diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2009-08-26 10:00:38 -0500 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2018-05-31 22:41:17 +0200 |
commit | 5a12e7c134274dba706667107d10d231517d3e05 (patch) | |
tree | 55718d5acb710fde798d9f38d0bbaf594ed4b296 /source/l/glib2 | |
download | current-5a12e7c134274dba706667107d10d231517d3e05.tar.gz current-5a12e7c134274dba706667107d10d231517d3e05.tar.xz |
Slackware 13.0slackware-13.0
Wed Aug 26 10:00:38 CDT 2009
Slackware 13.0 x86_64 is released as stable! Thanks to everyone who
helped make this release possible -- see the RELEASE_NOTES for the
credits. The ISOs are off to the replicator. This time it will be a
6 CD-ROM 32-bit set and a dual-sided 32-bit/64-bit x86/x86_64 DVD.
We're taking pre-orders now at store.slackware.com. Please consider
picking up a copy to help support the project. Once again, thanks to
the entire Slackware community for all the help testing and fixing
things and offering suggestions during this development cycle.
As always, have fun and enjoy! -P.
Diffstat (limited to 'source/l/glib2')
-rw-r--r-- | source/l/glib2/doinst.sh | 27 | ||||
-rw-r--r-- | source/l/glib2/glib-CVE-2008-4316.diff | 62 | ||||
-rwxr-xr-x | source/l/glib2/glib2.SlackBuild | 100 | ||||
-rw-r--r-- | source/l/glib2/libglib2.csh | 27 | ||||
-rw-r--r-- | source/l/glib2/libglib2.sh | 26 | ||||
-rw-r--r-- | source/l/glib2/slack-desc | 19 |
6 files changed, 261 insertions, 0 deletions
diff --git a/source/l/glib2/doinst.sh b/source/l/glib2/doinst.sh new file mode 100644 index 000000000..60a19898e --- /dev/null +++ b/source/l/glib2/doinst.sh @@ -0,0 +1,27 @@ +# Handle the incoming configuration files: +config() { + for infile in $1; do + NEW="$infile" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... + done +} + +# Prepare the new configuration files +for file in etc/profile.d/libglib2.csh.new etc/profile.d/libglib2.sh.new ; do + if test -e $(dirname $file)/$(basename $file .new) ; then + if [ ! -x $(dirname $file)/$(basename $file .new) ]; then + chmod 644 $file + else + chmod 755 $file + fi + fi + config $file +done diff --git a/source/l/glib2/glib-CVE-2008-4316.diff b/source/l/glib2/glib-CVE-2008-4316.diff new file mode 100644 index 000000000..5d9bddee1 --- /dev/null +++ b/source/l/glib2/glib-CVE-2008-4316.diff @@ -0,0 +1,62 @@ +--- trunk/glib/gbase64.c 2009/02/23 04:30:06 7897 ++++ trunk/glib/gbase64.c 2009/03/12 13:30:55 7973 +@@ -54,8 +54,9 @@ + * + * The output buffer must be large enough to fit all the data that will + * be written to it. Due to the way base64 encodes you will need +- * at least: @len * 4 / 3 + 6 bytes. If you enable line-breaking you will +- * need at least: @len * 4 / 3 + @len * 4 / (3 * 72) + 7 bytes. ++ * at least: (@len / 3 + 1) * 4 + 4 bytes (+ 4 may be needed in case of ++ * non-zero state). If you enable line-breaking you will need at least: ++ * ((@len / 3 + 1) * 4 + 4) / 72 + 1 bytes of extra space. + * + * @break_lines is typically used when putting base64-encoded data in emails. + * It breaks the lines at 72 columns instead of putting all of the text on +@@ -233,8 +234,14 @@ + g_return_val_if_fail (data != NULL, NULL); + g_return_val_if_fail (len > 0, NULL); + +- /* We can use a smaller limit here, since we know the saved state is 0 */ +- out = g_malloc (len * 4 / 3 + 4); ++ /* We can use a smaller limit here, since we know the saved state is 0, ++ +1 is needed for trailing \0, also check for unlikely integer overflow */ ++ if (len >= ((G_MAXSIZE - 1) / 4 - 1) * 3) ++ g_error("%s: input too large for Base64 encoding (%"G_GSIZE_FORMAT" chars)", ++ G_STRLOC, len); ++ ++ out = g_malloc ((len / 3 + 1) * 4 + 1); ++ + outlen = g_base64_encode_step (data, len, FALSE, out, &state, &save); + outlen += g_base64_encode_close (FALSE, out + outlen, &state, &save); + out[outlen] = '\0'; +@@ -275,7 +282,8 @@ + * + * The output buffer must be large enough to fit all the data that will + * be written to it. Since base64 encodes 3 bytes in 4 chars you need +- * at least: @len * 3 / 4 bytes. ++ * at least: (@len / 4) * 3 + 3 bytes (+ 3 may be needed in case of non-zero ++ * state). + * + * Return value: The number of bytes of output that was written + * +@@ -358,7 +366,8 @@ + gsize *out_len) + { + guchar *ret; +- gint input_length, state = 0; ++ gsize input_length; ++ gint state = 0; + guint save = 0; + + g_return_val_if_fail (text != NULL, NULL); +@@ -368,7 +377,9 @@ + + g_return_val_if_fail (input_length > 1, NULL); + +- ret = g_malloc0 (input_length * 3 / 4); ++ /* We can use a smaller limit here, since we know the saved state is 0, ++ +1 used to avoid calling g_malloc0(0), and hence retruning NULL */ ++ ret = g_malloc0 ((input_length / 4) * 3 + 1); + + *out_len = g_base64_decode_step (text, input_length, ret, &state, &save); + diff --git a/source/l/glib2/glib2.SlackBuild b/source/l/glib2/glib2.SlackBuild new file mode 100755 index 000000000..23211af80 --- /dev/null +++ b/source/l/glib2/glib2.SlackBuild @@ -0,0 +1,100 @@ +#!