Miroirs/slackware-current
1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2025-02-05 20:46:11 +01:00
Code Issues Projects Releases Packages Wiki Activity

Fri Apr 12 19:08:59 UTC 2024

Browse source 
extra/php81/php81-8.1.28-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  Command injection via array-ish $command parameter of proc_open.
  __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix.
  Password_verify can erroneously return true, opening ATO risk.
  For more information, see:
    https://www.php.net/ChangeLog-8.php#8.1.28
    https://www.cve.org/CVERecord?id=CVE-2024-1874
    https://www.cve.org/CVERecord?id=CVE-2024-2756
    https://www.cve.org/CVERecord?id=CVE-2024-3096
  (* Security fix *)
This commit is contained in:
Patrick J Volkerding 2024-04-12 19:08:59 +00:00 committed by Eric Hameleers
parent 971e161e46
commit 47084e3f2f
4 changed files with 59 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
ChangeLog.rss
View file

@ -11,9 +11,30 @@
<description>Tracking Slackware development in git.</description> <description>Tracking Slackware development in git.</description>
<language>en-us</language> <language>en-us</language>
<id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
<pubDate>Mon, 8 Apr 2024 18:44:37 GMT</pubDate> <pubDate>Fri, 12 Apr 2024 19:08:59 GMT</pubDate>
<lastBuildDate>Tue, 9 Apr 2024 11:30:31 GMT</lastBuildDate> <lastBuildDate>Sat, 13 Apr 2024 11:30:26 GMT</lastBuildDate>
<generator>maintain_current_git.sh v 1.17</generator> <generator>maintain_current_git.sh v 1.17</generator>
<item>
<title>Fri, 12 Apr 2024 19:08:59 GMT</title>
<pubDate>Fri, 12 Apr 2024 19:08:59 GMT</pubDate>
<link>https://git.slackware.nl/current/tag/?h=20240412190859</link>
<guid isPermaLink="false">20240412190859</guid>
<description>
<![CDATA[<pre>
extra/php81/php81-8.1.28-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Command injection via array-ish $command parameter of proc_open.
__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix.
Password_verify can erroneously return true, opening ATO risk.
For more information, see:
https://www.php.net/ChangeLog-8.php#8.1.28
https://www.cve.org/CVERecord?id=CVE-2024-1874
https://www.cve.org/CVERecord?id=CVE-2024-2756
https://www.cve.org/CVERecord?id=CVE-2024-3096
(* Security fix *)
</pre>]]>
</description>
</item>
<item> <item>
<title>Mon, 8 Apr 2024 18:44:37 GMT</title> <title>Mon, 8 Apr 2024 18:44:37 GMT</title>
<pubDate>Mon, 8 Apr 2024 18:44:37 GMT</pubDate> <pubDate>Mon, 8 Apr 2024 18:44:37 GMT</pubDate>

13
ChangeLog.txt
View file

@ -1,3 +1,16 @@
Fri Apr 12 19:08:59 UTC 2024
extra/php81/php81-8.1.28-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Command injection via array-ish $command parameter of proc_open.
__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix.
Password_verify can erroneously return true, opening ATO risk.
For more information, see:
https://www.php.net/ChangeLog-8.php#8.1.28
https://www.cve.org/CVERecord?id=CVE-2024-1874
https://www.cve.org/CVERecord?id=CVE-2024-2756
https://www.cve.org/CVERecord?id=CVE-2024-3096
(* Security fix *)
+--------------------------+
Mon Apr 8 18:44:37 UTC 2024 Mon Apr 8 18:44:37 UTC 2024
patches/packages/libarchive-3.7.3-x86_64-1_slack15.0.txz: Upgraded. patches/packages/libarchive-3.7.3-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue: This update fixes a security issue:

