source: chapter06/zlib.xml@ 624e062

6.1 6.1.1
Last change on this file since 624e062 was 624e062, checked in by Archaic <archaic@…>, 19 years ago

Added security patch for zlib. (merged from trunk r6414)

git-svn-id: http://svn.linuxfromscratch.org/LFS/branches/6.1/BOOK@6416 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689
  • Property mode set to 100644
File size: 3.3 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN" "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
3 <!ENTITY % general-entities SYSTEM "../general.ent">
4 %general-entities;
5]>
6<sect1 id="ch-system-zlib" role="wrap">
7<title>Zlib-&zlib-version;</title>
8<?dbhtml filename="zlib.html"?>
9
10<indexterm zone="ch-system-zlib"><primary sortas="a-Zlib">Zlib</primary></indexterm>
11
12<sect2 role="package"><title/>
13<para>The Zlib package contains compression and decompression routines used by
14some programs.</para>
15
16<segmentedlist>
17<segtitle>&buildtime;</segtitle>
18<segtitle>&diskspace;</segtitle>
19<seglistitem><seg>0.1 SBU</seg><seg>2.7 MB</seg></seglistitem>
20</segmentedlist>
21
22<segmentedlist>
23<segtitle>&dependencies;</segtitle>
24<seglistitem><seg>Binutils, Coreutils, GCC, Glibc, Make, and Sed</seg></seglistitem>
25</segmentedlist>
26</sect2>
27
28<sect2 role="installation">
29<title>Installation of Zlib</title>
30
31<para>Zlib has a buffer overflow vulnerability that can lead to a Denial of
32Service attack. The following patch fixes the problem:</para>
33
34<screen><userinput>patch -Np1 -i ../zlib-&zlib-version;-security_fix-1.patch</userinput></screen>
35
36<note><para>Zlib is known to build its shared library incorrectly if
37<envar>CFLAGS</envar> is specified in the environment. If using a
38specified <envar>CFLAGS</envar>
39variable, be sure to add the <parameter>-fPIC</parameter> directive to
40the <envar>CFLAGS</envar> variable for the duration of the
41configure command below, then remove it afterwards.</para></note>
42
43<para>Prepare Zlib for compilation:</para>
44
45<screen><userinput>./configure --prefix=/usr --shared --libdir=/lib</userinput></screen>
46
47<para>Compile the package:</para>
48
49<screen><userinput>make</userinput></screen>
50
51<para>To test the results, issue:
52<userinput>make check</userinput>.</para>
53
54<para>Install the shared library:</para>
55
56<screen><userinput>make install</userinput></screen>
57
58<para>The previous command installed a <filename
59class="extension">.so</filename> file in <filename
60class="directory">/lib</filename>. We will remove it and relink it into
61<filename class="directory">/usr/lib</filename>:</para>
62
63<screen><userinput>rm /lib/libz.so
64ln -sf ../../lib/libz.so.&zlib-version; /usr/lib/libz.so</userinput></screen>
65
66<para>Build the static library:</para>
67
68<screen><userinput>make clean
69./configure --prefix=/usr
70make</userinput></screen>
71
72<para>To test the results again, issue:
73<userinput>make check</userinput>.</para>
74
75<para>Install the static library:</para>
76
77<screen><userinput>make install</userinput></screen>
78
79<para>Fix the permissions on the static library:</para>
80
81<screen><userinput>chmod 644 /usr/lib/libz.a</userinput></screen>
82
83</sect2>
84
85
86<sect2 id="contents-zlib" role="content"><title>Contents of Zlib</title>
87
88<segmentedlist>
89<segtitle>Installed libraries</segtitle>
90<seglistitem><seg>libz.[a,so]</seg></seglistitem>
91</segmentedlist>
92
93<variablelist><bridgehead renderas="sect3">Short Descriptions</bridgehead>
94<?dbfo list-presentation="list"?>
95<?dbhtml list-presentation="table"?>
96
97<varlistentry id="libz">
98<term><filename class="libraryfile">libz</filename></term>
99<listitem>
100<para>Contains compression and un-compression
101functions used by some programs</para>
102<indexterm zone="ch-system-zlib libz"><primary sortas="c-libz">libz</primary></indexterm>
103</listitem>
104</varlistentry>
105</variablelist>
106
107</sect2>
108
109</sect1>
110
Note: See TracBrowser for help on using the repository browser.