| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
configure to pass the CFLAGS it has determined which would otherwise get
ignored. Pkgsrc CFLAGS are taken into account by configure already.
Change approved by recht.
|
|
|
|
* Eliminate a potential security vulnerability when decoding invalid compressed data
* Fix bug when decompressing dynamic blocks with no distance codes
* Do not return error when using gzread() on an empty file
|
|
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
|
|
All library names listed by *.la files no longer need to be listed
in the PLIST, e.g., instead of:
lib/libfoo.a
lib/libfoo.la
lib/libfoo.so
lib/libfoo.so.0
lib/libfoo.so.0.1
one simply needs:
lib/libfoo.la
and bsd.pkg.mk will automatically ensure that the additional library
names are listed in the installed package +CONTENTS file.
Also make LIBTOOLIZE_PLIST default to "yes".
|
|
The CVS security ID is CAN-2004-0797.
The fix is same as used by OpenBSD, Debian and Gentoo.
(Didn't see any reference to issue on zlib webpages.)
The OpenBSD announcement "zlib reliabilty fix" says:
"could allow an attacker to crash programs linked
with it."
And the Gentoo announcement says "zlib contains a bug in the handling
of errors in the inflate() and inflateBack() functions. ... An
attacker could exploit this vulnerability to launch a Denial of
Service attack on any application using the zlib library."
PKGREVISION is bumped and BUILDLINK_RECOMMENDED.zlib added to
buildlink3.mk file.
|
|
|
|
using gcc, as we need the ABI specific flags.
|
|
|
|
packages that use builtin.mk files (graphics/xpm and pkgtools/x11-links)
use the new format correctly.
|
|
|
|
|
|
built-in or not into a separate builtin.mk file. The code to deal
checking for built-in software is much simpler to deal with in pkgsrc.
The buildlink3.mk file for a package will be of the usual format
regardless of the package, which makes it simpler for packagers to
update a package.
The builtin.mk file for a package must define a single yes/no variable
USE_BUILTIN.<pkg> that is used by bsd.buildlink3.mk to decide whether
to use the built-in software or to use the pkgsrc software.
|
|
environment overrides all other settings.
|
|
as PREFER_PKGSRC. Preferences are determined by the most specific
instance of the package in either PREFER_PKGSRC or PREFER_NATIVE. If
a package is specified in neither or in both variables, then PREFER_PKGSRC
has precedence over PREFER_NATIVE.
|
|
whether the software is built-in or not. This facilitates implementing
the forthcoming PKGSRC_NATIVE variable.
|
|
spaces, use the :Q modifier instead of double-quoting the value. This
avoids breakage when executing the just-in-time su targets.
|
|
simpler to understand.
|
|
value outside of buildlink-related files.
|
|
BUILDLINK_PREFER_PKGSRC
This variable determines whether or not to prefer the pkgsrc
versions of software that is also present in the base system.
This variable is multi-state:
defined, or "yes" always prefer the pkgsrc versions
not defined, or "no" only use the pkgsrc versions if
needed by dependency requirements
This can also take a list of packages for which to prefer the
pkgsrc-installed software. The package names may be found by
consulting the value added to BUILDLINK_PACKAGES in the
buildlink[23].mk files for that package.
|
|
|
|
BUILDLINK_DEPENDS.zlib instead of adding to it.
fixes a problem where a buildlink dependency would be added on both
zlib>=1.1.4nb1 and zlib>=1.2.1, resulting in various buildlink
breakage.
|
|
|
|
updated package update bumped the zlib shared lib major, which required
that BUILDLINK_DEPENDS.zlib be bumped as well. Rather then requiring
zlib>=1.2.1 for packages that can use the built-in zlib on *BSD systems,
allow those built-in versions to satisfy zlib>=1.1.4nb1 dependencies,
and only require the latest version if no suitable zlib is found.
|
|
pkgviews. Closes PR pkg/24081 by Min Sik Kim.
|
|
* inflate is about 20% faster and minimizes memory allocation
* crc32 is about 50% faster
* new functions and functionality
* more supported architectures
|
|
|
|
recommended by seb :)
|
|
|
|
|
|
buildlink3 framework.
|
|
|
|
Should anybody feel like they could be the maintainer for any of thewe packages,
please adjust.
|
|
|
|
Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled
without vsnprintf or when long inputs are truncated using vsnprintf, allows
attackers to cause a denial of service or possibly execute arbitrary code.
From OpenBSD.
Restore configure target and add check for [v]snprintf.
Bump PKGREVISION.
|
|
cause problems with pkgsrc libtool, eg.
libtool: link: AGE `4' is greater than the current interface number `1'
libtool: link: `1:1:4' is not valid version information
libtool: install: `libz.la' is not a valid libtool archive
|
|
|
|
|
|
libz.so exists in the base system, but the package creates a libz.la.
|
|
|
|
|
|
|
|
buildlink2.mk files back into the main trunk. This provides sufficient
buildlink2 infrastructure to start merging other packages from the
buildlink2 branch that have already been converted to use the buildlink2
framework.
|
|
NetBSD releases that need it. Closes pkg/14782.
|
|
INCOMPAT_GETTEXT that are analogous to INCOMPAT_ICONV and contain lists of
shell wildcards intended to match against ${MACHINE_PLATFORM}. These
variables are used to note those platforms that have the named packages in
the base system but are incompatible in some way from the pkgsrc version
of the same package. Change INCOMPAT_CURSES to have the same sematics as
above. These variables allow much greater precision in specifying which
platforms have broken (for the purposes of pkgsrc) versions of software in
the base system that must be ignored.
The buildlink.mk files for these packages define private _INCOMPAT_*
versions of these variables, and they contain the default lists of
platforms that are known to have incompatible software bits.
This addresses pkg/17775 submitted by Julien T. Letessier
<julien.letessier at sun dot com>.
|
|
Changes since 1.1.3:
- ZFREE was repeated on same allocation on some error conditions.
This creates a security problem described in
http://www.zlib.org/advisory-2002-03-11.txt
- Returned incorrect error (Z_MEM_ERROR) on some invalid data
- Avoid accesses before window for invalid distances with inflate window
less than 32K.
- force windowBits > 8 to avoid a bug in the encoder for a window size
of 256 bytes. (A complete fix will be available in 1.1.5).
|
|
This package works fine under RedHat 5.0 (I'm still trying to work out
what karma I broke in order to be in a position to know this...)
|
|
|
|
|
