diff options
author | spz <spz@pkgsrc.org> | 2017-05-15 08:40:21 +0000 |
---|---|---|
committer | spz <spz@pkgsrc.org> | 2017-05-15 08:40:21 +0000 |
commit | 0b26b2aee8871331e8ddc0a70150f282d0d86498 (patch) | |
tree | 5a2e4140aebd0eda33cdd3124fdb6738eba9ae5c /archivers | |
parent | 5e2305091dfd905e9c6d1612beae6cae7a02d649 (diff) | |
download | pkgsrc-0b26b2aee8871331e8ddc0a70150f282d0d86498.tar.gz |
update from 0.13.59 to v0.13.66
fixing: CVE-2017-5974 CVE-2017-5975 CVE-2017-5976 CVE-2017-5978 CVE-2017-5981
Upstream changelog:
2017-04-24 guidod <guidod@gmx.de>
* common frontend 'unzzip.c' for example code in unzzip*-xx.c
* expand testcases to cover all of big/mem/mix/zap variants
* release v0.13.66
2017-04-23 guidod <guidod@gmx.de>
* turn the testsuite from makefile into python unittest format
* extend 'make check' testsuite to cover non-libzzip extensions
* fix unzzipcat-seeko and unzzipcat-mem to match the testsuite
* release v0.13.65
2017-04-20 guidod <guidod@gmx.de>
* check patches in opensuse builds, mostly for some CVE reports
2012-09-15 guidod <guidod@gmx.de>
* zzip.h, plugin.h: "};" at end of extern-C produces build errors with
the default --pedantic-errors on newer CMake. Thanks to Keith Thompson
recognizing it - see http://stackoverflow.com/questions/12384280/
2012-03-11 guidod <guidod@gmx.de>
* configure.ac: fallback to libtool -export-dynamic unless being sure to
use gnu-ld --export-dynamic. The darwin case is a bit special here
as the c-compiler and linker might be from different worlds.
* next 0.13.62 - needs a fix for mingw
(-mconsole is not a linker option, only the gcc should see it)
2010-12-30 guidod <guidod@gmx.de>
* done 0.13.60 release, tagged, and announced.
* prepare 0.13.61
2010-12-29 guidod <guidod@gmx.de>
* Makefile.am: allow nonstaic build
* wrap fd.open like in the Fedora patch
2010-12-28 guidod <guidod@gmx.de>
* zziplib.spec - simplify the spec based on distro specs.
2010-12-27 guidod <guidod@gmx.de>
* adding fetch.h/fetch.c to msvc8/zziplib.vcproj to allow
tests with Visual Studio C++ Express 2005
2010-12-27 guidod <guidod@gmx.de>
* fix stat.c to check ZZIP_CASELESS instead of the deprecated
ZZIP_CASEINSENSITIVE. The latter is still recognized for
compatibility reasons and implicitly mapped to ZZIP_CASELESS.
* fixes the zziplib-Patches-3078188 which reported the bug.
2010-12-27 guidod <guidod@gmx.de>
* apply patches by Peter Breitenlohner for better compatibility
with AIX host system. Also the Sun Studio compiler insists on
static inline functions or else assumes extern inline.
* also fixes zziplib-Patches-3011551 on the AIX problem.
2010-12-27 guidod <guidod@gmx.de>
* add hints that the ext_io plugin handlers should be static.
2010-05-09 guidod <guidod@gmx.de>
* zzip/__fnmatch.h: add include <string.h> to make mingw32 happy.
Patches item #2995373 by Gregory Smith
2010-05-08 guidod <guidod@gmx.de>
* SDL/Makefile.am: fix generation of sdl-uninstalled.pc that was
not recognized during compilation.
2010-04-05 guidod <guidod@gmx.de>
* Makefile.am: fix "osc rm" and fix "test-sdl" if SDL was not found.
* configure.ac: SDL example builds on pkgconfig/sdl.pc which
was introduced with SDL 1.2.11 - CentOs5 ships 1.2.10 which
does only have "sdl-config" and it made for a mismatch in
in the build configuration: sdl-devel yes, pkgconfig sdl no.
