diff --git a/dpkg/dpkg-change-libdir-path.patch b/dpkg/dpkg-change-libdir-path.patch new file mode 100644 index 0000000..0f1d856 --- /dev/null +++ b/dpkg/dpkg-change-libdir-path.patch @@ -0,0 +1,268 @@ +diff -ruN dpkg-1.15.5.6.orig/dselect/Makefile.in dpkg-1.15.5.6/dselect/Makefile.in +--- dpkg-1.15.5.6.orig/dselect/Makefile.in 2010-01-08 20:02:49.000000000 +0200 ++++ dpkg-1.15.5.6/dselect/Makefile.in 2010-02-14 10:11:43.052023614 +0200 +@@ -276,7 +276,7 @@ + AM_CPPFLAGS = \ + -DLOCALEDIR=\"$(localedir)\" \ + -DADMINDIR=\"$(admindir)\" -DLIBDIR=\"$(pkglibdir)\" \ +- -DLOCALLIBDIR=\"/usr/local/lib/dpkg\" \ ++ -DLOCALLIBDIR=\"/usr/local/share/dpkg\" \ + -idirafter $(top_srcdir)/lib/compat \ + -iquote $(builddir) \ + -I$(top_builddir) \ +diff -ruN dpkg-1.15.5.6.orig/dselect/methods/Debian/Dselect/Ftp.pm dpkg-1.15.5.6/dselect/methods/Debian/Dselect/Ftp.pm +--- dpkg-1.15.5.6.orig/dselect/methods/Debian/Dselect/Ftp.pm 2010-01-08 10:00:34.000000000 +0200 ++++ dpkg-1.15.5.6/dselect/methods/Debian/Dselect/Ftp.pm 2010-02-14 09:16:24.669895188 +0200 +@@ -57,12 +57,12 @@ + } + + sub view_mirrors { +- if (-f '/usr/lib/dpkg/methods/ftp/README.mirrors.txt') { +- system('/usr/bin/pager', '/usr/lib/dpkg/methods/ftp/README.mirrors.txt'); +- } elsif (-f '/usr/lib/dpkg/methods/ftp/README.mirrors.txt.gz') { +- system('gzip -dc /usr/lib/dpkg/methods/ftp/README.mirrors.txt.gz | pager'); ++ if (-f '/usr/share/dpkg/methods/ftp/README.mirrors.txt') { ++ system('/usr/bin/pager', '/usr/share/dpkg/methods/ftp/README.mirrors.txt'); ++ } elsif (-f '/usr/share/dpkg/methods/ftp/README.mirrors.txt.gz') { ++ system('gzip -dc /usr/share/dpkg/methods/ftp/README.mirrors.txt.gz | pager'); + } else { +- print "/usr/lib/dpkg/methods/ftp/README.mirrors.txt(.gz): file not found.\n"; ++ print "/usr/share/dpkg/methods/ftp/README.mirrors.txt(.gz): file not found.\n"; + } + } + +diff -ruN dpkg-1.15.5.6.orig/man/de/dpkg-parsechangelog.1 dpkg-1.15.5.6/man/de/dpkg-parsechangelog.1 +--- dpkg-1.15.5.6.orig/man/de/dpkg-parsechangelog.1 2010-01-08 20:05:23.000000000 +0200 ++++ dpkg-1.15.5.6/man/de/dpkg-parsechangelog.1 2010-02-14 09:22:07.409881825 +0200 +@@ -30,8 +30,8 @@ + \fB\-L\fP\fIlibverzeichnis\fP + Spezifiziere ein zusätzliches Verzeichnis, dass nach Parser\-Skripten + durchsucht werden soll. Diese Verzeichnis wird vor den +-Standardverzeichnissen (derzeit \fB/usr/local/lib/dpkg/parsechangelog\fP und +-\fB/usr/lib/dpkg/parsechangelog\fP) durchsucht. ++Standardverzeichnissen (derzeit \fB/usr/local/share/dpkg/parsechangelog\fP und ++\fB/usr/share/dpkg/parsechangelog\fP) durchsucht. + .TP + \fB\-h\fP, \fB\-\-help\fP + Zeige den Bedienungshinweis und beende. +diff -ruN dpkg-1.15.5.6.orig/man/dpkg-parsechangelog.1 dpkg-1.15.5.6/man/dpkg-parsechangelog.1 +--- dpkg-1.15.5.6.orig/man/dpkg-parsechangelog.1 2010-01-08 10:00:34.000000000 +0200 ++++ dpkg-1.15.5.6/man/dpkg-parsechangelog.1 2010-02-14 09:17:34.013861295 +0200 +@@ -28,8 +28,8 @@ + Specify an additional directory to search for parser scripts. + This directory is searched before the default directories + which are currently +-.BR /usr/local/lib/dpkg/parsechangelog " and " +-.BR /usr/lib/dpkg/parsechangelog . ++.BR /usr/share/dpkg/parsechangelog " and " ++.BR /usr/local/share/dpkg/parsechangelog . + .TP + .BR \-h ", " \-\-help + Show the usage message and exit. +diff -ruN dpkg-1.15.5.6.orig/man/fr/dpkg-parsechangelog.1 dpkg-1.15.5.6/man/fr/dpkg-parsechangelog.1 +--- dpkg-1.15.5.6.orig/man/fr/dpkg-parsechangelog.1 2010-01-08 20:05:23.000000000 +0200 ++++ dpkg-1.15.5.6/man/fr/dpkg-parsechangelog.1 2010-02-14 09:22:29.321880079 +0200 +@@ -29,8 +29,8 @@ + \fB\-L\fP\fIrep_lib\fP + Spécifie un répertoire supplémentaire pour la recherche de scripts + d'analyse. Ce répertoire est examiné avant les répertoires par défaut qui +-sont \fB/usr/local/lib/dpkg/parsechangelog\fP et +-\fB/usr/lib/dpkg/parsechangelog\fP. ++sont \fB/usr/local/share/dpkg/parsechangelog\fP et ++\fB/usr/share/dpkg/parsechangelog\fP. + .TP + \fB\-h\fP, \fB\-\-help\fP + Affiche un message d'aide puis quitte. +diff -ruN dpkg-1.15.5.6.orig/man/pl/dpkg-parsechangelog.1 dpkg-1.15.5.6/man/pl/dpkg-parsechangelog.1 +--- dpkg-1.15.5.6.orig/man/pl/dpkg-parsechangelog.1 2010-01-08 20:05:23.000000000 +0200 ++++ dpkg-1.15.5.6/man/pl/dpkg-parsechangelog.1 2010-02-14 09:21:02.338880496 +0200 +@@ -29,8 +29,8 @@ + \fB\-L\fP\fIkatalog\-lib\fP + Okre¶la dodatkowy katalog, w którym bêd± wyszukiwane skrypty + parsera. Katalog ten jest przeszukiwany przed domy¶lnymi katalogami, którymi +-obecnie s± \fB/usr/local/lib/dpkg/parsechangelog\fP oraz +-\fB/usr/lib/dpkg/parsechangelog\fP. ++obecnie s± \fB/usr/local/share/dpkg/parsechangelog\fP oraz ++\fB/usr/share/dpkg/parsechangelog\fP. + .TP + \fB\-h\fP, \fB\-\-help\fP + Wy¶wietla informacjê o u¿ytkowaniu i koñczy dzia³anie. +diff -ruN dpkg-1.15.5.6.orig/man/po/de.po dpkg-1.15.5.6/man/po/de.po +--- dpkg-1.15.5.6.orig/man/po/de.po 2010-01-08 20:05:23.000000000 +0200 ++++ dpkg-1.15.5.6/man/po/de.po 2010-02-14 09:26:20.671868793 +0200 +@@ -7747,12 +7747,12 @@ + msgid "" + "Specify an additional directory to search for parser scripts. This " + "directory is searched before the default directories which are currently B and B." ++"usr/local/share/dpkg/parsechangelog> and B." + msgstr "" + "Spezifiziere ein zusätzliches Verzeichnis, dass nach Parser-Skripten " + "durchsucht werden soll. Diese Verzeichnis wird vor den " +-"Standardverzeichnissen (derzeit B und B) durchsucht." ++"Standardverzeichnissen (derzeit B und B) durchsucht." + + #. type: SS + #: dpkg-parsechangelog.1:39 +diff -ruN dpkg-1.15.5.6.orig/man/po/dpkg-man.pot dpkg-1.15.5.6/man/po/dpkg-man.pot +--- dpkg-1.15.5.6.orig/man/po/dpkg-man.pot 2010-01-08 19:23:01.000000000 +0200 ++++ dpkg-1.15.5.6/man/po/dpkg-man.pot 2010-02-14 09:30:59.909878930 +0200 +@@ -6216,7 +6216,7 @@ + msgid "" + "Specify an additional directory to search for parser scripts. This " + "directory is searched before the default directories which are currently " +-"B and B." ++"B and B." + msgstr "" + + #. type: SS +diff -ruN dpkg-1.15.5.6.orig/man/po/es.po dpkg-1.15.5.6/man/po/es.po +--- dpkg-1.15.5.6.orig/man/po/es.po 2010-01-08 20:05:23.000000000 +0200 ++++ dpkg-1.15.5.6/man/po/es.po 2010-02-14 09:30:16.053872999 +0200 +@@ -7517,7 +7517,7 @@ + msgid "" + "Specify an additional directory to search for parser scripts. This " + "directory is searched before the default directories which are currently B and B." ++"usr/local/share/dpkg/parsechangelog> and B." + msgstr "" + + #. type: SS +diff -ruN dpkg-1.15.5.6.orig/man/po/fr.po dpkg-1.15.5.6/man/po/fr.po +--- dpkg-1.15.5.6.orig/man/po/fr.po 2010-01-08 20:05:23.000000000 +0200 ++++ dpkg-1.15.5.6/man/po/fr.po 2010-02-14 09:24:19.351874142 +0200 +@@ -7737,11 +7737,11 @@ + msgid "" + "Specify an additional directory to search for parser scripts. This " + "directory is searched before the default directories which are currently B and B." ++"usr/local/share/dpkg/parsechangelog> and B." + msgstr "" + "Spécifie un répertoire supplémentaire pour la recherche de scripts " + "d'analyse. Ce répertoire est examiné avant les répertoires par défaut qui " +-"sont B et B et B." + + #. type: SS +diff -ruN dpkg-1.15.5.6.orig/man/po/hu.po dpkg-1.15.5.6/man/po/hu.po +--- dpkg-1.15.5.6.orig/man/po/hu.po 2010-01-08 20:05:23.000000000 +0200 ++++ dpkg-1.15.5.6/man/po/hu.po 2010-02-14 09:26:50.311874455 +0200 +@@ -6542,7 +6542,7 @@ + msgid "" + "Specify an additional directory to search for parser scripts. This " + "directory is searched before the default directories which are currently B and B." ++"usr/local/share/dpkg/parsechangelog> and B." + msgstr "" + + #. type: SS +diff -ruN dpkg-1.15.5.6.orig/man/po/ja.po dpkg-1.15.5.6/man/po/ja.po +--- dpkg-1.15.5.6.orig/man/po/ja.po 2010-01-08 20:05:23.000000000 +0200 ++++ dpkg-1.15.5.6/man/po/ja.po 2010-02-14 09:28:46.064874305 +0200 +@@ -7055,7 +7055,7 @@ + msgid "" + "Specify an additional directory to search for parser scripts. This " + "directory is searched