From 617b679ca8e13492475e7b874c30e232e281fbf0 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Fri, 25 Feb 2022 00:03:28 +0000 Subject: Fri Feb 25 00:03:28 UTC 2022 ap/inxi-3.3.13_1-noarch-1.txz: Upgraded. d/parallel-20220222-noarch-1.txz: Upgraded. d/patchelf-0.14.5-x86_64-1.txz: Upgraded. d/rust-1.59.0-x86_64-1.txz: Upgraded. n/cyrus-sasl-2.1.28-x86_64-1.txz: Upgraded. This update fixes bugs and security issues. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19906 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24407 (* Security fix *) n/nftables-1.0.2-x86_64-1.txz: Upgraded. n/nghttp2-1.47.0-x86_64-1.txz: Upgraded. n/openssh-8.9p1-x86_64-1.txz: Upgraded. n/whois-5.5.12-x86_64-1.txz: Upgraded. x/mesa-21.3.7-x86_64-1.txz: Upgraded. x/xf86-video-amdgpu-22.0.0-x86_64-1.txz: Upgraded. xap/freerdp-2.6.0-x86_64-1.txz: Upgraded. xap/gftp-2.9.1b-x86_64-1.txz: Upgraded. extra/xv/xv-3.10a-x86_64-10.txz: Rebuilt. Drop JasPer support until xv can be ported to the new JasPer library (or preferably to openjpeg). --- source/n/cyrus-sasl/cyrus-sasl.SlackBuild | 4 +- source/n/cyrus-sasl/cyrus-sasl.url | 2 +- source/n/openssh/openssh.SlackBuild | 2 +- source/n/openssh/openssh.tcp_wrappers.diff | 68 +++++++++++++++--------------- 4 files changed, 38 insertions(+), 38 deletions(-) (limited to 'source/n') diff --git a/source/n/cyrus-sasl/cyrus-sasl.SlackBuild b/source/n/cyrus-sasl/cyrus-sasl.SlackBuild index 7b900f88b..219e49df4 100755 --- a/source/n/cyrus-sasl/cyrus-sasl.SlackBuild +++ b/source/n/cyrus-sasl/cyrus-sasl.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=cyrus-sasl VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | cut -f 3- -d - | rev | cut -f 3- -d . | rev)} -BUILD=${BUILD:-7} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -123,7 +123,7 @@ gzip -9 $PKG/usr/man/man?/*.? # Add other documentation: mkdir -p $PKG/usr/doc/cyrus-sasl-$VERSION cp -a \ - AUTHORS COPYING* INSTALL NEWS README* \ + AUTHORS* COPYING* INSTALL* NEWS* README* \ saslauthd/LDAP_SASLAUTHD \ doc \ $PKG/usr/doc/cyrus-sasl-$VERSION diff --git a/source/n/cyrus-sasl/cyrus-sasl.url b/source/n/cyrus-sasl/cyrus-sasl.url index 305d0f348..870252ecb 100644 --- a/source/n/cyrus-sasl/cyrus-sasl.url +++ b/source/n/cyrus-sasl/cyrus-sasl.url @@ -1 +1 @@ -ftp://ftp.cyrusimap.org/cyrus-sasl/ +https://github.com/cyrusimap/cyrus-sasl/releases diff --git a/source/n/openssh/openssh.SlackBuild b/source/n/openssh/openssh.SlackBuild index 24a3ac502..275d2558a 100755 --- a/source/n/openssh/openssh.SlackBuild +++ b/source/n/openssh/openssh.SlackBuild @@ -30,7 +30,7 @@ PKG=$TMP/package-openssh PKGNAM=openssh VERSION=${VERSION:-$(echo openssh-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-1} NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} diff --git a/source/n/openssh/openssh.tcp_wrappers.diff b/source/n/openssh/openssh.tcp_wrappers.diff index 60c7c14ed..3b530a5b7 