diff options
| author | wiz <wiz> | 2005-04-19 12:39:18 +0000 |
|---|---|---|
| committer | wiz <wiz> | 2005-04-19 12:39:18 +0000 |
| commit | 1043b4367d0eb955a80489cba0435b181cd06a2d (patch) | |
| tree | b2a6527bd4e5fd4b543913694e2f43132c90168f /devel/cvs | |
| parent | cf5d2eb13ccd035999a0c077e8b78ea937c55808 (diff) | |
| download | pkgsrc-1043b4367d0eb955a80489cba0435b181cd06a2d.tar.gz | |
Update to 1.11.20.
NOTE: currently without IPv6 support, until there is an updated KAME patch
for it.
Changes:
Changes since 1.11.19:
**********************
SERVER SECURITY FIXES
* Thanks to a report from Alen Zukich, several minor
security issues have been addressed. One was a buffer overflow that is
potentially serious but which may not be exploitable, assigned CAN-2005-0753
by the Common Vulnerabilities and Exposures Project
<http://www.cve.mitre.org>. Other fixes resulting from Alen's report include
repair of an arbitrary free with no known exploit and several plugged memory
leaks and potentially freed NULL pointers which may have been exploitable for
a denial of service attack.
* Thanks to a report from Craig Monson, minor
potential vulnerabilities in the contributed Perl scripts have been fixed.
The confirmed vulnerability could allow the execution of arbitrary code on
the CVS server, but only if a user already had commit access and if one of
the contrib scripts was installed improperly, a condition which should have
been quickly visible to any administrator. The complete description of the
problem is here: <https://ccvs.cvshome.org/issues/show_bug.cgi?id=224>. If
you were making use of any of the contributed trigger scripts on a CVS
server, you should probably still replace them with the new versions, to be
on the safe side.
Unfortunately, our fix is incomplete. Taint-checking has been enabled in all
the contributed Perl scripts intended to be run as trigger scripts, but no
attempt has been made to ensure that they still run in taint mode. You will
most likely have to tweak the scripts in some way to make them run. Please
send any patches you find necessary back to <bug-cvs@gnu.org> so that we may
again ship fully enabled scripts in the future.
You should also make sure that any home-grown Perl scripts that you might
have installed as CVS triggers also have taint-checking enabled. This can be
done by adding `-T' on the scripts' #! lines. Please try running
`perldoc perlsec' if you would like more information on general Perl security
and taint-checking.
BUG FIXES
* Thanks to a report and a patch from Georg Scwharz
CVS now builds without error on IRIX 5.3
DEVELOPER ISSUES
* We've standardized on Automake 1.9.5 to get some at new features that make
