez.SlackBuild +++ b/source/n/bluez/bluez.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=bluez VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} @@ -78,6 +78,9 @@ find . \ zcat $CWD/bluez-5.51-obexd_without_systemd-1.patch.gz | patch -p1 --verbose || exit 1 +# Fix regression in 5.71: +cat $CWD/1528118a8f84b4b178729c1f9fc3f6d858c04f9f.patch | patch -p1 --verbose || exit 1 + sed -i -e 's|-lreadline|\0 -lncursesw|g' Makefile.{in,tools} autoreconf -vif |