summaryrefslogtreecommitdiff
path: root/archivers
diff options
context:
space:
mode:
authorspz <spz@pkgsrc.org>2017-05-15 08:40:21 +0000
committerspz <spz@pkgsrc.org>2017-05-15 08:40:21 +0000
commit0b26b2aee8871331e8ddc0a70150f282d0d86498 (patch)
tree5a2e4140aebd0eda33cdd3124fdb6738eba9ae5c /archivers
parent5e2305091dfd905e9c6d1612beae6cae7a02d649 (diff)
downloadpkgsrc-0b26b2aee8871331e8ddc0a70150f282d0d86498.tar.gz
update from 0.13.59 to v0.13.66
fixing: CVE-2017-5974 CVE-2017-5975 CVE-2017-5976 CVE-2017-5978 CVE-2017-5981 Upstream changelog: 2017-04-24 guidod <guidod@gmx.de> * common frontend 'unzzip.c' for example code in unzzip*-xx.c * expand testcases to cover all of big/mem/mix/zap variants * release v0.13.66 2017-04-23 guidod <guidod@gmx.de> * turn the testsuite from makefile into python unittest format * extend 'make check' testsuite to cover non-libzzip extensions * fix unzzipcat-seeko and unzzipcat-mem to match the testsuite * release v0.13.65 2017-04-20 guidod <guidod@gmx.de> * check patches in opensuse builds, mostly for some CVE reports 2012-09-15 guidod <guidod@gmx.de> * zzip.h, plugin.h: "};" at end of extern-C produces build errors with the default --pedantic-errors on newer CMake. Thanks to Keith Thompson recognizing it - see http://stackoverflow.com/questions/12384280/ 2012-03-11 guidod <guidod@gmx.de> * configure.ac: fallback to libtool -export-dynamic unless being sure to use gnu-ld --export-dynamic. The darwin case is a bit special here as the c-compiler and linker might be from different worlds. * next 0.13.62 - needs a fix for mingw (-mconsole is not a linker option, only the gcc should see it) 2010-12-30 guidod <guidod@gmx.de> * done 0.13.60 release, tagged, and announced. * prepare 0.13.61 2010-12-29 guidod <guidod@gmx.de> * Makefile.am: allow nonstaic build * wrap fd.open like in the Fedora patch 2010-12-28 guidod <guidod@gmx.de> * zziplib.spec - simplify the spec based on distro specs. 2010-12-27 guidod <guidod@gmx.de> * adding fetch.h/fetch.c to msvc8/zziplib.vcproj to allow tests with Visual Studio C++ Express 2005 2010-12-27 guidod <guidod@gmx.de> * fix stat.c to check ZZIP_CASELESS instead of the deprecated ZZIP_CASEINSENSITIVE. The latter is still recognized for compatibility reasons and implicitly mapped to ZZIP_CASELESS. * fixes the zziplib-Patches-3078188 which reported the bug. 2010-12-27 guidod <guidod@gmx.de> * apply patches by Peter Breitenlohner for better compatibility with AIX host system. Also the Sun Studio compiler insists on static inline functions or else assumes extern inline. * also fixes zziplib-Patches-3011551 on the AIX problem. 2010-12-27 guidod <guidod@gmx.de> * add hints that the ext_io plugin handlers should be static. 2010-05-09 guidod <guidod@gmx.de> * zzip/__fnmatch.h: add include <string.h> to make mingw32 happy. Patches item #2995373 by Gregory Smith 2010-05-08 guidod <guidod@gmx.de> * SDL/Makefile.am: fix generation of sdl-uninstalled.pc that was not recognized during compilation. 2010-04-05 guidod <guidod@gmx.de> * Makefile.am: fix "osc rm" and fix "test-sdl" if SDL was not found. * configure.ac: SDL example builds on pkgconfig/sdl.pc which was introduced with SDL 1.2.11 - CentOs5 ships 1.2.10 which does only have "sdl-config" and it made for a mismatch in in the build configuration: sdl-devel yes, pkgconfig sdl no. * zzip/zip.c (__zzip_parse_root_directory): move the check for zzip_disk_entry_check_magic to be after the the check that the seek-value is more than a header's size before the end. (based on a segfault report by Tulipánt Gergely when the new modulo_entries code is enabled (which is off by default)) 2010-03-30 guidod <guidod@gmx.de> * zzip/Makefile.am: fixing symlinks for lib* - use only for Linux Thanks to Ryan Schmidt (macports): ... likes to install some symlinks that don't make sense on Mac OS X: $ ls -l /opt/local/lib/*zzip*so* lrwxr-xr-x /opt/local/lib/libzzip*.so.10 -> libzzip*.so.13 lrwxr-xr-x /opt/local/lib/libzzip*.so.11 -> libzzip*.so.13 lrwxr-xr-x /opt/local/lib/libzzip*.so.12 -> libzzip*.so.13 Yes, the filenames literally contain an asterisk.
