pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/archivers/bzip2 Update to 1.0.5
details: https://anonhg.NetBSD.org/pkgsrc/rev/31aa7341e9e3
branches: trunk
changeset: 540095:31aa7341e9e3
user: adrianp <adrianp%pkgsrc.org@localhost>
date: Wed Mar 26 19:06:06 2008 +0000
description:
Update to 1.0.5
The only change is to address the vulnerability detailed in CERT/CC: VU#813451
OK'ed joerg@
diffstat:
archivers/bzip2/Makefile | 6 +++---
archivers/bzip2/files/CHANGES | 9 +++++++--
archivers/bzip2/files/LICENSE | 7 +++----
archivers/bzip2/files/README | 9 +++++++--
archivers/bzip2/files/blocksort.c | 4 ++--
archivers/bzip2/files/bzip2.1 | 4 ++--
archivers/bzip2/files/bzip2.c | 8 ++++----
archivers/bzip2/files/bzip2recover.c | 6 +++---
archivers/bzip2/files/bzlib.c | 7 ++++---
archivers/bzip2/files/bzlib.h | 4 ++--
archivers/bzip2/files/bzlib_private.h | 16 +++++++++++-----
archivers/bzip2/files/compress.c | 4 ++--
archivers/bzip2/files/crctable.c | 4 ++--
archivers/bzip2/files/decompress.c | 4 ++--
archivers/bzip2/files/huffman.c | 4 ++--
archivers/bzip2/files/randtable.c | 4 ++--
16 files changed, 58 insertions(+), 42 deletions(-)
diffs (truncated from 345 to 300 lines):
diff -r d028c9f135f2 -r 31aa7341e9e3 archivers/bzip2/Makefile
--- a/archivers/bzip2/Makefile Wed Mar 26 16:23:33 2008 +0000
+++ b/archivers/bzip2/Makefile Wed Mar 26 19:06:06 2008 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.46 2008/02/12 11:25:35 tnn Exp $
+# $NetBSD: Makefile,v 1.47 2008/03/26 19:06:06 adrianp Exp $
#
-DISTNAME= bzip2-1.0.4
+DISTNAME= bzip2-1.0.5
CATEGORIES= archivers
-MASTER_SITES= http://www.bzip.org/1.0.4/
+MASTER_SITES= http://www.bzip.org/1.0.5/
MAINTAINER= joerg%NetBSD.org@localhost
HOMEPAGE= http://www.bzip.org/
diff -r d028c9f135f2 -r 31aa7341e9e3 archivers/bzip2/files/CHANGES
--- a/archivers/bzip2/files/CHANGES Wed Mar 26 16:23:33 2008 +0000
+++ b/archivers/bzip2/files/CHANGES Wed Mar 26 19:06:06 2008 +0000
@@ -2,8 +2,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward%bzip.org@localhost>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward%bzip.org@localhost>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
@@ -312,3 +312,8 @@
* Fix minor doc/comment bugs.
+
+1.0.5 (10 Dec 07)
+~~~~~~~~~~~~~~~~~
+Security fix only. Fixes CERT-FI 20469 as it applies to bzip2.
+
diff -r d028c9f135f2 -r 31aa7341e9e3 archivers/bzip2/files/LICENSE
--- a/archivers/bzip2/files/LICENSE Wed Mar 26 16:23:33 2008 +0000
+++ b/archivers/bzip2/files/LICENSE Wed Mar 26 19:06:06 2008 +0000
@@ -2,7 +2,7 @@
--------------------------------------------------------------------------
This program, "bzip2", the associated library "libbzip2", and all
-documentation, are copyright (C) 1996-2006 Julian R Seward. All
+documentation, are copyright (C) 1996-2007 Julian R Seward. All
rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -36,8 +36,7 @@
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-Julian Seward, Cambridge, UK.
-jseward%bzip.org@localhost
-bzip2/libbzip2 version 1.0.4 of 20 December 2006
+Julian Seward, jseward%bzip.org@localhost
+bzip2/libbzip2 version 1.0.5 of 10 December 2007
--------------------------------------------------------------------------
diff -r d028c9f135f2 -r 31aa7341e9e3 archivers/bzip2/files/README
--- a/archivers/bzip2/files/README Wed Mar 26 16:23:33 2008 +0000
+++ b/archivers/bzip2/files/README Wed Mar 26 19:06:06 2008 +0000
@@ -6,8 +6,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
-bzip2/libbzip2 version 1.0.4 of 20 December 2006
-Copyright (C) 1996-2006 Julian Seward <jseward%bzip.org@localhost>
+bzip2/libbzip2 version 1.0.5 of 10 December 2007
+Copyright (C) 1996-2007 Julian Seward <jseward%bzip.org@localhost>
Please read the WARNING, DISCLAIMER and PATENTS sections in this file.
