Security bump. Add backported patch wrt bug 308055.

Package-Manager: portage-2.2.7/cvs/Linux x86_64 Manifest-Sign-Key: 0x42618354
author: Chris Reffett <creffett@gentoo.org> 2013-10-19 22:40:54 +0000
committer: Chris Reffett <creffett@gentoo.org> 2013-10-19 22:40:54 +0000
commit: b1b6b62c30285c798cbf7b99bcafb1027962b06f (patch)
tree: 3bc90a0dfb207554215f96e7385d2d917a39987b /sys-process
parent: Version bump, as requested by "Shark" in bug #488618. New Huffman decoding sc... (diff)
download: historical-b1b6b62c30285c798cbf7b99bcafb1027962b06f.tar.gz
historical-b1b6b62c30285c798cbf7b99bcafb1027962b06f.tar.bz2
historical-b1b6b62c30285c798cbf7b99bcafb1027962b06f.zip
4 files changed, 170 insertions, 10 deletions
diff --git a/sys-process/vixie-cron/ChangeLog b/sys-process/vixie-cron/ChangeLog
index 7fe0eb0fd7c1..9ec3a227289a 100644
--- a/sys-process/vixie-cron/ChangeLog
+++ b/sys-process/vixie-cron/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for sys-process/vixie-cron
 # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-process/vixie-cron/ChangeLog,v 1.70 2013/10/11 08:21:17 pinkbyte Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-process/vixie-cron/ChangeLog,v 1.71 2013/10/19 22:40:44 creffett Exp $
+
+*vixie-cron-4.1-r14 (19 Oct 2013)
+
+  19 Oct 2013; Chris Reffett <creffett@gentoo.org>
+  +files/vixie-cron-4.1-crontabrace.patch, +vixie-cron-4.1-r14.ebuild:
+  Security bump. Add backported patch wrt bug 308055.
 
   11 Oct 2013; Sergey Popov <pinkbyte@gentoo.org> vixie-cron-4.1-r13.ebuild:
   Stable on x86, wrt bug #480122
diff --git a/sys-process/vixie-cron/Manifest b/sys-process/vixie-cron/Manifest
index facb28b86786..348d122a6059 100644
--- a/sys-process/vixie-cron/Manifest
+++ b/sys-process/vixie-cron/Manifest
@@ -9,6 +9,7 @@ AUX pamd.compatible 123 SHA256 35940dd36bf0332b1a57d44d3f2f6cc7489c262119c69f8b1
 AUX vixie-cron-4.1-basename.diff 479 SHA256 a6ef26a9666fcbbed530195aa2f2f040778f8f5155e344e6f4979e5c152a6371 SHA512 979942efca89b724ca4bdc865d6d5ee3a298c9a1d2af69edbc3d65b3831ff99225eb7b2b4974722d38272b8fb4651806d51f2d1bf2e15e2a65deb1c64f7a8349 WHIRLPOOL 07b80da050eca4ac8e13b60996656c0bd6e8bd823cdc608b5d8d86ae60dfaa95b8200d210f14d7caa0566b15e857e1b5fcbcc1542b278783d6a3b46a44aa35ff
 AUX vixie-cron-4.1-commandline.patch 387 SHA256 158eaa10c4e197c7c82b19297da298b3a56bb4bda91b5e94cd06dafaa489d4d4 SHA512 cfd85bb7999160559d462c246e6b87b0dd472dd859065adc0b3c98332b6da484a2be70a8ad55001f0d701e91f6f7f35972c1c0135cf79f1f7399a5371558c05b WHIRLPOOL 62734843003856a3e5162a4ab46e3cd5ac6d7b28e7389586f2e7714ff317e7be2dd2917c59d2328ae5b562141443c3bb26323cc2ee95ddd6d5ac1e4231b06c66
