Fix for format-security, bug #547082

Signed-off-by: Justin Lecher <jlec@gentoo.org>
Package-Manager: portage-2.2.20/cvs/Linux x86_64
Manifest-Sign-Key: 0xE9402A79B03529A2!

4 files changed, 143 insertions, 20 deletions

diff --git a/sci-libs/cctbx/ChangeLog b/sci-libs/cctbx/ChangeLog
index b2e804aa050d..aabcf24fba51 100644
--- a/sci-libs/cctbx/ChangeLog
+++ b/sci-libs/cctbx/ChangeLog
@@ -1,6 +1,10 @@
 # ChangeLog for sci-libs/cctbx
 # Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sci-libs/cctbx/ChangeLog,v 1.38 2015/04/22 06:58:03 jlec Exp $
+# $Header: /var/cvsroot/gentoo-x86/sci-libs/cctbx/ChangeLog,v 1.39 2015/08/06 13:05:31 jlec Exp $
+
+  06 Aug 2015; Justin Lecher <jlec@gentoo.org>
+  +files/2010.03.29.2334-format-security.patch, cctbx-2010.03.29.2334-r7.ebuild:
+  Fix for format-security, bug #547082
 
   22 Apr 2015; Justin Lecher <jlec@gentoo.org> -cctbx-2010.03.29.2334-r6.ebuild:
   Drop old
diff --git a/sci-libs/cctbx/Manifest b/sci-libs/cctbx/Manifest
index 636148d875dc..2c4ed7077e9c 100644
--- a/sci-libs/cctbx/Manifest
+++ b/sci-libs/cctbx/Manifest
@@ -4,30 +4,31 @@ Hash: SHA512
 AUX 2010.03.29.2334-boost.patch 18175 SHA256 f6a8a246dfd42e7981687802a0e00d933759d3c749c0344bfbfbfde12814f4d7 SHA512 e722312a878be229a24269471902bd1febe98c5510bfc50e1ba3a841c1a0228cdb7964e69703083850052e49e91899b229bc3543d90485ba50e79e7eceb11e2e WHIRLPOOL f87a78d93a94fb93fd243269fe1e5c0cfcc6beff02d936d2b609cece6ea9fbe08b5201c354f982df6ef5f09b84032a25b8a3cac357abf6279c6b5a5b2468e0e7
 AUX 2010.03.29.2334-clipper.patch 2209 SHA256 e7c8bf813bedd3b67de5ce727d5f75e9635568769373f237e7b624ed143351b1 SHA512 cb3fc1f89d9a4008b4add3ef2ecf5b2aa8e875e41e169916859a8e508858bc9548023bb552d4cb3794c46788eaa325c75bb858c7c08799b87f2e31bef57cf69a WHIRLPOOL 84b427cfc9ddba9891197f8185123a8f5831e6a9beaafe58ced2f52ea3d492217cbb5264f3118ec9f27b12746141b788e9464a66b00c56f54b786bd3aada9351
 AUX 2010.03.29.2334-flags.patch 3336 SHA256 769edb3e5dcb608b54ab4d33c5933b523f73ff62c6cb627c4eb4b1a2086e40b1 SHA512 63ccefc4303136c9fea854fecdbed39efe9d7f565000bc356addc2b268e042c34815da3416e9960200b9f6ac33b7c4bb7ce705a7b7939cd65ef4f925d56ced41 WHIRLPOOL 22e86a519b74e54d6655e85defb1c9bd66bf8535c3b44cd03e924fffc6ddd6b5cf6d9dd0c69a82d1970893f19671ddd46ae8883c52763d29e3e20bfbe7da9cdc
+AUX 2010.03.29.2334-format-security.patch 4696 SHA256 fccc39e80b59d3b728b1611777a218ad1b349d60209cceefb7aea5339be8da6b SHA512 715c3b810c7c89864c8192dc9678cd8e758ba1bbb39782a2077f7ca598ddd2bc01114d4e5b58821c3246f1951d8b53b8ecdc085b3a03e2ebb5082a9dbf46a156 WHIRLPOOL 1d8d57955b326da2d2b46329cf5e6df11107e7761034763a58f4a35d28ec003783ae9e60eef9c5e7d38a95bdcfb4453d39ac3b69ef69cad8caa61a05d5feed84
 AUX 2010.03.29.2334-gcc-4.6.patch 1059 SHA256 dad06be10e1ba3fefee9f9aa79a897635cb8362f5719c5c8c5e5c25d1bea6236 SHA512 25ad8471b1108549de6806752f886057e86e875dbcf78ad4f11095a54295d2234bf704b55559bf48ff50f0db64fb3d6a0367bcdc85e517a244abecdbbcabb2c1 WHIRLPOOL 5e1d0cc70b9501ffce3af51ffd921b8d3ab30c7bf690ac2f31a823fbcfd8dd38aa6bbe9e1304bfae9750a917df622391fb0b68da898bd662f838d172f1737721
 AUX 2010.03.29.2334-gcc-4.7.patch 6747 SHA256 ab01875a97ece09e4d729bb435b67960eff6193c27454cc889f0dda0cd3c92a5 SHA512 17d557567ed135c3c095f3849f2643121f6c183573f8e5b63e056180c5ca6985cd1fcf482378787fbf37078eb185bd2502dfc42fb163e50fc1567588d7e3ef0e WHIRLPOOL fc41e5fb4400103999e7a178547e46ec18253241fe69b0074d29223be36fc38ec7be725c2db10481db4d48634972cc51e4c3352c2ab44c687995dd027f9ad383
