diff options
| author |   Peter Volkov <pva@gentoo.org> | 2011-09-12 18:55:52 +0000 |
|---|---|---|
| committer | Peter Volkov <pva@gentoo.org> | 2011-09-12 18:55:52 +0000 |
| commit | 2443c9f7a4bc6687a3e3f6aed72d3d91ac0383cb (patch) | |
| tree | 07b4b2284201b6705281ac83e37d9ee2f6569610 /net-analyzer/wireshark | |
| parent | Patch build.sh instead after discussing with upstream. (diff) | |
| download | gentoo-2-2443c9f7a4bc6687a3e3f6aed72d3d91ac0383cb.tar.gz gentoo-2-2443c9f7a4bc6687a3e3f6aed72d3d91ac0383cb.tar.bz2 gentoo-2-2443c9f7a4bc6687a3e3f6aed72d3d91ac0383cb.zip | |
Version bump. Fixes security bug #381551, thank GLSAMaker/CVETool Bot. Added 1.6.2, bug #370683. 1.6.2 also fixes bug 373545 wrt Francesco Lamonica. Drop old.
(Portage version: 2.1.10.15/cvs/Linux x86_64)
Diffstat (limited to 'net-analyzer/wireshark')
| -rw-r--r-- | net-analyzer/wireshark/ChangeLog | 12 | ||||
| -rw-r--r-- | net-analyzer/wireshark/wireshark-1.4.4.ebuild | 217 | ||||
| -rw-r--r-- | net-analyzer/wireshark/wireshark-1.4.6-r1.ebuild | 219 | ||||
| -rw-r--r-- | net-analyzer/wireshark/wireshark-1.4.9.ebuild (renamed from net-analyzer/wireshark/wireshark-1.4.7.ebuild) | 4 | ||||
| -rw-r--r-- | net-analyzer/wireshark/wireshark-1.6.2.ebuild (renamed from net-analyzer/wireshark/wireshark-1.6.0_rc1.ebuild) | 5 |
5 files changed, 16 insertions, 441 deletions
diff --git a/net-analyzer/wireshark/ChangeLog b/net-analyzer/wireshark/ChangeLog index 97e213f4c329..201df04bf53d 100644 --- a/net-analyzer/wireshark/ChangeLog +++ b/net-analyzer/wireshark/ChangeLog @@ -1,6 +1,16 @@ # ChangeLog for net-analyzer/wireshark # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/wireshark/ChangeLog,v 1.310 2011/08/07 16:48:43 armin76 Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/wireshark/ChangeLog,v 1.311 2011/09/12 18:55:52 pva Exp $ + +*wireshark-1.6.2 (12 Sep 2011) +*wireshark-1.4.9 (12 Sep 2011) + + 12 Sep 2011; Peter Volkov <pva@gentoo.org> -wireshark-1.4.4.ebuild, + -wireshark-1.4.6-r1.ebuild, -wireshark-1.4.7.ebuild, +wireshark-1.4.9.ebuild, + -wireshark-1.6.0_rc1.ebuild, +wireshark-1.6.2.ebuild: + Version bump. Fixes security bug #381551, thank GLSAMaker/CVETool Bot. Added + 1.6.2, bug #370683. 1.6.2 also fixes bug 373545 wrt Francesco Lamonica. Drop + old. 07 Aug 2011; Raúl Porcel <armin76@gentoo.org> wireshark-1.4.8.ebuild: alpha/ia64/sparc stable wrt #373961 diff --git a/net-analyzer/wireshark/wireshark-1.4.4.ebuild b/net-analyzer/wireshark/wireshark-1.4.4.ebuild deleted file mode 100644 index 5972ad7348da..000000000000 --- a/net-analyzer/wireshark/wireshark-1.4.4.ebuild +++ /dev/null @@ -1,217 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/wireshark/wireshark-1.4.4.ebuild,v 1.7 2011/03/13 11:23:51 xarthisius Exp $ - -EAPI="3" -PYTHON_DEPEND="python? 2" -inherit libtool flag-o-matic eutils toolchain-funcs python - -[[ -n ${PV#*_rc} && ${PV#*_rc} != ${PV} ]] && MY_P=${PN}-${PV/_} || MY_P=${P} -DESCRIPTION="A network protocol analyzer formerly known as ethereal" -HOMEPAGE="http://www.wireshark.org/" -SRC_URI="http://www.wireshark.org/download/src/all-versions/${MY_P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="alpha amd64 hppa ia64 ppc ppc64 sparc x86 ~x86-fbsd" -IUSE="adns ares doc doc-pdf gtk ipv6 lua gcrypt geoip kerberos -profile +pcap pcre portaudio python +caps selinux smi ssl threads zlib" - -RDEPEND=">=dev-libs/glib-2.14.0:2 - zlib? ( sys-libs/zlib - !