| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
are a lot of woolly things going on here, so PKGREVISION++ as a
precaution.
|
|
PKGREVISION++, because I changed some things around.
|
|
|
|
|
|
"HTTP header injection" attacks
|
|
|
|
Noticed by Aleksej Saushev in PR 39403.
|
|
CVE-2008-3144 (this one shouldn't affect platforms supported by pkgsrc)
all taken from Gentoo. Bump package revision.
|
|
patch with a more tolerant version of patch (like netbsd's) gives two
copies of the definitions in the same file, with who knows what
consequences. Applying the patch with a less tolerant version of patch
fails.
So, remove it, and bump PKGREVISION just in case.
|
|
Submitted by Aleksej Saushev in PR pkg/39406.
|
|
than once. Bump revision again.
|
|
Bump revision.
|
|
|
|
DESTDIR support
Fix unbalanced ' in configure.
|
|
|
|
Reported by Aleksej Saushev.
|
|
packages.
|
|
which makes integration with PEAR a little simpler.
PKGREVISION++
|
|
whee.)
PKGREVISION++.
|
|
PKGREVISION++.
|
|
Also updates some root certificates and imports tzdata2008b.
Sun's release notes are at
http://java.sun.com/j2se/1.5.0/ReleaseNotes.html#150_16
|
|
|
|
ECL stands for Embeddable Common-Lisp. The ECL project is an effort to
modernize Giuseppe Attardi's ECL environment to produce an implementation of
the Common-Lisp language which complies to the ANSI X3J13 definition of the
language.
|
|
These packages are implicitly updated with distfile update only.
databases/ruby-gdbm
devel/ruby-readline
lang/ruby
lang/ruby18
Here's quote from release announce:
Sorry for a fuss, but it turned out that taintness check of dl in last
releases I made was incomplete. Here are fixes for that.
And relevant changes:
Mon Aug 11 09:37:17 2008 Yukihiro Matsumoto <matz@ruby-lang.org>
* ext/dl/dl.c (rb_str_to_ptr): should propagate taint to dlptr.
* ext/dl/dl.c (rb_ary_to_ptr): ditto.
* ext/dl/sym.c (rb_dlsym_call): should check taint of DLPtrData as
well.
|
|
Bump package revision because of a package list fix.
|
|
bump PKGREVISION
|
|
Suggested by riz@ in PR 39312
|
|
pkgsrc change:
Apply fix for sunpro compilre, provided by PR pkg/37771 from
Naoto Morishima.
This release includes fix for multiple vulnerabilities.
http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
* Several vulnerabilities in safe level
* DoS vulnerability in WEBrick
* Lack of taintness check in dl
* DNS spoofing vulnerability in resolv.rb
Full changes are too many, please refer ChangeLog file.
|
|
|
|
integer overflow in the vsnprintf replacement function.
This is likely not a real problem, and the patch wasn't pulled to
the upstream 2.4 branch, but so we can formally declare our 2.4
as not vulnerable now.
|
|
allocation (CVE-2008-3142), ride on PKGREVISION bump some minutes ago
|
|
memory allocation (CVE-2008-2315)
|
|
- the build system now sets the SONAME field of libchicken.so under Linux
- added use of unit ports to unit extras and chicken-setup
- unit utils and extras: moved port extensions to unit ports
- new unit ports
- some fixes to the build system when USE_HOST_PCRE is set
- fixed an allocation bug in decode_literal
- bug fix for bitwise-or use [Joerg Wittenberger]
- bug fix pointer->address
- other bug fixes
|
|
|
|
pointed out in PR 39234.
|
|
|
|
|
|
Changes in 6.8.3:
* The arguments to ghc-pkg now understand lists and wildcards, and
there is a new command ghc-pkg find-module.
* The filename completion in ghci is now more intelligent.
* We now look for GHCi config files in these locations:
./.ghci
$HOME/.ghc/ghci.conf
$HOME/.ghci
* You can now give multiple -e options to GHC.
