From e2d84e38284aeb9d522a7e935554340ddf0e4a6f Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@redcorelinux.org>
Date: Wed, 15 Nov 2017 17:13:45 +0000
Subject: gentoo resync : 15.11.2017

---
 net-misc/rsync/Manifest                            |  2 +
 .../rsync/files/rsync-3.1.2-CVE-2017-16548.patch   | 17 +++++
 net-misc/rsync/rsync-3.1.2-r1.ebuild               | 89 ++++++++++++++++++++++
 3 files changed, 108 insertions(+)
 create mode 100644 net-misc/rsync/files/rsync-3.1.2-CVE-2017-16548.patch
 create mode 100644 net-misc/rsync/rsync-3.1.2-r1.ebuild

(limited to 'net-misc/rsync')

diff --git a/net-misc/rsync/Manifest b/net-misc/rsync/Manifest
index ea0ac194f420..f5d72601ddff 100644
--- a/net-misc/rsync/Manifest
+++ b/net-misc/rsync/Manifest
@@ -1,3 +1,4 @@
+AUX rsync-3.1.2-CVE-2017-16548.patch 770 SHA256 ea290d26365670f1f641e3c43e352340e3fdb337795472b03a24d38c9dd8017c SHA512 6b000e1e13f48050e0cea2ff3741d48d73694601911d961baf41d4a2d8571c2385e90dde2054e4f400767cfc3488d805d19d239c30e1049783efce1151a8a0aa WHIRLPOOL 48437e9d94cb7d43cd2eae08c7be594b848d1548629a1ed25bac512aa5d64e62becd5cdfec9ec3b4845c778e4b75a95ae74804ebe9d5b0c5753d15424c8b5580
 AUX rsyncd.conf-3.0.9-r1 449 SHA256 e3da1a057081b9089dede95873d6f413d63870fea67246081a6a90725cfd098b SHA512 8d51b452be88820c38639aa833490a001abc2edba03133441000634c2ec090d243598b0932fc11abdf1286afdab02eb6532df2b28a48bfde781c3a8b61fe8c6f WHIRLPOOL ae2b5dc507362ebc10a27973ac8e74b9983da50abbcb3ab33324da76ec70fe30c1cb49d1f7103c7b752d7cf6732a4bf8112c1763f2e9b9da669178925198716c
 AUX rsyncd.conf.d 149 SHA256 de758791b16b89a648c01867af7f51bc9bd44e40cbe868e439b753ff5d9572e5 SHA512 8ea9a2f1fea508fa132313fa16513eac84a9ed3ce75741c42769b56bbcd3f1bd2eb8bfdfe40a6c7f619e4281e8fc8d95d1bd84096d0b64aaacf606cd614ae5b3 WHIRLPOOL ac5098df8772c66d4d8070fbefe0194d8c44345d14a547f2cd59737f2dcb2023b59285117b07bbc2d711302f7736dd761d5e5498913c1878c3512d9fb5d5e36e
 AUX rsyncd.init.d-r1 247 SHA256 fc6240c77448d36cf3255e6c264737a6ce69424b5b62d0986eb322c4d8a1a85b SHA512 df2ef4d9e65fa72daa9a7d91d69a06027d0e0fbc48f9ebd485e2d51990c8d00985b7ccf41314f984975e8073e2075bbdfe5543754718381497c334dc7d96451a WHIRLPOOL cd5186d0754f51c1f0298cba332c571d0dbcfea1840a7dfef7139bfb835694bd550362c57ec2be19b15fa30f554303b65eae09a7a709cd3800648d53156d927c
@@ -5,6 +6,7 @@ AUX rsyncd.logrotate 105 SHA256 eb54100686a253d4d14c9c67fcc20f92d88c0616692bffea
 AUX rsyncd.service 206 SHA256 e4396236f554cb57eed133370dd74ff79ea495f5d7535734bc736b716931fb00 SHA512 b848a13856027e4fe1fd206a2aeb32854abd73beb31ebad7ac62c36b433e65507bbb5eef3901a42f46e70a4e887c7f9013617f19712e160ce155f3cb83bfc625 WHIRLPOOL 7ea8a774c4b22cc631b86f54ca6bf5e1dabe5d837072b491eb2638e44afd67dc57e7372fbbf26a6214417c7da32521a48c0fddfafb4c9a4249fc35d1271c8651
 AUX rsyncd.xinetd-3.0.9-r1 194 SHA256 17162f014242c9d5003578bed44b89cd2dc4f0ce2a200ac1facaa10a9aac8692 SHA512 fc053fc4748950343e866cc95284d037156a953454e4294d775f01f059e96e805582688bf1de5c965836889192ce4a663ec740e6ec2265406e509c5c6d6c3215 WHIRLPOOL 733f734e70d0c74ab6e472e656b8c83ddf816dca7e6c1130b999c2579713740db9362e5d517d0a8cf792b6859fd16d363f43ea8b531388f7abe93dcc1380ae42