42
FILELIST.TXT
View file

@ -1,20 +1,20 @@
Mon Apr 8 18:47:16 UTC 2024 Fri Apr 12 19:11:29 UTC 2024
Here is the file list for this directory. If you are using a Here is the file list for this directory. If you are using a
mirror site and find missing or extra files in the disk mirror site and find missing or extra files in the disk
subdirectories, please have the archive administrator refresh subdirectories, please have the archive administrator refresh
the mirror. the mirror.
drwxr-xr-x 12 root root 4096 2024-04-08 18:44 . drwxr-xr-x 12 root root 4096 2024-04-12 19:08 .
-rw-r--r-- 1 root root 5767 2022-02-02 22:44 ./ANNOUNCE.15.0 -rw-r--r-- 1 root root 5767 2022-02-02 22:44 ./ANNOUNCE.15.0
-rw-r--r-- 1 root root 16609 2022-03-30 19:03 ./CHANGES_AND_HINTS.TXT -rw-r--r-- 1 root root 16609 2022-03-30 19:03 ./CHANGES_AND_HINTS.TXT
-rw-r--r-- 1 root root 1230295 2024-04-05 20:12 ./CHECKSUMS.md5 -rw-r--r-- 1 root root 1230295 2024-04-08 18:47 ./CHECKSUMS.md5
-rw-r--r-- 1 root root 195 2024-04-05 20:12 ./CHECKSUMS.md5.asc -rw-r--r-- 1 root root 195 2024-04-08 18:47 ./CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING -rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING
-rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3 -rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3
-rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT -rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT
-rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT -rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT
-rw-r--r-- 1 root root 2109272 2024-04-08 18:44 ./ChangeLog.txt -rw-r--r-- 1 root root 2109878 2024-04-12 19:08 ./ChangeLog.txt
drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI
drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT
-rw-r--r-- 1 root root 1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi -rw-r--r-- 1 root root 1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi
@ -25,7 +25,7 @@ drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT
-rwxr-xr-x 1 root root 2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh -rwxr-xr-x 1 root root 2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh
-rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg -rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg
-rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg -rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg
-rw-r--r-- 1 root root 1607058 2024-04-05 20:12 ./FILELIST.TXT -rw-r--r-- 1 root root 1607058 2024-04-08 18:47 ./FILELIST.TXT
-rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY -rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY
-rw-r--r-- 1 root root 864745 2022-02-02 08:25 ./PACKAGES.TXT -rw-r--r-- 1 root root 864745 2022-02-02 08:25 ./PACKAGES.TXT
-rw-r--r-- 1 root root 8034 2022-02-02 03:36 ./README.TXT -rw-r--r-- 1 root root 8034 2022-02-02 03:36 ./README.TXT
@ -39,12 +39,12 @@ drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT
-rw-r--r-- 1 root root 17294 2008-12-08 18:13 ./SPEAK_INSTALL.TXT -rw-r--r-- 1 root root 17294 2008-12-08 18:13 ./SPEAK_INSTALL.TXT
-rw-r--r-- 1 root root 57187 2022-02-01 19:37 ./Slackware-HOWTO -rw-r--r-- 1 root root 57187 2022-02-01 19:37 ./Slackware-HOWTO
-rw-r--r-- 1 root root 8700 2022-01-26 05:44 ./UPGRADE.TXT -rw-r--r-- 1 root root 8700 2022-01-26 05:44 ./UPGRADE.TXT
drwxr-xr-x 19 root root 4096 2024-04-05 20:10 ./extra drwxr-xr-x 19 root root 4096 2024-04-12 19:11 ./extra
