subject:"\[arch\-commits\] Commit in hdf5\-openmpi\/trunk \(PKGBUILD hdf51.10\-CVE2016.patch\)"

[arch-commits] Commit in hdf5-openmpi/trunk (PKGBUILD hdf51.10-CVE2016.patch)

2017-06-17 Thread Bruno Pagani

Date: Saturday, June 17, 2017 @ 14:57:15
  Author: archange
Revision: 237925

upgpkg: hdf5-openmpi 1.10.1-1

Remove CVE patch, fixed upstream in this release.

Modified:
  hdf5-openmpi/trunk/PKGBUILD
Deleted:
  hdf5-openmpi/trunk/hdf51.10-CVE2016.patch

+
 PKGBUILD   |   16 +-
 hdf51.10-CVE2016.patch |  280 ---
 2 files changed, 7 insertions(+), 289 deletions(-)

Modified: PKGBUILD
===
--- PKGBUILD2017-06-17 14:57:14 UTC (rev 237924)
+++ PKGBUILD2017-06-17 14:57:15 UTC (rev 237925)
@@ -10,9 +10,8 @@
 _pkgname=hdf5
 _mpi=openmpi
 pkgname=${_pkgname}-${_mpi}
-_patch=patch1
-pkgver=1.10.0_${_patch}
-pkgrel=3
+pkgver=1.10.1
+pkgrel=1
 pkgdesc="General purpose library and file format for storing scientific data 
(${_mpi} version)"
 arch=('i686' 'x86_64')
 url="https://www.hdfgroup.org/HDF5/;
@@ -23,16 +22,13 @@
 conflicts=('hdf5')
 replaces=("hdf5-fortran-${_mpi}")
 
source=("https://support.hdfgroup.org/ftp/HDF5/releases/${_pkgname}-${pkgver:0:4}/${_pkgname}-${pkgver/_/-}/src/${_pkgname}-${pkgver/_/-}.tar.bz2;
-'mpi.patch'
-'hdf51.10-CVE2016.patch')
-md5sums=('f6d980febe2c35c11670a9b34fa3b487'
- 'dfa8dd50b8a7ebb3ad7249c627156cf9'
- 'ebc0db3fe6d55dc39f63143ebb6327d4')
+'mpi.patch')
+md5sums=('d89893c05ee7ea8611b51bb39450d64e'
+ 'dfa8dd50b8a7ebb3ad7249c627156cf9')
 
 prepare() {
 cd ${_pkgname}-${pkgver/_/-}
 
-patch -p0 -i ../hdf51.10-CVE2016.patch
 # FS#33343
 patch -p1 -i ../mpi.patch
 }
@@ -66,6 +62,8 @@
 
 make -j1 DESTDIR="${pkgdir}" install
 
+rm -rf "${pkgdir}"/usr/lib/libdynlib*.so
+
 install -dm755 "${pkgdir}"/usr/share/${_pkgname}
 mv "${pkgdir}"/usr/share/{hdf5_examples,${_pkgname}/examples}
 

Deleted: hdf51.10-CVE2016.patch
===
--- hdf51.10-CVE2016.patch  2017-06-17 14:57:14 UTC (rev 237924)
+++ hdf51.10-CVE2016.patch  2017-06-17 14:57:15 UTC (rev 237925)
@@ -1,280 +0,0 @@
-diff --git src/H5Ocache.c src/H5Ocache.c
-index 831b08a..eab0fd2 100644
 src/H5Ocache.c
-+++ src/H5Ocache.c
-@@ -1433,6 +1433,10 @@ H5O__chunk_deserialize(H5O_t *oh, haddr_t addr, size_t 
len, const uint8_t *image
- HGOTO_ERROR(H5E_OHDR, H5E_CANTLOAD, FAIL, "bad flag combination 
for message")
- if((flags & H5O_MSG_FLAG_WAS_UNKNOWN) && !(flags & 
H5O_MSG_FLAG_MARK_IF_UNKNOWN))
- HGOTO_ERROR(H5E_OHDR, H5E_CANTLOAD, FAIL, "bad flag combination 
for message")
-+if((flags & H5O_MSG_FLAG_SHAREABLE)
-+&& H5O_msg_class_g[id]
-+&& !(H5O_msg_class_g[id]->share_flags & 
H5O_SHARE_IS_SHARABLE))
-+HGOTO_ERROR(H5E_OHDR, H5E_CANTLOAD, FAIL, "message of unsharable 
class flagged as sharable")
- 
- /* Reserved bytes/creation index */
- if(oh->version == H5O_VERSION_1)
-diff --git src/H5Odtype.c src/H5Odtype.c
-index e51d319..799f475 100644
 src/H5Odtype.c
-+++ src/H5Odtype.c
-@@ -311,7 +311,11 @@ H5O_dtype_decode_helper(H5F_t *f, unsigned 
*ioflags/*in,out*/, const uint8_t **p
- if(version == H5O_DTYPE_VERSION_1) {
- /* Decode the number of dimensions */
- ndims = *(*pp)++;
--HDassert(ndims <= 4);
-+
-+/* Check that ndims is valid */
-+if(ndims > 4)
-+HGOTO_ERROR(H5E_DATATYPE, H5E_BADTYPE, FAIL, 
"invalid number of dimensions for array")
-+
- *pp += 3; /*reserved bytes */
- 
- /* Skip dimension permutation */
-@@ -519,7 +523,8 @@ H5O_dtype_decode_helper(H5F_t *f, unsigned 
*ioflags/*in,out*/, const uint8_t **p
- dt->shared->u.array.ndims = *(*pp)++;
- 
- /* Double-check the number of dimensions */
--HDassert(dt->shared->u.array.ndims <= H5S_MAX_RANK);
-+if(dt->shared->u.array.ndims > H5S_MAX_RANK)
-+HGOTO_ERROR(H5E_DATATYPE, H5E_CANTLOAD, FAIL, "too many 
dimensions for array datatype")
- 
- /* Skip reserved bytes, if version has them */
- if(version < H5O_DTYPE_VERSION_3)
-diff --git src/H5Opkg.h src/H5Opkg.h
-index 7473397..0fefa21 100644
 src/H5Opkg.h
-+++ src/H5Opkg.h
-@@ -212,6 +212,7 @@
-   
\
- /* Set the message's "shared info", if it's shareable */\
- if((MSG)->flags & H5O_MSG_FLAG_SHAREABLE) {   
\
-+HDassert(msg_type->share_flags & H5O_SHARE_IS_SHARABLE);  
\
- H5O_UPDATE_SHARED((H5O_shared_t *)(MSG)->native, 
H5O_SHARE_TYPE_HERE, (F), msg_type->id, (MSG)->crt_idx, (OH)->chunk[0].addr) \
- } /* end if */

[arch-commits] Commit in hdf5-openmpi/trunk (PKGBUILD hdf51.10-CVE2016.patch)

2017-06-17 Thread Bruno Pagani

Date: Saturday, June 17, 2017 @ 13:39:09
  Author: archange
Revision: 237876

Fix several CVEs, add Fortran bindings

The following CVE are fixed in this release:
   CVE-2016-4330:  HDF5 bug  HDFFV-9992 (TALOS-2016-176)
   CVE-2016-4331:  HDF5 bug  HDFFV-9951 (TALOS-2016-177)
   CVE-2016-4332:  HDF5 bug  HDFFV-9950 (TALOS-2016-178)
   CVE-2016-4333:  HDF5 bug  HDFFV-9993 (TALOS-2016-179)

Fortran bindings are added (no incompatibilities at all).

Some cleaning

Added:
  hdf5-openmpi/trunk/hdf51.10-CVE2016.patch
Modified:
  hdf5-openmpi/trunk/PKGBUILD

+
 PKGBUILD   |   96 
 hdf51.10-CVE2016.patch |  280 +++
 2 files changed, 331 insertions(+), 45 deletions(-)

Modified: PKGBUILD
===
--- PKGBUILD2017-06-17 13:11:21 UTC (rev 237875)
+++ PKGBUILD2017-06-17 13:39:09 UTC (rev 237876)
@@ -1,5 +1,6 @@
 # $Id$
 # Maintainer: Ronald van Haren 
+# Maintainer: Bruno Pagani (a.k.a. ArchangeGabriel) 
 # Contributor: Stefan Husmann 
 # Contributor: damir 
 # Contributor: Tom K 
@@ -6,62 +7,67 @@
 # Contributor: Jed Brown 
 # Contributor: Simone Pezzuto 
 
