summaryrefslogtreecommitdiff
path: root/archivers/bzip2
diff options
context:
space:
mode:
authoradrianp <adrianp>2008-03-26 19:06:06 +0000
committeradrianp <adrianp>2008-03-26 19:06:06 +0000
commiteb06ae4f5f24b6b2e1711657062100b37bba66f7 (patch)
tree37c1c1d12a8f358dbcaa88faca33cd9e16a9df3d /archivers/bzip2
parent10d5e931190a451fb25a7b97047e2e421321c518 (diff)
downloadpkgsrc-eb06ae4f5f24b6b2e1711657062100b37bba66f7.tar.gz
Update to 1.0.5
The only change is to address the vulnerability detailed in CERT/CC: VU#813451 OK'ed joerg@
Diffstat (limited to 'archivers/bzip2')
-rw-r--r--archivers/bzip2/Makefile6
-rw-r--r--archivers/bzip2/files/CHANGES9
-rw-r--r--archivers/bzip2/files/LICENSE7
-rw-r--r--archivers/bzip2/files/README9
-rw-r--r--archivers/bzip2/files/blocksort.c4
-rw-r--r--archivers/bzip2/files/bzip2.14
-rw-r--r--archivers/bzip2/files/bzip2.c8
-rw-r--r--archivers/bzip2/files/bzip2recover.c6
-rw-r--r--archivers/bzip2/files/bzlib.c7
-rw-r--r--archivers/bzip2/files/bzlib.h4
-rw-r--r--archivers/bzip2/files/bzlib_private.h16
-rw-r--r--archivers/bzip2/files/compress.c4
-rw-r--r--archivers/bzip2/files/crctable.c4
-rw-r--r--archivers/bzip2/files/decompress.c4
-rw-r--r--archivers/bzip2/files/huffman.c4
-rw-r--r--archivers/bzip2/files/randtable.c4
16 files changed, 58 insertions, 42 deletions
diff --git a/archivers/bzip2/Makefile b/archivers/bzip2/Makefile
index cb9bc01e4d4..1838ba6fa82 100644
--- a/archivers/bzip2/Makefile
+++ b/archivers/bzip2/Makefile
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.46 2008/02/12 11:25:35 tnn Exp $
+# $NetBSD: Makefile,v 1.47 2008/03/26 19:06:06 adrianp Exp $
#
-DISTNAME= bzip2-1.0.4
+DISTNAME= bzip2-1.0.5
CATEGORIES= archivers
-MASTER_SITES= http://www.bzip.org/1.0.4/
+MASTER_SITES= http://www.bzip.org/1.0.5/
MAINTAINER= joerg@NetBSD.org
HOMEPAGE= http://www.bzip.org/
diff --git a/archivers/bzip2/files/CHANGES b/archivers/bzip2/files/CHANGES
index 0959ea0ac6d..6e4f65e2e0a 100644
--- a/archivers/bzip2/files/CHANGES
+++ b/archivers/bzip2/files/CHANGES
@@ -2,8 +2,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
@@ -312,3 +312,8 @@ Fixes some minor bugs since the last version, 1.0.3.
* Fix minor doc/comment bugs.
+
+1.0.5 (10 Dec 07)
+~~~~~~~~~~~~~~~~~
+Security fix only. Fixes CERT-FI 20469 as it applies to bzip2.
+
diff --git a/archivers/bzip2/files/LICENSE b/archivers/bzip2/files/LICENSE
index 4458e35bb51..f420cffb67d 100644
--- a/archivers/bzip2/files/LICENSE
+++ b/archivers/bzip2/files/LICENSE
@@ -2,7 +2,7 @@
--------------------------------------------------------------------------
This program, "bzip2", the associated library "libbzip2", and all
-documentation, are copyright (C) 1996-2006 Julian R Seward. All
+documentation, are copyright (C) 1996-2007 Julian R Seward. All
rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -36,8 +36,7 @@ WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-Julian Seward, Cambridge, UK.
-jseward@bzip.org
-bzip2/libbzip2 version 1.0.4 of 20 December 2006
+Julian Seward, jseward@bzip.org
+bzip2/libbzip2 version 1.0.5 of 10 December 2007
--------------------------------------------------------------------------
diff --git a/archivers/bzip2/files/README b/archivers/bzip2/files/README
index b18c096b9e8..e17a84e049f 100644
--- a/archivers/bzip2/files/README
+++ b/archivers/bzip2/files/README
@@ -6,8 +6,8 @@ This version is fully compatible with the previous public releases.
