diff options
Diffstat (limited to 'app-forensics')
-rw-r--r-- | app-forensics/Manifest.gz | bin | 5056 -> 5053 bytes | |||
-rw-r--r-- | app-forensics/sleuthkit/Manifest | 7 | ||||
-rw-r--r-- | app-forensics/sleuthkit/files/sleuthkit-4.6.4-CVE-2018-19497-backport.patch | 83 | ||||
-rw-r--r-- | app-forensics/sleuthkit/sleuthkit-4.6.0.ebuild | 227 | ||||
-rw-r--r-- | app-forensics/sleuthkit/sleuthkit-4.6.5.ebuild (renamed from app-forensics/sleuthkit/sleuthkit-4.6.4-r1.ebuild) | 3 |
5 files changed, 3 insertions, 317 deletions
diff --git a/app-forensics/Manifest.gz b/app-forensics/Manifest.gz Binary files differindex 9f992c822e2e..8b2b8860c9ab 100644 --- a/app-forensics/Manifest.gz +++ b/app-forensics/Manifest.gz diff --git a/app-forensics/sleuthkit/Manifest b/app-forensics/sleuthkit/Manifest index 78e833dbb6fa..5083e4a7c973 100644 --- a/app-forensics/sleuthkit/Manifest +++ b/app-forensics/sleuthkit/Manifest @@ -1,13 +1,10 @@ AUX sleuthkit-4.1.0-tools-shared-libs.patch 1678 BLAKE2B f60496480425fd78bc211a663be80db2472a9683f1ff76c747f8190d5544df532857f6e1fb4343d0405f8bf51aa7b7bf86ed55fffbeea0153341ce9f2dca077b SHA512 b559f669837194bed447ac269884ab50e6ea746aba2df799688964245c22814567871f12f96d43ba74016d5c448247b02bef5d7bdfd32fd782ef5e668686238e -AUX sleuthkit-4.6.4-CVE-2018-19497-backport.patch 3422 BLAKE2B d63b0e4ed1f369d176e4cd5ed8e02e0c69777e406d31c2e82c966f365c78bad193048a27d2d745139e239f20a5097848432a8e151b331f0efd140a3b49962aab SHA512 07cfe08d8e6dbd4162e97ed9ef0ca4dcc9240a4afe0d0e1d35aac64f87586af365fe5ff97e7a6a323cfe88b23709cf716795afb2c4a39ccef8106e03caaf43d3 AUX sleuthkit-4.6.4-default-jar-location-fix.patch 1768 BLAKE2B d9a0675223506649a5db7aa4e0ef883ecea84c8484836d2020528696f13e14bbe9334c2967c7b698126fb1cedd6a6719fbbe3fb945b4ea9b89d643a61232d5e8 SHA512 acc076ca74d3e5d7c75425292730783801a7afe858ea119186229a319ba4fd2e076c1214daca3e4aa3d5a7717c5ed08a9ca0bf11bb4dc2a04d3aad190dbf57c6 DIST SparseBitSet-1.1.jar 23706 BLAKE2B 8623a723f11f97386a108c775fefddd324997b68bea7f7ade0581ec5800bfa8d32f699ab903ad66c631b7b5c69ba1ef377243653f5044f39234dac07543eb129 SHA512 cf75431c5f705961800ce5cbca2acb9b2459eaf98ec37b5ee21c5a90d204ffb466fa25457b0560fbb024489777efbea0276201024c7b1b2853124930ac490983 DIST libewf-20130128.tar.gz 1978794 BLAKE2B e5d2bd8f4a8b878e13536b89b032d8cee6982272065b2bf325f8a811dff258264118a79496912377337ceb9ad630138b6bedb89e3c3be89a5f6a6fea85ab586b SHA512 94cdd0c3f0d8f535f3462c5adba266302f9b129abacda077ed429fa38af6862fca5a90ba2e606b78607b509769305cc6134c483c7033c20e226596cca2d42b90 DIST sleuthkit-4.5.0.tar.gz 8611141 BLAKE2B a1ae66bfcb74ce1fec24f80dfe60cd68f1de53119331c38848f7f82de8052eda49d78fdea49e42ada5843094939ef212dece42a5ceb85931a79e02adccda30e6 SHA512 911890cacca739f121681514197104cb2dc3bd219f3e068c4ce61264498c56989359976fc75172e1f456c94e4e25c6206413b0234c36e55736a577b8e664e4b3 -DIST sleuthkit-4.6.0.tar.gz 8634432 BLAKE2B b45721cdee798d84f0caa0bfe38645346539bb497f5a492c72016a6b3b0246b362ecea676a7a0e788d66cc0dc32335e719912434bd61aa205b7d51b8d4bd7c14 SHA512 