diff options
| author |   Mike Frysinger <vapier@gentoo.org> | 2006-02-06 23:20:17 +0000 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2006-02-06 23:20:17 +0000 |
| commit | a681ded4331cefc269fc1220acf067fa0c3e6301 (patch) | |
| tree | f5564933303a136753c8a7be43d2545b6c891de6 /app-arch | |
| parent | Mark 0.131 stable on ia64 (diff) | |
| download | gentoo-2-a681ded4331cefc269fc1220acf067fa0c3e6301.tar.gz gentoo-2-a681ded4331cefc269fc1220acf067fa0c3e6301.tar.bz2 gentoo-2-a681ded4331cefc269fc1220acf067fa0c3e6301.zip | |
Grab patch from Fedora for CAN-2005-0758.
(Portage version: 2.1_pre4-r1)
Diffstat (limited to 'app-arch')
| -rw-r--r-- | app-arch/bzip2/ChangeLog | 10 | ||||
| -rw-r--r-- | app-arch/bzip2/bzip2-1.0.3-r6.ebuild | 80 | ||||
| -rw-r--r-- | app-arch/bzip2/files/bzip2-1.0.2-bzgrep.patch | 20 | ||||
| -rw-r--r-- | app-arch/bzip2/files/digest-bzip2-1.0.3-r6 | 1 |
4 files changed, 109 insertions, 2 deletions
diff --git a/app-arch/bzip2/ChangeLog b/app-arch/bzip2/ChangeLog index 24d5b1a1354a..d515220d07b9 100644 --- a/app-arch/bzip2/ChangeLog +++ b/app-arch/bzip2/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for app-arch/bzip2 -# Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-arch/bzip2/ChangeLog,v 1.32 2005/09/09 15:07:17 agriffis Exp $ +# Copyright 1999-2006 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/app-arch/bzip2/ChangeLog,v 1.33 2006/02/06 23:20:17 vapier Exp $ + +*bzip2-1.0.3-r6 (06 Feb 2006) + + 06 Feb 2006; Mike Frysinger <vapier@gentoo.org> + +files/bzip2-1.0.2-bzgrep.patch, +bzip2-1.0.3-r6.ebuild: + Grab patch from Fedora for CAN-2005-0758. 09 Sep 2005; Aron Griffis <agriffis@gentoo.org> bzip2-1.0.3-r5.ebuild: Mark 1.0.3-r5 stable on alpha diff --git a/app-arch/bzip2/bzip2-1.0.3-r6.ebuild b/app-arch/bzip2/bzip2-1.0.3-r6.ebuild new file mode 100644 index 000000000000..45ead007ed11 --- /dev/null +++ b/app-arch/bzip2/bzip2-1.0.3-r6.ebuild @@ -0,0 +1,80 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-arch/bzip2/bzip2-1.0.3-r6.ebuild,v 1.1 2006/02/06 23:20:17 vapier Exp $ + +inherit eutils multilib toolchain-funcs flag-o-matic + +DESCRIPTION="A high-quality data compressor used extensively by Gentoo Linux" +HOMEPAGE="http://www.bzip.org/" +SRC_URI="http://www.bzip.org/${PV}/${P}.tar.gz" + +LICENSE="BZIP2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="build static" + +DEPEND="" + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}"/${PN}-1.0.2-bzgrep.patch + epatch "${FILESDIR}"/${PN}-1.0.2-NULL-ptr-check.patch + epatch "${FILESDIR}"/${P}-makefile-CFLAGS.patch + epatch "${FILESDIR}"/${P}-saneso.patch + epatch "${FILESDIR}"/${P}-shared-largefile-support.patch + epatch "${FILESDIR}"/${PN}-1.0.2-progress.patch + epatch "${FILESDIR}"/${PN}-1.0.2-chmod.patch + epatch "${FILESDIR}"/${P}-no-test.patch + sed -i -e 's:\$(PREFIX)/man:\$(PREFIX)/share/man:g' Makefile || die "sed manpath" + + # - Generate symlinks instead of hardlinks + # - pass custom variables to control libdir + sed -i \ + -e 's:ln $(PREFIX)/bin/:ln -s :' \ + -e 's:$(PREFIX)/lib:$(PREFIX)/$(LIBDIR):g' \ + Makefile || die "sed links" +} + +src_compile() { + local makeopts=" + CC=$(tc-getCC) + AR=$(tc-getAR) + RANLIB=$(tc-getRANLIB) + " + if ! use build ; then + emake ${makeopts} -f Makefile-libbz2_so all || die "Make failed libbz2" + fi + use static && append-flags -static + emake ${makeopts} all || die "Make failed" + + if ! tc-is-cross-compiler ; then + make check || die "test failed" + fi +} + +src_install() { + if ! use build ; then + make PREFIX="${D}"/usr LIBDIR=$(get_libdir) install || die + + # move bzip2 binaries to / and use the shared libbz2.so + mv "${D}"/usr/bin "${D}"/ + into / + if ! use static ; then + newbin bzip2-shared bzip2 || die "dobin shared" + fi + dolib.so "${S}"/libbz2.so.${PV} || die "dolib shared" + for v in libbz2.so{,.{${PV%%.*},${PV%.*}}} ; do + dosym libbz2.so.${PV} /$(get_libdir)/${v} + done + gen_usr_ldscript libbz2.so + + dodoc README* CHANGES Y2K_INFO bzip2.txt manual.* + else + into / + dobin bzip2 || die "dobin bzip2" + fi + + dosym bzip2 /bin/bzcat + dosym bzip2 /bin/bunzip2 +} diff --git a/app-arch/bzip2/files/bzip2-1.0.2-bzgrep.patch b/app-arch/bzip2/files/bzip2-1.0.2-bzgrep.patch new file mode 100644 index 000000000000..bec6a66af761 --- /dev/null +++ b/app-arch/bzip2/files/bzip2-1.0.2-bzgrep.patch @@ -0,0 +1,20 @@ +Ripped from Fedora + +* Fri Nov 25 2005 Ivana Varekova <varekova@redhat.com> 1.0.3-2 +- fix bug 174172 - CAN-2005-0758 bzgrep has security issue in sed usage + +--- bzip2-1.0.2/bzgrep.flaw 2005-06-16 08:51:21.000000000 -0400 ++++ bzip2-1.0.2/bzgrep 2005-06-16 08:55:20.000000000 -0400 +@@ -63,7 +63,11 @@ + bzip2 -cdfq "$i" | $grep $opt "$pat" + r=$? + else +- bzip2 -cdfq "$i" | $grep $opt "$pat" | sed "s|^|${i}:|" ++ j=${i//\\/\\\\} ++ j=${j//|/\\|} ++ j=${j//&/\\&} ++ j=`printf "%s" "$j" | tr '\n' ' '` ++ bzip2 -cdfq "$i" | $grep $opt "$pat" | sed "s|^|${j}:|" + r=$? + fi + test "$r" -ne 0 && res="$r" diff --git a/app-arch/bzip2/files/digest-bzip2-1.0.3-r6 b/app-arch/bzip2/files/digest-bzip2-1.0.3-r6 new file mode 100644 index 000000000000..24bf9c7e285a --- /dev/null +++ b/app-arch/bzip2/files/digest-bzip2-1.0.3-r6 @@ -0,0 +1 @@ +MD5 8a716bebecb6e647d2e8a29ea5d8447f bzip2-1.0.3.tar.gz 669075 |