diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2022-04-11 20:49:27 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2022-04-12 06:59:46 +0200 |
commit | 953ba4662ba606085f47de6b2fe08c1a80eb898f (patch) | |
tree | 12a231673d84c7bf867d925fa6a3b41c2c2808a4 /source/a | |
parent | be3b3218759d05ff14a3109334760b1aa701429d (diff) | |
download | current-953ba4662ba606085f47de6b2fe08c1a80eb898f.tar.gz current-953ba4662ba606085f47de6b2fe08c1a80eb898f.tar.xz |
Mon Apr 11 20:49:27 UTC 202220220411204927
a/aaa_libraries-15.1-x86_64-3.txz: Rebuilt.
Upgraded: libz.so.1.2.12, libexpat.so.1.8.8, libcap.so.2.64,
libicudata.so.70.1, libicui18n.so.70.1, libicuio.so.70.1,
libicutest.so.70.1, libicutu.so.70.1, libicuuc.so.70.1.
The icu4c libraries are from the previous package (for temporary
compatibility) and will be removed in a month or so.
Removed: liblber-2.4.so.2.11.7, libldap-2.4.so.2.11.7.
a/haveged-1.9.18-x86_64-1.txz: Upgraded.
I've decided to turn this back on by default in light of comments in
README.md. It doesn't hurt to have an additional source of entropy
(especially in early boot), and the overhead from running this daemon is
negligible.
a/sysvinit-scripts-15.0-noarch-11.txz: Rebuilt.
rc.S, rc.6: use a temporary umask and more syncing to avoid any races when
creating the random seed directory and files. Use the poolsize rather than
a hardcoded 512 bytes when creating a non-creditable seed in the fallback
scripts. Thanks to Jason A. Donenfeld.
a/xfsprogs-5.13.0-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
ap/inxi-3.3.15_1-noarch-1.txz: Upgraded.
ap/sqlite-3.38.2-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
d/help2man-1.49.2-x86_64-1.txz: Upgraded.
kde/attica-5.93.0-x86_64-1.txz: Upgraded.
kde/baloo-5.93.0-x86_64-1.txz: Upgraded.
kde/bluez-qt-5.93.0-x86_64-1.txz: Upgraded.
kde/breeze-icons-5.93.0-noarch-1.txz: Upgraded.
kde/extra-cmake-modules-5.93.0-x86_64-1.txz: Upgraded.
kde/frameworkintegration-5.93.0-x86_64-1.txz: Upgraded.
kde/kactivities-5.93.0-x86_64-1.txz: Upgraded.
kde/kactivities-stats-5.93.0-x86_64-1.txz: Upgraded.
kde/kapidox-5.93.0-x86_64-1.txz: Upgraded.
kde/karchive-5.93.0-x86_64-1.txz: Upgraded.
kde/kauth-5.93.0-x86_64-1.txz: Upgraded.
kde/kbookmarks-5.93.0-x86_64-1.txz: Upgraded.
kde/kcalendarcore-5.93.0-x86_64-1.txz: Upgraded.
kde/kcmutils-5.93.0-x86_64-1.txz: Upgraded.
kde/kcodecs-5.93.0-x86_64-1.txz: Upgraded.
kde/kcompletion-5.93.0-x86_64-1.txz: Upgraded.
kde/kconfig-5.93.0-x86_64-1.txz: Upgraded.
kde/kconfigwidgets-5.93.0-x86_64-1.txz: Upgraded.
kde/kcontacts-5.93.0-x86_64-1.txz: Upgraded.
kde/kcoreaddons-5.93.0-x86_64-1.txz: Upgraded.
kde/kcrash-5.93.0-x86_64-1.txz: Upgraded.
kde/kdav-5.93.0-x86_64-1.txz: Upgraded.
kde/kdbusaddons-5.93.0-x86_64-1.txz: Upgraded.
kde/kdeclarative-5.93.0-x86_64-1.txz: Upgraded.
kde/kded-5.93.0-x86_64-1.txz: Upgraded.
kde/kdelibs4support-5.93.0-x86_64-1.txz: Upgraded.
kde/kdesignerplugin-5.93.0-x86_64-1.txz: Upgraded.
kde/kdesu-5.93.0-x86_64-1.txz: Upgraded.
kde/kdewebkit-5.93.0-x86_64-1.txz: Upgraded.
kde/kdnssd-5.93.0-x86_64-1.txz: Upgraded.
kde/kdoctools-5.93.0-x86_64-1.txz: Upgraded.
