summaryrefslogtreecommitdiff
path: root/devel
diff options
context:
space:
mode:
authorwiz <wiz@pkgsrc.org>2005-04-19 12:39:18 +0000
committerwiz <wiz@pkgsrc.org>2005-04-19 12:39:18 +0000
commitab23277b8f0f10efac175509ce1bb18ac52c942b (patch)
treeb2a6527bd4e5fd4b543913694e2f43132c90168f /devel
parent2db407dce86fe73834fe453cc3c02f5d045574ae (diff)
downloadpkgsrc-ab23277b8f0f10efac175509ce1bb18ac52c942b.tar.gz
Update to 1.11.20.
NOTE: currently without IPv6 support, until there is an updated KAME patch for it. Changes: Changes since 1.11.19: ********************** SERVER SECURITY FIXES * Thanks to a report from Alen Zukich, several minor security issues have been addressed. One was a buffer overflow that is potentially serious but which may not be exploitable, assigned CAN-2005-0753 by the Common Vulnerabilities and Exposures Project <http://www.cve.mitre.org>. Other fixes resulting from Alen's report include repair of an arbitrary free with no known exploit and several plugged memory leaks and potentially freed NULL pointers which may have been exploitable for a denial of service attack. * Thanks to a report from Craig Monson, minor potential vulnerabilities in the contributed Perl scripts have been fixed. The confirmed vulnerability could allow the execution of arbitrary code on the CVS server, but only if a user already had commit access and if one of the contrib scripts was installed improperly, a condition which should have been quickly visible to any administrator. The complete description of the problem is here: <https://ccvs.cvshome.org/issues/show_bug.cgi?id=224>. If you were making use of any of the contributed trigger scripts on a CVS server, you should probably still replace them with the new versions, to be on the safe side. Unfortunately, our fix is incomplete. Taint-checking has been enabled in all the contributed Perl scripts intended to be run as trigger scripts, but no attempt has been made to ensure that they still run in taint mode. You will most likely have to tweak the scripts in some way to make them run. Please send any patches you find necessary back to <bug-cvs@gnu.org> so that we may again ship fully enabled scripts in the future. You should also make sure that any home-grown Perl scripts that you might have installed as CVS triggers also have taint-checking enabled. This can be done by adding `-T' on the scripts' #! lines. Please try running `perldoc perlsec' if you would like more information on general Perl security and taint-checking. BUG FIXES * Thanks to a report and a patch from Georg Scwharz CVS now builds without error on IRIX 5.3 DEVELOPER ISSUES * We've standardized on Automake 1.9.5 to get some at new features that make our jobs easier. See the HACKING file for more on using the autotools with CVS.
Diffstat (limited to 'devel')
-rw-r--r--devel/cvs/Makefile12
-rw-r--r--devel/cvs/distinfo26
-rw-r--r--devel/cvs/patches/patch-ab6
-rw-r--r--devel/cvs/patches/patch-ae16
-rw-r--r--devel/cvs/patches/patch-af6
-rw-r--r--devel/cvs/patches/patch-ag17
-rw-r--r--devel/cvs/patches/patch-ai6
-rw-r--r--devel/cvs/patches/patch-al6
-rw-r--r--devel/cvs/patches/patch-ar14
-rw-r--r--devel/cvs/patches/patch-as6
