From 98866ec1238ed256cc7e9dbf657e37d3a0035dba Mon Sep 17 00:00:00 2001 From: gafton Date: Wed, 24 Nov 2004 05:11:31 +0000 Subject: [PATCH 01/11] Fix braindead typo from the original import --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index e8eb45d..e007b7a 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ # Makefile for source rpm: zoo -# $Id$ +# $Id: Makefile,v 1.1 2004/11/08 05:36:39 cvsextras Exp $ NAME := zoo SPECFILE = $(firstword $(wildcard *.spec)) @@ -12,7 +12,7 @@ MAKEFILE_COMMON := $(shell $(find-makefile-common)) ifeq ($(MAKEFILE_COMMON),) # attept a checkout define checkout-makefile-common -test -f CVS/Rootx && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 +test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 endef MAKEFILE_COMMON := $(shell $(checkout-makefile-common)) From 21a5eec052ef63069dbc5bc8a91cdff8697d0bcf Mon Sep 17 00:00:00 2001 From: Michael Schwendt Date: Fri, 10 Dec 2004 22:03:13 +0000 Subject: [PATCH 02/11] Bump release, strip off fedora.us prefix and dist tag. --- zoo.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zoo.spec b/zoo.spec index 90da61c..b446fe4 100644 --- a/zoo.spec +++ b/zoo.spec @@ -1,6 +1,6 @@ Name: zoo Version: 2.10 -Release: 0.fdr.2.2 +Release: 2 Epoch: 0 Summary: File archiving utility with compression From 80811e854621d6f97805774f236a34eccd10fdea Mon Sep 17 00:00:00 2001 From: Matthias Saou Date: Sat, 5 Mar 2005 20:07:10 +0000 Subject: [PATCH 03/11] Mass letter "x"," y" and "z" update, one or more apply : - Drop epoch: 0 - Remove %{epoch} requirements in sub-packages - Remove trailing white spaces - Keep consistent between spaces and tabs --- zoo.spec | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/zoo.spec b/zoo.spec index b446fe4..68664c6 100644 --- a/zoo.spec +++ b/zoo.spec @@ -1,8 +1,7 @@ -Name: zoo -Version: 2.10 -Release: 2 -Epoch: 0 -Summary: File archiving utility with compression +Name: zoo +Version: 2.10 +Release: 2 +Summary: File archiving utility with compression Group: Applications/Archiving License: Distributable @@ -12,9 +11,9 @@ Patch1: zoo-2.10-tempfile.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) %description -zoo is a file archiving utility for maintaining collections of files. -It uses Lempel-Ziv compression to provide space savings in the -range of 20 to 80 percent depending on the type of data. Written by +zoo is a file archiving utility for maintaining collections of files. +It uses Lempel-Ziv compression to provide space savings in the +range of 20 to 80 percent depending on the type of data. Written by Rahul Dhesi, and posted to the USENET newsgroup comp.sources.misc. %prep From e19d817b9684469b43ae39b26631c51c22998f66 Mon Sep 17 00:00:00 2001 From: Adrian Reber Date: Tue, 5 Apr 2005 11:09:28 +0000 Subject: [PATCH 04/11] fix gcc4 errors --- zoo-gcc4.patch | 10 ++++++++++ zoo.spec | 7 ++++++- 2 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 zoo-gcc4.patch diff --git a/zoo-gcc4.patch b/zoo-gcc4.patch new file mode 100644 index 0000000..5e12e77 --- /dev/null +++ b/zoo-gcc4.patch @@ -0,0 +1,10 @@ +--- zoo-2.10.orig/ar.h 2005-04-05 10:53:38.000000000 +0200 ++++ zoo-2.10/ar.h 2005-04-05 10:52:12.000000000 +0200 +@@ -117,7 +117,6 @@ + void move_left(); + #else + # define MOVE_LEFT memmove +- extern VOIDPTR memmove(); + #endif + + #if 0 diff --git a/zoo.spec b/zoo.spec index 68664c6..d6c3774 100644 --- a/zoo.spec +++ b/zoo.spec @@ -1,6 +1,6 @@ Name: zoo Version: 2.10 -Release: 2 +Release: 3 Summary: File archiving utility with compression Group: Applications/Archiving @@ -8,6 +8,7 @@ License: Distributable Source: ftp://ftp.debian.org/debian/pool/non-free/z/zoo/zoo_2.10.orig.tar.gz Patch0: ftp://ftp.debian.org/debian/pool/non-free/z/zoo/zoo_2.10-9.diff.gz Patch1: zoo-2.10-tempfile.patch +Patch2: zoo-gcc4.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) %description @@ -20,6 +21,7 @@ Rahul Dhesi, and posted to the USENET newsgroup comp.sources.misc. %setup -n zoo-2.10.orig %patch0 -p1 -b .debian %patch1 -p1 -b .tempfile +%patch2 -p1 -b .gcc4 %build make %{?_smp_mflags} OPTIM="%{optflags}" linux @@ -41,6 +43,9 @@ rm -fr %{buildroot} %attr(0755,root,root) %{_bindir}/* %changelog +* Tue Apr 05 2005 Adrian Reber - 2.10-3 +- fix gcc4 errors + * Sun Apr 25 2004 Mailhot - 0:2.10-0.fdr.2 * Use debian source From 5cce308b8b1cc7f50c6b512ea9d45af83073abdf Mon Sep 17 00:00:00 2001 From: nim Date: Mon, 16 Jan 2006 22:44:21 +0000 Subject: [PATCH 05/11] auto-import zoo-2.10-4.fc5 on branch devel from zoo-2.10-4.fc5.src.rpm builds with gcc4.1, warnings all over the place :( --- zoo.