Mon Oct 17 19:31:45 UTC 2022

l/libqalculate-4.4.0-x86_64-1.txz: Upgraded. l/netpbm-11.00.01-x86_64-1.txz: Upgraded. x/xorg-server-21.1.4-x86_64-2.txz: Rebuilt. xkb: proof GetCountedString against request length attacks. xkb: fix some possible memleaks in XkbGetKbdByName. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551 (* Security fix *) x/xorg-server-xephyr-21.1.4-x86_64-2.txz: Rebuilt. x/xorg-server-xnest-21.1.4-x86_64-2.txz: Rebuilt. x/xorg-server-xvfb-21.1.4-x86_64-2.txz: Rebuilt. x/xorg-server-xwayland-22.1.3-x86_64-2.txz: Rebuilt. xkb: proof GetCountedString against request length attacks. xkb: fix some possible memleaks in XkbGetKbdByName. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551 (* Security fix *) xap/blueman-2.3.4-x86_64-1.txz: Upgraded.
2024-12-27 09:59:16 +01:00 · 2022-10-17 19:31:45 +00:00 · 2022-10-17 19:31:45 +00:00 · 717971ecd6
commit 717971ecd6
parent 9b906307de
12 changed files with 317 additions and 101 deletions
--- a/ChangeLog.rss
+++ b/ChangeLog.rss
@ -11,9 +11,39 @@
      <description>Tracking Slackware development in git.</description>
      <language>en-us</language>
      <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
-      <pubDate>Mon, 17 Oct 2022 00:42:43 GMT</pubDate>
-      <lastBuildDate>Mon, 17 Oct 2022 05:00:18 GMT</lastBuildDate>
+      <pubDate>Mon, 17 Oct 2022 19:31:45 GMT</pubDate>
+      <lastBuildDate>Tue, 18 Oct 2022 05:00:16 GMT</lastBuildDate>
      <generator>maintain_current_git.sh v 1.17</generator>
+      <item>
+         <title>Mon, 17 Oct 2022 19:31:45 GMT</title>
+         <pubDate>Mon, 17 Oct 2022 19:31:45 GMT</pubDate>
+         <link>https://git.slackware.nl/current/tag/?h=20221017193145</link>
+         <guid isPermaLink="false">20221017193145</guid>
+         <description>
+           <![CDATA[<pre>
+l/libqalculate-4.4.0-x86_64-1.txz:  Upgraded.
+l/netpbm-11.00.01-x86_64-1.txz:  Upgraded.
+x/xorg-server-21.1.4-x86_64-2.txz:  Rebuilt.
+  xkb: proof GetCountedString against request length attacks.
+  xkb: fix some possible memleaks in XkbGetKbdByName.
+  For more information, see:
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551
+  (* Security fix *)
+x/xorg-server-xephyr-21.1.4-x86_64-2.txz:  Rebuilt.
+x/xorg-server-xnest-21.1.4-x86_64-2.txz:  Rebuilt.
+x/xorg-server-xvfb-21.1.4-x86_64-2.txz:  Rebuilt.
+x/xorg-server-xwayland-22.1.3-x86_64-2.txz:  Rebuilt.
+  xkb: proof GetCountedString against request length attacks.
+  xkb: fix some possible memleaks in XkbGetKbdByName.
+  For more information, see:
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551
+  (* Security fix *)
+xap/blueman-2.3.4-x86_64-1.txz:  Upgraded.
+           </pre>]]>
+         </description>
+      </item>
      <item>
         <title>Mon, 17 Oct 2022 00:42:43 GMT</title>
         <pubDate>Mon, 17 Oct 2022 00:42:43 GMT</pubDate>
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@ -1,3 +1,25 @@
+Mon Oct 17 19:31:45 UTC 2022
+l/libqalculate-4.4.0-x86_64-1.txz:  Upgraded.
+l/netpbm-11.00.01-x86_64-1.txz:  Upgraded.
+x/xorg-server-21.1.4-x86_64-2.txz:  Rebuilt.
+  xkb: proof GetCountedString against request length attacks.
+  xkb: fix some possible memleaks in XkbGetKbdByName.
+  For more information, see:
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551
+  (* Security fix *)
+x/xorg-server-xephyr-21.1.4-x86_64-2.txz:  Rebuilt.
+x/xorg-server-xnest-21.1.4-x86_64-2.txz:  Rebuilt.
+x/xorg-server-xvfb-21.1.4-x86_64-2.txz:  Rebuilt.
+x/xorg-server-xwayland-22.1.3-x86_64-2.txz:  Rebuilt.
+  xkb: proof GetCountedString against request length attacks.
+  xkb: fix some possible memleaks in XkbGetKbdByName.
+  For more information, see:
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551
+  (* Security fix *)
+xap/blueman-2.3.4-x86_64-1.txz:  Upgraded.
+--------------------------+
 Mon Oct 17 00:42:43 UTC 2022
 a/gettext-0.21.1-x86_64-1.txz:  Upgraded.
 a/glibc-zoneinfo-2022e-noarch-1.txz:  Upgraded.
--- a/FILELIST.TXT
+++ b/FILELIST.TXT
@ -1,20 +1,20 @@
-Mon Oct 17 00:49:25 UTC 2022
+Mon Oct 17 19:35:44 UTC 2022

 Here is the file list for this directory.  If you are using a 
 mirror site and find missing or extra files in the disk 
 subdirectories, please have the archive administrator refresh
 the mirror.

-drwxr-xr-x 12 root root      4096 2022-10-17 00:42 .
+drwxr-xr-x 12 root root      4096 2022-10-17 19:31 .
