Miroirs/slackware-current
1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2025-01-13 08:01:53 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Mon Nov 13 19:20:40 UTC 2023

Browse source 
extra/tigervnc/tigervnc-1.12.0-x86_64-4_slack15.0.txz:  Rebuilt.
  Recompiled against xorg-server-1.20.14, including patches for several
  security issues. Thanks to marav.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-3550
    https://www.cve.org/CVERecord?id=CVE-2022-3551
    https://www.cve.org/CVERecord?id=CVE-2022-3553
    https://www.cve.org/CVERecord?id=CVE-2022-4283
    https://www.cve.org/CVERecord?id=CVE-2022-46340
    https://www.cve.org/CVERecord?id=CVE-2022-46341
    https://www.cve.org/CVERecord?id=CVE-2022-46342
    https://www.cve.org/CVERecord?id=CVE-2022-46343
    https://www.cve.org/CVERecord?id=CVE-2022-46344
    https://www.cve.org/CVERecord?id=CVE-2023-0494
    https://www.cve.org/CVERecord?id=CVE-2023-1393
    https://www.cve.org/CVERecord?id=CVE-2023-5367
    https://www.cve.org/CVERecord?id=CVE-2023-5380
  (* Security fix *)
This commit is contained in:
Patrick J Volkerding 2023-11-13 19:20:40 +00:00 committed by Eric Hameleers
parent 048a0f1ff7
commit 3dc2470097
23 changed files with 1500 additions and 157 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
ChangeLog.rss
View file

@ -11,9 +11,37 @@
<description>Tracking Slackware development in git.</description>
<language>en-us</language>
<id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
<pubDate>Fri, 10 Nov 2023 18:46:44 GMT</pubDate>
<lastBuildDate>Sat, 11 Nov 2023 12:30:26 GMT</lastBuildDate>
<pubDate>Mon, 13 Nov 2023 19:20:40 GMT</pubDate>
<lastBuildDate>Tue, 14 Nov 2023 12:30:25 GMT</lastBuildDate>
<generator>maintain_current_git.sh v 1.17</generator>
<item>
<title>Mon, 13 Nov 2023 19:20:40 GMT</title>
<pubDate>Mon, 13 Nov 2023 19:20:40 GMT</pubDate>
<link>https://git.slackware.nl/current/tag/?h=20231113192040</link>
<guid isPermaLink="false">20231113192040</guid>
<description>
<![CDATA[<pre>
extra/tigervnc/tigervnc-1.12.0-x86_64-4_slack15.0.txz: Rebuilt.
Recompiled against xorg-server-1.20.14, including patches for several
security issues. Thanks to marav.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-3550
https://www.cve.org/CVERecord?id=CVE-2022-3551
https://www.cve.org/CVERecord?id=CVE-2022-3553
https://www.cve.org/CVERecord?id=CVE-2022-4283
https://www.cve.org/CVERecord?id=CVE-2022-46340
https://www.cve.org/CVERecord?id=CVE-2022-46341
https://www.cve.org/CVERecord?id=CVE-2022-46342
https://www.cve.org/CVERecord?id=CVE-2022-46343
https://www.cve.org/CVERecord?id=CVE-2022-46344
https://www.cve.org/CVERecord?id=CVE-2023-0494
https://www.cve.org/CVERecord?id=CVE-2023-1393
https://www.cve.org/CVERecord?id=CVE-2023-5367
https://www.cve.org/CVERecord?id=CVE-2023-5380
(* Security fix *)
</pre>]]>
</description>
</item>
<item>
<title>Fri, 10 Nov 2023 18:46:44 GMT</title>
<pubDate>Fri, 10 Nov 2023 18:46:44 GMT</pubDate>

20
ChangeLog.txt
View file

@ -1,3 +1,23 @@
Mon Nov 13 19:20:40 UTC 2023
extra/tigervnc/tigervnc-1.12.0-x86_64-4_slack15.0.txz: Rebuilt.
Recompiled against xorg-server-1.20.14, including patches for several
security issues. Thanks to marav.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-3550
https://www.cve.org/CVERecord?id=CVE-2022-3551
https://www.cve.org/CVERecord?id=CVE-2022-3553
https://www.cve.org/CVERecord?id=CVE-2022-4283
https://www.cve.org/CVERecord?id=CVE-2022-46340
https://www.cve.org/CVERecord?id=CVE-2022-46341
https://www.cve.org/CVERecord?id=CVE-2022-46342
https://www.cve.org/CVERecord?id=CVE-2022-46343
https://www.cve.org/CVERecord?id=CVE-2022-46344
https://www.cve.org/CVERecord?id=CVE-2023-0494
https://www.cve.org/CVERecord?id=CVE-2023-1393
https://www.cve.org/CVERecord?id=CVE-2023-5367
https://www.cve.org/CVERecord?id=CVE-2023-5380
(* Security fix *)
+--------------------------+
Fri Nov 10 18:46:44 UTC 2023
patches/packages/whois-5.5.20-x86_64-1_slack15.0.txz: Upgraded.
Added the .gn TLD server.

