Changeset dc39c7b
- Timestamp:
- 09/14/2023 10:30:17 PM (8 months ago)
- Branches:
- multilib
- Children:
- ecf738a
- Parents:
- ea6fdf5 (diff), ba40e32 (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the(diff)
links above to see all the changes relative to each parent. - Files:
-
- 7 edited
Legend:
- Unmodified
- Added
- Removed
-
chapter01/changelog.xml
rea6fdf5 rdc39c7b 40 40 appropriate for the entry or if needed the entire day's listitem. 41 41 --> 42 43 <listitem> 44 <para>2023-09-13</para> 45 <itemizedlist> 46 <listitem> 47 <para>[xry111] - Fix CVE-2023-4806 for Glibc-2.38. Fixes 48 <ulink url='&lfs-ticket-root;5347'>#5347</ulink>.</para> 49 </listitem> 50 </itemizedlist> 51 </listitem> 52 53 <listitem> 54 <para>2023-09-12</para> 55 <itemizedlist> 56 <listitem> 57 <para>[xry111] - Fix CVE-2023-4527 for Glibc-2.38. Fixes 58 <ulink url='&lfs-ticket-root;5346'>#5346</ulink>.</para> 59 </listitem> 60 </itemizedlist> 61 </listitem> 42 62 43 63 <listitem> -
chapter01/whatsnew.xml
rea6fdf5 rdc39c7b 288 288 <listitem><para></para></listitem> <!-- satisfy build --> 289 289 290 <!--<listitem> 291 <para>&grub-upstream-fixes-patch;</para> 292 </listitem>--> 293 294 <!--<listitem> 295 <para>&readline-fixes-patch;</para> 296 </listitem>--> 297 298 <!--<listitem revision="systemd"> 299 <para>&systemd-upstream-patch;</para> 300 </listitem>--> 290 <listitem> 291 <para>&glibc-upstream-fixes-patch;</para> 292 </listitem> 293 301 294 </itemizedlist> 302 295 … … 304 297 <title>Removed:</title> 305 298 <listitem><para></para></listitem> <!-- satisfy build --> 306 <!-- 307 <listitem revision='sysv'> 308 <para>eudev-3.2.12</para> 309 </listitem> 310 311 <listitem> 312 <para>Pkg-config-0.29.2</para> 313 </listitem> 314 315 <listitem revision='systemd'> 316 <para>systemd-252-security_fix-1.patch</para> 317 </listitem> 318 --> 299 300 <listitem> 301 <para>glibc-2.38-memalign_fix-1.patch</para> 302 </listitem> 303 319 304 </itemizedlist> 320 305 -
chapter03/patches.xml
rea6fdf5 rdc39c7b 79 79 --> 80 80 <varlistentry> 81 <term>Glibc Memalign Patch - <token>&glibc-memalign-patch-size;</token>:</term>81 <term>Glibc Upstream Fixes Patch - <token>&glibc-upstream-fixes-patch-size;</token>:</term> 82 82 <listitem> 83 <para>Download: <ulink url="&patches-root;&glibc- memalign-patch;"/></para>84 <para>MD5 sum: <literal>&glibc- memalign-patch-md5;</literal></para>83 <para>Download: <ulink url="&patches-root;&glibc-upstream-fixes-patch;"/></para> 84 <para>MD5 sum: <literal>&glibc-upstream-fixes-patch-md5;</literal></para> 85 85 </listitem> 86 86 </varlistentry> -
chapter08/glibc.xml
rea6fdf5 rdc39c7b 51 51 <screen><userinput remap="pre">patch -Np1 -i ../&glibc-fhs-patch;</userinput></screen> 52 52 53 <para>Now fix a regression causing the posix_memalign() function 54 to be very slow in some conditions:</para> 55 56 <screen><userinput remap="pre">patch -Np1 -i ../&glibc-memalign-patch;</userinput></screen> 57 58 <!-- CVE-2023-4527 59 https://sourceware.org/bugzilla/show_bug.cgi?id=30842 60 https://sourceware.org/ml/libc-alpha/2023-September/151522.html --> 61 <para>Then fix a security vulnerability exploitable when the 62 <option>no-aaaa</option> option is used in 63 <filename>/etc/resolv.conf</filename>:</para> 64 65 <screen><userinput remap="pre">sed \ 66 -E "/__res_context_search/\ 67 {N;N;s/(search \(([^,]*,){6}[^,]*)NULL/\1\&alt_dns_packet_buffer/}" \ 68 -i resolv/nss_dns/dns-host.c</userinput></screen> 53 <para>Now fix two security vulnerabilities and a regression causing the 54 posix_memalign() function very slow in some conditions:</para> 55 56 <screen><userinput remap="pre">patch -Np1 -i ../&glibc-upstream-fixes-patch;</userinput></screen> 69 57 70 58 <para>The Glibc documentation recommends building Glibc … … 340 328 following:</para> 341 329 342 <screen ><userinput>cat > /etc/nsswitch.conf << "EOF"330 <screen revision='sysv'><userinput>cat > /etc/nsswitch.conf << "EOF" 343 331 <literal># Begin /etc/nsswitch.conf 344 332 … … 348 336 349 337 hosts: files dns 338 networks: files 339 340 protocols: files 341 services: files 342 ethers: files 343 rpc: files 344 345 # End /etc/nsswitch.conf</literal> 346 EOF</userinput></screen> 347 348 <screen revision='systemd'><userinput>cat > /etc/nsswitch.conf << "EOF" 349 <literal># Begin /etc/nsswitch.conf 350 351 passwd: files systemd 352 group: files systemd 353 shadow: files systemd 354 355 hosts: mymachines resolve [!UNAVAIL=return] files myhostname dns 350 356 networks: files 351 357 -
chapter09/network.xml
rea6fdf5 rdc39c7b 179 179 </indexterm> 180 180 181 <para>Decide on the IP address, fully-qualified domain name (FQDN), and 182 possible aliases for use in the <filename>/etc/hosts</filename> file. The 183 syntax is:</para> 181 <para>Decide on a fully-qualified domain name (FQDN), and possible aliases 182 for use in the <filename>/etc/hosts</filename> file. If using static IP 183 addresses, you'll also need to decide on an IP address. The syntax 184 for a hosts file entry is:</para> 184 185 185 186 <screen><literal>IP_address myhost.example.org aliases</literal></screen> … … 198 199 range 0-255.</para> 199 200 200 <para>A valid private IP address could be 192.168.1.1. A valid FQDN for 201 this IP could be lfs.example.org.</para> 202 203 <para>Even if not using a network card, a valid FQDN is still required. 204 This is necessary for certain programs to operate correctly.</para> 201 <para>A valid private IP address could be 192.168.1.1.</para> 202 203 <para>If the computer is to be visible to the Internet, a valid FQDN 204 can be the domain name itself, or a string resulted by concatenating a 205 prefix (often the hostname) and the domain name with a <quote>.</quote> 206 character. And, you need to contact the domain provider to resolve the 207 FQDN to your public IP address.</para> 208 209 <para>Even if the computer is not visible to the Internet, a FQDN is 210 still needed for certain programs, such as MTAs, to operate properly. 211 A special FQDN, <literal>localhost.localdomain</literal>, can be used 212 for this purpose.</para> 205 213 206 214 <para>Create the <filename>/etc/hosts</filename> file by running:</para> -
chapter09/networkd.xml
rea6fdf5 rdc39c7b 317 317 range 0-255.</para> 318 318 319 <para>A valid private IP address could be 192.168.1.1. A valid FQDN for 320 this IP could be lfs.example.org.</para> 321 322 <para>Even if not using a network card, a valid FQDN is still required. 323 This is necessary for certain programs, such as MTAs, to operate properly.</para> 324 325 <!-- 326 <para>Create the /etc/hosts file using the following command:</para> 327 328 <screen role="nodump"><userinput>cat > /etc/hosts << "EOF" 319 <para>A valid private IP address could be 192.168.1.1.</para> 320 321 <para>If the computer is to be visible to the Internet, a valid FQDN 322 can be the domain name itself, or a string resulted by concatenating a 323 prefix (often the hostname) and the domain name with a <quote>.</quote> 324 character. And, you need to contact the domain provider to resolve the 325 FQDN to your public IP address.</para> 326 327 <para>Even if the computer is not visible to the Internet, a FQDN is 328 still needed for certain programs, such as MTAs, to operate properly. 