From 11b00957be9f8661c4248d52bb20cdacdd442615 Mon Sep 17 00:00:00 2001
From: Patrick J Volkerding <volkerdi@slackware.com>
Date: Wed, 13 Jun 2018 21:55:19 +0000
Subject: Wed Jun 13 21:55:19 UTC 2018

a/etc-15.0-x86_64-5.txz:  Rebuilt.
  Don't hardcode passwd/shadow/group additions in doinst.sh - get them from
  the .new files.
a/sysvinit-scripts-2.1-noarch-11.txz:  Rebuilt.
  rc.S: don't start rc.haveged in this script - move it to rc.M.
  rc.M: start rc.haveged after seeding /dev/urandom in rc.S, and after
  starting syslogd, klogd, and udev in rc.M.
  rc.M: start rc.rndg (we don't ship it or rng-tools) after udev.
  H. Peter Anvin says that it's fine to run both haveged and rndg,
  and I trust his opinion on that.
  Thanks to GazL.
ap/at-3.1.20-x86_64-4.txz:  Rebuilt.
  Fixed wrong variable in rc.atd. Thanks to upnort.
n/libgcrypt-1.8.3-x86_64-1.txz:  Upgraded.
  Use blinding for ECDSA signing to mitigate a novel side-channel attack.
  For more information, see:
    https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0495
  (* Security fix *)
---
 source/a/sysvinit-scripts/scripts/rc.M | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'source/a/sysvinit-scripts/scripts/rc.M')

diff --git a/source/a/sysvinit-scripts/scripts/rc.M b/source/a/sysvinit-scripts/scripts/rc.M
index 6bd667c56..30c852958 100644
--- a/source/a/sysvinit-scripts/scripts/rc.M
+++ b/source/a/sysvinit-scripts/scripts/rc.M
@@ -94,6 +94,16 @@ if grep -wq sysfs /proc/mounts && grep -q devtmpfs /proc/filesystems ; then
   fi
 fi
 
+# Start the haveged entropy daemon:
+if [ -x /etc/rc.d/rc.haveged ]; then
+  /etc/rc.d/rc.haveged start
+fi
+
+# Start the rngd entropy daemon:
+if [ -x /etc/rc.d/rc.rngd ]; then
+  /etc/rc.d/rc.rngd start
+fi
+
 # Initialize the networking hardware.
 if [ -x /etc/rc.d/rc.inet1 ]; then
   /etc/rc.d/rc.inet1
-- 
cgit v1.2.3