gentoo new year resync : 01.01.2021

author: V3n3RiX <venerix@redcorelinux.org> 2021-01-01 21:06:00 +0000
committer: V3n3RiX <venerix@redcorelinux.org> 2021-01-01 21:06:00 +0000
commit: 129160ec854dca4c3fedb5bcfbcb56930371da0f (patch)
tree: 53bf797418ac5e9b99c41ca0382c87b82421e5de /sys-libs/cracklib
parent: 441d1370330332b7d78f238d2f5e13f7aed5e4e0 (diff)
5 files changed, 7 insertions, 274 deletions
diff --git a/sys-libs/cracklib/Manifest b/sys-libs/cracklib/Manifest
index ccd57833d891..1d9df81d0b2b 100644
--- a/sys-libs/cracklib/Manifest
+++ b/sys-libs/cracklib/Manifest
@@ -1,7 +1,3 @@
-AUX cracklib-2.9.6-CVE-2016-6318.patch 3288 BLAKE2B ed213c5d5228ded6ceed088bed2bfe462f6102bb1414dbdd5e61f1cb4bdfd50902e072c0e35222d6e913bb61e87a4c25102aebb82661c9c6668d7caea6ae158c SHA512 232f632034fb602ea464885cd9f07aa30a3feb04bd231e7c2f2854f47493e027d87910454c089dc2c567aa01f6882bed7ee2a86d929fa36178746cf2a7dbf346
-AUX cracklib-2.9.6-fix-long-word-bufferoverflow.patch 1614 BLAKE2B 01add5ae4241f0200e8b3e35c376f176c137c8ab9a75e4364e4fd285ac85d1b2e59327eb34bb21f29e0b638199cf4f9c9603b8e747d52e62978fd392b13ce89d SHA512 e4a2f9f467d3f0ce8acd4c9ea6ca19787dca6bd2bfaa80ddbf9ec1214a5e2b519c088b07760349adac9bd6805a4b512c015181863d679643cc12c68104c29a6d
-DIST cracklib-2.9.6.tar.gz 642402 BLAKE2B 4d7a0d12d1e7101c82d03f76e073407481078747c283fe3251f947542017fff03fbc5e98505c6a7a8987a2bbcea99dab558c15b1eb8fd16755859ce5a4440ed2 SHA512 2b09672e5b412d670e7ed911ebf0c0023fe2901ea05c9c02eefb7a58a13cddbc27a65d75bb20be9f8cebf4c90a9a56dfe1a3b656dff62b1d6048f5376e671786
 DIST cracklib-2.9.7.tar.bz2 603630 BLAKE2B 81a45b2fb9f34da84d4fb864e1a9f67a4b22c246f1e4db1c599a555f79d560a04d95afb01a89cd3a2e0936f0e8fc51ff5ada26098c24d7af0777a94f51b82bbd SHA512 f6bf65ac092ba46ff78ddbc115692260fb76dc71219cd679d2ea935ebfb9e709fbb30259a7406743ed00dbdc415335b3ac9d9fcba1d204ea36d5eb96bf1333a2
-EBUILD cracklib-2.9.6-r2.ebuild 2799 BLAKE2B 8caa26d3639a713c607b02fc073db01630752845a0a3b5c81f45f17cf753d9c40266e5ce573e624253b0d4f560af98a0bfdb765b7e69055e41eb4787ad501e89 SHA512 70c063f667c0a153adfa97d684d360edc036c091d8f243f2b2ba130a9106fdea93a234c9608294de741b7434c897e5e4904f8c351560e8e43ba0c5c79d27a696
-EBUILD cracklib-2.9.7.ebuild 2527 BLAKE2B 7b92ba319b46b4f55e5430dd99e9e0cb7ee4cf0e7bd317301009bcf6f65e6f6f7a64f121263b3ca5ec2fd4e9bbe84c878a304bf1c346fe3f348d38539d4749bb SHA512 bcb525d9b59ffd7c2a40f250ff3704ca271788612d9e2846cc290fea81b49c745174d776ace88d3a13b751c0dcdf7079f5880d0ac65aff0b8fc3c24b2614ccae
+EBUILD cracklib-2.9.7.ebuild 2502 BLAKE2B 84ac9bb008195b1213c94bda66a29e8fe03c6a58a67da388245ca494552684ed0ec680d3dfc4840a8349a8ef8fd30b18a981b359760f9d28edd0a32a5e996f9f SHA512 7d33e35217d7b679fc1979f6432eeb2ea29b5ffb16646db0ba3a0d12d28b153e6b56ac95c0b3625fa251521037b14ab9633a0bcf06f8e1f10a4a7be699b79d64
 MISC metadata.xml 384 BLAKE2B 68827917aeea5af1cc1b3c9badfc420c3e9652f3c79fa22b925f4e317c722bf43420c5cb7e4060ed63d5b5319aad1d4cbe3b09f47422a1be06d07c598ea1cff5 SHA512 773287176f56f1a0f11edc6cd1ca85453f998ad8e58b1e608562335f814aab18124bfb850063dd4fa35aba525b776bf2c202d8afa6d4b51e354276678f324bd1
diff --git a/sys-libs/cracklib/cracklib-2.9.6-r2.ebuild b/sys-libs/cracklib/cracklib-2.9.6-r2.ebuild
deleted file mode 100644
index 66b54d2dd663..000000000000
