pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2005Q1]: pkgsrc/devel/cvs Pullup ticket 464 - requested by Tho...
details: https://anonhg.NetBSD.org/pkgsrc/rev/3d5e676e754d
branches: pkgsrc-2005Q1
changeset: 490988:3d5e676e754d
user: salo <salo%pkgsrc.org@localhost>
date: Fri Apr 22 14:39:14 2005 +0000
description:
Pullup ticket 464 - requested by Thomas Klausner
security update for cvs
Revisions pulled up:
- pkgsrc/devel/cvs/Makefile 1.84
- pkgsrc/devel/cvs/distinfo 1.26
- pkgsrc/devel/cvs/patches/patch-ab 1.15
- pkgsrc/devel/cvs/patches/patch-ae 1.10
- pkgsrc/devel/cvs/patches/patch-af 1.12
- pkgsrc/devel/cvs/patches/patch-ag 1.6
- pkgsrc/devel/cvs/patches/patch-ai 1.9
- pkgsrc/devel/cvs/patches/patch-al 1.11
- pkgsrc/devel/cvs/patches/patch-ar 1.16
- pkgsrc/devel/cvs/patches/patch-as 1.8
- pkgsrc/devel/cvs/patches/patch-az 1.9
Module Name: pkgsrc
Committed By: wiz
Date: Tue Apr 19 12:39:18 UTC 2005
Modified Files:
pkgsrc/devel/cvs: Makefile distinfo
pkgsrc/devel/cvs/patches: patch-ab patch-ae patch-af patch-ag
patch-ai patch-al patch-ar patch-as patch-az
Log Message:
Update to 1.11.20.
NOTE: currently without IPv6 support, until there is an updated KAME
patch for it.
Changes:
Changes since 1.11.19:
**********************
SERVER SECURITY FIXES
* Thanks to a report from Alen Zukich, several minor security issues
have been addressed. One was a buffer overflow that is potentially
serious but which may not be exploitable, assigned CAN-2005-0753 by
the Common Vulnerabilities and Exposures Project
<http://www.cve.mitre.org>. Other fixes resulting from Alen's report
include repair of an arbitrary free with no known exploit and several
plugged memory leaks and potentially freed NULL pointers which may
have been exploitable for a denial of service attack.
* Thanks to a report from Craig Monson, minor potential
vulnerabilities in the contributed Perl scripts have been fixed.
The confirmed vulnerability could allow the execution of arbitrary
code on the CVS server, but only if a user already had commit access
and if one of the contrib scripts was installed improperly,
a condition which should have been quickly visible to any
administrator. The complete description of the problem is here:
<https://ccvs.cvshome.org/issues/show_bug.cgi?id=224>. If you were
making use of any of the contributed trigger scripts on a CVS server,
you should probably still replace them with the new versions, to be
on the safe side.
Unfortunately, our fix is incomplete. Taint-checking has been
enabled in all the contributed Perl scripts intended to be run as
trigger scripts, but no attempt has been made to ensure that they
still run in taint mode. You will most likely have to tweak the
scripts in some way to make them run. Please send any patches you
find necessary back to <bug-cvs%gnu.org@localhost> so that we may again ship
fully enabled scripts in the future.
You should also make sure that any home-grown Perl scripts that you
might have installed as CVS triggers also have taint-checking enabled.
This can be done by adding `-T' on the scripts' #! lines. Please try
running `perldoc perlsec' if you would like more information on
general Perl security and taint-checking.
BUG FIXES
* Thanks to a report and a patch from Georg Scwharz
CVS now builds without error on IRIX 5.3
DEVELOPER ISSUES
* We've standardized on Automake 1.9.5 to get some at new features
that make our jobs easier. See the HACKING file for more on using
the autotools with CVS.