-rw-r--r-- 1 root root 56343 2024-04-05 20:10 ./extra/CHECKSUMS.md5 -rw-r--r-- 1 root root 56343 2024-04-12 19:11 ./extra/CHECKSUMS.md5
-rw-r--r-- 1 root root 195 2024-04-05 20:10 ./extra/CHECKSUMS.md5.asc -rw-r--r-- 1 root root 195 2024-04-12 19:11 ./extra/CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 70733 2024-04-05 20:10 ./extra/FILE_LIST -rw-r--r-- 1 root root 70733 2024-04-12 19:11 ./extra/FILE_LIST
-rw-r--r-- 1 root root 3051527 2024-04-05 20:10 ./extra/MANIFEST.bz2 -rw-r--r-- 1 root root 3063689 2024-04-12 19:11 ./extra/MANIFEST.bz2
-rw-r--r-- 1 root root 37488 2024-04-05 20:10 ./extra/PACKAGES.TXT -rw-r--r-- 1 root root 37488 2024-04-12 19:11 ./extra/PACKAGES.TXT
-rw-r--r-- 1 root root 149 2002-02-09 00:18 ./extra/README.TXT -rw-r--r-- 1 root root 149 2002-02-09 00:18 ./extra/README.TXT
drwxr-xr-x 2 root root 20480 2020-05-26 20:38 ./extra/aspell-word-lists drwxr-xr-x 2 root root 20480 2020-05-26 20:38 ./extra/aspell-word-lists
-rw-r--r-- 1 root root 171 2016-06-06 20:10 ./extra/aspell-word-lists/aspell-af-0.50_0-x86_64-5.txt -rw-r--r-- 1 root root 171 2016-06-06 20:10 ./extra/aspell-word-lists/aspell-af-0.50_0-x86_64-5.txt
@ -358,10 +358,10 @@ drwxr-xr-x 2 root root 4096 2023-08-07 19:24 ./extra/php80
-rw-r--r-- 1 root root 369 2023-08-07 18:47 ./extra/php80/php80-8.0.30-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 369 2023-08-07 18:47 ./extra/php80/php80-8.0.30-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 6175812 2023-08-07 18:47 ./extra/php80/php80-8.0.30-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 6175812 2023-08-07 18:47 ./extra/php80/php80-8.0.30-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 163 2023-08-07 18:47 ./extra/php80/php80-8.0.30-x86_64-1_slack15.0.txz.asc -rw-r--r-- 1 root root 163 2023-08-07 18:47 ./extra/php80/php80-8.0.30-x86_64-1_slack15.0.txz.asc
drwxr-xr-x 2 root root 4096 2023-12-21 20:48 ./extra/php81 drwxr-xr-x 2 root root 4096 2024-04-12 19:11 ./extra/php81
-rw-r--r-- 1 root root 369 2023-12-21 20:02 ./extra/php81/php81-8.1.27-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 369 2024-04-12 17:18 ./extra/php81/php81-8.1.28-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 6320088 2023-12-21 20:02 ./extra/php81/php81-8.1.27-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 6308576 2024-04-12 17:18 ./extra/php81/php81-8.1.28-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 163 2023-12-21 20:02 ./extra/php81/php81-8.1.27-x86_64-1_slack15.0.txz.asc -rw-r--r-- 1 root root 195 2024-04-12 17:18 ./extra/php81/php81-8.1.28-x86_64-1_slack15.0.txz.asc
drwxr-xr-x 2 root root 4096 2023-08-04 19:16 ./extra/rust-for-mozilla drwxr-xr-x 2 root root 4096 2023-08-04 19:16 ./extra/rust-for-mozilla
-rw-r--r-- 1 root root 700 2022-01-27 20:31 ./extra/rust-for-mozilla/README -rw-r--r-- 1 root root 700 2022-01-27 20:31 ./extra/rust-for-mozilla/README
-rw-r--r-- 1 root root 426 2023-07-25 20:55 ./extra/rust-for-mozilla/rust-1.70.0-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 426 2023-07-25 20:55 ./extra/rust-for-mozilla/rust-1.70.0-x86_64-1_slack15.0.txt
@ -375,7 +375,7 @@ drwxr-xr-x 2 root root 4096 2024-01-31 21:21 ./extra/sendmail
-rw-r--r-- 1 root root 586 2024-01-31 20:58 ./extra/sendmail/sendmail-cf-8.18.1-noarch-1_slack15.0.txt -rw-r--r-- 1 root root 586 2024-01-31 20:58 ./extra/sendmail/sendmail-cf-8.18.1-noarch-1_slack15.0.txt