kde/kemoticons-5.93.0-x86_64-1.txz: Upgraded.
kde/kfilemetadata-5.93.0-x86_64-1.txz: Upgraded.
kde/kglobalaccel-5.93.0-x86_64-1.txz: Upgraded.
kde/kguiaddons-5.93.0-x86_64-1.txz: Upgraded.
kde/kholidays-5.93.0-x86_64-1.txz: Upgraded.
kde/khtml-5.93.0-x86_64-1.txz: Upgraded.
kde/ki18n-5.93.0-x86_64-1.txz: Upgraded.
kde/kiconthemes-5.93.0-x86_64-1.txz: Upgraded.
kde/kidletime-5.93.0-x86_64-1.txz: Upgraded.
kde/kimageformats-5.93.0-x86_64-1.txz: Upgraded.
kde/kinit-5.93.0-x86_64-1.txz: Upgraded.
kde/kio-5.93.0-x86_64-1.txz: Upgraded.
kde/kirigami2-5.93.0-x86_64-1.txz: Upgraded.
kde/kitemmodels-5.93.0-x86_64-1.txz: Upgraded.
kde/kitemviews-5.93.0-x86_64-1.txz: Upgraded.
kde/kjobwidgets-5.93.0-x86_64-1.txz: Upgraded.
kde/kjs-5.93.0-x86_64-1.txz: Upgraded.
kde/kjsembed-5.93.0-x86_64-1.txz: Upgraded.
kde/kmediaplayer-5.93.0-x86_64-1.txz: Upgraded.
kde/knewstuff-5.93.0-x86_64-1.txz: Upgraded.
kde/knotifications-5.93.0-x86_64-1.txz: Upgraded.
kde/knotifyconfig-5.93.0-x86_64-1.txz: Upgraded.
kde/kpackage-5.93.0-x86_64-1.txz: Upgraded.
kde/kparts-5.93.0-x86_64-1.txz: Upgraded.
kde/kpeople-5.93.0-x86_64-1.txz: Upgraded.
kde/kplotting-5.93.0-x86_64-1.txz: Upgraded.
kde/kpty-5.93.0-x86_64-1.txz: Upgraded.
kde/kquickcharts-5.93.0-x86_64-1.txz: Upgraded.
kde/kross-5.93.0-x86_64-1.txz: Upgraded.
kde/krunner-5.93.0-x86_64-1.txz: Upgraded.
kde/kservice-5.93.0-x86_64-1.txz: Upgraded.
kde/ktexteditor-5.93.0-x86_64-1.txz: Upgraded.
kde/ktextwidgets-5.93.0-x86_64-1.txz: Upgraded.
kde/kunitconversion-5.93.0-x86_64-1.txz: Upgraded.
kde/kwallet-5.93.0-x86_64-1.txz: Upgraded.
kde/kwayland-5.93.0-x86_64-1.txz: Upgraded.
kde/kwidgetsaddons-5.93.0-x86_64-1.txz: Upgraded.
kde/kwindowsystem-5.93.0-x86_64-1.txz: Upgraded.
kde/kxmlgui-5.93.0-x86_64-1.txz: Upgraded.
kde/kxmlrpcclient-5.93.0-x86_64-1.txz: Upgraded.
kde/modemmanager-qt-5.93.0-x86_64-1.txz: Upgraded.
kde/networkmanager-qt-5.93.0-x86_64-1.txz: Upgraded.
kde/oxygen-icons5-5.93.0-noarch-1.txz: Upgraded.
kde/plasma-framework-5.93.0-x86_64-1.txz: Upgraded.
kde/prison-5.93.0-x86_64-1.txz: Upgraded.
kde/purpose-5.93.0-x86_64-1.txz: Upgraded.
kde/qqc2-desktop-style-5.93.0-x86_64-1.txz: Upgraded.
kde/solid-5.93.0-x86_64-1.txz: Upgraded.
kde/sonnet-5.93.0-x86_64-1.txz: Upgraded.
kde/syndication-5.93.0-x86_64-1.txz: Upgraded.
kde/syntax-highlighting-5.93.0-x86_64-1.txz: Upgraded.
kde/threadweaver-5.93.0-x86_64-1.txz: Upgraded.
l/boost-1.78.0-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/harfbuzz-4.2.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/icu4c-71.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libcap-2.64-x86_64-1.txz: Upgraded.
l/libical-3.0.14-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/libqalculate-4.1.1-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/libvisio-0.1.7-x86_64-9.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/nodejs-16.14.2-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/qt5-5.15.3_20220407_9b1efa0e-x86_64-1.txz: Upgraded.