-rw-r--r--devel/cvs/patches/patch-az8
11 files changed, 62 insertions, 61 deletions
diff --git a/devel/cvs/Makefile b/devel/cvs/Makefile
index 7a5318a8aa2..aabd76530f0 100644
--- a/devel/cvs/Makefile
+++ b/devel/cvs/Makefile
@@ -1,12 +1,11 @@
-# $NetBSD: Makefile,v 1.83 2005/04/11 21:45:19 tv Exp $
+# $NetBSD: Makefile,v 1.84 2005/04/19 12:39:18 wiz Exp $
#
-DISTNAME= cvs-1.11.19
+DISTNAME= cvs-1.11.20
CATEGORIES= devel
# (SSL) download URL according to http://www.cvshome.org/ is
-# https://ccvs.cvshome.org/files/documents/19/742/cvs-1.11.19.tar.bz2
-MASTER_SITES= http://distro.ibiblio.org/pub/linux/distributions/sorcerer/sources/cvs/1.11.19/ \
- ${MASTER_SITE_BACKUP}
+# https://ccvs.cvshome.org/files/documents/19/861/cvs-1.11.20.tar.bz2
+MASTER_SITES= ${MASTER_SITE_BACKUP}
EXTRACT_SUFX= .tar.bz2
MAINTAINER= wiz@NetBSD.org
@@ -24,7 +23,8 @@ BUILD_DEFS+= USE_INET6
.if defined(USE_INET6) && !empty(USE_INET6:M[yY][eE][sS]) && \
empty(MACHINE_PLATFORM:MSunOS-5.[89]-*) && \
empty(MACHINE_PLATFORM:MSunOS-5.10-*) && \
- empty(MACHINE_PLATFORM:MLinux-*)
+ empty(MACHINE_PLATFORM:MLinux-*) && \
+ defined(NOT_YET_AVAILABLE_FOR_CVS_1_11_20)
CONFIGURE_ARGS+= --enable-ipv6
PATCH_SITES= ftp://ftp.kame.net/pub/kame/misc/
PATCHFILES= cvs-1.11.19-v6-20050205.diff.gz
diff --git a/devel/cvs/distinfo b/devel/cvs/distinfo
index 6f660cbe3d5..2bb59932154 100644
--- a/devel/cvs/distinfo
+++ b/devel/cvs/distinfo
@@ -1,31 +1,31 @@
-$NetBSD: distinfo,v 1.25 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: distinfo,v 1.26 2005/04/19 12:39:18 wiz Exp $
-SHA1 (cvs-1.11.19.tar.bz2) = 0d5e93a4380d02d4b6b41259b538c05d04d9d633
-RMD160 (cvs-1.11.19.tar.bz2) = 3a499e4dd32e4302e61e282ede48598bab0997fa
-Size (cvs-1.11.19.tar.bz2) = 2392762 bytes
+SHA1 (cvs-1.11.20.tar.bz2) = 47f51a96b5a73e18c96f431f3c494735aa9c0236
+RMD160 (cvs-1.11.20.tar.bz2) = 4f926d661b35dc1bafb5ee5f98487289a907d34d
+Size (cvs-1.11.20.tar.bz2) = 2414744 bytes
SHA1 (cvs-1.11.19-v6-20050205.diff.gz) = 5cd1519d99c8a6bc124fd5e4daaf5202cde87f07
RMD160 (cvs-1.11.19-v6-20050205.diff.gz) = a6c304badf71464798311f121f3eb2df50501c2f
Size (cvs-1.11.19-v6-20050205.diff.gz) = 13004 bytes
SHA1 (patch-aa) = 57bcc59a51d44f436d2f79a0752e44e317589650
-SHA1 (patch-ab) = 4a539ac6e37e3dc48ab0c427487806e2f3ff78ae
+SHA1 (patch-ab) = 3c5ff65e7a087b2e73e933366aae99b6b5549371
SHA1 (patch-ac) = 4da02fe019da9721afe6f9af0cd1db44214b575e
SHA1 (patch-ad) = da297e6f5f1a8ad4cf0c47f7b57f6bbb860ea64c
-SHA1 (patch-ae) = 2fcd5c228c0e18a2ea54f0bcee29e200193544c0
-SHA1 (patch-af) = af7e1f8dba74b40129d623b096ddf5a6c5dbefb4
-SHA1 (patch-ag) = e5c273fb784c5e340cbdf7ff182a6ae09c93dc4f
+SHA1 (patch-ae) = 3c9083c3d6532505efc530845feaee70158569b5
+SHA1 (patch-af) = 2f809d054c0b215a6668eda3b18e3ea2c5dfab27
+SHA1 (patch-ag) = 5dd358a7dbf5db402d3e56faf49e8748afdd05f2
SHA1 (patch-ah) = 47b9f55979ed65844efe22fb614b105ae247408d
-SHA1 (patch-ai) = ef52993cef430675f3efd09ae37cee522fd93369
+SHA1 (patch-ai) = d51b3f1429e73156cbfb7e0480a34ac6ce7a208d
SHA1 (patch-ak) = dc51b6899005cbfdbad1876060c7ef53cce3156f
-SHA1 (patch-al) = 7f223fd872f96788af499743f07e49d45d64715f
+SHA1 (patch-al) = 3f20d43ed1423ae6e811d9ec2d35af4932e84b41
