gronod/lfs
1
0
Fork 0
mirror of https://git.linuxfromscratch.org/lfs.git synced 2025-06-19 03:39:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Added perl patch to fix CVE-2014-4330.

Browse Source 
Update to grub-2.02~beta2.  It's been in beta for over 9 months 
and a 'stable' does not seem to be forthcoming.  

Document glibc tests known to sometimes fail.



git-svn-id: http://svn.linuxfromscratch.org/LFS/trunk/BOOK@10769 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689
This commit is contained in:
Bruce Dubbs 2014-10-02 07:00:51 +00:00
parent 82d957c29a
commit 5d1f0157c1
8 changed files with 55 additions and 97 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
chapter01/changelog.xml
View File

@ -35,11 +35,31 @@
</itemizedlist> </itemizedlist>
</listitem> </listitem>
--> -->
<listitem>
<para>2014-10-02</para>
<itemizedlist>
<listitem>
<para>[bdubbs] - Added perl patch to fix CVE-2014-4330.
to prevent infinite recursion in Data::Dumper. Fixes
<ulink url="&lfs-ticket-root;3681">#3681</ulink>.</para>
</listitem>
<listitem>
<para>[bdubbs] - Update to grub-2.02~beta2. It's been
in beta for over 9 months and a 'stable' does not seem
to be forthcoming. Fixes
<ulink url="&lfs-ticket-root;3450">#3450</ulink>.</para>
</listitem>
<listitem>
<para>[bdubbs] - Update glibc tests known to sometimes fail.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem> <listitem>
<para>2014-09-29</para> <para>2014-09-29</para>
<itemizedlist> <itemizedlist>
<listitem> <listitem>
<para>[bdubbs] - Updated bash upstream patches and added fixes for <para>[bdubbs] - Update bash upstream patches and added fixes for
CVE-2014-6271, CVE-2014-7169, and CVE-2014-7187 (through upstream CVE-2014-6271, CVE-2014-7169, and CVE-2014-7187 (through upstream
patch bash43-027).</para> patch bash43-027).</para>
</listitem> </listitem>

77
chapter01/whatsnew.xml
View File

@ -106,9 +106,9 @@
<!--<listitem> <!--<listitem>
<para>Groff &groff-version;</para> <para>Groff &groff-version;</para>
</listitem>--> </listitem>-->
<!--<listitem> <listitem>
<para>GRUB &grub-version;</para> <para>GRUB &grub-version;</para>
</listitem>--> </listitem>
<!--<listitem> <!--<listitem>
<para>Gzip &gzip-version;</para> <para>Gzip &gzip-version;</para>
</listitem>--> </listitem>-->
@ -241,58 +241,13 @@
<title>Added:</title> <title>Added:</title>
<listitem><para></para></listitem> <!-- satisfy build --> <listitem><para></para></listitem> <!-- satisfy build -->
<!--
<listitem>
<para>acl-&acl-version;</para>
</listitem>
<listitem>
<para>attr-&attr-version;</para>
</listitem>
-->
<listitem> <listitem>
<para>&bash-fixes-patch;</para> <para>&bash-fixes-patch;</para>
</listitem> </listitem>
<!--
<listitem> <listitem>
<para>&bc-memory-leak-patch;</para> <para>&perl-fix-patch;</para>
</listitem> </listitem>
<listitem>
<para>&binutils-lto-patch;</para>
</listitem>
<listitem>
<para>&binutils-lto-testsuite-patch;</para>
</listitem>
<listitem>
<para>eudev-&eudev-version;</para>
</listitem>
<listitem>
<para>expat-&expat-version;</para>
</listitem>
<listitem>
<para>&gcc-upstream-patch;</para>
</listitem>
<listitem>
<para>&glibc-fhs-patch;</para>
</listitem>
<listitem>
<para>gperf-&gperf-version;</para>
</listitem>
<listitem>
<para>intltool-&intltool-version;</para>
</listitem>
<listitem>
<para>libcap-&libcap-version;</para>
</listitem>
<listitem>
<para>&mpfr-fixes-patch;</para>
</listitem>
<listitem>
<para>&readline-fixes-patch;</para>
</listitem>
<listitem>
<para>XML::Parser-&xml-parser-version;</para>
</listitem>
-->
</itemizedlist> </itemizedlist>
<itemizedlist> <itemizedlist>
@ -302,31 +257,7 @@
<listitem> <listitem>
<para>bash-4.3-upstream_fixes-3.patch</para> <para>bash-4.3-upstream_fixes-3.patch</para>
</listitem> </listitem>
<!--
<listitem>
<para>glibc-2.19-fhs-1.patch</para>
</listitem>
<listitem>
<para>mpfr-3.1.2-upstream_fixes-1.patch</para>
</listitem>
<listitem>
<para>perl-5.18.2-libc-1.patch</para>
</listitem>
<listitem>
<para>readline-6.2-fixes-2.patch</para>
</listitem>
<listitem>
<para>tar-1.27.1-manpage-1.patch</para>
</listitem>
<listitem>
<para>udev 208</para>
</listitem>
-->
</itemizedlist> </itemizedlist>
</sect1> </sect1>

