From feeeee241868e39d102f074805b38d6621435f25 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Thu, 2 Feb 2017 16:46:16 +0100 Subject: gnu: gst-plugins-base: Fix build on 32bit. * gnu/packages/patches/gst-plugins-base-fix-test-on-32bit.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/gstreamer.scm (gst-plugins-base)[source]: Use it. --- .../gst-plugins-base-fix-test-on-32bit.patch | 32 ++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 gnu/packages/patches/gst-plugins-base-fix-test-on-32bit.patch (limited to 'gnu/packages/patches') diff --git a/gnu/packages/patches/gst-plugins-base-fix-test-on-32bit.patch b/gnu/packages/patches/gst-plugins-base-fix-test-on-32bit.patch new file mode 100644 index 0000000000..4c6c7ed06e --- /dev/null +++ b/gnu/packages/patches/gst-plugins-base-fix-test-on-32bit.patch @@ -0,0 +1,32 @@ +This fixes a test failure on i686. + +Patch copied from upstream source repository: + +https://cgit.freedesktop.org/gstreamer/gst-plugins-base/commit/?id=5e2e111627871c566ffc6607eda8f4ef4699d040 + +From 5e2e111627871c566ffc6607eda8f4ef4699d040 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= +Date: Thu, 2 Feb 2017 14:56:39 +0200 +Subject: [PATCH] multifdsink: Make sure to use a 64 bit integer for the + units-max property + +--- + tests/check/elements/multifdsink.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/check/elements/multifdsink.c b/tests/check/elements/multifdsink.c +index af138cc92..951b1b9fa 100644 +--- a/tests/check/elements/multifdsink.c ++++ b/tests/check/elements/multifdsink.c +@@ -869,7 +869,7 @@ GST_START_TEST (test_client_kick) + gint i, initial_buffers = 3, num_buffers = 0; + + sink = setup_multifdsink (); +- g_object_set (sink, "units-max", initial_buffers, NULL); ++ g_object_set (sink, "units-max", (gint64) initial_buffers, NULL); + + fail_if (pipe (pfd1) == -1); + fail_if (pipe (pfd2) == -1); +-- +2.11.0 + -- cgit 1.4.1 From b352b57655197d335e4dddcbc837e44a38b646b8 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Fri, 3 Feb 2017 21:53:14 +0200 Subject: gnu: qemu: Patch CVE-2017-{2615, 5578, 5579, 5856}. * gnu/packages/qemu.scm (qemu)[source]: Add patches. * gnu/packages/patches/qemu-CVE-2017-2615, gnu/packages/patches/qemu-CVE-2017-5578, gnu/packages/patches/qemu-CVE-2017-5579, gnu/packages/patches/qemu-CVE-2017-5856: New files. * gnu/local.mk (dist_patch_DATA): Register them. --- gnu/local.mk | 4 ++ gnu/packages/patches/qemu-CVE-2017-2615.patch | 52 ++++++++++++++++++++ gnu/packages/patches/qemu-CVE-2017-5578.patch | 39 +++++++++++++++ gnu/packages/patches/qemu-CVE-2017-5579.patch | 44 +++++++++++++++++ gnu/packages/patches/qemu-CVE-2017-5856.patch | 68 +++++++++++++++++++++++++++ gnu/packages/qemu.scm | 6 ++- 6 files changed, 212 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/qemu-CVE-2017-2615.patch create mode 100644 gnu/packages/patches/qemu-CVE-2017-5578.patch create mode 100644 gnu/packages/patches/qemu-CVE-2017-5579.patch create mode 100644 gnu/packages/patches/qemu-CVE-2017-5856.