From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 83A1D139694 for ; Tue, 11 Jul 2017 21:54:38 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 03C632340B5; Tue, 11 Jul 2017 21:54:36 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id C825A2340B5 for ; Tue, 11 Jul 2017 21:54:35 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 90DCC341C12 for ; Tue, 11 Jul 2017 21:54:34 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 06B0074A8 for ; Tue, 11 Jul 2017 21:54:33 +0000 (UTC) From: "Michał Górny" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Michał Górny" Message-ID: <1499810060.89ee3377a67cf18832a0e6f577b14d84734944d6.mgorny@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: media-tv/kodi/, media-tv/kodi/files/ X-VCS-Repository: repo/gentoo X-VCS-Files: media-tv/kodi/files/kodi-17.3-unrar-vulnerability.patch media-tv/kodi/kodi-17.3-r1.ebuild X-VCS-Directories: media-tv/kodi/ media-tv/kodi/files/ X-VCS-Committer: mgorny X-VCS-Committer-Name: Michał Górny X-VCS-Revision: 89ee3377a67cf18832a0e6f577b14d84734944d6 X-VCS-Branch: master Date: Tue, 11 Jul 2017 21:54:33 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 45d77ff6-a085-41a0-aa81-82939e7cc9d5 X-Archives-Hash: b29bc95eb8cc8b254da5b440304f4d35 commit: 89ee3377a67cf18832a0e6f577b14d84734944d6 Author: Craig Andrews integralblue com> AuthorDate: Wed Jun 21 21:04:29 2017 +0000 Commit: Michał Górny gentoo org> CommitDate: Tue Jul 11 21:54:20 2017 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=89ee3377 media-tv/kodi: Fix VMSF_DELTA vulnerability in embedded UnRAR #622384 Package-Manager: Portage-2.3.6, Repoman-2.3.2 .../kodi/files/kodi-17.3-unrar-vulnerability.patch | 45 ++++ media-tv/kodi/kodi-17.3-r1.ebuild | 285 +++++++++++++++++++++ 2 files changed, 330 insertions(+) diff --git a/media-tv/kodi/files/kodi-17.3-unrar-vulnerability.patch b/media-tv/kodi/files/kodi-17.3-unrar-vulnerability.patch new file mode 100644 index 00000000000..95644d6921e --- /dev/null +++ b/media-tv/kodi/files/kodi-17.3-unrar-vulnerability.patch @@ -0,0 +1,45 @@ +See https://trac.kodi.tv/ticket/17510 +diff --git a/lib/UnrarXLib/rarvm.cpp b/lib/UnrarXLib/rarvm.cpp +index 901c35dcb4..42df0a0110 100644 +--- a/lib/UnrarXLib/rarvm.cpp ++++ b/lib/UnrarXLib/rarvm.cpp +@@ -873,14 +873,16 @@ void RarVM::ExecuteStandardFilter(VM_StandardFilters FilterType) + break; + case VMSF_DELTA: + { +- int DataSize=R[4],Channels=R[0],SrcPos=0,Border=DataSize*2; +- SET_VALUE(false,&Mem[VM_GLOBALMEMADDR+0x20],DataSize); +- if (DataSize>=VM_GLOBALMEMADDR/2) +- break; +- for (int CurChannel=0;CurChannelVM_MEMSIZE/2 || Channels>MAX3_UNPACK_CHANNELS || Channels==0) ++ break; ++ ++ // Bytes from same channels are grouped to continual data blocks, ++ // so we need to place them back to their interleaving positions. ++ for (uint CurChannel=0;CurChannel/dev/null || die + AT_NOELIBTOOLIZE="yes" AT_TOPLEVEL_EAUTORECONF="yes" eautoreconf + popd >/dev/null || die + done + elibtoolize + + # Prevent