Compiled against icu4c-71.1.
l/qt5-webkit-5.212.0_alpha4-x86_64-9.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/vte-0.66.2-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/dovecot-2.3.18-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/links-2.26-x86_64-1.txz: Upgraded.
n/openssh-9.0p1-x86_64-1.txz: Upgraded.
This update contains some potentially incompatible changes regarding the
scp utility. For more information, see:
https://www.openssh.com/releasenotes.html#9.0
n/php-7.4.28-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/postfix-3.7.0-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/samba-4.16.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/tin-2.6.1-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
t/texlive-2021.210418-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
x/xclock-1.1.1-x86_64-1.txz: Upgraded.
x/xdpyinfo-1.3.3-x86_64-1.txz: Upgraded.
extra/brltty/brltty-6.4-x86_64-5.txz: Rebuilt.
Recompiled against icu4c-71.1.
extra/php80/php80-8.0.17-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
extra/php81/php81-8.1.4-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
extra/sendmail/sendmail-8.17.1-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
extra/sendmail/sendmail-cf-8.17.1-noarch-3.txz: Rebuilt.
Diffstat (limited to 'source/a')
-rwxr-xr-x | source/a/aaa_libraries/aaa_libraries.SlackBuild | 2 | ||||
-rw-r--r-- | source/a/aaa_libraries/symlinks-to-tracked-libs-tmp.d/icu4c | 14 | ||||
-rw-r--r-- | source/a/aaa_libraries/symlinks-to-tracked-libs-tmp.d/openldap-2.4 | 3 | ||||
-rwxr-xr-x | source/a/haveged/haveged.SlackBuild | 4 | ||||
-rw-r--r-- | source/a/sysvinit-scripts/scripts/rc.6 | 29 | ||||
-rw-r--r-- | source/a/sysvinit-scripts/scripts/rc.S | 56 | ||||
-rwxr-xr-x | source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild | 2 | ||||
-rwxr-xr-x | source/a/util-linux/util-linux.SlackBuild | 2 | ||||
-rwxr-xr-x | source/a/xfsprogs/xfsprogs.SlackBuild | 2 |
9 files changed, 53 insertions, 61 deletions
diff --git a/source/a/aaa_libraries/aaa_libraries.SlackBuild b/source/a/aaa_libraries/aaa_libraries.SlackBuild index 24a6d0237..ec67c4b93 100755 --- a/source/a/aaa_libraries/aaa_libraries.SlackBuild +++ b/source/a/aaa_libraries/aaa_libraries.SlackBuild @@ -23,7 +23,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=aaa_libraries VERSION=${VERSION:-15.1} -BUILD=${BUILD:-2} +BUILD=${BUILD:-3} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/a/aaa_libraries/symlinks-to-tracked-libs-tmp.d/icu4c b/source/a/aaa_libraries/symlinks-to-tracked-libs-tmp.d/icu4c index e96d497d3..7fff9cad6 100644 --- a/source/a/aaa_libraries/symlinks-to-tracked-libs-tmp.d/icu4c +++ b/source/a/aaa_libraries/symlinks-to-tracked-libs-tmp.d/icu4c @@ -1,7 +1,7 @@ -# We'll keep these around for a little while... probably remove on 2022-03-22 or thereabouts -/usr/lib/libicudata.so.69 -/usr/lib/libicui18n.so.69 -/usr/lib/libicuio.so.69 -/usr/lib/libicutest.so.69 -/usr/lib/libicutu.so.69 -/usr/lib/libicuuc.so.69 +# We'll keep these around for a little while... probably remove on 2022-05-10 or thereabouts +/usr/lib/libicudata.so.70 +/usr/lib/libicui18n.so.70 +/usr/lib/libicuio.so.70 +/usr/lib/libicutest.so.70 +/usr/lib/libicutu.so.70 +/usr/lib/libicuuc.so.70 diff --git a/source/a/aaa_libraries/symlinks-to-tracked-libs-tmp.d/openldap-2.4 b/source/a/aaa_libraries/symlinks-to-tracked-libs-tmp.d/openldap-2.4 deleted file mode 100644 index ca40013f8..000000000 --- a/source/a/aaa_libraries/symlinks-to-tracked-libs-tmp.d/openldap-2.4 +++ /dev/null @@ -1,3 +0,0 @@ -# We'll keep these around for a little while... probably remove on 2022-04-06 or thereabouts -/usr/lib/liblber-2.4.so.2 -/usr/lib/libldap-2.4.so.2 diff --git