 -rw-r--r--  1 root root      5767 2022-02-02 22:44 ./ANNOUNCE.15.0
 -rw-r--r--  1 root root     16617 2022-02-02 23:27 ./CHANGES_AND_HINTS.TXT
-rw-r--r--  1 root root   1104233 2022-10-15 20:36 ./CHECKSUMS.md5
-rw-r--r--  1 root root       163 2022-10-15 20:36 ./CHECKSUMS.md5.asc
+-rw-r--r--  1 root root   1104413 2022-10-17 00:49 ./CHECKSUMS.md5
+-rw-r--r--  1 root root       163 2022-10-17 00:49 ./CHECKSUMS.md5.asc
 -rw-r--r--  1 root root     17976 1994-06-10 02:28 ./COPYING
 -rw-r--r--  1 root root     35147 2007-06-30 04:21 ./COPYING3
 -rw-r--r--  1 root root     19573 2016-06-23 20:08 ./COPYRIGHT.TXT
 -rw-r--r--  1 root root       616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT
-rw-r--r--  1 root root    344731 2022-10-17 00:42 ./ChangeLog.txt
+-rw-r--r--  1 root root    345765 2022-10-17 19:31 ./ChangeLog.txt
 drwxr-xr-x  3 root root      4096 2013-03-20 22:17 ./EFI
 drwxr-xr-x  2 root root      4096 2022-10-15 20:28 ./EFI/BOOT
 -rw-r--r--  1 root root   1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi
@ -25,9 +25,9 @@ drwxr-xr-x  2 root root      4096 2022-10-15 20:28 ./EFI/BOOT
 -rwxr-xr-x  1 root root      2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh
 -rw-r--r--  1 root root     10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg
 -rw-r--r--  1 root root      1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg
-rw-r--r--  1 root root   1438649 2022-10-15 20:36 ./FILELIST.TXT
+-rw-r--r--  1 root root   1438863 2022-10-17 00:49 ./FILELIST.TXT
 -rw-r--r--  1 root root      1572 2012-08-29 18:27 ./GPG-KEY
-rw-r--r--  1 root root    860037 2022-10-17 00:48 ./PACKAGES.TXT
+-rw-r--r--  1 root root    860037 2022-10-17 19:35 ./PACKAGES.TXT
 -rw-r--r--  1 root root      8034 2022-02-02 03:36 ./README.TXT
 -rw-r--r--  1 root root      3635 2022-10-15 20:17 ./README.initrd
 -rw-r--r--  1 root root     34162 2022-01-30 20:35 ./README_CRYPT.TXT
@ -746,11 +746,11 @@ drwxr-xr-x  2 root root      4096 2022-02-03 07:02 ./patches
 -rw-r--r--  1 root root       575 2022-02-03 07:02 ./patches/FILE_LIST
 -rw-r--r--  1 root root        14 2022-02-03 07:02 ./patches/MANIFEST.bz2
 -rw-r--r--  1 root root       224 2022-02-03 07:02 ./patches/PACKAGES.TXT
-drwxr-xr-x 17 root root      4096 2022-10-17 00:49 ./slackware64
-rw-r--r--  1 root root    335594 2022-10-17 00:49 ./slackware64/CHECKSUMS.md5
-rw-r--r--  1 root root       163 2022-10-17 00:49 ./slackware64/CHECKSUMS.md5.asc
-rw-r--r--  1 root root    416291 2022-10-17 00:48 ./slackware64/FILE_LIST
-rw-r--r--  1 root root   4254205 2022-10-17 00:48 ./slackware64/MANIFEST.bz2
+drwxr-xr-x 17 root root      4096 2022-10-17 19:35 ./slackware64
+-rw-r--r--  1 root root    335594 2022-10-17 19:35 ./slackware64/CHECKSUMS.md5
+-rw-r--r--  1 root root       163 2022-10-17 19:35 ./slackware64/CHECKSUMS.md5.asc
+-rw-r--r--  1 root root    416291 2022-10-17 19:34 ./slackware64/FILE_LIST
+-rw-r--r--  1 root root   4252959 2022-10-17 19:34 ./slackware64/MANIFEST.bz2
 lrwxrwxrwx  1 root root        15 2009-08-23 23:34 ./slackware64/PACKAGES.TXT -> ../PACKAGES.TXT
 drwxr-xr-x  2 root root     32768 2022-10-17 00:48 ./slackware64/a
 -rw-r--r--  1 root root       327 2022-02-15 18:16 ./slackware64/a/aaa_base-15.1-x86_64-2.txt
@ -2765,7 +2765,7 @@ drwxr-xr-x  2 root root     86016 2022-10-14 01:46 ./slackware64/kde
 -rw-r--r-- 1 root root      517 2022-10-13 20:46 ./slackware64/kde/zanshin-22.08.2-x86_64-1.txt
 -rw-r--r-- 1 root root   679220 2022-10-13 20:46 ./slackware64/kde/zanshin-22.08.2-x86_64-1.txz
 -rw-r--r-- 1 root root      163 2022-10-13 20:46 ./slackware64/kde/zanshin-22.08.2-x86_64-1.txz.asc
-drwxr-xr-x 2 root root    86016 2022-10-17 00:48 ./slackware64/l
+drwxr-xr-x 2 root root    86016 2022-10-17 19:34 ./slackware64/l
 -rw-r--r-- 1 root root      329 2022-03-06 20:00 ./slackware64/l/GConf-3.2.6-x86_64-8.txt
 -rw-r--r-- 1 root root   928144 2022-03-06 20:00 ./slackware64/l/GConf-3.2.6-x86_64-8.txz
 -rw-r--r-- 1 root root      163 2022-03-06 20:00 ./slackware64/l/GConf-3.2.6-x86_64-8.txz.asc
@ -3395,9 +3395,9 @@ drwxr-xr-x 2 root root    86016 2022-10-17 00:48 ./slackware64/l
 -rw-r--r-- 1 root root      600 2021-02-13 07:10 ./slackware64/l/libpsl-0.21.1-x86_64-4.txt
 -rw-r--r-- 1 root root   144092 2021-02-13 07:10 ./slackware64/l/libpsl-0.21.1-x86_64-4.txz
 -rw-r--r-- 1 root root      163 2021-02-13 07:10 ./slackware64/l/libpsl-0.21.1-x86_64-4.txz.asc
-rw-r--r-- 1 root root      515 2022-08-23 03:15 ./slackware64/l/libqalculate-4.3.0-x86_64-1.txt
-rw-r--r-- 1 root root  2269632 2022-08-23 03:15 ./slackware64/l/libqalculate-4.3.0-x86_64-1.txz
-rw-r--r-- 1 root root      163 2022-08-23 03:15 ./slackware64/l/libqalculate-4.3.0-x86_64-1.txz.asc
+-rw-r--r-- 1 root root      515 2022-10-17 19:11 ./slackware64/l/libqalculate-4.4.0-x86_64-1.txt
