diff options
author | Nicolás Reynolds <fauno@endefensadelsl.org> | 2014-05-14 03:31:50 +0000 |
---|---|---|
committer | Nicolás Reynolds <fauno@endefensadelsl.org> | 2014-05-14 03:31:50 +0000 |
commit | 747b1fd97f3a07a4f9dbb660436b7708c6ee2c43 (patch) | |
tree | 9c6ed9681aa290107e9068b3e7907b078480e12c | |
parent | af87d2873bcaaf5a93ccf25da80aa670f89fbe96 (diff) |
Wed May 14 03:25:27 UTC 2014
24 files changed, 1084 insertions, 358 deletions
diff --git a/community/activity-log-manager/PKGBUILD b/community/activity-log-manager/PKGBUILD index d0334dd68..fab5f01d4 100644 --- a/community/activity-log-manager/PKGBUILD +++ b/community/activity-log-manager/PKGBUILD @@ -1,10 +1,10 @@ -# $Id: PKGBUILD 94510 2013-07-25 21:57:24Z bgyorgy $ +# $Id: PKGBUILD 111089 2014-05-13 13:23:00Z bgyorgy $ # Maintainer: Balló György <ballogyor+arch at gmail dot com> # Contributor: Ner0 pkgname=activity-log-manager pkgver=0.9.7 -pkgrel=1 +pkgrel=2 pkgdesc="A graphical user interface which lets you easily control what gets logged by Zeitgeist" arch=('i686' 'x86_64') url="https://launchpad.net/activity-log-manager" @@ -13,11 +13,13 @@ depends=('gtk3' 'libgee06' 'zeitgeist' 'hicolor-icon-theme' 'xdg-utils') makedepends=('vala' 'intltool') install=$pkgname.install source=(https://launchpad.net/$pkgname/${pkgver%.*}/$pkgver/+download/$pkgname-$pkgver.tar.xz - http://pkgbuild.com/~bgyorgy/sources/$pkgname-translations-20130725.tar.gz) + http://pkgbuild.com/~bgyorgy/sources/$pkgname-translations-20130725.tar.gz + fix-build.patch) md5sums=('d886be32db0fa351aaf0eb59912ee377' - 'f7a284bca152011500cb845aebad8d14') + 'f7a284bca152011500cb845aebad8d14' + '243c71b429e12172691dcb748055247d') -build() { +prepare() { cd "$srcdir/$pkgname-$pkgver" # Install language files @@ -25,14 +27,20 @@ build() { mv -f -t po ../po/* printf "%s\n" po/*.po | sed -e 's/po\///g' -e 's/\.po//g' >po/LINGUAS + # Regenerate C files rm src/activity_log_manager_vala.stamp + # Fix build + patch -Np1 -i ../fix-build.patch +} + +build() { + cd "$srcdir/$pkgname-$pkgver" ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var make } package() { cd "$srcdir/$pkgname-$pkgver" - make DESTDIR="$pkgdir" install } diff --git a/community/activity-log-manager/activity-log-manager.install b/community/activity-log-manager/activity-log-manager.install index 2c455e952..17ca8f78a 100644 --- a/community/activity-log-manager/activity-log-manager.install +++ b/community/activity-log-manager/activity-log-manager.install @@ -1,5 +1,5 @@ post_install() { - xdg-icon-resource forceupdate + gtk-update-icon-cache -q -t -f usr/share/icons/hicolor } post_upgrade() { diff --git a/community/activity-log-manager/fix-build.patch b/community/activity-log-manager/fix-build.patch new file mode 100644 index 000000000..71724f421 --- /dev/null +++ b/community/activity-log-manager/fix-build.patch @@ -0,0 +1,12 @@ +diff -Naur activity-log-manager-0.9.7.orig/src/unified-privacy.vala activity-log-manager-0.9.7/src/unified-privacy.vala +--- activity-log-manager-0.9.7.orig/src/unified-privacy.vala 2013-07-10 08:28:23.000000000 +0200 ++++ activity-log-manager-0.9.7/src/unified-privacy.vala 2014-05-13 15:15:51.042857849 +0200 +@@ -291,7 +291,7 @@ + // Add/Remove buttons + var exception_toolbar = new Toolbar(); + exception_toolbar.toolbar_style = ToolbarStyle.ICONS; +- exception_toolbar.icon_size = 1; ++ exception_toolbar.icon_size = Gtk.IconSize.MENU; + exception_toolbar.icon_size_set = true; + exception_toolbar.visible = true; + diff --git a/community/apitrace/PKGBUILD b/community/apitrace/PKGBUILD index 43622bdca..6909f78bb 100644 --- a/community/apitrace/PKGBUILD +++ b/community/apitrace/PKGBUILD @@ -1,10 +1,10 @@ -# $Id: PKGBUILD 89930 2013-05-05 19:53:46Z lcarlier $ +# $Id: PKGBUILD 111076 2014-05-13 08:12:14Z lcarlier $ # Maintainer: Laurent Carlier <lordheavym@gmail.com> # Contributor: Luca Bennati <lucak3 AT gmail DOT com> # Contributor: Glaucous <glakke1 at gmail dot com> pkgname=apitrace -pkgver=4.0 +pkgver=5.0 pkgrel=1 pkgdesc="Graphics API Tracing" arch=('i686' 'x86_64') @@ -13,7 +13,7 @@ license=('custom') makedepends=('cmake' 'mesa' 'libgl' 'python2' 'qtwebkit' 'qjson') optdepends=('qtwebkit: GUI support' 'qjson: GUI support') source=("https://github.com/apitrace/apitrace/archive/${pkgver}.zip") -md5sums=('5b2e212d91d2f184d8608c712eab69a0') +md5sums=('2a60e8a4c90f841dc95fe659ba26607e') build() { cd ${srcdir}/apitrace-* diff --git a/community/dispcalgui/PKGBUILD b/community/dispcalgui/PKGBUILD index fbcda9c93..a4d47425e 100644 --- a/community/dispcalgui/PKGBUILD +++ b/community/dispcalgui/PKGBUILD @@ -1,10 +1,10 @@ -# $Id: PKGBUILD 110033 2014-04-23 13:36:22Z tredaelli $ +# $Id: PKGBUILD 111078 2014-05-13 10:46:13Z tredaelli $ # Maintainer: Timothy Redaelli <timothy.redaelli@gmail.com> # Contributor: Cedric Girard <girard.cedric@gmail.com> # Contributor: foxbunny <bg.branko@gmail.com> pkgname=dispcalgui -pkgver=2.0.0.0 +pkgver=2.1.0.0 pkgrel=1 pkgdesc="A GUI frontend for several utilities from the open source color management system Argyll CMS" arch=('i686' 'x86_64') @@ -15,16 +15,15 @@ depends=('argyllcms' 'wxpython' 'hicolor-icon-theme' 'desktop-file-utils' 'pytho optdepends=('gksu: For running as root') install=${pkgname}.install source=("http://downloads.sourceforge.net/project/dispcalgui/release/${pkgver}/dispcalGUI-${pkgver}.tar.gz") -md5sums=('5740301fb4f7e72a57b4eab6a4ee405a') +md5sums=('4d47ce34946e5b0b8bf2658a572e6bd6') prepare() { - cd "${srcdir}"/dispcalGUI-${pkgver} -# patch -p1 -i "$srcdir"/dispcalGUI-1.5.3.1-wxgtk3.patch + cd dispcalGUI-${pkgver} find . -name "*.py" -exec sed -i 's!/usr/bin/env python!/usr/bin/env python2!g' {} + } package() { - cd "${srcdir}"/dispcalGUI-${pkgver} + cd dispcalGUI-${pkgver} python2 setup.py install --root="${pkgdir}" --optimize=1 #udev rules are shipped with argyllcms rm -rf "${pkgdir}"/etc/udev/ diff --git a/community/electricsheep/PKGBUILD b/community/electricsheep/PKGBUILD index 776295bd7..7f6d1c6c3 100644 --- a/community/electricsheep/PKGBUILD +++ b/community/electricsheep/PKGBUILD @@ -1,4 +1,4 @@ -# $Id: PKGBUILD 106099 2014-02-22 21:08:18Z eric $ +# $Id: PKGBUILD 111101 2014-05-13 21:14:09Z eric $ # Maintainer: Eric Bélanger <eric@archlinux.org> pkgname=electricsheep @@ -45,7 +45,7 @@ prepare() { build() { cd ${pkgname}-${pkgver} ./autogen.sh - CPPFLAGS+="-I/usr/include/lua5.1" ./configure --prefix=/usr + CPPFLAGS+=" -I/usr/include/lua5.1" ./configure --prefix=/usr sed -i 's|-I /usr/include/libavutil||' MSVC/SettingsGUI/Makefile make CXXFLAGS+="-DUSE_NEW_FFMPEG_API=1" GLEE_LIBS="-lGLee" } diff --git a/community/go/PKGBUILD b/community/go/PKGBUILD index f7adacbff..7ad91da1a 100644 --- a/community/go/PKGBUILD +++ b/community/go/PKGBUILD @@ -1,4 +1,4 @@ -# $Id: PKGBUILD 109996 2014-04-22 20:02:26Z arodseth $ +# $Id: PKGBUILD 111080 2014-05-13 11:01:57Z arodseth $ # Maintainer: Vesa Kaihlavirta <vegai@iki.fi> # Maintainer: Alexander Rødseth <rodseth@gmail.com> # Contributor: Rémy Oudompheng <remy@archlinux.org> @@ -11,8 +11,8 @@ pkgname=go epoch=2 -pkgver=1.2.1 -pkgrel=5 +pkgver=1.2.2 +pkgrel=1 pkgdesc='Compiler and tools for the Go programming language from Google' arch=('x86_64' 'i686') url='http://golang.org/' @@ -25,13 +25,14 @@ optdepends=('mercurial: for fetching sources from mercurial repositories' 'bzr: for fetching sources from bazaar repositories' 'subversion: for fetching sources from subversion repositories') install="$pkgname.install" -source=("$pkgname-$pkgver::hg+https://code.google.com/p/$pkgname#branch=release-branch.