diff options
| author | Patrick J Volkerding <volkerdi@slackware.com> | 2022-02-21 20:21:38 +0000 |
|---|---|---|
| committer | Eric Hameleers <alien@slackware.com> | 2022-02-22 06:59:43 +0100 |
| commit | 32fa88b60c4d872b057e9e7651b351d54affa40e (patch) | |
| tree | 9adf4cc6cac2f4aa1f78e1b45a8d3ce786412423 /source/l/glibc/patches/CVE-2021-35942.patch | |
| parent | d5740c2f619f72d61555bb6bef595aa0172ba60f (diff) | |
| download | current-bdc509c782ee7e557cb60a66636d26e5470c24b5.tar.gz | |
Mon Feb 21 20:21:38 UTC 202220220221202138
a/aaa_glibc-solibs-2.35-x86_64-1.txz: Upgraded.
a/kernel-firmware-20220218_c53073d-noarch-1.txz: Upgraded.
ap/flac-1.3.4-x86_64-1.txz: Upgraded.
This update fixes overflow issues with encoding and decoding.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0499
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0561
(* Security fix *)
ap/ksh93-1.0_20220219_bc6c5dbd-x86_64-1.txz: Upgraded.
ap/mariadb-10.6.7-x86_64-2.txz: Rebuilt.
Removed dangling symlink.
ap/vim-8.2.4428-x86_64-1.txz: Upgraded.
Patched ctags for glibc-2.35. Thanks to nobodino.
d/autoconf-2.71-noarch-1.txz: Upgraded.
d/automake-1.16.5-noarch-1.txz: Upgraded.
d/binutils-2.38-x86_64-2.txz: Rebuilt.
Fixed the SlackBuild to not run autoconf in the libiberty and intl
subdirectories. It doesn't work with the latest autoconf, and there
doesn't seem to be any need for it anyway.
d/cmake-3.22.2-x86_64-1.txz: Upgraded.
d/meson-0.61.2-x86_64-1.txz: Upgraded.
d/rcs-5.10.0-x86_64-4.txz: Rebuilt.
Patched for glibc-2.35. Thanks to nobodino.
d/scons-4.3.0-x86_64-1.txz: Upgraded.
e/emacs-27.2-x86_64-2.txz: Rebuilt.
Patched for glibc-2.35. Thanks to nobodino.
kde/digikam-7.5.0-x86_64-2.txz: Rebuilt.
Recompiled against jasper-3.0.2.
kde/wacomtablet-20220124_dd28b27-x86_64-1.txz: Upgraded.
l/LibRaw-0.20.2-x86_64-4.txz: Rebuilt.
Recompiled against jasper-3.0.2.
l/accountsservice-22.07.5-x86_64-1.txz: Upgraded.
l/dconf-editor-3.38.3-x86_64-2.txz: Rebuilt.
Fixed build errors with meson.
l/expat-2.4.6-x86_64-1.txz: Upgraded.
l/fuse-2.9.9-x86_64-4.txz: Rebuilt.
Patched for glibc-2.35. Thanks to nobodino.
l/gcr-3.40.0-x86_64-2.txz: Rebuilt.
Fixed build errors with meson.
l/gdk-pixbuf2-2.42.6-x86_64-2.txz: Rebuilt.
Fixed meson options.
l/gdk-pixbuf2-xlib-2.40.2-x86_64-4.txz: Rebuilt.
Fixed meson options.
l/gegl-0.4.34-x86_64-3.txz: Rebuilt.
Recompiled against jasper-3.0.2.
l/glade-3.38.2-x86_64-6.txz: Rebuilt.
Fixed build errors with meson.
Removed duplicated 'da' from help/LINGUAS.
l/glibc-2.35-x86_64-1.txz: Upgraded.
l/glibc-i18n-2.35-x86_64-1.txz: Upgraded.
l/glibc-profile-2.35-x86_64-1.txz: Upgraded.
l/gobject-introspection-1.71.0-x86_64-1.txz: Upgraded.
This update was needed to solve failing tests with the new meson.
l/gtk+2-2.24.33-x86_64-3.txz: Rebuilt.
Changed build/host to $ARCH-slackware-linux-gnu.
l/gtk4-4.4.1-x86_64-2.txz: Rebuilt.
