Age | Commit message (Collapse) | Author | Files | Lines |
|
The CVS security ID is CAN-2004-0797.
The fix is same as used by OpenBSD, Debian and Gentoo.
(Didn't see any reference to issue on zlib webpages.)
The OpenBSD announcement "zlib reliabilty fix" says:
"could allow an attacker to crash programs linked
with it."
And the Gentoo announcement says "zlib contains a bug in the handling
of errors in the inflate() and inflateBack() functions. ... An
attacker could exploit this vulnerability to launch a Denial of
Service attack on any application using the zlib library."
PKGREVISION is bumped and BUILDLINK_RECOMMENDED.zlib added to
buildlink3.mk file.
|
|
built-in or not into a separate builtin.mk file. The code to deal
checking for built-in software is much simpler to deal with in pkgsrc.
The buildlink3.mk file for a package will be of the usual format
regardless of the package, which makes it simpler for packagers to
update a package.
The builtin.mk file for a package must define a single yes/no variable
USE_BUILTIN.<pkg> that is used by bsd.buildlink3.mk to decide whether
to use the built-in software or to use the pkgsrc software.
|
|
environment overrides all other settings.
|
|
as PREFER_PKGSRC. Preferences are determined by the most specific
instance of the package in either PREFER_PKGSRC or PREFER_NATIVE. If
a package is specified in neither or in both variables, then PREFER_PKGSRC
has precedence over PREFER_NATIVE.
|
|
whether the software is built-in or not. This facilitates implementing
the forthcoming PKGSRC_NATIVE variable.
|
|
spaces, use the :Q modifier instead of double-quoting the value. This
avoids breakage when executing the just-in-time su targets.
|
|
simpler to understand.
|
|
value outside of buildlink-related files.
|
|
BUILDLINK_PREFER_PKGSRC
This variable determines whether or not to prefer the pkgsrc
versions of software that is also present in the base system.
This variable is multi-state:
defined, or "yes" always prefer the pkgsrc versions
not defined, or "no" only use the pkgsrc versions if
needed by dependency requirements
This can also take a list of packages for which to prefer the
pkgsrc-installed software. The package names may be found by
consulting the value added to BUILDLINK_PACKAGES in the
buildlink[23].mk files for that package.
|
|
|
|
BUILDLINK_DEPENDS.zlib instead of adding to it.
fixes a problem where a buildlink dependency would be added on both
zlib>=1.1.4nb1 and zlib>=1.2.1, resulting in various buildlink
breakage.
|
|
|
|
updated package update bumped the zlib shared lib major, which required
that BUILDLINK_DEPENDS.zlib be bumped as well. Rather then requiring
zlib>=1.2.1 for packages that can use the built-in zlib on *BSD systems,
allow those built-in versions to satisfy zlib>=1.1.4nb1 dependencies,
and only require the latest version if no suitable zlib is found.
|
|
recommended by seb :)
|
|
|
|
|
|
buildlink3 framework.
|