Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 10 Dec 2019 14:44:26 +0000 (UTC)
From:      Jung-uk Kim <jkim@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org
Subject:   svn commit: r519673 - in branches/2019Q4/security: cracklib cracklib/files py-cracklib
Message-ID:  <201912101444.xBAEiQ7j010901@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: jkim
Date: Tue Dec 10 14:44:25 2019
New Revision: 519673
URL: https://svnweb.freebsd.org/changeset/ports/519673

Log:
  MFH:	r519629
  
  - Update to 2.9.7.  This release fixes CVE-2016-6318.  Excerpt from NEWS:
  
   * apply patch to fix CVE-2016-6318 Stack-based buffer overflow when
  parsing large GECOS field
   * fix a buffer overflow processing long words
   * historical research and updates to repository tags to correct history,
  and suggestions for new release process (Neustradamus)
  
  - Replace a local patch with an upstream patch.
  
  https://github.com/cracklib/cracklib/commit/a1379d0
  
  - Apply a patch from the upstream to fix build.
  
  https://github.com/cracklib/cracklib/commit/77082c4
  
  - OPTIONize NLS and add pkg-plist to appease portlint.
  
  Approved by:	ports-secteam (miwi)

Added:
  branches/2019Q4/security/cracklib/files/patch-util_Makefile.in
     - copied unchanged from r519629, head/security/cracklib/files/patch-util_Makefile.in
  branches/2019Q4/security/cracklib/files/patch-util_cracklib-format
     - copied unchanged from r519629, head/security/cracklib/files/patch-util_cracklib-format
  branches/2019Q4/security/cracklib/pkg-plist
     - copied unchanged from r519629, head/security/cracklib/pkg-plist
  branches/2019Q4/security/py-cracklib/pkg-plist
     - copied unchanged from r519629, head/security/py-cracklib/pkg-plist
Deleted:
  branches/2019Q4/security/cracklib/files/patch-util__cracklib-format
Modified:
  branches/2019Q4/security/cracklib/Makefile
  branches/2019Q4/security/cracklib/distinfo
  branches/2019Q4/security/py-cracklib/Makefile
Directory Properties:
  branches/2019Q4/   (props changed)

Modified: branches/2019Q4/security/cracklib/Makefile
==============================================================================
--- branches/2019Q4/security/cracklib/Makefile	Tue Dec 10 14:34:42 2019	(r519672)
+++ branches/2019Q4/security/cracklib/Makefile	Tue Dec 10 14:44:25 2019	(r519673)
@@ -2,17 +2,15 @@
 # $FreeBSD$
 
 PORTNAME=	cracklib
-PORTVERSION=	2.9.6
+PORTVERSION=	2.9.7
 CATEGORIES=	security
-.if defined(PYTHON_SLAVEPORT)
-CATEGORIES+=	python
-.endif
-MASTER_SITES=	https://github.com/cracklib/cracklib/releases/download/cracklib-2.9.6/ \
+MASTER_SITES=	https://github.com/cracklib/cracklib/releases/download/v${PORTVERSION}/ \
 		LOCAL/cy
+.if !defined(PYTHON_SLAVEPORT)
 DISTFILES=	${PORTNAME}-${PORTVERSION}${EXTRACT_SUFX} \
-		${PORTNAME}-words-${PORTVERSION}.gz
+		${WORDS_DISTFILE}
 EXTRACT_ONLY=	${PORTNAME}-${PORTVERSION}${EXTRACT_SUFX}
-WORDS_DISTFILE=	${PORTNAME}-words-${PORTVERSION}.gz
+.endif
 
 MAINTAINER=	cy@FreeBSD.org
 COMMENT?=	Password-checking library
@@ -24,80 +22,16 @@ DICTFILE=	${DICTPATH}/cracklib-words
 GNU_CONFIGURE=	yes
 CONFIGURE_ARGS=	--with-default-dict=${DICTFILE}
 INSTALL_TARGET=	install-strip
-USES=		gettext libtool
-USE_LDCONFIG=	yes
+USES=		libtool tar:bz2
 
