Miroirs/slackware-current
1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2025-02-05 20:46:11 +01:00
Code Issues Projects Releases Packages Wiki Activity

Tue Jul 23 18:54:25 UTC 2024

Browse source 
patches/packages/bind-9.18.28-x86_64-1_slack15.0.txz:  Upgraded.
  Please note that we have moved to the 9.18 branch, as 9.16 is EOL.
  This update fixes security issues:
  Remove SIG(0) support from named as a countermeasure for CVE-2024-1975.
  qctx-zversion was not being cleared when it should have been leading to
  an assertion failure if it needed to be reused.
  An excessively large number of rrtypes per owner can slow down database query
  processing, so a limit has been placed on the number of rrtypes that can be
  stored per owner (node) in a cache or zone database. This is configured with
  the new "max-rrtypes-per-name" option, and defaults to 100.
  Excessively large rdatasets can slow down database query processing, so a
  limit has been placed on the number of records that can be stored per
  rdataset in a cache or zone database. This is configured with the new
  "max-records-per-type" option, and defaults to 100.
  Malicious DNS client that sends many queries over TCP but never reads
  responses can cause server to respond slowly or not respond at all for other
  clients.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-1975
    https://www.cve.org/CVERecord?id=CVE-2024-4076
    https://www.cve.org/CVERecord?id=CVE-2024-1737
    https://www.cve.org/CVERecord?id=CVE-2024-0760
  (* Security fix *)
patches/packages/aaa_glibc-solibs-2.33-x86_64-7_slack15.0.txz:  Rebuilt.
patches/packages/glibc-2.33-x86_64-7_slack15.0.txz:  Rebuilt.
  This update fixes security issues:
  nscd: Stack-based buffer overflow in netgroup cache.
  nscd: Null pointer crash after notfound response.
  nscd: netgroup cache may terminate daemon on memory allocation failure.
  nscd: netgroup cache assumes NSS callback uses in-buffer strings.
  These vulnerabilities were only present in the nscd binary.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-33599
    https://www.cve.org/CVERecord?id=CVE-2024-33600
    https://www.cve.org/CVERecord?id=CVE-2024-33601
    https://www.cve.org/CVERecord?id=CVE-2024-33602
  (* Security fix *)
patches/packages/glibc-i18n-2.33-x86_64-7_slack15.0.txz:  Rebuilt.
patches/packages/glibc-profile-2.33-x86_64-7_slack15.0.txz:  Rebuilt.
patches/packages/mozilla-thunderbird-115.13.0-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/115.13.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/
    https://www.cve.org/CVERecord?id=CVE-2024-6600
    https://www.cve.org/CVERecord?id=CVE-2024-6601
    https://www.cve.org/CVERecord?id=CVE-2024-6602
    https://www.cve.org/CVERecord?id=CVE-2024-6603
    https://www.cve.org/CVERecord?id=CVE-2024-6604
  (* Security fix *)
This commit is contained in:
Patrick J Volkerding 2024-07-23 18:54:25 +00:00 committed by Eric Hameleers
parent 39cc109e67
commit 75a92ded1e
16 changed files with 773 additions and 101 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

64
ChangeLog.rss
View file

@ -11,9 +11,69 @@
<description>Tracking Slackware development in git.</description>
<language>en-us</language>
<id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
<pubDate>Thu, 18 Jul 2024 20:01:18 GMT</pubDate>
<lastBuildDate>Fri, 19 Jul 2024 11:30:51 GMT</lastBuildDate>
<pubDate>Tue, 23 Jul 2024 18:54:25 GMT</pubDate>
<lastBuildDate>Wed, 24 Jul 2024 11:30:46 GMT</lastBuildDate>
<generator>maintain_current_git.sh v 1.17</generator>
<item>
<title>Tue, 23 Jul 2024 18:54:25 GMT</title>
<pubDate>Tue, 23 Jul 2024 18:54:25 GMT</pubDate>
<link>https://git.slackware.nl/current/tag/?h=20240723185425</link>
<guid isPermaLink="false">20240723185425</guid>
<description>
<![CDATA[<pre>
patches/packages/bind-9.18.28-x86_64-1_slack15.0.txz: Upgraded.
Please note that we have moved to the 9.18 branch, as 9.16 is EOL.
This update fixes security issues:
Remove SIG(0) support from named as a countermeasure for CVE-2024-1975.
qctx-zversion was not being cleared when it should have been leading to
an assertion failure if it needed to be reused.
An excessively large number of rrtypes per owner can slow down database query
processing, so a limit has been placed on the number of rrtypes that can be
stored per owner (node) in a cache or zone database. This is configured with
the new "max-rrtypes-per-name" option, and defaults to 100.
Excessively large rdatasets can slow down database query processing, so a
limit has been placed on the number of records that can be stored per
rdataset in a cache or zone database. This is configured with the new
"max-records-per-type" option, and defaults to 100.
Malicious DNS client that sends many queries over TCP but never reads
responses can cause server to respond slowly or not respond at all for other
clients.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-1975
https://www.cve.org/CVERecord?id=CVE-2024-4076
https://www.cve.org/CVERecord?id=CVE-2024-1737
https://www.cve.org/CVERecord?id=CVE-2024-0760
(* Security fix *)
patches/packages/aaa_glibc-solibs-2.33-x86_64-7_slack15.0.txz: Rebuilt.
patches/packages/glibc-2.33-x86_64-7_slack15.0.txz: Rebuilt.
This update fixes security issues:
nscd: Stack-based buffer overflow in netgroup cache.
nscd: Null pointer crash after notfound response.
nscd: netgroup cache may terminate daemon on memory allocation failure.
nscd: netgroup cache assumes NSS callback uses in-buffer strings.
These vulnerabilities were only present in the nscd binary.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-33599
https://www.cve.org/CVERecord?id=CVE-2024-33600
https://www.cve.org/CVERecord?id=CVE-2024-33601
https://www.cve.org/CVERecord?id=CVE-2024-33602
(* Security fix *)
patches/packages/glibc-i18n-2.33-x86_64-7_slack15.0.txz: Rebuilt.
patches/packages/glibc-profile-2.33-x86_64-7_slack15.0.txz: Rebuilt.
patches/packages/mozilla-thunderbird-115.13.0-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.13.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/
https://www.cve.org/CVERecord?id=CVE-2024-6600
https://www.cve.org/CVERecord?id=CVE-2024-6601
https://www.cve.org/CVERecord?id=CVE-2024-6602
https://www.cve.org/CVERecord?id=CVE-2024-6603
https://www.cve.org/CVERecord?id=CVE-2024-6604
(* Security fix *)
</pre>]]>
</description>
</item>
<item>
<title>Thu, 18 Jul 2024 20:01:18 GMT</title>
<pubDate>Thu, 18 Jul 2024 20:01:18 GMT</pubDate>

52
ChangeLog.txt
View file

@ -1,3 +1,55 @@
Tue Jul 23 18:54:25 UTC 2024
patches/packages/bind-9.18.28-x86_64-1_slack15.0.txz: Upgraded.
Please note that we have moved to the 9.18 branch, as 9.16 is EOL.
This update fixes security issues:
Remove SIG(0) support from named as a countermeasure for CVE-2024-1975.
qctx-zversion was not being cleared when it should have been leading to
an assertion failure if it needed to be reused.
An excessively large number of rrtypes per owner can slow down database query
processing, so a limit has been placed on the number of rrtypes that can be
stored per owner (node) in a cache or zone database. This is configured with
the new "max-rrtypes-per-name" option, and defaults to 100.
Excessively large rdatasets can slow down database query processing, so a
limit has been placed on the number of records that can be stored per
rdataset in a cache or zone database. This is configured with the new
"max-records-per-type" option, and defaults to 100.
Malicious DNS client that sends many queries over TCP but never reads
responses can cause server to respond slowly or not respond at all for other
clients.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-1975
https://www.cve.org/CVERecord?id=CVE-2024-4076
https://www.cve.org/CVERecord?id=CVE-2024-1737
https://www.cve.org/CVERecord?id=CVE-2024-0760
(* Security fix *)
patches/packages/aaa_glibc-solibs-2.33-x86_64-7_slack15.0.txz: Rebuilt.
patches/packages/glibc-2.33-x86_64-7_slack15.0.txz: Rebuilt.
This update fixes security issues:
nscd: Stack-based buffer overflow in netgroup cache.
nscd: Null pointer crash after notfound response.
nscd: netgroup cache may terminate daemon on memory allocation failure.
nscd: netgroup cache assumes NSS callback uses in-buffer strings.
These vulnerabilities were only present in the nscd binary.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-33599
https://www.cve.org/CVERecord?id=CVE-2024-33600
https://www.cve.org/CVERecord?id=CVE-2024-33601
https://www.cve.org/CVERecord?id=CVE-2024-33602
(* Security fix *)
patches/packages/glibc-i18n-2.33-x86_64-7_slack15.0.txz: Rebuilt.
patches/packages/glibc-profile-2.33-x86_64-7_slack15.0.txz: Rebuilt.
patches/packages/mozilla-thunderbird-115.13.0-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.13.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/
https://www.cve.org/CVERecord?id=CVE-2024-6600
https://www.cve.org/CVERecord?id=CVE-2024-6601
https://www.cve.org/CVERecord?id=CVE-2024-6602
https://www.cve.org/CVERecord?id=CVE-2024-6603
https://www.cve.org/CVERecord?id=CVE-2024-6604
(* Security fix *)
+--------------------------+
Thu Jul 18 20:01:18 UTC 2024
patches/packages/httpd-2.4.62-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.