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/zoo.spec b/zoo.spec index d6c3774..c747b8a 100644 --- a/zoo.spec +++ b/zoo.spec @@ -1,6 +1,6 @@ Name: zoo Version: 2.10 -Release: 3 +Release: 4%{?dist} Summary: File archiving utility with compression Group: Applications/Archiving @@ -43,6 +43,9 @@ rm -fr %{buildroot} %attr(0755,root,root) %{_bindir}/* %changelog +* Mon Jun 16 2006 Mailhot - 2.10-4 +- rebuild with gcc 4.1 + * Tue Apr 05 2005 Adrian Reber - 2.10-3 - fix gcc4 errors From 590ada1a62a6b701d1a0acc41e39175f2186bc2e Mon Sep 17 00:00:00 2001 From: nim Date: Mon, 13 Feb 2006 21:37:04 +0000 Subject: [PATCH 06/11] auto-import zoo-2.10-5.fc5 on branch devel from zoo-2.10-5.fc5.src.rpm rebuilt for new gcc4.1 snapshot and glibc changes --- zoo.spec | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/zoo.spec b/zoo.spec index c747b8a..d229efb 100644 --- a/zoo.spec +++ b/zoo.spec @@ -1,6 +1,6 @@ Name: zoo Version: 2.10 -Release: 4%{?dist} +Release: 5%{?dist} Summary: File archiving utility with compression Group: Applications/Archiving @@ -43,13 +43,16 @@ rm -fr %{buildroot} %attr(0755,root,root) %{_bindir}/* %changelog -* Mon Jun 16 2006 Mailhot - 2.10-4 +* Mon Feb 13 2006 Nicolas Mailhot - 2.10-5 +- rebuilt for new gcc4.1 snapshot and glibc changes + +* Mon Jun 16 2005 Nicolas Mailhot - 2.10-4 - rebuild with gcc 4.1 * Tue Apr 05 2005 Adrian Reber - 2.10-3 - fix gcc4 errors -* Sun Apr 25 2004 Mailhot - 0:2.10-0.fdr.2 +* Sun Apr 25 2004 Nicolas Mailhot - 0:2.10-0.fdr.2 * Use debian source * Tue Apr 20 2004 Nicolas Mailhot - 0:2.10-0.fdr.1 From 1308b454ecdeae729146dff7b48bd28a14f0c2bc Mon Sep 17 00:00:00 2001 From: nim Date: Sun, 26 Feb 2006 22:41:20 +0000 Subject: [PATCH 07/11] auto-import zoo-2.10-6.fc5 on branch devel from zoo-2.10-6.fc5.src.rpm Apply patch for exploitable buffer overflow --- zoo-2.10-pathsize-security.patch | 19 +++++++++++++++++++ zoo.spec | 7 ++++++- 2 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 zoo-2.10-pathsize-security.patch diff --git a/zoo-2.10-pathsize-security.patch b/zoo-2.10-pathsize-security.patch new file mode 100644 index 0000000..169c964 --- /dev/null +++ b/zoo-2.10-pathsize-security.patch @@ -0,0 +1,19 @@ +diff -uNr zoo-2.10.orig/misc.c zoo-2.10.new/misc.c +--- zoo-2.10.orig/misc.c 2006-02-26 23:30:55.000000000 +0100 ++++ zoo-2.10.new/misc.c 2006-02-26 23:37:17.000000000 +0100 +@@ -136,11 +136,14 @@ + char *fullpath (direntry) + struct direntry *direntry; + { +- static char result[PATHSIZE]; ++ static char result[PATHSIZE+PATHSIZE+12]; // Room for enough space + combine (result, + direntry->dirlen != 0 ? direntry->dirname : "", + (direntry->namlen != 0) ? direntry->lfname : direntry->fname + ); ++ if (strlen (result) >= PATHSIZE) { ++ prterror ('f', "Combined dirname and filename too long\n"); ++ } + return (result); + } + diff --git a/zoo.spec b/zoo.spec index d229efb..0647af3 100644 --- a/zoo.spec +++ b/zoo.spec @@ -1,6 +1,6 @@ Name: zoo Version: 2.10 -Release: 5%{?dist} +Release: 6%{?dist} Summary: File archiving utility with compression Group: Applications/Archiving @@ -9,6 +9,7 @@ Source: ftp://ftp.debian.org/debian/pool/non-free/z/zoo/zoo_2.10.orig.tar.gz Patch0: ftp://ftp.debian.org/debian/pool/non-free/z/zoo/zoo_2.10-9.diff.gz Patch1: zoo-2.10-tempfile.patch Patch2: zoo-gcc4.patch +Patch3: zoo-2.10-pathsize-security.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) %description @@ -22,6 +23,7 @@ Rahul Dhesi, and posted to the USENET newsgroup comp.sources.misc. %patch0 -p1 -b .debian %patch1 -p1 -b .tempfile %patch2 -p1 -b .gcc4 +%patch3 -p1 -b .pathsize %build make %{?