From 4b192070e9f314edac77c55e3be2e5014f16be3c Mon Sep 17 00:00:00 2001 From: gdt Date: Fri, 13 Jan 2012 01:14:56 +0000 Subject: Update to 1.9.1 (security fix): Release 1.9.1 (2012-01-12) -------------------------- Security-related Bugfix ''''''''''''''''''''''' - Fix flaw that would allow servers to cause undetected corruption when retrieving the contents of mutable files (both SDMF and MDMF). (`#1654`_) .. _`#1654`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1654 --- filesystems/tahoe-lafs/Makefile | 8 ++++++-- filesystems/tahoe-lafs/distinfo | 10 +++++----- filesystems/tahoe-lafs/patches/patch-aa | 17 +++++++++-------- 3 files changed, 20 insertions(+), 15 deletions(-) (limited to 'filesystems/tahoe-lafs') diff --git a/filesystems/tahoe-lafs/Makefile b/filesystems/tahoe-lafs/Makefile index 86d739c15e2..d0f8bff877c 100644 --- a/filesystems/tahoe-lafs/Makefile +++ b/filesystems/tahoe-lafs/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.9 2011/11/09 00:30:12 gdt Exp $ +# $NetBSD: Makefile,v 1.10 2012/01/13 01:14:56 gdt Exp $ # -VERSION= 1.9.0 +VERSION= 1.9.1 DISTNAME= allmydata-tahoe-${VERSION} EGG_NAME= allmydata_tahoe-${VERSION} PKGNAME= tahoe-lafs-${VERSION} @@ -45,11 +45,15 @@ DEPENDS+= ${PYPKGPREFIX}-cryptopp-[0-9]*:../../security/py-cryptopp DEPENDS+= ${PYPKGPREFIX}-OpenSSL-[0-9]*:../../security/py-OpenSSL DEPENDS+= ${PYPKGPREFIX}-nevow-[0-9]*:../../www/py-nevow +#1.9.1 seems ok +#BAD_DISTFILE_MODES=yes +.if defined(BAD_DISTFILE_MODES) # Distfile has files mode 600, which leads to root-owned 600 files in # the binary package. post-extract: ${ECHO} "Fixing distfile contents to be world readable:" chmod -R +r ${WRKSRC} +.endif REPLACE_PYTHON+= src/allmydata/reliability.py REPLACE_PYTHON+= src/allmydata/storage/shares.py diff --git a/filesystems/tahoe-lafs/distinfo b/filesystems/tahoe-lafs/distinfo index d95f8f8f19a..862e303199d 100644 --- a/filesystems/tahoe-lafs/distinfo +++ b/filesystems/tahoe-lafs/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.6 2011/11/09 00:30:12 gdt Exp $ +$NetBSD: distinfo,v 1.7 2012/01/13 01:14:56 gdt Exp $ -SHA1 (allmydata-tahoe-1.9.0.tar.bz2) = 10a3b21d63cf6bacded25c9e6cec35dff70add03 -RMD160 (allmydata-tahoe-1.9.0.tar.bz2) = c05a46937a47719bb3eaa0e676d508b84306aeee -Size (allmydata-tahoe-1.9.0.tar.bz2) = 1121903 bytes -SHA1 (patch-aa) = be8b873d419ae688fdcc9cf0efbb9269259ebd13 +SHA1 (allmydata-tahoe-1.9.1.tar.bz2) = c1e3802f893438e4fcc83f1c178d498027000bec +RMD160 (allmydata-tahoe-1.9.1.tar.bz2) = 3b934fe834c14a550b8df42e2a0856bcee214fcf +Size (allmydata-tahoe-1.9.1.tar.bz2) = 1126286 bytes +SHA1 (patch-aa) = 68f09259cd8e4aab5dd6c8a4fbac1aac6c159e23 diff --git a/filesystems/tahoe-lafs/patches/patch-aa b/filesystems/tahoe-lafs/patches/patch-aa index ec784cd53d2..5a5ffac414d 100644 --- a/filesystems/tahoe-lafs/patches/patch-aa +++ b/filesystems/tahoe-lafs/patches/patch-aa @@ -1,16 +1,17 @@ -$NetBSD: patch-aa,v 1.1 2010/12/04 01:58:57 gdt Exp $ +$NetBSD: patch-aa,v 1.2 2012/01/13 01:14:56 gdt Exp $ Upstream incorrectly installs test code. Patch from David-Sarah Hopwood (of upstream) in private mail. ---- setup.py.orig 2010-11-30 05:41:58.000000000 +0000 +--- setup.py.orig 2012-01-11 22:40:51.000000000 +0000 +++ setup.py -@@ -371,7 +371,7 @@ setup(name=APPNAME, - "sdist": MySdist, - }, - package_dir = {'':'src'}, -- packages=find_packages("src"), -+ packages=find_packages("src", exclude=["buildtest"]), +@@ -453,8 +453,7 @@ setup(name=APPNAME, + 'allmydata.test', + 'allmydata.util', + 'allmydata.web', +- 'allmydata.windows', +- 'buildtest'], ++ 'allmydata.windows'], classifiers=trove_classifiers, test_suite="allmydata.test", install_requires=install_requires, -- cgit v1.2.3