mirror of
git://slackware.nl/current.git
synced 2025-01-25 07:58:40 +01:00
26cd2dd0d1
a/shadow-4.8.1-x86_64-8.txz: Rebuilt. It seems that /etc/suauth is not supported when PAM is in use, even if configure.ac is hacked to enable it. I've removed the man pages for it, and would suggest using sudo as a replacement. l/libexif-0.6.22-x86_64-1.txz: Upgraded. This update fixes bugs and security issues: CVE-2018-20030: Fix for recursion DoS CVE-2020-13114: Time consumption DoS when parsing canon array markers CVE-2020-13113: Potential use of uninitialized memory CVE-2020-13112: Various buffer overread fixes due to integer overflows in maker notes CVE-2020-0093: read overflow CVE-2019-9278: replaced integer overflow checks the compiler could optimize away by safer constructs CVE-2020-12767: fixed division by zero CVE-2016-6328: fixed integer overflow when parsing maker notes CVE-2017-7544: fixed buffer overread For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20030 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13114 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13113 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13112 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0093 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9278 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12767 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6328 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7544 (* Security fix *) l/oniguruma-6.9.5_rev1-x86_64-2.txz: Rebuilt. Rebuilt with --enable-posix-api. Thanks to MisterL. l/python-packaging-20.4-x86_64-1.txz: Upgraded. n/bind-9.16.3-x86_64-1.txz: Upgraded. This update fixes a security issue: A malicious actor who intentionally exploits the lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and the attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor. For more information, see: https://kb.isc.org/docs/cve-2020-8616 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616 (* Security fix *) x/fontconfig-2.13.92-x86_64-1.txz: Upgraded. x/xf86-input-libinput-0.30.0-x86_64-1.txz: Upgraded.
217 lines
7.6 KiB
Bash
Executable file
217 lines
7.6 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
# Copyright 2008, 2009, 2010, 2013, 2017, 2018, 2020 Patrick J. Volkerding, Sebeka, Minnesota, USA
|
|
# All rights reserved.
|
|
#
|
|
# Redistribution and use of this script, with or without modification, is
|
|
# permitted provided that the following conditions are met:
|
|
#
|
|
# 1. Redistributions of this script must retain the above copyright
|
|
# notice, this list of conditions and the following disclaimer.
|
|
#
|
|
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
|
|
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
|
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
|
|
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
|
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
|
|
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
|
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
|
|
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
|
|
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
cd $(dirname $0) ; CWD=$(pwd)
|
|
|
|
PKGNAM=fontconfig
|
|
VERSION=${VERSION:-$(echo fontconfig-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
|
|
BUILD=${BUILD:-1}
|
|
|
|
# Automatically determine the architecture we're building on:
|
|
if [ -z "$ARCH" ]; then
|
|
case "$( uname -m )" in
|
|
i?86) export ARCH=i586 ;;
|
|
arm*) export ARCH=arm ;;
|
|
# Unless $ARCH is already set, use uname -m for all other archs:
|
|
*) export ARCH=$( uname -m ) ;;
|
|
esac
|
|
fi
|
|
|
|
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
|
|
# the name of the created package would be, and then exit. This information
|
|
# could be useful to other scripts.
|
|
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
|
|
echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
|
|
exit 0
|
|
fi
|
|
|
|
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}
|
|
|
|
TMP=${TMP:-/tmp}
|
|
PKG=$TMP/package-fontconfig
|
|
|
|
if [ "$ARCH" = "i586" ]; then
|
|
SLKCFLAGS="-O2 -march=i586 -mtune=i686"
|
|
LIBDIRSUFFIX=""
|
|
elif [ "$ARCH" = "s390" ]; then
|
|
SLKCFLAGS="-O2"
|
|
LIBDIRSUFFIX=""
|
|
elif [ "$ARCH" = "x86_64" ]; then
|
|
SLKCFLAGS="-O2 -fPIC"
|
|
LIBDIRSUFFIX="64"
|
|
else
|
|
SLKCFLAGS="-O2"
|
|
LIBDIRSUFFIX=""
|
|
fi
|
|
|
|
rm -rf $PKG
|
|
mkdir -p $TMP $PKG
|
|
|
|
cd $TMP
|
|
rm -rf fontconfig-$VERSION
|
|
tar xvf $CWD/fontconfig-$VERSION.tar.?z* || exit 1
|
|
cd fontconfig-$VERSION || exit 1
|
|
chown -R root:root .
