Prevent to detect unwanted builtin openssl.
After bump of BUILDLINK_API_DEPENDS.openssl to 1.0.1c,
buitin openssl is not acceptable for various platforms.
or rename of module name affect to other parts using this module.
Noticed by Benjamin Lorenz in tech-pkg@.
Additionally, set ALTERNATIVE for bin/smtpd.py.
are replaced with .include "../../devel/readline/buildlink3.mk", and
USE_GNU_READLINE are removed,
* .include "../../devel/readline/buildlink3.mk" without USE_GNU_READLINE
are replaced with .include "../../mk/readline.buildlink3.mk".
injecting -Wall -Wno-error does not cause the test to produce the wrong
answer. (If it does, the wrong information is installed in /usr/include,
and ultimately provokes PR 47342.)
Same as -r1.8 of python27's patch-al.
(CVE-2012-0845, CVE-2012-1150 are alredy fixed in pkgsrc,
CVE-2012-0876 is not affect to pkgsrc, using external expat)
What's New in Python 2.6.8?
===========================
*Release date: 2012-04-10*
No changes since 2.6.8rc2.
What's New in Python 2.6.8 rc 2?
================================
*Release date: 2012-03-17*
Library
-------
- Issue #14234: CVE-2012-0876: Randomize hashes of xml attributes in the hash
table internal to the pyexpat module's copy of the expat library to avoid a
denial of service due to hash collisions. Patch by David Malcolm with some
modifications by the expat project.
What's New in Python 2.6.8 rc 1?
================================
*Release date: 2012-02-23*
Core and Builtins
-----------------
- Issue #13703: oCERT-2011-003 CVE-2012-1150: add -R command-line
option and PYTHONHASHSEED environment variable, to provide an opt-in
way to protect against denial of service attacks due to hash
collisions within the dict and set types. Patch by David Malcolm,
based on work by Victor Stinner.
Library
-------
- Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in
SimpleXMLRPCServer upon malformed POST request.
- Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC
IV attack countermeasure.
"platform" in Python terms is different for Linux kernel 2.* Vs Linux
kernel 3.*. Add in support to pull in a different PLIST for Linux 3.*.
Fixes build under Ubuntu 11.10.
XXX Perhaps it would be cleaner to name the PLIST to match the python platform
name - since we already calculate that anyway, and that is exactly what drives
the contents of these PLISTs.
awkwardly, leading to Python 2.6 failing to build.
Python 2.7 builds ok, because it has been taught to deal with this.
This patch retro-fits the 2.7 code into 2.6, and allows 2.6 to build on
Ubuntu 11.04.
Ok'd by wiz@
It is not a leaf package, but the changes affect Mac OS X only.
Test builds on 10.5/i386, 10.6/i386 (thanks tron@), 10.7/i386 and
10.7/x86_64 (thanks ryoon@).
(CVE-2011-1521 had been fixed in pkgsrc).
What's New in Python 2.6.7?
===========================
*Release date: 2011-06-03*
*NOTE: Python 2.6 is in security-fix-only mode. No non-security bug fixes are
allowed. Python 2.6.7 and beyond will be source only releases.*
* No changes since 2.6.7rc2.
What's New in Python 2.6.7 rc 2?
================================
*Release date: 2011-05-20*
*NOTE: Python 2.6 is in security-fix-only mode. No non-security bug fixes are
allowed. Python 2.6.7 and beyond will be source only releases.*
Library
-------
- Issue #11662: Make urllib and urllib2 ignore redirections if the
scheme is not HTTP, HTTPS or FTP (CVE-2011-1521).
- Issue #11442: Add a charset parameter to the Content-type in SimpleHTTPServer
to avoid XSS attacks.
What's New in Python 2.6.7 rc 1?
================================
*Release date: 2011-05-06*
Library
-------
- Issue #9129: smtpd.py is vulnerable to DoS attacks deriving from missing
error handling when accepting a new connection.
definitions which do things behind the client pkgs back, in particular
manipulate the library search path
It is well possible that this causes some fallout, but I hope it
will be small and can be dealt with on a per-pkg basis.
(partly) suggested by Mark Davies on tech-pkg
* Use $(CC) for LDSHARED on NetBSD and DragonFly like any other.
Fixes PR#42598 for that libpython will be linked with sufficient flags.
Bump PKGREVISION.