diffstat:
devel/cvs/Makefile | 12 ++++++------
devel/cvs/distinfo | 26 +++++++++++++-------------
devel/cvs/patches/patch-ab | 6 +++---
devel/cvs/patches/patch-ae | 16 ++++++++--------
devel/cvs/patches/patch-af | 6 +++---
devel/cvs/patches/patch-ag | 17 +++++++++--------
devel/cvs/patches/patch-ai | 6 +++---
devel/cvs/patches/patch-al | 6 +++---
devel/cvs/patches/patch-ar | 14 +++++++-------
devel/cvs/patches/patch-as | 6 +++---
devel/cvs/patches/patch-az | 8 ++++----
11 files changed, 62 insertions(+), 61 deletions(-)
diffs (truncated from 318 to 300 lines):
diff -r ebb6f406a934 -r 3d5e676e754d devel/cvs/Makefile
--- a/devel/cvs/Makefile Fri Apr 22 14:18:14 2005 +0000
+++ b/devel/cvs/Makefile Fri Apr 22 14:39:14 2005 +0000
@@ -1,12 +1,11 @@
-# $NetBSD: Makefile,v 1.82 2005/03/01 15:36:48 wiz Exp $
+# $NetBSD: Makefile,v 1.82.2.1 2005/04/22 14:39:14 salo Exp $
#
-DISTNAME= cvs-1.11.19
+DISTNAME= cvs-1.11.20
CATEGORIES= devel
# (SSL) download URL according to http://www.cvshome.org/ is
-# https://ccvs.cvshome.org/files/documents/19/742/cvs-1.11.19.tar.bz2
-MASTER_SITES= http://distro.ibiblio.org/pub/linux/distributions/sorcerer/sources/cvs/1.11.19/ \
- ${MASTER_SITE_BACKUP}
+# https://ccvs.cvshome.org/files/documents/19/861/cvs-1.11.20.tar.bz2
+MASTER_SITES= ${MASTER_SITE_BACKUP}
EXTRACT_SUFX= .tar.bz2
MAINTAINER= wiz%NetBSD.org@localhost
@@ -25,7 +24,8 @@
.if defined(USE_INET6) && !empty(USE_INET6:M[yY][eE][sS]) && \
empty(MACHINE_PLATFORM:MSunOS-5.[89]-*) && \
empty(MACHINE_PLATFORM:MSunOS-5.10-*) && \
- empty(MACHINE_PLATFORM:MLinux-*)
+ empty(MACHINE_PLATFORM:MLinux-*) && \
+ defined(NOT_YET_AVAILABLE_FOR_CVS_1_11_20)
CONFIGURE_ARGS+= --enable-ipv6
PATCH_SITES= ftp://ftp.kame.net/pub/kame/misc/
PATCHFILES= cvs-1.11.19-v6-20050205.diff.gz
diff -r ebb6f406a934 -r 3d5e676e754d devel/cvs/distinfo
--- a/devel/cvs/distinfo Fri Apr 22 14:18:14 2005 +0000
+++ b/devel/cvs/distinfo Fri Apr 22 14:39:14 2005 +0000
@@ -1,31 +1,31 @@
-$NetBSD: distinfo,v 1.25 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: distinfo,v 1.25.2.1 2005/04/22 14:39:14 salo Exp $
-SHA1 (cvs-1.11.19.tar.bz2) = 0d5e93a4380d02d4b6b41259b538c05d04d9d633
-RMD160 (cvs-1.11.19.tar.bz2) = 3a499e4dd32e4302e61e282ede48598bab0997fa
-Size (cvs-1.11.19.tar.bz2) = 2392762 bytes
+SHA1 (cvs-1.11.20.tar.bz2) = 47f51a96b5a73e18c96f431f3c494735aa9c0236
+RMD160 (cvs-1.11.20.tar.bz2) = 4f926d661b35dc1bafb5ee5f98487289a907d34d
+Size (cvs-1.11.20.tar.bz2) = 2414744 bytes
SHA1 (cvs-1.11.19-v6-20050205.diff.gz) = 5cd1519d99c8a6bc124fd5e4daaf5202cde87f07
RMD160 (cvs-1.11.19-v6-20050205.diff.gz) = a6c304badf71464798311f121f3eb2df50501c2f
