From 89c6c06b8c42107dd231687a1012354e7d3039fc Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@redcorelinux.org>
Date: Sun, 26 Nov 2017 11:42:28 +0000
Subject: gentoo resync : 26.11.2017

---
 net-libs/ldns/Manifest                             |  16 +--
 .../ldns/files/ldns-1.7.0-CVE-2017-1000231.patch   |  15 +++
 .../ldns/files/ldns-1.7.0-CVE-2017-1000232.patch   |  17 ++++
 net-libs/ldns/ldns-1.7.0-r1.ebuild                 | 110 +++++++++++++++++++++
 net-libs/ldns/ldns-1.7.0.ebuild                    | 105 --------------------
 5 files changed, 150 insertions(+), 113 deletions(-)
 create mode 100644 net-libs/ldns/files/ldns-1.7.0-CVE-2017-1000231.patch
 create mode 100644 net-libs/ldns/files/ldns-1.7.0-CVE-2017-1000232.patch
 create mode 100644 net-libs/ldns/ldns-1.7.0-r1.ebuild
 delete mode 100644 net-libs/ldns/ldns-1.7.0.ebuild

(limited to 'net-libs/ldns')

diff --git a/net-libs/ldns/Manifest b/net-libs/ldns/Manifest
index 2c87ef7573b7..45611d1ca2a6 100644
--- a/net-libs/ldns/Manifest
+++ b/net-libs/ldns/Manifest
@@ -1,9 +1,9 @@
-AUX ldns-1.6.17_perl522.patch 313 SHA256 85c3fed85d634d7b53b14af9c55636ac03ccd8346b05d5c60e9b86d01e5c715a SHA512 e9239eedaaa54712454133c1750da0e02b71e89df6e43fb787ac1c4c6dbe548dc7a52f7bc7632c7aa52c003a641d00616fef0bed28ecf5e27dffb56a65e48d25 WHIRLPOOL e14207e09fa9361d46abd3ce7a6fb154b02626ed805f0ac4f614576dd745af1bf120a5c103317669a3aa743d0697bbf05fa3a015cf704ec31c5a69e1da274e69
+AUX ldns-1.6.17_perl522.patch 313 BLAKE2B 2c4883a034c3c8e3570fb1db99701e82e930cb1789287d7dcb716bc594ecce8e45d1dbd30bc62f0f4a77b228ce67d14eba380261af1a5940a1f926a5a4e0857f SHA512 e9239eedaaa54712454133c1750da0e02b71e89df6e43fb787ac1c4c6dbe548dc7a52f7bc7632c7aa52c003a641d00616fef0bed28ecf5e27dffb56a65e48d25
+AUX ldns-1.7.0-CVE-2017-1000231.patch 396 BLAKE2B 60225693e684ce9b7850fa416da879b91543b08573b36eaa1da40cb26c6726930d0d0c31a68b7aa99852859ae4554cc7b111c8318ffa832c7140a1a9cae80668 SHA512 c9119730ef74aaa89a362fa5354267da7e0336873a66a9e68b1d634946ab7938ac8833a8b1dbd27d51add226008b0b9336e4e4e06f20d714b225e35cb3efcbcd
+AUX ldns-1.7.0-CVE-2017-1000232.patch 469 BLAKE2B 4e17f4d13928081cef5093b51db1b1b1f393d151a5822ad4d40f385620fd7f78168e581a6e2d50164240ffe368d4926687a860f5555432d2a9b5b389a3287ea7 SHA512 2eaddaa4ab7ecf8e54a7fef341406e1f8bdb278a2caca3d8cafdebcfc349c7e3ba1247f194a5fc0fd50074c8836f29b4e5427b2ce7c3b8513191aa1b4b08c681
 DIST ldns-1.6.17.tar.gz 1315403 SHA256 8b88e059452118e8949a2752a55ce59bc71fa5bc414103e17f5b6b06f9bcc8cd SHA512 5de42b4b8622591db51efb0956735deee9cd5e0bee12249a03b65c5b45d7c51bf9c2edb310ef9d7431af49aef77d968bfa2455a7dedfa80cde3d433436c83785 WHIRLPOOL 08c8a13df3dbeccd5dc5ceeb52730a61ab231e70a85524e826f9275bbcde6e09d6e2fc5234303a6bceb431d2b91f510140ce61a2b59d77afbb2759a0627c7cb7