316
FILELIST.TXT
View file

@ -1,20 +1,20 @@
Fri Nov 10 18:49:15 UTC 2023
Mon Nov 13 19:23:08 UTC 2023
Here is the file list for this directory. If you are using a
mirror site and find missing or extra files in the disk
subdirectories, please have the archive administrator refresh
the mirror.
drwxr-xr-x 12 root root 4096 2023-11-10 18:46 .
drwxr-xr-x 12 root root 4096 2023-11-13 19:20 .
-rw-r--r-- 1 root root 5767 2022-02-02 22:44 ./ANNOUNCE.15.0
-rw-r--r-- 1 root root 16609 2022-03-30 19:03 ./CHANGES_AND_HINTS.TXT
-rw-r--r-- 1 root root 1195426 2023-11-08 22:08 ./CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2023-11-08 22:08 ./CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 1195426 2023-11-10 18:49 ./CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2023-11-10 18:49 ./CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING
-rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3
-rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT
-rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT
-rw-r--r-- 1 root root 2059489 2023-11-10 18:46 ./ChangeLog.txt
-rw-r--r-- 1 root root 2060438 2023-11-13 19:20 ./ChangeLog.txt
drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI
drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT
-rw-r--r-- 1 root root 1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi
@ -25,7 +25,7 @@ drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT
-rwxr-xr-x 1 root root 2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh
-rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg
-rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg
-rw-r--r-- 1 root root 1563301 2023-11-08 22:08 ./FILELIST.TXT
-rw-r--r-- 1 root root 1563301 2023-11-10 18:49 ./FILELIST.TXT
-rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY
-rw-r--r-- 1 root root 864745 2022-02-02 08:25 ./PACKAGES.TXT
-rw-r--r-- 1 root root 8034 2022-02-02 03:36 ./README.TXT
@ -39,12 +39,12 @@ drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT
-rw-r--r-- 1 root root 17294 2008-12-08 18:13 ./SPEAK_INSTALL.TXT
-rw-r--r-- 1 root root 57187 2022-02-01 19:37 ./Slackware-HOWTO
-rw-r--r-- 1 root root 8700 2022-01-26 05:44 ./UPGRADE.TXT
drwxr-xr-x 19 root root 4096 2023-10-31 18:51 ./extra
-rw-r--r-- 1 root root 49689 2023-10-31 18:51 ./extra/CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2023-10-31 18:51 ./extra/CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 62542 2023-10-31 18:51 ./extra/FILE_LIST
-rw-r--r-- 1 root root 1978342 2023-10-31 18:51 ./extra/MANIFEST.bz2
-rw-r--r-- 1 root root 36555 2023-10-31 18:51 ./extra/PACKAGES.TXT
drwxr-xr-x 19 root root 4096 2023-11-13 19:23 ./extra
-rw-r--r-- 1 root root 51532 2023-11-13 19:23 ./extra/CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2023-11-13 19:23 ./extra/CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 64691 2023-11-13 19:23 ./extra/FILE_LIST
-rw-r--r-- 1 root root 1976967 2023-11-13 19:23 ./extra/MANIFEST.bz2
-rw-r--r-- 1 root root 36565 2023-11-13 19:23 ./extra/PACKAGES.TXT
-rw-r--r-- 1 root root 149 2002-02-09 00:18 ./extra/README.TXT
drwxr-xr-x 2 root root 20480 2020-05-26 20:38 ./extra/aspell-word-lists
-rw-r--r-- 1 root root 171 2016-06-06 20:10 ./extra/aspell-word-lists/aspell-af-0.50_0-x86_64-5.txt
@ -369,7 +369,7 @@ drwxr-xr-x 2 root root 4096 2023-06-06 20:34 ./extra/sendmail
-rw-r--r-- 1 root root 586 2023-06-06 19:10 ./extra/sendmail/sendmail-cf-8.17.2-noarch-2_slack15.0.txt
-rw-r--r-- 1 root root 118876 2023-06-06 19:10 ./extra/sendmail/sendmail-cf-8.17.2-noarch-2_slack15.0.txz
-rw-r--r-- 1 root root 163 2023-06-06 19:10 ./extra/sendmail/sendmail-cf-8.17.2-noarch-2_slack15.0.txz.asc
drwxr-xr-x 17 root root 4096 2023-09-28 21:35 ./extra/source
drwxr-xr-x 17 root root 4096 2023-11-13 19:19 ./extra/source
lrwxrwxrwx 1 root root 21 2021-04-29 18:18 ./extra/source/alpine -> ../../source/n/alpine
drwxr-xr-x 4 root root 4096 2018-11-09 05:59 ./extra/source/aspell-word-lists
-rwxr-xr-x 1 root root 3531 2020-05-26 20:06 ./extra/source/aspell-word-lists/aspell-dict.SlackBuild
@ -608,18 +608,36 @@ drwxr-xr-x 2 root root 4096 2023-06-04 18:40 ./extra/source/sendmail
-rw-r--r-- 1 root root 360 2023-06-06 19:03 ./extra/source/sendmail/site.config.m4
-rw-r--r-- 1 root root 959 2018-02-27 06:13 ./extra/source/sendmail/slack-desc.sendmail
-rw-r--r-- 1 root root 1045 2018-02-27 06:13 ./extra/source/sendmail/slack-desc.sendmail-cf
drwxr-xr-x 3 root root 4096 2021-11-23 19:22 ./extra/source/tigervnc
drwxr-xr-x 3 root root 4096 2023-11-13 18:53 ./extra/source/tigervnc
-rw-r--r-- 1 root root 590 2015-08-25 10:53 ./extra/source/tigervnc/10-libvnc.conf
-rw-r--r-- 1 root root 448 2021-11-15 21:44 ./extra/source/tigervnc/doinst.sh.gz
drwxr-xr-x 3 root root 4096 2021-11-22 19:23 ./extra/source/tigervnc/patches
-rw-r--r-- 1 root root 405 2019-11-18 19:15 ./extra/source/tigervnc/patches/force_protocol_3.3_for_UVNCSC.patch.gz
-rw-r--r-- 1 root root 299 2021-11-23 19:22 ./extra/source/tigervnc/patches/tigervnc.pam.d.diff.gz
-rw-r--r-- 1 root root 279 2021-11-22 19:23 ./extra/source/tigervnc/patches/vncserver.xinitrc.diff.gz
drwxr-xr-x 2 root root 4096 2021-11-15 19:49 ./extra/source/tigervnc/patches/xorg-server
drwxr-xr-x 2 root root 4096 2023-11-13 18:52 ./extra/source/tigervnc/patches/xorg-server
-rw-r--r-- 1 root root 623 2018-07-15 18:32 ./extra/source/tigervnc/patches/xorg-server/0001-Always-install-vbe-and-int10-sdk-headers.patch.gz
-rw-r--r-- 1 root root 3846 2018-07-15 18:32 ./extra/source/tigervnc/patches/xorg-server/0001-autobind-GPUs-to-the-screen.patch.gz
-rw-r--r-- 1 root root 1175 2022-07-12 17:02 ./extra/source/tigervnc/patches/xorg-server/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch.gz
-rw-r--r-- 1 root root 879 2019-02-26 23:17 ./extra/source/tigervnc/patches/xorg-server/0001-xfree86-use-modesetting-driver-by-default-on-GeForce.patch.gz
-rw-r--r-- 1 root root 2243 2022-07-12 17:03 ./extra/source/tigervnc/patches/xorg-server/0002-dd8caf39e9e15d8f302e54045dd08d8ebf1025dc.patch.gz
-rw-r--r-- 1 root root 1923 2022-07-12 17:03 ./extra/source/tigervnc/patches/xorg-server/0003-6907b6ea2b4ce949cb07271f5b678d5966d9df42.patch.gz
-rw-r--r-- 1 root root 418 2020-12-02 09:50 ./extra/source/tigervnc/patches/xorg-server/06_use-intel-only-on-pre-gen4.diff.gz
-rw-r--r-- 1 root root 694 2023-02-07 19:35 ./extra/source/tigervnc/patches/xorg-server/857.patch.gz
-rw-r--r-- 1 root root 637 2022-10-17 18:19 ./extra/source/tigervnc/patches/xorg-server/CVE-2022-3550.patch.gz
-rw-r--r-- 1 root root 842 2022-10-17 18:21 ./extra/source/tigervnc/patches/xorg-server/CVE-2022-3551.patch.gz
-rw-r--r-- 1 root root 907 2022-10-17 18:21 ./extra/source/tigervnc/patches/xorg-server/CVE-2022-3553.patch.gz
-rw-r--r-- 1 root root 664 2022-12-14 19:20 ./extra/source/tigervnc/patches/xorg-server/CVE-2022-4283.patch.gz
-rw-r--r-- 1 root root 345 2022-12-19 18:38 ./extra/source/tigervnc/patches/xorg-server/CVE-2022-46340.correction.patch.gz
-rw-r--r-- 1 root root 1056 2022-12-14 19:21 ./extra/source/tigervnc/patches/xorg-server/CVE-2022-46340.patch.gz
-rw-r--r-- 1 root root 1358 2022-12-14 19:21 ./extra/source/tigervnc/patches/xorg-server/CVE-2022-46341.patch.gz
-rw-r--r-- 1 root root 1391 2022-12-14 19:22 ./extra/source/tigervnc/patches/xorg-server/CVE-2022-46342.patch.gz
-rw-r--r-- 1 root root 863 2022-12-14 19:22 ./extra/source/tigervnc/patches/xorg-server/CVE-2022-46343.patch.gz
-rw-r--r-- 1 root root 1049 2022-12-14 19:23 ./extra/source/tigervnc/patches/xorg-server/CVE-2022-46344.patch.gz
-rw-r--r-- 1 root root 605 2023-02-07 19:33 ./extra/source/tigervnc/patches/xorg-server/CVE-2023-0494.patch.gz
-rw-r--r-- 1 root root 792 2023-03-29 18:09 ./extra/source/tigervnc/patches/xorg-server/CVE-2023-1393.patch.gz
-rw-r--r-- 1 root root 1127 2023-10-25 18:35 ./extra/source/tigervnc/patches/xorg-server/CVE-2023-5367.patch.gz
-rw-r--r-- 1 root root 1534 2023-10-25 18:40 ./extra/source/tigervnc/patches/xorg-server/CVE-2023-5380.patch.gz
-rw-r--r-- 1 root root 298 2018-05-30 05:02 ./extra/source/tigervnc/patches/xorg-server/fix-nouveau-segfault.diff.gz
-rw-r--r-- 1 root root 357 2020-09-11 18:38 ./extra/source/tigervnc/patches/xorg-server/fix-pci-segfault.diff.gz
-rw-r--r-- 1 root root 340 2012-04-14 03:01 ./extra/source/tigervnc/patches/xorg-server/x11.startwithblackscreen.diff.gz
@ -627,8 +645,8 @@ drwxr-xr-x 2 root root 4096 2021-11-15 19:49 ./extra/source/tigervnc/patch
-rw-r--r-- 1 root root 1437 2018-05-15 07:55 ./extra/source/tigervnc/patches/xserver120.patch.gz
-rw-r--r-- 1 root root 930 2018-07-26 17:46 ./extra/source/tigervnc/slack-desc
-rw-r--r-- 1 root root 1094249 2021-11-09 07:51 ./extra/source/tigervnc/tigervnc-1.12.0.tar.lz
-rwxr-xr-- 1 root root 8834 2021-11-23 19:22 ./extra/source/tigervnc/tigervnc.SlackBuild
-rw-r--r-- 1 root root 5122260 2021-07-29 18:54 ./extra/source/tigervnc/xorg-server-1.20.13.tar.xz
-rwxr-xr-- 1 root root 10519 2023-11-13 18:57 ./extra/source/tigervnc/tigervnc.SlackBuild
-rw-r--r-- 1 root root 5178288 2021-12-15 19:04 ./extra/source/tigervnc/xorg-server-1.20.14.tar.xz
drwxr-xr-x 2 root root 4096 2019-09-29 23:48 ./extra/source/xf86-video-fbdev
-rw-r--r-- 1 root root 875 2018-02-27 06:13 ./extra/source/xf86-video-fbdev/slack-desc
-rw-r--r-- 1 root root 261644 2018-05-30 16:33 ./extra/source/xf86-video-fbdev/xf86-video-fbdev-0.5.0.tar.xz
@ -652,11 +670,11 @@ drwxr-xr-x 2 root root 4096 2018-04-23 17:20 ./extra/source/xv
-rw-r--r-- 1 root root 229 2010-02-19 19:27 ./extra/source/xv/xv.jasper.diff.gz
-rw-r--r-- 1 root root 317 2010-02-19 19:15 ./extra/source/xv/xv.prefix.diff.gz
-rw-r--r-- 1 root root 282 2010-02-19 19:16 ./extra/source/xv/xv.prefix_x86_64.diff.gz
drwxr-xr-x 2 root root 4096 2021-11-23 19:46 ./extra/tigervnc
drwxr-xr-x 2 root root 4096 2023-11-13 19:23 ./extra/tigervnc
-rw-r--r-- 1 root root 0 2015-12-15 08:03 ./extra/tigervnc/the_fltk_package_must_also_be_installed
-rw-r--r-- 1 root root 474 2021-11-23 19:26 ./extra/tigervnc/tigervnc-1.12.0-x86_64-3.txt
-rw-r--r-- 1 root root 1452280 2021-11-23 19:26 ./extra/tigervnc/tigervnc-1.12.0-x86_64-3.txz
-rw-r--r-- 1 root root 163 2021-11-23 19:26 ./extra/tigervnc/tigervnc-1.12.0-x86_64-3.txz.asc
-rw-r--r-- 1 root root 474 2023-11-13 19:05 ./extra/tigervnc/tigervnc-1.12.0-x86_64-4_slack15.0.txt
-rw-r--r-- 1 root root 1452740 2023-11-13 19:05 ./extra/tigervnc/tigervnc-1.12.0-x86_64-4_slack15.0.txz
-rw-r--r-- 1 root root 163 2023-11-13 19:05 ./extra/tigervnc/tigervnc-1.12.0-x86_64-4_slack15.0.txz.asc
drwxr-xr-x 2 root root 4096 2018-06-01 21:55 ./extra/xf86-video-fbdev
-rw-r--r-- 1 root root 411 2018-06-01 05:21 ./extra/xf86-video-fbdev/xf86-video-fbdev-0.5.0-x86_64-1.txt
-rw-r--r-- 1 root root 10936 2018-06-01 05:21 ./extra/xf86-video-fbdev/xf86-video-fbdev-0.5.0-x86_64-1.txz
@ -2715,36 +2733,36 @@ drwxr-xr-x 2 root root 16384 2022-02-02 08:24 ./slackware64/d
-rw-r--r-- 1 root root 143136 2021-02-13 09:13 ./slackware64/d/cscope-15.9-x86_64-3.txz
-rw-r--r-- 1 root root 163 2021-02-13 09:13 ./slackware64/d/cscope-15.9-x86_64-3.txz.asc
-rw-r--r-- 1 root root 536 2021-02-13 09:13 ./slackware64/d/cvs-1.11.23-x86_64-7.txt
-rw-r--r-- 1 root root 721504 2021-02-13 09:13 ./slackware64/d/cvs-1.11.23-x86_64-7.txz
-rw-r--r-- 1 root root 163 2021-02-13 09:13 ./slackware64/d/cvs-1.11.23-x86_64-7.txz.asc
-rw-r--r-- 1 root root 397 2021-02-13 09:14 ./slackware64/d/dev86-0.16.21-x86_64-4.txt
-rw-r--r-- 1 root root 306840 2021-02-13 09:14 ./slackware64/d/dev86-0.16.21-x86_64-4.txz
-rw-r--r-- 1 root root 163 2021-02-13 09:14 ./slackware64/d/dev86-0.16.21-x86_64-4.txz.asc
-rw-r--r-- 1 root root 481 2021-11-03 00:52 ./slackware64/d/distcc-3.4-x86_64-3.txt
-rw-r--r-- 1 root root 314132 2021-11-03 00:52 ./slackware64/d/distcc-3.4-x86_64-3.txz
-rw-r--r-- 1 root root 163 2021-11-03 00:52 ./slackware64/d/distcc-3.4-x86_64-3.txz.asc
