summaryrefslogtreecommitdiff
path: root/dev-libs/libzip
diff options
context:
space:
mode:
Diffstat (limited to 'dev-libs/libzip')
-rw-r--r--dev-libs/libzip/Manifest13
-rw-r--r--dev-libs/libzip/files/libzip-1.2.0-CVE-2017-12858.patch37
-rw-r--r--dev-libs/libzip/files/libzip-1.2.0-CVE-2017-14107.patch27
-rw-r--r--dev-libs/libzip/files/libzip-1.2.0-fts.patch11
-rw-r--r--dev-libs/libzip/files/libzip-1.2.0-headers.patch12
-rw-r--r--dev-libs/libzip/libzip-1.2.0-r1.ebuild40
-rw-r--r--dev-libs/libzip/libzip-1.2.0-r2.ebuild41
-rw-r--r--dev-libs/libzip/libzip-1.2.0.ebuild39
-rw-r--r--dev-libs/libzip/libzip-1.3.0.ebuild48
-rw-r--r--dev-libs/libzip/metadata.xml12
10 files changed, 280 insertions, 0 deletions
diff --git a/dev-libs/libzip/Manifest b/dev-libs/libzip/Manifest
new file mode 100644
index 000000000000..fc1c65665ba2
--- /dev/null
+++ b/dev-libs/libzip/Manifest
@@ -0,0 +1,13 @@
+AUX libzip-1.2.0-CVE-2017-12858.patch 1114 SHA256 c68edeac709c69e67ab94117ce98115d961cbbc1dd0311a133398bdaef79591c SHA512 f79af2fc90c35aae5586496ae06552762b7bbcfcb358df656f2cba21e3bb1ce1c63781cad3fc56f1e438099fbcb1b4692d14203d434d8f7150d78819e21c1127 WHIRLPOOL 7a13a95c5c18ade2d6f8c99d7577161a13c542add5d919a3b9f2667607193d7a5cf853036341e91abd98c6b624d16f380c63370ea9300484f379761d52ec9dd4
+AUX libzip-1.2.0-CVE-2017-14107.patch 967 SHA256 74753366f1b3f76228ae6c7b986eec53fa66186bd2f2093e292f2abb4ed95583 SHA512 ca7123edd1016e5f63922676a826a699cc392ddc634a0efb97d2c66fa8e689ec1cda4482473284d508571b16b03d28f4bae6b44c377b9b69e6e6142ce8dda1be WHIRLPOOL c63a7f7ecd29ae100c81378704d89ef6780fb8097715852924157e441be10364091fd68b742554895f7ba0711beb0feeb103aaafc778b72b0a178c171f8cde60
+AUX libzip-1.2.0-fts.patch 393 SHA256 7c63adb61afda45105bb948f32dee94ba2981e66887236b195c5b93bcbec57ff SHA512 ae3fbad5122a6d4089db1bdfaa11882e5e5f5b7f17d13dc24b17c178236167ce364efbe87ef28970ddd5fa262fd8dc48b5a92e091a365ff92e39254319f79a89 WHIRLPOOL 84de688481e3cf56ef7830dd86e32735b355d692d9c9ad140f07f56f5af4ec132a0c437f258bcbaf4bc78bb9b6c29f833e90bf3534d07bcca119931170948398
+AUX libzip-1.2.0-headers.patch 341 SHA256 08c2c3b24a4eb2050f5e3ce03d0f84baa25801669db5d1917e9e1aae0f75e687 SHA512 25a54a4901e45d78263c35ea788c9ae84760c4e2cbb7e09f0dd33b35eefb47165a1788ab33a7f306d112ffdfa35a3f3ab65c1f50463d5a30ffd265a2be6208f9 WHIRLPOOL 359f3820ac71295eea0be7e2681b539f4f41e6e306a99ba49b153f349e5670f903dfe2d771591c8fa5a1c3935871fc931c263d8ba1e100cdb7b32658b384e4d8
