wok rev 24891

lynx: use ncursesw (tanks ceel)
author Pascal Bellard <pascal.bellard@slitaz.org>
date Thu Apr 07 07:20:18 2022 +0000 (2022-04-07)
parents 9aa1f88b45db
children 81a0a7a51fa6
files lynx/receipt lynx/stuff/lynx-2.8.9rel.1-security_fix-1.patch partimage-pam/receipt partimage/receipt
line diff
     1.1 --- a/lynx/receipt	Tue Apr 05 09:06:43 2022 +0000
     1.2 +++ b/lynx/receipt	Thu Apr 07 07:20:18 2022 +0000
     1.3 @@ -6,14 +6,14 @@
     1.4  SHORT_DESC="Terminal-based text-only browser."
     1.5  MAINTAINER="samuel_trassare@yahoo.com"
     1.6  LICENSE="GPL2"
     1.7 -WEB_SITE="https://lynx.browser.org/"
     1.8 +WEB_SITE="https://lynx.invisible-island.net/"
     1.9  
    1.10  TARBALL="$PACKAGE${VERSION/rel/rel.}.tar.bz2"
    1.11  WGET_URL="https://invisible-mirror.net/archives/$PACKAGE/tarballs/$TARBALL"
    1.12  
    1.13  # Will require build dep libtirpc after glibc is upgraded to 2.14.
    1.14 -DEPENDS="libssl ncurses zlib"
    1.15 -BUILD_DEPENDS="ncurses-dev openssl-dev zlib-dev"
    1.16 +DEPENDS="libssl ncursesw zlib"
    1.17 +BUILD_DEPENDS="libtirpc ncursesw-dev openssl-dev zlib-dev patch"
    1.18  
    1.19  HOST_ARCH="i486 arm"
    1.20  
    1.21 @@ -27,6 +27,9 @@
    1.22  # Rules to configure and make the package.
    1.23  compile_rules()
    1.24  {
    1.25 +	# LFS security patch
    1.26 +	patch -Np1 -i $stuff/lynx-2.8.9rel.1-security_fix-1.patch || return 1
    1.27 +
    1.28  	./configure $CONFIGURE_ARGS	\
    1.29  		--sysconfdir=/etc	\
    1.30  		--mandir=/usr/share/man	\
    1.31 @@ -36,8 +39,9 @@
    1.32  		--with-ssl		\
    1.33  		--with-gnutls		\
    1.34  		--with-zlib		\
    1.35 +		--with-screen=ncursesw	\
    1.36  		--with-nss-compat &&
    1.37 -	make -j 1 && 
    1.38 +	make && 
    1.39  	make install
    1.40  }
    1.41  

     2.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     2.2 +++ b/lynx/stuff/lynx-2.8.9rel.1-security_fix-1.patch	Thu Apr 07 07:20:18 2022 +0000
     2.3 @@ -0,0 +1,43 @@
     2.4 +Submitted By:            Douglas R. Reno <renodr at linuxfromscratch dot org>
     2.5 +Date:                    2021-12-18
     2.6 +Initial Package Version: 2.8.9rel.1
     2.7 +Upstream Status:         Applied
     2.8 +Origin:                  Arch Linux (https://github.com/archlinux/svntogit-packages/blob/packages/lynx/trunk/CVE-2021-38165.diff)
     2.9 +Description:             Fixes CVE-2021-38165 in Lynx, which allows for
    2.10 +                         usernames and passwords to be transmitted in cleartext
    2.11 +                         anytime an HTTPS connection is used. 
    2.12 +
    2.13 +diff -Naurp lynx2.8.9rel.1.orig/WWW/Library/Implementation/HTTP.c lynx2.8.9rel.1/WWW/Library/Implementation/HTTP.c
    2.14 +--- lynx2.8.9rel.1.orig/WWW/Library/Implementation/HTTP.c	2018-05-04 15:07:43.000000000 -0500
    2.15 ++++ lynx2.8.9rel.1/WWW/Library/Implementation/HTTP.c	2021-12-18 14:12:57.503796366 -0600
    2.16 +@@ -761,6 +761,22 @@ static char *StripIpv6Brackets(char *hos
    2.17 +     return host;
    2.18 + }
    2.19 + #endif
    2.20 ++/*
    2.21 ++ * Remove user/password, if any, from the given host-string.
    2.22 ++ */
    2.23 ++#ifdef USE_SSL
    2.24 ++static char *StripUserAuthents(char *host)
    2.25 ++{
    2.26 ++   char *p = strchr(host, '@');
    2.27 ++
    2.28 ++   if (p != NULL) {
    2.29 ++      char *q = host;
    2.30 ++
    2.31 ++      while ((*q++ = *++p) != '\0') ;
    2.32 ++   }
    2.33 ++   return host;
    2.34 ++}
    2.35 ++#endif
    2.36 + 
    2.37 + /*		Load Document from HTTP Server			HTLoadHTTP()
    2.38 +  *		==============================
    2.39 +@@ -957,6 +973,7 @@ static int HTLoadHTTP(const char *arg,
    2.40 + 	/* get host we're connecting to */
    2.41 + 	ssl_host = HTParse(url, "", PARSE_HOST);
    2.42 + 	ssl_host = StripIpv6Brackets(ssl_host);
    2.43 ++	ssl_host = StripUserAuthents(ssl_host);
    2.44 + #if defined(USE_GNUTLS_FUNCS)
    2.45 + 	ret = gnutls_server_name_set(handle->gnutls_state,
    2.46 + 				     GNUTLS_NAME_DNS,

     3.1 --- a/partimage-pam/receipt	Tue Apr 05 09:06:43 2022 +0000
     3.2 +++ b/partimage-pam/receipt	Thu Apr 07 07:20:18 2022 +0000
     3.3 @@ -8,7 +8,7 @@
     3.4  LICENSE="GPL2"
     3.5  SOURCE="partimage"
     3.6  TARBALL="$SOURCE-$VERSION.tar.bz2"
     3.7 -WEB_SITE="http://www.partimage.org/"
     3.8 +WEB_SITE="https://www.partimage.org/"
     3.9  WGET_URL="$SF_MIRROR/$SOURCE/$TARBALL"
    3.10  PROVIDE="partimage:pam"
    3.11  

     4.1 --- a/partimage/receipt	Tue Apr 05 09:06:43 2022 +0000
     4.2 +++ b/partimage/receipt	Thu Apr 07 07:20:18 2022 +0000
     4.3 @@ -7,7 +7,7 @@
     4.4  MAINTAINER="erjo@slitaz.org"
     4.5  LICENSE="GPL2"
     4.6  TARBALL="$PACKAGE-$VERSION.tar.bz2"
     4.7 -WEB_SITE="http://www.partimage.org/"
     4.8 +WEB_SITE="https://www.partimage.org/"
     4.9  WGET_URL="$SF_MIRROR/$PACKAGE/$TARBALL"
    4.10  
    4.11  DEPENDS="newt bzip2 openssl slitaz-base-files zlib gcc-lib-base"