ports/contrib (3.3): [notify] libcdio: 0.94 -> 2.0.0 CVE-2017-18201 Closes FS#1600

crux at crux.nu crux at crux.nu
Thu Mar 1 13:04:47 UTC 2018


commit 0b850e6535e9a4a29169e4be7db29cc8356aa0bc
Author: Danny Rawlins <monster.romster at gmail.com>
Date:   Thu Mar 1 23:06:40 2018 +1100

    [notify] libcdio: 0.94 -> 2.0.0 CVE-2017-18201 Closes FS#1600

diff --git a/libcdio/.footprint b/libcdio/.footprint
index 93cf7b54..bb286a17 100644
--- a/libcdio/.footprint
+++ b/libcdio/.footprint
@@ -56,14 +56,14 @@ drwxr-xr-x	root/root	usr/include/cdio/
 drwxr-xr-x	root/root	usr/lib/
 -rw-r--r--	root/root	usr/lib/libcdio++.a
 -rwxr-xr-x	root/root	usr/lib/libcdio++.la
-lrwxrwxrwx	root/root	usr/lib/libcdio++.so -> libcdio++.so.0.0.2
-lrwxrwxrwx	root/root	usr/lib/libcdio++.so.0 -> libcdio++.so.0.0.2
--rwxr-xr-x	root/root	usr/lib/libcdio++.so.0.0.2
+lrwxrwxrwx	root/root	usr/lib/libcdio++.so -> libcdio++.so.1.0.0
+lrwxrwxrwx	root/root	usr/lib/libcdio++.so.1 -> libcdio++.so.1.0.0
+-rwxr-xr-x	root/root	usr/lib/libcdio++.so.1.0.0
 -rw-r--r--	root/root	usr/lib/libcdio.a
 -rwxr-xr-x	root/root	usr/lib/libcdio.la
-lrwxrwxrwx	root/root	usr/lib/libcdio.so -> libcdio.so.16.0.0
-lrwxrwxrwx	root/root	usr/lib/libcdio.so.16 -> libcdio.so.16.0.0
--rwxr-xr-x	root/root	usr/lib/libcdio.so.16.0.0
+lrwxrwxrwx	root/root	usr/lib/libcdio.so -> libcdio.so.18.0.0
+lrwxrwxrwx	root/root	usr/lib/libcdio.so.18 -> libcdio.so.18.0.0
+-rwxr-xr-x	root/root	usr/lib/libcdio.so.18.0.0
 -rw-r--r--	root/root	usr/lib/libiso9660++.a
 -rwxr-xr-x	root/root	usr/lib/libiso9660++.la
 lrwxrwxrwx	root/root	usr/lib/libiso9660++.so -> libiso9660++.so.0.0.0
@@ -71,9 +71,9 @@ lrwxrwxrwx	root/root	usr/lib/libiso9660++.so.0 -> libiso9660++.so.0.0.0
 -rwxr-xr-x	root/root	usr/lib/libiso9660++.so.0.0.0
 -rw-r--r--	root/root	usr/lib/libiso9660.a
 -rwxr-xr-x	root/root	usr/lib/libiso9660.la
-lrwxrwxrwx	root/root	usr/lib/libiso9660.so -> libiso9660.so.10.0.0
-lrwxrwxrwx	root/root	usr/lib/libiso9660.so.10 -> libiso9660.so.10.0.0
--rwxr-xr-x	root/root	usr/lib/libiso9660.so.10.0.0
+lrwxrwxrwx	root/root	usr/lib/libiso9660.so -> libiso9660.so.11.0.0
+lrwxrwxrwx	root/root	usr/lib/libiso9660.so.11 -> libiso9660.so.11.0.0
+-rwxr-xr-x	root/root	usr/lib/libiso9660.so.11.0.0
 -rw-r--r--	root/root	usr/lib/libudf.a
 -rwxr-xr-x	root/root	usr/lib/libudf.la
 lrwxrwxrwx	root/root	usr/lib/libudf.so -> libudf.so.0.0.0
diff --git a/libcdio/.md5sum b/libcdio/.md5sum
index a48ec28d..c6a9fd2b 100644
--- a/libcdio/.md5sum
+++ b/libcdio/.md5sum
@@ -1,2 +1 @@
-5a7f50209c03d5919d5b932f07871af7  libcdio-0.83-linking.patch
-d8734266a20fbc2605a97b701b838ab6  libcdio-0.94.tar.gz
+5beb1f68b9c812ee47c58072daf3be17  libcdio-2.0.0.tar.bz2
diff --git a/libcdio/.signature b/libcdio/.signature
index 7460485c..48e295ad 100644
--- a/libcdio/.signature
+++ b/libcdio/.signature
@@ -1,6 +1,5 @@
 untrusted comment: verify with /etc/ports/contrib.pub
-RWSagIOpLGJF348q411V+leF4eXuZvWOsl3Ok1d7b22Qme8dGZnafyIPhEC6Grd6ZdmsKJUKWGg8d8H6v5W8ziXAtvJ7wICe7gc=
-SHA256 (Pkgfile) = 21726ec1037bb9d4660fcd5466e9e8e45d7ad20388e9012c50ce5dd583b922ab
-SHA256 (.footprint) = a354132bdb7be191b8c897e1bbed81dbc6d2711aba6a4bae8e2b26c4c710c64b
-SHA256 (libcdio-0.94.tar.gz) = 96e2c903f866ae96f9f5b9048fa32db0921464a2286f5b586c0f02699710025a
-SHA256 (libcdio-0.83-linking.patch) = d88186b2a11726fe5ef10853e0245996b55793552b14230d1f7ba5ee3c54f3ed
+RWSagIOpLGJF37T+3i7hbUym/YmmpAP+M+1xeP/Y4YkoQEjzRGt0XabqB3qACS8YmoqzMW46fzGMLkDzTDObAq7fIJyJzyarVAM=
+SHA256 (Pkgfile) = 6ddb4d71fddadb00ab8fed54fdfbc6a1193158cb05d57446a4da0835abe4d01a
+SHA256 (.footprint) = f2e092aa140d5cc06e550e1674b96f73c16a293fa621c0b84ff61b76e02152e7
+SHA256 (libcdio-2.0.0.tar.bz2) = cd0da052a0e149e2526c41c5ac37b4865deb5c1cffe6faed18850154dbbd284b
diff --git a/libcdio/Pkgfile b/libcdio/Pkgfile
index 80df6e47..d330a72c 100644
--- a/libcdio/Pkgfile
+++ b/libcdio/Pkgfile
@@ -1,20 +1,16 @@
 # Description: A library for CD-ROM and CD image access.
 # URL: http://www.gnu.org/software/libcdio/
 # Maintainer: Danny Rawlins, crux at romster dot me
-# Packager: Tim Biermann, tim_biermann at web dot de
 # Depends on: libcddb ncurses
 
