gentoo resync : 28.04.2021

author: V3n3RiX <venerix@redcorelinux.org> 2021-04-28 20:21:43 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2021-04-28 20:21:43 +0100
commit: 40aaaa64e86ba6710bbeb31c4615a6ce80e75e11 (patch)
tree: 758c221bad35c9288d0bd6df9c7dfc226728e52c /sys-apps/file/files
parent: 8d5dbd847cbc704a6a06405856e94b461011afe3 (diff)
10 files changed, 100 insertions, 217 deletions
diff --git a/sys-apps/file/files/file-5.37-CVE-2019-18218.patch b/sys-apps/file/files/file-5.37-CVE-2019-18218.patch
deleted file mode 100644
index 1cd02b778abf..000000000000
--- a/sys-apps/file/files/file-5.37-CVE-2019-18218.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-CVE-2019-18218
-https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84
-
---- a/src/cdf.c
-+++ b/src/cdf.c
-@@ -1027,8 +1027,9 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
- 				goto out;
- 			}
- 			nelements = CDF_GETUINT32(q, 1);
--			if (nelements == 0) {
--				DPRINTF(("CDF_VECTOR with nelements == 0\n"));
-+			if (nelements > CDF_ELEMENT_LIMIT || nelements == 0) {
-+				DPRINTF(("CDF_VECTOR with nelements == %"
-+				    SIZE_T_FORMAT "u\n", nelements));
- 				goto out;
- 			}
- 			slen = 2;
-@@ -1070,8 +1071,6 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
- 					goto out;
- 				inp += nelem;
- 			}
--			DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n",
--			    nelements));
- 			for (j = 0; j < nelements && i < sh.sh_properties;
- 			    j++, i++)
- 			{
---- a/src/cdf.h
-+++ b/src/cdf.h
-@@ -48,6 +48,7 @@
- typedef int32_t cdf_secid_t;
- 
- #define CDF_LOOP_LIMIT					10000
-+#define CDF_ELEMENT_LIMIT				100000
- 
- #define CDF_SECID_NULL					0
- #define CDF_SECID_FREE					-1
diff --git a/sys-apps/file/files/file-5.38-Revert-PR-93-iaeiaeiaeiae-Do-as-the-comment-says-and.patch b/sys-apps/file/files/file-5.38-Revert-PR-93-iaeiaeiaeiae-Do-as-the-comment-says-and.patch
deleted file mode 100644
index 240edc11f680..000000000000
--- a/sys-apps/file/files/file-5.38-Revert-PR-93-iaeiaeiaeiae-Do-as-the-comment-says-and.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From c9d21a58bea2ecb2dc8876e09e471094d54a25e4 Mon Sep 17 00:00:00 2001
-From: Thomas Deutschmann <whissi@gentoo.org>
-Date: Mon, 13 Apr 2020 01:08:12 +0200
-Subject: [PATCH 1/3] Revert "PR/93: iaeiaeiaeiae: Do as the comment says, and
- count as dynamically linked"
-
-This reverts commit 24c9c086cd7c55b7b0a003a145b32466468e2608.
-
-Fixes misdetection of shared libraries as statically linked as
-reported in bug 717264.
-
-Bug: https://bugs.gentoo.org/717264
-Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
----
- src/readelf.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/readelf.c b/src/readelf.c
-index 40bcfab1..afec31d1 100644
---- a/src/readelf.c
-+++ b/src/readelf.c
-@@ -1638,6 +1638,7 @@ dophn_exec(struct magic_set *ms, int clazz, int swap, int fd, off_t off,
- 		/* Things we can determine before we seek */
- 		switch (xph_type) {
- 		case PT_DYNAMIC:
-+			linking_style = "dynamically";
- 			doread = 1;
- 			break;
- 		case PT_NOTE:
-@@ -1653,7 +1654,6 @@ dophn_exec(struct magic_set *ms, int clazz, int swap, int fd, off_t off,
- 			}
- 			/*FALLTHROUGH*/
- 		case PT_INTERP:
--			linking_style = "dynamically";
- 			doread = 1;
- 			break;
- 		default:
--- 
-2.26.0
-
diff --git a/sys-apps/file/files/file-5.38-The-executable-bit-is-only-set-when-DF_1_PIE-bit-is-.patch b/sys-apps/file/files/file-5.38-The-executable-bit-is-only-set-when-DF_1_PIE-bit-is-.patch
deleted file mode 100644
index bb211f355f77..000000000000
--- a/sys-apps/file/files/file-5.38-The-executable-bit-is-only-set-when-DF_1_PIE-bit-is-.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From ed971e5e3ae79bd28697d16c8b78b693052484e4 Mon Sep 17 00:00:00 2001
-From: Christos Zoulas <christos@zoulas.com>
-Date: Wed, 12 Feb 2020 22:17:33 +0000
-Subject: [PATCH 3/3] The executable bit is only set when DF_1_PIE bit is set
- so it is fine.
