Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Michał Górny" <mgorny@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: sys-libs/cracklib/, sys-libs/cracklib/files/
Date: Fri, 01 Jan 2021 02:03:07
Message-Id: 1609466359.94556668d117a3c7d2e140da3d6e09f7af8c652d.mgorny@gentoo
1 commit: 94556668d117a3c7d2e140da3d6e09f7af8c652d
2 Author: Michał Górny <mgorny <AT> gentoo <DOT> org>
3 AuthorDate: Fri Jan 1 01:59:19 2021 +0000
4 Commit: Michał Górny <mgorny <AT> gentoo <DOT> org>
5 CommitDate: Fri Jan 1 01:59:19 2021 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=94556668
7
8 sys-libs/cracklib: Remove old (py3.6)
9
10 Signed-off-by: Michał Górny <mgorny <AT> gentoo.org>
11
12 sys-libs/cracklib/Manifest | 1 -
13 sys-libs/cracklib/cracklib-2.9.6-r2.ebuild | 112 ---------------------
14 .../files/cracklib-2.9.6-CVE-2016-6318.patch | 108 --------------------
15 ...acklib-2.9.6-fix-long-word-bufferoverflow.patch | 43 --------
16 4 files changed, 264 deletions(-)
17
18 diff --git a/sys-libs/cracklib/Manifest b/sys-libs/cracklib/Manifest
19 index 18189ac7299..a5075441267 100644
20 --- a/sys-libs/cracklib/Manifest
21 +++ b/sys-libs/cracklib/Manifest
22 @@ -1,2 +1 @@
23 -DIST cracklib-2.9.6.tar.gz 642402 BLAKE2B 4d7a0d12d1e7101c82d03f76e073407481078747c283fe3251f947542017fff03fbc5e98505c6a7a8987a2bbcea99dab558c15b1eb8fd16755859ce5a4440ed2 SHA512 2b09672e5b412d670e7ed911ebf0c0023fe2901ea05c9c02eefb7a58a13cddbc27a65d75bb20be9f8cebf4c90a9a56dfe1a3b656dff62b1d6048f5376e671786
24 DIST cracklib-2.9.7.tar.bz2 603630 BLAKE2B 81a45b2fb9f34da84d4fb864e1a9f67a4b22c246f1e4db1c599a555f79d560a04d95afb01a89cd3a2e0936f0e8fc51ff5ada26098c24d7af0777a94f51b82bbd SHA512 f6bf65ac092ba46ff78ddbc115692260fb76dc71219cd679d2ea935ebfb9e709fbb30259a7406743ed00dbdc415335b3ac9d9fcba1d204ea36d5eb96bf1333a2
25
26 diff --git a/sys-libs/cracklib/cracklib-2.9.6-r2.ebuild b/sys-libs/cracklib/cracklib-2.9.6-r2.ebuild
27 deleted file mode 100644
28 index d1882f16518..00000000000
29 --- a/sys-libs/cracklib/cracklib-2.9.6-r2.ebuild
30 +++ /dev/null
31 @@ -1,112 +0,0 @@
32 -# Copyright 1999-2020 Gentoo Authors
33 -# Distributed under the terms of the GNU General Public License v2
34 -
35 -EAPI=6
36 -
37 -PYTHON_COMPAT=( python3_6 )
38 -DISTUTILS_OPTIONAL=1
39 -
40 -inherit distutils-r1 libtool multilib-minimal toolchain-funcs usr-ldscript
41 -
42 -MY_P=${P/_}
43 -DESCRIPTION="Password Checking Library"
44 -HOMEPAGE="https://github.com/cracklib/cracklib/"
45 -# source tarballs on GitHub lack pre-generated configure script.
