mirror of
git://slackware.nl/current.git
synced 2024-12-27 09:59:16 +01:00
Mon Sep 9 00:53:17 UTC 2024
patches/packages/python3-3.9.20-x86_64-1_slack15.0.txz: Upgraded. This update fixes security issues: Bundled libexpat was updated to 2.6.3. Fix quadratic complexity in parsing "-quoted cookie values with backslashes by http.cookies. Fixed various false positives and false negatives in IPv4Address.is_private, IPv4Address.is_global, IPv6Address.is_private, IPv6Address.is_global. Fix urllib.parse.urlunparse() and urllib.parse.urlunsplit() for URIs with path starting with multiple slashes and no authority. Remove backtracking from tarfile header parsing for hdrcharset, PAX, and GNU sparse headers. email.utils.getaddresses() and email.utils.parseaddr() now return ('', '') 2-tuples in more situations where invalid email addresses are encountered instead of potentially inaccurate values. Add optional strict parameter to these two functions: use strict=False to get the old behavior, accept malformed inputs. getattr(email.utils, 'supports_strict_parsing', False) can be used to check if the strict paramater is available. Sanitize names in zipfile.Path to avoid infinite loops (gh-122905) without breaking contents using legitimate characters. Email headers with embedded newlines are now quoted on output. The generator will now refuse to serialize (write) headers that are unsafely folded or delimited; see verify_generated_headers. For more information, see: https://pythoninsider.blogspot.com/2024/09/python-3130rc2-3126-31110-31015-3920.html https://www.cve.org/CVERecord?id=CVE-2024-28757 https://www.cve.org/CVERecord?id=CVE-2024-45490 https://www.cve.org/CVERecord?id=CVE-2024-45491 https://www.cve.org/CVERecord?id=CVE-2024-45492 https://www.cve.org/CVERecord?id=CVE-2024-7592 https://www.cve.org/CVERecord?id=CVE-2024-4032 https://www.cve.org/CVERecord?id=CVE-2015-2104 https://www.cve.org/CVERecord?id=CVE-2024-6232 https://www.cve.org/CVERecord?id=CVE-2023-27043 https://www.cve.org/CVERecord?id=CVE-2024-8088 https://www.cve.org/CVERecord?id=CVE-2024-6923 (* Security fix *)
This commit is contained in:
parent
382f07b69c
commit
8039a5b124
4 changed files with 107 additions and 23 deletions
|
@ -11,9 +11,55 @@
|
|||
<description>Tracking Slackware development in git.</description>
|
||||
<language>en-us</language>
|
||||
<id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
|
||||
<pubDate>Sat, 7 Sep 2024 18:16:12 GMT</pubDate>
|
||||
<lastBuildDate>Sun, 8 Sep 2024 11:30:38 GMT</lastBuildDate>
|
||||
<pubDate>Mon, 9 Sep 2024 00:53:17 GMT</pubDate>
|
||||
<lastBuildDate>Mon, 9 Sep 2024 11:30:30 GMT</lastBuildDate>
|
||||
<generator>maintain_current_git.sh v 1.17</generator>
|
||||
<item>
|
||||
<title>Mon, 9 Sep 2024 00:53:17 GMT</title>
|
||||
<pubDate>Mon, 9 Sep 2024 00:53:17 GMT</pubDate>
|
||||
<link>https://git.slackware.nl/current/tag/?h=20240909005317</link>
|
||||
<guid isPermaLink="false">20240909005317</guid>
|
||||
<description>
|
||||
<![CDATA[<pre>
|
||||
patches/packages/python3-3.9.20-x86_64-1_slack15.0.txz: Upgraded.
|
||||
This update fixes security issues:
|
||||
Bundled libexpat was updated to 2.6.3.
|
||||
Fix quadratic complexity in parsing "-quoted cookie values with backslashes
|
||||
by http.cookies.
|
||||
Fixed various false positives and false negatives in IPv4Address.is_private,
|
||||
IPv4Address.is_global, IPv6Address.is_private, IPv6Address.is_global.
