Miroirs/slackware-current
1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2024-12-27 09:59:16 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Wed Feb 15 03:05:40 UTC 2023

Browse source 
a/kernel-firmware-20230214_a253a37-noarch-1.txz:  Upgraded.
a/kernel-generic-6.1.12-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.1.12-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.1.12-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.1.12-x86-1.txz:  Upgraded.
d/rust-1.66.1-x86_64-1.txz:  Upgraded.
k/kernel-source-6.1.12-noarch-1.txz:  Upgraded.
kde/bluedevil-5.27.0-x86_64-1.txz:  Upgraded.
kde/breeze-5.27.0-x86_64-1.txz:  Upgraded.
kde/breeze-grub-5.27.0-x86_64-1.txz:  Upgraded.
kde/breeze-gtk-5.27.0-x86_64-1.txz:  Upgraded.
kde/drkonqi-5.27.0-x86_64-1.txz:  Upgraded.
kde/kactivitymanagerd-5.27.0-x86_64-1.txz:  Upgraded.
kde/kde-cli-tools-5.27.0-x86_64-1.txz:  Upgraded.
kde/kde-gtk-config-5.27.0-x86_64-1.txz:  Upgraded.
kde/kdecoration-5.27.0-x86_64-1.txz:  Upgraded.
kde/kdeplasma-addons-5.27.0-x86_64-1.txz:  Upgraded.
kde/kgamma5-5.27.0-x86_64-1.txz:  Upgraded.
kde/khotkeys-5.27.0-x86_64-1.txz:  Upgraded.
kde/kinfocenter-5.27.0-x86_64-1.txz:  Upgraded.
kde/kmenuedit-5.27.0-x86_64-1.txz:  Upgraded.
kde/kpipewire-5.27.0-x86_64-1.txz:  Upgraded.
kde/kscreen-5.27.0-x86_64-1.txz:  Upgraded.
kde/kscreenlocker-5.27.0-x86_64-1.txz:  Upgraded.
kde/ksshaskpass-5.27.0-x86_64-1.txz:  Upgraded.
kde/ksystemstats-5.27.0-x86_64-1.txz:  Upgraded.
kde/kwallet-pam-5.27.0-x86_64-1.txz:  Upgraded.
kde/kwayland-integration-5.27.0-x86_64-1.txz:  Upgraded.
kde/kwin-5.27.0-x86_64-1.txz:  Upgraded.
kde/kwrited-5.27.0-x86_64-1.txz:  Upgraded.
kde/layer-shell-qt-5.27.0-x86_64-1.txz:  Upgraded.
kde/libkscreen-5.27.0-x86_64-1.txz:  Upgraded.
kde/libksysguard-5.27.0-x86_64-1.txz:  Upgraded.
kde/milou-5.27.0-x86_64-1.txz:  Upgraded.
kde/oxygen-5.27.0-x86_64-1.txz:  Upgraded.
kde/oxygen-sounds-5.27.0-x86_64-1.txz:  Upgraded.
kde/plasma-browser-integration-5.27.0-x86_64-1.txz:  Upgraded.
kde/plasma-desktop-5.27.0-x86_64-1.txz:  Upgraded.
kde/plasma-disks-5.27.0-x86_64-1.txz:  Upgraded.
kde/plasma-firewall-5.27.0-x86_64-1.txz:  Upgraded.
kde/plasma-integration-5.27.0-x86_64-1.txz:  Upgraded.
kde/plasma-nm-5.27.0-x86_64-1.txz:  Upgraded.
kde/plasma-pa-5.27.0-x86_64-1.txz:  Upgraded.
kde/plasma-sdk-5.27.0-x86_64-1.txz:  Upgraded.
kde/plasma-systemmonitor-5.27.0-x86_64-1.txz:  Upgraded.
kde/plasma-vault-5.27.0-x86_64-1.txz:  Upgraded.
kde/plasma-workspace-5.27.0-x86_64-1.txz:  Upgraded.
kde/plasma-workspace-wallpapers-5.27.0-x86_64-1.txz:  Upgraded.
kde/polkit-kde-agent-1-5.27.0-x86_64-1.txz:  Upgraded.
kde/powerdevil-5.27.0-x86_64-1.txz:  Upgraded.
kde/qqc2-breeze-style-5.27.0-x86_64-1.txz:  Upgraded.
kde/sddm-kcm-5.27.0-x86_64-1.txz:  Upgraded.
kde/systemsettings-5.27.0-x86_64-1.txz:  Upgraded.
kde/xdg-desktop-portal-kde-5.27.0-x86_64-1.txz:  Upgraded.
l/mozjs102-102.8.0esr-x86_64-1.txz:  Upgraded.
n/php-7.4.33-x86_64-3.txz:  Rebuilt.
  This update fixes security issues:
  Core: Password_verify() always return true with some hash.
  Core: 1-byte array overrun in common path resolve code.
  SAPI: DOS vulnerability when parsing multipart request body.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-0567
    https://www.cve.org/CVERecord?id=CVE-2023-0568
    https://www.cve.org/CVERecord?id=CVE-2023-0662
  (* Security fix *)
xap/mozilla-firefox-110.0-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/110.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/
    https://www.cve.org/CVERecord?id=CVE-2023-25728
    https://www.cve.org/CVERecord?id=CVE-2023-25730
    https://www.cve.org/CVERecord?id=CVE-2023-25743
    https://www.cve.org/CVERecord?id=CVE-2023-0767
    https://www.cve.org/CVERecord?id=CVE-2023-25735
    https://www.cve.org/CVERecord?id=CVE-2023-25737
    https://www.cve.org/CVERecord?id=CVE-2023-25738
    https://www.cve.org/CVERecord?id=CVE-2023-25739
    https://www.cve.org/CVERecord?id=CVE-2023-25729
    https://www.cve.org/CVERecord?id=CVE-2023-25732
    https://www.cve.org/CVERecord?id=CVE-2023-25734
    https://www.cve.org/CVERecord?id=CVE-2023-25740
    https://www.cve.org/CVERecord?id=CVE-2023-25731
    https://www.cve.org/CVERecord?id=CVE-2023-25733
    https://www.cve.org/CVERecord?id=CVE-2023-25736
    https://www.cve.org/CVERecord?id=CVE-2023-25741
    https://www.cve.org/CVERecord?id=CVE-2023-25742
    https://www.cve.org/CVERecord?id=CVE-2023-25744
    https://www.cve.org/CVERecord?id=CVE-2023-25745
  (* Security fix *)
extra/php80/php80-8.0.28-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Core: Password_verify() always return true with some hash.
  Core: 1-byte array overrun in common path resolve code.
  SAPI: DOS vulnerability when parsing multipart request body.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-0567
    https://www.cve.org/CVERecord?id=CVE-2023-0568
    https://www.cve.org/CVERecord?id=CVE-2023-0662
  (* Security fix *)
extra/php81/php81-8.1.16-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Core: Password_verify() always return true with some hash.
  Core: 1-byte array overrun in common path resolve code.
  SAPI: DOS vulnerability when parsing multipart request body.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-0567
    https://www.cve.org/CVERecord?id=CVE-2023-0568
    https://www.cve.org/CVERecord?id=CVE-2023-0662
  (* Security fix *)
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/rust-1.67.1-x86_64-1.txz:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
This commit is contained in:
Patrick J Volkerding 2023-02-15 03:05:40 +00:00 committed by Eric Hameleers
parent 52ac228489
commit 88d937fb4e
35 changed files with 1393 additions and 596 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

