pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2004Q3]: pkgsrc/doc Security Pullup - requested by Grant Beatt...
details: https://anonhg.NetBSD.org/pkgsrc/rev/986f63b85ccc
branches: pkgsrc-2004Q3
changeset: 480727:986f63b85ccc
user: agc <agc%pkgsrc.org@localhost>
date: Tue Nov 02 10:33:50 2004 +0000
description:
Security Pullup - requested by Grant Beattie and Havard Eidnes
security fix for cabextract
Module Name: pkgsrc
Committed By: wiz
Date: Thu Oct 28 10:35:56 UTC 2004
Modified Files:
pkgsrc/archivers/cabextract: Makefile distinfo
Added Files:
pkgsrc/archivers/cabextract/patches: patch-aa
Log Message:
Update to 1.1:
* A security vulnerability has been fixed. If the files within a
cabinet file include "../" in their filenames, this will be
changed to "xx/", so cabinets cannot access the parent directory
of where you want to extract them.
* cabextract should now compile cleanly on AIX and Cygwin.
----
Module Name: pkgsrc
Committed By: tv
Date: Fri Oct 29 14:31:27 UTC 2004
Modified Files:
pkgsrc/archivers/cabextract: distinfo
Added Files:
pkgsrc/archivers/cabextract/patches: patch-ab
Log Message:
Make build on Interix (and possibly AIX). mempcpy() is not actually used
anywhere, yet configure.ac declared an AC_REPLACE_FUNCS() for it. Rip out
the offending code from configure until it is rebuilt at the source.
(Patch to remove the AC_REPLACE_FUNCS submitted to author.)
diffstat:
archivers/cabextract/Makefile | 6 +++---
archivers/cabextract/distinfo | 8 +++++---
archivers/cabextract/patches/patch-aa | 19 +++++++++++++++++++
archivers/cabextract/patches/patch-ab | 22 ++++++++++++++++++++++
doc/CHANGES-pkgsrc-2004Q3 | 4 +++-
5 files changed, 52 insertions(+), 7 deletions(-)
diffs (97 lines):
diff -r 048f7ae20e5f -r 986f63b85ccc archivers/cabextract/Makefile
--- a/archivers/cabextract/Makefile Tue Oct 26 11:25:05 2004 +0000
+++ b/archivers/cabextract/Makefile Tue Nov 02 10:33:50 2004 +0000
@@ -1,12 +1,12 @@
-# $NetBSD: Makefile,v 1.11 2004/04/22 23:26:05 minskim Exp $
+# $NetBSD: Makefile,v 1.11.4.1 2004/11/02 10:33:50 agc Exp $
#
-DISTNAME= cabextract-1.0
+DISTNAME= cabextract-1.1
CATEGORIES= archivers
MASTER_SITES= http://www.kyz.uklinux.net/downloads/
MAINTAINER= ben%NetBSD.org@localhost
-HOMEPAGE= http://www.kyz.uklinux.net/cabextract.php3
+HOMEPAGE= http://www.kyz.uklinux.net/cabextract.php
COMMENT= Microsoft cabinet (.CAB) file extractor
PKG_INSTALLATION_TYPES= overwrite pkgviews
diff -r 048f7ae20e5f -r 986f63b85ccc archivers/cabextract/distinfo
--- a/archivers/cabextract/distinfo Tue Oct 26 11:25:05 2004 +0000
+++ b/archivers/cabextract/distinfo Tue Nov 02 10:33:50 2004 +0000
@@ -1,4 +1,6 @@
-$NetBSD: distinfo,v 1.5 2004/03/10 23:05:43 ben Exp $
+$NetBSD: distinfo,v 1.5.6.1 2004/11/02 10:33:50 agc Exp $
-SHA1 (cabextract-1.0.tar.gz) = 789f2401fc62876a55cd9c9928fbe31589982b72
-Size (cabextract-1.0.tar.gz) = 189625 bytes
+SHA1 (cabextract-1.1.tar.gz) = 359c8f4ec9c62d9dac5d572269b607b2cae4fbf7
+Size (cabextract-1.1.tar.gz) = 187495 bytes
+SHA1 (patch-aa) = 4d36b50b1ca2dfd6f317dd0bcbc23523e1da70f2
+SHA1 (patch-ab) = 87d0089ebc1589c805b67d44675c78f1cc4ffc3b
diff -r 048f7ae20e5f -r 986f63b85ccc archivers/cabextract/patches/patch-aa
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/archivers/cabextract/patches/patch-aa Tue Nov 02 10:33:50 2004 +0000
@@ -0,0 +1,19 @@
+$NetBSD: patch-aa,v 1.4.6.1 2004/11/02 10:33:50 agc Exp $
+
+--- mempcpy.c.orig 2004-07-16 16:07:01.000000000 +0200
++++ mempcpy.c
+@@ -29,7 +29,13 @@ Copies @var{length} bytes from memory re
+
+ */
+
+-#include <ansidecl.h>
++#include <string.h>
++#ifndef PTR
++#define PTR void*
++#endif
++#ifndef PARAMS
++#define PARAMS(x) x
++#endif
+ #ifdef ANSI_PROTOTYPES
+ #include <stddef.h>
+ #else
diff -r 048f7ae20e5f -r 986f63b85ccc archivers/cabextract/patches/patch-ab
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/archivers/cabextract/patches/patch-ab Tue Nov 02 10:33:50 2004 +0000
@@ -0,0 +1,22 @@
+$NetBSD: patch-ab,v 1.1.2.2 2004/11/02 10:33:50 agc Exp $
+
+--- configure.orig Fri Oct 29 09:40:19 2004
++++ configure
+@@ -6608,7 +6608,7 @@ fi
+
+
+
+-
++if false; then
+ for ac_func in mempcpy
+ do
+ as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+@@ -6717,7 +6717,7 @@ esac
+
+ fi
+ done
+-
++fi
+
+
+ ac_config_files="$ac_config_files Makefile cabextract.spec"
diff -r 048f7ae20e5f -r 986f63b85ccc doc/CHANGES-pkgsrc-2004Q3
--- a/doc/CHANGES-pkgsrc-2004Q3 Tue Oct 26 11:25:05 2004 +0000
+++ b/doc/CHANGES-pkgsrc-2004Q3 Tue Nov 02 10:33:50 2004 +0000
@@ -1,4 +1,4 @@
-$NetBSD: CHANGES-pkgsrc-2004Q3,v 1.1.2.13 2004/10/26 11:25:05 agc Exp $
+$NetBSD: CHANGES-pkgsrc-2004Q3,v 1.1.2.14 2004/11/02 10:33:50 agc Exp $
Changes to the packages collection and infrastructure on the
pkgsrc-2004Q3 branch:
@@ -29,4 +29,6 @@
security fix for firefox
Security Pullup - requested by Adrian Portelli
security fix for socat
+Security Pullup - requested by Grant Beattie and Havard Eidnes
+security fix for cabextract
Home |
Main Index |
Thread Index |
Old Index