183
FILELIST.TXT
View file

@ -1,20 +1,20 @@
Thu Jul 18 20:04:43 UTC 2024
Tue Jul 23 18:59:27 UTC 2024
Here is the file list for this directory. If you are using a
mirror site and find missing or extra files in the disk
subdirectories, please have the archive administrator refresh
the mirror.
drwxr-xr-x 12 root root 4096 2024-07-18 20:01 .
drwxr-xr-x 12 root root 4096 2024-07-23 18:54 .
-rw-r--r-- 1 root root 5767 2022-02-02 22:44 ./ANNOUNCE.15.0
-rw-r--r-- 1 root root 16609 2022-03-30 19:03 ./CHANGES_AND_HINTS.TXT
-rw-r--r-- 1 root root 1247109 2024-07-17 19:32 ./CHECKSUMS.md5
-rw-r--r-- 1 root root 195 2024-07-17 19:32 ./CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 1247109 2024-07-18 20:05 ./CHECKSUMS.md5
-rw-r--r-- 1 root root 195 2024-07-18 20:05 ./CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING
-rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3
-rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT
-rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT
-rw-r--r-- 1 root root 2144247 2024-07-18 20:01 ./ChangeLog.txt
-rw-r--r-- 1 root root 2147120 2024-07-23 18:54 ./ChangeLog.txt
drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI
drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT
-rw-r--r-- 1 root root 1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi
@ -25,7 +25,7 @@ drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT
-rwxr-xr-x 1 root root 2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh
-rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg
-rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg
-rw-r--r-- 1 root root 1631704 2024-07-17 19:32 ./FILELIST.TXT
-rw-r--r-- 1 root root 1631704 2024-07-18 20:04 ./FILELIST.TXT
-rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY
-rw-r--r-- 1 root root 864745 2022-02-02 08:25 ./PACKAGES.TXT
-rw-r--r-- 1 root root 8034 2022-02-02 03:36 ./README.TXT
@ -832,13 +832,13 @@ drwxr-xr-x 2 root root 4096 2022-12-17 19:52 ./pasture/source/samba
-rw-r--r-- 1 root root 7921 2018-04-29 17:31 ./pasture/source/samba/smb.conf.default
-rw-r--r-- 1 root root 7933 2018-01-14 20:41 ./pasture/source/samba/smb.conf.default.orig
-rw-r--r-- 1 root root 536 2017-03-23 19:18 ./pasture/source/samba/smb.conf.diff.gz
drwxr-xr-x 4 root root 4096 2024-07-18 20:04 ./patches
-rw-r--r-- 1 root root 127244 2024-07-18 20:04 ./patches/CHECKSUMS.md5
-rw-r--r-- 1 root root 195 2024-07-18 20:04 ./patches/CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 173167 2024-07-18 20:04 ./patches/FILE_LIST
-rw-r--r-- 1 root root 17989057 2024-07-18 20:04 ./patches/MANIFEST.bz2
-rw-r--r-- 1 root root 90205 2024-07-18 20:04 ./patches/PACKAGES.TXT
drwxr-xr-x 7 root root 32768 2024-07-18 20:04 ./patches/packages
drwxr-xr-x 4 root root 4096 2024-07-23 18:59 ./patches
-rw-r--r-- 1 root root 127687 2024-07-23 18:59 ./patches/CHECKSUMS.md5
-rw-r--r-- 1 root root 195 2024-07-23 18:59 ./patches/CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 173700 2024-07-23 18:59 ./patches/FILE_LIST
-rw-r--r-- 1 root root 18013603 2024-07-23 18:59 ./patches/MANIFEST.bz2
-rw-r--r-- 1 root root 90205 2024-07-23 18:59 ./patches/PACKAGES.TXT
drwxr-xr-x 7 root root 32768 2024-07-23 18:59 ./patches/packages
-rw-r--r-- 1 root root 360 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 2389564 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 163 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txz.asc
@ -848,9 +848,9 @@ drwxr-xr-x 7 root root 32768 2024-07-18 20:04 ./patches/packages
-rw-r--r-- 1 root root 327 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txt
-rw-r--r-- 1 root root 10716 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz
-rw-r--r-- 1 root root 163 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz.asc
-rw-r--r-- 1 root root 371 2024-04-18 18:20 ./patches/packages/aaa_glibc-solibs-2.33-x86_64-6_slack15.0.txt
-rw-r--r-- 1 root root 2717232 2024-04-18 18:20 ./patches/packages/aaa_glibc-solibs-2.33-x86_64-6_slack15.0.txz
-rw-r--r-- 1 root root 195 2024-04-18 18:20 ./patches/packages/aaa_glibc-solibs-2.33-x86_64-6_slack15.0.txz.asc
-rw-r--r-- 1 root root 371 2024-07-23 17:44 ./patches/packages/aaa_glibc-solibs-2.33-x86_64-7_slack15.0.txt
-rw-r--r-- 1 root root 2712164 2024-07-23 17:44 ./patches/packages/aaa_glibc-solibs-2.33-x86_64-7_slack15.0.txz
-rw-r--r-- 1 root root 195 2024-07-23 17:44 ./patches/packages/aaa_glibc-solibs-2.33-x86_64-7_slack15.0.txz.asc
-rw-r--r-- 1 root root 275 2023-02-01 21:43 ./patches/packages/apr-1.7.2-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 265316 2023-02-01 21:43 ./patches/packages/apr-1.7.2-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 163 2023-02-01 21:43 ./patches/packages/apr-1.7.2-x86_64-1_slack15.0.txz.asc
@ -860,9 +860,9 @@ drwxr-xr-x 7 root root 32768 2024-07-18 20:04 ./patches/packages
-rw-r--r-- 1 root root 326 2022-02-07 18:56 ./patches/packages/at-3.2.3-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 43124 2022-02-07 18:56 ./patches/packages/at-3.2.3-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 163 2022-02-07 18:56 ./patches/packages/at-3.2.3-x86_64-1_slack15.0.txz.asc
-rw-r--r-- 1 root root 334 2024-04-18 17:18 ./patches/packages/bind-9.16.50-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 2233188 2024-04-18 17:18 ./patches/packages/bind-9.16.50-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 195 2024-04-18 17:18 ./patches/packages/bind-9.16.50-x86_64-1_slack15.0.txz.asc
-rw-r--r-- 1 root root 334 2024-07-23 17:58 ./patches/packages/bind-9.18.28-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 2467400 2024-07-23 17:58 ./patches/packages/bind-9.18.28-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 195 2024-07-23 17:58 ./patches/packages/bind-9.18.28-x86_64-1_slack15.0.txz.asc
-rw-r--r-- 1 root root 333 2024-06-26 20:05 ./patches/packages/bluez-5.71-x86_64-3_slack15.0.txt
-rw-r--r-- 1 root root 1468212 2024-06-26 20:05 ./patches/packages/bluez-5.71-x86_64-3_slack15.0.txz
-rw-r--r-- 1 root root 195 2024-06-26 20:05 ./patches/packages/bluez-5.71-x86_64-3_slack15.0.txz.asc
@ -929,15 +929,15 @@ drwxr-xr-x 7 root root 32768 2024-07-18 20:04 ./patches/packages
-rw-r--r-- 1 root root 397 2024-05-15 22:52 ./patches/packages/git-2.39.4-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 7315620 2024-05-15 22:52 ./patches/packages/git-2.39.4-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 195 2024-05-15 22:52 ./patches/packages/git-2.39.4-x86_64-1_slack15.0.txz.asc
-rw-r--r-- 1 root root 313 2024-04-18 18:21 ./patches/packages/glibc-2.33-x86_64-6_slack15.0.txt
-rw-r--r-- 1 root root 5280920 2024-04-18 18:21 ./patches/packages/glibc-2.33-x86_64-6_slack15.0.txz
-rw-r--r-- 1 root root 195 2024-04-18 18:21 ./patches/packages/glibc-2.33-x86_64-6_slack15.0.txz.asc
-rw-r--r-- 1 root root 353 2024-04-18 18:20 ./patches/packages/glibc-i18n-2.33-x86_64-6_slack15.0.txt
-rw-r--r-- 1 root root 12117268 2024-04-18 18:20 ./patches/packages/glibc-i18n-2.33-x86_64-6_slack15.0.txz
-rw-r--r-- 1 root root 195 2024-04-18 18:20 ./patches/packages/glibc-i18n-2.33-x86_64-6_slack15.0.txz.asc
-rw-r--r-- 1 root root 507 2024-04-18 18:20 ./patches/packages/glibc-profile-2.33-x86_64-6_slack15.0.txt
