diff options
| author |   Christian Hartmann <ian@gentoo.org> | 2006-09-20 15:06:42 +0000 |
|---|---|---|
| committer | Christian Hartmann <ian@gentoo.org> | 2006-09-20 15:06:42 +0000 |
| commit | 45a38042b6b774acaf7dad07b36d872932efecba (patch) | |
| tree | 23233b1c29fdbc0897cbbdf78b3063c257fb2291 /app-arch | |
| parent | Add support for using eselect vi update for handling the /usr/bin/vi symlink ... (diff) | |
| download | gentoo-2-45a38042b6b774acaf7dad07b36d872932efecba.tar.gz gentoo-2-45a38042b6b774acaf7dad07b36d872932efecba.tar.bz2 gentoo-2-45a38042b6b774acaf7dad07b36d872932efecba.zip | |
Revbump for bug #145511 - commit approved by DerCorny
(Portage version: 2.1.2_pre1)
Diffstat (limited to 'app-arch')
| -rw-r--r-- | app-arch/gzip/ChangeLog | 8 | ||||
| -rw-r--r-- | app-arch/gzip/files/CVE-2006-4334-8.diff | 180 | ||||
| -rw-r--r-- | app-arch/gzip/files/digest-gzip-1.3.5-r9 | 3 | ||||
| -rw-r--r-- | app-arch/gzip/gzip-1.3.5-r9.ebuild | 88 |
4 files changed, 278 insertions, 1 deletions
diff --git a/app-arch/gzip/ChangeLog b/app-arch/gzip/ChangeLog index 02dbffa3dd94..9822b988df07 100644 --- a/app-arch/gzip/ChangeLog +++ b/app-arch/gzip/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for app-arch/gzip # Copyright 1999-2006 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-arch/gzip/ChangeLog,v 1.58 2006/04/27 09:22:10 antarus Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-arch/gzip/ChangeLog,v 1.59 2006/09/20 15:06:42 ian Exp $ + +*gzip-1.3.5-r9 (20 Sep 2006) + + 20 Sep 2006; Christian Hartmann <ian@gentoo.org> + +files/CVE-2006-4334-8.diff, +gzip-1.3.5-r9.ebuild: + Revbump for bug #145511 - commit approved by DerCorny 27 Apr 2006; Alec Warner <antarus@gentoo.org> files/digest-gzip-1.3.5-r8, Manifest: diff --git a/app-arch/gzip/files/CVE-2006-4334-8.diff b/app-arch/gzip/files/CVE-2006-4334-8.diff new file mode 100644 index 000000000000..f49f4b652bc9 --- /dev/null +++ b/app-arch/gzip/files/CVE-2006-4334-8.diff @@ -0,0 +1,180 @@ +--- gzip-1.3.5/gzip.h 2001-10-01 07:53:41.000000000 +0100 ++++ gzip-1.3.5/gzip.h 2006-08-18 22:44:38.755598000 +0100 +@@ -198,6 +198,8 @@ + extern int to_stdout; /* output to stdout (-c) */ + extern int save_orig_name; /* set if original name must be saved */ + ++#define MIN(a,b) ((a) <= (b) ? (a) : (b)) ++ + #define get_byte() (inptr < insize ? inbuf[inptr++] : fill_inbuf(0)) + #define try_byte() (inptr < insize ? inbuf[inptr++] : fill_inbuf(1)) + +--- gzip-1.3.5/inflate.c 2002-09-25 22:20:13.000000000 +0100 ++++ gzip-1.3.5/inflate.c 2006-07-21 09:10:43.350376000 +0100 +@@ -337,7 +337,7 @@ + { + *t = (struct huft *)NULL; + *m = 0; +- return 0; ++ return 2; + } + + +--- gzip-1.3.5/unlzh.c 1999-10-06 06:00:00.000000000 +0100 ++++ gzip-1.3.5/unlzh.c 2006-08-18 22:56:19.446997000 +0100 +@@ -149,13 +149,17 @@ + unsigned i, k, len, ch, jutbits, avail, nextcode, mask; + + for (i = 1; i <= 16; i++) count[i] = 0; +- for (i = 0; i < (unsigned)nchar; i++) count[bitlen[i]]++; ++ for (i = 0; i < (unsigned)nchar; i++) { ++ if (bitlen[i] > 16) ++ error("Bad table (case a)\n"); ++ else count[bitlen[i]]++; ++ } + + start[1] = 0; + for (i = 1; i <= 16; i++) + start[i + 1] = start[i] + (count[i] << (16 - i)); +- if ((start[17] & 0xffff) != 0) +- error("Bad table\n"); ++ if ((start[17] & 0xffff) != 0 || tablebits > 16) /* 16 for weight below */ ++ error("Bad table (case b)\n"); + + jutbits = 16 - tablebits; + for (i = 1; i <= (unsigned)tablebits; i++) { +@@ -169,15 +173,15 @@ + + i = start[tablebits + 1] >> jutbits; + if (i != 0) { +- k = 1 << tablebits; +- while (i != k) table[i++] = 0; ++ k = MIN(1 << tablebits, DIST_BUFSIZE); ++ while (i < k) table[i++] = 0; + } + + avail = nchar; + mask = (unsigned) 1 << (15 - tablebits); + for (ch = 0; ch < (unsigned)nchar; ch++) { + if ((len = bitlen[ch]) == 0) continue; +- nextcode = start[len] + weight[len]; ++ nextcode = MIN(start[len] + weight[len], DIST_BUFSIZE); + if (len <= (unsigned)tablebits) { + for (i = start[len]; i < nextcode; i++) table[i] = ch; + } else { +@@ -218,7 +222,7 @@ + for (i = 0; i < 256; i++) pt_table[i] = c; + } else { + i = 0; +- while (i < n) { ++ while (i < MIN(n,NPT)) { + c = bitbuf >> (BITBUFSIZ - 3); + if (c == 7) { + mask = (unsigned) 1 << (BITBUFSIZ - 1 - 3); +@@ -228,7 +232,7 @@ + pt_len[i++] = c; + if (i == i_special) { + c = getbits(2); +- while (--c >= 0) pt_len[i++] = 0; ++ while (--c >= 0 && i < NPT) pt_len[i++] = 0; + } + } + while (i < nn) pt_len[i++] = 0; +@@ -248,7 +252,7 @@ + for (i = 0; i < 4096; i++) c_table[i] = c; + } else { + i = 0; +- while (i < n) { ++ while (i < MIN(n,NC)) { + c = pt_table[bitbuf >> (BITBUFSIZ - 8)]; + if (c >= NT) { + mask = (unsigned) 1 << (BITBUFSIZ - 1 - 8); +@@ -256,14 +260,14 @@ + if (bitbuf & mask) c = right[c]; + else c = left [c]; + mask >>= 1; +- } while (c >= NT); ++ } while (c >= NT && (mask || c != left[c])); + } + fillbuf((int) pt_len[c]); + if (c <= 2) { + if (c == 0) c = 1; + else if (c == 1) c = getbits(4) + 3; + else c = getbits(CBIT) + 20; +- while (--c >= 0) c_len[i++] = 0; ++ while (--c >= 0 && i < NC) c_len[i++] = 0; + } else c_len[i++] = c - 2; + } + while (i < NC) c_len[i++] = 0; +@@ -292,7 +296,7 @@ + if (bitbuf & mask) j = right[j]; + else j = left [j]; + mask >>= 1; +- } while (j >= NC); ++ } while (j >= NC && (mask || j != left[j])); + } + fillbuf((int) c_len[j]); + return j; +@@ -309,7 +313,7 @@ + if (bitbuf & mask) j = right[j]; + else j = left [j]; + mask >>= 1; +- } while (j >= NP); ++ } while (j >= NP && (mask || j != left[j])); + } + fillbuf((int) pt_len[j]); + if (j != 0) j = ((unsigned) 1 << (j - 1)) + getbits((int) (j - 1)); +@@ -356,7 +360,7 @@ + while (--j >= 0) { + buffer[r] = buffer[i]; + i = (i + 1) & (DICSIZ - 1); +- if (++r == count) return r; ++ if (++r >= count) return r; + } + for ( ; ; ) { + c = decode_c(); +@@ -366,14 +370,14 @@ + } + if (c <= UCHAR_MAX) { + buffer[r] = c; +- if (++r == count) return r; ++ if (++r >= count) return r; + } else { + j = c - (UCHAR_MAX + 1 - THRESHOLD); + i = (r - decode_p() - 1) & (DICSIZ - 1); + while (--j >= 0) { + buffer[r] = buffer[i]; + i = (i + 1) & (DICSIZ - 1); +- if (++r == count) return r; ++ if (++r >= count) return r; + } + } + } +--- gzip-1.3.5/unpack.c 1999-10-06 06:00:00.000000000 +0100 ++++ gzip-1.3.5/unpack.c 2006-07-21 15:49:48.615190000 +0100 +@@ -13,7 +13,6 @@ + #include "gzip.h" + #include "crypt.h" + +-#define MIN(a,b) ((a) <= (b) ? (a) : (b)) + /* The arguments must not have side effects. */ + + #define MAX_BITLEN 25 +@@ -133,7 +132,7 @@ + /* Remember where the literals of this length start in literal[] : */ + lit_base[len] = base; + /* And read the literals: */ +- for (n = leaves[len]; n > 