our jobs easier. See the HACKING file for more on using the autotools with
CVS.
Diffstat (limited to 'devel/cvs')
| -rw-r--r-- | devel/cvs/Makefile | 12 | ||||
| -rw-r--r-- | devel/cvs/distinfo | 26 | ||||
| -rw-r--r-- | devel/cvs/patches/patch-ab | 6 | ||||
| -rw-r--r-- | devel/cvs/patches/patch-ae | 16 | ||||
| -rw-r--r-- | devel/cvs/patches/patch-af | 6 | ||||
| -rw-r--r-- | devel/cvs/patches/patch-ag | 17 | ||||
| -rw-r--r-- | devel/cvs/patches/patch-ai | 6 | ||||
| -rw-r--r-- | devel/cvs/patches/patch-al | 6 | ||||
| -rw-r--r-- | devel/cvs/patches/patch-ar | 14 | ||||
| -rw-r--r-- | devel/cvs/patches/patch-as | 6 | ||||
| -rw-r--r-- | devel/cvs/patches/patch-az | 8 |
11 files changed, 62 insertions, 61 deletions
diff --git a/devel/cvs/Makefile b/devel/cvs/Makefile index 7a5318a8aa2..aabd76530f0 100644 --- a/devel/cvs/Makefile +++ b/devel/cvs/Makefile @@ -1,12 +1,11 @@ -# $NetBSD: Makefile,v 1.83 2005/04/11 21:45:19 tv Exp $ +# $NetBSD: Makefile,v 1.84 2005/04/19 12:39:18 wiz Exp $ # -DISTNAME= cvs-1.11.19 +DISTNAME= cvs-1.11.20 CATEGORIES= devel # (SSL) download URL according to http://www.cvshome.org/ is -# https://ccvs.cvshome.org/files/documents/19/742/cvs-1.11.19.tar.bz2 -MASTER_SITES= http://distro.ibiblio.org/pub/linux/distributions/sorcerer/sources/cvs/1.11.19/ \ - ${MASTER_SITE_BACKUP} +# https://ccvs.cvshome.org/files/documents/19/861/cvs-1.11.20.tar.bz2 +MASTER_SITES= ${MASTER_SITE_BACKUP} EXTRACT_SUFX= .tar.bz2 MAINTAINER= wiz@NetBSD.org @@ -24,7 +23,8 @@ BUILD_DEFS+= USE_INET6 .if defined(USE_INET6) && !empty(USE_INET6:M[yY][eE][sS]) && \ empty(MACHINE_PLATFORM:MSunOS-5.[89]-*) && \ empty(MACHINE_PLATFORM:MSunOS-5.10-*) && \ - empty(MACHINE_PLATFORM:MLinux-*) + empty(MACHINE_PLATFORM:MLinux-*) && \ + defined(NOT_YET_AVAILABLE_FOR_CVS_1_11_20) CONFIGURE_ARGS+= --enable-ipv6 PATCH_SITES= ftp://ftp.kame.net/pub/kame/misc/ PATCHFILES= cvs-1.11.19-v6-20050205.diff.gz diff --git a/devel/cvs/distinfo b/devel/cvs/distinfo index 6f660cbe3d5..2bb59932154 100644 --- a/devel/cvs/distinfo +++ b/devel/cvs/distinfo @@ -1,31 +1,31 @@ -$NetBSD: distinfo,v 1.25 2005/03/01 15:36:48 wiz Exp $ +$NetBSD: distinfo,v 1.26 2005/04/19 12:39:18 wiz Exp $ -SHA1 (cvs-1.11.19.tar.bz2) = 0d5e93a4380d02d4b6b41259b538c05d04d9d633 -RMD160 (cvs-1.11.19.tar.bz2) = 3a499e4dd32e4302e61e282ede48598bab0997fa -Size (cvs-1.11.19.tar.bz2) = 2392762 bytes +SHA1 (cvs-1.11.20.tar.bz2) = 47f51a96b5a73e18c96f431f3c494735aa9c0236 +RMD160 (cvs-1.11.20.tar.bz2) = 4f926d661b35dc1bafb5ee5f98487289a907d34d +Size (cvs-1.11.20.tar.bz2) = 2414744 bytes SHA1 (cvs-1.11.19-v6-20050205.diff.gz) = 5cd1519d99c8a6bc124fd5e4daaf5202cde87f07 