-rw-r--r-- 1 root root 1426960 2024-04-18 18:20 ./patches/packages/glibc-profile-2.33-x86_64-6_slack15.0.txz
-rw-r--r-- 1 root root 195 2024-04-18 18:20 ./patches/packages/glibc-profile-2.33-x86_64-6_slack15.0.txz.asc
-rw-r--r-- 1 root root 313 2024-07-23 17:44 ./patches/packages/glibc-2.33-x86_64-7_slack15.0.txt
-rw-r--r-- 1 root root 5272508 2024-07-23 17:44 ./patches/packages/glibc-2.33-x86_64-7_slack15.0.txz
-rw-r--r-- 1 root root 195 2024-07-23 17:44 ./patches/packages/glibc-2.33-x86_64-7_slack15.0.txz.asc
-rw-r--r-- 1 root root 353 2024-07-23 17:44 ./patches/packages/glibc-i18n-2.33-x86_64-7_slack15.0.txt
-rw-r--r-- 1 root root 12094888 2024-07-23 17:44 ./patches/packages/glibc-i18n-2.33-x86_64-7_slack15.0.txz
-rw-r--r-- 1 root root 195 2024-07-23 17:44 ./patches/packages/glibc-i18n-2.33-x86_64-7_slack15.0.txz.asc
-rw-r--r-- 1 root root 507 2024-07-23 17:43 ./patches/packages/glibc-profile-2.33-x86_64-7_slack15.0.txt
-rw-r--r-- 1 root root 1428536 2024-07-23 17:43 ./patches/packages/glibc-profile-2.33-x86_64-7_slack15.0.txz
-rw-r--r-- 1 root root 195 2024-07-23 17:43 ./patches/packages/glibc-profile-2.33-x86_64-7_slack15.0.txz.asc
-rw-r--r-- 1 root root 503 2024-02-03 18:53 ./patches/packages/glibc-zoneinfo-2024a-noarch-1_slack15.0.txt
-rw-r--r-- 1 root root 210604 2024-02-03 18:53 ./patches/packages/glibc-zoneinfo-2024a-noarch-1_slack15.0.txz
-rw-r--r-- 1 root root 163 2024-02-03 18:53 ./patches/packages/glibc-zoneinfo-2024a-noarch-1_slack15.0.txz.asc
@ -1047,9 +1047,9 @@ drwxr-xr-x 2 root root 4096 2024-06-16 21:36 ./patches/packages/linux-5.1
-rw-r--r-- 1 root root 564 2023-01-06 19:37 ./patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 1838968 2023-01-06 19:37 ./patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 163 2023-01-06 19:37 ./patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txz.asc
-rw-r--r-- 1 root root 663 2024-07-13 18:26 ./patches/packages/mozilla-thunderbird-115.12.2-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 60823332 2024-07-13 18:26 ./patches/packages/mozilla-thunderbird-115.12.2-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 195 2024-07-13 18:26 ./patches/packages/mozilla-thunderbird-115.12.2-x86_64-1_slack15.0.txz.asc
-rw-r--r-- 1 root root 663 2024-07-20 12:32 ./patches/packages/mozilla-thunderbird-115.13.0-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 60829832 2024-07-20 12:32 ./patches/packages/mozilla-thunderbird-115.13.0-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 195 2024-07-20 12:32 ./patches/packages/mozilla-thunderbird-115.13.0-x86_64-1_slack15.0.txz.asc
-rw-r--r-- 1 root root 451 2022-07-21 17:53 ./patches/packages/net-snmp-5.9.3-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 1598024 2022-07-21 17:53 ./patches/packages/net-snmp-5.9.3-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 163 2022-07-21 17:53 ./patches/packages/net-snmp-5.9.3-x86_64-1_slack15.0.txz.asc
@ -1279,7 +1279,7 @@ drwxr-xr-x 2 root root 4096 2024-06-08 19:45 ./patches/packages/old-linux
-rw-r--r-- 1 root root 463 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 459652 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 163 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz.asc
drwxr-xr-x 119 root root 4096 2024-07-18 18:16 ./patches/source
drwxr-xr-x 119 root root 4096 2024-07-23 18:40 ./patches/source
drwxr-xr-x 2 root root 4096 2023-09-26 19:22 ./patches/source/Cython
-rw-r--r-- 1 root root 1623580 2023-07-04 19:24 ./patches/source/Cython/Cython-0.29.36.tar.lz
-rwxr-xr-x 1 root root 3041 2023-09-26 19:23 ./patches/source/Cython/Cython.SlackBuild
@ -1319,11 +1319,11 @@ drwxr-xr-x 2 root root 4096 2022-02-07 18:45 ./patches/source/at
-rw-r--r-- 1 root root 428 2018-06-13 02:51 ./patches/source/at/doinst.sh.gz
-rw-r--r-- 1 root root 669 2018-06-14 18:38 ./patches/source/at/rc.atd
-rw-r--r-- 1 root root 776 2019-10-17 17:50 ./patches/source/at/slack-desc
drwxr-xr-x 3 root root 4096 2024-04-18 17:10 ./patches/source/bind
drwxr-xr-x 3 root root 4096 2024-07-23 17:57 ./patches/source/bind
-rw-r--r-- 1 root root 5120 2007-06-08 04:48 ./patches/source/bind/3link.sh
-rw-r--r-- 1 root root 5134620 2024-04-17 15:59 ./patches/source/bind/bind-9.16.50.tar.xz
-rw-r--r-- 1 root root 833 2024-04-17 15:59 ./patches/source/bind/bind-9.16.50.tar.xz.asc
-rwxr-xr-x 1 root root 5848 2023-12-21 19:03 ./patches/source/bind/bind.SlackBuild
-rw-r--r-- 1 root root 5533340 2024-07-23 13:02 ./patches/source/bind/bind-9.18.28.tar.xz
-rw-r--r-- 1 root root 833 2024-07-23 13:02 ./patches/source/bind/bind-9.18.28.tar.xz.asc
-rwxr-xr-x 1 root root 5848 2023-12-21 19:04 ./patches/source/bind/bind.SlackBuild
drwxr-xr-x 2 root root 4096 2023-11-07 19:28 ./patches/source/bind/caching-example
-rw-r--r-- 1 root root 195 2001-05-18 02:03 ./patches/source/bind/caching-example/localhost.zone
-rw-r--r-- 1 root root 3313 2023-11-07 19:15 ./patches/source/bind/caching-example/named.ca
@ -1533,10 +1533,10 @@ drwxr-xr-x 2 root root 4096 2006-12-03 23:10 ./patches/source/glibc-zonei
-rw-r--r-- 1 root root 833 2021-02-01 19:21 ./patches/source/glibc/glibc-2.33.tar.xz.sig
-rw-r--r-- 1 root root 2617 2016-08-08 14:05 ./patches/source/glibc/glibc-c-utf8-locale.patch.gz
-rwxr-xr-x 1 root root 174 2004-08-09 06:21 ./patches/source/glibc/glibc-cvs-checkout.sh
-rwxr-xr-x 1 root root 16097 2024-04-18 18:02 ./patches/source/glibc/glibc.SlackBuild
-rwxr-xr-x 1 root root 16097 2024-07-23 17:26 ./patches/source/glibc/glibc.SlackBuild
-rw-r--r-- 1 root root 312 2019-02-16 20:06 ./patches/source/glibc/glibc.locale.no-archive.diff.gz
-rw-r--r-- 1 root root 213 2006-08-22 06:33 ./patches/source/glibc/glibc.ru_RU.CP1251.diff.gz
drwxr-xr-x 2 root root 4096 2024-04-18 18:14 ./patches/source/glibc/patches
drwxr-xr-x 2 root root 4096 2024-07-23 17:33 ./patches/source/glibc/patches
-rw-r--r-- 1 root root 899 2021-02-09 19:43 ./patches/source/glibc/patches/0001-nsswitch-return-result-when-nss-database-is-locked.patch.gz
-rw-r--r-- 1 root root 349 2021-08-07 18:22 ./patches/source/glibc/patches/CVE-2021-27645.patch.gz
-rw-r--r-- 1 root root 1145 2021-08-07 18:16 ./patches/source/glibc/patches/CVE-2021-33574_1.patch.gz
@ -1544,6 +1544,11 @@ drwxr-xr-x 2 root root 4096 2024-04-18 18:14 ./patches/source/glibc/patch
-rw-r--r-- 1 root root 746 2021-08-07 18:18 ./patches/source/glibc/patches/CVE-2021-35942.patch.gz
-rw-r--r-- 1 root root 900 2021-08-17 19:01 ./patches/source/glibc/patches/CVE-2021-38604.patch.gz
-rw-r--r-- 1 root root 2656 2024-04-18 18:14 ./patches/source/glibc/patches/CVE-2024-2961_glibc2.33.patch.gz
-rw-r--r-- 1 root root 780 2024-07-23 17:22 ./patches/source/glibc/patches/CVE-2024-33599.patch.gz
-rw-r--r-- 1 root root 960 2024-07-23 17:23 ./patches/source/glibc/patches/CVE-2024-33600-1.patch.gz
-rw-r--r-- 1 root root 1242 2024-07-23 17:24 ./patches/source/glibc/patches/CVE-2024-33600-2.patch.gz
-rw-r--r-- 1 root root 4195 2024-07-23 17:25 ./patches/source/glibc/patches/CVE-2024-33601_CVE-2024-33602_1.patch.gz
-rw-r--r-- 1 root root 719 2024-07-23 17:32 ./patches/source/glibc/patches/CVE-2024-33601_CVE-2024-33602_2.patch.gz
-rw-r--r-- 1 root root 2959 2021-04-01 23:15 ./patches/source/glibc/patches/cdc31409bd4f878577059e70dbd52a28643ec609.patch.gz
