diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2010-09-22 07:03:19 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2010-09-22 07:10:19 +0000 |
commit | 1b7a989a8a8e1ce2bef83fb1f9f2488254ac5d75 (patch) | |
tree | fa594d65dbb185f92e07633be27b0098c270caa2 | |
parent | 44e57c85ddf771aaa21424bdab2a0d6041327aaa (diff) | |
download | aports-1b7a989a8a8e1ce2bef83fb1f9f2488254ac5d75.tar.bz2 aports-1b7a989a8a8e1ce2bef83fb1f9f2488254ac5d75.tar.xz |
main/bzip2: upgrade to 1.0.6. security fix for CVE-2010-0405
-rw-r--r-- | main/bzip2/APKBUILD | 57 | ||||
-rw-r--r-- | main/bzip2/bzip2-1.0.2-progress.patch | 175 | ||||
-rw-r--r-- | main/bzip2/bzip2-1.0.3-no-test.patch | 9 | ||||
-rw-r--r-- | main/bzip2/bzip2-1.0.4-POSIX-shell.patch | 4 | ||||
-rw-r--r-- | main/bzip2/bzip2-1.0.4-makefile-CFLAGS.patch | 12 | ||||
-rw-r--r-- | main/bzip2/bzip2-1.0.4-saneso.patch | 13 | ||||
-rw-r--r-- | main/bzip2/bzip2-1.0.6-saneso.patch | 13 |
7 files changed, 246 insertions, 37 deletions
diff --git a/main/bzip2/APKBUILD b/main/bzip2/APKBUILD index 1081978b5c..23ffa64745 100644 --- a/main/bzip2/APKBUILD +++ b/main/bzip2/APKBUILD @@ -1,27 +1,33 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=bzip2 -pkgver=1.0.5 -pkgrel=2 +pkgver=1.0.6 +pkgrel=0 pkgdesc="A high-quality data compression program" url="http://sources.redhat.com/bzip2" license="BZIP2" depends="" install="$pkgname.post-deinstall" source="http://www.bzip.org/$pkgver/$pkgname-$pkgver.tar.gz - $install - bzip2-1.0.4-POSIX-shell.patch bzip2-1.0.4-makefile-CFLAGS.patch + bzip2-1.0.6-saneso.patch bzip2-1.0.4-man-links.patch - bzip2-1.0.4-saneso.patch + bzip2-1.0.2-progress.patch + bzip2-1.0.3-no-test.patch + bzip2-1.0.4-POSIX-shell.patch " -subpackages="$pkgname-dev $pkgname-doc" +subpackages="$pkgname-dev $pkgname-doc libbz2" -build () { +_builddir="$srcdir"/$pkgname-$pkgver +prepare() { local i - cd "$srcdir"/$pkgname-$pkgver - for i in ../*.patch; do - msg "Applying ${i##*/}" - patch -p1 < $i || return 1 + cd "$_builddir" + for i in $source; do + case $i in + *.patch) + msg "Applying $i" + patch -p1 -i "$srcdir"/$i || return 1 + ;; + esac done # Fix man path @@ -36,13 +42,32 @@ build () { -e "s:1\.0\.4:$pkgver:" \ bzip2.1 bzip2.txt Makefile-libbz2_so manual.* || return 1 +} + +build () { + cd "$_builddir" make -f Makefile-libbz2_so all || return 1 make all || return 1 +} + +package() { + cd "$_builddir" make PREFIX="$pkgdir"/usr install || return 1 + install -D libbz2.so.$pkgver "$pkgdir"/usr/lib/libbz2.so.$pkgver + ln -s libbz2.so.$pkgver "$pkgdir"/usr/lib/libbz2.so + ln -s libbz2.so.$pkgver "$pkgdir"/usr/lib/libbz2.so.${pkgver%%.*} } -md5sums="3c15a0c8d1d3ee1c46a1634d00617b1a bzip2-1.0.5.tar.gz -b84506d253e04db3c5af9016fead45a3 bzip2.post-deinstall -2e9bcfeb1614b55f5ba2d087ac65a3fe bzip2-1.0.4-POSIX-shell.patch -56b90131e3c2ae425b758de9c7be7682 bzip2-1.0.4-makefile-CFLAGS.patch + +libbz2() { + pkgdesc="Shared library for bz2" + mkdir -p "$subpkgdir"/usr/lib + mv "$pkgdir"/usr/lib/*.so.