summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFabian Groffen <grobian@gentoo.org>2017-11-15 16:31:41 +0100
committerFabian Groffen <grobian@gentoo.org>2017-11-15 16:31:41 +0100
commitab12f95ca1503bbcf12964e3d4d5673993f422a1 (patch)
tree51397b3ec19ead701df8939567407efa876f3f96 /app-arch
parentdev-libs/glib: sync (diff)
downloadprefix-ab12f95ca1503bbcf12964e3d4d5673993f422a1.tar.gz
prefix-ab12f95ca1503bbcf12964e3d4d5673993f422a1.tar.bz2
prefix-ab12f95ca1503bbcf12964e3d4d5673993f422a1.zip
app-arch/bzip2: sync for CVE, bug #637572
Bug: https://bugs.gentoo.org/637572 Package-Manager: Portage-2.3.13-prefix, Repoman-2.3.4
Diffstat (limited to 'app-arch')
-rw-r--r--app-arch/bzip2/bzip2-1.0.6-r1.ebuild113
-rw-r--r--app-arch/bzip2/bzip2-1.0.6-r3.ebuild121
-rw-r--r--app-arch/bzip2/bzip2-1.0.6-r8.ebuild (renamed from app-arch/bzip2/bzip2-1.0.6-r7.ebuild)65
-rw-r--r--app-arch/bzip2/files/bzip2-1.0.6-CVE-2016-3189.patch18
4 files changed, 43 insertions, 274 deletions
diff --git a/app-arch/bzip2/bzip2-1.0.6-r1.ebuild b/app-arch/bzip2/bzip2-1.0.6-r1.ebuild
deleted file mode 100644
index a88f13ce09..0000000000
--- a/app-arch/bzip2/bzip2-1.0.6-r1.ebuild
+++ /dev/null
@@ -1,113 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-arch/bzip2/bzip2-1.0.6-r1.ebuild,v 1.1 2010/09/23 09:19:49 vapier Exp $
-
-inherit eutils multilib toolchain-funcs flag-o-matic prefix
-
-DESCRIPTION="A high-quality data compressor used extensively by Gentoo Linux"
-HOMEPAGE="http://www.bzip.org/"
-SRC_URI="http://www.bzip.org/${PV}/${P}.tar.gz"
-
-LICENSE="BZIP2"
-SLOT="0"
-KEYWORDS="~ppc-aix ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt"
-IUSE="static"
-
-src_unpack() {
- unpack ${A}
- cd "${S}"
- epatch "${FILESDIR}"/${PN}-1.0.4-makefile-CFLAGS.patch
- epatch "${FILESDIR}"/${PN}-1.0.6-saneso.patch
- epatch "${FILESDIR}"/${PN}-1.0.4-man-links.patch #172986
- epatch "${FILESDIR}"/${PN}-1.0.2-progress.patch
- epatch "${FILESDIR}"/${PN}-1.0.3-no-test.patch
- epatch "${FILESDIR}"/${PN}-1.0.4-POSIX-shell.patch #193365
- epatch "${FILESDIR}"/${PN}-1.0.5-checkenv.patch # for AIX, Darwin?