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index d405fce182..b0f6a9d432 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -860,9 +860,13 @@ dist_patch_DATA = \ %D%/packages/patches/python2-pygobject-2-gi-info-type-error-domain.patch \ %D%/packages/patches/python-pygpgme-fix-pinentry-tests.patch \ %D%/packages/patches/qemu-CVE-2016-10155.patch \ + %D%/packages/patches/qemu-CVE-2017-2615.patch \ %D%/packages/patches/qemu-CVE-2017-5525.patch \ %D%/packages/patches/qemu-CVE-2017-5526.patch \ %D%/packages/patches/qemu-CVE-2017-5552.patch \ + %D%/packages/patches/qemu-CVE-2017-5578.patch \ + %D%/packages/patches/qemu-CVE-2017-5579.patch \ + %D%/packages/patches/qemu-CVE-2017-5856.patch \ %D%/packages/patches/qt4-ldflags.patch \ %D%/packages/patches/quickswitch-fix-dmenu-check.patch \ %D%/packages/patches/rapicorn-isnan.patch \ diff --git a/gnu/packages/patches/qemu-CVE-2017-2615.patch b/gnu/packages/patches/qemu-CVE-2017-2615.patch new file mode 100644 index 0000000000..ede1f8c89d --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2017-2615.patch @@ -0,0 +1,52 @@ +http://git.qemu.org/?p=qemu.git;a=patch;h=62d4c6bd5263bb8413a06c80144fc678df6dfb64 +this patch is from qemu-git. + + +From 62d4c6bd5263bb8413a06c80144fc678df6dfb64 Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Wed, 1 Feb 2017 09:35:01 +0100 +Subject: [PATCH] cirrus: fix oob access issue (CVE-2017-2615) + +When doing bitblt copy in backward mode, we should minus the +blt width first just like the adding in the forward mode. This +can avoid the oob access of the front of vga's vram. + +Signed-off-by: Li Qiang + +{ kraxel: with backward blits (negative pitch) addr is the topmost + address, so check it as-is against vram size ] + +Cc: qemu-stable@nongnu.org +Cc: P J P +Cc: Laszlo Ersek +Cc: Paolo Bonzini +Cc: Wolfgang Bumiller +Fixes: d3532a0db02296e687711b8cdc7791924efccea0 (CVE-2014-8106) +Signed-off-by: Gerd Hoffmann +Message-id: 1485938101-26602-1-git-send-email-kraxel@redhat.com +Reviewed-by: Laszlo Ersek +--- + hw/display/cirrus_vga.c | 7 +++---- + 1 file changed, 3 insertions(+), 4 deletions(-) + +diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c +index 7db6409dc5..16f27e8ac5 100644 +--- a/hw/display/cirrus_vga.c ++++ b/hw/display/cirrus_vga.c +@@ -274,10 +274,9 @@ static bool blit_region_is_unsafe(struct CirrusVGAState *s, + { + if (pitch < 0) { + int64_t min = addr +- + ((int64_t)s->cirrus_blt_height-1) * pitch; +- int32_t max = addr +- + s->cirrus_blt_width; +- if (min < 0 || max > s->vga.vram_size) { ++ + ((int64_t)s->cirrus_blt_height - 1) * pitch ++ - s->cirrus_blt_width; ++ if (min < -1 || addr >= s->vga.vram_size) { + return true; + } + } else { +-- +2.11.0 + diff --git a/gnu/packages/patches/qemu-CVE-2017-5578.patch b/gnu/packages/patches/qemu-CVE-2017-5578.patch new file mode 100644 index 0000000000..05655bcd98 --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2017-5578.patch @@ -0,0 +1,39 @@ +http://git.qemu.org/?p=qemu.git;a=patch;h=204f01b30975923c64006f8067f0937b91eea68b +this patch is from qemu-git. + + +From 204f01b30975923c64006f8067f0937b91eea68b Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Thu, 29 Dec 2016 04:28:41 -0500 +Subject: [PATCH] virtio-gpu: fix memory leak in resource attach backing + +In the resource attach backing function, everytime it will +allocate 'res->iov' thus can leading a memory leak. This +patch avoid this. + +Signed-off-by: Li Qiang +Message-id: 1483003721-65360-1-git-send-email-liq3ea@gmail.com +Signed-off-by: Gerd Hoffmann +--- + hw/display/virtio-gpu.