[gentoo-commits] repo/gentoo:master commit in: app-arch/dpkg/files/, app-arch/dpkg/

["Sam James" <sam@gentoo.org>]

commit:     c463c5b2265bcd2dce63a5f79e67e27cf162b72e
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Tue Dec 24 20:36:52 2024 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Tue Dec 24 20:37:00 2024 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c463c5b2

app-arch/dpkg: drop 1.20.9-r1, 1.20.12-r1, 1.21.1, 1.21.15-r2

Signed-off-by: Sam James <sam <AT> gentoo.org>

 app-arch/dpkg/Manifest                             |   3 -
 app-arch/dpkg/dpkg-1.20.12-r1.ebuild               | 101 -------
 app-arch/dpkg/dpkg-1.20.9-r1.ebuild                |  97 ------
 app-arch/dpkg/dpkg-1.21.1.ebuild                   |  96 ------
 app-arch/dpkg/dpkg-1.21.15-r2.ebuild               | 112 -------
 app-arch/dpkg/files/dpkg-1.18.12-rsyncable.patch   |  28 --
 app-arch/dpkg/files/dpkg-1.20.12-m4-stdio.patch    |  25 --
 .../files/dpkg-1.20.5-dpkg_buildpackage-test.patch |  10 -
 .../dpkg/files/dpkg-1.20.9-CVE-2022-1664.patch     | 324 ---------------------
 app-arch/dpkg/metadata.xml                         |   1 -
 10 files changed, 797 deletions(-)

diff --git a/app-arch/dpkg/Manifest b/app-arch/dpkg/Manifest
index 879690364d1c..42d6427c79ae 100644
--- a/app-arch/dpkg/Manifest
+++ b/app-arch/dpkg/Manifest
@@ -1,5 +1,2 @@
-DIST dpkg_1.20.12.tar.xz 5009108 BLAKE2B 47ecb53c331503c72081a4c472acd6e94a5b7fca2032358809aa8c546cfd6c1542c7cdfad2a5ceff0e40dc454a61974ec47233061b98cf99aabbb8e53621858c SHA512 ce20b1b00b972e6fa5d5cd6427003415a92a78742dc02a9055fee6f00db22b037c54560170e657d7b74c2ae542fff4b7eba46f642adf911dc2f3b90eebefc3ff
-DIST dpkg_1.20.9.tar.xz 4954428 BLAKE2B 4e04f7a90c8696971895081e18b220d9dee4bc5930428f131556ae71c673e61e18c363e279b566c2218da60a5aca421807c14cf518952502e707c7397769097b SHA512 904a4742f5f340dc65b2137364dce102a0b2eb42ccedb2a73f79c207362c699fbffaaf1379f1f6c8b8b0e490321af1d03c34b50ebe0c703f5ce8a7f75f17a839
-DIST dpkg_1.21.1.tar.xz 4986936 BLAKE2B f5b0f9fe7ac5fe7ba47191a9e467356e748418846ce0fc9f3c61d731e035eb096932848b15e6a85a15938d3bbd6fa069c786ab0e89c77119958fe632a91c309f SHA512 3f3f263e1300f3e4b55e84521847703dcfe465aa54829a69c31c174a2ad5e8b6a8a251da7c6020d31a38e9e6744113924a71e9579469e32289328e91a48db07f
 DIST dpkg_1.21.15.tar.xz 5350148 BLAKE2B f26611db365266ef9f43484c20d3150889238b34b156cac26f0ae8ae9572e7e4a9839e08a0073a25c886cd2891fc6d84afc97262ae6992267b47fa6e86c03a33 SHA512 eb31db63dd454048c3b7539b539720ed71239303ca679df92b934e971914d63dd771da09149054048e24dde1f5627ee24d43dbd8782ca1dc28c4a2bd3ed8f26a
 DIST dpkg_1.22.11.tar.xz 5697040 BLAKE2B 7bd7f90a8ae98ac7401bc2b8e7b0d2cc002a57bfdc5521d9049a995130011a3042ac6d24d6ecd5410e1db2c2e936eae5085a2af5fb11b0a73fd66bae33b33956 SHA512 8caeb52625e34109bbc3abf1b62792053f989e560b541ec9de85f3fe563f8bcb06db102dbae83058aba16e6f4729260e15e1c7a470762a261bec5460358c0fe9

