summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog.rss66
-rw-r--r--ChangeLog.txt54
-rw-r--r--FILELIST.TXT210
-rw-r--r--patches/packages/hwdata-0.367-noarch-1_slack15.0.txt11
-rw-r--r--patches/packages/mozilla-firefox-102.8.0esr-x86_64-1_slack15.0.txt (renamed from patches/packages/mozilla-firefox-102.7.0esr-x86_64-1_slack15.0.txt)0
-rw-r--r--patches/packages/php-7.4.33-x86_64-3_slack15.0.txt (renamed from patches/packages/php-7.4.33-x86_64-2_slack15.0.txt)0
-rwxr-xr-xpatches/source/hwdata/hwdata.SlackBuild122
-rw-r--r--patches/source/hwdata/slack-desc19
-rw-r--r--patches/source/php/CVE-2023-0567.patch142
-rw-r--r--patches/source/php/CVE-2023-0568.patch62
-rw-r--r--patches/source/php/CVE-2023-0662.patch411
-rwxr-xr-xpatches/source/php/php.SlackBuild5
-rwxr-xr-xrecompress.sh3
13 files changed, 1002 insertions, 103 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss
index 052cae115..f96a5a1ee 100644
--- a/ChangeLog.rss
+++ b/ChangeLog.rss
@@ -11,10 +11,72 @@
<description>Tracking Slackware development in git.</description>
<language>en-us</language>
<id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
- <pubDate>Fri, 10 Feb 2023 20:08:41 GMT</pubDate>
- <lastBuildDate>Sat, 11 Feb 2023 12:30:19 GMT</lastBuildDate>
+ <pubDate>Wed, 15 Feb 2023 03:05:40 GMT</pubDate>
+ <lastBuildDate>Thu, 16 Feb 2023 00:30:23 GMT</lastBuildDate>
<generator>maintain_current_git.sh v 1.17</generator>
<item>
+ <title>Wed, 15 Feb 2023 03:05:40 GMT</title>
+ <pubDate>Wed, 15 Feb 2023 03:05:40 GMT</pubDate>
+ <link>https://git.slackware.nl/current/tag/?h=20230215030540</link>
+ <guid isPermaLink="false">20230215030540</guid>
+ <description>
+ <![CDATA[<pre>
+extra/php80/php80-8.0.28-x86_64-1_slack15.0.txz: Upgraded.
+ This update fixes security issues:
+ Core: Password_verify() always return true with some hash.
+ Core: 1-byte array overrun in common path resolve code.
+ SAPI: DOS vulnerability when parsing multipart request body.
+ For more information, see:
+ https://www.cve.org/CVERecord?id=CVE-2023-0567
+ https://www.cve.org/CVERecord?id=CVE-2023-0568
+ https://www.cve.org/CVERecord?id=CVE-2023-0662
+ (* Security fix *)
+extra/php81/php81-8.1.16-x86_64-1_slack15.0.txz: Upgraded.
+ This update fixes security issues:
+ Core: Password_verify() always return true with some hash.
+ Core: 1-byte array overrun in common path resolve code.
+ SAPI: DOS vulnerability when parsing multipart request body.
+ For more information, see:
+ https://www.cve.org/CVERecord?id=CVE-2023-0567
+ https://www.cve.org/CVERecord?id=CVE-2023-0568
+ https://www.cve.org/CVERecord?id=CVE-2023-0662
+ (* Security fix *)
+patches/packages/hwdata-0.367-noarch-1_slack15.0.txz: Upgraded.
+ Upgraded to get information for newer hardware.
+ Requested by kingbeowulf on LQ.
+patches/packages/mozilla-firefox-102.8.0esr-x86_64-1_slack15.0.txz: Upgraded.
+ This update contains security fixes and improvements.
+ For more information, see:
+ https://www.mozilla.org/en-US/firefox/102.8.0/releasenotes/
+ https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/
+ https://www.cve.org/CVERecord?id=CVE-2023-25728
+ https://www.cve.org/CVERecord?id=CVE-2023-25730
+ https://www.cve.org/CVERecord?id=CVE-2023-25743
+ https://www.cve.org/CVERecord?id=CVE-2023-0767
+ https://www.cve.org/CVERecord?id=CVE-2023-25735
+ https://www.cve.org/CVERecord?id=CVE-2023-25737
+ https://www.cve.org/CVERecord?id=CVE-2023-25738
+ https://www.cve.org/CVERecord?id=CVE-2023-25739
+ https://www.cve.org/CVERecord?id=CVE-2023-25729
+ https://www.cve.org/CVERecord?id=CVE-2023-25732
+ https://www.cve.org/CVERecord?id=CVE-2023-25734
+ https://www.cve.org/CVERecord?id=CVE-2023-25742
+ https://www.cve.org/CVERecord?id=CVE-2023-25746
+ (* Security fix *)
+patches/packages/php-7.4.33-x86_64-3_slack15.0.txz: Rebuilt.
+ This update fixes security issues:
+ Core: Password_verify() always return true with some hash.
+ Core: 1-byte array overrun in common path resolve code.
+ SAPI: DOS vulnerability when parsing multipart request body.
+ For more information, see:
+ https://www.cve.org/CVERecord?id=CVE-2023-0567
+ https://www.cve.org/CVERecord?id=CVE-2023-0568
+ https://www.cve.org/CVERecord?id=CVE-2023-0662
+ (* Security fix *)
+ </pre>]]>
+ </description>
+ </item>
+ <item>
<title>Fri, 10 Feb 2023 20:08:41 GMT</title>
<pubDate>Fri, 10 Feb 2023 20:08:41 GMT</pubDate>
<link>https://git.slackware.nl/current/tag/?h=20230210200841</link>
diff --git a/ChangeLog.txt b/ChangeLog.txt
index 569a64a98..bad42d626 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,57 @@
+Wed Feb 15 03:05:40 UTC 2023
+extra/php80/php80-8.0.28-x86_64-1_slack15.0.txz: Upgraded.
+ This update fixes security issues:
+ Core: Password_verify() always return true with some hash.
+ Core: 1-byte array overrun in common path resolve code.
+ SAPI: DOS vulnerability when parsing multipart request body.
+ For more information, see:
+ https://www.cve.org/CVERecord?id=CVE-2023-0567
+ https://www.cve.org/CVERecord?id=CVE-2023-0568
+ https://www.cve.org/CVERecord?id=CVE-2023-0662
+ (* Security fix *)
+extra/php81/php81-8.1.16-x86_64-1_slack15.0.txz: Upgraded.
+ This update fixes security issues:
+ Core: Password_verify() always return true with some hash.
+ Core: 1-byte array overrun in common path resolve code.
+ SAPI: DOS vulnerability when parsing multipart request body.
+ For more information, see:
+ https://www.cve.org/CVERecord?id=CVE-2023-0567
+ https://www.cve.org/CVERecord?id=CVE-2023-0568
+ https://www.cve.org/CVERecord?id=CVE-2023-0662
+ (* Security fix *)
+patches/packages/hwdata-0.367-noarch-1_slack15.0.txz: Upgraded.
+ Upgraded to get information for newer hardware.
+ Requested by kingbeowulf on LQ.
+patches/packages/mozilla-firefox-102.8.0esr-x86_64-1_slack15.0.txz: Upgraded.
+ This update contains security fixes and improvements.
+ For more information, see:
+ https://www.mozilla.org/en-US/firefox/102.8.0/releasenotes/
+ https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/
+ https://www.cve.org/CVERecord?id=CVE-2023-25728
+ https://www.cve.org/CVERecord?id=CVE-2023-25730
+ https://www.cve.org/CVERecord?id=CVE-2023-25743
+ https://www.cve.org/CVERecord?id=CVE-2023-0767
+ https://www.cve.org/CVERecord?id=CVE-2023-25735
+ https://www.cve.org/CVERecord?id=CVE-2023-25737
+ https://www.cve.org/CVERecord?id=CVE-2023-25738
+ https://www.cve.org/CVERecord?id=CVE-2023-25739
+ https://www.cve.org/CVERecord?id=CVE-2023-25729
+ https://www.cve.org/CVERecord?id=CVE-2023-25732
+ https://www.cve.org/CVERecord?id=CVE-2023-25734
+ https://www.cve.org/CVERecord?id=CVE-2023-25742
+ https://www.cve.org/CVERecord?id=CVE-2023-25746
+ (* Security fix *)
+patches/packages/php-7.4.33-x86_64-3_slack15.0.txz: Rebuilt.
+ This update fixes security issues:
+ Core: Password_verify() always return true with some hash.
+ Core: 1-byte array overrun in common path resolve code.
+ SAPI: DOS vulnerability when parsing multipart request body.
+ For more information, see:
+ https://www.cve.org/CVERecord?id=CVE-2023-0567
+ https://www.cve.org/CVERecord?id=CVE-2023-0568
+ https://www.cve.org/CVERecord?id=CVE-2023-0662
+ (* Security fix *)
++--------------------------+
Fri Feb 10 20:08:41 UTC 2023
patches/packages/gnutls-3.7.9-x86_64-1_slack15.0.txz: Upgraded.
libgnutls: Fix a Bleichenbacher oracle in the TLS RSA key exchange.
diff --git a/FILELIST.TXT b/FILELIST.TXT
index f16385355..85c5470d4 100644
--- a/FILELIST.TXT
+++ b/FILELIST.TXT
@@ -1,20 +1,20 @@
-Fri Feb 10 20:11:08 UTC 2023
+Wed Feb 15 03:10:48 UTC 2023
Here is the file list for this directory. If you are using a
mirror site and find missing or extra files in the disk
subdirectories, please have the archive administrator refresh
the mirror.
-drwxr-xr-x 12 root root 4096 2023-02-10 20:08 .
+drwxr-xr-x 12 root root 4096 2023-02-15 03:05 .
