[Frugalware-git] frugalware-0.7: boost-1.34.0-6sayshell1-i686

Sun, 09 Mar 2008 04:56:49 -0700 

Git-Url: 
http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-0.7.git;a=commitdiff;h=02cc47a0b5dd70d77e90c143d0b05fa46654994c

commit 02cc47a0b5dd70d77e90c143d0b05fa46654994c
Author: Miklos Vajna <[EMAIL PROTECTED]>
Date:   Sun Mar 9 12:56:07 2008 +0100

boost-1.34.0-6sayshell1-i686
- added CVE-2008-0171.patch and CVE-2008-0172.patch
- closes #2720

diff --git a/source/devel-extra/boost/CVE-2008-0171.patch 
b/source/devel-extra/boost/CVE-2008-0171.patch
new file mode 100644
index 0000000..3226b2e
--- /dev/null
+++ b/source/devel-extra/boost/CVE-2008-0171.patch
@@ -0,0 +1,19 @@
+Index: /libs/regex/test/regress/test_perl_ex.cpp
+===================================================================
+--- /libs/regex/test/regress/test_perl_ex.cpp (revision 30980)
++++ /libs/regex/test/regress/test_perl_ex.cpp (revision 42674)
+@@ -122,4 +122,15 @@
+    TEST_INVALID_REGEX("(?:(a)|b)(?(?<", perl);
+    TEST_INVALID_REGEX("(?:(a)|b)(?(?<a", perl);
++
++   TEST_INVALID_REGEX("(?(?!#?)+)", perl);
++   TEST_INVALID_REGEX("(?(?=:-){0})", perl);
++   TEST_INVALID_REGEX("(?(123){1})", perl);
++   TEST_INVALID_REGEX("(?(?<=A)*)", perl);
++   TEST_INVALID_REGEX("(?(?<=A)+)", perl);
++
++   TEST_INVALID_REGEX("(?<!*|^)", perl);
++   TEST_INVALID_REGEX("(?<!*|A)", perl);
++   TEST_INVALID_REGEX("(?<=?|A)", perl);
++   TEST_INVALID_REGEX("(?<=*|\B)", perl);
+ }
diff --git a/source/devel-extra/boost/CVE-2008-0172.patch 
b/source/devel-extra/boost/CVE-2008-0172.patch
new file mode 100644
index 0000000..e4aa614
--- /dev/null
+++ b/source/devel-extra/boost/CVE-2008-0172.patch
@@ -0,0 +1,30 @@
+Index: /boost/regex/v4/basic_regex_parser.hpp
+===================================================================
+--- /boost/regex/v4/basic_regex_parser.hpp (revision 38864)
++++ /boost/regex/v4/basic_regex_parser.hpp (revision 42674)
+@@ -785,4 +785,5 @@
+       case syntax_element_jump:
+       case syntax_element_startmark:
++      case syntax_element_backstep:
+          // can't legally repeat any of the above:
+          fail(regex_constants::error_badrepeat, m_position - m_base);
+@@ -1870,4 +1871,5 @@
+    {
+       re_syntax_base* b = this->getaddress(expected_alt_point);
++      // Make sure we have exactly one alternative following this state:
+       if(b->type != syntax_element_alt)
+       {
+@@ -1878,4 +1880,13 @@
+       {
+          fail(regex_constants::error_bad_pattern, m_position - m_base);
++         return false;
++      }
++      // check for invalid repetition of next state:
++      b = this->getaddress(expected_alt_point);
++      b = this->getaddress(static_cast<re_alt*>(b)->next.i, b);
++      if((b->type != syntax_element_assert_backref)
++         && (b->type != syntax_element_startmark))
++      {
++         fail(regex_constants::error_badrepeat, m_position - m_base);
+          return false;
+       }
diff --git a/source/devel-extra/boost/FrugalBuild 
b/source/devel-extra/boost/FrugalBuild
index 12feb26..933d589 100644
--- a/source/devel-extra/boost/FrugalBuild
+++ b/source/devel-extra/boost/FrugalBuild
@@ -3,7 +3,7 @@

pkgname=boost
pkgver=1.34.0
-pkgrel=5
+pkgrel=6sayshell1
pkgdesc="Boost Libraries for C++"
_F_sourceforge_ext=".tar.bz2"
Finclude sourceforge python
@@ -14,12 +14,14 @@ groups=('devel-extra')
archs=('i686' 'x86_64')
up2date="lynx -dump http://sourceforge.net/project/showfiles.php?group_id=7586 
| grep 'Latest.*Notes' | sed -n 's/.*\]\([0-9\.]\+\) \[.*/\1/;1 p'"
source=(${source/-$pkgver/_${pkgver//./_}} no_version_for_include_kthx.patch \
-       boostjam_x86_64.patch gcc42_atomicity_h.patch)
+       boostjam_x86_64.patch gcc42_atomicity_h.patch CVE-2008-0171.patch  
CVE-2008-0172.patch)
_F_cd_path="${pkgname}_`echo $pkgver|tr . _`"
-sha1sums=('d2fdb4535a13566917fe3d8377b017f094933641'\
-          'ed54f5fe28c801e240fa87f3641de1b1184dfe20'\
-          'f183bdd5970e67ac2d9062ec1834eb22233ede03'\
-          '4885396af53aa6a959cd6adb92d826acfa204d5a')
+sha1sums=('d2fdb4535a13566917fe3d8377b017f094933641' \
+          'ed54f5fe28c801e240fa87f3641de1b1184dfe20' \
+          'f183bdd5970e67ac2d9062ec1834eb22233ede03' \
+          '4885396af53aa6a959cd6adb92d826acfa204d5a' \
+          'd793699347692e5f56eb9d09343ed8bb1c9bd7ce' \
+          'dded66ac4a086653a51fc66e07ff038b52ee5d2c')

build()
{
_______________________________________________
Frugalware-git mailing list
[email protected]
http://frugalware.org/mailman/listinfo/frugalware-git

Reply via email to