-rw-r--r-- 1 root root 2089 2022-01-24 19:33 ./patches/source/glibc/patches/glibc.CVE-2021-3998.patch.gz
-rw-r--r-- 1 root root 4102 2022-01-24 18:18 ./patches/source/glibc/patches/glibc.CVE-2021-3999.patch.gz
@ -1858,7 +1863,7 @@ drwxr-xr-x 2 root root 4096 2023-01-06 19:30 ./patches/source/mozilla-nss
-rw-r--r-- 1 root root 37770371 2023-01-05 18:00 ./patches/source/mozilla-nss/nss-3.87.tar.lz
-rw-r--r-- 1 root root 2488 2012-04-29 21:05 ./patches/source/mozilla-nss/nss-config.in
-rw-r--r-- 1 root root 1023 2018-02-27 06:12 ./patches/source/mozilla-nss/slack-desc
drwxr-xr-x 4 root root 4096 2024-07-13 17:01 ./patches/source/mozilla-thunderbird
drwxr-xr-x 4 root root 4096 2024-07-20 03:40 ./patches/source/mozilla-thunderbird
drwxr-xr-x 2 root root 4096 2016-07-03 18:05 ./patches/source/mozilla-thunderbird/autoconf
-rw-r--r-- 1 root root 5869 2016-07-03 18:04 ./patches/source/mozilla-thunderbird/autoconf/autoconf-2.13-consolidated_fixes-1.patch.gz
-rw-r--r-- 1 root root 300116 1999-01-15 21:03 ./patches/source/mozilla-thunderbird/autoconf/autoconf-2.13.tar.xz
@ -1882,8 +1887,8 @@ drwxr-xr-x 2 root root 4096 2024-07-09 17:25 ./patches/source/mozilla-thu
-rwxr-xr-x 1 root root 13127 2024-07-13 17:35 ./patches/source/mozilla-thunderbird/mozilla-thunderbird.SlackBuild
-rw-r--r-- 1 root root 1130 2018-02-27 06:47 ./patches/source/mozilla-thunderbird/slack-desc
-rw-r--r-- 1 root root 330 2019-08-27 16:35 ./patches/source/mozilla-thunderbird/tb.ui.scrollToClick.diff.gz
-rw-r--r-- 1 root root 529634488 2024-06-22 18:56 ./patches/source/mozilla-thunderbird/thunderbird-115.12.2.source.tar.xz
-rw-r--r-- 1 root root 833 2024-06-22 18:56 ./patches/source/mozilla-thunderbird/thunderbird-115.12.2.source.tar.xz.asc
-rw-r--r-- 1 root root 536438476 2024-07-16 12:53 ./patches/source/mozilla-thunderbird/thunderbird-115.13.0.source.tar.xz
-rw-r--r-- 1 root root 833 2024-07-16 12:53 ./patches/source/mozilla-thunderbird/thunderbird-115.13.0.source.tar.xz.asc
-rw-r--r-- 1 root root 3378 2005-03-08 05:13 ./patches/source/mozilla-thunderbird/thunderbird.desktop
drwxr-xr-x 2 root root 4096 2022-07-21 17:44 ./patches/source/net-snmp
-rw-r--r-- 1 root root 356 2021-12-21 18:38 ./patches/source/net-snmp/doinst.sh.gz
@ -2567,11 +2572,11 @@ drwxr-xr-x 2 root root 4096 2024-07-10 20:35 ./patches/source/xorg-server
-rw-r--r-- 1 root root 1600 2024-04-03 22:11 ./patches/source/xorg-server/patch/xorg-server/CVE-2024-31083.patch.gz
-rw-r--r-- 1 root root 298 2018-05-30 05:02 ./patches/source/xorg-server/patch/xorg-server/fix-nouveau-segfault.diff.gz
-rw-r--r-- 1 root root 357 2020-09-11 18:38 ./patches/source/xorg-server/patch/xorg-server/fix-pci-segfault.diff.gz
-rw-r--r-- 1 root root 340 2012-04-14 03:01 ./patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff.gz
-rw-r--r-- 1 root root 897 2016-04-14 16:42 ./patches/source/xorg-server/patch/xorg-server/xorg-server.combo.mouse.keyboard.layout.patch.gz
drwxr-xr-x 2 root root 4096 2022-07-12 19:52 ./patches/source/xorg-server/post-install
-rw-r--r-- 1 root root 2848 2017-01-18 00:22 ./patches/source/xorg-server/post-install/xorg-server.post-install
drwxr-xr-x 2 root root 4096 2013-04-18 22:44 ./patches/source/xorg-server/slack-desc
-rw-r--r-- 1 root root 340 2012-04-14 03:01 ./patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff.gz
-rw-r--r-- 1 root root 897 2016-04-14 16:42 ./patches/source/xorg-server/patch/xorg-server/xorg-server.combo.mouse.keyboard.layout.patch.gz
drwxr-xr-x 2 root root 4096 2022-07-12 19:52 ./patches/source/xorg-server/post-install
-rw-r--r-- 1 root root 2848 2017-01-18 00:22 ./patches/source/xorg-server/post-install/xorg-server.post-install
drwxr-xr-x 2 root root 4096 2013-04-18 22:44 ./patches/source/xorg-server/slack-desc
-rw-r--r-- 1 root root 1132 2022-07-12 19:54 ./patches/source/xorg-server/slack-desc/xorg-server
-rw-r--r-- 1 root root 839 2009-05-30 01:47 ./patches/source/xorg-server/slack-desc/xorg-server-xephyr
-rw-r--r-- 1 root root 1060 2018-02-26 23:03 ./patches/source/xorg-server/slack-desc/xorg-server-xnest
@ -5333,13 +5338,13 @@ drwxr-xr-x 2 root root 69632 2022-02-02 04:20 ./slackware64/l
-rw-r--r-- 1 root root 371 2021-02-13 07:15 ./slackware64/l/libunistring-0.9.10-x86_64-3.txt
-rw-r--r-- 1 root root 529024 2021-02-13 07:15 ./slackware64/l/libunistring-0.9.10-x86_64-3.txz
-rw-r--r-- 1 root root 163 2021-02-13 07:15 ./slackware64/l/libunistring-0.9.10-x86_64-3.txz.asc
-rw-r--r-- 1 root root 679 2022-01-16 20:29 ./slackware64/l/libunwind-1.6.2-x86_64-1.txt
-rw-r--r-- 1 root root 113552 2022-01-16 20:29 ./slackware64/l/libunwind-1.6.2-x86_64-1.txz
-rw-r--r-- 1 root root 163 2022-01-16 20:29 ./slackware64/l/libunwind-1.6.2-x86_64-1.txz.asc
-rw-r--r-- 1 root root 427 2021-10-16 18:11 ./slackware64/l/liburing-2.1-x86_64-2.txt
-rw-r--r-- 1 root root 56500 2021-10-16 18:11 ./slackware64/l/liburing-2.1-x86_64-2.txz
-rw-r--r-- 1 root root 163 2021-10-16 18:11 ./slackware64/l/liburing-2.1-x86_64-2.txz.asc
-rw-r--r-- 1 root root 287 2021-04-16 18:12 ./slackware64/l/libusb-1.0.24-x86_64-4.txt
-rw-r--r-- 1 root root 679 2022-01-16 20:29 ./slackware64/l/libunwind-1.6.2-x86_64-1.txt
-rw-r--r-- 1 root root 113552 2022-01-16 20:29 ./slackware64/l/libunwind-1.6.2-x86_64-1.txz
-rw-r--r-- 1 root root 163 2022-01-16 20:29 ./slackware64/l/libunwind-1.6.2-x86_64-1.txz.asc
-rw-r--r-- 1 root root 427 2021-10-16 18:11 ./slackware64/l/liburing-2.1-x86_64-2.txt
-rw-r--r-- 1 root root 56500 2021-10-16 18:11 ./slackware64/l/liburing-2.1-x86_64-2.txz
-rw-r--r-- 1 root root 163 2021-10-16 18:11 ./slackware64/l/liburing-2.1-x86_64-2.txz.asc
-rw-r--r-- 1 root root 287 2021-04-16 18:12 ./slackware64/l/libusb-1.0.24-x86_64-4.txt
-rw-r--r-- 1 root root 78376 2021-04-16 18:12 ./slackware64/l/libusb-1.0.24-x86_64-4.txz
-rw-r--r-- 1 root root 163 2021-04-16 18:12 ./slackware64/l/libusb-1.0.24-x86_64-4.txz.asc
-rw-r--r-- 1 root root 444 2021-05-17 18:17 ./slackware64/l/libusb-compat-0.1.7-x86_64-1.txt
@ -8232,14 +8237,14 @@ drwxr-xr-x 2 root root 4096 2020-01-12 21:23 ./source/a/nvi/patches
drwxr-xr-x 2 root root 4096 2021-07-11 17:53 ./source/a/os-prober
-rwxr-xr-x 1 root root 4560 2021-07-11 17:53 ./source/a/os-prober/os-prober.SlackBuild
-rw-r--r-- 1 root root 682 2019-08-06 04:39 ./source/a/os-prober/os-prober.lvm2.diff.gz
-rw-r--r-- 1 root root 338 2013-08-30 20:22 ./source/a/os-prober/os-prober.reiserfs.diff.gz
-rw-r--r-- 1 root root 27140 2021-07-10 23:07 ./source/a/os-prober/os-prober_1.79.tar.xz
-rw-r--r-- 1 root root 874 2018-02-27 06:13 ./source/a/os-prober/slack-desc
drwxr-xr-x 4 root root 4096 2021-09-04 03:07 ./source/a/pam
-rw-r--r-- 1 root root 988784 2021-09-03 12:20 ./source/a/pam/Linux-PAM-1.5.2.tar.xz
-rw-r--r-- 1 root root 801 2021-09-03 12:20 ./source/a/pam/Linux-PAM-1.5.2.tar.xz.asc
-rw-r--r-- 1 root root 252 2014-07-26 06:55 ./source/a/pam/doinst.sh.gz
drwxr-xr-x 2 root root 4096 2020-11-11 19:58 ./source/a/pam/fedora-patches
-rw-r--r-- 1 root root 338 2013-08-30 20:22 ./source/a/os-prober/os-prober.reiserfs.diff.gz
-rw-r--r-- 1 root root 27140 2021-07-10 23:07 ./source/a/os-prober/os-prober_1.79.tar.xz
-rw-r--r-- 1 root root 874 2018-02-27 06:13 ./source/a/os-prober/slack-desc
