summaryrefslogtreecommitdiff
path: root/sys-apps/file
diff options
context:
space:
mode:
Diffstat (limited to 'sys-apps/file')
-rw-r--r--sys-apps/file/Manifest2
-rw-r--r--sys-apps/file/file-5.33-r2.ebuild127
-rw-r--r--sys-apps/file/files/file-5.33-CVE-2018-10360.patch18
3 files changed, 147 insertions, 0 deletions
diff --git a/sys-apps/file/Manifest b/sys-apps/file/Manifest
index 4727518b6fd0..a246a22a9319 100644
--- a/sys-apps/file/Manifest
+++ b/sys-apps/file/Manifest
@@ -1,6 +1,8 @@
+AUX file-5.33-CVE-2018-10360.patch 538 BLAKE2B 78c6006285e3ba254cc2dcb1196fe95217d1ccda46b3f652cbc99c9750b74a47ddbed33f01ef01e7f8c58205dd4c1f9669cb982e08679dd0b45214915883fb75 SHA512 7f6fd05fe29081039c57d22f5122364bf6ccfe869745f1306ceff13e876cb88e03263d2f11558ccbffebe227bcb9c2c6872d1fdb9b2823d16b001f6598f25c6f
DIST file-5.32.tar.gz 797025 BLAKE2B d00196a2331b7325acc1b3f52d011faa3864db526f1962e4fcb769a92a715a1ee9874750cdde8f7c5c48541ecedea36c0fbd788a5ee9eb175cfcfc984acec430 SHA512 315343229fa196335389544ee8010e9e80995ef4721938492dedcfb0465dfc45e1feb96f26dfe53cab484fb5d9bac54d2d72917fbfd28a1d998c6ad8c8f9792f
DIST file-5.33.tar.gz 817060 BLAKE2B 735f176f09085243dacaddda1b734ef2191ff1684f08022ed1874e84fd0c84679b5a765383c5c5ad27a7216abc23b9c2211fb7110846122563e18285de0f0e51 SHA512 36c9f2e2aa814b5557eef114fdd3de159688c7a3c9632a9f5c6355c4d2a5694cee81279bda80897616fca07289a7fedb1f797439a2903c76dc84870694773c9e
EBUILD file-5.32-r1.ebuild 3011 BLAKE2B 2ee0d868685cea29a4941fe9f7f2c215b015f455f0cbf735df8926c8edf275f2de1ccc950853e4cf8021d2c03f314512da4ee254fa5abcc08a65661820666e45 SHA512 78c9afc3203a567f009cb88e823a4a644c23397178926db44148ebd82ee3337899b756a2da4bb2633f158910a73594eebfb80457f9566c723f41544a70851ff3
EBUILD file-5.33-r1.ebuild 3068 BLAKE2B a2211f853b5a9457e4f514f996d186679532c82ba99b7b8111d9ef842fac2f6e228521976326550a743a41b108a9a712dafb08f4d509bfaf5d2aac10f8763ba9 SHA512 f6b5750df767de41bf0cbbfcc63984476816fc84f637f7f1e9bb2137b4df35f000ee4bbd61cb327aa45e151de493cc4b77a94b24a14544bee06d131d2ca13422
+EBUILD file-5.33-r2.ebuild 3117 BLAKE2B 6323b0e9bf96cc05efc9f1844a78f8ae0d71efbf22c815a03b5560dd44efbd3f987e6eec6221fc46fe52f47eab9de09cc97b4a80c6e16eec27c8a41c3bcbc150 SHA512 266f721aa0924e57c9457659b88359964d0841a0703ea73fc41a8e795be093fd27181c149f2e166263710c02601468828bdb923d86214492d1d2977380712bf9
EBUILD file-9999.ebuild 3141 BLAKE2B 89cee448db824b8746f088e25ae2e4e1ac6951a13b5ea925283f4395b683203a90406caa523be5e96238666b0f000288f8d46f5f867074d6e55351e703b40ff9 SHA512 733e1e18d808031be18afe662079a7f130f2cb61e6c071c00ca202d7938ea9577dbdafb99fc6d534ba84f485c1b8de645e67e1d92c1dfeb0caf645ff863857a3
MISC metadata.xml 316 BLAKE2B 475092518eaf152f7e153e84a12c7089e665a5fc089045b6fa2d452eaf726566cade92c65ef19ba5cb205e586d161e90e514b60c8587699ca5c9885565ca3b60 SHA512 8b334ba7a606600ad0548ef0ab7aa809a8fda040104d1663bfe179828a831e621128145325aba158fccf94a7f9a3ca1c9164db979a85e639403a079f0deb622a
diff --git a/sys-apps/file/file-5.33-r2.ebuild b/sys-apps/file/file-5.33-r2.ebuild
new file mode 100644
index 000000000000..6d923ebf535e
--- /dev/null
+++ b/sys-apps/file/file-5.33-r2.ebuild
@@ -0,0 +1,127 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+PYTHON_COMPAT=( python2_7 python3_{4,5,6} pypy )
+DISTUTILS_OPTIONAL=1
+
+inherit distutils-r1 libtool ltprune toolchain-funcs multilib-minimal
+
+if [[ ${PV} == "9999" ]] ; then
+ EGIT_REPO_URI="https://github.com/glensc/file.git"
+ inherit autotools git-r3
+else
+ SRC_URI="ftp://ftp.astron.com/pub/file/${P}.tar.gz"