+-rw-r--r-- 1 root root  2416620 2022-10-17 19:11 ./slackware64/l/libqalculate-4.4.0-x86_64-1.txz
+-rw-r--r-- 1 root root      163 2022-10-17 19:11 ./slackware64/l/libqalculate-4.4.0-x86_64-1.txz.asc
 -rw-r--r-- 1 root root      350 2021-02-13 07:11 ./slackware64/l/libraw1394-2.1.2-x86_64-4.txt
 -rw-r--r-- 1 root root    70100 2021-02-13 07:11 ./slackware64/l/libraw1394-2.1.2-x86_64-4.txz
 -rw-r--r-- 1 root root      163 2021-02-13 07:11 ./slackware64/l/libraw1394-2.1.2-x86_64-4.txz.asc
@ -3574,9 +3574,9 @@ drwxr-xr-x 2 root root    86016 2022-10-17 00:48 ./slackware64/l
 -rw-r--r-- 1 root root      345 2022-09-11 18:23 ./slackware64/l/neon-0.32.4-x86_64-1.txt
 -rw-r--r-- 1 root root   215092 2022-09-11 18:23 ./slackware64/l/neon-0.32.4-x86_64-1.txz
 -rw-r--r-- 1 root root      163 2022-09-11 18:23 ./slackware64/l/neon-0.32.4-x86_64-1.txz.asc
-rw-r--r-- 1 root root      271 2022-09-29 18:04 ./slackware64/l/netpbm-11.00.00-x86_64-1.txt
-rw-r--r-- 1 root root  2129376 2022-09-29 18:04 ./slackware64/l/netpbm-11.00.00-x86_64-1.txz
-rw-r--r-- 1 root root      163 2022-09-29 18:04 ./slackware64/l/netpbm-11.00.00-x86_64-1.txz.asc
+-rw-r--r-- 1 root root      271 2022-10-17 19:13 ./slackware64/l/netpbm-11.00.01-x86_64-1.txt
+-rw-r--r-- 1 root root  2129684 2022-10-17 19:13 ./slackware64/l/netpbm-11.00.01-x86_64-1.txz
+-rw-r--r-- 1 root root      163 2022-10-17 19:13 ./slackware64/l/netpbm-11.00.01-x86_64-1.txz.asc
 -rw-r--r-- 1 root root      423 2021-11-03 01:01 ./slackware64/l/newt-0.52.21-x86_64-7.txt
 -rw-r--r-- 1 root root   114448 2021-11-03 01:01 ./slackware64/l/newt-0.52.21-x86_64-7.txz
 -rw-r--r-- 1 root root      163 2021-11-03 01:01 ./slackware64/l/newt-0.52.21-x86_64-7.txz.asc
@ -4448,7 +4448,7 @@ drwxr-xr-x 2 root root     4096 2021-11-06 20:26 ./slackware64/tcl
 -rw-r--r-- 1 root root      227 2021-11-06 17:03 ./slackware64/tcl/tk-8.6.12-x86_64-1.txt
 -rw-r--r-- 1 root root  1788908 2021-11-06 17:03 ./slackware64/tcl/tk-8.6.12-x86_64-1.txz
 -rw-r--r-- 1 root root      163 2021-11-06 17:03 ./slackware64/tcl/tk-8.6.12-x86_64-1.txz.asc
-drwxr-xr-x 2 root root    65536 2022-10-15 20:35 ./slackware64/x
+drwxr-xr-x 2 root root    65536 2022-10-17 19:34 ./slackware64/x
 -rw-r--r-- 1 root root      440 2022-06-04 18:16 ./slackware64/x/OpenCC-1.1.4-x86_64-1.txt
 -rw-r--r-- 1 root root   682804 2022-06-04 18:16 ./slackware64/x/OpenCC-1.1.4-x86_64-1.txz
 -rw-r--r-- 1 root root      163 2022-06-04 18:16 ./slackware64/x/OpenCC-1.1.4-x86_64-1.txz.asc
@ -5246,21 +5246,21 @@ drwxr-xr-x 2 root root    65536 2022-10-15 20:35 ./slackware64/x
 -rw-r--r-- 1 root root      345 2022-04-04 18:36 ./slackware64/x/xorg-docs-1.7.2-noarch-1.txt
 -rw-r--r-- 1 root root   332304 2022-04-04 18:36 ./slackware64/x/xorg-docs-1.7.2-noarch-1.txz
 -rw-r--r-- 1 root root      163 2022-04-04 18:36 ./slackware64/x/xorg-docs-1.7.2-noarch-1.txz.asc
-rw-r--r-- 1 root root      670 2022-08-08 21:30 ./slackware64/x/xorg-server-21.1.4-x86_64-1.txt
-rw-r--r-- 1 root root  1523896 2022-08-08 21:30 ./slackware64/x/xorg-server-21.1.4-x86_64-1.txz
-rw-r--r-- 1 root root      163 2022-08-08 21:30 ./slackware64/x/xorg-server-21.1.4-x86_64-1.txz.asc
-rw-r--r-- 1 root root      370 2022-08-08 21:30 ./slackware64/x/xorg-server-xephyr-21.1.4-x86_64-1.txt
-rw-r--r-- 1 root root   883008 2022-08-08 21:30 ./slackware64/x/xorg-server-xephyr-21.1.4-x86_64-1.txz
-rw-r--r-- 1 root root      163 2022-08-08 21:30 ./slackware64/x/xorg-server-xephyr-21.1.4-x86_64-1.txz.asc
-rw-r--r-- 1 root root      592 2022-08-08 21:30 ./slackware64/x/xorg-server-xnest-21.1.4-x86_64-1.txt
-rw-r--r-- 1 root root   611920 2022-08-08 21:30 ./slackware64/x/xorg-server-xnest-21.1.4-x86_64-1.txz
-rw-r--r-- 1 root root      163 2022-08-08 21:30 ./slackware64/x/xorg-server-xnest-21.1.4-x86_64-1.txz.asc
-rw-r--r-- 1 root root      689 2022-08-08 21:30 ./slackware64/x/xorg-server-xvfb-21.1.4-x86_64-1.txt
-rw-r--r-- 1 root root   741532 2022-08-08 21:30 ./slackware64/x/xorg-server-xvfb-21.1.4-x86_64-1.txz
-rw-r--r-- 1 root root      163 2022-08-08 21:30 ./slackware64/x/xorg-server-xvfb-21.1.4-x86_64-1.txz.asc
-rw-r--r-- 1 root root      816 2022-08-08 21:30 ./slackware64/x/xorg-server-xwayland-22.1.3-x86_64-1.txt
-rw-r--r-- 1 root root   843372 2022-08-08 21:30 ./slackware64/x/xorg-server-xwayland-22.1.3-x86_64-1.txz
-rw-r--r-- 1 root root      163 2022-08-08 21:30 ./slackware64/x/xorg-server-xwayland-22.1.3-x86_64-1.txz.asc
+-rw-r--r-- 1 root root      670 2022-10-17 19:00 ./slackware64/x/xorg-server-21.1.4-x86_64-2.txt
+-rw-r--r-- 1 root root  1524460 2022-10-17 19:00 ./slackware64/x/xorg-server-21.1.4-x86_64-2.txz
+-rw-r--r-- 1 root root      163 2022-10-17 19:00 ./slackware64/x/xorg-server-21.1.4-x86_64-2.txz.asc
+-rw-r--r-- 1 root root      370 2022-10-17 19:00 ./slackware64/x/xorg-server-xephyr-21.1.4-x86_64-2.txt
+-rw-r--r-- 1 root root   883244 2022-10-17 19:00 ./slackware64/x/xorg-server-xephyr-21.1.4-x86_64-2.txz