 AUX 2010.03.29.2334-soname.patch 5177 SHA256 dd4ea6dbf34c1b2d9572adec5a33fe6a73b1a99e8c4364123e69382bb161ce74 SHA512 3f62bc52c32c3573fbcd90fc49234498d7c28fc0dc7a68497041af35da46cbd9cb386b9b13ed2269a5728e87526987ac49179e38b2bcb6a355ee4c180e9f7861 WHIRLPOOL cdd533d510defea65388ccd25c63055fc2798edd4222d1aa1b0201671d2c074107a151edc5ba62b5677908d5c045f98f26cd5ae5574e9fc83919632c4258c77c
 AUX 2010.03.29.2334-tst_server.py.patch 774 SHA256 df058d16d2dc5beaac9f1a1fbf2e640994c7e881d449eb01ac338dadbfb15ac3 SHA512 490918c3139355ecb0430d908ccafc6d66cb25ec7df285cedbb983d80f3473425c72d0766262c557c0c783626479edd2528eaf83b1decdeba416dde193472d5a WHIRLPOOL cc15b95661d8cba66bc3e06b3589188582c5e637faa860c70a4bbc53450a02afb36ec14c51796fe34441bd74842c06c938e22258a5ea5bf3264237a7afc169bc
 DIST cctbx-2010.03.29.2334.tar.gz 15570372 SHA256 e1fae804caaf8593c7a3f32e4544046f4c00293063d9099721578cc8fbd17213 SHA512 7aafd647db49925fc1df16a9ccb4f8caf040b4d73e9601731eb3da3051467c3005fb2cc95b498501c899cd1bd378e6a6135cffe734cb4f93eccacbc13575b2c8 WHIRLPOOL 5954ce6ae8bd3a29deaa5d7f8b354d9468a87a01fc7d6aa9a0545e1d323b1ee209348e88270e2f50d7985b1916a7b5bf687dfdf871013d3ec35925fde253d9a0
-EBUILD cctbx-2010.03.29.2334-r7.ebuild 5781 SHA256 a373a15b6c3087ea69f5c31c87ae8aaac31707bd84953f83f775f56109352a51 SHA512 f388e2318381e6af18f4376c0dd73fa5692e2ebea6dc83e494942ac7a38c265b7a9b48cd08ca4946115f64431b8e39c31d31fb2e2f521f5ff0b00d23c77ea316 WHIRLPOOL 12fcea9d4f638fe045ab220c793594e15cc5863976c0840af7d5fa91dd12604399018dad3f02b78b00909995c40cdf206147b8df33f71219c3add4dcaef054d6
-MISC ChangeLog 6718 SHA256 d2e60ee0c34d38989854655108902403a9024c9e6622a3a78785fce01e3096d2 SHA512 334fde1d10d1f0ae506319d2e73a64b5d3afcdb56f5a98e160a88b5fe4ab17a4a16f426f7edb2943d35c9a57596c12b9ddb7380c88f0707bc8d380122e4a5d81 WHIRLPOOL 78c6492249b9d6209325180edfa8e5cb65244cd1295de3a3efc227ca23f2c4e0f98519002c91030705844cd24cb64d0e4c4177a6726618bc5a9a70addf1e2f84
+EBUILD cctbx-2010.03.29.2334-r7.ebuild 5826 SHA256 8f7de266906e66fcd62b55595dce8c8b9f4ad89eb50b4edbbbd8adbf683a5861 SHA512 2bf1b8cdb36fdacca26858ee1dea5a88ccceb5d70ab63262074954df5ab3a396b6a85cf84726cfc6d96770aa112b2534a64e2e92b00c9a167893ef115e2d9cc7 WHIRLPOOL e726025933c91688f039edd2a8b1f66c9c644cef5221479d33065ede053f2be05e705cde1c091dcf192faf53f460d6a5401d970f8269b52788cff2096de44972
+MISC ChangeLog 6886 SHA256 54f052fb0fa846f89f5b6e296f2fe238c8ec08363e644766e2f9b55a48d46db0 SHA512 eb358bfd2708aa1bb7f4c0e1ab9d136ae4d027ad3f26687a8f351dd9caf3ac9dcb7a4a1309013527b2dc221e857cee0b5e6db1436788b8a70863924a29e5f968 WHIRLPOOL 958d3f9e08df1540c79b021dfd9f7b647b7bfeec596a6d17b5b98a2ab9f34d4972586e05a97f561fbad50d5cc7c85a6638a0633ae7c53045bae02f7b49f88588
 MISC metadata.xml 773 SHA256 6d424e7d549ba25e0ed4efaa2114679116006dca9592bac473a78baef48af1f0 SHA512 81ddc8d7808b9ca772955e865e49bcff68fc686672679758433d0d3bf8d27047f9dfeb29b36e72bd0b5c86c4a1e50ecd01bce96c71d0790084a0ef5894094899 WHIRLPOOL dee8ca57313ed6cecef6f4108f06feb614fe4f450f2feeacf88a9da534a0a6ebb7b791abb19fed1f9cff771579fec96883a63caf6d4b2c3b3c2e8cf6ff799746
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.1
 
