wok-next rev 19715
Fix building: pciutils, pcmanfm-legacy, arj
| author | Aleksej Bobylev <al.bobylev@gmail.com> |
|---|---|
| date | Sat May 13 17:25:31 2017 +0300 (2017-05-13) |
| parents | 102de32490ac |
| children | b9907d5051e6 |
| files | arj/receipt arj/stuff/fardata.u arj/stuff/patches/64_bit_clean.patch arj/stuff/patches/CVE-2015-0556-symlink-traversal.patch arj/stuff/patches/CVE-2015-0557-dir-traversal.patch arj/stuff/patches/CVE-2015-2782-buffer-overflow.patch arj/stuff/patches/arches_align.patch arj/stuff/patches/custom-printf.patch arj/stuff/patches/no_remove_static_const.patch arj/stuff/patches/security_format.patch arj/stuff/patches/series arj/stuff/patches/use_safe_strcpy.patch pciutils/receipt pcmanfm-legacy/receipt |
line diff
1.1 --- a/arj/receipt Fri May 12 16:19:41 2017 +0300 1.2 +++ b/arj/receipt Sat May 13 17:25:31 2017 +0300 1.3 @@ -3,28 +3,31 @@ 1.4 PACKAGE="arj" 1.5 VERSION="3.10.22" 1.6 CATEGORY="system-tools" 1.7 -SHORT_DESC="ARJ archiver." 1.8 +SHORT_DESC="ARJ archiver" 1.9 MAINTAINER="pascal.bellard@slitaz.org" 1.10 LICENSE="GPL2" 1.11 WEB_SITE="http://arj.sourceforge.net/" 1.12 +TAGS="compression archive" 1.13 + 1.14 TARBALL="$PACKAGE-$VERSION.tar.gz" 1.15 WGET_URL="$SF_MIRROR/$PACKAGE/$TARBALL" 1.16 -TAGS="compression archive" 1.17 1.18 -BUILD_DEPENDS="autoconf" 1.19 +BUILD_DEPENDS="automake" 1.20 1.21 # Rules to configure and make the package. 1.22 compile_rules() 1.23 { 1.24 cd $src/gnu 1.25 - autoheader 1.26 + aclocal 1.27 autoconf 1.28 - ./configure --prefix=/usr --infodir=/usr/share/info \ 1.29 - --mandir=/usr/share/man $CONFIGURE_ARGS 1.30 + rm -f config.guess config.sub 1.31 + am="$(automake --version|head -n1|sed -r 's/.*\) (.*)/\1/')" 1.32 + cp /usr/share/automake-"$am"/config.guess . 1.33 + cp /usr/share/automake-"$am"/config.sub . 1.34 + 1.35 + ./configure $CONFIGURE_ARGS 1.36 cd .. 1.37 - busybox patch -p0 < $stuff/fardata.u 1.38 - # Ugly hack... 1.39 - sed -i 's/Patch not found.*/&return(POSTPROC_ERL_SUCCESS);/' postproc.c 1.40 + make prepare && 1.41 make -j 1 && 1.42 make DESTDIR=$DESTDIR install 1.43 } 1.44 @@ -32,7 +35,5 @@ 1.45 # Rules to gen a SliTaz package suitable for Tazpkg. 1.46 genpkg_rules() 1.47 { 1.48 - mkdir -p $fs/usr 1.49 - cp -a $install/usr/bin $fs/usr 1.50 - cp -a $install/usr/lib $fs/usr 1.51 + copy @std 1.52 }
2.1 --- a/arj/stuff/fardata.u Fri May 12 16:19:41 2017 +0300 2.2 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 2.3 @@ -1,18 +0,0 @@ 2.4 ---- fardata.c 2.5 -+++ fardata.c 2.6 -@@ -190,6 +190,7 @@ 2.7 - 2.8 - /* Length-limited strlen() */ 2.9 - 2.10 -+#if 0 2.11 - static int strnlen(const char FAR *s, int count) 2.12 - { 2.13 - const char FAR *sc; 2.14 -@@ -198,6 +199,7 @@ 2.15 - ; 2.16 - return(sc-s); 2.17 - } 2.18 -+#endif 2.19 - 2.20 - /* Hex representation of digits */ 2.21 -
3.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 3.2 +++ b/arj/stuff/patches/64_bit_clean.patch Sat May 13 17:25:31 2017 +0300 3.3 @@ -0,0 +1,194 @@ 3.4 +#DPATCHLEVEL=1 3.5 +diff -Naur -x .svn -x CVS arj-3.10.22.orig/arj_arcv.c arj-3.10.22/arj_arcv.c 3.6 +--- arj-3.10.22.orig/arj_arcv.c 2005-06-21 22:53:12.000000000 +0300 3.7 ++++ arj-3.10.22/arj_arcv.c 2005-11-24 02:50:31.000000000 +0200 3.8 +@@ -59,27 +59,27 @@ 3.9 + #define setup_hput(ptr) (tmp_hptr=(ptr)) 3.10 + 3.11 + #define hget_byte() (*(tmp_hptr++)&0xFF) 3.12 +-#define hput_byte(c) (*(tmp_hptr++)=(char) (c)) 3.13 ++#define hput_byte(c) (*(tmp_hptr++)=(uint8_t) (c)) 3.14 + 3.15 + /* Reads two bytes from the header, incrementing the pointer */ 3.16 + 3.17 +-static unsigned int hget_word() 3.18 ++static uint16_t hget_word() 3.19 + { 3.20 +- unsigned int result; 3.21 ++ uint16_t result; 3.22 + 3.23 + result=mget_word(tmp_hptr); 3.24 +- tmp_hptr+=sizeof(short); 3.25 ++ tmp_hptr+=sizeof(uint16_t); 3.26 + return result; 3.27 + } 3.28 + 3.29 + /* Reads four bytes from the header, incrementing the pointer */ 3.30 + 3.31 +-static unsigned long hget_longword() 3.32 ++static uint32_t hget_longword() 3.33 + { 3.34 +- unsigned long result; 3.35 ++ uint32_t result; 3.36 + 3.37 + result=mget_dword(tmp_hptr); 3.38 +- tmp_hptr+=sizeof(unsigned long); 3.39 ++ tmp_hptr+=sizeof(uint32_t); 3.40 + return result; 3.41 + } 3.42 + 3.43 +@@ -87,18 +87,18 @@ 3.44 + 3.45 + /* Writes two bytes to the header, incrementing the pointer */ 3.46 + 3.47 +-static void hput_word(unsigned int w) 3.48 ++static void hput_word(uint16_t w) 3.49 + { 3.50 + mput_word(w,tmp_hptr); 3.51 +- tmp_hptr+=sizeof(unsigned short); 3.52 ++ tmp_hptr+=sizeof(uint16_t); 3.53 + } 3.54 + 3.55 + /* Writes four bytes to the header, incrementing the pointer */ 3.56 + 3.57 +-static void hput_longword(unsigned long l) 3.58 ++static void hput_longword(uint32_t l) 3.59 + { 3.60 + mput_dword(l,tmp_hptr); 3.61 +- tmp_hptr+=sizeof(unsigned long); 3.62 ++ tmp_hptr+=sizeof(uint32_t); 3.63 + } 3.64 + 3.65 + /* Calculates and stores the basic header size */ 3.66 +diff -Naur -x .svn -x CVS arj-3.10.22.orig/arj_proc.c arj-3.10.22/arj_proc.c 3.67 +--- arj-3.10.22.orig/arj_proc.c 2005-11-24 02:50:19.000000000 +0200 3.68 ++++ arj-3.10.22/arj_proc.c 2005-11-24 02:50:31.000000000 +0200 3.69 +@@ -585,7 +585,7 @@ 3.70 + /* Returns the exact amount of data that could be safely written to the 3.71 + destination volume */ 3.72 + 3.73 +-unsigned long get_volfree(unsigned int increment) 3.74 ++unsigned long get_volfree(unsigned long increment) 3.75 + { 3.76 + unsigned long pvol; 3.77 + unsigned int arjsec_overhead; 3.78 +@@ -605,7 +605,7 @@ 3.79 + remain=volume_limit-ftell(aostream)-pvol-(long)arjsec_overhead- 3.80 + (long)out_bytes-(long)cpos-(long)ext_voldata- 3.81 + MULTIVOLUME_RESERVE-t_volume_offset; 3.82 +- return((unsigned long)min(remain, (unsigned long)increment)); 3.83 ++ return((unsigned long)min(remain, increment)); 3.84 + } 3.85 + 3.86 + /* Performs various checks when multivolume data is packed to predict an 3.87 +@@ -2466,14 +2466,14 @@ 3.88 + *tsptr='\0'; 3.89 + endptr=tsptr; 3.90 + tsptr=sptr; 3.91 +- while((unsigned int)tsptr<(unsigned int)endptr&&patterns<SEARCH_STR_MAX) 3.92 ++ while((intptr_t)tsptr<(intptr_t)endptr&&patterns<SEARCH_STR_MAX) 3.93 + { 3.94 + while(*tsptr=='\0') 3.95 + tsptr++; 3.96 +- if((unsigned int)tsptr<(unsigned int)endptr) 3.97 ++ if((intptr_t)tsptr<(intptr_t)endptr) 3.98 + { 3.99 + search_str[patterns++]=tsptr; 3.100 +- while(*tsptr!='\0'&&(unsigned int)tsptr<(unsigned int)endptr) 3.101 ++ while(*tsptr!='\0'&&(intptr_t)tsptr<(intptr_t)endptr) 3.102 + tsptr++; 3.103 + } 3.104 + } 3.105 +@@ -2901,9 +2901,9 @@ 3.106 + #if (defined(WORDS_BIGENDIAN) || defined(ALIGN_POINTERS)) && !defined(ARJDISP) && !defined(REGISTER) 3.107 + /* Model-independent routine to get 2 bytes from far RAM */ 3.108 + 3.109 +-unsigned int mget_word(char FAR *p) 3.110 ++uint16_t mget_word(char FAR *p) 3.111 + { 3.112 +- unsigned int b0, b1; 3.113 ++ uint16_t b0, b1; 3.114 + 3.115 + b0=mget_byte(p); 3.116 + b1=mget_byte(p+1); 3.117 +@@ -2912,9 +2912,9 @@ 3.118 + 3.119 + /* Model-independent routine to get 4 bytes from far RAM */ 3.120 + 3.121 +-unsigned long mget_dword(char FAR *p) 3.122 ++uint32_t mget_dword(char FAR *p) 3.123 + { 3.124 +- unsigned long w0, w1; 3.125 ++ uint32_t w0, w1; 3.126 + 3.127 + w0=mget_word(p); 3.128 + w1=mget_word(p+2); 3.129 +@@ -2923,7 +2923,7 @@ 3.130 + 3.131 + /* Model-independent routine to store 2 bytes in far RAM */ 3.132 + 3.133 +-void mput_word(unsigned int w, char FAR *p) 3.134 ++void mput_word(uint16_t w, char FAR *p) 3.135 + { 3.136 + mput_byte(w&0xFF, p); 3.137 + mput_byte(w>>8 , p+1); 3.138 +@@ -2931,7 +2931,7 @@ 3.139 + 3.140 + /* Model-independent routine to store 4 bytes in far RAM */ 3.141 + 3.142 +-void mput_dword(unsigned long d, char FAR *p) 3.143 ++void mput_dword(uint32_t d, char FAR *p) 3.144 + { 3.145 + mput_word(d&0xFFFF, p); 3.146 + mput_word(d>>16 , p+2); 3.147 +diff -Naur -x .svn -x CVS arj-3.10.22.orig/arj_proc.h arj-3.10.22/arj_proc.h 3.148 +--- arj-3.10.22.orig/arj_proc.h 2005-11-24 02:50:19.000000000 +0200 3.149 ++++ arj-3.10.22/arj_proc.h 2005-11-24 03:17:25.000000000 +0200 3.150 +@@ -8,15 +8,17 @@ 3.151 + #ifndef ARJ_PROC_INCLUDED 3.152 + #define ARJ_PROC_INCLUDED 3.153 + 3.154 ++#include <stdint.h> 3.155 ++ 3.156 + /* Helper macros */ 3.157 + 3.158 +-#define mget_byte(p) (*(unsigned char FAR *)(p)&0xFF) 3.159 +-#define