Subject: pkg/32353: mk/bulk/upload lintpkgsrc upload vulnerable
To: None <,,>
From: Gilles Dauphin <>
List: pkgsrc-bugs
Date: 12/21/2005 13:10:00
>Number:         32353
>Category:       pkg
>Synopsis:       mk/bulk/upload lintpkgsrc upload vulnerable
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Dec 21 13:10:00 +0000 2005
>Originator:     Gilles Dauphin
>Release:        SunOS 5.10 i86pc

System: SunOS 5.10 Generic_118844-20 i86pc


--------------does not work if distdir != /usr/pkgsrc/distfiles/ --------------
[root@u2 604] echo lintpkgsrc $lintpkgsrc_cache  -K $packages -P $pkgsrcdir -V
lintpkgsrc -K /usr/pkgsrc/packages -P /usr/pkgsrc -V
[root@u2 605] echo $DISTDIR
[root@u2 606] echo $distdir
[root@u2 607] lintpkgsrc $lintpkgsrc_cache  -K $packages -P $pkgsrcdir -V
Unable to open 'pkg-vulnerabilities': No such file or directory
[root@u2 608]
------------------------- work with -M $distdir --------------------
[root@u2 609] lintpkgsrc $lintpkgsrc_cache -M $distdir -K $packages -P $pkgsrcdir -V 
Scanning Makefiles: ........


sh mk/bulk/upload with distfiles != /usr/pkgsrc/distfiles


diff -bu upload.orig upload
--- upload.orig Thu Jul 28 02:37:43 2005
+++ upload      Wed Dec 21 13:56:11 2005
@@ -94,10 +94,10 @@
 echo "Checking for restricted and out of date packages:"
 # -p  =  report old versions of packages
 # -R  =  report restricted packages
-lintpkgsrc $lintpkgsrc_cache -K $packages -P $pkgsrcdir -pR  | sed 's@'$packages'/@@' > "$exf"
+lintpkgsrc $lintpkgsrc_cache -M $distdir -K $packages -P $pkgsrcdir -pR  | sed 's@'$packages'/@@' > "$exf"
 echo "Checking for vulnerable packages:"
-lintpkgsrc $lintpkgsrc_cache -K $packages -P $pkgsrcdir -V  | sed 's@'$packages'/@@' > "$vf"
+lintpkgsrc $lintpkgsrc_cache -M $distdir -K $packages -P $pkgsrcdir -V  | sed 's@'$packages'/@@' > "$vf"
 RSFLAGS="-vap --progress $RSYNC_OPTS"