 .if defined(PYTHON_SLAVEPORT)
+CATEGORIES+=	python
+
 USES+=		python:2.7 localbase
 USE_PYTHON=	flavors
-CONFIGURE_ARGS+=--with-python
-PLIST_FILES=	%%PYTHON_SITELIBDIR%%/_cracklib.a \
-		%%PYTHON_SITELIBDIR%%/_cracklib.so \
-		%%PYTHON_SITELIBDIR%%/cracklib.py \
-		%%PYTHON_SITELIBDIR%%/cracklib.pyc \
-		%%PYTHON_SITELIBDIR%%/cracklib.pyo \
-		%%PYTHON_SITELIBDIR%%/test_cracklib.py \
-		%%PYTHON_SITELIBDIR%%/test_cracklib.pyc \
-		%%PYTHON_SITELIBDIR%%/test_cracklib.pyo
-.else
-CONFIGURE_ARGS+=--without-python
 
-PLIST_FILES=	include/crack.h \
-		include/packer.h \
-		lib/libcrack.a \
-		lib/libcrack.so \
-		lib/libcrack.so.2 \
-		lib/libcrack.so.2.9.0 \
-		libdata/cracklib/cracklib-words.hwm \
-		libdata/cracklib/cracklib-words.pwd \
-		libdata/cracklib/cracklib-words.pwi \
-		man/man3/FascistCheck.3.gz \
-		man/man3/cracklib.3.gz \
-		sbin/cracklib-check \
-		sbin/cracklib-format \
-		sbin/cracklib-packer \
-		sbin/cracklib-unpacker \
-		sbin/create-cracklib-dict \
-		%%DATADIR%%/cracklib-small \
-		%%DATADIR%%/cracklib.magic \
-		share/locale/as/LC_MESSAGES/cracklib.mo \
-		share/locale/bn_IN/LC_MESSAGES/cracklib.mo \
-		share/locale/cs/LC_MESSAGES/cracklib.mo \
-		share/locale/da/LC_MESSAGES/cracklib.mo \
-		share/locale/de/LC_MESSAGES/cracklib.mo \
-		share/locale/el/LC_MESSAGES/cracklib.mo \
-		share/locale/es/LC_MESSAGES/cracklib.mo \
-		share/locale/fi/LC_MESSAGES/cracklib.mo \
-		share/locale/fr/LC_MESSAGES/cracklib.mo \
-		share/locale/gu/LC_MESSAGES/cracklib.mo \
-		share/locale/hi/LC_MESSAGES/cracklib.mo \
-		share/locale/hu/LC_MESSAGES/cracklib.mo \
-		share/locale/it/LC_MESSAGES/cracklib.mo \
-		share/locale/ja/LC_MESSAGES/cracklib.mo \
-		share/locale/kn/LC_MESSAGES/cracklib.mo \
-		share/locale/ko/LC_MESSAGES/cracklib.mo \
-		share/locale/lt/LC_MESSAGES/cracklib.mo \
-		share/locale/ml/LC_MESSAGES/cracklib.mo \
-		share/locale/mr/LC_MESSAGES/cracklib.mo \
-		share/locale/nb/LC_MESSAGES/cracklib.mo \
-		share/locale/nl/LC_MESSAGES/cracklib.mo \
-		share/locale/or/LC_MESSAGES/cracklib.mo \
-		share/locale/pa/LC_MESSAGES/cracklib.mo \
-		share/locale/pl/LC_MESSAGES/cracklib.mo \
-		share/locale/pt/LC_MESSAGES/cracklib.mo \
-		share/locale/pt_BR/LC_MESSAGES/cracklib.mo \
-		share/locale/ru/LC_MESSAGES/cracklib.mo \
-		share/locale/sk/LC_MESSAGES/cracklib.mo \
-		share/locale/sl_SI/LC_MESSAGES/cracklib.mo \
-		share/locale/ta/LC_MESSAGES/cracklib.mo \
-		share/locale/te/LC_MESSAGES/cracklib.mo \
-		share/locale/tr/LC_MESSAGES/cracklib.mo \
-		share/locale/uk/LC_MESSAGES/cracklib.mo \
-		share/locale/zh_CN/LC_MESSAGES/cracklib.mo \
-		share/locale/zh_TW/LC_MESSAGES/cracklib.mo
-.endif
+CONFIGURE_ARGS+=--disable-nls --with-python
 