* "$subpkgdir"/usr/lib/ +} + +md5sums="00b516f4704d4a7cb50a1d97e6e8e15b bzip2-1.0.6.tar.gz +3675cd4db6affe64e1d7d40bc2ad4f26 bzip2-1.0.4-makefile-CFLAGS.patch +d47a4aa8f08d101aa5aa0dd2030338d1 bzip2-1.0.6-saneso.patch fd13ef6bc55276c7e3adc346bde56cd1 bzip2-1.0.4-man-links.patch -643983e8134723ebe53c858b1a3938ad bzip2-1.0.4-saneso.patch" +5f7a98f0aaaed6554126d30e28383ee0 bzip2-1.0.2-progress.patch +804bd17c96297968a89fc4eddc9a6713 bzip2-1.0.3-no-test.patch +55ac0e9be7821190b99376e0205707be bzip2-1.0.4-POSIX-shell.patch" diff --git a/main/bzip2/bzip2-1.0.2-progress.patch b/main/bzip2/bzip2-1.0.2-progress.patch new file mode 100644 index 0000000000..2f389cfac9 --- /dev/null +++ b/main/bzip2/bzip2-1.0.2-progress.patch @@ -0,0 +1,175 @@ +Ripped from Mandrake. + +http://bugs.gentoo.org/show_bug.cgi?id=82192 + +--- bzip2-1.0.2.org/bzip2.1 ++++ bzip2-1.0.2/bzip2.1 +@@ -235,6 +235,10 @@ + Suppress non-essential warning messages. Messages pertaining to + I/O errors and other critical events will not be suppressed. + .TP ++.B \-p --show-progress ++Show percentage of input-file done and while compressing show the percentage ++of the original file the new file is. ++.TP + .B \-v --verbose + Verbose mode -- show the compression ratio for each file processed. + Further \-v's increase the verbosity level, spewing out lots of +--- bzip2-1.0.2.org/bzip2.c ++++ bzip2-1.0.2/bzip2.c +@@ -145,6 +145,7 @@ + #include <signal.h> + #include <math.h> + #include <errno.h> ++#include <time.h> + #include <ctype.h> + #include "bzlib.h" + +@@ -301,6 +302,7 @@ + Char progNameReally[FILE_NAME_LEN]; + FILE *outputHandleJustInCase; + Int32 workFactor; ++Char showProgress; + + static void panic ( Char* ) NORETURN; + static void ioError ( void ) NORETURN; +@@ -425,6 +427,12 @@ + UInt32 nbytes_in_lo32, nbytes_in_hi32; + UInt32 nbytes_out_lo32, nbytes_out_hi32; + Int32 bzerr, bzerr_dummy, ret; ++ double fileSize = 0; /* initialized to make the compiler stop crying */ ++ /* double because big files might otherwhise give ++ * overflows. not long long since not all compilers ++ * support that one ++ */ ++ time_t startTime, currentTime; + + SET_BINARY_MODE(stream); + SET_BINARY_MODE(zStream); +@@ -432,12 +440,21 @@ + if (ferror(stream)) goto errhandler_io; + if (ferror(zStream)) goto errhandler_io; + ++ if ((srcMode == SM_F2F || srcMode == SM_F2O) && showProgress == True) { ++ (void)fseek(stream, 0, SEEK_END); ++ fileSize = (double)ftell(stream); ++ rewind(stream); ++ if (verbosity >= 1) ++ fprintf(stderr, "Input-file size: %ld\n", (long)fileSize); ++ } ++ + bzf = BZ2_bzWriteOpen ( &bzerr, zStream, + blockSize100k, verbosity, workFactor ); + if (bzerr != BZ_OK) goto errhandler; + + if (verbosity >= 2) fprintf ( stderr, "\n" ); + ++ time(&startTime); + while (True) { + + if (myfeof(stream)) break; +@@ -446,13 +463,32 @@ + if (nIbuf > 0) BZ2_bzWrite ( &bzerr, bzf, (void*)ibuf, nIbuf ); + if (bzerr != BZ_OK) goto errhandler; + ++ if ((srcMode == SM_F2F || srcMode == SM_F2O) && showProgress == True) ++ { ++ time(¤tTime); ++ ++ if ((currentTime - startTime) > 1) { /* show progress every 2 seconds */ ++ double curInPos = (double)ftell(stream); ++ double curOutPos = (double)ftell(zStream); ++ ++ startTime = currentTime; ++ ++ fprintf(stderr, "%.2f%% done", (curInPos * 100.0) / fileSize); ++ if (srcMode == SM_F2F) ++ { ++ fprintf(stderr, ", new size: %.2f%%", (curOutPos * 100.0) / curInPos); ++ } ++ ++ fprintf(stderr, " \r"); ++ } ++ } + } + + BZ2_bzWriteClose64 ( &bzerr, bzf, 0, + &nbytes_in_lo32, &nbytes_in_hi32, + &nbytes_out_lo32, &nbytes_out_hi32 ); + if (bzerr != BZ_OK) goto errhandler; +- ++ + if (ferror(zStream)) goto errhandler_io; + ret = fflush ( zStream ); + if (ret == EOF) goto errhandler_io; +@@ -526,6 +562,8 @@ + UChar unused[BZ_MAX_UNUSED]; + Int32 nUnused; + UChar* unusedTmp; ++ double fileSize = 0; /* initialized to make the compiler stop crying */ ++ time_t startTime, currentTime; + + nUnused = 0; + streamNo = 0; +@@ -533,9 +571,19 @@ + SET_BINARY_MODE(stream); + SET_BINARY_MODE(zStream); + ++ if ((srcMode == SM_F2F || srcMode == SM_F2O) && showProgress == True) { ++ long dummy = ftell(zStream); ++ (void)fseek(zStream, 0, SEEK_END); ++ fileSize = (double)ftell(zStream); ++ (void)fseek(zStream, dummy, SEEK_SET); ++ if (verbosity >= 1) ++ fprintf(stderr, "Input-file size: %ld\n", (long)fileSize); ++ } ++ + if (ferror(stream)) goto errhandler_io; + if (ferror(zStream)) goto errhandler_io; + ++ time(&startTime); + while (True) { + + bzf = BZ2_bzReadOpen ( +@@ -551,6 +599,17 @@ + if ((bzerr == BZ_OK || bzerr == BZ_STREAM_END) && nread > 0) + fwrite ( obuf, sizeof(UChar), nread, stream ); + if (ferror(stream)) goto errhandler_io; ++ ++ if ((srcMode == SM_F2F || srcMode == SM_F2O) && showProgress == True) { ++ time(¤tTime); ++ if ((currentTime - startTime) >= 2) ++ { ++ double curInPos = (double)ftell(zStream); ++ startTime = currentTime; ++ ++ fprintf(stderr, "%.2f%% done\r", (curInPos * 100.0) / fileSize); ++ } ++ } + } + if (bzerr != BZ_STREAM_END) goto errhandler; + +@@ -1872,6 +1931,7 @@ + deleteOutputOnInterrupt = False; + exitValue = 0; + i = j = 0; /* avoid bogus warning from egcs-1.1.X */ ++ showProgress = False; + + /*-- Set up signal handlers for mem access errors --*/ + signal (SIGSEGV, mySIGSEGVorSIGBUScatcher); +@@ -1949,6 +2009,7 @@ + case 'k': keepInputFiles = True; break; + case 's': smallMode = True; break; + case 'q': noisy = False; break; ++ case 'p': showProgress = True; break; + case '1': blockSize100k = 1; break; + case '2': blockSize100k = 2; break; + case '3': blockSize100k = 3; break; +@@ -1985,6 +2046,7 @@ + if (ISFLAG("--keep")) keepInputFiles = True; else + if (ISFLAG("--small")) smallMode = True; else + if (ISFLAG("--quiet")) noisy = False; else ++ if (ISFLAG("--show-progress")) showProgress = True; else + if (ISFLAG("--version")) license(); else + if (ISFLAG("--license")) license(); else + if (ISFLAG("--exponential")) workFactor = 1; else diff --git a/main/bzip2/bzip2-1.0.3-no-test.patch b/main/bzip2/bzip2-1.0.3-no-test.patch new file mode 100644 index 