From 40aaaa64e86ba6710bbeb31c4615a6ce80e75e11 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Wed, 28 Apr 2021 20:21:43 +0100 Subject: gentoo resync : 28.04.2021 --- net-misc/hylafaxplus/Manifest | 5 +- .../files/hylafaxplus-CVE-2020-1539x.patch | 110 -------------- net-misc/hylafaxplus/hylafaxplus-7.0.2.ebuild | 161 --------------------- net-misc/hylafaxplus/hylafaxplus-7.0.3.ebuild | 2 +- 4 files changed, 2 insertions(+), 276 deletions(-) delete mode 100644 net-misc/hylafaxplus/files/hylafaxplus-CVE-2020-1539x.patch delete mode 100644 net-misc/hylafaxplus/hylafaxplus-7.0.2.ebuild (limited to 'net-misc/hylafaxplus') diff --git a/net-misc/hylafaxplus/Manifest b/net-misc/hylafaxplus/Manifest index e664db152e81..2619c5f6b423 100644 --- a/net-misc/hylafaxplus/Manifest +++ b/net-misc/hylafaxplus/Manifest @@ -1,10 +1,7 @@ AUX hylafaxplus-7.0.2-tiff-4.2.patch 423 BLAKE2B 73bd76ed5f9b4a80dce322e910f1656d8210fa7f07499519c71c078c64452cce8d9a2c7fc913419328a224107a7b37972d5bd6eae6c20b6026c6c3682e4b2947 SHA512 b3512870ba25a7f896003e68eb56e2288a304351e5bf32a15771c3bc3c39572bd0c833f02694470417aeed8a2938cae6864604e8e40d6303dc05e579a84d1dcd -AUX hylafaxplus-CVE-2020-1539x.patch 3799 BLAKE2B 017793755bc17224e41541010b9bc46db72aac0c4801f94e86a5bd88ec834db4738aa22747fb3bfaa867a2967acca35ef77f9cfb88d39a0990aef93e12381010 SHA512 7f04ac1af6bb6d2440aeb0b74aab023d47357f8e27a2bffd237e6be3b66277c54947968c7dafac1dd6a6623c833970fe22f5e9ee817582279116ca88ba655e50 AUX hylafaxplus-conf 572 BLAKE2B cd2b237704e0607565c16cf81593654d266c212810d0dcb399f35d980d04ed54a5bb961f2fd29dbc8386ef6684fe684a8bcbd21c9cd782490546554ec90e4b2e SHA512 ee97c45e49ed03bf2d393b7861fb8d0a92ce927243b7f1843c52de452540e78633e1a6d7b6892e6f5e30b5518b4b3d998354a3cfebe7adfd84da3f9586585621 AUX hylafaxplus-init 3150 BLAKE2B 67b27c9e773d141c462b62882fa1ec592bdd30397c21c0dc0ef55384ac0d448803a8984c35eb22185c0aa315019eea1588829717b170f0b6168b549a270f2570 SHA512 6bc4db4597ef55aaf01bff66dfe7e9b3ce23d51e8d165f635ad49d9971260f8f131d386869787b2cd0de612d8ee784fb8f4e44fa8b8deb4eabf1aeab441e68f5 AUX ldconfig-patch 467 BLAKE2B d19f7a8ebc79bb40d9935e1f327f3abfa2d336ea4af2026c784178c8110efe4a1bb2c19a17c9127f039d64c2e9115b5899d1999ed1f5ac7c999cdce79875e5b0 SHA512 eb7c154eac56e20a81b3396770442d93b6833c7961927f8264e3ed1aa72850e018fbe14760d7bd5be739d069769e3db3fd5848aaa936dd7509f03a289a146d4c -DIST hylafax-7.0.2.tar.gz 1393586 BLAKE2B cbf99f91a0aa07783dd30e76ce8416b2933240d4bf829220909000519f9c9e14a324163707c14504848ba71e7c1ee7d98455f06bb040c2c50c1493d0138122aa SHA512 ea68404ad79e798b29450683eaa927e73033e0fa8160b803a3e2c9000df487c81193cc8fc0c1187477f5e1b2e26eec1c065ebc17e0be82e9a3e3758b1b5b5e4e