From b079f4d9e152cf1b3f09b5a6d8683a3c95311d84 Mon Sep 17 00:00:00 2001 From: Dongsu Park Date: Fri, 3 Sep 2021 13:13:56 +0200 Subject: [PATCH] dev-libs/nettle: update to 3.7.3 Update dev-libs/nettle to 3.7.3, mainly to address CVE-2021-20305, CVE-2021-3580. Gentoo ref: c69c125888928ccff77d5e3d0e21b687dce434cd --- .../portage-stable/dev-libs/nettle/Manifest | 5 +- .../nettle/files/nettle-3.4.1-build.patch | 53 --------------- .../dev-libs/nettle/nettle-3.4.1.ebuild | 67 ------------------- .../dev-libs/nettle/nettle-3.5.1-r1.ebuild | 63 ----------------- ...ttle-3.6-r3.ebuild => nettle-3.7.2.ebuild} | 34 +++++----- ...ttle-3.6-r2.ebuild => nettle-3.7.3.ebuild} | 35 +++++----- 6 files changed, 39 insertions(+), 218 deletions(-) delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/nettle/files/nettle-3.4.1-build.patch delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/nettle/nettle-3.4.1.ebuild delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/nettle/nettle-3.5.1-r1.ebuild rename sdk_container/src/third_party/portage-stable/dev-libs/nettle/{nettle-3.6-r3.ebuild => nettle-3.7.2.ebuild} (56%) rename sdk_container/src/third_party/portage-stable/dev-libs/nettle/{nettle-3.6-r2.ebuild => nettle-3.7.3.ebuild} (54%) diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/nettle/Manifest b/sdk_container/src/third_party/portage-stable/dev-libs/nettle/Manifest index 705ffd20ec..0d08f78268 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/nettle/Manifest +++ b/sdk_container/src/third_party/portage-stable/dev-libs/nettle/Manifest @@ -1,3 +1,2 @@ -DIST nettle-3.4.1.tar.gz 1947053 BLAKE2B 354318c46c28aeaaca611abe70298024ec12ff70aed53c741e43c1b5373361e5cffb03df7b8e86ef103a3b7770b2b4fe39fbca00b128f2b7ec810b3a4d9fd0fd SHA512 26aefbbe9927e90e28f271e56d2ba876611831222d0e1e1a58bdb75bbd50934fcd84418a4fe47b845f557e60a9786a72a4de2676c930447b104f2256aca7a54f -DIST nettle-3.5.1.tar.gz 1989593 BLAKE2B 40e527a4cc541674acc39072f2ebbab4b6ed1b043687d88c776ce9c58374538b111d282e0eea5424059260b0876c5cf01f97470c850e082c167b05a57e6c591a SHA512 f738121b9091cbe79435fb5d46b45cf6f10912320c233829356908127bab1cac6946ca56e022a832380c44f2c10f21d2feef64cb0f4f41e3da4a681dc0131784 -DIST nettle-3.6.tar.gz 2288173 BLAKE2B 45e08832e9c337f10d958956545c77f521b747b8abca56ce40c755adf352bdc2a79584b1e1c0e50f5ede0ac54794aabd6883601c53593b965aada744502789db SHA512 2471af875e51327af61af8bda53cd9c3adc27b6e32592a4b5b10b3ec60999ebf771ab9c54c747b0bade4b3b5a717e77fdbdb53699dd9e8a9ed4eee07f46aed51 +DIST nettle-3.7.2.tar.gz 2382309 BLAKE2B 0195f973afd76d33805de4621cd340a041144b24a20ccab03a58749dba82ea12b063f779aeeeb3f063be5e1bb74dec4c8c8f72b3dd01aff033e908a9f534ad01 SHA512 5f6edcc24ff620885b24394b31e55b494418c35dd63e6ece222ddabc58e793c44a82155051cc5759896ed5f014a8efd547f0aef6736a131e41651c5cab7c7211 +DIST nettle-3.7.3.tar.gz 2383985 BLAKE2B 8d8efbbff98fc1f3eff3296681d3d72346e78392f356aebfe80138ae6ae1ebf3695bd7f74b906beef0cf3625ba6d84bdb43c0f6707f54f4d98870d50c90ac9a3 SHA512 9901eba305421adff6d551ac7f478dff3f68a339d444c776724ab0b977fe6be792b1d2950c8705acbe76bd924fd6d898a65eded546777884be3b436d0e052437 diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/nettle/files/nettle-3.4.1-build.patch b/sdk_container/src/third_party/portage-stable/dev-libs/nettle/files/nettle-3.4.1-build.patch deleted file mode 100644 index 4351dfeb5b..