Changeset 4483a9a

Timestamp:

03/03/2022 07:15:04 PM (2 years ago)

Author:

Douglas R. Reno <renodr@…>

Branches:

11.2, 11.3, 12.0, 12.1, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, lazarus, lxqt, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, trunk, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/xf86-video-removal

Children:

6148e28, 8394677a

Parents:

1ec7ed5

Message:

Package updates and a security fix

Fix CVE-2021-4115 in Polkit
Update to cyrus-sasl-2.1.28 (Security Update)
Update to flac-1.3.4 (Security Update)
Update to seamonkey-2.53.11 (Security Update)

Files:

• introduction/welcome/changelog.xml (modified) (1 diff)
• multimedia/libdriv/flac.xml (modified) (5 diffs)
• packages.ent (modified) (3 diffs)
• postlfs/security/cyrus-sasl.xml (modified) (7 diffs)
• postlfs/security/polkit.xml (modified) (3 diffs)
• xsoft/graphweb/seamonkey.xml (modified) (2 diffs)

introduction/welcome/changelog.xml

@@ -45 +45 @@
       <para>March 3rd, 2022</para>
       <itemizedlist>
+        <listitem>
+          <para>[renodr] - Update to seamonkey-2.53.11 (Security Update). Fixes
+          <ulink url="&blfs-ticket-root;16185">#16185</ulink>.</para>
+        </listitem>
+        <listitem>
+          <para>[renodr] - Update to flac-1.3.4 (Security Update). Fixes
+          <ulink url="&blfs-ticket-root;16148">#16148</ulink>.</para>
+        </listitem>
+        <listitem>
+          <para>[renodr] - Update to cyrus-sasl-2.1.28 (Security Update). Fixes
+          <ulink url="&blfs-ticket-root;16160">#16160</ulink>.</para>
+        </listitem>
+        <listitem>
+          <para>[renodr] - Fix CVE-2021-4115 in Polkit. Fixes
+          <ulink url="&blfs-ticket-root;16151">#16151</ulink>.</para>
+        </listitem>
         <listitem>
           <para>[bdubbs] - Update to icewm-2.9.6. Fixes

multimedia/libdriv/flac.xml

@@ -7 +7 @@
   <!ENTITY flac-download-http "https://downloads.xiph.org/releases/flac/flac-&flac-version;.tar.xz">
   <!ENTITY flac-download-ftp  " ">
-  <!ENTITY flac-md5sum        "26703ed2858c1fc9ffc05136d13daa69">
+  <!ENTITY flac-md5sum        "bfdb2dd854d334b55a3309e3cd659f2c">
   <!ENTITY flac-size          "1.0 MB">
-  <!ENTITY flac-buildsize     "21 MB (additional 95 MB to run the test suite)">
-  <!ENTITY flac-time          "0.1 SBU (additional 0.7 SBU to run the test suite)">
+  <!ENTITY flac-buildsize     "30 MB (additional 95 MB to run the test suite)">
+  <!ENTITY flac-time          "0.2 SBU (additional 0.6 SBU to run the test suite)">
 ]>
 
@@ -71 +71 @@
     </itemizedlist>
 
+    <!--
     <bridgehead renderas="sect3">Additional Downloads</bridgehead>
 
@@ -81 +82 @@
       </listitem>
     </itemizedlist>
+    -->
 
     <bridgehead renderas="sect3">FLAC Dependencies</bridgehead>
@@ -87 +89 @@
     <para role="optional">
       <xref linkend="libogg"/>,
-      <!-- <xref linkend="xmms"/>, -->
       <xref linkend="nasm"/>,
       <xref linkend="docbook-utils"/>,
-      <xref linkend="doxygen"/> and
-      <xref linkend="valgrind"/>
+      <xref linkend="doxygen"/>,
+      <xref linkend="valgrind"/>, and
+      <ulink url="https://xmms.org">xmms</ulink>
     </para>
 
