generalise the linker flags used to export symbols by setting them on
a per-OS basis.
> many packages force -Wl,-export-dynamic which is not portable outside GNU ld
> and cause problems e.g. on Solaris. some of these packages use if
> conditionals either only for NetBSD or except SunOS, but the state is not
> coherent and it may complicate later when support for new OS is added to
> pkgsrc (e.g. ongoing work on HP-UX support).
>
> jlam proposed the following framework in discussion on tech-pkg:
>
> http://mail-index.netbsd.org/tech-pkg/2002/06/21/0009.html
>
> now, ${EXPORT_SYMBOLS_LDFLAGS} is used instead of directly defining
> -Wl,-export-dynamic which is set in appropriate defs.*.mk to reasonable
> values. packages should be converted to this framework by:
>
> 1) replacing LDFLAGS+= -Wl,-export-dynamic and LIBS+= -export-dynamic with:
>
> LDFLAGS+= ${EXPORT_SYMBOLS_LDFLAGS}
>
> 2) for use in patchfiles, add this variable to MAKE_ENV if needed:
>
> MAKE_ENV+= EXPORT_SYMBOLS_LDFLAGS=${EXPORT_SYMBOLS_LDFLAGS}
>
> 3) replace occurances of -Wl,-export-dynamic and -export-dynamic in patch
> files with:
>
> $(EXPORT_SYMBOLS_LDFLAGS)
all dependencies on packages depending on "png" which contain shared
libraries, all for the (imminent) update to the "png" package.
[List courtesy of John Darrow, courtesy of "bulk-build".]
Closes pkg/14728 from Mark Davies <mark@mcs.vuw.ac.nz>. Changes from him
with updates from myself.
From www.kde.org... The principal improvements over KDE 2.2.1, release two
months ago, include:
o security-related
- SSL certificate loading
- symlink vulnerability in .wmrc access by KDM introduced in 2.2
- security problem with eFax (used by klprfax)
- potential problem in PAM invocation by KDM
- potential harmful side-effect of failed KDM session starts
o new features
- added support for CodeWeavers' CrossOver plug-in (provides support
for QuickTime, etc.)
- added support for the wheelmouse for scrolling through the
KGhostview PS/PDF viewer component
- ability to search for multiple patterns at a time in the file
search dialog
- debugging multi-threaded applications with KDevelop
o improvements/fixes
- handling of HTTP links that redirect to FTP
- POST using SSL through a proxy and sending headers through proxies
- saving of recently-selected files in the file dialog
- handling of non-ASCII characters over SMB
- toolbar button captions with certain styles
- selecting items with the mouse in Konqueror
- sorting in Konqueror's textview
- saving current settings as a theme in the theme manager
- crashes in KMail with certain mails
- crash on invoking the KDM chooser
- non-Latin languages with KDevelop
performance
- icon loading optimized
- file dialog speedups
- stop spinning SMB client processes
- handling of large files in Kate
pkgsrc. Instead, a new variable PKGREVISION is invented that can get
bumped independent of DISTNAME and PKGNAME.
Example #1:
DISTNAME= foo-X.Y
PKGREVISION= Z
=> PKGNAME= foo-X.YnbZ
Example #2:
DISTNAME= barthing-X.Y
PKGNAME= bar-X.Y
PKGREVISION= Z
=> PKGNAME= bar=X.YnbZ (!)
On subsequent changes, only PKGREVISION needs to be bumped, no more risk
of getting DISTNAME changed accidentally.
From the email to kde-announce:
The program "efax" which is distributed as part of the klprfax program in the
kdeutils module poses a security risk when installed suid. "efax" has been
part of KDE 2.2 and KDE 2.2.1 and is installed suid by default.
Scope: a local user can gain root privileges by exploiting a bug in "efax".
Solution: Remove the suid bit from the "efax" executable. This can be done
with the following command:
chmod -s `locate bin/efax`
"efax" will continue to work as before as long as users have sufficient rights
to create lock files in the system lock directory (like /var/lock) and
sufficient rights to open the modem device.
With apologies to Al I wouldn't know where to start with a summary of the
changes between 2.1 and 2.2.1 - there are just too many. A couple of
hopefully static URLS that contain useful information are
http://www.kde.org/announcements/changelog2_1to2_2.htmlhttp://www.kde.org/announcements/changelog2_2to2_2_1.html
Support for a.out for kde{libs,base} added by me. The libtool/a.out
combination doesn't like the linking of modules into binaries. A better
way of doing this will appear in future versions of KDE/pkgsrc.
