[pkgsrc/trunk]: pkgsrc/devel/monotone Update to 0.25.2:

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/devel/monotone Update to 0.25.2:
From: jmmv <jmmv%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 03:10:27 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/97326805874e
branches:  trunk
changeset: 509416:97326805874e
user:      jmmv <jmmv%pkgsrc.org@localhost>
date:      Thu Mar 09 20:30:16 2006 +0000

description:
Update to 0.25.2:

        0.25.2 release.  Important security fix for Windows and OS X
        users.

        With versions of monotone prior to this release, a person with
        commit access could commit a malicious file with a name like
        "mt/monotonerc".  When anybody else then checked out this
        revision on a system with a case-folding filesystem --
        usually, this means, "on Windows or OS X" -- then their
        monotone would run arbitrary Lua code stored in this file.

        The _only_ change in this release as compared to 0.25 is that
        the existing checks against files in MT are now extended to
        check for mt, Mt, and mT.

        All users on Windows and OS X, or otherwise checking out
        versioned source on a case-insensitive filesystem, are
        recommended to upgrade immediately.  Binaries used only for
        serving, or only on case-insensitive filesystems (i.e., most
        Unix users), are not affected.

        (0.25.1 was never released in source form.  The original
        0.25 build for Windows was found to have problems on NT 4, and
        0.25.1 was Windows-only rebuild with NT 4 compatible
        libraries.)

diffstat:

 devel/monotone/Makefile |  5 ++---
 devel/monotone/distinfo |  8 ++++----
 2 files changed, 6 insertions(+), 7 deletions(-)

diffs (27 lines):

diff -r b827a28c5099 -r 97326805874e devel/monotone/Makefile
--- a/devel/monotone/Makefile   Thu Mar 09 20:27:48 2006 +0000
+++ b/devel/monotone/Makefile   Thu Mar 09 20:30:16 2006 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.20 2006/03/05 16:27:25 jlam Exp $
+# $NetBSD: Makefile,v 1.21 2006/03/09 20:30:16 jmmv Exp $
 #
 
-DISTNAME=      monotone-0.25
-PKGREVISION=   1
+DISTNAME=      monotone-0.25.2
 CATEGORIES=    devel
 MASTER_SITES=  http://www.venge.net/monotone/downloads/
 
diff -r b827a28c5099 -r 97326805874e devel/monotone/distinfo
--- a/devel/monotone/distinfo   Thu Mar 09 20:27:48 2006 +0000
+++ b/devel/monotone/distinfo   Thu Mar 09 20:30:16 2006 +0000
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.12 2005/12/31 11:33:47 jmmv Exp $
+$NetBSD: distinfo,v 1.13 2006/03/09 20:30:16 jmmv Exp $
 
-SHA1 (monotone-0.25.tar.gz) = 53e0cc2b2aa7878cbef288ddd20f2d36e6aa040f
-RMD160 (monotone-0.25.tar.gz) = 31dcb5983f3313c3fadb1ae32df4ea54859aad8f
-Size (monotone-0.25.tar.gz) = 5415426 bytes
+SHA1 (monotone-0.25.2.tar.gz) = 84eb3490c261728b0e3d4ece7eb3fb59cd8fe327
+RMD160 (monotone-0.25.2.tar.gz) = 91a69763039c10ff15421c92ee86609c2a5ec739
+Size (monotone-0.25.2.tar.gz) = 5427435 bytes

Prev by Date: [pkgsrc/trunk]: pkgsrc/math/octave-current Generated info files may no longer...
Next by Date: [pkgsrc/trunk]: pkgsrc/games Added spaceracer.
Previous by Thread: [pkgsrc/trunk]: pkgsrc/math/octave-current Generated info files may no longer...
Next by Thread: [pkgsrc/trunk]: pkgsrc/games Added spaceracer.
Indexes:

Home | Main Index | Thread Index | Old Index