128
ChangeLog.rss
View file

@ -11,9 +11,133 @@
<description>Tracking Slackware development in git.</description> <description>Tracking Slackware development in git.</description>
<language>en-us</language> <language>en-us</language>
<id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
<pubDate>Mon, 13 Feb 2023 20:03:36 GMT</pubDate> <pubDate>Wed, 15 Feb 2023 03:05:40 GMT</pubDate>
<lastBuildDate>Mon, 13 Feb 2023 20:32:50 GMT</lastBuildDate> <lastBuildDate>Wed, 15 Feb 2023 05:50:09 GMT</lastBuildDate>
<generator>maintain_current_git.sh v 1.17</generator> <generator>maintain_current_git.sh v 1.17</generator>
<item>
<title>Wed, 15 Feb 2023 03:05:40 GMT</title>
<pubDate>Wed, 15 Feb 2023 03:05:40 GMT</pubDate>
<link>https://git.slackware.nl/current/tag/?h=20230215030540</link>
<guid isPermaLink="false">20230215030540</guid>
<description>
<![CDATA[<pre>
a/kernel-firmware-20230214_a253a37-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.12-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.12-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.12-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.12-x86-1.txz: Upgraded.
d/rust-1.66.1-x86_64-1.txz: Upgraded.
k/kernel-source-6.1.12-noarch-1.txz: Upgraded.
kde/bluedevil-5.27.0-x86_64-1.txz: Upgraded.
kde/breeze-5.27.0-x86_64-1.txz: Upgraded.
kde/breeze-grub-5.27.0-x86_64-1.txz: Upgraded.
kde/breeze-gtk-5.27.0-x86_64-1.txz: Upgraded.
kde/drkonqi-5.27.0-x86_64-1.txz: Upgraded.
kde/kactivitymanagerd-5.27.0-x86_64-1.txz: Upgraded.
kde/kde-cli-tools-5.27.0-x86_64-1.txz: Upgraded.
kde/kde-gtk-config-5.27.0-x86_64-1.txz: Upgraded.
kde/kdecoration-5.27.0-x86_64-1.txz: Upgraded.
kde/kdeplasma-addons-5.27.0-x86_64-1.txz: Upgraded.
kde/kgamma5-5.27.0-x86_64-1.txz: Upgraded.
kde/khotkeys-5.27.0-x86_64-1.txz: Upgraded.
kde/kinfocenter-5.27.0-x86_64-1.txz: Upgraded.
kde/kmenuedit-5.27.0-x86_64-1.txz: Upgraded.
kde/kpipewire-5.27.0-x86_64-1.txz: Upgraded.
kde/kscreen-5.27.0-x86_64-1.txz: Upgraded.
kde/kscreenlocker-5.27.0-x86_64-1.txz: Upgraded.
kde/ksshaskpass-5.27.0-x86_64-1.txz: Upgraded.
kde/ksystemstats-5.27.0-x86_64-1.txz: Upgraded.
kde/kwallet-pam-5.27.0-x86_64-1.txz: Upgraded.
kde/kwayland-integration-5.27.0-x86_64-1.txz: Upgraded.
kde/kwin-5.27.0-x86_64-1.txz: Upgraded.
kde/kwrited-5.27.0-x86_64-1.txz: Upgraded.
kde/layer-shell-qt-5.27.0-x86_64-1.txz: Upgraded.
kde/libkscreen-5.27.0-x86_64-1.txz: Upgraded.
kde/libksysguard-5.27.0-x86_64-1.txz: Upgraded.
kde/milou-5.27.0-x86_64-1.txz: Upgraded.
kde/oxygen-5.27.0-x86_64-1.txz: Upgraded.
kde/oxygen-sounds-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-browser-integration-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-desktop-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-disks-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-firewall-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-integration-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-nm-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-pa-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-sdk-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-systemmonitor-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-vault-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-workspace-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-workspace-wallpapers-5.27.0-x86_64-1.txz: Upgraded.
kde/polkit-kde-agent-1-5.27.0-x86_64-1.txz: Upgraded.
kde/powerdevil-5.27.0-x86_64-1.txz: Upgraded.
kde/qqc2-breeze-style-5.27.0-x86_64-1.txz: Upgraded.
kde/sddm-kcm-5.27.0-x86_64-1.txz: Upgraded.
kde/systemsettings-5.27.0-x86_64-1.txz: Upgraded.
kde/xdg-desktop-portal-kde-5.27.0-x86_64-1.txz: Upgraded.
l/mozjs102-102.8.0esr-x86_64-1.txz: Upgraded.
n/php-7.4.33-x86_64-3.txz: Rebuilt.
This update fixes security issues:
Core: Password_verify() always return true with some hash.
Core: 1-byte array overrun in common path resolve code.
SAPI: DOS vulnerability when parsing multipart request body.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0567
https://www.cve.org/CVERecord?id=CVE-2023-0568
https://www.cve.org/CVERecord?id=CVE-2023-0662
(* Security fix *)
xap/mozilla-firefox-110.0-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/110.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/
https://www.cve.org/CVERecord?id=CVE-2023-25728
https://www.cve.org/CVERecord?id=CVE-2023-25730
https://www.cve.org/CVERecord?id=CVE-2023-25743
https://www.cve.org/CVERecord?id=CVE-2023-0767
https://www.cve.org/CVERecord?id=CVE-2023-25735
https://www.cve.org/CVERecord?id=CVE-2023-25737
https://www.cve.org/CVERecord?id=CVE-2023-25738
https://www.cve.org/CVERecord?id=CVE-2023-25739
https://www.cve.org/CVERecord?id=CVE-2023-25729
https://www.cve.org/CVERecord?id=CVE-2023-25732
https://www.cve.org/CVERecord?id=CVE-2023-25734
https://www.cve.org/CVERecord?id=CVE-2023-25740
https://www.cve.org/CVERecord?id=CVE-2023-25731
https://www.cve.org/CVERecord?id=CVE-2023-25733
https://www.cve.org/CVERecord?id=CVE-2023-25736
https://www.cve.org/CVERecord?id=CVE-2023-25741
https://www.cve.org/CVERecord?id=CVE-2023-25742
https://www.cve.org/CVERecord?id=CVE-2023-25744
https://www.cve.org/CVERecord?id=CVE-2023-25745
(* Security fix *)
extra/php80/php80-8.0.28-x86_64-1.txz: Upgraded.
This update fixes security issues:
Core: Password_verify() always return true with some hash.
Core: 1-byte array overrun in common path resolve code.
SAPI: DOS vulnerability when parsing multipart request body.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0567
https://www.cve.org/CVERecord?id=CVE-2023-0568
https://www.cve.org/CVERecord?id=CVE-2023-0662
(* Security fix *)
extra/php81/php81-8.1.16-x86_64-1.txz: Upgraded.
This update fixes security issues:
Core: Password_verify() always return true with some hash.
Core: 1-byte array overrun in common path resolve code.
SAPI: DOS vulnerability when parsing multipart request body.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0567
https://www.cve.org/CVERecord?id=CVE-2023-0568
https://www.cve.org/CVERecord?id=CVE-2023-0662
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/rust-1.67.1-x86_64-1.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
</pre>]]>
</description>
</item>
<item> <item>
<title>Mon, 13 Feb 2023 20:03:36 GMT</title> <title>Mon, 13 Feb 2023 20:03:36 GMT</title>
<pubDate>Mon, 13 Feb 2023 20:03:36 GMT</pubDate> <pubDate>Mon, 13 Feb 2023 20:03:36 GMT</pubDate>

116
ChangeLog.txt
View file

@ -1,3 +1,119 @@
Wed Feb 15 03:05:40 UTC 2023
a/kernel-firmware-20230214_a253a37-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.12-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.12-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.12-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.12-x86-1.txz: Upgraded.
d/rust-1.66.1-x86_64-1.txz: Upgraded.
k/kernel-source-6.1.12-noarch-1.txz: Upgraded.
kde/bluedevil-5.27.0-x86_64-1.txz: Upgraded.
kde/breeze-5.27.0-x86_64-1.txz: Upgraded.
kde/breeze-grub-5.27.0-x86_64-1.txz: Upgraded.
kde/breeze-gtk-5.27.0-x86_64-1.txz: Upgraded.
kde/drkonqi-5.27.0-x86_64-1.txz: Upgraded.
kde/kactivitymanagerd-5.27.0-x86_64-1.txz: Upgraded.
kde/kde-cli-tools-5.27.0-x86_64-1.txz: Upgraded.
kde/kde-gtk-config-5.27.0-x86_64-1.txz: Upgraded.
kde/kdecoration-5.27.0-x86_64-1.txz: Upgraded.
kde/kdeplasma-addons-5.27.0-x86_64-1.txz: Upgraded.
kde/kgamma5-5.27.0-x86_64-1.txz: Upgraded.
kde/khotkeys-5.27.0-x86_64-1.txz: Upgraded.
kde/kinfocenter-5.27.0-x86_64-1.txz: Upgraded.
kde/kmenuedit-5.27.0-x86_64-1.txz: Upgraded.
kde/kpipewire-5.27.0-x86_64-1.txz: Upgraded.
kde/kscreen-5.27.0-x86_64-1.txz: Upgraded.
kde/kscreenlocker-5.27.0-x86_64-1.txz: Upgraded.
kde/ksshaskpass-5.27.0-x86_64-1.txz: Upgraded.
kde/ksystemstats-5.27.0-x86_64-1.txz: Upgraded.
kde/kwallet-pam-5.27.0-x86_64-1.txz: Upgraded.
kde/kwayland-integration-5.27.0-x86_64-1.txz: Upgraded.
kde/kwin-5.27.0-x86_64-1.txz: Upgraded.
kde/kwrited-5.27.0-x86_64-1.txz: Upgraded.
kde/layer-shell-qt-5.27.0-x86_64-1.txz: Upgraded.
kde/libkscreen-5.27.0-x86_64-1.txz: Upgraded.
kde/libksysguard-5.27.0-x86_64-1.txz: Upgraded.
kde/milou-5.27.0-x86_64-1.txz: Upgraded.
kde/oxygen-5.27.0-x86_64-1.txz: Upgraded.
kde/oxygen-sounds-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-browser-integration-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-desktop-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-disks-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-firewall-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-integration-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-nm-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-pa-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-sdk-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-systemmonitor-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-vault-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-workspace-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-workspace-wallpapers-5.27.0-x86_64-1.txz: Upgraded.
kde/polkit-kde-agent-1-5.27.0-x86_64-1.txz: Upgraded.
kde/powerdevil-5.27.0-x86_64-1.txz: Upgraded.
kde/qqc2-breeze-style-5.27.0-x86_64-1.txz: Upgraded.
kde/sddm-kcm-5.27.0-x86_64-1.txz: Upgraded.
kde/systemsettings-5.27.0-x86_64-1.txz: Upgraded.
kde/xdg-desktop-portal-kde-5.27.0-x86_64-1.txz: Upgraded.
l/mozjs102-102.8.0esr-x86_64-1.txz: Upgraded.
n/php-7.4.33-x86_64-3.txz: Rebuilt.
This update fixes security issues:
Core: Password_verify() always return true with some hash.
Core: 1-byte array overrun in common path resolve code.
SAPI: DOS vulnerability when parsing multipart request body.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0567
https://www.cve.org/CVERecord?id=CVE-2023-0568
https://www.cve.org/CVERecord?id=CVE-2023-0662
(* Security fix *)
xap/mozilla-firefox-110.0-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/110.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/
https://www.cve.org/CVERecord?id=CVE-2023-25728
https://www.cve.org/CVERecord?id=CVE-2023-25730
https://www.cve.org/CVERecord?id=CVE-2023-25743
https://www.cve.org/CVERecord?id=CVE-2023-0767
https://www.cve.org/CVERecord?id=CVE-2023-25735
https://www.cve.org/CVERecord?id=CVE-2023-25737
https://www.cve.org/CVERecord?id=CVE-2023-25738
https://www.cve.org/CVERecord?id=CVE-2023-25739
https://www.cve.org/CVERecord?id=CVE-2023-25729
https://www.cve.org/CVERecord?id=CVE-2023-25732
https://www.cve.org/CVERecord?id=CVE-2023-25734
https://www.cve.org/CVERecord?id=CVE-2023-25740
https://www.cve.org/CVERecord?id=CVE-2023-25731
https://www.cve.org/CVERecord?id=CVE-2023-25733
https://www.cve.org/CVERecord?id=CVE-2023-25736
https://www.cve.org/CVERecord?id=CVE-2023-25741
https://www.cve.org/CVERecord?id=CVE-2023-25742
https://www.cve.org/CVERecord?id=CVE-2023-25744
https://www.cve.org/CVERecord?id=CVE-2023-25745
(* Security fix *)
extra/php80/php80-8.0.28-x86_64-1.txz: Upgraded.
This update fixes security issues:
Core: Password_verify() always return true with some hash.
Core: 1-byte array overrun in common path resolve code.
SAPI: DOS vulnerability when parsing multipart request body.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0567
https://www.cve.org/CVERecord?id=CVE-2023-0568
https://www.cve.org/CVERecord?id=CVE-2023-0662
(* Security fix *)
extra/php81/php81-8.1.16-x86_64-1.txz: Upgraded.
This update fixes security issues:
Core: Password_verify() always return true with some hash.
Core: 1-byte array overrun in common path resolve code.
SAPI: DOS vulnerability when parsing multipart request body.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0567
https://www.cve.org/CVERecord?id=CVE-2023-0568
https://www.cve.org/CVERecord?id=CVE-2023-0662
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/rust-1.67.1-x86_64-1.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Mon Feb 13 20:03:36 UTC 2023 Mon Feb 13 20:03:36 UTC 2023
ap/man-pages-6.03-noarch-1.txz: Upgraded. ap/man-pages-6.03-noarch-1.txz: Upgraded.
l/atkmm-2.28.3-x86_64-1.txz: Upgraded. l/atkmm-2.28.3-x86_64-1.txz: Upgraded.

