diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2018-09-06 06:15:46 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2018-09-06 18:00:33 +0200 |
commit | ce9883adcab118cd8a0ae45076486ebf643fe2d5 (patch) | |
tree | 5401dcca86cb602cf0a9b8443345458c51735cec /source/a | |
parent | 38dfc4aa131a87735dfc8629c3394c7d2670e9d5 (diff) | |
download | current-ce9883adcab118cd8a0ae45076486ebf643fe2d5.tar.gz |
Thu Sep 6 06:15:46 UTC 201820180906061546
a/acpid-2.0.30-x86_64-1.txz: Upgraded.
a/etc-15.0-x86_64-9.txz: Rebuilt.
Added support for /etc/ld.so.conf.d/. Thanks to Qury.
a/kernel-firmware-20180904_85c5d90-noarch-1.txz: Upgraded.
a/kernel-generic-4.14.68-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.68-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.68-x86_64-1.txz: Upgraded.
a/pkgtools-15.0-noarch-22.txz: Rebuilt.
installpkg: prevent noise from the "stray cat" if tar hands it a broken
pipe. Thanks to ivandi.
Also (in the comments) provide a possibly better but untested solution.
Thanks to SeB.
a/sysvinit-2.90-x86_64-2.txz: Rebuilt.
sysvinit-2.90 added an undocumented feature that tries to spawn agetty
if it sees console= in the kernel command line. Avoiding the debate about
whether this code belongs in init at all, at least such a change should
be documented, and probably made opt-in. This patch disables the new
behavior unless "sysvinit_agetty" is also seen in the kernel command line.
It seems like this might have been something added for Hurd, and it might
be wise to stick to what we've got rather than following upstream on this
particular package. If anyone notices any other odd behavior, please let
me know. Thanks to shastah.
a/sysvinit-scripts-2.1-noarch-19.txz: Rebuilt.
When checking for intel_pstate, direct the stderr to /dev/null in case
the file doesn't exist in /sys. Thanks to ivandi.
Allow forcing an option by editing /etc/default/cpufreq.
ap/cups-filters-1.21.2-x86_64-1.txz: Upgraded.
ap/ghostscript-9.24-x86_64-1.txz: Upgraded.
Patched multiple -dSAFER sandbox bypass vulnerabilities.
Thanks to Tavis Ormandy.
For more information, see:
https://www.ghostscript.com/doc/9.24/News.htm
https://www.kb.cert.org/vuls/id/332928
(* Security fix *)
ap/sudo-1.8.25-x86_64-1.txz: Upgraded.
d/binutils-2.31.1-x86_64-2.txz: Rebuilt.
elf.c (_bfd_elf_get_symbol_version_string): Return _("<corrupt>") for
corrupt symbol version info.
elflink.c (bfd_elf_record_link_assignment): Always clear h->verinfo.verdef
when overriding a dynamic definition.
Thanks to Michael Short for pointing out the upstream patches.
d/ccache-3.4.3-x86_64-1.txz: Upgraded.
d/kernel-headers-4.14.68-x86-1.txz: Upgraded.
d/llvm-6.0.1-x86_64-2.txz: Rebuilt.
Recompiled with -DCLANG_BUILD_SHARED_LIBS=ON to fix issues when multiple
OpenCL drivers are installed. Thanks to Heinz Wiesinger.
d/mercurial-4.7.1-x86_64-1.txz: Upgraded.
k/kernel-source-4.14.68-noarch-1.txz: Upgraded.
l/mozilla-nss-3.39-x86_64-1.txz: Upgraded.
n/curl-7.61.1-x86_64-1.txz: Upgraded.
This update fixes an NTLM password overflow via integer overflow.
For more information, see:
https://curl.haxx.se/docs/CVE-2018-14618.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14618
(* Security fix *)
n/gnupg2-2.2.10-x86_64-1.txz: Upgraded.
n/libtirpc-1.1.4-x86_64-1.txz: Upgraded.
n/netatalk-3.1.11-x86_64-2.txz: Rebuilt.
rc.atalk: fixed errors in status output. Thanks to marav.
n/nghttp2-1.33.0-x86_64-1.txz: Upgraded.
n/p11-kit-0.23.14-x86_64-1.txz: Upgraded.
n/stunnel-5.49-x86_64-1.txz: Upgraded.
x/libdrm-2.4.94-x86_64-1.txz: Upgraded.
x/xf86-video-ati-20180824_de88ea27-x86_64-1.txz: Upgraded.
