[arch-commits] Commit in kdelibs/repos (4 files)
Pierre Schmitz
pierre at archlinux.org
Mon Nov 23 15:50:40 UTC 2009
Date: Monday, November 23, 2009 @ 10:50:40
Author: pierre
Revision: 59399
Merged revisions 59397-59398 via svnmerge from
svn+ssh://gerolde.archlinux.org/srv/svn-packages/kdelibs/trunk
........
r59397 | pierre | 2009-11-23 16:11:15 +0100 (Mo, 23 Nov 2009) | 1 line
fix CVE-2009-0689
........
r59398 | andrea | 2009-11-23 16:16:20 +0100 (Mo, 23 Nov 2009) | 1 line
fix missing headers
........
Added:
kdelibs/repos/extra-x86_64/CVE-2009-0689.patch
(from rev 59398, kdelibs/trunk/CVE-2009-0689.patch)
kdelibs/repos/extra-x86_64/fix-glibc-2.11.patch
(from rev 59398, kdelibs/trunk/fix-glibc-2.11.patch)
Modified:
kdelibs/repos/extra-x86_64/ (properties)
kdelibs/repos/extra-x86_64/PKGBUILD
----------------------+
CVE-2009-0689.patch | 13 +++
PKGBUILD | 16 +++-
fix-glibc-2.11.patch | 165 +++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 191 insertions(+), 3 deletions(-)
Property changes on: kdelibs/repos/extra-x86_64
___________________________________________________________________
Modified: svnmerge-integrated
- /kdelibs/trunk:1-57874
+ /kdelibs/trunk:1-59398
Copied: kdelibs/repos/extra-x86_64/CVE-2009-0689.patch (from rev 59398, kdelibs/trunk/CVE-2009-0689.patch)
===================================================================
--- extra-x86_64/CVE-2009-0689.patch (rev 0)
+++ extra-x86_64/CVE-2009-0689.patch 2009-11-23 15:50:40 UTC (rev 59399)
@@ -0,0 +1,13 @@
+Index: kjs/dtoa.cpp
+===================================================================
+--- kjs/dtoa.cpp (Revision 1052099)
++++ kjs/dtoa.cpp (Revision 1052100)
+@@ -457,7 +457,7 @@
+ #define FREE_DTOA_LOCK(n) /*nothing*/
+ #endif
+
+-#define Kmax 15
++#define Kmax (sizeof(size_t) << 3)
+
+ struct
+ Bigint {
Modified: extra-x86_64/PKGBUILD
===================================================================
--- extra-x86_64/PKGBUILD 2009-11-23 15:16:20 UTC (rev 59398)
+++ extra-x86_64/PKGBUILD 2009-11-23 15:50:40 UTC (rev 59399)
@@ -3,7 +3,7 @@
pkgname=kdelibs
pkgver=4.3.3
-pkgrel=1
+pkgrel=2
pkgdesc="KDE Core Libraries"
arch=('i686' 'x86_64')
url='http://www.kde.org'
@@ -15,15 +15,25 @@
replaces=('arts')
install='kdelibs.install'
source=(http://download.kde.org/stable/${pkgver}/src/${pkgname}-${pkgver}.tar.bz2
- 'kde-applications-menu.patch' 'archlinux-menu.patch' 'abs-syntax-highlight.patch')
+ 'kde-applications-menu.patch' 'archlinux-menu.patch' 'abs-syntax-highlight.patch'
+ 'CVE-2009-0689.patch'
+ 'fix-glibc-2.11.patch')
md5sums=('20fd3793d9d23088ecb1d5aed0254216'
'280f34ee159845f8902c31bd499254fc'
'0f214b222bfb0327e7a2b6fb13756895'
- '18ea42696a7f41332a092d6ead7efc6a')
+ '18ea42696a7f41332a092d6ead7efc6a'
+ 'ec70af24f769f17082a9ab69dc1e24e9'
+ 'ed737b0b9d14f6f13d150121f088290c')
build() {
cd $srcdir/${pkgname}-${pkgver}
+ # see http://securityreason.com/it_news/0/0x31
+ # will be fixed in 4.3.4
+ patch -p0 -i $srcdir/CVE-2009-0689.patch || return 1
+ # see https://bugs.kde.org/show_bug.cgi?id=213223
+ patch -p0 -i ${srcdir}/fix-glibc-2.11.patch || return 1
+
# avoid file conflict with gnome-menu
patch -p1 -i $srcdir/kde-applications-menu.patch
# add Archlinux menu entry
Copied: kdelibs/repos/extra-x86_64/fix-glibc-2.11.patch (from rev 59398, kdelibs/trunk/fix-glibc-2.11.patch)