 AUX vixie-cron-4.1-cron.deny 220 SHA256 3e32d9d1bcb012f773fa7674f5d672af2539db5bda8878741873bbcc599678ff SHA512 2f26a1f05dc1765113543cd83ace5bb9bed5ce4c2189331e5ee1617e94ad8fa8af5abf4ddcf107f7ff5e7d18ed74f3356fc64da31b6d4eea1c3731ff28b631f9 WHIRLPOOL e7c2bf33430472eadd41713ccd9cb880eff57abf0acc1a193a0057a00b9564cb5e1e436bf729f19519958287cd9cd5034d65551aec7ee1f57bc1327b410af4e9
+AUX vixie-cron-4.1-crontabrace.patch 658 SHA256 428649286f6f3245a8fcc6a7bc39991dbdc5d2fbc8cda850c34c62c419dfea13 SHA512 7aac74563a26bc86bb99488ab0a556a389b5a3d36bed7c80c355a3504d9175d1ac8d437ebdba60831de42a1cc7188b464956f8e94876f8eaf465c9f7005b8242 WHIRLPOOL 5317ec4caea35f9e36badb186f618d96fd828372b37c29181f594fe705cd8943ff33fd325d7bd9ab65215162213bbeb431b60244b269248b5aee346eac41dfde
 AUX vixie-cron-4.1-hardlink.patch 369 SHA256 abce88d7f48f902baddf532a8c137b6d55a1157d04b179b3f18b19de70b030bd SHA512 32a804929f1a005edbe58c17e5a4e57141e1b379724e1d760729ba2e5f578b9e509e5e04893e648f463dc250804a9b6303b3dfb7d91c485e57ac02e1c866600a WHIRLPOOL edb0030a0e57becfe440abc75de16b1393a40283507e512c923e4892ef4b60c7fdb8f088ceff3182b9b1ebbdd8c6e7a4ff65969530892154ea83a7cb86b79c7d
 AUX vixie-cron-4.1-pam.patch 1714 SHA256 7dbfc2aaa50ab7aff012e97306fa12a1751e96c42e3af0ae82b9659ab24e660e SHA512 596e3888c9ba484b5e4f2b0db14aac0449760d9e4ca91105cac19555c4e45ae96c9e5e302335c5559697881286eae98d7149742e4f01102cc5042edf795d46fc WHIRLPOOL fef465a81aea7748645cc76aeece6aaeb1ea7d4e4deea99a3015266b4ef453584b48ed838ab9d926af8b11068cf2b4ffe123a84e83282311b46465ba45275cda
 AUX vixie-cron-4.1-selinux-1.diff 4680 SHA256 2270530663fd07d05af79684a4b43f91cf2fffb0fd2e43b69667649ae5e151c1 SHA512 81489b126a1a65ca7a2ec4f894e1944421c9fea8942baaf1cf4e13300894ff860c2c62520358e669785e8e9242de8efad5b87ce12a8ab2cba282f7760bbfb8c7 WHIRLPOOL cb54fa408187e7ce02a624c1314879b1355230fd702a5bd540c6cefe06f23aa4ef4dc209c49d1091f27b9cfd56e39dafb68e3125ea6b8dce06c4c4c62945d7e4
@@ -22,16 +23,15 @@ DIST vixie-cron-4.1.tar.bz2 54246 SHA256 fd25119b301e0e8306ec27ee912298740c5c8ae
 EBUILD vixie-cron-4.1-r10.ebuild 3493 SHA256 0a2bcab0d21d1c8bdf1882eb331aa239ed8c00b07a63e410ed795e4dd5e6432e SHA512 298fcaf5ed7a0ac022d658e25e671d342c6a5efeb1b101b864e487ae1221dfc253b3df0f10516a03fd1c7f8fb5f7224b9a22a237feebe2cf979ce0d930673151 WHIRLPOOL ef2c7431dc76e9062a1926db2c1c4107d7107fa4cf76bd870dc6b2e24f94c9cf5becf892cc091aeebd8596df94c1d492f28a94a179f245dcedfba0b342bf80f2
 EBUILD vixie-cron-4.1-r12.ebuild 3515 SHA256 b000683f0aadb7bd900a17744ea477545529b724ae9f6d84f01c42a0797f4dc8 SHA512 70c898e3b9f293ca26f9f9e6b8e2d4fb4eab8d49ba0143742aa190ff5267729dbfa010ba7537f1367f568a0e81221405eca5d857e98909554582d538134b75f5 WHIRLPOOL 7881c30ed8f72679438c43f0a19ca9cb1923f9167aedf9545e25dcec952d32365b62a1cd83c9973e3a895f8a5b18dbb66e9d64adcd7e4e84a59ba677fe31c1f8