100644 --- a/source/n/openssh/openssh.tcp_wrappers.diff +++ b/source/n/openssh/openssh.tcp_wrappers.diff @@ -1,6 +1,29 @@ ---- ./configure.ac.orig 2020-02-13 18:40:54.000000000 -0600 -+++ ./configure.ac 2020-02-14 19:28:45.566081482 -0600 -@@ -1532,6 +1532,62 @@ +--- ./sshd.8.orig 2022-02-23 05:31:11.000000000 -0600 ++++ ./sshd.8 2022-02-24 13:28:36.533888569 -0600 +@@ -908,6 +908,12 @@ + This file should be writable only by the user, and need not be + readable by anyone else. + .Pp ++.It Pa /etc/hosts.allow ++.It Pa /etc/hosts.deny ++Access controls that should be enforced by tcp-wrappers are defined here. ++Further details are described in ++.Xr hosts_access 5 . ++.Pp + .It Pa /etc/hosts.equiv + This file is for host-based authentication (see + .Xr ssh 1 ) . +@@ -1010,6 +1016,7 @@ + .Xr ssh-keygen 1 , + .Xr ssh-keyscan 1 , + .Xr chroot 2 , ++.Xr hosts_access 5 , + .Xr login.conf 5 , + .Xr moduli 5 , + .Xr sshd_config 5 , +--- ./configure.ac.orig 2022-02-23 05:31:11.000000000 -0600 ++++ ./configure.ac 2022-02-24 13:30:10.535883370 -0600 +@@ -1599,6 +1599,62 @@ AC_MSG_RESULT([no]) fi @@ -63,19 +86,19 @@ # Check whether user wants to use ldns LDNS_MSG="no" AC_ARG_WITH(ldns, -@@ -5389,6 +5445,7 @@ +@@ -5593,6 +5649,7 @@ echo " OSF SIA support: $SIA_MSG" echo " KerberosV support: $KRB5_MSG" echo " SELinux support: $SELINUX_MSG" +echo " TCP Wrappers support: $TCPW_MSG" - echo " MD5 password support: $MD5_MSG" echo " libedit support: $LIBEDIT_MSG" echo " libldns support: $LDNS_MSG" ---- ./sshd.c.orig 2020-02-13 18:40:54.000000000 -0600 -+++ ./sshd.c 2020-02-14 19:30:12.694084273 -0600 -@@ -124,6 +124,13 @@ - #include "ssherr.h" - #include "sk-api.h" + echo " Solaris process contract support: $SPC_MSG" +--- ./sshd.c.orig 2022-02-23 05:31:11.000000000 -0600 ++++ ./sshd.c 2022-02-24 13:28:36.533888569 -0600 +@@ -129,6 +129,13 @@ + #include "srclimit.h" + #include "dh.h" +#ifdef LIBWRAP +#include @@ -87,7 +110,7 @@ /* Re-exec fds */ #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) -@@ -2107,6 +2114,26 @@ +@@ -2138,6 +2145,26 @@ the_active_state = ssh; ssh_packet_set_server(ssh); @@ -114,26 +137,3 @@ check_ip_options(ssh); /* Prepare the channels layer */ ---- ./sshd.8.orig 2020-02-13 18:40:54.000000000 -0600 -+++ ./sshd.8 2020-02-14 19:28:45.574081482 -0600 -@@ -893,6 +893,12 @@ - This file should be writable only by the user, and need not be - readable by anyone else. - .Pp -+.It Pa /etc/hosts.allow -+.It Pa /etc/hosts.deny -+Access controls that should be enforced by tcp-wrappers are defined here. -+Further details are described in -+.Xr hosts_access 5 . -+.Pp - .It Pa /etc/hosts.equiv - This file is for host-based authentication (see - .Xr ssh 1 ) . -@@ -995,6 +1001,7 @@ - .Xr ssh-keygen 1 , - .Xr ssh-keyscan 1 , - .Xr chroot 2 , -+.Xr hosts_access 5 , - .Xr login.conf 5 , - .Xr moduli 5 , - .Xr sshd_config 5 , -- cgit v1.2.3-65-gdbad