@@ -107 +109 @@
     </para>
 
-<screen><userinput>patch -Np1 -i ../flac-&flac-version;-security_fixes-1.patch      &amp;&amp;
-./configure --prefix=/usr                                \
+<screen><userinput>./configure --prefix=/usr                                \
             --disable-thorough-tests                     \
             --docdir=/usr/share/doc/flac-&flac-version;          &amp;&amp;

packages.ent

@@ -8 +8 @@
 <!ENTITY cryptsetup-minor             "2.4">
 <!ENTITY cryptsetup-version           "&cryptsetup-minor;.3">
-<!ENTITY cyrus-sasl-version           "2.1.27">
+<!ENTITY cyrus-sasl-version           "2.1.28">
 <!ENTITY gnupg2-version               "2.2.34">
 <!ENTITY firewalld-version            "0.8.1">
@@ -946 +946 @@
 <!ENTITY flashplayer-version          "27.0.0.187">
 <!ENTITY qupzilla-version             "2.2.6">
-<!ENTITY seamonkey-version            "2.53.10.2">
+<!ENTITY seamonkey-version            "2.53.11">
 
 <!-- Chapter 41 -->
@@ -991 +991 @@
 <!ENTITY faad2-version                "2_10_0">
 <!ENTITY fdk-aac-version              "2.0.2">
-<!ENTITY flac-version                 "1.3.3">
+<!ENTITY flac-version                 "1.3.4">
 <!ENTITY frei0r-version               "1.7.0">
 <!ENTITY gavl-version                 "1.4.0">

postlfs/security/cyrus-sasl.xml

@@ -7 +7 @@
   <!ENTITY cyrus-sasl-download-http "https://github.com/cyrusimap/cyrus-sasl/releases/download/cyrus-sasl-&cyrus-sasl-version;/cyrus-sasl-&cyrus-sasl-version;.tar.gz">
   <!ENTITY cyrus-sasl-download-ftp  " ">
-  <!ENTITY cyrus-sasl-md5sum        "a33820c66e0622222c5aefafa1581083">
+  <!ENTITY cyrus-sasl-md5sum        "6f228a692516f5318a64505b46966cfa">
   <!ENTITY cyrus-sasl-size          "3.9 MB">
-  <!ENTITY cyrus-sasl-buildsize     "26 MB">
-  <!ENTITY cyrus-sasl-time          "0.1 SBU">
+  <!ENTITY cyrus-sasl-buildsize     "28 MB">
+  <!ENTITY cyrus-sasl-time          "0.2 SBU">
 ]>
 
@@ -31 +31 @@
     <para>
       The <application>Cyrus SASL</application> package contains a Simple
-      Authentication and Security Layer, a method for adding authentication
-      support to connection-based protocols. To use SASL, a protocol includes
-      a command for identifying and authenticating a user to a server and for
-      optionally negotiating protection of subsequent protocol interactions.
-      If its use is negotiated, a security layer is inserted between the
-      protocol and the connection.
+      Authentication and Security Layer implementation, a method for adding
+      authentication support to connection-based protocols. To use SASL, a
+      protocol includes a command for identifying and authenticating a user to
+      a server and for optionally negotiating protection of subsequent protocol
+      interactions. If its use is negotiated, a security layer is inserted
+      between the protocol and the connection.
     </para>
 
@@ -78 +78 @@
     </itemizedlist>
 
+    <!-- Not needed anymore
     <bridgehead renderas="sect3">Additional Downloads</bridgehead>
     <itemizedlist spacing="compact">
@@ -86 +87 @@
         </para>
       </listitem>
-      <!--<listitem>
+      <!- -<listitem>
         <para>
           Required patch:
           <ulink url="&patch-root;/cyrus-sasl-&cyrus-sasl-version;-openssl-1.1.0-1.patch"/>
        </para>
-    </listitem>-->
+    </listitem>- ->
     </itemizedlist>
+    -->
 
     <bridgehead renderas="sect3">Cyrus SASL Dependencies</bridgehead>
@@ -133 +135 @@
          on the system causes an FTBFS when man pages are generated. The Sphinx
          and Docutils API has changed significantly between Sphinx-{1,2} and
-         Sphinx-3.0. -->
+         Sphinx-3.0.
 
