mirror of
git://slackware.nl/current.git
synced 2024-12-28 09:59:53 +01:00
a9219aba34
a/less-653-x86_64-2.txz: Rebuilt.
This update patches a security issue:
less through 653 allows OS command execution via a newline character in the
name of a file, because quoting is mishandled in filename.c. Exploitation
typically requires use with attacker-controlled file names, such as the files
extracted from an untrusted archive. Exploitation also requires the LESSOPEN
environment variable, but this is set by default in many common cases.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-32487
(* Security fix *)
ap/inxi-3.3.34_1-noarch-1.txz: Upgraded.
d/python-setuptools-69.5.1-x86_64-1.txz: Upgraded.
n/bluez-5.74-x86_64-1.txz: Upgraded.
xfce/xfce4-notifyd-0.9.4-x86_64-1.txz: Upgraded.
Almost everyone has jumped to this version, so we'll get with the program.
154 lines
4.4 KiB
Bash
Executable file
154 lines
4.4 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
# Copyright 2005-2024 Patrick J. Volkerding, Sebeka, MN, USA
|
|
# All rights reserved.
|
|
#
|
|
# Redistribution and use of this script, with or without modification, is
|
|
# permitted provided that the following conditions are met:
|
|
#
|
|
# 1. Redistributions of this script must retain the above copyright
|
|
# notice, this list of conditions and the following disclaimer.
|
|
#
|
|
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
|
|
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
|
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
|
|
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
|
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
|
|
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
|
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
|
|
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
|
|
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
cd $(dirname $0) ; CWD=$(pwd)
|
|
|
|
PKGNAM=less
|
|
VERSION=${VERSION:-$(echo less-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
|
|
BUILD=${BUILD:-2}
|
|
|
|
# Automatically determine the architecture we're building on:
|
|
if [ -z "$ARCH" ]; then
|
|
case "$( uname -m )" in
|
|
i?86) export ARCH=i586 ;;
|
|
arm*) export ARCH=arm ;;
|
|
# Unless $ARCH is already set, use uname -m for all other archs:
|
|
*) export ARCH=$( uname -m ) ;;
|
|
esac
|
|
fi
|
|
|
|
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
|
|
# the name of the created package would be, and then exit. This information
|
|
# could be useful to other scripts.
|
|
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
|
|
echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
|
|
exit 0
|
|
fi
|
|
|
|
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}
|
|
|
|
if [ "$ARCH" = "i586" ]; then
|
|
SLKCFLAGS="-O2 -march=i586 -mtune=i686"
|
|
elif [ "$ARCH" = "s390" ]; then
|
|
SLKCFLAGS="-O2"
|
|
elif [ "$ARCH" = "x86_64" ]; then
|
|
SLKCFLAGS="-O2 -fPIC"
|
|
elif [ "$ARCH" = "arm" ]; then
|
|
SLKCFLAGS="-O2 -march=armv4 -mtune=xscale"
|
|
LIBDIRSUFFIX=""
|
|
elif [ "$ARCH" = "armel" ]; then
|
|
SLKCFLAGS="-O2 -march=armv4t"
|
|
LIBDIRSUFFIX=""
|
|
else
|
|
SLKCFLAGS="-O2"
|
|
LIBDIRSUFFIX=""
|
|
fi
|
|
|
|
TMP=${TMP:-/tmp}
|
|
PKG=$TMP/package-less
|
|
rm -rf $PKG
|
|
mkdir -p $TMP $PKG
|
|
|
|
cd $TMP
|
|
rm -rf less-$VERSION
|
|
tar xvf $CWD/less-$VERSION.tar.?z || exit 1
|
|
cd less-$VERSION || exit 1
|
|
|
|
# Fix path in manpage:
|
|
if [ -r less.nro ]; then
|
|
sed -i "s,/usr/local/etc,/etc,g" less.nro
|
|
fi
|
|
|
|
chown -R root:root .
|
|
find . \
|
|
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
|
|
-exec chmod 755 {} \+ -o \
|
|
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
|
|
-exec chmod 644 {} \+
|
|
|
|
# newline in filenames patch for CVE-2024-32487:
|
|
cat $CWD/007521ac3c95bc76.patch | patch -p1 --verbose || exit 1
|
|
|
|
if [ ! -r configure ]; then
|
|
if [ -x ./autogen.sh ]; then
|
|
NOCONFIGURE=1 ./autogen.sh
|
|
else
|
|
autoreconf -vif
|
|
fi
|
|
fi
|
|
|
|
# Prep needed if using the git archive:
|
|
for file in funcs.h less.nro lesskey.nro lessecho.nro ; do
|
|
if [ ! -r $file ]; then
|
|
make -f Makefile.aut $file
|
|
fi
|
|
done
|
|
|
|
CFLAGS="$SLKCFLAGS" \
|
|
./configure \
|
|
--prefix=/usr \
|
|
--sysconfdir=/etc \
|
|
--mandir=/usr/man || exit 1
|
|
|
|
make $NUMJOBS || make || exit 1
|
|
make install DESTDIR=$PKG || exit 1
|
|
|
|
zcat $CWD/lesspipe.sh.gz > $PKG/usr/bin/lesspipe.sh
|
|
chmod 755 $PKG/usr/bin/lesspipe.sh
|
|
|
|
# Compress and link manpages, if any:
|
|
if [ -d $PKG/usr/man ]; then
|
|
( cd $PKG/usr/man
|
|
for manpagedir in $(find . -type d -name "man*") ; do
|
|
( cd $manpagedir
|
|
for eachpage in $( find . -type l -maxdepth 1 | grep -v '\.gz$') ; do
|
|
ln -s $( readlink $eachpage ).gz $eachpage.gz
|
|
rm $eachpage
|
|
done
|
|
gzip -9 *.?
|
|
)
|
|
done
|
|
)
|
|
fi
|
|
|
|
( cd $PKG
|
|
find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
|
|
find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
|
|
)
|
|
|
|
mkdir -p $PKG/usr/doc/less-$VERSION
|
|
cp -a \
|
|
COPYING* LICENSE README NEWS \
|
|
$PKG/usr/doc/less-$VERSION
|
|
|
|
mkdir -p $PKG/usr/man/man1
|
|
for page in less.nro lesskey.nro ; do
|
|
cat $page | gzip -9c > $PKG/usr/man/man1/`basename $page .nro`.1.gz
|
|
done
|
|
|
|
mkdir -p $PKG/install
|
|
cat $CWD/slack-desc > $PKG/install/slack-desc
|
|
|
|
# Build the package:
|
|
cd $PKG
|
|
/sbin/makepkg -l y -c n $TMP/less-$VERSION-$ARCH-$BUILD.txz
|
|
|