[arch-commits] Commit in kdelibs/repos (4 files)

Andrea Scarpino andrea at archlinux.org
Mon Nov 23 11:29:19 EST 2009


    Date: Monday, November 23, 2009 @ 11:29:19
  Author: andrea
Revision: 59400

Merged revisions 59397-59398 via svnmerge from 
svn+ssh://gerolde.archlinux.org/srv/svn-packages/kdelibs/trunk

........
  r59397 | pierre | 2009-11-23 16:11:15 +0100 (Mon, 23 Nov 2009) | 1 line
  
  fix CVE-2009-0689
........
  r59398 | andrea | 2009-11-23 16:16:20 +0100 (Mon, 23 Nov 2009) | 1 line
  
  fix missing headers
........

Added:
  kdelibs/repos/extra-i686/CVE-2009-0689.patch
    (from rev 59398, kdelibs/trunk/CVE-2009-0689.patch)
  kdelibs/repos/extra-i686/fix-glibc-2.11.patch
    (from rev 59398, kdelibs/trunk/fix-glibc-2.11.patch)
Modified:
  kdelibs/repos/extra-i686/	(properties)
  kdelibs/repos/extra-i686/PKGBUILD

----------------------+
 CVE-2009-0689.patch  |   13 +++
 PKGBUILD             |   16 +++-
 fix-glibc-2.11.patch |  165 +++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 191 insertions(+), 3 deletions(-)


Property changes on: kdelibs/repos/extra-i686
___________________________________________________________________
Modified: svnmerge-integrated
   - /kdelibs/trunk:1-57959
   + /kdelibs/trunk:1-59399

Copied: kdelibs/repos/extra-i686/CVE-2009-0689.patch (from rev 59398, kdelibs/trunk/CVE-2009-0689.patch)
===================================================================
--- extra-i686/CVE-2009-0689.patch	                        (rev 0)
+++ extra-i686/CVE-2009-0689.patch	2009-11-23 16:29:19 UTC (rev 59400)
@@ -0,0 +1,13 @@
+Index: kjs/dtoa.cpp
+===================================================================
+--- kjs/dtoa.cpp	(Revision 1052099)
++++ kjs/dtoa.cpp	(Revision 1052100)
+@@ -457,7 +457,7 @@
+ #define FREE_DTOA_LOCK(n)	/*nothing*/
+ #endif
+ 
+-#define Kmax 15
++#define Kmax (sizeof(size_t) << 3)
+ 
+  struct
+ Bigint {

Modified: extra-i686/PKGBUILD
===================================================================
--- extra-i686/PKGBUILD	2009-11-23 15:50:40 UTC (rev 59399)
+++ extra-i686/PKGBUILD	2009-11-23 16:29:19 UTC (rev 59400)
@@ -3,7 +3,7 @@
 
 pkgname=kdelibs
 pkgver=4.3.3
-pkgrel=1
+pkgrel=2
 pkgdesc="KDE Core Libraries"
 arch=('i686' 'x86_64')
 url='http://www.kde.org'
@@ -15,15 +15,25 @@
 replaces=('arts')
 install='kdelibs.install'
 source=(http://download.kde.org/stable/${pkgver}/src/${pkgname}-${pkgver}.tar.bz2
-        'kde-applications-menu.patch' 'archlinux-menu.patch' 'abs-syntax-highlight.patch')
+        'kde-applications-menu.patch' 'archlinux-menu.patch' 'abs-syntax-highlight.patch'
+        'CVE-2009-0689.patch'
+	'fix-glibc-2.11.patch')
 md5sums=('20fd3793d9d23088ecb1d5aed0254216'
          '280f34ee159845f8902c31bd499254fc'
          '0f214b222bfb0327e7a2b6fb13756895'
-         '18ea42696a7f41332a092d6ead7efc6a')
+         '18ea42696a7f41332a092d6ead7efc6a'
+         'ec70af24f769f17082a9ab69dc1e24e9'
+	 'ed737b0b9d14f6f13d150121f088290c')
 
 build() {
 	cd $srcdir/${pkgname}-${pkgver}
 
+	# see http://securityreason.com/it_news/0/0x31
+	# will be fixed in 4.3.4
+	patch -p0 -i $srcdir/CVE-2009-0689.patch || return 1
+	# see https://bugs.kde.org/show_bug.cgi?id=213223
+	patch -p0 -i ${srcdir}/fix-glibc-2.11.patch || return 1
+	
 	# avoid file conflict with gnome-menu
 	patch -p1 -i $srcdir/kde-applications-menu.patch
 	# add Archlinux menu entry