+-rw-r--r-- 1 root root      163 2022-10-17 19:00 ./slackware64/x/xorg-server-xephyr-21.1.4-x86_64-2.txz.asc
+-rw-r--r-- 1 root root      592 2022-10-17 19:00 ./slackware64/x/xorg-server-xnest-21.1.4-x86_64-2.txt
+-rw-r--r-- 1 root root   611964 2022-10-17 19:00 ./slackware64/x/xorg-server-xnest-21.1.4-x86_64-2.txz
+-rw-r--r-- 1 root root      163 2022-10-17 19:00 ./slackware64/x/xorg-server-xnest-21.1.4-x86_64-2.txz.asc
+-rw-r--r-- 1 root root      689 2022-10-17 19:00 ./slackware64/x/xorg-server-xvfb-21.1.4-x86_64-2.txt
+-rw-r--r-- 1 root root   741472 2022-10-17 19:00 ./slackware64/x/xorg-server-xvfb-21.1.4-x86_64-2.txz
+-rw-r--r-- 1 root root      163 2022-10-17 19:00 ./slackware64/x/xorg-server-xvfb-21.1.4-x86_64-2.txz.asc
+-rw-r--r-- 1 root root      816 2022-10-17 19:03 ./slackware64/x/xorg-server-xwayland-22.1.3-x86_64-2.txt
+-rw-r--r-- 1 root root   843656 2022-10-17 19:03 ./slackware64/x/xorg-server-xwayland-22.1.3-x86_64-2.txz
+-rw-r--r-- 1 root root      163 2022-10-17 19:03 ./slackware64/x/xorg-server-xwayland-22.1.3-x86_64-2.txz.asc
 -rw-r--r-- 1 root root      669 2022-04-04 18:36 ./slackware64/x/xorg-sgml-doctools-1.12-x86_64-1.txt
 -rw-r--r-- 1 root root    26576 2022-04-04 18:36 ./slackware64/x/xorg-sgml-doctools-1.12-x86_64-1.txz
 -rw-r--r-- 1 root root      163 2022-04-04 18:36 ./slackware64/x/xorg-sgml-doctools-1.12-x86_64-1.txz.asc
@ -5321,7 +5321,7 @@ drwxr-xr-x 2 root root    65536 2022-10-15 20:35 ./slackware64/x
 -rw-r--r-- 1 root root      213 2022-07-11 18:36 ./slackware64/x/xwud-1.0.6-x86_64-1.txt
 -rw-r--r-- 1 root root    25896 2022-07-11 18:36 ./slackware64/x/xwud-1.0.6-x86_64-1.txz
 -rw-r--r-- 1 root root      163 2022-07-11 18:36 ./slackware64/x/xwud-1.0.6-x86_64-1.txz.asc
-drwxr-xr-x 2 root root    16384 2022-10-14 01:45 ./slackware64/xap
+drwxr-xr-x 2 root root    16384 2022-10-17 19:34 ./slackware64/xap
 -rw-r--r-- 1 root root      625 2022-10-09 18:00 ./slackware64/xap/MPlayer-20221009-x86_64-1.txt
 -rw-r--r-- 1 root root  2750024 2022-10-09 18:00 ./slackware64/xap/MPlayer-20221009-x86_64-1.txz
 -rw-r--r-- 1 root root      163 2022-10-09 18:00 ./slackware64/xap/MPlayer-20221009-x86_64-1.txz.asc
@ -5337,9 +5337,9 @@ drwxr-xr-x 2 root root    16384 2022-10-14 01:45 ./slackware64/xap
 -rw-r--r-- 1 root root      431 2021-08-05 05:16 ./slackware64/xap/blackbox-0.77-x86_64-1.txt
 -rw-r--r-- 1 root root   393060 2021-08-05 05:16 ./slackware64/xap/blackbox-0.77-x86_64-1.txz
 -rw-r--r-- 1 root root      163 2021-08-05 05:16 ./slackware64/xap/blackbox-0.77-x86_64-1.txz.asc
-rw-r--r-- 1 root root      434 2022-08-02 03:24 ./slackware64/xap/blueman-2.3.2-x86_64-1.txt
-rw-r--r-- 1 root root  1240068 2022-08-02 03:24 ./slackware64/xap/blueman-2.3.2-x86_64-1.txz
-rw-r--r-- 1 root root      163 2022-08-02 03:24 ./slackware64/xap/blueman-2.3.2-x86_64-1.txz.asc
+-rw-r--r-- 1 root root      434 2022-10-17 19:06 ./slackware64/xap/blueman-2.3.4-x86_64-1.txt
+-rw-r--r-- 1 root root  1240260 2022-10-17 19:06 ./slackware64/xap/blueman-2.3.4-x86_64-1.txz
+-rw-r--r-- 1 root root      163 2022-10-17 19:06 ./slackware64/xap/blueman-2.3.4-x86_64-1.txz.asc
 -rw-r--r-- 1 root root      429 2021-02-13 13:29 ./slackware64/xap/ddd-3.3.12-x86_64-8.txt
 -rw-r--r-- 1 root root  1370356 2021-02-13 13:29 ./slackware64/xap/ddd-3.3.12-x86_64-8.txz
 -rw-r--r-- 1 root root      163 2021-02-13 13:29 ./slackware64/xap/ddd-3.3.12-x86_64-8.txz.asc
@ -5588,11 +5588,11 @@ drwxr-xr-x   2 root root      4096 2021-02-15 19:33 ./slackware64/y
 -rw-r--r--   1 root root   1486956 2021-02-13 13:56 ./slackware64/y/nethack-3.6.6-x86_64-3.txz
 -rw-r--r--   1 root root       163 2021-02-13 13:56 ./slackware64/y/nethack-3.6.6-x86_64-3.txz.asc
 -rw-r--r--   1 root root        26 2020-12-30 21:55 ./slackware64/y/tagfile
-drwxr-xr-x  18 root root      4096 2022-10-17 00:49 ./source
-rw-r--r--   1 root root    592909 2022-10-17 00:49 ./source/CHECKSUMS.md5
-rw-r--r--   1 root root       163 2022-10-17 00:49 ./source/CHECKSUMS.md5.asc
-rw-r--r--   1 root root    825484 2022-10-17 00:49 ./source/FILE_LIST
-rw-r--r--   1 root root  23725850 2022-10-17 00:49 ./source/MANIFEST.bz2
+drwxr-xr-x  18 root root      4096 2022-10-17 19:35 ./source
+-rw-r--r--   1 root root    593117 2022-10-17 19:35 ./source/CHECKSUMS.md5
+-rw-r--r--   1 root root       163 2022-10-17 19:35 ./source/CHECKSUMS.md5.asc
+-rw-r--r--   1 root root    825659 2022-10-17 19:35 ./source/FILE_LIST
+-rw-r--r--   1 root root  23741756 2022-10-17 19:35 ./source/MANIFEST.bz2
 -rw-r--r--   1 root root       828 2022-02-02 04:43 ./source/README.TXT
 drwxr-xr-x 123 root root      4096 2022-10-07 02:22 ./source/a
 -rw-r--r--   1 root root       234 2022-10-16 18:39 ./source/a/FTBFSlog
@ -10853,8 +10853,8 @@ drwxr-xr-x   2 root root      4096 2022-09-06 18:27 ./source/l/libpsl