-iQJ8BAEBCgBmBQJVN0Z8XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
-ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQyQ0JDQjFGMzBDQ0UxMjFGNENDNDgxMDdC
-OUQ0RjIzMUJEMTU1OEFCAAoJELnU8jG9FVirejEP/ir2HyrUidTzA1NwzCu3dH5g
-0yzkViXqJQmf7pb8uhcn3dRmktlUu5gQZTKoDrnayWxzLsOeLnb0lGNw/h8F3Ij3
-aCU6jz700CSXfRmSys2D5jZpzTs50py4/juw+3vyA6jG6JItVqT6bxeak8nWtClm
-CQVJ1ByQqc/fdxU9ED3f5gx4CQAO50SL5qMRv6PAuLYasjp21C2zb8ykCPvbwguw
-LzU4iYG9sUfPVHVJRhN0kCSKBVo0E3gNUH8I9MB+F+GIOmkq7uAM37AmmTLfDFis
-iWG2Q+lx5IbE9ABwbWMaIoXV7Thsvvz+fp9VbCtLYE2d3ouaAeKpazn6KowUjqjr
-fycKj03rbxjeKxfyN+WUn3cgNk7y0Ekzel23yuaWDJrag/x5bf0o2fu/6LeDfqX7
-nlt39Yj+fe8sjs+hr28sFxE8S2pPvxiQe1Oj7sSeqKfVyWZ2JKRKueFwb6krlDyc
-0PUI1L/hneT3NMeDyT265EX4JODzzbvdfLK5twmcmfOND3jk0u/SF46T92gkfoXE
-CETgoS7u68COl/td0Ekn56cLSsBbgBc7uM6s0oOUT6RPkJd5kqQkcTMipt/ehO81
-szNtlUfAFd3s/UEIYGeGXKPyYX519Od4sKxLPXZayP3OmqwlYaDfauPEmmLSN8Hp
-oPDZIsvpDhIShl906H5m
-=0P38
+iQJ7BAEBCgBmBQJVw1ucXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
+ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ0QUU0N0I4NzFERUI0MTJFN0EyODE0NUFF
+OTQwMkE3OUIwMzUyOUEyAAoJEOlAKnmwNSmiaqMP+MT82rYxEJDf9jWATCCRO1Mt
+qUxpYbKfBj6rgmnEFE2HlNsbxY3DrzHsp5uvNSJhNCMSR9H1BLIiZLNJtD2Mcskw
+vyYQudJmnhzKIBen/dcVHcJY4tDWUzQEFNiGiSwYamjMHgPJv8S1mgafFHKPBptu
+X1REKkPArl37EopSgJZq7ZeI7ABLM8HsH3rZnmDfh59EkHsMf5SI4NZ1moYn4apf
+s5ZJ9F/yvyq4khYoRT4IRRISCpMOCoTPZkz/3OT1K7Pd65W/WJYZnK9r3tGgftWr
+1x8fm27gAHiFssDPyyJ6IKirnSO/bfyeR7SjebQBdCDzl0R1QfwI8B/gRRAMTa/V
+siMJRjX8x3nfnyrLjdk9a3NqntxLHh0ah33JOnKw7at4FohWz9GfCYonEUZdUHfW
+w8uQNhDPq1dBcC8GruP6K9kfNGc3J4A0JnicpGgdptY0ob+eDowaPiRj55wrdPnI
+Xqb4MyrF0W24STBj3wfmL8qFfFQWJrKIe5/5riPfOA3tEzLdXy2CAp6hilvtQPVD
+U3t/oOQyhg2Ougs/E+Y8wzyWUm53FvCxf9VRGwEGTYdtsi270yl/P7BkXITBpk7S
+6S7JedMRVDVbyzIoyJasfAuUcbpjpxjQG425JOJTHz7w4MlkiJgXgoyxFAkDEqQw
++rUNZabsqrr+EHiqMaM=
+=3Wyy
 -----END PGP SIGNATURE-----
diff --git a/sci-libs/cctbx/cctbx-2010.03.29.2334-r7.ebuild b/sci-libs/cctbx/cctbx-2010.03.29.2334-r7.ebuild
index bee0587fc4f9..5b77b3c5869e 100644
--- a/sci-libs/cctbx/cctbx-2010.03.29.2334-r7.ebuild
+++ b/sci-libs/cctbx/cctbx-2010.03.29.2334-r7.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2015 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sci-libs/cctbx/cctbx-2010.03.29.2334-r7.ebuild,v 1.7 2015/04/21 17:50:14 pacho Exp $
+# $Header: /var/cvsroot/gentoo-x86/sci-libs/cctbx/cctbx-2010.03.29.2334-r7.ebuild,v 1.8 2015/08/06 13:05:31 jlec Exp $
 
