mirror of
git://slackware.nl/current.git
synced 2024-12-28 09:59:53 +01:00
b689ecb882
a/kernel-generic-6.1.22-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.22-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.22-x86_64-1.txz: Upgraded.
a/mkinitrd-1.4.11-x86_64-32.txz: Rebuilt.
Add /lib/firmware directory to _initrd-tree.tar.gz. Thanks to walecha.
d/cmake-3.26.2-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.22-x86-1.txz: Upgraded.
d/llvm-16.0.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Thanks to Heinz Wiesinger for the assistance.
Compiled with -DLLVM_BUILD_LLVM_DYLIB=ON -DLLVM_LINK_LLVM_DYLIB=ON
-DCLANG_LINK_CLANG_DYLIB=ON.
I think we'll get 16.0.1 next week if we need to make any adjustments.
d/ruby-3.2.2-x86_64-1.txz: Upgraded.
This update fixes security issues:
ReDoS vulnerability in URI.
ReDoS vulnerability in Time.
For more information, see:
https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755/
https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756/
https://www.cve.org/CVERecord?id=CVE-2023-28755
https://www.cve.org/CVERecord?id=CVE-2023-28756
(* Security fix *)
k/kernel-source-6.1.22-noarch-1.txz: Upgraded.
kde/kdevelop-22.12.3-x86_64-2.txz: Rebuilt.
Recompiled against llvm-16.0.0.
l/openexr-3.1.7-x86_64-1.txz: Upgraded.
l/qt5-5.15.8_20230325_c1a3e988-x86_64-1.txz: Upgraded.
Compiled against llvm-16.0.0.
l/spirv-llvm-translator-16.0.0-x86_64-1.txz: Upgraded.
Compiled against llvm-16.0.0.
Thanks to Heinz Wiesinger for finding the fix for -DBUILD_SHARED_LIBS=ON.
n/pssh-2.3.5-x86_64-1.txz: Upgraded.
n/samba-4.18.1-x86_64-1.txz: Upgraded.
This update fixes security issues:
An incomplete access check on dnsHostName allows authenticated but otherwise
unprivileged users to delete this attribute from any object in the directory.
The Samba AD DC administration tool, when operating against a remote LDAP
server, will by default send new or reset passwords over a signed-only
connection.
The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential
attribute disclosure via LDAP filters was insufficient and an attacker may
be able to obtain confidential BitLocker recovery keys from a Samba AD DC.
Installations with such secrets in their Samba AD should assume they have
been obtained and need replacing.
For more information, see:
https://www.samba.org/samba/security/CVE-2023-0225.html
https://www.samba.org/samba/security/CVE-2023-0922.html
https://www.samba.org/samba/security/CVE-2023-0614.html
https://www.cve.org/CVERecord?id=CVE-2023-0225
https://www.cve.org/CVERecord?id=CVE-2023-0922
https://www.cve.org/CVERecord?id=CVE-2023-0614
(* Security fix *)
x/mesa-23.0.1-x86_64-2.txz: Rebuilt.
Recompiled against llvm-16.0.0 and spirv-llvm-translator-16.0.0.
xap/seamonkey-2.53.16-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.16
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/rust-1.68.2-x86_64-2.txz: Rebuilt.
Use the bundled LLVM rather than the system LLVM.
This version of Rust actually does compile with llvm-16.0.0, but since it
bundles LLVM 15 let's let it use that for now.
usb-and-pxe-installers/usbboot.img: Rebuilt.
188 lines
7.2 KiB
Bash
Executable file
188 lines
7.2 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
# Copyright 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2015, 2016, 2017, 2018, 2021, 2022, 2023 Patrick J. Volkerding, Sebeka, MN, USA
|
|
# All rights reserved.
|
|
#
|
|
# Redistribution and use of this script, with or without modification, is
|
|
# permitted provided that the following conditions are met:
|
|
#
|
|
# 1. Redistributions of this script must retain the above copyright
|
|
# notice, this list of conditions and the following disclaimer.
|
|
#
|
|
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
|
|
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
|
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
|
|
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
|
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
|
|
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
|
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
|
|
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
|
|
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
cd $(dirname $0) ; CWD=$(pwd)
|
|
|
|
PKGNAM=mkinitrd
|
|
VERSION=${VERSION:-1.4.11}
|
|
BB=1.32.1
|
|
BUILD=${BUILD:-32}
|
|
|
|
# Automatically determine the architecture we're building on:
|
|
if [ -z "$ARCH" ]; then
|
|
case "$( uname -m )" in
|
|
i?86) export ARCH=i586 ;;
|
|
arm*) export ARCH=arm ;;
|
|
# Unless $ARCH is already set, use uname -m for all other archs:
|
|
*) export ARCH=$( uname -m ) ;;
|
|
esac
|
|
fi
|
|
|
|
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
|
|
# the name of the created package would be, and then exit. This information
|
|
# could be useful to other scripts.
|
|
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
|
|
echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
|
|
exit 0
|
|
fi
|
|
|
|
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}
|
|
TMP=${TMP:-/tmp}
|
|
PKG=$TMP/package-mkinitrd
|
|
|
|
# Write a warning to stdout if the mkinitrd script has a different version:
|
|
eval $( grep "^MKINITRD_VERSION=" $CWD/mkinitrd )
|
|
if [ "$VERSION" != "$MKINITRD_VERSION" ]; then
|
|
echo "The version of this package ($VERSION) is not equal to the version of the mkinitrd script ($MKINITRD_VERSION)."
