pkg/54262: databases/R-RSQLite should link against SQLite in pkgsrc instead of using amalgamation files

To: pkg-manager%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,pkgsrc-bugs%netbsd.org@localhost
Subject: pkg/54262: databases/R-RSQLite should link against SQLite in pkgsrc instead of using amalgamation files
From: tr%vispaul.me@localhost
Date: Sun, 2 Jun 2019 06:50:00 +0000 (UTC)

>Number:         54262
>Category:       pkg
>Synopsis:       databases/R-RSQLite should link against SQLite in pkgsrc instead of using amalgamation files
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Sun Jun 02 06:50:00 +0000 2019
>Originator:     Travis Paul
>Release:        current
>Organization:
>Environment:
>Description:
databases/R-RSQLite has a copy of the SQLite 3.22.0 amalgamation files embedded into the project and it doesn't use sqlite3/buildlink.mk

This makes it difficult for the pkgsrc-security team to know when the package is impacted by a known-vulnerability in SQLite.

>How-To-Repeat:
After installing the package. SQLite is not installed along with it, and nm shows that the SQLite symbols are in the .so file of the R module.
>Fix:
Fedora seems to pass some arguments to `R CMD INSTALL` to prevent using the amalgamation files but I wasn't able to find any evidence of that occurring in pkgsrc.

https://apps.fedoraproject.org/packages/R-RSQLite/sources/spec/

Prev by Date: Re: pkg/54252: NetBSD/hpcmips install fails under GXemul 0.6.1
Next by Date: Re: pkg/54252 (NetBSD/hpcmips install fails under GXemul 0.6.1)
Previous by Thread: PR/53407 CVS commit: pkgsrc/net/netatalk22
Next by Thread: Re: pkg/54252 (NetBSD/hpcmips install fails under GXemul 0.6.1)
Indexes:

Home | Main Index | Thread Index | Old Index