mirror of
git://slackware.nl/current.git
synced 2025-01-15 15:41:54 +01:00
7a2ee07f95
a/aaa_glibc-solibs-2.37-x86_64-3.txz: Rebuilt. a/dialog-1.3_20231002-x86_64-1.txz: Upgraded. ap/mpg123-1.32.3-x86_64-1.txz: Upgraded. d/llvm-17.0.2-x86_64-1.txz: Upgraded. d/meson-1.2.2-x86_64-2.txz: Rebuilt. [PATCH] Revert rust: apply global, project, and environment C args to bindgen. This fixes building Mesa. Thanks to lucabon and marav. kde/calligra-3.2.1-x86_64-34.txz: Rebuilt. Recompiled against poppler-23.10.0. kde/cantor-23.08.1-x86_64-2.txz: Rebuilt. Recompiled against poppler-23.10.0. kde/kfilemetadata-5.110.0-x86_64-2.txz: Rebuilt. Recompiled against poppler-23.10.0. kde/kile-2.9.93-x86_64-28.txz: Rebuilt. Recompiled against poppler-23.10.0. kde/kitinerary-23.08.1-x86_64-2.txz: Rebuilt. Recompiled against poppler-23.10.0. kde/krita-5.1.5-x86_64-15.txz: Rebuilt. Recompiled against poppler-23.10.0. kde/okular-23.08.1-x86_64-2.txz: Rebuilt. Recompiled against poppler-23.10.0. l/glibc-2.37-x86_64-3.txz: Rebuilt. l/glibc-i18n-2.37-x86_64-3.txz: Rebuilt. Patched to fix the "Looney Tunables" vulnerability, a local privilege escalation in ld.so. This vulnerability was introduced in April 2021 (glibc 2.34) by commit 2ed18c. Thanks to Qualys Research Labs for reporting this issue. For more information, see: https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt https://www.cve.org/CVERecord?id=CVE-2023-4911 (* Security fix *) l/glibc-profile-2.37-x86_64-3.txz: Rebuilt. l/mozilla-nss-3.94-x86_64-1.txz: Upgraded. l/poppler-23.10.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. n/NetworkManager-1.44.2-x86_64-1.txz: Upgraded. n/irssi-1.4.5-x86_64-1.txz: Upgraded. x/fcitx5-5.1.1-x86_64-1.txz: Upgraded. x/fcitx5-anthy-5.1.1-x86_64-1.txz: Upgraded. x/fcitx5-chinese-addons-5.1.1-x86_64-1.txz: Upgraded. x/fcitx5-gtk-5.1.0-x86_64-1.txz: Upgraded. x/fcitx5-hangul-5.1.0-x86_64-1.txz: Upgraded. x/fcitx5-kkc-5.1.0-x86_64-1.txz: Upgraded. x/fcitx5-m17n-5.1.0-x86_64-1.txz: Upgraded. x/fcitx5-qt-5.1.1-x86_64-1.txz: Upgraded. x/fcitx5-sayura-5.1.0-x86_64-1.txz: Upgraded. x/fcitx5-table-extra-5.1.0-x86_64-1.txz: Upgraded. x/fcitx5-table-other-5.1.0-x86_64-1.txz: Upgraded. x/fcitx5-unikey-5.1.1-x86_64-1.txz: Upgraded. x/libX11-1.8.7-x86_64-1.txz: Upgraded. This update fixes security issues: libX11: out-of-bounds memory access in _XkbReadKeySyms(). libX11: stack exhaustion from infinite recursion in PutSubImage(). libX11: integer overflow in XCreateImage() leading to a heap overflow. For more information, see: https://lists.x.org/archives/xorg-announce/2023-October/003424.html https://www.cve.org/CVERecord?id=CVE-2023-43785 https://www.cve.org/CVERecord?id=CVE-2023-43786 https://www.cve.org/CVERecord?id=CVE-2023-43787 (* Security fix *) x/libXpm-3.5.17-x86_64-1.txz: Upgraded. This update fixes security issues: libXpm: out of bounds read in XpmCreateXpmImageFromBuffer(). libXpm: out of bounds read on XPM with corrupted colormap. For more information, see: https://lists.x.org/archives/xorg-announce/2023-October/003424.html https://www.cve.org/CVERecord?id=CVE-2023-43788 https://www.cve.org/CVERecord?id=CVE-2023-43789 (* Security fix *) testing/packages/aaa_glibc-solibs-2.38-x86_64-2.txz: Rebuilt. testing/packages/glibc-2.38-x86_64-2.txz: Rebuilt. Patched to fix the "Looney Tunables" vulnerability, a local privilege escalation in ld.so. This vulnerability was introduced in April 2021 (glibc 2.34) by commit 2ed18c. Thanks to Qualys Research Labs for reporting this issue. For more information, see: https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt https://www.cve.org/CVERecord?id=CVE-2023-4911 (* Security fix *) testing/packages/glibc-i18n-2.38-x86_64-2.txz: Rebuilt. testing/packages/glibc-profile-2.38-x86_64-2.txz: Rebuilt.
