Add patch to fix security bug #165606.

Package-Manager: portage-2.1.2-r8
author: Diego Elio Pettenò <flameeyes@gentoo.org> 2007-02-06 15:24:13 +0000
committer: Diego Elio Pettenò <flameeyes@gentoo.org> 2007-02-06 15:24:13 +0000
commit: 01ba19c3de7cedabbb573943fd6eb3ca86b854a5 (patch)
tree: 5cbe632662b3a460be048c0edadb0557840d88cc
parent: Version bump (diff)
download: historical-01ba19c3de7cedabbb573943fd6eb3ca86b854a5.tar.gz
historical-01ba19c3de7cedabbb573943fd6eb3ca86b854a5.tar.bz2
historical-01ba19c3de7cedabbb573943fd6eb3ca86b854a5.zip
5 files changed, 265 insertions, 8 deletions
diff --git a/kde-base/kdelibs/ChangeLog b/kde-base/kdelibs/ChangeLog
index fe7cbced5db8..3a6401f6c10e 100644
--- a/kde-base/kdelibs/ChangeLog
+++ b/kde-base/kdelibs/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for kde-base/kdelibs
 # Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/kde-base/kdelibs/ChangeLog,v 1.421 2007/02/05 12:40:14 flameeyes Exp $
+# $Header: /var/cvsroot/gentoo-x86/kde-base/kdelibs/ChangeLog,v 1.422 2007/02/06 15:24:13 flameeyes Exp $
+
+*kdelibs-3.5.5-r8 (06 Feb 2007)
+
+  06 Feb 2007; Diego Pettenò <flameeyes@gentoo.org>
+  +files/kdelibs-3.5.5-CVE-2007-0537.patch, +kdelibs-3.5.5-r8.ebuild:
+  Add patch to fix security bug #165606.
 
   05 Feb 2007; Diego Pettenò <flameeyes@gentoo.org>
   -files/kdelibs-3.5.0-bindnow.patch,
diff --git a/kde-base/kdelibs/Manifest b/kde-base/kdelibs/Manifest
index d8f1e420739f..71a7f8003248 100644
--- a/kde-base/kdelibs/Manifest
+++ b/kde-base/kdelibs/Manifest
@@ -1,6 +1,10 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA1
 
+AUX kdelibs-3.5.5-CVE-2007-0537.patch 1232 RMD160 a15192ccbbb27c323de2188b2a5a945c253b53ac SHA1 4c7f05af310bda28f97117e72b08ebb18a36252b SHA256 f83289c67c66de5d6afe78d1149d2f28514d0ce26841c36a67efdd1d2f7f451d
+MD5 287cfc385b261e687aa32908033d2112 files/kdelibs-3.5.5-CVE-2007-0537.patch 1232
+RMD160 a15192ccbbb27c323de2188b2a5a945c253b53ac files/kdelibs-3.5.5-CVE-2007-0537.patch 1232
+SHA256 f83289c67c66de5d6afe78d1149d2f28514d0ce26841c36a67efdd1d2f7f451d files/kdelibs-3.5.5-CVE-2007-0537.patch 1232
 AUX kdelibs-3.5.5-kate-cstyle-indenter-fix.diff 1544 RMD160 cb5fea95022dd92b448a8bf2b8e7ea49e9f3225d SHA1 5689ec3ca0c562663bc64b4458dcd1eafade8a38 SHA256 b4364d77149ef699b7724c1102a08a0240df5e19c2b0b1202459b8f97cf8268b
 MD5 1f60e79966e99e68401ce1b0cf3609d9 files/kdelibs-3.5.5-kate-cstyle-indenter-fix.diff 1544
 RMD160 cb5fea95022dd92b448a8bf2b8e7ea49e9f3225d files/kdelibs-3.5.5-kate-cstyle-indenter-fix.diff 1544