-rw-r--r-- 1 root root 543 2022-01-05 01:04 ./slackware64/d/doxygen-1.9.3-x86_64-2.txt
-rw-r--r-- 1 root root 9349496 2022-01-05 01:04 ./slackware64/d/doxygen-1.9.3-x86_64-2.txz
-rw-r--r-- 1 root root 163 2022-01-05 01:04 ./slackware64/d/doxygen-1.9.3-x86_64-2.txz.asc
-rw-r--r-- 1 root root 371 2021-02-13 09:16 ./slackware64/d/flex-2.6.4-x86_64-5.txt
-rw-r--r-- 1 root root 282436 2021-02-13 09:16 ./slackware64/d/flex-2.6.4-x86_64-5.txz
-rw-r--r-- 1 root root 163 2021-02-13 09:16 ./slackware64/d/flex-2.6.4-x86_64-5.txz.asc
-rw-r--r-- 1 root root 313 2021-08-25 18:27 ./slackware64/d/gcc-11.2.0-x86_64-2.txt
-rw-r--r-- 1 root root 21660016 2021-08-25 18:27 ./slackware64/d/gcc-11.2.0-x86_64-2.txz
-rw-r--r-- 1 root root 163 2021-08-25 18:27 ./slackware64/d/gcc-11.2.0-x86_64-2.txz.asc
-rw-r--r-- 1 root root 512 2021-08-25 18:29 ./slackware64/d/gcc-brig-11.2.0-x86_64-2.txt
-rw-r--r-- 1 root root 8310844 2021-08-25 18:29 ./slackware64/d/gcc-brig-11.2.0-x86_64-2.txz
-rw-r--r-- 1 root root 163 2021-08-25 18:29 ./slackware64/d/gcc-brig-11.2.0-x86_64-2.txz.asc
-rw-r--r-- 1 root root 255 2021-08-25 18:27 ./slackware64/d/gcc-g++-11.2.0-x86_64-2.txt
-rw-r--r-- 1 root root 11701300 2021-08-25 18:27 ./slackware64/d/gcc-g++-11.2.0-x86_64-2.txz
-rw-r--r-- 1 root root 163 2021-08-25 18:27 ./slackware64/d/gcc-g++-11.2.0-x86_64-2.txz.asc
-rw-r--r-- 1 root root 275 2021-08-25 18:29 ./slackware64/d/gcc-gdc-11.2.0-x86_64-2.txt
-rw-r--r-- 1 root root 13758736 2021-08-25 18:29 ./slackware64/d/gcc-gdc-11.2.0-x86_64-2.txz
-rw-r--r-- 1 root root 163 2021-08-25 18:29 ./slackware64/d/gcc-gdc-11.2.0-x86_64-2.txz.asc
-rw-r--r-- 1 root root 584 2021-08-25 18:28 ./slackware64/d/gcc-gfortran-11.2.0-x86_64-2.txt
-rw-r--r-- 1 root root 9905788 2021-08-25 18:28 ./slackware64/d/gcc-gfortran-11.2.0-x86_64-2.txz
-rw-r--r-- 1 root root 163 2021-08-25 18:28 ./slackware64/d/gcc-gfortran-11.2.0-x86_64-2.txz.asc
-rw-r--r-- 1 root root 414 2021-08-25 18:28 ./slackware64/d/gcc-gnat-11.2.0-x86_64-2.txt
-rw-r--r-- 1 root root 721504 2021-02-13 09:13 ./slackware64/d/cvs-1.11.23-x86_64-7.txz
-rw-r--r-- 1 root root 163 2021-02-13 09:13 ./slackware64/d/cvs-1.11.23-x86_64-7.txz.asc
-rw-r--r-- 1 root root 397 2021-02-13 09:14 ./slackware64/d/dev86-0.16.21-x86_64-4.txt
-rw-r--r-- 1 root root 306840 2021-02-13 09:14 ./slackware64/d/dev86-0.16.21-x86_64-4.txz
-rw-r--r-- 1 root root 163 2021-02-13 09:14 ./slackware64/d/dev86-0.16.21-x86_64-4.txz.asc
-rw-r--r-- 1 root root 481 2021-11-03 00:52 ./slackware64/d/distcc-3.4-x86_64-3.txt
-rw-r--r-- 1 root root 314132 2021-11-03 00:52 ./slackware64/d/distcc-3.4-x86_64-3.txz
-rw-r--r-- 1 root root 163 2021-11-03 00:52 ./slackware64/d/distcc-3.4-x86_64-3.txz.asc
-rw-r--r-- 1 root root 543 2022-01-05 01:04 ./slackware64/d/doxygen-1.9.3-x86_64-2.txt
-rw-r--r-- 1 root root 9349496 2022-01-05 01:04 ./slackware64/d/doxygen-1.9.3-x86_64-2.txz
-rw-r--r-- 1 root root 163 2022-01-05 01:04 ./slackware64/d/doxygen-1.9.3-x86_64-2.txz.asc
-rw-r--r-- 1 root root 371 2021-02-13 09:16 ./slackware64/d/flex-2.6.4-x86_64-5.txt
-rw-r--r-- 1 root root 282436 2021-02-13 09:16 ./slackware64/d/flex-2.6.4-x86_64-5.txz
-rw-r--r-- 1 root root 163 2021-02-13 09:16 ./slackware64/d/flex-2.6.4-x86_64-5.txz.asc
-rw-r--r-- 1 root root 313 2021-08-25 18:27 ./slackware64/d/gcc-11.2.0-x86_64-2.txt
-rw-r--r-- 1 root root 21660016 2021-08-25 18:27 ./slackware64/d/gcc-11.2.0-x86_64-2.txz
-rw-r--r-- 1 root root 163 2021-08-25 18:27 ./slackware64/d/gcc-11.2.0-x86_64-2.txz.asc
-rw-r--r-- 1 root root 512 2021-08-25 18:29 ./slackware64/d/gcc-brig-11.2.0-x86_64-2.txt
-rw-r--r-- 1 root root 8310844 2021-08-25 18:29 ./slackware64/d/gcc-brig-11.2.0-x86_64-2.txz
-rw-r--r-- 1 root root 163 2021-08-25 18:29 ./slackware64/d/gcc-brig-11.2.0-x86_64-2.txz.asc
-rw-r--r-- 1 root root 255 2021-08-25 18:27 ./slackware64/d/gcc-g++-11.2.0-x86_64-2.txt
-rw-r--r-- 1 root root 11701300 2021-08-25 18:27 ./slackware64/d/gcc-g++-11.2.0-x86_64-2.txz
-rw-r--r-- 1 root root 163 2021-08-25 18:27 ./slackware64/d/gcc-g++-11.2.0-x86_64-2.txz.asc
-rw-r--r-- 1 root root 275 2021-08-25 18:29 ./slackware64/d/gcc-gdc-11.2.0-x86_64-2.txt
-rw-r--r-- 1 root root 13758736 2021-08-25 18:29 ./slackware64/d/gcc-gdc-11.2.0-x86_64-2.txz
-rw-r--r-- 1 root root 163 2021-08-25 18:29 ./slackware64/d/gcc-gdc-11.2.0-x86_64-2.txz.asc
-rw-r--r-- 1 root root 584 2021-08-25 18:28 ./slackware64/d/gcc-gfortran-11.2.0-x86_64-2.txt
-rw-r--r-- 1 root root 9905788 2021-08-25 18:28 ./slackware64/d/gcc-gfortran-11.2.0-x86_64-2.txz
-rw-r--r-- 1 root root 163 2021-08-25 18:28 ./slackware64/d/gcc-gfortran-11.2.0-x86_64-2.txz.asc
-rw-r--r-- 1 root root 414 2021-08-25 18:28 ./slackware64/d/gcc-gnat-11.2.0-x86_64-2.txt
-rw-r--r-- 1 root root 17424960 2021-08-25 18:28 ./slackware64/d/gcc-gnat-11.2.0-x86_64-2.txz
-rw-r--r-- 1 root root 163 2021-08-25 18:28 ./slackware64/d/gcc-gnat-11.2.0-x86_64-2.txz.asc
-rw-r--r-- 1 root root 572 2021-08-25 18:29 ./slackware64/d/gcc-go-11.2.0-x86_64-2.txt
@ -5449,35 +5467,35 @@ drwxr-xr-x 2 root root 32768 2022-02-01 04:47 ./slackware64/n
-rw-r--r-- 1 root root 10264 2021-02-13 12:15 ./slackware64/n/netkit-rwall-0.17-x86_64-5.txz
-rw-r--r-- 1 root root 163 2021-02-13 12:15 ./slackware64/n/netkit-rwall-0.17-x86_64-5.txz.asc
-rw-r--r-- 1 root root 688 2021-02-13 12:15 ./slackware64/n/netkit-rwho-0.17-x86_64-5.txt
-rw-r--r-- 1 root root 16988 2021-02-13 12:15 ./slackware64/n/netkit-rwho-0.17-x86_64-5.txz
-rw-r--r-- 1 root root 163 2021-02-13 12:15 ./slackware64/n/netkit-rwho-0.17-x86_64-5.txz.asc
-rw-r--r-- 1 root root 406 2021-02-13 12:15 ./slackware64/n/netkit-timed-0.17-x86_64-4.txt
-rw-r--r-- 1 root root 31784 2021-02-13 12:15 ./slackware64/n/netkit-timed-0.17-x86_64-4.txz
-rw-r--r-- 1 root root 163 2021-02-13 12:15 ./slackware64/n/netkit-timed-0.17-x86_64-4.txz.asc
-rw-r--r-- 1 root root 558 2021-02-13 12:15 ./slackware64/n/netpipes-4.2-x86_64-4.txt
-rw-r--r-- 1 root root 70544 2021-02-13 12:15 ./slackware64/n/netpipes-4.2-x86_64-4.txz
-rw-r--r-- 1 root root 163 2021-02-13 12:15 ./slackware64/n/netpipes-4.2-x86_64-4.txz.asc
-rw-r--r-- 1 root root 408 2021-06-07 16:32 ./slackware64/n/nettle-3.7.3-x86_64-1.txt
-rw-r--r-- 1 root root 460972 2021-06-07 16:32 ./slackware64/n/nettle-3.7.3-x86_64-1.txz
-rw-r--r-- 1 root root 163 2021-06-07 16:32 ./slackware64/n/nettle-3.7.3-x86_64-1.txz.asc
-rw-r--r-- 1 root root 306 2021-02-13 12:15 ./slackware64/n/netwatch-1.3.1_2-x86_64-5.txt
-rw-r--r-- 1 root root 86984 2021-02-13 12:15 ./slackware64/n/netwatch-1.3.1_2-x86_64-5.txz
-rw-r--r-- 1 root root 163 2021-02-13 12:15 ./slackware64/n/netwatch-1.3.1_2-x86_64-5.txz.asc
-rw-r--r-- 1 root root 582 2022-01-02 20:21 ./slackware64/n/network-scripts-15.0-noarch-18.txt
-rw-r--r-- 1 root root 39896 2022-01-02 20:21 ./slackware64/n/network-scripts-15.0-noarch-18.txz
-rw-r--r-- 1 root root 163 2022-01-02 20:21 ./slackware64/n/network-scripts-15.0-noarch-18.txz.asc
-rw-r--r-- 1 root root 557 2021-02-13 12:16 ./slackware64/n/netwrite-0.17-x86_64-4.txt
-rw-r--r-- 1 root root 6912 2021-02-13 12:16 ./slackware64/n/netwrite-0.17-x86_64-4.txz
-rw-r--r-- 1 root root 163 2021-02-13 12:16 ./slackware64/n/netwrite-0.17-x86_64-4.txz.asc
-rw-r--r-- 1 root root 508 2021-02-13 12:16 ./slackware64/n/newspost-2.1.1-x86_64-4.txt
-rw-r--r-- 1 root root 44300 2021-02-13 12:16 ./slackware64/n/newspost-2.1.1-x86_64-4.txz
-rw-r--r-- 1 root root 163 2021-02-13 12:16 ./slackware64/n/newspost-2.1.1-x86_64-4.txz.asc
-rw-r--r-- 1 root root 456 2021-02-13 12:16 ./slackware64/n/nfacct-1.0.2-x86_64-4.txt
-rw-r--r-- 1 root root 13832 2021-02-13 12:16 ./slackware64/n/nfacct-1.0.2-x86_64-4.txz
-rw-r--r-- 1 root root 163 2021-02-13 12:16 ./slackware64/n/nfacct-1.0.2-x86_64-4.txz.asc
-rw-r--r-- 1 root root 322 2021-06-15 18:38 ./slackware64/n/nfs-utils-2.5.4-x86_64-1.txt
-rw-r--r-- 1 root root 383188 2021-06-15 18:38 ./slackware64/n/nfs-utils-2.5.4-x86_64-1.txz
-rw-r--r-- 1 root root 163 2021-06-15 18:38 ./slackware64/n/nfs-utils-2.5.4-x86_64-1.txz.asc
-rw-r--r-- 1 root root 16988 2021-02-13 12:15 ./slackware64/n/netkit-rwho-0.17-x86_64-5.txz
-rw-r--r-- 1 root root 163 2021-02-13 12:15 ./slackware64/n/netkit-rwho-0.17-x86_64-5.txz.asc
-rw-r--r-- 1 root root 406 2021-02-13 12:15 ./slackware64/n/netkit-timed-0.17-x86_64-4.txt
-rw-r--r-- 1 root root 31784 2021-02-13 12:15 ./slackware64/n/netkit-timed-0.17-x86_64-4.txz
-rw-r--r-- 1 root root 163 2021-02-13 12:15 ./slackware64/n/netkit-timed-0.17-x86_64-4.txz.asc
-rw-r--r-- 1 root root 558 2021-02-13 12:15 ./slackware64/n/netpipes-4.2-x86_64-4.txt
-rw-r--r-- 1 root root 70544 2021-02-13 12:15 ./slackware64/n/netpipes-4.2-x86_64-4.txz
-rw-r--r-- 1 root root 163 2021-02-13 12:15 ./slackware64/n/netpipes-4.2-x86_64-4.txz.asc
-rw-r--r-- 1 root root 408 2021-06-07 16:32 ./slackware64/n/nettle-3.7.3-x86_64-1.txt
-rw-r--r-- 1 root root 460972 2021-06-07 16:32 ./slackware64/n/nettle-3.7.3-x86_64-1.txz
-rw-r--r-- 1 root root 163 2021-06-07 16:32 ./slackware64/n/nettle-3.7.3-x86_64-1.txz.asc
-rw-r--r-- 1 root root 306 2021-02-13 12:15 ./slackware64/n/netwatch-1.3.1_2-x86_64-5.txt
-rw-r--r-- 1 root root 86984 2021-02-13 12:15 ./slackware64/n/netwatch-1.3.1_2-x86_64-5.txz
-rw-r--r-- 1 root root 163 2021-02-13 12:15 ./slackware64/n/netwatch-1.3.1_2-x86_64-5.txz.asc
-rw-r--r-- 1 root root 582 2022-01-02 20:21 ./slackware64/n/network-scripts-15.0-noarch-18.txt
-rw-r--r-- 1 root root 39896 2022-01-02 20:21 ./slackware64/n/network-scripts-15.0-noarch-18.txz
-rw-r--r-- 1 root root 163 2022-01-02 20:21 ./slackware64/n/network-scripts-15.0-noarch-18.txz.asc
-rw-r--r-- 1 root root 557 2021-02-13 12:16 ./slackware64/n/netwrite-0.17-x86_64-4.txt
-rw-r--r-- 1 root root 6912 2021-02-13 12:16 ./slackware64/n/netwrite-0.17-x86_64-4.txz
-rw-r--r-- 1 root root 163 2021-02-13 12:16 ./slackware64/n/netwrite-0.17-x86_64-4.txz.asc
-rw-r--r-- 1 root root 508 2021-02-13 12:16 ./slackware64/n/newspost-2.1.1-x86_64-4.txt
-rw-r--r-- 1 root root 44300 2021-02-13 12:16 ./slackware64/n/newspost-2.1.1-x86_64-4.txz
-rw-r--r-- 1 root root 163 2021-02-13 12:16 ./slackware64/n/newspost-2.1.1-x86_64-4.txz.asc
-rw-r--r-- 1 root root 456 2021-02-13 12:16 ./slackware64/n/nfacct-1.0.2-x86_64-4.txt
-rw-r--r-- 1 root root 13832 2021-02-13 12:16 ./slackware64/n/nfacct-1.0.2-x86_64-4.txz
-rw-r--r-- 1 root root 163 2021-02-13 12:16 ./slackware64/n/nfacct-1.0.2-x86_64-4.txz.asc
-rw-r--r-- 1 root root 322 2021-06-15 18:38 ./slackware64/n/nfs-utils-2.5.4-x86_64-1.txt
-rw-r--r-- 1 root root 383188 2021-06-15 18:38 ./slackware64/n/nfs-utils-2.5.4-x86_64-1.txz
-rw-r--r-- 1 root root 163 2021-06-15 18:38 ./slackware64/n/nfs-utils-2.5.4-x86_64-1.txz.asc
-rw-r--r-- 1 root root 535 2021-11-19 20:47 ./slackware64/n/nftables-1.0.1-x86_64-1.txt
-rw-r--r-- 1 root root 328396 2021-11-19 20:47 ./slackware64/n/nftables-1.0.1-x86_64-1.txz
-rw-r--r-- 1 root root 163 2021-11-19 20:47 ./slackware64/n/nftables-1.0.1-x86_64-1.txz.asc
@ -8520,43 +8538,43 @@ drwxr-xr-x 2 root root 4096 2022-01-28 20:41 ./source/ap/sudo
-rw-r--r-- 1 root root 25 2020-06-19 19:00 ./source/ap/sudo/sudo.url
drwxr-xr-x 2 root root 4096 2021-12-09 19:54 ./source/ap/sysstat
-rw-r--r-- 1 root root 527 2009-08-30 05:02 ./source/ap/sysstat/doinst.sh.gz
-rw-r--r-- 1 root root 858 2019-08-16 04:05 ./source/ap/sysstat/slack-desc
-rw-r--r-- 1 root root 860712 2021-12-05 08:41 ./source/ap/sysstat/sysstat-12.5.5.tar.xz
-rwxr-xr-x 1 root root 5755 2021-03-05 02:42 ./source/ap/sysstat/sysstat.SlackBuild
-rw-r--r-- 1 root root 46 2019-08-16 04:04 ./source/ap/sysstat/sysstat.url
drwxr-xr-x 2 root root 4096 2021-02-13 05:31 ./source/ap/terminus-font
-rw-r--r-- 1 root root 159 2018-06-05 22:38 ./source/ap/terminus-font/doinst.sh.gz
-rw-r--r-- 1 root root 956 2019-12-14 18:35 ./source/ap/terminus-font/slack-desc
