Date: Tue, 10 Dec 2019 14:44:26 +0000 (UTC) From: Jung-uk Kim <jkim@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r519673 - in branches/2019Q4/security: cracklib cracklib/files py-cracklib Message-ID: <201912101444.xBAEiQ7j010901@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jkim Date: Tue Dec 10 14:44:25 2019 New Revision: 519673 URL: https://svnweb.freebsd.org/changeset/ports/519673 Log: MFH: r519629 - Update to 2.9.7. This release fixes CVE-2016-6318. Excerpt from NEWS: * apply patch to fix CVE-2016-6318 Stack-based buffer overflow when parsing large GECOS field * fix a buffer overflow processing long words * historical research and updates to repository tags to correct history, and suggestions for new release process (Neustradamus) - Replace a local patch with an upstream patch. https://github.com/cracklib/cracklib/commit/a1379d0 - Apply a patch from the upstream to fix build. https://github.com/cracklib/cracklib/commit/77082c4 - OPTIONize NLS and add pkg-plist to appease portlint. Approved by: ports-secteam (miwi) Added: branches/2019Q4/security/cracklib/files/patch-util_Makefile.in - copied unchanged from r519629, head/security/cracklib/files/patch-util_Makefile.in branches/2019Q4/security/cracklib/files/patch-util_cracklib-format - copied unchanged from r519629, head/security/cracklib/files/patch-util_cracklib-format branches/2019Q4/security/cracklib/pkg-plist - copied unchanged from r519629, head/security/cracklib/pkg-plist branches/2019Q4/security/py-cracklib/pkg-plist - copied unchanged from r519629, head/security/py-cracklib/pkg-plist Deleted: branches/2019Q4/security/cracklib/files/patch-util__cracklib-format Modified: branches/2019Q4/security/cracklib/Makefile branches/2019Q4/security/cracklib/distinfo branches/2019Q4/security/py-cracklib/Makefile Directory Properties: branches/2019Q4/ (props changed) Modified: branches/2019Q4/security/cracklib/Makefile ============================================================================== --- branches/2019Q4/security/cracklib/Makefile Tue Dec 10 14:34:42 2019 (r519672) +++ branches/2019Q4/security/cracklib/Makefile Tue Dec 10 14:44:25 2019 (r519673) @@ -2,17 +2,15 @@ # $FreeBSD$ PORTNAME= cracklib -PORTVERSION= 2.9.6 +PORTVERSION= 2.9.7 CATEGORIES= security -.if defined(PYTHON_SLAVEPORT) -CATEGORIES+= python -.endif -MASTER_SITES= https://github.com/cracklib/cracklib/releases/download/cracklib-2.9.6/ \ +MASTER_SITES= https://github.com/cracklib/cracklib/releases/download/v${PORTVERSION}/ \ LOCAL/cy +.if !defined(PYTHON_SLAVEPORT) DISTFILES= ${PORTNAME}-${PORTVERSION}${EXTRACT_SUFX} \ - ${PORTNAME}-words-${PORTVERSION}.gz + ${WORDS_DISTFILE} EXTRACT_ONLY= ${PORTNAME}-${PORTVERSION}${EXTRACT_SUFX} -WORDS_DISTFILE= ${PORTNAME}-words-${PORTVERSION}.gz +.endif MAINTAINER= cy@FreeBSD.org COMMENT?