Thu Oct 26 19:55:16 UTC 2023

patches/packages/mozilla-thunderbird-115.4.1-x86_64-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/115.4.1/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/ https://www.cve.org/CVERecord?id=CVE-2023-5721 https://www.cve.org/CVERecord?id=CVE-2023-5732 https://www.cve.org/CVERecord?id=CVE-2023-5724 https://www.cve.org/CVERecord?id=CVE-2023-5725 https://www.cve.org/CVERecord?id=CVE-2023-5726 https://www.cve.org/CVERecord?id=CVE-2023-5727 https://www.cve.org/CVERecord?id=CVE-2023-5728 https://www.cve.org/CVERecord?id=CVE-2023-5730 (* Security fix *) patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txz: Rebuilt. This update fixes security issues: OOB write in XIChangeDeviceProperty/RRChangeOutputProperty. Use-after-free bug in DestroyWindow. For more information, see: https://lists.x.org/archives/xorg-announce/2023-October/003430.html https://www.cve.org/CVERecord?id=CVE-2023-5367 https://www.cve.org/CVERecord?id=CVE-2023-5380 (* Security fix *) patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txz: Rebuilt. This update fixes a security issue: OOB write in XIChangeDeviceProperty/RRChangeOutputProperty. For more information, see: https://lists.x.org/archives/xorg-announce/2023-October/003430.html https://www.cve.org/CVERecord?id=CVE-2023-5367 (* Security fix *)
2025-01-30 08:38:10 +01:00 · 2023-10-26 19:55:16 +00:00 · 2023-10-26 19:55:16 +00:00 · 61c8c898a8
commit 61c8c898a8
parent 6f3fcdc1d3
16 changed files with 416 additions and 63 deletions
--- a/ChangeLog.rss
+++ b/ChangeLog.rss
@ -11,9 +11,52 @@
      <description>Tracking Slackware development in git.</description>
      <language>en-us</language>
      <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
-      <pubDate>Tue, 24 Oct 2023 22:26:20 GMT</pubDate>
+      <pubDate>Thu, 26 Oct 2023 19:55:16 GMT</pubDate>
-      <lastBuildDate>Wed, 25 Oct 2023 11:30:25 GMT</lastBuildDate>
+      <lastBuildDate>Fri, 27 Oct 2023 11:30:27 GMT</lastBuildDate>
      <generator>maintain_current_git.sh v 1.17</generator>
      <item>
         <title>Thu, 26 Oct 2023 19:55:16 GMT</title>
         <pubDate>Thu, 26 Oct 2023 19:55:16 GMT</pubDate>
         <link>https://git.slackware.nl/current/tag/?h=20231026195516</link>
         <guid isPermaLink="false">20231026195516</guid>
         <description>
           <![CDATA[<pre>
 patches/packages/mozilla-thunderbird-115.4.1-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/115.4.1/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/
    https://www.cve.org/CVERecord?id=CVE-2023-5721
    https://www.cve.org/CVERecord?id=CVE-2023-5732
    https://www.cve.org/CVERecord?id=CVE-2023-5724
    https://www.cve.org/CVERecord?id=CVE-2023-5725
    https://www.cve.org/CVERecord?id=CVE-2023-5726
    https://www.cve.org/CVERecord?id=CVE-2023-5727
    https://www.cve.org/CVERecord?id=CVE-2023-5728
    https://www.cve.org/CVERecord?id=CVE-2023-5730
  (* Security fix *)
 patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txz:  Rebuilt.
  This update fixes security issues:
  OOB write in XIChangeDeviceProperty/RRChangeOutputProperty.
  Use-after-free bug in DestroyWindow.
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2023-October/003430.html
    https://www.cve.org/CVERecord?id=CVE-2023-5367
    https://www.cve.org/CVERecord?id=CVE-2023-5380
  (* Security fix *)
 patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txz:  Rebuilt.
 patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txz:  Rebuilt.
 patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txz:  Rebuilt.
 patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txz:  Rebuilt.
  This update fixes a security issue:
  OOB write in XIChangeDeviceProperty/RRChangeOutputProperty.
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2023-October/003430.html
    https://www.cve.org/CVERecord?id=CVE-2023-5367
  (* Security fix *)
           </pre>]]>
         </description>
      </item>
      <item>
         <title>Tue, 24 Oct 2023 22:26:20 GMT</title>
         <pubDate>Tue, 24 Oct 2023 22:26:20 GMT</pubDate>
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@ -1,3 +1,38 @@
 Thu Oct 26 19:55:16 UTC 2023
 patches/packages/mozilla-thunderbird-115.4.1-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/115.4.1/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/
    https://www.cve.org/CVERecord?id=CVE-2023-5721
    https://www.cve.org/CVERecord?id=CVE-2023-5732
    https://www.cve.org/CVERecord?id=CVE-2023-5724
    https://www.cve.org/CVERecord?id=CVE-2023-5725
    https://www.cve.org/CVERecord?id=CVE-2023-5726
    https://www.cve.org/CVERecord?id=CVE-2023-5727
    https://www.cve.org/CVERecord?id=CVE-2023-5728
    https://www.cve.org/CVERecord?id=CVE-2023-5730
  (* Security fix *)
 patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txz:  Rebuilt.
  This update fixes security issues:
  OOB write in XIChangeDeviceProperty/RRChangeOutputProperty.
  Use-after-free bug in DestroyWindow.
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2023-October/003430.html
    https://www.cve.org/CVERecord?id=CVE-2023-5367
    https://www.cve.org/CVERecord?id=CVE-2023-5380
  (* Security fix *)
 patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txz:  Rebuilt.
 patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txz:  Rebuilt.
 patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txz:  Rebuilt.
 patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txz:  Rebuilt.
  This update fixes a security issue:
  OOB write in XIChangeDeviceProperty/RRChangeOutputProperty.
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2023-October/003430.html
    https://www.cve.org/CVERecord?id=CVE-2023-5367
  (* Security fix *)
 +--------------------------+
 Tue Oct 24 22:26:20 UTC 2023
 patches/packages/mozilla-firefox-115.4.0esr-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
--- a/FILELIST.TXT
+++ b/FILELIST.TXT
@ -1,20 +1,20 @@
-Tue Oct 24 22:30:36 UTC 2023
+Thu Oct 26 19:59:57 UTC 2023
 Here is the file list for this directory.  If you are using a 
 mirror site and find missing or extra files in the disk 
 subdirectories, please have the archive administrator refresh
 the mirror.
