path: root/doc/CHANGES-1.6.1

#	$NetBSD: CHANGES-1.6.1,v 1.1.2.21 2003/04/20 09:43:09 grant Exp $

Changes to the pkgsrc-1-6-1 branch:

File						Revision(s)
----						--------
mk/texinfo.mk					1.9

	When comparing install-info version, ignore non [0-9.] - treat 4.0b 
	as 4.0
	[abs]

mail/imap-uw/Makefile				1.54

	Linux cp -R behaves differently to NetBSD when given a directory as 
	a source argument. Handle differently.
	[abs]

devel/opencm/distinfo				1.6
devel/opencm/patches/patch-aa			1.3

	Unset GZIP from the environment before calling GZIP_CMD.  Should fix 
	problems shown in Hubert's bulk build.
	[jmmv]

devel/oaf/Makefile				1.23
sysutils/gnome-vfs/Makefile			1.26
devel/bonobo/Makefile				1.35
www/gtkhtml/Makefile				1.27

	Disable gtk-doc detection; not required and causes problems.
	[jmmv]

graphics/avifile-devel/Makefile			1.30
graphics/avifile-devel/buildlink2.mk		1.4
graphics/avifile-devel/distinfo			1.13
graphics/avifile-devel/patches/patch-ac		1.3 (new)

	Add suitable arguments to "avifile-config --libs" for 
	autodetected XFree 4 static libraries, where required. 
	[You can't have a shared library run-time dependency on a static 
	library.] This may let "apla" build again on systems with 
	XFree 4 -- not tested.
	[fredb]

graphics/apla/Makefile				1.14

	This builds again on NetBSD 1.6.1, but only against the latest version
	of avifile-devel. Bump pkgrevision.
	[fredb]

mk/bulk/bsd.bulk-pkg.mk				1.43

	Correct the 'broken due to depends' processing.  This change makes the
	summary email list correctly the packages which are broken because of
	their dependencies.  
	[dmcmahill]

pkgtools/pkg_install/files/lib/pkgdb.c		1.7

	Correct #ifdef misplacement.
	[grant]

pkgsrc/textproc/crimson/Makefile		1.7-1.8
pkgsrc/textproc/crimson/distinfo		1.2

	Pull up changes from trunk to the netbsd-1-6-1 branch to allow 
	this to be extracted.
	[salo]

misc/kdepim3/distinfo/distinfo			1.7
misc/kdeutils3/distinfo				1.10
net/kdenetwork3/distinfo			1.9
misc/kdepim3/patches/patch-ai			1.1 (new)
misc/kdeutils3/patches/patch-ao			1.1 (new)
net/kdenetwork3/patches/patch-aa		1.1 (new)

	Remove some more bogus sizeof(size_t) == sizeof(unsigned int) checks.
	[skrll]

x11/kdebase3/Makefile				1.18
x11/kdebase3/distinfo				1.20
x11/kdebase3/patches/patch-de			1.3

	Let platforms that don't have apm compile ksysguard. This fixes 
	PR#18340 and PR#20439.
	[skrll]

x11/kdebase3/distinfo				1.19
x11/kdebase3/patches/patch-aa			1.4

	Fix typo in configure script which incorrectly determines that a 
	prototype for strlcat is needed.  Unfortunately that had the effect 
	of providing a bad (for 64 bit systems) prototype.
	[dmcmahill]

audio/kdemultimedia3/Makefile			1.13

	Unlimit datasize to allow this to build on alpha
	[dmcmahill]

net/kdenetwork3/distinfo			1.10
net/kdenetwork3/patches/patch-aa		1.4

	Fix typo in check for strlcat which caused a build failure on alpha.
	[dmcmahill]

misc/kdeutils3/distinfo				1.11
misc/kdeutils3/patches/patch-ao			1.2
misc/kdepim3/distinfo				1.8
misc/kdepim3/patches/patch-ai			1.2