-
----
- magic/Magdir/elf | 7 ++++---
- 1 file changed, 4 insertions(+), 3 deletions(-)
-
-diff --git a/magic/Magdir/elf b/magic/Magdir/elf
-index b5a2e00b..f5e1af9a 100644
---- a/magic/Magdir/elf
-+++ b/magic/Magdir/elf
-@@ -50,8 +50,9 @@
- !:mime	application/x-object
- >16	leshort		2		executable,
- !:mime	application/x-executable
-->16	leshort		3		shared object,
--!:mime	application/x-sharedlib
-+>16	leshort		3		${x?pie executable:shared object},
-+
-+!:mime	application/x-${x?pie-executable:sharedlib}
- >16	leshort		4		core file,
- !:mime	application/x-coredump
- # OS-specific
--- 
-2.26.0
-
diff --git a/sys-apps/file/files/file-5.38-td-is-for-ptrdiff_t-not-for-off_t.patch b/sys-apps/file/files/file-5.38-td-is-for-ptrdiff_t-not-for-off_t.patch
deleted file mode 100644
index 09fcaef151ea..000000000000
--- a/sys-apps/file/files/file-5.38-td-is-for-ptrdiff_t-not-for-off_t.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From c49dc91df427f89ebcf9cdec556b8fc88cdfc3c1 Mon Sep 17 00:00:00 2001
-From: Christos Zoulas <christos@zoulas.com>
-Date: Tue, 17 Dec 2019 15:27:27 +0000
-Subject: [PATCH 2/3] %td is for ptrdiff_t not for off_t.
-
----
- src/readelf.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/src/readelf.c b/src/readelf.c
-index afec31d1..8ac3b7d6 100644
---- a/src/readelf.c
-+++ b/src/readelf.c
-@@ -1349,8 +1349,8 @@ doshn(struct magic_set *ms, int clazz, int swap, int fd, off_t off, int num,
- 	name_off = xsh_offset;
- 
- 	if (fsize != SIZE_UNKNOWN && fsize < name_off) {
--		if (file_printf(ms, ", too large section header offset %td",
--		    name_off) == -1)
-+		if (file_printf(ms, ", too large section header offset %jd",
-+		    (intmax_t)name_off) == -1)
- 			return -1;
- 		return 0;
- 	}
--- 
-2.26.0
-
diff --git a/sys-apps/file/files/file-5.39-add-missing-termios.patch b/sys-apps/file/files/file-5.39-add-missing-termios.patch
deleted file mode 100644
index 0614f52dd275..000000000000
--- a/sys-apps/file/files/file-5.39-add-missing-termios.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From 471e2c6c61ecd30ba6e304ae0444d364cfd44254 Mon Sep 17 00:00:00 2001
-From: Christos Zoulas <christos@zoulas.com>
-Date: Thu, 18 Jun 2020 16:25:12 +0000
-Subject: [PATCH] PR/168: gyakovlev: Include <termios.h>
-
----
- src/seccomp.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/src/seccomp.c b/src/seccomp.c
-index e667adfe4..68c56485d 100644
---- a/src/seccomp.c
-+++ b/src/seccomp.c
-@@ -27,7 +27,7 @@
- #include "file.h"
- 
- #ifndef	lint
--FILE_RCSID("@(#)$File: seccomp.c,v 1.15 2020/05/30 23:56:26 christos Exp $")
-+FILE_RCSID("@(#)$File: seccomp.c,v 1.16 2020/06/18 16:25:12 christos Exp $")
- #endif	/* lint */
- 
- #if HAVE_LIBSECCOMP
-@@ -35,6 +35,7 @@ FILE_RCSID("@(#)$File: seccomp.c,v 1.15 2020/05/30 23:56:26 christos Exp $")
- #include <sys/prctl.h> /* prctl */
- #include <sys/ioctl.h>
- #include <sys/socket.h>
-+#include <termios.h>
- #include <fcntl.h>
- #include <stdlib.h>
- #include <errno.h>
diff --git a/sys-apps/file/files/file-5.39-allow-futex-seccomp.patch b/sys-apps/file/files/file-5.39-allow-futex-seccomp.patch
deleted file mode 100644
index 8d9e3d1eb660..000000000000
--- a/sys-apps/file/files/file-5.39-allow-futex-seccomp.patch
+++ /dev/null
@@ -1,18 +0,0 @@
-In some situations, futex() is called even when lzma
-support is not compiled in. Let's enable it unconditionally
-for now.
