From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:37311) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dUkDd-0000No-8w for guix-patches@gnu.org; Mon, 10 Jul 2017 21:44:06 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dUkDa-0004YO-8O for guix-patches@gnu.org; Mon, 10 Jul 2017 21:44:05 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:58719) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dUkDa-0004Xz-3o for guix-patches@gnu.org; Mon, 10 Jul 2017 21:44:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1dUkDZ-0006Cf-TK for guix-patches@gnu.org; Mon, 10 Jul 2017 21:44:01 -0400 Subject: [bug#27649] Update man-db to 2.7.6.1 Resent-Message-ID: Received: from eggs.gnu.org ([2001:4830:134:3::10]:36609) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dUkCm-0000IQ-G4 for guix-patches@gnu.org; Mon, 10 Jul 2017 21:43:13 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dUkCj-0003wA-DX for guix-patches@gnu.org; Mon, 10 Jul 2017 21:43:12 -0400 Received: from out3-smtp.messagingengine.com ([66.111.4.27]:46399) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dUkCj-0003w2-94 for guix-patches@gnu.org; Mon, 10 Jul 2017 21:43:09 -0400 Received: from localhost (c-73-165-108-70.hsd1.pa.comcast.net [73.165.108.70]) by mail.messagingengine.com (Postfix) with ESMTPA id 8E0A02428E for ; Mon, 10 Jul 2017 21:43:08 -0400 (EDT) Date: Mon, 10 Jul 2017 21:43:07 -0400 From: Leo Famulari Message-ID: <20170711014307.GA25070@jasmine.lan> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="+pHx0qQiF2pBVqBT" Content-Disposition: inline List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: 27649@debbugs.gnu.org --+pHx0qQiF2pBVqBT Content-Type: multipart/mixed; boundary="IJpNTDwzlM2Ie8A6" Content-Disposition: inline --IJpNTDwzlM2Ie8A6 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline This updates man-db to the latest release, 2.7.6.1. I tested that the manual-database profile hook still works. For that, I had to pass the new configuration option 'disable-cache-owner', or else the test suite and manpage database generation would fail. See this commit for more info (Separate cache owner from --enable-setuid option): https://git.savannah.gnu.org/cgit/man-db.git/commit/?id=0f8b5518949866075c25787bdc4e9c064597c21e --IJpNTDwzlM2Ie8A6 Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="0001-gnu-man-db-Update-to-2.7.6.1-fixes-CVE-2015-1336.patch" Content-Transfer-Encoding: quoted-printable =46rom 0d04028ca5781b0ddeb2ae843a60934050c6f959 Mon Sep 17 00:00:00 2001 =46rom: Leo Famulari Date: Mon, 10 Jul 2017 15:04:58 -0400 Subject: [PATCH] gnu: man-db: Update to 2.7.6.1 [fixes CVE-2015-1336]. * gnu/packages/man.scm (man-db): Update to 2.7.6.1. [arguments]: Add '--disable-cache-owner' to #:configure-flags. --- gnu/packages/man.scm | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/gnu/packages/man.scm b/gnu/packages/man.scm index 101892a0a..0fdc69aea 100644 --- a/gnu/packages/man.scm +++ b/gnu/packages/man.scm @@ -57,14 +57,14 @@ a flexible and convenient way.") (define-public man-db (package (name "man-db") - (version "2.7.5") + (version "2.7.6.1") (source (origin (method url-fetch) (uri (string-append "mirror://savannah/man-db/man-db-" version ".tar.xz")) (sha256 (base32 - "056a3il7agfazac12yggcg4gf412yq34k065im0cpfxbcw6xskaw")))) + "0gqgs4zc3r87apns0k5qp689p2ylxx2596s2mkmkxjjay99brv88")))) (build-system gnu-build-system) (arguments '(#:phases @@ -93,7 +93,12 @@ a flexible and convenient way.") (xz (assoc-ref %build-inputs "xz")) (util (assoc-ref %build-inputs "util-linux"))) ;; Invoke groff, less, gzip, bzip2, and xz directly from the stor= e. - (append (list "--disable-setuid" ;; Disable setuid man user. + (append (list ;; Disable setuid man user. + "--disable-setuid" + ;; Don't constrain ownership of system-wide cache f= iles. + ;; Otherwise creating the manpage database fails wi= th + ;; with man-db > 2.7.5. + "--disable-cache-owner" (string-append "--with-pager=3D" less "/bin/less") (string-append "--with-gzip=3D" gzip "/bin/gzip") (string-append "--with-bzip2=3D" bzip2 "/bin/gzip") --=20 2.13.2 --IJpNTDwzlM2Ie8A6-- --+pHx0qQiF2pBVqBT Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAllkLSsACgkQJkb6MLrK fwhBRQ//cxF1xecRBeiu8tLr7mMq8aJHMvT9fDEwyu2IJIA9+ILVrd6c6AGJjLra kNx66n6iI/fYtVufHCdy5DUj96uqGZGwU2m8wcALDaZwGYdAy1sV0tXnHHHpr7j/ Xrl/bR2J8GaozSvMWBEfSa6ARz+39PsBLENiFa5HgV2W0ZOlEtZpnIWFR/HrVQhM JnX8e1Xq68HTvYKsVV2on+zvuzGjAzo1qlr5u/YV8WqWUdV/Q9sqaalDvfF+OTzN 13gUx12Jr491KikJQ+v2EtiK1DaiWHoCO3CtSKg8XnVn5n3PyEfBgNFnmqfeMPuy fQqKXJ1twK6oKH2LP/m+jwcx5m3sslD8b+c/ZsnU72maftQiKVdh1rvc3vtHAj4p mps/cjJ3dB3/t9Mhh8gkh9+luOyPfm2Qpm9QciYUHHOStqtcgU2qsZEXAZoBV7ME uLb8VIVamuZ9ZKyzurLqqe01l3JD95bOohkXB7bZS241H/wUcJ+47wKgOuBuHgS1 /2crX+GHl+TtRoaXXY1lou/mrin8nx7gW+jlnopwD7v0mMlJQa5TB1GD3aOa8AMg zims3lC+vAcCAq3FSGWJCiLl6bc/9rLiWI4tJXzjkoA9eyMChd55MJJvI+5MoSTz VjXBtOm+h+50owtHU24PNdVAjDw7PyoofjeZpimlhq9fZ9IBcGc= =Pdkr -----END PGP SIGNATURE----- --+pHx0qQiF2pBVqBT--