821
FILELIST.TXT
View file

File diff suppressed because it is too large Load diff

14
README.initrd
View file

@ -1,7 +1,7 @@
Slackware initrd mini HOWTO Slackware initrd mini HOWTO
by Patrick Volkerding, volkerdi@slackware.com by Patrick Volkerding, volkerdi@slackware.com
Thu Feb 9 22:28:24 UTC 2023 Wed Feb 15 02:54:05 UTC 2023
This document describes how to create and install an initrd, which may be This document describes how to create and install an initrd, which may be
required to use the 4.x kernel. Also see "man mkinitrd". required to use the 4.x kernel. Also see "man mkinitrd".
@ -33,15 +33,15 @@ flexible to ship a generic kernel and a set of kernel modules for it.
The easiest way to make the initrd is to use the mkinitrd script included The easiest way to make the initrd is to use the mkinitrd script included
in Slackware's mkinitrd package. We'll walk through the process of in Slackware's mkinitrd package. We'll walk through the process of
upgrading to the generic 6.1.11 Linux kernel using the packages upgrading to the generic 6.1.12 Linux kernel using the packages
found in Slackware's slackware/a/ directory. found in Slackware's slackware/a/ directory.
First, make sure the kernel, kernel modules, and mkinitrd package are First, make sure the kernel, kernel modules, and mkinitrd package are
installed (the current version numbers might be a little different, so installed (the current version numbers might be a little different, so
this is just an example): this is just an example):
installpkg kernel-generic-6.1.11-x86_64-1.txz installpkg kernel-generic-6.1.12-x86_64-1.txz
installpkg kernel-modules-6.1.11-x86_64-1.txz installpkg kernel-modules-6.1.12-x86_64-1.txz
installpkg mkinitrd-1.4.11-x86_64-30.txz installpkg mkinitrd-1.4.11-x86_64-30.txz
Change into the /boot directory: Change into the /boot directory:
@ -52,7 +52,7 @@ Now you'll want to run "mkinitrd". I'm using ext4 for my root filesystem,
and since the disk controller requires no special support the ext4 module and since the disk controller requires no special support the ext4 module
will be the only one I need to load: will be the only one I need to load:
mkinitrd -c -k 6.1.11 -m ext4 mkinitrd -c -k 6.1.12 -m ext4
This should do two things. First, it will create a directory This should do two things. First, it will create a directory
/boot/initrd-tree containing the initrd's filesystem. Then it will /boot/initrd-tree containing the initrd's filesystem. Then it will
@ -61,10 +61,10 @@ you could make some additional changes in /boot/initrd-tree/ and
then run mkinitrd again without options to rebuild the image. That's then run mkinitrd again without options to rebuild the image. That's
optional, though, and only advanced users will need to think about that. optional, though, and only advanced users will need to think about that.
Here's another example: Build an initrd image using Linux 6.1.11 Here's another example: Build an initrd image using Linux 6.1.12
kernel modules for a system with an ext4 root partition on /dev/sdb3: kernel modules for a system with an ext4 root partition on /dev/sdb3:
mkinitrd -c -k 6.1.11 -m ext4 -f ext4 -r /dev/sdb3 mkinitrd -c -k 6.1.12 -m ext4 -f ext4 -r /dev/sdb3
4. Now that I've built an initrd, how do I use it? 4. Now that I've built an initrd, how do I use it?

4
extra/source/php80/fetch-php.sh
View file

@ -1,2 +1,2 @@
lftpget http://us.php.net/distributions/php-8.0.27.tar.xz.asc lftpget http://us.php.net/distributions/php-8.0.28.tar.xz.asc
lftpget http://us.php.net/distributions/php-8.0.27.tar.xz lftpget http://us.php.net/distributions/php-8.0.28.tar.xz

4
extra/source/php81/fetch-php.sh
View file

@ -1,2 +1,2 @@
lftpget http://us.php.net/distributions/php-8.1.15.tar.xz.asc lftpget http://us.php.net/distributions/php-8.1.16.tar.xz.asc
lftpget http://us.php.net/distributions/php-8.1.15.tar.xz lftpget http://us.php.net/distributions/php-8.1.16.tar.xz

2
isolinux/message.txt
View file

@ -1,5 +1,5 @@
Welcome to 09Slackware6407 version 15.1 (Linux kernel 6.1.11)! Welcome to 09Slackware6407 version 15.1 (Linux kernel 6.1.12)!
If you need to pass extra parameters to the kernel, enter them at the prompt If you need to pass extra parameters to the kernel, enter them at the prompt
below after the name of the kernel to boot (e.g., huge.s). below after the name of the kernel to boot (e.g., huge.s).

2
kernels/VERSIONS.TXT
View file

@ -1,3 +1,3 @@
These kernels are version 6.1.11. These kernels are version 6.1.12.

5
recompress.sh
View file

@ -548,8 +548,11 @@ gzip ./source/n/wpa_supplicant/patches/wpa_supplicant-gui-qt4.patch
gzip ./source/n/wpa_supplicant/patches/allow-tlsv1.patch gzip ./source/n/wpa_supplicant/patches/allow-tlsv1.patch
gzip ./source/n/wpa_supplicant/doinst.sh gzip ./source/n/wpa_supplicant/doinst.sh
gzip ./source/n/php/php-fpm.conf.diff gzip ./source/n/php/php-fpm.conf.diff
gzip ./source/n/php/CVE-2023-0662.patch
gzip ./source/n/php/php.enchant-2.patch gzip ./source/n/php/php.enchant-2.patch
gzip ./source/n/php/CVE-2022-31631.patch gzip ./source/n/php/CVE-2022-31631.patch
gzip ./source/n/php/CVE-2023-0568.patch
gzip ./source/n/php/CVE-2023-0567.patch
gzip ./source/n/php/doinst.sh gzip ./source/n/php/doinst.sh
gzip ./source/n/php/php.imap.api.diff gzip ./source/n/php/php.imap.api.diff
gzip ./source/n/php/php.ini-development.diff gzip ./source/n/php/php.ini-development.diff
@ -754,7 +757,6 @@ gzip ./source/l/mozjs102/autoconf/autoconf-2.13-consolidated_fixes-1.patch
gzip ./source/l/mozjs102/patches/remove-sloppy-m4-detection-from-bundled-autoconf.patch gzip ./source/l/mozjs102/patches/remove-sloppy-m4-detection-from-bundled-autoconf.patch
gzip ./source/l/mozjs102/patches/fix-soname.patch gzip ./source/l/mozjs102/patches/fix-soname.patch
gzip ./source/l/mozjs102/patches/tests-increase-timeout.patch gzip ./source/l/mozjs102/patches/tests-increase-timeout.patch
gzip ./source/l/mozjs102/patches/0001-Python-Build-Use-r-instead-of-rU-file-read-modes.patch
gzip ./source/l/mozjs102/patches/icu_sources_data.py-Decouple-from-Mozilla-build-system.patch gzip ./source/l/mozjs102/patches/icu_sources_data.py-Decouple-from-Mozilla-build-system.patch
gzip ./source/l/mozjs102/patches/emitter.patch gzip ./source/l/mozjs102/patches/emitter.patch
gzip ./source/l/mozjs102/patches/copy-headers.patch gzip ./source/l/mozjs102/patches/copy-headers.patch
@ -1095,6 +1097,7 @@ gzip ./source/x/motif/motif-2.3.4-no_demos.patch
gzip ./source/x/motif/motif.rgbtxt.patch gzip ./source/x/motif/motif.rgbtxt.patch
gzip ./source/x/motif/motif-2.3.4-bindings.patch gzip ./source/x/motif/motif-2.3.4-bindings.patch
gzip ./source/x/motif/motif-2.3.4-mwmrc_dir.patch gzip ./source/x/motif/motif-2.3.4-mwmrc_dir.patch
gzip ./source/x/vulkan-sdk/VulkanTools-sdk.gcc12.diff
gzip ./source/x/mesa/doinst.sh gzip ./source/x/mesa/doinst.sh
gzip ./source/x/urw-core35-fonts-otf/doinst.sh gzip ./source/x/urw-core35-fonts-otf/doinst.sh
gzip ./source/x/ibus-hangul/doinst.sh gzip ./source/x/ibus-hangul/doinst.sh

6
slackware64/a/maketag
View file

@ -66,9 +66,9 @@ system. :^) Press ENTER when you are done." 21 76 10 \
"jfsutils" "Utilities for IBM's Journaled Filesystem" "on" \ "jfsutils" "Utilities for IBM's Journaled Filesystem" "on" \
"kbd" "Change keyboard and console mappings" "on" \ "kbd" "Change keyboard and console mappings" "on" \
"kernel-firmware" "Linux kernel firmware -- REQUIRED" "on" \ "kernel-firmware" "Linux kernel firmware -- REQUIRED" "on" \
"kernel-generic" "Generic 6.1.11 kernel (needs an initrd)" "on" \ "kernel-generic" "Generic 6.1.12 kernel (needs an initrd)" "on" \
"kernel-huge" "Loaded 6.1.11 Linux kernel" "on" \ "kernel-huge" "Loaded 6.1.12 Linux kernel" "on" \
"kernel-modules" "Linux 6.1.11 kernel modules -- REQUIRED" "on" \ "kernel-modules" "Linux 6.1.12 kernel modules -- REQUIRED" "on" \
"kmod" "Kernel module utilities -- REQUIRED" "on" \ "kmod" "Kernel module utilities -- REQUIRED" "on" \
"lbzip2" "Parallel bzip2 compressor" "on" \ "lbzip2" "Parallel bzip2 compressor" "on" \
"less" "A text pager utility - REQUIRED" "on" \ "less" "A text pager utility - REQUIRED" "on" \

6
slackware64/a/maketag.ez
View file

@ -66,9 +66,9 @@ system. :^) Press ENTER when you are done." 21 76 10 \
"jfsutils" "Utilities for IBM's Journaled Filesystem" "on" \ "jfsutils" "Utilities for IBM's Journaled Filesystem" "on" \
"kbd" "Change keyboard and console mappings" "on" \ "kbd" "Change keyboard and console mappings" "on" \
"kernel-firmware" "Linux kernel firmware -- REQUIRED" "on" \ "kernel-firmware" "Linux kernel firmware -- REQUIRED" "on" \
"kernel-generic" "Generic 6.1.11 kernel (needs an initrd)" "on" \ "kernel-generic" "Generic 6.1.12 kernel (needs an initrd)" "on" \
"kernel-huge" "Loaded 6.1.11 Linux kernel" "on" \ "kernel-huge" "Loaded 6.1.12 Linux kernel" "on" \
"kernel-modules" "Linux 6.1.11 kernel modules -- REQUIRED" "on" \ "kernel-modules" "Linux 6.1.12 kernel modules -- REQUIRED" "on" \
"kmod" "Kernel module utilities -- REQUIRED" "on" \ "kmod" "Kernel module utilities -- REQUIRED" "on" \
"lbzip2" "Parallel bzip2 compressor" "on" \ "lbzip2" "Parallel bzip2 compressor" "on" \
"less" "A text pager utility - REQUIRED" "on" \ "less" "A text pager utility - REQUIRED" "on" \

