diff options
author | root <root@rshg054.dnsready.net> | 2013-06-23 01:08:06 -0700 |
---|---|---|
committer | root <root@rshg054.dnsready.net> | 2013-06-23 01:08:06 -0700 |
commit | 8d87c082149a6574a1d17d3c28ab2cb65a1e1d96 (patch) | |
tree | 6d3d045445c0e8f363e2ea3cc903912546fc0b5c | |
parent | 946a83c478943914bcf576bd772689ef74c27fdd (diff) |
Sun Jun 23 01:07:36 PDT 2013
35 files changed, 1933 insertions, 238 deletions
diff --git a/community/libmemcached/PKGBUILD b/community/libmemcached/PKGBUILD index 665b104c8..25791b35d 100644 --- a/community/libmemcached/PKGBUILD +++ b/community/libmemcached/PKGBUILD @@ -1,9 +1,9 @@ -# $Id: PKGBUILD 90890 2013-05-15 08:03:49Z bpiotrowski $ +# $Id: PKGBUILD 93008 2013-06-22 07:02:22Z foutrelis $ # Maintainer: Evangelos Foutras <evangelos@foutrelis.com> pkgname=libmemcached -pkgver=1.0.16 -pkgrel=2 +pkgver=1.0.17 +pkgrel=1 pkgdesc="C and C++ client library to the memcached server" arch=('i686' 'x86_64') url="http://libmemcached.org/" @@ -11,8 +11,17 @@ license=('GPL') depends=('glibc' 'libsasl' 'libevent') makedepends=('perl' 'memcached' 'python-sphinx') options=('!libtool') -source=(http://launchpad.net/$pkgname/1.0/$pkgver/+download/$pkgname-$pkgver.tar.gz) -sha256sums=('2215d1766bff02b75403291d3d870fcd7d0735e4d018657d4d74fc44e92bdbfc') +source=(http://launchpad.net/$pkgname/1.0/$pkgver/+download/$pkgname-$pkgver.tar.gz + gcc-4.8.patch) +sha256sums=('7bb27b2589400f918df1cf5002cb01ef7ccac6e23f818604e2386de62c80bba5' + '4a6b5d70cf7905fbd9e58a4646a6943da5f77b5e0a87b1518c4688f437963194') + +prepare() { + cd "$srcdir/$pkgname-$pkgver" + + # Fix build with GCC 4.8 (patch from Debian) + patch -Np1 -i "$srcdir/gcc-4.8.patch" +} build() { cd "$srcdir/$pkgname-$pkgver" diff --git a/community/libmemcached/gcc-4.8.patch b/community/libmemcached/gcc-4.8.patch new file mode 100644 index 000000000..5f42d3f3c --- /dev/null +++ b/community/libmemcached/gcc-4.8.patch @@ -0,0 +1,183 @@ +Description: Fix compilation with gcc-4.8 + This patch fixes the error flags made incompatible with gcc-4.8: + g++: error: -fsanitize=address is incompatible with -fsanitize=thread +Author: Brian Aker +Last-Update: 2013-06-14 +Bug: https://bugs.launchpad.net/libmemcached/+bug/1164442 + +--- a/libtest/run.gdb 2012-03-26 01:08:09 +0000 ++++ b/libtest/run.gdb 2013-04-10 05:25:24 +0000 +@@ -1,5 +1,6 @@ + set logging on + set logging overwrite on + set environment LIBTEST_IN_GDB=1 ++set ASAN_OPTIONS=abort_on_error=1 + run + thread apply all bt + +--- a/m4/ax_harden_compiler_flags.m4 2013-02-12 05:44:21 +0000 ++++ b/m4/ax_harden_compiler_flags.m4 2013-04-10 05:25:24 +0000 +@@ -53,7 +53,7 @@ + # ? _APPEND_COMPILE_FLAGS_ERROR([-Wlong-long]) -- Don't turn on for + # compatibility issues memcached_stat_st + +-#serial 8 ++#serial 9 + + AC_DEFUN([_WARNINGS_AS_ERRORS], + [AC_CACHE_CHECK([if all warnings into errors],[ac_cv_warnings_as_errors], +@@ -92,9 +92,12 @@ + _APPEND_COMPILE_FLAGS_ERROR([-H]) + _APPEND_COMPILE_FLAGS_ERROR([-ggdb]) + _APPEND_COMPILE_FLAGS_ERROR([-g]) +- _APPEND_COMPILE_FLAGS_ERROR([-O0])], +- [_APPEND_COMPILE_FLAGS_ERROR([-g]) +- _APPEND_COMPILE_FLAGS_ERROR([-O2])]) ++ _APPEND_COMPILE_FLAGS_ERROR([-O0]), ++ _APPEND_COMPILE_FLAGS_ERROR([-fno-omit-frame-pointer]) ++ ],[ ++ _APPEND_COMPILE_FLAGS_ERROR([-g]) ++ _APPEND_COMPILE_FLAGS_ERROR([-O2]) ++ ]) + + AS_IF([test "x$ac_cv_vcs_checkout" = xyes], + [_APPEND_COMPILE_FLAGS_ERROR([-fstack-check]) +@@ -155,26 +158,31 @@ + _APPEND_COMPILE_FLAGS_ERROR([-Wundef]) + _APPEND_COMPILE_FLAGS_ERROR([-Wunsafe-loop-optimizations]) + _APPEND_COMPILE_FLAGS_ERROR([-funsafe-loop-optimizations]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=address]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=integer]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=thread]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=memory]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=alignment]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=bool]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=bounds]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=enum]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=float-cast-overflow]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=float-divide-by-zero]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=integer-divide-by-zero]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=null]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=object-size]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=return]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=shift]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=signed-integer-overflow]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=unreachable]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=unsigned-integer-overflow]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=vla-bound]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=vptr]) ++ AS_IF([test "x$ac_cv_vcs_checkout" = xyes],[ ++ _APPEND_COMPILE_FLAGS_ERROR([-fno-omit-frame-pointer]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=address]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=integer]) ++ AS_IF([test "x$enable_shared" = "xyes"],[ ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=thread]) ++ ]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=memory]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=alignment]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=bool]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=bounds]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=enum]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=float-cast-overflow]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=float-divide-by-zero]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=integer-divide-by-zero]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=null]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=object-size]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=return]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=shift]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=signed-integer-overflow]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=unreachable]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=unsigned-integer-overflow]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=vla-bound]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=vptr]) ++ ]) + _APPEND_COMPILE_FLAGS_ERROR([-Wclobbered]) + _APPEND_COMPILE_FLAGS_ERROR([-Wunused]) + _APPEND_COMPILE_FLAGS_ERROR([-Wunused-result]) +@@ -186,6 +194,7 @@ + _APPEND_COMPILE_FLAGS_ERROR([-fwrapv]) + _APPEND_COMPILE_FLAGS_ERROR([-fmudflapt]) + _APPEND_COMPILE_FLAGS_ERROR([-pipe]) ++ _APPEND_COMPILE_FLAGS_ERROR([-Wsizeof-pointer-memaccess]) + + AS_IF([test "x$ax_enable_debug" = xno], + [AS_IF([test "x$ac_cv_vcs_checkout" = xyes], +@@ -213,9 +222,12 @@ + _APPEND_COMPILE_FLAGS_ERROR([-H]) + _APPEND_COMPILE_FLAGS_ERROR([-ggdb]) + _APPEND_COMPILE_FLAGS_ERROR([-g]) +- _APPEND_COMPILE_FLAGS_ERROR([-O0])], +- [_APPEND_COMPILE_FLAGS_ERROR([-g]) +- _APPEND_COMPILE_FLAGS_ERROR([-O2])]) ++ _APPEND_COMPILE_FLAGS_ERROR([-O0]), ++ _APPEND_COMPILE_FLAGS_ERROR([-fno-omit-frame-pointer]) ++ ],[ ++ _APPEND_COMPILE_FLAGS_ERROR([-g]) ++ _APPEND_COMPILE_FLAGS_ERROR([-O2]) ++ ]) + + AS_IF([test "x$ac_cv_vcs_checkout" = xyes], + [_APPEND_COMPILE_FLAGS_ERROR([-fstack-check]) +@@ -268,27 +280,32 @@ + _APPEND_COMPILE_FLAGS_ERROR([-funsafe-loop-optimizations]) + _APPEND_COMPILE_FLAGS_ERROR([-Wc++11-compat]) + # _APPEND_COMPILE_FLAGS_ERROR([-Weffc++]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=address]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=integer]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=thread]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=memory]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=alignment]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=bool]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=bounds]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=enum]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=float-cast-overflow]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=float-divide-by-zero]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=integer-divide-by-zero]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=null]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=object-size]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=return]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=shift]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=signed-integer-overflow]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=unreachable]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=unsigned-integer-overflow]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=vla-bound]) +- _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=vptr]) +-# _APPEND_COMPILE_FLAGS_ERROR([-Wold-style-cast]) ++ AS_IF([test "x$ac_cv_vcs_checkout" = xyes],[ ++ _APPEND_COMPILE_FLAGS_ERROR([-fno-omit-frame-pointer]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=address]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=integer]) ++ AS_IF([test "x$enable_shared" = "xyes"],[ ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=thread]) ++ ]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=memory]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=alignment]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=bool]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=bounds]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=enum]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=float-cast-overflow]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=float-divide-by-zero]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=integer-divide-by-zero]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=null]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=object-size]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=return]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=shift]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=signed-integer-overflow]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=unreachable]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=unsigned-integer-overflow]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=vla-bound]) ++ _APPEND_COMPILE_FLAGS_ERROR([-fsanitize=vptr]) ++ ]) ++# _APPEND_COMPILE_FLAGS_ERROR([-Wold-style-cast]) + _APPEND_COMPILE_FLAGS_ERROR([-Wclobbered]) + _APPEND_COMPILE_FLAGS_ERROR([-Wunused]) + _APPEND_COMPILE_FLAGS_ERROR([-Wunused-result]) +@@ -301,6 +318,7 @@ + _APPEND_COMPILE_FLAGS_ERROR([-fwrapv]) + _APPEND_COMPILE_FLAGS_ERROR([-fmudflapt]) + _APPEND_COMPILE_FLAGS_ERROR([-pipe]) ++ _APPEND_COMPILE_FLAGS_ERROR([-Wsizeof-pointer-memaccess]) + + AS_IF([test "x$ax_enable_debug" = xno], + [AS_IF([test "x$ac_cv_vcs_checkout" = xyes], + diff --git a/community/luaposix/PKGBUILD b/community/luaposix/PKGBUILD index 6cdab1f9f..2fc912623 100644 --- a/community/luaposix/PKGBUILD +++ b/community/luaposix/PKGBUILD @@ -1,36 +1,43 @@ -# $Id: PKGBUILD 81399 2012-12-19 13:39:36Z seblu $ -# Maintainer: Sébastien Luttringer <seblu@aur.archlinux.org> +# $Id: PKGBUILD 93034 2013-06-22 17:02:30Z seblu $ +# Maintainer: Sébastien Luttringer # Contributor: SpepS <dreamspepser at yahoo dot it> # Contributor: Laszlo Papp <djszapi at archlinux us> # Contributor: Donald Ephraim Curtis <dcurtis@gmail.com> pkgbase=luaposix pkgname=('lua-posix' 'lua51-posix') -pkgver=5.1.23 -pkgrel=2 +pkgver=5.1.28 +pkgrel=1 pkgdesc='A POSIX library for Lua programming language' arch=('i686' 'x86_64') -url='http://luaforge.net/projects/luaposix/' +url='https://github.com/luaposix/luaposix' license=('GPL' 'LGPL') -makedepends=('lua' 'lua51' 'lua51-bitop') +makedepends=('lua' 'lua51' 'lua51-bitop' 