diff options
author | Robert Coie <rac@gentoo.org> | 2003-03-09 22:42:42 +0000 |
---|---|---|
committer | Robert Coie <rac@gentoo.org> | 2003-03-09 22:42:42 +0000 |
commit | 1a6d5742b38cf62579194805ed36d2cd6e9bddb6 (patch) | |
tree | 80e88a8c8770824c65440d47bb7eeccf733c6457 /dev-db | |
parent | add back drobbins fix; remove fontconfig binaries (diff) | |
download | gentoo-2-1a6d5742b38cf62579194805ed36d2cd6e9bddb6.tar.gz gentoo-2-1a6d5742b38cf62579194805ed36d2cd6e9bddb6.tar.bz2 gentoo-2-1a6d5742b38cf62579194805ed36d2cd6e9bddb6.zip |
attempt to backport security fix to 0.8.7, hopefully can be made stable soon
Diffstat (limited to 'dev-db')
-rw-r--r-- | dev-db/mysqlcc/ChangeLog | 15 | ||||
-rw-r--r-- | dev-db/mysqlcc/files/digest-mysqlcc-0.8.7-r1 | 1 | ||||
-rw-r--r-- | dev-db/mysqlcc/files/mysqlcc-0.8.7-configperms.patch | 51 | ||||
-rw-r--r-- | dev-db/mysqlcc/files/mysqlcc-0.8.7-qmakespec.patch | 17 | ||||
-rw-r--r-- | dev-db/mysqlcc/mysqlcc-0.8.7-r1.ebuild | 58 |
5 files changed, 141 insertions, 1 deletions
diff --git a/dev-db/mysqlcc/ChangeLog b/dev-db/mysqlcc/ChangeLog index b266f8ced5ec..2564e4c76fb0 100644 --- a/dev-db/mysqlcc/ChangeLog +++ b/dev-db/mysqlcc/ChangeLog @@ -1,6 +1,19 @@ # ChangeLog for dev-db/mysqlcc # Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-db/mysqlcc/ChangeLog,v 1.6 2003/03/09 19:47:23 rac Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-db/mysqlcc/ChangeLog,v 1.7 2003/03/09 22:42:42 rac Exp $ + +*mysqlcc-0.8.7-r1 (09 Mar 2003) + + 09 Mar 2003; <rac@gentoo.org> mysqlcc-0.8.7-r1.ebuild, + files/mysqlcc-0.8.7-configperms.patch, files/mysqlcc-0.8.7-qmakespec.patch: + The config.sub included with this package does not recognize linux-gnu + machines correctly, so replace it with one taken from a local automake + installation and run autoreconf. Allow the ebuild to override the + QMAKESPEC variable, so that 'linux-g++' is picked up correctly. These + are backported from the 0.8.10-r1 ebuild. Also attempt to backport + the security fix eliminating world-readable configuration files and + directories that was applied upstream in 0.8.9, since 0.8.7 seems to + be the last version that will compile against MySQL 3.x. *mysqlcc-0.8.10-r1 (04 Mar 2003) diff --git a/dev-db/mysqlcc/files/digest-mysqlcc-0.8.7-r1 b/dev-db/mysqlcc/files/digest-mysqlcc-0.8.7-r1 new file mode 100644 index 000000000000..1ae841bca8d1 --- /dev/null +++ b/dev-db/mysqlcc/files/digest-mysqlcc-0.8.7-r1 @@ -0,0 +1 @@ +MD5 f6069be95adbf5049e9088610eed8c2e mysqlcc-0.8.7-src.tar.gz 404997 diff --git a/dev-db/mysqlcc/files/mysqlcc-0.8.7-configperms.patch b/dev-db/mysqlcc/files/mysqlcc-0.8.7-configperms.patch new file mode 100644 index 000000000000..c3f97aaa93b3 --- /dev/null +++ b/dev-db/mysqlcc/files/mysqlcc-0.8.7-configperms.patch @@ -0,0 +1,51 @@ +# This is an attempt to backport the security fix for leaving config +# files and directories world-readable that was originally applied in +# 0.8.9. 