RMD160 (cvs-1.11.19-v6-20050205.diff.gz) = a6c304badf71464798311f121f3eb2df50501c2f Size (cvs-1.11.19-v6-20050205.diff.gz) = 13004 bytes SHA1 (patch-aa) = 57bcc59a51d44f436d2f79a0752e44e317589650 -SHA1 (patch-ab) = 4a539ac6e37e3dc48ab0c427487806e2f3ff78ae +SHA1 (patch-ab) = 3c5ff65e7a087b2e73e933366aae99b6b5549371 SHA1 (patch-ac) = 4da02fe019da9721afe6f9af0cd1db44214b575e SHA1 (patch-ad) = da297e6f5f1a8ad4cf0c47f7b57f6bbb860ea64c -SHA1 (patch-ae) = 2fcd5c228c0e18a2ea54f0bcee29e200193544c0 -SHA1 (patch-af) = af7e1f8dba74b40129d623b096ddf5a6c5dbefb4 -SHA1 (patch-ag) = e5c273fb784c5e340cbdf7ff182a6ae09c93dc4f +SHA1 (patch-ae) = 3c9083c3d6532505efc530845feaee70158569b5 +SHA1 (patch-af) = 2f809d054c0b215a6668eda3b18e3ea2c5dfab27 +SHA1 (patch-ag) = 5dd358a7dbf5db402d3e56faf49e8748afdd05f2 SHA1 (patch-ah) = 47b9f55979ed65844efe22fb614b105ae247408d -SHA1 (patch-ai) = ef52993cef430675f3efd09ae37cee522fd93369 +SHA1 (patch-ai) = d51b3f1429e73156cbfb7e0480a34ac6ce7a208d SHA1 (patch-ak) = dc51b6899005cbfdbad1876060c7ef53cce3156f -SHA1 (patch-al) = 7f223fd872f96788af499743f07e49d45d64715f +SHA1 (patch-al) = 3f20d43ed1423ae6e811d9ec2d35af4932e84b41 SHA1 (patch-am) = a2a83f3a3788a99f008372f5a8d7ee9a3a6dbf72 SHA1 (patch-an) = 5fda0f44ff5ee165f18cedd43c6adf97a51e6398 SHA1 (patch-ao) = e19a61b0ccb0e71491fb53d553f03d85135ef5c6 SHA1 (patch-ap) = 9aa44fc82540f86aefa14c47f1d2632377a0471f SHA1 (patch-aq) = bc828ae6c5eff55e7952752cb50317e268dcdd7b -SHA1 (patch-ar) = 4c47f223205de1b6afd3858e4161f99550e1d099 -SHA1 (patch-as) = 35e59c65a544cdd8bd8c6808fdf3410c590dd827 +SHA1 (patch-ar) = 89c787d8725c6dc4a91268138749a2ec0ec255b1 +SHA1 (patch-as) = 095bab2722f1885db6c6d9e6f599e07444077c15 SHA1 (patch-at) = 1cbed8c43bda54a851a7ff1b85e78a224cbeeca2 SHA1 (patch-au) = ba788685ee842d07ac866183185e257ce2dcf749 SHA1 (patch-av) = d381dbf50a59d78e0a4bf8fff09b2570988d5647 SHA1 (patch-ay) = 7a0ee5bf1707afeaeb9092ce3faf7fc594044a2b -SHA1 (patch-az) = e732ec022131d3ca23f7193625e4e2f305600fa9 +SHA1 (patch-az) = 4b773728b228af6c69d4e10cf59f1677feaa54ea diff --git a/devel/cvs/patches/patch-ab b/devel/cvs/patches/patch-ab index 594246f8a11..e95230785bf 100644 --- a/devel/cvs/patches/patch-ab +++ b/devel/cvs/patches/patch-ab @@ -1,8 +1,8 @@ -$NetBSD: patch-ab,v 1.14 2005/03/01 15:36:48 wiz Exp $ +$NetBSD: patch-ab,v 1.15 2005/04/19 12:39:18 wiz Exp $ ---- doc/cvs.texinfo.orig 2005-01-31 23:25:55.000000000 +0100 +--- doc/cvs.texinfo.orig 2005-04-14 19:38:46.000000000 +0200 +++ doc/cvs.texinfo -@@ -13504,6 +13504,11 @@ CPU intensive but is not recommended for +@@ -13548,6 +13548,11 @@ CPU intensive but is not recommended for @xref{verifymsg}, for more