46 -#SRC_URI="https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
47 -SRC_URI="https://dev.gentoo.org/~polynomial-c/dist/${P}.tar.gz"
48 -
49 -LICENSE="LGPL-2.1"
50 -SLOT="0"
51 -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 s390 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos"
52 -IUSE="nls python static-libs zlib"
53 -REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
54 -
55 -RDEPEND="python? ( ${PYTHON_DEPS} )
56 - zlib? ( >=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}] )"
57 -DEPEND="${RDEPEND}
58 - python? (
59 - dev-python/setuptools[${PYTHON_USEDEP}]
60 - )"
61 -
62 -S="${WORKDIR}/${MY_P}"
63 -
64 -PATCHES=(
65 - "${FILESDIR}"/cracklib-2.9.6-CVE-2016-6318.patch
66 - "${FILESDIR}"/cracklib-2.9.6-fix-long-word-bufferoverflow.patch
67 -)
68 -
69 -do_python() {
70 - multilib_is_native_abi || return 0
71 - use python || return 0
72 - pushd python > /dev/null || die
73 - distutils-r1_src_${EBUILD_PHASE}
74 - popd > /dev/null
75 -}
76 -
77 -pkg_setup() {
78 - # workaround #195017
79 - if has unmerge-orphans ${FEATURES} && has_version "<${CATEGORY}/${PN}-2.8.10" ; then
80 - eerror "Upgrade path is broken with FEATURES=unmerge-orphans"
81 - eerror "Please run: FEATURES=-unmerge-orphans emerge cracklib"
82 - die "Please run: FEATURES=-unmerge-orphans emerge cracklib"
83 - fi
84 -}
85 -
86 -src_prepare() {
87 - eapply -p2 "${PATCHES[@]}"
88 - eapply_user
89 - elibtoolize #269003
90 - do_python
91 -}
92 -
93 -multilib_src_configure() {
94 - local myeconfargs=(
95 - # use /usr/lib so that the dictionary is shared between ABIs
96 - --with-default-dict='/usr/lib/cracklib_dict'
97 - --without-python
98 - $(use_enable nls)
99 - $(use_enable static-libs static)
100 - )
101 - export ac_cv_header_zlib_h=$(usex zlib)
102 - export ac_cv_search_gzopen=$(usex zlib -lz no)
103 - ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
104 -}
105 -
106 -multilib_src_compile() {
107 - default
108 - do_python
109 -}
110 -
111 -multilib_src_test() {
112 - # Make sure we load the freshly built library
113 - LD_LIBRARY_PATH="${BUILD_DIR}/lib/.libs" do_python
114 -}
115 -
116 -python_test() {
117 - ${EPYTHON} -m unittest test_cracklib || die "Tests fail with ${EPYTHON}"
118 -}
119 -
120 -multilib_src_install() {
121 - default
122 - # move shared libs to /
123 - gen_usr_ldscript -a crack
124 -
125 - do_python
126 -}
127 -
128 -multilib_src_install_all() {
129 - einstalldocs
130 - find "${ED}" -name "*.la" -delete || die
131 - rm -r "${ED%/}"/usr/share/cracklib || die
132 -
133 - insinto /usr/share/dict
134 - doins dicts/cracklib-small
135 -}
136 -
137 -pkg_postinst() {
138 - if [[ ${ROOT} == "/" ]] ; then
139 - ebegin "Regenerating cracklib dictionary"
140 - create-cracklib-dict "${EPREFIX}"/usr/share/dict/* > /dev/null
141 - eend $?
142 - fi
143 -}
144
145 diff --git a/sys-libs/cracklib/files/cracklib-2.9.6-CVE-2016-6318.patch b/sys-libs/cracklib/files/cracklib-2.9.6-CVE-2016-6318.patch
146 deleted file mode 100644
147 index bc47734759e..00000000000
148 --- a/sys-libs/cracklib/files/cracklib-2.9.6-CVE-2016-6318.patch
149 +++ /dev/null
150 @@ -1,108 +0,0 @@
151 -From 47e5dec521ab6243c9b249dd65b93d232d90d6b1 Mon Sep 17 00:00:00 2001
152 -From: Jan Dittberner <jan@××××××××××.info>
153 -Date: Thu, 25 Aug 2016 17:13:49 +0200
154 -Subject: [PATCH] Apply patch to fix CVE-2016-6318
155 -
156 -This patch fixes an issue with a stack-based buffer overflow whne
157 -parsing large GECOS field. See
158 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6318 and
159 -https://security-tracker.debian.org/tracker/CVE-2016-6318 for more
160 -information.
161 ----
162 - src/NEWS | 1 +
163 - src/lib/fascist.c | 57 ++++++++++++++++++++++++++++++++-----------------------
164 - 2 files changed, 34 insertions(+), 24 deletions(-)
165 -
166 -diff --git a/src/NEWS b/src/NEWS
167 -index 26abeee..361a207 100644
168 ---- a/src/NEWS
169 -+++ b/src/NEWS
170 -@@ -1,3 +1,4 @@
171 -+v2.9.x apply patch to fix CVE-2016-6318 Stack-based buffer overflow when parsing large GECOS field
172 - v2.9.6 updates to cracklib-words to add a bunch of other dictionary lists
173 - migration to github
174 - patch to add some particularly bad cases to the cracklib small dictionary (Matthew Miller)
175 -diff --git a/src/lib/fascist.c b/src/lib/fascist.c
176 -index a996509..d4deb15 100644
177 ---- a/src/lib/fascist.c
178 -+++ b/src/lib/fascist.c
179 -@@ -502,7 +502,7 @@ FascistGecosUser(char *password, const char *user, const char *gecos)