_smp_mflags} OPTIM="%{optflags}" linux @@ -43,6 +45,9 @@ rm -fr %{buildroot} %attr(0755,root,root) %{_bindir}/* %changelog +* Sun Feb 26 2006 Nicolas Mailhot - 2.10-6 +- apply preliminary patch for bug #183109 (just to be sure) + * Mon Feb 13 2006 Nicolas Mailhot - 2.10-5 - rebuilt for new gcc4.1 snapshot and glibc changes From 211b134df428a8439c28939b20780b461805bf02 Mon Sep 17 00:00:00 2001 From: nim Date: Sat, 4 Mar 2006 13:30:20 +0000 Subject: [PATCH 08/11] auto-import zoo-2.10-7.fc5 on branch devel from zoo-2.10-7.fc5.src.rpm rebase on opensuse package, CVE-2006-0855 fix #2, bz #183109 fix --- .cvsignore | 3 +- sources | 3 +- zoo-2.10-CAN-2005-2349.patch | 34 ++++++++++++ zoo-2.10-febz-183426.patch | 12 ++++ zoo-2.10-pathsize-security.patch | 19 ------- zoo-gcc.patch | 24 ++++++++ zoo-gcc4.patch | 10 ---- zoo-return.patch | 56 +++++++++++++++++++ zoo-security_pathsize.patch | 21 +++++++ zoo.patch | 94 ++++++++++++++++++++++++++++++++ zoo.spec | 41 ++++++++++---- 11 files changed, 274 insertions(+), 43 deletions(-) create mode 100644 zoo-2.10-CAN-2005-2349.patch create mode 100644 zoo-2.10-febz-183426.patch delete mode 100644 zoo-2.10-pathsize-security.patch create mode 100644 zoo-gcc.patch delete mode 100644 zoo-gcc4.patch create mode 100644 zoo-return.patch create mode 100644 zoo-security_pathsize.patch create mode 100644 zoo.patch diff --git a/.cvsignore b/.cvsignore index eef328d..774cdff 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,2 +1 @@ -zoo_2.10-9.diff.gz -zoo_2.10.orig.tar.gz +zoo.tar.gz diff --git a/sources b/sources index f5b71b5..ffac8ec 100644 --- a/sources +++ b/sources @@ -1,2 +1 @@ -2dca488e015f6d6079fb3b2106bcbc5e zoo_2.10-9.diff.gz -dca5f2cf71379a51ea1e66b25f1e0294 zoo_2.10.orig.tar.gz +9419da66d2de4c59b405d5c59845a828 zoo.tar.gz diff --git a/zoo-2.10-CAN-2005-2349.patch b/zoo-2.10-CAN-2005-2349.patch new file mode 100644 index 0000000..6504f20 --- /dev/null +++ b/zoo-2.10-CAN-2005-2349.patch @@ -0,0 +1,34 @@ +--- portable.c ++++ portable.c +@@ -364,6 +364,31 @@ + show_dir(direntry); + } + #endif ++ char *p; ++ /* take off '../' */ ++ while ((p = strstr( direntry->dirname, "../" )) != NULL) { ++ while (*(p+3) != '\0') { ++ *p = *(p + 3); ++ p++; ++ } ++ *p = *(p+3); /* move last null */ ++ //printf("zoo: skipped \"../\" path component in '%s'\n", direntry->dirname); ++ } ++ /* take off '/' */ ++ if ( direntry->dirname[0] == '/' ) { ++ p = direntry->dirname; ++ while (*p != '\0') { ++ *p = *(p + 1); ++ p++; ++ } ++ *p = *(p+1); /* move last null */ ++ //printf("zoo: skipped \"/\" path component in '%s'\n", direntry->dirname); ++ } ++ /* take off '..' */ ++ if(!strcmp(direntry->dirname, "..")) ++ direntry->dirname[0] = '\0'; ++ /* direntry->dirlen = strlen(direntry->dirname); */ ++ + return (0); + } + diff --git a/zoo-2.10-febz-183426.patch b/zoo-2.10-febz-183426.patch new file mode 100644 index 0000000..46e2e2e --- /dev/null +++ b/zoo-2.10-febz-183426.patch @@ -0,0 +1,12 @@ +diff -uNr zoo/parse.c zoo.new/parse.c +--- zoo/parse.c 1991-07-11 21:07:34.000000000 +0200 ++++ zoo.new/parse.c 2006-03-04 14:17:50.000000000 +0100 +@@ -39,7 +39,7 @@ + char *namep; /* points to relevant part of tempname */ + + char *p; +- strcpy (tempname, fname); ++ strncpy(tempname, fname, LFNAMESIZE); + + #ifdef DEBUG + printf ("parse: supplied name is [%s].\n", tempname); diff --git a/zoo-2.10-pathsize-security.patch b/zoo-2.10-pathsize-security.patch deleted file mode 100644 index 169c964..0000000 --- a/zoo-2.10-pathsize-security.patch +++ /dev/null @@ -1,19 +0,0 @@ -diff -uNr zoo-2.10.orig/misc.c zoo-2.10.new/misc.c ---- zoo-2.10.orig/misc.c 2006-02-26 23:30:55.000000000 +0100 -+++ zoo-2.10.new/misc.c 2006-02-26 23:37:17.000000000 +0100 -@@ -136,11 +136,14 @@ - char *fullpath (direntry) - struct direntry *direntry; - { -- static char result[PATHSIZE]; -+ static char result[PATHSIZE+PATHSIZE+12]; // Room for enough space - combine (result, - direntry->dirlen != 0 ? direntry->dirname : "", - (direntry->namlen != 0) ? direntry->lfname : direntry->fname - ); -+ if (strlen (result) >= PATHSIZE) { -+ prterror ('f', "Combined dirname and filename too long\n"); -+ } - return (result); - } - diff --git a/zoo-gcc.patch b/zoo-gcc.patch new file mode 100644 index 0000000..0edacc5 --- /dev/null +++ b/zoo-gcc.patch @@ -0,0 +1,24 @@ +diff -uNr zoo.orig/makefile zoo/makefile +--- zoo.orig/makefile 1992-07-27 06:01:40.000000000 +0200 ++++ zoo/makefile 2002-11-25 16:41:06.000000000 +0100 +@@ -21,7 +21,7 @@ + CC = cc + CFLAGS = + MODEL = +-EXTRA = -DBIG_MEM -DNDEBUG ++EXTRA = -DBIG_MEM -DNDEBUG -DANSI_PROTO + LINTFLAGS = -DLINT + OPTIM = -O + DESTDIR = /usr/local/bin +diff -uNr zoo.orig/options.h zoo/options.h +--- zoo.orig/options.h 1991-07-11 21:07:32.000000000 +0200 ++++ zoo/options.h 2002-11-25 16:41:30.000000000 +0100 +@@ -104,7 +104,7 @@ + #define GETTZ + #define FATTR + #define T_SIGNAL int +-#define VARARGS ++#define STDARG + #define NEED_MEMMOVE + #define T_UINT16 unsigned short /* must be 16 bit unsigned */ + #define HAVE_ISATTY diff --git a/zoo-gcc4.patch b/zoo-gcc4.patch deleted file mode 100644 index 5e12e77..0000000 --- a/zoo-gcc4.