'git') options=('!libtool') -source=("https://github.com/downloads/$pkgbase/$pkgbase/$pkgbase-$pkgver.tar.gz") -md5sums=('ebe7d335741ca736e003a6844a0fbf92') +source=("$pkgname-$pkgver.tar.gz::https://github.com/luaposix/luaposix/archive/v$pkgver.tar.gz") +md5sums=('0ea20ea21bd9f92b79041beb6d41393e') + +prepare() { + # do bootstrap in prepare, as it clone external git + (cd $pkgbase-$pkgver && ./bootstrap) + cp -r $pkgbase-$pkgver $pkgbase-$pkgver-51 +} build() { - cd $pkgbase-$pkgver - mkdir build_51 build_52 msg2 'Build with lua 5.2' - cd build_52 - ../configure \ + cd $pkgbase-$pkgver + ./configure \ + LUA=/usr/bin/lua \ --prefix=/usr \ --libdir=/usr/lib/lua/5.2 \ --datadir=/usr/share/lua/5.2 \ --docdir=/usr/share/doc/lua-posix make msg2 'Build with lua 5.1' - cd ../build_51 - ../configure CFLAGS=-I/usr/include/lua5.1 \ + cd "$srcdir/$pkgbase-$pkgver-51" + ./configure \ + LUA=/usr/bin/lua5.1 \ + LUA_INCLUDE=-I/usr/include/lua5.1 \ --prefix=/usr \ --libdir=/usr/lib/lua/5.1 \ --datadir=/usr/share/lua/5.1 \ @@ -41,7 +48,7 @@ build() { package_lua-posix() { depends=('lua') - cd $pkgbase-$pkgver/build_52 + cd $pkgbase-$pkgver make DESTDIR="$pkgdir/" install } @@ -50,7 +57,7 @@ package_lua51-posix() { conflicts=('luaposix') replaces=('luaposix') - cd $pkgbase-$pkgver/build_51 + cd $pkgbase-$pkgver-51 make DESTDIR="$pkgdir/" install } diff --git a/community/virtualbox-modules/PKGBUILD b/community/virtualbox-modules/PKGBUILD index 475d01451..dc4eac812 100644 --- a/community/virtualbox-modules/PKGBUILD +++ b/community/virtualbox-modules/PKGBUILD @@ -1,11 +1,11 @@ -# $Id: PKGBUILD 92785 2013-06-15 06:20:46Z tpowa $ +# $Id: PKGBUILD 93018 2013-06-22 10:01:54Z tpowa $ # Maintainer: Ionut Biru <ibiru@archlinux.org> # Maintainer: Sébastien Luttringer pkgbase=virtualbox-modules pkgname=('virtualbox-host-modules' 'virtualbox-guest-modules') pkgver=4.2.12 -pkgrel=8 +pkgrel=9 arch=('i686' 'x86_64') url='http://virtualbox.org' license=('GPL') diff --git a/community/virtualbox-modules/virtualbox-guest-modules.install b/community/virtualbox-modules/virtualbox-guest-modules.install index 6308e2fa5..73eddf0fd 100644 --- a/community/virtualbox-modules/virtualbox-guest-modules.install +++ b/community/virtualbox-modules/virtualbox-guest-modules.install @@ -1,4 +1,4 @@ -VERSION='3.9.6-1-ARCH' +VERSION='3.9.7-1-ARCH' post_install() { cat << EOF diff --git a/community/virtualbox-modules/virtualbox-host-modules.install b/community/virtualbox-modules/virtualbox-host-modules.install index 70f6b8004..4741f26bf 100644 --- a/community/virtualbox-modules/virtualbox-host-modules.install +++ b/community/virtualbox-modules/virtualbox-host-modules.install @@ -1,4 +1,4 @@ -VERSION='3.9.6-1-ARCH' +VERSION='3.9.7-1-ARCH' post_install() { cat << EOF diff --git a/core/ppp/PKGBUILD b/core/ppp/PKGBUILD index 41fdb183d..75c85e092 100644 --- a/core/ppp/PKGBUILD +++ b/core/ppp/PKGBUILD @@ -1,8 +1,8 @@ -# $Id: PKGBUILD 188198 2013-06-12 15:53:29Z thomas $ +# $Id: PKGBUILD 188844 2013-06-22 15:33:40Z thomas $ # Maintainer: Thomas Baechler <thomas@archlinux.org> pkgname=ppp pkgver=2.4.5 -pkgrel=7 +pkgrel=8 pkgdesc="A daemon which implements the Point-to-Point Protocol for dial-up networking" arch=(i686 x86_64) url="http://www.samba.org/ppp/" @@ -23,7 +23,7 @@ md5sums=('4621bc56167b6953ec4071043fe0ec57' '7a9259a8f038073eeea7e4552ff1849f' 'e4beb16ed600b61336d50b2bd2df7cd5' '529b924f644f80cf30d72a966abc7419' - '0a79f6427e28426d42b76f7207c531e1' + '0e2eeb1af125a46291999162dcc9004a' '3a5d56ac23e36cdbf48187813c8ec981' '4cbd0a9af01c27067450ec7d3f5fa673' 'b75c2fbc4afa9f2d8108b680c88c7036' diff --git a/core/ppp/ip-up.d.dns.sh b/core/ppp/ip-up.d.dns.sh index 47e4ca41f..0fc737eca 100644 --- a/core/ppp/ip-up.d.dns.sh +++ b/core/ppp/ip-up.d.dns.sh @@ -3,7 +3,7 @@ if [ "$USEPEERDNS" = "1" -a -f /etc/ppp/resolv.conf ]; then if [ -x /usr/bin/resolvconf ]; then /usr/bin/resolvconf -a ${IFNAME} </etc/ppp/resolv.conf - elif + else [ -e /etc/resolv.conf ] && mv /etc/resolv.conf /etc/resolv.conf.backup.${IFNAME} mv /etc/ppp/resolv.conf /etc/resolv.conf chmod 644 /etc/resolv.conf diff --git a/extra/libseccomp/PKGBUILD b/extra/libseccomp/PKGBUILD index 9bdaee4fc..ccca4c4b5 100644 --- a/extra/libseccomp/PKGBUILD +++ b/extra/libseccomp/PKGBUILD @@ -2,15 +2,14 @@ # Contributor: Patryk Kowalczyk < patryk at kowalczyk dot ws> pkgname=libseccomp -pkgver=2.0.0 -pkgrel=2 +pkgver=2.1.0 +pkgrel=1 pkgdesc='Enhanced seccomp library' arch=('i686' 'x86_64') license=('LGPL2.1') url="http://sourceforge.net/projects/libseccomp/" depends=('glibc') source=("http://downloads.sourceforge.net/project/$pkgname/$pkgname-$pkgver.tar.gz") -md5sums=('f988feac6a3425f2c918f32b28df1caa') build() { cd $pkgname-$pkgver @@ -22,3 +21,4 @@ package() { cd $pkgname-$pkgver make DESTDIR="$pkgdir" install } +md5sums=('3961103c1234c13a810f6a12e60c797f') diff --git a/extra/libxi/PKGBUILD b/extra/libxi/PKGBUILD index d65f5cee3..2188d0230 100644 --- a/extra/libxi/PKGBUILD +++ b/extra/libxi/PKGBUILD @@ -1,28 +1,42 @@ -# $Id: PKGBUILD 182037 2013-04-05 19:09:17Z andyrtr $ +# $Id: PKGBUILD 188841 2013-06-22 12:22:10Z lcarlier $ # Maintainer: AndyRTR <andyrtr@archlinux.org> # Maintainer: Jan de Groot <jgc@archlinux.org> pkgname=libxi pkgver=1.7.1 -pkgrel=1 +pkgrel=2 pkgdesc="X11 Input extension library" arch=('i686' 'x86_64') url="http://xorg.freedesktop.org" depends=('libxext' 'inputproto') -makedepends=('pkgconfig' 'xorg-util-macros' 'libxfixes') +makedepends=('pkgconfig' 'xorg-util-macros' 'libxfixes' 'automake') options=(!libtool) license=('custom') -source=(${url}/releases/individual/lib/libXi-${pkgver}.tar.bz2) -sha256sums=('e92adb6b69c53c51e05c1e65db97e23751b935a693000fb0606c11b88c0066c5') +source=(${url}/releases/individual/lib/libXi-${pkgver}.tar.bz2 + git-fixes.diff) +sha256sums=('e92adb6b69c53c51e05c1e65db97e23751b935a693000fb0606c11b88c0066c5' + '23e10f8a8a078dd109acbd5a66fe62a45233d3a2368649d5114107a790594c07') + +prepare() { + cd "${srcdir}/libXi-${pkgver}" + + # fix CVE-2013-1998 CVE-2013-1984 CVE-2013-1995 merged upstream + patch -Np1 -i ${srcdir}/git-fixes.diff + + # a patch change configure.ac + autoreconf -fiv +} build() { cd "${srcdir}/libXi-${pkgver}" + ./configure --prefix=/usr --sysconfdir=/etc --disable-static make } package() { cd "${srcdir}/libXi-${pkgver}" + make DESTDIR="${pkgdir}" install install -m755 -d "${pkgdir}/usr/share/licenses/${pkgname}" diff --git a/extra/libxi/git-fixes.diff b/extra/libxi/git-fixes.diff new file mode 100644 index 000000000..4c542d980 --- /dev/null +++ b/extra/libxi/git-fixes.diff @@ -0,0 +1,1352 @@ +From bb82c72a1d69eaf60b7586570faf797df967f661 Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Mon, 29 Apr 2013 18:39:34 -0700 +Subject: [PATCH 01/15] Expand comment on the memory vs. reply ordering in + XIGetSelectedEvents() + +Unpacking from the wire involves un-interleaving the structs & masks, +which wasn't obvious to me the first time I read it, so make notes +before I forget again. + +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> +--- + src/XISelEv.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/src/XISelEv.c b/src/XISelEv.c +index fa7eb54..f871222 100644 +--- a/src/XISelEv.c ++++ b/src/XISelEv.c +@@ -135,8 +135,14 @@ XIGetSelectedEvents(Display* dpy, Window win, int *num_masks_return) + + _XRead(dpy, (char*)mask_in, reply.length * 4); + +- /* Memory layout of the XIEventMask for a 3 mask reply: +- * [struct a][struct b][struct c][masks a][masks b][masks c] ++ /* ++ * This function takes interleaved xXIEventMask structs & masks off ++ * the wire, such as this 3 mask reply: ++ * [struct a][masks a][struct b][masks b][struct c][masks c] ++ * And generates a memory buffer to be returned to callers in which ++ * they are not interleaved, so that callers can treat the returned ++ * pointer as a simple array of XIEventMask structs, such as: ++ * [struct a][struct b][struct c][masks a][masks b][masks c] + */ + len = reply.num_masks * sizeof(XIEventMask); + +-- +1.8.3.1 + + +From 5d43d4914dcabb6de69859567061e99300e56ef4 Mon Sep 17 00:00:00 2001 +From: Peter Hutterer <peter.hutterer@who-t.net> +Date: Fri, 17 May 2013 09:07:44 +1000 +Subject: [PATCH 02/15] Copy the sequence number into the target event too + (#64687) + +X.Org Bug 64687 <http://bugs.freedesktop.org/show_bug.cgi?id=64687> + +Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> +Reviewed-by: Jasper St. Pierre <jstpierre@mecheye.net> +--- + src/XExtInt.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/src/XExtInt.c b/src/XExtInt.c +index 507573b..8e19b97 100644 +--- a/src/XExtInt.c ++++ b/src/XExtInt.c +@@ -915,6 +915,7 @@ static void xge_copy_to_cookie(xGenericEvent* ev, + cookie->type = ev->type; + cookie->evtype = ev->evtype; + cookie->extension = ev->extension; ++ cookie->serial = ev->sequenceNumber; + } + + static Bool +@@ -1521,6 +1522,7 @@ wireToDeviceEvent(xXIDeviceEvent *in, XGenericEventCookie* cookie) + out = next_block(&ptr_lib, sizeof(XIDeviceEvent)); + out->display = cookie->display; + out->type = in->type; ++ out->serial = in->sequenceNumber; + out->extension = in->extension; + out->evtype = in->evtype; + out->send_event = ((in->type & 0x80) != 0); +@@ -1793,6 +1795,7 @@ wireToDeviceChangedEvent(xXIDeviceChangedEvent *in, XGenericEventCookie *cookie) + cookie->data = out = malloc(sizeof(XIDeviceChangedEvent) + len); + + out->type = in->type; ++ out->serial = in->sequenceNumber; + out->display = cookie->display; + out->extension = in->extension; + out->evtype = in->evtype; +@@ -1825,6 +1828,7 @@ wireToHierarchyChangedEvent(xXIHierarchyEvent *in, XGenericEventCookie *cookie) + out->info = (XIHierarchyInfo*)&out[1]; + out->display = cookie->display; + out->type = in->type; ++ out->serial = in->sequenceNumber; + out->extension = in->extension; + out->evtype = in->evtype; + out->send_event = ((in->type & 0x80) != 0); +@@ -1865,6 +1869,7 @@ wireToRawEvent(XExtDisplayInfo *info, xXIRawEvent *in, XGenericEventCookie *cook + + out = next_block(&ptr, sizeof(XIRawEvent)); + out->type = in->type; ++ out->serial = in->sequenceNumber; + out->display = cookie->display; + out->extension = in->extension; + out->evtype = in->evtype; +@@ -1915,6 +1920,7 @@ wireToEnterLeave(xXIEnterEvent *in, XGenericEventCookie *cookie) + out->buttons.mask = (unsigned char*)&out[1]; + + out->type = in->type; ++ out->serial = in->sequenceNumber; + out->display = cookie->display; + out->extension = in->extension; + out->evtype = in->evtype; +@@ -1957,6 +1963,7 @@ wireToPropertyEvent(xXIPropertyEvent *in, XGenericEventCookie *cookie) + cookie->data = out; + + out->type = in->type; ++ out->serial = in->sequenceNumber; + out->extension = in->extension; + out->evtype = in->evtype; + out->send_event = ((in->type & 0x80) != 0); +@@ -1977,6 +1984,7 @@ wireToTouchOwnershipEvent(xXITouchOwnershipEvent *in, + cookie->data = out; + + out->type = in->type; ++ out->serial = in->sequenceNumber; + out->display = cookie->display; + out->extension = in->extension; + out->evtype = in->evtype; +@@ -2004,6 +2012,7 @@ wireToBarrierEvent(xXIBarrierEvent *in, XGenericEventCookie *cookie) + + out->display = cookie->display; + out->type = in->type; ++ out->serial = in->sequenceNumber; + out->extension = in->extension; + out->evtype = in->evtype; + out->send_event = ((in->type & 0x80) != 0); +-- +1.8.3.1 + + +From 59b8e1388a687f871831ac5a9e0ac11de75e2516 Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Wed, 1 May 2013 23:58:39 -0700 +Subject: [PATCH 03/15] Use _XEatDataWords to avoid overflow of rep.length bit + shifting + +rep.length is a CARD32, so rep.length << 2 could overflow in 32-bit builds + +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> +--- + configure.ac | 6 ++++++ + src/XGMotion.c | 2 +- + src/XGetDCtl.c | 2 +- + src/XGetDProp.c | 5 ++--- + src/XGetFCtl.c | 2 +- + src/XGetKMap.c | 2 +- + src/XGetMMap.c | 2 +- + src/XGetProp.c | 4 +--- + src/XGtSelect.c | 2 +- + src/XIProperties.c | 7 +++---- + src/XIint.h | 14 ++++++++++++++ + src/XListDProp.c | 2 +- + src/XListDev.c | 2 +- + src/XOpenDev.c | 2 +- + src/XQueryDv.c | 2 +- + 15 files changed, 36 insertions(+), 20 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 8dbca38..f5ef1e2 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -31,6 +31,12 @@ PKG_CHECK_MODULES(XI, [xproto >= 7.0.13] [x11 >= 1.4.99.1] [xextproto >= 7.0.3] + # CFLAGS only for PointerBarrier typedef + PKG_CHECK_MODULES(XFIXES, [xfixes >= 5]) + ++# Check for _XEatDataWords function that may be patched into older Xlib releases ++SAVE_LIBS="$LIBS" ++LIBS="$XI_LIBS" ++AC_CHECK_FUNCS([_XEatDataWords]) ++LIBS="$SAVE_LIBS" ++ + # Check for xmlto and asciidoc for man page conversion + # (only needed by people building tarballs) + if test "$have_xmlto" = yes && test "$have_asciidoc" = yes; then +diff --git a/src/XGMotion.c b/src/XGMotion.c +index 99b1c44..5feac85 100644 +--- a/src/XGMotion.c ++++ b/src/XGMotion.c +@@ -112,7 +112,7 @@ XGetDeviceMotionEvents( + Xfree(bufp); + Xfree(savp); + *nEvents = 0; +- _XEatData(dpy, (unsigned long)size); ++ _XEatDataWords(dpy, rep.length); + UnlockDisplay(dpy); + SyncHandle(); + return (NULL); +diff --git a/src/XGetDCtl.c b/src/XGetDCtl.c +index c66212d..f73a4e8 100644 +--- a/src/XGetDCtl.c ++++ b/src/XGetDCtl.c +@@ -95,7 +95,7 @@ XGetDeviceControl( + nbytes = (long)rep.length << 2; + d = (xDeviceState *) Xmalloc((unsigned)nbytes); + if (!d) { +- _XEatData(dpy, (unsigned long)nbytes); ++ _XEatDataWords(dpy, rep.length); + goto out; + } + sav = d; +diff --git a/src/XGetDProp.c b/src/XGetDProp.c +index 5d44f91..f9e8f0c 100644 +--- a/src/XGetDProp.c ++++ b/src/XGetDProp.c +@@ -112,14 +112,13 @@ XGetDeviceProperty(Display* dpy, XDevice* dev, + * This part of the code should never be reached. If it is, + * the server sent back a property with an invalid format. + */ +- nbytes = rep.length << 2; +- _XEatData(dpy, (unsigned long) nbytes); ++ _XEatDataWords(dpy, rep.length); + UnlockDisplay(dpy); + SyncHandle(); + return(BadImplementation); + } + if (! *prop) { +- _XEatData(dpy, (unsigned long) nbytes); ++ _XEatDataWords(dpy, rep.length); + UnlockDisplay(dpy); + SyncHandle(); + return(BadAlloc); +diff --git a/src/XGetFCtl.c b/src/XGetFCtl.c +index 43afa00..28fab4d 100644 +--- a/src/XGetFCtl.c ++++ b/src/XGetFCtl.c +@@ -95,7 +95,7 @@ XGetFeedbackControl( + nbytes = (long)rep.length << 2; + f = (xFeedbackState *) Xmalloc((unsigned)nbytes); + if (!f) { +- _XEatData(dpy, (unsigned long)nbytes); ++ _XEatDataWords(dpy, rep.length); + goto out; + } + sav = f; +diff --git a/src/XGetKMap.c b/src/XGetKMap.c +index 9431fbb..00dde06 100644 +--- a/src/XGetKMap.c ++++ b/src/XGetKMap.c +@@ -99,7 +99,7 @@ XGetDeviceKeyMapping(register Display * dpy, XDevice * dev, + if (mapping) + _XRead(dpy, (char *)mapping, nbytes); + else +- _XEatData(dpy, (unsigned long)nbytes); ++ _XEatDataWords(dpy, rep.length); + } + + UnlockDisplay(dpy); +diff --git a/src/XGetMMap.c b/src/XGetMMap.c +index 8a1cdb2..ce10c2d 100644 +--- a/src/XGetMMap.c ++++ b/src/XGetMMap.c +@@ -92,7 +92,7 @@ XGetDeviceModifierMapping( + if (res->modifiermap) + _XReadPad(dpy, (char *)res->modifiermap, nbytes); + else +- _XEatData(dpy, (unsigned long)nbytes); ++ _XEatDataWords(dpy, rep.length); + res->max_keypermod = rep.numKeyPerModifier; + } + +diff --git a/src/XGetProp.c b/src/XGetProp.c +index c5d088b..34bc581 100644 +--- a/src/XGetProp.c ++++ b/src/XGetProp.c +@@ -68,7 +68,6 @@ XGetDeviceDontPropagateList( + int *count) + { + XEventClass *list = NULL; +- int rlen; + xGetDeviceDontPropagateListReq *req; + xGetDeviceDontPropagateListReply rep; + XExtDisplayInfo *info = XInput_find_display(dpy); +@@ -90,7 +89,6 @@ XGetDeviceDontPropagateList( + *count = rep.count; + + if (*count) { +- rlen = rep.length << 2; + list = (XEventClass *) Xmalloc(rep.length * sizeof(XEventClass)); + if (list) { + int i; +@@ -105,7 +103,7 @@ XGetDeviceDontPropagateList( + list[i] = (XEventClass) ec; + } + } else +- _XEatData(dpy, (unsigned long)rlen); ++ _XEatDataWords(dpy, rep.length); + } + + UnlockDisplay(dpy); +diff --git a/src/XGtSelect.c b/src/XGtSelect.c +index f890db7..5c0f812 100644 +--- a/src/XGtSelect.c ++++ b/src/XGtSelect.c +@@ -104,7 +104,7 @@ XGetSelectedExtensionEvents( + (XEventClass *) Xmalloc(*this_client_count * + sizeof(XEventClass)); + if (!*this_client_list) { +- _XEatData(dpy, (unsigned long)tlen + alen); ++ _XEatDataWords(dpy, rep.length); + UnlockDisplay(dpy); + SyncHandle(); + return (Success); +diff --git a/src/XIProperties.c b/src/XIProperties.c +index 83a7a68..5e58fb6 100644 +--- a/src/XIProperties.c ++++ b/src/XIProperties.c +@@ -64,7 +64,7 @@ XIListProperties(Display* dpy, int deviceid, int *num_props_return) + props = (Atom*)Xmalloc(rep.num_properties * sizeof(Atom)); + if (!props) + { +- _XEatData(dpy, rep.num_properties << 2); ++ _XEatDataWords(dpy, rep.length); + goto cleanup; + } + +@@ -203,8 +203,7 @@ XIGetProperty(Display* dpy, int deviceid, Atom property, long offset, + * This part of the code should never be reached. If it is, + * the server sent back a property with an invalid format. + */ +- nbytes = rep.length << 2; +- _XEatData(dpy, nbytes); ++ _XEatDataWords(dpy, rep.length); + UnlockDisplay(dpy); + SyncHandle(); + return(BadImplementation); +@@ -222,7 +221,7 @@ XIGetProperty(Display* dpy, int deviceid, Atom property, long offset, + *data = Xmalloc(rbytes); + + if (!(*data)) { +- _XEatData(dpy, nbytes); ++ _XEatDataWords(dpy, rep.length); + UnlockDisplay(dpy); + SyncHandle(); + return(BadAlloc); +diff --git a/src/XIint.h b/src/XIint.h +index 571bb23..3ddc3c5 100644 +--- a/src/XIint.h ++++ b/src/XIint.h +@@ -83,4 +83,18 @@ next_block(void **ptr, int size) { + return ret; + } + ++#ifndef HAVE__XEATDATAWORDS ++#include <X11/Xmd.h> /* for LONG64 on 64-bit platforms */ ++#include <limits.h> ++ ++static inline void _XEatDataWords(Display *dpy, unsigned long n) ++{ ++# ifndef LONG64 ++ if (n >= (ULONG_MAX >> 2)) ++ _XIOError(dpy); ++# endif ++ _XEatData (dpy, n << 2); ++} ++#endif ++ + #endif +diff --git a/src/XListDProp.c b/src/XListDProp.c +index 8667350..bde6cb5 100644 +--- a/src/XListDProp.c ++++ b/src/XListDProp.c +@@ -65,7 +65,7 @@ XListDeviceProperties(Display* dpy, XDevice* dev, int *nprops_return) + props = (Atom*)Xmalloc(rep.nAtoms * sizeof(Atom)); + if (!props) + { +- _XEatData(dpy, rep.nAtoms << 2); ++ _XEatDataWords(dpy, rep.length); + goto cleanup; + } + +diff --git a/src/XListDev.c b/src/XListDev.c +index bd6e70a..1fa4747 100644 +--- a/src/XListDev.c ++++ b/src/XListDev.c +@@ -202,7 +202,7 @@ XListInputDevices( + list = (xDeviceInfo *) Xmalloc(rlen); + slist = list; + if (!slist) { +- _XEatData(dpy, (unsigned long)rlen); ++ _XEatDataWords(dpy, rep.length); + UnlockDisplay(dpy); + SyncHandle(); + return (XDeviceInfo *) NULL; +diff --git a/src/XOpenDev.c b/src/XOpenDev.c +index 74f18ac..e784f8b 100644 +--- a/src/XOpenDev.c ++++ b/src/XOpenDev.c +@@ -101,7 +101,7 @@ XOpenDevice( + if (rlen - dlen > 0) + _XEatData(dpy, (unsigned long)rlen - dlen); + } else +- _XEatData(dpy, (unsigned long)rlen); ++ _XEatDataWords(dpy, rep.length); + + UnlockDisplay(dpy); + SyncHandle(); +diff --git a/src/XQueryDv.c b/src/XQueryDv.c +index 24d4e4e..69c285b 100644 +--- a/src/XQueryDv.c ++++ b/src/XQueryDv.c +@@ -91,7 +91,7 @@ XQueryDeviceState( + if (rlen > 0) { + data = Xmalloc(rlen); + if (!data) { +- _XEatData(dpy, (unsigned long)rlen); ++ _XEatDataWords(dpy, rep.length); + goto out; + } + _XRead(dpy, data, rlen); +-- +1.8.3.1 + + +From f3e08e4fbe40016484ba795feecf1a742170ffc1 Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Sat, 9 Mar 2013 22:26:52 -0800 +Subject: [PATCH 04/15] Stack buffer overflow in XGetDeviceButtonMapping() + [CVE-2013-1998 1/3] + +We copy the entire reply sent by the server into the fixed size +mapping[] array on the stack, even if the server says it's a larger +size than the mapping array can hold. HULK SMASH STACK! + +Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> +--- + src/XGetBMap.c | 21 +++++++++++++-------- + 1 file changed, 13 insertions(+), 8 deletions(-) + +diff --git a/src/XGetBMap.c b/src/XGetBMap.c +index 211c9ca..002daba 100644 +--- a/src/XGetBMap.c ++++ b/src/XGetBMap.c +@@ -60,6 +60,7 @@ SOFTWARE. + #include <X11/extensions/XInput.h> + #include <X11/extensions/extutil.h> + #include "XIint.h" ++#include <limits.h> + + #ifdef MIN /* some systems define this in <sys/param.h> */ + #undef MIN +@@ -75,7 +76,6 @@ XGetDeviceButtonMapping( + { + int status = 0; + unsigned char mapping[256]; /* known fixed size */ +- long nbytes; + XExtDisplayInfo *info = XInput_find_display(dpy); + + register xGetDeviceButtonMappingReq *req; +@@ -92,13 +92,18 @@ XGetDeviceButtonMapping( + + status = _XReply(dpy, (xReply *) & rep, 0, xFalse); + if (status == 1) { +- nbytes = (long)rep.length << 2; +- _XRead(dpy, (char *)mapping, nbytes); +- +- /* don't return more data than the user asked for. */ +- if (rep.nElts) +- memcpy((char *)map, (char *)mapping, MIN((int)rep.nElts, nmap)); +- status = rep.nElts; ++ if (rep.length <= (sizeof(mapping) >> 2)) { ++ unsigned long nbytes = rep.length << 2; ++ _XRead(dpy, (char *)mapping, nbytes); ++ ++ /* don't return more data than the user asked for. */ ++ if (rep.nElts) ++ memcpy(map, mapping, MIN((int)rep.nElts, nmap)); ++ status = rep.nElts; ++ } else { ++ _XEatDataWords(dpy, rep.length); ++ status = 0; ++ } + } else + status = 0; + UnlockDisplay(dpy); +-- +1.8.3.1 + + +From 91434737f592e8f5cc1762383882a582b55fc03a Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Sat, 9 Mar 2013 23:37:23 -0800 +Subject: [PATCH 05/15] memory corruption in _XIPassiveGrabDevice() + [CVE-2013-1998 2/3] + +If the server returned more modifiers than the caller asked for, +we'd just keep copying past the end of the array provided by the +caller, writing over who-knows-what happened to be there. + +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> +--- + src/XIPassiveGrab.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/XIPassiveGrab.c b/src/XIPassiveGrab.c +index ac17c01..53b4084 100644 +--- a/src/XIPassiveGrab.c ++++ b/src/XIPassiveGrab.c +@@ -88,7 +88,7 @@ _XIPassiveGrabDevice(Display* dpy, int deviceid, int grabtype, int detail, + return -1; + _XRead(dpy, (char*)failed_mods, reply.num_modifiers * sizeof(xXIGrabModifierInfo)); + +- for (i = 0; i < reply.num_modifiers; i++) ++ for (i = 0; i < reply.num_modifiers && i < num_modifiers; i++) + { + modifiers_inout[i].status = failed_mods[i].status; + modifiers_inout[i].modifiers = failed_mods[i].modifiers; +-- +1.8.3.1 + + +From 5398ac0797f7516f2c9b8f2869a6c6d071437352 Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Fri, 26 Apr 2013 22:48:36 -0700 +Subject: [PATCH 06/15] unvalidated lengths in XQueryDeviceState() + [CVE-2013-1998 3/3] + +If the lengths given for each class state in the reply add up to more +than the rep.length, we could read past the end of the buffer allocated +to hold the data read from the server. + +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> +--- + src/XQueryDv.c | 17 ++++++++++++----- + 1 file changed, 12 insertions(+), 5 deletions(-) + +diff --git a/src/XQueryDv.c b/src/XQueryDv.c +index 69c285b..3836777 100644 +--- a/src/XQueryDv.c ++++ b/src/XQueryDv.c +@@ -59,6 +59,7 @@ SOFTWARE. + #include <X11/extensions/XInput.h> + #include <X11/extensions/extutil.h> + #include "XIint.h" ++#include <limits.h> + + XDeviceState * + XQueryDeviceState( +@@ -66,8 +67,8 @@ XQueryDeviceState( + XDevice *dev) + { + int i, j; +- int rlen; +- int size = 0; ++ unsigned long rlen; ++ size_t size = 0; + xQueryDeviceStateReq *req; + xQueryDeviceStateReply rep; + XDeviceState *state = NULL; +@@ -87,9 +88,11 @@ XQueryDeviceState( + if (!