mirror of
git://slackware.nl/current.git
synced 2024-12-31 10:28:29 +01:00
061b63f432
a/bash-5.1.012-x86_64-1.txz: Upgraded.
a/cryptsetup-2.4.2-x86_64-1.txz: Upgraded.
a/kernel-generic-5.15.3-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.3-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.3-x86_64-1.txz: Upgraded.
d/ccache-4.5.1-x86_64-1.txz: Upgraded.
d/kernel-headers-5.15.3-x86-1.txz: Upgraded.
k/kernel-source-5.15.3-noarch-1.txz: Upgraded.
kde/latte-dock-0.10.4-x86_64-1.txz: Upgraded.
n/php-7.4.26-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
XML: special character is breaking the path in xml function.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
(* Security fix *)
x/ibus-1.5.25-x86_64-5.txz: Rebuilt.
Fixed paths in:
[PATCH] client/gtk3/ibusimcontext: Fix wrong cursor location in gtk3 apps.
Thanks to Lockywolf.
xap/audacious-4.1-x86_64-3.txz: Rebuilt.
Removed the extra menu entry for the GTK+ version as this can just be
selected in the settings. Thanks to franzen.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
59 lines
1.6 KiB
Text
59 lines
1.6 KiB
Text
BASH PATCH REPORT
|
|
=================
|
|
|
|
Bash-Release: 5.1
|
|
Patch-ID: bash51-009
|
|
|
|
Bug-Reported-by: Julien Moutinho <julm+bash@sourcephile.fr>
|
|
Bug-Reference-ID: <20211004035906.5kiobuzkpeckmvwg@sourcephile.fr>
|
|
Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2021-10/msg00022.html
|
|
|
|
Bug-Description:
|
|
|
|
The bash malloc implementation of malloc_usable_size() does not follow the
|
|
specification. This can cause library functions that use it to overwrite
|
|
memory bounds checking.
|
|
|
|
Patch (apply with `patch -p0'):
|
|
|
|
*** ../bash-5.1-patched/lib/malloc/malloc.c 2020-07-08 10:19:30.000000000 -0400
|
|
--- lib/malloc/malloc.c 2021-10-05 16:10:55.000000000 -0400
|
|
***************
|
|
*** 1287,1297 ****
|
|
}
|
|
|
|
! /* XXX - should we return 0 if ISFREE? */
|
|
! maxbytes = binsize(p->mh_index);
|
|
!
|
|
! /* So the usable size is the maximum number of bytes in the bin less the
|
|
! malloc overhead */
|
|
! maxbytes -= MOVERHEAD + MSLOP;
|
|
! return (maxbytes);
|
|
}
|
|
|
|
--- 1358,1367 ----
|
|
}
|
|
|
|
! /* return 0 if ISFREE */
|
|
! if (p->mh_alloc == ISFREE)
|
|
! return 0;
|
|
!
|
|
! /* Since we use bounds checking, the usable size is the last requested size. */
|
|
! return (p->mh_nbytes);
|
|
}
|
|
|
|
*** ../bash-5.1/patchlevel.h 2020-06-22 14:51:03.000000000 -0400
|
|
--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400
|
|
***************
|
|
*** 26,30 ****
|
|
looks for to find the patch level (for the sccs version string). */
|
|
|
|
! #define PATCHLEVEL 8
|
|
|
|
#endif /* _PATCHLEVEL_H_ */
|
|
--- 26,30 ----
|
|
looks for to find the patch level (for the sccs version string). */
|
|
|
|
! #define PATCHLEVEL 9
|
|
|
|
#endif /* _PATCHLEVEL_H_ */
|