diff options
author | Sergei Trofimovich <slyfox@gentoo.org> | 2017-03-25 16:07:40 +0000 |
---|---|---|
committer | Sergei Trofimovich <slyfox@gentoo.org> | 2017-03-25 16:07:40 +0000 |
commit | 83209f33a128ec7f48adbfad813cfbc13a2fd444 (patch) | |
tree | 0cb1718468be78966008a9150bfb0f20d52af8f1 /dev-libs/capstone/capstone-3.0.5_rc2.ebuild | |
parent | sys-fs/btrfs-progs: bump up to 4.9.1 and 4.10, bug #612464 (diff) | |
download | gentoo-83209f33a128ec7f48adbfad813cfbc13a2fd444.tar.gz gentoo-83209f33a128ec7f48adbfad813cfbc13a2fd444.tar.bz2 gentoo-83209f33a128ec7f48adbfad813cfbc13a2fd444.zip |
dev-libs/capstone: bump up to 3.0.5-rc2, fix CVE-2017-6952, bug #612912
I don't believe 3.0.4 is affected:
- it's a vulnerability in windows kernel driver. Not something you can easily build in gentoo today as it requires MSVS to build a driver
- the windows code was added in capstone-3.0.5-rc1. It's not present in 3.0.4 in gentoo at all
But not to forget about the vulnerability on next bump
I'm bumping up to vilnerable release candidate and applying
the upstream patch to fix CVE-2017-6952.
Reported-by: Agostino Sarubbo
Bug: https://bugs.gentoo.org/612912
Package-Manager: Portage-2.3.5, Repoman-2.3.2
Diffstat (limited to 'dev-libs/capstone/capstone-3.0.5_rc2.ebuild')
-rw-r--r-- | dev-libs/capstone/capstone-3.0.5_rc2.ebuild | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/dev-libs/capstone/capstone-3.0.5_rc2.ebuild b/dev-libs/capstone/capstone-3.0.5_rc2.ebuild new file mode 100644 index 000000000000..80fb03207d64 --- /dev/null +++ b/dev-libs/capstone/capstone-3.0.5_rc2.ebuild @@ -0,0 +1,44 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit toolchain-funcs + +DESCRIPTION="disassembly/disassembler framework + bindings" +HOMEPAGE="http://www.capstone-engine.org/" +SRC_URI="https://github.com/aquynh/${PN}/archive/${PV/_rc/-rc}.tar.gz -> ${P}.tar.gz" + +LICENSE="BSD" +SLOT="0/3" # libcapstone.so.3 +KEYWORDS="~amd64 ~arm ~x86" + +RDEPEND="" +DEPEND="${RDEPEND}" + +PATCHES=( + "${FILESDIR}"/${P}-CVE-2017-6952.patch + "${FILESDIR}"/${P}-FLAGS.patch +) + +S=${WORKDIR}/${P/_rc/-rc} + +src_configure() { + { + cat <<-EOF + # Gentoo overrides: + # verbose build + V = 1 + # toolchain + AR = $(tc-getAR) + CC = $(tc-getCC) + RANLIB = $(tc-getRANLIB) + # toolchain flags + CFLAGS = ${CFLAGS} + LDFLAGS = ${LDFLAGS} + # libs + LIBDIRARCH = $(get_libdir) + EOF + } >> config.mk || die + +} |