0.8.7 seems to be the last version that will compile without +# MySQL 4. +# Robert Coie <rac@gentoo.org> 2003.03.09 + +--- src/CConfig.cpp.orig 2003-03-09 13:25:08.000000000 -0800 ++++ src/CConfig.cpp 2003-03-09 13:27:19.000000000 -0800 +@@ -20,6 +20,12 @@ + #include <qdir.h> + #include <qstringlist.h> + #include <qfile.h> ++ ++#ifndef WIN32 ++#include <sys/types.h> ++#include <sys/stat.h> ++#endif ++ + #include "globals.h" + #include "config.h" + +@@ -183,6 +189,14 @@ + for (QMap<QString, QString>::Iterator it = entries.begin(); it != entries.end(); ++it) + t_strm << it.key() << "\t=\t" << it.data() << "\r\n"; + f_strm.close(); ++#ifndef WIN32 ++ if (chmod(absoluteConfigFileName, S_IRUSR | S_IWUSR) != 0) ++ { ++#ifdef DEBUG ++ qDebug("CConfig::save() - Coudn't set mode 600 for" + absoluteConfigFileName); ++#endif ++ } ++#endif + return true; + } + else +@@ -312,6 +326,14 @@ + #ifdef DEBUG + qDebug("private static CConfig::createDirectory() - " + d + " was created successfully."); + #endif ++#ifndef WIN32 ++ if (chmod(d, S_IRUSR | S_IWUSR | S_IXUSR) != 0) ++ { ++#ifdef DEBUG ++ qDebug("private static CConfig::createDirectory() - Coudn't set mode 700 for" + d); ++#endif ++ } ++#endif + return true; + } + else diff --git a/dev-db/mysqlcc/files/mysqlcc-0.8.7-qmakespec.patch b/dev-db/mysqlcc/files/mysqlcc-0.8.7-qmakespec.patch new file mode 100644 index 000000000000..0a80f4c62ea6 --- /dev/null +++ b/dev-db/mysqlcc/files/mysqlcc-0.8.7-qmakespec.patch @@ -0,0 +1,17 @@ +--- configure.in.orig 2003-03-04 13:13:05.000000000 -0800 ++++ configure.in 2003-03-04 13:13:53.000000000 -0800 +@@ -24,7 +24,13 @@ + AC_SUBST(MYSQLCC_HEADERS) + AC_SUBST(MYSQLCC_SOURCES) + AC_OUTPUT(mysqlcc.pro) +-QMAKESPEC=$QTDIR/mkspecs/$host_os ++ ++# the following line is disabled so that we can specify QMAKESPEC from ++# the ebuild - otherwise on some systems it looks for 'linux-gcc', ++# rather than the correct 'linux-g++' ++# Robert Coie <rac@gentoo.org> 2003.03.04 ++#QMAKESPEC=$QTDIR/mkspecs/$host_os ++ + echo "Creating Makefile with qmake" + QMAKESPEC=$QMAKESPEC QTDIR=$QTDIR $QTDIR/bin/qmake mysqlcc.pro + if test ! $? = 0 ; then diff --git a/dev-db/mysqlcc/mysqlcc-0.8.7-r1.ebuild b/dev-db/mysqlcc/mysqlcc-0.8.7-r1.ebuild new file mode 100644 index 000000000000..504037b359b5 --- /dev/null +++ b/dev-db/mysqlcc/mysqlcc-0.8.7-r1.ebuild @@ -0,0 +1,58 @@ +# Copyright 1999-2003 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: + +S=${WORKDIR}/${P}-src +DESCRIPTION="a MySQL GUI Client" +HOMEPAGE="http://www.mysql.com/" +SRC_URI="ftp://ftp.sunet.se/pub/unix/databases/relational/mysql/Downloads/MyCC/${P}-src.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~x86" +IUSE="X qt" + +DEPEND="virtual/glibc + >=x11-libs/qt-3.0.5 + dev-db/mysql" +RDEPEND="" + +inherit eutils + +src_unpack() { + unpack ${P}-src.tar.gz ; cd ${S} + epatch ${FILESDIR}/${P}-qmakespec.patch + epatch ${FILESDIR}/${P}-configperms.patch +} + +src_compile() { + # The config.sub in this distribution appears to be very stale + # so we replace it with one from a known better source. I am + # not attached to using 1.4, but it seemed like it had the best + # chance of compatibility. + # Robert Coie <rac@gentoo.org> 2003.03.03 + if [ -e /usr/share/automake-1.4/config.sub ]; then + cp /usr/share/automake-1.4/config.sub ${S} + fi + cd ${S}; autoreconf -f; + + econf || die + + cp Makefile Makefile.orig + sed -e "s:CFLAGS = -pipe -Wall -W -g:CFLAGS = ${CFLAGS}:" \ + -e "s:CXXFLAGS = -pipe -Wall -W -g:CXXFLAGS = ${CXXFLAGS}:" \ + Makefile.orig > Makefile + + QTDIR=$QTDIR + emake || die +} + +src_install() { + dobin mysqlcc + dodir /usr/share/mysqlcc + insinto /usr/share/mysqlcc + doins warning.wav information.wav error.wav syntax.txt + dodir /usr/share/mysqlcc/translations + insinto /usr/share/mysqlcc/translations + doins translations/Espanol.qm translations/Espanol.ts translations/Russian.qm translations/Russian.ts +} |