/bin/sh + +# Copyright 2008, 2009 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-2.18.4} +ARCH=${ARCH:-x86_64} +BUILD=${BUILD:-1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-glib2 +rm -rf $PKG +mkdir -p $TMP $PKG/usr + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +cd $TMP +rm -rf glib-$VERSION +tar xvf $CWD/glib-$VERSION.tar.bz2 || exit 1 +cd glib-$VERSION + +zcat $CWD/glib-CVE-2008-4316.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG + +# Install profile scripts: +mkdir -p $PKG/etc/profile.d/ +cp -a $CWD/libglib2.{csh,sh} $PKG/etc/profile.d/ +chown root:root $PKG/etc/profile.d/* +chmod 755 $PKG/etc/profile.d/* +mv $PKG/etc/profile.d/libglib2.csh $PKG/etc/profile.d/libglib2.csh.new +mv $PKG/etc/profile.d/libglib2.sh $PKG/etc/profile.d/libglib2.sh.new + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +( cd $PKG/usr/man + find . -type f -exec gzip -9 {} \; + for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done +) + +mkdir -p $PKG/usr/doc/glib-$VERSION +cp -a \ + AUTHORS COPYING NEWS README \ + $PKG/usr/doc/glib-$VERSION +( cd $PKG/usr/doc/glib-$VERSION ; ln -s /usr/share/gtk-doc/html/gobject html ) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/glib2-$VERSION-$ARCH-$BUILD.txz + diff --git a/source/l/glib2/libglib2.csh b/source/l/glib2/libglib2.csh new file mode 100644 index 000000000..584f06bf7 --- /dev/null +++ b/source/l/glib2/libglib2.csh @@ -0,0 +1,27 @@ +#!/bin/csh +# +# Description: This script sets the environment variables G_FILENAME_ENCODING +# and G_BROKEN_FILENAMES for the glib-2.0 library. +# +# G_FILENAME_ENCODING +# This environment variable can be set to a comma-separated list of +# character set names. GLib assumes that filenames are encoded in the +# first character set from that list rather than in UTF-8. The special +# token "@locale" can be used to specify the character set for the +# current locale. +# +# G_BROKEN_FILENAMES +# If this environment variable is set, GLib assumes that filenames are +# in the locale encoding rather than in UTF-8. + +# If the LANG you have set contains any form of "UTF", we will guess you are +# using a UTF-8 locale. Hopefully we're correct. +echo $LANG | grep -iq UTF +if ($status == 0) then + export G_FILENAME_ENCODING="@locale" +endif + +# It doesn't hurt to export this since G_FILENAME_ENCODING takes priority +# over G_BROKEN_FILENAMES: +setenv G_BROKEN_FILENAMES 1 + diff --git a/source/l/glib2/libglib2.sh b/source/l/glib2/libglib2.sh new file mode 100644 index 000000000..9b9fdc69f --- /dev/null +++ b/source/l/glib2/libglib2.sh @@ -0,0 +1,26 @@ +#!/bin/sh +# +# Description: This script sets the environment variables G_FILENAME_ENCODING +# and G_BROKEN_FILENAMES for the glib-2.0 library. +# +# G_FILENAME_ENCODING +# This environment variable can be set to a comma-separated list of +# character set names. GLib assumes that filenames are encoded in the +# first character set from that list rather than in UTF-8. The special +# token "@locale" can be used to specify the character set for the +# current locale. +# +# G_BROKEN_FILENAMES +# If this environment variable is set, GLib assumes that filenames are +# in the locale encoding rather than in UTF-8. + +# If the LANG you have set contains any form of "UTF", we will guess you are +# using a UTF-8 locale. Hopefully we're correct. +if echo $LANG | grep -iq UTF ; then + export G_FILENAME_ENCODING="@locale" +fi + +# It doesn't hurt to export this since G_FILENAME_ENCODING takes priority +# over G_BROKEN_FILENAMES: +export G_BROKEN_FILENAMES=1 + diff --git a/source/l/glib2/slack-desc b/source/l/glib2/slack-desc new file mode 100644 index 000000000..1633f2f7a --- /dev/null +++ b/source/l/glib2/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +glib2: glib2 (library of C routines) +glib2: +glib2: GLib is a library which includes support routines for C such as lists, +glib2: trees, hashes, memory allocation, and many other things. +glib2: +glib2: +glib2: +glib2: +glib2: +glib2: +glib2: |