_XReply(dpy, (xReply *) & rep, 0, xFalse)) + goto out; + +- rlen = rep.length << 2; +- if (rlen > 0) { +- data = Xmalloc(rlen); ++ if (rep.length > 0) { ++ if (rep.length < (INT_MAX >> 2)) { ++ rlen = (unsigned long) rep.length << 2; ++ data = Xmalloc(rlen); ++ } + if (!data) { + _XEatDataWords(dpy, rep.length); + goto out; +@@ -97,6 +100,10 @@ XQueryDeviceState( + _XRead(dpy, data, rlen); + + for (i = 0, any = (XInputClass *) data; i < (int)rep.num_classes; i++) { ++ if (any->length > rlen) ++ goto out; ++ rlen -= any->length; ++ + switch (any->class) { + case KeyClass: + size += sizeof(XKeyState); +-- +1.8.3.1 + + +From b0b13c12a8079a5a0e7f43b2b8983699057b2cec Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Sat, 9 Mar 2013 22:55:23 -0800 +Subject: [PATCH 07/15] integer overflow in XGetDeviceControl() [CVE-2013-1984 + 1/8] + +If the number of valuators reported by the server is large enough that +it overflows when multiplied by the size of the appropriate struct, then +memory corruption can occur when more bytes are copied from the X server +reply than the size of the buffer we allocated to hold them. + +v2: check that reply size fits inside the data read from the server, so +we don't read out of bounds either + +Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> +--- + src/XGetDCtl.c | 31 ++++++++++++++++++++++++------- + 1 file changed, 24 insertions(+), 7 deletions(-) + +diff --git a/src/XGetDCtl.c b/src/XGetDCtl.c +index f73a4e8..51ed0ae 100644 +--- a/src/XGetDCtl.c ++++ b/src/XGetDCtl.c +@@ -61,6 +61,7 @@ SOFTWARE. + #include <X11/extensions/XInput.h> + #include <X11/extensions/extutil.h> + #include "XIint.h" ++#include <limits.h> + + XDeviceControl * + XGetDeviceControl( +@@ -68,8 +69,6 @@ XGetDeviceControl( + XDevice *dev, + int control) + { +- int size = 0; +- int nbytes, i; + XDeviceControl *Device = NULL; + XDeviceControl *Sav = NULL; + xDeviceState *d = NULL; +@@ -92,8 +91,12 @@ XGetDeviceControl( + goto out; + + if (rep.length > 0) { +- nbytes = (long)rep.length << 2; +- d = (xDeviceState *) Xmalloc((unsigned)nbytes); ++ unsigned long nbytes; ++ size_t size = 0; ++ if (rep.length < (INT_MAX >> 2)) { ++ nbytes = (unsigned long) rep.length << 2; ++ d = Xmalloc(nbytes); ++ } + if (!d) { + _XEatDataWords(dpy, rep.length); + goto out; +@@ -111,33 +114,46 @@ XGetDeviceControl( + case DEVICE_RESOLUTION: + { + xDeviceResolutionState *r; ++ size_t val_size; + + r = (xDeviceResolutionState *) d; +- size += sizeof(XDeviceResolutionState) + +- (3 * sizeof(int) * r->num_valuators); ++ if (r->num_valuators >= (INT_MAX / (3 * sizeof(int)))) ++ goto out; ++ val_size = 3 * sizeof(int) * r->num_valuators; ++ if ((sizeof(xDeviceResolutionState) + val_size) > nbytes) ++ goto out; ++ size += sizeof(XDeviceResolutionState) + val_size; + break; + } + case DEVICE_ABS_CALIB: + { ++ if (sizeof(xDeviceAbsCalibState) > nbytes) ++ goto out; + size += sizeof(XDeviceAbsCalibState); + break; + } + case DEVICE_ABS_AREA: + { ++ if (sizeof(xDeviceAbsAreaState) > nbytes) ++ goto out; + size += sizeof(XDeviceAbsAreaState); + break; + } + case DEVICE_CORE: + { ++ if (sizeof(xDeviceCoreState) > nbytes) ++ goto out; + size += sizeof(XDeviceCoreState); + break; + } + default: ++ if (d->length > nbytes) ++ goto out; + size += d->length; + break; + } + +- Device = (XDeviceControl *) Xmalloc((unsigned)size); ++ Device = Xmalloc(size); + if (!Device) + goto out; + +@@ -150,6 +166,7 @@ XGetDeviceControl( + int *iptr, *iptr2; + xDeviceResolutionState *r; + XDeviceResolutionState *R; ++ unsigned int i; + + r = (xDeviceResolutionState *) d; + R = (XDeviceResolutionState *) Device; +-- +1.8.3.1 + + +From 322ee3576789380222d4403366e4fd12fb24cb6a Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Sat, 9 Mar 2013 22:55:23 -0800 +Subject: [PATCH 08/15] integer overflow in XGetFeedbackControl() + [CVE-2013-1984 2/8] + +If the number of feedbacks reported by the server is large enough that +it overflows when multiplied by the size of the appropriate struct, or +if the total size of all the feedback structures overflows when added +together, then memory corruption can occur when more bytes are copied from +the X server reply than the size of the buffer we allocated to hold them. + +v2: check that reply size fits inside the data read from the server, so + we don't read out of bounds either + +Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> +--- + src/XGetFCtl.c | 24 +++++++++++++++++++----- + 1 file changed, 19 insertions(+), 5 deletions(-) + +diff --git a/src/XGetFCtl.c b/src/XGetFCtl.c +index 28fab4d..bb50bf3 100644 +--- a/src/XGetFCtl.c ++++ b/src/XGetFCtl.c +@@ -61,6 +61,7 @@ SOFTWARE. + #include <X11/extensions/XInput.h> + #include <X11/extensions/extutil.h> + #include "XIint.h" ++#include <limits.h> + + XFeedbackState * + XGetFeedbackControl( +@@ -68,8 +69,6 @@ XGetFeedbackControl( + XDevice *dev, + int *num_feedbacks) + { +- int size = 0; +- int nbytes, i; + XFeedbackState *Feedback = NULL; + XFeedbackState *Sav = NULL; + xFeedbackState *f = NULL; +@@ -91,9 +90,16 @@ XGetFeedbackControl( + goto out; + + if (rep.length > 0) { ++ unsigned long nbytes; ++ size_t size = 0; ++ int i; ++ + *num_feedbacks = rep.num_feedbacks; +- nbytes = (long)rep.length << 2; +- f = (xFeedbackState *) Xmalloc((unsigned)nbytes); ++ ++ if (rep.length < (INT_MAX >> 2)) { ++ nbytes = rep.length << 2; ++ f = Xmalloc(nbytes); ++ } + if (!f) { + _XEatDataWords(dpy, rep.length); + goto out; +@@ -102,6 +108,10 @@ XGetFeedbackControl( + _XRead(dpy, (char *)f, nbytes); + + for (i = 0; i < *num_feedbacks; i++) { ++ if (f->length > nbytes) ++ goto out; ++ nbytes -= f->length; ++ + switch (f->class) { + case KbdFeedbackClass: + size += sizeof(XKbdFeedbackState); +@@ -116,6 +126,8 @@ XGetFeedbackControl( + { + xStringFeedbackState *strf = (xStringFeedbackState *) f; + ++ if (strf->num_syms_supported >= (INT_MAX / sizeof(KeySym))) ++ goto out; + size += sizeof(XStringFeedbackState) + + (strf->num_syms_supported * sizeof(KeySym)); + } +@@ -130,10 +142,12 @@ XGetFeedbackControl( + size += f->length; + break; + } ++ if (size > INT_MAX) ++ goto out; + f = (xFeedbackState *) ((char *)f + f->length); + } + +- Feedback = (XFeedbackState *) Xmalloc((unsigned)size); ++ Feedback = Xmalloc(size); + if (!Feedback) + goto out; + +-- +1.8.3.1 + + +From 6dd6dc51a2935c72774be81e5cc2ba2c30e9feff Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Sat, 9 Mar 2013 22:55:23 -0800 +Subject: [PATCH 09/15] integer overflow in XGetDeviceDontPropagateList() + [CVE-2013-1984 3/8] + +If the number of event classes reported by the server is large enough +that it overflows when multiplied by the size of the appropriate struct, +then memory corruption can occur when more bytes are copied from the +X server reply than the size of the buffer we allocated to hold them. + +V2: EatData if count is 0 but length is > 0 to avoid XIOErrors + +Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> +--- + src/XGetProp.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/src/XGetProp.c b/src/XGetProp.c +index 34bc581..b49328c 100644 +--- a/src/XGetProp.c ++++ b/src/XGetProp.c +@@ -60,6 +60,7 @@ SOFTWARE. + #include <X11/extensions/XInput.h> + #include <X11/extensions/extutil.h> + #include "XIint.h" ++#include <limits.h> + + XEventClass * + XGetDeviceDontPropagateList( +@@ -88,10 +89,11 @@ XGetDeviceDontPropagateList( + } + *count = rep.count; + +- if (*count) { +- list = (XEventClass *) Xmalloc(rep.length * sizeof(XEventClass)); ++ if (rep.length != 0) { ++ if ((rep.count != 0) && (rep.length < (INT_MAX / sizeof(XEventClass)))) ++ list = Xmalloc(rep.length * sizeof(XEventClass)); + if (list) { +- int i; ++ unsigned int i; + CARD32 ec; + + /* read and assign each XEventClass separately because +-- +1.8.3.1 + + +From bb922ed4253b35590f0369f32a917ff89ade0830 Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Sat, 9 Mar 2013 22:55:23 -0800 +Subject: [PATCH 10/15] integer overflow in XGetDeviceMotionEvents() + [CVE-2013-1984 4/8] + +If the number of events or axes reported by the server is large enough +that it overflows when multiplied by the size of the appropriate struct, +then memory corruption can occur when more bytes are copied from the +X server reply than the size of the buffer we allocated to hold them. + +Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> +--- + src/XGMotion.c | 22 +++++++++++++++++----- + 1 file changed, 17 insertions(+), 5 deletions(-) + +diff --git a/src/XGMotion.c b/src/XGMotion.c +index 5feac85..a4c75b6 100644 +--- a/src/XGMotion.c ++++ b/src/XGMotion.c +@@ -59,6 +59,7 @@ SOFTWARE. + #include <X11/extensions/XInput.h> + #include <X11/extensions/extutil.h> + #include "XIint.h" ++#include <limits.h> + + XDeviceTimeCoord * + XGetDeviceMotionEvents( +@@ -74,7 +75,7 @@ XGetDeviceMotionEvents( + xGetDeviceMotionEventsReply rep; + XDeviceTimeCoord *tc; + int *data, *bufp, *readp, *savp; +- long size, size2; ++ unsigned long size; + int i, j; + XExtDisplayInfo *info = XInput_find_display(dpy); + +@@ -104,10 +105,21 @@ XGetDeviceMotionEvents( + SyncHandle(); + return (NULL); + } +- size = rep.length << 2; +- size2 = rep.nEvents * (sizeof(XDeviceTimeCoord) + (rep.axes * sizeof(int))); +- savp = readp = (int *)Xmalloc(size); +- bufp = (int *)Xmalloc(size2); ++ if (rep.length < (INT_MAX >> 2)) { ++ size = rep.length << 2; ++ savp = readp = Xmalloc(size); ++ } else { ++ size = 0; ++ savp = readp = NULL; ++ } ++ /* rep.axes is a CARD8, so assume max number of axes for bounds check */ ++ if (rep.nEvents < ++ (INT_MAX / (sizeof(XDeviceTimeCoord) + (UCHAR_MAX * sizeof(int))))) { ++ size_t bsize = rep.nEvents * ++ (sizeof(XDeviceTimeCoord) + (rep.axes * sizeof(int))); ++ bufp = Xmalloc(bsize); ++ } else ++ bufp = NULL; + if (!bufp || !savp) { + Xfree(bufp); + Xfree(savp); +-- +1.8.3.1 + + +From 242f92b490a695fbab244af5bad11b71f897c732 Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Sat, 9 Mar 2013 22:55:23 -0800 +Subject: [PATCH 11/15] integer overflow in XIGetProperty() [CVE-2013-1984 5/8] + +If the number of items reported by the server is large enough that +it overflows when multiplied by the size of the appropriate item type, +then memory corruption can occur when more bytes are copied from the +X server reply than the size of the buffer we allocated to hold them. + +Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> +--- + src/XIProperties.c | 11 +++++++---- + 1 file changed, 7 insertions(+), 4 deletions(-) + +diff --git a/src/XIProperties.c b/src/XIProperties.c +index 5e58fb6..32436d1 100644 +--- a/src/XIProperties.c ++++ b/src/XIProperties.c +@@ -38,6 +38,7 @@ + #include <X11/extensions/XInput2.h> + #include <X11/extensions/extutil.h> + #include "XIint.h" ++#include <limits.h> + + Atom* + XIListProperties(Display* dpy, int deviceid, int *num_props_return) +@@ -170,7 +171,7 @@ XIGetProperty(Display* dpy, int deviceid, Atom property, long offset, + { + xXIGetPropertyReq *req; + xXIGetPropertyReply rep; +- long nbytes, rbytes; ++ unsigned long nbytes, rbytes; + + XExtDisplayInfo *info = XInput_find_display(dpy); + +@@ -216,9 +217,11 @@ XIGetProperty(Display* dpy, int deviceid, Atom property, long offset, + * recopy the string to make it null terminated. + */ + +- nbytes = rep.num_items * rep.format/8; +- rbytes = nbytes + 1; +- *data = Xmalloc(rbytes); ++ if (rep.num_items < (INT_MAX / (rep.format/8))) { ++ nbytes = rep.num_items * rep.format/8; ++ rbytes = nbytes + 1; ++ *data = Xmalloc(rbytes); ++ } + + if (!