Merge branch '3.4' into 3.5
This commit is contained in:
commit
2955cf0919
@ -15,12 +15,12 @@ drwxr-xr-x root/root usr/etc/
|
||||
-rw-r--r-- root/root usr/etc/man_db.conf
|
||||
drwxr-xr-x root/root usr/lib/
|
||||
drwxr-xr-x root/root usr/lib/man-db/
|
||||
-rwxr-xr-x root/root usr/lib/man-db/libman-2.8.4.so
|
||||
-rwxr-xr-x root/root usr/lib/man-db/libman-2.8.5.so
|
||||
-rwxr-xr-x root/root usr/lib/man-db/libman.la
|
||||
lrwxrwxrwx root/root usr/lib/man-db/libman.so -> libman-2.8.4.so
|
||||
-rwxr-xr-x root/root usr/lib/man-db/libmandb-2.8.4.so
|
||||
lrwxrwxrwx root/root usr/lib/man-db/libman.so -> libman-2.8.5.so
|
||||
-rwxr-xr-x root/root usr/lib/man-db/libmandb-2.8.5.so
|
||||
-rwxr-xr-x root/root usr/lib/man-db/libmandb.la
|
||||
lrwxrwxrwx root/root usr/lib/man-db/libmandb.so -> libmandb-2.8.4.so
|
||||
lrwxrwxrwx root/root usr/lib/man-db/libmandb.so -> libmandb-2.8.5.so
|
||||
drwxr-xr-x root/root usr/lib/man-db/man-db/
|
||||
-rwxr-xr-x root/root usr/lib/man-db/man-db/globbing
|
||||
-rwxr-xr-x root/root usr/lib/man-db/man-db/manconv
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
untrusted comment: verify with /etc/ports/core.pub
|
||||
RWRJc1FUaeVeqgFptuCXwmo9Umuz3U/qKn6PsTIOa8ZOUiHztmx+U+eyYCAa3s25Hu8N1ZEn1Ikfq7HQS92f6IAhcFMPLohasAs=
|
||||
SHA256 (Pkgfile) = c4fef7284394e71055849f4d080cd03316cb6bc5fdb0b4c0951fe907bdeb4d9b
|
||||
SHA256 (.footprint) = bc7c52421b175a46410414e0e04c8cdcc39749087ea4f55f2466dbf45a025bb8
|
||||
SHA256 (man-db-2.8.4.tar.xz) = 103c185f9d8269b9ee3b8a4cb27912b3aa393e952731ef96fedc880723472bc3
|
||||
RWRJc1FUaeVeqmQfJ6w3im1zIqBTLYogjG9NkL5gnt4PNcgdrCUyM/buXYx3kTRluBghhfsn535dUEskcr6fYm1sZekKbYSBhAI=
|
||||
SHA256 (Pkgfile) = d190f684905ec36b818a1f7cc1ae20d2654bddc8361442c20803c4f9d49cc793
|
||||
SHA256 (.footprint) = c70dfe30ac223b4b3c06f53a8937986dea9302a969fb3ef878683a8eb4fe00cb
|
||||
SHA256 (man-db-2.8.5.tar.xz) = b64d52747534f1fe873b2876eb7f01319985309d5d7da319d2bc52ba1e73f6c1
|
||||
SHA256 (mandb.cron) = f2e9f1210bf6b7c3335cc6f3a9551651812428109ea8c4adc9cd5cf73461e0f1
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
# Depends on: zlib gdbm libpipeline
|
||||
|
||||
name=man-db
|
||||
version=2.8.4
|
||||
version=2.8.5
|
||||
release=1
|
||||
source=(http://download.savannah.gnu.org/releases/$name/$name-$version.tar.xz \
|
||||
mandb.cron)
|
||||
@ -16,13 +16,14 @@ build() {
|
||||
