* [bug#27649] Update man-db to 2.7.6.1
@ 2017-07-11 1:43 Leo Famulari
2017-07-11 20:53 ` Marius Bakke
0 siblings, 1 reply; 3+ messages in thread
From: Leo Famulari @ 2017-07-11 1:43 UTC (permalink / raw)
To: 27649
[-- Attachment #1.1: Type: text/plain, Size: 437 bytes --]
This updates man-db to the latest release, 2.7.6.1.
I tested that the manual-database profile hook still works. For that, I
had to pass the new configuration option 'disable-cache-owner', or else
the test suite and manpage database generation would fail.
See this commit for more info (Separate cache owner from --enable-setuid
option):
https://git.savannah.gnu.org/cgit/man-db.git/commit/?id=0f8b5518949866075c25787bdc4e9c064597c21e
[-- Attachment #1.2: 0001-gnu-man-db-Update-to-2.7.6.1-fixes-CVE-2015-1336.patch --]
[-- Type: text/plain, Size: 2125 bytes --]
From 0d04028ca5781b0ddeb2ae843a60934050c6f959 Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Mon, 10 Jul 2017 15:04:58 -0400
Subject: [PATCH] gnu: man-db: Update to 2.7.6.1 [fixes CVE-2015-1336].
* gnu/packages/man.scm (man-db): Update to 2.7.6.1.
[arguments]: Add '--disable-cache-owner' to #:configure-flags.
---
gnu/packages/man.scm | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/gnu/packages/man.scm b/gnu/packages/man.scm
index 101892a0a..0fdc69aea 100644
--- a/gnu/packages/man.scm
+++ b/gnu/packages/man.scm
@@ -57,14 +57,14 @@ a flexible and convenient way.")
(define-public man-db
(package
(name "man-db")
- (version "2.7.5")
+ (version "2.7.6.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://savannah/man-db/man-db-"
version ".tar.xz"))
(sha256
(base32
- "056a3il7agfazac12yggcg4gf412yq34k065im0cpfxbcw6xskaw"))))
+ "0gqgs4zc3r87apns0k5qp689p2ylxx2596s2mkmkxjjay99brv88"))))
(build-system gnu-build-system)
(arguments
'(#:phases
@@ -93,7 +93,12 @@ a flexible and convenient way.")
(xz (assoc-ref %build-inputs "xz"))
(util (assoc-ref %build-inputs "util-linux")))
;; Invoke groff, less, gzip, bzip2, and xz directly from the store.
- (append (list "--disable-setuid" ;; Disable setuid man user.
+ (append (list ;; Disable setuid man user.
+ "--disable-setuid"
+ ;; Don't constrain ownership of system-wide cache files.
+ ;; Otherwise creating the manpage database fails with
+ ;; with man-db > 2.7.5.
+ "--disable-cache-owner"
(string-append "--with-pager=" less "/bin/less")
(string-append "--with-gzip=" gzip "/bin/gzip")
(string-append "--with-bzip2=" bzip2 "/bin/gzip")
--
2.13.2
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [bug#27649] Update man-db to 2.7.6.1
2017-07-11 1:43 [bug#27649] Update man-db to 2.7.6.1 Leo Famulari
@ 2017-07-11 20:53 ` Marius Bakke
2017-07-12 2:54 ` bug#27649: " Leo Famulari
0 siblings, 1 reply; 3+ messages in thread
From: Marius Bakke @ 2017-07-11 20:53 UTC (permalink / raw)
To: Leo Famulari, 27649
[-- Attachment #1: Type: text/plain, Size: 1556 bytes --]
Leo Famulari <leo@famulari.name> writes:
> This updates man-db to the latest release, 2.7.6.1.
>
> I tested that the manual-database profile hook still works. For that, I
> had to pass the new configuration option 'disable-cache-owner', or else
> the test suite and manpage database generation would fail.
>
> See this commit for more info (Separate cache owner from --enable-setuid
> option):
>
> https://git.savannah.gnu.org/cgit/man-db.git/commit/?id=0f8b5518949866075c25787bdc4e9c064597c21e
That commit message was confusingly familiar :-)
> From 0d04028ca5781b0ddeb2ae843a60934050c6f959 Mon Sep 17 00:00:00 2001
> From: Leo Famulari <leo@famulari.name>
> Date: Mon, 10 Jul 2017 15:04:58 -0400
> Subject: [PATCH] gnu: man-db: Update to 2.7.6.1 [fixes CVE-2015-1336].
[...]
> @@ -93,7 +93,12 @@ a flexible and convenient way.")
> (xz (assoc-ref %build-inputs "xz"))
> (util (assoc-ref %build-inputs "util-linux")))
> ;; Invoke groff, less, gzip, bzip2, and xz directly from the store.
> - (append (list "--disable-setuid" ;; Disable setuid man user.
> + (append (list ;; Disable setuid man user.
> + "--disable-setuid"
> + ;; Don't constrain ownership of system-wide cache files.
> + ;; Otherwise creating the manpage database fails with
> + ;; with man-db > 2.7.5.
Double 'with'. I'm not even sure the second sentence is necessary, YMMV :-)
> + "--disable-cache-owner"
LGTM.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* bug#27649: Update man-db to 2.7.6.1
2017-07-11 20:53 ` Marius Bakke
@ 2017-07-12 2:54 ` Leo Famulari
0 siblings, 0 replies; 3+ messages in thread
From: Leo Famulari @ 2017-07-12 2:54 UTC (permalink / raw)
To: Marius Bakke; +Cc: 27649-done
[-- Attachment #1: Type: text/plain, Size: 530 bytes --]
On Tue, Jul 11, 2017 at 10:53:18PM +0200, Marius Bakke wrote:
> Leo Famulari <leo@famulari.name> writes:
> > + ;; Don't constrain ownership of system-wide cache files.
> > + ;; Otherwise creating the manpage database fails with
> > + ;; with man-db > 2.7.5.
>
> Double 'with'. I'm not even sure the second sentence is necessary, YMMV :-)
It wasn't obvious to me that it should fail so I left it in, without
that extra 'with'.
Thanks for the review!
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2017-07-12 2:55 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-07-11 1:43 [bug#27649] Update man-db to 2.7.6.1 Leo Famulari
2017-07-11 20:53 ` Marius Bakke
2017-07-12 2:54 ` bug#27649: " Leo Famulari
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).