pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/devel/cvs Update to 1.11.20.
details: https://anonhg.NetBSD.org/pkgsrc/rev/52ed0f5a57ea
branches: trunk
changeset: 492772:52ed0f5a57ea
user: wiz <wiz%pkgsrc.org@localhost>
date: Tue Apr 19 12:39:18 2005 +0000
description:
Update to 1.11.20.
NOTE: currently without IPv6 support, until there is an updated KAME patch
for it.
Changes:
Changes since 1.11.19:
**********************
SERVER SECURITY FIXES
* Thanks to a report from Alen Zukich, several minor
security issues have been addressed. One was a buffer overflow that is
potentially serious but which may not be exploitable, assigned CAN-2005-0753
by the Common Vulnerabilities and Exposures Project
<http://www.cve.mitre.org>. Other fixes resulting from Alen's report include
repair of an arbitrary free with no known exploit and several plugged memory
leaks and potentially freed NULL pointers which may have been exploitable for
a denial of service attack.
* Thanks to a report from Craig Monson, minor
potential vulnerabilities in the contributed Perl scripts have been fixed.
The confirmed vulnerability could allow the execution of arbitrary code on
the CVS server, but only if a user already had commit access and if one of
the contrib scripts was installed improperly, a condition which should have
been quickly visible to any administrator. The complete description of the
problem is here: <https://ccvs.cvshome.org/issues/show_bug.cgi?id=224>. If
you were making use of any of the contributed trigger scripts on a CVS
server, you should probably still replace them with the new versions, to be
on the safe side.
Unfortunately, our fix is incomplete. Taint-checking has been enabled in all
the contributed Perl scripts intended to be run as trigger scripts, but no
attempt has been made to ensure that they still run in taint mode. You will
most likely have to tweak the scripts in some way to make them run. Please
send any patches you find necessary back to <bug-cvs%gnu.org@localhost> so that we may
again ship fully enabled scripts in the future.
You should also make sure that any home-grown Perl scripts that you might
have installed as CVS triggers also have taint-checking enabled. This can be
done by adding `-T' on the scripts' #! lines. Please try running
`perldoc perlsec' if you would like more information on general Perl security
and taint-checking.
BUG FIXES
* Thanks to a report and a patch from Georg Scwharz
CVS now builds without error on IRIX 5.3
DEVELOPER ISSUES
* We've standardized on Automake 1.9.5 to get some at new features that make
our jobs easier. See the HACKING file for more on using the autotools with
CVS.
diffstat:
devel/cvs/Makefile | 12 ++++++------
devel/cvs/distinfo | 26 +++++++++++++-------------
devel/cvs/patches/patch-ab | 6 +++---
devel/cvs/patches/patch-ae | 16 ++++++++--------
devel/cvs/patches/patch-af | 6 +++---
devel/cvs/patches/patch-ag | 17 +++++++++--------
devel/cvs/patches/patch-ai | 6 +++---
devel/cvs/patches/patch-al | 6 +++---
