forked from gentoo/gentoo
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
app-arch/bzip2: Security revbump to fix CVE-2016-3189 (bug #620466).
Package-Manager: Portage-2.3.6, Repoman-2.3.2
- Loading branch information
Lars Wendler
committed
Jun 3, 2017
1 parent
d63517f
commit fd4e6ac
Showing
2 changed files
with
132 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,114 @@ | ||
# Copyright 1999-2017 Gentoo Foundation | ||
# Distributed under the terms of the GNU General Public License v2 | ||
|
||
# XXX: atm, libbz2.a is always PIC :(, so it is always built quickly | ||
# (since we're building shared libs) ... | ||
|
||
EAPI=5 | ||
|
||
inherit eutils toolchain-funcs multilib multilib-minimal | ||
|
||
DESCRIPTION="A high-quality data compressor used extensively by Gentoo Linux" | ||
HOMEPAGE="http://www.bzip.org/" | ||
SRC_URI="http://www.bzip.org/${PV}/${P}.tar.gz" | ||
|
||
LICENSE="BZIP2" | ||
SLOT="0" | ||
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd" | ||
IUSE="static static-libs" | ||
|
||
PATCHES=( | ||
"${FILESDIR}"/${PN}-1.0.4-makefile-CFLAGS.patch | ||
"${FILESDIR}"/${PN}-1.0.6-saneso.patch | ||
"${FILESDIR}"/${PN}-1.0.4-man-links.patch #172986 | ||
"${FILESDIR}"/${PN}-1.0.6-progress.patch | ||
"${FILESDIR}"/${PN}-1.0.3-no-test.patch | ||
"${FILESDIR}"/${PN}-1.0.4-POSIX-shell.patch #193365 | ||
"${FILESDIR}"/${PN}-1.0.6-mingw.patch #393573 | ||
"${FILESDIR}"/${PN}-1.0.6-out-of-tree-build.patch | ||
"${FILESDIR}"/${PN}-1.0.6-CVE-2016-3189.patch #620466 | ||
) | ||
|
||
src_prepare() { | ||
epatch "${PATCHES[@]}" | ||
|
||
# - Use right man path | ||
# - Generate symlinks instead of hardlinks | ||
# - pass custom variables to control libdir | ||
sed -i \ | ||
-e 's:\$(PREFIX)/man:\$(PREFIX)/share/man:g' \ | ||
-e 's:ln -s -f $(PREFIX)/bin/:ln -s -f :' \ | ||
-e 's:$(PREFIX)/lib:$(PREFIX)/$(LIBDIR):g' \ | ||
Makefile || die | ||
} | ||
|
||
bemake() { | ||
emake \ | ||
VPATH="${S}" \ | ||
CC="$(tc-getCC)" \ | ||
AR="$(tc-getAR)" \ | ||
RANLIB="$(tc-getRANLIB)" \ | ||
"$@" | ||
} | ||
|
||
multilib_src_compile() { | ||
bemake -f "${S}"/Makefile-libbz2_so all | ||
# Make sure we link against the shared lib #504648 | ||
ln -sf libbz2.so.${PV} libbz2.so | ||
bemake -f "${S}"/Makefile all LDFLAGS="${LDFLAGS} $(usex static -static '')" | ||
} | ||
|
||
multilib_src_install() { | ||
into /usr | ||
|
||
# Install the shared lib manually. We install: | ||
# .x.x.x - standard shared lib behavior | ||
# .x.x - SONAME some distros use #338321 | ||
# .x - SONAME Gentoo uses | ||
dolib.so libbz2.so.${PV} | ||
local v | ||
for v in libbz2.so{,.{${PV%%.*},${PV%.*}}} ; do | ||
dosym libbz2.so.${PV} /usr/$(get_libdir)/${v} | ||
done | ||
use static-libs && dolib.a libbz2.a | ||
|
||
if multilib_is_native_abi ; then | ||
gen_usr_ldscript -a bz2 | ||
|
||
dobin bzip2recover | ||
into / | ||
dobin bzip2 | ||
fi | ||
} | ||
|
||
multilib_src_install_all() { | ||
# `make install` doesn't cope with out-of-tree builds, nor with | ||
# installing just non-binaries, so handle things ourselves. | ||
insinto /usr/include | ||
doins bzlib.h | ||
into /usr | ||
dobin bz{diff,grep,more} | ||
doman *.1 | ||
|
||
dosym bzdiff /usr/bin/bzcmp | ||
dosym bzdiff.1 /usr/share/man/man1/bzcmp.1 | ||
|
||
dosym bzmore /usr/bin/bzless | ||
dosym bzmore.1 /usr/share/man/man1/bzless.1 | ||
|
||
local x | ||
for x in bunzip2 bzcat bzip2recover ; do | ||
dosym bzip2.1 /usr/share/man/man1/${x}.1 | ||
done | ||
for x in bz{e,f}grep ; do | ||
dosym bzgrep /usr/bin/${x} | ||
dosym bzgrep.1 /usr/share/man/man1/${x}.1 | ||
done | ||
|
||
dodoc README* CHANGES manual.pdf | ||
dohtml manual.html | ||
|
||
# move "important" bzip2 binaries to /bin and use the shared libbz2.so | ||
dosym bzip2 /bin/bzcat | ||
dosym bzip2 /bin/bunzip2 | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
Upstream-Status: Backport | ||
https://bugzilla.suse.com/attachment.cgi?id=681334 | ||
|
||
CVE: CVE-2016-3189 | ||
Signed-off-by: Armin Kuster <[email protected]> | ||
|
||
Index: bzip2-1.0.6/bzip2recover.c | ||
=================================================================== | ||
--- bzip2-1.0.6.orig/bzip2recover.c | ||
+++ bzip2-1.0.6/bzip2recover.c | ||
@@ -457,6 +457,7 @@ Int32 main ( Int32 argc, Char** argv ) | ||
bsPutUChar ( bsWr, 0x50 ); bsPutUChar ( bsWr, 0x90 ); | ||
bsPutUInt32 ( bsWr, blockCRC ); | ||
bsClose ( bsWr ); | ||
+ outFile = NULL; | ||
} | ||
if (wrBlock >= rbCtr) break; | ||
wrBlock++; |