diff options
Diffstat (limited to 'sys-devel/gettext')
-rw-r--r-- | sys-devel/gettext/Manifest | 3 | ||||
-rw-r--r-- | sys-devel/gettext/files/gettext-0.21-CVE-2020-12825.patch | 335 | ||||
-rw-r--r-- | sys-devel/gettext/gettext-0.21-r1.ebuild (renamed from sys-devel/gettext/gettext-0.21.ebuild) | 7 |
3 files changed, 341 insertions, 4 deletions
diff --git a/sys-devel/gettext/Manifest b/sys-devel/gettext/Manifest index efcb3f848551..bb262d86d7d2 100644 --- a/sys-devel/gettext/Manifest +++ b/sys-devel/gettext/Manifest @@ -1,6 +1,7 @@ AUX gettext-0.19.7-disable-libintl.patch 1307 BLAKE2B fb3d4d95ffbe57b0d1d6e8ede596ca9d7d8587d9c883fa2fc54b8d1109210ac2b435b4709a16c2043cef6cc8d5448dc58adab74aa2e8ce834abdee51163d8c51 SHA512 7887d2fbf4b9d9677688e6d8d785b6c10c76bc330cb7b40da432e0a1ff0f7fc1355bf8f671041a37477baa6c8508b6e39f90ead468674febd62777506badc227 AUX gettext-0.20-parallel_install.patch 1494 BLAKE2B 58bd84878c351e29acac861f29854eeb442179a415b5b3cab554b3aa4e2e3b06dabaa3e78ab506bb3b88b55a3fe4d53f1e43718bc6935a84dd477320c9349b70 SHA512 a15e8c415facd7b36761a747da9a0dfc47588d253a84b693c7f1f6e6334c6db5350af41f4c6c1dd83ae61695b2f761cc3b24339d7bb8f4dce972a672312ad942 +AUX gettext-0.21-CVE-2020-12825.patch 14074 BLAKE2B 67da10f81edf92004b8d1f4099c73c14b0e18471033eca17f63fffd05ee2a46d4cdd3bf165b6b7228f4dc9c475985ba69f7ba13e1a03eb84c7a8b74e003223e8 SHA512 92e9a6eeb1c9a697c1724785a9996da27ca2c08db69becb592eb1d42d9ec0e261591a5c6a2a04e010f8b6f5df7ef4cd94b2d0d4fcc0e98d2433519c1875be191 AUX gettext-0.21_rc1-avoid_eautomake.patch 1362 BLAKE2B eed15ecde829aa63859dc196052f97abc0386e6c496b7d7e073769e0ad6208623cc1fb6322ff422647f3a55aac6453bd6390432d707d179da7cfc820d487c23a SHA512 5089af3dabb2459345aec6196de70591dafabfc292495f052dd67ce3d2566c4b62a8554eb11db7499378e16a8d11953f044fcfd23c77a71ad01feec4c0c41956 DIST gettext-0.21.tar.gz 24181849 BLAKE2B 2eae99d0916b00b2af6fbc6bf7e309076519a10fea16cd49e7aa29fe8aec1ee7c784c6277281b764dc4abacf400cd3fe461129586303c8cd337db15c76cb4b87 SHA512 bbe590c5dd3580c75bf30ff768da99a88eb8d466ec1ac9eea20be4cab4357ecf72448e6b81b47425e39d50fa6320ba426632914d7898dfebb4f159abc39c31d1 -EBUILD gettext-0.21.ebuild 4310 BLAKE2B e3750a82fcfd94522e6cd9cc1688afdb355b8c945f6f3eef82d875c8957b856691749f87162800ffc6fc244a38b94ca76ca9650333a7892c75e51aa06546876f SHA512 3f7c61a2b80aa7a39eb00c9fc85030f125f13cfabe4a1dd4ffabee00c1b714bd782ef6b8d6e85cd6b201aa8fe512b87073339764a73d3963a942427c2fa2ed74 +EBUILD gettext-0.21-r1.ebuild 4356 BLAKE2B 83bef2cbe146212672edf99aae200c36ab08cf907692b62f2afbd1f0c4a5061cc5fc1415d2c4ddea9c1f218823fadfc9b532c910fcf0933b793e6bd5a83582db SHA512 5cd16ca7c7a3d03ebeb2bcb75b761e71c2e6add284fbcaaec11d0e38676ec4c5b02d40c64927e7300da3edfc6a5981d325d5fcba20c4a7ba2b2df5c0f3a114c3 MISC metadata.xml 707 BLAKE2B e0f7534d0a90939db1d5b7d0b837d9c0c4ba7cc17ece9dc90e7832580fe62a53ed306a77f86c3205bb96aa46d40834b03143d81076c531eabfc92da82d41e880 SHA512 1951f0165d110a484ed68f774106d6f76f5cad612eb74e0386e8ecbb4e71627668daeda48a779ee6b5daab8b2617145e50ecdb0429c34879278ca14868d40d28 diff --git a/sys-devel/gettext/files/gettext-0.21-CVE-2020-12825.patch b/sys-devel/gettext/files/gettext-0.21-CVE-2020-12825.patch new file mode 