Size (cvs-1.11.19-v6-20050205.diff.gz) = 13004 bytes
SHA1 (patch-aa) = 57bcc59a51d44f436d2f79a0752e44e317589650
-SHA1 (patch-ab) = 4a539ac6e37e3dc48ab0c427487806e2f3ff78ae
+SHA1 (patch-ab) = 3c5ff65e7a087b2e73e933366aae99b6b5549371
SHA1 (patch-ac) = 4da02fe019da9721afe6f9af0cd1db44214b575e
SHA1 (patch-ad) = da297e6f5f1a8ad4cf0c47f7b57f6bbb860ea64c
-SHA1 (patch-ae) = 2fcd5c228c0e18a2ea54f0bcee29e200193544c0
-SHA1 (patch-af) = af7e1f8dba74b40129d623b096ddf5a6c5dbefb4
-SHA1 (patch-ag) = e5c273fb784c5e340cbdf7ff182a6ae09c93dc4f
+SHA1 (patch-ae) = 3c9083c3d6532505efc530845feaee70158569b5
+SHA1 (patch-af) = 2f809d054c0b215a6668eda3b18e3ea2c5dfab27
+SHA1 (patch-ag) = 5dd358a7dbf5db402d3e56faf49e8748afdd05f2
SHA1 (patch-ah) = 47b9f55979ed65844efe22fb614b105ae247408d
-SHA1 (patch-ai) = ef52993cef430675f3efd09ae37cee522fd93369
+SHA1 (patch-ai) = d51b3f1429e73156cbfb7e0480a34ac6ce7a208d
SHA1 (patch-ak) = dc51b6899005cbfdbad1876060c7ef53cce3156f
-SHA1 (patch-al) = 7f223fd872f96788af499743f07e49d45d64715f
+SHA1 (patch-al) = 3f20d43ed1423ae6e811d9ec2d35af4932e84b41
SHA1 (patch-am) = a2a83f3a3788a99f008372f5a8d7ee9a3a6dbf72
SHA1 (patch-an) = 5fda0f44ff5ee165f18cedd43c6adf97a51e6398
SHA1 (patch-ao) = e19a61b0ccb0e71491fb53d553f03d85135ef5c6
SHA1 (patch-ap) = 9aa44fc82540f86aefa14c47f1d2632377a0471f
SHA1 (patch-aq) = bc828ae6c5eff55e7952752cb50317e268dcdd7b
-SHA1 (patch-ar) = 4c47f223205de1b6afd3858e4161f99550e1d099
-SHA1 (patch-as) = 35e59c65a544cdd8bd8c6808fdf3410c590dd827
+SHA1 (patch-ar) = 89c787d8725c6dc4a91268138749a2ec0ec255b1
+SHA1 (patch-as) = 095bab2722f1885db6c6d9e6f599e07444077c15
SHA1 (patch-at) = 1cbed8c43bda54a851a7ff1b85e78a224cbeeca2
SHA1 (patch-au) = ba788685ee842d07ac866183185e257ce2dcf749
SHA1 (patch-av) = d381dbf50a59d78e0a4bf8fff09b2570988d5647
SHA1 (patch-ay) = 7a0ee5bf1707afeaeb9092ce3faf7fc594044a2b
-SHA1 (patch-az) = e732ec022131d3ca23f7193625e4e2f305600fa9
+SHA1 (patch-az) = 4b773728b228af6c69d4e10cf59f1677feaa54ea
diff -r ebb6f406a934 -r 3d5e676e754d devel/cvs/patches/patch-ab
--- a/devel/cvs/patches/patch-ab Fri Apr 22 14:18:14 2005 +0000
+++ b/devel/cvs/patches/patch-ab Fri Apr 22 14:39:14 2005 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-ab,v 1.14 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-ab,v 1.14.2.1 2005/04/22 14:39:14 salo Exp $
---- doc/cvs.texinfo.orig 2005-01-31 23:25:55.000000000 +0100
+--- doc/cvs.texinfo.orig 2005-04-14 19:38:46.000000000 +0200
+++ doc/cvs.texinfo
-@@ -13504,6 +13504,11 @@ CPU intensive but is not recommended for
+@@ -13548,6 +13548,11 @@ CPU intensive but is not recommended for
@xref{verifymsg}, for more information on how verifymsg
may be used.
