pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/archivers/bzip2 Security update to version 1.0.3



details:   https://anonhg.NetBSD.org/pkgsrc/rev/0efc0941328d
branches:  trunk
changeset: 494632:0efc0941328d
user:      salo <salo%pkgsrc.org@localhost>
date:      Thu May 26 15:03:11 2005 +0000

description:
Security update to version 1.0.3

- Further robustification against corrupted compressed data.
  There are currently no known bitstreams which can cause the
  decompressor to crash, loop or access memory which does not
  belong to it.  If you are using bzip2 or the library to
  decompress bitstreams from untrusted sources, an upgrade
  to 1.0.3 is recommended.

  http://scary.beasts.org/security/CESA-2005-002.txt

- The documentation has been converted to XML, from which html
  and pdf can be derived.

- Various minor bugs in the documentation have been fixed.

- Fixes for various compilation warnings with newer versions of
  gcc, and on 64-bit platforms.

- The BZ_NO_STDIO cpp symbol was not properly observed in 1.0.2.
  This has been fixed.

diffstat:

 archivers/bzip2/Makefile         |   9 ++++-----
 archivers/bzip2/buildlink3.mk    |   4 ++--
 archivers/bzip2/distinfo         |  10 +++++-----
 archivers/bzip2/patches/patch-aa |  24 +++++++++++++-----------
 4 files changed, 24 insertions(+), 23 deletions(-)

diffs (105 lines):

diff -r 37f46036a85d -r 0efc0941328d archivers/bzip2/Makefile
--- a/archivers/bzip2/Makefile  Thu May 26 15:00:29 2005 +0000
+++ b/archivers/bzip2/Makefile  Thu May 26 15:03:11 2005 +0000
@@ -1,13 +1,12 @@
-# $NetBSD: Makefile,v 1.38 2005/04/11 21:44:48 tv Exp $
+# $NetBSD: Makefile,v 1.39 2005/05/26 15:03:11 salo Exp $
 #
 
-DISTNAME=      bzip2-1.0.2
-PKGREVISION=   2
+DISTNAME=      bzip2-1.0.3
 CATEGORIES=    archivers
-MASTER_SITES=  ftp://sources.redhat.com/pub/bzip2/v102/
+MASTER_SITES=  http://www.bzip.org/1.0.3/
 
 MAINTAINER=    tech-pkg%NetBSD.org@localhost
-HOMEPAGE=      http://sources.redhat.com/bzip2/
+HOMEPAGE=      http://www.bzip.org/
 COMMENT=       Block-sorting file compressor
 
 PKG_INSTALLATION_TYPES=        overwrite pkgviews
diff -r 37f46036a85d -r 0efc0941328d archivers/bzip2/buildlink3.mk
--- a/archivers/bzip2/buildlink3.mk     Thu May 26 15:00:29 2005 +0000
+++ b/archivers/bzip2/buildlink3.mk     Thu May 26 15:03:11 2005 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.16 2004/10/03 00:13:04 tv Exp $
+# $NetBSD: buildlink3.mk,v 1.17 2005/05/26 15:03:11 salo Exp $
 
 BUILDLINK_DEPTH:=      ${BUILDLINK_DEPTH}+
 BZIP2_BUILDLINK3_MK:=  ${BZIP2_BUILDLINK3_MK}+
@@ -13,7 +13,7 @@
 .if !empty(BZIP2_BUILDLINK3_MK:M+)
 BUILDLINK_DEPENDS.bzip2+=      bzip2>=1.0.1
 BUILDLINK_PKGSRCDIR.bzip2?=    ../../archivers/bzip2
-BUILDLINK_RECOMMENDED.bzip2+=  bzip2>=1.0.2nb2
+BUILDLINK_RECOMMENDED.bzip2+=  bzip2>=1.0.3
 .endif # BZIP2_BUILDLINK3_MK
 