===================================================================
--- extra-x86_64/fix-glibc-2.11.patch (rev 0)
+++ extra-x86_64/fix-glibc-2.11.patch 2009-11-23 15:50:40 UTC (rev 59399)
@@ -0,0 +1,165 @@
+Index: kdecore/fakes.c
+===================================================================
+--- kdecore/fakes.c (revision 1046198)
++++ kdecore/fakes.c (revision 1046199)
+@@ -31,7 +31,7 @@
+
+
+ #define KDE_open open
+-#define KDE_mkdir mkdir
++#define KDE_mkdir mkdir
+
+
+ #ifndef HAVE_SETENV
+@@ -39,10 +39,15 @@
+ #ifdef HAVE_ALLOCA_H
+ #include <alloca.h>
+ #endif
+-
++#ifdef HAVE_STRING_H
+ #include <string.h>
++#endif
++#ifdef HAVE_STDLIB_H
+ #include <stdlib.h>
++#endif
++#ifdef HAVE_UNISTD_H
+ #include <unistd.h>
++#endif
+
+ KDECORE_EXPORT int setenv(const char *name, const char *value, int overwrite) {
+ int i;
+@@ -67,11 +72,18 @@
+ #ifdef HAVE_ALLOCA_H
+ #include <alloca.h>
+ #endif
+-
++#ifdef HAVE_STRING_H
+ #include <string.h>
++#endif
++#ifdef HAVE_STDLIB_H
+ #include <stdlib.h>
++#endif
++#ifdef HAVE_ERRNO_H
+ #include <errno.h>
++#endif
++#ifdef HAVE_UNISTD_H
+ #include <unistd.h>
++#endif
+
+ #ifndef environ
+ extern char ** environ;
+@@ -154,24 +166,32 @@
+ {
+ srand48(seed);
+ }
+-#endif
++#endif /* !HAVE_RANDOM */
+
+ #ifndef HAVE_SETEUID
+ int seteuid(uid_t euid)
+ {
+ return setreuid(-1, euid); /* Well, if you have neither you are in trouble :) */
+ }
+-#endif
++#endif /* !HAVE_SETEUID */
+
+ #ifndef HAVE_MKSTEMPS
++#ifdef HAVE_SYS_TYPES_H
+ #include <sys/types.h>
++#endif
+ #ifdef HAVE_SYS_STAT_H
+ #include <sys/stat.h>
+ #endif
+ #include <fcntl.h>
++#ifdef HAVE_STRING_H
+ #include <string.h>
++#endif
++#ifdef HAVE_STRINGS_H
+ #include <strings.h>
++#endif
++#ifdef HAVE_STDLIB_H
+ #include <stdlib.h>
++#endif
+
+ /* this is based on code taken from the GNU libc, distributed under the LGPL license */
+
+@@ -244,12 +264,14 @@
+ {
+ return mkstemps( _template, 0 );
+ }
+-#endif
++#endif /* !HAVE_MKSTEMP */
+
+ #ifndef HAVE_MKDTEMP
+
+ #ifndef HAVE_MKSTEMPS
++#ifdef HAVE_SYS_TYPES_H
+ #include <sys/types.h>
++#endif
+ #ifdef HAVE_SYS_STAT_H
+ #include <sys/stat.h>
+ #endif
+@@ -306,13 +328,18 @@
+ value += 7777;
+
+ if (!KDE_mkdir(_template,0700))
+- return _template;
++ return _template;
+ }
+ return 0;
+ }
+ #endif /* !HAVE_MKDTEMP */
+
+ #ifndef HAVE_STRLCPY
++
++#ifdef HAVE_STRING_H
++#include <string.h>
++#endif
++
+ KDECORE_EXPORT unsigned long strlcpy(char* d, const char* s, unsigned long bufsize)
+ {
+ unsigned long len, ret = strlen(s);
+@@ -325,12 +352,17 @@
+ }
+ } else
+ memcpy(d, s, ret + 1);
+-
++
+ return ret;
+ }
++#endif /* !HAVE_STRLCPY */
++
++#ifndef HAVE_STRLCAT
++
++#ifdef HAVE_STRING_H
++#include <string.h>
+ #endif
+
+-#ifndef HAVE_STRLCAT
+ KDECORE_EXPORT unsigned long strlcat(char* d, const char* s, unsigned long bufsize)
+ {
+ char *cp;
+@@ -350,7 +382,7 @@
+
+ return ret;
+ }
+-#endif
++#endif /* !HAVE_STRLCAT */
+
+ #ifndef HAVE_STRCASESTR
+ /*
+@@ -450,7 +482,7 @@
+ ret0:
+ return 0;
+ }
+-#endif
++#endif /* !HAVE_STRCASESTR */
+
+ #ifndef HAVE_TRUNC
+
+@@ -467,4 +499,4 @@
+ {
+ return x < 0 ? -floor(-x) : floor(x);
+ }
+-#endif
++#endif /* !HAVE_TRUNC */
More information about the arch-commits
mailing list