@@ -41,6 +45,10 @@ EBUILD kdelibs-3.5.5-r7.ebuild 6408 RMD160 1b998b653693399205ab6cf3461bc003ec676
 MD5 237ca00dd0f51c5a108444b822e972e9 kdelibs-3.5.5-r7.ebuild 6408
 RMD160 1b998b653693399205ab6cf3461bc003ec6762e1 kdelibs-3.5.5-r7.ebuild 6408
 SHA256 5963015f730b4adf21ac8f63cfc461645c5509a5034271299175dc82306f576e kdelibs-3.5.5-r7.ebuild 6408
+EBUILD kdelibs-3.5.5-r8.ebuild 6462 RMD160 9952b9a71f4fb733d87e1c1512fb23b82f77e32a SHA1 c84c312f5aa72c5ff27927e8495e27c6bb6693f3 SHA256 0a30a94146022742630b67c638f84ab3a1cbf6b7671349f74ea6d7b6a378871b
+MD5 79b1f0e42a9325324a95267e3d7172b6 kdelibs-3.5.5-r8.ebuild 6462
+RMD160 9952b9a71f4fb733d87e1c1512fb23b82f77e32a kdelibs-3.5.5-r8.ebuild 6462
+SHA256 0a30a94146022742630b67c638f84ab3a1cbf6b7671349f74ea6d7b6a378871b kdelibs-3.5.5-r8.ebuild 6462
 EBUILD kdelibs-3.5.6-r1.ebuild 5934 RMD160 f31b574d0a880af47ba22e837c2aa36e6e6ee355 SHA1 11553ea4e06cc73ac2ce53ce8287aa9a8ae1a609 SHA256 bad86ce3370005b03227056d6362a5727900137978f54c0c1773baf5b8e209da
 MD5 aaff5f188200cafa661c226c0e04eb2b kdelibs-3.5.6-r1.ebuild 5934
 RMD160 f31b574d0a880af47ba22e837c2aa36e6e6ee355 kdelibs-3.5.6-r1.ebuild 5934
@@ -49,10 +57,10 @@ EBUILD kdelibs-3.5.6-r2.ebuild 5989 RMD160 4b84cc101bc182753e67e3e653be0792042c0
 MD5 397458a76d4c0386f7887db44d63349e kdelibs-3.5.6-r2.ebuild 5989
 RMD160 4b84cc101bc182753e67e3e653be0792042c0234 kdelibs-3.5.6-r2.ebuild 5989
 SHA256 be58c908de93a0f9b783abbc3c94411dbf1465beeea7201c52abd62fd84d4015 kdelibs-3.5.6-r2.ebuild 5989
-MISC ChangeLog 69151 RMD160 2a9f1c440989697de7e18d7be9c529b32db0d9e2 SHA1 3660feca533fd998d3ad27df291df9df4bfb3b11 SHA256 2f6df18d5e3676ede96e1eede1b825b86a558203a8447d776d36dd692ea3d780
-MD5 a11b8d060e6224851dec9950a4aad975 ChangeLog 69151
-RMD160 2a9f1c440989697de7e18d7be9c529b32db0d9e2 ChangeLog 69151
-SHA256 2f6df18d5e3676ede96e1eede1b825b86a558203a8447d776d36dd692ea3d780 ChangeLog 69151
+MISC ChangeLog 69349 RMD160 b5c243047c89f53af4136145f167d1486f1c3570 SHA1 ccc16a22f69bcbe83f93e593cef906e05aa63d08 SHA256 7ab26fa92c3dd3d847258de84795266e534f555f2de67904acf1e68b0420ef54
+MD5 de89f272338c437da47fec26c33873bd ChangeLog 69349
+RMD160 b5c243047c89f53af4136145f167d1486f1c3570 ChangeLog 69349
+SHA256 7ab26fa92c3dd3d847258de84795266e534f555f2de67904acf1e68b0420ef54 ChangeLog 69349
 MISC metadata.xml 156 RMD160 ecce3b981f150c45ae1e84e2d208e678d6124259 SHA1 b64f7c0b4e5db816d82ad19848f72118af129d35 SHA256 2f4da28506b9d4185f320f67a6191d30c7a921217ed4447ed46ea0bc4aefc79a
 MD5 acc03a4b12bb0433a57e95bd253b9501 metadata.xml 156
