ports/core (2.7): [notify] bzip2: updated to 1.0.6.
commit 2b35d23abcf2b993fd0ddf843b76fa1218aa8f4a Author: Tilman Sauerbeck <tilman@crux.nu> Date: Mon Sep 20 20:14:51 2010 +0200 [notify] bzip2: updated to 1.0.6. This fixes CVE-2010-0405. diff --git a/bzip2/.footprint b/bzip2/.footprint index 608a3f8..2c1ca92 100644 --- a/bzip2/.footprint +++ b/bzip2/.footprint @@ -16,8 +16,8 @@ drwxr-xr-x root/root usr/include/ drwxr-xr-x root/root usr/lib/ -rw-r--r-- root/root usr/lib/libbz2.a lrwxrwxrwx root/root usr/lib/libbz2.so -> libbz2.so.1.0 -lrwxrwxrwx root/root usr/lib/libbz2.so.1.0 -> libbz2.so.1.0.4 --rwxr-xr-x root/root usr/lib/libbz2.so.1.0.4 +lrwxrwxrwx root/root usr/lib/libbz2.so.1.0 -> libbz2.so.1.0.6 +-rwxr-xr-x root/root usr/lib/libbz2.so.1.0.6 drwxr-xr-x root/root usr/man/ drwxr-xr-x root/root usr/man/man1/ lrwxrwxrwx root/root usr/man/man1/bunzip2.1.gz -> bzip2.1.gz diff --git a/bzip2/.md5sum b/bzip2/.md5sum index 4e10dd2..fb5468a 100644 --- a/bzip2/.md5sum +++ b/bzip2/.md5sum @@ -1,2 +1,2 @@ -3c15a0c8d1d3ee1c46a1634d00617b1a bzip2-1.0.5.tar.gz -37fba3cadef5fbffee9107c61ff24373 bzip2.patch +00b516f4704d4a7cb50a1d97e6e8e15b bzip2-1.0.6.tar.gz +21bba891a5e515d69fa6ca6b11eac726 bzip2.patch diff --git a/bzip2/Pkgfile b/bzip2/Pkgfile index ff9c444..650cefe 100644 --- a/bzip2/Pkgfile +++ b/bzip2/Pkgfile @@ -3,8 +3,8 @@ # Maintainer: CRUX System Team, core-ports at crux dot nu name=bzip2 -version=1.0.5 -release=2 +version=1.0.6 +release=1 source=(http://www.bzip.org/$version/$name-$version.tar.gz \ $name.patch) diff --git a/bzip2/bzip2.patch b/bzip2/bzip2.patch index 1d1b974..f0f9341 100644 --- a/bzip2/bzip2.patch +++ b/bzip2/bzip2.patch @@ -1,6 +1,6 @@ -diff -aur bzip2-1.0.5.orig/Makefile bzip2-1.0.5/Makefile ---- bzip2-1.0.5.orig/Makefile 2008-02-14 13:39:18.000000000 +0100 -+++ bzip2-1.0.5/Makefile 2009-06-14 13:49:03.889599030 +0200 +diff -aur bzip2-1.0.6.orig/Makefile bzip2-1.0.6/Makefile +--- bzip2-1.0.6.orig/Makefile 2008-02-14 13:39:18.000000000 +0100 ++++ bzip2-1.0.6/Makefile 2009-06-14 13:49:03.889599030 +0200 @@ -21,7 +21,7 @@ LDFLAGS= @@ -84,9 +84,9 @@ diff -aur bzip2-1.0.5.orig/Makefile bzip2-1.0.5/Makefile clean: rm -f *.o libbz2.a bzip2 bzip2recover \ -diff -aur bzip2-1.0.5.orig/Makefile-libbz2_so bzip2-1.0.5/Makefile-libbz2_so ---- bzip2-1.0.5.orig/Makefile-libbz2_so 2007-12-09 14:00:50.000000000 +0100 -+++ bzip2-1.0.5/Makefile-libbz2_so 2009-06-14 13:48:27.519580669 +0200 +diff -aur bzip2-1.0.6.orig/Makefile-libbz2_so bzip2-1.0.6/Makefile-libbz2_so +--- bzip2-1.0.6.orig/Makefile-libbz2_so 2007-12-09 14:00:50.000000000 +0100 ++++ bzip2-1.0.6/Makefile-libbz2_so 2009-06-14 13:48:27.519580669 +0200 @@ -24,7 +24,7 @@ SHELL=/bin/sh CC=gcc @@ -98,26 +98,26 @@ diff -aur bzip2-1.0.5.orig/Makefile-libbz2_so bzip2-1.0.5/Makefile-libbz2_so huffman.o \ @@ -37,11 +37,15 @@ all: $(OBJS) - $(CC) -shared -Wl,-soname -Wl,libbz2.so.1.0 -o libbz2.so.1.0.4 $(OBJS) - $(CC) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.4 + $(CC) -shared -Wl,-soname -Wl,libbz2.so.1.0 -o libbz2.so.1.0.6 $(OBJS) + $(CC) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.6 - rm -f libbz2.so.1.0 -- ln -s libbz2.so.1.0.4 libbz2.so.1.0 +- ln -s libbz2.so.1.0.6 libbz2.so.1.0 + +install: + install -d $(PREFIX)/lib -+ install -m 755 libbz2.so.1.0.4 $(PREFIX)/lib -+ ln -sf libbz2.so.1.0.4 $(PREFIX)/lib/libbz2.so.1.0 ++ install -m 755 libbz2.so.1.0.6 $(PREFIX)/lib ++ ln -sf libbz2.so.1.0.6 $(PREFIX)/lib/libbz2.so.1.0 + ln -sf libbz2.so.1.0 $(PREFIX)/lib/libbz2.so clean: -- rm -f $(OBJS) bzip2.o libbz2.so.1.0.4 libbz2.so.1.0 bzip2-shared -+ rm -f $(OBJS) bzip2.o libbz2.so.1.0.4 bzip2-shared +- rm -f $(OBJS) bzip2.o libbz2.so.1.0.6 libbz2.so.1.0 bzip2-shared ++ rm -f $(OBJS) bzip2.o libbz2.so.1.0.6 bzip2-shared blocksort.o: blocksort.c $(CC) $(CFLAGS) -c blocksort.c -diff -aur bzip2-1.0.5.orig/bzlib_private.h bzip2-1.0.5/bzlib_private.h ---- bzip2-1.0.5.orig/bzlib_private.h 2007-12-09 15:00:46.000000000 +0100 -+++ bzip2-1.0.5/bzlib_private.h 2009-06-14 13:53:28.200579230 +0200 +diff -aur bzip2-1.0.6.orig/bzlib_private.h bzip2-1.0.6/bzlib_private.h +--- bzip2-1.0.6.orig/bzlib_private.h 2007-12-09 15:00:46.000000000 +0100 ++++ bzip2-1.0.6/bzlib_private.h 2009-06-14 13:53:28.200579230 +0200 @@ -128,7 +128,7 @@ /*-- Stuff for randomising repetitive blocks. --*/ @@ -136,9 +136,9 @@ diff -aur bzip2-1.0.5.orig/bzlib_private.h bzip2-1.0.5/bzlib_private.h #define BZ_INITIALISE_CRC(crcVar) \ { \ -diff -aur bzip2-1.0.5.orig/crctable.c bzip2-1.0.5/crctable.c ---- bzip2-1.0.5.orig/crctable.c 2007-12-09 13:29:49.000000000 +0100 -+++ bzip2-1.0.5/crctable.c 2009-06-14 13:52:33.248830630 +0200 +diff -aur bzip2-1.0.6.orig/crctable.c bzip2-1.0.6/crctable.c +--- bzip2-1.0.6.orig/crctable.c 2007-12-09 13:29:49.000000000 +0100 ++++ bzip2-1.0.6/crctable.c 2009-06-14 13:52:33.248830630 +0200 @@ -28,7 +28,7 @@ comp.compression FAQ. --*/ @@ -148,9 +148,9 @@ diff -aur bzip2-1.0.5.orig/crctable.c bzip2-1.0.5/crctable.c /*-- Ugly, innit? --*/ -diff -aur bzip2-1.0.5.orig/randtable.c bzip2-1.0.5/randtable.c ---- bzip2-1.0.5.orig/randtable.c 2007-12-09 13:32:55.000000000 +0100 -+++ bzip2-1.0.5/randtable.c 2009-06-14 13:53:38.063580427 +0200 +diff -aur bzip2-1.0.6.orig/randtable.c bzip2-1.0.6/randtable.c +--- bzip2-1.0.6.orig/randtable.c 2007-12-09 13:32:55.000000000 +0100 ++++ bzip2-1.0.6/randtable.c 2009-06-14 13:53:38.063580427 +0200 @@ -23,7 +23,7 @@
participants (1)
-
crux@crux.nu