pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

update sysutils/file to 5.17 (patch)



Hello,

please find attached a patch to update sysutils/file to version 5.17.
Version 5.11 has an audit message:

    Package file-5.11 has a denial-of-service vulnerability, see
    http://mx.gw.com/pipermail/file/2014/001340.html

I am unsure if buildlink3.mk also needs to be updated, it adds
requirements for "file>=4.17", maybe that should read "file>=5.17"?

Patch "patch-file-getline-public" re-adds the "public" keyword to the
getline() function in getline.c that was still there with file-5.11.

Matthias
diff -uNrwb pkgsrc/sysutils/file-5.11/Makefile pkgsrc/sysutils/file/Makefile
--- pkgsrc/sysutils/file-5.11/Makefile  2012-10-24 05:25:30.000000000 +0200
+++ pkgsrc/sysutils/file/Makefile       2014-03-06 19:47:19.000000000 +0100
@@ -1,6 +1,6 @@
 # $NetBSD: Makefile,v 1.28 2012/10/23 19:51:01 asau Exp $
 
-DISTNAME=              file-5.11
+DISTNAME=              file-5.17
 CATEGORIES=            sysutils
 MASTER_SITES=          ftp://ftp.astron.com/pub/file/
 
diff -uNrwb pkgsrc/sysutils/file-5.11/distinfo pkgsrc/sysutils/file/distinfo
--- pkgsrc/sysutils/file-5.11/distinfo  2012-03-30 17:25:21.000000000 +0200
+++ pkgsrc/sysutils/file/distinfo       2014-03-06 20:25:59.000000000 +0100
@@ -1,6 +1,8 @@
 $NetBSD: distinfo,v 1.14 2012/03/30 03:53:54 taca Exp $
 
-SHA1 (file-5.11.tar.gz) = df8ffe8759ec8cd85a98dc98e858563ea2555f64
-RMD160 (file-5.11.tar.gz) = 68885d838c1f3836e6fada4c4ea6c88c8699fdf2
-Size (file-5.11.tar.gz) = 610019 bytes
-SHA1 (patch-aa) = 6ec37d8666176693c5ead69333cf27f10664e630
+SHA1 (file-5.17.tar.gz) = f7e837a0d3e4f40a02ffe7da5e146b967448e0d8
+RMD160 (file-5.17.tar.gz) = 288210bdb07b3b8aa61affa3fb8b2d64a7e021da
+Size (file-5.17.tar.gz) = 709991 bytes
+SHA1 (patch-aa) = 187f91dbb5142067c644d55082c28f9ff19c6ba5
+SHA1 (patch-file-getline-public) = c01146c77573fd2ba14e0be06f5c0d9a8a9fd60d
+
diff -uNrwb pkgsrc/sysutils/file-5.11/patches/patch-aa 
pkgsrc/sysutils/file/patches/patch-aa
--- pkgsrc/sysutils/file-5.11/patches/patch-aa  2012-03-30 17:25:21.000000000 
+0200
+++ pkgsrc/sysutils/file/patches/patch-aa       2014-03-06 20:25:39.000000000 
+0100
@@ -1,10 +1,6 @@
-$NetBSD: patch-aa,v 1.6 2012/03/30 03:53:54 taca Exp $
-
-Make pkgsrc file look in @sysconfdir@/magic first.
-
---- src/Makefile.in.orig       2012-02-21 19:17:04.000000000 +0000
-+++ src/Makefile.in
-@@ -240,10 +240,10 @@ target_alias = @target_alias@
+--- src/Makefile.in.orig       2014-02-13 00:29:38.000000000 +0100
++++ src/Makefile.in    2014-03-06 20:10:48.215956295 +0100
+@@ -326,10 +326,10 @@
  top_build_prefix = @top_build_prefix@
  top_builddir = @top_builddir@
  top_srcdir = @top_srcdir@
@@ -14,6 +10,6 @@
  include_HEADERS = magic.h
 -AM_CPPFLAGS = -DMAGIC='"$(MAGIC)"'
 +AM_CPPFLAGS = -DMAGIC='"$(MAGIC):$(pkgdatadir)/magic"'
- AM_CFLAGS = @WARNINGS@
+ AM_CFLAGS = $(CFLAG_VISIBILITY) @WARNINGS@
  libmagic_la_SOURCES = magic.c apprentice.c softmagic.c ascmagic.c \
        encoding.c compress.c is_tar.c readelf.c print.c fsmagic.c \
diff -uNrwb pkgsrc/sysutils/file-5.11/patches/patch-file-getline-public 
pkgsrc/sysutils/file/patches/patch-file-getline-public
--- pkgsrc/sysutils/file-5.11/patches/patch-file-getline-public 1970-01-01 
01:00:00.000000000 +0100
+++ pkgsrc/sysutils/file/patches/patch-file-getline-public      2014-03-06 
18:20:29.000000000 +0100
@@ -0,0 +1,11 @@
+--- src/getline.c.orig 2013-01-11 20:36:54.000000000 +0100
++++ src/getline.c      2014-03-06 18:18:30.000000000 +0100
+@@ -76,7 +76,7 @@
+       }
+ }
+ 
+-ssize_t
++public ssize_t
+ getline(char **buf, size_t *bufsiz, FILE *fp)
+ {
+       return getdelim(buf, bufsiz, '\n', fp);


Home | Main Index | Thread Index | Old Index