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
-bzip2/libbzip2 version 1.0.4 of 20 December 2006
-Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+bzip2/libbzip2 version 1.0.5 of 10 December 2007
+Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in this file.
@@ -177,6 +177,10 @@ WHAT'S NEW IN 1.0.4 ?
See the CHANGES file.
+WHAT'S NEW IN 1.0.5 ?
+
+ See the CHANGES file.
+
I hope you find bzip2 useful. Feel free to contact me at
jseward@bzip.org
@@ -203,3 +207,4 @@ Cambridge, UK.
30 December 2001 (bzip2, version 1.0.2pre1)
15 February 2005 (bzip2, version 1.0.3)
20 December 2006 (bzip2, version 1.0.4)
+10 December 2007 (bzip2, version 1.0.5)
diff --git a/archivers/bzip2/files/blocksort.c b/archivers/bzip2/files/blocksort.c
index 8535c93c8db..bd2dec157fa 100644
--- a/archivers/bzip2/files/blocksort.c
+++ b/archivers/bzip2/files/blocksort.c
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
diff --git a/archivers/bzip2/files/bzip2.1 b/archivers/bzip2/files/bzip2.1
index a313f2d5bed..947ba936ae3 100644
--- a/archivers/bzip2/files/bzip2.1
+++ b/archivers/bzip2/files/bzip2.1
@@ -1,7 +1,7 @@
.PU
.TH bzip2 1
.SH NAME
-bzip2, bunzip2 \- a block-sorting file compressor, v1.0.4
+bzip2, bunzip2 \- a block-sorting file compressor, v1.0.5
.br
bzcat \- decompresses files to stdout
.br
@@ -405,7 +405,7 @@ I/O error messages are not as helpful as they could be.
tries hard to detect I/O errors and exit cleanly, but the details of
what the problem is sometimes seem rather misleading.
-This manual page pertains to version 1.0.4 of
+This manual page pertains to version 1.0.5 of
.I bzip2.
Compressed data created by this version is entirely forwards and
backwards compatible with the previous public releases, versions
diff --git a/archivers/bzip2/files/bzip2.c b/archivers/bzip2/files/bzip2.c
index 5fbae0ebe47..390410735b5 100644
--- a/archivers/bzip2/files/bzip2.c
+++ b/archivers/bzip2/files/bzip2.c
@@ -7,8 +7,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
@@ -1605,11 +1605,11 @@ void license ( void )
"bzip2, a block-sorting file compressor. "
"Version %s.\n"
" \n"
- " Copyright (C) 1996-2006 by Julian Seward.\n"
+ " Copyright (C) 1996-2007 by Julian Seward.\n"
" \n"
" This program is free software; you can redistribute it and/or modify\n"
" it under the terms set out in the LICENSE file, which is included\n"
- " in the bzip2-1.0.4 source distribution.\n"
+ " in the bzip2-1.0.5 source distribution.\n"
" \n"
" This program is distributed in the hope that it will be useful,\n"
" but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
diff --git a/archivers/bzip2/files/bzip2recover.c b/archivers/bzip2/files/bzip2recover.c
index ffe60bc7201..5f6d6218095 100644
--- a/archivers/bzip2/files/bzip2recover.c
+++ b/archivers/bzip2/files/bzip2recover.c
@@ -7,8 +7,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
@@ -313,7 +313,7 @@ Int32 main ( Int32 argc, Char** argv )
inFileName[0] = outFileName[0] = 0;
fprintf ( stderr,
- "bzip2recover 1.0.4: extracts blocks from damaged .bz2 files.\n" );
+ "bzip2recover 1.0.5: extracts blocks from damaged .bz2 files.\n" );
if (argc != 2) {
fprintf ( stderr, "%s: usage is `%s damaged_file_name'.\n",
diff --git a/archivers/bzip2/files/bzlib.c b/archivers/bzip2/files/bzlib.c
index 79c34a5400f..ef86c91e695 100644
--- a/archivers/bzip2/files/bzlib.c
+++ b/archivers/bzip2/files/bzlib.c
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
@@ -48,7 +48,7 @@ void BZ2_bz__AssertH__fail ( int errcode )
