diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2022-01-25 06:16:36 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2022-01-25 12:00:01 +0100 |
commit | 1269f459323b2536a51bb8c7e11cdffdebb185ef (patch) | |
tree | 40da05e5d51a28f6e27d274cb15613bac01ed77c /source/a | |
parent | 2ecaab4b8a696aa03b61d68c4f2665798a43a15a (diff) | |
download | current-1269f459323b2536a51bb8c7e11cdffdebb185ef.tar.gz |
Tue Jan 25 06:16:36 UTC 202220220125061636
It may look like we're currently experiencing more stuckness, but this will
lead us to Quality. We'll have this release in the can before you know it.
a/aaa_glibc-solibs-2.33-x86_64-5.txz: Rebuilt.
a/aaa_libraries-15.0-x86_64-16.txz: Rebuilt.
Rebuilt to pick up the patched libexpat.so.1.8.3.
a/kernel-firmware-20220124_eb8ea1b-noarch-1.txz: Upgraded.
a/kernel-generic-5.15.16-x86_64-2.txz: Upgraded.
a/kernel-huge-5.15.16-x86_64-2.txz: Upgraded.
-9P_FSCACHE n
9P_FS m -> y
Thanks to peake.
a/kernel-modules-5.15.16-x86_64-2.txz: Upgraded.
a/mkinitrd-1.4.11-x86_64-27.txz: Rebuilt.
mkinitrd_command_generator.sh: properly detect partitions of a RAID device.
Thanks to perrin4869.
a/util-linux-2.37.3-x86_64-1.txz: Upgraded.
This release fixes two security mount(8) and umount(8) issues:
An issue related to parsing the /proc/self/mountinfo file allows an
unprivileged user to unmount other user's filesystems that are either
world-writable themselves or mounted in a world-writable directory.
Improper UID check in libmount allows an unprivileged user to unmount
FUSE filesystems of users with similar UID.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
(* Security fix *)
ap/vim-8.2.4212-x86_64-1.txz: Upgraded.
d/git-2.35.0-x86_64-1.txz: Upgraded.
d/kernel-headers-5.15.16-x86-2.txz: Upgraded.
k/kernel-source-5.15.16-noarch-2.txz: Upgraded.
l/expat-2.4.3-x86_64-2.txz: Rebuilt.
Fix signed integer overflow in function XML_GetBuffer for when
XML_CONTEXT_BYTES is defined to >0 (which is both common and
default). Impact is denial of service or other undefined behavior.
While we're here, also patch a memory leak on output file opening error.
Thanks to marav.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
(* Security fix *)
l/fluidsynth-2.2.5-x86_64-1.txz: Upgraded.
l/glibc-2.33-x86_64-5.txz: Rebuilt.
This update patches two security issues:
Unexpected return value from glibc's realpath().
Off-by-one buffer overflow/underflow in glibc's getcwd().
Thanks to Qualys Research Labs for reporting these issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3998
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999
(* Security fix *)
l/glibc-i18n-2.33-x86_64-5.txz: Rebuilt.
l/glibc-profile-2.33-x86_64-5.txz: Rebuilt.
l/tdb-1.4.6-x86_64-1.txz: Upgraded.
x/xf86-input-libinput-1.2.1-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-91.5.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.5.1/releasenotes/
xap/vim-gvim-8.2.4212-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to 'source/a')
4 files changed, 29 insertions, 3 deletions
diff --git a/source/a/aaa_libraries/aaa_libraries.SlackBuild b/source/a/aaa_libraries/aaa_libraries.SlackBuild index da891fca..16f2505c 100755 --- a/source/a/aaa_libraries/aaa_libraries.SlackBuild +++ b/source/a/aaa_libraries/aaa_libraries.SlackBuild @@ -23,7 +23,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=aaa_libraries VERSION=${VERSION:-15.0} -BUILD=${BUILD:-15} +BUILD=${BUILD:-16} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/a/mkinitrd/0004-check-if-BASEDEV-is-a-partition-of-a-RAID-volume.patch b/source/a/mkinitrd/0004-check-if-BASEDEV-is-a-partition-of-a-RAID-volume.patch new file mode 100644 index 00000000..e24b7c7c --- /dev/null +++ b/source/a/mkinitrd/0004-check-if-BASEDEV-is-a-partition-of-a-RAID-volume.patch @@ -0,0 +1,23 @@ +--- ./mkinitrd_command_generator.sh.orig 2021-03-28 13:22:55.628927615 -0500 ++++ ./mkinitrd_command_generator.sh 2022-01-24 21:29:00.382517371 -0600 +@@ -302,12 +302,19 @@ + fi + + # Finally, we should check if base device is +- # a real block device or a RAID volume: ++ # a real block device or a RAID volume: + for MD in $(cat /proc/mdstat | grep -w active | cut -d' ' -f1) ; do + if [ "$BASEDEV" = "/dev/$MD" ]; then + USING_RAID=1 + break + fi ++ done ++ # Additional check in case $BASEDEV is a partition of /dev/$MD: ++ for BLK in $(sfdisk -ld /dev/$MD 2> /dev/null | grep "^/dev" | cut -d " " -f 1); do ++ if [ "$BASEDEV" = "$BLK" ]; then ++ USING_RAID=1 ++ break ++ fi + done + } + diff --git a/source/a/mkinitrd/mkinitrd.SlackBuild b/source/a/mkinitrd/mkinitrd.SlackBuild index 6b507039..500b919a 100755 --- a/source/a/mkinitrd/mkinitrd.SlackBuild +++ b/source/a/mkinitrd/mkinitrd.SlackBuild @@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=mkinitrd VERSION=${VERSION:-1.4.11} BB=1.32.1 -BUILD=${BUILD:-26} +BUILD=${BUILD:-27} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -125,6 +125,9 @@ chmod 755 $PKG/sbin/mkinitrd # Don't include 40-usb_modeswitch.rules on the initrd: ( cd $PKG/sbin ; zcat $CWD/0003-blacklist.40-usb_modeswitch.rules.patch.gz | patch -p1 --verbose || exit 1) || exit 1 rm -f $PKG/sbin/mkinitrd.orig +# Use -R if we detect the root partition is a partition of a RAID device: +( cd $PKG/usr/share/mkinitrd ; zcat $CWD/0004-check-if-BASEDEV-is-a-partition-of-a-RAID-volume.patch.gz | patch -p1 --verbose || exit 1) || exit 1 +rm -f $PKG/usr/share/mkinitrd/mkinitrd_command_generator.sh.orig mkdir -p $PKG/usr/man/man{5,8} cat $CWD/mkinitrd.conf.5 | gzip -9c > $PKG/usr/man/man5/mkinitrd.conf.5.gz diff --git a/source/a/util-linux/util-linux.SlackBuild b/source/a/util-linux/util-linux.SlackBuild index b99088da..fd08893f 100755 --- a/source/a/util-linux/util-linux.SlackBuild +++ b/source/a/util-linux/util-linux.SlackBuild @@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=util-linux VERSION=${VERSION:-$(echo util-linux*.tar.xz | cut -d - -f 3 | rev | cut -f 3- -d . | rev)} -BUILD=${BUILD:-6} +BUILD=${BUILD:-1} ADJTIMEXVERS=1.29 SETSERIALVERS=2.17 |