From a0b6c0252dfbb51e66b98e35a9bdd4e8c12bee05 Mon Sep 17 00:00:00 2001 From: Max Rees Date: Tue, 2 Jun 2020 19:39:15 -0500 Subject: system/ca-certificates: bump to 20200603 --- system/ca-certificates/APKBUILD | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'system') diff --git a/system/ca-certificates/APKBUILD b/system/ca-certificates/APKBUILD index 0785ec441..5e75d13d8 100644 --- a/system/ca-certificates/APKBUILD +++ b/system/ca-certificates/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: A. Wilcox pkgname=ca-certificates -pkgver=20190131 -pkgrel=1 +pkgver=20200603 +pkgrel=0 pkgdesc="CA root certificates" url="https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/" arch="all" @@ -13,12 +13,11 @@ makedepends_host="openssl-dev" subpackages="$pkgname-doc" triggers="ca-certificates.trigger=/usr/share/ca-certificates:/usr/local/share/ca-certificates:/etc/ssl/certs:/etc/ca-certificates/update.d" install="$pkgname.post-deinstall" -source="https://distfiles.adelielinux.org/source/$pkgname-$pkgver.tar.xz +source="https://dev.sick.bike/dist/$pkgname-$pkgver.tar.gz certhash " build() { - export CFLAGS="$CFLAGS -DSYMLINK_MAX=PATH_MAX" make } @@ -43,5 +42,5 @@ package() { install -D -m755 "$srcdir"/certhash "$pkgdir"/etc/ca-certificates/update.d/certhash } -sha512sums="aec43296636887a8ebefc08abe60c123b67002eb8cf450662b5ff8fcbd2ea10d3d24d17080b5924b13aed9a52b91ba55e93d306e27ed3196ca67cbbe30146328 ca-certificates-20190131.tar.xz +sha512sums="0125600481666979e0b736572aca7d0e3c4bf01169bc67638ef7bdd4fc97a0ebbb70798df7275eac92dfc2d03b16de3f0adc8ad382fc9e2fb4d8223c923b2eef ca-certificates-20200603.tar.gz 1efe48235f150052da6b872d2ebff174359825ab3bd66086c9d7f4c18dcd8aa8953c634dbf1aa8416d30d5623babf589660a25cf6e3a4cdcce707c14cc2f348a certhash" -- cgit v1.2.3-60-g2f50 From 5cab63a9be0a3664450115499f7467513a705e0e Mon Sep 17 00:00:00 2001 From: Max Rees Date: Wed, 10 Jun 2020 13:57:12 -0500 Subject: system/sudo: [CVE] bump to 1.9.0 (#277) --- system/sudo/APKBUILD | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) (limited to 'system') diff --git a/system/sudo/APKBUILD b/system/sudo/APKBUILD index 3bad54e5e..00acefd4f 100644 --- a/system/sudo/APKBUILD +++ b/system/sudo/APKBUILD @@ -3,13 +3,13 @@ # Contributor: Natanael Copa # Maintainer: Horst Burkhardt pkgname=sudo -pkgver=1.8.28 +pkgver=1.9.0 if [ "${pkgver%_*}" != "$pkgver" ]; then _realver=${pkgver%_*}${pkgver#*_} else _realver=$pkgver fi -pkgrel=1 +pkgrel=0 pkgdesc="Give certain users the ability to run some commands as root" url="https://www.sudo.ws/sudo/" arch="all" @@ -26,12 +26,22 @@ source="https://www.sudo.ws/dist/sudo-${_realver}.tar.gz SIGUNUSED.patch " builddir="$srcdir"/$pkgname-$_realver +somask="audit_json.so + group_file.so + libsudo_noexec.so + libsudo_util.so.0 + sample_approval.so + sudoers.so + system_group.so + " # secfixes: # 1.8.20_p2-r0: # - CVE-2017-1000368 -# 1.8.28: +# 1.8.28-r0: # - CVE-2019-14287 +# 1.9.0-r0: +# - CVE-2019-19232 build() { ./configure \ @@ -46,7 +56,10 @@ build() { --without-skey \ --with-passprompt="[sudo] Password for %p: " \ --with-insults=disabled \ - --with-all-insults + --with-all-insults \ + --enable-python=no \ + --disable-log-server \ + --disable-log-client # Workaround until SIGUNUSED.patch is not needed anymore rm lib/util/mksiglist.h lib/util/mksigname.h @@ -67,7 +80,7 @@ package() { rm -rf "$pkgdir"/var/run } -sha512sums="09e589cdfd18d7c43b0859a0e11c008b3cb995ae4f8c89c717c5242db9e5696361eb574ebe74a0b5316afffb3a8037f7a7f3c249176e8ed9caffeb4cd860ddc7 sudo-1.8.28.tar.gz +sha512sums="f2a191ea5fc65865718b110d4aca187cb5e2cd55c9c891fab32f21401e56f825f34c373e346c55c64fa49cec4d802efb63ccebf3d4a4e31d9a433077daf013b1 sudo-1.9.0.tar.gz f0f462f40502da2194310fe4a72ec1a16ba40f95a821ba9aa6aabaa423d28c4ab26b684afa7fb81c2407cf60de9327bdab01de51b878c5d4de49b0d62645f53c fix-cross-compile.patch dcc03abdd672c934f90dfd3683b3f81a8d39cfff91307d2dbd20a31a852022ab605d034c4fe11860ba99b78d391a9812fca1d6e052620b8ff2c42e4f0c7a1a62 musl-fix-headers.patch 2733c220ccbdaf61a32d8c72a5bc0209673733014f0d71b568f1523b71416e9d1754dd8c95bc6cd99aa7f935ed6e93c5f19b1a1dbb7dfc2daf9917fd37f96e78 SIGUNUSED.patch" -- cgit v1.2.3-60-g2f50