mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2026-02-27 10:31:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

app-arch/tar: Sync with Gentoo

Browse Source 
It's from Gentoo commit 92715eee7f0a9f270a21e2b86a5465a1b06bb477.
This commit is contained in:
Flatcar Buildbot 2025-03-31 07:05:12 +00:00
parent a4aec59183
commit d024fba869
3 changed files with 0 additions and 140 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sdk_container/src/third_party/portage-stable/app-arch/tar/Manifest vendored
View File

@ -1,4 +1,2 @@
DIST tar-1.34.tar.xz 2226068 BLAKE2B 741a662457509a6775338ffe5d2d84872fcf38b93ace70c8b748a81055b9b62f65a48c4e541955d08ae99e6f528509e89eacd7c799a65bcc3d017a259110c115 SHA512 5e77c4a7b49983ad7d15238c2bce28be7a8aa437b4b1815fc00abd13096da308b6bba196cc6e3ed79d85e62823d520ae0d8fcda2d93873842cf84dc3369fc902
DIST tar-1.34.tar.xz.sig 181 BLAKE2B 2fae91293a9dacda0374706e1f83498042a9d5224f80f6f0e14abdb914cb5a8e980f720eb4a453485844c7fe26e0525f230c0eab11c7fa89159a1a929370795c SHA512 55297f41549deee511f5b14c6b5dc7bb3d9282dad52bcc85f9dddfad24b677f989ba86387ad9b133c3698feedbd6b6cd7e9f005e8e4c89f72c80543eeceb78f7
DIST tar-1.35.tar.xz 2317208 BLAKE2B e1a200d21f433cd7d917dd979db16919a9167056ae62cf7d038a6118e56b2fe419cd4a396eee66f1f4dc13a8dc380e23f6ffd7ee0ca84e5dd9ad9411f60e002c SHA512 8b84ed661e6c878fa33eb5c1808d20351e6f40551ac63f96014fb0d0b9c72d5d94d8865d39e36bcb184fd250f84778a3b271bbd8bd2ceb69eece0c3568577510
DIST tar-1.35.tar.xz.sig 95 BLAKE2B 8501b55b700bc99b81f04519db1cd8f7bc3d87dd5bfefa25a3d979b23359f02dfb770f3dd66dca275baa70a99612cb85c1019faaf3a1f0bcf50c9815b8e32eca SHA512 00e5c95bf8015f75f59556a82ed7f50bddefe89754c7ff3c19411aee2f37626a5d65c33e18b87f7f8f96388d3f175fd095917419a3ad1c0fc9d6188088bac944

32
sdk_container/src/third_party/portage-stable/app-arch/tar/files/tar-1.34-fix-cve-2022-48303.patch vendored
View File

@ -1,32 +0,0 @@
Gentoo Bug: https://bugs.gentoo.org/898176
Upstream Commit Link: https://git.savannah.gnu.org/cgit/tar.git/commit/?id=3da78400eafcccb97e2f2fd4b227ea40d794ede8
From 3da78400eafcccb97e2f2fd4b227ea40d794ede8 Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org>
Date: Sat, 11 Feb 2023 11:57:39 +0200
Subject: [PATCH] Fix boundary checking in base-256 decoder
* src/list.c (from_header): Base-256 encoding is at least 2 bytes
long.
---
src/list.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/list.c b/src/list.c
index 9fafc425..86bcfdd1 100644
--- a/src/list.c
+++ b/src/list.c
@@ -881,8 +881,9 @@ from_header (char const *where0, size_t digs, char const *type,
where++;
}
}
- else if (*where == '\200' /* positive base-256 */
- || *where == '\377' /* negative base-256 */)
+ else if (where <= lim - 2
+ && (*where == '\200' /* positive base-256 */
+ || *where == '\377' /* negative base-256 */))
{
/* Parse base-256 output. A nonnegative number N is
represented as (256**DIGS)/2 + N; a negative number -N is
--
2.39.2.637.g21b0678d19-goog