 -rw-r--r--   1 root root        37 2018-11-19 20:16 ./source/l/libpsl/libpsl.url
 -rw-r--r--   1 root root     62320 2020-07-18 17:09 ./source/l/libpsl/public_suffix_list.dat.xz
 -rw-r--r--   1 root root      1057 2018-11-20 00:20 ./source/l/libpsl/slack-desc
-drwxr-xr-x   2 root root      4096 2022-09-06 18:27 ./source/l/libqalculate
-rw-r--r--   1 root root   1030772 2022-08-22 11:35 ./source/l/libqalculate/libqalculate-4.3.0.tar.lz
+drwxr-xr-x   2 root root      4096 2022-10-17 19:09 ./source/l/libqalculate
+-rw-r--r--   1 root root   1213378 2022-10-17 11:27 ./source/l/libqalculate/libqalculate-4.4.0.tar.lz
 -rwxr-xr-x   1 root root      4490 2022-09-06 18:27 ./source/l/libqalculate/libqalculate.SlackBuild
 -rw-r--r--   1 root root        42 2020-09-29 03:55 ./source/l/libqalculate/libqalculate.url
 -rw-r--r--   1 root root      1007 2020-11-01 20:04 ./source/l/libqalculate/slack-desc
@ -11171,8 +11171,8 @@ drwxr-xr-x   2 root root      4096 2022-09-11 18:23 ./source/l/neon
 -rwxr-xr-x   1 root root      4451 2021-09-21 02:45 ./source/l/neon/neon.SlackBuild
 -rw-r--r--   1 root root        31 2020-04-18 18:41 ./source/l/neon/neon.url
 -rw-r--r--   1 root root       797 2020-04-18 18:41 ./source/l/neon/slack-desc
-drwxr-xr-x   2 root root      4096 2022-09-29 18:04 ./source/l/netpbm
-rw-r--r--   1 root root   3236079 2022-09-29 18:03 ./source/l/netpbm/netpbm-11.00.00.tar.lz
+drwxr-xr-x   2 root root      4096 2022-10-17 19:12 ./source/l/netpbm
+-rw-r--r--   1 root root   3236100 2022-10-17 19:12 ./source/l/netpbm/netpbm-11.00.01.tar.lz
 -rw-r--r--   1 root root       381 2019-04-17 08:07 ./source/l/netpbm/netpbm-CAN-2005-2471.patch.gz
 -rw-r--r--   1 root root       382 2019-04-17 08:07 ./source/l/netpbm/netpbm-CVE-2017-2587.patch.gz
 -rw-r--r--   1 root root       284 2019-04-17 08:07 ./source/l/netpbm/netpbm-bmptopnm.patch.gz
@ -13823,7 +13823,7 @@ drwxr-xr-x  2 root root     12288 2022-08-27 16:19 ./source/x/x11/build
 -rw-r--r--  1 root root         2 2021-02-13 05:35 ./source/x/x11/build/xmore
 -rw-r--r--  1 root root         2 2021-08-02 18:03 ./source/x/x11/build/xorg-cf-files
 -rw-r--r--  1 root root         2 2022-04-04 18:36 ./source/x/x11/build/xorg-docs
-rw-r--r--  1 root root         2 2022-08-08 19:15 ./source/x/x11/build/xorg-server
+-rw-r--r--  1 root root         2 2022-10-17 18:54 ./source/x/x11/build/xorg-server
 -rw-r--r--  1 root root         2 2022-04-04 18:36 ./source/x/x11/build/xorg-sgml-doctools
 -rw-r--r--  1 root root         2 2021-02-25 19:37 ./source/x/x11/build/xorgproto
 -rw-r--r--  1 root root         2 2022-07-11 18:34 ./source/x/x11/build/xpr
@ -13987,12 +13987,12 @@ drwxr-xr-x  2 root root      4096 2020-06-19 19:44 ./source/x/x11/patch/xinit
 drwxr-xr-x  2 root root      4096 2021-04-20 18:11 ./source/x/x11/patch/xorg-cf-files
 -rw-r--r--  1 root root       144 2021-04-20 18:11 ./source/x/x11/patch/xorg-cf-files.patch
 -rw-r--r--  1 root root       295 2021-04-20 18:11 ./source/x/x11/patch/xorg-cf-files/Imake.tmpl-binutils-ar-2.36.patch.gz
-drwxr-xr-x  3 root root      4096 2022-08-08 19:21 ./source/x/x11/patch/xorg-server
-rw-r--r--  1 root root      1692 2022-08-08 19:20 ./source/x/x11/patch/xorg-server.patch
+drwxr-xr-x  2 root root      4096 2022-10-17 18:58 ./source/x/x11/patch/xorg-server
+-rw-r--r--  1 root root      2205 2022-10-17 18:58 ./source/x/x11/patch/xorg-server.patch
 -rw-r--r--  1 root root       879 2019-02-26 23:17 ./source/x/x11/patch/xorg-server/0001-xfree86-use-modesetting-driver-by-default-on-GeForce.patch.gz
 -rw-r--r--  1 root root       418 2020-12-02 09:50 ./source/x/x11/patch/xorg-server/06_use-intel-only-on-pre-gen4.diff.gz
-drwxr-xr-x  2 root root      4096 2022-08-08 19:18 ./source/x/x11/patch/xorg-server/failed
-rw-r--r--  1 root root       623 2018-07-15 18:32 ./source/x/x11/patch/xorg-server/failed/0001-Always-install-vbe-and-int10-sdk-headers.patch.gz
+-rw-r--r--  1 root root       637 2022-10-17 18:19 ./source/x/x11/patch/xorg-server/CVE-2022-3550.patch.gz
+-rw-r--r--  1 root root       842 2022-10-17 18:21 ./source/x/x11/patch/xorg-server/CVE-2022-3551.patch.gz
 -rw-r--r--  1 root root       298 2018-05-30 05:02 ./source/x/x11/patch/xorg-server/fix-nouveau-segfault.diff.gz
 -rw-r--r--  1 root root       340 2012-04-14 03:01 ./source/x/x11/patch/xorg-server/x11.startwithblackscreen.diff.gz
 -rw-r--r--  1 root root       897 2016-04-14 16:42 ./source/x/x11/patch/xorg-server/xorg-server.combo.mouse.keyboard.layout.patch.gz
@ -14627,9 +14627,11 @@ drwxr-xr-x  2 root root      4096 2021-02-13 05:32 ./source/x/xdg-utils
 -rw-r--r--  1 root root    268718 2018-05-10 15:03 ./source/x/xdg-utils/xdg-utils-1.1.3.tar.lz
 -rwxr-xr-x  1 root root      3117 2021-02-13 05:32 ./source/x/xdg-utils/xdg-utils.SlackBuild
 -rw-r--r--  1 root root        94 2015-10-04 22:28 ./source/x/xdg-utils/xdg-utils.url