-rw-r--r-- 1 root root 5767 2022-02-02 22:44 ./ANNOUNCE.15.0
-rw-r--r-- 1 root root 16609 2022-03-30 19:03 ./CHANGES_AND_HINTS.TXT
--rw-r--r-- 1 root root 1172029 2023-02-09 01:03 ./CHECKSUMS.md5
--rw-r--r-- 1 root root 163 2023-02-09 01:03 ./CHECKSUMS.md5.asc
+-rw-r--r-- 1 root root 1172029 2023-02-10 20:11 ./CHECKSUMS.md5
+-rw-r--r-- 1 root root 163 2023-02-10 20:11 ./CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING
-rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3
-rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT
-rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT
--rw-r--r-- 1 root root 1986692 2023-02-10 20:08 ./ChangeLog.txt
+-rw-r--r-- 1 root root 1989338 2023-02-15 03:05 ./ChangeLog.txt
drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI
drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT
-rw-r--r-- 1 root root 1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi
@@ -25,7 +25,7 @@ drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT
-rwxr-xr-x 1 root root 2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh
-rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg
-rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg
--rw-r--r-- 1 root root 1528427 2023-02-09 01:02 ./FILELIST.TXT
+-rw-r--r-- 1 root root 1528427 2023-02-10 20:11 ./FILELIST.TXT
-rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY
-rw-r--r-- 1 root root 864745 2022-02-02 08:25 ./PACKAGES.TXT
-rw-r--r-- 1 root root 8034 2022-02-02 03:36 ./README.TXT
@@ -39,12 +39,12 @@ drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT
-rw-r--r-- 1 root root 17294 2008-12-08 18:13 ./SPEAK_INSTALL.TXT
-rw-r--r-- 1 root root 57187 2022-02-01 19:37 ./Slackware-HOWTO
-rw-r--r-- 1 root root 8700 2022-01-26 05:44 ./UPGRADE.TXT
-drwxr-xr-x 19 root root 4096 2023-01-07 01:41 ./extra
--rw-r--r-- 1 root root 49773 2023-01-07 01:41 ./extra/CHECKSUMS.md5
--rw-r--r-- 1 root root 163 2023-01-07 01:41 ./extra/CHECKSUMS.md5.asc
--rw-r--r-- 1 root root 62643 2023-01-07 01:41 ./extra/FILE_LIST
--rw-r--r-- 1 root root 1764212 2023-01-07 01:41 ./extra/MANIFEST.bz2
--rw-r--r-- 1 root root 36556 2023-01-07 01:41 ./extra/PACKAGES.TXT
+drwxr-xr-x 19 root root 4096 2023-02-15 03:10 ./extra
+-rw-r--r-- 1 root root 49773 2023-02-15 03:10 ./extra/CHECKSUMS.md5
+-rw-r--r-- 1 root root 163 2023-02-15 03:10 ./extra/CHECKSUMS.md5.asc
+-rw-r--r-- 1 root root 62643 2023-02-15 03:10 ./extra/FILE_LIST
+-rw-r--r-- 1 root root 1828747 2023-02-15 03:10 ./extra/MANIFEST.bz2
+-rw-r--r-- 1 root root 36556 2023-02-15 03:10 ./extra/PACKAGES.TXT
-rw-r--r-- 1 root root 149 2002-02-09 00:18 ./extra/README.TXT
drwxr-xr-x 2 root root 20480 2020-05-26 20:38 ./extra/aspell-word-lists
-rw-r--r-- 1 root root 171 2016-06-06 20:10 ./extra/aspell-word-lists/aspell-af-0.50_0-x86_64-5.txt
@@ -348,14 +348,14 @@ drwxr-xr-x 2 root root 4096 2018-02-27 06:13 ./extra/google-chrome
-rwxr-xr-x 1 root root 4168 2019-09-18 22:18 ./extra/google-chrome/google-chrome.SlackBuild
-rw-r--r-- 1 root root 840 2018-02-27 06:13 ./extra/google-chrome/slack-desc
lrwxrwxrwx 1 root root 11 2012-07-30 20:41 ./extra/java -> source/java
-drwxr-xr-x 2 root root 4096 2023-01-07 01:41 ./extra/php80
--rw-r--r-- 1 root root 369 2023-01-06 20:04 ./extra/php80/php80-8.0.27-x86_64-1_slack15.0.txt
--rw-r--r-- 1 root root 6164516 2023-01-06 20:04 ./extra/php80/php80-8.0.27-x86_64-1_slack15.0.txz
--rw-r--r-- 1 root root 163 2023-01-06 20:04 ./extra/php80/php80-8.0.27-x86_64-1_slack15.0.txz.asc
-drwxr-xr-x 2 root root 4096 2023-01-07 01:41 ./extra/php81
--rw-r--r-- 1 root root 369 2023-01-06 20:01 ./extra/php81/php81-8.1.14-x86_64-1_slack15.0.txt
--rw-r--r-- 1 root root 6284408 2023-01-06 20:01 ./extra/php81/php81-8.1.14-x86_64-1_slack15.0.txz
--rw-r--r-- 1 root root 163 2023-01-06 20:01 ./extra/php81/php81-8.1.14-x86_64-1_slack15.0.txz.asc
+drwxr-xr-x 2 root root 4096 2023-02-15 03:10 ./extra/php80
+-rw-r--r-- 1 root root 369 2023-02-14 21:54 ./extra/php80/php80-8.0.28-x86_64-1_slack15.0.txt
+-rw-r--r-- 1 root root 6161100 2023-02-14 21:54 ./extra/php80/php80-8.0.28-x86_64-1_slack15.0.txz
+-rw-r--r-- 1 root root 163 2023-02-14 21:54 ./extra/php80/php80-8.0.28-x86_64-1_slack15.0.txz.asc
+drwxr-xr-x 2 root root 4096 2023-02-15 03:10 ./extra/php81
+-rw-r--r-- 1 root root 369 2023-02-14 21:51 ./extra/php81/php81-8.1.16-x86_64-1_slack15.0.txt
+-rw-r--r-- 1 root root 6295764 2023-02-14 21:51 ./extra/php81/php81-8.1.16-x86_64-1_slack15.0.txz
+-rw-r--r-- 1 root root 163 2023-02-14 21:51 ./extra/php81/php81-8.1.16-x86_64-1_slack15.0.txz.asc
drwxr-xr-x 2 root root 4096 2022-09-06 20:26 ./extra/rust-for-mozilla
-rw-r--r-- 1 root root 700 2022-01-27 20:31 ./extra/rust-for-mozilla/README
-rw-r--r-- 1 root root 426 2022-09-03 04:36 ./extra/rust-for-mozilla/rust-1.60.0-x86_64-1_slack15.0.txt
@@ -566,23 +566,23 @@ drwxr-xr-x 2 root root 4096 2012-07-30 18:44 ./extra/source/java/profile.d
-rwxr-xr-x 1 root root 80 2019-07-30 16:57 ./extra/source/java/profile.d/jre.sh
-rw-r--r-- 1 root root 817 2018-02-27 06:13 ./extra/source/java/slack-desc.jdk
-rw-r--r-- 1 root root 861 2018-02-27 06:13 ./extra/source/java/slack-desc.jre
-drwxr-xr-x 2 root root 4096 2023-01-06 19:57 ./extra/source/php80
+drwxr-xr-x 2 root root 4096 2023-02-14 21:50 ./extra/source/php80
-rw-r--r-- 1 root root 432 2020-12-21 16:28 ./extra/source/php80/doinst.sh.gz
--rwxr-xr-x 1 root root 120 2023-01-06 19:40 ./extra/source/php80/fetch-php.sh
+-rwxr-xr-x 1 root root 120 2023-02-14 20:52 ./extra/source/php80/fetch-php.sh
-rw-r--r-- 1 root root 1020 2021-02-19 20:43 ./extra/source/php80/mod_php.conf.example
--rw-r--r-- 1 root root 10802096 2023-01-03 19:30 ./extra/source/php80/php-8.0.27.tar.xz
--rw-r--r-- 1 root root 866 2023-01-03 19:30 ./extra/source/php80/php-8.0.27.tar.xz.asc
+-rw-r--r-- 1 root root 10801568 2023-02-14 14:30 ./extra/source/php80/php-8.0.28.tar.xz
+-rw-r--r-- 1 root root 866 2023-02-14 14:30 ./extra/source/php80/php-8.0.28.tar.xz.asc
-rw-r--r-- 1 root root 387 2017-11-28 02:08 ./extra/source/php80/php-fpm.conf.diff.gz
-rw-r--r-- 1 root root 605 2020-03-17 21:22 ./extra/source/php80/php.imap.api.diff.gz
-rw-r--r-- 1 root root 805 2020-05-12 19:14 ./extra/source/php80/php.ini-development.diff.gz
-rwxr-xr-x 1 root root 10642 2022-02-18 04:51 ./extra/source/php80/php80.SlackBuild
-rw-r--r-- 1 root root 822 2021-12-03 05:20 ./extra/source/php80/slack-desc
-drwxr-xr-x 2 root root 4096 2023-01-06 19:58 ./extra/source/php81
+drwxr-xr-x 2 root root 4096 2023-02-14 21:48 ./extra/source/php81
-rw-r--r-- 1 root root 432 2020-12-21 16:28 ./extra/source/php81/doinst.sh.gz
--rwxr-xr-x 1 root root 120 2023-01-06 19:46 ./extra/source/php81/fetch-php.sh
+-rwxr-xr-x 1 root root 120 2023-02-14 21:01 ./extra/source/php81/fetch-php.sh
-rw-r--r-- 1 root root 1020 2021-02-19 20:43 ./extra/source/php81/mod_php.conf.example
--rw-r--r-- 1 root root 11752004 2023-01-04 18:20 ./extra/source/php81/php-8.1.14.tar.xz
--rw-r--r-- 1 root root 833 2023-01-04 18:20 ./extra/source/php81/php-8.1.14.tar.xz.asc
+-rw-r--r-- 1 root root 12198108 2023-02-14 17:50 ./extra/source/php81/php-8.1.16.tar.xz
+-rw-r--r-- 1 root root 833 2023-02-14 17:50 ./extra/source/php81/php-8.1.16.tar.xz.asc
-rw-r--r-- 1 root root 387 2017-11-28 02:08 ./extra/source/php81/php-fpm.conf.diff.gz
-rw-r--r-- 1 root root 605 2020-03-17 21:22 ./extra/source/php81/php.imap.api.diff.gz
-rw-r--r-- 1 root root 806 2021-11-29 19:09 ./extra/source/php81/php.ini-development.diff.gz
@@ -738,13 +738,13 @@ drwxr-xr-x 2 root root 4096 2008-05-07 05:21 ./pasture/source/php/pear
-rwxr-xr-x 1 root root 9448 2018-05-16 22:38 ./pasture/source/php/php.SlackBuild
-rw-r--r-- 1 root root 775 2017-07-07 19:25 ./pasture/source/php/php.ini-development.diff.gz