before the default directories which are currently B and B." ++"usr/local/share/dpkg/parsechangelog> and B." + msgstr "" + + #. type: SS +diff -ruN dpkg-1.15.5.6.orig/man/po/pl.po dpkg-1.15.5.6/man/po/pl.po +--- dpkg-1.15.5.6.orig/man/po/pl.po 2010-01-08 20:05:23.000000000 +0200 ++++ dpkg-1.15.5.6/man/po/pl.po 2010-02-14 09:27:38.024873694 +0200 +@@ -7819,11 +7819,11 @@ + msgid "" + "Specify an additional directory to search for parser scripts. This " + "directory is searched before the default directories which are currently B and B." ++"usr/local/share/dpkg/parsechangelog> and B." + msgstr "" + "OkreÅ›la dodatkowy katalog, w którym bÄ™dÄ… wyszukiwane skrypty parsera. " + "Katalog ten jest przeszukiwany przed domyÅ›lnymi katalogami, którymi obecnie " +-"sÄ… B oraz B oraz B." + + #. type: SS +diff -ruN dpkg-1.15.5.6.orig/man/po/pt_BR.po dpkg-1.15.5.6/man/po/pt_BR.po +--- dpkg-1.15.5.6.orig/man/po/pt_BR.po 2010-01-08 20:05:23.000000000 +0200 ++++ dpkg-1.15.5.6/man/po/pt_BR.po 2010-02-14 09:28:12.583874117 +0200 +@@ -6687,7 +6687,7 @@ + msgid "" + "Specify an additional directory to search for parser scripts. This " + "directory is searched before the default directories which are currently B and B." ++"usr/local/share/dpkg/parsechangelog> and B." + msgstr "" + + #. type: SS +diff -ruN dpkg-1.15.5.6.orig/man/po/ru.po dpkg-1.15.5.6/man/po/ru.po +--- dpkg-1.15.5.6.orig/man/po/ru.po 2010-01-08 20:05:23.000000000 +0200 ++++ dpkg-1.15.5.6/man/po/ru.po 2010-02-14 09:25:17.556873843 +0200 +@@ -6823,7 +6823,7 @@ + msgid "" + "Specify an additional directory to search for parser scripts. This " + "directory is searched before the default directories which are currently B and B." ++"usr/local/share/dpkg/parsechangelog> and B." + msgstr "" + + #. type: SS +diff -ruN dpkg-1.15.5.6.orig/man/po/sv.po dpkg-1.15.5.6/man/po/sv.po +--- dpkg-1.15.5.6.orig/man/po/sv.po 2010-01-08 20:05:23.000000000 +0200 ++++ dpkg-1.15.5.6/man/po/sv.po 2010-02-14 09:29:32.735874132 +0200 +@@ -7552,11 +7552,11 @@ + msgid "" + "Specify an additional directory to search for parser scripts. This " + "directory is searched before the default directories which are currently B and B." ++"usr/local/share/dpkg/parsechangelog> and B." + msgstr "" + "Ange en ytterligare katalog att söka i efter parserskript. Katalogen söks " +-"genom innan standardkatalogerna, vilka för närvarande är B och B." ++"genom innan standardkatalogerna, vilka för närvarande är B och B." + + #. type: SS + #: dpkg-parsechangelog.1:39 +diff -ruN dpkg-1.15.5.6.orig/man/sv/dpkg-parsechangelog.1 dpkg-1.15.5.6/man/sv/dpkg-parsechangelog.1 +--- dpkg-1.15.5.6.orig/man/sv/dpkg-parsechangelog.1 2010-01-08 20:05:23.000000000 +0200 ++++ dpkg-1.15.5.6/man/sv/dpkg-parsechangelog.1 2010-02-14 09:22:54.488880085 +0200 +@@ -29,7 +29,7 @@ + \fB\-L\fP\fIbibliotekskatalog\fP + Ange en ytterligare katalog att söka i efter parserskript. Katalogen söks + genom innan standardkatalogerna, vilka för närvarande är +-\fB/usr/local/lib/dpkg/parsechangelog\fP och \fB/usr/lib/dpkg/parsechangelog\fP. ++\fB/usr/local/share/dpkg/parsechangelog\fP och \fB/usr/share/dpkg/parsechangelog\fP. + .TP + \fB\-h\fP, \fB\-\-help\fP + Visar hjälpskärm och avslutar. +diff -ruN dpkg-1.15.5.6.orig/scripts/Dpkg/Changelog/Parse.pm dpkg-1.15.5.6/scripts/Dpkg/Changelog/Parse.pm +--- dpkg-1.15.5.6.orig/scripts/Dpkg/Changelog/Parse.pm 2010-01-08 10:00:34.000000000 +0200 ++++ dpkg-1.15.5.6/scripts/Dpkg/Changelog/Parse.pm 2010-02-14 09:14:27.550879827 +0200 +@@ -50,7 +50,7 @@ + + The parsing itself is done by an external program (searched in the + following list of directories: $opt{libdir}, +-/usr/local/lib/dpkg/parsechangelog, /usr/lib/dpkg/parsechangelog) That ++/usr/local/share/dpkg/parsechangelogusr) That + program is named according to the format that it's able to parse. By + default it's either "debian" or the format name lookep up in the 40 last + lines of the changelog itself (extracted with this perl regular expression +@@ -70,9 +70,8 @@ + + sub