Browse code

apr-util DoS ist upstream seit 1.6.0

Hanno authored on 16/09/2018 11:32:53
Showing 6 changed files
1 1
deleted file mode 100644
... ...
@@ -1,6 +0,0 @@
1
-AUX apr-util-1.5-limit-dos.diff 975 SHA256 32b14b12bc61d854d65911cbffb967acf7c955862739f0b0c61989c9b21ca273 SHA512 ccd0ab356e026d8d5d6d386f96a12b52550739a3ccbd3eb0a3c816c1586d8eb4a93064054157da0bc7d8027ff29f7460424d8c4f539b2c4b1468b996c3693e64 WHIRLPOOL 5428582928bf62989d463a003cbf42c998b7d314babb920a4e61bec01b90b41f5370cf7e49213f7beba33aca9efc6843b02648bb21a7f5f2a59f8fd8a4047daa
2
-AUX apr-util-1.5.3-sysroot.patch 1234 SHA256 752ee44d3e9e39e4cba824556f829776a46e4f5e64d4f359de781d3bfd3a414f SHA512 44ee2a9cf61587f05d43976d40023f6313b310c3eeb37299840445e3faec7f0352367875f515b21d3b1fcdc8c082d8584a21cf8187deb1f6f69187c14f84f0b7 WHIRLPOOL 2017ccccfade6e99a490781100a7ca2ee1901a93b791db78291e3d7850e9916d183084abc6f46b2a80ffb451dfb5f1e999189f9ce6f994b51146563bef52a7af
3
-DIST apr-util-1.5.4.tar.bz2 694427 SHA256 a6cf327189ca0df2fb9d5633d7326c460fe2b61684745fd7963e79a6dd0dc82e SHA512 ca877d8e444218c4ba0f28063ee075ddcd6c0a487b692dc80ef442fe775ec4eeb337c6957853772e8082e27edcb450d7e909c2c6c3ab4a95bbf0a5ee5ea4a2d1 WHIRLPOOL bc4ce82785513f4bf2207bb26758abc79e6bfef62a57d3e2ead570abc618b321c302390b9dcd8eab1ec44a9e5d398c2cc4d35af2549636e20d7c20678725ac2e
4
-EBUILD apr-util-1.5.4-r1.ebuild 3415 SHA256 08900f60c8baec189e90d56142d920611b2c953d460effe48ba05e3a7c14f87b SHA512 3acf7ae85631709b7dd2c7bc705a4bc6a12cc6911208e8b735e4c99dae5091d2113c3cd97b108fb32bcf1fec0e26b88146449b6150a7c288c3cf1787ca2a7ab9 WHIRLPOOL a9966791fc8e9f4c5a9df501a9aa5519d77ea8a06147601f187731d9b369b57aa33ca0a1b68d37fe11bd100b03bf0486244ab4da694fa10f5474551c6a320802
5
-EBUILD apr-util-1.5.4.ebuild 3343 SHA256 be16b2aec6cca0508ab61c60ff59b2dc2999e112397127bb76f0c31d729cbb7b SHA512 9852e950fb70c8b79fee8dbe261e43eab0d977dff0f48785c69fb775dd91e43edb7aa96b3a9bbccdf3a4ed0f4c618dae08fb6439a82d45a086085fc3eb19834a WHIRLPOOL 7a0bab54f3a9cf1435afcf5dd98d7d546987666a11ace8ed5388b6bc6b5ffaebfba1ad0f6c126cf90cfe43a82c88653ab1d20914ca80e95063792b8a399d765e
6
-MISC metadata.xml 515 SHA256 d5226f9f0b532aa0adf1cbc7e4b5333dae3411f0c12e6df483a4036d7150133a SHA512 af8e2bbded13ef475d1577eb4faa27e17a045804f1de3e79c4c3d736871db304872fc65db0d606c243292392fb4ac773711ad9e153369714689138249d469158 WHIRLPOOL 0d9a6906df5f22918414a41f8a0806e502ef38696d9c5fc5c9949c13c988fa57d3acae1c99ef1ca2279ca7ec970044bf3e1c704c460cd397262b1a6e34f0de7b
7 0
deleted file mode 100644
... ...
@@ -1,117 +0,0 @@
1
-# Copyright 1999-2015 Gentoo Foundation
2
-# Distributed under the terms of the GNU General Public License v2
3
-# $Id$
4
-
5
-EAPI="4"
6
-
7
-# Usually apr-util has the same PV as apr, but in case of security fixes, this may change.
