diff options
author | K900 <me@0upti.me> | 2022-07-12 11:50:56 +0300 |
---|---|---|
committer | K900 <me@0upti.me> | 2022-07-12 21:16:20 +0300 |
commit | 527595cc2068eb3502bbaf760faee2566ae639ab (patch) | |
tree | dc07dde66b072978210462781d6922c9dd05851e | |
parent | 4d4b4f2dbb5fce1f9413b3bb87f511b876a2020d (diff) |
bzip2: 1.0.6.0.2 -> 1.0.8
Use latest upstream version, yoink updated autoconf patch from SUSE. Might fix unpacking some very cursed files. Dropped security patches applied upstream (see https://sourceware.org/bzip2/CHANGES).
-rw-r--r-- | pkgs/tools/compression/bzip2/CVE-2016-3189.patch | 12 | ||||
-rw-r--r-- | pkgs/tools/compression/bzip2/cve-2019-12900.patch | 13 | ||||
-rw-r--r-- | pkgs/tools/compression/bzip2/default.nix | 29 |
3 files changed, 10 insertions, 44 deletions
diff --git a/pkgs/tools/compression/bzip2/CVE-2016-3189.patch b/pkgs/tools/compression/bzip2/CVE-2016-3189.patch deleted file mode 100644 index eff324b325031..0000000000000 --- a/pkgs/tools/compression/bzip2/CVE-2016-3189.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff --git a/bzip2recover.c b/bzip2recover.c -index f9de049..252c1b7 100644 ---- a/bzip2recover.c -+++ b/bzip2recover.c -@@ -457,6 +457,7 @@ Int32 main ( Int32 argc, Char** argv ) - bsPutUChar ( bsWr, 0x50 ); bsPutUChar ( bsWr, 0x90 ); - bsPutUInt32 ( bsWr, blockCRC ); - bsClose ( bsWr ); -+ outFile = NULL; - } - if (wrBlock >= rbCtr) break; - wrBlock++; diff --git a/pkgs/tools/compression/bzip2/cve-2019-12900.patch b/pkgs/tools/compression/bzip2/cve-2019-12900.patch deleted file mode 100644 index bf3d13a7a6915..0000000000000 --- a/pkgs/tools/compression/bzip2/cve-2019-12900.patch +++ /dev/null @@ -1,13 +0,0 @@ -https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d -diff --git a/decompress.c b/decompress.c ---- a/decompress.c -+++ b/decompress.c -@@ -287,7 +287,7 @@ - GET_BITS(BZ_X_SELECTOR_1, nGroups, 3); - if (nGroups < 2 || nGroups > 6) RETURN(BZ_DATA_ERROR); - GET_BITS(BZ_X_SELECTOR_2, nSelectors, 15); -- if (nSelectors < 1) RETURN(BZ_DATA_ERROR); -+ if (nSelectors < 1 || nSelectors > BZ_MAX_SELECTORS) RETURN(BZ_DATA_ERROR); - for (i = 0; i < nSelectors; i++) { - j = 0; - while (True) { diff --git a/pkgs/tools/compression/bzip2/default.nix b/pkgs/tools/compression/bzip2/default.nix index 3dd3632711c3d..dafd6a6070dfc 100644 --- a/pkgs/tools/compression/bzip2/default.nix +++ b/pkgs/tools/compression/bzip2/default.nix @@ -10,33 +10,24 @@ stdenv.mkDerivation rec { pname = "bzip2"; - version = "1.0.6.0.2"; + version = "1.0.8"; - /* We use versions patched to use autotools style properly, - saving lots of trouble. */ src = fetchurl { - urls = map - (prefix: prefix + "/people/sbrabec/bzip2/tarballs/${pname}-${version}.tar.gz") - [ - "http://ftp.uni-kl.de/pub/linux/suse" - "ftp://ftp.hs.uni-hamburg.de/pub/mirrors/suse" - "ftp://ftp.mplayerhq.hu/pub/linux/suse" - "http://ftp.suse.com/pub" # the original patched version but slow - ]; - sha256 = "sha256-FnhwNy4OHe8d5M6iYCClkxzcB/EHXg0veXwv43ZlxbA="; + url = "https://sourceware.org/pub/bzip2/bzip2-${version}.tar.gz"; + sha256 = "sha256-q1oDF27hBtPw+pDjgdpHjdrkBZGBU8yiSOaCzQxKImk="; }; - strictDeps = true; - nativeBuildInputs = [ autoreconfHook ]; + patchFlags = ["-p0"]; patches = [ - ./CVE-2016-3189.patch - ./cve-2019-12900.patch + (fetchurl { + url = "https://ftp.suse.com/pub/people/sbrabec/bzip2/for_downstream/bzip2-1.0.6.2-autoconfiscated.patch"; + sha256 = "sha256-QMufl6ffJVVVVZespvkCbFpB6++R1lnq1687jEsUjr0="; + }) ]; - postPatch = '' - sed -i -e '/<sys\\stat\.h>/s|\\|/|' bzip2.c - ''; + strictDeps = true; + nativeBuildInputs = [ autoreconfHook ]; outputs = [ "bin" "dev" "out" "man" ]; |