8
chapter03/patches.xml
View File

@ -116,6 +116,14 @@
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term>Perl Data::Dumper Patch - <token>&perl-fix-patch-size;</token>:</term>
<listitem>
<para>Download: <ulink url="&patches-root;&perl-fix-patch;"/></para>
<para>MD5 sum: <literal>&perl-fix-patch-md5;</literal></para>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term>Readline Upstream Fixes Patch - <token>&readline-fixes-patch-size;</token>:</term> <term>Readline Upstream Fixes Patch - <token>&readline-fixes-patch-size;</token>:</term>
<listitem> <listitem>

25
chapter06/glibc.xml
View File

@ -115,15 +115,11 @@ cd ../glibc-build</userinput></screen>
issues seen for this version of LFS:</para> issues seen for this version of LFS:</para>
<itemizedlist> <itemizedlist>
<!--
<listitem> <listitem>
<para>The <emphasis>nptl/tst-clock2</emphasis>, <para>The <emphasis>tst/tst-cputimer1</emphasis> test has been known to
<emphasis>nptl/tst-attr3</emphasis>, fail. The reason is not completely understood, but indications are
<emphasis>tst/tst-cputimer1</emphasis>, and that minor timing issues can trigger this failure.</para>
<emphasis>rt/tst-cpuclock2</emphasis>
tests have been known to fail. The
reason is not completely understood, but indications are that minor
timing issues can trigger these failures.</para>
</listitem> </listitem>
<listitem> <listitem>
@ -131,7 +127,7 @@ cd ../glibc-build</userinput></screen>
systems where the CPU is not a relatively new genuine Intel or systems where the CPU is not a relatively new genuine Intel or
authentic AMD processor.</para> authentic AMD processor.</para>
</listitem> </listitem>
<!--
<listitem> <listitem>
<para>When running on older and slower hardware or on systems under <para>When running on older and slower hardware or on systems under
load, some tests can fail because of test timeouts being exceeded. load, some tests can fail because of test timeouts being exceeded.
@ -149,13 +145,12 @@ cd ../glibc-build</userinput></screen>
<para>libio/tst-ftell-partial-wide.out fails because it needs a locale <para>libio/tst-ftell-partial-wide.out fails because it needs a locale
that has not yet been generated.</para> that has not yet been generated.</para>
</listitem> </listitem>
<listitem>
<para>Other tests known to fail on some architectures are posix/bug-regex32,
misc/tst-writev, elf/check-textrel, nptl/tst-getpid2, nptl/tst-robust8,
and stdio-common/bug22.</para>
</listitem>
--> -->
<listitem>
<para>Other tests known to fail on some architectures are
malloc/tst-malloc-usable and nptl/tst-cleanupx4. </para>
</listitem>
</itemizedlist> </itemizedlist>
<para>Though it is a harmless message, the install stage of Glibc will <para>Though it is a harmless message, the install stage of Glibc will

