From 8f546e8375222b648c76a215d2f8f9dbe0502c37 Mon Sep 17 00:00:00 2001
From: Patrick J Volkerding <volkerdi@slackware.com>
Date: Wed, 21 Sep 2022 19:19:07 +0000
Subject: Wed Sep 21 19:19:07 UTC 2022

patches/packages/cups-2.4.2-x86_64-3_slack15.0.txz:  Rebuilt.
  Fixed crash when using the CUPS web setup interface:
  [PATCH] Fix OpenSSL crash bug - "tls" pointer wasn't cleared after freeing
  it (Issue #409).
  Thanks to MisterL, bryjen, and kjhambrick.
  Fixed an OpenSSL certificate loading issue:
  [PATCH] The OpenSSL code path wasn't loading the full certificate
  chain (Issue #465).
  Thanks to tmmukunn.
---
 .../packages/bind-9.16.29-x86_64-1_slack15.0.txt   | 11 -------
 .../packages/bind-9.16.33-x86_64-1_slack15.0.txt   | 11 +++++++
 patches/packages/cups-2.4.2-x86_64-1_slack15.0.txt | 11 -------
 patches/packages/cups-2.4.2-x86_64-3_slack15.0.txt | 11 +++++++
 .../c0c403744b1bf4a9790a8fcaabcd60970cbefe06.patch | 36 ++++++++++++++++++++++
 .../cd84d7fde692237af4996d4a0e985a3eb4a293f0.patch | 36 ++++++++++++++++++++++
 patches/source/cups/cups.SlackBuild                |  9 +++++-
 7 files changed, 102 insertions(+), 23 deletions(-)
 delete mode 100644 patches/packages/bind-9.16.29-x86_64-1_slack15.0.txt
 create mode 100644 patches/packages/bind-9.16.33-x86_64-1_slack15.0.txt
 delete mode 100644 patches/packages/cups-2.4.2-x86_64-1_slack15.0.txt
 create mode 100644 patches/packages/cups-2.4.2-x86_64-3_slack15.0.txt
 create mode 100644 patches/source/cups/c0c403744b1bf4a9790a8fcaabcd60970cbefe06.patch
 create mode 100644 patches/source/cups/cd84d7fde692237af4996d4a0e985a3eb4a293f0.patch

(limited to 'patches')

