* [gentoo-commits] repo/gentoo:master commit in: dev-libs/libtasn1/files/, dev-libs/libtasn1/
@ 2017-09-03 22:19 Alon Bar-Lev
0 siblings, 0 replies; 7+ messages in thread
From: Alon Bar-Lev @ 2017-09-03 22:19 UTC (permalink / raw
To: gentoo-commits
commit: 4017809b1df76179561d99b69349935dbdd1dae7
Author: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
AuthorDate: Sun Sep 3 22:12:32 2017 +0000
Commit: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
CommitDate: Sun Sep 3 22:17:57 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4017809b
dev-libs/libtasn1: CVE-2017-10790
Package-Manager: Portage-2.3.6, Repoman-2.3.1
.../files/libtasn1-4.12-CVE-2017-10790.patch | 55 ++++++++++++++++++++++
dev-libs/libtasn1/libtasn1-4.12-r1.ebuild | 54 +++++++++++++++++++++
2 files changed, 109 insertions(+)
diff --git a/dev-libs/libtasn1/files/libtasn1-4.12-CVE-2017-10790.patch b/dev-libs/libtasn1/files/libtasn1-4.12-CVE-2017-10790.patch
new file mode 100644
index 00000000000..eb752c20a9b
--- /dev/null
+++ b/dev-libs/libtasn1/files/libtasn1-4.12-CVE-2017-10790.patch
@@ -0,0 +1,55 @@
+From d8d805e1f2e6799bb2dff4871a8598dc83088a39 Mon Sep 17 00:00:00 2001
+From: Nikos Mavrogiannopoulos <nmav@redhat.com>
+Date: Thu, 22 Jun 2017 16:31:37 +0200
+Subject: [PATCH] _asn1_check_identifier: safer access to values read
+
+Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
+---
+ lib/parser_aux.c | 17 ++++++++++++-----
+ 1 file changed, 12 insertions(+), 5 deletions(-)
+
+diff --git a/lib/parser_aux.c b/lib/parser_aux.c
+index 976ab38..786ea64 100644
+--- a/lib/parser_aux.c
++++ b/lib/parser_aux.c
+@@ -955,7 +955,7 @@ _asn1_check_identifier (asn1_node node)
+ if (p2 == NULL)
+ {
+ if (p->value)
+- _asn1_strcpy (_asn1_identifierMissing, p->value);
++ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p->value);
+ else
+ _asn1_strcpy (_asn1_identifierMissing, "(null)");
+ return ASN1_IDENTIFIER_NOT_FOUND;
+@@ -968,9 +968,15 @@ _asn1_check_identifier (asn1_node node)
+ if (p2 && (type_field (p2->type) == ASN1_ETYPE_DEFAULT))
+ {
+ _asn1_str_cpy (name2, sizeof (name2), node->name);
+- _asn1_str_cat (name2, sizeof (name2), ".");
+- _asn1_str_cat (name2, sizeof (name2), (char *) p2->value);
+- _asn1_strcpy (_asn1_identifierMissing, p2->value);
++ if (p2->value)
++ {
++ _asn1_str_cat (name2, sizeof (name2), ".");
++ _asn1_str_cat (name2, sizeof (name2), (char *) p2->value);
++ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p2->value);
++ }
++ else
++ _asn1_strcpy (_asn1_identifierMissing, "(null)");
++
+ p2 = asn1_find_node (node, name2);
+ if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID) ||
+ !(p2->type & CONST_ASSIGN))
+@@ -990,7 +996,8 @@ _asn1_check_identifier (asn1_node node)
+ _asn1_str_cpy (name2, sizeof (name2), node->name);
+ _asn1_str_cat (name2, sizeof (name2), ".");
+ _asn1_str_cat (name2, sizeof (name2), (char *) p2->value);
+- _asn1_strcpy (_asn1_identifierMissing, p2->value);
++ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p2->value);
++
+ p2 = asn1_find_node (node, name2);
+ if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID)
+ || !(p2->type & CONST_ASSIGN))
+--
+1.9.1
+
diff --git a/dev-libs/libtasn1/libtasn1-4.12-r1.ebuild b/dev-libs/libtasn1/libtasn1-4.12-r1.ebuild
new file mode 100644
index 00000000000..4dbcc7cf692
--- /dev/null
+++ b/dev-libs/libtasn1/libtasn1-4.12-r1.ebuild
@@ -0,0 +1,54 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit multilib-minimal libtool ltprune
+
+DESCRIPTION="ASN.1 library"
+HOMEPAGE="https://www.gnu.org/software/libtasn1/"
+SRC_URI="mirror://gnu/${PN}/${P}.tar.gz"
+
+LICENSE="GPL-3 LGPL-2.1"
+SLOT="0/6" # subslot = libtasn1 soname version
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="doc static-libs valgrind"
+
+DEPEND=">=dev-lang/perl-5.6
+ sys-apps/help2man
+ virtual/yacc"
+RDEPEND="
+ valgrind? ( dev-util/valgrind )
+ abi_x86_32? (
+ !<=app-emulation/emul-linux-x86-baselibs-20131008-r16