2
slackware64/k/maketag
View file

@ -21,7 +21,7 @@ from series K. Use the UP/DOWN keys to scroll through the list, and \
the SPACE key to deselect any items you don't want to install. \ the SPACE key to deselect any items you don't want to install. \
Press ENTER when you are \ Press ENTER when you are \
done." 11 70 1 \ done." 11 70 1 \
"kernel-source" "Linux 6.1.11 kernel source" "on" \ "kernel-source" "Linux 6.1.12 kernel source" "on" \
2> $TMP/SeTpkgs 2> $TMP/SeTpkgs
if [ $? = 1 -o $? = 255 ]; then if [ $? = 1 -o $? = 255 ]; then
rm -f $TMP/SeTpkgs rm -f $TMP/SeTpkgs

2
slackware64/k/maketag.ez
View file

@ -21,7 +21,7 @@ from series K. Use the UP/DOWN keys to scroll through the list, and \
the SPACE key to deselect any items you don't want to install. \ the SPACE key to deselect any items you don't want to install. \
Press ENTER when you are \ Press ENTER when you are \
done." 11 70 1 \ done." 11 70 1 \
"kernel-source" "Linux 6.1.11 kernel source" "on" \ "kernel-source" "Linux 6.1.12 kernel source" "on" \
2> $TMP/SeTpkgs 2> $TMP/SeTpkgs
if [ $? = 1 -o $? = 255 ]; then if [ $? = 1 -o $? = 255 ]; then
rm -f $TMP/SeTpkgs rm -f $TMP/SeTpkgs

8
source/d/rust/rust.SlackBuild
View file

@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=rust PKGNAM=rust
SRCNAM="${PKGNAM}c" SRCNAM="${PKGNAM}c"
VERSION=${VERSION:-1.65.0} VERSION=${VERSION:-1.66.1}
BUILD=${BUILD:-1} BUILD=${BUILD:-1}
# Set this to YES to build with the system LLVM, or NO to use the bundled LLVM. # Set this to YES to build with the system LLVM, or NO to use the bundled LLVM.
@ -34,9 +34,9 @@ BUILD=${BUILD:-1}
SYSTEM_LLVM=${SYSTEM_LLVM:-YES} SYSTEM_LLVM=${SYSTEM_LLVM:-YES}
# Bootstrap variables (might not be kept updated for latest Rust): # Bootstrap variables (might not be kept updated for latest Rust):
RSTAGE0_VERSION=${RSTAGE0_VERSION:-1.64.0} RSTAGE0_VERSION=${RSTAGE0_VERSION:-1.65.0}
RSTAGE0_DIR=${RSTAGE0_DIR:-2022-09-22} RSTAGE0_DIR=${RSTAGE0_DIR:-2022-11-03}
CSTAGE0_VERSION=${CSTAGE0_VERSION:-1.64.0} CSTAGE0_VERSION=${CSTAGE0_VERSION:-1.65.0}
CSTAGE0_DIR=${CSTAGE0_DIR:-$RSTAGE0_DIR} CSTAGE0_DIR=${CSTAGE0_DIR:-$RSTAGE0_DIR}
# Automatically determine the architecture we're building on: # Automatically determine the architecture we're building on:

6
source/d/rust/rust.url
View file

@ -1,5 +1,5 @@
# Source code (repacked to .tar.lz): # Source code (repacked to .tar.lz):
VERSION=1.65.0 VERSION=1.66.1
rm -f rustc-${VERSION}-src.tar.* rm -f rustc-${VERSION}-src.tar.*
lftpget https://static.rust-lang.org/dist/rustc-${VERSION}-src.tar.gz lftpget https://static.rust-lang.org/dist/rustc-${VERSION}-src.tar.gz
lftpget https://static.rust-lang.org/dist/rustc-${VERSION}-src.tar.gz.asc lftpget https://static.rust-lang.org/dist/rustc-${VERSION}-src.tar.gz.asc
@ -20,8 +20,8 @@ fi
# update the settings below, look at src/stage0.json in the Rust sources. # update the settings below, look at src/stage0.json in the Rust sources.
exit 0 exit 0
BOOTSTRAP_DATE=2022-09-22 BOOTSTRAP_DATE=2022-11-03
BOOTSTRAP_VERSION=1.64.0 BOOTSTRAP_VERSION=1.65.0
BOOTSTRAP_CARGO=$BOOTSTRAP_VERSION BOOTSTRAP_CARGO=$BOOTSTRAP_VERSION
# i686 bootstrap: # i686 bootstrap:

3
source/k/kernel-configs/config-generic-6.1.11 → source/k/kernel-configs/config-generic-6.1.12
View file

@ -1,6 +1,6 @@
# #
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 6.1.11 Kernel Configuration # Linux/x86 6.1.12 Kernel Configuration
# #
CONFIG_CC_VERSION_TEXT="gcc (GCC) 12.2.0" CONFIG_CC_VERSION_TEXT="gcc (GCC) 12.2.0"
CONFIG_CC_IS_GCC=y CONFIG_CC_IS_GCC=y
@ -11,6 +11,7 @@ CONFIG_AS_VERSION=24000
CONFIG_LD_IS_BFD=y CONFIG_LD_IS_BFD=y
CONFIG_LD_VERSION=24000 CONFIG_LD_VERSION=24000
CONFIG_LLD_VERSION=0 CONFIG_LLD_VERSION=0
CONFIG_RUST_IS_AVAILABLE=y
CONFIG_CC_CAN_LINK=y CONFIG_CC_CAN_LINK=y
CONFIG_CC_CAN_LINK_STATIC=y CONFIG_CC_CAN_LINK_STATIC=y
CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y

2
source/k/kernel-configs/config-generic-6.1.11.x64 → source/k/kernel-configs/config-generic-6.1.12.x64
View file

@ -1,6 +1,6 @@
# #
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 6.1.11 Kernel Configuration # Linux/x86 6.1.12 Kernel Configuration
# #
CONFIG_CC_VERSION_TEXT="gcc (GCC) 12.2.0" CONFIG_CC_VERSION_TEXT="gcc (GCC) 12.2.0"
CONFIG_CC_IS_GCC=y CONFIG_CC_IS_GCC=y

3
source/k/kernel-configs/config-generic-smp-6.1.11-smp → source/k/kernel-configs/config-generic-smp-6.1.12-smp
View file

@ -1,6 +1,6 @@
# #
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 6.1.11 Kernel Configuration # Linux/x86 6.1.12 Kernel Configuration
# #
CONFIG_CC_VERSION_TEXT="gcc (GCC) 12.2.0" CONFIG_CC_VERSION_TEXT="gcc (GCC) 12.2.0"
CONFIG_CC_IS_GCC=y CONFIG_CC_IS_GCC=y
@ -11,6 +11,7 @@ CONFIG_AS_VERSION=24000
CONFIG_LD_IS_BFD=y CONFIG_LD_IS_BFD=y
CONFIG_LD_VERSION=24000 CONFIG_LD_VERSION=24000
CONFIG_LLD_VERSION=0 CONFIG_LLD_VERSION=0
CONFIG_RUST_IS_AVAILABLE=y
CONFIG_CC_CAN_LINK=y CONFIG_CC_CAN_LINK=y
CONFIG_CC_CAN_LINK_STATIC=y CONFIG_CC_CAN_LINK_STATIC=y
CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y

3
source/k/kernel-configs/config-huge-6.1.11 → source/k/kernel-configs/config-huge-6.1.12
View file

@ -1,6 +1,6 @@
# #
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 6.1.11 Kernel Configuration # Linux/x86 6.1.12 Kernel Configuration
# #
CONFIG_CC_VERSION_TEXT="gcc (GCC) 12.2.0" CONFIG_CC_VERSION_TEXT="gcc (GCC) 12.2.0"
CONFIG_CC_IS_GCC=y CONFIG_CC_IS_GCC=y
@ -11,6 +11,7 @@ CONFIG_AS_VERSION=24000
CONFIG_LD_IS_BFD=y CONFIG_LD_IS_BFD=y
CONFIG_LD_VERSION=24000 CONFIG_LD_VERSION=24000
CONFIG_LLD_VERSION=0 CONFIG_LLD_VERSION=0
CONFIG_RUST_IS_AVAILABLE=y
CONFIG_CC_CAN_LINK=y CONFIG_CC_CAN_LINK=y
CONFIG_CC_CAN_LINK_STATIC=y CONFIG_CC_CAN_LINK_STATIC=y
CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y

2
source/k/kernel-configs/config-huge-6.1.11.x64 → source/k/kernel-configs/config-huge-6.1.12.x64
View file

@ -1,6 +1,6 @@
# #
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 6.1.11 Kernel Configuration # Linux/x86 6.1.12 Kernel Configuration
# #
CONFIG_CC_VERSION_TEXT="gcc (GCC) 12.2.0" CONFIG_CC_VERSION_TEXT="gcc (GCC) 12.2.0"
CONFIG_CC_IS_GCC=y CONFIG_CC_IS_GCC=y

3
source/k/kernel-configs/config-huge-smp-6.1.11-smp → source/k/kernel-configs/config-huge-smp-6.1.12-smp
View file

@ -1,6 +1,6 @@
# #
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 6.1.11 Kernel Configuration # Linux/x86 6.1.12 Kernel Configuration
# #
CONFIG_CC_VERSION_TEXT="gcc (GCC) 12.2.0" CONFIG_CC_VERSION_TEXT="gcc (GCC) 12.2.0"
CONFIG_CC_IS_GCC=y CONFIG_CC_IS_GCC=y
@ -11,6 +11,7 @@ CONFIG_AS_VERSION=24000
CONFIG_LD_IS_BFD=y CONFIG_LD_IS_BFD=y
CONFIG_LD_VERSION=24000 CONFIG_LD_VERSION=24000
CONFIG_LLD_VERSION=0 CONFIG_LLD_VERSION=0
CONFIG_RUST_IS_AVAILABLE=y
CONFIG_CC_CAN_LINK=y CONFIG_CC_CAN_LINK=y
CONFIG_CC_CAN_LINK_STATIC=y CONFIG_CC_CAN_LINK_STATIC=y
CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y

2
source/kde/kde/modules/plasma
View file

@ -14,10 +14,10 @@ kinfocenter
libksysguard libksysguard
#ksysguard #ksysguard
layer-shell-qt layer-shell-qt
libkscreen
kscreenlocker kscreenlocker
kwin kwin
kwrited kwrited
libkscreen
milou milou
oxygen oxygen
oxygen-sounds oxygen-sounds

