diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2024-03-07 20:40:08 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2024-03-07 22:49:08 +0100 |
commit | 66e838eb2b90374a91406df2f10d14bd6d528f38 (patch) | |
tree | 25c41b4a07b80c70ffc1fc20d7dd609f4972877a /source/ap/slackpkg/files/core-functions.sh | |
parent | c3fb4577bf0ad3f9a7369ba6b4d9be979de8fc9f (diff) | |
download | current-66e838eb2b90374a91406df2f10d14bd6d528f38.tar.gz current-66e838eb2b90374a91406df2f10d14bd6d528f38.tar.xz |
Thu Mar 7 20:40:08 UTC 202420240307204008
ap/ghostscript-10.03.0-x86_64-1.txz: Upgraded.
This update addresses a security issue:
A vulnerability was identified in the way Ghostscript/GhostPDL called
tesseract for the OCR devices, which could allow arbitrary code execution.
Thanks to J_W for the heads-up.
(* Security fix *)
ap/lxc-4.0.12-x86_64-3.txz: Rebuilt.
lxc-slackware.in: include gnupg2 (not gnupg) for slackpkg.
ap/slackpkg-15.0.10-noarch-3.txz: Rebuilt.
core-functions.sh: use gpg2, not gpg.
d/Cython-3.0.9-x86_64-1.txz: Upgraded.
d/git-2.44.0-x86_64-2.txz: Rebuilt.
Include git-subtree. Thanks to gwhl.
d/llvm-18.1.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
kde/kdevelop-23.08.5-x86_64-2.txz: Rebuilt.
Recompiled against llvm-18.1.0.
l/openexr-3.2.3-x86_64-1.txz: Upgraded.
l/python-importlib_metadata-7.0.2-x86_64-1.txz: Upgraded.
l/python-trove-classifiers-2024.3.3-x86_64-1.txz: Upgraded.
l/qt5-5.15.12_20240228_6609503f-x86_64-1.txz: Upgraded.
Compiled against llvm-18.1.0.
l/qt6-6.6.2_20240210_15b7e743-x86_64-3.txz: Rebuilt.
Recompiled against llvm-18.1.0.
l/spirv-llvm-translator-18.1.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/gnupg2-2.4.5-x86_64-1.txz: Upgraded.
n/libassuan-2.5.7-x86_64-1.txz: Upgraded.
n/postfix-3.9.0-x86_64-1.txz: Upgraded.
x/mesa-24.0.2-x86_64-2.txz: Rebuilt.
Recompiled against llvm-18.1.0 and spirv-llvm-translator-18.1.0.
isolinux/initrd.img: Rebuilt.
Fixed kernel version. Thanks to chrisVV.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Fixed kernel version. Thanks to chrisVV.
Diffstat (limited to 'source/ap/slackpkg/files/core-functions.sh')
-rw-r--r-- | source/ap/slackpkg/files/core-functions.sh | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/source/ap/slackpkg/files/core-functions.sh b/source/ap/slackpkg/files/core-functions.sh index 824547867..ede3d3f42 100644 --- a/source/ap/slackpkg/files/core-functions.sh +++ b/source/ap/slackpkg/files/core-functions.sh @@ -371,11 +371,11 @@ as slackpkg cannot function without awk.\n" # Check if gpg is enabled but no GPG command are found. # - if ! [ "$(which gpg 2>/dev/null)" ] && [ "${CHECKGPG}" = "on" ]; then + if ! [ "$(which gpg2 2>/dev/null)" ] && [ "${CHECKGPG}" = "on" ]; then CHECKGPG=off echo -e "\n\ gpg package not found! Please disable GPG in ${CONF}/slackpkg.conf or install\n\ -the gnupg package.\n\n\ +the gnupg2 package.\n\n\ To disable GPG, edit slackpkg.conf and change the value of the CHECKGPG \n\ variable to "off" - you can see an example in the original slackpkg.conf.new\n\ file distributed with slackpkg.\n" @@ -384,7 +384,7 @@ file distributed with slackpkg.\n" # Check if the Slackware GPG key are found in the system # - GPGFIRSTTIME="$(gpg --list-keys \"$SLACKKEY\" 2>/dev/null \ + GPGFIRSTTIME="$(gpg2 --list-keys \"$SLACKKEY\" 2>/dev/null \ | grep -c "$SLACKKEY")" if [ "$GPGFIRSTTIME" = "0" ] && \ [ "$CMD" != "search" ] && \ @@ -546,7 +546,7 @@ function checkmd5() { # Verify the GPG signature of files/packages # function checkgpg() { - gpg --verify ${1}.asc ${1} 2>/dev/null && echo "1" || echo "0" + gpg2 --verify ${1}.asc ${1} 2>/dev/null && echo "1" || echo "0" } # Fetch $SLACKKEY from a trusted source @@ -585,8 +585,8 @@ Do you want to import the GPG key from this source? (YES|NO)\n" # Import $SLACKKEY function import_gpg_key() { mkdir -p ~/.gnupg - gpg --yes --batch --delete-key "$SLACKKEY" &>/dev/null - gpg --import $TMPDIR/gpgkey &>/dev/null && \ + gpg2 --yes --batch --delete-key "$SLACKKEY" &>/dev/null + gpg2 --import $TMPDIR/gpgkey &>/dev/null && \ echo -e "\t\t\tSlackware Linux Project's GPG key added" } @@ -1133,7 +1133,7 @@ Please check your mirror and try again." rm $TMPDIR/CHECKSUMS.md5 rm $TMPDIR/CHECKSUMS.md5.asc echo -e "\ -\n\t\tERROR: Verification of the gpg signature on CHECKSUMS.md5\n\ +\n\t\tERROR: Verification of the gpg signature on CHECKSUMS.md5\n\ \t\t failed! This could mean that the file is out of date\n\ \t\t or has been tampered with. If you use mirrors.slackware.com\n\ \t\t as your mirror, this could also mean that the mirror to\n\ |