|
|
find . \
|
|
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
|
|
-exec chmod 755 {} \+ -o \
|
|
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
|
|
-exec chmod 644 {} \+
|
|
|
|
# Prefer DejaVu fonts in 60-latin.conf:
|
|
#zcat $CWD/fontconfig.dejavu.diff.gz | patch -p1 --verbose || exit 1
|
|
|
|
# Prefer Liberation fonts in 60-latin.conf (these work better with hinting):
|
|
zcat $CWD/fontconfig.liberation.diff.gz | patch -p1 --verbose || exit 1
|
|
|
|
# Hardcode the default font search path rather than having fontconfig figure
|
|
# it out (and possibly follow symlinks, or index ugly bitmapped fonts):
|
|
zcat $CWD/fontconfig.font.dir.list.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1
|
|
|
|
# Add some patches from the Fedora SRPM:
|
|
zcat $CWD/fedora-patches/fontconfig-sleep-less.patch.gz | patch -p1 --verbose || exit 1
|
|
#zcat $CWD/fedora-patches/fontconfig-required-freetype-version.patch.gz | patch -p1 --verbose || exit 1
|
|
zcat $CWD/fedora-patches/fontconfig-score-hint-on-match.patch.gz | patch -p1 --verbose || exit 1
|
|
zcat $CWD/fedora-patches/fontconfig-fix-1744377.patch.gz | patch -p1 --verbose || exit 1
|
|
zcat $CWD/fedora-patches/fontconfig-drop-lang-from-pkgkit-format.patch.gz | patch -p1 --verbose || exit 1
|
|
zcat $CWD/fedora-patches/fontconfig-sysroot.patch.gz | patch -p1 --verbose || exit 1
|
|
zcat $CWD/fedora-patches/fontconfig-read-latest-cache.patch.gz | patch -p1 --verbose || exit 1
|
|
zcat $CWD/fedora-patches/fontconfig-mt.patch.gz | patch -p1 --verbose || exit 1
|
|
zcat $CWD/fedora-patches/fontconfig-fix-test.patch.gz | patch -p1 --verbose || exit 1
|
|
zcat $CWD/fedora-patches/fontconfig-fix-assertion.patch.gz | patch -p1 --verbose || exit 1
|
|
zcat $CWD/fedora-patches/fontconfig-fix-dtd.patch.gz | patch -p1 --verbose || exit 1
|
|
zcat $CWD/fedora-patches/fontconfig-fix-dtd-id.patch.gz | patch -p1 --verbose || exit 1
|
|
zcat $CWD/fedora-patches/fontconfig-0-timestamp-dir-on-sb.patch.gz | patch -p1 --verbose || exit 1