= Password-checking library @@ -24,80 +22,16 @@ DICTFILE= ${DICTPATH}/cracklib-words GNU_CONFIGURE= yes CONFIGURE_ARGS= --with-default-dict=${DICTFILE} INSTALL_TARGET= install-strip -USES= gettext libtool -USE_LDCONFIG= yes +USES= libtool tar:bz2 .if defined(PYTHON_SLAVEPORT) +CATEGORIES+= python + USES+= python:2.7 localbase USE_PYTHON= flavors -CONFIGURE_ARGS+=--with-python -PLIST_FILES= %%PYTHON_SITELIBDIR%%/_cracklib.a \ - %%PYTHON_SITELIBDIR%%/_cracklib.so \ - %%PYTHON_SITELIBDIR%%/cracklib.py \ - %%PYTHON_SITELIBDIR%%/cracklib.pyc \ - %%PYTHON_SITELIBDIR%%/cracklib.pyo \ - %%PYTHON_SITELIBDIR%%/test_cracklib.py \ - %%PYTHON_SITELIBDIR%%/test_cracklib.pyc \ - %%PYTHON_SITELIBDIR%%/test_cracklib.pyo -.else -CONFIGURE_ARGS+=--without-python -PLIST_FILES= include/crack.h \ - include/packer.h \ - lib/libcrack.a \ - lib/libcrack.so \ - lib/libcrack.so.2 \ - lib/libcrack.so.2.9.0 \ - libdata/cracklib/cracklib-words.hwm \ - libdata/cracklib/cracklib-words.pwd \ - libdata/cracklib/cracklib-words.pwi \ - man/man3/FascistCheck.3.gz \ - man/man3/cracklib.3.gz \ - sbin/cracklib-check \ - sbin/cracklib-format \ - sbin/cracklib-packer \ - sbin/cracklib-unpacker \ - sbin/create-cracklib-dict \ - %%DATADIR%%/cracklib-small \ - %%DATADIR%%/cracklib.magic \ - share/locale/as/LC_MESSAGES/cracklib.mo \ - share/locale/bn_IN/LC_MESSAGES/cracklib.mo \ - share/locale/cs/LC_MESSAGES/cracklib.mo \ - share/locale/da/LC_MESSAGES/cracklib.mo \ - share/locale/de/LC_MESSAGES/cracklib.mo \ - share/locale/el/LC_MESSAGES/cracklib.mo \ - share/locale/es/LC_MESSAGES/cracklib.mo \ - share/locale/fi/LC_MESSAGES/cracklib.mo \ - share/locale/fr/LC_MESSAGES/cracklib.mo \ - share/locale/gu/LC_MESSAGES/cracklib.mo \ - share/locale/hi/LC_MESSAGES/cracklib.mo \ - share/locale/hu/LC_MESSAGES/cracklib.mo \ - share/locale/it/LC_MESSAGES/cracklib.mo \ - share/locale/ja/LC_MESSAGES/cracklib.mo \ - share/locale/kn/LC_MESSAGES/cracklib.mo \ - share/locale/ko/LC_MESSAGES/cracklib.mo \ - share/locale/lt/LC_MESSAGES/cracklib.mo \ - share/locale/ml/LC_MESSAGES/cracklib.mo \ - share/locale/mr/LC_MESSAGES/cracklib.mo \ - share/locale/nb/LC_MESSAGES/cracklib.mo \ - share/locale/nl/LC_MESSAGES/cracklib.mo \ - share/locale/or/LC_MESSAGES/cracklib.mo \ - share/locale/pa/LC_MESSAGES/cracklib.mo \ - share/locale/pl/LC_MESSAGES/cracklib.mo \ - share/locale/pt/LC_MESSAGES/cracklib.mo \ - share/locale/pt_BR/LC_MESSAGES/cracklib.mo \ - share/locale/ru/LC_MESSAGES/cracklib.mo \ - share/locale/sk/LC_MESSAGES/cracklib.mo \ - share/locale/sl_SI/LC_MESSAGES/cracklib.mo \ - share/locale/ta/LC_MESSAGES/cracklib.mo \ - share/locale/te/LC_MESSAGES/cracklib.mo \ - share/locale/tr/LC_MESSAGES/cracklib.mo \ - share/locale/uk/LC_MESSAGES/cracklib.mo \ - share/locale/zh_CN/LC_MESSAGES/cracklib.mo \ - share/locale/zh_TW/LC_MESSAGES/cracklib.mo -.endif +CONFIGURE_ARGS+=--disable-nls --with-python -.if defined(PYTHON_SLAVEPORT) pre-build: cd ${WRKSRC}/lib && ${MAKE_CMD} libcrack.la @@ -106,6 +40,18 @@ do-test: ${PYTHON_CMD} -c \ "from test_${PORTNAME} import run; run(use_dictpath=\"${DICTFILE:S|^${PREFIX}/|${LOCALBASE}/|}\")") .else +WORDS_DISTFILE= ${PORTNAME}-words-${PORTVERSION}.bz2 + +USE_LDCONFIG= yes + +OPTIONS_DEFINE= NLS +OPTIONS_SUB= NLS + +NLS_CONFIGURE_OFF=--disable-nls +NLS_USES= gettext + +CONFIGURE_ARGS+=--without-python + post-install: ${INSTALL_MAN} ${FILESDIR}/${PORTNAME}.3 ${STAGEDIR}${MAN3PREFIX}/man/man3/ ${LN} -s ${PORTNAME}.3 ${STAGEDIR}${MAN3PREFIX}/man/man3/FascistCheck.3 Modified: branches/2019Q4/security/cracklib/distinfo ============================================================================== --- branches/2019Q4/security/cracklib/distinfo Tue Dec 10 14:34:42 2019 (r519672) +++ branches/2019Q4/security/cracklib/distinfo