From cb1ee501cabf242b70244f6035a07307b0bb2f35 Mon Sep 17 00:00:00 2001
From: Patrick J Volkerding <volkerdi@slackware.com>
Date: Wed, 4 Mar 2020 22:03:30 +0000
Subject: Wed Mar  4 22:03:30 UTC 2020

a/sdparm-1.10-x86_64-3.txz:  Rebuilt.
  Recompiled against sg3_utils-1.45.
a/udisks-1.0.5-x86_64-5.txz:  Rebuilt.
  Recompiled against sg3_utils-1.45.
d/cmake-3.16.5-x86_64-1.txz:  Upgraded.
l/libgpod-0.8.3-x86_64-6.txz:  Rebuilt.
  Recompiled against sg3_utils-1.45.
n/curl-7.69.0-x86_64-1.txz:  Upgraded.
n/cyrus-sasl-2.1.27-x86_64-3.txz:  Rebuilt.
  Added SQL support via MariaDB. Thanks to niksoggia.
n/ntp-4.2.8p14-x86_64-1.txz:  Upgraded.
n/ppp-2.4.8-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  By sending an unsolicited EAP packet to a vulnerable ppp client or server,
  an unauthenticated remote attacker could cause memory corruption in the
  pppd process, which may allow for arbitrary code execution.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8597
  (* Security fix *)
testing/packages/PAM/cyrus-sasl-2.1.27-x86_64-3_pam.txz:  Rebuilt.
  Added SQL support via MariaDB. Thanks to niksoggia.
testing/packages/PAM/ppp-2.4.8-x86_64-1_pam.txz:  Upgraded.
  This update fixes a security issue:
  By sending an unsolicited EAP packet to a vulnerable ppp client or server,
  an unauthenticated remote attacker could cause memory corruption in the
  pppd process, which may allow for arbitrary code execution.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8597
  (* Security fix *)
---
 source/n/ppp/ppp.SlackBuild | 17 +++++++----------
 1 file changed, 7 insertions(+), 10 deletions(-)

(limited to 'source/n/ppp/ppp.SlackBuild')

diff --git a/source/n/ppp/ppp.SlackBuild b/source/n/ppp/ppp.SlackBuild
index 13b21fb36..7253998e0 100755
--- a/source/n/ppp/ppp.SlackBuild
+++ b/source/n/ppp/ppp.SlackBuild
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2013, 2015, 2018  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2013, 2015, 2018, 2020  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -23,10 +23,10 @@
 cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=ppp
-VERSION=2.4.7
-RADVER=1.1.6
+VERSION=2.4.8
+RADVER=1.1.7
 PPPVER=1.98
-BUILD=${BUILD:-3}
+BUILD=${BUILD:-1}
 
 NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}
 
@@ -64,9 +64,9 @@ echo "+============+"
 echo "| ppp-$VERSION |"
 echo "+============+"
 cd $TMP
-rm -rf ppp-$VERSION
+rm -rf ppp-$VERSION ppp-ppp-$VERSION
 tar xvf $CWD/ppp-$VERSION.tar.xz || exit 1
-cd ppp-$VERSION || exit 1
+cd ppp-ppp-$VERSION || ppp-$VERSION || exit 1
 chown -R root:root .
 find . \
   \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
@@ -81,10 +81,7 @@ sed -i -e "s#lib/pppd#lib${LIBDIRSUFFIX}/pppd#g" $(grep -lr 'lib/pppd' *)
 rm -f include/linux/if_pppol2tp.h
 
 zcat $CWD/ppp.CVE-2015-3310.diff.gz | patch -p1 --verbose || exit 1
-
-zcat $CWD/0028-pppoe-include-netinet-in.h-before-linux-in.h.patch.gz | patch -p1 --verbose || exit 1
-
-zcat $CWD/ppp.glibc228.diff.gz | patch -p1 --verbose || exit 1
+zcat $CWD/ppp.CVE-2020-8597.patch.gz | patch -p1 --verbose || exit 1
 
 # Choose correct options depending on whether PAM is installed:
 if [ -L /lib${LIBDIRSUFFIX}/libpam.so.? ]; then
-- 
cgit v1.2.3-65-gdbad