|
|
sleep 5
|
|
fi
|
|
|
|
rm -rf $PKG
|
|
mkdir -p $TMP $PKG
|
|
cd $TMP
|
|
rm -rf busybox-$BB
|
|
tar xvf $CWD/busybox-$BB.tar.bz2 || tar xvf $CWD/busybox-$BB.tar.?z || exit 1
|
|
cd busybox-$BB || exit 1
|
|
|
|
if [ -d $CWD/fixes-$BB ]; then
|
|
for pfile in $CWD/fixes-$BB/*.patch ; do
|
|
patch -p1 < $pfile || exit 1
|
|
done
|
|
fi
|
|
|
|
chown -R root:root .
|
|
sed -e \
|
|
's#^CONFIG_PREFIX=.*#CONFIG_PREFIX="'$PKG'/usr/share/mkinitrd/initrd-tree"#' \
|
|
$CWD/busybox-dot-config > .config
|
|
make oldconfig || exit 1
|
|
make $NUMJOBS || make || exit 1
|
|
|
|
mkdir -p $PKG/usr/share/mkinitrd/initrd-tree/{bin,sbin}
|
|
make install || exit 1
|
|
rm -f $PKG/usr/share/mkinitrd/initrd-tree/linuxrc
|
|
|
|
# Copying additional files:
|
|
cp -a $CWD/mkinitrd_command_generator.sh $PKG/usr/share/mkinitrd
|
|
chown root:root $PKG/usr/share/mkinitrd/mkinitrd_command_generator.sh
|
|
chmod 755 $PKG/usr/share/mkinitrd/mkinitrd_command_generator.sh
|
|
cp -a $CWD/keymaps.tar.gz $PKG/usr/share/mkinitrd
|
|
chown root:root $PKG/usr/share/mkinitrd/keymaps.tar.gz
|
|
chmod 644 $PKG/usr/share/mkinitrd/keymaps.tar.gz
|
|
|
|
# Zip up the initrd-tree:
|
|
( cd $PKG/usr/share/mkinitrd/initrd-tree
|
|
tar xf $CWD/_initrd-tree.tar.gz
|
|
cat $CWD/init > init
|
|
|
|
# Patch init:
|
|
zcat $CWD/0001-Fix-LUKSTRIM-with-C-T-and-UUID.patch.gz | patch -p1 --verbose || exit 1
|
|
|
|
# These are useful for ARM:
|
|
mknod -m 644 dev/random c 1 8
|
|
mknod -m 644 dev/urandom c 1 9
|
|
|
|
tar czf ../initrd-tree.tar.gz .
|
|
) || exit 1
|
|
rm -rf $PKG/usr/share/mkinitrd/initrd-tree
|
|
|
|
# Add busybox docs:
|
|
mkdir -p $PKG/usr/doc/busybox-$BB
|
|
cp -a AUTHORS COPYING* INSTALL LICENSE README* TODO* \
|
|
$PKG/usr/doc/busybox-$BB
|
|
cp -a e2fsprogs/README $PKG/usr/doc/busybox-$BB/README.e2fsprogs
|
|
cp -a libbb/README $PKG/usr/doc/busybox-$BB/README.libbb
|
|
cp -a shell/README $PKG/usr/doc/busybox-$BB/README.shell
|
|
cp -a testsuite/README $PKG/usr/doc/busybox-$BB/README.testsuite
|
|
|
|
mkdir -p $PKG/sbin
|
|
cp -a $CWD/mkinitrd $PKG/sbin/mkinitrd
|
|
chown root:root $PKG/sbin/mkinitrd
|
|
chmod 755 $PKG/sbin/mkinitrd
|
|
|
|
# Patch to switch to mktemp:
|
|
( cd $PKG/sbin ; zcat $CWD/mkinitrd.tempfile.to.mktemp.patch.gz | patch --verbose || exit 1) || exit 1
|
|
# Patch mkinitrd to bail on no temp directory:
|
|
( cd $PKG/sbin ; zcat $CWD/0002-bail-if-temp-dir-is-not-created.patch.gz | patch -p1 --verbose || exit 1) || exit 1
|
|
# Don't include 40-usb_modeswitch.rules on the initrd:
|
|
( cd $PKG/sbin ; zcat $CWD/0003-blacklist.40-usb_modeswitch.rules.patch.gz | patch -p1 --verbose || exit 1) || exit 1
|
|
# Support modules compressed with xz:
|
|
( cd $PKG/sbin ; zcat $CWD/0005-support-modules-compressed-with-xz.patch.gz | patch -p1 --verbose || exit 1) || exit 1