diff --git a/app-arch/dpkg/dpkg-1.20.12-r1.ebuild b/app-arch/dpkg/dpkg-1.20.12-r1.ebuild
deleted file mode 100644
index 1df3d1e13082..000000000000
--- a/app-arch/dpkg/dpkg-1.20.12-r1.ebuild
+++ /dev/null
@@ -1,101 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-inherit autotools toolchain-funcs
-
-DESCRIPTION="Package maintenance system for Debian"
-HOMEPAGE="https://packages.qa.debian.org/dpkg"
-SRC_URI="mirror://debian/pool/main/d/${PN}/${P/-/_}.tar.xz"
-
-LICENSE="GPL-2+"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~m68k ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"
-IUSE="+bzip2 libmd +lzma nls selinux static-libs test +update-alternatives +zlib"
-RESTRICT="!test? ( test )"
-
-RDEPEND="
-	>=app-arch/tar-1.34-r1
-	>=dev-lang/perl-5.14.2:=
-	sys-libs/ncurses:=[unicode(+)]
-	bzip2? ( app-arch/bzip2 )
-	libmd? ( app-crypt/libmd )
-	lzma? ( app-arch/xz-utils )
-	nls? ( virtual/libintl )
-	selinux? ( sys-libs/libselinux )
-	zlib? ( >=sys-libs/zlib-1.1.4 )
-"
-DEPEND="
-	${RDEPEND}
-	app-arch/xz-utils
-	virtual/pkgconfig
-	test? (
-		dev-perl/IO-String
-		dev-perl/Test-Pod
-		virtual/perl-Test-Harness
-	)
-"
-BDEPEND="
-	app-alternatives/lex
-	nls? (
-		app-text/po4a
-		>=sys-devel/gettext-0.18.2
-	)
-"
-RDEPEND+=" selinux? ( sec-policy/selinux-dpkg )"
-
-DOCS=(
-	ChangeLog
-	THANKS
-	TODO
-)
-PATCHES=(
-	"${FILESDIR}"/${PN}-1.18.12-flags.patch
-	"${FILESDIR}"/${PN}-1.18.12-rsyncable.patch
-	"${FILESDIR}"/${PN}-1.20.5-dpkg_buildpackage-test.patch
-	"${FILESDIR}"/${PN}-1.20.12-m4-stdio.patch
-)
-
-src_prepare() {
-	default
-
-	sed -i -e 's|\<ar\>|${AR}|g' t-func/deb-format.at t-func/testsuite || die
-
-	eautoreconf
-}
-
-src_configure() {
-	tc-export AR CC
-
-	econf \
-		$(use_enable nls) \
-		$(use_enable update-alternatives) \
-		$(use_with bzip2 libbz2) \
-		$(use_with libmd) \
-		$(use_with lzma liblzma) \
-		$(use_with selinux libselinux) \
-		$(use_with zlib libz) \
-		--enable-unicode \
-		--disable-compiler-warnings \
-		--disable-dselect \
-		--disable-start-stop-daemon \
-		--localstatedir="${EPREFIX}"/var
-}
-
-src_compile() {
-	emake AR="$(tc-getAR)"
-}
-
-src_install() {
-	default
-
-	keepdir \
-		/usr/$(get_libdir)/db/methods/{mnt,floppy,disk} \
-		/var/lib/dpkg/{alternatives,info,parts,updates}
-
-	find "${ED}" -name '*.la' -delete || die
-
-	if ! use static-libs; then
-		find "${ED}" -name '*.a' -delete || die
-	fi
-}