-rw-r--r-- 1 root root 830 2005-12-09 05:18 ./pasture/source/php/slack-desc
-drwxr-xr-x 4 root root 4096 2023-02-10 20:11 ./patches
--rw-r--r-- 1 root root 66024 2023-02-10 20:11 ./patches/CHECKSUMS.md5
--rw-r--r-- 1 root root 163 2023-02-10 20:11 ./patches/CHECKSUMS.md5.asc
--rw-r--r-- 1 root root 89566 2023-02-10 20:11 ./patches/FILE_LIST
--rw-r--r-- 1 root root 11987491 2023-02-10 20:11 ./patches/MANIFEST.bz2
--rw-r--r-- 1 root root 47509 2023-02-10 20:11 ./patches/PACKAGES.TXT
-drwxr-xr-x 3 root root 20480 2023-02-10 20:11 ./patches/packages
+drwxr-xr-x 4 root root 4096 2023-02-15 03:10 ./patches
+-rw-r--r-- 1 root root 66680 2023-02-15 03:10 ./patches/CHECKSUMS.md5
+-rw-r--r-- 1 root root 163 2023-02-15 03:10 ./patches/CHECKSUMS.md5.asc
+-rw-r--r-- 1 root root 90442 2023-02-15 03:10 ./patches/FILE_LIST
+-rw-r--r-- 1 root root 11960187 2023-02-15 03:10 ./patches/MANIFEST.bz2
+-rw-r--r-- 1 root root 47976 2023-02-15 03:10 ./patches/PACKAGES.TXT
+drwxr-xr-x 3 root root 20480 2023-02-15 03:10 ./patches/packages
-rw-r--r-- 1 root root 327 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txt
-rw-r--r-- 1 root root 10716 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz
-rw-r--r-- 1 root root 163 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz.asc
@@ -817,6 +817,9 @@ drwxr-xr-x 3 root root 20480 2023-02-10 20:11 ./patches/packages
-rw-r--r-- 1 root root 513 2022-08-23 03:07 ./patches/packages/hunspell-1.7.1-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 312136 2022-08-23 03:07 ./patches/packages/hunspell-1.7.1-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 163 2022-08-23 03:07 ./patches/packages/hunspell-1.7.1-x86_64-1_slack15.0.txz.asc
+-rw-r--r-- 1 root root 316 2023-02-15 00:30 ./patches/packages/hwdata-0.367-noarch-1_slack15.0.txt
+-rw-r--r-- 1 root root 1533228 2023-02-15 00:30 ./patches/packages/hwdata-0.367-noarch-1_slack15.0.txz
+-rw-r--r-- 1 root root 163 2023-02-15 00:30 ./patches/packages/hwdata-0.367-noarch-1_slack15.0.txz.asc
-rw-r--r-- 1 root root 422 2022-11-27 20:50 ./patches/packages/kernel-firmware-20221123_cdf9499-noarch-1.txt
-rw-r--r-- 1 root root 266168620 2022-11-27 20:50 ./patches/packages/kernel-firmware-20221123_cdf9499-noarch-1.txz
-rw-r--r-- 1 root root 163 2022-11-27 20:50 ./patches/packages/kernel-firmware-20221123_cdf9499-noarch-1.txz.asc
@@ -863,9 +866,9 @@ drwxr-xr-x 2 root root 4096 2022-11-29 21:00 ./patches/packages/linux-5.15
-rw-r--r-- 1 root root 369 2022-11-08 20:39 ./patches/packages/mariadb-10.5.18-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 29412112 2022-11-08 20:39 ./patches/packages/mariadb-10.5.18-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 163 2022-11-08 20:39 ./patches/packages/mariadb-10.5.18-x86_64-1_slack15.0.txz.asc
--rw-r--r-- 1 root root 570 2023-01-17 21:36 ./patches/packages/mozilla-firefox-102.7.0esr-x86_64-1_slack15.0.txt
--rw-r--r-- 1 root root 59257416 2023-01-17 21:36 ./patches/packages/mozilla-firefox-102.7.0esr-x86_64-1_slack15.0.txz
--rw-r--r-- 1 root root 163 2023-01-17 21:36 ./patches/packages/mozilla-firefox-102.7.0esr-x86_64-1_slack15.0.txz.asc
+-rw-r--r-- 1 root root 570 2023-02-14 21:28 ./patches/packages/mozilla-firefox-102.8.0esr-x86_64-1_slack15.0.txt
+-rw-r--r-- 1 root root 59272020 2023-02-14 21:28 ./patches/packages/mozilla-firefox-102.8.0esr-x86_64-1_slack15.0.txz
+-rw-r--r-- 1 root root 163 2023-02-14 21:28 ./patches/packages/mozilla-firefox-102.8.0esr-x86_64-1_slack15.0.txz.asc
-rw-r--r-- 1 root root 564 2023-01-06 19:37 ./patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 1838968 2023-01-06 19:37 ./patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 163 2023-01-06 19:37 ./patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txz.asc
@@ -890,9 +893,9 @@ drwxr-xr-x 2 root root 4096 2022-11-29 21:00 ./patches/packages/linux-5.15
-rw-r--r-- 1 root root 544 2022-07-25 18:03 ./patches/packages/perl-5.34.0-x86_64-2_slack15.0.txt
-rw-r--r-- 1 root root 17057236 2022-07-25 18:03 ./patches/packages/perl-5.34.0-x86_64-2_slack15.0.txz
-rw-r--r-- 1 root root 163 2022-07-25 18:03 ./patches/packages/perl-5.34.0-x86_64-2_slack15.0.txz.asc
--rw-r--r-- 1 root root 345 2023-01-06 20:06 ./patches/packages/php-7.4.33-x86_64-2_slack15.0.txt
--rw-r--r-- 1 root root 5824740 2023-01-06 20:06 ./patches/packages/php-7.4.33-x86_64-2_slack15.0.txz
--rw-r--r-- 1 root root 163 2023-01-06 20:06 ./patches/packages/php-7.4.33-x86_64-2_slack15.0.txz.asc
+-rw-r--r-- 1 root root 345 2023-02-14 21:56 ./patches/packages/php-7.4.33-x86_64-3_slack15.0.txt
+-rw-r--r-- 1 root root 5830420 2023-02-14 21:56 ./patches/packages/php-7.4.33-x86_64-3_slack15.0.txz
+-rw-r--r-- 1 root root 163 2023-02-14 21:56 ./patches/packages/php-7.4.33-x86_64-3_slack15.0.txz.asc
-rw-r--r-- 1 root root 457 2022-06-04 18:23 ./patches/packages/pidgin-2.14.10-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 5828060 2022-06-04 18:23 ./patches/packages/pidgin-2.14.10-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 163 2022-06-04 18:23 ./patches/packages/pidgin-2.14.10-x86_64-1_slack15.0.txz.asc
@@ -971,7 +974,7 @@ drwxr-xr-x 2 root root 4096 2022-11-29 21:00 ./patches/packages/linux-5.15
-rw-r--r-- 1 root root 388 2022-10-15 04:05 ./patches/packages/zlib-1.2.13-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 105356 2022-10-15 04:05 ./patches/packages/zlib-1.2.13-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 163 2022-10-15 04:05 ./patches/packages/zlib-1.2.13-x86_64-1_slack15.0.txz.asc
-drwxr-xr-x 67 root root 4096 2023-02-10 19:57 ./patches/source
+drwxr-xr-x 68 root root 4096 2023-02-15 00:42 ./patches/source
drwxr-xr-x 2 root root 4096 2022-01-16 05:07 ./patches/source/aaa_base
-rw-r--r-- 1 root root 11041 2022-02-15 04:49 ./patches/source/aaa_base/_aaa_base.tar.gz
-rwxr-xr-x 1 root root 3894 2022-02-15 05:07 ./patches/source/aaa_base/aaa_base.SlackBuild
@@ -1166,6 +1169,10 @@ drwxr-xr-x 2 root root 4096 2022-08-23 03:03 ./patches/source/hunspell
-rwxr-xr-x 1 root root 4301 2022-08-23 03:06 ./patches/source/hunspell/hunspell.SlackBuild
-rw-r--r-- 1 root root 37 2022-08-23 03:02 ./patches/source/hunspell/hunspell.url
-rw-r--r-- 1 root root 965 2021-06-29 18:41 ./patches/source/hunspell/slack-desc
+drwxr-xr-x 2 root root 4096 2023-02-03 17:43 ./patches/source/hwdata
+-rw-r--r-- 1 root root 1509899 2023-02-02 08:57 ./patches/source/hwdata/hwdata-0.367.tar.lz
+-rwxr-xr-x 1 root root 4023 2023-02-14 23:48 ./patches/source/hwdata/hwdata.SlackBuild
+-rw-r--r-- 1 root root 802 2018-02-27 06:13 ./patches/source/hwdata/slack-desc
drwxr-xr-x 3 root root 4096 2022-11-16 19:45 ./patches/source/krb5
-rw-r--r-- 1 root root 1558 2022-11-16 19:44 ./patches/source/krb5/5ad465bc8e0d957a4945218bea487b77622bf433.patch
drwxr-xr-x 2 root root 4096 2020-01-21 18:39 ./patches/source/krb5/conf
@@ -1303,7 +1310,7 @@ drwxr-xr-x 2 root root 4096 2022-11-08 20:23 ./patches/source/mariadb
-rw-r--r-- 1 root root 34 2015-05-07 18:51 ./patches/source/mariadb/mirror.url
-rw-r--r-- 1 root root 1208 2021-04-23 17:54 ./patches/source/mariadb/rc.mysqld.gz
-rw-r--r-- 1 root root 824 2018-02-27 06:12 ./patches/source/mariadb/slack-desc
-drwxr-xr-x 3 root root 4096 2023-01-17 20:35 ./patches/source/mozilla-firefox
+drwxr-xr-x 3 root root 4096 2023-02-14 20:33 ./patches/source/mozilla-firefox
-rw-r--r-- 1 root root 693 2021-03-22 17:58 ./patches/source/mozilla-firefox/0027-LTO-Only-enable-LTO-for-Rust-when-complete-build-use.patch.gz
drwxr-xr-x 5 root root 4096 2021-08-13 18:36 ./patches/source/mozilla-firefox/build-deps
-rwxr-xr-x 1 root root 1919 2019-07-09 19:35 ./patches/source/mozilla-firefox/build-deps.sh
@@ -1315,14 +1322,14 @@ drwxr-xr-x 2 root root 4096 2022-06-13 00:06 ./patches/source/mozilla-fire