drwxr-xr-x 4 root root 4096 2021-09-04 03:07 ./source/a/pam
-rw-r--r-- 1 root root 988784 2021-09-03 12:20 ./source/a/pam/Linux-PAM-1.5.2.tar.xz
-rw-r--r-- 1 root root 801 2021-09-03 12:20 ./source/a/pam/Linux-PAM-1.5.2.tar.xz.asc
-rw-r--r-- 1 root root 252 2014-07-26 06:55 ./source/a/pam/doinst.sh.gz
drwxr-xr-x 2 root root 4096 2020-11-11 19:58 ./source/a/pam/fedora-patches
-rw-r--r-- 1 root root 487 2019-02-02 06:05 ./source/a/pam/fedora-patches/pam-1.1.3-nouserenv.patch.gz
-rw-r--r-- 1 root root 534 2019-02-02 06:05 ./source/a/pam/fedora-patches/pam-1.1.6-limits-user.patch.gz
-rw-r--r-- 1 root root 541 2019-02-02 06:05 ./source/a/pam/fedora-patches/pam-1.1.8-audit-user-mgmt.patch.gz
@ -11359,10 +11364,10 @@ drwxr-xr-x 3 root root 12288 2022-01-21 19:09 ./source/kde/kde/src/framewor
-rw-r--r-- 1 root root 125136 2022-01-01 14:29 ./source/kde/kde/src/frameworks/kcompletion-5.90.0.tar.xz
-rw-r--r-- 1 root root 488 2022-01-01 14:29 ./source/kde/kde/src/frameworks/kcompletion-5.90.0.tar.xz.sig
-rw-r--r-- 1 root root 279744 2022-01-01 14:29 ./source/kde/kde/src/frameworks/kconfig-5.90.0.tar.xz
-rw-r--r-- 1 root root 488 2022-01-01 14:29 ./source/kde/kde/src/frameworks/kconfig-5.90.0.tar.xz.sig
-rw-r--r-- 1 root root 414176 2022-01-21 17:00 ./source/kde/kde/src/frameworks/kconfigwidgets-5.90.1.tar.xz
-rw-r--r-- 1 root root 488 2022-01-21 17:00 ./source/kde/kde/src/frameworks/kconfigwidgets-5.90.1.tar.xz.sig
-rw-r--r-- 1 root root 183196 2022-01-01 14:29 ./source/kde/kde/src/frameworks/kcontacts-5.90.0.tar.xz
-rw-r--r-- 1 root root 488 2022-01-01 14:29 ./source/kde/kde/src/frameworks/kconfig-5.90.0.tar.xz.sig
-rw-r--r-- 1 root root 414176 2022-01-21 17:00 ./source/kde/kde/src/frameworks/kconfigwidgets-5.90.1.tar.xz
-rw-r--r-- 1 root root 488 2022-01-21 17:00 ./source/kde/kde/src/frameworks/kconfigwidgets-5.90.1.tar.xz.sig
-rw-r--r-- 1 root root 183196 2022-01-01 14:29 ./source/kde/kde/src/frameworks/kcontacts-5.90.0.tar.xz
-rw-r--r-- 1 root root 488 2022-01-01 14:29 ./source/kde/kde/src/frameworks/kcontacts-5.90.0.tar.xz.sig
-rw-r--r-- 1 root root 445896 2022-01-01 14:29 ./source/kde/kde/src/frameworks/kcoreaddons-5.90.0.tar.xz
-rw-r--r-- 1 root root 488 2022-01-01 14:29 ./source/kde/kde/src/frameworks/kcoreaddons-5.90.0.tar.xz.sig
@ -14718,13 +14723,13 @@ drwxr-xr-x 2 root root 4096 2021-02-13 05:32 ./source/n/telnet
drwxr-xr-x 2 root root 4096 2021-02-13 05:32 ./source/n/tftp-hpa
-rw-r--r-- 1 root root 1010 2018-02-27 06:13 ./source/n/tftp-hpa/slack-desc
-rw-r--r-- 1 root root 836 2011-12-11 22:15 ./source/n/tftp-hpa/tftp-hpa-5.2.tar.sign
-rw-r--r-- 1 root root 89564 2011-12-11 22:15 ./source/n/tftp-hpa/tftp-hpa-5.2.tar.xz
-rwxr-xr-x 1 root root 3220 2021-02-13 05:32 ./source/n/tftp-hpa/tftp-hpa.SlackBuild
-rw-r--r-- 1 root root 201 2021-01-16 18:55 ./source/n/tftp-hpa/tftp-hpa.fcommon.diff.gz
drwxr-xr-x 2 root root 4096 2021-12-27 19:55 ./source/n/tin
-rw-r--r-- 1 root root 939 2018-02-27 06:13 ./source/n/tin/slack-desc
-rw-r--r-- 1 root root 1570500 2021-12-26 14:00 ./source/n/tin/tin-2.6.1.tar.xz
-rw-r--r-- 1 root root 286 2021-12-26 14:41 ./source/n/tin/tin-2.6.1.tar.xz.sign
-rw-r--r-- 1 root root 89564 2011-12-11 22:15 ./source/n/tftp-hpa/tftp-hpa-5.2.tar.xz
-rwxr-xr-x 1 root root 3220 2021-02-13 05:32 ./source/n/tftp-hpa/tftp-hpa.SlackBuild
-rw-r--r-- 1 root root 201 2021-01-16 18:55 ./source/n/tftp-hpa/tftp-hpa.fcommon.diff.gz
drwxr-xr-x 2 root root 4096 2021-12-27 19:55 ./source/n/tin
-rw-r--r-- 1 root root 939 2018-02-27 06:13 ./source/n/tin/slack-desc
-rw-r--r-- 1 root root 1570500 2021-12-26 14:00 ./source/n/tin/tin-2.6.1.tar.xz
-rw-r--r-- 1 root root 286 2021-12-26 14:41 ./source/n/tin/tin-2.6.1.tar.xz.sign
-rwxr-xr-x 1 root root 3653 2021-09-27 18:04 ./source/n/tin/tin.SlackBuild
-rw-r--r-- 1 root root 40 2019-07-22 18:02 ./source/n/tin/tin.url
drwxr-xr-x 2 root root 4096 2021-02-13 05:32 ./source/n/traceroute
@ -17067,32 +17072,14 @@ drwxr-xr-x 2 root root 4096 2021-02-13 05:32 ./source/y/nethack
-rwxr-xr-x 1 root root 4998 2021-02-13 05:32 ./source/y/nethack/nethack.SlackBuild
-rw-r--r-- 1 root root 59 2020-12-30 20:25 ./source/y/nethack/nethack.url
-rw-r--r-- 1 root root 1031 2020-12-30 21:50 ./source/y/nethack/slack-desc
drwxr-xr-x 4 root root 4096 2024-05-16 01:17 ./testing
-rw-r--r-- 1 root root 2278 2024-05-16 01:17 ./testing/CHECKSUMS.md5
-rw-r--r-- 1 root root 195 2024-05-16 01:17 ./testing/CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 2975 2024-05-16 01:17 ./testing/FILE_LIST
-rw-r--r-- 1 root root 36569 2024-05-16 01:17 ./testing/MANIFEST.bz2
-rw-r--r-- 1 root root 727 2024-05-16 01:17 ./testing/PACKAGES.TXT
drwxr-xr-x 2 root root 4096 2024-05-16 01:17 ./testing/packages
-rw-r--r-- 1 root root 334 2024-05-15 22:40 ./testing/packages/bind-9.18.27-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 2458740 2024-05-15 22:40 ./testing/packages/bind-9.18.27-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 195 2024-05-15 22:40 ./testing/packages/bind-9.18.27-x86_64-1_slack15.0.txz.asc
drwxr-xr-x 4 root root 4096 2024-05-16 00:10 ./testing/source
drwxr-xr-x 3 root root 4096 2024-05-15 22:38 ./testing/source/bind
-rw-r--r-- 1 root root 5120 2007-06-08 04:48 ./testing/source/bind/3link.sh
-rw-r--r-- 1 root root 5524000 2024-05-15 15:52 ./testing/source/bind/bind-9.18.27.tar.xz
-rw-r--r-- 1 root root 833 2024-05-15 15:52 ./testing/source/bind/bind-9.18.27.tar.xz.asc
-rwxr-xr-x 1 root root 5848 2023-12-21 19:04 ./testing/source/bind/bind.SlackBuild
drwxr-xr-x 2 root root 4096 2023-11-07 19:28 ./testing/source/bind/caching-example
-rw-r--r-- 1 root root 195 2001-05-18 02:03 ./testing/source/bind/caching-example/localhost.zone
-rw-r--r-- 1 root root 3313 2023-11-07 19:15 ./testing/source/bind/caching-example/named.ca
-rw-r--r-- 1 root root 681 2008-04-13 21:47 ./testing/source/bind/caching-example/named.conf
-rw-r--r-- 1 root root 433 2011-03-26 06:54 ./testing/source/bind/caching-example/named.local
-rw-r--r-- 1 root root 3311 2024-03-25 05:00 ./testing/source/bind/caching-example/named.root
-rw-r--r-- 1 root root 1067 2023-12-01 20:18 ./testing/source/bind/default.named
-rw-r--r-- 1 root root 532 2021-09-16 00:25 ./testing/source/bind/doinst.sh.gz
-rw-r--r-- 1 root root 4045 2023-11-07 19:20 ./testing/source/bind/rc.bind
-rw-r--r-- 1 root root 786 2018-02-27 06:13 ./testing/source/bind/slack-desc
drwxr-xr-x 4 root root 4096 2024-07-23 18:59 ./testing
-rw-r--r-- 1 root root 1154 2024-07-23 18:59 ./testing/CHECKSUMS.md5
-rw-r--r-- 1 root root 195 2024-07-23 18:59 ./testing/CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 1471 2024-07-23 18:59 ./testing/FILE_LIST
-rw-r--r-- 1 root root 14 2024-07-23 18:59 ./testing/MANIFEST.bz2
-rw-r--r-- 1 root root 224 2024-07-23 18:59 ./testing/PACKAGES.TXT
drwxr-xr-x 2 root root 4096 2024-07-23 17:56 ./testing/packages
drwxr-xr-x 3 root root 4096 2024-07-23 17:56 ./testing/source
drwxr-xr-x 2 root root 4096 2022-02-02 06:50 ./testing/source/linux-5.16.5-configs
-rw-r--r-- 1 root root 75 2022-02-01 04:54 ./testing/source/linux-5.16.5-configs/README
-rw-r--r-- 1 root root 238294 2022-02-02 06:54 ./testing/source/linux-5.16.5-configs/config-generic-5.16.5

