diff options
| author |   Markus Meier <maekke@gentoo.org> | 2008-11-03 22:22:24 +0000 |
|---|---|---|
| committer | Markus Meier <maekke@gentoo.org> | 2008-11-03 22:22:24 +0000 |
| commit | 1b14167b55e436c3f1da56fe85c44c9af3b405c1 (patch) | |
| tree | 2bccac4f18401074fb434b6208a13c1022682f96 /media-gfx | |
| parent | amd64/x86 stable, bug #237385 (diff) | |
| download | gentoo-2-1b14167b55e436c3f1da56fe85c44c9af3b405c1.tar.gz gentoo-2-1b14167b55e436c3f1da56fe85c44c9af3b405c1.tar.bz2 gentoo-2-1b14167b55e436c3f1da56fe85c44c9af3b405c1.zip | |
security bumps for 2.43 (for stable) and 2.48a, bug #245310
(Portage version: 2.2_rc13/cvs/Linux 2.6.27.3 i686)
Diffstat (limited to 'media-gfx')
| -rw-r--r-- | media-gfx/blender/ChangeLog | 12 | ||||
| -rw-r--r-- | media-gfx/blender/blender-2.43-r3.ebuild | 137 | ||||
| -rw-r--r-- | media-gfx/blender/blender-2.48a-r2.ebuild | 151 | ||||
| -rw-r--r-- | media-gfx/blender/blender-2.48a-r3.ebuild | 152 | ||||
| -rw-r--r-- | media-gfx/blender/files/blender-2.43-CVE-2008-4863.patch | 15 | ||||
| -rw-r--r-- | media-gfx/blender/files/blender-2.48a-CVE-2008-4863.patch | 15 |
6 files changed, 481 insertions, 1 deletions
diff --git a/media-gfx/blender/ChangeLog b/media-gfx/blender/ChangeLog index 3120fc7fed41..f120967a49a4 100644 --- a/media-gfx/blender/ChangeLog +++ b/media-gfx/blender/ChangeLog @@ -1,6 +1,16 @@ # ChangeLog for media-gfx/blender # Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/media-gfx/blender/ChangeLog,v 1.157 2008/10/25 11:36:56 maekke Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-gfx/blender/ChangeLog,v 1.158 2008/11/03 22:22:24 maekke Exp $ + +*blender-2.48a-r3 (03 Nov 2008) +*blender-2.48a-r2 (03 Nov 2008) +*blender-2.43-r3 (03 Nov 2008) + + 03 Nov 2008; Markus Meier <maekke@gentoo.org> + +files/blender-2.43-CVE-2008-4863.patch, + +files/blender-2.48a-CVE-2008-4863.patch, +blender-2.43-r3.ebuild, + +blender-2.48a-r2.ebuild, +blender-2.48a-r3.ebuild: + security bumps for 2.43 (for stable) and 2.48a, bug #245310 *blender-2.48a-r1 (25 Oct 2008) *blender-2.48a (25 Oct 2008) diff --git a/media-gfx/blender/blender-2.43-r3.ebuild b/media-gfx/blender/blender-2.43-r3.ebuild new file mode 100644 index 000000000000..2208137f5fd9 --- /dev/null +++ b/media-gfx/blender/blender-2.43-r3.ebuild @@ -0,0 +1,137 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/media-gfx/blender/blender-2.43-r3.ebuild,v 1.1 2008/11/03 22:22:24 maekke Exp $ + +inherit multilib flag-o-matic eutils python + +#IUSE="jpeg mozilla png sdl static truetype" +IUSE="blender-game ffmpeg jpeg nls openal openexr png" +FFMPEG_SNAP="0.4.9-p20070330" +DESCRIPTION="3D Creation/Animation/Publishing System" +HOMEPAGE="http://www.blender.org/" +SRC_URI="http://download.blender.org/source/${P}.tar.gz + ffmpeg? ( mirror://gentoo/ffmpeg-${FFMPEG_SNAP}.tar.bz2 )" + +SLOT="0" +LICENSE="|| ( GPL-2 BL )" +KEYWORDS="~amd64 ~ppc ~ppc64 ~sparc ~x86" + +RDEPEND="=dev-lang/python-2.4* + >=dev-libs/openssl-0.9.6 + ffmpeg? ( >=media-video/ffmpeg-${FFMPEG_SNAP/-/_} + media-libs/x264 ) + jpeg? ( media-libs/jpeg ) + media-libs/tiff + nls? ( >=media-libs/freetype-2.0 + virtual/libintl + >=media-libs/ftgl-2.1 ) + openal? ( media-libs/openal + media-libs/freealut ) + openexr? ( media-libs/openexr ) + png? ( media-libs/libpng ) + >=media-libs/libsdl-1.2 + virtual/opengl" + +DEPEND="dev-util/scons + x11-libs/libXt + x11-proto/inputproto + ${RDEPEND}" + +blend_with() { + local UWORD="$2" + if [ -z "${UWORD}" ]; then + UWORD="$1" + fi + if useq $1; then + echo "WITH_BF_${UWORD}=1" | tr '[:lower:]' '[:upper:]' \ + >> "${S}"/user-config.py + else + echo "WITH_BF_${UWORD}=0" | tr '[:lower:]' '[:upper:]' \ + >> "${S}"/user-config.py + fi + return 0 +} + +src_unpack() { + unpack ${A} + cd "${S}"/release/plugins + chmod 755 bmake + rmdir include + cp -pPR "${S}"/source/blender/blenpluginapi include + + cd "${S}" + epatch "${FILESDIR}"/blender-2.37-dirs.patch + epatch "${FILESDIR}"/blender-2.45-cve-2008-1102.patch + epatch "${FILESDIR}"/blender-2.45-cve-2008-1103-1.patch + epatch "${FILESDIR}"/blender-2.45-cve-2008-1103-2.patch + epatch "${FILESDIR}"/${P}-CVE-2008-4863.patch + + if use ffmpeg ; then + cd "${S}"/extern + mv ffmpeg/Makefile ffmpeg/common.mak "${T}" + unpack ffmpeg-${FFMPEG_SNAP}.tar.bz2 + mv "${T}"/Makefile "${T}"/common.mak ffmpeg + fi + # pass compiler flags to the scons build system + echo "CFLAGS += '${CFLAGS}'" >> "${S}"/user-config.py + echo "CCFLAGS += ['${CXXFLAGS//' '/','}','-DYESIAMSTUPID']" \ + >> "${S}"/user-config.py + # disable blender-player and iconv + # echo "WITH_BF_PLAYER=0" >> ${S}/user-config.py + # echo "WITH_BF_ICONV=0" >> ${S}/user-config.py +} + +src_compile() { + myconf="${myconf} $(blend_with openal)" + myconf="${myconf} $(blend_with openexr)" + myconf="${myconf} $(blend_with jpeg)" + myconf="${myconf} $(blend_with ffmpeg)" + myconf="${myconf} $(blend_with png)" + myconf="${myconf} $(blend_with nls international)" + myconf="${myconf} $(blend_with blender-game gameengine)" + + # scons uses -l differently -> remove it + scons ${MAKEOPTS/-l[0-9]} -h > scons.config + scons ${MAKEOPTS/-l[0-9]} || die \ + "!!! Please add ${S}/scons.config when filing bugs reports to bugs.gentoo.org" + + cd "${S}"/release/plugins + emake || die +} + +src_install() { + exeinto /usr/bin/ + doexe "${WORKDIR}"/install/linux2/blender + + dodir /usr/share/${PN} + + exeinto /usr/$(get_libdir)/${PN}/textures + doexe "${S}"/release/plugins/texture/*.so + exeinto /usr/$(get_libdir)/${PN}/sequences + doexe "${S}"/release/plugins/sequence/*.so + insinto /usr/include/${PN} + doins "${S}"/release/plugins/include/*.h + + if use nls ; then + mv "${WORKDIR}"/install/linux2/.blender/{.Blanguages,.bfont.ttf} \ + "${D}"/usr/share/${PN} + mv "${WORKDIR}"/install/linux2/.blender/locale \ + "${D}"/usr/share/locale + fi + + mv "${WORKDIR}"/install/linux2/.blender/scripts "${D}"/usr/share/${PN} + + insinto /usr/share/pixmaps + doins "${FILESDIR}"/${PN}.png + insinto /usr/share/applications + doins "${FILESDIR}"/${PN}.desktop + + dodoc INSTALL README +} + +pkg_preinst(){ + if [ -h "${ROOT}/usr/$(get_libdir)/blender/plugins/include" ]; + then + rm -f "${ROOT}"/usr/$(get_libdir)/blender/plugins/include + fi +} diff --git a/media-gfx/blender/blender-2.48a-r2.ebuild b/media-gfx/blender/blender-2.48a-r2.ebuild new file mode 100644 index 000000000000..7d32ce9fdf41 --- /dev/null +++ b/media-gfx/blender/blender-2.48a-r2.ebuild @@ -0,0 +1,151 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/media-gfx/blender/blender-2.48a-r2.ebuild,v 1.1 2008/11/03 22:22:24 maekke Exp $ + +inherit multilib flag-o-matic eutils python + +#IUSE="jpeg mozilla png