bzip2: Update to 1.0.8

It seems bzip2 was abandoned by the author and adopted by the sourceware
people. The last release of bzip2 was from 2010.

Several security bugs were fixed as well as others.

Fixed up PKG_LICENSE to be compatible with SPDX.

Changed URLs to point to the new home.

Added patch that gets rid of deprecated utime function and switches it to
utimensat.

Signed-off-by: Rosen Penev <[email protected]>

package/utils/bzip2/Makefile

@@ -8,16 +8,15 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=bzip2
-PKG_VERSION:=1.0.6
-PKG_RELEASE:=5
+PKG_VERSION:=1.0.8
+PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=http://distfiles.gentoo.org/distfiles/ \
-	http://distcache.freebsd.org/ports-distfiles/
-PKG_HASH:=a2848f34fcd5d6cf47def00461fcb528a0484d8edef8208d6d2e2909dc61d9cd
-PKG_MAINTAINER:=Steven Barth <[email protected]>
+PKG_SOURCE_URL:=https://sourceware.org/pub/bzip2
+PKG_HASH:=ab5a03176ee106d3f0fa90e381da478ddae405918153cca248e682cd0c4a2269
 
-PKG_LICENSE:=BZIP2
+PKG_MAINTAINER:=Steven Barth <[email protected]>
+PKG_LICENSE:=bzip2-1.0.8
 PKG_LICENSE_FILES:=LICENSE
 PKG_CPE_ID:=cpe:/a:bzip:bzip2
 
@@ -26,7 +25,7 @@ include $(INCLUDE_DIR)/package.mk
 
 define Package/bzip2/Default
   SUBMENU:=Compression
-  URL:=http://www.bzip.org/
+  URL:=https://sourceware.org/bzip2/
 endef
 
 define Package/libbz2

package/utils/bzip2/patches/010-CVE-2016-3189.patch

@@ -1,11 +0,0 @@
-diff -up ./bzip2recover.c.old ./bzip2recover.c
---- ./bzip2recover.c.old	2016-03-22 08:49:38.855620000 +0100
-+++ ./bzip2recover.c	2016-03-30 10:22:27.341430099 +0200
-@@ -457,6 +457,7 @@ Int32 main ( Int32 argc, Char** argv )
-             bsPutUChar ( bsWr, 0x50 ); bsPutUChar ( bsWr, 0x90 );
-             bsPutUInt32 ( bsWr, blockCRC );
-             bsClose ( bsWr );
-+            outFile = NULL;
-          }
-          if (wrBlock >= rbCtr) break;
-          wrBlock++;

package/utils/bzip2/patches/020-no-utime.patch

@@ -0,0 +1,27 @@
+--- a/bzip2.c
++++ b/bzip2.c
+@@ -69,7 +69,6 @@
+ #if BZ_UNIX
+ #   include <fcntl.h>
+ #   include <sys/types.h>
+-#   include <utime.h>
+ #   include <unistd.h>
+ #   include <sys/stat.h>
+ #   include <sys/times.h>
+@@ -1051,12 +1050,12 @@ void applySavedTimeInfoToOutputFile ( Ch
+ {
+ #  if BZ_UNIX
+    IntNative      retVal;
+-   struct utimbuf uTimBuf;
++   struct timespec uTimBuf[2] = {};
+ 
+-   uTimBuf.actime = fileMetaInfo.st_atime;
+-   uTimBuf.modtime = fileMetaInfo.st_mtime;
++   uTimBuf[0].tv_sec = fileMetaInfo.st_atime;
++   uTimBuf[1].tv_sec = fileMetaInfo.st_mtime;
+ 
+-   retVal = utime ( dstName, &uTimBuf );
++   retVal = utimensat ( AT_FDCWD, dstName, uTimBuf , 0 );
+    ERROR_IF_NOT_ZERO ( retVal );
+ #  endif
+ }