Added some patchfiles
This commit is contained in:
Raansu
8
.SRCINFO
8
.SRCINFO
@@ -1,7 +1,7 @@
|
|||||||
pkgbase = db4.8
|
pkgbase = db4.8
|
||||||
pkgdesc = The Berkeley DB embedded database system 4.8
|
pkgdesc = The Berkeley DB embedded database system 4.8
|
||||||
pkgver = 4.8.30
|
pkgver = 4.8.30
|
||||||
pkgrel = 5
|
pkgrel = 6
|
||||||
url = http://www.oracle.com/technology/software/products/berkeley-db/index.html
|
url = http://www.oracle.com/technology/software/products/berkeley-db/index.html
|
||||||
arch = any
|
arch = any
|
||||||
license = custom
|
license = custom
|
||||||
@@ -9,8 +9,14 @@ pkgbase = db4.8
|
|||||||
options = !libtool
|
options = !libtool
|
||||||
options = !makeflags
|
options = !makeflags
|
||||||
source = http://download.oracle.com/berkeley-db/db-4.8.30.tar.gz
|
source = http://download.oracle.com/berkeley-db/db-4.8.30.tar.gz
|
||||||
|
source = db-atomic.patch
|
||||||
|
source = CVE-2017-10140-cwd-db_config.patch
|
||||||
md5sums = f80022099c5742cd179343556179aa8c
|
md5sums = f80022099c5742cd179343556179aa8c
|
||||||
|
md5sums = d56cef85d0fc9432b54a32993d4c9f06
|
||||||
|
md5sums = c2d29f72c20625c09f30e35af3c4f2ff
|
||||||
sha256sums = e0491a07cdb21fb9aa82773bbbedaeb7639cbd0e7f96147ab46141e0045db72a
|
sha256sums = e0491a07cdb21fb9aa82773bbbedaeb7639cbd0e7f96147ab46141e0045db72a
|
||||||
|
sha256sums = 7ab718c5624b4724a585c91f4cfdcd3830cfaf0ce1e865a4a79b316ba35990c0
|
||||||
|
sha256sums = 7dfea34368f4d3d5b81973f7b0dbb8a54cdd09effb09b2b28763b2470833a614
|
||||||
|
|
||||||
pkgname = db4.8
|
pkgname = db4.8
|
||||||
|
|
||||||
|
|||||||
22
CVE-2017-10140-cwd-db_config.patch
Normal file
22
CVE-2017-10140-cwd-db_config.patch
Normal file
@@ -0,0 +1,22 @@
|
|||||||
|
Description: CVE-2017-10140: Reads DB_CONFIG from the current working directory
|
||||||
|
Do not access DB_CONFIG when db_home is not set.
|
||||||
|
Origin: vendor, https://src.fedoraproject.org/rpms/libdb/raw/8047fa8580659fcae740c25e91b490539b8453eb/f/db-5.3.28-cwd-db_config.patch
|
||||||
|
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-10140
|
||||||
|
Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1464032
|
||||||
|
Bug-SuSE: https://bugzilla.novell.com/show_bug.cgi?id=1043886
|
||||||
|
Forwarded: no
|
||||||
|
Author: Petr Kubat <pkubat@redhat.com>
|
||||||
|
Reviewed-by: Salvatore Bonaccorso <carnil@debian.org>
|
||||||
|
Last-Update: 2017-08-17
|
||||||
|
|
||||||
|
--- db-5.3.28/env/env_open.c.old 2017-06-26 10:32:11.011419981 +0200
|
||||||
|
+++ db-5.3.28/env/env_open.c 2017-06-26 10:32:46.893721233 +0200
|
||||||
|
@@ -473,7 +473,7 @@
|
||||||
|
env->db_mode = mode == 0 ? DB_MODE_660 : mode;
|
||||||
|
|
||||||
|
/* Read the DB_CONFIG file. */
|
||||||
|
- if ((ret = __env_read_db_config(env)) != 0)
|
||||||
|
+ if (env->db_home != NULL && (ret = __env_read_db_config(env)) != 0)
|
||||||
|
return (ret);
|
||||||
|
|
||||||
|
/*
|
||||||
24
PKGBUILD
24
PKGBUILD
@@ -2,16 +2,32 @@
|
|||||||
# Contributor: Leslie P. Polzer <polzer@gnu.org>
|
