From ab12f95ca1503bbcf12964e3d4d5673993f422a1 Mon Sep 17 00:00:00 2001
From: Fabian Groffen <grobian@gentoo.org>
Date: Wed, 15 Nov 2017 16:31:41 +0100
Subject: app-arch/bzip2: sync for CVE, bug #637572

Bug: https://bugs.gentoo.org/637572
Package-Manager: Portage-2.3.13-prefix, Repoman-2.3.4
---
 app-arch/bzip2/bzip2-1.0.6-r1.ebuild               | 113 ---------------
 app-arch/bzip2/bzip2-1.0.6-r3.ebuild               | 121 ----------------
 app-arch/bzip2/bzip2-1.0.6-r7.ebuild               | 157 ---------------------
 app-arch/bzip2/bzip2-1.0.6-r8.ebuild               | 142 +++++++++++++++++++
 .../bzip2/files/bzip2-1.0.6-CVE-2016-3189.patch    |  18 +++
 5 files changed, 160 insertions(+), 391 deletions(-)
 delete mode 100644 app-arch/bzip2/bzip2-1.0.6-r1.ebuild
 delete mode 100644 app-arch/bzip2/bzip2-1.0.6-r3.ebuild
 delete mode 100644 app-arch/bzip2/bzip2-1.0.6-r7.ebuild
 create mode 100644 app-arch/bzip2/bzip2-1.0.6-r8.ebuild
 create mode 100644 app-arch/bzip2/files/bzip2-1.0.6-CVE-2016-3189.patch

(limited to 'app-arch')

diff --git a/app-arch/bzip2/bzip2-1.0.6-r1.ebuild b/app-arch/bzip2/bzip2-1.0.6-r1.ebuild
deleted file mode 100644
index a88f13ce09..0000000000
--- a/app-arch/bzip2/bzip2-1.0.6-r1.ebuild
+++ /dev/null
@@ -1,113 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-arch/bzip2/bzip2-1.0.6-r1.ebuild,v 1.1 2010/09/23 09:19:49 vapier Exp $
-
-inherit eutils multilib toolchain-funcs flag-o-matic prefix
-
-DESCRIPTION="A high-quality data compressor used extensively by Gentoo Linux"
-HOMEPAGE="http://www.bzip.org/"
-SRC_URI="http://www.bzip.org/${PV}/${P}.tar.gz"
-
-LICENSE="BZIP2"
-SLOT="0"
-KEYWORDS="~ppc-aix ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt"
-IUSE="static"
-
-src_unpack() {
-	unpack ${A}
-	cd "${S}"
-	epatch "${FILESDIR}"/${PN}-1.0.4-makefile-CFLAGS.patch
-	epatch "${FILESDIR}"/${PN}-1.0.6-saneso.patch
-	epatch "${FILESDIR}"/${PN}-1.0.4-man-links.patch #172986
-	epatch "${FILESDIR}"/${PN}-1.0.2-progress.patch
-	epatch "${FILESDIR}"/${PN}-1.0.3-no-test.patch
-	epatch "${FILESDIR}"/${PN}-1.0.4-POSIX-shell.patch #193365
-	epatch "${FILESDIR}"/${PN}-1.0.5-checkenv.patch # for AIX, Darwin?
