Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/dev-libs/glib
diff options
context:
space:
mode:
authorMart Raudsepp <leio@gentoo.org>2008-07-01 00:52:20 +0000
committerMart Raudsepp <leio@gentoo.org>2008-07-01 00:52:20 +0000
commit4e9e3eb2c3f366841e462cdb1e6e1a3ab7bec396 (patch)
treeb7524510bf21531060fe6b3199763a0dc72233e8 /dev-libs/glib
parentxulrunner-1.9 support, bug #228417. (diff)
downloadhistorical-4e9e3eb2c3f366841e462cdb1e6e1a3ab7bec396.tar.gz
historical-4e9e3eb2c3f366841e462cdb1e6e1a3ab7bec396.tar.bz2
historical-4e9e3eb2c3f366841e462cdb1e6e1a3ab7bec396.zip
Fix for a heap-based buffer overflow possibility in the included modified copy of PCRE, bug 230039, related to CVE-2008-2371
Package-Manager: portage-2.2_rc1/cvs/Linux 2.6.25-gentoo-r4 i686 RepoMan-Options: --force
Diffstat (limited to 'dev-libs/glib')
-rw-r--r--dev-libs/glib/ChangeLog9
-rw-r--r--dev-libs/glib/Manifest14
-rw-r--r--dev-libs/glib/files/glib-2.16.3-pcre-buffer-overflow.patch15
-rw-r--r--dev-libs/glib/glib-2.16.3-r1.ebuild93
4 files changed, 129 insertions, 2 deletions
diff --git a/dev-libs/glib/ChangeLog b/dev-libs/glib/ChangeLog
index 52f21d15cfb7..7f350482b488 100644
--- a/dev-libs/glib/ChangeLog
+++ b/dev-libs/glib/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for dev-libs/glib
# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/dev-libs/glib/ChangeLog,v 1.322 2008/06/30 16:18:04 jer Exp $
+# $Header: /var/cvsroot/gentoo-x86/dev-libs/glib/ChangeLog,v 1.323 2008/07/01 00:52:19 leio Exp $
+
+*glib-2.16.3-r1 (01 Jul 2008)
+
+ 01 Jul 2008; Mart Raudsepp <leio@gentoo.org>
+ +files/glib-2.16.3-pcre-buffer-overflow.patch, +glib-2.16.3-r1.ebuild:
+ Fix for a heap-based buffer overflow possibility in the included modified
+ copy of PCRE, bug 230039, related to CVE-2008-2371
30 Jun 2008; Jeroen Roovers <jer@gentoo.org> glib-2.16.3.ebuild:
Stable for HPPA (bug #227679).
diff --git a/dev-libs/glib/Manifest b/dev-libs/glib/Manifest
index 4070d50c6723..bece3d6d7a5e 100644
--- a/dev-libs/glib/Manifest
+++ b/dev-libs/glib/Manifest
@@ -1,9 +1,13 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
AUX glib-1.2.10-automake.patch 827 RMD160 3b1485f89a157b60f31f5ae8ffe2333ab842d217 SHA1 cd40e4dc579190a89e09fad9ac7b209f24b231b3 SHA256 db6d22caf4054c09467b50b6d85566eec7479a29169460950e423c083332ef67
AUX glib-1.2.10-configure-LANG.patch 1464 RMD160 91481ba6b3f7a1d6e22a4ab7003fcee17450f3c1 SHA1 d98cc2f4ac6cc4aae55270ad0e5705af4de9b3ad SHA256 32377819896297caf9628f382c7bba09ee0a049bd977e9ea927314c0c2e669b4
AUX glib-1.2.10-gcc34-fix.patch 2008 RMD160 7e92b8842a8232cada12453d7f5e5a587a2bf496 SHA1 cb9c6e2f5320590713b3fba61f1d984e569d5d08 SHA256 848620bc200c2a42d726744fe6c36e20a396624e82b0c742b726dd72287e6cdd
AUX glib-1.2.10-m4.patch 225 RMD160 65218d0099218a1008827c1364b6e51c073d236b SHA1 e9198bde79320d76ad942d42a0292acb5d216a86 SHA256 c470b3ecc3b8fd6a2d52df816a1c4ccb3ad2d6048e37894f415c8ea9c7925b68
AUX glib-2.10.3-ia64-atomic-ops.patch 1058 RMD160 066e63a99739dc412fbed7f773118323f53ea774 SHA1 13c22e2f75a77e9e0546e495fd28015ddcb8bade SHA256 ad9cad6793626b4e36a59aa6cb839607847aa57ebc37592fd1e273ccd23a53c8
AUX glib-2.12.12-fbsd.patch 668 RMD160 d8bf399b7e0b417c4622b278282086418c1d3363 SHA1 b7a0f4d67083f2c9b4bbecd84a6d597dd0f0f9ed SHA256 23b0dc406d3d45fe125268b731af67147e83f6e38a63c7892828bdbfe1c31e8d
