Upgrade bzip2 from 1.0.6 to 1.0.8

Include fixes for CVE-2016-3189 and CVE-2019-12900
DataDog · Mar 17, 2020 · e94a459 · e94a459
1 parent a358d41
commit e94a459
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 11 deletions.
diff --git a/config/patches/bzip2/makefile_take_env_vars.patch b/config/patches/bzip2/makefile_take_env_vars.patch
@@ -1,5 +1,5 @@
---- bzip2-1.0.6/Makefile-orig	2010-09-10 17:46:02.000000000 -0500
-+++ bzip2-1.0.6/Makefile	2013-11-21 13:55:11.000000000 -0600
+--- bzip2-1.0.8/Makefile-orig	2010-09-10 17:46:02.000000000 -0500
++++ bzip2-1.0.8/Makefile	2013-11-21 13:55:11.000000000 -0600
 @@ -18,10 +18,10 @@
  CC=gcc
  AR=ar

diff --git a/config/patches/bzip2/soname_install_dir.patch b/config/patches/bzip2/soname_install_dir.patch
@@ -1,11 +1,11 @@
---- bzip2-1.0.6/Makefile-libbz2_so-orig	2014-07-10 09:51:05.000000000 -0700
-+++ bzip2-1.0.6/Makefile-libbz2_so	2014-07-10 09:53:59.000000000 -0700
+--- bzip2-1.0.8/Makefile-libbz2_so-orig	2014-07-10 09:51:05.000000000 -0700
++++ bzip2-1.0.8/Makefile-libbz2_so	2014-07-10 09:53:59.000000000 -0700
 @@ -35,7 +35,7 @@
        bzlib.o
 
  all: $(OBJS)
--	$(CC) -shared -Wl,-soname -Wl,libbz2.so.1.0 -o libbz2.so.1.0.6 $(OBJS)
-+	$(CC) -shared -Wl,-install_name -Wl,libbz2.so.1.0 -o libbz2.so.1.0.6 $(OBJS)
- 	$(CC) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.6
+-	$(CC) -shared -Wl,-soname -Wl,libbz2.so.1.0 -o libbz2.so.1.0.8 $(OBJS)
++	$(CC) -shared -Wl,-install_name -Wl,libbz2.so.1.0 -o libbz2.so.1.0.8 $(OBJS)
+ 	$(CC) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.8
  	rm -f libbz2.so.1.0
- 	ln -s libbz2.so.1.0.6 libbz2.so.1.0
+ 	ln -s libbz2.so.1.0.8 libbz2.so.1.0
diff --git a/config/software/bzip2.rb b/config/software/bzip2.rb
@@ -21,13 +21,13 @@
 # This is a Linux/OSX only DSL
 
 name "bzip2"
-default_version "1.0.6"
+default_version "1.0.8"
 
 dependency "zlib"
 dependency "openssl"
 
 source url: "https://s3.amazonaws.com/dd-agent/bzip2/bzip2-#{version}.tar.gz",
-       sha256: "a2848f34fcd5d6cf47def00461fcb528a0484d8edef8208d6d2e2909dc61d9cd"
+       sha256: "ab5a03176ee106d3f0fa90e381da478ddae405918153cca248e682cd0c4a2269"
 
 relative_path "#{name}-#{version}"
 
@@ -41,7 +41,7 @@
 }
 
 build do
-  ship_license "https://gist.githubusercontent.com/remh/227fefddabefc998235f/raw/cc614178cf79580e04671c4d6acfbe95028b1842/bzip2.LICENSE"
+  ship_license "https://sourceware.org/git/?p=bzip2.git;a=blob_plain;f=LICENSE;h=81a37eab7a5be1a34456f38adb74928cc9073e9b;hb=HEAD"
   patch source: "makefile_take_env_vars.patch"
   patch source: "soname_install_dir.patch" if ohai["platform_family"] == "mac_os_x"
   command "make PREFIX=#{prefix} VERSION=#{version}", env: env