1 |
commit: e257f6423ddb801074392ee8f38b91e127e49a32 |
2 |
Author: Wes Cilldhaire <wes <AT> sol1 <DOT> com <DOT> au> |
3 |
AuthorDate: Mon Nov 28 03:10:01 2016 +0000 |
4 |
Commit: Mike Gilbert <floppym <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Nov 28 04:47:47 2016 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e257f642 |
7 |
|
8 |
net-nds/389-ds-base: Remove vulnerable versions |
9 |
|
10 |
CVE-2016-5416 CVE-2016-4992 CVE-2016-5405 |
11 |
|
12 |
Acked-by: wibrown <AT> redhat.com |
13 |
|
14 |
Package-Manager: portage-2.3.2 |
15 |
|
16 |
net-nds/389-ds-base/389-ds-base-1.3.4.8.ebuild | 140 ------------------------- |
17 |
net-nds/389-ds-base/389-ds-base-1.3.5.4.ebuild | 125 ---------------------- |
18 |
net-nds/389-ds-base/Manifest | 2 - |
19 |
3 files changed, 267 deletions(-) |
20 |
|
21 |
diff --git a/net-nds/389-ds-base/389-ds-base-1.3.4.8.ebuild b/net-nds/389-ds-base/389-ds-base-1.3.4.8.ebuild |
22 |
deleted file mode 100644 |
23 |
index 1b11155..00000000 |
24 |
--- a/net-nds/389-ds-base/389-ds-base-1.3.4.8.ebuild |
25 |
+++ /dev/null |
26 |
@@ -1,140 +0,0 @@ |
27 |
-# Copyright 1999-2016 Gentoo Foundation |
28 |
-# Distributed under the terms of the GNU General Public License v2 |
29 |
-# $Id$ |
30 |
- |
31 |
-EAPI=5 |
32 |
- |
33 |
-WANT_AUTOMAKE="1.9" |
34 |
- |
35 |
-inherit user eutils multilib flag-o-matic autotools |
36 |
- |
37 |
-DESCRIPTION="389 Directory Server (core librares and daemons )" |
38 |
-HOMEPAGE="http://port389.org/" |
39 |
-SRC_URI="http://directory.fedoraproject.org/sources/${P}.tar.bz2" |
40 |
- |
41 |
-LICENSE="GPL-3+" |
42 |
-SLOT="0" |
43 |
-KEYWORDS="~amd64 ~x86" |
44 |
-IUSE="autobind auto-dn-suffix debug doc +pam-passthru +dna +ldapi +bitwise +presence kerberos selinux" |
45 |
- |
46 |
-# Pinned to db:4.8 as it is the current stable, can change to a later db version < 6 when they stabilize. |
47 |
-# The --with-db-inc line in econf will need to be updated as well when changing db version. |
48 |
-COMMON_DEPEND=" |
49 |
- sys-libs/db:4.8 |
50 |
- >=dev-libs/cyrus-sasl-2.1.19 |
51 |
- >=net-analyzer/net-snmp-5.1.2 |
52 |
- >=dev-libs/icu-3.4:= |
53 |
- dev-libs/nss[utils] |
54 |
- dev-libs/nspr |
55 |
- dev-libs/svrcore |
56 |
- dev-libs/openssl:0= |
57 |
- dev-libs/libpcre:3 |
58 |
- >=dev-perl/perl-mozldap-1.5.3 |
59 |
- dev-perl/NetAddr-IP |
60 |
- net-nds/openldap |
61 |
- sys-libs/pam |
62 |
- sys-libs/zlib |
63 |
- kerberos? ( >=app-crypt/mit-krb5-1.7-r100[openldap] )" |
64 |
- |
65 |
-DEPEND="${COMMON_DEPEND} |
66 |
- virtual/pkgconfig |
67 |
- doc? ( app-doc/doxygen )" |
68 |
- |
69 |
-RDEPEND="${COMMON_DEPEND} |
70 |
- selinux? ( sec-policy/selinux-dirsrv ) |
71 |
- virtual/perl-Time-Local |
72 |
- virtual/perl-MIME-Base64" |
73 |
- |
74 |
-pkg_setup() { |
75 |
- enewgroup dirsrv |
76 |
- enewuser dirsrv -1 -1 -1 dirsrv |
77 |
-} |
78 |
- |
79 |
-src_prepare() { |
80 |
- #0001-Ticket-47840-add-configure-option-to-disable-instanc.patch |
81 |
- epatch "${FILESDIR}/389-ds-base-1.3.4-no-instance-script.patch" |
82 |