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c +index 6a26258cac..ca88cf478d 100644 +--- a/hw/display/virtio-gpu.c ++++ b/hw/display/virtio-gpu.c +@@ -714,6 +714,11 @@ virtio_gpu_resource_attach_backing(VirtIOGPU *g, + return; + } + ++ if (res->iov) { ++ cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC; ++ return; ++ } ++ + ret = virtio_gpu_create_mapping_iov(&ab, cmd, &res->addrs, &res->iov); + if (ret != 0) { + cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC; +-- +2.11.0 + diff --git a/gnu/packages/patches/qemu-CVE-2017-5579.patch b/gnu/packages/patches/qemu-CVE-2017-5579.patch new file mode 100644 index 0000000000..7630012d54 --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2017-5579.patch @@ -0,0 +1,44 @@ +http://git.qemu.org/?p=qemu.git;a=patch;h=8409dc884a201bf74b30a9d232b6bbdd00cb7e2b +this patch is from qemu-git. + + +From 8409dc884a201bf74b30a9d232b6bbdd00cb7e2b Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Wed, 4 Jan 2017 00:43:16 -0800 +Subject: [PATCH] serial: fix memory leak in serial exit + +The serial_exit_core function doesn't free some resources. +This can lead memory leak when hotplug and unplug. This +patch avoid this. + +Signed-off-by: Li Qiang +Message-Id: <586cb5ab.f31d9d0a.38ac3.acf2@mx.google.com> +Signed-off-by: Paolo Bonzini +--- + hw/char/serial.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/hw/char/serial.c b/hw/char/serial.c +index ffbacd8227..67b18eda12 100644 +--- a/hw/char/serial.c ++++ b/hw/char/serial.c +@@ -906,6 +906,16 @@ void serial_realize_core(SerialState *s, Error **errp) + void serial_exit_core(SerialState *s) + { + qemu_chr_fe_deinit(&s->chr); ++ ++ timer_del(s->modem_status_poll); ++ timer_free(s->modem_status_poll); ++ ++ timer_del(s->fifo_timeout_timer); ++ timer_free(s->fifo_timeout_timer); ++ ++ fifo8_destroy(&s->recv_fifo); ++ fifo8_destroy(&s->xmit_fifo); ++ + qemu_unregister_reset(serial_reset, s); + } + +-- +2.11.0 + diff --git a/gnu/packages/patches/qemu-CVE-2017-5856.patch b/gnu/packages/patches/qemu-CVE-2017-5856.patch new file mode 100644 index 0000000000..bee0824c0a --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2017-5856.patch @@ -0,0 +1,68 @@ +http://git.qemu.org/?p=qemu.git;a=patch;h=765a707000e838c30b18d712fe6cb3dd8e0435f3 +this patch is from qemu-git. + + +From 765a707000e838c30b18d712fe6cb3dd8e0435f3 Mon Sep 17 00:00:00 2001 +From: Paolo Bonzini +Date: Mon, 2 Jan 2017 11:03:33 +0100 +Subject: [PATCH] megasas: fix guest-triggered memory leak + +If the guest sets the sglist size to a value >=2GB, megasas_handle_dcmd +will return MFI_STAT_MEMORY_NOT_AVAILABLE without freeing the memory. +Avoid this by returning only the status from map_dcmd, and loading +cmd->iov_size in the caller. + +Reported-by: Li Qiang +Signed-off-by: Paolo Bonzini +--- + hw/scsi/megasas.c | 11 ++++++----- + 1 files changed, 6 insertions(+), 5 