dbf880e8503dccb0a686f1d9658d56e9cb40f452127f9b713cf2a4941f4083fa1cf80a886994d58421307a679242cd4ee005b3e874cf429cfb140a597a0dc739 -DIST sleuthkit-4.6.4.tar.gz 8655341 BLAKE2B 9d8a2884d1c90e9be3104221c22fdc4346c8f288a13384ef8205cea46bbda2249691b548b7d19a1b34d6d0d1fc6d5390aa0fc8c8b28ea75b53de946b62c8e25c SHA512 0dd3fc3659fd6dee49ababd8033bcc5ce218c9154b61eb072a943e8d1a96fb04dcabc85124583bc69ad0ced2609fed11812164a3db6587446255a9c507f08762 +DIST sleuthkit-4.6.5.tar.gz 8658866 BLAKE2B 29b75c96a14c5d42522e7116a80cc368c8097fa43af27c0e958215142d6ee61131c7b154fb876fa3ea9c727e8100de9bd703dfd8cef9ccce1f6602222c8470fa SHA512 ba21be166da1a7bdd197946722a1e0947f90bbb2c27d635cdfbcbc870aa42937fe6b42f432482f70a5e686942c8891d0367b5ce28615315d8905661e73aefe32 DIST sqlite-jdbc-3.8.11.jar 5131732 BLAKE2B 1a04fa9e9cb97fdddc19af2de9efa7b54c0b527642e6e325e31054e4e294e3bc6af00ea291087ed9dd26668d48dae356035fc85212c0eb81656550d552103ed0 SHA512 5f4705101992e8916e29742c560aef0d01eba9dc0d2d984b75a77e56be3c9fd20b284390fe8f9bb54bf9d1f8528c3413922684c446212ca8961ac731543fb179 EBUILD sleuthkit-4.5.0.ebuild 3948 BLAKE2B 33f4f1e2e5b1031557bc8b7c029bee10024cf32b6da46f966249aac1f476bd08bb6b721ced23ce3f289e5a666f456553f03d5977b05ff01d36d61da7bca93ed7 SHA512 a3bed0d219bf0b2768e3cacbcee2707152a5589cda3eb2810449b23fe89f21a7f8d1c237fed7e34ac2fbf249f1d2485b4b9e394a890d254c6a65793b3fac3326 -EBUILD sleuthkit-4.6.0.ebuild 5591 BLAKE2B 25556409413a14328fef21edc3e946ded7ab3debbabc2a38831d166ee888ccfab557e76ab2849f06b3a31a8a780f07270690f3ee175b721d08182e51d617e70a SHA512 150b371296332e9e9ee1430ca3de8def31f7e2d471b308c2eea80fd716676ebf814fe6a257a650f9f34bcf0eb74bdca3340572c2ee1d53251bb8bd9592ea4559 -EBUILD sleuthkit-4.6.4-r1.ebuild 6648 BLAKE2B c650b5526a90f2c9ca150566dc8f948426f47e2b1c091f6e5e8f34ef616c95605af018fc64ab96a8dd5b96dd0578642e6f45bc9ffc515958c9539adbc342f2bb SHA512 45d47d6f7f8a52dd6a12faaa561e2d99a265bb3c08ae489a8b943f653c84a19ac057d2421207f731a319604d6af965eb81d43645eb4f4e1dda66ed928690943a +EBUILD sleuthkit-4.6.5.ebuild 6591 BLAKE2B a0ab1b0e8d36a75acc9201370e130ce4301a3f968ac7d1fed43aa471c15633f6b026f9c8e260c4f39227f3dfaf51c7a2034bb0e7a34b8af1f430245456f5a78d SHA512 e0c2c4988da41d2b951c1c3a9427dee51bbb4da5e36a0e1b89e0ba299ea85654dec783b9affab4dc2dd5fdca73aec439584022af0c7694c185b1f9e5d4d14658 MISC metadata.xml 607 BLAKE2B 2c651da1253ec986eb766b6949ea9a9059d76351081e805aba5f795971bb3b9368987cc9d39fc335c1e65c12de9347471686984e2753487cafab431488762064 SHA512 2dbce141f133a9172c6ba61924a9fac2674394096063b899be5a90111a9741789e2a09aa06cc49e17a253d088d20c1ddad1c748b6e09f650131ec0f91116ae08 diff --git a/app-forensics/sleuthkit/files/sleuthkit-4.6.4-CVE-2018-19497-backport.patch b/app-forensics/sleuthkit/files/sleuthkit-4.6.4-CVE-2018-19497-backport.patch deleted file mode 100644 index 3ed904774814..000000000000 --- a/app-forensics/sleuthkit/files/sleuthkit-4.6.4-CVE-2018-19497-backport.patch +++ /dev/null @@ -1,83 +0,0 @@ -From dd679ad1d855e7f69a887eb343bb53d49dc664e7 Mon Sep 17 00:00:00 2001 -From: Jordy Zomer <zome8499@student.alfa-college.nl> -Date: Sat, 24 Nov 2018 12:19:38 +0100 -Subject: [PATCH 1/3] Fix CVE-2018-19497. - -An issue was discovered in The Sleuth Kit (TSK) through 4.6.4. -The "tsk_getu16(hfs->fs_info.endian, &rec_buf[rec_off2])" call in hfs_dir_open_meta_cb in -tsk/fs/hfs_dent.c does not properly check boundaries. This results in -a crash (SEGV on unknown address -READ memory access) -when reading too much in the destination buffer. ---- - tsk/fs/hfs.