"component, you should also report this bug to the author(s)\n"
"of that program. Please make an effort to report this bug;\n"
"timely and accurate bug reports eventually lead to higher\n"
- "quality software. Thanks. Julian Seward, 15 February 2005.\n\n",
+ "quality software. Thanks. Julian Seward, 10 December 2007.\n\n",
errcode,
BZ2_bzlibVersion()
);
@@ -598,6 +598,7 @@ Bool unRLE_obuf_to_output_FAST ( DState* s )
UInt32 c_tPos = s->tPos;
char* cs_next_out = s->strm->next_out;
unsigned int cs_avail_out = s->strm->avail_out;
+ Int32 ro_blockSize100k = s->blockSize100k;
/* end restore */
UInt32 avail_out_INIT = cs_avail_out;
diff --git a/archivers/bzip2/files/bzlib.h b/archivers/bzip2/files/bzlib.h
index fdb0dbe7b02..c5b75d6d8ff 100644
--- a/archivers/bzip2/files/bzlib.h
+++ b/archivers/bzip2/files/bzlib.h
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
diff --git a/archivers/bzip2/files/bzlib_private.h b/archivers/bzip2/files/bzlib_private.h
index d0a05546efd..23427879b18 100644
--- a/archivers/bzip2/files/bzlib_private.h
+++ b/archivers/bzip2/files/bzlib_private.h
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
@@ -36,7 +36,7 @@
/*-- General stuff. --*/
-#define BZ_VERSION "1.0.4, 20-Dec-2006"
+#define BZ_VERSION "1.0.5, 10-Dec-2007"
typedef char Char;
typedef unsigned char Bool;
@@ -442,11 +442,15 @@ typedef
/*-- Macros for decompression. --*/
#define BZ_GET_FAST(cccc) \
+ /* c_tPos is unsigned, hence test < 0 is pointless. */ \
+ if (s->tPos >= (UInt32)100000 * (UInt32)s->blockSize100k) return True; \
s->tPos = s->tt[s->tPos]; \
cccc = (UChar)(s->tPos & 0xff); \
s->tPos >>= 8;
#define BZ_GET_FAST_C(cccc) \
+ /* c_tPos is unsigned, hence test < 0 is pointless. */ \
+ if (c_tPos >= (UInt32)100000 * (UInt32)ro_blockSize100k) return True; \
c_tPos = c_tt[c_tPos]; \
cccc = (UChar)(c_tPos & 0xff); \
c_tPos >>= 8;
@@ -469,8 +473,10 @@ typedef
(((UInt32)s->ll16[i]) | (GET_LL4(i) << 16))
#define BZ_GET_SMALL(cccc) \
- cccc = BZ2_indexIntoF ( s->tPos, s->cftab ); \
- s->tPos = GET_LL(s->tPos);
+ /* c_tPos is unsigned, hence test < 0 is pointless. */ \
+ if (s->tPos >= (UInt32)100000 * (UInt32)s->blockSize100k) return True; \
+ cccc = BZ2_indexIntoF ( s->tPos, s->cftab ); \
+ s->tPos = GET_LL(s->tPos);
/*-- externs for decompression. --*/
diff --git a/archivers/bzip2/files/compress.c b/archivers/bzip2/files/compress.c
index d98d5c0bd86..8c80a079700 100644
--- a/archivers/bzip2/files/compress.c
+++ b/archivers/bzip2/files/compress.c
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
diff --git a/archivers/bzip2/files/crctable.c b/archivers/bzip2/files/crctable.c
index bc7e2ae39d9..215687b2c05 100644
--- a/archivers/bzip2/files/crctable.c
+++ b/archivers/bzip2/files/crctable.c
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
diff --git a/archivers/bzip2/files/decompress.c b/archivers/bzip2/files/decompress.c
index 124cc8ddc7c..bba5e0fa36d 100644
--- a/archivers/bzip2/files/decompress.c
+++ b/archivers/bzip2/files/decompress.c
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
diff --git a/archivers/bzip2/files/huffman.c b/archivers/bzip2/files/huffman.c
index be4dc024dca..87e79e38af0 100644
--- a/archivers/bzip2/files/huffman.c
+++ b/archivers/bzip2/files/huffman.c
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
diff --git a/archivers/bzip2/files/randtable.c b/archivers/bzip2/files/randtable.c
index d186335e0ee..068b76367bc 100644
--- a/archivers/bzip2/files/randtable.c
+++ b/archivers/bzip2/files/randtable.c
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.