summaryrefslogtreecommitdiff
path: root/source/l
diff options
context:
space:
mode:
authorPatrick J Volkerding <volkerdi@slackware.com>2019-02-13 00:22:29 +0000
committerEric Hameleers <alien@slackware.com>2019-02-13 08:59:45 +0100
commit73d387f5699866c6d340e729855cccab9c82c602 (patch)
treedf5a20013c88ffa12ccb0015de2aaf4a13cad89a /source/l
parentf5a2fd8812fe66114bc7581c08a922acca70b0fa (diff)
downloadcurrent-73d387f5699866c6d340e729855cccab9c82c602.tar.gz
Wed Feb 13 00:22:29 UTC 201920190213002229
a/kernel-firmware-20190212_28f5f7d-noarch-1.txz: Upgraded. a/kernel-generic-4.19.21-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.21-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.21-x86_64-1.txz: Upgraded. ap/lxc-2.0.9_d3a03247-x86_64-1.txz: Upgraded. This update fixes a security issue where a malicious privileged container could overwrite the host binary and thus gain root-level code execution on the host. As the LXC project considers privileged containers to be unsafe no CVE has been assigned for this issue for LXC. To prevent this attack, LXC has been patched to create a temporary copy of the calling binary itself when it starts or attaches to containers. To do this LXC creates an anonymous, in-memory file using the memfd_create() system call and copies itself into the temporary in-memory file, which is then sealed to prevent further modifications. LXC then executes this sealed, in-memory file instead of the original on-disk binary. For more information, see: https://seclists.org/oss-sec/2019/q1/119 (* Security fix *) d/kernel-headers-4.19.21-x86-1.txz: Upgraded. k/kernel-source-4.19.21-noarch-1.txz: Upgraded. l/libbluray-1.1.0-x86_64-1.txz: Upgraded. l/libcap-2.26-x86_64-2.txz: Rebuilt. Don't ship static library. l/xapian-core-1.4.10-x86_64-1.txz: Upgraded. n/gnupg2-2.2.13-x86_64-1.txz: Upgraded. n/irssi-1.2.0-x86_64-1.txz: Upgraded. n/libassuan-2.5.3-x86_64-1.txz: Upgraded. x/bitmap-1.0.9-x86_64-1.txz: Upgraded. x/libXau-1.0.9-x86_64-1.txz: Upgraded. x/pixman-0.38.0-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to 'source/l')
-rwxr-xr-xsource/l/libcap/libcap.SlackBuild5
1 files changed, 4 insertions, 1 deletions
diff --git a/source/l/libcap/libcap.SlackBuild b/source/l/libcap/libcap.SlackBuild
index aef4d989..c70daa54 100755
--- a/source/l/libcap/libcap.SlackBuild
+++ b/source/l/libcap/libcap.SlackBuild
@@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=libcap
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | cut -d - -f 2 | rev | cut -f 3- -d . | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
@@ -93,6 +93,9 @@ make DYNAMIC=yes $NUMJOBS || make DYNAMIC=yes || exit 1
make install RAISE_SETFCAP=no DESTDIR=$PKG man_prefix=/usr || exit 1
chmod 755 $PKG/lib${LIBDIRSUFFIX}/libcap.so*
+# Don't ship static library:
+rm -f $PKG/lib*/libcap.a
+
find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
| cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null