From 585883b9b5ec51fd1a9d4729c3e2a20c5c928eae Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Sat, 7 Jan 2023 01:50:00 +0000 Subject: Sat Jan 7 01:50:00 UTC 2023 extra/php80/php80-8.0.27-x86_64-1_slack15.0.txz: Upgraded. This update fixes a security issue: PDO::quote() may return unquoted string. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-31631 (* Security fix *) extra/php81/php81-8.1.14-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and a security issue: PDO::quote() may return unquoted string. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-31631 (* Security fix *) patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txz: Upgraded. Fixed memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures. For more information, see: https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/ https://www.cve.org/CVERecord?id=CVE-2021-43527 (* Security fix *) patches/packages/php-7.4.33-x86_64-2_slack15.0.txz: Rebuilt. This update fixes a security issue: PDO::quote() may return unquoted string. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-31631 (* Security fix *) --- .../mozilla-nss-3.84-x86_64-1_slack15.0.txt | 11 ----- .../mozilla-nss-3.87-x86_64-1_slack15.0.txt | 11 +++++ patches/packages/php-7.4.33-x86_64-1_slack15.0.txt | 11 ----- patches/packages/php-7.4.33-x86_64-2_slack15.0.txt | 11 +++++ patches/source/mozilla-nss/CVE-2022-3479.patch | 23 ---------- patches/source/mozilla-nss/mozilla-nss.SlackBuild | 5 +-- patches/source/php/CVE-2022-31631.patch | 50 ++++++++++++++++++++++ patches/source/php/php.SlackBuild | 8 ++-- 8 files changed, 79 insertions(+), 51 deletions(-) delete mode 100644 patches/packages/mozilla-nss-3.84-x86_64-1_slack15.0.txt create mode 100644 patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txt delete mode 100644 patches/packages/php-7.4.33-x86_64-1_slack15.0.txt create mode 100644 patches/packages/php-7.4.33-x86_64-2_slack15.0.txt delete mode 100644 patches/source/mozilla-nss/CVE-2022-3479.patch create mode 100644 patches/source/php/CVE-2022-31631.patch (limited to 'patches') diff --git a/patches/packages/mozilla-nss-3.84-x86_64-1_slack15.0.txt b/patches/packages/mozilla-nss-3.84-x86_64-1_slack15.0.txt deleted file mode 100644 index 9d2fe7086..000000000 --- a/patches/packages/mozilla-nss-3.84-x86_64-1_slack15.0.txt +++ /dev/null @@ -1,11 +0,0 @@ -mozilla-nss: mozilla-nss (Network Security Services) -mozilla-nss: -mozilla-nss: Network Security Services (NSS) is a set of libraries designed to -mozilla-nss: support cross-platform development of security-enabled client and -mozilla-nss: server applications. Applications built with NSS can support -mozilla-nss: SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, -mozilla-nss: X.509 v3 certificates, and other security standards. -mozilla-nss: -mozilla-nss: -mozilla-nss: Read http://www.mozilla.org/projects/security/pki/nss/overview.html -mozilla-nss: diff --git a/patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txt b/patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txt new file mode 100644 index 000000000..9d2fe7086 --- /dev/null +++ b/patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txt @@ -0,0 +1,11 @@ +mozilla-nss: mozilla-nss (Network Security Services) +mozilla-nss: +mozilla-nss: Network Security Services (NSS) is a set of libraries designed to +mozilla-nss: support cross-platform development of security-enabled client and +mozilla-nss: server applications. Applications built with NSS can support +mozilla-nss: SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, +mozilla-nss: X.509 v3 certificates, and other security standards. +mozilla-nss: +mozilla-nss: +mozilla-nss: Read http://www.mozilla.org/projects/security/pki/nss/overview.html +mozilla-nss: diff --git a/patches/packages/php-7.4.33-x86_64-1_slack15.0.txt b/patches/packages/php-7.4.33-x86_64-1_slack15.0.txt deleted file mode 100644 index 88937e9e0..000000000 --- a/patches/packages/php-7.4.33-x86_64-1_slack15.0.txt +++ /dev/null @@ -1,11 +0,0 @@ -php: php (HTML-embedded scripting language) -php: -php: PHP is an HTML-embedded scripting language. It shares syntax -php: characteristics with C, Java, and Perl. The primary objective behind -php: this language is to make a fast and easy-to-use scripting language -php: for dynamic web sites. -php: -php: Homepage: https://www.php.net/ -php: -php: -php: diff --git a/patches/packages/php-7.4.33-x86_64-2_slack15.0.txt b/patches/packages/php-7.4.33-x86_64-2_slack15.0.txt new file mode 100644 index 000000000..88937e9e0 --- /dev/null +++ b/patches/packages/php-7.4.33-x86_64-2_slack15.0.txt @@ -0,0 +1,11 @@ +php: php (HTML-embedded scripting language) +php: +php: PHP is an HTML-embedded scripting language. It shares syntax +php: characteristics with C, Java, and Perl. The primary objective behind +php: this language is to make a fast and easy-to-use scripting language +php: for dynamic web sites. +php: +php: Homepage: https://www.php.net/ +php: +php: +php: diff --git a/patches/source/mozilla-nss/CVE-2022-3479.patch b/patches/source/mozilla-nss/CVE-2022-3479.patch deleted file mode 100644 index 5f80fdc09..000000000 --- a/patches/source/mozilla-nss/CVE-2022-3479.patch +++ /dev/null @@ -1,23 +0,0 @@ -diff --git a/lib/ssl/authcert.c b/lib/ssl/authcert.c ---- a/lib/ssl/authcert.c -+++ b/lib/ssl/authcert.c -@@ -212,17 +212,17 @@ NSS_GetClientAuthData(void *arg, - pw_arg); - } else { - int nnames = 0; - char **names = ssl_DistNamesToStrings(caNames, &nnames); - rv = CERT_FilterCertListByCANames(certList, nnames, names, - certUsageSSLClient); - ssl_FreeDistNamesStrings(names, nnames); - } -- if ((rv != SECSuccess) || CERT_LIST_EMPTY(certList)) { -+ if ((rv != SECSuccess) || (certList && CERT_LIST_EMPTY(certList))) { - CERT_DestroyCertList(certList); - certList = NULL; - } - } - if (certList == NULL) { - /* no user certs meeting the nickname/usage requirements found */ - return SECFailure; - } - diff --git a/patches/source/mozilla-nss/mozilla-nss.SlackBuild b/patches/source/mozilla-nss/mozilla-nss.SlackBuild index 34756cff5..ae1ed1e3e 100755 --- a/patches/source/mozilla-nss/mozilla-nss.SlackBuild +++ b/patches/source/mozilla-nss/mozilla-nss.SlackBuild @@ -1,6 +1,6 @@ #!/bin/bash # Copyright 2005, 2006, 2008, 2009, 2010, 2012 Eric Hameleers, Eindhoven, NL -# Copyright 2013, 2014, 2015, 2017, 2018, 2019, 2020 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2013, 2014, 2015, 2017, 2018, 2019, 2020, 2023 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Permission to use, copy, modify, and distribute this software for @@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=mozilla-nss SRCNAM=nss -VERSION=${VERSION:-3.84} +VERSION=${VERSION:-3.87} NSPR=${NSPR:-4.35} BUILD=${BUILD:-1_slack15.0} @@ -93,7 +93,6 @@ find . \ -exec chmod 644 {} \+ cd nss -zcat $CWD/CVE-2022-3479.patch.gz | patch -p1 --verbose || exit 1 ./build.sh -v $NUMJOBS --opt --system-sqlite --enable-libpkix --disable-tests cd - diff --git a/patches/source/php/CVE-2022-31631.patch b/patches/source/php/CVE-2022-31631.patch new file mode 100644 index 000000000..6aa309549 --- /dev/null +++ b/patches/source/php/CVE-2022-31631.patch @@ -0,0 +1,50 @@ +From 921b6813da3237a83e908998483f46ae3d8bacba Mon Sep 17 00:00:00 2001 +From: "Christoph M. Becker" +Date: Mon, 31 Oct 2022 17:20:23 +0100 +Subject: [PATCH] Fix #81740: PDO::quote() may return unquoted string + +`sqlite3_snprintf()` expects its first parameter to be `int`; we need +to avoid overflow. +--- + ext/pdo_sqlite/sqlite_driver.c | 3 +++ + ext/pdo_sqlite/tests/bug81740.phpt | 17 +++++++++++++++++ + 2 files changed, 20 insertions(+) + create mode 100644 ext/pdo_sqlite/tests/bug81740.phpt + +diff --git a/ext/pdo_sqlite/sqlite_driver.c b/ext/pdo_sqlite/sqlite_driver.c +index 4233ff10ff2e..5a72a1eda23f 100644 +--- a/ext/pdo_sqlite/sqlite_driver.c ++++ b/ext/pdo_sqlite/sqlite_driver.c +@@ -232,6 +232,9 @@ static char *pdo_sqlite_last_insert_id(pdo_dbh_t *dbh, const char *name, size_t + /* NB: doesn't handle binary strings... use prepared stmts for that */ + static int sqlite_handle_quoter(pdo_dbh_t *dbh, const char *unquoted, size_t unquotedlen, char **quoted, size_t *quotedlen, enum pdo_param_type paramtype ) + { ++ if (unquotedlen > (INT_MAX - 3) / 2) { ++ return 0; ++ } + *quoted = safe_emalloc(2, unquotedlen, 3); + sqlite3_snprintf(2*unquotedlen + 3, *quoted, "'%q'", unquoted); + *quotedlen = strlen(*quoted); +diff --git a/ext/pdo_sqlite/tests/bug81740.phpt b/ext/pdo_sqlite/tests/bug81740.phpt +new file mode 100644 +index 000000000000..99fb07c3048b +--- /dev/null ++++ b/ext/pdo_sqlite/tests/bug81740.phpt +@@ -0,0 +1,17 @@ ++--TEST-- ++Bug #81740 (PDO::quote() may return unquoted string) ++--SKIPIF-- ++ ++--INI-- ++memory_limit=-1 ++--FILE-- ++quote($string)); ++?> ++--EXPECT-- ++bool(false) diff --git a/patches/source/php/php.SlackBuild b/patches/source/php/php.SlackBuild index 518bb7ec6..8773717c8 100755 --- a/patches/source/php/php.SlackBuild +++ b/patches/source/php/php.SlackBuild @@ -3,7 +3,7 @@ # Build and package mod_php on Slackware. # by: David Cantrell # Modified for PHP 4-5 by volkerdi@slackware.com -# Copyright 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2015, 2017, 2019, 2020, 2021 Patrick Volkerding, Sebeka, MN, USA +# Copyright 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2015, 2017, 2019, 2020, 2021, 2023 Patrick Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -27,8 +27,8 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=php VERSION=${VERSION:-$(echo php-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -ALPINE=2.25 -BUILD=${BUILD:-1_slack15.0} +ALPINE=2.26 +BUILD=${BUILD:-2_slack15.0} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -127,6 +127,8 @@ rm -rf php-$VERSION tar xvf $CWD/php-$VERSION.tar.xz || exit 1 cd php-$VERSION || exit 1 +zcat $CWD/CVE-2022-31631.patch.gz | patch -p1 --verbose || exit 1 + # cleanup: find . -name "*.orig" -delete -- cgit v1.2.3-79-gdb01