diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2019-02-06 00:29:25 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2019-02-06 08:59:42 +0100 |
commit | 05538a2b6dae06b52a4533f94999286b4c89a916 (patch) | |
tree | 3d459fe6cf48cbda01f31597eaf1ccd8a8ca4678 /source/ap/linuxdoc-tools/postbuildfixes.sh | |
parent | d2c74e4a2e54d27d10eded3c422abf233dafdab8 (diff) | |
download | current-05538a2b6dae06b52a4533f94999286b4c89a916.tar.gz |
Wed Feb 6 00:29:25 UTC 201920190206002925
ap/linuxdoc-tools-0.9.73-x86_64-1.txz: Upgraded.
Upgraded to gtk-doc-1.29.
Upgraded to asciidoc-8.6.10.
Upgraded to perl-XML-SAX-1.00.
Thanks to Stuart Winter.
d/meson-0.49.2-x86_64-1.txz: Upgraded.
d/python-setuptools-40.8.0-x86_64-1.txz: Upgraded.
d/slacktrack-2.19-x86_64-1.txz: Upgraded.
Thanks to Stuart Winter.
l/imagemagick-6.9.10_26-x86_64-1.txz: Upgraded.
n/dovecot-2.3.4.1-x86_64-1.txz: Upgraded.
This update addresses security issues:
CVE-2019-3814: If imap/pop3/managesieve/submission client has trusted
certificate with missing username field (ssl_cert_username_field), under
some configurations Dovecot mistakenly trusts the username provided via
authentication instead of failing.
ssl_cert_username_field setting was ignored with external SMTP AUTH,
because none of the MTAs (Postfix, Exim) currently send the cert_username
field. This may have allowed users with trusted certificate to specify any
username in the authentication. This bug didn't affect Dovecot's
Submission service.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3814
(* Security fix *)
Diffstat (limited to 'source/ap/linuxdoc-tools/postbuildfixes.sh')
-rwxr-xr-x | source/ap/linuxdoc-tools/postbuildfixes.sh | 20 |
1 files changed, 3 insertions, 17 deletions
diff --git a/source/ap/linuxdoc-tools/postbuildfixes.sh b/source/ap/linuxdoc-tools/postbuildfixes.sh index c7cb2878..9382245c 100755 --- a/source/ap/linuxdoc-tools/postbuildfixes.sh +++ b/source/ap/linuxdoc-tools/postbuildfixes.sh @@ -22,18 +22,6 @@ # Enter the package's contents: cd $SLACKTRACKFAKEROOT || exit 1 -# Remove .la files: -echo "Deleting .la files..." -find . -type f -name '*.la' -print | while read lafile ; do - # Remove it from the build box itself to prevent other packages potentially referencing it. - # This wouldn't be a problem if you removepkg linuxdoc-tools (the version created by slacktrack - # that contains everything prior to _this_ post build script running) before building any other - # packages; but in case you don't, let's remove it from the OS file system: - rm "/${lafile}" - # Remove it from the distributable package t?z file: - rm -fv "${lafile}" -done - # OpenSP creates this symlink; we delete it. if [ -L usr/share/doc ]; then rm -f usr/share/doc @@ -43,11 +31,7 @@ fi rm -rf etc/cups etc/printcap # crond & mail (just incase you got a delivery!) rm -rf var/spool/{cron,mail} -rmdir var/spool - -# perllocal.pod files don't belong in packages. -# SGMLSPL creates this: -find . -name perllocal.pod -print0 | xargs -0 rm -f +rmdir var/spool 2>/dev/null # Some doc dirs have attracted setuid. # We don't need setuid for anything in this package: @@ -77,6 +61,8 @@ find usr/doc -xtype l -print0 | xargs -0 rm -fv # Never mind: I think this stuff is surplus to requirements: rm -rf var/lib/texmf # Now to prevent deletion of anything else that lives in the package's '/var' +echo "Errors from 'rmdir' below are harmless and are expected, but should be reviewed" +echo "in case there are any files that have crept in there." rmdir var/lib rmdir var |