community/libreoffice: security upgrade to 7.2.7.2

and patch CVE-2022-3140
author: J0WI <J0WI@users.noreply.github.com> 2022-10-21 00:38:37 +0200
committer: Kevin Daudt <kdaudt@alpinelinux.org> 2022-11-02 17:12:18 +0000
commit: 6665b8c225ce1e1dd95aaebf179d1a37ef7e0b54 (patch)
tree: a5791a6900e484f33d8bc7436d22e9e77be7870d
parent: b829a564573443738b1b1c8e91a3c59b56a4a72f (diff)
download: aports-6665b8c225ce1e1dd95aaebf179d1a37ef7e0b54.tar.gz
aports-6665b8c225ce1e1dd95aaebf179d1a37ef7e0b54.tar.bz2
aports-6665b8c225ce1e1dd95aaebf179d1a37ef7e0b54.tar.xz
2 files changed, 317 insertions, 5 deletions
diff --git a/community/libreoffice/APKBUILD b/community/libreoffice/APKBUILD
index 762832b345..47f041b781 100644
--- a/community/libreoffice/APKBUILD
+++ b/community/libreoffice/APKBUILD
@@ -2,8 +2,8 @@
 # Contributor: Timo Teräs <timo.teras@iki.fi>
 # Maintainer: Timo Teräs <timo.teras@iki.fi>
 pkgname=libreoffice
-pkgver=7.2.2.2
-pkgrel=2
+pkgver=7.2.7.2
+pkgrel=0
 pkgdesc="LibreOffice - Meta package for the full office suite"
 url="https://www.libreoffice.org/"
 # missing openjdk11 on riscv64
@@ -147,6 +147,8 @@ source="https://download.documentfoundation.org/libreoffice/src/$_v/libreoffice-
 	$_addsrcurl/libcmis-0.5.2.tar.xz
 	https://dev-www.libreoffice.org/extern/185d60944ea767075d27247c3162b3bc-unowinreg.dll
 	https://dev-www.libreoffice.org/extern/f543e6e2d7275557a839a164941c0a86e5f2c3f2a0042bfc434c88c6dde9e140-opens___.ttf
+	CVE-2022-3140.patch
+
 	linux-musl.patch
 	fix-execinfo.patch
 	disable-liborcus-unittest.patch
@@ -160,6 +162,23 @@ source="https://download.documentfoundation.org/libreoffice/src/$_v/libreoffice-
 	"
 
 # secfixes:
+#   7.2.7.2-r0:
+#     - CVE-2022-3140
+#     - CVE-2022-26305
+#     - CVE-2022-26306
+#     - CVE-2022-26307
+#     - CVE-2021-25636
+#   7.2.2.2-r0:
+#     - CVE-2021-25631
+#     - CVE-2021-25632
+#     - CVE-2021-25633
+#     - CVE-2021-25634
+#     - CVE-2021-25635
+#   6.4.4.2-r0:
+#     - CVE-2020-12802
+#     - CVE-2020-12803
+#   6.4.3.2-r0:
+#     - CVE-2020-12801
 #   6.3.1.2-r0:
 #     - CVE-2019-9854
 #     - CVE-2019-9855
@@ -517,9 +536,9 @@ sdk() {
 }
 
 sha512sums="
-9adc14aa2aa24e1e91b32f0663d3fed8421baf78c3d310e8cc52ae70ea338b9d58406344d22d2c2fa6f91f10ae91945ef2d5713036f9144705bdb4c19ad69ca7  libreoffice-7.2.2.2.tar.xz
-a7f1ce0bdb1feb4b23d63a865f8ccdbcb451e511381852246487dd972b1f9be90b56f1ba9956de9ed7159ca55d0621cf03a0b2424c3a163a5407929ae3e08821  libreoffice-dictionaries-7.2.2.2.tar.xz
-3bfda8085b7276104a949140098c56d0ceee054913bfd640961e74439529e729e4d73aed4e1c300ecfdc3f84820ca931f640b8f53b9270567adfead14055413b  libreoffice-translations-7.2.2.2.tar.xz
+b73efc86b6827ad3df6c6c562fe96c65f96b2559bda2c977ddcc02c7a59986acc776d1decac767abac41095a2e4475e9584a5a1b8d88f7327520b9af6d58421a  libreoffice-7.2.7.2.tar.xz
+ce1c0f8a52568e3a0438a49b7786960b111b110c8ed6ca5ab38cc620c6cb3383e4a3556eb5b88340b9304dfa9c173510dca8c76e77d1e26fc8c62b0ec318251d  libreoffice-dictionaries-7.2.7.2.tar.xz
