From 61c8c898a8436669b6097c597b659179846435fd Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding <volkerdi@slackware.com> Date: Thu, 26 Oct 2023 19:55:16 +0000 Subject: [PATCH] Thu Oct 26 19:55:16 UTC 2023 patches/packages/mozilla-thunderbird-115.4.1-x86_64-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/115.4.1/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/ https://www.cve.org/CVERecord?id=CVE-2023-5721 https://www.cve.org/CVERecord?id=CVE-2023-5732 https://www.cve.org/CVERecord?id=CVE-2023-5724 https://www.cve.org/CVERecord?id=CVE-2023-5725 https://www.cve.org/CVERecord?id=CVE-2023-5726 https://www.cve.org/CVERecord?id=CVE-2023-5727 https://www.cve.org/CVERecord?id=CVE-2023-5728 https://www.cve.org/CVERecord?id=CVE-2023-5730 (* Security fix *) patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txz: Rebuilt. This update fixes security issues: OOB write in XIChangeDeviceProperty/RRChangeOutputProperty. Use-after-free bug in DestroyWindow. For more information, see: https://lists.x.org/archives/xorg-announce/2023-October/003430.html https://www.cve.org/CVERecord?id=CVE-2023-5367 https://www.cve.org/CVERecord?id=CVE-2023-5380 (* Security fix *) patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txz: Rebuilt. This update fixes a security issue: OOB write in XIChangeDeviceProperty/RRChangeOutputProperty. For more information, see: https://lists.x.org/archives/xorg-announce/2023-October/003430.html https://www.cve.org/CVERecord?id=CVE-2023-5367 (* Security fix *) --- ChangeLog.rss | 47 ++++++- ChangeLog.txt | 35 ++++++ FILELIST.TXT | 119 +++++++++--------- ...hunderbird-115.4.1-x86_64-1_slack15.0.txt} | 0 ...org-server-1.20.14-x86_64-9_slack15.0.txt} | 0 ...ver-xephyr-1.20.14-x86_64-9_slack15.0.txt} | 0 ...rver-xnest-1.20.14-x86_64-9_slack15.0.txt} | 0 ...erver-xvfb-1.20.14-x86_64-9_slack15.0.txt} | 0 ...er-xwayland-21.1.4-x86_64-8_slack15.0.txt} | 0 .../xorg-server-xwayland/CVE-2023-5367.patch | 81 ++++++++++++ .../xorg-server-xwayland.SlackBuild | 7 +- patches/source/xorg-server/build/xorg-server | 2 +- .../xorg-server/patch/xorg-server.patch | 5 + .../patch/xorg-server/CVE-2023-5367.patch | 81 ++++++++++++ .../patch/xorg-server/CVE-2023-5380.patch | 99 +++++++++++++++ recompress.sh | 3 + 16 files changed, 416 insertions(+), 63 deletions(-) rename patches/packages/{mozilla-thunderbird-115.4.0-x86_64-1_slack15.0.txt => mozilla-thunderbird-115.4.1-x86_64-1_slack15.0.txt} (100%) rename patches/packages/{xorg-server-1.20.14-x86_64-8_slack15.0.txt => xorg-server-1.20.14-x86_64-9_slack15.0.txt} (100%) rename patches/packages/{xorg-server-xephyr-1.20.14-x86_64-8_slack15.0.txt => xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txt} (100%) rename patches/packages/{xorg-server-xnest-1.20.14-x86_64-8_slack15.0.txt => xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txt} (100%) rename patches/packages/{xorg-server-xvfb-1.20.14-x86_64-8_slack15.0.txt => xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txt} (100%) rename patches/packages/{xorg-server-xwayland-21.1.4-x86_64-7_slack15.0.txt => xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txt} (100%) create mode 100644 patches/source/xorg-server-xwayland/CVE-2023-5367.patch create mode 100644 patches/source/xorg-server/patch/xorg-server/CVE-2023-5367.patch create mode 100644 patches/source/xorg-server/patch/xorg-server/CVE-2023-5380.patch diff --git a/ChangeLog.rss b/ChangeLog.rss index 720911119..5c967e9a0 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,9 +11,52 @@ <description>Tracking Slackware development in git.</description> <language>en-us</language> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> - <pubDate>Tue, 24 Oct 2023 22:26:20 GMT</pubDate> - <lastBuildDate>Wed, 25 Oct 2023 11:30:25 GMT</lastBuildDate> + <pubDate>Thu, 26 Oct 2023 19:55:16 GMT</pubDate> + <lastBuildDate>Fri, 27 Oct 2023 11:30:27 GMT</lastBuildDate> <generator>maintain_current_git.sh v 1.17</generator> + <item> + <title>Thu, 26 Oct 2023 19:55:16 GMT</title> + <pubDate>Thu, 26 Oct 2023 19:55:16 GMT</pubDate> + <link>https://git.slackware.nl/current/tag/?h=20231026195516</link> + <guid isPermaLink="false">20231026195516</guid> + <description> + <![CDATA[<pre> +patches/packages/mozilla-thunderbird-115.4.1-x86_64-1_slack15.0.txz: Upgraded. + This release contains security fixes and improvements. + For more information, see: + https://www.mozilla.org/en-US/thunderbird/115.4.1/releasenotes/ + https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/ + https://www.cve.org/CVERecord?id=CVE-2023-5721 + https://www.cve.org/CVERecord?id=CVE-2023-5732 + https://www.cve.org/CVERecord?id=CVE-2023-5724 + https://www.cve.org/CVERecord?id=CVE-2023-5725 + https://www.cve.org/CVERecord?id=CVE-2023-5726 + https://www.cve.org/CVERecord?id=CVE-2023-5727 + https://www.cve.org/CVERecord?id=CVE-2023-5728 + https://www.cve.org/CVERecord?id=CVE-2023-5730 + (* Security fix *) +patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txz: Rebuilt. + This update fixes security issues: + OOB write in XIChangeDeviceProperty/RRChangeOutputProperty. + Use-after-free bug in DestroyWindow. + For more information, see: + https://lists.x.org/archives/xorg-announce/2023-October/003430.html + https://www.cve.org/CVERecord?id=CVE-2023-5367 + https://www.cve.org/CVERecord?id=CVE-2023-5380 + (* Security fix *) +patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txz: Rebuilt. +patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txz: Rebuilt. +patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txz: Rebuilt. +patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txz: Rebuilt. + This update fixes a security issue: + OOB write