pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2016Q3]: pkgsrc/www Pullup ticket #5162 - requested by wiz
details: https://anonhg.NetBSD.org/pkgsrc/rev/698b166f8854
branches: pkgsrc-2016Q3
changeset: 408818:698b166f8854
user: bsiegert <bsiegert%pkgsrc.org@localhost>
date: Mon Nov 28 20:22:06 2016 +0000
description:
Pullup ticket #5162 - requested by wiz
www/w3m: security fix
www/w3m-img: security fix
Revisions pulled up:
- www/w3m-img/Makefile 1.29
- www/w3m-img/PLIST 1.1
- www/w3m/Makefile 1.78
- www/w3m/Makefile.common 1.62-1.63
- www/w3m/PLIST 1.17
- www/w3m/distinfo 1.27-1.29
- www/w3m/options.mk 1.15
- www/w3m/patches/patch-aa deleted
- www/w3m/patches/patch-ab deleted
- www/w3m/patches/patch-ac deleted
- www/w3m/patches/patch-ak deleted
- www/w3m/patches/patch-al deleted
- www/w3m/patches/patch-scripts_w3mman_w3mman2html.cgi.in deleted
---
Module Name: pkgsrc
Committed By: wiz
Date: Sun Nov 6 19:26:35 UTC 2016
Modified Files:
pkgsrc/www/w3m: Makefile Makefile.common PLIST distinfo options.mk
pkgsrc/www/w3m/patches: patch-ab
Log Message:
Updated w3m to 0.5.3.0.20161031.
Switch from dead sourceforge original to debian-maintained github version.
* new features
- support OSC 5379 remote imaging and sixel graphics
- support SGR style mouse handler
- support 32-bit color images
- support FreeBSD framebuffer
- support button element
- support meta charset
- add extbrowser4..9
- add display_borders to display 0 pixel table borders
- add siteconf feature
- add German translation for options setting panel
- add translations for de, zh_CN and zh_TW
* bug fixes
- fix segfaults with malformed text
- disable SSLv2 and SSLv3 by default [CVE-2014-3566]
- set ssl_verify_server to 1 by default
- disable RC4, export ciphers, and keys < 128 bits
- use SSL_OP_NO_COMPRESSION due to "CRIME attack" [CVE-2012-4929]
- use SSL_MODE_RELEASE_BUFFERS
- disable USE_EGD for LibreSSL
- appease gcc -Werror=format-security
- option -s is now "squeeze multiple blank lines" to work as pager, and
-j and -e are obsolete, so use -O{s|j|e} to specify display charset
- accept single quoted meta refresh URL
- assume "text" if a form input type is unknown
- accept cookies by default
- set use_dictcommand to 1 by default
- set default_url to 1 by default
- set argv_is_url to 1 by default
- set alt_entity to 0 by default
- fix build problems with Boehm GC 7.2, imlib2 1.4.6 and glibc 2.14
- fix parallel make failure
- fix incorrect ucs_ambwidth_map
- and many fixes
---
Module Name: pkgsrc
Committed By: wiz
Date: Sun Nov 6 19:27:16 UTC 2016
Modified Files:
pkgsrc/www/w3m-img: Makefile
Added Files:
pkgsrc/www/w3m-img: PLIST
Log Message:
Updated w3m-img to 0.5.3.0.20161031.
Changes same as for www/w3m.
---
Module Name: pkgsrc
Committed By: wiz
Date: Sun Nov 6 19:27:25 UTC 2016
Removed Files:
pkgsrc/www/w3m/patches: patch-aa patch-ac patch-ak patch-al
patch-scripts_w3mman_w3mman2html.cgi.in
Log Message:
Remove obsolete patches.
---
Module Name: pkgsrc
Committed By: wiz
Date: Sun Nov 6 19:30:42 UTC 2016
Modified Files:
pkgsrc/www/w3m: distinfo
pkgsrc/www/w3m/patches: patch-ab
Log Message:
Add upstream bug report URL.
---
Module Name: pkgsrc
Committed By: wiz
Date: Tue Nov 22 14:36:38 UTC 2016
Modified Files:
pkgsrc/www/w3m: Makefile.common distinfo
Log Message:
Updated w3m to 0.5.3.0.20161120.