+DIST libzip-1.2.0.tar.xz 938284 SHA256 ffc0764395fba3d45dc5a6e32282788854618b9e9838337f8218b596007f1376 SHA512 1ba8626d72e6b47f735568afaf007d1e18beb3ebedf6b69a6b575f9e04d3b84550371191a89be153f8fcedb4a8eac2f996e141da95cdbb52380b6283cc99cf8b WHIRLPOOL 794a462fc4d1529008fccbe6df41c5616b34712ef34721e0cbe555aa12ada7928d22f6e9421de210efdf7b460188a4d6a9a6e53fc0266bcf52d47d6a7e30a5f6
+DIST libzip-1.3.0.tar.xz 955876 SHA256 aa936efe34911be7acac2ab07fb5c8efa53ed9bb4d44ad1fe8bff19630e0d373 SHA512 8e12a23fe62b993ff4592e1b9da152533a363b0603fc1f65e6cbb6121d4260c45f98171effbccb76dec4030b0fcdcd273919755a2496ab462431646ac83bb900 WHIRLPOOL eca44e4c7e3a09d90f7a9c694de01c97fdc97ce7989bd8ccf9acb8e33e10145f6860c4dd5bb282d2ab0a708d9ddb6b7ecde88bf5276365179057c02f534e182d
+EBUILD libzip-1.2.0-r1.ebuild 881 SHA256 e63e661b728479000058d36d6241b377ffb12717d93f98fa624eadd35e64914c SHA512 4c4fa54a34f14c9c17ecca101f73df74299eef020e64799f3bcd71f34b9db50d54d233ac64aa9f003e49d6df2432785c9c1802977320c607d2f3f837c0935010 WHIRLPOOL 048118656d2c2d9a566cdb8a99f3912869ab51f91e573a89200876f4c6a3cb212a08f5f349aa361c0bf52d3ffed5ffed388245c7b188807c2ac9b6b5e0751eb1
+EBUILD libzip-1.2.0-r2.ebuild 920 SHA256 8a2ca325b548e66b830f8c7446de97fe5f90ccefb79651dd63ff034a98ff51cf SHA512 9c08d7821ed48459105151ba0003e1371b856b30b5d71e23ff4a71e4671af7cadcb2a289015c9ef39cf4382c2a74791c0e7ce5867499f65671ca2e1662c939e7 WHIRLPOOL 3c01823e370f18f7763525ad42c12edc788e7e5ef9592e708e4a1e95371db749dafae29baa1ee3ba932983ffa6ad1265d547579b6299ed83c6982703746c41d3
+EBUILD libzip-1.2.0.ebuild 833 SHA256 a371a41b26f0c5c9f07ab28239d71fdf0bfe5b636c82c87f01354253d2fd5dd4 SHA512 29ea3d528b6f212813a393fbc9f1ec0407aa57055e2efaa90ea19392584d0b510e30c14b8654d8d89ef713d0936a31db881a876005dc9df1bf22ace6fc5d7b03 WHIRLPOOL 57e985367e2f12fb9c1958497f0d8b74cc50eb05ba4183e95daa0deef1a756cc8b35572f6a9f6a9f77974e93e8814954b721144aae536ec7f28cee80bed19617
+EBUILD libzip-1.3.0.ebuild 1035 SHA256 db633d4eddd7ddcd1d29a441b3cc97f1d687797ac24be72984d63498cafb6955 SHA512 12c45fd0bf3958e8bfad3368ca14b7534b53138398d06330ab303665f9320f938e3b34aa589eaa5d646b52a984e7cd61acc30d7ff44d7a70afe088daa73bdb2c WHIRLPOOL 0caf148d65cd20fa8f69f28dc6a521669ef6f6a1ee845a9e88ae3060a592a7a74d150d5957472119acdb13ccece3f7b575d2bae71553f42375d96feee3bd7e33
+MISC ChangeLog 3669 SHA256 135911502b4bc23d3d368b709c273cf03a532ed34e988d07b6e55f53e52ba0e7 SHA512 ed316b1a3789ba998885c080996513c01dd929299195bf22ac3209bbdb3d86ba9b32fada27d631adb49ffe82c412771b81f1ce15b00be5ff31d8b7b425acb3d6 WHIRLPOOL e3a08a5c325d64911f7acbdd92105960f52607478ad4a5e9a9cfd320eb520415574f475b875ec249eb29b30ac352c3e6afb913836124dec77f4c8b7619f35c30