in XIChangeDeviceProperty/RRChangeOutputProperty. + For more information, see: + https://lists.x.org/archives/xorg-announce/2023-October/003430.html + https://www.cve.org/CVERecord?id=CVE-2023-5367 + (* Security fix *) + </pre>]]> + </description> + </item> <item> <title>Tue, 24 Oct 2023 22:26:20 GMT</title> <pubDate>Tue, 24 Oct 2023 22:26:20 GMT</pubDate> diff --git a/ChangeLog.txt b/ChangeLog.txt index d896db0fe..bd8e96b7f 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,38 @@ +Thu Oct 26 19:55:16 UTC 2023 +patches/packages/mozilla-thunderbird-115.4.1-x86_64-1_slack15.0.txz: Upgraded. + This release contains security fixes and improvements. + For more information, see: + https://www.mozilla.org/en-US/thunderbird/115.4.1/releasenotes/ + https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/ + https://www.cve.org/CVERecord?id=CVE-2023-5721 + https://www.cve.org/CVERecord?id=CVE-2023-5732 + https://www.cve.org/CVERecord?id=CVE-2023-5724 + https://www.cve.org/CVERecord?id=CVE-2023-5725 + https://www.cve.org/CVERecord?id=CVE-2023-5726 + https://www.cve.org/CVERecord?id=CVE-2023-5727 + https://www.cve.org/CVERecord?id=CVE-2023-5728 + https://www.cve.org/CVERecord?id=CVE-2023-5730 + (* Security fix *) +patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txz: Rebuilt. + This update fixes security issues: + OOB write in XIChangeDeviceProperty/RRChangeOutputProperty. + Use-after-free bug in DestroyWindow. + For more information, see: + https://lists.x.org/archives/xorg-announce/2023-October/003430.html + https://www.cve.org/CVERecord?id=CVE-2023-5367 + https://www.cve.org/CVERecord?id=CVE-2023-5380 + (* Security fix *) +patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txz: Rebuilt. +patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txz: Rebuilt. +patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txz: Rebuilt. +patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txz: Rebuilt. + This update fixes a security issue: + OOB write in XIChangeDeviceProperty/RRChangeOutputProperty. + For more information, see: + https://lists.x.org/archives/xorg-announce/2023-October/003430.html + https://www.cve.org/CVERecord?id=CVE-2023-5367 + (* Security fix *) ++--------------------------+ Tue Oct 24 22:26:20 UTC 2023 patches/packages/mozilla-firefox-115.4.0esr-x86_64-1_slack15.0.txz: Upgraded. This update contains security fixes and improvements. diff --git a/FILELIST.TXT b/FILELIST.TXT index a54bee96e..32ff8d622 100644 --- a/FILELIST.TXT +++ b/FILELIST.TXT @@ -1,20 +1,20 @@ -Tue Oct 24 22:30:36 UTC 2023 +Thu Oct 26 19:59:57 UTC 2023 Here is the file list for this directory. If you are using a mirror site and find missing or extra files in the disk subdirectories, please have the archive administrator refresh the mirror. -drwxr-xr-x 12 root root 4096 2023-10-24 22:26 . +drwxr-xr-x 12 root root 4096 2023-10-26 19:55 . -rw-r--r-- 1 root root 5767 2022-02-02 22:44 ./ANNOUNCE.15.0 -rw-r--r-- 1 root root 16609 2022-03-30 19:03 ./CHANGES_AND_HINTS.TXT --rw-r--r-- 1 root root 1195123 2023-10-22 19:33 ./CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2023-10-22 19:33 ./CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 1195123 2023-10-24 22:30 ./CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2023-10-24 22:30 ./CHECKSUMS.md5.asc -rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING -rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3 -rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT -rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT --rw-r--r-- 1 root root 2056133 2023-10-24 22:26 ./ChangeLog.txt +-rw-r--r-- 1 root root 2057937 2023-10-26 19:55 ./ChangeLog.txt drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT -rw-r--r-- 1 root root 1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi @@ -25,7 +25,7 @@ drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT -rwxr-xr-x 1 root root 2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh -rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg -rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg --rw-r--r-- 1 root root 1562947 2023-10-22 19:33 ./FILELIST.TXT +-rw-r--r-- 1 root root 1562947 2023-10-24 22:30 ./FILELIST.TXT -rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY -rw-r--r-- 1 root root 864745 2022-02-02 08:25 ./PACKAGES.TXT -rw-r--r-- 1 root root 8034 2022-02-02 03:36 ./README.TXT @@ -752,13 +752,13 @@ drwxr-xr-x 2 root root 4096 2022-12-17 19:52 ./pasture/source/samba -rw-r--r-- 1 root root 7921 2018-04-29 17:31 ./pasture/source/samba/smb.conf.default -rw-r--r-- 1 root root 7933 2018-01-14 20:41 ./pasture/source/samba/smb.conf.default.orig -rw-r--r-- 1 root root 536 2017-03-23 19:18 ./pasture/source/samba/smb.conf.diff.gz -drwxr-xr-x 4 root root 4096 2023-10-24 22:30 ./patches --rw-r--r-- 1 root root 86255 2023-10-24 22:30 ./patches/CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2023-10-24 22:30 ./patches/CHECKSUMS.md5.asc --rw-r--r-- 1 root root 117784 2023-10-24 22:30 ./patches/FILE_LIST --rw-r--r-- 1 root root 13191172 2023-10-24 22:30 ./patches/MANIFEST.bz2 --rw-r--r-- 1 root root 62618 2023-10-24 22:30 ./patches/PACKAGES.TXT -drwxr-xr-x 3 root root 24576 2023-10-24 22:30 ./patches/packages +drwxr-xr-x 4 root root 4096 2023-10-26 19:59 ./patches +-rw-r--r-- 1 root root 86534 2023-10-26 19:59 ./patches/CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2023-10-26 19:59 ./patches/CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 118114 2023-10-26 19:59 ./patches/FILE_LIST +-rw-r--r-- 1 root root 13195472 2023-10-26 19:59 ./patches/MANIFEST.bz2 +-rw-r--r-- 1 root root 62618 2023-10-26 19:59 ./patches/PACKAGES.TXT +drwxr-xr-x 3 root root 24576 