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/nettle/files/nettle-3.4.1-build.patch +++ /dev/null @@ -1,53 +0,0 @@ -From f5a3a224bf00bef5669366d2ae23c2b2b13b8016 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Niels=20M=C3=B6ller?= -Date: Wed, 26 Dec 2018 11:04:31 +0100 -Subject: [PATCH] Fix accidental use of C99 for loop. - -* rsa-sign-tr.c (sec_equal): Fix accidental use of C99 for loop. -Reported by Andreas Gustafsson. -* testsuite/rsa-sec-decrypt-test.c (test_main): Likewise. ---- - ChangeLog | 6 ++++++ - rsa-sign-tr.c | 3 ++- - testsuite/rsa-sec-decrypt-test.c | 3 ++- - 3 files changed, 10 insertions(+), 2 deletions(-) - -diff --git a/rsa-sign-tr.c b/rsa-sign-tr.c -index 59c9bd07..f824c4ca 100644 ---- a/rsa-sign-tr.c -+++ b/rsa-sign-tr.c -@@ -239,8 +239,9 @@ static int - sec_equal(const mp_limb_t *a, const mp_limb_t *b, size_t limbs) - { - volatile mp_limb_t z = 0; -+ size_t i; - -- for (size_t i = 0; i < limbs; i++) -+ for (i = 0; i < limbs; i++) - { - z |= (a[i] ^ b[i]); - } -diff --git a/testsuite/rsa-sec-decrypt-test.c b/testsuite/rsa-sec-decrypt-test.c -index 64f0b13c..fb0ed3a1 100644 ---- a/testsuite/rsa-sec-decrypt-test.c -+++ b/testsuite/rsa-sec-decrypt-test.c -@@ -68,6 +68,7 @@ test_main(void) - unsigned n_size = 1024; - mpz_t gibberish; - mpz_t garbage; -+ size_t size; - - rsa_private_key_init(&key); - rsa_public_key_init(&pub); -@@ -78,7 +79,7 @@ test_main(void) - - memset(verifybad, 'A', PAYLOAD_SIZE); - -- for (size_t size = 1; size < 51; size++) -+ for (size = 1; size < 51; size++) - { - ASSERT (rsa_generate_keypair(&pub, &key, &random_ctx, - (nettle_random_func *) knuth_lfib_random, --- -2.18.1 - diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/nettle/nettle-3.4.1.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/nettle/nettle-3.4.1.ebuild deleted file mode 100644 index 1aae4439bf..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/nettle/nettle-3.4.1.ebuild +++ /dev/null @@ -1,67 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit autotools multilib-build multilib-minimal multilib toolchain-funcs - -DESCRIPTION="Low-level cryptographic library" -HOMEPAGE="http://www.lysator.liu.se/~nisse/nettle/" -SRC_URI="mirror://gnu/${PN}/${P}.tar.gz" - -LICENSE="|| ( LGPL-3 LGPL-2.1 )" -SLOT="0/6.2" # subslot = libnettle soname version, .2 as broke ABI bug#601512 then fixed -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~mips ppc ppc64 ~riscv s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -IUSE="doc +gmp neon static-libs test cpu_flags_x86_aes" -RESTRICT="!test? ( test )" - -DEPEND="gmp? ( >=dev-libs/gmp-6.0:0=[static-libs?,${MULTILIB_USEDEP}] )" -RDEPEND="${DEPEND}" - -MULTILIB_WRAPPED_HEADERS=( - /usr/include/nettle/nettle-stdint.h - /usr/include/nettle/version.h -) - -DOCS=() -HTML_DOCS=() - -PATCHES=( - "${FILESDIR}/${P}-build.patch" -) - -pkg_setup() { - use doc && DOCS+=( - nettle.pdf - ) - use doc && HTML_DOCS+=( - nettle.html - ) -} - -src_prepare() { - default - - sed -e '/CFLAGS=/s: -ggdb3::' \ - -e 's/solaris\*)/sunldsolaris*)/' \ - -i configure.ac || die - - # conditionally build tests and examples required by tests - use test || sed -i '/SUBDIRS/s/testsuite examples//' Makefile.in || die - - eautoreconf -} - -multilib_src_configure() { - # --disable-openssl bug #427526 - ECONF_SOURCE="${S}" econf \ - --libdir="${EPREFIX}"/usr/$(get_libdir) \ - --disable-openssl \ - --disable-fat \ - $(use_enable gmp public-key) \ - $(use_enable static-libs static) \ - $(tc-is-static-only && echo --disable-shared) \ - $(use_enable doc documentation) \ - $(use_enable neon arm-neon) \ - $(use_enable cpu_flags_x86_aes x86-aesni) -} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/nettle/nettle-3.5.1-r1.