$pkgname${pkgver/.1}") +source=("$pkgname-$pkgver::hg+https://code.google.com/p/$pkgname#tag=$pkgname$pkgver") md5sums=('SKIP') build() { - export GOROOT="$srcdir/$pkgname-$pkgver" - cd "$GOROOT/src" + cd "$srcdir/$pkgname-$pkgver/src" + export GOROOT="$srcdir/$pkgname-$pkgver" + export GOBIN="$GOROOT/bin" export GOPATH="$srcdir/" export GOROOT_FINAL=/usr/lib/go @@ -84,6 +85,7 @@ check() { fi export GOROOT="$srcdir/$pkgname-$pkgver" + export GOBIN="$GOROOT/bin" export PATH="$srcdir/$pkgname-$pkgver/bin:$PATH" # TestSimpleMulticastListener will fail in standard chroot @@ -92,9 +94,11 @@ check() { package() { cd "$pkgname-$pkgver" + export GOROOT="$srcdir/$pkgname-$pkgver" + export GOBIN="$GOROOT/bin" - install -Dm755 $srcdir/godoc $pkgdir/usr/bin/godoc + install -Dm755 "$srcdir/godoc" "$pkgdir/usr/bin/godoc" install -Dm644 LICENSE \ "$pkgdir/usr/share/licenses/go/LICENSE" diff --git a/community/julia/PKGBUILD b/community/julia/PKGBUILD index 913601797..ebb9e558e 100644 --- a/community/julia/PKGBUILD +++ b/community/julia/PKGBUILD @@ -1,4 +1,4 @@ -# $Id: PKGBUILD 110532 2014-05-02 16:17:06Z arodseth $ +# $Id: PKGBUILD 111098 2014-05-13 18:30:47Z arodseth $ # Maintainer: Alexander Rødseth <rodseth@gmail.com> # Contributor: Lex Black <autumn-wind at web dot de> # Contributor: Michael Jakl <jakl.michael@gmail.com> @@ -6,21 +6,21 @@ pkgname=julia pkgver=0.3.0_prerelease -pkgrel=4 +pkgrel=5 pkgdesc='High-level, high-performance, dynamic programming language' arch=('x86_64' 'i686') url='http://julialang.org' license=('GPL') -depends=('arpack' 'fftw' 'git' 'gmp' 'libunwind' 'mpfr' 'pcre' 'readline' 'zlib' 'llvm') # 'suitesparse' 'utf8proc' (AUR) 'intel-mkl' (AUR) -makedepends=('gcc-fortran') +depends=('arpack' 'fftw' 'git' 'gmp' 'libunwind' 'mpfr' 'pcre' 'readline' 'zlib') +makedepends=('gcc-fortran' 'python2' 'libuv') optdepends=('gnuplot: If using the Gaston Package from julia') options=('!emptydirs' 'staticlibs') -source=("git://github.com/JuliaLang/julia.git#commit=7bb10f8372") +source=("git://github.com/JuliaLang/julia.git#commit=3985890") sha256sums=('SKIP') build() { make -C "$pkgname" prefix=/usr sysconfdir=/etc \ - USE_SYSTEM_LLVM=1 \ + USE_SYSTEM_LLVM=0 \ USE_SYSTEM_LIBUNWIND=1 \ USE_SYSTEM_READLINE=1 \ USE_SYSTEM_PCRE=1 \ @@ -47,7 +47,7 @@ build() { package() { make -C "$pkgname" DESTDIR="$pkgdir" \ prefix=/usr sysconfdir=/etc \ - USE_SYSTEM_LLVM=1 \ + USE_SYSTEM_LLVM=0 \ USE_SYSTEM_LIBUNWIND=1 \ USE_SYSTEM_READLINE=1 \ USE_SYSTEM_PCRE=1 \ diff --git a/community/libx86emu/PKGBUILD b/community/libx86emu/PKGBUILD index 9602b8aee..3e2fe7324 100644 --- a/community/libx86emu/PKGBUILD +++ b/community/libx86emu/PKGBUILD @@ -1,10 +1,10 @@ -# $Id: PKGBUILD 107049 2014-03-11 19:41:14Z arodseth $ +# $Id: PKGBUILD 111085 2014-05-13 12:20:38Z arodseth $ # Maintainer: Alexander Rødseth <rodseth@gmail.com> # Contributor: Kaiting Chen <kaitocracy@gmail.com> # Contributor: Gergely Imreh <imrehgATgmailDOTcom> pkgname=libx86emu -pkgver=1.1.21.5 +pkgver=1.1.21.6 pkgrel=1 pkgdesc='x86 emulation library' arch=('x86_64' 'i686') @@ -13,7 +13,7 @@ license=('BSD') depends=('glibc') makedepends=('rpmextract') source=("http://download.opensuse.org/source/factory/repo/oss/suse/src/$pkgname-${pkgver%.*.*}-${pkgver#*.*.}.src.rpm") -sha256sums=('d639b118788e1fb880f96a12548e434b210a3eb47b850b9162f2e682b824c03f') +sha256sums=('220465fd4380c1a91dbd394a67301b409efaa255af54a33ddfc0d4fc9f583582') prepare() { # Wish they would just provide a normal $pkgname-$pkgver.tar.gz... diff --git a/community/processing/PKGBUILD b/community/processing/PKGBUILD index d85d20907..393ba8c6e 100644 --- a/community/processing/PKGBUILD +++ b/community/processing/PKGBUILD @@ -1,8 +1,8 @@ -# $Id: PKGBUILD 109634 2014-04-17 07:36:16Z fyan $ +# $Id: PKGBUILD 111103 2014-05-13 21:14:49Z arodseth $ # Maintainer: Alexander Rødseth <rodseth@gmail.com> pkgname=processing -pkgver=2.1.2 +pkgver=2.2 pkgrel=1 arch=('x86_64' 'i686') pkgdesc='Programming environment for creating images, animations and interactions' @@ -15,13 +15,13 @@ options=('!strip') if [[ $CARCH == "x86_64" ]]; then source=("http://download.$pkgname.org/$pkgname-$pkgver-linux64.tgz" "$pkgname.png::http://wiki.$pkgname.org/skins/${pkgname}skin/${pkgname}_wiki_logo.png") - sha256sums=('4e43fd3f9527e243438bb3ddf75c37afb4004f71144a53d0347732bdab0eb439' - '019ae700333409acbc628779747ab8f153f6647de25e4de3a9bd4a42d0d8056a') + sha256sums=('262756a040def3e23a32db2838b313193918cb15cafccc6e9fbd88358d5d8832' + '019ae700333409acbc628779747ab8f153f6647de25e4de3a9bd4a42d0d8056a') else source=("http://download.$pkgname.org/$pkgname-$pkgver-linux32.tgz" "$pkgname.png::http://wiki.$pkgname.org/skins/${pkgname}skin/${pkgname}_wiki_logo.png") - sha256sums=('917329ff5f960632e149cd79822e9ea4016bc575e31f90ff6bf009b87ccfceb1' - '019ae700333409acbc628779747ab8f153f6647de25e4de3a9bd4a42d0d8056a') + sha256sums=('89bf7739ba97f8150c3a6e3c02e3602ed70d93aba29def8f4eddc755fc5d5ae0' + '019ae700333409acbc628779747ab8f153f6647de25e4de3a9bd4a42d0d8056a') fi prepare() { diff --git a/community/pymol/PKGBUILD b/community/pymol/PKGBUILD index 9ac1f602c..805645ad4 100644 --- a/community/pymol/PKGBUILD +++ b/community/pymol/PKGBUILD @@ -1,11 +1,11 @@ -# $Id: PKGBUILD 107720 2014-03-18 18:03:37Z arcanis $ +# $Id: PKGBUILD 111108 2014-05-13 21:33:30Z arcanis $ # Maintainer: Evgeniy Alekseev <arcanis dot arch at gmail dot com> # Contributor: graysky # Contributor: Tomasz Żok <tomasz dot zok at gmail dot com> pkgname=pymol -pkgver=1.7.0.0 -pkgrel=3 +pkgver=1.7.1.3 +pkgrel=1 pkgdesc="Molecular visualization system on an Open Source foundation" arch=('i686' 'x86_64') url="http://pymol.org/" @@ -16,14 +16,14 @@ source=("http://downloads.sourceforge.net/project/pymol/pymol/1.7/pymol-v${pkgve "${pkgname}-38899.patch" "apbstools_tcltk8.6.patch") install="${pkgname}.install" -md5sums=('36fc735f6104e59802f109d0d25b6676' +md5sums=('414e57a76d8e6e58540b743c1c2fb5ee' '1f8152c4604ba2939b24e25a022937ca' - 'a3c1544017762613bebc3f5763a434a9') + 'c48bf253e59ff97c14114cd285a4f1e1') prepare() { # create desktop file gendesk -f --pkgname "${pkgname}" --pkgdesc "${pkgdesc}" --name="PyMOL" --categories="Science;Chemistry" - + # suppress non-zero exit code that breaks makepkg sed -i '/sys.exit/ s,2,0,' "${srcdir}/pymol/setup.py" # change python to python2 @@ -31,14 +31,12 @@ prepare() { sed -i "s|python|python2|g" "${srcdir}/pymol/test/run" sed -i "s|python|python2|g" "${srcdir}/pymol/test/show" sed -i "s|python|python2|g" "${srcdir}/pymol/modules/pmg_tk/startup/apbs_tools.py" - # fix FS#38899 patch -p0 -i "${pkgname}-38899.patch" mv "${srcdir}/${pkgname}/modules/web" "${srcdir}/${pkgname}/modules/pymolweb" - # fix FS#39526 cd "${srcdir}/${pkgname}" - patch -p0 -i "${srcdir}/apbstools_tcltk8.6.patch" + #patch -p0 -i "${srcdir}/apbstools_tcltk8.6.patch" } build() { diff --git a/community/pymol/apbstools_tcltk8.6.patch b/community/pymol/apbstools_tcltk8.6.patch index f7ec535d0..abd8ea470 100644 --- a/community/pymol/apbstools_tcltk8.6.patch +++ b/community/pymol/apbstools_tcltk8.6.patch @@ -1,176 +1,176 @@ ---- modules/pmg_tk/startup/apbs_tools.py.orig 2013-08-16 20:29:27.000000000 -0400 -+++ modules/pmg_tk/startup/apbs_tools.py 2013-08-16 20:31:35.000000000 -0400 -@@ -560,7 +560,8 @@ +--- modules/pmg_tk/startup/apbs_tools.py.orig 2014-05-14 01:07:32.000000000 +0400 ++++ modules/pmg_tk/startup/apbs_tools.py 2014-05-14 01:15:35.090032827 +0400 +@@ -612,7 +612,8 @@ # Set up the Main page page = self.notebook.add('Main') group = Pmw.Group(page,tag_text='Main options') - group.pack(fill = 'both', expand = 1, padx = 10, pady = 5) + #group.pack(fill = 'both', expand = 1, padx = 10, pady = 5) -+ group.grid(padx = 10, pady = 5, sticky=(N, S, E, W)) ++ group.grid(padx = 10, pady = 5, sticky=(N, S, E, W)) self.selection = Pmw.EntryField(group.interior(), labelpos='w', label_text='Selection to use: ', -@@ -606,7 +607,8 @@ +@@ -658,7 +659,8 @@ page = self.notebook.add('Configuration') group = Pmw.Group(page,tag_text='Dielectric Constants') - group.pack(fill = 'both', expand = 1, padx = 4, pady = 5) + #group.pack(fill = 'both', expand = 1, padx = 4, pady = 5) -+ group.grid(padx = 4, pady = 5, sticky=(N, S, E, W)) ++ group.grid(padx = 4, pady = 5, sticky=(N, S, E, W)) group.grid(column=0, row=0) self.interior_dielectric = Pmw.EntryField(group.interior(),labelpos='w', label_text = 'Protein Dielectric:', -@@ -625,7 +627,8 @@ +@@ -677,7 +679,8 @@ #entry.pack(side='left',fill='both',expand=1,padx=4) # side-by-side entry.pack(fill='x',expand=1,padx=4,pady=1) # vertical group = Pmw.Group(page,tag_text='Other') - group.pack(fill='both',expand=1, padx=4, pady=5) + #group.pack(fill='both',expand=1, padx=4, pady=5) -+ group.grid(padx=4, pady=5, sticky=(N, S, E, W)) ++ group.grid(padx=4, pady=5, sticky=(N, S, E, W)) group.grid(column=1, row=1,columnspan=4) self.max_mem_allowed = Pmw.EntryField(group.interior(),labelpos='w', label_text = 'Maximum Memory Allowed (MB):', -@@ -683,7 +686,8 @@ +@@ -735,7 +738,8 @@ group = Pmw.Group(page,tag_text='Ions') - group.pack(fill='both',expand=1, padx=4, pady=5) + #group.pack(fill='both',expand=1, padx=4, pady=5) -+ group.grid(padx=4, pady=5, sticky=(N, S, E, W)) ++ group.grid(padx=4, pady=5, sticky=(N, S, E, W)) group.grid(column=0, row=1, ) self.ion_plus_one_conc = Pmw.EntryField(group.interior(), labelpos='w', -@@ -742,7 +746,8 @@ +@@ -794,7 +798,8 @@ entry.pack(fill='x',expand=1,padx=4) group = Pmw.Group(page,tag_text = 'Coarse Mesh Length') - group.pack(fill = 'both', expand = 1, padx = 4, pady = 5) + #group.pack(fill = 'both', expand = 1, padx = 4, pady = 5) -+ group.grid(padx = 4, pady = 5, sticky=(N, S, E, W)) ++ group.grid(padx = 4, pady = 5, sticky=(N, S, E, W)) group.grid(column = 1, row = 0) for coord in 'x y z'.split(): setattr(self,'grid_coarse_%s'%coord,Pmw.EntryField(group.interior(), -@@ -757,7 +762,8 @@ +@@ -809,7 +814,8 @@ group = Pmw.Group(page,tag_text = 'Fine Mesh Length') - group.pack(fill = 'both', expand = 1, padx = 4, pady = 5) + #group.pack(fill = 'both', expand = 1, padx = 4, pady = 5) -+ group.grid(padx = 4, pady = 5, sticky=(N, S, E, W)) ++ group.grid(padx = 4, pady = 5, sticky=(N, S, E, W)) group.grid(column = 2, row = 0) for coord in 'x y z'.split(): setattr(self,'grid_fine_%s'%coord,Pmw.EntryField(group.interior(), -@@ -772,7 +778,8 @@ +@@ -824,7 +830,8 @@ group = Pmw.Group(page,tag_text = 'Grid Center') - group.pack(fill = 'both', expand = 1, padx = 4, pady = 5) + #group.pack(fill = 'both', expand = 1, padx = 4, pady = 5) -+ group.grid(padx = 4, pady = 5, sticky=(N, S, E, W)) ++ group.grid(padx = 4, pady = 5, sticky=(N, S, E, W)) group.grid(column = 3, row = 0) for coord in 'x y z'.split(): setattr(self,'grid_center_%s'%coord,Pmw.EntryField(group.interior(), -@@ -786,7 +793,8 @@ +@@ -838,7 +845,8 @@ getattr(self,'grid_center_%s'%coord).pack(fill='x', expand=1, padx=4, pady=1) group = Pmw.Group(page,tag_text = 'Grid Points') - group.pack(fill = 'both', expand = 1, padx = 4, pady = 5) + #group.pack(fill = 'both', expand = 1, padx = 4, pady = 5) -+ group.grid(padx = 4, pady = 5, sticky=(N, S, E, W)) ++ group.grid(padx = 4, pady = 5, sticky=(N, S, E, W)) group.grid(column = 4, row = 0) for coord in 'x y z'.split(): setattr(self,'grid_points_%s'%coord,Pmw.EntryField(group.interior(), -@@ -804,7 +812,8 @@ +@@ -856,7 +864,8 @@ page.grid_columnconfigure(5,weight=1) page = self.notebook.add('Program Locations') group = Pmw.Group(page,tag_text='Locations') - group.pack(fill = 'both', expand = 1, padx = 10, pady = 5) + #group.pack(fill = 'both', expand = 1, padx = 10, pady = 5) -+ group.grid(padx = 10, pady = 5, sticky=(N, S, E, W)) ++ group.grid(padx = 10, pady = 5, sticky=(N, S, E, W)) def quickFileValidation(s): if s == '': return Pmw.PARTIAL elif os.path.isfile(s): return Pmw.OK -@@ -867,7 +876,8 @@ +@@ -955,7 +964,8 @@ page = self.notebook.add('Temp File Locations') group = Pmw.Group(page,tag_text='Locations') - group.pack(fill = 'both', expand = 1, padx = 10, pady = 5) + #group.pack(fill = 'both', expand = 1, padx = 10, pady = 5) -+ group.grid(padx = 10, pady = 5, sticky=(N, S, E, W)) ++ group.grid(padx = 10, pady = 5, sticky=(N, S, E, W)) self.pymol_generated_pqr_filename = Pmw.EntryField(group.interior(), labelpos = 'w', label_pyclass = FileDialogButtonClassFactory.get(self.setPymolGeneratedPqrFilename), -@@ -915,17 +925,20 @@ +@@ -1003,17 +1013,20 @@ page = self.notebook.add('Visualization (1)') group = VisualizationGroup(page,tag_text='Visualization',visgroup_num=1) self.visualization_group_1 = group - group.pack(fill = 'both', expand = 1, padx = 10, pady = 5) + #group.pack(fill = 'both', expand = 1, padx = 10, pady = 5) -+ group.grid(padx = 10, pady = 5, sticky=(N, S, E, W)) ++ group.grid(padx = 10, pady = 5, sticky=(N, S, E, W)) page = self.notebook.add('Visualization (2)') group = VisualizationGroup(page,tag_text='Visualization',visgroup_num=2) self.visualization_group_2 = group - group.pack(fill = 'both', expand = 1, padx = 10, pady = 5) + #group.pack(fill = 'both', expand = 1, padx = 10, pady = 5) -+ group.grid(padx = 10, pady = 5, sticky=(N, S, E, W)) ++ group.grid(padx = 10, pady = 5, sticky=(N, S, E, W)) # Create a couple of other empty pages page = self.notebook.add('About') group = Pmw.Group(page, tag_text='About PyMOL APBS Tools') - group.pack(fill = 'both', expand = 1, padx = 10, pady = 5) + #group.pack(fill = 'both', expand = 1, padx = 10, pady = 5) -+ group.grid(padx = 10, pady = 5, sticky=(N, S, E, W)) ++ group.grid(padx = 10, pady = 5, sticky=(N, S, E, W)) text = """This plugin integrates PyMOL (http://PyMOL.org/) with APBS (http://www.poissonboltzmann.org/apbs/). Documentation may be found at -@@ -2158,7 +2171,8 @@ +@@ -2271,7 +2284,8 @@ self.update_buttonbox = Pmw.ButtonBox(self.mm_group.interior(), padx=0) self.update_buttonbox.pack(side=LEFT) self.update_buttonbox.add('Update',command=self.refresh) - self.mm_group.pack(fill = 'both', expand = 1, padx = 4, pady = 5, side=TOP) + #self.mm_group.pack(fill = 'both', expand = 1, padx = 4, pady = 5, side=TOP) -+ self.mm_group.grid(padx = 4, pady = 5, sticky=(N, S, E, W)) ++ self.mm_group.grid(padx = 4, pady = 5, sticky=(N, S, E, W)) self.ms_group = Pmw.Group(self.interior(),tag_text='Molecular Surface') self.ms_buttonbox = Pmw.ButtonBox(self.ms_group.interior(), padx=0) -@@ -2209,7 +2223,8 @@ +@@ -2322,7 +2336,8 @@ bars = (self.mol_surf_low,self.mol_surf_middle,self.mol_surf_high) Pmw.alignlabels(bars) for bar in bars: bar.pack(side=LEFT) - self.ms_group.pack(fill = 'both', expand = 1, padx = 4, pady = 5, side=LEFT) + #self.ms_group.pack(fill = 'both', expand = 1, padx = 4, pady = 5, side=LEFT) -+ self.ms_group.grid(padx = 4, pady = 5, sticky=(N, S, E, W)) ++ self.ms_group.grid(padx = 4, pady = 5, sticky=(N, S, E, W)) self.fl_group = Pmw.Group(self.interior(),tag_text='Field Lines') self.fl_buttonbox = Pmw.ButtonBox(self.fl_group.interior(), padx=0) -@@ -2224,7 +2239,8 @@ +@@ -2337,7 +2352,8 @@ text = """Follows same coloring as surface.""", ) label.pack() - self.fl_group.pack(fill = 'both', expand = 1, padx = 4, pady = 5, side=TOP) + #self.fl_group.pack(fill = 'both', expand = 1, padx = 4, pady = 5, side=TOP) -+ self.fl_group.grid(padx = 4, pady = 5, sticky=(N, S, E, W)) ++ self.fl_group.grid(padx = 4, pady = 5, sticky=(N, S, E, W)) self.pi_group = Pmw.Group(self.interior(),tag_text='Positive Isosurface') self.pi_buttonbox = Pmw.ButtonBox(self.pi_group.interior(), padx=0) -@@ -2243,7 +2259,8 @@ +@@ -2356,7 +2372,8 @@ entryfield_validate = {'validator' : 'real', 'min':0} ) self.pos_surf_val.pack(side=LEFT) - self.pi_group.pack(fill = 'both', expand = 1, padx = 4, pady = 5, side=LEFT) + #self.pi_group.pack(fill = 'both', expand = 1, padx = 4, pady = 5, side=LEFT) -+ self.pi_group.grid(padx = 4, pady = 5, sticky=(N, S, E, W)) ++ self.pi_group.grid(padx = 4, pady = 5, sticky=(N, S, E, W)) self.ni_group = Pmw.Group(self.interior(),tag_text='Negative Isosurface') self.ni_buttonbox = Pmw.ButtonBox(self.ni_group.interior(), padx=0) -@@ -2262,7 +2279,8 @@ +@@ -2375,7 +2392,8 @@ entryfield_validate = {'validator' : 'real', 'max':0} ) self.neg_surf_val.pack(side=LEFT) - self.ni_group.pack(fill = 'both', expand = 1, padx = 4, pady = 5, side=LEFT) + #self.ni_group.pack(fill = 'both', expand = 1, padx = 4, pady = 5, side=LEFT) -+ self.ni_group.grid(padx = 4, pady = 5, sticky=(N, S, E, W)) ++ self.ni_group.grid(padx = 4, pady = 5, sticky=(N, S, E, W)) diff --git a/community/the_silver_searcher/PKGBUILD b/community/the_silver_searcher/PKGBUILD index b25f68b16..8c2d3aac7 100644 --- a/community/the_silver_searcher/PKGBUILD +++ b/community/the_silver_searcher/PKGBUILD @@ -1,10 +1,10 @@ -# $Id: PKGBUILD 110246 2014-04-27 19:31:42Z arodseth $ +# $Id: PKGBUILD 111083 2014-05-13 12:15:17Z arodseth $ # Maintainer: Alexander Rødseth <rodseth@gmail.com> # Contributor: Jeff Horelick <jdhore1@gmail.com> # Contributor: skydrome <skydrome@i2pmail.org> pkgname=the_silver_searcher -pkgver=0.21.1 +pkgver=0.22.0 pkgrel=1 pkgdesc='Code searching tool similar to Ack, but faster' url='https://github.com/ggreer/the_silver_searcher' @@ -12,7 +12,7 @@ license=('Apache') depends=('pcre' 'zlib' 'xz') makedepends=('git') arch=('x86_64' 'i686') -source=("git://github.com/ggreer/$pkgname.git#commit=ac1e7e4b0cdd37e64f9af7256b8a4568c5546ec2") +source=("git://github.com/ggreer/$pkgname.git#tag=$pkgver") md5sums=('SKIP') prepare() { diff --git a/community/vagrant/PKGBUILD b/community/vagrant/PKGBUILD index cfe4ac628..ad0e6541c 100644 --- a/community/vagrant/PKGBUILD +++ b/community/vagrant/PKGBUILD @@ -1,4 +1,4 @@ -# $Id: PKGBUILD 110860 2014-05-08 17:45:19Z jsteel $ +# $Id: PKGBUILD 111096 2014-05-13 17:47:05Z jsteel $ # Maintainer: Jonathan Steel <jsteel at aur.archlinux.org> # Contributor: Ido Rosen <ido@kernel.org> # Contributor: Brett Hoerner <brett@bretthoerner.com> @@ -10,7 +10,7 @@ # Contributor: Steven Nance <steven@devtrw.com> pkgname=vagrant -pkgver=1.6.1 +pkgver=1.6.2 pkgrel=1 pkgdesc="Build and distribute virtualized development environments" arch=('i686' 'x86_64') @@ -18,9 +18,10 @@ url="http://vagrantup.com" license=('MIT') options=('!emptydirs') depends=('ruby' 'curl' 'lzo2' 'libidn' 'rtmpdump') +makedepends=('git') source=(http://github.com/mitchellh/$pkgname/archive/v$pkgver.tar.gz http://pkgbuild.com/~jsteel/aur/$pkgname/substrate_archlinux_$CARCH.zip) -md5sums=('6dea6bea9055df3ab2d43de6b522e003') +md5sums=('99ee5b69d9e3966a8ed081e46d1844ba') [[ $CARCH == i686 ]] && md5sums[3]='c04042b24de56d18a041bc005e5ecaa4' [[ $CARCH == x86_64 ]] && md5sums[3]='53d8a137e0b50fee8509a7d1c15fd33b' diff --git a/core/dbus/PKGBUILD b/core/dbus/PKGBUILD index 7afab2a65..1ba14c299 100644 --- a/core/dbus/PKGBUILD +++ b/core/dbus/PKGBUILD @@ -1,26 +1,23 @@ -# $Id: PKGBUILD 204675 2014-01-24 19:00:33Z dreisner $ +# $Id: PKGBUILD 212337 2014-05-13 14:02:03Z jgc $ # Maintainer: Tom Gundersen <teg@jklm.no> # Maintainer: Jan de Groot <jgc@archlinux.org> # Contributor: Link Dupont <link@subpop.net> -# + pkgbase=dbus pkgname=('dbus' 'libdbus') -pkgver=1.8.0 +pkgver=1.8.2 pkgrel=1 pkgdesc="Freedesktop.org message bus system" url="http://www.freedesktop.org/Software/dbus" arch=(i686 x86_64) license=('GPL' 'custom') makedepends=('libx11' 'systemd' 'xmlto' 'docbook-xsl') -source=(http://dbus.freedesktop.org/releases/dbus/dbus-$pkgver.tar.gz +source=(http://dbus.freedesktop.org/releases/dbus/dbus-$pkgver.tar.gz{,.asc} 30-dbus) -md5sums=('059fbe84e39fc99c67a14f15b1f39dff' +md5sums=('d6f709bbec0a022a1847c7caec9d6068' + 'SKIP' '3314d727fa57fc443fce25b5cbeebbcc') -prepare() { - cd dbus-$pkgver -} - build() { cd dbus-$pkgver ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var \ @@ -44,28 +41,25 @@ package_dbus(){ replaces=('dbus-core') cd dbus-$pkgver + + # Disable installation of libdbus + sed -i -e 's/^SUBDIRS = dbus/SUBDIRS =/' Makefile + make DESTDIR="$pkgdir" install - rm -rf "$pkgdir/var/run" + rm -rf "${pkgdir}/var/run" + rm -rf "${pkgdir}/usr/lib/pkgconfig" install -Dm755 ../30-dbus "$pkgdir/etc/X11/xinit/xinitrc.d/30-dbus" - install -Dm644 COPYING "$pkgdir/usr/share/licenses/dbus/COPYING" - - # split out libdbus-1 - rm -rf "$srcdir/_libdbus" - install -dm755 "$srcdir"/_libdbus/usr/lib/dbus-1.0 - mv "$pkgdir"/usr/include "$srcdir"/_libdbus/usr/ - mv "$pkgdir"/usr/lib/pkgconfig "$srcdir"/_libdbus/usr/lib/ - mv "$pkgdir"/usr/lib/libdbus* "$srcdir"/_libdbus/usr/lib/ - mv "$pkgdir"/usr/lib/dbus-1.0/include "$srcdir"/_libdbus/usr/lib/dbus-1.0/ - install -Dm644 COPYING "$srcdir"/_libdbus/usr/share/licenses/libdbus/COPYING } package_libdbus(){ pkgdesc="DBus library" depends=('glibc') - - mv "$srcdir"/_libdbus/* "$pkgdir" + cd dbus-$pkgver + make DESTDIR="$pkgdir" -C dbus install + make DESTDIR="$pkgdir" install-data-am + install -Dm644 COPYING "${pkgdir}/usr/share/licenses/libdbus/COPYING" } diff --git a/core/dbus/memleak.patch b/core/dbus/memleak.patch deleted file mode 100644 index 7dea7943e..000000000 --- a/core/dbus/memleak.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 03aeaccbffa97c9237b57ca067e3da7388862129 Mon Sep 17 00:00:00 2001 -From: Radoslaw Pajak <r.pajak@samsung.com> -Date: Fri, 08 Nov 2013 12:51:32 +0000 -Subject: fixed memory freeing if error during listing services - -Signed-off-by: Radoslaw Pajak <r.pajak@samsung.com> -Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk> -Bug: https://bugs.freedesktop.org/show_bug.cgi?id=71526 ---- -diff --git a/bus/activation.c b/bus/activation.c -index fcb7133..ea48a26 100644 ---- a/bus/activation.c -+++ b/bus/activation.c -@@ -2179,7 +2179,7 @@ bus_activation_list_services (BusActivation *activation, - - error: - for (j = 0; j < i; j++) -- dbus_free (retval[i]); -+ dbus_free (retval[j]); - dbus_free (retval); - - return FALSE; -diff --git a/bus/services.c b/bus/services.c -index 6f380fa..01a720e 100644 ---- a/bus/services.c -+++ b/bus/services.c -@@ -368,7 +368,7 @@ bus_registry_list_services (BusRegistry *registry, - - error: - for (j = 0; j < i; j++) -- dbus_free (retval[i]); -+ dbus_free (retval[j]); - dbus_free (retval); - - return FALSE; --- -cgit v0.9.0.2-2-gbebe diff --git a/core/dbus/systemd-user-session.patch b/core/dbus/systemd-user-session.patch deleted file mode 100644 index 3e05324da..000000000 --- a/core/dbus/systemd-user-session.patch +++ /dev/null @@ -1,183 +0,0 @@ -commit d728fdc655f17031da3bb129ab2fd17dadf0fe3a -Author: Simon Peeters <peeters.simon@gmail.com> -Date: 8 weeks ago - - Set correct address when using --address=systemd: - - When dbus gets launched through systemd, we need to create an address - string based on the sockets passed. - - The _dbus_append_addres_from_socket() function is responsible for - extracting the address information from the file-descriptor and - formatting it in a dbus friendly way. - - This fixes bus activation when running dbus under a systemd session. - - https://bugs.freedesktop.org/show_bug.cgi?id=50962 - - Signed-off-by: Simon Peeters <peeters.simon@gmail.com> - -diff --git a/dbus/dbus-server-unix.c b/dbus/dbus-server-unix.c -index 130f66e..d995240 100644 ---- a/dbus/dbus-server-unix.c -+++ b/dbus/dbus-server-unix.c -@@ -149,7 +149,7 @@ _dbus_server_listen_platform_specific (DBusAddressEntry *entry, - } - else if (strcmp (method, "systemd") == 0) - { -- int n, *fds; -+ int i, n, *fds; - DBusString address; - - n = _dbus_listen_systemd_sockets (&fds, error); -@@ -159,27 +159,39 @@ _dbus_server_listen_platform_specific (DBusAddressEntry *entry, - return DBUS_SERVER_LISTEN_DID_NOT_CONNECT; - } - -- _dbus_string_init_const (&address, "systemd:"); -+ if (!_dbus_string_init (&address)) -+ goto systemd_oom; - -- *server_p = _dbus_server_new_for_socket (fds, n, &address, NULL); -- if (*server_p == NULL) -+ for (i = 0; i < n; i++) - { -- int i; -- -- for (i = 0; i < n; i++) -+ if (i > 0) - { -- _dbus_close_socket (fds[i], NULL); -+ if (!_dbus_string_append (&address, ";")) -+ goto systemd_oom; - } -- dbus_free (fds); -- -- dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); -- return DBUS_SERVER_LISTEN_DID_NOT_CONNECT; -+ if (!_dbus_append_address_from_socket (fds[i], &address, error)) -+ goto systemd_err; - } - -+ *server_p = _dbus_server_new_for_socket (fds, n, &address, NULL); -+ if (*server_p == NULL) -+ goto systemd_oom; -+ - dbus_free (fds); - - return DBUS_SERVER_LISTEN_OK; -- } -+ systemd_oom: -+ _DBUS_SET_OOM (error); -+ systemd_err: -+ for (i = 0; i < n; i++) -+ { -+ _dbus_close_socket (fds[i], NULL); -+ } -+ dbus_free (fds); -+ _dbus_string_free (&address); -+ -+ return DBUS_SERVER_LISTEN_DID_NOT_CONNECT; -+ } - #ifdef DBUS_ENABLE_LAUNCHD - else if (strcmp (method, "launchd") == 0) - { -diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c -index b4ecc96..55743b1 100644 ---- a/dbus/dbus-sysdeps-unix.c -+++ b/dbus/dbus-sysdeps-unix.c -@@ -55,6 +55,7 @@ - #include <netinet/in.h> - #include <netdb.h> - #include <grp.h> -+#include <arpa/inet.h> - - #ifdef HAVE_ERRNO_H - #include <errno.h> -@@ -4160,4 +4161,71 @@ _dbus_check_setuid (void) - #endif - } - -+/** -+ * Read the address from the socket and append it to the string -+ * -+ * @param fd the socket -+ * @param address -+ * @param error return location for error code -+ */ -+dbus_bool_t -+_dbus_append_address_from_socket (int fd, -+ DBusString *address, -+ DBusError *error) -+{ -+ union { -+ struct sockaddr sa; -+ struct sockaddr_storage storage; -+ struct sockaddr_un un; -+ struct sockaddr_in ipv4; -+ struct sockaddr_in6 ipv6; -+ } socket; -+ char hostip[INET6_ADDRSTRLEN]; -+ int size = sizeof (socket); -+ -+ if (getsockname (fd, &socket.sa, &size)) -+ goto err; -+ -+ switch (socket.sa.sa_family) -+ { -+ case AF_UNIX: -+ if (socket.un.sun_path[0]=='\0') -+ { -+ if (_dbus_string_append_printf (address, "unix:abstract=%s", &(socket.un.sun_path[1]))) -+ return TRUE; -+ } -+ else -+ { -+ if (_dbus_string_append_printf (address, "unix:path=%s", socket.un.sun_path)) -+ return TRUE; -+ } -+ break; -+ case AF_INET: -+ if (inet_ntop (AF_INET, &socket.ipv4.sin_addr, hostip, sizeof (hostip))) -+ if (_dbus_string_append_printf (address, "tcp:family=ipv4,host=%s,port=%u", -+ hostip, ntohs (socket.ipv4.sin_port))) -+ return TRUE; -+ break; -+#ifdef AF_INET6 -+ case AF_INET6: -+ if (inet_ntop (AF_INET6, &socket.ipv6.sin6_addr, hostip, sizeof (hostip))) -+ if (_dbus_string_append_printf (address, "tcp:family=ipv6,host=%s,port=%u", -+ hostip, ntohs (socket.ipv6.sin6_port))) -+ return TRUE; -+ break; -+#endif -+ default: -+ dbus_set_error (error, -+ _dbus_error_from_errno (EINVAL), -+ "Failed to read address from socket: Unknown socket type."); -+ return FALSE; -+ } -+ err: -+ dbus_set_error (error, -+ _dbus_error_from_errno (errno), -+ "Failed to open socket: %s", -+ _dbus_strerror (errno)); -+ return FALSE; -+} -+ - /* tests in dbus-sysdeps-util.c */ -diff --git a/dbus/dbus-sysdeps-unix.h b/dbus/dbus-sysdeps-unix.h -index 9b70896..a265b33 100644 ---- a/dbus/dbus-sysdeps-unix.h -+++ b/dbus/dbus-sysdeps-unix.h -@@ -138,6 +138,10 @@ dbus_bool_t _dbus_parse_uid (const DBusString *uid_str, - - void _dbus_close_all (void); - -+dbus_bool_t _dbus_append_address_from_socket (int fd, -+ DBusString *address, -+ DBusError *error); -+ - /** @} */ - - DBUS_END_DECLS diff --git a/extra/gcr/PKGBUILD b/extra/gcr/PKGBUILD index c2fdf4d89..fcd3d62e8 100644 --- a/extra/gcr/PKGBUILD +++ b/extra/gcr/PKGBUILD @@ -1,8 +1,8 @@ -# $Id: PKGBUILD 210436 2014-04-14 20:06:11Z jgc $ +# $Id: PKGBUILD 212356 2014-05-13 22:00:54Z jgc $ # Maintainer: Ionut Biru <ibiru@archlinux.org> pkgname=gcr -pkgver=3.12.0 +pkgver=3.12.2 pkgrel=1 pkgdesc="A library for bits of crypto UI and parsing" arch=(i686 x86_64) @@ -15,7 +15,7 @@ options=('!makeflags') install=gcr.install source=(http://download.gnome.org/sources/$pkgname/${pkgver%.