- epatch "${FILESDIR}"/${PN}-1.0.4-prefix.patch
- eprefixify bz{diff,grep,more}
- # this a makefile for Darwin, which already "includes" saneso
- cp "${FILESDIR}"/${P}-Makefile-libbz2_dylib Makefile-libbz2_dylib || die
-
- # - Use right man path
- # - Generate symlinks instead of hardlinks
- # - pass custom variables to control libdir
- sed -i \
- -e 's:\$(PREFIX)/man:\$(PREFIX)/share/man:g' \
- -e 's:ln -s -f $(PREFIX)/bin/:ln -s :' \
- -e 's:$(PREFIX)/lib:$(PREFIX)/$(LIBDIR):g' \
- Makefile || die
-
- if [[ ${CHOST} == *-hpux* ]] ; then
- sed -i -e 's,-soname,+h,' Makefile-libbz2_so || die "cannot replace -soname with +h"
- if [[ ${CHOST} == hppa*-hpux* && ${CHOST} != hppa64*-hpux* ]] ; then
- sed -i -e '/^SOEXT/s,so,sl,' Makefile-libbz2_so || die "cannot replace so with sl"
- sed -i -e '/^SONAME/s,=,=${EPREFIX}/lib/,' Makefile-libbz2_so || die "cannt set soname"
- fi
- elif [[ ${CHOST} == *-interix* ]] ; then
- sed -i -e 's,-soname,-h,' Makefile-libbz2_so || die "cannot replace -soname with -h"
- sed -i -e 's,-fpic,,' -e 's,-fPIC,,' Makefile-libbz2_so || die "cannot replace pic options"
- fi
-}
-
-bemake() {
- emake \
- CC="$(tc-getCC)" \
- AR="$(tc-getAR)" \
- RANLIB="$(tc-getRANLIB)" \
- "$@" || die
-}
-src_compile() {
- local checkopts=
- case "${CHOST}" in
- *-darwin*)
- bemake PREFIX="${EPREFIX}"/usr -f Makefile-libbz2_dylib || die
- ;;
- *-mint*)
- # do nothing, no shared libraries
- :
- ;;
- *)
- bemake -f Makefile-libbz2_so all || die
- ;;
- esac
- use static && append-flags -static
- bemake all || die
-}
-
-src_install() {
- make PREFIX="${D}${EPREFIX}"/usr LIBDIR="$(get_libdir)" install || die
- dodoc README* CHANGES bzip2.txt manual.*
-
- if [[ $(get_libname) != ".irrelevant" ]] ; then
-
- # Install the shared lib manually. We install:
- # .x.x.x - standard shared lib behavior
- # .x.x - SONAME some distros use #338321
- # .x - SONAME Gentoo uses
- dolib.so libbz2$(get_libname ${PV}) || die
- local s
- for v in libbz2$(get_libname) libbz2$(get_libname ${PV%%.*}) libbz2$(get_libname ${PV%.*}) ; do
- dosym libbz2$(get_libname ${PV}) /usr/$(get_libdir)/${v} || die
- done
- gen_usr_ldscript -a bz2
-
- if ! use static ; then
- newbin bzip2-shared bzip2 || die
- fi
-
- fi
-
- # move "important" bzip2 binaries to /bin and use the shared libbz2.so
- dodir /bin
- mv "${ED}"/usr/bin/b{zip2,zcat,unzip2} "${ED}"/bin/ || die
- dosym bzip2 /bin/bzcat || die
- dosym bzip2 /bin/bunzip2 || die
-
- if [[ ${CHOST} == *-winnt* ]]; then
- dolib.so libbz2$(get_libname ${PV}).dll || die "dolib shared"
-
- # on windows, we want to continue using bzip2 from interix.
- # building bzip2 on windows gives the libraries only!
- rm -rf "${ED}"/bin "${ED}"/usr/bin
- fi
-}
diff --git a/app-arch/bzip2/bzip2-1.0.6-r3.ebuild b/app-arch/bzip2/bzip2-1.0.6-r3.ebuild
deleted file mode 100644
index a4a4c6147d..0000000000
--- a/app-arch/bzip2/bzip2-1.0.6-r3.ebuild
+++ /dev/null
@@ -1,121 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-arch/bzip2/bzip2-1.0.6-r3.ebuild,v 1.12 2014/01/18 01:43:22 vapier Exp $
-
-# XXX: atm, libbz2.a is always PIC :(, so it is always built quickly
-# (since we're building shared libs) ...
