bzip2: 1.0.6.0.2 -> 1.0.8
Use latest upstream version, yoink updated autoconf patch from SUSE. Might fix unpacking some very cursed files. Dropped security patches applied upstream (see https://sourceware.org/bzip2/CHANGES).
This commit is contained in:
parent
4d4b4f2dbb
commit
527595cc20
3 changed files with 12 additions and 46 deletions
|
@ -1,12 +0,0 @@
|
|||
diff --git a/bzip2recover.c b/bzip2recover.c
|
||||
index f9de049..252c1b7 100644
|
||||
--- a/bzip2recover.c
|
||||
+++ b/bzip2recover.c
|
||||
@@ -457,6 +457,7 @@ Int32 main ( Int32 argc, Char** argv )
|
||||
bsPutUChar ( bsWr, 0x50 ); bsPutUChar ( bsWr, 0x90 );
|
||||
bsPutUInt32 ( bsWr, blockCRC );
|
||||
bsClose ( bsWr );
|
||||
+ outFile = NULL;
|
||||
}
|
||||
if (wrBlock >= rbCtr) break;
|
||||
wrBlock++;
|
|
@ -1,13 +0,0 @@
|
|||
https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d
|
||||
diff --git a/decompress.c b/decompress.c
|
||||
--- a/decompress.c
|
||||
+++ b/decompress.c
|
||||
@@ -287,7 +287,7 @@
|
||||
GET_BITS(BZ_X_SELECTOR_1, nGroups, 3);
|
||||
if (nGroups < 2 || nGroups > 6) RETURN(BZ_DATA_ERROR);
|
||||
GET_BITS(BZ_X_SELECTOR_2, nSelectors, 15);
|
||||
- if (nSelectors < 1) RETURN(BZ_DATA_ERROR);
|
||||
+ if (nSelectors < 1 || nSelectors > BZ_MAX_SELECTORS) RETURN(BZ_DATA_ERROR);
|
||||
for (i = 0; i < nSelectors; i++) {
|
||||
j = 0;
|
||||
while (True) {
|
|
@ -10,34 +10,25 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "bzip2";
|
||||
version = "1.0.6.0.2";
|
||||
version = "1.0.8";
|
||||
|
||||
/* We use versions patched to use autotools style properly,
|
||||
saving lots of trouble. */
|
||||
src = fetchurl {
|
||||
urls = map
|
||||
(prefix: prefix + "/people/sbrabec/bzip2/tarballs/${pname}-${version}.tar.gz")
|
||||
[
|
||||
"http://ftp.uni-kl.de/pub/linux/suse"
|
||||
"ftp://ftp.hs.uni-hamburg.de/pub/mirrors/suse"
|
||||
"ftp://ftp.mplayerhq.hu/pub/linux/suse"
|
||||
"http://ftp.suse.com/pub" # the original patched version but slow
|
||||
];
|
||||
sha256 = "sha256-FnhwNy4OHe8d5M6iYCClkxzcB/EHXg0veXwv43ZlxbA=";
|
||||
url = "https://sourceware.org/pub/bzip2/bzip2-${version}.tar.gz";
|
||||
sha256 = "sha256-q1oDF27hBtPw+pDjgdpHjdrkBZGBU8yiSOaCzQxKImk=";
|
||||
};
|
||||
|
||||
patchFlags = ["-p0"];
|
||||
|
||||
patches = [
|
||||
(fetchurl {
|
||||
url = "https://ftp.suse.com/pub/people/sbrabec/bzip2/for_downstream/bzip2-1.0.6.2-autoconfiscated.patch";
|
||||
sha256 = "sha256-QMufl6ffJVVVVZespvkCbFpB6++R1lnq1687jEsUjr0=";
|
||||
})
|
||||
];
|
||||
|
||||
strictDeps = true;
|
||||
nativeBuildInputs = [ autoreconfHook ];
|
||||
|
||||
patches = [
|
||||
./CVE-2016-3189.patch
|
||||
./cve-2019-12900.patch
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
sed -i -e '/<sys\\stat\.h>/s|\\|/|' bzip2.c
|
||||
'';
|
||||
|
||||
outputs = [ "bin" "dev" "out" "man" ];
|
||||
|
||||
configureFlags =
|
||||
|
|
Loading…
Reference in a new issue