aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2010-09-22 07:03:19 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2010-09-22 08:56:44 +0000
commit609601d663d130ce924db4936d05ceff1e4c36b3 (patch)
tree9aa592ced8d7498a37d24bbf453957e98d913ec5
parent647999fdf3057d2b7756f0ee137ef030bca22056 (diff)
downloadaports-609601d663d130ce924db4936d05ceff1e4c36b3.tar.bz2
aports-609601d663d130ce924db4936d05ceff1e4c36b3.tar.xz
main/bzip2: upgrade to 1.0.6. security fix for CVE-2010-0405
(cherry picked from commit 1b7a989a8a8e1ce2bef83fb1f9f2488254ac5d75)
-rw-r--r--main/bzip2/APKBUILD57
-rw-r--r--main/bzip2/bzip2-1.0.2-progress.patch175
-rw-r--r--main/bzip2/bzip2-1.0.3-no-test.patch9
-rw-r--r--main/bzip2/bzip2-1.0.4-POSIX-shell.patch4
-rw-r--r--main/bzip2/bzip2-1.0.4-makefile-CFLAGS.patch12
-rw-r--r--main/bzip2/bzip2-1.0.4-saneso.patch13
-rw-r--r--main/bzip2/bzip2-1.0.6-saneso.patch13
7 files changed, 246 insertions, 37 deletions
diff --git a/main/bzip2/APKBUILD b/main/bzip2/APKBUILD
index 1081978b5c..23ffa64745 100644
--- a/main/bzip2/APKBUILD
+++ b/main/bzip2/APKBUILD
@@ -1,27 +1,33 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=bzip2
-pkgver=1.0.5
-pkgrel=2
+pkgver=1.0.6
+pkgrel=0
pkgdesc="A high-quality data compression program"
url="http://sources.redhat.com/bzip2"
license="BZIP2"
depends=""
install="$pkgname.post-deinstall"
source="http://www.bzip.org/$pkgver/$pkgname-$pkgver.tar.gz
- $install
- bzip2-1.0.4-POSIX-shell.patch
bzip2-1.0.4-makefile-CFLAGS.patch
+ bzip2-1.0.6-saneso.patch
bzip2-1.0.4-man-links.patch
- bzip2-1.0.4-saneso.patch
+ bzip2-1.0.2-progress.patch
+ bzip2-1.0.3-no-test.patch
+ bzip2-1.0.4-POSIX-shell.patch
"
-subpackages="$pkgname-dev $pkgname-doc"
+subpackages="$pkgname-dev $pkgname-doc libbz2"
-build () {
+_builddir="$srcdir"/$pkgname-$pkgver
+prepare() {
local i
- cd "$srcdir"/$pkgname-$pkgver
- for i in ../*.patch; do
- msg "Applying ${i##*/}"
- patch -p1 < $i || return 1
+ cd "$_builddir"
+ for i in $source; do
+ case $i in
+ *.patch)
+ msg "Applying $i"
+ patch -p1 -i "$srcdir"/$i || return 1
+ ;;
+ esac
done
# Fix man path
@@ -36,13 +42,32 @@ build () {
-e "s:1\.0\.4:$pkgver:" \
bzip2.1 bzip2.txt Makefile-libbz2_so manual.* || return 1
+}
+
+build () {
+ cd "$_builddir"
make -f Makefile-libbz2_so all || return 1
make all || return 1
+}
+
+package() {
+ cd "$_builddir"
make PREFIX="$pkgdir"/usr install || return 1
+ install -D libbz2.so.$pkgver "$pkgdir"/usr/lib/libbz2.so.$pkgver
+ ln -s libbz2.so.$pkgver "$pkgdir"/usr/lib/libbz2.so
+ ln -s libbz2.so.$pkgver "$pkgdir"/usr/lib/libbz2.so.${pkgver%%.*}
}
-md5sums="3c15a0c8d1d3ee1c46a1634d00617b1a bzip2-1.0.5.tar.gz
-b84506d253e04db3c5af9016fead45a3 bzip2.post-deinstall
-2e9bcfeb1614b55f5ba2d087ac65a3fe bzip2-1.0.4-POSIX-shell.patch
-56b90131e3c2ae425b758de9c7be7682 bzip2-1.0.4-makefile-CFLAGS.patch
+
+libbz2() {
+ pkgdesc="Shared library for bz2"
+ mkdir -p "$subpkgdir"/usr/lib
+ mv "$pkgdir"/usr/lib/*.so.* "$subpkgdir"/usr/lib/
+}
+
+md5sums="00b516f4704d4a7cb50a1d97e6e8e15b bzip2-1.0.6.tar.gz
+3675cd4db6affe64e1d7d40bc2ad4f26 bzip2-1.0.4-makefile-CFLAGS.patch
+d47a4aa8f08d101aa5aa0dd2030338d1 bzip2-1.0.6-saneso.patch
fd13ef6bc55276c7e3adc346bde56cd1 bzip2-1.0.4-man-links.patch
-643983e8134723ebe53c858b1a3938ad bzip2-1.0.4-saneso.patch"
+5f7a98f0aaaed6554126d30e28383ee0 bzip2-1.0.2-progress.patch
+804bd17c96297968a89fc4eddc9a6713 bzip2-1.0.3-no-test.patch
+55ac0e9be7821190b99376e0205707be bzip2-1.0.4-POSIX-shell.patch"
diff --git a/main/bzip2/bzip2-1.0.2-progress.patch b/main/bzip2/bzip2-1.0.2-progress.patch
new file mode 100644
index 0000000000..2f389cfac9
--- /dev/null
+++ b/main/bzip2/bzip2-1.0.2-progress.patch
@@ -0,0 +1,175 @@
+Ripped from Mandrake.