-DIST ldns-1.7.0.tar.gz 1304424 SHA256 c19f5b1b4fb374cfe34f4845ea11b1e0551ddc67803bd6ddd5d2a20f0997a6cc SHA512 8a4e48bcc2a244b92447a9830b60efbb656fb7955f3559ef2eb6f8e724c4c0208776350c44ccf7dcf1ffe0b7b9d9ccc4cbddc5bc16e8888db494ab4d0bce3bd8 WHIRLPOOL 4450b94dd3e2586230f1691b626947cad7ac2031e343d1e522343570d5b713cfd4bacd52e91713139a88c2fe2406f5f42594d2da0a0474c807f47fd2e98726b1
-EBUILD ldns-1.6.17-r1.ebuild 2502 SHA256 0138a78f67f4a2835b33659233cc1788e84f84f56cd5441c412039e4cced05d5 SHA512 30aa360319dd0e9e3a4095fa988ed940a899af72b448b2d4d33fa18f57eee3557eaa20fcc4988deb7821d7ec6a12de88a9f687edb7b964883ffd51e58d14ae83 WHIRLPOOL 871c76ba78d84ed4e78430581fc5a135486247a06bf43f794f2391b3c59e1a6ce79ce1f50f99fb321cfa9d232cce930345e13f970cae6422592e644b113b11a1
-EBUILD ldns-1.6.17.ebuild 2196 SHA256 3f6f2021fdb8cf5943845b5a828f3fb697a8a57c05064950c3f9e5d4269a301a SHA512 70b0785d6380ae4ce03702a5ce396b00275e7dd1548abc96a49444a23e9e370aabc7585d5683fabfca6f512f70ce5acdb7e793d72417a451582920d1f9a7fad5 WHIRLPOOL fc9581744d3e62444473161ce61500d115cf33cb753fcae4c97840d579a20cf61c509fa26726ecfbedb1d078061d9b5bcbbaea06847be7f856c9376f7bde8444
-EBUILD ldns-1.7.0.ebuild 2508 SHA256 2a52ba3fb1d768e77467e80ed263255b658583e1ee7124e079bc2079f32275dd SHA512 b21195493edb2683f23687d6f3c9175f5b2fe2360f65f56c269f97f785f3b1c6d55e34b37199dafde606484b8215b82c98c2bc49c243e958412f115c480e7c6e WHIRLPOOL 20bf660233583e9783d1393f69aa438f854d89b515ddc13d857b91ff42c00d844e183e761d2060c67e84371e2d16c14bb9ad9cb41ac0a6040acf1e50124aeae1
-MISC ChangeLog 3159 SHA256 e2183590addb10926cb301d8881b58ca96cceac6393d6325642c11d67e41fbfd SHA512 407791c924e6678502709e430ec51e701b21f682433ea12dac9423d7c25760ff99145e9f5d859608a9b6cf015f378f0ef415a9afc05ae1d96af22211ee3ea88c WHIRLPOOL 7c5b717b3f0b9609debc037bf947a8ef5c257715285807394f090d4b855ada7896bddb73fdd045dce86b4da4ed31e7b7a61ffba266c62aaf2e5cd6358c143005
-MISC ChangeLog-2015 9504 SHA256 a893ea92ef0b9356db6c3a454e9c2324e08e4b5117ee858b0977da62d387da6a SHA512 d35b4668568fed22e1f809f29c372cfdea260fafcdcbfb2595564afb84169f6248792b49e1e0ce42b8214edcfc949a985720e6788e94fc4ea5379d163e2edb8e WHIRLPOOL 19e6c305ed9b3f138803b4ff0ce53254b32a3f208bd34819d9590b4d36a0ced94b471170a29f646804f6003cd5ed2340b5d38b9a64f2073668b43a267addd93b
-MISC metadata.xml 743 SHA256 6a2c24089662c2c80c12b0b747828d344de690108a4d4672099edd1660feb91f SHA512 b8d5c5fd107fb7dd7dc2d7d19fbb91a07a2a619b6c9ddd9146d9359c06ed96059c87d169b7c2022760e4117283372c01b6f5231edf975bbab9c72a3ee8347f35 WHIRLPOOL 5ef5f175de8397737146d78fb3dfedd192dd6b9172be488073387508c77972dec0d06dc7881c620fc736b9475ef8f9c4944ea58fa0ea0a1a1466de25ca97b835