changelog_parse { + my (%options) = @_; +- my @parserpath = ("/usr/local/lib/dpkg/parsechangelog", +- "$dpkglibdir/parsechangelog", +- "/usr/lib/dpkg/parsechangelog"); ++ my @parserpath = ( "$dpkglibdir/parsechangelog", ++ "/usr/local/share/dpkg/parsechangelog"); + my $format = "debian"; + my $changelogfile = "debian/changelog"; + my $force = 0; diff --git a/dpkg/dpkg.archtable b/dpkg/dpkg.archtable new file mode 100644 index 0000000..a50328b --- /dev/null +++ b/dpkg/dpkg.archtable @@ -0,0 +1,29 @@ +# This file contains the list of architecture names in Debian's ‘sid’ +# distribution. +# +# Architecture names are formed as a combination of the system name +# (from ostable) and CPU name (from cputable) after mapping from +# the Debian triplet (from triplettable). Support for new +# architectures in dpkg is added in those files, architecture names +# are only added to this file when added to the distribution. +# +# Column 1 is present for historical reasons only, and should be ignored. +# Column 2 contains the Debian name for the architecture, which is returned +# by ‘dpkg --print-architecture’. +# +# +i486-linux-gnu i386 +ia64-linux-gnu ia64 +alpha-linux-gnu alpha +x86_64-linux-gnu amd64 +arm-linux-gnu arm +arm-linux-gnueabi armel +hppa-linux-gnu hppa +mips-linux-gnu mips +mipsel-linux-gnu mipsel +powerpc-linux-gnu powerpc +s390-linux-gnu s390 +sparc-linux-gnu sparc +i486-gnu hurd-i386 +i486-kfreebsd-gnu kfreebsd-i386 +x86_64-kfreebsd-gnu kfreebsd-amd64 diff --git a/dpkg/dpkg.spec b/dpkg/dpkg.spec new file mode 100644 index 0000000..c233462 --- /dev/null +++ b/dpkg/dpkg.spec @@ -0,0 +1,254 @@ +Name: dpkg +Version: 1.15.5.6 +Release: 6%{?dist} +Summary: Package maintenance system for Debian Linux +Group: System Environment/Base +# The entire source code is GPLv2+ with exception of the following +# lib/dpkg/md5.c, lib/dpkg/md5.h - Public domain +# lib/dpkg/showpkg.c, dselect/methods/multicd, lib/dpkg/utils.c, lib/dpkg/showpkg.c - GPLv2 +# dselect/methods/ftp - GPL no version info +# scripts/Dpkg/Gettext.pm - BSD +# lib/compat/obstack.h, lib/compat/gettext.h,lib/compat/obstack.c - LGPLv2+ +License: GPLv2 and GPLv2+ and LGPLv2+ and Public Domain and BSD +URL: http://packages.debian.org/unstable/admin/dpkg +Source0: http://ftp.debian.org/debian/pool/main/d/dpkg/%{name}_%{version}.tar.bz2 +# obtained from dpkg-source -x dpkg_1.15.5.6.dsc +Source1: dpkg.archtable +# Fedora specific patch to store files under /usr/share/dpkg, not these are not binary +# libs. and set user search path to /usr/local/share/dpkg +Patch1: dpkg-change-libdir-path.patch +# Fixes CVE-2010-0396 bugzilla #572522 +Patch2: fedora-fix-CVE-2010-0396-00.patch +Patch3: fedora-fix-CVE-2010-0396-01.patch +Patch4: fedora-bug642160-empty-argv.patch +Patch5: fedora-fix-CVE-2010-1679_CVE-2011-0402.patch +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +BuildRequires: zlib-devel, bzip2-devel, libselinux-devel, gettext, ncurses-devel + +%description + +This package contains the tools (including dpkg-source) required +to unpack, build and upload Debian source packages. + +This package also contains the programs dpkg which used to handle the +installation and removal of packages on a Debian system. + +This package also contains dselect, an interface for managing the +installation and removal of packages on the system. + +dpkg and dselect will certainly be non-functional on a rpm-based system +because packages dependencies will likely be unmet. + +%package devel +Summary: Debian package development tools +Group: Development/System +Requires: %{name} = %{version}-%{release} +Requires: perl, patch, make, binutils, bzip2, lzma +BuildArch: noarch + +%description devel +This package provides the development tools (including dpkg-source). +Required to unpack, build and upload Debian source packages + + +%package -n dselect +Summary: Debian package management front-end +Group: System Environment/Base +Requires: %{name} = %{version}-%{release} + +%description -n dselect +dselect is a high-level interface for the installation/removal of debs . + +%prep +%setup -q + +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 + +# Filter unwanted Requires: +cat << \EOF > %{name}-req +#!