diff options
Diffstat (limited to 'app-arch/dpkg')
18 files changed, 926 insertions, 406 deletions
diff --git a/app-arch/dpkg/Manifest b/app-arch/dpkg/Manifest index 1a74fef658d4..9b7b7bf109c1 100644 --- a/app-arch/dpkg/Manifest +++ b/app-arch/dpkg/Manifest @@ -1,7 +1,5 @@ -DIST dpkg_1.19.0.5.tar.xz 4557428 BLAKE2B 99c31705bfad1cfa024366c788264f4e747a7143f87c581730797975303c1054003e41fd65ecf80df1dc053ba87c0e8449ec574ddcb158228b41ae57a23db18f SHA512 60d7198ffe6ea759c30ad82143b3107d41ce59224b853cb5a7beb79af0de6ba6a69414c365e6b3555a0a9c60e3cf9b543a3a448d80a734be38ccecb77ae963a9 -DIST dpkg_1.19.6.tar.xz 4802832 BLAKE2B e35a805942e2b26a90cec80493a14697461cfb1c1352fa7fadce7171c8cca88785ff2590d34b8f0bd4763642cb21ee7bf449df86b01eef223554daba4604d1b1 SHA512 71981079835ea4bd5c4a381ca8702cf489c788034e29c129899eb288cfaf4ec55eb58c0aea13145dcde99f15a47d2de71fba7b5e7eb8e6b1b1d6f016de8a919d -DIST dpkg_1.19.7.tar.xz 4716724 BLAKE2B d65200fc5da986db8b66e31e1ea45b9757b87e0fa15f7fc0579f1c1c63de78829c1a10bbc72726fe3b75bf6c11cbe1fe3c9b62f8374c796f990835f9f0e79dd2 SHA512 9ca441dc265baf5359c71617aef1c57504a7097c26ea57108b88dadc511bfa9918fcc765d8c67cec9def9916c5df92d6cabe508446dbc7223a29b45260445e81 -DIST dpkg_1.20.0.tar.xz 4738556 BLAKE2B 2e58b3881abd46854416b05b0f9d2e972c3b545412a506b7bc18f1ebae5d82eac8bc2b55920d706fee0ca02239871c4f1c121e0c780aef31404e0408fbfa76e8 SHA512 5dd7961bde19ccc891fd5b77ca0085f7fc0308c20380e20b393397ff92e50d1c0f54e7b57676c05876021b44aa3788af8258c21ff2b672110ac92c7ce0b408f9 -DIST dpkg_1.20.2.tar.xz 4710300 BLAKE2B 0d10ee7f5cc863a6496fd8340cf0457f9af3d7d7a74821d561d0cc500a056d52664d1418453fa45dcb27d01ef59e55eb299ce1fcccd1ae7cb72b7c9e43b6b120 SHA512 523713e40d4f49332d96fdcabaeaf4d97f56b40bbbd51f18d17b5c79598249d04fdf96dfc5c8684408a666cf04f622cbd30da60efe68ba2cf1cd836cb2503e02 -DIST dpkg_1.20.3.tar.xz 4712980 BLAKE2B 92a1ff07dbb01f8942452eee269eb45d4c164272bf3ae5d0a62a6086c4321e7fc3dd5b164089d7f2e476258f8ec8c480c1614d4f43e3a7a7f1e632bf13191d2e SHA512 5893ae34efc6f9d54e47fc403487c79233501666968681b827bbabbf39b1401cb7064f8fe8797708ed32bb37345dbb78a1daac04c6dc7064f2811265f3a4e82c -DIST dpkg_1.20.5.tar.xz 4715684 BLAKE2B 32b88cbd1ae75685b6c0b04b7c829372df323a9508ddd088076097e8bf2ac9050f1f4ec591fb7d40c4d4ea34207cef0edd430d0326cb73e1f7c8dd560db916be SHA512 6b3789c25c81022181b87a28ca9baa4a463a68940a871568c699a2a30e3b4ce705835ed6a171ac8c5902e377200b31cc0be1e03cbd7d35c4eaf92c7300d9227f +DIST dpkg_1.20.12.tar.xz 5009108 BLAKE2B 47ecb53c331503c72081a4c472acd6e94a5b7fca2032358809aa8c546cfd6c1542c7cdfad2a5ceff0e40dc454a61974ec47233061b98cf99aabbb8e53621858c SHA512 ce20b1b00b972e6fa5d5cd6427003415a92a78742dc02a9055fee6f00db22b037c54560170e657d7b74c2ae542fff4b7eba46f642adf911dc2f3b90eebefc3ff +DIST dpkg_1.20.9.tar.xz 4954428 BLAKE2B 4e04f7a90c8696971895081e18b220d9dee4bc5930428f131556ae71c673e61e18c363e279b566c2218da60a5aca421807c14cf518952502e707c7397769097b SHA512 904a4742f5f340dc65b2137364dce102a0b2eb42ccedb2a73f79c207362c699fbffaaf1379f1f6c8b8b0e490321af1d03c34b50ebe0c703f5ce8a7f75f17a839 +DIST dpkg_1.21.1.tar.xz 4986936 BLAKE2B f5b0f9fe7ac5fe7ba47191a9e467356e748418846ce0fc9f3c61d731e035eb096932848b15e6a85a15938d3bbd6fa069c786ab0e89c77119958fe632a91c309f SHA512 3f3f263e1300f3e4b55e84521847703dcfe465aa54829a69c31c174a2ad5e8b6a8a251da7c6020d31a38e9e6744113924a71e9579469e32289328e91a48db07f +DIST dpkg_1.21.15.tar.xz 5350148 BLAKE2B f26611db365266ef9f43484c20d3150889238b34b156cac26f0ae8ae9572e7e4a9839e08a0073a25c886cd2891fc6d84afc97262ae6992267b47fa6e86c03a33 SHA512 eb31db63dd454048c3b7539b539720ed71239303ca679df92b934e971914d63dd771da09149054048e24dde1f5627ee24d43dbd8782ca1dc28c4a2bd3ed8f26a +DIST dpkg_1.21.19.tar.xz 5360888 BLAKE2B 1a48781c136b47b74fb947a14ddfde8e3d8441f728215257d4c7b9618b5af79225be6312a31166181acbf5c05a408332d9faae2c7e16f7757a442e8d4e6a0afd SHA512 660297e678326350b70e6a49635642347413046ebab05bdc076505511e844f7de0261a12c6c07e586d661f6536b987e3c32c21b8cc95d7135538a5c2f6d1514e diff --git a/app-arch/dpkg/dpkg-1.19.0.5.ebuild b/app-arch/dpkg/dpkg-1.19.0.5.ebuild deleted file mode 100644 index 8e4d1b70a04d..000000000000 --- a/app-arch/dpkg/dpkg-1.19.0.5.ebuild +++ /dev/null @@ -1,87 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -inherit eutils multilib autotools ltprune toolchain-funcs - -DESCRIPTION="Package maintenance system for Debian" -HOMEPAGE="https://packages.qa.debian.org/dpkg" -SRC_URI="mirror://debian/pool/main/d/${PN}/${P/-/_}.tar.xz" - -LICENSE="GPL-2+" -SLOT="0" -KEYWORDS="~alpha amd64 arm hppa ~ia64 ~m68k ~mips ppc ppc64 ~s390 sparc x86 ~amd64-linux ~x86-linux" -IUSE="+bzip2 +lzma nls selinux test unicode +update-alternatives +zlib" -RESTRICT="!test? ( test )" - -RDEPEND=" - >=dev-lang/perl-5.14.2:= - bzip2? ( app-arch/bzip2 ) - lzma? ( app-arch/xz-utils ) - selinux? ( sys-libs/libselinux ) - zlib? ( >=sys-libs/zlib-1.1.4 ) -" -DEPEND=" - ${RDEPEND} - app-arch/xz-utils - sys-devel/flex - virtual/pkgconfig - nls? ( - app-text/po4a - >=sys-devel/gettext-0.18.2 - ) - test? ( - dev-perl/IO-String - dev-perl/Test-Pod - virtual/perl-Test-Harness - ) -" - -DOCS=( - ChangeLog - THANKS - TODO -) -PATCHES=( - "${FILESDIR}"/${PN}-1.18.12-dpkg_buildpackage-test.patch - "${FILESDIR}"/${PN}-1.18.12-flags.patch - "${FILESDIR}"/${PN}-1.18.12-rsyncable.patch -) - -src_prepare() { - use nls && strip-linguas -i po - - default - - eautoreconf -} - -src_configure() { - tc-export CC - econf \ - $(use_enable nls) \ - $(use_enable unicode) \ - $(use_enable update-alternatives) \ - $(use_with bzip2 libbz2) \ - $(use_with lzma liblzma) \ - $(use_with selinux libselinux) \ - $(use_with zlib libz) \ - --disable-compiler-warnings \ - --disable-dselect \ - --disable-start-stop-daemon \ - --localstatedir="${EPREFIX}"/var \ - --without-libmd -} - -src_compile() { - emake AR=$(tc-getAR) -} - -src_install() { - default - - keepdir /usr/$(get_libdir)/db/methods/{mnt,floppy,disk} - keepdir /usr/$(get_libdir)/db/{alternatives,info,methods,parts,updates} - - prune_libtool_files -} diff --git a/app-arch/dpkg/dpkg-1.19.6.ebuild b/app-arch/dpkg/dpkg-1.19.6.ebuild deleted file mode 100644 index 8caed6c98c4f..000000000000 --- a/app-arch/dpkg/dpkg-1.19.6.ebuild +++ /dev/null @@ -1,91 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -inherit eutils multilib autotools ltprune toolchain-funcs - -DESCRIPTION="Package maintenance system for Debian" -HOMEPAGE="https://packages.qa.debian.org/dpkg" -SRC_URI="mirror://debian/pool/main/d/${PN}/${P/-/_}.tar.xz" - -LICENSE="GPL-2+" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" -IUSE="+bzip2 libmd +lzma nls selinux static-libs test unicode +update-alternatives +zlib" -RESTRICT="!test? ( test )" - -RDEPEND=" - >=dev-lang/perl-5.14.2:= - bzip2? ( app-arch/bzip2 ) - libmd? ( app-crypt/libmd ) - lzma? ( app-arch/xz-utils ) - nls? ( virtual/libintl ) - selinux? ( sys-libs/libselinux ) - zlib? ( >=sys-libs/zlib-1.1.4 ) -" -DEPEND=" - ${RDEPEND} - app-arch/xz-utils - sys-devel/flex - virtual/pkgconfig - nls? ( - app-text/po4a - >=sys-devel/gettext-0.18.2 - ) - test? ( - dev-perl/IO-String - dev-perl/Test-Pod - virtual/perl-Test-Harness - ) -" -DOCS=( - ChangeLog - THANKS - TODO -) -PATCHES=( - "${FILESDIR}"/${PN}-1.18.12-dpkg_buildpackage-test.patch - "${FILESDIR}"/${PN}-1.18.12-flags.patch - "${FILESDIR}"/${PN}-1.18.12-rsyncable.patch -) - -src_prepare() { - use nls && strip-linguas -i po - - default - - eautoreconf -} - -src_configure() { - tc-export CC - econf \ - $(use_enable nls) \ - $(use_enable static-libs static) \ - $(use_enable unicode) \ - $(use_enable update-alternatives) \ - $(use_with bzip2 libbz2) \ - $(use_with libmd) \ - $(use_with lzma liblzma) \ - $(use_with selinux libselinux) \ - $(use_with zlib libz) \ - --disable-compiler-warnings \ - --disable-dselect \ - --disable-start-stop-daemon \ - --localstatedir="${EPREFIX}"/var -} - -src_compile() { - emake AR=$(tc-getAR) -} - -src_install() { - default - - keepdir \ - /usr/$(get_libdir)/db/methods/{mnt,floppy,disk} \ - /var/lib/dpkg/{alternatives,info,parts,updates} -# /usr/$(get_libdir)/db/{alternatives,info,parts,updates} \ - - prune_libtool_files -} diff --git a/app-arch/dpkg/dpkg-1.19.7.ebuild b/app-arch/dpkg/dpkg-1.19.7.ebuild deleted file mode 100644 index 8caed6c98c4f..000000000000 --- a/app-arch/dpkg/dpkg-1.19.7.ebuild +++ /dev/null @@ -1,91 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -inherit eutils multilib autotools ltprune toolchain-funcs - -DESCRIPTION="Package maintenance system for Debian" -HOMEPAGE="https://packages.qa.debian.org/dpkg" -SRC_URI="mirror://debian/pool/main/d/${PN}/${P/-/_}.tar.xz" - -LICENSE="GPL-2+" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" -IUSE="+bzip2 libmd +lzma nls selinux static-libs test unicode +update-alternatives +zlib" -RESTRICT="!test? ( test )" - -RDEPEND=" - >=dev-lang/perl-5.14.2:= - bzip2? ( app-arch/bzip2 ) - libmd? ( app-crypt/libmd ) - lzma? ( app-arch/xz-utils ) - nls? ( virtual/libintl ) - selinux? ( sys-libs/libselinux ) - zlib? ( >=sys-libs/zlib-1.1.4 ) -" -DEPEND=" - ${RDEPEND} - app-arch/xz-utils - sys-devel/flex - virtual/pkgconfig - nls? ( - app-text/po4a - >=sys-devel/gettext-0.18.2 - ) - test? ( - dev-perl/IO-String - dev-perl/Test-Pod - virtual/perl-Test-Harness - ) -" -DOCS=( - ChangeLog - THANKS - TODO -) -PATCHES=( - "${FILESDIR}"/${PN}-1.18.12-dpkg_buildpackage-test.patch - "${FILESDIR}"/${PN}-1.18.12-flags.patch - "${FILESDIR}"/${PN}-1.18.12-rsyncable.patch -) - -src_prepare() { - use nls && strip-linguas -i po - - default - - eautoreconf -} - -src_configure() { - tc-export CC - econf \ - $(use_enable nls) \ - $(use_enable static-libs static) \ - $(use_enable unicode) \ - $(use_enable update-alternatives) \ - $(use_with bzip2 libbz2) \ - $(use_with libmd) \ - $(use_with lzma liblzma) \ - $(use_with selinux libselinux) \ - $(use_with zlib libz) \ - --disable-compiler-warnings \ - --disable-dselect \ - --disable-start-stop-daemon \ - --localstatedir="${EPREFIX}"/var -} - -src_compile() { - emake AR=$(tc-getAR) -} - -src_install() { - default - - keepdir \ - /usr/$(get_libdir)/db/methods/{mnt,floppy,disk} \ - /var/lib/dpkg/{alternatives,info,parts,updates} -# /usr/$(get_libdir)/db/{alternatives,info,parts,updates} \ - - prune_libtool_files -} diff --git a/app-arch/dpkg/dpkg-1.20.0.ebuild b/app-arch/dpkg/dpkg-1.20.0.ebuild deleted file mode 100644 index 07b8ea26604c..000000000000 --- a/app-arch/dpkg/dpkg-1.20.0.ebuild +++ /dev/null @@ -1,90 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -inherit eutils multilib autotools toolchain-funcs - -DESCRIPTION="Package maintenance system for Debian" -HOMEPAGE="https://packages.qa.debian.org/dpkg" -SRC_URI="mirror://debian/pool/main/d/${PN}/${P/-/_}.tar.xz" - -LICENSE="GPL-2+" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" -IUSE="+bzip2 libmd +lzma nls selinux static-libs test unicode +update-alternatives +zlib" -RESTRICT="!test? ( test )" - -RDEPEND=" - >=dev-lang/perl-5.14.2:= - bzip2? ( app-arch/bzip2 ) - libmd? ( app-crypt/libmd ) - lzma? ( app-arch/xz-utils ) - nls? ( virtual/libintl ) - selinux? ( sys-libs/libselinux ) - zlib? ( >=sys-libs/zlib-1.1.4 ) -" -DEPEND=" - ${RDEPEND} - app-arch/xz-utils - sys-devel/flex - virtual/pkgconfig - nls? ( - app-text/po4a - >=sys-devel/gettext-0.18.2 - ) - test? ( - dev-perl/IO-String - dev-perl/Test-Pod - virtual/perl-Test-Harness - ) -" -DOCS=( - ChangeLog - THANKS - TODO -) -PATCHES=( - "${FILESDIR}"/${PN}-1.18.12-dpkg_buildpackage-test.patch - "${FILESDIR}"/${PN}-1.18.12-flags.patch - "${FILESDIR}"/${PN}-1.18.12-rsyncable.patch -) - -src_prepare() { - use nls && strip-linguas -i po - - default - - eautoreconf -} - -src_configure() { - tc-export CC - econf \ - $(use_enable nls) \ - $(use_enable static-libs static) \ - $(use_enable unicode) \ - $(use_enable update-alternatives) \ - $(use_with bzip2 libbz2) \ - $(use_with libmd) \ - $(use_with lzma liblzma) \ - $(use_with selinux libselinux) \ - $(use_with zlib libz) \ - --disable-compiler-warnings \ - --disable-dselect \ - --disable-start-stop-daemon \ - --localstatedir="${EPREFIX}"/var -} - -src_compile() { - emake AR=$(tc-getAR) -} - -src_install() { - default - - keepdir \ - /usr/$(get_libdir)/db/methods/{mnt,floppy,disk} \ - /var/lib/dpkg/{alternatives,info,parts,updates} - - find "${ED}" -name '*.la' -delete || die -} diff --git a/app-arch/dpkg/dpkg-1.20.3.ebuild b/app-arch/dpkg/dpkg-1.20.12-r1.ebuild index 732d0c6d35b0..f903010ac4a5 100644 --- a/app-arch/dpkg/dpkg-1.20.3.ebuild +++ b/app-arch/dpkg/dpkg-1.20.12-r1.ebuild @@ -1,8 +1,8 @@ -# Copyright 1999-2020 Gentoo Authors +# Copyright 1999-2024 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 -EAPI=7 -inherit multilib autotools toolchain-funcs +EAPI=8 +inherit autotools toolchain-funcs DESCRIPTION="Package maintenance system for Debian" HOMEPAGE="https://packages.qa.debian.org/dpkg" @@ -10,12 +10,14 @@ SRC_URI="mirror://debian/pool/main/d/${PN}/${P/-/_}.tar.xz" LICENSE="GPL-2+" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" -IUSE="+bzip2 libmd +lzma nls selinux static-libs test unicode +update-alternatives +zlib" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" +IUSE="+bzip2 libmd +lzma nls selinux static-libs test +update-alternatives +zlib" RESTRICT="!test? ( test )" RDEPEND=" + >=app-arch/tar-1.34-r1 >=dev-lang/perl-5.14.2:= + sys-libs/ncurses:=[unicode(+)] bzip2? ( app-arch/bzip2 ) libmd? ( app-crypt/libmd ) lzma? ( app-arch/xz-utils ) @@ -34,41 +36,46 @@ DEPEND=" ) " BDEPEND=" - sys-devel/flex + app-alternatives/lex nls? ( app-text/po4a >=sys-devel/gettext-0.18.2 ) " +RDEPEND+=" selinux? ( sec-policy/selinux-dpkg )" + DOCS=( ChangeLog THANKS TODO ) PATCHES=( - "${FILESDIR}"/${PN}-1.18.12-dpkg_buildpackage-test.patch "${FILESDIR}"/${PN}-1.18.12-flags.patch "${FILESDIR}"/${PN}-1.18.12-rsyncable.patch + "${FILESDIR}"/${PN}-1.20.5-dpkg_buildpackage-test.patch + "${FILESDIR}"/${PN}-1.20.12-m4-stdio.patch ) src_prepare() { default + sed -i -e 's|\<ar\>|${AR}|g' t-func/deb-format.at t-func/testsuite || die + eautoreconf } src_configure() { - tc-export CC + tc-export AR CC + econf \ $(use_enable nls) \ - $(use_enable static-libs static) \ - $(use_enable unicode) \ $(use_enable update-alternatives) \ $(use_with bzip2 libbz2) \ $(use_with libmd) \ $(use_with lzma liblzma) \ $(use_with selinux libselinux) \ $(use_with zlib libz) \ + --enable-unicode \ --disable-compiler-warnings \ --disable-dselect \ --disable-start-stop-daemon \ @@ -76,7 +83,7 @@ src_configure() { } src_compile() { - emake AR=$(tc-getAR) + emake AR="$(tc-getAR)" } src_install() { @@ -87,4 +94,8 @@ src_install() { /var/lib/dpkg/{alternatives,info,parts,updates} find "${ED}" -name '*.la' -delete || die + + if ! use static-libs; then + find "${ED}" -name '*.a' -delete || die + fi } diff --git a/app-arch/dpkg/dpkg-1.20.5.ebuild b/app-arch/dpkg/dpkg-1.20.9-r1.ebuild index e72dc080fa4c..1b349d8f52c9 100644 --- a/app-arch/dpkg/dpkg-1.20.5.ebuild +++ b/app-arch/dpkg/dpkg-1.20.9-r1.ebuild @@ -1,8 +1,8 @@ -# Copyright 1999-2020 Gentoo Authors +# Copyright 1999-2024 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=7 -inherit multilib autotools toolchain-funcs +inherit autotools toolchain-funcs DESCRIPTION="Package maintenance system for Debian" HOMEPAGE="https://packages.qa.debian.org/dpkg" @@ -10,7 +10,7 @@ SRC_URI="mirror://debian/pool/main/d/${PN}/${P/-/_}.tar.xz" LICENSE="GPL-2+" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ppc ppc64 ~s390 sparc x86 ~amd64-linux ~x86-linux" IUSE="+bzip2 libmd +lzma nls selinux static-libs test unicode +update-alternatives +zlib" RESTRICT="!test? ( test )" @@ -34,7 +34,7 @@ DEPEND=" ) " BDEPEND=" - sys-devel/flex + app-alternatives/lex nls? ( app-text/po4a >=sys-devel/gettext-0.18.2 @@ -49,6 +49,7 @@ PATCHES=( "${FILESDIR}"/${PN}-1.18.12-flags.patch "${FILESDIR}"/${PN}-1.18.12-rsyncable.patch "${FILESDIR}"/${PN}-1.20.5-dpkg_buildpackage-test.patch + "${FILESDIR}"/${P}-CVE-2022-1664.patch ) src_prepare() { @@ -78,7 +79,7 @@ src_configure() { } src_compile() { - emake AR=$(tc-getAR) + emake AR="$(tc-getAR)" } src_install() { diff --git a/app-arch/dpkg/dpkg-1.20.2.ebuild b/app-arch/dpkg/dpkg-1.21.1.ebuild index 732d0c6d35b0..1155e0f445a1 100644 --- a/app-arch/dpkg/dpkg-1.20.2.ebuild +++ b/app-arch/dpkg/dpkg-1.21.1.ebuild @@ -1,8 +1,8 @@ -# Copyright 1999-2020 Gentoo Authors +# Copyright 1999-2024 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=7 -inherit multilib autotools toolchain-funcs +inherit autotools toolchain-funcs DESCRIPTION="Package maintenance system for Debian" HOMEPAGE="https://packages.qa.debian.org/dpkg" @@ -10,11 +10,12 @@ SRC_URI="mirror://debian/pool/main/d/${PN}/${P/-/_}.tar.xz" LICENSE="GPL-2+" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" IUSE="+bzip2 libmd +lzma nls selinux static-libs test unicode +update-alternatives +zlib" RESTRICT="!test? ( test )" RDEPEND=" + >=app-arch/gzip-1.7 >=dev-lang/perl-5.14.2:= bzip2? ( app-arch/bzip2 ) libmd? ( app-crypt/libmd ) @@ -34,7 +35,7 @@ DEPEND=" ) " BDEPEND=" - sys-devel/flex + app-alternatives/lex nls? ( app-text/po4a >=sys-devel/gettext-0.18.2 @@ -46,22 +47,23 @@ DOCS=( TODO ) PATCHES=( - "${FILESDIR}"/${PN}-1.18.12-dpkg_buildpackage-test.patch "${FILESDIR}"/${PN}-1.18.12-flags.patch - "${FILESDIR}"/${PN}-1.18.12-rsyncable.patch + "${FILESDIR}"/${PN}-1.20.5-dpkg_buildpackage-test.patch ) src_prepare() { default + sed -i -e 's|\<ar\>|${AR}|g' t-func/deb-format.at t-func/testsuite || die + eautoreconf } src_configure() { - tc-export CC + tc-export AR CC + econf \ $(use_enable nls) \ - $(use_enable static-libs static) \ $(use_enable unicode) \ $(use_enable update-alternatives) \ $(use_with bzip2 libbz2) \ @@ -76,7 +78,7 @@ src_configure() { } src_compile() { - emake AR=$(tc-getAR) + emake AR="$(tc-getAR)" } src_install() { @@ -87,4 +89,8 @@ src_install() { /var/lib/dpkg/{alternatives,info,parts,updates} find "${ED}" -name '*.la' -delete || die + + if ! use static-libs; then + find "${ED}" -name '*.a' -delete || die + fi } diff --git a/app-arch/dpkg/dpkg-1.21.15-r2.ebuild b/app-arch/dpkg/dpkg-1.21.15-r2.ebuild new file mode 100644 index 000000000000..0af2f9f4e99f --- /dev/null +++ b/app-arch/dpkg/dpkg-1.21.15-r2.ebuild @@ -0,0 +1,112 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit autotools toolchain-funcs + +DESCRIPTION="Package maintenance system for Debian" +HOMEPAGE="https://packages.qa.debian.org/dpkg" +SRC_URI="mirror://debian/pool/main/d/${PN}/${P/-/_}.tar.xz" + +LICENSE="GPL-2+" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" +IUSE="+bzip2 +lzma nls selinux static-libs test +update-alternatives +zlib" +RESTRICT="!test? ( test )" + +RDEPEND=" + >=app-arch/gzip-1.7 + >=app-arch/tar-1.34-r1 + app-crypt/libmd + >=dev-lang/perl-5.14.2:= + sys-libs/ncurses:=[unicode(+)] + bzip2? ( app-arch/bzip2 ) + lzma? ( app-arch/xz-utils ) + nls? ( virtual/libintl ) + selinux? ( sys-libs/libselinux ) + zlib? ( >=sys-libs/zlib-1.1.4 ) +" +DEPEND=" + ${RDEPEND} + app-arch/xz-utils + virtual/pkgconfig + test? ( + dev-perl/IO-String + dev-perl/Test-Pod + virtual/perl-Test-Harness + ) +" +BDEPEND=" + app-alternatives/lex + nls? ( + app-text/po4a + >=sys-devel/gettext-0.18.2 + ) +" +RDEPEND+=" selinux? ( sec-policy/selinux-dpkg )" + +PATCHES=( + "${FILESDIR}"/${PN}-1.18.12-flags.patch + "${FILESDIR}"/${P}-buf-overflow.patch +) + +src_prepare() { + default + + sed -i -e 's|\<ar\>|${AR}|g' src/at/deb-format.at src/at/testsuite || die + + eautoreconf +} + +src_configure() { + tc-export AR CC + + local myconf=( + --disable-compiler-warnings + --disable-devel-docs + --disable-dselect + --disable-start-stop-daemon + --enable-unicode + --localstatedir="${EPREFIX}"/var + $(use_enable nls) + $(use_enable update-alternatives) + $(use_with bzip2 libbz2) + $(use_with lzma liblzma) + $(use_with selinux libselinux) + $(use_with zlib libz) + + ) + + econf "${myconf[@]}" +} + +src_compile() { + emake AR="$(tc-getAR)" +} + +src_install() { + local DOCS=( debian/changelog THANKS TODO ) + default + + # https://bugs.gentoo.org/835520 + mv -v "${ED}"/usr/share/zsh/{vendor-completions,site-functions} || die + + # https://bugs.gentoo.org/840320 + insinto /etc/dpkg/origins + newins - gentoo <<-_EOF_ + Vendor: Gentoo + Vendor-URL: https://www.gentoo.org/ + Bugs: https://bugs.gentoo.org/ + _EOF_ + dosym gentoo /etc/dpkg/origins/default + + keepdir \ + /usr/$(get_libdir)/db/methods/{mnt,floppy,disk} \ + /var/lib/dpkg/{alternatives,info,parts,updates} + + find "${ED}" -name '*.la' -delete || die + + if ! use static-libs; then + find "${ED}" -name '*.a' -delete || die + fi +} diff --git a/app-arch/dpkg/dpkg-1.21.15-r3.ebuild b/app-arch/dpkg/dpkg-1.21.15-r3.ebuild new file mode 100644 index 000000000000..7332eca45431 --- /dev/null +++ b/app-arch/dpkg/dpkg-1.21.15-r3.ebuild @@ -0,0 +1,113 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit autotools toolchain-funcs + +DESCRIPTION="Package maintenance system for Debian" +HOMEPAGE="https://packages.qa.debian.org/dpkg" +SRC_URI="mirror://debian/pool/main/d/${PN}/${P/-/_}.tar.xz" + +LICENSE="GPL-2+" +SLOT="0" +KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~m68k ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux" +IUSE="+bzip2 +lzma nls selinux static-libs test +update-alternatives +zlib" +RESTRICT="!test? ( test )" + +RDEPEND=" + >=app-arch/gzip-1.7 + >=app-arch/tar-1.34-r1 + app-crypt/libmd + >=dev-lang/perl-5.14.2:= + sys-libs/ncurses:=[unicode(+)] + bzip2? ( app-arch/bzip2 ) + lzma? ( app-arch/xz-utils ) + nls? ( virtual/libintl ) + selinux? ( sys-libs/libselinux ) + zlib? ( >=sys-libs/zlib-1.1.4 ) +" +DEPEND=" + ${RDEPEND} + app-arch/xz-utils + virtual/pkgconfig + test? ( + dev-perl/IO-String + dev-perl/Test-Pod + virtual/perl-Test-Harness + ) +" +BDEPEND=" + app-alternatives/lex + nls? ( + app-text/po4a + >=sys-devel/gettext-0.18.2 + ) +" +RDEPEND+=" selinux? ( sec-policy/selinux-dpkg )" + +PATCHES=( + "${FILESDIR}"/${PN}-1.18.12-flags.patch + "${FILESDIR}"/${P}-buf-overflow.patch + "${FILESDIR}"/${PN}-1.21.15-arch_pm.patch +) + +src_prepare() { + default + + sed -i -e 's|\<ar\>|${AR}|g' src/at/deb-format.at src/at/testsuite || die + + eautoreconf +} + +src_configure() { + tc-export AR CC + + local myconf=( + --disable-compiler-warnings + --disable-devel-docs + --disable-dselect + --disable-start-stop-daemon + --enable-unicode + --localstatedir="${EPREFIX}"/var + $(use_enable nls) + $(use_enable update-alternatives) + $(use_with bzip2 libbz2) + $(use_with lzma liblzma) + $(use_with selinux libselinux) + $(use_with zlib libz) + + ) + + econf "${myconf[@]}" +} + +src_compile() { + emake AR="$(tc-getAR)" +} + +src_install() { + local DOCS=( debian/changelog THANKS TODO ) + default + + # https://bugs.gentoo.org/835520 + mv -v "${ED}"/usr/share/zsh/{vendor-completions,site-functions} || die + + # https://bugs.gentoo.org/840320 + insinto /etc/dpkg/origins + newins - gentoo <<-_EOF_ + Vendor: Gentoo + Vendor-URL: https://www.gentoo.org/ + Bugs: https://bugs.gentoo.org/ + _EOF_ + dosym gentoo /etc/dpkg/origins/default + + keepdir \ + /usr/$(get_libdir)/db/methods/{mnt,floppy,disk} \ + /var/lib/dpkg/{alternatives,info,parts,updates} + + find "${ED}" -name '*.la' -delete || die + + if ! use static-libs; then + find "${ED}" -name '*.a' -delete || die + fi +} diff --git a/app-arch/dpkg/dpkg-1.21.19-r1.ebuild b/app-arch/dpkg/dpkg-1.21.19-r1.ebuild new file mode 100644 index 000000000000..cb9bdfb3ded0 --- /dev/null +++ b/app-arch/dpkg/dpkg-1.21.19-r1.ebuild @@ -0,0 +1,113 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit autotools toolchain-funcs + +DESCRIPTION="Package maintenance system for Debian" +HOMEPAGE="https://packages.qa.debian.org/dpkg" +SRC_URI="mirror://debian/pool/main/d/${PN}/${P/-/_}.tar.xz" + +LICENSE="GPL-2+" +SLOT="0" +#KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" +IUSE="+bzip2 +lzma nls selinux static-libs test +update-alternatives +zlib +zstd" +RESTRICT="!test? ( test )" + +RDEPEND=" + >=app-arch/gzip-1.7 + >=app-arch/tar-1.34-r1 + app-crypt/libmd + >=dev-lang/perl-5.14.2:= + sys-libs/ncurses:=[unicode(+)] + bzip2? ( app-arch/bzip2 ) + lzma? ( app-arch/xz-utils ) + nls? ( virtual/libintl ) + selinux? ( sys-libs/libselinux ) + zlib? ( >=sys-libs/zlib-1.1.4 ) + zstd? ( app-arch/zstd:= ) +" +DEPEND=" + ${RDEPEND} + app-arch/xz-utils + virtual/pkgconfig + test? ( + dev-perl/IO-String + dev-perl/Test-Pod + virtual/perl-Test-Harness + ) +" +BDEPEND=" + app-alternatives/lex + nls? ( + app-text/po4a + >=sys-devel/gettext-0.18.2 + ) +" +RDEPEND+=" selinux? ( sec-policy/selinux-dpkg )" + +PATCHES=( + "${FILESDIR}"/${PN}-1.18.12-flags.patch + "${FILESDIR}"/${PN}-1.21.15-arch_pm.patch +) + +src_prepare() { + default + + sed -i -e 's|\<ar\>|${AR}|g' src/at/deb-format.at src/at/testsuite || die + + eautoreconf +} + +src_configure() { + tc-export AR CC + + local myconf=( + --disable-compiler-warnings + --disable-devel-docs + --disable-dselect + --disable-start-stop-daemon + --enable-unicode + --localstatedir="${EPREFIX}"/var + $(use_enable nls) + $(use_enable update-alternatives) + $(use_with bzip2 libbz2) + $(use_with lzma liblzma) + $(use_with selinux libselinux) + $(use_with zlib libz) + $(use_with zstd libzstd) + ) + + econf "${myconf[@]}" +} + +src_compile() { + emake AR="$(tc-getAR)" +} + +src_install() { + local DOCS=( debian/changelog THANKS TODO ) + default + + # https://bugs.gentoo.org/835520 + mv -v "${ED}"/usr/share/zsh/{vendor-completions,site-functions} || die + + # https://bugs.gentoo.org/840320 + insinto /etc/dpkg/origins + newins - gentoo <<-_EOF_ + Vendor: Gentoo + Vendor-URL: https://www.gentoo.org/ + Bugs: https://bugs.gentoo.org/ + _EOF_ + dosym gentoo /etc/dpkg/origins/default + + keepdir \ + /usr/$(get_libdir)/db/methods/{mnt,floppy,disk} \ + /var/lib/dpkg/{alternatives,info,parts,updates} + + find "${ED}" -name '*.la' -delete || die + + if ! use static-libs; then + find "${ED}" -name '*.a' -delete || die + fi +} diff --git a/app-arch/dpkg/dpkg-1.21.19.ebuild b/app-arch/dpkg/dpkg-1.21.19.ebuild new file mode 100644 index 000000000000..6a1d79854236 --- /dev/null +++ b/app-arch/dpkg/dpkg-1.21.19.ebuild @@ -0,0 +1,112 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit autotools toolchain-funcs + +DESCRIPTION="Package maintenance system for Debian" +HOMEPAGE="https://packages.qa.debian.org/dpkg" +SRC_URI="mirror://debian/pool/main/d/${PN}/${P/-/_}.tar.xz" + +LICENSE="GPL-2+" +SLOT="0" +#KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" +IUSE="+bzip2 +lzma nls selinux static-libs test +update-alternatives +zlib +zstd" +RESTRICT="!test? ( test )" + +RDEPEND=" + >=app-arch/gzip-1.7 + >=app-arch/tar-1.34-r1 + app-crypt/libmd + >=dev-lang/perl-5.14.2:= + sys-libs/ncurses:=[unicode(+)] + bzip2? ( app-arch/bzip2 ) + lzma? ( app-arch/xz-utils ) + nls? ( virtual/libintl ) + selinux? ( sys-libs/libselinux ) + zlib? ( >=sys-libs/zlib-1.1.4 ) + zstd? ( app-arch/zstd:= ) +" +DEPEND=" + ${RDEPEND} + app-arch/xz-utils + virtual/pkgconfig + test? ( + dev-perl/IO-String + dev-perl/Test-Pod + virtual/perl-Test-Harness + ) +" +BDEPEND=" + app-alternatives/lex + nls? ( + app-text/po4a + >=sys-devel/gettext-0.18.2 + ) +" +RDEPEND+=" selinux? ( sec-policy/selinux-dpkg )" + +PATCHES=( + "${FILESDIR}"/${PN}-1.18.12-flags.patch +) + +src_prepare() { + default + + sed -i -e 's|\<ar\>|${AR}|g' src/at/deb-format.at src/at/testsuite || die + + eautoreconf +} + +src_configure() { + tc-export AR CC + + local myconf=( + --disable-compiler-warnings + --disable-devel-docs + --disable-dselect + --disable-start-stop-daemon + --enable-unicode + --localstatedir="${EPREFIX}"/var + $(use_enable nls) + $(use_enable update-alternatives) + $(use_with bzip2 libbz2) + $(use_with lzma liblzma) + $(use_with selinux libselinux) + $(use_with zlib libz) + $(use_with zstd libzstd) + ) + + econf "${myconf[@]}" +} + +src_compile() { + emake AR="$(tc-getAR)" +} + +src_install() { + local DOCS=( debian/changelog THANKS TODO ) + default + + # https://bugs.gentoo.org/835520 + mv -v "${ED}"/usr/share/zsh/{vendor-completions,site-functions} || die + + # https://bugs.gentoo.org/840320 + insinto /etc/dpkg/origins + newins - gentoo <<-_EOF_ + Vendor: Gentoo + Vendor-URL: https://www.gentoo.org/ + Bugs: https://bugs.gentoo.org/ + _EOF_ + dosym gentoo /etc/dpkg/origins/default + + keepdir \ + /usr/$(get_libdir)/db/methods/{mnt,floppy,disk} \ + /var/lib/dpkg/{alternatives,info,parts,updates} + + find "${ED}" -name '*.la' -delete || die + + if ! use static-libs; then + find "${ED}" -name '*.a' -delete || die + fi +} diff --git a/app-arch/dpkg/files/dpkg-1.18.12-dpkg_buildpackage-test.patch b/app-arch/dpkg/files/dpkg-1.18.12-dpkg_buildpackage-test.patch deleted file mode 100644 index e9716758d41b..000000000000 --- a/app-arch/dpkg/files/dpkg-1.18.12-dpkg_buildpackage-test.