main/zlib: upgrade to 1.2.12 (CVE-2018-25032)

Include fixes from upstream PRs: https://github.com/madler/zlib/pull/607 https://github.com/madler/zlib/pull/599
author: Natanael Copa <ncopa@alpinelinux.org> 2022-03-28 12:11:35 +0200
committer: Natanael Copa <ncopa@alpinelinux.org> 2022-03-28 16:54:54 +0200
commit: 94c2410e779e3707e9fcc0ff8b2fe0d6658b3d61 (patch)
tree: ab02cb9974489b63483c767e6e4e99aae851f1f4
parent: 1409621a50d7a073f044be945e4a1d1752369050 (diff)
3 files changed, 131 insertions, 4 deletions
diff --git a/main/zlib/APKBUILD b/main/zlib/APKBUILD
index e9f33ee6475..81d498a68f7 100644
--- a/main/zlib/APKBUILD
+++ b/main/zlib/APKBUILD
@@ -1,13 +1,19 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=zlib
-pkgver=1.2.11
-pkgrel=3
+pkgver=1.2.12
+pkgrel=0
 pkgdesc="A compression/decompression Library"
 arch="all"
 license="Zlib"
 url="https://zlib.net/"
 subpackages="$pkgname-static $pkgname-dev $pkgname-doc"
-source="https://zlib.net/zlib-$pkgver.tar.gz"
+source="https://zlib.net/zlib-$pkgver.tar.gz
+	Fix-CC-logic-in-configure.patch
+	configure-Pass-LDFLAGS-to-link-tests.patch
+	"
+# secfixes:
+#   1.2.12-r0:
+#     - CVE-2018-25032
 
 build() {
 	# we trade size for a little more speed.
@@ -29,4 +35,8 @@ package() {
 		DESTDIR="$pkgdir"
 }
 
