From 44f7bdd4803ecacf7943d21fdf2531eb2ea9aeff Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@koprulu.sector>
Date: Sun, 2 Feb 2025 22:43:17 +0000
Subject: gentoo auto-resync : 02:02:2025 - 22:43:16

---
 dev-games/Manifest.gz                              | Bin 5724 -> 5728 bytes
 dev-games/simgear/Manifest                         |   3 +-
 ...imgear-2020.3.19-flightgear-CVE-2025-0781.patch |  84 +++++++++++++++++++++
 dev-games/simgear/simgear-2020.3.19-r1.ebuild      |  70 +++++++++++++++++
 dev-games/simgear/simgear-2020.3.19.ebuild         |  69 -----------------
 5 files changed, 156 insertions(+), 70 deletions(-)
 create mode 100644 dev-games/simgear/files/simgear-2020.3.19-flightgear-CVE-2025-0781.patch
 create mode 100644 dev-games/simgear/simgear-2020.3.19-r1.ebuild
 delete mode 100644 dev-games/simgear/simgear-2020.3.19.ebuild

(limited to 'dev-games')

diff --git a/dev-games/Manifest.gz b/dev-games/Manifest.gz
index 9a48b2157389..8423fa3970d8 100644
Binary files a/dev-games/Manifest.gz and b/dev-games/Manifest.gz differ
diff --git a/dev-games/simgear/Manifest b/dev-games/simgear/Manifest
index 60ab78b684fe..50dca1115a18 100644
--- a/dev-games/simgear/Manifest
+++ b/dev-games/simgear/Manifest
@@ -1,7 +1,8 @@
 AUX simgear-2019.1.1-gdal3.patch 388 BLAKE2B 364d5f6692809c67d73a3191f387cbd9735e7183a25696e612827c1a796c872ee5d4a09085fa8a24a0fd524725fdeca9303c5c5ee71981de054ab5a8833d5285 SHA512 44d59cf379c8c7d82b87a31a4d29dd02aaa865c37f12c7e565c641bf3fb14497f4d63b69bbc973551b53d74919ddce5495e3f29b598ed87a6a4565e22ec81667
 AUX simgear-2020.1.2-do-not-assume-libc++-clang.patch 629 BLAKE2B 1ce89c84f6ac94d7f29a3d9fc8b66cd972dcca809188ac487f7b1d961b9bad6ecdaf31882e5a0beb239cf2fb0d946bff7c5838dca7ac7872cbab22480a7b7aed SHA512 a294c55b84331bdabdea5d950b5a9a53c17eb4b949a863cb0b77c9dd585cb6a43b74f86323e1cc4de48564e064927cd49d7dec032361e50f75bfc82351319a26
 AUX simgear-2020.3.17-boost-1.81.patch 254 BLAKE2B 6a0e98f37d9a4f5ecbad118382827d9d2499dd8ad638e2da776944f26098fc5a15aa21ebcf4615b567f5f395e1c4c52c67988ed59738a03d9b58056da74cfbb2 SHA512 16cb3789fd88c64a9086f16cff8c1b8186b54fd9cb16ec224ba14c66fb0223de2fbd7443b4ab99da3a7c88c2ea5eb34e21c74be3b888ca67cbf3e64d2f6ff525
+AUX simgear-2020.3.19-flightgear-CVE-2025-0781.patch 3278 BLAKE2B e0a7b49d5b3f9421d5900fdab23052a2ba8984122a80bf24845903ae15424a046efe124a565fb1198eea9d3f86f6d22ced294ce8582fa80289147c53e7475e5d SHA512 eca999048a83322c225b4879d03485f256604f4084a29bc79223c9f9d9982ba2e9b0d1acf945a42140dc67f64d90b4b8ca407955b4f1c8a3d9ae7263225c57f8
 DIST simgear-2020.3.19.tar.bz2 1427799 BLAKE2B a3c90756053d01fdbb7f7518cbf58018b21a1e7acfbee523ffda0ba27682113c67c531b2f0c0678d7e962f365411811b7044e0df9b995e0d3eabef2ede431757 SHA512 b5c2acb9b843c48e573764c1474bc8723167376546d2fe01246ea936d348abf7e26c8778037680dc76fad5e514209ccce03f8c49cdd90ff0fb44f86759f9ec64