 RMD160 ecce3b981f150c45ae1e84e2d208e678d6124259 metadata.xml 156
@@ -66,6 +74,9 @@ SHA256 8c59629509a40001ff71b42db7096bb8c7a4f78bb8e43b60baf2e205cd843c81 files/di
 MD5 b3407b1b16a060400ebc8b3bcd89eef4 files/digest-kdelibs-3.5.5-r7 807
 RMD160 65dd009a5c3e9f9b44e7d277d761a586184f1c20 files/digest-kdelibs-3.5.5-r7 807
 SHA256 9180e5499945c7011b584d592a892bc3ecc4a2cfcc703ede9619ab6238639387 files/digest-kdelibs-3.5.5-r7 807
+MD5 b3407b1b16a060400ebc8b3bcd89eef4 files/digest-kdelibs-3.5.5-r8 807
+RMD160 65dd009a5c3e9f9b44e7d277d761a586184f1c20 files/digest-kdelibs-3.5.5-r8 807
+SHA256 9180e5499945c7011b584d592a892bc3ecc4a2cfcc703ede9619ab6238639387 files/digest-kdelibs-3.5.5-r8 807
 MD5 b82df77d8d947cfd51e3fad1ce093674 files/digest-kdelibs-3.5.6-r1 807
 RMD160 e5e25e17340fbe888f9c28829d332c34148d1f06 files/digest-kdelibs-3.5.6-r1 807
 SHA256 d5b5e2137db88c1c903fdff689b4dd29929f9e1e8b4336fb64fb0e82094d5d88 files/digest-kdelibs-3.5.6-r1 807
@@ -75,7 +86,7 @@ SHA256 d5b5e2137db88c1c903fdff689b4dd29929f9e1e8b4336fb64fb0e82094d5d88 files/di
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.2 (GNU/Linux)
 
-iD8DBQFFxyW0AiZjviIA2XgRAgI1AJ4zYxrhRN25Te0uFSvaEh5bjYK8WQCgsUbV
-NwxQJQc9QVtUmjdg4V3n4g8=
-=F/a4
+iD8DBQFFyJ2mAiZjviIA2XgRArA1AKCy4+eCrBOjyrggi85X6habJ82cXgCfc7yk
+5iAUMLOqrSxC9ZMqbtlpbi4=
+=lfmo
 -----END PGP SIGNATURE-----
diff --git a/kde-base/kdelibs/files/digest-kdelibs-3.5.5-r8 b/kde-base/kdelibs/files/digest-kdelibs-3.5.5-r8
new file mode 100644
index 000000000000..cec88e0f63b8
--- /dev/null
+++ b/kde-base/kdelibs/files/digest-kdelibs-3.5.5-r8
@@ -0,0 +1,9 @@
+MD5 6f8254317dd43af7aea2a347656f552a kdelibs-3.5-patchset-05.tar.bz2 36423
+RMD160 684bb235f3b5b3cb900632e11aa912670f641b96 kdelibs-3.5-patchset-05.tar.bz2 36423
+SHA256 f237ccd3a35c629740355fbcf69b0d706690acac832a4d35db5c0d3a30235e0a kdelibs-3.5-patchset-05.tar.bz2 36423
+MD5 d8ce997461cb1aa2255032f02fd14326 kdelibs-3.5.5-seli-xinerama.patch.bz2 5470
+RMD160 46ed378f1ff2f7e2fa113aa0bf51eae1758264f9 kdelibs-3.5.5-seli-xinerama.patch.bz2 5470
+SHA256 8d002a55954aabdb91a534a1b1f1f37c706faebbae0398fb5a2ff29eeb66954c kdelibs-3.5.5-seli-xinerama.patch.bz2 5470
+MD5 2cba792e3b0a766431b837c8ef924117 kdelibs-3.5.5.tar.bz2 15486690
+RMD160 8e389869f9a53445754c76a0f7535ef2fffc6d03 kdelibs-3.5.5.tar.bz2 15486690
+SHA256 e487cdd56aa14eec3e100501a5e14658c6329fac30ea0ce812c860e3564c31e3 kdelibs-3.5.5.tar.bz2 15486690
diff --git a/kde-base/kdelibs/files/kdelibs-3.5.5-CVE-2007-0537.patch b/kde-base/kdelibs/files/kdelibs-3.5.5-CVE-2007-0537.patch