	Fix typo in check for strlcat which caused a failure on alpha
	[dmcmahill]

graphics/xv/distinfo				1.7
graphics/xv/patches/patch-ab			1.6

	Fix a broken #ifdef, noted on Linux.
	[grant]

misc/openoffice/distinfo			1.15
misc/openoffice/patches/patch-eq		1.1 (new)

	Reduce optimisation for a particular file to avoid a gcc internal
	compiler error.
	[mrauch]

misc/openoffice-linux/Makefile			1.5
misc/openoffice-linux/PLIST			1.3

	Automate the creation of /emul/linux/etc/mtab:
	Use the code from Johnny (jlam) again, but do an additional copy at
	pre-install, because the file has to be present during do-install 
	already.
	[mrauch]

games/nethack-lib/Makefile.common		1.8
games/nethack-lib/distinfo			1.5
games/nethack-lib/patches/patch-aa		1.8
games/nethack-lib/patches/patch-ab		1.9
games/nethack-lib/patches/patch-ac		1.4
games/nethack-lib/patches/patch-ae		1.4
games/nethack-qt/Makefile			1.35
games/nethack-qt/distinfo			1.9
games/nethack-qt/patches/patch-aa		1.8
games/nethack-qt/patches/patch-ab		1.6
games/nethack-qt/patches/patch-ac		1.11
games/nethack-qt/patches/patch-ae		1.2
games/nethack-qt/patches/patch-ah		1.3
games/nethack-qt/patches/patch-ai		1.2
games/nethack-tty/distinfo			1.5
games/nethack-x11/Makefile			1.20
games/nethack-x11/distinfo			1.8
games/nethack-x11/patches/patch-aa		1.6
games/nethack-x11/patches/patch-ab		1.9
games/nethack-x11/patches/patch-ac		1.2
games/nethack-x11/patches/patch-ah		1.3

	Pullup nethack version 3.4.1 to netbsd-1-6-1 pkgsrc branch.
	[pooka]

devel/mrproject/Makefile			1.10
devel/mrproject/PLIST				1.6

	Make this build again, without evolution support. Bump PKGREVISION.
	[wiz, ticket #1196]

net/snort/DEINSTALL				delete
net/snort/Makefile.common			1.7
net/snort/PLIST					1.8
net/snort/distinfo				1.14
net/snort-pgsql/Makefile			1.8

	Snort RPC preprocessing buffer overflow when decoding fragmented RPC
	records (http://www.kb.cert.org/vuls/id/916785).
	Versions affected <1.9.1.
	[salo, ticket #1192]

comms/p5-Device-SerialPort/Makefile		1.9-1.10

	Makes this pkg build on 1.6.1.
	[hubertf, ticket #1197]

devel/cvs/Makefile				1.59
devel/cvs/distinfo				1.11

	Don't use .bz2 distfile, as it doesn't appear to exist on various 
	mirrors.
	[grant, ticket #1198]

mail/hypermail/Makefile				1.4
mail/hypermail/PLIST				1.2
mail/hypermail/distinfo				1.3
mail/hypermail/patches/patch-aa			1.2
mail/hypermail/patches/patch-ab			1.1 (new)
mail/hypermail/patches/patch-ac			1.1 (new)

	Update to 2.1.7: Many bug and security fixes; you should upgrade..
	[bouyer, ticket #1201]

lang/wonka/Makefile				1.5

	Restrict to x86 and arm as no other ports are done ATM
	[skrll, ticket #1203]

net/ethereal/Makefile				1.71
net/ethereal/PLIST				1.7
net/ethereal/distinfo				1.17

	Updated to version 0.9.10.