-rw-r--r-- 1 root root 276111 2020-12-28 18:45 ./source/ap/terminus-font/terminus-font-4.49.1.tar.lz
-rw-r--r-- 1 root root 259 2020-12-28 18:15 ./source/ap/terminus-font/terminus-font.Makefile.paths.diff.gz
-rwxr-xr-x 1 root root 3441 2021-02-13 05:31 ./source/ap/terminus-font/terminus-font.SlackBuild
drwxr-xr-x 2 root root 4096 2021-11-08 18:37 ./source/ap/texinfo
-rw-r--r-- 1 root root 345 2019-09-24 20:36 ./source/ap/texinfo/doinst.sh.gz
-rw-r--r-- 1 root root 1069 2018-02-27 06:12 ./source/ap/texinfo/slack-desc
-rw-r--r-- 1 root root 4961528 2021-07-03 11:26 ./source/ap/texinfo/texinfo-6.8.tar.xz
-rw-r--r-- 1 root root 265 2021-07-03 11:26 ./source/ap/texinfo/texinfo-6.8.tar.xz.sig
-rwxr-xr-x 1 root root 4941 2021-11-08 18:38 ./source/ap/texinfo/texinfo.SlackBuild
-rw-r--r-- 1 root root 313 2021-11-08 18:37 ./source/ap/texinfo/texinfo.fix.pt_BR.patch.gz
-rw-r--r-- 1 root root 571 2019-09-24 20:23 ./source/ap/texinfo/update-info-dir.8.gz
-rw-r--r-- 1 root root 859 2019-09-24 20:26 ./source/ap/texinfo/update-info-dir.gz
drwxr-xr-x 2 root root 4096 2021-06-10 18:16 ./source/ap/tmux
-rw-r--r-- 1 root root 270 2017-05-24 03:36 ./source/ap/tmux/doinst.sh.gz
-rw-r--r-- 1 root root 820 2019-11-27 18:16 ./source/ap/tmux/slack-desc
-rw-r--r-- 1 root root 480696 2021-06-10 08:34 ./source/ap/tmux/tmux-3.2a.tar.lz
-rwxr-xr-x 1 root root 5163 2021-04-13 17:28 ./source/ap/tmux/tmux.SlackBuild
-rw-r--r-- 1 root root 203 2017-05-24 03:38 ./source/ap/tmux/tmux.conf.gz
-rw-r--r-- 1 root root 29 2020-10-30 19:31 ./source/ap/tmux/tmux.url
drwxr-xr-x 2 root root 4096 2021-11-02 19:02 ./source/ap/undervolt
-rwxr-xr-x 1 root root 2079 2020-07-09 18:37 ./source/ap/undervolt/fetch-undervolt.sh
-rw-r--r-- 1 root root 1000 2020-06-26 18:48 ./source/ap/undervolt/slack-desc
-rw-r--r-- 1 root root 9075 2021-08-15 15:00 ./source/ap/undervolt/undervolt-20210815_e39aea1.tar.lz
-rwxr-xr-x 1 root root 2812 2021-11-02 19:02 ./source/ap/undervolt/undervolt.SlackBuild
-rw-r--r-- 1 root root 43 2020-06-26 18:39 ./source/ap/undervolt/undervolt.url
drwxr-xr-x 2 root root 4096 2022-01-02 01:00 ./source/ap/usbmuxd
-rw-r--r-- 1 root root 368 2015-04-18 18:26 ./source/ap/usbmuxd/39-usbmuxd.rules.gz
-rw-r--r-- 1 root root 182 2015-04-18 18:30 ./source/ap/usbmuxd/doinst.sh.gz
-rwxr-xr-x 1 root root 2022 2020-07-09 18:37 ./source/ap/usbmuxd/fetch-usbmuxd.sh
-rw-r--r-- 1 root root 735 2018-02-27 06:13 ./source/ap/usbmuxd/slack-desc
-rw-r--r-- 1 root root 858 2019-08-16 04:05 ./source/ap/sysstat/slack-desc
-rw-r--r-- 1 root root 860712 2021-12-05 08:41 ./source/ap/sysstat/sysstat-12.5.5.tar.xz
-rwxr-xr-x 1 root root 5755 2021-03-05 02:42 ./source/ap/sysstat/sysstat.SlackBuild
-rw-r--r-- 1 root root 46 2019-08-16 04:04 ./source/ap/sysstat/sysstat.url
drwxr-xr-x 2 root root 4096 2021-02-13 05:31 ./source/ap/terminus-font
-rw-r--r-- 1 root root 159 2018-06-05 22:38 ./source/ap/terminus-font/doinst.sh.gz
-rw-r--r-- 1 root root 956 2019-12-14 18:35 ./source/ap/terminus-font/slack-desc
-rw-r--r-- 1 root root 276111 2020-12-28 18:45 ./source/ap/terminus-font/terminus-font-4.49.1.tar.lz
-rw-r--r-- 1 root root 259 2020-12-28 18:15 ./source/ap/terminus-font/terminus-font.Makefile.paths.diff.gz
-rwxr-xr-x 1 root root 3441 2021-02-13 05:31 ./source/ap/terminus-font/terminus-font.SlackBuild
drwxr-xr-x 2 root root 4096 2021-11-08 18:37 ./source/ap/texinfo
-rw-r--r-- 1 root root 345 2019-09-24 20:36 ./source/ap/texinfo/doinst.sh.gz
-rw-r--r-- 1 root root 1069 2018-02-27 06:12 ./source/ap/texinfo/slack-desc
-rw-r--r-- 1 root root 4961528 2021-07-03 11:26 ./source/ap/texinfo/texinfo-6.8.tar.xz
-rw-r--r-- 1 root root 265 2021-07-03 11:26 ./source/ap/texinfo/texinfo-6.8.tar.xz.sig
-rwxr-xr-x 1 root root 4941 2021-11-08 18:38 ./source/ap/texinfo/texinfo.SlackBuild
-rw-r--r-- 1 root root 313 2021-11-08 18:37 ./source/ap/texinfo/texinfo.fix.pt_BR.patch.gz
-rw-r--r-- 1 root root 571 2019-09-24 20:23 ./source/ap/texinfo/update-info-dir.8.gz
-rw-r--r-- 1 root root 859 2019-09-24 20:26 ./source/ap/texinfo/update-info-dir.gz
drwxr-xr-x 2 root root 4096 2021-06-10 18:16 ./source/ap/tmux
-rw-r--r-- 1 root root 270 2017-05-24 03:36 ./source/ap/tmux/doinst.sh.gz
-rw-r--r-- 1 root root 820 2019-11-27 18:16 ./source/ap/tmux/slack-desc
-rw-r--r-- 1 root root 480696 2021-06-10 08:34 ./source/ap/tmux/tmux-3.2a.tar.lz
-rwxr-xr-x 1 root root 5163 2021-04-13 17:28 ./source/ap/tmux/tmux.SlackBuild
-rw-r--r-- 1 root root 203 2017-05-24 03:38 ./source/ap/tmux/tmux.conf.gz
-rw-r--r-- 1 root root 29 2020-10-30 19:31 ./source/ap/tmux/tmux.url
drwxr-xr-x 2 root root 4096 2021-11-02 19:02 ./source/ap/undervolt
-rwxr-xr-x 1 root root 2079 2020-07-09 18:37 ./source/ap/undervolt/fetch-undervolt.sh
-rw-r--r-- 1 root root 1000 2020-06-26 18:48 ./source/ap/undervolt/slack-desc
-rw-r--r-- 1 root root 9075 2021-08-15 15:00 ./source/ap/undervolt/undervolt-20210815_e39aea1.tar.lz
-rwxr-xr-x 1 root root 2812 2021-11-02 19:02 ./source/ap/undervolt/undervolt.SlackBuild
-rw-r--r-- 1 root root 43 2020-06-26 18:39 ./source/ap/undervolt/undervolt.url
drwxr-xr-x 2 root root 4096 2022-01-02 01:00 ./source/ap/usbmuxd
-rw-r--r-- 1 root root 368 2015-04-18 18:26 ./source/ap/usbmuxd/39-usbmuxd.rules.gz
-rw-r--r-- 1 root root 182 2015-04-18 18:30 ./source/ap/usbmuxd/doinst.sh.gz
-rwxr-xr-x 1 root root 2022 2020-07-09 18:37 ./source/ap/usbmuxd/fetch-usbmuxd.sh
-rw-r--r-- 1 root root 735 2018-02-27 06:13 ./source/ap/usbmuxd/slack-desc
-rw-r--r-- 1 root root 53008 2021-09-25 01:29 ./source/ap/usbmuxd/usbmuxd-20210925_e3a3180.tar.xz
-rwxr-xr-x 1 root root 4256 2022-01-02 01:00 ./source/ap/usbmuxd/usbmuxd.SlackBuild
drwxr-xr-x 2 root root 4096 2021-02-13 05:31 ./source/ap/vbetool
@ -15030,38 +15048,38 @@ drwxr-xr-x 2 root root 4096 2020-05-18 17:49 ./source/x/x11/configure
-rw-r--r-- 1 root root 504 2021-01-16 20:03 ./source/x/x11/configure/pixman
-rw-r--r-- 1 root root 276 2009-07-24 04:25 ./source/x/x11/configure/setxkbmap
-rw-r--r-- 1 root root 869 2017-04-15 15:03 ./source/x/x11/configure/xcb-proto
-rw-r--r-- 1 root root 447 2020-02-07 00:47 ./source/x/x11/configure/xdm
-rw-r--r-- 1 root root 404 2019-08-20 17:29 ./source/x/x11/configure/xf86-video-geode
-rw-r--r-- 1 root root 573 2017-01-09 21:37 ./source/x/x11/configure/xf86-video-intel
-rw-r--r-- 1 root root 317 2015-12-16 03:38 ./source/x/x11/configure/xf86-video-nouveau
-rw-r--r-- 1 root root 362 2018-06-30 20:59 ./source/x/x11/configure/xf86-video-savage
-rw-r--r-- 1 root root 282 2009-08-01 03:17 ./source/x/x11/configure/xfs
-rw-r--r-- 1 root root 380 2020-05-18 17:50 ./source/x/x11/configure/xisxwayland
-rw-r--r-- 1 root root 276 2009-07-24 04:28 ./source/x/x11/configure/xkbcomp
-rw-r--r-- 1 root root 345 2008-10-14 22:51 ./source/x/x11/configure/xkeyboard-config
-rw-r--r-- 1 root root 377 2010-12-19 06:52 ./source/x/x11/configure/xorg-docs
-rw-r--r-- 1 root root 3140 2021-12-26 22:45 ./source/x/x11/configure/xorg-server
-rw-r--r-- 1 root root 398 2018-03-17 17:33 ./source/x/x11/configure/xorgproto
drwxr-xr-x 2 root root 4096 2009-08-01 05:00 ./source/x/x11/doinst.sh
-rw-r--r-- 1 root root 279 2018-06-05 22:06 ./source/x/x11/doinst.sh/font-adobe-100dpi
-rw-r--r-- 1 root root 277 2018-06-05 22:06 ./source/x/x11/doinst.sh/font-adobe-75dpi
-rw-r--r-- 1 root root 279 2018-06-05 22:06 ./source/x/x11/doinst.sh/font-adobe-utopia-100dpi
-rw-r--r-- 1 root root 277 2018-06-05 22:06 ./source/x/x11/doinst.sh/font-adobe-utopia-75dpi
-rw-r--r-- 1 root root 277 2018-06-05 22:07 ./source/x/x11/doinst.sh/font-adobe-utopia-type1
-rw-r--r-- 1 root root 341 2018-06-05 22:07 ./source/x/x11/doinst.sh/font-arabic-misc
-rw-r--r-- 1 root root 279 2018-06-05 22:07 ./source/x/x11/doinst.sh/font-bh-100dpi
-rw-r--r-- 1 root root 277 2018-06-05 22:08 ./source/x/x11/doinst.sh/font-bh-75dpi
-rw-r--r-- 1 root root 279 2018-06-05 22:08 ./source/x/x11/doinst.sh/font-bh-lucidatypewriter-100dpi
-rw-r--r-- 1 root root 277 2018-06-05 22:08 ./source/x/x11/doinst.sh/font-bh-lucidatypewriter-75dpi
-rw-r--r-- 1 root root 273 2018-06-05 22:09 ./source/x/x11/doinst.sh/font-bh-ttf
-rw-r--r-- 1 root root 277 2018-06-05 22:09 ./source/x/x11/doinst.sh/font-bh-type1
-rw-r--r-- 1 root root 279 2018-06-05 22:09 ./source/x/x11/doinst.sh/font-bitstream-100dpi
-rw-r--r-- 1 root root 277 2018-06-05 22:10 ./source/x/x11/doinst.sh/font-bitstream-75dpi
-rw-r--r-- 1 root root 279 2018-06-05 22:10 ./source/x/x11/doinst.sh/font-bitstream-speedo
-rw-r--r-- 1 root root 277 2018-06-05 22:10 ./source/x/x11/doinst.sh/font-bitstream-type1
-rw-r--r-- 1 root root 283 2018-06-05 22:11 ./source/x/x11/doinst.sh/font-cronyx-cyrillic
-rw-r--r-- 1 root root 341 2018-06-05 22:11 ./source/x/x11/doinst.sh/font-cursor-misc
-rw-r--r-- 1 root root 341 2018-06-05 22:11 ./source/x/x11/doinst.sh/font-daewoo-misc
-rw-r--r-- 1 root root 447 2020-02-07 00:47 ./source/x/x11/configure/xdm
-rw-r--r-- 1 root root 404 2019-08-20 17:29 ./source/x/x11/configure/xf86-video-geode
-rw-r--r-- 1 root root 573 2017-01-09 21:37 ./source/x/x11/configure/xf86-video-intel
-rw-r--r-- 1 root root 317 2015-12-16 03:38 ./source/x/x11/configure/xf86-video-nouveau
-rw-r--r-- 1 root root 362 2018-06-30 20:59 ./source/x/x11/configure/xf86-video-savage
-rw-r--r-- 1 root root 282 2009-08-01 03:17 ./source/x/x11/configure/xfs
-rw-r--r-- 1 root root 380 2020-05-18 17:50 ./source/x/x11/configure/xisxwayland
-rw-r--r-- 1 root root 276 2009-07-24 04:28 ./source/x/x11/configure/xkbcomp
-rw-r--r-- 1 root root 345 2008-10-14 22:51 ./source/x/x11/configure/xkeyboard-config
-rw-r--r-- 1 root root 377 2010-12-19 06:52 ./source/x/x11/configure/xorg-docs
-rw-r--r-- 1 root root 3140 2021-12-26 22:45 ./source/x/x11/configure/xorg-server
-rw-r--r-- 1 root root 398 2018-03-17 17:33 ./source/x/x11/configure/xorgproto
drwxr-xr-x 2 root root 4096 2009-08-01 05:00 ./source/x/x11/doinst.sh
-rw-r--r-- 1 root root 279 2018-06-05 22:06 ./source/x/x11/doinst.sh/font-adobe-100dpi
-rw-r--r-- 1 root root 277 2018-06-05 22:06 ./source/x/x11/doinst.sh/font-adobe-75dpi
-rw-r--r-- 1 root root 279 2018-06-05 22:06 ./source/x/x11/doinst.sh/font-adobe-utopia-100dpi
-rw-r--r-- 1 root root 277 2018-06-05 22:06 ./source/x/x11/doinst.sh/font-adobe-utopia-75dpi
-rw-r--r-- 1 root root 277 2018-06-05 22:07 ./source/x/x11/doinst.sh/font-adobe-utopia-type1
-rw-r--r-- 1 root root 341 2018-06-05 22:07 ./source/x/x11/doinst.sh/font-arabic-misc
-rw-r--r-- 1 root root 279 2018-06-05 22:07 ./source/x/x11/doinst.sh/font-bh-100dpi
-rw-r--r-- 1 root root 277 2018-06-05 22:08 ./source/x/x11/doinst.sh/font-bh-75dpi
-rw-r--r-- 1 root root 279 2018-06-05 22:08 ./source/x/x11/doinst.sh/font-bh-lucidatypewriter-100dpi
-rw-r--r-- 1 root root 277 2018-06-05 22:08 ./source/x/x11/doinst.sh/font-bh-lucidatypewriter-75dpi
-rw-r--r-- 1 root root 273 2018-06-05 22:09 ./source/x/x11/doinst.sh/font-bh-ttf
-rw-r--r-- 1 root root 277 2018-06-05 22:09 ./source/x/x11/doinst.sh/font-bh-type1
-rw-r--r-- 1 root root 279 2018-06-05 22:09 ./source/x/x11/doinst.sh/font-bitstream-100dpi
-rw-r--r-- 1 root root 277 2018-06-05 22:10 ./source/x/x11/doinst.sh/font-bitstream-75dpi
-rw-r--r-- 1 root root 279 2018-06-05 22:10 ./source/x/x11/doinst.sh/font-bitstream-speedo
-rw-r--r-- 1 root root 277 2018-06-05 22:10 ./source/x/x11/doinst.sh/font-bitstream-type1
-rw-r--r-- 1 root root 283 2018-06-05 22:11 ./source/x/x11/doinst.sh/font-cronyx-cyrillic
-rw-r--r-- 1 root root 341 2018-06-05 22:11 ./source/x/x11/doinst.sh/font-cursor-misc
-rw-r--r-- 1 root root 341 2018-06-05 22:11 ./source/x/x11/doinst.sh/font-daewoo-misc
-rw-r--r-- 1 root root 341 2018-06-05 22:12 ./source/x/x11/doinst.sh/font-dec-misc
-rw-r--r-- 1 root root 277 2018-06-05 22:12 ./source/x/x11/doinst.sh/font-ibm-type1
-rw-r--r-- 1 root root 341 2018-06-05 22:12 ./source/x/x11/doinst.sh/font-isas-misc