-rw-r--r-- 1 root root 150253 2022-04-21 16:48 ./patches/source/mozilla-firefox/build-deps/cbindgen/cbindgen-0.23.0.tar.lz
-rwxr-xr-x 1 root root 2032 2022-06-14 16:39 ./patches/source/mozilla-firefox/build-deps/cbindgen/cbindgen.build
-rw-r--r-- 1 root root 35 2021-06-25 03:11 ./patches/source/mozilla-firefox/build-deps/cbindgen/cbindgen.url
-drwxr-xr-x 2 root root 4096 2023-01-06 19:24 ./patches/source/mozilla-firefox/build-deps/nodejs
--rw-r--r-- 1 root root 40703740 2023-01-05 21:29 ./patches/source/mozilla-firefox/build-deps/nodejs/node-v19.4.0.tar.xz
+drwxr-xr-x 2 root root 4096 2023-02-02 18:27 ./patches/source/mozilla-firefox/build-deps/nodejs
+-rw-r--r-- 1 root root 40581092 2023-02-01 18:48 ./patches/source/mozilla-firefox/build-deps/nodejs/node-v19.6.0.tar.xz
-rwxr-xr-x 1 root root 3003 2022-08-10 17:53 ./patches/source/mozilla-firefox/build-deps/nodejs/nodejs.build
-rw-r--r-- 1 root root 86 2019-07-08 21:02 ./patches/source/mozilla-firefox/build-deps/nodejs/nodejs.url
-rwxr-xr-x 1 root root 840 2018-03-13 12:55 ./patches/source/mozilla-firefox/fetch-and-repack.sh
-rw-r--r-- 1 root root 330 2019-07-08 18:41 ./patches/source/mozilla-firefox/ff.ui.scrollToClick.diff.gz
--rw-r--r-- 1 root root 479538092 2023-01-16 09:54 ./patches/source/mozilla-firefox/firefox-102.7.0esr.source.tar.xz
--rw-r--r-- 1 root root 833 2023-01-16 09:54 ./patches/source/mozilla-firefox/firefox-102.7.0esr.source.tar.xz.asc
+-rw-r--r-- 1 root root 479172816 2023-02-14 13:05 ./patches/source/mozilla-firefox/firefox-102.8.0esr.source.tar.xz
+-rw-r--r-- 1 root root 833 2023-02-14 13:04 ./patches/source/mozilla-firefox/firefox-102.8.0esr.source.tar.xz.asc
-rw-r--r-- 1 root root 327 2008-06-17 17:19 ./patches/source/mozilla-firefox/firefox.moz_plugin_path.diff.gz
-rw-r--r-- 1 root root 518 2021-03-15 17:43 ./patches/source/mozilla-firefox/gkrust.a.no.networking.check.diff.gz
-rw-r--r-- 1 root root 462 2009-07-01 06:05 ./patches/source/mozilla-firefox/mimeTypes.rdf.gz
@@ -1435,15 +1442,18 @@ drwxr-xr-x 2 root root 4096 2022-07-25 17:58 ./patches/source/perl
-rwxr-xr-x 1 root root 18123 2022-07-25 17:58 ./patches/source/perl/perl.SlackBuild
-rw-r--r-- 1 root root 606 2008-09-21 00:04 ./patches/source/perl/perl.configure.multilib.patch.gz
-rw-r--r-- 1 root root 996 2021-05-21 04:51 ./patches/source/perl/slack-desc
-drwxr-xr-x 2 root root 4096 2023-01-06 19:52 ./patches/source/php
+drwxr-xr-x 2 root root 4096 2023-02-14 21:46 ./patches/source/php
-rw-r--r-- 1 root root 961 2023-01-06 19:52 ./patches/source/php/CVE-2022-31631.patch.gz
+-rw-r--r-- 1 root root 1532 2023-02-14 21:25 ./patches/source/php/CVE-2023-0567.patch.gz
+-rw-r--r-- 1 root root 1153 2023-02-14 21:28 ./patches/source/php/CVE-2023-0568.patch.gz
+-rw-r--r-- 1 root root 3661 2023-02-14 21:42 ./patches/source/php/CVE-2023-0662.patch.gz
-rw-r--r-- 1 root root 432 2020-12-21 16:28 ./patches/source/php/doinst.sh.gz
-rwxr-xr-x 1 root root 120 2022-11-10 19:17 ./patches/source/php/fetch-php.sh
-rw-r--r-- 1 root root 1022 2017-11-28 18:32 ./patches/source/php/mod_php.conf.example
-rw-r--r-- 1 root root 10420144 2022-10-31 15:10 ./patches/source/php/php-7.4.33.tar.xz
-rw-r--r-- 1 root root 833 2022-10-31 15:10 ./patches/source/php/php-7.4.33.tar.xz.asc
-rw-r--r-- 1 root root 387 2017-11-28 02:08 ./patches/source/php/php-fpm.conf.diff.gz
--rwxr-xr-x 1 root root 10878 2023-01-06 19:56 ./patches/source/php/php.SlackBuild
+-rwxr-xr-x 1 root root 11073 2023-02-14 21:51 ./patches/source/php/php.SlackBuild
-rw-r--r-- 1 root root 855 2021-06-29 20:14 ./patches/source/php/php.enchant-2.patch.gz
-rw-r--r-- 1 root root 605 2020-03-17 21:22 ./patches/source/php/php.imap.api.diff.gz
-rw-r--r-- 1 root root 805 2020-05-12 19:14 ./patches/source/php/php.ini-development.diff.gz
@@ -2737,16 +2747,16 @@ drwxr-xr-x 2 root root 69632 2022-02-01 08:29 ./slackware64/kde
-rw-r--r-- 1 root root 239580 2022-01-06 21:51 ./slackware64/kde/grantlee-editor-21.12.1-x86_64-1.txz
-rw-r--r-- 1 root root 163 2022-01-06 21:51 ./slackware64/kde/grantlee-editor-21.12.1-x86_64-1.txz.asc
-rw-r--r-- 1 root root 263 2022-01-06 21:38 ./slackware64/kde/grantleetheme-21.12.1-x86_64-1.txt
--rw-r--r-- 1 root root 65892 2022-01-06 21:38 ./slackware64/kde/grantleetheme-21.12.1-x86_64-1.txz
--rw-r--r-- 1 root root 163 2022-01-06 21:38 ./slackware64/kde/grantleetheme-21.12.1-x86_64-1.txz.asc
--rw-r--r-- 1 root root 292 2022-01-06 21:57 ./slackware64/kde/gwenview-21.12.1-x86_64-1.txt
--rw-r--r-- 1 root root 6935592 2022-01-06 21:57 ./slackware64/kde/gwenview-21.12.1-x86_64-1.txz
--rw-r--r-- 1 root root 163 2022-01-06 21:57 ./slackware64/kde/gwenview-21.12.1-x86_64-1.txz.asc
--rw-r--r-- 1 root root 271 2022-01-06 21:43 ./slackware64/kde/incidenceeditor-21.12.1-x86_64-1.txt
--rw-r--r-- 1 root root 540448 2022-01-06 21:43 ./slackware64/kde/incidenceeditor-21.12.1-x86_64-1.txz
--rw-r--r-- 1 root root 163 2022-01-06 21:43 ./slackware64/kde/incidenceeditor-21.12.1-x86_64-1.txz.asc
--rwxr-xr-x 1 root root 2897 2009-06-24 22:06 ./slackware64/kde/install-packages
--rw-r--r-- 1 root root 446 2006-09-18 10:41 ./slackware64/kde/install.end
+-rw-r--r-- 1 root root 65892 2022-01-06 21:38 ./slackware64/kde/grantleetheme-21.12.1-x86_64-1.txz
+-rw-r--r-- 1 root root 163 2022-01-06 21:38 ./slackware64/kde/grantleetheme-21.12.1-x86_64-1.txz.asc
+-rw-r--r-- 1 root root 292 2022-01-06 21:57 ./slackware64/kde/gwenview-21.12.1-x86_64-1.txt
+-rw-r--r-- 1 root root 6935592 2022-01-06 21:57 ./slackware64/kde/gwenview-21.12.1-x86_64-1.txz
+-rw-r--r-- 1 root root 163 2022-01-06 21:57 ./slackware64/kde/gwenview-21.12.1-x86_64-1.txz.asc
+-rw-r--r-- 1 root root 271 2022-01-06 21:43 ./slackware64/kde/incidenceeditor-21.12.1-x86_64-1.txt
+-rw-r--r-- 1 root root 540448 2022-01-06 21:43 ./slackware64/kde/incidenceeditor-21.12.1-x86_64-1.txz
+-rw-r--r-- 1 root root 163 2022-01-06 21:43 ./slackware64/kde/incidenceeditor-21.12.1-x86_64-1.txz.asc
+-rwxr-xr-x 1 root root 2897 2009-06-24 22:06 ./slackware64/kde/install-packages
+-rw-r--r-- 1 root root 446 2006-09-18 10:41 ./slackware64/kde/install.end
-rw-r--r-- 1 root root 308 2022-01-06 22:57 ./slackware64/kde/itinerary-21.12.1-x86_64-1.txt
-rw-r--r-- 1 root root 591088 2022-01-06 22:57 ./slackware64/kde/itinerary-21.12.1-x86_64-1.txz
-rw-r--r-- 1 root root 163 2022-01-06 22:57 ./slackware64/kde/itinerary-21.12.1-x86_64-1.txz.asc
@@ -5470,15 +5480,15 @@ drwxr-xr-x 2 root root 65536 2022-02-01 04:47 ./slackware64/x
-rw-r--r-- 1 root root 169444 2021-02-13 13:19 ./slackware64/x/font-bitstream-100dpi-1.0.3-noarch-5.txz
-rw-r--r-- 1 root root 163 2021-02-13 13:19 ./slackware64/x/font-bitstream-100dpi-1.0.3-noarch-5.txz.asc
-rw-r--r-- 1 root root 475 2021-02-13 13:19 ./slackware64/x/font-bitstream-75dpi-1.0.3-noarch-5.txt
--rw-r--r-- 1 root root 149232 2021-02-13 13:19 ./slackware64/x/font-bitstream-75dpi-1.0.3-noarch-5.txz
--rw-r--r-- 1 root root 163 2021-02-13 13:19 ./slackware64/x/font-bitstream-75dpi-1.0.3-noarch-5.txz.asc
--rw-r--r-- 1 root root 490 2021-02-13 13:19 ./slackware64/x/font-bitstream-speedo-1.0.2-noarch-5.txt
--rw-r--r-- 1 root root 245268 2021-02-13 13:19 ./slackware64/x/font-bitstream-speedo-1.0.2-noarch-5.txz
--rw-r--r-- 1 root root 163 2021-02-13 13:19 ./slackware64/x/font-bitstream-speedo-1.0.2-noarch-5.txz.asc
--rw-r--r-- 1 root root 477 2021-02-13 13:19 ./slackware64/x/font-bitstream-type1-1.0.3-noarch-5.txt
--rw-r--r-- 1 root root 307924 2021-02-13 13:19 ./slackware64/x/font-bitstream-type1-1.0.3-noarch-5.txz
--rw-r--r-- 1 root root 163 2021-02-13 13:19 ./slackware64/x/font-bitstream-type1-1.0.3-noarch-5.txz.asc
--rw-r--r-- 1 root root 475 2021-02-13 13:19 ./slackware64/x/font-cronyx-cyrillic-1.0.3-noarch-5.txt
+-rw-r--r-- 1 root root 149232 2021-02-13 13:19 ./slackware64/x/font-bitstream-75dpi-1.0.3-noarch-5.txz