+ !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
+ )"
+
+DOCS=( AUTHORS ChangeLog NEWS README THANKS )
+
+PATCHES=(
+ "${FILESDIR}/${P}-CVE-2017-10790.patch"
+)
+
+pkg_setup() {
+ if use doc; then
+ DOCS+=( doc/libtasn1.pdf )
+ HTML_DOCS=( doc/reference/html/. )
+ fi
+}
+
+src_prepare() {
+ default
+ elibtoolize # for Solaris shared library
+}
+
+multilib_src_configure() {
+ ECONF_SOURCE="${S}" econf \
+ $(use_enable static-libs static) \
+ $(multilib_native_use_enable valgrind valgrind-tests)
+}
+
+multilib_src_install_all() {
+ einstalldocs
+ prune_libtool_files
+}
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: dev-libs/libtasn1/files/, dev-libs/libtasn1/
@ 2019-12-10 8:54 Lars Wendler
0 siblings, 0 replies; 7+ messages in thread
From: Lars Wendler @ 2019-12-10 8:54 UTC (permalink / raw
To: gentoo-commits
commit: 449306051cfb72a238b59efc4f5c23e9f1e66cde
Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
AuthorDate: Tue Dec 10 08:53:06 2019 +0000
Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
CommitDate: Tue Dec 10 08:54:12 2019 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=44930605
dev-libs/libtasn1: Revbump to not install fuzzer tool anymore
Thanks-to: Arfrever Frehtes Taifersar Arahesis <arfrever.fta <AT> gmail.com>
Closes: https://bugs.gentoo.org/701928
Package-Manager: Portage-2.3.81, Repoman-2.3.20
Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>
.../files/libtasn1-4.15.0-noinst_fuzzer_tool.patch | 35 ++++++++++++++++++++++
...sn1-4.15.0.ebuild => libtasn1-4.15.0-r1.ebuild} | 9 ++++--
2 files changed, 42 insertions(+), 2 deletions(-)
diff --git a/dev-libs/libtasn1/files/libtasn1-4.15.0-noinst_fuzzer_tool.patch b/dev-libs/libtasn1/files/libtasn1-4.15.0-noinst_fuzzer_tool.patch
new file mode 100644
index 00000000000..45360ec8f82
--- /dev/null
+++ b/dev-libs/libtasn1/files/libtasn1-4.15.0-noinst_fuzzer_tool.patch
@@ -0,0 +1,35 @@
+From 49d6e3f0a4b5fd4da31228d23ae9efabef20c1ca Mon Sep 17 00:00:00 2001
+From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
+Date: Thu, 21 Nov 2019 16:09:20 +0100
+Subject: [PATCH] fuzz: do not install generated fuzzers and tools
+
+Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
+---
+ fuzz/Makefile.am | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/fuzz/Makefile.am b/fuzz/Makefile.am
+index ae6616b..aa621ce 100644
+--- a/fuzz/Makefile.am
++++ b/fuzz/Makefile.am
+@@ -38,7 +38,7 @@ FUZZERS = \
+
+ if FUZZING
+ # fuzzing mode, enabled with ./configure --enable-fuzzing
+- bin_PROGRAMS = $(FUZZERS)
++ noinst_PROGRAMS = $(FUZZERS)
+ AM_LDFLAGS += -fsanitize=fuzzer
+ MAIN = fuzzer.h
+ else
+@@ -47,7 +47,7 @@ else
+ TESTS = $(FUZZERS)
+ check_PROGRAMS = $(FUZZERS)
+
+- bin_PROGRAMS = corpus2array
++ noinst_PROGRAMS = corpus2array
+ corpus2array_SOURCES = corpus2array.c
+ endif
+
+--
+2.22.2
+
diff --git a/dev-libs/libtasn1/libtasn1-4.15.0.ebuild b/dev-libs/libtasn1/libtasn1-4.15.0-r1.ebuild
similarity index 86%
rename from dev-libs/libtasn1/libtasn1-4.15.0.ebuild
rename to dev-libs/libtasn1/libtasn1-4.15.0-r1.ebuild
index ce8e7f67a17..e3e7c7a5174 100644
--- a/dev-libs/libtasn1/libtasn1-4.15.0.ebuild
+++ b/dev-libs/libtasn1/libtasn1-4.15.0-r1.ebuild
@@ -3,7 +3,7 @@
EAPI=7
-inherit multilib-minimal libtool
+inherit autotools multilib-minimal libtool
DESCRIPTION="ASN.1 library"
HOMEPAGE="https://www.gnu.org/software/libtasn1/"
@@ -28,6 +28,10 @@ DOCS=(
THANKS
)
+PATCHES=(
+ "${FILESDIR}"/${P}-noinst_fuzzer_tool.patch #701928
+)
+
pkg_setup() {
if use doc; then
DOCS+=( doc/libtasn1.pdf )
@@ -37,7 +41,8 @@ pkg_setup() {
src_prepare() {
default
- elibtoolize # for Solaris shared library
+ #elibtoolize # for Solaris shared library
+ eautoreconf #701928
}
multilib_src_configure() {
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: dev-libs/libtasn1/files/, dev-libs/libtasn1/
@ 2018-04-22 21:15 Alon Bar-Lev
0 siblings, 0 replies; 7+ messages in thread