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/tsk/fs/hfs.c b/tsk/fs/hfs.c -index 00f1720b1b..0dec507165 100644 ---- a/tsk/fs/hfs.c -+++ b/tsk/fs/hfs.c -@@ -956,7 +956,8 @@ hfs_cat_traverse(HFS_INFO * hfs, - key = (hfs_btree_key_cat *) & node[rec_off]; - - keylen = 2 + tsk_getu16(hfs->fs_info.endian, key->key_len); -- if ((keylen) > nodesize) { -+ -+ if (keylen > nodesize - rec_off) { - tsk_error_set_errno(TSK_ERR_FS_GENFS); - tsk_error_set_errstr - ("hfs_cat_traverse: length of key %d in index node %d too large (%d vs %" - -From fb2bc0ad693db852fac1dcc77a072aeabe106ac8 Mon Sep 17 00:00:00 2001 -From: Jordy Zomer <zome8499@student.alfa-college.nl> -Date: Sat, 24 Nov 2018 12:37:09 +0100 -Subject: [PATCH 2/3] fix length in printf of nodesize - -Also fix the length in printf next to comit dd679ad1d855e7f69a887eb343bb53d49dc664e7 ---- - tsk/fs/hfs.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tsk/fs/hfs.c b/tsk/fs/hfs.c -index 0dec507165..4f7c0679a8 100644 ---- a/tsk/fs/hfs.c -+++ b/tsk/fs/hfs.c -@@ -961,7 +961,7 @@ hfs_cat_traverse(HFS_INFO * hfs, - tsk_error_set_errno(TSK_ERR_FS_GENFS); - tsk_error_set_errstr - ("hfs_cat_traverse: length of key %d in index node %d too large (%d vs %" -- PRIu16 ")", rec, cur_node, keylen, nodesize); -+ PRIu16 ")", rec, cur_node, keylen, nodesize - rec_off); - free(node); - return 1; - } - -From 8242588f4354339d9cb1ad82622e7c16c55391c9 Mon Sep 17 00:00:00 2001 -From: Jordy Zomer <zome8499@student.alfa-college.nl> -Date: Sat, 24 Nov 2018 12:47:23 +0100 -Subject: [PATCH 3/3] UPDATE on CVE-2018-19497. - -make it >= because if keylen == nodesize - rec_off it's already past it's destination. -Also fix the sprintf ---- - tsk/fs/hfs.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/tsk/fs/hfs.c b/tsk/fs/hfs.c -index 4f7c0679a8..bb3819ada9 100644 ---- a/tsk/fs/hfs.c -+++ b/tsk/fs/hfs.c -@@ -957,11 +957,11 @@ hfs_cat_traverse(HFS_INFO * hfs, - - keylen = 2 + tsk_getu16(hfs->fs_info.endian, key->key_len); - -- if (keylen > nodesize - rec_off) { -+ if (keylen >= nodesize - rec_off) { - tsk_error_set_errno(TSK_ERR_FS_GENFS); - tsk_error_set_errstr - ("hfs_cat_traverse: length of key %d in index node %d too large (%d vs %" -- PRIu16 ")", rec, cur_node, keylen, nodesize - rec_off); -+ PRIu16 ")", rec, cur_node, keylen, (nodesize - rec_off)); - free(node); - return 1; - } diff --git a/app-forensics/sleuthkit/sleuthkit-4.6.0.ebuild b/app-forensics/sleuthkit/sleuthkit-4.6.0.ebuild deleted file mode 100644 index 94b342435485..000000000000 --- a/app-forensics/sleuthkit/sleuthkit-4.6.0.ebuild +++ /dev/null @@ -1,227 +0,0 @@ -# Copyright 1999-2018 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -JAVA_PKG_BSFIX_NAME="build.xml build-unix.xml" -inherit autotools