OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 23-Nov-2006 18:15:40
Branch: HEAD Handle: 2006112317154000
Modified files:
openpkg-src/gzip gzip.patch gzip.spec
Log:
upgrading package: gzip 1.3.5 -> 1.3.6
Summary:
Revision Changes Path
1.6 +16 -70 openpkg-src/gzip/gzip.patch
1.41 +4 -3 openpkg-src/gzip/gzip.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/gzip/gzip.patch
============================================================================
$ cvs diff -u -r1.5 -r1.6 gzip.patch
--- openpkg-src/gzip/gzip.patch 20 Sep 2006 11:22:27 -0000 1.5
+++ openpkg-src/gzip/gzip.patch 23 Nov 2006 17:15:40 -0000 1.6
@@ -1,19 +1,3 @@
---- znew.in.orig Fri Sep 27 08:17:09 2002
-+++ znew.in Tue Jun 10 16:30:29 2003
-@@ -16,8 +16,8 @@
- warn="(does not preserve modes and timestamp)"
- tmp=/tmp/zfoo.$$
- set -C
--echo hi > $tmp.1
--echo hi > $tmp.2
-+echo hi > $tmp.1 || exit 1
-+echo hi > $tmp.2 || exit 1
- if test -z "`(${CPMOD-cpmod} $tmp.1 $tmp.2) 2>&1`"; then
- cpmod=${CPMOD-cpmod}
- warn=""
-
------------------------------------------------------------------------------
-
Security Fix
Index: gzip.c
@@ -31,42 +15,16 @@
-----------------------------------------------------------------------------
-Security Fix
-
-Index: gzip.c
---- gzip.c.orig 2002-09-28 09:38:43.000000000 +0200
-+++ gzip.c 2005-07-24 18:20:41.621179000 +0200
-@@ -1225,6 +1225,7 @@
- char magic[2]; /* magic header */
- int imagic1; /* like magic[1], but can represent EOF */
- ulg stamp; /* time stamp */
-+ char *base2;
-
- /* If --force and --stdout, zcat == cat, so do not complain about
- * premature end of file: use try_byte instead of get_byte.
-@@ -1324,6 +1325,8 @@
- error("corrupted input -- file name too large");
- }
- }
-+ base2 = base_name (base);
-+ strcpy(base, base2);
- /* If necessary, adapt the name to local OS conventions: */
- if (!list) {
- MAKE_LEGAL_NAME(base);
-
------------------------------------------------------------------------------
-
Security Fixes
-- NULL dereference (CVE-2006-4334)
- OOB write (CVE-2006-4335)
- Buffer underflow (CVE-2006-4336)
- Buffer overflow (CVE-2006-4337)
- Infinite loop (CVE-2006-4338)
Index: gzip.h
---- gzip.h.orig 2001-10-01 08:53:41 +0200
-+++ gzip.h 2006-09-20 12:53:27 +0200
-@@ -198,6 +198,8 @@
+--- gzip.h.orig 2006-11-20 09:40:33 +0100
++++ gzip.h 2006-11-23 17:49:52 +0100
+@@ -220,6 +220,8 @@
extern int to_stdout; /* output to stdout (-c) */
extern int save_orig_name; /* set if original name must be saved */
@@ -75,22 +33,10 @@
#define get_byte() (inptr < insize ? inbuf[inptr++] : fill_inbuf(0))
#define try_byte() (inptr < insize ? inbuf[inptr++] : fill_inbuf(1))
-Index: inflate.c
---- inflate.c.orig 2002-09-25 23:20:13 +0200
-+++ inflate.c 2006-09-20 12:50:53 +0200
-@@ -337,7 +337,7 @@
- {
- *t = (struct huft *)NULL;
- *m = 0;
-- return 0;
-+ return 2;
- }
-
-
Index: unlzh.c
---- unlzh.c.orig 1999-10-06 07:00:00 +0200
-+++ unlzh.c 2006-09-20 12:56:33 +0200
-@@ -149,12 +149,17 @@
+--- unlzh.c.orig 2006-11-20 09:40:34 +0100
++++ unlzh.c 2006-11-23 18:02:12 +0100
+@@ -145,12 +145,17 @@
unsigned i, k, len, ch, jutbits, avail, nextcode, mask;
for (i = 1; i <= 16; i++) count[i] = 0;
@@ -107,10 +53,10 @@
start[i + 1] = start[i] + (count[i] << (16 - i));
- if ((start[17] & 0xffff) != 0)
+ if ((start[17] & 0xffff) != 0 || tablebits > 16) /* 16 for weight below
*/
- error("Bad table\n");
+ gzip_error ("Bad table\n");
jutbits = 16 - tablebits;
-@@ -169,15 +174,15 @@
+@@ -165,15 +170,15 @@
i = start[tablebits + 1] >> jutbits;
if (i != 0) {
@@ -127,9 +73,9 @@
- nextcode = start[len] + weight[len];
+ nextcode = MIN(start[len] + weight[len], DIST_BUFSIZE);
if (len <= (unsigned)tablebits) {
- for (i = start[len]; i < nextcode; i++) table[i] = ch;
- } else {
-@@ -218,7 +223,7 @@
+ if ((unsigned) 1 << tablebits < nextcode)
+ gzip_error ("Bad table\n");
+@@ -216,7 +221,7 @@
for (i = 0; i < 256; i++) pt_table[i] = c;
} else {
i = 0;
@@ -218,9 +164,9 @@
}
}
Index: unpack.c
---- unpack.c.orig 1999-10-06 07:00:00 +0200
-+++ unpack.c 2006-09-20 12:50:53 +0200
-@@ -13,7 +13,6 @@
+--- unpack.c.orig 2006-11-20 09:40:34 +0100
++++ unpack.c 2006-11-23 17:49:52 +0100
+@@ -26,7 +26,6 @@
#include "gzip.h"
#include "crypt.h"
@@ -228,7 +174,7 @@
/* The arguments must not have side effects. */
#define MAX_BITLEN 25
-@@ -133,7 +132,7 @@
+@@ -150,7 +149,7 @@
/* Remember where the literals of this length start in literal[] : */
lit_base[len] = base;
/* And read the literals: */
@@ -237,7 +183,7 @@
literal[base++] = (uch)get_byte();
}
}
-@@ -169,7 +168,7 @@
+@@ -186,7 +185,7 @@
prefixp = &prefix_len[1<<peek_bits];
for (len = 1; len <= peek_bits; len++) {
int prefixes = leaves[len] << (peek_bits-len); /* may be 0 */
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/gzip/gzip.spec
============================================================================
$ cvs diff -u -r1.40 -r1.41 gzip.spec
--- openpkg-src/gzip/gzip.spec 13 Oct 2006 17:28:43 -0000 1.40
+++ openpkg-src/gzip/gzip.spec 23 Nov 2006 17:15:40 -0000 1.41
@@ -32,8 +32,8 @@
Class: CORE
Group: Compression
License: GPL
-Version: 1.3.5
-Release: 20061013
+Version: 1.3.6
+Release: 20061123
# list of sources
Source0: ftp://alpha.gnu.org/gnu/gzip/gzip-%{version}.tar.gz
@@ -75,7 +75,8 @@
CFLAGS="%{l_cflags -O}" \
./configure \
--cache-file=./config.cache \
- --prefix=%{l_prefix}
+ --prefix=%{l_prefix} \
+ --datarootdir=%{l_prefix}
# build package
%{l_make} %{l_mflags -O}
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [email protected]