-
-EAPI="2"
-
-inherit eutils multilib toolchain-funcs flag-o-matic prefix
-
-DESCRIPTION="A high-quality data compressor used extensively by Gentoo Linux"
-HOMEPAGE="http://www.bzip.org/"
-SRC_URI="http://www.bzip.org/${PV}/${P}.tar.gz"
-
-LICENSE="BZIP2"
-SLOT="0"
-KEYWORDS="~ppc-aix ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt"
-IUSE="static static-libs"
-
-src_prepare() {
- epatch "${FILESDIR}"/${PN}-1.0.4-makefile-CFLAGS.patch
- epatch "${FILESDIR}"/${PN}-1.0.6-saneso.patch
- epatch "${FILESDIR}"/${PN}-1.0.4-man-links.patch #172986
- epatch "${FILESDIR}"/${PN}-1.0.6-progress.patch
- epatch "${FILESDIR}"/${PN}-1.0.3-no-test.patch
- epatch "${FILESDIR}"/${PN}-1.0.4-POSIX-shell.patch #193365
- epatch "${FILESDIR}"/${PN}-1.0.6-mingw.patch #393573
-
- epatch "${FILESDIR}"/${PN}-1.0.5-checkenv.patch # for AIX, Darwin?
- epatch "${FILESDIR}"/${PN}-1.0.4-prefix.patch
- eprefixify bz{diff,grep,more}
- # this a makefile for Darwin, which already "includes" saneso
- cp "${FILESDIR}"/${P}-Makefile-libbz2_dylib Makefile-libbz2_dylib || die
-
- # - Use right man path
- # - Generate symlinks instead of hardlinks
- # - pass custom variables to control libdir
- sed -i \
- -e 's:\$(PREFIX)/man:\$(PREFIX)/share/man:g' \
- -e 's:ln -s -f $(PREFIX)/bin/:ln -s :' \
- -e 's:$(PREFIX)/lib:$(PREFIX)/$(LIBDIR):g' \
- Makefile || die
-
- if [[ ${CHOST} == *-hpux* ]] ; then
- sed -i -e 's,-soname,+h,' Makefile-libbz2_so || die "cannot replace -soname with +h"
- if [[ ${CHOST} == hppa*-hpux* && ${CHOST} != hppa64*-hpux* ]] ; then
- sed -i -e '/^SOEXT/s,so,sl,' Makefile-libbz2_so || die "cannot replace so with sl"
- sed -i -e '/^SONAME/s,=,=${EPREFIX}/lib/,' Makefile-libbz2_so || die "cannt set soname"
- fi
- elif [[ ${CHOST} == *-interix* ]] ; then
- sed -i -e 's,-soname,-h,' Makefile-libbz2_so || die "cannot replace -soname with -h"
- sed -i -e 's,-fpic,,' -e 's,-fPIC,,' Makefile-libbz2_so || die "cannot replace pic options"
- fi
-}
-
-bemake() {
- emake \
- CC="$(tc-getCC)" \
- AR="$(tc-getAR)" \
- RANLIB="$(tc-getRANLIB)" \
- "$@" || die
-}
-src_compile() {
- local checkopts=
- case "${CHOST}" in
- *-darwin*)
- bemake PREFIX="${EPREFIX}"/usr -f Makefile-libbz2_dylib || die
- ;;
- *-mint*)
- # do nothing, no shared libraries
- :
- ;;
- *)
- bemake -f Makefile-libbz2_so all || die
- ;;
- esac
- use static && append-flags -static
- bemake all || die
-}
-
-src_install() {
- make PREFIX="${D}${EPREFIX}"/usr LIBDIR="$(get_libdir)" install || die
- dodoc README* CHANGES bzip2.txt manual.*
-
- if [[ $(get_libname) != ".irrelevant" ]] ; then
-
- if ! use static ; then
- newbin bzip2-shared bzip2 || die
- fi
- if ! use static-libs ; then
- rm -f "${ED}"/usr/lib*/libbz2.a || die
- fi
-
- # move "important" bzip2 binaries to /bin and use the shared libbz2.so
- dodir /bin
- mv "${ED}"/usr/bin/b{zip2,zcat,unzip2} "${ED}"/bin/ || die
- dosym bzip2 /bin/bzcat || die
- dosym bzip2 /bin/bunzip2 || die
-
- # Install the shared lib manually. We install:
- # .x.x.x - standard shared lib behavior
- # .x.x - SONAME some distros use #338321
- # .x - SONAME Gentoo uses
- dolib.so libbz2$(get_libname ${PV}) || die
- local s
- for v in libbz2$(get_libname) libbz2$(get_libname ${PV%%.*}) libbz2$(get_libname ${PV%.*}) ; do
- dosym libbz2$(get_libname ${PV}) /usr/$(get_libdir)/${v} || die
- done
- gen_usr_ldscript -a bz2
-
- fi
-
- if [[ ${CHOST} == *-winnt* ]]; then
- dolib.so libbz2$(get_libname ${PV}).dll || die "dolib shared"
-
- # on windows, we want to continue using bzip2 from interix.