new file mode 100644
index 000000000000..c6332ee01e43
--- /dev/null
+++ b/kde-base/kdelibs/files/kdelibs-3.5.5-CVE-2007-0537.patch
@@ -0,0 +1,22 @@
+Index: kdelibs/khtml/html/htmltokenizer.cpp
+===================================================================
+--- kdelibs/khtml/html/htmltokenizer.cpp	(revision 626790)
++++ kdelibs/khtml/html/htmltokenizer.cpp	(revision 626791)
+@@ -316,7 +316,7 @@
+     while ( !src.isEmpty() ) {
+         checkScriptBuffer();
+         unsigned char ch = src->latin1();
+-        if ( !scriptCodeResync && !brokenComments && !textarea && !xmp && !title && ch == '-' && scriptCodeSize >= 3 && !src.escaped() && QConstString( scriptCode+scriptCodeSize-3, 3 ).string() == "<!-" ) {
++        if ( !scriptCodeResync && !brokenComments && !textarea && !xmp && ch == '-' && scriptCodeSize >= 3 && !src.escaped() && QConstString( scriptCode+scriptCodeSize-3, 3 ).string() == "<!-" ) {
+             comment = true;
+             scriptCode[ scriptCodeSize++ ] = ch;
+             ++src;
+@@ -495,7 +495,7 @@
+ 
+             if (canClose || handleBrokenComments || scriptEnd ){
+                 ++src;
+-                if ( !( script || xmp || textarea || style) ) {
++                if ( !( title || script || xmp || textarea || style) ) {
+ #ifdef COMMENTS_IN_DOM
+                     checkScriptBuffer();
+                     scriptCode[ scriptCodeSize ] = 0;
diff --git a/kde-base/kdelibs/kdelibs-3.5.5-r8.ebuild b/kde-base/kdelibs/kdelibs-3.5.5-r8.ebuild
new file mode 100644
index 000000000000..396cae4d7440
--- /dev/null
+++ b/kde-base/kdelibs/kdelibs-3.5.5-r8.ebuild
@@ -0,0 +1,209 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/kde-base/kdelibs/kdelibs-3.5.5-r8.ebuild,v 1.1 2007/02/06 15:24:13 flameeyes Exp $
+
+inherit kde flag-o-matic eutils multilib
+set-kdedir 3.5
+
+DESCRIPTION="KDE libraries needed by all KDE programs."
+HOMEPAGE="http://www.kde.org/"
+SRC_URI="mirror://kde/stable/${PV}/src/${P}.tar.bz2
+	mirror://gentoo/kdelibs-3.5-patchset-05.tar.bz2
+	mirror://gentoo/${P}-seli-xinerama.patch.bz2"
+
+LICENSE="GPL-2 LGPL-2"
+SLOT="3.5"
+KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
+IUSE="acl alsa arts cups doc jpeg2k kerberos legacyssl utempter openexr spell ssl tiff
+zeroconf avahi kernel_linux fam lua linguas_he kdehiddenvisibility"
+
+# kde.eclass has kdelibs in DEPEND, and we can't have that in here.
+# so we recreate the entire DEPEND from scratch.
+
+# Added aspell-en as dependency to work around bug 131512.
