pkgsrc-changes: CVS commit: [pkgsrc-2005Q1] pkgsrc/archivers/bzip2

Subject: CVS commit: [pkgsrc-2005Q1] pkgsrc/archivers/bzip2
To: None <pkgsrc-changes@NetBSD.org>
From: Soren Jacobsen <snj@netbsd.org>
List: pkgsrc-changes
Date: 05/27/2005 00:46:13

Module Name:	pkgsrc
Committed By:	snj
Date:		Fri May 27 00:46:12 UTC 2005

Modified Files:
	pkgsrc/archivers/bzip2 [pkgsrc-2005Q1]: Makefile PLIST buildlink3.mk
	    distinfo
	pkgsrc/archivers/bzip2/patches [pkgsrc-2005Q1]: patch-aa

Log Message:
Pullup ticket 516 - requested by Lubomir Sedlacik
security update for bzip2

Revisions pulled up:
- pkgsrc/archivers/bzip2/PLIST			1.3
- pkgsrc/archivers/bzip2/Makefile		1.39
- pkgsrc/archivers/bzip2/buildlink3.mk		1.17
- pkgsrc/archivers/bzip2/distinfo		1.12
- pkgsrc/archivers/bzip2/patches/patch-aa	1.11

    Module Name:    pkgsrc
    Committed By:   rillig
    Date:           Mon May 23 06:49:29 UTC 2005

    Modified Files:
            pkgsrc/archivers/bzip2: PLIST

    Log Message:
    Sorted PLIST entries to make pkglint happy.
    ----
    Module Name:    pkgsrc
    Committed By:   salo
    Date:           Thu May 26 15:03:11 UTC 2005

    Modified Files:
            pkgsrc/archivers/bzip2: Makefile buildlink3.mk distinfo
            pkgsrc/archivers/bzip2/patches: patch-aa

    Log Message:
    Security update to version 1.0.3

    - Further robustification against corrupted compressed data.
        There are currently no known bitstreams which can cause the
      decompressor to crash, loop or access memory which does not
      belong to it.  If you are using bzip2 or the library to
      decompress bitstreams from untrusted sources, an upgrade
      to 1.0.3 is recommended.

      http://scary.beasts.org/security/CESA-2005-002.txt

    - The documentation has been converted to XML, from which html
        and pdf can be derived.

    - Various minor bugs in the documentation have been fixed.

    - Fixes for various compilation warnings with newer versions of
        gcc, and on 64-bit platforms.

    - The BZ_NO_STDIO cpp symbol was not properly observed in 1.0.2.
        This has been fixed.


To generate a diff of this commit:
cvs rdiff -r1.37 -r1.37.4.1 pkgsrc/archivers/bzip2/Makefile
cvs rdiff -r1.2 -r1.2.4.1 pkgsrc/archivers/bzip2/PLIST
cvs rdiff -r1.16 -r1.16.4.1 pkgsrc/archivers/bzip2/buildlink3.mk
cvs rdiff -r1.11 -r1.11.2.1 pkgsrc/archivers/bzip2/distinfo
cvs rdiff -r1.10 -r1.10.8.1 pkgsrc/archivers/bzip2/patches/patch-aa

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.