Debian's w3m 0.5.3+git20161120
* bug fixes
- fix multiple flaws with malformed text
(stack overflow, buffer overflow, null deref, out of memory)
- fix stack overflow with nested table and textarea [CVE-2016-9439]
- fix suspend (^Z) behavior
---
Module Name: pkgsrc
Committed By: wiz
Date: Tue Nov 22 15:24:43 UTC 2016
Removed Files:
pkgsrc/www/w3m/patches: patch-ab
Log Message:
Remove integrated patch.
diffstat:
www/w3m-img/Makefile | 7 +-
www/w3m-img/PLIST | 2 +
www/w3m/Makefile | 5 +-
www/w3m/Makefile.common | 17 +++----
www/w3m/PLIST | 13 +++++-
www/w3m/distinfo | 16 ++-----
www/w3m/options.mk | 4 +-
www/w3m/patches/patch-aa | 15 -------
www/w3m/patches/patch-ab | 35 -----------------
www/w3m/patches/patch-ac | 26 ------------
www/w3m/patches/patch-ak | 15 -------
www/w3m/patches/patch-al | 32 ---------------
www/w3m/patches/patch-scripts_w3mman_w3mman2html.cgi.in | 15 -------
13 files changed, 33 insertions(+), 169 deletions(-)
diffs (truncated from 341 to 300 lines):
diff -r 5df52022e229 -r 698b166f8854 www/w3m-img/Makefile
--- a/www/w3m-img/Makefile Mon Nov 28 18:22:28 2016 +0000
+++ b/www/w3m-img/Makefile Mon Nov 28 20:22:06 2016 +0000
@@ -1,14 +1,13 @@
-# $NetBSD: Makefile,v 1.28 2016/03/05 11:29:40 jperkin Exp $
+# $NetBSD: Makefile,v 1.28.6.1 2016/11/28 20:22:06 bsiegert Exp $
-PKGNAME= w3m-img-${W3M_VERS}
-PKGREVISION= 6
+PKGNAME= w3m-img-${W3M_PKGVERS}
COMMENT= Multilingualized version of w3m with inline image support
CONFLICTS+= w3m-[0-9]*
DISTINFO_FILE= ${.CURDIR}/../../www/w3m/distinfo
PATCHDIR= ${.CURDIR}/../../www/w3m/patches
-PLIST_SRC= ${.CURDIR}/../../www/w3m/PLIST
+PLIST_SRC= ${.CURDIR}/../../www/w3m/PLIST ${.CURDIR}/PLIST
USE_TOOLS+= msgfmt
diff -r 5df52022e229 -r 698b166f8854 www/w3m-img/PLIST
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/www/w3m-img/PLIST Mon Nov 28 20:22:06 2016 +0000
@@ -0,0 +1,2 @@
+@comment $NetBSD: PLIST,v 1.1.2.2 2016/11/28 20:22:06 bsiegert Exp $
+libexec/w3m/w3mimgdisplay
diff -r 5df52022e229 -r 698b166f8854 www/w3m/Makefile
--- a/www/w3m/Makefile Mon Nov 28 18:22:28 2016 +0000
+++ b/www/w3m/Makefile Mon Nov 28 20:22:06 2016 +0000
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.77 2016/08/03 10:23:32 adam Exp $
