gentoo resync : 12.01.2019

5 files changed, 347 insertions, 0 deletions

diff --git a/app-arch/tar/Manifest b/app-arch/tar/Manifest
index 051b76b4540b..47d2d159caf9 100644
--- a/app-arch/tar/Manifest
+++ b/app-arch/tar/Manifest
@@ -1,6 +1,11 @@
 AUX rmt 263 BLAKE2B 7535dd27d5ba367066cd519dee06f053cde9d4f1e86728059935fb80e9a9880e7a934076949af54e47ee7de3f91452f2c642780e7d56619f166574633d1e4759 SHA512 2f1a9d3a522fc1f0d5385d1ea4c27da88a1c9357b866340432c6310604c01d3e328e33080ed1e951c0da6f025c3ee2a0c9f170d4b86a1d235ebb56be48fef152
+AUX tar-1.30-CVE-2018-20482.patch 5083 BLAKE2B 7076e270d559e354d78112762d4032abbc8b79e77ae7b66756180287b0c88fbd2cfd6df6ac0ad930d97fcd93e2990432b7689430499b6cc4d941c403b0961409 SHA512 18dcc31c12feca519004791d9226e1bee112cec5d7b5576abd4dd83124b991df370ad08de7df2e413b8f4687db9a85853ae3748283f6ae37941de5dfd0b566c7
 AUX tar-1.30-fix-test-117-and-118.patch 3109 BLAKE2B d547dfb115d6cdbdf565c93dcdc70c9d2d0cde70228f58763e74d4cf5df7d621a5fccea375c3e103f8dcc04a19b3318b227384db2dc983cec5876eed8861cece SHA512 d104bbd88dafc0c3bb0308fbfb1dfb39b6c26fed14a316c30c2355d57ebe16172c0dde8ed6c91696b90f37622a43b5b1d70f397f7de521b9bd1552a5af78bb14
 AUX tar-1.30-fix-test-92.patch 257 BLAKE2B ee4fe8420f56191a8e4d9edefd109c948eb693532e2c3bb2073a8d55631aed142ab9c3adfa64d6461eb1aa9221a1aca6ec5086f15b3b9154effdb8e7128a8601 SHA512 aa1c80edbf1c846e23aa34ed343ffebad969b26fed9d4ccdc779f3df5bc384bb44d6c78044c385dbb7c01e68462568b941e8ec1060eb97bf36606d7beb790c1c
+AUX tar-1.31-remove-erroneous-abort-call.patch 989 BLAKE2B 67646a590097860d692e158b41c960c6bf4372c2018d47b9f71da7972bd25afb631cd851178d0bd8eb19c26d54bfaa8f1ed42da97033d262ccfa0c0099a03daa SHA512 c4d317b9968c0638287e6dff77a7660d36e8ad4af56039146992d519d05a0f73b6a459cc88de7a4afd9909efd1bdbd3567d8b3aa67b48d89867600c1023400aa
 DIST tar-1.30.tar.bz2 2858639 BLAKE2B 82a8b1fbf1eb5c0347b2f8cf35854498e2955eb85eaf041ec44a38bbd9bc82cc7184d5cb858f9905f503c9178ec6d0ed50be2dc27be9933b29e0a18b8e6c0b8f SHA512 07a1157430898fee1a2c6fd3853d59d4ae13998db685669c8c702f73d2466eeb9892f84a5f0495bfe088c8190a643a99ac9f2cb16b85c9fe3ae0d83cc0f338e8
+DIST tar-1.31.tar.bz2 2946047 BLAKE2B c85c17740e4cd3e8c93d10d93b070cd80629b7f052d020c0513cdddd377f3f90e229a6fa10dfbb43e1006f8202c674f2df854b864c0947f49339a52964d65c1c SHA512 0f4d00e08d56a8f8c32aac0afa2845397efb8ad72eaa6af47334cef9612adb1a4b91406bdc2c3a2cf1b9cc8b92c12735a331e0d137b24f66703f6af6219464f6