-	epatch "${FILESDIR}"/${PN}-1.0.4-prefix.patch
-	eprefixify bz{diff,grep,more}
-	# this a makefile for Darwin, which already "includes" saneso
-	cp "${FILESDIR}"/${P}-Makefile-libbz2_dylib Makefile-libbz2_dylib || die
-
-	# - Use right man path
-	# - Generate symlinks instead of hardlinks
-	# - pass custom variables to control libdir
-	sed -i \
-		-e 's:\$(PREFIX)/man:\$(PREFIX)/share/man:g' \
-		-e 's:ln -s -f $(PREFIX)/bin/:ln -s :' \
-		-e 's:$(PREFIX)/lib:$(PREFIX)/$(LIBDIR):g' \
-		Makefile || die
-
-	if [[ ${CHOST} == *-hpux* ]] ; then
-		sed -i -e 's,-soname,+h,' Makefile-libbz2_so || die "cannot replace -soname with +h"
-		if [[ ${CHOST} == hppa*-hpux* && ${CHOST} != hppa64*-hpux* ]] ; then
-			sed -i -e '/^SOEXT/s,so,sl,' Makefile-libbz2_so || die "cannot replace so with sl"
-			sed -i -e '/^SONAME/s,=,=${EPREFIX}/lib/,' Makefile-libbz2_so || die "cannt set soname"
-		fi
-	elif [[ ${CHOST} == *-interix* ]] ; then
-		sed -i -e 's,-soname,-h,' Makefile-libbz2_so || die "cannot replace -soname with -h"
-		sed -i -e 's,-fpic,,' -e 's,-fPIC,,' Makefile-libbz2_so || die "cannot replace pic options"
-	fi
-}
-
-bemake() {
-	emake \
-		CC="$(tc-getCC)" \
-		AR="$(tc-getAR)" \
-		RANLIB="$(tc-getRANLIB)" \
-		"$@" || die
-}
-src_compile() {
-	local checkopts=
-	case "${CHOST}" in
-		*-darwin*)
-			bemake PREFIX="${EPREFIX}"/usr -f Makefile-libbz2_dylib || die
-		;;
-		*-mint*)
-			# do nothing, no shared libraries
-			:
-		;;
-		*)
-			bemake -f Makefile-libbz2_so all || die
-		;;
-	esac
-	use static && append-flags -static
-	bemake all || die
-}
-
-src_install() {
-	make PREFIX="${D}${EPREFIX}"/usr LIBDIR="$(get_libdir)" install || die
-	dodoc README* CHANGES bzip2.txt manual.*
-
-	if [[ $(get_libname) != ".irrelevant" ]] ; then
-
-	# Install the shared lib manually.  We install:
-	#  .x.x.x - standard shared lib behavior
-	#  .x.x   - SONAME some distros use #338321
-	#  .x     - SONAME Gentoo uses
-	dolib.so libbz2$(get_libname ${PV}) || die
-	local s
-	for v in libbz2$(get_libname) libbz2$(get_libname ${PV%%.*}) libbz2$(get_libname ${PV%.*}) ; do
-		dosym libbz2$(get_libname ${PV}) /usr/$(get_libdir)/${v} || die
-	done
-	gen_usr_ldscript -a bz2
-
-	if ! use static ; then
-		newbin bzip2-shared bzip2 || die
-	fi
-
-	fi
-
-	# move "important" bzip2 binaries to /bin and use the shared libbz2.so
-	dodir /bin
-	mv "${ED}"/usr/bin/b{zip2,zcat,unzip2} "${ED}"/bin/ || die
-	dosym bzip2 /bin/bzcat || die
-	dosym bzip2 /bin/bunzip2 || die
-
-	if [[ ${CHOST} == *-winnt* ]]; then
-		dolib.so libbz2$(get_libname ${PV}).dll || die "dolib shared"
-
-		# on windows, we want to continue using bzip2 from interix.
-		# building bzip2 on windows gives the libraries only!
-		rm -rf "${ED}"/bin "${ED}"/usr/bin
-	fi
-}
diff --git a/app-arch/bzip2/bzip2-1.0.6-r3.ebuild b/app-arch/bzip2/bzip2-1.0.6-r3.ebuild
deleted file mode 100644
index a4a4c6147d..0000000000
--- a/app-arch/bzip2/bzip2-1.0.6-r3.ebuild
+++ /dev/null
@@ -1,121 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-arch/bzip2/bzip2-1.0.6-r3.ebuild,v 1.12 2014/01/18 01:43:22 vapier Exp $
-
-# XXX: atm, libbz2.a is always PIC :(, so it is always built quickly
-#      (since we're building shared libs) ...