-drwxr-xr-x  2 root root      4096 2022-08-08 19:27 ./source/x/xorg-server-xwayland
+drwxr-xr-x  2 root root      4096 2022-10-17 19:02 ./source/x/xorg-server-xwayland
+-rw-r--r--  1 root root       637 2022-10-17 18:19 ./source/x/xorg-server-xwayland/CVE-2022-3550.patch.gz
+-rw-r--r--  1 root root       842 2022-10-17 18:21 ./source/x/xorg-server-xwayland/CVE-2022-3551.patch.gz
 -rw-r--r--  1 root root      1287 2021-04-18 18:21 ./source/x/xorg-server-xwayland/slack-desc
-rwxr-xr-x  1 root root      5115 2022-08-08 19:27 ./source/x/xorg-server-xwayland/xorg-server-xwayland.SlackBuild
+-rwxr-xr-x  1 root root      5276 2022-10-17 19:03 ./source/x/xorg-server-xwayland/xorg-server-xwayland.SlackBuild
 -rw-r--r--  1 root root   1272440 2022-07-12 14:04 ./source/x/xorg-server-xwayland/xwayland-22.1.3.tar.xz
 -rw-r--r--  1 root root        95 2022-07-12 14:04 ./source/x/xorg-server-xwayland/xwayland-22.1.3.tar.xz.sig
 drwxr-xr-x  2 root root      4096 2022-10-13 01:34 ./source/x/xterm
@ -14674,8 +14676,8 @@ drwxr-xr-x  2 root root      4096 2022-10-09 20:10 ./source/xap/blackbox
 -rw-r--r--  1 root root       887 2018-11-07 23:03 ./source/xap/blackbox/slack-desc
 -rw-r--r--  1 root root       221 2012-08-08 17:58 ./source/xap/blackbox/startblackbox.gz
 -rw-r--r--  1 root root       341 2012-08-08 17:58 ./source/xap/blackbox/xinitrc.blackbox.gz
-drwxr-xr-x  2 root root      4096 2022-08-02 03:24 ./source/xap/blueman
-rw-r--r--  1 root root   1207297 2022-08-01 09:23 ./source/xap/blueman/blueman-2.3.2.tar.lz
+drwxr-xr-x  2 root root      4096 2022-10-17 19:06 ./source/xap/blueman
+-rw-r--r--  1 root root   1207702 2022-10-13 22:16 ./source/xap/blueman/blueman-2.3.4.tar.lz
 -rwxr-xr-x  1 root root      4957 2022-02-10 19:14 ./source/xap/blueman/blueman.SlackBuild
 -rw-r--r--  1 root root       361 2020-06-23 19:52 ./source/xap/blueman/blueman.allow.access.to.netdev.group.diff.gz
 -rw-r--r--  1 root root       200 2020-06-23 19:57 ./source/xap/blueman/doinst.sh.gz
@ -15251,8 +15253,8 @@ drwxr-xr-x  3 root root      4096 2021-02-13 05:32 ./source/y/bsd-games
 -rw-r--r--  1 root root       164 2010-05-11 19:26 ./source/y/bsd-games/bsd-games-login-fortune.sh
 -rwxr-xr-x  1 root root      8135 2021-02-13 05:32 ./source/y/bsd-games/bsd-games.SlackBuild
 -rw-r--r--  1 root root     15107 2002-03-10 05:09 ./source/y/bsd-games/fortunes-linuxcookie.tar.gz
-rw-r--r--  1 root root    104848 1993-10-25 00:02 ./source/y/bsd-games/hangman-words.gz
-drwxr-xr-x  2 root root      4096 2019-02-17 22:03 ./source/y/bsd-games/patches
+-rw-r--r-- 1 root root    104848 1993-10-25 00:02 ./source/y/bsd-games/hangman-words.gz
+drwxr-xr-x 2 root root      4096 2019-02-17 22:03 ./source/y/bsd-games/patches
 -rw-r--r-- 1 root root      2159 2019-02-17 21:20 ./source/y/bsd-games/patches/0001-Replace-getline-with-get_line.patch.gz
 -rw-r--r-- 1 root root       336 2019-02-17 21:20 ./source/y/bsd-games/patches/0002-robots-Refresh-screen.patch.gz
 -rw-r--r-- 1 root root      4582 2019-02-17 21:20 ./source/y/bsd-games/patches/0003-quiz-Update-presidents-capitals-fix-typos-in-murders.patch.gz
--- a/recompress.sh
+++ b/recompress.sh
@ -1086,6 +1086,8 @@ gzip ./source/x/xdg-utils/doinst.sh
 gzip ./source/x/ttf-indic-fonts/doinst.sh
 gzip ./source/x/noto-fonts-ttf/doinst.sh
 gzip ./source/x/libinput/libinput.less.lag.complaining.diff
+gzip ./source/x/xorg-server-xwayland/CVE-2022-3551.patch
+gzip ./source/x/xorg-server-xwayland/CVE-2022-3550.patch
 gzip ./source/x/hack-fonts-ttf/doinst.sh
 gzip ./source/x/fcitx5-gtk/doinst.sh
 gzip ./source/x/wqy-zenhei-font-ttf/wqy-zenhei.fix.fontconfig.warning.diff
@ -1148,10 +1150,11 @@ gzip ./source/x/x11/patch/xdm/xdm.arc4random.diff
 gzip ./source/x/x11/patch/pixman/pixman.remove.tests.that.fail.to.compile.diff
 gzip ./source/x/x11/patch/xorg-server/xorg-server.combo.mouse.keyboard.layout.patch
 gzip ./source/x/x11/patch/xorg-server/0001-xfree86-use-modesetting-driver-by-default-on-GeForce.patch
+gzip ./source/x/x11/patch/xorg-server/CVE-2022-3551.patch
 gzip ./source/x/x11/patch/xorg-server/fix-nouveau-segfault.diff
 gzip ./source/x/x11/patch/xorg-server/x11.startwithblackscreen.diff
+gzip ./source/x/x11/patch/xorg-server/CVE-2022-3550.patch
 gzip ./source/x/x11/patch/xorg-server/06_use-intel-only-on-pre-gen4.diff
-gzip ./source/x/x11/patch/xorg-server/failed/0001-Always-install-vbe-and-int10-sdk-headers.patch
 gzip ./source/x/x11/patch/xinit/xinit.remove.systemd.kludge.diff
 gzip ./source/x/x11/patch/xf86-video-intel/0001-sna-Avoid-clobbering-output-physical-size-with-xf86O.patch
 gzip ./source/x/x11/patch/xf86-video-s3virge/xf86-video-s3virge.xorg-server-1.20.x.diff
--- a/source/x/x11/build/xorg-server
+++ b/source/x/x11/build/xorg-server
@ -1 +1 @@
-1
+2
--- a/source/x/x11/patch/xorg-server.patch
+++ b/source/x/x11/patch/xorg-server.patch