+-rw-r--r-- 1 root root 163 2021-02-13 13:19 ./slackware64/x/font-bitstream-75dpi-1.0.3-noarch-5.txz.asc
+-rw-r--r-- 1 root root 490 2021-02-13 13:19 ./slackware64/x/font-bitstream-speedo-1.0.2-noarch-5.txt
+-rw-r--r-- 1 root root 245268 2021-02-13 13:19 ./slackware64/x/font-bitstream-speedo-1.0.2-noarch-5.txz
+-rw-r--r-- 1 root root 163 2021-02-13 13:19 ./slackware64/x/font-bitstream-speedo-1.0.2-noarch-5.txz.asc
+-rw-r--r-- 1 root root 477 2021-02-13 13:19 ./slackware64/x/font-bitstream-type1-1.0.3-noarch-5.txt
+-rw-r--r-- 1 root root 307924 2021-02-13 13:19 ./slackware64/x/font-bitstream-type1-1.0.3-noarch-5.txz
+-rw-r--r-- 1 root root 163 2021-02-13 13:19 ./slackware64/x/font-bitstream-type1-1.0.3-noarch-5.txz.asc
+-rw-r--r-- 1 root root 475 2021-02-13 13:19 ./slackware64/x/font-cronyx-cyrillic-1.0.3-noarch-5.txt
-rw-r--r-- 1 root root 310496 2021-02-13 13:19 ./slackware64/x/font-cronyx-cyrillic-1.0.3-noarch-5.txz
-rw-r--r-- 1 root root 163 2021-02-13 13:19 ./slackware64/x/font-cronyx-cyrillic-1.0.3-noarch-5.txz.asc
-rw-r--r-- 1 root root 423 2021-02-13 13:19 ./slackware64/x/font-cursor-misc-1.0.3-noarch-5.txt
@@ -8634,24 +8644,24 @@ drwxr-xr-x 2 root root 4096 2022-01-16 02:41 ./source/d/python3
-rw-r--r-- 1 root root 1150 2018-02-27 06:13 ./source/d/python3/slack-desc
drwxr-xr-x 2 root root 4096 2021-02-13 05:31 ./source/d/rcs
-rw-r--r-- 1 root root 890872 2020-10-20 04:27 ./source/d/rcs/rcs-5.10.0.tar.xz
--rw-r--r-- 1 root root 95 2020-10-20 04:27 ./source/d/rcs/rcs-5.10.0.tar.xz.sig
--rwxr-xr-x 1 root root 4825 2021-02-13 05:31 ./source/d/rcs/rcs.SlackBuild
--rw-r--r-- 1 root root 772 2018-02-27 06:13 ./source/d/rcs/slack-desc
-drwxr-xr-x 2 root root 4096 2021-08-03 05:36 ./source/d/re2c
--rw-r--r-- 1 root root 1273199 2021-08-01 09:25 ./source/d/re2c/re2c-2.2.tar.lz
--rwxr-xr-x 1 root root 4242 2021-03-27 18:18 ./source/d/re2c/re2c.SlackBuild
--rw-r--r-- 1 root root 33 2019-08-03 18:41 ./source/d/re2c/re2c.url
--rw-r--r-- 1 root root 989 2018-02-27 06:13 ./source/d/re2c/slack-desc
-drwxr-xr-x 2 root root 4096 2021-09-06 18:01 ./source/d/rinutils
--rw-r--r-- 1 root root 17268 2021-09-06 06:30 ./source/d/rinutils/rinutils-0.10.0.tar.xz
--rwxr-xr-x 1 root root 3809 2021-09-06 18:01 ./source/d/rinutils/rinutils.SlackBuild
--rw-r--r-- 1 root root 36 2020-11-12 19:40 ./source/d/rinutils/rinutils.url
--rw-r--r-- 1 root root 944 2020-11-12 20:33 ./source/d/rinutils/slack-desc
-drwxr-xr-x 2 root root 4096 2021-11-24 18:43 ./source/d/ruby
--rw-r--r-- 1 root root 14656102 2021-11-24 12:32 ./source/d/ruby/ruby-3.0.3.tar.lz
--rwxr-xr-x 1 root root 4807 2021-04-05 18:26 ./source/d/ruby/ruby.SlackBuild
--rw-r--r-- 1 root root 837 2019-03-13 16:43 ./source/d/ruby/slack-desc
-drwxr-xr-x 2 root root 4096 2022-01-21 03:50 ./source/d/rust
+-rw-r--r-- 1 root root 95 2020-10-20 04:27 ./source/d/rcs/rcs-5.10.0.tar.xz.sig
+-rwxr-xr-x 1 root root 4825 2021-02-13 05:31 ./source/d/rcs/rcs.SlackBuild
+-rw-r--r-- 1 root root 772 2018-02-27 06:13 ./source/d/rcs/slack-desc
+drwxr-xr-x 2 root root 4096 2021-08-03 05:36 ./source/d/re2c
+-rw-r--r-- 1 root root 1273199 2021-08-01 09:25 ./source/d/re2c/re2c-2.2.tar.lz
+-rwxr-xr-x 1 root root 4242 2021-03-27 18:18 ./source/d/re2c/re2c.SlackBuild
+-rw-r--r-- 1 root root 33 2019-08-03 18:41 ./source/d/re2c/re2c.url
+-rw-r--r-- 1 root root 989 2018-02-27 06:13 ./source/d/re2c/slack-desc
+drwxr-xr-x 2 root root 4096 2021-09-06 18:01 ./source/d/rinutils
+-rw-r--r-- 1 root root 17268 2021-09-06 06:30 ./source/d/rinutils/rinutils-0.10.0.tar.xz
+-rwxr-xr-x 1 root root 3809 2021-09-06 18:01 ./source/d/rinutils/rinutils.SlackBuild
+-rw-r--r-- 1 root root 36 2020-11-12 19:40 ./source/d/rinutils/rinutils.url
+-rw-r--r-- 1 root root 944 2020-11-12 20:33 ./source/d/rinutils/slack-desc
+drwxr-xr-x 2 root root 4096 2021-11-24 18:43 ./source/d/ruby
+-rw-r--r-- 1 root root 14656102 2021-11-24 12:32 ./source/d/ruby/ruby-3.0.3.tar.lz
+-rwxr-xr-x 1 root root 4807 2021-04-05 18:26 ./source/d/ruby/ruby.SlackBuild
+-rw-r--r-- 1 root root 837 2019-03-13 16:43 ./source/d/ruby/slack-desc
+drwxr-xr-x 2 root root 4096 2022-01-21 03:50 ./source/d/rust
-rw-r--r-- 1 root root 261 2020-11-19 19:46 ./source/d/rust/link_libffi.diff.gz
-rwxr-xr-x 1 root root 9873 2022-01-27 22:24 ./source/d/rust/rust.SlackBuild
-rw-r--r-- 1 root root 1670 2022-01-21 02:45 ./source/d/rust/rust.url
@@ -15063,20 +15073,20 @@ drwxr-xr-x 2 root root 12288 2020-05-18 17:50 ./source/x/x11/slack-desc
-rw-r--r-- 1 root root 808 2013-09-07 20:11 ./source/x/x11/slack-desc/xcb-util-cursor
-rw-r--r-- 1 root root 1011 2015-04-27 03:32 ./source/x/x11/slack-desc/xcb-util-errors
-rw-r--r-- 1 root root 778 2012-04-08 01:14 ./source/x/x11/slack-desc/xcb-util-image
--rw-r--r-- 1 root root 827 2012-04-08 01:18 ./source/x/x11/slack-desc/xcb-util-keysyms
--rw-r--r-- 1 root root 871 2012-04-08 03:49 ./source/x/x11/slack-desc/xcb-util-renderutil
--rw-r--r-- 1 root root 774 2012-04-08 03:51 ./source/x/x11/slack-desc/xcb-util-wm
--rw-r--r-- 1 root root 888 2018-02-26 22:58 ./source/x/x11/slack-desc/xclipboard
--rw-r--r-- 1 root root 747 2018-02-26 22:59 ./source/x/x11/slack-desc/xclock
--rw-r--r-- 1 root root 838 2012-04-08 03:52 ./source/x/x11/slack-desc/xcmiscproto
--rw-r--r-- 1 root root 824 2012-04-08 03:54 ./source/x/x11/slack-desc/xcmsdb
--rw-r--r-- 1 root root 760 2018-02-26 22:59 ./source/x/x11/slack-desc/xcompmgr
--rw-r--r-- 1 root root 679 2018-02-26 22:59 ./source/x/x11/slack-desc/xconsole
--rw-r--r-- 1 root root 844 2012-04-08 03:54 ./source/x/x11/slack-desc/xcursor-themes
--rw-r--r-- 1 root root 834 2012-04-08 03:54 ./source/x/x11/slack-desc/xcursorgen
--rw-r--r-- 1 root root 714 2012-04-08 03:55 ./source/x/x11/slack-desc/xdbedizzy
--rw-r--r-- 1 root root 797 2012-04-08 03:55 ./source/x/x11/slack-desc/xditview
--rw-r--r-- 1 root root 707 2012-04-08 03:55 ./source/x/x11/slack-desc/xdm
+-rw-r--r-- 1 root root 827 2012-04-08 01:18 ./source/x/x11/slack-desc/xcb-util-keysyms
+-rw-r--r-- 1 root root 871 2012-04-08 03:49 ./source/x/x11/slack-desc/xcb-util-renderutil
+-rw-r--r-- 1 root root 774 2012-04-08 03:51 ./source/x/x11/slack-desc/xcb-util-wm
+-rw-r--r-- 1 root root 888 2018-02-26 22:58 ./source/x/x11/slack-desc/xclipboard
+-rw-r--r-- 1 root root 747 2018-02-26 22:59 ./source/x/x11/slack-desc/xclock
+-rw-r--r-- 1 root root 838 2012-04-08 03:52 ./source/x/x11/slack-desc/xcmiscproto
+-rw-r--r-- 1 root root 824 2012-04-08 03:54 ./source/x/x11/slack-desc/xcmsdb
+-rw-r--r-- 1 root root 760 2018-02-26 22:59 ./source/x/x11/slack-desc/xcompmgr
+-rw-r--r-- 1 root root 679 2018-02-26 22:59 ./source/x/x11/slack-desc/xconsole
+-rw-r--r-- 1 root root 844 2012-04-08 03:54 ./source/x/x11/slack-desc/xcursor-themes
+-rw-r--r-- 1 root root 834 2012-04-08 03:54 ./source/x/x11/slack-desc/xcursorgen
+-rw-r--r-- 1 root root 714 2012-04-08 03:55 ./source/x/x11/slack-desc/xdbedizzy
+-rw-r--r-- 1 root root 797 2012-04-08 03:55 ./source/x/x11/slack-desc/xditview
+-rw-r--r-- 1 root root 707 2012-04-08 03:55 ./source/x/x11/slack-desc/xdm
-rw-r--r-- 1 root root 810 2012-04-08 03:56 ./source/x/x11/slack-desc/xdpyinfo
-rw-r--r-- 1 root root 808 2012-04-08 03:56 ./source/x/x11/slack-desc/xdriinfo
-rw-r--r-- 1 root root 740 2012-04-08 03:57 ./source/x/x11/slack-desc/xedit
diff --git a/patches/packages/hwdata-0.367-noarch-1_slack15.0.txt b/patches/packages/hwdata-0.367-noarch-1_slack15.0.txt
new file mode 100644
index 000000000..7a9b212b6
--- /dev/null
+++ b/patches/packages/hwdata-0.367-noarch-1_slack15.0.txt
@@ -0,0 +1,11 @@
+hwdata: hwdata (hardware identification and configuration data)
+hwdata:
+hwdata: hwdata contains various hardware identification and configuration
+hwdata: data, such as the pci.ids database and MonitorsDB databases.