-
-EAPI="2"
-
-inherit eutils multilib toolchain-funcs flag-o-matic prefix
-
-DESCRIPTION="A high-quality data compressor used extensively by Gentoo Linux"
-HOMEPAGE="http://www.bzip.org/"
-SRC_URI="http://www.bzip.org/${PV}/${P}.tar.gz"
-
-LICENSE="BZIP2"
-SLOT="0"
-KEYWORDS="~ppc-aix ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt"
-IUSE="static static-libs"
-
-src_prepare() {
-	epatch "${FILESDIR}"/${PN}-1.0.4-makefile-CFLAGS.patch
-	epatch "${FILESDIR}"/${PN}-1.0.6-saneso.patch
-	epatch "${FILESDIR}"/${PN}-1.0.4-man-links.patch #172986
-	epatch "${FILESDIR}"/${PN}-1.0.6-progress.patch
-	epatch "${FILESDIR}"/${PN}-1.0.3-no-test.patch
-	epatch "${FILESDIR}"/${PN}-1.0.4-POSIX-shell.patch #193365
-	epatch "${FILESDIR}"/${PN}-1.0.6-mingw.patch #393573
-
-	epatch "${FILESDIR}"/${PN}-1.0.5-checkenv.patch # for AIX, Darwin?
-	epatch "${FILESDIR}"/${PN}-1.0.4-prefix.patch
-	eprefixify bz{diff,grep,more}
-	# this a makefile for Darwin, which already "includes" saneso
-	cp "${FILESDIR}"/${P}-Makefile-libbz2_dylib Makefile-libbz2_dylib || die
-
-	# - Use right man path
-	# - Generate symlinks instead of hardlinks
-	# - pass custom variables to control libdir
-	sed -i \
-		-e 's:\$(PREFIX)/man:\$(PREFIX)/share/man:g' \
-		-e 's:ln -s -f $(PREFIX)/bin/:ln -s :' \
-		-e 's:$(PREFIX)/lib:$(PREFIX)/$(LIBDIR):g' \
-		Makefile || die
-
-	if [[ ${CHOST} == *-hpux* ]] ; then
-		sed -i -e 's,-soname,+h,' Makefile-libbz2_so || die "cannot replace -soname with +h"
-		if [[ ${CHOST} == hppa*-hpux* && ${CHOST} != hppa64*-hpux* ]] ; then
-			sed -i -e '/^SOEXT/s,so,sl,' Makefile-libbz2_so || die "cannot replace so with sl"
-			sed -i -e '/^SONAME/s,=,=${EPREFIX}/lib/,' Makefile-libbz2_so || die "cannt set soname"
-		fi
-	elif [[ ${CHOST} == *-interix* ]] ; then
-		sed -i -e 's,-soname,-h,' Makefile-libbz2_so || die "cannot replace -soname with -h"
-		sed -i -e 's,-fpic,,' -e 's,-fPIC,,' Makefile-libbz2_so || die "cannot replace pic options"
-	fi
-}
-
-bemake() {
-	emake \
-		CC="$(tc-getCC)" \
-		AR="$(tc-getAR)" \
-		RANLIB="$(tc-getRANLIB)" \
-		"$@" || die
-}
-src_compile() {
-	local checkopts=
-	case "${CHOST}" in
-		*-darwin*)
-			bemake PREFIX="${EPREFIX}"/usr -f Makefile-libbz2_dylib || die
-		;;
-		*-mint*)
-			# do nothing, no shared libraries
-			:
-		;;
-		*)
-			bemake -f Makefile-libbz2_so all || die
-		;;
-	esac
-	use static && append-flags -static
-	bemake all || die
-}
-
-src_install() {
-	make PREFIX="${D}${EPREFIX}"/usr LIBDIR="$(get_libdir)" install || die
-	dodoc README* CHANGES bzip2.txt manual.*
-
-	if [[ $(get_libname) != ".irrelevant" ]] ; then
-
-	if ! use static ; then
-		newbin bzip2-shared bzip2 || die
-	fi
-	if ! use static-libs ; then
-		rm -f "${ED}"/usr/lib*/libbz2.a || die
-	fi
-
-	# move "important" bzip2 binaries to /bin and use the shared libbz2.so
-	dodir /bin
-	mv "${ED}"/usr/bin/b{zip2,zcat,unzip2} "${ED}"/bin/ || die
-	dosym bzip2 /bin/bzcat || die
-	dosym bzip2 /bin/bunzip2 || die
-
-	# Install the shared lib manually.  We install:
-	#  .x.x.x - standard shared lib behavior
-	#  .x.x   - SONAME some distros use #338321
-	#  .x     - SONAME Gentoo uses
-	dolib.so libbz2$(get_libname ${PV}) || die
-	local s
-	for v in libbz2$(get_libname) libbz2$(get_libname ${PV%%.*}) libbz2$(get_libname ${PV%.*}) ; do
-		dosym libbz2$(get_libname ${PV}) /usr/$(get_libdir)/${v} || die
-	done
-	gen_usr_ldscript -a bz2
-
-	fi
-
-	if [[ ${CHOST} == *-winnt* ]]; then
-		dolib.so libbz2$(get_libname ${PV}).dll || die "dolib shared"
-
-		# on windows, we want to continue using bzip2 from interix.