diff --git a/app-arch/dpkg/dpkg-1.20.9-r1.ebuild b/app-arch/dpkg/dpkg-1.20.9-r1.ebuild
deleted file mode 100644
index 4f0d747fb464..000000000000
--- a/app-arch/dpkg/dpkg-1.20.9-r1.ebuild
+++ /dev/null
@@ -1,97 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-inherit autotools toolchain-funcs
-
-DESCRIPTION="Package maintenance system for Debian"
-HOMEPAGE="https://packages.qa.debian.org/dpkg"
-SRC_URI="mirror://debian/pool/main/d/${PN}/${P/-/_}.tar.xz"
-
-LICENSE="GPL-2+"
-SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 hppa ~m68k ppc ppc64 ~s390 sparc x86 ~amd64-linux ~x86-linux"
-IUSE="+bzip2 libmd +lzma nls selinux static-libs test unicode +update-alternatives +zlib"
-RESTRICT="!test? ( test )"
-
-RDEPEND="
-	>=dev-lang/perl-5.14.2:=
-	bzip2? ( app-arch/bzip2 )
-	libmd? ( app-crypt/libmd )
-	lzma? ( app-arch/xz-utils )
-	nls? ( virtual/libintl )
-	selinux? ( sys-libs/libselinux )
-	zlib? ( >=sys-libs/zlib-1.1.4 )
-"
-DEPEND="
-	${RDEPEND}
-	app-arch/xz-utils
-	virtual/pkgconfig
-	test? (
-		dev-perl/IO-String
-		dev-perl/Test-Pod
-		virtual/perl-Test-Harness
-	)
-"
-BDEPEND="
-	app-alternatives/lex
-	nls? (
-		app-text/po4a
-		>=sys-devel/gettext-0.18.2
-	)
-"
-DOCS=(
-	ChangeLog
-	THANKS
-	TODO
-)
-PATCHES=(
-	"${FILESDIR}"/${PN}-1.18.12-flags.patch
-	"${FILESDIR}"/${PN}-1.18.12-rsyncable.patch
-	"${FILESDIR}"/${PN}-1.20.5-dpkg_buildpackage-test.patch
-	"${FILESDIR}"/${P}-CVE-2022-1664.patch
-)
-
-src_prepare() {
-	default
-
-	sed -i -e 's|\<ar\>|${AR}|g' t-func/deb-format.at t-func/testsuite || die
-
-	eautoreconf
-}
-
-src_configure() {
-	tc-export AR CC
-
-	econf \
-		$(use_enable nls) \
-		$(use_enable unicode) \
-		$(use_enable update-alternatives) \
-		$(use_with bzip2 libbz2) \
-		$(use_with libmd) \
-		$(use_with lzma liblzma) \
-		$(use_with selinux libselinux) \
-		$(use_with zlib libz) \
-		--disable-compiler-warnings \
-		--disable-dselect \
-		--disable-start-stop-daemon \
-		--localstatedir="${EPREFIX}"/var
-}
-
-src_compile() {
-	emake AR="$(tc-getAR)"
-}
-
-src_install() {
-	default
-
-	keepdir \
-		/usr/$(get_libdir)/db/methods/{mnt,floppy,disk} \
-		/var/lib/dpkg/{alternatives,info,parts,updates}
-
-	find "${ED}" -name '*.la' -delete || die
-
-	if ! use static-libs; then
-		find "${ED}" -name '*.a' -delete || die
-	fi
-}

diff --git a/app-arch/dpkg/dpkg-1.21.1.ebuild b/app-arch/dpkg/dpkg-1.21.1.ebuild
deleted file mode 100644
index a4c03baacd66..000000000000
--- a/app-arch/dpkg/dpkg-1.21.1.ebuild
+++ /dev/null
@@ -1,96 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-inherit autotools toolchain-funcs
-
-DESCRIPTION="Package maintenance system for Debian"
-HOMEPAGE="https://packages.qa.debian.org/dpkg"
-SRC_URI="mirror://debian/pool/main/d/${PN}/${P/-/_}.tar.xz"
-
-LICENSE="GPL-2+"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~m68k ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"
-IUSE="+bzip2 libmd +lzma nls selinux static-libs test unicode +update-alternatives +zlib"
-RESTRICT="!test? ( test )"
-
-RDEPEND="
-	>=app-arch/gzip-1.7
-	>=dev-lang/perl-5.14.2:=
-	bzip2? ( app-arch/bzip2 )
-	libmd? ( app-crypt/libmd )
-	lzma? ( app-arch/xz-utils )
-	nls? ( virtual/libintl )
-	selinux? ( sys-libs/libselinux )
-	zlib? ( >=sys-libs/zlib-1.1.4 )
-"
-DEPEND="
-	${RDEPEND}
-	app-arch/xz-utils
-	virtual/pkgconfig
-	test? (
-		dev-perl/IO-String
-		dev-perl/Test-Pod
-		virtual/perl-Test-Harness
-	)
-"
-BDEPEND="
-	app-alternatives/lex
-	nls? (
-		app-text/po4a
-		>=sys-devel/gettext-0.18.2
-	)
-"
-DOCS=(
-	ChangeLog
-	THANKS
-	TODO
-)
-PATCHES=(
-	"${FILESDIR}"/${PN}-1.18.12-flags.patch
-	"${FILESDIR}"/${PN}-1.20.5-dpkg_buildpackage-test.patch
-)
-
-src_prepare() {
-	default
-
-	sed -i -e 's|\<ar\>|${AR}|g' t-func/deb-format.at t-func/testsuite || die
-
-	eautoreconf
-}
-
-src_configure() {
-	tc-export AR CC
-
-	econf \
-		$(use_enable nls) \
-		$(use_enable unicode) \
-		$(use_enable update-alternatives) \
-		$(use_with bzip2 libbz2) \
-		$(use_with libmd) \
-		$(use_with lzma liblzma) \
-		$(use_with selinux libselinux) \
-		$(use_with zlib libz) \
-		--disable-compiler-warnings \
-		--disable-dselect \
-		--disable-start-stop-daemon \
-		--localstatedir="${EPREFIX}"/var
-}
-
-src_compile() {
-	emake AR="$(tc-getAR)"
-}
-
-src_install() {
-	default
-
-	keepdir \
-		/usr/$(get_libdir)/db/methods/{mnt,floppy,disk} \
-		/var/lib/dpkg/{alternatives,info,parts,updates}
-
-	find "${ED}" -name '*.la' -delete || die
-
-	if ! use static-libs; then
-		find "${ED}" -name '*.a' -delete || die
-	fi
-}

diff --git a/app-arch/dpkg/dpkg-1.21.15-r2.ebuild b/app-arch/dpkg/dpkg-1.21.15-r2.ebuild
deleted file mode 100644
index 29fbc7b06dea..000000000000
--- a/app-arch/dpkg/dpkg-1.21.15-r2.ebuild
+++ /dev/null
@@ -1,112 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-inherit autotools toolchain-funcs
-
-DESCRIPTION="Package maintenance system for Debian"
-HOMEPAGE="https://packages.qa.debian.org/dpkg"
-SRC_URI="mirror://debian/pool/main/d/${PN}/${P/-/_}.tar.xz"
-
-LICENSE="GPL-2+"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~m68k ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"
-IUSE="+bzip2 +lzma nls selinux static-libs test +update-alternatives +zlib"
-RESTRICT="!test? ( test )"
-
-RDEPEND="
-	>=app-arch/gzip-1.7
-	>=app-arch/tar-1.34-r1
-	app-crypt/libmd
-	>=dev-lang/perl-5.14.2:=
-	sys-libs/ncurses:=[unicode(+)]
-	bzip2? ( app-arch/bzip2 )
-	lzma? ( app-arch/xz-utils )
-	nls? ( virtual/libintl )
-	selinux? ( sys-libs/libselinux )
-	zlib? ( >=sys-libs/zlib-1.1.4 )
-"
-DEPEND="
-	${RDEPEND}
-	app-arch/xz-utils
-	virtual/pkgconfig
-	test? (
-		dev-perl/IO-String
-		dev-perl/Test-Pod
-		virtual/perl-Test-Harness
-	)
-"
-BDEPEND="
-	app-alternatives/lex
-	nls? (
-		app-text/po4a
-		>=sys-devel/gettext-0.18.2
-	)
-"
-RDEPEND+=" selinux? ( sec-policy/selinux-dpkg )"
-
-PATCHES=(
-	"${FILESDIR}"/${PN}-1.18.12-flags.patch
-	"${FILESDIR}"/${P}-buf-overflow.patch
-)
-
-src_prepare() {
-	default
-
-	sed -i -e 's|\<ar\>|${AR}|g' src/at/deb-format.at src/at/testsuite || die
-
-	eautoreconf
-}
-
-src_configure() {
-	tc-export AR CC
-
-	local myconf=(
-		--disable-compiler-warnings
-		--disable-devel-docs
-		--disable-dselect
-		--disable-start-stop-daemon
-		--enable-unicode
-		--localstatedir="${EPREFIX}"/var
-		$(use_enable nls)
-		$(use_enable update-alternatives)
-		$(use_with bzip2 libbz2)
-		$(use_with lzma liblzma)
-		$(use_with selinux libselinux)
-		$(use_with zlib libz)
-
-	)
-
-	econf "${myconf[@]}"
-}
-
-src_compile() {
-	emake AR="$(tc-getAR)"
-}
-
-src_install() {
-	local DOCS=( debian/changelog THANKS TODO )
-	default
-
-	# https://bugs.gentoo.org/835520
-	mv -v "${ED}"/usr/share/zsh/{vendor-completions,site-functions} || die
-
-	# https://bugs.gentoo.org/840320
-	insinto /etc/dpkg/origins
-	newins - gentoo <<-_EOF_
-		Vendor: Gentoo
-		Vendor-URL: https://www.gentoo.org/
-		Bugs: https://bugs.gentoo.org/
-	_EOF_
-	dosym gentoo /etc/dpkg/origins/default
-
-	keepdir \
-		/usr/$(get_libdir)/db/methods/{mnt,floppy,disk} \
-		/var/lib/dpkg/{alternatives,info,parts,updates}
-
-	find "${ED}" -name '*.la' -delete || die
-
-	if ! use static-libs; then
-		find "${ED}" -name '*.a' -delete || die
-	fi
-}

diff --git a/app-arch/dpkg/files/dpkg-1.18.12-rsyncable.patch b/app-arch/dpkg/files/dpkg-1.18.12-rsyncable.patch
deleted file mode 100644
index 69802da67092..000000000000
--- a/app-arch/dpkg/files/dpkg-1.18.12-rsyncable.patch
+++ /dev/null
@@ -1,28 +0,0 @@
---- a/scripts/Dpkg/Compression.pm
-+++ b/scripts/Dpkg/Compression.pm
-@@ -81,20 +81,12 @@
- };
- 
- #
--# XXX: The gzip package in Debian at some point acquired a Debian-specific
--# --rsyncable option via a vendor patch. Which is not present in most of the
--# major distributions, dpkg downstream systems, nor gzip upstream, who have
--# stated they will most probably not accept it because people should be using
--# pigz instead.
-+# If gzip supports --rsyncable (version >=1.7 or the Debian patched variant),
-+# we use it. Sadly a non-compliant gzip will not complain about the argument
-+# when it does not understand it, so we can only print out the usage and infer
-+# --rsyncable support from that.
- #
--# This option should have never been accepted in dpkg, ever. But removing it
--# now would probably cause demands for tarring and feathering. In addition
--# we cannot use the Dpkg::Vendor logic because that would cause circular
--# module dependencies. The whole affair is pretty disgusting really.
--#
--# Check the perl Config to discern Debian and hopefully derivatives too.
--#
--if ($Config{cf_by} eq 'Debian Project') {
-+if (system("gzip --help 2>&1 | grep -q -- --rsyncable") == 0) {
-     push @{$COMP->{gzip}->{comp_prog}}, '--rsyncable';
- }
- 

diff --git a/app-arch/dpkg/files/dpkg-1.20.12-m4-stdio.patch b/app-arch/dpkg/files/dpkg-1.20.12-m4-stdio.patch
deleted file mode 100644
index 5124c54b43ed..000000000000
--- a/app-arch/dpkg/files/dpkg-1.20.12-m4-stdio.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 9a1c670b66818fc0044eaa9a95a13da553bebcd3 Mon Sep 17 00:00:00 2001
-From: Georgy Yakovlev <gyakovlev@gentoo.org>
-Date: Mon, 21 Nov 2022 23:09:59 -0800
-Subject: [PATCH] m4/dpkg-funcs.m4: include stdio.h in __progname conftest
-
-Bug: https://bugs.gentoo.org/869884
----
- m4/dpkg-funcs.m4 | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/m4/dpkg-funcs.m4 b/m4/dpkg-funcs.m4
-index 74acf22..0720ac3 100644
---- a/m4/dpkg-funcs.m4
-+++ b/m4/dpkg-funcs.m4
-@@ -142,6 +142,7 @@ AC_DEFUN([DPKG_CHECK_PROGNAME], [
-   AC_MSG_CHECKING([for __progname])
-   AC_LINK_IFELSE([
-     AC_LANG_PROGRAM(
-+      [[#include <stdio.h>]],
-       [[extern char *__progname;]],
-       [[printf("%s", __progname);]])
-   ], [
--- 
-2.38.1
-

diff --git a/app-arch/dpkg/files/dpkg-1.20.5-dpkg_buildpackage-test.patch b/app-arch/dpkg/files/dpkg-1.20.5-dpkg_buildpackage-test.patch
deleted file mode 100644
index 9f1494dc290c..000000000000
--- a/app-arch/dpkg/files/dpkg-1.20.5-dpkg_buildpackage-test.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- a/scripts/Makefile.am
-+++ b/scripts/Makefile.am
-@@ -264,7 +264,6 @@
- 	t/Dpkg_Dist_Files.t \
- 	t/dpkg_realpath.t \
- 	t/dpkg_source.t \
--	t/dpkg_buildpackage.t \
- 	t/merge_changelogs.t \
- 	t/mk.t \
- 	$(nil)

diff --git a/app-arch/dpkg/files/dpkg-1.20.9-CVE-2022-1664.patch b/app-arch/dpkg/files/dpkg-1.20.9-CVE-2022-1664.patch
deleted file mode 100644
index aa1570148de1..000000000000
--- a/app-arch/dpkg/files/dpkg-1.20.9-CVE-2022-1664.patch
+++ /dev/null
@@ -1,324 +0,0 @@
-From 58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5 Mon Sep 17 00:00:00 2001
-From: Guillem Jover <guillem@debian.org>
-Date: Tue, 3 May 2022 02:09:32 +0200
-Subject: Dpkg::Source::Archive: Prevent directory traversal for in-place
- extracts
-
-For untrusted v2 and v3 source package formats that include a debian.tar
-archive, when we are extracting it, we do that as an in-place extraction,
-which can lead to directory traversal situations on specially crafted
-orig.tar and debian.tar tarballs.
-
-GNU tar replaces entries on the filesystem by the entries present on
-the tarball, but it will follow symlinks when the symlink pathname
-itself is not present as an actual directory on the tarball.
-
-This means we can create an orig.tar where there's a symlink pointing
-out of the source tree root directory, and then a debian.tar that
-contains an entry within that symlink as if it was a directory, without
-a directory entry for the symlink pathname itself, which will be
-extracted following the symlink outside the source tree root.
-
-This is currently noted as expected in GNU tar documentation. But even
-if there was a new extraction mode avoiding this problem we'd need such
-new version. Using perl's Archive::Tar would solve the problem, but
-switching to such different pure perl implementation, could cause
-compatibility or performance issues.
-
-What we do is when we are requested to perform an in-place extract, we
-instead still use a temporary directory, then walk that directory and
-remove any matching entry in the destination directory, replicating what
-GNU tar would do, but in addition avoiding the directory traversal issue
-for symlinks. Which should work with any tar implementation and be safe.
-
-Reported-by: Max Justicz <max@justi.cz>
-Stable-Candidates: 1.18.x 1.19.x 1.20.x
-Fixes: commit 0c0057a27fecccab77d2b3cffa9a7d172846f0b4 (1.14.17)
-Fixes: CVE-2022-1664
-(cherry picked from commit 7a6c03cb34d4a09f35df2f10779cbf1b70a5200b)
----
- scripts/Dpkg/Source/Archive.pm  | 122 +++++++++++++++++++++++++++++++---------
- scripts/t/Dpkg_Source_Archive.t | 110 +++++++++++++++++++++++++++++++++++-
- 2 files changed, 204 insertions(+), 28 deletions(-)
-
-diff --git a/scripts/Dpkg/Source/Archive.pm b/scripts/Dpkg/Source/Archive.pm
-index 33c181b20..2ddd04af8 100644
---- a/scripts/Dpkg/Source/Archive.pm
-+++ b/scripts/Dpkg/Source/Archive.pm
-@@ -21,9 +21,11 @@ use warnings;
- our $VERSION = '0.01';
- 
- use Carp;
-+use Errno qw(ENOENT);
- use File::Temp qw(tempdir);
- use File::Basename qw(basename);
- use File::Spec;
-+use File::Find;
- use Cwd;
- 
- use Dpkg ();
-@@ -110,19 +112,13 @@ sub extract {
-     my %spawn_opts = (wait_child => 1);
- 
-     # Prepare destination
--    my $tmp;
--    if ($opts{in_place}) {
--        $spawn_opts{chdir} = $dest;
--        $tmp = $dest; # So that fixperms call works
--    } else {
--        my $template = basename($self->get_filename()) .  '.tmp-extract.XXXXX';
--        unless (-e $dest) {
--            # Kludge so that realpath works
--            mkdir($dest) or syserr(g_('cannot create directory %s'), $dest);
--        }
--        $tmp = tempdir($template, DIR => Cwd::realpath("$dest/.."), CLEANUP => 1);
--        $spawn_opts{chdir} = $tmp;
-+    my $template = basename($self->get_filename()) .  '.tmp-extract.XXXXX';
-+    unless (-e $dest) {
-+        # Kludge so that realpath works
-+        mkdir($dest) or syserr(g_('cannot create directory %s'), $dest);
-     }
-+    my $tmp = tempdir($template, DIR => Cwd::realpath("$dest/.."), CLEANUP => 1);
-+    $spawn_opts{chdir} = $tmp;
- 
-     # Prepare stuff that handles the input of tar
-     $self->ensure_open('r', delete_sig => [ 'PIPE' ]);
-@@ -145,22 +141,94 @@ sub extract {
-     # have to be calculated using mount options and other madness.
-     fixperms($tmp) unless $opts{no_fixperms};
- 
--    # Stop here if we extracted in-place as there's nothing to move around
--    return if $opts{in_place};
--
--    # Rename extracted directory
--    opendir(my $dir_dh, $tmp) or syserr(g_('cannot opendir %s'), $tmp);
--    my @entries = grep { $_ ne '.' && $_ ne '..' } readdir($dir_dh);
--    closedir($dir_dh);
--    my $done = 0;
--    erasedir($dest);
--    if (scalar(@entries) == 1 && ! -l "$tmp/$entries[0]" && -d _) {
--	rename("$tmp/$entries[0]", $dest)
--	    or syserr(g_('unable to rename %s to %s'),
--	              "$tmp/$entries[0]", $dest);
-+    # If we are extracting "in-place" do not remove the destination directory.
-+    if ($opts{in_place}) {
-+        my $canon_basedir = Cwd::realpath($dest);
-+        # On Solaris /dev/null points to /devices/pseudo/mm@0:null.
-+        my $canon_devnull = Cwd::realpath('/dev/null');
-+        my $check_symlink = sub {
-+            my $pathname = shift;
-+            my $canon_pathname = Cwd::realpath($pathname);
-+            if (not defined $canon_pathname) {
-+                return if $! == ENOENT;
-+
-+                syserr(g_("pathname '%s' cannot be canonicalized"), $pathname);
-+            }
-+            return if $canon_pathname eq $canon_devnull;
-+            return if $canon_pathname eq $canon_basedir;
-+            return if $canon_pathname =~ m{^\Q$canon_basedir/\E};
-+            warning(g_("pathname '%s' points outside source root (to '%s')"),
-+                    $pathname, $canon_pathname);
-+        };
-+
-+        my $move_in_place = sub {
-+            my $relpath = File::Spec->abs2rel($File::Find::name, $tmp);
-+            my $destpath = File::Spec->catfile($dest, $relpath);
-+
-+            my ($mode, $atime, $mtime);
-+            lstat $File::Find::name
-+                or syserr(g_('cannot get source pathname %s metadata'), $File::Find::name);
-+            ((undef) x 2, $mode, (undef) x 5, $atime, $mtime) = lstat _;
-+            my $src_is_dir = -d _;
-+
-+            my $dest_exists = 1;
-+            if (not lstat $destpath) {
-+                if ($! == ENOENT) {
-+                    $dest_exists = 0;
-+                } else {
-+                    syserr(g_('cannot get target pathname %s metadata'), $destpath);
-+                }
-+            }
-+            my $dest_is_dir = -d _;
-+            if ($dest_exists) {
-+                if ($dest_is_dir && $src_is_dir) {
-+                    # Refresh the destination directory attributes with the
-+                    # ones from the tarball.
-+                    chmod $mode, $destpath
-+                        or syserr(g_('cannot change directory %s mode'), $File::Find::name);
-+                    utime $atime, $mtime, $destpath
-+                        or syserr(g_('cannot change directory %s times'), $File::Find::name);
-+
-+                    # We should do nothing, and just walk further tree.
-+                    return;
-+                } elsif ($dest_is_dir) {
-+                    rmdir $destpath
-+                        or syserr(g_('cannot remove destination directory %s'), $destpath);
-+                } else {
-+                    $check_symlink->($destpath);
-+                    unlink $destpath
-+                        or syserr(g_('cannot remove destination file %s'), $destpath);
-+                }
-+            }
-+            # If we are moving a directory, we do not need to walk it.
-+            if ($src_is_dir) {
-+                $File::Find::prune = 1;
-+            }
-+            rename $File::Find::name, $destpath
-+                or syserr(g_('cannot move %s to %s'), $File::Find::name, $destpath);
-+        };
-+
-+        find({
-+            wanted => $move_in_place,
-+            no_chdir => 1,
-+            dangling_symlinks => 0,
-+        }, $tmp);
-     } else {
--	rename($tmp, $dest)
--	    or syserr(g_('unable to rename %s to %s'), $tmp, $dest);
-+        # Rename extracted directory
-+        opendir(my $dir_dh, $tmp) or syserr(g_('cannot opendir %s'), $tmp);
-+        my @entries = grep { $_ ne '.' && $_ ne '..' } readdir($dir_dh);
-+        closedir($dir_dh);
-+
-+        erasedir($dest);
-+
-+        if (scalar(@entries) == 1 && ! -l "$tmp/$entries[0]" && -d _) {
-+            rename("$tmp/$entries[0]", $dest)
-+                or syserr(g_('unable to rename %s to %s'),
-+                          "$tmp/$entries[0]", $dest);
-+        } else {
-+            rename($tmp, $dest)
-+                or syserr(g_('unable to rename %s to %s'), $tmp, $dest);
-+        }
-     }
-     erasedir($tmp);
- }
-diff --git a/scripts/t/Dpkg_Source_Archive.t b/scripts/t/Dpkg_Source_Archive.t
-index 7b70da68e..504fbe1d4 100644
---- a/scripts/t/Dpkg_Source_Archive.t
-+++ b/scripts/t/Dpkg_Source_Archive.t
-@@ -16,12 +16,120 @@
- use strict;
- use warnings;
- 
--use Test::More tests => 1;
-+use Test::More tests => 4;
-+use Test::Dpkg qw(:paths);
-+