* zzip/zip.c (__zzip_parse_root_directory): move the check for
zzip_disk_entry_check_magic to be after the the check that
the seek-value is more than a header's size before the end.
(based on a segfault report by Tulipánt Gergely when the
new modulo_entries code is enabled (which is off by default))
2010-03-30 guidod <guidod@gmx.de>
* zzip/Makefile.am: fixing symlinks for lib* - use only for Linux
Thanks to Ryan Schmidt (macports):
... likes to install some symlinks that don't make sense on Mac OS X:
$ ls -l /opt/local/lib/*zzip*so*
lrwxr-xr-x /opt/local/lib/libzzip*.so.10 -> libzzip*.so.13
lrwxr-xr-x /opt/local/lib/libzzip*.so.11 -> libzzip*.so.13
lrwxr-xr-x /opt/local/lib/libzzip*.so.12 -> libzzip*.so.13
Yes, the filenames literally contain an asterisk.
Diffstat (limited to 'archivers')
-rw-r--r-- | archivers/zziplib/Makefile | 15 | ||||
-rw-r--r-- | archivers/zziplib/PLIST | 10 | ||||
-rw-r--r-- | archivers/zziplib/distinfo | 17 | ||||
-rw-r--r-- | archivers/zziplib/patches/patch-aa | 10 | ||||
-rw-r--r-- | archivers/zziplib/patches/patch-ba | 43 | ||||
-rw-r--r-- | archivers/zziplib/patches/patch-bb | 21 | ||||
-rw-r--r-- | archivers/zziplib/patches/patch-zzip_zip.c | 27 |
7 files changed, 61 insertions, 82 deletions
diff --git a/archivers/zziplib/Makefile b/archivers/zziplib/Makefile index 69028e86522..bf4c39aa5b6 100644 --- a/archivers/zziplib/Makefile +++ b/archivers/zziplib/Makefile @@ -1,12 +1,17 @@ -# $NetBSD: Makefile,v 1.19 2014/10/09 14:05:55 wiz Exp $ +# $NetBSD: Makefile,v 1.20 2017/05/15 08:40:21 spz Exp $ -DISTNAME= zziplib-0.13.59 +PKGNAME= zziplib-${VERSION} +DISTNAME= ${PKGNAME} CATEGORIES= archivers -MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=zziplib/} -EXTRACT_SUFX= .tar.bz2 +MASTER_SITES= ${MASTER_SITE_GITHUB:=gdraheim/} +GITHUB_PROJECT= zziplib +GITHUB_TAG= v${VERSION} +EXTRACT_SUFX= .tar.gz +VERSION= 0.13.66 + MAINTAINER= pkgsrc-users@NetBSD.org -HOMEPAGE= http://zziplib.sourceforge.net/ +HOMEPAGE= https://github.com/gdraheim/zziplib COMMENT= Library for ZIP archive handling LICENSE= gnu-lgpl-v2 OR mpl-1.1 diff --git a/archivers/zziplib/PLIST b/archivers/zziplib/PLIST index ded6cd75809..1732764a532 100644 --- a/archivers/zziplib/PLIST +++ b/archivers/zziplib/PLIST @@ -1,11 +1,9 @@ -@comment $NetBSD: PLIST,v 1.7 2010/05/15 06:37:03 adam Exp $ +@comment $NetBSD: PLIST,v 1.8 2017/05/15 08:40:21 spz Exp $ bin/unzip-mem bin/unzzip -bin/unzzipcat -bin/unzzipcat-mem -bin/unzzipcat-seeko -bin/unzzipdir -bin/unzzipdir-mem +bin/unzzip-big +bin/unzzip-mem +bin/unzzip-mix bin/zzcat bin/zzdir bin/zzxorcat diff --git a/archivers/zziplib/distinfo b/archivers/zziplib/distinfo index f17d52e0dea..b5d0f91f4ae 100644 --- a/archivers/zziplib/distinfo +++ b/archivers/zziplib/distinfo @@ -1,11 +1,10 @@ -$NetBSD: distinfo,v 1.13 2017/02/25 12:16:44 kamil Exp $ +$NetBSD: distinfo,v 1.14 2017/05/15 08:40:21 spz Exp $ -SHA1 (zziplib-0.13.59.tar.bz2) = ddbce25cb36c3b4c2b892e2c8a88fa4a0be29a71 -RMD160 (zziplib-0.13.59.tar.bz2) = b96f547039ac005f6e9ca2cf92c388a077b9b21e -SHA512 (zziplib-0.13.59.tar.bz2) = e417867abd2a35a896c0e04d06a841db3569923fea1fbbb5de615d3357d708cdf5b085c4391b14a0943d8c574100b50c3d0de1f827090ee442fb5bf4010e3c53 -Size (zziplib-0.13.59.tar.bz2) = 691000 bytes -SHA1 (patch-aa) = e5687abbc3bbffa2b461f6e835baa18090e2c3a8 -SHA1 (patch-ba) = 1f680820112114534318ad46603992b16e183866 -SHA1 (patch-bb) = afdcf01c5aea03f7bfd61492acbe4f3743d50b0a +SHA1 (zziplib-0.13.66.tar.gz) = ddd7b127a4435b278d5dd5f79ed272a632b5c307 +RMD160 (zziplib-0.13.66.tar.gz) = ca3915a2c0835aa0a4a1ebcb0d286b6402b389ae +SHA512 (zziplib-0.13.66.tar.gz) = 893885d85293269fd8ff14d61eaae5f7d07689a16dd9c07c1ae8d46ea2b2f94a13d6aab19670efa7716cafe5e9f8efb1cbc1254bd9e860c836faa35736bdbe20 +Size (zziplib-0.13.66.tar.gz) = 1069837 bytes +SHA1 (patch-aa) = 0dd9535effc69940bfc0853b85685e7ba5f4fb30 +SHA1 (patch-ba) = 84f36580cabf321dc6e58366e8bd07fac9fe277f +SHA1 (patch-bb) = aeedbec78e30e7d28c02509c934947e6f0d50693 SHA1 (patch-bc) = 897a79994d90124972afdb9fa803e82520e6ae0e -SHA1 (patch-zzip_zip.c) = bbceb2ed9cd80620a297d4b8c48624bb2824dafb diff --git a/archivers/zziplib/patches/patch-aa b/archivers/zziplib/patches/patch-aa index c6827b4530e..e09efe4a315 100644 --- a/archivers/zziplib/patches/patch-aa +++ b/archivers/zziplib/patches/patch-aa @@ -1,12 +1,12 @@ -$NetBSD: patch-aa,v 1.5 2015/12/08 11:13:04 jperkin Exp $ +$NetBSD: patch-aa,v 1.6 2017/05/15 08:40:21 spz Exp $ ---- zzip/Makefile.in.orig 2010-03-29 19:40:50.000000000 +0000 +--- zzip/Makefile.in.orig 2017-04-23 23:46:28.000000000 +0000 +++ zzip/Makefile.in -@@ -775,6 +775,7 @@ install-data-hook : install-zzipHEADERS +@@ -892,6 +892,7 @@ install-data-hook : install-zzipHEADERS $(DESTDIR)$(includedir)/zzip.h >$(DESTDIR)$(includedir)/zzip-io.h install-exec-hook: +xxx: @ for i in . $(DESTDIR)$(libdir)/libzzip*.so.13 \ - ; do test -d $$i && continue ; lib=`basename "$$i" .so.13` \ - ; echo "$(DESTDIR)$(libdir): ln -s $$lib.so.13 $$lib.so.10" \ + ; do test -d $$i && continue ; test -f $$i || continue \ + ; lib=`basename "$$i" .so.13` \ diff --git a/archivers/zziplib/patches/patch-ba b/archivers/zziplib/patches/patch-ba index 05598e12fbd..1697869714f 100644 --- a/archivers/zziplib/patches/patch-ba +++ b/archivers/zziplib/patches/patch-ba @@ -1,20 +1,25 @@ -$NetBSD: patch-ba,v 1.4 2015/12/08 11:13:04 jperkin Exp $ +$NetBSD: patch-ba,v 1.5 2017/05/15 08:40:21 spz Exp $ -Use $as_echo to support escape sequences correctly. - ---- configure.orig 2010-03-29 19:24:41.000000000 +0000 +--- configure.orig 2017-04-23 23:46:28.000000000 +0000 +++ configure -@@ -16257,7 +16257,7 @@ fi - { $as_echo "$as_me:$LINENO: checking link options" >&5 - $as_echo_n "checking link options... " >&6; } - ZZIPLIB_LDFLAGS="" --test ".