-		# building bzip2 on windows gives the libraries only!
-		rm -rf "${ED}"/bin "${ED}"/usr/bin
-	fi
-}
diff --git a/app-arch/bzip2/bzip2-1.0.6-r7.ebuild b/app-arch/bzip2/bzip2-1.0.6-r7.ebuild
deleted file mode 100644
index fa785fc384..0000000000
--- a/app-arch/bzip2/bzip2-1.0.6-r7.ebuild
+++ /dev/null
@@ -1,157 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-arch/bzip2/bzip2-1.0.6-r7.ebuild,v 1.2 2014/04/28 17:18:31 mgorny Exp $
-
-# XXX: atm, libbz2.a is always PIC :(, so it is always built quickly
-#      (since we're building shared libs) ...
-
-EAPI=4
-
-inherit eutils toolchain-funcs multilib multilib-minimal prefix
-
-DESCRIPTION="A high-quality data compressor used extensively by Gentoo Linux"
-HOMEPAGE="http://www.bzip.org/"
-SRC_URI="http://www.bzip.org/${PV}/${P}.tar.gz"
-
-LICENSE="BZIP2"
-SLOT="0"
-KEYWORDS="~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt"
-IUSE="static static-libs"
-
-RDEPEND="abi_x86_32? (
-		!<=app-emulation/emul-linux-x86-baselibs-20130224
-		!app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
-	)"
-
-src_prepare() {
-	epatch "${FILESDIR}"/${PN}-1.0.4-makefile-CFLAGS.patch
-	epatch "${FILESDIR}"/${PN}-1.0.6-saneso.patch
-	epatch "${FILESDIR}"/${PN}-1.0.4-man-links.patch #172986
-	epatch "${FILESDIR}"/${PN}-1.0.6-progress.patch
-	epatch "${FILESDIR}"/${PN}-1.0.3-no-test.patch
-	epatch "${FILESDIR}"/${PN}-1.0.4-POSIX-shell.patch #193365
-	epatch "${FILESDIR}"/${PN}-1.0.6-mingw.patch #393573
-	epatch "${FILESDIR}"/${PN}-1.0.6-out-of-tree-build.patch
-
-	epatch "${FILESDIR}"/${PN}-1.0.6-r7-checkenv.patch # for AIX, Darwin?
