Date: Tue, 9 Nov 2010 18:32:57 +0000 (UTC) From: "David E. O'Brien" <obrien@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r215041 - head/contrib/bzip2 Message-ID: <201011091832.oA9IWvCo034092@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: obrien Date: Tue Nov 9 18:32:57 2010 New Revision: 215041 URL: http://svn.freebsd.org/changeset/base/215041 Log: Upgrade to Bzip2 version 1.0.6. Reviewed by: SO (cperciva) Modified: head/contrib/bzip2/CHANGES head/contrib/bzip2/LICENSE head/contrib/bzip2/Makefile head/contrib/bzip2/Makefile-libbz2_so head/contrib/bzip2/README head/contrib/bzip2/README.COMPILATION.PROBLEMS head/contrib/bzip2/blocksort.c head/contrib/bzip2/bzip2.1 head/contrib/bzip2/bzip2.c head/contrib/bzip2/bzip2recover.c head/contrib/bzip2/bzlib.c head/contrib/bzip2/bzlib.h head/contrib/bzip2/bzlib_private.h head/contrib/bzip2/compress.c head/contrib/bzip2/crctable.c head/contrib/bzip2/decompress.c head/contrib/bzip2/huffman.c head/contrib/bzip2/randtable.c head/contrib/bzip2/spewG.c head/contrib/bzip2/unzcrash.c Directory Properties: head/contrib/bzip2/ (props changed) Modified: head/contrib/bzip2/CHANGES ============================================================================== --- head/contrib/bzip2/CHANGES Tue Nov 9 18:28:11 2010 (r215040) +++ head/contrib/bzip2/CHANGES Tue Nov 9 18:32:57 2010 (r215041) @@ -2,8 +2,8 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.5 of 10 December 2007 - Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org> + bzip2/libbzip2 version 1.0.6 of 6 September 2010 + Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org> Please read the WARNING, DISCLAIMER and PATENTS sections in the README file. @@ -317,3 +317,11 @@ Fixes some minor bugs since the last ver ~~~~~~~~~~~~~~~~~ Security fix only. Fixes CERT-FI 20469 as it applies to bzip2. + +1.0.6 (6 Sept 10) +~~~~~~~~~~~~~~~~~ + +* Security fix for CVE-2010-0405. This was reported by Mikolaj + Izdebski. + +* Make the documentation build on Ubuntu 10.04 Modified: head/contrib/bzip2/LICENSE ============================================================================== --- head/contrib/bzip2/LICENSE Tue Nov 9 18:28:11 2010 (r215040) +++ head/contrib/bzip2/LICENSE Tue Nov 9 18:32:57 2010 (r215041) @@ -2,7 +2,7 @@ -------------------------------------------------------------------------- This program, "bzip2", the associated library "libbzip2", and all -documentation, are copyright (C) 1996-2007 Julian R Seward. All +documentation, are copyright (C) 1996-2010 Julian R Seward. All rights reserved. Redistribution and use in source and binary forms, with or without @@ -37,6 +37,6 @@ NEGLIGENCE OR OTHERWISE) ARISING IN ANY SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Julian Seward, jseward@bzip.org -bzip2/libbzip2 version 1.0.5 of 10 December 2007 +bzip2/libbzip2 version 1.0.6 of 6 September 2010 -------------------------------------------------------------------------- Modified: head/contrib/bzip2/Makefile ============================================================================== --- head/contrib/bzip2/Makefile Tue Nov 9 18:28:11 2010 (r215040) +++ head/contrib/bzip2/Makefile Tue Nov 9 18:32:57 2010 (r215041) @@ -2,8 +2,8 @@ # This file is part of bzip2/libbzip2, a program and library for # lossless, block-sorting data compression. # -# bzip2/libbzip2 version 1.0.5 of 10 December 2007 -# Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org> +# bzip2/libbzip2 version 1.0.6 of 6 September 2010 +# Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org> # # Please read the WARNING, DISCLAIMER and PATENTS sections in the # README file. @@ -137,7 +137,7 @@ bzip2recover.o: bzip2recover.c distclean: clean rm -f manual.ps manual.html