+584f2829244228c2f0cb437d06a43a8b016ad5e495e762fe625178b51fbd84764bdc0e8722826fe0b670f41a44225a86af9e1251d54e2573df4cb958be22b953  libreoffice-translations-7.2.7.2.tar.xz
 a231eba4a1baca11766ef292ab45e302081115477fe23018652882923308856835cf8c9ecba61a5cf22543474ccef3136965d794a90c9e4e9e6dcc21f9af6e1a  17410483b5b5f267aa18b7e00b65e6e0-hsqldb_1_8_0.zip
 9fe106bbdb55365f589246e5a0d10bbe9b35224132b66a1823dc6361633a67f2acc0e8c393dc7ed70d086858d16d242b8806b8b2184c98e3d20d0be85bed9c44  3404ab6b1792ae5f16bbd603bd1e1d03-libformula-1.1.7.zip
 4a48f1e32907fb2dee601cda3cd7a0d7198b2d51f2a572b647f1e93f901fd511eef3567676e52dfb1723a2cdfbc01f2015ca0bb22903b0bc1476dd618cc9aa8a  35c94d2df8893241173de1d16b6034c0-swingExSrc.zip
@@ -544,6 +563,7 @@ c1a15ebbfe817ec79d4b3f1c97d096bf8511737d7d35d97302856ccfb3de14a1cd16bd31000415d9
 295ab15115e75b1f6074f17d3538afe0de9b2b77ab454f5c63cb05e8df11886d82942fbf21ba01486052e3f6c75b0636b99d8e660cd3472dc4b87c31d3cd557b  libcmis-0.5.2.tar.xz
 854b8ae29b57b40ba6bb6ff66e723a0e8dad053fcc2849f0ad763cd8a31352f4aeba9636fd4e3f0f2a0cd985a6f49b4261b9ace68d6be821ed42cfa7a73eb13c  185d60944ea767075d27247c3162b3bc-unowinreg.dll
 6a6d131dad5191614950a49323ae6d9385afe331983c1c85fde82ce6ee816051d95dde9ef90658b8f0a8a0a21754e72ff724bf41f6b96c046b7b4c2660f7095b  f543e6e2d7275557a839a164941c0a86e5f2c3f2a0042bfc434c88c6dde9e140-opens___.ttf
+bca3f1fa082cb591443dceb0a73de0bf3cb2e27dc5e9bc544fe28fe1531da2b087b7747af3a1e044452125853cf78eb817dd0d963eb06df6b3621432a5cb8e16  CVE-2022-3140.patch
 6d9979b571744900c143dcd4cd27d0ab5c01aab02deed4fc297c3de9b4374436a7641a35a0f9793e31e336a63371a9454ea4d390aff758aa4535c536a4be675a  linux-musl.patch
 bd02f5ab103dfd2189df01c6e14e0c0d13c4ec8497c4b9ab00f49a1e7af341bbc93fb2001b69ffec14c79f9394b14af70bf6ceab8e3af53e8a84ec61c61d555d  fix-execinfo.patch
 121827c1eaa0d09a8ccc757e18c7306fef0b8a22335a1910606d1a59891b8ae33fbe85581baa8b2da79dafd27d952d89c4402f0ffb37cb4f702418d50abf0c90  disable-liborcus-unittest.patch
diff --git a/community/libreoffice/CVE-2022-3140.patch b/community/libreoffice/CVE-2022-3140.patch
new file mode 100644
index 0000000000..a98175a885
--- /dev/null
+++ b/community/libreoffice/CVE-2022-3140.patch
@@ -0,0 +1,292 @@
+From 9f589fbfc5acc84bfcd8210c5b082b4e6521070b Mon Sep 17 00:00:00 2001
+From: Stephan Bergmann <sbergman@redhat.com>
+Date: Tue, 30 Aug 2022 14:04:52 +0200
+Subject: [PATCH] Filter out unwanted command URIs
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139225
+Tested-by: Jenkins
+Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
+(cherry picked from commit 27d29f7df428885865a8e2313283839b20f2a34b)
+Conflicts:
+	desktop/source/app/cmdlineargs.cxx
+
+Change-Id: I0b7e5329af8cc053d14d5c60ec14fe7f364ef993
+Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139182
+Tested-by: Jenkins
+Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
+(cherry picked from commit da291e2960b75153f41d440a1b41961567432e8c)
+
+These commands are always URLs already
+
+Change-Id: I5083765c879689d7f933bbe00ad70bb68e635a21
+Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139042
+Tested-by: Jean-Pierre Ledure <jp@ledure.be>
+Tested-by: Jenkins
+Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
+(cherry picked from commit e61701e1ee6763de72b397e6ade1124eca9400f3)
+Reviewed-on: https://gerrit.libreoffice.org/c/core/+/138980
+Reviewed-by: Caolán McNamara <caolanm@redhat.com>
+(cherry picked from commit 5b4025bb56999f5c895c6f7e0b52f521800d65b0)
+
+check IFrame "FrameURL" target
+
+similiar to
+
+commit b3edf85e0fe6ca03dc26e1bf531be82193bc9627
+Date:   Wed Aug 7 17:37:11 2019 +0100
+
+    warn on load when a document binds an event to a macro
+
+Change-Id: Iea888b1c083d2dc69ec322309ac9ae8c5e5eb315
+Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139059
+Tested-by: Jenkins
+Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
+(cherry picked from commit c7450d0b9d02c64ae3da467d329040787039767e)
+Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139117
+Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
+(cherry picked from commit f5e3b0a7966d7d28817292adbb58fb43f28b7c6d)
+
+check impress/calc IFrame "FrameURL" target
+
+similar to
+
+commit c7450d0b9d02c64ae3da467d329040787039767e
+Date:   Tue Aug 30 17:01:08 2022 +0100
+
+    check IFrame "FrameURL" target
+
+Change-Id: Ibf28c29acb4476830431d02772f3ecd4b23a6a27
+Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139495
+Tested-by: Jenkins
+Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
+(cherry picked from commit d0312786571221c2dd4f63fa69f6f0489d7d39ec)
+---
+ desktop/source/app/cmdlineargs.cxx        | 10 +++++++++-
+ sfx2/source/appl/macroloader.cxx          |  9 +++++++--
+ sfx2/source/doc/iframe.cxx                | 21 ++++++++++++++++-----
+ sfx2/source/inc/macroloader.hxx           |  2 ++
+ sw/source/filter/html/htmlplug.cxx        |  7 ++++++-
+ sw/source/filter/xml/xmltexti.cxx         |  9 +++++++--
+ wizards/source/access2base/DoCmd.xba      |  2 +-
+ wizards/source/scriptforge/SF_Session.xba |  2 +-
+ xmloff/source/draw/ximpshap.cxx           |  4 ++++
+ 9 files changed, 53 insertions(+), 13 deletions(-)
+
+diff --git a/desktop/source/app/cmdlineargs.cxx b/desktop/source/app/cmdlineargs.cxx
+index 4d5a3bb78396..93d9e8742ba8 100644
+--- a/desktop/source/app/cmdlineargs.cxx
++++ b/desktop/source/app/cmdlineargs.cxx
+@@ -28,6 +28,7 @@
+ #include "cmdlineargs.hxx"
+ #include <osl/thread.hxx>
+ #include <tools/stream.hxx>
++#include <tools/urlobj.hxx>
+ #include <rtl/ustring.hxx>
+ #include <rtl/process.h>
+ #include <comphelper/lok.hxx>
+@@ -166,7 +167,14 @@ CommandLineEvent CheckOfficeURI(/* in,out */ OUString& arg, CommandLineEvent cur
+     }
+     if (nURIlen < 0)
+         nURIlen = rest2.getLength();
+-    arg = rest2.copy(0, nURIlen);
++    auto const uri = rest2.copy(0, nURIlen);
++    if (INetURLObject(uri).GetProtocol() == INetProtocol::Macro) {
++        // Let the "Open" machinery process the full command URI (leading to failure, by intention,
++        // as the "Open" machinery does not know about those command URI schemes):