16
source/kde/kde/patch/drkonqi/drkonqi.disable.kuserfeedback.patch
View file

@ -1,6 +1,6 @@
--- ./CMakeLists.txt.orig 2022-10-26 04:55:17.000000000 -0500 --- ./CMakeLists.txt.orig 2023-02-09 05:58:46.000000000 -0600
+++ ./CMakeLists.txt 2022-10-26 12:58:31.869100035 -0500 +++ ./CMakeLists.txt 2023-02-14 16:05:41.083008231 -0600
@@ -58,9 +58,6 @@ @@ -57,9 +57,6 @@
SyntaxHighlighting SyntaxHighlighting
) )
@ -10,18 +10,18 @@
ecm_find_qmlmodule(org.kde.kirigami 2.19) ecm_find_qmlmodule(org.kde.kirigami 2.19)
ecm_find_qmlmodule(org.kde.kitemmodels 1.0) ecm_find_qmlmodule(org.kde.kitemmodels 1.0)
ecm_find_qmlmodule(org.kde.kcm 1.6) ecm_find_qmlmodule(org.kde.kcm 1.6)
--- ./src/CMakeLists.txt.orig 2022-10-26 04:55:17.000000000 -0500 --- ./src/CMakeLists.txt.orig 2023-02-14 16:05:41.083008231 -0600
+++ ./src/CMakeLists.txt 2022-10-26 12:58:31.870100035 -0500 +++ ./src/CMakeLists.txt 2023-02-14 16:05:55.423007438 -0600
@@ -103,7 +103,6 @@ @@ -103,7 +103,6 @@
KF5::SyntaxHighlighting # Backtrace Highlighting
drkonqi_backtrace_parser drkonqi_backtrace_parser
qbugzilla qbugzilla
KF5::Declarative
- KUserFeedbackCore - KUserFeedbackCore
) )
if(Systemd_FOUND) if(Systemd_FOUND)
--- ./src/bugzillaintegration/reportinterface.cpp.orig 2022-10-26 04:55:17.000000000 -0500 --- ./src/bugzillaintegration/reportinterface.cpp.orig 2023-02-09 05:58:46.000000000 -0600
+++ ./src/bugzillaintegration/reportinterface.cpp 2022-10-26 13:00:27.065102612 -0500 +++ ./src/bugzillaintegration/reportinterface.cpp 2023-02-14 16:05:41.083008231 -0600
@@ -14,7 +14,6 @@ @@ -14,7 +14,6 @@
#include <KIO/TransferJob> #include <KIO/TransferJob>

38
source/kde/kde/patch/plasma-workspace/0001-Revert-No-icons-on-the-desktop-by-default.patch
View file

@ -8,25 +8,14 @@ This reverts commit 240d0d6fe1e5db88e304199339396bd48c23e130.
We want those icons in openSUSE. They've always been there and there is no We want those icons in openSUSE. They've always been there and there is no
reason not to have them. reason not to have them.
--- ---
kioslave/desktop/CMakeLists.txt | 1 + kioworkers/desktop/CMakeLists.txt | 1 +
kioslave/desktop/Home.desktop | 88 ++++++++++++++++++++++++++++++++++++++++ kioworkers/desktop/Home.desktop | 88 ++++++++++++++++++++++++++++++++++++++++
kioslave/desktop/kio_desktop.cpp | 4 ++ kioworkers/desktop/kio_desktop.cpp | 4 ++
3 files changed, 93 insertions(+) 3 files changed, 93 insertions(+)
create mode 100644 kioslave/desktop/Home.desktop create mode 100644 kioworkers/desktop/Home.desktop
Index: plasma-workspace-5.17.80git.20210531T011335~40d302afe/kioslave/desktop/CMakeLists.txt --- ./kioworkers/desktop/Home.desktop.orig 2023-02-14 12:08:58.205793836 -0600
=================================================================== +++ ./kioworkers/desktop/Home.desktop 2023-02-14 12:08:58.205793836 -0600
--- plasma-workspace-5.17.80git.20210531T011335~40d302afe.orig/kioslave/desktop/CMakeLists.txt 2021-05-31 03:13:35.000000000 +0200
+++ plasma-workspace-5.17.80git.20210531T011335~40d302afe/kioslave/desktop/CMakeLists.txt 2021-05-31 06:59:47.519362944 +0200
@@ -31,3 +31,4 @@
########### install files ###############
install(FILES directory.desktop directory.trash DESTINATION ${KDE_INSTALL_DATADIR}/kio_desktop)
+install(FILES Home.desktop DESTINATION ${KDE_INSTALL_DATADIR}/kio_desktop/DesktopLinks)
Index: plasma-workspace-5.17.80git.20210531T011335~40d302afe/kioslave/desktop/Home.desktop
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ plasma-workspace-5.17.80git.20210531T011335~40d302afe/kioslave/desktop/Home.desktop 2021-05-31 06:59:47.519362944 +0200
@@ -0,0 +1,88 @@ @@ -0,0 +1,88 @@
+[Desktop Entry] +[Desktop Entry]
+Encoding=UTF-8 +Encoding=UTF-8
@ -116,11 +105,16 @@ Index: plasma-workspace-5.17.80git.20210531T011335~40d302afe/kioslave/desktop/Ho
+Icon=user-home +Icon=user-home
+Type=Link +Type=Link
+ +
Index: plasma-workspace-5.17.80git.20210531T011335~40d302afe/kioslave/desktop/kio_desktop.cpp --- ./kioworkers/desktop/CMakeLists.txt.orig 2023-02-13 10:02:12.000000000 -0600
=================================================================== +++ ./kioworkers/desktop/CMakeLists.txt 2023-02-14 12:08:58.205793836 -0600
--- plasma-workspace-5.17.80git.20210531T011335~40d302afe.orig/kioslave/desktop/kio_desktop.cpp 2021-05-31 03:13:35.000000000 +0200 @@ -24,3 +24,4 @@
+++ plasma-workspace-5.17.80git.20210531T011335~40d302afe/kioslave/desktop/kio_desktop.cpp 2021-05-31 06:59:47.519362944 +0200 ########### install files ###############
@@ -90,6 +90,10 @@
install(FILES directory.desktop directory.trash DESTINATION ${KDE_INSTALL_DATADIR}/kio_desktop)
+install(FILES Home.desktop DESTINATION ${KDE_INSTALL_DATADIR}/kio_desktop/DesktopLinks)
--- ./kioworkers/desktop/kio_desktop.cpp.orig 2023-02-13 10:02:12.000000000 -0600
+++ ./kioworkers/desktop/kio_desktop.cpp 2023-02-14 12:08:58.205793836 -0600
@@ -76,6 +76,10 @@
// Copy the .directory file // Copy the .directory file
QFile::copy(QStandardPaths::locate(QStandardPaths::GenericDataLocation, QStringLiteral("kio_desktop/directory.desktop")), desktopPath + "/.directory"); QFile::copy(QStandardPaths::locate(QStandardPaths::GenericDataLocation, QStringLiteral("kio_desktop/directory.desktop")), desktopPath + "/.directory");

1
source/l/mozjs102/mozjs102.SlackBuild
View file

@ -99,7 +99,6 @@ zcat $CWD/patches/icu_sources_data.py-Decouple-from-Mozilla-build-system.patch.g
zcat $CWD/patches/icu_sources_data-Write-command-output-to-our-stderr.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/patches/icu_sources_data-Write-command-output-to-our-stderr.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/emitter.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/patches/emitter.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/init_patch.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/patches/init_patch.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/0001-Python-Build-Use-r-instead-of-rU-file-read-modes.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/0001-Skip-failing-tests-on-ppc64-and-s390x.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/patches/0001-Skip-failing-tests-on-ppc64-and-s390x.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/remove-sloppy-m4-detection-from-bundled-autoconf.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/patches/remove-sloppy-m4-detection-from-bundled-autoconf.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/spidermonkey_checks_disable.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/patches/spidermonkey_checks_disable.patch.gz | patch -p1 --verbose || exit 1

109
source/l/mozjs102/patches/0001-Python-Build-Use-r-instead-of-rU-file-read-modes.patch
View file

@ -1,109 +0,0 @@
From 0e790bd2eb846e90495eb81952cf35cc7fc8766a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Franti=C5=A1ek=20Zatloukal?= <fzatlouk@redhat.com>
Date: Mon, 27 Jun 2022 19:55:16 +0100
Subject: [PATCH] Python/Build: Use r instead of rU file read modes
Fixes Python 3.11 build
---
python/mozbuild/mozbuild/action/process_define_files.py | 2 +-
python/mozbuild/mozbuild/backend/base.py | 2 +-
python/mozbuild/mozbuild/preprocessor.py | 6 +++---
python/mozbuild/mozbuild/util.py | 4 ++--
python/mozbuild/mozpack/files.py | 4 ++--
5 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/python/mozbuild/mozbuild/action/process_define_files.py b/python/mozbuild/mozbuild/action/process_define_files.py
index f1d401a..aca59d0 100644
--- a/python/mozbuild/mozbuild/action/process_define_files.py
+++ b/python/mozbuild/mozbuild/action/process_define_files.py
@@ -36,7 +36,7 @@ def process_define_file(output, input):
) and not config.substs.get("JS_STANDALONE"):
config = PartialConfigEnvironment(mozpath.join(topobjdir, "js", "src"))
- with open(path, "rU") as input:
+ with open(path, "r") as input:
r = re.compile(
"^\s*#\s*(?P<cmd>[a-z]+)(?:\s+(?P<name>\S+)(?:\s+(?P<value>\S+))?)?", re.U
)
diff --git a/python/mozbuild/mozbuild/backend/base.py b/python/mozbuild/mozbuild/backend/base.py
index 7bc1986..b64a709 100644
--- a/python/mozbuild/mozbuild/backend/base.py
+++ b/python/mozbuild/mozbuild/backend/base.py
@@ -272,7 +272,7 @@ class BuildBackend(LoggingMixin):
return status
@contextmanager
- def _write_file(self, path=None, fh=None, readmode="rU"):
+ def _write_file(self, path=None, fh=None, readmode="r"):
"""Context manager to write a file.
This is a glorified wrapper around FileAvoidWrite with integration to
diff --git a/python/mozbuild/mozbuild/preprocessor.py b/python/mozbuild/mozbuild/preprocessor.py
index f7820b9..857f1a6 100644
--- a/python/mozbuild/mozbuild/preprocessor.py
+++ b/python/mozbuild/mozbuild/preprocessor.py
@@ -531,7 +531,7 @@ class Preprocessor:
if args:
for f in args:
- with io.open(f, "rU", encoding="utf-8") as input:
+ with io.open(f, "r", encoding="utf-8") as input:
self.processFile(input=input, output=out)
if depfile:
mk = Makefile()
@@ -860,7 +860,7 @@ class Preprocessor:
args = self.applyFilters(args)
if not os.path.isabs(args):
args = os.path.join(self.curdir, args)
- args = io.open(args, "rU", encoding="utf-8")
+ args = io.open(args, "r", encoding="utf-8")
except Preprocessor.Error:
raise
except Exception:
@@ -914,7 +914,7 @@ class Preprocessor:
def preprocess(includes=[sys.stdin], defines={}, output=sys.stdout, marker="#"):
pp = Preprocessor(defines=defines, marker=marker)
for f in includes:
- with io.open(f, "rU", encoding="utf-8") as input:
+ with io.open(f, "r", encoding="utf-8") as input:
pp.processFile(input=input, output=output)
return pp.includes
diff --git a/python/mozbuild/mozbuild/util.py b/python/mozbuild/mozbuild/util.py
index 071daec..b59aabb 100644
--- a/python/mozbuild/mozbuild/util.py
+++ b/python/mozbuild/mozbuild/util.py
@@ -236,7 +236,7 @@ class FileAvoidWrite(BytesIO):
still occur, as well as diff capture if requested.
"""
- def __init__(self, filename, capture_diff=False, dry_run=False, readmode="rU"):
+ def __init__(self, filename, capture_diff=False, dry_run=False, readmode="r"):
BytesIO.__init__(self)
self.name = filename
assert type(capture_diff) == bool
diff --git a/python/mozbuild/mozpack/files.py b/python/mozbuild/mozpack/files.py
index 8150e72..001c497 100644
--- a/python/mozbuild/mozpack/files.py
+++ b/python/mozbuild/mozpack/files.py
@@ -554,7 +554,7 @@ class PreprocessedFile(BaseFile):
pp = Preprocessor(defines=self.defines, marker=self.marker)
pp.setSilenceDirectiveWarnings(self.silence_missing_directive_warnings)
- with _open(self.path, "rU") as input:
+ with _open(self.path, "r") as input:
with _open(os.devnull, "w") as output:
pp.processFile(input=input, output=output)
@@ -611,7 +611,7 @@ class PreprocessedFile(BaseFile):
pp = Preprocessor(defines=self.defines, marker=self.marker)
pp.setSilenceDirectiveWarnings(self.silence_missing_directive_warnings)
- with _open(self.path, "rU") as input:
+ with _open(self.path, "r") as input:
pp.processFile(input=input, output=dest, depfile=deps_out)
dest.close()
--
2.36.1