2023-10-26 19:59 ./patches/packages -rw-r--r-- 1 root root 360 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 2389564 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txz.asc @@ -928,9 +928,9 @@ drwxr-xr-x 2 root root 4096 2023-06-23 18:50 ./patches/packages/linux-5.15 -rw-r--r-- 1 root root 564 2023-01-06 19:37 ./patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 1838968 2023-01-06 19:37 ./patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2023-01-06 19:37 ./patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txz.asc --rw-r--r-- 1 root root 663 2023-10-24 18:41 ./patches/packages/mozilla-thunderbird-115.4.0-x86_64-1_slack15.0.txt --rw-r--r-- 1 root root 60734184 2023-10-24 18:41 ./patches/packages/mozilla-thunderbird-115.4.0-x86_64-1_slack15.0.txz --rw-r--r-- 1 root root 163 2023-10-24 18:41 ./patches/packages/mozilla-thunderbird-115.4.0-x86_64-1_slack15.0.txz.asc +-rw-r--r-- 1 root root 663 2023-10-26 03:29 ./patches/packages/mozilla-thunderbird-115.4.1-x86_64-1_slack15.0.txt +-rw-r--r-- 1 root root 60737480 2023-10-26 03:29 ./patches/packages/mozilla-thunderbird-115.4.1-x86_64-1_slack15.0.txz +-rw-r--r-- 1 root root 163 2023-10-26 03:29 ./patches/packages/mozilla-thunderbird-115.4.1-x86_64-1_slack15.0.txz.asc -rw-r--r-- 1 root root 451 2022-07-21 17:53 ./patches/packages/net-snmp-5.9.3-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 1598024 2022-07-21 17:53 ./patches/packages/net-snmp-5.9.3-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2022-07-21 17:53 ./patches/packages/net-snmp-5.9.3-x86_64-1_slack15.0.txz.asc @@ -1033,21 +1033,21 @@ drwxr-xr-x 2 root root 4096 2023-06-23 18:50 ./patches/packages/linux-5.15 -rw-r--r-- 1 root root 377 2022-11-17 01:47 ./patches/packages/xfce4-settings-4.16.5-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 801956 2022-11-17 01:47 ./patches/packages/xfce4-settings-4.16.5-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2022-11-17 01:47 ./patches/packages/xfce4-settings-4.16.5-x86_64-1_slack15.0.txz.asc --rw-r--r-- 1 root root 670 2023-03-29 18:44 ./patches/packages/xorg-server-1.20.14-x86_64-8_slack15.0.txt --rw-r--r-- 1 root root 1779708 2023-03-29 18:44 ./patches/packages/xorg-server-1.20.14-x86_64-8_slack15.0.txz --rw-r--r-- 1 root root 163 2023-03-29 18:44 ./patches/packages/xorg-server-1.20.14-x86_64-8_slack15.0.txz.asc --rw-r--r-- 1 root root 370 2023-03-29 18:44 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-8_slack15.0.txt --rw-r--r-- 1 root root 868684 2023-03-29 18:44 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-8_slack15.0.txz --rw-r--r-- 1 root root 163 2023-03-29 18:44 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-8_slack15.0.txz.asc --rw-r--r-- 1 root root 592 2023-03-29 18:44 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-8_slack15.0.txt --rw-r--r-- 1 root root 605096 2023-03-29 18:44 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-8_slack15.0.txz --rw-r--r-- 1 root root 163 2023-03-29 18:44 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-8_slack15.0.txz.asc --rw-r--r-- 1 root root 689 2023-03-29 18:44 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-8_slack15.0.txt --rw-r--r-- 1 root root 731508 2023-03-29 18:44 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-8_slack15.0.txz --rw-r--r-- 1 root root 163 2023-03-29 18:44 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-8_slack15.0.txz.asc --rw-r--r-- 1 root root 816 2023-03-29 18:44 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-7_slack15.0.txt --rw-r--r-- 1 root root 816820 2023-03-29 18:44 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-7_slack15.0.txz --rw-r--r-- 1 root root 163 2023-03-29 18:44 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-7_slack15.0.txz.asc +-rw-r--r-- 1 root root 670 2023-10-25 18:43 ./patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txt +-rw-r--r-- 1 root root 1779800 2023-10-25 18:43 ./patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txz +-rw-r--r-- 1 root root 163 2023-10-25 18:43 ./patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txz.asc +-rw-r--r-- 1 root root 370 2023-10-25 18:43 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txt +-rw-r--r-- 1 root root 869132 2023-10-25 18:43 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txz +-rw-r--r-- 1 root root 163 2023-10-25 18:43 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txz.asc +-rw-r--r-- 1 root root 592 2023-10-25 18:43 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txt +-rw-r--r-- 1 root root 605108 2023-10-25 18:43 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txz +-rw-r--r-- 1 root root 163 2023-10-25 18:43 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txz.asc +-rw-r--r-- 1 root root 689 2023-10-25 18:43 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txt +-rw-r--r-- 1 root root 731384 2023-10-25 18:43 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txz +-rw-r--r-- 1 root root 163 2023-10-25 18:43 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txz.asc +-rw-r--r-- 1 root root 816 2023-10-25 18:37 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txt +-rw-r--r-- 1 root root 816792 2023-10-25 18:37 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txz +-rw-r--r-- 1 root root 163 2023-10-25 18:37 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txz.asc -rw-r--r-- 1 root root 463 2023-03-05 20:29 ./patches/packages/xscreensaver-6.06-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 9161204 2023-03-05 20:29 ./patches/packages/xscreensaver-6.06-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2023-03-05 20:29 ./patches/packages/xscreensaver-6.06-x86_64-1_slack15.0.txz.asc @@ -1060,7 +1060,7 @@ drwxr-xr-x 2 root root 4096 2023-06-23 18:50 ./patches/packages/linux-5.15 -rw-r--r-- 1 root root 463 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 459652 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz.asc -drwxr-xr-x 93 root root 4096 2023-10-24 22:02 ./patches/source +drwxr-xr-x 93 root root 4096 2023-10-26 19:04 ./patches/source drwxr-xr-x 2 root root 4096 2023-09-26 19:22 ./patches/source/Cython -rw-r--r-- 1 root root 1623580 2023-07-04 19:24 ./patches/source/Cython/Cython-0.29.36.tar.lz -rwxr-xr-x 1 root root 3041 2023-09-26 19:23 ./patches/source/Cython/Cython.SlackBuild @@ -1530,7 +1530,7 @@ drwxr-xr-x 2 root root 4096 2023-01-06 19:30 ./patches/source/mozilla-nss -rw-r--r-- 1 root root 37770371 2023-01-05 18:00 ./patches/source/mozilla-nss/nss-3.87.tar.lz -rw-r--r-- 1 root root 2488 2012-04-29 21:05 ./patches/source/mozilla-nss/nss-config.in -rw-r--r-- 1 root root 1023 2018-02-27 06:12 ./patches/source/mozilla-nss/slack-desc -drwxr-xr-x 4 root root 4096 2023-10-24 17:43 ./patches/source/mozilla-thunderbird +drwxr-xr-x 4 root root 4096 2023-10-26 02:43 ./patches/source/mozilla-thunderbird drwxr-xr-x 2 root root 4096 2016-07-03 18:05 ./patches/source/mozilla-thunderbird/autoconf -rw-r--r-- 1 root root 5869 2016-07-03 18:04 ./patches/source/mozilla-thunderbird/autoconf/autoconf-2.13-consolidated_fixes-1.patch.gz -rw-r--r-- 1 root root 300116 1999-01-15 21:03 ./patches/source/mozilla-thunderbird/autoconf/autoconf-2.13.tar.xz @@ -1555,8 +1555,8 @@ drwxr-xr-x 2 root root 4096 2023-10-24 18:53 ./patches/source/mozilla-thun -rw-r--r-- 1 root root 3378 2005-03-08 05:13 ./patches/source/mozilla-thunderbird/mozilla-thunderbird.desktop -rw-r--r-- 1 root root 1130 2018-02-27 06:47 ./patches/source/mozilla-thunderbird/slack-desc -rw-r--r-- 1 root root 330 2019-08-27 16:35 ./patches/source/mozilla-thunderbird/tb.ui.scrollToClick.diff.gz --rw-r--r-- 1 root root 531269876 2023-10-24 12:39 ./patches/source/mozilla-thunderbird/thunderbird-115.4.0.source.tar.xz --rw-r--r-- 1 root root 833 2023-10-24 12:39 ./patches/source/mozilla-thunderbird/thunderbird-115.4.0.source.tar.xz.asc +-rw-r--r-- 1 root root 537988108 2023-10-25 17:21 ./patches/source/mozilla-thunderbird/thunderbird-115.4.1.source.tar.xz +-rw-r--r-- 1 root root 833 2023-10-25 17:21 ./patches/source/mozilla-thunderbird/thunderbird-115.4.1.source.tar.xz.asc drwxr-xr-x 2 root root 4096 2022-07-21 17:44 ./patches/source/net-snmp -rw-r--r-- 1 root root 356 2021-12-21 18:38 ./patches/source/net-snmp/doinst.sh.gz -rw-r--r-- 1 root root 607 2018-07-20 09:39 ./patches/source/net-snmp/net-snmp-5.7.2-cert-path.patch.gz @@ -1935,7 +1935,7 @@ drwxr-xr-x 2 root root 4096 2022-11-16 19:13 ./patches/source/xfce4-settin -rw-r--r-- 1 root root 83 2022-11-09 20:26 ./patches/source/xfce4-settings/xfce4-settings.url -rw-r--r-- 1 root root 543 2012-07-19 19:32 ./patches/source/xfce4-settings/xfce4-settings.xft.defaults.diff.gz drwxr-xr-x 10 root root 4096 2022-07-12 20:19 ./patches/source/xorg-server -drwxr-xr-x 2 root root 4096 2023-03-29 18:18 ./patches/source/xorg-server-xwayland +drwxr-xr-x 2 root root 4096 2023-10-25 18:36 ./patches/source/xorg-server-xwayland -rw-r--r-- 1 root root 1175 2022-07-12 17:02 ./patches/source/xorg-server-xwayland/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch.gz -rw-r--r-- 1 root root 2243 2022-07-12 17:03 ./patches/source/xorg-server-xwayland/0002-dd8caf39e9e15d8f302e54045dd08d8ebf1025dc.patch.gz -rw-r--r-- 1 root root 1923 2022-07-12 17:03 ./patches/source/xorg-server-xwayland/0003-6907b6ea2b4ce949cb07271f5b678d5966d9df42.patch.gz @@ -1951,13 +1951,14 @@ drwxr-xr-x 2 root root 4096 2023-03-29 18:18 ./patches/source/xorg-server- -rw-r--r-- 1 root root 1049 2022-12-14 19:23 ./patches/source/xorg-server-xwayland/CVE-2022-46344.patch.gz -rw-r--r-- 1 root root 605 2023-02-07 19:33 ./patches/source/xorg-server-xwayland/CVE-2023-0494.patch.gz -rw-r--r-- 1 root root 792 2023-03-29 18:09 ./patches/source/xorg-server-xwayland/CVE-2023-1393.patch.gz +-rw-r--r-- 1 root root 1127 2023-10-25 18:35 ./patches/source/xorg-server-xwayland/CVE-2023-5367.patch.gz -rw-r--r-- 1 root root 1287 2021-04-18 18:21 ./patches/source/xorg-server-xwayland/slack-desc --rwxr-xr-x 1 root root 6481 2023-03-29 18:18 ./patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild +-rwxr-xr-x 1 root root 6585 2023-10-25 18:37 ./patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild -rw-r--r-- 1 root root 1261712 2021-12-14 14:01 ./patches/source/xorg-server-xwayland/xwayland-21.1.4.tar.xz -rw-r--r-- 1 root root 95 2021-12-14 14:01 ./patches/source/xorg-server-xwayland/xwayland-21.1.4.tar.xz.sig -rw-r--r-- 1 root root 376 2021-01-16 18:58 ./patches/source/xorg-server/arch.use.flags drwxr-xr-x 2 root root 4096 2013-04-18 22:42 ./patches/source/xorg-server/build --rw-r--r-- 1 root root 12 2023-03-29 18:14 ./patches/source/xorg-server/build/xorg-server +-rw-r--r-- 1 root root 12 2023-10-25 18:41 ./patches/source/xorg-server/build/xorg-server drwxr-xr-x 2 root root 4096 2022-07-12 19:51 ./patches/source/xorg-server/configure -rw-r--r-- 1 root root 3140 2021-12-26 22:45 ./patches/source/xorg-server/configure/xorg-server drwxr-xr-x 2 root root 4096 2013-04-18 22:43 ./patches/source/xorg-server/doinst.sh @@ -1967,8 +1968,8 @@ drwxr-xr-x 2 root root 4096 2022-07-12 19:52 ./patches/source/xorg-server/ -rw-r--r-- 1 root root 1189 2018-05-03 12:16 ./patches/source/xorg-server/noarch -rw-r--r-- 1 root root 833 2019-12-09 18:56 ./patches/source/xorg-server/package-blacklist drwxr-xr-x 3 root root 4096 2023-02-07 20:15 ./patches/source/xorg-server/patch -drwxr-xr-x 2 root root 4096 2023-03-29 18:15 ./patches/source/xorg-server/patch/xorg-server --rw-r--r-- 1 root root 4885 2023-03-29 18:15 ./patches/source/xorg-server/patch/xorg-server.patch +drwxr-xr-x 2 root root 4096 2023-10-25 18:40 ./patches/source/xorg-server/patch/xorg-server +-rw-r--r-- 1 root root 5193 2023-10-25 18:41 ./patches/source/xorg-server/patch/xorg-server.patch -rw-r--r-- 1 root root 623 2018-07-15 18:32 ./patches/source/xorg-server/patch/xorg-server/0001-Always-install-vbe-and-int10-sdk-headers.patch.gz -rw-r--r-- 1 root root 3846 2018-07-15 18:32 ./patches/source/xorg-server/patch/xorg-server/0001-autobind-GPUs-to-the-screen.patch.gz -rw-r--r-- 1 root root 1175 2022-07-12 17:02 ./patches/source/xorg-server/patch/xorg-server/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch.gz @@ -1989,6 +1990,8 @@ drwxr-xr-x 2 root root 4096 2023-03-29 18:15 ./patches/source/xorg-server/ -rw-r--r-- 1 root root 1049 2022-12-14 19:23 ./patches/source/xorg-server/patch/xorg-server/CVE-2022-46344.patch.gz -rw-r--r-- 1 root root 605 2023-02-07 19:33 ./patches/source/xorg-server/patch/xorg-server/CVE-2023-0494.patch.gz -rw-r--r-- 1 root root 792 2023-03-29 18:09 ./patches/source/xorg-server/patch/xorg-server/CVE-2023-1393.patch.gz +-rw-r--r-- 1 root root 1127 2023-10-25 18:35 ./patches/source/xorg-server/patch/xorg-server/CVE-2023-5367.patch.gz +-rw-r--r-- 1 root root 1534 2023-10-25 18:40 ./patches/source/xorg-server/patch/xorg-server/CVE-2023-5380.patch.gz -rw-r--r-- 1 root root 298 2018-05-30 05:02 ./patches/source/xorg-server/patch/xorg-server/fix-nouveau-segfault.diff.gz -rw-r--r-- 1 root root 357 2020-09-11 18:38 ./patches/source/xorg-server/patch/xorg-server/fix-pci-segfault.diff.gz -rw-r--r-- 1 root root 340 2012-04-14 03:01 ./patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff.gz @@ -2742,10 +2745,10 @@ drwxr-xr-x 2 root root 16384 2022-02-02 08:24 ./slackware64/d -rw-r--r-- 1 root root 9905788 2021-08-25 18:28 ./slackware64/d/gcc-gfortran-11.2.0-x86_64-2.txz -rw-r--r-- 1 root root 163 2021-08-25 18:28 ./slackware64/d/gcc-gfortran-11.2.0-x86_64-2.txz.asc -rw-r--r-- 1 root root 414 2021-08-25 18:28 ./slackware64/d/gcc-gnat-11.2.0-x86_64-2.txt --rw-r--r-- 1 root root 17424960 2021-08-25 18:28 ./slackware64/d/gcc-gnat-11.2.0-x86_64-2.txz --rw-r--r-- 1 root root 163 2021-08-25 18:28 ./slackware64/d/gcc-gnat-11.2.0-x86_64-2.txz.asc --rw-r--r-- 1 root root 572 2021-08-25 18:29 ./slackware64/d/gcc-go-11.2.0-x86_64-2.txt --rw-r--r-- 1 root root 15856348 2021-08-25 18:29 ./slackware64/d/gcc-go-11.2.0-x86_64-2.txz +-rw-r--r-- 1 root root 17424960 2021-08-25 18:28 ./slackware64/d/gcc-gnat-11.2.0-x86_64-2.txz +-rw-r--r-- 1 root root 163 2021-08-25 18:28 ./slackware64/d/gcc-gnat-11.2.0-x86_64-2.txz.asc +-rw-r--r-- 1 root root 572 2021-08-25 18:29 ./slackware64/d/gcc-go-11.2.0-x86_64-2.txt +-rw-r--r-- 1 root root 15856348 2021-08-25 18:29 ./slackware64/d/gcc-go-11.2.0-x86_64-2.txz -rw-r--r-- 1 root root 163 2021-08-25 18:29 ./slackware64/d/gcc-go-11.2.0-x86_64-2.txz.asc -rw-r--r-- 1 root root 489 2021-08-25 18:28 ./slackware64/d/gcc-objc-11.2.0-x86_64-2.txt -rw-r--r-- 1 root root 11604124 2021-08-25 18:28 ./slackware64/d/gcc-objc-11.2.0-x86_64-2.txz @@ -5475,10 +5478,10 @@ drwxr-xr-x 2 root root 32768 2022-02-01 04:47 ./slackware64/n -rw-r--r-- 1 root root 322 2021-06-15 18:38 ./slackware64/n/nfs-utils-2.5.4-x86_64-1.txt -rw-r--r-- 1 root root 383188 2021-06-15 18:38 ./slackware64/n/nfs-utils-2.5.4-x86_64-1.txz -rw-r--r-- 1 root root 163 2021-06-15 18:38 ./slackware64/n/nfs-utils-2.5.4-x86_64-1.txz.asc --rw-r--r-- 1 root root 535 2021-11-19 20:47 ./slackware64/n/nftables-1.0.1-x86_64-1.txt --rw-r--r-- 1 root root 328396 2021-11-19 20:47 ./slackware64/n/nftables-1.0.1-x86_64-1.txz --rw-r--r-- 1 root root 163 2021-11-19 20:47 ./slackware64/n/nftables-1.0.1-x86_64-1.txz.asc --rw-r--r-- 1 root root 297 2021-10-19 16:48 ./slackware64/n/nghttp2-1.46.0-x86_64-1.txt +-rw-r--r-- 1 root root 535 2021-11-19 20:47 ./slackware64/n/nftables-1.0.1-x86_64-1.txt +-rw-r--r-- 1 root root 328396 2021-11-19 20:47 ./slackware64/n/nftables-1.0.1-x86_64-1.txz +-rw-r--r-- 1 root root 163 2021-11-19 20:47 ./slackware64/n/nftables-1.0.1-x86_64-1.txz.asc +-rw-r--r-- 1 root root 297 2021-10-19 16:48 ./slackware64/n/nghttp2-1.46.0-x86_64-1.txt -rw-r--r-- 1 root root 106148 2021-10-19 16:48 ./slackware64/n/nghttp2-1.46.0-x86_64-1.txz -rw-r--r-- 1 root root 163 2021-10-19 16:48 ./slackware64/n/nghttp2-1.46.0-x86_64-1.txz.asc -rw-r--r-- 1 root root 649 2021-08-08 18:51 ./slackware64/n/nmap-7.92-x86_64-1.txt @@ -8554,11 +8557,11 @@ drwxr-xr-x 2 root root 4096 2022-01-02 01:00 ./source/ap/usbmuxd -rw-r--r-- 1 root root 182 2015-04-18 18:30 ./source/ap/usbmuxd/doinst.sh.gz -rwxr-xr-x 1 root root 2022 2020-07-09 18:37 ./source/ap/usbmuxd/fetch-usbmuxd.sh -rw-r--r-- 1 root root 735 2018-02-27 06:13 ./source/ap/usbmuxd/slack-desc --rw-r--r-- 1 root root 53008 2021-09-25 01:29 ./source/ap/usbmuxd/usbmuxd-20210925_e3a3180.tar.xz --rwxr-xr-x 1 root root 4256 2022-01-02 01:00 ./source/ap/usbmuxd/usbmuxd.SlackBuild -drwxr-xr-x 2 root root 4096 2021-02-13 05:31 ./source/ap/vbetool --rw-r--r-- 1 root root 830 2018-02-27 06:12 ./source/ap/vbetool/slack-desc --rw-r--r-- 1 root root 24915 2015-12-20 20:37 ./source/ap/vbetool/vbetool-1.2.2.tar.gz +-rw-r--r-- 1 root root 53008 2021-09-25 01:29 ./source/ap/usbmuxd/usbmuxd-20210925_e3a3180.tar.xz +-rwxr-xr-x 1 root root 4256 2022-01-02 01:00 ./source/ap/usbmuxd/usbmuxd.SlackBuild +drwxr-xr-x 2 root root 4096 2021-02-13 05:31 ./source/ap/vbetool +-rw-r--r-- 1 root root 830 2018-02-27 06:12 ./source/ap/vbetool/slack-desc +-rw-r--r-- 1 root root 24915 2015-12-20 20:37 ./source/ap/vbetool/vbetool-1.2.2.tar.gz -rwxr-xr-x 1 root root 3202 