manual.pdf -DISTNAME=bzip2-1.0.5 +DISTNAME=bzip2-1.0.6 dist: check manual rm -f $(DISTNAME) ln -s -f . $(DISTNAME) Modified: head/contrib/bzip2/Makefile-libbz2_so ============================================================================== --- head/contrib/bzip2/Makefile-libbz2_so Tue Nov 9 18:28:11 2010 (r215040) +++ head/contrib/bzip2/Makefile-libbz2_so Tue Nov 9 18:32:57 2010 (r215041) @@ -1,6 +1,6 @@ # This Makefile builds a shared version of the library, -# libbz2.so.1.0.4, with soname libbz2.so.1.0, +# libbz2.so.1.0.6, with soname libbz2.so.1.0, # at least on x86-Linux (RedHat 7.2), # with gcc-2.96 20000731 (Red Hat Linux 7.1 2.96-98). # Please see the README file for some important info @@ -10,8 +10,8 @@ # This file is part of bzip2/libbzip2, a program and library for # lossless, block-sorting data compression. # -# bzip2/libbzip2 version 1.0.5 of 10 December 2007 -# Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org> +# bzip2/libbzip2 version 1.0.6 of 6 September 2010 +# Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org> # # Please read the WARNING, DISCLAIMER and PATENTS sections in the # README file. @@ -35,13 +35,13 @@ OBJS= blocksort.o \ bzlib.o all: $(OBJS) - $(CC) -shared -Wl,-soname -Wl,libbz2.so.1.0 -o libbz2.so.1.0.4 $(OBJS) - $(CC) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.4 + $(CC) -shared -Wl,-soname -Wl,libbz2.so.1.0 -o libbz2.so.1.0.6 $(OBJS) + $(CC) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.6 rm -f libbz2.so.1.0 - ln -s libbz2.so.1.0.4 libbz2.so.1.0 + ln -s libbz2.so.1.0.6 libbz2.so.1.0 clean: - rm -f $(OBJS) bzip2.o libbz2.so.1.0.4 libbz2.so.1.0 bzip2-shared + rm -f $(OBJS) bzip2.o libbz2.so.1.0.6 libbz2.so.1.0 bzip2-shared blocksort.o: blocksort.c $(CC) $(CFLAGS) -c blocksort.c Modified: head/contrib/bzip2/README ============================================================================== --- head/contrib/bzip2/README Tue Nov 9 18:28:11 2010 (r215040) +++ head/contrib/bzip2/README Tue Nov 9 18:32:57 2010 (r215041) @@ -6,8 +6,8 @@ This version is fully compatible with th This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. -bzip2/libbzip2 version 1.0.5 of 10 December 2007 -Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org> +bzip2/libbzip2 version 1.0.6 of 6 September 2010 +Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org> Please read the WARNING, DISCLAIMER and PATENTS sections in this file. @@ -181,6 +181,10 @@ WHAT'S NEW IN 1.0.5 ? See the CHANGES file. +WHAT'S NEW IN 1.0.6 ? + + See the CHANGES file. + I hope you find bzip2 useful. Feel free to contact me at jseward@bzip.org @@ -208,3 +212,4 @@ Cambridge, UK. 15 February 2005 (bzip2, version 1.0.3) 20 December 2006 (bzip2, version 1.0.4) 10 December 2007 (bzip2, version 1.0.5) + 6 Sept 2010 (bzip2, version 1.0.6) Modified: head/contrib/bzip2/README.COMPILATION.PROBLEMS ============================================================================== --- head/contrib/bzip2/README.COMPILATION.PROBLEMS Tue Nov 9 18:28:11 2010 (r215040) +++ head/contrib/bzip2/README.COMPILATION.PROBLEMS Tue Nov 9 18:32:57 2010 (r215041) @@ -2,8 +2,8 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. -bzip2/libbzip2 version 1.0.5 of 10 December 2007 -Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org> +bzip2/libbzip2 version 1.0.6 of 6 September 2010 +Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org> Please read the WARNING, DISCLAIMER and PATENTS sections in the README file. @@ -12,7 +12,7 @@ This program is released under the terms in the file LICENSE. ------------------------------------------------------------------ -bzip2-1.0.5 should compile without problems on the vast majority of +bzip2-1.0.6 should compile