sdl static truetype" +IUSE="blender-game ffmpeg jpeg nls openal openexr openmp + player png quicktime verse" +DESCRIPTION="3D Creation/Animation/Publishing System" +HOMEPAGE="http://www.blender.org/" +SRC_URI="http://download.blender.org/source/${P}.tar.gz" + +SLOT="0" +LICENSE="|| ( GPL-2 BL )" +KEYWORDS="~amd64 ~ppc ~ppc64 ~sparc ~x86" + +RDEPEND=">=dev-libs/openssl-0.9.6 + ffmpeg? ( >=media-video/ffmpeg-0.4.9_p20070616-r1 + media-libs/x264 ) + jpeg? ( media-libs/jpeg ) + media-libs/tiff + >=dev-lang/python-2.4 + nls? ( >=media-libs/freetype-2.0 + virtual/libintl + >=media-libs/ftgl-2.1 ) + openal? ( media-libs/openal + media-libs/freealut ) + openexr? ( media-libs/openexr ) + png? ( media-libs/libpng ) + quicktime? ( media-libs/libquicktime ) + >=media-libs/libsdl-1.2 + virtual/opengl" + +DEPEND=">=dev-util/scons-0.98 + x11-libs/libXt + x11-proto/inputproto + ${RDEPEND}" + +blend_with() { + local UWORD="$2" + if [ -z "${UWORD}" ]; then + UWORD="$1" + fi + if useq $1; then + echo "WITH_BF_${UWORD}=1" | tr '[:lower:]' '[:upper:]' \ + >> "${S}"/user-config.py + else + echo "WITH_BF_${UWORD}=0" | tr '[:lower:]' '[:upper:]' \ + >> "${S}"/user-config.py + fi +} + +src_unpack() { + unpack ${A} + + cd "${S}" + epatch "${FILESDIR}"/${PN}-2.37-dirs.patch + epatch "${FILESDIR}"/${PN}-2.44-scriptsdir.patch + epatch "${FILESDIR}"/${PN}-2.46-cve-2008-1103-1.patch + epatch "${FILESDIR}"/${P}-CVE-2008-4863.patch + + if use ffmpeg ; then +# cd "${S}"/extern +# rm -rf ffmpeg libmp3lame x264 + cat <<- EOF >> "${S}"/user-config.py + BF_FFMPEG="/usr" + BF_FFMPEG_LIB="avformat avcodec swscale avutil" + EOF + fi + # pass compiler flags to the scons build system + # and set python version to current version in use + python_version + cat <<- EOF >> "${S}"/user-config.py + CFLAGS += '${CFLAGS}' + BF_PYTHON_VERSION="${PYVER}" + BF_PYTHON_INC="/usr/include/python${PYVER}" + BF_PYTHON_BINARY="/usr/bin/python${PYVER}" + BF_PYTHON_LIB="python${PYVER}" + EOF + + if use openmp && built_with_use --missing false sys-devel/gcc openmp ; then + echo "WITH_BF_OPENMP=1" >> "${S}"/user-config.py + elog "enabling openmp" + else + echo "WITH_BF_OPENMP=0" >> "${S}"/user-config.py + elog "disabling openmp" + fi +} + +src_compile() { + for arg in \ + 'blender-game gameengine' \ + 'ffmpeg' \ + 'jpeg' \ + 'nls international' \ + 'openal' \ + 'openexr' \ + 'player' \ + 'png' \ + 'verse' ; do + blend_with ${arg} + done + + # scons uses -l differently -> remove it + scons ${MAKEOPTS/-l[0-9]} || die \ + "!!! Please add ${S}/scons.config when filing bugs reports to bugs.gentoo.org" + + cd "${WORKDIR}"/install/linux2/plugins + chmod 755 bmake + emake || die +} + +src_install() { + exeinto /usr/bin/ + doexe "${WORKDIR}"/install/linux2/blender + use player && doexe "${WORKDIR}"/install/linux2/blenderplayer + + dodir /usr/share/${PN} + + exeinto /usr/$(get_libdir)/${PN}/textures + doexe "${WORKDIR}"/install/linux2/plugins/texture/*.so + exeinto /usr/$(get_libdir)/${PN}/sequences + doexe "${WORKDIR}"/install/linux2/plugins/sequence/*.so + insinto /usr/include/${PN} + doins "${WORKDIR}"/install/linux2/plugins/include/*.h + + if use nls ; then + mv "${WORKDIR}"/install/linux2/.blender/{.Blanguages,.bfont.ttf} \ + "${D}"/usr/share/${PN} + mv "${WORKDIR}"/install/linux2/.blender/locale \ + "${D}"/usr/share/locale + fi + + mv "${WORKDIR}"/install/linux2/.blender/scripts "${D}"/usr/share/${PN} + + insinto /usr/share/pixmaps + doins "${FILESDIR}"/${PN}.png + insinto /usr/share/applications + doins "${FILESDIR}"/${PN}.desktop + + dodoc INSTALL README + dodoc "${WORKDIR}"/install/linux2/BlenderQuickStart.pdf +} + +pkg_preinst(){ + if [ -h "${ROOT}/usr/$(get_libdir)/blender/plugins/include" ]; + then + rm -f "${ROOT}"/usr/$(get_libdir)/blender/plugins/include + fi +} diff --git a/media-gfx/blender/blender-2.48a-r3.ebuild b/media-gfx/blender/blender-2.48a-r3.ebuild new file mode 100644 index 000000000000..94ec67e960e8 --- /dev/null +++ b/media-gfx/blender/blender-2.48a-r3.ebuild @@ -0,0 +1,152 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/media-gfx/blender/blender-2.48a-r3.ebuild,v 1.1 2008/11/03 22:22:24 maekke Exp $ + +inherit multilib flag-o-matic eutils python + +#IUSE="jpeg mozilla png sdl static truetype" +IUSE="blender-game ffmpeg jpeg nls openal openexr openmp + player png quicktime verse" +DESCRIPTION="3D Creation/Animation/Publishing System" +HOMEPAGE="http://www.blender.org/" +SRC_URI="http://download.blender.org/source/${P}.tar.gz" + +SLOT="0" +LICENSE="|| ( GPL-2 BL )" +KEYWORDS="~amd64 ~ppc ~ppc64 ~sparc ~x86" + +RDEPEND=">=dev-libs/openssl-0.9.6 + ffmpeg? ( >=media-video/ffmpeg-0.4.9_p20080326 ) + jpeg? ( media-libs/jpeg ) + media-libs/tiff + >=dev-lang/python-2.4 + nls? ( >=media-libs/freetype-2.0 + virtual/libintl + >=media-libs/ftgl-2.1 ) + openal? ( media-libs/openal + media-libs/freealut ) + openexr? ( media-libs/openexr ) + png? ( media-libs/libpng ) + quicktime? ( media-libs/libquicktime ) + >=media-libs/libsdl-1.2 + virtual/opengl" + +DEPEND=">=dev-util/scons-0.98 + x11-libs/libXt + x11-proto/inputproto + ${RDEPEND}" + +blend_with() { + local UWORD="$2" + if [ -z "${UWORD}" ]; then + UWORD="$1" + fi + if useq $1; then + echo "WITH_BF_${UWORD}=1" | tr '[:lower:]' '[:upper:]' \ + >> "${S}"/user-config.py + else + echo "WITH_BF_${UWORD}=0" | tr '[:lower:]' '[:upper:]' \ + >> "${S}"/user-config.py + fi +} + +src_unpack() { + unpack ${A} + + cd "${S}" + epatch "${FILESDIR}"/${PN}-2.37-dirs.patch + epatch "${FILESDIR}"/${PN}-2.44-scriptsdir.patch + epatch "${FILESDIR}"/${PN}-2.46-ffmpeg.patch + epatch "${FILESDIR}"/${PN}-2.46-cve-2008-1103-1.patch + epatch "${FILESDIR}"/${PN}-2.48-ffmpeg-20081014.patch + epatch "${FILESDIR}"/${P}-CVE-2008-4863.patch + + if use ffmpeg ; then +# cd "${S}"/extern +# rm -rf ffmpeg libmp3lame x264 + cat <<- EOF >> "${S}"/user-config.py + BF_FFMPEG="/usr" + BF_FFMPEG_LIB="avformat avcodec swscale avutil" + EOF + fi + # pass compiler flags to the scons build system + # and set python version to current version in use + python_version + cat <<- EOF >> "${S}"/user-config.py + CFLAGS += '${CFLAGS}' + BF_PYTHON_VERSION="${PYVER}" + BF_PYTHON_INC="/usr/include/python${PYVER}" + BF_PYTHON_BINARY="/usr/bin/python${PYVER}" + BF_PYTHON_LIB="python${PYVER}" + EOF + + if use openmp && built_with_use --missing false sys-devel/gcc openmp ; then + echo "WITH_BF_OPENMP=1" >> "${S}"/user-config.py + elog "enabling openmp" + else + echo "WITH_BF_OPENMP=0" >> "${S}"/user-config.py + elog "disabling openmp" + fi +} + +src_compile() { + for arg in \ + 'blender-game gameengine' \ + 'ffmpeg' \ + 'jpeg' \ + 'nls international' \ + 'openal' \ + 