diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2022-02-15 20:00:48 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2022-02-16 13:29:58 +0100 |
| commit | c9881ad9794a314c7c9d106a6f82d19f07cda088 (patch) | |
| tree | 196a5646afe2bf7edaab38ad306d42a6d56967fe /patches/source/aaa_base/aaa_base.SlackBuild | |
| parent | 9a5f4fd634196e1d4257a31e89f24291b0398bc5 (diff) | |
| download | current-c9881ad9794a314c7c9d106a6f82d19f07cda088.tar.gz current-c9881ad9794a314c7c9d106a6f82d19f07cda088.tar.xz | |
Tue Feb 15 20:00:48 UTC 202220220215200048_15.0
patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz: Rebuilt.
If root's mailbox did not already exist, it would be created with insecure
permissions leading to possible local information disclosure. This update
ensures that a new mailbox will be created with proper permissions and
ownership, and corrects the permissions on an existing mailbox if they are
found to be incorrect. Thanks to Martin for the bug report.
(* Security fix *)
patches/packages/util-linux-2.37.4-x86_64-1_slack15.0.txz: Upgraded.
This release fixes a security issue in chsh(1) and chfn(8):
By default, these utilities had been linked with libreadline, which allows
the INPUTRC environment variable to be abused to produce an error message
containing data from an arbitrary file. So, don't link these utilities with
libreadline as it does not use secure_getenv() (or a similar concept), or
sanitize the config file path to avoid vulnerabilities that could occur in
set-user-ID or set-group-ID programs.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0563
(* Security fix *)
Diffstat (limited to 'patches/source/aaa_base/aaa_base.SlackBuild')
| -rwxr-xr-x | patches/source/aaa_base/aaa_base.SlackBuild | 111 |
1 files changed, 111 insertions, 0 deletions
diff --git a/patches/source/aaa_base/aaa_base.SlackBuild b/patches/source/aaa_base/aaa_base.SlackBuild new file mode 100755 index 000000000..1b0373e97 --- /dev/null +++ b/patches/source/aaa_base/aaa_base.SlackBuild @@ -0,0 +1,111 @@ +#!/bin/bash + +# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2015, 2018, 2021, 2022 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +cd $(dirname $0) ; CWD=$(pwd) + +PKGNAM=aaa_base +VERSION=15.0 +BUILD=${BUILD:-4_slack15.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i586 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz" + exit 0 +fi + +TMP=${TMP:-/tmp} +PKG=$TMP/package-aaa_base + +rm -rf $PKG +mkdir -p $TMP $PKG + +# Explode the package framework: +cd $PKG +explodepkg $CWD/_aaa_base.tar.gz + +echo "+======================+" +echo "| repackaging aaa_base |" +echo "+======================+" + +cat $CWD/slack-desc > $PKG/install/slack-desc +cp -a $CWD/slackware-version $PKG/etc/slackware-version +chown root:root $PKG/etc/slackware-version +chmod 644 $PKG/etc/slackware-version +cp -a $CWD/os-release $PKG/etc/os-release +chown root:root $PKG/etc/os-release +chmod 644 $PKG/etc/os-release +# Set $ARCH in PRETTY_NAME: +sed -i "s/%ARCH%/$ARCH/g" $PKG/etc/os-release + +# If this is a -current version, label it as such: +if [ -r $CWD/current-release ]; then + # Read variables: + . $CWD/current-release + echo "$SLACKWARE_VERSION" > $PKG/etc/slackware-version + echo "VERSION_CODENAME=$VERSION_CODENAME" >> $PKG/etc/os-release + sed -i "s/PRETTY_NAME=.*/PRETTY_NAME=\"$PRETTY_NAME\"/g" $PKG/etc/os-release +else + echo "VERSION_CODENAME=stable" >> $PKG/etc/os-release +fi + +# Add lib64 directories on x86_64: +if [ "$ARCH" = "x86_64" ]; then + mkdir -p $PKG/lib64 $PKG/usr/lib64 $PKG/usr/local/lib64 +fi + +# Build the package: +cd $PKG +makepkg -l y -c n $TMP/aaa_base-$VERSION-$ARCH-$BUILD.txz + +# Black box warning on -current label: +if [ -r $CWD/current-release ]; then +cat << EOF +################################################################ +################################################################ +## ## +## WARNING: This release is tagged as -current! ## +## ## +## Before issuing a -stable release, rename current-release ## +## to current-release.inactive and then rebuild this package. ## +## ## +################################################################ +################################################################ +EOF +sleep 5 +fi + +# Clean up the extra stuff: +if [ "$1" = "--cleanup" ]; then + rm -rf $PKG +fi |