	This release fixes a security hole discovered by Georgi Guninski in
	the SOCKS dissector.  All users of previous versions are encouraged
	to upgrade.  For more details see

	  http://www.ethereal.com/appnotes/enpa-sa-00008.html
	[salo, ticket #1204]

net/soup/patches/patch-ac			1.1 (new)
net/soup/distinfo				1.4

	Fix bug with static initializers which prevented compilition on 64 bit
	platforms
	[dmcmahill, ticket #1209]

mail/evolution/Makefile				1.33

	Add --disable-gtk-doc to CONFIGURE_ARGS to allow this to build without
	an active X display.
	[dmcmahill, ticket #1211]

cad/qcad/Makefile				1.10
cad/qcad/distinfo				1.6
cad/qcad/patches/patch-aa			1.5

	On alpha lower optimization level on a handful of key problem files that
	triggered a compiler error.   This package now builds and seems to run
	on NetBSD-1.6/alpha
	[dmcmahill, ticket #1213]

net/ethereal/Makefile				1.72
net/ethereal/distinfo				1.18

	Updated to version 0.9.11.
	(0.9.10 was improperly packaged)
	[salo, ticket #1214]

audio/xsidplay/Makefile				1.23
audio/xsidplay/distinfo				1.4
audio/xsidplay/patches/patch-aa			1.8

	Lower optimization on 8 problem files on alpha which trigger compiler
	bugs. This package now builds on NetBSD-1.6/alpha and even seems to
	run the GUI. Audio output not verified due to lack of hardware.
	[dmcmahill, ticket #1215]

graphics/aqsis/distinfo				1.2
graphics/aqsis/patches/patch-af			1.1 (new)

	Use a time_t * as the argument to time(3) to let this compile on 
	64 bit systems.  Fixes recently noted compile problems on alpha.
	[dmcmahill, ticket #1216]

www/mozilla/Makefile				1.115
www/mozilla/files/moz-install			1.6

	moz-install treated element between @comment begin DIRS & @comment 
	end DIRS in PLIST.
	if @exec ${MKDIR} -p %D/lib/${MOZILLA}/plugins in such a section,
	directory '@exec', '${MKDIR}', '-p', '%D/lib/${MOZILLA}/plugins' are 
	created.

	This commit fixes this problem.
	[taya, ticket #1208]

graphics/xpaint/distinfo			1.7
graphics/xpaint/patches/patch-ag		1.2

	Don't try and do ${XMFMF} -a because that produces 'xmkmf -a -a' which
	causes an error.  This builds and runs on alpha now.
	[dmcmahill, ticket #1217]

mail/mutt/Makefile				1.93
mail/mutt/distinfo				1.13
mail/mutt/patches/patch-af			1.4

	Update mutt to 1.4.1:

	 fix a buffer overflow in mutt's IMAP client code which
	 was identified by Core Security Technologies, and fixed by Edmund
	 Grimley Evans.  A more detailed advisory will be published by Core
	 Security.
	[jschauma, ticket #1223]

mk/bsd.pkg.defaults.mk				1.133

	provide CDRECORD_CONF.

	[grant, ticket #1200]

sysutils/cdrecord/MESSAGE.cdrecord.conf		1.1 (new)
sysutils/cdrecord/Makefile			1.47
sysutils/cdrecord/distinfo			1.9
sysutils/cdrecord/patches/patch-ca		1.1 (new)
sysutils/cdrecord/patches/patch-cb		1.1 (new)
sysutils/cdrecord/patches/patch-cc		1.1 (new)

	Default the config file to PKG_SYSCONFDIR/cdrecord.conf unless
	overridden by the user via CDRECORD_CONF.

	You must move your config file to the new location if you update!

	Patch man pages and print a MESSAGE if CDRECORD_CONF is not set to
	`/etc/default/cdrecord', as required by license.

	Bump PKGREVISION.
	[grant, ticket #1200]

net/samba/Makefile				1.94
net/samba/distinfo				1.26
net/samba/patches/patch-ar			1.1 (new)

	open_file_shared(): when falling back to O_RDONLY open_file() call 
	after O_RDWR fails in fcbopen case, remember the errno from 
	previous open_file() call and set errno back to this value if the 
	second open_file() call fails too.

	This makes samba report EACCESS instead of confusing ENOENT if 
	creation of file fails due to insufficient permissions for 
	SMBcreate/SMBmknew call.