From: Alon Bar-Lev @ 2018-04-22 21:15 UTC (permalink / raw
To: gentoo-commits
commit: c77661f3bd26696bd9f99671369a67fb56a445c5
Author: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
AuthorDate: Sun Apr 22 21:14:27 2018 +0000
Commit: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
CommitDate: Sun Apr 22 21:15:19 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c77661f3
dev-libs/libtasn1: cleanup
Bug: https://bugs.gentoo.org/show_bug.cgi?id=647012
Package-Manager: Portage-2.3.24, Repoman-2.3.6
dev-libs/libtasn1/Manifest | 1 -
.../files/libtasn1-4.12-CVE-2017-10790.patch | 55 ----------------------
dev-libs/libtasn1/libtasn1-4.12-r1.ebuild | 50 --------------------
3 files changed, 106 deletions(-)
diff --git a/dev-libs/libtasn1/Manifest b/dev-libs/libtasn1/Manifest
index 233c11fca37..527b14e9c6f 100644
--- a/dev-libs/libtasn1/Manifest
+++ b/dev-libs/libtasn1/Manifest
@@ -1,2 +1 @@
-DIST libtasn1-4.12.tar.gz 1888450 BLAKE2B ccd3d5c7bbc9d00fd5be125a60b1705833bee4dff8bd0147cc6a7ed67ed679210984dedcf5d76f701ab53b8d7c127580ddb3162876aea9e1142f518271d12252 SHA512 6c551670949881193e39122f72948e4999ff1ba377f9ee5963d0a4ad1b84256e4fe42e9f6d6a2aa9f7d4ef7acc0e5174fb5cc3df5298524cdeda92f4b8c104f7
DIST libtasn1-4.13.tar.gz 1891703 BLAKE2B 5a8bfefe1a3701505c8a1a4920412a6dd15fe771fb848fbd00f0a332388795dc6108a0fa5a282b4212abe0b0642f205bda53c2c39a4a2d65fa71e082fc76a6d2 SHA512 bf5b60a296795e0a8a4a658c0106492393aa7ce698e785256b3427c17215c2a5b6178a61a2043c93ea4334f754eabece20221ac8fef0fd5644086a3891d98a9f
diff --git a/dev-libs/libtasn1/files/libtasn1-4.12-CVE-2017-10790.patch b/dev-libs/libtasn1/files/libtasn1-4.12-CVE-2017-10790.patch
deleted file mode 100644
index eb752c20a9b..00000000000
--- a/dev-libs/libtasn1/files/libtasn1-4.12-CVE-2017-10790.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-From d8d805e1f2e6799bb2dff4871a8598dc83088a39 Mon Sep 17 00:00:00 2001
-From: Nikos Mavrogiannopoulos <nmav@redhat.com>
-Date: Thu, 22 Jun 2017 16:31:37 +0200
-Subject: [PATCH] _asn1_check_identifier: safer access to values read
-
-Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
----
- lib/parser_aux.c | 17 ++++++++++++-----
- 1 file changed, 12 insertions(+), 5 deletions(-)
-
-diff --git a/lib/parser_aux.c b/lib/parser_aux.c
-index 976ab38..786ea64 100644
---- a/lib/parser_aux.c
-+++ b/lib/parser_aux.c
-@@ -955,7 +955,7 @@ _asn1_check_identifier (asn1_node node)
- if (p2 == NULL)
- {
- if (p->value)
-- _asn1_strcpy (_asn1_identifierMissing, p->value);
-+ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p->value);
- else
- _asn1_strcpy (_asn1_identifierMissing, "(null)");
- return ASN1_IDENTIFIER_NOT_FOUND;
-@@ -968,9 +968,15 @@ _asn1_check_identifier (asn1_node node)
- if (p2 && (type_field (p2->type) == ASN1_ETYPE_DEFAULT))
- {
- _asn1_str_cpy (name2, sizeof (name2), node->name);
-- _asn1_str_cat (name2, sizeof (name2), ".");
-- _asn1_str_cat (name2, sizeof (name2), (char *) p2->value);
-- _asn1_strcpy (_asn1_identifierMissing, p2->value);
-+ if (p2->value)
-+ {
-+ _asn1_str_cat (name2, sizeof (name2), ".");
-+ _asn1_str_cat (name2, sizeof (name2), (char *) p2->value);
-+ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p2->value);
-+ }
-+ else
-+ _asn1_strcpy (_asn1_identifierMissing, "(null)");
-+
- p2 = asn1_find_node (node, name2);
- if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID) ||
- !(p2->type & CONST_ASSIGN))
-@@ -990,7 +996,8 @@ _asn1_check_identifier (asn1_node node)
- _asn1_str_cpy (name2, sizeof (name2), node->name);
- _asn1_str_cat (name2, sizeof (name2), ".");
- _asn1_str_cat (name2, sizeof (name2), (char *) p2->value);
-- _asn1_strcpy (_asn1_identifierMissing, p2->value);
-+ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p2->value);
-+
- p2 = asn1_find_node (node, name2);
- if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID)
- || !(p2->type & CONST_ASSIGN))
---
-1.9.1
-
