From 76dfef0cec9170000357d2f354e412daf48941fc Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@redcorelinux.org>
Date: Sat, 30 Dec 2017 01:11:30 +0000
Subject: gentoo resync : 30.12.2017

---
 app-arch/rzip/Manifest                           |  3 +-
 app-arch/rzip/files/rzip-2.1-CVE-2017-8364.patch | 33 +++++++++++++++++++
 app-arch/rzip/rzip-2.1-r2.ebuild                 | 38 ----------------------
 app-arch/rzip/rzip-2.1-r3.ebuild                 | 41 ++++++++++++++++++++++++
 4 files changed, 76 insertions(+), 39 deletions(-)
 create mode 100644 app-arch/rzip/files/rzip-2.1-CVE-2017-8364.patch
 delete mode 100644 app-arch/rzip/rzip-2.1-r2.ebuild
 create mode 100644 app-arch/rzip/rzip-2.1-r3.ebuild

(limited to 'app-arch/rzip')

diff --git a/app-arch/rzip/Manifest b/app-arch/rzip/Manifest
index 4cef3d7cfd4d..4cc217a623a4 100644
--- a/app-arch/rzip/Manifest
+++ b/app-arch/rzip/Manifest
@@ -1,4 +1,5 @@
+AUX rzip-2.1-CVE-2017-8364.patch 1006 BLAKE2B dc84fc222e5fcf1c0e5a37eda05bfb136b9603eb3c510edabd91bfc639b2c4a9f9956ce8cf152c94fb255c1b749a5eb8dfd0d13f65a2a4682a008f6fc236ab4d SHA512 18f594eca2f805770dad7569ad8cffbb934e74b85b04cc91cbcbb04fbc936529f68121504c50b037cfb848e9ba90131a5b35a1d236f0c1453d55fd8b415a7ed6
 AUX rzip-2.1-darwin.patch 4829 BLAKE2B 7e6cd7273573517aa29e73f0556e6b33d4386d71872d643d448859a48308b8fcd59b1a2c6749117e39c8184ac4239053a97757b2e4e821b7b9e7232e99af2120 SHA512 a3cd2c98a486626767eacd5a949ecf1f328f11bd663a1f4b9f758314dde709e9fd73fb1239dec8737d4511f61225f47682b610b9a2609646613a774d6f6ad5f8
 DIST rzip-2.1.tar.gz 46785 BLAKE2B da38d7ae74149824dd33f3ecb1a7f6f63d63a8ee54c57565e4edc5915b503882d4de20b19c22228e8d3fc698477b6c8f095c2a399d442101a83ee66f4bfbcc63 SHA512 06ed760ba2b7f09781a2e9312b645d41c145f96e3ee55ddf573714493e92466366ec6394267e5e06b0d8c42dcb67e1ae99dafa417a84737ce2b4a650a9059a6f
-EBUILD rzip-2.1-r2.ebuild 1076 BLAKE2B 0372dbdd2e76d788565a36b3a8551ed1c285b36b6e3730dc0f28661db1e2491b3a321cd3aa78563c17475420008e8a700ccf54b47d0e88053c0bee7ba021b80f SHA512 edac7b942f7778fc54726abfa63995fa6fe5d80d074ed67cfc45722cf893671c692bf389a5af4d1bf0f5419c44afbffa03211dd42261224b32d5b7d2b0320821
+EBUILD rzip-2.1-r3.ebuild 1098 BLAKE2B 1e460e70954a817ddb95638de32d3333079741a6101c33f55c0b5dd16911343253ecdf3e6e41ad18f7ddd4ba1ca2593d4c476a5475aadf320086457b79deeeb2 SHA512 a3789a90c00622d6e2d9c54bdee2a3b9c69a18cb9d266d150088dee340062f243af38056f767c6cfc094e6f6c537dbcb7c1974a8816075c9045b94b8ef0eed39
 MISC metadata.xml 166 BLAKE2B c254f1fb642881aba57637be14fb0a89b10384f91a128feaec3a8c870d76efc2cbacb92caccc0dee2dd19a5ac5eaf8643080dafa05c4e2ac96a68568927e5afd SHA512 a56648c974a1d14dd4c18237532773c72057a13ab90c58b5da04f185e3c12a8bd8d5c21fb06053507f31766291a82dc7d87b34cd65fd94cfe2af7295c813ef84
diff --git a/app-arch/rzip/files/rzip-2.1-CVE-2017-8364.patch b/app-arch/rzip/files/rzip-2.1-CVE-2017-8364.patch
new file mode 100644
index 000000000000..3c65e6f1939d
--- /dev/null
+++ b/app-arch/rzip/files/rzip-2.1-CVE-2017-8364.patch
@@ -0,0 +1,33 @@
+Index: rzip-2.1/stream.c
+===================================================================
+--- rzip-2.1.orig/stream.c
++++ rzip-2.1/stream.c
+@@ -147,16 +147,16 @@ static int write_u32(int f, u32 v)
+ 	return 0;
+ }
+ 
+-static int read_buf(int f, uchar *p, int len)
