From 87dc925a2b9b1875e9e5b3250632e518b5422fb5 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Fri, 13 Jan 2012 05:52:10 -0600 Subject: [PATCH 01/15] - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild --- p7zip.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/p7zip.spec b/p7zip.spec index 57be1d6..ea5ebcd 100644 --- a/p7zip.spec +++ b/p7zip.spec @@ -1,7 +1,7 @@ Summary: Very high compression ratio file archiver Name: p7zip Version: 9.20.1 -Release: 2%{?dist} +Release: 3%{?dist} # Files under C/Compress/Lzma/ are dual LGPL or CPL License: LGPLv2 and (LGPLv2+ or CPL) Group: Applications/Archiving @@ -111,6 +111,9 @@ rm -rf %{buildroot} %changelog +* Fri Jan 13 2012 Fedora Release Engineering - 9.20.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + * Tue Jul 26 2011 Matthias Saou 9.20.1-2 - Execstack patch to fix what's wanted by the yasm code (#718778). From 34cf6b359af7a299fb02482b9a2dd4f7558bcf33 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Fri, 20 Jul 2012 02:40:58 -0500 Subject: [PATCH 02/15] - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild --- p7zip.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/p7zip.spec b/p7zip.spec index ea5ebcd..f2d41b9 100644 --- a/p7zip.spec +++ b/p7zip.spec @@ -1,7 +1,7 @@ Summary: Very high compression ratio file archiver Name: p7zip Version: 9.20.1 -Release: 3%{?dist} +Release: 4%{?dist} # Files under C/Compress/Lzma/ are dual LGPL or CPL License: LGPLv2 and (LGPLv2+ or CPL) Group: Applications/Archiving @@ -111,6 +111,9 @@ rm -rf %{buildroot} %changelog +* Fri Jul 20 2012 Fedora Release Engineering - 9.20.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + * Fri Jan 13 2012 Fedora Release Engineering - 9.20.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild From f3e62149e986209ccc9ff80df8cbec136ace8923 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Thu, 14 Feb 2013 03:40:56 -0600 Subject: [PATCH 03/15] - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild --- p7zip.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/p7zip.spec b/p7zip.spec index f2d41b9..0d44cea 100644 --- a/p7zip.spec +++ b/p7zip.spec @@ -1,7 +1,7 @@ Summary: Very high compression ratio file archiver Name: p7zip Version: 9.20.1 -Release: 4%{?dist} +Release: 5%{?dist} # Files under C/Compress/Lzma/ are dual LGPL or CPL License: LGPLv2 and (LGPLv2+ or CPL) Group: Applications/Archiving @@ -111,6 +111,9 @@ rm -rf %{buildroot} %changelog +* Thu Feb 14 2013 Fedora Release Engineering - 9.20.1-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + * Fri Jul 20 2012 Fedora Release Engineering - 9.20.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild From 3b4b23b35a76e11b442dac06692912305b1e5437 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Sat, 3 Aug 2013 11:16:28 -0500 Subject: [PATCH 04/15] - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild --- p7zip.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/p7zip.spec b/p7zip.spec index 0d44cea..eaec042 100644 --- a/p7zip.spec +++ b/p7zip.spec @@ -1,7 +1,7 @@ Summary: Very high compression ratio file archiver Name: p7zip Version: 9.20.1 -Release: 5%{?dist} +Release: 6%{?dist} # Files under C/Compress/Lzma/ are dual LGPL or CPL License: LGPLv2 and (LGPLv2+ or CPL) Group: Applications/Archiving @@ -111,6 +111,9 @@ rm -rf %{buildroot} %changelog +* Sat Aug 03 2013 Fedora Release Engineering - 9.20.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + * Thu Feb 14 2013 Fedora Release Engineering - 9.20.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild From 95794e124f948cf5d905b3f08a6ab47e07a161ae Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Fri, 6 Jun 2014 18:23:28 -0500 Subject: [PATCH 05/15] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild --- p7zip.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/p7zip.spec b/p7zip.spec index eaec042..cd2e4bb 100644 --- a/p7zip.spec +++ b/p7zip.spec @@ -1,7 +1,7 @@ Summary: Very high compression ratio file archiver Name: p7zip Version: 9.20.1 -Release: 6%{?dist} +Release: 7%{?dist} # Files under C/Compress/Lzma/ are dual LGPL or CPL License: LGPLv2 and (LGPLv2+ or CPL) Group: Applications/Archiving @@ -111,6 +111,9 @@ rm -rf %{buildroot} %changelog +* Fri Jun 06 2014 Fedora Release Engineering - 9.20.1-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + * Sat Aug 03 2013 Fedora Release Engineering - 9.20.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild From 217fc4270c5adfac8d074718f96dd489962cc490 Mon Sep 17 00:00:00 2001 From: Peter Robinson Date: Sun, 17 Aug 2014 14:30:04 +0000 Subject: [PATCH 06/15] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild --- p7zip.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/p7zip.spec b/p7zip.spec index cd2e4bb..c7360d8 100644 --- a/p7zip.spec +++ b/p7zip.spec @@ -1,7 +1,7 @@ Summary: Very high compression ratio file archiver Name: p7zip Version: 9.20.1 -Release: 7%{?dist} +Release: 8%{?dist} # Files under C/Compress/Lzma/ are dual LGPL or CPL License: LGPLv2 and (LGPLv2+ or CPL) Group: Applications/Archiving @@ -111,6 +111,9 @@ rm -rf %{buildroot} %changelog +* Sun Aug 17 2014 Fedora Release Engineering - 9.20.1-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + * Fri Jun 06 2014 Fedora Release Engineering - 9.20.1-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild From 1bbdb4b143d1c4b65be8cf07fbbc4901bd75bb9d Mon Sep 17 00:00:00 2001 From: Kalev Lember Date: Sat, 2 May 2015 16:32:14 +0200 Subject: [PATCH 07/15] Rebuilt for GCC 5 C++11 ABI change --- p7zip.