142
source/n/php/CVE-2023-0567.patch Normal file
View file

@ -0,0 +1,142 @@
From 7882d12ff2d8d8c5a4af821464e0a5ac2cde2002 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tim=20D=C3=BCsterhus?= <tim@bastelstu.be>
Date: Mon, 23 Jan 2023 21:15:24 +0100
Subject: [PATCH] crypt: Fix validation of malformed BCrypt hashes
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
PHPs implementation of crypt_blowfish differs from the upstream Openwall
version by adding a “PHP Hack”, which allows one to cut short the BCrypt salt
by including a `$` character within the characters that represent the salt.
Hashes that are affected by the “PHP Hack” may erroneously validate any
password as valid when used with `password_verify` and when comparing the
return value of `crypt()` against the input.
The PHP Hack exists since the first version of PHPs own crypt_blowfish
implementation that was added in 1e820eca02dcf322b41fd2fe4ed2a6b8309f8ab5.
No clear reason is given for the PHP Hacks existence. This commit removes it,
because BCrypt hashes containing a `$` character in their salt are not valid
BCrypt hashes.
---
ext/standard/crypt_blowfish.c | 8 --
.../tests/crypt/bcrypt_salt_dollar.phpt | 82 +++++++++++++++++++
2 files changed, 82 insertions(+), 8 deletions(-)
create mode 100644 ext/standard/tests/crypt/bcrypt_salt_dollar.phpt
diff --git a/ext/standard/crypt_blowfish.c b/ext/standard/crypt_blowfish.c
index 3806a290aee4..351d40308089 100644
--- a/ext/standard/crypt_blowfish.c
+++ b/ext/standard/crypt_blowfish.c
@@ -371,7 +371,6 @@ static const unsigned char BF_atoi64[0x60] = {
#define BF_safe_atoi64(dst, src) \
{ \
tmp = (unsigned char)(src); \
- if (tmp == '$') break; /* PHP hack */ \
if ((unsigned int)(tmp -= 0x20) >= 0x60) return -1; \
tmp = BF_atoi64[tmp]; \
if (tmp > 63) return -1; \
@@ -399,13 +398,6 @@ static int BF_decode(BF_word *dst, const char *src, int size)
*dptr++ = ((c3 & 0x03) << 6) | c4;
} while (dptr < end);
- if (end - dptr == size) {
- return -1;
- }
-
- while (dptr < end) /* PHP hack */
- *dptr++ = 0;
-
return 0;
}
diff --git a/ext/standard/tests/crypt/bcrypt_salt_dollar.phpt b/ext/standard/tests/crypt/bcrypt_salt_dollar.phpt
new file mode 100644
index 000000000000..32e335f4b087
--- /dev/null
+++ b/ext/standard/tests/crypt/bcrypt_salt_dollar.phpt
@@ -0,0 +1,82 @@
+--TEST--
+bcrypt correctly rejects salts containing $
+--FILE--
+<?php
+for ($i = 0; $i < 23; $i++) {
+ $salt = '$2y$04$' . str_repeat('0', $i) . '$';
+ $result = crypt("foo", $salt);
+ var_dump($salt);
+ var_dump($result);
+ var_dump($result === $salt);
+}
+?>
+--EXPECT--
+string(8) "$2y$04$$"
+string(2) "*0"
+bool(false)
+string(9) "$2y$04$0$"
+string(2) "*0"
+bool(false)
+string(10) "$2y$04$00$"
+string(2) "*0"
+bool(false)
+string(11) "$2y$04$000$"
+string(2) "*0"
+bool(false)
+string(12) "$2y$04$0000$"
+string(2) "*0"
+bool(false)
+string(13) "$2y$04$00000$"
+string(2) "*0"
+bool(false)
+string(14) "$2y$04$000000$"
+string(2) "*0"
+bool(false)
+string(15) "$2y$04$0000000$"
+string(2) "*0"
+bool(false)
+string(16) "$2y$04$00000000$"
+string(2) "*0"
+bool(false)
+string(17) "$2y$04$000000000$"
+string(2) "*0"
+bool(false)
+string(18) "$2y$04$0000000000$"
+string(2) "*0"
+bool(false)
+string(19) "$2y$04$00000000000$"
+string(2) "*0"
+bool(false)
+string(20) "$2y$04$000000000000$"
+string(2) "*0"
+bool(false)
+string(21) "$2y$04$0000000000000$"
+string(2) "*0"
+bool(false)
+string(22) "$2y$04$00000000000000$"
+string(2) "*0"
+bool(false)
+string(23) "$2y$04$000000000000000$"
+string(2) "*0"
+bool(false)
+string(24) "$2y$04$0000000000000000$"
+string(2) "*0"
+bool(false)
+string(25) "$2y$04$00000000000000000$"
+string(2) "*0"
+bool(false)
+string(26) "$2y$04$000000000000000000$"
+string(2) "*0"
+bool(false)
+string(27) "$2y$04$0000000000000000000$"
+string(2) "*0"
+bool(false)
+string(28) "$2y$04$00000000000000000000$"
+string(2) "*0"
+bool(false)
+string(29) "$2y$04$000000000000000000000$"
+string(2) "*0"
+bool(false)
+string(30) "$2y$04$0000000000000000000000$"
+string(60) "$2y$04$000000000000000000000u2a2UpVexIt9k3FMJeAVr3c04F5tcI8K"
+bool(false)

62
source/n/php/CVE-2023-0568.patch Normal file
View file

@ -0,0 +1,62 @@
From c0fceebfa195b8e56a7108cb731b5ea7afbef70c Mon Sep 17 00:00:00 2001
From: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
Date: Fri, 27 Jan 2023 19:28:27 +0100
Subject: [PATCH] Fix array overrun when appending slash to paths
Fix it by extending the array sizes by one character. As the input is
limited to the maximum path length, there will always be place to append
the slash. As the php_check_specific_open_basedir() simply uses the
strings to compare against each other, no new failures related to too
long paths are introduced.
We'll let the DOM and XML case handle a potentially too long path in the
library code.
---
ext/dom/document.c | 2 +-
ext/xmlreader/php_xmlreader.c | 2 +-
main/fopen_wrappers.c | 6 +++---
3 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/ext/dom/document.c b/ext/dom/document.c
index 4dee5548f188..c60198a3be11 100644
--- a/ext/dom/document.c
+++ b/ext/dom/document.c
@@ -1182,7 +1182,7 @@ static xmlDocPtr dom_document_parser(zval *id, int mode, char *source, size_t so
int validate, recover, resolve_externals, keep_blanks, substitute_ent;
int resolved_path_len;
int old_error_reporting = 0;
- char *directory=NULL, resolved_path[MAXPATHLEN];
+ char *directory=NULL, resolved_path[MAXPATHLEN + 1];
if (id != NULL) {
intern = Z_DOMOBJ_P(id);
diff --git a/ext/xmlreader/php_xmlreader.c b/ext/xmlreader/php_xmlreader.c
index c17884d960cb..39141c8c1223 100644
--- a/ext/xmlreader/php_xmlreader.c
+++ b/ext/xmlreader/php_xmlreader.c
@@ -1017,7 +1017,7 @@ PHP_METHOD(XMLReader, XML)
xmlreader_object *intern = NULL;
char *source, *uri = NULL, *encoding = NULL;
int resolved_path_len, ret = 0;
- char *directory=NULL, resolved_path[MAXPATHLEN];
+ char *directory=NULL, resolved_path[MAXPATHLEN + 1];
xmlParserInputBufferPtr inputbfr;
xmlTextReaderPtr reader;
diff --git a/main/fopen_wrappers.c b/main/fopen_wrappers.c
index f6ce26e104be..12cc9c8b10c0 100644
--- a/main/fopen_wrappers.c
+++ b/main/fopen_wrappers.c
@@ -129,10 +129,10 @@ PHPAPI ZEND_INI_MH(OnUpdateBaseDir)
*/
PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path)
{
- char resolved_name[MAXPATHLEN];
- char resolved_basedir[MAXPATHLEN];
+ char resolved_name[MAXPATHLEN + 1];
+ char resolved_basedir[MAXPATHLEN + 1];
char local_open_basedir[MAXPATHLEN];
- char path_tmp[MAXPATHLEN];
+ char path_tmp[MAXPATHLEN + 1];
char *path_file;
size_t resolved_basedir_len;
size_t resolved_name_len;