Diffstat (limited to 'archivers')
-rw-r--r--archivers/zziplib/Makefile15
-rw-r--r--archivers/zziplib/PLIST10
-rw-r--r--archivers/zziplib/distinfo17
-rw-r--r--archivers/zziplib/patches/patch-aa10
-rw-r--r--archivers/zziplib/patches/patch-ba43
-rw-r--r--archivers/zziplib/patches/patch-bb21
-rw-r--r--archivers/zziplib/patches/patch-zzip_zip.c27
7 files changed, 61 insertions, 82 deletions
diff --git a/archivers/zziplib/Makefile b/archivers/zziplib/Makefile
index 69028e86522..bf4c39aa5b6 100644
--- a/archivers/zziplib/Makefile
+++ b/archivers/zziplib/Makefile
@@ -1,12 +1,17 @@
-# $NetBSD: Makefile,v 1.19 2014/10/09 14:05:55 wiz Exp $
+# $NetBSD: Makefile,v 1.20 2017/05/15 08:40:21 spz Exp $
-DISTNAME= zziplib-0.13.59
+PKGNAME= zziplib-${VERSION}
+DISTNAME= ${PKGNAME}
CATEGORIES= archivers
-MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=zziplib/}
-EXTRACT_SUFX= .tar.bz2
+MASTER_SITES= ${MASTER_SITE_GITHUB:=gdraheim/}
+GITHUB_PROJECT= zziplib
+GITHUB_TAG= v${VERSION}
+EXTRACT_SUFX= .tar.gz
+VERSION= 0.13.66
+
MAINTAINER= pkgsrc-users@NetBSD.org
-HOMEPAGE= http://zziplib.sourceforge.net/
+HOMEPAGE= https://github.com/gdraheim/zziplib
COMMENT= Library for ZIP archive handling
LICENSE= gnu-lgpl-v2 OR mpl-1.1
diff --git a/archivers/zziplib/PLIST b/archivers/zziplib/PLIST
index ded6cd75809..1732764a532 100644
--- a/archivers/zziplib/PLIST
+++ b/archivers/zziplib/PLIST
@@ -1,11 +1,9 @@
-@comment $NetBSD: PLIST,v 1.7 2010/05/15 06:37:03 adam Exp $
+@comment $NetBSD: PLIST,v 1.8 2017/05/15 08:40:21 spz Exp $
bin/unzip-mem
bin/unzzip
-bin/unzzipcat
-bin/unzzipcat-mem
-bin/unzzipcat-seeko
-bin/unzzipdir
-bin/unzzipdir-mem
+bin/unzzip-big
+bin/unzzip-mem
+bin/unzzip-mix
bin/zzcat
bin/zzdir
bin/zzxorcat
diff --git a/archivers/zziplib/distinfo b/archivers/zziplib/distinfo
index f17d52e0dea..b5d0f91f4ae 100644
--- a/archivers/zziplib/distinfo
+++ b/archivers/zziplib/distinfo
@@ -1,11 +1,10 @@
-$NetBSD: distinfo,v 1.13 2017/02/25 12:16:44 kamil Exp $
+$NetBSD: distinfo,v 1.14 2017/05/15 08:40:21 spz Exp $
-SHA1 (zziplib-0.13.59.tar.bz2) = ddbce25cb36c3b4c2b892e2c8a88fa4a0be29a71
-RMD160 (zziplib-0.13.59.tar.bz2) = b96f547039ac005f6e9ca2cf92c388a077b9b21e
-SHA512 (zziplib-0.13.59.tar.bz2) = e417867abd2a35a896c0e04d06a841db3569923fea1fbbb5de615d3357d708cdf5b085c4391b14a0943d8c574100b50c3d0de1f827090ee442fb5bf4010e3c53
