1 |
commit: afadeba6e63ddab1366a03fe5253c5e6047e295d |
2 |
Author: Gokturk Yuksek <gokturk <AT> binghamton <DOT> edu> |
3 |
AuthorDate: Tue Dec 8 00:36:42 2015 +0000 |
4 |
Commit: Patrice Clement <monsieurp <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Dec 8 00:36:42 2015 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=afadeba6 |
7 |
|
8 |
net-fs/davfs2: remove vulnerable versions (CVE-2013-4362) #485232 |
9 |
|
10 |
<net-fs/davfs2-1.5.2 are vulnerable to insecure use of system(). The version |
11 |
1.5.2 has been stabilized (#564592). Remove old, vulnerable versions. |
12 |
|
13 |
Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=485232 |
14 |
Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=564592 |
15 |
|
16 |
Package-Manager: portage-2.2.24 |
17 |
|
18 |
net-fs/davfs2/Manifest | 2 - |
19 |
net-fs/davfs2/davfs2-1.4.5-r1.ebuild | 73 ------------------------- |
20 |
net-fs/davfs2/davfs2-1.4.7.ebuild | 63 --------------------- |
21 |
net-fs/davfs2/files/davfs2-1.4.5-glibc212.patch | 60 -------------------- |
22 |
net-fs/davfs2/files/davfs2-1.4.7-destdir.patch | 18 ------ |
23 |
5 files changed, 216 deletions(-) |
24 |
|
25 |
diff --git a/net-fs/davfs2/Manifest b/net-fs/davfs2/Manifest |
26 |
index 09cdbd8..2ceb54c 100644 |
27 |
--- a/net-fs/davfs2/Manifest |
28 |
+++ b/net-fs/davfs2/Manifest |
29 |
@@ -1,3 +1 @@ |
30 |
-DIST davfs2-1.4.5.tar.gz 429635 SHA256 28f0ce00ddaf1ab93aa9f39db8d9f932d194c676bc21c3c8c3e2bea7f21274de SHA512 0fd20e8aba8d236feec06b3f2184388691ee19a4e993cf543a2356feb9c25e1de41521c462bd01497f89ff4d16d0d3defb3227a64c0a490db2c0647e1391c9d1 WHIRLPOOL 955d98c0a2b49d5400971b9381d05f87c21420a5b52a4ef1ec330cfd6d4f451e56a6fa884164ed84dabae06aa29010df66ccd6e048e932d30e01545257152e31 |
31 |
-DIST davfs2-1.4.7.tar.gz 444398 SHA256 50c0ee2a12e8d09fc6a852d32bdfebb1f784939433a85f05254bc7ef28cff044 SHA512 6754d08cdfcceea47a4248fb05a6f5a1907acbc9a6c0ab175dce640b160ee24b7efdf9da38be1cc8bd6dbb0825c88a7017a3534a7c3188860dcd1bef12a5d4ae WHIRLPOOL f4c44ccc1fbd146f563605b2290068b549f6dcf247224685f2efaf9cda91a947a45dceed17d3d585407dc8e4ffa85c933d6eb5b4e78e0f00bd18cfbd53f52c7d |
32 |
DIST davfs2-1.5.2.tar.gz 464458 SHA256 be34a19ab57a6ea77ecb82083e9e4c1882e12b2de64257de567ad5ee7a17b358 SHA512 c912049e23b76bda19c2ae2d07bc2b1da7ed9bf82b338c57c0f9fb8a3144cbbb52a0e8f8c2f8996342c7aa434470d062996c30bbbe0f1c6623c81af6414fbb45 WHIRLPOOL b1147d93f188635293726cad27a5ef8f79ab4dd102c59143c7bffef26f513633ca16f4328b053cc4c430fa9112dbbf468e0d199695225bbe6ca8c9e92a96b633 |
33 |
|
34 |
