tar: remove outdated CVE patch.

Patch was added d95a0b0706, apparently based on the one discussed in [1], but using ERROR instead of FATAL_ERROR. However, per [2], this was fixed in another way, though upstream seems to not consider it worthy of a CVE. [1] https://lists.gnu.org/archive/html/bug-tar/2016-10/msg00014.html [2] https://lists.gnu.org/archive/html/bug-tar/2016-10/msg00016.html
2021-04-25 02:03:14 -03:00 · 2021-04-25 02:03:14 -03:00 · 8d52b01f92
commit 8d52b01f92
parent 5054d6ae18
2 changed files with 1 additions and 28 deletions
--- a/srcpkgs/tar/patches/tar-1.29-extract-pathname-bypass.patch
+++ b/srcpkgs/tar/patches/tar-1.29-extract-pathname-bypass.patch
@ -1,27 +0,0 @@
--- lib/paxnames.c.orig	2016-04-06 00:04:47.314860045 +0300
-+++ lib/paxnames.c	2016-04-06 02:08:44.962297881 +0300
-@@ -18,6 +18,7 @@
- #include <system.h>
- #include <hash.h>
- #include <paxlib.h>
-+#include <quotearg.h>
- 
- 
- /* Hash tables of strings.  */
-@@ -114,7 +115,15 @@
-       for (p = file_name + prefix_len; *p; )
- 	{
-           if (p[0] == '.' && p[1] == '.' && (ISSLASH (p[2]) || !p[2]))
-	    prefix_len = p + 2 - file_name;
-+            {
-+	      static char const *const diagnostic[] =
-+	      {
-+		N_("%s: Member name contains '..'"),
-+		N_("%s: Hard link target contains '..'")
-+	      };
-+	      ERROR ((0, 0, _(diagnostic[link_target]),
-+	              quotearg_colon (file_name)));
-+	    }
- 
- 	  do
- 	    {
--- a/srcpkgs/tar/template
+++ b/srcpkgs/tar/template
@ -1,7 +1,7 @@
 # Template file for 'tar'
 pkgname=tar
 version=1.34
-revision=1
+revision=2
 build_style=gnu-configure
 configure_args="gl_cv_struct_dirent_d_ino=yes"
 makedepends="acl-devel"