75
extra/source/tigervnc/patches/xorg-server/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch Normal file
View file

@ -0,0 +1,75 @@
From f1070c01d616c5f21f939d5ebc533738779451ac Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue, 5 Jul 2022 12:40:47 +1000
Subject: [PATCH] xkb: switch to array index loops to moving pointers
Most similar loops here use a pointer that advances with each loop
iteration, let's do the same here for consistency.
No functional changes.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Olivier Fourdan <ofourdan@redhat.com>
---
xkb/xkb.c | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/xkb/xkb.c b/xkb/xkb.c
index a29262c24..64e52611e 100644
--- a/xkb/xkb.c
+++ b/xkb/xkb.c
@@ -5368,16 +5368,16 @@ _CheckSetSections(XkbGeometryPtr geom,
row->left = rWire->left;
row->vertical = rWire->vertical;
kWire = (xkbKeyWireDesc *) &rWire[1];
- for (k = 0; k < rWire->nKeys; k++) {
+ for (k = 0; k < rWire->nKeys; k++, kWire++) {
XkbKeyPtr key;
key = XkbAddGeomKey(row);
if (!key)
return BadAlloc;
- memcpy(key->name.name, kWire[k].name, XkbKeyNameLength);
- key->gap = kWire[k].gap;
- key->shape_ndx = kWire[k].shapeNdx;
- key->color_ndx = kWire[k].colorNdx;
+ memcpy(key->name.name, kWire->name, XkbKeyNameLength);
+ key->gap = kWire->gap;
+ key->shape_ndx = kWire->shapeNdx;
+ key->color_ndx = kWire->colorNdx;
if (key->shape_ndx >= geom->num_shapes) {
client->errorValue = _XkbErrCode3(0x10, key->shape_ndx,
geom->num_shapes);
@@ -5389,7 +5389,7 @@ _CheckSetSections(XkbGeometryPtr geom,
return BadMatch;
}
}
- rWire = (xkbRowWireDesc *) &kWire[rWire->nKeys];
+ rWire = (xkbRowWireDesc *)kWire;
}
wire = (char *) rWire;
if (sWire->nDoodads > 0) {
@@ -5454,16 +5454,16 @@ _CheckSetShapes(XkbGeometryPtr geom,
return BadAlloc;
ol->corner_radius = olWire->cornerRadius;
ptWire = (xkbPointWireDesc *) &olWire[1];
- for (p = 0, pt = ol->points; p < olWire->nPoints; p++, pt++) {
- pt->x = ptWire[p].x;
- pt->y = ptWire[p].y;
+ for (p = 0, pt = ol->points; p < olWire->nPoints; p++, pt++, ptWire++) {
+ pt->x = ptWire->x;
+ pt->y = ptWire->y;
if (client->swapped) {
swaps(&pt->x);
swaps(&pt->y);
}
}
ol->num_points = olWire->nPoints;
- olWire = (xkbOutlineWireDesc *) (&ptWire[olWire->nPoints]);
+ olWire = (xkbOutlineWireDesc *)ptWire;
}
if (shapeWire->primaryNdx != XkbNoShape)
shape->primary = &shape->outlines[shapeWire->primaryNdx];
--
GitLab

178
extra/source/tigervnc/patches/xorg-server/0002-dd8caf39e9e15d8f302e54045dd08d8ebf1025dc.patch Normal file
View file

@ -0,0 +1,178 @@
From dd8caf39e9e15d8f302e54045dd08d8ebf1025dc Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue, 5 Jul 2022 09:50:41 +1000
Subject: [PATCH] xkb: swap XkbSetDeviceInfo and XkbSetDeviceInfoCheck
XKB often uses a FooCheck and Foo function pair, the former is supposed
to check all values in the request and error out on BadLength,
BadValue, etc. The latter is then called once we're confident the values
are good (they may still fail on an individual device, but that's a
different topic).
In the case of XkbSetDeviceInfo, those functions were incorrectly
named, with XkbSetDeviceInfo ending up as the checker function and
XkbSetDeviceInfoCheck as the setter function. As a result, the setter
function was called before the checker function, accessing request
data and modifying device state before we ensured that the data is
valid.
In particular, the setter function relied on values being already
byte-swapped. This in turn could lead to potential OOB memory access.
Fix this by correctly naming the functions and moving the length checks
over to the checker function. These were added in 87c64fc5b0 to the
wrong function, probably due to the incorrect naming.
Fixes ZDI-CAN 16070, CVE-2022-2320.
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Introduced in c06e27b2f6fd9f7b9f827623a48876a225264132
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
---
xkb/xkb.c | 46 +++++++++++++++++++++++++---------------------
1 file changed, 25 insertions(+), 21 deletions(-)
diff --git a/xkb/xkb.c b/xkb/xkb.c
index 64e52611e..34b2c290b 100644
--- a/xkb/xkb.c
+++ b/xkb/xkb.c
@@ -6550,7 +6550,8 @@ ProcXkbGetDeviceInfo(ClientPtr client)
static char *
CheckSetDeviceIndicators(char *wire,
DeviceIntPtr dev,
- int num, int *status_rtrn, ClientPtr client)
+ int num, int *status_rtrn, ClientPtr client,
+ xkbSetDeviceInfoReq * stuff)
{
xkbDeviceLedsWireDesc *ledWire;
int i;
@@ -6558,6 +6559,11 @@ CheckSetDeviceIndicators(char *wire,
ledWire = (xkbDeviceLedsWireDesc *) wire;
for (i = 0; i < num; i++) {
+ if (!_XkbCheckRequestBounds(client, stuff, ledWire, ledWire + 1)) {
+ *status_rtrn = BadLength;
+ return (char *) ledWire;
+ }
+
if (client->swapped) {
swaps(&ledWire->ledClass);
swaps(&ledWire->ledID);
@@ -6585,6 +6591,11 @@ CheckSetDeviceIndicators(char *wire,
atomWire = (CARD32 *) &ledWire[1];
if (nNames > 0) {
for (n = 0; n < nNames; n++) {
+ if (!_XkbCheckRequestBounds(client, stuff, atomWire, atomWire + 1)) {
+ *status_rtrn = BadLength;
+ return (char *) atomWire;
+ }
+
if (client->swapped) {
swapl(atomWire);
}
@@ -6596,6 +6607,10 @@ CheckSetDeviceIndicators(char *wire,
mapWire = (xkbIndicatorMapWireDesc *) atomWire;
if (nMaps > 0) {
for (n = 0; n < nMaps; n++) {
+ if (!_XkbCheckRequestBounds(client, stuff, mapWire, mapWire + 1)) {
+ *status_rtrn = BadLength;
+ return (char *) mapWire;
+ }
if (client->swapped) {
swaps(&mapWire->virtualMods);
swapl(&mapWire->ctrls);
@@ -6647,11 +6662,6 @@ SetDeviceIndicators(char *wire,
xkbIndicatorMapWireDesc *mapWire;
XkbSrvLedInfoPtr sli;
- if (!_XkbCheckRequestBounds(client, stuff, ledWire, ledWire + 1)) {
- *status_rtrn = BadLength;
- return (char *) ledWire;
- }
-
namec = mapc = statec = 0;
sli = XkbFindSrvLedInfo(dev, ledWire->ledClass, ledWire->ledID,
XkbXI_IndicatorMapsMask);
@@ -6670,10 +6680,6 @@ SetDeviceIndicators(char *wire,
memset((char *) sli->names, 0, XkbNumIndicators * sizeof(Atom));
for (n = 0, bit = 1; n < XkbNumIndicators; n++, bit <<= 1) {
if (ledWire->namesPresent & bit) {
- if (!_XkbCheckRequestBounds(client, stuff, atomWire, atomWire + 1)) {
- *status_rtrn = BadLength;
- return (char *) atomWire;
- }
sli->names[n] = (Atom) *atomWire;
if (sli->names[n] == None)
ledWire->namesPresent &= ~bit;
@@ -6691,10 +6697,6 @@ SetDeviceIndicators(char *wire,
if (ledWire->mapsPresent) {
for (n = 0, bit = 1; n < XkbNumIndicators; n++, bit <<= 1) {
if (ledWire->mapsPresent & bit) {
- if (!_XkbCheckRequestBounds(client, stuff, mapWire, mapWire + 1)) {
- *status_rtrn = BadLength;
- return (char *) mapWire;
- }
sli->maps[n].flags = mapWire->flags;
sli->maps[n].which_groups = mapWire->whichGroups;
sli->maps[n].groups = mapWire->groups;
@@ -6730,13 +6732,17 @@ SetDeviceIndicators(char *wire,
}
static int
-_XkbSetDeviceInfo(ClientPtr client, DeviceIntPtr dev,
+_XkbSetDeviceInfoCheck(ClientPtr client, DeviceIntPtr dev,
xkbSetDeviceInfoReq * stuff)
{
char *wire;
wire = (char *) &stuff[1];
if (stuff->change & XkbXI_ButtonActionsMask) {
+ int sz = stuff->nBtns * SIZEOF(xkbActionWireDesc);
+ if (!_XkbCheckRequestBounds(client, stuff, wire, (char *) wire + sz))
+ return BadLength;
+
if (!dev->button) {
client->errorValue = _XkbErrCode2(XkbErr_BadClass, ButtonClass);
return XkbKeyboardErrorCode;
@@ -6747,13 +6753,13 @@ _XkbSetDeviceInfo(ClientPtr client, DeviceIntPtr dev,
dev->button->numButtons);
return BadMatch;
}
- wire += (stuff->nBtns * SIZEOF(xkbActionWireDesc));
+ wire += sz;
}
if (stuff->change & XkbXI_IndicatorsMask) {
int status = Success;
wire = CheckSetDeviceIndicators(wire, dev, stuff->nDeviceLedFBs,
- &status, client);
+ &status, client, stuff);
if (status != Success)
return status;
}
@@ -6764,8 +6770,8 @@ _XkbSetDeviceInfo(ClientPtr client, DeviceIntPtr dev,
}
static int
-_XkbSetDeviceInfoCheck(ClientPtr client, DeviceIntPtr dev,
- xkbSetDeviceInfoReq * stuff)
+_XkbSetDeviceInfo(ClientPtr client, DeviceIntPtr dev,
+ xkbSetDeviceInfoReq * stuff)
{
char *wire;
xkbExtensionDeviceNotify ed;
@@ -6789,8 +6795,6 @@ _XkbSetDeviceInfoCheck(ClientPtr client, DeviceIntPtr dev,
if (stuff->firstBtn + stuff->nBtns > nBtns)
return BadValue;
sz = stuff->nBtns * SIZEOF(xkbActionWireDesc);
- if (!_XkbCheckRequestBounds(client, stuff, wire, (char *) wire + sz))
- return BadLength;
memcpy((char *) &acts[stuff->firstBtn], (char *) wire, sz);
wire += sz;
ed.reason |= XkbXI_ButtonActionsMask;
--
GitLab

181
extra/source/tigervnc/patches/xorg-server/0003-6907b6ea2b4ce949cb07271f5b678d5966d9df42.patch Normal file
View file