-pkgname=hdf5-openmpi
 _pkgname=hdf5
-pkgver=1.10.0_patch1
-_pkgver=1.10.0-patch1
-pkgrel=2
+_mpi=openmpi
+pkgname=${_pkgname}-${_mpi}
+_patch=patch1
+pkgver=1.10.0_${_patch}
+pkgrel=3
+pkgdesc="General purpose library and file format for storing scientific data 
(${_mpi} version)"
 arch=('i686' 'x86_64')
-pkgdesc="General purpose library and file format for storing scientific data 
(OpenMPI version)"
-url="http://www.hdfgroup.org/HDF5/;
+url="https://www.hdfgroup.org/HDF5/;
 license=('custom')
-depends=('zlib' 'sh' 'openmpi')
-makedepends=('time')
-provides=('hdf5')
+depends=('zlib' 'bash' 'openmpi')
+makedepends=('time' 'gcc-fortran')
+provides=('hdf5' 'hdf5-cpp-fortran' "hdf5-fortran-${_mpi}")
 conflicts=('hdf5')
-source=(ftp://ftp.hdfgroup.org/HDF5/releases/${_pkgname}-1.10/${_pkgname}-${_pkgver}/src/${_pkgname}-${_pkgver}.tar.bz2
-mpi.patch)
-sha1sums=('2f34251186fa9e59887d8f094bc0bc90187d0aa4'
-  '658d4a3e537c9c76da3200effa8f95b656a21936')
+replaces=("hdf5-fortran-${_mpi}")
+source=("https://support.hdfgroup.org/ftp/HDF5/releases/${_pkgname}-${pkgver:0:4}/${_pkgname}-${pkgver/_/-}/src/${_pkgname}-${pkgver/_/-}.tar.bz2;
+'mpi.patch'
+'hdf51.10-CVE2016.patch')
+md5sums=('f6d980febe2c35c11670a9b34fa3b487'
+ 'dfa8dd50b8a7ebb3ad7249c627156cf9'
+ 'ebc0db3fe6d55dc39f63143ebb6327d4')
 
-build() {
-  cd "$srcdir/${_pkgname}-${pkgver/_/-}"
+prepare() {
+cd ${_pkgname}-${pkgver/_/-}
 
-  # FS#33343
-  patch -Np1 -i "${srcdir}/mpi.patch"
+patch -p0 -i ../hdf51.10-CVE2016.patch
+# FS#33343
+patch -p1 -i ../mpi.patch
+}
 
-  ./configure \
-CXX="mpicxx" \
-CC="mpicc" \
-FC="mpif90" \
-F9X="mpif90" \
-RUNPARALLEL="mpirun" \
-OMPI_MCA_disable_memory_allocator=1 \
---prefix=/usr \
---with-pthread=/usr/lib/ \
---enable-linux-lfs \
---enable-unsupported \
---enable-shared \
---disable-static \
---enable-build-mode=production \
---with-zlib \
---enable-parallel=yes \
---enable-cxx \
---disable-sharedlib-rpath
-
-  make
+build() {
+cd ${_pkgname}-${pkgver/_/-}
+./configure \
+CXX="mpicxx" \
+CC="mpicc" \
+FC="mpif90" \
+F9X="mpif90" \
+RUNPARALLEL="mpirun" \
+OMPI_MCA_disable_memory_allocator=1 \
+--prefix=/usr \
+--disable-static \
+--enable-hl \
+--enable-build-mode=production \
+--with-pic \
+--docdir=/usr/share/doc/hdf5/ \
+--disable-sharedlib-rpath \
+--enable-cxx \
+--enable-fortran \
+--enable-parallel \
+--enable-unsupported \
+--with-zlib
+make
 }
 
 package() {
-  cd "$srcdir/${_pkgname}-${pkgver/_/-}"
+cd ${_pkgname}-${pkgver/_/-}
 
-  make -j1 DESTDIR="${pkgdir}" install
+make -j1 DESTDIR="${pkgdir}" install
 
-  install -d -m755 "$pkgdir/usr/share/$_pkgname"
-  mv "$pkgdir"/usr/share/{hdf5_examples,$_pkgname/examples}
+install -dm755 "${pkgdir}"/usr/share/${_pkgname}
+mv "${pkgdir}"/usr/share/{hdf5_examples,${_pkgname}/examples}
 
-  install -d -m755 "$pkgdir/usr/share/licenses/${pkgname}"
-  install -m644 "$srcdir/${_pkgname}-${pkgver/_/-}/COPYING" \
-  "$pkgdir/usr/share/licenses/${pkgname}/LICENSE" 
+install -Dm644 COPYING "${pkgdir}"/usr/share/licenses/${_pkgname}/LICENSE
 }
-

Added: hdf51.10-CVE2016.patch
===
--- hdf51.10-CVE2016.patch  (rev 0)
+++ hdf51.10-CVE2016.patch  2017-06-17 13:39:09 UTC (rev 237876)
@@ -0,0 +1,280 @@
+diff --git src/H5Ocache.c src/H5Ocache.c

[arch-commits] Commit in hdf5-openmpi/trunk (PKGBUILD hdf51.10-CVE2016.patch)

[arch-commits] Commit in hdf5-openmpi/trunk (PKGBUILD hdf51.10-CVE2016.patch)

2 matches

Site Navigation

Mail list logo

Footer information