 EBUILD vixie-cron-4.1-r13.ebuild 3568 SHA256 33ae62afbfed4ab619befa868dc0820728e20c3b397b962cf7b6cbb4dc23ca7b SHA512 91e6e941f9f494c1334b3dc31c1c4fc3a1483f115db3ff19ce6feb0f87956522054eee1c671db536600ed8cefa127ab54635111f4a7e6a077a0dcc27ce4a30c0 WHIRLPOOL f66b84b7b674f5babbbdcf0e78ab0b67ef2bdab9dec7e93231e3aa9037a294a6692b6598e4a9e31e52293c629491e9849680541e11122d68b1a8cf4a32bb93ef
-MISC ChangeLog 22650 SHA256 b1a6c0c96dd0be481629d0cc2bec04fcba1b7e520a4d67b4d1edfd5e305303ca SHA512 6c276c470cbeb17b80da4d9e22e4d5de4aff83e7237b7765c37e910f78735618355a6514bfaa7e8d7f07b8a5ae8c54f44eb7c0b3a72689aedad8f21bc15ed70d WHIRLPOOL 72e119ba2a0e8fba698a37da694ba61e6f95a6abfb127e346b57310b07ff28c54fa0ed72d722b0424e282f004490151880910854f0467862ea41f4a1660afa02
+EBUILD vixie-cron-4.1-r14.ebuild 3618 SHA256 46c017cd32eb999ff7102fcb900ab04a131636921cefddbbc174d75e25db4f8e SHA512 13f91bdba00e52ec166b39c2cc28bd607104e71d2b2477340e5d208e0fad83a59611e59053d871cbb50526a981a099568973f0f6c47525186036c9e67d2ab856 WHIRLPOOL cdec838bd5196fc77a1312c5057142aa84b626f32eea7fb1a5ec97566258047bf7c65a8644af921f887c6e275ff245265204b936b22f8a4cd417fa980b76f71b
+MISC ChangeLog 22862 SHA256 a40429f733cf28a70eebbaa879609007e2a997df82993284e0440cea2c295443 SHA512 88d626a551a0aedec900201a4ece415c49475a4c4ef26be4b44b513c1c629e7d5a3a6d489001ecc302dab5e34caccf81c913158e1a8b0ffa9bd92bc19966d9bc WHIRLPOOL de7336c2db6e844067e91bcc043d0f75235c877d776075e66de689e64ddc60b07a12a215061ee10cdd6d8c9f86309145a303e2859f5fb37a5b55532997ed81f5
 MISC metadata.xml 158 SHA256 a262a73b2049a89ab6a4bdf51df27bea44c7f0aa0ee33176c59a9c63eb45e764 SHA512 0848ecc6b5e718ad001952843f69815fd8c3f50d126d3a2bbc48b86a9bfa21eab50fdb2eb11188362b8ead9db4cefb3719b53e0b76e4412a7a9a377a091e60bc WHIRLPOOL 3034b4ecfc87a8678ffab15dfc07af401c1b53660f7369b80a63b5c20300a3701068e87d7f6ff28ac1fd1c373051ce895e0316ecf7d9e91ad4eb627702b1ba02
 -----BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.22 (GNU/Linux)
+Version: GnuPG v2.0.20 (GNU/Linux)
 
-iQEcBAEBCAAGBQJSV7TYAAoJECo/aRed9267baEIAJxYEAVJxtsElqx8wVKz+Q0T
-Y+CnfibD9z5mBITiF/FTMO3qBQZG7KW0czORdR+VV8+GOo1FOlEjFpCJN73Vo5Ya
-e1D36gOIfVbC3chzc4c8HQQ1mGWDvWcLJRYFvQlac7FyU8aofvQ4gr8pNacCt814
-LjPd5C3bfK1tG6UP3ScxuNKSESA4UAf0GZeg5Z92Y5/HhJUIP2FUDuloqeDAkwB8
-WUGuV6lupSdWR2C0ayRh8ucjMxuh+j8ZHaofwFijVRETAkeEUzSu5+iEhfJvXZQA
-mMMUx+AHB0KWHlSgoLUA8xJwTW6gLJFsi4kbXoIf/RogJBH4z5Zn+ygmVM42wlg=
-=qPe4
+iKYEAREIAGYFAlJjCm5fFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
+bnBncC5maWZ0aGhvcnNlbWFuLm5ldEM2NzU5RjUyMDczREJDQkVDQTBDRkE1NERC
+Nzk1QThBNDI2MTgzNTQACgkQ23laikJhg1R8RwCeKSx8HyZJhO5OKwW8Y3ThkPni
+7UUAn0JX4uYu/HtMjVhMMzTW/LBvh1Cy
+=OwaY