|
||||
Fix urllib.parse.urlunparse() and urllib.parse.urlunsplit() for URIs with
|
||||
path starting with multiple slashes and no authority.
|
||||
Remove backtracking from tarfile header parsing for hdrcharset, PAX, and
|
||||
GNU sparse headers.
|
||||
email.utils.getaddresses() and email.utils.parseaddr() now return ('', '')
|
||||
2-tuples in more situations where invalid email addresses are encountered
|
||||
instead of potentially inaccurate values. Add optional strict parameter to
|
||||
these two functions: use strict=False to get the old behavior, accept
|
||||
malformed inputs. getattr(email.utils, 'supports_strict_parsing', False) can
|
||||
be used to check if the strict paramater is available.
|
||||
Sanitize names in zipfile.Path to avoid infinite loops (gh-122905) without
|
||||
breaking contents using legitimate characters.
|
||||
Email headers with embedded newlines are now quoted on output. The generator
|
||||
will now refuse to serialize (write) headers that are unsafely folded or
|
||||
delimited; see verify_generated_headers.
|
||||
For more information, see:
|
||||
https://pythoninsider.blogspot.com/2024/09/python-3130rc2-3126-31110-31015-3920.html
|
||||
https://www.cve.org/CVERecord?id=CVE-2024-28757
|
||||
https://www.cve.org/CVERecord?id=CVE-2024-45490
|
||||
https://www.cve.org/CVERecord?id=CVE-2024-45491
|
||||
https://www.cve.org/CVERecord?id=CVE-2024-45492
|
||||
https://www.cve.org/CVERecord?id=CVE-2024-7592
|
||||
https://www.cve.org/CVERecord?id=CVE-2024-4032
|
||||
https://www.cve.org/CVERecord?id=CVE-2015-2104
|
||||
https://www.cve.org/CVERecord?id=CVE-2024-6232
|
||||
https://www.cve.org/CVERecord?id=CVE-2023-27043
|
||||
https://www.cve.org/CVERecord?id=CVE-2024-8088
|
||||
https://www.cve.org/CVERecord?id=CVE-2024-6923
|
||||
(* Security fix *)
|
||||
</pre>]]>
|
||||
</description>
|
||||
</item>
|
||||
<item>
|
||||
<title>Sat, 7 Sep 2024 18:16:12 GMT</title>
|
||||
<pubDate>Sat, 7 Sep 2024 18:16:12 GMT</pubDate>
|
||||
|
|
|
@ -1,3 +1,41 @@
|
|||
Mon Sep 9 00:53:17 UTC 2024
|
||||
patches/packages/python3-3.9.20-x86_64-1_slack15.0.txz: Upgraded.
|
||||
This update fixes security issues:
|
||||
Bundled libexpat was updated to 2.6.3.
|
||||
Fix quadratic complexity in parsing "-quoted cookie values with backslashes
|
||||
by http.cookies.
|
||||
Fixed various false positives and false negatives in IPv4Address.is_private,
|
||||
IPv4Address.is_global, IPv6Address.is_private, IPv6Address.is_global.
|
||||
Fix urllib.parse.urlunparse() and urllib.parse.urlunsplit() for URIs with
|
||||
path starting with multiple slashes and no authority.
|
||||
Remove backtracking from tarfile header parsing for hdrcharset, PAX, and
|
||||
GNU sparse headers.
|
||||
email.utils.getaddresses() and email.utils.parseaddr() now return ('', '')
|
||||
2-tuples in more situations where invalid email addresses are encountered
|
||||
instead of potentially inaccurate values. Add optional strict parameter to
|
||||
these two functions: use strict=False to get the old behavior, accept
|
||||
malformed inputs. getattr(email.utils, 'supports_strict_parsing', False) can
|
||||
be used to check if the strict paramater is available.
|
||||
Sanitize names in zipfile.Path to avoid infinite loops (gh-122905) without
|
||||
breaking contents using legitimate characters.
|
||||
Email headers with embedded newlines are now quoted on output. The generator
|
||||
will now refuse to serialize (write) headers that are unsafely folded or
|
||||
delimited; see verify_generated_headers.
