Subject: CVS commit: [pkgsrc-2004Q1] pkgsrc/www/neon
To: None <pkgsrc-changes@NetBSD.org>
From: Alistair G. Crooks <agc@netbsd.org>
List: pkgsrc-changes
Date: 04/27/2004 08:50:25
Module Name: pkgsrc
Committed By: agc
Date: Tue Apr 27 08:50:25 UTC 2004
Modified Files:
pkgsrc/www/neon [pkgsrc-2004Q1]: Makefile PLIST distinfo
Log Message:
Pull up a security fix to the pkgsrc-2004Q1 branch.
Requested by xtraeme in ticket pkgsrc-24.
"Update neon to 0.24.5
Changes in release 0.24.5:
* SECURITY (CVE CAN-2004-0179): Fix format string vulnerabilities in
XML/207 response handling, reported by greuff@void.at.
* Performance fix: avoid seeding the SSL PRNG if not creating an SSL socket.
* ne_ssl_readable_dname() is now defined to return UTF-8 strings.
* Fix case where gssapi/gssapi_generic.h was included but not present.
* Fix ne_utils.c build on platforms where zlib does "#define const".
* Fix use of ne_proppatch_operation with some C++ compilers.
* Update libtool for fix to --enable-shared on Darwin.
* BeOS: check for gethostbyname in -lbind (David Reid)."
To generate a diff of this commit:
cvs rdiff -r1.23 -r1.23.2.1 pkgsrc/www/neon/Makefile
cvs rdiff -r1.10 -r1.10.2.1 pkgsrc/www/neon/PLIST pkgsrc/www/neon/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.