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/p7zip.spec b/p7zip.spec index c7360d8..9ba4f80 100644 --- a/p7zip.spec +++ b/p7zip.spec @@ -1,7 +1,7 @@ Summary: Very high compression ratio file archiver Name: p7zip Version: 9.20.1 -Release: 8%{?dist} +Release: 9%{?dist} # Files under C/Compress/Lzma/ are dual LGPL or CPL License: LGPLv2 and (LGPLv2+ or CPL) Group: Applications/Archiving @@ -111,6 +111,9 @@ rm -rf %{buildroot} %changelog +* Sat May 02 2015 Kalev Lember - 9.20.1-9 +- Rebuilt for GCC 5 C++11 ABI change + * Sun Aug 17 2014 Fedora Release Engineering - 9.20.1-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild From 960b9fb0438f459db96340bdb779eb7bc3c022e7 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Thu, 18 Jun 2015 00:34:25 +0000 Subject: [PATCH 08/15] - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild --- p7zip.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/p7zip.spec b/p7zip.spec index 9ba4f80..263a147 100644 --- a/p7zip.spec +++ b/p7zip.spec @@ -1,7 +1,7 @@ Summary: Very high compression ratio file archiver Name: p7zip Version: 9.20.1 -Release: 9%{?dist} +Release: 10%{?dist} # Files under C/Compress/Lzma/ are dual LGPL or CPL License: LGPLv2 and (LGPLv2+ or CPL) Group: Applications/Archiving @@ -111,6 +111,9 @@ rm -rf %{buildroot} %changelog +* Thu Jun 18 2015 Fedora Release Engineering - 9.20.1-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + * Sat May 02 2015 Kalev Lember - 9.20.1-9 - Rebuilt for GCC 5 C++11 ABI change From 6fd89d9572110986f2edd95e409d13e22a025cb1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Thu, 5 Nov 2015 15:53:09 +0000 Subject: [PATCH 09/15] Update to p7zip_15.09 - Use cmake. - Refactor norar patch. - Deleted: p7zip_9.20.1-execstack.patch (upstreamed) - Deleted: p7zip_9.20.1-install.patch (upstreamed) - Deleted: p7zip_9.20.1-nostrip.patch (upstreamed) --- .gitignore | 1 + p7zip.spec | 40 ++++----- p7zip_15.09-norar_cmake.patch | 148 ++++++++++++++++++++++++++++++++++ p7zip_9.20.1-execstack.patch | 24 ------ p7zip_9.20.1-install.patch | 99 ----------------------- p7zip_9.20.1-nostrip.patch | 24 ------ sources | 2 +- 7 files changed, 170 insertions(+), 168 deletions(-) create mode 100644 p7zip_15.09-norar_cmake.patch delete mode 100644 p7zip_9.20.1-execstack.patch delete mode 100644 p7zip_9.20.1-install.patch delete mode 100644 p7zip_9.20.1-nostrip.patch diff --git a/.gitignore b/.gitignore index 570927e..a70d0d2 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ /p7zip_9.13_src_all-norar.tar.bz2 /p7zip_9.20.1_src_all-norar.tar.bz2 +/p7zip_15.09_src_all-norar.tar.bz2 diff --git a/p7zip.spec b/p7zip.spec index 263a147..1c2a114 100644 --- a/p7zip.spec +++ b/p7zip.spec @@ -1,7 +1,7 @@ Summary: Very high compression ratio file archiver Name: p7zip -Version: 9.20.1 -Release: 10%{?dist} +Version: 15.09 +Release: 1%{?dist} # Files under C/Compress/Lzma/ are dual LGPL or CPL License: LGPLv2 and (LGPLv2+ or CPL) Group: Applications/Archiving @@ -12,14 +12,13 @@ URL: http://p7zip.sourceforge.net/ # wget http://downloads.sf.net/p7zip/p7zip_${VERSION}_src_all.tar.bz2 # tar xjvf p7zip_${VERSION}_src_all.tar.bz2 # rm -rf p7zip_${VERSION}/CPP/7zip/{Archive,Compress,Crypto}/Rar* -# rm -f p7zip_${VERSION}/DOCS/unRarLicense.txt +# rm p7zip_${VERSION}/DOC/unRarLicense.txt # tar --numeric-owner -cjvf p7zip_${VERSION}_src_all-norar.tar.bz2 p7zip_${VERSION} Source: p7zip_%{version}_src_all-norar.tar.bz2 -Patch0: p7zip_9.20.1-norar.patch -Patch1: p7zip_9.20.1-install.patch -Patch2: p7zip_9.20.1-nostrip.patch -Patch3: p7zip_9.20.1-execstack.patch -Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root +Patch0: p7zip_15.09-norar_cmake.patch + +BuildRequires: cmake +# BuildRequires: wxGTK3-devel wxGTK-devel # for 7zG GUI %ifarch %{ix86} BuildRequires: nasm %endif @@ -43,13 +42,10 @@ This package contains also a virtual file system for Midnight Commander. %prep %setup -q -n %{name}_%{version} -%patch0 -p1 -b .norar -%patch1 -p1 -b .install -%patch2 -p1 -b .nostrip -%patch3 -p1 -b .execstack +%patch0 -p1 -b .norar_cmake # Move docs early so that they don't get installed by "make install" and we # can include them in %%doc -mv DOCS docs +mv DOC docs mv ChangeLog README TODO docs/ # And fix useless executable bit while we're at it find docs -type f -exec chmod -x {} \; @@ -57,6 +53,9 @@ find contrib -type f -exec chmod -x {} \; %build +pushd CPP/7zip/CMAKE/ +./generate.sh +popd %ifarch %{ix86} cp -f makefile.linux_x86_asm_gcc_4.X makefile.machine %endif @@ -76,7 +75,6 @@ make %{?_smp_mflags} all2 \ %install -rm -rf %{buildroot} make install \ DEST_DIR=%{buildroot} \ DEST_HOME=%{_prefix} \ @@ -85,12 +83,7 @@ make install \ DEST_MAN=%{_mandir} -%clean -rm -rf %{buildroot} - - %files -%defattr(-,root,root,-) %doc docs/* %{_bindir}/7za %dir %{_libexecdir}/p7zip/ @@ -100,7 +93,6 @@ rm -rf %{buildroot} %exclude %{_mandir}/man1/7zr.1* %files plugins -%defattr(-,root,root,-) %doc contrib/ %{_bindir}/7z %{_libexecdir}/p7zip/7z @@ -111,6 +103,14 @@ rm -rf %{buildroot} %changelog +* Thu Nov 05 2015 Sérgio Basto - 15.09-1 +- Update to p7zip_15.09 +- Use cmake. +- Refactor norar patch. +- Deleted: p7zip_9.20.1-execstack.patch (upstreamed) +- Deleted: p7zip_9.20.1-install.patch (upstreamed) +- Deleted: p7zip_9.20.1-nostrip.patch (upstreamed) + * Thu Jun 18 2015 Fedora Release Engineering - 9.20.1-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild diff --git a/p7zip_15.09-norar_cmake.patch b/p7zip_15.09-norar_cmake.patch new file mode 100644 index 0000000..f9c7540 --- /dev/null +++ b/p7zip_15.09-norar_cmake.patch @@ -0,0 +1,148 @@ +diff -rup p7zip_15.09.orig/CPP/7zip/CMAKE/generate.sh p7zip_15.09/CPP/7zip/CMAKE/generate.sh +--- p7zip_15.09.orig/CPP/7zip/CMAKE/generate.sh 2015-01-18 17:14:54.000000000 +0000 ++++ p7zip_15.09/CPP/7zip/CMAKE/generate.sh 2015-11-05 03:55:11.789432894 +0000 +@@ -15,14 +15,14 @@ CURDIR=$PWD + cd $CURDIR + doit "Unix" "Unix Makefiles" + +-cd $CURDIR +-doit "codeblocks" "CodeBlocks - Unix Makefiles" ++#cd $CURDIR ++#doit "codeblocks" "CodeBlocks - Unix Makefiles" + + #cd $CURDIR + #doit "KDevelop3" "KDevelop3" + +-cd $CURDIR +-doit "EclipseCDT4" "Eclipse CDT4 - Unix Makefiles" ++#cd $CURDIR ++#doit "EclipseCDT4" "Eclipse CDT4 - Unix Makefiles" + + #cd $CURDIR + #doit "ninja" "Ninja" +diff -rup p7zip_15.09.orig/CPP/7zip/CMAKE/Format7zFree/CMakeLists.txt p7zip_15.09/CPP/7zip/CMAKE/Format7zFree/CMakeLists.txt +--- p7zip_15.09.orig/CPP/7zip/CMAKE/Format7zFree/CMakeLists.txt 2015-10-10 13:30:03.000000000 +0100 ++++ p7zip_15.09/CPP/7zip/CMAKE/Format7zFree/CMakeLists.txt 2015-11-05 04:21:50.386888680 +0000 +@@ -127,8 +127,6 @@ add_library(7z MODULE + "../../../../CPP/7zip/Archive/PeHandler.cpp" + "../../../../CPP/7zip/Archive/PpmdHandler.cpp" + "../../../../CPP/7zip/Archive/QcowHandler.cpp" +- "../../../../CPP/7zip/Archive/Rar/RarHandler.cpp" +- "../../../../CPP/7zip/Archive/Rar/Rar5Handler.cpp" + "../../../../CPP/7zip/Archive/RpmHandler.cpp" + "../../../../CPP/7zip/Archive/SplitHandler.cpp" + "../../../../CPP/7zip/Archive/SquashfsHandler.cpp" +@@ -231,9 +229,6 @@ add_library(7z MODULE + "../../../../CPP/7zip/Crypto/MyAesReg.cpp" + "../../../../CPP/7zip/Crypto/Pbkdf2HmacSha1.cpp" + "../../../../CPP/7zip/Crypto/RandGen.cpp" +- "../../../../CPP/7zip/Crypto/Rar20Crypto.cpp" +- "../../../../CPP/7zip/Crypto/Rar5Aes.cpp" +- "../../../../CPP/7zip/Crypto/RarAes.cpp" + "../../../../CPP/7zip/Crypto/WzAes.cpp" + "../../../../CPP/7zip/Crypto/ZipCrypto.cpp" + "../../../../CPP/7zip/Crypto/ZipStrong.cpp" +--- p7zip_15.09.orig/CPP/7zip/Bundles/Format7zFree/makefile.list 2015-10-10 13:30:03.000000000 +0100 ++++ p7zip_15.09/CPP/7zip/Bundles/Format7zFree/makefile.list 2015-11-05 13:22:50.715659911 +0000 +@@ -89,8 +89,6 @@ SRCS=\ + ../../../../CPP/7zip/Archive/PeHandler.cpp \ + ../../../../CPP/7zip/Archive/PpmdHandler.cpp \ + ../../../../CPP/7zip/Archive/QcowHandler.cpp \ +- ../../../../CPP/7zip/Archive/Rar/RarHandler.cpp \ +- ../../../../CPP/7zip/Archive/Rar/Rar5Handler.cpp \ + ../../../../CPP/7zip/Archive/RpmHandler.cpp \ + ../../../../CPP/7zip/Archive/SplitHandler.cpp \ + ../../../../CPP/7zip/Archive/SquashfsHandler.cpp \ +@@ -193,9 +191,6 @@ SRCS=\ + ../../../../CPP/7zip/Crypto/MyAesReg.cpp \ + ../../../../CPP/7zip/Crypto/Pbkdf2HmacSha1.cpp \ + ../../../../CPP/7zip/Crypto/RandGen.cpp \ +- ../../../../CPP/7zip/Crypto/Rar20Crypto.cpp \ +- ../../../../CPP/7zip/Crypto/Rar5Aes.cpp \ +- ../../../../CPP/7zip/Crypto/RarAes.cpp \ + ../../../../CPP/7zip/Crypto/WzAes.cpp \ + ../../../../CPP/7zip/Crypto/ZipCrypto.cpp \ + ../../../../CPP/7zip/Crypto/ZipStrong.cpp \ +@@ -491,10 +486,6 @@ PpmdHandler.o : ../../../../CPP/7zip/Arc + $(CXX) $(CXXFLAGS) ../../../../CPP/7zip/Archive/PpmdHandler.cpp + QcowHandler.o : ../../../../CPP/7zip/Archive/QcowHandler.cpp + $(CXX) $(CXXFLAGS) ../../../../CPP/7zip/Archive/QcowHandler.cpp +-RarHandler.o : ../../../../CPP/7zip/Archive/Rar/RarHandler.cpp +- $(CXX) $(CXXFLAGS) ../../../../CPP/7zip/Archive/Rar/RarHandler.cpp +-Rar5Handler.o : ../../../../CPP/7zip/Archive/Rar/Rar5Handler.cpp +- $(CXX) $(CXXFLAGS) ../../../../CPP/7zip/Archive/Rar/Rar5Handler.cpp + RpmHandler.o : ../../../../CPP/7zip/Archive/RpmHandler.cpp + $(CXX) $(CXXFLAGS) ../../../../CPP/7zip/Archive/RpmHandler.cpp + SplitHandler.o : ../../../../CPP/7zip/Archive/SplitHandler.cpp +@@ -699,12 +690,6 @@ Pbkdf2HmacSha1.o : ../../../../CPP/7zip/ + $(CXX) $(CXXFLAGS) ../../../../CPP/7zip/Crypto/Pbkdf2HmacSha1.cpp + RandGen.o : ../../../../CPP/7zip/Crypto/RandGen.cpp + $(CXX) $(CXXFLAGS) ../../../../CPP/7zip/Crypto/RandGen.cpp +-Rar20Crypto.o : ../../../../CPP/7zip/Crypto/Rar20Crypto.cpp +- $(CXX) $(CXXFLAGS) ../../../../CPP/7zip/Crypto/Rar20Crypto.cpp +-Rar5Aes.o : ../../../../CPP/7zip/Crypto/Rar5Aes.cpp +- $(CXX) $(CXXFLAGS) ../../../../CPP/7zip/Crypto/Rar5Aes.cpp +-RarAes.o : ../../../../CPP/7zip/Crypto/RarAes.cpp +- $(CXX) $(CXXFLAGS) ../../../../CPP/7zip/Crypto/RarAes.cpp + WzAes.o : ../../../../CPP/7zip/Crypto/WzAes.cpp + $(CXX) $(CXXFLAGS) ../../../../CPP/7zip/Crypto/WzAes.cpp + ZipCrypto.o : ../../../../CPP/7zip/Crypto/ZipCrypto.cpp +@@ -877,8 +862,6 @@ OBJS=\ + PeHandler.o \ + PpmdHandler.o \ + QcowHandler.o \ +- RarHandler.o \ +- Rar5Handler.o \ + RpmHandler.o \ + SplitHandler.o \ + SquashfsHandler.o \ +@@ -981,9 +964,6 @@ OBJS=\ + MyAesReg.o \ + Pbkdf2HmacSha1.o \ + RandGen.o \ +- Rar20Crypto.o \ +- Rar5Aes.o \ +- RarAes.o \ + WzAes.o \ + ZipCrypto.o \ + ZipStrong.o \ +--- p7zip_15.09.orig/makefile 2015-10-05 09:39:57.000000000 +0100 ++++ p7zip_15.09/makefile 2015-11-05 13:36:01.160793573 +0000 +@@ -70,7 +70,6 @@ depend: + $(MAKE) -C CPP/7zip/UI/Client7z depend + $(MAKE) -C CPP/7zip/UI/Console depend + $(MAKE) -C CPP/7zip/Bundles/Format7zFree depend +- $(MAKE) -C CPP/7zip/Compress/Rar depend + $(MAKE) -C CPP/7zip/UI/GUI depend + $(MAKE) -C CPP/7zip/UI/FileManager depend + +@@ -81,7 +80,6 @@ sfx: common + common7z:common + $(MKDIR) bin/Codecs + $(MAKE) -C CPP/7zip/Bundles/Format7zFree all +- $(MAKE) -C CPP/7zip/Compress/Rar all + + 7z: common7z + $(MAKE) -C CPP/7zip/UI/Console all +@@ -106,7 +104,6 @@ clean: + $(MAKE) -C CPP/7zip/UI/FileManager clean + $(MAKE) -C CPP/7zip/UI/GUI clean + $(MAKE) -C CPP/7zip/Bundles/Format7zFree clean +- $(MAKE) -C CPP/7zip/Compress/Rar clean + $(MAKE) -C CPP/7zip/Bundles/LzmaCon clean2 + $(MAKE) -C CPP/7zip/Bundles/AloneGCOV clean + $(MAKE) -C CPP/7zip/TEST/TestUI clean +--- p7zip_15.09.orig/CPP/7zip/CMAKE/CMakeLists.txt 2015-06-21 20:53:26.000000000 +0100 ++++ p7zip_15.09/CPP/7zip/CMAKE/CMakeLists.txt 2015-11-05 14:35:42.849613481 +0000 +@@ -27,9 +27,9 @@ add_subdirectory(7za) + + add_subdirectory(7z_) + +-add_subdirectory(7zG) ++#add_subdirectory(7zG) + +-add_subdirectory(7zFM) ++#add_subdirectory(7zFM) + + add_subdirectory(7zr) + diff --git a/p7zip_9.20.1-execstack.patch b/p7zip_9.20.1-execstack.patch deleted file mode 100644 index 1fdff48..0000000 --- a/p7zip_9.20.1-execstack.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff -Naupr p7zip_9.20.1.orig/Asm/x64/7zCrcT8U.asm p7zip_9.20.1/Asm/x64/7zCrcT8U.asm ---- p7zip_9.20.1.orig/Asm/x64/7zCrcT8U.asm 2008-08-14 11:18:07.000000000 +0200 -+++ p7zip_9.20.1/Asm/x64/7zCrcT8U.asm 2011-07-26 17:43:57.727910278 +0200 -@@ -101,3 +101,8 @@ _CrcUpdateT8: - ret - - end -+ -+%ifidn __OUTPUT_FORMAT__,elf -+section .note.GNU-stack noalloc noexec nowrite progbits -+%endif -+ -diff -Naupr p7zip_9.20.1.orig/Asm/x86/7zCrcT8U.asm p7zip_9.20.1/Asm/x86/7zCrcT8U.asm ---- p7zip_9.20.1.orig/Asm/x86/7zCrcT8U.asm 2009-07-14 12:44:15.000000000 +0200 -+++ p7zip_9.20.1/Asm/x86/7zCrcT8U.asm 2011-07-26 17:44:23.938864508 +0200 -@@ -99,3 +99,8 @@ _CrcUpdateT8: - - - ; end -+ -+%ifidn __OUTPUT_FORMAT__,elf -+section .note.GNU-stack noalloc noexec nowrite progbits -+%endif -+ diff --git a/p7zip_9.20.1-install.patch b/p7zip_9.20.1-install.patch deleted file mode 100644 index 8e63e6d..0000000 --- a/p7zip_9.20.1-install.patch +++ /dev/null @@ -1,99 +0,0 @@ -diff -Naupr p7zip_9.20.1.orig/install.sh p7zip_9.20.1/install.sh ---- p7zip_9.20.1.orig/install.sh 2011-03-16 20:32:56.000000000 +0100 -+++ p7zip_9.20.1/install.sh 2011-07-26 14:07:09.609064252 +0200 -@@ -7,12 +7,10 @@ installShared() - then - echo "- installing ${DEST_DIR}${DEST_BIN}/${prg}" - cp bin/${prg} "${DEST_DIR}${DEST_SHARE}/${prg}" -- chmod 777 "${DEST_DIR}${DEST_SHARE}/${prg}" -- strip "${DEST_DIR}${DEST_SHARE}/${prg}" -- chmod 555 "${DEST_DIR}${DEST_SHARE}/${prg}" -+ chmod 755 "${DEST_DIR}${DEST_SHARE}/${prg}" - echo "#! /bin/sh" > "${DEST_DIR}${DEST_BIN}/${prg}" - echo "\"${DEST_SHARE}/${prg}\" \"\$@\"" >> "${DEST_DIR}${DEST_BIN}/${prg}" -- chmod 555 "${DEST_DIR}${DEST_BIN}/${prg}" -+ chmod 755 "${DEST_DIR}${DEST_BIN}/${prg}" - fi - } - -@@ -117,7 +115,7 @@ else - echo "- installing ${DEST_DIR}${DEST_BIN}/7za" - mkdir -p "${DEST_DIR}${DEST_BIN}" - cp bin/7za "${DEST_DIR}${DEST_BIN}/7za" -- chmod 555 "${DEST_DIR}${DEST_BIN}/7za" -+ chmod 755 "${DEST_DIR}${DEST_BIN}/7za" - fi - - if [ -x bin/7zr ] -@@ -125,7 +123,7 @@ else - echo "- installing ${DEST_DIR}${DEST_BIN}/7zr" - mkdir -p "${DEST_DIR}${DEST_BIN}" - cp bin/7zr "${DEST_DIR}${DEST_BIN}/7zr" -- chmod 555 "${DEST_DIR}${DEST_BIN}/7zr" -+ chmod 755 "${DEST_DIR}${DEST_BIN}/7zr" - fi - fi - -@@ -134,27 +132,27 @@ if [ -d DOCS ] - then - echo "- installing ${DEST_DIR}${DEST_MAN}/man1/7z.1" - sed -e s?"{DEST_SHARE_DOC}"?"${DEST_SHARE_DOC}/DOCS"?g man1/7z.1 > "${DEST_DIR}${DEST_MAN}/man1/7z.1" -- chmod 444 "${DEST_DIR}${DEST_MAN}/man1/7z.1" -+ chmod 644 "${DEST_DIR}${DEST_MAN}/man1/7z.1" - - echo "- installing ${DEST_DIR}${DEST_MAN}/man1/7za.1" - sed -e s?"{DEST_SHARE_DOC}"?"${DEST_SHARE_DOC}/DOCS"?g man1/7za.1 > "${DEST_DIR}${DEST_MAN}/man1/7za.1" -- chmod 444 "${DEST_DIR}${DEST_MAN}/man1/7za.1" -+ chmod 644 "${DEST_DIR}${DEST_MAN}/man1/7za.1" - - echo "- installing ${DEST_DIR}${DEST_MAN}/man1/7zr.1" - sed -e s?"{DEST_SHARE_DOC}"?"${DEST_SHARE_DOC}/DOCS"?g man1/7zr.1 > "${DEST_DIR}${DEST_MAN}/man1/7zr.1" -- chmod 444 "${DEST_DIR}${DEST_MAN}/man1/7zr.1" -+ chmod 644 "${DEST_DIR}${DEST_MAN}/man1/7zr.1" - else - echo "- installing ${DEST_DIR}${DEST_MAN}/man1/7z.1" - grep -v "{DEST_SHARE_DOC}" man1/7z.1 > "${DEST_DIR}${DEST_MAN}/man1/7z.1" -- chmod 444 "${DEST_DIR}${DEST_MAN}/man1/7z.1" -+ chmod 644 "${DEST_DIR}${DEST_MAN}/man1/7z.1" - - echo "- installing ${DEST_DIR}${DEST_MAN}/man1/7za.1" - grep -v "{DEST_SHARE_DOC}" man1/7za.1 > "${DEST_DIR}${DEST_MAN}/man1/7za.1" -- chmod 444 "${DEST_DIR}${DEST_MAN}/man1/7za.1" -+ chmod 644 "${DEST_DIR}${DEST_MAN}/man1/7za.1" - - echo "- installing ${DEST_DIR}${DEST_MAN}/man1/7zr.1" - grep -v "{DEST_SHARE_DOC}" man1/7zr.1 > "${DEST_DIR}${DEST_MAN}/man1/7zr.1" -- chmod 444 "${DEST_DIR}${DEST_MAN}/man1/7zr.1" -+ chmod 644 "${DEST_DIR}${DEST_MAN}/man1/7zr.1" - fi - - if [ -f README ] -@@ -162,7 +160,7 @@ then - echo "- installing ${DEST_DIR}${DEST_SHARE_DOC}/README" - mkdir -p "${DEST_DIR}${DEST_SHARE_DOC}" - cp README "${DEST_DIR}${DEST_SHARE_DOC}/README" -- chmod 444 "${DEST_DIR}${DEST_SHARE_DOC}/README" -+ chmod 644 "${DEST_DIR}${DEST_SHARE_DOC}/README" - fi - - if [ -f ChangeLog ] -@@ -170,7 +168,7 @@ then - echo "- installing ${DEST_DIR}${DEST_SHARE_DOC}/ChangeLog" - mkdir -p "${DEST_DIR}${DEST_SHARE_DOC}" - cp ChangeLog "${DEST_DIR}${DEST_SHARE_DOC}/ChangeLog" -- chmod 444 "${DEST_DIR}${DEST_SHARE_DOC}/ChangeLog" -+ chmod 644 "${DEST_DIR}${DEST_SHARE_DOC}/ChangeLog" - fi - - if [ -d DOCS ] -@@ -178,8 +176,8 @@ then - echo "- installing HTML help in ${DEST_DIR}${DEST_SHARE_DOC}/DOCS" - mkdir -p "${DEST_DIR}${DEST_SHARE_DOC}" - cp -r DOCS "${DEST_DIR}${DEST_SHARE_DOC}/DOCS" -- find "${DEST_DIR}${DEST_SHARE_DOC}/DOCS" -type d -exec chmod 555 {} \; -- find "${DEST_DIR}${DEST_SHARE_DOC}/DOCS" -type f -exec chmod 444 {} \; -+ find "${DEST_DIR}${DEST_SHARE_DOC}/DOCS" -type d -exec chmod 755 {} \; -+ find "${DEST_DIR}${DEST_SHARE_DOC}/DOCS" -type f -exec chmod 644 {} \; - fi - - use_lang="n" diff --git a/p7zip_9.20.1-nostrip.patch b/p7zip_9.20.1-nostrip.patch deleted file mode 100644 index 9435126..0000000 --- a/p7zip_9.20.1-nostrip.