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- zoo-2.10.orig/ar.h 2005-04-05 10:53:38.000000000 +0200 -+++ zoo-2.10/ar.h 2005-04-05 10:52:12.000000000 +0200 -@@ -117,7 +117,6 @@ - void move_left(); - #else - # define MOVE_LEFT memmove -- extern VOIDPTR memmove(); - #endif - - #if 0 diff --git a/zoo-return.patch b/zoo-return.patch new file mode 100644 index 0000000..13e1096 --- /dev/null +++ b/zoo-return.patch @@ -0,0 +1,56 @@ +--- ar.h ++++ ar.h +@@ -116,7 +116,9 @@ + void move_left(); + #else + # define MOVE_LEFT memmove ++# ifndef ANSI_HDRS + extern VOIDPTR memmove(); ++# endif + #endif + + #if 0 +--- bsd.c ++++ bsd.c +@@ -104,4 +104,5 @@ + seekpos = lseek(fd, 0L, SEEK_CUR); + if (seekpos >= 0) + return ftruncate(fd, seekpos); ++ return 0; + } +--- mstime.i ++++ mstime.i +@@ -12,6 +12,7 @@ + Function mstime() converts time in seconds since January 1 of BASEYEAR + to MS-DOS format date and time. + */ ++void + mstime(longtime, date, time) + long longtime; /* input: seconds since Jan 1, BASEYEAR */ + int *date, *time; /* output: MS-DOS format date and time */ +--- nixtime.i ++++ nixtime.i +@@ -36,6 +36,7 @@ + (tm->tm_hour << 11); + } + ++ return 0; + } + + /***************** +--- options.h ++++ options.h +@@ -157,11 +157,13 @@ + #define GETTZ + #define FATTR + #define T_SIGNAL void ++#define STDARG + /* #define VARARGS */ + /* #define NEED_MEMMOVE */ + #define T_UINT16 unsigned short /* must be 16 bit unsigned */ + #define HAVE_ISATTY + /* #define NEED_VPRINTF */ ++#define BSD4_3 /* for I/O definitions */ + #endif /* BSD4_4 */ + + /***********************************************************************/ diff --git a/zoo-security_pathsize.patch b/zoo-security_pathsize.patch new file mode 100644 index 0000000..ec4bd78 --- /dev/null +++ b/zoo-security_pathsize.patch @@ -0,0 +1,21 @@ +--- misc.c ++++ misc.c +@@ -135,11 +135,17 @@ + char *fullpath (direntry) + struct direntry *direntry; + { +- static char result[PATHSIZE]; ++ static char result[PATHSIZE+LFNAMESIZE+12]; /* Room for enough space.*/ + combine (result, + direntry->dirlen != 0 ? direntry->dirname : "", + (direntry->namlen != 0) ? direntry->lfname : direntry->fname + ); ++ ++ if (strlen (result) >= PATHSIZE) { ++ prterror ('f', "Combined dirname and filename too long!\n"); ++ *result = '\0'; ++ } ++ + return (result); + } + diff --git a/zoo.patch b/zoo.patch new file mode 100644 index 0000000..db1091a --- /dev/null +++ b/zoo.patch @@ -0,0 +1,94 @@ +--- basename.c ++++ basename.c +@@ -18,7 +18,7 @@ + + /* This function strips device/directory information from + a pathname and returns just the plain filename */ +-void basename (pathname, fname) ++void my_basename (pathname, fname) + char *pathname; + char fname[]; + { +--- makefile ++++ makefile +@@ -18,13 +18,13 @@ + + MAKE = make # needed for some systems e.g. older BSD + +-CC = cc ++CC = gcc + CFLAGS = + MODEL = + EXTRA = -DBIG_MEM -DNDEBUG + LINTFLAGS = -DLINT + OPTIM = -O +-DESTDIR = /usr/local/bin ++DESTDIR = /usr/bin + + #List of all object files created for Zoo + ZOOOBJS = addbfcrc.o addfname.o basename.o comment.o crcdefs.o \ +@@ -107,10 +107,10 @@ + convex: + $(MAKE) CFLAGS="-c $(OPTIM) -DBSD4_3 -DANSI_HDRS" $(TARGETS) + +-# Linux 0.96c, gcc 2.2.2 ++# Linux 2.0.0, gcc 2.7.2 + linux: + $(MAKE) \ +- CFLAGS="-c -O2 -DBSD4_3 -DANSI_HDRS -DLINUX" \ ++ CFLAGS="-c $(OPTIM) -DBSD4_4 -DANSI_HDRS -DLINUX" \ + $(TARGETS) + + # linux as above, static linked +--- options.h ++++ options.h +@@ -89,7 +89,7 @@ + /***********************************************************************/ + + #ifdef BSD4_3 +-#define NOSTRCHR /* not really needed for 4.3BSD */ ++/* #define NOSTRCHR */ /* not really needed for 4.3BSD */ + #define FILTER + #define IO_MACROS + #define EXISTS(f) (access(f, 00) == 0) +--- various.h ++++ various.h +@@ -26,6 +26,7 @@ + #ifdef ANSI_HDRS /* if not defined in stdio.h */ + # include + # include ++# include + #else + FILE *fdopen PARMS ((int, char *)); + FILE *fopen PARMS ((char *, char *)); +--- zooadd.c ++++ zooadd.c +@@ -132,7 +132,7 @@ + + if (zoo_file == NOFILE) + prterror ('f', could_not_open, zoo_path); +-basename(zoo_path, zoo_fname); /* get basename of archive */ ++my_basename(zoo_path, zoo_fname); /* get basename of archive */ + rootname (zoo_path, zoo_bak); /* name without extension */ + strcat (zoo_bak, BACKUP_EXT); /* name of backup of this archive */ + +@@ -222,7 +222,7 @@ + break; + } + +- basename (this_path, this_fname); /* get just filename for later */ ++ my_basename (this_path, this_fname); /* get just filename for later */ + + this_file = zooopen(this_path, Z_READ); + if (this_file == NOFILE) { +--- zoofns.h ++++ zoofns.h +@@ -85,7 +85,7 @@ + void addfname PARMS ((char *, long, unsigned int, unsigned int, + unsigned, unsigned)); + void add_version PARMS ((char *, struct direntry *)); +-void basename PARMS ((char *, char [])); ++void my_basename PARMS ((char *, char [])); + void break_off PARMS ((void)); + void close_file PARMS ((ZOOFILE)); + void comment PARMS ((char *, char *)); diff --git a/zoo.spec b/zoo.spec index 0647af3..7b2599e 100644 --- a/zoo.spec +++ b/zoo.spec @@ -1,33 +1,45 @@ Name: zoo Version: 2.10 -Release: 6%{?dist} +Release: 7%{?dist} Summary: File archiving utility with compression Group: Applications/Archiving License: Distributable -Source: ftp://ftp.debian.org/debian/pool/non-free/z/zoo/zoo_2.10.orig.tar.gz -Patch0: ftp://ftp.debian.org/debian/pool/non-free/z/zoo/zoo_2.10-9.diff.gz -Patch1: zoo-2.10-tempfile.patch -Patch2: zoo-gcc4.patch -Patch3: zoo-2.10-pathsize-security.patch +# There is no zoo upstream anymore so let's not pretend we have an authoritative source +# This zoo.tar.gz archive was taken from opensuse +Source: zoo.tar.gz +Patch0: zoo.patch +Patch1: zoo-%{version}-tempfile.patch +Patch2: zoo-gcc.patch +Patch3: zoo-%{version}-CAN-2005-2349.patch +Patch4: zoo-return.patch +Patch5: zoo-security_pathsize.patch +Patch6: zoo-%{version}-febz-183426.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) + %description zoo is a file archiving utility for maintaining collections of files. It uses Lempel-Ziv compression to provide space savings in the range of 20 to 80 percent depending on the type of data. Written by Rahul Dhesi, and posted to the USENET newsgroup comp.sources.misc. + %prep -%setup -n zoo-2.10.orig -%patch0 -p1 -b .debian -%patch1 -p1 -b .tempfile +%setup -q -n %{name} +%patch0 +%patch1 -p1 %patch2 -p1 -b .gcc4 -%patch3 -p1 -b .pathsize +%patch3 -b .can +%patch4 +%patch5 -b .pathsize +%patch6 -p1 -b .febz183426 + %build make %{?_smp_mflags} OPTIM="%{optflags}" linux + %install rm -fr %{buildroot} install -d -m 0755 %{buildroot}%{_bindir} \ @@ -36,15 +48,24 @@ install -d -m 0755 %{buildroot}%{_bindir} \ install -m 0755 fiz zoo %{buildroot}%{_bindir}/ install -m 0644 fiz.1 zoo.1 %{buildroot}%{_mandir}/man1/ + %clean rm -fr %{buildroot} + %files %defattr(0644, root, root, 0755) %doc %{_mandir}/man1/* %attr(0755,root,root) %{_bindir}/* + %changelog +* Sat Mar 4 2006 Nicolas Mailhot - 2.10-7 +- rebase on OpenSuse 2.10-866 package as the OpenSuse team did some nice + cleanups +- drop our fix to CVE-2006-0855 for the OpenSuse one +- add bug #183109 fix + * Sun Feb 26 2006 Nicolas Mailhot - 2.10-6 - apply preliminary patch for bug #183109 (just to be sure) From 0c9bbf7691c09acdc14594ca10a3a8b46efe483c Mon Sep 17 00:00:00 2001 From: nim Date: Sat, 4 Mar 2006 14:20:24 +0000 Subject: [PATCH 09/11] auto-import zoo-2.10-8.fc5 on branch devel from zoo-2.10-8.fc5.src.rpm use -fstack-protector-all --- zoo.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/zoo.spec b/zoo.spec index 7b2599e..51917d1 100644 --- a/zoo.spec +++ b/zoo.spec @@ -1,6 +1,6 @@ Name: zoo Version: 2.10 -Release: 7%{?dist} +Release: 8%{?dist} Summary: File archiving utility with compression Group: Applications/Archiving @@ -37,7 +37,7 @@ Rahul Dhesi, and posted to the USENET newsgroup comp.sources.misc. %build -make %{?_smp_mflags} OPTIM="%{optflags}" linux +make %{?_smp_mflags} OPTIM="-fstack-protector-all %{optflags}" linux %install @@ -60,6 +60,9 @@ rm -fr %{buildroot} %changelog +* Sat Mar 4 2006 Nicolas Mailhot - 2.10-8 +- use -fstack-protector-all + * Sat Mar 4 2006 Nicolas Mailhot - 2.10-7 - rebase on OpenSuse 2.10-866 package as the OpenSuse team did some nice cleanups From 557c02674e3220117a9865d94e898678c77f4747 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ville=20Skytt=C3=A4?