autoreconf rerun + sed -e 's/autoreconf -vif/echo "autoreconf already done in src_prepare()"/' -i \ + "${S}"/project/cmake/modules/FindCpluff.cmake \ + "${S}"/tools/depends/native/TexturePacker/src/autogen.sh \ + "${S}"/tools/depends/native/JsonSchemaBuilder/src/autogen.sh \ + || die +} + +src_configure() { + local mycmakeargs=( + -Ddocdir="${EPREFIX}/usr/share/doc/${PF}" + -DENABLE_LDGOLD=OFF # https://bugs.gentoo.org/show_bug.cgi?id=606124 + -DENABLE_ALSA=$(usex alsa) + -DENABLE_AIRTUNES=$(usex airplay) + -DENABLE_AVAHI=$(usex zeroconf) + -DENABLE_BLUETOOTH=$(usex bluetooth) + -DENABLE_BLURAY=$(usex bluray) + -DENABLE_CCACHE=OFF + -DENABLE_CEC=$(usex cec) + -DENABLE_DBUS=$(usex dbus) + -DENABLE_DVDCSS=$(usex css) + -DENABLE_INTERNAL_CROSSGUID=OFF + -DENABLE_INTERNAL_FFMPEG="$(usex !system-ffmpeg)" + -DENABLE_CAP=$(usex caps) + -DENABLE_LIRC=$(usex lirc) + -DENABLE_MICROHTTPD=$(usex webserver) + -DENABLE_MYSQLCLIENT=$(usex mysql) + -DENABLE_NFS=$(usex nfs) + -DENABLE_NONFREE=$(usex nonfree) + -DENABLE_OPENGLES=$(usex gles) + -DENABLE_OPENGL=$(usex opengl) + -DENABLE_OPENSSL=ON + -DENABLE_OPTICAL=$(usex dvd) + -DENABLE_PLIST=$(usex airplay) + -DENABLE_PULSEAUDIO=$(usex pulseaudio) + -DENABLE_SMBCLIENT=$(usex samba) + -DENABLE_SSH=$(usex sftp) + -DENABLE_UDEV=$(usex udev) + -DENABLE_UPNP=$(usex upnp) + -DENABLE_VAAPI=$(usex vaapi) + -DENABLE_VDPAU=$(usex vdpau) + -DENABLE_X11=$(usex X) + -DENABLE_XSLT=$(usex xslt) + -Dlibdvdread_URL="${DISTDIR}/libdvdread-${LIBDVDREAD_COMMIT}.tar.gz" + -Dlibdvdnav_URL="${DISTDIR}/libdvdnav-${LIBDVDNAV_COMMIT}.tar.gz" + -Dlibdvdcss_URL="${DISTDIR}/libdvdcss-${LIBDVDCSS_COMMIT}.tar.gz" + ) + + use libusb && mycmakeargs+=( -DENABLE_LIBUSB=$(usex libusb) ) + + use !system-ffmpeg && mycmakeargs+=( -DFFMPEG_URL="${DISTDIR}/ffmpeg-${PN}-${FFMPEG_VERSION}-${CODENAME}.tar.gz" ) + + cmake-utils_src_configure +} + +src_compile() { + cmake-utils_src_compile all $(usev test) +} + +src_install() { + cmake-utils_src_install + + pax-mark Em "${ED%/}"/usr/$(get_libdir)/${PN}/${PN}.bin + + rm "${ED%/}"/usr/share/doc/*/{LICENSE.GPL,copying.txt}* || die + + newicon media/icon48x48.png kodi.png + + # Replace bundled fonts with system ones. + rm "${ED%/}"/usr/share/kodi/addons/skin.estouchy/fonts/NotoSans-Regular.ttf || die + dosym ../../../../fonts/noto/NotoSans-Regular.ttf \ + usr/share/kodi/addons/skin.estouchy/fonts/NotoSans-Regular.ttf + + local f + for f in NotoMono-Regular.ttf NotoSans-Bold.ttf NotoSans-Regular.ttf ; do + rm "${ED%/}"/usr/share/kodi/addons/skin.estuary/fonts/"${f}" || die + dosym ../../../../fonts/noto/"${f}" \ + usr/share/kodi/addons/skin.estuary/fonts/"${f}" + done + + rm "${ED%/}"/usr/share/kodi/addons/skin.estuary/fonts/Roboto-Thin.ttf || die + dosym ../../../../fonts/roboto/Roboto-Thin.ttf \ + usr/share/kodi/addons/skin.estuary/fonts/Roboto-Thin.ttf + + python_domodule tools/EventClients/lib/python/xbmcclient.py + python_newscript "tools/EventClients/Clients/Kodi Send/kodi-send.py" kodi-send +}