0
patches/packages/aaa_glibc-solibs-2.33-x86_64-6_slack15.0.txt → patches/packages/aaa_glibc-solibs-2.33-x86_64-7_slack15.0.txt
View file

0
patches/packages/bind-9.16.50-x86_64-1_slack15.0.txt → patches/packages/bind-9.18.28-x86_64-1_slack15.0.txt
View file

0
patches/packages/glibc-2.33-x86_64-6_slack15.0.txt → patches/packages/glibc-2.33-x86_64-7_slack15.0.txt
View file

0
patches/packages/glibc-i18n-2.33-x86_64-6_slack15.0.txt → patches/packages/glibc-i18n-2.33-x86_64-7_slack15.0.txt
View file

0
patches/packages/glibc-profile-2.33-x86_64-6_slack15.0.txt → patches/packages/glibc-profile-2.33-x86_64-7_slack15.0.txt
View file

0
patches/packages/mozilla-thunderbird-115.12.2-x86_64-1_slack15.0.txt → patches/packages/mozilla-thunderbird-115.13.0-x86_64-1_slack15.0.txt
View file

2
patches/source/glibc/glibc.SlackBuild
View file

@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=glibc
VERSION=${VERSION:-$(echo glibc-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
CHECKOUT=${CHECKOUT:-""}
BUILD=${BUILD:-6_slack15.0}
BUILD=${BUILD:-7_slack15.0}
# I was considering disabling NSCD, but MoZes talked me out of it. :)
#DISABLE_NSCD=" --disable-nscd "

35
patches/source/glibc/patches/CVE-2024-33599.patch Normal file
View file

@ -0,0 +1,35 @@
From 5c75001a96abcd50cbdb74df24c3f013188d076e Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Thu, 25 Apr 2024 15:00:45 +0200
Subject: [PATCH] CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup
cache (bug 31677)
Using alloca matches what other caches do. The request length is
bounded by MAXKEYLEN.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
(cherry picked from commit 87801a8fd06db1d654eea3e4f7626ff476a9bdaa)
---
nscd/netgroupcache.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
index ad2daddafdc..8835547acfa 100644
--- a/nscd/netgroupcache.c
+++ b/nscd/netgroupcache.c
@@ -503,12 +503,13 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req,
= (struct indataset *) mempool_alloc (db,
sizeof (*dataset) + req->key_len,
1);
- struct indataset dataset_mem;
bool cacheable = true;
if (__glibc_unlikely (dataset == NULL))
{
cacheable = false;
- dataset = &dataset_mem;
+ /* The alloca is safe because nscd_run_worker verfies that
+ key_len is not larger than MAXKEYLEN. */
+ dataset = alloca (sizeof (*dataset) + req->key_len);
}
datahead_init_pos (&dataset->head, sizeof (*dataset) + req->key_len,

56
patches/source/glibc/patches/CVE-2024-33600-1.patch Normal file
View file

@ -0,0 +1,56 @@
From f20a8d696b13c6261b52a6434899121f8b19d5a7 Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Thu, 25 Apr 2024 15:01:07 +0200
Subject: [PATCH] CVE-2024-33600: nscd: Do not send missing not-found response
in addgetnetgrentX (bug 31678)
If we failed to add a not-found response to the cache, the dataset
point can be null, resulting in a null pointer dereference.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
(cherry picked from commit 7835b00dbce53c3c87bbbb1754a95fb5e58187aa)
---
nscd/netgroupcache.c | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
index 8835547acfa..f2e7d60b50e 100644
--- a/nscd/netgroupcache.c
+++ b/nscd/netgroupcache.c
@@ -148,7 +148,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
/* No such service. */
cacheable = do_notfound (db, fd, req, key, &dataset, &total, &timeout,
&key_copy);
- goto writeout;
+ goto maybe_cache_add;
}
memset (&data, '\0', sizeof (data));
@@ -349,7 +349,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
{
cacheable = do_notfound (db, fd, req, key, &dataset, &total, &timeout,
&key_copy);
- goto writeout;
+ goto maybe_cache_add;
}
total = buffilled;
@@ -411,14 +411,12 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
}
if (he == NULL && fd != -1)
- {
- /* We write the dataset before inserting it to the database
- since while inserting this thread might block and so would
- unnecessarily let the receiver wait. */
- writeout:
+ /* We write the dataset before inserting it to the database since
+ while inserting this thread might block and so would
+ unnecessarily let the receiver wait. */
writeall (fd, &dataset->resp, dataset->head.recsize);
- }
+ maybe_cache_add:
if (cacheable)
{
/* If necessary, we also propagate the data to disk. */