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff -Naupr p7zip_9.20.1.orig/makefile.linux_amd64_asm p7zip_9.20.1/makefile.linux_amd64_asm ---- p7zip_9.20.1.orig/makefile.linux_amd64_asm 2009-12-22 19:11:03.000000000 +0100 -+++ p7zip_9.20.1/makefile.linux_amd64_asm 2011-07-26 14:43:58.275086735 +0200 -@@ -2,7 +2,7 @@ - OPTFLAGS=-O - - # use "-m32" to have a 32bits executable --ALLFLAGS=-m64 ${OPTFLAGS} -pipe -s \ -+ALLFLAGS=-m64 ${OPTFLAGS} -pipe \ - -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE \ - -DNDEBUG -D_REENTRANT -DENV_UNIX \ - -D_7ZIP_LARGE_PAGES \ -diff -Naupr p7zip_9.20.1.orig/makefile.linux_x86_asm_gcc_4.X p7zip_9.20.1/makefile.linux_x86_asm_gcc_4.X ---- p7zip_9.20.1.orig/makefile.linux_x86_asm_gcc_4.X 2011-01-11 21:57:50.000000000 +0100 -+++ p7zip_9.20.1/makefile.linux_x86_asm_gcc_4.X 2011-07-26 14:44:14.945027628 +0200 -@@ -4,7 +4,7 @@ - - OPTFLAGS=-O - --ALLFLAGS=${OPTFLAGS} -pipe -m32 -s \ -+ALLFLAGS=${OPTFLAGS} -pipe -m32 \ - -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE \ - -DNDEBUG -D_REENTRANT -DENV_UNIX \ - -D_7ZIP_LARGE_PAGES \ diff --git a/sources b/sources index bcd6e8a..25b0a88 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -0fb779e1b1fdc6828f4aed9f7fd3f7d6 p7zip_9.20.1_src_all-norar.tar.bz2 +51b361979baf8124935cfaa2888b4a10 p7zip_15.09_src_all-norar.tar.bz2 From 1984e15f454155a692b46a0b7b5aa8f820eba195 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Fri, 13 Nov 2015 00:01:55 +0000 Subject: [PATCH 10/15] fix rhbz #917366 --- p7zip.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/p7zip.spec b/p7zip.spec index 1c2a114..a33ebb1 100644 --- a/p7zip.spec +++ b/p7zip.spec @@ -1,7 +1,7 @@ Summary: Very high compression ratio file archiver Name: p7zip Version: 15.09 -Release: 1%{?dist} +Release: 2%{?dist} # Files under C/Compress/Lzma/ are dual LGPL or CPL License: LGPLv2 and (LGPLv2+ or CPL) Group: Applications/Archiving @@ -95,6 +95,7 @@ make install \ %files plugins %doc contrib/ %{_bindir}/7z +%dir %{_libexecdir}/p7zip/ %{_libexecdir}/p7zip/7z %{_libexecdir}/p7zip/7z.so #{_libexecdir}/p7zip/Codecs/ @@ -103,6 +104,9 @@ make install \ %changelog +* Thu Nov 12 2015 Sérgio Basto - 15.09-2 +- fix rhbz #917366 + * Thu Nov 05 2015 Sérgio Basto - 15.09-1 - Update to p7zip_15.09 - Use cmake. From 9218896c9eba9d242e5b5307e97280eff91da3c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Wed, 2 Dec 2015 22:43:22 +0000 Subject: [PATCH 11/15] Fix build on s390 architecture (#1286992) --- p7zip.spec | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/p7zip.spec b/p7zip.spec index a33ebb1..7edff1a 100644 --- a/p7zip.spec +++ b/p7zip.spec @@ -1,7 +1,7 @@ Summary: Very high compression ratio file archiver Name: p7zip Version: 15.09 -Release: 2%{?dist} +Release: 3%{?dist} # Files under C/Compress/Lzma/ are dual LGPL or CPL License: LGPLv2 and (LGPLv2+ or CPL) Group: Applications/Archiving @@ -16,6 +16,7 @@ URL: http://p7zip.sourceforge.net/ # tar --numeric-owner -cjvf p7zip_${VERSION}_src_all-norar.tar.bz2 p7zip_${VERSION} Source: p7zip_%{version}_src_all-norar.tar.bz2 Patch0: p7zip_15.09-norar_cmake.patch +Patch1: p7zip_15.09-s390.patch BuildRequires: cmake # BuildRequires: wxGTK3-devel wxGTK-devel # for 7zG GUI @@ -43,6 +44,7 @@ This package contains also a virtual file system for Midnight Commander. %prep %setup -q -n %{name}_%{version} %patch0 -p1 -b .norar_cmake +%patch1 -p1 -b .s390 # Move docs early so that they don't get installed by "make install" and we # can include them in %%doc mv DOC docs @@ -104,6 +106,9 @@ make install \ %changelog +* Wed Dec 02 2015 Sérgio Basto - 15.09-3 +- Fix build on s390 architecture (#1286992) + * Thu Nov 12 2015 Sérgio Basto - 15.09-2 - fix rhbz #917366 From c34dd485391960833540b0cc605398458531f37f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Wed, 2 Dec 2015 23:16:40 +0000 Subject: [PATCH 12/15] Forgot git add p7zip_15.09-s390.patch --- p7zip_15.09-s390.patch | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 p7zip_15.09-s390.patch diff --git a/p7zip_15.09-s390.patch b/p7zip_15.09-s390.patch new file mode 100644 index 0000000..5ae3af2 --- /dev/null +++ b/p7zip_15.09-s390.patch @@ -0,0 +1,11 @@ +--- p7zip_15.09.orig/C/CpuArch.h 2015-09-27 15:31:20.000000000 -0400 ++++ p7zip_15.09/C/CpuArch.h 2015-12-01 06:16:38.000000000 -0500 +@@ -77,7 +77,7 @@ + || defined(__MIPSEB) \ + || defined(_MIPSEB) \ + || defined(__m68k__) \ +- || defined(__s390x__) ++ || defined(__s390__) + #define MY_CPU_BE + #endif + From f3d8f17097e834fedd4f21a48123406a95af26a4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Thu, 3 Dec 2015 02:35:02 +0000 Subject: [PATCH 13/15] Fix CVE-2015-1038 (#1179505) --- p7zip.spec | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/p7zip.spec b/p7zip.spec index 7edff1a..c4a0887 100644 --- a/p7zip.spec +++ b/p7zip.spec @@ -1,7 +1,7 @@ Summary: Very high compression ratio file archiver Name: p7zip Version: 15.09 -Release: 3%{?dist} +Release: 4%{?dist} # Files under C/Compress/Lzma/ are dual LGPL or CPL License: LGPLv2 and (LGPLv2+ or CPL) Group: Applications/Archiving @@ -17,6 +17,7 @@ URL: http://p7zip.sourceforge.net/ Source: p7zip_%{version}_src_all-norar.tar.bz2 Patch0: p7zip_15.09-norar_cmake.patch Patch1: p7zip_15.09-s390.patch +Patch2: p7zip-15.09-CVE-2015-1038.patch BuildRequires: cmake # BuildRequires: wxGTK3-devel wxGTK-devel # for 7zG GUI @@ -45,6 +46,7 @@ This package contains also a virtual file system for Midnight Commander. %setup -q -n %{name}_%{version} %patch0 -p1 -b .norar_cmake %patch1 -p1 -b .s390 +%patch2 -p1 -b .CVE-2015-1038 # Move docs early so that they don't get installed by "make install" and we # can include them in %%doc mv DOC docs @@ -106,6 +108,9 @@ make install \ %changelog +* Thu Dec 03 2015 Sérgio Basto - 15.09-4 +- Fix CVE-2015-1038 (#1179505) + * Wed Dec 02 2015 Sérgio Basto - 15.09-3 - Fix build on s390 architecture (#1286992) From 