+hwdata:
+hwdata: Homepage: https://github.com/vcrhonek/hwdata
+hwdata:
+hwdata:
+hwdata:
+hwdata:
+hwdata:
diff --git a/patches/packages/mozilla-firefox-102.7.0esr-x86_64-1_slack15.0.txt b/patches/packages/mozilla-firefox-102.8.0esr-x86_64-1_slack15.0.txt
index 9d8594319..9d8594319 100644
--- a/patches/packages/mozilla-firefox-102.7.0esr-x86_64-1_slack15.0.txt
+++ b/patches/packages/mozilla-firefox-102.8.0esr-x86_64-1_slack15.0.txt
diff --git a/patches/packages/php-7.4.33-x86_64-2_slack15.0.txt b/patches/packages/php-7.4.33-x86_64-3_slack15.0.txt
index 88937e9e0..88937e9e0 100644
--- a/patches/packages/php-7.4.33-x86_64-2_slack15.0.txt
+++ b/patches/packages/php-7.4.33-x86_64-3_slack15.0.txt
diff --git a/patches/source/hwdata/hwdata.SlackBuild b/patches/source/hwdata/hwdata.SlackBuild
new file mode 100755
index 000000000..93c2e0150
--- /dev/null
+++ b/patches/source/hwdata/hwdata.SlackBuild
@@ -0,0 +1,122 @@
+#!/bin/bash
+
+# Slackware build script for hwdata
+
+# Copyright 2015, 2017 Robby Workman, Tuscaloosa, Alabama, USA
+# Copyright 2018, 2022 Patrick J. Volkerding, Sebeka, Minnesota, USA
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
+# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=hwdata
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-1_slack15.0}
+
+if [ -z "$ARCH" ]; then
+ case "$( uname -m )" in
+ i?86) ARCH=i586 ;;
+ arm*) ARCH=arm ;;
+ *) ARCH=$( uname -m ) ;;
+ esac
+fi
+
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+ echo "$PKGNAM-$VERSION-noarch-$BUILD.txz"
+ exit 0
+fi
+
+TMP=${TMP:-/tmp}
+PKG=$TMP/package-$PKGNAM
+
+if [ "$ARCH" = "i586" ]; then
+ SLKCFLAGS="-O2 -march=i586 -mtune=i686"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "i686" ]; then
+ SLKCFLAGS="-O2 -march=i686 -mtune=i686"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "x86_64" ]; then
+ SLKCFLAGS="-O2 -fPIC"
+ LIBDIRSUFFIX="64"
+else
+ SLKCFLAGS="-O2"
+ LIBDIRSUFFIX=""
+fi
+
+# Override $ARCH, since there are no binaries included at this time:
+ARCH=noarch
+
+rm -rf $PKG
+mkdir -p $TMP $PKG
+cd $TMP
+rm -rf $PKGNAM-$VERSION
+tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1
+cd $PKGNAM-$VERSION || exit 1
+chown -R root:root .
+find . \
+ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
+ -exec chmod 755 {} \+ -o \
+ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
+ -exec chmod 644 {} \+
+
+# Grab latest copies of pci and usb ids:
+rm -f usb.ids pci.ids
+lftpget https://pci-ids.ucw.cz/v2.2/pci.ids http://www.linux-usb.org/usb.ids
+
+./configure --libdir=/lib || exit 1
+#make download # grab latest copies of everything
+make install DESTDIR=$PKG || exit 1
+
+# Put compat symlinks in place for stuff that doesn't know about pkgconfig
+for file in iab.txt oui.txt pci.ids pnp.ids usb.ids; do
+ if [ -r $PKG/usr/share/hwdata/$file ]; then
+ ln -s hwdata/$file $PKG/usr/share/$file
+ fi
+done
+
+# Move the provided blacklist stuff to the docs.
+# Ideally, we have that info in udev package.
+mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
+cp -a \
+ COPYING* LICENSE README* \
+ $PKG/usr/doc/$PKGNAM-$VERSION
+mv $PKG/lib/modprobe.d/dist-blacklist.conf $PKG/usr/doc/$PKGNAM-$VERSION
+
+# Remove the usused directories /lib/modprobe.d and /lib one at a time
+# so we'll notice if anything new is added there:
+#rm -rf $PKG/lib
+rmdir $PKG/lib/modprobe.d || exit 1
+rmdir $PKG/lib || exit 1
+
+# If there's a ChangeLog, installing at least part of the recent history
+# is useful, but don't let it get totally out of control:
+if [ -r ChangeLog ]; then
+ DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION)
+ cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog
+ touch -r ChangeLog $DOCSDIR/ChangeLog
+fi
+
+mkdir -p $PKG/install
+cat $CWD/slack-desc > $PKG/install/slack-desc
+
+cd $PKG
+/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz
diff --git a/patches/source/hwdata/slack-desc b/patches/source/hwdata/slack-desc
new file mode 100644
index 000000000..d776810fd
--- /dev/null
+++ b/patches/source/hwdata/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description.
+# Line up the first '|' above the ':' following the base package name, and
+# the '|' on the right side marks the last column you can put a character in.
+# You must make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':' except on otherwise blank lines.
+
+ |-----handy-ruler------------------------------------------------------|
+hwdata: hwdata (hardware identification and configuration data)
+hwdata:
+hwdata: hwdata contains various hardware identification and configuration
+hwdata: data, such as the pci.ids database and MonitorsDB databases.
+hwdata:
+hwdata: Homepage: https://github.com/vcrhonek/hwdata
+hwdata:
+hwdata:
+hwdata:
+hwdata:
+hwdata:
diff --git a/patches/source/php/CVE-2023-0567.patch b/patches/source/php/CVE-2023-0567.patch
new file mode 100644
index 000000000..78defd92b
--- /dev/null
+++ b/patches/source/php/CVE-2023-0567.patch
@@ -0,0 +1,142 @@
+From 7882d12ff2d8d8c5a4af821464e0a5ac2cde2002 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Tim=20D=C3=BCsterhus?= <tim@bastelstu.be>
+Date: Mon, 23 Jan 2023 21:15:24 +0100
+Subject: [PATCH] crypt: Fix validation of malformed BCrypt hashes
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+PHP’s implementation of crypt_blowfish differs from the upstream Openwall
+version by adding a “PHP Hack”, which allows one to cut short the BCrypt salt
+by including a `$` character within the characters that represent the salt.
+
+Hashes that are affected by the “PHP Hack” may erroneously validate any
+password as valid when used with `password_verify` and when comparing the
+return value of `crypt()` against the input.
+
+The PHP Hack exists since the first version of PHP’s own crypt_blowfish
+implementation that was added in 1e820eca02dcf322b41fd2fe4ed2a6b8309f8ab5.
+
+No clear reason is given for the PHP Hack’s existence. This commit removes it,
+because BCrypt hashes containing a `$` character in their salt are not valid
+BCrypt hashes.
+---
+ ext/standard/crypt_blowfish.c | 8 --
+ .../tests/crypt/bcrypt_salt_dollar.phpt | 82 +++++++++++++++++++
+ 2 files changed, 82 insertions(+), 8 deletions(-)
+ create mode 100644 ext/standard/tests/crypt/bcrypt_salt_dollar.phpt
+
+diff --git a/ext/standard/crypt_blowfish.c b/ext/standard/crypt_blowfish.c
+index 3806a290aee4..351d40308089 100644
+--- a/ext/standard/crypt_blowfish.c
++++ b/ext/standard/crypt_blowfish.c
+@@ -371,7 +371,6 @@ static const unsigned char BF_atoi64[0x60] = {
+ #define BF_safe_atoi64(dst, src) \
+ { \
+ tmp = (unsigned char)(src); \
+- if (tmp == '$') break; /* PHP hack */ \
+ if ((unsigned int)(tmp -= 0x20) >= 0x60) return -1; \
+ tmp = BF_atoi64[tmp]; \
+ if (tmp > 63) return -1; \
+@@ -399,13 +398,6 @@ static int BF_decode(BF_word *dst, const char *src, int size)
+ *dptr++ = ((c3 & 0x03) << 6) | c4;
+ } while (dptr < end);
+
+- if (end - dptr == size) {
+- return -1;
+- }
+-
+- while (dptr < end) /* PHP hack */
+- *dptr++ = 0;
+-
+ return 0;
+ }
+
+diff --git a/ext/standard/tests/crypt/bcrypt_salt_dollar.phpt b/ext/standard/tests/crypt/bcrypt_salt_dollar.phpt
+new file mode 100644
+index 000000000000..32e335f4b087
+--- /dev/null
++++ b/ext/standard/tests/crypt/bcrypt_salt_dollar.phpt
+@@ -0,0 +1,82 @@
++--TEST--
++bcrypt correctly rejects salts containing $
++--FILE--
++<?php
++for ($i = 0; $i < 23; $i++) {
++ $salt = '$2y$04$' . str_repeat('0', $i) . '$';
++ $result = crypt("foo", $salt);
++ var_dump($salt);
++ var_dump($result);
++ var_dump($result === $salt);
++}
++?>
++--EXPECT--
++string(8) "$2y$04$$"
++string(2) "*0"
++bool(false)
++string(9) "$2y$04$0$"
++string(2) "*0"
++bool(false)
++string(10) "$2y$04$00$"
++string(2) "*0"
++bool(false)
++string(11) "$2y$04$000$"
++string(2) "*0"
++bool(false)
++string(12) "$2y$04$0000$"
++string(2) "*0"
++bool(false)
++string(13) "$2y$04$00000$"
++string(2) "*0"
++bool(false)
++string(14) "$2y$04$000000$"
++string(2) "*0"
++bool(false)
++string(15) "$2y$04$0000000$"
++string(2) "*0"
++bool(false)
++string(16) "$2y$04$00000000$"
++string(2) "*0"
++bool(false)
++string(17) "$2y$04$000000000$"
++string(2) "*0"
++bool(false)
++string(18) "$2y$04$0000000000$"
++string(2) "*0"
++bool(false)
++string(19) "$2y$04$00000000000$"
++string(2) "*0"
++bool(false)
++string(20) "$2y$04$000000000000$"
++string(2) "*0"
++bool(false)
++string(21) "$2y$04$0000000000000$"
++string(2) "*0"
++bool(false)
++string(22) "$2y$04$00000000000000$"
++string(2) "*0"
++bool(false)
++string(23) "$2y$04$000000000000000$"
++string(2) "*0"
++bool(false)
++string(24) "$2y$04$0000000000000000$"
++string(2) "*0"
++bool(false)
++string(25) "$2y$04$00000000000000000$"
++string(2) "*0"
++bool(false)
++string(26) "$2y$04$000000000000000000$"
++string(2) "*0"
++bool(false)
++string(27) "$2y$04$0000000000000000000$"
++string(2) "*0"
++bool(false)
++string(28) "$2y$04$00000000000000000000$"
++string(2) "*0"
++bool(false)
++string(29) "$2y$04$000000000000000000000$"
++string(2) "*0"
++bool(false)
++string(30) "$2y$04$0000000000000000000000$"
++string(60) "$2y$04$000000000000000000000u2a2UpVexIt9k3FMJeAVr3c04F5tcI8K"
++bool(false)
diff --git a/patches/source/php/CVE-2023-0568.patch b/patches/source/php/CVE-2023-0568.patch
new file mode 100644
index 000000000..3b8440926
--- /dev/null
+++ b/patches/source/php/CVE-2023-0568.patch
@@ -0,0 +1,62 @@
+From c0fceebfa195b8e56a7108cb731b5ea7afbef70c Mon Sep 17 00:00:00 2001
+From: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
+Date: Fri, 27 Jan 2023 19:28:27 +0100
+Subject: [PATCH] Fix array overrun when appending slash to paths
+
+Fix it by extending the array sizes by one character. As the input is
+limited to the maximum path length, there will always be place to append
+the slash. As the php_check_specific_open_basedir() simply uses the
+strings to compare against each other, no new failures related to too
+long paths are introduced.