+MISC ChangeLog-2015 10946 SHA256 b7631a82f738eb83c6fbb463d673e7446b99d1119347eadb5e20b393e6481c25 SHA512 e1fcbe88fbfcb1fa7b600cb069160b81295433a0d1ffe566d8a39d4bef69ef80947bccead3fcc49a753e2a46d6b4fc79a6cd345f338229086240d86fed69b01d WHIRLPOOL 1737a7e0c371a8fbe7c3d5e593c58899a43f0a79353ba76dc0188ad5cfd568a4d876205787b4fc51792e9307a2c7de99daef40899ee1de23dfbd9bce17a13ee1
+MISC metadata.xml 350 SHA256 b6b15cc99da47d9919708f4b1c1c56fefe6114610ddee8fe46bb489ae8efc175 SHA512 8a4e76c7530802e09662da3b6e5131baa2d58bd657f69c776e48e18fd93d3db6262d06916ce86d28b5685bb2be74e1357e1a9eb1764e524ca95887c35e4ed401 WHIRLPOOL 2278e0eb621803ddc76352d3b37f26f347182bc21a0e1aea4d310f6869e48f483bbb73c1cc26a09023ba6fa66ad49d4805cf360cdb9cb8e403f1f08cf8d72256
diff --git a/dev-libs/libzip/files/libzip-1.2.0-CVE-2017-12858.patch b/dev-libs/libzip/files/libzip-1.2.0-CVE-2017-12858.patch
new file mode 100644
index 000000000000..26236510fee8
--- /dev/null
+++ b/dev-libs/libzip/files/libzip-1.2.0-CVE-2017-12858.patch
@@ -0,0 +1,37 @@
+From 2217022b7d1142738656d891e00b3d2d9179b796 Mon Sep 17 00:00:00 2001
+From: Thomas Klausner <tk@giga.or.at>
+Date: Mon, 14 Aug 2017 10:55:44 +0200
+Subject: [PATCH] Fix double free().
+
+Found by Brian 'geeknik' Carpenter using AFL.
+---
+ THANKS | 1 +
+ lib/zip_dirent.c | 3 ---
+ 2 files changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/THANKS b/THANKS
+index be0cca9..a80ee1d 100644
+--- a/THANKS
++++ b/THANKS
+@@ -12,6 +12,7 @@ BALATON Zoltan <balaton@eik.bme.hu>
+ Benjamin Gilbert <bgilbert@backtick.net>
+ Boaz Stolk <bstolk@aweta.nl>
+ Bogdan <bogiebog@gmail.com>
++Brian 'geeknik' Carpenter <geeknik@protonmail.ch>
+ Chris Nehren <cnehren+libzip@pobox.com>
+ Coverity <info@coverity.com>
+ Dane Springmeyer <dane.springmeyer@gmail.com>
+diff --git a/lib/zip_dirent.c b/lib/zip_dirent.c
+index a369900..e5a7cc9 100644
+--- a/lib/zip_dirent.c
++++ b/lib/zip_dirent.c
+@@ -579,9 +579,6 @@ _zip_dirent_read(zip_dirent_t *zde, zip_source_t *src, zip_buffer_t *buffer, boo
+ }
+
+ if (!_zip_dirent_process_winzip_aes(zde, error)) {
+- if (!from_buffer) {
+- _zip_buffer_free(buffer);
+- }
+ return -1;
+ }
+
diff --git a/dev-libs/libzip/files/libzip-1.2.0-CVE-2017-14107.patch b/dev-libs/libzip/files/libzip-1.2.0-CVE-2017-14107.patch
new file mode 100644
index 000000000000..3d1f9a0aabc3
--- /dev/null
+++ b/dev-libs/libzip/files/libzip-1.2.0-CVE-2017-14107.patch
@@ -0,0 +1,27 @@
+From 9b46957ec98d85a572e9ef98301247f39338a3b5 Mon Sep 17 00:00:00 2001
+From: Thomas Klausner <tk@giga.or.at>
+Date: Tue, 29 Aug 2017 10:25:03 +0200
+Subject: [PATCH] Make eocd checks more consistent between zip and zip64 cases.
