diff options
| author |   Kristian Fiskerstrand <k_f@gentoo.org> | 2015-04-13 17:45:10 +0000 |
|---|---|---|
| committer | Kristian Fiskerstrand <k_f@gentoo.org> | 2015-04-13 17:45:10 +0000 |
| commit | 0899b1d7eef029217ad4b2e1ee22251d59ef8e84 (patch) | |
| tree | 691b719bf2f018e2befa0b30ed02199d1a6c523d /app-crypt | |
| parent | Fix USE=exif to depend on gexiv2 by default and add USE=libexif to built agai... (diff) | |
| download | historical-0899b1d7eef029217ad4b2e1ee22251d59ef8e84.tar.gz historical-0899b1d7eef029217ad4b2e1ee22251d59ef8e84.tar.bz2 historical-0899b1d7eef029217ad4b2e1ee22251d59ef8e84.zip | |
Add fix for NULL-segv due to invalid imported data, reported by Hanno Böck.
Package-Manager: portage-2.2.14/cvs/Linux x86_64
Manifest-Sign-Key: 0xFED5002857C1ABFA!
Diffstat (limited to 'app-crypt')
| -rw-r--r-- | app-crypt/gnupg/ChangeLog | 9 | ||||
| -rw-r--r-- | app-crypt/gnupg/Manifest | 19 | ||||
| -rw-r--r-- | app-crypt/gnupg/files/gnupg-2.1.3-gpg-fix-null-segv.patch | 73 | ||||
| -rw-r--r-- | app-crypt/gnupg/gnupg-2.1.3-r1.ebuild (renamed from app-crypt/gnupg/gnupg-2.1.3.ebuild) | 3 |
4 files changed, 93 insertions, 11 deletions
diff --git a/app-crypt/gnupg/ChangeLog b/app-crypt/gnupg/ChangeLog index da5d8ad7d092..ea099ca2cf78 100644 --- a/app-crypt/gnupg/ChangeLog +++ b/app-crypt/gnupg/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for app-crypt/gnupg # Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-crypt/gnupg/ChangeLog,v 1.592 2015/04/13 16:53:46 k_f Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-crypt/gnupg/ChangeLog,v 1.593 2015/04/13 17:45:00 k_f Exp $ + +*gnupg-2.1.3-r1 (13 Apr 2015) + + 13 Apr 2015; Kristian Fiskerstrand <k_f@gentoo.org> + +files/gnupg-2.1.3-gpg-fix-null-segv.patch, +gnupg-2.1.3-r1.ebuild, + -gnupg-2.1.3.ebuild: + Add fix for NULL-segv due to invalid imported data, reported by Hanno Böck. 13 Apr 2015; Kristian Fiskerstrand <k_f@gentoo.org> +files/gnupg-2.1.3-dirmngr-no-ldap.patch, gnupg-2.1.3.ebuild: diff --git a/app-crypt/gnupg/Manifest b/app-crypt/gnupg/Manifest index 0e2eae1748eb..d4c70f22ea24 100644 --- a/app-crypt/gnupg/Manifest +++ b/app-crypt/gnupg/Manifest @@ -7,6 +7,7 @@ AUX gnupg-2.0.26-misc-cve.patch 3201 SHA256 d0f16d14da9868b79d17fa49ff284ec05fb4 AUX gnupg-2.1.1-misc-cve.patch 3548 SHA256 cef5fabc9b02366a33ed79e35b887fcb47e1d46f674f787da11e09b2ec8e5801 SHA512 