 EAPI=5
 
@@ -61,7 +61,8 @@ src_prepare() {
 		"${FILESDIR}"/${PV}-flags.patch \
 		"${FILESDIR}"/${PV}-soname.patch \
 		"${FILESDIR}"/${PV}-gcc-4.6.patch \
-		"${FILESDIR}"/${PV}-gcc-4.7.patch
+		"${FILESDIR}"/${PV}-gcc-4.7.patch \
+		"${FILESDIR}"/${PV}-format-security.patch
 
 	eprefixify "${MY_S}"/scitbx/libtbx_refresh.py
 
diff --git a/sci-libs/cctbx/files/2010.03.29.2334-format-security.patch b/sci-libs/cctbx/files/2010.03.29.2334-format-security.patch
new file mode 100644
index 000000000000..057c135f9953
--- /dev/null
+++ b/sci-libs/cctbx/files/2010.03.29.2334-format-security.patch
@@ -0,0 +1,117 @@
+ cctbx_sources/scitbx/lbfgsb/raw.h | 54 +++++++++++++++++++--------------------
+ 1 file changed, 27 insertions(+), 27 deletions(-)
+
+diff --git a/cctbx_sources/scitbx/lbfgsb/raw.h b/cctbx_sources/scitbx/lbfgsb/raw.h
+index 21afed7..5b15055 100644
+--- a/cctbx_sources/scitbx/lbfgsb/raw.h
++++ b/cctbx_sources/scitbx/lbfgsb/raw.h
+@@ -853,7 +853,7 @@ namespace raw {
+     if (iprint >= 99) {
+       printf(" LINE SEARCH%12d times; norm of step =  %.15G\n",
+              iback, xstep);
+-      printf(fmt_2001, iter,f,sbgnrm);
++      printf("%s %i %f %f", fmt_2001, iter,f,sbgnrm);
+       if (iprint > 100) {
+         write_ref1(" X =", x);
+         write_ref1(" G =", g);
+@@ -862,7 +862,7 @@ namespace raw {
+     else if (iprint > 0) {
+       int imod = iter % iprint;
+       if (imod == 0) {
+-        printf(fmt_2001, iter,f,sbgnrm);
++        printf("%s %i %f %f", fmt_2001, iter,f,sbgnrm);
+       }
+     }
+     if (iprint >= 1) {
+@@ -967,9 +967,9 @@ namespace raw {
+       "                  2 rounding error dominate computation.\n";
+     if (task.substr(0,5) == "ERROR") goto lbl_999;
+     if (iprint >= 0) {
+-      printf(fmt_3003);
+-      printf(fmt_3004);
+-      printf(fmt_3005, n,iter,nfgv,nintol,nskip,nact,sbgnrm,f);
++      printf("%s", fmt_3003);
++      printf("%s", fmt_3004);
++      printf("%s %i %i %i %i %i %i %f %f", fmt_3005, n,iter,nfgv,nintol,nskip,nact,sbgnrm,f);
+       if (iprint >= 100) {
+         write_ref1(" X =", x);
+       }
+@@ -977,40 +977,40 @@ namespace raw {
+     }
+     lbl_999:
+     if (iprint >= 0) {
+-      printf(fmt_3009, task.c_str());
++      printf("%s %s", fmt_3009, task.c_str());
+       if (info != 0) {
+-        if (info == -1) printf(fmt_9011);
+-        if (info == -2) printf(fmt_9012);
+-        if (info == -3) printf(fmt_9013);
+-        if (info == -4) printf(fmt_9014);
+-        if (info == -5) printf(fmt_9015);
++        if (info == -1) printf("%s", fmt_9011);
++        if (info == -2) printf("%s", fmt_9012);
++        if (info == -3) printf("%s", fmt_9013);
++        if (info == -4) printf("%s", fmt_9014);