SHA1 (patch-am) = a2a83f3a3788a99f008372f5a8d7ee9a3a6dbf72
SHA1 (patch-an) = 5fda0f44ff5ee165f18cedd43c6adf97a51e6398
SHA1 (patch-ao) = e19a61b0ccb0e71491fb53d553f03d85135ef5c6
SHA1 (patch-ap) = 9aa44fc82540f86aefa14c47f1d2632377a0471f
SHA1 (patch-aq) = bc828ae6c5eff55e7952752cb50317e268dcdd7b
-SHA1 (patch-ar) = 4c47f223205de1b6afd3858e4161f99550e1d099
-SHA1 (patch-as) = 35e59c65a544cdd8bd8c6808fdf3410c590dd827
+SHA1 (patch-ar) = 89c787d8725c6dc4a91268138749a2ec0ec255b1
+SHA1 (patch-as) = 095bab2722f1885db6c6d9e6f599e07444077c15
SHA1 (patch-at) = 1cbed8c43bda54a851a7ff1b85e78a224cbeeca2
SHA1 (patch-au) = ba788685ee842d07ac866183185e257ce2dcf749
SHA1 (patch-av) = d381dbf50a59d78e0a4bf8fff09b2570988d5647
SHA1 (patch-ay) = 7a0ee5bf1707afeaeb9092ce3faf7fc594044a2b
-SHA1 (patch-az) = e732ec022131d3ca23f7193625e4e2f305600fa9
+SHA1 (patch-az) = 4b773728b228af6c69d4e10cf59f1677feaa54ea
diff --git a/devel/cvs/patches/patch-ab b/devel/cvs/patches/patch-ab
index 594246f8a11..e95230785bf 100644
--- a/devel/cvs/patches/patch-ab
+++ b/devel/cvs/patches/patch-ab
@@ -1,8 +1,8 @@
-$NetBSD: patch-ab,v 1.14 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-ab,v 1.15 2005/04/19 12:39:18 wiz Exp $
---- doc/cvs.texinfo.orig 2005-01-31 23:25:55.000000000 +0100
+--- doc/cvs.texinfo.orig 2005-04-14 19:38:46.000000000 +0200
+++ doc/cvs.texinfo
-@@ -13504,6 +13504,11 @@ CPU intensive but is not recommended for
+@@ -13548,6 +13548,11 @@ CPU intensive but is not recommended for
@xref{verifymsg}, for more information on how verifymsg
may be used.
diff --git a/devel/cvs/patches/patch-ae b/devel/cvs/patches/patch-ae
index eb89a620b9d..95dc9e78e96 100644
--- a/devel/cvs/patches/patch-ae
+++ b/devel/cvs/patches/patch-ae
@@ -1,8 +1,8 @@
-$NetBSD: patch-ae,v 1.9 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-ae,v 1.10 2005/04/19 12:39:18 wiz Exp $
---- src/rcs.c.orig 2005-01-31 23:15:08.000000000 +0100
+--- src/rcs.c.orig 2005-03-17 17:33:47.000000000 +0100
+++ src/rcs.c
-@@ -3498,7 +3498,7 @@ struct rcs_keyword
+@@ -3534,7 +3534,7 @@ struct rcs_keyword
size_t len;
};
#define KEYWORD_INIT(s) (s), sizeof (s) - 1
@@ -11,7 +11,7 @@ $NetBSD: patch-ae,v 1.9 2005/03/01 15:36:48 wiz Exp $
{
{ KEYWORD_INIT ("Author") },
{ KEYWORD_INIT ("Date") },
-@@ -3511,6 +3511,7 @@ static const struct rcs_keyword keywords
+@@ -3547,6 +3547,7 @@ static const struct rcs_keyword keywords
{ KEYWORD_INIT ("Revision") },
{ KEYWORD_INIT ("Source") },
{ KEYWORD_INIT ("State") },
@@ -19,7 +19,7 @@ $NetBSD: patch-ae,v 1.9 2005/03/01 15:36:48 wiz Exp $
{ NULL, 0 }
};
enum keyword
-@@ -3525,7 +3526,8 @@ enum keyword
+@@ -3561,7 +3562,8 @@ enum keyword
KEYWORD_RCSFILE,
KEYWORD_REVISION,
KEYWORD_SOURCE,
@@ -29,7 +29,7 @@ $NetBSD: patch-ae,v 1.9 2005/03/01 15:36:48 wiz Exp $
};
/* Convert an RCS date string into a readable string. This is like
-@@ -3662,6 +3664,11 @@ expand_keywords (rcs, ver, name, log, lo
+@@ -3698,6 +3700,11 @@ expand_keywords (rcs, ver, name, log, lo
return;
}
@@ -41,7 +41,7 @@ $NetBSD: patch-ae,v 1.9 2005/03/01 15:36:48 wiz Exp $
/* If we are using -kkvl, dig out the locker information if any. */
locker = NULL;
if (expand == KFLAG_KVL)