++        curEvt = CommandLineEvent::Open;
++    } else {
++        arg = uri;
++    }
+     return curEvt;
+ }
+ 
+diff --git a/sfx2/source/appl/macroloader.cxx b/sfx2/source/appl/macroloader.cxx
+index 46090f712665..ad70ef5fa0f6 100644
+--- a/sfx2/source/appl/macroloader.cxx
++++ b/sfx2/source/appl/macroloader.cxx
+@@ -68,10 +68,10 @@ css::uno::Sequence<OUString> SAL_CALL SfxMacroLoader::getSupportedServiceNames()
+     return { "com.sun.star.frame.ProtocolHandler" };
+ }
+ 
+-SfxObjectShell* SfxMacroLoader::GetObjectShell_Impl()
++SfxObjectShell* SfxMacroLoader::GetObjectShell(const Reference <XFrame>& xFrame)
+ {
+     SfxObjectShell* pDocShell = nullptr;
+-    Reference < XFrame > xFrame( m_xFrame.get(), UNO_QUERY );
++
+     if ( xFrame.is() )
+     {
+         SfxFrame* pFrame=nullptr;
+@@ -88,6 +88,11 @@ SfxObjectShell* SfxMacroLoader::GetObjectShell_Impl()
+     return pDocShell;
+ }
+ 
++SfxObjectShell* SfxMacroLoader::GetObjectShell_Impl()
++{
++    Reference < XFrame > xFrame( m_xFrame.get(), UNO_QUERY );
++    return SfxMacroLoader::GetObjectShell(xFrame);
++}
+ 
+ uno::Reference<frame::XDispatch> SAL_CALL SfxMacroLoader::queryDispatch(
+     const util::URL&   aURL            ,
+diff --git a/sfx2/source/doc/iframe.cxx b/sfx2/source/doc/iframe.cxx
+index e37607c91a46..3f9036a79b04 100644
+--- a/sfx2/source/doc/iframe.cxx
++++ b/sfx2/source/doc/iframe.cxx
+@@ -38,10 +38,12 @@
+ #include <officecfg/Office/Common.hxx>
+ #include <svl/itemprop.hxx>
+ #include <sfx2/frmdescr.hxx>
++#include <sfx2/objsh.hxx>
+ #include <sfx2/sfxdlg.hxx>
+ #include <toolkit/helper/vclunohelper.hxx>
+ #include <vcl/window.hxx>
+ #include <tools/debug.hxx>
++#include <macroloader.hxx>
+ 
+ using namespace ::com::sun::star;
+ 
+@@ -157,6 +159,19 @@ sal_Bool SAL_CALL IFrameObject::load(
+ {
+     if ( officecfg::Office::Common::Misc::PluginsEnabled::get() )
+     {
++        util::URL aTargetURL;
++        aTargetURL.Complete = maFrmDescr.GetURL().GetMainURL( INetURLObject::DecodeMechanism::NONE );
++        uno::Reference < util::XURLTransformer > xTrans( util::URLTransformer::create( mxContext ) );
++        xTrans->parseStrict( aTargetURL );
++
++        if (INetURLObject(aTargetURL.Complete).GetProtocol() == INetProtocol::Macro)
++        {
++            uno::Reference<frame::XFramesSupplier> xParentFrame = xFrame->getCreator();
++            SfxObjectShell* pDoc = SfxMacroLoader::GetObjectShell(xParentFrame);
++            if (pDoc && !pDoc->AdjustMacroMode())
++                return false;
++        }
++
+         DBG_ASSERT( !mxFrame.is(), "Frame already existing!" );
+         VclPtr<vcl::Window> pParent = VCLUnoHelper::GetWindow( xFrame->getContainerWindow() );
+         VclPtr<IFrameWindow_Impl> pWin = VclPtr<IFrameWindow_Impl>::Create( pParent, maFrmDescr.IsFrameBorderOn() );
+@@ -179,16 +194,12 @@ sal_Bool SAL_CALL IFrameObject::load(
+         if ( xFramesSupplier.is() )
+             mxFrame->setCreator( xFramesSupplier );
+ 