0000000000..fc876d5044 --- /dev/null +++ b/main/bzip2/bzip2-1.0.3-no-test.patch @@ -0,0 +1,9 @@ +--- ./Makefile ++++ ./Makefile +@@ -23,5 +23,5 @@ + bzlib.o + +-all: libbz2.a bzip2 bzip2recover test ++all: libbz2.a bzip2 bzip2recover + + bzip2: libbz2.a bzip2.o diff --git a/main/bzip2/bzip2-1.0.4-POSIX-shell.patch b/main/bzip2/bzip2-1.0.4-POSIX-shell.patch index 74f8df000b..a5916eaff5 100644 --- a/main/bzip2/bzip2-1.0.4-POSIX-shell.patch +++ b/main/bzip2/bzip2-1.0.4-POSIX-shell.patch @@ -3,8 +3,8 @@ with calls to sed so POSIX shells work http://bugs.gentoo.org/193365 ---- a/bzgrep -+++ b/bzgrep +--- ./bzgrep ++++ ./bzgrep @@ -63,10 +63,9 @@ bzip2 -cdfq "$i" | $grep $opt "$pat" r=$? diff --git a/main/bzip2/bzip2-1.0.4-makefile-CFLAGS.patch b/main/bzip2/bzip2-1.0.4-makefile-CFLAGS.patch index 85a3c6af6c..cf146188c3 100644 --- a/main/bzip2/bzip2-1.0.4-makefile-CFLAGS.patch +++ b/main/bzip2/bzip2-1.0.4-makefile-CFLAGS.patch @@ -1,5 +1,5 @@ ---- a/Makefile -+++ b/Makefile +--- ./Makefile ++++ ./Makefile @@ -18,10 +18,9 @@ CC=gcc AR=ar @@ -8,18 +8,18 @@ BIGFILES=-D_FILE_OFFSET_BITS=64 -CFLAGS=-Wall -Winline -O2 -g $(BIGFILES) -+CFLAGS+=-Wall -Winline $(BIGFILES) ++CFLAGS+=-Wall -Winline $(BIGFILES) $(CPPFLAGS) # Where you want it installed when you do 'make install' PREFIX=/usr/local ---- a/Makefile-libbz2_so -+++ b/Makefile-libbz2_so +--- ./Makefile-libbz2_so ++++ ./Makefile-libbz2_so @@ -24,7 +24,7 @@ SHELL=/bin/sh CC=gcc BIGFILES=-D_FILE_OFFSET_BITS=64 -CFLAGS=-fpic -fPIC -Wall -Winline -O2 -g $(BIGFILES) -+CFLAGS+=-fpic -fPIC -Wall -Winline $(BIGFILES) ++CFLAGS+=-fpic -fPIC -Wall -Winline $(BIGFILES) $(CPPFLAGS) OBJS= blocksort.o \ huffman.o \ diff --git a/main/bzip2/bzip2-1.0.4-saneso.patch b/main/bzip2/bzip2-1.0.4-saneso.patch deleted file mode 100644 index 9a71342ca9..0000000000 --- a/main/bzip2/bzip2-1.0.4-saneso.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- a/Makefile-libbz2_so -+++ b/Makefile-libbz2_so -@@ -35,8 +35,8 @@ - bzlib.o - - all: $(OBJS) -- $(CC) -shared -Wl,-soname -Wl,libbz2.so.1.0 -o libbz2.so.1.0.4 $(OBJS) -- $(CC) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.4 -+ $(CC) $(LDFLAGS) -shared -Wl,-soname -Wl,libbz2.so.1 -o libbz2.so.1.0.4 $(OBJS) -+ $(CC) $(LDFLAGS) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.4 - rm -f libbz2.so.1.0 - ln -s libbz2.so.1.0.4 libbz2.so.1.0 - diff --git a/main/bzip2/bzip2-1.0.6-saneso.patch b/main/bzip2/bzip2-1.0.6-saneso.patch new file mode 100644 index 0000000000..1968a63bf1 --- /dev/null +++ b/main/bzip2/bzip2-1.0.6-saneso.patch @@ -0,0 +1,13 @@ +--- ./Makefile-libbz2_so ++++ ./Makefile-libbz2_so +@@ -35,8 +35,8 @@ + bzlib.o + + all: $(OBJS) +- $(CC) -shared -Wl,-soname -Wl,libbz2.so.1.0 -o libbz2.so.1.0.6 $(OBJS) +- $(CC) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.6 ++ $(CC) $(LDFLAGS) -shared -Wl,-soname -Wl,libbz2.so.1 -o libbz2.so.1.0.6 $(OBJS) ++ $(CC) $(LDFLAGS) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.6 + rm -f libbz2.so.1.0 + ln -s libbz2.so.1.0.6 libbz2.so.1.0 + |