ports/102708: security update to linux_base-suse-9.2 port
Trevor Johnson
trevor at FreeBSD.org
Wed Aug 30 23:50:20 UTC 2006
>Number: 102708
>Category: ports
>Synopsis: security update to linux_base-suse-9.2 port
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Wed Aug 30 23:50:18 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Trevor Johnson
>Release:
>Organization:
>Environment:
>Description:
Update the bzip2 RPM (description from the INDEX file provided by Novell):
bzip2 could crash or run into an enless loop when decompressing
certain specially crafted archives. This problem has been fixed.
(CAN-2005-1260)
An advisory is at
<url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1260>.
Update the coreutils RPM (description from the INDEX file provided by Novell):
Fix a bug in the cp and mv utilities that cause them to terminate
with a segmentation fault when copying extended attributes fails.
Update the zlib RPM:
The previous zlib update for CAN-2005-2096 fixed a flaw in zlib that
could allow a carefully crafted compressed stream to crash an
application. While the original patch corrected the reported
overflow, Markus Oberhumer discovered additional ways a stream could
trigger an overflow. This update fixes those problems as well.
This issue is tracked by the Mitre CVE ID CAN-2005-1849.
Since only zlib 1.2.x is affected, older SUSE products are not
affected by this problem.
--<url:http://www.novell.com/linux/security/advisories/2005_43_zlib.html>
Add linux_base-8 and linux_base-suse-9.3 to CONFLICTS.
Remove quotes from RESTRICTED line (portlint).
Take maintainership.
Remove deprecation.
Remove duplicate $FreeBSD$ tag.
Increment PORTREVISION to 2.
>How-To-Repeat:
>Fix:
Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/emulators/linux_base-suse-9.2/Makefile,v
retrieving revision 1.97
diff -u -r1.97 Makefile
--- Makefile 17 Jun 2006 09:28:02 -0000 1.97
+++ Makefile 30 Aug 2006 19:12:53 -0000
@@ -9,7 +9,7 @@
PORTNAME= linux_base-suse
PORTVERSION= 9.2
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= emulators linux
MASTER_SITES= ${MASTER_SITE_SUSE} ${MASTER_SITE_SUSE:S/$/:update/}
MASTER_SITE_SUBDIR= i386/9.2/suse/i586 i386/update/9.2/rpm/i586/:update
@@ -25,13 +25,13 @@
bash-3.0-8.2.i586.rpm:update \
ncurses-5.4-65.i586.rpm \
readline-5.0-1.2.i586.rpm:update \
- zlib-1.2.1-74.i586.rpm \
- bzip2-1.0.2-347.i586.rpm \
+ zlib-1.2.1-74.4.i586.rpm:update \
+ bzip2-1.0.2-347.3.i586.rpm:update \
libzio-0.1-4.i586.rpm \
info-4.7-6.i586.rpm \
grep-2.5.1-431.i586.rpm \
desktop-file-utils-0.7-2.1.i586.rpm \
- coreutils-5.2.1-32.i586.rpm \
+ coreutils-5.2.1-32.2.i586.rpm:update \
popt-1.7-190.i586.rpm \
insserv-1.00.5-6.2.i586.rpm \
setserial-2.17-579.i586.rpm \
@@ -43,19 +43,16 @@
libgcc-3.3.4-11.i586.rpm \
termcap-2.0.8-878.i586.rpm
-MAINTAINER= ports at FreeBSD.org
+MAINTAINER= trevor at FreeBSD.org
COMMENT= Basic packages for Linux mode from SUSE 9.2/i386
EXTRACT_DEPENDS= rpm:${PORTSDIR}/archivers/rpm
-CONFLICTS= linux_base-7* linux_base-debian* linux_base-fc* \
- linux_base-gentoo* linux_base-rh* linux_base-suse-9.1*
+CONFLICTS= linux_base-7* linux_base-8* linux_base-debian* \
+ linux_base-fc* linux_base-gentoo* linux_base-rh* \
+ linux_base-suse-9.1* linux_base-suse-9.3*
-DEPRECATED= unmaintained and does not comply to the linux_base invariants