DIST hylafax-7.0.3.tar.gz 1405116 BLAKE2B dbf8f87380929eb79ca0f18042c3397460dd6774f16defde8e9427d1d14094e00f6be491552f3ff6cc4c3d1fad0ec67a0c1a5fa3b4cb1e07c2f0c956eaefe8ed SHA512 938a21e4573fdf12bbc03dfee85e00555e7790a83a26316ac9cd1983501860858175d599c35f3b383cb0748518644587c203fb429966b5de3b615689d856281a -EBUILD hylafaxplus-7.0.2.ebuild 4277 BLAKE2B 15f47c1c4483d15506a90aad6911f9d49bfdc686c76069debd330e8c64fed59bddff568c5babb13ec53b92a296cd3d283f3a8240ceb89ef89bd2fd1b475ad490 SHA512 22fc577c68bba6d5bde7d4e9e1a75804fb8ad83ac34b2957947782b4557949c70c77a78fd93d2cc0c34a95a983df3ff8d11833a3de293bff7816f665f8122754 -EBUILD hylafaxplus-7.0.3.ebuild 4187 BLAKE2B 7b9632ca64f2a036b0a2af9c084ec60ae05838e5970ac8c52da528bcf9db9b54c217cfb167c5026b3f21384b30794ba23e36e89d88c6157118486c81d77ba134 SHA512 2af3df0e835067784e375e15f9b90a3e7041782c98ee3eddb84e82a1c14ed38682adb3af384c7585bdf9578b057149a1b17833501cd5c9fc1da2a0113dd378a0 +EBUILD hylafaxplus-7.0.3.ebuild 4185 BLAKE2B 6da6298d9f7f87a8836aabd06eb9e4514678b665f1eb40c0bbecc6d2e9bc037d46c090a17be3cbec0ae93db0d8b796a718f90d4106971d60ef4cb42a3db3f2f9 SHA512 9514f5377ee54fe930b96b5c5129753596a699652f19dbb8b2e51e801f0ddbb256cfe3ed0226efdfb1f17439eb8a0a1237c3f4bae29fb28995d0a835751b02a7 MISC metadata.xml 496 BLAKE2B 778816874c73db0b7958055c119ef88326993ba3dbac35086b6ebcc3f27c95b71abdec098989460e800c25407f0a7781869649639cddd8671f998d3cf9d0d615 SHA512 092154bcc54daa4db847fabc773d588ee09e6c65c540391d4bd78c4856662b348304a0116628b5142381fe9cf76c5caaf25984c1e7449f032f7c20b83b0a0bd5 diff --git a/net-misc/hylafaxplus/files/hylafaxplus-CVE-2020-1539x.patch b/net-misc/hylafaxplus/files/hylafaxplus-CVE-2020-1539x.patch deleted file mode 100644 index 6c484590c468..000000000000 --- a/net-misc/hylafaxplus/files/hylafaxplus-CVE-2020-1539x.patch +++ /dev/null @@ -1,110 +0,0 @@ -commit e8f8196230ae15f6f7d7104ded3e2633002506e4 -Author: faxguy -Date: Sat Jun 13 23:46:33 2020 +0000 - - Johannes Segitz reported two issues: - - 1) faxaddmodem, faxsetup, and probemodem create temporary directories in a way that is not secure due to a race condition. - - 2) The HylaFAX spool directory bin and etc subdirectories are not secure against uucp deleting and recreating scripts that root runs. - - These changes address these two issues. - - - - git-svn-id: https://svn.code.sf.net/p/hylafax/HylaFAX+@2534 5505949e-d877-4686-9e03-c53b7a51b376 - -diff --git a/CONTRIBUTORS b/CONTRIBUTORS -index 057739f..a9d4f21 100644 ---- a/CONTRIBUTORS -+++ b/CONTRIBUTORS -@@ -203,6 +203,7 @@ following for their contributions: - Travis Schafer LogSend and LogRecv