commit: 9801aee5391ae3e2c366107e3f0d21e8d29d95d3 Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> AuthorDate: Sat Jan 14 15:28:04 2017 +0000 Commit: Aaron Bauman <bman <AT> gentoo <DOT> org> CommitDate: Sun Jan 15 07:59:10 2017 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9801aee5
app-arch/unzip: Security cleanup (bug #560416) Package-Manager: Portage-2.3.3, Repoman-2.3.1 Closes: https://github.com/gentoo/gentoo/pull/3466 app-arch/unzip/Manifest | 1 - .../unzip/files/unzip-5.52-CVE-2008-0888.patch | 35 ----------- .../unzip/files/unzip-5.52-no-exec-stack.patch | 13 ---- app-arch/unzip/unzip-5.52-r2.ebuild | 58 ----------------- app-arch/unzip/unzip-6.0-r3.ebuild | 73 ---------------------- 5 files changed, 180 deletions(-) diff --git a/app-arch/unzip/Manifest b/app-arch/unzip/Manifest index 953dc1c..f7a4571 100644 --- a/app-arch/unzip/Manifest +++ b/app-arch/unzip/Manifest @@ -1,3 +1,2 @@ -DIST unzip552.tar.gz 1140291 SHA256 145d95e2ef1ef9add2e3c97d1340907e33ab8749eb1235372e7f0b7af600a8e9 SHA512 9b852687a7cbce3a6696f8da176f97eded1e99b1f10ae5e4b29bf870df374fea3e4266b3a731d7cdfc28ce5c060a01dd8d3f9c3d8250d1d774273de16d70528b WHIRLPOOL 4148fe091cf9847245be67c7d85fc6fcdcc2a385dad0434757a0c7dea41131085f9bcd5ca6eedc065091a473f27780341921f90ddcae32e73618319da9122d70 DIST unzip60.tar.gz 1376845 SHA256 036d96991646d0449ed0aa952e4fbe21b476ce994abc276e49d30e686708bd37 SHA512 0694e403ebc57b37218e00ec1a406cae5cc9c5b52b6798e0d4590840b6cdbf9ddc0d9471f67af783e960f8fa2e620394d51384257dca23d06bcd90224a80ce5d WHIRLPOOL eab32d6d0ab100d302b608658a3ae290d3dad4beddccebaf6cb6527102bb238f751ec6482dea68ae62474005de89f11f9e0cf1b1e12bee2ca5a2336a3c0c9808 DIST unzip_6.0-20.debian.tar.xz 16680 SHA256 7ddfafb1a771ae8d6b4e25c5e31f22c717e0fe606b1bafadcdd574c01f671490 SHA512 7212cb110291581c2e465dc8ea5130eabffc4e0369d6245e8c26fa9d350bed904847d6e1191afaaa2d3fc23bd05fda7da80439d0c06b88f5331b01c9eff97fbe WHIRLPOOL ea5ebd5d95638ff8cd2e91eb77f5be544e33ac6fd478aa00c04da193cd3fad980c5ac1975dfedb2c242192cee6c4eee8bbaf3581299f6c3fa45faa639f0169fd diff --git a/app-arch/unzip/files/unzip-5.52-CVE-2008-0888.patch b/app-arch/unzip/files/unzip-5.52-CVE-2008-0888.patch deleted file mode 100644 index 368b3ee..00000000 --- a/app-arch/unzip/files/unzip-5.52-CVE-2008-0888.patch +++ /dev/null @@ -1,35 +0,0 @@ -http://bugs.gentoo.org/213761 - -fix for CVE-2008-0888 - ---- inflate.c -+++ inflate.c -@@ -983,6 +983,7 @@ - unsigned l; /* last length */ - unsigned m; /* mask for bit lengths table */ - unsigned n; /* number of lengths to get */ -+ struct huft *tlp; - struct huft *tl; /* literal/length code table */ - struct huft *td; /* distance code