*}/$pkgname-$pkgver.tar.xz 10-gcr.conf) -sha256sums=('9d561d0b0a43aaad55fc1d464b3ee3e1687a5021e444f1bbdce3ae624518de77' +sha256sums=('456e20615ab178aa92eeabdea64dcce535c10d5af189171d9375291a2447d21c' '5f2eda7175ae9f23ee0e09d2beceb24fd2f6daafd7bddfcc1c1f5a3734eb60fc') build() { diff --git a/extra/gnome-keyring/PKGBUILD b/extra/gnome-keyring/PKGBUILD index 3bd08d12a..aa3c7e9b2 100644 --- a/extra/gnome-keyring/PKGBUILD +++ b/extra/gnome-keyring/PKGBUILD @@ -1,8 +1,8 @@ -#$Id: PKGBUILD 210467 2014-04-14 20:06:35Z jgc $ +#$Id: PKGBUILD 212352 2014-05-13 21:34:38Z jgc $ # Maintainer: Jan De Groot <jgc@archlinux.org> pkgname=gnome-keyring -pkgver=3.12.0 +pkgver=3.12.2 pkgrel=1 pkgdesc="GNOME Password Management daemon" arch=(i686 x86_64) @@ -14,7 +14,7 @@ options=('!emptydirs') url="http://www.gnome.org" install=gnome-keyring.install source=(http://ftp.gnome.org/pub/gnome/sources/$pkgname/${pkgver:0:4}/$pkgname-$pkgver.tar.xz) -sha256sums=('92695ed4d78a576ae77a9ac6faa8fe59db14358ec46b073199e70d537e29ec5f') +sha256sums=('3bc39a42d445b82d24247a8c39eeb0eef7ecb1c8ebb8e6ec62671868be93fd4c') build() { cd "$pkgname-$pkgver" diff --git a/extra/libxfont/CVE-2014-209-210-211.patch b/extra/libxfont/CVE-2014-209-210-211.patch new file mode 100644 index 000000000..5979dbbe0 --- /dev/null +++ b/extra/libxfont/CVE-2014-209-210-211.patch @@ -0,0 +1,925 @@ +From 2f5e57317339c526e6eaee1010b0e2ab8089c42e Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Fri, 25 Apr 2014 23:01:11 -0700 +Subject: [PATCH 01/12] CVE-2014-0209: integer overflow of realloc() size in + FontFileAddEntry() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +FontFileReadDirectory() opens a fonts.dir file, and reads over every +line in an fscanf loop. For each successful entry read (font name, +file name) a call is made to FontFileAddFontFile(). + +FontFileAddFontFile() will add a font file entry (for the font name +and file) each time it’s called, by calling FontFileAddEntry(). +FontFileAddEntry() will do the actual adding. If the table it has +to add to is full, it will do a realloc, adding 100 more entries +to the table size without checking to see if that will overflow the +int used to store the size. + +Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Adam Jackson <ajax@redhat.com> +Reviewed-by: Matthieu Herrb <matthieu@herrb.eu> +--- + src/fontfile/fontdir.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/src/fontfile/fontdir.c b/src/fontfile/fontdir.c +index ef7ffa5..7271603 100644 +--- a/src/fontfile/fontdir.c ++++ b/src/fontfile/fontdir.c +@@ -177,6 +177,11 @@ FontFileAddEntry(FontTablePtr table, FontEntryPtr prototype) + if (table->sorted) + return (FontEntryPtr) 0; /* "cannot" happen */ + if (table->used == table->size) { ++ if (table->size >= ((INT32_MAX / sizeof(FontEntryRec)) - 100)) ++ /* If we've read so many entries we're going to ask for 2gb ++ or more of memory, something is so wrong with this font ++ directory that we should just give up before we overflow. */ ++ return NULL; + newsize = table->size + 100; + entry = realloc(table->entries, newsize * sizeof(FontEntryRec)); + if (!entry) +-- +1.9.2 + + +From 05c8020a49416dd8b7510cbba45ce4f3fc81a7dc Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Fri, 25 Apr 2014 23:01:48 -0700 +Subject: [PATCH 02/12] CVE-2014-0209: integer overflow of realloc() size in + lexAlias() + +lexAlias() reads from a file in a loop. It does this by starting with a +64 byte buffer. If that size limit is hit, it does a realloc of the +buffer size << 1, basically doubling the needed length every time the +length limit is hit. + +Eventually, this will shift out to 0 (for a length of ~4gig), and that +length will be passed on to realloc(). A length of 0 (with a valid +pointer) causes realloc to free the buffer on most POSIX platforms, +but the caller will still have a pointer to it, leading to use after +free issues. + +Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Adam Jackson <ajax@redhat.com> +Reviewed-by: Matthieu Herrb <matthieu@herrb.eu> +--- + src/fontfile/dirfile.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/fontfile/dirfile.c b/src/fontfile/dirfile.c +index cb28333..38ced75 100644 +--- a/src/fontfile/dirfile.c ++++ b/src/fontfile/dirfile.c +@@ -42,6 +42,7 @@ in this Software without prior written authorization from The Open Group. + #include <sys/types.h> + #include <sys/stat.h> + #include <errno.h> ++#include <limits.h> + + static Bool AddFileNameAliases ( FontDirectoryPtr dir ); + static int ReadFontAlias ( char *directory, Bool isFile, +@@ -376,6 +377,9 @@ lexAlias(FILE *file, char **lexToken) + int nsize; + char *nbuf; + ++ if (tokenSize >= (INT_MAX >> 2)) ++ /* Stop before we overflow */ ++ return EALLOC; + nsize = tokenSize ? (tokenSize << 1) : 64; + nbuf = realloc(tokenBuf, nsize); + if (!nbuf) +-- +1.9.2 + + +From 891e084b26837162b12f841060086a105edde86d Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Fri, 25 Apr 2014 23:02:00 -0700 +Subject: [PATCH 03/12] CVE-2014-0210: unvalidated length in + _fs_recv_conn_setup() + +The connection setup reply from the font server can include a list +of alternate servers to contact if this font server stops working. + +The reply specifies a total size of all the font server names, and +then provides a list of names. _fs_recv_conn_setup() allocated the +specified total size for copying the names to, but didn't check to +make sure it wasn't copying more data to that buffer than the size +it had allocated. + +Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Adam Jackson <ajax@redhat.com> +Reviewed-by: Matthieu Herrb <matthieu@herrb.eu> +--- + src/fc/fserve.c | 20 ++++++++++++++++++-- + 1 file changed, 18 insertions(+), 2 deletions(-) + +diff --git a/src/fc/fserve.c b/src/fc/fserve.c +index 3585951..aa9acdb 100644 +--- a/src/fc/fserve.c ++++ b/src/fc/fserve.c +@@ -2784,7 +2784,7 @@ _fs_recv_conn_setup (FSFpePtr conn) + int ret = FSIO_ERROR; + fsConnSetup *setup; + FSFpeAltPtr alts; +- int i, alt_len; ++ unsigned int i, alt_len; + int setup_len; + char *alt_save, *alt_names; + +@@ -2811,8 +2811,9 @@ _fs_recv_conn_setup (FSFpePtr conn) + } + if (setup->num_alternates) + { ++ size_t alt_name_len = setup->alternate_len << 2; + alts = malloc (setup->num_alternates * sizeof (FSFpeAltRec) + +- (setup->alternate_len << 2)); ++ alt_name_len); + if (alts) + { + alt_names = (char *) (setup + 1); +@@ -2821,10 +2822,25 @@ _fs_recv_conn_setup (FSFpePtr conn) + { + alts[i].subset = alt_names[0]; + alt_len = alt_names[1]; ++ if (alt_len >= alt_name_len) { ++ /* ++ * Length is longer than setup->alternate_len ++ * told us to allocate room for, assume entire ++ * alternate list is corrupted. ++ */ ++#ifdef DEBUG ++ fprintf (stderr, ++ "invalid alt list (length %lx >= %lx)\n", ++ (long) alt_len, (long) alt_name_len); ++#endif ++ free(alts); ++ return FSIO_ERROR; ++ } + alts[i].name = alt_save; + memcpy (alt_save, alt_names + 2, alt_len); + alt_save[alt_len] = '\0'; + alt_save += alt_len + 1; ++ alt_name_len -= alt_len + 1; + alt_names += _fs_pad_length (alt_len + 2); + } + conn->numAlts = setup->num_alternates; +-- +1.9.2 + + +From cbb64aef35960b2882be721f4b8fbaa0fb649d12 Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Fri, 25 Apr 2014 23:02:12 -0700 +Subject: [PATCH 04/12] CVE-2014-0210: unvalidated lengths when reading replies + from font server + +Functions to handle replies to font server requests were casting replies +from the generic form to reply specific structs without first checking +that the reply was at least as long as the struct being cast to. + +Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Adam Jackson <ajax@redhat.com> +Reviewed-by: Matthieu Herrb <matthieu@herrb.eu> +--- + src/fc/fserve.c | 44 ++++++++++++++++++++++++++++++++++++++------ + 1 file changed, 38 insertions(+), 6 deletions(-) + +diff --git a/src/fc/fserve.c b/src/fc/fserve.c +index aa9acdb..f08028f 100644 +--- a/src/fc/fserve.c ++++ b/src/fc/fserve.c +@@ -91,6 +91,12 @@ in this Software without prior written authorization from The Open Group. + (pci)->descent || \ + (pci)->characterWidth) + ++/* ++ * SIZEOF(r) is in bytes, length fields in the protocol are in 32-bit words, ++ * so this converts for doing size comparisons. ++ */ ++#define LENGTHOF(r) (SIZEOF(r) >> 2) ++ + extern void ErrorF(const char *f, ...); + + static int fs_read_glyphs ( FontPathElementPtr fpe, FSBlockDataPtr blockrec ); +@@ -206,9 +212,22 @@ _fs_add_rep_log (FSFpePtr conn, fsGenericReply *rep) + rep->sequenceNumber, + conn->reqbuffer[i].opcode); + } ++ ++#define _fs_reply_failed(rep, name, op) do { \ ++ if (rep) { \ ++ if (rep->type == FS_Error) \ ++ fprintf (stderr, "Error: %d Request: %s\n", \ ++ ((fsError *)rep)->request, #name); \ ++ else \ ++ fprintf (stderr, "Bad Length for %s Reply: %d %s %d\n", \ ++ #name, rep->length, op, LENGTHOF(name)); \ ++ } \ ++} while (0) ++ + #else + #define _fs_add_req_log(conn,op) ((conn)->current_seq++) + #define _fs_add_rep_log(conn,rep) ++#define _fs_reply_failed(rep,name,op) + #endif + + static Bool +@@ -682,13 +701,15 @@ fs_read_open_font(FontPathElementPtr fpe, FSBlockDataPtr blockrec) + int ret; + + rep = (fsOpenBitmapFontReply *) fs_get_reply (conn, &ret); +- if (!rep || rep->type == FS_Error) ++ if (!rep || rep->type == FS_Error || ++ (rep->length != LENGTHOF(fsOpenBitmapFontReply))) + { + if (ret == FSIO_BLOCK) + return StillWorking; + if (rep) + _fs_done_read (conn, rep->length << 2); + fs_cleanup_bfont (bfont); ++ _fs_reply_failed (rep, fsOpenBitmapFontReply, "!