[gentoo-commits] repo/gentoo:master commit in: app-arch/tar/files/, app-arch/tar/ - gentoo-commits

From:	Patrick McLean <chutzpah@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: app-arch/tar/files/, app-arch/tar/
Date:	Fri, 28 Oct 2016 17:56:55
Message-Id:	`1477677390.f79804de6297450e101d97411e7f74f06d22d787.chutzpah@gentoo`

1

commit:     f79804de6297450e101d97411e7f74f06d22d787

2

Author:     Patrick McLean <chutzpah <AT> gentoo <DOT> org>

3

AuthorDate: Fri Oct 28 17:56:30 2016 +0000

4

Commit:     Patrick McLean <chutzpah <AT> gentoo <DOT> org>

5

CommitDate: Fri Oct 28 17:56:30 2016 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f79804de

7

8

app-arch/tar: Revision bump to 1.29-r1 to add patch for CVE-2016-6321

9

10

Gentoo-Bug: 598334

11

12

Package-Manager: portage-2.3.2

13

14

 .../files/tar-1.29-extract-pathname-bypass.patch   | 27 ++++++++

15

 app-arch/tar/tar-1.29-r1.ebuild                    | 81 ++++++++++++++++++++++

16

 2 files changed, 108 insertions(+)

17

18

diff --git a/app-arch/tar/files/tar-1.29-extract-pathname-bypass.patch b/app-arch/tar/files/tar-1.29-extract-pathname-bypass.patch

19

new file mode 100644

20

index 00000000..6470fe0

21

--- /dev/null

22

+++ b/app-arch/tar/files/tar-1.29-extract-pathname-bypass.patch

23

@@ -0,0 +1,27 @@

24

+--- a/lib/paxnames.c	2016-04-06 00:04:47.314860045 +0300

25

++++ b/lib/paxnames.c	2016-04-06 02:08:44.962297881 +0300

26

+@@ -18,6 +18,7 @@

27

+ #include <system.h>

28

+ #include <hash.h>

29

+ #include <paxlib.h>

30

++#include <quotearg.h>

31

+

32

+

33

+ /* Hash tables of strings.  */

34

+@@ -114,7 +115,15 @@

35

+       for (p = file_name + prefix_len; *p; )

36

+ 	{

37

+           if (p[0] == '.' && p[1] == '.' && (ISSLASH (p[2]) || !p[2]))

38

+-	    prefix_len = p + 2 - file_name;

39

++            {

40

++	      static char const *const diagnostic[] =

41

++	      {

42

++		N_("%s: Member name contains '..'"),

43

++		N_("%s: Hard link target contains '..'")

44

++	      };

45

++	      ERROR ((0, 0, _(diagnostic[link_target]),

46

++	              quotearg_colon (file_name)));

47

++	    }

48

+

49

+ 	  do

50

+ 	    {

51

52

diff --git a/app-arch/tar/tar-1.29-r1.ebuild b/app-arch/tar/tar-1.29-r1.ebuild

53

new file mode 100644

54

index 00000000..138eccb

55

--- /dev/null

56

+++ b/app-arch/tar/tar-1.29-r1.ebuild

57

@@ -0,0 +1,81 @@

58

+# Copyright 1999-2016 Gentoo Foundation

59

+# Distributed under the terms of the GNU General Public License v2

60

+# $Id$

61

+

62

+EAPI=5

63

+

64

+inherit flag-o-matic eutils

65

+

66

+DESCRIPTION="Use this to make tarballs :)"

67

+HOMEPAGE="https://www.gnu.org/software/tar/"

68

+SRC_URI="mirror://gnu/tar/${P}.tar.bz2

69

+	mirror://gnu-alpha/tar/${P}.tar.bz2"

70

+

71

+LICENSE="GPL-3+"

72

+SLOT="0"

73

+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~hppa-hpux ~ia64-hpux ~x86-interix ~amd64-linux ~arm-linux ~ia64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"

74

+IUSE="acl elibc_glibc minimal nls selinux static userland_GNU xattr"

75

+

76

+RDEPEND="acl? ( virtual/acl )

77

+	selinux? ( sys-libs/libselinux )"

78

+DEPEND="${RDEPEND}

79

+	nls? ( >=sys-devel/gettext-0.10.35 )