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- a/scripts/Makefile.am -+++ b/scripts/Makefile.am -@@ -238,7 +238,6 @@ - t/Dpkg_Source_Package.t \ - t/Dpkg_Dist_Files.t \ - t/dpkg_source.t \ -- t/dpkg_buildpackage.t \ - t/merge_changelogs.t \ - t/mk.t \ - $(nil) diff --git a/app-arch/dpkg/files/dpkg-1.20.12-m4-stdio.patch b/app-arch/dpkg/files/dpkg-1.20.12-m4-stdio.patch new file mode 100644 index 000000000000..5124c54b43ed --- /dev/null +++ b/app-arch/dpkg/files/dpkg-1.20.12-m4-stdio.patch @@ -0,0 +1,25 @@ +From 9a1c670b66818fc0044eaa9a95a13da553bebcd3 Mon Sep 17 00:00:00 2001 +From: Georgy Yakovlev <gyakovlev@gentoo.org> +Date: Mon, 21 Nov 2022 23:09:59 -0800 +Subject: [PATCH] m4/dpkg-funcs.m4: include stdio.h in __progname conftest + +Bug: https://bugs.gentoo.org/869884 +--- + m4/dpkg-funcs.m4 | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/m4/dpkg-funcs.m4 b/m4/dpkg-funcs.m4 +index 74acf22..0720ac3 100644 +--- a/m4/dpkg-funcs.m4 ++++ b/m4/dpkg-funcs.m4 +@@ -142,6 +142,7 @@ AC_DEFUN([DPKG_CHECK_PROGNAME], [ + AC_MSG_CHECKING([for __progname]) + AC_LINK_IFELSE([ + AC_LANG_PROGRAM( ++ [[#include <stdio.h>]], + [[extern char *__progname;]], + [[printf("%s", __progname);]]) + ], [ +-- +2.38.1 + diff --git a/app-arch/dpkg/files/dpkg-1.20.9-CVE-2022-1664.patch b/app-arch/dpkg/files/dpkg-1.20.9-CVE-2022-1664.patch new file mode 100644 index 000000000000..aa1570148de1 --- /dev/null +++ b/app-arch/dpkg/files/dpkg-1.20.9-CVE-2022-1664.patch @@ -0,0 +1,324 @@ +From 58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5 Mon Sep 17 00:00:00 2001 +From: Guillem Jover <guillem@debian.org> +Date: Tue, 3 May 2022 02:09:32 +0200 +Subject: Dpkg::Source::Archive: Prevent directory traversal for in-place + extracts + +For untrusted v2 and v3 source package formats that include a debian.tar +archive, when we are extracting it, we do that as an in-place extraction, +which can lead to directory traversal situations on specially crafted +orig.tar and debian.tar tarballs. + +GNU tar replaces entries on the filesystem by the entries present on +the tarball, but it will follow symlinks when the symlink pathname +itself is not present as an actual directory on the tarball. + +This means we can create an orig.tar where there's a symlink pointing +out of the source tree root directory, and then a debian.tar that +contains an entry within that symlink as if it was a directory, without +a directory entry for the symlink pathname itself, which will be +extracted following the symlink outside the source tree root. + +This is currently noted as expected in GNU tar documentation. But even +if there was a new extraction mode avoiding this problem we'd need such +new version. Using perl's Archive::Tar would solve the problem, but +switching to such different pure perl implementation, could cause +compatibility or performance issues. + +What we do is when we are requested to perform an in-place extract, we +instead still use a temporary directory, then walk that directory and +remove any matching entry in the destination directory, replicating what +GNU tar would do, but in addition avoiding the directory traversal issue +for symlinks. Which should work with any tar implementation and be safe. + +Reported-by: Max Justicz <max@justi.cz> +Stable-Candidates: 1.18.x 1.19.x 1.20.x +Fixes: commit 0c0057a27fecccab77d2b3cffa9a7d172846f0b4 (1.14.17) +Fixes: CVE-2022-1664 +(cherry picked from commit 7a6c03cb34d4a09f35df2f10779cbf1b70a5200b) +--- + scripts/Dpkg/Source/Archive.pm | 122 +++++++++++++++++++++++++++++++--------- + scripts/t/Dpkg_Source_Archive.t | 110 +++++++++++++++++++++++++++++++++++- + 2 files changed, 204 insertions(+), 28 deletions(-) + +diff --git a/scripts/Dpkg/Source/Archive.pm b/scripts/Dpkg/Source/Archive.pm +index 33c181b20..2ddd04af8 100644 +--- a/scripts/Dpkg/Source/Archive.pm ++++ b/scripts/Dpkg/Source/Archive.pm +@@ -21,9 +21,11 @@ use warnings; + our $VERSION = '0.01'; + + use Carp; ++use Errno qw(ENOENT); + use File::Temp qw(tempdir); + use File::Basename qw(basename); + use File::Spec; ++use File::Find; + use Cwd; + + use Dpkg (); +@@ -110,19 +112,13 @@ sub extract { + my %spawn_opts = (wait_child => 1); + + # Prepare destination +- my $tmp; +- if ($opts{in_place}) { +- $spawn_opts{chdir} = $dest; +- $tmp = $dest; # So that fixperms call works +- } else { +- my $template = basename($self->get_filename()) . '.tmp-extract.XXXXX'; +- unless (-e $dest) { +- # Kludge so that realpath works +- mkdir($dest) or syserr(g_('cannot create directory %s'), $dest); +- } +- $tmp = tempdir($template, DIR => Cwd::realpath("$dest/.."), CLEANUP => 1); +- $spawn_opts{chdir} = $tmp; ++ my $template = basename($self->get_filename()) . '.tmp-extract.XXXXX'; ++ unless (-e $dest) { ++ # Kludge so that realpath works ++ mkdir($dest) or syserr(g_('cannot create directory %s'), $dest); + } ++ my $tmp = tempdir($template, DIR => Cwd::realpath("$dest/.."), CLEANUP => 1); ++ $spawn_opts{chdir} = $tmp; + + # Prepare stuff that handles the input of tar + $self->ensure_open('r', delete_sig => [ 'PIPE' ]); +@@ -145,22 +141,94 @@ sub extract { + # have to be calculated using mount options and other madness. + fixperms($tmp) unless $opts{no_fixperms}; + +- # Stop here if we extracted in-place as there's nothing to move around +- return if $opts{in_place}; +- +- # Rename extracted directory +- opendir(my $dir_dh, $tmp) or syserr(g_('cannot opendir %s'), $tmp); +- my @entries = grep { $_ ne '.' && $_ ne '..' } readdir($dir_dh); +- closedir($dir_dh); +- my $done = 0; +- erasedir($dest); +- if (scalar(@entries) == 1 && ! -l "$tmp/$entries[0]" && -d _) { +- rename("$tmp/$entries[0]", $dest) +- or syserr(g_('unable to rename %s to %s'), +- "$tmp/$entries[0]", $dest); ++ # If we are extracting "in-place" do not remove the destination directory. ++ if ($opts{in_place}) { ++ my $canon_basedir = Cwd::realpath($dest); ++ # On Solaris /dev/null points to /devices/pseudo/mm@0:null. ++ my $canon_devnull = Cwd::realpath('/dev/null'); ++ my $check_symlink = sub { ++ my $pathname = shift; ++ my $canon_pathname = Cwd::realpath($pathname); ++ if (not defined $canon_pathname) { ++ return if $! == ENOENT; ++ ++ syserr(g_("pathname '%s' cannot be canonicalized"), $pathname); ++ } ++ return if $canon_pathname eq $canon_devnull; ++ return if $canon_pathname eq $canon_basedir; ++ return if $canon_pathname =~ m{^\Q$canon_basedir/\E}; ++ warning(g_("pathname '%s' points outside source root (to '%s')"), ++ $pathname, $canon_pathname); ++ }; ++ ++ my $move_in_place = sub { ++ my $relpath = File::Spec->abs2rel($File::Find::name, $tmp); ++ my $destpath = File::Spec->catfile($dest, $relpath); ++ ++ my ($mode, $atime, $mtime); ++ lstat $File::Find::name ++ or syserr(g_('cannot get source pathname %s metadata'), $File::Find::name); ++ ((undef) x 2, $mode, (undef) x 5, $atime, $mtime) = lstat _; ++ my $src_is_dir = -d _; ++ ++ my $dest_exists = 1; ++ if (not lstat $destpath) { ++ if ($! == ENOENT) { ++ $dest_exists = 0; ++ } else { ++ syserr(g_('cannot get target pathname %s metadata'), $destpath); ++ } ++ } ++ my $dest_is_dir = -d _; ++ if ($dest_exists) { ++ if ($dest_is_dir && $src_is_dir) { ++ # Refresh the destination directory attributes with the ++ # ones from the tarball. ++ chmod $mode, $destpath ++ or syserr(g_('cannot change directory %s mode'), $File::Find::name); ++ utime $atime, $mtime, $destpath ++ or syserr(g_('cannot change directory %s times'), $File::Find::name); ++ ++ # We should do nothing, and just walk further tree. ++ return; ++ } elsif ($dest_is_dir) { ++ rmdir $destpath ++ or syserr(g_('cannot remove destination directory %s'), $destpath); ++ } else { ++ $check_symlink->($destpath); ++ unlink $destpath ++ or syserr(g_('cannot remove destination file %s'), $destpath); ++ } ++ } ++ # If we are moving a directory, we do not need to walk it. ++ if ($src_is_dir) { ++ $File::Find::prune = 1; ++ } ++ rename $File::Find::name, $destpath ++ or syserr(g_('cannot move %s to %s'), $File::Find::name, $destpath); ++ }; ++ ++ find({ ++ wanted => $move_in_place, ++ no_chdir => 1, ++ dangling_symlinks => 0, ++ }, $tmp); + } else { +- rename($tmp, $dest) +- or syserr(g_('unable to rename %s to %s'), $tmp, $dest); ++ # Rename extracted directory ++ opendir(my $dir_dh, $tmp) or syserr(g_('cannot opendir %s'), $tmp); ++ my @entries = grep { $_ ne '.' && $_ ne '..' } readdir($dir_dh); ++ closedir($dir_dh); ++ ++ erasedir($dest); ++ ++ if (scalar(@entries) == 1 && ! -l "$tmp/$entries[0]" && -d _) { ++ rename("$tmp/$entries[0]", $dest) ++ or syserr(g_('unable to rename %s to %s'), ++ "$tmp/$entries[0]", $dest); ++ } else { ++ rename($tmp, $dest) ++ or syserr(g_('unable to rename %s to %s'), $tmp, $dest); ++ } + } + erasedir($tmp); + } +diff --git a/scripts/t/Dpkg_Source_Archive.t b/scripts/t/Dpkg_Source_Archive.t +index 7b70da68e..504fbe1d4 100644 +--- a/scripts/t/Dpkg_Source_Archive.t ++++ b/scripts/t/Dpkg_Source_Archive.t +@@ -16,12 +16,120 @@ + use strict; + use warnings; + +-use Test::More tests => 1; ++use Test::More tests => 4; ++use Test::Dpkg qw(:paths); ++ ++use File::Spec; ++use File::Path qw(make_path rmtree); + + BEGIN { + use_ok('Dpkg::Source::Archive'); + } + ++use Dpkg; ++ ++my $tmpdir = test_get_temp_path(); ++ ++rmtree($tmpdir); ++ ++sub test_touch ++{ ++ my ($name, $data) = @_; ++ ++ open my $fh, '>', $name ++ or die "cannot touch file $name\n"; ++ print { $fh } $data if $data; ++ close $fh; ++} ++ ++sub test_path_escape ++{ ++ my $name = shift; ++ ++ my $treedir = File::Spec->rel2abs("$tmpdir/$name-tree"); ++ my $overdir = File::Spec->rel2abs("$tmpdir/$name-overlay"); ++ my $outdir = "$tmpdir/$name-out"; ++ my $expdir = "$tmpdir/$name-exp"; ++ ++ # This is the base directory, where we are going to be extracting stuff ++ # into, which include traps. ++ make_path("$treedir/subdir-a"); ++ test_touch("$treedir/subdir-a/file-a"); ++ test_touch("$treedir/subdir-a/file-pre-a"); ++ make_path("$treedir/subdir-b"); ++ test_touch("$treedir/subdir-b/file-b"); ++ test_touch("$treedir/subdir-b/file-pre-b"); ++ symlink File::Spec->abs2rel($outdir, $treedir), "$treedir/symlink-escape"; ++ symlink File::Spec->abs2rel("$outdir/nonexistent", $treedir), "$treedir/symlink-nonexistent"; ++ symlink "$treedir/file", "$treedir/symlink-within"; ++ test_touch("$treedir/supposed-dir"); ++ ++ # This is the overlay directory, which we'll pack and extract over the ++ # base directory. ++ make_path($overdir); ++ make_path("$overdir/subdir-a/aa"); ++ test_touch("$overdir/subdir-a/aa/file-aa", 'aa'); ++ test_touch("$overdir/subdir-a/file-a", 'a'); ++ make_path("$overdir/subdir-b/bb"); ++ test_touch("$overdir/subdir-b/bb/file-bb", 