deletions(-) + +diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c +index 67fc1e7..6233865 100644 +--- a/hw/scsi/megasas.c ++++ b/hw/scsi/megasas.c +@@ -683,14 +683,14 @@ static int megasas_map_dcmd(MegasasState *s, MegasasCmd *cmd) + trace_megasas_dcmd_invalid_sge(cmd->index, + cmd->frame->header.sge_count); + cmd->iov_size = 0; +- return -1; ++ return -EINVAL; + } + iov_pa = megasas_sgl_get_addr(cmd, &cmd->frame->dcmd.sgl); + iov_size = megasas_sgl_get_len(cmd, &cmd->frame->dcmd.sgl); + pci_dma_sglist_init(&cmd->qsg, PCI_DEVICE(s), 1); + qemu_sglist_add(&cmd->qsg, iov_pa, iov_size); + cmd->iov_size = iov_size; +- return cmd->iov_size; ++ return 0; + } + + static void megasas_finish_dcmd(MegasasCmd *cmd, uint32_t iov_size) +@@ -1559,19 +1559,20 @@ static const struct dcmd_cmd_tbl_t { + + static int megasas_handle_dcmd(MegasasState *s, MegasasCmd *cmd) + { +- int opcode, len; ++ int opcode; + int retval = 0; ++ size_t len; + const struct dcmd_cmd_tbl_t *cmdptr = dcmd_cmd_tbl; + + opcode = le32_to_cpu(cmd->frame->dcmd.opcode); + trace_megasas_handle_dcmd(cmd->index, opcode); +- len = megasas_map_dcmd(s, cmd); +- if (len < 0) { ++ if (megasas_map_dcmd(s, cmd) < 0) { + return MFI_STAT_MEMORY_NOT_AVAILABLE; + } + while (cmdptr->opcode != -1 && cmdptr->opcode != opcode) { + cmdptr++; + } ++ len = cmd->iov_size; + if (cmdptr->opcode == -1) { + trace_megasas_dcmd_unhandled(cmd->index, opcode, len); + retval = megasas_dcmd_dummy(s, cmd); +-- +1.7.0.4 + diff --git a/gnu/packages/qemu.scm b/gnu/packages/qemu.scm index 1c10ab9aee..b4920cfc25 100644 --- a/gnu/packages/qemu.scm +++ b/gnu/packages/qemu.scm @@ -78,9 +78,13 @@ (base32 "0qjy3rcrn89n42y5iz60kgr0rrl29hpnj8mq2yvbc1wrcizmvzfs")) (patches (search-patches "qemu-CVE-2016-10155.patch" + "qemu-CVE-2017-2615.patch" "qemu-CVE-2017-5525.patch" "qemu-CVE-2017-5526.patch" - "qemu-CVE-2017-5552.patch")))) + "qemu-CVE-2017-5552.patch" + "qemu-CVE-2017-5578.patch" + "qemu-CVE-2017-5579.patch" + "qemu-CVE-2017-5856.patch")))) (build-system gnu-build-system) (arguments '(;; Running tests in parallel can occasionally lead to failures, like: -- cgit 1.4.1 From 1ac675a5831e39968be3c137a4ff448c9f65f48e Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Fri, 3 Feb 2017 22:17:41 +0200 Subject: gnu: p7zip: Fix CVE-2016-9256. * gnu/packages/compression.scm (p7zip)[source]: Add patch. * gnu/packages/patches/p7zip-CVE-2016-9296.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. --- gnu/local.mk | 1 + gnu/packages/compression.scm | 3 ++- gnu/packages/patches/p7zip-CVE-2016-9296.patch | 24 ++++++++++++++++++++++++ 3 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/p7zip-CVE-2016-9296.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index b0f6a9d432..0948321c9c 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -797,6 +797,7 @@ dist_patch_DATA = \ %D%/packages/patches/openssl-c-rehash-in.patch \ %D%/packages/patches/orpheus-cast-errors-and-includes.patch \ %D%/packages/patches/ots-no-include-missing-file.patch \ + %D%/packages/patches/p7zip-CVE-2016-9296.patch \ %D%/packages/patches/p7zip-remove-unused-code.patch \ %D%/packages/patches/patchelf-page-size.patch \ %D%/packages/patches/patchelf-rework-for-arm.patch \ diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm index fbbc32197a..9ef255a42d 100644 --- a/gnu/packages/compression.scm +++ b/gnu/packages/compression.scm @@ -924,7 +924,8 @@ for most inputs, but the resulting compressed files are anywhere from 20% to (delete-file-recursively "CPP/7zip/Archive/Rar") (delete-file-recursively "CPP/7zip/Compress/Rar") #t)) - (patches (search-patches "p7zip-remove-unused-code.patch")))) + (patches (search-patches "p7zip-CVE-2016-9296.patch" + "p7zip-remove-unused-code.patch")))) (build-system gnu-build-system) (arguments `(#:make-flags diff --git a/gnu/packages/patches/p7zip-CVE-2016-9296.patch b/gnu/packages/patches/p7zip-CVE-2016-9296.patch new file mode 100644 index 0000000000..3fa80377ad --- /dev/null +++ b/gnu/packages/patches/p7zip-CVE-2016-9296.patch @@ -0,0 +1,24 @@ +From: Robert Luberda +Date: Sat, 19 Nov 2016 08:48:08 +0100 +Subject: Fix nullptr dereference (CVE-2016-9296) + +Patch taken from https://sourceforge.net/p/p7zip/bugs/185/ +This patch file taken from Debian's patch set for p7zip +--- + CPP/7zip/Archive/7z/7zIn.cpp | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/CPP/7zip/Archive/7z/7zIn.cpp b/CPP/7zip/Archive/7z/7zIn.cpp +index b0c6b98..7c6dde2 100644 +--- a/CPP/7zip/Archive/7z/7zIn.cpp ++++ b/CPP/7zip/Archive/7z/7zIn.cpp +@@ -1097,7 +1097,8 @@ HRESULT CInArchive::ReadAndDecodePackedStreams( + if (CrcCalc(data, unpackSize) != folders.FolderCRCs.Vals[i]) + ThrowIncorrect(); + } +- HeadersSize += folders.PackPositions[folders.NumPackStreams]; ++ if (folders.PackPositions) ++ HeadersSize += folders.PackPositions[folders.NumPackStreams]; + return S_OK; + } + -- cgit 1.4.1 From 206af46fe1cc0627e4846167aa5e7c095b21afe3 Mon Sep 17 00:00:00 2001 From: Ben Woodcroft Date: Thu, 9 Feb 2017 21:13:39 +1000 Subject: gnu: vsearch: Update to 2.4.0. * gnu/packages/bioinformatics.scm (vsearch): Update to 2.4.0. [source]: Convert most operations in the snippet to patch form and adjust for 2.4.0. * gnu/packages/patches/vsearch-unbundle-cityhash.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/packages/bioinformatics.scm | 29 ++------- .../patches/vsearch-unbundle-cityhash.patch | 73 ++++++++++++++++++++++ 2 files changed, 78 insertions(+), 24 deletions(-) create mode 100644 gnu/packages/patches/vsearch-unbundle-cityhash.patch (limited to 'gnu/packages/patches') diff --git a/gnu/packages/bioinformatics.scm b/gnu/packages/bioinformatics.scm index d7089959ea..a448b51c6c 100644 --- a/gnu/packages/bioinformatics.scm +++ b/gnu/packages/bioinformatics.scm @@ -5748,7 +5748,7 @@ track. The database is exposed as a @code{TxDb} object.") (define-public vsearch (package (name "vsearch") - (version "2.3.4") + (version "2.4.0") (source (origin (method url-fetch) @@ -5758,31 +5758,12 @@ track. The database is exposed as a @code{TxDb} object.