-@@ -3753,6 +3760,7 @@ expand_keywords (rcs, ver, name, log, lo
+@@ -3789,6 +3796,7 @@ expand_keywords (rcs, ver, name, log, lo
case KEYWORD_HEADER:
case KEYWORD_ID:
@@ -49,7 +49,7 @@ $NetBSD: patch-ae,v 1.9 2005/03/01 15:36:48 wiz Exp $
{
const char *path;
int free_path;
-@@ -4402,7 +4410,7 @@ RCS_checkout (rcs, workfile, rev, nameta
+@@ -4446,7 +4454,7 @@ RCS_checkout (rcs, workfile, rev, nameta
if (info != NULL)
{
/* If the size of `devtype' changes, fix the sscanf call also */
diff --git a/devel/cvs/patches/patch-af b/devel/cvs/patches/patch-af
index 95bf739bf68..9e2a509f150 100644
--- a/devel/cvs/patches/patch-af
+++ b/devel/cvs/patches/patch-af
@@ -1,8 +1,8 @@
-$NetBSD: patch-af,v 1.11 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-af,v 1.12 2005/04/19 12:39:18 wiz Exp $
---- src/update.c.orig 2005-01-31 23:18:01.000000000 +0100
+--- src/update.c.orig 2005-03-16 23:01:21.000000000 +0100
+++ src/update.c
-@@ -1366,11 +1366,18 @@ VERS: ", 0);
+@@ -1368,11 +1368,18 @@ VERS: ", 0);
xchmod (finfo->file, 1);
else
{
diff --git a/devel/cvs/patches/patch-ag b/devel/cvs/patches/patch-ag
index 19c720a2f54..c533ac7d164 100644
--- a/devel/cvs/patches/patch-ag
+++ b/devel/cvs/patches/patch-ag
@@ -1,10 +1,10 @@
-$NetBSD: patch-ag,v 1.5 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-ag,v 1.6 2005/04/19 12:39:18 wiz Exp $
---- lib/xtime.h.orig 2004-11-11 23:30:47.000000000 +0100
+--- lib/xtime.h.orig 2005-03-04 20:05:09.000000000 +0100
+++ lib/xtime.h
-@@ -12,6 +12,9 @@
- * functions
- */
+@@ -14,6 +14,9 @@
+ #ifndef XTIME_HEADER_INCLUDED
+ #define XTIME_HEADER_INCLUDED
+#ifndef _XTIME_H_
+#define _XTIME_H_
@@ -12,9 +12,10 @@ $NetBSD: patch-ag,v 1.5 2005/03/01 15:36:48 wiz Exp $
#ifdef vms
# include <time.h>
#else /* vms */
-@@ -55,3 +58,5 @@ extern long timezone;
- # endif /* !defined(HAVE_FTIME) && !defined(HAVE_TIMEZONE) */
+@@ -58,4 +61,6 @@ extern long timezone;
#endif /* !vms */
-+
+
+#endif /* !_XTIME_H_ */
++
+ #endif /* !XTIME_HEADER_INCLUDED */
diff --git a/devel/cvs/patches/patch-ai b/devel/cvs/patches/patch-ai
index b66e36b8629..8be8a9c9821 100644
--- a/devel/cvs/patches/patch-ai
+++ b/devel/cvs/patches/patch-ai
@@ -1,8 +1,8 @@
-$NetBSD: patch-ai,v 1.8 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-ai,v 1.9 2005/04/19 12:39:18 wiz Exp $
---- src/parseinfo.c.orig 2005-01-31 23:14:54.000000000 +0100
+--- src/parseinfo.c.orig 2005-03-16 23:01:21.000000000 +0100
+++ src/parseinfo.c
-@@ -355,6 +355,14 @@ parse_config (cvsroot)
+@@ -357,6 +357,14 @@ parse_config (cvsroot)
goto error_return;
}
}
diff --git a/devel/cvs/patches/patch-al b/devel/cvs/patches/patch-al
index 2acc5c7bd6a..8b65acb444a 100644
--- a/devel/cvs/patches/patch-al
+++ b/devel/cvs/patches/patch-al
@@ -1,8 +1,8 @@
-$NetBSD: patch-al,v 1.10 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-al,v 1.11 2005/04/19 12:39:18 wiz Exp $
---- src/client.c.orig 2004-11-18 16:45:30.000000000 +0100
+--- src/client.c.orig 2005-03-17 16:47:22.000000000 +0100
+++ src/client.c
-@@ -4519,6 +4519,16 @@ start_server ()
+@@ -4528,6 +4528,16 @@ start_server ()
error (1, 0,
"This server does not support the global -n option.");
}
diff --git a/devel/cvs/patches/patch-ar b/devel/cvs/patches/patch-ar