 BUILDLINK_DEPTH:=      ${BUILDLINK_DEPTH:S/+$//}
diff -r 37f46036a85d -r 0efc0941328d archivers/bzip2/distinfo
--- a/archivers/bzip2/distinfo  Thu May 26 15:00:29 2005 +0000
+++ b/archivers/bzip2/distinfo  Thu May 26 15:03:11 2005 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.11 2005/02/23 14:45:22 agc Exp $
+$NetBSD: distinfo,v 1.12 2005/05/26 15:03:11 salo Exp $
 
-SHA1 (bzip2-1.0.2.tar.gz) = d47793959c0d65a4d7246e0247ed1358662d9ebf
-RMD160 (bzip2-1.0.2.tar.gz) = 3926130e9ce78e37e3c518878f13a8d39e6fa5dc
-Size (bzip2-1.0.2.tar.gz) = 665198 bytes
-SHA1 (patch-aa) = 53c56d73f4d88c953cfa5cab1d839f0ddd3cc0bc
+SHA1 (bzip2-1.0.3.tar.gz) = 7e749510f65c86fbfff37b97144a02f1b8b8617f
+RMD160 (bzip2-1.0.3.tar.gz) = 7ac2a122c254d1fcd54ca8af96a1814e9e245a1a
+Size (bzip2-1.0.3.tar.gz) = 669075 bytes
+SHA1 (patch-aa) = 10a727166e8c0a7bcf695e79a224a4f9c6534ba9
diff -r 37f46036a85d -r 0efc0941328d archivers/bzip2/patches/patch-aa
--- a/archivers/bzip2/patches/patch-aa  Thu May 26 15:00:29 2005 +0000
+++ b/archivers/bzip2/patches/patch-aa  Thu May 26 15:03:11 2005 +0000
@@ -1,21 +1,23 @@
-$NetBSD: patch-aa,v 1.10 2004/03/29 01:18:41 tv Exp $
+$NetBSD: patch-aa,v 1.11 2005/05/26 15:03:11 salo Exp $
 
---- Makefile.orig      Fri Jan 25 18:34:53 2002
-+++ Makefile   Mon Mar 15 11:42:02 2004
-@@ -2,43 +2,35 @@
+--- Makefile.orig      2005-02-17 12:28:24.000000000 +0100
++++ Makefile   2005-05-26 16:53:13.000000000 +0200
+@@ -2,42 +2,35 @@
  SHELL=/bin/sh
  
  # To assist in cross-compiling
 -CC=gcc
+-AR=ar
+-RANLIB=ranlib
+-LDFLAGS=
 +CC=${LIBTOOL} --mode=compile ${REALCC}
 +LD=${LIBTOOL} --mode=link ${REALCC}
- AR=ar
- RANLIB=ranlib
--LDFLAGS=
++#AR=ar
++#RANLIB=ranlib
++#LDFLAGS=
  
- # Suitably paranoid flags to avoid bugs in gcc-2.7
  BIGFILES=-D_FILE_OFFSET_BITS=64
--CFLAGS=-Wall -Winline -O2 -fomit-frame-pointer -fno-strength-reduce $(BIGFILES)
+-CFLAGS=-Wall -Winline -O -g $(BIGFILES)
 +CFLAGS+=$(BIGFILES)
  
 -# Where you want it installed when you do 'make install'
@@ -59,12 +61,12 @@
 -      fi
 +libbz2.la: $(OBJS)
 +      rm -f libbz2.la
-+      $(LD) $(LDFLAGS) -o libbz2.la $(OBJS) -version-info 0:0  \
++      $(LD) $(LDFLAGS) -o libbz2.la $(OBJS) -version-info 0:0 \
 +              -rpath $(PREFIX)/lib
  
  check: test
  test: bzip2
-@@ -102,20 +94,20 @@
+@@ -100,20 +93,20 @@
        sample1.rb2 sample2.rb2 sample3.rb2 \
        sample1.tst sample2.tst sample3.tst
  



Home | Main Index | Thread Index | Old Index