slackware-current/slackware64/a/maketag
Patrick J Volkerding 6f8b2b4fab Wed Jul 19 20:36:46 UTC 2023
a/kernel-firmware-20230707_d3f6606-noarch-1.txz:  Upgraded.
a/kernel-generic-6.1.39-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.1.39-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.1.39-x86_64-1.txz:  Upgraded.
a/xfsprogs-6.4.0-x86_64-1.txz:  Upgraded.
d/cmake-3.27.0-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.1.39-x86-1.txz:  Upgraded.
k/kernel-source-6.1.39-noarch-1.txz:  Upgraded.
l/mpfr-4.2.0p12-x86_64-1.txz:  Upgraded.
n/bind-9.18.17-x86_64-1.txz:  Upgraded.
n/curl-8.2.0-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  fopen race condition.
  For more information, see:
    https://curl.se/docs/CVE-2023-32001.html
    https://www.cve.org/CVERecord?id=CVE-2023-32001
  (* Security fix *)
n/dhcpcd-10.0.2-x86_64-1.txz:  Upgraded.
n/openssh-9.3p2-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  ssh-agent(1) in OpenSSH between and 5.5 and 9.3p1 (inclusive): remote code
  execution relating to PKCS#11 providers.
  The PKCS#11 support ssh-agent(1) could be abused to achieve remote code
  execution via a forwarded agent socket if the following conditions are met:
  * Exploitation requires the presence of specific libraries on the victim
    system.
  * Remote exploitation requires that the agent was forwarded to an
    attacker-controlled system.
  Exploitation can also be prevented by starting ssh-agent(1) with an empty
  PKCS#11/FIDO allowlist (ssh-agent -P '') or by configuring an allowlist that
  contains only specific provider libraries.
  This vulnerability was discovered and demonstrated to be exploitable by the
  Qualys Security Advisory team.
  Potentially-incompatible changes:
  * ssh-agent(8): the agent will now refuse requests to load PKCS#11 modules
  issued by remote clients by default. A flag has been added to restore the
  previous behaviour: "-Oallow-remote-pkcs11".
  For more information, see:
    https://www.openssh.com/txt/release-9.3p2
    https://www.cve.org/CVERecord?id=CVE-2023-38408
  (* Security fix *)
n/samba-4.18.5-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  When winbind is used for NTLM authentication, a maliciously crafted request
  can trigger an out-of-bounds read in winbind and possibly crash it.
  SMB2 packet signing is not enforced if an admin configured
  "server signing = required" or for SMB2 connections to Domain Controllers
  where SMB2 packet signing is mandatory.
  An infinite loop bug in Samba's mdssvc RPC service for Spotlight can be
  triggered by an unauthenticated attacker by issuing a malformed RPC request.
  Missing type validation in Samba's mdssvc RPC service for Spotlight can be
  used by an unauthenticated attacker to trigger a process crash in a shared
  RPC mdssvc worker process.
  As part of the Spotlight protocol Samba discloses the server-side absolute
  path of shares and files and directories in search results.