=sys-libs/zlib-1.2.4 ) - smi? ( net-libs/libsmi ) - gtk? ( >=x11-libs/gtk+-2.4.0:2 - x11-libs/pango - dev-libs/atk - x11-misc/xdg-utils ) - ssl? ( net-libs/gnutls ) - gcrypt? ( dev-libs/libgcrypt ) - pcap? ( net-libs/libpcap ) - pcre? ( dev-libs/libpcre ) - caps? ( sys-libs/libcap ) - kerberos? ( virtual/krb5 ) - portaudio? ( media-libs/portaudio ) - ares? ( >=net-dns/c-ares-1.5 ) - !ares? ( adns? ( net-libs/adns ) ) - geoip? ( dev-libs/geoip ) - lua? ( >=dev-lang/lua-5.1 ) - selinux? ( sec-policy/selinux-wireshark )" - -DEPEND="${RDEPEND} - doc? ( dev-libs/libxslt - dev-libs/libxml2 - app-doc/doxygen - doc-pdf? ( dev-java/fop ) ) - >=dev-util/pkgconfig-0.15.0 - dev-lang/perl - sys-devel/bison - sys-apps/sed - sys-devel/flex" - -S=${WORKDIR}/${MY_P} - -# borrowed from GSoC2010_Gentoo_Capabilities by constanze and flameyeys -# @FUNCTION: fcaps -# @USAGE: fcaps {uid:gid} {file-mode} {cap1[,cap2,...]} {file} -# @RETURN: 0 if all okay; non-zero if failure and fallback -# @DESCRIPTION: -# fcaps sets the specified capabilities in the effective and permitted set of -# the given file. In case of failure fcaps sets the given file-mode. -fcaps() { - local uid_gid=$1 - local perms=$2 - local capset=$3 - local path=$4 - local res - - chmod $perms $path && \ - chown $uid_gid $path - res=$? - - use caps || return $res - - #set the capability - setcap "$capset=ep" "$path" &> /dev/null - #check if the capabilitiy got set correctly - setcap -v "$capset=ep" "$path" &> /dev/null - res=$? - - if [ $res -ne 0 ]; then - ewarn "Failed to set capabilities. Probable reason is missed kernel support." - ewarn "Kernel must have SECURITY_FILE_CAPABILITIES, and <FS>_FS_SECURITY" - ewarn "enabled (e.g. EXT3_FS_SECURITY) where <FS> is the filesystem to store" - ewarn "${path}" - ewarn - ewarn "Falling back to suid now..." - chmod u+s ${path} - fi - return $res -} - -pkg_setup() { - if ! use gtk; then - ewarn "USE=-gtk disables gtk-based gui called wireshark." - ewarn "Only command line utils will be built available" - fi - if use python; then - python_set_active_version 2 - python_pkg_setup - fi - # Add group for users allowed to sniff. - enewgroup wireshark -} - -src_configure() { - local myconf - - if [[ $(gcc-major-version) -lt 3 || - ( $(gcc-major-version) -eq 3 && - $(gcc-minor-version) -le 4 ) ]] ; then - die "Unsupported compiler version, please upgrade." - fi - - if use ares && use adns; then - elog "You asked for both, ares and adns, but we can use only one of them." - elog "c-ares supersedes adns resolver thus using c-ares (ares USE flag)." - myconf="$(use_with ares c-ares) --without-adns" - else - myconf="$(use_with adns) $(use_with ares c-ares)" - fi - - # profile and pie are incompatible #215806, #292991 - if use profile; then - ewarn "You've enabled the 'profile' USE flag, building PIE binaries is disabled." - ewarn "Also ignore \"unrecognized option '-nopie'\" gcc warning #358101." - append-flags $(test-flags-CC -nopie) - fi - - # Workaround bug #213705. If krb5-config --libs has -lcrypto then pass - # --with-ssl to ./configure. (Mimics code from acinclude.m4). - if use kerberos; then - case `krb5-config --libs` in - *-lcrypto*) - ewarn "Kerberos was built with ssl support: linkage with openssl is enabled." - ewarn "Note there are annoying license incompatibilities between the OpenSSL" - ewarn "license and the GPL, so do your check before distributing such package." - myconf+=" --with-ssl" - ;; - esac - fi - - # Hack around inability to disable doxygen/fop doc generation - use doc || export