0; n--) { ++ for (n = leaves[len]; n > 0 && base < LITERALS; n--) { + literal[base++] = (uch)get_byte(); + } + } +@@ -169,7 +168,7 @@ + prefixp = &prefix_len[1<<peek_bits]; + for (len = 1; len <= peek_bits; len++) { + int prefixes = leaves[len] << (peek_bits-len); /* may be 0 */ +- while (prefixes--) *--prefixp = (uch)len; ++ while (prefixes-- && prefixp > prefix_len) *--prefixp = (uch)len; + } + /* The length of all other codes is unknown: */ + while (prefixp > prefix_len) *--prefixp = 0; diff --git a/app-arch/gzip/files/digest-gzip-1.3.5-r9 b/app-arch/gzip/files/digest-gzip-1.3.5-r9 new file mode 100644 index 000000000000..cc0c9a56f833 --- /dev/null +++ b/app-arch/gzip/files/digest-gzip-1.3.5-r9 @@ -0,0 +1,3 @@ +MD5 3d6c191dfd2bf307014b421c12dc8469 gzip-1.3.5.tar.gz 331550 +RMD160 5011f20441f31838c34b981c325107dd85737ff9 gzip-1.3.5.tar.gz 331550 +SHA256 631820e566353eafc4bdc0d9d8221c26c7ef6b5d10a254783dbe9bcac88caa07 gzip-1.3.5.tar.gz 331550 diff --git a/app-arch/gzip/gzip-1.3.5-r9.ebuild b/app-arch/gzip/gzip-1.3.5-r9.ebuild new file mode 100644 index 000000000000..91ab4572ca05 --- /dev/null +++ b/app-arch/gzip/gzip-1.3.5-r9.ebuild @@ -0,0 +1,88 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-arch/gzip/gzip-1.3.5-r9.ebuild,v 1.1 2006/09/20 15:06:42 ian Exp $ + +inherit eutils flag-o-matic + +DESCRIPTION="Standard GNU compressor" +HOMEPAGE="http://www.gnu.org/software/gzip/gzip.html" +SRC_URI="mirror://gentoo/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd" +IUSE="nls build static pic" + +RDEPEND="" +DEPEND="${RDEPEND} + nls? ( sys-devel/gettext )" +PROVIDE="virtual/gzip" + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}"/CVE-2006-4334-8.diff + epatch "${FILESDIR}"/${P}-debian.patch + epatch "${FILESDIR}"/${P}-znew-tempfile-2.patch + epatch "${FILESDIR}"/${P}-gunzip-dir.patch + epatch "${FILESDIR}"/${P}-asm-execstack.patch + epatch "${FILESDIR}"/${P}-gzip-perm.patch + epatch "${FILESDIR}"/${P}-infodir.patch + epatch "${FILESDIR}"/${P}-rsync.patch + epatch "${FILESDIR}"/${P}-zgrep-sed.patch + epatch "${FILESDIR}"/${P}-alpha.patch + epatch "${FILESDIR}"/${P}-zgreppipe.patch +} + +src_compile() { + use static && append-flags -static + # avoid text relocation in gzip + use pic && export DEFS="NO_ASM" + econf --exec-prefix=/ $(use_enable nls) || die + emake || die +} + +src_install() { + dodir /usr/bin /usr/share/man/man1 + make prefix=${D}/usr \ + exec_prefix=${D}/ \ + mandir=${D}/usr/share/man \ + infodir=${D}/usr/share/info \ + install || die + + cd ${D}/bin + + for i in gzexe zforce zgrep zmore znew zcmp + do + sed -i -e "s:${D}::" ${i} || die + chmod 755 ${i} + done + + # No need to waste space -- these guys should be links + # gzcat is equivilant to zcat, but historically zcat + # was a link to compress. + rm -f gunzip zcat zcmp zegrep zfgrep + dosym gzip /bin/gunzip + dosym gzip /bin/gzcat + dosym gzip /bin/zcat + dosym zdiff /bin/zcmp + dosym zgrep /bin/zegrep + dosym zgrep /bin/zfgrep + + if ! use build + then + cd ${D}/usr/share/man/man1 + rm -f gunzip.* zcmp.* zcat.* + ln -s gzip.1.gz gunzip.1.gz + ln -s zdiff.1.gz zcmp.1.gz + ln -s gzip.1.gz zcat.1.gz + ln -s gzip.1.gz gzcat.1.gz + cd ${S} + rm -rf ${D}/usr/man ${D}/usr/lib + dodoc ChangeLog NEWS README THANKS TODO + docinto txt + dodoc algorithm.doc gzip.doc + else + rm -rf ${D}/usr + fi +} |