a/source/a/haveged/haveged.SlackBuild b/source/a/haveged/haveged.SlackBuild index 163a271c1..15d349363 100755 --- a/source/a/haveged/haveged.SlackBuild +++ b/source/a/haveged/haveged.SlackBuild @@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=haveged VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-1} if [ -z "$ARCH" ]; then case "$( uname -m )" in @@ -102,7 +102,7 @@ find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | gr mkdir -p $PKG/etc/rc.d cat $CWD/rc.haveged > $PKG/etc/rc.d/rc.haveged.new -chmod 644 $PKG/etc/rc.d/rc.haveged.new +chmod 755 $PKG/etc/rc.d/rc.haveged.new find $PKG/usr/man -type f -exec gzip -9 {} \+ for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done diff --git a/source/a/sysvinit-scripts/scripts/rc.6 b/source/a/sysvinit-scripts/scripts/rc.6 index 1ebe12b69..6370a1a86 100644 --- a/source/a/sysvinit-scripts/scripts/rc.6 +++ b/source/a/sysvinit-scripts/scripts/rc.6 @@ -223,26 +223,27 @@ if [ -z "$container" ]; then # Any old seed that exists here shall be deemed useless: if [ -f /etc/random-seed ]; then rm -f /etc/random-seed + sync /etc fi if [ -x /usr/sbin/seedrng ]; then /usr/sbin/seedrng else # we have to fall back on the old method: - # Make sure the new seed storage directory exists: - if [ ! -d /var/lib/seedrng ]; then - mkdir -p /var/lib/seedrng - chmod 700 /var/lib/seedrng - fi + OLD_UMASK="$(umask)" + umask 077 + mkdir -p /var/lib/seedrng echo "The SeedRNG utility was not found. Generating a non-creditable and" echo "inferior RNG seed: /var/lib/seedrng/seed.no-credit" - # To get a seed that matches the pool size, we'll use dd. This assumes that - # by the time the machine was shut down that the kernel had generated nearly - # a full entropy pool, but there is no guarantee of this. - if [ -r /proc/sys/kernel/random/poolsize ]; then - /bin/dd if=/dev/urandom of=/var/lib/seedrng/seed.no-credit count=1 bs=$(expr $(cat /proc/sys/kernel/random/poolsize) / 8) 2> /dev/null - else - /bin/dd if=/dev/urandom of=/var/lib/seedrng/seed.no-credit count=1 bs=512 2> /dev/null - fi - /bin/chmod 400 /var/lib/seedrng/seed.no-credit + SEED="$(cat /var/lib/seedrng/seed.* 2>/dev/null | base64)" + rm -f /var/lib/seedrng/seed.* + sync /var/lib/seedrng + POOLSIZE=$(expr $(cat /proc/sys/kernel/random/poolsize 2> /dev/null || echo 4096) / 8) + { + head -c $POOLSIZE /dev/urandom + echo "$SEED" | base64 -d + } | sha512sum | cut -d ' ' -f 1 > /var/lib/seedrng/seed.no-credit + umask "$OLD_UMASK" + unset OLD_UMASK + unset SEED fi fi diff --git a/source/a/sysvinit-scripts/scripts/rc.S b/source/a/sysvinit-scripts/scripts/rc.S index c49140616..6cb7e3915 100644 --- a/source/a/sysvinit-scripts/scripts/rc.S +++ b/source/a/sysvinit-scripts/scripts/rc.S @@ -474,44 +474,38 @@ fi # to generate good entropy. We'll favor using seedrng, but if it's missing # (shouldn't be) then we'll fall back on using the script method. if [ -z "$container" ]; then - # Make sure the new seed storage directory exists: - if [ ! -d /var/lib/seedrng ]; then - mkdir -p /var/lib/seedrng - chmod 700 /var/lib/seedrng - fi # If the old /etc/random-seed exists and no seedrng-generated seeds exist, # then we might as well use it for non-creditable entropy: + OLD_UMASK="$(umask)" + umask 077 if [ -f /etc/random-seed ]; then - if ! /bin/ls /var/lib/seedrng/seed.* 1> /dev/null 2> /dev/null ; then - echo "Moving /etc/random-seed to /var/lib/seedrng/seed.no-credit." - mv /etc/random-seed /var/lib/seedrng/seed.no-credit - chmod 400 /var/lib/seedrng/seed.no-credit - fi + echo "Appending /etc/random-seed to /var/lib/seedrng/seed.no-credit." + SEED="$(base64 /etc/random-seed)" + rm -f /etc/random-seed + sync /etc + mkdir -p /var/lib/seedrng + echo "$SEED" | base64 -d >> /var/lib/seedrng/seed.no-credit fi # If we have the seedrng utility, we will use it to initialize the RNG: if [ -x /usr/sbin/seedrng ]; then /usr/sbin/seedrng else # we have to fall back on the old method: - if ! /bin/ls /var/lib/seedrng/seed.