* You can now use the -prof and -threaded flags together, although
you cannot also use +RTS -N2.
* SCC names are no longer allowed to contain spaces, as some of the
profiling tools break if they do.
* Various changes have been made to GHC's internals, so there are some
differences in the API exposed by the ghc package. Most notably,
checkAndLoadModule has now been implemented.
|
|
- Fixed infinite loop when a character is output to a port
whose character encoding does not support the character (e.g. (display
(integer->char 1000)) when character encoding is ISO-8859-1).
- Added procedures to extract the threads and thread
groups contained in a thread group (thread-group->thread-list,
thread-group->thread-vector, thread-group->thread-group-list,
thread-group->thread-group-vector).
- Renamed open-process' show-window: setting to the more
reasonable show-console: since it controls the visibility of the
console.
- Added readtable-max-unescaped-char and
readtable-max-unescaped-char-set which control the external syntax of
characters in symbol, string and character objects written with the
write and pretty-print procedures.
- Added tcp-server-socket-info to get the IP address and
port-number of a tcp-server-port (useful when the server port was
created with a kernel assigned port-number, i.e. setting port-number:
0).
- Fixed incorrect calls to ___P macro in lib/*.c, and added
lib/check___P script to automatically detect such calls (script
contributed by Derek Peschel).
- Added a "terminate" interrupt which terminates the Gambit
process cleanly (all the exit jobs are executed before exiting). On
Unix this interrupt is raised by the SIGTERM signal so a "kill 1234"
where 1234 is the pid of the Gambit process will terminate the process.
On Windows the interrupt occurs when the console window is closed or
the system is shutting down (however currently the system hangs while
executing the exit jobs).
- Fixed handling of incomplete characters at end-of-file,
which are now handled like illegal characters (error signaled unless
char-encoding-errors setting is set to #f).
- Fixed recently introduced bug in handling of end-of-line
encoding.
- Added escaping of non-graphical characters in symbols:
(string->symbol (string (integer->char 255))) gives |\377| .
- Protect gcc extension _builtin_expect with GCC version >= 3
because old gcc versions (up to 2.95.3 it seems) did not have that
extension.
- Added char-encoding-errors: setting to open-file to
enable/disable character encoding error checking, and -:fr and -:fR
runtime options to select the default setting for file I/O (on/off).
- Removed non-ASCII characters from lib/_num.scm .
- Fixed error introduced with end-of-line encoding of the history
file.
- Changed end-of-line encoding from lf to cr-lf when reading
source code. This makes the load procedure and the compiler more lenient
when reading source code with non-Unix-style end-of-line encoding. This
means that source code with a string containing a CR/LF sequence will
construct a string with a single #\newline character (previously both$
#\return and #\newline were put in the string).
- Fixed compiler crash when compiling files containing the forms
#123, #, ##, etc (file location information was not properly attached to
expression)
- Improve error messages produced by the C compiler when it
compiles a file generated by a different version of the Gambit compiler.
|
|
Removing patch-ad: Issue fixed upstream.
User visible changes:
* CLISP built natively on 64-bit platforms (i.e., with 64-bit pointers)
now has :WORD-SIZE=64 in *FEATURES*.
See <http://clisp.cons.org/impnotes/features.html> for details.
* Module syscalls now offers OS:ERRNO and OS:STRERROR (for the sake of
FFI modules).
See <http://clisp.cons.org/impnotes/syscalls.html#errno> for details.
* Modules MIT-CLX and NEW-CLX export a new macro XLIB:WITH-OPEN-DISPLAY.
* Module netica has been upgraded to the Netica C API version 3.25 (from 2.15).
See <http://clisp.cons.org/impnotes/netica.html> for details.
* Module libsvm has been upgraded to the upstream version 2.86.
See <http://clisp.cons.org/impnotes/libsvm.html> for details.
* Bug fixes:
+ Work around the absence of tgamma() on solaris.
+ Avoid a rare segfault on SIGHUP.
+ Improve module portability to systems with non-GNU make.