411
source/n/php/CVE-2023-0662.patch Normal file
View file

@ -0,0 +1,411 @@
From 716de0cff539f46294ef70fe75d548cd66766370 Mon Sep 17 00:00:00 2001
From: Jakub Zelenka <bukka@php.net>
Date: Thu, 19 Jan 2023 14:31:25 +0000
Subject: [PATCH] Introduce max_multipart_body_parts INI
This fixes GHSA-54hq-v5wp-fqgv DOS vulnerabality by limitting number of
parsed multipart body parts as currently all parts were always parsed.
---
main/main.c | 1 +
main/rfc1867.c | 11 ++
...-54hq-v5wp-fqgv-max-body-parts-custom.phpt | 53 +++++++++
...54hq-v5wp-fqgv-max-body-parts-default.phpt | 54 +++++++++
.../ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt | 52 +++++++++
sapi/fpm/tests/tester.inc | 106 +++++++++++++++---
6 files changed, 262 insertions(+), 15 deletions(-)
create mode 100644 sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt
create mode 100644 sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-default.phpt
create mode 100644 sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt
diff --git a/main/main.c b/main/main.c
index 40684f32dc14..c58ea58bf5ac 100644
--- a/main/main.c
+++ b/main/main.c
@@ -751,6 +751,7 @@ PHP_INI_BEGIN()
PHP_INI_ENTRY("disable_functions", "", PHP_INI_SYSTEM, NULL)
PHP_INI_ENTRY("disable_classes", "", PHP_INI_SYSTEM, NULL)
PHP_INI_ENTRY("max_file_uploads", "20", PHP_INI_SYSTEM|PHP_INI_PERDIR, NULL)
+ PHP_INI_ENTRY("max_multipart_body_parts", "-1", PHP_INI_SYSTEM|PHP_INI_PERDIR, NULL)
STD_PHP_INI_BOOLEAN("allow_url_fopen", "1", PHP_INI_SYSTEM, OnUpdateBool, allow_url_fopen, php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("allow_url_include", "0", PHP_INI_SYSTEM, OnUpdateBool, allow_url_include, php_core_globals, core_globals)
diff --git a/main/rfc1867.c b/main/rfc1867.c
index b43cfae5a1e2..3086e8da3dbe 100644
--- a/main/rfc1867.c
+++ b/main/rfc1867.c
@@ -687,6 +687,7 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */
void *event_extra_data = NULL;
unsigned int llen = 0;
int upload_cnt = INI_INT("max_file_uploads");
+ int body_parts_cnt = INI_INT("max_multipart_body_parts");
const zend_encoding *internal_encoding = zend_multibyte_get_internal_encoding();
php_rfc1867_getword_t getword;
php_rfc1867_getword_conf_t getword_conf;
@@ -708,6 +709,11 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */
return;
}
+ if (body_parts_cnt < 0) {
+ body_parts_cnt = PG(max_input_vars) + upload_cnt;
+ }
+ int body_parts_limit = body_parts_cnt;
+
/* Get the boundary */
boundary = strstr(content_type_dup, "boundary");
if (!boundary) {
@@ -792,6 +798,11 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */
char *pair = NULL;
int end = 0;
+ if (--body_parts_cnt < 0) {
+ php_error_docref(NULL, E_WARNING, "Multipart body parts limit exceeded %d. To increase the limit change max_multipart_body_parts in php.ini.", body_parts_limit);
+ goto fileupload_done;
+ }
+
while (isspace(*cd)) {
++cd;
}
#diff --git a/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt
#new file mode 100644
#index 000000000000..d2239ac3c410
#--- /dev/null
#+++ b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt
#@@ -0,0 +1,53 @@
#+--TEST--
#+FPM: GHSA-54hq-v5wp-fqgv - max_multipart_body_parts ini custom value
#+--SKIPIF--
#+<?php include "skipif.inc"; ?>
#+--FILE--
#+<?php
#+
#+require_once "tester.inc";
#+
#+$cfg = <<<EOT
#+[global]
#+error_log = {{FILE:LOG}}
#+[unconfined]
#+listen = {{ADDR}}
#+pm = dynamic
#+pm.max_children = 5
#+pm.start_servers = 1
#+pm.min_spare_servers = 1
#+pm.max_spare_servers = 3
#+php_admin_value[html_errors] = false
#+php_admin_value[max_input_vars] = 20
#+php_admin_value[max_file_uploads] = 5
#+php_admin_value[max_multipart_body_parts] = 10
#+php_flag[display_errors] = On
#+EOT;
#+
#+$code = <<<EOT
#+<?php
#+var_dump(count(\$_POST));
#+EOT;
#+
#+$tester = new FPM\Tester($cfg, $code);
#+$tester->start();
#+$tester->expectLogStartNotices();
#+echo $tester
#+ ->request(stdin: [
#+ 'parts' => [
#+ 'count' => 30,
#+ ]
#+ ])
#+ ->getBody();
#+$tester->terminate();
#+$tester->close();
#+
#+?>
#+--EXPECT--
#+Warning: Unknown: Multipart body parts limit exceeded 10. To increase the limit change max_multipart_body_parts in php.ini. in Unknown on line 0
#+int(10)
#+--CLEAN--
#+<?php
#+require_once "tester.inc";
#+FPM\Tester::clean();
#+?>
#diff --git a/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-default.phpt b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-default.phpt
#new file mode 100644
#index 000000000000..42b5afbf9ee7
#--- /dev/null
#+++ b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-default.phpt
#@@ -0,0 +1,54 @@
#+--TEST--
#+FPM: GHSA-54hq-v5wp-fqgv - max_multipart_body_parts ini default
#+--SKIPIF--
#+<?php include "skipif.inc"; ?>
#+--FILE--
#+<?php
#+
#+require_once "tester.inc";
#+
#+$cfg = <<<EOT
#+[global]
#+error_log = {{FILE:LOG}}
#+[unconfined]
#+listen = {{ADDR}}
#+pm = dynamic
#+pm.max_children = 5
#+pm.start_servers = 1
#+pm.min_spare_servers = 1
#+pm.max_spare_servers = 3
#+php_admin_value[html_errors] = false
#+php_admin_value[max_input_vars] = 20
#+php_admin_value[max_file_uploads] = 5
#+php_flag[display_errors] = On
#+EOT;
#+
#+$code = <<<EOT
#+<?php
#+var_dump(count(\$_POST));
#+EOT;
#+
#+$tester = new FPM\Tester($cfg, $code);
#+$tester->start();
#+$tester->expectLogStartNotices();
#+echo $tester
#+ ->request(stdin: [
#+ 'parts' => [
#+ 'count' => 30,
#+ ]
#+ ])
#+ ->getBody();
#+$tester->terminate();
#+$tester->close();
#+
#+?>
#+--EXPECT--
#+Warning: Unknown: Input variables exceeded 20. To increase the limit change max_input_vars in php.ini. in Unknown on line 0
#+
#+Warning: Unknown: Multipart body parts limit exceeded 25. To increase the limit change max_multipart_body_parts in php.ini. in Unknown on line 0
#+int(20)
#+--CLEAN--
#+<?php
#+require_once "tester.inc";
#+FPM\Tester::clean();
#+?>
#diff --git a/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt
#new file mode 100644
#index 000000000000..da81174c7280
#--- /dev/null
#+++ b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt
#@@ -0,0 +1,52 @@
#+--TEST--
#+FPM: GHSA-54hq-v5wp-fqgv - exceeding max_file_uploads
#+--SKIPIF--
#+<?php include "skipif.inc"; ?>
#+--FILE--
#+<?php
#+
#+require_once "tester.inc";
#+
#+$cfg = <<<EOT
#+[global]
#+error_log = {{FILE:LOG}}
#+[unconfined]
#+listen = {{ADDR}}
#+pm = dynamic
#+pm.max_children = 5
#+pm.start_servers = 1
#+pm.min_spare_servers = 1
#+pm.max_spare_servers = 3
#+php_admin_value[html_errors] = false
#+php_admin_value[max_file_uploads] = 5
#+php_flag[display_errors] = On
#+EOT;
#+
#+$code = <<<EOT
#+<?php
#+var_dump(count(\$_FILES));
#+EOT;
#+
#+$tester = new FPM\Tester($cfg, $code);
#+$tester->start();
#+$tester->expectLogStartNotices();
#+echo $tester
#+ ->request(stdin: [
#+ 'parts' => [
#+ 'count' => 10,
#+ 'param' => 'filename'
#+ ]
#+ ])
#+ ->getBody();
#+$tester->terminate();
#+$tester->close();
#+
#+?>
#+--EXPECT--
#+Warning: Maximum number of allowable file uploads has been exceeded in Unknown on line 0
#+int(5)
#+--CLEAN--
#+<?php
#+require_once "tester.inc";
#+FPM\Tester::clean();
#+?>
##diff --git a/sapi/fpm/tests/tester.inc b/sapi/fpm/tests/tester.inc
##index 6197cdba53f5..e51aa0f69143 100644
##--- a/sapi/fpm/tests/tester.inc
##+++ b/sapi/fpm/tests/tester.inc
#@@ -567,13 +567,17 @@ class Tester
# * @param string $query
# * @param array $headers
# * @param string|null $uri
#+ * @param string|null $scriptFilename
#+ * @param string|null $stdin
# *
# * @return array
# */
# private function getRequestParams(
# string $query = '',
# array $headers = [],
#- string $uri = null
#+ string $uri = null,
#+ string $scriptFilename = null,
#+ ?string $stdin = null
# ): array {
# if (is_null($uri)) {
# $uri = $this->makeSourceFile();
3@@ -582,8 +586,8 @@ class Tester
# $params = array_merge(
# [
# 'GATEWAY_INTERFACE' => 'FastCGI/1.0',
#- 'REQUEST_METHOD' => 'GET',
#- 'SCRIPT_FILENAME' => $uri,
#+ 'REQUEST_METHOD' => is_null($stdin) ? 'GET' : 'POST',
#+ 'SCRIPT_FILENAME' => $scriptFilename ?: $uri,
# 'SCRIPT_NAME' => $uri,
# 'QUERY_STRING' => $query,
# 'REQUEST_URI' => $uri . ($query ? '?' . $query : ""),
#@@ -597,7 +601,7 @@ class Tester
# 'SERVER_PROTOCOL' => 'HTTP/1.1',
# 'DOCUMENT_ROOT' => __DIR__,
# 'CONTENT_TYPE' => '',
#- 'CONTENT_LENGTH' => 0
#+ 'CONTENT_LENGTH' => strlen($stdin ?? "") // Default to 0
# ],
# $headers
# );
#@@ -607,20 +611,86 @@ class Tester
# });
# }
#
#+ /**
#+ * Parse stdin and generate data for multipart config.
#+ *
#+ * @param array $stdin
#+ * @param array $headers
#+ *
#+ * @return void
#+ * @throws \Exception
#+ */
#+ private function parseStdin(array $stdin, array &$headers)
#+ {
#+ $parts = $stdin['parts'] ?? null;
#+ if (empty($parts)) {
#+ throw new \Exception('The stdin array needs to contain parts');
#+ }
#+ $boundary = $stdin['boundary'] ?? 'AaB03x';
#+ if ( ! isset($headers['CONTENT_TYPE'])) {
#+ $headers['CONTENT_TYPE'] = 'multipart/form-data; boundary=' . $boundary;
#+ }
#+ $count = $parts['count'] ?? null;
#+ if ( ! is_null($count)) {
#+ $dispositionType = $parts['disposition'] ?? 'form-data';
#+ $dispositionParam = $parts['param'] ?? 'name';
#+ $namePrefix = $parts['prefix'] ?? 'f';
#+ $nameSuffix = $parts['suffix'] ?? '';
#+ $value = $parts['value'] ?? 'test';
#+ $parts = [];
#+ for ($i = 0; $i < $count; $i++) {
#+ $parts[] = [
#+ 'disposition' => $dispositionType,
#+ 'param' => $dispositionParam,
#+ 'name' => "$namePrefix$i$nameSuffix",
#+ 'value' => $value
#+ ];
#+ }
#+ }
#+ $out = '';
#+ $nl = "\r\n";
#+ foreach ($parts as $part) {
#+ if (!is_array($part)) {
#+ $part = ['name' => $part];
#+ } elseif ( ! isset($part['name'])) {
#+ throw new \Exception('Each part has to have a name');
#+ }
#+ $name = $part['name'];
#+ $dispositionType = $part['disposition'] ?? 'form-data';
#+ $dispositionParam = $part['param'] ?? 'name';
#+ $value = $part['value'] ?? 'test';
#+ $partHeaders = $part['headers'] ?? [];
#+
#+ $out .= "--$boundary$nl";
#+ $out .= "Content-disposition: $dispositionType; $dispositionParam=\"$name\"$nl";
#+ foreach ($partHeaders as $headerName => $headerValue) {
#+ $out .= "$headerName: $headerValue$nl";
#+ }
#+ $out .= $nl;
#+ $out .= "$value$nl";
#+ }
#+ $out .= "--$boundary--$nl";
#+
#+ return $out;
#+ }
#+
# /**
# * Execute request.
# *
#- * @param string $query
#- * @param array $headers
#- * @param string|null $uri
#- * @param string|null $address
#- * @param string|null $successMessage
#- * @param string|null $errorMessage
#- * @param bool $connKeepAlive
#- * @param bool $expectError
#- * @param int $readLimit
#+ * @param string $query
#+ * @param array $headers
#+ * @param string|null $uri
#+ * @param string|null $address
#+ * @param string|null $successMessage
#+ * @param string|null $errorMessage
#+ * @param bool $connKeepAlive
#+ * @param string|null $scriptFilename = null
#+ * @param string|array|null $stdin = null
#+ * @param bool $expectError
#+ * @param int $readLimit
# *
# * @return Response
#+ * @throws \Exception
# */
# public function request(
# string $query = '',
#@@ -630,6 +700,8 @@ class Tester
# string $successMessage = null,
# string $errorMessage = null,
# bool $connKeepAlive = false,
#+ string $scriptFilename = null,
#+ string|array $stdin = null,
# bool $expectError = false,
# int $readLimit = -1,
# ): Response {
#@@ -637,12 +709,16 @@ class Tester
# return new Response(null, true);
# }
#
#- $params = $this->getRequestParams($query, $headers, $uri);
#+ if (is_array($stdin)) {
#+ $stdin = $this->parseStdin($stdin, $headers);
#+ }
#+
#+ $params = $this->getRequestParams($query, $headers, $uri, $scriptFilename, $stdin);
# $this->trace('Request params', $params);
#
# try {
# $this->response = new Response(
#- $this->getClient($address, $connKeepAlive)->request_data($params, false, $readLimit)
#+ $this->getClient($address, $connKeepAlive)->request_data($params, $stdin, $readLimit)
# );
# if ($expectError) {
# $this->error('Expected request error but the request was successful');

