summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Deutschmann <whissi@gentoo.org>2017-01-14 16:28:04 +0100
committerAaron Bauman <bman@gentoo.org>2017-01-15 16:59:10 +0900
commit9801aee5391ae3e2c366107e3f0d21e8d29d95d3 (patch)
tree6a85910821d5d8b2e3a567bd1ac7e5df22b7822b /app-arch
parentwww-apps/otrs: Security cleanup (bug #598768) (diff)
downloadgentoo-9801aee5391ae3e2c366107e3f0d21e8d29d95d3.tar.gz
gentoo-9801aee5391ae3e2c366107e3f0d21e8d29d95d3.tar.bz2
gentoo-9801aee5391ae3e2c366107e3f0d21e8d29d95d3.zip
app-arch/unzip: Security cleanup (bug #560416)
Package-Manager: Portage-2.3.3, Repoman-2.3.1 Closes: https://github.com/gentoo/gentoo/pull/3466
Diffstat (limited to 'app-arch')
-rw-r--r--app-arch/unzip/Manifest1
-rw-r--r--app-arch/unzip/files/unzip-5.52-CVE-2008-0888.patch35
-rw-r--r--app-arch/unzip/files/unzip-5.52-no-exec-stack.patch13
-rw-r--r--app-arch/unzip/unzip-5.52-r2.ebuild58
-rw-r--r--app-arch/unzip/unzip-6.0-r3.ebuild73
5 files changed, 0 insertions, 180 deletions
diff --git a/app-arch/unzip/Manifest b/app-arch/unzip/Manifest
index 953dc1c00851..f7a457161cbc 100644
--- a/app-arch/unzip/Manifest
+++ b/app-arch/unzip/Manifest
@@ -1,3 +1,2 @@
-DIST unzip552.tar.gz 1140291 SHA256 145d95e2ef1ef9add2e3c97d1340907e33ab8749eb1235372e7f0b7af600a8e9 SHA512 9b852687a7cbce3a6696f8da176f97eded1e99b1f10ae5e4b29bf870df374fea3e4266b3a731d7cdfc28ce5c060a01dd8d3f9c3d8250d1d774273de16d70528b WHIRLPOOL 4148fe091cf9847245be67c7d85fc6fcdcc2a385dad0434757a0c7dea41131085f9bcd5ca6eedc065091a473f27780341921f90ddcae32e73618319da9122d70
DIST unzip60.tar.gz 1376845 SHA256 036d96991646d0449ed0aa952e4fbe21b476ce994abc276e49d30e686708bd37 SHA512 0694e403ebc57b37218e00ec1a406cae5cc9c5b52b6798e0d4590840b6cdbf9ddc0d9471f67af783e960f8fa2e620394d51384257dca23d06bcd90224a80ce5d WHIRLPOOL eab32d6d0ab100d302b608658a3ae290d3dad4beddccebaf6cb6527102bb238f751ec6482dea68ae62474005de89f11f9e0cf1b1e12bee2ca5a2336a3c0c9808
DIST unzip_6.0-20.debian.tar.xz 16680 SHA256 7ddfafb1a771ae8d6b4e25c5e31f22c717e0fe606b1bafadcdd574c01f671490 SHA512 7212cb110291581c2e465dc8ea5130eabffc4e0369d6245e8c26fa9d350bed904847d6e1191afaaa2d3fc23bd05fda7da80439d0c06b88f5331b01c9eff97fbe WHIRLPOOL ea5ebd5d95638ff8cd2e91eb77f5be544e33ac6fd478aa00c04da193cd3fad980c5ac1975dfedb2c242192cee6c4eee8bbaf3581299f6c3fa45faa639f0169fd
diff --git a/app-arch/unzip/files/unzip-5.52-CVE-2008-0888.patch b/app-arch/unzip/files/unzip-5.52-CVE-2008-0888.patch
deleted file mode 100644
index 368b3eeb122d..000000000000
--- a/app-arch/unzip/files/unzip-5.52-CVE-2008-0888.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-http://bugs.gentoo.org/213761
-
-fix for CVE-2008-0888
-
---- inflate.c
-+++ inflate.c
-@@ -983,6 +983,7 @@
- unsigned l; /* last length */
- unsigned m; /* mask for bit lengths table */