without problems on the vast majority of platforms. Using the supplied Makefile, I've built and tested it myself for x86-linux and amd64-linux. With makefile.msc, Visual C++ 6.0 and nmake, you can build a native Win32 version too. Large file Modified: head/contrib/bzip2/blocksort.c ============================================================================== --- head/contrib/bzip2/blocksort.c Tue Nov 9 18:28:11 2010 (r215040) +++ head/contrib/bzip2/blocksort.c Tue Nov 9 18:32:57 2010 (r215041) @@ -8,8 +8,8 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.5 of 10 December 2007 - Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org> + bzip2/libbzip2 version 1.0.6 of 6 September 2010 + Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org> Please read the WARNING, DISCLAIMER and PATENTS sections in the README file. Modified: head/contrib/bzip2/bzip2.1 ============================================================================== --- head/contrib/bzip2/bzip2.1 Tue Nov 9 18:28:11 2010 (r215040) +++ head/contrib/bzip2/bzip2.1 Tue Nov 9 18:32:57 2010 (r215041) @@ -1,7 +1,7 @@ .PU .TH bzip2 1 .SH NAME -bzip2, bunzip2 \- a block-sorting file compressor, v1.0.4 +bzip2, bunzip2 \- a block-sorting file compressor, v1.0.6 .br bzcat \- decompresses files to stdout .br @@ -405,11 +405,11 @@ I/O error messages are not as helpful as tries hard to detect I/O errors and exit cleanly, but the details of what the problem is sometimes seem rather misleading. -This manual page pertains to version 1.0.4 of +This manual page pertains to version 1.0.6 of .I bzip2. Compressed data created by this version is entirely forwards and backwards compatible with the previous public releases, versions -0.1pl2, 0.9.0, 0.9.5, 1.0.0, 1.0.1, 1.0.2 and 1.0.3, but with the following +0.1pl2, 0.9.0, 0.9.5, 1.0.0, 1.0.1, 1.0.2 and above, but with the following exception: 0.9.0 and above can correctly decompress multiple concatenated compressed files. 0.1pl2 cannot do this; it will stop after decompressing just the first file in the stream. Modified: head/contrib/bzip2/bzip2.c ============================================================================== --- head/contrib/bzip2/bzip2.c Tue Nov 9 18:28:11 2010 (r215040) +++ head/contrib/bzip2/bzip2.c Tue Nov 9 18:32:57 2010 (r215041) @@ -7,8 +7,8 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.5 of 10 December 2007 - Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org> + bzip2/libbzip2 version 1.0.6 of 6 September 2010 + Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org> Please read the WARNING, DISCLAIMER and PATENTS sections in the README file. @@ -1605,11 +1605,11 @@ void license ( void ) "bzip2, a block-sorting file compressor. " "Version %s.\n" " \n" - " Copyright (C) 1996-2007 by Julian Seward.\n" + " Copyright (C) 1996-2010 by Julian Seward.\n" " \n" " This program is free software; you can redistribute it and/or modify\n" " it under the terms set out in the LICENSE file, which is included\n" - " in the bzip2-1.0.5 source distribution.\n" + " in the bzip2-1.0.6 source distribution.\n" " \n" " This program is distributed in the hope that it will be useful,\n" " but WITHOUT ANY WARRANTY; without even the implied warranty of\n" Modified: head/contrib/bzip2/bzip2recover.c ============================================================================== --- head/contrib/bzip2/bzip2recover.c Tue Nov 9 18:28:11 2010 (r215040) +++ head/contrib/bzip2/bzip2recover.c Tue Nov 9 18:32:57 2010 (r215041) @@ -7,8 +7,8 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.5 of 10 December 2007 - Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org> + bzip2/libbzip2 version 1.0.6 of 6 September 2010 + Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org> Please read the WARNING, DISCLAIMER and PATENTS sections in the README file. @@ -313,7 +313,7 @@ Int32 main ( Int32 argc, Char** argv ) inFileName[0] = outFileName[0] = 0; fprintf ( stderr, - "bzip2recover 1.0.5: extracts blocks from damaged .bz2 files.