57
patches/source/glibc/patches/CVE-2024-33600-2.patch Normal file
View file

@ -0,0 +1,57 @@
From e3eef1b8fbdd3a7917af466ca9c4b7477251ca79 Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Thu, 25 Apr 2024 15:01:07 +0200
Subject: [PATCH] CVE-2024-33600: nscd: Avoid null pointer crashes after
notfound response (bug 31678)
The addgetnetgrentX call in addinnetgrX may have failed to produce
a result, so the result variable in addinnetgrX can be NULL.
Use db->negtimeout as the fallback value if there is no result data;
the timeout is also overwritten below.
Also avoid sending a second not-found response. (The client
disconnects after receiving the first response, so the data stream did
not go out of sync even without this fix.) It is still beneficial to
add the negative response to the mapping, so that the client can get
it from there in the future, instead of going through the socket.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
(cherry picked from commit b048a482f088e53144d26a61c390bed0210f49f2)
---
nscd/netgroupcache.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
index f2e7d60b50e..aa9501a2c05 100644
--- a/nscd/netgroupcache.c
+++ b/nscd/netgroupcache.c
@@ -512,14 +512,15 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req,
datahead_init_pos (&dataset->head, sizeof (*dataset) + req->key_len,
sizeof (innetgroup_response_header),
- he == NULL ? 0 : dh->nreloads + 1, result->head.ttl);
+ he == NULL ? 0 : dh->nreloads + 1,
+ result == NULL ? db->negtimeout : result->head.ttl);
/* Set the notfound status and timeout based on the result from
getnetgrent. */
- dataset->head.notfound = result->head.notfound;
+ dataset->head.notfound = result == NULL || result->head.notfound;
dataset->head.timeout = timeout;
dataset->resp.version = NSCD_VERSION;
- dataset->resp.found = result->resp.found;
+ dataset->resp.found = result != NULL && result->resp.found;
/* Until we find a matching entry the result is 0. */
dataset->resp.result = 0;
@@ -567,7 +568,9 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req,
goto out;
}
- if (he == NULL)
+ /* addgetnetgrentX may have already sent a notfound response. Do
+ not send another one. */
+ if (he == NULL && dataset->resp.found)
{
/* We write the dataset before inserting it to the database
since while inserting this thread might block and so would

387
patches/source/glibc/patches/CVE-2024-33601_CVE-2024-33602_1.patch Normal file
View file

@ -0,0 +1,387 @@
From 4d27d4b9a188786fc6a56745506cec2acfc51f83 Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Thu, 25 Apr 2024 15:01:07 +0200
Subject: [PATCH] CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two
buffers in addgetnetgrentX (bug 31680)
This avoids potential memory corruption when the underlying NSS
callback function does not use the buffer space to store all strings
(e.g., for constant strings).
Instead of custom buffer management, two scratch buffers are used.
This increases stack usage somewhat.
Scratch buffer allocation failure is handled by return -1
(an invalid timeout value) instead of terminating the process.
This fixes bug 31679.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
(cherry picked from commit c04a21e050d64a1193a6daab872bca2528bda44b)
---
nscd/netgroupcache.c | 219 ++++++++++++++++++++++++-------------------
1 file changed, 121 insertions(+), 98 deletions(-)
diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
index aa9501a2c05..ee98ffd96ed 100644
--- a/nscd/netgroupcache.c
+++ b/nscd/netgroupcache.c
@@ -24,6 +24,7 @@
#include <stdlib.h>
#include <unistd.h>
#include <sys/mman.h>
+#include <scratch_buffer.h>
#include "../inet/netgroup.h"
#include "nscd.h"
@@ -66,6 +67,16 @@ struct dataset
char strdata[0];
};
+/* Send a notfound response to FD. Always returns -1 to indicate an
+ ephemeral error. */
+static time_t
+send_notfound (int fd)
+{
+ if (fd != -1)
+ TEMP_FAILURE_RETRY (send (fd, &notfound, sizeof (notfound), MSG_NOSIGNAL));
+ return -1;
+}
+
/* Sends a notfound message and prepares a notfound dataset to write to the
cache. Returns true if there was enough memory to allocate the dataset and
returns the dataset in DATASETP, total bytes to write in TOTALP and the
@@ -84,8 +95,7 @@ do_notfound (struct database_dyn *db, int fd, request_header *req,
total = sizeof (notfound);
timeout = time (NULL) + db->negtimeout;
- if (fd != -1)
- TEMP_FAILURE_RETRY (send (fd, &notfound, total, MSG_NOSIGNAL));
+ send_notfound (fd);
dataset = mempool_alloc (db, sizeof (struct dataset) + req->key_len, 1);
/* If we cannot permanently store the result, so be it. */
@@ -110,11 +120,78 @@ do_notfound (struct database_dyn *db, int fd, request_header *req,
return cacheable;
}
+struct addgetnetgrentX_scratch
+{
+ /* This is the result that the caller should use. It can be NULL,
+ point into buffer, or it can be in the cache. */
+ struct dataset *dataset;
+
+ struct scratch_buffer buffer;
+
+ /* Used internally in addgetnetgrentX as a staging area. */
+ struct scratch_buffer tmp;
+
+ /* Number of bytes in buffer that are actually used. */
+ size_t buffer_used;
+};
+
+static void
+addgetnetgrentX_scratch_init (struct addgetnetgrentX_scratch *scratch)
+{
+ scratch->dataset = NULL;
+ scratch_buffer_init (&scratch->buffer);
+ scratch_buffer_init (&scratch->tmp);
+
+ /* Reserve space for the header. */
+ scratch->buffer_used = sizeof (struct dataset);
+ static_assert (sizeof (struct dataset) < sizeof (scratch->tmp.__space),
+ "initial buffer space");
+ memset (scratch->tmp.data, 0, sizeof (struct dataset));
+}
+
+static void
+addgetnetgrentX_scratch_free (struct addgetnetgrentX_scratch *scratch)
+{
+ scratch_buffer_free (&scratch->buffer);
+ scratch_buffer_free (&scratch->tmp);
+}
+
+/* Copy LENGTH bytes from S into SCRATCH. Returns NULL if SCRATCH
+ could not be resized, otherwise a pointer to the copy. */
+static char *
+addgetnetgrentX_append_n (struct addgetnetgrentX_scratch *scratch,
+ const char *s, size_t length)
+{
+ while (true)
+ {
+ size_t remaining = scratch->buffer.length - scratch->buffer_used;
+ if (remaining >= length)
+ break;
+ if (!scratch_buffer_grow_preserve (&scratch->buffer))
+ return NULL;
+ }
+ char *copy = scratch->buffer.data + scratch->buffer_used;
+ memcpy (copy, s, length);
+ scratch->buffer_used += length;
+ return copy;
+}
+
+/* Copy S into SCRATCH, including its null terminator. Returns false
+ if SCRATCH could not be resized. */
+static bool
+addgetnetgrentX_append (struct addgetnetgrentX_scratch *scratch, const char *s)
+{
+ if (s == NULL)
+ s = "";
+ return addgetnetgrentX_append_n (scratch, s, strlen (s) + 1) != NULL;
+}
+
+/* Caller must initialize and free *SCRATCH. If the return value is
+ negative, this function has sent a notfound response. */
static time_t
addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
const char *key, uid_t uid, struct hashentry *he,
- struct datahead *dh, struct dataset **resultp,
- void **tofreep)
+ struct datahead *dh, struct addgetnetgrentX_scratch *scratch)
{
if (__glibc_unlikely (debug_level > 0))
{
@@ -133,14 +210,10 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
char *key_copy = NULL;
struct __netgrent data;
- size_t buflen = MAX (1024, sizeof (*dataset) + req->key_len);
- size_t buffilled = sizeof (*dataset);
- char *buffer = NULL;
size_t nentries = 0;
size_t group_len = strlen (key) + 1;
struct name_list *first_needed
= alloca (sizeof (struct name_list) + group_len);
- *tofreep = NULL;
if (netgroup_database == NULL
&& __nss_database_lookup2 ("netgroup", NULL, NULL, &netgroup_database))
@@ -152,8 +225,6 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
}
memset (&data, '\0', sizeof (data));
- buffer = xmalloc (buflen);
- *tofreep = buffer;
first_needed->next = first_needed;
memcpy (first_needed->name, key, group_len);
data.needed_groups = first_needed;
@@ -196,8 +267,8 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
while (1)
{
int e;
- status = getfct.f (&data, buffer + buffilled,
- buflen - buffilled - req->key_len, &e);
+ status = getfct.f (&data, scratch->tmp.data,
+ scratch->tmp.length, &e);
if (status == NSS_STATUS_SUCCESS)
{
if (data.type == triple_val)
@@ -205,68 +276,10 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
const char *nhost = data.val.triple.host;
const char *nuser = data.val.triple.user;
const char *ndomain = data.val.triple.domain;
-
- size_t hostlen = strlen (nhost ?: "") + 1;
- size_t userlen = strlen (nuser ?: "") + 1;
- size_t domainlen = strlen (ndomain ?: "") + 1;
-
- if (nhost == NULL || nuser == NULL || ndomain == NULL
- || nhost > nuser || nuser > ndomain)
- {
- const char *last = nhost;
- if (last == NULL
- || (nuser != NULL && nuser > last))
- last = nuser;
- if (last == NULL
- || (ndomain != NULL && ndomain > last))
- last = ndomain;
-
- size_t bufused
- = (last == NULL
- ? buffilled
- : last + strlen (last) + 1 - buffer);
-
- /* We have to make temporary copies. */
- size_t needed = hostlen + userlen + domainlen;
-
- if (buflen - req->key_len - bufused < needed)
- {
- buflen += MAX (buflen, 2 * needed);
- /* Save offset in the old buffer. We don't
- bother with the NULL check here since
- we'll do that later anyway. */
- size_t nhostdiff = nhost - buffer;
- size_t nuserdiff = nuser - buffer;
- size_t ndomaindiff = ndomain - buffer;
-
- char *newbuf = xrealloc (buffer, buflen);
- /* Fix up the triplet pointers into the new
- buffer. */
- nhost = (nhost ? newbuf + nhostdiff
- : NULL);
- nuser = (nuser ? newbuf + nuserdiff
- : NULL);
- ndomain = (ndomain ? newbuf + ndomaindiff
- : NULL);
- *tofreep = buffer = newbuf;
- }
-
- nhost = memcpy (buffer + bufused,
- nhost ?: "", hostlen);
- nuser = memcpy ((char *) nhost + hostlen,
- nuser ?: "", userlen);
- ndomain = memcpy ((char *) nuser + userlen,
- ndomain ?: "", domainlen);
- }
-
- char *wp = buffer + buffilled;
- wp = memmove (wp, nhost ?: "", hostlen);
- wp += hostlen;
- wp = memmove (wp, nuser ?: "", userlen);
- wp += userlen;
- wp = memmove (wp, ndomain ?: "", domainlen);
- wp += domainlen;
- buffilled = wp - buffer;
+ if (!(addgetnetgrentX_append (scratch, nhost)
+ && addgetnetgrentX_append (scratch, nuser)
+ && addgetnetgrentX_append (scratch, ndomain)))
+ return send_notfound (fd);
++nentries;
}
else
@@ -318,8 +331,8 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
}
else if (status == NSS_STATUS_TRYAGAIN && e == ERANGE)
{
- buflen *= 2;
- *tofreep = buffer = xrealloc (buffer, buflen);
+ if (!scratch_buffer_grow (&scratch->tmp))
+ return send_notfound (fd);
}
else if (status == NSS_STATUS_RETURN
|| status == NSS_STATUS_NOTFOUND
@@ -352,10 +365,17 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
goto maybe_cache_add;
}
- total = buffilled;
+ /* Capture the result size without the key appended. */
+ total = scratch->buffer_used;
+
+ /* Make a copy of the key. The scratch buffer must not move after
+ this point. */
+ key_copy = addgetnetgrentX_append_n (scratch, key, req->key_len);
+ if (key_copy == NULL)
+ return send_notfound (fd);
/* Fill in the dataset. */
- dataset = (struct dataset *) buffer;
+ dataset = scratch->buffer.data;
timeout = datahead_init_pos (&dataset->head, total + req->key_len,
total - offsetof (struct dataset, resp),
he == NULL ? 0 : dh->nreloads + 1,
@@ -364,11 +384,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
dataset->resp.version = NSCD_VERSION;
dataset->resp.found = 1;
dataset->resp.nresults = nentries;
- dataset->resp.result_len = buffilled - sizeof (*dataset);
-
- assert (buflen - buffilled >= req->key_len);
- key_copy = memcpy (buffer + buffilled, key, req->key_len);
- buffilled += req->key_len;
+ dataset->resp.result_len = total - sizeof (*dataset);
/* Now we can determine whether on refill we have to create a new
record or not. */
@@ -399,7 +415,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
if (__glibc_likely (newp != NULL))
{
/* Adjust pointer into the memory block. */
- key_copy = (char *) newp + (key_copy - buffer);
+ key_copy = (char *) newp + (key_copy - (char *) dataset);
dataset = memcpy (newp, dataset, total + req->key_len);
cacheable = true;
@@ -440,7 +456,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
}
out:
- *resultp = dataset;
+ scratch->dataset = dataset;
return timeout;
}
@@ -461,6 +477,9 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req,
if (user != NULL)
key = (char *) rawmemchr (key, '\0') + 1;
const char *domain = *key++ ? key : NULL;
+ struct addgetnetgrentX_scratch scratch;
+
+ addgetnetgrentX_scratch_init (&scratch);
if (__glibc_unlikely (debug_level > 0))
{
@@ -476,12 +495,8 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req,
group, group_len,
db, uid);
time_t timeout;
- void *tofree;
if (result != NULL)
- {
- timeout = result->head.timeout;
- tofree = NULL;
- }
+ timeout = result->head.timeout;
else
{
request_header req_get =
@@ -490,7 +505,10 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req,
.key_len = group_len
};
timeout = addgetnetgrentX (db, -1, &req_get, group, uid, NULL, NULL,
- &result, &tofree);
+ &scratch);
+ result = scratch.dataset;
+ if (timeout < 0)
+ goto out;
}
struct indataset
@@ -604,7 +622,7 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req,
}
out:
- free (tofree);
+ addgetnetgrentX_scratch_free (&scratch);
return timeout;
}
@@ -614,11 +632,12 @@ addgetnetgrentX_ignore (struct database_dyn *db, int fd, request_header *req,
const char *key, uid_t uid, struct hashentry *he,
struct datahead *dh)
{
- struct dataset *ignore;
- void *tofree;
- time_t timeout = addgetnetgrentX (db, fd, req, key, uid, he, dh,
- &ignore, &tofree);
- free (tofree);
+ struct addgetnetgrentX_scratch scratch;
+ addgetnetgrentX_scratch_init (&scratch);
+ time_t timeout = addgetnetgrentX (db, fd, req, key, uid, he, dh, &scratch);
+ addgetnetgrentX_scratch_free (&scratch);
+ if (timeout < 0)
+ timeout = 0;
return timeout;
}
@@ -662,5 +681,9 @@ readdinnetgr (struct database_dyn *db, struct hashentry *he,
.key_len = he->len
};
- return addinnetgrX (db, -1, &req, db->data + he->key, he->owner, he, dh);
+ int timeout = addinnetgrX (db, -1, &req, db->data + he->key, he->owner,
+ he, dh);
+ if (timeout < 0)
+ timeout = 0;
+ return timeout;
}