9616ba2cdc513bc4982a2d66e1e06dcea6e52abba1e14033ab179e19b84ebaf43c60c3d3238ce38c7517c8fc4478570c0ea37f9e23f519d00bb720263d64e5dc WHIRLPOOL 2ab9c19edd012c4267d30aaf38f0880ea3cac2cf1f222cc37a883f69e839cd50486d3f4bd23fb191d3a97ed5557040088d764fa78acdf5eb9982937d1199eee3 AUX gnupg-2.1.3-dirmngr-Fix-segfault-in-ldap-engine.patch 962 SHA256 d762d7ca1bf850203e24ec1d3151fb3df1b1e368b3cb80ec884cdd6b716e0273 SHA512 602cd338abb7897c6b101ec1644e137880baab2bf35ab0c4b21b439548b3ccb04f8f63c45afb4da89d88200c3402a64e67c3b3845f76e01a42c82f99e20efb30 WHIRLPOOL 3c7d1a29a8f43e2a29d871853ce0042e24df522abc26bd3342874abb8053b735fdc2ffefc3c4686fe82f45f98608914c3f899fba6545f58af8e58da6648a5483 AUX gnupg-2.1.3-dirmngr-no-ldap.patch 7476 SHA256 d210eb26f0853547948d46e391eb5cbf02ec99fe216238d2475cf478da154f64 SHA512 64176f4158540b64a1c8ddcc1535869a62eff7eb02bd161eb93434288b4bebe123d66ef03b61745c5741ba11eb9ffdce25da80eea4aa8afa18858755a015387d WHIRLPOOL e312ed8de95e0edcbc0eebc46907a0c90b8d872074920fc2a3d80581e30bef8c569e9b70798ad64a638965b1b34803e5acb343c557f195bcd4a6cf440fdb0e88 +AUX gnupg-2.1.3-gpg-fix-null-segv.patch 2064 SHA256 ed58663492c111103a4b7b7d575e5ec3400d2372394cc5da56374e864ae7642a SHA512 a8966a2e50e8e8b2f2f14b32282a41a76f221bf4ff645b0dfbf1fc83cb35afa6d3d426686008a1cb58e51708d5f8cab13762cfba79f2bdd3415ba1b5103793aa WHIRLPOOL 7c916f55d60eb0df86918778c5d8226e56e6ba45c564bdd35c5f5cc16d9eb642f1dce25fd29c2febbfbfb1ba163c274e559dc69517cccaed686f5d8584de5c14 DIST gnupg-1.4.18.tar.bz2 3649557 SHA256 b7b5fdda78849955e0cdbc5a085f3a08f8b7fba126c622085debb62def5d6388 SHA512 f9619ede8e0d2844774e07fb42359444c5ab8e15565a87f419f76cc3d781940c564f35f429131686fdd7559c5c2edb49506b3c0a1feecbd95438743075be3e63 WHIRLPOOL 780876be0603fd0605b192721e2bbb770ad67d98acba8ef0fd769ab3241467696da5f49a189d89600d076691bf2cedb1294ffade5c44f6d24512d6a93a6f8981 DIST gnupg-1.4.19.tar.bz2 3713811 SHA256 7f09319d044b0f6ee71fe3587bb873be701723ac0952cff5069046a78de8fd86 SHA512 cce2a83efb05f963ad0f8afd04999cc852889d46b4cad4cf399a37fd6e69f0911a5ccaa0192cb891a941cfa93125349b481efa789a127e3c0aa2c5ba53672741 WHIRLPOOL 14eaddca0981f05757aa0751b9563837efd3f5943a422d5f29e0de94eb6233b85b8848a1f4816ab7e897d6e656c7c08705115d53ed89f554604ffd2009c3c39f DIST gnupg-2.0.26.tar.bz2 4303384 SHA256 7758e30dc382ae7a7167ed41b7f936aa50af5ea2d6fccdef663b5b750b65b8e0 SHA512 5dd23baaac764fd48abd235ed52a85a2c7fd68b98fcde45c0f294ddb3b5629e8b1bd894585fbed4e6a6cb2bc4a5552c098c3cf1a849fffa469424fd0a4fee726 