100644 index 000000000000..6b4c463b4118 --- /dev/null +++ b/sys-devel/gettext/files/gettext-0.21-CVE-2020-12825.patch @@ -0,0 +1,335 @@ +https://gitlab.gnome.org/GNOME/gnome-shell/-/commit/44cbd1e718d6a08e59b9300280c340218a84e089 + +--- a/libtextstyle/gnulib-local/lib/libcroco/cr-parser.c ++++ b/libtextstyle/gnulib-local/lib/libcroco/cr-parser.c +@@ -146,6 +146,8 @@ struct _CRParserPriv { + + #define CHARS_TAB_SIZE 12 + ++#define RECURSIVE_CALLERS_LIMIT 100 ++ + /** + * IS_NUM: + *@a_char: the char to test. +@@ -354,9 +356,11 @@ static enum CRStatus cr_parser_parse_selector_core (CRParser * a_this); + + static enum CRStatus cr_parser_parse_declaration_core (CRParser * a_this); + +-static enum CRStatus cr_parser_parse_any_core (CRParser * a_this); ++static enum CRStatus cr_parser_parse_any_core (CRParser * a_this, ++ guint n_calls); + +-static enum CRStatus cr_parser_parse_block_core (CRParser * a_this); ++static enum CRStatus cr_parser_parse_block_core (CRParser * a_this, ++ guint n_calls); + + static enum CRStatus cr_parser_parse_value_core (CRParser * a_this); + +@@ -794,7 +798,7 @@ cr_parser_parse_atrule_core (CRParser * a_this) + cr_parser_try_to_skip_spaces_and_comments (a_this); + + do { +- status = cr_parser_parse_any_core (a_this); ++ status = cr_parser_parse_any_core (a_this, 0); + } while (status == CR_OK); + + status = cr_tknzr_get_next_token (PRIVATE (a_this)->tknzr, +@@ -805,7 +809,7 @@ cr_parser_parse_atrule_core (CRParser * a_this) + cr_tknzr_unget_token (PRIVATE (a_this)->tknzr, + token); + token = NULL; +- status = cr_parser_parse_block_core (a_this); ++ status = cr_parser_parse_block_core (a_this, 0); + CHECK_PARSING_STATUS (status, + FALSE); + goto done; +@@ -940,11 +944,11 @@ cr_parser_parse_selector_core (CRParser * a_this) + + RECORD_INITIAL_POS (a_this, &init_pos); + +- status = cr_parser_parse_any_core (a_this); ++ status = cr_parser_parse_any_core (a_this, 0); + CHECK_PARSING_STATUS (status, FALSE); + + do { +- status = cr_parser_parse_any_core (a_this); ++ status = cr_parser_parse_any_core (a_this, 0); + + } while (status == CR_OK); + +@@ -966,10 +970,12 @@ cr_parser_parse_selector_core (CRParser * a_this) + *in chapter 4.1 of the css2 spec. + *block ::= '{' S* [ any | block | ATKEYWORD S* | ';' ]* '}' S*; + *@param a_this the current instance of #CRParser. ++ *@param n_calls used to limit recursion depth + *FIXME: code this function. + */ + static enum CRStatus +-cr_parser_parse_block_core (CRParser * a_this) ++cr_parser_parse_block_core (CRParser * a_this, ++ guint n_calls) + { + CRToken *token = NULL; + CRInputPos init_pos; +@@ -977,6 +983,9 @@ cr_parser_parse_block_core (CRParser * a_this) + + g_return_val_if_fail (a_this && PRIVATE (a_this), CR_BAD_PARAM_ERROR); + ++ if (n_calls > RECURSIVE_CALLERS_LIMIT) ++ return CR_ERROR; ++ + RECORD_INITIAL_POS (a_this, &init_pos); + + status = cr_tknzr_get_next_token (PRIVATE (a_this)->tknzr, &token); +@@ -1006,13 +1015,13 @@ cr_parser_parse_block_core (CRParser * a_this) + } else if (token->type == CBO_TK) { + cr_tknzr_unget_token (PRIVATE (a_this)->tknzr, token); + token = NULL; +- status = cr_parser_parse_block_core (a_this); ++ status = cr_parser_parse_block_core (a_this, n_calls + 1); + CHECK_PARSING_STATUS (status, FALSE); + goto parse_block_content; + } else { + cr_tknzr_unget_token (PRIVATE (a_this)->tknzr, token); + token = NULL; +- status = cr_parser_parse_any_core (a_this); ++ status = cr_parser_parse_any_core (a_this, n_calls + 1); + CHECK_PARSING_STATUS (status, FALSE); + goto parse_block_content; + } +@@ -1119,7 +1128,7 @@ cr_parser_parse_value_core (CRParser * a_this) + status = cr_tknzr_unget_token (PRIVATE (a_this)->tknzr, + token); + token = NULL; +- status = cr_parser_parse_block_core (a_this); ++ status = cr_parser_parse_block_core (a_this, 0); + CHECK_PARSING_STATUS (status, FALSE); + ref++; + goto continue_parsing; +@@ -1133,7 +1142,7 @@ cr_parser_parse_value_core (CRParser * a_this) + status = cr_tknzr_unget_token (PRIVATE (a_this)->tknzr, + token); + token = NULL; +- status = cr_parser_parse_any_core (a_this); ++ status = cr_parser_parse_any_core (a_this, 0); + if (status == CR_OK) { + ref++; + goto continue_parsing; +@@ -1172,10 +1181,12 @@ cr_parser_parse_value_core (CRParser * a_this) + * | FUNCTION | DASHMATCH | '(' any* ')' | '[' any* ']' ] S*; + * + *@param a_this the current instance of #CRParser. ++ *@param n_calls used to limit recursion depth + *@return CR_OK upon successfull completion, an error code otherwise. + */ + static enum CRStatus +-cr_parser_parse_any_core (CRParser * a_this) ++cr_parser_parse_any_core (CRParser * a_this, ++ guint n_calls) + { + CRToken *token1 = NULL, + *token2 = NULL; +@@ -1184,6 +1195,9 @@ cr_parser_parse_any_core (CRParser * a_this) + + g_return_val_if_fail (a_this, CR_BAD_PARAM_ERROR); + ++ if (n_calls > RECURSIVE_CALLERS_LIMIT) ++ return CR_ERROR; ++ + RECORD_INITIAL_POS (a_this, &init_pos); + + status = cr_tknzr_get_next_token (PRIVATE (a_this)->tknzr, &token1); +@@ -1222,7 +1236,7 @@ cr_parser_parse_any_core (CRParser * a_this) + *We consider parameter as being an "any*" production. + */ + do { +- status = cr_parser_parse_any_core (a_this); ++ status = cr_parser_parse_any_core (a_this, n_calls + 1); + } while (status == CR_OK); + + ENSURE_PARSING_COND (status == CR_PARSING_ERROR); +@@ -1247,7 +1261,7 @@ cr_parser_parse_any_core (CRParser * a_this) + } + + do { +- status = cr_parser_parse_any_core (a_this); ++ status = cr_parser_parse_any_core (a_this, n_calls + 1); + } while (status == CR_OK); + + ENSURE_PARSING_COND (status == CR_PARSING_ERROR); +@@ -1275,7 +1289,7 @@ cr_parser_parse_any_core (CRParser * a_this) + } + + do { +- status = cr_parser_parse_any_core (a_this); ++ status = cr_parser_parse_any_core (a_this, n_calls + 1); + } while (status == CR_OK); + + ENSURE_PARSING_COND (status == CR_PARSING_ERROR); +--- a/libtextstyle/lib/libcroco/cr-parser.c ++++ b/libtextstyle/lib/libcroco/cr-parser.c +@@ -146,6 +146,8 @@ struct _CRParserPriv { + + #define CHARS_TAB_SIZE 12 + ++#define RECURSIVE_CALLERS_LIMIT 100 ++ + /** + * IS_NUM: + *@a_char: the char to test. +@@ -354,9 +356,11 @@ static enum CRStatus cr_parser_parse_selector_core (CRParser * a_this); + + static enum CRStatus cr_parser_parse_declaration_core (CRParser * a_this); + +-static enum CRStatus cr_parser_parse_any_core (CRParser * a_this); ++static enum CRStatus cr_parser_parse_any_core (CRParser * a_this, ++ guint n_calls); + +-static enum CRStatus cr_parser_parse_block_core (CRParser * a_this); ++static enum CRStatus cr_parser_parse_block_core (CRParser * a_this, ++ guint n_calls); + + static enum CRStatus cr_parser_parse_value_core (CRParser * a_this); + +@@ -794,7 +798,7 @@ cr_parser_parse_atrule_core (CRParser * a_this) + cr_parser_try_to_skip_spaces_and_comments (a_this); + + do { +- status = cr_parser_parse_any_core (a_this); ++ status = cr_parser_parse_any_core (a_this, 0); + } while (status == CR_OK); + + status = cr_tknzr_get_next_token (PRIVATE (a_this)->tknzr, +@@ -805,7 +809,7 @@ cr_parser_parse_atrule_core (CRParser * a_this) + cr_tknzr_unget_token (PRIVATE (a_this)->tknzr, + token); + token = NULL; +- status = cr_parser_parse_block_core (a_this); ++ status = cr_parser_parse_block_core (a_this, 0); + CHECK_PARSING_STATUS (status, + FALSE); + goto done; +@@ -940,11 +944,11 @@ cr_parser_parse_selector_core (CRParser * a_this) + + RECORD_INITIAL_POS (a_this, &init_pos); + +- status = cr_parser_parse_any_core (a_this); ++ status = cr_parser_parse_any_core (a_this, 0); + CHECK_PARSING_STATUS (status, FALSE); + + do { +- status = cr_parser_parse_any_core (a_this); ++ status = cr_parser_parse_any_core (a_this, 0); + + } while (status == CR_OK); + +@@ -966,10 +970,12 @@ cr_parser_parse_selector_core (CRParser * a_this) + *in chapter 4.1 of the css2 spec. + *block ::= '{' S* [ any | block | ATKEYWORD S* | ';' ]* '}' S*; + *@param a_this the current instance of #CRParser. ++ *@param n_calls used to limit recursion depth + *FIXME: code this function. + */ + static enum CRStatus +-cr_parser_parse_block_core (CRParser * a_this) ++cr_parser_parse_block_core (CRParser * a_this, ++ guint n_calls) + { + CRToken *token = NULL; + CRInputPos init_pos; +@@ -977,6 +983,9 @@ cr_parser_parse_block_core (CRParser * a_this) + + g_return_val_if_fail (a_this && PRIVATE (a_this), CR_BAD_PARAM_ERROR); + ++ if (n_calls > RECURSIVE_CALLERS_LIMIT) ++ return CR_ERROR; ++ + RECORD_INITIAL_POS (a_this, &init_pos); + + status = cr_tknzr_get_next_token (PRIVATE (a_this)->tknzr, &token); +@@ -1006,13 +1015,13 @@ cr_parser_parse_block_core (CRParser * a_this) + } else if (token->type == CBO_TK) { + cr_tknzr_unget_token (PRIVATE (a_this)->tknzr, token); + token = NULL; +- status = cr_parser_parse_block_core (a_this); ++ status = cr_parser_parse_block_core (a_this, n_calls + 1); + CHECK_PARSING_STATUS (status, FALSE); + goto parse_block_content; + } else { + cr_tknzr_unget_token (PRIVATE (a_this)->tknzr, token); + token = NULL; +- status = cr_parser_parse_any_core (a_this); ++ status = cr_parser_parse_any_core (a_this, n_calls + 1); + CHECK_PARSING_STATUS (status, FALSE); + goto parse_block_content; + } +@@ -1119,7 +1128,7 @@ cr_parser_parse_value_core (CRParser * a_this) + status = cr_tknzr_unget_token (PRIVATE (a_this)->tknzr, + token); + token = NULL; +- status = cr_parser_parse_block_core (a_this); ++ status = cr_parser_parse_block_core (a_this, 0); + CHECK_PARSING_STATUS (status, FALSE); + ref++; + goto continue_parsing; +@@ -1133,7 +1142,7 @@ cr_parser_parse_value_core (CRParser * a_this) + status = cr_tknzr_unget_token (PRIVATE (a_this)->tknzr, + token); + token = NULL; +- status = cr_parser_parse_any_core (a_this); ++ status = cr_parser_parse_any_core (a_this, 0); + if (status == CR_OK) { + ref++; + goto continue_parsing; +@@ -1172,10 +1181,12 @@ cr_parser_parse_value_core (CRParser * a_this) + * | FUNCTION | DASHMATCH | '(' any* ')' | '[' any* ']' ] S*; + * + *@param a_this the current instance of #CRParser. ++ *@param n_calls used to limit recursion depth + *@return CR_OK upon successfull completion, an error code otherwise. + */ + static enum CRStatus +-cr_parser_parse_any_core (CRParser * a_this) ++cr_parser_parse_any_core (CRParser * a_this, ++ guint n_calls) + { + CRToken *token1 = NULL, + *token2 = NULL; +@@ -1184,6 +1195,9 @@ cr_parser_parse_any_core (CRParser * a_this) + + g_return_val_if_fail (a_this, CR_BAD_PARAM_ERROR); + ++ if (n_calls > RECURSIVE_CALLERS_LIMIT) ++ return CR_ERROR; ++ + RECORD_INITIAL_POS (a_this, &init_pos); + + status = cr_tknzr_get_next_token (PRIVATE (a_this)->tknzr, &token1); +@@ -1222,7 +1236,7 @@ cr_parser_parse_any_core (CRParser * a_this) + *We consider parameter as being an "any*" production. + */ + do { +- status = cr_parser_parse_any_core (a_this); ++ status = cr_parser_parse_any_core (a_this, n_calls + 1); + } while (status == CR_OK); + + ENSURE_PARSING_COND (status == CR_PARSING_ERROR); +@@ -1247,7 +1261,7 @@ cr_parser_parse_any_core (CRParser * a_this) + } + + do { +- status = cr_parser_parse_any_core (a_this); ++ status = cr_parser_parse_any_core (a_this, n_calls + 1); + } while (status == CR_OK); + + ENSURE_PARSING_COND (status == CR_PARSING_ERROR); +@@ -1275,7 +1289,7 @@ cr_parser_parse_any_core (CRParser * a_this) + } + + do { +- status = cr_parser_parse_any_core (a_this); ++ status = cr_parser_parse_any_core (a_this, n_calls + 1); + } while (status == CR_OK); + + ENSURE_PARSING_COND (status == CR_PARSING_ERROR); + diff --git a/sys-devel/gettext/gettext-0.21.ebuild b/sys-devel/gettext/gettext-0.21-r1.ebuild index f16b3d86e91f..40031f2f5a3d 100644 --- a/sys-devel/gettext/gettext-0.21.ebuild +++ b/sys-devel/gettext/gettext-0.21-r1.ebuild @@ -20,7 +20,7 @@ fi # so put that license behind USE=cxx. LICENSE="GPL-3+ cxx? ( LGPL-2.1+ )" SLOT="0" -IUSE="acl -cvs +cxx doc emacs git java ncurses nls openmp static-libs" +IUSE="acl cvs +cxx doc emacs git java ncurses nls openmp static-libs" # only runtime goes multilib # Note: The version of libxml2 corresponds to the version bundled via gnulib. @@ -35,11 +35,11 @@ DEPEND=">=virtual/libiconv-0-r1[${MULTILIB_USEDEP}] dev-libs/expat acl? ( virtual/acl ) ncurses? ( sys-libs/ncurses:0= ) - java? ( >=virtual/jdk-1.4:= )" + java? ( >=virtual/jdk-1.8:= )" RDEPEND="${DEPEND} !git? ( cvs? ( dev-vcs/cvs ) ) git? ( dev-vcs/git ) - java? ( >=virtual/jre-1.4 )" + java? ( >=virtual/jre-1.8 )" BDEPEND=" git? ( dev-vcs/git ) " @@ -60,6 +60,7 @@ PATCHES=( "${FILESDIR}"/${PN}-0.19.7-disable-libintl.patch #564168 "${FILESDIR}"/${PN}-0.20-parallel_install.patch #685530 "${FILESDIR}"/${PN}-0.21_rc1-avoid_eautomake.patch + "${FILESDIR}"/${PN}-0.21-CVE-2020-12825.patch ) QA_SONAME_NO_SYMLINK=".*/preloadable_libintl.so" |