diff --git a/dev-libs/libtasn1/libtasn1-4.12-r1.ebuild b/dev-libs/libtasn1/libtasn1-4.12-r1.ebuild
deleted file mode 100644
index b1be42b9c53..00000000000
--- a/dev-libs/libtasn1/libtasn1-4.12-r1.ebuild
+++ /dev/null
@@ -1,50 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-inherit multilib-minimal libtool ltprune
-
-DESCRIPTION="ASN.1 library"
-HOMEPAGE="https://www.gnu.org/software/libtasn1/"
-SRC_URI="mirror://gnu/${PN}/${P}.tar.gz"
-
-LICENSE="GPL-3 LGPL-2.1"
-SLOT="0/6" # subslot = libtasn1 soname version
-KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="doc static-libs valgrind"
-
-DEPEND=">=dev-lang/perl-5.6
- sys-apps/help2man
- virtual/yacc"
-RDEPEND="
- valgrind? ( dev-util/valgrind )
-"
-
-DOCS=( AUTHORS ChangeLog NEWS README THANKS )
-PATCHES=(
- "${FILESDIR}/${P}-CVE-2017-10790.patch"
-)
-
-pkg_setup() {
- if use doc; then
- DOCS+=( doc/libtasn1.pdf )
- HTML_DOCS=( doc/reference/html/. )
- fi
-}
-
-src_prepare() {
- default
- elibtoolize # for Solaris shared library
-}
-
-multilib_src_configure() {
- ECONF_SOURCE="${S}" econf \
- $(use_enable static-libs static) \
- $(multilib_native_use_enable valgrind valgrind-tests)
-}
-
-multilib_src_install_all() {
- einstalldocs
- prune_libtool_files
-}
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: dev-libs/libtasn1/files/, dev-libs/libtasn1/
@ 2017-10-07 8:22 Alon Bar-Lev
0 siblings, 0 replies; 7+ messages in thread
From: Alon Bar-Lev @ 2017-10-07 8:22 UTC (permalink / raw
To: gentoo-commits
commit: 56e280599eeb59efbb7b5cc35571b100df511337
Author: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
AuthorDate: Sat Oct 7 07:36:46 2017 +0000
Commit: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
CommitDate: Sat Oct 7 08:21:38 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=56e28059
dev-libs/libtasn1: cleanup
Package-Manager: Portage-2.3.8, Repoman-2.3.3
dev-libs/libtasn1/Manifest | 1 -
.../files/libtasn1-4.10-asn1_find_node.patch | 43 -----------------
dev-libs/libtasn1/libtasn1-4.10-r1.ebuild | 50 --------------------
dev-libs/libtasn1/libtasn1-4.10-r2.ebuild | 54 ----------------------
dev-libs/libtasn1/libtasn1-4.12.ebuild | 50 --------------------
5 files changed, 198 deletions(-)
diff --git a/dev-libs/libtasn1/Manifest b/dev-libs/libtasn1/Manifest
index fa2afc43972..fcab671419a 100644
--- a/dev-libs/libtasn1/Manifest
+++ b/dev-libs/libtasn1/Manifest
@@ -1,2 +1 @@
-DIST libtasn1-4.10.tar.gz 1887057 SHA256 681a4d9a0d259f2125713f2e5766c5809f151b3a1392fd91390f780b4b8f5a02 SHA512 614e93128e6be8f46a2ad46e2a515e2edfb1f5a2e90c9e5da02d3afc0a882dc956632dd2b1eddd6b0e258e7b58a82d5d745d8ccd23120d94bb0af48132ed1a18 WHIRLPOOL 3f7bf6ba72006b22d126546e5f683d5bb8e758e4a919deac5d319d520175f7805a0c922561967bc7708ac1838ae1ccfa0da829b818705434eb46406e8a0ff1f1
DIST libtasn1-4.12.tar.gz 1888450 SHA256 6753da2e621257f33f5b051cc114d417e5206a0818fe0b1ecfd6153f70934753 SHA512 6c551670949881193e39122f72948e4999ff1ba377f9ee5963d0a4ad1b84256e4fe42e9f6d6a2aa9f7d4ef7acc0e5174fb5cc3df5298524cdeda92f4b8c104f7 WHIRLPOOL a2f29dbfb59bb2cbe5d533647028c9418b2b4871b67f7367757ebf4c706eab2b1bac8d5645784899bb85e9611a28f693655c1ff857c984109c0719a6f5dd78a5
diff --git a/dev-libs/libtasn1/files/libtasn1-4.10-asn1_find_node.patch b/dev-libs/libtasn1/files/libtasn1-4.10-asn1_find_node.patch
deleted file mode 100644
index b57eb2f25a2..00000000000
--- a/dev-libs/libtasn1/files/libtasn1-4.10-asn1_find_node.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 5520704d075802df25ce4ffccc010ba1641bd484 Mon Sep 17 00:00:00 2001
-From: Nikos Mavrogiannopoulos <nmav@redhat.com>
-Date: Thu, 18 May 2017 18:03:34 +0200
-Subject: [PATCH] asn1_find_node: added safety check on asn1_find_node()
-
-This prevents a stack overflow in asn1_find_node() which
-is triggered by too long variable names in the definitions
-files. That means that applications have to deliberately
-pass a too long 'name' constant to asn1_write_value()
-and friends. Reported by Jakub Jirasek.