  For more information, see:
    https://www.samba.org/samba/security/CVE-2022-2127.html
    https://www.samba.org/samba/security/CVE-2023-3347.html
    https://www.samba.org/samba/security/CVE-2023-34966.html
    https://www.samba.org/samba/security/CVE-2023-34967.html
    https://www.samba.org/samba/security/CVE-2023-34968.html
    https://www.cve.org/CVERecord?id=CVE-2022-2127
    https://www.cve.org/CVERecord?id=CVE-2023-3347
    https://www.cve.org/CVERecord?id=CVE-2023-34966
    https://www.cve.org/CVERecord?id=CVE-2023-34967
    https://www.cve.org/CVERecord?id=CVE-2023-34968
  (* Security fix *)
xap/mozilla-firefox-115.0.3esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/115.0.3esr/releasenotes/
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2023-07-19 23:51:30 +02:00

163 lines
9.8 KiB
Bash

#!/bin/sh
#item ####description ###on off ###
TMP=/var/log/setup/tmp
if [ ! -d $TMP ]; then
mkdir -p $TMP
fi
cat /dev/null > $TMP/SeTnewtag
dialog --title "SELECTING PACKAGES FROM SERIES A (BASE LINUX SYSTEM)" \
--checklist "Please confirm the packages you wish to install \
from series A. Use the UP/DOWN keys to scroll through the list, and \
the SPACE key to deselect any packages don't want installed. You are \
cautioned against unselecting REQUIRED packages. However, it's your \
system. :^) Press ENTER when you are done." 21 76 10 \
"aaa_base" "Basic filesystem, shell, and utils - REQUIRED" "on" \
"aaa_glibc-solibs" "Runtime glibc support libraries - REQUIRED" "on" \
"aaa_libraries" "Various shared libraries -- REQUIRED" "on" \
"aaa_terminfo" "A subset of the terminfo database from ncurses" "on" \
"acl" "POSIX Access Control List tools -- REQUIRED" "on" \
"acpid" "ACPI Power Management daemon" "on" \
"attr" "Tools for fs extended attributes -- REQUIRED" "on" \
"bash" "GNU bash shell - REQUIRED" "on" \
"bin" "Various system utilities - REQUIRED" "on" \
"btrfs-progs" "Utilities for btrfs filesystems" "on" \
"bzip2" "bzip2 compression utility" "on" \
"coreutils" "The core GNU command-line utilities - REQUIRED" "on" \
"cpio" "The GNU cpio backup/archiving utility" "on" \
"cpufrequtils" "Kernel CPUfreq utilities" "on" \
"cracklib" "Password checking library - REQUIRED" "on" \
"cryptsetup" "Utilities for encrypting partitions" "on" \
"dbus" "D-Bus message bus system" "on" \
"dcron" "Cron daemon - REQUIRED" "on" \
"devs" "Device files found in /dev - REQUIRED" "on" \
"dialog" "The program that generates these menus :-)" "on" \
"dosfstools" "Tools for working with FAT filesystems" "on" \
"e2fsprogs" "Utilities for ext2/3/4 filesystems - REQUIRED" "on" \
"ed" "A clone of the old, original UN*X line editor" "on" \
"efibootmgr" "Tool to modify UEFI boot entries" "on" \
"efivar" "Library and tools to handle UEFI variables" "on" \
"elilo" "Linux Loader for EFI-based platforms" "on" \
"elogind" "logind extracted from systemd" "on" \
"elvis" "elvis text editor (ex/vi clone)" "on" \
"etc" "System config files & utilities - REQUIRED" "on" \
"eudev" "Manages /dev and modules - REQUIRED" "on" \
"exfatprogs" "exFAT filesystem utilities" "on" \
"f2fs-tools" "Flash-Friendly File System" "on" \
"file" "Determines what file format data is in" "on" \
"findutils" "GNU file finding utilities" "on" \
"floppy" "Utilities for using DOS floppies" "on" \
"gawk" "GNU awk pattern scanning language" "on" \
"genpower" "UPS monitoring daemon" "on" \
"gettext" "Programs used to internationalize scripts" "on" \
"glibc-zoneinfo" "Configures your time zone" "on" \
"gpm" "Cut and paste text with your mouse" "on" \
"gptfdisk" "GPT fdisk utilities" "on" \
