Ports that build out of source now simply can use "USES=cmake"
instead of "USES=cmake:outsource". Ports that fail to build
out of source now need to specify "USES=cmake:insource".
I tried to only set insource where explictely needed.
PR: 232038
Exp-run by: antoine
Upstream has switched to CMake, so follow suit here (and explicitly disable
crypto backends other than OpenSSL for AES support).
The port also depends on Perl for testing, so add the missing dependency.
Based on an initial patch by danfe@.
Submitted by: danfe (initial version)
It includes the fix for CVE-2017-14107 (landed separately in r450768) as well
as a fix for CVE-2017-12858, which did not affect us due to the fact that the
vulnerability was introduced in 1.2.0.
libzip.so's SOVERSION got bumped after the removal of the undocumented function
zip_archive_set_tempdir(). All ports depending on libzip continue to build fine
after that.
PR: 222638
Submitted by: Dani <i.dani@outlook.com>
This is a minor security vulnerability that can lead to a denial of service
issue in libzip when a specially crafted archive is used.
PR: 222638
Security: b2952517-07e5-4d19-8850-21c5b7e0623f
Security: CVE-2017-14107
locale set by the user. Add LANG=C and LC_ALL=C at the beginning of
bsd.port.mk and export them so all commands are executed with the C locale.
LC_ALL=C overrides all other LC_* variables. LANG is used by setlocale(3)
as default value for LC_* variables, so normally it isn't used when LC_ALL
is set, but there's code out there that looks at LANG directly so it's safer
to set it as well. The only commands not captured by this are !=
assignments before any inclusion of bsd.port.*mk.
Introduce USE_LOCALE=<locale> that adds LANG=<locale> and LC_ALL=<locale> to
CONFIGURE_ENV and MAKE_ENV so upstream build systems can be executed with a
different locale (e.g. USE_LOCALE=en_US.UTF-8).
PR: 215882
Exp-run by: antoine
Approved by: portmgr (antoine)
See "Maintainer Reset" in
https://www.freebsd.org/portmgr/policies_contributors.html. makc's last commit
was in March 31st (r412218), and his ports have been timing out since at least
July (r418155).
I also emailed him 2 weeks ago and have received no response so far.
2016-02-07: Released libzip 1.1.1
- Build fixes for Linux
- Fix some warnings reported by PVS-Studio
2016-01-28: Released libzip 1.1
- ziptool(1): command line tool to modify zip archives
- Speedups for archives with many entries
- Coverity fixes
- Better APK support
- Support for running tests on Windows
- More build fixes for Windows
- Portability fixes
- Documentation improvements
PR: 207250
Approved by: makc (maintainer)
- Move MANx records to a separate makefile
- switch to xz compressed tarball
- Convert to USES, remove needless pkgconfig dependency
PR: based on ports/180454 [1]
Submitted by: Oleg Ginzburg <olevole at olevole.ru>
libzip is a C library for reading, creating, and modifying zip archives. Files
can be added from data buffers, files, or compressed data copied directly from
other zip archives. Changes made without closing the archive can be reverted.
The API is documented by man pages.
WWW: http://www.nih.at/libzip/
PR: ports/94710
Submitted by: Alexander Zhuravlev <zaa@ulstu.ru>