- |
83 |
- # as per 389 documentation, when 64bit, export USE_64 |
84 |
- use amd64 && export USE_64=1 |
85 |
- |
86 |
- # This will be changed in 1.3.5.X |
87 |
- sed -i -e 's/nobody/dirsrv/g' configure.ac || die "sed failed on configure.ac" |
88 |
- eautoreconf |
89 |
- |
90 |
- append-lfs-flags |
91 |
-} |
92 |
- |
93 |
-src_configure() { |
94 |
- # for 1.3.5.X, will add --enable-gcc-security. |
95 |
- # auto-dn-suffix currently throws warning in configure script, |
96 |
- # see https://fedorahosted.org/389/ticket/48710 |
97 |
- econf \ |
98 |
- $(use_enable debug) \ |
99 |
- $(use_enable pam-passthru) \ |
100 |
- $(use_enable ldapi) \ |
101 |
- $(use_enable autobind) \ |
102 |
- $(use_enable dna) \ |
103 |
- $(use_enable bitwise) \ |
104 |
- $(use_enable presence) \ |
105 |
- $(use_with kerberos) \ |
106 |
- $(use_enable debug) \ |
107 |
- $(use_enable auto-dn-suffix) \ |
108 |
- --enable-maintainer-mode \ |
109 |
- --with-fhs \ |
110 |
- --with-openldap \ |
111 |
- --sbindir=/usr/sbin \ |
112 |
- --bindir=/usr/bin \ |
113 |
- --with-db-inc=/usr/include/db4.8 |
114 |
- |
115 |
-} |
116 |
- |
117 |
-src_compile() { |
118 |
- default |
119 |
- if use doc; then |
120 |
- doxygen slapi.doxy || die "cannot run doxygen" |
121 |
- fi |
122 |
-} |
123 |
- |
124 |
-src_install () { |
125 |
- emake DESTDIR="${D}" install |
126 |
- |
127 |
- # remove redhat style init script |
128 |
- rm -rf "${D}"/etc/rc.d || die |
129 |
- # Needs a config option to remove this. |
130 |
- rm -rf "${D}"/etc/default || die |
131 |
- |
132 |
- # and install gentoo style init script |
133 |
- # Get these merged upstream |
134 |
- newinitd "${FILESDIR}"/389-ds.initd-r1 389-ds |
135 |
- newinitd "${FILESDIR}"/389-ds-snmp.initd 389-ds-snmp |
136 |
- |
137 |
- # cope with libraries being in /usr/lib/dirsrv |
138 |
- dodir /etc/env.d |
139 |
- echo "LDPATH=/usr/$(get_libdir)/dirsrv" > "${D}"/etc/env.d/08dirsrv |
140 |
- |
141 |
- if use doc; then |
142 |
- cd "${S}" || die |
143 |
- docinto html/ |
144 |
- dodoc -r docs/html/. |
145 |
- fi |
146 |
-} |
147 |
- |
148 |
-pkg_postinst() { |
149 |
- echo |
150 |
- elog "If you are planning to use 389-ds-snmp (ldap-agent)," |
151 |
- elog "make sure to properly configure: /etc/dirsrv/config/ldap-agent.conf" |
152 |
- elog "adding proper 'server' entries, and adding the lines below to" |
153 |
- elog " => /etc/snmp/snmpd.conf" |
154 |
- elog |
155 |
- elog "master agentx" |
156 |
- elog "agentXSocket /var/agentx/master" |
157 |
- elog |
158 |
- elog "To start 389 Directory Server (LDAP service) at boot:" |
159 |
- elog |
160 |
- elog " rc-update add 389-ds default" |
161 |
- elog |
162 |
- elog "If you are upgrading from previous 1.2.6 release candidates" |
163 |
- elog "please see:" |
164 |
- elog "http://directory.fedoraproject.org/wiki/Subtree_Rename#warning:_upgrade_from_389_v1.2.6_.28a.3F.2C_rc1_.7E_rc6.29_to_v1.2.6_rc6_or_newer" |
165 |
- echo |
166 |
-} |
167 |
|
168 |
diff --git a/net-nds/389-ds-base/389-ds-base-1.3.5.4.ebuild b/net-nds/389-ds-base/389-ds-base-1.3.5.4.ebuild |
