diff options
| author |   Mart Raudsepp <leio@gentoo.org> | 2008-07-01 00:52:20 +0000 |
|---|---|---|
| committer | Mart Raudsepp <leio@gentoo.org> | 2008-07-01 00:52:20 +0000 |
| commit | fb0d4c9d90d0de25dcdda5d5b30c4629230650d6 (patch) | |
| tree | 17c24d62febae4f6fc9ed799603a6b6e6d9d08ca /dev-libs/glib | |
| parent | xulrunner-1.9 support, bug #228417. (diff) | |
| download | gentoo-2-fb0d4c9d90d0de25dcdda5d5b30c4629230650d6.tar.gz gentoo-2-fb0d4c9d90d0de25dcdda5d5b30c4629230650d6.tar.bz2 gentoo-2-fb0d4c9d90d0de25dcdda5d5b30c4629230650d6.zip | |
Fix for a heap-based buffer overflow possibility in the included modified copy of PCRE, bug 230039, related to CVE-2008-2371
(Portage version: 2.2_rc1/cvs/Linux 2.6.25-gentoo-r4 i686, RepoMan options: --force)
Diffstat (limited to 'dev-libs/glib')
| -rw-r--r-- | dev-libs/glib/ChangeLog | 9 | ||||
| -rw-r--r-- | dev-libs/glib/files/glib-2.16.3-pcre-buffer-overflow.patch | 15 | ||||
| -rw-r--r-- | dev-libs/glib/glib-2.16.3-r1.ebuild | 93 |
3 files changed, 116 insertions, 1 deletions
diff --git a/dev-libs/glib/ChangeLog b/dev-libs/glib/ChangeLog index 52f21d15cfb7..7f350482b488 100644 --- a/dev-libs/glib/ChangeLog +++ b/dev-libs/glib/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for dev-libs/glib # Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/glib/ChangeLog,v 1.322 2008/06/30 16:18:04 jer Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/glib/ChangeLog,v 1.323 2008/07/01 00:52:19 leio Exp $ + +*glib-2.16.3-r1 (01 Jul 2008) + + 01 Jul 2008; Mart Raudsepp <leio@gentoo.org> + +files/glib-2.16.3-pcre-buffer-overflow.patch, +glib-2.16.3-r1.ebuild: + Fix for a heap-based buffer overflow possibility in the included modified + copy of PCRE, bug 230039, related to CVE-2008-2371 30 Jun 2008; Jeroen Roovers <jer@gentoo.org> glib-2.16.3.ebuild: Stable for HPPA (bug #227679). diff --git a/dev-libs/glib/files/glib-2.16.3-pcre-buffer-overflow.patch b/dev-libs/glib/files/glib-2.16.3-pcre-buffer-overflow.patch new file mode 100644 index 000000000000..18fd0525be48 --- /dev/null +++ b/dev-libs/glib/files/glib-2.16.3-pcre-buffer-overflow.patch @@ -0,0 +1,15 @@ +--- glib/pcre/pcre_compile.c.orig 2008-06-30 10:42:54.000000000 +0300 ++++ glib/pcre/pcre_compile.c 2008-06-30 10:43:10.000000000 +0300 +@@ -4699,11 +4699,11 @@ we set the flag only if there is a liter + { + if (code == cd->start_code + 1 + LINK_SIZE && + (lengthptr == NULL || *lengthptr == 2 + 2*LINK_SIZE)) + { + cd->external_options = newoptions; +- options = newoptions; ++ options = *optionsptr = newoptions; + } + else + { + if ((options & PCRE_IMS) != (newoptions & PCRE_IMS)) + { diff --git a/dev-libs/glib/glib-2.16.3-r1.ebuild b/dev-libs/glib/glib-2.16.3-r1.ebuild new file mode 100644 index 000000000000..f5d3855ac740 --- /dev/null +++ b/dev-libs/glib/glib-2.16.3-r1.ebuild @@ -0,0 +1,93 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/glib/glib-2.16.3-r1.ebuild,v 1.1 2008/07/01 00:52:19 leio Exp $ + +inherit gnome.org libtool eutils flag-o-matic + +DESCRIPTION="The GLib library of C routines" +HOMEPAGE="http://www.gtk.org/" + +LICENSE="LGPL-2" +SLOT="2" +KEYWORDS="alpha amd64 ~arm hppa ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh sparc ~sparc-fbsd x86 ~x86-fbsd" +IUSE="debug doc fam hardened selinux xattr" + +RDEPEND="virtual/libc + virtual/libiconv + xattr? ( sys-apps/attr ) + fam? ( virtual/fam )" +DEPEND="${RDEPEND} + >=dev-util/pkgconfig-0.16 + >=sys-devel/gettext-0.11 + doc? ( + >=dev-libs/libxslt-1.0 + >=dev-util/gtk-doc-1.8 + ~app-text/docbook-xml-dtd-4.1.2 + )" + +src_unpack() { + unpack ${A} + cd "${S}" + + if use ppc64 && use hardened ; then + replace-flags -O[2-3] -O1 + epatch "${FILESDIR}/glib-2.6.3-testglib-ssp.patch" + fi + + if use ia64 ; then + # Only apply for < 4.1 + local major=$(gcc-major-version) + local minor=$(gcc-minor-version) + if (( major < 4 || ( major == 4 && minor == 0 ) )); then + epatch "${FILESDIR}/glib-2.10.3-ia64-atomic-ops.patch" + fi + fi + + sed -e "s/MATCH_LIMIT_RECURSION=10000000/MATCH_LIMIT_RECURSION=8192/g" \ + -i "${S}/glib/pcre/Makefile.in" "${S}/glib/pcre/Makefile.am" + + # Bug 230039, heap based buffer overflow in included copy of pcre (CVE-2008-2371) + epatch "${FILESDIR}/${P}-pcre-buffer-overflow.patch" + + # GNOME bug #538836, fix gio test failure on various arches + sed -i -e 's:|\\<g_atomic_int\\|:|\\<g_atomic_int\\|\\<g_atomic_pointer_get\\|:' \ + "${S}/gio/pltcheck.sh" + + # Fix gmodule issues on fbsd; bug #184301 + epatch "${FILESDIR}"/${PN}-2.12.12-fbsd.patch + + [[ ${CHOST} == *-freebsd* ]] && elibtoolize +} + +src_compile() { + local myconf + + epunt_cxx + + # Building with --disable-debug highly unrecommended. It will build glib in + # an unusable form as it disables some commonly used API. Please do not + # convert this to the use_enable form, as it results in a broken build. + # -- compnerd (3/27/06) + use debug && myconf="--enable-debug" + + # always build static libs, see #153807 + econf ${myconf} \ + $(use_enable xattr) \ + $(use_enable doc man) \ + $(use_enable doc gtk-doc) \ + $(use_enable fam) \ + $(use_enable selinux) \ + --enable-static \ + --with-threads=posix || die "configure failed" + + emake || die "make failed" +} + +src_install() { + emake DESTDIR="${D}" install || die "Installation failed" + + # Do not install charset.alias even if generated, leave it to libiconv + rm -f "${D}/usr/lib/charset.alias" + + dodoc AUTHORS ChangeLog* NEWS* README +} |