diff -r ebb6f406a934 -r 3d5e676e754d devel/cvs/patches/patch-ae
--- a/devel/cvs/patches/patch-ae Fri Apr 22 14:18:14 2005 +0000
+++ b/devel/cvs/patches/patch-ae Fri Apr 22 14:39:14 2005 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-ae,v 1.9 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-ae,v 1.9.2.1 2005/04/22 14:39:14 salo Exp $
---- src/rcs.c.orig 2005-01-31 23:15:08.000000000 +0100
+--- src/rcs.c.orig 2005-03-17 17:33:47.000000000 +0100
+++ src/rcs.c
-@@ -3498,7 +3498,7 @@ struct rcs_keyword
+@@ -3534,7 +3534,7 @@ struct rcs_keyword
size_t len;
};
#define KEYWORD_INIT(s) (s), sizeof (s) - 1
@@ -11,7 +11,7 @@
{
{ KEYWORD_INIT ("Author") },
{ KEYWORD_INIT ("Date") },
-@@ -3511,6 +3511,7 @@ static const struct rcs_keyword keywords
+@@ -3547,6 +3547,7 @@ static const struct rcs_keyword keywords
{ KEYWORD_INIT ("Revision") },
{ KEYWORD_INIT ("Source") },
{ KEYWORD_INIT ("State") },
@@ -19,7 +19,7 @@
{ NULL, 0 }
};
enum keyword
-@@ -3525,7 +3526,8 @@ enum keyword
+@@ -3561,7 +3562,8 @@ enum keyword
KEYWORD_RCSFILE,
KEYWORD_REVISION,
KEYWORD_SOURCE,
@@ -29,7 +29,7 @@
};
/* Convert an RCS date string into a readable string. This is like
-@@ -3662,6 +3664,11 @@ expand_keywords (rcs, ver, name, log, lo
+@@ -3698,6 +3700,11 @@ expand_keywords (rcs, ver, name, log, lo
return;
}
@@ -41,7 +41,7 @@
/* If we are using -kkvl, dig out the locker information if any. */
locker = NULL;
if (expand == KFLAG_KVL)
-@@ -3753,6 +3760,7 @@ expand_keywords (rcs, ver, name, log, lo
+@@ -3789,6 +3796,7 @@ expand_keywords (rcs, ver, name, log, lo
case KEYWORD_HEADER:
case KEYWORD_ID:
@@ -49,7 +49,7 @@
{
const char *path;
int free_path;
-@@ -4402,7 +4410,7 @@ RCS_checkout (rcs, workfile, rev, nameta
+@@ -4446,7 +4454,7 @@ RCS_checkout (rcs, workfile, rev, nameta
if (info != NULL)
{
/* If the size of `devtype' changes, fix the sscanf call also */
diff -r ebb6f406a934 -r 3d5e676e754d devel/cvs/patches/patch-af
--- a/devel/cvs/patches/patch-af Fri Apr 22 14:18:14 2005 +0000
+++ b/devel/cvs/patches/patch-af Fri Apr 22 14:39:14 2005 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-af,v 1.11 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-af,v 1.11.2.1 2005/04/22 14:39:14 salo Exp $
---- src/update.c.orig 2005-01-31 23:18:01.000000000 +0100
+--- src/update.c.orig 2005-03-16 23:01:21.000000000 +0100
+++ src/update.c
-@@ -1366,11 +1366,18 @@ VERS: ", 0);
+@@ -1368,11 +1368,18 @@ VERS: ", 0);
xchmod (finfo->file, 1);
else
{
diff -r ebb6f406a934 -r 3d5e676e754d devel/cvs/patches/patch-ag
--- a/devel/cvs/patches/patch-ag Fri Apr 22 14:18:14 2005 +0000
+++ b/devel/cvs/patches/patch-ag Fri Apr 22 14:39:14 2005 +0000
@@ -1,10 +1,10 @@
-$NetBSD: patch-ag,v 1.5 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-ag,v 1.5.2.1 2005/04/22 14:39:14 salo Exp $
---- lib/xtime.h.orig 2004-11-11 23:30:47.000000000 +0100
+--- lib/xtime.h.orig 2005-03-04 20:05:09.000000000 +0100
+++ lib/xtime.h
-@@ -12,6 +12,9 @@
- * functions
- */
+@@ -14,6 +14,9 @@
+ #ifndef XTIME_HEADER_INCLUDED
+ #define XTIME_HEADER_INCLUDED
+#ifndef _XTIME_H_
+#define _XTIME_H_
@@ -12,9 +12,10 @@
#ifdef vms
# include <time.h>
#else /* vms */
-@@ -55,3 +58,5 @@ extern long timezone;
- # endif /* !defined(HAVE_FTIME) && !defined(HAVE_TIMEZONE) */
+@@ -58,4 +61,6 @@ extern long timezone;
#endif /* !vms */
+
++#endif /* !_XTIME_H_ */
+
-+#endif /* !_XTIME_H_ */
+ #endif /* !XTIME_HEADER_INCLUDED */
diff -r ebb6f406a934 -r 3d5e676e754d devel/cvs/patches/patch-ai
--- a/devel/cvs/patches/patch-ai Fri Apr 22 14:18:14 2005 +0000