+
+http://bugs.gentoo.org/show_bug.cgi?id=82192
+
+--- bzip2-1.0.2.org/bzip2.1
++++ bzip2-1.0.2/bzip2.1
+@@ -235,6 +235,10 @@
+ Suppress non-essential warning messages. Messages pertaining to
+ I/O errors and other critical events will not be suppressed.
+ .TP
++.B \-p --show-progress
++Show percentage of input-file done and while compressing show the percentage
++of the original file the new file is.
++.TP
+ .B \-v --verbose
+ Verbose mode -- show the compression ratio for each file processed.
+ Further \-v's increase the verbosity level, spewing out lots of
+--- bzip2-1.0.2.org/bzip2.c
++++ bzip2-1.0.2/bzip2.c
+@@ -145,6 +145,7 @@
+ #include <signal.h>
+ #include <math.h>
+ #include <errno.h>
++#include <time.h>
+ #include <ctype.h>
+ #include "bzlib.h"
+
+@@ -301,6 +302,7 @@
+ Char progNameReally[FILE_NAME_LEN];
+ FILE *outputHandleJustInCase;
+ Int32 workFactor;
++Char showProgress;
+
+ static void panic ( Char* ) NORETURN;
+ static void ioError ( void ) NORETURN;
+@@ -425,6 +427,12 @@
+ UInt32 nbytes_in_lo32, nbytes_in_hi32;
+ UInt32 nbytes_out_lo32, nbytes_out_hi32;
+ Int32 bzerr, bzerr_dummy, ret;
++ double fileSize = 0; /* initialized to make the compiler stop crying */
++ /* double because big files might otherwhise give
++ * overflows. not long long since not all compilers
++ * support that one
++ */
++ time_t startTime, currentTime;
+
+ SET_BINARY_MODE(stream);
+ SET_BINARY_MODE(zStream);
+@@ -432,12 +440,21 @@
+ if (ferror(stream)) goto errhandler_io;
+ if (ferror(zStream)) goto errhandler_io;
+
++ if ((srcMode == SM_F2F || srcMode == SM_F2O) && showProgress == True) {
++ (void)fseek(stream, 0, SEEK_END);
++ fileSize = (double)ftell(stream);
++ rewind(stream);
++ if (verbosity >= 1)
++ fprintf(stderr, "Input-file size: %ld\n", (long)fileSize);
++ }
++
+ bzf = BZ2_bzWriteOpen ( &bzerr, zStream,
+ blockSize100k, verbosity, workFactor );
+ if (bzerr != BZ_OK) goto errhandler;
+
+ if (verbosity >= 2) fprintf ( stderr, "\n" );
+
++ time(&startTime);
+ while (True) {
+
+ if (myfeof(stream)) break;
+@@ -446,13 +463,32 @@
+ if (nIbuf > 0) BZ2_bzWrite ( &bzerr, bzf, (void*)ibuf, nIbuf );
+ if (bzerr != BZ_OK) goto errhandler;
+
++ if ((srcMode == SM_F2F || srcMode == SM_F2O) && showProgress == True)
++ {
++ time(&currentTime);
++
++ if ((currentTime - startTime) > 1) { /* show progress every 2 seconds */
++ double curInPos = (double)ftell(stream);
++ double curOutPos = (double)ftell(zStream);
++
++ startTime = currentTime;
++
++ fprintf(stderr, "%.2f%% done", (curInPos * 100.0) / fileSize);
++ if (srcMode == SM_F2F)
++ {
++ fprintf(stderr, ", new size: %.2f%%", (curOutPos * 100.0) / curInPos);
++ }
++
++ fprintf(stderr, " \r");
++ }
++ }
+ }
+
+ BZ2_bzWriteClose64 ( &bzerr, bzf, 0,
+ &nbytes_in_lo32, &nbytes_in_hi32,
+ &nbytes_out_lo32, &nbytes_out_hi32 );
+ if (bzerr != BZ_OK) goto errhandler;
+-
++
+ if (ferror(zStream)) goto errhandler_io;
+ ret = fflush ( zStream );
+ if (ret == EOF) goto errhandler_io;
+@@ -526,6 +562,8 @@