- # building bzip2 on windows gives the libraries only!
- rm -rf "${ED}"/bin "${ED}"/usr/bin
- fi
-}
diff --git a/app-arch/bzip2/bzip2-1.0.6-r7.ebuild b/app-arch/bzip2/bzip2-1.0.6-r8.ebuild
index fa785fc384..eeb7f85da2 100644
--- a/app-arch/bzip2/bzip2-1.0.6-r7.ebuild
+++ b/app-arch/bzip2/bzip2-1.0.6-r8.ebuild
@@ -1,11 +1,10 @@
# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-arch/bzip2/bzip2-1.0.6-r7.ebuild,v 1.2 2014/04/28 17:18:31 mgorny Exp $
# XXX: atm, libbz2.a is always PIC :(, so it is always built quickly
# (since we're building shared libs) ...
-EAPI=4
+EAPI=5
inherit eutils toolchain-funcs multilib multilib-minimal prefix
@@ -14,30 +13,27 @@ HOMEPAGE="http://www.bzip.org/"
SRC_URI="http://www.bzip.org/${PV}/${P}.tar.gz"
LICENSE="BZIP2"
-SLOT="0"
+SLOT="0/1" # subslot = SONAME
KEYWORDS="~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt"
IUSE="static static-libs"
-RDEPEND="abi_x86_32? (
- !<=app-emulation/emul-linux-x86-baselibs-20130224
- !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
- )"
+PATCHES=(
+ "${FILESDIR}"/${PN}-1.0.4-makefile-CFLAGS.patch
+ "${FILESDIR}"/${PN}-1.0.6-saneso.patch
+ "${FILESDIR}"/${PN}-1.0.4-man-links.patch #172986
+ "${FILESDIR}"/${PN}-1.0.6-progress.patch
+ "${FILESDIR}"/${PN}-1.0.3-no-test.patch
+ "${FILESDIR}"/${PN}-1.0.4-POSIX-shell.patch #193365
+ "${FILESDIR}"/${PN}-1.0.6-mingw.patch #393573
+ "${FILESDIR}"/${PN}-1.0.6-out-of-tree-build.patch
+ "${FILESDIR}"/${PN}-1.0.6-CVE-2016-3189.patch #620466
+
+ "${FILESDIR}"/${PN}-1.0.6-r7-checkenv.patch # for AIX, Darwin?
+ "${FILESDIR}"/${PN}-1.0.6-prefix.patch
+)
src_prepare() {
- epatch "${FILESDIR}"/${PN}-1.0.4-makefile-CFLAGS.patch
- epatch "${FILESDIR}"/${PN}-1.0.6-saneso.patch
- epatch "${FILESDIR}"/${PN}-1.0.4-man-links.patch #172986
- epatch "${FILESDIR}"/${PN}-1.0.6-progress.patch
- epatch "${FILESDIR}"/${PN}-1.0.3-no-test.patch
- epatch "${FILESDIR}"/${PN}-1.0.4-POSIX-shell.patch #193365
- epatch "${FILESDIR}"/${PN}-1.0.6-mingw.patch #393573
- epatch "${FILESDIR}"/${PN}-1.0.6-out-of-tree-build.patch
-
- epatch "${FILESDIR}"/${PN}-1.0.6-r7-checkenv.patch # for AIX, Darwin?