WHIRLPOOL 8d9b30337957f6bfeddea29116d862ef0c0ddd06d59bc2799db236b91b2c6767aad6f37f2166fc431c5d9454eb41f49f3e261bc38d0e89361f0c467f4591cd5a @@ -16,16 +17,16 @@ EBUILD gnupg-1.4.18.ebuild 3763 SHA256 37cedb3946b555e83111f5096b3dd73f950617597 EBUILD gnupg-1.4.19.ebuild 3472 SHA256 e2d789f8ddd23866340e7e2cd450e7d7c51ea135e403571ec00873e85e04a4a1 SHA512 e4b5eb1b1d03762528464596316e433ec2b01330cd76ce5a7d7006ba77f8b7dda2d15e66f8574803a229fb5f543c587fe01b82ad981bb7a26c7ad7c2d86d7f7e WHIRLPOOL 9452157d05e9fc515af5b1d71bc14c820ac09337d6b3ac5ff66bca45a7de1ea50958f42bfdc6aee3f27e2596997efe36a473e7053bd904e144c73c3fbbc3a17e EBUILD gnupg-2.0.26-r3.ebuild 4889 SHA256 d68393d52300de25451d6e732c7c10484f31283b560988e4992e9ac8fed0874a SHA512 5cc4f633741c32f244aa43eb4606a339e9de7b0d7ceb6cc38bdc985293efc605abcaafe438d0d60250d30f1cf7923a92a093d854f2abb28b302a8ff385b4cfc9 WHIRLPOOL 3d5df13d06a20c6cb53ca9259a416e7f0fc6490331d19ba4b98508d1dd18ddbcfe19913ce0a8fb61071c5a4ed38e8d9dca68b79f22ceb97890ce8236dd2e739c EBUILD gnupg-2.0.27.ebuild 4782 SHA256 5453bd69096075d8866a4877b6dbc3efa03a85ae8cbee63ff72269741749545e SHA512 6fa97736a7995c4f6a0095453bfdc0a627c9915da1e7442a65933532aa2ec7d21fdc69ae1cc1b32147731927eaa3cd1716715fdc8dcd969956201649a9da23ce WHIRLPOOL f9f7fe16b87194311f24f9699c561248faec2600fb632a9bd14a205e5ba8092826c7167e895968ea516d6b260f5bc618faf412cd5e5df0198d04891f7ad2c4f1 -EBUILD gnupg-2.1.3.ebuild 4735 SHA256 af133aca5253c1783165bd59acdd79b6de96c15fe969361045122426f3998002 SHA512 0b15f4582a64202e7664888a37d79c6b0aacd842ee72d0b2eb90db067f8880fccafc10c3f67db2bac74ebe9770daa236664f52b1d43ed7029b8c54fbad829823 WHIRLPOOL 7568172ba811738ac0d0ab65a4012c2c4b8da9215dddf4c6f71bd09cae2e7cf27b16aa0a231c9e7736b8f502bff8c906aadd5f1eeff65a1927016276ed3ed92a -MISC ChangeLog 86540 SHA256 0c41458c08b60f2abb9315357d04a70c02da219adea384f481670e3ac8b35317 SHA512 a0976f9414c8fc4b06c23cfb5a3c25929d64a1ff22b545e0a95d5f6b3934b57320db2cbd73051b19980d530620ace47e1d7dad313e27866791c342e30d766a26 WHIRLPOOL d7bba8d12d01fb64daa770ec4bf2ff19d3233fe64372d35b7282443d4c840e19868f65b6fcfbeadcd968b37d2e022d9b0333e5d04279a90e3701a5bf4c9f2947 +EBUILD gnupg-2.1.3-r1.ebuild 4789 SHA256 e27fe86bd6bd5f40f1ef42f6113bd9610115b3f985567f3ba449391a49332037 SHA512 a51a941b774f0d42ddff1a634b4e49a8adb05952353ca639a7621f863b379f1e801c64416be09846c5a8c3b8891f29830dccd843363a0a19d7d19b5244495600 WHIRLPOOL 