-	epatch "${FILESDIR}"/${PN}-1.0.4-prefix.patch
-	eprefixify bz{diff,grep,more}
-	# this a makefile for Darwin, which already "includes" saneso
-	cp "${FILESDIR}"/${P}-Makefile-libbz2_dylib Makefile-libbz2_dylib || die
-
-	# - Use right man path
-	# - Generate symlinks instead of hardlinks
-	# - pass custom variables to control libdir
-	sed -i \
-		-e 's:\$(PREFIX)/man:\$(PREFIX)/share/man:g' \
-		-e 's:ln -s -f $(PREFIX)/bin/:ln -s -f :' \
-		-e 's:$(PREFIX)/lib:$(PREFIX)/$(LIBDIR):g' \
-		Makefile || die
-
-	if [[ ${CHOST} == *-hpux* ]] ; then
-		sed -i -e 's,-soname,+h,' Makefile-libbz2_so || die "cannot replace -soname with +h"
-		if [[ ${CHOST} == hppa*-hpux* && ${CHOST} != hppa64*-hpux* ]] ; then
-			sed -i -e '/^SOEXT/s,so,sl,' Makefile-libbz2_so || die "cannot replace so with sl"
-			sed -i -e '/^SONAME/s,=,=${EPREFIX}/lib/,' Makefile-libbz2_so || die "cannt set soname"
-		fi
-	fi
-	if [[ ${CHOST} == *-cygwin* ]] ; then
-		sed -i -e "s/-o libbz2\.so\.${PV}/-Wl,--out-implib=libbz2$(get_libname ${PV})/" \
-			   -e "s/-Wl,-soname -Wl,libbz2\.so\.1/-o cygbz2-${PV%%.*}.dll/" \
-			   -e "s/libbz2\.so/libbz2$(get_libname)/g" \
-			Makefile-libbz2_so
-	fi
-}
-
-bemake() {
-	emake \
-		VPATH="${S}" \
-		CC="$(tc-getCC)" \
-		AR="$(tc-getAR)" \
-		RANLIB="$(tc-getRANLIB)" \
-		"$@"
-}
-
-multilib_src_compile() {
-	local checkopts=
-	case "${CHOST}" in
-		*-darwin*)
-			bemake PREFIX="${EPREFIX}"/usr -f "${S}"/Makefile-libbz2_dylib all
-			# FWIW, #504648 like for .so below
-			ln -sf libbz2.${PV}.dylib libbz2.dylib
-		;;
-		*-mint*)
-			# do nothing, no shared libraries
-			:
-		;;
-		*)
-			bemake -f "${S}"/Makefile-libbz2_so all
-			# Make sure we link against the shared lib #504648
-			[[ $(get_libname) != $(get_libname ${PV}) ]] &&
-			ln -sf libbz2$(get_libname ${PV}) libbz2$(get_libname)
-		;;
-	esac
-	bemake -f "${S}"/Makefile all LDFLAGS="${LDFLAGS} $(usex static -static '')"
-}
-
-multilib_src_install() {
-	into /usr
-
-	if ! tc-is-static-only; then
-
-	# Install the shared lib manually.  We install:
-	#  .x.x.x - standard shared lib behavior
-	#  .x.x   - SONAME some distros use #338321
-	#  .x     - SONAME Gentoo uses
-	dolib.so libbz2$(get_libname ${PV})
-	[[ ${CHOST} == *-cygwin* ]] && dobin cygbz2-${PV%%.*}.dll
-	local v
-	[[ $(get_libname) != $(get_libname ${PV}) ]] &&
-	for v in libbz2$(get_libname) libbz2$(get_libname ${PV%%.*}) libbz2$(get_libname ${PV%.*}) ; do
-		dosym libbz2$(get_libname ${PV}) /usr/$(get_libdir)/${v}
-	done
-
-	fi
-
-	use static-libs && dolib.a libbz2.a
-
-	if multilib_is_native_abi ; then
-		gen_usr_ldscript -a bz2
-
-		dobin bzip2recover
-		into /
-		dobin bzip2
-	fi
-}
-
-multilib_src_install_all() {
-	# `make install` doesn't cope with out-of-tree builds, nor with
-	# installing just non-binaries, so handle things ourselves.