--- a/sys-libs/cracklib/cracklib-2.9.6-r2.ebuild
+++ /dev/null
@@ -1,112 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-PYTHON_COMPAT=( python3_6 )
-DISTUTILS_OPTIONAL=1
-
-inherit distutils-r1 libtool multilib-minimal toolchain-funcs usr-ldscript
-
-MY_P=${P/_}
-DESCRIPTION="Password Checking Library"
-HOMEPAGE="https://github.com/cracklib/cracklib/"
-# source tarballs on GitHub lack pre-generated configure script.
-#SRC_URI="https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
-SRC_URI="https://dev.gentoo.org/~polynomial-c/dist/${P}.tar.gz"
-
-LICENSE="LGPL-2.1"
-SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 s390 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos ~m68k-mint"
-IUSE="nls python static-libs zlib"
-REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
-
-RDEPEND="python? ( ${PYTHON_DEPS} )
-	zlib? ( >=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}] )"
-DEPEND="${RDEPEND}
-	python? (
-		dev-python/setuptools[${PYTHON_USEDEP}]
-	)"
-
-S="${WORKDIR}/${MY_P}"
-
-PATCHES=(
-	"${FILESDIR}"/cracklib-2.9.6-CVE-2016-6318.patch
-	"${FILESDIR}"/cracklib-2.9.6-fix-long-word-bufferoverflow.patch
-)
-
-do_python() {
-	multilib_is_native_abi || return 0
-	use python || return 0
-	pushd python > /dev/null || die
-	distutils-r1_src_${EBUILD_PHASE}
-	popd > /dev/null
-}
-
-pkg_setup() {
-	# workaround #195017
-	if has unmerge-orphans ${FEATURES} && has_version "<${CATEGORY}/${PN}-2.8.10" ; then
-		eerror "Upgrade path is broken with FEATURES=unmerge-orphans"
-		eerror "Please run: FEATURES=-unmerge-orphans emerge cracklib"
-		die "Please run: FEATURES=-unmerge-orphans emerge cracklib"
-	fi
-}
-
-src_prepare() {
-	eapply -p2 "${PATCHES[@]}"
-	eapply_user
-	elibtoolize #269003
-	do_python
-}
-
-multilib_src_configure() {
-	local myeconfargs=(
-		# use /usr/lib so that the dictionary is shared between ABIs
-		--with-default-dict='/usr/lib/cracklib_dict'
-		--without-python
-		$(use_enable nls)
-		$(use_enable static-libs static)
-	)
-	export ac_cv_header_zlib_h=$(usex zlib)
-	export ac_cv_search_gzopen=$(usex zlib -lz no)
-	ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
-}
-
-multilib_src_compile() {
-	default
-	do_python
-}
-
-multilib_src_test() {
-	# Make sure we load the freshly built library
-	LD_LIBRARY_PATH="${BUILD_DIR}/lib/.libs" do_python
-}
-
-python_test() {
-	${EPYTHON} -m unittest test_cracklib || die "Tests fail with ${EPYTHON}"
-}
-
-multilib_src_install() {
-	default
-	# move shared libs to /
-	gen_usr_ldscript -a crack
-
-	do_python
-}
-
-multilib_src_install_all() {
-	einstalldocs
-	find "${ED}" -name "*.la" -delete || die
-	rm -r "${ED%/}"/usr/share/cracklib || die
-
-	insinto /usr/share/dict
-	doins dicts/cracklib-small
-}
-
-pkg_postinst() {
-	if [[ ${ROOT} == "/" ]] ; then
-		ebegin "Regenerating cracklib dictionary"
-		create-cracklib-dict "${EPREFIX}"/usr/share/dict/* > /dev/null
-		eend $?
-	fi
-}
diff --git a/sys-libs/cracklib/cracklib-2.9.7.ebuild b/sys-libs/cracklib/cracklib-2.9.7.ebuild
index 320276fcb567..7af49f870235 100644
--- a/sys-libs/cracklib/cracklib-2.9.7.ebuild
+++ b/sys-libs/cracklib/cracklib-2.9.7.ebuild
@@ -1,12 +1,12 @@
 # Copyright 1999-2020 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
-EAPI=6
+EAPI=7
 