devel/cvs/patches/patch-ar | 14 +++++++-------
devel/cvs/patches/patch-as | 6 +++---
devel/cvs/patches/patch-az | 8 ++++----
11 files changed, 62 insertions(+), 61 deletions(-)
diffs (truncated from 318 to 300 lines):
diff -r e4347af26089 -r 52ed0f5a57ea devel/cvs/Makefile
--- a/devel/cvs/Makefile Tue Apr 19 11:54:50 2005 +0000
+++ b/devel/cvs/Makefile Tue Apr 19 12:39:18 2005 +0000
@@ -1,12 +1,11 @@
-# $NetBSD: Makefile,v 1.83 2005/04/11 21:45:19 tv Exp $
+# $NetBSD: Makefile,v 1.84 2005/04/19 12:39:18 wiz Exp $
#
-DISTNAME= cvs-1.11.19
+DISTNAME= cvs-1.11.20
CATEGORIES= devel
# (SSL) download URL according to http://www.cvshome.org/ is
-# https://ccvs.cvshome.org/files/documents/19/742/cvs-1.11.19.tar.bz2
-MASTER_SITES= http://distro.ibiblio.org/pub/linux/distributions/sorcerer/sources/cvs/1.11.19/ \
- ${MASTER_SITE_BACKUP}
+# https://ccvs.cvshome.org/files/documents/19/861/cvs-1.11.20.tar.bz2
+MASTER_SITES= ${MASTER_SITE_BACKUP}
EXTRACT_SUFX= .tar.bz2
MAINTAINER= wiz%NetBSD.org@localhost
@@ -24,7 +23,8 @@
.if defined(USE_INET6) && !empty(USE_INET6:M[yY][eE][sS]) && \
empty(MACHINE_PLATFORM:MSunOS-5.[89]-*) && \
empty(MACHINE_PLATFORM:MSunOS-5.10-*) && \
- empty(MACHINE_PLATFORM:MLinux-*)
+ empty(MACHINE_PLATFORM:MLinux-*) && \
+ defined(NOT_YET_AVAILABLE_FOR_CVS_1_11_20)
CONFIGURE_ARGS+= --enable-ipv6
PATCH_SITES= ftp://ftp.kame.net/pub/kame/misc/
PATCHFILES= cvs-1.11.19-v6-20050205.diff.gz
diff -r e4347af26089 -r 52ed0f5a57ea devel/cvs/distinfo
--- a/devel/cvs/distinfo Tue Apr 19 11:54:50 2005 +0000
+++ b/devel/cvs/distinfo Tue Apr 19 12:39:18 2005 +0000
@@ -1,31 +1,31 @@
-$NetBSD: distinfo,v 1.25 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: distinfo,v 1.26 2005/04/19 12:39:18 wiz Exp $
-SHA1 (cvs-1.11.19.tar.bz2) = 0d5e93a4380d02d4b6b41259b538c05d04d9d633
-RMD160 (cvs-1.11.19.tar.bz2) = 3a499e4dd32e4302e61e282ede48598bab0997fa
-Size (cvs-1.11.19.tar.bz2) = 2392762 bytes
+SHA1 (cvs-1.11.20.tar.bz2) = 47f51a96b5a73e18c96f431f3c494735aa9c0236
+RMD160 (cvs-1.11.20.tar.bz2) = 4f926d661b35dc1bafb5ee5f98487289a907d34d
+Size (cvs-1.11.20.tar.bz2) = 2414744 bytes
SHA1 (cvs-1.11.19-v6-20050205.diff.gz) = 5cd1519d99c8a6bc124fd5e4daaf5202cde87f07
RMD160 (cvs-1.11.19-v6-20050205.diff.gz) = a6c304badf71464798311f121f3eb2df50501c2f
Size (cvs-1.11.19-v6-20050205.diff.gz) = 13004 bytes
SHA1 (patch-aa) = 57bcc59a51d44f436d2f79a0752e44e317589650
-SHA1 (patch-ab) = 4a539ac6e37e3dc48ab0c427487806e2f3ff78ae
+SHA1 (patch-ab) = 3c5ff65e7a087b2e73e933366aae99b6b5549371
SHA1 (patch-ac) = 4da02fe019da9721afe6f9af0cd1db44214b575e
SHA1 (patch-ad) = da297e6f5f1a8ad4cf0c47f7b57f6bbb860ea64c
-SHA1 (patch-ae) = 2fcd5c228c0e18a2ea54f0bcee29e200193544c0
-SHA1 (patch-af) = af7e1f8dba74b40129d623b096ddf5a6c5dbefb4
-SHA1 (patch-ag) = e5c273fb784c5e340cbdf7ff182a6ae09c93dc4f
+SHA1 (patch-ae) = 3c9083c3d6532505efc530845feaee70158569b5
+SHA1 (patch-af) = 2f809d054c0b215a6668eda3b18e3ea2c5dfab27
+SHA1 (patch-ag) = 5dd358a7dbf5db402d3e56faf49e8748afdd05f2
SHA1 (patch-ah) = 47b9f55979ed65844efe22fb614b105ae247408d