Fixed meson options.
l/gvfs-1.48.1-x86_64-2.txz: Rebuilt.
Fixed build errors with meson.
l/imagemagick-7.1.0_26-x86_64-1.txz: Upgraded.
l/jasper-3.0.2-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/json-glib-1.6.6-x86_64-2.txz: Rebuilt.
Fixed meson options.
l/libsecret-0.20.5-x86_64-1.txz: Upgraded.
l/netpbm-10.97.04-x86_64-1.txz: Upgraded.
l/qt5-5.15.3_20211130_014c375b-x86_64-3.txz: Rebuilt.
Patched for glibc-2.35. Thanks to nobodino.
Recompiled against jasper-3.0.2.
l/shared-mime-info-2.1-x86_64-4.txz: Rebuilt.
Fixed build errors with meson.
n/gpgme-1.17.0-x86_64-1.txz: Upgraded.
n/ntp-4.2.8p15-x86_64-9.txz: Rebuilt.
Patched for glibc-2.35. Thanks to nobodino.
x/libinput-1.19.3-x86_64-2.txz: Rebuilt.
Recompiled against libwacom-2.1.0.
x/libva-2.14.0-x86_64-1.txz: Upgraded.
x/libva-utils-2.14.0-x86_64-1.txz: Upgraded.
x/libwacom-2.1.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
x/motif-2.3.8-x86_64-6.txz: Rebuilt.
Fixed build with LEXLIB="-lfl".
x/vulkan-sdk-1.2.176.1-x86_64-3.txz: Rebuilt.
Patched for glibc-2.35. Thanks to nobodino.
x/xf86-input-wacom-1.0.0-x86_64-1.txz: Upgraded.
xap/network-manager-applet-1.24.0-x86_64-3.txz: Rebuilt.
Fixed build errors with meson.
xap/vim-gvim-8.2.4428-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to 'source/l/glibc/patches/CVE-2021-35942.patch')
| -rw-r--r-- | source/l/glibc/patches/CVE-2021-35942.patch | 41 |
1 files changed, 0 insertions, 41 deletions
diff --git a/source/l/glibc/patches/CVE-2021-35942.patch b/source/l/glibc/patches/CVE-2021-35942.patch deleted file mode 100644 index fde0fbdb..00000000 --- a/source/l/glibc/patches/CVE-2021-35942.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 5adda61f62b77384718b4c0d8336ade8f2b4b35c Mon Sep 17 00:00:00 2001 -From: Andreas Schwab <schwab@linux-m68k.org> -Date: Fri, 25 Jun 2021 15:02:47 +0200 -Subject: [PATCH] wordexp: handle overflow in positional parameter number (bug - 28011) - -Use strtoul instead of atoi so that overflow can be detected. ---- - posix/wordexp-test.c | 1 + - posix/wordexp.c | 2 +- - 2 files changed, 2 insertions(+), 1 deletion(-) - -diff --git a/posix/wordexp-test.c b/posix/wordexp-test.c -index f93a546d7e..9df02dbbb3 100644 ---- a/posix/wordexp-test.c -+++ b/posix/wordexp-test.c -@@ -183,6 +183,7 @@ struct test_case_struct - { 0, NULL, "$var", 0, 0, { NULL, }, IFS }, - { 0, NULL, "\"\\n\"", 0, 1, { "\\n", }, IFS }, - { 0, NULL, "", 0, 0, { NULL, }, IFS }, -+ { 0, NULL, "${1234567890123456789012}", 0, 0, { NULL, }, IFS }, - - /* Flags not already covered (testit() has special handling for these) */ - { 0, NULL, "one two", WRDE_DOOFFS, 2, { "one", "two", }, IFS }, -diff --git a/posix/wordexp.c b/posix/wordexp.c -index bcbe96e48d..1f3b09f721 100644 ---- a/posix/wordexp.c -+++ b/posix/wordexp.c -@@ -1399,7 +1399,7 @@ envsubst: - /* Is it a numeric parameter? */ - else if (isdigit (env[0])) - { -- int n = atoi (env); -+ unsigned long n = strtoul (env, NULL, 10); - - if (n >= __libc_argc) - /* Substitute NULL. */ --- -2.27.0 - - |