(*data)) { + _XEatDataWords(dpy, rep.length); +-- +1.8.3.1 + + +From 528419b9ef437e7eeafb41bf45e8ff7d818bd845 Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Sat, 9 Mar 2013 22:55:23 -0800 +Subject: [PATCH 12/15] integer overflow in XIGetSelectedEvents() + [CVE-2013-1984 6/8] + +If the number of events or masks reported by the server is large enough +that it overflows when multiplied by the size of the appropriate struct, +or the sizes overflow as they are totaled up, then memory corruption can +occur when more bytes are copied from the X server reply than the size +of the buffer we allocated to hold them. + +v2: check that reply size fits inside the data read from the server, + so that we don't read out of bounds either + +Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> +--- + src/XISelEv.c | 25 +++++++++++++++++++------ + 1 file changed, 19 insertions(+), 6 deletions(-) + +diff --git a/src/XISelEv.c b/src/XISelEv.c +index f871222..0471bef 100644 +--- a/src/XISelEv.c ++++ b/src/XISelEv.c +@@ -42,6 +42,7 @@ in this Software without prior written authorization from the author. + #include <X11/extensions/ge.h> + #include <X11/extensions/geproto.h> + #include "XIint.h" ++#include <limits.h> + + int + XISelectEvents(Display* dpy, Window win, XIEventMask* masks, int num_masks) +@@ -101,13 +102,14 @@ out: + XIEventMask* + XIGetSelectedEvents(Display* dpy, Window win, int *num_masks_return) + { +- int i, len = 0; ++ unsigned int i, len = 0; + unsigned char *mask; + XIEventMask *mask_out = NULL; + xXIEventMask *mask_in = NULL, *mi; + xXIGetSelectedEventsReq *req; + xXIGetSelectedEventsReply reply; + XExtDisplayInfo *info = XInput_find_display(dpy); ++ size_t rbytes; + + *num_masks_return = -1; + LockDisplay(dpy); +@@ -129,11 +131,16 @@ XIGetSelectedEvents(Display* dpy, Window win, int *num_masks_return) + goto out; + } + +- mask_in = Xmalloc(reply.length * 4); +- if (!mask_in) ++ if (reply.length < (INT_MAX >> 2)) { ++ rbytes = (unsigned long) reply.length << 2; ++ mask_in = Xmalloc(rbytes); ++ } ++ if (!mask_in) { ++ _XEatDataWords(dpy, reply.length); + goto out; ++ } + +- _XRead(dpy, (char*)mask_in, reply.length * 4); ++ _XRead(dpy, (char*)mask_in, rbytes); + + /* + * This function takes interleaved xXIEventMask structs & masks off +@@ -148,8 +155,14 @@ XIGetSelectedEvents(Display* dpy, Window win, int *num_masks_return) + + for (i = 0, mi = mask_in; i < reply.num_masks; i++) + { +- len += mi->mask_len * 4; +- mi = (xXIEventMask*)((char*)mi + mi->mask_len * 4); ++ unsigned int mask_bytes = mi->mask_len * 4; ++ len += mask_bytes; ++ if (len > INT_MAX) ++ goto out; ++ if ((sizeof(xXIEventMask) + mask_bytes) > rbytes) ++ goto out; ++ rbytes -= (sizeof(xXIEventMask) + mask_bytes); ++ mi = (xXIEventMask*)((char*)mi + mask_bytes); + mi++; + } + +-- +1.8.3.1 + + +From 17071c1c608247800b2ca03a35b1fcc9c4cabe6c Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Sun, 10 Mar 2013 13:30:55 -0700 +Subject: [PATCH 13/15] Avoid integer overflow in XGetDeviceProperties() + [CVE-2013-1984 7/8] + +If the number of items as reported by the Xserver is too large, it +could overflow the calculation for the size of the buffer to copy the +reply into, causing memory corruption. + +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> +--- + src/XGetDProp.c | 61 ++++++++++++++++++++++++++++++++++----------------------- + 1 file changed, 37 insertions(+), 24 deletions(-) + +diff --git a/src/XGetDProp.c b/src/XGetDProp.c +index f9e8f0c..3691122 100644 +--- a/src/XGetDProp.c ++++ b/src/XGetDProp.c +@@ -38,6 +38,7 @@ in this Software without prior written authorization from the author. + #include <X11/extensions/XInput.h> + #include <X11/extensions/extutil.h> + #include "XIint.h" ++#include <limits.h> + + int + XGetDeviceProperty(Display* dpy, XDevice* dev, +@@ -48,7 +49,8 @@ XGetDeviceProperty(Display* dpy, XDevice* dev, + { + xGetDevicePropertyReq *req; + xGetDevicePropertyReply rep; +- long nbytes, rbytes; ++ unsigned long nbytes, rbytes; ++ int ret = Success; + + XExtDisplayInfo *info = XInput_find_display(dpy); + +@@ -81,30 +83,43 @@ XGetDeviceProperty(Display* dpy, XDevice* dev, + * data, but this last byte is null terminated and convenient for + * returning string properties, so the client doesn't then have to + * recopy the string to make it null terminated. ++ * ++ * Maximum item limits are set to both prevent integer overflow when ++ * calculating the amount of memory to malloc, and to limit how much ++ * memory will be used if a server provides an insanely high count. + */ + switch (rep.format) { + case 8: +- nbytes = rep.nItems; +- rbytes = rep.nItems + 1; +- if (rbytes > 0 && +- (*prop = (unsigned char *) Xmalloc ((unsigned)rbytes))) +- _XReadPad (dpy, (char *) *prop, nbytes); ++ if (rep.nItems < INT_MAX) { ++ nbytes = rep.nItems; ++ rbytes = rep.nItems + 1; ++ if ((*prop = Xmalloc (rbytes))) ++ _XReadPad (dpy, (char *) *prop, nbytes); ++ else ++ ret = BadAlloc; ++ } + break; + + case 16: +- nbytes = rep.nItems << 1; +- rbytes = rep.nItems * sizeof (short) + 1; +- if (rbytes > 0 && +- (*prop = (unsigned char *) Xmalloc ((unsigned)rbytes))) +- _XRead16Pad (dpy, (short *) *prop, nbytes); ++ if (rep.nItems < (INT_MAX / sizeof (short))) { ++ nbytes = rep.nItems << 1; ++ rbytes = rep.nItems * sizeof (short) + 1; ++ if ((*prop = Xmalloc (rbytes))) ++ _XRead16Pad (dpy, (short *) *prop, nbytes); ++ else ++ ret = BadAlloc; ++ } + break; + + case 32: +- nbytes = rep.nItems << 2; +- rbytes = rep.nItems * sizeof (long) + 1; +- if (rbytes > 0 && +- (*prop = (unsigned char *) Xmalloc ((unsigned)rbytes))) +- _XRead32 (dpy, (long *) *prop, nbytes); ++ if (rep.nItems < (INT_MAX / sizeof (long))) { ++ nbytes = rep.nItems << 2; ++ rbytes = rep.nItems * sizeof (long) + 1; ++ if ((*prop = Xmalloc (rbytes))) ++ _XRead32 (dpy, (long *) *prop, nbytes); ++ else ++ ret = BadAlloc; ++ } + break; + + default: +@@ -112,16 +127,13 @@ XGetDeviceProperty(Display* dpy, XDevice* dev, + * This part of the code should never be reached. If it is, + * the server sent back a property with an invalid format. + */ +- _XEatDataWords(dpy, rep.length); +- UnlockDisplay(dpy); +- SyncHandle(); +- return(BadImplementation); ++ ret = BadImplementation; + } + if (! *prop) { + _XEatDataWords(dpy, rep.length); +- UnlockDisplay(dpy); +- SyncHandle(); +- return(BadAlloc); ++ if (ret == Success) ++ ret = BadAlloc; ++ goto out; + } + (*prop)[rbytes - 1] = '\0'; + } +@@ -130,9 +142,10 @@ XGetDeviceProperty(Display* dpy, XDevice* dev, + *actual_format = rep.format; + *nitems = rep.nItems; + *bytes_after = rep.bytesAfter; ++ out: + UnlockDisplay (dpy); + SyncHandle (); + +- return Success; ++ return ret; + } + +-- +1.8.3.1 + + +From ef82512288d8ca36ac0beeb289f158195b0a8cae Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Sun, 10 Mar 2013 00:22:14 -0800 +Subject: [PATCH 14/15] Avoid integer overflow in XListInputDevices() + [CVE-2013-1984 8/8] + +If the length of the reply as reported by the Xserver is too long, it +could overflow the calculation for the size of the buffer to copy the +reply into, causing memory corruption. + +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> +--- + src/XListDev.c | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +diff --git a/src/XListDev.c b/src/XListDev.c +index 1fa4747..1c14b96 100644 +--- a/src/XListDev.c ++++ b/src/XListDev.c +@@ -60,6 +60,7 @@ SOFTWARE. + #include <X11/extensions/XInput.h> + #include <X11/extensions/extutil.h> + #include "XIint.h" ++#include <limits.h> + + /* Calculate length field to a multiples of sizeof(XID). XIDs are typedefs + * to ulong and thus may be 8 bytes on some platforms. This can trigger a +@@ -179,7 +180,7 @@ XListInputDevices( + XAnyClassPtr Any; + char *nptr, *Nptr; + int i; +- long rlen; ++ unsigned long rlen; + XExtDisplayInfo *info = XInput_find_display(dpy); + + LockDisplay(dpy); +@@ -198,9 +199,10 @@ XListInputDevices( + + if ((*ndevices = rep.ndevices)) { /* at least 1 input device */ + size = *ndevices * sizeof(XDeviceInfo); +- rlen = rep.length << 2; /* multiply length by 4 */ +- list = (xDeviceInfo *) Xmalloc(rlen); +- slist = list; ++ if (rep.length < (INT_MAX >> 2)) { ++ rlen = rep.length << 2; /* multiply length by 4 */ ++ slist = list = Xmalloc(rlen); ++ } + if (!slist) { + _XEatDataWords(dpy, rep.length); + UnlockDisplay(dpy); +-- +1.8.3.1 + + +From 81b4df8ac6aa1520c41c3526961014a6f115cc46 Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Sun, 10 Mar 2013 00:16:22 -0800 +Subject: [PATCH 15/15] sign extension issue in XListInputDevices() + [CVE-2013-1995] + +nptr is (signed) char, which can be negative, and will sign extend +when added to the int size, which means size can be subtracted from, +leading to allocating too small a buffer to hold the data being copied +from the X server's reply. + +v2: check that string size fits inside the data read from the server, + so that we don't read out of bounds either + +Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> +--- + src/XListDev.c | 16 ++++++++++------ + 1 file changed, 10 insertions(+), 6 deletions(-) + +diff --git a/src/XListDev.c b/src/XListDev.c +index 1c14b96..b85ff3c 100644 +--- a/src/XListDev.c ++++ b/src/XListDev.c +@@ -73,7 +73,7 @@ static int pad_to_xid(int base_size) + return ((base_size + padsize - 1)/padsize) * padsize; + } + +-static int ++static size_t + SizeClassInfo(xAnyClassPtr *any, int num_classes) + { + int size = 0; +@@ -170,7 +170,7 @@ XListInputDevices( + register Display *dpy, + int *ndevices) + { +- int size; ++ size_t size; + xListInputDevicesReq *req; + xListInputDevicesReply rep; + xDeviceInfo *list, *slist = NULL; +@@ -178,7 +178,7 @@ XListInputDevices( + XDeviceInfo *clist = NULL; + xAnyClassPtr any, sav_any; + XAnyClassPtr Any; +- char *nptr, *Nptr; ++ unsigned char *nptr, *Nptr; + int i; + unsigned long rlen; + XExtDisplayInfo *info = XInput_find_display(dpy); +@@ -217,9 +217,12 @@ XListInputDevices( + size += SizeClassInfo(&any, (int)list->num_classes); + } + +- for (i = 0, nptr = (char *)any; i < *ndevices; i++) { ++ Nptr = ((unsigned char *)list) + rlen + 1; ++ for (i = 0, nptr = (unsigned char *)any; i < *ndevices; i++) { + size += *nptr + 1; + nptr += (*nptr + 1); ++ if (nptr > Nptr) ++ goto out; + } + + clist = (XDeviceInfoPtr) Xmalloc(size); +@@ -245,8 +248,8 @@ XListInputDevices( + } + + clist = sclist; +- nptr = (char *)any; +- Nptr = (char *)Any; ++ nptr = (unsigned char *)any; ++ Nptr = (unsigned char *)Any; + for (i = 0; i < *ndevices; i++, clist++) { + clist->name = (char *)Nptr; + memcpy(Nptr, nptr + 1, *nptr); +@@ -256,6 +259,7 @@ XListInputDevices( + } + } + ++ out: + XFree((char *)slist); + UnlockDisplay(dpy); + SyncHandle(); +-- +1.8.3.1 + diff --git a/extra/mesa/CVE-2013-1993.patch b/extra/mesa/CVE-2013-1993.patch new file mode 100644 index 000000000..00f723d35 --- /dev/null +++ b/extra/mesa/CVE-2013-1993.patch @@ -0,0 +1,82 @@ +From 80ac3b279e776b3d9f45a209e52c5bd34ba7e7df Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Fri, 26 Apr 2013 23:31:58 +0000 +Subject: integer overflow in XF86DRIOpenConnection() [CVE-2013-1993 1/2] + +busIdStringLength is a CARD32 and needs to be bounds checked before adding +one to it to come up with the total size to allocate, to avoid integer +overflow leading to underallocation and writing data from the network past +the end of the allocated buffer. + +NOTE: This is a candidate for stable release branches. + +Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Brian Paul <brianp@vmware.com> +(cherry picked from commit 2e5a268f18be30df15aed0b44b01a18a37fb5df4) +--- +diff --git a/src/glx/XF86dri.c b/src/glx/XF86dri.c +index b1cdc9b..8f53bd7 100644 +--- a/src/glx/XF86dri.c ++++ b/src/glx/XF86dri.c +@@ -43,6 +43,7 @@ SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + #include <X11/extensions/Xext.h> + #include <X11/extensions/extutil.h> + #include "xf86dristr.h" ++#include <limits.h> + + static XExtensionInfo _xf86dri_info_data; + static XExtensionInfo *xf86dri_info = &_xf86dri_info_data; +@@ -201,7 +202,11 @@ XF86DRIOpenConnection(Display * dpy, int screen, drm_handle_t * hSAREA, + } + + if (rep.length) { +- if (!