-drwxr-xr-x 12 root root      4096 2023-10-24 22:26 .
+drwxr-xr-x 12 root root      4096 2023-10-26 19:55 .
 -rw-r--r--  1 root root      5767 2022-02-02 22:44 ./ANNOUNCE.15.0
 -rw-r--r--  1 root root     16609 2022-03-30 19:03 ./CHANGES_AND_HINTS.TXT
-rw-r--r--  1 root root   1195123 2023-10-22 19:33 ./CHECKSUMS.md5
+-rw-r--r--  1 root root   1195123 2023-10-24 22:30 ./CHECKSUMS.md5
-rw-r--r--  1 root root       163 2023-10-22 19:33 ./CHECKSUMS.md5.asc
+-rw-r--r--  1 root root       163 2023-10-24 22:30 ./CHECKSUMS.md5.asc
 -rw-r--r--  1 root root     17976 1994-06-10 02:28 ./COPYING
 -rw-r--r--  1 root root     35147 2007-06-30 04:21 ./COPYING3
 -rw-r--r--  1 root root     19573 2016-06-23 20:08 ./COPYRIGHT.TXT
 -rw-r--r--  1 root root       616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT
-rw-r--r--  1 root root   2056133 2023-10-24 22:26 ./ChangeLog.txt
+-rw-r--r--  1 root root   2057937 2023-10-26 19:55 ./ChangeLog.txt
 drwxr-xr-x  3 root root      4096 2013-03-20 22:17 ./EFI
 drwxr-xr-x  2 root root      4096 2022-02-02 08:21 ./EFI/BOOT
 -rw-r--r--  1 root root   1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi
@ -25,7 +25,7 @@ drwxr-xr-x  2 root root      4096 2022-02-02 08:21 ./EFI/BOOT
 -rwxr-xr-x  1 root root      2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh
 -rw-r--r--  1 root root     10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg
 -rw-r--r--  1 root root      1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg
-rw-r--r--  1 root root   1562947 2023-10-22 19:33 ./FILELIST.TXT
+-rw-r--r--  1 root root   1562947 2023-10-24 22:30 ./FILELIST.TXT
 -rw-r--r--  1 root root      1572 2012-08-29 18:27 ./GPG-KEY
 -rw-r--r--  1 root root    864745 2022-02-02 08:25 ./PACKAGES.TXT
 -rw-r--r--  1 root root      8034 2022-02-02 03:36 ./README.TXT
@ -752,13 +752,13 @@ drwxr-xr-x  2 root root      4096 2022-12-17 19:52 ./pasture/source/samba
 -rw-r--r--  1 root root      7921 2018-04-29 17:31 ./pasture/source/samba/smb.conf.default
 -rw-r--r--  1 root root      7933 2018-01-14 20:41 ./pasture/source/samba/smb.conf.default.orig
 -rw-r--r--  1 root root       536 2017-03-23 19:18 ./pasture/source/samba/smb.conf.diff.gz
-drwxr-xr-x  4 root root      4096 2023-10-24 22:30 ./patches
+drwxr-xr-x  4 root root      4096 2023-10-26 19:59 ./patches
-rw-r--r--  1 root root     86255 2023-10-24 22:30 ./patches/CHECKSUMS.md5
+-rw-r--r--  1 root root     86534 2023-10-26 19:59 ./patches/CHECKSUMS.md5
-rw-r--r--  1 root root       163 2023-10-24 22:30 ./patches/CHECKSUMS.md5.asc
+-rw-r--r--  1 root root       163 2023-10-26 19:59 ./patches/CHECKSUMS.md5.asc
-rw-r--r--  1 root root    117784 2023-10-24 22:30 ./patches/FILE_LIST
+-rw-r--r--  1 root root    118114 2023-10-26 19:59 ./patches/FILE_LIST
-rw-r--r--  1 root root  13191172 2023-10-24 22:30 ./patches/MANIFEST.bz2
+-rw-r--r--  1 root root  13195472 2023-10-26 19:59 ./patches/MANIFEST.bz2
-rw-r--r--  1 root root     62618 2023-10-24 22:30 ./patches/PACKAGES.TXT
+-rw-r--r--  1 root root     62618 2023-10-26 19:59 ./patches/PACKAGES.TXT
-drwxr-xr-x  3 root root     24576 2023-10-24 22:30 ./patches/packages
+drwxr-xr-x  3 root root     24576 2023-10-26 19:59 ./patches/packages
 -rw-r--r--  1 root root       360 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txt
 -rw-r--r--  1 root root   2389564 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txz
 -rw-r--r--  1 root root       163 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txz.asc
@ -928,9 +928,9 @@ drwxr-xr-x  2 root root      4096 2023-06-23 18:50 ./patches/packages/linux-5.15
 -rw-r--r--  1 root root       564 2023-01-06 19:37 ./patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txt
 -rw-r--r--  1 root root   1838968 2023-01-06 19:37 ./patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txz
 -rw-r--r--  1 root root       163 2023-01-06 19:37 ./patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txz.asc
-rw-r--r--  1 root root       663 2023-10-24 18:41 ./patches/packages/mozilla-thunderbird-115.4.0-x86_64-1_slack15.0.txt
+-rw-r--r--  1 root root       663 2023-10-26 03:29 ./patches/packages/mozilla-thunderbird-115.4.1-x86_64-1_slack15.0.txt
-rw-r--r--  1 root root  60734184 2023-10-24 18:41 ./patches/packages/mozilla-thunderbird-115.4.0-x86_64-1_slack15.0.txz
+-rw-r--r--  1 root root  60737480 2023-10-26 03:29 ./patches/packages/mozilla-thunderbird-115.4.1-x86_64-1_slack15.0.txz
-rw-r--r--  1 root root       163 2023-10-24 18:41 ./patches/packages/mozilla-thunderbird-115.4.0-x86_64-1_slack15.0.txz.asc
+-rw-r--r--  1 root root       163 2023-10-26 03:29 ./patches/packages/mozilla-thunderbird-115.4.1-x86_64-1_slack15.0.txz.asc
 -rw-r--r--  1 root root       451 2022-07-21 17:53 ./patches/packages/net-snmp-5.9.3-x86_64-1_slack15.0.txt
 -rw-r--r--  1 root root   1598024 2022-07-21 17:53 ./patches/packages/net-snmp-5.9.3-x86_64-1_slack15.0.txz
 -rw-r--r--  1 root root       163 2022-07-21 17:53 ./patches/packages/net-snmp-5.9.3-x86_64-1_slack15.0.txz.asc