-
-https://bugs.gentoo.org/771096
-https://bugs.astron.com/view.php?id=241
---- a/src/seccomp.c
-+++ b/src/seccomp.c
-@@ -175,9 +175,7 @@ enable_sandbox_full(void)
-  	ALLOW_RULE(fcntl64);
- 	ALLOW_RULE(fstat);
-  	ALLOW_RULE(fstat64);
--#ifdef XZLIBSUPPORT
- 	ALLOW_RULE(futex);
--#endif
- 	ALLOW_RULE(getdents);
- #ifdef __NR_getdents64
- 	ALLOW_RULE(getdents64);
diff --git a/sys-apps/file/files/file-5.39-seccomp-musl.patch b/sys-apps/file/files/file-5.39-seccomp-musl.patch
deleted file mode 100644
index 72836de67e58..000000000000
--- a/sys-apps/file/files/file-5.39-seccomp-musl.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From 93c91e2ba8042d499fee168e27cbd526438454c6 Mon Sep 17 00:00:00 2001
-From: Christos Zoulas <christos@zoulas.com>
-Date: Sat, 5 Sep 2020 17:20:32 +0000
-Subject: [PATCH] PR/194: puchuu: Handle muslc syscalls
-
----
- src/seccomp.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/src/seccomp.c b/src/seccomp.c
-index 68c56485d..db9364ae4 100644
---- a/src/seccomp.c
-+++ b/src/seccomp.c
-@@ -27,7 +27,7 @@
- #include "file.h"
- 
- #ifndef	lint
--FILE_RCSID("@(#)$File: seccomp.c,v 1.16 2020/06/18 16:25:12 christos Exp $")
-+FILE_RCSID("@(#)$File: seccomp.c,v 1.17 2020/09/05 17:20:32 christos Exp $")
- #endif	/* lint */
- 
- #if HAVE_LIBSECCOMP
-@@ -220,12 +220,14 @@ enable_sandbox_full(void)
- 	ALLOW_RULE(rt_sigreturn);
- 	ALLOW_RULE(select);
- 	ALLOW_RULE(stat);
-+	ALLOW_RULE(statx);
- 	ALLOW_RULE(stat64);
- 	ALLOW_RULE(sysinfo);
- 	ALLOW_RULE(umask);	// Used in file_pipe2file()
- 	ALLOW_RULE(getpid);	// Used by glibc in file_pipe2file()
- 	ALLOW_RULE(unlink);
- 	ALLOW_RULE(write);
-+	ALLOW_RULE(writev);
- 
- 
- #if 0
diff --git a/sys-apps/file/files/file-5.40-seccomp-faccessat.patch b/sys-apps/file/files/file-5.40-seccomp-faccessat.patch
new file mode 100644
index 000000000000..4aeb88cfe875
--- /dev/null
+++ b/sys-apps/file/files/file-5.40-seccomp-faccessat.patch
@@ -0,0 +1,34 @@
+From abcd583135bb0762e6bfd0f2e06c50bea1fb3cd0 Mon Sep 17 00:00:00 2001
+From: Christos Zoulas <christos@zoulas.com>
+Date: Tue, 6 Apr 2021 22:02:17 +0000
+Subject: [PATCH] On ARM64 Linux access() syscall is no longer a real syscall
+ to the kernel. Instead it's emulated by glibc with a new faccessat() syscall.