 DIST rsync-3.1.2.tar.gz 892724 SHA256 ecfa62a7fa3c4c18b9eccd8c16eaddee4bd308a76ea50b5c02a5840f09c0a1c2 SHA512 4c55fd69f436ead0cb5a0b7c6fdfef9bb28ddb9c63534eb619e756b118d5b08cfc5e696498650932c86e865b37e06633da947e6720ca0c27ed5c034313ae208b WHIRLPOOL ba793bfc7f0bdd70dba812a4a782c6ed703c7e83e2d04ca714e67e6153b31f6fc49e224ef7622bf5abb1e0ba0f633bc88b2640548028944b5dfa0443ae8c585e
+EBUILD rsync-3.1.2-r1.ebuild 2880 SHA256 c8fd0b8d79d0ee3a0629f6398c76a2a412eec3142729bd13b2b1d73ea5989da0 SHA512 b3996ad7f1eb1680152edac83a43a414a3121dab21270a7dc1d9c9648cb58e9ac502ed00b9ec4ead0cfe55e3b89d83f0a5678639dc1f361aef0a294f3d6a27eb WHIRLPOOL 897e566f449c9447db90b41d9c2efc5b21d75b34c342c13f4c790e4700c9d6707027abaceed6a0755a81b6f912ad2c763f66786a6ba4a29afbd54c74d1be60aa
 EBUILD rsync-3.1.2.ebuild 2840 SHA256 c451d5a2ab8edf560c8dec38ca4e0ae8ca50ffc4a7778063865c7319c9c4db06 SHA512 2f0998787e96cfbb29398923998905fc029520a1352ae4420561471f8342e3876e0ed9dec935d4d5677bed2693aa6aa810b7f713914633ba97676a2dfa1edcb1 WHIRLPOOL b79f5f27f437e08510015467e53cca343fd9f1a5b14ca486961e0bd5ecac42e7615a3ba7ec46e39222725c36e0c6493dd270ac2be348c2215a044e045686c6d5
 MISC ChangeLog 5878 SHA256 f0322d72d76c1694bf9cedea6aa1974632fa923e96796866105f4675f4807814 SHA512 2867072a12b3ccbaac4541752f35b6377f42e981d5ae683da10c94107b58440787a28a593d81e8c6b3c4f77620d1c28ffe2888a98ec6753cf606d9a4cdd4d836 WHIRLPOOL 54c25e67f2f3dea9bbbacd805a9078e604ec5576bd690554a1b162a2315deeb5efdb2453d98efc5a073424df736be193cbaaba268aa7467172a2afe5fecc2f33
 MISC ChangeLog-2015 33945 SHA256 e9e1a4a05400f058f5bb7f33eee548ab322dff34570082ac63f0c32f349aada8 SHA512 57cd87723516841f3e87f0d88a9b73d0920e7a65f7a35816cfa568a9f54844224664c94acfb27faa7295c0aacda9a6a1d7131372918c40cead089c28290339b9 WHIRLPOOL 1cb3950f7deb2ff2c9c86968922ce6852ad0f75a36d2a284090bc82f1f014b01b9813e5bc3e93c1f1e55848e2de1ffa251b6f1cafb2bb03242678d6fbb1fb673
diff --git a/net-misc/rsync/files/rsync-3.1.2-CVE-2017-16548.patch b/net-misc/rsync/files/rsync-3.1.2-CVE-2017-16548.patch
new file mode 100644
index 000000000000..d06607cf772c
--- /dev/null
+++ b/net-misc/rsync/files/rsync-3.1.2-CVE-2017-16548.patch
@@ -0,0 +1,17 @@
+X-Git-Url: https://git.samba.org/rsync.git/?p=rsync.git;a=blobdiff_plain;f=xattrs.c;h=4867e6f5b8ad2934d43b06f3b99b7b3690a6dc7a;hp=68305d7559b34f5cc2f196b74429b82fa6ff49dd;hb=47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1;hpb=bc112b0e7feece62ce98708092306639a8a53cce
+
+diff --git a/xattrs.c b/xattrs.c
+index 68305d7..4867e6f 100644
+--- a/xattrs.c
++++ b/xattrs.c
+@@ -824,6 +824,10 @@ void receive_xattr(int f, struct file_struct *file)
+ 			out_of_memory("receive_xattr");
+ 		name = ptr + dget_len + extra_len;
+ 		read_buf(f, name, name_len);
++		if (name_len < 1 || name[name_len-1] != '\0') {
++			rprintf(FERROR, "Invalid xattr name received (missing trailing \\0).\n");
++			exit_cleanup(RERR_FILEIO);
