emulators/linux_base-c6: Use a CVE-free version of bash
Bash 4.1.2 as shipped with this Linux base port is vulnerable to CVE-2014-6271 and CVE-2014-7169. As EL6 policy is to backport security patches, use a RPM that is not vulnerable to either remote code execution vulnerability. While here: - Add the proper UDPATES Master site - remove sample files installation from Makefile, in favor of @sample Approved by: swills (mentor) Security: 71ad81da-4414-11e4-a33e-3c970e169bc2
This commit is contained in:
parent
6a6123d47e
commit
21761d945c
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=369331
@ -3,8 +3,10 @@
|
||||
|
||||
PORTNAME= c6
|
||||
PORTVERSION= 6.5
|
||||
PORTREVISION= 1
|
||||
CATEGORIES= emulators linux
|
||||
MASTER_SITES= http://mirror.centos.org/centos/6/os/i386/Packages/
|
||||
MASTER_SITES= http://mirror.centos.org/centos/6/os/i386/Packages/ \
|
||||
http://mirror.centos.org/centos/6/updates/i386/Packages/
|
||||
PKGNAMEPREFIX= linux_base-
|
||||
DISTFILES= ${BIN_DISTFILES} ${SRC_DISTFILES}
|
||||
EXTRACT_ONLY= ${BIN_DISTFILES}
|
||||
@ -17,7 +19,7 @@ LINUX_DIST_VER=6.5
|
||||
DIST_SUBDIR= rpm/${LINUX_RPM_ARCH}/${LINUX_DIST}/${LINUX_DIST_VER}
|
||||
|
||||
BIN_DISTFILES= basesystem-10.0-4.el6.noarch.rpm \
|
||||
bash-4.1.2-15.el6_4.${LINUX_RPM_ARCH}.rpm \
|
||||
bash-4.1.2-15.el6_5.2.${LINUX_RPM_ARCH}.rpm \
|
||||
bzip2-1.0.5-7.el6_0.${LINUX_RPM_ARCH}.rpm \
|
||||
bzip2-libs-1.0.5-7.el6_0.${LINUX_RPM_ARCH}.rpm \
|
||||
compat-db43-4.3.29-15.el6.${LINUX_RPM_ARCH}.rpm \
|
||||
@ -68,10 +70,11 @@ BIN_DISTFILES= basesystem-10.0-4.el6.noarch.rpm \
|
||||
zlib-1.2.3-29.el6.${LINUX_RPM_ARCH}.rpm
|
||||
|
||||
.if defined(PACKAGE_BUILDING)
|
||||
MASTER_SITES+= http://vault.centos.org/${PORTVERSION}/os/Source/SPackages/
|
||||
MASTER_SITES+= http://vault.centos.org/${PORTVERSION}/os/Source/SPackages/ \
|
||||
http://vault.centos.org/6.5/updates/Source/SPackages/:updates
|
||||
|
||||
SRC_DISTFILES= basesystem-10.0-4.el6.src.rpm \
|
||||
bash-4.1.2-15.el6_4.src.rpm \
|
||||
bash-4.1.2-15.el6_5.2.src.rpm:updates \
|
||||
bzip2-1.0.5-7.el6_0.src.rpm \
|
||||
coreutils-8.4-31.el6.src.rpm \
|
||||
compat-db-4.6.21-15.el6.src.rpm \
|
||||
@ -201,7 +204,7 @@ do-build:
|
||||
#
|
||||
# If ${PREFIX}/etc/krb5.conf exists, don't touch it
|
||||
#
|
||||
@${MV} ${WRKSRC}/etc/krb5.conf ${WRKSRC}/etc/krb5.conf.dist
|
||||
@${MV} ${WRKSRC}/etc/krb5.conf ${WRKSRC}/etc/krb5.conf.sample
|
||||
|
||||
# Fix usr/bin/*db4* permissions to allow "portupgrade -s"
|
||||
# @${CHMOD} u+w ${WRKSRC}/usr/bin/*db4*
|
||||
@ -234,12 +237,4 @@ do-install:
|
||||
#
|
||||
@${INSTALL_SCRIPT} ${FILESDIR}/lp ${STAGEDIR}${PREFIX}/usr/bin
|
||||
|
||||
post-install:
|
||||
if [ ! -f ${PREFIX}/etc/krb5.conf ] ; then \
|
||||
${CP} -p ${STAGEDIR}${PREFIX}/etc/krb5.conf.dist ${STAGEDIR}${PREFIX}/etc/krb5.conf ; \
|
||||
fi
|
||||
if [ ! -f ${PREFIX}/etc/yp.conf ] ; then \
|
||||
${CP} -p ${STAGEDIR}${PREFIX}/etc/yp.conf.sample ${STAGEDIR}${PREFIX}/etc/yp.conf ; \
|
||||
fi
|
||||
|
||||
.include <bsd.port.post.mk>
|
||||
|
@ -1,7 +1,7 @@
|
||||
SHA256 (rpm/i686/centos/6.5/basesystem-10.0-4.el6.noarch.rpm) = 18860007697438e375733bb4a36a599daac2e2ae95d98a74c436a10d0974710e
|
||||
SIZE (rpm/i686/centos/6.5/basesystem-10.0-4.el6.noarch.rpm) = 4784
|
||||