+We'll let the DOM and XML case handle a potentially too long path in the
+library code.
+---
+ ext/dom/document.c | 2 +-
+ ext/xmlreader/php_xmlreader.c | 2 +-
+ main/fopen_wrappers.c | 6 +++---
+ 3 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/ext/dom/document.c b/ext/dom/document.c
+index 4dee5548f188..c60198a3be11 100644
+--- a/ext/dom/document.c
++++ b/ext/dom/document.c
+@@ -1182,7 +1182,7 @@ static xmlDocPtr dom_document_parser(zval *id, int mode, char *source, size_t so
+ int validate, recover, resolve_externals, keep_blanks, substitute_ent;
+ int resolved_path_len;
+ int old_error_reporting = 0;
+- char *directory=NULL, resolved_path[MAXPATHLEN];
++ char *directory=NULL, resolved_path[MAXPATHLEN + 1];
+
+ if (id != NULL) {
+ intern = Z_DOMOBJ_P(id);
+diff --git a/ext/xmlreader/php_xmlreader.c b/ext/xmlreader/php_xmlreader.c
+index c17884d960cb..39141c8c1223 100644
+--- a/ext/xmlreader/php_xmlreader.c
++++ b/ext/xmlreader/php_xmlreader.c
+@@ -1017,7 +1017,7 @@ PHP_METHOD(XMLReader, XML)
+ xmlreader_object *intern = NULL;
+ char *source, *uri = NULL, *encoding = NULL;
+ int resolved_path_len, ret = 0;
+- char *directory=NULL, resolved_path[MAXPATHLEN];
++ char *directory=NULL, resolved_path[MAXPATHLEN + 1];
+ xmlParserInputBufferPtr inputbfr;
+ xmlTextReaderPtr reader;
+
+diff --git a/main/fopen_wrappers.c b/main/fopen_wrappers.c
+index f6ce26e104be..12cc9c8b10c0 100644
+--- a/main/fopen_wrappers.c
++++ b/main/fopen_wrappers.c
+@@ -129,10 +129,10 @@ PHPAPI ZEND_INI_MH(OnUpdateBaseDir)
+ */
+ PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path)
+ {
+- char resolved_name[MAXPATHLEN];
+- char resolved_basedir[MAXPATHLEN];
++ char resolved_name[MAXPATHLEN + 1];
++ char resolved_basedir[MAXPATHLEN + 1];
+ char local_open_basedir[MAXPATHLEN];
+- char path_tmp[MAXPATHLEN];
++ char path_tmp[MAXPATHLEN + 1];
+ char *path_file;
+ size_t resolved_basedir_len;
+ size_t resolved_name_len;
diff --git a/patches/source/php/CVE-2023-0662.patch b/patches/source/php/CVE-2023-0662.patch
new file mode 100644
index 000000000..e9cada2c9
--- /dev/null
+++ b/patches/source/php/CVE-2023-0662.patch
@@ -0,0 +1,411 @@
+From 716de0cff539f46294ef70fe75d548cd66766370 Mon Sep 17 00:00:00 2001
+From: Jakub Zelenka <bukka@php.net>
+Date: Thu, 19 Jan 2023 14:31:25 +0000
+Subject: [PATCH] Introduce max_multipart_body_parts INI
+
+This fixes GHSA-54hq-v5wp-fqgv DOS vulnerabality by limitting number of
+parsed multipart body parts as currently all parts were always parsed.
+---
+ main/main.c | 1 +
+ main/rfc1867.c | 11 ++
+ ...-54hq-v5wp-fqgv-max-body-parts-custom.phpt | 53 +++++++++
+ ...54hq-v5wp-fqgv-max-body-parts-default.phpt | 54 +++++++++
+ .../ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt | 52 +++++++++
+ sapi/fpm/tests/tester.inc | 106 +++++++++++++++---
+ 6 files changed, 262 insertions(+), 15 deletions(-)
+ create mode 100644 sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt
+ create mode 100644 sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-default.phpt
+ create mode 100644 sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt
+
+diff --git a/main/main.c b/main/main.c
+index 40684f32dc14..c58ea58bf5ac 100644
+--- a/main/main.c
++++ b/main/main.c
+@@ -751,6 +751,7 @@ PHP_INI_BEGIN()
+ PHP_INI_ENTRY("disable_functions", "", PHP_INI_SYSTEM, NULL)
+ PHP_INI_ENTRY("disable_classes", "", PHP_INI_SYSTEM, NULL)
+ PHP_INI_ENTRY("max_file_uploads", "20", PHP_INI_SYSTEM|PHP_INI_PERDIR, NULL)
++ PHP_INI_ENTRY("max_multipart_body_parts", "-1", PHP_INI_SYSTEM|PHP_INI_PERDIR, NULL)
+
+ STD_PHP_INI_BOOLEAN("allow_url_fopen", "1", PHP_INI_SYSTEM, OnUpdateBool, allow_url_fopen, php_core_globals, core_globals)
+ STD_PHP_INI_BOOLEAN("allow_url_include", "0", PHP_INI_SYSTEM, OnUpdateBool, allow_url_include, php_core_globals, core_globals)
+diff --git a/main/rfc1867.c b/main/rfc1867.c
+index b43cfae5a1e2..3086e8da3dbe 100644
+--- a/main/rfc1867.c
++++ b/main/rfc1867.c
+@@ -687,6 +687,7 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */
+ void *event_extra_data = NULL;
+ unsigned int llen = 0;
+ int upload_cnt = INI_INT("max_file_uploads");
++ int body_parts_cnt = INI_INT("max_multipart_body_parts");
+ const zend_encoding *internal_encoding = zend_multibyte_get_internal_encoding();
+ php_rfc1867_getword_t getword;
+ php_rfc1867_getword_conf_t getword_conf;
+@@ -708,6 +709,11 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */
+ return;
+ }
+
++ if (body_parts_cnt < 0) {
++ body_parts_cnt = PG(max_input_vars) + upload_cnt;
++ }
++ int body_parts_limit = body_parts_cnt;
++
+ /* Get the boundary */
+ boundary = strstr(content_type_dup, "boundary");
+ if (!boundary) {
+@@ -792,6 +798,11 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */
+ char *pair = NULL;
+ int end = 0;
+
++ if (--body_parts_cnt < 0) {
++ php_error_docref(NULL, E_WARNING, "Multipart body parts limit exceeded %d. To increase the limit change max_multipart_body_parts in php.ini.", body_parts_limit);
++ goto fileupload_done;
++ }
++
+ while (isspace(*cd)) {
+ ++cd;
+ }
+#diff --git a/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt
+#new file mode 100644
+#index 000000000000..d2239ac3c410
+#--- /dev/null
+#+++ b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt
+#@@ -0,0 +1,53 @@
+#+--TEST--
+#+FPM: GHSA-54hq-v5wp-fqgv - max_multipart_body_parts ini custom value
+#+--SKIPIF--
+#+<?php include "skipif.inc"; ?>
+#+--FILE--
+#+<?php
+#+
+#+require_once "tester.inc";
+#+
+#+$cfg = <<<EOT
+#+[global]
+#+error_log = {{FILE:LOG}}
+#+[unconfined]
+#+listen = {{ADDR}}
+#+pm = dynamic
+#+pm.max_children = 5
+#+pm.start_servers = 1
+#+pm.min_spare_servers = 1
+#+pm.max_spare_servers = 3
+#+php_admin_value[html_errors] = false
+#+php_admin_value[max_input_vars] = 20
+#+php_admin_value[max_file_uploads] = 5
+#+php_admin_value[max_multipart_body_parts] = 10
+#+php_flag[display_errors] = On
+#+EOT;
+#+
+#+$code = <<<EOT
+#+<?php
+#+var_dump(count(\$_POST));
+#+EOT;
+#+
+#+$tester = new FPM\Tester($cfg, $code);
+#+$tester->start();
+#+$tester->expectLogStartNotices();
+#+echo $tester
+#+ ->request(stdin: [
+#+ 'parts' => [
+#+ 'count' => 30,
+#+ ]
+#+ ])
+#+ ->getBody();
+#+$tester->terminate();
+#+$tester->close();
+#+
+#+?>
+#+--EXPECT--
+#+Warning: Unknown: Multipart body parts limit exceeded 10. To increase the limit change max_multipart_body_parts in php.ini. in Unknown on line 0
+#+int(10)
+#+--CLEAN--
+#+<?php
+#+require_once "tester.inc";
+#+FPM\Tester::clean();
+#+?>
+#diff --git a/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-default.phpt b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-default.phpt
+#new file mode 100644
+#index 000000000000..42b5afbf9ee7
+#--- /dev/null
+#+++ b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-default.phpt
+#@@ -0,0 +1,54 @@
+#+--TEST--
+#+FPM: GHSA-54hq-v5wp-fqgv - max_multipart_body_parts ini default
+#+--SKIPIF--
+#+<?php include "skipif.inc"; ?>
+#+--FILE--
+#+<?php
+#+
+#+require_once "tester.inc";
+#+
+#+$cfg = <<<EOT
+#+[global]
+#+error_log = {{FILE:LOG}}
+#+[unconfined]
+#+listen = {{ADDR}}
+#+pm = dynamic
+#+pm.max_children = 5
+#+pm.start_servers = 1
+#+pm.min_spare_servers = 1
+#+pm.max_spare_servers = 3
+#+php_admin_value[html_errors] = false
+#+php_admin_value[max_input_vars] = 20
+#+php_admin_value[max_file_uploads] = 5
+#+php_flag[display_errors] = On
+#+EOT;
+#+
+#+$code = <<<EOT
+#+<?php
+#+var_dump(count(\$_POST));
+#+EOT;
+#+
+#+$tester = new FPM\Tester($cfg, $code);
+#+$tester->start();
+#+$tester->expectLogStartNotices();
+#+echo $tester
+#+ ->request(stdin: [
+#+ 'parts' => [
+#+ 'count' => 30,
+#+ ]
+#+ ])
+#+ ->getBody();
+#+$tester->terminate();
+#+$tester->close();
+#+
+#+?>
+#+--EXPECT--
+#+Warning: Unknown: Input variables exceeded 20. To increase the limit change max_input_vars in php.ini. in Unknown on line 0
+#+
+#+Warning: Unknown: Multipart body parts limit exceeded 25. To increase the limit change max_multipart_body_parts in php.ini. in Unknown on line 0
+#+int(20)
+#+--CLEAN--
+#+<?php
+#+require_once "tester.inc";
