gentoo auto-resync : 11:04:2025 - 08:43:58HEADmaster

4 files changed, 94 insertions, 1 deletions

diff --git a/dev-libs/libbson/Manifest b/dev-libs/libbson/Manifest
index 7bd3e605f41d..f51fcab24bd8 100644
--- a/dev-libs/libbson/Manifest
+++ b/dev-libs/libbson/Manifest
@@ -1,3 +1,6 @@
+AUX libbson-1.24.4-CVE-2023-0437.patch 768 BLAKE2B 8a4fb350325e23b69a77dc125de2600479077fcef5a0c7c50085b4e973126f98812a9ef63f53f2ba4ddac3f60b498156507a74fa728f9449d1172e46ed3e8dc1 SHA512 7ecf3f5f10cb1469e50bfc05abf691011ee706609a6abc7e589b2fba6653cbfc118928c37b613e07bebd39e0dbd83a377072a22d6817c4430ec6440bdda6f882
 DIST libbson-1.24.4.tar.gz 7916661 BLAKE2B e361b52bf16eed7437428b0481d792ecf2f9cc283fdd6f23916d4a3ffb1b7d7c9ea7a7c4cf5f369e21fb6d4f564b91e07ac2ee44656855993218593dc4f1c166 SHA512 3563c061565d17a76581e188f6e184d7e41f2729812c8815afd34e03ebe6c1d25d7498a2cb1b599a09d24f6268c36473ef5113a14c7585a1532c9abf2e56e936
+DIST mongo-c-driver-1.24.4.tar.gz 7916661 BLAKE2B e361b52bf16eed7437428b0481d792ecf2f9cc283fdd6f23916d4a3ffb1b7d7c9ea7a7c4cf5f369e21fb6d4f564b91e07ac2ee44656855993218593dc4f1c166 SHA512 3563c061565d17a76581e188f6e184d7e41f2729812c8815afd34e03ebe6c1d25d7498a2cb1b599a09d24f6268c36473ef5113a14c7585a1532c9abf2e56e936
+EBUILD libbson-1.24.4-r1.ebuild 1409 BLAKE2B cda876dbd257442e69529c3d46527f05caa9269a16fd91fe81d0fb486095f86b244791a1b1c32c63fc9f7e804ad678904fdc878581893bfd7945841c7c3c0a0f SHA512 881c35e1d7421f338be7d1813dae3723533198be6f88d725f2c3c9c614f2860b29dd1a6c0626dd91810e110840fab2307d57efb1fe8b96d325aebc261e8be30b
 EBUILD libbson-1.24.4.ebuild 1102 BLAKE2B d0febec58998e31408b078b0c36cb9dbc52c3d8d9c5b6be51da9894fc013cceb4750d57769067bc3de79aee64b699d04c8abbbf583162120459ed7a39c743d42 SHA512 6ad1435f5fc844c475509205a094fc6fcc776320935ad0572a496927229f57b8deba339990475eb4841cef7bd3b67146a379df8269d5c363be058d5c2c92a23f
-MISC metadata.xml 341 BLAKE2B ddeb43b42ef985263efa22e2ea22db33ab03c51aac7775baef0f4fea0f9441ec599eea7c62d65cd4f9f9a76853a97f4daab183103b1773a7daa1c84afbe10180 SHA512 925511347dd3d1d955ad86319b4c5560d5e759be66b7f9d127e4d47fb98fbd2fd625b373302c8d4170ae8bddfdbf0ce7b774dc89568d7aa6a19fbf95f23a4f75
+MISC metadata.xml 402 BLAKE2B 13d3814173f8e12463a50787ad4ec7841191d8bb269ecfa8d06d3b569fda304233cea5ec18c9d8e218af6654bc597b71386e9dadfa4e8c9f5ae0e98e31b4e80a SHA512 f1852dfadb69f6f7917ddf9147831a0d9185f66d318bb545f85cd258fe23f02aba93e89a5a52fb3831aef13f4df28fb6af9de438b8b7873a218993d9fc0f0a18
diff --git a/dev-libs/libbson/files/libbson-1.24.4-CVE-2023-0437.patch b/dev-libs/libbson/files/libbson-1.24.4-CVE-2023-0437.patch
new file mode 100644
index 000000000000..d9ac4b171e40
--- /dev/null
+++ b/dev-libs/libbson/files/libbson-1.24.4-CVE-2023-0437.patch
@@ -0,0 +1,25 @@
+From be865dd759a28aa268232766f304d1bc11f1e8f7 Mon Sep 17 00:00:00 2001