-	insinto /usr/include
-	doins bzlib.h
-	into /usr
-	dobin bz{diff,grep,more}
-	doman *.1
-
-	dosym bzdiff /usr/bin/bzcmp
-	dosym bzdiff.1 /usr/share/man/man1/bzcmp.1
-
-	dosym bzmore /usr/bin/bzless
-	dosym bzmore.1 /usr/share/man/man1/bzless.1
-
-	local x
-	for x in bunzip2 bzcat bzip2recover ; do
-		dosym bzip2.1 /usr/share/man/man1/${x}.1
-	done
-	for x in bz{e,f}grep ; do
-		dosym bzgrep /usr/bin/${x}
-		dosym bzgrep.1 /usr/share/man/man1/${x}.1
-	done
-
-	dodoc README* CHANGES manual.pdf
-	dohtml manual.html
-
-	# move "important" bzip2 binaries to /bin and use the shared libbz2.so
-	dosym bzip2 /bin/bzcat
-	dosym bzip2 /bin/bunzip2
-}
diff --git a/app-arch/bzip2/bzip2-1.0.6-r8.ebuild b/app-arch/bzip2/bzip2-1.0.6-r8.ebuild
new file mode 100644
index 0000000000..eeb7f85da2
--- /dev/null
+++ b/app-arch/bzip2/bzip2-1.0.6-r8.ebuild
@@ -0,0 +1,142 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+# XXX: atm, libbz2.a is always PIC :(, so it is always built quickly
+#      (since we're building shared libs) ...
+
+EAPI=5
+
+inherit eutils toolchain-funcs multilib multilib-minimal prefix
+
+DESCRIPTION="A high-quality data compressor used extensively by Gentoo Linux"
+HOMEPAGE="http://www.bzip.org/"
+SRC_URI="http://www.bzip.org/${PV}/${P}.tar.gz"
+
+LICENSE="BZIP2"
+SLOT="0/1" # subslot = SONAME
+KEYWORDS="~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt"
+IUSE="static static-libs"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-1.0.4-makefile-CFLAGS.patch
+	"${FILESDIR}"/${PN}-1.0.6-saneso.patch
+	"${FILESDIR}"/${PN}-1.0.4-man-links.patch #172986
+	"${FILESDIR}"/${PN}-1.0.6-progress.patch
+	"${FILESDIR}"/${PN}-1.0.3-no-test.patch
+	"${FILESDIR}"/${PN}-1.0.4-POSIX-shell.patch #193365
+	"${FILESDIR}"/${PN}-1.0.6-mingw.patch #393573
+	"${FILESDIR}"/${PN}-1.0.6-out-of-tree-build.patch
+	"${FILESDIR}"/${PN}-1.0.6-CVE-2016-3189.patch #620466
+
+	"${FILESDIR}"/${PN}-1.0.6-r7-checkenv.patch # for AIX, Darwin?
+	"${FILESDIR}"/${PN}-1.0.6-prefix.patch
+)
+
+src_prepare() {
+	epatch "${PATCHES[@]}"
+
+	# - Use right man path
+	# - Generate symlinks instead of hardlinks
+	# - pass custom variables to control libdir
+	sed -i \
+		-e 's:\$(PREFIX)/man:\$(PREFIX)/share/man:g' \
+		-e 's:ln -s -f $(PREFIX)/bin/:ln -s -f :' \
+		-e 's:$(PREFIX)/lib:$(PREFIX)/$(LIBDIR):g' \
+		Makefile || die
+
+	eprefixify bz{diff,grep,more}
+	# this a makefile for Darwin, which already "includes" saneso
+	cp "${FILESDIR}"/${P}-Makefile-libbz2_dylib Makefile-libbz2_dylib || die
+
+	if [[ ${CHOST} == *-hpux* ]] ; then
+		sed -i -e 's,-soname,+h,' Makefile-libbz2_so || die "cannot replace -soname with +h"
+		if [[ ${CHOST} == hppa*-hpux* && ${CHOST} != hppa64*-hpux* ]] ; then
+			sed -i -e '/^SOEXT/s,so,sl,' Makefile-libbz2_so || die "cannot replace so with sl"
+			sed -i -e '/^SONAME/s,=,=${EPREFIX}/lib/,' Makefile-libbz2_so || die "cannt set soname"
+		fi
+	fi
+	if [[ ${CHOST} == *-cygwin* ]] ; then
+		sed -i -e "s/-o libbz2\.so\.${PV}/-Wl,--out-implib=libbz2$(get_libname ${PV})/" \