169 |
deleted file mode 100644 |
170 |
index 91f5ab9..00000000 |
171 |
--- a/net-nds/389-ds-base/389-ds-base-1.3.5.4.ebuild |
172 |
+++ /dev/null |
173 |
@@ -1,125 +0,0 @@ |
174 |
-# Copyright 1999-2016 Gentoo Foundation |
175 |
-# Distributed under the terms of the GNU General Public License v2 |
176 |
-# $Id$ |
177 |
- |
178 |
-EAPI=5 |
179 |
- |
180 |
-WANT_AUTOMAKE="1.13" |
181 |
- |
182 |
-inherit user eutils multilib flag-o-matic autotools |
183 |
- |
184 |
-DESCRIPTION="389 Directory Server (core librares and daemons )" |
185 |
-HOMEPAGE="http://port389.org/" |
186 |
-SRC_URI="http://directory.fedoraproject.org/sources/${P}.tar.bz2" |
187 |
- |
188 |
-LICENSE="GPL-3+" |
189 |
-SLOT="0" |
190 |
-KEYWORDS="~amd64 ~x86" |
191 |
-IUSE="autobind auto-dn-suffix debug doc +pam-passthru +dna +ldapi +bitwise +presence kerberos selinux" |
192 |
- |
193 |
-# Pinned to db:4.8 as it is the current stable, can change to a later db version < 6 when they stabilize. |
194 |
-# The --with-db-inc line in econf will need to be updated as well when changing db version. |
195 |
-COMMON_DEPEND=" |
196 |
- sys-libs/db:4.8 |
197 |
- >=dev-libs/cyrus-sasl-2.1.19 |
198 |
- >=net-analyzer/net-snmp-5.1.2 |
199 |
- >=dev-libs/icu-3.4:= |
200 |
- dev-libs/nss[utils] |
201 |
- dev-libs/nspr |
202 |
- >=dev-libs/svrcore-4.1.2 |
203 |
- dev-libs/openssl:0= |
204 |
- dev-libs/libpcre:3 |
205 |
- >=dev-perl/perl-mozldap-1.5.3 |
206 |
- dev-perl/NetAddr-IP |
207 |
- net-nds/openldap |
208 |
- sys-libs/pam |
209 |
- sys-libs/zlib |
210 |
- kerberos? ( >=app-crypt/mit-krb5-1.7-r100[openldap] )" |
211 |
- |
212 |
-DEPEND="${COMMON_DEPEND} |
213 |
- virtual/pkgconfig |
214 |
- doc? ( app-doc/doxygen )" |
215 |
- |
216 |
-RDEPEND="${COMMON_DEPEND} |
217 |
- selinux? ( sec-policy/selinux-dirsrv ) |
218 |
- virtual/perl-Time-Local |
219 |
- virtual/perl-MIME-Base64" |
220 |
- |
221 |
-pkg_setup() { |
222 |
- enewgroup dirsrv |
223 |
- enewuser dirsrv -1 -1 -1 dirsrv |
224 |
-} |
225 |
- |
226 |
-src_prepare() { |
227 |
- # as per 389 documentation, when 64bit, export USE_64 |
228 |
- use amd64 && export USE_64=1 |
229 |
- |
230 |
- eautoreconf |
231 |
- |
232 |
- append-lfs-flags |
233 |
-} |
234 |
- |
235 |
-src_configure() { |
236 |
- econf \ |
237 |
- $(use_enable debug) \ |
238 |
- $(use_enable pam-passthru) \ |
239 |
- $(use_enable ldapi) \ |
240 |
- $(use_enable autobind) \ |
241 |
- $(use_enable dna) \ |
242 |
- $(use_enable bitwise) \ |
243 |
- $(use_enable presence) \ |
244 |
- $(use_with kerberos) \ |
245 |
- $(use_enable debug) \ |
246 |
- $(use_enable auto-dn-suffix) \ |
247 |
- --with-initddir=no \ |
248 |
- --enable-maintainer-mode \ |
249 |
- --with-fhs \ |
250 |
- --with-openldap \ |
251 |
- --sbindir=/usr/sbin \ |
252 |
- --bindir=/usr/bin \ |
253 |
- --with-db-inc=/usr/include/db4.8 |
254 |
- |
255 |
-} |
256 |
- |
257 |
-src_compile() { |
258 |
- default |
259 |
- if use doc; then |
260 |
- doxygen slapi.doxy || die "cannot run doxygen" |
261 |
- fi |
262 |
-} |
263 |
- |
264 |
-src_install () { |
265 |
- emake DESTDIR="${D}" install |
266 |
- |
267 |
- # Install gentoo style init script |
268 |
- # Get these merged upstream |
269 |
- newinitd "${FILESDIR}"/389-ds.initd-r1 389-ds |
270 |
- newinitd "${FILESDIR}"/389-ds-snmp.initd 389-ds-snmp |
271 |
- |
272 |
- # cope with libraries being in /usr/lib/dirsrv |
273 |
- dodir /etc/env.d |
274 |
- echo "LDPATH=/usr/$(get_libdir)/dirsrv" > "${D}"/etc/env.d/08dirsrv |
275 |
- |
276 |
- if use doc; then |
277 |
- cd "${S}" || die |
278 |
- docinto html/ |
279 |
- dodoc -r docs/html/. |
280 |
- fi |
281 |
-} |
282 |
- |
283 |
-pkg_postinst() { |
284 |
- echo |
285 |
- elog "If you are planning to use 389-ds-snmp (ldap-agent)," |
286 |
- elog "make sure to properly configure: /etc/dirsrv/config/ldap-agent.conf" |
287 |
- elog "adding proper 'server' entries, and adding the lines below to" |
288 |
- elog " => /etc/snmp/snmpd.conf" |
289 |
- elog |
290 |
- elog "master agentx" |
291 |
- elog "agentXSocket /var/agentx/master" |
292 |
- elog |
293 |
- elog "To start 389 Directory Server (LDAP service) at boot:" |
294 |
- elog |
295 |
- elog " rc-update add 389-ds default" |
296 |
- elog |
297 |
- echo |
298 |
-} |
299 |
|
300 |
diff --git a/net-nds/389-ds-base/Manifest b/net-nds/389-ds-base/Manifest |
301 |
index a329a84..241261f 100644 |
302 |
--- a/net-nds/389-ds-base/Manifest |
303 |
+++ b/net-nds/389-ds-base/Manifest |
304 |
@@ -1,4 +1,2 @@ |
305 |
DIST 389-ds-base-1.3.4.14.tar.bz2 3433905 SHA256 4408e61c52dc56d8e0ffee530dde70c2af00aa86b385cc40b389ef8bcce55aaa SHA512 1043b3e3437d1d24d1eec54c5c5ca39692151d05b8eb035224db78e68a1f4011bd2e0916f54609387903e2bbe9345f954be5c0a578f90a107958f74604908d6c WHIRLPOOL f2bf87c450c870ad1b886000f49f5d1b6def760c9b1634cffe4871da755932d43cb9253bebe12092032359097a7786e9d29fc64d4326fb3a079a79163a2ccc01 |
306 |
-DIST 389-ds-base-1.3.4.8.tar.bz2 3396105 SHA256 a00468afcfa50de375f921a827a04dd53b6a11b632982bb0db98cafca509e701 SHA512 ac85223cb38d4cebb3ff61b23e3c0312b0cd30a0c6bf0d9644842c6ecfbc9379ea4a639c80b3e78a13a67f273342fec78e9ecf4672cc72e289d72d74c2fa0d8f WHIRLPOOL 4c7645be5b70c108ef437aaf6d50293a99fa6a552c859f649904c6974c8830e5bf96286a0f998c5d187c1f66f3e0922bbe1e756889e6b0a33e8d9db56f0aa005 |
307 |
DIST 389-ds-base-1.3.5.15.tar.bz2 3554197 SHA256 21dd81525422b64d2760144a4dedf1d3351ecdea7e8e40ae97cd7645b2b527fc SHA512 af1e82f5de80e493241c9d58f0127cd24517e18305ec0ba918bff8b2fa96dc69b32d7172d9b411a544251abfc04098ea9d0c1b41bf9d88e6caaaeae9cb15200b WHIRLPOOL 6f07f20e54dc9e8d7ff2c519d5826f0606d1a2d9113ba2441cdc600790f844f3b02b2d334f111fddaded50e87fc1a6cdca38a5cfe294c4f3d20930b5756c943c |
308 |
-DIST 389-ds-base-1.3.5.4.tar.bz2 3520056 SHA256 a82f78e56473db4c3aca7a73e012fcd66a508d3b4734bb54936974e4272739b8 SHA512 0cf3a1e403bc6d417525f908263d59689bbee1db887c5ba552fdae28252a59c37ee8e47ec29c48eb18fc1384652b94667f5768df87602f4c37b86d7ef0df284e WHIRLPOOL 1300126fe21c2adcb014364ead33f6766475f2b9dbe43531a11284a0ba21f61e63591804ec227aa118378482e91b34ef44f60f600fa4da5416b68176b2bb1b7b |