Using any locale with UTF-8 encoding leads to an endless loop
if after a quote a tabluator completion is tried.
Update the bzip2 RPM (description from the INDEX file provided by Novell):
bzip2 could crash or run into an enless loop when decompressing
certain specially crafted archives. This problem has been fixed.
(CAN-2005-1260)
An advisory is at
<url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1260>.
Update the coreutils RPM (description from the INDEX file provided by Novell):
Fix a bug in the cp and mv utilities that cause them to terminate
with a segmentation fault when copying extended attributes fails.
Update the libacl RPM (description from the INDEX file provided by Novell):
When specifying multiple files, the X pseudo permission was handled
wrong. (X evaluates to x if any acl entry contains x, and - otherwise.)
Update the ncurses RPM (description from the INDEX file provided by Novell):
Make resizing of the terminal work even with threaded curses programs
Update the zlib RPM:
The previous zlib update for CAN-2005-2096 fixed a flaw in zlib that
could allow a carefully crafted compressed stream to crash an
application. While the original patch corrected the reported
overflow, Markus Oberhumer discovered additional ways a stream could
trigger an overflow. This update fixes those problems as well.
This issue is tracked by the Mitre CVE ID CAN-2005-1849.
Since only zlib 1.2.x is affected, older SUSE products are not
affected by this problem.
--<url:http://www.novell.com/linux/security/advisories/2005_43_zlib.html>
Add linux_base-8, linux_base-suse-9.2 and linux_base-suse-9.3 to CONFLICTS.
Remove quotes from RESTRICTED line (portlint).
Remove deprecation.
Increment PORTREVISION to 2.
PR: 102707
PR.
Thanks for contributing.
Since the acroread7 port is a somewhat important port for our users, I
will hand it over to emulation@ if no _active_ *committer* takes it
before the ports freeze.
While I'm here:
- fix a little nit in the csound port (I think the intention was to
create no backup file instead of creating one with a "-e" extension)
- set ARCH to i386 in the amd64 case for the acroread7 port. This
is a work-around to be able to install everything when a dependency
is not already installed (ARCH is read-only in sub-makes, so the
dependencies can't change it). This should be removed when the
dependencies are fixed or converted to use bsd.linux-rpm.mk. [1]
Not objected to by: portmgr (explicit: krion; silence: rest)
Maintainer timeout: ~4 months
Submitted by: Sangwoo Shim <sangwoos@gmail.com> [1]
PR: 87985 [1]
I think it's a bug that linux_base thinks it conflicts with itself.
--petef
The problem occurs if you do
make install; make install FORCE_PKG_REGISTER=yes
which is somewhat supported, although [seldom] (never?) used.
--eik
Also record conflicts with cle_base.
that states that the software is based in part of [sic] the
work of the FreeType Team, in the distribution documentation.
We also encourage you to put an URL to the FreeType web
page in your documentation, though this isn't mandatory.
-- <URL:http://cvs.freetype.org/cgi-bin/viewcvs.cgi/~checkout~/freetype2/docs/
FTL.txt?rev=1.7>
by programs such as mv (used in installation); remove librpm404 and
rpm404-python which are unused. Make rpm an EXTRACT_DEPENDS rather
than BUILD_DEPENDS, based on Phil Pennock's suggestion for the
sgifonts port.
Submitted by: Frank Reppin (adding libattr and libacl)
Installation of linux_base-7.1_2 fails when linprocfs is
mounted. Unmounting linprocfs before installing works
around the issue.
At Lars' suggestion, this script also mounts the linprocfs after
installation. I assume that if the user has a linprocfs entry in
/etc/fstab, the user wants it to be mounted. It also seemed like
a good idea to un-mount it before de-installation.
PR: 46172
The function gzprintf within zlib, when called with a string
longer than Z_PRINTF_BUFZISE (= 4096 bytes), can overflow
without giving a warning. zlib-1.1.4 and earlier exhibit
this behavior. There are no known exploits of the gzprintf
overrun, and only a few programs, including rpm2html and
gimp-print, are known to use the gzprintf function. The
problem has been fixed by checking the length of the output
string within gzprintf.
--<URL:http://rhn.redhat.com/errata/RHSA-2003-079.html>
package. libstdc++-2.96 is a core package that is referenced by many
linux_base applications such as linux-eagle. For instance, linux-eagle
doesn't work with linux_base-7.1_3.
Despite the importance, libstdc++-2.96 has been forgotten to be extracted
since 6 months. (Actually, the RPM package is listed in the Makefile,
but was badly defined so that no extraction was performed.)
Since linux_base is an important package, I hesitated to commit this
correction (for a long time :). If there is any incovenience in the
way of package definition, please feel free to correct my change.
remotely exploitable RPC bug (Red Hat advisory RHSA-2003-089 and
CERT advisory CA-2003-10).
According to <URL:http://www.redhat.com/apps/support/errata/>, "all
errata support for Alpha products, Sparc products, and Powertools
products have reached end of life."
I didn't do proper run-time testing of this, but "make package
deinstall" leaves a clean /compat/linux/ behind.
different MD5 hash from the corresponding package from 7.1/i386.
The contained etc/redhat-release files have the same contents but
different time stamps. By having both hashes in both distinfo
files, installation can proceed for users who share the same distfile
cache for both architectures.
list by bsd.port.mk insert anti foot-shooting device, which prevents
infinite fork loop when the user defines corresponding USE_XXX in global
make.conf, command line or environment.
Similar devices should probably be inserted into ports that might be inserted
into dependency list by others bsd.foo.mk files (bsd.ruby.mk, bsd.python.mk
and so on.)
