Age | Commit message (Collapse) | Author | Files | Lines |
|
MAKE_JOBS=2 and worked without.
|
|
|
|
approved by agc
|
|
This changes the buildlink3.mk files to use an include guard for the
recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS,
BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new
variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of
enter/exit marker, which can be used to reconstruct the tree and
to determine first level includes. Avoiding := for large variables
(BUILDLINK_ORDER) speeds up parse time as += has linear complexity.
The include guard reduces system time by avoiding reading files over and
over again. For complex packages this reduces both %user and %sys time to
half of the former time.
|
|
lib/krb5/os/dnsglue.c uses statbuf structure before zeroing it.
Solaris requires it be zeroed first... all kerberos programs that
use dns lookup crash. Zeroing before use does not break anything
on any other platforms.
Bump PKGREVISION.
|
|
MITKRB5-SA-2008-002. Bump PKGREVISION now finally.
|
|
will be bumped again once some other patches are in.
|
|
supported yet. Don't bump revision as the package didn't build before.
|
|
- telnetd username and environment sanitizing vulnerabilities ("-f root")
as described in MIT Kerberos advisory 2007-001.
- krb5_klog_syslog() problems with overly long log strings as described
in MIT Kerberos advisory 2007-002.
- GSS API kg_unseal_v1() double free vulnerability as described in the
MIT Kerberos advisory 2007-003.
|
|
|
|
things are restricted, pkgsrc's labeling rules aren't intended to
address export control issues, and there are vast numbers of packages
with apparently similar export control status and no RESTRICTED.)
|
|
Patch provided by Sergey Svishchev in private mail.
|
|
Addresses PR pkg/34252 by Matthias Petermann.
Also delint a bit.
|
|
"An unauthenticated user may cause execution of arbitrary code in
kadmind, which can compromise the Kerberos key database and host
security. (kadmind usually runs as root.) Unsuccessful exploitation,
or even accidental replication of the required conditions by
non-malicious users, can result in kadmind crashing."
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-002-rpc.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6143
Patch from MIT.
|
|
"A security issue has been reported in Kerberos, which potentially can
be exploited by malicious, local users to perform certain actions with
escalated privileges.
The security issue is caused due to missing checks for whether the
"setuid()" call has succeeded in the bundled krshd and v4rcp
applications. This can be exploited to disclose or manipulate the
contents of arbitrary files or execute arbitrary code with root
privileges if the "setuid()" call fails due to e.g. resource limits."
http://secunia.com/advisories/21402/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3084
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-001-setuid.txt
Bump PKGREVISION.
|
|
and add a new helper target and script, "show-buildlink3", that outputs
a listing of the buildlink3.mk files included as well as the depth at
which they are included.
For example, "make show-buildlink3" in fonts/Xft2 displays:
zlib
fontconfig
iconv
zlib
freetype2
expat
freetype2
Xrender
renderproto
|
|
of the order in which buildlink3.mk files are (recursively) included
by a package Makefile.
|
|
need them, for example RESTRICTED and SUBST_MESSAGE.*.
|
|
that they look nicer.
|
|
check for MIT Kerberos 5 when inspecting /usr/include/krb5.h. Also,
bring this file more in line with heimdal/builtin.mk.
|
|
This stops the "gnome-vfs2" package from pulling in the "heimdal" package.
This fixes PR pkg/29946 by Juha-Matti Liukkonen.
|
|
RECOMMENDED is removed. It becomes ABI_DEPENDS.
BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo.
BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo.
BUILDLINK_DEPENDS does not change.
IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS
which defaults to "yes".
Added to obsolete.mk checking for IGNORE_RECOMMENDED.
I did not manually go through and fix any aesthetic tab/spacing issues.
I have tested the above patch on DragonFly building and packaging
subversion and pkglint and their many dependencies.
I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I
have used IGNORE_RECOMMENDED for a long time). I have been an active user
of IGNORE_RECOMMENDED since it was available.
As suggested, I removed the documentation sentences suggesting bumping for
"security" issues.
As discussed on tech-pkg.
I will commit to revbump, pkglint, pkg_install, createbuildlink separately.
Note that if you use wip, it will fail! I will commit to pkgsrc-wip
later (within day).
|
|
and replace with appropriate references to PKGINFODIR instead.
* Properly account for split info files during installation.
* Move info file listings directly into the package PLISTs.
This fixes info-file-related PLIST problems.
|
|
|
|
|
|
|
|
|
|
automatically detects whether we want the pkginstall machinery to be
used by the package Makefile.
|
|
pkgsrc work.
|
|
CONFIGURE_ARGS.
|
|
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in
http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html
|
|
thus were before 2005Q3.
|
|
include:
* Fix [MITKRB5-SA-2005-002] KDC double-free and heap overflow.
* Fix [MITKRB5-SA-2005-003] krb5_recvauth() double-free.
|
|
PKGSRC_USE_TOOLS go away. There is now only a single USE_TOOLS variable
that specifies all of the tools we need to build/run the package.
|
|
Bump PKGREVISION.
|
|
|
|
USE_TOOLS and any of "autoconf", "autoconf213", "automake" or
"automake14". Also, we don't need to call the auto* tools via
${ACLOCAL}, ${AUTOCONF}, etc., since the tools framework takes care
to symlink the correct tool to the correct name, so we can just use
aclocal, autoconf, etc.
|
|
compatibility provided via PKG_OPTIONS_LEGACY_OPTS.
|
|
user settable variable. Set PKG_SUGGESTED_OPTIONS instead. Also,
make use of PKG_OPTIONS_LEGACY_VARS.
Reviewed by wiz.
|
|
|
|
.tar file. Also, fix the yacc silliness while we're here.
|
|
|
|
|
|
And always is defined as share/examples/rc.d
which was the default before.
This rc.d scripts are not automatically added to PLISTs now also.
So add to each corresponding PLIST as required.
This was discussed on tech-pkg in late January and late April.
Todo: remove the RCD_SCRIPTS_EXAMPLEDIR uses in MESSAGES and elsewhere
and remove the RCD_SCRIPTS_EXAMPLEDIR itself.
|
|
|
|
implementation correctly on NetBSD>=2.0.
|
|
is a PKG_OPTION.
|
|
|
|
which fixes MITKRB5-SA-2005-001 (CAN-2005-0468 & CAN-2005-0469) relating
to buffer overflows in the telnet client. Bump PKGREVISION to 1.
|
|
|