-EBUILD simgear-2020.3.19.ebuild 1549 BLAKE2B 7756d4731c6b31ae34535125ed5008a73ebdb95c3fae2a84efad529c266b90a2812e533eadf1e9793e50f3e69e95b5dcd92cf33de5df24be31555f11560fe007 SHA512 bed01238d8d72ccc8a03f366aea75153986ac4f6e613995be84cda1456cfc7e72effacd1cec89bcdfbffec938c98023f91d4d2013e817d6910dc7225cb195734
+EBUILD simgear-2020.3.19-r1.ebuild 1611 BLAKE2B 1fddc5e9bb9e225a0c6f7ebea2aa317557ef99896d9b0a4d2071219f306d6cdbe93858c60b97eeb4cb7b5cf713e2ad5a0b59312e78e329ceda688f5e3d305bcc SHA512 f8018a7bc0afa41c10011c2db01b8a00990da9bbe7ef930bcf1cd2b35db4ef448248edf1365cc15de7bd70298bcb0e9737137c6f3cec6cb8c9a7098726f7276e
 EBUILD simgear-9999.ebuild 1488 BLAKE2B 5dc67a69980ebc73d207bb70997c021617a34d5053ab96b2ce08c368cca6d0bc719decd92bd94a27e192f770beb8ae00e49ca114940e9cd22d6fb3da820cf49d SHA512 acd7027e75c57bae000a63b13d6b06fdcea59644f20b6db40020bb5eb7f1caced1fb67962565a8b93128d9bde26ab54b8d94af4021e8e2fafd9e19cee1cd0083
 MISC metadata.xml 912 BLAKE2B 859be3b8c4eaaa3fb0937ec479e92b38bc6a025409f24bd537f07f2181d79ab68acdc458b21dd5c6c3845b4e18ebef92576e7826496ecee350e57737c1787ea4 SHA512 aac6ae0cb9916ea5f25197e44b1fab54e1b525150e47af4bb932c14b6dc97bfcdc799e43e245d6ddf3bd503556267beffad3dc8967978e91834f61c487d5ff82
diff --git a/dev-games/simgear/files/simgear-2020.3.19-flightgear-CVE-2025-0781.patch b/dev-games/simgear/files/simgear-2020.3.19-flightgear-CVE-2025-0781.patch
new file mode 100644
index 000000000000..3de416a1a2e9
--- /dev/null
+++ b/dev-games/simgear/files/simgear-2020.3.19-flightgear-CVE-2025-0781.patch
@@ -0,0 +1,84 @@
+From 5bb023647114267141a7610e8f1ca7d6f4f5a5a8 Mon Sep 17 00:00:00 2001
+From: Florent Rougon <f.rougon@frougon.net>
+Date: Tue, 21 Jan 2025 00:16:43 +0100
+Subject: [PATCH] cppbind: check I/O rules when auto-constructing an SGPath
+ from a Nasal scalar
+
+- Add static member function SGPath::NasalIORulesChecker as a
+  PermissionChecker (this is essentially checkIORules() moved from the
+  flightgear repository).
+
+- Use it in the from_nasal_helper() that creates an SGPath instance from
+  a Nasal scalar.
+---
+ simgear/misc/sg_path.cxx                      | 20 +++++++++++++++++++
+ simgear/misc/sg_path.hxx                      |  7 +++++++
+ .../cppbind/detail/from_nasal_helper.cxx      |  3 ++-
+ 3 files changed, 29 insertions(+), 1 deletion(-)
+
+diff --git a/simgear/misc/sg_path.cxx b/simgear/misc/sg_path.cxx
+index f6c5b089e..c66bc72c4 100644
+--- a/simgear/misc/sg_path.cxx
++++ b/simgear/misc/sg_path.cxx
+@@ -275,6 +275,26 @@ void SGPath::set_cached(bool cached)
+ // *                    Access permissions for Nasal code                    *
+ // ***************************************************************************
+ 
++// Static member function
++SGPath::Permissions SGPath::NasalIORulesChecker(const SGPath& path)
++{
++    Permissions perm;
++
++    if (!path.isAbsolute()) {
++        // SGPath caches permissions, which breaks for relative paths if the
++        // current directory changes.