33
patches/source/glibc/patches/CVE-2024-33601_CVE-2024-33602_2.patch Normal file
View file

@ -0,0 +1,33 @@
From 1e398f406bb7ad8ffac66e664a44f11d2a0b8f36 Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Thu, 2 May 2024 17:06:19 +0200
Subject: [PATCH] nscd: Use time_t for return type of addgetnetgrentX
Using int may give false results for future dates (timeouts after the
year 2028).
Fixes commit 04a21e050d64a1193a6daab872bca2528bda44b ("CVE-2024-33601,
CVE-2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX
(bug 31680)").
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
(cherry picked from commit 4bbca1a44691a6e9adcee5c6798a707b626bc331)
---
nscd/netgroupcache.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
index ee98ffd96ed..7a4e767be2b 100644
--- a/nscd/netgroupcache.c
+++ b/nscd/netgroupcache.c
@@ -681,8 +681,8 @@ readdinnetgr (struct database_dyn *db, struct hashentry *he,
.key_len = he->len
};
- int timeout = addinnetgrX (db, -1, &req, db->data + he->key, he->owner,
- he, dh);
+ time_t timeout = addinnetgrX (db, -1, &req, db->data + he->key, he->owner,
+ he, dh);
if (timeout < 0)
timeout = 0;
return timeout;

5
recompress.sh
View file

@ -1208,9 +1208,14 @@ gzip ./patches/source/glibc/patches/glibc.CVE-2021-3998.patch
gzip ./patches/source/glibc/patches/CVE-2021-33574_2.patch
gzip ./patches/source/glibc/patches/CVE-2021-27645.patch
gzip ./patches/source/glibc/patches/CVE-2021-38604.patch
gzip ./patches/source/glibc/patches/CVE-2024-33600-2.patch
gzip ./patches/source/glibc/patches/CVE-2024-33601_CVE-2024-33602_2.patch
gzip ./patches/source/glibc/patches/CVE-2021-35942.patch
gzip ./patches/source/glibc/patches/CVE-2024-33599.patch
gzip ./patches/source/glibc/patches/CVE-2024-33601_CVE-2024-33602_1.patch
gzip ./patches/source/glibc/patches/CVE-2021-33574_1.patch
gzip ./patches/source/glibc/patches/CVE-2024-2961_glibc2.33.patch
gzip ./patches/source/glibc/patches/CVE-2024-33600-1.patch
gzip ./patches/source/glibc/glibc-c-utf8-locale.patch
gzip ./patches/source/glibc/glibc-2.32.en_US.no.am.pm.date.format.diff
gzip ./patches/source/mozilla-thunderbird/autoconf/autoconf-2.13-consolidated_fixes-1.patch