++static int read_buf(int f, uchar *p, unsigned int len)
+ {
+ 	int ret;
+ 	ret = read(f, p, len);
+ 	if (ret == -1) {
+-		err_msg("Read of length %d failed - %s\n", len, strerror(errno));
++		err_msg("Read of length %u failed - %s\n", len, strerror(errno));
+ 		return -1;
+ 	}
+ 	if (ret != len) {
+-		err_msg("Partial read!? asked for %d bytes but got %d\n", len, ret);
++		err_msg("Partial read!? asked for %u bytes but got %d\n", len, ret);
+ 		return -1;
+ 	}
+ 	return 0;
+@@ -399,7 +399,7 @@ static int fill_buffer(struct stream_inf
+ 	if (sinfo->s[stream].buf) {
+ 		free(sinfo->s[stream].buf);
+ 	}
+-	sinfo->s[stream].buf = malloc(u_len);
++	sinfo->s[stream].buf = malloc(c_len > u_len ? c_len : u_len);
+ 	if (!sinfo->s[stream].buf) {
+ 		return -1;
+ 	}
diff --git a/app-arch/rzip/rzip-2.1-r2.ebuild b/app-arch/rzip/rzip-2.1-r2.ebuild
deleted file mode 100644
index 1c8043ac3fb6..000000000000
--- a/app-arch/rzip/rzip-2.1-r2.ebuild
+++ /dev/null
@@ -1,38 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="2"
-
-inherit autotools eutils
-
-DESCRIPTION="Compression program for large files"
-HOMEPAGE="https://rzip.samba.org/"
-SRC_URI="https://rzip.samba.org/ftp/rzip/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="amd64 hppa ~ppc ~ppc64 ~sparc x86 ~amd64-linux ~x86-linux ~ppc-macos"
-IUSE=""
-
-DEPEND="app-arch/bzip2"
-
-src_prepare() {
-	epatch "${FILESDIR}"/${PN}-2.1-darwin.patch
-	eautoreconf
-}
-
-src_install() {
-	emake DESTDIR="${D}" install || die "emake install failed."
-}
-
-pkg_postinst() {
-	ewarn "Warning: Gentoo shipped a broken rzip for quite some time. During"
-	ewarn "compression of large files it didn't set the right file size, so"
-	ewarn "if you have any reason to believe that your archive was compressed "
-	ewarn "with an old Gentoo rzip, please refer to "
-	ewarn "     https://bugs.gentoo.org/show_bug.cgi?id=217552 "
-	ewarn "for the rzip-handle-broken-archive.patch patch to rescue your"
-	ewarn "data."
-	ewarn
-	ewarn "We apologize for the inconvenience."
-}
diff --git a/app-arch/rzip/rzip-2.1-r3.ebuild b/app-arch/rzip/rzip-2.1-r3.ebuild
new file mode 100644
index 000000000000..915c6deeef2b
--- /dev/null
+++ b/app-arch/rzip/rzip-2.1-r3.ebuild
@@ -0,0 +1,41 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit autotools
+
+DESCRIPTION="Compression program for large files"
+HOMEPAGE="https://rzip.samba.org/"
+SRC_URI="https://rzip.samba.org/ftp/rzip/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 hppa ~ppc ~ppc64 ~sparc x86 ~amd64-linux ~x86-linux ~ppc-macos"
+IUSE=""
+
+RDEPEND="app-arch/bzip2:="
+DEPEND="${DEPEND}"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-2.1-darwin.patch
+	"${FILESDIR}"/${PN}-2.1-CVE-2017-8364.patch
+)
+
+src_prepare() {
+	default
+	mv configure.{in,ac} || die
+	eautoreconf
+}
+
+pkg_postinst() {
+	ewarn "Warning: Gentoo shipped a broken rzip for quite some time. During"
+	ewarn "compression of large files it didn't set the right file size, so"
+	ewarn "if you have any reason to believe that your archive was compressed "
+	ewarn "with an old Gentoo rzip, please refer to "
+	ewarn "     https://bugs.gentoo.org/show_bug.cgi?id=217552 "
+	ewarn "for the rzip-handle-broken-archive.patch patch to rescue your"
+	ewarn "data."
+	ewarn
+	ewarn "We apologize for the inconvenience."
+}
-- 
cgit v1.2.3