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "1xyraxmhyx62mxx8z7c8waygvcijwkh48ms1ar60w2cv2y2sn4al")) - (modules '((guix build utils))) + "007q9a50hdw4vs2iajabvbw7qccml4r8cbqzyi5ipkkf42jk3vnr")) + (patches (search-patches "vsearch-unbundle-cityhash.patch")) (snippet '(begin - ;; Remove bundled cityhash and '-mtune=native'. - (substitute* "src/Makefile.am" - (("^AM_CXXFLAGS=-I\\$\\{srcdir\\}/cityhash \ --O3 -mtune=native -Wall -Wsign-compare") - (string-append "AM_CXXFLAGS=-lcityhash" - " -O3 -Wall -Wsign-compare")) - (("^__top_builddir__bin_vsearch_SOURCES = city.h \\\\") - "__top_builddir__bin_vsearch_SOURCES = \\") - (("^city.h \\\\") "\\") - (("^citycrc.h \\\\") "\\") - (("^libcityhash_a.*") "") - (("noinst_LIBRARIES = libcpu_sse2.a libcpu_ssse3.a \ -libcityhash.a") - "noinst_LIBRARIES = libcpu_sse2.a libcpu_ssse3.a") - (("__top_builddir__bin_vsearch_LDADD = libcpu_ssse3.a \ -libcpu_sse2.a libcityhash.a") - "__top_builddir__bin_vsearch_LDADD = libcpu_ssse3.a \ -libcpu_sse2.a -lcityhash")) - (substitute* "src/vsearch.h" - (("^\\#include \"city.h\"") "#include ") - (("^\\#include \"citycrc.h\"") "#include ")) + ;; Remove bundled cityhash sources. The vsearch source is adjusted + ;; for this in the patch. (delete-file "src/city.h") (delete-file "src/citycrc.h") (delete-file "src/city.cc") diff --git a/gnu/packages/patches/vsearch-unbundle-cityhash.patch b/gnu/packages/patches/vsearch-unbundle-cityhash.patch new file mode 100644 index 0000000000..b1ecb1f063 --- /dev/null +++ b/gnu/packages/patches/vsearch-unbundle-cityhash.patch @@ -0,0 +1,73 @@ +diff --git a/src/Makefile.am b/src/Makefile.am +index e56a8a2..4adcc48 100644 +--- a/src/Makefile.am ++++ b/src/Makefile.am +@@ -3,7 +3,7 @@ bin_PROGRAMS = $(top_builddir)/bin/vsearch + if TARGET_PPC + AM_CXXFLAGS=-Wall -Wsign-compare -O3 -g -mcpu=power8 + else +-AM_CXXFLAGS=-Wall -Wsign-compare -O3 -g ++AM_CXXFLAGS=-Wall -Wsign-compare -O3 -g -lcityhash + endif + + AM_CFLAGS=$(AM_CXXFLAGS) +@@ -18,8 +18,6 @@ allpairs.h \ + arch.h \ + bitmap.h \ + chimera.h \ +-city.h \ +-citycrc.h \ + cluster.h \ + cpu.h \ + db.h \ +@@ -59,31 +57,26 @@ xstring.h + + if TARGET_PPC + libcpu_a_SOURCES = cpu.cc $(VSEARCHHEADERS) +-noinst_LIBRARIES = libcpu.a libcityhash.a ++noinst_LIBRARIES = libcpu.a + else + libcpu_sse2_a_SOURCES = cpu.cc $(VSEARCHHEADERS) + libcpu_sse2_a_CXXFLAGS = $(AM_CXXFLAGS) -msse2 + libcpu_ssse3_a_SOURCES = cpu.cc $(VSEARCHHEADERS) + libcpu_ssse3_a_CXXFLAGS = $(AM_CXXFLAGS) -mssse3 -DSSSE3 +-noinst_LIBRARIES = libcpu_sse2.a libcpu_ssse3.a libcityhash.a ++noinst_LIBRARIES = libcpu_sse2.a libcpu_ssse3.a + endif + +-libcityhash_a_SOURCES = city.cc city.h +- + if TARGET_WIN + +-libcityhash_a_CXXFLAGS = -Wall -Wno-sign-compare -O3 -g -D_MSC_VER +-__top_builddir__bin_vsearch_LDFLAGS = -static +-__top_builddir__bin_vsearch_LDADD = libregex.a libcityhash.a libcpu_ssse3.a libcpu_sse2.a ++__top_builddir__bin_vsearch_LDFLAGS = -static -lcityhash ++__top_builddir__bin_vsearch_LDADD = libregex.a libcpu_ssse3.a libcpu_sse2.a + + else + +-libcityhash_a_CXXFLAGS = -Wall -Wno-sign-compare -O3 -g +- + if TARGET_PPC +-__top_builddir__bin_vsearch_LDADD = libcityhash.a libcpu.a ++__top_builddir__bin_vsearch_LDADD = libcpu.a + else +-__top_builddir__bin_vsearch_LDADD = libcityhash.a libcpu_ssse3.a libcpu_sse2.a ++__top_builddir__bin_vsearch_LDADD = libcpu_ssse3.a libcpu_sse2.a + endif + + endif +diff --git a/src/vsearch.h b/src/vsearch.h +index f2c244b..5f51bbe 100644 +--- a/src/vsearch.h ++++ b/src/vsearch.h +@@ -148,7 +148,7 @@ + #include + #endif + +-#include "city.h" ++#include + #include "md5.h" + #include "sha1.h" + -- cgit 1.4.1 From 65064909ed2c30f45048f85cf02771316d6c6cfc Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Thu, 9 Feb 2017 14:58:54 +0100 Subject: gnu: libvpx: Update to 1.6.1. * gnu/packages/video.scm (libvpx): Update to 1.6.1. * gnu/packages/patches/libvpx-CVE-2016-2818.patch: Adjust to indentation changes. --- gnu/packages/patches/libvpx-CVE-2016-2818.patch | 21 +++++++++++---------- gnu/packages/video.scm | 4 ++-- 2 files changed, 13 insertions(+), 12 deletions(-) (limited to 'gnu/packages/patches') diff --git a/gnu/packages/patches/libvpx-CVE-2016-2818.patch b/gnu/packages/patches/libvpx-CVE-2016-2818.patch index 1fdf01cbca..bef3448b81 100644 --- a/gnu/packages/patches/libvpx-CVE-2016-2818.patch +++ b/gnu/packages/patches/libvpx-CVE-2016-2818.patch @@ -9,15 +9,15 @@ Patch contents copied from Mozilla esr45 changeset 312077:7ebfe49f001c --- libvpx-1.5.0/vp8/vp8_cx_iface.c.orig 2015-11-09 17:12:38.000000000 -0500 +++ libvpx-1.5.0/vp8/vp8_cx_iface.c 2016-06-08 08:48:46.037213092 -0400 -@@ -925,11 +925,19 @@ - { - res = image2yuvconfig(img, &sd); +@@ -860,11 +860,20 @@ + if (img != NULL) { + res = image2yuvconfig(img, &sd); -- if (vp8_receive_raw_frame(ctx->cpi, ctx->next_frame_flag | lib_flags, -- &sd, dst_time_stamp, dst_end_time_stamp)) -- { -- VP8_COMP *cpi = (VP8_COMP *)ctx->cpi; -- res = update_error_state(ctx, &cpi->common.error); +- if (vp8_receive_raw_frame(ctx->cpi, ctx->next_frame_flag | lib_flags, &sd, +- dst_time_stamp, dst_end_time_stamp)) { +- VP8_COMP *cpi = (VP8_COMP *)ctx->cpi; +- res = update_error_state(ctx, &cpi->common.error); +- } + if (sd.y_width != ctx->cfg.g_w || sd.y_height != ctx->cfg.g_h) { + /* from vp8_encoder.h for g_w/g_h: + "Note that the frames passed as input to the encoder must have this resolution" @@ -31,6 +31,7 @@ Patch contents copied from Mozilla esr45 changeset 312077:7ebfe49f001c + VP8_COMP *cpi = (VP8_COMP *)ctx->cpi; + res = update_error_state(ctx, &cpi->common.error); + } - } ++ } - /* reset for next frame */ + /* reset for next frame */ + ctx->next_frame_flag = 0; diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm index d6c62c73c3..5c5d91d86c 100644 --- a/gnu/packages/video.scm +++ b/gnu/packages/video.scm @@ -934,7 +934,7 @@ access to mpv's powerful playback capabilities.") (define-public libvpx (package (name "libvpx") - (version "1.6.0") + (version "1.6.1") (source (origin (method url-fetch) (uri (string-append "http://storage.googleapis.com/" @@ -942,7 +942,7 @@ access to mpv's powerful playback capabilities.") name "-" version ".tar.bz2")) (sha256 (base32 - "1basd6dda5di9p7jhc0f4f52wzm9c3hsravqspw6ibpcn5gbpbyh")) + "06d8hqjkfs6wl45qf4pwh1kpbvkx6cwywd5y8d4lgagvjwm0qb0w")) (patches (search-patches "libvpx-CVE-2016-2818.patch")))) (build-system gnu-build-system) (arguments -- cgit 1.4.1 From 1a82ba660e88e731841882523084e5d878267b53 Mon Sep 17 00:00:00 2001 From: Kei Kebreau Date: Thu, 9 Feb 2017 22:27:51 -0500 Subject: gnu: ntfs-3g: Fix CVE-2017-0358. * gnu/packages/linux.scm (ntfs-3g)[source]: Add patch. * gnu/packages/patches/ntfs-3g-CVE-2017-0358.