- unsigned n; /* number of lengths to get */
-+ struct huft *tlp;
- struct huft *tl; /* literal/length code table */
- struct huft *td; /* distance code table */
- unsigned bl; /* lookup bits for tl */
-@@ -996,6 +997,8 @@
- int retval = 0; /* error code returned: initialized to "no error" */
-
-
-+ td = tlp = tl = (struct huft *)NULL;
-+
- /* make local bit buffer */
- Trace((stderr, "\ndynamic block"));
- b = G.bb;
-@@ -1047,9 +1050,9 @@
- while (i < n)
- {
- NEEDBITS(bl)
-- j = (td = tl + ((unsigned)b & m))->b;
-+ j = (tlp = tl + ((unsigned)b & m))->b;
- DUMPBITS(j)
-- j = td->v.n;
-+ j = tlp->v.n;
- if (j < 16) /* length of code in bits (0..15) */
- ll[i++] = l = j; /* save last length in l */
- else if (j == 16) /* repeat last length 3 to 6 times */
diff --git a/app-arch/unzip/files/unzip-5.52-no-exec-stack.patch b/app-arch/unzip/files/unzip-5.52-no-exec-stack.patch
deleted file mode 100644
index e2869bfe80de..000000000000
--- a/app-arch/unzip/files/unzip-5.52-no-exec-stack.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-Make sure that the asm files don't incorrectly trigger an executable
-stack marking in the final shared library. That's bad, mmmkay.
-
---- unzip/crc_i386.S
-+++ unzip/crc_i386.S
-@@ -238,3 +238,7 @@
- #endif /* i386 || _i386 || _I386 || __i386 */
-
- #endif /* !USE_ZLIB */
-+
-+#ifdef __ELF__
-+.section .note.GNU-stack,"",%progbits
-+#endif
diff --git a/app-arch/unzip/unzip-5.52-r2.ebuild b/app-arch/unzip/unzip-5.52-r2.ebuild
deleted file mode 100644
index 9f97ed1ae8c0..000000000000
--- a/app-arch/unzip/unzip-5.52-r2.ebuild
+++ /dev/null
@@ -1,58 +0,0 @@
-# Copyright 1999-2008 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-inherit eutils toolchain-funcs flag-o-matic
-
-DESCRIPTION="unzipper for pkzip-compressed files"
-HOMEPAGE="http://www.info-zip.org/"
-SRC_URI="mirror://gentoo/${PN}${PV/.}.tar.gz"
-
-LICENSE="Info-ZIP"
-SLOT="0"
-KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc ~sparc-fbsd x86 ~x86-fbsd"
-IUSE=""
-
-DEPEND=""
-
-src_unpack() {
- unpack ${A}
- cd "${S}"
- epatch "${FILESDIR}"/${P}-no-exec-stack.patch
- epatch "${FILESDIR}"/${P}-CVE-2008-0888.patch #213761
- sed -i \
- -e 's:-O3:$(CFLAGS) $(CPPFLAGS):' \
- -e 's:-O :$(CFLAGS) $(CPPFLAGS) :' \
- -e "s:CC=gcc :CC=$(tc-getCC) :" \
- -e "s:LD=gcc :LD=$(tc-getCC) :" \
- -e "s:AS=gcc :AS=$(tc-getCC) :" \
- -e 's:LF2 = -s:LF2 = :' \
- -e 's:LF = :LF = $(LDFLAGS) :' \
- -e 's:SL = :SL = $(LDFLAGS) :' \
- -e 's:FL = :FL = $(LDFLAGS) :' \
- unix/Makefile \
- || die "sed unix/Makefile failed"
-}
-
-src_compile() {
- local TARGET
- case ${CHOST} in
- i?86*-linux*) TARGET=linux_asm ;;
- *-linux*) TARGET=linux_noasm ;;
- i?86*-freebsd* | i?86*-dragonfly* | i?86*-openbsd* | i?86*-netbsd*)
- TARGET=freebsd ;; # mislabelled bsd with x86 asm