= Date: Sun, 27 Aug 2006 21:19:10 +0000 Subject: [PATCH 10/11] http://fedoraproject.org/wiki/Extras/Schedule/FC6MassRebuild --- needs.rebuild | 1 + 1 file changed, 1 insertion(+) create mode 100644 needs.rebuild diff --git a/needs.rebuild b/needs.rebuild new file mode 100644 index 0000000..815fd29 --- /dev/null +++ b/needs.rebuild @@ -0,0 +1 @@ +http://fedoraproject.org/wiki/Extras/Schedule/FC6MassRebuild From bb170c0ec6da4667e5762b434ac6ff7edb25a25a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ville=20Skytt=C3=A4?= Date: Wed, 11 Oct 2006 21:32:28 +0000 Subject: [PATCH 11/11] http://fedoraproject.org/wiki/Extras/Schedule/FC6MassRebuild --- .cvsignore | 1 - Makefile | 21 -------- needs.rebuild => dead.package | 0 sources | 1 - zoo-2.10-CAN-2005-2349.patch | 34 ------------- zoo-2.10-febz-183426.patch | 12 ----- zoo-2.10-tempfile.patch | 24 --------- zoo-gcc.patch | 24 --------- zoo-return.patch | 56 --------------------- zoo-security_pathsize.patch | 21 -------- zoo.patch | 94 ----------------------------------- zoo.spec | 94 ----------------------------------- 12 files changed, 382 deletions(-) delete mode 100644 .cvsignore delete mode 100644 Makefile rename needs.rebuild => dead.package (100%) delete mode 100644 sources delete mode 100644 zoo-2.10-CAN-2005-2349.patch delete mode 100644 zoo-2.10-febz-183426.patch delete mode 100644 zoo-2.10-tempfile.patch delete mode 100644 zoo-gcc.patch delete mode 100644 zoo-return.patch delete mode 100644 zoo-security_pathsize.patch delete mode 100644 zoo.patch delete mode 100644 zoo.spec diff --git a/.cvsignore b/.cvsignore deleted file mode 100644 index 774cdff..0000000 --- a/.cvsignore +++ /dev/null @@ -1 +0,0 @@ -zoo.tar.gz diff --git a/Makefile b/Makefile deleted file mode 100644 index e007b7a..0000000 --- a/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -# Makefile for source rpm: zoo -# $Id: Makefile,v 1.1 2004/11/08 05:36:39 cvsextras Exp $ -NAME := zoo -SPECFILE = $(firstword $(wildcard *.spec)) - -define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done -endef - -MAKEFILE_COMMON := $(shell $(find-makefile-common)) - -ifeq ($(MAKEFILE_COMMON),) -# attept a checkout -define checkout-makefile-common -test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 -endef - -MAKEFILE_COMMON := $(shell $(checkout-makefile-common)) -endif - -include $(MAKEFILE_COMMON) diff --git a/needs.rebuild b/dead.package similarity index 100% rename from needs.rebuild rename to dead.package diff --git a/sources b/sources deleted file mode 100644 index ffac8ec..0000000 --- a/sources +++ /dev/null @@ -1 +0,0 @@ -9419da66d2de4c59b405d5c59845a828 zoo.tar.gz diff --git a/zoo-2.10-CAN-2005-2349.patch b/zoo-2.10-CAN-2005-2349.patch deleted file mode 100644 index 6504f20..0000000 --- a/zoo-2.10-CAN-2005-2349.patch +++ /dev/null @@ -1,34 +0,0 @@ ---- portable.c -+++ portable.c -@@ -364,6 +364,31 @@ - show_dir(direntry); - } - #endif -+ char *p; -+ /* take off '../' */ -+ while ((p = strstr( direntry->dirname, "../" )) != NULL) { -+ while (*(p+3) != '\0') { -+ *p = *(p + 3); -+ p++; -+ } -+ *p = *(p+3); /* move last null */ -+ //printf("zoo: skipped \"../\" path component in '%s'\n", direntry->dirname); -+ } -+ /* take off '/' */ -+ if ( direntry->dirname[0] == '/' ) { -+ p = direntry->dirname; -+ while (*p != '\0') { -+ *p = *(p + 1); -+ p++; -+ } -+ *p = *(p+1); /* move last null */ -+ //printf("zoo: skipped \"/\" path component in '%s'\n", direntry->dirname); -+ } -+ /* take off '..' */ -+ if(!strcmp(direntry->dirname, "..")) -+ direntry->dirname[0] = '\0'; -+ /* direntry->dirlen = strlen(direntry->dirname); */ -+ - return (0); - } - diff --git a/zoo-2.10-febz-183426.patch b/zoo-2.10-febz-183426.patch deleted file mode 100644 index 46e2e2e..0000000 --- a/zoo-2.10-febz-183426.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -uNr zoo/parse.c zoo.new/parse.c ---- zoo/parse.c 1991-07-11 21:07:34.000000000 +0200 -+++ zoo.new/parse.c 2006-03-04 14:17:50.000000000 +0100 -@@ -39,7 +39,7 @@ - char *namep; /* points to relevant part of tempname */ - - char *p; -- strcpy (tempname, fname); -+ strncpy(tempname, fname, LFNAMESIZE); - - #ifdef DEBUG - printf ("parse: supplied name is [%s].