java-pkg-opt-2 java-ant-2 - -DESCRIPTION="A collection of file system and media management forensic analysis tools" -HOMEPAGE="https://www.sleuthkit.org/sleuthkit/" -# TODO: sqlite-jdbc does not exist in the tree, we bundle it for now -# TODO: Upstream uses a very specific version of libewf which is not in -# the tree anymore. So we statically compile and link to sleuthkit. -# Hopefully upstream will figure something out in the future. -SRC_URI="https://github.com/${PN}/${PN}/releases/download/${P}/${P}.tar.gz - java? ( http://repo1.maven.org/maven2/org/xerial/sqlite-jdbc/3.8.11/sqlite-jdbc-3.8.11.jar ) - ewf? ( https://dev.gentoo.org/~gokturk/distfiles/app-forensics/libewf/libewf-20130128.tar.gz )" - -LICENSE="BSD CPL-1.0 GPL-2+ IBM java? ( Apache-2.0 )" -SLOT="0/13" # subslot = major soname version -KEYWORDS="~amd64 ~hppa ~ppc ~x86" -IUSE="aff doc ewf java static-libs test +threads zlib" - -DEPEND=" - dev-db/sqlite:3 - dev-lang/perl:* - aff? ( app-forensics/afflib ) - ewf? ( sys-libs/zlib ) - java? ( - >=virtual/jdk-1.8:* - >=dev-java/c3p0-0.9.5:0 - >=dev-java/jdbc-postgresql-9.4:0 - ) - zlib? ( sys-libs/zlib ) -" -RDEPEND="${DEPEND} - java? ( >=virtual/jre-1.8:= ) -" -DEPEND="${DEPEND} - doc? ( app-doc/doxygen ) - test? ( >=dev-util/cppunit-1.2.1 ) -" - -PATCHES=( - "${FILESDIR}"/${PN}-4.1.0-tools-shared-libs.patch -) - -src_unpack() { - local f - - unpack ${P}.tar.gz - - # Ick, the upstream is stuck at libewf-20130128 which is - # not even in the tree anymore. So we have to bundle it. - if use ewf; then - pushd "${T}" &>/dev/null || die - unpack libewf-20130128.tar.gz - export TSK_LIBEWF_SRCDIR="${T}"/libewf-20130128 - popd &>/dev/null || die - fi - - # Copy the jar files that don't exist in the tree yet - if use java; then - TSK_JAR_DIR="${S}/bindings/java/lib" - mkdir "${TSK_JAR_DIR}" || die - for f in ${A}; do - if [[ ${f} =~ .jar$ ]]; then - cp "${DISTDIR}"/"${f}" "${TSK_JAR_DIR}" || die - fi - done - export TSK_JAR_DIR - fi -} - -src_prepare() { - if use ewf; then - # Yeah, libewf-20130128 obviously doesn't just nicely compile - sed -e 's/LIBUNA_INLINE inline/LIBUNA_INLINE/' \ - -i "${TSK_LIBEWF_SRCDIR}"/libuna/libuna_inline.h || die - fi - - if use java; then - pushd "${S}"/bindings/java &>/dev/null || die - - # Prevent "make install" from installing - # jar files under /usr/share/java - # We'll use the java eclasses for this - sed -e '/^jar_DATA/ d;' -i Makefile.am || die - - # Disable dependency retrieval using ivy - # We will handle it ourselves - sed -e '/name="compile"/ s/, retrieve-deps//' \ - -e '/name="dist-/ s/, init-ivy//g' \ - -i build.xml || die - - java-pkg-opt-2_src_prepare - - popd &>/dev/null || die - fi - - # Override the doxygen output directories - if use doc; then - sed -e "/^OUTPUT_DIRECTORY/ s|=.