329 A special FQDN, <literal>localhost.localdomain</literal>, can be used 330 for this purpose.</para> 331 332 <para>Create the <filename>/etc/hosts</filename> file using the following 333 command:</para> 334 335 <screen><userinput>cat > /etc/hosts << "EOF" 329 336 <literal># Begin /etc/hosts 330 337 331 127.0.0.1 localhost.localdomain localhost 332 127.0.1.1 <replaceable><FQDN></replaceable> <replaceable><HOSTNAME></replaceable> 333 ::1 localhost ip6-localhost ip6-loopback 338 <replaceable><192.168.0.2></replaceable> <replaceable><FQDN></replaceable> <replaceable>[alias1] [alias2] ...</replaceable> 339 ::1 ip6-localhost ip6-loopback 334 340 ff02::1 ip6-allnodes 335 341 ff02::2 ip6-allrouters … … 337 343 # End /etc/hosts</literal> 338 344 EOF</userinput></screen> 339 --> 340 341 <para>Create the <filename>/etc/hosts</filename> file using the following 342 command:</para> 343 344 <screen><userinput>cat > /etc/hosts << "EOF" 345 <literal># Begin /etc/hosts 346 347 127.0.0.1 localhost.localdomain localhost 348 127.0.1.1 <replaceable><FQDN></replaceable> <replaceable><HOSTNAME></replaceable> 349 <replaceable><192.168.0.2></replaceable> <replaceable><FQDN></replaceable> <replaceable><HOSTNAME></replaceable> <replaceable>[alias1] [alias2] ...</replaceable> 350 ::1 localhost ip6-localhost ip6-loopback 351 ff02::1 ip6-allnodes 352 ff02::2 ip6-allrouters 353 354 # End /etc/hosts</literal> 355 EOF</userinput></screen> 356 357 <para>The <replaceable><192.168.0.2></replaceable>, 358 <replaceable><FQDN></replaceable>, and 359 <replaceable><HOSTNAME></replaceable> values need to be 345 346 <para>The <replaceable><192.168.0.2></replaceable> and 347 <replaceable><FQDN></replaceable> values need to be 360 348 changed for specific uses or requirements (if assigned an IP address by a 361 349 network/system administrator and the machine will be connected to an 362 350 existing network). The optional alias name(s) can be omitted, and the 363 351 <replaceable><192.168.0.2></replaceable> line can be omitted if you 364 are using a connection configured with DHCP or IPv6 Autoconfiguration.</para> 352 are using a connection configured with DHCP or IPv6 Autoconfiguration, 353 or using <literal>localhost.localdomain</literal> as the FQDN.</para> 354 355 <para>The <filename>/etc/hostname</filename> does not contain entries 356 for <literal>localhost</literal>, 357 <literal>localhost.localdomain</literal>, or the hostname (without a 358 domain) because they are handled by the 359 <systemitem class='library'>myhostname</systemitem> NSS module, read 360 the man page <filename>nss-myhostname(8)</filename> for details.</para> 365 361 366 362 <para>The ::1 entry is the IPv6 counterpart of 127.0.0.1 and represents 367 the IPv6 loopback interface. 127.0.1.1 is a loopback entry reserved 368 specifically for the FQDN.</para> 363 the IPv6 loopback interface.</para> 369 364 370 365 </sect2> -
patches.ent
rea6fdf5 rdc39c7b 15 15 <!ENTITY glibc-fhs-patch-size "2.8 KB"> 16 16 17 <!ENTITY glibc- memalign-patch "glibc-&glibc-version;-memalign_fix-1.patch">18 <!ENTITY glibc- memalign-patch-md5 "2c3552bded42a83ad6a7087c5fbf3857">19 <!ENTITY glibc- memalign-patch-size "20KB">17 <!ENTITY glibc-upstream-fixes-patch "glibc-&glibc-version;-upstream_fixes-1.patch"> 18 <!ENTITY glibc-upstream-fixes-patch-md5 "2e347e291804b62a18a43a8cdc79e01e"> 19 <!ENTITY glibc-upstream-fixes-patch-size "24 KB"> 20 20 21 21 <!ENTITY grub-upstream-fixes-patch "grub-&grub-version;-upstream_fixes-1.patch">
Note:
See TracChangeset
for help on using the changeset viewer.