SHA256 (rpm/i686/centos/6.5/bash-4.1.2-15.el6_4.i686.rpm) = 81bc62e6d2396a462ea898f2c91c97578ad2d744af4588686602ffc3bec47420
|
||||
SIZE (rpm/i686/centos/6.5/bash-4.1.2-15.el6_4.i686.rpm) = 907712
|
||||
SHA256 (rpm/i686/centos/6.5/bash-4.1.2-15.el6_5.2.i686.rpm) = 28a674dd09ca395b3021749ebf8928806ae981a325c02b8ead070e75cdae2cab
|
||||
SIZE (rpm/i686/centos/6.5/bash-4.1.2-15.el6_5.2.i686.rpm) = 908364
|
||||
SHA256 (rpm/i686/centos/6.5/bzip2-1.0.5-7.el6_0.i686.rpm) = 37883219612b1ffa199f5a7227fcd165687a24e5c7c291c579647d1563777e47
|
||||
SIZE (rpm/i686/centos/6.5/bzip2-1.0.5-7.el6_0.i686.rpm) = 49428
|
||||
SHA256 (rpm/i686/centos/6.5/bzip2-libs-1.0.5-7.el6_0.i686.rpm) = d3424f4610860e7f8f444cc3cddf51cd75f5e58ca0ecffc8bdbbcb5f8fe1b0d1
|
||||
@ -100,8 +100,8 @@ SHA256 (rpm/i686/centos/6.5/zlib-1.2.3-29.el6.i686.rpm) = 1e40dce8a497f740b22d20
|
||||
SIZE (rpm/i686/centos/6.5/zlib-1.2.3-29.el6.i686.rpm) = 74284
|
||||
SHA256 (rpm/i686/centos/6.5/basesystem-10.0-4.el6.src.rpm) = 18d3bd0580f40bdc208773f26b424fa1975fad70fae9f179c52337a8f80ade76
|
||||
SIZE (rpm/i686/centos/6.5/basesystem-10.0-4.el6.src.rpm) = 5949
|
||||
SHA256 (rpm/i686/centos/6.5/bash-4.1.2-15.el6_4.src.rpm) = 17e92fbaf55ef5fbaccc7e28761edaaa1d18ede8e330fb20a40a27d27605003c
|
||||
SIZE (rpm/i686/centos/6.5/bash-4.1.2-15.el6_4.src.rpm) = 6663735
|
||||
SHA256 (rpm/i686/centos/6.5/bash-4.1.2-15.el6_5.2.src.rpm) = d0a8f52d7db4c729c17188a2bd690aff2371f8ac86900dabb14b0df5aa1ff6a5
|
||||
SIZE (rpm/i686/centos/6.5/bash-4.1.2-15.el6_5.2.src.rpm) = 6668343
|
||||
SHA256 (rpm/i686/centos/6.5/bzip2-1.0.5-7.el6_0.src.rpm) = 99a3d6a620f9f427aaeba974ae06234d0a771231730de7e203b97dce1dbf1931
|
||||
SIZE (rpm/i686/centos/6.5/bzip2-1.0.5-7.el6_0.src.rpm) = 855419
|
||||
SHA256 (rpm/i686/centos/6.5/coreutils-8.4-31.el6.src.rpm) = 0e39f22a1ea12009f7e95811003d4b56b99fc2ea77b5bf3ebc716f3ae5a15b83
|
||||
|
@ -72,9 +72,6 @@ etc/hosts.deny
|
||||
etc/inputrc
|
||||
etc/issue
|
||||
etc/issue.net
|
||||
@unexec if cmp -s %D/etc/krb5.conf.dist %D/etc/krb5.conf ; then rm -f %D/etc/krb5.conf ; fi
|
||||
etc/krb5.conf.dist
|
||||
@exec if [ ! -f %D/etc/krb5.conf ] ; then cp -p %D/%F %B/krb5.conf ; fi
|
||||
etc/ld.so.cache
|
||||
etc/ld.so.conf
|
||||
etc/mke2fs.conf
|
||||
@ -121,9 +118,6 @@ etc/skel/.bashrc
|
||||
etc/system-release
|
||||
etc/system-release-cpe
|
||||
etc/udev/rules.d/60-raw.rules
|
||||
@unexec if cmp -s %D/etc/yp.conf.sample %D/etc/yp.conf ; then rm -f %D/etc/yp.cpnf ; fi
|
||||
etc/yp.conf.sample
|
||||
@exec if [ ! -f %D/etc/yp.conf ] ; then cp -p %D/%F %B/yp.conf ; fi
|
||||
etc/yum.repos.d/CentOS-Base.repo
|
||||
etc/yum.repos.d/CentOS-Debuginfo.repo
|
||||
etc/yum.repos.d/CentOS-Media.repo
|
||||
@ -2317,8 +2311,11 @@ usr/share/man/man8/switch_root.8.gz
|
||||
usr/share/man/man8/tunelp.8.gz
|
||||
usr/share/man/man8/umount.8.gz
|
||||
usr/share/man/man8/wipefs.8.gz
|
||||
usr/tmp
|
||||
@unexec rm -f %D/var/cache/ldconfig/aux-cache
|
||||
var/mail
|
||||
@sample etc/krb5.conf.sample
|
||||
@sample etc/yp.conf.sample
|
||||
@dirrm bin
|
||||
@dirrm var/yp
|
||||
@dirrm var/spool/mail
|
||||
@ -2339,7 +2336,6 @@ var/mail
|
||||
@dirrm var/cache/ldconfig
|
||||
@dirrm var/cache
|
||||
@dirrm var
|
||||
@dirrm usr/tmp
|
||||
@dirrm usr/src/kernels
|
||||
@dirrm usr/src/debug
|
||||
@dirrm usr/src
|
||||
|
Loading…
Reference in New Issue
Block a user