80

+	xattr? ( elibc_glibc? ( sys-apps/attr ) )"

81

+

82

+PATCHES=(

83

+	"${FILESDIR}/${P}-extract-pathname-bypass.patch"

84

+)

85

+

86

+src_prepare() {

87

+	epatch "${PATCHES[@]}"

88

+	epatch_user

89

+

90

+	if ! use userland_GNU ; then

91

+		sed -i \

92

+			-e 's:/backup\.sh:/gbackup.sh:' \

93

+			scripts/{backup,dump-remind,restore}.in \

94

+			|| die "sed non-GNU"

95

+	fi

96

+}

97

+

98

+src_configure() {

99

+	use static && append-ldflags -static

100

+	FORCE_UNSAFE_CONFIGURE=1 \

101

+	econf \

102

+		--enable-backup-scripts \

103

+		--bindir="${EPREFIX}"/bin \

104

+		--libexecdir="${EPREFIX}"/usr/sbin \

105

+		$(usex userland_GNU "" "--program-prefix=g") \

106

+		$(use_with acl posix-acls) \

107

+		$(use_enable nls) \

108

+		$(use_with selinux) \

109

+		$(use_with xattr xattrs)

110

+}

111

+

112

+src_install() {

113

+	default

114

+

115

+	local p=$(usex userland_GNU "" "g")