|
|
# Ensure target directory for the module exists (cp regression workaround for coreutils-9.1):
|
|
( cd $PKG/sbin ; zcat $CWD/0006-coreutils-9.1-ensure-target-dir-exists.patch.gz | patch -p1 --verbose || exit 1) || exit 1
|
|
rm -f $PKG/sbin/mkinitrd.orig
|
|
# Use -R if we detect the root partition is a partition of a RAID device:
|
|
( cd $PKG/usr/share/mkinitrd ; zcat $CWD/0004-check-if-BASEDEV-is-a-partition-of-a-RAID-volume.patch.gz | patch -p1 --verbose || exit 1) || exit 1
|
|
rm -f $PKG/usr/share/mkinitrd/mkinitrd_command_generator.sh.orig
|
|
# Fix for kmod-30:
|
|
( cd $PKG/sbin ; zcat $CWD/0007-kmod30.patch.gz | patch -p1 --verbose || exit 1) || exit 1
|
|
# Bugfix for previous RAID partition patch:
|
|
( cd $PKG/usr/share/mkinitrd ; zcat $CWD/0008-fix-check-if-BASEDEV-is-a-partition-of-a-RAID-volume.patch.gz | patch -p1 --verbose || exit 1) || exit 1
|
|
rm -f $PKG/sbin/mkinitrd.orig
|
|
|
|
mkdir -p $PKG/usr/man/man{5,8}
|
|
cat $CWD/mkinitrd.conf.5 | gzip -9c > $PKG/usr/man/man5/mkinitrd.conf.5.gz
|
|
cat $CWD/mkinitrd.8 | gzip -9c > $PKG/usr/man/man8/mkinitrd.8.gz
|
|
cat $CWD/mkinitrd_command_generator.8 | gzip -9c > $PKG/usr/man/man8/mkinitrd_command_generator.8.gz
|
|
|
|
mkdir -p $PKG/var/lib/pkgtools/setup
|
|
cp -a $CWD/setup.01.mkinitrd $PKG/var/lib/pkgtools/setup
|
|
chown root:root $PKG/var/lib/pkgtools/setup/setup.01.mkinitrd
|
|
chmod 755 $PKG/var/lib/pkgtools/setup/setup.01.mkinitrd
|
|
|
|
mkdir -p $PKG/usr/sbin
|
|
cp -a $CWD/geninitrd $PKG/usr/sbin
|
|
chown root:root $PKG/usr/sbin/geninitrd
|
|
chmod 755 $PKG/usr/sbin/geninitrd
|
|
|
|
mkdir -p $PKG/etc
|
|
cp -a $CWD/mkinitrd.conf.sample $PKG/etc/mkinitrd.conf.sample
|
|
# ARM systems often need more time to find devices:
|
|
case "$( uname -m )" in
|
|
arm*) sed -e 's@#WAIT="1"@#WAIT="4"@g' \
|
|
-i $PKG/etc/mkinitrd.conf.sample;;
|
|
esac
|
|
chown root:root $PKG/etc/mkinitrd.conf.sample
|
|
chmod 644 $PKG/etc/mkinitrd.conf.sample
|
|
|
|
mkdir -p $PKG/usr/doc/mkinitrd-$VERSION
|
|
sed $CWD/README.initrd \
|
|
-e "s,@DATE@,$(date),g" \
|
|
-e "s,@KERNEL_VERSION@,$(uname -r),g" \
|
|
-e "s,@PACKAGE_VERSION@,$(uname -r | tr - _),g" \
|
|
-e "s,@LILO_KERNEL_NAME@,$(echo $(uname -r) | tr -d . | tr -d - ),g" \
|
|
-e "s,@MKINITRD_VERSION@,$VERSION,g" \
|
|
-e "s,@ARCH@,$ARCH,g" \
|
|
-e "s,@BUILD@,$BUILD,g" \
|
|
> $PKG/usr/doc/mkinitrd-$VERSION/README.initrd
|
|
|
|
mkdir $PKG/boot
|
|
ln -sf /usr/doc/mkinitrd-$VERSION/README.initrd $PKG/boot/README.initrd
|
|
|
|
find $PKG | xargs file | grep -e "executable" -e "shared object" \
|
|
| grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
|
|
|
|
mkdir -p $PKG/install
|
|
cat $CWD/slack-desc > $PKG/install/slack-desc
|
|
|
|
cd $PKG
|
|
/sbin/makepkg -l y -c n $TMP/mkinitrd-$VERSION-$ARCH-$BUILD.txz
|
|
|