Copied: kdelibs/repos/extra-i686/fix-glibc-2.11.patch (from rev 59398, kdelibs/trunk/fix-glibc-2.11.patch)
===================================================================
--- extra-i686/fix-glibc-2.11.patch	                        (rev 0)
+++ extra-i686/fix-glibc-2.11.patch	2009-11-23 16:29:19 UTC (rev 59400)
@@ -0,0 +1,165 @@
+Index: kdecore/fakes.c
+===================================================================
+--- kdecore/fakes.c	(revision 1046198)
++++ kdecore/fakes.c	(revision 1046199)
+@@ -31,7 +31,7 @@
+ 
+ 
+ #define KDE_open open
+-#define KDE_mkdir mkdir 
++#define KDE_mkdir mkdir
+ 
+ 
+ #ifndef HAVE_SETENV
+@@ -39,10 +39,15 @@
+ #ifdef HAVE_ALLOCA_H
+ #include <alloca.h>
+ #endif
+-
++#ifdef HAVE_STRING_H
+ #include <string.h>
++#endif
++#ifdef HAVE_STDLIB_H
+ #include <stdlib.h>
++#endif
++#ifdef HAVE_UNISTD_H
+ #include <unistd.h>
++#endif
+ 
+ KDECORE_EXPORT int setenv(const char *name, const char *value, int overwrite) {
+     int i;
+@@ -67,11 +72,18 @@
+ #ifdef HAVE_ALLOCA_H
+ #include <alloca.h>
+ #endif
+-
++#ifdef HAVE_STRING_H
+ #include <string.h>
++#endif
++#ifdef HAVE_STDLIB_H
+ #include <stdlib.h>
++#endif
++#ifdef HAVE_ERRNO_H
+ #include <errno.h>
++#endif
++#ifdef HAVE_UNISTD_H
+ #include <unistd.h>
++#endif
+ 
+ #ifndef environ
+ extern char ** environ;
+@@ -154,24 +166,32 @@
+ {
+     srand48(seed);
+ }
+-#endif
++#endif /* !HAVE_RANDOM */
+ 
+ #ifndef HAVE_SETEUID
+ int seteuid(uid_t euid)
+ {
+     return setreuid(-1, euid); /* Well, if you have neither you are in trouble :) */
+ }
+-#endif
++#endif /* !HAVE_SETEUID */
+ 
+ #ifndef HAVE_MKSTEMPS
++#ifdef HAVE_SYS_TYPES_H
+ #include <sys/types.h>
++#endif
+ #ifdef HAVE_SYS_STAT_H
+ #include <sys/stat.h>
+ #endif
+ #include <fcntl.h>
++#ifdef HAVE_STRING_H
+ #include <string.h>
++#endif
++#ifdef HAVE_STRINGS_H
+ #include <strings.h>
++#endif
++#ifdef HAVE_STDLIB_H
+ #include <stdlib.h>
++#endif
+ 
+ /* this is based on code taken from the GNU libc, distributed under the LGPL license */
+ 
+@@ -244,12 +264,14 @@
+ {
+   return mkstemps( _template, 0 );
+ }
+-#endif
++#endif /* !HAVE_MKSTEMP */
+ 
+ #ifndef HAVE_MKDTEMP
+ 
+ #ifndef HAVE_MKSTEMPS
++#ifdef HAVE_SYS_TYPES_H
+ #include <sys/types.h>
++#endif
+ #ifdef HAVE_SYS_STAT_H
+ #include <sys/stat.h>
+ #endif
+@@ -306,13 +328,18 @@
+       value += 7777;
+ 
+       if (!KDE_mkdir(_template,0700))
+-	return _template;	
++	return _template;
+     }
+     return 0;
+ }
+ #endif /* !HAVE_MKDTEMP */
+ 
+ #ifndef HAVE_STRLCPY
++
++#ifdef HAVE_STRING_H
++#include <string.h>
++#endif
++
+ KDECORE_EXPORT unsigned long strlcpy(char* d, const char* s, unsigned long bufsize)
+ {
+     unsigned long len, ret = strlen(s);
+@@ -325,12 +352,17 @@
+         }
+     } else
+ 	memcpy(d, s, ret + 1);
+-	
++
+     return ret;
+ }
++#endif /* !HAVE_STRLCPY */
++
++#ifndef HAVE_STRLCAT
++
++#ifdef HAVE_STRING_H
++#include <string.h>
+ #endif
+ 
+-#ifndef HAVE_STRLCAT
+ KDECORE_EXPORT unsigned long strlcat(char* d, const char* s, unsigned long bufsize)
+ {
+     char *cp;
+@@ -350,7 +382,7 @@
+ 
+     return ret;
+ }
+-#endif
++#endif /* !HAVE_STRLCAT */
+ 
+ #ifndef HAVE_STRCASESTR
+ /*
+@@ -450,7 +482,7 @@
+ ret0:
+   return 0;
+ }
+-#endif
++#endif /* !HAVE_STRCASESTR */
+ 
+ #ifndef HAVE_TRUNC
+ 
+@@ -467,4 +499,4 @@
+ {
+        return x < 0 ? -floor(-x) : floor(x);
+ }
+-#endif
++#endif /* !HAVE_TRUNC */



More information about the arch-commits mailing list