+EBUILD tar-1.30-r1.ebuild 2256 BLAKE2B 14041fd4a3c198894c8d470869d52eb94c332cc227fc6f7786145b569f299bc50021c9736dcc4c0b17d7b634b98c2f3318010e53ef6a7e8fa42b2719eee44e67 SHA512 bc06e1350a7df2b30c05d14a78e3de305382206de857b83ec98cd0e376fc832af37d3a2ce0c9ced072da45a6cb981e0438e36d610d63475db1c65cc7c71dd778
 EBUILD tar-1.30.ebuild 2187 BLAKE2B cb952591e27678df72ad53da254bb901d355bf9af7dbe0e22b59a92d3b49fc90c20a9f170154a3ff77bc5aa3cbb2962930cf9258feb5f0f11de3b4dbe2d76f7c SHA512 89fa12ce7849917a85402d98e6532205b294a1793f8f563af952736f282a13ac52f982c0ed87d55a65c7e04f2d150ce5a348bd178ff10512eab822401cee81b2
+EBUILD tar-1.31-r1.ebuild 2271 BLAKE2B 28073c3dbcff5078f3a51fcf507226443107f6201f03706174062cab92ba8dcbbb5c274481dfc5b06198c341158f1d5a67ff52b1de02084b2ea54f87c7a3e497 SHA512 78e18ad6cae982cf8f981ea34cf98380fb4b4fdb0a5637f427a5c326737a4b0cc877a72c378248ac7cab53110801974f3e94def51c45b471aaf020823b1b51b8
 MISC metadata.xml 387 BLAKE2B 6d37d364bd888503b868af168aa496d57abf7bac5c4c69f4c02933b5715312ec65f43babb347d34c665873247e4feaa9b9de2d3bb2d224e1751922c159f2fa87 SHA512 e5bce64bc18a7c6313d0818182941f49ea7e89617c97338fff29297bb2bfc2f4e56a9c124aa97fcb5f2a3a54e0e7cfd209bce09c2ced40a398381b7970c08cf7
diff --git a/app-arch/tar/files/tar-1.30-CVE-2018-20482.patch b/app-arch/tar/files/tar-1.30-CVE-2018-20482.patch
new file mode 100644
index 000000000000..8abab5df6c02
--- /dev/null
+++ b/app-arch/tar/files/tar-1.30-CVE-2018-20482.patch
@@ -0,0 +1,146 @@
+From c15c42ccd1e2377945fd0414eca1a49294bff454 Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff <gray@gnu.org>
+Date: Thu, 27 Dec 2018 17:48:57 +0200
+Subject: Fix CVE-2018-20482
+
+* src/sparse.c (sparse_dump_region): Handle short read condition.
+(sparse_extract_region,check_data_region): Fix dumped_size calculation.
+Handle short read condition.
+(pax_decode_header): Fix dumped_size calculation.
+
+diff --git a/src/sparse.c b/src/sparse.c
+index d41c0ea..f611200 100644
+--- a/src/sparse.c
++++ b/src/sparse.c
+@@ -1,6 +1,6 @@
+ /* Functions for dealing with sparse files
+ 
+-   Copyright 2003-2007, 2010, 2013-2017 Free Software Foundation, Inc.
++   Copyright 2003-2007, 2010, 2013-2018 Free Software Foundation, Inc.