-
-Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
----
- lib/parser_aux.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/lib/parser_aux.c b/lib/parser_aux.c
-index b4a7370..976ab38 100644
---- a/lib/parser_aux.c
-+++ b/lib/parser_aux.c
-@@ -120,6 +120,9 @@ asn1_find_node (asn1_node pointer, const char *name)
- if (n_end)
- {
- nsize = n_end - n_start;
-+ if (nsize >= sizeof(n))
-+ return NULL;
-+
- memcpy (n, n_start, nsize);
- n[nsize] = 0;
- n_start = n_end;
-@@ -158,6 +161,9 @@ asn1_find_node (asn1_node pointer, const char *name)
- if (n_end)
- {
- nsize = n_end - n_start;
-+ if (nsize >= sizeof(n))
-+ return NULL;
-+
- memcpy (n, n_start, nsize);
- n[nsize] = 0;
- n_start = n_end;
---
-libgit2 0.25.0
-
diff --git a/dev-libs/libtasn1/libtasn1-4.10-r1.ebuild b/dev-libs/libtasn1/libtasn1-4.10-r1.ebuild
deleted file mode 100644
index 722fc677010..00000000000
--- a/dev-libs/libtasn1/libtasn1-4.10-r1.ebuild
+++ /dev/null
@@ -1,50 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-inherit multilib-minimal libtool
-
-DESCRIPTION="ASN.1 library"
-HOMEPAGE="https://www.gnu.org/software/libtasn1/"
-SRC_URI="mirror://gnu/${PN}/${P}.tar.gz"
-
-LICENSE="GPL-3 LGPL-2.1"
-SLOT="0/6" # subslot = libtasn1 soname version
-KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="doc static-libs valgrind"
-
-DEPEND=">=dev-lang/perl-5.6
- sys-apps/help2man
- virtual/yacc"
-RDEPEND="
- valgrind? ( dev-util/valgrind )
- abi_x86_32? (
- !<=app-emulation/emul-linux-x86-baselibs-20131008-r16
- !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
- )"
-
-DOCS=( AUTHORS ChangeLog NEWS README THANKS )
-
-pkg_setup() {
- if use doc; then
- DOCS+=( doc/libtasn1.pdf )
- HTML_DOCS=( doc/reference/html/. )
- fi
-}
-
-src_prepare() {
- default
- elibtoolize # for Solaris shared library
-}
-
-multilib_src_configure() {
- ECONF_SOURCE="${S}" econf \
- $(use_enable static-libs static) \
- $(multilib_native_use_enable valgrind valgrind-tests)
-}
-
-multilib_src_install_all() {
- einstalldocs
- use static-libs || find "${ED}" -name '*.la' -delete
-}
diff --git a/dev-libs/libtasn1/libtasn1-4.10-r2.ebuild b/dev-libs/libtasn1/libtasn1-4.10-r2.ebuild
deleted file mode 100644
index 8745880e30d..00000000000
--- a/dev-libs/libtasn1/libtasn1-4.10-r2.ebuild
+++ /dev/null
@@ -1,54 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-inherit multilib-minimal libtool
-
-DESCRIPTION="ASN.1 library"
-HOMEPAGE="https://www.gnu.org/software/libtasn1/"
-SRC_URI="mirror://gnu/${PN}/${P}.tar.gz"
-
-LICENSE="GPL-3 LGPL-2.1"
-SLOT="0/6" # subslot = libtasn1 soname version
-KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="doc static-libs valgrind"
-
-DEPEND=">=dev-lang/perl-5.6
- sys-apps/help2man
- virtual/yacc"
-RDEPEND="
- valgrind? ( dev-util/valgrind )
- abi_x86_32? (
- !<=app-emulation/emul-linux-x86-baselibs-20131008-r16
- !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
- )"
-
-DOCS=( AUTHORS ChangeLog NEWS README THANKS )
-
-PATCHES=(
- "${FILESDIR}/${P}-asn1_find_node.patch"
-)
-
-pkg_setup() {
- if use doc; then
- DOCS+=( doc/libtasn1.pdf )
- HTML_DOCS=( doc/reference/html/. )
- fi
-}
-
-src_prepare() {
- default
- elibtoolize # for Solaris shared library
-}
-
-multilib_src_configure() {
- ECONF_SOURCE="${S}" econf \
- $(use_enable static-libs static) \
- $(multilib_native_use_enable valgrind valgrind-tests)
-}
-
-multilib_src_install_all() {
- einstalldocs
- use static-libs || find "${ED}" -name '*.la' -delete
-}
diff --git a/dev-libs/libtasn1/libtasn1-4.12.ebuild b/dev-libs/libtasn1/libtasn1-4.12.ebuild
deleted file mode 100644
index 24aca51c0e8..00000000000
--- a/dev-libs/libtasn1/libtasn1-4.12.ebuild
+++ /dev/null
@@ -1,50 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-inherit multilib-minimal libtool
-
-DESCRIPTION="ASN.1 library"
-HOMEPAGE="https://www.gnu.org/software/libtasn1/"