@ -1033,21 +1033,21 @@ drwxr-xr-x  2 root root      4096 2023-06-23 18:50 ./patches/packages/linux-5.15
 -rw-r--r--  1 root root       377 2022-11-17 01:47 ./patches/packages/xfce4-settings-4.16.5-x86_64-1_slack15.0.txt
 -rw-r--r--  1 root root    801956 2022-11-17 01:47 ./patches/packages/xfce4-settings-4.16.5-x86_64-1_slack15.0.txz
 -rw-r--r--  1 root root       163 2022-11-17 01:47 ./patches/packages/xfce4-settings-4.16.5-x86_64-1_slack15.0.txz.asc
-rw-r--r--  1 root root       670 2023-03-29 18:44 ./patches/packages/xorg-server-1.20.14-x86_64-8_slack15.0.txt
+-rw-r--r--  1 root root       670 2023-10-25 18:43 ./patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txt
-rw-r--r--  1 root root   1779708 2023-03-29 18:44 ./patches/packages/xorg-server-1.20.14-x86_64-8_slack15.0.txz
+-rw-r--r--  1 root root   1779800 2023-10-25 18:43 ./patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txz
-rw-r--r--  1 root root       163 2023-03-29 18:44 ./patches/packages/xorg-server-1.20.14-x86_64-8_slack15.0.txz.asc
+-rw-r--r--  1 root root       163 2023-10-25 18:43 ./patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txz.asc
-rw-r--r--  1 root root       370 2023-03-29 18:44 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-8_slack15.0.txt
+-rw-r--r--  1 root root       370 2023-10-25 18:43 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txt
-rw-r--r--  1 root root    868684 2023-03-29 18:44 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-8_slack15.0.txz
+-rw-r--r--  1 root root    869132 2023-10-25 18:43 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txz
-rw-r--r--  1 root root       163 2023-03-29 18:44 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-8_slack15.0.txz.asc
+-rw-r--r--  1 root root       163 2023-10-25 18:43 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txz.asc
-rw-r--r--  1 root root       592 2023-03-29 18:44 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-8_slack15.0.txt
+-rw-r--r--  1 root root       592 2023-10-25 18:43 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txt
-rw-r--r--  1 root root    605096 2023-03-29 18:44 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-8_slack15.0.txz
+-rw-r--r--  1 root root    605108 2023-10-25 18:43 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txz
-rw-r--r--  1 root root       163 2023-03-29 18:44 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-8_slack15.0.txz.asc
+-rw-r--r--  1 root root       163 2023-10-25 18:43 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txz.asc
-rw-r--r--  1 root root       689 2023-03-29 18:44 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-8_slack15.0.txt
+-rw-r--r--  1 root root       689 2023-10-25 18:43 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txt
-rw-r--r--  1 root root    731508 2023-03-29 18:44 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-8_slack15.0.txz
+-rw-r--r--  1 root root    731384 2023-10-25 18:43 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txz
-rw-r--r--  1 root root       163 2023-03-29 18:44 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-8_slack15.0.txz.asc
+-rw-r--r--  1 root root       163 2023-10-25 18:43 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txz.asc
-rw-r--r--  1 root root       816 2023-03-29 18:44 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-7_slack15.0.txt
+-rw-r--r--  1 root root       816 2023-10-25 18:37 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txt
-rw-r--r--  1 root root    816820 2023-03-29 18:44 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-7_slack15.0.txz
+-rw-r--r--  1 root root    816792 2023-10-25 18:37 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txz
-rw-r--r--  1 root root       163 2023-03-29 18:44 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-7_slack15.0.txz.asc
+-rw-r--r--  1 root root       163 2023-10-25 18:37 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txz.asc
 -rw-r--r--  1 root root       463 2023-03-05 20:29 ./patches/packages/xscreensaver-6.06-x86_64-1_slack15.0.txt
 -rw-r--r--  1 root root   9161204 2023-03-05 20:29 ./patches/packages/xscreensaver-6.06-x86_64-1_slack15.0.txz
 -rw-r--r--  1 root root       163 2023-03-05 20:29 ./patches/packages/xscreensaver-6.06-x86_64-1_slack15.0.txz.asc
@ -1060,7 +1060,7 @@ drwxr-xr-x  2 root root      4096 2023-06-23 18:50 ./patches/packages/linux-5.15
 -rw-r--r--  1 root root       463 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txt
 -rw-r--r--  1 root root    459652 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz
 -rw-r--r--  1 root root       163 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz.asc
-drwxr-xr-x 93 root root      4096 2023-10-24 22:02 ./patches/source
+drwxr-xr-x 93 root root      4096 2023-10-26 19:04 ./patches/source
 drwxr-xr-x  2 root root      4096 2023-09-26 19:22 ./patches/source/Cython
 -rw-r--r--  1 root root   1623580 2023-07-04 19:24 ./patches/source/Cython/Cython-0.29.36.tar.lz
 -rwxr-xr-x  1 root root      3041 2023-09-26 19:23 ./patches/source/Cython/Cython.SlackBuild