# Contributor: Leslie P. Polzer <polzer@gnu.org>
|
||||||
pkgname=db4.8
|
pkgname=db4.8
|
||||||
pkgver=4.8.30
|
pkgver=4.8.30
|
||||||
pkgrel=5
|
pkgrel=6
|
||||||
pkgdesc="The Berkeley DB embedded database system 4.8"
|
pkgdesc="The Berkeley DB embedded database system 4.8"
|
||||||
arch=('any')
|
arch=('any')
|
||||||
license=('custom')
|
license=('custom')
|
||||||
url="http://www.oracle.com/technology/software/products/berkeley-db/index.html"
|
url="http://www.oracle.com/technology/software/products/berkeley-db/index.html"
|
||||||
depends=('gcc-libs')
|
depends=('gcc-libs')
|
||||||
options=('!libtool' '!makeflags')
|
options=('!libtool' '!makeflags')
|
||||||
source=(http://download.oracle.com/berkeley-db/db-${pkgver}.tar.gz)
|
source=(http://download.oracle.com/berkeley-db/db-${pkgver}.tar.gz
|
||||||
md5sums=('f80022099c5742cd179343556179aa8c')
|
'db-atomic.patch'
|
||||||
sha256sums=('e0491a07cdb21fb9aa82773bbbedaeb7639cbd0e7f96147ab46141e0045db72a')
|
'CVE-2017-10140-cwd-db_config.patch')
|
||||||
|
md5sums=('f80022099c5742cd179343556179aa8c'
|
||||||
|
'd56cef85d0fc9432b54a32993d4c9f06'
|
||||||
|
'c2d29f72c20625c09f30e35af3c4f2ff')
|
||||||
|
sha256sums=('e0491a07cdb21fb9aa82773bbbedaeb7639cbd0e7f96147ab46141e0045db72a'
|
||||||
|
'7ab718c5624b4724a585c91f4cfdcd3830cfaf0ce1e865a4a79b316ba35990c0'
|
||||||
|
'7dfea34368f4d3d5b81973f7b0dbb8a54cdd09effb09b2b28763b2470833a614')
|
||||||
|
|
||||||
|
prepare() {
|
||||||
|
cd "$srcdir/db-$pkgver/"
|
||||||
|
|
||||||
|
chmod +w dbinc/atomic.h
|
||||||
|
patch -p1 < "$srcdir"/db-atomic.patch
|
||||||
|
|
||||||
|
chmod +w env/env_open.c
|
||||||
|
patch -u -p1 < "$srcdir"/CVE-2017-10140-cwd-db_config.patch
|
||||||
|
}
|
||||||
|
|
||||||
build() {
|
build() {
|
||||||
cd "$srcdir/db-$pkgver/"
|
cd "$srcdir/db-$pkgver/"
|
||||||
|
|||||||
22
db-atomic.patch
Normal file
22
db-atomic.patch
Normal file
@@ -0,0 +1,22 @@
|
|||||||
|
diff --git a/dbinc/atomic.h b/dbinc/atomic.h
|
||||||
|
index 0034dcc..50b8b74 100644
|
||||||
|
--- a/dbinc/atomic.h
|
||||||
|
+++ b/dbinc/atomic.h
|
||||||
|
@@ -144,7 +144,7 @@ typedef LONG volatile *interlocked_val;
|
||||||
|
#define atomic_inc(env, p) __atomic_inc(p)
|
||||||
|
#define atomic_dec(env, p) __atomic_dec(p)
|
||||||
|
#define atomic_compare_exchange(env, p, o, n) \
|
||||||
|
- __atomic_compare_exchange((p), (o), (n))
|
||||||
|
+ __atomic_compare_exchange_db((p), (o), (n))
|
||||||
|
static inline int __atomic_inc(db_atomic_t *p)
|
||||||
|
{
|
||||||
|
int temp;
|
||||||
|
@@ -176,7 +176,7 @@ static inline int __atomic_dec(db_atomic_t *p)
|
||||||
|
* http://gcc.gnu.org/onlinedocs/gcc-4.1.0/gcc/Atomic-Builtins.html
|
||||||
|
* which configure could be changed to use.
|
||||||
|
*/
|
||||||
|
-static inline int __atomic_compare_exchange(
|
||||||
|
+static inline int __atomic_compare_exchange_db(
|
||||||
|
db_atomic_t *p, atomic_value_t oldval, atomic_value_t newval)
|
||||||
|
{
|
||||||
|
atomic_value_t was;
|
||||||
Reference in New Issue
Block a user