+ UChar unused[BZ_MAX_UNUSED];
+ Int32 nUnused;
+ UChar* unusedTmp;
++ double fileSize = 0; /* initialized to make the compiler stop crying */
++ time_t startTime, currentTime;
+
+ nUnused = 0;
+ streamNo = 0;
+@@ -533,9 +571,19 @@
+ SET_BINARY_MODE(stream);
+ SET_BINARY_MODE(zStream);
+
++ if ((srcMode == SM_F2F || srcMode == SM_F2O) && showProgress == True) {
++ long dummy = ftell(zStream);
++ (void)fseek(zStream, 0, SEEK_END);
++ fileSize = (double)ftell(zStream);
++ (void)fseek(zStream, dummy, SEEK_SET);
++ if (verbosity >= 1)
++ fprintf(stderr, "Input-file size: %ld\n", (long)fileSize);
++ }
++
+ if (ferror(stream)) goto errhandler_io;
+ if (ferror(zStream)) goto errhandler_io;
+
++ time(&startTime);
+ while (True) {
+
+ bzf = BZ2_bzReadOpen (
+@@ -551,6 +599,17 @@
+ if ((bzerr == BZ_OK || bzerr == BZ_STREAM_END) && nread > 0)
+ fwrite ( obuf, sizeof(UChar), nread, stream );
+ if (ferror(stream)) goto errhandler_io;
++
++ if ((srcMode == SM_F2F || srcMode == SM_F2O) && showProgress == True) {
++ time(&currentTime);
++ if ((currentTime - startTime) >= 2)
++ {
++ double curInPos = (double)ftell(zStream);
++ startTime = currentTime;
++
++ fprintf(stderr, "%.2f%% done\r", (curInPos * 100.0) / fileSize);
++ }
++ }
+ }
+ if (bzerr != BZ_STREAM_END) goto errhandler;
+
+@@ -1872,6 +1931,7 @@
+ deleteOutputOnInterrupt = False;
+ exitValue = 0;
+ i = j = 0; /* avoid bogus warning from egcs-1.1.X */
++ showProgress = False;
+
+ /*-- Set up signal handlers for mem access errors --*/
+ signal (SIGSEGV, mySIGSEGVorSIGBUScatcher);
+@@ -1949,6 +2009,7 @@
+ case 'k': keepInputFiles = True; break;
+ case 's': smallMode = True; break;
+ case 'q': noisy = False; break;
++ case 'p': showProgress = True; break;
+ case '1': blockSize100k = 1; break;
+ case '2': blockSize100k = 2; break;
+ case '3': blockSize100k = 3; break;
+@@ -1985,6 +2046,7 @@
+ if (ISFLAG("--keep")) keepInputFiles = True; else
+ if (ISFLAG("--small")) smallMode = True; else
+ if (ISFLAG("--quiet")) noisy = False; else
++ if (ISFLAG("--show-progress")) showProgress = True; else
+ if (ISFLAG("--version")) license(); else
+ if (ISFLAG("--license")) license(); else
+ if (ISFLAG("--exponential")) workFactor = 1; else
diff --git a/main/bzip2/bzip2-1.0.3-no-test.patch b/main/bzip2/bzip2-1.0.3-no-test.patch
new file mode 100644
index 0000000000..fc876d5044
--- /dev/null
+++ b/main/bzip2/bzip2-1.0.3-no-test.patch
@@ -0,0 +1,9 @@
+--- ./Makefile
++++ ./Makefile
+@@ -23,5 +23,5 @@
+ bzlib.o
+
+-all: libbz2.a bzip2 bzip2recover test
++all: libbz2.a bzip2 bzip2recover
+
+ bzip2: libbz2.a bzip2.o
diff --git a/main/bzip2/bzip2-1.0.4-POSIX-shell.patch b/main/bzip2/bzip2-1.0.4-POSIX-shell.patch
index 74f8df000b..a5916eaff5 100644
--- a/main/bzip2/bzip2-1.0.4-POSIX-shell.patch
+++ b/main/bzip2/bzip2-1.0.4-POSIX-shell.patch
@@ -3,8 +3,8 @@ with calls to sed so POSIX shells work
http://bugs.gentoo.org/193365
---- a/bzgrep
-+++ b/bzgrep
+--- ./bzgrep
++++ ./bzgrep
@@ -63,10 +63,9 @@
bzip2 -cdfq "$i" | $grep $opt "$pat"
r=$?