mput_byte(c, p) *(unsigned char FAR *)(p)=(unsigned char)(c) 3.160 ++#define mget_byte(p) (*(uint8_t FAR *)(p)&0xFF) 3.161 ++#define mput_byte(c, p) *(uint8_t FAR *)(p)=(uint8_t)(c) 3.162 + #if !defined(ALIGN_POINTERS) && !defined(WORDS_BIGENDIAN) 3.163 +-#define mget_word(p) (*(unsigned short *)(p)&0xFFFF) 3.164 +-#define mput_word(w,p) (*(unsigned short *)(p)=(unsigned short)(w)) 3.165 +-#define mget_dword(p) (*(unsigned long *)(p)) 3.166 +-#define mput_dword(w,p) (*(unsigned long *)(p)=(unsigned long)(w)) 3.167 ++#define mget_word(p) (*(uint16_t *)(p)&0xFFFF) 3.168 ++#define mput_word(w,p) (*(uint16_t *)(p)=(uint16_t)(w)) 3.169 ++#define mget_dword(p) (*(uint32_t *)(p)) 3.170 ++#define mput_dword(w,p) (*(uint32_t *)(p)=(uint32_t)(w)) 3.171 + #endif 3.172 + 3.173 + /* Prototypes */ 3.174 +@@ -31,7 +33,7 @@ 3.175 + int translate_path(char *name); 3.176 + void restart_proc(char *dest); 3.177 + int search_for_extension(char *name, char *ext_list); 3.178 +-unsigned long get_volfree(unsigned int increment); 3.179 ++unsigned long get_volfree(unsigned long increment); 3.180 + unsigned int check_multivolume(unsigned int increment); 3.181 + void store(); 3.182 + void hollow_encode(); 3.183 +@@ -61,10 +63,10 @@ 3.184 + void strip_lf(char *str); 3.185 + char *ltrim(char *str); 3.186 + #if defined(ALIGN_POINTERS) || defined(WORDS_BIGENDIAN) 3.187 +-unsigned int mget_word(char FAR *p); 3.188 +-unsigned long mget_dword(char FAR *p); 3.189 +-void mput_word(unsigned int w, char FAR *p); 3.190 +-void mput_dword(unsigned long d, char FAR *p); 3.191 ++uint16_t mget_word(char FAR *p); 3.192 ++uint32_t mget_dword(char FAR *p); 3.193 ++void mput_word(uint16_t w, char FAR *p); 3.194 ++void mput_dword(uint32_t d, char FAR *p); 3.195 + #endif 3.196 + 3.197 + #endif
4.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 4.2 +++ b/arj/stuff/patches/CVE-2015-0556-symlink-traversal.patch Sat May 13 17:25:31 2017 +0300 4.3 @@ -0,0 +1,85 @@ 4.4 +Description: Fix symlink directory traversal. 4.5 + Do not allow symlinks that traverse the current directoru, nor absolute 4.6 + symlinks. 4.7 + . 4.8 + Fixes CVE-2015-0556. 4.9 +Author: Guillem Jover <guillem@debian.org> 4.10 +Origin: vendor 4.11 +Bug-Debian: https://bugs.debian.org/774434 4.12 +Forwarded: no 4.13 +Last-Update: 2015-03-28 4.14 + 4.15 +--- 4.16 + uxspec.c | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 4.17 + 1 file changed, 54 insertions(+) 4.18 + 4.19 +--- a/uxspec.c 4.20 ++++ b/uxspec.c 4.21 +@@ -120,6 +120,58 @@ int query_uxspecial(char FAR **dest, cha 4.22 + } 4.23 + #endif 4.24 + 4.25 ++#if TARGET==UNIX 4.26 ++static int is_link_traversal(const char *name) 4.27 ++{ 4.28 ++ enum { 4.29 ++ STATE_NONE, 4.30 ++ STATE_DOTS, 4.31 ++ STATE_NAME, 4.32 ++ } state = STATE_NONE; 4.33 ++ int ndir = 0; 4.34 ++ int dots = 0; 4.35 ++ 4.36 ++ while(*name) { 4.37 ++ int c = *name++; 4.38 ++ 4.39 ++ if (c == '/') 4.40 ++ { 4.41 ++ if ((state == STATE_DOTS) && (dots == 2)) 4.42 ++ ndir--; 4.43 ++ if (ndir < 0) 4.44 ++ return 1; 4.45 ++ if ((state == STATE_DOTS && dots == 1) && ndir == 0) 4.46 ++ return 1; 4.47 ++ if (state == STATE_NONE && ndir == 0) 4.48 ++ return 1; 4.49 ++ if ((state == STATE_DOTS) && (dots > 2)) 4.50 ++ ndir++; 4.51 ++ state = STATE_NONE; 4.52 ++ dots = 0; 4.53 ++ } 4.54 ++ else if (c == '.') 4.55 ++ { 4.56 ++ if (state == STATE_NONE) 4.57 ++ state = STATE_DOTS; 4.58 ++ dots++; 4.59 ++ } 4.60 ++ else 4.61 ++ { 4.62 ++ if (state == STATE_NONE) 4.63 ++ ndir++; 4.64 ++ state = STATE_NAME; 4.65 ++ } 4.66 ++ } 4.67 ++ 4.68 ++ if ((state == STATE_DOTS) && (dots == 2)) 4.69 ++ ndir--; 4.70 ++ if ((state == STATE_DOTS) && (dots > 2)) 4.71 ++ ndir++; 4.72 ++ 4.73 ++ return ndir < 0; 4.74 ++} 4.75 ++#endif 4.76 ++ 4.77 + /* Restores the UNIX special file data */ 4.78 + 4.79 + int set_uxspecial(char FAR *storage, char *name) 4.80 +@@ -156,6 +208,8 @@ int set_uxspecial(char FAR *storage, cha 4.81 + l=sizeof(tmp_name)-1; 4.82 + far_memmove((char FAR *)tmp_name, dptr, l); 4.83 + tmp_name[l]='\0'; 4.84 ++ if (is_link_traversal(tmp_name)) 4.85 ++ return(UXSPEC_RC_ERROR); 4.86 + rc=(id==UXSB_HLNK)?link(tmp_name, name):symlink(tmp_name, name); 4.87 + if(!rc) 4.88 + return(0);