ac_cv_prog_HAVE_DOXYGEN=false - use doc-pdf || export ac_cv_prog_HAVE_FOP=false - - # dumpcap requires libcap, setuid-install requires dumpcap - econf $(use_enable gtk wireshark) \ - $(use_enable profile profile-build) \ - $(use_with ssl gnutls) \ - $(use_with gcrypt) \ - $(use_enable ipv6) \ - $(use_enable threads) \ - $(use_with lua) \ - $(use_with kerberos krb5) \ - $(use_with smi libsmi) \ - $(use_with pcap) \ - $(use_with zlib) \ - $(use_with pcre) \ - $(use_with geoip) \ - $(use_with portaudio) \ - $(use_with python) \ - $(use_with caps libcap) \ - $(use pcap && use_enable caps setcap-install) \ - $(use pcap && use_enable !caps setuid-install) \ - --sysconfdir=/etc/wireshark \ - --with-dumpcap-group=wireshark \ - --disable-extra-gcc-checks \ - ${myconf} -} - -src_compile() { - emake || die - use doc && cd docbook && { emake || die; } -} - -src_install() { - emake DESTDIR="${D}" install || die "emake install failed" - if use doc; then - dohtml -r docbook/{release-notes.html,ws{d,u}g_html{,_chunked}} -# for dir in ws{d,u}g_html{,_chunked}; do -# dohtml -p ${dir} -r docbook/${dir}/ || die -# done - if use doc-pdf; then - insinto /usr/share/doc/${PF}/pdf/ - doins docbook/{{developer,user}-guide,release-notes}-{a4,us}.pdf || die - fi - fi - - # FAQ is not required as is installed from help/faq.txt - dodoc AUTHORS ChangeLog NEWS README{,.bsd,.linux,.macos,.vmware} \ - doc/{randpkt.txt,README*} - - insinto /usr/include/wiretap - doins wiretap/wtap.h || die - - if use gtk; then - for c in hi lo; do - for d in 16 32 48; do - insinto /usr/share/icons/${c}color/${d}x${d}/apps - newins image/${c}${d}-app-wireshark.png wireshark.png - done - done - domenu wireshark.desktop || die - fi - chmod o-x "${ED}"/usr/bin/dumpcap #357237 -} - -pkg_postinst() { - if use caps && use pcap; then - fcaps 0:wireshark 550 cap_net_raw,cap_net_admin "${ROOT}"/usr/bin/dumpcap - fi - echo - ewarn "NOTE: To run wireshark as normal user you have to add yourself to" - ewarn "the wireshark group. This security measure ensures that only trusted" - ewarn "users are allowed to sniff your traffic." - echo -} diff --git a/net-analyzer/wireshark/wireshark-1.4.6-r1.ebuild b/net-analyzer/wireshark/wireshark-1.4.6-r1.ebuild deleted file mode 100644 index f779bda49899..000000000000 --- a/net-analyzer/wireshark/wireshark-1.4.6-r1.ebuild +++ /dev/null @@ -1,219 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/wireshark/wireshark-1.4.6-r1.ebuild,v 1.8 2011/05/15 13:41:04 pva Exp $ - -EAPI="3" -PYTHON_DEPEND="python? 2" -inherit libtool flag-o-matic eutils toolchain-funcs python autotools - -[[ -n ${PV#*_rc} && ${PV#*_rc} != ${PV} ]] && MY_P=${PN}-${PV/_} || MY_P=${P} -DESCRIPTION="A network protocol analyzer formerly known as ethereal" -HOMEPAGE="http://www.wireshark.org/" -SRC_URI="http://www.wireshark.org/download/src/all-versions/${MY_P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="alpha amd64 hppa ~ia64 ppc ppc64 ~sparc x86 ~x86-fbsd" -IUSE="adns ares doc doc-pdf gtk ipv6 lua gcrypt geoip kerberos -profile +pcap portaudio python +caps selinux smi ssl threads zlib" - -RDEPEND=">=dev-libs/glib-2.14:2 - zlib? ( sys-libs/zlib - !