guix-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

02/15: gnu: Remove libevent@2.0.


From: guix-commits
Subject: 02/15: gnu: Remove address@hidden
Date: Mon, 3 Jun 2019 16:32:23 -0400 (EDT)

mbakke pushed a commit to branch master
in repository guix.

commit d3e3a6adcd77abdf6c8253b5c13ac0d3a3d80fdd
Author: Marius Bakke <address@hidden>
Date:   Thu May 30 13:55:44 2019 +0200

    gnu: Remove address@hidden
    
    * gnu/packages/patches/libevent-2.0-CVE-2016-10195.patch,
    gnu/packages/patches/libevent-2.0-CVE-2016-10196.patch,
    gnu/packages/patches/libevent-2.0-CVE-2016-10197.patch,
    gnu/packages/patches/libevent-2.0-evbuffer-add-use-last-with-datap.patch,
    gnu/packages/patches/libevent-dns-tests.patch: Delete files.
    * gnu/local.mk (dist_patch_DATA): Adjust accordingly.
    * gnu/packages/libevent.scm (libevevent-2.0): Remove variable.
---
 gnu/local.mk                                       |  5 ---
 gnu/packages/libevent.scm                          | 21 -----------
 .../patches/libevent-2.0-CVE-2016-10195.patch      | 41 ----------------------
 .../patches/libevent-2.0-CVE-2016-10196.patch      | 41 ----------------------
 .../patches/libevent-2.0-CVE-2016-10197.patch      | 39 --------------------
 ...vent-2.0-evbuffer-add-use-last-with-datap.patch | 38 --------------------
 gnu/packages/patches/libevent-dns-tests.patch      | 16 ---------
 7 files changed, 201 deletions(-)

diff --git a/gnu/local.mk b/gnu/local.mk
index 55a8fcd..b099254 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -985,11 +985,6 @@ dist_patch_DATA =                                          
\
   %D%/packages/patches/libcroco-CVE-2017-7960.patch            \
   %D%/packages/patches/libcroco-CVE-2017-7961.patch            \
   %D%/packages/patches/libdrm-symbol-check.patch               \
-  %D%/packages/patches/libevent-dns-tests.patch                        \
-  %D%/packages/patches/libevent-2.0-CVE-2016-10195.patch       \
-  %D%/packages/patches/libevent-2.0-CVE-2016-10196.patch       \
-  %D%/packages/patches/libevent-2.0-CVE-2016-10197.patch       \
-  %D%/packages/patches/libevent-2.0-evbuffer-add-use-last-with-datap.patch     
\
   %D%/packages/patches/libexif-CVE-2016-6328.patch             \
   %D%/packages/patches/libexif-CVE-2017-7544.patch             \
   %D%/packages/patches/libgcrypt-make-yat2m-reproducible.patch \
diff --git a/gnu/packages/libevent.scm b/gnu/packages/libevent.scm
index 466e474..7982a12 100644
--- a/gnu/packages/libevent.scm
+++ b/gnu/packages/libevent.scm
@@ -72,27 +72,6 @@ then add or remove events dynamically without having to 
change the event
 loop.")
     (license bsd-3)))
 
