From 35d75a26523f4a552189fadaec29ecccaba81818 Mon Sep 17 00:00:00 2001 From: tron Date: Thu, 9 Oct 2014 13:32:18 +0000 Subject: Pullup ticket #4518 - requested by bsiegert shells/mksh: security update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Revisions pulled up: - shells/mksh/Makefile 1.28 - shells/mksh/distinfo 1.26 - shells/mksh/patches/patch-mksh.1 1.7 --- Module Name: pkgsrc Committed By: bsiegert Date: Tue Oct 7 18:51:02 UTC 2014 Modified Files: pkgsrc/shells/mksh: Makefile distinfo pkgsrc/shells/mksh/patches: patch-mksh.1 Log Message: Security: Update mksh to 50d. R50d is a required bugfix release: - [Goodbox] Fix NULL pointer dereference on “unset x; nameref x” - [tg] Fix severe regression in field splitting (LP#1378208) - [tg] Add a warning about not using tainted user input (including from the environ(7)ment) in arithmetics, until Stéphane writes it up nicely R50c is a security fix release: - [tg] Know more rare signals when generating sys_signame[] replacement - [tg] OpenBSD sync (mostly RCSID only) - [tg] Document HISTSIZE limit; found by luigi_345 on IRC - [zacts] Fix link to Debian .mkshrc - [tg] Cease exporting $RANDOM (Debian #760857) - [tg] Fix C99 compatibility - [tg] Work around klibc bug causing a coredump (Debian #763842) - [tg] Use issetugid(2) as additional check if we are FPRIVILEGED - [tg] SECURITY: do not permit += from environment - [tg] Fix more field splitting bugs reported by Stephane Chazelas and mikeserv; document current status wrt. ambiguous ones as testcases too --- shells/mksh/Makefile | 4 ++-- shells/mksh/distinfo | 10 +++++----- shells/mksh/patches/patch-mksh.1 | 8 ++++---- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/shells/mksh/Makefile b/shells/mksh/Makefile index 11d42347894..5c64dd003ee 100644 --- a/shells/mksh/Makefile +++ b/shells/mksh/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.27 2014/09/07 12:46:31 bsiegert Exp $ +# $NetBSD: Makefile,v 1.27.2.1 2014/10/09 13:32:18 tron Exp $ -DISTNAME= mksh-R50b +DISTNAME= mksh-R50d PKGNAME= ${DISTNAME:S/-R/-/} CATEGORIES= shells MASTER_SITES= http://www.mirbsd.org/MirOS/dist/mir/mksh/ \ diff --git a/shells/mksh/distinfo b/shells/mksh/distinfo index ef8dadfd07b..2681d736412 100644 --- a/shells/mksh/distinfo +++ b/shells/mksh/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.25 2014/09/07 12:46:31 bsiegert Exp $ +$NetBSD: distinfo,v 1.25.2.1 2014/10/09 13:32:18 tron Exp $ -SHA1 (mksh-R50b.tgz) = 5554d18126eb861caa71891d6a135014b9aabb99 -RMD160 (mksh-R50b.tgz) = df0db6868434682fcd8f5527995c679522fa6931 -Size (mksh-R50b.tgz) = 372648 bytes -SHA1 (patch-mksh.1) = c27d4cbb86b52173671c61b383793adc31b72f59 +SHA1 (mksh-R50d.tgz) = 0066c260e0ae6736c56189f481607d8306449c53 +RMD160 (mksh-R50d.tgz) = 473417750fe50ed0f947076752677432aa9fbd82 +Size (mksh-R50d.tgz) = 374014 bytes +SHA1 (patch-mksh.1) = 0b3ad407b3963cc92944724658d63c898728e335 diff --git a/shells/mksh/patches/patch-mksh.1 b/shells/mksh/patches/patch-mksh.1 index 5430ef1807d..2ee1e583563 100644 --- a/shells/mksh/patches/patch-mksh.1 +++ b/shells/mksh/patches/patch-mksh.1 @@ -1,7 +1,7 @@ -$NetBSD: patch-mksh.1,v 1.6 2014/09/07 12:46:31 bsiegert Exp $ +$NetBSD: patch-mksh.1,v 1.6.2.1 2014/10/09 13:32:18 tron Exp $ Kill the .Dt override and restore installation a normal man page. ---- mksh.1.orig 2014-07-29 17:26:49.000000000 +0000 +--- mksh.1.orig 2014-10-03 12:36:28.000000000 +0000 +++ mksh.1 @@ -60,21 +60,11 @@ . ds en \(em @@ -21,8 +21,8 @@ Kill the .Dt override and restore installation a normal man page. .\" with -mandoc, it might implement .Mx itself, but we want to .\" use our own definition. And .Dd must come *first*, always. .\" --.Dd $Mdocdate: July 29 2014 $ -+.Dd July 29, 2014 +-.Dd $Mdocdate: October 7 2014 $ ++.Dd October 7, 2014 .\" .\" Check which macro package we use, and do other -mdoc setup. .\" -- cgit v1.2.3