table */ - unsigned bl; /* lookup bits for tl */ -@@ -996,6 +997,8 @@ - int retval = 0; /* error code returned: initialized to "no error" */ - - -+ td = tlp = tl = (struct huft *)NULL; -+ - /* make local bit buffer */ - Trace((stderr, "\ndynamic block")); - b = G.bb; -@@ -1047,9 +1050,9 @@ - while (i < n) - { - NEEDBITS(bl) -- j = (td = tl + ((unsigned)b & m))->b; -+ j = (tlp = tl + ((unsigned)b & m))->b; - DUMPBITS(j) -- j = td->v.n; -+ j = tlp->v.n; - if (j < 16) /* length of code in bits (0..15) */ - ll[i++] = l = j; /* save last length in l */ - else if (j == 16) /* repeat last length 3 to 6 times */ diff --git a/app-arch/unzip/files/unzip-5.52-no-exec-stack.patch b/app-arch/unzip/files/unzip-5.52-no-exec-stack.patch deleted file mode 100644 index e2869bf..00000000 --- a/app-arch/unzip/files/unzip-5.52-no-exec-stack.patch +++ /dev/null @@ -1,13 +0,0 @@ -Make sure that the asm files don't incorrectly trigger an executable -stack marking in the final shared library. That's bad, mmmkay. - ---- unzip/crc_i386.S -+++ unzip/crc_i386.S -@@ -238,3 +238,7 @@ - #endif /* i386 || _i386 || _I386 || __i386 */ - - #endif /* !USE_ZLIB */ -+ -+#ifdef __ELF__ -+.section .note.GNU-stack,"",%progbits -+#endif diff --git a/app-arch/unzip/unzip-5.52-r2.ebuild b/app-arch/unzip/unzip-5.52-r2.ebuild deleted file mode 100644 index 9f97ed1..00000000 --- a/app-arch/unzip/unzip-5.52-r2.ebuild +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright 1999-2008 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -inherit eutils toolchain-funcs flag-o-matic - -DESCRIPTION="unzipper for pkzip-compressed files" -HOMEPAGE="http://www.info-zip.org/"; -SRC_URI="mirror://gentoo/${PN}${PV/.}.tar.gz" - -LICENSE="Info-ZIP" -SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc ~sparc-fbsd x86 ~x86-fbsd" -IUSE="" - -DEPEND="" - -src_unpack() { - unpack ${A} - cd "${S}" - epatch "${FILESDIR}"/${P}-no-exec-stack.patch - epatch "${FILESDIR}"/${P}-CVE-2008-0888.patch #213761 - sed -i \ - -e 's:-O3:$(CFLAGS) $(CPPFLAGS):' \ - -e 's:-O :$(CFLAGS) $(CPPFLAGS) :' \ - -e "s:CC=gcc :CC=$(tc-getCC) :" \ - -e "s:LD=gcc :LD=$(tc-getCC) :" \ - -e "s:AS=gcc :AS=$(tc-getCC) :" \ - -e 's:LF2 = -s:LF2 = :' \ - -e 's:LF = :LF = $(LDFLAGS) :' \ - -e 's:SL = :SL = $(LDFLAGS) :' \ - -e 's:FL = :FL = $(LDFLAGS) :' \ - unix/Makefile \ - || die "sed unix/Makefile failed" -} - -src_compile() { - local TARGET - case ${CHOST} in - i?86*-linux*) TARGET=linux_asm ;; - *-linux*) TARGET=linux_noasm ;; - i?86*-freebsd* | i?86*-dragonfly* | i?86*-openbsd* | i?86*-netbsd*) - TARGET=freebsd ;; # mislabelled bsd with x86 asm - *-freebsd* | *-dragonfly* | *-openbsd* | *-netbsd*) - TARGET=bsd ;; - *-darwin*) TARGET=macosx ;; - *) die "Unknown target, you suck" ;; - esac - append-lfs-flags #104315 - emake -f unix/Makefile ${TARGET} || die "emake failed" -} - -src_install() { - dobin unzip funzip unzipsfx unix/zipgrep || die "dobin failed" - dosym unzip /usr/bin/zipinfo || die - doman man/*.1 - dodoc BUGS History* README ToDo WHERE -} diff --git a/app-arch/unzip/unzip-6.0-r3.ebuild b/app-arch/unzip/unzip-6.0-r3.ebuild deleted file mode 100644 index 3a1d001..00000000 --- a/app-arch/unzip/unzip-6.0-r3.ebuild +++ /dev/null @@ -1,73 +0,0 @@ -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -EAPI="2" -inherit eutils toolchain-funcs flag-o-matic - -MY_P="${PN}${PV/.}" - -DESCRIPTION="unzipper for pkzip-compressed files" -HOMEPAGE="http://www.info-zip.org/"; -SRC_URI="mirror://sourceforge/infozip/${MY_P}.tar.gz" - -LICENSE="Info-ZIP" -SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="bzip2 natspec unicode" - -DEPEND="bzip2? ( app-arch/bzip2 ) - natspec? ( dev-libs/libnatspec )" -RDEPEND="${DEPEND}" - -S="${WORKDIR}/${MY_P}" - -src_prepare() { - epatch "${FILESDIR}"/${P}-no-exec-stack.patch - use natspec && epatch "${FILESDIR}/${PN}-6.0-natspec.patch" #275244 - sed -i -r \ - -e '/^CFLAGS/d' \ - -e '/CFLAGS/s:-O[0-9]?:$(CFLAGS) $(CPPFLAGS):' \ - -e '/^STRIP/s:=.*:=true:' \ - -e "s:\<CC *= *\"?g?cc2?\"?\>:CC=\"$(tc-getCC)\":" \ - -e "s:\<LD *= *\"?(g?cc2?|ld)\"?\>:LD=\"$(tc-getCC)\":" \ - -e "s:\<AS *= *\"?(g?cc2?|as)\"?\>:AS=\"$(tc-getCC)\":" \ - -e 's:LF2 = -s:LF2 = :' \ - -e 's:LF = :LF = $(LDFLAGS) :' \ - -e 's:SL = :SL = $(LDFLAGS) :' \ - -e 's:FL = :FL = $(LDFLAGS) :' \ - -e "/^#L_BZ2/s:^$(use bzip2 && echo .)::" \ - -e 's:$(AS) :$(AS) $(ASFLAGS) :g' \ - unix/Makefile \ - || die "sed unix/Makefile failed" -} - -src_compile() { - local TARGET - case ${CHOST} in - i?86*-*linux*) TARGET=linux_asm ;; - *linux*) TARGET=linux_noasm ;; - i?86*-*bsd* | \ - i?86*-dragonfly*) TARGET=freebsd ;; # mislabelled bsd with x86 asm - *bsd* | *dragonfly*) TARGET=bsd ;; - *-darwin*) TARGET=macosx ;; - *-cygwin*) TARGET=cygwin ;; - *) die "Unknown target, you suck" ;; - esac - - [[ ${CHOST} == *linux* ]] && append-cppflags -DNO_LCHMOD - use bzip2 && append-cppflags -DUSE_BZIP2 - use unicode && append-cppflags -DUNICODE_SUPPORT -DUNICODE_WCHAR -DUTF8_MAYBE_NATIVE - append-cppflags -DLARGE_FILE_SUPPORT #281473 - - ASFLAGS="${ASFLAGS} $(get_abi_var CFLAGS)" emake \ - -f unix/Makefile \ - ${TARGET} || die "emake failed" -} - -src_install() { - dobin unzip funzip unzipsfx unix/zipgrep || die "dobin failed" - dosym unzip /usr/bin/zipinfo || die - doman man/*.1 - dodoc BUGS History* README ToDo WHERE -}