 name=libcdio
-version=0.94
+version=2.0.0
 release=1
-source=(https://ftp.gnu.org/gnu/$name/$name-$version.tar.gz
-	libcdio-0.83-linking.patch)
+source=(https://ftp.gnu.org/gnu/$name/$name-$version.tar.bz2)
 
 build() {
 	cd $name-$version
 
-	patch -p 1 -i $SRC/libcdio-0.83-linking.patch
-	sed -i '/AM_INIT_AUTOMAKE/s/subdir-objects//' configure.ac
 	autoreconf -fi
 
 	./configure \
diff --git a/libcdio/libcdio-0.83-linking.patch b/libcdio/libcdio-0.83-linking.patch
deleted file mode 100644
index 84a0746b..00000000
--- a/libcdio/libcdio-0.83-linking.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-diff -Naur libcdio-0.83-orig/example/C++/OO/Makefile.in libcdio-0.83/example/C++/OO/Makefile.in
---- libcdio-0.83-orig/example/C++/OO/Makefile.in	2011-10-27 18:02:31.000000000 +1000
-+++ libcdio-0.83/example/C++/OO/Makefile.in	2012-02-18 11:10:07.369277231 +1000
-@@ -315,15 +315,15 @@
- 
- isofile2_SOURCES = isofile2.cpp
- isofile2_LDADD = $(LIBISO9660PP_LIBS) $(LIBISO9660_LIBS) \
--	              $(LIBCDIOPP_LIBS) $(LTLIBICONV)
-+	              $(LIBCDIOPP_LIBS) $(LIBCDIO_LIBS) $(LTLIBICONV)
- 
- isolist_SOURCES = isolist.cpp
- isolist_LDADD = $(LIBISO9660PP_LIBS) $(LIBISO9660_LIBS) \
--	              $(LIBCDIOPP_LIBS) $(LTLIBICONV)
-+	              $(LIBCDIOPP_LIBS) $(LIBCDIO_LIBS) $(LTLIBICONV)
- 
- iso4_SOURCES = iso4.cpp
- iso4_LDADD = $(LIBISO9660PP_LIBS) $(LIBISO9660_LIBS) \
--	              $(LIBCDIOPP_LIBS) $(LTLIBICONV)
-+	              $(LIBCDIOPP_LIBS) $(LIBCDIO_LIBS) $(LTLIBICONV)
- 
- mmc1_SOURCES = mmc1.cpp
- mmc1_DEPENDENCIES = $(LIBCDIO_DEPS)


More information about the CRUX mailing list