app-misc/screen: version bump (security fix); GLEP 81
authorHank Leininger <hlein@korelogic.com>
Sat, 8 Feb 2020 03:43:38 +0000 (20:43 -0700)
committerLars Wendler <polynomial-c@gentoo.org>
Thu, 27 Feb 2020 08:59:35 +0000 (09:59 +0100)
Upstream released a fix for a memory overwrite; no CVE,
but see referenced bug and
https://lists.gnu.org/archive/html/screen-devel/2020-02/msg00007.html
Also updated for GLEP 81.
Changed ${EROOT%/} to ${EROOT}, because CI complained.

Signed-off-by: Hank Leininger <hlein@korelogic.com>
Bug: https://bugs.gentoo.org/708460
Package-Manager: Portage-2.3.84, Repoman-2.3.20
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
app-misc/screen/Manifest
app-misc/screen/screen-4.8.0.ebuild [new file with mode: 0644]

index f9d35a5e7c21580ddd499047fced8ae0e92ff90f..f850d85971b252c9eb9cabb59394e18d9e19f5be 100644 (file)
@@ -4,3 +4,4 @@ DIST screen-4.6.0.tar.gz 849062 BLAKE2B e08915bb34d4e356eb33c479f1b2dc7a8f4a855e
 DIST screen-4.6.1.tar.gz 848979 BLAKE2B e78874b6d8723c52f827ab5e6b665102d7fd831f03a0006f9d31e000535ccce95ce08e2d302e34ba2d567167a917c8bd3b875843828d1951bcb38ab6ae4e0acf SHA512 e5d029400ed5b509ebddc1f55812c33536d6f5ce91119537c7d06e1fa7dee84939c43337df4638f61c818ce0412f4d08fe212202162a4483a9e84bbc4b3e4336
 DIST screen-4.6.2.tar.gz 845210 BLAKE2B feea244e2e0c8f638442a524cd7cac93c6c5e576541bf1321fb32bc9424abf53415d00ebcb4a13a9613788c1baad6e132f209bd0a017b100e0687b3658603aea SHA512 224bd16ad5ae501d1b8bb7d2ba9cc19e6a0743de5a5b320109c2f6bf3b1ca564cc7094ed9211be13733d9d769cde77d13fe236341d448cad0518038ab1e85c99
 DIST screen-4.7.0.tar.gz 854192 BLAKE2B f22ee3f3ad7591ee2641ba9667b131298f3cb9b7712b0f0db28516c60d0a0768893eda2f4ce35d9c641871247a638a03c2550328f1af1f85ab5ce8ffa9b77d54 SHA512 44c7a33e2ed772ce91998cdc07556ef7b972e5b100335e14702b273a234e437fe6415de459e7b6d34c6086282a432778629047424ef9159ac6fcf26d22b45745
+DIST screen-4.8.0.tar.gz 854854 BLAKE2B 97ef6f18bf2c63c477260b742ac0b3501f112d380c41ccecc5cf2853db853cc62d4fd6d37edeca35fb41a43b76d98a5cfe160749c992d284f9764b0a0fdcc778 SHA512 770ebaf6ee9be711bcb8a6104b3294f2bf4523dae6683fdc5eac4b3aff7e511be2d922b6b2ad28ec241113c2e4fe0d80f9a482ae1658adc19c8c3a3680caa25c
diff --git a/app-misc/screen/screen-4.8.0.ebuild b/app-misc/screen/screen-4.8.0.ebuild
new file mode 100644 (file)
index 0000000..fcb1f16
--- /dev/null
@@ -0,0 +1,156 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools flag-o-matic pam tmpfiles toolchain-funcs
+
+DESCRIPTION="screen manager with VT100/ANSI terminal emulation"
+HOMEPAGE="https://www.gnu.org/software/screen/"
+
+if [[ "${PV}" != 9999 ]] ; then
+       SRC_URI="mirror://gnu/${PN}/${P}.tar.gz"
+       KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sh ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+else
+       inherit git-r3
+       EGIT_REPO_URI="https://git.savannah.gnu.org/git/screen.git"
+       EGIT_CHECKOUT_DIR="${WORKDIR}/${P}" # needed for setting S later on
+       S="${WORKDIR}"/${P}/src
+fi
+
+LICENSE="GPL-2"
+SLOT="0"
+IUSE="debug nethack pam selinux multiuser"
+
+CDEPEND="
+       >=sys-libs/ncurses-5.2:0=
+       pam? ( sys-libs/pam )"
+RDEPEND="${CDEPEND}
+       selinux? ( sec-policy/selinux-screen )"
+DEPEND="${CDEPEND}
+       acct-group/utmp
+       sys-apps/texinfo"
+
+PATCHES=(
+       # Don't use utempter even if it is found on the system.
+       "${FILESDIR}"/${PN}-4.3.0-no-utempter.patch
+       "${FILESDIR}"/${PN}-4.6.2-utmp-exit.patch
+)
+
+src_prepare() {
+       default
+
+       # sched.h is a system header and causes problems with some C libraries
+       mv sched.h _sched.h || die
+       sed -i '/include/ s:sched.h:_sched.h:' screen.h || die
+
+       # Fix manpage.
+       sed -i \
+               -e "s:/usr/local/etc/screenrc:${EPREFIX}/etc/screenrc:g" \
+               -e "s:/usr/local/screens:${EPREFIX}/tmp/screen:g" \
+               -e "s:/local/etc/screenrc:${EPREFIX}/etc/screenrc:g" \
+               -e "s:/etc/utmp:${EPREFIX}/var/run/utmp:g" \
+               -e "s:/local/screens/S\\\-:${EPREFIX}/tmp/screen/S\\\-:g" \
+               doc/screen.1 \
+               || die
+
+       if [[ ${CHOST} == *-darwin* ]] || use elibc_musl ; then
+               sed -i -e '/^#define UTMPOK/s/define/undef/' acconfig.h || die
+       fi
+
+       # disable musl dummy headers for utmp[x]
+       use elibc_musl && append-cppflags "-D_UTMP_H -D_UTMPX_H"
+
+       # reconfigure
+       eautoreconf
+}
+
+src_configure() {
+       append-cppflags "-DMAXWIN=${MAX_SCREEN_WINDOWS:-100}"
+
+       if [[ ${CHOST} == *-solaris* ]] ; then
+               # enable msg_header by upping the feature standard compatible
+               # with c99 mode
+               append-cppflags -D_XOPEN_SOURCE=600
+       fi
+
+       use nethack || append-cppflags "-DNONETHACK"
+       use debug && append-cppflags "-DDEBUG"
+
+       econf \
+               --with-socket-dir="${EPREFIX}/tmp/screen" \
+               --with-sys-screenrc="${EPREFIX}/etc/screenrc" \
+               --with-pty-mode=0620 \
+               --with-pty-group=5 \
+               --enable-rxvt_osc \
+               --enable-telnet \
+               --enable-colors256 \
+               $(use_enable pam)
+}
+
+src_compile() {
+       LC_ALL=POSIX emake comm.h term.h
+       emake osdef.h
+
+       emake -C doc screen.info
+       default
+}
+
+src_install() {
+       local DOCS=(
+               README ChangeLog INSTALL TODO NEWS* patchlevel.h
+               doc/{FAQ,README.DOTSCREEN,fdpat.ps,window_to_display.ps}
+       )
+
+       emake DESTDIR="${D}" SCREEN=screen-${PV} install
+
+       local tmpfiles_perms tmpfiles_group
+
+       if use multiuser || use prefix
+       then
+               fperms 4755 /usr/bin/screen-${PV}
+               tmpfiles_perms="0755"
+               tmpfiles_group="root"
+       else
+               fowners root:utmp /usr/bin/screen-${PV}
+               fperms 2755 /usr/bin/screen-${PV}
+               tmpfiles_perms="0775"
+               tmpfiles_group="utmp"
+       fi
+
+       newtmpfiles - screen.conf <<<"d /tmp/screen ${tmpfiles_perms} root ${tmpfiles_group}"
+
+       insinto /usr/share/screen
+       doins terminfo/{screencap,screeninfo.src}
+
+       insinto /etc
+       doins "${FILESDIR}"/screenrc
+
+       pamd_mimic_system screen auth
+
+       dodoc "${DOCS[@]}"
+}
+
+pkg_postinst() {
+       if [[ -z ${REPLACING_VERSIONS} ]]
+       then
+               elog "Some dangerous key bindings have been removed or changed to more safe values."
+               elog "We enable some xterm hacks in our default screenrc, which might break some"
+               elog "applications. Please check /etc/screenrc for information on these changes."
+       fi
+
+       # Add /tmp/screen in case it doesn't exist yet. This should solve
+       # problems like bug #508634 where tmpfiles.d isn't in effect.
+       local rundir="${EROOT}/tmp/screen"
+       if [[ ! -d ${rundir} ]] ; then
+               if use multiuser || use prefix ; then
+                       tmpfiles_group="root"
+               else
+                       tmpfiles_group="utmp"
+               fi
+               mkdir -m 0775 "${rundir}"
+               chgrp ${tmpfiles_group} "${rundir}"
+       fi
+
+       ewarn "This revision changes the screen socket location to ${rundir}"
+}