Miroirs/slackware-current
1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2024-12-27 09:59:16 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
slackware-current/testing/source/rust/rust.url
Patrick J Volkerding 4657194ae3 Tue Oct 1 18:01:38 UTC 2024 
Several ELF objects were found to have rpaths pointing into /tmp, a world
writable directory. This could have allowed a local attacker to launch denial
of service attacks or execute arbitrary code when the affected binaries are
run by placing crafted ELF objects in the /tmp rpath location. All rpaths with
an embedded /tmp path have been scrubbed from the binaries, and makepkg has
gained a lint feature to detect these so that they won't creep back in.
extra/llvm-17.0.6-x86_64-2_slack15.0.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
patches/packages/cryfs-0.10.3-x86_64-5_slack15.0.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
patches/packages/cups-filters-1.28.17-x86_64-2_slack15.0.txz:  Rebuilt.
  Mitigate security issue that could lead to a denial of service or
  the execution of arbitrary code.
  Rebuilt with --with-browseremoteprotocols=none to disable incoming
  connections, since this daemon has been shown to be insecure. If you
  actually use cups-browsed, be sure to install the new
  /etc/cups/cups-browsed.conf.new containing this line:
  BrowseRemoteProtocols none
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-47176
  (* Security fix *)
patches/packages/espeak-ng-1.50-x86_64-4_slack15.0.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
patches/packages/libvncserver-0.9.13-x86_64-4_slack15.0.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
patches/packages/marisa-0.2.6-x86_64-5_slack15.0.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
patches/packages/mlt-7.4.0-x86_64-2_slack15.0.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
patches/packages/mozilla-firefox-115.16.0esr-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/115.16.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-48
    https://www.cve.org/CVERecord?id=CVE-2024-9392
    https://www.cve.org/CVERecord?id=CVE-2024-9393
    https://www.cve.org/CVERecord?id=CVE-2024-9394
    https://www.cve.org/CVERecord?id=CVE-2024-9401
  (* Security fix *)
patches/packages/openobex-1.7.2-x86_64-6_slack15.0.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
patches/packages/pkgtools-15.0-noarch-44_slack15.0.txz:  Rebuilt.
  makepkg: when looking for ELF objects with --remove-rpaths or
  --remove-tmp-rpaths, avoid false hits on files containing 'ELF' as part
  of the directory or filename.
  Also warn about /tmp rpaths after the package is built.
patches/packages/spirv-llvm-translator-13.0.0-x86_64-2_slack15.0.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
testing/packages/llvm-18.1.8-x86_64-2_slack15.0.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
2024-10-02 13:30:38 +02:00

35 lines
1.6 KiB
INI
Raw Blame History

# Source code (repacked to .tar.lz):
VERSION=1.81.0
rm -f rustc-${VERSION}-src.tar.*
lftpget https://static.rust-lang.org/dist/rustc-${VERSION}-src.tar.gz
lftpget https://static.rust-lang.org/dist/rustc-${VERSION}-src.tar.gz.asc
if gpg --verify rustc-${VERSION}-src.tar.gz.asc ; then
rm -f rustc-${VERSION}-src.tar.gz.asc
gzip -d rustc-*tar.gz
plzip -9 -v rustc-*tar
else
echo "FATAL ERROR: Not recompressing since GPG signature failed."
exit 1
fi
# Please note that the bootstrap binary packages listed below might not be kept
# updated for later versions. The Rust compiler as shipped with Slackware
# should be able to compile the next released version of Rust.
#
# To find the expected date/versions for bootstrap binaries to be able to
# update the settings below, look at src/stage0 in the Rust sources.
exit 0
BOOTSTRAP_DATE=2024-08-08
BOOTSTRAP_VERSION=1.80.1
BOOTSTRAP_CARGO=$BOOTSTRAP_VERSION
# i686 bootstrap:
lftpget https://static.rust-lang.org/dist/${BOOTSTRAP_DATE}/cargo-${BOOTSTRAP_CARGO}-i686-unknown-linux-gnu.tar.xz
lftpget https://static.rust-lang.org/dist/${BOOTSTRAP_DATE}/rust-std-${BOOTSTRAP_VERSION}-i686-unknown-linux-gnu.tar.xz
lftpget https://static.rust-lang.org/dist/${BOOTSTRAP_DATE}/rustc-${BOOTSTRAP_VERSION}-i686-unknown-linux-gnu.tar.xz
# x86_64 bootstrap:
lftpget https://static.rust-lang.org/dist/${BOOTSTRAP_DATE}/cargo-${BOOTSTRAP_CARGO}-x86_64-unknown-linux-gnu.tar.xz
lftpget https://static.rust-lang.org/dist/${BOOTSTRAP_DATE}/rust-std-${BOOTSTRAP_VERSION}-x86_64-unknown-linux-gnu.tar.xz
lftpget https://static.rust-lang.org/dist/${BOOTSTRAP_DATE}/rustc-${BOOTSTRAP_VERSION}-x86_64-unknown-linux-gnu.tar.xz
Reference in a new issue View git blame Copy permalink