\n", tempname); diff --git a/zoo-2.10-tempfile.patch b/zoo-2.10-tempfile.patch deleted file mode 100644 index 17e2784..0000000 --- a/zoo-2.10-tempfile.patch +++ /dev/null @@ -1,24 +0,0 @@ ---- zoo/zoopack.c.tempfile Thu Jul 11 21:08:04 1991 -+++ zoo/zoopack.c Fri Jan 18 13:34:56 2002 -@@ -171,8 +171,19 @@ - } else { - strcpy (temp_file, xes); - } --mktemp (temp_file); /* ... and make unique */ --new_file = zoocreate (temp_file); -+ -+/* make unique name */ -+/* my god, this coding style sucks */ -+new_file = NOFILE; -+{ -+ int fd; -+ -+ if ((fd = mkstemp(temp_file)) >= 0) { -+ new_file = zoocreate (temp_file); -+ close(fd); -+ } -+} -+ - if (new_file == NOFILE) - prterror ('f', "Could not create temporary file %s.\n", temp_file); - diff --git a/zoo-gcc.patch b/zoo-gcc.patch deleted file mode 100644 index 0edacc5..0000000 --- a/zoo-gcc.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff -uNr zoo.orig/makefile zoo/makefile ---- zoo.orig/makefile 1992-07-27 06:01:40.000000000 +0200 -+++ zoo/makefile 2002-11-25 16:41:06.000000000 +0100 -@@ -21,7 +21,7 @@ - CC = cc - CFLAGS = - MODEL = --EXTRA = -DBIG_MEM -DNDEBUG -+EXTRA = -DBIG_MEM -DNDEBUG -DANSI_PROTO - LINTFLAGS = -DLINT - OPTIM = -O - DESTDIR = /usr/local/bin -diff -uNr zoo.orig/options.h zoo/options.h ---- zoo.orig/options.h 1991-07-11 21:07:32.000000000 +0200 -+++ zoo/options.h 2002-11-25 16:41:30.000000000 +0100 -@@ -104,7 +104,7 @@ - #define GETTZ - #define FATTR - #define T_SIGNAL int --#define VARARGS -+#define STDARG - #define NEED_MEMMOVE - #define T_UINT16 unsigned short /* must be 16 bit unsigned */ - #define HAVE_ISATTY diff --git a/zoo-return.patch b/zoo-return.patch deleted file mode 100644 index 13e1096..0000000 --- a/zoo-return.patch +++ /dev/null @@ -1,56 +0,0 @@ ---- ar.h -+++ ar.h -@@ -116,7 +116,9 @@ - void move_left(); - #else - # define MOVE_LEFT memmove -+# ifndef ANSI_HDRS - extern VOIDPTR memmove(); -+# endif - #endif - - #if 0 ---- bsd.c -+++ bsd.c -@@ -104,4 +104,5 @@ - seekpos = lseek(fd, 0L, SEEK_CUR); - if (seekpos >= 0) - return ftruncate(fd, seekpos); -+ return 0; - } ---- mstime.i -+++ mstime.i -@@ -12,6 +12,7 @@ - Function mstime() converts time in seconds since January 1 of BASEYEAR - to MS-DOS format date and time. - */ -+void - mstime(longtime, date, time) - long longtime; /* input: seconds since Jan 1, BASEYEAR */ - int *date, *time; /* output: MS-DOS format date and time */ ---- nixtime.i -+++ nixtime.i -@@ -36,6 +36,7 @@ - (tm->tm_hour << 11); - } - -+ return 0; - } - - /***************** ---- options.h -+++ options.h -@@ -157,11 +157,13 @@ - #define GETTZ - #define FATTR - #define T_SIGNAL void -+#define STDARG - /* #define VARARGS */ - /* #define NEED_MEMMOVE */ - #define T_UINT16 unsigned short /* must be 16 bit unsigned */ - #define HAVE_ISATTY - /* #define NEED_VPRINTF */ -+#define BSD4_3 /* for I/O definitions */ - #endif /* BSD4_4 */ - - /***********************************************************************/ diff --git a/zoo-security_pathsize.patch b/zoo-security_pathsize.patch deleted file mode 100644 index ec4bd78..0000000 --- a/zoo-security_pathsize.patch +++ /dev/null @@ -1,21 +0,0 @@ ---- misc.c -+++ misc.c -@@ -135,11 +135,17 @@ - char *fullpath (direntry) - struct direntry *direntry; - { -- static char result[PATHSIZE]; -+ static char result[PATHSIZE+LFNAMESIZE+12]; /* Room for enough space.*/ - combine (result, - direntry->dirlen != 0 ? direntry->dirname : "", - (direntry->namlen != 0) ? direntry->lfname : direntry->fname - ); -+ -+ if (strlen (result) >= PATHSIZE) { -+ prterror ('f', "Combined dirname and filename too long!\n"); -+ *result = '\0'; -+ } -+ - return (result); - } - diff --git a/zoo.patch b/zoo.patch deleted file mode 100644 index db1091a..0000000 --- a/zoo.patch +++ /dev/null @@ -1,94 +0,0 @@ ---- basename.c -+++ basename.c -@@ -18,7 +18,7 @@ - - /* This function strips device/directory information from - a pathname and returns just the plain filename */ --void basename (pathname, fname) -+void my_basename (pathname, fname) - char *pathname; - char fname[]; - { ---- makefile -+++ makefile -@@ -18,13 +18,13 @@ - - MAKE = make # needed for some systems e.g. older BSD - --CC = cc -+CC = gcc - CFLAGS = - MODEL = - EXTRA = -DBIG_MEM -DNDEBUG - LINTFLAGS = -DLINT - OPTIM = -O --DESTDIR = /usr/local/bin -+DESTDIR = /usr/bin - - #List of all object files created for Zoo - ZOOOBJS = addbfcrc.o addfname.o basename.o comment.o crcdefs.o \ -@@ -107,10 +107,10 @@ - convex: - $(MAKE) CFLAGS="-c $(OPTIM) -DBSD4_3 -DANSI_HDRS" $(TARGETS) - --# Linux 