@ -1530,7 +1530,7 @@ drwxr-xr-x  2 root root      4096 2023-01-06 19:30 ./patches/source/mozilla-nss
 -rw-r--r--  1 root root  37770371 2023-01-05 18:00 ./patches/source/mozilla-nss/nss-3.87.tar.lz
 -rw-r--r--  1 root root      2488 2012-04-29 21:05 ./patches/source/mozilla-nss/nss-config.in
 -rw-r--r--  1 root root      1023 2018-02-27 06:12 ./patches/source/mozilla-nss/slack-desc
-drwxr-xr-x  4 root root      4096 2023-10-24 17:43 ./patches/source/mozilla-thunderbird
+drwxr-xr-x  4 root root      4096 2023-10-26 02:43 ./patches/source/mozilla-thunderbird
 drwxr-xr-x  2 root root      4096 2016-07-03 18:05 ./patches/source/mozilla-thunderbird/autoconf
 -rw-r--r--  1 root root      5869 2016-07-03 18:04 ./patches/source/mozilla-thunderbird/autoconf/autoconf-2.13-consolidated_fixes-1.patch.gz
 -rw-r--r--  1 root root    300116 1999-01-15 21:03 ./patches/source/mozilla-thunderbird/autoconf/autoconf-2.13.tar.xz
@ -1555,8 +1555,8 @@ drwxr-xr-x  2 root root      4096 2023-10-24 18:53 ./patches/source/mozilla-thun
 -rw-r--r--  1 root root      3378 2005-03-08 05:13 ./patches/source/mozilla-thunderbird/mozilla-thunderbird.desktop
 -rw-r--r--  1 root root      1130 2018-02-27 06:47 ./patches/source/mozilla-thunderbird/slack-desc
 -rw-r--r--  1 root root       330 2019-08-27 16:35 ./patches/source/mozilla-thunderbird/tb.ui.scrollToClick.diff.gz
-rw-r--r--  1 root root 531269876 2023-10-24 12:39 ./patches/source/mozilla-thunderbird/thunderbird-115.4.0.source.tar.xz
+-rw-r--r--  1 root root 537988108 2023-10-25 17:21 ./patches/source/mozilla-thunderbird/thunderbird-115.4.1.source.tar.xz
-rw-r--r--  1 root root       833 2023-10-24 12:39 ./patches/source/mozilla-thunderbird/thunderbird-115.4.0.source.tar.xz.asc
+-rw-r--r--  1 root root       833 2023-10-25 17:21 ./patches/source/mozilla-thunderbird/thunderbird-115.4.1.source.tar.xz.asc
 drwxr-xr-x  2 root root      4096 2022-07-21 17:44 ./patches/source/net-snmp
 -rw-r--r--  1 root root       356 2021-12-21 18:38 ./patches/source/net-snmp/doinst.sh.gz
 -rw-r--r--  1 root root       607 2018-07-20 09:39 ./patches/source/net-snmp/net-snmp-5.7.2-cert-path.patch.gz
@ -1935,7 +1935,7 @@ drwxr-xr-x  2 root root      4096 2022-11-16 19:13 ./patches/source/xfce4-settin
 -rw-r--r--  1 root root        83 2022-11-09 20:26 ./patches/source/xfce4-settings/xfce4-settings.url
 -rw-r--r--  1 root root       543 2012-07-19 19:32 ./patches/source/xfce4-settings/xfce4-settings.xft.defaults.diff.gz
 drwxr-xr-x 10 root root      4096 2022-07-12 20:19 ./patches/source/xorg-server
-drwxr-xr-x  2 root root      4096 2023-03-29 18:18 ./patches/source/xorg-server-xwayland
+drwxr-xr-x  2 root root      4096 2023-10-25 18:36 ./patches/source/xorg-server-xwayland
 -rw-r--r--  1 root root      1175 2022-07-12 17:02 ./patches/source/xorg-server-xwayland/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch.gz
 -rw-r--r--  1 root root      2243 2022-07-12 17:03 ./patches/source/xorg-server-xwayland/0002-dd8caf39e9e15d8f302e54045dd08d8ebf1025dc.patch.gz
 -rw-r--r--  1 root root      1923 2022-07-12 17:03 ./patches/source/xorg-server-xwayland/0003-6907b6ea2b4ce949cb07271f5b678d5966d9df42.patch.gz
@ -1951,13 +1951,14 @@ drwxr-xr-x  2 root root      4096 2023-03-29 18:18 ./patches/source/xorg-server-
 -rw-r--r--  1 root root      1049 2022-12-14 19:23 ./patches/source/xorg-server-xwayland/CVE-2022-46344.patch.gz
 -rw-r--r--  1 root root       605 2023-02-07 19:33 ./patches/source/xorg-server-xwayland/CVE-2023-0494.patch.gz
 -rw-r--r--  1 root root       792 2023-03-29 18:09 ./patches/source/xorg-server-xwayland/CVE-2023-1393.patch.gz
 -rw-r--r--  1 root root      1127 2023-10-25 18:35 ./patches/source/xorg-server-xwayland/CVE-2023-5367.patch.gz
 -rw-r--r--  1 root root      1287 2021-04-18 18:21 ./patches/source/xorg-server-xwayland/slack-desc
-rwxr-xr-x  1 root root      6481 2023-03-29 18:18 ./patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild
+-rwxr-xr-x  1 root root      6585 2023-10-25 18:37 ./patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild
 -rw-r--r--  1 root root   1261712 2021-12-14 14:01 ./patches/source/xorg-server-xwayland/xwayland-21.1.4.tar.xz
 -rw-r--r--  1 root root        95 2021-12-14 14:01 ./patches/source/xorg-server-xwayland/xwayland-21.1.4.tar.xz.sig
 -rw-r--r--  1 root root       376 2021-01-16 18:58 ./patches/source/xorg-server/arch.use.flags
 drwxr-xr-x  2 root root      4096 2013-04-18 22:42 ./patches/source/xorg-server/build
-rw-r--r--  1 root root        12 2023-03-29 18:14 ./patches/source/xorg-server/build/xorg-server
+-rw-r--r--  1 root root        12 2023-10-25 18:41 ./patches/source/xorg-server/build/xorg-server
 drwxr-xr-x  2 root root      4096 2022-07-12 19:51 ./patches/source/xorg-server/configure
 -rw-r--r--  1 root root      3140 2021-12-26 22:45 ./patches/source/xorg-server/configure/xorg-server
 drwxr-xr-x  2 root root      4096 2013-04-18 22:43 ./patches/source/xorg-server/doinst.sh
@ -1967,8 +1968,8 @@ drwxr-xr-x  2 root root      4096 2022-07-12 19:52 ./patches/source/xorg-server/