modem config options, documentation fixes - Sven Schmidt - Steven Schoch faxrcvd faxinfo text parsing -+ Johannes Segitz code security audit - John Sellens - Chris Severance documentation fixes, scripting improvements - Simon -diff --git a/Makefile.in b/Makefile.in -index 1ee4d76..ec0cda7 100644 ---- a/Makefile.in -+++ b/Makefile.in -@@ -208,7 +208,10 @@ makeServerDirs:: - -idb hylafax.sw.server -root ${INSTALLROOT} -dir ${SPOOL} - -${INSTALL} -u ${FAXUSER} -g ${FAXGROUP} -m ${DIRMODE} \ - -idb hylafax.sw.server -dir \ -- -root ${INSTALLROOT} -F ${SPOOL} bin client config dev etc info log recvq status -+ -root ${INSTALLROOT} -F ${SPOOL} client config dev info log recvq status -+ -${INSTALL} -u root -g root -m ${DIRMODE} \ -+ -idb hylafax.sw.server -dir \ -+ -root ${INSTALLROOT} -F ${SPOOL} bin etc - -${INSTALL} -u ${FAXUSER} -g ${FAXGROUP} -m 700 \ - -idb hylafax.sw.server -dir \ - -root ${INSTALLROOT} -F ${SPOOL} sendq doneq docq tmp pollq archive -diff --git a/etc/faxaddmodem.sh.in b/etc/faxaddmodem.sh.in -index dc39917..c4d3ff1 100644 ---- a/etc/faxaddmodem.sh.in -+++ b/etc/faxaddmodem.sh.in -@@ -113,12 +113,14 @@ if [ "$euid" != "root" ]; then - fi - - # security -+o="`umask`" -+umask 077 - TMPDIR=`(mktemp -d /tmp/.faxaddmodem.XXXXXX) 2>/dev/null` -+umask "$o" - if test X$TMPDIR = X; then -- TMPDIR=/tmp/.faxaddmodem$$ -+ echo "Failed to create temporary directory. Cannot continue." -+ exit 1 - fi --@RM@ -rf $TMPDIR --(umask 077 ; mkdir $TMPDIR) || exit 1 - - SH=$SCRIPT_SH # shell for use below - CPATH=$SPOOL/etc/config # prefix of configuration file -diff --git a/etc/faxsetup.sh.in b/etc/faxsetup.sh.in -index 556eef5..b4aae40 100644 ---- a/etc/faxsetup.sh.in -+++ b/etc/faxsetup.sh.in -@@ -922,12 +922,14 @@ if onServer; then - # - - # Setup TMPDIR before anything can trap and rm it -+ o="`umask`" -+ umask 077 - TMPDIR=`(mktemp -d /tmp/.faxsetup.XXXXXX) 2>/dev/null` -+ umask "$o" - if test x$TMPDIR = x; then -- TMPDIR=/tmp/.faxsetup$$ -+ echo "Failed to create temporary directory. Cannot continue." -+ exit 1 - fi -- $RM -rf $TMPDIR -- (umask 077 ; mkdir $TMPDIR) || exit 1 - - JUNK="etc/setup.tmp" - trap "$RM \$JUNK; $RM -r \$TMPDIR; exit 1" 1 2 15 -diff --git a/etc/probemodem.sh.in b/etc/probemodem.sh.in -index 55b5d9b..c0abf15 100644 ---- a/etc/probemodem.sh.in -+++ b/etc/probemodem.sh.in -@@ -85,12 +85,14 @@ test -f $SPOOL/etc/setup.cache || { - . $SPOOL/etc/setup.cache # common configuration stuff - . $SPOOL/etc/setup.modem # modem-specific stuff - -+o="`umask`" -+umask 077 - TMPDIR=`(mktemp -d /tmp/.probemodem.XXXXXX) 2>/dev/null` -+umask "$o" - if test X$TMPDIR = X; then -- TMPDIR=/tmp/.probemodem$$ -+ echo "Failed to create temporary directory. Cannot continue." -+ exit 1 - fi --@RM@ -fr $TMPDIR --(umask 077 ; mkdir $TMPDIR) || exit 1 - - SH=$SCRIPT_SH # shell for use below - OUT=$TMPDIR/probemodem$$ # temp file in which modem output is recorded diff --git a/net-misc/hylafaxplus/hylafaxplus-7.0.2.ebuild b/net-misc/hylafaxplus/hylafaxplus-7.0.2.ebuild deleted file mode 100644 index 6cbf6123a4c4..000000000000 --- a/net-misc/hylafaxplus/hylafaxplus-7.0.2.ebuild +++ /dev/null @@ -1,161 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit pam toolchain-funcs - -MY_PN="${PN/plus/}" -MY_P="${MY_PN}-${PV}" - -DESCRIPTION="Enterprise client-server fax package for class 1 and 2 fax modems" -HOMEPAGE="http://hylafax.sourceforge.net" -SRC_URI="mirror://sourceforge/hylafax/${MY_P}.tar.gz" - -SLOT="0" -LICENSE="hylafaxplus" -KEYWORDS="amd64 x86" -IUSE="html jbig lcms ldap mgetty pam" - -DEPEND=" - app-text/ghostscript-gpl - media-libs/tiff:0[jbig?] - !net-dialup/mgetty[fax] - >=sys-libs/zlib-1.1.4 - virtual/awk - virtual/jpeg:0 - virtual/mta - jbig? ( media-libs/jbigkit ) - lcms? ( media-libs/lcms ) - ldap? ( net-nds/openldap ) - mgetty? ( net-dialup/mgetty[-fax] ) - pam? ( sys-libs/pam ) -" -RDEPEND="${DEPEND} - !net-dialup/sendpage - net-mail/metamail -" - -S="${WORKDIR}/${MY_P}" - -CONFIG_PROTECT="${CONFIG_PROTECT} /var/spool/fax/etc /usr/lib/fax" -CONFIG_PROTECT_MASK="${CONFIG_PROTECT_MASK} /var/spool/fax/etc/xferfaxlog" - -PATCHES=( - "${FILESDIR}/ldconfig-patch" - "${FILESDIR}/${PN}-CVE-2020-1539x.patch" - "${FILESDIR}/${PN}-7.0.2-tiff-4.2.patch" -) - -src_prepare() { - default - - # force it not to strip binaries - for dir in etc util faxalter faxcover faxd faxmail faxrm faxstat \ - hfaxd sendfax sendpage ; do - sed -i -e "s:-idb:-idb \"nostrip\" -idb:g" \ - "${dir}"/Makefile.in || die "sed on ${dir}/Makefile.in failed" - done - - sed -i -e "s:hostname:hostname -f:g" util/{faxrcvd,pollrcvd}.sh.in || die "sed on hostname failed" - - # Respect LDFLAGS(at least partially) - sed -i -e "/^LDFLAGS/s/LDOPTS}/LDOPTS} ${LDFLAGS}/" defs.in || die "sed on defs.in failed" - - sed -i -e "s|-fpic|-fPIC|g" \ - configure || die -} - -src_configure() { - do_configure() { - echo ./configure --nointeractive ${1} - # eval required for quoting in ${my_conf} to work properly, better way? - eval ./configure --nointeractive ${1} || die "./configure failed" - } - local my_conf=" - --with-DIR_BIN=/usr/bin - --with-DIR_SBIN=/usr/sbin - --with-DIR_LIB=/usr/$(get_libdir) - --with-DIR_LIBEXEC=/usr/sbin - --with-DIR_LIBDATA=/usr/$(get_libdir)/fax - --with-DIR_LOCALE=/usr/share/locale - --with-DIR_LOCKS=/var/lock - --with-DIR_MAN=/usr/share/man - --with-DIR_SPOOL=/var/spool/fax - --with-DIR_HTML=/usr/share/doc/${P}/html - --with-DIR_CGI="${WORKDIR}" - --with-PATH_DPSRIP=/var/spool/fax/bin/ps2fax - --with-PATH_IMPRIP=\"\" - --with-SYSVINIT=no - --with-REGEX=yes - --with-LIBTIFF=\"-ltiff -ljpeg -lz\" - --with-OPTIMIZER=\"${CFLAGS}\" - --with-DSO=auto - --with-HTML=$(usex html)" - - if use mgetty; then - my_conf="${my_conf} \ - --with-PATH_GETTY=/sbin/mgetty \ - --with-PATH_EGETTY=/sbin/mgetty \ - --with-PATH_VGETTY=/usr/sbin/vgetty" - else - # GETTY defaults to /sbin/agetty - my_conf="${my_conf} \ - --with-PATH_EGETTY=/bin/false \ - --with-PATH_VGETTY=/bin/false" - fi - - #--enable-pam isn't valid - use pam || my_conf="${my_conf} $(use_enable pam)" - use lcms || my_conf="${my_conf} $(use_enable lcms)" - use ldap || my_conf="${my_conf} $(use_enable ldap)" - use jbig || my_conf="${my_conf} $(use_enable jbig)" - - tc-export CC CXX AR RANLIB - - do_configure "${my_conf}" -} - -src_compile() { - # Parallel building is borked, bug #???? - emake -j1 -} - -src_install() { - dodir /usr/{bin,sbin} /usr/$(get_libdir)/fax /usr/share/man - dodir /var/spool /var/spool/fax - fowners uucp:uucp /var/spool/fax - fperms 0600 /var/spool/fax - dodir "/usr/share/doc/${P}/samples" - - emake DESTDIR="${D}" \ - BIN="${D}/usr/bin" \ - SBIN="${D}/usr/sbin" \ - LIBDIR="${D}/usr/$(get_libdir)" \ - LIB="${D}/usr/$(get_libdir)" \ - LIBEXEC="${D}/usr/sbin" \ - LIBDATA="${D}/usr/$(get_libdir)/fax" \ - DIR_LOCALE="${D}/usr/share/locale" \ - MAN="${D}/usr/share/man" \ - SPOOL="${D}/var/spool/fax" \ - HTMLDIR="${D}/usr/share/doc/${PF}/html" \ - install - - keepdir /var/spool/fax/{archive,client,etc,pollq,recvq,tmp} - keepdir /var/spool/fax/{status,sendq,log,info,doneq,docq,dev} - - einfo "Adding env.d entry for ${PN}" - newenvd - 99hylafaxplus <<-EOF - PATH="/var/spool/fax/bin" - CONFIG_PROTECT="/var/spool/fax/etc /usr/$(get_libdir)/fax" - CONFIG_PROTECT_MASK="/var/spool/fax/etc/xferfaxlog" - EOF - - newconfd "${FILESDIR}/${PN}-conf" ${PN} - newinitd "${FILESDIR}/${PN}-init" ${PN} - - use pam && pamd_mimic_system ${MY_PN} auth account session - - einstalldocs - docinto samples -} diff --git a/net-misc/hylafaxplus/hylafaxplus-7.0.3.ebuild b/net-misc/hylafaxplus/hylafaxplus-7.0.3.ebuild index af9072b4758a..a4859f2b0da8 100644 --- a/net-misc/hylafaxplus/hylafaxplus-7.0.3.ebuild +++ b/net-misc/hylafaxplus/hylafaxplus-7.0.3.ebuild @@ -15,7 +15,7 @@ S="${WORKDIR}/${MY_P}" SLOT="0" LICENSE="hylafaxplus" -KEYWORDS="~amd64 ~x86" +KEYWORDS="amd64 x86" IUSE="html jbig lcms ldap mgetty pam" DEPEND=" -- cgit v1.2.3