-SHA1 (patch-ai) = ef52993cef430675f3efd09ae37cee522fd93369
+SHA1 (patch-ai) = d51b3f1429e73156cbfb7e0480a34ac6ce7a208d
SHA1 (patch-ak) = dc51b6899005cbfdbad1876060c7ef53cce3156f
-SHA1 (patch-al) = 7f223fd872f96788af499743f07e49d45d64715f
+SHA1 (patch-al) = 3f20d43ed1423ae6e811d9ec2d35af4932e84b41
SHA1 (patch-am) = a2a83f3a3788a99f008372f5a8d7ee9a3a6dbf72
SHA1 (patch-an) = 5fda0f44ff5ee165f18cedd43c6adf97a51e6398
SHA1 (patch-ao) = e19a61b0ccb0e71491fb53d553f03d85135ef5c6
SHA1 (patch-ap) = 9aa44fc82540f86aefa14c47f1d2632377a0471f
SHA1 (patch-aq) = bc828ae6c5eff55e7952752cb50317e268dcdd7b
-SHA1 (patch-ar) = 4c47f223205de1b6afd3858e4161f99550e1d099
-SHA1 (patch-as) = 35e59c65a544cdd8bd8c6808fdf3410c590dd827
+SHA1 (patch-ar) = 89c787d8725c6dc4a91268138749a2ec0ec255b1
+SHA1 (patch-as) = 095bab2722f1885db6c6d9e6f599e07444077c15
SHA1 (patch-at) = 1cbed8c43bda54a851a7ff1b85e78a224cbeeca2
SHA1 (patch-au) = ba788685ee842d07ac866183185e257ce2dcf749
SHA1 (patch-av) = d381dbf50a59d78e0a4bf8fff09b2570988d5647
SHA1 (patch-ay) = 7a0ee5bf1707afeaeb9092ce3faf7fc594044a2b
-SHA1 (patch-az) = e732ec022131d3ca23f7193625e4e2f305600fa9
+SHA1 (patch-az) = 4b773728b228af6c69d4e10cf59f1677feaa54ea
diff -r e4347af26089 -r 52ed0f5a57ea devel/cvs/patches/patch-ab
--- a/devel/cvs/patches/patch-ab Tue Apr 19 11:54:50 2005 +0000
+++ b/devel/cvs/patches/patch-ab Tue Apr 19 12:39:18 2005 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-ab,v 1.14 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-ab,v 1.15 2005/04/19 12:39:18 wiz Exp $
---- doc/cvs.texinfo.orig 2005-01-31 23:25:55.000000000 +0100
+--- doc/cvs.texinfo.orig 2005-04-14 19:38:46.000000000 +0200
+++ doc/cvs.texinfo
-@@ -13504,6 +13504,11 @@ CPU intensive but is not recommended for
+@@ -13548,6 +13548,11 @@ CPU intensive but is not recommended for
@xref{verifymsg}, for more information on how verifymsg
may be used.
diff -r e4347af26089 -r 52ed0f5a57ea devel/cvs/patches/patch-ae
--- a/devel/cvs/patches/patch-ae Tue Apr 19 11:54:50 2005 +0000
+++ b/devel/cvs/patches/patch-ae Tue Apr 19 12:39:18 2005 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-ae,v 1.9 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-ae,v 1.10 2005/04/19 12:39:18 wiz Exp $
---- src/rcs.c.orig 2005-01-31 23:15:08.000000000 +0100
+--- src/rcs.c.orig 2005-03-17 17:33:47.000000000 +0100
+++ src/rcs.c
-@@ -3498,7 +3498,7 @@ struct rcs_keyword
+@@ -3534,7 +3534,7 @@ struct rcs_keyword
size_t len;
};
#define KEYWORD_INIT(s) (s), sizeof (s) - 1
@@ -11,7 +11,7 @@
{
{ KEYWORD_INIT ("Author") },
{ KEYWORD_INIT ("Date") },
-@@ -3511,6 +3511,7 @@ static const struct rcs_keyword keywords
+@@ -3547,6 +3547,7 @@ static const struct rcs_keyword keywords
{ KEYWORD_INIT ("Revision") },
{ KEYWORD_INIT ("Source") },
{ KEYWORD_INIT ("State") },
@@ -19,7 +19,7 @@
{ NULL, 0 }
};
enum keyword
-@@ -3525,7 +3526,8 @@ enum keyword
+@@ -3561,7 +3562,8 @@ enum keyword
KEYWORD_RCSFILE,
KEYWORD_REVISION,
KEYWORD_SOURCE,
@@ -29,7 +29,7 @@
};