5.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 5.2 +++ b/arj/stuff/patches/CVE-2015-0557-dir-traversal.patch Sat May 13 17:25:31 2017 +0300 5.3 @@ -0,0 +1,33 @@ 5.4 +Description: Fix absolute path traversals. 5.5 + Catch multiple leading slashes when checking for absolute path traversals. 5.6 + . 5.7 + Fixes CVE-2015-0557. 5.8 +Author: Guillem Jover <guillem@debian.org> 5.9 +Origin: vendor 5.10 +Bug-Debian: https://bugs.debian.org/774435 5.11 +Forwarded: no 5.12 +Last-Update: 2015-02-26 5.13 + 5.14 +--- 5.15 + environ.c | 3 +++ 5.16 + 1 file changed, 3 insertions(+) 5.17 + 5.18 +--- a/environ.c 5.19 ++++ b/environ.c 5.20 +@@ -1087,6 +1087,8 @@ static char *validate_path(char *name) 5.21 + if(action!=VALIDATE_DRIVESPEC) 5.22 + { 5.23 + #endif 5.24 ++ while (name[0]!='\0'&& 5.25 ++ (name[0]=='.'||name[0]==PATHSEP_DEFAULT||name[0]==PATHSEP_UNIX)) { 5.26 + if(name[0]=='.') 5.27 + { 5.28 + if(name[1]=='.'&&(name[2]==PATHSEP_DEFAULT||name[2]==PATHSEP_UNIX)) 5.29 +@@ -1096,6 +1098,7 @@ static char *validate_path(char *name) 5.30 + } 5.31 + if(name[0]==PATHSEP_DEFAULT||name[0]==PATHSEP_UNIX) 5.32 + name++; /* "\\" - revert to root */ 5.33 ++ } 5.34 + #if SFX_LEVEL>=ARJSFXV 5.35 + } 5.36 + }
6.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 6.2 +++ b/arj/stuff/patches/CVE-2015-2782-buffer-overflow.patch Sat May 13 17:25:31 2017 +0300 6.3 @@ -0,0 +1,35 @@ 6.4 +Description: Fix buffer overflow causing an invalid pointer free(). 6.5 +Author: Guillem Jover <guillem@debian.org> 6.6 +Origin: vendor 6.7 +Bug-Debian: https://bugs.debian.org/774015 6.8 +Forwarded: no 6.9 +Last-Update: 2015-02-26 6.10 + 6.11 +--- 6.12 + decode.c | 6 +++--- 6.13 + 1 file changed, 3 insertions(+), 3 deletions(-) 6.14 + 6.15 +--- a/decode.c 6.16 ++++ b/decode.c 6.17 +@@ -255,7 +255,7 @@ void read_pt_len(int nn, int nbit, int i 6.18 + if(i==i_special) 6.19 + { 6.20 + c=getbits(2); 6.21 +- while(--c>=0) 6.22 ++ while(--c>=0&&i<nn) 6.23 + pt_len[i++]=0; 6.24 + } 6.25 + } 6.26 +@@ -314,10 +314,10 @@ void read_c_len() 6.27 + c=getbits(CBIT); 6.28 + c+=20; 6.29 + } 6.30 +- while(--c>=0) 6.31 ++ while(--c>=0&&i<NC) 6.32 + c_len[i++]=0; 6.33 + } 6.34 +- else 6.35 ++ else if (i<NC) 6.36 + c_len[i++]=(unsigned char)(c-2); 6.37 + } 6.38 + while(i<NC)
7.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 7.2 +++ b/arj/stuff/patches/arches_align.patch Sat May 13 17:25:31 2017 +0300 7.3 @@ -0,0 +1,34 @@ 7.4 +#DPATCHLEVEL=1 7.5 +diff -Naur arj-3.10.19.orig/arj_proc.c arj-3.10.19/arj_proc.c 7.6 +--- arj-3.10.19.orig/arj_proc.c 2004-02-20 14:18:52.000000000 +0100 7.7 ++++ arj-3.10.22/arj_proc.c 2004-04-08 14:06:58.000000000 +0200 7.8 +@@ -2898,7 +2898,7 @@ 7.9 + } 7.10 + #endif 7.11 + 7.12 +-#if defined(WORDS_BIGENDIAN)&&!defined(ARJDISP)&&!defined(REGISTER) 7.13 ++#if (defined(WORDS_BIGENDIAN) || defined(ALIGN_POINTERS)) && !defined(ARJDISP) && !defined(REGISTER) 7.14 + /* Model-independent routine to get 2 bytes from far RAM */ 7.15 + 7.16 + unsigned int mget_word(char FAR *p) 7.17 +diff -Naur arj-3.10.19.orig/arj_proc.h arj-3.10.19/arj_proc.h 7.18 +--- arj-3.10.19.orig/arj_proc.h 2004-01-25 01:40:00.000000000 +0100 7.19 ++++ arj-3.10.22/arj_proc.h 2004-04-08 14:07:18.000000000 +0200 7.20 +@@ -12,7 +12,7 @@ 7.21 + 7.22 + #define mget_byte(p) (*(unsigned char FAR *)(p)&0xFF) 7.23 + #define mput_byte(c, p) *(unsigned char FAR *)(p)=(unsigned char)(c) 7.24 +-#ifndef WORDS_BIGENDIAN 7.25 ++#if !defined(ALIGN_POINTERS) && !defined(WORDS_BIGENDIAN) 7.26 + #define mget_word(p) (*(unsigned short *)(p)&0xFFFF) 7.27 + #define mput_word(w,p) (*(unsigned short *)(p)=(unsigned short)(w)) 7.28 + #define mget_dword(p) (*(unsigned long *)(p)) 7.29 +@@ -60,7 +60,7 @@ 7.30 + void unpack_mem(struct mempack *mempack); 7.31 + void strip_lf(char *str); 7.32 + char *ltrim(char *str); 7.33 +-#ifdef WORDS_BIGENDIAN 7.34 ++#if defined(ALIGN_POINTERS) || defined(WORDS_BIGENDIAN) 7.35 + unsigned int mget_word(char FAR *p); 7.36 + unsigned long mget_dword(char FAR *p); 7.37 + void mput_word(unsigned int w, char FAR *p);