+#+FPM\Tester::clean();
+#+?>
+#diff --git a/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt
+#new file mode 100644
+#index 000000000000..da81174c7280
+#--- /dev/null
+#+++ b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt
+#@@ -0,0 +1,52 @@
+#+--TEST--
+#+FPM: GHSA-54hq-v5wp-fqgv - exceeding max_file_uploads
+#+--SKIPIF--
+#+<?php include "skipif.inc"; ?>
+#+--FILE--
+#+<?php
+#+
+#+require_once "tester.inc";
+#+
+#+$cfg = <<<EOT
+#+[global]
+#+error_log = {{FILE:LOG}}
+#+[unconfined]
+#+listen = {{ADDR}}
+#+pm = dynamic
+#+pm.max_children = 5
+#+pm.start_servers = 1
+#+pm.min_spare_servers = 1
+#+pm.max_spare_servers = 3
+#+php_admin_value[html_errors] = false
+#+php_admin_value[max_file_uploads] = 5
+#+php_flag[display_errors] = On
+#+EOT;
+#+
+#+$code = <<<EOT
+#+<?php
+#+var_dump(count(\$_FILES));
+#+EOT;
+#+
+#+$tester = new FPM\Tester($cfg, $code);
+#+$tester->start();
+#+$tester->expectLogStartNotices();
+#+echo $tester
+#+ ->request(stdin: [
+#+ 'parts' => [
+#+ 'count' => 10,
+#+ 'param' => 'filename'
+#+ ]
+#+ ])
+#+ ->getBody();
+#+$tester->terminate();
+#+$tester->close();
+#+
+#+?>
+#+--EXPECT--
+#+Warning: Maximum number of allowable file uploads has been exceeded in Unknown on line 0
+#+int(5)
+#+--CLEAN--
+#+<?php
+#+require_once "tester.inc";
+#+FPM\Tester::clean();
+#+?>
+##diff --git a/sapi/fpm/tests/tester.inc b/sapi/fpm/tests/tester.inc
+##index 6197cdba53f5..e51aa0f69143 100644
+##--- a/sapi/fpm/tests/tester.inc
+##+++ b/sapi/fpm/tests/tester.inc
+#@@ -567,13 +567,17 @@ class Tester
+# * @param string $query
+# * @param array $headers
+# * @param string|null $uri
+#+ * @param string|null $scriptFilename
+#+ * @param string|null $stdin
+# *
+# * @return array
+# */
+# private function getRequestParams(
+# string $query = '',
+# array $headers = [],
+#- string $uri = null
+#+ string $uri = null,
+#+ string $scriptFilename = null,
+#+ ?string $stdin = null
+# ): array {
+# if (is_null($uri)) {
+# $uri = $this->makeSourceFile();
+3@@ -582,8 +586,8 @@ class Tester
+# $params = array_merge(
+# [
+# 'GATEWAY_INTERFACE' => 'FastCGI/1.0',
+#- 'REQUEST_METHOD' => 'GET',
+#- 'SCRIPT_FILENAME' => $uri,
+#+ 'REQUEST_METHOD' => is_null($stdin) ? 'GET' : 'POST',
+#+ 'SCRIPT_FILENAME' => $scriptFilename ?: $uri,
+# 'SCRIPT_NAME' => $uri,
+# 'QUERY_STRING' => $query,
+# 'REQUEST_URI' => $uri . ($query ? '?' . $query : ""),
+#@@ -597,7 +601,7 @@ class Tester
+# 'SERVER_PROTOCOL' => 'HTTP/1.1',
+# 'DOCUMENT_ROOT' => __DIR__,
+# 'CONTENT_TYPE' => '',
+#- 'CONTENT_LENGTH' => 0
+#+ 'CONTENT_LENGTH' => strlen($stdin ?? "") // Default to 0
+# ],
+# $headers
+# );
+#@@ -607,20 +611,86 @@ class Tester
+# });
+# }
+#
+#+ /**
+#+ * Parse stdin and generate data for multipart config.
+#+ *
+#+ * @param array $stdin
+#+ * @param array $headers
+#+ *
+#+ * @return void
+#+ * @throws \Exception
+#+ */
+#+ private function parseStdin(array $stdin, array &$headers)
+#+ {
+#+ $parts = $stdin['parts'] ?? null;
+#+ if (empty($parts)) {
+#+ throw new \Exception('The stdin array needs to contain parts');
+#+ }
+#+ $boundary = $stdin['boundary'] ?? 'AaB03x';
+#+ if ( ! isset($headers['CONTENT_TYPE'])) {
+#+ $headers['CONTENT_TYPE'] = 'multipart/form-data; boundary=' . $boundary;
+#+ }
+#+ $count = $parts['count'] ?? null;
+#+ if ( ! is_null($count)) {
+#+ $dispositionType = $parts['disposition'] ?? 'form-data';
+#+ $dispositionParam = $parts['param'] ?? 'name';
+#+ $namePrefix = $parts['prefix'] ?? 'f';
+#+ $nameSuffix = $parts['suffix'] ?? '';
+#+ $value = $parts['value'] ?? 'test';
+#+ $parts = [];
+#+ for ($i = 0; $i < $count; $i++) {
+#+ $parts[] = [
+#+ 'disposition' => $dispositionType,
+#+ 'param' => $dispositionParam,
+#+ 'name' => "$namePrefix$i$nameSuffix",
+#+ 'value' => $value
+#+ ];
+#+ }
+#+ }
+#+ $out = '';
+#+ $nl = "\r\n";
+#+ foreach ($parts as $part) {
+#+ if (!is_array($part)) {
+#+ $part = ['name' => $part];
+#+ } elseif ( ! isset($part['name'])) {
+#+ throw new \Exception('Each part has to have a name');
+#+ }
+#+ $name = $part['name'];
+#+ $dispositionType = $part['disposition'] ?? 'form-data';
+#+ $dispositionParam = $part['param'] ?? 'name';
+#+ $value = $part['value'] ?? 'test';
+#+ $partHeaders = $part['headers'] ?? [];
+#+
+#+ $out .= "--$boundary$nl";
+#+ $out .= "Content-disposition: $dispositionType; $dispositionParam=\"$name\"$nl";
+#+ foreach ($partHeaders as $headerName => $headerValue) {
+#+ $out .= "$headerName: $headerValue$nl";
+#+ }
+#+ $out .= $nl;
+#+ $out .= "$value$nl";
+#+ }
+#+ $out .= "--$boundary--$nl";
+#+
+#+ return $out;
+#+ }
+#+
+# /**
+# * Execute request.
+# *
+#- * @param string $query
+#- * @param array $headers
+#- * @param string|null $uri
+#- * @param string|null $address
+#- * @param string|null $successMessage
+#- * @param string|null $errorMessage
+#- * @param bool $connKeepAlive
+#- * @param bool $expectError
+#- * @param int $readLimit
+#+ * @param string $query
+#+ * @param array $headers
+#+ * @param string|null $uri
+#+ * @param string|null $address
+#+ * @param string|null $successMessage
+#+ * @param string|null $errorMessage
+#+ * @param bool $connKeepAlive
+#+ * @param string|null $scriptFilename = null
+#+ * @param string|array|null $stdin = null
+#+ * @param bool $expectError
+#+ * @param int $readLimit
+# *
+# * @return Response
+#+ * @throws \Exception
+# */
+# public function request(
+# string $query = '',
+#@@ -630,6 +700,8 @@ class Tester
+# string $successMessage = null,
+# string $errorMessage = null,
+# bool $connKeepAlive = false,
+#+ string $scriptFilename = null,
+#+ string|array $stdin = null,
+# bool $expectError = false,
+# int $readLimit = -1,
+# ): Response {
+#@@ -637,12 +709,16 @@ class Tester
+# return new Response(null, true);
+# }
+#
+#- $params = $this->getRequestParams($query, $headers, $uri);
+#+ if (is_array($stdin)) {
+#+ $stdin = $this->parseStdin($stdin, $headers);
+#+ }
+#+
+#+ $params = $this->getRequestParams($query, $headers, $uri, $scriptFilename, $stdin);
+# $this->trace('Request params', $params);
+#
+# try {
+# $this->response = new Response(
+#- $this->getClient($address, $connKeepAlive)->request_data($params, false, $readLimit)
+#+ $this->getClient($address, $connKeepAlive)->request_data($params, $stdin, $readLimit)
+# );
+# if ($expectError) {
+# $this->error('Expected request error but the request was successful');
diff --git a/patches/source/php/php.SlackBuild b/patches/source/php/php.SlackBuild
index 8773717c8..34f88d84f 100755
--- a/patches/source/php/php.SlackBuild
+++ b/patches/source/php/php.SlackBuild
@@ -28,7 +28,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=php
VERSION=${VERSION:-$(echo php-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
ALPINE=2.26
-BUILD=${BUILD:-2_slack15.0}
+BUILD=${BUILD:-3_slack15.0}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
@@ -128,6 +128,9 @@ tar xvf $CWD/php-$VERSION.tar.xz || exit 1
cd php-$VERSION || exit 1
zcat $CWD/CVE-2022-31631.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/CVE-2023-0567.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/CVE-2023-0568.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/CVE-2023-0662.patch.gz | patch -p1 --verbose || exit 1
# cleanup:
find . -name "*.orig" -delete
diff --git a/recompress.sh b/recompress.sh
index aba4fc02e..bf5209fcd 100755
--- a/recompress.sh
+++ b/recompress.sh
@@ -1266,8 +1266,11 @@ gzip ./patches/source/libtiff/patches/CVE-2022-2056_2057_2058.patch
gzip ./patches/source/libtiff/patches/CVE-2022-34526.patch
gzip ./patches/source/libtiff/patches/CVE-2022-3970.patch
gzip ./patches/source/php/php-fpm.conf.diff
+gzip ./patches/source/php/CVE-2023-0662.patch
gzip ./patches/source/php/php.enchant-2.patch
gzip ./patches/source/php/CVE-2022-31631.patch
+gzip ./patches/source/php/CVE-2023-0568.patch
+gzip ./patches/source/php/CVE-2023-0567.patch
gzip ./patches/source/php/doinst.sh
gzip ./patches/source/php/php.imap.api.diff
gzip ./patches/source/php/php.ini-development.diff
generated by cgit v1.2.3 (git 2.26.2) at 2024-05-06 16:38:41 +0000