diff --git a/patches/packages/bind-9.16.29-x86_64-1_slack15.0.txt b/patches/packages/bind-9.16.29-x86_64-1_slack15.0.txt
deleted file mode 100644
index d61583855..000000000
--- a/patches/packages/bind-9.16.29-x86_64-1_slack15.0.txt
+++ /dev/null
@@ -1,11 +0,0 @@
-bind: bind (DNS server and utilities)
-bind:
-bind: The named daemon and support utilities such as dig, host, and
-bind: nslookup. Sample configuration files for running a simple caching
-bind: nameserver are included. Documentation for advanced name server
-bind: setup can be found in /usr/doc/bind-9.x.x/.
-bind:
-bind:
-bind:
-bind:
-bind:
diff --git a/patches/packages/bind-9.16.33-x86_64-1_slack15.0.txt b/patches/packages/bind-9.16.33-x86_64-1_slack15.0.txt
new file mode 100644
index 000000000..d61583855
--- /dev/null
+++ b/patches/packages/bind-9.16.33-x86_64-1_slack15.0.txt
@@ -0,0 +1,11 @@
+bind: bind (DNS server and utilities)
+bind:
+bind: The named daemon and support utilities such as dig, host, and
+bind: nslookup. Sample configuration files for running a simple caching
+bind: nameserver are included. Documentation for advanced name server
+bind: setup can be found in /usr/doc/bind-9.x.x/.
+bind:
+bind:
+bind:
+bind:
+bind:
diff --git a/patches/packages/cups-2.4.2-x86_64-1_slack15.0.txt b/patches/packages/cups-2.4.2-x86_64-1_slack15.0.txt
deleted file mode 100644
index f581115e7..000000000
--- a/patches/packages/cups-2.4.2-x86_64-1_slack15.0.txt
+++ /dev/null
@@ -1,11 +0,0 @@
-cups: cups (Common UNIX Printing System)
-cups:
-cups: The Common UNIX Printing System provides a portable printing layer for
-cups: UNIX(R)-like operating systems. It has been developed by Easy Software
-cups: Products to promote a standard printing solution for all UNIX vendors
-cups: and users. CUPS uses the Internet Printing Protocol ("IPP") as the
-cups: basis for managing print jobs and queues. The CUPS package includes
-cups: System V and Berkeley command-line interfaces, a PostScript RIP
-cups: package for supporting non-PostScript printer drivers, and tools for
-cups: creating additional printer drivers and other CUPS services.
-cups:
diff --git a/patches/packages/cups-2.4.2-x86_64-3_slack15.0.txt b/patches/packages/cups-2.4.2-x86_64-3_slack15.0.txt
new file mode 100644
index 000000000..f581115e7
--- /dev/null
+++ b/patches/packages/cups-2.4.2-x86_64-3_slack15.0.txt
@@ -0,0 +1,11 @@
+cups: cups (Common UNIX Printing System)
+cups:
+cups: The Common UNIX Printing System provides a portable printing layer for
+cups: UNIX(R)-like operating systems. It has been developed by Easy Software
+cups: Products to promote a standard printing solution for all UNIX vendors
+cups: and users. CUPS uses the Internet Printing Protocol ("IPP") as the
+cups: basis for managing print jobs and queues. The CUPS package includes
+cups: System V and Berkeley command-line interfaces, a PostScript RIP
+cups: package for supporting non-PostScript printer drivers, and tools for
+cups: creating additional printer drivers and other CUPS services.
+cups:
diff --git a/patches/source/cups/c0c403744b1bf4a9790a8fcaabcd60970cbefe06.patch b/patches/source/cups/c0c403744b1bf4a9790a8fcaabcd60970cbefe06.patch
new file mode 100644
index 000000000..f38baf8a7
--- /dev/null
+++ b/patches/source/cups/c0c403744b1bf4a9790a8fcaabcd60970cbefe06.patch
@@ -0,0 +1,36 @@
+From c0c403744b1bf4a9790a8fcaabcd60970cbefe06 Mon Sep 17 00:00:00 2001
+From: Michael R Sweet <michael.r.sweet@gmail.com>
+Date: Tue, 7 Jun 2022 13:45:29 -0400
+Subject: [PATCH] Fix OpenSSL crash bug - "tls" pointer wasn't cleared after
+ freeing it (Issue #409)
+
+---
+ CHANGES.md         | 1 +
+ cups/tls-openssl.c | 2 ++
+ 2 files changed, 3 insertions(+)
+