=sys-libs/zlib-1.2.4 ) - smi? ( net-libs/libsmi ) - gtk? ( >=x11-libs/gtk+-2.4.0:2 - x11-libs/pango - dev-libs/atk - x11-misc/xdg-utils ) - ssl? ( net-libs/gnutls ) - gcrypt? ( dev-libs/libgcrypt ) - pcap? ( net-libs/libpcap ) - caps? ( sys-libs/libcap ) - kerberos? ( virtual/krb5 ) - portaudio? ( media-libs/portaudio ) - ares? ( >=net-dns/c-ares-1.5 ) - !ares? ( adns? ( net-libs/adns ) ) - geoip? ( dev-libs/geoip ) - lua? ( >=dev-lang/lua-5.1 ) - selinux? ( sec-policy/selinux-wireshark )" - -DEPEND="${RDEPEND} - doc? ( dev-libs/libxslt - app-text/docbook-xml-dtd:4.2 - dev-libs/libxml2 - app-doc/doxygen - doc-pdf? ( dev-java/fop ) ) - >=dev-util/pkgconfig-0.15.0 - dev-lang/perl - sys-devel/bison - sys-apps/sed - sys-devel/flex" - -S=${WORKDIR}/${MY_P} - -# borrowed from GSoC2010_Gentoo_Capabilities by constanze and flameyeys -# @FUNCTION: fcaps -# @USAGE: fcaps {uid:gid} {file-mode} {cap1[,cap2,...]} {file} -# @RETURN: 0 if all okay; non-zero if failure and fallback -# @DESCRIPTION: -# fcaps sets the specified capabilities in the effective and permitted set of -# the given file. In case of failure fcaps sets the given file-mode. -fcaps() { - local uid_gid=$1 - local perms=$2 - local capset=$3 - local path=$4 - local res - - chmod $perms $path && \ - chown $uid_gid $path - res=$? - - use caps || return $res - - #set the capability - setcap "$capset=ep" "$path" &> /dev/null - #check if the capabilitiy got set correctly - setcap -v "$capset=ep" "$path" &> /dev/null - res=$? - - if [ $res -ne 0 ]; then - ewarn "Failed to set capabilities. Probable reason is missed kernel support." - ewarn "Kernel must have SECURITY_FILE_CAPABILITIES, and <FS>_FS_SECURITY" - ewarn "enabled (e.g. EXT3_FS_SECURITY) where <FS> is the filesystem to store" - ewarn "${path}" - ewarn - ewarn "Falling back to suid now..." - chmod u+s ${path} - fi - return $res -} - -pkg_setup() { - if ! use gtk; then - ewarn "USE=-gtk disables gtk-based gui called wireshark." - ewarn "Only command line utils will be built available" - fi - if use python; then - python_set_active_version 2 - python_pkg_setup - fi - # Add group for users allowed to sniff. - enewgroup wireshark -} - -src_prepare() { - epatch "${FILESDIR}/${P}-gnutls_nettle.patch" - epatch "${FILESDIR}/${P}-wspy_dissectors_dir.patch" - eautoreconf -} - -src_configure() { - local myconf - - if [[ $(gcc-major-version) -lt 3 || - ( $(gcc-major-version) -eq 3 && - $(gcc-minor-version) -le 4 ) ]] ; then - die "Unsupported compiler version, please upgrade." - fi - - if use ares && use adns; then - elog "You asked for both, ares and adns, but we can use only one of them." - elog "c-ares supersedes adns resolver thus using c-ares (ares USE flag)." - myconf="$(use_with ares c-ares) --without-adns" - else - myconf="$(use_with adns) $(use_with ares c-ares)" - fi - - # profile and pie are incompatible #215806, #292991 - if use profile; then - ewarn "You've enabled the 'profile' USE flag, building PIE binaries is disabled." - ewarn "Also ignore \"unrecognized option '-nopie'\" gcc warning #358101." - append-flags $(test-flags-CC -nopie) - fi - - # Workaround bug #213705. If krb5-config --libs has -lcrypto then pass - # --with-ssl to ./configure. (Mimics code from acinclude.m4). - if use kerberos; then - case `krb5-config --libs` in - *-lcrypto*) - ewarn "Kerberos was built with ssl support: linkage with openssl is enabled." - ewarn "Note there are annoying license incompatibilities between the OpenSSL" - ewarn "license and the GPL, so do your check before distributing such package." - myconf+=" --with-ssl" - ;; - esac - fi - - # Hack around inability to disable doxygen/fop doc generation - use doc || export ac_cv_prog_HAVE_DOXYGEN=false - use doc-pdf || export ac_cv_prog_HAVE_FOP=false - - # dumpcap requires libcap, setuid-install