|
||||
For more information, see:
|
||||
https://pythoninsider.blogspot.com/2024/09/python-3130rc2-3126-31110-31015-3920.html
|
||||
https://www.cve.org/CVERecord?id=CVE-2024-28757
|
||||
https://www.cve.org/CVERecord?id=CVE-2024-45490
|
||||
https://www.cve.org/CVERecord?id=CVE-2024-45491
|
||||
https://www.cve.org/CVERecord?id=CVE-2024-45492
|
||||
https://www.cve.org/CVERecord?id=CVE-2024-7592
|
||||
https://www.cve.org/CVERecord?id=CVE-2024-4032
|
||||
https://www.cve.org/CVERecord?id=CVE-2015-2104
|
||||
https://www.cve.org/CVERecord?id=CVE-2024-6232
|
||||
https://www.cve.org/CVERecord?id=CVE-2023-27043
|
||||
https://www.cve.org/CVERecord?id=CVE-2024-8088
|
||||
https://www.cve.org/CVERecord?id=CVE-2024-6923
|
||||
(* Security fix *)
|
||||
+--------------------------+
|
||||
Sat Sep 7 18:16:12 UTC 2024
|
||||
patches/packages/glibc-zoneinfo-2024b-noarch-1_slack15.0.txz: Upgraded.
|
||||
This package provides the latest timezone updates.
|
||||
|
|
42
FILELIST.TXT
42
FILELIST.TXT
|
@ -1,20 +1,20 @@
|
|||
Sat Sep 7 18:19:05 UTC 2024
|
||||
Mon Sep 9 00:57:06 UTC 2024
|
||||
|
||||
Here is the file list for this directory. If you are using a
|
||||
mirror site and find missing or extra files in the disk
|
||||
subdirectories, please have the archive administrator refresh
|
||||
the mirror.
|
||||
|
||||
drwxr-xr-x 12 root root 4096 2024-09-07 18:16 .
|
||||
drwxr-xr-x 12 root root 4096 2024-09-09 00:53 .
|
||||
-rw-r--r-- 1 root root 5767 2022-02-02 22:44 ./ANNOUNCE.15.0
|
||||
-rw-r--r-- 1 root root 16609 2022-03-30 19:03 ./CHANGES_AND_HINTS.TXT
|
||||
-rw-r--r-- 1 root root 1256124 2024-09-06 19:26 ./CHECKSUMS.md5
|
||||
-rw-r--r-- 1 root root 195 2024-09-06 19:26 ./CHECKSUMS.md5.asc
|
||||
-rw-r--r-- 1 root root 1256124 2024-09-07 18:19 ./CHECKSUMS.md5
|
||||
-rw-r--r-- 1 root root 195 2024-09-07 18:19 ./CHECKSUMS.md5.asc
|
||||
-rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING
|
||||
-rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3
|
||||
-rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT
|
||||
-rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT
|
||||
-rw-r--r-- 1 root root 2155266 2024-09-07 18:16 ./ChangeLog.txt
|
||||
-rw-r--r-- 1 root root 2157412 2024-09-09 00:53 ./ChangeLog.txt
|
||||
drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI
|
||||
drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT
|
||||
-rw-r--r-- 1 root root 1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi
|
||||
|
@ -25,7 +25,7 @@ drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT
|
|||
-rwxr-xr-x 1 root root 2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh
|
||||
-rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg
|
||||
-rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg
|
||||
-rw-r--r-- 1 root root 1646333 2024-09-06 19:25 ./FILELIST.TXT
|
||||
-rw-r--r-- 1 root root 1646333 2024-09-07 18:19 ./FILELIST.TXT