     <para>
@@ -141 +143 @@
 
 <screen><userinput remap="pre">patch -Np1 -i ../cyrus-sasl-2.1.27-doc_fixes-1.patch</userinput></screen>
+    -->
 
     <para>
@@ -211 +214 @@
     <para>
       <option>--enable-ldapdb</option>: This switch enables the
-      LDAPDB authentication backend. There is a circular dependency with this
+      LDAPDB authentication backend. <!--There is a circular dependency with this
       parameter. See <ulink url="&blfs-wiki;/cyrus-sasl"/> for a solution to
-      this problem.
+      this problem.-->
     </para>
 

postlfs/security/polkit.xml

@@ -76 +76 @@
         <para>
           Required patch:
-          <ulink url="&patch-root;/polkit-&polkit-version;-security_fix-1.patch"/>
+          <ulink url="&patch-root;/polkit-&polkit-version;-security_fixes-1.patch"/>
         </para>
       </listitem>
@@ -182 +182 @@
         -g polkitd -s /bin/false polkitd</userinput></screen>
 
-<!-- All of this is irrelevant with meson
-    <note revision="systemd">
-      <para>
-        When building <application>Polkit</application> with
-        <application>systemd</application> logind support, the
-        <command>configure</command> script explicitly checks if
-        system is booted using <application>systemd</application>.
-        This can cause problems if building the package in chroot,
-        where the <command>configure</command> would fail to
-        detect <application>systemd</application>. To workaround
-        the problem, simply run the following command:
-      </para>
-
-<screen><userinput>sed -i "s:/sys/fs/cgroup/systemd/:/sys:g" configure</userinput></screen>
-    </note>
-
-    <para revision="sysv">
-      Fix an issue introduced in recent <application>Polkit</application>
-      releases with elogind:
-    </para>
-
-<screen revision="sysv"><userinput>patch -Np1 -i ../polkit-&polkit-version;-fix_elogind_detection-1.patch &amp;&amp;
-autoreconf -fv</userinput></screen>
--->
-
     <para>
       First, fix problems with setting permissions during installation and with
@@ -217 +192 @@
 
     <para>
-      Apply a patch to fix a security issue:
-    </para>
-
-<screen><userinput remap="pre">patch -Np1 -i ../polkit-&polkit-version;-security_fix-1.patch</userinput></screen>
+      Apply a patch to fix two security issues:
+    </para>
+
+<screen><userinput remap="pre">patch -Np1 -i ../polkit-&polkit-version;-security_fixes-1.patch</userinput></screen>
 
     <para>

xsoft/graphweb/seamonkey.xml

@@ -7 +7 @@
   <!ENTITY seamonkey-download-http "&mozilla-http;/seamonkey/releases/&seamonkey-version;/source/seamonkey-&seamonkey-version;.source.tar.xz">
   <!ENTITY seamonkey-download-ftp  " ">
-  <!ENTITY seamonkey-md5sum        "b598e21300efebbb1e5d1742aa57780a">
-  <!ENTITY seamonkey-size          "271 MB">
-  <!ENTITY seamonkey-buildsize     "6.0 GB (161 MB installed)">
-  <!ENTITY seamonkey-time          "19 SBU (with parallelism=4)">
+  <!ENTITY seamonkey-md5sum        "afe1b9d56699e159dd57236d3cc56b36">
+  <!ENTITY seamonkey-size          "274 MB">
+  <!ENTITY seamonkey-buildsize     "6.1 GB (161 MB installed)">
+  <!ENTITY seamonkey-time          "17 SBU (with parallelism=4)">
 ]>
 
@@ -422 +422 @@
           Numerous libraries, browser, and email/newsgroup components, plugins,
           extensions, and helper modules installed in
-          <filename class="directory">/usr/lib/seamonkey-&seamonkey-version;</filename>
+          <filename class="directory">/usr/lib/seamonkey</filename>
         </seg>
         <seg>