summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Deutschmann <whissi@gentoo.org>2020-06-19 01:32:54 +0200
committerThomas Deutschmann <whissi@gentoo.org>2020-06-19 01:32:54 +0200
commit4c49af6fe414f41fc3e98375ecdf152b06204793 (patch)
tree357fc14242dad913cea255c6b0b5fd27015b44df /app-cdr
parentRevert "app-cdr/bchunk: drop vulnerable" (diff)
downloadgentoo-4c49af6fe414f41fc3e98375ecdf152b06204793.tar.gz
gentoo-4c49af6fe414f41fc3e98375ecdf152b06204793.tar.bz2
gentoo-4c49af6fe414f41fc3e98375ecdf152b06204793.zip
app-cdr/bchunk: security cleanup
Bug: https://bugs.gentoo.org/635898 Package-Manager: Portage-2.3.101, Repoman-2.3.22 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
Diffstat (limited to 'app-cdr')
-rw-r--r--app-cdr/bchunk/Manifest1
-rw-r--r--app-cdr/bchunk/bchunk-1.2.0-r4.ebuild21
-rw-r--r--app-cdr/bchunk/files/CVE-2017-15953.patch25
-rw-r--r--app-cdr/bchunk/files/CVE-2017-15955.patch32
4 files changed, 0 insertions, 79 deletions
diff --git a/app-cdr/bchunk/Manifest b/app-cdr/bchunk/Manifest
index 33c44124be2d..14065d2ae0b9 100644
--- a/app-cdr/bchunk/Manifest
+++ b/app-cdr/bchunk/Manifest
@@ -1,2 +1 @@
-DIST bchunk-1.2.0.tar.gz 15078 BLAKE2B 60d443380ffaa8dd1d025777c91c1374a931f16c8de2219a4ff453ee4d7c6eb235b2380ce1021911636d247a12640214dc40b29f9c9cf917ff4bc4594f189fc4 SHA512 0e1f9daa2dfeff58e2c65ac2767bff804811fa22f70a220747aa873cb01b77b4c6a809736483aa22fb3f2d2a88885469d10fb45af4626069e992a0763a5fcc2d
DIST bchunk-1.2.2.tar.gz 15359 BLAKE2B f3d65392305ea0cc3e8a3b8449beb7bebd23f614445f44350d66fd2104db89e17fcf03f6e01144d0da2c145e2c227bb5385f67dc2d443e38b49754349c549f8f SHA512 94fcc1dea3a38a907b3f209c20f3de54028cc34bf8964d1dccf94faf3ca3851270cc8e052c29a3f04c60e525c029ebfb1c3c04fa85525e20273ac8d72cb317c8
diff --git a/app-cdr/bchunk/bchunk-1.2.0-r4.ebuild b/app-cdr/bchunk/bchunk-1.2.0-r4.ebuild
deleted file mode 100644
index 4a9f09de1193..000000000000
--- a/app-cdr/bchunk/bchunk-1.2.0-r4.ebuild
+++ /dev/null
@@ -1,21 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="6"
-
-DESCRIPTION="Convert CD images from bin/cue to iso+wav/cdr"
-HOMEPAGE="http://he.fi/bchunk/"
-SRC_URI="http://he.fi/bchunk/${P}.tar.gz"
-
-LICENSE="GPL-2+"
-SLOT="0"
-KEYWORDS="amd64 ppc ppc64 ~sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~x86-solaris"
-
-DOCS=( "${P}.lsm" "${PN}.spec" README ChangeLog )
-PATCHES=( "${FILESDIR}/CVE-2017-15953.patch" "${FILESDIR}/CVE-2017-15955.patch" )
-
-src_install() {
- dobin "${PN}"
- doman "${PN}.1"
- einstalldocs
-}
diff --git a/app-cdr/bchunk/files/CVE-2017-15953.patch b/app-cdr/bchunk/files/CVE-2017-15953.patch
deleted file mode 100644
index f78bb7178af2..000000000000
--- a/app-cdr/bchunk/files/CVE-2017-15953.patch
+++ /dev/null
@@ -1,25 +0,0 @@
---- a/bchunk.c 2017-10-30 18:03:58.658741629 +0000
-+++ b/bchunk.c 2017-10-30 19:40:25.558131619 +0000
-@@ -18,6 +18,7 @@
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
-
-+#define _GNU_SOURCE
- #include <stdio.h>
- #include <stdlib.h>
- #include <string.h>
-@@ -271,11 +272,10 @@
- int16_t i;
- float fl;
-
-- if (!(fname = malloc(strlen(bname) + 8))) {
-- fprintf(stderr, "main(): malloc() failed, out of memory\n");
-+ if (asprintf(&fname, "%s%2.2d.%s", bname, track->num, track->extension) == -1) {
-+ fprintf(stderr, "writetrack(): asprintf() failed, out of memory\n");
- exit(4);
- }
-- sprintf(fname, "%s%2.2d.%s", bname, track->num, track->extension);
-
- printf("%2d: %s ", track->num, fname);
-
-
diff --git a/app-cdr/bchunk/files/CVE-2017-15955.patch b/app-cdr/bchunk/files/CVE-2017-15955.patch
deleted file mode 100644
index 85797fe020af..000000000000
--- a/app-cdr/bchunk/files/CVE-2017-15955.patch
+++ /dev/null
@@ -1,32 +0,0 @@
---- a/bchunk.c 2017-10-30 18:03:58.658741629 +0000
-+++ b/bchunk.c 2017-10-30 19:17:36.732855884 +0000
-@@ -426,11 +426,11 @@
- printf("\nTrack ");
- if (!(p = strchr(p, ' '))) {
- fprintf(stderr, "... ouch, no space after TRACK.\n");
-- continue;
-+ exit(3);
- }
- p++;
- if (!(t = strchr(p, ' '))) {
- fprintf(stderr, "... ouch, no space after track number.\n");
-- continue;
-+ exit(3);
- }
- *t = '\0';
-
-@@ -460,12 +460,12 @@
- } else if ((p = strstr(s, "INDEX"))) {
- if (!(p = strchr(p, ' '))) {
- printf("... ouch, no space after INDEX.\n");
-- continue;
-+ exit(3);
- }
- p++;
- if (!(t = strchr(p, ' '))) {
- printf("... ouch, no space after index number.\n");
-- continue;
-+ exit(3);
- }
- *t = '\0';
- t++; \ No newline at end of file