+RDEPEND="$(qt_min_version 3.3.3)
+	arts? ( ~kde-base/arts-${PV} )
+	app-arch/bzip2
+	>=media-libs/freetype-2
+	media-libs/fontconfig
+	>=dev-libs/libxslt-1.1.16
+	>=dev-libs/libxml2-2.6.6
+	>=dev-libs/libpcre-4.2
+	media-libs/libart_lgpl
+	net-dns/libidn
+	acl? ( kernel_linux? ( sys-apps/acl ) )
+	ssl? ( >=dev-libs/openssl-0.9.7d )
+	alsa? ( media-libs/alsa-lib )
+	cups? ( >=net-print/cups-1.1.19 )
+	tiff? ( media-libs/tiff )
+	kerberos? ( virtual/krb5 )
+	jpeg2k? ( media-libs/jasper )
+	openexr? ( >=media-libs/openexr-1.2.2-r2 )
+	zeroconf? (	!avahi? ( net-misc/mDNSResponder !kde-misc/kdnssd-avahi ) )
+	fam? ( virtual/fam )
+	virtual/ghostscript
+	utempter? ( sys-libs/libutempter )
+	!kde-base/kde-env
+	lua? ( dev-lang/lua )
+	spell? ( app-text/aspell app-dicts/aspell-en
+		linguas_he? ( >=app-text/hspell-1.0 ) )"
+
+DEPEND="${RDEPEND}
+	doc? ( app-doc/doxygen )
+	sys-devel/gettext"
+
+RDEPEND="${RDEPEND}
+	|| ( ( x11-apps/rgb x11-apps/iceauth ) <virtual/x11-7 ) "
+
+PDEPEND="zeroconf? ( avahi? ( kde-misc/kdnssd-avahi ) )"
+
+# Testing code is rather broken and merely for developer purposes, so disable it.
+RESTRICT="test"
+
+pkg_setup() {
+	if use legacyssl ; then
+		echo ""
+		elog "You have the legacyssl use flag enabled, which fixes issues with some broken"
+		elog "sites, but breaks others instead. It is strongly discouraged to use it."
+		elog "For more information, see bug #128922."
+		echo ""
+	fi
+	if ! use utempter ; then
+		echo ""
+		elog "On some setups that relies on the correct update of utmp records, not using"
+		elog "utempter might not update them correctly. If you experience unexpected"
+		elog "behaviour, try to rebuild kde-base/kdelibs with utempter use-flag enabled."
+		echo ""
+	fi
+
+	if use alsa && ! built_with_use --missing true media-libs/alsa-lib midi; then
+		eerror "The alsa USE flag in this package enables ALSA support"
+		eerror "for libkmid, KDE midi library."
+		eerror "For this reason, you have to merge media-libs/alsa-lib"
+		eerror "with the midi USE flag enabled, or disable alsa USE flag"
+		eerror "for this package."
+		die "Missing midi USE flag on media-libs/alsa-lib"
+	fi
+}
+
+src_unpack() {
+	kde_src_unpack
+	if use legacyssl ; then
+		# This patch won't be included upstream, see bug #128922
+		epatch "${WORKDIR}/patches/kdelibs_3.5.4-kssl-3des.patch" || die "Patch did not apply."
+	fi
+
+	# Apply the following patch on the next revision of kdelibs-3.5.5 (fixes kde
+	# bug #135409), which corrects a nasty regression in the cstyle indenter.
+	epatch "${FILESDIR}/${P}-kate-cstyle-indenter-fix.diff"
+
+	# Fix kdeprint timeout when trying to connect to cupsd. Bug #151261.
+	epatch "${FILESDIR}/${P}-kdeprint-cupsd-timeout-fix.patch"
+
+	# Fix rendering (see upstream bug #135639).
