mirror of
git://slackware.nl/current.git
synced 2025-01-29 08:36:40 +01:00
2d770ad859
extra/llvm-19.1.3-x86_64-1_slack15.0.txz: Upgraded.
Shared library .so-version bump.
If you are upgrading from a previous LLVM, you might also need llvm13-compat
and/or llvm17-compat. We'll be using this for newer Mozilla things.
extra/llvm17-compat-17.0.6-x86_64-1_slack15.0.txz: Added.
This is to support any locally compiled software that was linked against
libLLVM-17.so from the llvm-17.0.6 that was previously in /extra.
extra/rust-bindgen-0.69.4-x86_64-1_slack15.0.txz: Added.
extra/rust-for-mozilla/rust-1.82.0-x86_64-1_slack15.0.txz: Upgraded.
extra/tigervnc/tigervnc-1.12.0-x86_64-7_slack15.0.txz: Rebuilt.
Recompiled against xorg-server-1.20.14, including a patch for a
security issue:
By providing a modified bitmap, a heap-based buffer overflow may occur.
This may lead to local privilege escalation if the server is run as root
or remote code execution (e.g. x11 over ssh).
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
For more information, see:
https://lists.x.org/archives/xorg-announce/2024-October/003545.html
https://www.cve.org/CVERecord?id=CVE-2024-9632
(* Security fix *)
patches/packages/mozilla-firefox-128.4.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/128.4.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2024-56/
https://www.cve.org/CVERecord?id=CVE-2024-10458
https://www.cve.org/CVERecord?id=CVE-2024-10459
https://www.cve.org/CVERecord?id=CVE-2024-10460
https://www.cve.org/CVERecord?id=CVE-2024-10461
https://www.cve.org/CVERecord?id=CVE-2024-10462
https://www.cve.org/CVERecord?id=CVE-2024-10463
https://www.cve.org/CVERecord?id=CVE-2024-10464
https://www.cve.org/CVERecord?id=CVE-2024-10465
https://www.cve.org/CVERecord?id=CVE-2024-10466
https://www.cve.org/CVERecord?id=CVE-2024-10467
(* Security fix *)
patches/packages/mozilla-thunderbird-128.4.0esr-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/128.4.0esr/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/
https://www.cve.org/CVERecord?id=CVE-2024-10458
https://www.cve.org/CVERecord?id=CVE-2024-10459
https://www.cve.org/CVERecord?id=CVE-2024-10460
https://www.cve.org/CVERecord?id=CVE-2024-10461
https://www.cve.org/CVERecord?id=CVE-2024-10462
https://www.cve.org/CVERecord?id=CVE-2024-10463
https://www.cve.org/CVERecord?id=CVE-2024-10464
https://www.cve.org/CVERecord?id=CVE-2024-10465
https://www.cve.org/CVERecord?id=CVE-2024-10466
https://www.cve.org/CVERecord?id=CVE-2024-10467
(* Security fix *)
patches/packages/xorg-server-1.20.14-x86_64-14_slack15.0.txz: Rebuilt.
This update fixes a security issue:
By providing a modified bitmap, a heap-based buffer overflow may occur.
This may lead to local privilege escalation if the server is run as root
or remote code execution (e.g. x11 over ssh).
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
For more information, see:
https://lists.x.org/archives/xorg-announce/2024-October/003545.html
https://www.cve.org/CVERecord?id=CVE-2024-9632
(* Security fix *)
patches/packages/xorg-server-xephyr-1.20.14-x86_64-14_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-x86_64-14_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-x86_64-14_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xwayland-21.1.4-x86_64-12_slack15.0.txz: Rebuilt.
This update fixes a security issue:
By providing a modified bitmap, a heap-based buffer overflow may occur.
This may lead to local privilege escalation if the server is run as root
or remote code execution (e.g. x11 over ssh).
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
For more information, see:
https://lists.x.org/archives/xorg-announce/2024-October/003545.html
https://www.cve.org/CVERecord?id=CVE-2024-9632
(* Security fix *)
55 lines
2 KiB
Diff
55 lines
2 KiB
Diff
From 85b776571487f52e756f68a069c768757369bfe3 Mon Sep 17 00:00:00 2001
|
|
From: Matthieu Herrb <matthieu@herrb.eu>
|
|
Date: Thu, 10 Oct 2024 10:37:28 +0200
|
|
Subject: [PATCH] xkb: Fix buffer overflow in _XkbSetCompatMap()
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
The _XkbSetCompatMap() function attempts to resize the `sym_interpret`
|
|
buffer.
|
|
|
|
However, It didn't update its size properly. It updated `num_si` only,
|
|
without updating `size_si`.
|
|
|
|
This may lead to local privilege escalation if the server is run as root
|
|
or remote code execution (e.g. x11 over ssh).
|
|
|
|
CVE-2024-9632, ZDI-CAN-24756
|
|
|
|
This vulnerability was discovered by:
|
|
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
|
|
|
|
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
|
|
Tested-by: Peter Hutterer <peter.hutterer@who-t.net>
|
|
Reviewed-by: José Expósito <jexposit@redhat.com>
|
|
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1733>
|
|
---
|
|
xkb/xkb.c | 8 ++++----
|
|
1 file changed, 4 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/xkb/xkb.c b/xkb/xkb.c
|
|
index 868d7c1e64..aaf9716b36 100644
|
|
--- a/xkb/xkb.c
|
|
+++ b/xkb/xkb.c
|
|
@@ -2990,13 +2990,13 @@ _XkbSetCompatMap(ClientPtr client, DeviceIntPtr dev,
|
|
XkbSymInterpretPtr sym;
|
|
unsigned int skipped = 0;
|
|
|
|
- if ((unsigned) (req->firstSI + req->nSI) > compat->num_si) {
|
|
- compat->num_si = req->firstSI + req->nSI;
|
|
+ if ((unsigned) (req->firstSI + req->nSI) > compat->size_si) {
|
|
+ compat->num_si = compat->size_si = req->firstSI + req->nSI;
|
|
compat->sym_interpret = reallocarray(compat->sym_interpret,
|
|
- compat->num_si,
|
|
+ compat->size_si,
|
|
sizeof(XkbSymInterpretRec));
|
|
if (!compat->sym_interpret) {
|
|
- compat->num_si = 0;
|
|
+ compat->num_si = compat->size_si = 0;
|
|
return BadAlloc;
|
|
}
|
|
}
|
|
--
|
|
GitLab
|
|
|