/* Convert an RCS date string into a readable string. This is like
-@@ -3662,6 +3664,11 @@ expand_keywords (rcs, ver, name, log, lo
+@@ -3698,6 +3700,11 @@ expand_keywords (rcs, ver, name, log, lo
return;
}
@@ -41,7 +41,7 @@
/* If we are using -kkvl, dig out the locker information if any. */
locker = NULL;
if (expand == KFLAG_KVL)
-@@ -3753,6 +3760,7 @@ expand_keywords (rcs, ver, name, log, lo
+@@ -3789,6 +3796,7 @@ expand_keywords (rcs, ver, name, log, lo
case KEYWORD_HEADER:
case KEYWORD_ID:
@@ -49,7 +49,7 @@
{
const char *path;
int free_path;
-@@ -4402,7 +4410,7 @@ RCS_checkout (rcs, workfile, rev, nameta
+@@ -4446,7 +4454,7 @@ RCS_checkout (rcs, workfile, rev, nameta
if (info != NULL)
{
/* If the size of `devtype' changes, fix the sscanf call also */
diff -r e4347af26089 -r 52ed0f5a57ea devel/cvs/patches/patch-af
--- a/devel/cvs/patches/patch-af Tue Apr 19 11:54:50 2005 +0000
+++ b/devel/cvs/patches/patch-af Tue Apr 19 12:39:18 2005 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-af,v 1.11 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-af,v 1.12 2005/04/19 12:39:18 wiz Exp $
---- src/update.c.orig 2005-01-31 23:18:01.000000000 +0100
+--- src/update.c.orig 2005-03-16 23:01:21.000000000 +0100
+++ src/update.c
-@@ -1366,11 +1366,18 @@ VERS: ", 0);
+@@ -1368,11 +1368,18 @@ VERS: ", 0);
xchmod (finfo->file, 1);
else
{
diff -r e4347af26089 -r 52ed0f5a57ea devel/cvs/patches/patch-ag
--- a/devel/cvs/patches/patch-ag Tue Apr 19 11:54:50 2005 +0000
+++ b/devel/cvs/patches/patch-ag Tue Apr 19 12:39:18 2005 +0000
@@ -1,10 +1,10 @@
-$NetBSD: patch-ag,v 1.5 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-ag,v 1.6 2005/04/19 12:39:18 wiz Exp $
---- lib/xtime.h.orig 2004-11-11 23:30:47.000000000 +0100
+--- lib/xtime.h.orig 2005-03-04 20:05:09.000000000 +0100
+++ lib/xtime.h
-@@ -12,6 +12,9 @@
- * functions
- */
+@@ -14,6 +14,9 @@
+ #ifndef XTIME_HEADER_INCLUDED
+ #define XTIME_HEADER_INCLUDED
+#ifndef _XTIME_H_
+#define _XTIME_H_
@@ -12,9 +12,10 @@
#ifdef vms
# include <time.h>
#else /* vms */
-@@ -55,3 +58,5 @@ extern long timezone;
- # endif /* !defined(HAVE_FTIME) && !defined(HAVE_TIMEZONE) */
+@@ -58,4 +61,6 @@ extern long timezone;
#endif /* !vms */
+
++#endif /* !_XTIME_H_ */
+
-+#endif /* !_XTIME_H_ */
+ #endif /* !XTIME_HEADER_INCLUDED */
diff -r e4347af26089 -r 52ed0f5a57ea devel/cvs/patches/patch-ai
--- a/devel/cvs/patches/patch-ai Tue Apr 19 11:54:50 2005 +0000
+++ b/devel/cvs/patches/patch-ai Tue Apr 19 12:39:18 2005 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-ai,v 1.8 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-ai,v 1.9 2005/04/19 12:39:18 wiz Exp $
---- src/parseinfo.c.orig 2005-01-31 23:14:54.000000000 +0100
+--- src/parseinfo.c.orig 2005-03-16 23:01:21.000000000 +0100
+++ src/parseinfo.c
-@@ -355,6 +355,14 @@ parse_config (cvsroot)
+@@ -357,6 +357,14 @@ parse_config (cvsroot)
goto error_return;
}
}
diff -r e4347af26089 -r 52ed0f5a57ea devel/cvs/patches/patch-al
--- a/devel/cvs/patches/patch-al Tue Apr 19 11:54:50 2005 +0000