-Size (zziplib-0.13.59.tar.bz2) = 691000 bytes
-SHA1 (patch-aa) = e5687abbc3bbffa2b461f6e835baa18090e2c3a8
-SHA1 (patch-ba) = 1f680820112114534318ad46603992b16e183866
-SHA1 (patch-bb) = afdcf01c5aea03f7bfd61492acbe4f3743d50b0a
+SHA1 (zziplib-0.13.66.tar.gz) = ddd7b127a4435b278d5dd5f79ed272a632b5c307
+RMD160 (zziplib-0.13.66.tar.gz) = ca3915a2c0835aa0a4a1ebcb0d286b6402b389ae
+SHA512 (zziplib-0.13.66.tar.gz) = 893885d85293269fd8ff14d61eaae5f7d07689a16dd9c07c1ae8d46ea2b2f94a13d6aab19670efa7716cafe5e9f8efb1cbc1254bd9e860c836faa35736bdbe20
+Size (zziplib-0.13.66.tar.gz) = 1069837 bytes
+SHA1 (patch-aa) = 0dd9535effc69940bfc0853b85685e7ba5f4fb30
+SHA1 (patch-ba) = 84f36580cabf321dc6e58366e8bd07fac9fe277f
+SHA1 (patch-bb) = aeedbec78e30e7d28c02509c934947e6f0d50693
SHA1 (patch-bc) = 897a79994d90124972afdb9fa803e82520e6ae0e
-SHA1 (patch-zzip_zip.c) = bbceb2ed9cd80620a297d4b8c48624bb2824dafb
diff --git a/archivers/zziplib/patches/patch-aa b/archivers/zziplib/patches/patch-aa
index c6827b4530e..e09efe4a315 100644
--- a/archivers/zziplib/patches/patch-aa
+++ b/archivers/zziplib/patches/patch-aa
@@ -1,12 +1,12 @@
-$NetBSD: patch-aa,v 1.5 2015/12/08 11:13:04 jperkin Exp $
+$NetBSD: patch-aa,v 1.6 2017/05/15 08:40:21 spz Exp $
---- zzip/Makefile.in.orig 2010-03-29 19:40:50.000000000 +0000
+--- zzip/Makefile.in.orig 2017-04-23 23:46:28.000000000 +0000
+++ zzip/Makefile.in
-@@ -775,6 +775,7 @@ install-data-hook : install-zzipHEADERS
+@@ -892,6 +892,7 @@ install-data-hook : install-zzipHEADERS
$(DESTDIR)$(includedir)/zzip.h >$(DESTDIR)$(includedir)/zzip-io.h
install-exec-hook:
+xxx:
@ for i in . $(DESTDIR)$(libdir)/libzzip*.so.13 \
- ; do test -d $$i && continue ; lib=`basename "$$i" .so.13` \
- ; echo "$(DESTDIR)$(libdir): ln -s $$lib.so.13 $$lib.so.10" \
+ ; do test -d $$i && continue ; test -f $$i || continue \
+ ; lib=`basename "$$i" .so.13` \
diff --git a/archivers/zziplib/patches/patch-ba b/archivers/zziplib/patches/patch-ba
index 05598e12fbd..1697869714f 100644
--- a/archivers/zziplib/patches/patch-ba
+++ b/archivers/zziplib/patches/patch-ba
@@ -1,20 +1,25 @@
-$NetBSD: patch-ba,v 1.4 2015/12/08 11:13:04 jperkin Exp $
+$NetBSD: patch-ba,v 1.5 2017/05/15 08:40:21 spz Exp $
-Use $as_echo to support escape sequences correctly.
