Hello community, here is the log from the commit of package ocaml for openSUSE:Factory checked in at 2016-05-16 12:02:54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ocaml (Old) and /work/SRC/openSUSE:Factory/.ocaml.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ocaml" Changes: -------- --- /work/SRC/openSUSE:Factory/ocaml/ocaml.changes 2015-11-24 22:30:15.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.ocaml.new/ocaml.changes 2016-05-16 12:02:55.000000000 +0200 @@ -1,0 +2,7 @@ +Wed May 4 13:49:38 UTC 2016 - [email protected] + +- add ocaml-4.02.3-bufferoverflow_infoleak.patch to prevent buffer + overflow and information leak [bsc#977990], [CVE-2015-8869] +- use spec-cleaner to clean the specfile + +------------------------------------------------------------------- New: ---- ocaml-4.02.3-bufferoverflow_infoleak.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ocaml.spec ++++++ --- /var/tmp/diff_new_pack.omsovx/_old 2016-05-16 12:02:56.000000000 +0200 +++ /var/tmp/diff_new_pack.omsovx/_new 2016-05-16 12:02:56.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package ocaml # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2010 Andrew Psaltis <ampsaltis at gmail dot com> # Copyright (c) 2011 Andrew Psaltis <ampsaltis at gmail dot com> # @@ -69,15 +69,18 @@ Patch9: ocaml-ppc64.patch # FIX-UPSTREAM enable build on PowerPC 64bit LE platform. Patch10: ocaml-ppc64le.patch +# PATCH-FIX-UPSTREAM bnc#977990 CVE-2015-8869 [email protected] -- prevent buffer overflow and information leak +Patch11: ocaml-4.02.3-bufferoverflow_infoleak.patch Patch64: ocaml-arch-rlimit-stacksize.patch # This gets ocamlobjinfo to work with .cmxs files BuildRequires: binutils-devel BuildRequires: emacs-nox BuildRequires: fdupes BuildRequires: ncurses-devel +BuildRequires: pkg-config BuildRequires: pkgconfig(x11) -Requires(pre): %{install_info_prereq} Requires(post): %{install_info_prereq} +Requires(pre): %{install_info_prereq} Provides: ocaml(compiler) = %{version} BuildRoot: %{_tmppath}/%{name}-%{version}-build # ocaml autodep start for pkg: ocaml @@ -108,16 +111,16 @@ A set of helper macros to unify common code used in ocaml spec files. %package runtime -# ocaml autodep start for pkg: ocaml-runtime -# hardcoded rpm dependency for pre 12.1 to compensate for lack of ocaml() provides/requires -%if 0%{?suse_version} < 1210 -Requires: ocaml-compiler-libs -%endif # ocaml autodep end for pkg: ocaml-runtime Summary: The Objective Caml Compiler and Programming Environment License: QPL-1.0 Group: Development/Languages/Other Provides: ocaml(runtime) = %{version} +# ocaml autodep start for pkg: ocaml-runtime +# hardcoded rpm dependency for pre 12.1 to compensate for lack of ocaml() provides/requires +%if 0%{?suse_version} < 1210 +Requires: ocaml-compiler-libs +%endif %description runtime Objective Caml is a high-level, strongly-typed, functional and @@ -135,31 +138,31 @@ Source code for Objective Caml libraries. %package x11 +# ocaml autodep end for pkg: ocaml-x11 +Summary: X11 support for Objective Caml +License: SUSE-LGPL-2.0-with-linking-exception +Group: System/Libraries # ocaml autodep start for pkg: ocaml-x11 # hardcoded rpm dependency for pre 12.1 to compensate for lack of ocaml() provides/requires %if 0%{?suse_version} < 1210 Requires: ocaml-runtime %endif -# ocaml autodep end for pkg: ocaml-x11 -Summary: X11 support for Objective Caml -License: SUSE-LGPL-2.0-with-linking-exception -Group: System/Libraries %description x11 X11 support for Objective Caml. %package ocamldoc +# ocaml autodep end for pkg: ocaml-ocamldoc +Summary: The Objective Caml Compiler and Programming Environment +License: QPL-1.0 +Group: Development/Languages/Other +Requires: ocaml = %{version} # ocaml autodep start for pkg: ocaml-ocamldoc # hardcoded rpm dependency for pre 12.1 to compensate for lack of ocaml() provides/requires %if 0%{?suse_version} < 1210 Requires: ocaml-compiler-libs Requires: ocaml-runtime %endif -# ocaml autodep end for pkg: ocaml-ocamldoc -Summary: The Objective Caml Compiler and Programming Environment -License: QPL-1.0 -Group: Development/Languages/Other -Requires: ocaml = %{version} %description ocamldoc Objective Caml is a high-level, strongly-typed, functional and @@ -196,15 +199,15 @@ system, Lex&Yacc tools, a replay debugger, and a comprehensive library. %package compiler-libs +# ocaml autodep end for pkg: ocaml-compiler-libs +Summary: Libraries used internal to the OCaml Compiler +License: QPL-1.0 +Group: Development/Libraries/Other # ocaml autodep start for pkg: ocaml-compiler-libs # hardcoded rpm dependency for pre 12.1 to compensate for lack of ocaml() provides/requires %if 0%{?suse_version} < 1210 Requires: ocaml-runtime %endif -# ocaml autodep end for pkg: ocaml-compiler-libs -Summary: Libraries used internal to the OCaml Compiler -License: QPL-1.0 -Group: Development/Libraries/Other %description compiler-libs Objective Caml is a high-level, strongly-typed, functional and @@ -215,16 +218,16 @@ be helpful in the development of certain applications. %package compiler-libs-devel -# ocaml autodep start for pkg: ocaml-compiler-libs -# hardcoded rpm dependency for pre 12.1 to compensate for lack of ocaml() provides/requires -%if 0%{?suse_version} < 1210 -Requires: ocaml-runtime -%endif # ocaml autodep end for pkg: ocaml-compiler-libs Summary: Libraries used internal to the OCaml Compiler License: QPL-1.0 Group: Development/Libraries/Other Requires: ocaml-compiler-libs = %{version} +# ocaml autodep start for pkg: ocaml-compiler-libs +# hardcoded rpm dependency for pre 12.1 to compensate for lack of ocaml() provides/requires +%if 0%{?suse_version} < 1210 +Requires: ocaml-runtime +%endif %description compiler-libs-devel The %{name}-devel package contains libraries and signature files for @@ -240,13 +243,14 @@ %patch7 %patch9 -p1 %patch10 -p1 +%patch11 -p1 %patch64 -p1 %build %ifarch %ix86 # Default OPT flags for these architectures use -fomit-frame-pointer, # which gets in the way of some of the profiling done within. -export RPM_OPT_FLAGS="${RPM_OPT_FLAGS/-fomit-frame-pointer/}" +export RPM_OPT_FLAGS="%{optflags}/-fomit-frame-pointer/}" %endif CFLAGS="%{optflags} -DUSE_INTERP_RESULT" \ ++++++ ocaml-4.02.3-bufferoverflow_infoleak.patch ++++++ diff --git a/byterun/str.c b/byterun/str.c index 5ad4e29..885772f 100644 --- a/byterun/str.c +++ b/byterun/str.c @@ -266,7 +266,7 @@ CAMLprim value caml_string_greaterequal(value s1, value s2) CAMLprim value caml_blit_string(value s1, value ofs1, value s2, value ofs2, value n) { - memmove(&Byte(s2, Long_val(ofs2)), &Byte(s1, Long_val(ofs1)), Int_val(n)); + memmove(&Byte(s2, Long_val(ofs2)), &Byte(s1, Long_val(ofs1)), Long_val(n)); return Val_unit; } @@ -278,7 +278,7 @@ CAMLprim value caml_fill_string(value s, value offset, value len, value init) CAMLprim value caml_bitvect_test(value bv, value n) { - int pos = Int_val(n); + intnat pos = Long_val(n); return Val_int(Byte_u(bv, pos >> 3) & (1 << (pos & 7))); }
