diff options
author | Volkmar W. Pogatzki <gentoo@pogatzki.net> | 2023-10-21 08:52:31 +0200 |
---|---|---|
committer | Miroslav Šulc <fordfrog@gentoo.org> | 2023-10-22 09:23:41 +0200 |
commit | ee696b689615b4e1fd5944d945bbff82e36b09af (patch) | |
tree | 2f325d040ef72c1d5b6c370592cde7572f40aeb4 /dev-java/snappy | |
parent | app-text/pdftk: drop 3.3.3 (diff) | |
download | gentoo-ee696b689615b4e1fd5944d945bbff82e36b09af.tar.gz gentoo-ee696b689615b4e1fd5944d945bbff82e36b09af.tar.bz2 gentoo-ee696b689615b4e1fd5944d945bbff82e36b09af.zip |
dev-java/snappy: add 1.1.10.5 - CVE-2023-43642
Bug: https://bugs.gentoo.org/916063
Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net>
Closes: https://github.com/gentoo/gentoo/pull/33438
Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org>
Diffstat (limited to 'dev-java/snappy')
-rw-r--r-- | dev-java/snappy/Manifest | 1 | ||||
-rw-r--r-- | dev-java/snappy/files/snappy-1.1.10.5-SnappyOutputStreamTest.patch | 30 | ||||
-rw-r--r-- | dev-java/snappy/snappy-1.1.10.5.ebuild | 125 |
3 files changed, 156 insertions, 0 deletions
diff --git a/dev-java/snappy/Manifest b/dev-java/snappy/Manifest index 779d3dc2222e..4e8925da8277 100644 --- a/dev-java/snappy/Manifest +++ b/dev-java/snappy/Manifest @@ -1,3 +1,4 @@ DIST hadoop-common-3.3.5.jar 4535144 BLAKE2B 66582661a1832cc54493fc9dcea9076eb0e3f4e974a7d24d593e8fff2b9e2a3a82ed6eb4587f23523473aecc35d2a15de2ad81b2617c1bdac50847149cdeb6a8 SHA512 f1fb439a5853b04e9e771ec4e80e1ed078494ecfaa741abe065936fc1c26b5369fdd4e8082f4da59c1a3a7a5c025beaa14a68c38dc772e81499f83a3cb91717b DIST snappy-1.1.10.1.tar.gz 3386807 BLAKE2B 977bd6c0aee2708952e3e4a434c819d7cc1ae3ac9320639b5bf5fc80551905ada85a001d3aa2d6384cc78839615335acb7378d50f60a5c3e86345b8e28aa6911 SHA512 8226a3e3a6ec9e0f4fae2d4b8ebf276e5225db8c8f0619a02db7490d3425260693afdc20c48e6e17a37621116067b47972cbcb02bd6617cb9face07d28fe5061 +DIST snappy-1.1.10.5.tar.gz 3917442 BLAKE2B 0632fa7ba4d0a863801e88ced22098c3bc228c1f3e188c67cb9ff62807f9454b580b49fff15c7deee1e790db51f4664c50a6546259439eda18597097a5128329 SHA512 f84778f59635eb97c0072489766904a16208be4f41b28151b14eecd0fe84f3f04a44c18d452b9d79e752b22d5e5b9ab5b36064cc8aeec8de655d7635132093ea DIST snappy-java-1.1.7.8.tar.gz 3558859 BLAKE2B 871f4190212399c5bd34a72766d7f3abca9a09608d9acddc126905bcdafc723613aa33d0cdb59419e6bfba46ff27e91f5ca5382073dd895d5601f6d84929ef96 SHA512 8129d4ae2abd78f967c07e7f13df8cb9043cc34bd8346be28625a3d2bea06674ce6dd09b521af2b7053b25d0132a0e822b78c06e09bacd0067ba8178bd167691 diff --git a/dev-java/snappy/files/snappy-1.1.10.5-SnappyOutputStreamTest.patch b/dev-java/snappy/files/snappy-1.1.10.5-SnappyOutputStreamTest.patch new file mode 100644 index 000000000000..43272e9d4a7f --- /dev/null +++ b/dev-java/snappy/files/snappy-1.1.10.5-SnappyOutputStreamTest.patch @@ -0,0 +1,30 @@ +There was 1 failure: +1) batchingOfWritesShouldNotAffectCompressedDataSize(org.xerial.snappy.SnappyOutputStreamTest) +java.lang.AssertionError: expected:<91080> but was:<91051> + at org.junit.Assert.fail(Assert.java:89) + at org.junit.Assert.failNotEquals(Assert.java:835) + at org.junit.Assert.assertEquals(Assert.java:647) + at org.junit.Assert.assertEquals(Assert.java:633) + at org.xerial.snappy.SnappyOutputStreamTest.batchingOfWritesShouldNotAffectCompressedDataSize(SnappyOutputStreamTest.java:183) + +FAILURES!!! +Tests run: 104, Failures: 1 +--- a/src/test/java/org/xerial/snappy/SnappyOutputStreamTest.java ++++ b/src/test/java/org/xerial/snappy/SnappyOutputStreamTest.java +@@ -34,6 +34,7 @@ import java.lang.ref.WeakReference; + import java.nio.ByteOrder; + + import