Date: Thu, 19 Oct 2017 13:47:42 +0000 (UTC) From: Alex Kozlov <ak@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r452421 - in head/archivers/arj: . files Message-ID: <201710191347.v9JDlgXC064385@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ak Date: Thu Oct 19 13:47:42 2017 New Revision: 452421 URL: https://svnweb.freebsd.org/changeset/ports/452421 Log: - Fix buffer overflow (CVE-2015-2782) - Fix absolute path directory traversal (CVE-2015-0557) - Fix symlink directory traversal (CVE-2015-0556) - Fix build on armv6 - Fix parallel build - Make build reproducible PR: 221589 Submitted by: mikael.urankar@gmail.com Obtained from: debian patchset 16 Approved by: garga (maintainer) Added: head/archivers/arj/files/patch-arjtypes.c (contents, props changed) Deleted: head/archivers/arj/files/patch-arj__arcv.c head/archivers/arj/files/patch-arj__proc.c head/archivers/arj/files/patch-arj__proc.h head/archivers/arj/files/patch-fardata.c Modified: head/archivers/arj/Makefile head/archivers/arj/distinfo Modified: head/archivers/arj/Makefile ============================================================================== --- head/archivers/arj/Makefile Thu Oct 19 13:33:34 2017 (r452420) +++ head/archivers/arj/Makefile Thu Oct 19 13:47:42 2017 (r452421) @@ -3,9 +3,12 @@ PORTNAME= arj PORTVERSION= 3.10.22 -PORTREVISION= 4 +PORTREVISION= 5 CATEGORIES= archivers -MASTER_SITES= SF/${PORTNAME}/${PORTNAME}/2.78_3.10%20build%2022 +MASTER_SITES= SF/${PORTNAME}/${PORTNAME}/2.78_3.10%20build%2022:source \ + DEBIAN_POOL:patch +DISTFILES= ${PORTNAME}-${PORTVERSION}.tar.gz:source \ + ${PORTNAME}_${PORTVERSION}-16.debian.tar.xz:patch MAINTAINER= garga@FreeBSD.org COMMENT= Open source implementation of the ARJ archiver @@ -14,6 +17,17 @@ LICENSE= GPLv2 PORTSCOUT= skipv:3.10g +EXTRA_PATCHES= ${WRKDIR}/debian/patches/*.patch +IGNORE_PATCHES= 002_no_remove_static_const.patch \ + doc_refer_robert_k_jung.patch \ + gnu_build_cross.patch \ + gnu_build_fix.patch \ + gnu_build_flags.patch \ + gnu_build_pie.patch \ + gnu_build_strip.patch \ + hurd_no_fcntl_getlk.patch +PATCH_STRIP= -p1 + USES= alias gmake USE_AUTOTOOLS= autoconf CONFIGURE_WRKSRC= ${WRKSRC}/gnu @@ -21,7 +35,6 @@ MAKEFILE= GNUmakefile MAKE_ARGS= LOCALE="${LANGUAGE}" ALL_TARGET= prepare all STRIP= # empty -MAKE_JOBS_UNSAFE= yes CFLAGS+= -fPIC LANGUAGE?= en @@ -29,6 +42,9 @@ LANGUAGE?= en PORTDOCS= * OPTIONS_DEFINE= DOCS + +pre-patch: + @${RM} ${IGNORE_PATCHES:S,^,${WRKDIR}/debian/patches/,} post-patch: @${REINPLACE_CMD} -e 's!/etc!${LOCALBASE}/etc!' \ Modified: head/archivers/arj/distinfo ============================================================================== --- head/archivers/arj/distinfo Thu Oct 19 13:33:34 2017 (r452420) +++ head/archivers/arj/distinfo Thu Oct 19 13:47:42 2017 (r452421) @@ -1,2 +1,5 @@ +TIMESTAMP = 1508345026 SHA256 (arj-3.10.22.tar.gz) = 589e4c9bccc8669e7b6d8d6fcd64e01f6a2c21fe10aad56a83304ecc3b96a7db SIZE (arj-3.10.22.tar.gz) = 431467 +SHA256 (arj_3.10.22-16.debian.tar.xz) = 2d9cc5aeb2ac44d000d2e3399846f1c3ce468e17e3af4bfb505b9a6eaf88a502 +SIZE (arj_3.10.22-16.debian.tar.xz) = 19452 Added: head/archivers/arj/files/patch-arjtypes.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/archivers/arj/files/patch-arjtypes.c Thu Oct 19 13:47:42 2017 (r452421) @@ -0,0 +1,15 @@ +--- arjtypes.c 2005-06-23 UTC ++++ arjtypes.c +@@ -138,8 +138,11 @@ static int isleapyear(int year) + static unsigned long ts_unix2dos(const long ts) + { + struct tm *stm; ++ time_t _ts; + +- stm=arj_localtime((time_t*)&ts); ++ _ts = ts; ++ ++ stm=arj_localtime(&_ts); + return(get_tstamp(stm->tm_year+1900, stm->tm_mon+1, stm->tm_mday, + stm->tm_hour, stm->tm_min, stm->tm_sec)); + }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201710191347.v9JDlgXC064385>