(*busIdString = calloc(rep.busIdStringLength + 1, 1))) { ++ if (rep.busIdStringLength < INT_MAX) ++ *busIdString = calloc(rep.busIdStringLength + 1, 1); ++ else ++ *busIdString = NULL; ++ if (*busIdString == NULL) { + _XEatData(dpy, ((rep.busIdStringLength + 3) & ~3)); + UnlockDisplay(dpy); + SyncHandle(); +-- +cgit v0.9.0.2-2-gbebe +From 6de60ddf9ccac6f185d8f4e88ddfc63a94bd670f Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Fri, 26 Apr 2013 23:33:03 +0000 +Subject: integer overflow in XF86DRIGetClientDriverName() [CVE-2013-1993 2/2] + +clientDriverNameLength is a CARD32 and needs to be bounds checked before +adding one to it to come up with the total size to allocate, to avoid +integer overflow leading to underallocation and writing data from the +network past the end of the allocated buffer. + +NOTE: This is a candidate for stable release branches. + +Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Brian Paul <brianp@vmware.com> +(cherry picked from commit 306f630e676eb901789dd09a0f30d7e7fa941ebe) +--- +diff --git a/src/glx/XF86dri.c b/src/glx/XF86dri.c +index 8f53bd7..56e3557 100644 +--- a/src/glx/XF86dri.c ++++ b/src/glx/XF86dri.c +@@ -305,9 +305,11 @@ XF86DRIGetClientDriverName(Display * dpy, int screen, + *ddxDriverPatchVersion = rep.ddxDriverPatchVersion; + + if (rep.length) { +- if (! +- (*clientDriverName = +- calloc(rep.clientDriverNameLength + 1, 1))) { ++ if (rep.clientDriverNameLength < INT_MAX) ++ *clientDriverName = calloc(rep.clientDriverNameLength + 1, 1); ++ else ++ *clientDriverName = NULL; ++ if (*clientDriverName == NULL) { + _XEatData(dpy, ((rep.clientDriverNameLength + 3) & ~3)); + UnlockDisplay(dpy); + SyncHandle(); +-- +cgit v0.9.0.2-2-gbebe diff --git a/extra/mesa/PKGBUILD b/extra/mesa/PKGBUILD index 4fd8cbc0b..6990f754e 100644 --- a/extra/mesa/PKGBUILD +++ b/extra/mesa/PKGBUILD @@ -1,11 +1,11 @@ -# $Id: PKGBUILD 186351 2013-05-25 08:49:44Z andyrtr $ +# $Id: PKGBUILD 188839 2013-06-22 10:51:37Z lcarlier $ # Maintainer: Jan de Groot <jgc@archlinux.org> # Maintainer: Andreas Radke <andyrtr@archlinux.org> pkgbase=mesa pkgname=('ati-dri' 'intel-dri' 'nouveau-dri' 'svga-dri' 'mesa' 'mesa-libgl') pkgver=9.1.3 -pkgrel=1 +pkgrel=2 arch=('i686' 'x86_64') makedepends=('python2' 'libxml2' 'libx11' 'glproto' 'libdrm' 'dri2proto' 'libxxf86vm' 'libxdamage' 'libvdpau' 'wayland' 'llvm-amdgpu-snapshot' 'systemd') @@ -13,18 +13,21 @@ url="http://mesa3d.sourceforge.net" license=('custom') options=('!libtool') source=(ftp://ftp.freedesktop.org/pub/mesa/${pkgver}/MesaLib-${pkgver}.tar.bz2 - #ftp://ftp.freedesktop.org/pub/mesa/9.1/MesaLib-9.1-rc2.tar.bz2 # for RC testing - LICENSE) + LICENSE + CVE-2013-1993.patch) md5sums=('952ccd03547ed72333b64e1746cf8ada' - '5c65a0fe315dd347e09b1f2826a1df5a') + '5c65a0fe315dd347e09b1f2826a1df5a' + 'dc8dad7c9bc6a92bd9c33b27b9da825e') -build() { +prepare() { cd ${srcdir}/?esa-* - # pick 2 commits from master to - # fix a nouveau crash: http://cgit.freedesktop.org/mesa/mesa/commit/?id=17f1cb1d99e66227d1e05925ef937643f5c1089a - # and intel kwin slowness http://cgit.freedesktop.org/mesa/mesa/commit/?id=e062a4187d8ea518a39c913ae7562cf1d8ac3205 - #patch -Np1 -i ${srcdir}/git-fixes.patch + # fix CVE-2013-1993 merged upstream + patch -Np1 -i ${srcdir}/CVE-2013-1993.patch +} + +build() { + cd ${srcdir}/?esa-* autoreconf -vfi # our automake is far too new for their build system :) @@ -60,7 +63,7 @@ build() { package_ati-dri() { pkgdesc="Mesa drivers for AMD/ATI Radeon" - depends=("mesa-libgl=${pkgver}" 'llvm-amdgpu-lib-snapshot') + depends=("mesa-libgl=${pkgver}") conflicts=('xf86-video-ati<6.9.0-6') install -m755 -d ${pkgdir}/usr/lib/vdpau/ @@ -89,7 +92,7 @@ package_intel-dri() { package_nouveau-dri() { pkgdesc="Mesa drivers for Nouveau" - depends=("mesa-libgl=${pkgver}" 'llvm-amdgpu-lib-snapshot') + depends=("mesa-libgl=${pkgver}") install -m755 -d ${pkgdir}/usr/lib/vdpau/ mv -v ${srcdir}/fakeinstall/usr/lib/vdpau/libvdpau_nouveau.* ${pkgdir}/usr/lib/vdpau/ @@ -106,7 +109,7 @@ package_nouveau-dri() { package_svga-dri() { pkgdesc="Gallium3D VMware guest GL driver" - depends=('gcc-libs' 'libdrm' 'expat' 'libffi' 'llvm-amdgpu-lib-snapshot') + depends=('libdrm' 'expat' 'llvm-amdgpu-lib-snapshot') install -m755 -d ${pkgdir}/usr/lib/xorg/modules/dri mv -v ${srcdir}/fakeinstall/usr/lib/xorg/modules/dri/vmwgfx_dri.so ${pkgdir}/usr/lib/xorg/modules/dri/ diff --git a/extra/r/PKGBUILD b/extra/r/PKGBUILD index 7db7535ec..b9f19bb44 100644 --- a/extra/r/PKGBUILD +++ b/extra/r/PKGBUILD @@ -1,10 +1,10 @@ -# $Id: PKGBUILD 184431 2013-05-06 19:39:38Z foutrelis $ +# $Id: PKGBUILD 188821 2013-06-22 06:15:43Z foutrelis $ # Maintainer: Ronald van Haren <ronald.archlinux.org> # Contributor: Damir Perisa <damir.perisa@bluewin.ch> # Contributor: K. Piche <kpiche@rogers.com> pkgname=r -pkgver=3.0.0 +pkgver=3.0.1 pkgrel=1 pkgdesc="Language and environment for statistical computing and graphics" arch=('i686' 'x86_64') @@ -22,7 +22,7 @@ source=("http://cran.r-project.org/src/base/R-${pkgver%%.*}/R-${pkgver}.tar.gz" 'r.desktop' 'r.png' 'R.conf') -sha1sums=('0cb1d1b815af4ce640ceafd5402a2eb94924c945' +sha1sums=('5cc65476837926fdf04105954ea94efa53ac85ce' '13aa29219bcaa102e575de8c1c8e0833d233e836' 'a69a07ec363440efc18ce0a7f2af103375dea978' '43668da6cfd1b4455a99f23e79e2059294dddac9') diff --git a/extra/vc/PKGBUILD b/extra/vc/PKGBUILD index 19e6366d9..77a4e49f9 100644 --- a/extra/vc/PKGBUILD +++ b/extra/vc/PKGBUILD @@ -1,17 +1,17 @@ -# $Id: PKGBUILD 183664 2013-04-26 12:12:30Z andrea $ +# $Id: PKGBUILD 188826 2013-06-22 07:21:35Z andrea $ # Maintainer: Andrea Scarpino <andrea@archlinux.org> # Contributor: PedsXing <pedsxing at gmx dot net> pkgname=vc -pkgver=0.7.1 +pkgver=0.7.2 pkgrel=1 pkgdesc="A library to ease explicit vectorization of C++ code" url='http://code.compeng.uni-frankfurt.de/projects/vc/' arch=('x86_64' 'i686') license=('LGPL3') makedepends=('cmake') -source=("http://code.compeng.uni-frankfurt.de/attachments/download/161/Vc-${pkgver}.tar.gz") -md5sums=('a7bc94838e55b5e0cdf5a02e1b52f8dc') +source=("http://code.compeng.uni-frankfurt.de/attachments/download/164/Vc-${pkgver}.tar.gz") +md5sums=('f54dd2945f9e5a38945e50b4a3f7a901') build() { mkdir build @@ -22,13 +22,12 @@ build() { make } -# check() { -# cd build -# make test -#} +check() { + cd build + make test +} package() { cd build make DESTDIR="${pkgdir}" install } - diff --git a/extra/x2goserver/PKGBUILD b/extra/x2goserver/PKGBUILD index db8bd3503..baa568b8b 100644 --- a/extra/x2goserver/PKGBUILD +++ b/extra/x2goserver/PKGBUILD @@ -1,4 +1,4 @@ -# $Id: PKGBUILD 188542 2013-06-15 10:17:06Z andyrtr $ +# $Id: PKGBUILD 188846 2013-06-22 19:39:32Z andyrtr $ # Maintainer: AndyRTR <andyrtr@archlinux.org> # Contributor: Gerhard Brauer <gerbra@archlinux.de> @@ -7,7 +7,7 @@ # Contributor: Milan Knížek <knizek@volny.cz> pkgname=x2goserver -pkgver=4.0.1.1 +pkgver=4.0.1.3 pkgrel=1 pkgdesc="Open source terminal server" arch=('i686' 'x86_64') @@ -21,7 +21,7 @@ install=x2goserver.install backup=('etc/x2go/x2goserver.conf' 'etc/x2go/x2gosql/sql') source=(http://code.x2go.org/releases/source/${pkgname}/${pkgname}-${pkgver}.tar.gz x2goserver.service) -md5sums=('d970699f1df8d7096a7d3151c0ede447' +md5sums=('494b2d0435f7a11bc68a5d1d2a8a5f33' 'f76081c01e40b6206895d194dc949707') build() { diff --git a/java/antlr2/PKGBUILD b/java/antlr2/PKGBUILD index 4269d30c7..3468e25fc 100644 --- a/java/antlr2/PKGBUILD +++ b/java/antlr2/PKGBUILD @@ -1,17 +1,22 @@ -# $Id: PKGBUILD 167380 2012-10-01 19:24:15Z guillaume $ -# Maintainer: Andrea Scarpino <andrea@archlinux.org> +# Maintainer: luke Shumaker <lukeshu@sbcglobal.net> +# Maintainer (Arch): Andrea Scarpino <andrea@archlinux.org> # Contributor: George Giorgidze <giorgidze (at) gmail.com> # Contributor: Stefan Husmann <stefan-husmann@t-online.de> +# FIXME: antlr2-sharp doesn't build with mono 3. + pkgbase=antlr2 -pkgname=(antlr2 antlr2-{java,python2,cxx,sharp}) +#MONO pkgname=(antlr2 antlr2-{java,python2,cxx,sharp}) +pkgname=(antlr2 antlr2-{java,python2,cxx}) pkgver=2.7.7 +pkgdesc="ANother Tool for Language Recognition (formerly PCCTS)" url="http://www.antlr2.org/" license=('custom:Public Domain') -pkgrel=3 +pkgrel=3.1 arch=('i686' 'x86_64') -makedepends=('java-environment' 'python2' 'sh' 'nant' 'jh') +#MONO makedepends=('java-environment' 'python2' 'sh' 'nant' 'jh') +makedepends=('java-environment' 'python2' 'sh' 'jh') source=("http://www.antlr2.org/download/antlr-${pkgver}.tar.gz" "http://repo.maven.apache.org/maven2/antlr/antlr/$pkgver/antlr-$pkgver.pom" 'runantlr2.sh' 'gcc4.4.patch' 'mono.patch') @@ -25,8 +30,8 @@ build() { ./configure --prefix=/usr --disable-examples make -j1 - cd lib/csharp - nant release + #MONO cd lib/csharp + #MONO nant release } _install_license() { @@ -35,7 +40,6 @@ _install_license() { } package_antlr2() { - pkgdesc="ANother Tool for Language Recognition (formerly PCCTS)" depends=('sh' 'antlr2-java') install -Dm755 "$srcdir"/runantlr2.sh "$pkgdir"/usr/bin/runantlr2 @@ -43,7 +47,7 @@ package_antlr2() { } package_antlr2-java() { - pkgdesc="ANother Tool for Language Recognition (formerly PCCTS) (Java version)" + pkgdesc+=" (Java version)" depends=('java-runtime') provides=("java-antlr2=$pkgver") @@ -51,16 +55,16 @@ package_antlr2-java() { replaces=("java-antlr2") DESTDIR="$pkgdir" jh mvn-install antlr antlr $pkgver \ - "$srcdir"/antlr-${pkgver}.pom \ - "$srcdir"/antlr-${pkgver}/antlr/antlr.jar \ - antlr2.jar + "$srcdir"/antlr-${pkgver}.pom \ + "$srcdir"/antlr-${pkgver}/antlr/antlr.jar \ + antlr2.jar _install_license } package_antlr2-python2() { - pkgdesc="ANother Tool for Language Recognition (formerly PCCTS) (Python version)" - depends=('antlr2' 'python2') + pkgdesc+=" (Python version)" + depends=('python2') provides=("python2-antlr2=$pkgver") conflicts=("python2-antlr2") @@ -73,8 +77,7 @@ package_antlr2-python2() { } package_antlr2-cxx() { - pkgdesc="ANother Tool for Language Recognition (formerly PCCTS) (C++ version)" - depends=('java-runtime') + pkgdesc+=" (C++ version)" cd "$srcdir"/antlr-${pkgver}/lib/cpp make -j1 prefix="${pkgdir}/usr" install @@ -83,8 +86,8 @@ package_antlr2-cxx() { } package_antlr2-sharp() { - pkgdesc="ANother Tool for Language Recognition (formerly PCCTS) (C Sharp version)" - depends=('antlr2' 'mono') + pkgdesc+=" (C Sharp version)" + depends=('mono') cd "$srcdir"/antlr-${pkgver}/lib/csharp install -d "$pkgdir"/usr/share diff --git a/java/apache-ant/PKGBUILD b/java/apache-ant/PKGBUILD index 80a75335e..9f9c77c28 100755 --- a/java/apache-ant/PKGBUILD +++ b/java/apache-ant/PKGBUILD @@ -12,7 +12,7 @@ provides=("apache-ant-libre=$pkgver") replaces=("apache-ant-libre") conflicts=("apache-ant-libre") -pkgrel=1 +pkgrel=2 arch=('any') depends=('java-environment') @@ -25,26 +25,26 @@ declare -A _opts _opts[junit]='to have JUnit on the classpath in javac tasks;/usr/share/java/junit.jar' _opts[xalan-java]='<junitreport> task;/usr/share/java/xalan.jar' _opts[java-antlr2]='<antlr> task;/usr/share/java/antlr2.jar::antlr.jar' -#_opts[java-bsf]='<script> task;/usr/share/java/bsf.jar' +_opts[java-commons-bsf2]='<script> task;/usr/share/java/bsf2.jar::bsf.jar' #_opts[groovy]='Groovy with <script> and <scriptdef> tasks;/usr/share/java/groovy.jar' _opts[java-asm2]='Groovy with <script> and <scriptdef> tasks;/usr/share/java/asm-2.jar::asm.jar /usr/share/java/asm-util-2.jar::asm-util.jar' #_opts[netrexx]='<netrexx> task, Rexx with <script> task;/usr/share/java/netrexx.jar' -_opts[rhino]='Javascript with <script> task;/usr/share/java/js.jar' +_opts[java-rhino]='Javascript with <script> task;/usr/share/java/js.jar' _opts[jython]='Python with <script> task;/opt/jython/jython.jar' #_opts[jacl]='TCL with <script> task;/usr/share/java/jacl.jar' #_opts[tcljava]='TCL with <script> task;/usr/share/java/tcljava.jar' _opts[beanshell>=1.3]='BeanShell with <script> task;/usr/share/java/bsh.jar::beanshell.jar' -#_opts[jruby]='Ruby with <script> task;/usr/share/java/jruby.jar' +_opts[jruby]='Ruby with <script> task;/opt/jruby/lib/jruby.jar' #_opts[judo]='Judoscript with <script> task;/usr/share/java/judo.jar' _opts[java-commons-logging]='CommonsLoggingListener;/usr/share/java/commons-logging/commons-logging.jar' #_opts[java-log4j]='Log4jListener;/usr/share/java/log4j.jar' -#_opts[java-commons-net>=1.4.0]='<ftp>, <rexec> and <telnet> tasks;/usr/share/java/commons-net.jar' -#_opts[java-bcel]="'classfileset' data type, JavaClassHelper for ClassConstants filter reader;/usr/share/java/bcel.jar" +_opts[java-commons-net1>=1.4.0]='<ftp>, <rexec> and <telnet> tasks;/usr/share/java/commons-net.jar' +_opts[java-bcel]="'classfileset' data type, JavaClassHelper for ClassConstants filter reader;/usr/share/java/bcel.jar" #_opts[java-mail]='<mimemail> task, mime encoding with <mail>;/usr/share/java/mail.jar' -#_opts[java-activation]='<mimemail> task, mime encoding with <mail>;/usr/share/java/activation.jar' -#_opts[jdepend]='<jdepend> task;/usr/share/java/jdepend.jar' +_opts[java-activation-gnu]='<mimemail> task, mime encoding with <mail>;/usr/share/java/activation.jar' +_opts[java-jdepend]='<jdepend> task;/usr/share/java/jdepend.jar' #_opts[java-xmlcommons-resolver>=1.1beta]="external files for 'xmlcatalog' datatype;/usr/share/java/resolver.jar" -#_opts[java-jsch>=0.1.42]='<sshexec> and <scp> tasks;/usr/share/java/jsch.jar' +_opts[java-jsch>=0.1.42]='<sshexec> and <scp> tasks;/usr/share/java/jsch.jar' #_opts[java-advanced-imaging]='<image> task/usr/share/java/jai/*.jar' for pkg in "${!