+DIST ldns-1.7.0.tar.gz 1304424 BLAKE2B 2f37aa2d00c1d9cf18711bd4f873f4722df01c4f4d0f627e054f04b2473c0fbf19449e293a130d5c8b98dcebafeb3d7b3f5923ae0244bd80139cea77f2171e06 SHA512 8a4e48bcc2a244b92447a9830b60efbb656fb7955f3559ef2eb6f8e724c4c0208776350c44ccf7dcf1ffe0b7b9d9ccc4cbddc5bc16e8888db494ab4d0bce3bd8
+EBUILD ldns-1.6.17-r1.ebuild 2502 BLAKE2B b1b54f8308b887e0f3e06d0bdc993cc29e7dc89a660dab105b943cc125025f545796917b940861c11afd311e5c2351be8d941689c2fb2e0b2a80b684cb7ab85a SHA512 30aa360319dd0e9e3a4095fa988ed940a899af72b448b2d4d33fa18f57eee3557eaa20fcc4988deb7821d7ec6a12de88a9f687edb7b964883ffd51e58d14ae83
+EBUILD ldns-1.6.17.ebuild 2196 BLAKE2B 5edd80744d5bed7892bb56a5a80305e04780cebd8ef064f3c2f63494eb46eaba4a7580ec285cce6d32e273b3b162024a0388503364abdca6ac0dc7f9e20e6df6 SHA512 70b0785d6380ae4ce03702a5ce396b00275e7dd1548abc96a49444a23e9e370aabc7585d5683fabfca6f512f70ce5acdb7e793d72417a451582920d1f9a7fad5
+EBUILD ldns-1.7.0-r1.ebuild 2627 BLAKE2B 4ac0c275ed48430c628c56161df20de18ee2570ee42db3398e8c2d74bc4f4c81e331dc2c5d91efe058619b499ccd55c7a6e5f4d1fcc19d44d5139de36e918786 SHA512 481d5636bf8a93bceb841f0ce3e1baee9b016a6d197a673cdbe9092442063595b47846ed548bcc63d316d9cef4e6a3c569f6dd5638fbf75e672f9959e74cf9cf
+MISC metadata.xml 743 BLAKE2B 31fe371130dca55cc2950a0892ddf2e97f1c7260b57e893932c14d2af254b1c9272a678a4365762247b5fd7a6e2e6c1a58dd326f3837e0e12389bb08f493562a SHA512 b8d5c5fd107fb7dd7dc2d7d19fbb91a07a2a619b6c9ddd9146d9359c06ed96059c87d169b7c2022760e4117283372c01b6f5231edf975bbab9c72a3ee8347f35
diff --git a/net-libs/ldns/files/ldns-1.7.0-CVE-2017-1000231.patch b/net-libs/ldns/files/ldns-1.7.0-CVE-2017-1000231.patch
new file mode 100644
index 000000000000..9ff92e25c75e
--- /dev/null
+++ b/net-libs/ldns/files/ldns-1.7.0-CVE-2017-1000231.patch
@@ -0,0 +1,15 @@
+diff --git a/parse.c b/parse.c
+index e68627c..947dbb8 100644
+--- a/parse.c
++++ b/parse.c
+@@ -118,6 +118,10 @@ ldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *li
+ 			if (line_nr) {
+ 				*line_nr = *line_nr + 1;
+ 			}
++			if (limit > 0 && (i >= limit || (size_t)(t-token) >= limit)) {
++				*t = '\0';
++				return -1;
++			}
+ 			*t++ = ' ';
+ 			prev_c = c;
+			continue;
diff --git a/net-libs/ldns/files/ldns-1.7.0-CVE-2017-1000232.patch b/net-libs/ldns/files/ldns-1.7.0-CVE-2017-1000232.patch
new file mode 100644
index 000000000000..341dfa5916e4
--- /dev/null
+++ b/net-libs/ldns/files/ldns-1.7.0-CVE-2017-1000232.patch
@@ -0,0 +1,17 @@
+diff --git a/str2host.c b/str2host.c
+index b274b17..f2a317b 100644
+--- a/str2host.c
++++ b/str2host.c
+@@ -1525,8 +1525,10 @@ ldns_str2rdf_long_str(ldns_rdf **rd, const char *str)
+ 	if (! str) {
+ 		return LDNS_STATUS_SYNTAX_BAD_ESCAPE;
+ 	}
+-	length = (size_t)(dp - data);
+-
