From fd2449f9042a890d8e469b4ba88a3d754aa9710a Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Sat, 29 May 2021 17:36:51 +0000 Subject: Sat May 29 17:36:51 UTC 2021 n/dhcp-4.4.2_P1-x86_64-1.txz: Upgraded. This update fixes a security issue: Corrected a buffer overwrite possible when parsing hexadecimal literals with more than 1024 octets. Reported by Jon Franklin from Dell, and also by Pawel Wieczorkiewicz from Amazon Web Services. [Gitlab #182] For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25217 (* Security fix *) --- ChangeLog.rss | 22 ++++++++++++++-- ChangeLog.txt | 10 ++++++++ FILELIST.TXT | 58 +++++++++++++++++++++---------------------- source/n/dhcp/dhcp.SlackBuild | 2 +- 4 files changed, 60 insertions(+), 32 deletions(-) diff --git a/ChangeLog.rss b/ChangeLog.rss index 431558f71..4055d9a53 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,9 +11,27 @@ Tracking Slackware development in git. en-us urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f - Fri, 28 May 2021 19:26:15 GMT - Sat, 29 May 2021 06:59:45 GMT + Sat, 29 May 2021 17:36:51 GMT + Sun, 30 May 2021 06:59:44 GMT maintain_current_git.sh v 1.12 + + Sat, 29 May 2021 17:36:51 GMT + Sat, 29 May 2021 17:36:51 GMT + https://git.slackware.nl/current/tag/?h=20210529173651 + 20210529173651 + + +n/dhcp-4.4.2_P1-x86_64-1.txz: Upgraded. + This update fixes a security issue: + Corrected a buffer overwrite possible when parsing hexadecimal + literals with more than 1024 octets. Reported by Jon Franklin from Dell, + and also by Pawel Wieczorkiewicz from Amazon Web Services. [Gitlab #182] + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25217 + (* Security fix *) + ]]> + + Fri, 28 May 2021 19:26:15 GMT Fri, 28 May 2021 19:26:15 GMT diff --git a/ChangeLog.txt b/ChangeLog.txt index eafee7028..14c699c37 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,13 @@ +Sat May 29 17:36:51 UTC 2021 +n/dhcp-4.4.2_P1-x86_64-1.txz: Upgraded. + This update fixes a security issue: + Corrected a buffer overwrite possible when parsing hexadecimal + literals with more than 1024 octets. Reported by Jon Franklin from Dell, + and also by Pawel Wieczorkiewicz from Amazon Web Services. [Gitlab #182] + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25217 + (* Security fix *) ++--------------------------+ Fri May 28 19:26:15 UTC 2021 a/cryptsetup-2.3.6-x86_64-1.txz: Upgraded. a/kernel-generic-5.10.41-x86_64-1.txz: Upgraded. diff --git a/FILELIST.TXT b/FILELIST.TXT index 150f14ad9..4361c44be 100644 --- a/FILELIST.TXT +++ b/FILELIST.TXT @@ -1,20 +1,20 @@ -Fri May 28 19:30:56 UTC 2021 +Sat May 29 17:42:06 UTC 2021 Here is the file list for this directory. If you are using a mirror site and find missing or extra files in the disk subdirectories, please have the archive administrator refresh the mirror. -drwxr-xr-x 12 root root 4096 2021-05-28 19:26 . +drwxr-xr-x 12 root root 4096 2021-05-29 17:36 . -rw-r--r-- 1 root root 10064 2016-06-30 18:39 ./ANNOUNCE.14_2 -rw-r--r-- 1 root root 15411 2021-03-28 17:36 ./CHANGES_AND_HINTS.TXT --rw-r--r-- 1 