/bin/sh +%{__perl_requires} $* |\ + sed -e '/perl(Dselect::Ftp)/d' -e '/perl(extra)/d' -e '/perl(file)/d' -e '/perl(dpkg-gettext.pl)/d' -e '/perl(controllib.pl)/d' -e '/perl(in)/d' +EOF + +%define __perl_requires %{_builddir}/%{name}-%{version}/%{name}-req +chmod +x %{__perl_requires} + +%build +%configure --without-start-stop-daemon \ + --disable-linker-optimisations \ + --with-admindir=%{_localstatedir}/lib/dpkg \ + --libdir=%{_datadir} \ + --with-selinux \ + --with-zlib \ + --with-bz2 \ + --disable-silent-rules + +make %{?_smp_mflags} + + +%install +rm -rf $RPM_BUILD_ROOT +make install DESTDIR=$RPM_BUILD_ROOT +install -pm0644 %SOURCE1 $RPM_BUILD_ROOT/%{_datadir}/dpkg/archtable + +%find_lang dpkg +%find_lang dpkg-dev +%find_lang dselect + +# fedora has its own implementation +rm -rf $RPM_BUILD_ROOT%{_bindir}/update-alternatives +rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/alternatives/ + +%clean +rm -rf $RPM_BUILD_ROOT + + +%files -f dpkg.lang +%defattr(-,root,root,-) +%doc debian/changelog README AUTHORS COPYING THANKS TODO +%dir %{_sysconfdir}/dpkg +%{_bindir}/dpkg +%{_bindir}/dpkg-deb +%{_bindir}/dpkg-query +%{_bindir}/dpkg-split +%{_bindir}/dpkg-trigger +%{_bindir}/dpkg-divert +%{_bindir}/dpkg-statoverride +%{_sbindir}/* +%dir %{_datadir}/dpkg +%{_datadir}/dpkg/mksplit +%{_datadir}/dpkg/archtable +%{_datadir}/dpkg/cputable +%{_datadir}/dpkg/ostable +%{_datadir}/dpkg/triplettable +%{perl_vendorlib}/Dpkg.pm +%dir %{perl_vendorlib}/Dpkg +%{perl_vendorlib}/Dpkg/Gettext.pm +%{_mandir}/man1/dpkg-deb.1.gz +%{_mandir}/man1/dpkg-query.1.gz +%{_mandir}/man1/dpkg-split.1.gz +%{_mandir}/man1/dpkg-trigger.1.gz +%{_mandir}/man1/dpkg.1.gz +%{_mandir}/man5/dpkg.cfg.5.gz +%{_mandir}/man8/dpkg-divert.8.gz +%{_mandir}/man8/dpkg-statoverride.8.gz +#fedora has own implemenation +%exclude %{_sbindir}/install-info +#fedora has own implemenation +%exclude %{_mandir}/man8/update-alternatives.8.gz + +%files devel -f dpkg-dev.lang +%defattr(-,root,root,-) +%doc doc/README.api +%{_bindir}/dpkg-architecture +%{_bindir}/dpkg-buildpackage +%{_bindir}/dpkg-checkbuilddeps +%{_bindir}/dpkg-distaddfile +%{_bindir}/dpkg-genchanges +%{_bindir}/dpkg-gencontrol +%{_bindir}/dpkg-gensymbols +%{_bindir}/dpkg-name +%{_bindir}/dpkg-parsechangelog +%{_bindir}/dpkg-scanpackages +%{_bindir}/dpkg-scansources +%{_bindir}/dpkg-shlibdeps +%{_bindir}/dpkg-source +%{_bindir}/dpkg-vendor +%dir %{_datadir}/dpkg/parsechangelog +%{_datadir}/dpkg/parsechangelog/* +%exclude %{perl_vendorlib}/Dpkg/Gettext.pm +%{perl_vendorlib}/Dpkg/*.pm +%{perl_vendorlib}/Dpkg/Changelog +%{perl_vendorlib}/Dpkg/Shlibs +%{perl_vendorlib}/Dpkg/Source +%{perl_vendorlib}/Dpkg/Vendor +%{perl_vendorlib}/Dpkg/Control +%{_mandir}/man1/dpkg-architecture.1.gz +%{_mandir}/man1/dpkg-buildpackage.1.gz +%{_mandir}/man1/dpkg-checkbuilddeps.1.gz +%{_mandir}/man1/dpkg-distaddfile.1.gz +%{_mandir}/man1/dpkg-genchanges.1.gz +%{_mandir}/man1/dpkg-gencontrol.1.gz +%{_mandir}/man1/dpkg-gensymbols.1.gz +%{_mandir}/man1/dpkg-name.1.gz +%{_mandir}/man1/dpkg-parsechangelog.1.gz +%{_mandir}/man1/dpkg-scanpackages.1.gz +%{_mandir}/man1/dpkg-scansources.1.gz +%{_mandir}/man1/dpkg-shlibdeps.1.gz +%{_mandir}/man1/dpkg-source.1.gz +%{_mandir}/man1/dpkg-vendor.1.gz +%{_mandir}/man5/deb-control.5.gz +%{_mandir}/man5/deb-old.5.gz +%{_mandir}/man5/deb-override.5.gz +%{_mandir}/man5/deb-extra-override.5.gz +%{_mandir}/man5/deb-shlibs.5.gz +%{_mandir}/man5/deb-substvars.5.gz +%{_mandir}/man5/deb-symbols.5.gz +%{_mandir}/man5/deb-triggers.5.gz +%{_mandir}/man5/deb-version.5.gz +%{_mandir}/man5/deb.5.gz + + +%files -n dselect -f dselect.lang +%defattr(-,root,root,-) +%doc dselect/methods/multicd/README.multicd dselect/methods/ftp/README.mirrors.txt +%{_bindir}/dselect +%{perl_vendorlib}/Debian +%{_datadir}/dpkg/methods +%{_mandir}/man*/dselect*.gz + + + +%changelog +* Wed Jan 12 2011 Andrew Colin Kissa - 1.15.5.6-6 +- Fix CVE-2010-1679 +- Fix CVE-2011-0402 + +* Sun Oct 17 2010 Jeroen van Meeuwen - 1.15.5.6-5 +- Apply minimal fix for rhbz #642160 + +* Thu Mar 11 2010 Andrew Colin Kissa - 1.15.5.6-4 +- Fix CVE-2010-0396 + +* Mon Feb 15 2010 Andrew Colin Kissa - 1.15.5.6-3 +- review changes + +* Sun Feb 14 2010 Andrew Colin Kissa - 1.15.5.6-2 +- review changes + +* Sat Feb 13 2010 Andrew Colin Kissa - 1.15.5.6-1 +- Upgrade to latest upstream +- review changes + +* Tue Nov 10 2009 Andrew Colin Kissa - 1.15.4.1-1 +- Upgrade to latest upstream +- review changes + +* Tue Dec 30 2008 Leigh Scott - 1.14.23-3 +- more review changes + +* Mon Dec 15 2008 Leigh Scott - 1.14.23-1 +- bump version and make some of the review changes + +* Tue Aug 19 2008 Leigh Scott - 1.14.20-5 +- made changes for review + +* Thu Jul 31 2008 Leigh Scott - 1.14.20-4 +- Change release to -4 as server refused -3 + +* Thu Jul 31 2008 Leigh Scott - 1.14.20-3 +- split the package into dkpg, dpkg-dev & dselect + +* Tue Jul 29 2008 Leigh Scott - 1.14.20-2 +- recode man files to UTF8 + +* Tue Jul 29 2008 Leigh Scott - 1.14.20-1 +- Rebuild ans add build requires ncurses-devel + +* Thu Jul 19 2007 Patrice Dumas - 1.14.5-1 +- initial packaging diff --git a/dpkg/dpkg_1.15.5.6.tar.bz2 b/dpkg/dpkg_1.15.5.6.tar.bz2 new file mode 100644 index 0000000..b996e6d Binary files /dev/null and b/dpkg/dpkg_1.15.5.6.tar.bz2 differ diff --git a/dpkg/fedora-bug642160-empty-argv.patch b/dpkg/fedora-bug642160-empty-argv.patch new file mode 100644 index 0000000..86528a3 --- /dev/null +++ b/dpkg/fedora-bug642160-empty-argv.patch @@ -0,0 +1,15 @@ +diff -ur dpkg-1.15.5.6.orig/scripts/Dpkg/Arch.pm dpkg-1.15.5.6/scripts/Dpkg/Arch.pm +--- dpkg-1.15.5.6.orig/scripts/Dpkg/Arch.pm 2010-01-08 08:00:34.000000000 +0000 ++++ dpkg-1.15.5.6/scripts/Dpkg/Arch.pm 2010-10-17 12:29:46.916000478 +0100 +@@ -47,8 +47,9 @@ + return $build_arch if defined $build_arch; + + my $build_arch = `dpkg --print-architecture`; +- # FIXME: Handle bootstrapping +- syserr("dpkg --print-architecture failed") if $? >> 8; ++ if ($? >> 8 || $build_arch =~ /^\s*$/) { ++ $build_arch = get_raw_host_arch(); ++ } + + chomp $build_arch; + return $build_arch; diff --git a/dpkg/fedora-fix-CVE-2010-0396-00.patch b/dpkg/fedora-fix-CVE-2010-0396-00.patch new file mode 100644 index 0000000..6f9fc07 --- /dev/null +++ b/dpkg/fedora-fix-CVE-2010-0396-00.patch @@ -0,0 +1,43 @@ +diff --git a/scripts/Dpkg/Source/Patch.pm b/scripts/Dpkg/Source/Patch.pm +--- a/scripts/Dpkg/Source/Patch.pm ++++ b/scripts/Dpkg/Source/Patch.pm +@@ -322,8 +322,9 @@ sub analyze { + error(_g("expected ^--- in line %d of diff `%s'"), $., $diff); + } + $_ = strip_ts($_); +- if ($_ eq '/dev/null' or s{^(\./)?[^/]+/}{$destdir/}) { ++ if ($_ eq '/dev/null' or s{^[^/]+/}{$destdir/}) { + $fn = $_; ++ error(_g("%s contains an insecure path: %s"), $diff, $_) if m{/\.\./}; + } + if (/\.dpkg-orig$/) { + error(_g("diff `%s' patches file with name ending .dpkg-orig"), $diff); +@@ -336,8 +337,9 @@ sub analyze { + error(_g("line after --- isn't as expected in diff `%s' (line %d)"), $diff, $.); + } + $_ = strip_ts($_); +- if ($_ eq '/dev/null' or s{^(\./)?[^/]+/}{$destdir/}) { ++ if ($_ eq '/dev/null' or s{^[^/]+/}{$destdir/}) { + $fn2 = $_; ++ error(_g("%s contains an insecure path: %s"), $diff, $_) if m{/\.\./}; + } else { + unless (defined $fn) { + error(_g("none of the filenames in ---/+++ are relative in diff `%s' (line %d)"), +@@ -363,6 +365,17 @@ sub analyze { + if ($dirname =~ s{/[^/]+$}{} && not -d $dirname) { + $dirtocreate{$dirname} = 1; + } ++ ++ # Sanity check, refuse to patch through a symlink ++ $dirname = $fn; ++ while (1) { ++ if (-l $dirname) { ++ error(_g("diff %s modifies file %s through a symlink: %s"), ++ $diff, $fn, $dirname); ++ } ++ last unless $dirname =~ s{/[^/]+$}{}; ++ } ++ + if (-e $fn and not -f _) { + error(_g("diff `%s' patches something which is not a plain file"), $diff); + } diff --git a/dpkg/fedora-fix-CVE-2010-0396-01.patch b/dpkg/fedora-fix-CVE-2010-0396-01.patch new file mode 100644 index 0000000..c862e05 --- /dev/null +++ b/dpkg/fedora-fix-CVE-2010-0396-01.patch @@ -0,0 +1,11 @@ +diff --git a/scripts/Dpkg/Source/Package/V3/quilt.pm b/scripts/Dpkg/Source/Package/V3/quilt.pm +--- a/scripts/Dpkg/Source/Package/V3/quilt.pm ++++ b/scripts/Dpkg/Source/Package/V3/quilt.pm +@@ -123,6 +123,7 @@ sub read_patch_list { + } + } + next if $opts{"skip_auto"} and $_ eq $auto_patch; ++ error(_g("%s contains an insecure path: %s"), $file, $_) if m{(^|/)\.