+-        util::URL aTargetURL;
+-        aTargetURL.Complete = maFrmDescr.GetURL().GetMainURL( INetURLObject::DecodeMechanism::NONE );
+-        uno::Reference < util::XURLTransformer > xTrans( util::URLTransformer::create( mxContext ) );
+-        xTrans->parseStrict( aTargetURL );
+-
+         uno::Sequence < beans::PropertyValue > aProps(2);
+         aProps[0].Name = "PluginMode";
+         aProps[0].Value <<= sal_Int16(2);
+         aProps[1].Name = "ReadOnly";
+         aProps[1].Value <<= true;
++
+         uno::Reference < frame::XDispatch > xDisp = mxFrame->queryDispatch( aTargetURL, "_self", 0 );
+         if ( xDisp.is() )
+             xDisp->dispatch( aTargetURL, aProps );
+diff --git a/sfx2/source/inc/macroloader.hxx b/sfx2/source/inc/macroloader.hxx
+index 051486c09adf..62a6555ff877 100644
+--- a/sfx2/source/inc/macroloader.hxx
++++ b/sfx2/source/inc/macroloader.hxx
+@@ -79,6 +79,8 @@ public:
+     virtual void SAL_CALL addStatusListener( const css::uno::Reference< css::frame::XStatusListener >& xControl, const css::util::URL& aURL ) override;
+ 
+     virtual void SAL_CALL removeStatusListener( const css::uno::Reference< css::frame::XStatusListener >& xControl, const css::util::URL& aURL ) override;
++
++    static SfxObjectShell* GetObjectShell(const css::uno::Reference<css::frame::XFrame>& xFrame);
+ };
+ 
+ #endif
+diff --git a/sw/source/filter/html/htmlplug.cxx b/sw/source/filter/html/htmlplug.cxx
+index 65e0419f4ed9..90036cfac67a 100644
+--- a/sw/source/filter/html/htmlplug.cxx
++++ b/sw/source/filter/html/htmlplug.cxx
+@@ -1090,7 +1090,12 @@ void SwHTMLParser::InsertFloatingFrame()
+                 bool bHasBorder = aFrameDesc.HasFrameBorder();
+                 Size aMargin = aFrameDesc.GetMargin();
+ 
+-                xSet->setPropertyValue("FrameURL", uno::makeAny( aFrameDesc.GetURL().GetMainURL( INetURLObject::DecodeMechanism::NONE ) ) );
++                OUString sHRef = aFrameDesc.GetURL().GetMainURL( INetURLObject::DecodeMechanism::NONE );
++
++                if (INetURLObject(sHRef).GetProtocol() == INetProtocol::Macro)
++                    NotifyMacroEventRead();
++
++                xSet->setPropertyValue("FrameURL", uno::makeAny( sHRef ) );
+                 xSet->setPropertyValue("FrameName", uno::makeAny( aName ) );
+ 
+                 if ( eScroll == ScrollingMode::Auto )
+diff --git a/sw/source/filter/xml/xmltexti.cxx b/sw/source/filter/xml/xmltexti.cxx
+index cf0c7e6a85ba..eaf45dd91cd4 100644
+--- a/sw/source/filter/xml/xmltexti.cxx
++++ b/sw/source/filter/xml/xmltexti.cxx
+@@ -857,9 +857,14 @@ uno::Reference< XPropertySet > SwXMLTextImportHelper::createAndInsertFloatingFra
+             uno::Reference < beans::XPropertySet > xSet( xObj->getComponent(), uno::UNO_QUERY );
+             if ( xSet.is() )
+             {
++                OUString sHRef = URIHelper::SmartRel2Abs(
++                            INetURLObject( GetXMLImport().GetBaseURL() ), rHRef );
++
++                if (INetURLObject(sHRef).GetProtocol() == INetProtocol::Macro)