diff --git a/net-fs/davfs2/davfs2-1.4.5-r1.ebuild b/net-fs/davfs2/davfs2-1.4.5-r1.ebuild |
35 |
deleted file mode 100644 |
36 |
index bd443b7..0000000 |
37 |
--- a/net-fs/davfs2/davfs2-1.4.5-r1.ebuild |
38 |
+++ /dev/null |
39 |
@@ -1,73 +0,0 @@ |
40 |
-# Copyright 1999-2014 Gentoo Foundation |
41 |
-# Distributed under the terms of the GNU General Public License v2 |
42 |
-# $Id$ |
43 |
- |
44 |
-EAPI="2" |
45 |
- |
46 |
-inherit autotools eutils linux-mod user |
47 |
- |
48 |
-DESCRIPTION="Linux FUSE (or coda) driver that allows you to mount a WebDAV resource" |
49 |
-HOMEPAGE="http://savannah.nongnu.org/projects/davfs2" |
50 |
-SRC_URI="http://mirror.lihnidos.org/GNU/savannah/davfs2/${P}.tar.gz" |
51 |
- |
52 |
-LICENSE="GPL-2" |
53 |
-SLOT="0" |
54 |
-KEYWORDS="amd64 ppc x86" |
55 |
-IUSE="" |
56 |
-RESTRICT="test" |
57 |
- |
58 |
-DEPEND="dev-libs/libxml2 |
59 |
- net-libs/neon |
60 |
- sys-libs/zlib" |
61 |
-RDEPEND="${DEPEND}" |
62 |
- |
63 |
-pkg_setup() { |
64 |
- enewgroup davfs2 |
65 |
-} |
66 |
- |
67 |
-src_prepare() { |
68 |
- epatch "${FILESDIR}"/${P}-glibc212.patch |
69 |
- sed -e "s/^NE_REQUIRE_VERSIONS.*29/& 30/" -i configure.ac |
70 |
- eautoreconf |
71 |
-} |
72 |
- |
73 |
-src_configure() { |
74 |
- econf --enable-largefile |
75 |
-} |
76 |
- |
77 |
-src_compile() { |
78 |
- emake || die "emake failed" |
79 |
-} |
80 |
- |
81 |
-src_install() { |
82 |
- emake DESTDIR="${D}" install || die "emake install failed" |
83 |
- dodoc AUTHORS BUGS ChangeLog FAQ NEWS README README.translators THANKS TODO |
84 |
- |
85 |
- # Remove wrong locations created by install. |
86 |
- rm -fr "${D}/usr/share/doc/davfs2" |
87 |
- rm -fr "${D}/usr/share/davfs2" |
88 |
- |
89 |
- dodir /var/run/mount.davfs |
90 |
- keepdir /var/run/mount.davfs |
91 |
- fowners root:davfs2 /var/run/mount.davfs |
92 |
- fperms 1774 /var/run/mount.davfs |
93 |
- |
94 |
- # Ignore nobody's home |
95 |
- cat>>"${D}/etc/davfs2/davfs2.conf"<<EOF |
96 |
- |
97 |
-# nobody is a system account in Gentoo |
98 |
-ignore_home nobody |
99 |
-EOF |
100 |
-} |
101 |
- |
102 |
-pkg_postinst() { |
103 |
- elog |
104 |
- elog "Quick setup:" |
105 |
- elog " (as root)" |
106 |
- elog " # gpasswd -a \${your_user} davfs2" |
107 |
- elog " # echo 'http://path/to/dav /home/\${your_user}/dav davfs rw,user,noauto 0 0' >> /etc/fstab" |
108 |
- elog " (as user)" |
109 |
- elog " # mkdir -p ~/dav" |
110 |
- elog " \$ mount ~/dav" |
111 |
- elog |
112 |
-} |
113 |
|
114 |
diff --git a/net-fs/davfs2/davfs2-1.4.7.ebuild b/net-fs/davfs2/davfs2-1.4.7.ebuild |
115 |
deleted file mode 100644 |