+# $NetBSD: Makefile,v 1.77.2.1 2016/11/28 20:22:06 bsiegert Exp $
-PKGNAME= w3m-${W3M_VERS}
-PKGREVISION= 18
+PKGNAME= w3m-${W3M_PKGVERS}
COMMENT= Multilingualized version of a pager/text-based browser w3m
CONFLICTS+= w3m-img-[0-9]*
diff -r 5df52022e229 -r 698b166f8854 www/w3m/Makefile.common
--- a/www/w3m/Makefile.common Mon Nov 28 18:22:28 2016 +0000
+++ b/www/w3m/Makefile.common Mon Nov 28 20:22:06 2016 +0000
@@ -1,16 +1,19 @@
-# $NetBSD: Makefile.common,v 1.61 2014/10/09 14:07:12 wiz Exp $
+# $NetBSD: Makefile.common,v 1.61.16.1 2016/11/28 20:22:06 bsiegert Exp $
#
# used by www/w3m/Makefile
# used by www/w3m-img/Makefile
DISTNAME= w3m-${W3M_VERS}
CATEGORIES= www
-MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=w3m/}
+MASTER_SITES= ${MASTER_SITE_GITHUB:=tats/}
+GITHUB_TAG= v${W3M_VERS}
MAINTAINER= uebayasi%NetBSD.org@localhost
HOMEPAGE= http://w3m.sourceforge.net/
+# or https://github.com/tats/w3m
+# or https://packages.qa.debian.org/w/w3m.html
-MAKE_JOBS_SAFE= no
+WRKSRC= ${WRKDIR}/w3m-${W3M_VERS:S/+/-/}
GNU_CONFIGURE= yes
USE_LANGUAGES= c c++
@@ -18,7 +21,8 @@
USE_TOOLS+= msgfmt
USE_PKGLOCALEDIR= yes
-W3M_VERS= 0.5.3
+W3M_VERS= 0.5.3+git20161120
+W3M_PKGVERS= ${W3M_VERS:S/+git/.0./}
# For w3mman, xface2xpm, cgi scripts.
USE_TOOLS+= perl:run pax
@@ -63,11 +67,6 @@
SUBST_FILES.fh= istream.*
SUBST_SED.fh= -e 's/file_handle/file_handle_rofl/g'
-post-extract:
- cd ${WRKSRC}/doc && ${RM} -fr CVS
- cd ${WRKSRC}/doc-jp && ${RM} -fr CVS
- cd ${WRKSRC} && ${RM} -fr gc
-
INSTALLATION_DIRS+= ${DOCDIR}
INSTALL_TARGET= install install-helpfile
diff -r 5df52022e229 -r 698b166f8854 www/w3m/PLIST
--- a/www/w3m/PLIST Mon Nov 28 18:22:28 2016 +0000
+++ b/www/w3m/PLIST Mon Nov 28 20:22:06 2016 +0000
@@ -1,16 +1,18 @@
-@comment $NetBSD: PLIST,v 1.16 2011/01/21 23:34:13 wiz Exp $
+@comment $NetBSD: PLIST,v 1.16.46.1 2016/11/28 20:22:06 bsiegert Exp $
bin/w3m
bin/w3mman
libexec/w3m/cgi-bin/dirlist.cgi
libexec/w3m/cgi-bin/multipart.cgi
libexec/w3m/cgi-bin/w3mbookmark
+libexec/w3m/cgi-bin/w3mdict.cgi
libexec/w3m/cgi-bin/w3mhelp.cgi
libexec/w3m/cgi-bin/w3mhelperpanel
-${PLIST.image}libexec/w3m/w3mimgdisplay
libexec/w3m/cgi-bin/w3mmail.cgi
libexec/w3m/cgi-bin/w3mman2html.cgi
libexec/w3m/inflate
libexec/w3m/xface2xpm
+man/de/man1/w3m.1
+man/de/man1/w3mman.1
man/ja_JP.eucJP/man1/w3m.1
man/man1/w3m.1
man/man1/w3mman.1
@@ -32,6 +34,7 @@
share/doc/w3m/doc-jp/README.mouse
share/doc/w3m/doc-jp/README.passwd
share/doc/w3m/doc-jp/README.pre_form
+share/doc/w3m/doc-jp/README.siteconf
share/doc/w3m/doc-jp/README.tab
share/doc/w3m/doc-jp/STORY.html
share/doc/w3m/doc-jp/keymap.default
@@ -51,13 +54,19 @@
share/doc/w3m/doc/README.mouse
share/doc/w3m/doc/README.passwd
share/doc/w3m/doc/README.pre_form
+share/doc/w3m/doc/README.siteconf
+share/doc/w3m/doc/README.sixel
share/doc/w3m/doc/README.tab
share/doc/w3m/doc/STORY.html
share/doc/w3m/doc/keymap.default
share/doc/w3m/doc/keymap.lynx
share/doc/w3m/doc/menu.default
share/doc/w3m/doc/menu.submenu
+share/locale/de/LC_MESSAGES/w3m.mo
share/locale/ja/LC_MESSAGES/w3m.mo