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/nettle/nettle-3.5.1-r1.ebuild deleted file mode 100644 index a0e936df64..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/nettle/nettle-3.5.1-r1.ebuild +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit autotools multilib-build multilib-minimal multilib toolchain-funcs - -DESCRIPTION="Low-level cryptographic library" -HOMEPAGE="http://www.lysator.liu.se/~nisse/nettle/" -SRC_URI="mirror://gnu/${PN}/${P}.tar.gz" - -LICENSE="|| ( LGPL-3 LGPL-2.1 )" -SLOT="0/7" # subslot = libnettle soname version -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~mips ppc ppc64 ~riscv s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -IUSE="+asm doc +gmp static-libs test cpu_flags_x86_aes cpu_flags_arm_neon cpu_flags_x86_sha" -RESTRICT="!test? ( test )" - -DEPEND="gmp? ( >=dev-libs/gmp-6.0:0=[static-libs?,${MULTILIB_USEDEP}] )" -RDEPEND="${DEPEND}" - -MULTILIB_WRAPPED_HEADERS=( - /usr/include/nettle/version.h -) - -DOCS=() -HTML_DOCS=() - -pkg_setup() { - use doc && DOCS+=( - nettle.pdf - ) - use doc && HTML_DOCS+=( - nettle.html - ) -} - -src_prepare() { - default - - # I do not see in config.sub reference to sunldsolaris. - # if someone complains readd - # -e 's/solaris\*)/sunldsolaris*)/' \ - sed -e '/CFLAGS=/s: -ggdb3::' \ - -i configure.ac || die - - eautoreconf -} - -multilib_src_configure() { - # --disable-openssl bug #427526 - ECONF_SOURCE="${S}" econf \ - $(tc-is-static-only && echo --disable-shared) \ - $(use_enable cpu_flags_x86_aes x86-aesni) \ - $(use_enable cpu_flags_x86_sha x86-sha-ni) \ - $(use_enable asm assembler) \ - $(use_enable doc documentation) \ - $(use_enable gmp public-key) \ - $(use_enable cpu_flags_arm_neon arm-neon) \ - $(use_enable static-libs static) \ - --disable-fat \ - --disable-openssl \ - --libdir="${EPREFIX}"/usr/$(get_libdir) -} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/nettle/nettle-3.6-r3.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/nettle/nettle-3.7.2.ebuild similarity index 56% rename from sdk_container/src/third_party/portage-stable/dev-libs/nettle/nettle-3.6-r3.ebuild rename to sdk_container/src/third_party/portage-stable/dev-libs/nettle/nettle-3.7.2.ebuild index a09c279122..88f5f2c3fe 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/nettle/nettle-3.6-r3.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/nettle/nettle-3.7.2.ebuild @@ -1,9 +1,9 @@ -# Copyright 1999-2020 Gentoo Authors +# Copyright 1999-2021 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=7 -inherit autotools multilib-build multilib-minimal multilib toolchain-funcs +inherit autotools multilib-build multilib-minimal toolchain-funcs DESCRIPTION="Low-level cryptographic library" HOMEPAGE="http://www.lysator.liu.se/~nisse/nettle/" @@ -11,7 +11,7 @@ SRC_URI="mirror://gnu/${PN}/${P}.tar.gz" LICENSE="|| ( LGPL-3 LGPL-2.1 )" SLOT="0/8-6" # subslot = libnettle - libhogweed soname version -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" IUSE="+asm doc +gmp static-libs test cpu_flags_x86_aes cpu_flags_arm_neon cpu_flags_x86_sha" RESTRICT="!test? ( test )" @@ -48,18 +48,20 @@ src_prepare() { } multilib_src_configure() { - # --disable-openssl bug #427526 - ECONF_SOURCE="${S}" econf \ - CC_FOR_BUILD="$(tc-getBUILD_CC)" \ - $(tc-is-static-only && echo --disable-shared) \ - $(use_enable cpu_flags_x86_aes x86-aesni) \ - $(use_enable cpu_flags_x86_sha x86-sha-ni) \ - $(use_enable asm assembler) \ - $(use_enable doc documentation) \ - $(use_enable gmp public-key) \ - $(use_enable cpu_flags_arm_neon arm-neon) \ - $(use_enable static-libs static) \ - --disable-fat \ - --disable-openssl \ + local myeconfargs=( + CC_FOR_BUILD="$(tc-getBUILD_CC)" + $(tc-is-static-only && echo --disable-shared) + $(use_enable cpu_flags_x86_aes x86-aesni) + $(use_enable cpu_flags_x86_sha x86-sha-ni) + $(use_enable asm assembler) + $(use_enable doc documentation) + $(use_enable gmp public-key) + $(use_enable cpu_flags_arm_neon arm-neon) + $(use_enable static-libs static) + --disable-fat + # --disable-openssl bug #427526 + --disable-openssl --libdir="${EPREFIX}"/usr/$(get_libdir) + ) + ECONF_SOURCE="${S}" econf "${myeconfargs[@]}" } diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/nettle/nettle-3.6-r2.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/nettle/nettle-3.7.3.ebuild similarity index 54% rename from sdk_container/src/third_party/portage-stable/dev-libs/nettle/nettle-3.6-r2.ebuild rename to sdk_container/src/third_party/portage-stable/dev-libs/nettle/nettle-3.7.3.ebuild index 57e545cca8..88f5f2c3fe 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/nettle/nettle-3.6-r2.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/nettle/nettle-3.7.3.ebuild @@ -1,9 +1,9 @@ -# Copyright 1999-2020 Gentoo Authors +# Copyright 1999-2021 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=7 -inherit autotools multilib-build multilib-minimal multilib toolchain-funcs +inherit autotools multilib-build multilib-minimal toolchain-funcs DESCRIPTION="Low-level cryptographic library" HOMEPAGE="http://www.lysator.liu.se/~nisse/nettle/" @@ -11,12 +11,13 @@ SRC_URI="mirror://gnu/${PN}/${P}.tar.gz" LICENSE="|| ( LGPL-3 LGPL-2.1 )" SLOT="0/8-6" # subslot = libnettle - libhogweed soname version -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~mips ppc ppc64 ~riscv s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" IUSE="+asm doc +gmp static-libs test cpu_flags_x86_aes cpu_flags_arm_neon cpu_flags_x86_sha" RESTRICT="!test? ( test )" DEPEND="gmp? ( >=dev-libs/gmp-6.1:0=[static-libs?,${MULTILIB_USEDEP}] )" RDEPEND="${DEPEND}" +BDEPEND="doc? ( sys-apps/texinfo )" MULTILIB_WRAPPED_HEADERS=( /usr/include/nettle/version.h @@ -47,18 +48,20 @@ src_prepare() { } multilib_src_configure() { - # --disable-openssl bug #427526 - ECONF_SOURCE="${S}" econf \ - CC_FOR_BUILD="$(tc-getBUILD_CC)" \ - $(tc-is-static-only && echo --disable-shared) \ - $(use_enable cpu_flags_x86_aes x86-aesni) \ - $(use_enable cpu_flags_x86_sha x86-sha-ni) \ - $(use_enable asm assembler) \ - $(use_enable doc documentation) \ - $(use_enable gmp public-key) \ - $(use_enable cpu_flags_arm_neon arm-neon) \ - $(use_enable static-libs static) \ - --disable-fat \ - --disable-openssl \ + local myeconfargs=( + CC_FOR_BUILD="$(tc-getBUILD_CC)" + $(tc-is-static-only && echo --disable-shared) + $(use_enable cpu_flags_x86_aes x86-aesni) + $(use_enable cpu_flags_x86_sha x86-sha-ni) + $(use_enable asm assembler) + $(use_enable doc documentation) + $(use_enable gmp public-key) + $(use_enable cpu_flags_arm_neon arm-neon) + $(use_enable static-libs static) + --disable-fat + # --disable-openssl bug #427526 + --disable-openssl --libdir="${EPREFIX}"/usr/$(get_libdir) + ) + ECONF_SOURCE="${S}" econf "${myeconfargs[@]}" }