8
-# APR_PV="${PV}"
9
-APR_PV="1.4.6"
10
-
11
-inherit autotools db-use eutils libtool multilib toolchain-funcs
12
-
13
-DESCRIPTION="Apache Portable Runtime Utility Library"
14
-HOMEPAGE="http://apr.apache.org/"
15
-SRC_URI="mirror://apache/apr/${P}.tar.bz2"
16
-
17
-LICENSE="Apache-2.0"
18
-SLOT="1"
19
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~hppa-hpux ~ia64-hpux ~x86-interix ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
20
-IUSE="berkdb doc freetds gdbm ldap libressl mysql nss odbc openssl postgres sqlite static-libs"
21
-#RESTRICT="test"
22
-
23
-RDEPEND="dev-libs/expat
24
-	>=dev-libs/apr-${APR_PV}:1
25
-	berkdb? ( >=sys-libs/db-4 )
26
-	freetds? ( dev-db/freetds )
27
-	gdbm? ( sys-libs/gdbm )
28
-	ldap? ( =net-nds/openldap-2* )
29
-	mysql? ( =virtual/mysql-5* )
30
-	nss? ( dev-libs/nss )
31
-	odbc? ( dev-db/unixODBC )
32
-	openssl? (
33
-		!libressl? ( dev-libs/openssl:0 )
34
-		libressl? ( dev-libs/libressl )
35
-	)
36
-	postgres? ( dev-db/postgresql )
37
-	sqlite? ( dev-db/sqlite:3 )"
38
-DEPEND="${RDEPEND}
39
-	>=sys-devel/libtool-2.4.2
40
-	doc? ( app-doc/doxygen )"
41
-
42
-DOCS=(CHANGES NOTICE README)
43
-
44
-src_prepare() {
45
-	epatch "${FILESDIR}"/${PN}-1.5.3-sysroot.patch #385775
46
-	epatch "${FILESDIR}"/apr-util-1.5-limit-dos.diff
47
-	eautoreconf
48
-	elibtoolize
49
-}
50
-
51
-src_configure() {
52
-	local myconf=()
53
-
54
-	tc-is-static-only && myconf+=( --disable-util-dso )
55
-
56
-	if use berkdb; then
57
-		local db_version
58
-		db_version="$(db_findver sys-libs/db)" || die "Unable to find Berkeley DB version"
59
-		db_version="$(db_ver_to_slot "${db_version}")"
60
-		db_version="${db_version/\./}"
61
-		myconf+=(
62
-			--with-dbm=db${db_version}
63
-			# We use $T for the libdir because otherwise it'd simply be the normal
64
-			# system libdir.  That's pointless as the compiler will search it for
65
-			# us already.  This makes cross-compiling and such easier.
66
-			--with-berkeley-db="${SYSROOT}$(db_includedir 2>/dev/null):${T}"
67
-		)
68
-	else
69
-		myconf+=( --without-berkeley-db )
70
-	fi
71
-
72
-	if use nss || use openssl ; then
73
-		myconf+=( --with-crypto ) # 518708
74
-	fi
75
-
76
-	econf \
77
-		--datadir="${EPREFIX}"/usr/share/apr-util-1 \
78
-		--with-apr="${SYSROOT}${EPREFIX}"/usr \
79
-		--with-expat="${EPREFIX}"/usr \
80
-		--without-sqlite2 \
81
-		$(use_with freetds) \
82
-		$(use_with gdbm) \
83
-		$(use_with ldap) \
84
-		$(use_with mysql) \
85
-		$(use_with nss) \
86
-		$(use_with odbc) \
87
-		$(use_with openssl) \
88
-		$(use_with postgres pgsql) \
89
-		$(use_with sqlite sqlite3) \
90
-		"${myconf[@]}"
91
-	# Use the current env build settings rather than whatever apr was built with.
92
-	sed -i -r \
93
-		-e "/^(apr_builddir|apr_builders|top_builddir)=/s:=:=${SYSROOT}:" \
94
-		-e "/^CC=/s:=.*:=$(tc-getCC):" \
95
-		-e '/^(C|CPP|CXX|LD)FLAGS=/d' \
96
-		-e '/^LTFLAGS/s:--silent::' \
97
-		build/rules.mk || die
98
-}
99
-
100
-src_compile() {
101
-	emake
102
-	use doc && emake dox
103
-}
104
-
105
-src_install() {
106
-	default
107
-
108
-	find "${ED}" -name "*.la" -delete
109
-	find "${ED}usr/$(get_libdir)/apr-util-${SLOT}" -name "*.a" -delete
110
-	use static-libs || find "${ED}" -name "*.a" -delete
111
-
112
-	use doc && dohtml -r docs/dox/html/*
113
-
114
-	# This file is only used on AIX systems, which Gentoo is not,
115
-	# and causes collisions between the SLOTs, so remove it.