information on how verifymsg may be used. diff --git a/devel/cvs/patches/patch-ae b/devel/cvs/patches/patch-ae index eb89a620b9d..95dc9e78e96 100644 --- a/devel/cvs/patches/patch-ae +++ b/devel/cvs/patches/patch-ae @@ -1,8 +1,8 @@ -$NetBSD: patch-ae,v 1.9 2005/03/01 15:36:48 wiz Exp $ +$NetBSD: patch-ae,v 1.10 2005/04/19 12:39:18 wiz Exp $ ---- src/rcs.c.orig 2005-01-31 23:15:08.000000000 +0100 +--- src/rcs.c.orig 2005-03-17 17:33:47.000000000 +0100 +++ src/rcs.c -@@ -3498,7 +3498,7 @@ struct rcs_keyword +@@ -3534,7 +3534,7 @@ struct rcs_keyword size_t len; }; #define KEYWORD_INIT(s) (s), sizeof (s) - 1 @@ -11,7 +11,7 @@ $NetBSD: patch-ae,v 1.9 2005/03/01 15:36:48 wiz Exp $ { { KEYWORD_INIT ("Author") }, { KEYWORD_INIT ("Date") }, -@@ -3511,6 +3511,7 @@ static const struct rcs_keyword keywords +@@ -3547,6 +3547,7 @@ static const struct rcs_keyword keywords { KEYWORD_INIT ("Revision") }, { KEYWORD_INIT ("Source") }, { KEYWORD_INIT ("State") }, @@ -19,7 +19,7 @@ $NetBSD: patch-ae,v 1.9 2005/03/01 15:36:48 wiz Exp $ { NULL, 0 } }; enum keyword -@@ -3525,7 +3526,8 @@ enum keyword +@@ -3561,7 +3562,8 @@ enum keyword KEYWORD_RCSFILE, KEYWORD_REVISION, KEYWORD_SOURCE, @@ -29,7 +29,7 @@ $NetBSD: patch-ae,v 1.9 2005/03/01 15:36:48 wiz Exp $ }; /* Convert an RCS date string into a readable string. This is like -@@ -3662,6 +3664,11 @@ expand_keywords (rcs, ver, name, log, lo +@@ -3698,6 +3700,11 @@ expand_keywords (rcs, ver, name, log, lo return; } @@ -41,7 +41,7 @@ $NetBSD: patch-ae,v 1.9 2005/03/01 15:36:48 wiz Exp $ /* If we are using -kkvl, dig out the locker information if any. */ locker = NULL; if (expand == KFLAG_KVL) -@@ -3753,6 +3760,7 @@ expand_keywords (rcs, ver, name, log, lo +@@ -3789,6 +3796,7 @@ expand_keywords (rcs, ver, name, log, lo case KEYWORD_HEADER: case KEYWORD_ID: @@ -49,7 +49,7 @@ $NetBSD: patch-ae,v 1.9 2005/03/01 15:36:48 wiz Exp $ { const char *path; int free_path; -@@ -4402,7 +4410,7 @@ RCS_checkout (rcs, workfile, rev, nameta +@@ -4446,7 +4454,7 @@ RCS_checkout (rcs, workfile, rev, nameta if (info != NULL) { /* If the size of `devtype' changes, fix the sscanf call also */ diff --git a/devel/cvs/patches/patch-af b/devel/cvs/patches/patch-af index 95bf739bf68..9e2a509f150 100644 --- a/devel/cvs/patches/patch-af +++ b/devel/cvs/patches/patch-af @@ -1,8 +1,8 @@ -$NetBSD: patch-af,v 1.11 2005/03/01 15:36:48 wiz Exp $ +$NetBSD: patch-af,v 1.12 2005/04/19 12:39:18 wiz Exp $ ---- src/update.c.orig 2005-01-31 23:18:01.000000000 +0100 +--- src/update.c.orig 2005-03-16 23:01:21.000000000 +0100 +++ src/update.c -@@ -1366,11 +1366,18 @@ VERS: ", 0); +@@ -1368,11 +1368,18 @@ VERS: ", 0); xchmod (finfo->file, 