+AUX glib-2.16.3-pcre-buffer-overflow.patch 615 RMD160 b7f582308f450da71a8f686674953ae33e14d3af SHA1 e9798ea68ab2d54d64cf37c9a8d527d207fb91d7 SHA256 612f39f6daab94f1f497ee694963d436fa27bf2616c210a3c5dc6ba0546e3397
AUX glib-2.6.3-testglib-ssp.patch 344 RMD160 6709acf85c52e39553e2e5ee93637f7e9cc7eca6 SHA1 403b249a460a9700669e754a562fb6974f3d6898 SHA256 c2ece3d7b4533e3bfbe8100df5d0824176d9dfa0b18697a8919162956c8ebfa8
AUX glib-2.8.3-macos.patch 307 RMD160 f9212f17245cec6767cc1f0447e461c6e4917a6c SHA1 00065a3265796e3a9b5da5ff83f55db47a37646e SHA256 2c98a14c2df57484e73525c4cc249a7e1a73da3ae97193b34dbc83981d5df9d6
DIST glib-1.2.10-r1-as-needed.patch.bz2 9099 RMD160 5b7a21da6dc10112409bd885501a6976a2eb894d SHA1 468a7947b7d1688c2e7d61da80d40ca59422fbec SHA256 3bb8c45706f97b526da851061c89618bc258fa61f9100802c1340548e4bb2731
@@ -26,7 +30,15 @@ EBUILD glib-2.14.3.ebuild 2117 RMD160 b6f1cb2fc5c940f20f8dd5b32a1fa8ac98dafce4 S
EBUILD glib-2.14.6.ebuild 2113 RMD160 fb79974f995b225bb8e28fc19f7ab7294283adaf SHA1 21c58f0e031a3b46b035fd6a3f89e3c43ef2e5ed SHA256 aac6708084b6285ea6e00c716fc5615acfc5f88ae9a051bfdafa808aa857728b
EBUILD glib-2.16.1.ebuild 2388 RMD160 e7a8024e7ba8b4e3dbd5c42c4e6a71d684339ad7 SHA1 43435fdf902da33b96f139303589c81d6151bdde SHA256 50f239bbd95475017522d87577eb57d9740bb67905aed47d76610c7d89059612
EBUILD glib-2.16.2.ebuild 2388 RMD160 df83e08a2b36629d6794f28a0a76e5eb55cc0a2b SHA1 0bb0d70c63f640d3e992070b7f948e7e0046500c SHA256 b87907eea1f69dcd42a3105c39e580f4734978d7046741b3be43ef7708b7b2f8
+EBUILD glib-2.16.3-r1.ebuild 2694 RMD160 3d6d3aaf6fecca564f93c2343411c8e6e5bf4bb3 SHA1 207677f99d13a45def489db7342174a8adf7caed SHA256 16d4c1a7f332190fbe17c06e61d8776827277b747d5071a3817471ff25aacf48
EBUILD glib-2.16.3.ebuild 2550 RMD160 b6f011d94636db357e3015c26b71251d939ab6d2 SHA1 c5dba67a6379e76fdf7139dbdccd3a53cce7e442 SHA256 f9e41e95693385747cdf19cc930f98916d31d352ff1ac639e2aa236640172714
EBUILD glib-2.8.6.ebuild 1590 RMD160 74e87c06333c79a44d8bb1d902569589db016253 SHA1 6cf31b08c95da4c30ec241f484243f46caf47147 SHA256 b9bd9b55930451315e40c088aaac6aec3328cea84978f43de4dd0988932d5d72
-MISC ChangeLog 38253 RMD160 025a93c799ff034644b7e47c1d818e160284bd38 SHA1 2b1f737e42514885fa3a7365794b688093b206e1 SHA256 4fc1ba3a04d13363e462e8128b2f9142b12a1da1b6c30882ba96614b98349eb8
+MISC ChangeLog 38535 RMD160 39e6f43ad3ac3957a98d9c5589f8429817c13672 SHA1 0bfdd269fd3da734333b97237cb9a99612f9bd6e SHA256 6e3976d13905cfe63677e1295cdf513a4bb447c8c8c5eb20f4eac432b066bbdd
MISC metadata.xml 158 RMD160 c0e2bae8e91bb6be8922bac5e4f597302e06587e SHA1 38f78e9790bcd4382b4a49aa226aa6dda1d3a3d7 SHA256 3a7dbca0fdc557de69783e0663e2d76ddab129ea8a19b2d0ef6d3e5d1b947ce1
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.8 (GNU/Linux)
+
+iEYEARECAAYFAkhpf7MACgkQkeYb6olFHJfEzQCgwW2c0QK58Uo2jEWOTyjz745m
+YrkAoJyyoFPB6jYbbkuW1HOpw+YmWdxx
+=QkHY
+-----END PGP SIGNATURE-----
diff --git a/dev-libs/glib/files/glib-2.16.3-pcre-buffer-overflow.patch b/dev-libs/glib/files/glib-2.16.3-pcre-buffer-overflow.patch
new file mode 100644
index 000000000000..18fd0525be48
--- /dev/null
+++ b/dev-libs/glib/files/glib-2.16.3-pcre-buffer-overflow.patch
@@ -0,0 +1,15 @@
+--- glib/pcre/pcre_compile.c.orig 2008-06-30 10:42:54.000000000 +0300