106
sdk_container/src/third_party/portage-stable/app-arch/tar/tar-1.34-r3.ebuild vendored
View File

@ -1,106 +0,0 @@
# Copyright 1999-2023 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/tar.asc
inherit verify-sig
DESCRIPTION="Use this to make tarballs :)"
HOMEPAGE="https://www.gnu.org/software/tar/"
SRC_URI="mirror://gnu/tar/${P}.tar.xz
https://alpha.gnu.org/gnu/tar/${P}.tar.xz"
SRC_URI+=" verify-sig? (
mirror://gnu/tar/${P}.tar.xz.sig
https://alpha.gnu.org/gnu/tar/${P}.tar.xz.sig
)"
LICENSE="GPL-3+"
SLOT="0"
if [[ -z "$(ver_cut 3)" ]] || [[ "$(ver_cut 3)" -lt 90 ]] ; then
KEYWORDS="~alpha amd64 arm arm64 hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
fi
IUSE="acl minimal nls selinux xattr"
RDEPEND="
acl? ( virtual/acl )
selinux? ( sys-libs/libselinux )
"
DEPEND="${RDEPEND}
xattr? ( elibc_glibc? ( sys-apps/attr ) )
"
BDEPEND="
nls? ( sys-devel/gettext )
verify-sig? ( sec-keys/openpgp-keys-tar )
"
PDEPEND="
app-alternatives/tar
"
PATCHES=(
"${FILESDIR}"/${P}-fix-cve-2022-48303.patch
)
src_configure() {
# -fanalyzer doesn't make sense for us in ebuilds, as it's for static analysis
export gl_cv_warn_c__fanalyzer=no
local myeconfargs=(
--bindir="${EPREFIX}"/bin
# Avoid -Werror
--disable-gcc-warnings
--enable-backup-scripts
--libexecdir="${EPREFIX}"/usr/sbin
$(use_with acl posix-acls)
$(use_enable nls)
$(use_with selinux)
$(use_with xattr xattrs)
# autoconf looks for gtar before tar (in configure scripts), hence
# in Prefix it is important that it is there, otherwise, a gtar from
# the host system (FreeBSD, Solaris, Darwin) will be found instead
# of the Prefix provided (GNU) tar
--program-prefix=g
)
FORCE_UNSAFE_CONFIGURE=1 econf "${myeconfargs[@]}"
}
src_install() {
default
# a nasty yet required piece of baggage
exeinto /etc
doexe "${FILESDIR}"/rmt
mv "${ED}"/usr/sbin/{gbackup,backup-tar} || die
mv "${ED}"/usr/sbin/{grestore,restore-tar} || die
mv "${ED}"/usr/sbin/{g,}backup.sh || die
mv "${ED}"/usr/sbin/{g,}dump-remind || die
if use minimal ; then
find "${ED}"/etc "${ED}"/*bin/ "${ED}"/usr/*bin/ \
-type f -a '!' -name gtar \
-delete || die
fi
if ! use minimal; then
dosym grmt /usr/sbin/rmt
fi
dosym grmt.8 /usr/share/man/man8/rmt.8
}
pkg_postinst() {
# ensure to preserve the symlink before app-alternatives/tar
# is installed
if [[ ! -h ${EROOT}/bin/tar ]]; then
if [[ -e ${EROOT}/usr/bin/tar ]] ; then
# bug #904887
ewarn "${EROOT}/usr/bin/tar exists but is not a symlink."
ewarn "This is expected during Prefix bootstrap and unusual otherwise."
ewarn "Moving away unexpected ${EROOT}/usr/bin/tar to .bak."
mv "${EROOT}/usr/bin/tar" "${EROOT}/usr/bin/tar.bak" || die
fi
ln -s gtar "${EROOT}/bin/tar" || die
fi
}