diff options
| author | Leonardo Arena <rnalrd@alpinelinux.org> | 2017-07-17 10:27:22 +0000 |
|---|---|---|
| committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2017-07-17 10:27:27 +0000 |
| commit | 3f5612ba1afd880c2dfe8ab4165d1712a57ff485 (patch) | |
| tree | 8d8bdba34dc100474bf0ed5566a43ad191482434 /main/heimdal | |
| parent | b2fd60dde0963f2a525f83972016f14fc49ce6fd (diff) | |
| download | aports-3f5612ba1afd880c2dfe8ab4165d1712a57ff485.tar.bz2 aports-3f5612ba1afd880c2dfe8ab4165d1712a57ff485.tar.xz | |
main/heimdal: security upgrade to 7.4.0 (CVE-2017-11103)
Fixes #7538
Modernize APKBUILD, add check() not enabled yet though
Diffstat (limited to 'main/heimdal')
| -rw-r--r-- | main/heimdal/APKBUILD | 80 |
1 files changed, 35 insertions, 45 deletions
diff --git a/main/heimdal/APKBUILD b/main/heimdal/APKBUILD index f567bef5d9..f04707adf9 100644 --- a/main/heimdal/APKBUILD +++ b/main/heimdal/APKBUILD @@ -1,9 +1,9 @@ # Maintainer: Leonardo Arena <rnalrd@alpinelinux.org> # Contributor: Natanael Copa <ncopa@alpinelinux.org> pkgname=heimdal -pkgver=7.1.0 +pkgver=7.4.0 _ver=${pkgver/_rc/rc} -pkgrel=1 +pkgrel=0 pkgdesc="An implementation of Kerberos 5" arch="all" url="http://www.h5l.org/" @@ -13,9 +13,9 @@ depends_dev="libressl-dev e2fsprogs-dev db-dev" makedepends="$depends_dev autoconf automake bash gawk libtool ncurses-dev perl readline-dev sqlite-dev texinfo perl-json" install= -options="suid" +options="suid !check" #FIXME: FAIL: snprintf-test subpackages="$pkgname-doc $pkgname-dev $pkgname-libs" -source="http://www.h5l.org/dist/src/heimdal-$pkgver.tar.gz +source="https://github.com/heimdal/heimdal/releases/download/heimdal-$pkgver/heimdal-$pkgver.tar.gz heimdal-kadmind.initd heimdal-kdc.initd heimdal-kpasswdd.initd @@ -23,25 +23,23 @@ source="http://www.h5l.org/dist/src/heimdal-$pkgver.tar.gz 005_all_heimdal-suid_fix.patch heimdal_missing-include.patch " +builddir="$srcdir/$pkgname-$_ver" -_builddir="$srcdir/$pkgname-$_ver" +# secfixes: +# 7.4.0-r0 +# - CVE-2017-11103 prepare() { [ -e /usr/lib/libasn1.so ] && echo "## remove old heimdal pkg first ##" && return 1 - cd "$_builddir" + cd "$builddir" + default_prepare - for i in $source; do - case $i in - *.patch) msg "Applying patch $i"; patch -p1 -i "$srcdir"/$i || return 1;; - esac - done - - sh ./autogen.sh || return 1 + sh ./autogen.sh } build() { - cd "$_builddir" + cd "$builddir" export LDFLAGS="${LDFLAGS} -Wl,--as-needed" export LIBS="-ldb" @@ -55,53 +53,57 @@ build() { --with-readline-lib=/usr/lib \ --with-readline-include=/usr/include/readline \ --with-sqlite3=/usr \ - --without-openssl \ - || return 1 + --without-openssl # make sure we use system version rm -r lib/sqlite lib/com_err # workarount a parallell build issue - make -C lib/asn1 der-protos.h der-private.h || return 1 - make -C lib/kadm5 kadm5-protos.h kadm5-private.h kadm5_err.h || return 1 + make -C lib/asn1 der-protos.h der-private.h + make -C lib/kadm5 kadm5-protos.h kadm5-private.h kadm5_err.h make -C lib/krb5 krb5-protos.h krb5-private.h krb5_err.h krb_err.h \ - heim_err.h k524_err.h || return 1 - make -C lib/hx509 hx509-private.h hx509-protos.h || return 1 - make || return 1 + heim_err.h k524_err.h + make -C lib/hx509 hx509-private.h hx509-protos.h + make +} + +check() { + cd "$builddir" + make check } package() { - cd "$_builddir" + cd "$builddir" make DESTDIR="$pkgdir" exec_prefix=/usr sysconfdir=/etc \ mandir=/usr/share/man infodir=/usr/share/info datadir=/var/lib/heimdal \ localstatedir=/var/lib/heimdal libexecdir=/usr/sbin install install -m755 -D "$srcdir"/heimdal-kadmind.initd \ - "$pkgdir"/etc/init.d/heimdal-kadmind || return 1 + "$pkgdir"/etc/init.d/heimdal-kadmind install -m755 -D "$srcdir"/heimdal-kdc.initd \ - "$pkgdir"/etc/init.d/heimdal-kdc || return 1 + "$pkgdir"/etc/init.d/heimdal-kdc install -m755 -D "$srcdir"/heimdal-kpasswdd.initd \ - "$pkgdir"/etc/init.d/heimdal-kpasswdd || return 1 + "$pkgdir"/etc/init.d/heimdal-kpasswdd for i in 1 3 5 8; do - rm -rf "$pkgdir"/usr/share/man/cat$i || return 1 + rm -rf "$pkgdir"/usr/share/man/cat$i done # Remove conflicts # e2fsprogs rm -f "$pkgdir"/usr/bin/compile_et \ - "$pkgdir"/usr/share/man/man1/compile_et.1 || return 1 + "$pkgdir"/usr/share/man/man1/compile_et.1 # Compress info pages for page in heimdal hx509; do - gzip -9 "$pkgdir"/usr/share/info/${page}.info || return 1 + gzip -9 "$pkgdir"/usr/share/info/${page}.info done # Install the license install -d "$pkgdir"/usr/share/licenses/$pkgname install -D -m644 "$srcdir"/$pkgname-$_ver/LICENSE \ - "$pkgdir"/usr/share/licenses/$pkgname/ || return 1 + "$pkgdir"/usr/share/licenses/$pkgname/ } libs() { @@ -109,29 +111,17 @@ libs() { replaces="heimdal" depends="krb5-conf" mkdir -p "$subpkgdir"/usr/bin "$subpkgdir"/usr/sbin - mv "$pkgdir"/usr/lib "$subpkgdir"/usr/ || return 1 + mv "$pkgdir"/usr/lib "$subpkgdir"/usr/ mv "$pkgdir"/usr/bin/string2key \ "$pkgdir"/usr/bin/verify_krb5_conf \ - "$subpkgdir"/usr/bin/ || return 1 + "$subpkgdir"/usr/bin/ mv "$pkgdir"/usr/sbin/kdigest \ "$pkgdir"/usr/sbin/digest-service \ - "$subpkgdir"/usr/sbin/ || return 1 + "$subpkgdir"/usr/sbin/ } -md5sums="bbeedb8eae6f81b12cbbaada4faaeb47 heimdal-7.1.0.tar.gz -872a6de29fc4dd2d4001d66f9e2206f7 heimdal-kadmind.initd -823a47e3bfc9530f19353dc02c96c290 heimdal-kdc.initd -ba4ecfbd48cd59b6a239835a501a0c36 heimdal-kpasswdd.initd -efa764866eed4c589dc9d2aedfe1c140 005_all_heimdal-suid_fix.patch -9a8db1ed3098a1b1073aa8b75b8084c8 heimdal_missing-include.patch" -sha256sums="cee58ab3a4ce79f243a3e73f465dac19fe2b93ef1c5ff244d6f1d689fedbde2d heimdal-7.1.0.tar.gz -a69218c8320b730b884631aa4a2548ddc0dbd864b458e26314c22bf903d6ddbd heimdal-kadmind.initd -4cb005716e195116421d9fbf021d6d6178e487232610854f9c9a1d0aaf798d56 heimdal-kdc.initd -0bbe7c4231ba8126f6cac2869da5c8b074b987c23a3940b9bda8caa269fc6bfd heimdal-kpasswdd.initd -05b10444d50a3b4074b7539ea2ba39569b1e0704c061e9e93fdb6bd3fc59feb6 005_all_heimdal-suid_fix.patch -1cd63bd7ecbcf502859c37777a6f64c043c6da298a24ac582490e7c0b06fc5c0 heimdal_missing-include.patch" -sha512sums="5afc9d183ff0db6e82e83d47955cc77e775bc60569e2905f9106c31b8a33e8d67fbc042dd4836ebae094db38bf70ba858c224189fed8d55f277738ee6e76352e heimdal-7.1.0.tar.gz +sha512sums="3bb83974180e0f6fe2e1b2a11c51cf136c9a64f13f9ed7592f0039ccccd03c1a22081b7d88ae631f94cf46589ed399b79666eb814104f915faa70b53749863a7 heimdal-7.4.0.tar.gz 0ae0fec4bdb3907d9e82e788e12ef185dd00e6db4c17f55758da5600fedd72ed1118b6b492d039f91cc54d54bf2f79f624ea38a68067e424b737b128494a4bbd heimdal-kadmind.initd 4dca69bb1c1c6dfce8c0fc1da84855e4549be478ab09511fa5143ee61d1609fed7f3303179bc1e499b0f20445e04c41eda132dd1c5f72e2fea4fcf60a35ad2a9 heimdal-kdc.initd abee8390632fa775e74900d09e5c72b02fe4f9616b43cc8d0a76175486ed6d4707fb3ce4d06ceb09b0e8d1384e037c3cff6525e11def0122c35c32eebd0d196f heimdal-kpasswdd.initd |