212716b55d1e1062c029d5b05da2a467d39da18a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Thu, 3 Dec 2015 02:47:51 +0000 Subject: [PATCH 14/15] git add p7zip-9.38.1-CVE-2015-1038.patch --- p7zip-9.38.1-CVE-2015-1038.patch | 283 +++++++++++++++++++++++++++++++ 1 file changed, 283 insertions(+) create mode 100644 p7zip-9.38.1-CVE-2015-1038.patch diff --git a/p7zip-9.38.1-CVE-2015-1038.patch b/p7zip-9.38.1-CVE-2015-1038.patch new file mode 100644 index 0000000..c4e4436 --- /dev/null +++ b/p7zip-9.38.1-CVE-2015-1038.patch @@ -0,0 +1,283 @@ +Author: Ben Hutchings +Date: Tue, 19 May 2015 02:38:40 +0100 +Description: Delay creation of symlinks to prevent arbitrary file writes (CVE-2015-1038) +Bug: http://sourceforge.net/p/p7zip/bugs/147/ +Bug-Debian: https://bugs.debian.org/774660 + +Alexander Cherepanov discovered that 7zip is susceptible to a +directory traversal vulnerability. While extracting an archive, it +will extract symlinks and then follow them if they are referenced in +further entries. This can be exploited by a rogue archive to write +files outside the current directory. + +We have to create placeholder files (which we already do) and delay +creating symlinks until the end of extraction. + +Due to the possibility of anti-items (deletions) in the archive, it is +possible for placeholders to be deleted and replaced before we create +the symlinks. It's not clear that this can be used for mischief, but +GNU tar guards against similar problems by checking that the placeholder +still exists and is the same inode. XXX It also checks 'birth time' but +this isn't portable. We can probably get away with comparing ctime +since we don't support hard links. + +--- a/CPP/7zip/UI/Agent/Agent.cpp ++++ b/CPP/7zip/UI/Agent/Agent.cpp +@@ -1215,7 +1215,7 @@ STDMETHODIMP CAgentFolder::Extract(const + HRESULT result = _agentSpec->GetArchive()->Extract(&realIndices.Front(), + realIndices.Size(), testMode, extractCallback); + if (result == S_OK) +- result = extractCallbackSpec->SetDirsTimes(); ++ result = extractCallbackSpec->SetFinalAttribs(); + return result; + COM_TRY_END + } +--- a/CPP/7zip/UI/Client7z/Client7z.cpp ++++ b/CPP/7zip/UI/Client7z/Client7z.cpp +@@ -222,8 +222,11 @@ private: + COutFileStream *_outFileStreamSpec; + CMyComPtr _outFileStream; + ++ CObjectVector _delayedSymLinks; ++ + public: + void Init(IInArchive *archiveHandler, const FString &directoryPath); ++ HRESULT SetFinalAttribs(); + + UInt64 NumErrors; + bool PasswordIsDefined; +@@ -441,11 +444,23 @@ STDMETHODIMP CArchiveExtractCallback::Se + } + _outFileStream.Release(); + if (_extractMode && _processedFileInfo.AttribDefined) +- SetFileAttrib(_diskFilePath, _processedFileInfo.Attrib); ++ SetFileAttrib(_diskFilePath, _processedFileInfo.Attrib, &_delayedSymLinks); + PrintNewLine(); + return S_OK; + } + ++HRESULT CArchiveExtractCallback::SetFinalAttribs() ++{ ++ HRESULT result = S_OK; ++ ++ for (int i = 0; i != _delayedSymLinks.Size(); ++i) ++ if (!_delayedSymLinks[i].Create()) ++ result = E_FAIL; ++ ++ _delayedSymLinks.Clear(); ++ ++ return result; ++} + + STDMETHODIMP CArchiveExtractCallback::CryptoGetTextPassword(BSTR *password) + { +@@ -912,6 +927,8 @@ int MY_CDECL main(int numArgs, const cha + // extractCallbackSpec->PasswordIsDefined = true; + // extractCallbackSpec->Password = L"1"; + HRESULT result = archive->Extract(NULL, (UInt32)(Int32)(-1), false, extractCallback); ++ if (result == S_OK) ++ result = extractCallbackSpec->SetFinalAttribs(); + if (result != S_OK) + { + PrintError("Extract Error"); +--- a/CPP/7zip/UI/Common/ArchiveExtractCallback.cpp ++++ b/CPP/7zip/UI/Common/ArchiveExtractCallback.cpp +@@ -1083,7 +1083,7 @@ STDMETHODIMP CArchiveExtractCallback::Se + NumFiles++; + + if (_extractMode && _fi.AttribDefined) +- SetFileAttrib(_diskFilePath, _fi.Attrib); ++ SetFileAttrib(_diskFilePath, _fi.Attrib, &_delayedSymLinks); + RINOK(_extractCallback2->SetOperationResult(operationResult, _encrypted)); + return S_OK; + COM_TRY_END +@@ -1149,8 +1149,9 @@ static int GetNumSlashes(const FChar *s) + } + } + +-HRESULT CArchiveExtractCallback::SetDirsTimes() ++HRESULT CArchiveExtractCallback::SetFinalAttribs() + { ++ HRESULT result = S_OK; + CRecordVector pairs; + pairs.ClearAndSetSize(_extractedFolderPaths.Size()); + unsigned i; +@@ -1187,5 +1188,12 @@ HRESULT CArchiveExtractCallback::SetDirs + (WriteATime && ATimeDefined) ? &ATime : NULL, + (WriteMTime && MTimeDefined) ? &MTime : (_arc->MTimeDefined ? &_arc->MTime : NULL)); + } +- return S_OK; ++ ++ for (int i = 0; i != _delayedSymLinks.Size(); ++i) ++ if (!_delayedSymLinks[i].Create()) ++ result = E_FAIL; ++ ++ _delayedSymLinks.Clear(); ++ ++ return result; + } +--- a/CPP/7zip/UI/Common/ArchiveExtractCallback.h ++++ b/CPP/7zip/UI/Common/ArchiveExtractCallback.h +@@ -6,6 +6,8 @@ + #include "../../../Common/MyCom.h" + #include "../../../Common/Wildcard.h" + ++#include "../../../Windows/FileDir.h" ++ + #include "../../IPassword.h" + + #include "../../Common/FileStreams.h" +@@ -213,6 +215,8 @@ class CArchiveExtractCallback: + bool _saclEnabled; + #endif + ++ CObjectVector _delayedSymLinks; ++ + void CreateComplexDirectory(const UStringVector &dirPathParts, FString &fullPath); + HRESULT GetTime(int index, PROPID propID, FILETIME &filetime, bool &filetimeIsDefined); + HRESULT GetUnpackSize(); +@@ -293,7 +297,7 @@ public: + _baseParentFolder = indexInArc; + } + +- HRESULT SetDirsTimes(); ++ HRESULT SetFinalAttribs(); + }; + + #endif +--- a/CPP/7zip/UI/Common/Extract.cpp ++++ b/CPP/7zip/UI/Common/Extract.cpp +@@ -170,7 +170,7 @@ static HRESULT DecompressArchive( + else + result = archive->Extract(&realIndices.Front(), realIndices.Size(), testMode, ecs); + if (result == S_OK && !options.StdInMode) +- result = ecs->SetDirsTimes(); ++ result = ecs->SetFinalAttribs(); + return callback->ExtractResult(result); + } + +--- a/CPP/Windows/FileDir.cpp ++++ b/CPP/Windows/FileDir.cpp +@@ -343,7 +343,8 @@ static int convert_to_symlink(const char + return -1; + } + +-bool SetFileAttrib(CFSTR fileName, DWORD fileAttributes) ++bool SetFileAttrib(CFSTR fileName, DWORD fileAttributes, ++ CObjectVector *delayedSymLinks) + { + if (!fileName) { + SetLastError(ERROR_PATH_NOT_FOUND); +@@ -375,7 +376,9 @@ bool SetFileAttrib(CFSTR fileName, DWORD + stat_info.st_mode = fileAttributes >> 16; + #ifdef ENV_HAVE_LSTAT + if (S_ISLNK(stat_info.st_mode)) { +- if ( convert_to_symlink(name) != 0) { ++ if (delayedSymLinks) ++ delayedSymLinks->Add(CDelayedSymLink(name)); ++ else if ( convert_to_symlink(name) != 0) { + TRACEN((printf("SetFileAttrib(%s,%d) : false-3\n",(const char *)name,fileAttributes))) + return false; + } +@@ -885,6 +888,43 @@ bool CTempDir::Remove() + return !_mustBeDeleted; + } + ++#ifdef ENV_UNIX ++ ++CDelayedSymLink::CDelayedSymLink(const char * source) ++ : _source(source) ++{ ++ struct stat st; ++ ++ if (lstat(_source, &st) == 0) { ++ _dev = st.st_dev; ++ _ino = st.st_ino; ++ } else { ++ _dev = 0; ++ } ++} ++ ++bool CDelayedSymLink::Create() ++{ ++ struct stat st; ++ ++ if (_dev == 0) { ++ errno = EPERM; ++ return false; ++ } ++ if (lstat(_source, &st) != 0) ++ return false; ++ if (_dev != st.st_dev || _ino != st.st_ino) { ++ // Placeholder file has been overwritten or moved by another ++ // symbolic link creation ++ errno = EPERM; ++ return false; ++ } ++ ++ return convert_to_symlink(_source) == 0; ++} ++ ++#endif // ENV_UNIX ++ + }}} + + +--- a/CPP/Windows/FileDir.h ++++ b/CPP/Windows/FileDir.h +@@ -4,6 +4,7 @@ + #define __WINDOWS_FILE_DIR_H + + #include "../Common/MyString.h" ++#include "../Common/MyVector.h" + + #include "FileIO.h" + +@@ -11,11 +12,14 @@ namespace NWindows { + namespace NFile { + namespace NDir { + ++class CDelayedSymLink; ++ + bool GetWindowsDir(FString &path); + bool GetSystemDir(FString &path); + + bool SetDirTime(CFSTR path, const FILETIME *cTime, const FILETIME *aTime, const FILETIME *mTime); +-bool SetFileAttrib(CFSTR path, DWORD attrib); ++bool SetFileAttrib(CFSTR path, DWORD attrib, ++ CObjectVector *delayedSymLinks = 0); + bool MyMoveFile(CFSTR existFileName, CFSTR newFileName); + + #ifndef UNDER_CE +@@ -69,6 +73,31 @@ public: + bool Remove(); + }; + ++// Symbolic links must be created last so that they can't be used to ++// create or overwrite files above the extraction directory. ++class CDelayedSymLink ++{ ++#ifdef ENV_UNIX ++ // Where the symlink should be created. The target is specified in ++ // the placeholder file. ++ AString _source; ++ ++ // Device and inode of the placeholder file. Before creating the ++ // symlink, we must check that these haven't been changed by creation ++ // of another symlink. ++ dev_t _dev; ++ ino_t _ino; ++ ++public: ++ explicit CDelayedSymLink(const char * source); ++ bool Create(); ++#else // !ENV_UNIX ++public: ++ CDelayedSymLink(const char * source) {} ++ bool Create() { return true; } ++#endif // ENV_UNIX ++}; ++ + #if !defined(UNDER_CE) + class CCurrentDirRestorer + { From 578cf139e9ec7d1dbfbccb44e48acec255ae833f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Thu, 3 Dec 2015 02:52:22 +0000 Subject: [PATCH 15/15] Added the correct p7zip-15.09-CVE-2015-1038.patch --- ...8.patch => p7zip-15.09-CVE-2015-1038.patch | 77 ++++++++++--------- 1 file changed, 42 insertions(+), 35 deletions(-) rename p7zip-9.38.1-CVE-2015-1038.patch => p7zip-15.09-CVE-2015-1038.patch (70%) diff --git a/p7zip-9.38.1-CVE-2015-1038.patch b/p7zip-15.09-CVE-2015-1038.patch similarity index 70% rename from p7zip-9.38.1-CVE-2015-1038.patch rename to p7zip-15.09-CVE-2015-1038.patch index c4e4436..5da28c5 100644 --- a/p7zip-9.38.1-CVE-2015-1038.patch +++ b/p7zip-15.09-CVE-2015-1038.patch @@ -21,9 +21,10 @@ still exists and is the same inode. XXX It also checks 'birth time' but this isn't portable. We can probably get away with comparing ctime since we don't support hard links. ---- a/CPP/7zip/UI/Agent/Agent.cpp -+++ b/CPP/7zip/UI/Agent/Agent.cpp -@@ -1215,7 +1215,7 @@ STDMETHODIMP CAgentFolder::Extract(const +diff -rup p7zip_15.09.orig/CPP/7zip/UI/Agent/Agent.cpp p7zip_15.09/CPP/7zip/UI/Agent/Agent.cpp +--- p7zip_15.09.orig/CPP/7zip/UI/Agent/Agent.cpp 2015-09-17 20:02:35.000000000 +0100 ++++ p7zip_15.09/CPP/7zip/UI/Agent/Agent.cpp 2015-12-03 02:22:47.073724194 +0000 +@@ -1515,7 +1515,7 @@ STDMETHODIMP CAgentFolder::Extract(const HRESULT result = _agentSpec->GetArchive()->Extract(&realIndices.Front(), realIndices.Size(), testMode, extractCallback); if (result == S_OK) @@ -32,9 +33,10 @@ since we don't support hard links. return result; COM_TRY_END } ---- a/CPP/7zip/UI/Client7z/Client7z.cpp -+++ b/CPP/7zip/UI/Client7z/Client7z.cpp -@@ -222,8 +222,11 @@ private: +diff -rup p7zip_15.09.orig/CPP/7zip/UI/Client7z/Client7z.cpp p7zip_15.09/CPP/7zip/UI/Client7z/Client7z.cpp +--- p7zip_15.09.orig/CPP/7zip/UI/Client7z/Client7z.cpp 2015-10-17 15:52:30.000000000 +0100 ++++ p7zip_15.09/CPP/7zip/UI/Client7z/Client7z.cpp 2015-12-03 02:22:47.073724194 +0000 +@@ -230,8 +230,11 @@ private: COutFileStream *_outFileStreamSpec; CMyComPtr _outFileStream; @@ -46,7 +48,7 @@ since we don't support hard links. UInt64 NumErrors; bool PasswordIsDefined; -@@ -441,11 +444,23 @@ STDMETHODIMP CArchiveExtractCallback::Se +@@ -449,11 +452,23 @@ STDMETHODIMP CArchiveExtractCallback::Se } _outFileStream.Release(); if (_extractMode && _processedFileInfo.AttribDefined) @@ -71,7 +73,7 @@ since we don't support hard links. STDMETHODIMP CArchiveExtractCallback::CryptoGetTextPassword(BSTR *password) { -@@ -912,6 +927,8 @@ int MY_CDECL main(int numArgs, const cha +@@ -914,6 +929,8 @@ int MY_CDECL main(int numArgs, const cha // extractCallbackSpec->PasswordIsDefined = true; // extractCallbackSpec->Password = L"1"; HRESULT result = archive->Extract(NULL, (UInt32)(Int32)(-1), false, extractCallback); @@ -80,18 +82,19 @@ since we don't support hard links. if (result != S_OK) { PrintError("Extract Error"); ---- a/CPP/7zip/UI/Common/ArchiveExtractCallback.cpp -+++ b/CPP/7zip/UI/Common/ArchiveExtractCallback.cpp -@@ -1083,7 +1083,7 @@ STDMETHODIMP CArchiveExtractCallback::Se +diff -rup p7zip_15.09.orig/CPP/7zip/UI/Common/ArchiveExtractCallback.cpp p7zip_15.09/CPP/7zip/UI/Common/ArchiveExtractCallback.cpp +--- p7zip_15.09.orig/CPP/7zip/UI/Common/ArchiveExtractCallback.cpp 2015-10-03 09:49:15.000000000 +0100 ++++ p7zip_15.09/CPP/7zip/UI/Common/ArchiveExtractCallback.cpp 2015-12-03 02:24:40.444963545 +0000 +@@ -1502,7 +1502,7 @@ STDMETHODIMP CArchiveExtractCallback::Se NumFiles++; - if (_extractMode && _fi.AttribDefined) + if (!_stdOutMode && _extractMode && _fi.AttribDefined) - SetFileAttrib(_diskFilePath, _fi.Attrib); + SetFileAttrib(_diskFilePath, _fi.Attrib, &_delayedSymLinks); - RINOK(_extractCallback2->SetOperationResult(operationResult, _encrypted)); - return S_OK; - COM_TRY_END -@@ -1149,8 +1149,9 @@ static int GetNumSlashes(const FChar *s) + + RINOK(_extractCallback2->SetOperationResult(opRes, BoolToInt(_encrypted))); + +@@ -1584,8 +1584,9 @@ static unsigned GetNumSlashes(const FCha } } @@ -102,7 +105,7 @@ since we don't support hard links. CRecordVector pairs; pairs.ClearAndSetSize(_extractedFolderPaths.Size()); unsigned i; -@@ -1187,5 +1188,12 @@ HRESULT CArchiveExtractCallback::SetDirs +@@ -1622,5 +1623,12 @@ HRESULT CArchiveExtractCallback::SetDirs (WriteATime && ATimeDefined) ? &ATime : NULL, (WriteMTime && MTimeDefined) ? &MTime : (_arc->MTimeDefined ? &_arc->MTime : NULL)); } @@ -116,8 +119,9 @@ since we don't support hard links. + + return result; } ---- a/CPP/7zip/UI/Common/ArchiveExtractCallback.h -+++ b/CPP/7zip/UI/Common/ArchiveExtractCallback.h +diff -rup p7zip_15.09.orig/CPP/7zip/UI/Common/ArchiveExtractCallback.h p7zip_15.09/CPP/7zip/UI/Common/ArchiveExtractCallback.h +--- p7zip_15.09.orig/CPP/7zip/UI/Common/ArchiveExtractCallback.h 2015-10-03 11:29:09.000000000 +0100 ++++ p7zip_15.09/CPP/7zip/UI/Common/ArchiveExtractCallback.h 2015-12-03 02:22:47.074724204 +0000 @@ -6,6 +6,8 @@ #include "../../../Common/MyCom.h" #include "../../../Common/Wildcard.h" @@ -127,7 +131,7 @@ since we don't support hard links. #include "../../IPassword.h" #include "../../Common/FileStreams.h" -@@ -213,6 +215,8 @@ class CArchiveExtractCallback: +@@ -237,6 +239,8 @@ class CArchiveExtractCallback: bool _saclEnabled; #endif @@ -136,18 +140,19 @@ since we don't support hard links. void CreateComplexDirectory(const UStringVector &dirPathParts, FString &fullPath); HRESULT GetTime(int index, PROPID propID, FILETIME &filetime, bool &filetimeIsDefined); HRESULT GetUnpackSize(); -@@ -293,7 +297,7 @@ public: - _baseParentFolder = indexInArc; +@@ -330,7 +334,7 @@ public: } + #endif - HRESULT SetDirsTimes(); + HRESULT SetFinalAttribs(); }; - #endif ---- a/CPP/7zip/UI/Common/Extract.cpp -+++ b/CPP/7zip/UI/Common/Extract.cpp -@@ -170,7 +170,7 @@ static HRESULT DecompressArchive( + bool CensorNode_CheckPath(const NWildcard::CCensorNode &node, const CReadArcItem &item); +diff -rup p7zip_15.09.orig/CPP/7zip/UI/Common/Extract.cpp p7zip_15.09/CPP/7zip/UI/Common/Extract.cpp +--- p7zip_15.09.orig/CPP/7zip/UI/Common/Extract.cpp 2015-09-07 20:47:32.000000000 +0100 ++++ p7zip_15.09/CPP/7zip/UI/Common/Extract.cpp 2015-12-03 02:22:47.075724215 +0000 +@@ -207,7 +207,7 @@ static HRESULT DecompressArchive( else result = archive->Extract(&realIndices.Front(), realIndices.Size(), testMode, ecs); if (result == S_OK && !options.StdInMode) @@ -156,9 +161,10 @@ since we don't support hard links. return callback->ExtractResult(result); } ---- a/CPP/Windows/FileDir.cpp -+++ b/CPP/Windows/FileDir.cpp -@@ -343,7 +343,8 @@ static int convert_to_symlink(const char +diff -rup p7zip_15.09.orig/CPP/Windows/FileDir.cpp p7zip_15.09/CPP/Windows/FileDir.cpp +--- p7zip_15.09.orig/CPP/Windows/FileDir.cpp 2015-10-10 13:37:41.000000000 +0100 ++++ p7zip_15.09/CPP/Windows/FileDir.cpp 2015-12-03 02:22:47.075724215 +0000 +@@ -347,7 +347,8 @@ static int convert_to_symlink(const char return -1; } @@ -168,7 +174,7 @@ since we don't support hard links. { if (!fileName) { SetLastError(ERROR_PATH_NOT_FOUND); -@@ -375,7 +376,9 @@ bool SetFileAttrib(CFSTR fileName, DWORD +@@ -379,7 +380,9 @@ bool SetFileAttrib(CFSTR fileName, DWORD stat_info.st_mode = fileAttributes >> 16; #ifdef ENV_HAVE_LSTAT if (S_ISLNK(stat_info.st_mode)) { @@ -179,7 +185,7 @@ since we don't support hard links. TRACEN((printf("SetFileAttrib(%s,%d) : false-3\n",(const char *)name,fileAttributes))) return false; } -@@ -885,6 +888,43 @@ bool CTempDir::Remove() +@@ -814,6 +817,43 @@ bool CTempDir::Remove() return !_mustBeDeleted; } @@ -222,9 +228,10 @@ since we don't support hard links. + }}} - ---- a/CPP/Windows/FileDir.h -+++ b/CPP/Windows/FileDir.h + #ifndef _SFX +diff -rup p7zip_15.09.orig/CPP/Windows/FileDir.h p7zip_15.09/CPP/Windows/FileDir.h +--- p7zip_15.09.orig/CPP/Windows/FileDir.h 2015-06-19 11:52:06.000000000 +0100 ++++ p7zip_15.09/CPP/Windows/FileDir.h 2015-12-03 02:22:47.075724215 +0000 @@ -4,6 +4,7 @@ #define __WINDOWS_FILE_DIR_H @@ -249,7 +256,7 @@ since we don't support hard links. bool MyMoveFile(CFSTR existFileName, CFSTR newFileName); #ifndef UNDER_CE -@@ -69,6 +73,31 @@ public: +@@ -76,6 +80,31 @@ public: bool Remove(); };