_opts[@]}"; do diff --git a/java/java-asm2/PKGBUILD b/java/java-asm2/PKGBUILD index 71bc0f303..8860ef86f 100644 --- a/java/java-asm2/PKGBUILD +++ b/java/java-asm2/PKGBUILD @@ -1,11 +1,11 @@ # Maintainer: Luke Shumaker <lukeshu@sbcglobal.net> pkgver=2.2.3 -. common.sh +. PKGBUILD.common.sh #### -pkgrel=6 +pkgrel=7 mksource() { cd "$srcdir/$_pkgname-$pkgver" diff --git a/java/java-asm2/common.sh b/java/java-asm2/PKGBUILD.common.sh index ef4547696..ef4547696 100644 --- a/java/java-asm2/common.sh +++ b/java/java-asm2/PKGBUILD.common.sh diff --git a/java/java-asm3/PKGBUILD b/java/java-asm3/PKGBUILD index 345c83edf..9c9928766 100644 --- a/java/java-asm3/PKGBUILD +++ b/java/java-asm3/PKGBUILD @@ -1,11 +1,11 @@ # Maintainer: Luke Shumaker <lukeshu@sbcglobal.net> pkgver=3.3.1 -. ../java-asm2/common.sh +. PKGBUILD.common.sh #### -pkgrel=6 +pkgrel=7 mksource() { cd "$srcdir/$_pkgname-$pkgver" diff --git a/java/java-commons-bsf/PKGBUILD b/java/java-commons-bsf/PKGBUILD new file mode 100644 index 000000000..57a9dfc1a --- /dev/null +++ b/java/java-commons-bsf/PKGBUILD @@ -0,0 +1,59 @@ +# Maintainer: Luke Shumaker <lukeshu@sbcglobal.net> + +pkgname=java-commons-bsf2 +pkgver=2.4.0 +url="https://commons.apache.org/proper/commons-bsf/" +license=('Apache') +pkgdesc="Bean Scripting Framework" + +pkgrel=1 +arch=('any') +depends=('java-commons-logging') +makedepends=('apache-ant') + +_mirror=http://archive.apache.org/dist +source=($_mirror/commons/bsf/source/bsf-src-$pkgver.tar.gz + build-properties.xml::"https://svn.apache.org/viewvc/commons/proper/bsf/tags/bsf-2.4.0/build-properties.xml?view=co&content-type=text%2Fplain" +) + +declare -A _opts +#_opts[jacl]="/usr/share/java/jacl.jar" +_opts[jython]="/opt/jython/jython.jar" +#_opts[nexrexx]="/usr/share/java/nexrexx.jar" +_opts[java-rhino]="/usr/share/java/js.jar" +_opts[xalan-java]="/usr/share/java/xalan.jar" +_opts[junit]="/usr/share/java/junit.jar" + +for pkg in "${!_opts[@]}"; do + optdepends+=("$pkg") + makedepends+=("$pkg") + _jars+="${_opts[$pkg]} " +done + +prepare() { + cd "${srcdir}/bsf-${pkgver}" + rm lib/*.jar +} + +build() { + cd "${srcdir}/bsf-${pkgver}" + + for jar in $_jars; do + ln -s "$jar" lib/ + done + + # Adjust it to work with jython 2.5+ + sed -i 's/PyJavaInstance/PyJavaType/g' src/org/apache/bsf/engines/jython/* + + ln -sf ../build-properties.xml ./ + ant jar +} + +package() { + cd "${srcdir}/bsf-${pkgver}" + install -Dm644 build/lib/bsf.jar "$pkgdir"/usr/share/java/bsf-$pkgver.jar + ln -s bsf-$pkgver.jar "$pkgdir"/usr/share/java/bsf2.jar +} + +md5sums=('7e58b2a009c0f70ab36bbef420b25c07' + 'd7180c2b95f1a5424f785a2482260eaa') diff --git a/java/javacc/PKGBUILD b/java/javacc/PKGBUILD new file mode 100644 index 000000000..032fd7b25 --- /dev/null +++ b/java/javacc/PKGBUILD @@ -0,0 +1,47 @@ +# Maintainer: Luke Shumaker <lukeshu@sbcglobal.net> + +pkgname=javacc +pkgver=5.0 +pkgdesc="Java Compiler Compiler; a parser generator" +url="http://javacc.java.net/" +license=('BSD3') + +arch=('any') +pkgrel=2.1 +depends=('java-runtime') +makedepends=('apache-ant' 'junit' 'jh') +source=("http://java.net/projects/${pkgname}/downloads/download/${pkgname}-${pkgver}src.tar.gz") + +prepare() { + cd "$srcdir/$pkgname" + rm lib/junit3.8.1/junit.jar + ln -s /usr/share/java/junit.jar lib/junit3.8.1 + #rm bootstrap/javacc.jar +} + +build() { + cd "$srcdir/$pkgname" + + sed -i \ + -e 's|<modelVersion>.*</modelVersion>|<modelVersion>4.0.0</modelVersion>|' \ + -e "s|<version>.*</version>|<version>$pkgver</version>|" \ + pom.xml + + for prog in javacc jjdoc jjtree; do + sed -i 's|JAR=.*|JAR=/usr/share/java/javacc.jar|' bin/$prog + done + + CLASSPATH=/usr/share/java/junit.jar ant +} + +package() { + cd "$srcdir/$pkgname" + + for prog in javacc jjdoc jjrun jjtree; do + install -Dm755 bin/$prog "$pkgdir"/usr/bin/$prog + done + install -Dm644 bin/lib/javacc.jar "$pkgdir"/usr/share/java/javacc.jar + install -Dm644 LICENSE "$pkgdir"/usr/share/licenses/$pkgname/LICENSE +} + +md5sums=('871d78a2a5859c2eebc712c1f8135be5') diff --git a/java/jh/PKGBUILD b/java/jh/PKGBUILD index 4c1dee6f3..5638adbce 100644 --- a/java/jh/PKGBUILD +++ b/java/jh/PKGBUILD @@ -1,7 +1,7 @@ # Maintainer: Luke Shumaker <lukeshu@sbcglobal.net> pkgname=jh -pkgver=0.5 +pkgver=0.5.1 pkgdesc="Java helpers for PKGBUILDs" url="https://projects.parabolagnulinux.org/packages/jh.git/" license=('custom:WTFPL') @@ -24,4 +24,4 @@ package() { install -Dm644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING } -md5sums=('5fe2279fbada213eb8df38875450c4d2') +md5sums=('051d39c5dac14e86b755bab9ec1d0d5d') diff --git a/java/junit/PKGBUILD b/java/junit/PKGBUILD index 35ad23101..5e466a029 100644 --- a/java/junit/PKGBUILD +++ b/java/junit/PKGBUILD @@ -7,7 +7,7 @@ pkgdesc="Automated testing framework for Java" url="http://www.junit.org/" license=('CPL') -pkgrel=1 +pkgrel=3.1 arch=('any') depends=('java-runtime' 'java-hamcrest') makedepends=('apache-ant' 'jakarta-oro' 'jh') @@ -49,5 +49,5 @@ package() { export DESTDIR="$pkgdir" jh mvn-install $pkgname junit $pkgver junit-$pkgver.{pom,jar} junit-$pkgver.jar jh mvn-install $pkgname junit-dep $pkgver junit-dep-$pkgver.pom - ln -s ${pkgname}/${pkgname}-${pkgver}.jar ${pkgdir}/usr/share/java/${pkgname}.jar + ln -s ${pkgname}-${pkgver}.jar ${pkgdir}/usr/share/java/${pkgname}.jar } diff --git a/kernels/linux-libre-pae/PKGBUILD b/kernels/linux-libre-pae/PKGBUILD index 3ea34ec08..03ed9a78e 100644 --- a/kernels/linux-libre-pae/PKGBUILD +++ b/kernels/linux-libre-pae/PKGBUILD @@ -1,4 +1,4 @@ -# $Id: PKGBUILD 188067 2013-06-08 08:17:48Z tpowa $ +# $Id: PKGBUILD 188791 2013-06-21 06:32:50Z tpowa $ # Contributor: Tobias Powalowski <tpowa@archlinux.org> # Contributor: Thomas Baechler <thomas@archlinux.org> # Maintainer (Parabola): André Silva <emulatorman@lavabit.com> @@ -6,7 +6,7 @@ pkgbase=linux-libre-pae # Build stock -LIBRE-PAE kernel #pkgbase=linux-libre-custom # Build kernel with a different name _basekernel=3.9 -pkgver=${_basekernel}.5 +pkgver=${_basekernel}.7 pkgrel=1 arch=('i686') url="http://linux-libre.fsfla.org/" @@ -22,8 +22,8 @@ source=("http://linux-libre.fsfla.org/pub/linux-libre/releases/${_basekernel}-gn 'boot-logo.patch' 'change-default-console-loglevel.patch') md5sums=('120df29f88622dabf7015a22c7cc8e25' - '558743403ba219c51570d29e03d362d5' - '7985f1e2cdb6838cf89bd85c0229db6a' + '4f5c670da16dc80fe9482892b636f99d' + '0c2bbcd147271839533777cd7b187f88' 'f302c931bd85309da9d9792b4cc96467' '04b21c79df0a952c22d681dd4f4562df' 'f3def2cefdcbb954c21d8505d23cc83c') diff --git a/kernels/linux-libre-pae/config b/kernels/linux-libre-pae/config index dd3549ac6..f4d6d1686 100644 --- a/kernels/linux-libre-pae/config +++ b/kernels/linux-libre-pae/config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 3.9.3-1 Kernel Configuration +# Linux/x86 3.9.7-1 Kernel Configuration # # CONFIG_64BIT is not set CONFIG_X86_32=y @@ -2439,7 +2439,7 @@ CONFIG_ATH9K=m CONFIG_ATH9K_PCI=y CONFIG_ATH9K_AHB=y # CONFIG_ATH9K_DEBUGFS is not set -CONFIG_ATH9K_RATE_CONTROL=y +# CONFIG_ATH9K_LEGACY_RATE_CONTROL is not set CONFIG_ATH9K_HTC=m # CONFIG_ATH9K_HTC_DEBUGFS is not set CONFIG_CARL9170=m @@ -4723,7 +4723,6 @@ CONFIG_USB_MUSB_TUSB6010=m CONFIG_MUSB_PIO_ONLY=y CONFIG_USB_CHIPIDEA=m CONFIG_USB_CHIPIDEA_UDC=y -CONFIG_USB_CHIPIDEA_HOST=y # CONFIG_USB_CHIPIDEA_DEBUG is not set CONFIG_USB_RENESAS_USBHS=m @@ -6036,7 +6035,7 @@ CONFIG_SECURITY_TOMOYO=y CONFIG_SECURITY_TOMOYO_MAX_ACCEPT_ENTRY=2048 CONFIG_SECURITY_TOMOYO_MAX_AUDIT_LOG=1024 # CONFIG_SECURITY_TOMOYO_OMIT_USERSPACE_LOADER is not set -CONFIG_SECURITY_TOMOYO_POLICY_LOADER="/sbin/tomoyo-init" +CONFIG_SECURITY_TOMOYO_POLICY_LOADER="/usr/bin/tomoyo-init" CONFIG_SECURITY_TOMOYO_ACTIVATION_TRIGGER="/usr/lib/systemd/systemd" CONFIG_SECURITY_APPARMOR=y CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=0 diff --git a/kernels/linux-libre-pae/linux-libre-pae.install b/kernels/linux-libre-pae/linux-libre-pae.install index 4fcf06d11..079d1b7ab 100644 --- a/kernels/linux-libre-pae/linux-libre-pae.install +++ b/kernels/linux-libre-pae/linux-libre-pae.install @@ -4,9 +4,6 @@ KERNEL_NAME=-pae KERNEL_VERSION= -# set a sane PATH to ensure that critical utils like depmod will be found -export PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' - post_install () { # updating module dependencies echo ">>> Updating module dependencies. Please wait ..." @@ -15,40 +12,9 @@ post_install () { echo ">>> Generating initial ramdisk, using mkinitcpio. Please wait..." mkinitcpio -p linux-libre${KERNEL_NAME} fi - - # compat symlinks for the official kernels only - if [ -z "${KERNEL_NAME}" -o "${KERNEL_NAME}" = "-pae" ]; then - loaders="$(find /boot -name syslinux.cfg -or -name extlinux.conf -or -name grub.cfg -or -name menu.lst)" - [ -f /etc/lilo.conf ] && loaders="$loaders /etc/lilo.conf" - if [ -n "${loaders}" ] && grep -q -e vmlinuz26 -e kernel26.img -e kernel26-fallback.img $loaders; then - # add compat symlinks for the initramfs images - ln -sf initramfs-linux-libre${KERNEL_NAME}.img boot/kernel26${KERNEL_NAME}.img - ln -sf initramfs-linux-libre${KERNEL_NAME}-fallback.img \ - boot/kernel26${KERNEL_NAME}-fallback.img - ln -sf vmlinuz-linux-libre${KERNEL_NAME} /boot/vmlinuz26${KERNEL_NAME} - fi - fi } post_upgrade() { - pacman -Q grub &>/dev/null - hasgrub=$? - pacman -Q grub-common &>/dev/null - hasgrub2=$? - pacman -Q lilo &>/dev/null - haslilo=$? - # reminder notices - if [ $haslilo -eq 0 ]; then - echo ">>>" - if [ $hasgrub -eq 0 -o $hasgrub2 -eq 0 ]; then - echo ">>> If you use the LILO bootloader, you should run 'lilo' before rebooting." - else - echo ">>> You appear to be using the LILO bootloader. You should run" - echo ">>> 'lilo' before rebooting." - fi - echo ">>>" - fi - if findmnt --fstab -uno SOURCE /boot &>/dev/null && ! mountpoint -q /boot; then echo "WARNING: /boot appears to be a separate partition but is not mounted." fi @@ -64,6 +30,6 @@ post_upgrade() { post_remove() { # also remove the compat symlinks - rm -f boot/{initramfs-linux-libre,kernel26}${KERNEL_NAME}.img - rm -f boot/{initramfs-linux-libre,kernel26}${KERNEL_NAME}-fallback.img + rm -f boot/initramfs-linux-libre${KERNEL_NAME}.img + rm -f boot/initramfs-linux-libre${KERNEL_NAME}-fallback.img } diff --git a/kernels/linux-libre-rt/PKGBUILD b/kernels/linux-libre-rt/PKGBUILD index d93b6247b..aa53303e4 100644 --- a/kernels/linux-libre-rt/PKGBUILD +++ b/kernels/linux-libre-rt/PKGBUILD @@ -10,7 +10,7 @@ pkgbase=linux-libre-rt # Build stock -LIBRE-RT kernel #pkgbase=linux-libre-custom # Build kernel with a different name _basekernel=3.8 _releasever=13 -_rtpatchver=rt9 +_rtpatchver=rt12 _pkgver=${_basekernel}.${_releasever} pkgver=${_basekernel}.