-
---- configure.orig 2010-03-29 19:24:41.000000000 +0000
+--- configure.orig 2017-04-23 23:46:28.000000000 +0000
+++ configure
-@@ -16257,7 +16257,7 @@ fi
- { $as_echo "$as_me:$LINENO: checking link options" >&5
- $as_echo_n "checking link options... " >&6; }
- ZZIPLIB_LDFLAGS=""
--test ".$can_build_shared" != ".no" && ZZIPLIB_LDFLAGS="--export-dynamic"
-+test ".$can_build_shared" != ".no" && ZZIPLIB_LDFLAGS="${EXPORT_SYMBOLS_LDFLAGS}"
- RESOLVES=" # "
- case "$host_os" in mingw*)
- ZZIPLIB_LDFLAGS="-no-undefined -export-all-symbols -mconsole"
-@@ -20218,24 +20220,24 @@ else
- { $as_echo "$as_me:$LINENO: creating $ac_prefix_conf_OUT - prefix $ac_prefix_conf_UPP for $ac_prefix_conf_INP defines" >&5
+@@ -13830,13 +13830,14 @@ case "$host_os" in mingw*)
+ ;; *)
+ if test ".$can_build_shared" != ".no" ; then
+ ZZIPLIB_LDFLAGS="-export-dynamic"
+- if test ".$lt_cv_prog_gnu_ld" == ".yes" ; then
++ if test ".$lt_cv_prog_gnu_ld" = ".yes" ; then
+ ZZIPLIB_LDFLAGS="${wl}--export-dynamic"
+ # TODO: that is for backward compatibility only
+ fi
+ fi
+ RESOLVES=" # "
+ ;; esac
++ZZIPLIB_LDFLAGS="${EXPORT_SYMBOLS_LDFLAGS}"
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ZZIPLIB_LDFLAGS $RESOLVES" >&5
+ $as_echo "$ZZIPLIB_LDFLAGS $RESOLVES" >&6; }
+
+@@ -17539,24 +17542,24 @@ else
+ { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_prefix_conf_OUT - prefix $ac_prefix_conf_UPP for $ac_prefix_conf_INP defines" >&5
$as_echo "$as_me: creating $ac_prefix_conf_OUT - prefix $ac_prefix_conf_UPP for $ac_prefix_conf_INP defines" >&6;}
if test -f $ac_prefix_conf_INP ; then
- echo "s/^#undef *\\([ABCDEFGHIJKLMNOPQRSTUVWXYZ_]\\)/#undef $ac_prefix_conf_UPP""_\\1/" > conftest.prefix
@@ -51,10 +56,10 @@ Use $as_echo to support escape sequences correctly.
+ $as_echo '/* once:' $ac_prefix_conf_DEF '*/' >>$tmp/pconfig.h
+ $as_echo "#endif" >>$tmp/pconfig.h
if cmp -s $ac_prefix_conf_OUT $tmp/pconfig.h 2>/dev/null; then
- { $as_echo "$as_me:$LINENO: $ac_prefix_conf_OUT is unchanged" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_prefix_conf_OUT is unchanged" >&5
$as_echo "$as_me: $ac_prefix_conf_OUT is unchanged" >&6;}
-@@ -20352,24 +20354,24 @@ else
- { $as_echo "$as_me:$LINENO: creating $ac_prefix_conf_OUT - prefix $ac_prefix_conf_UPP for $ac_prefix_conf_INP defines" >&5
+@@ -17629,24 +17632,24 @@ else
+ { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_prefix_conf_OUT - prefix $ac_prefix_conf_UPP for $ac_prefix_conf_INP defines" >&5
$as_echo "$as_me: creating $ac_prefix_conf_OUT - prefix $ac_prefix_conf_UPP for $ac_prefix_conf_INP defines" >&6;}
if test -f $ac_prefix_conf_INP ; then
- echo "s/^#undef *\\([ABCDEFGHIJKLMNOPQRSTUVWXYZ_]\\)/#undef $ac_prefix_conf_UPP""_\\1/" > conftest.prefix
@@ -91,5 +96,5 @@ Use $as_echo to support escape sequences correctly.