+ Fix GRAY:STREAM-READ-SEQUENCE and GRAY:STREAM-WRITE-SEQUENCE.
+ Fix the remaining bugs in special bindings in evaluated code on
TYPECODES (64-bit) platforms.
+ Fix SOCKET:SOCKET-CONNECT with timeout to a dead port.
|
|
the right config. Bump revision.
|
|
|
|
Note that the tcl bindings are not (yet) built. Next time...
pkgsrc changes not trivial but should be invisible.
Changelog:
Changes since 1.0 release;
=========================
Added new (experimental) builtin function groups:
"DBM" -- "ndbm" keyed database access
"COM" -- COM/OLE Automation on Win32
"STCL" -- SNOBOL/Tcl interface (optional)
New library "dynamic.sno" to help compile/link
dynamicly loadable extensions.
Added HTTP.POST function to http.sno
Handle environments where pointers can have high order bit set
Linux 2.6 kernels in Fedora Core, SuSE 10 distributions
Avoid broken "install" utilities
autoconf compatibility: Honor CC, CFLAGS, CPPFLAGS,
LDFLAGS, DESTDIR environment variables.
Fix compilation on pre-panther OSX
Fix second argument to DEFINE(): was not case folded!
Fix backtracking over unevaluated expressions
Source &FILE and &LINE shown in TRACE output
Experimental: GC stats & tracing (-g on command line, >RACE keyword)
Completed support for "memory I/O" when CSNOBOL4 used as a library!
Added "PREDICATE" and "SYSPRED" return types in wrapper.sno
Changes since 0.99.44 release;
=============================
Added snolib(3) man page for SNOBOL4 library routines
Treat all bytes with 8th bit set as ALPHA on ASCII systems
allows UTF-8 encoded characters, and national
character sets to used in labels and identifiers!
command line:
-S option to enlarge interpreter stack
configure:
added --mandir & --bindir
IPv6 Support (both client and server)
bi-directional "pipe" I/O on systems with sockets
"privileged" port binding for UDP
Lots of cleanup!
DJGPP (DOS gcc) fixes
default to -O3 with gcc
add C prototypes for all functions
(function declarations still "K&R" style)
MINGW (Win32 gcc) fixes
Fix LOAD() on Darwin (MacOS X)
Fix timing script on Debian
Ported to HP-UX/IA64
VMS: LOAD() support (not tested)
Compilation on VMS7.3
support magic pathnames "/dev/null" and "/dev/tty"
Win32: native (low overhead) support for character console I/O
support magic pathnames "/dev/null" and "/dev/tty"
fixed UDP I/O
Fix for parallel make (GNU make, BSD make)
Compilation under MS Visual Studio .NET 2003
Make struct descr packable (BITFIELDS_SAME_TYPE)
Check for oversize integer constants (ERANGE from strtol())
Changes since 0.99.4 release;
============================
Command line:
-d (dynamic region size) and -M (pattern match stack size)
now take values in descriptors
-v shows CSNOBOL4 version
Increased default dynamic space to 64K descriptors
Fix faulty lexical comparison function optimzations for null string
Performance improvments;
New string hash function
(reduced both compilation and run time of genc.sno by 5%)
Optimized most common case (CONTIN actions) in
"stream" operation used for lexical analysis.
(reduced compilation time of genc.sno by 8%)
Merged all scanner (pattern matching) functions into
single C function (eliminates mutual recursion, stack
overflows)
genc runtime reduced 15%
atn.sno runtime reduced by 63%!! (2.7x faster)
worst case (4096 char string) reduced 69% (4.8x faster)
snocone self-compile runtime reduced 5%
Made pattern building functions (lib/pat.c) inlinable
(8% reduction in genc.sno compile time)
Eliminate space padding on lines read by compiler
(reduced genc.sno compile time by 65%)
Raised default C compiler optimization levels
Default &MAXLNGTH to largest possible string
Documentation:
README file describes available includes
Include PDF of manual page
Implement fatal "Output error" for output, ENDFILE() errors
Configuration script re-write;
Eliminate static config files & autoconf script
configure generates config.m4 and config.h
(with all defines) for use by loadable functions
New configuration options;
**** see "INSTALL" file for more information ****
--add-define=
Add a #define to config.h (visible to external functions)
--double
EXPERIMENTAL option to use C "double" for SNOBOL4 REAL data type
--fast
Architecture specific optimizations on native compilers
--longlong
EXPERIMENTAL!!
try to use C "long long" (64-bit integer) for INTEGER datatype
when longs/pointers are only 32-bits (ILP32 data model).