+share/locale/zh_CN/LC_MESSAGES/w3m.mo
+share/locale/zh_TW/LC_MESSAGES/w3m.mo
+share/w3m/w3mhelp-funcdesc.de.pl
share/w3m/w3mhelp-funcdesc.en.pl
share/w3m/w3mhelp-funcdesc.ja.pl
share/w3m/w3mhelp-funcname.pl
diff -r 5df52022e229 -r 698b166f8854 www/w3m/distinfo
--- a/www/w3m/distinfo Mon Nov 28 18:22:28 2016 +0000
+++ b/www/w3m/distinfo Mon Nov 28 20:22:06 2016 +0000
@@ -1,12 +1,6 @@
-$NetBSD: distinfo,v 1.26 2015/11/04 02:47:41 agc Exp $
+$NetBSD: distinfo,v 1.26.8.1 2016/11/28 20:22:06 bsiegert Exp $
-SHA1 (w3m-0.5.3.tar.gz) = 444b6c8cf7094ee95f8e9de96b37f814b9d83237
-RMD160 (w3m-0.5.3.tar.gz) = 6a0153bc53f7c107c700404262ce1b4d02e6dd91
-SHA512 (w3m-0.5.3.tar.gz) = 43508c76d07b4d8f19c19f975c0b870aeb94abf0744b6128ee01c759d4e409a8b57bc866baeaf990f309ff73e9a7b02ca455d272b1dd0a93fafb8c72b1fe6d14
-Size (w3m-0.5.3.tar.gz) = 2202328 bytes
-SHA1 (patch-aa) = 2de78a6db9bd483416895b393935ccadab879932
-SHA1 (patch-ab) = e1264e0b5e0dc2a1aaf7cc1e6067afd556792dd4
-SHA1 (patch-ac) = 37c6c78a208c50876641aa90164cc46106403260
-SHA1 (patch-ak) = ac0ee99d5ab49c431cfa496d0d2d509efd6b06fa
-SHA1 (patch-al) = 8b393004eed249449151d1f2b9252fcb1b55922d
-SHA1 (patch-scripts_w3mman_w3mman2html.cgi.in) = 344f21307a6a439cfe25d80a7b31da7051522f31
+SHA1 (w3m-0.5.3+git20161120.tar.gz) = 949ab2d125b7ad39db1cf6b4e6f851a28893efb2
+RMD160 (w3m-0.5.3+git20161120.tar.gz) = 3c017726743d06e22d79aa52057ef564f3b5158e
+SHA512 (w3m-0.5.3+git20161120.tar.gz) = 81ecf9e5d9067a82efa5464e5f9396327a6333f9e414458a972b2b7bff138bd17c490b5258e34cb1e338c7a6c0dd6105a1bfd1e0d02edfadead79caa39106a5c
+Size (w3m-0.5.3+git20161120.tar.gz) = 2177917 bytes
diff -r 5df52022e229 -r 698b166f8854 www/w3m/options.mk
--- a/www/w3m/options.mk Mon Nov 28 18:22:28 2016 +0000
+++ b/www/w3m/options.mk Mon Nov 28 20:22:06 2016 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: options.mk,v 1.14 2015/11/25 12:54:07 jperkin Exp $
+# $NetBSD: options.mk,v 1.14.8.1 2016/11/28 20:22:06 bsiegert Exp $
PKG_OPTIONS_VAR= PKG_OPTIONS.w3m
PKG_SUPPORTED_OPTIONS= inet6 migemo w3m-lynx-key
@@ -6,7 +6,7 @@
.if ${_W3M_USE_IMAGE} == "YES"
PKG_OPTIONS_REQUIRED_GROUPS+= imagelib
-PKG_SUGGESTED_OPTIONS+= w3m-image-gdk-pixbuf
+PKG_SUGGESTED_OPTIONS+= w3m-image-gtk2
.else
PKG_OPTIONS_OPTIONAL_GROUPS+= imagelib
.endif
diff -r 5df52022e229 -r 698b166f8854 www/w3m/patches/patch-aa
--- a/www/w3m/patches/patch-aa Mon Nov 28 18:22:28 2016 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-aa,v 1.13 2008/12/13 08:53:27 obache Exp $
-
-PKG_CONFIG points right location in pkgsrc.
-
---- configure.orig 2007-05-31 12:17:05.000000000 +0000
-+++ configure
-@@ -5602,8 +5602,6 @@ echo "${ECHO_T}$with_imagelib" >&6; }
- with_gtk2="yes"
- if test x"$PKG_CONFIG" = x; then
- PKG_CONFIG=pkg-config
-- else
-- PKG_CONFIG=:
- fi;;
- esac
- done
diff -r 5df52022e229 -r 698b166f8854 www/w3m/patches/patch-ab
--- a/www/w3m/patches/patch-ab Mon Nov 28 18:22:28 2016 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,35 +0,0 @@
-$NetBSD: patch-ab,v 1.12 2012/05/30 06:42:34 wiz Exp $
-
-First chunk: adapt for gc-7.2 API change.