4
chapter06/grub.xml
View File

@ -40,10 +40,6 @@
<sect2 role="installation"> <sect2 role="installation">
<title>Installation of GRUB</title> <title>Installation of GRUB</title>
<para>Fix an incompatibility between this package and Glibc-&glibc-version;:</para>
<screen><userinput remap="pre">sed -i -e '/gets is a/d' grub-core/gnulib/stdio.in.h</userinput></screen>
<para>Prepare GRUB for compilation:</para> <para>Prepare GRUB for compilation:</para>
<screen><userinput remap="configure">./configure --prefix=/usr \ <screen><userinput remap="configure">./configure --prefix=/usr \

4
chapter06/perl.xml
View File

@ -56,6 +56,10 @@
<screen><userinput remap="pre">export BUILD_ZLIB=False <screen><userinput remap="pre">export BUILD_ZLIB=False
export BUILD_BZIP2=0</userinput></screen> export BUILD_BZIP2=0</userinput></screen>
<para>Fix a potential security problem:</para>
<screen><userinput remap="pre">patch -Np1 -i ../&perl-fix-patch;</userinput></screen>
<para>To have full control over the way Perl is set up, you can remove the <para>To have full control over the way Perl is set up, you can remove the
<quote>-des</quote> options from the following command and hand-pick the way <quote>-des</quote> options from the following command and hand-pick the way
this package is built. Alternatively, use the command exactly as below to this package is built. Alternatively, use the command exactly as below to

8
packages.ent
View File

@ -278,10 +278,10 @@
<!ENTITY groff-ch6-du "83 MB"> <!ENTITY groff-ch6-du "83 MB">
<!ENTITY groff-ch6-sbu "0.6 SBU"> <!ENTITY groff-ch6-sbu "0.6 SBU">
<!ENTITY grub-version "2.00"> <!ENTITY grub-version "2.02~beta2">
<!ENTITY grub-size "5,016 KB"> <!ENTITY grub-size "5,663 KB">
<!ENTITY grub-url "&gnu;grub/grub-&grub-version;.tar.xz"> <!ENTITY grub-url "http://alpha.gnu.org/gnu/grub/grub-&grub-version;.tar.xz">
<!ENTITY grub-md5 "a1043102fbc7bcedbf53e7ee3d17ab91"> <!ENTITY grub-md5 "be62932eade308a364ea4bbc91295930">
<!ENTITY grub-home "&gnu-software;grub/"> <!ENTITY grub-home "&gnu-software;grub/">
<!ENTITY grub-ch6-du "110 MB"> <!ENTITY grub-ch6-du "110 MB">
<!ENTITY grub-ch6-sbu "0.8 SBU"> <!ENTITY grub-ch6-sbu "0.8 SBU">

4
patches.ent
View File

@ -53,6 +53,10 @@
<!ENTITY mpfr-fixes-patch-md5 "2b2aa4371a4e848411639356fd82becf"> <!ENTITY mpfr-fixes-patch-md5 "2b2aa4371a4e848411639356fd82becf">
<!ENTITY mpfr-fixes-patch-size "40 KB"> <!ENTITY mpfr-fixes-patch-size "40 KB">
<!ENTITY perl-fix-patch "perl-&perl-version;-infinite_recurse_fix-1.patch">
<!ENTITY perl-fix-patch-md5 "579dfed34e97e0a2fe21b74aa53946ac">
<!ENTITY perl-fix-patch-size "11 KB">
<!ENTITY readline-fixes-patch "readline-6.3-upstream_fixes-2.patch"> <!ENTITY readline-fixes-patch "readline-6.3-upstream_fixes-2.patch">
<!ENTITY readline-fixes-patch-md5 "97f74f1c3c83008f268b32d36e9fd376"> <!ENTITY readline-fixes-patch-md5 "97f74f1c3c83008f268b32d36e9fd376">
<!ENTITY readline-fixes-patch-size "4 KB"> <!ENTITY readline-fixes-patch-size "4 KB">