diff --git a/main/bzip2/bzip2-1.0.4-makefile-CFLAGS.patch b/main/bzip2/bzip2-1.0.4-makefile-CFLAGS.patch
index 85a3c6af6c..cf146188c3 100644
--- a/main/bzip2/bzip2-1.0.4-makefile-CFLAGS.patch
+++ b/main/bzip2/bzip2-1.0.4-makefile-CFLAGS.patch
@@ -1,5 +1,5 @@
---- a/Makefile
-+++ b/Makefile
+--- ./Makefile
++++ ./Makefile
@@ -18,10 +18,9 @@
CC=gcc
AR=ar
@@ -8,18 +8,18 @@
BIGFILES=-D_FILE_OFFSET_BITS=64
-CFLAGS=-Wall -Winline -O2 -g $(BIGFILES)
-+CFLAGS+=-Wall -Winline $(BIGFILES)
++CFLAGS+=-Wall -Winline $(BIGFILES) $(CPPFLAGS)
# Where you want it installed when you do 'make install'
PREFIX=/usr/local
---- a/Makefile-libbz2_so
-+++ b/Makefile-libbz2_so
+--- ./Makefile-libbz2_so
++++ ./Makefile-libbz2_so
@@ -24,7 +24,7 @@
SHELL=/bin/sh
CC=gcc
BIGFILES=-D_FILE_OFFSET_BITS=64
-CFLAGS=-fpic -fPIC -Wall -Winline -O2 -g $(BIGFILES)
-+CFLAGS+=-fpic -fPIC -Wall -Winline $(BIGFILES)
++CFLAGS+=-fpic -fPIC -Wall -Winline $(BIGFILES) $(CPPFLAGS)
OBJS= blocksort.o \
huffman.o \
diff --git a/main/bzip2/bzip2-1.0.4-saneso.patch b/main/bzip2/bzip2-1.0.4-saneso.patch
deleted file mode 100644
index 9a71342ca9..0000000000
--- a/main/bzip2/bzip2-1.0.4-saneso.patch
+++ /dev/null
@@ -1,13 +0,0 @@
---- a/Makefile-libbz2_so
-+++ b/Makefile-libbz2_so
-@@ -35,8 +35,8 @@
- bzlib.o
-
- all: $(OBJS)
-- $(CC) -shared -Wl,-soname -Wl,libbz2.so.1.0 -o libbz2.so.1.0.4 $(OBJS)
-- $(CC) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.4
-+ $(CC) $(LDFLAGS) -shared -Wl,-soname -Wl,libbz2.so.1 -o libbz2.so.1.0.4 $(OBJS)
-+ $(CC) $(LDFLAGS) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.4
- rm -f libbz2.so.1.0
- ln -s libbz2.so.1.0.4 libbz2.so.1.0
-
diff --git a/main/bzip2/bzip2-1.0.6-saneso.patch b/main/bzip2/bzip2-1.0.6-saneso.patch
new file mode 100644
index 0000000000..1968a63bf1
--- /dev/null
+++ b/main/bzip2/bzip2-1.0.6-saneso.patch
@@ -0,0 +1,13 @@
+--- ./Makefile-libbz2_so
++++ ./Makefile-libbz2_so
+@@ -35,8 +35,8 @@
+ bzlib.o
+
+ all: $(OBJS)
+- $(CC) -shared -Wl,-soname -Wl,libbz2.so.1.0 -o libbz2.so.1.0.6 $(OBJS)
+- $(CC) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.6
++ $(CC) $(LDFLAGS) -shared -Wl,-soname -Wl,libbz2.so.1 -o libbz2.so.1.0.6 $(OBJS)
++ $(CC) $(LDFLAGS) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.6
+ rm -f libbz2.so.1.0
+ ln -s libbz2.so.1.0.6 libbz2.so.1.0
+