2021-02-13 05:31 ./source/ap/vbetool/vbetool.SlackBuild -rw-r--r-- 1 root root 129 2008-11-24 18:23 ./source/ap/vbetool/vbetool.info drwxr-xr-x 2 root root 4096 2022-01-29 19:09 ./source/ap/vim @@ -15059,11 +15062,11 @@ drwxr-xr-x 2 root root 4096 2009-08-01 05:00 ./source/x/x11/doinst.sh -rw-r--r-- 1 root root 283 2018-06-05 22:11 ./source/x/x11/doinst.sh/font-cronyx-cyrillic -rw-r--r-- 1 root root 341 2018-06-05 22:11 ./source/x/x11/doinst.sh/font-cursor-misc -rw-r--r-- 1 root root 341 2018-06-05 22:11 ./source/x/x11/doinst.sh/font-daewoo-misc --rw-r--r-- 1 root root 341 2018-06-05 22:12 ./source/x/x11/doinst.sh/font-dec-misc --rw-r--r-- 1 root root 277 2018-06-05 22:12 ./source/x/x11/doinst.sh/font-ibm-type1 --rw-r--r-- 1 root root 341 2018-06-05 22:12 ./source/x/x11/doinst.sh/font-isas-misc --rw-r--r-- 1 root root 341 2018-06-05 22:13 ./source/x/x11/doinst.sh/font-jis-misc --rw-r--r-- 1 root root 341 2018-06-05 22:13 ./source/x/x11/doinst.sh/font-micro-misc +-rw-r--r-- 1 root root 341 2018-06-05 22:12 ./source/x/x11/doinst.sh/font-dec-misc +-rw-r--r-- 1 root root 277 2018-06-05 22:12 ./source/x/x11/doinst.sh/font-ibm-type1 +-rw-r--r-- 1 root root 341 2018-06-05 22:12 ./source/x/x11/doinst.sh/font-isas-misc +-rw-r--r-- 1 root root 341 2018-06-05 22:13 ./source/x/x11/doinst.sh/font-jis-misc +-rw-r--r-- 1 root root 341 2018-06-05 22:13 ./source/x/x11/doinst.sh/font-micro-misc -rw-r--r-- 1 root root 283 2018-06-05 22:13 ./source/x/x11/doinst.sh/font-misc-cyrillic -rw-r--r-- 1 root root 365 2018-06-05 22:14 ./source/x/x11/doinst.sh/font-misc-ethiopic -rw-r--r-- 1 root root 273 2018-06-05 22:14 ./source/x/x11/doinst.sh/font-misc-meltho diff --git a/patches/packages/mozilla-thunderbird-115.4.0-x86_64-1_slack15.0.txt b/patches/packages/mozilla-thunderbird-115.4.1-x86_64-1_slack15.0.txt similarity index 100% rename from patches/packages/mozilla-thunderbird-115.4.0-x86_64-1_slack15.0.txt rename to patches/packages/mozilla-thunderbird-115.4.1-x86_64-1_slack15.0.txt diff --git a/patches/packages/xorg-server-1.20.14-x86_64-8_slack15.0.txt b/patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txt similarity index 100% rename from patches/packages/xorg-server-1.20.14-x86_64-8_slack15.0.txt rename to patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txt diff --git a/patches/packages/xorg-server-xephyr-1.20.14-x86_64-8_slack15.0.txt b/patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txt similarity index 100% rename from patches/packages/xorg-server-xephyr-1.20.14-x86_64-8_slack15.0.txt rename to patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txt diff --git a/patches/packages/xorg-server-xnest-1.20.14-x86_64-8_slack15.0.txt b/patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txt similarity index 100% rename from patches/packages/xorg-server-xnest-1.20.14-x86_64-8_slack15.0.txt rename to patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txt diff --git a/patches/packages/xorg-server-xvfb-1.20.14-x86_64-8_slack15.0.txt b/patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txt similarity index 100% rename from patches/packages/xorg-server-xvfb-1.20.14-x86_64-8_slack15.0.txt rename to patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txt diff --git a/patches/packages/xorg-server-xwayland-21.1.4-x86_64-7_slack15.0.txt b/patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txt similarity index 100% rename from patches/packages/xorg-server-xwayland-21.1.4-x86_64-7_slack15.0.txt rename to patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txt diff --git a/patches/source/xorg-server-xwayland/CVE-2023-5367.patch b/patches/source/xorg-server-xwayland/CVE-2023-5367.patch new file mode 100644 index 000000000..aef25e917 --- /dev/null +++ b/patches/source/xorg-server-xwayland/CVE-2023-5367.patch @@ -0,0 +1,81 @@ +From 541ab2ecd41d4d8689e71855d93e492bc554719a Mon Sep 17 00:00:00 2001 +From: Peter Hutterer <peter.hutterer@who-t.net> +Date: Tue, 3 Oct 2023 11:53:05 +1000 +Subject: [PATCH] Xi/randr: fix handling of PropModeAppend/Prepend + +The handling of appending/prepending properties was incorrect, with at +least two bugs: the property length was set to the length of the new +part only, i.e. appending or prepending N elements to a property with P +existing elements always resulted in the property having N elements +instead of N + P. + +Second, when pre-pending a value to a property, the offset for the old +values was incorrect, leaving the new property with potentially +uninitalized values and/or resulting in OOB memory writes. +For example, prepending a 3 element value to a 5 element property would +result in this 8 value array: + [N, N, N, ?, ?, P, P, P ] P, P + ^OOB write + +The XI2 code is a copy/paste of the RandR code, so the bug exists in +both. + +CVE-2023-5367, ZDI-CAN-22153 + +This vulnerability was discovered by: +Jan-Niklas Sohn working with Trend Micro Zero Day Initiative + +Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> +--- + Xi/xiproperty.c | 4 ++-- + randr/rrproperty.c | 4 ++-- + 2 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/Xi/xiproperty.c b/Xi/xiproperty.c +index 066ba21fba..d315f04d0e 100644 +--- a/Xi/xiproperty.c ++++ b/Xi/xiproperty.c +@@ -730,7 +730,7 @@ XIChangeDeviceProperty(DeviceIntPtr dev, Atom property, Atom type, + XIDestroyDeviceProperty(prop); + return BadAlloc; + } +- new_value.size = len; ++ new_value.size = total_len; + new_value.type = type; + new_value.format = format; + +@@ -747,7 +747,7 @@ XIChangeDeviceProperty(DeviceIntPtr dev, Atom property, Atom type, + case PropModePrepend: + new_data = new_value.data; + old_data = (void *) (((char *) new_value.data) + +- (prop_value->size * size_in_bytes)); ++ (len * size_in_bytes)); + break; + } + if (new_data) +diff --git a/randr/rrproperty.c b/randr/rrproperty.c +index c2fb9585c6..25469f57b2 100644 +--- a/randr/rrproperty.c ++++ b/randr/rrproperty.c +@@ -209,7 +209,7 @@ RRChangeOutputProperty(RROutputPtr output, Atom property, Atom type, + RRDestroyOutputProperty(prop); + return BadAlloc; + } +- new_value.size = len; ++ new_value.size = total_len; + new_value.type = type; + new_value.format = format; + +@@ -226,7 +226,7 @@ RRChangeOutputProperty(RROutputPtr output, Atom property, Atom type, + case PropModePrepend: + new_data = new_value.data; + old_data = (void *) (((char *) new_value.data) + +- (prop_value->size * size_in_bytes)); ++ (len * size_in_bytes)); + break; + } + if (new_data) +-- +GitLab + + diff --git a/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild b/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild index 7d7d88d20..16b56263b 100755 --- a/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild +++ b/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2016, 2018, 2019 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2016, 2018, 2019, 2023 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=xorg-server-xwayland SRCNAM=xwayland VERSION=${VERSION:-$(echo $SRCNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-7_slack15.0} +BUILD=${BUILD:-8_slack15.0} # Default font paths to be used by the X server: DEF_FONTPATH="/usr/share/fonts/misc,/usr/share/fonts/local,/usr/share/fonts/TTF,/usr/share/fonts/OTF,/usr/share/fonts/Type1,/usr/share/fonts/CID,/usr/share/fonts/75dpi/:unscaled,/usr/share/fonts/100dpi/:unscaled,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/cyrillic" @@ -110,6 +110,9 @@ zcat $CWD/CVE-2023-1393.patch.gz | patch -p1 --verbose || exit 1 # This prevents a crash with recent NVIDIA drivers. zcat $CWD/857.patch.gz | patch -p1 --verbose || exit 1 +# Patch another security issue: +zcat $CWD/CVE-2023-5367.patch.gz | patch -p1 --verbose || exit 1 + # Configure, build, and install: export CFLAGS="$SLKCFLAGS" export CXXFLAGS="$SLKCFLAGS" diff --git a/patches/source/xorg-server/build/xorg-server b/patches/source/xorg-server/build/xorg-server index 05965f95a..7970fef66 100644 --- a/patches/source/xorg-server/build/xorg-server +++ b/patches/source/xorg-server/build/xorg-server @@ -1 +1 @@ -8_slack15.0 +9_slack15.0 diff --git a/patches/source/xorg-server/patch/xorg-server.patch b/patches/source/xorg-server/patch/xorg-server.patch index e95f8b86f..a9dc46a2f 100644 --- a/patches/source/xorg-server/patch/xorg-server.patch +++ b/patches/source/xorg-server/patch/xorg-server.patch @@ -59,3 +59,8 @@ zcat $CWD/patch/xorg-server/857.patch.gz | patch -p1 --verbose || { touch ${SLAC # Patch another security issue: zcat $CWD/patch/xorg-server/CVE-2023-1393.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } + +# Patch more security issues: +zcat $CWD/patch/xorg-server/CVE-2023-5367.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/xorg-server/CVE-2023-5380.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } + diff --git a/patches/source/xorg-server/patch/xorg-server/CVE-2023-5367.patch b/patches/source/xorg-server/patch/xorg-server/CVE-2023-5367.patch new file mode 100644 index 000000000..aef25e917 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/CVE-2023-5367.patch @@ -0,0 +1,81 @@ +From 541ab2ecd41d4d8689e71855d93e492bc554719a Mon Sep 17 00:00:00 2001 +From: Peter Hutterer <peter.hutterer@who-t.net> +Date: Tue, 3 Oct 2023 11:53:05 +1000 +Subject: [PATCH] Xi/randr: fix handling of PropModeAppend/Prepend + +The handling of appending/prepending properties was incorrect, with at +least two bugs: the property length was set to the length of the new +part only, i.e. appending or prepending N elements to a property with P +existing elements always resulted in the property having N elements +instead of N + P. + +Second, when pre-pending a value to a property, the offset for the old +values was incorrect, leaving the new property with potentially +uninitalized values and/or resulting in OOB memory writes. +For example, prepending a 3 element value to a 5 element property would +result in this 8 value array: + [N, N, N, ?, ?, P, P, P ] P, P + ^OOB write + +The XI2 code is a copy/paste of the RandR code, so the bug exists in +both. + +CVE-2023-5367, ZDI-CAN-22153 + +This vulnerability was discovered by: +Jan-Niklas Sohn working with Trend Micro Zero Day Initiative + +Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> +--- + Xi/xiproperty.c | 4 ++-- + randr/rrproperty.c | 4 ++-- + 2 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/Xi/xiproperty.c b/Xi/xiproperty.c +index 066ba21fba..d315f04d0e 100644 +--- a/Xi/xiproperty.c ++++ b/Xi/xiproperty.c +@@ -730,7 +730,7 @@ XIChangeDeviceProperty(DeviceIntPtr dev, Atom property, Atom type, + XIDestroyDeviceProperty(prop); + return BadAlloc; + } +- new_value.size = len; ++ new_value.size = total_len; + new_value.type = type; + new_value.format = format; + +@@ -747,7 +747,7 @@ XIChangeDeviceProperty(DeviceIntPtr dev, Atom property, Atom type, + case PropModePrepend: + new_data = new_value.data; + old_data = (void *) (((char *) new_value.data) + +- (prop_value->size * size_in_bytes)); ++ (len * size_in_bytes)); + break; + } + if (new_data) +diff --git a/randr/rrproperty.c b/randr/rrproperty.c +index c2fb9585c6..25469f57b2 100644 +--- a/randr/rrproperty.c ++++ b/randr/rrproperty.c +@@ -209,7 +209,7 @@ RRChangeOutputProperty(RROutputPtr output, Atom property, Atom type, + RRDestroyOutputProperty(prop); + return BadAlloc; + } +- new_value.size = len; ++ new_value.size = total_len; + new_value.type = type; + new_value.format = format; + +@@ -226,7 +226,7 @@ RRChangeOutputProperty(RROutputPtr output, Atom property, Atom type, + case PropModePrepend: + new_data = new_value.data; + old_data = (void *) (((char *) new_value.data) + +- (prop_value->size * size_in_bytes)); ++ (len * size_in_bytes)); + break; + } + if (new_data) +-- +GitLab + + diff --git a/patches/source/xorg-server/patch/xorg-server/CVE-2023-5380.patch b/patches/source/xorg-server/patch/xorg-server/CVE-2023-5380.patch new file mode 100644 index 000000000..a358076dc --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/CVE-2023-5380.patch @@ -0,0 +1,99 @@ +From 564ccf2ce9616620456102727acb8b0256b7bbd7 Mon Sep 17 00:00:00 2001 +From: Peter Hutterer <peter.hutterer@who-t.net> +Date: Thu, 5 Oct 2023 12:19:45 +1000 +Subject: [PATCH] mi: reset the PointerWindows reference on screen switch + +PointerWindows[] keeps a reference to the last window our sprite +entered - changes are usually handled by CheckMotion(). + +If we switch between screens via XWarpPointer our +dev->spriteInfo->sprite->win is set to the new screen's root window. +If there's another window at the cursor location CheckMotion() will +trigger the right enter/leave events later. If there is not, it skips +that process and we never trigger LeaveWindow() - PointerWindows[] for +the device still refers to the previous window. + +If that window is destroyed we have a dangling reference that will +eventually cause a use-after-free bug when checking the window hierarchy +later. + +To trigger this, we require: +- two protocol screens +- XWarpPointer to the other screen's root window +- XDestroyWindow before entering any other window + +This is a niche bug so we hack around it by making sure we reset the +PointerWindows[] entry so we cannot have a dangling pointer. This +doesn't handle Enter/Leave events correctly but the previous code didn't +either. + +CVE-2023-5380, ZDI-CAN-21608 + +This vulnerability was discovered by: +Sri working with Trend Micro Zero Day Initiative + +Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> +Reviewed-by: Adam Jackson <ajax@redhat.com> +--- + dix/enterleave.h | 2 -- + include/eventstr.h | 3 +++ + mi/mipointer.c | 17 +++++++++++++++-- + 3 files changed, 18 insertions(+), 4 deletions(-) + +diff --git a/dix/enterleave.h b/dix/enterleave.h +index 4b833d8a3b..e8af924c68 100644 +--- a/dix/enterleave.h ++++ b/dix/enterleave.h +@@ -58,8 +58,6 @@ extern void DeviceFocusEvent(DeviceIntPtr dev, + + extern void EnterWindow(DeviceIntPtr dev, WindowPtr win, int mode); + +-extern void LeaveWindow(DeviceIntPtr dev); +- + extern void CoreFocusEvent(DeviceIntPtr kbd, + int type, int mode, int detail, WindowPtr pWin); + +diff --git a/include/eventstr.h b/include/eventstr.h +index 93308f9b24..a9926eaeef 100644 +--- a/include/eventstr.h ++++ b/include/eventstr.h +@@ -335,4 +335,7 @@ union _InternalEvent { + GestureEvent gesture_event; + }; + ++extern void ++LeaveWindow(DeviceIntPtr dev); ++ + #endif +diff --git a/mi/mipointer.c b/mi/mipointer.c +index a638f25d4a..8cf0035140 100644 +--- a/mi/mipointer.c ++++ b/mi/mipointer.c +@@ -397,8 +397,21 @@ miPointerWarpCursor(DeviceIntPtr pDev, ScreenPtr pScreen, int x, int y) + #ifdef PANORAMIX + && noPanoramiXExtension + #endif +- ) +- UpdateSpriteForScreen(pDev, pScreen); ++ ) { ++ DeviceIntPtr master = GetMaster(pDev, MASTER_POINTER); ++ /* Hack for CVE-2023-5380: if we're moving ++ * screens PointerWindows[] keeps referring to the ++ * old window. If that gets destroyed we have a UAF ++ * bug later. Only happens when jumping from a window ++ * to the root window on the other screen. ++ * Enter/Leave events are incorrect for that case but ++ * too niche to fix. ++ */ ++ LeaveWindow(pDev); ++ if (master) ++ LeaveWindow(master); ++ UpdateSpriteForScreen(pDev, pScreen); ++ } + } + + /** +-- +GitLab + +B diff --git a/recompress.sh b/recompress.sh index 4ce190d7b..e810e0a25 100755 --- a/recompress.sh +++ b/recompress.sh @@ -1198,6 +1198,7 @@ gzip ./patches/source/xorg-server-xwayland/CVE-2022-46341.patch gzip ./patches/source/xorg-server-xwayland/0002-dd8caf39e9e15d8f302e54045dd08d8ebf1025dc.patch gzip ./patches/source/xorg-server-xwayland/CVE-2022-3550.patch gzip ./patches/source/xorg-server-xwayland/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch +gzip ./patches/source/xorg-server-xwayland/CVE-2023-5367.patch gzip ./patches/source/seamonkey/autoconf/autoconf-2.13-consolidated_fixes-1.patch gzip ./patches/source/seamonkey/doinst.sh gzip ./patches/source/seamonkey/double_t.x86.diff @@ -1240,6 +1241,7 @@ gzip ./patches/source/sdl/libsdl-1.2.15-resizing.patch gzip ./patches/source/emacs/d48bb4874bc6cd3e69c7a15fc3c91cc141025c51.patch gzip ./patches/source/emacs/doinst.sh gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-46342.patch +gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2023-5380.patch gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-46343.patch gzip ./patches/source/xorg-server/patch/xorg-server/xorg-server.combo.mouse.keyboard.layout.patch gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-3553.patch @@ -1263,6 +1265,7 @@ gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-3550.patch gzip ./patches/source/xorg-server/patch/xorg-server/06_use-intel-only-on-pre-gen4.diff gzip ./patches/source/xorg-server/patch/xorg-server/0001-Always-install-vbe-and-int10-sdk-headers.patch gzip ./patches/source/xorg-server/patch/xorg-server/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch +gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2023-5367.patch gzip ./patches/source/zstd/zstd.dont.link.pzstd.to.static.libzstd.a.diff gzip ./patches/source/ksh93/doinst.sh gzip ./patches/source/xscreensaver/setuid.c