 -rw-r--r--  1 root root      1189 2018-05-03 12:16 ./patches/source/xorg-server/noarch
 -rw-r--r--  1 root root       833 2019-12-09 18:56 ./patches/source/xorg-server/package-blacklist
 drwxr-xr-x  3 root root      4096 2023-02-07 20:15 ./patches/source/xorg-server/patch
-drwxr-xr-x  2 root root      4096 2023-03-29 18:15 ./patches/source/xorg-server/patch/xorg-server
+drwxr-xr-x  2 root root      4096 2023-10-25 18:40 ./patches/source/xorg-server/patch/xorg-server
-rw-r--r--  1 root root      4885 2023-03-29 18:15 ./patches/source/xorg-server/patch/xorg-server.patch
+-rw-r--r--  1 root root      5193 2023-10-25 18:41 ./patches/source/xorg-server/patch/xorg-server.patch
 -rw-r--r--  1 root root       623 2018-07-15 18:32 ./patches/source/xorg-server/patch/xorg-server/0001-Always-install-vbe-and-int10-sdk-headers.patch.gz
 -rw-r--r--  1 root root      3846 2018-07-15 18:32 ./patches/source/xorg-server/patch/xorg-server/0001-autobind-GPUs-to-the-screen.patch.gz
 -rw-r--r--  1 root root      1175 2022-07-12 17:02 ./patches/source/xorg-server/patch/xorg-server/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch.gz
@ -1989,6 +1990,8 @@ drwxr-xr-x  2 root root      4096 2023-03-29 18:15 ./patches/source/xorg-server/
 -rw-r--r--  1 root root      1049 2022-12-14 19:23 ./patches/source/xorg-server/patch/xorg-server/CVE-2022-46344.patch.gz
 -rw-r--r--  1 root root       605 2023-02-07 19:33 ./patches/source/xorg-server/patch/xorg-server/CVE-2023-0494.patch.gz
 -rw-r--r--  1 root root       792 2023-03-29 18:09 ./patches/source/xorg-server/patch/xorg-server/CVE-2023-1393.patch.gz
 -rw-r--r--  1 root root      1127 2023-10-25 18:35 ./patches/source/xorg-server/patch/xorg-server/CVE-2023-5367.patch.gz
 -rw-r--r--  1 root root      1534 2023-10-25 18:40 ./patches/source/xorg-server/patch/xorg-server/CVE-2023-5380.patch.gz
 -rw-r--r--  1 root root       298 2018-05-30 05:02 ./patches/source/xorg-server/patch/xorg-server/fix-nouveau-segfault.diff.gz
 -rw-r--r--  1 root root       357 2020-09-11 18:38 ./patches/source/xorg-server/patch/xorg-server/fix-pci-segfault.diff.gz
 -rw-r--r--  1 root root       340 2012-04-14 03:01 ./patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff.gz
@ -2742,10 +2745,10 @@ drwxr-xr-x  2 root root     16384 2022-02-02 08:24 ./slackware64/d
 -rw-r--r--  1 root root   9905788 2021-08-25 18:28 ./slackware64/d/gcc-gfortran-11.2.0-x86_64-2.txz
 -rw-r--r--  1 root root       163 2021-08-25 18:28 ./slackware64/d/gcc-gfortran-11.2.0-x86_64-2.txz.asc
 -rw-r--r--  1 root root       414 2021-08-25 18:28 ./slackware64/d/gcc-gnat-11.2.0-x86_64-2.txt
-rw-r--r--  1 root root  17424960 2021-08-25 18:28 ./slackware64/d/gcc-gnat-11.2.0-x86_64-2.txz
+-rw-r--r-- 1 root root  17424960 2021-08-25 18:28 ./slackware64/d/gcc-gnat-11.2.0-x86_64-2.txz
-rw-r--r--  1 root root       163 2021-08-25 18:28 ./slackware64/d/gcc-gnat-11.2.0-x86_64-2.txz.asc
+-rw-r--r-- 1 root root       163 2021-08-25 18:28 ./slackware64/d/gcc-gnat-11.2.0-x86_64-2.txz.asc
-rw-r--r--  1 root root       572 2021-08-25 18:29 ./slackware64/d/gcc-go-11.2.0-x86_64-2.txt
+-rw-r--r-- 1 root root       572 2021-08-25 18:29 ./slackware64/d/gcc-go-11.2.0-x86_64-2.txt
-rw-r--r--  1 root root  15856348 2021-08-25 18:29 ./slackware64/d/gcc-go-11.2.0-x86_64-2.txz
+-rw-r--r-- 1 root root  15856348 2021-08-25 18:29 ./slackware64/d/gcc-go-11.2.0-x86_64-2.txz
 -rw-r--r-- 1 root root       163 2021-08-25 18:29 ./slackware64/d/gcc-go-11.2.0-x86_64-2.txz.asc
 -rw-r--r-- 1 root root       489 2021-08-25 18:28 ./slackware64/d/gcc-objc-11.2.0-x86_64-2.txt
 -rw-r--r-- 1 root root  11604124 2021-08-25 18:28 ./slackware64/d/gcc-objc-11.2.0-x86_64-2.txz
@ -5475,10 +5478,10 @@ drwxr-xr-x 2 root root     32768 2022-02-01 04:47 ./slackware64/n
 -rw-r--r-- 1 root root       322 2021-06-15 18:38 ./slackware64/n/nfs-utils-2.5.4-x86_64-1.txt
 -rw-r--r-- 1 root root    383188 2021-06-15 18:38 ./slackware64/n/nfs-utils-2.5.4-x86_64-1.txz
 -rw-r--r-- 1 root root       163 2021-06-15 18:38 ./slackware64/n/nfs-utils-2.5.4-x86_64-1.txz.asc
-rw-r--r-- 1 root root       535 2021-11-19 20:47 ./slackware64/n/nftables-1.0.1-x86_64-1.txt
+-rw-r--r--   1 root root      535 2021-11-19 20:47 ./slackware64/n/nftables-1.0.1-x86_64-1.txt
-rw-r--r-- 1 root root    328396 2021-11-19 20:47 ./slackware64/n/nftables-1.0.1-x86_64-1.txz
+-rw-r--r--   1 root root   328396 2021-11-19 20:47 ./slackware64/n/nftables-1.0.1-x86_64-1.txz
-rw-r--r-- 1 root root       163 2021-11-19 20:47 ./slackware64/n/nftables-1.0.1-x86_64-1.txz.asc
+-rw-r--r--   1 root root      163 2021-11-19 20:47 ./slackware64/n/nftables-1.0.1-x86_64-1.txz.asc
-rw-r--r-- 1 root root       297 2021-10-19 16:48 ./slackware64/n/nghttp2-1.46.0-x86_64-1.txt
+-rw-r--r--   1 root root      297 2021-10-19 16:48 ./slackware64/n/nghttp2-1.46.0-x86_64-1.txt
 -rw-r--r--   1 root root   106148 2021-10-19 16:48 ./slackware64/n/nghttp2-1.46.0-x86_64-1.txz
 -rw-r--r--   1 root root      163 2021-10-19 16:48 ./slackware64/n/nghttp2-1.46.0-x86_64-1.txz.asc
 -rw-r--r--   1 root root      649 2021-08-08 18:51 ./slackware64/n/nmap-7.92-x86_64-1.txt
