svn commit: r474699 - in head/devel/upp: . files
Fernando Apesteguía
fernape at FreeBSD.org
Sun Jul 15 15:19:54 UTC 2018
Author: fernape
Date: Sun Jul 15 15:19:52 2018
New Revision: 474699
URL: https://svnweb.freebsd.org/changeset/ports/474699
Log:
devel/upp: update to 11873
Maintainer timed out.
PR: 227414
Submitted by: lightside at gmx.com
Approved by: tcberner (mentor)
Security: CVE-2018-8740
Differential Revision: https://reviews.freebsd.org/D16017
Added:
head/devel/upp/files/
head/devel/upp/files/patch-uppsrc_plugin_sqlite3_lib_sqlite3.c (contents, props changed)
Modified:
head/devel/upp/Makefile
head/devel/upp/distinfo
Modified: head/devel/upp/Makefile
==============================================================================
--- head/devel/upp/Makefile Sun Jul 15 15:18:45 2018 (r474698)
+++ head/devel/upp/Makefile Sun Jul 15 15:19:52 2018 (r474699)
@@ -2,9 +2,9 @@
# $FreeBSD$
PORTNAME= upp
-DISTVERSION= 11540
+DISTVERSION= 11873
CATEGORIES= devel x11-toolkits
-MASTER_SITES= SF/${PORTNAME}/${PORTNAME}/2017.2/
+MASTER_SITES= SF/${PORTNAME}/${PORTNAME}/2018.1/
DISTNAME= ${PORTNAME}-x11-src-${PORTVERSION}
MAINTAINER= m.sund at arcor.de
@@ -70,6 +70,8 @@ LLD_UNSAFE= yes
CXXFLAGS+= -Wno-logical-op-parentheses
.endif
+CXXFLAGS_i386+= -msse2
+
post-patch: .SILENT
${CP} ${BUILD_WRKSRC}/Makefile.in ${BUILD_WRKSRC}/Makefile
${CP} ${BUILD_WRKSRC}/uMakefile.in ${BUILD_WRKSRC}/uMakefile
@@ -125,7 +127,7 @@ do-build-UMK-on:
do-install:
(cd ${WRKSRC} && ${COPYTREE_SHARE} "${PORTDATA}" ${STAGEDIR}${DATADIR} \
- "-not ( -type d -empty )")
+ "-not ( -type d -empty ) -o -name '*.orig'")
(cd ${STAGEDIR}${DATADIR}/uppsrc && ${RM} build_info.h *Makefile*)
do-install-IDE-on:
Modified: head/devel/upp/distinfo
==============================================================================
--- head/devel/upp/distinfo Sun Jul 15 15:18:45 2018 (r474698)
+++ head/devel/upp/distinfo Sun Jul 15 15:19:52 2018 (r474699)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1512832900
-SHA256 (upp-x11-src-11540.tar.gz) = 85707d7b545f262b58bdd783c27aff2357548a3db01bf0f9287a10c90ae01420
-SIZE (upp-x11-src-11540.tar.gz) = 56513312
+TIMESTAMP = 1522479324
+SHA256 (upp-x11-src-11873.tar.gz) = 0231b768830db96257ebf7a9cc1aaff05017aa40a2ea6dfa577de7232c1cd07b
+SIZE (upp-x11-src-11873.tar.gz) = 56167504
Added: head/devel/upp/files/patch-uppsrc_plugin_sqlite3_lib_sqlite3.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/devel/upp/files/patch-uppsrc_plugin_sqlite3_lib_sqlite3.c Sun Jul 15 15:19:52 2018 (r474699)
@@ -0,0 +1,36 @@
+# Fix for CVE-2018-8740: https://nvd.nist.gov/vuln/detail/CVE-2018-8740
+# Detect databases whose schema is corrupted using a CREATE TABLE AS statement and issue an appropriate error message.
+# Commit [d75e6765]: https://www.sqlite.org/src/info/d75e67654aa9620b
+# Description: https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1756349
+
+--- uppsrc/plugin/sqlite3/lib/sqlite3.c.orig 2018-03-31 06:10:16 UTC
++++ uppsrc/plugin/sqlite3/lib/sqlite3.c
+@@ -103474,8 +103474,6 @@ SQLITE_PRIVATE void sqlite3EndTable(
+ p = pParse->pNewTable;
+ if( p==0 ) return;
+
+- assert( !db->init.busy || !pSelect );
+-
+ /* If the db->init.busy is 1 it means we are reading the SQL off the
+ ** "sqlite_master" or "sqlite_temp_master" table on the disk.
+ ** So do not write to the disk again. Extract the root page number
+@@ -103486,6 +103484,10 @@ SQLITE_PRIVATE void sqlite3EndTable(
+ ** table itself. So mark it read-only.
+ */
+ if( db->init.busy ){
++ if( pSelect ){
++ sqlite3ErrorMsg(pParse, "");
++ return;
++ }
+ p->tnum = db->init.newTnum;
+ if( p->tnum==1 ) p->tabFlags |= TF_Readonly;
+ }
+@@ -117813,7 +117815,7 @@ static void corruptSchema(
+ char *z;
+ if( zObj==0 ) zObj = "?";
+ z = sqlite3MPrintf(db, "malformed database schema (%s)", zObj);
+- if( zExtra ) z = sqlite3MPrintf(db, "%z - %s", z, zExtra);
++ if( zExtra && zExtra[0] ) z = sqlite3MPrintf(db, "%z - %s", z, zExtra);
+ sqlite3DbFree(db, *pData->pzErrMsg);
+ *pData->pzErrMsg = z;
+ }
More information about the svn-ports-all
mailing list