-rw-r--r-- 1 root root 119356 2024-01-31 20:58 ./extra/sendmail/sendmail-cf-8.18.1-noarch-1_slack15.0.txz -rw-r--r-- 1 root root 119356 2024-01-31 20:58 ./extra/sendmail/sendmail-cf-8.18.1-noarch-1_slack15.0.txz
-rw-r--r-- 1 root root 163 2024-01-31 20:58 ./extra/sendmail/sendmail-cf-8.18.1-noarch-1_slack15.0.txz.asc -rw-r--r-- 1 root root 163 2024-01-31 20:58 ./extra/sendmail/sendmail-cf-8.18.1-noarch-1_slack15.0.txz.asc
drwxr-xr-x 19 root root 4096 2024-04-05 17:19 ./extra/source drwxr-xr-x 19 root root 4096 2024-04-12 17:39 ./extra/source
lrwxrwxrwx 1 root root 21 2021-04-29 18:18 ./extra/source/alpine -> ../../source/n/alpine lrwxrwxrwx 1 root root 21 2021-04-29 18:18 ./extra/source/alpine -> ../../source/n/alpine
drwxr-xr-x 4 root root 4096 2018-11-09 05:59 ./extra/source/aspell-word-lists drwxr-xr-x 4 root root 4096 2018-11-09 05:59 ./extra/source/aspell-word-lists
-rwxr-xr-x 1 root root 3531 2020-05-26 20:06 ./extra/source/aspell-word-lists/aspell-dict.SlackBuild -rwxr-xr-x 1 root root 3531 2020-05-26 20:06 ./extra/source/aspell-word-lists/aspell-dict.SlackBuild
@ -624,12 +624,12 @@ drwxr-xr-x 2 root root 4096 2023-08-07 18:40 ./extra/source/php80
-rw-r--r-- 1 root root 806 2023-03-11 19:34 ./extra/source/php80/php.ini-development.diff.gz -rw-r--r-- 1 root root 806 2023-03-11 19:34 ./extra/source/php80/php.ini-development.diff.gz
-rwxr-xr-x 1 root root 10642 2023-08-07 18:40 ./extra/source/php80/php80.SlackBuild -rwxr-xr-x 1 root root 10642 2023-08-07 18:40 ./extra/source/php80/php80.SlackBuild
-rw-r--r-- 1 root root 822 2021-12-03 05:20 ./extra/source/php80/slack-desc -rw-r--r-- 1 root root 822 2021-12-03 05:20 ./extra/source/php80/slack-desc
drwxr-xr-x 2 root root 4096 2023-12-21 19:58 ./extra/source/php81 drwxr-xr-x 2 root root 4096 2024-04-12 17:15 ./extra/source/php81
-rw-r--r-- 1 root root 432 2020-12-21 16:28 ./extra/source/php81/doinst.sh.gz -rw-r--r-- 1 root root 432 2020-12-21 16:28 ./extra/source/php81/doinst.sh.gz
-rwxr-xr-x 1 root root 120 2023-12-21 19:58 ./extra/source/php81/fetch-php.sh -rwxr-xr-x 1 root root 120 2024-04-12 17:14 ./extra/source/php81/fetch-php.sh
-rw-r--r-- 1 root root 1020 2021-02-19 20:43 ./extra/source/php81/mod_php.conf.example -rw-r--r-- 1 root root 1020 2021-02-19 20:43 ./extra/source/php81/mod_php.conf.example
-rw-r--r-- 1 root root 11915228 2023-12-19 20:50 ./extra/source/php81/php-8.1.27.tar.xz -rw-r--r-- 1 root root 11848504 2024-04-10 06:50 ./extra/source/php81/php-8.1.28.tar.xz
-rw-r--r-- 1 root root 833 2023-12-19 20:50 ./extra/source/php81/php-8.1.27.tar.xz.asc -rw-r--r-- 1 root root 833 2024-04-10 06:50 ./extra/source/php81/php-8.1.28.tar.xz.asc
-rw-r--r-- 1 root root 387 2017-11-28 02:08 ./extra/source/php81/php-fpm.conf.diff.gz -rw-r--r-- 1 root root 387 2017-11-28 02:08 ./extra/source/php81/php-fpm.conf.diff.gz
-rw-r--r-- 1 root root 565 2023-04-13 17:54 ./extra/source/php81/php.imap.api.diff.gz -rw-r--r-- 1 root root 565 2023-04-13 17:54 ./extra/source/php81/php.imap.api.diff.gz
-rw-r--r-- 1 root root 806 2023-03-11 19:34 ./extra/source/php81/php.ini-development.diff.gz -rw-r--r-- 1 root root 806 2023-03-11 19:34 ./extra/source/php81/php.ini-development.diff.gz

4
extra/source/php81/fetch-php.sh
View file

@ -1,2 +1,2 @@
lftpget http://us.php.net/distributions/php-8.1.27.tar.xz.asc lftpget http://us.php.net/distributions/php-8.1.28.tar.xz.asc
lftpget http://us.php.net/distributions/php-8.1.27.tar.xz lftpget http://us.php.net/distributions/php-8.1.28.tar.xz