diff options
author | Rafael Martins <rafaelmartins@gentoo.org> | 2020-07-22 21:38:50 +0200 |
---|---|---|
committer | Rafael Martins <rafaelmartins@gentoo.org> | 2020-07-22 21:40:24 +0200 |
commit | a2a054ce465da2fd25ff354c875024011b9fd2c9 (patch) | |
tree | f9f40aa10a5a65874122a79ef755ea8fb792b561 /dev-lang | |
parent | net-dns/pdns-recursor: Cleanup (diff) | |
download | gentoo-a2a054ce465da2fd25ff354c875024011b9fd2c9.tar.gz gentoo-a2a054ce465da2fd25ff354c875024011b9fd2c9.tar.bz2 gentoo-a2a054ce465da2fd25ff354c875024011b9fd2c9.zip |
dev-lang/luajit: apply fix for CVE-2020-15890
Bug: https://bugs.gentoo.org/733466
Package-Manager: Portage-2.3.99, Repoman-2.3.22
Signed-off-by: Rafael Martins <rafaelmartins@gentoo.org>
Diffstat (limited to 'dev-lang')
-rw-r--r-- | dev-lang/luajit/files/CVE-2020-15890.patch | 22 | ||||
-rw-r--r-- | dev-lang/luajit/luajit-2.0.5-r2.ebuild | 67 | ||||
-rw-r--r-- | dev-lang/luajit/luajit-2.1.0_beta3-r1.ebuild | 56 |
3 files changed, 145 insertions, 0 deletions
diff --git a/dev-lang/luajit/files/CVE-2020-15890.patch b/dev-lang/luajit/files/CVE-2020-15890.patch new file mode 100644 index 000000000000..751726571a05 --- /dev/null +++ b/dev-lang/luajit/files/CVE-2020-15890.patch @@ -0,0 +1,22 @@ +From 53f82e6e2e858a0a62fd1a2ff47e9866693382e6 Mon Sep 17 00:00:00 2001 +From: Mike Pall <mike> +Date: Sun, 12 Jul 2020 14:30:34 +0200 +Subject: [PATCH] Fix frame traversal for __gc handler frames. + +Reported by Changochen. +--- + src/lj_err.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/lj_err.c b/src/lj_err.c +index caa7487f2..e3e0c2eb7 100644 +--- a/src/lj_err.c ++++ b/src/lj_err.c +@@ -529,6 +529,7 @@ static ptrdiff_t finderrfunc(lua_State *L) + if (cframe_canyield(cf)) return 0; + if (cframe_errfunc(cf) >= 0) + return cframe_errfunc(cf); ++ cf = cframe_prev(cf); + frame = frame_prevd(frame); + break; + case FRAME_PCALL: diff --git a/dev-lang/luajit/luajit-2.0.5-r2.ebuild b/dev-lang/luajit/luajit-2.0.5-r2.ebuild new file mode 100644 index 000000000000..b36b964f23c8 --- /dev/null +++ b/dev-lang/luajit/luajit-2.0.5-r2.ebuild @@ -0,0 +1,67 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit pax-utils toolchain-funcs versionator + +MY_PV="$(get_version_component_range 1-3)" +MY_P="LuaJIT-${MY_PV}" +if [[ -n $(get_version_component_range 4) ]]; then + HOTFIX="v${PV}" + HOTFIX="${HOTFIX/_p/_hotfix}.patch" +fi + +DESCRIPTION="Just-In-Time Compiler for the Lua programming language" +HOMEPAGE="http://luajit.org/" +SRC_URI="http://luajit.org/download/${MY_P}.tar.gz + ${HOTFIX:+http://luajit.org/download/${HOTFIX}}" + +LICENSE="MIT" +# this should probably be pkgmoved to 2.0 for sake of consistency. +SLOT="2" +KEYWORDS="~amd64 ~arm ~ppc ~x86 ~amd64-linux ~x86-linux" +IUSE="lua52compat static-libs" + +PATCHES=( + "${FILESDIR}/${PN}-2-ldconfig.patch" + "${FILESDIR}/CVE-2020-15890.patch" +) + +S="${WORKDIR}/${MY_P}" + +src_prepare() { + if [[ -n ${HOTFIX} ]]; then + eapply "${DISTDIR}/${HOTFIX}" + fi + default +} + +_emake() { + emake \ + Q= \ + PREFIX="${EPREFIX}/usr" \ + MULTILIB="$(get_libdir)" \ + DESTDIR="${D}" \ + HOST_CC="$(tc-getBUILD_CC)" \ + STATIC_CC="$(tc-getCC)" \ + DYNAMIC_CC="$(tc-getCC) -fPIC" \ + TARGET_LD="$(tc-getCC)" \ + TARGET_AR="$(tc-getAR) rcus" \ + BUILDMODE="$(usex static-libs mixed dynamic)" \ + TARGET_STRIP="true" \ + INSTALL_LIB="${ED%/}/usr/$(get_libdir)" \ + "$@" +} + +src_compile() { + _emake XCFLAGS="$(usex lua52compat "-DLUAJIT_ENABLE_LUA52COMPAT" "")" +} + +src_install() { + _emake install + + pax-mark m "${ED}usr/bin/luajit-${MY_PV}" + + HTML_DOCS="doc/." einstalldocs +} diff --git a/dev-lang/luajit/luajit-2.1.0_beta3-r1.ebuild b/dev-lang/luajit/luajit-2.1.0_beta3-r1.ebuild new file mode 100644 index 000000000000..a959393a5d76 --- /dev/null +++ b/dev-lang/luajit/luajit-2.1.0_beta3-r1.ebuild @@ -0,0 +1,56 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit pax-utils toolchain-funcs versionator + +MY_PV="$(get_version_component_range 1-4)" +MY_PV="${MY_PV/_beta/-beta}" +MY_P="LuaJIT-${MY_PV}" + +DESCRIPTION="Just-In-Time Compiler for the Lua programming language" +HOMEPAGE="http://luajit.org/" +SRC_URI="http://luajit.org/download/${MY_P}.tar.gz" + +LICENSE="MIT" +# this should probably be pkgmoved to 2.0 for sake of consistency. +SLOT="2" +KEYWORDS="" +IUSE="lua52compat static-libs" + +PATCHES=( + "${FILESDIR}/${PN}-2-ldconfig.patch" + "${FILESDIR}/CVE-2020-15890.patch" +) + +S="${WORKDIR}/${MY_P}" + +_emake() { + emake \ + Q= \ + PREFIX="${EPREFIX}/usr" \ + MULTILIB="$(get_libdir)" \ + DESTDIR="${D}" \ + HOST_CC="$(tc-getBUILD_CC)" \ + STATIC_CC="$(tc-getCC)" \ + DYNAMIC_CC="$(tc-getCC) -fPIC" \ + TARGET_LD="$(tc-getCC)" \ + TARGET_AR="$(tc-getAR) rcus" \ + BUILDMODE="$(usex static-libs mixed dynamic)" \ + TARGET_STRIP="true" \ + INSTALL_LIB="${ED%/}/usr/$(get_libdir)" \ + "$@" +} + +src_compile() { + _emake XCFLAGS="$(usex lua52compat "-DLUAJIT_ENABLE_LUA52COMPAT" "")" +} + +src_install() { + _emake install + + pax-mark m "${ED}usr/bin/luajit-${MY_PV}" + + HTML_DOCS="doc/." einstalldocs +} |