@ -8554,11 +8557,11 @@ drwxr-xr-x   2 root root     4096 2022-01-02 01:00 ./source/ap/usbmuxd
 -rw-r--r--   1 root root      182 2015-04-18 18:30 ./source/ap/usbmuxd/doinst.sh.gz
 -rwxr-xr-x   1 root root     2022 2020-07-09 18:37 ./source/ap/usbmuxd/fetch-usbmuxd.sh
 -rw-r--r--   1 root root      735 2018-02-27 06:13 ./source/ap/usbmuxd/slack-desc
-rw-r--r--   1 root root    53008 2021-09-25 01:29 ./source/ap/usbmuxd/usbmuxd-20210925_e3a3180.tar.xz
+-rw-r--r--   1 root root     53008 2021-09-25 01:29 ./source/ap/usbmuxd/usbmuxd-20210925_e3a3180.tar.xz
-rwxr-xr-x   1 root root     4256 2022-01-02 01:00 ./source/ap/usbmuxd/usbmuxd.SlackBuild
+-rwxr-xr-x   1 root root      4256 2022-01-02 01:00 ./source/ap/usbmuxd/usbmuxd.SlackBuild
-drwxr-xr-x   2 root root     4096 2021-02-13 05:31 ./source/ap/vbetool
+drwxr-xr-x   2 root root      4096 2021-02-13 05:31 ./source/ap/vbetool
-rw-r--r--   1 root root      830 2018-02-27 06:12 ./source/ap/vbetool/slack-desc
+-rw-r--r--   1 root root       830 2018-02-27 06:12 ./source/ap/vbetool/slack-desc
-rw-r--r--   1 root root    24915 2015-12-20 20:37 ./source/ap/vbetool/vbetool-1.2.2.tar.gz
+-rw-r--r--   1 root root     24915 2015-12-20 20:37 ./source/ap/vbetool/vbetool-1.2.2.tar.gz
 -rwxr-xr-x   1 root root      3202 2021-02-13 05:31 ./source/ap/vbetool/vbetool.SlackBuild
 -rw-r--r--   1 root root       129 2008-11-24 18:23 ./source/ap/vbetool/vbetool.info
 drwxr-xr-x   2 root root      4096 2022-01-29 19:09 ./source/ap/vim
@ -15059,11 +15062,11 @@ drwxr-xr-x   2 root root      4096 2009-08-01 05:00 ./source/x/x11/doinst.sh
 -rw-r--r--   1 root root       283 2018-06-05 22:11 ./source/x/x11/doinst.sh/font-cronyx-cyrillic
 -rw-r--r--   1 root root       341 2018-06-05 22:11 ./source/x/x11/doinst.sh/font-cursor-misc
 -rw-r--r--   1 root root       341 2018-06-05 22:11 ./source/x/x11/doinst.sh/font-daewoo-misc
-rw-r--r--   1 root root       341 2018-06-05 22:12 ./source/x/x11/doinst.sh/font-dec-misc
+-rw-r--r--  1 root root       341 2018-06-05 22:12 ./source/x/x11/doinst.sh/font-dec-misc
-rw-r--r--   1 root root       277 2018-06-05 22:12 ./source/x/x11/doinst.sh/font-ibm-type1
+-rw-r--r--  1 root root       277 2018-06-05 22:12 ./source/x/x11/doinst.sh/font-ibm-type1
-rw-r--r--   1 root root       341 2018-06-05 22:12 ./source/x/x11/doinst.sh/font-isas-misc
+-rw-r--r--  1 root root       341 2018-06-05 22:12 ./source/x/x11/doinst.sh/font-isas-misc
-rw-r--r--   1 root root       341 2018-06-05 22:13 ./source/x/x11/doinst.sh/font-jis-misc
+-rw-r--r--  1 root root       341 2018-06-05 22:13 ./source/x/x11/doinst.sh/font-jis-misc
-rw-r--r--   1 root root       341 2018-06-05 22:13 ./source/x/x11/doinst.sh/font-micro-misc
+-rw-r--r--  1 root root       341 2018-06-05 22:13 ./source/x/x11/doinst.sh/font-micro-misc
 -rw-r--r--  1 root root       283 2018-06-05 22:13 ./source/x/x11/doinst.sh/font-misc-cyrillic
 -rw-r--r--  1 root root       365 2018-06-05 22:14 ./source/x/x11/doinst.sh/font-misc-ethiopic
 -rw-r--r--  1 root root       273 2018-06-05 22:14 ./source/x/x11/doinst.sh/font-misc-meltho
--- a/patches/packages/mozilla-thunderbird-115.4.1-x86_64-1_slack15.0.txt
+++ b/patches/packages/mozilla-thunderbird-115.4.1-x86_64-1_slack15.0.txt
--- a/patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txt
+++ b/patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txt
--- a/patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txt
+++ b/patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txt
--- a/patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txt
+++ b/patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txt
--- a/patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txt
+++ b/patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txt
--- a/patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txt
+++ b/patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txt
--- a/patches/source/xorg-server-xwayland/CVE-2023-5367.patch
+++ b/patches/source/xorg-server-xwayland/CVE-2023-5367.patch
@ -0,0 +1,81 @@
 From 541ab2ecd41d4d8689e71855d93e492bc554719a Mon Sep 17 00:00:00 2001
 From: Peter Hutterer <peter.hutterer@who-t.net>
 Date: Tue, 3 Oct 2023 11:53:05 +1000
 Subject: [PATCH] Xi/randr: fix handling of PropModeAppend/Prepend
 The handling of appending/prepending properties was incorrect, with at
 least two bugs: the property length was set to the length of the new
 part only, i.e. appending or prepending N elements to a property with P
 existing elements always resulted in the property having N elements
 instead of N + P.
 Second, when pre-pending a value to a property, the offset for the old
 values was incorrect, leaving the new property with potentially
 uninitalized values and/or resulting in OOB memory writes.
 For example, prepending a 3 element value to a 5 element property would
 result in this 8 value array:
  [N, N, N, ?, ?, P, P, P ] P, P
                            ^OOB write
 The XI2 code is a copy/paste of the RandR code, so the bug exists in
 both.