'bb'); ++ test_touch("$overdir/subdir-b/file-b", 'b'); ++ make_path("$overdir/symlink-escape"); ++ test_touch("$overdir/symlink-escape/escaped-file", 'escaped'); ++ test_touch("$overdir/symlink-nonexistent", 'nonexistent'); ++ make_path("$overdir/symlink-within"); ++ make_path("$overdir/supposed-dir"); ++ test_touch("$overdir/supposed-dir/supposed-file", 'something'); ++ ++ # Generate overlay tar. ++ system($Dpkg::PROGTAR, '-cf', "$overdir.tar", '-C', $overdir, qw( ++ subdir-a subdir-b ++ symlink-escape/escaped-file symlink-nonexistent symlink-within ++ supposed-dir ++ )) == 0 ++ or die "cannot create overlay tar archive\n"; ++ ++ # This is the expected directory, which we'll be comparing against. ++ make_path($expdir); ++ system('cp', '-a', $overdir, $expdir) == 0 ++ or die "cannot copy overlay hierarchy into expected directory\n"; ++ ++ # Store the expected and out reference directories into a tar to compare ++ # its structure against the result reference. ++ system($Dpkg::PROGTAR, '-cf', "$expdir.tar", '-C', $overdir, qw( ++ subdir-a subdir-b ++ symlink-escape/escaped-file symlink-nonexistent symlink-within ++ supposed-dir ++ ), '-C', $treedir, qw( ++ subdir-a/file-pre-a ++ subdir-b/file-pre-b ++ )) == 0 ++ or die "cannot create expected tar archive\n"; ++ ++ # This directory is supposed to remain empty, anything inside implies a ++ # directory traversal. ++ make_path($outdir); ++ ++ my $warnseen; ++ local $SIG{__WARN__} = sub { $warnseen = $_[0] }; ++ ++ # Perform the extraction. ++ my $tar = Dpkg::Source::Archive->new(filename => "$overdir.tar"); ++ $tar->extract($treedir, in_place => 1); ++ ++ # Store the result into a tar to compare its structure against a reference. ++ system($Dpkg::PROGTAR, '-cf', "$treedir.tar", '-C', $treedir, '.'); ++ ++ # Check results ++ ok(length $warnseen && $warnseen =~ m/points outside source root/, ++ 'expected warning seen'); ++ ok(system($Dpkg::PROGTAR, '--compare', '-f', "$expdir.tar", '-C', $treedir) == 0, ++ 'expected directory matches'); ++ ok(! -e "$outdir/escaped-file", ++ 'expected output directory is empty, directory traversal'); ++} ++ ++test_path_escape('in-place'); ++ + # TODO: Add actual test cases. + + 1; +-- +cgit v1.2.3 + diff --git a/app-arch/dpkg/files/dpkg-1.21.15-arch_pm.patch b/app-arch/dpkg/files/dpkg-1.21.15-arch_pm.patch new file mode 100644 index 000000000000..5982336a3574 --- /dev/null +++ b/app-arch/dpkg/files/dpkg-1.21.15-arch_pm.patch @@ -0,0 +1,32 @@ +https://bugs.gentoo.org/876031 +https://git.yoctoproject.org/poky/tree/meta/recipes-devtools/dpkg/dpkg/arch_pm.patch + +configure cannot determine the proper cpu, os, or +architecture for mips64, and possibly other arch's +because of faulty code added to Arch.pm in the latest +release from upstream. We remove that code. + +Upstream-Status: Pending + +Signed-off-by: Joe Slater <jslater@windriver.com> + +--- + scripts/Dpkg/Arch.pm | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/scripts/Dpkg/Arch.pm b/scripts/Dpkg/Arch.pm +index 1720847b8..6345ce3b9 100644 +--- a/scripts/Dpkg/Arch.pm ++++ b/scripts/Dpkg/Arch.pm +@@ -323,9 +323,6 @@ sub _load_tupletable() + (my $dt = $debtuple) =~ s/<cpu>/$_cpu/; + (my $da = $debarch) =~ s/<cpu>/$_cpu/; + +- next if exists $debarch_to_debtuple{$da} +- or exists $debtuple_to_debarch{$dt}; +- + $debarch_to_debtuple{$da} = $dt; + $debtuple_to_debarch{$dt} = $da; + } +-- +2.11.0 diff --git a/app-arch/dpkg/files/dpkg-1.21.15-buf-overflow.patch b/app-arch/dpkg/files/dpkg-1.21.15-buf-overflow.patch new file mode 100644 index 000000000000..864d57b98a5c --- /dev/null +++ b/app-arch/dpkg/files/dpkg-1.21.15-buf-overflow.patch @@ -0,0 +1,45 @@ +From 5356621172d669d8f62e7e746a6c7a11345aec4e Mon Sep 17 00:00:00 2001 +From: Guillem Jover <guillem@debian.org> +Date: Tue, 3 Jan 2023 23:29:05 +0100 +Subject: dpkg-deb: Fix buffer overflow on long directory names with old deb + formats + +The handling for deb 0.x formats that relocates files around once +extracted was using a buffer with a hardcoded size, not taking into +account the length of the directory which would overflow it. + +Switch to use a dynamically allocated buffer to handle any destination +directory length. + +Reported-by: Georgy Yakovlev <gyakovlev@gentoo.org> +--- + src/deb/extract.c | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/src/deb/extract.c b/src/deb/extract.c +index a09853962..6466fa6f2 100644 +--- a/src/deb/extract.c ++++ b/src/deb/extract.c +@@ -53,15 +53,16 @@ + static void + movecontrolfiles(const char *dir, const char *thing) + { +- char buf[200]; ++ char *cmd; + pid_t pid; + +- sprintf(buf, "mv %s/%s/* %s/ && rmdir %s/%s", dir, thing, dir, dir, thing); ++ cmd = str_fmt("mv %s/%s/* %s/ && rmdir %s/%s", dir, thing, dir, dir, thing); + pid = subproc_fork(); + if (pid == 0) { +- command_shell(buf, _("shell command to move files")); ++ command_shell(cmd, _("shell command to move files")); + } + subproc_reap(pid, _("shell command to move files"), 0); ++ free(cmd); + } + + static void DPKG_ATTR_NORET +-- +cgit v1.2.3 + diff --git a/app-arch/dpkg/metadata.xml b/app-arch/dpkg/metadata.xml index bfb9769e554a..9511a3ee6146 100644 --- a/app-arch/dpkg/metadata.xml +++ b/app-arch/dpkg/metadata.xml @@ -1,10 +1,7 @@ <?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> <pkgmetadata> - <maintainer type="person"> - <email>gyakovlev@gentoo.org</email> - <name>Georgy Yakovlev</name> - </maintainer> + <!-- maintainer-needed --> <use> <flag name="libmd">Use <pkg>app-crypt/libmd</pkg> library for message digest functions</flag> <flag name="update-alternatives">Install update-alternatives</flag> |