-SRC_URI="mirror://gnu/${PN}/${P}.tar.gz"
-
-LICENSE="GPL-3 LGPL-2.1"
-SLOT="0/6" # subslot = libtasn1 soname version
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="doc static-libs valgrind"
-
-DEPEND=">=dev-lang/perl-5.6
- sys-apps/help2man
- virtual/yacc"
-RDEPEND="
- valgrind? ( dev-util/valgrind )
- abi_x86_32? (
- !<=app-emulation/emul-linux-x86-baselibs-20131008-r16
- !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
- )"
-
-DOCS=( AUTHORS ChangeLog NEWS README THANKS )
-
-pkg_setup() {
- if use doc; then
- DOCS+=( doc/libtasn1.pdf )
- HTML_DOCS=( doc/reference/html/. )
- fi
-}
-
-src_prepare() {
- default
- elibtoolize # for Solaris shared library
-}
-
-multilib_src_configure() {
- ECONF_SOURCE="${S}" econf \
- $(use_enable static-libs static) \
- $(multilib_native_use_enable valgrind valgrind-tests)
-}
-
-multilib_src_install_all() {
- einstalldocs
- use static-libs || find "${ED}" -name '*.la' -delete
-}
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: dev-libs/libtasn1/files/, dev-libs/libtasn1/
@ 2017-05-19 16:20 Alon Bar-Lev
0 siblings, 0 replies; 7+ messages in thread
From: Alon Bar-Lev @ 2017-05-19 16:20 UTC (permalink / raw
To: gentoo-commits
commit: d24fb56b2dbff2680017d67e4fab3e74f7d2bad6
Author: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
AuthorDate: Fri May 19 16:19:40 2017 +0000
Commit: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
CommitDate: Fri May 19 16:19:40 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d24fb56b
dev-libs/libtasn1: fix asn1_find_node issue
Package-Manager: Portage-2.3.5, Repoman-2.3.1
.../files/libtasn1-4.10-asn1_find_node.patch | 43 +++++++++++++++++
dev-libs/libtasn1/libtasn1-4.10-r2.ebuild | 54 ++++++++++++++++++++++
2 files changed, 97 insertions(+)
diff --git a/dev-libs/libtasn1/files/libtasn1-4.10-asn1_find_node.patch b/dev-libs/libtasn1/files/libtasn1-4.10-asn1_find_node.patch
new file mode 100644
index 00000000000..b57eb2f25a2
--- /dev/null
+++ b/dev-libs/libtasn1/files/libtasn1-4.10-asn1_find_node.patch
@@ -0,0 +1,43 @@
+From 5520704d075802df25ce4ffccc010ba1641bd484 Mon Sep 17 00:00:00 2001
+From: Nikos Mavrogiannopoulos <nmav@redhat.com>
+Date: Thu, 18 May 2017 18:03:34 +0200
+Subject: [PATCH] asn1_find_node: added safety check on asn1_find_node()
+
+This prevents a stack overflow in asn1_find_node() which
+is triggered by too long variable names in the definitions
+files. That means that applications have to deliberately
+pass a too long 'name' constant to asn1_write_value()
+and friends. Reported by Jakub Jirasek.
+
+Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
+---
+ lib/parser_aux.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/lib/parser_aux.c b/lib/parser_aux.c
+index b4a7370..976ab38 100644
+--- a/lib/parser_aux.c
++++ b/lib/parser_aux.c
+@@ -120,6 +120,9 @@ asn1_find_node (asn1_node pointer, const char *name)
+ if (n_end)
+ {
+ nsize = n_end - n_start;
++ if (nsize >= sizeof(n))
++ return NULL;
++
+ memcpy (n, n_start, nsize);
+ n[nsize] = 0;
+ n_start = n_end;
+@@ -158,6 +161,9 @@ asn1_find_node (asn1_node pointer, const char *name)
+ if (n_end)
+ {
+ nsize = n_end - n_start;
++ if (nsize >= sizeof(n))
++ return NULL;
++
+ memcpy (n, n_start, nsize);
+ n[nsize] = 0;
+ n_start = n_end;
+--
+libgit2 0.25.0
+
diff --git a/dev-libs/libtasn1/libtasn1-4.10-r2.ebuild b/dev-libs/libtasn1/libtasn1-4.10-r2.ebuild
new file mode 100644
index 00000000000..2279187ab05
--- /dev/null
+++ b/dev-libs/libtasn1/libtasn1-4.10-r2.ebuild
@@ -0,0 +1,54 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit multilib-minimal libtool
+
+DESCRIPTION="ASN.1 library"
+HOMEPAGE="https://www.gnu.org/software/libtasn1/"
+SRC_URI="mirror://gnu/${PN}/${P}.tar.gz"
+
+LICENSE="GPL-3 LGPL-2.1"
+SLOT="0/6" # subslot = libtasn1 soname version