 CVE-2023-5367, ZDI-CAN-22153
 This vulnerability was discovered by:
 Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
 Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
 ---
 Xi/xiproperty.c    | 4 ++--
 randr/rrproperty.c | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)
 diff --git a/Xi/xiproperty.c b/Xi/xiproperty.c
 index 066ba21fba..d315f04d0e 100644
 --- a/Xi/xiproperty.c
 +++ b/Xi/xiproperty.c
@@ -730,7 +730,7 @@ XIChangeDeviceProperty(DeviceIntPtr dev, Atom property, Atom type,
                 XIDestroyDeviceProperty(prop);
             return BadAlloc;
         }
 -        new_value.size = len;
 +        new_value.size = total_len;
         new_value.type = type;
         new_value.format = format;
@@ -747,7 +747,7 @@ XIChangeDeviceProperty(DeviceIntPtr dev, Atom property, Atom type,
         case PropModePrepend:
             new_data = new_value.data;
             old_data = (void *) (((char *) new_value.data) +
 -                                  (prop_value->size * size_in_bytes));
 +                                  (len * size_in_bytes));
             break;
         }
         if (new_data)
 diff --git a/randr/rrproperty.c b/randr/rrproperty.c
 index c2fb9585c6..25469f57b2 100644
 --- a/randr/rrproperty.c
 +++ b/randr/rrproperty.c
@@ -209,7 +209,7 @@ RRChangeOutputProperty(RROutputPtr output, Atom property, Atom type,
                 RRDestroyOutputProperty(prop);
             return BadAlloc;
         }
 -        new_value.size = len;
 +        new_value.size = total_len;
         new_value.type = type;
         new_value.format = format;
@@ -226,7 +226,7 @@ RRChangeOutputProperty(RROutputPtr output, Atom property, Atom type,
         case PropModePrepend:
             new_data = new_value.data;
             old_data = (void *) (((char *) new_value.data) +
 -                                  (prop_value->size * size_in_bytes));
 +                                  (len * size_in_bytes));
             break;
         }
         if (new_data)
 -- 
 GitLab
--- a/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild
+++ b/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild
@ -1,6 +1,6 @@
 #!/bin/bash
-# Copyright 2016, 2018, 2019  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2016, 2018, 2019, 2023  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd)
 PKGNAM=xorg-server-xwayland
 SRCNAM=xwayland
 VERSION=${VERSION:-$(echo $SRCNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-7_slack15.0}
+BUILD=${BUILD:-8_slack15.0}
 # Default font paths to be used by the X server:
 DEF_FONTPATH="/usr/share/fonts/misc,/usr/share/fonts/local,/usr/share/fonts/TTF,/usr/share/fonts/OTF,/usr/share/fonts/Type1,/usr/share/fonts/CID,/usr/share/fonts/75dpi/:unscaled,/usr/share/fonts/100dpi/:unscaled,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/cyrillic"
@ -110,6 +110,9 @@ zcat $CWD/CVE-2023-1393.patch.gz | patch -p1 --verbose || exit 1
 # This prevents a crash with recent NVIDIA drivers.
 zcat $CWD/857.patch.gz | patch -p1 --verbose || exit 1
 # Patch another security issue:
 zcat $CWD/CVE-2023-5367.patch.gz | patch -p1 --verbose || exit 1
 # Configure, build, and install:
 export CFLAGS="$SLKCFLAGS"
 export CXXFLAGS="$SLKCFLAGS"
--- a/patches/source/xorg-server/build/xorg-server
+++ b/patches/source/xorg-server/build/xorg-server
@ -1 +1 @@
-8_slack15.0
+9_slack15.0
--- a/patches/source/xorg-server/patch/xorg-server.patch
+++ b/patches/source/xorg-server/patch/xorg-server.patch
@ -59,3 +59,8 @@ zcat $CWD/patch/xorg-server/857.patch.gz | patch -p1 --verbose || { touch ${SLAC
 # Patch another security issue:
 zcat $CWD/patch/xorg-server/CVE-2023-1393.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
 # Patch more security issues:
 zcat $CWD/patch/xorg-server/CVE-2023-5367.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
 zcat $CWD/patch/xorg-server/CVE-2023-5380.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
--- a/patches/source/xorg-server/patch/xorg-server/CVE-2023-5367.patch
+++ b/patches/source/xorg-server/patch/xorg-server/CVE-2023-5367.patch
@ -0,0 +1,81 @@
 From 541ab2ecd41d4d8689e71855d93e492bc554719a Mon Sep 17 00:00:00 2001
 From: Peter Hutterer <peter.hutterer@who-t.net>
 Date: Tue, 3 Oct 2023 11:53:05 +1000
 Subject: [PATCH] Xi/randr: fix handling of PropModeAppend/Prepend
 The handling of appending/prepending properties was incorrect, with at
 least two bugs: the property length was set to the length of the new
 part only, i.e. appending or prepending N elements to a property with P
 existing elements always resulted in the property having N elements
 instead of N + P.
 Second, when pre-pending a value to a property, the offset for the old
 values was incorrect, leaving the new property with potentially
 uninitalized values and/or resulting in OOB memory writes.
 For example, prepending a 3 element value to a 5 element property would
 result in this 8 value array:
  [N, N, N, ?, ?, P, P, P ] P, P
                            ^OOB write
 The XI2 code is a copy/paste of the RandR code, so the bug exists in
 both.
 CVE-2023-5367, ZDI-CAN-22153
 This vulnerability was discovered by:
 Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
 Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
 ---
 Xi/xiproperty.c    | 4 ++--
 randr/rrproperty.c | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)
 diff --git a/Xi/xiproperty.c b/Xi/xiproperty.c
 index 066ba21fba..d315f04d0e 100644
 --- a/Xi/xiproperty.c
 +++ b/Xi/xiproperty.c
@@ -730,7 +730,7 @@ XIChangeDeviceProperty(DeviceIntPtr dev, Atom property, Atom type,
                 XIDestroyDeviceProperty(prop);
             return BadAlloc;
         }
 -        new_value.size = len;
 +        new_value.size = total_len;
         new_value.type = type;
         new_value.format = format;
@@ -747,7 +747,7 @@ XIChangeDeviceProperty(DeviceIntPtr dev, Atom property, Atom type,
         case PropModePrepend:
             new_data = new_value.data;
             old_data = (void *) (((char *) new_value.data) +
 -                                  (prop_value->size * size_in_bytes));
 +                                  (len * size_in_bytes));
             break;
         }
         if (new_data)
 diff --git a/randr/rrproperty.c b/randr/rrproperty.c
 index c2fb9585c6..25469f57b2 100644
 --- a/randr/rrproperty.c
 +++ b/randr/rrproperty.c
@@ -209,7 +209,7 @@ RRChangeOutputProperty(RROutputPtr output, Atom property, Atom type,
                 RRDestroyOutputProperty(prop);
             return BadAlloc;
         }
 -        new_value.size = len;
 +        new_value.size = total_len;
         new_value.type = type;
         new_value.format = format;
@@ -226,7 +226,7 @@ RRChangeOutputProperty(RROutputPtr output, Atom property, Atom type,
         case PropModePrepend:
             new_data = new_value.data;
             old_data = (void *) (((char *) new_value.data) +
 -                                  (prop_value->size * size_in_bytes));
 +                                  (len * size_in_bytes));
             break;
         }
         if (new_data)
 -- 
 GitLab
--- a/patches/source/xorg-server/patch/xorg-server/CVE-2023-5380.patch
+++ b/patches/source/xorg-server/patch/xorg-server/CVE-2023-5380.patch
@ -0,0 +1,99 @@
 From 564ccf2ce9616620456102727acb8b0256b7bbd7 Mon Sep 17 00:00:00 2001
 From: Peter Hutterer <peter.hutterer@who-t.net>
 Date: Thu, 5 Oct 2023 12:19:45 +1000
 Subject: [PATCH] mi: reset the PointerWindows reference on screen switch
 PointerWindows[] keeps a reference to the last window our sprite
 entered - changes are usually handled by CheckMotion().