+			   -e "s/-Wl,-soname -Wl,libbz2\.so\.1/-o cygbz2-${PV%%.*}.dll/" \
+			   -e "s/libbz2\.so/libbz2$(get_libname)/g" \
+			Makefile-libbz2_so
+	fi
+}
+
+bemake() {
+	emake \
+		VPATH="${S}" \
+		CC="$(tc-getCC)" \
+		AR="$(tc-getAR)" \
+		RANLIB="$(tc-getRANLIB)" \
+		"$@"
+}
+
+multilib_src_compile() {
+	bemake -f "${S}"/Makefile-libbz2_so all
+	# Make sure we link against the shared lib #504648
+	ln -sf libbz2.so.${PV} libbz2.so
+	bemake -f "${S}"/Makefile all LDFLAGS="${LDFLAGS} $(usex static -static '')"
+}
+
+multilib_src_install() {
+	into /usr
+
+	if ! tc-is-static-only; then
+
+	# Install the shared lib manually.  We install:
+	#  .x.x.x - standard shared lib behavior
+	#  .x.x   - SONAME some distros use #338321
+	#  .x     - SONAME Gentoo uses
+	dolib.so libbz2$(get_libname ${PV})
+	[[ ${CHOST} == *-cygwin* ]] && dobin cygbz2-${PV%%.*}.dll
+	local v
+	[[ $(get_libname) != $(get_libname ${PV}) ]] &&
+	for v in libbz2$(get_libname) libbz2$(get_libname ${PV%%.*}) libbz2$(get_libname ${PV%.*}) ; do
+		dosym libbz2$(get_libname ${PV}) /usr/$(get_libdir)/${v}
+	done
+
+	fi  # tc-is-static-only
+
+	use static-libs && dolib.a libbz2.a
+
+	if multilib_is_native_abi ; then
+		gen_usr_ldscript -a bz2
+
+		dobin bzip2recover
+		into /
+		dobin bzip2
+	fi
+}
+
+multilib_src_install_all() {
+	# `make install` doesn't cope with out-of-tree builds, nor with
+	# installing just non-binaries, so handle things ourselves.
+	insinto /usr/include
+	doins bzlib.h
+	into /usr
+	dobin bz{diff,grep,more}
+	doman *.1
+
+	dosym bzdiff /usr/bin/bzcmp
+	dosym bzdiff.1 /usr/share/man/man1/bzcmp.1
+
+	dosym bzmore /usr/bin/bzless
+	dosym bzmore.1 /usr/share/man/man1/bzless.1
+
+	local x
+	for x in bunzip2 bzcat bzip2recover ; do
+		dosym bzip2.1 /usr/share/man/man1/${x}.1
+	done
+	for x in bz{e,f}grep ; do
+		dosym bzgrep /usr/bin/${x}
+		dosym bzgrep.1 /usr/share/man/man1/${x}.1
+	done
+
+	dodoc README* CHANGES manual.pdf
+	dohtml manual.html
+
+	# move "important" bzip2 binaries to /bin and use the shared libbz2.so
+	dosym bzip2 /bin/bzcat
+	dosym bzip2 /bin/bunzip2
+}
diff --git a/app-arch/bzip2/files/bzip2-1.0.6-CVE-2016-3189.patch b/app-arch/bzip2/files/bzip2-1.0.6-CVE-2016-3189.patch
new file mode 100644
index 0000000000..1d0c3a6dd3
--- /dev/null
+++ b/app-arch/bzip2/files/bzip2-1.0.6-CVE-2016-3189.patch
@@ -0,0 +1,18 @@
+Upstream-Status: Backport
+https://bugzilla.suse.com/attachment.cgi?id=681334
+
+CVE: CVE-2016-3189
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+Index: bzip2-1.0.6/bzip2recover.c
+===================================================================
+--- bzip2-1.0.6.orig/bzip2recover.c
++++ bzip2-1.0.6/bzip2recover.c
+@@ -457,6 +457,7 @@ Int32 main ( Int32 argc, Char** argv )
+             bsPutUChar ( bsWr, 0x50 ); bsPutUChar ( bsWr, 0x90 );
+             bsPutUInt32 ( bsWr, blockCRC );
+             bsClose ( bsWr );
++            outFile = NULL;
+          }
+          if (wrBlock >= rbCtr) break;
+          wrBlock++;
-- 
cgit v1.2.3-65-gdbad