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. --- gnu/local.mk | 3 +- gnu/packages/linux.scm | 1 + gnu/packages/patches/ntfs-3g-CVE-2017-0358.patch | 42 ++++++++++++++++++++++++ 3 files changed, 45 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/ntfs-3g-CVE-2017-0358.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index 63ce3af713..1fc49bbd61 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -4,7 +4,7 @@ # Copyright © 2016 Mathieu Lirzin # Copyright © 2013, 2014, 2015, 2016 Mark H Weaver # Copyright © 2016 Chris Marusich -# Copyright © 2016 Kei Kebreau +# Copyright © 2016, 2017 Kei Kebreau # Copyright © 2016 Rene Saavedra # Copyright © 2016 Adonay "adfeno" Felipe Nogueira # Copyright © 2016, 2017 Ricardo Wurmus @@ -777,6 +777,7 @@ dist_patch_DATA = \ %D%/packages/patches/ninja-zero-mtime.patch \ %D%/packages/patches/node-9077.patch \ %D%/packages/patches/nss-pkgconfig.patch \ + %D%/packages/patches/ntfs-3g-CVE-2017-0358.patch \ %D%/packages/patches/nvi-assume-preserve-path.patch \ %D%/packages/patches/nvi-dbpagesize-binpower.patch \ %D%/packages/patches/nvi-db4.patch \ diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 313d0775cc..541e4b9c1c 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -2908,6 +2908,7 @@ from userspace.") (base32 "180y5y09h30ryf2vim8j30a2npwz1iv9ly5yjmh3wjdkwh2jrdyp")) (modules '((guix build utils))) + (patches (search-patches "ntfs-3g-CVE-2017-0358.patch")) (snippet ;; Install under $prefix. '(substitute* '("src/Makefile.in" "ntfsprogs/Makefile.in") diff --git a/gnu/packages/patches/ntfs-3g-CVE-2017-0358.patch b/gnu/packages/patches/ntfs-3g-CVE-2017-0358.patch new file mode 100644 index 0000000000..6edd676e38 --- /dev/null +++ b/gnu/packages/patches/ntfs-3g-CVE-2017-0358.patch @@ -0,0 +1,42 @@ +Fix CVE-2017-0358: +http://seclists.org/oss-sec/2017/q1/259 +This patch was copied from the above URL. + +diff -ur ntfs-3g.old/src/lowntfs-3g.c ntfs-3g/src/lowntfs-3g.c +--- ntfs-3g.old/src/lowntfs-3g.c 2017-02-09 15:01:04.074331542 -0500 ++++ ntfs-3g/src/lowntfs-3g.c 2017-02-09 15:06:35.757580937 -0500 +@@ -3827,13 +3827,14 @@ + struct stat st; + pid_t pid; + const char *cmd = "/sbin/modprobe"; ++ char *env = (char*)NULL; + struct timespec req = { 0, 100000000 }; /* 100 msec */ + fuse_fstype fstype; + + if (!stat(cmd, &st) && !geteuid()) { + pid = fork(); + if (!pid) { +- execl(cmd, cmd, "fuse", NULL); ++ execle(cmd, cmd, "fuse", NULL, &env); + _exit(1); + } else if (pid != -1) + waitpid(pid, NULL, 0); +diff -ur ntfs-3g.old/src/ntfs-3g.c ntfs-3g/src/ntfs-3g.c +--- ntfs-3g.old/src/ntfs-3g.c 2017-02-09 15:01:04.074331542 -0500 ++++ ntfs-3g/src/ntfs-3g.c 2017-02-09 15:06:26.077252571 -0500 +@@ -3612,13 +3612,14 @@ + struct stat st; + pid_t pid; + const char *cmd = "/sbin/modprobe"; ++ char *env = (char*)NULL; + struct timespec req = { 0, 100000000 }; /* 100 msec */ + fuse_fstype fstype; + + if (!stat(cmd, &st) && !geteuid()) { + pid = fork(); + if (!pid) { +- execl(cmd, cmd, "fuse", NULL); ++ execle(cmd, cmd, "fuse", NULL, &env); + _exit(1); + } else if (pid != -1) + waitpid(pid, NULL, 0); -- cgit 1.4.1