1); else { diff --git a/devel/cvs/patches/patch-ag b/devel/cvs/patches/patch-ag index 19c720a2f54..c533ac7d164 100644 --- a/devel/cvs/patches/patch-ag +++ b/devel/cvs/patches/patch-ag @@ -1,10 +1,10 @@ -$NetBSD: patch-ag,v 1.5 2005/03/01 15:36:48 wiz Exp $ +$NetBSD: patch-ag,v 1.6 2005/04/19 12:39:18 wiz Exp $ ---- lib/xtime.h.orig 2004-11-11 23:30:47.000000000 +0100 +--- lib/xtime.h.orig 2005-03-04 20:05:09.000000000 +0100 +++ lib/xtime.h -@@ -12,6 +12,9 @@ - * functions - */ +@@ -14,6 +14,9 @@ + #ifndef XTIME_HEADER_INCLUDED + #define XTIME_HEADER_INCLUDED +#ifndef _XTIME_H_ +#define _XTIME_H_ @@ -12,9 +12,10 @@ $NetBSD: patch-ag,v 1.5 2005/03/01 15:36:48 wiz Exp $ #ifdef vms # include <time.h> #else /* vms */ -@@ -55,3 +58,5 @@ extern long timezone; - # endif /* !defined(HAVE_FTIME) && !defined(HAVE_TIMEZONE) */ +@@ -58,4 +61,6 @@ extern long timezone; #endif /* !vms */ -+ + +#endif /* !_XTIME_H_ */ ++ + #endif /* !XTIME_HEADER_INCLUDED */ diff --git a/devel/cvs/patches/patch-ai b/devel/cvs/patches/patch-ai index b66e36b8629..8be8a9c9821 100644 --- a/devel/cvs/patches/patch-ai +++ b/devel/cvs/patches/patch-ai @@ -1,8 +1,8 @@ -$NetBSD: patch-ai,v 1.8 2005/03/01 15:36:48 wiz Exp $ +$NetBSD: patch-ai,v 1.9 2005/04/19 12:39:18 wiz Exp $ ---- src/parseinfo.c.orig 2005-01-31 23:14:54.000000000 +0100 +--- src/parseinfo.c.orig 2005-03-16 23:01:21.000000000 +0100 +++ src/parseinfo.c -@@ -355,6 +355,14 @@ parse_config (cvsroot) +@@ -357,6 +357,14 @@ parse_config (cvsroot) goto error_return; } } diff --git a/devel/cvs/patches/patch-al b/devel/cvs/patches/patch-al index 2acc5c7bd6a..8b65acb444a 100644 --- a/devel/cvs/patches/patch-al +++ b/devel/cvs/patches/patch-al @@ -1,8 +1,8 @@ -$NetBSD: patch-al,v 1.10 2005/03/01 15:36:48 wiz Exp $ +$NetBSD: patch-al,v 1.11 2005/04/19 12:39:18 wiz Exp $ ---- src/client.c.orig 2004-11-18 16:45:30.000000000 +0100 +--- src/client.c.orig 2005-03-17 16:47:22.000000000 +0100 +++ src/client.c -@@ -4519,6 +4519,16 @@ start_server () +@@ -4528,6 +4528,16 @@ start_server () error (1, 0, "This server does not support the global -n option."); } diff --git a/devel/cvs/patches/patch-ar b/devel/cvs/patches/patch-ar index 0832a314501..8435a62dab1 100644 --- a/devel/cvs/patches/patch-ar +++ b/devel/cvs/patches/patch-ar @@ -1,8 +1,8 @@ -$NetBSD: patch-ar,v 1.15 2005/03/01 15:36:48 wiz Exp $ +$NetBSD: patch-ar,v 1.16 2005/04/19 12:39:18 wiz Exp $ ---- src/server.c.orig 2004-09-24 21:59:08.000000000 +0200 +--- src/server.c.orig 2005-03-16 20:16:01.000000000 +0100 +++ src/server.c -@@ -773,6 +773,7 @@ E Protocol error: Root says \"%s\" but p +@@ -780,6 +780,7 @@ E Protocol error: Root says \"%s\" but