+
+---
+ lib/zip_open.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/lib/zip_open.c b/lib/zip_open.c
+index 3bd593b..9d3a4cb 100644
+--- a/lib/zip_open.c
++++ b/lib/zip_open.c
+@@ -847,7 +847,12 @@ _zip_read_eocd64(zip_source_t *src, zip_buffer_t *buffer, zip_uint64_t buf_offse
+ zip_error_set(error, ZIP_ER_SEEK, EFBIG);
+ return NULL;
+ }
+- if ((flags & ZIP_CHECKCONS) && offset+size != eocd_offset) {
++ if (offset+size > buf_offset + eocd_offset) {
++ /* cdir spans past EOCD record */
++ zip_error_set(error, ZIP_ER_INCONS, 0);
++ return NULL;
++ }
++ if ((flags & ZIP_CHECKCONS) && offset+size != buf_offset + eocd_offset) {
+ zip_error_set(error, ZIP_ER_INCONS, 0);
+ return NULL;
+ }
diff --git a/dev-libs/libzip/files/libzip-1.2.0-fts.patch b/dev-libs/libzip/files/libzip-1.2.0-fts.patch
new file mode 100644
index 000000000000..bd9bf232c0a8
--- /dev/null
+++ b/dev-libs/libzip/files/libzip-1.2.0-fts.patch
@@ -0,0 +1,11 @@
+--- a/configure.ac 2016-05-28 10:35:31.000000000 +0100
++++ b/configure.ac 2017-02-25 23:34:22.309684397 +0100
+@@ -65,6 +65,8 @@
+ AC_DEFINE([HAVE___PROGNAME], [1], [Define if libc defines __progname])
+ fi
+
++AC_SEARCH_LIBS(fts_open, fts)
++
+ AC_CACHE_CHECK([whether we are building for a Win32 host], [ac_cv_win32_host],
+ AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#ifdef _WIN32
+ choke me
diff --git a/dev-libs/libzip/files/libzip-1.2.0-headers.patch b/dev-libs/libzip/files/libzip-1.2.0-headers.patch
new file mode 100644
index 000000000000..f1a6d5d0819d
--- /dev/null
+++ b/dev-libs/libzip/files/libzip-1.2.0-headers.patch
@@ -0,0 +1,12 @@
+--- a/lib/Makefile.am
++++ b/lib/Makefile.am
+@@ -3,8 +3,7 @@
+
+ lib_LTLIBRARIES = libzip.la
+ noinst_HEADERS = zipint.h gladman-fcrypt.h
+-include_HEADERS = zip.h
+-nodist_libinclude_HEADERS = zipconf.h
++include_HEADERS = zip.h zipconf.h
+
+ # also update CMakeLists.txt when changing version
+ libzip_la_LDFLAGS=-no-undefined -version-info 3:0:1
diff --git a/dev-libs/libzip/libzip-1.2.0-r1.ebuild b/dev-libs/libzip/libzip-1.2.0-r1.ebuild
new file mode 100644
index 000000000000..61f933dcd36c
--- /dev/null
+++ b/dev-libs/libzip/libzip-1.2.0-r1.ebuild
@@ -0,0 +1,40 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit autotools
+
+DESCRIPTION="Library for manipulating zip archives"
+HOMEPAGE="http://www.nih.at/libzip/"
+SRC_URI="http://www.nih.at/libzip/${P}.tar.xz"
+
+LICENSE="BSD"
+SLOT="0/5"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~x86-macos"
+IUSE="static-libs"
+
+RDEPEND="
+ sys-libs/zlib
+ elibc_musl? ( sys-libs/fts-standalone )
+"
+DEPEND="${RDEPEND}"
+
+DOCS=( AUTHORS NEWS.md API-CHANGES THANKS )
+
+PATCHES=(
+ "${FILESDIR}/${P}-headers.patch"
+ "${FILESDIR}/${P}-fts.patch"
+ "${FILESDIR}/${P}-CVE-2017-12858.patch"
+)
+
+src_prepare() {
+ default
+ eautoreconf
+}
+
+src_install() {
+ default
+ use static-libs || rm "${ED%/}"/usr/$(get_libdir)/libzip.a || die
+ find "${D}" -name '*.la' -delete || die
+}
diff --git a/dev-libs/libzip/libzip-1.2.0-r2.ebuild b/dev-libs/libzip/libzip-1.2.0-r2.ebuild
new file mode 100644
index 000000000000..524782f42c3f
--- /dev/null
+++ b/dev-libs/libzip/libzip-1.2.0-r2.ebuild
@@ -0,0 +1,41 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit autotools
+
+DESCRIPTION="Library for manipulating zip archives"
+HOMEPAGE="https://nih.at/libzip/"
+SRC_URI="https://www.nih.at/libzip/${P}.tar.xz"