@ -0,0 +1,181 @@
From 6907b6ea2b4ce949cb07271f5b678d5966d9df42 Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue, 5 Jul 2022 11:11:06 +1000
Subject: [PATCH] xkb: add request length validation for XkbSetGeometry
No validation of the various fields on that report were done, so a
malicious client could send a short request that claims it had N
sections, or rows, or keys, and the server would process the request for
N sections, running out of bounds of the actual request data.
Fix this by adding size checks to ensure our data is valid.
ZDI-CAN 16062, CVE-2022-2319.
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
---
xkb/xkb.c | 43 ++++++++++++++++++++++++++++++++++++++-----
1 file changed, 38 insertions(+), 5 deletions(-)
diff --git a/xkb/xkb.c b/xkb/xkb.c
index 34b2c290b..4692895db 100644
--- a/xkb/xkb.c
+++ b/xkb/xkb.c
@@ -5156,7 +5156,7 @@ _GetCountedString(char **wire_inout, ClientPtr client, char **str)
}
static Status
-_CheckSetDoodad(char **wire_inout,
+_CheckSetDoodad(char **wire_inout, xkbSetGeometryReq *req,
XkbGeometryPtr geom, XkbSectionPtr section, ClientPtr client)
{
char *wire;
@@ -5167,6 +5167,9 @@ _CheckSetDoodad(char **wire_inout,
Status status;
dWire = (xkbDoodadWireDesc *) (*wire_inout);
+ if (!_XkbCheckRequestBounds(client, req, dWire, dWire + 1))
+ return BadLength;
+
any = dWire->any;
wire = (char *) &dWire[1];
if (client->swapped) {
@@ -5269,7 +5272,7 @@ _CheckSetDoodad(char **wire_inout,
}
static Status
-_CheckSetOverlay(char **wire_inout,
+_CheckSetOverlay(char **wire_inout, xkbSetGeometryReq *req,
XkbGeometryPtr geom, XkbSectionPtr section, ClientPtr client)
{
register int r;
@@ -5280,6 +5283,9 @@ _CheckSetOverlay(char **wire_inout,
wire = *wire_inout;
olWire = (xkbOverlayWireDesc *) wire;
+ if (!_XkbCheckRequestBounds(client, req, olWire, olWire + 1))
+ return BadLength;
+
if (client->swapped) {
swapl(&olWire->name);
}
@@ -5291,6 +5297,9 @@ _CheckSetOverlay(char **wire_inout,
xkbOverlayKeyWireDesc *kWire;
XkbOverlayRowPtr row;
+ if (!_XkbCheckRequestBounds(client, req, rWire, rWire + 1))
+ return BadLength;
+
if (rWire->rowUnder > section->num_rows) {
client->errorValue = _XkbErrCode4(0x20, r, section->num_rows,
rWire->rowUnder);
@@ -5299,6 +5308,9 @@ _CheckSetOverlay(char **wire_inout,
row = XkbAddGeomOverlayRow(ol, rWire->rowUnder, rWire->nKeys);
kWire = (xkbOverlayKeyWireDesc *) &rWire[1];
for (k = 0; k < rWire->nKeys; k++, kWire++) {
+ if (!_XkbCheckRequestBounds(client, req, kWire, kWire + 1))
+ return BadLength;
+
if (XkbAddGeomOverlayKey(ol, row,
(char *) kWire->over,
(char *) kWire->under) == NULL) {
@@ -5332,6 +5344,9 @@ _CheckSetSections(XkbGeometryPtr geom,
register int r;
xkbRowWireDesc *rWire;
+ if (!_XkbCheckRequestBounds(client, req, sWire, sWire + 1))
+ return BadLength;
+
if (client->swapped) {
swapl(&sWire->name);
swaps(&sWire->top);
@@ -5357,6 +5372,9 @@ _CheckSetSections(XkbGeometryPtr geom,
XkbRowPtr row;
xkbKeyWireDesc *kWire;
+ if (!_XkbCheckRequestBounds(client, req, rWire, rWire + 1))
+ return BadLength;
+
if (client->swapped) {
swaps(&rWire->top);
swaps(&rWire->left);
@@ -5371,6 +5389,9 @@ _CheckSetSections(XkbGeometryPtr geom,
for (k = 0; k < rWire->nKeys; k++, kWire++) {
XkbKeyPtr key;
+ if (!_XkbCheckRequestBounds(client, req, kWire, kWire + 1))
+ return BadLength;
+
key = XkbAddGeomKey(row);
if (!key)
return BadAlloc;
@@ -5396,7 +5417,7 @@ _CheckSetSections(XkbGeometryPtr geom,
register int d;
for (d = 0; d < sWire->nDoodads; d++) {
- status = _CheckSetDoodad(&wire, geom, section, client);
+ status = _CheckSetDoodad(&wire, req, geom, section, client);
if (status != Success)
return status;
}
@@ -5405,7 +5426,7 @@ _CheckSetSections(XkbGeometryPtr geom,
register int o;
for (o = 0; o < sWire->nOverlays; o++) {
- status = _CheckSetOverlay(&wire, geom, section, client);
+ status = _CheckSetOverlay(&wire, req, geom, section, client);
if (status != Success)
return status;
}
@@ -5439,6 +5460,9 @@ _CheckSetShapes(XkbGeometryPtr geom,
xkbOutlineWireDesc *olWire;
XkbOutlinePtr ol;
+ if (!_XkbCheckRequestBounds(client, req, shapeWire, shapeWire + 1))
+ return BadLength;
+
shape =
XkbAddGeomShape(geom, shapeWire->name, shapeWire->nOutlines);
if (!shape)
@@ -5449,12 +5473,18 @@ _CheckSetShapes(XkbGeometryPtr geom,
XkbPointPtr pt;
xkbPointWireDesc *ptWire;
+ if (!_XkbCheckRequestBounds(client, req, olWire, olWire + 1))
+ return BadLength;
+
ol = XkbAddGeomOutline(shape, olWire->nPoints);
if (!ol)
return BadAlloc;
ol->corner_radius = olWire->cornerRadius;
ptWire = (xkbPointWireDesc *) &olWire[1];
for (p = 0, pt = ol->points; p < olWire->nPoints; p++, pt++, ptWire++) {
+ if (!_XkbCheckRequestBounds(client, req, ptWire, ptWire + 1))
+ return BadLength;
+
pt->x = ptWire->x;
pt->y = ptWire->y;
if (client->swapped) {
@@ -5560,12 +5590,15 @@ _CheckSetGeom(XkbGeometryPtr geom, xkbSetGeometryReq * req, ClientPtr client)
return status;
for (i = 0; i < req->nDoodads; i++) {
- status = _CheckSetDoodad(&wire, geom, NULL, client);
+ status = _CheckSetDoodad(&wire, req, geom, NULL, client);
if (status != Success)
return status;
}
for (i = 0; i < req->nKeyAliases; i++) {
+ if (!_XkbCheckRequestBounds(client, req, wire, wire + XkbKeyNameLength))
+ return BadLength;
+
if (XkbAddGeomKeyAlias(geom, &wire[XkbKeyNameLength], wire) == NULL)
return BadAlloc;
wire += 2 * XkbKeyNameLength;
--
GitLab

43
extra/source/tigervnc/patches/xorg-server/857.patch Normal file
View file

@ -0,0 +1,43 @@
From d2ce97bd02c16ae162c49f76a00fc858035f288e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?B=C5=82a=C5=BCej=20Szczygie=C5=82?= <spaz16@wp.pl>
Date: Thu, 13 Jan 2022 00:47:27 +0100
Subject: [PATCH] present: Check for NULL to prevent crash
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Closes: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1275
Signed-off-by: Błażej Szczygieł <spaz16@wp.pl>
Tested-by: Aaron Plattner <aplattner@nvidia.com>
(cherry picked from commit 22d5818851967408bb7c903cb345b7ca8766094c)
---
present/present_scmd.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/present/present_scmd.c b/present/present_scmd.c
index 3c68e690b..11391adbb 100644
--- a/present/present_scmd.c
+++ b/present/present_scmd.c
@@ -168,6 +168,9 @@ present_scmd_get_crtc(present_screen_priv_ptr screen_priv, WindowPtr window)
if (!screen_priv->info)
return NULL;
+ if (!screen_priv->info->get_crtc)
+ return NULL;
+
return (*screen_priv->info->get_crtc)(window);
}
@@ -206,6 +209,9 @@ present_flush(WindowPtr window)
if (!screen_priv->info)
return;
+ if (!screen_priv->info->flush)
+ return;
+
(*screen_priv->info->flush) (window);
}
--
GitLab

34
extra/source/tigervnc/patches/xorg-server/CVE-2022-3550.patch Normal file
View file

@ -0,0 +1,34 @@
From 11beef0b7f1ed290348e45618e5fa0d2bffcb72e Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue, 5 Jul 2022 12:06:20 +1000
Subject: xkb: proof GetCountedString against request length attacks
GetCountedString did a check for the whole string to be within the
request buffer but not for the initial 2 bytes that contain the length
field. A swapped client could send a malformed request to trigger a
swaps() on those bytes, writing into random memory.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
---
xkb/xkb.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/xkb/xkb.c b/xkb/xkb.c
index f42f59ef3..1841cff26 100644
--- a/xkb/xkb.c
+++ b/xkb/xkb.c
@@ -5137,6 +5137,11 @@ _GetCountedString(char **wire_inout, ClientPtr client, char **str)
CARD16 len;
wire = *wire_inout;
+
+ if (client->req_len <
+ bytes_to_int32(wire + 2 - (char *) client->requestBuffer))
+ return BadValue;
+
len = *(CARD16 *) wire;
if (client->swapped) {
swaps(&len);
--
cgit v1.2.1

59
extra/source/tigervnc/patches/xorg-server/CVE-2022-3551.patch Normal file
View file

@ -0,0 +1,59 @@
From 18f91b950e22c2a342a4fbc55e9ddf7534a707d2 Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Wed, 13 Jul 2022 11:23:09 +1000
Subject: xkb: fix some possible memleaks in XkbGetKbdByName
GetComponentByName returns an allocated string, so let's free that if we
fail somewhere.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
---
xkb/xkb.c | 26 ++++++++++++++++++++------
1 file changed, 20 insertions(+), 6 deletions(-)
diff --git a/xkb/xkb.c b/xkb/xkb.c
index 4692895db..b79a269e3 100644
--- a/xkb/xkb.c
+++ b/xkb/xkb.c
@@ -5935,18 +5935,32 @@ ProcXkbGetKbdByName(ClientPtr client)
xkb = dev->key->xkbInfo->desc;
status = Success;
str = (unsigned char *) &stuff[1];
- if (GetComponentSpec(&str, TRUE, &status)) /* keymap, unsupported */
- return BadMatch;
+ {
+ char *keymap = GetComponentSpec(&str, TRUE, &status); /* keymap, unsupported */
+ if (keymap) {
+ free(keymap);
+ return BadMatch;
+ }
+ }
names.keycodes = GetComponentSpec(&str, TRUE, &status);
names.types = GetComponentSpec(&str, TRUE, &status);
names.compat = GetComponentSpec(&str, TRUE, &status);
names.symbols = GetComponentSpec(&str, TRUE, &status);
names.geometry = GetComponentSpec(&str, TRUE, &status);
- if (status != Success)
+ if (status == Success) {
+ len = str - ((unsigned char *) stuff);
+ if ((XkbPaddedSize(len) / 4) != stuff->length)
+ status = BadLength;
+ }
+
+ if (status != Success) {
+ free(names.keycodes);
+ free(names.types);
+ free(names.compat);
+ free(names.symbols);
+ free(names.geometry);
return status;
- len = str - ((unsigned char *) stuff);
- if ((XkbPaddedSize(len) / 4) != stuff->length)
- return BadLength;
+ }
CHK_MASK_LEGAL(0x01, stuff->want, XkbGBN_AllComponentsMask);
CHK_MASK_LEGAL(0x02, stuff->need, XkbGBN_AllComponentsMask);
--
cgit v1.2.1

43
extra/source/tigervnc/patches/xorg-server/CVE-2022-3553.patch Normal file
View file

@ -0,0 +1,43 @@
From dfd057996b26420309c324ec844a5ba6dd07eda3 Mon Sep 17 00:00:00 2001
From: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Date: Sat, 2 Jul 2022 14:17:18 -0700
Subject: xquartz: Fix a possible crash when editing the Application menu due
to mutaing immutable arrays
Crashing on exception: -[__NSCFArray replaceObjectAtIndex:withObject:]: mutating method sent to immutable object
Application Specific Backtrace 0:
0 CoreFoundation 0x00007ff80d2c5e9b __exceptionPreprocess + 242
1 libobjc.A.dylib 0x00007ff80d027e48 objc_exception_throw + 48
2 CoreFoundation 0x00007ff80d38167b _CFThrowFormattedException + 194
3 CoreFoundation 0x00007ff80d382a25 -[__NSCFArray removeObjectAtIndex:].cold.1 + 0
4 CoreFoundation 0x00007ff80d2e6c0b -[__NSCFArray replaceObjectAtIndex:withObject:] + 119
5 X11.bin 0x00000001003180f9 -[X11Controller tableView:setObjectValue:forTableColumn:row:] + 169
Fixes: https://github.com/XQuartz/XQuartz/issues/267
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
---
hw/xquartz/X11Controller.m | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/hw/xquartz/X11Controller.m b/hw/xquartz/X11Controller.m
index 3b55bb6a5..e9a939312 100644
--- a/hw/xquartz/X11Controller.m
+++ b/hw/xquartz/X11Controller.m
@@ -469,8 +469,11 @@ extern char *bundle_id_prefix;
self.table_apps = table_apps;
NSArray * const apps = self.apps;
- if (apps != nil)
- [table_apps addObjectsFromArray:apps];
+ if (apps != nil) {
+ for (NSArray <NSString *> * row in apps) {
+ [table_apps addObject:row.mutableCopy];
+ }
+ }
columns = [apps_table tableColumns];
[[columns objectAtIndex:0] setIdentifier:@"0"];
--
cgit v1.2.1

35
extra/source/tigervnc/patches/xorg-server/CVE-2022-4283.patch Normal file
View file