180 - char gbuffer[STRINGSIZE];
181 - char tbuffer[STRINGSIZE];
182 - char *uwords[STRINGSIZE];
183 -- char longbuffer[STRINGSIZE * 2];
184 -+ char longbuffer[STRINGSIZE];
185 -
186 - if (gecos == NULL)
187 - gecos = "";
188 -@@ -583,38 +583,47 @@ FascistGecosUser(char *password, const char *user, const char *gecos)
189 - {
190 - for (i = 0; i < j; i++)
191 - {
192 -- strcpy(longbuffer, uwords[i]);
193 -- strcat(longbuffer, uwords[j]);
194 --
195 -- if (GTry(longbuffer, password))
196 -+ if (strlen(uwords[i]) + strlen(uwords[j]) < STRINGSIZE)
197 - {
198 -- return _("it is derived from your password entry");
199 -- }
200 -+ strcpy(longbuffer, uwords[i]);
201 -+ strcat(longbuffer, uwords[j]);
202 -
203 -- strcpy(longbuffer, uwords[j]);
204 -- strcat(longbuffer, uwords[i]);
205 -+ if (GTry(longbuffer, password))
206 -+ {
207 -+ return _("it is derived from your password entry");
208 -+ }
209 -
210 -- if (GTry(longbuffer, password))
211 -- {
212 -- return _("it's derived from your password entry");
213 -- }
214 -+ strcpy(longbuffer, uwords[j]);
215 -+ strcat(longbuffer, uwords[i]);
216 -
217 -- longbuffer[0] = uwords[i][0];
218 -- longbuffer[1] = '\0';
219 -- strcat(longbuffer, uwords[j]);
220 -+ if (GTry(longbuffer, password))
221 -+ {
222 -+ return _("it's derived from your password entry");
223 -+ }
224 -+ }
225 -
226 -- if (GTry(longbuffer, password))
227 -+ if (strlen(uwords[j]) < STRINGSIZE - 1)
228 - {
229 -- return _("it is derivable from your password entry");
230 -+ longbuffer[0] = uwords[i][0];
231 -+ longbuffer[1] = '\0';
232 -+ strcat(longbuffer, uwords[j]);
233 -+
234 -+ if (GTry(longbuffer, password))
235 -+ {
236 -+ return _("it is derivable from your password entry");
237 -+ }
238 - }
239 -
240 -- longbuffer[0] = uwords[j][0];
241 -- longbuffer[1] = '\0';
242 -- strcat(longbuffer, uwords[i]);
243 --
244 -- if (GTry(longbuffer, password))
245 -+ if (strlen(uwords[i]) < STRINGSIZE - 1)
246 - {
247 -- return _("it's derivable from your password entry");
248 -+ longbuffer[0] = uwords[j][0];
249 -+ longbuffer[1] = '\0';
250 -+ strcat(longbuffer, uwords[i]);
251 -+
252 -+ if (GTry(longbuffer, password))
253 -+ {
254 -+ return _("it's derivable from your password entry");
255 -+ }
256 - }
257 - }
258 - }
259
260 diff --git a/sys-libs/cracklib/files/cracklib-2.9.6-fix-long-word-bufferoverflow.patch b/sys-libs/cracklib/files/cracklib-2.9.6-fix-long-word-bufferoverflow.patch
261 deleted file mode 100644
262 index 59dc9e539eb..00000000000
263 --- a/sys-libs/cracklib/files/cracklib-2.9.6-fix-long-word-bufferoverflow.patch
264 +++ /dev/null
265 @@ -1,43 +0,0 @@
266 -From 33d7fa4585247cd2247a1ffa032ad245836c6edb Mon Sep 17 00:00:00 2001
267 -From: Jan Dittberner <jan@××××××××××.info>
268 -Date: Thu, 25 Aug 2016 17:17:53 +0200
269 -Subject: [PATCH] Fix a buffer overflow processing long words
270 -
271 -A buffer overflow processing long words has been discovered. This commit
272 -applies the patch from
273 -https://build.opensuse.org/package/view_file/Base:System/cracklib/0004-overflow-processing-long-words.patch
274 -by Howard Guo.
275 -
276 -See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=835386 and
277 -http://www.openwall.com/lists/oss-security/2016/08/23/8
278 ----
279 - src/NEWS | 1 +
280 - src/lib/rules.c | 5 ++---
281 - 2 files changed, 3 insertions(+), 3 deletions(-)
282 -
283 -diff --git a/src/NEWS b/src/NEWS
284 -index 361a207..f1df3b0 100644
285 ---- a/src/NEWS
286 -+++ b/src/NEWS
287 -@@ -1,4 +1,5 @@
288 - v2.9.x apply patch to fix CVE-2016-6318 Stack-based buffer overflow when parsing large GECOS field
289 -+ fix a buffer overflow processing long words
290 - v2.9.6 updates to cracklib-words to add a bunch of other dictionary lists
291 - migration to github
292 - patch to add some particularly bad cases to the cracklib small dictionary (Matthew Miller)
293 -diff --git a/src/lib/rules.c b/src/lib/rules.c
294 -index d193cc0..3a2aa46 100644
295 ---- a/src/lib/rules.c
296 -+++ b/src/lib/rules.c
297 -@@ -434,9 +434,8 @@ Mangle(input, control) /* returns a pointer to a controlled Mangle */
298 - {
299 - int limit;
300 - register char *ptr;
301 -- static char area[STRINGSIZE];
302 -- char area2[STRINGSIZE];
303 -- area[0] = '\0';
304 -+ static char area[STRINGSIZE * 2] = {0};
305 -+ char area2[STRINGSIZE * 2] = {0};
306 - strcpy(area, input);
307 -
308 - for (ptr = control; *ptr; ptr++)
Report Message
Find on MARC Find on Google Groups