From d9f16c58d5d4ac0333335c8c6112629a4f520a05 Mon Sep 17 00:00:00 2001
From: Patrick J Volkerding <volkerdi@slackware.com>
Date: Wed, 18 Jul 2018 22:41:16 +0000
Subject: Wed Jul 18 22:41:16 UTC 2018

n/httpd-2.4.34-x86_64-1.txz:  Upgraded.
  This update fixes two denial of service issues:
  mod_md: DoS via Coredumps on specially crafted requests
  mod_http2: DoS for HTTP/2 connections by specially crafted requests
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8011
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1333
  (* Security fix *)
---
 source/n/NetworkManager/NetworkManager.SlackBuild  |  2 +-
 ...-e205664ba8c25939f1678d1b078a67989c180046.patch | 54 ++++++++++++++++++++++
 source/n/httpd/httpd.SlackBuild                    |  2 +-
 source/n/httpd/httpd.url                           |  4 +-
 4 files changed, 58 insertions(+), 4 deletions(-)
 create mode 100644 source/n/NetworkManager/patches/NM-1.12.0-e205664ba8c25939f1678d1b078a67989c180046.patch

(limited to 'source/n')

diff --git a/source/n/NetworkManager/NetworkManager.SlackBuild b/source/n/NetworkManager/NetworkManager.SlackBuild
index fdfe6ef31..b50b603ac 100755
--- a/source/n/NetworkManager/NetworkManager.SlackBuild
+++ b/source/n/NetworkManager/NetworkManager.SlackBuild
@@ -27,7 +27,7 @@ cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=NetworkManager
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-3}
 
 # Automatically determine the architecture we're building on:
 MARCH=$( uname -m )
diff --git a/source/n/NetworkManager/patches/NM-1.12.0-e205664ba8c25939f1678d1b078a67989c180046.patch b/source/n/NetworkManager/patches/NM-1.12.0-e205664ba8c25939f1678d1b078a67989c180046.patch
new file mode 100644
index 000000000..3c17434b7
--- /dev/null
+++ b/source/n/NetworkManager/patches/NM-1.12.0-e205664ba8c25939f1678d1b078a67989c180046.patch
@@ -0,0 +1,54 @@
+From e205664ba8c25939f1678d1b078a67989c180046 Mon Sep 17 00:00:00 2001
+From: Beniamino Galvani <bgalvani@redhat.com>
+Date: Fri, 6 Jul 2018 15:54:16 +0200
+Subject: [PATCH] manager: accept non-null device for VPN activations
+
+Commit 10753c36168a ("manager: merge VPN handling into
+_new_active_connection()") added a check to fail the activation of
+VPNs when a device is passed to ActivateConnection(), since the device
+argument is ignored for VPNs.
+
+This broke activating VPNs from nm-applet as nm-applet sets both the
+specific_object (parent-connection) and device arguments in the
+activation request.
+
+Note that we already check in _new_active_connection() that when a
+device is supplied, it matches the device of the parent
+connection. Therefore, the check can be dropped.
+
+Reported-by: Michael Biebl <biebl@debian.org>
+Fixes: 10753c36168a82cd658df8a7da800960fddd78ed
+
+https://github.com/NetworkManager/NetworkManager/pull/159
+---
+ src/nm-manager.c | 16 +---------------
+ 1 file changed, 1 insertion(+), 15 deletions(-)
+
+diff --git a/src/nm-manager.c b/src/nm-manager.c
+index 67c71fea91..4c4b6bb5a9 100644
+--- a/src/nm-manager.c
++++ b/src/nm-manager.c
+@@ -4611,21 +4611,7 @@ validate_activation_request (NMManager *self,
+ 		}
+ 	}
+ 
+-	if (is_vpn && device) {
+-		/* VPN's are treated specially. Maybe the should accept a device as well,
+-		 * however, later on during activation, we don't handle the device.
+-		 *
+-		 * Maybe we should, and maybe it makes sense to specify a device
+-		 * when activating a VPN. But for now, just error out.  */
+-		g_set_error_literal (error,
+-		                     NM_MANAGER_ERROR,
+-		                     NM_MANAGER_ERROR_UNKNOWN_DEVICE,
+-		                     "Cannot specify device when activating VPN");
+-		return NULL;
+-	}
+-
+-	nm_assert (   ( is_vpn && !device)
+-	           || (!is_vpn && NM_IS_DEVICE (device)));
++	nm_assert (is_vpn || NM_IS_DEVICE (device));
+ 
+ 	*out_device = device;
+ 	*out_is_vpn = is_vpn;
+
diff --git a/source/n/httpd/httpd.SlackBuild b/source/n/httpd/httpd.SlackBuild
index a78468e3e..63424fba9 100755
--- a/source/n/httpd/httpd.SlackBuild
+++ b/source/n/httpd/httpd.SlackBuild
@@ -27,7 +27,7 @@ cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=httpd
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-4}
+BUILD=${BUILD:-1}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
diff --git a/source/n/httpd/httpd.url b/source/n/httpd/httpd.url
index ae8104145..152982ae4 100644
--- a/source/n/httpd/httpd.url
+++ b/source/n/httpd/httpd.url
@@ -1,2 +1,2 @@
-http://www.apache.org/dist/httpd/httpd-2.4.33.tar.bz2
-http://www.apache.org/dist/httpd/httpd-2.4.33.tar.bz2.asc
+http://www.apache.org/dist/httpd/httpd-2.4.34.tar.bz2
+http://www.apache.org/dist/httpd/httpd-2.4.34.tar.bz2.asc
-- 
cgit v1.2.3-65-gdbad