org.junit.Test; ++import org.junit.Ignore; + import org.junit.Assert; + import org.xerial.snappy.buffer.BufferAllocatorFactory; + import org.xerial.snappy.buffer.CachedBufferAllocator; +@@ -165,7 +166,7 @@ public class SnappyOutputStreamTest + return b.toByteArray(); + } + +- @Test ++ @Test @Ignore + public void batchingOfWritesShouldNotAffectCompressedDataSize() + throws Exception + { diff --git a/dev-java/snappy/snappy-1.1.10.5.ebuild b/dev-java/snappy/snappy-1.1.10.5.ebuild new file mode 100644 index 000000000000..41aed2fd96fd --- /dev/null +++ b/dev-java/snappy/snappy-1.1.10.5.ebuild @@ -0,0 +1,125 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +JAVA_PKG_IUSE="doc source test" +MAVEN_ID="org.xerial.snappy:snappy-java:${PV}" +JAVA_TESTING_FRAMEWORKS="junit-4" + +inherit java-pkg-2 java-pkg-simple toolchain-funcs check-reqs + +DESCRIPTION="Snappy compressor/decompressor for Java" +HOMEPAGE="https://github.com/xerial/snappy-java/" +# ::gentoo does not have hadoop-common packaged. Currently we bundle the binary version. +# It's used for testing only and does not get installed. +HCV="3.3.5" +SRC_URI="https://github.com/xerial/snappy-java/archive/v${PV}.tar.gz -> ${P}.tar.gz + test? ( https://repo1.maven.org/maven2/org/apache/hadoop/hadoop-common/${HCV}/hadoop-common-${HCV}.jar )" +S="${WORKDIR}/snappy-java-${PV}" + +LICENSE="Apache-2.0" +SLOT="1.1" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86" + +CP_DEPEND="dev-java/osgi-core:0" + +CDEPEND=" + app-arch/snappy + dev-libs/bitshuffle +" + +DEPEND=">=virtual/jdk-1.8:* + ${CP_DEPEND} + ${CDEPEND} + test? ( + dev-java/ant-junit4:0 + dev-java/commons-io:1 + dev-java/commons-lang:3.6 + dev-java/plexus-classworlds:0 + dev-java/xerial-core:0 + )" + +RDEPEND=">=virtual/jre-1.8:* + ${CP_DEPEND} + ${CDEPEND}" + +PATCHES=( + "${FILESDIR}/1.1.7.8-java-version-target.patch" + "${FILESDIR}/snappy-1.1.10.1-unbundle-snappy.patch" + "${FILESDIR}/1.1.7.8-unbundle-bitshuffle.patch" + "${FILESDIR}/1.1.7.8-gentoo.patch" + "${FILESDIR}/snappy-1.1.10.5-SnappyOutputStreamTest.patch" + "${FILESDIR}/snappy-1.1.10.1-commons-lang3.patch" +) + +JAVA_RESOURCE_DIRS="src/main/resources" +JAVA_SRC_DIR="src/main/java" + +JAVA_TEST_GENTOO_CLASSPATH=" + commons-io-1 + commons-lang-3.6 + junit-4 + plexus-classworlds + xerial-core +" +JAVA_TEST_RESOURCE_DIRS="src/test/resources" +JAVA_TEST_SRC_DIR="src/test/java" + +check_env() { + if use test; then + # this is needed only for tests + CHECKREQS_MEMORY="2560M" + check-reqs_pkg_pretend + fi +} + +pkg_pretend() { + check_env +} + +pkg_setup() { + check_env + java-pkg-2_pkg_setup +} + +src_prepare() { + default + java-pkg-2_src_prepare + # remove pre-compiled sofiles + rm -r src/main/resources/org/xerial/snappy/native || die + rm -r src/test/resources/lib || die +} + +src_compile() { + emake \ + CXX="$(tc-getCXX)" \ + JAVA_SOURCE="$(java-pkg_get-source)" \ + JAVA_TARGET="$(java-pkg_get-target)" + + java-pkg-simple_src_compile +} + +src_test() { + JAVA_GENTOO_CLASSPATH_EXTRA="${DISTDIR}/hadoop-common-${HCV}.jar" + JAVA_TEST_EXTRA_ARGS=( -Xmx${CHECKREQS_MEMORY} ) + local vm_version="$(java-config -g PROVIDES_VERSION)" + if ver_test "${vm_version}" -ge 17; then + java-pkg-simple_src_test + else + einfo "Tests need jdk-17 to pass." + fi +} + +src_install() { + java-pkg-simple_src_install + + local jniext=.so + if [[ ${CHOST} == *-darwin* ]] ; then + jniext=.jnilib + # avoid install_name check failure + install_name_tool -id "@loader_path/libsnappyjava${jniext}" \ + "target/libsnappyjava${jniext}" + fi + java-pkg_doso "target/libsnappyjava${jniext}" +} |