8.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 8.2 +++ b/arj/stuff/patches/custom-printf.patch Sat May 13 17:25:31 2017 +0300 8.3 @@ -0,0 +1,15 @@ 8.4 +Patch by Lubomir Rintel <lkundrak@v3.sk> for arj >= 3.10.22, which disables 8.5 +the custom printf to avoid conflicting strnlen definition with the glibc 8.6 +headers. By using custom printf (as in the past), we're completely loosing 8.7 +all the _FORTIFY_SOURCE printf protections. 8.8 + 8.9 +--- arj-3.10.22/fardata.c 2004-04-17 13:39:42.000000000 +0200 8.10 ++++ arj-3.10.22/fardata.c 2009-04-18 16:23:52.000000000 +0200 8.11 +@@ -13,7 +13,6 @@ 8.12 + /* ASR fix 02/05/2003: need that regardless of COLOR_OUTPUT to support -jp 8.13 + correctly */ 8.14 + #if SFX_LEVEL>=ARJ 8.15 +- #define CUSTOM_PRINTF 8.16 + #define CHUNK_SIZE 512 /* Size of the output block */ 8.17 + #define CHUNK_THRESHOLD (CHUNK_SIZE-256) /* Safety bound */ 8.18 + #endif
9.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 9.2 +++ b/arj/stuff/patches/no_remove_static_const.patch Sat May 13 17:25:31 2017 +0300 9.3 @@ -0,0 +1,20 @@ 9.4 +#DPATCHLEVEL=1 9.5 +diff -Naur arj-3.10.22.orig/gnu/makefile.in arj-3.10.22/gnu/makefile.in 9.6 +--- arj-3.10.22.orig/gnu/makefile.in 2004-04-17 14:28:06.000000000 +0300 9.7 ++++ arj-3.10.22/gnu/makefile.in 2005-08-04 21:50:24.000000000 +0300 9.8 +@@ -192,6 +192,15 @@ 9.9 + dispose: 9.10 + 9.11 + # 9.12 ++# XXX: Do not use -O2, it removes the static const variable with gcc 4.x 9.13 ++# 9.14 ++ 9.15 ++INTEGR_DIRS = $(ARJ_DIR) $(REARJ_DIR) $(ARJCRYPT_DIR) $(REGISTER_DIR) 9.16 ++ 9.17 ++$(patsubst %,%/integr.o, $(INTEGR_DIRS)): $(SRC_DIR)/integr.c 9.18 ++ $(CC) -Wall -g -c -o$@ $< 9.19 ++ 9.20 ++# 9.21 + # The tools 9.22 + # 9.23 +
10.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 10.2 +++ b/arj/stuff/patches/security_format.patch Sat May 13 17:25:31 2017 +0300 10.3 @@ -0,0 +1,305 @@ 10.4 +Patch by Guillem Jover <guillem@debian.org> for arj <= 3.10.22, which 10.5 +fixes format security errors. 10.6 + 10.7 +--- 10.8 + arj_arcv.c | 12 ++++++------ 10.9 + arj_user.c | 8 ++++---- 10.10 + arjdisp.c | 58 ++++++++++++++++++++++++++++------------------------------ 10.11 + arjsfx.c | 2 +- 10.12 + fardata.c | 10 +++++----- 10.13 + rearj.c | 2 +- 10.14 + register.c | 2 +- 10.15 + 7 files changed, 46 insertions(+), 48 deletions(-) 10.16 + 10.17 +--- a/fardata.c 10.18 ++++ b/fardata.c 10.19 +@@ -52,7 +52,7 @@ int error_proc(FMSG *errmsg, ...) 10.20 + /* Check if the message could have a standard error code */ 10.21 + if(errno!=0&&is_std_error(errmsg)) 10.22 + { 10.23 +- msg_cprintf(0, lf); 10.24 ++ msg_cprintf(0, "\n"); 10.25 + error_report(); 10.26 + } 10.27 + #endif 10.28 +@@ -379,10 +379,10 @@ static void flush_cbuf(int ccode, char * 10.29 + { 10.30 + #if SFX_LEVEL>=ARJSFXV 10.31 + fprintf(new_stdout, strform, n_text); 10.32 +- fprintf(new_stdout, lf); 10.33 ++ fprintf(new_stdout, "\n"); 10.34 + #else 10.35 + printf(strform, n_text); 10.36 +- printf(lf); 10.37 ++ printf("\n"); 10.38 + #endif 10.39 + } 10.40 + else 10.41 +@@ -393,13 +393,13 @@ static void flush_cbuf(int ccode, char * 10.42 + #ifdef NEED_CRLF 10.43 + scr_out("\r"); 10.44 + #endif 10.45 +- scr_out(lf); 10.46 ++ scr_out("\n"); 10.47 + } 10.48 + if(!no_colors) 10.49 + textcolor(color_table[ccode&H_COLORMASK].color); 10.50 + #else 10.51 + printf(strform, n_text); 10.52 +- printf(lf); 10.53 ++ printf("\n"); 10.54 + #endif 10.55 + n_text=t_text+1; 10.56 + #if SFX_LEVEL>=ARJ 10.57 +--- a/arj_user.c 10.58 ++++ b/arj_user.c 10.59 +@@ -1059,7 +1059,7 @@ static void finish_processing(int cmd) 10.60 + if(recover_file(tmp_archive_name, nullstr, tmp_tmp_filename, protected, eof_pos)) 10.61 + { 10.62 + msg_cprintf(H_HL, M_CANT_FIND_DAMAGE, archive_name); 10.63 +- printf(lf); 10.64 ++ printf("\n"); 10.65 + } 10.66 + else 10.67 + { 10.68 +@@ -1294,7 +1294,7 @@ static void finish_processing(int cmd) 10.69 + if(recover_file(archive_name, nullstr, nullstr, protected, eof_pos)) 10.70 + { 10.71 + msg_cprintf(H_HL, M_CANT_FIND_DAMAGE, archive_name); 10.72 +- printf(lf); 10.73 ++ printf("\n"); 10.74 + } 10.75 + else 10.76 + { 10.77 +@@ -1327,7 +1327,7 @@ static void finish_processing(int cmd) 10.78 + msg_cprintf(0, M_CHAPTERS_ON); 10.79 + else if(chapter_mode==CHAP_REMOVE) 10.80 + msg_cprintf(0, M_CHAPTERS_OFF); 10.81 +- msg_cprintf(0, strform, lf); 10.82 ++ msg_cprintf(0, strform, "\n"); 10.83 + } 10.84 + if(cmd==ARJ_CMD_COPY&&protfile_option&&!arjprot_tail) 10.85 + msg_cprintf(0, M_ARJPROT_DISABLED); 10.86 +@@ -2303,7 +2303,7 @@ void process_archive() 10.87 + timestamp_to_str(timetext, &ftime_stamp); 10.88 + msg_cprintf(H_HL|H_NFMT, M_ARCHIVE_CREATED, timetext); 10.89 + if(show_ansi_comments) 10.90 +- printf(cmt_ptr); 10.91 ++ fputs(cmt_ptr, stdout); 10.92 + else 10.93 + display_comment(cmt_ptr); 10.94 + /* The sfx_setup() occurs here */ 10.95 +--- a/arj_arcv.c 10.96 ++++ b/arj_arcv.c 10.97 +@@ -913,13 +913,13 @@ int supply_comment(char *cmtname, char * 10.98 + else 10.99 + { 10.100 + strcat(tmp_comment, tmp_cmtline); 10.101 +- strcat(tmp_comment, lf); 10.102 ++ strcat(tmp_comment, "\n"); 10.103 + } 10.104 + } 10.105 + else 10.106 + { 10.107 + strcat(tmp_comment, tmp_cmtline); 10.108 +- strcat(tmp_comment, lf); 10.109 ++ strcat(tmp_comment, "\n"); 10.110 + } 10.111 + } 10.112 + } 10.113 +@@ -1846,7 +1846,7 @@ int pack_file(int is_update, int is_repl 10.114 + raw_eh=eh_lookup(eh, UXSPECIAL_ID)->raw; 10.115 + uxspecial_stats(raw_eh, UXSTATS_SHORT); 10.116 + } 10.117 +- msg_cprintf(0, lf); 10.118 ++ msg_cprintf(0, "\n"); 10.119 + } 10.120 + if(err_id==0&&user_wants_fail) 10.121 + { 10.122 +@@ -2523,9 +2523,9 @@ int unpack_validation() 10.123 + { 10.124 + msg_cprintf(0, (FMSG *)strform, misc_buf); 10.125 + if(search_mode==SEARCH_DEFAULT) 10.126 +- msg_cprintf(0, (FMSG *)lf); 10.127 ++ msg_cprintf(0, "\n"); 10.128 + if(search_mode==SEARCH_BRIEF) 10.129 +- msg_cprintf(0, (FMSG *)cr); 10.130 ++ msg_cprintf(0, "\r"); 10.131 + } 10.132 + for(pattern=0; pattern<SEARCH_STR_MAX; search_occurences[pattern++]=0); 10.133 + reserve_size=0; 10.134 +@@ -3652,7 +3652,7 @@ void archive_cleanup() 10.135 + { 10.136 + if(msg_fprintf(idxstream, M_TESTING, archive_name)<0) 10.137 + error(M_DISK_FULL); 10.138 +- if(fprintf(idxstream, lf)<0) 10.139 ++ if(fprintf(idxstream, "\n")<0) 10.140 + error(M_DISK_FULL); 10.141 + } 10.142 + cmd_verb=ARJ_CMD_TEST; 10.143 +--- a/arjsfx.c 10.144 ++++ b/arjsfx.c 10.145 +@@ -214,7 +214,7 @@ static void final_cleanup(void) 10.146 + freopen(dev_con, m_w, stdout); 10.147 + #if SFX_LEVEL>=ARJSFXV 10.148 + if(ferror(stdout)) 10.149 +- msg_fprintf(stderr, M_DISK_FULL); 10.150 ++ msg_fprintf(stderr, "Can't write file. Disk full?"); 10.151 + if(debug_enabled&&strchr(debug_opt, 't')!=NULL) 10.152 + { 10.153 + ticks=get_ticks()-ticks; 10.154 +--- a/rearj.c 10.155 ++++ b/rearj.c 10.156 +@@ -935,7 +935,7 @@ static int convert_archive(char *name) 10.157 + msg_cprintf(H_HL|H_NFMT, M_OLD_SIZE, old_fsize); 10.158 + msg_cprintf(H_HL|H_NFMT, M_NEW_SIZE, new_fsize); 10.159 + msg_cprintf(H_HL|H_NFMT, M_SAVINGS_SIZE, gain); 10.160 +- printf(lf); 10.161 ++ printf("\n"); 10.162 + total_old_fsize+=old_fsize; 10.163 + total_new_fsize+=new_fsize; 10.164 + total_files++; 10.165 +--- a/register.c 10.166 ++++ b/register.c 10.167 +@@ -205,7 +205,7 @@ int main(int argc, char **argv) 10.168 + char reg_source[200]; 10.169 + int i; 10.170 + 10.171 +- printf(M_REGISTER_BANNER); 10.172 ++ fputs(M_REGISTER_BANNER, stdout); 10.173 + integrity_pattern[0]--; 10.174 + build_crc32_table(); 10.175 + if(argc!=2) 10.176 +--- a/arjdisp.c 10.177 ++++ b/arjdisp.c 10.178 +@@ -20,8 +20,6 @@ static long bytes; 10.179 + static long compsize; 10.180 + static char cmd_verb; 10.181 + static char msg_lf[]="\n"; 10.182 +-char strform[]="%s"; /* Export it for scrnio.c, too 10.183 +- (a byte saved is a byte gained) */ 10.184 + 10.185 + /* Pseudographical controls */ 10.186 + 10.187 +@@ -54,19 +52,19 @@ static void show_init_scrn() 10.188 + textcolor(7); 10.189 + clrscr(); 10.190 + gotoxy(2, 2); 10.191 +- scrprintf(win_top); 10.192 ++ fputs(win_top, stdout); 10.193 + for(i=3; i<24; i++) 10.194 + { 10.195 +- gotoxy(2, i); scrprintf(win_border); 10.196 +- gotoxy(79, i); scrprintf(win_border); 10.197 ++ gotoxy(2, i); fputs(win_border, stdout); 10.198 ++ gotoxy(79, i); fputs(win_border, stdout); 10.199 + } 10.200 +- gotoxy(2, 24); scrprintf(win_bottom); 10.201 ++ gotoxy(2, 24); fputs(win_bottom, stdout); 10.202 + gotoxy(10, 5); 10.203 +- scrprintf(M_ARJDISP_COPYRIGHT); 10.204 ++ fputs(M_ARJDISP_COPYRIGHT, stdout); 10.205 + gotoxy(10, 6); 10.206 +- scrprintf(M_ARJDISP_DISTRIBUTION); 10.207 ++ fputs(M_ARJDISP_DISTRIBUTION, stdout); 10.208 + gotoxy(10, 7); 10.209 +- scrprintf(M_ARJDISP_LICENSE); 10.210 ++ fputs(M_ARJDISP_LICENSE, stdout); 10.211 + gotoxy(16, 10); 10.212 + scrprintf(M_PROCESSING_ARCHIVE, archive_name); 10.213 + t=strtok(M_ARJDISP_INFO, msg_lf); 10.214 +@@ -74,11 +72,11 @@ static void show_init_scrn() 10.215 + while(t!=NULL&&i<=23) 10.216 + { 10.217 + gotoxy(10, i++); 10.218 +- scrprintf(strform, t); 10.219 ++ scrprintf("%s", t); 10.220 + t=strtok(NULL, msg_lf); 10.221 + } 10.222 + gotoxy(16, 20); 10.223 +- scrprintf(M_PRESS_ANY_KEY); 10.224 ++ fputs(M_PRESS_ANY_KEY, stdout); 10.225 + uni_getch(); 10.226 + gotoxy(1, 24); 10.227 + } 10.228 +@@ -96,19 +94,19 @@ static void show_proc_scrn() 10.229 + { 10.230 + clrscr(); 10.231 + gotoxy(2, 2); 10.232 +- scrprintf(win_top); 10.233 ++ fputs(win_top, stdout); 10.234 + for(i=3; i<24; i++) 10.235 + { 10.236 +- gotoxy(2, i); scrprintf(win_border); 10.237 +- gotoxy(79, i); scrprintf(win_border); 10.238 ++ gotoxy(2, i); fputs(win_border, stdout); 10.239 ++ gotoxy(79, i); fputs(win_border, stdout); 10.240 + } 10.241 +- gotoxy(2, 24); scrprintf(win_bottom); 10.242 ++ gotoxy(2, 24); fputs(win_bottom, stdout); 10.243 + gotoxy(10, 5); 10.244 +- scrprintf(M_ARJDISP_COPYRIGHT); 10.245 ++ fputs(M_ARJDISP_COPYRIGHT, stdout); 10.246 + gotoxy(10, 6); 10.247 +- scrprintf(M_ARJDISP_DISTRIBUTION); 10.248 ++ fputs(M_ARJDISP_DISTRIBUTION, stdout); 10.249 + gotoxy(10, 7); 10.250 +- scrprintf(M_ARJDISP_LICENSE); 10.251 ++ fputs(M_ARJDISP_LICENSE, stdout); 10.252 + gotoxy(16, 10); 10.253 + scrprintf(M_PROCESSING_ARCHIVE, archive_name); 10.254 + gotoxy(16, 12); 10.255 +@@ -132,13 +130,13 @@ static void show_proc_scrn() 10.256 + break; 10.257 + } 10.258 + gotoxy(15, 14); 10.259 +- scrprintf(ind_top); 10.260 ++ fputs(ind_top, stdout); 10.261 + gotoxy(15, 15); 10.262 +- scrprintf(ind_middle); 10.263 ++ fputs(ind_middle, stdout); 10.264 + gotoxy(15, 16); 10.265 +- scrprintf(ind_bottom); 10.266 ++ fputs(ind_bottom, stdout); 10.267 + gotoxy(16, 18); 10.268 +- scrprintf(M_ARJDISP_CTR_START); 10.269 ++ fputs(M_ARJDISP_CTR_START, stdout); 10.270 + } 10.271 + else 10.272 + { 10.273 +@@ -146,7 +144,7 @@ static void show_proc_scrn() 10.274 + gotoxy(16, 15); 10.275 + memset(progress, indo, i); 10.276 + progress[i]='\0'; 10.277 +- scrprintf(progress); 10.278 ++ fputs(progress, stdout); 10.279 + gotoxy(16, 18); 10.280 + scrprintf(M_ARJDISP_CTR, calc_percentage(bytes, uncompsize)/10); 10.281 + } 10.282 +@@ -165,19 +163,19 @@ static void show_ending_scrn() 10.283 + textcolor(7); 10.284 + clrscr(); 10.285 + gotoxy(2, 2); 10.286 +- scrprintf(win_top); 10.287 ++ fputs(win_top, stdout); 10.288 + for(i=3; i<24; i++) 10.289 + { 10.290 +- gotoxy(2, i); scrprintf(win_border); 10.291 +- gotoxy(79, i); scrprintf(win_border); 10.292 ++ gotoxy(2, i); fputs(win_border, stdout); 10.293 ++ gotoxy(79, i); fputs(win_border, stdout); 10.294 + } 10.295 +- gotoxy(2, 24); scrprintf(win_bottom); 10.296 ++ gotoxy(2, 24); fputs(win_bottom, stdout); 10.297 + gotoxy(10, 5); 10.298 +- scrprintf(M_ARJDISP_COPYRIGHT); 10.299 ++ fputs(M_ARJDISP_COPYRIGHT, stdout); 10.300 + gotoxy(10, 6); 10.301 +- scrprintf(M_ARJDISP_DISTRIBUTION); 10.302 ++ fputs(M_ARJDISP_DISTRIBUTION, stdout); 10.303 + gotoxy(10, 7); 10.304 +- scrprintf(M_ARJDISP_LICENSE); 10.305 ++ fputs(M_ARJDISP_LICENSE, stdout); 10.306 + gotoxy(16, 10); 10.307 + scrprintf(M_FINISHED_PROCESSING, archive_name); 10.308 + gotoxy(1, 24);
11.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 11.2 +++ b/arj/stuff/patches/series Sat May 13 17:25:31 2017 +0300 11.3 @@ -0,0 +1,9 @@ 11.4 +arches_align.patch 11.5 +no_remove_static_const.patch 11.6 +64_bit_clean.patch 11.7 +custom-printf.patch 11.8 +CVE-2015-0556-symlink-traversal.patch 11.9 +CVE-2015-0557-dir-traversal.patch 11.10 +CVE-2015-2782-buffer-overflow.patch 11.11 +security_format.patch 11.12 +use_safe_strcpy.patch
12.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 12.2 +++ b/arj/stuff/patches/use_safe_strcpy.patch Sat May 13 17:25:31 2017 +0300 12.3 @@ -0,0 +1,97 @@ 12.4 +Patch by Guillem Jover <guillem@debian.org> for arj <= 3.10.22, to 12.5 +use a safe strcpy for overlapping strings, among others fixes a build 12.6 +problem with a mangled generated .c file by msgbind (thus FTBFS), and 12.7 +CRC errors at run-time. For further information, please have a look 12.8 +to http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590354 12.9 + 12.10 +--- 12.11 + arj.c | 2 +- 12.12 + arjdata.c | 9 +-------- 12.13 + ea_mgr.c | 2 +- 12.14 + misc.h | 4 ++++ 12.15 + msgbind.c | 2 +- 12.16 + packager.c | 2 +- 12.17 + 6 files changed, 9 insertions(+), 12 deletions(-) 12.18 + 12.19 +--- a/arjdata.c 12.20 ++++ b/arjdata.c 12.21 +@@ -204,13 +204,6 @@ void date_fmt(char *dest) 12.22 + #endif 12.23 + } 12.24 + 12.25 +-/* A safe strcpy() */ 12.26 +- 12.27 +-static void safe_strcpy(char *dest, char *src) 12.28 +-{ 12.29 +- memmove(dest, src, strlen(src)+1); 12.30 +-} 12.31 +- 12.32 + /* Context substitution routine */ 12.33 + 12.34 + char *expand_tags(char *str, int limit) 12.35 +@@ -232,7 +225,7 @@ char *expand_tags(char *str, int limit) 12.36 + { 12.37 + if(*(p+1)==TAG_CHAR) 12.38 + { 12.39 +- strcpy(p, p+1); 12.40 ++ safe_strcpy(p, p+1); 12.41 + p++; 12.42 + } 12.43 + else if(*(p+1)==TAG_SPECIAL_BEGIN&&(et=strchr(p+3, TAG_SPECIAL_END))!=NULL) 12.44 +--- a/arj.c 12.45 ++++ b/arj.c 12.46 +@@ -1169,7 +1169,7 @@ int main(int argc, char *argv[]) 12.47 + if(strlen(tmp_ptr)<=121) 12.48 + tmp_ptr[0]='\0'; 12.49 + else if(tmp_ptr[120]==' ') 12.50 +- strcpy(tmp_ptr, tmp_ptr+121); 12.51 ++ safe_strcpy(tmp_ptr, tmp_ptr+121); 12.52 + } 12.53 + if(cmd==ARJ_CMD_ORDER&&strpbrk(tmp_ptr, wildcard_pattern)!=NULL) 12.54 + error(M_ORDER_WILDCARD); 12.55 +--- a/ea_mgr.c 12.56 ++++ b/ea_mgr.c 12.57 +@@ -696,7 +696,7 @@ int resolve_longname(char *dest, char *n 12.58 + tmp_name[st_len]='\0'; 12.59 + if(tmp_name[0]==0xFD&&tmp_name[1]==0xFF) 12.60 + { 12.61 +- strcpy(tmp_name, (char *)tmp_name+4); 12.62 ++ safe_strcpy(tmp_name, (char *)tmp_name+4); 12.63 + st_len-=4; 12.64 + } 12.65 + if(st_len==0||st_len+entry>=FILENAME_MAX) 12.66 +--- a/msgbind.c 12.67 ++++ b/msgbind.c 12.68 +@@ -578,7 +578,7 @@ int main(int argc, char **argv) 12.69 + } 12.70 + strcat(pool[tpool].data, msgname); 12.71 + strcat(pool[tpool].data, ", "); 12.72 +- strcpy(msg_buffer, msg_buffer+1); 12.73 ++ safe_strcpy(msg_buffer, msg_buffer+1); 12.74 + buf_len=strlen(msg_buffer); 12.75 + msg_buffer[--buf_len]='\0'; 12.76 + patch_string(msg_buffer); 12.77 +--- a/packager.c 12.78 ++++ b/packager.c 12.79 +@@ -347,7 +347,7 @@ int main(int argc, char **argv) 12.80 + expand_tags(buf, sizeof(buf)-1); 12.81 + if((p=strchr(buf, '.'))!=NULL) 12.82 + { 12.83 +- strcpy(p, p+1); 12.84 ++ safe_strcpy(p, p+1); 12.85 + if((p=strchr(buf, '.'))!=NULL) 12.86 + *p='\0'; 12.87 + } 12.88 +--- a/misc.h 12.89 ++++ b/misc.h 12.90 +@@ -11,6 +11,10 @@ 12.91 + #include "arjtypes.h" 12.92 + #include "filelist.h" 12.93 + 12.94 ++/* A safe strcpy() */ 12.95 ++ 12.96 ++#define safe_strcpy(dest, src) memmove(dest, src, strlen(src)+1); 12.97 ++ 12.98 + /* ASCIIZ string copy macro */ 12.99 + 12.100 + #define strcpyn(dest, src, n) \
13.1 --- a/pciutils/receipt Fri May 12 16:19:41 2017 +0300 13.2 +++ b/pciutils/receipt Sat May 13 17:25:31 2017 +0300 13.3 @@ -11,7 +11,7 @@ 13.4 WGET_URL="ftp://atrey.karlin.mff.cuni.cz/pub/linux/pci/$TARBALL" 13.5 13.6 DEPENDS="glibc-base zlib pciids" 13.7 -BUILD_DEPENDS="wget" 13.8 +BUILD_DEPENDS="zlib-dev" 13.9 13.10 # Rules to configure and make the package. 13.11 compile_rules()
14.1 --- a/pcmanfm-legacy/receipt Fri May 12 16:19:41 2017 +0300 14.2 +++ b/pcmanfm-legacy/receipt Sat May 13 17:25:31 2017 +0300 14.3 @@ -20,7 +20,7 @@ 14.4 hicolor-icon-theme shared-mime-info" 14.5 BUILD_DEPENDS="gtk+-dev gamin-dev gamin shared-mime-info intltool hal-dev \ 14.6 dbus-glib-dev dbus-dev startup-notification-dev libxcb-dev xcb-util-dev \ 14.7 -xcb-util" 14.8 +xcb-util xorg-libX11-dev xorg-libXt-dev" 14.9 14.10 # Rules to configure and make the package. 14.11 compile_rules()