net-fs/davfs2: remove vulnerable versions (CVE-2013-4362) #485232

<net-fs/davfs2-1.5.2 are vulnerable to insecure use of system(). The version
1.5.2 has been stabilized (#564592). Remove old, vulnerable versions.

Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=485232
Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=564592

Package-Manager: portage-2.2.24

diff --git a/net-fs/davfs2/Manifest b/net-fs/davfs2/Manifest
index 09cdbd84b0c64b26ebe852ea74dbe17a31cb09f1..2ceb54c7f5c4750ba784a5d638e656b98f3db89b 100644 (file)
--- a/net-fs/davfs2/Manifest
+++ b/net-fs/davfs2/Manifest
@@ -1,3 +1 @@
-DIST davfs2-1.4.5.tar.gz 429635 SHA256 28f0ce00ddaf1ab93aa9f39db8d9f932d194c676bc21c3c8c3e2bea7f21274de SHA512 0fd20e8aba8d236feec06b3f2184388691ee19a4e993cf543a2356feb9c25e1de41521c462bd01497f89ff4d16d0d3defb3227a64c0a490db2c0647e1391c9d1 WHIRLPOOL 955d98c0a2b49d5400971b9381d05f87c21420a5b52a4ef1ec330cfd6d4f451e56a6fa884164ed84dabae06aa29010df66ccd6e048e932d30e01545257152e31
-DIST davfs2-1.4.7.tar.gz 444398 SHA256 50c0ee2a12e8d09fc6a852d32bdfebb1f784939433a85f05254bc7ef28cff044 SHA512 6754d08cdfcceea47a4248fb05a6f5a1907acbc9a6c0ab175dce640b160ee24b7efdf9da38be1cc8bd6dbb0825c88a7017a3534a7c3188860dcd1bef12a5d4ae WHIRLPOOL f4c44ccc1fbd146f563605b2290068b549f6dcf247224685f2efaf9cda91a947a45dceed17d3d585407dc8e4ffa85c933d6eb5b4e78e0f00bd18cfbd53f52c7d
 DIST davfs2-1.5.2.tar.gz 464458 SHA256 be34a19ab57a6ea77ecb82083e9e4c1882e12b2de64257de567ad5ee7a17b358 SHA512 c912049e23b76bda19c2ae2d07bc2b1da7ed9bf82b338c57c0f9fb8a3144cbbb52a0e8f8c2f8996342c7aa434470d062996c30bbbe0f1c6623c81af6414fbb45 WHIRLPOOL b1147d93f188635293726cad27a5ef8f79ab4dd102c59143c7bffef26f513633ca16f4328b053cc4c430fa9112dbbf468e0d199695225bbe6ca8c9e92a96b633

diff --git a/net-fs/davfs2/davfs2-1.4.5-r1.ebuild b/net-fs/davfs2/davfs2-1.4.5-r1.ebuild
deleted file mode 100644 (file)
index bd443b7..0000000
--- a/net-fs/davfs2/davfs2-1.4.5-r1.ebuild
+++ /dev/null
@@ -1,73 +0,0 @@
-# Copyright 1999-2014 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI="2"
-
-inherit autotools eutils linux-mod user
-
-DESCRIPTION="Linux FUSE (or coda) driver that allows you to mount a WebDAV resource"
-HOMEPAGE="http://savannah.nongnu.org/projects/davfs2"
-SRC_URI="http://mirror.lihnidos.org/GNU/savannah/davfs2/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="amd64 ppc x86"
-IUSE=""
-RESTRICT="test"
-
-DEPEND="dev-libs/libxml2
-               net-libs/neon
-               sys-libs/zlib"
-RDEPEND="${DEPEND}"
-
-pkg_setup() {
-       enewgroup davfs2
-}
-
-src_prepare() {
-       epatch "${FILESDIR}"/${P}-glibc212.patch
-       sed -e "s/^NE_REQUIRE_VERSIONS.*29/& 30/" -i configure.ac
-       eautoreconf
-}
-
-src_configure() {
-       econf --enable-largefile
-}
-
-src_compile() {
-       emake || die "emake failed"
-}
-
-src_install() {
-       emake DESTDIR="${D}" install || die "emake install failed"
-       dodoc AUTHORS BUGS ChangeLog FAQ NEWS README README.translators THANKS TODO
-
-       # Remove wrong locations created by install.
-       rm -fr "${D}/usr/share/doc/davfs2"
-       rm -fr "${D}/usr/share/davfs2"
-
-       dodir /var/run/mount.davfs
-       keepdir /var/run/mount.davfs
-       fowners root:davfs2 /var/run/mount.davfs
-       fperms 1774 /var/run/mount.davfs
-
-       # Ignore nobody's home
-       cat>>"${D}/etc/davfs2/davfs2.conf"<<EOF
-
-# nobody is a system account in Gentoo
-ignore_home nobody
-EOF
-}
-
-pkg_postinst() {
-       elog
-       elog "Quick setup:"
-       elog "   (as root)"
-       elog "   # gpasswd -a \${your_user} davfs2"
-       elog "   # echo 'http://path/to/dav /home/\${your_user}/dav davfs rw,user,noauto  0  0' >> /etc/fstab"
-       elog "   (as user)"
-       elog "   # mkdir -p ~/dav"
-       elog "   \$ mount ~/dav"
-       elog
-}