+ 
+    This program is free software; you can redistribute it and/or modify it
+    under the terms of the GNU General Public License as published by the
+@@ -427,6 +427,30 @@ sparse_dump_region (struct tar_sparse_file *file, size_t i)
+ 			     bufsize);
+ 	  return false;
+ 	}
++      else if (bytes_read == 0)
++	{
++	  char buf[UINTMAX_STRSIZE_BOUND];
++	  struct stat st;
++	  size_t n;
++	  if (fstat (file->fd, &st) == 0)
++	    n = file->stat_info->stat.st_size - st.st_size;
++	  else
++	    n = file->stat_info->stat.st_size
++	      - (file->stat_info->sparse_map[i].offset
++		 + file->stat_info->sparse_map[i].numbytes
++		 - bytes_left);
++	  
++	  WARNOPT (WARN_FILE_SHRANK,
++		   (0, 0,
++		    ngettext ("%s: File shrank by %s byte; padding with zeros",
++			      "%s: File shrank by %s bytes; padding with zeros",
++			      n),
++		    quotearg_colon (file->stat_info->orig_file_name),
++		    STRINGIFY_BIGINT (n, buf)));
++	  if (! ignore_failed_read_option)
++	    set_exit_status (TAREXIT_DIFFERS);
++	  return false;
++	}
+ 
+       memset (blk->buffer + bytes_read, 0, BLOCKSIZE - bytes_read);
+       bytes_left -= bytes_read;
+@@ -464,9 +488,9 @@ sparse_extract_region (struct tar_sparse_file *file, size_t i)
+ 	  return false;
+ 	}
+       set_next_block_after (blk);
++      file->dumped_size += BLOCKSIZE;
+       count = blocking_write (file->fd, blk->buffer, wrbytes);
+       write_size -= count;
+-      file->dumped_size += count;
+       mv_size_left (file->stat_info->archive_file_size - file->dumped_size);
+       file->offset += count;
+       if (count != wrbytes)
+@@ -598,6 +622,12 @@ check_sparse_region (struct tar_sparse_file *file, off_t beg, off_t end)
+ 			     rdsize);
+ 	  return false;
+ 	}
++      else if (bytes_read == 0)
++	{
++	  report_difference (file->stat_info, _("Size differs"));
++	  return false;
++	}
++      
+       if (!zero_block_p (diff_buffer, bytes_read))
+ 	{
+ 	  char begbuf[INT_BUFSIZE_BOUND (off_t)];
+@@ -609,6 +639,7 @@ check_sparse_region (struct tar_sparse_file *file, off_t beg, off_t end)
+ 
+       beg += bytes_read;
+     }
++
+   return true;
+ }
+ 
+@@ -635,6 +666,7 @@ check_data_region (struct tar_sparse_file *file, size_t i)
+ 	  return false;
+ 	}
+       set_next_block_after (blk);
++      file->dumped_size += BLOCKSIZE;      
+       bytes_read = safe_read (file->fd, diff_buffer, rdsize);
+       if (bytes_read == SAFE_READ_ERROR)
+ 	{
+@@ -645,7 +677,11 @@ check_data_region (struct tar_sparse_file *file, size_t i)
+ 			     rdsize);
+ 	  return false;
+ 	}
+-      file->dumped_size += bytes_read;
++      else if (bytes_read == 0)
++	{
++	  report_difference (&current_stat_info, _("Size differs"));
++	  return false;
++	}
+       size_left -= bytes_read;
+       mv_size_left (file->stat_info->archive_file_size - file->dumped_size);
+       if (memcmp (blk->buffer, diff_buffer, rdsize))
+@@ -1213,7 +1249,8 @@ pax_decode_header (struct tar_sparse_file *file)
+       union block *blk;
+       char *p;
+       size_t i;
+-
++      off_t start;
++      
+ #define COPY_BUF(b,buf,src) do                                     \
+  {                                                                 \
+    char *endp = b->buffer + BLOCKSIZE;                             \
+@@ -1229,7 +1266,6 @@ pax_decode_header (struct tar_sparse_file *file)
+        if (src == endp)                                            \
+ 	 {                                                         \
+ 	   set_next_block_after (b);                               \
+-           file->dumped_size += BLOCKSIZE;                         \
+            b = find_next_block ();                                 \
+            src = b->buffer;                                        \
+ 	   endp = b->buffer + BLOCKSIZE;                           \
+@@ -1240,8 +1276,8 @@ pax_decode_header (struct tar_sparse_file *file)
+    dst[-1] = 0;                                                    \
+  } while (0)
+ 
++      start = current_block_ordinal ();
+       set_next_block_after (current_header);
+-      file->dumped_size += BLOCKSIZE;
+       blk = find_next_block ();
+       p = blk->buffer;
+       COPY_BUF (blk,nbuf,p);
+@@ -1278,6 +1314,8 @@ pax_decode_header (struct tar_sparse_file *file)
+ 	  sparse_add_map (file->stat_info, &sp);
+ 	}
+       set_next_block_after (blk);
++
++      file->dumped_size += BLOCKSIZE * (current_block_ordinal () - start);
+     }
+ 
+   return true;
+-- 
+cgit v1.0-41-gc330
+
diff --git a/app-arch/tar/files/tar-1.31-remove-erroneous-abort-call.patch b/app-arch/tar/files/tar-1.31-remove-erroneous-abort-call.patch
new file mode 100644
index 000000000000..9e255df57602
--- /dev/null
+++ b/app-arch/tar/files/tar-1.31-remove-erroneous-abort-call.patch
@@ -0,0 +1,33 @@
+From 85c005ee1345c342f707f3c55317daf6cb050603 Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff <gray@gnu.org.ua>
+Date: Thu, 10 Jan 2019 18:18:49 +0200
+Subject: Remove erroneous abort() call
+
+The call was introduced by commit ccef8581. It caused tar to abort
+on perfectly normal operations, like untarring archives containing
+./ with the -U option,
+
+See http://lists.gnu.org/archive/html/bug-tar/2019-01/msg00019.html
+for details.
+
+* src/extract.c (maybe_recoverable): Remove misplaced call to abort().
+---
+ src/extract.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/extract.c b/src/extract.c
+index 090b866..8276f8f 100644
+--- a/src/extract.c
++++ b/src/extract.c
+@@ -787,7 +787,7 @@ maybe_recoverable (char *file_name, bool regular, bool *interdir_made)
+ 	case UNLINK_FIRST_OLD_FILES:
+ 	  break;
+ 	}
+-      abort (); /* notreached */
++      FALLTHROUGH;
+ 
+     case ENOENT:
+       /* Attempt creating missing intermediate directories.  */
+-- 
+cgit v1.0-41-gc330
+
diff --git a/app-arch/tar/tar-1.30-r1.ebuild b/app-arch/tar/tar-1.30-r1.ebuild
new file mode 100644
index 000000000000..731db2be72c3
--- /dev/null
+++ b/app-arch/tar/tar-1.30-r1.ebuild
@@ -0,0 +1,82 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit flag-o-matic
+
+DESCRIPTION="Use this to make tarballs :)"
+HOMEPAGE="https://www.gnu.org/software/tar/"
+SRC_URI="mirror://gnu/tar/${P}.tar.bz2
+	mirror://gnu-alpha/tar/${P}.tar.bz2"
+
+LICENSE="GPL-3+"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="acl elibc_glibc minimal nls selinux static userland_GNU xattr"
+
+RDEPEND="acl? ( virtual/acl )
+	selinux? ( sys-libs/libselinux )"
+DEPEND="${RDEPEND}
+	nls? ( >=sys-devel/gettext-0.10.35 )
+	xattr? ( elibc_glibc? ( sys-apps/attr ) )"
+
+PATCHES=(
+	"${FILESDIR}"/${P}-fix-test-92.patch
+	"${FILESDIR}"/${P}-fix-test-117-and-118.patch
+	"${FILESDIR}"/${P}-CVE-2018-20482.patch #674210
+)
+
+src_prepare() {
+	default
+
+	if ! use userland_GNU ; then
+		sed -i \
+			-e 's:/backup\.sh:/gbackup.sh:' \
+			scripts/{backup,dump-remind,restore}.in \
+			|| die "sed non-GNU"
+	fi
+}
+
+src_configure() {
+	use static && append-ldflags -static
+	local myeconfargs=(
+		--bindir="${EPREFIX%/}"/bin
+		--enable-backup-scripts
+		--libexecdir="${EPREFIX%/}"/usr/sbin
+		$(usex userland_GNU "" "--program-prefix=g")
+		$(use_with acl posix-acls)
+		$(use_enable nls)
+		$(use_with selinux)
+		$(use_with xattr xattrs)
+	)
+	FORCE_UNSAFE_CONFIGURE=1 econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	default
+
+	local p=$(usex userland_GNU "" "g")
+	if [[ -z ${p} ]] ; then
+		# a nasty yet required piece of baggage
+		exeinto /etc
+		doexe "${FILESDIR}"/rmt
+	fi
+
+	# autoconf looks for gtar before tar (in configure scripts), hence
+	# in Prefix it is important that it is there, otherwise, a gtar from
+	# the host system (FreeBSD, Solaris, Darwin) will be found instead
+	# of the Prefix provided (GNU) tar
+	if use prefix ; then
+		dosym tar /bin/gtar
+	fi
+