"grep" "GNU grep searching tool - REQUIRED" "on" \
"grub" "GNU GRUB, the GRand Unified Bootloader" "on" \
"gzip" "GNU zip compression utility - REQUIRED" "on" \
"haveged" "A simple entropy daemon" "on" \
"hdparm" "Get/Set IDE hard drive parameters" "on" \
"hostname" "Linux hostname utility - REQUIRED" "on" \
"hwdata" "Hardware identification and config data" "on" \
"infozip" "zip/unzip archive utilities" "on" \
"inih" "INI Not Invented Here" "on" \
"iniparser" "ini file parsing library" "on" \
"inotify-tools" "Command-line tools for using inotify." "on" \
"jfsutils" "Utilities for IBM's Journaled Filesystem" "on" \
"kbd" "Change keyboard and console mappings" "on" \
"kernel-firmware" "Linux kernel firmware -- REQUIRED" "on" \
"kernel-generic" "Generic 6.1.39 kernel (needs an initrd)" "on" \
"kernel-huge" "Loaded 6.1.39 Linux kernel" "on" \
"kernel-modules" "Linux 6.1.39 kernel modules -- REQUIRED" "on" \
"kmod" "Kernel module utilities -- REQUIRED" "on" \
"lbzip2" "Parallel bzip2 compressor" "on" \
"less" "A text pager utility - REQUIRED" "on" \
"lhasa" "Free LZH archive tool" "on" \
"libblockdev" "library for manipulating block devices" "on" \
"libbytesize" "library for working with big sizes in bytes" "on" \
"libcgroup" "Tools for using kernel control groups" "on" \
"libgudev" "udev GObject bindings library - REQUIRED" "on" \
"libpwquality" "Password quality checking library - REQUIRED" "on" \
"lilo" "Boot loader for Linux, DOS, OS/2, etc." "on" \
"logrotate" "System log rotation utility" "on" \
"lrzip" "Long Range ZIP" "on" \
"lvm2" "Tools for creating logical volumes" "on" \
"lzip" "A lossless data compressor" "on" \
"lzlib" "lzip compression library" "on" \
"mcelog" "Machine Check Event logger" "on" \
"mdadm" "Utilities for managing MD (RAID) devices" "on" \
"minicom" "Serial transfer and modem comm package" "on" \
"mkinitrd" "Tool for building an initial ramdisk" "on" \
"mlocate" "Locates files on the system" "on" \
"mt-st" "mt ported from BSD - controls tape drive" "on" \
"mtx" "Controls tape autochangers" "on" \
"ncompress" "The historic compress utility" "on" \
"ndctl" "non-volatile memory device library" "on" \
"ntfs-3g" "FUSE-based NTFS read-write mount program" "on" \
"nvi" "nvi text editor (ex/vi clone)" "on" \
"openssl-solibs" "OpenSSL shared libraries -- REQUIRED" "on" \
"openssl11-solibs" "OpenSSL shared libraries version 1.1.x" "on" \
"os-prober" "A tool for finding bootable OS partitions" "on" \
"pam" "Pluggable Authentication Modules -- REQUIRED" "on" \
"patch" "Applies a diff file to an original file" "on" \
"pciutils" "Linux PCI utilities" "on" \
"pcmciautils" "PCMCIA card services for the Linux kernel" "on" \
"pkgtools" "Slackware package management tools - REQUIRED" "on" \
"plzip" "Parallel lzip compressor" "on" \
"procps-ng" "Displays process info - REQUIRED" "on" \
"quota" "User disk quota utilities" "on" \
"reiserfsprogs" "Tools for the ReiserFS journaling filesystem" "on" \
"rpm2tgz" "A simple script to convert an RPM to a tgz" "on" \
"sdparm" "Get/Set SCSI hard drive parameters" "on" \
"sed" "GNU stream editor -- REQUIRED" "on" \
"shadow" "Shadow password suite -- REQUIRED" "on" \
"sharutils" "GNU shell archive utilities - REQUIRED" "on" \
"smartmontools" "Hard drive monitoring utilities" "on" \
"splitvt" "Split a screen into sections (use screen ;-)" "on" \
"sysfsutils" "Utilities for the sysfs filesystem" "on" \
"sysklogd" "Logs system and kernel messages" "on" \
"syslinux" "Loader for making Linux boot floppies" "on" \
"sysvinit" "System V-like INIT programs - REQUIRED" "on" \
"sysvinit-functions" "Init functions used by some third-party apps" "on" \