116 |
index cde2025..0000000 |
117 |
--- a/net-fs/davfs2/davfs2-1.4.7.ebuild |
118 |
+++ /dev/null |
119 |
@@ -1,63 +0,0 @@ |
120 |
-# Copyright 1999-2014 Gentoo Foundation |
121 |
-# Distributed under the terms of the GNU General Public License v2 |
122 |
-# $Id$ |
123 |
- |
124 |
-EAPI=4 |
125 |
- |
126 |
-inherit autotools eutils linux-mod user |
127 |
- |
128 |
-DESCRIPTION="Linux FUSE (or coda) driver that allows you to mount a WebDAV resource" |
129 |
-HOMEPAGE="http://savannah.nongnu.org/projects/davfs2" |
130 |
-SRC_URI="http://mirror.lihnidos.org/GNU/savannah/davfs2/${P}.tar.gz" |
131 |
- |
132 |
-LICENSE="GPL-2" |
133 |
-SLOT="0" |
134 |
-KEYWORDS="amd64 ppc x86" |
135 |
-IUSE="" |
136 |
-RESTRICT="test" |
137 |
- |
138 |
-DEPEND="dev-libs/libxml2 |
139 |
- net-libs/neon |
140 |
- sys-libs/zlib" |
141 |
-RDEPEND="${DEPEND}" |
142 |
- |
143 |
-pkg_setup() { |
144 |
- enewgroup davfs2 |
145 |
-} |
146 |
- |
147 |
-src_prepare() { |
148 |
- epatch "${FILESDIR}"/${P}-destdir.patch # fixed in 1.4.7+ upstream |
149 |
- sed -e "s/^NE_REQUIRE_VERSIONS.*29/& 30/" -i configure.ac |
150 |
- eautoreconf |
151 |
-} |
152 |
- |
153 |
-src_configure() { |
154 |
- econf dav_user=nobody --enable-largefile --docdir=/usr/share/doc/${P} |
155 |
-} |
156 |
- |
157 |
-src_compile() { |
158 |
- emake |
159 |
-} |
160 |
- |
161 |
-src_install() { |
162 |
- emake DESTDIR="${D}" install |
163 |
-# dodoc AUTHORS BUGS ChangeLog FAQ NEWS README README.translators THANKS TODO |
164 |
- |
165 |
- dodir /var/run/mount.davfs |
166 |
- keepdir /var/run/mount.davfs |
167 |
- fowners root:davfs2 /var/run/mount.davfs |
168 |
- fperms 1774 /var/run/mount.davfs |
169 |
- |
170 |
-} |
171 |
- |
172 |
-pkg_postinst() { |
173 |
- elog |
174 |
- elog "Quick setup:" |
175 |
- elog " (as root)" |
176 |
- elog " # gpasswd -a \${your_user} davfs2" |
177 |
- elog " # echo 'http://path/to/dav /home/\${your_user}/dav davfs rw,user,noauto 0 0' >> /etc/fstab" |
178 |
- elog " (as user)" |
179 |
- elog " # mkdir -p ~/dav" |
180 |
- elog " \$ mount ~/dav" |
181 |
- elog |
182 |
-} |
183 |
|
184 |
diff --git a/net-fs/davfs2/files/davfs2-1.4.5-glibc212.patch b/net-fs/davfs2/files/davfs2-1.4.5-glibc212.patch |
185 |
deleted file mode 100644 |
186 |
index cd7cde3..0000000 |
187 |
--- a/net-fs/davfs2/files/davfs2-1.4.5-glibc212.patch |
188 |
+++ /dev/null |
189 |
@@ -1,60 +0,0 @@ |
190 |
-http://bugs.gentoo.org/332865 |
191 |
-https://savannah.nongnu.org/bugs/?28916 |
192 |
- |
193 |
---- src/dav_coda.c |
194 |
-+++ src/dav_coda.c |
195 |
-@@ -52,6 +52,9 @@ |
196 |
