lynx 2.8.9rel.1-1

2024-11-18 20:59:21 +08:00 · 2024-11-18 20:59:21 +08:00 · 20c4a7381e
commit 20c4a7381e
2 changed files with 97 additions and 0 deletions
--- a/54
+++ b/54
@ -0,0 +1,54 @@
+# Maintainer: Future Linux Team <futurelinux@163.com>
+
+pkgname=lynx
+pkgver=2.8.9rel.1
+pkgrel=1
+pkgdesc="A text browser for the World Wide Web"
+arch=('x86_64')
+url="https://lynx.invisible-island.net/"
+license=('GPL-2.0-only')
+depends=('brotli' 'bzip2' 'glibc' 'libidn2' 'ncurses' 'openssl' 'zlib')
+backup=(etc/lynx/lynx.cfg)
+options=('!lto')
+source=(https://invisible-mirror.net/archives/lynx/tarballs/${pkgname}${pkgver}.tar.bz2
+	${pkgname}-${pkgver}-security_fix-1.patch)
+sha256sums=(387f193d7792f9cfada14c60b0e5c0bff18f227d9257a39483e14fa1aaf79595
+	35c4bd61c8bce6887efeeb0979d39dc65a8ebf9df4433df45362ce7a970f02f6)
+
+prepare() {
+	cd ${pkgname}${pkgver}
+
+	patch -Np1 -i ${srcdir}/${pkgname}-${pkgver}-security_fix-1.patch
+}
+
+build() {
+	cd ${pkgname}${pkgver}
+
+	${CONFIGURE}     \
+		--sysconfdir=/etc/lynx  \
+		--with-zlib             \
+		--with-bzlib            \
+		--with-ssl              \
+		--with-screen=ncursesw  \
+		--enable-locale-charset \
+		--enable-ipv6           \
+		--enable-nls            \
+		--datadir=/usr/share/doc/${pkgname}-${pkgver}
+
+	make
+}
+
+package() {
+	cd ${pkgname}${pkgver}
+
+	make DESTDIR=${pkgdir} install-full
+
+	chgrp -v -R root ${pkgdir}/usr/share/doc/${pkgname}-${pkgver}/lynx_doc
+
+	sed -e '/#LOCALE/     a LOCALE_CHARSET:TRUE'     \
+		-i ${pkgdir}/etc/lynx/lynx.cfg
+	sed -e '/#DEFAULT_ED/ a DEFAULT_EDITOR:vi'       \
+		-i ${pkgdir}/etc/lynx/lynx.cfg
+	sed -e '/#PERSIST/    a PERSISTENT_COOKIES:TRUE' \
+		-i ${pkgdir}/etc/lynx/lynx.cfg
+}
--- a/lynx-2.8.9rel.1-security_fix-1.patch
+++ b/lynx-2.8.9rel.1-security_fix-1.patch
@ -0,0 +1,43 @@
+Submitted By:            Douglas R. Reno <renodr at linuxfromscratch dot org>
+Date:                    2021-12-18
+Initial Package Version: 2.8.9rel.1
+Upstream Status:         Applied
+Origin:                  Arch Linux (https://github.com/archlinux/svntogit-packages/blob/packages/lynx/trunk/CVE-2021-38165.diff)
+Description:             Fixes CVE-2021-38165 in Lynx, which allows for
+                         usernames and passwords to be transmitted in cleartext
+                         anytime an HTTPS connection is used. 
+
+diff -Naurp lynx2.8.9rel.1.orig/WWW/Library/Implementation/HTTP.c lynx2.8.9rel.1/WWW/Library/Implementation/HTTP.c
+--- lynx2.8.9rel.1.orig/WWW/Library/Implementation/HTTP.c	2018-05-04 15:07:43.000000000 -0500
+++ lynx2.8.9rel.1/WWW/Library/Implementation/HTTP.c	2021-12-18 14:12:57.503796366 -0600
+@@ -761,6 +761,22 @@ static char *StripIpv6Brackets(char *hos
+     return host;
+ }
+ #endif
+/*
+ * Remove user/password, if any, from the given host-string.
+ */
+#ifdef USE_SSL
+static char *StripUserAuthents(char *host)
+{
+   char *p = strchr(host, '@');
+
+   if (p != NULL) {
+      char *q = host;
+
+      while ((*q++ = *++p) != '\0') ;
+   }
+   return host;
+}
+#endif
+ 
+ /*		Load Document from HTTP Server			HTLoadHTTP()
+  *		==============================
+@@ -957,6 +973,7 @@ static int HTLoadHTTP(const char *arg,
+ 	/* get host we're connecting to */
+ 	ssl_host = HTParse(url, "", PARSE_HOST);
+ 	ssl_host = StripIpv6Brackets(ssl_host);
+   ssl_host = StripUserAuthents(ssl_host);
+ #if defined(USE_GNUTLS_FUNCS)
+ 	ret = gnutls_server_name_set(handle->gnutls_state,
+ 				     GNUTLS_NAME_DNS,