@@ -177,6 +177,10 @@
See the CHANGES file.
+WHAT'S NEW IN 1.0.5 ?
+
+ See the CHANGES file.
+
I hope you find bzip2 useful. Feel free to contact me at
jseward%bzip.org@localhost
@@ -203,3 +207,4 @@
30 December 2001 (bzip2, version 1.0.2pre1)
15 February 2005 (bzip2, version 1.0.3)
20 December 2006 (bzip2, version 1.0.4)
+10 December 2007 (bzip2, version 1.0.5)
diff -r d028c9f135f2 -r 31aa7341e9e3 archivers/bzip2/files/blocksort.c
--- a/archivers/bzip2/files/blocksort.c Wed Mar 26 16:23:33 2008 +0000
+++ b/archivers/bzip2/files/blocksort.c Wed Mar 26 19:06:06 2008 +0000
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward%bzip.org@localhost>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward%bzip.org@localhost>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
diff -r d028c9f135f2 -r 31aa7341e9e3 archivers/bzip2/files/bzip2.1
--- a/archivers/bzip2/files/bzip2.1 Wed Mar 26 16:23:33 2008 +0000
+++ b/archivers/bzip2/files/bzip2.1 Wed Mar 26 19:06:06 2008 +0000
@@ -1,7 +1,7 @@
.PU
.TH bzip2 1
.SH NAME
-bzip2, bunzip2 \- a block-sorting file compressor, v1.0.4
+bzip2, bunzip2 \- a block-sorting file compressor, v1.0.5
.br
bzcat \- decompresses files to stdout
.br
@@ -405,7 +405,7 @@
tries hard to detect I/O errors and exit cleanly, but the details of
what the problem is sometimes seem rather misleading.
-This manual page pertains to version 1.0.4 of
+This manual page pertains to version 1.0.5 of
.I bzip2.
Compressed data created by this version is entirely forwards and
backwards compatible with the previous public releases, versions
diff -r d028c9f135f2 -r 31aa7341e9e3 archivers/bzip2/files/bzip2.c
--- a/archivers/bzip2/files/bzip2.c Wed Mar 26 16:23:33 2008 +0000
+++ b/archivers/bzip2/files/bzip2.c Wed Mar 26 19:06:06 2008 +0000
@@ -7,8 +7,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward%bzip.org@localhost>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward%bzip.org@localhost>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
@@ -1605,11 +1605,11 @@
"bzip2, a block-sorting file compressor. "
"Version %s.\n"
" \n"
- " Copyright (C) 1996-2006 by Julian Seward.\n"
+ " Copyright (C) 1996-2007 by Julian Seward.\n"
" \n"
" This program is free software; you can redistribute it and/or modify\n"
" it under the terms set out in the LICENSE file, which is included\n"
- " in the bzip2-1.0.4 source distribution.\n"
+ " in the bzip2-1.0.5 source distribution.\n"
" \n"
" This program is distributed in the hope that it will be useful,\n"
" but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
diff -r d028c9f135f2 -r 31aa7341e9e3 archivers/bzip2/files/bzip2recover.c
--- a/archivers/bzip2/files/bzip2recover.c Wed Mar 26 16:23:33 2008 +0000
+++ b/archivers/bzip2/files/bzip2recover.c Wed Mar 26 19:06:06 2008 +0000
@@ -7,8 +7,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward%bzip.org@localhost>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward%bzip.org@localhost>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
@@ -313,7 +313,7 @@
inFileName[0] = outFileName[0] = 0;
fprintf ( stderr,
- "bzip2recover 1.0.4: extracts blocks from damaged .bz2 files.\n" );
+ "bzip2recover 1.0.5: extracts blocks from damaged .bz2 files.\n" );
if (argc != 2) {
fprintf ( stderr, "%s: usage is `%s damaged_file_name'.\n",
diff -r d028c9f135f2 -r 31aa7341e9e3 archivers/bzip2/files/bzlib.c
--- a/archivers/bzip2/files/bzlib.c Wed Mar 26 16:23:33 2008 +0000
+++ b/archivers/bzip2/files/bzlib.c Wed Mar 26 19:06:06 2008 +0000
