| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Backport of upstream change. See
https://github.com/gdraheim/zziplib/commit/eaba986ff3e6b29539d693fdab7189682dc72351
|
|
libzzip.dylib. Pass -f along with ln -s in the APPLE cases, too, so none
of the bash install scripts exit early due to ln giving "File exists".
Bump PKGREVISION.
|
|
|
|
Use portable switches to `ln'
|
|
This now uses cmake to build.
2021-01-04 gdraheim@github
* The testbuilds were fixed to make cmake install and automake install the same
* The cmake install did need patches for man3 installation on Unix
* The cmake install did need patches for dll installation on Windows
* The cmake install did need patches for dylib installation on MacOS
* The cmake install did need patches for pkgconfig generation
* Bump testbuilds to modern distro versions (ubuntu 20.04 centos 7.9 / 8.3)
* Takeover docker_mirror.py for air-gap testings (for testbuilds.py)
* handle UNZZIP-NOTFOUND in cmake and mark Ubuntu 'unzip' to be broken
* merge patches for zzip_pread feature from Max Kellermann
* merge patches for some bugs being found and reported via GitHub issues
* run azure-pipelines with -DZZIP_TESTCVE=OFF to skip CVE *.zip downloads
* use zziptests.py --downloadonly to get the CVE zip files for local storage
* The ninja builds for cmake were run regularly as it seems to be widely used.
* AND ... rename configure.ac to old.configure.ac to break outdated packaging scripts
* ....... see testbuilds/*-am-*.dockerfile that it still works to rename them back
* release 0.13.72
|
|
Recreate patch-ba as patch-configure and add comment.
2020-04-14 gdraheim@github
* The testbuilds allow to compile and test for different os via docker
* The testbuilds allow to compare new cmake to automake install results
* Found fixes to bring base, sdl, manpages and site docs to same level
* release 0.13.71
2020-04-14 gdraheim@github
* there have been tons of bugfixes over the last two years ...
* Thanks go to Patrick Steinhardt (then at Aservo) for python3 updates
* Thanks go to Josef Moellers (working at SUSE Labs) for many CVE fixes
* and of course all the other patches that came in via github issues.
* I have cleaned up sources to only uses Python3 (as needed by 2020).
* !!! The old automake/autconf/libtool system will be dumped soon!!!
* The build system was ported to 'cmake' .. (last tested cmake 3.10.2)
* release 0.13.70
|
|
pkglint -Wall -F --only aligned --only indent -r
No manual corrections.
|
|
Changes:
2018-03-15 guidod <guidod@gmx.de>
* fix a number of CVEs reported with special *.zip PoC files
* man-pages are generated with new dbk2man.py - docbook xmlto is optional now
* completing some doc strings while checking the new man-pages to look good
* allow the zziptests.py testsuite to run with an installed /bin path
* try to fix some issues on testing with non-installed binaries on non-linux platfors
* update autotools to allow compiling on some newer Mac / Win machines
* a zip-program is still required for testing, but some errors are gone when not there
* complete the approximation of fnmatch for the test binaries (on platforms without)
* allow windows __mmap.h to be simpler, helping with some problems on MingW
* integrate 'fopen("wb")' from TexLive to be more portable across
* more portability as well for helpers like strnlen being used in the sources
* update doc refs to point to github instead of sf.net
* update the sf.net pages to have a prominent hint on newer github.com location
* release v0.13.69
|
|
Changelog:
2018-02-02 guidod <guidod@gmx.de>
* fix a number of CVEs reported with special *.zip files
* the testsuite has been expanded to cover all the CVEs
* some minor doc updates referencing GitHub instead of sf.net
* release v0.13.68
|
|
2017-06-11 guidod <guidod@gmx.de>
* fix portability issues by introducing <zzip/__mkdir.h>
* fix portability issues by introducing <zzip/__string.h> for strndup
* reuse portability header <zzip/__fnmatch.h> in bins/*.c
* release v0.13.67
|
|
|
|
fixing: CVE-2017-5974 CVE-2017-5975 CVE-2017-5976 CVE-2017-5978 CVE-2017-5981
Upstream changelog:
2017-04-24 guidod <guidod@gmx.de>
* common frontend 'unzzip.c' for example code in unzzip*-xx.c
* expand testcases to cover all of big/mem/mix/zap variants
* release v0.13.66
2017-04-23 guidod <guidod@gmx.de>
* turn the testsuite from makefile into python unittest format
* extend 'make check' testsuite to cover non-libzzip extensions
* fix unzzipcat-seeko and unzzipcat-mem to match the testsuite
* release v0.13.65
2017-04-20 guidod <guidod@gmx.de>
* check patches in opensuse builds, mostly for some CVE reports
2012-09-15 guidod <guidod@gmx.de>
* zzip.h, plugin.h: "};" at end of extern-C produces build errors with
the default --pedantic-errors on newer CMake. Thanks to Keith Thompson
recognizing it - see http://stackoverflow.com/questions/12384280/
2012-03-11 guidod <guidod@gmx.de>
* configure.ac: fallback to libtool -export-dynamic unless being sure to
use gnu-ld --export-dynamic. The darwin case is a bit special here
as the c-compiler and linker might be from different worlds.