+From: Kevin Albertson <kevin.albertson@mongodb.com>
+Date: Mon, 30 Oct 2023 18:01:30 +0000
+Subject: [PATCH] CDRIVER-4747 use `size_t` consistently in
+ `bson_utf8_validate` (#1458)
+
+---
+ src/libbson/src/bson/bson-utf8.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/libbson/src/bson/bson-utf8.c b/src/libbson/src/bson/bson-utf8.c
+index e122ac31f7..1cebd27069 100644
+--- a/src/libbson/src/bson/bson-utf8.c
++++ b/src/libbson/src/bson/bson-utf8.c
+@@ -118,8 +118,8 @@ bson_utf8_validate (const char *utf8, /* IN */
+    bson_unichar_t c;
+    uint8_t first_mask;
+    uint8_t seq_length;
+-   unsigned i;
+-   unsigned j;
++   size_t i;
++   size_t j;
+ 
+    BSON_ASSERT (utf8);
+ 
diff --git a/dev-libs/libbson/libbson-1.24.4-r1.ebuild b/dev-libs/libbson/libbson-1.24.4-r1.ebuild
new file mode 100644
index 000000000000..3a3050f47fca
--- /dev/null
+++ b/dev-libs/libbson/libbson-1.24.4-r1.ebuild
@@ -0,0 +1,64 @@
+# Copyright 1999-2025 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{11..13} pypy3_11 )
+
+inherit cmake python-any-r1
+
+DESCRIPTION="Library routines related to building,parsing and iterating BSON documents"
+HOMEPAGE="https://github.com/mongodb/mongo-c-driver/tree/master/src/libbson"
+SRC_URI="https://github.com/mongodb/mongo-c-driver/releases/download/${PV}/mongo-c-driver-${PV}.tar.gz"
+S="${WORKDIR}/mongo-c-driver-${PV}"
+
+LICENSE="Apache-2.0"
+SLOT="0"
+KEYWORDS="~amd64 ~arm64 ~hppa ~loong ~ppc ~riscv ~sparc ~x86"
+IUSE="examples static-libs"
+
+# tests are covered in mongo-c-driver and are not easily runnable in here
+RESTRICT="test"
+
+BDEPEND="
+	$(python_gen_any_dep '
+		dev-python/sphinx[${PYTHON_USEDEP}]
+	')
+"
+
+PATCHES=(
+	"${FILESDIR}/${P}-CVE-2023-0437.patch"
+)
+
+python_check_deps() {
+	python_has_version -b "dev-python/sphinx[${PYTHON_USEDEP}]"
+}
+
+src_prepare() {
+	cmake_src_prepare
+
+	# remove doc files
+	sed -i '/^\s*install\s*(FILES COPYING NEWS/,/^\s*)/ {d}' CMakeLists.txt || die
+}
+
+src_configure() {
+	local mycmakeargs=(
+		-DENABLE_EXAMPLES=OFF
+		-DENABLE_MAN_PAGES=ON
+		-DENABLE_MONGOC=OFF
+		-DENABLE_TESTS=OFF
+		-DENABLE_STATIC="$(usex static-libs ON OFF)"
+		-DENABLE_UNINSTALL=OFF
+	)
+
+	cmake_src_configure
+}
+
+src_install() {
+	if use examples; then
+		docinto examples
+		dodoc src/libbson/examples/*.c
+	fi
+
+	cmake_src_install
+}
diff --git a/dev-libs/libbson/metadata.xml b/dev-libs/libbson/metadata.xml
index c01295da36f6..dc70db85ec30 100644
--- a/dev-libs/libbson/metadata.xml
+++ b/dev-libs/libbson/metadata.xml
@@ -6,6 +6,7 @@
     <name>Ultrabug</name>
   </maintainer>
   <upstream>
+    <remote-id type="cpe">cpe:/a:mongodb:libbson</remote-id>
     <remote-id type="github">mongodb/mongo-c-driver</remote-id>
   </upstream>
 </pkgmetadata>