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="doc static-libs valgrind"
+
+DEPEND=">=dev-lang/perl-5.6
+ sys-apps/help2man
+ virtual/yacc"
+RDEPEND="
+ valgrind? ( dev-util/valgrind )
+ abi_x86_32? (
+ !<=app-emulation/emul-linux-x86-baselibs-20131008-r16
+ !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
+ )"
+
+DOCS=( AUTHORS ChangeLog NEWS README THANKS )
+
+PATCHES=(
+ "${FILESDIR}/${P}-asn1_find_node.patch"
+)
+
+pkg_setup() {
+ if use doc; then
+ DOCS+=( doc/libtasn1.pdf )
+ HTML_DOCS=( doc/reference/html/. )
+ fi
+}
+
+src_prepare() {
+ default
+ elibtoolize # for Solaris shared library
+}
+
+multilib_src_configure() {
+ ECONF_SOURCE="${S}" econf \
+ $(use_enable static-libs static) \
+ $(multilib_native_use_enable valgrind valgrind-tests)
+}
+
+multilib_src_install_all() {
+ einstalldocs
+ use static-libs || find "${ED}" -name '*.la' -delete
+}
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: dev-libs/libtasn1/files/, dev-libs/libtasn1/
@ 2017-03-15 6:27 Alon Bar-Lev
0 siblings, 0 replies; 7+ messages in thread
From: Alon Bar-Lev @ 2017-03-15 6:27 UTC (permalink / raw
To: gentoo-commits
commit: 8060d3f0e1e29850c72eb36f62a75b07afffeb61
Author: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
AuthorDate: Tue Mar 14 23:38:06 2017 +0000
Commit: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
CommitDate: Wed Mar 15 06:27:00 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8060d3f0
dev-libs/libtasn1: cleanup
Bug: 611510
Package-Manager: Portage-2.3.3, Repoman-2.3.1
dev-libs/libtasn1/Manifest | 1 -
dev-libs/libtasn1/files/libtasn1-4.9-build.patch | 25 -------------
dev-libs/libtasn1/libtasn1-4.9-r1.ebuild | 47 ------------------------
3 files changed, 73 deletions(-)
diff --git a/dev-libs/libtasn1/Manifest b/dev-libs/libtasn1/Manifest
index 7b5917ed419..af6b3047dd6 100644
--- a/dev-libs/libtasn1/Manifest
+++ b/dev-libs/libtasn1/Manifest
@@ -1,2 +1 @@
DIST libtasn1-4.10.tar.gz 1887057 SHA256 681a4d9a0d259f2125713f2e5766c5809f151b3a1392fd91390f780b4b8f5a02 SHA512 614e93128e6be8f46a2ad46e2a515e2edfb1f5a2e90c9e5da02d3afc0a882dc956632dd2b1eddd6b0e258e7b58a82d5d745d8ccd23120d94bb0af48132ed1a18 WHIRLPOOL 3f7bf6ba72006b22d126546e5f683d5bb8e758e4a919deac5d319d520175f7805a0c922561967bc7708ac1838ae1ccfa0da829b818705434eb46406e8a0ff1f1
-DIST libtasn1-4.9.tar.gz 1864709 SHA256 4f6f7a8fd691ac2b8307c8ca365bad711db607d4ad5966f6938a9d2ecd65c920 SHA512 1fb2c5eb89f3e9abd8f7433342619e3d89576ed15a783b8152ed9da0383342f80e750c570733ac266bc8a3c4b23e5e2a57e3735b2341d507e7d88ac366a8d6e7 WHIRLPOOL 509afea66788b5f0d2aa944cbf07b48f122c1f2f1e6bd9278fce2a0e195397453e5203b2b4ab519520ea0e3614664f2af0cc2f046f2b91252d156e8058e1952c
diff --git a/dev-libs/libtasn1/files/libtasn1-4.9-build.patch b/dev-libs/libtasn1/files/libtasn1-4.9-build.patch
deleted file mode 100644
index d096955bb9f..00000000000
--- a/dev-libs/libtasn1/files/libtasn1-4.9-build.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From dd091c8af163213e12aa92f61bc4916e0f102633 Mon Sep 17 00:00:00 2001
-From: Nikos Mavrogiannopoulos <nmav@redhat.com>
-Date: Tue, 26 Jul 2016 08:45:33 +0200
-Subject: [PATCH] configure: don't add -Werror to build flags
-
----
- configure.ac | 2 --
- 1 file changed, 2 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 7a14e04..066f5fe 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -70,8 +70,6 @@ AC_ARG_ENABLE([gcc-warnings],
- )
-
- if test "$gl_gcc_warnings" = yes; then
-- gl_WARN_ADD([-Werror], [WERROR_CFLAGS])
--
- nw="$nw -Wsystem-headers" # Don't let system headers trigger warnings
- nw="$nw -Wc++-compat" # We don't care strongly about C++ compilers
- nw="$nw -Wtraditional" # Warns on #elif which we use often
---
-2.7.3
-
diff --git a/dev-libs/libtasn1/libtasn1-4.9-r1.ebuild b/dev-libs/libtasn1/libtasn1-4.9-r1.ebuild
deleted file mode 100644
index ffbb0f91f76..00000000000