"sysvinit-scripts" "The startup scripts for Slackware - REQUIRED" "on" \
"tar" "GNU tar archive utility -- REQUIRED" "on" \
"tcsh" "Extended C shell /bin/tcsh" "on" \
"time" "Times how long a process takes to run" "on" \
"tree" "Display a directory in tree form" "on" \
"udisks" "storage device daemon" "on" \
"udisks2" "storage device daemon v2" "on" \
"unarj" "Extract ARJ archives" "on" \
"upower" "power management abstraction daemon" "on" \
"usb_modeswitch" "Switching tool for multiple mode USB devices" "on" \
"usbutils" "Linux USB utilities" "on" \
"userspace-rcu" "userspace read-copy-update library" "on" \
"utempter" "Library used for writing to utmp/wtmp" "on" \
"util-linux" "Util-linux utilities - REQUIRED" "on" \
"volume_key" "manipulate storage keys" "on" \
"which" "Locate an executable in your \$PATH" "on" \
"xfsprogs" "Utilities for SGI's XFS filesystem" "on" \
"xz" "xz (LZMA) compression utility - REQUIRED" "on" \
"zerofree" "Zero free blocks from ext* filesystems" "on" \
"zoo" "Zoo archive utility" "on" \
2> $TMP/SeTpkgs
if [ $? = 1 -o $? = 255 ]; then
rm -f $TMP/SeTpkgs
> $TMP/SeTnewtag
for pkg in \
aaa_base aaa_glibc-solibs aaa_libraries aaa_terminfo acl acpid attr bash bin btrfs-progs bzip2 coreutils cpio cpufrequtils cracklib cryptsetup dbus dcron devs dialog dosfstools e2fsprogs ed efibootmgr efivar elilo elogind elvis etc eudev exfatprogs f2fs-tools file findutils floppy gawk genpower gettext glibc-zoneinfo gpm gptfdisk grep grub gzip haveged hdparm hostname hwdata infozip inih iniparser inotify-tools jfsutils kbd kernel-firmware kernel-generic kernel-huge kernel-modules kmod lbzip2 less lhasa libblockdev libbytesize libcgroup libgudev libpwquality lilo logrotate lrzip lvm2 lzip lzlib mcelog mdadm minicom mkinitrd mlocate mt-st mtx ncompress ndctl ntfs-3g nvi openssl-solibs openssl11-solibs os-prober pam patch pciutils pcmciautils pkgtools plzip procps-ng quota reiserfsprogs rpm2tgz sdparm sed shadow sharutils smartmontools splitvt sysfsutils sysklogd syslinux sysvinit sysvinit-functions sysvinit-scripts tar tcsh time tree udisks udisks2 unarj upower usb_modeswitch usbutils userspace-rcu utempter util-linux volume_key which xfsprogs xz zerofree zoo \
; do
echo "$pkg: SKP" >> $TMP/SeTnewtag
done
exit
fi
cat /dev/null > $TMP/SeTnewtag
for PACKAGE in \
aaa_base aaa_glibc-solibs aaa_libraries aaa_terminfo acl acpid attr bash bin btrfs-progs bzip2 coreutils cpio cpufrequtils cracklib cryptsetup dbus dcron devs dialog dosfstools e2fsprogs ed efibootmgr efivar elilo elogind elvis etc eudev exfatprogs f2fs-tools file findutils floppy gawk genpower gettext glibc-zoneinfo gpm gptfdisk grep grub gzip haveged hdparm hostname hwdata infozip inih iniparser inotify-tools jfsutils kbd kernel-firmware kernel-generic kernel-huge kernel-modules kmod lbzip2 less lhasa libblockdev libbytesize libcgroup libgudev libpwquality lilo logrotate lrzip lvm2 lzip lzlib mcelog mdadm minicom mkinitrd mlocate mt-st mtx ncompress ndctl ntfs-3g nvi openssl-solibs openssl11-solibs os-prober pam patch pciutils pcmciautils pkgtools plzip procps-ng quota reiserfsprogs rpm2tgz sdparm sed shadow sharutils smartmontools splitvt sysfsutils sysklogd syslinux sysvinit sysvinit-functions sysvinit-scripts tar tcsh time tree udisks udisks2 unarj upower usb_modeswitch usbutils userspace-rcu utempter util-linux volume_key which xfsprogs xz zerofree zoo \
; do
if grep "\(^\| \)$PACKAGE\( \|$\)" $TMP/SeTpkgs 1> /dev/null 2> /dev/null ; then
echo "$PACKAGE: ADD" >> $TMP/SeTnewtag
else
echo "$PACKAGE: SKP" >> $TMP/SeTnewtag
fi
done
rm -f $TMP/SeTpkgs