 PYTHON_COMPAT=( python3_{6,7,8} )
 DISTUTILS_OPTIONAL=1
 
-inherit distutils-r1 libtool multilib-minimal toolchain-funcs usr-ldscript
+inherit distutils-r1 libtool multilib-minimal usr-ldscript
 
 MY_P=${P/_}
 DESCRIPTION="Password Checking Library"
@@ -15,7 +15,7 @@ SRC_URI="https://github.com/${PN}/${PN}/releases/download/v${PV}/${P}.tar.bz2"
 
 LICENSE="LGPL-2.1"
 SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv s390 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos ~m68k-mint"
+KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv s390 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos"
 IUSE="nls python static-libs zlib"
 REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
 
@@ -88,15 +88,15 @@ multilib_src_install() {
 
 multilib_src_install_all() {
 	einstalldocs
-	find "${ED}" -name "*.la" -delete || die
-	rm -r "${ED%/}"/usr/share/cracklib || die
+	find "${ED}" -type f -name "*.la" -delete || die
+	rm -r "${ED}"/usr/share/cracklib || die
 
 	insinto /usr/share/dict
 	doins dicts/cracklib-small
 }
 
 pkg_postinst() {
-	if [[ ${ROOT} == "/" ]] ; then
+	if [[ -z ${ROOT} ]] ; then
 		ebegin "Regenerating cracklib dictionary"
 		create-cracklib-dict "${EPREFIX}"/usr/share/dict/* > /dev/null
 		eend $?
diff --git a/sys-libs/cracklib/files/cracklib-2.9.6-CVE-2016-6318.patch b/sys-libs/cracklib/files/cracklib-2.9.6-CVE-2016-6318.patch
deleted file mode 100644
index bc47734759e2..000000000000
--- a/sys-libs/cracklib/files/cracklib-2.9.6-CVE-2016-6318.patch
+++ /dev/null
@@ -1,108 +0,0 @@
-From 47e5dec521ab6243c9b249dd65b93d232d90d6b1 Mon Sep 17 00:00:00 2001
-From: Jan Dittberner <jan@dittberner.info>
-Date: Thu, 25 Aug 2016 17:13:49 +0200
-Subject: [PATCH] Apply patch to fix CVE-2016-6318
-
-This patch fixes an issue with a stack-based buffer overflow whne
-parsing large GECOS field. See
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6318 and
-https://security-tracker.debian.org/tracker/CVE-2016-6318 for more
-information.
----
- src/NEWS          |  1 +
- src/lib/fascist.c | 57 ++++++++++++++++++++++++++++++++-----------------------
- 2 files changed, 34 insertions(+), 24 deletions(-)
-
-diff --git a/src/NEWS b/src/NEWS
-index 26abeee..361a207 100644
---- a/src/NEWS
-+++ b/src/NEWS
-@@ -1,3 +1,4 @@
-+v2.9.x apply patch to fix CVE-2016-6318 Stack-based buffer overflow when parsing large GECOS field
- v2.9.6 updates to cracklib-words to add a bunch of other dictionary lists
-        migration to github
-        patch to add some particularly bad cases to the cracklib small dictionary (Matthew Miller)
-diff --git a/src/lib/fascist.c b/src/lib/fascist.c
-index a996509..d4deb15 100644
---- a/src/lib/fascist.c
-+++ b/src/lib/fascist.c
-@@ -502,7 +502,7 @@ FascistGecosUser(char *password, const char *user, const char *gecos)
-     char gbuffer[STRINGSIZE];
-     char tbuffer[STRINGSIZE];
-     char *uwords[STRINGSIZE];
--    char longbuffer[STRINGSIZE * 2];
-+    char longbuffer[STRINGSIZE];
- 
-     if (gecos == NULL)
- 	gecos = "";
-@@ -583,38 +583,47 @@ FascistGecosUser(char *password, const char *user, const char *gecos)
-     {
- 	for (i = 0; i < j; i++)
- 	{
--	    strcpy(longbuffer, uwords[i]);
--	    strcat(longbuffer, uwords[j]);
--
--	    if (GTry(longbuffer, password))
-+	    if (strlen(uwords[i]) + strlen(uwords[j]) < STRINGSIZE)
- 	    {
--		return _("it is derived from your password entry");
--	    }
-+		strcpy(longbuffer, uwords[i]);
-+		strcat(longbuffer, uwords[j]);
- 
--	    strcpy(longbuffer, uwords[j]);
--	    strcat(longbuffer, uwords[i]);
-+		if (GTry(longbuffer, password))
-+		{
-+		    return _("it is derived from your password entry");