* next 0.13.62 - needs a fix for mingw
(-mconsole is not a linker option, only the gcc should see it)
2010-12-30 guidod <guidod@gmx.de>
* done 0.13.60 release, tagged, and announced.
* prepare 0.13.61
2010-12-29 guidod <guidod@gmx.de>
* Makefile.am: allow nonstaic build
* wrap fd.open like in the Fedora patch
2010-12-28 guidod <guidod@gmx.de>
* zziplib.spec - simplify the spec based on distro specs.
2010-12-27 guidod <guidod@gmx.de>
* adding fetch.h/fetch.c to msvc8/zziplib.vcproj to allow
tests with Visual Studio C++ Express 2005
2010-12-27 guidod <guidod@gmx.de>
* fix stat.c to check ZZIP_CASELESS instead of the deprecated
ZZIP_CASEINSENSITIVE. The latter is still recognized for
compatibility reasons and implicitly mapped to ZZIP_CASELESS.
* fixes the zziplib-Patches-3078188 which reported the bug.
2010-12-27 guidod <guidod@gmx.de>
* apply patches by Peter Breitenlohner for better compatibility
with AIX host system. Also the Sun Studio compiler insists on
static inline functions or else assumes extern inline.
* also fixes zziplib-Patches-3011551 on the AIX problem.
2010-12-27 guidod <guidod@gmx.de>
* add hints that the ext_io plugin handlers should be static.
2010-05-09 guidod <guidod@gmx.de>
* zzip/__fnmatch.h: add include <string.h> to make mingw32 happy.
Patches item #2995373 by Gregory Smith
2010-05-08 guidod <guidod@gmx.de>
* SDL/Makefile.am: fix generation of sdl-uninstalled.pc that was
not recognized during compilation.
2010-04-05 guidod <guidod@gmx.de>
* Makefile.am: fix "osc rm" and fix "test-sdl" if SDL was not found.
* configure.ac: SDL example builds on pkgconfig/sdl.pc which
was introduced with SDL 1.2.11 - CentOs5 ships 1.2.10 which
does only have "sdl-config" and it made for a mismatch in
in the build configuration: sdl-devel yes, pkgconfig sdl no.
* zzip/zip.c (__zzip_parse_root_directory): move the check for
zzip_disk_entry_check_magic to be after the the check that
the seek-value is more than a header's size before the end.
(based on a segfault report by Tulipánt Gergely when the
new modulo_entries code is enabled (which is off by default))
2010-03-30 guidod <guidod@gmx.de>
* zzip/Makefile.am: fixing symlinks for lib* - use only for Linux
Thanks to Ryan Schmidt (macports):
... likes to install some symlinks that don't make sense on Mac OS X:
$ ls -l /opt/local/lib/*zzip*so*
lrwxr-xr-x /opt/local/lib/libzzip*.so.10 -> libzzip*.so.13
lrwxr-xr-x /opt/local/lib/libzzip*.so.11 -> libzzip*.so.13
lrwxr-xr-x /opt/local/lib/libzzip*.so.12 -> libzzip*.so.13
Yes, the filenames literally contain an asterisk.
|
|
Fix inline function error reference:
work/zziplib-0.13.59/zzip/.libs/libzzip.so: undefined reference to `__zzip_aligned4'
Replace _zzip_inline with regular static inline.
|
|
headers while here.
|
|
Problems found with existing distfile for eagle:
distfiles/bicom101.zip
distfiles/szip-2.1nb3/szip-2.1.tar.gz
distfiles/xmill-0.9.1.tar.gz
No changes made to these distinfo files.
