mirror of
git://slackware.nl/current.git
synced 2024-12-26 09:58:59 +01:00
1531b10f73
d/ruby-3.3.1-x86_64-1.txz: Upgraded.
This update fixes security issues:
Arbitrary memory address read vulnerability with Regex search.
RCE vulnerability with .rdoc_options in RDoc.
Buffer overread vulnerability in StringIO.
For more information, see:
https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/
https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/
https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/
https://www.cve.org/CVERecord?id=CVE-2024-27282
https://www.cve.org/CVERecord?id=CVE-2024-27281
https://www.cve.org/CVERecord?id=CVE-2024-27280
(* Security fix *)
l/python-docutils-0.21.2-x86_64-1.txz: Upgraded.
x/rendercheck-1.6-x86_64-1.txz: Upgraded.
x/xcb-imdkit-1.0.8-x86_64-1.txz: Upgraded.
|
||
|---|---|---|
| .. | ||
| a | ||
| ap | ||
| d | ||
| e | ||
| f | ||
| installer | ||
| k | ||
| kde | ||
| l | ||
| n | ||
| t | ||
| tcl | ||
| x | ||
| xap | ||
| xfce | ||
| y | ||
| buildlist-from-changelog.sh | ||
| make_world.sh | ||
| README.TXT | ||
This is the source used for Slackware. To look for a particular bit of source (let's say for 'cp'), first you would look for the full path: fuzzy:~# which cp /bin/cp Then, you grep for the package it came from. Note that the leading '/' is removed, and ^ and $ mark the beginning and end of the pattern to match: fuzzy:~# grep ^bin/cp$ /var/lib/pkgtools/packages/* /var/lib/pkgtools/packages/coreutils-9.0-x86_64-3:bin/cp From this, you can see that 'cp' came from the coreutils-9.0-x86_64-3 package. The source will be found in a corresponding subdirectory. In this case, that would be ./a/coreutils/. All of these packages have scripts that extract, patch, and compile the source automatically. These are the 'SlackBuild' scripts. Have fun! --- Patrick J. Volkerding volkerdi@slackware.com