From e748ba9741f6540f4675c23e3e37b73e822c13a4 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 31 May 2021 20:59:14 +0100 Subject: gentoo resync : 31.05.2021 --- app-arch/upx/Manifest | 3 +- app-arch/upx/files/upx-3.96_CVE-2020-24119.patch | 34 +++++++++++++++++++++ app-arch/upx/upx-3.96-r1.ebuild | 38 ----------------------- app-arch/upx/upx-3.96-r2.ebuild | 39 ++++++++++++++++++++++++ 4 files changed, 75 insertions(+), 39 deletions(-) create mode 100644 app-arch/upx/files/upx-3.96_CVE-2020-24119.patch delete mode 100644 app-arch/upx/upx-3.96-r1.ebuild create mode 100644 app-arch/upx/upx-3.96-r2.ebuild (limited to 'app-arch/upx') diff --git a/app-arch/upx/Manifest b/app-arch/upx/Manifest index f6ef79daac62..ab45fe65b0c7 100644 --- a/app-arch/upx/Manifest +++ b/app-arch/upx/Manifest @@ -1,4 +1,5 @@ +AUX upx-3.96_CVE-2020-24119.patch 1371 BLAKE2B 54209c114c4a8cab51e7e7ec13cfee055a5f940df4dcbe40b7a35664378a20effdbedfef7b34e4a98510272f221540f87bf47bb439db96a68cc19177e6be71ff SHA512 9b887882e7344d77635091cd01d3c7aa9f45156f43896155988e3e1b7726d76642b4bc9b6c2db06af14710aaa9bfda16e97bc0d1127b77190b72e683d394beff AUX upx-3.96_CVE-2021-20285.patch 4481 BLAKE2B 345bce505a045c53b48dad3102f52588ceb7f2736cdbeab31ed5f65a5cf5a5344cb9ca700cfc3d7fac2569a91f454a652a676c83aafb1be884b0fae229d3afae SHA512 f596f13634eb2173f4c549d41387bdb6785501afb7d3a68d70f90dcdbadc615e95de024e1810af2b3663137692a7322d32a290357e0f7a96ca2acf51228b0abc DIST upx-3.96-src.tar.xz 792524 BLAKE2B 21af85dbcfdd1bf0151a653c865db13c9f30b9de0b9b4b94557ddd55736c7053dd829c5d72b9a7e5aa94a71ecc0151145dd66d7d98ded178c50ff7357d0ba442 SHA512 2d4d1be21d274d9bfdee9b9815396f5e5ff0bcdfb781b7be5fafa4d1e224028e412ec5f5ba607c482671aae27ccf9069abb2db0fb58f78f3a102a51897df2b11 -EBUILD upx-3.96-r1.ebuild 864 BLAKE2B 227dd8b0cc3d09522229cfeecf0f1c4a864d66aa558b0d7ac5589bef470cad6e0dd3db0e53006ce870bc127704f10a823af4c284943516e76173081f40ce36da SHA512 b83bba2a294a4f79d412e18319d5b3985ae1107cecf7b742a3e0a9672a8df38a53c51266c22327b01c2b205253775eab538c333b5ac057ca2c18b03e41eb02e4 +EBUILD upx-3.96-r2.ebuild 914 BLAKE2B a2a5e5979b0ee73b21b456bebee59b8fd8830d4f268d27683584bc66dfa7f4cea3ef5226e2aecd9d4b5d4492918782eba2d524f54142f86a988dac087c331de2 SHA512 6cae7c01fdd6769b099c8ee70cd29609615692be8946ccb93797f48f623e787fe7f858decb8d41ab807fb4334ad14615d2c41d319056612558dca5ad91d4b9ce MISC metadata.xml 478 BLAKE2B c0d96932b628c0448fbdc1756445798bb382ea120b499a2bc2c9320b392730835e5bad5785ef719f5a95d381f3768e7bf2d7f4dbce76d8993052ac9a761f422d SHA512 5bd0548fcf13bbd34c5fc97bd139a6b1398bbc99db984cd730188280fc490864cf704858c132e0154b0681eca5a26a93fa0eeb029d5760fcf17d83be2d83d51d diff --git a/app-arch/upx/files/upx-3.96_CVE-2020-24119.patch b/app-arch/upx/files/upx-3.96_CVE-2020-24119.patch new file mode 100644 index 000000000000..7e6de04948bd --- /dev/null +++ b/app-arch/upx/files/upx-3.96_CVE-2020-24119.patch @@ -0,0 +1,34 @@ +From 87b73e5cfdc12da94c251b2cd83bb01c7d9f616c Mon Sep 17 00:00:00 2001 +From: John Reiser +Date: Wed, 22 Jul 2020 19:34:27 -0700 +Subject: [PATCH] Unpack: Phdrs must be within expansion of first compressed + block + +https://github.com/upx/upx/issues/388 + modified: p_lx_elf.cpp +--- + src/p_lx_elf.cpp | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/p_lx_elf.cpp b/src/p_lx_elf.cpp +index cd9e4ec97..453d5c457 100644 +--- a/src/p_lx_elf.cpp ++++ b/src/p_lx_elf.cpp +@@ -4550,7 +4550,7 @@ void PackLinuxElf64::unpack(OutputFile *fo) + unsigned c_adler = upx_adler32(NULL, 0); + unsigned u_adler = upx_adler32(NULL, 0); + #define MAX_ELF_HDR 1024 +- if ((MAX_ELF_HDR - sizeof(Elf64_Ehdr))/sizeof(Elf64_Phdr) < u_phnum) { ++ if ((umin64(MAX_ELF_HDR, ph.u_len) - sizeof(Elf64_Ehdr))/sizeof(Elf64_Phdr) < u_phnum) { + throwCantUnpack("bad compressed e_phnum"); + } + #undef MAX_ELF_HDR +@@ -5617,7 +5617,7 @@ void PackLinuxElf32::unpack(OutputFile *fo) + unsigned c_adler = upx_adler32(NULL, 0); + unsigned u_adler = upx_adler32(NULL, 0); + #define MAX_ELF_HDR 512 +- if ((MAX_ELF_HDR - sizeof(Elf32_Ehdr))/sizeof(Elf32_Phdr) < u_phnum) { ++ if ((umin(MAX_ELF_HDR, ph.u_len) - sizeof(Elf32_Ehdr))/sizeof(Elf32_Phdr) < u_phnum) { + throwCantUnpack("bad compressed e_phnum"); + } + #undef MAX_ELF_HDR diff --git a/app-arch/upx/upx-3.96-r1.ebuild b/app-arch/upx/upx-3.96-r1.ebuild deleted file mode 100644 index 26a73f6191a8..000000000000 --- a/app-arch/upx/upx-3.96-r1.ebuild +++ /dev/null @@ -1,38 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit toolchain-funcs - -DESCRIPTION="Ultimate Packer for eXecutables (free version using UCL compression and not NRV)" -HOMEPAGE="https://upx.github.io/" -SRC_URI="https://github.com/upx/upx/releases/download/v${PV}/${P}-src.tar.xz" - -LICENSE="GPL-2+ UPX-exception" # Read the exception before applying any patches -SLOT="0" -KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~sparc ~x86" -IUSE="" - -RDEPEND=">=dev-libs/ucl-1.03 - sys-libs/zlib - !app-arch/upx-bin" -DEPEND="${RDEPEND} - dev-lang/perl" - -S="${WORKDIR}/${P}-src" - -PATCHES=( - "${FILESDIR}/${P}_CVE-2021-20285.patch" -) - -src_compile() { - tc-export CXX - emake CXXFLAGS_WERROR="" all -} - -src_install() { - newbin src/upx.out upx - dodoc BUGS NEWS PROJECTS README* THANKS doc/*.txt doc/upx.html - doman doc/upx.1 -} diff --git a/app-arch/upx/upx-3.96-r2.ebuild b/app-arch/upx/upx-3.96-r2.ebuild new file mode 100644 index 000000000000..cf9f4c4f87d3 --- /dev/null +++ b/app-arch/upx/upx-3.96-r2.ebuild @@ -0,0 +1,39 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit toolchain-funcs + +DESCRIPTION="Ultimate Packer for eXecutables (free version using UCL compression and not NRV)" +HOMEPAGE="https://upx.github.io/" +SRC_URI="https://github.com/upx/upx/releases/download/v${PV}/${P}-src.tar.xz" + +LICENSE="GPL-2+ UPX-exception" # Read the exception before applying any patches +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~sparc ~x86" +IUSE="" + +DEPEND=">=dev-libs/ucl-1.03 + sys-libs/zlib" +RDEPEND="${RDEPEND} + !app-arch/upx-bin" +BDEPEND="dev-lang/perl" + +S="${WORKDIR}/${P}-src" + +PATCHES=( + "${FILESDIR}/${P}_CVE-2020-24119.patch" + "${FILESDIR}/${P}_CVE-2021-20285.patch" +) + +src_compile() { + tc-export CXX + emake CXXFLAGS_WERROR="" all +} + +src_install() { + newbin src/upx.out upx + dodoc BUGS NEWS PROJECTS README* THANKS doc/*.txt doc/upx.html + doman doc/upx.1 +} -- cgit v1.2.3