116

+	if [[ -z ${p} ]] ; then

117

+		# a nasty yet required piece of baggage

118

+		exeinto /etc

119

+		doexe "${FILESDIR}"/rmt

120

+	fi

121

+

122

+	# autoconf looks for gtar before tar (in configure scripts), hence

123

+	# in Prefix it is important that it is there, otherwise, a gtar from

124

+	# the host system (FreeBSD, Solaris, Darwin) will be found instead

125

+	# of the Prefix provided (GNU) tar

126

+	if use prefix ; then

127

+		dosym tar /bin/gtar

128

+	fi

129

+

130

+	mv "${ED}"/usr/sbin/${p}backup{,-tar} || die

131

+	mv "${ED}"/usr/sbin/${p}restore{,-tar} || die

132

+

133

+	if use minimal ; then

134

+		find "${ED}"/etc "${ED}"/*bin/ "${ED}"/usr/*bin/ \

135

+			-type f -a '!' '(' -name tar -o -name ${p}tar ')' \

136

+			-delete || die

137

+	fi

138

+}

1	commit: f79804de6297450e101d97411e7f74f06d22d787
2	Author: Patrick McLean <chutzpah <AT> gentoo <DOT> org>
3	AuthorDate: Fri Oct 28 17:56:30 2016 +0000
4	Commit: Patrick McLean <chutzpah <AT> gentoo <DOT> org>
5	CommitDate: Fri Oct 28 17:56:30 2016 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f79804de
7
8	app-arch/tar: Revision bump to 1.29-r1 to add patch for CVE-2016-6321
9
10	Gentoo-Bug: 598334
11
12	Package-Manager: portage-2.3.2
13
14	.../files/tar-1.29-extract-pathname-bypass.patch \| 27 ++++++++
15	app-arch/tar/tar-1.29-r1.ebuild \| 81 ++++++++++++++++++++++
16	2 files changed, 108 insertions(+)
17
18	diff --git a/app-arch/tar/files/tar-1.29-extract-pathname-bypass.patch b/app-arch/tar/files/tar-1.29-extract-pathname-bypass.patch
19	new file mode 100644
20	index 00000000..6470fe0
21	--- /dev/null
22	+++ b/app-arch/tar/files/tar-1.29-extract-pathname-bypass.patch
23	@@ -0,0 +1,27 @@
24	+--- a/lib/paxnames.c 2016-04-06 00:04:47.314860045 +0300
25	++++ b/lib/paxnames.c 2016-04-06 02:08:44.962297881 +0300
26	+@@ -18,6 +18,7 @@
27	+ #include <system.h>
28	+ #include <hash.h>
29	+ #include <paxlib.h>
30	++#include <quotearg.h>
31	+
32	+
33	+ /* Hash tables of strings. */
34	+@@ -114,7 +115,15 @@
35	+ for (p = file_name + prefix_len; *p; )
36	+ {
37	+ if (p[0] == '.' && p[1] == '.' && (ISSLASH (p[2]) \|\| !p[2]))
38	+- prefix_len = p + 2 - file_name;
39	++ {
40	++ static char const *const diagnostic[] =
41	++ {
42	++ N_("%s: Member name contains '..'"),
43	++ N_("%s: Hard link target contains '..'")
44	++ };
45	++ ERROR ((0, 0, _(diagnostic[link_target]),
46	++ quotearg_colon (file_name)));
47	++ }
48	+
49	+ do
50	+ {
51
52	diff --git a/app-arch/tar/tar-1.29-r1.ebuild b/app-arch/tar/tar-1.29-r1.ebuild
53	new file mode 100644
54	index 00000000..138eccb
55	--- /dev/null
56	+++ b/app-arch/tar/tar-1.29-r1.ebuild
57	@@ -0,0 +1,81 @@
58	+# Copyright 1999-2016 Gentoo Foundation
59	+# Distributed under the terms of the GNU General Public License v2
60	+# $Id$
61	+
62	+EAPI=5
63	+
64	+inherit flag-o-matic eutils
65	+
66	+DESCRIPTION="Use this to make tarballs :)"
67	+HOMEPAGE="https://www.gnu.org/software/tar/"
68	+SRC_URI="mirror://gnu/tar/${P}.tar.bz2
69	+ mirror://gnu-alpha/tar/${P}.tar.bz2"
70	+
71	+LICENSE="GPL-3+"
72	+SLOT="0"
73	+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~hppa-hpux ~ia64-hpux ~x86-interix ~amd64-linux ~arm-linux ~ia64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
74	+IUSE="acl elibc_glibc minimal nls selinux static userland_GNU xattr"
75	+
76	+RDEPEND="acl? ( virtual/acl )
77	+ selinux? ( sys-libs/libselinux )"
78	+DEPEND="${RDEPEND}
79	+ nls? ( >=sys-devel/gettext-0.10.35 )
80	+ xattr? ( elibc_glibc? ( sys-apps/attr ) )"
81	+
82	+PATCHES=(
83	+ "${FILESDIR}/${P}-extract-pathname-bypass.patch"
84	+)
85	+
86	+src_prepare() {
87	+ epatch "${PATCHES[@]}"
88	+ epatch_user
89	+
90	+ if ! use userland_GNU ; then
91	+ sed -i \
92	+ -e 's:/backup\.sh:/gbackup.sh:' \
93	+ scripts/{backup,dump-remind,restore}.in \
94	+ \|\| die "sed non-GNU"
95	+ fi
96	+}
97	+
98	+src_configure() {
99	+ use static && append-ldflags -static
100	+ FORCE_UNSAFE_CONFIGURE=1 \
101	+ econf \
102	+ --enable-backup-scripts \
103	+ --bindir="${EPREFIX}"/bin \
104	+ --libexecdir="${EPREFIX}"/usr/sbin \
105	+ $(usex userland_GNU "" "--program-prefix=g") \
106	+ $(use_with acl posix-acls) \
107	+ $(use_enable nls) \
108	+ $(use_with selinux) \
109	+ $(use_with xattr xattrs)
110	+}
111	+
112	+src_install() {
113	+ default
114	+
115	+ local p=$(usex userland_GNU "" "g")
116	+ if [[ -z ${p} ]] ; then
117	+ # a nasty yet required piece of baggage
118	+ exeinto /etc
119	+ doexe "${FILESDIR}"/rmt
120	+ fi
121	+
122	+ # autoconf looks for gtar before tar (in configure scripts), hence
123	+ # in Prefix it is important that it is there, otherwise, a gtar from
124	+ # the host system (FreeBSD, Solaris, Darwin) will be found instead
125	+ # of the Prefix provided (GNU) tar
126	+ if use prefix ; then
127	+ dosym tar /bin/gtar
128	+ fi
129	+
130	+ mv "${ED}"/usr/sbin/${p}backup{,-tar} \|\| die
131	+ mv "${ED}"/usr/sbin/${p}restore{,-tar} \|\| die
132	+
133	+ if use minimal ; then
134	+ find "${ED}"/etc "${ED}"/bin/ "${ED}"/usr/bin/ \
135	+ -type f -a '!' '(' -name tar -o -name ${p}tar ')' \
136	+ -delete \|\| die
137	+ fi
138	+}

Gentoo Archives: gentoo-commits