5
source/n/php/php.SlackBuild
View file

@ -28,7 +28,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=php PKGNAM=php
VERSION=${VERSION:-$(echo php-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} VERSION=${VERSION:-$(echo php-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
ALPINE=2.26 ALPINE=2.26
BUILD=${BUILD:-2} BUILD=${BUILD:-3}
# Automatically determine the architecture we're building on: # Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then if [ -z "$ARCH" ]; then
@ -128,6 +128,9 @@ tar xvf $CWD/php-$VERSION.tar.xz || exit 1
cd php-$VERSION || exit 1 cd php-$VERSION || exit 1
zcat $CWD/CVE-2022-31631.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/CVE-2022-31631.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/CVE-2023-0567.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/CVE-2023-0568.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/CVE-2023-0662.patch.gz | patch -p1 --verbose || exit 1
# cleanup: # cleanup:
find . -name "*.orig" -delete find . -name "*.orig" -delete

4
source/x/FTBFSlog
View file

@ -1,3 +1,7 @@
Tue Feb 14 20:48:58 UTC 2023
vulkan-sdk: Patched VulkanTools to fix warning/error about uninitialized
variables. Thanks to lucabon.
+--------------------------+
Sat Oct 15 19:21:06 UTC 2022 Sat Oct 15 19:21:06 UTC 2022
x11/xdm: Fixed the arc4random patch. Thanks to nobodino. x11/xdm: Fixed the arc4random patch. Thanks to nobodino.
+--------------------------+ +--------------------------+

38
source/x/vulkan-sdk/VulkanTools-sdk.gcc12.diff Normal file
View file

@ -0,0 +1,38 @@
--- ./submodules/jsoncpp/src/lib_json/json_reader.cpp.orig 2022-03-06 13:14:43.000000000 -0600
+++ ./submodules/jsoncpp/src/lib_json/json_reader.cpp 2023-02-14 14:46:31.107270967 -0600
@@ -212,7 +212,7 @@
break;
case tokenNull:
{
- Value v;
+ Value v(0);
currentValue().swapPayload(v);
currentValue().setOffsetStart(token.start_ - begin_);
currentValue().setOffsetLimit(token.end_ - begin_);
@@ -225,7 +225,7 @@
// "Un-read" the current token and mark the current value as a null
// token.
current_--;
- Value v;
+ Value v(0);
currentValue().swapPayload(v);
currentValue().setOffsetStart(current_ - begin_ - 1);
currentValue().setOffsetLimit(current_ - begin_);
@@ -1134,7 +1134,7 @@
break;
case tokenNull:
{
- Value v;
+ Value v(0);
currentValue().swapPayload(v);
currentValue().setOffsetStart(token.start_ - begin_);
currentValue().setOffsetLimit(token.end_ - begin_);
@@ -1171,7 +1171,7 @@
// "Un-read" the current token and mark the current value as a null
// token.
current_--;
- Value v;
+ Value v(0);
currentValue().swapPayload(v);
currentValue().setOffsetStart(current_ - begin_ - 1);
currentValue().setOffsetLimit(current_ - begin_);

5
source/x/vulkan-sdk/vulkan-sdk.SlackBuild
View file

@ -2,7 +2,7 @@
# Slackware build script for vulkan-sdk # Slackware build script for vulkan-sdk
# Copyright 2016, 2017, 2018, 2020, 2021, 2022 Patrick J. Volkerding, Sebeka, MN, USA # Copyright 2016, 2017, 2018, 2020, 2021, 2022, 2023 Patrick J. Volkerding, Sebeka, MN, USA
# All rights reserved. # All rights reserved.
# #
# Redistribution and use of this script, with or without modification, is # Redistribution and use of this script, with or without modification, is
@ -355,6 +355,9 @@ cd $TMP
tar xvf $CWD/VulkanTools-sdk-$VULKANTOOLS_VERSION.tar.?z || exit 1 tar xvf $CWD/VulkanTools-sdk-$VULKANTOOLS_VERSION.tar.?z || exit 1
cd $TMP/VulkanTools-sdk-$VULKANTOOLS_VERSION cd $TMP/VulkanTools-sdk-$VULKANTOOLS_VERSION
# Fix warning/error on gcc12 about uninitialized variables:
zcat $CWD/VulkanTools-sdk.gcc12.diff.gz | patch -p1 --verbose || exit 1
chown -R root:root . chown -R root:root .
find . \ find . \
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \

8
testing/source/rust/rust.SlackBuild
View file

@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=rust PKGNAM=rust
SRCNAM="${PKGNAM}c" SRCNAM="${PKGNAM}c"
VERSION=${VERSION:-1.66.1} VERSION=${VERSION:-1.67.1}
BUILD=${BUILD:-1} BUILD=${BUILD:-1}
# Set this to YES to build with the system LLVM, or NO to use the bundled LLVM. # Set this to YES to build with the system LLVM, or NO to use the bundled LLVM.
@ -34,9 +34,9 @@ BUILD=${BUILD:-1}
SYSTEM_LLVM=${SYSTEM_LLVM:-YES} SYSTEM_LLVM=${SYSTEM_LLVM:-YES}
# Bootstrap variables (might not be kept updated for latest Rust): # Bootstrap variables (might not be kept updated for latest Rust):
RSTAGE0_VERSION=${RSTAGE0_VERSION:-1.65.0} RSTAGE0_VERSION=${RSTAGE0_VERSION:-1.66.1}
RSTAGE0_DIR=${RSTAGE0_DIR:-2022-11-03} RSTAGE0_DIR=${RSTAGE0_DIR:-2023-01-10}
CSTAGE0_VERSION=${CSTAGE0_VERSION:-1.65.0} CSTAGE0_VERSION=${CSTAGE0_VERSION:-1.66.1}
CSTAGE0_DIR=${CSTAGE0_DIR:-$RSTAGE0_DIR} CSTAGE0_DIR=${CSTAGE0_DIR:-$RSTAGE0_DIR}
# Automatically determine the architecture we're building on: # Automatically determine the architecture we're building on:

6
testing/source/rust/rust.url
View file

@ -1,5 +1,5 @@
# Source code (repacked to .tar.lz): # Source code (repacked to .tar.lz):
VERSION=1.66.1 VERSION=1.67.1
rm -f rustc-${VERSION}-src.tar.* rm -f rustc-${VERSION}-src.tar.*
lftpget https://static.rust-lang.org/dist/rustc-${VERSION}-src.tar.gz lftpget https://static.rust-lang.org/dist/rustc-${VERSION}-src.tar.gz
lftpget https://static.rust-lang.org/dist/rustc-${VERSION}-src.tar.gz.asc lftpget https://static.rust-lang.org/dist/rustc-${VERSION}-src.tar.gz.asc
@ -20,8 +20,8 @@ fi
# update the settings below, look at src/stage0.json in the Rust sources. # update the settings below, look at src/stage0.json in the Rust sources.
exit 0 exit 0
BOOTSTRAP_DATE=2022-11-03 BOOTSTRAP_DATE=2023-01-10
BOOTSTRAP_VERSION=1.65.0 BOOTSTRAP_VERSION=1.66.1
BOOTSTRAP_CARGO=$BOOTSTRAP_VERSION BOOTSTRAP_CARGO=$BOOTSTRAP_VERSION
# i686 bootstrap: # i686 bootstrap: