CRUX
Threads by month
- ----- 2024 -----
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
March 2018
- 4 participants
- 67 discussions
ports/contrib (3.3): [notify] python-pyxdg: -> 0.26 dependency change pyxdg -> python-pyxdg
by crux@crux.nu 12 Mar '18
by crux@crux.nu 12 Mar '18
12 Mar '18
commit 3f915d7ce2393d918896ba2a9ad860ad215e8c6e
Author: Danny Rawlins <monster.romster(a)gmail.com>
Date: Mon Mar 12 13:58:26 2018 +1100
[notify] python-pyxdg: -> 0.26 dependency change pyxdg -> python-pyxdg
diff --git a/pyxdg/.footprint b/python-pyxdg/.footprint
similarity index 67%
rename from pyxdg/.footprint
rename to python-pyxdg/.footprint
index 4061080c..737ce596 100644
--- a/pyxdg/.footprint
+++ b/python-pyxdg/.footprint
@@ -2,31 +2,44 @@ drwxr-xr-x root/root usr/
drwxr-xr-x root/root usr/lib/
drwxr-xr-x root/root usr/lib/python2.7/
drwxr-xr-x root/root usr/lib/python2.7/site-packages/
--rw-r--r-- root/root usr/lib/python2.7/site-packages/pyxdg-0.25-py2.7.egg-info
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/pyxdg-0.26-py2.7.egg-info
drwxr-xr-x root/root usr/lib/python2.7/site-packages/xdg/
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/BaseDirectory.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/BaseDirectory.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/BaseDirectory.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/Config.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/Config.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/Config.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/DesktopEntry.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/DesktopEntry.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/DesktopEntry.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/Exceptions.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/Exceptions.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/Exceptions.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/IconTheme.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/IconTheme.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/IconTheme.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/IniFile.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/IniFile.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/IniFile.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/Locale.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/Locale.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/Locale.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/Menu.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/Menu.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/Menu.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/MenuEditor.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/MenuEditor.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/MenuEditor.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/Mime.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/Mime.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/Mime.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/RecentFiles.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/RecentFiles.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/RecentFiles.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/__init__.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/__init__.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/__init__.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/util.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/util.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/xdg/util.pyo
diff --git a/python-pyxdg/.md5sum b/python-pyxdg/.md5sum
new file mode 100644
index 00000000..78d54cc8
--- /dev/null
+++ b/python-pyxdg/.md5sum
@@ -0,0 +1 @@
+db1c2af8300ca64ce3955b3cf2490c92 pyxdg-0.26.tar.gz
diff --git a/python-pyxdg/.signature b/python-pyxdg/.signature
new file mode 100644
index 00000000..f34c3841
--- /dev/null
+++ b/python-pyxdg/.signature
@@ -0,0 +1,5 @@
+untrusted comment: verify with /etc/ports/contrib.pub
+RWSagIOpLGJF3xCvitBmFJoWHXy6AHgbbxsamRbv/W6gNbqBoqsBBK3ugQx6tl5sL9+FYDOOtsI8PWn+nc13knr/X6LFZOO6/Ao=
+SHA256 (Pkgfile) = 934d479591a82bbe67372ccdf4e577f0475100cbfedca30baf86b3132daef63c
+SHA256 (.footprint) = 8bdcc433026925fc7596fb23b202564df6287f496f70ea77acde44fb5cd790d0
+SHA256 (pyxdg-0.26.tar.gz) = fe2928d3f532ed32b39c32a482b54136fe766d19936afc96c8f00645f9da1a06
diff --git a/python-pyxdg/Pkgfile b/python-pyxdg/Pkgfile
new file mode 100644
index 00000000..000379d5
--- /dev/null
+++ b/python-pyxdg/Pkgfile
@@ -0,0 +1,15 @@
+# Description: Python library to access freedesktop.org standards.
+# URL: http://freedesktop.org/wiki/Software/pyxdg
+# Maintainer: Danny Rawlins, crux at romster dot me
+# Depends on: python
+
+name=python-pyxdg
+version=0.26
+release=1
+source=(https://files.pythonhosted.org/packages/source/${name:7:1}/${name#*-}/${name#*-}-$version.tar.gz)
+
+build() {
+ cd ${name#*-}-$version
+ /usr/bin/python setup.py build
+ /usr/bin/python setup.py install --prefix=/usr --root=$PKG --optimize=1
+}
diff --git a/pyxdg/.md5sum b/pyxdg/.md5sum
deleted file mode 100644
index 3825cdab..00000000
--- a/pyxdg/.md5sum
+++ /dev/null
@@ -1 +0,0 @@
-bedcdb3a0ed85986d40044c87f23477c pyxdg-0.25.tar.gz
diff --git a/pyxdg/.signature b/pyxdg/.signature
deleted file mode 100644
index 89cec910..00000000
--- a/pyxdg/.signature
+++ /dev/null
@@ -1,5 +0,0 @@
-untrusted comment: verify with /etc/ports/contrib.pub
-RWSagIOpLGJF3+TvdHuuISV0SNq1MvxFgOPhvaIx79pB0R+gUeRndUnVxOHf+LLmvga2IvbIUQXLbjimfoeZO3GE3JQkafGayg8=
-SHA256 (Pkgfile) = 5515be34ec207c7312f01f427d0b8789685016c9291bd347e8379340761c9d23
-SHA256 (.footprint) = dffde3ef365ed6196348a39eb94fbf6321c727de14c49c1d5a88dc64115f99c1
-SHA256 (pyxdg-0.25.tar.gz) = 81e883e0b9517d624e8b0499eb267b82a815c0b7146d5269f364988ae031279d
diff --git a/pyxdg/Pkgfile b/pyxdg/Pkgfile
deleted file mode 100644
index 471e93c6..00000000
--- a/pyxdg/Pkgfile
+++ /dev/null
@@ -1,15 +0,0 @@
-# Description: Python library to access freedesktop.org standards.
-# URL: http://freedesktop.org/wiki/Software/pyxdg
-# Maintainer: Danny Rawlins, crux at romster dot me
-# Packager: Antonio SJ Musumeci, bile at landofbile dot com
-# Depends on: python
-
-name=pyxdg
-version=0.25
-release=1
-source=(http://people.freedesktop.org/~takluyver/$name-$version.tar.gz)
-
-build() {
- cd $name-$version
- /usr/bin/python setup.py install --prefix=/usr --root=$PKG
-}
1
0
ports/contrib (3.3): [notify] deluge: dependency change pyxdg -> python-pyxdg
by crux@crux.nu 12 Mar '18
by crux@crux.nu 12 Mar '18
12 Mar '18
commit 3056a3d98d1352aa2ba90cf1d2793616716a9141
Author: Danny Rawlins <monster.romster(a)gmail.com>
Date: Mon Mar 12 13:56:55 2018 +1100
[notify] deluge: dependency change pyxdg -> python-pyxdg
diff --git a/deluge/.footprint b/deluge/.footprint
index 62ab3a00..8f3a0426 100644
--- a/deluge/.footprint
+++ b/deluge/.footprint
@@ -17,49 +17,71 @@ drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge-1.3.15-py2.7.egg-inf
drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/__init__.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/__init__.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/__init__.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/__rpcapi.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/__rpcapi.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/__rpcapi.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/_libtorrent.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/_libtorrent.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/_libtorrent.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/bencode.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/bencode.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/bencode.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/common.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/common.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/common.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/component.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/component.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/component.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/config.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/config.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/config.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/configmanager.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/configmanager.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/configmanager.pyo
drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/core/
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/__init__.py (EMPTY)
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/__init__.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/__init__.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/alertmanager.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/alertmanager.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/alertmanager.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/authmanager.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/authmanager.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/authmanager.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/autoadd.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/autoadd.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/autoadd.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/core.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/core.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/core.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/daemon.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/daemon.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/daemon.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/eventmanager.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/eventmanager.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/eventmanager.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/filtermanager.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/filtermanager.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/filtermanager.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/oldstateupgrader.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/oldstateupgrader.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/oldstateupgrader.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/pluginmanager.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/pluginmanager.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/pluginmanager.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/preferencesmanager.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/preferencesmanager.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/preferencesmanager.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/rpcserver.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/rpcserver.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/rpcserver.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/torrent.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/torrent.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/torrent.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/torrentmanager.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/torrentmanager.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/core/torrentmanager.pyo
drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/data/
drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/data/pixmaps/
-rw-rw-r-- root/root usr/lib/python2.7/site-packages/deluge/data/pixmaps/active.svg
@@ -342,12 +364,16 @@ drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/data/pixmaps/flags/
-rw-rw-r-- root/root usr/lib/python2.7/site-packages/deluge/data/pixmaps/traffic16.png
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/decorators.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/decorators.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/decorators.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/error.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/error.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/error.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/event.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/event.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/event.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/httpdownloader.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/httpdownloader.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/httpdownloader.pyo
drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/i18n/
drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/i18n/af/
drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/i18n/af/LC_MESSAGES/
@@ -588,14 +614,19 @@ drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/i18n/zh_TW/LC_MESSAG
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/i18n/zh_TW/LC_MESSAGES/deluge.mo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/log.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/log.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/log.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/main.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/main.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/main.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/maketorrent.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/maketorrent.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/maketorrent.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/metafile.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/metafile.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/metafile.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/pluginmanagerbase.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/pluginmanagerbase.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/pluginmanagerbase.pyo
drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/plugins/
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/plugins/AutoAdd-1.5-py2.7.egg
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/plugins/Blocklist-1.3-py2.7.egg
@@ -607,92 +638,134 @@ drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/plugins/
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/plugins/WebUi-0.1-py2.7.egg
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/plugins/__init__.py (EMPTY)
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/plugins/__init__.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/plugins/__init__.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/plugins/init.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/plugins/init.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/plugins/init.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/plugins/pluginbase.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/plugins/pluginbase.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/plugins/pluginbase.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/rencode.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/rencode.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/rencode.pyo
drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/ui/
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/Win32IconImagePlugin.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/Win32IconImagePlugin.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/Win32IconImagePlugin.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/__init__.py (EMPTY)
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/__init__.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/__init__.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/client.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/client.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/client.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/common.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/common.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/common.pyo
drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/ui/console/
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/__init__.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/__init__.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/__init__.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/colors.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/colors.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/colors.pyo
drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/__init__.py (EMPTY)
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/__init__.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/__init__.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/add.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/add.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/add.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/cache.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/cache.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/cache.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/config.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/config.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/config.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/connect.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/connect.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/connect.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/debug.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/debug.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/debug.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/halt.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/halt.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/halt.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/help.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/help.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/help.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/info.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/info.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/info.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/pause.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/pause.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/pause.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/plugin.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/plugin.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/plugin.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/quit.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/quit.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/quit.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/recheck.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/recheck.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/recheck.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/resume.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/resume.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/resume.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/rm.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/rm.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/commands/rm.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/eventlog.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/eventlog.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/eventlog.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/main.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/main.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/main.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/screen.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/screen.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/screen.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/statusbars.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/statusbars.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/console/statusbars.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/coreconfig.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/coreconfig.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/coreconfig.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/countries.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/countries.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/countries.pyo
drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/__init__.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/__init__.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/__init__.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/aboutdialog.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/aboutdialog.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/aboutdialog.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/addtorrentdialog.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/addtorrentdialog.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/addtorrentdialog.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/common.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/common.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/common.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/connectionmanager.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/connectionmanager.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/connectionmanager.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/createtorrentdialog.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/createtorrentdialog.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/createtorrentdialog.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/details_tab.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/details_tab.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/details_tab.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/dialogs.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/dialogs.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/dialogs.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/edittrackersdialog.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/edittrackersdialog.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/edittrackersdialog.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/files_tab.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/files_tab.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/files_tab.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/filtertreeview.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/filtertreeview.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/filtertreeview.pyo
drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/glade/
-rw-rw-r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/glade/add_torrent_dialog.glade
-rw-rw-r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/glade/connection_manager.glade
@@ -709,59 +782,86 @@ drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/glade/
-rw-rw-r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/glade/tray_menu.glade
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/gtkui.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/gtkui.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/gtkui.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/ipcinterface.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/ipcinterface.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/ipcinterface.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/listview.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/listview.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/listview.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/mainwindow.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/mainwindow.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/mainwindow.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/menubar.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/menubar.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/menubar.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/menubar_osx.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/menubar_osx.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/menubar_osx.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/new_release_dialog.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/new_release_dialog.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/new_release_dialog.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/notification.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/notification.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/notification.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/options_tab.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/options_tab.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/options_tab.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/peers_tab.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/peers_tab.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/peers_tab.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/pluginmanager.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/pluginmanager.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/pluginmanager.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/preferences.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/preferences.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/preferences.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/queuedtorrents.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/queuedtorrents.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/queuedtorrents.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/removetorrentdialog.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/removetorrentdialog.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/removetorrentdialog.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/sidebar.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/sidebar.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/sidebar.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/status_tab.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/status_tab.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/status_tab.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/statusbar.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/statusbar.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/statusbar.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/systemtray.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/systemtray.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/systemtray.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/toolbar.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/toolbar.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/toolbar.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/torrentdetails.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/torrentdetails.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/torrentdetails.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/torrentview.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/torrentview.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/gtkui/torrentview.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/sessionproxy.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/sessionproxy.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/sessionproxy.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/tracker_icons.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/tracker_icons.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/tracker_icons.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/ui.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/ui.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/ui.pyo
drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/ui/web/
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/__init__.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/__init__.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/__init__.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/auth.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/auth.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/auth.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/common.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/common.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/common.pyo
drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/ui/web/css/
-rw-rw-r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/css/deluge.css
-rw-rw-r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/css/ext-all-notheme.css
@@ -834,12 +934,15 @@ drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/ui/web/js/
-rw-rw-r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/js/ext-extensions.js
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/json_api.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/json_api.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/json_api.pyo
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/pluginmanager.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/pluginmanager.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/pluginmanager.pyo
drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/ui/web/render/
-rw-rw-r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/render/tab_status.html
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/server.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/server.pyc
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/server.pyo
drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/ui/web/themes/
drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/ui/web/themes/css/
-rw-rw-r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/themes/css/xtheme-access.css
@@ -1393,7 +1496,7 @@ drwxr-xr-x root/root usr/lib/python2.7/site-packages/deluge/ui/web/themes/images
-rw-rw-r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/themes/images/gray/window/top-bottom.png
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/web.py
-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/web.pyc
-drwxr-xr-x root/root usr/man/
+-rw-r--r-- root/root usr/lib/python2.7/site-packages/deluge/ui/web/web.pyo
drwxr-xr-x root/root usr/share/
drwxr-xr-x root/root usr/share/applications/
-rw-r--r-- root/root usr/share/applications/deluge.desktop
diff --git a/deluge/.signature b/deluge/.signature
index 8119cb92..d70a3b65 100644
--- a/deluge/.signature
+++ b/deluge/.signature
@@ -1,7 +1,7 @@
untrusted comment: verify with /etc/ports/contrib.pub
-RWSagIOpLGJF38w5V48SOD6C7m8mTaTEYYzyjRnwm0aHwPJ9cidUE1QLdlV8Ozen6QQ988aqecNFjBeMz+5HaqLbjCrCkSAU0Q8=
-SHA256 (Pkgfile) = 75c44c2cc7abb939d224b9d2f0e07d73a7ec1fbdb99925f43a8b9fd1599fa498
-SHA256 (.footprint) = 74b0769e6f4820a227d5da33eadf5cd1932dc79553226a4278614f1fe7070005
+RWSagIOpLGJF3y96ZPeojFF1TTQwmII4HtwnrUeCkcYxLk8J97KiMnDrdV4VDIqYId2YzvHLChdRvcM06oDQk4NLTU46+QPedQw=
+SHA256 (Pkgfile) = e30b9c650073c6e1ed2d50ce1da95f56be4a3e1dfb02109486e1fc136c756139
+SHA256 (.footprint) = 1d896616ba8b0b7d29af50b12f423c71d0baaae009cf1280eb65fab87892d792
SHA256 (deluge-1.3.15.tar.xz) = a96405140e3cbc569e6e056165e289a5e9ec66e036c327f3912c73d049ccf92c
SHA256 (3064.patch) = 0157e094eb12ebd448c4c89e538082df4ca13c1f959f9c4ac81236f34600c3ef
SHA256 (3079.patch) = 954d253c4db03c3583d8cf79849cf9d231a1b7ecf9cb657ccaf67f48dd087f0d
diff --git a/deluge/Pkgfile b/deluge/Pkgfile
index 92f83376..849e8e63 100644
--- a/deluge/Pkgfile
+++ b/deluge/Pkgfile
@@ -2,11 +2,11 @@
# URL: http://deluge-torrent.org/
# Maintainer: Danny Rawlins, crux at romster dot me
# Packager: Brett Goulder, predatorfreak at dcaf-security dot org.
-# Depends on: python-chardet librsvg libtorrent-rasterbar mako pygtk pyopenssl pyxdg python-twisted
+# Depends on: python-chardet librsvg libtorrent-rasterbar mako python3-pyxdg pyopenssl pyxdg python-twisted
name=deluge
version=1.3.15
-release=2
+release=3
source=(http://download.deluge-torrent.org/source/$name-$version.tar.xz
3064.patch
3079.patch)
@@ -18,7 +18,5 @@ build() {
patch -p1 -i $SRC/3079.patch
OS='linux' /usr/bin/python setup.py build
- /usr/bin/python setup.py install --root=$PKG install
-
- install -d $PKG/usr/man
+ /usr/bin/python setup.py install --prefix=/usr --root=$PKG --optimize=1
}
1
0
ports/opt (3.4): [notify] unzip: patched for CVE-2016-9844, CVE-2018-1000035. Closes FS#1631
by crux@crux.nu 11 Mar '18
by crux@crux.nu 11 Mar '18
11 Mar '18
commit 57529ffe969d9f2e4cf9186c6f6308a1b8b02791
Author: Fredrik Rinnestam <fredrik(a)crux.nu>
Date: Sun Mar 11 23:24:43 2018 +0100
[notify] unzip: patched for CVE-2016-9844, CVE-2018-1000035. Closes
FS#1631
diff --git a/unzip/.md5sum b/unzip/.md5sum
index 96220d8d9..26cabcb70 100644
--- a/unzip/.md5sum
+++ b/unzip/.md5sum
@@ -1,7 +1,10 @@
+f65429e4494c4d5a80ec72e4321335da 0001-Fix-CVE-2016-9844-rhbz-1404283.patch
+04bc89e05ccceb4c8600f646156fe242 unzip-6.0-alt-iconv-utf8-print.patch
19341ef8810558e0cb4e3fe25b3eff70 unzip-6.0-attribs-overflow.patch
cf3e3a98ff85d784c5d3843758645874 unzip-6.0-cve-2014-8139.patch
4f6a01093e9a05fe0d2916170d961e29 unzip-6.0-cve-2014-8140.patch
2a05a5d2f21511c5e393b62e4044e913 unzip-6.0-cve-2014-8141.patch
+704269930d2904b31f36c163e21b668c unzip-6.0-cve-2018-1000035-heap-based-overflow.patch
694e3c8ad965798a72569ff42101cc83 unzip-6.0-heap-overflow-infloop.patch
40ae64ba09670480195539bcdf92c0ef unzip-6.0-overflow.patch
62b490407489521db863b523a7f86375 unzip60.tar.gz
diff --git a/unzip/.signature b/unzip/.signature
index d598df8f4..94d6c7f53 100644
--- a/unzip/.signature
+++ b/unzip/.signature
@@ -1,6 +1,6 @@
untrusted comment: verify with /etc/ports/opt.pub
-RWSE3ohX2g5d/WGL7yDCnia1lYBcpunWX0rdnO4EZlpsSfb9e/VUkb7AkE5wQ76VJsp1uZZsrHwghkmC3cS9SrNOn3XIo0LrmAI=
-SHA256 (Pkgfile) = 43c69cfe9fd7168b20d34f7866cd82a216e00edc78f84d5fe943cac118e28d07
+RWSE3ohX2g5d/U+lQa2p9GXkrS4tGusd6mGpljiq6h1SgJx6cZGoMPeGuSh/54lf/bI3nws9raM+XYq6ajd4aBywlFRjnkpwrAg=
+SHA256 (Pkgfile) = cd04f724cda5bc9cd4860bb3b297d0fc4cb7e21f33f5b8255d78f2c0ac1d2d65
SHA256 (.footprint) = a1d2c71a5371982b87a8a14082aa2236258f84e0d602ec39247e0d63bf46ffdd
SHA256 (unzip60.tar.gz) = 036d96991646d0449ed0aa952e4fbe21b476ce994abc276e49d30e686708bd37
SHA256 (unzip-6.0-overflow.patch) = dcd41e0be383c485427fc5461a1aeb8a6207e7fcacf0d254f18700599845a9da
@@ -9,3 +9,6 @@ SHA256 (unzip-6.0-heap-overflow-infloop.patch) = b072c5a6d252425dbbda54a3d94285e
SHA256 (unzip-6.0-cve-2014-8139.patch) = 337131428f491b7030f96ee5b8ef3d8f5963730d1619b2754c624f4616d79adb
SHA256 (unzip-6.0-cve-2014-8140.patch) = 64f64985270e026c01d2c19c6b66c218cf5bcfc7cf3d4a44e601fad41975ec73
SHA256 (unzip-6.0-cve-2014-8141.patch) = b7a14c33db93d1e5b4fc6ce113b4b99ff7a81ed56f46c87e001f22ec085e0273
+SHA256 (0001-Fix-CVE-2016-9844-rhbz-1404283.patch) = 1980d37c82591f9ad473052408b0a61d0c50cce8db795b9980e6a74b2270c339
+SHA256 (unzip-6.0-cve-2018-1000035-heap-based-overflow.patch) = aced0f27191a67f9b8b3fdc5995938a64fd87cea64a0bbba2106e06137ef91c2
+SHA256 (unzip-6.0-alt-iconv-utf8-print.patch) = b990d8d8d8e02777999484a132170666ea736a865f9ad81da651dc63725475ff
diff --git a/unzip/0001-Fix-CVE-2016-9844-rhbz-1404283.patch b/unzip/0001-Fix-CVE-2016-9844-rhbz-1404283.patch
new file mode 100644
index 000000000..2322ce104
--- /dev/null
+++ b/unzip/0001-Fix-CVE-2016-9844-rhbz-1404283.patch
@@ -0,0 +1,40 @@
+From 754137e70cf58a64ad524b704a86b651ba0cde07 Mon Sep 17 00:00:00 2001
+From: Petr Stodulka <pstodulk(a)redhat.com>
+Date: Wed, 14 Dec 2016 16:30:36 +0100
+Subject: [PATCH] Fix CVE-2016-9844 (rhbz#1404283)
+
+Fixes buffer overflow in zipinfo in similar way like fix for
+CVE-2014-9913 provided by upstream.
+---
+ zipinfo.c | 14 +++++++++++++-
+ 1 file changed, 13 insertions(+), 1 deletion(-)
+
+diff --git a/zipinfo.c b/zipinfo.c
+index c03620e..accca2a 100644
+--- a/zipinfo.c
++++ b/zipinfo.c
+@@ -1984,7 +1984,19 @@ static int zi_short(__G) /* return PK-type error code */
+ ush dnum=(ush)((G.crec.general_purpose_bit_flag>>1) & 3);
+ methbuf[3] = dtype[dnum];
+ } else if (methnum >= NUM_METHODS) { /* unknown */
+- sprintf(&methbuf[1], "%03u", G.crec.compression_method);
++ /* 2016-12-05 SMS.
++ * https://launchpad.net/bugs/1643750
++ * Unexpectedly large compression methods overflow
++ * &methbuf[]. Use the old, three-digit decimal format
++ * for values which fit. Otherwise, sacrifice the "u",
++ * and use four-digit hexadecimal.
++ */
++ if (G.crec.compression_method <= 999) {
++ sprintf( &methbuf[ 1], "%03u", G.crec.compression_method);
++ } else {
++ sprintf( &methbuf[ 0], "%04X", G.crec.compression_method);
++ }
++
+ }
+
+ for (k = 0; k < 15; ++k)
+--
+2.5.5
+
+
diff --git a/unzip/Pkgfile b/unzip/Pkgfile
index 9ad788787..cb3aaf3eb 100644
--- a/unzip/Pkgfile
+++ b/unzip/Pkgfile
@@ -4,13 +4,16 @@
name=unzip
version=6.0
-release=6
+release=7
source=(http://downloads.sourceforge.net/sourceforge/infozip/${name}${versi… \
unzip-6.0-overflow.patch unzip-6.0-attribs-overflow.patch \
unzip-6.0-heap-overflow-infloop.patch \
unzip-6.0-cve-2014-8139.patch \
unzip-6.0-cve-2014-8140.patch \
- unzip-6.0-cve-2014-8141.patch)
+ unzip-6.0-cve-2014-8141.patch \
+ 0001-Fix-CVE-2016-9844-rhbz-1404283.patch \
+ unzip-6.0-cve-2018-1000035-heap-based-overflow.patch \
+ unzip-6.0-alt-iconv-utf8-print.patch)
build() {
cd ${name}${version//./}
@@ -20,6 +23,9 @@ build() {
patch -p1 -i $SRC/unzip-6.0-cve-2014-8139.patch
patch -p1 -i $SRC/unzip-6.0-cve-2014-8140.patch
patch -p1 -i $SRC/unzip-6.0-cve-2014-8141.patch
+ patch -p1 -i $SRC/0001-Fix-CVE-2016-9844-rhbz-1404283.patch
+ patch -p1 -i $SRC/unzip-6.0-cve-2018-1000035-heap-based-overflow.patch
+ patch -p1 -i $SRC/unzip-6.0-alt-iconv-utf8-print.patch
sed -i 's/-O3//' unix/configure
make -f unix/Makefile LOCAL_UNZIP="$CFLAGS" generic
diff --git a/unzip/unzip-6.0-alt-iconv-utf8-print.patch b/unzip/unzip-6.0-alt-iconv-utf8-print.patch
new file mode 100644
index 000000000..0b0153ba5
--- /dev/null
+++ b/unzip/unzip-6.0-alt-iconv-utf8-print.patch
@@ -0,0 +1,381 @@
+From ca0212ba19b64488b9e8459a762c11ecd6e7d0bd Mon Sep 17 00:00:00 2001
+From: Petr Stodulka <pstodulk(a)redhat.com>
+Date: Tue, 24 Nov 2015 17:56:11 +0100
+Subject: [PATCH] print correctly non-ascii filenames
+
+---
+ extract.c | 289 ++++++++++++++++++++++++++++++++++++++++++++++++--------------
+ unzpriv.h | 7 ++
+ 2 files changed, 233 insertions(+), 63 deletions(-)
+
+diff --git a/extract.c b/extract.c
+index 0ee4e93..741b7e0 100644
+--- a/extract.c
++++ b/extract.c
+@@ -2648,8 +2648,21 @@ static void set_deferred_symlink(__G__ slnk_entry)
+ } /* end function set_deferred_symlink() */
+ #endif /* SYMLINKS */
+
++/*
++ * If Unicode is supported, assume we have what we need to do this
++ * check using wide characters, avoiding MBCS issues.
++ */
+
+-
++#ifndef UZ_FNFILTER_REPLACECHAR
++ /* A convenient choice for the replacement of unprintable char codes is
++ * the "single char wildcard", as this character is quite unlikely to
++ * appear in filenames by itself. The following default definition
++ * sets the replacement char to a question mark as the most common
++ * "single char wildcard"; this setting should be overridden in the
++ * appropiate system-specific configuration header when needed.
++ */
++# define UZ_FNFILTER_REPLACECHAR '?'
++#endif
+
+ /*************************/
+ /* Function fnfilter() */ /* here instead of in list.c for SFX */
+@@ -2661,48 +2674,168 @@ char *fnfilter(raw, space, size) /* convert name to safely printable form */
+ extent size;
+ {
+ #ifndef NATIVE /* ASCII: filter ANSI escape codes, etc. */
+- ZCONST uch *r=(ZCONST uch *)raw;
++ ZCONST uch *r; // =(ZCONST uch *)raw;
+ uch *s=space;
+ uch *slim=NULL;
+ uch *se=NULL;
+ int have_overflow = FALSE;
+
+- if (size > 0) {
+- slim = space + size
+-#ifdef _MBCS
+- - (MB_CUR_MAX - 1)
+-#endif
+- - 4;
++# if defined( UNICODE_SUPPORT) && defined( _MBCS)
++/* If Unicode support is enabled, and we have multi-byte characters,
++ * then do the isprint() checks by first converting to wide characters
++ * and checking those. This avoids our having to parse multi-byte
++ * characters for ourselves. After the wide-char replacements have been
++ * made, the wide string is converted back to the local character set.
++ */
++ wchar_t *wstring; /* wchar_t version of raw */
++ size_t wslen; /* length of wstring */
++ wchar_t *wostring; /* wchar_t version of output string */
++ size_t woslen; /* length of wostring */
++ char *newraw; /* new raw */
++
++ /* 2012-11-06 SMS.
++ * Changed to check the value returned by mbstowcs(), and bypass the
++ * Unicode processing if it fails. This seems to fix a problem
++ * reported in the SourceForge forum, but it's not clear that we
++ * should be doing any Unicode processing without some evidence that
++ * the name actually is Unicode. (Check bit 11 in the flags before
++ * coming here?)
++ * http://sourceforge.net/p/infozip/bugs/40/
++ */
++
++ if (MB_CUR_MAX <= 1)
++ {
++ /* There's no point to converting multi-byte chars if there are
++ * no multi-byte chars.
++ */
++ wslen = (size_t)-1;
+ }
+- while (*r) {
+- if (size > 0 && s >= slim && se == NULL) {
+- se = s;
++ else
++ {
++ /* Get Unicode wide character count (for storage allocation). */
++ wslen = mbstowcs( NULL, raw, 0);
++ }
++
++ if (wslen != (size_t)-1)
++ {
++ /* Apparently valid Unicode. Allocate wide-char storage. */
++ wstring = (wchar_t *)malloc((wslen + 1) * sizeof(wchar_t));
++ if (wstring == NULL) {
++ strcpy( (char *)space, raw);
++ return (char *)space;
+ }
+-#ifdef QDOS
+- if (qlflag & 2) {
+- if (*r == '/' || *r == '.') {
++ wostring = (wchar_t *)malloc(2 * (wslen + 1) * sizeof(wchar_t));
++ if (wostring == NULL) {
++ free(wstring);
++ strcpy( (char *)space, raw);
++ return (char *)space;
++ }
++
++ /* Convert the multi-byte Unicode to wide chars. */
++ wslen = mbstowcs(wstring, raw, wslen + 1);
++
++ /* Filter the wide-character string. */
++ fnfilterw( wstring, wostring, (2 * (wslen + 1) * sizeof(wchar_t)));
++
++ /* Convert filtered wide chars back to multi-byte. */
++ woslen = wcstombs( NULL, wostring, 0);
++ if ((newraw = malloc(woslen + 1)) == NULL) {
++ free(wstring);
++ free(wostring);
++ strcpy( (char *)space, raw);
++ return (char *)space;
++ }
++ woslen = wcstombs( newraw, wostring, (woslen * MB_CUR_MAX) + 1);
++
++ if (size > 0) {
++ slim = space + size - 4;
++ }
++ r = (ZCONST uch *)newraw;
++ while (*r) {
++ if (size > 0 && s >= slim && se == NULL) {
++ se = s;
++ }
++# ifdef QDOS
++ if (qlflag & 2) {
++ if (*r == '/' || *r == '.') {
++ if (se != NULL && (s > (space + (size-3)))) {
++ have_overflow = TRUE;
++ break;
++ }
++ ++r;
++ *s++ = '_';
++ continue;
++ }
++ } else
++# endif
++ {
+ if (se != NULL && (s > (space + (size-3)))) {
+ have_overflow = TRUE;
+ break;
+ }
+- ++r;
+- *s++ = '_';
+- continue;
++ *s++ = *r++;
+ }
+- } else
++ }
++ if (have_overflow) {
++ strcpy((char *)se, "...");
++ } else {
++ *s = '\0';
++ }
++
++ free(wstring);
++ free(wostring);
++ free(newraw);
++ }
++ else
++# endif /* defined( UNICODE_SUPPORT) && defined( _MBCS) */
++ {
++ /* No Unicode support, or apparently invalid Unicode. */
++ r = (ZCONST uch *)raw;
++
++ if (size > 0) {
++ slim = space + size
++#ifdef _MBCS
++ - (MB_CUR_MAX - 1)
++#endif
++ - 4;
++ }
++ while (*r) {
++ if (size > 0 && s >= slim && se == NULL) {
++ se = s;
++ }
++#ifdef QDOS
++ if (qlflag & 2) {
++ if (*r == '/' || *r == '.') {
++ if (se != NULL && (s > (space + (size-3)))) {
++ have_overflow = TRUE;
++ break;
++ }
++ ++r;
++ *s++ = '_';
++ continue;
++ }
++ } else
+ #endif
+ #ifdef HAVE_WORKING_ISPRINT
+-# ifndef UZ_FNFILTER_REPLACECHAR
+- /* A convenient choice for the replacement of unprintable char codes is
+- * the "single char wildcard", as this character is quite unlikely to
+- * appear in filenames by itself. The following default definition
+- * sets the replacement char to a question mark as the most common
+- * "single char wildcard"; this setting should be overridden in the
+- * appropiate system-specific configuration header when needed.
+- */
+-# define UZ_FNFILTER_REPLACECHAR '?'
+-# endif
+- if (!isprint(*r)) {
++ if (!isprint(*r)) {
++ if (*r < 32) {
++ /* ASCII control codes are escaped as "^{letter}". */
++ if (se != NULL && (s > (space + (size-4)))) {
++ have_overflow = TRUE;
++ break;
++ }
++ *s++ = '^', *s++ = (uch)(64 + *r++);
++ } else {
++ /* Other unprintable codes are replaced by the
++ * placeholder character. */
++ if (se != NULL && (s > (space + (size-3)))) {
++ have_overflow = TRUE;
++ break;
++ }
++ *s++ = UZ_FNFILTER_REPLACECHAR;
++ INCSTR(r);
++ }
++#else /* !HAVE_WORKING_ISPRINT */
+ if (*r < 32) {
+ /* ASCII control codes are escaped as "^{letter}". */
+ if (se != NULL && (s > (space + (size-4)))) {
+@@ -2710,47 +2843,30 @@ char *fnfilter(raw, space, size) /* convert name to safely printable form */
+ break;
+ }
+ *s++ = '^', *s++ = (uch)(64 + *r++);
++#endif /* ?HAVE_WORKING_ISPRINT */
+ } else {
+- /* Other unprintable codes are replaced by the
+- * placeholder character. */
++#ifdef _MBCS
++ unsigned i = CLEN(r);
++ if (se != NULL && (s > (space + (size-i-2)))) {
++ have_overflow = TRUE;
++ break;
++ }
++ for (; i > 0; i--)
++ *s++ = *r++;
++#else
+ if (se != NULL && (s > (space + (size-3)))) {
+ have_overflow = TRUE;
+ break;
+ }
+- *s++ = UZ_FNFILTER_REPLACECHAR;
+- INCSTR(r);
+- }
+-#else /* !HAVE_WORKING_ISPRINT */
+- if (*r < 32) {
+- /* ASCII control codes are escaped as "^{letter}". */
+- if (se != NULL && (s > (space + (size-4)))) {
+- have_overflow = TRUE;
+- break;
+- }
+- *s++ = '^', *s++ = (uch)(64 + *r++);
+-#endif /* ?HAVE_WORKING_ISPRINT */
+- } else {
+-#ifdef _MBCS
+- unsigned i = CLEN(r);
+- if (se != NULL && (s > (space + (size-i-2)))) {
+- have_overflow = TRUE;
+- break;
+- }
+- for (; i > 0; i--)
+ *s++ = *r++;
+-#else
+- if (se != NULL && (s > (space + (size-3)))) {
+- have_overflow = TRUE;
+- break;
+- }
+- *s++ = *r++;
+ #endif
+- }
+- }
+- if (have_overflow) {
+- strcpy((char *)se, "...");
+- } else {
+- *s = '\0';
++ }
++ }
++ if (have_overflow) {
++ strcpy((char *)se, "...");
++ } else {
++ *s = '\0';
++ }
+ }
+
+ #ifdef WINDLL
+@@ -2772,6 +2888,53 @@ char *fnfilter(raw, space, size) /* convert name to safely printable form */
+ } /* end function fnfilter() */
+
+
++#if defined( UNICODE_SUPPORT) && defined( _MBCS)
++
++/****************************/
++/* Function fnfilter[w]() */ /* (Here instead of in list.c for SFX.) */
++/****************************/
++
++/* fnfilterw() - Convert wide name to safely printable form. */
++
++/* fnfilterw() - Convert wide-character name to safely printable form. */
++
++wchar_t *fnfilterw( src, dst, siz)
++ ZCONST wchar_t *src; /* Pointer to source char (string). */
++ wchar_t *dst; /* Pointer to destination char (string). */
++ extent siz; /* Not used (!). */
++{
++ wchar_t *dsx = dst;
++
++ /* Filter the wide chars. */
++ while (*src)
++ {
++ if (iswprint( *src))
++ {
++ /* Printable code. Copy it. */
++ *dst++ = *src;
++ }
++ else
++ {
++ /* Unprintable code. Substitute something printable for it. */
++ if (*src < 32)
++ {
++ /* Replace ASCII control code with "^{letter}". */
++ *dst++ = (wchar_t)'^';
++ *dst++ = (wchar_t)(64 + *src);
++ }
++ else
++ {
++ /* Replace other unprintable code with the placeholder. */
++ *dst++ = (wchar_t)UZ_FNFILTER_REPLACECHAR;
++ }
++ }
++ src++;
++ }
++ *dst = (wchar_t)0; /* NUL-terminate the destination string. */
++ return dsx;
++} /* fnfilterw(). */
++
++#endif /* defined( UNICODE_SUPPORT) && defined( _MBCS) */
+
+
+ #ifdef SET_DIR_ATTRIB
+diff --git a/unzpriv.h b/unzpriv.h
+index 22d3923..e48a652 100644
+--- a/unzpriv.h
++++ b/unzpriv.h
+@@ -1212,6 +1212,7 @@
+ # ifdef UNICODE_WCHAR
+ # if !(defined(_WIN32_WCE) || defined(POCKET_UNZIP))
+ # include <wchar.h>
++# include <wctype.h>
+ # endif
+ # endif
+ # ifndef _MBCS /* no need to include <locale.h> twice, see below */
+@@ -2410,6 +2411,12 @@ int memflush OF((__GPRO__ ZCONST uch *rawbuf, ulg size));
+ char *fnfilter OF((ZCONST char *raw, uch *space,
+ extent size));
+
++# if defined( UNICODE_SUPPORT) && defined( _MBCS)
++wchar_t *fnfilterw OF((ZCONST wchar_t *src, wchar_t *dst,
++ extent siz));
++#endif
++
++
+ /*---------------------------------------------------------------------------
+ Decompression functions:
+ ---------------------------------------------------------------------------*/
+--
+2.4.3
+
diff --git a/unzip/unzip-6.0-cve-2018-1000035-heap-based-overflow.patch b/unzip/unzip-6.0-cve-2018-1000035-heap-based-overflow.patch
new file mode 100644
index 000000000..8ca713865
--- /dev/null
+++ b/unzip/unzip-6.0-cve-2018-1000035-heap-based-overflow.patch
@@ -0,0 +1,34 @@
+--- a/fileio.c 2014-12-05 05:06:05 -0600
++++ b/fileio.c 2017-11-14 01:06:28 -0600
+@@ -1,5 +1,5 @@
+ /*
+- Copyright (c) 1990-2009 Info-ZIP. All rights reserved.
++ Copyright (c) 1990-2017 Info-ZIP. All rights reserved.
+
+ See the accompanying file LICENSE, version 2009-Jan-02 or later
+ (the contents of which are also included in unzip.h) for terms of use.
+@@ -1582,6 +1582,8 @@
+ int r = IZ_PW_ENTERED;
+ char *m;
+ char *prompt;
++ char *ep;
++ char *zp;
+
+ #ifndef REENTRANT
+ /* tell picky compilers to shut up about "unused variable" warnings */
+@@ -1590,9 +1592,12 @@
+
+ if (*rcnt == 0) { /* First call for current entry */
+ *rcnt = 2;
+- if ((prompt = (char *)malloc(2*FILNAMSIZ + 15)) != (char *)NULL) {
+- sprintf(prompt, LoadFarString(PasswPrompt),
+- FnFilter1(zfn), FnFilter2(efn));
++ zp = FnFilter1( zfn);
++ ep = FnFilter2( efn);
++ prompt = (char *)malloc( /* Slightly too long (2* "%s"). */
++ sizeof( PasswPrompt)+ strlen( zp)+ strlen( ep));
++ if (prompt != (char *)NULL) {
++ sprintf(prompt, LoadFarString(PasswPrompt), zp, ep);
+ m = prompt;
+ } else
+ m = (char *)LoadFarString(PasswPrompt2);
1
0
ports/opt (3.3): [notify] unzip: patched for CVE-2016-9844, CVE-2018-1000035. Closes FS#1631
by crux@crux.nu 11 Mar '18
by crux@crux.nu 11 Mar '18
11 Mar '18
commit 57529ffe969d9f2e4cf9186c6f6308a1b8b02791
Author: Fredrik Rinnestam <fredrik(a)crux.nu>
Date: Sun Mar 11 23:24:43 2018 +0100
[notify] unzip: patched for CVE-2016-9844, CVE-2018-1000035. Closes
FS#1631
diff --git a/unzip/.md5sum b/unzip/.md5sum
index 96220d8d9..26cabcb70 100644
--- a/unzip/.md5sum
+++ b/unzip/.md5sum
@@ -1,7 +1,10 @@
+f65429e4494c4d5a80ec72e4321335da 0001-Fix-CVE-2016-9844-rhbz-1404283.patch
+04bc89e05ccceb4c8600f646156fe242 unzip-6.0-alt-iconv-utf8-print.patch
19341ef8810558e0cb4e3fe25b3eff70 unzip-6.0-attribs-overflow.patch
cf3e3a98ff85d784c5d3843758645874 unzip-6.0-cve-2014-8139.patch
4f6a01093e9a05fe0d2916170d961e29 unzip-6.0-cve-2014-8140.patch
2a05a5d2f21511c5e393b62e4044e913 unzip-6.0-cve-2014-8141.patch
+704269930d2904b31f36c163e21b668c unzip-6.0-cve-2018-1000035-heap-based-overflow.patch
694e3c8ad965798a72569ff42101cc83 unzip-6.0-heap-overflow-infloop.patch
40ae64ba09670480195539bcdf92c0ef unzip-6.0-overflow.patch
62b490407489521db863b523a7f86375 unzip60.tar.gz
diff --git a/unzip/.signature b/unzip/.signature
index d598df8f4..94d6c7f53 100644
--- a/unzip/.signature
+++ b/unzip/.signature
@@ -1,6 +1,6 @@
untrusted comment: verify with /etc/ports/opt.pub
-RWSE3ohX2g5d/WGL7yDCnia1lYBcpunWX0rdnO4EZlpsSfb9e/VUkb7AkE5wQ76VJsp1uZZsrHwghkmC3cS9SrNOn3XIo0LrmAI=
-SHA256 (Pkgfile) = 43c69cfe9fd7168b20d34f7866cd82a216e00edc78f84d5fe943cac118e28d07
+RWSE3ohX2g5d/U+lQa2p9GXkrS4tGusd6mGpljiq6h1SgJx6cZGoMPeGuSh/54lf/bI3nws9raM+XYq6ajd4aBywlFRjnkpwrAg=
+SHA256 (Pkgfile) = cd04f724cda5bc9cd4860bb3b297d0fc4cb7e21f33f5b8255d78f2c0ac1d2d65
SHA256 (.footprint) = a1d2c71a5371982b87a8a14082aa2236258f84e0d602ec39247e0d63bf46ffdd
SHA256 (unzip60.tar.gz) = 036d96991646d0449ed0aa952e4fbe21b476ce994abc276e49d30e686708bd37
SHA256 (unzip-6.0-overflow.patch) = dcd41e0be383c485427fc5461a1aeb8a6207e7fcacf0d254f18700599845a9da
@@ -9,3 +9,6 @@ SHA256 (unzip-6.0-heap-overflow-infloop.patch) = b072c5a6d252425dbbda54a3d94285e
SHA256 (unzip-6.0-cve-2014-8139.patch) = 337131428f491b7030f96ee5b8ef3d8f5963730d1619b2754c624f4616d79adb
SHA256 (unzip-6.0-cve-2014-8140.patch) = 64f64985270e026c01d2c19c6b66c218cf5bcfc7cf3d4a44e601fad41975ec73
SHA256 (unzip-6.0-cve-2014-8141.patch) = b7a14c33db93d1e5b4fc6ce113b4b99ff7a81ed56f46c87e001f22ec085e0273
+SHA256 (0001-Fix-CVE-2016-9844-rhbz-1404283.patch) = 1980d37c82591f9ad473052408b0a61d0c50cce8db795b9980e6a74b2270c339
+SHA256 (unzip-6.0-cve-2018-1000035-heap-based-overflow.patch) = aced0f27191a67f9b8b3fdc5995938a64fd87cea64a0bbba2106e06137ef91c2
+SHA256 (unzip-6.0-alt-iconv-utf8-print.patch) = b990d8d8d8e02777999484a132170666ea736a865f9ad81da651dc63725475ff
diff --git a/unzip/0001-Fix-CVE-2016-9844-rhbz-1404283.patch b/unzip/0001-Fix-CVE-2016-9844-rhbz-1404283.patch
new file mode 100644
index 000000000..2322ce104
--- /dev/null
+++ b/unzip/0001-Fix-CVE-2016-9844-rhbz-1404283.patch
@@ -0,0 +1,40 @@
+From 754137e70cf58a64ad524b704a86b651ba0cde07 Mon Sep 17 00:00:00 2001
+From: Petr Stodulka <pstodulk(a)redhat.com>
+Date: Wed, 14 Dec 2016 16:30:36 +0100
+Subject: [PATCH] Fix CVE-2016-9844 (rhbz#1404283)
+
+Fixes buffer overflow in zipinfo in similar way like fix for
+CVE-2014-9913 provided by upstream.
+---
+ zipinfo.c | 14 +++++++++++++-
+ 1 file changed, 13 insertions(+), 1 deletion(-)
+
+diff --git a/zipinfo.c b/zipinfo.c
+index c03620e..accca2a 100644
+--- a/zipinfo.c
++++ b/zipinfo.c
+@@ -1984,7 +1984,19 @@ static int zi_short(__G) /* return PK-type error code */
+ ush dnum=(ush)((G.crec.general_purpose_bit_flag>>1) & 3);
+ methbuf[3] = dtype[dnum];
+ } else if (methnum >= NUM_METHODS) { /* unknown */
+- sprintf(&methbuf[1], "%03u", G.crec.compression_method);
++ /* 2016-12-05 SMS.
++ * https://launchpad.net/bugs/1643750
++ * Unexpectedly large compression methods overflow
++ * &methbuf[]. Use the old, three-digit decimal format
++ * for values which fit. Otherwise, sacrifice the "u",
++ * and use four-digit hexadecimal.
++ */
++ if (G.crec.compression_method <= 999) {
++ sprintf( &methbuf[ 1], "%03u", G.crec.compression_method);
++ } else {
++ sprintf( &methbuf[ 0], "%04X", G.crec.compression_method);
++ }
++
+ }
+
+ for (k = 0; k < 15; ++k)
+--
+2.5.5
+
+
diff --git a/unzip/Pkgfile b/unzip/Pkgfile
index 9ad788787..cb3aaf3eb 100644
--- a/unzip/Pkgfile
+++ b/unzip/Pkgfile
@@ -4,13 +4,16 @@
name=unzip
version=6.0
-release=6
+release=7
source=(http://downloads.sourceforge.net/sourceforge/infozip/${name}${versi… \
unzip-6.0-overflow.patch unzip-6.0-attribs-overflow.patch \
unzip-6.0-heap-overflow-infloop.patch \
unzip-6.0-cve-2014-8139.patch \
unzip-6.0-cve-2014-8140.patch \
- unzip-6.0-cve-2014-8141.patch)
+ unzip-6.0-cve-2014-8141.patch \
+ 0001-Fix-CVE-2016-9844-rhbz-1404283.patch \
+ unzip-6.0-cve-2018-1000035-heap-based-overflow.patch \
+ unzip-6.0-alt-iconv-utf8-print.patch)
build() {
cd ${name}${version//./}
@@ -20,6 +23,9 @@ build() {
patch -p1 -i $SRC/unzip-6.0-cve-2014-8139.patch
patch -p1 -i $SRC/unzip-6.0-cve-2014-8140.patch
patch -p1 -i $SRC/unzip-6.0-cve-2014-8141.patch
+ patch -p1 -i $SRC/0001-Fix-CVE-2016-9844-rhbz-1404283.patch
+ patch -p1 -i $SRC/unzip-6.0-cve-2018-1000035-heap-based-overflow.patch
+ patch -p1 -i $SRC/unzip-6.0-alt-iconv-utf8-print.patch
sed -i 's/-O3//' unix/configure
make -f unix/Makefile LOCAL_UNZIP="$CFLAGS" generic
diff --git a/unzip/unzip-6.0-alt-iconv-utf8-print.patch b/unzip/unzip-6.0-alt-iconv-utf8-print.patch
new file mode 100644
index 000000000..0b0153ba5
--- /dev/null
+++ b/unzip/unzip-6.0-alt-iconv-utf8-print.patch
@@ -0,0 +1,381 @@
+From ca0212ba19b64488b9e8459a762c11ecd6e7d0bd Mon Sep 17 00:00:00 2001
+From: Petr Stodulka <pstodulk(a)redhat.com>
+Date: Tue, 24 Nov 2015 17:56:11 +0100
+Subject: [PATCH] print correctly non-ascii filenames
+
+---
+ extract.c | 289 ++++++++++++++++++++++++++++++++++++++++++++++++--------------
+ unzpriv.h | 7 ++
+ 2 files changed, 233 insertions(+), 63 deletions(-)
+
+diff --git a/extract.c b/extract.c
+index 0ee4e93..741b7e0 100644
+--- a/extract.c
++++ b/extract.c
+@@ -2648,8 +2648,21 @@ static void set_deferred_symlink(__G__ slnk_entry)
+ } /* end function set_deferred_symlink() */
+ #endif /* SYMLINKS */
+
++/*
++ * If Unicode is supported, assume we have what we need to do this
++ * check using wide characters, avoiding MBCS issues.
++ */
+
+-
++#ifndef UZ_FNFILTER_REPLACECHAR
++ /* A convenient choice for the replacement of unprintable char codes is
++ * the "single char wildcard", as this character is quite unlikely to
++ * appear in filenames by itself. The following default definition
++ * sets the replacement char to a question mark as the most common
++ * "single char wildcard"; this setting should be overridden in the
++ * appropiate system-specific configuration header when needed.
++ */
++# define UZ_FNFILTER_REPLACECHAR '?'
++#endif
+
+ /*************************/
+ /* Function fnfilter() */ /* here instead of in list.c for SFX */
+@@ -2661,48 +2674,168 @@ char *fnfilter(raw, space, size) /* convert name to safely printable form */
+ extent size;
+ {
+ #ifndef NATIVE /* ASCII: filter ANSI escape codes, etc. */
+- ZCONST uch *r=(ZCONST uch *)raw;
++ ZCONST uch *r; // =(ZCONST uch *)raw;
+ uch *s=space;
+ uch *slim=NULL;
+ uch *se=NULL;
+ int have_overflow = FALSE;
+
+- if (size > 0) {
+- slim = space + size
+-#ifdef _MBCS
+- - (MB_CUR_MAX - 1)
+-#endif
+- - 4;
++# if defined( UNICODE_SUPPORT) && defined( _MBCS)
++/* If Unicode support is enabled, and we have multi-byte characters,
++ * then do the isprint() checks by first converting to wide characters
++ * and checking those. This avoids our having to parse multi-byte
++ * characters for ourselves. After the wide-char replacements have been
++ * made, the wide string is converted back to the local character set.
++ */
++ wchar_t *wstring; /* wchar_t version of raw */
++ size_t wslen; /* length of wstring */
++ wchar_t *wostring; /* wchar_t version of output string */
++ size_t woslen; /* length of wostring */
++ char *newraw; /* new raw */
++
++ /* 2012-11-06 SMS.
++ * Changed to check the value returned by mbstowcs(), and bypass the
++ * Unicode processing if it fails. This seems to fix a problem
++ * reported in the SourceForge forum, but it's not clear that we
++ * should be doing any Unicode processing without some evidence that
++ * the name actually is Unicode. (Check bit 11 in the flags before
++ * coming here?)
++ * http://sourceforge.net/p/infozip/bugs/40/
++ */
++
++ if (MB_CUR_MAX <= 1)
++ {
++ /* There's no point to converting multi-byte chars if there are
++ * no multi-byte chars.
++ */
++ wslen = (size_t)-1;
+ }
+- while (*r) {
+- if (size > 0 && s >= slim && se == NULL) {
+- se = s;
++ else
++ {
++ /* Get Unicode wide character count (for storage allocation). */
++ wslen = mbstowcs( NULL, raw, 0);
++ }
++
++ if (wslen != (size_t)-1)
++ {
++ /* Apparently valid Unicode. Allocate wide-char storage. */
++ wstring = (wchar_t *)malloc((wslen + 1) * sizeof(wchar_t));
++ if (wstring == NULL) {
++ strcpy( (char *)space, raw);
++ return (char *)space;
+ }
+-#ifdef QDOS
+- if (qlflag & 2) {
+- if (*r == '/' || *r == '.') {
++ wostring = (wchar_t *)malloc(2 * (wslen + 1) * sizeof(wchar_t));
++ if (wostring == NULL) {
++ free(wstring);
++ strcpy( (char *)space, raw);
++ return (char *)space;
++ }
++
++ /* Convert the multi-byte Unicode to wide chars. */
++ wslen = mbstowcs(wstring, raw, wslen + 1);
++
++ /* Filter the wide-character string. */
++ fnfilterw( wstring, wostring, (2 * (wslen + 1) * sizeof(wchar_t)));
++
++ /* Convert filtered wide chars back to multi-byte. */
++ woslen = wcstombs( NULL, wostring, 0);
++ if ((newraw = malloc(woslen + 1)) == NULL) {
++ free(wstring);
++ free(wostring);
++ strcpy( (char *)space, raw);
++ return (char *)space;
++ }
++ woslen = wcstombs( newraw, wostring, (woslen * MB_CUR_MAX) + 1);
++
++ if (size > 0) {
++ slim = space + size - 4;
++ }
++ r = (ZCONST uch *)newraw;
++ while (*r) {
++ if (size > 0 && s >= slim && se == NULL) {
++ se = s;
++ }
++# ifdef QDOS
++ if (qlflag & 2) {
++ if (*r == '/' || *r == '.') {
++ if (se != NULL && (s > (space + (size-3)))) {
++ have_overflow = TRUE;
++ break;
++ }
++ ++r;
++ *s++ = '_';
++ continue;
++ }
++ } else
++# endif
++ {
+ if (se != NULL && (s > (space + (size-3)))) {
+ have_overflow = TRUE;
+ break;
+ }
+- ++r;
+- *s++ = '_';
+- continue;
++ *s++ = *r++;
+ }
+- } else
++ }
++ if (have_overflow) {
++ strcpy((char *)se, "...");
++ } else {
++ *s = '\0';
++ }
++
++ free(wstring);
++ free(wostring);
++ free(newraw);
++ }
++ else
++# endif /* defined( UNICODE_SUPPORT) && defined( _MBCS) */
++ {
++ /* No Unicode support, or apparently invalid Unicode. */
++ r = (ZCONST uch *)raw;
++
++ if (size > 0) {
++ slim = space + size
++#ifdef _MBCS
++ - (MB_CUR_MAX - 1)
++#endif
++ - 4;
++ }
++ while (*r) {
++ if (size > 0 && s >= slim && se == NULL) {
++ se = s;
++ }
++#ifdef QDOS
++ if (qlflag & 2) {
++ if (*r == '/' || *r == '.') {
++ if (se != NULL && (s > (space + (size-3)))) {
++ have_overflow = TRUE;
++ break;
++ }
++ ++r;
++ *s++ = '_';
++ continue;
++ }
++ } else
+ #endif
+ #ifdef HAVE_WORKING_ISPRINT
+-# ifndef UZ_FNFILTER_REPLACECHAR
+- /* A convenient choice for the replacement of unprintable char codes is
+- * the "single char wildcard", as this character is quite unlikely to
+- * appear in filenames by itself. The following default definition
+- * sets the replacement char to a question mark as the most common
+- * "single char wildcard"; this setting should be overridden in the
+- * appropiate system-specific configuration header when needed.
+- */
+-# define UZ_FNFILTER_REPLACECHAR '?'
+-# endif
+- if (!isprint(*r)) {
++ if (!isprint(*r)) {
++ if (*r < 32) {
++ /* ASCII control codes are escaped as "^{letter}". */
++ if (se != NULL && (s > (space + (size-4)))) {
++ have_overflow = TRUE;
++ break;
++ }
++ *s++ = '^', *s++ = (uch)(64 + *r++);
++ } else {
++ /* Other unprintable codes are replaced by the
++ * placeholder character. */
++ if (se != NULL && (s > (space + (size-3)))) {
++ have_overflow = TRUE;
++ break;
++ }
++ *s++ = UZ_FNFILTER_REPLACECHAR;
++ INCSTR(r);
++ }
++#else /* !HAVE_WORKING_ISPRINT */
+ if (*r < 32) {
+ /* ASCII control codes are escaped as "^{letter}". */
+ if (se != NULL && (s > (space + (size-4)))) {
+@@ -2710,47 +2843,30 @@ char *fnfilter(raw, space, size) /* convert name to safely printable form */
+ break;
+ }
+ *s++ = '^', *s++ = (uch)(64 + *r++);
++#endif /* ?HAVE_WORKING_ISPRINT */
+ } else {
+- /* Other unprintable codes are replaced by the
+- * placeholder character. */
++#ifdef _MBCS
++ unsigned i = CLEN(r);
++ if (se != NULL && (s > (space + (size-i-2)))) {
++ have_overflow = TRUE;
++ break;
++ }
++ for (; i > 0; i--)
++ *s++ = *r++;
++#else
+ if (se != NULL && (s > (space + (size-3)))) {
+ have_overflow = TRUE;
+ break;
+ }
+- *s++ = UZ_FNFILTER_REPLACECHAR;
+- INCSTR(r);
+- }
+-#else /* !HAVE_WORKING_ISPRINT */
+- if (*r < 32) {
+- /* ASCII control codes are escaped as "^{letter}". */
+- if (se != NULL && (s > (space + (size-4)))) {
+- have_overflow = TRUE;
+- break;
+- }
+- *s++ = '^', *s++ = (uch)(64 + *r++);
+-#endif /* ?HAVE_WORKING_ISPRINT */
+- } else {
+-#ifdef _MBCS
+- unsigned i = CLEN(r);
+- if (se != NULL && (s > (space + (size-i-2)))) {
+- have_overflow = TRUE;
+- break;
+- }
+- for (; i > 0; i--)
+ *s++ = *r++;
+-#else
+- if (se != NULL && (s > (space + (size-3)))) {
+- have_overflow = TRUE;
+- break;
+- }
+- *s++ = *r++;
+ #endif
+- }
+- }
+- if (have_overflow) {
+- strcpy((char *)se, "...");
+- } else {
+- *s = '\0';
++ }
++ }
++ if (have_overflow) {
++ strcpy((char *)se, "...");
++ } else {
++ *s = '\0';
++ }
+ }
+
+ #ifdef WINDLL
+@@ -2772,6 +2888,53 @@ char *fnfilter(raw, space, size) /* convert name to safely printable form */
+ } /* end function fnfilter() */
+
+
++#if defined( UNICODE_SUPPORT) && defined( _MBCS)
++
++/****************************/
++/* Function fnfilter[w]() */ /* (Here instead of in list.c for SFX.) */
++/****************************/
++
++/* fnfilterw() - Convert wide name to safely printable form. */
++
++/* fnfilterw() - Convert wide-character name to safely printable form. */
++
++wchar_t *fnfilterw( src, dst, siz)
++ ZCONST wchar_t *src; /* Pointer to source char (string). */
++ wchar_t *dst; /* Pointer to destination char (string). */
++ extent siz; /* Not used (!). */
++{
++ wchar_t *dsx = dst;
++
++ /* Filter the wide chars. */
++ while (*src)
++ {
++ if (iswprint( *src))
++ {
++ /* Printable code. Copy it. */
++ *dst++ = *src;
++ }
++ else
++ {
++ /* Unprintable code. Substitute something printable for it. */
++ if (*src < 32)
++ {
++ /* Replace ASCII control code with "^{letter}". */
++ *dst++ = (wchar_t)'^';
++ *dst++ = (wchar_t)(64 + *src);
++ }
++ else
++ {
++ /* Replace other unprintable code with the placeholder. */
++ *dst++ = (wchar_t)UZ_FNFILTER_REPLACECHAR;
++ }
++ }
++ src++;
++ }
++ *dst = (wchar_t)0; /* NUL-terminate the destination string. */
++ return dsx;
++} /* fnfilterw(). */
++
++#endif /* defined( UNICODE_SUPPORT) && defined( _MBCS) */
+
+
+ #ifdef SET_DIR_ATTRIB
+diff --git a/unzpriv.h b/unzpriv.h
+index 22d3923..e48a652 100644
+--- a/unzpriv.h
++++ b/unzpriv.h
+@@ -1212,6 +1212,7 @@
+ # ifdef UNICODE_WCHAR
+ # if !(defined(_WIN32_WCE) || defined(POCKET_UNZIP))
+ # include <wchar.h>
++# include <wctype.h>
+ # endif
+ # endif
+ # ifndef _MBCS /* no need to include <locale.h> twice, see below */
+@@ -2410,6 +2411,12 @@ int memflush OF((__GPRO__ ZCONST uch *rawbuf, ulg size));
+ char *fnfilter OF((ZCONST char *raw, uch *space,
+ extent size));
+
++# if defined( UNICODE_SUPPORT) && defined( _MBCS)
++wchar_t *fnfilterw OF((ZCONST wchar_t *src, wchar_t *dst,
++ extent siz));
++#endif
++
++
+ /*---------------------------------------------------------------------------
+ Decompression functions:
+ ---------------------------------------------------------------------------*/
+--
+2.4.3
+
diff --git a/unzip/unzip-6.0-cve-2018-1000035-heap-based-overflow.patch b/unzip/unzip-6.0-cve-2018-1000035-heap-based-overflow.patch
new file mode 100644
index 000000000..8ca713865
--- /dev/null
+++ b/unzip/unzip-6.0-cve-2018-1000035-heap-based-overflow.patch
@@ -0,0 +1,34 @@
+--- a/fileio.c 2014-12-05 05:06:05 -0600
++++ b/fileio.c 2017-11-14 01:06:28 -0600
+@@ -1,5 +1,5 @@
+ /*
+- Copyright (c) 1990-2009 Info-ZIP. All rights reserved.
++ Copyright (c) 1990-2017 Info-ZIP. All rights reserved.
+
+ See the accompanying file LICENSE, version 2009-Jan-02 or later
+ (the contents of which are also included in unzip.h) for terms of use.
+@@ -1582,6 +1582,8 @@
+ int r = IZ_PW_ENTERED;
+ char *m;
+ char *prompt;
++ char *ep;
++ char *zp;
+
+ #ifndef REENTRANT
+ /* tell picky compilers to shut up about "unused variable" warnings */
+@@ -1590,9 +1592,12 @@
+
+ if (*rcnt == 0) { /* First call for current entry */
+ *rcnt = 2;
+- if ((prompt = (char *)malloc(2*FILNAMSIZ + 15)) != (char *)NULL) {
+- sprintf(prompt, LoadFarString(PasswPrompt),
+- FnFilter1(zfn), FnFilter2(efn));
++ zp = FnFilter1( zfn);
++ ep = FnFilter2( efn);
++ prompt = (char *)malloc( /* Slightly too long (2* "%s"). */
++ sizeof( PasswPrompt)+ strlen( zp)+ strlen( ep));
++ if (prompt != (char *)NULL) {
++ sprintf(prompt, LoadFarString(PasswPrompt), zp, ep);
+ m = prompt;
+ } else
+ m = (char *)LoadFarString(PasswPrompt2);
1
0
ports/contrib (3.4): [notify] libcdio: 0.94 -> 2.0.0 CVE-2017-18201 Closes FS#1600
by crux@crux.nu 10 Mar '18
by crux@crux.nu 10 Mar '18
10 Mar '18
commit 0b850e6535e9a4a29169e4be7db29cc8356aa0bc
Author: Danny Rawlins <monster.romster(a)gmail.com>
Date: Thu Mar 1 23:06:40 2018 +1100
[notify] libcdio: 0.94 -> 2.0.0 CVE-2017-18201 Closes FS#1600
diff --git a/libcdio/.footprint b/libcdio/.footprint
index 93cf7b54..bb286a17 100644
--- a/libcdio/.footprint
+++ b/libcdio/.footprint
@@ -56,14 +56,14 @@ drwxr-xr-x root/root usr/include/cdio/
drwxr-xr-x root/root usr/lib/
-rw-r--r-- root/root usr/lib/libcdio++.a
-rwxr-xr-x root/root usr/lib/libcdio++.la
-lrwxrwxrwx root/root usr/lib/libcdio++.so -> libcdio++.so.0.0.2
-lrwxrwxrwx root/root usr/lib/libcdio++.so.0 -> libcdio++.so.0.0.2
--rwxr-xr-x root/root usr/lib/libcdio++.so.0.0.2
+lrwxrwxrwx root/root usr/lib/libcdio++.so -> libcdio++.so.1.0.0
+lrwxrwxrwx root/root usr/lib/libcdio++.so.1 -> libcdio++.so.1.0.0
+-rwxr-xr-x root/root usr/lib/libcdio++.so.1.0.0
-rw-r--r-- root/root usr/lib/libcdio.a
-rwxr-xr-x root/root usr/lib/libcdio.la
-lrwxrwxrwx root/root usr/lib/libcdio.so -> libcdio.so.16.0.0
-lrwxrwxrwx root/root usr/lib/libcdio.so.16 -> libcdio.so.16.0.0
--rwxr-xr-x root/root usr/lib/libcdio.so.16.0.0
+lrwxrwxrwx root/root usr/lib/libcdio.so -> libcdio.so.18.0.0
+lrwxrwxrwx root/root usr/lib/libcdio.so.18 -> libcdio.so.18.0.0
+-rwxr-xr-x root/root usr/lib/libcdio.so.18.0.0
-rw-r--r-- root/root usr/lib/libiso9660++.a
-rwxr-xr-x root/root usr/lib/libiso9660++.la
lrwxrwxrwx root/root usr/lib/libiso9660++.so -> libiso9660++.so.0.0.0
@@ -71,9 +71,9 @@ lrwxrwxrwx root/root usr/lib/libiso9660++.so.0 -> libiso9660++.so.0.0.0
-rwxr-xr-x root/root usr/lib/libiso9660++.so.0.0.0
-rw-r--r-- root/root usr/lib/libiso9660.a
-rwxr-xr-x root/root usr/lib/libiso9660.la
-lrwxrwxrwx root/root usr/lib/libiso9660.so -> libiso9660.so.10.0.0
-lrwxrwxrwx root/root usr/lib/libiso9660.so.10 -> libiso9660.so.10.0.0
--rwxr-xr-x root/root usr/lib/libiso9660.so.10.0.0
+lrwxrwxrwx root/root usr/lib/libiso9660.so -> libiso9660.so.11.0.0
+lrwxrwxrwx root/root usr/lib/libiso9660.so.11 -> libiso9660.so.11.0.0
+-rwxr-xr-x root/root usr/lib/libiso9660.so.11.0.0
-rw-r--r-- root/root usr/lib/libudf.a
-rwxr-xr-x root/root usr/lib/libudf.la
lrwxrwxrwx root/root usr/lib/libudf.so -> libudf.so.0.0.0
diff --git a/libcdio/.md5sum b/libcdio/.md5sum
index a48ec28d..c6a9fd2b 100644
--- a/libcdio/.md5sum
+++ b/libcdio/.md5sum
@@ -1,2 +1 @@
-5a7f50209c03d5919d5b932f07871af7 libcdio-0.83-linking.patch
-d8734266a20fbc2605a97b701b838ab6 libcdio-0.94.tar.gz
+5beb1f68b9c812ee47c58072daf3be17 libcdio-2.0.0.tar.bz2
diff --git a/libcdio/.signature b/libcdio/.signature
index 7460485c..48e295ad 100644
--- a/libcdio/.signature
+++ b/libcdio/.signature
@@ -1,6 +1,5 @@
untrusted comment: verify with /etc/ports/contrib.pub
-RWSagIOpLGJF348q411V+leF4eXuZvWOsl3Ok1d7b22Qme8dGZnafyIPhEC6Grd6ZdmsKJUKWGg8d8H6v5W8ziXAtvJ7wICe7gc=
-SHA256 (Pkgfile) = 21726ec1037bb9d4660fcd5466e9e8e45d7ad20388e9012c50ce5dd583b922ab
-SHA256 (.footprint) = a354132bdb7be191b8c897e1bbed81dbc6d2711aba6a4bae8e2b26c4c710c64b
-SHA256 (libcdio-0.94.tar.gz) = 96e2c903f866ae96f9f5b9048fa32db0921464a2286f5b586c0f02699710025a
-SHA256 (libcdio-0.83-linking.patch) = d88186b2a11726fe5ef10853e0245996b55793552b14230d1f7ba5ee3c54f3ed
+RWSagIOpLGJF37T+3i7hbUym/YmmpAP+M+1xeP/Y4YkoQEjzRGt0XabqB3qACS8YmoqzMW46fzGMLkDzTDObAq7fIJyJzyarVAM=
+SHA256 (Pkgfile) = 6ddb4d71fddadb00ab8fed54fdfbc6a1193158cb05d57446a4da0835abe4d01a
+SHA256 (.footprint) = f2e092aa140d5cc06e550e1674b96f73c16a293fa621c0b84ff61b76e02152e7
+SHA256 (libcdio-2.0.0.tar.bz2) = cd0da052a0e149e2526c41c5ac37b4865deb5c1cffe6faed18850154dbbd284b
diff --git a/libcdio/Pkgfile b/libcdio/Pkgfile
index 80df6e47..d330a72c 100644
--- a/libcdio/Pkgfile
+++ b/libcdio/Pkgfile
@@ -1,20 +1,16 @@
# Description: A library for CD-ROM and CD image access.
# URL: http://www.gnu.org/software/libcdio/
# Maintainer: Danny Rawlins, crux at romster dot me
-# Packager: Tim Biermann, tim_biermann at web dot de
# Depends on: libcddb ncurses
name=libcdio
-version=0.94
+version=2.0.0
release=1
-source=(https://ftp.gnu.org/gnu/$name/$name-$version.tar.gz
- libcdio-0.83-linking.patch)
+source=(https://ftp.gnu.org/gnu/$name/$name-$version.tar.bz2)
build() {
cd $name-$version
- patch -p 1 -i $SRC/libcdio-0.83-linking.patch
- sed -i '/AM_INIT_AUTOMAKE/s/subdir-objects//' configure.ac
autoreconf -fi
./configure \
diff --git a/libcdio/libcdio-0.83-linking.patch b/libcdio/libcdio-0.83-linking.patch
deleted file mode 100644
index 84a0746b..00000000
--- a/libcdio/libcdio-0.83-linking.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-diff -Naur libcdio-0.83-orig/example/C++/OO/Makefile.in libcdio-0.83/example/C++/OO/Makefile.in
---- libcdio-0.83-orig/example/C++/OO/Makefile.in 2011-10-27 18:02:31.000000000 +1000
-+++ libcdio-0.83/example/C++/OO/Makefile.in 2012-02-18 11:10:07.369277231 +1000
-@@ -315,15 +315,15 @@
-
- isofile2_SOURCES = isofile2.cpp
- isofile2_LDADD = $(LIBISO9660PP_LIBS) $(LIBISO9660_LIBS) \
-- $(LIBCDIOPP_LIBS) $(LTLIBICONV)
-+ $(LIBCDIOPP_LIBS) $(LIBCDIO_LIBS) $(LTLIBICONV)
-
- isolist_SOURCES = isolist.cpp
- isolist_LDADD = $(LIBISO9660PP_LIBS) $(LIBISO9660_LIBS) \
-- $(LIBCDIOPP_LIBS) $(LTLIBICONV)
-+ $(LIBCDIOPP_LIBS) $(LIBCDIO_LIBS) $(LTLIBICONV)
-
- iso4_SOURCES = iso4.cpp
- iso4_LDADD = $(LIBISO9660PP_LIBS) $(LIBISO9660_LIBS) \
-- $(LIBCDIOPP_LIBS) $(LTLIBICONV)
-+ $(LIBCDIOPP_LIBS) $(LIBCDIO_LIBS) $(LTLIBICONV)
-
- mmc1_SOURCES = mmc1.cpp
- mmc1_DEPENDENCIES = $(LIBCDIO_DEPS)
1
0
ports/contrib (3.4): [notify] net-snmp: fix for CVE-2018-1000116. Closes FS#1611
by crux@crux.nu 10 Mar '18
by crux@crux.nu 10 Mar '18
10 Mar '18
commit d64778d13978fcb03845ec040d47941ec9887f56
Author: Fredrik Rinnestam <fredrik(a)crux.nu>
Date: Sat Mar 10 16:59:13 2018 +0100
[notify] net-snmp: fix for CVE-2018-1000116. Closes FS#1611
diff --git a/net-snmp/.md5sum b/net-snmp/.md5sum
index dcb6da71..7b67e526 100644
--- a/net-snmp/.md5sum
+++ b/net-snmp/.md5sum
@@ -1,5 +1,6 @@
aea518953798008a1db91951eefd8da8 0001-CHANGES-BUG-2712-Fix-Perl-module-compilation.patch
ebbb1fa141e14932882f6c747f3fe4b4 0001-Remove-U64-typedef.patch
+fcbab0e8e6c5cc76da637d1d71aaec3b CVE-2018-1000116.patch
d4a3459e1577d0efa8d96ca70a885e53 net-snmp-5.7.3.tar.gz
0ac35ebc69c521313cf0c24b9afb3b22 snmpd
e75939cb0b4648856d07b9c04610af5d snmpd.conf
diff --git a/net-snmp/.signature b/net-snmp/.signature
index 5c2ddb24..de275c01 100644
--- a/net-snmp/.signature
+++ b/net-snmp/.signature
@@ -1,9 +1,10 @@
untrusted comment: verify with /etc/ports/contrib.pub
-RWSagIOpLGJF32Zho/UyinbScWY8yuoUMXGJXBPFiQYJSByEeJFvk8IaMq6t7CGAVP3/sP7tEb2udJe3cjfDtjEKaSQlmlDPGAA=
-SHA256 (Pkgfile) = ecf9b8008b80c92e2b3fae29d7f54690b19dc454e988b33408d39d819549afc8
+RWSagIOpLGJF35iPFRGPHBp052IZ8HEewZKWqzRTFdF4mLoiWkKVqpMKnfTviYE9OnUgfC4vx26RSXVcn5fB4ZCbzb+kAt+IqAg=
+SHA256 (Pkgfile) = 6597db3298de9e37c021ee96851f67e9a349758a8505b536927e6c3beac2644a
SHA256 (.footprint) = 2d2151d495c0cefd7ba68f015153e8e75fba53dd10165903220b0fe2c68e27c3
SHA256 (net-snmp-5.7.3.tar.gz) = 12ef89613c7707dc96d13335f153c1921efc9d61d3708ef09f3fc4a7014fb4f0
SHA256 (snmpd) = 2f8945dd66668cccd4ad884bbc1f425dfb5ace1261a5c410182222c928f54a34
SHA256 (snmpd.conf) = fc23c35aa4e275456cb9e7e1a4c2af06a9ec089126932a98aef39093a3c33e3e
SHA256 (0001-Remove-U64-typedef.patch) = 5ba67c44ec792c6509e9f91bc2561b7c74231c7123b67e4f45b997ea6b3fa4ec
SHA256 (0001-CHANGES-BUG-2712-Fix-Perl-module-compilation.patch) = 77b9bf66b7f4ee6be486c945602fcbcf37d48a7b2514f3c9ba1e49550f4cab96
+SHA256 (CVE-2018-1000116.patch) = 49b1c3509d53b1346c10282c29ac8e2020d40921f7287017ce4f24e06c0a301d
diff --git a/net-snmp/CVE-2018-1000116.patch b/net-snmp/CVE-2018-1000116.patch
new file mode 100644
index 00000000..f33b075b
--- /dev/null
+++ b/net-snmp/CVE-2018-1000116.patch
@@ -0,0 +1,117 @@
+--- a/snmplib/snmp_api.c
++++ b/snmplib/snmp_api.c
+@@ -4350,10 +4350,9 @@ snmp_pdu_parse(netsnmp_pdu *pdu, u_char
+ u_char type;
+ u_char msg_type;
+ u_char *var_val;
+- int badtype = 0;
+ size_t len;
+ size_t four;
+- netsnmp_variable_list *vp = NULL;
++ netsnmp_variable_list *vp = NULL, *vplast = NULL;
+ oid objid[MAX_OID_LEN];
+ u_char *p;
+
+@@ -4493,38 +4492,24 @@ snmp_pdu_parse(netsnmp_pdu *pdu, u_char
+ (ASN_SEQUENCE | ASN_CONSTRUCTOR),
+ "varbinds");
+ if (data == NULL)
+- return -1;
++ goto fail;
+
+ /*
+ * get each varBind sequence
+ */
+ while ((int) *length > 0) {
+- netsnmp_variable_list *vptemp;
+- vptemp = (netsnmp_variable_list *) malloc(sizeof(*vptemp));
+- if (NULL == vptemp) {
+- return -1;
+- }
+- if (NULL == vp) {
+- pdu->variables = vptemp;
+- } else {
+- vp->next_variable = vptemp;
+- }
+- vp = vptemp;
++ vp = SNMP_MALLOC_TYPEDEF(netsnmp_variable_list);
++ if (NULL == vp)
++ goto fail;
+
+- vp->next_variable = NULL;
+- vp->val.string = NULL;
+ vp->name_length = MAX_OID_LEN;
+- vp->name = NULL;
+- vp->index = 0;
+- vp->data = NULL;
+- vp->dataFreeHook = NULL;
+ DEBUGDUMPSECTION("recv", "VarBind");
+ data = snmp_parse_var_op(data, objid, &vp->name_length, &vp->type,
+ &vp->val_len, &var_val, length);
+ if (data == NULL)
+- return -1;
++ goto fail;
+ if (snmp_set_var_objid(vp, objid, vp->name_length))
+- return -1;
++ goto fail;
+
+ len = MAX_PACKET_LENGTH;
+ DEBUGDUMPHEADER("recv", "Value");
+@@ -4604,7 +4589,7 @@ snmp_pdu_parse(netsnmp_pdu *pdu, u_char
+ vp->val.string = (u_char *) malloc(vp->val_len);
+ }
+ if (vp->val.string == NULL) {
+- return -1;
++ goto fail;
+ }
+ p = asn_parse_string(var_val, &len, &vp->type, vp->val.string,
+ &vp->val_len);
+@@ -4619,7 +4604,7 @@ snmp_pdu_parse(netsnmp_pdu *pdu, u_char
+ vp->val_len *= sizeof(oid);
+ vp->val.objid = (oid *) malloc(vp->val_len);
+ if (vp->val.objid == NULL) {
+- return -1;
++ goto fail;
+ }
+ memmove(vp->val.objid, objid, vp->val_len);
+ break;
+@@ -4631,7 +4616,7 @@ snmp_pdu_parse(netsnmp_pdu *pdu, u_char
+ case ASN_BIT_STR:
+ vp->val.bitstring = (u_char *) malloc(vp->val_len);
+ if (vp->val.bitstring == NULL) {
+- return -1;
++ goto fail;
+ }
+ p = asn_parse_bitstring(var_val, &len, &vp->type,
+ vp->val.bitstring, &vp->val_len);
+@@ -4640,12 +4625,28 @@ snmp_pdu_parse(netsnmp_pdu *pdu, u_char
+ break;
+ default:
+ snmp_log(LOG_ERR, "bad type returned (%x)\n", vp->type);
+- badtype = -1;
++ goto fail;
+ break;
+ }
+ DEBUGINDENTADD(-4);
++
++ if (NULL == vplast) {
++ pdu->variables = vp;
++ } else {
++ vplast->next_variable = vp;
++ }
++ vplast = vp;
++ vp = NULL;
+ }
+- return badtype;
++ return 0;
++
++ fail:
++ DEBUGMSGTL(("recv", "error while parsing VarBindList\n"));
++ /** if we were parsing a var, remove it from the pdu and free it */
++ if (vp)
++ snmp_free_var(vp);
++
++ return -1;
+ }
+
+ /*
diff --git a/net-snmp/Pkgfile b/net-snmp/Pkgfile
index 96809a39..1f67347a 100644
--- a/net-snmp/Pkgfile
+++ b/net-snmp/Pkgfile
@@ -5,16 +5,20 @@
name=net-snmp
version=5.7.3
-release=4
+release=5
source=(http://download.sourceforge.net/$name/$name-$version.tar.gz \
snmpd snmpd.conf \
0001-Remove-U64-typedef.patch \
- 0001-CHANGES-BUG-2712-Fix-Perl-module-compilation.patch)
+ 0001-CHANGES-BUG-2712-Fix-Perl-module-compilation.patch \
+ CVE-2018-1000116.patch)
build() {
cd $name-$version
+
patch -p1 -i $SRC/0001-Remove-U64-typedef.patch
patch -p1 -i $SRC/0001-CHANGES-BUG-2712-Fix-Perl-module-compilation.patch
+ patch -p1 -i $SRC/CVE-2018-1000116.patch
+
export NETSNMP_DONT_CHECK_VERSION=1
./configure --prefix=/usr \
--sysconfdir=/etc \
1
0
ports/contrib (3.3): [notify] net-snmp: fix for CVE-2018-1000116. Closes FS#1611
by crux@crux.nu 10 Mar '18
by crux@crux.nu 10 Mar '18
10 Mar '18
commit d64778d13978fcb03845ec040d47941ec9887f56
Author: Fredrik Rinnestam <fredrik(a)crux.nu>
Date: Sat Mar 10 16:59:13 2018 +0100
[notify] net-snmp: fix for CVE-2018-1000116. Closes FS#1611
diff --git a/net-snmp/.md5sum b/net-snmp/.md5sum
index dcb6da71..7b67e526 100644
--- a/net-snmp/.md5sum
+++ b/net-snmp/.md5sum
@@ -1,5 +1,6 @@
aea518953798008a1db91951eefd8da8 0001-CHANGES-BUG-2712-Fix-Perl-module-compilation.patch
ebbb1fa141e14932882f6c747f3fe4b4 0001-Remove-U64-typedef.patch
+fcbab0e8e6c5cc76da637d1d71aaec3b CVE-2018-1000116.patch
d4a3459e1577d0efa8d96ca70a885e53 net-snmp-5.7.3.tar.gz
0ac35ebc69c521313cf0c24b9afb3b22 snmpd
e75939cb0b4648856d07b9c04610af5d snmpd.conf
diff --git a/net-snmp/.signature b/net-snmp/.signature
index 5c2ddb24..de275c01 100644
--- a/net-snmp/.signature
+++ b/net-snmp/.signature
@@ -1,9 +1,10 @@
untrusted comment: verify with /etc/ports/contrib.pub
-RWSagIOpLGJF32Zho/UyinbScWY8yuoUMXGJXBPFiQYJSByEeJFvk8IaMq6t7CGAVP3/sP7tEb2udJe3cjfDtjEKaSQlmlDPGAA=
-SHA256 (Pkgfile) = ecf9b8008b80c92e2b3fae29d7f54690b19dc454e988b33408d39d819549afc8
+RWSagIOpLGJF35iPFRGPHBp052IZ8HEewZKWqzRTFdF4mLoiWkKVqpMKnfTviYE9OnUgfC4vx26RSXVcn5fB4ZCbzb+kAt+IqAg=
+SHA256 (Pkgfile) = 6597db3298de9e37c021ee96851f67e9a349758a8505b536927e6c3beac2644a
SHA256 (.footprint) = 2d2151d495c0cefd7ba68f015153e8e75fba53dd10165903220b0fe2c68e27c3
SHA256 (net-snmp-5.7.3.tar.gz) = 12ef89613c7707dc96d13335f153c1921efc9d61d3708ef09f3fc4a7014fb4f0
SHA256 (snmpd) = 2f8945dd66668cccd4ad884bbc1f425dfb5ace1261a5c410182222c928f54a34
SHA256 (snmpd.conf) = fc23c35aa4e275456cb9e7e1a4c2af06a9ec089126932a98aef39093a3c33e3e
SHA256 (0001-Remove-U64-typedef.patch) = 5ba67c44ec792c6509e9f91bc2561b7c74231c7123b67e4f45b997ea6b3fa4ec
SHA256 (0001-CHANGES-BUG-2712-Fix-Perl-module-compilation.patch) = 77b9bf66b7f4ee6be486c945602fcbcf37d48a7b2514f3c9ba1e49550f4cab96
+SHA256 (CVE-2018-1000116.patch) = 49b1c3509d53b1346c10282c29ac8e2020d40921f7287017ce4f24e06c0a301d
diff --git a/net-snmp/CVE-2018-1000116.patch b/net-snmp/CVE-2018-1000116.patch
new file mode 100644
index 00000000..f33b075b
--- /dev/null
+++ b/net-snmp/CVE-2018-1000116.patch
@@ -0,0 +1,117 @@
+--- a/snmplib/snmp_api.c
++++ b/snmplib/snmp_api.c
+@@ -4350,10 +4350,9 @@ snmp_pdu_parse(netsnmp_pdu *pdu, u_char
+ u_char type;
+ u_char msg_type;
+ u_char *var_val;
+- int badtype = 0;
+ size_t len;
+ size_t four;
+- netsnmp_variable_list *vp = NULL;
++ netsnmp_variable_list *vp = NULL, *vplast = NULL;
+ oid objid[MAX_OID_LEN];
+ u_char *p;
+
+@@ -4493,38 +4492,24 @@ snmp_pdu_parse(netsnmp_pdu *pdu, u_char
+ (ASN_SEQUENCE | ASN_CONSTRUCTOR),
+ "varbinds");
+ if (data == NULL)
+- return -1;
++ goto fail;
+
+ /*
+ * get each varBind sequence
+ */
+ while ((int) *length > 0) {
+- netsnmp_variable_list *vptemp;
+- vptemp = (netsnmp_variable_list *) malloc(sizeof(*vptemp));
+- if (NULL == vptemp) {
+- return -1;
+- }
+- if (NULL == vp) {
+- pdu->variables = vptemp;
+- } else {
+- vp->next_variable = vptemp;
+- }
+- vp = vptemp;
++ vp = SNMP_MALLOC_TYPEDEF(netsnmp_variable_list);
++ if (NULL == vp)
++ goto fail;
+
+- vp->next_variable = NULL;
+- vp->val.string = NULL;
+ vp->name_length = MAX_OID_LEN;
+- vp->name = NULL;
+- vp->index = 0;
+- vp->data = NULL;
+- vp->dataFreeHook = NULL;
+ DEBUGDUMPSECTION("recv", "VarBind");
+ data = snmp_parse_var_op(data, objid, &vp->name_length, &vp->type,
+ &vp->val_len, &var_val, length);
+ if (data == NULL)
+- return -1;
++ goto fail;
+ if (snmp_set_var_objid(vp, objid, vp->name_length))
+- return -1;
++ goto fail;
+
+ len = MAX_PACKET_LENGTH;
+ DEBUGDUMPHEADER("recv", "Value");
+@@ -4604,7 +4589,7 @@ snmp_pdu_parse(netsnmp_pdu *pdu, u_char
+ vp->val.string = (u_char *) malloc(vp->val_len);
+ }
+ if (vp->val.string == NULL) {
+- return -1;
++ goto fail;
+ }
+ p = asn_parse_string(var_val, &len, &vp->type, vp->val.string,
+ &vp->val_len);
+@@ -4619,7 +4604,7 @@ snmp_pdu_parse(netsnmp_pdu *pdu, u_char
+ vp->val_len *= sizeof(oid);
+ vp->val.objid = (oid *) malloc(vp->val_len);
+ if (vp->val.objid == NULL) {
+- return -1;
++ goto fail;
+ }
+ memmove(vp->val.objid, objid, vp->val_len);
+ break;
+@@ -4631,7 +4616,7 @@ snmp_pdu_parse(netsnmp_pdu *pdu, u_char
+ case ASN_BIT_STR:
+ vp->val.bitstring = (u_char *) malloc(vp->val_len);
+ if (vp->val.bitstring == NULL) {
+- return -1;
++ goto fail;
+ }
+ p = asn_parse_bitstring(var_val, &len, &vp->type,
+ vp->val.bitstring, &vp->val_len);
+@@ -4640,12 +4625,28 @@ snmp_pdu_parse(netsnmp_pdu *pdu, u_char
+ break;
+ default:
+ snmp_log(LOG_ERR, "bad type returned (%x)\n", vp->type);
+- badtype = -1;
++ goto fail;
+ break;
+ }
+ DEBUGINDENTADD(-4);
++
++ if (NULL == vplast) {
++ pdu->variables = vp;
++ } else {
++ vplast->next_variable = vp;
++ }
++ vplast = vp;
++ vp = NULL;
+ }
+- return badtype;
++ return 0;
++
++ fail:
++ DEBUGMSGTL(("recv", "error while parsing VarBindList\n"));
++ /** if we were parsing a var, remove it from the pdu and free it */
++ if (vp)
++ snmp_free_var(vp);
++
++ return -1;
+ }
+
+ /*
diff --git a/net-snmp/Pkgfile b/net-snmp/Pkgfile
index 96809a39..1f67347a 100644
--- a/net-snmp/Pkgfile
+++ b/net-snmp/Pkgfile
@@ -5,16 +5,20 @@
name=net-snmp
version=5.7.3
-release=4
+release=5
source=(http://download.sourceforge.net/$name/$name-$version.tar.gz \
snmpd snmpd.conf \
0001-Remove-U64-typedef.patch \
- 0001-CHANGES-BUG-2712-Fix-Perl-module-compilation.patch)
+ 0001-CHANGES-BUG-2712-Fix-Perl-module-compilation.patch \
+ CVE-2018-1000116.patch)
build() {
cd $name-$version
+
patch -p1 -i $SRC/0001-Remove-U64-typedef.patch
patch -p1 -i $SRC/0001-CHANGES-BUG-2712-Fix-Perl-module-compilation.patch
+ patch -p1 -i $SRC/CVE-2018-1000116.patch
+
export NETSNMP_DONT_CHECK_VERSION=1
./configure --prefix=/usr \
--sysconfdir=/etc \
1
0
ports/compat-32 (3.3): [notify] fontconfig-32: 2.12.6 -> 2.13.0 new dependency util-linux-32
by crux@crux.nu 10 Mar '18
by crux@crux.nu 10 Mar '18
10 Mar '18
commit 3787c9b07d2b31a72935c0956205b5ac8c6c4717
Author: Danny Rawlins <monster.romster(a)gmail.com>
Date: Sat Mar 10 14:24:32 2018 +1100
[notify] fontconfig-32: 2.12.6 -> 2.13.0 new dependency util-linux-32
diff --git a/fontconfig-32/.footprint b/fontconfig-32/.footprint
index 4d7a30e..6d513df 100644
--- a/fontconfig-32/.footprint
+++ b/fontconfig-32/.footprint
@@ -1,8 +1,8 @@
drwxr-xr-x root/root usr/
drwxr-xr-x root/root usr/lib32/
-rwxr-xr-x root/root usr/lib32/libfontconfig.la
-lrwxrwxrwx root/root usr/lib32/libfontconfig.so -> libfontconfig.so.1.10.1
-lrwxrwxrwx root/root usr/lib32/libfontconfig.so.1 -> libfontconfig.so.1.10.1
--rwxr-xr-x root/root usr/lib32/libfontconfig.so.1.10.1
+lrwxrwxrwx root/root usr/lib32/libfontconfig.so -> libfontconfig.so.1.11.1
+lrwxrwxrwx root/root usr/lib32/libfontconfig.so.1 -> libfontconfig.so.1.11.1
+-rwxr-xr-x root/root usr/lib32/libfontconfig.so.1.11.1
drwxr-xr-x root/root usr/lib32/pkgconfig/
-rw-r--r-- root/root usr/lib32/pkgconfig/fontconfig.pc
diff --git a/fontconfig-32/.md5sum b/fontconfig-32/.md5sum
index 94e715e..1ad4e2b 100644
--- a/fontconfig-32/.md5sum
+++ b/fontconfig-32/.md5sum
@@ -1 +1 @@
-733f5e2371ca77b69707bd7b30cc2163 fontconfig-2.12.6.tar.bz2
+60d2394a79d3b2e5db2daea55193fa47 fontconfig-2.13.0.tar.bz2
diff --git a/fontconfig-32/.signature b/fontconfig-32/.signature
index aadf915..1d43170 100644
--- a/fontconfig-32/.signature
+++ b/fontconfig-32/.signature
@@ -1,5 +1,5 @@
untrusted comment: verify with /etc/ports/compat-32.pub
-RWSwxGo/zH7eXXq5eDJDyg6EKuN3GhK0XkN/4JTrYkbozTauKBFq9Ea2gykjy4TLUkxsLgJ/lRgtcVAjJavLZtt1alkTd3rBPQY=
-SHA256 (Pkgfile) = 1762cf3afe0fe0a243e6ece27aaf45b4bbfd7a9c45efb657d3f828434b52c32b
-SHA256 (.footprint) = c7675e4e8f85eb711a6974e7483fc75ff46668571b2afe809efe4f9005282482
-SHA256 (fontconfig-2.12.6.tar.bz2) = cf0c30807d08f6a28ab46c61b8dbd55c97d2f292cf88f3a07d3384687f31f017
+RWSwxGo/zH7eXTLI+5YDMLOXYFazTW9E+Nzb1W8M0Ie6iML0+Drj6+bpmB9wL0KQabREpRev4L+l/XEtIzTUDMTcjaQdX5V9owM=
+SHA256 (Pkgfile) = 11e443f646ee4fc31d271a13f9a06abd6106f75521567cb0a36fb2e56a67d616
+SHA256 (.footprint) = 97df26a3f74e157331d7935104e62a1753cdccef72cc09573a1c73b10d5c1e0d
+SHA256 (fontconfig-2.13.0.tar.bz2) = 91dde8492155b7f34bb95079e79be92f1df353fcc682c19be90762fd3e12eeb9
diff --git a/fontconfig-32/Pkgfile b/fontconfig-32/Pkgfile
index a303854..a4e7b6d 100644
--- a/fontconfig-32/Pkgfile
+++ b/fontconfig-32/Pkgfile
@@ -1,10 +1,10 @@
# Description: A library for configuring and customizing font access
# URL: http://fontconfig.org/wiki/
# Maintainer: CRUX compat-32 Team, compat-32-ports at crux dot nu
-# Depends on: freetype-32 expat-32 bzip2-32 fontconfig
+# Depends on: freetype-32 expat-32 bzip2-32 util-linux-32 fontconfig
name=fontconfig-32
-version=2.12.6
+version=2.13.0
release=1
source=(https://fontconfig.org/release/fontconfig-$version.tar.bz2)
1
0
commit e522fe5530b2d4766ab4d18f906f542a71cec3d7
Author: Juergen Daubert <jue(a)jue.li>
Date: Wed Mar 7 12:21:11 2018 +0100
[notify] jscon-c: update to 0.13.1
ABI has been changed, rebuild of direct dependent ports required.
Check with revdep.
diff --git a/json-c/.footprint b/json-c/.footprint
index b6eba3bcd..ba42b07f1 100644
--- a/json-c/.footprint
+++ b/json-c/.footprint
@@ -19,8 +19,8 @@ drwxr-xr-x root/root usr/include/json-c/
drwxr-xr-x root/root usr/lib/
-rw-r--r-- root/root usr/lib/libjson-c.a
-rwxr-xr-x root/root usr/lib/libjson-c.la
-lrwxrwxrwx root/root usr/lib/libjson-c.so -> libjson-c.so.3.0.1
-lrwxrwxrwx root/root usr/lib/libjson-c.so.3 -> libjson-c.so.3.0.1
--rwxr-xr-x root/root usr/lib/libjson-c.so.3.0.1
+lrwxrwxrwx root/root usr/lib/libjson-c.so -> libjson-c.so.4.0.0
+lrwxrwxrwx root/root usr/lib/libjson-c.so.4 -> libjson-c.so.4.0.0
+-rwxr-xr-x root/root usr/lib/libjson-c.so.4.0.0
drwxr-xr-x root/root usr/lib/pkgconfig/
-rw-r--r-- root/root usr/lib/pkgconfig/json-c.pc
diff --git a/json-c/.md5sum b/json-c/.md5sum
index 510532872..cbe27d281 100644
--- a/json-c/.md5sum
+++ b/json-c/.md5sum
@@ -1 +1 @@
-11fc5d90c77375e5fc8401e8b9efbf21 json-c-0.13.tar.gz
+04969ad59cc37bddd83741a08b98f350 json-c-0.13.1.tar.gz
diff --git a/json-c/.signature b/json-c/.signature
index 20f5dcca1..72000f845 100644
--- a/json-c/.signature
+++ b/json-c/.signature
@@ -1,5 +1,5 @@
untrusted comment: verify with /etc/ports/opt.pub
-RWSE3ohX2g5d/bsj+i0kdzi+tu9kMtnZYEVibDajZDk6fg9rSg91/zza9TCnVW5NDNMULq9wM/GoYzQ19mpnlBbNff/yAhYl1gQ=
-SHA256 (Pkgfile) = 9e715a9f0ed8745d393d4b0ab04c12adde6abc7dd6034f7de1a336f8f0766a1f
-SHA256 (.footprint) = ebaab5998f8acd72b588424f8def0b70ea22837add42c687d13bc39140633e28
-SHA256 (json-c-0.13.tar.gz) = 0316780be9ad16c42d7c26b015a784fd5df4b0909fef0aba51cfb13e492ac24d
+RWSE3ohX2g5d/XF9S27SBnQ2YHIa1Q4SxQ1m/bEIDb0W3Niun4e96tbc43lgYr8tmypcZ/4V55uhV6MPpk28G9dS4YwrfAQEyAk=
+SHA256 (Pkgfile) = ab8ddf9bac77dc3aa29834617d4262ab1f44c91fbd27926b8043190a9f7ff2e4
+SHA256 (.footprint) = 5f6ef28f05475ff602ee92b592378c460a60a5b4df6725a8ac1ab18ab29a4283
+SHA256 (json-c-0.13.1.tar.gz) = b87e608d4d3f7bfdd36ef78d56d53c74e66ab278d318b71e6002a369d36f4873
diff --git a/json-c/Pkgfile b/json-c/Pkgfile
index 58b268556..08e34d3cd 100644
--- a/json-c/Pkgfile
+++ b/json-c/Pkgfile
@@ -3,7 +3,7 @@
# Maintainer: Juergen Daubert, jue at crux dot nu
name=json-c
-version=0.13
+version=0.13.1
release=1
source=(https://s3.amazonaws.com/json-c_releases/releases/$name-$version.ta…
1
0
ports/opt (3.4): [notify] libvorbis: security fixes for: CVE-2017-14160, CVE-2017-14632, and CVE-2017-14633 closes FS#1595
by crux@crux.nu 07 Mar '18
by crux@crux.nu 07 Mar '18
07 Mar '18
commit f0344af4ee764125b3c263d74fd866fcc0610dec
Author: Danny Rawlins <monster.romster(a)gmail.com>
Date: Wed Mar 7 01:15:29 2018 +1100
[notify] libvorbis: security fixes for: CVE-2017-14160, CVE-2017-14632, and CVE-2017-14633 closes FS#1595
diff --git a/libvorbis/.md5sum b/libvorbis/.md5sum
index e3dcf5477..8bbbeef92 100644
--- a/libvorbis/.md5sum
+++ b/libvorbis/.md5sum
@@ -1 +1,4 @@
+943275d84d55dfa072ec3a2566fd9bfa CVE-2017-14160.patch
+d32bb2a15cde558464ff6b1a7199d9c6 CVE-2017-14632.patch
+d54deff7374d7205441cf5e4dfd32bee CVE-2017-14633.patch
28cb28097c07a735d6af56e598e1c90f libvorbis-1.3.5.tar.xz
diff --git a/libvorbis/.signature b/libvorbis/.signature
index e0f6c770a..15a02858a 100644
--- a/libvorbis/.signature
+++ b/libvorbis/.signature
@@ -1,5 +1,8 @@
untrusted comment: verify with /etc/ports/opt.pub
-RWSE3ohX2g5d/UIMCRs21S+z38O3cqsSsk5E910XdPfJ54oGNA8VPRaNuGeoJTyDTksoe26yejpyCVC/SSXubHVGihLKojs03AE=
-SHA256 (Pkgfile) = 493517cd1f5498d39bff632f5becea6dd7ecb18455d73313d6de32c527cc83b0
+RWSE3ohX2g5d/XBLjepyAeVAsv0mpvzium7JjPBpyQUlW+ZuPdO7oz0ATE3bC1nBn5EHSwuxsNGum4EOVduL32Cr08X2/7IVtwk=
+SHA256 (Pkgfile) = 833e8c8db431ef3375b53fa800a7d06a33a9b6e62913ff5ec6c8dd5d8c1b51ad
SHA256 (.footprint) = 709e3fdd589a25de7fa9ca41700639d37f7dae5eba48fe6cffa354efd8625b37
SHA256 (libvorbis-1.3.5.tar.xz) = 54f94a9527ff0a88477be0a71c0bab09a4c3febe0ed878b24824906cd4b0e1d1
+SHA256 (CVE-2017-14633.patch) = d1a44c7a683b3d1ab2bd645ef4ee21002cb1c7466975073381ed1e533153e328
+SHA256 (CVE-2017-14632.patch) = 2fed965880686a145c0da6abbb08224d0ed26e4bf1b1c3a8f7b5d2d33f6bc8e7
+SHA256 (CVE-2017-14160.patch) = f93bf45de3a21db0fa9bb9cd25edefb1182bf24d61028a86cbf45fbcd11fbdf5
diff --git a/libvorbis/CVE-2017-14160.patch b/libvorbis/CVE-2017-14160.patch
new file mode 100644
index 000000000..9ad9d18f7
--- /dev/null
+++ b/libvorbis/CVE-2017-14160.patch
@@ -0,0 +1,58 @@
+From 98a60969315dba8c1e8231f561e1551670bc80ae Mon Sep 17 00:00:00 2001
+Message-Id: <98a60969315dba8c1e8231f561e1551670bc80ae.1511192857.git.agx(a)sigxcpu.org>
+From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx(a)sigxcpu.org>
+Date: Wed, 15 Nov 2017 13:12:00 +0100
+Subject: [PATCH] CVE-2017-14160: make sure we don't overflow
+
+---
+ lib/psy.c | 9 ++++-----
+ 1 file changed, 4 insertions(+), 5 deletions(-)
+
+diff --git a/lib/psy.c b/lib/psy.c
+index 422c6f1e..8bbf6cf3 100644
+--- a/lib/psy.c
++++ b/lib/psy.c
+@@ -599,7 +599,7 @@ static void bark_noise_hybridmp(int n,const long *b,
+ XY[i] = tXY;
+ }
+
+- for (i = 0, x = 0.f;; i++, x += 1.f) {
++ for (i = 0, x = 0.f; i < n; i++, x += 1.f) {
+
+ lo = b[i] >> 16;
+ if( lo>=0 ) break;
+@@ -621,12 +621,11 @@ static void bark_noise_hybridmp(int n,const long *b,
+ noise[i] = R - offset;
+ }
+
+- for ( ;; i++, x += 1.f) {
++ for ( ; i < n; i++, x += 1.f) {
+
+ lo = b[i] >> 16;
+ hi = b[i] & 0xffff;
+ if(hi>=n)break;
+-
+ tN = N[hi] - N[lo];
+ tX = X[hi] - X[lo];
+ tXX = XX[hi] - XX[lo];
+@@ -651,7 +650,7 @@ static void bark_noise_hybridmp(int n,const long *b,
+
+ if (fixed <= 0) return;
+
+- for (i = 0, x = 0.f;; i++, x += 1.f) {
++ for (i = 0, x = 0.f; i < n; i++, x += 1.f) {
+ hi = i + fixed / 2;
+ lo = hi - fixed;
+ if(lo>=0)break;
+@@ -670,7 +669,7 @@ static void bark_noise_hybridmp(int n,const long *b,
+
+ if (R - offset < noise[i]) noise[i] = R - offset;
+ }
+- for ( ;; i++, x += 1.f) {
++ for ( ; i < n; i++, x += 1.f) {
+
+ hi = i + fixed / 2;
+ lo = hi - fixed;
+--
+2.15.0
+
diff --git a/libvorbis/CVE-2017-14632.patch b/libvorbis/CVE-2017-14632.patch
new file mode 100644
index 000000000..9ff5a8ca1
--- /dev/null
+++ b/libvorbis/CVE-2017-14632.patch
@@ -0,0 +1,51 @@
+From c1c2831fc7306d5fbd7bc800324efd12b28d327f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx(a)sigxcpu.org>
+Date: Wed, 15 Nov 2017 18:22:59 +0100
+Subject: [PATCH] CVE-2017-14632: vorbis_analysis_header_out: Don't clear opb
+ if not initialized
+
+If the number of channels is not within the allowed range
+we call oggback_writeclear altough it's not initialized yet.
+
+This fixes
+
+ =23371== Invalid free() / delete / delete[] / realloc()
+ ==23371== at 0x4C2CE1B: free (vg_replace_malloc.c:530)
+ ==23371== by 0x829CA31: oggpack_writeclear (in /usr/lib/x86_64-linux-gnu/libogg.so.0.8.2)
+ ==23371== by 0x84B96EE: vorbis_analysis_headerout (info.c:652)
+ ==23371== by 0x9FBCBCC: ??? (in /usr/lib/x86_64-linux-gnu/sox/libsox_fmt_vorbis.so)
+ ==23371== by 0x4E524F1: ??? (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
+ ==23371== by 0x4E52CCA: sox_open_write (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
+ ==23371== by 0x10D82A: open_output_file (sox.c:1556)
+ ==23371== by 0x10D82A: process (sox.c:1753)
+ ==23371== by 0x10D82A: main (sox.c:3012)
+ ==23371== Address 0x68768c8 is 488 bytes inside a block of size 880 alloc'd
+ ==23371== at 0x4C2BB1F: malloc (vg_replace_malloc.c:298)
+ ==23371== by 0x4C2DE9F: realloc (vg_replace_malloc.c:785)
+ ==23371== by 0x4E545C2: lsx_realloc (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
+ ==23371== by 0x9FBC9A0: ??? (in /usr/lib/x86_64-linux-gnu/sox/libsox_fmt_vorbis.so)
+ ==23371== by 0x4E524F1: ??? (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
+ ==23371== by 0x4E52CCA: sox_open_write (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
+ ==23371== by 0x10D82A: open_output_file (sox.c:1556)
+ ==23371== by 0x10D82A: process (sox.c:1753)
+ ==23371== by 0x10D82A: main (sox.c:3012)
+
+as seen when using the testcase from CVE-2017-11333 with
+008d23b782be09c8d75ba8190b1794abd66c7121 applied. However the error was
+there before.
+---
+ lib/info.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/lib/info.c b/lib/info.c
+index 7bc4ea42..8d0b2edd 100644
+--- a/lib/info.c
++++ b/lib/info.c
+@@ -589,6 +589,7 @@ int vorbis_analysis_headerout(vorbis_dsp_state *v,
+ private_state *b=v->backend_state;
+
+ if(!b||vi->channels<=0||vi->channels>256){
++ b = NULL;
+ ret=OV_EFAULT;
+ goto err_out;
+ }
diff --git a/libvorbis/CVE-2017-14633.patch b/libvorbis/CVE-2017-14633.patch
new file mode 100644
index 000000000..069927c7b
--- /dev/null
+++ b/libvorbis/CVE-2017-14633.patch
@@ -0,0 +1,31 @@
+From a79ec216cd119069c68b8f3542c6a425a74ab993 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx(a)sigxcpu.org>
+Date: Tue, 31 Oct 2017 18:32:46 +0100
+Subject: [PATCH] CVE-2017-14633: Don't allow for more than 256 channels
+
+Otherwise
+
+ for(i=0;i<vi->channels;i++){
+ /* the encoder setup assumes that all the modes used by any
+ specific bitrate tweaking use the same floor */
+ int submap=info->chmuxlist[i];
+
+overreads later in mapping0_forward since chmuxlist is a fixed array of
+256 elements max.
+---
+ lib/info.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/info.c b/lib/info.c
+index fe759edf..7bc4ea42 100644
+--- a/lib/info.c
++++ b/lib/info.c
+@@ -588,7 +588,7 @@ int vorbis_analysis_headerout(vorbis_dsp_state *v,
+ oggpack_buffer opb;
+ private_state *b=v->backend_state;
+
+- if(!b||vi->channels<=0){
++ if(!b||vi->channels<=0||vi->channels>256){
+ ret=OV_EFAULT;
+ goto err_out;
+ }
diff --git a/libvorbis/Pkgfile b/libvorbis/Pkgfile
index 6036da968..6461bb154 100644
--- a/libvorbis/Pkgfile
+++ b/libvorbis/Pkgfile
@@ -1,21 +1,28 @@
# Description: Vorbis codec library
-# URL: http://www.xiph.org/ogg/vorbis/
-# Maintainer: Jose V Beneyto, sepen at crux dot nu
-# Packager: Tilman Sauerbeck, tilman at crux dot nu
+# URL: https://www.xiph.org/ogg/vorbis/
+# Maintainer: Danny Rawlins, crux at romster dot me
# Depends on: libogg
name=libvorbis
version=1.3.5
-release=1
-source=(http://downloads.xiph.org/releases/vorbis/$name-$version.tar.xz)
+release=2
+source=(https://downloads.xiph.org/releases/vorbis/$name-$version.tar.xz
+ CVE-2017-14633.patch
+ CVE-2017-14632.patch
+ CVE-2017-14160.patch)
build() {
- cd $name-$version
+ cd $name-$version
- ./configure --prefix=/usr
+ # https://security-tracker.debian.org/tracker/source-package/libvorbis
+ patch -p1 -i $SRC/CVE-2017-14633.patch
+ patch -p1 -i $SRC/CVE-2017-14632.patch
+ patch -p1 -i $SRC/CVE-2017-14160.patch
- make
- make DESTDIR=$PKG install
+ ./configure --prefix=/usr
- rm -rf $PKG/usr/share/doc
+ make
+ make DESTDIR=$PKG install
+
+ rm -rf $PKG/usr/share/doc
}
1
0