++        SG_LOG(SG_NASAL, SG_ALERT,
++               "SGPath::NasalIORulesChecker(): file operation on '" <<
++               path.utf8Str() << "': access denied (relative paths not "
++               "accepted; use realpath() to obtain an absolute path)");
++    }
++
++    perm.read  = path.isAbsolute() && !path.validate(false).isNull();
++    perm.write = path.isAbsolute() && !path.validate(true).isNull();
++
++    return perm;
++}
++
+ // Static member function
+ void SGPath::clearListOfAllowedPaths(bool write)
+ {
+diff --git a/simgear/misc/sg_path.hxx b/simgear/misc/sg_path.hxx
+index 32e9d662b..75da94c95 100644
+--- a/simgear/misc/sg_path.hxx
++++ b/simgear/misc/sg_path.hxx
+@@ -162,6 +162,13 @@ public:
+      */
+     SGPath validate(bool write) const;
+ 
++    /**
++     * Normal PermissionChecker for SGPath instances created from Nasal.
++     * @param path an SGPath instance
++     * @return read and write permissions conforming to validate()
++     */
++    static Permissions NasalIORulesChecker(const SGPath& path);
++
+     /**
+      * Append another piece to the existing path.  Inserts a path
+      * separator between the existing component and the new component.
+diff --git a/simgear/nasal/cppbind/detail/from_nasal_helper.cxx b/simgear/nasal/cppbind/detail/from_nasal_helper.cxx
+index bdf10fe5e..ad027c0b0 100644
+--- a/simgear/nasal/cppbind/detail/from_nasal_helper.cxx
++++ b/simgear/nasal/cppbind/detail/from_nasal_helper.cxx
+@@ -47,7 +47,8 @@ namespace nasal
+   SGPath from_nasal_helper(naContext c, naRef ref, const SGPath*)
+   {
+       naRef na_str = naStringValue(c, ref);
+-      return SGPath(std::string(naStr_data(na_str), naStr_len(na_str)));
++      return SGPath(std::string(naStr_data(na_str), naStr_len(na_str)),
++                    &SGPath::NasalIORulesChecker);
+   }
+ 
+   //----------------------------------------------------------------------------
+-- 
+GitLab
+
diff --git a/dev-games/simgear/simgear-2020.3.19-r1.ebuild b/dev-games/simgear/simgear-2020.3.19-r1.ebuild
new file mode 100644
index 000000000000..fac3a4948f31
--- /dev/null
+++ b/dev-games/simgear/simgear-2020.3.19-r1.ebuild
@@ -0,0 +1,70 @@
+# Copyright 1999-2025 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit cmake toolchain-funcs
+
+DESCRIPTION="Development library for simulation games"
+HOMEPAGE="https://www.flightgear.org/"
+SRC_URI="https://downloads.sourceforge.net/flightgear/${P}.tar.bz2"
+
+LICENSE="GPL-2"
+KEYWORDS="~amd64 ~x86"
+SLOT="0"
+IUSE="cpu_flags_x86_sse2 +dns debug gdal openmp subversion test"
+RESTRICT="!test? ( test )"
+
+# TODO aeonwave
+COMMON_DEPEND="
+	app-arch/xz-utils
+	dev-libs/expat
+	dev-games/openscenegraph
+	media-libs/openal
+	net-misc/curl
+	sys-libs/zlib
+	virtual/opengl
+	dns? ( net-libs/udns )
+	gdal? ( sci-libs/gdal:= )
