diff options
Diffstat (limited to 'app-arch')
-rw-r--r-- | app-arch/Manifest.gz | bin | 16917 -> 16908 bytes | |||
-rw-r--r-- | app-arch/cpio/Manifest | 4 | ||||
-rw-r--r-- | app-arch/cpio/cpio-2.13-r2.ebuild | 40 | ||||
-rw-r--r-- | app-arch/cpio/files/cpio-2.13-fix-no-absolute-filenames-revert-CVE-2015-1197-handling.patch | 47 | ||||
-rw-r--r-- | app-arch/cpio/files/cpio-2.13-sysmacros-glibc-2.26.patch | 12 |
5 files changed, 103 insertions, 0 deletions
diff --git a/app-arch/Manifest.gz b/app-arch/Manifest.gz Binary files differindex 80c5d211285c..a3e7a1f3be6a 100644 --- a/app-arch/Manifest.gz +++ b/app-arch/Manifest.gz diff --git a/app-arch/cpio/Manifest b/app-arch/cpio/Manifest index c355711981dd..e6134eb74a47 100644 --- a/app-arch/cpio/Manifest +++ b/app-arch/cpio/Manifest @@ -1,8 +1,12 @@ AUX cpio-2.12-gcc-10.patch 740 BLAKE2B b129aff7f1c61305ba6b05e57d265439aea3b7da0761788e1a8e2594d903ae1458f757379284a41909765368dc0fad7e960e3a5f7509603f01fcd23c3cef0b1a SHA512 9b86cc1c7dd45333e5e0ceda52ccdb95d93f0be6e6f90bc11ff80a510fd8f707d3ce2b07173b020fcb96202343e06544ec5bf694a42c638313f0195f2a7493fc AUX cpio-2.12-name-overflow.patch 404 BLAKE2B f15aaffd716a6dca8b00f0831cd3bfa8971ca8beee6eb04b6ad3974c0d2770ac23669839b348013974ee827affb7b943d4dfa1be8d29b0b77c8ebea5e01791df SHA512 725468331dbb24e37333f9f56d8f295a7e521dd855f97993a2f62bf6b3a8f44d924b868ad5315dd90706ac28fcbb0b7da4c30e77ad5f401e7c5543410cc42f7a AUX cpio-2.12-non-gnu-compilers.patch 223 BLAKE2B e5ba3da0c1dc23199e52c3782d3a11504b075b1216d20cd8643591abdc3a69afe1db254800327ece8f07f83438756d88c5c10c606b4e14c76a309941dc4ed1f9 SHA512 369efc3393affdb91191ab7a55a6dd3a1157ddfa294bd9a4763cc63e6df72af3a7ab614234d69e327edf14a97e4fb800aee32a379ade73c0f80b0dd8ecf33f03 +AUX cpio-2.13-fix-no-absolute-filenames-revert-CVE-2015-1197-handling.patch 1505 BLAKE2B 77be2bbd0df1b7b44e7517aedd4393d5b4cdb5e90508fa45aa961efe32b4061beaf43b23798908c714aa23a252e914402b22a494d0d6def0a4dc8294b8f84418 SHA512 a60cbfb3cc418d9d45e226e6da4c857176ce0517e829e288ffa7dd85b8fcca1c0a7c0ae0e0eab14fdb438be742f2625aa1c3169a41d1fa05c5e3cd426f270687 +AUX cpio-2.13-sysmacros-glibc-2.26.patch 376 BLAKE2B a925fe08309808763b2900b20e880d6bad7cf37810475427c516b9bca9fee7836bfb70a92f8c8fd9cd236428c7639bcdfff85b7afa4c3c9d73fcaf6bfc049c0e SHA512 2cf3466b38fe9d95437c5d413505ff76fe2d917be01c21a450bd952b00c1e6b7330e5326b65b1ff8b6f956e888ac506d0f5c4ac6d69d9206994f0c6dd34aa8c1 DIST cpio-2.12.tar.bz2 1258605 BLAKE2B 4b6d42a1d8aaeaa980cab5894b2e264451e96a108f2c3aa89d3e6fde0bff338e026ee233ebd7c8cf41f3c926d42d38b866778244db774055736ca8792889e160 SHA512 0cd4da5f2fbca179ab4e666a5f878414c086a5f98bce4c76273f21d9b2a6fe422d901b5d453826c5f81bbe363aa015047a1e99779ad1a451c8feca6205c63120 +DIST cpio-2.13-CVE-2021-38185.patch.xz 7844 BLAKE2B e338950e03c3eed3b4288435c9c75af8f0c3497b43680be4ee347e628db7cfac616b437a848094bf82cfc2c7f29d59b388bf0f6368b3b99770022e3f9533be11 SHA512 4d2cafefcd1ae9d86cb5171de2896799713490dfd9ed27d3dce0886fa4588c8df2b16ad8508a5dbb9155c9de6e40b6d1083bdb4774d967193a270a1dcbe37a33 DIST cpio-2.13.tar.bz2 1354559 BLAKE2B 45d77723acb55f15c8574ab5a2fdff6fb1767629d177dd3416b0268e9f82ee6bdd11b4fa591ef020efccbdc3f4918cf77263169da1a0f6422dfe1a9712295778 SHA512 459398e69f7f48201c04d1080218c50f75edcf114ffcbb236644ff6fcade5fcc566929bdab2ebe9be5314828d6902e43b348a8adf28351df978c8989590e93a3 EBUILD cpio-2.12-r1.ebuild 828 BLAKE2B dbb7332b54ed751015b8e17c687f088344244543447ddd6f7bd1c66caf0af578f4fe96a8fa0389009aafff3fec0f9a433334dd4c4b047ff9bc0ef675542d2ef9 SHA512 803b31960635ce881ec7c2ce3a3f4e7176899d000c8e30c7a00ab9597c1c09a291e2f6b157226d41e527be740b9b54c7f1655641c52e395351611db7b61944cd +EBUILD cpio-2.13-r2.ebuild 1159 BLAKE2B 22b32689c424595ca277f9c090afa22d375967c45c5c4b49fcad4cb9b720b585940be056b419b0d6f5f1b1e4d4f975392173ec74bc59646c57b7da5b1f296f71 SHA512 ea6bd48e0dfd7475bbc094f81217ae0af9892d70844b433c298c82c90943a786f07fbb5b98f4cf2fc4c514b8ca3d7df4128e2c7649d81534ca4f0d4c803bf3bd EBUILD cpio-2.13.ebuild 819 BLAKE2B 0c7c7f0166c1557cc7ad9cef1e471e5a24cb9378682b7a4fc204e9eeddaa0edeea436f5de2a1a58abf9106e4fdbb743b4161df45a6d1a2285251a197e200e15d SHA512 fac44856237a01f8284526ed1743220c4cf5bf65aca048a6d6bfe69be9c27d23cd6a820716950734f1ed4347c5b2e17808420d9517e01f5e73da3e6a203e5982 MISC metadata.xml 328 BLAKE2B f8b8bff5b160351a92837553de20eda1da31a6c0594c1118e1f71b3cd19d9ea8d3420bdce943d83644f5ffc234950f95fb9229a213660767dc5281120085b26f SHA512 08e1c6a03b894946bf6332bf46c8a7534ed0998777b30cb9eecb9c746bb333b65fb41dfeeb6938cbc08d0ad0a303d752ea70a6a6a6ae2c5c2935b2b4e4d9928f diff --git a/app-arch/cpio/cpio-2.13-r2.ebuild b/app-arch/cpio/cpio-2.13-r2.ebuild new file mode 100644 index 000000000000..c3924649236b --- /dev/null +++ b/app-arch/cpio/cpio-2.13-r2.ebuild @@ -0,0 +1,40 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools + +DESCRIPTION="A file archival tool which can also read and write tar files" +HOMEPAGE="https://www.gnu.org/software/cpio/cpio.html" +SRC_URI="mirror://gnu/cpio/${P}.tar.bz2" +SRC_URI+=" https://dev.gentoo.org/~sam/distfiles/${CATEGORY}/${PN}/${P}-CVE-2021-38185.patch.xz" + +LICENSE="GPL-3+" +SLOT="0" +#KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +IUSE="nls" + +PATCHES=( + "${FILESDIR}"/${PN}-2.12-non-gnu-compilers.patch #275295 + "${WORKDIR}"/${P}-CVE-2021-38185.patch + "${FILESDIR}"/${PN}-2.13-sysmacros-glibc-2.26.patch + "${FILESDIR}"/${PN}-2.13-fix-no-absolute-filenames-revert-CVE-2015-1197-handling.patch +) + +src_prepare() { + default + + # Drop after 2.13 (only here for CVE