Subject: CVS commit: pkgsrc/archivers/bzip2
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 05/26/2005 15:03:11
Module Name:	pkgsrc
Committed By:	salo
Date:		Thu May 26 15:03:11 UTC 2005

Modified Files:
	pkgsrc/archivers/bzip2: Makefile buildlink3.mk distinfo
	pkgsrc/archivers/bzip2/patches: patch-aa

Log Message:
Security update to version 1.0.3

- Further robustification against corrupted compressed data.
  There are currently no known bitstreams which can cause the
  decompressor to crash, loop or access memory which does not
  belong to it.  If you are using bzip2 or the library to
  decompress bitstreams from untrusted sources, an upgrade
  to 1.0.3 is recommended.

  http://scary.beasts.org/security/CESA-2005-002.txt

- The documentation has been converted to XML, from which html
  and pdf can be derived.

- Various minor bugs in the documentation have been fixed.

- Fixes for various compilation warnings with newer versions of
  gcc, and on 64-bit platforms.

- The BZ_NO_STDIO cpp symbol was not properly observed in 1.0.2.
  This has been fixed.


To generate a diff of this commit:
cvs rdiff -r1.38 -r1.39 pkgsrc/archivers/bzip2/Makefile
cvs rdiff -r1.16 -r1.17 pkgsrc/archivers/bzip2/buildlink3.mk
cvs rdiff -r1.11 -r1.12 pkgsrc/archivers/bzip2/distinfo
cvs rdiff -r1.10 -r1.11 pkgsrc/archivers/bzip2/patches/patch-aa

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.