[no description] https://git.osdyson.ru/mirror/pkgsrc/atom?h=pkgsrc-2003Q4 2004-03-08T17:44:16Z 2004-03-08T17:44:16Z agc agc@pkgsrc.org 2004-03-08T17:44:16Z urn:sha1:44b8132cea96f82444c631d4835ebb548486a921 Jacobsen. Module Name: pkgsrc Committed By: snj Date: Sat Feb 28 18:36:38 UTC 2004 Modified Files: pkgsrc/games/xboing: Makefile distinfo pkgsrc/games/xboing/patches: patch-ad Added Files: pkgsrc/games/xboing/patches: patch-ae patch-af patch-ag patch-ah patch-ai Log Message: strcpy and sprintf are evil, don't use them. Inspired by similar changes in Debian. This fixes several locally exploitable vulnerabilities. 2004-03-05T16:25:45Z agc agc@pkgsrc.org 2004-03-05T16:25:45Z urn:sha1:d1c51cbccd057d56f9237360a9657dfb0e84b4ef Soren Jacobsen. Module Name: pkgsrc Committed By: snj Date: Sat Feb 28 20:04:40 UTC 2004 Modified Files: pkgsrc/mail/metamail: Makefile distinfo pkgsrc/mail/metamail/patches: patch-ae Log Message: Properly fix last. From Christian Weisgerber. 2004-02-26T16:22:03Z agc agc@pkgsrc.org 2004-02-26T16:22:03Z urn:sha1:889bd4383be62fcd00b45d608238abe98244a8d7 the pkgsrc-2003Q4 branch, requested by Soren Jacobson. Module Name: pkgsrc Committed By: snj Date: Wed Feb 25 03:58:43 UTC 2004 Modified Files: pkgsrc/mail/metamail: Makefile distinfo pkgsrc/mail/metamail/patches: patch-ad patch-ae patch-af patch-ag patch-ah Added Files: pkgsrc/mail/metamail/patches: patch-ai patch-aj patch-ak patch-al patch-am patch-an patch-ao Removed Files: pkgsrc/mail/metamail/patches: patch-ac Log Message: * Apply security patch from http://www.securityfocus.com/archive/1/354362/2004-02-15/2004-02-21/2 * Bump PKGREVISION to 2. * Make patches only modify one file each * Fix some spelling errors * Use ${SED} instead of sed, and ${CHMOD} instead of chmod 2004-02-11T15:36:02Z agc agc@pkgsrc.org 2004-02-11T15:36:02Z urn:sha1:0a28111966bf9036df502d90c4fef51a57db8327 Matthias Scheler. Module Name: pkgsrc Committed By: tron Date: Wed Feb 11 15:21:57 UTC 2004 Modified Files: pkgsrc/mail/mutt: Makefile distinfo Log Message: Update "mutt" package to version 1.4.2. Changes since version 1.4.1: This version fixes a buffer overflow that can be triggered by incoming messages. There are reports about spam that has actually triggered this problem and crashed mutt. 2004-02-10T17:26:34Z agc agc@pkgsrc.org 2004-02-10T17:26:34Z urn:sha1:bb2c0c62647063a0aebf3d5bc1b05666dc30d13e Scheler. Module Name: pkgsrc Committed By: tron Date: Tue Feb 10 09:32:47 UTC 2004 Modified Files: pkgsrc/audio/mpg123: Makefile distinfo pkgsrc/audio/mpg123-esound: Makefile pkgsrc/audio/mpg123-nas: Makefile Added Files: pkgsrc/audio/mpg123/patches: patch-aq Log Message: Fix security vulnerability reported in CAN-2003-0865. Bump package revision because of this fix. 2004-02-10T15:59:42Z agc agc@pkgsrc.org 2004-02-10T15:59:42Z urn:sha1:52cc4d1ac80beca7affe07d5c29769557e5a7605 Module Name: pkgsrc Committed By: tron Date: Tue Feb 10 09:32:47 UTC 2004 Modified Files: pkgsrc/audio/mpg123: Makefile distinfo pkgsrc/audio/mpg123-esound: Makefile pkgsrc/audio/mpg123-nas: Makefile Added Files: pkgsrc/audio/mpg123/patches: patch-aq Log Message: Fix security vulnerability reported in CAN-2003-0865. Bump package revision because of this fix. Also pull in the intermmediate USE_X11BASE -> USE_X11 fix, to ensure consistent binary package naming across pkgsrc-2003Q4 branch and the head. 2004-02-10T15:57:30Z agc agc@pkgsrc.org 2004-02-10T15:57:30Z urn:sha1:402e837e88022ca39faf8c3d7903027e9e6fc4ec Module Name: pkgsrc Committed By: tron Date: Tue Feb 10 09:32:47 UTC 2004 Modified Files: pkgsrc/audio/mpg123: Makefile distinfo pkgsrc/audio/mpg123-esound: Makefile pkgsrc/audio/mpg123-nas: Makefile Added Files: pkgsrc/audio/mpg123/patches: patch-aq Log Message: Fix security vulnerability reported in CAN-2003-0865. Bump package revision because of this fix. 2004-01-29T18:48:36Z agc agc@pkgsrc.org 2004-01-29T18:48:36Z urn:sha1:9aae1da6024bb97b0695e3e8f10aa1174ca6977f problem on Solaris, requested by Grant Beattie. Module Name: pkgsrc Committed By: grant Date: Wed Jan 28 02:52:43 UTC 2004 Modified Files: pkgsrc/security/skey: Makefile Log Message: no need to include perl5/buildlink2.mk, in fact, it breaks USE_PERL5=build. 2004-01-29T18:38:50Z agc agc@pkgsrc.org 2004-01-29T18:38:50Z urn:sha1:2d684d28ad23745c9db28511d0373931fad7213b pkgsrc-2003Q4 branch, requested by Marc Recht. The files here were hand-edited, since much has changed between the version of this package on the pkgsrc-2003Q4 branch and the head. Original commit message follows: Module Name: pkgsrc Committed By: recht Date: Tue Jan 27 01:24:52 UTC 2004 Modified Files: pkgsrc/chat/gaim: Makefile distinfo pkgsrc/chat/gaim/patches: patch-aa Added Files: pkgsrc/chat/gaim/patches: patch-ab patch-ac patch-ad Log Message: 12 vulnerabilities were found in the instant messenger GAIM that allow remote compromise. The 12 identified problems range from simple standard stack overflows, over heap overflows to an integer overflow that can be abused to cause a heap overflow. Due to the nature of instant messaging some of these bugs require man-in-the-middle attacks between client and server. But the underlying protocols are easy to implement and MIM attacks on ordinary TCP sessions is afairly simple task. Please see http://security.e-matters.de/advisories/012004.html for more details. Apply the fix posted in that advisory (originally by the FreeBSD security team) and bump PKGREVISION to 1. 2004-01-12T17:36:50Z agc agc@pkgsrc.org 2004-01-12T17:36:50Z urn:sha1:380caeb1f4cff3aeb5822943c1fd426f83d00670 requested by Quentin Garnier and Lubomir Sedlacik.