+	epatch "${FILESDIR}/${P}-khtml.patch"
+
+	# Allow notification with arts disabled
+	epatch "${FILESDIR}/${P}-noarts.patch"
+	epatch "${FILESDIR}/${P}-noarts-2.patch"
+
+	# xinerama patch from Lubos Lunak
+	# http://ktown.kde.org/~seli/xinerama/
+	epatch "${DISTDIR}/${P}-seli-xinerama.patch.bz2"
+
+	epatch "${FILESDIR}/${P}-CVE-2007-0537.patch"
+}
+
+src_compile() {
+	rm -f "${S}/configure"
+
+	myconf="--with-distribution=Gentoo --disable-fast-malloc
+			$(use_enable fam libfam) $(use_enable kernel_linux dnotify)
+			--with-libart --with-libidn
+			$(use_with acl) $(use_with ssl)
+			$(use_with alsa) $(use_with arts)
+			$(use_with kerberos gssapi) $(use_with tiff)
+			$(use_with jpeg2k jasper) $(use_with openexr)
+			$(use_enable cups)
+			$(use_with utempter) $(use_with lua)
+			$(use_enable kernel_linux sendfile) --enable-mitshm
+			$(use_with spell aspell)"
+
+	if use zeroconf && ! use avahi; then
+		myconf="${myconf} --enable-dnssd"
+	else
+		myconf="${myconf} --disable-dnssd"
+	fi
+
+	if use spell; then
+		myconf="${myconf} $(use_with linguas_he hspell)"
+	else
+		myconf="${myconf} --without-hspell"
+	fi
+
+	if has_version x11-apps/rgb; then
+		myconf="${myconf} --with-rgbfile=/usr/share/X11/rgb.txt"
+	fi
+
+	# fix bug 58179, bug 85593
+	# kdelibs-3.4.0 needed -fno-gcse; 3.4.1 needs -mminimal-toc; this needs a
+	# closer look... - corsair
+	use ppc64 && append-flags "-mminimal-toc"
+
+	# work around bug #120858, gcc 3.4.x -Os miscompilation
+	use x86 && replace-flags "-Os" "-O2" # see bug #120858
+
+	export BINDNOW_FLAGS="$(bindnow-flags)"
+
+	kde_src_compile
+
+	if use doc; then
+		make apidox || die
+	fi
+}
+
+src_install() {
+	kde_src_install
+
+	if use doc; then
+		make DESTDIR="${D}" install-apidox || die
+	fi
+
+	# Needed to create lib -> lib64 symlink for amd64 2005.0 profile
+	if [ "${SYMLINK_LIB}" = "yes" ]; then
+		dosym $(get_abi_LIBDIR ${DEFAULT_ABI}) ${KDEDIR}/lib
+	fi
+
+	# Get rid of the disabled version of the kdnsd libraries
+	if use zeroconf && use avahi; then
+		rm -rf "${D}/${PREFIX}"/$(get_libdir)/libkdnssd.*
+	fi
+
+	dodir /etc/env.d
+
+	# List all the multilib libdirs
+	local libdirs
+	for libdir in $(get_all_libdirs); do
+		libdirs="${libdirs}:${PREFIX}/${libdir}"
+	done
+
+	cat <<EOF > "${D}"/etc/env.d/45kdepaths-${SLOT} # number goes down with version upgrade
+PATH=${PREFIX}/bin
+ROOTPATH=${PREFIX}/sbin:${PREFIX}/bin
+LDPATH=${libdirs:1}
+CONFIG_PROTECT="${PREFIX}/share/config ${PREFIX}/env ${PREFIX}/shutdown /usr/share/config"
+KDEDIRS="${PREFIX}:/usr:/usr/local"
+#KDE_IS_PRELINKED=1
+EOF
+}
+
+pkg_postinst() {
+	if use zeroconf; then
+		echo
+		elog "To make zeroconf support available in KDE make sure that the 'mdnsd' daemon"
+		elog "is running. Make sure also that multicast dns lookups are enabled by editing"
+		elog "the 'hosts:' line in /etc/nsswitch.conf to include 'mdns', e.g.:"
+		elog "	hosts: files mdns dns"
+		echo
+	fi
+}
author	Diego Elio Pettenò <flameeyes@gentoo.org>	2007-02-06 15:24:13 +0000
committer	Diego Elio Pettenò <flameeyes@gentoo.org>	2007-02-06 15:24:13 +0000
commit	01ba19c3de7cedabbb573943fd6eb3ca86b854a5 (patch)
tree	5cbe632662b3a460be048c0edadb0557840d88cc
parent	Version bump (diff)
download	historical-01ba19c3de7cedabbb573943fd6eb3ca86b854a5.tar.gz historical-01ba19c3de7cedabbb573943fd6eb3ca86b854a5.tar.bz2 historical-01ba19c3de7cedabbb573943fd6eb3ca86b854a5.zip