\n" ); + "bzip2recover 1.0.6: extracts blocks from damaged .bz2 files.\n" ); if (argc != 2) { fprintf ( stderr, "%s: usage is `%s damaged_file_name'.\n", Modified: head/contrib/bzip2/bzlib.c ============================================================================== --- head/contrib/bzip2/bzlib.c Tue Nov 9 18:28:11 2010 (r215040) +++ head/contrib/bzip2/bzlib.c Tue Nov 9 18:32:57 2010 (r215041) @@ -8,8 +8,8 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.5 of 10 December 2007 - Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org> + bzip2/libbzip2 version 1.0.6 of 6 September 2010 + Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org> Please read the WARNING, DISCLAIMER and PATENTS sections in the README file. Modified: head/contrib/bzip2/bzlib.h ============================================================================== --- head/contrib/bzip2/bzlib.h Tue Nov 9 18:28:11 2010 (r215040) +++ head/contrib/bzip2/bzlib.h Tue Nov 9 18:32:57 2010 (r215041) @@ -8,8 +8,8 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.5 of 10 December 2007 - Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org> + bzip2/libbzip2 version 1.0.6 of 6 September 2010 + Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org> Please read the WARNING, DISCLAIMER and PATENTS sections in the README file. Modified: head/contrib/bzip2/bzlib_private.h ============================================================================== --- head/contrib/bzip2/bzlib_private.h Tue Nov 9 18:28:11 2010 (r215040) +++ head/contrib/bzip2/bzlib_private.h Tue Nov 9 18:32:57 2010 (r215041) @@ -8,8 +8,8 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.5 of 10 December 2007 - Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org> + bzip2/libbzip2 version 1.0.6 of 6 September 2010 + Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org> Please read the WARNING, DISCLAIMER and PATENTS sections in the README file. @@ -36,7 +36,7 @@ /*-- General stuff. --*/ -#define BZ_VERSION "1.0.5, 10-Dec-2007" +#define BZ_VERSION "1.0.6, 6-Sept-2010" typedef char Char; typedef unsigned char Bool; Modified: head/contrib/bzip2/compress.c ============================================================================== --- head/contrib/bzip2/compress.c Tue Nov 9 18:28:11 2010 (r215040) +++ head/contrib/bzip2/compress.c Tue Nov 9 18:32:57 2010 (r215041) @@ -8,8 +8,8 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.5 of 10 December 2007 - Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org> + bzip2/libbzip2 version 1.0.6 of 6 September 2010 + Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org> Please read the WARNING, DISCLAIMER and PATENTS sections in the README file. Modified: head/contrib/bzip2/crctable.c ============================================================================== --- head/contrib/bzip2/crctable.c Tue Nov 9 18:28:11 2010 (r215040) +++ head/contrib/bzip2/crctable.c Tue Nov 9 18:32:57 2010 (r215041) @@ -8,8 +8,8 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.5 of 10 December 2007 - Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org> + bzip2/libbzip2 version 1.0.6 of 6 September 2010 + Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org> Please read the WARNING, DISCLAIMER and PATENTS sections in the README file. Modified: head/contrib/bzip2/decompress.c ============================================================================== --- head/contrib/bzip2/decompress.c