--libexecdir=/usr/lib/$name \
|
||||
--disable-setuid \
|
||||
--disable-cache-owner \
|
||||
--disable-nls
|
||||
--disable-nls \
|
||||
--with-systemdtmpfilesdir=no \
|
||||
--with-systemdsystemunitdir=no
|
||||
|
||||
make
|
||||
make DESTDIR=$PKG install
|
||||
|
||||
rm -r $PKG/usr/share/doc
|
||||
rm -r $PKG/usr/lib/tmpfiles.d
|
||||
|
||||
install -d $PKG/var/cache/man
|
||||
install -D -o root -g root -m 0755 $SRC/mandb.cron $PKG/etc/cron/daily/mandb
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
untrusted comment: verify with /etc/ports/core.pub
|
||||
RWRJc1FUaeVeqlxPY59pFAHClPfNubJjgHi9wwUh9toEBa8B/aMKA8MrHVVXX5MxMifd+ffv3sgnRChpvhDO7RpkbRN1sI1QZAY=
|
||||
SHA256 (Pkgfile) = bb8f91b138b7049c854009701d6b8a7052c2e3b6cc10fb120858f70550cf7be8
|
||||
RWRJc1FUaeVeqh/5l9mXUVHkgalsQ5Cwa+YDc8w3lOCkjVbtP23XeCFrVEqpARDrlYWRfYlCt93PAg31KIVzAaImIHnpfYVoQwQ=
|
||||
SHA256 (Pkgfile) = 7dabfc94184cee52c6dacf3138b06dac42fbcdf176abb26e261989bdbe35cdd7
|
||||
SHA256 (.footprint) = 49ebea9770f893cbe403018d12a23303ae4652d2af3f1128b25c23df27282324
|
||||
SHA256 (openssh-7.9p1.tar.gz) = 6b4b3ba2253d84ed3771c8050728d597c91cfce898713beb7b64a305b6f11aad
|
||||
SHA256 (sshd) = 59cb8cff9890e9f5c617c5bd4e5a15e5e4bcc4bf35eb73a80322825db60bbfd4
|
||||
SHA256 (CVE-2018-20685.patch) = 310347b0173cd97c996a63f703040be07d87ea1a5f4cbe81a3cbdf409b36f7e2
|
||||
|
||||
33
openssh/CVE-2018-20685.patch
Normal file
33
openssh/CVE-2018-20685.patch
Normal file
@ -0,0 +1,33 @@
|
||||
From 6010c0303a422a9c5fa8860c061bf7105eb7f8b2 Mon Sep 17 00:00:00 2001
|
||||
From: "djm@openbsd.org" <djm@openbsd.org>
|
||||
Date: Fri, 16 Nov 2018 03:03:10 +0000
|
||||
Subject: [PATCH] upstream: disallow empty incoming filename or ones that refer
|
||||
to the
|
||||
|
||||
current directory; based on report/patch from Harry Sintonen
|
||||
|
||||
OpenBSD-Commit-ID: f27651b30eaee2df49540ab68d030865c04f6de9
|
||||
---
|
||||
scp.c | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/scp.c b/scp.c
|
||||
index 60682c687..4f3fdcd3d 100644
|
||||
--- a/scp.c
|
||||
+++ b/scp.c
|
||||
@@ -1,4 +1,4 @@
|
||||
-/* $OpenBSD: scp.c,v 1.197 2018/06/01 04:31:48 dtucker Exp $ */
|
||||
+/* $OpenBSD: scp.c,v 1.198 2018/11/16 03:03:10 djm Exp $ */
|
||||
/*
|
||||
* scp - secure remote copy. This is basically patched BSD rcp which
|
||||
* uses ssh to do the data transfer (instead of using rcmd).
