SECURITY update to 1.0.4:
* Fix file permissions race problem (CVE-2005-0953). * Avoid possible segfault in BZ2_bzclose. * Sanitise file names more carefully in bzgrep. Fixes CVE-2005-0758 to the extent that applies to bzgrep. * Use 'mktemp' rather than 'tempfile' in bzdiff. * Tighten up a couple of assertions in blocksort.c following automated analysis.
This commit is contained in:
parent
1964826b56
commit
4ec1f15ebe
@ -1,12 +1,12 @@
|
||||
# $OpenBSD: Makefile,v 1.53 2006/02/03 20:00:33 steven Exp $
|
||||
# $OpenBSD: Makefile,v 1.54 2007/01/25 21:08:22 naddy Exp $
|
||||
|
||||
COMMENT= "block-sorting file compressor, unencumbered"
|
||||
|
||||
VERSION= 1.0.3
|
||||
VERSION= 1.0.4
|
||||
DISTNAME= bzip2-${VERSION}
|
||||
CATEGORIES= archivers
|
||||
MASTER_SITES= ${HOMEPAGE}${VERSION}/
|
||||
SHARED_LIBS= bz2 10.3
|
||||
SHARED_LIBS= bz2 10.4
|
||||
|
||||
HOMEPAGE= http://www.bzip.org/
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
MD5 (bzip2-1.0.3.tar.gz) = 8a716bebecb6e647d2e8a29ea5d8447f
|
||||
RMD160 (bzip2-1.0.3.tar.gz) = 7ac2a122c254d1fcd54ca8af96a1814e9e245a1a
|
||||
SHA1 (bzip2-1.0.3.tar.gz) = 7e749510f65c86fbfff37b97144a02f1b8b8617f
|
||||
SIZE (bzip2-1.0.3.tar.gz) = 669075
|
||||
MD5 (bzip2-1.0.4.tar.gz) = fc310b254f6ba5fbb5da018f04533688
|
||||
RMD160 (bzip2-1.0.4.tar.gz) = 438365cb911ef84b3bd6643e0d39f6b7567f0447
|
||||
SHA1 (bzip2-1.0.4.tar.gz) = f2388ec8f2c506e02aa89e67577b3c6331cbaa4c
|
||||
SIZE (bzip2-1.0.4.tar.gz) = 841221
|
||||
|
@ -1,12 +1,12 @@
|
||||
$OpenBSD: patch-Makefile,v 1.10 2005/12/23 13:57:21 espie Exp $
|
||||
--- Makefile.orig Thu Feb 17 12:28:24 2005
|
||||
+++ Makefile Thu Dec 22 09:39:51 2005
|
||||
@@ -10,10 +10,9 @@ LDFLAGS=
|
||||
$OpenBSD: patch-Makefile,v 1.11 2007/01/25 21:08:22 naddy Exp $
|
||||
--- Makefile.orig Tue Jan 23 21:27:43 2007
|
||||
+++ Makefile Tue Jan 23 21:35:18 2007
|
||||
@@ -23,10 +23,9 @@ LDFLAGS=
|
||||
BIGFILES=-D_FILE_OFFSET_BITS=64
|
||||
CFLAGS=-Wall -Winline -O -g $(BIGFILES)
|
||||
CFLAGS=-Wall -Winline -O2 -g $(BIGFILES)
|
||||
|
||||
-# Where you want it installed when you do 'make install'
|
||||
-PREFIX=/usr
|
||||
-PREFIX=/usr/local
|
||||
+PICFLAG= -fpic
|
||||
+SHLIB= libbz2.so.${LIBbz2_VERSION}
|
||||
|
||||
@ -14,7 +14,7 @@ $OpenBSD: patch-Makefile,v 1.10 2005/12/23 13:57:21 espie Exp $
|
||||
OBJS= blocksort.o \
|
||||
huffman.o \
|
||||
crctable.o \
|
||||
@@ -21,10 +20,17 @@ OBJS= blocksort.o \
|
||||
@@ -34,10 +33,17 @@ OBJS= blocksort.o \
|
||||
compress.o \
|
||||
decompress.o \
|
||||
bzlib.o
|
||||
@ -33,7 +33,7 @@ $OpenBSD: patch-Makefile,v 1.10 2005/12/23 13:57:21 espie Exp $
|
||||
$(CC) $(CFLAGS) $(LDFLAGS) -o bzip2 bzip2.o -L. -lbz2
|
||||
|
||||
bzip2recover: bzip2recover.o
|
||||
@@ -39,66 +45,61 @@ libbz2.a: $(OBJS)
|
||||
@@ -52,66 +58,61 @@ libbz2.a: $(OBJS)
|
||||
$(RANLIB) libbz2.a ; \
|
||||
fi
|
||||
|
||||
@ -91,14 +91,14 @@ $OpenBSD: patch-Makefile,v 1.10 2005/12/23 13:57:21 espie Exp $
|
||||
- cp -f libbz2.a $(PREFIX)/lib
|
||||
- chmod a+r $(PREFIX)/lib/libbz2.a
|
||||
- cp -f bzgrep $(PREFIX)/bin/bzgrep
|
||||
- ln $(PREFIX)/bin/bzgrep $(PREFIX)/bin/bzegrep
|
||||
- ln $(PREFIX)/bin/bzgrep $(PREFIX)/bin/bzfgrep
|
||||
- ln -s -f $(PREFIX)/bin/bzgrep $(PREFIX)/bin/bzegrep
|
||||
- ln -s -f $(PREFIX)/bin/bzgrep $(PREFIX)/bin/bzfgrep
|
||||
- chmod a+x $(PREFIX)/bin/bzgrep
|
||||
- cp -f bzmore $(PREFIX)/bin/bzmore
|
||||
- ln $(PREFIX)/bin/bzmore $(PREFIX)/bin/bzless
|
||||
- ln -s -f $(PREFIX)/bin/bzmore $(PREFIX)/bin/bzless
|
||||
- chmod a+x $(PREFIX)/bin/bzmore
|
||||
- cp -f bzdiff $(PREFIX)/bin/bzdiff
|
||||
- ln $(PREFIX)/bin/bzdiff $(PREFIX)/bin/bzcmp
|
||||
- ln -s -f $(PREFIX)/bin/bzdiff $(PREFIX)/bin/bzcmp
|
||||
- chmod a+x $(PREFIX)/bin/bzdiff
|
||||
- cp -f bzgrep.1 bzmore.1 bzdiff.1 $(PREFIX)/man/man1
|
||||
- chmod a+r $(PREFIX)/man/man1/bzgrep.1
|
||||
|
Loading…
Reference in New Issue
Block a user