Miroirs/slackware-current
1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2025-02-12 08:47:54 +01:00
Code Issues Projects Releases Packages Wiki Activity
slackware-current/extra/source/llvm17-compat/llvm17-compat.SlackBuild
Patrick J Volkerding 2d770ad859 Wed Oct 30 21:03:27 UTC 2024 
extra/llvm-19.1.3-x86_64-1_slack15.0.txz:  Upgraded.
  Shared library .so-version bump.
  If you are upgrading from a previous LLVM, you might also need llvm13-compat
  and/or llvm17-compat. We'll be using this for newer Mozilla things.
extra/llvm17-compat-17.0.6-x86_64-1_slack15.0.txz:  Added.
  This is to support any locally compiled software that was linked against
  libLLVM-17.so from the llvm-17.0.6 that was previously in /extra.
extra/rust-bindgen-0.69.4-x86_64-1_slack15.0.txz:  Added.
extra/rust-for-mozilla/rust-1.82.0-x86_64-1_slack15.0.txz:  Upgraded.
extra/tigervnc/tigervnc-1.12.0-x86_64-7_slack15.0.txz:  Rebuilt.
  Recompiled against xorg-server-1.20.14, including a patch for a
  security issue:
  By providing a modified bitmap, a heap-based buffer overflow may occur.
  This may lead to local privilege escalation if the server is run as root
  or remote code execution (e.g. x11 over ssh).
  This vulnerability was discovered by:
  Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-October/003545.html
    https://www.cve.org/CVERecord?id=CVE-2024-9632
  (* Security fix *)
patches/packages/mozilla-firefox-128.4.0esr-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/128.4.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-56/
    https://www.cve.org/CVERecord?id=CVE-2024-10458
    https://www.cve.org/CVERecord?id=CVE-2024-10459
    https://www.cve.org/CVERecord?id=CVE-2024-10460
    https://www.cve.org/CVERecord?id=CVE-2024-10461
    https://www.cve.org/CVERecord?id=CVE-2024-10462
    https://www.cve.org/CVERecord?id=CVE-2024-10463
    https://www.cve.org/CVERecord?id=CVE-2024-10464
    https://www.cve.org/CVERecord?id=CVE-2024-10465
    https://www.cve.org/CVERecord?id=CVE-2024-10466
    https://www.cve.org/CVERecord?id=CVE-2024-10467
  (* Security fix *)
patches/packages/mozilla-thunderbird-128.4.0esr-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.4.0esr/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/
    https://www.cve.org/CVERecord?id=CVE-2024-10458
    https://www.cve.org/CVERecord?id=CVE-2024-10459
    https://www.cve.org/CVERecord?id=CVE-2024-10460
    https://www.cve.org/CVERecord?id=CVE-2024-10461
    https://www.cve.org/CVERecord?id=CVE-2024-10462
    https://www.cve.org/CVERecord?id=CVE-2024-10463
    https://www.cve.org/CVERecord?id=CVE-2024-10464
    https://www.cve.org/CVERecord?id=CVE-2024-10465
    https://www.cve.org/CVERecord?id=CVE-2024-10466
    https://www.cve.org/CVERecord?id=CVE-2024-10467
  (* Security fix *)
patches/packages/xorg-server-1.20.14-x86_64-14_slack15.0.txz:  Rebuilt.
  This update fixes a security issue:
  By providing a modified bitmap, a heap-based buffer overflow may occur.
  This may lead to local privilege escalation if the server is run as root
  or remote code execution (e.g. x11 over ssh).
  This vulnerability was discovered by:
  Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-October/003545.html
    https://www.cve.org/CVERecord?id=CVE-2024-9632
  (* Security fix *)
patches/packages/xorg-server-xephyr-1.20.14-x86_64-14_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-x86_64-14_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-x86_64-14_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xwayland-21.1.4-x86_64-12_slack15.0.txz:  Rebuilt.
  This update fixes a security issue:
  By providing a modified bitmap, a heap-based buffer overflow may occur.