++++ glib/pcre/pcre_compile.c 2008-06-30 10:43:10.000000000 +0300
+@@ -4699,11 +4699,11 @@ we set the flag only if there is a liter
+ {
+ if (code == cd->start_code + 1 + LINK_SIZE &&
+ (lengthptr == NULL || *lengthptr == 2 + 2*LINK_SIZE))
+ {
+ cd->external_options = newoptions;
+- options = newoptions;
++ options = *optionsptr = newoptions;
+ }
+ else
+ {
+ if ((options & PCRE_IMS) != (newoptions & PCRE_IMS))
+ {
diff --git a/dev-libs/glib/glib-2.16.3-r1.ebuild b/dev-libs/glib/glib-2.16.3-r1.ebuild
new file mode 100644
index 000000000000..f5d3855ac740
--- /dev/null
+++ b/dev-libs/glib/glib-2.16.3-r1.ebuild
@@ -0,0 +1,93 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/dev-libs/glib/glib-2.16.3-r1.ebuild,v 1.1 2008/07/01 00:52:19 leio Exp $
+
+inherit gnome.org libtool eutils flag-o-matic
+
+DESCRIPTION="The GLib library of C routines"
+HOMEPAGE="http://www.gtk.org/"
+
+LICENSE="LGPL-2"
+SLOT="2"
+KEYWORDS="alpha amd64 ~arm hppa ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh sparc ~sparc-fbsd x86 ~x86-fbsd"
+IUSE="debug doc fam hardened selinux xattr"
+
+RDEPEND="virtual/libc
+ virtual/libiconv
+ xattr? ( sys-apps/attr )
+ fam? ( virtual/fam )"
+DEPEND="${RDEPEND}
+ >=dev-util/pkgconfig-0.16
+ >=sys-devel/gettext-0.11
+ doc? (
+ >=dev-libs/libxslt-1.0
+ >=dev-util/gtk-doc-1.8
+ ~app-text/docbook-xml-dtd-4.1.2
+ )"
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+
+ if use ppc64 && use hardened ; then
+ replace-flags -O[2-3] -O1
+ epatch "${FILESDIR}/glib-2.6.3-testglib-ssp.patch"
+ fi
+
+ if use ia64 ; then
+ # Only apply for < 4.1
+ local major=$(gcc-major-version)
+ local minor=$(gcc-minor-version)
+ if (( major < 4 || ( major == 4 && minor == 0 ) )); then
+ epatch "${FILESDIR}/glib-2.10.3-ia64-atomic-ops.patch"
+ fi
+ fi
+
+ sed -e "s/MATCH_LIMIT_RECURSION=10000000/MATCH_LIMIT_RECURSION=8192/g" \
+ -i "${S}/glib/pcre/Makefile.in" "${S}/glib/pcre/Makefile.am"
+
+ # Bug 230039, heap based buffer overflow in included copy of pcre (CVE-2008-2371)
+ epatch "${FILESDIR}/${P}-pcre-buffer-overflow.patch"
+
+ # GNOME bug #538836, fix gio test failure on various arches
+ sed -i -e 's:|\\<g_atomic_int\\|:|\\<g_atomic_int\\|\\<g_atomic_pointer_get\\|:' \
+ "${S}/gio/pltcheck.sh"
+
+ # Fix gmodule issues on fbsd; bug #184301
+ epatch "${FILESDIR}"/${PN}-2.12.12-fbsd.patch
+
+ [[ ${CHOST} == *-freebsd* ]] && elibtoolize
+}
+
+src_compile() {
+ local myconf
+
+ epunt_cxx
+
+ # Building with --disable-debug highly unrecommended. It will build glib in
+ # an unusable form as it disables some commonly used API. Please do not
+ # convert this to the use_enable form, as it results in a broken build.
+ # -- compnerd (3/27/06)
+ use debug && myconf="--enable-debug"
+
+ # always build static libs, see #153807
+ econf ${myconf} \
+ $(use_enable xattr) \
+ $(use_enable doc man) \
+ $(use_enable doc gtk-doc) \
+ $(use_enable fam) \
+ $(use_enable selinux) \
+ --enable-static \
+ --with-threads=posix || die "configure failed"
+
+ emake || die "make failed"
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die "Installation failed"
+
+ # Do not install charset.alias even if generated, leave it to libiconv
+ rm -f "${D}/usr/lib/charset.alias"
+
+ dodoc AUTHORS ChangeLog* NEWS* README
+}