	Bump package revision.
	[bouyer, ticket #1218]

x11/lablgtk/Makefile				1.4
x11/lablgtk/PLIST.noopt				1.1 (new)

	Make this go on non-i386 systems.  Currently ocamlopt is only available
	on i386 so avoid using that on non-i386 systems.  Compiles and 
	seems to work on alpha.
	[dmcmahill, ticket #1219]

net/samba/Makefile				1.95
net/samba/Makefile.common			1.6
net/samba/distinfo				1.27
net/samba/patches/patch-aa			1.24
net/samba/patches/patch-ab			1.20
net/samba/patches/patch-ad			1.12
net/samba/patches/patch-ar			1.2

	Updated samba to 2.2.8

	****************************************
	* IMPORTANT: Security bugfix for Samba *
	****************************************

	The SuSE security audit team, in particular Sebastian Krahmer
	<krahmer@suse.de>, has found a flaw in the Samba main smbd code which
	could allow an external attacker to remotely and anonymously gain
	Super User (root) privileges on a server running a Samba server.
	
	This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a
	inclusive.  This is a serious problem and all sites should either
	upgrade to Samba 2.2.8 immediately or prohibit access to TCP ports 139
	and 445. Advice created by Andrew Tridgell, the leader of the Samba
	Team, on how to protect an unpatched Samba server is given at the end
	of this section.

	The SMB/CIFS protocol implemented by Samba is vulnerable to many
	attacks, even without specific security holes.  The TCP ports 139 and
	the new port 445 (used by Win2k and the Samba 3.0 alpha code in
	particular) should never be exposed to untrusted networks.
	[bouyer, ticket #1220]

chat/bitchx/Makefile				1.16-1.17
chat/bitchx/distinfo				1.7
chat/bitchx/patches/patch-ag			1.1 (new)
chat/bitchx/patches/patch-ah			1.1 (new)
chat/bitchx/patches/patch-ai			1.1 (new)
chat/bitchx/patches/patch-aj			1.1 (new)
chat/bitchx/patches/patch-ak			1.1 (new)
chat/bitchx/patches/patch-al			1.1 (new)

	Bump PKGREVISION: fix several potential buffer overflows found by Timo
	Sirainen <tss at iki dot fi>, see the following url for more details:

	 http://securityfocus.com/archive/1/315057

	Patch from bugtraq by <caf at guarana dor org>.
	[salo, ticket #1239]

www/php4/Makefile				1.32
www/php4/distinfo				1.19
www/php4/patches/patch-ak			1.1 (new)

	Fix for wordwrap() buffer overflow, per
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396
	(Patch obtained from RedHat's php-4.2.2-8.0.7.src.rpm.)

	Bump PKGREVISION.
	[aymeric, ticket #1253]

net/samba/Makefile.common			1.8
net/samba/distinfo				1.28

	Update to Samba 2.2.8a.

	Changes since 2.2.8:
	Digital Defense, Inc. has alerted the Samba Team to a serious
	vulnerability in all stable versions of Samba currently shipping.
	The Common Vulnerabilities and Exposures (CVE) project has assigned
	the ID CAN-2003-0201 to this defect.

	This vulnerability, if exploited correctly, leads to an anonymous
	user gaining root access on a Samba serving system. All versions
	of Samba up to and including Samba 2.2.8 are vulnerable. An active
	exploit of the bug has been reported in the wild.
	[cjep, ticket #1251]

chat/ircII/Makefile				1.21-1.22
chat/ircII/PLIST				1.12
chat/ircII/distinfo				1.17-1.18

	update to ircii 20030314.  changes since ircII 20021103:

	  o  server's added by /server are no longer removed if they fail to
	     connect.
	  o  SEVERAL REMOTE HOLES FIXED in ctcp, status & other code
	  o  fix ICB /msg to names starting with a /.  you can now /msg
	     \/oink to send a message to "/oink".  if you previously were
	     able to /msg \oink you now have to /msg \\oink.
	  o  arithmetic "|" now works properly
	  o  fix ICB /msg with a user the same name as the channel
	  o  fix ICB group's and user's with comma's in them
	  o  /notify and /timer always go to level crap now
	  o  fix nickname response lossage
	  o  fix $connect() hich was broken recently
	  o  fix "irc -h" which was broken recently
	  o  fix "dcc close raw" which was broken recently
	[aymeric, ticket #1254]

net/snort/Makefile.common			1.8
net/snort/PLIST					1.9
net/snort/distinfo				1.15
net/snort/patches/patch-aa			1.9
net/snort/patches/patch-ad			1.2
net/snort/patches/patch-ae			1.2

	Updated to version 2.0.0.

	IMPORTANT: This version fixes remotely exploitable heap overflow in the stream4
	           preprocessor module.

	Advisory:  http://www.coresecurity.com/common/showdoc.php?idx=313&idxseccion=10

	Changes:

	2.0.0:
	======
	- Enhanced high-performance detection engine
	- Stateful Pattern Matching
	- New detection keywords: byte_test & byte_jump
	- The Snort code base has undergone an external third party professional
	  security audit funded by Sourcefire (http://www.sourcefire.com)
	- Many new and updated rules
	- snort.conf has been updated
	- Enhancements to self preservation mechanisms in stream4 and frag2
	- State tracking fixes in stream4
	- New HTTP flow analyzer
	- Enhanced protocol decoding (TCP options, 802.1q, etc)
	- Enhanced protocol anomaly detection (IP, TCP, UDP, ICMP, RPC, HTTP, etc)
	- Enhanced flexresp mode for real-time TCP session sniping
	- Better chroot()'ing
	- Tagging system updated
	- Several million bugs addressed....
	- Updated FAQ (thanks to Erek Adams and Dragos Ruiu) Snort 2.0 can be
	  downloaded at http://www.snort.org/dl/snort-2.0.0.tar.gz. Binary
	  versions of the codebase will be built over the next several days and
	  made available at here.
	
	2.0.rc4:
	========
	- byte_jump/byte_test don't force relative content options
	- byte_jump/byte_test absolute offsets work
	- Better FIN handling in Stream4
	
	2.0.rc3:
	========
	- A low memory usage detection method (enabled via "config detection:
	  search-method lowmem")
	- Moved the default unix socket location to LOGDIR
	
	2.0.rc2:
	========
	- syslog should work on win32 and unix
	- major tagging updates
	- new UDP decoding alerts
	- snort.conf updates
	
	2.0.rc1:
	========
	- Higher performance (due to a new pattern matcher and rebuilt detection
	  engine)
	- Better decoders
	- Enhanced stream reassembly and defragmentation
	- Tons of bug fixes
	- Updated rules
	- Updated snort.conf
	- New detection keywords (byte_test, byte_jump, distance, within) &
	  stateful pattern matching
	- New HTTP flow analyzer
	- Enhanced anomaly detection (HTTP, RPC, TCP, IP, etc)
	- Better self preservation in stateful subsystems
	- Xrefs fixed
	- Flexresp works faster and more effectively
	- Better chroot()'ing
	- Fixed 802.1q decoding
	- Better async state handling
	- New alerting option: -A cmg!!
	[salo, ticket #1257]

databases/edb/distinfo				1.3
databases/edb/patches/patches-aa		1.1 (new)

	configure script changed in distfile on server.
	[jmmv, ticket #1261]

graphics/GMT/distinfo				1.8

	distfile changed on server.
	[hubertf, ticket #1262]

fonts/dbz-ttf/Makefile				1.5

	Bump PKGREVISION: Resale is prohibited, set RESTRICTED accordingly.
	[salo, ticket #1259]

misc/xjdic/Makefile				1.2-1.3
misc/xjdic/distinfo				1.2

	Update dictionary files to latest version.
	Closes PR 19885.
	[hubertf, ticket #1263]