  This may lead to local privilege escalation if the server is run as root
  or remote code execution (e.g. x11 over ssh).
  This vulnerability was discovered by:
  Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-October/003545.html
    https://www.cve.org/CVERecord?id=CVE-2024-9632
  (* Security fix *)
2024-10-31 13:30:38 +01:00

118 lines
4 KiB
Bash
Executable file
Raw Blame History

#!/bin/bash
# Copyright 2024 Patrick J. Volkerding, Sebeka, Minnesota, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=llvm17-compat
VERSION=${VERSION:-17.0.6}
BUILD=${BUILD:-1_slack15.0}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
case "$(uname -m)" in
i?86) ARCH=i586 ;;
arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7hl ;;
# Unless $ARCH is already set, use uname -m for all other archs:
*) ARCH=$(uname -m) ;;
esac
export ARCH
fi
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
# the name of the created package would be, and then exit. This information
# could be useful to other scripts.
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
exit 0
fi
NUMJOBS=${NUMJOBS:-" -j $(expr $(nproc) + 1) "}
if [ "$ARCH" = "i586" ]; then
SLKCFLAGS="-O2 -march=i586 -mtune=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "i686" ]; then
SLKCFLAGS="-O2 -march=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "s390" ]; then
SLKCFLAGS="-O2"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "x86_64" ]; then
SLKCFLAGS="-O2 -fPIC"
LIBDIRSUFFIX="64"
elif [ "$ARCH" = "armv7hl" ]; then
SLKCFLAGS="-O3 -march=armv7-a -mfpu=vfpv3-d16"
LIBDIRSUFFIX=""
else
SLKCFLAGS="-O2"
LIBDIRSUFFIX=""
fi
TMP=${TMP:-/tmp}
PKG=$TMP/package-$PKGNAM
rm -rf $PKG
mkdir -p $TMP $PKG
# Create a directory for the libraries:
mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}
echo "Copying list of directly-linked libraries..."
cat $CWD/llvm17-list-of-libraries-to-retain | while read library ; do
if [ ! "$(echo $library | cut -c 1)" = "#" ]; then
if [ ! -e /usr/lib${LIBDIRSUFFIX}/$library ]; then
echo "ERROR: llvm 17 package must be installed so that we can extract libraries from the system."
exit 1
fi
cp -a -v /usr/lib${LIBDIRSUFFIX}/$library $PKG/usr/lib${LIBDIRSUFFIX}
if [ -L /usr/lib${LIBDIRSUFFIX}/$library ]; then
cp -a /usr/lib${LIBDIRSUFFIX}/$(readlink /usr/lib${LIBDIRSUFFIX}/$library) $PKG/usr/lib${LIBDIRSUFFIX}
fi
fi
done || exit 1
echo "Copying other LLVM libraries required by the already copied ones..."
cd $PKG/usr/lib${LIBDIRSUFFIX}
touch $PKG/scan
while [ -e $PKG/scan ]; do
# we'll reset this flag if we find something. We need to make one pass without
# finding anything to leave this loop.
rm $PKG/scan
for library in lib* ; do
readelf -d $library | grep "Shared library" | rev | cut -f 1 -d ' ' | rev | tr -d \[ | tr -d \] | grep ".so.17$" | while read dep ; do
if [ ! -e $dep ]; then
echo "Copying $dep for $library..."
cp -a -v /usr/lib${LIBDIRSUFFIX}/$dep $PKG/usr/lib${LIBDIRSUFFIX}
if [ -L /usr/lib${LIBDIRSUFFIX}/$dep ]; then
cp -a /usr/lib${LIBDIRSUFFIX}/$(readlink /usr/lib${LIBDIRSUFFIX}/$dep) $PKG/usr/lib${LIBDIRSUFFIX}
fi
touch $PKG/scan
fi
done
done
done
mkdir -p $PKG/install
cat $CWD/slack-desc > $PKG/install/slack-desc
cd $PKG
/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz
Reference in a new issue View git blame Copy permalink