|
|
|
|
autoreconf -vif
|
|
|
|
CFLAGS=$SLKCFLAGS \
|
|
./configure \
|
|
--prefix=/usr \
|
|
--libdir=/usr/lib${LIBDIRSUFFIX} \
|
|
--mandir=/usr/man \
|
|
--sysconfdir=/etc \
|
|
--with-templatedir=/etc/fonts/conf.avail \
|
|
--with-baseconfigdir=/etc/fonts \
|
|
--with-configdir=/etc/fonts/conf.d \
|
|
--with-xmldir=/etc/fonts \
|
|
--localstatedir=/var \
|
|
--enable-static=no \
|
|
--enable-libxml2 \
|
|
--build=$ARCH-slackware-linux || exit 1
|
|
|
|
make $NUMJOBS || make || exit 1
|
|
make install DESTDIR=$PKG || exit 1
|
|
|
|
# Don't ship .la files:
|
|
rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
|
|
|
|
# Upstream has changed the default templatedir to /usr/share/fontconfig/conf.avail.
|
|
# This change, if accepted, would break any existing font package containing a
|
|
# conf.avail directory. The safest thing to do is to keep things in the
|
|
# traditional location, but put a link in the new place so that font packages
|
|
# following the new standard location will work. Let's hear it for being
|
|
# "more correct" at the expense of having things "just work"!
|
|
mkdir -p $PKG/usr/share/fontconfig
|
|
( cd $PKG/usr/share/fontconfig ; ln -sf /etc/fonts/conf.avail . )
|
|
|
|
mkdir -p $PKG/usr/doc/fontconfig-$VERSION
|
|
cp -a \
|
|
AUTHORS COPYING* INSTALL NEWS README \
|
|
$PKG/usr/doc/fontconfig-$VERSION
|
|
# You can shop for this kind of stuff in the source tarball.
|
|
rm -rf $PKG/usr/share/doc
|
|
rmdir $PKG/usr/share 2>/dev/null
|
|
|
|
# If there's a ChangeLog, installing at least part of the recent history
|
|
# is useful, but don't let it get totally out of control:
|
|
if [ -r ChangeLog ]; then
|
|
DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION)
|
|
cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog
|
|
touch -r ChangeLog $DOCSDIR/ChangeLog
|
|
fi
|
|
|
|
mkdir -p $PKG/var/log/setup
|
|
cat $CWD/setup.05.fontconfig > $PKG/var/log/setup/setup.05.fontconfig
|
|
chmod 755 $PKG/var/log/setup/setup.05.fontconfig
|
|
|
|
find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
|
|
| cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
|
|
|
|
# Set up the default options in /etc/fonts/conf.d:
|
|
( cd $PKG/etc/fonts/conf.d
|
|
for fontconf in \
|
|
20-unhint-small-vera.conf \
|
|
30-metric-aliases.conf \
|
|
40-nonlatin.conf \
|
|
45-latin.conf \
|
|
49-sansserif.conf \
|
|
50-user.conf \
|
|
51-local.conf \
|
|
60-latin.conf \
|
|
65-fonts-persian.conf \
|
|
65-nonlatin.conf \
|
|
69-unifont.conf \
|
|
80-delicious.conf \
|
|
90-synthetic.conf ; do
|
|
if [ -r ../conf.avail/$fontconf ]; then
|
|
ln -sf ../conf.avail/$fontconf .
|
|
else
|
|
echo "ERROR: unable to symlink ../conf.avail/$fontconf, file does not exist."
|
|
exit 1
|
|
fi
|
|
done
|
|
if [ ! $? = 0 ]; then
|
|
exit 1
|
|
fi
|
|
)
|
|
if [ ! $? = 0 ]; then
|
|
echo "Missing /etc/fonts/$fontconf default. Exiting"
|
|
exit 1
|
|
fi
|
|
|
|
# This is a really ugly default. If you like it, you'll have to link this
|
|
# one yourself:
|
|
rm -f $PKG/etc/fonts/conf.d/10-hinting-slight.conf
|
|
|
|
# Fix manpages:
|
|
if [ -d $PKG/usr/man ]; then
|
|
( cd $PKG/usr/man
|
|
for manpagedir in $(find . -type d -name "man*") ; do
|
|
( cd $manpagedir
|
|
for eachpage in $( find . -type l -maxdepth 1) ; do
|
|
ln -s $( readlink $eachpage ).gz $eachpage.gz
|
|
rm $eachpage
|
|
done
|
|
gzip -9 *.?
|
|
)
|
|
done
|
|
)
|
|
fi
|
|
|
|
mkdir $PKG/install
|
|
cat $CWD/slack-desc > $PKG/install/slack-desc
|
|
zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
|
|
|
|
cd $PKG
|
|
/sbin/makepkg -l y -c n --prepend $TMP/fontconfig-$VERSION-$ARCH-$BUILD.txz
|
|
|