 -----END PGP SIGNATURE-----
diff --git a/sys-process/vixie-cron/files/vixie-cron-4.1-crontabrace.patch b/sys-process/vixie-cron/files/vixie-cron-4.1-crontabrace.patch
new file mode 100644
index 000000000000..5109554e1dd1
--- /dev/null
+++ b/sys-process/vixie-cron/files/vixie-cron-4.1-crontabrace.patch
@@ -0,0 +1,29 @@
+--- vixie-cron-4.1/crontab.c
++++ vixie-cron-4.1/crontab.c
+@@ -314,8 +314,6 @@
+ 		perror("fstat");
+ 		goto fatal;
+ 	}
+-	utimebuf.actime = statbuf.st_atime;
+-	utimebuf.modtime = statbuf.st_mtime;
+ 
+ 	/* Turn off signals. */
+ 	(void)signal(SIGHUP, SIG_IGN);
+@@ -374,6 +372,17 @@
+ 		perror(Filename);
+ 		exit(ERROR_EXIT);
+ 	}
++	if (swap_uids() < OK) {
++		perror("swapping uids");
++		exit(ERROR_EXIT);
++	}
++	utimebuf.actime = statbuf.st_atime;
++	utimebuf.modtime = statbuf.st_mtime;
++	utime(Filename, &utimebuf);
++	if (swap_uids_back() < OK) {
++		perror("swapping uids back");
++		exit(ERROR_EXIT);
++	}
+ 	utime(Filename, &utimebuf);
+  again:
+ 	rewind(NewCrontab);
diff --git a/sys-process/vixie-cron/vixie-cron-4.1-r14.ebuild b/sys-process/vixie-cron/vixie-cron-4.1-r14.ebuild
new file mode 100644
index 000000000000..7496bee4c992
--- /dev/null
+++ b/sys-process/vixie-cron/vixie-cron-4.1-r14.ebuild
@@ -0,0 +1,125 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-process/vixie-cron/vixie-cron-4.1-r14.ebuild,v 1.1 2013/10/19 22:40:44 creffett Exp $
+
+inherit cron toolchain-funcs pam eutils flag-o-matic user systemd
+
+# no useful homepage, bug #65898
+HOMEPAGE="ftp://ftp.isc.org/isc/cron/"
+DESCRIPTION="Paul Vixie's cron daemon, a fully featured crond implementation"
+
+SELINUX_PATCH="${P}-selinux-1.diff"
+GENTOO_PATCH_REV="r4"
+
+SRC_URI="mirror://gentoo/${P}.tar.bz2
+	mirror://gentoo/${P}-gentoo-${GENTOO_PATCH_REV}.patch.bz2"
+
+LICENSE="ISC BSD-2 BSD"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd"
+IUSE="selinux pam debug"
+
+DEPEND="selinux? ( sys-libs/libselinux )
+	pam? ( virtual/pam )"
+
+RDEPEND="selinux? ( sys-libs/libselinux )
+	 pam? ( virtual/pam )"
+
+#vixie-cron supports /etc/crontab
+CRON_SYSTEM_CRONTAB="yes"
+
+pkg_setup() {
+	enewgroup crontab
+}
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+
+	epatch "${WORKDIR}"/${P}-gentoo-${GENTOO_PATCH_REV}.patch
+	epatch "${FILESDIR}"/crontab.5.diff
+	epatch "${FILESDIR}"/${P}-commandline.patch
+	epatch "${FILESDIR}"/${P}-basename.diff
+	epatch "${FILESDIR}"/${P}-setuid_check.patch
+	epatch "${FILESDIR}"/${P}-hardlink.patch
+	epatch "${FILESDIR}"/${P}-crontabrace.patch
+	use pam && epatch "${FILESDIR}"/${P}-pam.patch
+	use selinux && epatch "${FILESDIR}"/${SELINUX_PATCH}
+}
+
+src_compile() {
+	use debug && append-flags -DDEBUGGING
+