+"
+DEPEND="${COMMON_DEPEND}
+	dev-libs/boost
+"
+RDEPEND="${COMMON_DEPEND}
+	subversion? ( dev-vcs/subversion )
+"
+
+PATCHES=(
+	"${FILESDIR}/${PN}-2019.1.1-gdal3.patch"
+	"${FILESDIR}/${PN}-2020.1.2-do-not-assume-libc++-clang.patch"
+	"${FILESDIR}/${PN}-2020.3.17-boost-1.81.patch"
+	"${FILESDIR}/${PN}-2020.3.19-flightgear-CVE-2025-0781.patch"
+)
+
+pkg_pretend() {
+	[[ ${MERGE_TYPE} != binary ]] && use openmp && tc-check-openmp
+}
+
+pkg_setup() {
+	[[ ${MERGE_TYPE} != binary ]] && use openmp && tc-check-openmp
+}
+
+src_configure() {
+	local mycmakeargs=(
+		-DENABLE_DNS=$(usex dns)
+		-DENABLE_GDAL=$(usex gdal)
+		-DENABLE_OPENMP=$(usex openmp)
+		-DENABLE_PKGUTIL=ON
+		-DENABLE_RTI=OFF
+		-DENABLE_SIMD=$(usex cpu_flags_x86_sse2)
+		-DENABLE_SOUND=ON
+		-DENABLE_TESTS=$(usex test)
+		-DSIMGEAR_HEADLESS=OFF
+		-DSIMGEAR_SHARED=ON
+		-DSYSTEM_EXPAT=ON
+		-DSYSTEM_UDNS=ON
+		-DUSE_AEONWAVE=OFF
+		-DOSG_FSTREAM_EXPORT_FIXED=OFF # TODO perhaps track it
+	)
+	cmake_src_configure
+}
diff --git a/dev-games/simgear/simgear-2020.3.19.ebuild b/dev-games/simgear/simgear-2020.3.19.ebuild
deleted file mode 100644
index 0d07ca324560..000000000000
--- a/dev-games/simgear/simgear-2020.3.19.ebuild
+++ /dev/null
@@ -1,69 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit cmake toolchain-funcs
-
-DESCRIPTION="Development library for simulation games"
-HOMEPAGE="https://www.flightgear.org/"
-SRC_URI="https://downloads.sourceforge.net/flightgear/${P}.tar.bz2"
-
-LICENSE="GPL-2"
-KEYWORDS="~amd64 ~x86"
-SLOT="0"
-IUSE="cpu_flags_x86_sse2 +dns debug gdal openmp subversion test"
-RESTRICT="!test? ( test )"
-
-# TODO aeonwave
-COMMON_DEPEND="
-	app-arch/xz-utils
-	dev-libs/expat
-	dev-games/openscenegraph
-	media-libs/openal
-	net-misc/curl
-	sys-libs/zlib
-	virtual/opengl
-	dns? ( net-libs/udns )
-	gdal? ( sci-libs/gdal:= )
-"
-DEPEND="${COMMON_DEPEND}
-	dev-libs/boost
-"
-RDEPEND="${COMMON_DEPEND}
-	subversion? ( dev-vcs/subversion )
-"
-
-PATCHES=(
-	"${FILESDIR}/${PN}-2019.1.1-gdal3.patch"
-	"${FILESDIR}/${PN}-2020.1.2-do-not-assume-libc++-clang.patch"
-	"${FILESDIR}/${PN}-2020.3.17-boost-1.81.patch"
-)
-
-pkg_pretend() {
-	[[ ${MERGE_TYPE} != binary ]] && use openmp && tc-check-openmp
-}
-
-pkg_setup() {
-	[[ ${MERGE_TYPE} != binary ]] && use openmp && tc-check-openmp
-}
-
-src_configure() {
-	local mycmakeargs=(
-		-DENABLE_DNS=$(usex dns)
-		-DENABLE_GDAL=$(usex gdal)
-		-DENABLE_OPENMP=$(usex openmp)
-		-DENABLE_PKGUTIL=ON
-		-DENABLE_RTI=OFF
-		-DENABLE_SIMD=$(usex cpu_flags_x86_sse2)
-		-DENABLE_SOUND=ON
-		-DENABLE_TESTS=$(usex test)
-		-DSIMGEAR_HEADLESS=OFF
-		-DSIMGEAR_SHARED=ON
-		-DSYSTEM_EXPAT=ON
-		-DSYSTEM_UDNS=ON
-		-DUSE_AEONWAVE=OFF
-		-DOSG_FSTREAM_EXPORT_FIXED=OFF # TODO perhaps track it
-	)
-	cmake_src_configure
-}
-- 
cgit v1.2.3