Pullup ticket #5651 - requested by he textproc/icu: security fix Revisions pulled up: - textproc/icu/Makefile 1.111-1.112 - textproc/icu/distinfo 1.66,1.70 - textproc/icu/patches/patch-config_mh-solaris-gcc 1.4 - textproc/icu/patches/patch-i18n_zonemeta.cpp 1.1 --- Module Name: pkgsrc Committed By: jperkin Date: Wed Oct 4 10:52:40 UTC 2017 Modified Files: pkgsrc/textproc/icu: Makefile distinfo pkgsrc/textproc/icu/patches: patch-config_mh-solaris-gcc Log Message: icu: Remove -nodefaultlibs -nostdlib from SunOS linker args. This prevented GCC libraries from being used and thus disabled SSP and other features. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: he Date: Thu Nov 16 09:58:26 UTC 2017 Modified Files: pkgsrc/textproc/icu: Makefile distinfo Added Files: pkgsrc/textproc/icu/patches: patch-i18n_zonemeta.cpp Log Message: Apply a fix for CVE-2017-14952 from http://bugs.icu-project.org/trac/changeset/40324/trunk/icu4c/source/i18n/zonemeta.cpp Bump PKGREVISION.diff -r1.110 -r1.110.4.1 pkgsrc/textproc/icu/Makefile
(bsiegert)
| @@ -1,18 +1,18 @@ | @@ -1,18 +1,18 @@ | |||
| 1 | # $NetBSD: Makefile,v 1.110 2017/09/18 09:53:05 maya Exp $ | 1 | # $NetBSD: Makefile,v 1.110.4.1 2017/11/25 09:05:15 bsiegert Exp $ | |
| 2 | 2 | |||
| 3 | DISTNAME= icu4c-59_1-src | 3 | DISTNAME= icu4c-59_1-src | |
| 4 | PKGNAME= ${DISTNAME:S/4c//:S/-src//:S/_/./g} | 4 | PKGNAME= ${DISTNAME:S/4c//:S/-src//:S/_/./g} | |
| 5 | PKGREVISION= 1 | 5 | PKGREVISION= 3 | |
| 6 | CATEGORIES= textproc | 6 | CATEGORIES= textproc | |
| 7 | MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=icu/} | 7 | MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=icu/} | |
| 8 | EXTRACT_SUFX= .tgz | 8 | EXTRACT_SUFX= .tgz | |
| 9 | 9 | |||
| 10 | MAINTAINER= pkgsrc-users@NetBSD.org | 10 | MAINTAINER= pkgsrc-users@NetBSD.org | |
| 11 | HOMEPAGE= http://www.icu-project.org/ | 11 | HOMEPAGE= http://www.icu-project.org/ | |
| 12 | COMMENT= Robust and full-featured Unicode services | 12 | COMMENT= Robust and full-featured Unicode services | |
| 13 | LICENSE= mit | 13 | LICENSE= mit | |
| 14 | 14 | |||
| 15 | WRKSRC= ${WRKDIR}/icu/source | 15 | WRKSRC= ${WRKDIR}/icu/source | |
| 16 | USE_LANGUAGES= c99 c++ | 16 | USE_LANGUAGES= c99 c++ | |
| 17 | USE_TOOLS+= gmake | 17 | USE_TOOLS+= gmake | |
| 18 | GCC_REQD+= 4.8 | 18 | GCC_REQD+= 4.8 |
| @@ -1,24 +1,25 @@ | @@ -1,24 +1,25 @@ | |||
| 1 | $NetBSD: distinfo,v 1.65 2017/04/25 08:58:44 maya Exp $ | 1 | $NetBSD: distinfo,v 1.65.6.1 2017/11/25 09:05:15 bsiegert Exp $ | |
| 2 | 2 | |||
| 3 | SHA1 (icu4c-59_1-src.tgz) = e86189f53c0a01cecf093a555e1ebbd14abf5b82 | 3 | SHA1 (icu4c-59_1-src.tgz) = e86189f53c0a01cecf093a555e1ebbd14abf5b82 | |
| 4 | RMD160 (icu4c-59_1-src.tgz) = fe4bad598bbe0833b05e4626a1c941ad5e58a809 | 4 | RMD160 (icu4c-59_1-src.tgz) = fe4bad598bbe0833b05e4626a1c941ad5e58a809 | |