@ -0,0 +1,35 @@
From ccdd431cd8f1cabae9d744f0514b6533c438908c Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Mon, 5 Dec 2022 15:55:54 +1000
Subject: [PATCH] xkb: reset the radio_groups pointer to NULL after freeing it
Unlike other elements of the keymap, this pointer was freed but not
reset. On a subsequent XkbGetKbdByName request, the server may access
already freed memory.
CVE-2022-4283, ZDI-CAN-19530
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
---
xkb/xkbUtils.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/xkb/xkbUtils.c b/xkb/xkbUtils.c
index dd089c204..3f5791a18 100644
--- a/xkb/xkbUtils.c
+++ b/xkb/xkbUtils.c
@@ -1326,6 +1326,7 @@ _XkbCopyNames(XkbDescPtr src, XkbDescPtr dst)
}
else {
free(dst->names->radio_groups);
+ dst->names->radio_groups = NULL;
}
dst->names->num_rg = src->names->num_rg;
--
GitLab

12
extra/source/tigervnc/patches/xorg-server/CVE-2022-46340.correction.patch Normal file
View file

@ -0,0 +1,12 @@
diff -u -r --new-file xorg-server-21.1.5/Xext/xtest.c xorg-server-21.1.6/Xext/xtest.c
--- xorg-server-21.1.5/Xext/xtest.c 2022-12-13 20:25:18.000000000 -0600
+++ xorg-server-21.1.6/Xext/xtest.c 2022-12-19 04:53:03.000000000 -0600
@@ -502,7 +502,7 @@
nev = ((req->length << 2) - sizeof(xReq)) / sizeof(xEvent);
for (ev = (xEvent *) &req[1]; --nev >= 0; ev++) {
- int evtype = ev->u.u.type & 0x177;
+ int evtype = ev->u.u.type & 0177;
/* Swap event */
proc = EventSwapVector[evtype];
/* no swapping proc; invalid event type? */

51
extra/source/tigervnc/patches/xorg-server/CVE-2022-46340.patch Normal file
View file

@ -0,0 +1,51 @@
From b320ca0ffe4c0c872eeb3a93d9bde21f765c7c63 Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue, 29 Nov 2022 12:55:45 +1000
Subject: [PATCH] Xtest: disallow GenericEvents in XTestSwapFakeInput
XTestSwapFakeInput assumes all events in this request are
sizeof(xEvent) and iterates through these in 32-byte increments.
However, a GenericEvent may be of arbitrary length longer than 32 bytes,
so any GenericEvent in this list would result in subsequent events to be
misparsed.
Additional, the swapped event is written into a stack-allocated struct
xEvent (size 32 bytes). For any GenericEvent longer than 32 bytes,
swapping the event may thus smash the stack like an avocado on toast.
Catch this case early and return BadValue for any GenericEvent.
Which is what would happen in unswapped setups anyway since XTest
doesn't support GenericEvent.
CVE-2022-46340, ZDI-CAN 19265
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
---
Xext/xtest.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/Xext/xtest.c b/Xext/xtest.c
index bf27eb590..2985a4ce6 100644
--- a/Xext/xtest.c
+++ b/Xext/xtest.c
@@ -502,10 +502,11 @@ XTestSwapFakeInput(ClientPtr client, xReq * req)
nev = ((req->length << 2) - sizeof(xReq)) / sizeof(xEvent);
for (ev = (xEvent *) &req[1]; --nev >= 0; ev++) {
+ int evtype = ev->u.u.type & 0x177;
/* Swap event */
- proc = EventSwapVector[ev->u.u.type & 0177];
+ proc = EventSwapVector[evtype];
/* no swapping proc; invalid event type? */
- if (!proc || proc == NotImplemented) {
+ if (!proc || proc == NotImplemented || evtype == GenericEvent) {
client->errorValue = ev->u.u.type;
return BadValue;
}
--
GitLab

82
extra/source/tigervnc/patches/xorg-server/CVE-2022-46341.patch Normal file
View file

@ -0,0 +1,82 @@
From 51eb63b0ee1509c6c6b8922b0e4aa037faa6f78b Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue, 29 Nov 2022 13:55:32 +1000
Subject: [PATCH] Xi: disallow passive grabs with a detail > 255
The XKB protocol effectively prevents us from ever using keycodes above
255. For buttons it's theoretically possible but realistically too niche
to worry about. For all other passive grabs, the detail must be zero
anyway.
This fixes an OOB write:
ProcXIPassiveUngrabDevice() calls DeletePassiveGrabFromList with a
temporary grab struct which contains tempGrab->detail.exact = stuff->detail.
For matching existing grabs, DeleteDetailFromMask is called with the
stuff->detail value. This function creates a new mask with the one bit
representing stuff->detail cleared.
However, the array size for the new mask is 8 * sizeof(CARD32) bits,
thus any detail above 255 results in an OOB array write.
CVE-2022-46341, ZDI-CAN 19381
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
---
Xi/xipassivegrab.c | 22 ++++++++++++++--------
1 file changed, 14 insertions(+), 8 deletions(-)
diff --git a/Xi/xipassivegrab.c b/Xi/xipassivegrab.c
index 2769fb7c9..c9ac2f855 100644
--- a/Xi/xipassivegrab.c
+++ b/Xi/xipassivegrab.c
@@ -137,6 +137,12 @@ ProcXIPassiveGrabDevice(ClientPtr client)
return BadValue;
}
+ /* XI2 allows 32-bit keycodes but thanks to XKB we can never
+ * implement this. Just return an error for all keycodes that
+ * cannot work anyway, same for buttons > 255. */
+ if (stuff->detail > 255)
+ return XIAlreadyGrabbed;
+
if (XICheckInvalidMaskBits(client, (unsigned char *) &stuff[1],
stuff->mask_len * 4) != Success)
return BadValue;
@@ -207,14 +213,8 @@ ProcXIPassiveGrabDevice(ClientPtr client)
&param, XI2, &mask);
break;
case XIGrabtypeKeycode:
- /* XI2 allows 32-bit keycodes but thanks to XKB we can never
- * implement this. Just return an error for all keycodes that
- * cannot work anyway */
- if (stuff->detail > 255)
- status = XIAlreadyGrabbed;
- else
- status = GrabKey(client, dev, mod_dev, stuff->detail,
- &param, XI2, &mask);
+ status = GrabKey(client, dev, mod_dev, stuff->detail,
+ &param, XI2, &mask);
break;
case XIGrabtypeEnter:
case XIGrabtypeFocusIn:
@@ -334,6 +334,12 @@ ProcXIPassiveUngrabDevice(ClientPtr client)
return BadValue;
}
+ /* We don't allow passive grabs for details > 255 anyway */
+ if (stuff->detail > 255) {
+ client->errorValue = stuff->detail;
+ return BadValue;
+ }
+
rc = dixLookupWindow(&win, stuff->grab_window, client, DixSetAttrAccess);
if (rc != Success)
return rc;
--
GitLab

74
extra/source/tigervnc/patches/xorg-server/CVE-2022-46342.patch Normal file
View file

@ -0,0 +1,74 @@
From b79f32b57cc0c1186b2899bce7cf89f7b325161b Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Wed, 30 Nov 2022 11:20:40 +1000
Subject: [PATCH] Xext: free the XvRTVideoNotify when turning off from the same
client
This fixes a use-after-free bug:
When a client first calls XvdiSelectVideoNotify() on a drawable with a
TRUE onoff argument, a struct XvVideoNotifyRec is allocated. This struct
is added twice to the resources:
- as the drawable's XvRTVideoNotifyList. This happens only once per
drawable, subsequent calls append to this list.
- as the client's XvRTVideoNotify. This happens for every client.
The struct keeps the ClientPtr around once it has been added for a
client. The idea, presumably, is that if the client disconnects we can remove
all structs from the drawable's list that match the client (by resetting
the ClientPtr to NULL), but if the drawable is destroyed we can remove
and free the whole list.
However, if the same client then calls XvdiSelectVideoNotify() on the
same drawable with a FALSE onoff argument, only the ClientPtr on the
existing struct was set to NULL. The struct itself remained in the
client's resources.
If the drawable is now destroyed, the resource system invokes
XvdiDestroyVideoNotifyList which frees the whole list for this drawable
- including our struct. This function however does not free the resource
for the client since our ClientPtr is NULL.
Later, when the client is destroyed and the resource system invokes
XvdiDestroyVideoNotify, we unconditionally set the ClientPtr to NULL. On
a struct that has been freed previously. This is generally frowned upon.
Fix this by calling FreeResource() on the second call instead of merely
setting the ClientPtr to NULL. This removes the struct from the client
resources (but not from the list), ensuring that it won't be accessed
again when the client quits.
Note that the assignment tpn->client = NULL; is superfluous since the
XvdiDestroyVideoNotify function will do this anyway. But it's left for
clarity and to match a similar invocation in XvdiSelectPortNotify.
CVE-2022-46342, ZDI-CAN 19400
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
---
Xext/xvmain.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/Xext/xvmain.c b/Xext/xvmain.c
index f62747193..2a08f8744 100644
--- a/Xext/xvmain.c
+++ b/Xext/xvmain.c
@@ -811,8 +811,10 @@ XvdiSelectVideoNotify(ClientPtr client, DrawablePtr pDraw, BOOL onoff)
tpn = pn;
while (tpn) {
if (tpn->client == client) {
- if (!onoff)
+ if (!onoff) {
tpn->client = NULL;
+ FreeResource(tpn->id, XvRTVideoNotify);
+ }
return Success;
}
if (!tpn->client)
--
GitLab

47
extra/source/tigervnc/patches/xorg-server/CVE-2022-46343.patch Normal file
View file

@ -0,0 +1,47 @@
From 842ca3ccef100ce010d1d8f5f6d6cc1915055900 Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue, 29 Nov 2022 14:53:07 +1000
Subject: [PATCH] Xext: free the screen saver resource when replacing it
This fixes a use-after-free bug:
When a client first calls ScreenSaverSetAttributes(), a struct
ScreenSaverAttrRec is allocated and added to the client's
resources.
When the same client calls ScreenSaverSetAttributes() again, a new
struct ScreenSaverAttrRec is allocated, replacing the old struct. The
old struct was freed but not removed from the clients resources.
Later, when the client is destroyed the resource system invokes
ScreenSaverFreeAttr and attempts to clean up the already freed struct.
Fix this by letting the resource system free the old attrs instead.
CVE-2022-46343, ZDI-CAN 19404
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
---
Xext/saver.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Xext/saver.c b/Xext/saver.c
index f813ba08d..fd6153c31 100644
--- a/Xext/saver.c
+++ b/Xext/saver.c
@@ -1051,7 +1051,7 @@ ScreenSaverSetAttributes(ClientPtr client)
pVlist++;
}
if (pPriv->attr)
- FreeScreenAttr(pPriv->attr);
+ FreeResource(pPriv->attr->resource, AttrType);
pPriv->attr = pAttr;
pAttr->resource = FakeClientID(client->index);
if (!AddResource(pAttr->resource, AttrType, (void *) pAttr))
--
GitLab

71
extra/source/tigervnc/patches/xorg-server/CVE-2022-46344.patch Normal file
View file

@ -0,0 +1,71 @@
From 8f454b793e1f13c99872c15f0eed1d7f3b823fe8 Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue, 29 Nov 2022 13:26:57 +1000
Subject: [PATCH] Xi: avoid integer truncation in length check of
ProcXIChangeProperty
This fixes an OOB read and the resulting information disclosure.
Length calculation for the request was clipped to a 32-bit integer. With
the correct stuff->num_items value the expected request size was
truncated, passing the REQUEST_FIXED_SIZE check.
The server then proceeded with reading at least stuff->num_items bytes
(depending on stuff->format) from the request and stuffing whatever it
finds into the property. In the process it would also allocate at least
stuff->num_items bytes, i.e. 4GB.
The same bug exists in ProcChangeProperty and ProcXChangeDeviceProperty,
so let's fix that too.
CVE-2022-46344, ZDI-CAN 19405
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
---
Xi/xiproperty.c | 4 ++--
dix/property.c | 3 ++-
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/Xi/xiproperty.c b/Xi/xiproperty.c
index 68c362c62..066ba21fb 100644
--- a/Xi/xiproperty.c
+++ b/Xi/xiproperty.c
@@ -890,7 +890,7 @@ ProcXChangeDeviceProperty(ClientPtr client)
REQUEST(xChangeDevicePropertyReq);
DeviceIntPtr dev;
unsigned long len;
- int totalSize;
+ uint64_t totalSize;
int rc;
REQUEST_AT_LEAST_SIZE(xChangeDevicePropertyReq);
@@ -1130,7 +1130,7 @@ ProcXIChangeProperty(ClientPtr client)
{
int rc;
DeviceIntPtr dev;
- int totalSize;
+ uint64_t totalSize;
unsigned long len;
REQUEST(xXIChangePropertyReq);
diff --git a/dix/property.c b/dix/property.c
index 94ef5a0ec..acce94b2c 100644
--- a/dix/property.c
+++ b/dix/property.c
@@ -205,7 +205,8 @@ ProcChangeProperty(ClientPtr client)
WindowPtr pWin;
char format, mode;
unsigned long len;
- int sizeInBytes, totalSize, err;
+ int sizeInBytes, err;
+ uint64_t totalSize;
REQUEST(xChangePropertyReq);
--
GitLab

34
extra/source/tigervnc/patches/xorg-server/CVE-2023-0494.patch Normal file
View file