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward%bzip.org@localhost>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward%bzip.org@localhost>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
@@ -48,7 +48,7 @@
"component, you should also report this bug to the author(s)\n"
"of that program. Please make an effort to report this bug;\n"
"timely and accurate bug reports eventually lead to higher\n"
- "quality software. Thanks. Julian Seward, 15 February 2005.\n\n",
+ "quality software. Thanks. Julian Seward, 10 December 2007.\n\n",
errcode,
BZ2_bzlibVersion()
);
@@ -598,6 +598,7 @@
UInt32 c_tPos = s->tPos;
char* cs_next_out = s->strm->next_out;
unsigned int cs_avail_out = s->strm->avail_out;
+ Int32 ro_blockSize100k = s->blockSize100k;
/* end restore */
UInt32 avail_out_INIT = cs_avail_out;
diff -r d028c9f135f2 -r 31aa7341e9e3 archivers/bzip2/files/bzlib.h
--- a/archivers/bzip2/files/bzlib.h Wed Mar 26 16:23:33 2008 +0000
+++ b/archivers/bzip2/files/bzlib.h Wed Mar 26 19:06:06 2008 +0000
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward%bzip.org@localhost>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward%bzip.org@localhost>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
diff -r d028c9f135f2 -r 31aa7341e9e3 archivers/bzip2/files/bzlib_private.h
--- a/archivers/bzip2/files/bzlib_private.h Wed Mar 26 16:23:33 2008 +0000
+++ b/archivers/bzip2/files/bzlib_private.h Wed Mar 26 19:06:06 2008 +0000
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward%bzip.org@localhost>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward%bzip.org@localhost>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
@@ -36,7 +36,7 @@
/*-- General stuff. --*/
-#define BZ_VERSION "1.0.4, 20-Dec-2006"
+#define BZ_VERSION "1.0.5, 10-Dec-2007"
typedef char Char;
typedef unsigned char Bool;
@@ -442,11 +442,15 @@
/*-- Macros for decompression. --*/
#define BZ_GET_FAST(cccc) \
+ /* c_tPos is unsigned, hence test < 0 is pointless. */ \
+ if (s->tPos >= (UInt32)100000 * (UInt32)s->blockSize100k) return True; \
s->tPos = s->tt[s->tPos]; \
cccc = (UChar)(s->tPos & 0xff); \
s->tPos >>= 8;
#define BZ_GET_FAST_C(cccc) \
+ /* c_tPos is unsigned, hence test < 0 is pointless. */ \
+ if (c_tPos >= (UInt32)100000 * (UInt32)ro_blockSize100k) return True; \
c_tPos = c_tt[c_tPos]; \
cccc = (UChar)(c_tPos & 0xff); \
c_tPos >>= 8;
@@ -469,8 +473,10 @@
(((UInt32)s->ll16[i]) | (GET_LL4(i) << 16))
#define BZ_GET_SMALL(cccc) \
- cccc = BZ2_indexIntoF ( s->tPos, s->cftab ); \
- s->tPos = GET_LL(s->tPos);
+ /* c_tPos is unsigned, hence test < 0 is pointless. */ \
+ if (s->tPos >= (UInt32)100000 * (UInt32)s->blockSize100k) return True; \
+ cccc = BZ2_indexIntoF ( s->tPos, s->cftab ); \
+ s->tPos = GET_LL(s->tPos);
/*-- externs for decompression. --*/
diff -r d028c9f135f2 -r 31aa7341e9e3 archivers/bzip2/files/compress.c
--- a/archivers/bzip2/files/compress.c Wed Mar 26 16:23:33 2008 +0000
+++ b/archivers/bzip2/files/compress.c Wed Mar 26 19:06:06 2008 +0000
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward%bzip.org@localhost>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward%bzip.org@localhost>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
diff -r d028c9f135f2 -r 31aa7341e9e3 archivers/bzip2/files/crctable.c
--- a/archivers/bzip2/files/crctable.c Wed Mar 26 16:23:33 2008 +0000
+++ b/archivers/bzip2/files/crctable.c Wed Mar 26 19:06:06 2008 +0000
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward%bzip.org@localhost>
+ bzip2/libbzip2 version 1.0.5 of 10 December 2007
+ Copyright (C) 1996-2007 Julian Seward <jseward%bzip.org@localhost>
Home |
Main Index |
Thread Index |
Old Index