|
||||
@@ -1106,7 +1106,8 @@ sink(int argc, char **argv)
|
||||
SCREWUP("size out of range");
|
||||
size = (off_t)ull;
|
||||
|
||||
- if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) {
|
||||
+ if (*cp == '\0' || strchr(cp, '/') != NULL ||
|
||||
+ strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) {
|
||||
run_err("error: unexpected filename: %s", cp);
|
||||
exit(1);
|
||||
}
|
||||
@ -5,11 +5,15 @@
|
||||
|
||||
name=openssh
|
||||
version=7.9p1
|
||||
release=1
|
||||
source=(http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$name-$version.tar.gz sshd)
|
||||
release=2
|
||||
source=(http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$name-$version.tar.gz
|
||||
sshd CVE-2018-20685.patch)
|
||||
|
||||
build() {
|
||||
cd $name-$version
|
||||
|
||||
patch -p1 -i $SRC/CVE-2018-20685.patch
|
||||
|
||||
./configure --prefix=/usr \
|
||||
--libexecdir=/usr/lib/ssh \
|
||||
--sysconfdir=/etc/ssh \
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
untrusted comment: verify with /etc/ports/core.pub
|
||||
RWRJc1FUaeVeqqRkjwhRmcErQ+tdhYvX5hmzag/M0W8AHBvQAlQgzYYMoggRhtEU6fkG3XBnhswnEXIh09T0TbqHApSiVqQwbgg=
|
||||
SHA256 (Pkgfile) = 1cf7ab2a262d583daaa58b5d268c051e5face0c9f05d3a939d8e1883aec63c21
|
||||
RWRJc1FUaeVeqhN0XVne6DMHScg1csCJgnY7kRYVL+QyRAlRng6A6aYd9QdwqIz6VNMYZvagzQ9NL4r0KqYifWeDcZ3f09UoSgE=
|
||||
SHA256 (Pkgfile) = a9f31c7c73529f9b6cf4e692db679c484ebf061db8976687c7f2a4f4ef07b493
|
||||
SHA256 (.footprint) = d7fecfbf06f8d91c409a6d87301fb2c91ef0f8278f30a8fe9a28b0172088ac74
|
||||
SHA256 (sudo-1.8.26.tar.gz) = 40da219a6f0341ccb22d04a98988e27f09b831d2561b14c6154067a49ef3fee2
|
||||
SHA256 (sudo-1.8.27.tar.gz) = 7beb68b94471ef56d8a1036dbcdc09a7b58a949a68ffce48b83f837dd33e2ec0
|
||||
|
||||
@ -4,9 +4,9 @@
|
||||
# Depends on: zlib
|
||||
|
||||
name=sudo
|
||||
version=1.8.26
|
||||
version=1.8.27
|
||||
release=1
|
||||
source=(http://www.sudo.ws/$name/dist/$name-$version.tar.gz)
|
||||
source=(https://www.sudo.ws/$name/dist/$name-$version.tar.gz)
|
||||
|
||||
build() {
|
||||
cd $name-$version
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
untrusted comment: verify with /etc/ports/core.pub
|
||||
RWRJc1FUaeVeqm0i1zp8bQkPf4BxvRSBloky4u4weTJpNXImwFfd+oDXSbq1J7Avh1GjnIodlays+SLF2LZZKp/FRRBja2GWTgo=
|
||||
SHA256 (Pkgfile) = b4da25ff17a5a03db55a5dfbfafb752c469c99aa846f0db05a5e9b11a1700a7f
|
||||
RWRJc1FUaeVeqoRyBwY8fQUEhcWpdK+245ogdTVJyTb8esuZAnGF5JrE8BoHmEm1ST1GTTtmwdquMECCdrC2BpTT7TTuxHczDws=
|
||||
SHA256 (Pkgfile) = 3c3505808c962a95c1262e99785901c48910711f90b3898a63cccc5c67081245
|
||||
SHA256 (.footprint) = f1363868c22dbe5d324e905fd476e4bb5dc11065cdeca2d8cc07532375c5a35e
|
||||
SHA256 (util-linux-2.33.tar.xz) = f261b9d73c35bfeeea04d26941ac47ee1df937bd3b0583e748217c1ea423658a
|
||||
SHA256 (util-linux-2.33.1.tar.xz) = c14bd9f3b6e1792b90db87696e87ec643f9d63efa0a424f092a5a6b2f2dbef21
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
# Depends on: eudev ncurses zlib
|
||||
|
||||
name=util-linux
|
||||
version=2.33
|
||||
version=2.33.1
|
||||
release=1
|
||||
source=(https://www.kernel.org/pub/linux/utils/$name/v${version:0:4}/$name-$version.tar.xz)
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user