@ -0,0 +1,34 @@
From 0ba6d8c37071131a49790243cdac55392ecf71ec Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Wed, 25 Jan 2023 11:41:40 +1000
Subject: [PATCH] Xi: fix potential use-after-free in DeepCopyPointerClasses
CVE-2023-0494, ZDI-CAN-19596
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
---
Xi/exevents.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/Xi/exevents.c b/Xi/exevents.c
index 217baa956..dcd4efb3b 100644
--- a/Xi/exevents.c
+++ b/Xi/exevents.c
@@ -619,8 +619,10 @@ DeepCopyPointerClasses(DeviceIntPtr from, DeviceIntPtr to)
memcpy(to->button->xkb_acts, from->button->xkb_acts,
sizeof(XkbAction));
}
- else
+ else {
free(to->button->xkb_acts);
+ to->button->xkb_acts = NULL;
+ }
memcpy(to->button->labels, from->button->labels,
from->button->numButtons * sizeof(Atom));
--
GitLab

42
extra/source/tigervnc/patches/xorg-server/CVE-2023-1393.patch Normal file
View file

@ -0,0 +1,42 @@
From 26ef545b3502f61ca722a7a3373507e88ef64110 Mon Sep 17 00:00:00 2001
From: Olivier Fourdan <ofourdan@redhat.com>
Date: Mon, 13 Mar 2023 11:08:47 +0100
Subject: [PATCH] composite: Fix use-after-free of the COW
ZDI-CAN-19866/CVE-2023-1393
If a client explicitly destroys the compositor overlay window (aka COW),
we would leave a dangling pointer to that window in the CompScreen
structure, which will trigger a use-after-free later.
Make sure to clear the CompScreen pointer to the COW when the latter gets
destroyed explicitly by the client.
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Adam Jackson <ajax@redhat.com>
---
composite/compwindow.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/composite/compwindow.c b/composite/compwindow.c
index 4e2494b86b..b30da589e9 100644
--- a/composite/compwindow.c
+++ b/composite/compwindow.c
@@ -620,6 +620,11 @@ compDestroyWindow(WindowPtr pWin)
ret = (*pScreen->DestroyWindow) (pWin);
cs->DestroyWindow = pScreen->DestroyWindow;
pScreen->DestroyWindow = compDestroyWindow;
+
+ /* Did we just destroy the overlay window? */
+ if (pWin == cs->pOverlayWin)
+ cs->pOverlayWin = NULL;
+
/* compCheckTree (pWin->drawable.pScreen); can't check -- tree isn't good*/
return ret;
}
--
GitLab

81
extra/source/tigervnc/patches/xorg-server/CVE-2023-5367.patch Normal file
View file

@ -0,0 +1,81 @@
From 541ab2ecd41d4d8689e71855d93e492bc554719a Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue, 3 Oct 2023 11:53:05 +1000
Subject: [PATCH] Xi/randr: fix handling of PropModeAppend/Prepend
The handling of appending/prepending properties was incorrect, with at
least two bugs: the property length was set to the length of the new
part only, i.e. appending or prepending N elements to a property with P
existing elements always resulted in the property having N elements
instead of N + P.
Second, when pre-pending a value to a property, the offset for the old
values was incorrect, leaving the new property with potentially
uninitalized values and/or resulting in OOB memory writes.
For example, prepending a 3 element value to a 5 element property would
result in this 8 value array:
[N, N, N, ?, ?, P, P, P ] P, P
^OOB write
The XI2 code is a copy/paste of the RandR code, so the bug exists in
both.
CVE-2023-5367, ZDI-CAN-22153
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
---
Xi/xiproperty.c | 4 ++--
randr/rrproperty.c | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/Xi/xiproperty.c b/Xi/xiproperty.c
index 066ba21fba..d315f04d0e 100644
--- a/Xi/xiproperty.c
+++ b/Xi/xiproperty.c
@@ -730,7 +730,7 @@ XIChangeDeviceProperty(DeviceIntPtr dev, Atom property, Atom type,
XIDestroyDeviceProperty(prop);
return BadAlloc;
}
- new_value.size = len;
+ new_value.size = total_len;
new_value.type = type;
new_value.format = format;
@@ -747,7 +747,7 @@ XIChangeDeviceProperty(DeviceIntPtr dev, Atom property, Atom type,
case PropModePrepend:
new_data = new_value.data;
old_data = (void *) (((char *) new_value.data) +
- (prop_value->size * size_in_bytes));
+ (len * size_in_bytes));
break;
}
if (new_data)
diff --git a/randr/rrproperty.c b/randr/rrproperty.c
index c2fb9585c6..25469f57b2 100644
--- a/randr/rrproperty.c
+++ b/randr/rrproperty.c
@@ -209,7 +209,7 @@ RRChangeOutputProperty(RROutputPtr output, Atom property, Atom type,
RRDestroyOutputProperty(prop);
return BadAlloc;
}
- new_value.size = len;
+ new_value.size = total_len;
new_value.type = type;
new_value.format = format;
@@ -226,7 +226,7 @@ RRChangeOutputProperty(RROutputPtr output, Atom property, Atom type,
case PropModePrepend:
new_data = new_value.data;
old_data = (void *) (((char *) new_value.data) +
- (prop_value->size * size_in_bytes));
+ (len * size_in_bytes));
break;
}
if (new_data)
--
GitLab

99
extra/source/tigervnc/patches/xorg-server/CVE-2023-5380.patch Normal file
View file

@ -0,0 +1,99 @@
From 564ccf2ce9616620456102727acb8b0256b7bbd7 Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Thu, 5 Oct 2023 12:19:45 +1000
Subject: [PATCH] mi: reset the PointerWindows reference on screen switch
PointerWindows[] keeps a reference to the last window our sprite
entered - changes are usually handled by CheckMotion().
If we switch between screens via XWarpPointer our
dev->spriteInfo->sprite->win is set to the new screen's root window.
If there's another window at the cursor location CheckMotion() will
trigger the right enter/leave events later. If there is not, it skips
that process and we never trigger LeaveWindow() - PointerWindows[] for
the device still refers to the previous window.
If that window is destroyed we have a dangling reference that will
eventually cause a use-after-free bug when checking the window hierarchy
later.
To trigger this, we require:
- two protocol screens
- XWarpPointer to the other screen's root window
- XDestroyWindow before entering any other window
This is a niche bug so we hack around it by making sure we reset the
PointerWindows[] entry so we cannot have a dangling pointer. This
doesn't handle Enter/Leave events correctly but the previous code didn't
either.
CVE-2023-5380, ZDI-CAN-21608
This vulnerability was discovered by:
Sri working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Adam Jackson <ajax@redhat.com>
---
dix/enterleave.h | 2 --
include/eventstr.h | 3 +++
mi/mipointer.c | 17 +++++++++++++++--
3 files changed, 18 insertions(+), 4 deletions(-)
diff --git a/dix/enterleave.h b/dix/enterleave.h
index 4b833d8a3b..e8af924c68 100644
--- a/dix/enterleave.h
+++ b/dix/enterleave.h
@@ -58,8 +58,6 @@ extern void DeviceFocusEvent(DeviceIntPtr dev,
extern void EnterWindow(DeviceIntPtr dev, WindowPtr win, int mode);
-extern void LeaveWindow(DeviceIntPtr dev);
-
extern void CoreFocusEvent(DeviceIntPtr kbd,
int type, int mode, int detail, WindowPtr pWin);
diff --git a/include/eventstr.h b/include/eventstr.h
index 93308f9b24..a9926eaeef 100644
--- a/include/eventstr.h
+++ b/include/eventstr.h
@@ -335,4 +335,7 @@ union _InternalEvent {
GestureEvent gesture_event;
};
+extern void
+LeaveWindow(DeviceIntPtr dev);
+
#endif
diff --git a/mi/mipointer.c b/mi/mipointer.c
index a638f25d4a..8cf0035140 100644
--- a/mi/mipointer.c
+++ b/mi/mipointer.c
@@ -397,8 +397,21 @@ miPointerWarpCursor(DeviceIntPtr pDev, ScreenPtr pScreen, int x, int y)
#ifdef PANORAMIX
&& noPanoramiXExtension
#endif
- )
- UpdateSpriteForScreen(pDev, pScreen);
+ ) {
+ DeviceIntPtr master = GetMaster(pDev, MASTER_POINTER);
+ /* Hack for CVE-2023-5380: if we're moving
+ * screens PointerWindows[] keeps referring to the
+ * old window. If that gets destroyed we have a UAF
+ * bug later. Only happens when jumping from a window
+ * to the root window on the other screen.
+ * Enter/Leave events are incorrect for that case but
+ * too niche to fix.
+ */
+ LeaveWindow(pDev);
+ if (master)
+ LeaveWindow(master);
+ UpdateSpriteForScreen(pDev, pScreen);
+ }
}
/**
--
GitLab
B

30
extra/source/tigervnc/tigervnc.SlackBuild
View file

@ -1,7 +1,7 @@
#!/bin/bash
# Copyright 2010, 2011, 2012, 2013, 2014, 2015 Eric Hameleers, Eindhoven. NL
# Copyright 2015, 2016, 2020, 2021 Patrick J. Volkerding, Sebeka, MN, USA
# Copyright 2015, 2016, 2020, 2021, 2023 Patrick J. Volkerding, Sebeka, MN, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=tigervnc
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
XORGVER=${XORGVER:-$(echo xorg-server-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-3}
BUILD=${BUILD:-4_slack15.0}
# Do we build the java applet (needs jdk)?
JAVA_APPLET=${JAVA_APPLET:-"OFF"}
@ -89,14 +89,32 @@ tar xvf $CWD/xorg-server-$XORGVER.tar.?z --strip-components=1 -C unix/xserver ||
# Patch the X server sources:
( cd unix/xserver
zcat $CWD/patches/xserver120.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/x11.startwithblackscreen.diff.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/xorg-server.combo.mouse.keyboard.layout.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/fix-nouveau-segfault.diff.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/0001-Always-install-vbe-and-int10-sdk-headers.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/0001-autobind-GPUs-to-the-screen.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/0001-xfree86-use-modesetting-driver-by-default-on-GeForce.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/06_use-intel-only-on-pre-gen4.diff.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/fix-nouveau-segfault.diff.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/fix-pci-segfault.diff.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/x11.startwithblackscreen.diff.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/xorg-server.combo.mouse.keyboard.layout.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/06_use-intel-only-on-pre-gen4.diff.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/0002-dd8caf39e9e15d8f302e54045dd08d8ebf1025dc.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/0003-6907b6ea2b4ce949cb07271f5b678d5966d9df42.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/CVE-2022-3550.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/CVE-2022-3551.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/CVE-2022-3553.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/CVE-2022-4283.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/CVE-2022-46340.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/CVE-2022-46341.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/CVE-2022-46342.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/CVE-2022-46343.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/CVE-2022-46344.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/CVE-2022-46340.correction.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/CVE-2023-0494.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/857.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/CVE-2023-1393.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/CVE-2023-5367.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/xorg-server/CVE-2023-5380.patch.gz | patch -p1 --verbose || exit 1
autoreconf -vif || exit 1
) || exit 1

18
recompress.sh
View file

@ -20,14 +20,32 @@ gzip ./extra/source/bittornado/doinst.sh
gzip ./extra/source/sendmail/Build
gzip ./extra/source/tigervnc/patches/tigervnc.pam.d.diff
gzip ./extra/source/tigervnc/patches/force_protocol_3.3_for_UVNCSC.patch
gzip ./extra/source/tigervnc/patches/xorg-server/CVE-2022-46342.patch
gzip ./extra/source/tigervnc/patches/xorg-server/CVE-2023-5380.patch
gzip ./extra/source/tigervnc/patches/xorg-server/CVE-2022-46343.patch
gzip ./extra/source/tigervnc/patches/xorg-server/xorg-server.combo.mouse.keyboard.layout.patch
gzip ./extra/source/tigervnc/patches/xorg-server/CVE-2022-3553.patch
gzip ./extra/source/tigervnc/patches/xorg-server/CVE-2022-46340.patch
gzip ./extra/source/tigervnc/patches/xorg-server/CVE-2023-0494.patch
gzip ./extra/source/tigervnc/patches/xorg-server/CVE-2022-46340.correction.patch
gzip ./extra/source/tigervnc/patches/xorg-server/CVE-2022-46344.patch
gzip ./extra/source/tigervnc/patches/xorg-server/0001-autobind-GPUs-to-the-screen.patch
gzip ./extra/source/tigervnc/patches/xorg-server/0001-xfree86-use-modesetting-driver-by-default-on-GeForce.patch
gzip ./extra/source/tigervnc/patches/xorg-server/857.patch
gzip ./extra/source/tigervnc/patches/xorg-server/0003-6907b6ea2b4ce949cb07271f5b678d5966d9df42.patch
gzip ./extra/source/tigervnc/patches/xorg-server/CVE-2022-3551.patch
gzip ./extra/source/tigervnc/patches/xorg-server/CVE-2022-4283.patch
gzip ./extra/source/tigervnc/patches/xorg-server/CVE-2023-1393.patch
gzip ./extra/source/tigervnc/patches/xorg-server/fix-nouveau-segfault.diff
gzip ./extra/source/tigervnc/patches/xorg-server/fix-pci-segfault.diff
gzip ./extra/source/tigervnc/patches/xorg-server/x11.startwithblackscreen.diff
gzip ./extra/source/tigervnc/patches/xorg-server/CVE-2022-46341.patch
gzip ./extra/source/tigervnc/patches/xorg-server/0002-dd8caf39e9e15d8f302e54045dd08d8ebf1025dc.patch
gzip ./extra/source/tigervnc/patches/xorg-server/CVE-2022-3550.patch
gzip ./extra/source/tigervnc/patches/xorg-server/06_use-intel-only-on-pre-gen4.diff
gzip ./extra/source/tigervnc/patches/xorg-server/0001-Always-install-vbe-and-int10-sdk-headers.patch
gzip ./extra/source/tigervnc/patches/xorg-server/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch
gzip ./extra/source/tigervnc/patches/xorg-server/CVE-2023-5367.patch
gzip ./extra/source/tigervnc/patches/vncserver.xinitrc.diff
gzip ./extra/source/tigervnc/patches/xserver120.patch
gzip ./extra/source/tigervnc/doinst.sh