* 1> /dev/null 2> /dev/null ; then - echo "WARNING: no usable RNG seed was found in /var/lib/seedrng." - else - echo "The SeedRNG utility was not found. Seeding the RNG with an inferior method." - SEED="$(cat /var/lib/seedrng/seed.* | base64)" - rm -f /var/lib/seedrng/seed.* - sync /var/lib/seedrng - echo "$SEED" | base64 -d > /dev/urandom - # The seed saved below isn't going to be as large as the pool size, but - # it would only be used if the power fails before a proper shutdown is - # done. Nevertheless we'll try to get a little entropy saved from our - # previous seed(s) plus some bits from /dev/urandom (which *might* have - # some additional entropy in it). It's probably better than nothing. - echo "Saving a new uncreditable seed: /var/lib/seedrng/seed.no-credit" - { - head -c 512 /dev/urandom - echo "$SEED" | base64 -d - } | sha256sum | cut -d ' ' -f 1 > /var/lib/seedrng/seed.no-credit - chmod 400 /var/lib/seedrng/seed.no-credit - unset SEED - fi + echo "The SeedRNG utility was not found. Seeding the RNG with an inferior method." + SEED="$(cat /var/lib/seedrng/seed.* 2> /dev/null | base64)" + rm -f /var/lib/seedrng/seed.* + sync /var/lib/seedrng + echo "$SEED" | base64 -d > /dev/urandom + # The seed saved below isn't going to be as large as the pool size. + # Nevertheless we'll try to get a little entropy saved from our + # previous seed(s) plus some bits from /dev/urandom (which *might* have + # some additional entropy in it). It's probably better than nothing. + echo "Saving a new uncreditable seed: /var/lib/seedrng/seed.no-credit" + POOLSIZE=$(expr $(cat /proc/sys/kernel/random/poolsize 2> /dev/null || echo 4096) / 8) + { + head -c $POOLSIZE /dev/urandom + echo "$SEED" | base64 -d + } | sha512sum | cut -d ' ' -f 1 > /var/lib/seedrng/seed.no-credit fi + unset SEED + umask "$OLD_UMASK" fi diff --git a/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild b/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild index 17e0dd5ce..2f918911a 100755 --- a/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild +++ b/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild @@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=sysvinit-scripts VERSION=${VERSION:-15.0} ARCH=noarch -BUILD=${BUILD:-10} +BUILD=${BUILD:-11} # If the variable PRINT_PACKAGE_NAME is set, then this script will report what # the name of the created package would be, and then exit. This information diff --git a/source/a/util-linux/util-linux.SlackBuild b/source/a/util-linux/util-linux.SlackBuild index 7ea3dfdbb..bf61f1c8b 100755 --- a/source/a/util-linux/util-linux.SlackBuild +++ b/source/a/util-linux/util-linux.SlackBuild @@ -311,7 +311,7 @@ cat serial.conf > $PKG/etc/serial.conf.new cat setserial.8 | gzip -9c > $PKG/usr/man/man8/setserial.8.gz # Build seedrng, a utility for seeding the kernel random number generator: -gcc -O2 -std=gnu99 $CWD/seedrng.c -o $PKG/usr/sbin/seedrng +cc -O2 -std=gnu99 $CWD/seedrng.c -o $PKG/usr/sbin/seedrng zcat $CWD/seedrng.8.gz > $PKG/usr/man/man8/seedrng.8 # These have always traditionally been available before /usr diff --git a/source/a/xfsprogs/xfsprogs.SlackBuild b/source/a/xfsprogs/xfsprogs.SlackBuild index 1fbf978d3..e53e4c164 100755 --- a/source/a/xfsprogs/xfsprogs.SlackBuild +++ b/source/a/xfsprogs/xfsprogs.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=xfsprogs VERSION=${VERSION:-$(echo xfsprogs-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-3} NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} |