- #ifdef HAVE_SYS_TYPES_H |
197 |
- #include <sys/types.h> |
198 |
- #endif |
199 |
-+#ifdef HAVE_SYS_STAT_H |
200 |
-+#include <sys/stat.h> |
201 |
-+#endif |
202 |
- |
203 |
- #include "defaults.h" |
204 |
- #include "mount_davfs.h" |
205 |
---- src/dav_fuse.c |
206 |
-+++ src/dav_fuse.c |
207 |
-@@ -41,6 +41,12 @@ |
208 |
- #ifdef HAVE_UNISTD_H |
209 |
- #include <unistd.h> |
210 |
- #endif |
211 |
-+#ifdef HAVE_SYS_TYPES_H |
212 |
-+#include <sys/types.h> |
213 |
-+#endif |
214 |
-+#ifdef HAVE_SYS_STAT_H |
215 |
-+#include <sys/stat.h> |
216 |
-+#endif |
217 |
- |
218 |
- #include "defaults.h" |
219 |
- #include "mount_davfs.h" |
220 |
---- src/kernel_interface.c |
221 |
-+++ src/kernel_interface.c |
222 |
-@@ -44,6 +44,12 @@ |
223 |
- #ifdef HAVE_UNISTD_H |
224 |
- #include <unistd.h> |
225 |
- #endif |
226 |
-+#ifdef HAVE_SYS_TYPES_H |
227 |
-+#include <sys/types.h> |
228 |
-+#endif |
229 |
-+#ifdef HAVE_SYS_STAT_H |
230 |
-+#include <sys/stat.h> |
231 |
-+#endif |
232 |
- |
233 |
- #ifdef HAVE_SYS_MOUNT_H |
234 |
- #include <sys/mount.h> |
235 |
---- src/webdav.c |
236 |
-+++ src/webdav.c |
237 |
-@@ -47,6 +47,12 @@ |
238 |
- #ifdef HAVE_UNISTD_H |
239 |
- #include <unistd.h> |
240 |
- #endif |
241 |
-+#ifdef HAVE_SYS_TYPES_H |
242 |
-+#include <sys/types.h> |
243 |
-+#endif |
244 |
-+#ifdef HAVE_SYS_STAT_H |
245 |
-+#include <sys/stat.h> |
246 |
-+#endif |
247 |
- |
248 |
- #include <ne_alloc.h> |
249 |
- #include <ne_auth.h> |
250 |
|
251 |
diff --git a/net-fs/davfs2/files/davfs2-1.4.7-destdir.patch b/net-fs/davfs2/files/davfs2-1.4.7-destdir.patch |
252 |
deleted file mode 100644 |
253 |
index 40dbd95..0000000 |
254 |
--- a/net-fs/davfs2/files/davfs2-1.4.7-destdir.patch |
255 |
+++ /dev/null |
256 |
@@ -1,18 +0,0 @@ |
257 |
-https://bugs.gentoo.org/384703 |
258 |
-Patch by Jeroen Roovers |
259 |
- |
260 |
-https://savannah.nongnu.org/support/?108104 |
261 |
- |
262 |
---- a/src/Makefile.am |
263 |
-+++ b/src/Makefile.am |
264 |
-@@ -51,8 +51,8 @@ |
265 |
- chmod u+s $(DESTDIR)$(sbindir)/mount.davfs; \ |
266 |
- if test "$(sbindir)" != "$(ssbindir)"; then \ |
267 |
- $(mkinstalldirs) $(DESTDIR)$(ssbindir); \ |
268 |
-- $(LN_S) -f $(DESTDIR)$(sbindir)/mount.davfs $(DESTDIR)$(ssbindir)/mount.davfs; \ |
269 |
-- $(LN_S) -f $(DESTDIR)$(sbindir)/umount.davfs $(DESTDIR)$(ssbindir)/umount.davfs; \ |
270 |
-+ $(LN_S) -f $(sbindir)/mount.davfs $(DESTDIR)$(ssbindir)/mount.davfs; \ |
271 |
-+ $(LN_S) -f $(sbindir)/umount.davfs $(DESTDIR)$(ssbindir)/umount.davfs; \ |
272 |
- fi |
273 |
- |
274 |
- uninstall-hook: |