mirror of
git://slackware.nl/current.git
synced 2025-01-07 05:25:35 +01:00
fc0ff5a5d7
a/bash-5.2.015-x86_64-1.txz: Upgraded. a/tcsh-6.24.06-x86_64-1.txz: Upgraded. ap/inxi-3.3.24_1-noarch-1.txz: Upgraded. ap/nano-7.1-x86_64-1.txz: Upgraded. d/git-2.39.0-x86_64-1.txz: Upgraded. d/rust-1.65.0-x86_64-1.txz: Upgraded. d/strace-6.1-x86_64-1.txz: Upgraded. kde/krita-5.1.4-x86_64-1.txz: Upgraded. l/imagemagick-7.1.0_54-x86_64-1.txz: Upgraded. l/nodejs-19.3.0-x86_64-1.txz: Upgraded. l/pcre2-10.42-x86_64-1.txz: Upgraded. n/iproute2-6.1.0-x86_64-1.txz: Upgraded. x/makedepend-1.0.8-x86_64-1.txz: Upgraded. x/xhost-1.0.9-x86_64-1.txz: Upgraded. x/xorg-server-21.1.5-x86_64-1.txz: Upgraded. This release fixes 6 recently reported security vulnerabilities in various extensions. For more information, see: https://lists.x.org/archives/xorg-announce/2022-December/003302.html https://www.cve.org/CVERecord?id=CVE-2022-46340 https://www.cve.org/CVERecord?id=CVE-2022-46341 https://www.cve.org/CVERecord?id=CVE-2022-46342 https://www.cve.org/CVERecord?id=CVE-2022-46343 https://www.cve.org/CVERecord?id=CVE-2022-46344 https://www.cve.org/CVERecord?id=CVE-2022-4283 (* Security fix *) x/xorg-server-xephyr-21.1.5-x86_64-1.txz: Upgraded. x/xorg-server-xnest-21.1.5-x86_64-1.txz: Upgraded. x/xorg-server-xvfb-21.1.5-x86_64-1.txz: Upgraded. x/xorg-server-xwayland-22.1.6-x86_64-1.txz: Upgraded. This release fixes 6 recently reported security vulnerabilities in various extensions. For more information, see: https://lists.x.org/archives/xorg-announce/2022-December/003302.html https://www.cve.org/CVERecord?id=CVE-2022-46340 https://www.cve.org/CVERecord?id=CVE-2022-46341 https://www.cve.org/CVERecord?id=CVE-2022-46342 https://www.cve.org/CVERecord?id=CVE-2022-46343 https://www.cve.org/CVERecord?id=CVE-2022-46344 https://www.cve.org/CVERecord?id=CVE-2022-4283 (* Security fix *) xap/mozilla-thunderbird-102.6.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/security/advisories/mfsa2022-53/ https://www.cve.org/CVERecord?id=CVE-2022-46880 https://www.cve.org/CVERecord?id=CVE-2022-46872 https://www.cve.org/CVERecord?id=CVE-2022-46881 https://www.cve.org/CVERecord?id=CVE-2022-46874 https://www.cve.org/CVERecord?id=CVE-2022-46875 https://www.cve.org/CVERecord?id=CVE-2022-46882 https://www.cve.org/CVERecord?id=CVE-2022-46878 (* Security fix *) xap/xscreensaver-6.06-x86_64-1.txz: Upgraded. testing/packages/mozilla-firefox-108.0-x86_64-1.txz: Upgraded. Starting this out in /testing for now, since I've been trying for 2 days to get it to compile on 32-bit with no luck. It ends up failing with a bunch of errors like this: ld.lld: error: undefined hidden symbol: tabs_4d51_TabsStore_sync Any help getting this to build on 32-bit would be greatly appreciated. I've tried most of ponce's bag of tricks already. :-)
58 lines
1.5 KiB
Text
58 lines
1.5 KiB
Text
BASH PATCH REPORT
|
|
=================
|
|
|
|
Bash-Release: 5.2
|
|
Patch-ID: bash52-013
|
|
|
|
Bug-Reported-by: Ralf Oehler <Ralf@Oehler-Privat.de>
|
|
Bug-Reference-ID: <20221120140252.2fc6489b@bilbo>
|
|
Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2022-11/msg00082.html
|
|
|
|
Bug-Description:
|
|
|
|
Bash can leak memory when referencing a non-existent associative array
|
|
element.
|
|
|
|
Patch (apply with `patch -p0'):
|
|
|
|
*** ../bash-5.2-patched/subst.c 2022-11-05 17:27:48.000000000 -0400
|
|
--- subst.c 2022-11-21 14:42:59.000000000 -0500
|
|
***************
|
|
*** 7498,7503 ****
|
|
: quote_escapes (temp);
|
|
rflags |= W_ARRAYIND;
|
|
- if (estatep)
|
|
- *estatep = es; /* structure copy */
|
|
}
|
|
/* Note that array[*] and array[@] expanded to a quoted null string by
|
|
--- 7508,7511 ----
|
|
***************
|
|
*** 7508,7512 ****
|
|
rflags |= W_HASQUOTEDNULL;
|
|
|
|
! if (estatep == 0)
|
|
flush_eltstate (&es);
|
|
}
|
|
--- 7516,7522 ----
|
|
rflags |= W_HASQUOTEDNULL;
|
|
|
|
! if (estatep)
|
|
! *estatep = es; /* structure copy */
|
|
! else
|
|
flush_eltstate (&es);
|
|
}
|
|
*** ../bash-5.2/patchlevel.h 2020-06-22 14:51:03.000000000 -0400
|
|
--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400
|
|
***************
|
|
*** 26,30 ****
|
|
looks for to find the patch level (for the sccs version string). */
|
|
|
|
! #define PATCHLEVEL 12
|
|
|
|
#endif /* _PATCHLEVEL_H_ */
|
|
--- 26,30 ----
|
|
looks for to find the patch level (for the sccs version string). */
|
|
|
|
! #define PATCHLEVEL 13
|
|
|
|
#endif /* _PATCHLEVEL_H_ */
|