+++ b/devel/cvs/patches/patch-ai Fri Apr 22 14:39:14 2005 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-ai,v 1.8 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-ai,v 1.8.2.1 2005/04/22 14:39:14 salo Exp $
---- src/parseinfo.c.orig 2005-01-31 23:14:54.000000000 +0100
+--- src/parseinfo.c.orig 2005-03-16 23:01:21.000000000 +0100
+++ src/parseinfo.c
-@@ -355,6 +355,14 @@ parse_config (cvsroot)
+@@ -357,6 +357,14 @@ parse_config (cvsroot)
goto error_return;
}
}
diff -r ebb6f406a934 -r 3d5e676e754d devel/cvs/patches/patch-al
--- a/devel/cvs/patches/patch-al Fri Apr 22 14:18:14 2005 +0000
+++ b/devel/cvs/patches/patch-al Fri Apr 22 14:39:14 2005 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-al,v 1.10 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-al,v 1.10.2.1 2005/04/22 14:39:14 salo Exp $
---- src/client.c.orig 2004-11-18 16:45:30.000000000 +0100
+--- src/client.c.orig 2005-03-17 16:47:22.000000000 +0100
+++ src/client.c
-@@ -4519,6 +4519,16 @@ start_server ()
+@@ -4528,6 +4528,16 @@ start_server ()
error (1, 0,
"This server does not support the global -n option.");
}
diff -r ebb6f406a934 -r 3d5e676e754d devel/cvs/patches/patch-ar
--- a/devel/cvs/patches/patch-ar Fri Apr 22 14:18:14 2005 +0000
+++ b/devel/cvs/patches/patch-ar Fri Apr 22 14:39:14 2005 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-ar,v 1.15 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-ar,v 1.15.2.1 2005/04/22 14:39:14 salo Exp $
---- src/server.c.orig 2004-09-24 21:59:08.000000000 +0200
+--- src/server.c.orig 2005-03-16 20:16:01.000000000 +0100
+++ src/server.c
-@@ -773,6 +773,7 @@ E Protocol error: Root says \"%s\" but p
+@@ -780,6 +780,7 @@ E Protocol error: Root says \"%s\" but p
nothing. But for rsh, we need to do it now. */
parse_config (current_parsed_root->directory);
@@ -10,7 +10,7 @@
path = xmalloc (strlen (current_parsed_root->directory)
+ sizeof (CVSROOTADM)
+ 2);
-@@ -790,6 +791,7 @@ E Protocol error: Root says \"%s\" but p
+@@ -797,6 +798,7 @@ E Protocol error: Root says \"%s\" but p
pending_error = save_errno;
}
free (path);
@@ -18,7 +18,7 @@
#ifdef HAVE_PUTENV
env = xmalloc (strlen (CVSROOT_ENV) + strlen (current_parsed_root->directory) + 2);
-@@ -2268,8 +2270,12 @@ serve_global_option (arg)
+@@ -2276,8 +2278,12 @@ serve_global_option (arg)
break;
case 'n':
noexec = 1;
@@ -31,7 +31,7 @@
case 'q':
quiet = 1;
break;
-@@ -5293,6 +5299,7 @@ switch_to_user (cvs_username, username)
+@@ -5301,6 +5307,7 @@ switch_to_user (cvs_username, username)
const char *username;
{
struct passwd *pw;
@@ -39,7 +39,7 @@
pw = getpwnam (username);
if (pw == NULL)
-@@ -5371,7 +5378,15 @@ error 0 %s: no such system user\n", user
+@@ -5379,7 +5386,15 @@ error 0 %s: no such system user\n", user
}
}
diff -r ebb6f406a934 -r 3d5e676e754d devel/cvs/patches/patch-as
--- a/devel/cvs/patches/patch-as Fri Apr 22 14:18:14 2005 +0000
+++ b/devel/cvs/patches/patch-as Fri Apr 22 14:39:14 2005 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-as,v 1.7 2005/03/01 15:36:48 wiz Exp $
+$NetBSD: patch-as,v 1.7.2.1 2005/04/22 14:39:14 salo Exp $
---- src/tag.c.orig 2005-01-31 23:17:45.000000000 +0100
+--- src/tag.c.orig 2005-03-16 20:16:01.000000000 +0100
+++ src/tag.c
-@@ -1300,7 +1300,7 @@ Numeric tag %s contains characters other
+@@ -1301,7 +1301,7 @@ Numeric tag %s contains characters other
/* The tags is valid but not mentioned in val-tags. Add it. */
datum value;
diff -r ebb6f406a934 -r 3d5e676e754d devel/cvs/patches/patch-az
--- a/devel/cvs/patches/patch-az Fri Apr 22 14:18:14 2005 +0000
+++ b/devel/cvs/patches/patch-az Fri Apr 22 14:39:14 2005 +0000
Home |
Main Index |
Thread Index |
Old Index