requires dumpcap - econf $(use_enable gtk wireshark) \ - $(use_enable profile profile-build) \ - $(use_with ssl gnutls) \ - $(use_with gcrypt) \ - $(use_enable ipv6) \ - $(use_enable threads) \ - $(use_with lua) \ - $(use_with kerberos krb5) \ - $(use_with smi libsmi) \ - $(use_with pcap) \ - $(use_with zlib) \ - $(use_with geoip) \ - $(use_with portaudio) \ - $(use_with python) \ - $(use_with caps libcap) \ - $(use pcap && use_enable caps setcap-install) \ - $(use pcap && use_enable !caps setuid-install) \ - --sysconfdir=/etc/wireshark \ - --with-dumpcap-group=wireshark \ - --disable-extra-gcc-checks \ - ${myconf} -} - -src_compile() { - emake || die - use doc && cd docbook && { emake || die; } -} - -src_install() { - emake DESTDIR="${D}" install || die "emake install failed" - if use doc; then - dohtml -r docbook/{release-notes.html,ws{d,u}g_html{,_chunked}} - if use doc-pdf; then - insinto /usr/share/doc/${PF}/pdf/ - doins docbook/{{developer,user}-guide,release-notes}-{a4,us}.pdf || die - fi - fi - - # FAQ is not required as is installed from help/faq.txt - dodoc AUTHORS ChangeLog NEWS README{,.bsd,.linux,.macos,.vmware} \ - doc/{randpkt.txt,README*} - - insinto /usr/include/wiretap - doins wiretap/wtap.h || die - - if use gtk; then - for c in hi lo; do - for d in 16 32 48; do - insinto /usr/share/icons/${c}color/${d}x${d}/apps - newins image/${c}${d}-app-wireshark.png wireshark.png - done - done - domenu wireshark.desktop || die - fi - chmod o-x "${ED}"/usr/bin/dumpcap #357237 -} - -pkg_postinst() { - if use caps && use pcap; then - fcaps 0:wireshark 550 cap_net_raw,cap_net_admin "${ROOT}"/usr/bin/dumpcap - fi - echo - ewarn "NOTE: To run wireshark as normal user you have to add yourself to" - ewarn "the wireshark group. This security measure ensures that only trusted" - ewarn "users are allowed to sniff your traffic." - echo -} diff --git a/net-analyzer/wireshark/wireshark-1.4.7.ebuild b/net-analyzer/wireshark/wireshark-1.4.9.ebuild index 7e26a9962c8c..2630a0dab070 100644 --- a/net-analyzer/wireshark/wireshark-1.4.7.ebuild +++ b/net-analyzer/wireshark/wireshark-1.4.9.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/wireshark/wireshark-1.4.7.ebuild,v 1.8 2011/06/07 10:15:01 xarthisius Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/wireshark/wireshark-1.4.9.ebuild,v 1.1 2011/09/12 18:55:52 pva Exp $ EAPI="3" PYTHON_DEPEND="python? 2" @@ -13,7 +13,7 @@ SRC_URI="http://www.wireshark.org/download/src/all-versions/${MY_P}.tar.bz2" LICENSE="GPL-2" SLOT="0" -KEYWORDS="alpha amd64 hppa ia64 ppc ppc64 sparc x86 ~x86-fbsd" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd" IUSE="adns ares doc doc-pdf gtk ipv6 lua gcrypt geoip kerberos profile +pcap portaudio python +caps selinux smi ssl threads zlib" diff --git a/net-analyzer/wireshark/wireshark-1.6.0_rc1.ebuild b/net-analyzer/wireshark/wireshark-1.6.2.ebuild index bac9ad725e1e..90393636a066 100644 --- a/net-analyzer/wireshark/wireshark-1.6.0_rc1.ebuild +++ b/net-analyzer/wireshark/wireshark-1.6.2.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/wireshark/wireshark-1.6.0_rc1.ebuild,v 1.1 2011/05/24 10:44:24 pva Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/wireshark/wireshark-1.6.2.ebuild,v 1.1 2011/09/12 18:55:52 pva Exp $ EAPI="3" PYTHON_DEPEND="python? 2" @@ -46,7 +46,8 @@ DEPEND="${RDEPEND} dev-lang/perl sys-devel/bison sys-apps/sed - sys-devel/flex" + sys-devel/flex + !!<net-analyzer/wireshark-1.6.0_rc1" S=${WORKDIR}/${MY_P} |