| 5 | SHA512 (icu4c-59_1-src.tgz) = 9348aa68d72a74cd1f26588c30c80eee1b48800a26930d7eb0749390fd65f7930ee8843058b6a6dd5f265e79054fef661e807ded16a1ad691cbc5ebc5ab944c4 | 5 | SHA512 (icu4c-59_1-src.tgz) = 9348aa68d72a74cd1f26588c30c80eee1b48800a26930d7eb0749390fd65f7930ee8843058b6a6dd5f265e79054fef661e807ded16a1ad691cbc5ebc5ab944c4 | |
| 6 | Size (icu4c-59_1-src.tgz) = 22706578 bytes | 6 | Size (icu4c-59_1-src.tgz) = 22706578 bytes | |
| 7 | SHA1 (patch-Makefile.in) = 67440d3af9b62b8c0be258c490255ba17f778ab4 | 7 | SHA1 (patch-Makefile.in) = 67440d3af9b62b8c0be258c490255ba17f778ab4 | |
| 8 | SHA1 (patch-acinclude.m4) = f7de1a16aad0ca77c4bbc457ba76b6171199ce09 | 8 | SHA1 (patch-acinclude.m4) = f7de1a16aad0ca77c4bbc457ba76b6171199ce09 | |
| 9 | SHA1 (patch-common_putil.cpp) = 6aa70b8698d663d3c798bafd9010a824c9609c20 | 9 | SHA1 (patch-common_putil.cpp) = 6aa70b8698d663d3c798bafd9010a824c9609c20 | |
| 10 | SHA1 (patch-common_putilimp.h) = a68faa97c2bffeecaca1586e26f5bbe48e71b262 | 10 | SHA1 (patch-common_putilimp.h) = a68faa97c2bffeecaca1586e26f5bbe48e71b262 | |
| 11 | SHA1 (patch-common_umutex.h) = 096d3e15ef7b84533456af4570ed70747a4ef70c | 11 | SHA1 (patch-common_umutex.h) = 096d3e15ef7b84533456af4570ed70747a4ef70c | |
| 12 | SHA1 (patch-common_unicode_platform.h) = 8b7b8bcf6f5185225a1ca516ac212a495f7b47e8 | 12 | SHA1 (patch-common_unicode_platform.h) = 8b7b8bcf6f5185225a1ca516ac212a495f7b47e8 | |
| 13 | SHA1 (patch-common_uposixdefs.h) = 52a6fa2c531068de285d9babb1a98b84c564450e | 13 | SHA1 (patch-common_uposixdefs.h) = 52a6fa2c531068de285d9babb1a98b84c564450e | |
| 14 | SHA1 (patch-config_Makefile.inc.in) = e7cee161315321d2580074054d87714b55319886 | 14 | SHA1 (patch-config_Makefile.inc.in) = e7cee161315321d2580074054d87714b55319886 | |
| 15 | SHA1 (patch-config_icu-config-bottom) = 168b89ee9180d4ae545125866ee91eb004010501 | 15 | SHA1 (patch-config_icu-config-bottom) = 168b89ee9180d4ae545125866ee91eb004010501 | |
| 16 | SHA1 (patch-config_mh-darwin) = 32f0e4c241535e37e4cad9b871ed3d36b4184199 | 16 | SHA1 (patch-config_mh-darwin) = 32f0e4c241535e37e4cad9b871ed3d36b4184199 | |
| 17 | SHA1 (patch-config_mh-scoosr5) = 47703dcc184f58c0382da3225f849424ab74d472 | 17 | SHA1 (patch-config_mh-scoosr5) = 47703dcc184f58c0382da3225f849424ab74d472 | |
| 18 | SHA1 (patch-config_mh-solaris-gcc) = 19f76c27bef22cc3b572e4b67a526d5f1aa077bc | 18 | SHA1 (patch-config_mh-solaris-gcc) = e1097930f577917d3583e425d9d2affa1c3dcaf2 | |
| 19 | SHA1 (patch-configure) = fdeae51f4390779dfd8df8471196e322cbb9ea3d | 19 | SHA1 (patch-configure) = fdeae51f4390779dfd8df8471196e322cbb9ea3d | |
| 20 | SHA1 (patch-configure.ac) = b0291cf02351cbad9b0c7340baea9eb81cabb158 | 20 | SHA1 (patch-configure.ac) = b0291cf02351cbad9b0c7340baea9eb81cabb158 | |
| 21 | SHA1 (patch-i18n_digitlst.cpp) = 2db1a8e28e353ecf201f965d9719d451534865ad | 21 | SHA1 (patch-i18n_digitlst.cpp) = 2db1a8e28e353ecf201f965d9719d451534865ad | |