Tue Nov 9 18:28:11 2010 (r215040) +++ head/contrib/bzip2/decompress.c Tue Nov 9 18:32:57 2010 (r215041) @@ -8,8 +8,8 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.5 of 10 December 2007 - Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org> + bzip2/libbzip2 version 1.0.6 of 6 September 2010 + Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org> Please read the WARNING, DISCLAIMER and PATENTS sections in the README file. @@ -492,15 +492,28 @@ Int32 BZ2_decompress ( DState* s ) RETURN(BZ_DATA_ERROR); /*-- Set up cftab to facilitate generation of T^(-1) --*/ + /* Check: unzftab entries in range. */ + for (i = 0; i <= 255; i++) { + if (s->unzftab[i] < 0 || s->unzftab[i] > nblock) + RETURN(BZ_DATA_ERROR); + } + /* Actually generate cftab. */ s->cftab[0] = 0; for (i = 1; i <= 256; i++) s->cftab[i] = s->unzftab[i-1]; for (i = 1; i <= 256; i++) s->cftab[i] += s->cftab[i-1]; + /* Check: cftab entries in range. */ for (i = 0; i <= 256; i++) { if (s->cftab[i] < 0 || s->cftab[i] > nblock) { /* s->cftab[i] can legitimately be == nblock */ RETURN(BZ_DATA_ERROR); } } + /* Check: cftab entries non-descending. */ + for (i = 1; i <= 256; i++) { + if (s->cftab[i-1] > s->cftab[i]) { + RETURN(BZ_DATA_ERROR); + } + } s->state_out_len = 0; s->state_out_ch = 0; Modified: head/contrib/bzip2/huffman.c ============================================================================== --- head/contrib/bzip2/huffman.c Tue Nov 9 18:28:11 2010 (r215040) +++ head/contrib/bzip2/huffman.c Tue Nov 9 18:32:57 2010 (r215041) @@ -8,8 +8,8 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.5 of 10 December 2007 - Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org> + bzip2/libbzip2 version 1.0.6 of 6 September 2010 + Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org> Please read the WARNING, DISCLAIMER and PATENTS sections in the README file. Modified: head/contrib/bzip2/randtable.c ============================================================================== --- head/contrib/bzip2/randtable.c Tue Nov 9 18:28:11 2010 (r215040) +++ head/contrib/bzip2/randtable.c Tue Nov 9 18:32:57 2010 (r215041) @@ -8,8 +8,8 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.5 of 10 December 2007 - Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org> + bzip2/libbzip2 version 1.0.6 of 6 September 2010 + Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org> Please read the WARNING, DISCLAIMER and PATENTS sections in the README file. Modified: head/contrib/bzip2/spewG.c ============================================================================== --- head/contrib/bzip2/spewG.c Tue Nov 9 18:28:11 2010 (r215040) +++ head/contrib/bzip2/spewG.c Tue Nov 9 18:32:57 2010 (r215041) @@ -13,8 +13,8 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.5 of 10 December 2007 - Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org> + bzip2/libbzip2 version 1.0.6 of 6 September 2010 + Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org> Please read the WARNING, DISCLAIMER and PATENTS sections in the README file. Modified: head/contrib/bzip2/unzcrash.c ============================================================================== --- head/contrib/bzip2/unzcrash.c Tue Nov 9 18:28:11 2010 (r215040) +++ head/contrib/bzip2/unzcrash.c Tue Nov 9 18:32:57 2010 (r215041) @@ -17,8 +17,8 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.5 of 10 December 2007 - Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org> + bzip2/libbzip2 version 1.0.6 of 6 September 2010 + Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org> Please read the WARNING, DISCLAIMER and PATENTS sections in the README file.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201011091832.oA9IWvCo034092>