185 lines
5.9 KiB
Bash
Executable file
185 lines
5.9 KiB
Bash
Executable file
#!/bin/bash
|
|
# Copyright 2005, 2006, 2008, 2009, 2010, 2012 Eric Hameleers, Eindhoven, NL
|
|
# Copyright 2013, 2014, 2015, 2017, 2018, 2019, 2020, 2023 Patrick J. Volkerding, Sebeka, MN, USA
|
|
# All rights reserved.
|
|
#
|
|
# Permission to use, copy, modify, and distribute this software for
|
|
# any purpose with or without fee is hereby granted, provided that
|
|
# the above copyright notice and this permission notice appear in all
|
|
# copies.
|
|
#
|
|
# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
|
|
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
|
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|
# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
|
|
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
|
|
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
|
|
# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
|
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
|
|
# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
# SUCH DAMAGE.
|
|
# -----------------------------------------------------------------------------
|
|
|
|
cd $(dirname $0) ; CWD=$(pwd)
|
|
|
|
PKGNAM=mozilla-nss
|
|
SRCNAM=nss
|
|
VERSION=${VERSION:-3.94}
|
|
NSPR=${NSPR:-4.35}
|
|
BUILD=${BUILD:-1}
|
|
|
|
# Automatically determine the architecture we're building on:
|
|
MARCH=$( uname -m )
|
|
if [ -z "$ARCH" ]; then
|
|
case "$MARCH" in
|
|
i?86) export ARCH=i586 ;;
|
|
armv7hl) export ARCH=$MARCH ;;
|
|
arm*) export ARCH=arm ;;
|
|
# Unless $ARCH is already set, use uname -m for all other archs:
|
|
*) export ARCH=$MARCH ;;
|
|
esac
|
|
fi
|
|
|
|
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
|
|
# the name of the created package would be, and then exit. This information
|
|
# could be useful to other scripts.
|
|
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
|
|
echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
|
|
exit 0
|
|
fi
|
|
|
|
if [ "$ARCH" = "i586" ]; then
|
|
SLKCFLAGS="-O2 -march=i586 -mtune=i686"
|
|
LIBDIRSUFFIX=""
|
|
elif [ "$ARCH" = "x86_64" ]; then
|
|
SLKCFLAGS="-O2 -fPIC"
|
|
LIBDIRSUFFIX="64"
|
|
export USE_64=1
|
|
elif [ "$ARCH" = "armv7hl" ]; then
|
|
SLKCFLAGS="-O2 -march=armv7-a -mfpu=vfpv3-d16"
|
|
LIBDIRSUFFIX=""
|
|
else
|
|
SLKCFLAGS="-O2"
|
|
LIBDIRSUFFIX=""
|
|
fi
|
|
|
|
TMP=${TMP:-/tmp}
|
|
PKG=$TMP/package-$PKGNAM
|
|
|
|
NUMJOBS=${NUMJOBS:-" -j $(expr $(nproc) + 1) "}
|
|
|
|
rm -rf $PKG
|
|
mkdir -p $TMP $PKG
|
|
|
|
cd $TMP
|
|
rm -rf nss-${VERSION}
|
|
rm -rf nspr-${NSPR}
|
|
tar xvf $CWD/nss-$VERSION.tar.?z || exit 1
|
|
cd nss-$VERSION
|
|
tar xvf $CWD/nspr-$NSPR.tar.?z || exit 1
|
|
mv nspr*/nspr .
|
|
|
|
## -Werror is problematic with gcc7:
|
|
#sed -i "s|\ -Werror| |" nss/coreconf/Werror.mk || exit 1
|
|
|
|
# Make sure ownerships and permissions are sane:
|
|
chown -R root:root .