p nothing. But for rsh, we need to do it now. */ parse_config (current_parsed_root->directory); @@ -10,7 +10,7 @@ $NetBSD: patch-ar,v 1.15 2005/03/01 15:36:48 wiz Exp $ path = xmalloc (strlen (current_parsed_root->directory) + sizeof (CVSROOTADM) + 2); -@@ -790,6 +791,7 @@ E Protocol error: Root says \"%s\" but p +@@ -797,6 +798,7 @@ E Protocol error: Root says \"%s\" but p pending_error = save_errno; } free (path); @@ -18,7 +18,7 @@ $NetBSD: patch-ar,v 1.15 2005/03/01 15:36:48 wiz Exp $ #ifdef HAVE_PUTENV env = xmalloc (strlen (CVSROOT_ENV) + strlen (current_parsed_root->directory) + 2); -@@ -2268,8 +2270,12 @@ serve_global_option (arg) +@@ -2276,8 +2278,12 @@ serve_global_option (arg) break; case 'n': noexec = 1; @@ -31,7 +31,7 @@ $NetBSD: patch-ar,v 1.15 2005/03/01 15:36:48 wiz Exp $ case 'q': quiet = 1; break; -@@ -5293,6 +5299,7 @@ switch_to_user (cvs_username, username) +@@ -5301,6 +5307,7 @@ switch_to_user (cvs_username, username) const char *username; { struct passwd *pw; @@ -39,7 +39,7 @@ $NetBSD: patch-ar,v 1.15 2005/03/01 15:36:48 wiz Exp $ pw = getpwnam (username); if (pw == NULL) -@@ -5371,7 +5378,15 @@ error 0 %s: no such system user\n", user +@@ -5379,7 +5386,15 @@ error 0 %s: no such system user\n", user } } diff --git a/devel/cvs/patches/patch-as b/devel/cvs/patches/patch-as index 8fb83ec9bdd..9b0b4761f2c 100644 --- a/devel/cvs/patches/patch-as +++ b/devel/cvs/patches/patch-as @@ -1,8 +1,8 @@ -$NetBSD: patch-as,v 1.7 2005/03/01 15:36:48 wiz Exp $ +$NetBSD: patch-as,v 1.8 2005/04/19 12:39:18 wiz Exp $ ---- src/tag.c.orig 2005-01-31 23:17:45.000000000 +0100 +--- src/tag.c.orig 2005-03-16 20:16:01.000000000 +0100 +++ src/tag.c -@@ -1300,7 +1300,7 @@ Numeric tag %s contains characters other +@@ -1301,7 +1301,7 @@ Numeric tag %s contains characters other /* The tags is valid but not mentioned in val-tags. Add it. */ datum value; diff --git a/devel/cvs/patches/patch-az b/devel/cvs/patches/patch-az index 0e111143e46..1bfdc771c82 100644 --- a/devel/cvs/patches/patch-az +++ b/devel/cvs/patches/patch-az @@ -1,8 +1,8 @@ -$NetBSD: patch-az,v 1.8 2005/03/01 15:36:48 wiz Exp $ +$NetBSD: patch-az,v 1.9 2005/04/19 12:39:18 wiz Exp $ ---- src/modules.c.orig 2005-01-31 23:14:32.000000000 +0100 +--- src/modules.c.orig 2005-03-16 23:01:21.000000000 +0100 +++ src/modules.c -@@ -746,7 +746,8 @@ module `%s' is a request for a file in a +@@ -747,7 +747,8 @@ module `%s' is a request for a file in a cvs_output ("'\n", 0); cvs_flushout (); } @@ -11,4 +11,4 @@ $NetBSD: patch-az,v 1.8 2005/03/01 15:36:48 wiz Exp $ + RUN_NORMAL | RUN_UNSETXID); free (expanded_path); } - free (real_prog); + if (real_prog) free (real_prog); |