xap/hexchat-2.14.2-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-60.2.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
xap/xlockmore-5.56-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to 'source/a')
-rw-r--r-- | source/a/acpid/acpid.url | 2 | ||||
-rw-r--r-- | source/a/etc/_etc/etc/ld.so.conf.new | 1 | ||||
-rwxr-xr-x | source/a/etc/etc.SlackBuild | 2 | ||||
-rwxr-xr-x | source/a/pkgtools/pkgtools.SlackBuild | 2 | ||||
-rw-r--r-- | source/a/pkgtools/scripts/installpkg | 23 | ||||
-rw-r--r-- | source/a/sysvinit-scripts/default/cpufreq | 3 | ||||
-rw-r--r-- | source/a/sysvinit-scripts/doinst.sh | 1 | ||||
-rw-r--r-- | source/a/sysvinit-scripts/scripts/rc.cpufreq | 8 | ||||
-rwxr-xr-x | source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild | 6 | ||||
-rwxr-xr-x | source/a/sysvinit/sysvinit.SlackBuild | 9 | ||||
-rw-r--r-- | source/a/sysvinit/sysvinit.no.console.agetty.without.sysvinit_agetty.diff | 16 |
11 files changed, 66 insertions, 7 deletions
diff --git a/source/a/acpid/acpid.url b/source/a/acpid/acpid.url index eda46461..5b352a80 100644 --- a/source/a/acpid/acpid.url +++ b/source/a/acpid/acpid.url @@ -1 +1 @@ -http://downloads.sourceforge.net/project/acpid2/acpid-2.0.29.tar.xz +http://downloads.sourceforge.net/project/acpid2/acpid-2.0.30.tar.xz diff --git a/source/a/etc/_etc/etc/ld.so.conf.new b/source/a/etc/_etc/etc/ld.so.conf.new index 804909e1..365df63f 100644 --- a/source/a/etc/_etc/etc/ld.so.conf.new +++ b/source/a/etc/_etc/etc/ld.so.conf.new @@ -1,3 +1,4 @@ +include /etc/ld.so.conf.d/*.conf /lib /usr/lib /usr/local/lib diff --git a/source/a/etc/etc.SlackBuild b/source/a/etc/etc.SlackBuild index 1dccffdf..ac74c0a9 100755 --- a/source/a/etc/etc.SlackBuild +++ b/source/a/etc/etc.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=etc VERSION=15.0 -BUILD=${BUILD:-8} +BUILD=${BUILD:-9} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/a/pkgtools/pkgtools.SlackBuild b/source/a/pkgtools/pkgtools.SlackBuild index 74964133..18451d5f 100755 --- a/source/a/pkgtools/pkgtools.SlackBuild +++ b/source/a/pkgtools/pkgtools.SlackBuild @@ -30,7 +30,7 @@ PKGNAM=pkgtools # *** UPDATE THESE WITH EACH BUILD: VERSION=15.0 ARCH=${ARCH:-noarch} -BUILD=${BUILD:-21} +BUILD=${BUILD:-22} # If the variable PRINT_PACKAGE_NAME is set, then this script will report what # the name of the created package would be, and then exit. This information diff --git a/source/a/pkgtools/scripts/installpkg b/source/a/pkgtools/scripts/installpkg index 0d82f89c..9e75ef03 100644 --- a/source/a/pkgtools/scripts/installpkg +++ b/source/a/pkgtools/scripts/installpkg @@ -493,7 +493,28 @@ for package in $* ; do fi # The stray cat reduces the frequency of the lack of reported size. # If it still fails, we hit it with a bigger hammer down below. - cat $package | $packagecompression -dc | LC_ALL=C dd 2> $TMP/tmpsize${MCOOKIE} | cat | tar tf - 2> /dev/null 1> $TMP/tmplist${MCOOKIE} + # + # SeB's proposed fix for this. Untested. + #cat $package | $packagecompression -dc | LC_ALL=C dd 2> $TMP/tmpsize${MCOOKIE} | ( tar tf - ; cat > /dev/null ) 2> /dev/null 1> $TMP/tmplist${MCOOKIE} + # Some background info from SeB's email: + # As you can see, when dd doesn't print anything, it returns 141, + # which means it has got a SIGPIPE. The problem is hence some tar + # archives cause tar to exit before having emptied stdin. That's + # why adding a cat before tar sometimes makes things better (tar + # causes it to get a SIGPIPE some ms before it causes itself dd to + # get one) + # + # A fix is then to replace: + # + # cat ... | $decompressor ... | ... dd ... | cat ... | tar tf - >... + # + # with: + # + # $decompressor ... | ... dd ... | ( tar tf -; cat >/dev/null ) >... + # + # This way the last cat will either exit because there's nothing on + # stdin or purge this one properly so dd gets the EOF it needs. + cat $package | $packagecompression -dc | LC_ALL=C dd 2> $TMP/tmpsize${MCOOKIE} | cat 2> /dev/null | tar tf - 2> /dev/null 1> $TMP/tmplist${MCOOKIE} TARERROR=$? if [ ! "$TARERROR" = "0" ]; then EXITSTATUS=1 # tar file corrupt diff --git a/source/a/sysvinit-scripts/default/cpufreq b/source/a/sysvinit-scripts/default/cpufreq new file mode 100644 index 00000000..13dcda6e --- /dev/null +++ b/source/a/sysvinit-scripts/default/cpufreq @@ -0,0 +1,3 @@ +# To select a particular CPU governor option for /etc/rc.d/rc.cpufreq, +# uncomment the line below and edit it to select your choice: +#SCALING_GOVERNOR=ondemand diff --git