| 22 | SHA1 (patch-i18n_zonemeta.cpp) = 8a222ef88837c3afdbc7c7e11a94245c97a1f0e5 | |||
| 22 | SHA1 (patch-icudefs.mk.in) = c2a9469bf896b5f0702d5795c3b1c2b394893663 | 23 | SHA1 (patch-icudefs.mk.in) = c2a9469bf896b5f0702d5795c3b1c2b394893663 | |
| 23 | SHA1 (patch-runConfigureICU) = ee780dbe797c7230208f378f73a0bc4d215b1bb2 | 24 | SHA1 (patch-runConfigureICU) = ee780dbe797c7230208f378f73a0bc4d215b1bb2 | |
| 24 | SHA1 (patch-tools-toolutil-pkg_genc.cpp) = 3cbcf3387d6a39315b26a3e2a2ffb715507e9110 | 25 | SHA1 (patch-tools-toolutil-pkg_genc.cpp) = 3cbcf3387d6a39315b26a3e2a2ffb715507e9110 |
| @@ -1,15 +1,24 @@ | @@ -1,15 +1,24 @@ | |||
| 1 | $NetBSD: patch-config_mh-solaris-gcc,v 1.3 2015/10/26 09:28:20 jperkin Exp $ | 1 | $NetBSD: patch-config_mh-solaris-gcc,v 1.3.18.1 2017/11/25 09:05:15 bsiegert Exp $ | |
| 2 | 2 | |||
| 3 | Pass -h correctly to linker for clang. | 3 | Pass -h correctly to linker for clang. | |
| 4 | 4 | |||
| 5 | --- config/mh-solaris-gcc.orig 2015-10-08 03:54:32.000000000 +0000 | 5 | --- config/mh-solaris-gcc.orig 2016-06-15 18:58:17.000000000 +0000 | |
| 6 | +++ config/mh-solaris-gcc | 6 | +++ config/mh-solaris-gcc | |
| 7 | @@ -23,7 +23,7 @@ LD_RPATH= -R'$$'ORIGIN | 7 | @@ -15,7 +15,7 @@ GEN_DEPS.c= $(CC) -E -MM $(DEFS) $(CPPF | |
| 8 | GEN_DEPS.cc= $(CXX) -E -MM $(DEFS) $(CPPFLAGS) $(CXXFLAGS) | |||
| 9 | ||||
| 10 | ## These are the library specific LDFLAGS | |||
| 11 | -LDFLAGSICUDT=-nodefaultlibs -nostdlib | |||
| 12 | +#LDFLAGSICUDT=-nodefaultlibs -nostdlib | |||
| 13 | ||||
| 14 | ## Additional flags when building libraries and with threads | |||
| 15 | THREADSCPPFLAGS = -D_REENTRANT | |||
| 16 | @@ -25,7 +25,7 @@ LD_RPATH= -R'$$'ORIGIN | |||
| 8 | LD_RPATH_PRE= -R | 17 | LD_RPATH_PRE= -R | |
| 9 | 18 | |||
| 10 | ## Compiler switch to embed a library name | 19 | ## Compiler switch to embed a library name | |
| 11 | -LD_SONAME = -h $(notdir $(MIDDLE_SO_TARGET)) | 20 | -LD_SONAME = -h $(notdir $(MIDDLE_SO_TARGET)) | |
| 12 | +LD_SONAME = -Wl,-h,$(notdir $(MIDDLE_SO_TARGET)) | 21 | +LD_SONAME = -Wl,-h,$(notdir $(MIDDLE_SO_TARGET)) | |
| 13 | 22 | |||
| 14 | ## Shared library options | 23 | ## Shared library options | |
| 15 | LD_SOOPTIONS= -Wl,-Bsymbolic | 24 | LD_SOOPTIONS= -Wl,-Bsymbolic |
$NetBSD: patch-i18n_zonemeta.cpp,v 1.1.2.2 2017/11/25 09:05:15 bsiegert Exp $
Fix for CVE-2017-14952 from
http://bugs.icu-project.org/trac/changeset/40324/trunk/icu4c/source/i18n/zonemeta.cpp
--- i18n/zonemeta.cpp.orig 2017-03-14 19:39:30.000000000 +0000
+++ i18n/zonemeta.cpp
@@ -690,7 +690,6 @@ ZoneMeta::createMetazoneMappings(const U
mzMappings = new UVector(deleteOlsonToMetaMappingEntry, NULL, status);
if (U_FAILURE(status)) {
delete mzMappings;
- deleteOlsonToMetaMappingEntry(entry);
uprv_free(entry);
break;
}