diff options
| author | Patrick J Volkerding <volkerdi@slackware.com> | 2019-07-10 23:56:13 +0000 |
|---|---|---|
| committer | Eric Hameleers <alien@slackware.com> | 2019-07-11 08:59:45 +0200 |
| commit | d25041e8f5f84316e0ee350da8babdc356127bf9 (patch) | |
| tree | ba8fe8ee167ca90f7531cbfb4420c3f718def80c /source/xfce | |
| parent | 3c8a6c83bcf500cd8a7dd77a3e55060fcf595c4c (diff) | |
| download | current-d25041e8f5f84316e0ee350da8babdc356127bf9.tar.gz | |
Wed Jul 10 23:56:13 UTC 201920190710235613
a/glibc-zoneinfo-2019b-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.58-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.58-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.58-x86_64-1.txz: Upgraded.
d/Cython-0.29.12-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.58-x86-1.txz: Upgraded.
d/mercurial-5.0.2-x86_64-1.txz: Upgraded.
d/python3-3.7.4-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.58-noarch-1.txz: Upgraded.
l/glib2-2.60.5-x86_64-1.txz: Upgraded.
n/gnupg2-2.2.17-x86_64-1.txz: Upgraded.
n/iproute2-5.2.0-x86_64-1.txz: Upgraded.
n/samba-4.10.6-x86_64-1.txz: Upgraded.
x/libva-utils-2.5.0-x86_64-1.txz: Upgraded.
x/mesa-19.1.2-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements. Some of the patched
flaws are considered critical, and could be used to run attacker code and
install software, requiring no user interaction beyond normal browsing.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9811
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11711
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11712
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11713
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11729
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11715
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11717
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11719
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11730
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11709
(* Security fix *)
xap/mozilla-thunderbird-60.8.0-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/60.8.0/releasenotes/
xfce/garcon-0.6.3-x86_64-2.txz: Rebuilt.
Patched crash bug.
Installed gtk-doc HTML docs.
Thanks to Robby Workman.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/blueman-2.1.1-x86_64-1.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to 'source/xfce')
| -rw-r--r-- | source/xfce/garcon/0001-Fix-use-after-free-crash-Bug-15679.patch | 25 | ||||
| -rwxr-xr-x | source/xfce/garcon/garcon.SlackBuild | 4 | ||||
| -rw-r--r-- | source/xfce/garcon/garcon.url | 2 |
3 files changed, 29 insertions, 2 deletions
diff --git a/source/xfce/garcon/0001-Fix-use-after-free-crash-Bug-15679.patch b/source/xfce/garcon/0001-Fix-use-after-free-crash-Bug-15679.patch new file mode 100644 index 00000000..92ba106b --- /dev/null +++ b/source/xfce/garcon/0001-Fix-use-after-free-crash-Bug-15679.patch @@ -0,0 +1,25 @@ +From 6f452937366bb1599fb0ae986958786d52946f15 Mon Sep 17 00:00:00 2001 +From: Andre Miranda <andreldm@xfce.org> +Date: Sat, 6 Jul 2019 13:42:20 -0300 +Subject: [PATCH] Fix use after free crash (Bug #15679) + +--- + garcon/garcon-menu-item.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/garcon/garcon-menu-item.c b/garcon/garcon-menu-item.c +index 35f6bed..5f23467 100644 +--- a/garcon/garcon-menu-item.c ++++ b/garcon/garcon-menu-item.c +@@ -1154,6 +1154,8 @@ garcon_menu_item_reload_from_file (GarconMenuItem *item, + + /* Update application actions */ + _garcon_g_list_free_full (item->priv->actions, garcon_menu_item_action_unref); ++ item->priv->actions = NULL; ++ + str_list = xfce_rc_read_list_entry (rc, G_KEY_FILE_DESKTOP_KEY_ACTIONS, ";"); + if (G_LIKELY (str_list != NULL)) + { +-- +2.22.0 + diff --git a/source/xfce/garcon/garcon.SlackBuild b/source/xfce/garcon/garcon.SlackBuild index 3954dc4e..405d00aa 100755 --- a/source/xfce/garcon/garcon.SlackBuild +++ b/source/xfce/garcon/garcon.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=garcon VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: MARCH=$( uname -m ) @@ -80,6 +80,8 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; +zcat $CWD/0001-Fix-use-after-free-crash-Bug-15679.patch.gz | patch -p1 --verbose || exit 1 + if [ ! -r configure ]; then NOCONFIGURE=1 ./autogen.sh fi diff --git a/source/xfce/garcon/garcon.url b/source/xfce/garcon/garcon.url index 9980ede8..2c03b35c 100644 --- a/source/xfce/garcon/garcon.url +++ b/source/xfce/garcon/garcon.url @@ -1 +1 @@ -https://github.com/xfce-mirror/garcon/releases +http://archive.xfce.org/src/xfce/garcon/0.6/garcon-0.6.3.tar.bz2 |