core185: Ship everything that is linked against XZ

This is a precautionary step to avoid that we have any issues to face because of a downgrade as new symbols have been added to liblzma 5.6.0. Furthermore, this should avoid shipping any traces of any other potential malware in XZ that has been added in 5.6.0 or after. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2026-04-28 11:43:25 +02:00 · 2024-03-30 12:07:22 +00:00
parent 16901fee6a
commit c283a6f615
17 changed files with 19 additions and 3 deletions
--- a/config/rootfiles/core/185/filelists/aarch64/boost
+++ b/config/rootfiles/core/185/filelists/aarch64/boost
@@ -0,0 +1 @@
 ../../../../common/aarch64/boost
--- a/config/rootfiles/core/185/filelists/aarch64/grub
+++ b/config/rootfiles/core/185/filelists/aarch64/grub
@@ -0,0 +1 @@
 ../../../../common/aarch64/grub
--- a/config/rootfiles/core/185/filelists/apache2
+++ b/config/rootfiles/core/185/filelists/apache2
@@ -0,0 +1 @@
 ../../../common/apache2
--- a/config/rootfiles/core/185/filelists/collectd
+++ b/config/rootfiles/core/185/filelists/collectd
@@ -0,0 +1 @@
 ../../../common/collectd
--- a/config/rootfiles/core/185/filelists/files
+++ b/config/rootfiles/core/185/filelists/files
@@ -50,6 +50,7 @@ srv/web/ipfire/cgi-bin/ids.cgi
 srv/web/ipfire/cgi-bin/index.cgi
 srv/web/ipfire/cgi-bin/ovpnmain.cgi
 srv/web/ipfire/cgi-bin/time.cgi
 usr/lib/python3.10/lib-dynload/_lzma.cpython-310-xxxMACHINExxx-linux-gnu.so
 usr/local/bin/update-ids-ruleset
 var/ipfire/backup/bin/backup.pl
 var/ipfire/ids-functions.pl
--- a/config/rootfiles/core/185/filelists/kmod
+++ b/config/rootfiles/core/185/filelists/kmod
@@ -0,0 +1 @@
 ../../../common/kmod
--- a/config/rootfiles/core/185/filelists/libarchive
+++ b/config/rootfiles/core/185/filelists/libarchive
@@ -0,0 +1 @@
 ../../../common/libarchive
--- a/config/rootfiles/core/185/filelists/libtiff
+++ b/config/rootfiles/core/185/filelists/libtiff
@@ -0,0 +1 @@
 ../../../common/libtiff
--- a/config/rootfiles/core/185/filelists/libxml2
+++ b/config/rootfiles/core/185/filelists/libxml2
@@ -0,0 +1 @@
 ../../../common/libxml2
--- a/config/rootfiles/core/185/filelists/riscv64/boost
+++ b/config/rootfiles/core/185/filelists/riscv64/boost
@@ -0,0 +1 @@
 ../../../../common/riscv64/boost
--- a/config/rootfiles/core/185/filelists/riscv64/grub
+++ b/config/rootfiles/core/185/filelists/riscv64/grub
@@ -0,0 +1 @@
 ../../../../common/riscv64/grub
--- a/config/rootfiles/core/185/filelists/x86_64/boost
+++ b/config/rootfiles/core/185/filelists/x86_64/boost
@@ -0,0 +1 @@
 ../../../../common/x86_64/boost
--- a/config/rootfiles/core/185/filelists/x86_64/grub
+++ b/config/rootfiles/core/185/filelists/x86_64/grub
@@ -0,0 +1 @@
 ../../../../common/x86_64/grub
--- a/config/rootfiles/core/185/update.sh
+++ b/config/rootfiles/core/185/update.sh
@@ -88,12 +88,15 @@ chmod -v 640 /etc/sudoers.d/*
 # Start services
 telinit u
 /etc/init.d/sshd restart
 /etc/init.d/apache restart
 /etc/init.d/suricata restart
 /etc/init.d/unbound restart
 /etc/init.d/ntp start
 if [ -f /var/ipfire/proxy/enable ]; then
 	/etc/init.d/squid start
 fi
 /etc/init.d/collectd restart
 ## Modify ovpnconfig according to bug 13548 for no-pass entry for N2N client connections
 # Check if ovpnconfig exists and is not empty
 if [ -s /var/ipfire/ovpn/ovpnconfig ]; then
--- a/lfs/foomatic
+++ b/lfs/foomatic
@@ -37,7 +37,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/foomatic-filters-$(VER_FILTERS)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = foomatic
-PAK_VER    = 9
+PAK_VER    = 10
 DEPS       = cups ghostscript hplip
--- a/lfs/sarg
+++ b/lfs/sarg
@@ -34,7 +34,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = sarg
-PAK_VER    = 6
+PAK_VER    = 7
 DEPS       =
--- a/lfs/tor
+++ b/lfs/tor
@@ -34,7 +34,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = tor
-PAK_VER    = 83
+PAK_VER    = 84
 DEPS       = libseccomp