$can_build_shared" != ".no" && ZZIPLIB_LDFLAGS="--export-dynamic" -+test ".$can_build_shared" != ".no" && ZZIPLIB_LDFLAGS="${EXPORT_SYMBOLS_LDFLAGS}" - RESOLVES=" # " - case "$host_os" in mingw*) - ZZIPLIB_LDFLAGS="-no-undefined -export-all-symbols -mconsole" -@@ -20218,24 +20220,24 @@ else - { $as_echo "$as_me:$LINENO: creating $ac_prefix_conf_OUT - prefix $ac_prefix_conf_UPP for $ac_prefix_conf_INP defines" >&5 +@@ -13830,13 +13830,14 @@ case "$host_os" in mingw*) + ;; *) + if test ".$can_build_shared" != ".no" ; then + ZZIPLIB_LDFLAGS="-export-dynamic" +- if test ".$lt_cv_prog_gnu_ld" == ".yes" ; then ++ if test ".$lt_cv_prog_gnu_ld" = ".yes" ; then + ZZIPLIB_LDFLAGS="${wl}--export-dynamic" + # TODO: that is for backward compatibility only + fi + fi + RESOLVES=" # " + ;; esac ++ZZIPLIB_LDFLAGS="${EXPORT_SYMBOLS_LDFLAGS}" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ZZIPLIB_LDFLAGS $RESOLVES" >&5 + $as_echo "$ZZIPLIB_LDFLAGS $RESOLVES" >&6; } + +@@ -17539,24 +17542,24 @@ else + { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_prefix_conf_OUT - prefix $ac_prefix_conf_UPP for $ac_prefix_conf_INP defines" >&5 $as_echo "$as_me: creating $ac_prefix_conf_OUT - prefix $ac_prefix_conf_UPP for $ac_prefix_conf_INP defines" >&6;} if test -f $ac_prefix_conf_INP ; then - echo "s/^#undef *\\([ABCDEFGHIJKLMNOPQRSTUVWXYZ_]\\)/#undef $ac_prefix_conf_UPP""_\\1/" > conftest.prefix @@ -51,10 +56,10 @@ Use $as_echo to support escape sequences correctly. + $as_echo '/* once:' $ac_prefix_conf_DEF '*/' >>$tmp/pconfig.h + $as_echo "#endif" >>$tmp/pconfig.h if cmp -s $ac_prefix_conf_OUT $tmp/pconfig.h 2>/dev/null; then - { $as_echo "$as_me:$LINENO: $ac_prefix_conf_OUT is unchanged" >&5 + { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_prefix_conf_OUT is unchanged" >&5 $as_echo "$as_me: $ac_prefix_conf_OUT is unchanged" >&6;} -@@ -20352,24 +20354,24 @@ else - { $as_echo "$as_me:$LINENO: creating $ac_prefix_conf_OUT - prefix $ac_prefix_conf_UPP for $ac_prefix_conf_INP defines" >&5 +@@ -17629,24 +17632,24 @@ else + { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_prefix_conf_OUT - prefix $ac_prefix_conf_UPP for $ac_prefix_conf_INP defines" >&5 $as_echo "$as_me: creating $ac_prefix_conf_OUT - prefix $ac_prefix_conf_UPP for $ac_prefix_conf_INP defines" >&6;} if test -f $ac_prefix_conf_INP ; then - echo "s/^#undef *\\([ABCDEFGHIJKLMNOPQRSTUVWXYZ_]\\)/#undef $ac_prefix_conf_UPP""_\\1/" > conftest.prefix @@ -91,5 +96,5 @@ Use $as_echo to support escape sequences correctly. + $as_echo '/* once:' $ac_prefix_conf_DEF '*/' >>$tmp/pconfig.h + $as_echo "#endif" >>$tmp/pconfig.h if cmp -s $ac_prefix_conf_OUT $tmp/pconfig.h 2>/dev/null; then - { $as_echo "$as_me:$LINENO: $ac_prefix_conf_OUT is unchanged" >&5 + { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_prefix_conf_OUT is unchanged" >&5 $as_echo "$as_me: $ac_prefix_conf_OUT is unchanged" >&6;} diff --git a/archivers/zziplib/patches/patch-bb b/archivers/zziplib/patches/patch-bb index 0712978f445..60819f210a7 100644 --- a/archivers/zziplib/patches/patch-bb +++ b/archivers/zziplib/patches/patch-bb @@ -1,13 +1,12 @@ -$NetBSD: patch-bb,v 1.3 2010/05/15 06:37:03 adam Exp $ +$NetBSD: patch-bb,v 1.4 2017/05/15 08:40:21 spz Exp $ ---- configure.ac.orig 2010-03-29 19:24:17.000000000 +0000 +--- configure.ac.orig 2017-04-23 23:46:28.000000000 +0000 +++ configure.ac -@@ -279,7 +279,7 @@ AC_SUBST(ZIPTESTS) - # --------------------------------------------------------------- - AC_MSG_CHECKING([link options]) - ZZIPLIB_LDFLAGS="" --test ".$can_build_shared" != ".no" && ZZIPLIB_LDFLAGS="--export-dynamic" -+test ".$can_build_shared" != ".no" && ZZIPLIB_LDFLAGS="${EXPORT_SYMBOLS_LDFLAGS}" - RESOLVES=" # " - case "$host_os" in mingw*) - ZZIPLIB_LDFLAGS="-no-undefined -export-all-symbols -mconsole" +@@ -308,6 +308,7 @@ case "$host_os" in mingw*) + # TODO: that is for backward compatibility only + fi + fi ++ ZZIPLIB_LDFLAGS="${EXPORT_SYMBOLS_LDFLAGS}" + RESOLVES=" # " + ;; esac + AC_MSG_RESULT([$ZZIPLIB_LDFLAGS $RESOLVES]) diff --git a/archivers/zziplib/patches/patch-zzip_zip.c b/archivers/zziplib/patches/patch-zzip_zip.c deleted file mode 100644 index 4065f9e3c45..00000000000 --- a/archivers/zziplib/patches/patch-zzip_zip.c +++ /dev/null @@ -1,27 +0,0 @@ -$NetBSD: patch-zzip_zip.c,v 1.1 2017/02/25 12:16:44 kamil Exp $ - -Fix inline function error reference: -work/zziplib-0.13.59/zzip/.libs/libzzip.so: undefined reference to `__zzip_aligned4' - -Replace _zzip_inline with regular static inline. - ---- zzip/zip.c.orig 2009-09-24 21:57:00.000000000 +0000 -+++ zzip/zip.c -@@ -90,7 +90,7 @@ int __zzip_parse_root_directory(int fd, - struct zzip_dir_hdr **hdr_return, - zzip_plugin_io_t io); - --_zzip_inline char *__zzip_aligned4(char *p); -+static inline char *__zzip_aligned4(char *p); - - /* ------------------------ harden routines ------------------------------ */ - -@@ -377,7 +377,7 @@ __zzip_fetch_disk_trailer(int fd, zzip_o - * to pointer types but we do need only the lower bits in this implementation, - * so we can just cast the value to a long value. - */ --_zzip_inline char * -+static inline char * - __zzip_aligned4(char *p) - { - #define aligned4 __zzip_aligned4 |