-.if defined(PYTHON_SLAVEPORT)
 pre-build:
 	cd ${WRKSRC}/lib && ${MAKE_CMD} libcrack.la
 
@@ -106,6 +40,18 @@ do-test:
 		${PYTHON_CMD} -c \
 		"from test_${PORTNAME} import run; run(use_dictpath=\"${DICTFILE:S|^${PREFIX}/|${LOCALBASE}/|}\")")
 .else
+WORDS_DISTFILE=	${PORTNAME}-words-${PORTVERSION}.bz2
+
+USE_LDCONFIG=	yes
+
+OPTIONS_DEFINE=	NLS
+OPTIONS_SUB=	NLS
+
+NLS_CONFIGURE_OFF=--disable-nls
+NLS_USES=	gettext
+
+CONFIGURE_ARGS+=--without-python
+
 post-install:
 	${INSTALL_MAN} ${FILESDIR}/${PORTNAME}.3 ${STAGEDIR}${MAN3PREFIX}/man/man3/
 	${LN} -s ${PORTNAME}.3 ${STAGEDIR}${MAN3PREFIX}/man/man3/FascistCheck.3

Modified: branches/2019Q4/security/cracklib/distinfo
==============================================================================
--- branches/2019Q4/security/cracklib/distinfo	Tue Dec 10 14:34:42 2019	(r519672)
+++ branches/2019Q4/security/cracklib/distinfo	Tue Dec 10 14:44:25 2019	(r519673)
@@ -1,4 +1,5 @@
-SHA256 (cracklib-2.9.6.tar.gz) = 17cf76943de272fd579ed831a1fd85339b393f8d00bf9e0d17c91e972f583343
-SIZE (cracklib-2.9.6.tar.gz) = 642402
-SHA256 (cracklib-words-2.9.6.gz) = 27973245225eeb9d0090e97f3dea4197dec99b64d9d3a791a60298f3b021824c
-SIZE (cracklib-words-2.9.6.gz) = 5536645
+TIMESTAMP = 1575594365
+SHA256 (cracklib-2.9.7.tar.bz2) = fe82098509e4d60377b998662facf058dc405864a8947956718857dbb4bc35e6
+SIZE (cracklib-2.9.7.tar.bz2) = 603630
+SHA256 (cracklib-words-2.9.7.bz2) = ec25ac4a474588c58d901715512d8902b276542b27b8dd197e9c2ad373739ec4
+SIZE (cracklib-words-2.9.7.bz2) = 6951761

Copied: branches/2019Q4/security/cracklib/files/patch-util_Makefile.in (from r519629, head/security/cracklib/files/patch-util_Makefile.in)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2019Q4/security/cracklib/files/patch-util_Makefile.in	Tue Dec 10 14:44:25 2019	(r519673, copy of r519629, head/security/cracklib/files/patch-util_Makefile.in)
@@ -0,0 +1,11 @@
+--- util/Makefile.in.orig	2019-03-03 17:51:38 UTC
++++ util/Makefile.in
+@@ -376,7 +376,7 @@ dist_sbin_SCRIPTS = create-cracklib-dict cracklib-form
+ LDADD = ../lib/libcrack.la
+ AM_CPPFLAGS = -I. -I.. -I$(top_srcdir)/lib '-DDEFAULT_CRACKLIB_DICT="$(DEFAULT_CRACKLIB_DICT)"' -Wall
+ cracklib_check_SOURCES = check.c
+-cracklib_check_LDADD = $(LDADD)
++cracklib_check_LDADD = $(LDADD) $(LTLIBINTL)
+ cracklib_packer_SOURCES = packer.c
+ cracklib_packer_LDADD = $(LDADD)
+ cracklib_unpacker_SOURCES = unpacker.c

Copied: branches/2019Q4/security/cracklib/files/patch-util_cracklib-format (from r519629, head/security/cracklib/files/patch-util_cracklib-format)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2019Q4/security/cracklib/files/patch-util_cracklib-format	Tue Dec 10 14:44:25 2019	(r519673, copy of r519629, head/security/cracklib/files/patch-util_cracklib-format)
@@ -0,0 +1,11 @@
+--- util/cracklib-format.orig	2019-02-14 01:54:41 UTC
++++ util/cracklib-format
+@@ -4,7 +4,7 @@
+ # into cracklib-packer
+ #
+ gzip -cdf "$@" |
+-    grep -v '^\(#\|$\)' |
++    grep -a -v '^\(#\|$\)' |
+     tr '[A-Z]' '[a-z]' |
+     tr -cd '\012[a-z][0-9]' |
+     env LC_ALL=C sort -u

Copied: branches/2019Q4/security/cracklib/pkg-plist (from r519629, head/security/cracklib/pkg-plist)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2019Q4/security/cracklib/pkg-plist	Tue Dec 10 14:44:25 2019	(r519673, copy of r519629, head/security/cracklib/pkg-plist)
@@ -0,0 +1,61 @@
+include/crack.h
+include/packer.h
+lib/libcrack.a
+lib/libcrack.so
+lib/libcrack.so.2
+lib/libcrack.so.2.9.0
+libdata/cracklib/cracklib-words.hwm
+libdata/cracklib/cracklib-words.pwd
+libdata/cracklib/cracklib-words.pwi
+man/man3/FascistCheck.3.gz
+man/man3/cracklib.3.gz
+sbin/cracklib-check
+sbin/cracklib-format
+sbin/cracklib-packer
+sbin/cracklib-unpacker
+sbin/create-cracklib-dict
+%%DATADIR%%/cracklib-small
+%%DATADIR%%/cracklib.magic
+%%NLS%%share/locale/as/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/be/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/bn_IN/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/ca/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/cs/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/da/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/de/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/el/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/es/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/eu/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/fi/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/fr/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/gu/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/he/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/hi/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/hu/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/id/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/it/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/ja/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/kk/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/kn/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/ko/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/lt/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/ml/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/mr/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/nb/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/nl/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/or/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/pa/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/pl/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/pt/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/pt_BR/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/ru/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/sk/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/sl/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/sq/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/sv/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/ta/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/te/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/tr/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/uk/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/zh_CN/LC_MESSAGES/cracklib.mo
+%%NLS%%share/locale/zh_TW/LC_MESSAGES/cracklib.mo

Modified: branches/2019Q4/security/py-cracklib/Makefile
==============================================================================
--- branches/2019Q4/security/py-cracklib/Makefile	Tue Dec 10 14:34:42 2019	(r519672)
+++ branches/2019Q4/security/py-cracklib/Makefile	Tue Dec 10 14:44:25 2019	(r519673)
@@ -9,6 +9,7 @@ LICENSE=	LGPL21
 LIB_DEPENDS=	libcrack.so:security/cracklib
 
 MASTERDIR=	${.CURDIR}/../cracklib
+PLIST=		${.CURDIR}/pkg-plist
 BUILD_WRKSRC=	${WRKSRC}/python
 INSTALL_WRKSRC=	${BUILD_WRKSRC}
 

Copied: branches/2019Q4/security/py-cracklib/pkg-plist (from r519629, head/security/py-cracklib/pkg-plist)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2019Q4/security/py-cracklib/pkg-plist	Tue Dec 10 14:44:25 2019	(r519673, copy of r519629, head/security/py-cracklib/pkg-plist)
@@ -0,0 +1,8 @@
+%%PYTHON_SITELIBDIR%%/_cracklib.a
+%%PYTHON_SITELIBDIR%%/_cracklib.so
+%%PYTHON_SITELIBDIR%%/cracklib.py
+%%PYTHON_SITELIBDIR%%/cracklib.pyc
+%%PYTHON_SITELIBDIR%%/cracklib.pyo
+%%PYTHON_SITELIBDIR%%/test_cracklib.py
+%%PYTHON_SITELIBDIR%%/test_cracklib.pyc
+%%PYTHON_SITELIBDIR%%/test_cracklib.pyo



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201912101444.xBAEiQ7j010901>