++        if (info == -5) printf("%s", fmt_9015);
+         if (info == -6) {
+           printf("  Input nbd(%12d) is invalid.\n", k);
+         }
+         if (info == -7) {
+           printf("  l(%12d) > u(%12d).  No feasible solution.\n", k, k);
+         }
+-        if (info == -8) printf(fmt_9018);
+-        if (info == -9) printf(fmt_9019);
++        if (info == -8) printf("%s", fmt_9018);
++        if (info == -9) printf("%s", fmt_9019);
+       }
+-      if (iprint >= 1) printf(fmt_3007, cachyt,sbtime,lnscht);
+-      printf(fmt_3008, time);
++      if (iprint >= 1) printf("%s %f %f %f", fmt_3007, cachyt,sbtime,lnscht);
++      printf("%s %f", fmt_3008, time);
+       if (iprint >= 1) {
+         if (info == -4 || info == -9) {
+-          printf(fmt_3002,
++          printf("%s %i %i %i %i %s %i %f %f", fmt_3002,
+                  iter,nfgv,nint,nact,word.c_str(),iback,stp,xstep); // itfile
+         }
+-        printf(fmt_3009, task.c_str()); // itfile
++        printf("%s %s", fmt_3009, task.c_str()); // itfile
+         if (info != 0) {
+-          if (info == -1) printf(fmt_9011); // itfile
+-          if (info == -2) printf(fmt_9012); // itfile
+-          if (info == -3) printf(fmt_9013); // itfile
+-          if (info == -4) printf(fmt_9014); // itfile
+-          if (info == -5) printf(fmt_9015); // itfile
+-          if (info == -8) printf(fmt_9018); // itfile
+-          if (info == -9) printf(fmt_9019); // itfile
++          if (info == -1) printf("%s", fmt_9011); // itfile
++          if (info == -2) printf("%s", fmt_9012); // itfile
++          if (info == -3) printf("%s", fmt_9013); // itfile
++          if (info == -4) printf("%s", fmt_9014); // itfile
++          if (info == -5) printf("%s", fmt_9015); // itfile
++          if (info == -8) printf("%s", fmt_9018); // itfile
++          if (info == -9) printf("%s", fmt_9019); // itfile
+         }
+-        printf(fmt_3008, time); // itfile
++        printf("%s %f", fmt_3008, time); // itfile
+       }
+     }
+   }
+@@ -3902,7 +3902,7 @@ namespace raw {
+       "   refresh the lbfgs memory and restart the iteration.\n";
+     if (info != 0) {
+       // singular triangular system detected; refresh the lbfgs memory.
+-      if(iprint >= 1) printf(fmt_1005);
++      if(iprint >= 1) printf("%s", fmt_1005);
+       info   = 0;
+       col    = 0;
+       head   = 1;
+@@ -3968,7 +3968,7 @@ namespace raw {
+     if (info != 0) {
+       // singular triangular system detected;
+       // refresh the lbfgs memory and restart the iteration.
+-      if(iprint >= 1)  printf(fmt_1005);
++      if(iprint >= 1)  printf("%s", fmt_1005);
+       info   = 0;
+       col    = 0;
+       head   = 1;