116
-	rm -f "${ED}usr/$(get_libdir)/aprutil.exp"
117
-}
118 0
deleted file mode 100644
... ...
@@ -1,114 +0,0 @@
1
-# Copyright 1999-2015 Gentoo Foundation
2
-# Distributed under the terms of the GNU General Public License v2
3
-# $Id$
4
-
5
-EAPI="4"
6
-
7
-# Usually apr-util has the same PV as apr, but in case of security fixes, this may change.
8
-# APR_PV="${PV}"
9
-APR_PV="1.4.6"
10
-
11
-inherit autotools db-use eutils libtool multilib toolchain-funcs
12
-
13
-DESCRIPTION="Apache Portable Runtime Utility Library"
14
-HOMEPAGE="http://apr.apache.org/"
15
-SRC_URI="mirror://apache/apr/${P}.tar.bz2"
16
-
17
-LICENSE="Apache-2.0"
18
-SLOT="1"
19
-KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~hppa-hpux ~ia64-hpux ~x86-interix ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
20
-IUSE="berkdb doc freetds gdbm ldap mysql nss odbc openssl postgres sqlite static-libs"
21
-#RESTRICT="test"
22
-
23
-RDEPEND="dev-libs/expat
24
-	>=dev-libs/apr-${APR_PV}:1
25
-	berkdb? ( >=sys-libs/db-4 )
26
-	freetds? ( dev-db/freetds )
27
-	gdbm? ( sys-libs/gdbm )
28
-	ldap? ( =net-nds/openldap-2* )
29
-	mysql? ( =virtual/mysql-5* )
30
-	nss? ( dev-libs/nss )
31
-	odbc? ( dev-db/unixODBC )
32
-	openssl? ( dev-libs/openssl )
33
-	postgres? ( dev-db/postgresql )
34
-	sqlite? ( dev-db/sqlite:3 )"
35
-DEPEND="${RDEPEND}
36
-	>=sys-devel/libtool-2.4.2
37
-	doc? ( app-doc/doxygen )"
38
-
39
-DOCS=(CHANGES NOTICE README)
40
-
41
-src_prepare() {
42
-	epatch "${FILESDIR}"/${PN}-1.5.3-sysroot.patch #385775
43
-	epatch "${FILESDIR}"/apr-util-1.5-limit-dos.diff
44
-	eautoreconf
45
-	elibtoolize
46
-}
47
-
48
-src_configure() {
49
-	local myconf=()
50
-
51
-	tc-is-static-only && myconf+=( --disable-util-dso )
52
-
53
-	if use berkdb; then
54
-		local db_version
55
-		db_version="$(db_findver sys-libs/db)" || die "Unable to find Berkeley DB version"
56
-		db_version="$(db_ver_to_slot "${db_version}")"
57
-		db_version="${db_version/\./}"
58
-		myconf+=(
59
-			--with-dbm=db${db_version}
60
-			# We use $T for the libdir because otherwise it'd simply be the normal
61
-			# system libdir.  That's pointless as the compiler will search it for
62
-			# us already.  This makes cross-compiling and such easier.
63
-			--with-berkeley-db="${SYSROOT}$(db_includedir 2>/dev/null):${T}"
64
-		)
65
-	else
66
-		myconf+=( --without-berkeley-db )
67
-	fi
68
-
69
-	if use nss || use openssl ; then
70
-		myconf+=( --with-crypto ) # 518708
71
-	fi
72
-
73
-	econf \
74
-		--datadir="${EPREFIX}"/usr/share/apr-util-1 \
75
-		--with-apr="${SYSROOT}${EPREFIX}"/usr \
76
-		--with-expat="${EPREFIX}"/usr \
77
-		--without-sqlite2 \
78
-		$(use_with freetds) \
79
-		$(use_with gdbm) \
80
-		$(use_with ldap) \
81
-		$(use_with mysql) \
82
-		$(use_with nss) \
83
-		$(use_with odbc) \
84
-		$(use_with openssl) \
85
-		$(use_with postgres pgsql) \
86
-		$(use_with sqlite sqlite3) \
87
-		"${myconf[@]}"
88
-	# Use the current env build settings rather than whatever apr was built with.
89
-	sed -i -r \
90
-		-e "/^(apr_builddir|apr_builders|top_builddir)=/s:=:=${SYSROOT}:" \
91
-		-e "/^CC=/s:=.*:=$(tc-getCC):" \
92
-		-e '/^(C|CPP|CXX|LD)FLAGS=/d' \
93
-		-e '/^LTFLAGS/s:--silent::' \
94
-		build/rules.mk || die
95
-}
96
-
97
-src_compile() {
98
-	emake
99
-	use doc && emake dox
100
-}
101
-
102
-src_install() {
103
-	default
104
-
105
-	find "${ED}" -name "*.la" -delete
106
-	find "${ED}usr/$(get_libdir)/apr-util-${SLOT}" -name "*.a" -delete
107
-	use static-libs || find "${ED}" -name "*.a" -delete
108
-
109
-	use doc && dohtml -r docs/dox/html/*
110
-
111
-	# This file is only used on AIX systems, which Gentoo is not,
112
-	# and causes collisions between the SLOTs, so remove it.