-(define-public libevent-2.0
-  (package
-    (inherit libevent)
-    (version "2.0.22")
-    (source (origin
-              (method url-fetch)
-              (uri (string-append
-                    
"https://github.com/libevent/libevent/releases/download/release-";
-                    version "-stable/libevent-" version "-stable.tar.gz"))
-              (sha256
-               (base32
-                "18qz9qfwrkakmazdlwxvjmw8p76g70n3faikwvdwznns1agw9hki"))
-              (patches
-               (search-patches
-                "libevent-dns-tests.patch"
-                "libevent-2.0-CVE-2016-10195.patch"
-                "libevent-2.0-CVE-2016-10196.patch"
-                "libevent-2.0-CVE-2016-10197.patch"
-                "libevent-2.0-evbuffer-add-use-last-with-datap.patch"))))
-    (arguments '())))
-
 (define-public libev
   (package
     (name "libev")
diff --git a/gnu/packages/patches/libevent-2.0-CVE-2016-10195.patch 
b/gnu/packages/patches/libevent-2.0-CVE-2016-10195.patch
deleted file mode 100644
index bffe2c4..0000000
--- a/gnu/packages/patches/libevent-2.0-CVE-2016-10195.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-Fix CVE-2016-10195 (buffer overread in libevent's DNS code):
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10195
-https://github.com/libevent/libevent/issues/317
-
-Patch copied from upstream source repository:
-
-https://github.com/libevent/libevent/commit/96f64a022014a208105ead6c8a7066018449d86d
-
-From 3c570970516f48da35f42fef98276531fcc0abaa Mon Sep 17 00:00:00 2001
-From: Azat Khuzhin <address@hidden>
-Date: Mon, 1 Feb 2016 17:32:09 +0300
-Subject: [PATCH] evdns: name_parse(): fix remote stack overread
-
----
- evdns.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/evdns.c b/evdns.c
-index 60b10485..137c24ea 100644
---- a/evdns.c
-+++ b/evdns.c
-@@ -960,7 +960,6 @@ name_parse(u8 *packet, int length, int *idx, char 
*name_out, int name_out_len) {
- 
-       for (;;) {
-               u8 label_len;
--              if (j >= length) return -1;
-               GET8(label_len);
-               if (!label_len) break;
-               if (label_len & 0xc0) {
-@@ -981,6 +980,7 @@ name_parse(u8 *packet, int length, int *idx, char 
*name_out, int name_out_len) {
-                       *cp++ = '.';
-               }
-               if (cp + label_len >= end) return -1;
-+              if (j + label_len > length) return -1;
-               memcpy(cp, packet + j, label_len);
-               cp += label_len;
-               j += label_len;
--- 
-2.11.0
-
diff --git a/gnu/packages/patches/libevent-2.0-CVE-2016-10196.patch 
b/gnu/packages/patches/libevent-2.0-CVE-2016-10196.patch
deleted file mode 100644
index 03f96e9..0000000
--- a/gnu/packages/patches/libevent-2.0-CVE-2016-10196.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-Fix CVE-2016-10196 (buffer overflow in evutil):
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10196
-https://github.com/libevent/libevent/issues/318
-
-Patch copied from upstream source repository:
-
-https://github.com/libevent/libevent/commit/329acc18a0768c21ba22522f01a5c7f46cacc4d5
-
-From 28bdc2f3f62259d21ccaf7be2b60ef0a53e6f342 Mon Sep 17 00:00:00 2001
-From: Azat Khuzhin <address@hidden>
-Date: Sun, 31 Jan 2016 00:57:16 +0300
-Subject: [PATCH] evutil_parse_sockaddr_port(): fix buffer overflow
-
----
- evutil.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/evutil.c b/evutil.c
-index 33445170..e2dfe6e4 100644
---- a/evutil.c
-+++ b/evutil.c
-@@ -1808,12 +1808,12 @@ evutil_parse_sockaddr_port(const char *ip_as_string, 
struct sockaddr *out, int *
- 
-       cp = strchr(ip_as_string, ':');
-       if (*ip_as_string == '[') {
--              int len;
-+              size_t len;
-               if (!(cp = strchr(ip_as_string, ']'))) {
-                       return -1;
-               }
--              len = (int) ( cp-(ip_as_string + 1) );
--              if (len > (int)sizeof(buf)-1) {
-+              len = ( cp-(ip_as_string + 1) );
-+              if (len > sizeof(buf)-1) {
-                       return -1;
-               }
-               memcpy(buf, ip_as_string+1, len);
--- 
-2.11.0
-
diff --git a/gnu/packages/patches/libevent-2.0-CVE-2016-10197.patch 
b/gnu/packages/patches/libevent-2.0-CVE-2016-10197.patch
deleted file mode 100644