-sha512sums="73fd3fff4adeccd4894084c15ddac89890cd10ef105dd5e1835e1e9bbb6a49ff229713bd197d203edfa17c2727700fce65a2a235f07568212d820dca88b528ae  zlib-1.2.11.tar.gz"
+sha512sums="
+cc2366fa45d5dfee1f983c8c51515e0cff959b61471e2e8d24350dea22d3f6fcc50723615a911b046ffc95f51ba337d39ae402131a55e6d1541d3b095d6c0a14  zlib-1.2.12.tar.gz
+faa19991e88cbfd624ac9ce4a0ba12e3d7d54f88680b1a0a156a542a45bafe2053d69c6f309327817f7cc74f5765204bbb3c56ff531efd29d8fd6bb682c78598  Fix-CC-logic-in-configure.patch
+76179eb7e498aef5bc88c3f826c6f2506a2d3c3a2e2560ef1825bd4a9297d68b0d2390619a4b3b0b2e6dde765431e5fba18fd15fbd1ad99827244f8f9bdbd909  configure-Pass-LDFLAGS-to-link-tests.patch
+"
diff --git a/main/zlib/Fix-CC-logic-in-configure.patch b/main/zlib/Fix-CC-logic-in-configure.patch
new file mode 100644
index 00000000000..f34c40445de
--- /dev/null
+++ b/main/zlib/Fix-CC-logic-in-configure.patch
@@ -0,0 +1,43 @@
+From 80d086357a55b94a13e43756cf3e131f25eef0e4 Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Mon, 28 Mar 2022 08:40:45 +0100
+Subject: [PATCH] Fix CC logic in configure
+
+In https://github.com/madler/zlib/commit/e9a52aa129efe3834383e415580716a7c4027f8d,
+the logic was changed to try check harder for GCC, but it dropped
+the default setting of cc=${CC}. It was throwing away any pre-set CC value as
+a result.
+
+The rest of the script then cascades down a bad path because it's convinced
+it's not GCC or a GCC-like compiler.
+
+This led to e.g. misdetection of inability to build shared libs
+for say, multilib cases (w/ CC being one thing from the environment being used
+for one test (e.g. x86_64-unknown-linux-gnu-gcc -m32 and then 'cc' used for
+shared libs (but missing "-m32"!)). Obviously just one example of how
+the old logic could break.
+
+This restores the old default of 'CC' if nothing overrides it later
+in configure.
+
+Bug: https://bugs.gentoo.org/836308
+Signed-off-by: Sam James <sam@gentoo.org>
+---
+ configure | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/configure b/configure
+index 52ff4a04e..3fa3e8618 100755
+--- a/configure
++++ b/configure
+@@ -174,7 +174,10 @@ if test -z "$CC"; then
+   else
+     cc=${CROSS_PREFIX}cc
+   fi
++else
++  cc=${CC}
+ fi
++
+ cflags=${CFLAGS-"-O3"}
+ # to force the asm version use: CFLAGS="-O3 -DASMV" ./configure
+ case "$cc" in
diff --git a/main/zlib/configure-Pass-LDFLAGS-to-link-tests.patch b/main/zlib/configure-Pass-LDFLAGS-to-link-tests.patch
new file mode 100644
index 00000000000..3689dd88d65
--- /dev/null
+++ b/main/zlib/configure-Pass-LDFLAGS-to-link-tests.patch
@@ -0,0 +1,74 @@
+From 37c9730ba474d274f4cc6a974943eef95087b9f6 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Tue, 8 Mar 2022 22:38:47 -0800
+Subject: [PATCH] configure: Pass LDFLAGS to link tests
+
+LDFLAGS can contain critical flags without which linking wont succeed
+therefore ensure that all configure tests involving link time checks are
+using LDFLAGS on compiler commandline along with CFLAGS to ensure the
+tests perform correctly. Without this some tests may fail resulting in
+wrong confgure result, ending in miscompiling the package
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ configure | 12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/configure b/configure
+index e974d1fd7..69dfa3f69 100755
+--- a/configure
++++ b/configure
+@@ -410,7 +410,7 @@ if test $shared -eq 1; then
+   echo Checking for shared library support... | tee -a configure.log
+   # we must test in two steps (cc then ld), required at least on SunOS 4.x
+   if try $CC -w -c $SFLAGS $test.c &&
+-     try $LDSHARED $SFLAGS -o $test$shared_ext $test.o; then
++     try $LDSHARED $SFLAGS $LDFLAGS -o $test$shared_ext $test.o; then
+     echo Building shared library $SHAREDLIBV with $CC. | tee -a configure.log
+   elif test -z "$old_cc" -a -z "$old_cflags"; then
+     echo No shared library support. | tee -a configure.log
+@@ -492,7 +492,7 @@ int main(void) {
+ }
+ EOF
+   fi
+-  if try $CC $CFLAGS -o $test $test.c; then
++  if try $CC $CFLAGS $LDFLAGS -o $test $test.c; then
+     sizet=`./$test`
+     echo "Checking for a pointer-size integer type..." $sizet"." | tee -a configure.log
+   else
+@@ -530,7 +530,7 @@ int main(void) {
+   return 0;
+ }
+ EOF
+-  if try $CC $CFLAGS -o $test $test.c; then
++  if try $CC $CFLAGS $LDFLAGS -o $test $test.c; then
+     echo "Checking for fseeko... Yes." | tee -a configure.log
+   else
+     CFLAGS="${CFLAGS} -DNO_FSEEKO"
+@@ -547,7 +547,7 @@ cat > $test.c <<EOF
+ #include <errno.h>
+ int main() { return strlen(strerror(errno)); }
+ EOF
+-if try $CC $CFLAGS -o $test $test.c; then
++if try $CC $CFLAGS $LDFLAGS -o $test $test.c; then
+   echo "Checking for strerror... Yes." | tee -a configure.log
+ else
+   CFLAGS="${CFLAGS} -DNO_STRERROR"
+@@ -654,7 +654,7 @@ int main()
+   return (mytest("Hello%d\n", 1));
+ }
+ EOF
+-  if try $CC $CFLAGS -o $test $test.c; then
++  if try $CC $CFLAGS $LDFLAGS -o $test $test.c; then
+     echo "Checking for vsnprintf() in stdio.h... Yes." | tee -a configure.log
+ 
+     echo >> configure.log
+@@ -744,7 +744,7 @@ int main()
+ }
+ EOF
+ 
+-  if try $CC $CFLAGS -o $test $test.c; then
++  if try $CC $CFLAGS $LDFLAGS -o $test $test.c; then
+     echo "Checking for snprintf() in stdio.h... Yes." | tee -a configure.log
+ 
+     echo >> configure.log
author	Natanael Copa <ncopa@alpinelinux.org>	2022-03-28 12:11:35 +0200
committer	Natanael Copa <ncopa@alpinelinux.org>	2022-03-28 16:54:54 +0200
commit	94c2410e779e3707e9fcc0ff8b2fe0d6658b3d61 (patch)
tree	ab02cb9974489b63483c767e6e4e99aae851f1f4
parent	1409621a50d7a073f044be945e4a1d1752369050 (diff)