113
-	rm -f "${ED}usr/$(get_libdir)/aprutil.exp"
114
-}
115 0
deleted file mode 100644
... ...
@@ -1,23 +0,0 @@
1
-+++ apr-util-1.5.4/crypto/crypt_blowfish.c	2017-01-10 12:05:56.449895464 +0100
2
-@@ -675,9 +675,9 @@
3
- 	    setting[2] < 'a' || setting[2] > 'z' ||
4
- 	    !flags_by_subtype[(unsigned int)(unsigned char)setting[2] - 'a'] ||
5
- 	    setting[3] != '$' ||
6
--	    setting[4] < '0' || setting[4] > '3' ||
7
-+	    setting[4] < '0' || setting[4] > '1' ||
8
- 	    setting[5] < '0' || setting[5] > '9' ||
9
--	    (setting[4] == '3' && setting[5] > '1') ||
10
-+	    (setting[4] == '1' && setting[5] > '7') ||
11
- 	    setting[6] != '$') {
12
- 		__set_errno(EINVAL);
13
- 		return NULL;
14
-@@ -877,7 +877,7 @@
15
- 	const char *input, int size, char *output, int output_size)
16
- {
17
- 	if (size < 16 || output_size < 7 + 22 + 1 ||
18
--	    (count && (count < 4 || count > 31)) ||
19
-+	    (count && (count < 4 || count > 17)) ||
20
- 	    prefix[0] != '$' || prefix[1] != '2' ||
21
- 	    (prefix[2] != 'a' && prefix[2] != 'y')) {
22
- 		if (output_size > 0) output[0] = '\0';
23 0
deleted file mode 100644
... ...
@@ -1,36 +0,0 @@
1
-https://bugs.gentoo.org/385775
2
-
3
-utilize $SYSROOT to find the right includedir tree
4
-
5
-drop the -L/-R paths since we know our libdir is the standard path which
6
-the compiler already knows how to locate
7
-
8
-+++ b/apu-config.in
9
-@@ -25,7 +25,7 @@ prefix="@prefix@"
10
- exec_prefix="@exec_prefix@"
11
- bindir="@bindir@"
12
- libdir="@libdir@"
13
--includedir="@includedir@"
14
-+includedir="${SYSROOT}@includedir@"
15
- 
16
- LIBS="@APRUTIL_EXPORT_LIBS@"
17
- INCLUDES="@APRUTIL_INCLUDES@"
18
-@@ -166,7 +166,7 @@ while test $# -gt 0; do
19
-     --link-ld)
20
-     if test "$location" = "installed"; then
21
-         ### avoid using -L if libdir is a "standard" location like /usr/lib
22
--        flags="$flags -L$libdir -l$APRUTIL_LIBNAME"
23
-+        flags="$flags -l$APRUTIL_LIBNAME"
24
-     else
25
-         flags="$flags -L$APU_BUILD_DIR -l$APRUTIL_LIBNAME"
26
-     fi
27
-@@ -182,7 +182,7 @@ while test $# -gt 0; do
28
-         ### avoid using -L if libdir is a "standard" location like /usr/lib
29
-         # Since the user is specifying they are linking with libtool, we
30
-         # *know* that -R will be recognized by libtool.
31
--        flags="$flags -L$libdir -R$libdir -l$APRUTIL_LIBNAME"
32
-+        flags="$flags -l$APRUTIL_LIBNAME"
33
-     else
34
-         flags="$flags $LA_FILE"
35
-     fi
36 0
deleted file mode 100644
... ...
@@ -1,14 +0,0 @@
1
-<?xml version="1.0" encoding="UTF-8"?>
2
-<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
3
-<pkgmetadata>
4
-	<maintainer type="person">
5
-		<email>polynomial-c@gentoo.org</email>
6
-		<name>Lars Wendler</name>
7
-	</maintainer>
8
-	<use>
9
-		<flag name="libressl">Use <pkg>dev-libs/libressl</pkg> instead of
10
-			<pkg>dev-libs/openssl</pkg> for 'openssl' USE flag</flag>
11
-		<flag name="nss">Install apr_crypto_nss module</flag>
12
-		<flag name="openssl">Install apr_crypto_openssl module</flag>
13
-	</use>
14
-</pkgmetadata>