\./}; + push @patches, $_; + } + close(SERIES); diff --git a/dpkg/fedora-fix-CVE-2010-1679_CVE-2011-0402.patch b/dpkg/fedora-fix-CVE-2010-1679_CVE-2011-0402.patch new file mode 100644 index 0000000..26ce08d --- /dev/null +++ b/dpkg/fedora-fix-CVE-2010-1679_CVE-2011-0402.patch @@ -0,0 +1,176 @@ +diff -ruN dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Archive.pm dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Archive.pm +--- dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Archive.pm 2010-04-15 13:38:58.000000000 +0200 ++++ dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Archive.pm 2011-01-06 21:08:30.000000000 +0200 +@@ -119,7 +119,7 @@ + # Call tar extraction process + $fork_opts{"delete_env"} = [ "TAR_OPTIONS" ]; + $fork_opts{'exec'} = [ 'tar', '--no-same-owner', '--no-same-permissions', +- @{$opts{"options"}}, '-xkf', '-' ]; ++ @{$opts{"options"}}, '-xf', '-' ]; + fork_and_exec(%fork_opts); + $self->cleanup_after_open(); + +@@ -142,7 +142,7 @@ + closedir(D); + my $done = 0; + erasedir($dest); +- if (scalar(@entries) == 1 && -d "$tmp/$entries[0]") { ++ if (scalar(@entries) == 1 && ! -l "$tmp/$entries[0]" && -d _) { + rename("$tmp/$entries[0]", $dest) || + syserr(_g("Unable to rename %s to %s"), + "$tmp/$entries[0]", $dest); +diff -ruN dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Package/V2.pm dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Package/V2.pm +--- dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Package/V2.pm 2010-04-15 13:38:58.000000000 +0200 ++++ dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Package/V2.pm 2011-01-06 21:08:30.000000000 +0200 +@@ -115,7 +115,12 @@ + # Extract main tarball + info(_g("unpacking %s"), $tarfile); + my $tar = Dpkg::Source::Archive->new(filename => "$dscdir$tarfile"); +- $tar->extract($newdirectory, no_fixperms => 1); ++ $tar->extract($newdirectory, no_fixperms => 1, ++ options => [ "--anchored", "--no-wildcards-match-slash", ++ "--exclude", "*/.pc", "--exclude", ".pc" ]); ++ # The .pc exclusion is only needed for 3.0 (quilt) and to avoid ++ # having an upstream tarball provide a directory with symlinks ++ # that would be blindly followed when applying the patches + + # Extract additional orig tarballs + foreach my $subdir (keys %origtar) { +diff -ruN dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Patch.pm dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Patch.pm +--- dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Patch.pm 2010-04-15 13:38:58.000000000 +0200 ++++ dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Patch.pm 2011-01-06 21:08:30.000000000 +0200 +@@ -313,11 +313,42 @@ + $header =~ s/\s.*// unless ($header =~ s/\t.*//); + return $header; + } ++ ++ sub intuit_file_patched { ++ my ($old, $new) = @_; ++ return $new unless defined $old; ++ return $old unless defined $new; ++ return $new if -e $new and not -e $old; ++ return $old if -e $old and not -e $new; ++ # We don't consider the case where both files are non-existent and ++ # where patch picks the one with the fewest directories to create ++ # since dpkg-source will pre-create the required directories ++ # ++ # Precalculate metrics used by patch ++ my ($tmp_o, $tmp_n) = ($old, $new); ++ my ($len_o, $len_n) = (length($old), length($new)); ++ $tmp_o =~ s{[/\\]+}{/}g; ++ $tmp_n =~ s{[/\\]+}{/}g; ++ my $nb_comp_o = ($tmp_o =~ tr{/}{/}); ++ my $nb_comp_n = ($tmp_n =~ tr{/}{/}); ++ $tmp_o =~ s{^.*/}{}; ++ $tmp_n =~ s{^.*/}{}; ++ my ($blen_o, $blen_n) = (length($tmp_o), length($tmp_n)); ++ # Decide like patch would ++ if ($nb_comp_o != $nb_comp_n) { ++ return ($nb_comp_o < $nb_comp_n) ? $old : $new; ++ } elsif ($blen_o != $blen_n) { ++ return ($blen_o < $blen_n) ? $old : $new; ++ } elsif ($len_o != $len_n) { ++ return ($len_o < $len_n) ? $old : $new; ++ } ++ return $old; ++ } + $_ = getline($diff_handle); + + HUNK: + while (defined($_) || not eof($diff_handle)) { +- my ($fn, $fn2); ++ my (%path, %fn); + # skip comments leading up to patch (if any) + until (/^--- /) { + last HUNK if not defined($_ = getline($diff_handle)); +@@ -327,11 +358,8 @@ + unless(s/^--- //) { + error(_g("expected ^--- in line %d of diff `%s'"), $., $diff); + } +- $_ = strip_ts($_); +- if ($_ eq '/dev/null' or s{^[^/]+/}{$destdir/}) { +- $fn = $_; +- error(_g("%s contains an insecure path: %s"), $diff, $_) if m{/\.\./}; +- } ++ $path{'old'} = $_ = strip_ts($_); ++ $fn{'old'} = $_ if $_ ne '/dev/null' and s{^[^/]*/+}{$destdir/}; + if (/\.dpkg-orig$/) { + error(_g("diff `%s' patches file with name ending .dpkg-orig"), $diff); + } +@@ -342,46 +370,47 @@ + unless (s/^\+\+\+ //) { + error(_g("line after --- isn't as expected in diff `%s' (line %d)"), $diff, $.); + } +- $_ = strip_ts($_); +- if ($_ eq '/dev/null' or s{^[^/]+/}{$destdir/}) { +- $fn2 = $_; +- error(_g("%s contains an insecure path: %s"), $diff, $_) if m{/\.\./}; +- } else { +- unless (defined $fn) { +- error(_g("none of the filenames in ---/+++ are relative in diff `%s' (line %d)"), +- $diff, $.); +- } +- } ++ $path{'new'} = $_ = strip_ts($_); ++ $fn{'new'} = $_ if $_ ne '/dev/null' and s{^[^/]*/+}{$destdir/}; ++ ++ unless (defined $fn{'old'} or defined $fn{'new'}) { ++ error(_g("none of the filenames in ---/+++ are valid in diff '%s' (line %d)"), ++ $diff, $.); ++ } + +- if (defined($fn) and $fn eq '/dev/null') { ++ # Safety checks on both filenames that patch could use ++ foreach my $key ("old", "new") { ++ next unless defined $fn{$key}; ++ if ($path{$key} =~ m{/\.\./}) { ++ error(_g("%s contains an insecure path: %s"), $diff, $path{$key}); ++ } ++ my $path = $fn{$key}; ++ while (1) { ++ if (-l $path) { ++ error(_g("diff %s modifies file %s through a symlink: %s"), ++ $diff, $fn{$key}, $path); ++ } ++ last unless $path =~ s{/+[^/]*$}{}; ++ last if length($path) <= length($destdir); # $destdir is assumed safe ++ } ++ } ++ ++ if ($path{'old'} eq '/dev/null' and $path{'new'} eq '/dev/null') { + error(_g("original and modified files are /dev/null in diff `%s' (line %d)"), +- $diff, $.) if (defined($fn2) and $fn2 eq '/dev/null'); +- $fn = $fn2; +- } elsif (defined($fn2) and $fn2 ne '/dev/null') { +- $fn = $fn2 unless defined $fn; +- $fn = $fn2 if ((not -e $fn) and -e $fn2); +- } elsif (defined($fn2) and $fn2 eq '/dev/null') { ++ $diff, $.); ++ } elsif ($path{'new'} eq '/dev/null') { + error(_g("file removal without proper filename in diff `%s' (line %d)"), +- $diff, $. - 1) unless defined $fn; ++ $diff, $. - 1) unless defined $fn{'old'}; + warning(_g("diff %s removes a non-existing file %s (line %d)"), +- $diff, $fn, $.) unless -e $fn; ++ $diff, $fn{'old'}, $.) unless -e $fn{'old'}; + } ++ my $fn = intuit_file_patched($fn{'old'}, $fn{'new'}); + + my $dirname = $fn; + if ($dirname =~ s{/[^/]+$}{} && not -d $dirname) { + $dirtocreate{$dirname} = 1; + } + +- # Sanity check, refuse to patch through a symlink +- $dirname = $fn; +- while (1) { +- if (-l $dirname) { +- error(_g("diff %s modifies file %s through a symlink: %s"), +- $diff, $fn, $dirname); +- } +- last unless $dirname =~ s{/[^/]+$}{}; +- } +- + if (-e $fn and not -f _) { + error(_g("diff `%s' patches something which is not a plain file"), $diff); + } diff --git a/dpkg/make_deb.sh b/dpkg/make_deb.sh new file mode 100755 index 0000000..dc0dd6a --- /dev/null +++ b/dpkg/make_deb.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +tar xvfj dpkg_1.15.5.6.tar.bz2 +cd dpkg-1.15.5.6 +dpkg-buildpackage +cd - +rm -rf dpkg-1.15.5.6