summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSergei Trofimovich <slyfox@gentoo.org>2017-08-21 22:31:46 +0100
committerSergei Trofimovich <slyfox@gentoo.org>2017-08-21 22:32:29 +0100
commit81d17e4af35cbecc7b28a96de8a62d80cf4d9e18 (patch)
treef5759680d9a1ef2f9a1cbfdb89abea8dfe137a67 /dev-vcs/git-annex
parentapp-vim/csound-syntax: stable for amd64+x86. (diff)
downloadgentoo-81d17e4af35cbecc7b28a96de8a62d80cf4d9e18.tar.gz
gentoo-81d17e4af35cbecc7b28a96de8a62d80cf4d9e18.tar.bz2
gentoo-81d17e4af35cbecc7b28a96de8a62d80cf4d9e18.zip
dev-vcs/git-annex: bump up to 6.20170818, bug #628488
""" git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117. """ Reported-by: mbailey_j Bug: https://bugs.gentoo.org/628488 Package-Manager: Portage-2.3.8, Repoman-2.3.3
Diffstat (limited to 'dev-vcs/git-annex')
-rw-r--r--dev-vcs/git-annex/Manifest1
-rw-r--r--dev-vcs/git-annex/git-annex-6.20170818.ebuild161
2 files changed, 162 insertions, 0 deletions
diff --git a/dev-vcs/git-annex/Manifest b/dev-vcs/git-annex/Manifest
index f1912bd38b6..7f7eda5b868 100644
--- a/dev-vcs/git-annex/Manifest
+++ b/dev-vcs/git-annex/Manifest
@@ -4,3 +4,4 @@ DIST git-annex-6.20160419.tar.gz 5086638 SHA256 1452a55809ba7367847fc4a77f2d8a53
DIST git-annex-6.20160923.tar.gz 1084326 SHA256 964235a358814e081cf4a5d8dab798faacb1dabe5fc714ac6687b135e30fd93d SHA512 2204b5a3b76b22718e4cf5329e78035c4ff45a133e738a8ab627067551fd40a778d4be124862f6a08b583c49400844e3b0c61a682909f911e5ac51fdb6319295 WHIRLPOOL ed5f6c732210b0a720de095ce71c8907b5ddc636e28835f85697f81a01824be7b9f154335af1c4c4e1a304f967b6233487699a49da447f8f883519063be35a55
DIST git-annex-6.20161031.tar.gz 1087730 SHA256 6de3751f361d730e4a69106443b747a45e27aaeabf51ea999c41bd92fd2c71ce SHA512 4a67154b4bbb12f4573bca71617d4c898c8915b242b30b484bc45e661c09893c5ebf2c906e87269307666dcde603d8dbb34f616d46c7a88bffb4baff0bbec81c WHIRLPOOL 0251d406889b9f171dd207a3956ee6adae4b9415fd993f692e8e76240e1f15194b7c125d5118935db1dbc0676513bf213c91df285d9a3311285ed69c24080c4c
DIST git-annex-6.20170101.tar.gz 1095866 SHA256 5fbf88652a84278275d9d4bec083189f590b045e23a73bfe8d395c3e356e3f53 SHA512 faf97a4619d1fa94efebd6fc592c58822e853505649c230afa8711165a22c1d84e8c24c850fc61d47ce1390868a934400db28f7b370a7aa26b128c0dcdc11475 WHIRLPOOL 95dbe81bf51b654d6d3deb97c180a346701d35ae07ef0774eafc2d5877ba07ed5f9b9f85beee2b3eacd6749b3f505f6d888b3747da0802fab36496ade6ab12c9
+DIST git-annex-6.20170818.tar.gz 1111837 SHA256 7ddf3f8be218d8e8955be49fb0200179e54406cc02e884abe999f88d578f7d79 SHA512 06587bf0d3056e4b94d4c40aaae820efda133dcbc876a2ac3db3183fb511ec20aae4c495323b4886868a3e66b5b1f53a04c5f3abb0362c718bbadc8e2f6e15d0 WHIRLPOOL b4034833a96ab11c8972c1b679c10948455459ef0a82fe98c9912db932ab384e00ad1a13d08030f658cc1f0525888e5e9e34e48f7e09704f642ac57e908d8a35
diff --git a/dev-vcs/git-annex/git-annex-6.20170818.ebuild b/dev-vcs/git-annex/git-annex-6.20170818.ebuild
new file mode 100644
index 00000000000..29375595e8d
--- /dev/null
+++ b/dev-vcs/git-annex/git-annex-6.20170818.ebuild
@@ -0,0 +1,161 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+# ebuild generated by hackport 0.5.3.9999
+#hackport: flags: -production,-android,-androidsplice,-testsuite
+
+CABAL_FEATURES=""
+inherit haskell-cabal bash-completion-r1
+
+DESCRIPTION="manage files with git, without checking their contents into git"
+HOMEPAGE="http://git-annex.branchable.com/"
+SRC_URI="mirror://hackage/packages/archive/${PN}/${PV}/${P}.tar.gz"
+RESTRICT="test"
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64 ~x86 ~amd64-linux"
+IUSE="+assistant benchmark +concurrentoutput +dbus doc +magicmime +network-uri +pairing s3 +torrentparser +webapp +webdav"
+
+RDEPEND="dev-haskell/aeson:=
+ dev-haskell/async:=
+ dev-haskell/bloomfilter:=
+ dev-haskell/byteable:=