++	if (!(length = (size_t)(dp - data))) {
++		LDNS_FREE(data);
++		return LDNS_STATUS_SYNTAX_EMPTY;
++	}
+ 	/* Lose the overmeasure */
+ 	data = LDNS_XREALLOC(dp = data, uint8_t, length);
+	if (! data) {
diff --git a/net-libs/ldns/ldns-1.7.0-r1.ebuild b/net-libs/ldns/ldns-1.7.0-r1.ebuild
new file mode 100644
index 000000000000..bf79053b40bf
--- /dev/null
+++ b/net-libs/ldns/ldns-1.7.0-r1.ebuild
@@ -0,0 +1,110 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="5"
+PYTHON_COMPAT=( python2_7 )
+
+inherit eutils multilib-minimal python-single-r1
+
+DESCRIPTION="a library with the aim to simplify DNS programming in C"
+HOMEPAGE="http://www.nlnetlabs.nl/projects/ldns/"
+SRC_URI="http://www.nlnetlabs.nl/downloads/${PN}/${P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~ppc-macos ~x64-macos ~x64-solaris"
+IUSE="+dane doc +ecdsa gost libressl python +ssl static-libs vim-syntax"
+
+# configure will die if ecdsa is enabled and ssl is not
+REQUIRED_USE="ecdsa? ( ssl )
+	python? ( ${PYTHON_REQUIRED_USE} )"
+
+RDEPEND="
+	python? ( ${PYTHON_DEPS} )
+	dane? (
+		!libressl? ( >=dev-libs/openssl-1.0.1e:0[${MULTILIB_USEDEP}] )
+		libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] )
+	)
+	ecdsa? (
+		!libressl? ( >=dev-libs/openssl-1.0.1e:0[-bindist,${MULTILIB_USEDEP}] )
+		libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] )
+	)
+	gost? (
+		!libressl? ( >=dev-libs/openssl-1.0.1e:0[${MULTILIB_USEDEP}] )
+		libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] )
+	)
+	ssl? (
+		!libressl? ( >=dev-libs/openssl-1.0.1e:0[${MULTILIB_USEDEP}] )
+		libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] )
+	)
+"
+DEPEND="${RDEPEND}
+	python? ( dev-lang/swig )
+	doc? ( app-doc/doxygen )
+"
+
+RESTRICT="test" # 1.6.9 has no test directory
+
+MULTILIB_CHOST_TOOLS=(
+	/usr/bin/ldns-config
+)
+
+pkg_setup() {
+	use python && python-single-r1_pkg_setup
+}
+
+multilib_src_configure() {
+	ECONF_SOURCE=${S} \
+	econf \
+		$(use_enable static-libs static) \
+		$(use_enable ssl sha2) \
+		$(use_enable gost) \
+		$(use_enable ecdsa) \
+		$(use_enable dane) \
+		$(use_with ssl ssl "${EPREFIX}"/usr) \
+		$(multilib_native_use_with python pyldns) \
+		$(multilib_native_use_with python pyldnsx) \
+		--without-drill \
+		--without-examples \
+		--disable-dane-ta-usage \
+		--disable-rpath
+
+		# >=openssl-1.1.0 required for dane-ta
+}
+
+src_prepare() {
+	epatch "${FILESDIR}/${P}-CVE-2017-1000231.patch"
+	epatch "${FILESDIR}/${P}-CVE-2017-1000232.patch"
+}
+
+multilib_src_compile() {
+	default
+
+	if multilib_is_native_abi && use doc ; then
+		emake doxygen
+	fi
+}
+
+multilib_src_install() {
+	default
+
+	if multilib_is_native_abi && use doc ; then
+		dohtml -r doc/html/.