+	sed -i -e "s:gcc \(-Wall.*\):$(tc-getCC) \1 ${CFLAGS}:" \
+		-e "s:^\(LDFLAGS[ \t]\+=\).*:\1 ${LDFLAGS}:" Makefile \
+		|| die "sed Makefile failed"
+
+	emake || die "emake failed"
+}
+
+src_install() {
+	docrondir -m 1730 -o root -g crontab
+	docron
+	docrontab -m 2755 -o root -g crontab
+
+	# /etc stuff
+	insinto /etc
+	newins  "${FILESDIR}"/crontab-3.0.1-r4 crontab
+	newins "${FILESDIR}"/${P}-cron.deny cron.deny
+
+	keepdir /etc/cron.d
+	newpamd "${FILESDIR}"/pamd.compatible cron
+	newinitd "${FILESDIR}"/vixie-cron.rc7 vixie-cron
+
+	# doc stuff
+	doman crontab.1 crontab.5 cron.8
+	dodoc "${FILESDIR}"/crontab
+	dodoc CHANGES CONVERSION FEATURES MAIL README THANKS
+
+	systemd_dounit "${FILESDIR}/${PN}.service"
+}
+
+pkg_preinst() {
+	has_version "<${CATEGORY}/${PN}-4.1-r10"
+	fix_spool_dir_perms=$?
+}
+
+pkg_postinst() {
+	if [[ -f ${ROOT}/etc/init.d/vcron ]]
+	then
+		ewarn "Please run:"
+		ewarn "rc-update del vcron"
+		ewarn "rc-update add vixie-cron default"
+	fi
+
+	# bug 71326
+	if [[ -u ${ROOT}/etc/pam.d/cron ]] ; then
+		echo
+		ewarn "Warning: previous ebuilds didn't reset permissions prior"
+		ewarn "to installing crontab, resulting in /etc/pam.d/cron being"
+		ewarn "installed with the SUID and executable bits set."
+		ewarn
+		ewarn "Run the following as root to set the proper permissions:"
+		ewarn "   chmod 0644 /etc/pam.d/cron"
+		echo
+	fi
+
+	# bug 164466
+	if [[ $fix_spool_dir_perms = 0 ]] ; then
+		echo
+		ewarn "Previous ebuilds didn't correctly set permissions on"
+		ewarn "the crontabs spool directory. Proper permissions are"
+		ewarn "now being set on ${ROOT}var/spool/cron/crontabs/"
+		ewarn "Look at this directory if you have a specific configuration"
+		ewarn "that needs special ownerships or permissions."
+		echo
+		chmod 1730 "${ROOT}/var/spool/cron/crontabs" || die "chmod failed"
+		chgrp -R crontab "${ROOT}/var/spool/cron/crontabs" || die "chgrp failed"
+		cd "${ROOT}/var/spool/cron/crontabs/"
+		for cronfile in * ; do
+			[[ ! -f $cronfile ]] || chown "$cronfile:crontab" "$cronfile" \
+		    || ewarn "chown failed on $cronfile, you probably have an orphan file."
+		done
+	fi
+
+	cron_pkg_postinst
+}
author	Chris Reffett <creffett@gentoo.org>	2013-10-19 22:40:54 +0000
committer	Chris Reffett <creffett@gentoo.org>	2013-10-19 22:40:54 +0000
commit	b1b6b62c30285c798cbf7b99bcafb1027962b06f (patch)
tree	3bc90a0dfb207554215f96e7385d2d917a39987b /sys-process
parent	Version bump, as requested by "Shark" in bug #488618. New Huffman decoding sc... (diff)
download	historical-b1b6b62c30285c798cbf7b99bcafb1027962b06f.tar.gz historical-b1b6b62c30285c798cbf7b99bcafb1027962b06f.tar.bz2 historical-b1b6b62c30285c798cbf7b99bcafb1027962b06f.zip