|
|
find . \
|
|
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
|
|
-exec chmod 755 {} \+ -o \
|
|
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
|
|
-exec chmod 644 {} \+
|
|
|
|
cd nss
|
|
./build.sh -v $NUMJOBS --opt --system-sqlite --enable-libpkix --disable-tests
|
|
cd -
|
|
|
|
# Install all the needed stuff to the package dir:
|
|
mkdir -p $PKG/usr/{bin,lib${LIBDIRSUFFIX},include/{nss,nspr}}
|
|
cd dist/Release
|
|
cp -pL bin/{certutil,cmsutil,crlutil,modutil,pk12util,shlibsign,signtool,signver,ssltap} $PKG/usr/bin/
|
|
cp -pL lib/* $PKG/usr/lib${LIBDIRSUFFIX}/
|
|
chmod 755 $PKG/usr/lib${LIBDIRSUFFIX}/*.so*
|
|
cp -rL include/* $PKG/usr/include/
|
|
cp -rpL ../public/nss/*.h $PKG/usr/include/nss/
|
|
# Remove some things we do not need:
|
|
rm -f $PKG/usr/bin/*.so
|
|
rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.{TOC,a}
|
|
rm -rf $PKG/usr/include/nspr/md
|
|
# We require a few static libraries. Why? I don't remember.
|
|
cp -L ../../nss/out/Release/lib{crmf,nssb,nssckfw}.a $PKG/usr/lib${LIBDIRSUFFIX}/ || exit 1
|
|
cd -
|
|
|
|
cd nss/cmd/smimetools
|
|
cp -a smime $PKG/usr/bin/
|
|
chmod 0755 $PKG/usr/bin/smime
|
|
sed -i -e 's#/usr/local/bin#/usr/bin#g' $PKG/usr/bin/smime
|
|
cd -
|
|
|
|
# Install nspr-config:
|
|
cat nspr/Release/config/nspr-config | sed -e "s,^prefix=.*$,prefix=/usr,g" | sed -e "s,libdir=\${exec_prefix}/lib,libdir=\${exec_prefix}/lib${LIBDIRSUFFIX},g" > $PKG/usr/bin/nspr-config
|
|
chmod 755 $PKG/usr/bin/nspr-config
|
|
|
|
# Install nss-config:
|
|
sed -e "s,@prefix@,/usr,g" \
|
|
-e "s,@MOD_MAJOR_VERSION@,$(printf $VERSION | cut -d. -f1),g" \
|
|
-e "s,@MOD_MINOR_VERSION@,$(printf $VERSION | cut -d. -f2),g" \
|
|
-e "s,@MOD_PATCH_VERSION@,$(printf $VERSION | cut -d. -f3),g" \
|
|
$CWD/nss-config.in > $PKG/usr/bin/nss-config
|
|
chmod 755 $PKG/usr/bin/nss-config
|
|
|
|
# Provide pkg-config files:
|
|
mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig
|
|
cat <<EOT > $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/mozilla-nss.pc
|
|
prefix=/usr
|
|
exec_prefix=\${prefix}
|
|
libdir=/usr/lib${LIBDIRSUFFIX}
|
|
includedir=\${prefix}/include/nss
|
|
|
|
Name: NSS
|
|
Description: Network Security Services
|
|
Version: $VERSION
|
|
Requires: nspr >= $NSPR sqlite3
|
|
Libs: -L\${libdir} -lnss3 -lsmime3 -lssl3 -lsoftokn3 -lnssutil3
|
|
Cflags: -I\${includedir}
|
|
EOT
|
|
cat <<EOT > $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/mozilla-nspr.pc
|
|
prefix=/usr
|
|
exec_prefix=\${prefix}
|
|
libdir=/usr/lib${LIBDIRSUFFIX}
|
|
includedir=\${prefix}/include/nspr
|
|
|
|
Name: NSPR
|
|
Description: The Netscape Portable Runtime
|
|
Version: $NSPR
|
|
Libs: -L\${libdir} -lplds4 -lplc4 -lnspr4
|
|
Cflags: -I\${includedir}
|
|
EOT
|
|
|
|
( cd $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig
|
|
ln -s mozilla-nspr.pc nspr.pc
|
|
ln -s mozilla-nss.pc nss.pc
|
|
)
|
|
|
|
# Add documentation:
|
|
mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
|
|
cp -a \
|
|
$CWD/MPL-1.1.txt $CWD/gpl-2.0.txt $CWD/lgpl-2.1.txt \
|
|
$CWD/faq.html \
|
|
$PKG/usr/doc/$PKGNAM-$VERSION
|
|
chown -R root:root $PKG/usr/doc/$PKGNAM-$VERSION
|
|
|
|
# Strip binaries:
|
|
find $PKG | xargs file | grep -e "executable" -e "shared object" \
|
|
| grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
|
|
|
|
# Add a package description:
|
|
mkdir -p $PKG/install
|
|
cat $CWD/slack-desc > $PKG/install/slack-desc
|
|
|
|
# Build the package:
|
|
cd $PKG
|
|
/sbin/makepkg -l y -c n $TMP/${PKGNAM}-${VERSION}-${ARCH}-${BUILD}.txz
|
|
|