+ (Icenowy Zheng)
+
+---
+ src/seccomp.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/seccomp.c b/src/seccomp.c
+index 0da907ff7..81842cf5c 100644
+--- a/src/seccomp.c
++++ b/src/seccomp.c
+@@ -27,7 +27,7 @@
+ #include "file.h"
+ 
+ #ifndef	lint
+-FILE_RCSID("@(#)$File: seccomp.c,v 1.18 2021/03/14 17:01:58 christos Exp $")
++FILE_RCSID("@(#)$File: seccomp.c,v 1.19 2021/04/06 22:02:17 christos Exp $")
+ #endif	/* lint */
+ 
+ #if HAVE_LIBSECCOMP
+@@ -171,6 +171,9 @@ enable_sandbox_full(void)
+ 	ALLOW_RULE(dup2);
+ 	ALLOW_RULE(exit);
+ 	ALLOW_RULE(exit_group);
++#ifdef __NR_faccessat
++	ALLOW_RULE(faccessat);
++#endif
+ 	ALLOW_RULE(fcntl);
+  	ALLOW_RULE(fcntl64);
+ 	ALLOW_RULE(fstat);
diff --git a/sys-apps/file/files/file-5.40-seccomp-fstatat64.patch b/sys-apps/file/files/file-5.40-seccomp-fstatat64.patch
new file mode 100644
index 000000000000..57d04e5f40cf
--- /dev/null
+++ b/sys-apps/file/files/file-5.40-seccomp-fstatat64.patch
@@ -0,0 +1,29 @@
+From e3d0265a147878b6c2903bcc83b9842dff68ceb4 Mon Sep 17 00:00:00 2001
+From: Mike Gilbert <floppym@gentoo.org>
+Date: Fri, 23 Apr 2021 15:00:42 -0400
+Subject: [PATCH] seccomp: allow fstatat64
+
+This is needed for the libsandbox LD_PRELOAD wrapper on Gentoo Linux.
+
+Bug: https://bugs.gentoo.org/784857
+---
+ src/seccomp.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/seccomp.c b/src/seccomp.c
+index 81842cf5..43abc684 100644
+--- a/src/seccomp.c
++++ b/src/seccomp.c
+@@ -178,6 +178,9 @@ enable_sandbox_full(void)
+  	ALLOW_RULE(fcntl64);
+ 	ALLOW_RULE(fstat);
+  	ALLOW_RULE(fstat64);
++#ifdef __NR_fstatat64
++	ALLOW_RULE(fstatat64);
++#endif
+ 	ALLOW_RULE(futex);
+ 	ALLOW_RULE(getdents);
+ #ifdef __NR_getdents64
+-- 
+2.31.1
+
diff --git a/sys-apps/file/files/file-5.40-xz_magic.patch b/sys-apps/file/files/file-5.40-xz_magic.patch
new file mode 100644
index 000000000000..e4fed0421f78
--- /dev/null
+++ b/sys-apps/file/files/file-5.40-xz_magic.patch
@@ -0,0 +1,37 @@
+From 9b0459afab309a82aa4e46f73a4e50dd641f3d39 Mon Sep 17 00:00:00 2001
+From: Christos Zoulas <christos@zoulas.com>
+Date: Mon, 19 Apr 2021 17:01:45 +0000
+Subject: [PATCH] PR/257: cuihao: put attributes inside the xz magic.
+
+---
+ magic/Magdir/compress | 7 +++----
+ 1 file changed, 3 insertions(+), 4 deletions(-)
+
+diff --git a/magic/Magdir/compress b/magic/Magdir/compress
+index 64d11a736..41a65738f 100644
+--- a/magic/Magdir/compress
++++ b/magic/Magdir/compress
+@@ -1,5 +1,5 @@
+ #------------------------------------------------------------------------------
+-# $File: compress,v 1.80 2021/03/15 17:49:24 christos Exp $
++# $File: compress,v 1.81 2021/04/19 17:01:45 christos Exp $
+ # compress:  file(1) magic for pure-compression formats (no archives)
+ #
+ # compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, etc.
+@@ -265,14 +265,13 @@
+ 
+ # http://tukaani.org/xz/xz-file-format.txt
+ 0	ustring		\xFD7zXZ\x00		XZ compressed data, checksum
++!:strength * 2
++!:mime	application/x-xz
+ >7	byte&0xf	0x0			NONE
+ >7	byte&0xf	0x1			CRC32
+ >7	byte&0xf	0x4			CRC64
+ >7	byte&0xf	0xa			SHA-256
+ 
+-!:strength * 2
+-!:mime	application/x-xz
+-
+ # https://github.com/ckolivas/lrzip/blob/master/doc/magic.header.txt
+ 0	string		LRZI			LRZIP compressed data
+ >4	byte		x			- version %d
author	V3n3RiX <venerix@redcorelinux.org>	2021-04-28 20:21:43 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2021-04-28 20:21:43 +0100
commit	40aaaa64e86ba6710bbeb31c4615a6ce80e75e11 (patch)
tree	758c221bad35c9288d0bd6df9c7dfc226728e52c /sys-apps/file/files
parent	8d5dbd847cbc704a6a06405856e94b461011afe3 (diff)