@ -20,3 +20,9 @@ zcat $CWD/patch/xorg-server/0001-xfree86-use-modesetting-driver-by-default-on-Ge

 # Only use Intel DDX with pre-gen4 hardware. Newer hardware will the the modesetting driver by default:
 zcat $CWD/patch/xorg-server/06_use-intel-only-on-pre-gen4.diff.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
+
+# Patch some more security issues:
+zcat $CWD/patch/xorg-server/CVE-2022-3550.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
+zcat $CWD/patch/xorg-server/CVE-2022-3551.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
+# This one doesn't apply properly, but it's for OSX anyway :)
+#zcat $CWD/patch/xorg-server/CVE-2022-3553.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
--- a/source/x/x11/patch/xorg-server/CVE-2022-3550.patch
+++ b/source/x/x11/patch/xorg-server/CVE-2022-3550.patch
@ -0,0 +1,34 @@
+From 11beef0b7f1ed290348e45618e5fa0d2bffcb72e Mon Sep 17 00:00:00 2001
+From: Peter Hutterer <peter.hutterer@who-t.net>
+Date: Tue, 5 Jul 2022 12:06:20 +1000
+Subject: xkb: proof GetCountedString against request length attacks
+
+GetCountedString did a check for the whole string to be within the
+request buffer but not for the initial 2 bytes that contain the length
+field. A swapped client could send a malformed request to trigger a
+swaps() on those bytes, writing into random memory.
+
+Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
+---
+ xkb/xkb.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/xkb/xkb.c b/xkb/xkb.c
+index f42f59ef3..1841cff26 100644
+--- a/xkb/xkb.c
+++ b/xkb/xkb.c
+@@ -5137,6 +5137,11 @@ _GetCountedString(char **wire_inout, ClientPtr client, char **str)
+     CARD16 len;
+ 
+     wire = *wire_inout;
+
+    if (client->req_len <
+        bytes_to_int32(wire + 2 - (char *) client->requestBuffer))
+        return BadValue;
+
+     len = *(CARD16 *) wire;
+     if (client->swapped) {
+         swaps(&len);
+-- 
+cgit v1.2.1
+
--- a/source/x/x11/patch/xorg-server/CVE-2022-3551.patch
+++ b/source/x/x11/patch/xorg-server/CVE-2022-3551.patch
@ -0,0 +1,59 @@
+From 18f91b950e22c2a342a4fbc55e9ddf7534a707d2 Mon Sep 17 00:00:00 2001
+From: Peter Hutterer <peter.hutterer@who-t.net>
+Date: Wed, 13 Jul 2022 11:23:09 +1000
+Subject: xkb: fix some possible memleaks in XkbGetKbdByName
+
+GetComponentByName returns an allocated string, so let's free that if we
+fail somewhere.
+
+Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
+---
+ xkb/xkb.c | 26 ++++++++++++++++++++------
+ 1 file changed, 20 insertions(+), 6 deletions(-)
+
+diff --git a/xkb/xkb.c b/xkb/xkb.c
+index 4692895db..b79a269e3 100644
+--- a/xkb/xkb.c
+++ b/xkb/xkb.c
+@@ -5935,18 +5935,32 @@ ProcXkbGetKbdByName(ClientPtr client)
+     xkb = dev->key->xkbInfo->desc;
+     status = Success;
+     str = (unsigned char *) &stuff[1];
+-    if (GetComponentSpec(&str, TRUE, &status))  /* keymap, unsupported */
+-        return BadMatch;
+    {
+        char *keymap = GetComponentSpec(&str, TRUE, &status);  /* keymap, unsupported */
+        if (keymap) {
+            free(keymap);
+            return BadMatch;
+        }
+    }
+     names.keycodes = GetComponentSpec(&str, TRUE, &status);
+     names.types = GetComponentSpec(&str, TRUE, &status);
+     names.compat = GetComponentSpec(&str, TRUE, &status);
+     names.symbols = GetComponentSpec(&str, TRUE, &status);
+     names.geometry = GetComponentSpec(&str, TRUE, &status);
+-    if (status != Success)
+    if (status == Success) {
+        len = str - ((unsigned char *) stuff);
+        if ((XkbPaddedSize(len) / 4) != stuff->length)
+            status = BadLength;
+    }
+
+    if (status != Success) {
+        free(names.keycodes);
+        free(names.types);
+        free(names.compat);
+        free(names.symbols);
+        free(names.geometry);
+         return status;
+-    len = str - ((unsigned char *) stuff);
+-    if ((XkbPaddedSize(len) / 4) != stuff->length)
+-        return BadLength;
+    }
+ 
+     CHK_MASK_LEGAL(0x01, stuff->want, XkbGBN_AllComponentsMask);
+     CHK_MASK_LEGAL(0x02, stuff->need, XkbGBN_AllComponentsMask);
+-- 
+cgit v1.2.1
+
--- a/source/x/x11/patch/xorg-server/failed/0001-Always-install-vbe-and-int10-sdk-headers.patch
+++ b/source/x/x11/patch/xorg-server/failed/0001-Always-install-vbe-and-int10-sdk-headers.patch
@ -1,37 +0,0 @@
-From e96a83d9b1b5a52a41213c7a4840dc96b4f5b06f Mon Sep 17 00:00:00 2001
-From: Adam Jackson <ajax@redhat.com>
-Date: Wed, 15 Aug 2012 12:35:21 -0400
-Subject: [PATCH] Always install vbe and int10 sdk headers
-
-Signed-off-by: Adam Jackson <ajax@redhat.com>
---
- hw/xfree86/Makefile.am | 12 ++----------
- 1 file changed, 2 insertions(+), 10 deletions(-)
-
-diff --git a/hw/xfree86/Makefile.am b/hw/xfree86/Makefile.am
-index b876b79..a170b58 100644
--- a/hw/xfree86/Makefile.am
-+++ b/hw/xfree86/Makefile.am
-@@ -26,17 +26,9 @@ if VGAHW
- VGAHW_SUBDIR = vgahw
- endif
- 
-if VBE