index 0832a314501..8435a62dab1 100644
--- a/devel/cvs/patches/patch-ar
+++ b/devel/cvs/patches/patch-ar
@@ -1,8 +1,8 @@
-$NetBSD: patch-ar,v 1.15 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-ar,v 1.16 2005/04/19 12:39:18 wiz Exp $
---- src/server.c.orig 2004-09-24 21:59:08.000000000 +0200
+--- src/server.c.orig 2005-03-16 20:16:01.000000000 +0100
+++ src/server.c
-@@ -773,6 +773,7 @@ E Protocol error: Root says \"%s\" but p
+@@ -780,6 +780,7 @@ E Protocol error: Root says \"%s\" but p
nothing. But for rsh, we need to do it now. */
parse_config (current_parsed_root->directory);
@@ -10,7 +10,7 @@ $NetBSD: patch-ar,v 1.15 2005/03/01 15:36:48 wiz Exp $
path = xmalloc (strlen (current_parsed_root->directory)
+ sizeof (CVSROOTADM)
+ 2);
-@@ -790,6 +791,7 @@ E Protocol error: Root says \"%s\" but p
+@@ -797,6 +798,7 @@ E Protocol error: Root says \"%s\" but p
pending_error = save_errno;
}
free (path);
@@ -18,7 +18,7 @@ $NetBSD: patch-ar,v 1.15 2005/03/01 15:36:48 wiz Exp $
#ifdef HAVE_PUTENV
env = xmalloc (strlen (CVSROOT_ENV) + strlen (current_parsed_root->directory) + 2);
-@@ -2268,8 +2270,12 @@ serve_global_option (arg)
+@@ -2276,8 +2278,12 @@ serve_global_option (arg)
break;
case 'n':
noexec = 1;
@@ -31,7 +31,7 @@ $NetBSD: patch-ar,v 1.15 2005/03/01 15:36:48 wiz Exp $
case 'q':
quiet = 1;
break;
-@@ -5293,6 +5299,7 @@ switch_to_user (cvs_username, username)
+@@ -5301,6 +5307,7 @@ switch_to_user (cvs_username, username)
const char *username;
{
struct passwd *pw;
@@ -39,7 +39,7 @@ $NetBSD: patch-ar,v 1.15 2005/03/01 15:36:48 wiz Exp $
pw = getpwnam (username);
if (pw == NULL)
-@@ -5371,7 +5378,15 @@ error 0 %s: no such system user\n", user
+@@ -5379,7 +5386,15 @@ error 0 %s: no such system user\n", user
}
}
diff --git a/devel/cvs/patches/patch-as b/devel/cvs/patches/patch-as
index 8fb83ec9bdd..9b0b4761f2c 100644
--- a/devel/cvs/patches/patch-as
+++ b/devel/cvs/patches/patch-as
@@ -1,8 +1,8 @@
-$NetBSD: patch-as,v 1.7 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-as,v 1.8 2005/04/19 12:39:18 wiz Exp $
---- src/tag.c.orig 2005-01-31 23:17:45.000000000 +0100
+--- src/tag.c.orig 2005-03-16 20:16:01.000000000 +0100
+++ src/tag.c
-@@ -1300,7 +1300,7 @@ Numeric tag %s contains characters other
+@@ -1301,7 +1301,7 @@ Numeric tag %s contains characters other
/* The tags is valid but not mentioned in val-tags. Add it. */
datum value;
diff --git a/devel/cvs/patches/patch-az b/devel/cvs/patches/patch-az
index 0e111143e46..1bfdc771c82 100644
--- a/devel/cvs/patches/patch-az
+++ b/devel/cvs/patches/patch-az
@@ -1,8 +1,8 @@
-$NetBSD: patch-az,v 1.8 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-az,v 1.9 2005/04/19 12:39:18 wiz Exp $
---- src/modules.c.orig 2005-01-31 23:14:32.000000000 +0100
+--- src/modules.c.orig 2005-03-16 23:01:21.000000000 +0100
+++ src/modules.c
-@@ -746,7 +746,8 @@ module `%s' is a request for a file in a
+@@ -747,7 +747,8 @@ module `%s' is a request for a file in a
cvs_output ("'\n", 0);
cvs_flushout ();
}
@@ -11,4 +11,4 @@ $NetBSD: patch-az,v 1.8 2005/03/01 15:36:48 wiz Exp $
+ RUN_NORMAL | RUN_UNSETXID);
free (expanded_path);
}
- free (real_prog);
+ if (real_prog) free (real_prog);