++		}
+ 		if (dget_len == datum_len)
+ 			read_buf(f, ptr, dget_len);
+ 		else {
diff --git a/net-misc/rsync/rsync-3.1.2-r1.ebuild b/net-misc/rsync/rsync-3.1.2-r1.ebuild
new file mode 100644
index 000000000000..e3aff09422a0
--- /dev/null
+++ b/net-misc/rsync/rsync-3.1.2-r1.ebuild
@@ -0,0 +1,89 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit eutils flag-o-matic prefix systemd
+
+DESCRIPTION="File transfer program to keep remote files into sync"
+HOMEPAGE="https://rsync.samba.org/"
+SRC_URI="https://rsync.samba.org/ftp/rsync/src/${P}.tar.gz"
+[[ "${PV}" = *_pre* ]] && SRC_URI="https://rsync.samba.org/ftp/rsync/src-previews/${P/_/}.tar.gz"
+
+LICENSE="GPL-3"
+SLOT="0"
+if [[ ${PV} != *_pre ]] ; then
+KEYWORDS="~alpha amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+fi
+IUSE="acl examples iconv ipv6 static stunnel xattr"
+
+LIB_DEPEND="acl? ( virtual/acl[static-libs(+)] )
+	xattr? ( kernel_linux? ( sys-apps/attr[static-libs(+)] ) )
+	>=dev-libs/popt-1.5[static-libs(+)]"
+RDEPEND="!static? ( ${LIB_DEPEND//\[static-libs(+)]} )
+	iconv? ( virtual/libiconv )"
+DEPEND="${RDEPEND}
+	static? ( ${LIB_DEPEND} )"
+
+PATCHES=( "${FILESDIR}"/${PN}-3.1.2-CVE-2017-16548.patch )
+
+S=${WORKDIR}/${P/_/}
+
+src_configure() {
+	use static && append-ldflags -static
+	econf \
+		--without-included-popt \
+		$(use_enable acl acl-support) \
+		$(use_enable xattr xattr-support) \
+		$(use_enable ipv6) \
+		$(use_enable iconv) \
+		--with-rsyncd-conf="${EPREFIX}"/etc/rsyncd.conf
+	touch proto.h-tstamp #421625
+}
+
+src_install() {
+	emake DESTDIR="${D}" install
+	newconfd "${FILESDIR}"/rsyncd.conf.d rsyncd
+	newinitd "${FILESDIR}"/rsyncd.init.d-r1 rsyncd
+	dodoc NEWS OLDNEWS README TODO tech_report.tex
+	insinto /etc
+	newins "${FILESDIR}"/rsyncd.conf-3.0.9-r1 rsyncd.conf
+
+	insinto /etc/logrotate.d
+	newins "${FILESDIR}"/rsyncd.logrotate rsyncd
+
+	insinto /etc/xinetd.d
+	newins "${FILESDIR}"/rsyncd.xinetd-3.0.9-r1 rsyncd
+
+	# Install stunnel helpers
+	if use stunnel ; then
+		emake DESTDIR="${D}" install-ssl-client
+		emake DESTDIR="${D}" install-ssl-daemon
+	fi
+
+	# Install the useful contrib scripts
+	if use examples ; then
+		exeinto /usr/share/rsync
+		doexe support/*
+		rm -f "${ED}"/usr/share/rsync/{Makefile*,*.c}
+	fi
+
+	eprefixify "${ED}"/etc/{,xinetd.d}/rsyncd*
+
+	systemd_dounit "${FILESDIR}/rsyncd.service"
+}
+
+pkg_postinst() {
+	if egrep -qis '^[[:space:]]use chroot[[:space:]]*=[[:space:]]*(no|0|false)' \
+		"${EROOT}"/etc/rsyncd.conf "${EROOT}"/etc/rsync/rsyncd.conf ; then
+		ewarn "You have disabled chroot support in your rsyncd.conf.  This"
+		ewarn "is a security risk which you should fix.  Please check your"
+		ewarn "/etc/rsyncd.conf file and fix the setting 'use chroot'."
+	fi
+	if use stunnel ; then
+		einfo "Please install \">=net-misc/stunnel-4\" in order to use stunnel feature."
+		einfo
+		einfo "You maybe have to update the certificates configured in"
+		einfo "${EROOT}/etc/stunnel/rsync.conf"
+	fi
+}
-- 
cgit v1.2.3