--- a/dev-libs/libtasn1/libtasn1-4.9-r1.ebuild
+++ /dev/null
@@ -1,47 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-inherit autotools multilib-minimal
-
-DESCRIPTION="ASN.1 library"
-HOMEPAGE="https://www.gnu.org/software/libtasn1/"
-SRC_URI="mirror://gnu/${PN}/${P}.tar.gz"
-
-LICENSE="GPL-3 LGPL-2.1"
-SLOT="0/6" # subslot = libtasn1 soname version
-KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos"
-IUSE="doc static-libs"
-
-DEPEND=">=dev-lang/perl-5.6
- sys-apps/help2man
- virtual/yacc"
-RDEPEND="
- abi_x86_32? (
- !<=app-emulation/emul-linux-x86-baselibs-20131008-r16
- !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
- )"
-
-PATCHES=(
- "${FILESDIR}/${P}-build.patch"
-)
-DOCS=( AUTHORS ChangeLog NEWS README THANKS )
-
-pkg_setup() {
- if use doc; then
- DOCS+=( doc/libtasn1.pdf )
- HTML_DOCS=( doc/reference/html/. )
- fi
-}
-
-src_prepare() {
- default
- eautoreconf
-}
-
-multilib_src_configure() {
- local myeconfargs
- [[ "${VALGRIND_TESTS}" == "0" ]] && myeconfargs+=( --disable-valgrind-tests )
- ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
-}
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: dev-libs/libtasn1/files/, dev-libs/libtasn1/
@ 2016-07-29 9:13 Alon Bar-Lev
0 siblings, 0 replies; 7+ messages in thread
From: Alon Bar-Lev @ 2016-07-29 9:13 UTC (permalink / raw
To: gentoo-commits
commit: 2dd6f0f1fb2cd2597d6ee9ea005cadb9d282bc23
Author: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
AuthorDate: Fri Jul 29 09:13:24 2016 +0000
Commit: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
CommitDate: Fri Jul 29 09:13:24 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2dd6f0f1
dev-libs/libtasn1: remove -Werror
Bug: 589868
Package-Manager: portage-2.2.28
dev-libs/libtasn1/files/libtasn1-4.9-build.patch | 25 ++++++++++++++++++++++++
dev-libs/libtasn1/libtasn1-4.9.ebuild | 3 +++
2 files changed, 28 insertions(+)
diff --git a/dev-libs/libtasn1/files/libtasn1-4.9-build.patch b/dev-libs/libtasn1/files/libtasn1-4.9-build.patch
new file mode 100644
index 0000000..d096955
--- /dev/null
+++ b/dev-libs/libtasn1/files/libtasn1-4.9-build.patch
@@ -0,0 +1,25 @@
+From dd091c8af163213e12aa92f61bc4916e0f102633 Mon Sep 17 00:00:00 2001
+From: Nikos Mavrogiannopoulos <nmav@redhat.com>
+Date: Tue, 26 Jul 2016 08:45:33 +0200
+Subject: [PATCH] configure: don't add -Werror to build flags
+
+---
+ configure.ac | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 7a14e04..066f5fe 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -70,8 +70,6 @@ AC_ARG_ENABLE([gcc-warnings],
+ )
+
+ if test "$gl_gcc_warnings" = yes; then
+- gl_WARN_ADD([-Werror], [WERROR_CFLAGS])
+-
+ nw="$nw -Wsystem-headers" # Don't let system headers trigger warnings
+ nw="$nw -Wc++-compat" # We don't care strongly about C++ compilers
+ nw="$nw -Wtraditional" # Warns on #elif which we use often
+--
+2.7.3
+
diff --git a/dev-libs/libtasn1/libtasn1-4.9.ebuild b/dev-libs/libtasn1/libtasn1-4.9.ebuild
index 3bd2816..e227f89 100644
--- a/dev-libs/libtasn1/libtasn1-4.9.ebuild
+++ b/dev-libs/libtasn1/libtasn1-4.9.ebuild
@@ -24,6 +24,9 @@ RDEPEND="
!app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
)"
+PATCHES=(
+ "${FILESDIR}/${P}-build.patch"
+)
DOCS=( AUTHORS ChangeLog NEWS README THANKS )
multilib_src_configure() {
^ permalink raw reply related [flat|nested] 7+ messages in thread
end of thread, other threads:[~2019-12-10 8:54 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-09-03 22:19 [gentoo-commits] repo/gentoo:master commit in: dev-libs/libtasn1/files/, dev-libs/libtasn1/ Alon Bar-Lev
-- strict thread matches above, loose matches on Subject: below --
2019-12-10 8:54 Lars Wendler
2018-04-22 21:15 Alon Bar-Lev
2017-10-07 8:22 Alon Bar-Lev
2017-05-19 16:20 Alon Bar-Lev
2017-03-15 6:27 Alon Bar-Lev
2016-07-29 9:13 Alon Bar-Lev
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox