[no description] https://git.osdyson.ru/mirror/pkgsrc/atom?h=pkgsrc_2008Q1 2008-07-10T13:00:01Z 2008-07-10T13:00:01Z tron tron 2008-07-10T13:00:01Z urn:sha1:6d7cc00af98324ffb5cb1b8c26ec183afaaaf9f5 Security patch for ruby18-base Revisions pulled up: - lang/ruby18-base/Makefile 1.45 via patch - lang/ruby18-base/distinfo 1.31 via patch - lang/ruby18-base/patches/patch-ad 1.9 via patch --- Module Name: pkgsrc Committed By: tonnerre Date: Thu Jul 3 21:06:10 UTC 2008 Modified Files: pkgsrc/lang/ruby18-base: Makefile distinfo Added Files: pkgsrc/lang/ruby18-base/patches: patch-ad Log Message: Add a patch to fix the integer overflow in rb_ary_fill() in Ruby 1.8 which can be exploited to cause a denial of service through memory exhaustion. (SN-2008-02) 2008-06-28T11:54:07Z tron tron 2008-06-28T11:54:07Z urn:sha1:6f6a39d4b8881b3cd2f3e21f620c3780951e323b Security update for ruby packages Apply patches to update Ruby to version 1.8.6 patchlevel 230 to fix the security vulnerability reported in CVE-2008-2726. 2008-06-02T09:15:44Z tron tron 2008-06-02T09:15:44Z urn:sha1:0e0d2150af5e25c219aa0b844bba0a2086dfbc15 Security patch for perl Revisions pulled up: - lang/perl5/Makefile 1.137 - lang/perl5/distinfo 1.48 - lang/perl5/patches/patch-ad 1.11 - lang/perl5/patches/patch-af 1.13 - lang/perl5/patches/patch-ag 1.11 - lang/perl5/patches/patch-ai 1.5 - lang/perl5/patches/patch-aj 1.9 - lang/perl5/patches/patch-ak 1.3 - lang/perl5/patches/patch-da 1.2 --- Module Name: pkgsrc Committed By: he Date: Sun Jun 1 22:04:07 UTC 2008 Modified Files: pkgsrc/lang/perl5: Makefile distinfo pkgsrc/lang/perl5/patches: patch-da Added Files: pkgsrc/lang/perl5/patches: patch-ad patch-af patch-ag patch-ai patch-aj patch-ak Log Message: Apply a patch from Debian to fix the security vulnerability identified by http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1927. Patch fetched from http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=26;filename=27_fix_regcomp_utf8;att=1;bug=454792 which, according to comments, is from upstream change 27688. Revision bumped to nb8. 2008-05-30T17:13:43Z spz spz 2008-05-30T17:13:43Z urn:sha1:6b7466f32ee64bfdb93e0bd54e3e874784594bda fix build problem on NetBSD-current Revisions pulled up: - pkgsrc/lang/perl5/patches/patch-ae 1.11 - pkgsrc/lang/perl5/distinfo 1.47 Module Name: pkgsrc Committed By: wiz Date: Mon Apr 28 22:24:22 UTC 2008 Modified Files: pkgsrc/lang/perl5: distinfo pkgsrc/lang/perl5/patches: patch-ae Log Message: Add missing single quote. Fixes build on -current. To generate a diff of this commit: cvs rdiff -r1.46 -r1.47 pkgsrc/lang/perl5/distinfo cvs rdiff -r1.10 -r1.11 pkgsrc/lang/perl5/patches/patch-ae Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. 2008-05-18T15:34:59Z spz spz 2008-05-18T15:34:59Z urn:sha1:0170aaae99ac20906ab8cc3e9be48adb2b890402 security update for tcl Revisions pulled up: - pkgsrc/lang/tcl/Makefile.version 1.8 - pkgsrc/lang/tcl/distinfo 1.42 Module Name: pkgsrc Committed By: bjs Date: Mon Apr 7 15:16:40 UTC 2008 Modified Files: pkgsrc/lang/tcl: Makefile.version distinfo Log Message: Update to version 8.4.18. Distilled list of non-Windows changes: * generic/tclInterp.c (Tcl_GetAlias): fix for [Bug 1882373] * generic/regguts.h, generic/regc_color.c, generic/regc_nfa.c: Fixes for problems created when processing regular expressions that generate very large automata. An enormous number of thanks to Will Drewry <wad@google.com>, Tavis Ormandy <taviso@google.com>, and Tom Lane <tgl@sss.pgh.pa.us> from the Postgresql crowd for their help in tracking these problems down. [Bug 1810264] * unix/tclUnixCompat.c (TclpGetHostByName): Really applied the change noted on 2007-11-13 by dkf below. * generic/tclIOUtil.c (TclGetOpenMode): Only set the O_APPEND flag * tests/ioUtil.test (ioUtil-4.1): on a channel for the 'a' mode and not for 'a+'. [Bug 1773127] (backport from HEAD) * generic/tclCmdIL.c (Tcl_LsearchObjCmd): Prevent shimmering crash when -exact and -integer/-real are mixed. [Bug 1844789] * generic/tclThread.c: Back-port locking changes from Tcl8.5 in Tcl_Mutex/ConditionFinlize. Now we properly master-lock the finalization of sync primitives. * generic/regc_nfa.c: Fixed infinite loop in the regexp compiler * generic/regcomp.c: [Bug 1810038]. Corrected looping logic in * tests/regexp.test: fixempties() to avoid wasting time walking a list of dead states [Bug 1832612]. Convert optst() from expensive no-op to a cheap no-op. Improve newline usage in debug output. * unix/tclUnixCompat.c (TclpGetHostByName): The six-argument form of getaddressbyname_r() uses the fifth argument to indicate whether the lookup succeeded or not on at least one platform. [Bug 1618235] * generic/regc_lex.c (lexescape): Ensure that backreference numbers can't overflow a signed int in a way that breaks things. [Bug 1810264] * generic/tclParse.c (Tcl_ParseBraces): fix for possible read after the end of buffer, [Bug 1813528] (Joe Mistachkin). * generic/tclObj.c (Tcl_FindCommandFromObj): fix finding a deleted command; cannot trigger this from Tcl itself, but crash reported on xotcl. This check is new to 8.4 but exists in 8.5, so this is a backport or something. Thanks Gustaf Neumann. * generic/tcl.h (Tcl_DecrRefCount): Update change from 2006-05-29 to make macro more warning-robust in unbraced if code. To generate a diff of this commit: cvs rdiff -r1.7 -r1.8 pkgsrc/lang/tcl/Makefile.version cvs rdiff -r1.41 -r1.42 pkgsrc/lang/tcl/distinfo 2008-05-15T09:56:31Z rtr rtr 2008-05-15T09:56:31Z urn:sha1:d2ac2d71f4ad220146aaa8a709764f8a79471d7f php5: many security fixes revisions pulled up: - pkgsrc/lang/php5/Makefile 1.64 - pkgsrc/lang/php5/Makefile.common 1.29 - pkgsrc/lang/php5/distinfo 1.52 Module Name: pkgsrc Committed By: adrianp Date: Sun May 4 16:50:44 UTC 2008 Modified Files: pkgsrc/lang/php5: Makefile Makefile.common distinfo Log Message: Security Enhancements and Fixes in PHP 5.2.6: Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin. Fixed integer overflow in printf() identified by Maksymilian Aciemowicz. Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh. Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz. Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser. Upgraded bundled PCRE to version 7.6 Key enhancements in PHP 5.2.6 include: * Fixed two possible crashes inside the posix extension. * Fixed bug 44069 (Huge memory usage with concatenation using . instead of .=) * Fixed bug 44141 (private parent constructor callable through static function). * Fixed bug 43589 (a possible infinite loop in bz2_filter.c). * Fixed bug 43450 (Memory leak on some functions with implicit object __toString() call). * Fixed bug 43201 (Crash on using uninitialized vals and __get/__set). * Fixed bug 42978 (mismatch between number of bound params and values causes a crash in pdo_pgsql). * Fixed bug 42937 (__call() method not invoked when methods are called on parent from child class). * Fixed bug 42736 (xmlrpc_server_call_method() crashes). * Fixed bug 42369 (Implicit conversion to string leaks memory). * Fixed bug 41562 (SimpleXML memory issue). * Over 120 bug fixes. 2008-04-20T15:56:43Z spz spz 2008-04-20T15:56:43Z urn:sha1:3b627b4fb3133fa89bf9cce847fe6f29c8fe2bc3 security updates for python24 Revisions pulled up: - pkgsrc/lang/python24/Makefile 1.41,1.42 - pkgsrc/lang/python24/distinfo 1.27,1.28 - pkgsrc/lang/python24/PLIST.common 1.9 - pkgsrc/lang/python24/patches/patch-au 1.1 - pkgsrc/lang/python/srcdist.mk 1.20 Module Name: pkgsrc Committed By: drochner Date: Fri Apr 11 10:32:33 UTC 2008 Modified Files: pkgsrc/lang/python24: Makefile distinfo Added Files: pkgsrc/lang/python24/patches: patch-au Log Message: fix possible buffer overflow by negative atguments to zlib.flush(), from upstream CVS, bump PKGREVISION To generate a diff of this commit: cvs rdiff -r1.40 -r1.41 pkgsrc/lang/python24/Makefile cvs rdiff -r1.26 -r1.27 pkgsrc/lang/python24/distinfo cvs rdiff -r0 -r1.1 pkgsrc/lang/python24/patches/patch-au --- Module Name: pkgsrc Committed By: drochner Date: Fri Apr 11 10:44:09 UTC 2008 Modified Files: pkgsrc/lang/python24: Makefile PLIST.common distinfo Log Message: update to 2.4.5 This release includes just a small number of fixes, primarily preventing crashes of the interpreter in certain boundary cases. To generate a diff of this commit: cvs rdiff -r1.41 -r1.42 pkgsrc/lang/python24/Makefile cvs rdiff -r1.8 -r1.9 pkgsrc/lang/python24/PLIST.common cvs rdiff -r1.27 -r1.28 pkgsrc/lang/python24/distinfo --- Module Name: pkgsrc Committed By: drochner Date: Fri Apr 11 10:44:48 UTC 2008 Modified Files: pkgsrc/lang/python: srcdist.mk Log Message: update for 2.4.5 To generate a diff of this commit: cvs rdiff -r1.19 -r1.20 pkgsrc/lang/python/srcdist.mk 2008-04-04T01:56:16Z bjs bjs 2008-04-04T01:56:16Z urn:sha1:8b5c8ca64a441e4be94ed4994c0aa9cb01884e97 today, eliminating most warnings. Bump rev. 2008-03-31T22:27:35Z tnn tnn 2008-03-31T22:27:35Z urn:sha1:1b3ac0b951a96c5bd1060bd0e5c0290951846564 - add PLIST.linux-x86_64 2008-03-31T22:10:07Z tnn tnn 2008-03-31T22:10:07Z urn:sha1:9964836edf4a8085b9463d067e8e2851ef5b21f0