- *-freebsd* | *-dragonfly* | *-openbsd* | *-netbsd*)
- TARGET=bsd ;;
- *-darwin*) TARGET=macosx ;;
- *) die "Unknown target, you suck" ;;
- esac
- append-lfs-flags #104315
- emake -f unix/Makefile ${TARGET} || die "emake failed"
-}
-
-src_install() {
- dobin unzip funzip unzipsfx unix/zipgrep || die "dobin failed"
- dosym unzip /usr/bin/zipinfo || die
- doman man/*.1
- dodoc BUGS History* README ToDo WHERE
-}
diff --git a/app-arch/unzip/unzip-6.0-r3.ebuild b/app-arch/unzip/unzip-6.0-r3.ebuild
deleted file mode 100644
index 3a1d00193947..000000000000
--- a/app-arch/unzip/unzip-6.0-r3.ebuild
+++ /dev/null
@@ -1,73 +0,0 @@
-# Copyright 1999-2014 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI="2"
-inherit eutils toolchain-funcs flag-o-matic
-
-MY_P="${PN}${PV/.}"
-
-DESCRIPTION="unzipper for pkzip-compressed files"
-HOMEPAGE="http://www.info-zip.org/"
-SRC_URI="mirror://sourceforge/infozip/${MY_P}.tar.gz"
-
-LICENSE="Info-ZIP"
-SLOT="0"
-KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~x86-fbsd ~arm-linux ~x86-linux"
-IUSE="bzip2 natspec unicode"
-
-DEPEND="bzip2? ( app-arch/bzip2 )
- natspec? ( dev-libs/libnatspec )"
-RDEPEND="${DEPEND}"
-
-S="${WORKDIR}/${MY_P}"
-
-src_prepare() {
- epatch "${FILESDIR}"/${P}-no-exec-stack.patch
- use natspec && epatch "${FILESDIR}/${PN}-6.0-natspec.patch" #275244
- sed -i -r \
- -e '/^CFLAGS/d' \
- -e '/CFLAGS/s:-O[0-9]?:$(CFLAGS) $(CPPFLAGS):' \
- -e '/^STRIP/s:=.*:=true:' \
- -e "s:\<CC *= *\"?g?cc2?\"?\>:CC=\"$(tc-getCC)\":" \
- -e "s:\<LD *= *\"?(g?cc2?|ld)\"?\>:LD=\"$(tc-getCC)\":" \
- -e "s:\<AS *= *\"?(g?cc2?|as)\"?\>:AS=\"$(tc-getCC)\":" \
- -e 's:LF2 = -s:LF2 = :' \
- -e 's:LF = :LF = $(LDFLAGS) :' \
- -e 's:SL = :SL = $(LDFLAGS) :' \
- -e 's:FL = :FL = $(LDFLAGS) :' \
- -e "/^#L_BZ2/s:^$(use bzip2 && echo .)::" \
- -e 's:$(AS) :$(AS) $(ASFLAGS) :g' \
- unix/Makefile \
- || die "sed unix/Makefile failed"
-}
-
-src_compile() {
- local TARGET
- case ${CHOST} in
- i?86*-*linux*) TARGET=linux_asm ;;
- *linux*) TARGET=linux_noasm ;;
- i?86*-*bsd* | \
- i?86*-dragonfly*) TARGET=freebsd ;; # mislabelled bsd with x86 asm
- *bsd* | *dragonfly*) TARGET=bsd ;;
- *-darwin*) TARGET=macosx ;;
- *-cygwin*) TARGET=cygwin ;;
- *) die "Unknown target, you suck" ;;
- esac
-
- [[ ${CHOST} == *linux* ]] && append-cppflags -DNO_LCHMOD
- use bzip2 && append-cppflags -DUSE_BZIP2
- use unicode && append-cppflags -DUNICODE_SUPPORT -DUNICODE_WCHAR -DUTF8_MAYBE_NATIVE
- append-cppflags -DLARGE_FILE_SUPPORT #281473
-
- ASFLAGS="${ASFLAGS} $(get_abi_var CFLAGS)" emake \
- -f unix/Makefile \
- ${TARGET} || die "emake failed"
-}
-
-src_install() {
- dobin unzip funzip unzipsfx unix/zipgrep || die "dobin failed"
- dosym unzip /usr/bin/zipinfo || die
- doman man/*.1
- dodoc BUGS History* README ToDo WHERE
-}