${_releasever}_${_rtpatchver} pkgrel=1 @@ -34,7 +34,7 @@ source=("http://linux-libre.fsfla.org/pub/linux-libre/releases/${_basekernel}-gn "http://www.linux-libre.fsfla.org/pub/linux-libre/lemote/gnewsense/pool/debuginfo/linux-patches-${_lxopkgver}-gnu_0loongsonlibre_mipsel.tar.bz2") md5sums=('5c7787be882c343e41fb49136ff60aec' '2242024493dcb72a8777e11198f5e743' - '2b8fc5a819ee9bdf79aec69e07565cae' + 'aeecda98b77d67f4d1382b27ecba3d34' '5ed195b8c44e1e00c1885077566e1f81' 'f97a0be3b9252e788a0cf67e93cb5c6f' '82496e68851d1960543a07ba51cdb44a' @@ -187,14 +187,16 @@ _package() { # add vmlinux install -D -m644 vmlinux "${pkgdir}/usr/src/linux-${_kernver}/vmlinux" - # install fallback mkinitcpio.conf file and preset file for kernel - install -D -m644 "${srcdir}/${pkgbase}.preset" "${pkgdir}/etc/mkinitcpio.d/${pkgbase}.preset" - # set correct depmod command for install + cp -f "${startdir}/${install}" "${startdir}/${install}.pkg" + true && install=${install}.pkg sed \ -e "s/KERNEL_NAME=.*/KERNEL_NAME=${_kernelname}/" \ -e "s/KERNEL_VERSION=.*/KERNEL_VERSION=${_kernver}/" \ - -i "${startdir}/${pkgbase}.install" + -i "${startdir}/${install}" + + # install mkinitcpio preset file for kernel + install -D -m644 "${srcdir}/${pkgbase}.preset" "${pkgdir}/etc/mkinitcpio.d/${pkgbase}.preset" sed \ -e "1s|'linux*.*'|'${pkgbase}'|" \ -e "s|ALL_kver=.*|ALL_kver=\"/boot/vmlinuz-${pkgbase}\"|" \ diff --git a/kernels/linux-libre-rt/linux-libre-rt.install b/kernels/linux-libre-rt/linux-libre-rt.install index 374862298..434a0207c 100644 --- a/kernels/linux-libre-rt/linux-libre-rt.install +++ b/kernels/linux-libre-rt/linux-libre-rt.install @@ -2,10 +2,7 @@ # arg 2: the old package version KERNEL_NAME=-rt -KERNEL_VERSION=3.8.13-1-rt9-LIBRE-RT - -# set a sane PATH to ensure that critical utils like depmod will be found -export PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' +KERNEL_VERSION= post_install () { # updating module dependencies @@ -15,40 +12,9 @@ post_install () { echo ">>> Generating initial ramdisk, using mkinitcpio. Please wait..." mkinitcpio -p linux-libre${KERNEL_NAME} fi - - # compat symlinks for the official kernels only - if [ -z "${KERNEL_NAME}" -o "${KERNEL_NAME}" = "-rt" ]; then - loaders="$(find /boot -name syslinux.cfg -or -name extlinux.conf -or -name grub.cfg -or -name menu.lst)" - [ -f /etc/lilo.conf ] && loaders="$loaders /etc/lilo.conf" - if [ -n "${loaders}" ] && grep -q -e vmlinuz26 -e kernel26.img -e kernel26-fallback.img $loaders; then - # add compat symlinks for the initramfs images - ln -sf initramfs-linux-libre${KERNEL_NAME}.img boot/kernel26${KERNEL_NAME}.img - ln -sf initramfs-linux-libre${KERNEL_NAME}-fallback.img \ - boot/kernel26${KERNEL_NAME}-fallback.img - ln -sf vmlinuz-linux-libre${KERNEL_NAME} /boot/vmlinuz26${KERNEL_NAME} - fi - fi } post_upgrade() { - pacman -Q grub &>/dev/null - hasgrub=$? - pacman -Q grub-common &>/dev/null - hasgrub2=$? - pacman -Q lilo &>/dev/null - haslilo=$? - # reminder notices - if [ $haslilo -eq 0 ]; then - echo ">>>" - if [ $hasgrub -eq 0 -o $hasgrub2 -eq 0 ]; then - echo ">>> If you use the LILO bootloader, you should run 'lilo' before rebooting." - else - echo ">>> You appear to be using the LILO bootloader. You should run" - echo ">>> 'lilo' before rebooting." - fi - echo ">>>" - fi - if findmnt --fstab -uno SOURCE /boot &>/dev/null && ! mountpoint -q /boot; then echo "WARNING: /boot appears to be a separate partition but is not mounted." fi @@ -64,6 +30,6 @@ post_upgrade() { post_remove() { # also remove the compat symlinks - rm -f boot/{initramfs-linux-libre,kernel26}${KERNEL_NAME}.img - rm -f boot/{initramfs-linux-libre,kernel26}${KERNEL_NAME}-fallback.img + rm -f boot/initramfs-linux-libre${KERNEL_NAME}.img + rm -f boot/initramfs-linux-libre${KERNEL_NAME}-fallback.img } diff --git a/kernels/linux-libre-xen/PKGBUILD b/kernels/linux-libre-xen/PKGBUILD index 2291b6f45..2090ce582 100644 --- a/kernels/linux-libre-xen/PKGBUILD +++ b/kernels/linux-libre-xen/PKGBUILD @@ -1,4 +1,4 @@ -# $Id: PKGBUILD 188067 2013-06-08 08:17:48Z tpowa $ +# $Id: PKGBUILD 188791 2013-06-21 06:32:50Z tpowa $ # Contributor: Tobias Powalowski <tpowa@archlinux.org> # Contributor: Thomas Baechler <thomas@archlinux.org> # Maintainer (Parabola): André Silva <emulatorman@lavabit.com> @@ -6,7 +6,7 @@ pkgbase=linux-libre-xen # Build stock -LIBRE-XEN kernel #pkgbase=linux-libre-custom # Build kernel with a different name _basekernel=3.9 -pkgver=${_basekernel}.5 +pkgver=${_basekernel}.7 pkgrel=1 arch=('i686') url="http://linux-libre.fsfla.org/" @@ -22,8 +22,8 @@ source=("http://linux-libre.fsfla.org/pub/linux-libre/releases/${_basekernel}-gn 'boot-logo.patch' 'change-default-console-loglevel.patch') md5sums=('120df29f88622dabf7015a22c7cc8e25' - '558743403ba219c51570d29e03d362d5' - '8cc2a43c771d0fbb652c8264c746c007' + '4f5c670da16dc80fe9482892b636f99d' + 'c5a088fdf7a6fed1e06a890befca00ab' 'b7c2805bb287a644c0a303bf7721e534' '04b21c79df0a952c22d681dd4f4562df' 'f3def2cefdcbb954c21d8505d23cc83c') diff --git a/kernels/linux-libre-xen/config b/kernels/linux-libre-xen/config index dd2c45fd8..c4c81ff93 100644 --- a/kernels/linux-libre-xen/config +++ b/kernels/linux-libre-xen/config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 3.9.3-1 Kernel Configuration +# Linux/x86 3.9.7-1 Kernel Configuration # # CONFIG_64BIT is not set CONFIG_X86_32=y @@ -2447,7 +2447,7 @@ CONFIG_ATH9K=m CONFIG_ATH9K_PCI=y CONFIG_ATH9K_AHB=y # CONFIG_ATH9K_DEBUGFS is not set -CONFIG_ATH9K_RATE_CONTROL=y +# CONFIG_ATH9K_LEGACY_RATE_CONTROL is not set CONFIG_ATH9K_HTC=m # CONFIG_ATH9K_HTC_DEBUGFS is not set CONFIG_CARL9170=m @@ -4225,7 +4225,6 @@ CONFIG_DRM_RADEON=m # CONFIG_DRM_RADEON_UMS is not set CONFIG_DRM_NOUVEAU=m CONFIG_NOUVEAU_DEBUG=5 -CONFIG_NOUVEAU_DEBUG=5 CONFIG_NOUVEAU_DEBUG_DEFAULT=3 CONFIG_DRM_NOUVEAU_BACKLIGHT=y CONFIG_DRM_I915=m @@ -4936,7 +4935,6 @@ CONFIG_USB_FUNCTIONFS_GENERIC=y CONFIG_USB_MASS_STORAGE=m CONFIG_USB_GADGET_TARGET=m CONFIG_USB_G_SERIAL=m -CONFIG_USB_G_SERIAL=m CONFIG_USB_MIDI_GADGET=m CONFIG_USB_G_PRINTER=m # CONFIG_USB_CDC_COMPOSITE is not set @@ -6076,7 +6074,7 @@ CONFIG_SECURITY_TOMOYO=y CONFIG_SECURITY_TOMOYO_MAX_ACCEPT_ENTRY=2048 CONFIG_SECURITY_TOMOYO_MAX_AUDIT_LOG=1024 # CONFIG_SECURITY_TOMOYO_OMIT_USERSPACE_LOADER is not set -CONFIG_SECURITY_TOMOYO_POLICY_LOADER="/sbin/tomoyo-init" +CONFIG_SECURITY_TOMOYO_POLICY_LOADER="/usr/bin/tomoyo-init" CONFIG_SECURITY_TOMOYO_ACTIVATION_TRIGGER="/usr/lib/systemd/systemd" CONFIG_SECURITY_APPARMOR=y CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=0 diff --git a/kernels/linux-libre-xen/linux-libre-xen.install b/kernels/linux-libre-xen/linux-libre-xen.install index 4b7373be1..0683dce3d 100644 --- a/kernels/linux-libre-xen/linux-libre-xen.install +++ b/kernels/linux-libre-xen/linux-libre-xen.install @@ -4,9 +4,6 @@ KERNEL_NAME=-xen KERNEL_VERSION= -# set a sane PATH to ensure that critical utils like depmod will be found -export PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' - post_install () { # updating module dependencies echo ">>> Updating module dependencies. Please wait ..." @@ -15,40 +12,9 @@ post_install () { echo ">>> Generating initial ramdisk, using mkinitcpio. Please wait..." mkinitcpio -p linux-libre${KERNEL_NAME} fi - - # compat symlinks for the official kernels only - if [ -z "${KERNEL_NAME}" -o "${KERNEL_NAME}" = "-xen" ]; then - loaders="$(find /boot -name syslinux.cfg -or -name extlinux.conf -or -name grub.cfg -or -name menu.lst)" - [ -f /etc/lilo.conf ] && loaders="$loaders /etc/lilo.conf" - if [ -n "${loaders}" ] && grep -q -e vmlinuz26 -e kernel26.img -e kernel26-fallback.img $loaders; then - # add compat symlinks for the initramfs images - ln -sf initramfs-linux-libre${KERNEL_NAME}.img boot/kernel26${KERNEL_NAME}.img - ln -sf initramfs-linux-libre${KERNEL_NAME}-fallback.img \ - boot/kernel26${KERNEL_NAME}-fallback.img - ln -sf vmlinuz-linux-libre${KERNEL_NAME} /boot/vmlinuz26${KERNEL_NAME} - fi - fi } post_upgrade() { - pacman -Q grub &>/dev/null - hasgrub=$? - pacman -Q grub-common &>/dev/null - hasgrub2=$? - pacman -Q lilo &>/dev/null - haslilo=$? - # reminder notices - if [ $haslilo -eq 0 ]; then - echo ">>>" - if [ $hasgrub -eq 0 -o $hasgrub2 -eq 0 ]; then - echo ">>> If you use the LILO bootloader, you should run 'lilo' before rebooting." - else - echo ">>> You appear to be using the LILO bootloader. You should run" - echo ">>> 'lilo' before rebooting." - fi - echo ">>>" - fi - if findmnt --fstab -uno SOURCE /boot &>/dev/null && ! mountpoint -q /boot; then echo "WARNING: /boot appears to be a separate partition but is not mounted." fi @@ -64,6 +30,6 @@ post_upgrade() { post_remove() { # also remove the compat symlinks - rm -f boot/{initramfs-linux-libre,kernel26}${KERNEL_NAME}.img - rm -f boot/{initramfs-linux-libre,kernel26}${KERNEL_NAME}-fallback.img + rm -f boot/initramfs-linux-libre${KERNEL_NAME}.img + rm -f boot/initramfs-linux-libre${KERNEL_NAME}-fallback.img } diff --git a/libre/libretools/PKGBUILD b/libre/libretools/PKGBUILD index 49dc7feb2..dcf59bda4 100644 --- a/libre/libretools/PKGBUILD +++ b/libre/libretools/PKGBUILD @@ -4,13 +4,13 @@ # Contributor: Márcio Silva <coadde@lavabit.com> pkgbase=libretools -pkgname=(libretools libretools-mips64el) +pkgname=(libretools libretools-mips64el librelib) pkgdesc="Programs for Parabola development" url="https://projects.parabolagnulinux.org/packages/libretools.git/" license=('GPL3' 'GPL2') -pkgver=20130611 -_libretools_commit=e6944bc03f587ad177c6b825e3f4c116fb9b9b12 +pkgver=20130622 +_libretools_commit=5dd6e17100a86b79a3fd6fedc8cce49dcc298356 _devtools_commit=bf8513ae631484a0c292ad085ea7ede9859f8e0f _packages_url=https://projects.parabolagnulinux.org/packages @@ -26,7 +26,7 @@ build() { cd "$srcdir" ln -sf devtools-par-$_devtools_commit devtools-par cd "$srcdir/$pkgbase-$_libretools_commit" - make build-libretools build-libretools-mips64el build-doc + make build-libretools build-libretools-mips64el build-librelib build-doc } check() { @@ -35,6 +35,16 @@ check() { make check TESTENVFLAGS='--no-network --no-sudo' } +package_librelib() { + pkgdesc="Shell library portion of libretools" + depends=( + wget # `aur` and `lib/blacklist.sh` + ) + + cd "$srcdir/$pkgbase-$_libretools_commit" + make install-librelib DESTDIR="$pkgdir" +} + package_libretools() { backup=(etc/libretools.conf etc/libretools.d/chroot.conf etc/libretools.d/librefetch.conf) install=libretools.install @@ -42,13 +52,13 @@ package_libretools() { conflicts=(devtools) depends=( + "librelib=$pkgver" arch-install-scripts # `archroot` uses `pacstrap` git # `createworkdir` (also mips-add in -mips64el) openssh # `librerelease` rsync # `librerelease` and `makechrootpkg.sh` subversion # `diff-unfree` tokyocabinet # `treepkg` - wget # `aur` and `lib/blacklist.sh` ) optdepends=('namcap: to check package files') @@ -64,5 +74,5 @@ package_libretools-mips64el() { make install-libretools-mips64el DESTDIR="$pkgdir" } -md5sums=('3d5645488481fab48954e194274f70ac' +md5sums=('a5a5029740cef767b8e731ab8c48890b' 'b28b1492fda205be7c577fc03cbc3399') diff --git a/pcr/shocco/PKGBUILD b/pcr/shocco/PKGBUILD new file mode 100644 index 000000000..32baa6d2d --- /dev/null +++ b/pcr/shocco/PKGBUILD @@ -0,0 +1,30 @@ +# Maintainer: Luke Shumaker <lukeshu@sbcglobal.net> + +pkgname="shocco" +pkgver=1.0 +pkgdesc="Docco-like documentation generator for POSIX shell" +url="http://rtomayko.github.com/shocco/" +license=('custom:MIT') + +pkgrel=1 +arch=('any') +depends=('markdown' 'python2-pygments') +optdepends=('ronn: builds man pages') + +source=("libre://$pkgname-$pkgver.tar.gz") +md5sums=('edaed31d14a2c16e6303c07e24e7bc9a') + +mksource=("git://github.com/rtomayko/shocco.git#tag=${pkgver}") +mkmd5sums=('SKIP') + +build() { + cd "$srcdir/$pkgname" + ./configure --prefix="$pkgdir"/usr + make -j1 +} + +package() { + cd "$srcdir/$pkgname" + make -j1 install + install -Dm644 COPYING "$pkgdir/usr/share/licenses/$pkgname/COPYING" +} |