+ $as_echo '/* once:' $ac_prefix_conf_DEF '*/' >>$tmp/pconfig.h
+ $as_echo "#endif" >>$tmp/pconfig.h
if cmp -s $ac_prefix_conf_OUT $tmp/pconfig.h 2>/dev/null; then
- { $as_echo "$as_me:$LINENO: $ac_prefix_conf_OUT is unchanged" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_prefix_conf_OUT is unchanged" >&5
$as_echo "$as_me: $ac_prefix_conf_OUT is unchanged" >&6;}
diff --git a/archivers/zziplib/patches/patch-bb b/archivers/zziplib/patches/patch-bb
index 0712978f445..60819f210a7 100644
--- a/archivers/zziplib/patches/patch-bb
+++ b/archivers/zziplib/patches/patch-bb
@@ -1,13 +1,12 @@
-$NetBSD: patch-bb,v 1.3 2010/05/15 06:37:03 adam Exp $
+$NetBSD: patch-bb,v 1.4 2017/05/15 08:40:21 spz Exp $
---- configure.ac.orig 2010-03-29 19:24:17.000000000 +0000
+--- configure.ac.orig 2017-04-23 23:46:28.000000000 +0000
+++ configure.ac
-@@ -279,7 +279,7 @@ AC_SUBST(ZIPTESTS)
- # ---------------------------------------------------------------
- AC_MSG_CHECKING([link options])
- ZZIPLIB_LDFLAGS=""
--test ".$can_build_shared" != ".no" && ZZIPLIB_LDFLAGS="--export-dynamic"
-+test ".$can_build_shared" != ".no" && ZZIPLIB_LDFLAGS="${EXPORT_SYMBOLS_LDFLAGS}"
- RESOLVES=" # "
- case "$host_os" in mingw*)
- ZZIPLIB_LDFLAGS="-no-undefined -export-all-symbols -mconsole"
+@@ -308,6 +308,7 @@ case "$host_os" in mingw*)
+ # TODO: that is for backward compatibility only
+ fi
+ fi
++ ZZIPLIB_LDFLAGS="${EXPORT_SYMBOLS_LDFLAGS}"
+ RESOLVES=" # "
+ ;; esac
+ AC_MSG_RESULT([$ZZIPLIB_LDFLAGS $RESOLVES])
diff --git a/archivers/zziplib/patches/patch-zzip_zip.c b/archivers/zziplib/patches/patch-zzip_zip.c
deleted file mode 100644
index 4065f9e3c45..00000000000
--- a/archivers/zziplib/patches/patch-zzip_zip.c
+++ /dev/null
@@ -1,27 +0,0 @@
-$NetBSD: patch-zzip_zip.c,v 1.1 2017/02/25 12:16:44 kamil Exp $
-
-Fix inline function error reference:
-work/zziplib-0.13.59/zzip/.libs/libzzip.so: undefined reference to `__zzip_aligned4'
-
-Replace _zzip_inline with regular static inline.
-
---- zzip/zip.c.orig 2009-09-24 21:57:00.000000000 +0000
-+++ zzip/zip.c
-@@ -90,7 +90,7 @@ int __zzip_parse_root_directory(int fd,
- struct zzip_dir_hdr **hdr_return,
- zzip_plugin_io_t io);
-
--_zzip_inline char *__zzip_aligned4(char *p);
-+static inline char *__zzip_aligned4(char *p);
-
- /* ------------------------ harden routines ------------------------------ */
-
-@@ -377,7 +377,7 @@ __zzip_fetch_disk_trailer(int fd, zzip_o
- * to pointer types but we do need only the lower bits in this implementation,
- * so we can just cast the value to a long value.
- */
--_zzip_inline char *
-+static inline char *
- __zzip_aligned4(char *p)
- {
- #define aligned4 __zzip_aligned4