mirror of
git://slackware.nl/current.git
synced 2024-12-26 09:58:59 +01:00
9a67067c0e
a/etc-15.0-x86_64-17.txz: Rebuilt.
Added named:named (53:53) user and group.
a/kernel-firmware-20210915_198ac65-noarch-1.txz: Upgraded.
a/kernel-generic-5.14.4-x86_64-1.txz: Upgraded.
a/kernel-huge-5.14.4-x86_64-1.txz: Upgraded.
a/kernel-modules-5.14.4-x86_64-1.txz: Upgraded.
ap/sudo-1.9.8-x86_64-1.txz: Upgraded.
d/kernel-headers-5.14.4-x86-1.txz: Upgraded.
k/kernel-source-5.14.4-noarch-1.txz: Upgraded.
kde/breeze-icons-5.85.0-noarch-2.txz: Rebuilt.
Patched with upstream commit to allow using this icon theme with Xfce.
l/fluidsynth-2.2.3-x86_64-1.txz: Upgraded.
l/python-charset-normalizer-2.0.5-x86_64-1.txz: Upgraded.
l/qca-2.3.4-x86_64-1.txz: Upgraded.
n/NetworkManager-1.32.10-x86_64-3.txz: Rebuilt.
Switch to dhcp=internal to avoid problems swimming upstream.
For those looking for a fix to continue using dhcpcd, a PRIVSEP build
variable was added to the SlackBuild, and you may produce a fully
NetworkManager compatible dhcpcd package with this command:
PRIVSEP=no ./dhcpcd.SlackBuild
Privilege separation remains the dhcpcd package default as we don't want
to weaken security for those using rc.inet1 along with dhcpcd.
Some additional comments about this were added to 00-dhcp-client.conf
mentioning this and the workaround of killing dhcpcd manually when
resuming with the stock dhcpcd package.
n/bind-9.16.21-x86_64-1.txz: Upgraded.
Fixed call to rndc-confgen in the install script.
Make /etc/rndc.key owned by named:named.
Run named as named:named by default (configurable in /etc/default/named).
rc.bind: chown /run/named and /var/named to configured user:group.
Thanks to Ressy for prompting this cleanup. :)
n/curl-7.79.0-x86_64-1.txz: Upgraded.
This update fixes security issues:
clear the leftovers pointer when sending succeeds.
do not ignore --ssl-reqd.
reject STARTTLS server response pipelining.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
(* Security fix *)
n/links-2.24-x86_64-1.txz: Upgraded.
n/wireguard-tools-1.0.20210914-x86_64-1.txz: Upgraded.
x/libinput-1.19.0-x86_64-1.txz: Upgraded.
xap/gimp-2.10.28-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
38 lines
1.1 KiB
Bash
38 lines
1.1 KiB
Bash
#!/bin/sh
|
|
config() {
|
|
NEW="$1"
|
|
OLD="`dirname $NEW`/`basename $NEW .new`"
|
|
# If there's no config file by that name, mv it over:
|
|
if [ ! -r $OLD ]; then
|
|
mv $NEW $OLD
|
|
elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy
|
|
rm $NEW
|
|
fi
|
|
# Otherwise, we leave the .new copy for the admin to consider...
|
|
}
|
|
|
|
# Keep same perms on rc.bind.new:
|
|
if [ -e etc/rc.d/rc.bind ]; then
|
|
cp -a etc/rc.d/rc.bind etc/rc.d/rc.bind.new.incoming
|
|
cat etc/rc.d/rc.bind.new > etc/rc.d/rc.bind.new.incoming
|
|
mv etc/rc.d/rc.bind.new.incoming etc/rc.d/rc.bind.new
|
|
fi
|
|
|
|
config etc/default/named.new
|
|
config etc/named.conf.new
|
|
config etc/rc.d/rc.bind.new
|
|
|
|
# Add a /var/named if it doesn't exist:
|
|
if [ ! -d var/named ]; then
|
|
mkdir -p var/named
|
|
chmod 755 var/named
|
|
fi
|
|
|
|
# Generate /etc/rndc.key if there's none there,
|
|
# and there's also no /etc/rndc.conf (the other
|
|
# way to set this up).
|
|
if [ ! -r etc/rndc.key -a ! -r /etc/rndc.conf ]; then
|
|
chroot . /sbin/ldconfig
|
|
chroot . /usr/sbin/rndc-confgen -a 2> /dev/null
|
|
chroot . /bin/chown named:named /etc/rndc.key 2> /dev/null
|
|
fi
|