0.96c, gcc 2.2.2 -+# Linux 2.0.0, gcc 2.7.2 - linux: - $(MAKE) \ -- CFLAGS="-c -O2 -DBSD4_3 -DANSI_HDRS -DLINUX" \ -+ CFLAGS="-c $(OPTIM) -DBSD4_4 -DANSI_HDRS -DLINUX" \ - $(TARGETS) - - # linux as above, static linked ---- options.h -+++ options.h -@@ -89,7 +89,7 @@ - /***********************************************************************/ - - #ifdef BSD4_3 --#define NOSTRCHR /* not really needed for 4.3BSD */ -+/* #define NOSTRCHR */ /* not really needed for 4.3BSD */ - #define FILTER - #define IO_MACROS - #define EXISTS(f) (access(f, 00) == 0) ---- various.h -+++ various.h -@@ -26,6 +26,7 @@ - #ifdef ANSI_HDRS /* if not defined in stdio.h */ - # include - # include -+# include - #else - FILE *fdopen PARMS ((int, char *)); - FILE *fopen PARMS ((char *, char *)); ---- zooadd.c -+++ zooadd.c -@@ -132,7 +132,7 @@ - - if (zoo_file == NOFILE) - prterror ('f', could_not_open, zoo_path); --basename(zoo_path, zoo_fname); /* get basename of archive */ -+my_basename(zoo_path, zoo_fname); /* get basename of archive */ - rootname (zoo_path, zoo_bak); /* name without extension */ - strcat (zoo_bak, BACKUP_EXT); /* name of backup of this archive */ - -@@ -222,7 +222,7 @@ - break; - } - -- basename (this_path, this_fname); /* get just filename for later */ -+ my_basename (this_path, this_fname); /* get just filename for later */ - - this_file = zooopen(this_path, Z_READ); - if (this_file == NOFILE) { ---- zoofns.h -+++ zoofns.h -@@ -85,7 +85,7 @@ - void addfname PARMS ((char *, long, unsigned int, unsigned int, - unsigned, unsigned)); - void add_version PARMS ((char *, struct direntry *)); --void basename PARMS ((char *, char [])); -+void my_basename PARMS ((char *, char [])); - void break_off PARMS ((void)); - void close_file PARMS ((ZOOFILE)); - void comment PARMS ((char *, char *)); diff --git a/zoo.spec b/zoo.spec deleted file mode 100644 index 51917d1..0000000 --- a/zoo.spec +++ /dev/null @@ -1,94 +0,0 @@ -Name: zoo -Version: 2.10 -Release: 8%{?dist} -Summary: File archiving utility with compression - -Group: Applications/Archiving -License: Distributable -# There is no zoo upstream anymore so let's not pretend we have an authoritative source -# This zoo.tar.gz archive was taken from opensuse -Source: zoo.tar.gz -Patch0: zoo.patch -Patch1: zoo-%{version}-tempfile.patch -Patch2: zoo-gcc.patch -Patch3: zoo-%{version}-CAN-2005-2349.patch -Patch4: zoo-return.patch -Patch5: zoo-security_pathsize.patch -Patch6: zoo-%{version}-febz-183426.patch -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) - - -%description -zoo is a file archiving utility for maintaining collections of files. -It uses Lempel-Ziv compression to provide space savings in the -range of 20 to 80 percent depending on the type of data. Written by -Rahul Dhesi, and posted to the USENET newsgroup comp.sources.misc. - - -%prep -%setup -q -n %{name} -%patch0 -%patch1 -p1 -%patch2 -p1 -b .gcc4 -%patch3 -b .can -%patch4 -%patch5 -b .pathsize -%patch6 -p1 -b .febz183426 - - -%build -make %{?_smp_mflags} OPTIM="-fstack-protector-all %{optflags}" linux - - -%install -rm -fr %{buildroot} -install -d -m 0755 %{buildroot}%{_bindir} \ - %{buildroot}%{_mandir}/man1 - -install -m 0755 fiz zoo %{buildroot}%{_bindir}/ -install -m 0644 fiz.1 zoo.1 %{buildroot}%{_mandir}/man1/ - - -%clean -rm -fr %{buildroot} - - -%files -%defattr(0644, root, root, 0755) -%doc %{_mandir}/man1/* -%attr(0755,root,root) %{_bindir}/* - - -%changelog -* Sat Mar 4 2006 Nicolas Mailhot - 2.10-8 -- use -fstack-protector-all - -* Sat Mar 4 2006 Nicolas Mailhot - 2.10-7 -- rebase on OpenSuse 2.10-866 package as the OpenSuse team did some nice - cleanups -- drop our fix to CVE-2006-0855 for the OpenSuse one -- add bug #183109 fix - -* Sun Feb 26 2006 Nicolas Mailhot - 2.10-6 -- apply preliminary patch for bug #183109 (just to be sure) - -* Mon Feb 13 2006 Nicolas Mailhot - 2.10-5 -- rebuilt for new gcc4.1 snapshot and glibc changes - -* Mon Jun 16 2005 Nicolas Mailhot - 2.10-4 -- rebuild with gcc 4.1 - -* Tue Apr 05 2005 Adrian Reber - 2.10-3 -- fix gcc4 errors - -* Sun Apr 25 2004 Nicolas Mailhot - 0:2.10-0.fdr.2 -* Use debian source - -* Tue Apr 20 2004 Nicolas Mailhot - 0:2.10-0.fdr.1 -* Fedorization - -* Sat Dec 06 2003 Dag Wieers - 2.10-1 -- Patch to build on RHFC1. - -* Sun Jan 26 2003 Dag Wieers - 2.10-0 -- Initial package. (using DAR)