patch) + eautoreconf +} + +src_configure() { + local myeconfargs=( + $(use_enable nls) + --bindir="${EPREFIX}"/bin + --with-rmt="${EPREFIX}"/usr/sbin/rmt + ) + + econf "${myeconfargs[@]}" +} diff --git a/app-arch/cpio/files/cpio-2.13-fix-no-absolute-filenames-revert-CVE-2015-1197-handling.patch b/app-arch/cpio/files/cpio-2.13-fix-no-absolute-filenames-revert-CVE-2015-1197-handling.patch new file mode 100644 index 000000000000..326489a54943 --- /dev/null +++ b/app-arch/cpio/files/cpio-2.13-fix-no-absolute-filenames-revert-CVE-2015-1197-handling.patch @@ -0,0 +1,47 @@ +https://sources.debian.org/patches/cpio/2.13%2Bdfsg-7.1/revert-CVE-2015-1197-handling.patch/ +https://bugs.gentoo.org/700020 + +From: Chris Lamb <lamby@debian.org> +Date: Sat, 1 Feb 2020 13:36:37 +0100 +Subject: Fix a regression in handling of CVE-2015-1197 & + --no-absolute-filenames. + +See: + + * https://bugs.debian.org/946267 + * https://bugs.debian.org/946469 + +This reverts (most of): https://git.savannah.gnu.org/cgit/cpio.git/diff/?id=45b0ee2b407913c533f7ded8d6f8cbeec16ff6ca&id2=3177d660a4c62a6acb538b0f7c54ba423698889a +--- a/src/copyin.c ++++ b/src/copyin.c +@@ -646,8 +646,6 @@ copyin_link (struct cpio_file_stat *file_hdr, int in_file_des) + link_name = xstrdup (file_hdr->c_tar_linkname); + } + +- cpio_safer_name_suffix (link_name, true, !no_abs_paths_flag, false); +- + res = UMASKED_SYMLINK (link_name, file_hdr->c_name, + file_hdr->c_mode); + if (res < 0 && create_dir_flag) +--- a/tests/testsuite ++++ b/tests/testsuite +@@ -2787,7 +2787,7 @@ read at_status <"$at_status_file" + #AT_START_14 + at_fn_group_banner 14 'CVE-2015-1197.at:17' \ + "CVE-2015-1197 (--no-absolute-filenames for symlinks)" "" +-at_xfail=no ++at_xfail=yes + ( + $as_echo "14. $at_setup_line: testing $at_desc ..." + $at_traceon + +--- a/tests/CVE-2015-1197.at ++++ b/tests/CVE-2015-1197.at +@@ -15,6 +15,7 @@ + # along with this program. If not, see <http://www.gnu.org/licenses/>. + + AT_SETUP([CVE-2015-1197 (--no-absolute-filenames for symlinks)]) ++AT_XFAIL_IF([true]) + AT_CHECK([ + tempdir=$(pwd)/tmp + mkdir $tempdir diff --git a/app-arch/cpio/files/cpio-2.13-sysmacros-glibc-2.26.patch b/app-arch/cpio/files/cpio-2.13-sysmacros-glibc-2.26.patch new file mode 100644 index 000000000000..0f902f060f86 --- /dev/null +++ b/app-arch/cpio/files/cpio-2.13-sysmacros-glibc-2.26.patch @@ -0,0 +1,12 @@ +--- a/am/ax_compile_check_rettype.m4 ++++ b/am/ax_compile_check_rettype.m4 +@@ -70,6 +70,7 @@ AC_CACHE_VAL(AC_CV_NAME, + [for ac_type in char short int long "long long" $4 + do + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ ++#include <sys/sysmacros.h> + #include <sys/types.h> + $3 + ]], [[switch (0) case 0: case (sizeof ($1($2)) == sizeof ($ac_type)):;]])], [AC_CV_NAME=$ac_type]) + + |