Tue Dec 10 14:44:25 2019 (r519673) @@ -1,4 +1,5 @@ -SHA256 (cracklib-2.9.6.tar.gz) = 17cf76943de272fd579ed831a1fd85339b393f8d00bf9e0d17c91e972f583343 -SIZE (cracklib-2.9.6.tar.gz) = 642402 -SHA256 (cracklib-words-2.9.6.gz) = 27973245225eeb9d0090e97f3dea4197dec99b64d9d3a791a60298f3b021824c -SIZE (cracklib-words-2.9.6.gz) = 5536645 +TIMESTAMP = 1575594365 +SHA256 (cracklib-2.9.7.tar.bz2) = fe82098509e4d60377b998662facf058dc405864a8947956718857dbb4bc35e6 +SIZE (cracklib-2.9.7.tar.bz2) = 603630 +SHA256 (cracklib-words-2.9.7.bz2) = ec25ac4a474588c58d901715512d8902b276542b27b8dd197e9c2ad373739ec4 +SIZE (cracklib-words-2.9.7.bz2) = 6951761 Copied: branches/2019Q4/security/cracklib/files/patch-util_Makefile.in (from r519629, head/security/cracklib/files/patch-util_Makefile.in) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2019Q4/security/cracklib/files/patch-util_Makefile.in Tue Dec 10 14:44:25 2019 (r519673, copy of r519629, head/security/cracklib/files/patch-util_Makefile.in) @@ -0,0 +1,11 @@ +--- util/Makefile.in.orig 2019-03-03 17:51:38 UTC ++++ util/Makefile.in +@@ -376,7 +376,7 @@ dist_sbin_SCRIPTS = create-cracklib-dict cracklib-form + LDADD = ../lib/libcrack.la + AM_CPPFLAGS = -I. -I.. -I$(top_srcdir)/lib '-DDEFAULT_CRACKLIB_DICT="$(DEFAULT_CRACKLIB_DICT)"' -Wall + cracklib_check_SOURCES = check.c +-cracklib_check_LDADD = $(LDADD) ++cracklib_check_LDADD = $(LDADD) $(LTLIBINTL) + cracklib_packer_SOURCES = packer.c + cracklib_packer_LDADD = $(LDADD) + cracklib_unpacker_SOURCES = unpacker.c Copied: branches/2019Q4/security/cracklib/files/patch-util_cracklib-format (from r519629, head/security/cracklib/files/patch-util_cracklib-format) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2019Q4/security/cracklib/files/patch-util_cracklib-format Tue Dec 10 14:44:25 2019 (r519673, copy of r519629, head/security/cracklib/files/patch-util_cracklib-format) @@ -0,0 +1,11 @@ +--- util/cracklib-format.orig 2019-02-14 01:54:41 UTC ++++ util/cracklib-format +@@ -4,7 +4,7 @@ + # into cracklib-packer + # + gzip -cdf "$@" | +- grep -v '^\(#\|$\)' | ++ grep -a -v '^\(#\|$\)' | + tr '[A-Z]' '[a-z]' | + tr -cd '\012[a-z][0-9]' | + env LC_ALL=C sort -u Copied: branches/2019Q4/security/cracklib/pkg-plist (from r519629, head/security/cracklib/pkg-plist) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2019Q4/security/cracklib/pkg-plist Tue Dec 10 14:44:25 2019 (r519673, copy of r519629, head/security/cracklib/pkg-plist) @@ -0,0 +1,61 @@ +include/crack.h +include/packer.h +lib/libcrack.a +lib/libcrack.so +lib/libcrack.so.2 +lib/libcrack.so.2.9.0 +libdata/cracklib/cracklib-words.hwm +libdata/cracklib/cracklib-words.pwd +libdata/cracklib/cracklib-words.pwi +man/man3/FascistCheck.3.gz +man/man3/cracklib.3.gz +sbin/cracklib-check +sbin/cracklib-format +sbin/cracklib-packer +sbin/cracklib-unpacker +sbin/create-cracklib-dict +%%DATADIR%%/cracklib-small +%%DATADIR%%/cracklib.magic +%%NLS%%share/locale/as/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/be/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/bn_IN/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/ca/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/cs/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/da/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/de/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/el/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/es/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/eu/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/fi/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/fr/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/gu/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/he/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/hi/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/hu/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/id/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/it/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/ja/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/kk/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/kn/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/ko/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/lt/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/ml/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/mr/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/nb/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/nl/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/or/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/pa/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/pl/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/pt/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/pt_BR/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/ru/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/sk/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/sl/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/sq/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/sv/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/ta/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/te/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/tr/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/uk/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/zh_CN/LC_MESSAGES/cracklib.mo +%%NLS%%share/locale/zh_TW/LC_MESSAGES/cracklib.mo Modified: branches/2019Q4/security/py-cracklib/Makefile ============================================================================== --- branches/2019Q4/security/py-cracklib/Makefile Tue Dec 10 14:34:42 2019 (r519672) +++ branches/2019Q4/security/py-cracklib/Makefile Tue Dec 10 14:44:25 2019 (r519673) @@ -9,6 +9,7 @@ LICENSE= LGPL21 LIB_DEPENDS= libcrack.so:security/cracklib MASTERDIR= ${.CURDIR}/../cracklib +PLIST= ${.CURDIR}/pkg-plist BUILD_WRKSRC= ${WRKSRC}/python INSTALL_WRKSRC= ${BUILD_WRKSRC} Copied: branches/2019Q4/security/py-cracklib/pkg-plist (from r519629, head/security/py-cracklib/pkg-plist) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2019Q4/security/py-cracklib/pkg-plist Tue Dec 10 14:44:25 2019 (r519673, copy of r519629, head/security/py-cracklib/pkg-plist) @@ -0,0 +1,8 @@ +%%PYTHON_SITELIBDIR%%/_cracklib.a +%%PYTHON_SITELIBDIR%%/_cracklib.so +%%PYTHON_SITELIBDIR%%/cracklib.py +%%PYTHON_SITELIBDIR%%/cracklib.pyc +%%PYTHON_SITELIBDIR%%/cracklib.pyo +%%PYTHON_SITELIBDIR%%/test_cracklib.py +%%PYTHON_SITELIBDIR%%/test_cracklib.pyc +%%PYTHON_SITELIBDIR%%/test_cracklib.pyo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201912101444.xBAEiQ7j010901>