'openexr' \ + 'player' \ + 'png' \ + 'verse' ; do + blend_with ${arg} + done + + # scons uses -l differently -> remove it + scons ${MAKEOPTS/-l[0-9]} || die \ + "!!! Please add ${S}/scons.config when filing bugs reports to bugs.gentoo.org" + + cd "${WORKDIR}"/install/linux2/plugins + chmod 755 bmake + emake || die +} + +src_install() { + exeinto /usr/bin/ + doexe "${WORKDIR}"/install/linux2/blender + use player && doexe "${WORKDIR}"/install/linux2/blenderplayer + + dodir /usr/share/${PN} + + exeinto /usr/$(get_libdir)/${PN}/textures + doexe "${WORKDIR}"/install/linux2/plugins/texture/*.so + exeinto /usr/$(get_libdir)/${PN}/sequences + doexe "${WORKDIR}"/install/linux2/plugins/sequence/*.so + insinto /usr/include/${PN} + doins "${WORKDIR}"/install/linux2/plugins/include/*.h + + if use nls ; then + mv "${WORKDIR}"/install/linux2/.blender/{.Blanguages,.bfont.ttf} \ + "${D}"/usr/share/${PN} + mv "${WORKDIR}"/install/linux2/.blender/locale \ + "${D}"/usr/share/locale + fi + + mv "${WORKDIR}"/install/linux2/.blender/scripts "${D}"/usr/share/${PN} + + insinto /usr/share/pixmaps + doins "${FILESDIR}"/${PN}.png + insinto /usr/share/applications + doins "${FILESDIR}"/${PN}.desktop + + dodoc INSTALL README + dodoc "${WORKDIR}"/install/linux2/BlenderQuickStart.pdf +} + +pkg_preinst(){ + if [ -h "${ROOT}/usr/$(get_libdir)/blender/plugins/include" ]; + then + rm -f "${ROOT}"/usr/$(get_libdir)/blender/plugins/include + fi +} diff --git a/media-gfx/blender/files/blender-2.43-CVE-2008-4863.patch b/media-gfx/blender/files/blender-2.43-CVE-2008-4863.patch new file mode 100644 index 000000000000..be19cc55fc91 --- /dev/null +++ b/media-gfx/blender/files/blender-2.43-CVE-2008-4863.patch @@ -0,0 +1,15 @@ +diff -ru blender-2.43.orig/source/blender/python/BPY_interface.c blender-2.43/source/blender/python/BPY_interface.c +--- blender-2.43.orig/source/blender/python/BPY_interface.c 2008-11-03 21:39:45.000000000 +0100 ++++ blender-2.43/source/blender/python/BPY_interface.c 2008-11-03 21:41:29.000000000 +0100 +@@ -178,6 +178,11 @@ + + //Start the interpreter + Py_Initialize( ); ++ ++ /* Sanitize sys.path to prevent relative imports loading modules in ++ the current working directory */ ++ PyRun_SimpleString("import sys; sys.path = filter(None, sys.path)"); ++ + PySys_SetArgv( argc_copy, argv_copy ); + + //Overrides __import__ diff --git a/media-gfx/blender/files/blender-2.48a-CVE-2008-4863.patch b/media-gfx/blender/files/blender-2.48a-CVE-2008-4863.patch new file mode 100644 index 000000000000..3162a0d8a840 --- /dev/null +++ b/media-gfx/blender/files/blender-2.48a-CVE-2008-4863.patch @@ -0,0 +1,15 @@ +diff -up blender-2.48a/source/blender/python/BPY_interface.c.cve blender-2.48a/source/blender/python/BPY_interface.c +--- blender-2.48a/source/blender/python/BPY_interface.c.cve 2008-11-03 17:31:19.000000000 +0100 ++++ blender-2.48a/source/blender/python/BPY_interface.c 2008-11-03 17:35:01.000000000 +0100 +@@ -225,6 +225,11 @@ void BPY_start_python( int argc, char ** + Py_Initialize( ); + + PySys_SetArgv( argc_copy, argv_copy ); ++ ++ /* Sanitize sys.path to prevent relative imports loading modules in ++ the current working directory */ ++ PyRun_SimpleString("import sys; sys.path = filter(None, sys.path)"); ++ + /* Initialize thread support (also acquires lock) */ + PyEval_InitThreads(); + |