957ef05706d8b411119c962b520b5d10f7ec9c4eb55e2c56507475ac81a7f594e1cbc6af30a995ada291c972e023b3f0a5a6c5057bbb32bf7c26c9da420de005 +MISC ChangeLog 86798 SHA256 1a3b25da3744d265aa5bb8aa0837fd29e91668caaaa3e3b0f394245340ca6855 SHA512 3b41b5953e538faf2db500cd95de40f410173ad45f20b7140b05932401172e1350aea9abc478ef6f378a3f7a6bad30cb333db7ee09bb6dbd23a1f7504e117e76 WHIRLPOOL 9738820892836f91f6189c3b7161203d32394202f4e3486fa232f93d98000791147240552f0e1c4bd808adf7955deb71397af1da737d545eaaa2717fa82b6d44 MISC metadata.xml 1032 SHA256 cbef1621eb1364c8d12ac18e71cf4aabfced9ecd3c990a3f3cdf066902dc97bb SHA512 5e2ef4380effe027a0b0b8a11a29ed1996b3b5256ee333909d4a7cfcb18ea1e9dead9b8303c7dffc1ad10014dea79e827b1d84caa92294f4d3dfc29ff23a6af5 WHIRLPOOL a24c7f71ed140f34dd59b10314869d0c5482063be20faefa1591595feb856c79bc57a6b344dd467875cf3389d8cd14e2d41f2312f51d3b77dcbe27af97b7f129 -----BEGIN PGP SIGNATURE----- -iQEcBAEBCAAGBQJVK/SbAAoJEP7VAChXwav66j4IALrfk3NuXmAVIkUu6w52dGwW -wOnYU4ndl6lqTL1jcr+woxQcOj40uixVxlAQtIXCutDGDaWJKzJb5wzhJqwqD9Kj -FQtga2hudzxd1vVrMFeUfM5jd0B5X1/H21PDZzI8r4AjQU48aGp0/n7Z1lyPb+LA -XeaD4r/4vq76smmM7PsWoCpN3oIZRC1ztPMK5h5Ksh7CI9BpwfhIUJ5UUZepcIEg -D7gao5ypHHgiC11GK5P9kGC7h7ctyO3S8LVNStFqKFiBiGhqDvWNNyMZVP7YOHjZ -gjOc1ZXIrR08Q2rL/SBOzJV22yAdob1lWfN00I+8zSgJ+6Igs/qNgHAhBbXPfJw= -=NnIF +iQEcBAEBCAAGBQJVLACeAAoJEP7VAChXwav6MSQH/R8LOrrhimvUWgwfGQI1uoQo +RpQnfvuuHO3CliNsfugh8EhGd6vF+mFIllc186EyQibqN2JSTI6Du182g28FbgRk +dRiPyOmW31BHzgnU+Wq7tqA4ChjyYN3X1ZKuO+3ViVlDUtiNeuw0qosLSVWHkHIj +aoKHI99NN1txlkztIwC1U6XTngU3s1Xbfw+vf8U5ZRPiNA9gCkYeqWZXE2pZPsfC +nFkphGYL7YP7czo7yghLQ1oqhppnhaTYIEAllMIxx2iCnH30rTr0gUI2LFpXmMfa +JLgJgEKtmdN6kqvSEM2KQB/eINxhiHa8wah+KO32ORlRd0XsbwCbevS3WSo7q1I= +=cRZS -----END PGP SIGNATURE----- diff --git a/app-crypt/gnupg/files/gnupg-2.1.3-gpg-fix-null-segv.patch b/app-crypt/gnupg/files/gnupg-2.1.3-gpg-fix-null-segv.patch new file mode 100644 index 000000000000..395cbebb797b --- /dev/null +++ b/app-crypt/gnupg/files/gnupg-2.1.3-gpg-fix-null-segv.patch @@ -0,0 +1,73 @@ +From 25fce93ba19d997e234a674d5cc98df82c5b5496 Mon Sep 17 00:00:00 2001 +From: Werner Koch <wk@gnupg.org> +Date: Mon, 13 Apr 2015 11:44:10 +0200 +Subject: [PATCH] gpg: Fix NULL-segv due to invalid imported data. +MIME-Version: 1.0 +Content-Type: text/plain; charset=utf8 +Content-Transfer-Encoding: 8bit + +* g10/free-packet.c (my_mpi_copy): New. +(copy_public_key, copy_signature): Use instead of mpi_copy. +-- + +Reported-by: Hanno Böck +Signed-off-by: Werner Koch <wk@gnupg.org> +--- + g10/free-packet.c | 22 ++++++++++++++++++---- + 1 file changed, 18 insertions(+), 4 deletions(-) + +diff --git a/g10/free-packet.c b/g10/free-packet.c +index 99e7404..49d54f4 100644 +--- a/g10/free-packet.c ++++ b/g10/free-packet.c +@@ -31,6 +31,20 @@ + #include "options.h" + + ++/* This is mpi_copy with a fix for opaque MPIs which store a NULL ++ pointer. This will also be fixed in Libggcrypt 1.7.0. */ ++static gcry_mpi_t ++my_mpi_copy (gcry_mpi_t a) ++{ ++ if (a ++ && gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE) ++ && !gcry_mpi_get_opaque (a, NULL)) ++ return NULL; ++ ++ return gcry_mpi_copy (a); ++} ++ ++ + void + free_symkey_enc( PKT_symkey_enc *enc ) + { +@@ -190,11 +204,11 @@ copy_public_key (PKT_public_key *d, PKT_public_key *s) + n = pubkey_get_npkey (s->pubkey_algo); + i = 0; + if (!n) +- d->pkey[i++] = mpi_copy (s->pkey[0]); ++ d->pkey[i++] = my_mpi_copy (s->pkey[0]); + else + { + for (; i < n; i++ ) +- d->pkey[i] = mpi_copy( s->pkey[i] ); ++ d->pkey[i] = my_mpi_copy (s->pkey[i]); + } + for (; i < PUBKEY_MAX_NSKEY; i++) + d->pkey[i] = NULL; +@@ -237,10 +251,10 @@ copy_signature( PKT_signature *d, PKT_signature *s ) + memcpy( d, s, sizeof *d ); + n = pubkey_get_nsig( s->pubkey_algo ); + if( !n ) +- d->data[0] = mpi_copy(s->data[0]); ++ d->data[0] = my_mpi_copy(s->data[0]); + else { + for(i=0; i < n; i++ ) +- d->data[i] = mpi_copy( s->data[i] ); ++ d->data[i] = my_mpi_copy( s->data[i] ); + } + d->pka_info = s->pka_info? cp_pka_info (s->pka_info) : NULL; + d->hashed = cp_subpktarea (s->hashed); +-- +2.1.4 + diff --git a/app-crypt/gnupg/gnupg-2.1.3.ebuild b/app-crypt/gnupg/gnupg-2.1.3-r1.ebuild index 2bae71611814..bd8a7de1b6d5 100644 --- a/app-crypt/gnupg/gnupg-2.1.3.ebuild +++ b/app-crypt/gnupg/gnupg-2.1.3-r1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2015 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-crypt/gnupg/gnupg-2.1.3.ebuild,v 1.3 2015/04/13 16:53:46 k_f Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-crypt/gnupg/gnupg-2.1.3-r1.ebuild,v 1.1 2015/04/13 17:45:00 k_f Exp $ EAPI="5" @@ -62,6 +62,7 @@ src_prepare() { epatch "${FILESDIR}/${PN}-2.0.17-gpgsm-gencert.patch" epatch "${FILESDIR}/${P}-dirmngr-Fix-segfault-in-ldap-engine.patch" epatch "${FILESDIR}/${P}-dirmngr-no-ldap.patch" + epatch "${FILESDIR}/${P}-gpg-fix-null-segv.patch" epatch_user eautoreconf } |