+ dev-haskell/case-insensitive:=
+ dev-haskell/crypto-api:=
+ dev-haskell/cryptonite:=
+ dev-haskell/data-default:=
+ dev-haskell/disk-free-space:=
+ dev-haskell/dlist:=
+ dev-haskell/edit-distance:=
+ dev-haskell/esqueleto:=
+ >=dev-haskell/exceptions-0.6:=
+ >=dev-haskell/feed-0.3.9:=
+ dev-haskell/free:=
+ dev-haskell/hslogger:=
+ dev-haskell/http-client:=
+ >=dev-haskell/http-conduit-2.0:=
+ >=dev-haskell/http-types-0.7:=
+ dev-haskell/ifelse:=
+ dev-haskell/memory:=
+ dev-haskell/monad-control:=
+ dev-haskell/monad-logger:=
+ >=dev-haskell/mtl-2:=
+ dev-haskell/old-locale:=
+ >=dev-haskell/optparse-applicative-0.11.0:=
+ dev-haskell/persistent:=
+ dev-haskell/persistent-sqlite:=
+ dev-haskell/persistent-template:=
+ >=dev-haskell/quickcheck-2.1:2=
+ dev-haskell/random:=
+ dev-haskell/regex-tdfa:=
+ dev-haskell/resourcet:=
+ dev-haskell/safesemaphore:=
+ dev-haskell/sandi:=
+ dev-haskell/securemem:=
+ dev-haskell/socks:=
+ dev-haskell/split:=
+ >=dev-haskell/stm-2.3:=
+ dev-haskell/stm-chans:=
+ dev-haskell/text:=
+ dev-haskell/unix-compat:=
+ dev-haskell/unordered-containers:=
+ dev-haskell/utf8-string:=
+ >=dev-haskell/uuid-1.2.6:=
+ >=dev-lang/ghc-7.8.2:=
+ assistant? ( >=dev-haskell/dns-1.0.0:=
+ dev-haskell/hinotify:=
+ dev-haskell/mountpoints:=
+ sys-process/lsof )
+ benchmark? ( dev-haskell/criterion:= )
+ concurrentoutput? ( >=dev-haskell/concurrent-output-1.6:= )
+ dbus? ( >=dev-haskell/dbus-0.10.7:=
+ >=dev-haskell/fdo-notify-0.3:= )
+ magicmime? ( dev-haskell/magic:= )
+ network-uri? ( >=dev-haskell/network-2.6:=
+ >=dev-haskell/network-uri-2.6:= )
+ !network-uri? ( >=dev-haskell/network-2.4:= <dev-haskell/network-2.6:= )
+ pairing? ( dev-haskell/network-info:=
+ dev-haskell/network-multicast:= )
+ s3? ( >=dev-haskell/aws-0.9.2:=
+ dev-haskell/conduit:=
+ dev-haskell/conduit-extra:= )
+ torrentparser? ( >=dev-haskell/torrent-10000.0.0:= )
+ webapp? ( dev-haskell/blaze-builder:=
+ dev-haskell/clientsession:=
+ >=dev-haskell/path-pieces-0.1.4:=
+ >=dev-haskell/shakespeare-2.0.0:=
+ dev-haskell/wai:=
+ dev-haskell/wai-extra:=
+ >=dev-haskell/warp-3.0.0.5:=
+ >=dev-haskell/warp-tls-1.4:=
+ >=dev-haskell/yesod-1.2.6:=
+ >=dev-haskell/yesod-core-1.2.19:=
+ >=dev-haskell/yesod-default-1.2.0:=
+ >=dev-haskell/yesod-form-1.3.15:=
+ >=dev-haskell/yesod-static-1.2.4:= )
+ webdav? ( >=dev-haskell/dav-1.0:= )
+"
+# not generated by hackport:
+RDEPEND="${RDEPEND}
+ dev-vcs/git
+"
+
+DEPEND="${RDEPEND}
+ >=dev-haskell/cabal-1.18.1.3
+"
+
+# not generated by hackport:
+DEPEND="${DEPEND}
+ dev-lang/perl
+ doc? ( www-apps/ikiwiki net-misc/rsync )
+"
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-6.20160114-QC-2.8.2.patch
+ "${FILESDIR}"/${PN}-6.20161210-directory-1.3.patch
+ "${FILESDIR}"/${PN}-6.20170101-crypto-api.patch
+)
+
+src_configure() {
+ haskell-cabal_src_configure \
+ --flag=-android \
+ --flag=-androidsplice \
+ $(cabal_flag assistant assistant) \
+ $(cabal_flag benchmark benchmark) \
+ $(cabal_flag concurrentoutput concurrentoutput) \
+ $(cabal_flag dbus dbus) \
+ $(cabal_flag magicmime magicmime) \
+ $(cabal_flag network-uri network-uri) \
+ $(cabal_flag pairing pairing) \
+ --flag=-production \
+ $(cabal_flag s3 s3) \
+ --flag=-testsuite \
+ $(cabal_flag torrentparser torrentparser) \
+ $(cabal_flag webapp webapp) \
+ $(cabal_flag webdav webdav)
+}
+
+src_test() {
+ if use webapp; then
+ export GIT_CONFIG=${T}/temp-git-config
+ git config user.email "git@src_test"
+ git config user.name "Mr. ${P} The Test"
+
+ emake test
+ fi
+}
+
+src_install() {
+ haskell-cabal_src_install
+
+ newbashcomp "${FILESDIR}"/${PN}.bash ${PN}
+
+ dodoc CHANGELOG README
+ if use webapp ; then
+ doicon "${FILESDIR}"/${PN}.xpm
+ make_desktop_entry "${PN} webapp" "git-annex" ${PN}.xpm "Office"
+ fi
+}