="); + return BadFontName; + } + +@@ -824,13 +845,15 @@ fs_read_query_info(FontPathElementPtr fpe, FSBlockDataPtr blockrec) + int ret; + + rep = (fsQueryXInfoReply *) fs_get_reply (conn, &ret); +- if (!rep || rep->type == FS_Error) ++ if (!rep || rep->type == FS_Error || ++ (rep->length < LENGTHOF(fsQueryXInfoReply))) + { + if (ret == FSIO_BLOCK) + return StillWorking; + if (rep) + _fs_done_read (conn, rep->length << 2); + fs_cleanup_bfont (bfont); ++ _fs_reply_failed (rep, fsQueryXInfoReply, "<"); + return BadFontName; + } + +@@ -951,13 +974,15 @@ fs_read_extent_info(FontPathElementPtr fpe, FSBlockDataPtr blockrec) + FontInfoRec *fi = &bfont->pfont->info; + + rep = (fsQueryXExtents16Reply *) fs_get_reply (conn, &ret); +- if (!rep || rep->type == FS_Error) ++ if (!rep || rep->type == FS_Error || ++ (rep->length < LENGTHOF(fsQueryXExtents16Reply))) + { + if (ret == FSIO_BLOCK) + return StillWorking; + if (rep) + _fs_done_read (conn, rep->length << 2); + fs_cleanup_bfont (bfont); ++ _fs_reply_failed (rep, fsQueryXExtents16Reply, "<"); + return BadFontName; + } + +@@ -1823,13 +1848,15 @@ fs_read_glyphs(FontPathElementPtr fpe, FSBlockDataPtr blockrec) + unsigned long minchar, maxchar; + + rep = (fsQueryXBitmaps16Reply *) fs_get_reply (conn, &ret); +- if (!rep || rep->type == FS_Error) ++ if (!rep || rep->type == FS_Error || ++ (rep->length < LENGTHOF(fsQueryXBitmaps16Reply))) + { + if (ret == FSIO_BLOCK) + return StillWorking; + if (rep) + _fs_done_read (conn, rep->length << 2); + err = AllocError; ++ _fs_reply_failed (rep, fsQueryXBitmaps16Reply, "<"); + goto bail; + } + +@@ -2232,12 +2259,14 @@ fs_read_list(FontPathElementPtr fpe, FSBlockDataPtr blockrec) + int err; + + rep = (fsListFontsReply *) fs_get_reply (conn, &ret); +- if (!rep || rep->type == FS_Error) ++ if (!rep || rep->type == FS_Error || ++ (rep->length < LENGTHOF(fsListFontsReply))) + { + if (ret == FSIO_BLOCK) + return StillWorking; + if (rep) + _fs_done_read (conn, rep->length << 2); ++ _fs_reply_failed (rep, fsListFontsReply, "<"); + return AllocError; + } + data = (char *) rep + SIZEOF (fsListFontsReply); +@@ -2356,12 +2385,15 @@ fs_read_list_info(FontPathElementPtr fpe, FSBlockDataPtr blockrec) + _fs_free_props (&binfo->info); + + rep = (fsListFontsWithXInfoReply *) fs_get_reply (conn, &ret); +- if (!rep || rep->type == FS_Error) ++ if (!rep || rep->type == FS_Error || ++ ((rep->nameLength != 0) && ++ (rep->length < LENGTHOF(fsListFontsWithXInfoReply)))) + { + if (ret == FSIO_BLOCK) + return StillWorking; + binfo->status = FS_LFWI_FINISHED; + err = AllocError; ++ _fs_reply_failed (rep, fsListFontsWithXInfoReply, "<"); + goto done; + } + /* +-- +1.9.2 + + +From 0f1a5d372c143f91a602bdf10c917d7eabaee09b Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Fri, 25 Apr 2014 23:02:25 -0700 +Subject: [PATCH 05/12] CVE-2014-0211: Integer overflow in + fs_get_reply/_fs_start_read + +fs_get_reply() would take any reply size, multiply it by 4 and pass to +_fs_start_read. If that size was bigger than the current reply buffer +size, _fs_start_read would add it to the existing buffer size plus the +buffer size increment constant and realloc the buffer to that result. + +This math could overflow, causing the code to allocate a smaller +buffer than the amount it was about to read into that buffer from +the network. It could also succeed, allowing the remote font server +to cause massive allocations in the X server, possibly using up all +the address space in a 32-bit X server, allowing the triggering of +other bugs in code that fails to handle malloc failure properly. + +This patch protects against both problems, by disconnecting any +font server trying to feed us more than (the somewhat arbitrary) +64 mb in a single reply. + +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Adam Jackson <ajax@redhat.com> +Reviewed-by: Matthieu Herrb <matthieu@herrb.eu> +--- + src/fc/fserve.c | 18 ++++++++++++++++++ + 1 file changed, 18 insertions(+) + +diff --git a/src/fc/fserve.c b/src/fc/fserve.c +index f08028f..3abbacf 100644 +--- a/src/fc/fserve.c ++++ b/src/fc/fserve.c +@@ -97,6 +97,9 @@ in this Software without prior written authorization from The Open Group. + */ + #define LENGTHOF(r) (SIZEOF(r) >> 2) + ++/* Somewhat arbitrary limit on maximum reply size we'll try to read. */ ++#define MAX_REPLY_LENGTH ((64 * 1024 * 1024) >> 2) ++ + extern void ErrorF(const char *f, ...); + + static int fs_read_glyphs ( FontPathElementPtr fpe, FSBlockDataPtr blockrec ); +@@ -619,6 +622,21 @@ fs_get_reply (FSFpePtr conn, int *error) + + rep = (fsGenericReply *) buf; + ++ /* ++ * Refuse to accept replies longer than a maximum reasonable length, ++ * before we pass to _fs_start_read, since it will try to resize the ++ * incoming connection buffer to this size. Also avoids integer overflow ++ * on 32-bit systems. ++ */ ++ if (rep->length > MAX_REPLY_LENGTH) ++ { ++ ErrorF("fserve: reply length %d > MAX_REPLY_LENGTH, disconnecting" ++ " from font server\n", rep->length); ++ _fs_connection_died (conn); ++ *error = FSIO_ERROR; ++ return 0; ++ } ++ + ret = _fs_start_read (conn, rep->length << 2, &buf); + if (ret != FSIO_READY) + { +-- +1.9.2 + + +From 491291cabf78efdeec8f18b09e14726a9030cc8f Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Fri, 25 Apr 2014 23:02:34 -0700 +Subject: [PATCH 06/12] CVE-2014-0210: unvalidated length fields in + fs_read_query_info() + +fs_read_query_info() parses a reply from the font server. The reply +contains embedded length fields, none of which are validated. This +can cause out of bound reads in either fs_read_query_info() or in +_fs_convert_props() which it calls to parse the fsPropInfo in the reply. + +Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Adam Jackson <ajax@redhat.com> +Reviewed-by: Matthieu Herrb <matthieu@herrb.eu> +--- + src/fc/fsconvert.c | 9 +++++++++ + src/fc/fserve.c | 37 +++++++++++++++++++++++++++++++++++++ + 2 files changed, 46 insertions(+) + +diff --git a/src/fc/fsconvert.c b/src/fc/fsconvert.c +index 75b5372..dfa1317 100644 +--- a/src/fc/fsconvert.c ++++ b/src/fc/fsconvert.c +@@ -118,6 +118,10 @@ _fs_convert_props(fsPropInfo *pi, fsPropOffset *po, pointer pd, + for (i = 0; i < nprops; i++, dprop++, is_str++) + { + memcpy(&local_off, off_adr, SIZEOF(fsPropOffset)); ++ if ((local_off.name.position >= pi->data_len) || ++ (local_off.name.length > ++ (pi->data_len - local_off.name.position))) ++ goto bail; + dprop->name = MakeAtom(&pdc[local_off.name.position], + local_off.name.length, 1); + if (local_off.type != PropTypeString) { +@@ -125,10 +129,15 @@ _fs_convert_props(fsPropInfo *pi, fsPropOffset *po, pointer pd, + dprop->value = local_off.value.position; + } else { + *is_str = TRUE; ++ if ((local_off.value.position >= pi->data_len) || ++ (local_off.value.length > ++ (pi->data_len - local_off.value.position))) ++ goto bail; + dprop->value = (INT32) MakeAtom(&pdc[local_off.value.position], + local_off.value.length, 1); + if (dprop->value == BAD_RESOURCE) + { ++ bail: + free (pfi->props); + pfi->nprops = 0; + pfi->props = 0; +diff --git a/src/fc/fserve.c b/src/fc/fserve.c +index 3abbacf..ec5336e 100644 +--- a/src/fc/fserve.c ++++ b/src/fc/fserve.c +@@ -854,6 +854,7 @@ fs_read_query_info(FontPathElementPtr fpe, FSBlockDataPtr blockrec) + FSFpePtr conn = (FSFpePtr) fpe->private; + fsQueryXInfoReply *rep; + char *buf; ++ long bufleft; /* length of reply left to use */ + fsPropInfo *pi; + fsPropOffset *po; + pointer pd; +@@ -885,6 +886,9 @@ fs_read_query_info(FontPathElementPtr fpe, FSBlockDataPtr blockrec) + buf = (char *) rep; + buf += SIZEOF(fsQueryXInfoReply); + ++ bufleft = rep->length << 2; ++ bufleft -= SIZEOF(fsQueryXInfoReply); ++ + /* move the data over */ + fsUnpack_XFontInfoHeader(rep, pInfo); + +@@ -892,17 +896,50 @@ fs_read_query_info(FontPathElementPtr fpe, FSBlockDataPtr blockrec) + _fs_init_fontinfo(conn, pInfo); + + /* Compute offsets into the reply */ ++ if (bufleft < SIZEOF(fsPropInfo)) ++ { ++ ret = -1; ++#ifdef DEBUG ++ fprintf(stderr, "fsQueryXInfo: bufleft (%ld) < SIZEOF(fsPropInfo)\n", ++ bufleft); ++#endif ++ goto bail; ++ } + pi = (fsPropInfo *) buf; + buf += SIZEOF (fsPropInfo); ++ bufleft -= SIZEOF(fsPropInfo); + ++ if ((bufleft / SIZEOF(fsPropOffset)) < pi->num_offsets) ++ { ++ ret = -1; ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsQueryXInfo: bufleft (%ld) / SIZEOF(fsPropOffset) < %d\n", ++ bufleft, pi->num_offsets); ++#endif ++ goto bail; ++ } + po = (fsPropOffset *) buf; + buf += pi->num_offsets * SIZEOF(fsPropOffset); ++ bufleft -= pi->num_offsets * SIZEOF(fsPropOffset); + ++ if (bufleft < pi->data_len) ++ { ++ ret = -1; ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsQueryXInfo: bufleft (%ld) < data_len (%d)\n", ++ bufleft, pi->data_len); ++#endif ++ goto bail; ++ } + pd = (pointer) buf; + buf += pi->data_len; ++ bufleft -= pi->data_len; + + /* convert the properties and step over the reply */ + ret = _fs_convert_props(pi, po, pd, pInfo); ++ bail: + _fs_done_read (conn, rep->length << 2); + + if (ret == -1) +-- +1.9.2 + + +From c578408c1fd4db09e4e3173f8a9e65c81cc187c1 Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Fri, 25 Apr 2014 23:02:42 -0700 +Subject: [PATCH 07/12] CVE-2014-0211: integer overflow in + fs_read_extent_info() + +fs_read_extent_info() parses a reply from the font server. +The reply contains a 32bit number of elements field which is used +to calculate a buffer length. There is an integer overflow in this +calculation which can lead to memory corruption. + +Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Adam Jackson <ajax@redhat.com> +Reviewed-by: Matthieu Herrb <matthieu@herrb.eu> +--- + src/fc/fserve.c | 12 +++++++++++- + 1 file changed, 11 insertions(+), 1 deletion(-) + +diff --git a/src/fc/fserve.c b/src/fc/fserve.c +index ec5336e..96abd0e 100644 +--- a/src/fc/fserve.c ++++ b/src/fc/fserve.c +@@ -70,6 +70,7 @@ in this Software without prior written authorization from The Open Group. + #include "fservestr.h" + #include <X11/fonts/fontutil.h> + #include <errno.h> ++#include <limits.h> + + #include <time.h> + #define Time_t time_t +@@ -1050,7 +1051,16 @@ fs_read_extent_info(FontPathElementPtr fpe, FSBlockDataPtr blockrec) + numInfos *= 2; + haveInk = TRUE; + } +- ci = pCI = malloc(sizeof(CharInfoRec) * numInfos); ++ if (numInfos >= (INT_MAX / sizeof(CharInfoRec))) { ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsQueryXExtents16: numInfos (%d) >= %ld\n", ++ numInfos, (INT_MAX / sizeof(CharInfoRec))); ++#endif ++ pCI = NULL; ++ } ++ else ++ pCI = malloc(sizeof(CharInfoRec) * numInfos); + + if (!pCI) + { +-- +1.9.2 + + +From a42f707f8a62973f5e8bbcd08afb10a79e9cee33 Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Fri, 25 Apr 2014 23:02:54 -0700 +Subject: [PATCH 08/12] CVE-2014-0211: integer overflow in fs_alloc_glyphs() + +fs_alloc_glyphs() is a malloc wrapper used by the font code. +It contains a classic integer overflow in the malloc() call, +which can cause memory corruption. + +Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Adam Jackson <ajax@redhat.com> +Reviewed-by: Matthieu Herrb <matthieu@herrb.eu> +--- + src/fc/fsconvert.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/src/fc/fsconvert.c b/src/fc/fsconvert.c +index dfa1317..18b0c0d 100644 +--- a/src/fc/fsconvert.c ++++ b/src/fc/fsconvert.c +@@ -721,7 +721,12 @@ fs_alloc_glyphs (FontPtr pFont, int size) + FSGlyphPtr glyphs; + FSFontPtr fsfont = (FSFontPtr) pFont->fontPrivate; + +- glyphs = malloc (sizeof (FSGlyphRec) + size); ++ if (size < (INT_MAX - sizeof (FSGlyphRec))) ++ glyphs = malloc (sizeof (FSGlyphRec) + size); ++ else ++ glyphs = NULL; ++ if (glyphs == NULL) ++ return NULL; + glyphs->next = fsfont->glyphs; + fsfont->glyphs = glyphs; + return (pointer) (glyphs + 1); +-- +1.9.2 + + +From a3f21421537620fc4e1f844a594a4bcd9f7e2bd8 Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Fri, 25 Apr 2014 23:03:05 -0700 +Subject: [PATCH 09/12] CVE-2014-0210: unvalidated length fields in + fs_read_extent_info() + +Looping over the extents in the reply could go past the end of the +reply buffer if the reply indicated more extents than could fit in +the specified reply length. + +Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Adam Jackson <ajax@redhat.com> +Reviewed-by: Matthieu Herrb <matthieu@herrb.eu> +--- + src/fc/fserve.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/src/fc/fserve.c b/src/fc/fserve.c +index 96abd0e..232e969 100644 +--- a/src/fc/fserve.c ++++ b/src/fc/fserve.c +@@ -1059,6 +1059,16 @@ fs_read_extent_info(FontPathElementPtr fpe, FSBlockDataPtr blockrec) + #endif + pCI = NULL; + } ++ else if (numExtents > ((rep->length - LENGTHOF(fsQueryXExtents16Reply)) ++ / LENGTHOF(fsXCharInfo))) { ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsQueryXExtents16: numExtents (%d) > (%d - %d) / %d\n", ++ numExtents, rep->length, ++ LENGTHOF(fsQueryXExtents16Reply), LENGTHOF(fsXCharInfo)); ++#endif ++ pCI = NULL; ++ } + else + pCI = malloc(sizeof(CharInfoRec) * numInfos); + +-- +1.9.2 + + +From 520683652564c2a4e42328ae23eef9bb63271565 Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Fri, 25 Apr 2014 23:03:24 -0700 +Subject: [PATCH 10/12] CVE-2014-0210: unvalidated length fields in + fs_read_glyphs() + +fs_read_glyphs() parses a reply from the font server. The reply +contains embedded length fields, none of which are validated. +This can cause out of bound reads when looping over the glyph +bitmaps in the reply. + +Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Adam Jackson <ajax@redhat.com> +Reviewed-by: Matthieu Herrb <matthieu@herrb.eu> +--- + src/fc/fserve.c | 29 ++++++++++++++++++++++++++++- + 1 file changed, 28 insertions(+), 1 deletion(-) + +diff --git a/src/fc/fserve.c b/src/fc/fserve.c +index 232e969..581bb1b 100644 +--- a/src/fc/fserve.c ++++ b/src/fc/fserve.c +@@ -1907,6 +1907,7 @@ fs_read_glyphs(FontPathElementPtr fpe, FSBlockDataPtr blockrec) + FontInfoPtr pfi = &pfont->info; + fsQueryXBitmaps16Reply *rep; + char *buf; ++ long bufleft; /* length of reply left to use */ + fsOffset32 *ppbits; + fsOffset32 local_off; + char *off_adr; +@@ -1938,9 +1939,33 @@ fs_read_glyphs(FontPathElementPtr fpe, FSBlockDataPtr blockrec) + buf = (char *) rep; + buf += SIZEOF (fsQueryXBitmaps16Reply); + ++ bufleft = rep->length << 2; ++ bufleft -= SIZEOF (fsQueryXBitmaps16Reply); ++ ++ if ((bufleft / SIZEOF (fsOffset32)) < rep->num_chars) ++ { ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsQueryXBitmaps16: num_chars (%d) > bufleft (%ld) / %d\n", ++ rep->num_chars, bufleft, SIZEOF (fsOffset32)); ++#endif ++ err = AllocError; ++ goto bail; ++ } + ppbits = (fsOffset32 *) buf; + buf += SIZEOF (fsOffset32) * (rep->num_chars); ++ bufleft -= SIZEOF (fsOffset32) * (rep->num_chars); + ++ if (bufleft < rep->nbytes) ++ { ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsQueryXBitmaps16: nbytes (%d) > bufleft (%ld)\n", ++ rep->nbytes, bufleft); ++#endif ++ err = AllocError; ++ goto bail; ++ } + pbitmaps = (pointer ) buf; + + if (blockrec->type == FS_LOAD_GLYPHS) +@@ -1998,7 +2023,9 @@ fs_read_glyphs(FontPathElementPtr fpe, FSBlockDataPtr blockrec) + */ + if (NONZEROMETRICS(&fsdata->encoding[minchar].metrics)) + { +- if (local_off.length) ++ if (local_off.length && ++ (local_off.position < rep->nbytes) && ++ (local_off.length <= (rep->nbytes - local_off.position))) + { + bits = allbits; + allbits += local_off.length; +-- +1.9.2 + + +From 5fa73ac18474be3032ee7af9c6e29deab163ea39 Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Fri, 2 May 2014 19:24:17 -0700 +Subject: [PATCH 11/12] CVE-2014-0210: unvalidated length fields in + fs_read_list() + +fs_read_list() parses a reply from the font server. The reply +contains a list of strings with embedded length fields, none of +which are validated. This can cause out of bound reads when looping +over the strings in the reply. + +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +--- + src/fc/fserve.c | 15 +++++++++++++++ + 1 file changed, 15 insertions(+) + +diff --git a/src/fc/fserve.c b/src/fc/fserve.c +index 581bb1b..4dcdc04 100644 +--- a/src/fc/fserve.c ++++ b/src/fc/fserve.c +@@ -2355,6 +2355,7 @@ fs_read_list(FontPathElementPtr fpe, FSBlockDataPtr blockrec) + FSBlockedListPtr blist = (FSBlockedListPtr) blockrec->data; + fsListFontsReply *rep; + char *data; ++ long dataleft; /* length of reply left to use */ + int length, + i, + ret; +@@ -2372,16 +2373,30 @@ fs_read_list(FontPathElementPtr fpe, FSBlockDataPtr blockrec) + return AllocError; + } + data = (char *) rep + SIZEOF (fsListFontsReply); ++ dataleft = (rep->length << 2) - SIZEOF (fsListFontsReply); + + err = Successful; + /* copy data into FontPathRecord */ + for (i = 0; i < rep->nFonts; i++) + { ++ if (dataleft < 1) ++ break; + length = *(unsigned char *)data++; ++ dataleft--; /* used length byte */ ++ if (length > dataleft) { ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsListFonts: name length (%d) > dataleft (%ld)\n", ++ length, dataleft); ++#endif ++ err = BadFontName; ++ break; ++ } + err = AddFontNamesName(blist->names, data, length); + if (err != Successful) + break; + data += length; ++ dataleft -= length; + } + _fs_done_read (conn, rep->length << 2); + return err; +-- +1.9.2 + + +From d338f81df1e188eb16e1d6aeea7f4800f89c1218 Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Fri, 2 May 2014 19:24:17 -0700 +Subject: [PATCH 12/12] CVE-2014-0210: unvalidated length fields in + fs_read_list_info() + +fs_read_list_info() parses a reply from the font server. The reply +contains a number of additional data items with embedded length or +count fields, none of which are validated. This can cause out of +bound reads when looping over these items in the reply. + +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +--- + src/fc/fserve.c | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 54 insertions(+) + +diff --git a/src/fc/fserve.c b/src/fc/fserve.c +index 4dcdc04..c1cf9d6 100644 +--- a/src/fc/fserve.c ++++ b/src/fc/fserve.c +@@ -2491,6 +2491,7 @@ fs_read_list_info(FontPathElementPtr fpe, FSBlockDataPtr blockrec) + FSBlockedListInfoPtr binfo = (FSBlockedListInfoPtr) blockrec->data; + fsListFontsWithXInfoReply *rep; + char *buf; ++ long bufleft; + FSFpePtr conn = (FSFpePtr) fpe->private; + fsPropInfo *pi; + fsPropOffset *po; +@@ -2527,6 +2528,7 @@ fs_read_list_info(FontPathElementPtr fpe, FSBlockDataPtr blockrec) + } + + buf = (char *) rep + SIZEOF (fsListFontsWithXInfoReply); ++ bufleft = (rep->length << 2) - SIZEOF (fsListFontsWithXInfoReply); + + /* + * The original FS implementation didn't match +@@ -2535,19 +2537,71 @@ fs_read_list_info(FontPathElementPtr fpe, FSBlockDataPtr blockrec) + */ + if (conn->fsMajorVersion <= 1) + { ++ if (rep->nameLength > bufleft) { ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsListFontsWithXInfo: name length (%d) > bufleft (%ld)\n", ++ (int) rep->nameLength, bufleft); ++#endif ++ err = AllocError; ++ goto done; ++ } ++ /* binfo->name is a 256 char array, rep->nameLength is a CARD8 */ + memcpy (binfo->name, buf, rep->nameLength); + buf += _fs_pad_length (rep->nameLength); ++ bufleft -= _fs_pad_length (rep->nameLength); + } + pi = (fsPropInfo *) buf; ++ if (SIZEOF (fsPropInfo) > bufleft) { ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsListFontsWithXInfo: PropInfo length (%d) > bufleft (%ld)\n", ++ (int) SIZEOF (fsPropInfo), bufleft); ++#endif ++ err = AllocError; ++ goto done; ++ } ++ bufleft -= SIZEOF (fsPropInfo); + buf += SIZEOF (fsPropInfo); + po = (fsPropOffset *) buf; ++ if (pi->num_offsets > (bufleft / SIZEOF (fsPropOffset))) { ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsListFontsWithXInfo: offset length (%d * %d) > bufleft (%ld)\n", ++ pi->num_offsets, (int) SIZEOF (fsPropOffset), bufleft); ++#endif ++ err = AllocError; ++ goto done; ++ } ++ bufleft -= pi->num_offsets * SIZEOF (fsPropOffset); + buf += pi->num_offsets * SIZEOF (fsPropOffset); + pd = (pointer) buf; ++ if (pi->data_len > bufleft) { ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsListFontsWithXInfo: data length (%d) > bufleft (%ld)\n", ++ pi->data_len, bufleft); ++#endif ++ err = AllocError; ++ goto done; ++ } ++ bufleft -= pi->data_len; + buf += pi->data_len; + if (conn->fsMajorVersion > 1) + { ++ if (rep->nameLength > bufleft) { ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsListFontsWithXInfo: name length (%d) > bufleft (%ld)\n", ++ (int) rep->nameLength, bufleft); ++#endif ++ err = AllocError; ++ goto done; ++ } ++ /* binfo->name is a 256 char array, rep->nameLength is a CARD8 */ + memcpy (binfo->name, buf, rep->nameLength); + buf += _fs_pad_length (rep->nameLength); ++ bufleft -= _fs_pad_length (rep->nameLength); + } + + #ifdef DEBUG +-- +1.9.2 + diff --git a/extra/libxfont/PKGBUILD b/extra/libxfont/PKGBUILD index a399d48a3..c2adc011e 100644 --- a/extra/libxfont/PKGBUILD +++ b/extra/libxfont/PKGBUILD @@ -1,9 +1,9 @@ -# $Id: PKGBUILD 211682 2014-04-23 06:32:53Z lcarlier $ +# $Id: PKGBUILD 212349 2014-05-13 19:35:10Z lcarlier $ # Maintainer: Jan de Groot <jgc@archlinux.org> pkgname=libxfont pkgver=1.4.7 -pkgrel=2 +pkgrel=3 pkgdesc="X11 font rasterisation library" arch=(i686 x86_64) url="http://xorg.freedesktop.org/" @@ -11,14 +11,18 @@ license=('custom') depends=('freetype2' 'libfontenc' 'xproto' 'fontsproto') makedepends=('xorg-util-macros' 'xtrans') source=(${url}/archive/individual/lib/libXfont-${pkgver}.tar.bz2 - fix-for-fontsproto213.patch) + fix-for-fontsproto213.patch + CVE-2014-209-210-211.patch) sha256sums=('d16ea3541835d296b19cfb05d7e64fc62173d8e7eb93284402ec761b951d1543' - '9c8298cc9f4dc3981f19107353b2e4373dfb7882768bbf0b3ae027820a2dcad9') + '9c8298cc9f4dc3981f19107353b2e4373dfb7882768bbf0b3ae027820a2dcad9' + '9e70cafaf67636baea1295027d4bb197a74a8ac8469674e4be5776dd27b1741a') prepare() { cd "${srcdir}/libXfont-${pkgver}" # FS#40044 - merged for branch 1.5 patch -Np1 -i ../fix-for-fontsproto213.patch + # fix CVE-2014-209 CVE-2014-210 CVE-2014-211 - merged upstream + patch -Np1 -i ../CVE-2014-209-210-211.patch } build() { diff --git a/extra/pigeonhole/PKGBUILD b/extra/pigeonhole/PKGBUILD index 619858837..66332d379 100644 --- a/extra/pigeonhole/PKGBUILD +++ b/extra/pigeonhole/PKGBUILD @@ -1,4 +1,4 @@ -# $Id: PKGBUILD 212318 2014-05-12 18:20:14Z andyrtr $ +# $Id: PKGBUILD 212341 2014-05-13 15:35:33Z andyrtr $ # Maintainer: Andreas Radke <andyrtr@archlinux.org> # Contributorr: Peter Lewis <plewis@aur.archlinux.org> @@ -11,8 +11,8 @@ _dcpkgver=2.2.13 # Make sure to bump pkgrel if changing this. pkgname=pigeonhole -pkgver=0.4.2 -pkgrel=7 +pkgver=0.4.3 +pkgrel=1 pkgdesc="Sieve implementation for Dovecot" arch=('i686' 'x86_64') url="http://pigeonhole.dovecot.org/" @@ -21,7 +21,7 @@ depends=('dovecot='$_dcpkgver) conflicts=('dovecot-sieve' 'pigeonhole-hg') source=("http://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-$pkgname-$pkgver.tar.gz"{,.sig} "dovecot.conf") -sha256sums=('0499f07037b86489fdc1d48fb19e298d5360ec41273bccaec230eb1bcf5a3e13' +sha256sums=('d692f4ab077bdf2c43c98829ed24b2e6f148db488ef8ba429b430394d8b4d757' 'SKIP' 'a457a1691cfa82495fc0503bfa4b61e54b149e63400fe0f568dff2c24a3f7858') diff --git a/extra/pkgfile/PKGBUILD b/extra/pkgfile/PKGBUILD index 1c6b8871e..5a302430d 100644 --- a/extra/pkgfile/PKGBUILD +++ b/extra/pkgfile/PKGBUILD @@ -1,8 +1,8 @@ -# $Id: PKGBUILD 206917 2014-03-05 23:26:39Z dreisner $ +# $Id: PKGBUILD 212330 2014-05-13 01:21:58Z dreisner $ # Maintainer: Dave Reisner <dreisner@archlinux.org> pkgname=pkgfile -pkgver=13 +pkgver=14 pkgrel=1 pkgdesc="a pacman .files metadata explorer" arch=('i686' 'x86_64') @@ -11,13 +11,14 @@ license=('MIT') depends=('libarchive' 'curl' 'pcre' 'pacman') source=("http://code.falconindy.com/archive/$pkgname/$pkgname-$pkgver.tar.xz"{,.sig}) install=pkgfile.install -md5sums=('7b4e20bf3ec6604cd439d5acd6ca871d' +md5sums=('aae3642bfe379731c7d9819b41bc1ab9' 'SKIP') build() { cd "$pkgname-$pkgver" - ./configure + ./configure \ + --with-systemdsystemunitdir=/usr/lib/systemd/system make # generate a license file diff --git a/extra/seahorse/PKGBUILD b/extra/seahorse/PKGBUILD index 488410e7f..d0d4127d2 100644 --- a/extra/seahorse/PKGBUILD +++ b/extra/seahorse/PKGBUILD @@ -1,25 +1,25 @@ -# $Id: PKGBUILD 210530 2014-04-14 20:07:28Z jgc $ +# $Id: PKGBUILD 212354 2014-05-13 21:56:48Z jgc $ # Maintainer: Jan Alexander Steffens (heftig) <jan.steffens@gmail.com> # Contributor: Jan de Groot <jgc@archlinux.org> # Contributor: Michel Brabants <michel.linux@tiscali.be> pkgname=seahorse -pkgver=3.12.0 -pkgrel=2 +pkgver=3.12.2 +pkgrel=1 pkgdesc="GNOME application for managing PGP keys." arch=(i686 x86_64) license=(GPL) url="http://projects.gnome.org/seahorse/" depends=(gtk3 gcr libsecret libsoup gpgme desktop-file-utils hicolor-icon-theme dconf) -makedepends=(libldap intltool yelp-tools gobject-introspection openssh libsm) +makedepends=(libldap intltool yelp-tools gobject-introspection openssh libsm vala) optdepends=('openssh: SSH support') provides=(x11-ssh-askpass) options=('!emptydirs') groups=(gnome-extra) install=seahorse.install -source=(http://ftp.gnome.org/pub/GNOME/sources/$pkgname/${pkgver%.*}/$pkgname-$pkgver.tar.xz +source=(http://ftp.gnome.org/pub/GNOME/sources/$pkgname/${pkgver:0:4}/$pkgname-$pkgver.tar.xz seahorse-ssh-askpass.sh) -sha256sums=('f78800b1d25b285ddc8928e925f9ee24f27640abba3fc9ab1cd9554c83380d0b' +sha256sums=('5e6fb25373fd4490e181e2fa0f5cacf99b78b2f6caa5d91c9c605900fb5f3839' '400ea9a6084acc93f1dbd4223b95622bbd48071b763063328efba00de378b68c') build() { |