 If we switch between screens via XWarpPointer our
 dev->spriteInfo->sprite->win is set to the new screen's root window.
 If there's another window at the cursor location CheckMotion() will
 trigger the right enter/leave events later. If there is not, it skips
 that process and we never trigger LeaveWindow() - PointerWindows[] for
 the device still refers to the previous window.
 If that window is destroyed we have a dangling reference that will
 eventually cause a use-after-free bug when checking the window hierarchy
 later.
 To trigger this, we require:
 - two protocol screens
 - XWarpPointer to the other screen's root window
 - XDestroyWindow before entering any other window
 This is a niche bug so we hack around it by making sure we reset the
 PointerWindows[] entry so we cannot have a dangling pointer. This
 doesn't handle Enter/Leave events correctly but the previous code didn't
 either.
 CVE-2023-5380, ZDI-CAN-21608
 This vulnerability was discovered by:
 Sri working with Trend Micro Zero Day Initiative
 Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
 Reviewed-by: Adam Jackson <ajax@redhat.com>
 ---
 dix/enterleave.h   |  2 --
 include/eventstr.h |  3 +++
 mi/mipointer.c     | 17 +++++++++++++++--
 3 files changed, 18 insertions(+), 4 deletions(-)
 diff --git a/dix/enterleave.h b/dix/enterleave.h
 index 4b833d8a3b..e8af924c68 100644
 --- a/dix/enterleave.h
 +++ b/dix/enterleave.h
@@ -58,8 +58,6 @@ extern void DeviceFocusEvent(DeviceIntPtr dev,
 extern void EnterWindow(DeviceIntPtr dev, WindowPtr win, int mode);
 -extern void LeaveWindow(DeviceIntPtr dev);
 -
 extern void CoreFocusEvent(DeviceIntPtr kbd,
                            int type, int mode, int detail, WindowPtr pWin);
 diff --git a/include/eventstr.h b/include/eventstr.h
 index 93308f9b24..a9926eaeef 100644
 --- a/include/eventstr.h
 +++ b/include/eventstr.h
@@ -335,4 +335,7 @@ union _InternalEvent {
     GestureEvent gesture_event;
 };
 +extern void
 +LeaveWindow(DeviceIntPtr dev);
 +
 #endif
 diff --git a/mi/mipointer.c b/mi/mipointer.c
 index a638f25d4a..8cf0035140 100644
 --- a/mi/mipointer.c
 +++ b/mi/mipointer.c
@@ -397,8 +397,21 @@ miPointerWarpCursor(DeviceIntPtr pDev, ScreenPtr pScreen, int x, int y)
 #ifdef PANORAMIX
         && noPanoramiXExtension
 #endif
 -        )
 -        UpdateSpriteForScreen(pDev, pScreen);
 +        ) {
 +            DeviceIntPtr master = GetMaster(pDev, MASTER_POINTER);
 +            /* Hack for CVE-2023-5380: if we're moving
 +             * screens PointerWindows[] keeps referring to the
 +             * old window. If that gets destroyed we have a UAF
 +             * bug later. Only happens when jumping from a window
 +             * to the root window on the other screen.
 +             * Enter/Leave events are incorrect for that case but
 +             * too niche to fix.
 +             */
 +            LeaveWindow(pDev);
 +            if (master)
 +                LeaveWindow(master);
 +            UpdateSpriteForScreen(pDev, pScreen);
 +    }
 }
 /**
 -- 
 GitLab
 B
--- a/recompress.sh
+++ b/recompress.sh
@ -1198,6 +1198,7 @@ gzip ./patches/source/xorg-server-xwayland/CVE-2022-46341.patch
 gzip ./patches/source/xorg-server-xwayland/0002-dd8caf39e9e15d8f302e54045dd08d8ebf1025dc.patch
 gzip ./patches/source/xorg-server-xwayland/CVE-2022-3550.patch
 gzip ./patches/source/xorg-server-xwayland/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch
 gzip ./patches/source/xorg-server-xwayland/CVE-2023-5367.patch
 gzip ./patches/source/seamonkey/autoconf/autoconf-2.13-consolidated_fixes-1.patch
 gzip ./patches/source/seamonkey/doinst.sh
 gzip ./patches/source/seamonkey/double_t.x86.diff
@ -1240,6 +1241,7 @@ gzip ./patches/source/sdl/libsdl-1.2.15-resizing.patch
 gzip ./patches/source/emacs/d48bb4874bc6cd3e69c7a15fc3c91cc141025c51.patch
 gzip ./patches/source/emacs/doinst.sh
 gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-46342.patch
 gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2023-5380.patch
 gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-46343.patch
 gzip ./patches/source/xorg-server/patch/xorg-server/xorg-server.combo.mouse.keyboard.layout.patch
 gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-3553.patch
@ -1263,6 +1265,7 @@ gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-3550.patch
 gzip ./patches/source/xorg-server/patch/xorg-server/06_use-intel-only-on-pre-gen4.diff
 gzip ./patches/source/xorg-server/patch/xorg-server/0001-Always-install-vbe-and-int10-sdk-headers.patch
 gzip ./patches/source/xorg-server/patch/xorg-server/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch
 gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2023-5367.patch
 gzip ./patches/source/zstd/zstd.dont.link.pzstd.to.static.libzstd.a.diff
 gzip ./patches/source/ksh93/doinst.sh
 gzip ./patches/source/xscreensaver/setuid.c