*$|= ${T}/doc|" \ - -i tsk/docs/Doxyfile \ - -i bindings/java/doxygen/Doxyfile || die - fi - - # It's safe to call this even after java-pkg-opt-2_src_prepare - # because future calls to eapply_user do nothing and return 0 - default - - eautoreconf -} - -tsk_compile_libewf() { - local myeconfargs=( - --prefix=/ - --libdir=/lib - --enable-static - --disable-shared - --disable-winapi - --without-libbfio - --with-zlib - --without-bzip2 - --without-libhmac - --without-openssl - --without-libuuid - --without-libfuse - ) - # We want to contain our build flags - local CFLAGS="${CFLAGS}" - local LDFLAGS="${LDFLAGS}" - - pushd "${TSK_LIBEWF_SRCDIR}" &>/dev/null || die - - # Produce relocatable code - CFLAGS+=" -fPIC" - LDFLAGS+=" -fPIC" - econf "${myeconfargs[@]}" - - # Do not waste CPU cycles on building ewftools - sed -e '/ewftools/ d' -i Makefile || die - emake - - # Only install the headers and the library - emake -C libewf DESTDIR="${T}"/image install - emake -C include DESTDIR="${T}"/image install - - popd &>/dev/null || die -} - -src_configure() { - local myeconfargs=( - $(use_enable java) - $(use_enable static-libs static) - $(use_enable threads multithreading) - $(use_with aff afflib) - $(use_with ewf libewf) - $(use_with zlib) - ) - - use ewf && tsk_compile_libewf - myeconfargs+=( $(use_with ewf libewf "${T}"/image) ) - - if use java; then - pushd "${S}"/bindings/java &>/dev/null || die - java-ant-2_src_configure - popd &>/dev/null || die - fi - - econf "${myeconfargs[@]}" -} - -src_compile() { - # Create symlinks of jars for the required dependencies - if use java; then - pushd "${S}"/bindings/java &>/dev/null || die - - java-pkg_jar-from --into "${TSK_JAR_DIR}" c3p0 - java-pkg_jar-from --into "${TSK_JAR_DIR}" jdbc-postgresql - - popd &>/dev/null || die - fi - - # Create the doc output dirs if requested - if use doc; then - mkdir -p "${T}"/doc/{api-docs,jni-docs} || die - fi - - emake all $(usex doc api-docs "") -} - -src_install() { - local f - - if use java; then - pushd "${S}"/bindings/java &>/dev/null || die - - java-pkg_dojar dist/${P}.jar - - # Install the bundled jar files - pushd "${TSK_JAR_DIR}" &>/dev/null || die - for f in *; do - # Skip the symlinks java-pkg_jar-from created - [[ -f ${f} ]] || continue - - # Strip the version numbers as per eclass recommendation - [[ ${f} =~ -([0-9].)+.jar$ ]] || continue - - java-pkg_newjar "${f}" "${f/${BASH_REMATCH[0]}/.jar}" - done - popd &>/dev/null || die - - popd &>/dev/null || die - fi - - default - - # It unconditionally builds both api and jni docs - # We install conditionally based on the provided use flags - if use doc; then - dodoc -r "${T}"/doc/api-docs - use java && dodoc -r "${T}"/doc/jni-docs - fi - - find "${D}" -name '*.la' -delete || die -} diff --git a/app-forensics/sleuthkit/sleuthkit-4.6.4-r1.ebuild b/app-forensics/sleuthkit/sleuthkit-4.6.5.ebuild index 45b8e2dd049f..7acead628b46 100644 --- a/app-forensics/sleuthkit/sleuthkit-4.6.4-r1.ebuild +++ b/app-forensics/sleuthkit/sleuthkit-4.6.5.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2018 Gentoo Authors +# Copyright 1999-2019 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=6 @@ -60,7 +60,6 @@ DEPEND="${DEPEND} PATCHES=( "${FILESDIR}"/${PN}-4.1.0-tools-shared-libs.patch "${FILESDIR}"/${PN}-4.6.4-default-jar-location-fix.patch - "${FILESDIR}"/${PN}-4.6.4-CVE-2018-19497-backport.patch ) src_unpack() { |