+#diff --git a/CHANGES.md b/CHANGES.md
+#index 8b78b003fa..befbf3ab44 100644
+#--- a/CHANGES.md
+#+++ b/CHANGES.md
+#@@ -6,6 +6,7 @@ Changes in CUPS v2.4.3 (TBA)
+# 
+# - Added a title with device uri for found network printers (Issues #402, #393)
+# - Fixed configuration on RISC-V machines (Issue #404)
+#+- Fixed an OpenSSL crash bug (Issue #409)
+# 
+# 
+# Changes in CUPS v2.4.2 (26th May 2022)
+diff --git a/cups/tls-openssl.c b/cups/tls-openssl.c
+index c3e57742e8..6db9f8a9c2 100644
+--- a/cups/tls-openssl.c
++++ b/cups/tls-openssl.c
+@@ -1152,6 +1152,8 @@ _httpTLSStop(http_t *http)		// I - Connection to server
+   SSL_shutdown(http->tls);
+   SSL_CTX_free(context);
+   SSL_free(http->tls);
++
++  http->tls = NULL;
+ }
+ 
+ 
diff --git a/patches/source/cups/cd84d7fde692237af4996d4a0e985a3eb4a293f0.patch b/patches/source/cups/cd84d7fde692237af4996d4a0e985a3eb4a293f0.patch
new file mode 100644
index 000000000..572ca0717
--- /dev/null
+++ b/patches/source/cups/cd84d7fde692237af4996d4a0e985a3eb4a293f0.patch
@@ -0,0 +1,36 @@
+From cd84d7fde692237af4996d4a0e985a3eb4a293f0 Mon Sep 17 00:00:00 2001
+From: Michael R Sweet <michael.r.sweet@gmail.com>
+Date: Mon, 5 Sep 2022 09:20:03 -0400
+Subject: [PATCH] The OpenSSL code path wasn't loading the full certificate
+ chain (Issue #465)
+
+---
+ CHANGES.md         | 1 +
+ cups/tls-openssl.c | 2 +-
+ 2 files changed, 2 insertions(+), 1 deletion(-)
+
+#diff --git a/CHANGES.md b/CHANGES.md
+#index f96677675a..81aef4e680 100644
+#--- a/CHANGES.md
+#+++ b/CHANGES.md
+#@@ -12,6 +12,7 @@ Changes in CUPS v2.4.3 (TBA)
+#   hostname (Issue #419)
+# - Fixed an OpenSSL crash bug (Issue #409)
+# - Fixed a potential SNMP OID value overflow issue (Issue #431)
+#+- Fixed an OpenSSL certificate loading issue (Issue #465)
+# - Look for default printer on network if needed (Issue ##452)
+# - Now localize HTTP responses using the Content-Language value (Issue #426)
+# - Raised file size limit for importing PPD via Web UI (Issue #433)
+diff --git a/cups/tls-openssl.c b/cups/tls-openssl.c
+index ceb3abaedc..acc10fc420 100644
+--- a/cups/tls-openssl.c
++++ b/cups/tls-openssl.c
+@@ -1055,7 +1055,7 @@ _httpTLSStart(http_t *http)		// I - Connection to server
+     }
+ 
+     SSL_CTX_use_PrivateKey_file(context, keyfile, SSL_FILETYPE_PEM);
+-    SSL_CTX_use_certificate_file(context, crtfile, SSL_FILETYPE_PEM);
++    SSL_CTX_use_certificate_chain_file(context, crtfile);
+   }
+ 
+   // Set TLS options...
diff --git a/patches/source/cups/cups.SlackBuild b/patches/source/cups/cups.SlackBuild
index 1b128bfe1..f07c6b183 100755
--- a/patches/source/cups/cups.SlackBuild
+++ b/patches/source/cups/cups.SlackBuild
@@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=cups
 VERSION=${VERSION:-$(echo $PKGNAM-2*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1_slack15.0}
+BUILD=${BUILD:-3_slack15.0}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -81,6 +81,12 @@ cd cups-$VERSION || exit 1
 
 sed -i.orig -e 's#$exec_prefix/lib/cups#$libdir/cups#g' configure
 
+# Fix OpenSSL crash:
+zcat $CWD/c0c403744b1bf4a9790a8fcaabcd60970cbefe06.patch.gz | patch -p1 --verbose || exit 1
+
+# Fix OpenSSL certificate loading issue:
+zcat $CWD/cd84d7fde692237af4996d4a0e985a3eb4a293f0.patch.gz | patch -p1 --verbose || exit 1
+
 # Choose correct options depending on whether PAM is installed:
 if [ -L /lib${LIBDIRSUFFIX}/libpam.so.? ]; then
   PAM_OPTIONS="--enable-pam"
@@ -94,6 +100,7 @@ CFLAGS="$SLKCFLAGS" \
 CXXFLAGS="$SLKCFLAGS" \
 ./configure \
   --libdir=/usr/lib${LIBDIRSUFFIX} \
+  --with-pkgconfpath=/usr/lib${LIBDIRSUFFIX}/pkgconfig \
   --enable-cdsassl=no \
   --docdir=/usr/doc \
   --mandir=/usr/man \
-- 
cgit v1.2.3-65-gdbad