++                    GetXMLImport().NotifyMacroEventRead();
++
+                 xSet->setPropertyValue("FrameURL",
+-                    makeAny( URIHelper::SmartRel2Abs(
+-                            INetURLObject( GetXMLImport().GetBaseURL() ), rHRef ) ) );
++                    makeAny( rHRef ) );
+ 
+                 xSet->setPropertyValue("FrameName",
+                     makeAny( rName ) );
+diff --git a/wizards/source/access2base/DoCmd.xba b/wizards/source/access2base/DoCmd.xba
+index 089486a872fa..20051553c47f 100644
+--- a/wizards/source/access2base/DoCmd.xba
++++ b/wizards/source/access2base/DoCmd.xba
+@@ -2655,7 +2655,7 @@ Private Sub _ShellExecute(sCommand As String)
+ 
+ Dim oShell As Object
+ 	Set oShell = createUnoService(&quot;com.sun.star.system.SystemShellExecute&quot;)
+-	oShell.execute(sCommand, &quot;&quot; , com.sun.star.system.SystemShellExecuteFlags.DEFAULTS)
++	oShell.execute(sCommand, &quot;&quot; , com.sun.star.system.SystemShellExecuteFlags.URIS_ONLY)
+ 
+ End Sub				&apos;	_ShellExecute			V0.8.5
+ 
+diff --git a/wizards/source/scriptforge/SF_Session.xba b/wizards/source/scriptforge/SF_Session.xba
+index a41bffa51377..7c709897947a 100644
+--- a/wizards/source/scriptforge/SF_Session.xba
++++ b/wizards/source/scriptforge/SF_Session.xba
+@@ -513,7 +513,7 @@ Check:
+ Try:
+ 	Set oShell = SF_Utils._GetUNOService(&quot;SystemShellExecute&quot;)
+ 	sCommand = SF_FileSystem._ConvertToUrl(Command)
+-	oShell.execute(sCommand, Parameters, com.sun.star.system.SystemShellExecuteFlags.DEFAULTS)
++	oShell.execute(sCommand, Parameters, com.sun.star.system.SystemShellExecuteFlags.URIS_ONLY)
+ 	bReturn = True
+ 
+ Finally:
+diff --git a/xmloff/source/draw/ximpshap.cxx b/xmloff/source/draw/ximpshap.cxx
+index 65a7e2fb0eef..4afa4e039776 100644
+--- a/xmloff/source/draw/ximpshap.cxx
++++ b/xmloff/source/draw/ximpshap.cxx
+@@ -87,6 +87,7 @@
+ #include <basegfx/polygon/b2dpolypolygon.hxx>
+ #include <basegfx/polygon/b2dpolypolygontools.hxx>
+ #include <basegfx/vector/b2dvector.hxx>
++#include <tools/urlobj.hxx>
+ #include <o3tl/any.hxx>
+ #include <o3tl/safeint.hxx>
+ 
+@@ -3231,6 +3232,9 @@ void SdXMLFloatingFrameShapeContext::StartElement( const css::uno::Reference< cs
+ 
+         if( !maHref.isEmpty() )
+         {
++            if (INetURLObject(maHref).GetProtocol() == INetProtocol::Macro)
++                GetImport().NotifyMacroEventRead();
++
+             xProps->setPropertyValue("FrameURL", Any(maHref) );
+         }
+     }
+-- 
+2.37.3
+
author	J0WI <J0WI@users.noreply.github.com>	2022-10-21 00:38:37 +0200
committer	Kevin Daudt <kdaudt@alpinelinux.org>	2022-11-02 17:12:18 +0000
commit	6665b8c225ce1e1dd95aaebf179d1a37ef7e0b54 (patch)
tree	a5791a6900e484f33d8bc7436d22e9e77be7870d
parent	b829a564573443738b1b1c8e91a3c59b56a4a72f (diff)
download	aports-6665b8c225ce1e1dd95aaebf179d1a37ef7e0b54.tar.gz aports-6665b8c225ce1e1dd95aaebf179d1a37ef7e0b54.tar.bz2 aports-6665b8c225ce1e1dd95aaebf179d1a37ef7e0b54.tar.xz