From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
To: buildroot@buildroot.org
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Subject: [Buildroot] [PATCH 1/2] package/mcrypt: drop package
Date: Thu, 5 Aug 2021 19:42:51 +0200 [thread overview]
Message-ID: <20210805174252.2661314-1-fontaine.fabrice@gmail.com> (raw)
Drop mcrypt which is not maintained anymore (no release since 2008).
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
Config.in.legacy | 7 ++
package/Config.in | 1 -
package/mcrypt/0001-CVE-2012-4409.patch | 25 -------
package/mcrypt/0002-CVE-2012-4426.patch | 35 ---------
package/mcrypt/0003-CVE-2012-4527.patch | 99 -------------------------
package/mcrypt/0004-no-rpath.patch | 17 -----
package/mcrypt/Config.in | 12 ---
package/mcrypt/mcrypt.hash | 3 -
package/mcrypt/mcrypt.mk | 24 ------
9 files changed, 7 insertions(+), 216 deletions(-)
delete mode 100644 package/mcrypt/0001-CVE-2012-4409.patch
delete mode 100644 package/mcrypt/0002-CVE-2012-4426.patch
delete mode 100644 package/mcrypt/0003-CVE-2012-4527.patch
delete mode 100644 package/mcrypt/0004-no-rpath.patch
delete mode 100644 package/mcrypt/Config.in
delete mode 100644 package/mcrypt/mcrypt.hash
delete mode 100644 package/mcrypt/mcrypt.mk
diff --git a/Config.in.legacy b/Config.in.legacy
index 54476acf9a..1d34f81815 100644
--- a/Config.in.legacy
+++ b/Config.in.legacy
@@ -146,6 +146,13 @@ endif
comment "Legacy options removed in 2021.08"
+config BR2_PACKAGE_MCRYPT
+ bool "mcrypt package was removed"
+ select BR2_LEGACY
+ help
+ This package has been removed as it is not maintained anymore
+ (no release since 2008).
+
config BR2_PACKAGE_PHP_EXT_MCRYPT
bool "PHP mcrypt extension removed"
select BR2_LEGACY
diff --git a/package/Config.in b/package/Config.in
index 436bf2f56a..ab0f74b0e3 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -2066,7 +2066,6 @@ menu "Miscellaneous"
source "package/gsettings-desktop-schemas/Config.in"
source "package/haveged/Config.in"
source "package/linux-syscall-support/Config.in"
- source "package/mcrypt/Config.in"
source "package/mobile-broadband-provider-info/Config.in"
source "package/netdata/Config.in"
source "package/proj/Config.in"
diff --git a/package/mcrypt/0001-CVE-2012-4409.patch b/package/mcrypt/0001-CVE-2012-4409.patch
deleted file mode 100644
index 97c658bb2d..0000000000
--- a/package/mcrypt/0001-CVE-2012-4409.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 3efb40e17ce4f76717ae17a1ce1e1f747ddf59fd Mon Sep 17 00:00:00 2001
-From: Alon Bar-Lev <alon.barlev@gmail.com>
-Date: Sat, 22 Dec 2012 22:37:06 +0200
-Subject: [PATCH] cleanup: buffer overflow
-
----
- src/extra.c | 2 ++
- 1 files changed, 2 insertions(+), 0 deletions(-)
-
-diff --git a/src/extra.c b/src/extra.c
-index 3082f82..c7a1ac0 100644
---- a/src/extra.c
-+++ b/src/extra.c
-@@ -241,6 +241,8 @@ int check_file_head(FILE * fstream, char *algorithm, char *mode,
- if (m_getbit(6, flags) == 1) { /* if the salt bit is set */
- if (m_getbit(0, sflag) != 0) { /* if the first bit is set */
- *salt_size = m_setbit(0, sflag, 0);
-+ if (*salt_size > sizeof(tmp_buf))
-+ err_quit(_("Salt is too long\n"));
- if (*salt_size > 0) {
- fread(tmp_buf, 1, *salt_size,
- fstream);
---
-1.7.8.6
-
diff --git a/package/mcrypt/0002-CVE-2012-4426.patch b/package/mcrypt/0002-CVE-2012-4426.patch
deleted file mode 100644
index 708d4a579e..0000000000
--- a/package/mcrypt/0002-CVE-2012-4426.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-Patch taken from gentoo.
-
-Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
-
---- a/src/errors.c
-+++ b/src/errors.c
-@@ -25,24 +25,24 @@
-
- void err_quit(char *errmsg)
- {
-- fprintf(stderr, errmsg);
-+ fprintf(stderr, "%s", errmsg);
- exit(-1);
- }
-
- void err_warn(char *errmsg)
- {
- if (quiet <= 1)
-- fprintf(stderr, errmsg);
-+ fprintf(stderr, "%s", errmsg);
- }
-
- void err_info(char *errmsg)
- {
- if (quiet == 0)
-- fprintf(stderr, errmsg);
-+ fprintf(stderr, "%s", errmsg);
- }
-
- void err_crit(char *errmsg)
- {
- if (quiet <= 2)
-- fprintf(stderr, errmsg);
-+ fprintf(stderr, "%s", errmsg);
- }
diff --git a/package/mcrypt/0003-CVE-2012-4527.patch b/package/mcrypt/0003-CVE-2012-4527.patch
deleted file mode 100644
index a8cf6f449a..0000000000
--- a/package/mcrypt/0003-CVE-2012-4527.patch
+++ /dev/null
@@ -1,99 +0,0 @@
-Fix for CVE-2012-4527.
-Authored by Attila Bogar and Jean-Michel Vourgère <jmv_deb@nirgal.com>
-
-Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
-
-diff -Nura mcrypt-2.6.8.orig/src/mcrypt.c mcrypt-2.6.8/src/mcrypt.c
---- mcrypt-2.6.8.orig/src/mcrypt.c 2013-01-14 19:15:49.465925072 -0300
-+++ mcrypt-2.6.8/src/mcrypt.c 2013-01-14 19:28:13.711478000 -0300
-@@ -44,7 +44,9 @@
- static char rcsid[] =
- "$Id: mcrypt.c,v 1.2 2007/11/07 17:10:21 nmav Exp $";
-
--char tmperr[128];
-+/* Temporary error message can contain one file name and 1k of text */
-+#define ERRWIDTH ((PATH_MAX)+1024)
-+char tmperr[ERRWIDTH];
- unsigned int stream_flag = FALSE;
- char *keymode = NULL;
- char *mode = NULL;
-@@ -482,7 +484,7 @@
- #ifdef HAVE_STAT
- if (stream_flag == FALSE) {
- if (is_normal_file(file[i]) == FALSE) {
-- sprintf(tmperr,
-+ snprintf(tmperr, ERRWIDTH,
- _
- ("%s: %s is not a regular file. Skipping...\n"),
- program_name, file[i]);
-@@ -501,7 +503,7 @@
- dinfile = file[i];
- if ((isatty(fileno((FILE *) (stdin))) == 1)
- && (stream_flag == TRUE) && (force == 0)) { /* not a tty */
-- sprintf(tmperr,
-+ snprintf(tmperr, ERRWIDTH,
- _
- ("%s: Encrypted data will not be read from a terminal.\n"),
- program_name);
-@@ -520,7 +522,7 @@
- einfile = file[i];
- if ((isatty(fileno((FILE *) (stdout))) == 1)
- && (stream_flag == TRUE) && (force == 0)) { /* not a tty */
-- sprintf(tmperr,
-+ snprintf(tmperr, ERRWIDTH,
- _
- ("%s: Encrypted data will not be written to a terminal.\n"),
- program_name);
-@@ -544,7 +546,7 @@
- strcpy(outfile, einfile);
- /* if file has already the .nc ignore it */
- if (strstr(outfile, ".nc") != NULL) {
-- sprintf(tmperr,
-+ snprintf(tmperr, ERRWIDTH,
- _
- ("%s: file %s has the .nc suffix... skipping...\n"),
- program_name, outfile);
-@@ -590,10 +592,10 @@
-
- if (x == 0) {
- if (stream_flag == FALSE) {
-- sprintf(tmperr, _("File %s was decrypted.\n"), dinfile);
-+ snprintf(tmperr, ERRWIDTH, _("File %s was decrypted.\n"), dinfile);
- err_warn(tmperr);
- } else {
-- sprintf(tmperr, _("Stdin was decrypted.\n"));
-+ snprintf(tmperr, ERRWIDTH, _("Stdin was decrypted.\n"));
- err_warn(tmperr);
- }
- #ifdef HAVE_STAT
-@@ -610,7 +612,7 @@
-
- } else {
- if (stream_flag == FALSE) {
-- sprintf(tmperr,
-+ snprintf(tmperr, ERRWIDTH,
- _
- ("File %s was NOT decrypted successfully.\n"),
- dinfile);
-@@ -636,10 +638,10 @@
-
- if (x == 0) {
- if (stream_flag == FALSE) {
-- sprintf(tmperr, _("File %s was encrypted.\n"), einfile);
-+ snprintf(tmperr, ERRWIDTH, _("File %s was encrypted.\n"), einfile);
- err_warn(tmperr);
- } else {
-- sprintf(tmperr, _("Stdin was encrypted.\n"));
-+ snprintf(tmperr, ERRWIDTH, _("Stdin was encrypted.\n"));
- err_warn(tmperr);
- }
- #ifdef HAVE_STAT
-@@ -655,7 +657,7 @@
-
- } else {
- if (stream_flag == FALSE) {
-- sprintf(tmperr,
-+ snprintf(tmperr, ERRWIDTH,
- _
- ("File %s was NOT encrypted successfully.\n"),
- einfile);
diff --git a/package/mcrypt/0004-no-rpath.patch b/package/mcrypt/0004-no-rpath.patch
deleted file mode 100644
index a0813bcf00..0000000000
--- a/package/mcrypt/0004-no-rpath.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-Patch out rpath hardcoding since it completely ignores --disable-rpath
-and other configure ways.
-
-Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
-
-diff -Nura mcrypt-2.6.8.orig/config.rpath mcrypt-2.6.8/config.rpath
---- mcrypt-2.6.8.orig/config.rpath 2013-01-07 13:05:22.626883480 -0300
-+++ mcrypt-2.6.8/config.rpath 2013-01-07 13:12:47.196090608 -0300
-@@ -153,7 +153,7 @@
- # here allows them to be overridden if necessary.
- # Unlike libtool, we use -rpath here, not --rpath, since the documented
- # option of GNU ld is called -rpath, not --rpath.
-- hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
-+ hardcode_libdir_flag_spec=
- case "$host_os" in
- aix3* | aix4* | aix5*)
- # On AIX/PPC, the GNU linker is very broken
diff --git a/package/mcrypt/Config.in b/package/mcrypt/Config.in
deleted file mode 100644
index e3b9541f04..0000000000
--- a/package/mcrypt/Config.in
+++ /dev/null
@@ -1,12 +0,0 @@
-config BR2_PACKAGE_MCRYPT
- bool "mcrypt"
- depends on BR2_USE_MMU # fork()
- select BR2_PACKAGE_LIBMCRYPT
- select BR2_PACKAGE_LIBMHASH
- help
- MCrypt is a replacement for the old crypt() package and
- crypt(1) command, with extensions.
- It allows developers to use a wide range of encryption
- functions, without making drastic changes to their code.
-
- http://mcrypt.sourceforge.net/
diff --git a/package/mcrypt/mcrypt.hash b/package/mcrypt/mcrypt.hash
deleted file mode 100644
index c6c8871f4f..0000000000
--- a/package/mcrypt/mcrypt.hash
+++ /dev/null
@@ -1,3 +0,0 @@
-# Locally computed:
-sha256 5145aa844e54cca89ddab6fb7dd9e5952811d8d787c4f4bf27eb261e6c182098 mcrypt-2.6.8.tar.gz
-sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903 COPYING
diff --git a/package/mcrypt/mcrypt.mk b/package/mcrypt/mcrypt.mk
deleted file mode 100644
index a04b973750..0000000000
--- a/package/mcrypt/mcrypt.mk
+++ /dev/null
@@ -1,24 +0,0 @@
-################################################################################
-#
-# mcrypt
-#
-################################################################################
-
-MCRYPT_VERSION = 2.6.8
-MCRYPT_SITE = http://downloads.sourceforge.net/project/mcrypt/MCrypt/$(MCRYPT_VERSION)
-MCRYPT_DEPENDENCIES = libmcrypt libmhash \
- $(if $(BR2_PACKAGE_ZLIB),zlib) \
- $(if $(BR2_PACKAGE_LIBICONV),libiconv) \
- $(TARGET_NLS_DEPENDENCIES)
-MCRYPT_CONF_OPTS = --with-libmcrypt-prefix=$(STAGING_DIR)/usr
-MCRYPT_LICENSE = GPL-3.0
-MCRYPT_LICENSE_FILES = COPYING
-
-# 0001-CVE-2012-4409.patch
-MCRYPT_IGNORE_CVES += CVE-2012-4409
-# 0002-CVE-2012-4426.patch
-MCRYPT_IGNORE_CVES += CVE-2012-4426
-# 0003-CVE-2012-4527.patch
-MCRYPT_IGNORE_CVES += CVE-2012-4527
-
-$(eval $(autotools-package))
--
2.30.2
_______________________________________________
buildroot mailing list
buildroot@busybox.net
http://lists.busybox.net/mailman/listinfo/buildroot
next reply other threads:[~2021-08-05 17:43 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-05 17:42 Fabrice Fontaine [this message]
2021-08-05 17:42 ` [Buildroot] [PATCH 2/2] package/libmcrypt: drop package Fabrice Fontaine
2021-08-19 21:05 ` [Buildroot] [PATCH 1/2] package/mcrypt: " Thomas Petazzoni
2021-08-19 21:21 ` Fabrice Fontaine
2021-08-19 21:58 ` Yann E. MORIN
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210805174252.2661314-1-fontaine.fabrice@gmail.com \
--to=fontaine.fabrice@gmail.com \
--cc=buildroot@buildroot.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.