+	fi
+}
+
+multilib_src_install_all() {
+	dodoc Changelog README*
+
+	prune_libtool_files --modules
+	use python && python_optimize
+
+	if use vim-syntax ; then
+		insinto /usr/share/vim/vimfiles/ftdetect
+		doins libdns.vim
+	fi
+
+	einfo
+	elog "Install net-dns/ldns-utils if you want drill and examples"
+	einfo
+}
diff --git a/net-libs/ldns/ldns-1.7.0.ebuild b/net-libs/ldns/ldns-1.7.0.ebuild
deleted file mode 100644
index 5e5b25fd009c..000000000000
--- a/net-libs/ldns/ldns-1.7.0.ebuild
+++ /dev/null
@@ -1,105 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="5"
-PYTHON_COMPAT=( python2_7 )
-
-inherit eutils multilib-minimal python-single-r1
-
-DESCRIPTION="a library with the aim to simplify DNS programming in C"
-HOMEPAGE="http://www.nlnetlabs.nl/projects/ldns/"
-SRC_URI="http://www.nlnetlabs.nl/downloads/${PN}/${P}.tar.gz"
-
-LICENSE="BSD"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~ppc-macos ~x64-macos ~x64-solaris"
-IUSE="+dane doc +ecdsa gost libressl python +ssl static-libs vim-syntax"
-
-# configure will die if ecdsa is enabled and ssl is not
-REQUIRED_USE="ecdsa? ( ssl )
-	python? ( ${PYTHON_REQUIRED_USE} )"
-
-RDEPEND="
-	python? ( ${PYTHON_DEPS} )
-	dane? (
-		!libressl? ( >=dev-libs/openssl-1.0.1e:0[${MULTILIB_USEDEP}] )
-		libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] )
-	)
-	ecdsa? (
-		!libressl? ( >=dev-libs/openssl-1.0.1e:0[-bindist,${MULTILIB_USEDEP}] )
-		libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] )
-	)
-	gost? (
-		!libressl? ( >=dev-libs/openssl-1.0.1e:0[${MULTILIB_USEDEP}] )
-		libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] )
-	)
-	ssl? (
-		!libressl? ( >=dev-libs/openssl-1.0.1e:0[${MULTILIB_USEDEP}] )
-		libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] )
-	)
-"
-DEPEND="${RDEPEND}
-	python? ( dev-lang/swig )
-	doc? ( app-doc/doxygen )
-"
-
-RESTRICT="test" # 1.6.9 has no test directory
-
-MULTILIB_CHOST_TOOLS=(
-	/usr/bin/ldns-config
-)
-
-pkg_setup() {
-	use python && python-single-r1_pkg_setup
-}
-
-multilib_src_configure() {
-	ECONF_SOURCE=${S} \
-	econf \
-		$(use_enable static-libs static) \
-		$(use_enable ssl sha2) \
-		$(use_enable gost) \
-		$(use_enable ecdsa) \
-		$(use_enable dane) \
-		$(use_with ssl ssl "${EPREFIX}"/usr) \
-		$(multilib_native_use_with python pyldns) \
-		$(multilib_native_use_with python pyldnsx) \
-		--without-drill \
-		--without-examples \
-		--disable-dane-ta-usage \
-		--disable-rpath
-
-		# >=openssl-1.1.0 required for dane-ta
-}
-
-multilib_src_compile() {
-	default
-
-	if multilib_is_native_abi && use doc ; then
-		emake doxygen
-	fi
-}
-
-multilib_src_install() {
-	default
-
-	if multilib_is_native_abi && use doc ; then
-		dohtml -r doc/html/.
-	fi
-}
-
-multilib_src_install_all() {
-	dodoc Changelog README*
-
-	prune_libtool_files --modules
-	use python && python_optimize
-
-	if use vim-syntax ; then
-		insinto /usr/share/vim/vimfiles/ftdetect
-		doins libdns.vim
-	fi
-
-	einfo
-	elog "Install net-dns/ldns-utils if you want drill and examples"
-	einfo
-}
-- 
cgit v1.2.3