-+use File::Spec;
-+use File::Path qw(make_path rmtree);
- 
- BEGIN {
-     use_ok('Dpkg::Source::Archive');
- }
- 
-+use Dpkg;
-+
-+my $tmpdir = test_get_temp_path();
-+
-+rmtree($tmpdir);
-+
-+sub test_touch
-+{
-+    my ($name, $data) = @_;
-+
-+    open my $fh, '>', $name
-+        or die "cannot touch file $name\n";
-+    print { $fh } $data if $data;
-+    close $fh;
-+}
-+
-+sub test_path_escape
-+{
-+    my $name = shift;
-+
-+    my $treedir = File::Spec->rel2abs("$tmpdir/$name-tree");
-+    my $overdir = File::Spec->rel2abs("$tmpdir/$name-overlay");
-+    my $outdir = "$tmpdir/$name-out";
-+    my $expdir = "$tmpdir/$name-exp";
-+
-+    # This is the base directory, where we are going to be extracting stuff
-+    # into, which include traps.
-+    make_path("$treedir/subdir-a");
-+    test_touch("$treedir/subdir-a/file-a");
-+    test_touch("$treedir/subdir-a/file-pre-a");
-+    make_path("$treedir/subdir-b");
-+    test_touch("$treedir/subdir-b/file-b");
-+    test_touch("$treedir/subdir-b/file-pre-b");
-+    symlink File::Spec->abs2rel($outdir, $treedir), "$treedir/symlink-escape";
-+    symlink File::Spec->abs2rel("$outdir/nonexistent", $treedir), "$treedir/symlink-nonexistent";
-+    symlink "$treedir/file", "$treedir/symlink-within";
-+    test_touch("$treedir/supposed-dir");
-+
-+    # This is the overlay directory, which we'll pack and extract over the
-+    # base directory.
-+    make_path($overdir);
-+    make_path("$overdir/subdir-a/aa");
-+    test_touch("$overdir/subdir-a/aa/file-aa", 'aa');
-+    test_touch("$overdir/subdir-a/file-a", 'a');
-+    make_path("$overdir/subdir-b/bb");
-+    test_touch("$overdir/subdir-b/bb/file-bb", 'bb');
-+    test_touch("$overdir/subdir-b/file-b", 'b');
-+    make_path("$overdir/symlink-escape");
-+    test_touch("$overdir/symlink-escape/escaped-file", 'escaped');
-+    test_touch("$overdir/symlink-nonexistent", 'nonexistent');
-+    make_path("$overdir/symlink-within");
-+    make_path("$overdir/supposed-dir");
-+    test_touch("$overdir/supposed-dir/supposed-file", 'something');
-+
-+    # Generate overlay tar.
-+    system($Dpkg::PROGTAR, '-cf', "$overdir.tar", '-C', $overdir, qw(
-+        subdir-a subdir-b
-+        symlink-escape/escaped-file symlink-nonexistent symlink-within
-+        supposed-dir
-+        )) == 0
-+        or die "cannot create overlay tar archive\n";
-+
-+   # This is the expected directory, which we'll be comparing against.
-+    make_path($expdir);
-+    system('cp', '-a', $overdir, $expdir) == 0
-+        or die "cannot copy overlay hierarchy into expected directory\n";
-+
-+    # Store the expected and out reference directories into a tar to compare
-+    # its structure against the result reference.
-+    system($Dpkg::PROGTAR, '-cf', "$expdir.tar", '-C', $overdir, qw(
-+        subdir-a subdir-b
-+        symlink-escape/escaped-file symlink-nonexistent symlink-within
-+        supposed-dir
-+        ), '-C', $treedir, qw(
-+        subdir-a/file-pre-a
-+        subdir-b/file-pre-b
-+        )) == 0
-+        or die "cannot create expected tar archive\n";
-+
-+    # This directory is supposed to remain empty, anything inside implies a
-+    # directory traversal.
-+    make_path($outdir);
-+
-+    my $warnseen;
-+    local $SIG{__WARN__} = sub { $warnseen = $_[0] };
-+
-+    # Perform the extraction.
-+    my $tar = Dpkg::Source::Archive->new(filename => "$overdir.tar");
-+    $tar->extract($treedir, in_place => 1);
-+
-+    # Store the result into a tar to compare its structure against a reference.
-+    system($Dpkg::PROGTAR, '-cf', "$treedir.tar", '-C', $treedir, '.');
-+
-+    # Check results
-+    ok(length $warnseen && $warnseen =~ m/points outside source root/,
-+       'expected warning seen');
-+    ok(system($Dpkg::PROGTAR, '--compare', '-f', "$expdir.tar", '-C', $treedir) == 0,
-+       'expected directory matches');
-+    ok(! -e "$outdir/escaped-file",
-+       'expected output directory is empty, directory traversal');
-+}
-+
-+test_path_escape('in-place');
-+
- # TODO: Add actual test cases.
- 
- 1;
--- 
-cgit v1.2.3
-

diff --git a/app-arch/dpkg/metadata.xml b/app-arch/dpkg/metadata.xml
index 9511a3ee6146..b33cda089f2a 100644
--- a/app-arch/dpkg/metadata.xml
+++ b/app-arch/dpkg/metadata.xml
@@ -3,7 +3,6 @@
 <pkgmetadata>
 	<!-- maintainer-needed -->
 	<use>
-		<flag name="libmd">Use <pkg>app-crypt/libmd</pkg> library for message digest functions</flag>
 		<flag name="update-alternatives">Install update-alternatives</flag>
 	</use>
 </pkgmetadata>