|
||||
-rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY
|
||||
-rw-r--r-- 1 root root 864745 2022-02-02 08:25 ./PACKAGES.TXT
|
||||
-rw-r--r-- 1 root root 8034 2022-02-02 03:36 ./README.TXT
|
||||
|
@ -832,13 +832,13 @@ drwxr-xr-x 2 root root 4096 2022-12-17 19:52 ./pasture/source/samba
|
|||
-rw-r--r-- 1 root root 7921 2018-04-29 17:31 ./pasture/source/samba/smb.conf.default
|
||||
-rw-r--r-- 1 root root 7933 2018-01-14 20:41 ./pasture/source/samba/smb.conf.default.orig
|
||||
-rw-r--r-- 1 root root 536 2017-03-23 19:18 ./pasture/source/samba/smb.conf.diff.gz
|
||||
drwxr-xr-x 4 root root 4096 2024-09-07 18:19 ./patches
|
||||
-rw-r--r-- 1 root root 134549 2024-09-07 18:19 ./patches/CHECKSUMS.md5
|
||||
-rw-r--r-- 1 root root 195 2024-09-07 18:19 ./patches/CHECKSUMS.md5.asc
|
||||
-rw-r--r-- 1 root root 185671 2024-09-07 18:18 ./patches/FILE_LIST
|
||||
-rw-r--r-- 1 root root 18212409 2024-09-07 18:18 ./patches/MANIFEST.bz2
|
||||
-rw-r--r-- 1 root root 93545 2024-09-07 18:19 ./patches/PACKAGES.TXT
|
||||
drwxr-xr-x 7 root root 32768 2024-09-07 18:18 ./patches/packages
|
||||
drwxr-xr-x 4 root root 4096 2024-09-09 00:57 ./patches
|
||||
-rw-r--r-- 1 root root 134549 2024-09-09 00:57 ./patches/CHECKSUMS.md5
|
||||
-rw-r--r-- 1 root root 195 2024-09-09 00:57 ./patches/CHECKSUMS.md5.asc
|
||||
-rw-r--r-- 1 root root 185671 2024-09-09 00:57 ./patches/FILE_LIST
|
||||
-rw-r--r-- 1 root root 18216362 2024-09-09 00:57 ./patches/MANIFEST.bz2
|
||||
-rw-r--r-- 1 root root 93545 2024-09-09 00:57 ./patches/PACKAGES.TXT
|
||||
drwxr-xr-x 7 root root 32768 2024-09-09 00:56 ./patches/packages
|
||||
-rw-r--r-- 1 root root 360 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txt
|
||||
-rw-r--r-- 1 root root 2389564 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txz
|
||||
-rw-r--r-- 1 root root 163 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txz.asc
|
||||
|
@ -1189,9 +1189,9 @@ drwxr-xr-x 2 root root 4096 2024-06-08 19:45 ./patches/packages/old-linux
|
|||
-rw-r--r-- 1 root root 371 2023-12-20 20:35 ./patches/packages/proftpd-1.3.8b-x86_64-1_slack15.0.txt
|
||||
-rw-r--r-- 1 root root 1392708 2023-12-20 20:35 ./patches/packages/proftpd-1.3.8b-x86_64-1_slack15.0.txz
|
||||
-rw-r--r-- 1 root root 163 2023-12-20 20:35 ./patches/packages/proftpd-1.3.8b-x86_64-1_slack15.0.txz.asc
|
||||
-rw-r--r-- 1 root root 664 2024-03-20 19:45 ./patches/packages/python3-3.9.19-x86_64-1_slack15.0.txt
|
||||
-rw-r--r-- 1 root root 19164220 2024-03-20 19:45 ./patches/packages/python3-3.9.19-x86_64-1_slack15.0.txz
|
||||
-rw-r--r-- 1 root root 195 2024-03-20 19:45 ./patches/packages/python3-3.9.19-x86_64-1_slack15.0.txz.asc
|
||||
-rw-r--r-- 1 root root 664 2024-09-08 18:22 ./patches/packages/python3-3.9.20-x86_64-1_slack15.0.txt
|
||||
-rw-r--r-- 1 root root 19179024 2024-09-08 18:22 ./patches/packages/python3-3.9.20-x86_64-1_slack15.0.txz
|
||||
-rw-r--r-- 1 root root 195 2024-09-08 18:22 ./patches/packages/python3-3.9.20-x86_64-1_slack15.0.txz.asc
|
||||
-rw-r--r-- 1 root root 260 2022-03-20 22:36 ./patches/packages/qt5-5.15.3_20220318_e507d3e5-x86_64-1_slack15.0.txt
|
||||
-rw-r--r-- 1 root root 99025556 2022-03-20 22:36 ./patches/packages/qt5-5.15.3_20220318_e507d3e5-x86_64-1_slack15.0.txz
|
||||
-rw-r--r-- 1 root root 163 2022-03-20 22:36 ./patches/packages/qt5-5.15.3_20220318_e507d3e5-x86_64-1_slack15.0.txz.asc
|
||||
|
@ -1297,7 +1297,7 @@ drwxr-xr-x 2 root root 4096 2024-06-08 19:45 ./patches/packages/old-linux
|
|||
-rw-r--r-- 1 root root 463 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txt
|
||||
-rw-r--r-- 1 root root 459652 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz
|
||||
-rw-r--r-- 1 root root 163 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz.asc
|
||||
drwxr-xr-x 125 root root 4096 2024-09-07 18:10 ./patches/source
|
||||
drwxr-xr-x 125 root root 4096 2024-09-08 18:33 ./patches/source
|
||||
drwxr-xr-x 2 root root 4096 2023-09-26 19:22 ./patches/source/Cython
|
||||
-rw-r--r-- 1 root root 1623580 2023-07-04 19:24 ./patches/source/Cython/Cython-0.29.36.tar.lz
|
||||
-rwxr-xr-x 1 root root 3041 2023-09-26 19:23 ./patches/source/Cython/Cython.SlackBuild
|
||||
|
@ -2336,11 +2336,11 @@ drwxr-xr-x 2 root root 4096 2017-04-20 21:08 ./patches/source/proftpd/etc
|
|||
-rw-r--r-- 1 root root 13966952 2023-12-20 04:42 ./patches/source/proftpd/proftpd-1.3.8b.tar.xz
|
||||
-rwxr-xr-x 1 root root 4774 2023-12-20 20:34 ./patches/source/proftpd/proftpd.SlackBuild
|
||||
-rw-r--r-- 1 root root 826 2018-02-27 06:13 ./patches/source/proftpd/slack-desc
|
||||
drwxr-xr-x 2 root root 4096 2024-03-20 19:43 ./patches/source/python3
|
||||
-rw-r--r-- 1 root root 19682840 2024-03-19 16:16 ./patches/source/python3/Python-3.9.19.tar.xz
|
||||
-rw-r--r-- 1 root root 833 2024-03-19 16:16 ./patches/source/python3/Python-3.9.19.tar.xz.asc
|
||||
drwxr-xr-x 2 root root 4096 2024-09-08 18:20 ./patches/source/python3
|
||||
-rw-r--r-- 1 root root 19648968 2024-09-06 19:46 ./patches/source/python3/Python-3.9.20.tar.xz
|
||||
-rw-r--r-- 1 root root 833 2024-09-07 10:25 ./patches/source/python3/Python-3.9.20.tar.xz.asc
|
||||
-rw-r--r-- 1 root root 890 2017-01-12 20:00 ./patches/source/python3/README
|
||||
-rw-r--r-- 1 root root 2551396 2024-03-19 16:13 ./patches/source/python3/python-3.9.19-docs-text.tar.bz2
|
||||
-rw-r--r-- 1 root root 2553492 2024-09-06 19:50 ./patches/source/python3/python-3.9.20-docs-text.tar.bz2
|
||||
-rw-r--r-- 1 root root 372 2021-11-20 19:27 ./patches/source/python3/python.sysconfig.py.x86_64.diff.gz
|
||||
-rwxr-xr-x 1 root root 6380 2023-06-08 19:59 ./patches/source/python3/python3.SlackBuild
|
||||
-rw-r--r-- 1 root root 495 2020-10-24 22:31 ./patches/source/python3/python3.distutils.x86_64.diff.gz
|
||||
|
|
Loading…
Reference in a new issue