-+		}
- 
--	    if (GTry(longbuffer, password))
--	    {
--		return _("it's derived from your password entry");
--	    }
-+		strcpy(longbuffer, uwords[j]);
-+		strcat(longbuffer, uwords[i]);
- 
--	    longbuffer[0] = uwords[i][0];
--	    longbuffer[1] = '\0';
--	    strcat(longbuffer, uwords[j]);
-+		if (GTry(longbuffer, password))
-+		{
-+		   return _("it's derived from your password entry");
-+		}
-+	    }
- 
--	    if (GTry(longbuffer, password))
-+	    if (strlen(uwords[j]) < STRINGSIZE - 1)
- 	    {
--		return _("it is derivable from your password entry");
-+		longbuffer[0] = uwords[i][0];
-+		longbuffer[1] = '\0';
-+		strcat(longbuffer, uwords[j]);
-+
-+		if (GTry(longbuffer, password))
-+		{
-+		    return _("it is derivable from your password entry");
-+		}
- 	    }
- 
--	    longbuffer[0] = uwords[j][0];
--	    longbuffer[1] = '\0';
--	    strcat(longbuffer, uwords[i]);
--
--	    if (GTry(longbuffer, password))
-+	    if (strlen(uwords[i]) < STRINGSIZE - 1)
- 	    {
--		return _("it's derivable from your password entry");
-+		longbuffer[0] = uwords[j][0];
-+		longbuffer[1] = '\0';
-+		strcat(longbuffer, uwords[i]);
-+
-+		if (GTry(longbuffer, password))
-+		{
-+		    return _("it's derivable from your password entry");
-+		}
- 	    }
- 	}
-     }
diff --git a/sys-libs/cracklib/files/cracklib-2.9.6-fix-long-word-bufferoverflow.patch b/sys-libs/cracklib/files/cracklib-2.9.6-fix-long-word-bufferoverflow.patch
deleted file mode 100644
index 59dc9e539eb3..000000000000
--- a/sys-libs/cracklib/files/cracklib-2.9.6-fix-long-word-bufferoverflow.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 33d7fa4585247cd2247a1ffa032ad245836c6edb Mon Sep 17 00:00:00 2001
-From: Jan Dittberner <jan@dittberner.info>
-Date: Thu, 25 Aug 2016 17:17:53 +0200
-Subject: [PATCH] Fix a buffer overflow processing long words
-
-A buffer overflow processing long words has been discovered. This commit
-applies the patch from
-https://build.opensuse.org/package/view_file/Base:System/cracklib/0004-overflow-processing-long-words.patch
-by Howard Guo.
-
-See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=835386 and
-http://www.openwall.com/lists/oss-security/2016/08/23/8
----
- src/NEWS        | 1 +
- src/lib/rules.c | 5 ++---
- 2 files changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/src/NEWS b/src/NEWS
-index 361a207..f1df3b0 100644
---- a/src/NEWS
-+++ b/src/NEWS
-@@ -1,4 +1,5 @@
- v2.9.x apply patch to fix CVE-2016-6318 Stack-based buffer overflow when parsing large GECOS field
-+       fix a buffer overflow processing long words
- v2.9.6 updates to cracklib-words to add a bunch of other dictionary lists
-        migration to github
-        patch to add some particularly bad cases to the cracklib small dictionary (Matthew Miller)
-diff --git a/src/lib/rules.c b/src/lib/rules.c
-index d193cc0..3a2aa46 100644
---- a/src/lib/rules.c
-+++ b/src/lib/rules.c
-@@ -434,9 +434,8 @@ Mangle(input, control)		/* returns a pointer to a controlled Mangle */
- {
-     int limit;
-     register char *ptr;
--    static char area[STRINGSIZE];
--    char area2[STRINGSIZE];
--    area[0] = '\0';
-+    static char area[STRINGSIZE * 2] = {0};
-+    char area2[STRINGSIZE * 2] = {0};
-     strcpy(area, input);
- 
-     for (ptr = control; *ptr; ptr++)
author	V3n3RiX <venerix@redcorelinux.org>	2021-01-01 21:06:00 +0000
committer	V3n3RiX <venerix@redcorelinux.org>	2021-01-01 21:06:00 +0000
commit	129160ec854dca4c3fedb5bcfbcb56930371da0f (patch)
tree	53bf797418ac5e9b99c41ca0382c87b82421e5de /sys-libs/cracklib
parent	441d1370330332b7d78f238d2f5e13f7aed5e4e0 (diff)