-EXPIRATION_DATE=2006-09-01
-IGNORE= ${DEPRECATED}
-
-RESTRICTED= "binaries under GNU GPL: http://www.gnu.org/licenses/gpl.txt"
+RESTRICTED= binaries under GNU GPL: http://www.gnu.org/licenses/gpl.txt
ONLY_FOR_ARCHS= amd64 i386
DIST_SUBDIR= rpm/i386/suse/9.2
PREFIX= ${LINUXBASE}
Index: distinfo
===================================================================
RCS file: /home/ncvs/ports/emulators/linux_base-suse-9.2/distinfo,v
retrieving revision 1.22
diff -u -r1.22 distinfo
--- distinfo 22 Jan 2006 09:47:23 -0000 1.22
+++ distinfo 30 Aug 2006 19:13:44 -0000
@@ -31,12 +31,12 @@
MD5 (rpm/i386/suse/9.2/readline-5.0-1.2.i586.rpm) = 44b6eb67921d1833682d1b3fc26fb19a
SHA256 (rpm/i386/suse/9.2/readline-5.0-1.2.i586.rpm) = af42e7e5a49de147112b0ae8ff6ec220bff449ed2217aad7a13207d2f2cd7e1d
SIZE (rpm/i386/suse/9.2/readline-5.0-1.2.i586.rpm) = 173935
-MD5 (rpm/i386/suse/9.2/zlib-1.2.1-74.i586.rpm) = fd6300d65994f13b479161cb6930f6c9
-SHA256 (rpm/i386/suse/9.2/zlib-1.2.1-74.i586.rpm) = c4ffb042af2219abcc4661e16dda28f7339422be368c7f7f207b057a10274a43
-SIZE (rpm/i386/suse/9.2/zlib-1.2.1-74.i586.rpm) = 63579
-MD5 (rpm/i386/suse/9.2/bzip2-1.0.2-347.i586.rpm) = 8468ec523c33d4559fb967ec916c2628
-SHA256 (rpm/i386/suse/9.2/bzip2-1.0.2-347.i586.rpm) = 6364ba6235701f8c7ea30ff8fe272e340351cb3bc62164d21f21534c2ea615b8
-SIZE (rpm/i386/suse/9.2/bzip2-1.0.2-347.i586.rpm) = 221859
+MD5 (rpm/i386/suse/9.2/zlib-1.2.1-74.4.i586.rpm) = 0d48ecb24fe312086b7c2b0c5a038d9a
+SHA256 (rpm/i386/suse/9.2/zlib-1.2.1-74.4.i586.rpm) = 272616ec96dd3e69b761fadb038ac58d639091ac43862c725e951a5b218a0698
+SIZE (rpm/i386/suse/9.2/zlib-1.2.1-74.4.i586.rpm) = 63815
+MD5 (rpm/i386/suse/9.2/bzip2-1.0.2-347.3.i586.rpm) = 6c7b2a8fb06a087c280c16abadef0537
+SHA256 (rpm/i386/suse/9.2/bzip2-1.0.2-347.3.i586.rpm) = ff83d8e0849b4a2b53d4d713e287bd2f508165258992f353cc563a7d5fe321b4
+SIZE (rpm/i386/suse/9.2/bzip2-1.0.2-347.3.i586.rpm) = 222140
MD5 (rpm/i386/suse/9.2/libzio-0.1-4.i586.rpm) = 277f05b2ecd45a2b0088c7e045124297
SHA256 (rpm/i386/suse/9.2/libzio-0.1-4.i586.rpm) = 4edc8414a8944bad0d03ca28e4f74eaf0839145dc49f3efa338fce0b87c73359
SIZE (rpm/i386/suse/9.2/libzio-0.1-4.i586.rpm) = 17991
@@ -49,9 +49,9 @@
MD5 (rpm/i386/suse/9.2/desktop-file-utils-0.7-2.1.i586.rpm) = 53c1872498adea24084ffe12b167aab3
SHA256 (rpm/i386/suse/9.2/desktop-file-utils-0.7-2.1.i586.rpm) = bfe622fe46bce432f4c12989e549aaf665bd487640c27fd174a285eb62b67e34
SIZE (rpm/i386/suse/9.2/desktop-file-utils-0.7-2.1.i586.rpm) = 174729
-MD5 (rpm/i386/suse/9.2/coreutils-5.2.1-32.i586.rpm) = f5f8fed7738007df5db3374a2d61c148
-SHA256 (rpm/i386/suse/9.2/coreutils-5.2.1-32.i586.rpm) = 7de988d7b8148d545c1877b7c7e726601582e3e843a3ca253d59d0028c5cf639
-SIZE (rpm/i386/suse/9.2/coreutils-5.2.1-32.i586.rpm) = 1984866
+MD5 (rpm/i386/suse/9.2/coreutils-5.2.1-32.2.i586.rpm) = f6729310dd10e88cb5bffe738d17c42e
+SHA256 (rpm/i386/suse/9.2/coreutils-5.2.1-32.2.i586.rpm) = 9cee45bf97545457da4f93f44fc4970982c8d10ab913daac5bccb6998b7a146b
+SIZE (rpm/i386/suse/9.2/coreutils-5.2.1-32.2.i586.rpm) = 1985052
MD5 (rpm/i386/suse/9.2/popt-1.7-190.i586.rpm) = 248ef2cc0513b505eab464e4641f45ed
SHA256 (rpm/i386/suse/9.2/popt-1.7-190.i586.rpm) = 91042f632184ea2df144c67de123b8c686ed6348a1ef6df3d0050c9d32012201
SIZE (rpm/i386/suse/9.2/popt-1.7-190.i586.rpm) = 56646
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list