+++ b/devel/cvs/patches/patch-al Tue Apr 19 12:39:18 2005 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-al,v 1.10 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-al,v 1.11 2005/04/19 12:39:18 wiz Exp $
---- src/client.c.orig 2004-11-18 16:45:30.000000000 +0100
+--- src/client.c.orig 2005-03-17 16:47:22.000000000 +0100
+++ src/client.c
-@@ -4519,6 +4519,16 @@ start_server ()
+@@ -4528,6 +4528,16 @@ start_server ()
error (1, 0,
"This server does not support the global -n option.");
}
diff -r e4347af26089 -r 52ed0f5a57ea devel/cvs/patches/patch-ar
--- a/devel/cvs/patches/patch-ar Tue Apr 19 11:54:50 2005 +0000
+++ b/devel/cvs/patches/patch-ar Tue Apr 19 12:39:18 2005 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-ar,v 1.15 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-ar,v 1.16 2005/04/19 12:39:18 wiz Exp $
---- src/server.c.orig 2004-09-24 21:59:08.000000000 +0200
+--- src/server.c.orig 2005-03-16 20:16:01.000000000 +0100
+++ src/server.c
-@@ -773,6 +773,7 @@ E Protocol error: Root says \"%s\" but p
+@@ -780,6 +780,7 @@ E Protocol error: Root says \"%s\" but p
nothing. But for rsh, we need to do it now. */
parse_config (current_parsed_root->directory);
@@ -10,7 +10,7 @@
path = xmalloc (strlen (current_parsed_root->directory)
+ sizeof (CVSROOTADM)
+ 2);
-@@ -790,6 +791,7 @@ E Protocol error: Root says \"%s\" but p
+@@ -797,6 +798,7 @@ E Protocol error: Root says \"%s\" but p
pending_error = save_errno;
}
free (path);
@@ -18,7 +18,7 @@
#ifdef HAVE_PUTENV
env = xmalloc (strlen (CVSROOT_ENV) + strlen (current_parsed_root->directory) + 2);
-@@ -2268,8 +2270,12 @@ serve_global_option (arg)
+@@ -2276,8 +2278,12 @@ serve_global_option (arg)
break;
case 'n':
noexec = 1;
@@ -31,7 +31,7 @@
case 'q':
quiet = 1;
break;
-@@ -5293,6 +5299,7 @@ switch_to_user (cvs_username, username)
+@@ -5301,6 +5307,7 @@ switch_to_user (cvs_username, username)
const char *username;
{
struct passwd *pw;
@@ -39,7 +39,7 @@
pw = getpwnam (username);
if (pw == NULL)
-@@ -5371,7 +5378,15 @@ error 0 %s: no such system user\n", user
+@@ -5379,7 +5386,15 @@ error 0 %s: no such system user\n", user
}
}
diff -r e4347af26089 -r 52ed0f5a57ea devel/cvs/patches/patch-as
--- a/devel/cvs/patches/patch-as Tue Apr 19 11:54:50 2005 +0000
+++ b/devel/cvs/patches/patch-as Tue Apr 19 12:39:18 2005 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-as,v 1.7 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-as,v 1.8 2005/04/19 12:39:18 wiz Exp $
---- src/tag.c.orig 2005-01-31 23:17:45.000000000 +0100
+--- src/tag.c.orig 2005-03-16 20:16:01.000000000 +0100
+++ src/tag.c
-@@ -1300,7 +1300,7 @@ Numeric tag %s contains characters other
+@@ -1301,7 +1301,7 @@ Numeric tag %s contains characters other
/* The tags is valid but not mentioned in val-tags. Add it. */
datum value;
diff -r e4347af26089 -r 52ed0f5a57ea devel/cvs/patches/patch-az
--- a/devel/cvs/patches/patch-az Tue Apr 19 11:54:50 2005 +0000
+++ b/devel/cvs/patches/patch-az Tue Apr 19 12:39:18 2005 +0000
Home |
Main Index |
Thread Index |
Old Index