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
|
|
|
|
|
|
* Bug-fix release.
|
|
without gnu-ld
|
|
|
|
|
|
as /usr/pkg/lib/libzzip*.so.10 -> libzzip*.so.13
|
|
Major change since 0.10.x:
There were some problematic zip files out there that can trigger
segfaults in 0.10.x. Later zzip file decoders have extra checks and
helper routines for that.
|
|
|
|
This changes the buildlink3.mk files to use an include guard for the
recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS,
BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new
variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of
enter/exit marker, which can be used to reconstruct the tree and
to determine first level includes. Avoiding := for large variables
(BUILDLINK_ORDER) speeds up parse time as += has linear complexity.
The include guard reduces system time by avoiding reading files over and
over again. For complex packages this reduces both %user and %sys time to
half of the former time.
|
|
|
|
for ssize_t et.al.)
|
|
in zzip_open_shared_io(), it was reported as CVE-2007-1614.
Bump PKGREVISION.
|
|
Bump PKGREVISION.
|
|
and add a new helper target and script, "show-buildlink3", that outputs
a listing of the buildlink3.mk files included as well as the depth at
which they are included.
For example, "make show-buildlink3" in fonts/Xft2 displays:
zlib
fontconfig
iconv
zlib
freetype2
expat
freetype2
Xrender
renderproto
|
|
of the order in which buildlink3.mk files are (recursively) included
by a package Makefile.
|
|
|
|
that they look nicer.
|
|
|
|
RECOMMENDED is removed. It becomes ABI_DEPENDS.
BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo.
BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo.
BUILDLINK_DEPENDS does not change.
IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS
which defaults to "yes".
Added to obsolete.mk checking for IGNORE_RECOMMENDED.
I did not manually go through and fix any aesthetic tab/spacing issues.
I have tested the above patch on DragonFly building and packaging
subversion and pkglint and their many dependencies.
I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I
have used IGNORE_RECOMMENDED for a long time). I have been an active user
of IGNORE_RECOMMENDED since it was available.
As suggested, I removed the documentation sentences suggesting bumping for
"security" issues.
As discussed on tech-pkg.
I will commit to revbump, pkglint, pkg_install, createbuildlink separately.
Note that if you use wip, it will fail! I will commit to pkgsrc-wip
later (within day).
|
|
developer is officially maintaining the package.
The rationale for changing this from "tech-pkg" to "pkgsrc-users" is
that it implies that any user can try to maintain the package (by
submitting patches to the mailing list). Since the folks most likely
to care about the package are the folks that want to use it or are
already using it, this would leverage the energy of users who aren't
developers.
|
|
|
|
|
|
|
|
|
|
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
|
|
All library names listed by *.la files no longer need to be listed
in the PLIST, e.g., instead of:
lib/libfoo.a
lib/libfoo.la
lib/libfoo.so
lib/libfoo.so.0
lib/libfoo.so.0.1
one simply needs:
lib/libfoo.la
and bsd.pkg.mk will automatically ensure that the additional library
names are listed in the installed package +CONTENTS file.
Also make LIBTOOLIZE_PLIST default to "yes".
|
|
|
|
support is useless in pkgsrc anyway, and it breaks the build on several
platforms because of confusion over what the build dir is to be
called. (possibly because of CONFIG_SUB_OVERRIDE?)
|
|
|
|
by moving the inclusion of buildlink3.mk files outside of the protected
region. This bug would be seen by users that have set PREFER_PKGSRC
or PREFER_NATIVE to non-default values.
BUILDLINK_PACKAGES should be ordered so that for any package in the
list, that package doesn't depend on any packages to the left of it
in the list. This ordering property is used to check for builtin
packages in the correct order. The problem was that including a
buildlink3.mk file for <pkg> correctly ensured that <pkg> was removed
from BUILDLINK_PACKAGES and appended to the end. However, since the
inclusion of any other buildlink3.mk files within that buildlink3.mk
was in a region that was protected against multiple inclusion, those
dependencies weren't also moved to the end of BUILDLINK_PACKAGES.
|
|
|
|
Should fix bulk build.
|
|
relative to ${WRKSRC}. Remove redundant LIBTOOL_OVERRIDE settings that
are automatically handled by the default setting in bsd.pkg.mk.
|
|
|
