Tue May 19 19:47:49 UTC 202020200519194749

a/shadow-4.8.1-x86_64-8.txz:  Rebuilt.
  It seems that /etc/suauth is not supported when PAM is in use, even if
  configure.ac is hacked to enable it. I've removed the man pages for it,
  and would suggest using sudo as a replacement.
l/libexif-0.6.22-x86_64-1.txz:  Upgraded.
  This update fixes bugs and security issues:
  CVE-2018-20030: Fix for recursion DoS
  CVE-2020-13114: Time consumption DoS when parsing canon array markers
  CVE-2020-13113: Potential use of uninitialized memory
  CVE-2020-13112: Various buffer overread fixes due to integer overflows
                  in maker notes
  CVE-2020-0093:  read overflow
  CVE-2019-9278:  replaced integer overflow checks the compiler could
                  optimize away by safer constructs
  CVE-2020-12767: fixed division by zero
  CVE-2016-6328:  fixed integer overflow when parsing maker notes
  CVE-2017-7544:  fixed buffer overread
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20030
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13114
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13113
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13112
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0093
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9278
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12767
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6328
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7544
  (* Security fix *)
l/oniguruma-6.9.5_rev1-x86_64-2.txz:  Rebuilt.
  Rebuilt with --enable-posix-api. Thanks to MisterL.
l/python-packaging-20.4-x86_64-1.txz:  Upgraded.
n/bind-9.16.3-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  A malicious actor who intentionally exploits the lack of effective
  limitation on the number of fetches performed when processing referrals
  can, through the use of specially crafted referrals, cause a recursing
  server to issue a very large number of fetches in an attempt to process
  the referral. This has at least two potential effects: The performance of
  the recursing server can potentially be degraded by the additional work
  required to perform these fetches, and the attacker can exploit this
  behavior to use the recursing server as a reflector in a reflection attack
  with a high amplification factor.
  For more information, see:
    https://kb.isc.org/docs/cve-2020-8616
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616
  (* Security fix *)
x/fontconfig-2.13.92-x86_64-1.txz:  Upgraded.
x/xf86-input-libinput-0.30.0-x86_64-1.txz:  Upgraded.

1 files changed, 7 insertions, 1 deletions

diff --git a/source/a/shadow/shadow.SlackBuild b/source/a/shadow/shadow.SlackBuild
index 21d4d875e..403268789 100755
--- a/source/a/shadow/shadow.SlackBuild
+++ b/source/a/shadow/shadow.SlackBuild
@@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=shadow
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-7}
+BUILD=${BUILD:-8}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -192,6 +192,12 @@ if [ "$SHIP_SU" = "NO" ]; then
   find $PKG/usr/man -name suauth.5 | xargs rm
 fi
 
+# /etc/suauth doesn't work with PAM, even if configure.ac is hacked to try
+# to turn the feature on, so remove the man pages if we're using PAM:
+if [ -L /lib${LIBDIRSUFFIX}/libpam.so.? ]; then
+  find $PKG/usr/man -name suauth.5 | xargs rm
+fi
+
 # /bin/groups is provided by coreutils.
 rm -f $PKG/bin/groups
 find $PKG -name groups.1 -exec rm {} \+