root root 1077619 2021-05-27 18:54 ./CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2021-05-27 18:54 ./CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 1077619 2021-05-28 19:31 ./CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2021-05-28 19:31 ./CHECKSUMS.md5.asc -rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING -rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3 -rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT -rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT --rw-r--r-- 1 root root 1511177 2021-05-28 19:26 ./ChangeLog.txt +-rw-r--r-- 1 root root 1511645 2021-05-29 17:36 ./ChangeLog.txt drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI drwxr-xr-x 2 root root 4096 2021-05-28 19:26 ./EFI/BOOT -rw-r--r-- 1 root root 1417216 2019-07-05 18:54 ./EFI/BOOT/bootx64.efi @@ -25,9 +25,9 @@ drwxr-xr-x 2 root root 4096 2021-05-28 19:26 ./EFI/BOOT -rwxr-xr-x 1 root root 2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh -rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg -rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg --rw-r--r-- 1 root root 1405018 2021-05-27 18:53 ./FILELIST.TXT +-rw-r--r-- 1 root root 1405018 2021-05-28 19:30 ./FILELIST.TXT -rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY --rw-r--r-- 1 root root 849147 2021-05-28 19:30 ./PACKAGES.TXT +-rw-r--r-- 1 root root 849150 2021-05-29 17:41 ./PACKAGES.TXT -rw-r--r-- 1 root root 8564 2016-06-28 21:33 ./README.TXT -rw-r--r-- 1 root root 3635 2021-05-28 19:12 ./README.initrd -rw-r--r-- 1 root root 34412 2017-12-01 17:44 ./README_CRYPT.TXT @@ -715,11 +715,11 @@ drwxr-xr-x 2 root root 4096 2012-09-20 18:06 ./patches -rw-r--r-- 1 root root 575 2012-09-20 18:06 ./patches/FILE_LIST -rw-r--r-- 1 root root 14 2012-09-20 18:06 ./patches/MANIFEST.bz2 -rw-r--r-- 1 root root 224 2012-09-20 18:06 ./patches/PACKAGES.TXT -drwxr-xr-x 17 root root 4096 2021-05-28 19:30 ./slackware64 --rw-r--r-- 1 root root 332008 2021-05-28 19:30 ./slackware64/CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2021-05-28 19:30 ./slackware64/CHECKSUMS.md5.asc --rw-r--r-- 1 root root 411987 2021-05-28 19:29 ./slackware64/FILE_LIST --rw-r--r-- 1 root root 4024603 2021-05-28 19:29 ./slackware64/MANIFEST.bz2 +drwxr-xr-x 17 root root 4096 2021-05-29 17:41 ./slackware64 +-rw-r--r-- 1 root root 332017 2021-05-29 17:41 ./slackware64/CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2021-05-29 17:41 ./slackware64/CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 411994 2021-05-29 17:41 ./slackware64/FILE_LIST +-rw-r--r-- 1 root root 4036808 2021-05-29 17:41 ./slackware64/MANIFEST.bz2 lrwxrwxrwx 1 root root 15 2009-08-23 23:34 ./slackware64/PACKAGES.TXT -> ../PACKAGES.TXT drwxr-xr-x 2 root root 32768 2021-05-28 19:29 ./slackware64/a -rw-r--r-- 1 root root 327 2021-02-13 10:54 ./slackware64/a/aaa_base-14.2-x86_64-7.txt @@ -3793,7 +3793,7 @@ drwxr-xr-x 2 root root 73728 2021-05-28 19:29 ./slackware64/l -rw-r--r-- 1 root root 463 2021-05-15 18:01 ./slackware64/l/zstd-1.5.0-x86_64-1.txt -rw-r--r-- 1 root