- epatch "${FILESDIR}"/${PN}-1.0.4-prefix.patch
- eprefixify bz{diff,grep,more}
- # this a makefile for Darwin, which already "includes" saneso
- cp "${FILESDIR}"/${P}-Makefile-libbz2_dylib Makefile-libbz2_dylib || die
+ epatch "${PATCHES[@]}"
# - Use right man path
# - Generate symlinks instead of hardlinks
@@ -48,6 +44,10 @@ src_prepare() {
-e 's:$(PREFIX)/lib:$(PREFIX)/$(LIBDIR):g' \
Makefile || die
+ eprefixify bz{diff,grep,more}
+ # this a makefile for Darwin, which already "includes" saneso
+ cp "${FILESDIR}"/${P}-Makefile-libbz2_dylib Makefile-libbz2_dylib || die
+
if [[ ${CHOST} == *-hpux* ]] ; then
sed -i -e 's,-soname,+h,' Makefile-libbz2_so || die "cannot replace -soname with +h"
if [[ ${CHOST} == hppa*-hpux* && ${CHOST} != hppa64*-hpux* ]] ; then
@@ -73,24 +73,9 @@ bemake() {
}
multilib_src_compile() {
- local checkopts=
- case "${CHOST}" in
- *-darwin*)
- bemake PREFIX="${EPREFIX}"/usr -f "${S}"/Makefile-libbz2_dylib all
- # FWIW, #504648 like for .so below
- ln -sf libbz2.${PV}.dylib libbz2.dylib
- ;;
- *-mint*)
- # do nothing, no shared libraries
- :
- ;;
- *)
- bemake -f "${S}"/Makefile-libbz2_so all
- # Make sure we link against the shared lib #504648
- [[ $(get_libname) != $(get_libname ${PV}) ]] &&
- ln -sf libbz2$(get_libname ${PV}) libbz2$(get_libname)
- ;;
- esac
+ bemake -f "${S}"/Makefile-libbz2_so all
+ # Make sure we link against the shared lib #504648
+ ln -sf libbz2.so.${PV} libbz2.so
bemake -f "${S}"/Makefile all LDFLAGS="${LDFLAGS} $(usex static -static '')"
}
@@ -111,7 +96,7 @@ multilib_src_install() {
dosym libbz2$(get_libname ${PV}) /usr/$(get_libdir)/${v}
done
- fi
+ fi # tc-is-static-only
use static-libs && dolib.a libbz2.a
diff --git a/app-arch/bzip2/files/bzip2-1.0.6-CVE-2016-3189.patch b/app-arch/bzip2/files/bzip2-1.0.6-CVE-2016-3189.patch
new file mode 100644
index 0000000000..1d0c3a6dd3
--- /dev/null
+++ b/app-arch/bzip2/files/bzip2-1.0.6-CVE-2016-3189.patch
@@ -0,0 +1,18 @@
+Upstream-Status: Backport
+https://bugzilla.suse.com/attachment.cgi?id=681334
+
+CVE: CVE-2016-3189
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+Index: bzip2-1.0.6/bzip2recover.c
+===================================================================
+--- bzip2-1.0.6.orig/bzip2recover.c
++++ bzip2-1.0.6/bzip2recover.c
+@@ -457,6 +457,7 @@ Int32 main ( Int32 argc, Char** argv )
+ bsPutUChar ( bsWr, 0x50 ); bsPutUChar ( bsWr, 0x90 );
+ bsPutUInt32 ( bsWr, blockCRC );
+ bsClose ( bsWr );
++ outFile = NULL;
+ }
+ if (wrBlock >= rbCtr) break;
+ wrBlock++;