-VBE_SUBDIR = vbe
-endif
-
-if INT10MODULE
-INT10_SUBDIR = int10
-endif
-
-SUBDIRS = common ddc x86emu $(INT10_SUBDIR) os-support parser \
-+SUBDIRS = common ddc x86emu int10 os-support parser \
- 	  ramdac $(VGAHW_SUBDIR) loader modes $(DRI_SUBDIR) \
-	  $(DRI2_SUBDIR) . $(VBE_SUBDIR) i2c dixmods xkb \
-+	  $(DRI2_SUBDIR) . vbe i2c dixmods xkb \
- 	  fbdevhw shadowfb exa $(XF86UTILS_SUBDIR) doc man \
- 	  $(GLAMOR_EGL_SUBDIR) drivers
- 
-- 
-2.13.6
-
--- a/source/x/xorg-server-xwayland/CVE-2022-3550.patch
+++ b/source/x/xorg-server-xwayland/CVE-2022-3550.patch
@ -0,0 +1,34 @@
+From 11beef0b7f1ed290348e45618e5fa0d2bffcb72e Mon Sep 17 00:00:00 2001
+From: Peter Hutterer <peter.hutterer@who-t.net>
+Date: Tue, 5 Jul 2022 12:06:20 +1000
+Subject: xkb: proof GetCountedString against request length attacks
+
+GetCountedString did a check for the whole string to be within the
+request buffer but not for the initial 2 bytes that contain the length
+field. A swapped client could send a malformed request to trigger a
+swaps() on those bytes, writing into random memory.
+
+Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
+---
+ xkb/xkb.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/xkb/xkb.c b/xkb/xkb.c
+index f42f59ef3..1841cff26 100644
+--- a/xkb/xkb.c
+++ b/xkb/xkb.c
+@@ -5137,6 +5137,11 @@ _GetCountedString(char **wire_inout, ClientPtr client, char **str)
+     CARD16 len;
+ 
+     wire = *wire_inout;
+
+    if (client->req_len <
+        bytes_to_int32(wire + 2 - (char *) client->requestBuffer))
+        return BadValue;
+
+     len = *(CARD16 *) wire;
+     if (client->swapped) {
+         swaps(&len);
+-- 
+cgit v1.2.1
+
--- a/source/x/xorg-server-xwayland/CVE-2022-3551.patch
+++ b/source/x/xorg-server-xwayland/CVE-2022-3551.patch
@ -0,0 +1,59 @@
+From 18f91b950e22c2a342a4fbc55e9ddf7534a707d2 Mon Sep 17 00:00:00 2001
+From: Peter Hutterer <peter.hutterer@who-t.net>
+Date: Wed, 13 Jul 2022 11:23:09 +1000
+Subject: xkb: fix some possible memleaks in XkbGetKbdByName
+
+GetComponentByName returns an allocated string, so let's free that if we
+fail somewhere.
+
+Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
+---
+ xkb/xkb.c | 26 ++++++++++++++++++++------
+ 1 file changed, 20 insertions(+), 6 deletions(-)
+
+diff --git a/xkb/xkb.c b/xkb/xkb.c
+index 4692895db..b79a269e3 100644
+--- a/xkb/xkb.c
+++ b/xkb/xkb.c
+@@ -5935,18 +5935,32 @@ ProcXkbGetKbdByName(ClientPtr client)
+     xkb = dev->key->xkbInfo->desc;
+     status = Success;
+     str = (unsigned char *) &stuff[1];
+-    if (GetComponentSpec(&str, TRUE, &status))  /* keymap, unsupported */
+-        return BadMatch;
+    {
+        char *keymap = GetComponentSpec(&str, TRUE, &status);  /* keymap, unsupported */
+        if (keymap) {
+            free(keymap);
+            return BadMatch;
+        }
+    }
+     names.keycodes = GetComponentSpec(&str, TRUE, &status);
+     names.types = GetComponentSpec(&str, TRUE, &status);
+     names.compat = GetComponentSpec(&str, TRUE, &status);
+     names.symbols = GetComponentSpec(&str, TRUE, &status);
+     names.geometry = GetComponentSpec(&str, TRUE, &status);
+-    if (status != Success)
+    if (status == Success) {
+        len = str - ((unsigned char *) stuff);
+        if ((XkbPaddedSize(len) / 4) != stuff->length)
+            status = BadLength;
+    }
+
+    if (status != Success) {
+        free(names.keycodes);
+        free(names.types);
+        free(names.compat);
+        free(names.symbols);
+        free(names.geometry);
+         return status;
+-    len = str - ((unsigned char *) stuff);
+-    if ((XkbPaddedSize(len) / 4) != stuff->length)
+-        return BadLength;
+    }
+ 
+     CHK_MASK_LEGAL(0x01, stuff->want, XkbGBN_AllComponentsMask);
+     CHK_MASK_LEGAL(0x02, stuff->need, XkbGBN_AllComponentsMask);
+-- 
+cgit v1.2.1
+
--- a/source/x/xorg-server-xwayland/xorg-server-xwayland.SlackBuild
+++ b/source/x/xorg-server-xwayland/xorg-server-xwayland.SlackBuild
@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd)
 PKGNAM=xorg-server-xwayland
 SRCNAM=xwayland
 VERSION=${VERSION:-$(echo $SRCNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}

 # Default font paths to be used by the X server:
 DEF_FONTPATH="/usr/share/fonts/misc,/usr/share/fonts/local,/usr/share/fonts/TTF,/usr/share/fonts/OTF,/usr/share/fonts/Type1,/usr/share/fonts/CID,/usr/share/fonts/75dpi/:unscaled,/usr/share/fonts/100dpi/:unscaled,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/cyrillic"
@ -80,6 +80,10 @@ find . \
  \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
  -exec chmod 644 {} \+

+# Patch more security issues:
+zcat $CWD/CVE-2022-3550.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/CVE-2022-3551.patch.gz | patch -p1 --verbose || exit 1
+
 # Configure, build, and install:
 export CFLAGS="$SLKCFLAGS"
 export CXXFLAGS="$SLKCFLAGS"