root 458040 2021-05-15 18:01 ./slackware64/l/zstd-1.5.0-x86_64-1.txz -rw-r--r-- 1 root root 163 2021-05-15 18:01 ./slackware64/l/zstd-1.5.0-x86_64-1.txz.asc -drwxr-xr-x 2 root root 32768 2021-05-26 20:05 ./slackware64/n +drwxr-xr-x 2 root root 32768 2021-05-29 17:41 ./slackware64/n -rw-r--r-- 1 root root 357 2021-02-13 11:52 ./slackware64/n/ModemManager-1.14.10-x86_64-3.txt -rw-r--r-- 1 root root 1877092 2021-02-13 11:52 ./slackware64/n/ModemManager-1.14.10-x86_64-3.txz -rw-r--r-- 1 root root 163 2021-02-13 11:52 ./slackware64/n/ModemManager-1.14.10-x86_64-3.txz.asc @@ -3854,9 +3854,9 @@ drwxr-xr-x 2 root root 32768 2021-05-26 20:05 ./slackware64/n -rw-r--r-- 1 root root 515 2021-02-13 11:58 ./slackware64/n/dehydrated-0.7.0-noarch-3.txt -rw-r--r-- 1 root root 37192 2021-02-13 11:58 ./slackware64/n/dehydrated-0.7.0-noarch-3.txz -rw-r--r-- 1 root root 163 2021-02-13 11:58 ./slackware64/n/dehydrated-0.7.0-noarch-3.txz.asc --rw-r--r-- 1 root root 641 2021-02-13 11:59 ./slackware64/n/dhcp-4.4.2-x86_64-3.txt --rw-r--r-- 1 root root 1817088 2021-02-13 11:59 ./slackware64/n/dhcp-4.4.2-x86_64-3.txz --rw-r--r-- 1 root root 163 2021-02-13 11:59 ./slackware64/n/dhcp-4.4.2-x86_64-3.txz.asc +-rw-r--r-- 1 root root 641 2021-05-29 17:24 ./slackware64/n/dhcp-4.4.2_P1-x86_64-1.txt +-rw-r--r-- 1 root root 1818824 2021-05-29 17:24 ./slackware64/n/dhcp-4.4.2_P1-x86_64-1.txz +-rw-r--r-- 1 root root 163 2021-05-29 17:24 ./slackware64/n/dhcp-4.4.2_P1-x86_64-1.txz.asc -rw-r--r-- 1 root root 493 2021-02-13 11:59 ./slackware64/n/dhcpcd-8.1.9-x86_64-3.txt -rw-r--r-- 1 root root 169464 2021-02-13 11:59 ./slackware64/n/dhcpcd-8.1.9-x86_64-3.txz -rw-r--r-- 1 root root 163 2021-02-13 11:59 ./slackware64/n/dhcpcd-8.1.9-x86_64-3.txz.asc @@ -5509,11 +5509,11 @@ drwxr-xr-x 2 root root 4096 2021-02-15 19:33 ./slackware64/y -rw-r--r-- 1 root root 1486956 2021-02-13 13:56 ./slackware64/y/nethack-3.6.6-x86_64-3.txz -rw-r--r-- 1 root root 163 2021-02-13 13:56 ./slackware64/y/nethack-3.6.6-x86_64-3.txz.asc -rw-r--r-- 1 root root 26 2020-12-30 21:55 ./slackware64/y/tagfile -drwxr-xr-x 18 root root 4096 2021-05-28 19:30 ./source --rw-r--r-- 1 root root 571483 2021-05-28 19:30 ./source/CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2021-05-28 19:30 ./source/CHECKSUMS.md5.asc --rw-r--r-- 1 root root 795680 2021-05-28 19:30 ./source/FILE_LIST --rw-r--r-- 1 root root 22537966 2021-05-28 19:30 ./source/MANIFEST.bz2 +drwxr-xr-x 18 root root 4096 2021-05-29 17:42 ./source +-rw-r--r-- 1 root root 571498 2021-05-29 17:42 ./source/CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2021-05-29 17:42 ./source/CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 795695 2021-05-29 17:41 ./source/FILE_LIST +-rw-r--r-- 1 root root 22543376 2021-05-29 17:41 ./source/MANIFEST.bz2 -rw-r--r-- 1 root root 1314 2006-10-02 04:40 ./source/README.TXT drwxr-xr-x 122 root root 4096 2021-04-06 18:09 ./source/a -rw-r--r-- 1 root root 1591 2021-04-06 18:09 ./source/a/FTBFSlog @@ -11690,15 +11690,15 @@ drwxr-xr-x 2 root root 4096 2021-02-13 05:32 ./source/n/dehydrated -rw-r--r-- 1 root root 53 2020-12-23 09:56 ./source/n/dehydrated/dehydrated.url -rw-r--r-- 1 root root 367 2021-01-04 23:17 ./source/n/dehydrated/doinst.sh.gz -rw-r--r-- 1 root root 1006 2021-01-04 23:24 ./source/n/dehydrated/slack-desc -drwxr-xr-x 2 root root 4096 2021-02-13 05:32 ./source/n/dhcp +drwxr-xr-x 2 root root 4096 2021-05-29 17:22 ./source/n/dhcp -rw-r--r-- 1 root root 414 2017-08-03 20:32 ./source/n/dhcp/dhclient-script.PATH.diff.gz --rw-r--r-- 1 root root 9906235 2020-01-22 13:36 ./source/n/dhcp/dhcp-4.4.2.tar.gz --rw-r--r-- 1 root root 833 2020-01-22 13:36 ./source/n/dhcp/dhcp-4.4.2.tar.gz.asc --rw-r--r-- 1 root root 833 2020-01-22 13:36 ./source/n/dhcp/dhcp-4.4.2.tar.gz.sha1.asc --rw-r--r-- 1 root root 833 2020-01-22 13:36 ./source/n/dhcp/dhcp-4.4.2.tar.gz.sha256.asc --rw-r--r-- 1 root root 833 2020-01-22 13:36 ./source/n/dhcp/dhcp-4.4.2.tar.gz.sha512.asc +-rw-r--r-- 1 root root 9898311 2021-05-26 20:15 ./source/n/dhcp/dhcp-4.4.2-P1.tar.gz +-rw-r--r-- 1 root root 833 2021-05-26 20:15 ./source/n/dhcp/dhcp-4.4.2-P1.tar.gz.asc +-rw-r--r-- 1 root root 833 2021-05-26 20:15 ./source/n/dhcp/dhcp-4.4.2-P1.tar.gz.sha1.asc +-rw-r--r-- 1 root root 833 2021-05-26 20:15 ./source/n/dhcp/dhcp-4.4.2-P1.tar.gz.sha256.asc +-rw-r--r-- 1 root root 833 2021-05-26 20:15 ./source/n/dhcp/dhcp-4.4.2-P1.tar.gz.sha512.asc -rwxr-xr-x 1 root root 1667 2011-04-06 19:13 ./source/n/dhcp/dhcp-remove-bind-tarball.sh --rwxr-xr-x 1 root root 5716 2021-02-13 05:32 ./source/n/dhcp/dhcp.SlackBuild +-rwxr-xr-x 1 root root 5716 2021-05-29 17:23 ./source/n/dhcp/dhcp.SlackBuild -rw-r--r-- 1 root root 28 2020-01-22 18:55 ./source/n/dhcp/dhcp.url -rw-r--r-- 1 root root 309 2011-03-24 13:39 ./source/n/dhcp/doinst.sh.gz -rw-r--r-- 1 root root 1093 2018-02-27 06:13 ./source/n/dhcp/slack-desc @@ -12051,7 +12051,7 @@ drwxr-xr-x 2 root root 4096 2021-02-13 05:32 ./source/n/net-tools -rw-r--r-- 1 root root 970 2018-02-27 06:13 ./source/n/net-tools/slack-desc drwxr-xr-x 2 root root 4096 2021-02-13 05:32 ./source/n/netatalk -rw-r--r-- 1 root root 377 2020-02-07 01:00 ./source/n/netatalk/doinst.sh.gz --rw-r--r-- 1 root root 1332354 2018-12-20 14:51 ./source/n/netatalk/netatalk-3.1.12.tar.lz +-rw-r--r-- 1 root root 1332354 2018-12-20 14:51 ./source/n/netatalk/netatalk-3.1.12.tar.lz -rw-r--r-- 1 root root 475 2020-12-16 04:23 ./source/n/netatalk/netatalk-invalid_dircache_entries.patch.gz -rwxr-xr-x 1 root root 5037 2021-02-13 05:32 ./source/n/netatalk/netatalk.SlackBuild -rw-r--r-- 1 root root 1009 2018-09-05 21:12 ./source/n/netatalk/rc.atalk.new diff --git a/source/n/dhcp/dhcp.SlackBuild b/source/n/dhcp/dhcp.SlackBuild index 839d92614..10ddf6cd6 100755 --- a/source/n/dhcp/dhcp.SlackBuild +++ b/source/n/dhcp/dhcp.SlackBuild @@ -26,7 +26,7 @@ PKGNAM=dhcp # Leave this one .gz as other compressors do not help much and we can keep # the original upstream .asc VERSION=${VERSION:-$(basename $(echo $PKGNAM-*.tar.gz | cut -f 2- -d -) .tar.gz)} -BUILD=${BUILD:-3} +BUILD=${BUILD:-1} PKG_VERSION=$(echo $VERSION | tr - _) -- cgit v1.2.3