-Second chunk: suspend the job w3m belongs to, not w3m only.
-
---- main.c.orig 2011-01-04 09:42:19.000000000 +0000
-+++ main.c
-@@ -833,7 +833,8 @@ main(int argc, char **argv, char **envp)
- mySignal(SIGPIPE, SigPipe);
- #endif
-
-- orig_GC_warn_proc = GC_set_warn_proc(wrap_GC_warn_proc);
-+ orig_GC_warn_proc = GC_get_warn_proc();
-+ GC_set_warn_proc(wrap_GC_warn_proc);
- err_msg = Strnew();
- if (load_argc == 0) {
- /* no URL specified */
-@@ -2517,7 +2518,17 @@ DEFUN(susp, INTERRUPT SUSPEND, "Stop loa
- shell = "/bin/sh";
- system(shell);
- #else /* SIGSTOP */
-+#ifdef SIGTSTP
-+ signal(SIGTSTP, SIG_DFL); /* just in case */
-+ /*
-+ * Note: If susp() was called from SIGTSTP handler,
-+ * unblocking SIGTSTP would be required here.
-+ * Currently not.
-+ */
-+ kill(0, SIGTSTP); /* stop whole job, not a single process */
-+#else
- kill((pid_t) 0, SIGSTOP);
-+#endif
- #endif /* SIGSTOP */
- fmInit();
- displayBuffer(Currentbuf, B_FORCE_REDRAW);
diff -r 5df52022e229 -r 698b166f8854 www/w3m/patches/patch-ac
--- a/www/w3m/patches/patch-ac Mon Nov 28 18:22:28 2016 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,26 +0,0 @@
-$NetBSD: patch-ac,v 1.15 2011/01/21 23:34:14 wiz Exp $
-
-Fix for CVE-2010-2074 taken from here:
-
-http://www.openwall.com/lists/oss-security/2010/06/14/4
-
---- fm.h.orig 2011-01-04 09:22:21.000000000 +0000
-+++ fm.h
-@@ -1135,7 +1135,7 @@ global int view_unseenobject init(TRUE);
- #endif
-
- #if defined(USE_SSL) && defined(USE_SSL_VERIFY)
--global int ssl_verify_server init(FALSE);
-+global int ssl_verify_server init(TRUE);
- global char *ssl_cert_file init(NULL);
- global char *ssl_key_file init(NULL);
- global char *ssl_ca_path init(NULL);
-@@ -1144,7 +1144,7 @@ global int ssl_path_modified init(FALSE)
- #endif /* defined(USE_SSL) &&
- * defined(USE_SSL_VERIFY) */
- #ifdef USE_SSL
--global char *ssl_forbid_method init(NULL);
-+global char *ssl_forbid_method init("2");
- #endif
-
- global int is_redisplay init(FALSE);
diff -r 5df52022e229 -r 698b166f8854 www/w3m/patches/patch-ak
--- a/www/w3m/patches/patch-ak Mon Nov 28 18:22:28 2016 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-ak,v 1.1 2008/12/13 08:52:13 obache Exp $
-
-PKG_CONFIG points right location in pkgsrc.
-
---- acinclude.m4.orig 2006-04-07 13:21:11.000000000 +0000
-+++ acinclude.m4
-@@ -652,8 +652,6 @@ AC_DEFUN([AC_W3M_IMAGE],
- with_gtk2="yes"
- if test x"$PKG_CONFIG" = x; then
- PKG_CONFIG=pkg-config
-- else
-- PKG_CONFIG=:
- fi;;
- esac
- done
diff -r 5df52022e229 -r 698b166f8854 www/w3m/patches/patch-al
--- a/www/w3m/patches/patch-al Mon Nov 28 18:22:28 2016 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,32 +0,0 @@
-$NetBSD: patch-al,v 1.1 2011/04/05 05:55:29 uebayasi Exp $
-
-http://gnats.netbsd.org/42400
-
-this patch adds support for single quoted meta refresh parameters, which is
-needed to access GMail with w3m.
-
-from: Paul Boekholt ( boekholt ) - 2008-09-06 06:54
-support single quoted meta refresh parameter - ID: 2096461
-http://sourceforge.net/tracker/?func=detail&aid=2096461&group_id=39518&atid=425441
Home |
Main Index |
Thread Index |
Old Index