+ KEYWORDS="~alpha amd64 ~arm ~arm64 ~hppa ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+fi
+
+DESCRIPTION="identify a file's format by scanning binary data for patterns"
+HOMEPAGE="https://www.darwinsys.com/file/"
+
+LICENSE="BSD-2"
+SLOT="0"
+IUSE="python static-libs zlib"
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
+
+DEPEND="
+ python? (
+ ${PYTHON_DEPS}
+ dev-python/setuptools[${PYTHON_USEDEP}]
+ )
+ zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] )"
+RDEPEND="${DEPEND}
+ python? ( !dev-python/python-magic )"
+
+PATCHES=( "${FILESDIR}"/${P}-CVE-2018-10360.patch )
+
+src_prepare() {
+ default
+
+ [[ ${PV} == "9999" ]] && eautoreconf
+ elibtoolize
+
+ # don't let python README kill main README #60043
+ mv python/README{,.python} || die
+}
+
+multilib_src_configure() {
+ local myeconfargs=(
+ --disable-libseccomp
+ --enable-fsect-man5
+ $(use_enable static-libs static)
+ $(use_enable zlib)
+ )
+ ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
+}
+
+src_configure() {
+ # when cross-compiling, we need to build up our own file
+ # because people often don't keep matching host/target
+ # file versions #362941
+ if tc-is-cross-compiler && ! ROOT=/ has_version ~${CATEGORY}/${P} ; then
+ mkdir -p "${WORKDIR}"/build || die
+ cd "${WORKDIR}"/build || die
+ tc-export_build_env BUILD_C{C,XX}
+ ECONF_SOURCE=${S} \
+ ac_cv_header_zlib_h=no \
+ ac_cv_lib_z_gzopen=no \
+ CHOST=${CBUILD} \
+ CFLAGS=${BUILD_CFLAGS} \
+ CXXFLAGS=${BUILD_CXXFLAGS} \
+ CPPFLAGS=${BUILD_CPPFLAGS} \
+ LDFLAGS="${BUILD_LDFLAGS} -static" \
+ CC=${BUILD_CC} \
+ CXX=${BUILD_CXX} \
+ econf --disable-shared --disable-libseccomp
+ fi
+
+ multilib-minimal_src_configure
+}
+
+multilib_src_compile() {
+ if multilib_is_native_abi ; then
+ emake
+ else
+ cd src || die
+ emake magic.h #586444
+ emake libmagic.la
+ fi
+}
+
+src_compile() {
+ if tc-is-cross-compiler && ! ROOT=/ has_version "~${CATEGORY}/${P}" ; then
+ emake -C "${WORKDIR}"/build/src magic.h #586444
+ emake -C "${WORKDIR}"/build/src file
+ PATH="${WORKDIR}/build/src:${PATH}"
+ fi
+ multilib-minimal_src_compile
+
+ if use python ; then
+ cd python || die
+ distutils-r1_src_compile
+ fi
+}
+
+multilib_src_install() {
+ if multilib_is_native_abi ; then
+ default
+ else
+ emake -C src install-{nodist_includeHEADERS,libLTLIBRARIES} DESTDIR="${D}"
+ fi
+}
+
+multilib_src_install_all() {
+ dodoc ChangeLog MAINT README
+
+ # Required for `file -C`
+ dodir /usr/share/misc/magic
+ insinto /usr/share/misc/magic
+ doins -r magic/Magdir/*
+
+ if use python ; then
+ cd python || die
+ distutils-r1_src_install
+ fi
+ prune_libtool_files
+}
diff --git a/sys-apps/file/files/file-5.33-CVE-2018-10360.patch b/sys-apps/file/files/file-5.33-CVE-2018-10360.patch
new file mode 100644
index 000000000000..a489846b10f8
--- /dev/null
+++ b/sys-apps/file/files/file-5.33-CVE-2018-10360.patch
@@ -0,0 +1,18 @@
+Avoid reading past the end of buffer
+
+CVE-2018-10360
+
+https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22
+
+--- a/src/readelf.c
++++ b/src/readelf.c
+@@ -842,7 +842,8 @@ do_core_note(struct magic_set *ms, unsigned char *nbuf, uint32_t type,
+
+ cname = (unsigned char *)
+ &nbuf[doff + prpsoffsets(i)];
+- for (cp = cname; *cp && isprint(*cp); cp++)
++ for (cp = cname; cp < nbuf + size && *cp
++ && isprint(*cp); cp++)
+ continue;
+ /*
+ * Linux apparently appends a space at the end
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-01 09:23:35 +0000