+	mv "${ED%/}"/usr/sbin/${p}backup{,-tar} || die
+	mv "${ED%/}"/usr/sbin/${p}restore{,-tar} || die
+
+	if use minimal ; then
+		find "${ED%/}"/etc "${ED%/}"/*bin/ "${ED%/}"/usr/*bin/ \
+			-type f -a '!' '(' -name tar -o -name ${p}tar ')' \
+			-delete || die
+	fi
+}
diff --git a/app-arch/tar/tar-1.31-r1.ebuild b/app-arch/tar/tar-1.31-r1.ebuild
new file mode 100644
index 000000000000..6a36e7eb01ee
--- /dev/null
+++ b/app-arch/tar/tar-1.31-r1.ebuild
@@ -0,0 +1,81 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit flag-o-matic
+
+DESCRIPTION="Use this to make tarballs :)"
+HOMEPAGE="https://www.gnu.org/software/tar/"
+SRC_URI="mirror://gnu/tar/${P}.tar.bz2
+	mirror://gnu-alpha/tar/${P}.tar.bz2"
+
+LICENSE="GPL-3+"
+SLOT="0"
+KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="acl elibc_glibc minimal nls selinux static userland_GNU xattr"
+
+LIB_DEPEND="acl? ( virtual/acl[static-libs(+)] )"
+
+RDEPEND="!static? ( ${LIB_DEPEND//\[static-libs(+)]} )
+	selinux? ( sys-libs/libselinux )"
+DEPEND="${RDEPEND}
+	nls? ( >=sys-devel/gettext-0.10.35 )
+	static? ( ${LIB_DEPEND} )
+	xattr? ( elibc_glibc? ( sys-apps/attr ) )"
+
+PATCHES=( "${FILESDIR}"/${P}-remove-erroneous-abort-call.patch )
+
+src_prepare() {
+	default
+
+	if ! use userland_GNU ; then
+		sed -i \
+			-e 's:/backup\.sh:/gbackup.sh:' \
+			scripts/{backup,dump-remind,restore}.in \
+			|| die "sed non-GNU"
+	fi
+}
+
+src_configure() {
+	use static && append-ldflags -static
+	local myeconfargs=(
+		--bindir="${EPREFIX%/}"/bin
+		--enable-backup-scripts
+		--libexecdir="${EPREFIX%/}"/usr/sbin
+		$(usex userland_GNU "" "--program-prefix=g")
+		$(use_with acl posix-acls)
+		$(use_enable nls)
+		$(use_with selinux)
+		$(use_with xattr xattrs)
+	)
+	FORCE_UNSAFE_CONFIGURE=1 econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	default
+
+	local p=$(usex userland_GNU "" "g")
+	if [[ -z ${p} ]] ; then
+		# a nasty yet required piece of baggage
+		exeinto /etc
+		doexe "${FILESDIR}"/rmt
+	fi
+
+	# autoconf looks for gtar before tar (in configure scripts), hence
+	# in Prefix it is important that it is there, otherwise, a gtar from
+	# the host system (FreeBSD, Solaris, Darwin) will be found instead
+	# of the Prefix provided (GNU) tar
+	if use prefix ; then
+		dosym tar /bin/gtar
+	fi
+
+	mv "${ED%/}"/usr/sbin/${p}backup{,-tar} || die
+	mv "${ED%/}"/usr/sbin/${p}restore{,-tar} || die
+
+	if use minimal ; then
+		find "${ED%/}"/etc "${ED%/}"/*bin/ "${ED%/}"/usr/*bin/ \
+			-type f -a '!' '(' -name tar -o -name ${p}tar ')' \
+			-delete || die
+	fi
+}