a/source/a/sysvinit-scripts/doinst.sh b/source/a/sysvinit-scripts/doinst.sh index f6e94f5d..c11a1798 100644 --- a/source/a/sysvinit-scripts/doinst.sh +++ b/source/a/sysvinit-scripts/doinst.sh @@ -23,6 +23,7 @@ config etc/rc.d/rc.loop.new config etc/rc.d/rc.sysvinit.new config etc/rc.d/rc.modules.new config etc/rc.d/rc.modules.local.new +config etc/default/cpufreq.new ( cd etc/rc.d ; rm -rf rc.0 ) ( cd etc/rc.d ; ln -sf rc.6 rc.0 ) diff --git a/source/a/sysvinit-scripts/scripts/rc.cpufreq b/source/a/sysvinit-scripts/scripts/rc.cpufreq index 24adb8d9..4caaa5a4 100644 --- a/source/a/sysvinit-scripts/scripts/rc.cpufreq +++ b/source/a/sysvinit-scripts/scripts/rc.cpufreq @@ -33,7 +33,7 @@ SCALING_GOVERNOR=ondemand # provides power savings on Intel processors while avoiding the ramp-up lag # present when using the powersave governor (which is the default if ondemand # is requested on these machines): -if [ "$(cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_driver)" = "intel_pstate" ]; then +if [ "$(cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_driver 2> /dev/null)" = "intel_pstate" ]; then SCALING_GOVERNOR="performance" fi @@ -42,6 +42,12 @@ if [ ! -z "$1" -a "$1" != "start" ]; then SCALING_GOVERNOR=$1 fi +# To force a particular option without having to edit this file, uncomment the +# line in /etc/default/cpufreq and edit it to select the desired option: +if [ -r /etc/default/cpufreq ]; then + . /etc/default/cpufreq +fi + # If you need to load a specific CPUFreq driver, load it here. Most likely you don't. #/sbin/modprobe acpi-cpufreq diff --git a/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild b/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild index 8876e329..1fa513f9 100755 --- a/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild +++ b/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild @@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=sysvinit-scripts VERSION=${VERSION:-2.1} ARCH=noarch -BUILD=${BUILD:-18} +BUILD=${BUILD:-19} # If the variable PRINT_PACKAGE_NAME is set, then this script will report what # the name of the created package would be, and then exit. This information @@ -52,6 +52,10 @@ cat $CWD/scripts/inittab > $PKG/etc/inittab.new chmod 644 $PKG/etc/inittab.new chown root:root $PKG/etc/inittab.new +# Install /etc/default/cpufreq.new: +mkdir -p $PKG/etc/default +cat $CWD/default/cpufreq > $PKG/etc/default/cpufreq.new + # Add a very handy tool for scanning new SCSI devices. Most useful for # finding new USB and Firewire storage devices which show up as SCSI. mkdir -p $PKG/sbin diff --git a/source/a/sysvinit/sysvinit.SlackBuild b/source/a/sysvinit/sysvinit.SlackBuild index b74de22a..92472cb4 100755 --- a/source/a/sysvinit/sysvinit.SlackBuild +++ b/source/a/sysvinit/sysvinit.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=sysvinit VERSION=${VERSION:-2.90} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -62,6 +62,13 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; +# sysvinit-2.90 added an undocumented feature that tries to spawn agetty if +# it sees console= in the kernel command line. Avoiding the debate about +# whether this code belongs in init at all, at least such a change # should +# be documented, and probably made opt-in. This patch disables the new behavior +# unless "sysvinit_agetty" is also seen in the kernel command line. +zcat $CWD/sysvinit.no.console.agetty.without.sysvinit_agetty.diff.gz | patch -p1 -E --verbose --backup --suffix=.orig || exit 1 + # Fix paths for /etc/forcefsck and /etc/fastboot: zcat $CWD/sysvinit.paths.diff.gz | patch -p1 -E --verbose --backup --suffix=.orig || exit 1 diff --git a/source/a/sysvinit/sysvinit.no.console.agetty.without.sysvinit_agetty.diff b/source/a/sysvinit/sysvinit.no.console.agetty.without.sysvinit_agetty.diff new file mode 100644 index 00000000..c81f542b --- /dev/null +++ b/source/a/sysvinit/sysvinit.no.console.agetty.without.sysvinit_agetty.diff @@ -0,0 +1,16 @@ +--- ./src/init.c.orig 2018-06-18 18:25:26.000000000 -0500 ++++ ./src/init.c 2018-08-28 23:45:05.134948889 -0500 +@@ -1337,6 +1337,13 @@ + return; + } + if (fgets(buf, sizeof(buf), fp)) { ++ /* OK, this is a weird undocumented feature. We'll look for "sysvinit_agetty" in the kernel */ ++ /* command line and if we don't see it, then we'll assume you didn't want this. */ ++ char* t = buf; ++ if (!(t = strstr(t, "sysvinit_agetty"))) { ++ fclose(fp); ++ return; ++ } + char* p = buf; + while ((p = strstr(p, "console="))) { + char* e; |