diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2022-08-15 20:23:47 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2022-08-16 13:30:28 +0200 |
| commit | cffeb680aad4319c1d5fb44fc6b2c53a42d69617 (patch) | |
| tree | e735fd17cd0ccbe4d5cfcf66db47f44a71fc02be /patches | |
| parent | 24a490781722e3d85824de3a0fd52ebeb35cc14b (diff) | |
| download | current-cffeb680aad4319c1d5fb44fc6b2c53a42d69617.tar.gz current-cffeb680aad4319c1d5fb44fc6b2c53a42d69617.tar.xz | |
Mon Aug 15 20:23:47 UTC 202220220815202347_15.0
patches/packages/rsync-3.2.5-x86_64-1_slack15.0.txz: Upgraded.
Added some file-list safety checking that helps to ensure that a rogue
sending rsync can't add unrequested top-level names and/or include recursive
names that should have been excluded by the sender. These extra safety
checks only require the receiver rsync to be updated. When dealing with an
untrusted sending host, it is safest to copy into a dedicated destination
directory for the remote content (i.e. don't copy into a destination
directory that contains files that aren't from the remote host unless you
trust the remote host).
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29154
(* Security fix *)
Diffstat (limited to 'patches')
| -rw-r--r-- | patches/packages/rsync-3.2.5-x86_64-1_slack15.0.txt | 11 | ||||
| -rwxr-xr-x | patches/source/rsync/rsync.SlackBuild | 120 | ||||
| -rw-r--r-- | patches/source/rsync/slack-desc | 19 |
3 files changed, 150 insertions, 0 deletions
diff --git a/patches/packages/rsync-3.2.5-x86_64-1_slack15.0.txt b/patches/packages/rsync-3.2.5-x86_64-1_slack15.0.txt new file mode 100644 index 000000000..852065581 --- /dev/null +++ b/patches/packages/rsync-3.2.5-x86_64-1_slack15.0.txt @@ -0,0 +1,11 @@ +rsync: rsync (remote file sync) +rsync: +rsync: rsync is a replacement for rcp that has many more features. It +rsync: uses the "rsync algorithm" which provides a very fast method for +rsync: bringing remote files into sync. It does this by sending just the +rsync: differences in the files across the link, without requiring that both +rsync: sets of files are present at one of the ends of the link beforehand. +rsync: rsync was written by Andrew Tridgell and Paul Mackerras. +rsync: +rsync: Homepage: http://rsync.samba.org +rsync: diff --git a/patches/source/rsync/rsync.SlackBuild b/patches/source/rsync/rsync.SlackBuild new file mode 100755 index 000000000..e958127b2 --- /dev/null +++ b/patches/source/rsync/rsync.SlackBuild @@ -0,0 +1,120 @@ +#!/bin/bash + +# Copyright 2008, 2009, 2010, 2011, 2018 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +cd $(dirname $0) ; CWD=$(pwd) + +PKGNAM=rsync +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack15.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i586 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz" + exit 0 +fi + +NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} + +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +TMP=${TMP:-/tmp} +PKG=$TMP/package-rsync +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf rsync-$VERSION +tar xvf $CWD/rsync-$VERSION.tar.?z || exit 1 +cd rsync-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \+ -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \+ + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit + +mv $PKG/usr/share/man $PKG/usr +rmdir $PKG/usr/share + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1 | grep -v '\.gz$') ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/usr/doc/rsync-$VERSION/popt +cp -a \ + COPYING* INSTALL NEWS README* TODO tech_report.tex \ + support \ + $PKG/usr/doc/rsync-$VERSION +( cd popt + cp -a CHANGES COPYING README README.rsync $PKG/usr/doc/rsync-$VERSION/popt +) + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/rsync-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/rsync/slack-desc b/patches/source/rsync/slack-desc new file mode 100644 index 000000000..1b04b3b74 --- /dev/null +++ b/patches/source/rsync/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +rsync: rsync (remote file sync) +rsync: +rsync: rsync is a replacement for rcp that has many more features. It +rsync: uses the "rsync algorithm" which provides a very fast method for +rsync: bringing remote files into sync. It does this by sending just the +rsync: differences in the files across the link, without requiring that both +rsync: sets of files are present at one of the ends of the link beforehand. +rsync: rsync was written by Andrew Tridgell and Paul Mackerras. +rsync: +rsync: Homepage: http://rsync.samba.org +rsync: |