mirror of
git://slackware.nl/current.git
synced 2024-12-29 10:25:00 +01:00
73b668742a
patches/packages/curl-8.1.1-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
patches/packages/texlive-2023.230322-x86_64-1_slack15.0.txz: Upgraded.
This update patches a security issue:
LuaTeX before 1.17.0 allows execution of arbitrary shell commands when
compiling a TeX file obtained from an untrusted source. This occurs
because luatex-core.lua lets the original io.popen be accessed. This also
affects TeX Live before 2023 r66984 and MiKTeX before 23.5.
Thanks to Johannes Schoepfer.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-32700
(* Security fix *)
17 lines
893 B
Bash
Executable file
17 lines
893 B
Bash
Executable file
#!/bin/sh
|
|
# Repacks the texlive tarball to remove unused sources.
|
|
|
|
VERSION=${VERSION:-$(echo texlive-*source.tar.?z* | rev | cut -f 2 -d - | cut -f 1 -d - | rev)}
|
|
|
|
tar xf texlive-${VERSION}-source.tar.xz || exit 1
|
|
mv texlive-${VERSION}-source.tar.xz texlive-${VERSION}-source.tar.xz.orig
|
|
( cd texlive-${VERSION}-source/libs && rm -rf cairo freetype2 gd gmp graphite2 harfbuzz mpfr icu libpng pixman zlib )
|
|
( cd texlive-${VERSION}-source/utils && rm -rf asymptote )
|
|
( cd texlive-${VERSION}-source/utils && rm -rf texdoctk )
|
|
( cd texlive-${VERSION}-source/utils && rm -rf m-tx )
|
|
( cd texlive-${VERSION}-source/texk/texlive && rm -rf w*_wrapper )
|
|
tar cf texlive-${VERSION}-source.tar texlive-${VERSION}-source
|
|
rm -r texlive-${VERSION}-source
|
|
xz texlive-${VERSION}-source.tar
|
|
touch -r texlive-${VERSION}-source.tar.xz.orig texlive-${VERSION}-source.tar.xz
|
|
rm texlive-${VERSION}-source.tar.xz.orig
|