+
+LICENSE="BSD"
+SLOT="0/5"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~x86-macos"
+IUSE="static-libs"
+
+RDEPEND="
+ sys-libs/zlib
+ elibc_musl? ( sys-libs/fts-standalone )
+"
+DEPEND="${RDEPEND}"
+
+DOCS=( AUTHORS NEWS.md API-CHANGES THANKS )
+
+PATCHES=(
+ "${FILESDIR}/${P}-headers.patch"
+ "${FILESDIR}/${P}-fts.patch"
+ "${FILESDIR}/${P}-CVE-2017-12858.patch"
+ "${FILESDIR}/${P}-CVE-2017-14107.patch"
+)
+
+src_prepare() {
+ default
+ eautoreconf
+}
+
+src_install() {
+ default
+ use static-libs || rm "${ED%/}"/usr/$(get_libdir)/libzip.a || die
+ find "${D}" -name '*.la' -delete || die
+}
diff --git a/dev-libs/libzip/libzip-1.2.0.ebuild b/dev-libs/libzip/libzip-1.2.0.ebuild
new file mode 100644
index 000000000000..d51ce7650816
--- /dev/null
+++ b/dev-libs/libzip/libzip-1.2.0.ebuild
@@ -0,0 +1,39 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit autotools
+
+DESCRIPTION="Library for manipulating zip archives"
+HOMEPAGE="http://www.nih.at/libzip/"
+SRC_URI="http://www.nih.at/libzip/${P}.tar.xz"
+
+LICENSE="BSD"
+SLOT="0/5"
+KEYWORDS="alpha amd64 ~arm ~arm64 ~hppa ia64 ~mips ppc ppc64 sparc x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~x86-macos"
+IUSE="static-libs"
+
+RDEPEND="
+ sys-libs/zlib
+ elibc_musl? ( sys-libs/fts-standalone )
+"
+DEPEND="${RDEPEND}"
+
+DOCS=( AUTHORS NEWS.md API-CHANGES THANKS )
+
+PATCHES=(
+ "${FILESDIR}/${P}-headers.patch"
+ "${FILESDIR}/${P}-fts.patch"
+)
+
+src_prepare() {
+ default
+ eautoreconf
+}
+
+src_install() {
+ default
+ use static-libs || rm "${ED%/}"/usr/$(get_libdir)/libzip.a || die
+ find "${D}" -name '*.la' -delete || die
+}
diff --git a/dev-libs/libzip/libzip-1.3.0.ebuild b/dev-libs/libzip/libzip-1.3.0.ebuild
new file mode 100644
index 000000000000..7b78428aaf6b
--- /dev/null
+++ b/dev-libs/libzip/libzip-1.3.0.ebuild
@@ -0,0 +1,48 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit autotools
+
+DESCRIPTION="Library for manipulating zip archives"
+HOMEPAGE="https://nih.at/libzip/"
+SRC_URI="https://www.nih.at/libzip/${P}.tar.xz"
+
+LICENSE="BSD"
+SLOT="0/5"
+KEYWORDS="~alpha amd64 ~arm ~arm64 ~hppa ia64 ~mips ppc ppc64 ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~x86-macos"
+IUSE="bzip2 static-libs"
+
+RDEPEND="
+ sys-libs/zlib
+ bzip2? ( app-arch/bzip2 )
+ elibc_musl? ( sys-libs/fts-standalone )
+"
+DEPEND="${RDEPEND}"
+
+DOCS=( AUTHORS NEWS.md API-CHANGES THANKS )
+
+PATCHES=(
+ "${FILESDIR}/${PN}-1.2.0-headers.patch"
+ "${FILESDIR}/${PN}-1.2.0-fts.patch"
+)
+
+src_prepare() {
+ default
+
+ # fails in portage build only
+ sed -i -e "/encryption-nonrandom-aes.*.test/d" regress/Makefile.am || die
+
+ eautoreconf
+}
+
+src_configure() {
+ econf $(use_with bzip2)
+}
+
+src_install() {
+ default
+ use static-libs || rm "${ED%/}"/usr/$(get_libdir)/libzip.a || die
+ find "${D}" -name '*.la' -delete || die
+}
diff --git a/dev-libs/libzip/metadata.xml b/dev-libs/libzip/metadata.xml
new file mode 100644
index 000000000000..12dd2df42ad5
--- /dev/null
+++ b/dev-libs/libzip/metadata.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<maintainer type="person">
+ <email>creffett@gentoo.org</email>
+ <name>Chris Reffett</name>
+</maintainer>
+<maintainer type="project">
+ <email>kde@gentoo.org</email>
+ <name>Gentoo KDE Project</name>
+</maintainer>
+</pkgmetadata>
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-30 17:15:51 +0000