index c62a328..0000000
--- a/gnu/packages/patches/libevent-2.0-CVE-2016-10197.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-Fix CVE-2016-10197 (out of bounds read on empty hostnames in evdns):
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10197
-https://github.com/libevent/libevent/issues/332
-
-Patch copied from upstream source repository:
-
-https://github.com/libevent/libevent/commit/ec65c42052d95d2c23d1d837136d1cf1d9ecef9e
-
-From a0305cec166a5bc89f1eb362510cc4cd25ecc0bc Mon Sep 17 00:00:00 2001
-From: Azat Khuzhin <address@hidden>
-Date: Fri, 25 Mar 2016 00:33:47 +0300
-Subject: [PATCH] evdns: fix searching empty hostnames
-
----
- evdns.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/evdns.c b/evdns.c
-index 137c24ea..6191c677 100644
---- a/evdns.c
-+++ b/evdns.c
-@@ -3122,9 +3122,12 @@ search_set_from_hostname(struct evdns_base *base) {
- static char *
- search_make_new(const struct search_state *const state, int n, const char 
*const base_name) {
-       const size_t base_len = strlen(base_name);
--      const char need_to_append_dot = base_name[base_len - 1] == '.' ? 0 : 1;
-+      char need_to_append_dot;
-       struct search_domain *dom;
- 
-+      if (!base_len) return NULL;
-+      need_to_append_dot = base_name[base_len - 1] == '.' ? 0 : 1;
-+
-       for (dom = state->head; dom; dom = dom->next) {
-               if (!n--) {
-                       /* this is the postfix we want */
--- 
-2.11.0
-
diff --git 
a/gnu/packages/patches/libevent-2.0-evbuffer-add-use-last-with-datap.patch 
b/gnu/packages/patches/libevent-2.0-evbuffer-add-use-last-with-datap.patch
deleted file mode 100644
index 0253700..0000000
--- a/gnu/packages/patches/libevent-2.0-evbuffer-add-use-last-with-datap.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From a8769ef12d7e223e33fc47bed03fba2bfa2f3536 Mon Sep 17 00:00:00 2001
-From: Marcus Sundberg <address@hidden>
-Date: Sat, 26 Mar 2016 20:11:43 +0100
-Subject: [PATCH] evbuffer_add: Use last_with_datap if set, not last.
-
-evbuffer_add() would always put data in the last chain, even if there
-was available space in a previous chain, and in doing so it also
-failed to update last_with_datap, causing subsequent calls to other
-functions that do look at last_with_datap to add data in the middle
-of the evbuffer instead of at the end.
-
-Fixes the evbuffer_add() part of issue #335, and the evbuffer/add2 and
-evbuffer/add3 tests, and also prevents wasting space available in the
-chain pointed to by last_with_datap.
----
- buffer.c | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/buffer.c b/buffer.c
-index 7cca0e8a..f378b731 100644
---- a/buffer.c
-+++ b/buffer.c
-@@ -1732,7 +1732,11 @@ evbuffer_add(struct evbuffer *buf, const void *data_in, 
size_t datlen)
-               goto done;
-       }
- 
--      chain = buf->last;
-+      if (*buf->last_with_datap == NULL) {
-+              chain = buf->last;
-+      } else {
-+              chain = *buf->last_with_datap;
-+      }
- 
-       /* If there are no chains allocated for this buffer, allocate one
-        * big enough to hold all the data. */
--- 
-2.12.0
-
diff --git a/gnu/packages/patches/libevent-dns-tests.patch 
b/gnu/packages/patches/libevent-dns-tests.patch
deleted file mode 100644
index 6ff8aaa..0000000
--- a/gnu/packages/patches/libevent-dns-tests.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-Disable tests that rely on usable DNS lookups, which aren't available
-in build chroots.
-
---- libevent-2.0.21-stable/test/regress_dns.c  2013-01-20 22:32:09.000000000 
+0100
-+++ libevent-2.0.21-stable/test/regress_dns.c  2013-01-20 22:32:30.000000000 
+0100
-@@ -1827,10 +1827,6 @@ end:
- 
- struct testcase_t dns_testcases[] = {
-       DNS_LEGACY(server, TT_FORK|TT_NEED_BASE),
--      DNS_LEGACY(gethostbyname, TT_FORK|TT_NEED_BASE|TT_NEED_DNS),
--      DNS_LEGACY(gethostbyname6, TT_FORK|TT_NEED_BASE|TT_NEED_DNS),
--      DNS_LEGACY(gethostbyaddr, TT_FORK|TT_NEED_BASE|TT_NEED_DNS),
--      { "resolve_reverse", dns_resolve_reverse, TT_FORK, NULL, NULL },
-       { "search", dns_search_test, TT_FORK|TT_NEED_BASE, &basic_setup, NULL },
-       { "search_cancel", dns_search_cancel_test,
-         TT_FORK|TT_NEED_BASE, &basic_setup, NULL },



reply via email to

[Prev in Thread] Current Thread [Next in Thread]