Although POSIX says the type is 'int', all BSD variants (including Mac OS X)
have been using 'unsigned long' type for very long time and its use predates
the standard long enough. For certain commands (e.g., TIOCSWINSZ, FIONBIO),
the Python value may get sign-extended on 64-bit platforms (by implicit type
promotion) and it causes annoying warnings from kernel such as this:
WARNING pid 24509 (python2.6): ioctl sign-extension ioctl ffffffff8004667e
Approved by: python (maintainer timeout)
runs its signal handlers, not to a random thread that happens to be
executing at the time when signal arrives. This functionality has been
lost since Python 2.3, possible cause is that the linux implementation
of POSIX threads always delivered signal to the main thread. This
bug results in rather annoying inability to terminate threading script
with ^C for example and there could be other issues as well.
Bump PORTREVISION.
PR: ports/131080
Submitted by: Andriy Pylypenko <bamby@sippysoft.com>
Approved by: MAINTAINER's timeout
Multiple vulnerabilities:
1) Various integer overflow errors exist in core modules e.g. stringobject,
unicodeobject, bufferobject, longobject, tupleobject, stropmodule, gcmodule, mmapmodule.
2) An integer overflow in the hashlib module can lead to an unreliable cryptographic digest results.
3) Integer overflow errors in the processing of unicode strings can be exploited to cause
buffer overflows on 32-bit systems.
4) An integer overflow exists in the PyOS_vsnprintf() function on architectures that do not
have a "vsnprintf()" function.
5) An integer underflow error in the PyOS_vsnprintf() function when passing zero-length strings
can lead to memory corruption.
PR: 127172 (based on)
Submitted by: bf <bf2006a@yahoo.com>
Obtained from: python svn
Security: CVE-2008-2315, CVE-2008-2316, CVE-2008-3142, CVE-2008-3144, CVE-2008-3143. (vuxml come later)
Specifically, newer autoconf (> 2.13) has different semantic of the
configure target. In short, one should use --build=CONFIGURE_TARGET
instead of CONFIGURE_TARGET directly. Otherwise, you will get a warning
and the old semantic may be removed in later autoconf releases.
To workaround this issue, many ports hack the CONFIGURE_TARGET variable
so that it contains the ``--build='' prefix.
To solve this issue, under the fact that some ports still have
configure script generated by the old autoconf, we use runtime detection
in the do-configure target so that the proper argument can be used.
Changes to Mk/*:
- Add runtime detection magic in bsd.port.mk
- Remove CONFIGURE_TARGET hack in various bsd.*.mk
- USE_GNOME=gnometarget is now an no-op
Changes to individual ports, other than removing the CONFIGURE_TARGET hack:
= pkg-plist changed (due to the ugly CONFIGURE_TARGET prefix in * executables)
- comms/gnuradio
- science/abinit
- science/elmer-fem
- science/elmer-matc
- science/elmer-meshgen2d
- science/elmerfront
- science/elmerpost
= use x86_64 as ARCH
- devel/g-wrap
= other changes
- print/magicfilter
GNU_CONFIGURE -> HAS_CONFIGURE since it's not generated by autoconf
Total # of ports modified: 1,027
Total # of ports affected: ~7,000 (set GNU_CONFIGURE to yes)
PR: 126524 (obsoletes 52917)
Submitted by: rafan
Tested on: two pointyhat 7-amd64 exp runs (by pav)
Approved by: portmgr (pav)
- Remove USE_XLIB/USE_X_PREFIX/USE_XPM in favor of USE_XORG
- Remove X11BASE support in favor of LOCALBASE or PREFIX
- Use USE_LDCONFIG instead of INSTALLS_SHLIB
- Remove unneeded USE_GCC 3.4+
Thanks to all Helpers:
Dmitry Marakasov, Chess Griffin, beech@, dinoex, rafan, gahr,
ehaupt, nox, itetcu, flz, pav
PR: 116263
Tested on: pointyhat
Approved by: portmgr (pav)
- Add significantly better support in bsd.python.mk for working with
Python Eggs and the easy_install system
Tested by: pointyhat runs
Approved by: pav (portmgr)
Most work by: perky
Thanks to: pav
when devel/ncurses installed.
- Similar to python24, don't pick up ncursesw in python25. This results
in both ncurses are linked into _curses.so
Tested by: krion
Approved by: alexbl (python@)
period. Python 2.5 brought a vast range of incompatibility to a
large number of ports, so the python@ team will do more basic
compatibility work in a private repository and merge it later.
Sorry for the inconvenience.
Approved by: portmgr (kris)
- Now, lang/python is just a meta-port which depends on lang/python25.
- And all versions of Python ports have short version identifier in its
package name; python25-2.5, python24-2.4.3 and etc.
- Also you must upgrade all python modules after lang/python updated,
cd /usr/ports/lang/python && make upgrade-site-packages
- Give maintainership of Python ports to the new python@ group which
includes me, alexbl@ and others.