--lp64
Request use of 64-bit long/pointer data model
if available on this architecture, and not the default.
--no-opt
Compile without optimization
New SNOBOL library files (see README);
compatibility libraries:
fence.sno, logic.sno, not.sno
spitbol.sno, snobol4+.sno
HOST() function codes:
host.sno
URL (http:, ftp:, file:) access functions
Use large files (64-bit offsets) where available. Allows access
and creation of files larger than 2GB
New functions;
FUNCTION() -- predicate to test if a function is defined
** EXPERIMENTAL **
LABEL() -- predicate to test if a label is defined
idea from Steve Duff's version of Macro SPITBOL
ORD() -- inverse of CHAR()
SERV_LISTEN() -- act as TCP server
SSET() -- scaled SET() allow large files when INTEGER is 32bits
VDIFFER() -- returns first arg if two arguments DIFFER()
idea from Steve Duff's version of Macro SPITBOL
Extended HOST() functions (see host.sno) for system diagnosis
HOST() function will accept REAL or integer encoded STRING args
TIME() function now returns REAL datatype allows both better
resolution (for small values) and larger range. Using
32-bit floats, runtimes larger than four and a half
hours will lose resolution.
Statistics reports compiler and execution times as REAL numbers
Average statement runtime reported in microseconds (us).
Allow a REAL any place an INTEGER is required (from SNOBOL4+)
Contexts include TABLE(), ITEM(), array indices,
INPUT(), OUTPUT(), SET(), keyword values, CHAR(),
RPAD(), LPAD(), FIELD(), COLLECT(), DUMP(), DUPL(),
OPSYN(), and SUBSTR()
load.h updates;
all RETxxx macros safe in any context
RETSTR() takes single argument, allows NULL pointer
RETSTR2() has old RETSTR() functionality
RETINT() and RETREAL() always set return data type.
All include files needed to build loadable functions
installed in SNOLIB directory
Include BSD tsort program; allow builds from scratch
on platforms with GNU tsort (Linux, Cygwin)
New ports;
Ported to Darwin (MacOS X)
Ported to Cygwin (http://cygwin.com), a free Unix emulation
environment for Windows.
Attempt at native Win32 port
Updated Borland C port
Updated VMS port; pipe open support, attempt at tty support
|
|
Buried (deeply) in PR pkg/39079 from Aleksej Saushev.
Ride previous version change again.
|
|
Noted by Aleksej Saushev in PR pkg/39079.
Ride previous version change.
|
|
Also update the tk dep to no longer demand tk83. It does not seem to
work all that well with tk84, but it works about the same as it does
with tk83. And depend explicitly on tcl; that was missing.
Primary changes since 1.2.1 seem to be GPLv2 -> GPLv3 and
whitespace/reindenting, but there seems to be a bit more in there
too. There's also now a 12 meg kdevelop blob in the distfile, yay.
Changelog:
GNU Sather 1.2.3 - Jul 7, 2007 - Michael R. Taylor
* Made INT 32-bit even on 64-bit systems
* Changed license to (GPLv3/LGPLv3) or later
There's no changelog for 1.2.2, dunno why.
|
|
Noticed by Zafer Aydogan via private mail.
|
|
Fixes PR 39081
PKGREVISION++
|
|
Solves PR pkg/38510.
Bump PKGREVISION.
|
|
which can be exploited to cause a denial of service through memory
exhaustion. (SN-2008-02)
|