diff --git a/net-fs/davfs2/davfs2-1.4.7.ebuild b/net-fs/davfs2/davfs2-1.4.7.ebuild
deleted file mode 100644 (file)
index cde2025..0000000
--- a/net-fs/davfs2/davfs2-1.4.7.ebuild
+++ /dev/null
@@ -1,63 +0,0 @@
-# Copyright 1999-2014 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=4
-
-inherit autotools eutils linux-mod user
-
-DESCRIPTION="Linux FUSE (or coda) driver that allows you to mount a WebDAV resource"
-HOMEPAGE="http://savannah.nongnu.org/projects/davfs2"
-SRC_URI="http://mirror.lihnidos.org/GNU/savannah/davfs2/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="amd64 ppc x86"
-IUSE=""
-RESTRICT="test"
-
-DEPEND="dev-libs/libxml2
-               net-libs/neon
-               sys-libs/zlib"
-RDEPEND="${DEPEND}"
-
-pkg_setup() {
-       enewgroup davfs2
-}
-
-src_prepare() {
-       epatch "${FILESDIR}"/${P}-destdir.patch # fixed in 1.4.7+ upstream
-       sed -e "s/^NE_REQUIRE_VERSIONS.*29/& 30/" -i configure.ac
-       eautoreconf
-}
-
-src_configure() {
-       econf dav_user=nobody --enable-largefile --docdir=/usr/share/doc/${P}
-}
-
-src_compile() {
-       emake
-}
-
-src_install() {
-       emake DESTDIR="${D}" install
-#      dodoc AUTHORS BUGS ChangeLog FAQ NEWS README README.translators THANKS TODO
-
-       dodir /var/run/mount.davfs
-       keepdir /var/run/mount.davfs
-       fowners root:davfs2 /var/run/mount.davfs
-       fperms 1774 /var/run/mount.davfs
-
-}
-
-pkg_postinst() {
-       elog
-       elog "Quick setup:"
-       elog "   (as root)"
-       elog "   # gpasswd -a \${your_user} davfs2"
-       elog "   # echo 'http://path/to/dav /home/\${your_user}/dav davfs rw,user,noauto  0  0' >> /etc/fstab"
-       elog "   (as user)"
-       elog "   # mkdir -p ~/dav"
-       elog "   \$ mount ~/dav"
-       elog
-}

diff --git a/net-fs/davfs2/files/davfs2-1.4.5-glibc212.patch b/net-fs/davfs2/files/davfs2-1.4.5-glibc212.patch
deleted file mode 100644 (file)
index cd7cde3..0000000
--- a/net-fs/davfs2/files/davfs2-1.4.5-glibc212.patch
+++ /dev/null
@@ -1,60 +0,0 @@
-http://bugs.gentoo.org/332865
-https://savannah.nongnu.org/bugs/?28916
-
---- src/dav_coda.c
-+++ src/dav_coda.c
-@@ -52,6 +52,9 @@
- #ifdef HAVE_SYS_TYPES_H
- #include <sys/types.h>
- #endif
-+#ifdef HAVE_SYS_STAT_H
-+#include <sys/stat.h>
-+#endif
- 
- #include "defaults.h"
- #include "mount_davfs.h"
---- src/dav_fuse.c
-+++ src/dav_fuse.c
-@@ -41,6 +41,12 @@
- #ifdef HAVE_UNISTD_H
- #include <unistd.h>
- #endif
-+#ifdef HAVE_SYS_TYPES_H
-+#include <sys/types.h>
-+#endif
-+#ifdef HAVE_SYS_STAT_H
-+#include <sys/stat.h>
-+#endif
- 
- #include "defaults.h"
- #include "mount_davfs.h"
---- src/kernel_interface.c
-+++ src/kernel_interface.c
-@@ -44,6 +44,12 @@
- #ifdef HAVE_UNISTD_H
- #include <unistd.h>
- #endif
-+#ifdef HAVE_SYS_TYPES_H
-+#include <sys/types.h>
-+#endif
-+#ifdef HAVE_SYS_STAT_H
-+#include <sys/stat.h>
-+#endif
- 
- #ifdef HAVE_SYS_MOUNT_H
- #include <sys/mount.h>
---- src/webdav.c
-+++ src/webdav.c
-@@ -47,6 +47,12 @@
- #ifdef HAVE_UNISTD_H
- #include <unistd.h>
- #endif
-+#ifdef HAVE_SYS_TYPES_H
-+#include <sys/types.h>
-+#endif
-+#ifdef HAVE_SYS_STAT_H
-+#include <sys/stat.h>
-+#endif
- 
- #include <ne_alloc.h>
- #include <ne_auth.h>

diff --git a/net-fs/davfs2/files/davfs2-1.4.7-destdir.patch b/net-fs/davfs2/files/davfs2-1.4.7-destdir.patch
deleted file mode 100644 (file)
index 40dbd95..0000000
--- a/net-fs/davfs2/files/davfs2-1.4.7-destdir.patch
+++ /dev/null
@@ -1,18 +0,0 @@
-https://bugs.gentoo.org/384703
-Patch by Jeroen Roovers
-
-https://savannah.nongnu.org/support/?108104
-
---- a/src/Makefile.am
-+++ b/src/Makefile.am
-@@ -51,8 +51,8 @@
-       chmod u+s $(DESTDIR)$(sbindir)/mount.davfs; \
-       if test "$(sbindir)" != "$(ssbindir)"; then \
-         $(mkinstalldirs) $(DESTDIR)$(ssbindir); \
--        $(LN_S) -f $(DESTDIR)$(sbindir)/mount.davfs $(DESTDIR)$(ssbindir)/mount.davfs; \
--        $(LN_S) -f $(DESTDIR)$(sbindir)/umount.davfs $(DESTDIR)$(ssbindir)/umount.davfs; \
-+        $(LN_S) -f $(sbindir)/mount.davfs $(DESTDIR)$(ssbindir)/mount.davfs; \
-+        $(LN_S) -f $(sbindir)/umount.davfs $(DESTDIR)$(ssbindir)/umount.davfs; \
-       fi
- 
- uninstall-hook: