The actual fix as been done by "pkglint -F */*/buildlink3.mk", and was
reviewed manually.
There are some .include lines that still are indented with zero spaces
although the surrounding .if is indented. This is existing practice.
This changes the buildlink3.mk files to use an include guard for the
recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS,
BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new
variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of
enter/exit marker, which can be used to reconstruct the tree and
to determine first level includes. Avoiding := for large variables
(BUILDLINK_ORDER) speeds up parse time as += has linear complexity.
The include guard reduces system time by avoiding reading files over and
over again. For complex packages this reduces both %user and %sys time to
half of the former time.
- The shared library major version because it is no longer compatible
with old binaries.
- The package revision because of the above change.
- The minimum API and ABI versions because new binary packages are no
longer compatible with an old "imap-uw" package.
that duse the c-client library do not have their callback function symbols
stripped at install time. Fixes the following:
PR pkg/34031
and indicates that this need not be reopened:
PR pkg/35592
also bump PKGREVISION and BUILDLINK_ABI_DEPENDS
if "ssl" is a package option.
* Stop the abuse of BUILD_TARGET and use MAKE_FLAGS instead. Also,
use OPSYSVARS to simplify the specification of the correct BUILD_TARGET
for each platform.
* Make use of the EXTRASPECIALS variable used by imap makefiles to pass
special MAKE_FLAGS settings through to all recursive make processes.
This gets rid of some MAKE_ENV statements.
* Split off the special alpha-codegen hack into a hacks.mk file.
* Do man page fixups at post-build time, not post-extract time. This
leaves the files pristine for possible patching.
* Add back the special handling if IMAP_UW_MAILSPOOLHOME is defined.
It was accidentally removed in patch-am when the whoson modifications
were added. Move the modifications to the configure phase instead
of post-patch so that the modifications aren't accidentally picked
up by mkpatches.
* Instead of listing each Makefile that needs the sed modification
s/c-client.a/libc-client.la/ and modifying them at post-extract
time, simply create patches for them.
* Instead of listing each header file to be installed, just derive
the list from the PLIST.
* Make the libtoolification a bit more transparent by patching libtool
references directly into the imap makefiles.
* Drop the -limapuw -> -lc-client buildlink transform that was only
needed for much older versions of the imap-uw package, and stop
installing libimapuw.*. All dependents of imap-uw already correctly
use -lc-client.
* Fix the handling of the kerberos package option so that we can use
the pkgsrc Kerberos 5 packages instead of only using the native
ones.
* Properly document the options.mk file.
Bump the PKGREVISION for the libimapuw.* changes and for the
IMAP_UW_MAILSPOOLHOME fixes. The rest of the changes are all
pkgsrc-related and don't really affect the binary package.
and add a new helper target and script, "show-buildlink3", that outputs
a listing of the buildlink3.mk files included as well as the depth at
which they are included.
For example, "make show-buildlink3" in fonts/Xft2 displays:
zlib
fontconfig
iconv
zlib
freetype2
expat
freetype2
Xrender
renderproto
RECOMMENDED is removed. It becomes ABI_DEPENDS.
BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo.
BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo.
BUILDLINK_DEPENDS does not change.
IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS
which defaults to "yes".
Added to obsolete.mk checking for IGNORE_RECOMMENDED.
I did not manually go through and fix any aesthetic tab/spacing issues.
I have tested the above patch on DragonFly building and packaging
subversion and pkglint and their many dependencies.
I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I
have used IGNORE_RECOMMENDED for a long time). I have been an active user
of IGNORE_RECOMMENDED since it was available.
As suggested, I removed the documentation sentences suggesting bumping for
"security" issues.
As discussed on tech-pkg.
I will commit to revbump, pkglint, pkg_install, createbuildlink separately.
Note that if you use wip, it will fail! I will commit to pkgsrc-wip
later (within day).
"A vulnerability in UW-imapd can be exploited by malicious users to
cause a DoS (Denial of Service) or compromise a vulnerable system.
The vulnerability is caused due to a boundary error in the
"mail_valid_net_parse_work()" function when copying the user supplied
mailbox name to a stack buffer. This can be exploited to cause a
stack-based buffer overflow via a specially crafted mailbox name that
contains an single opening double-quote character, without the
corresponding closing double-quote.
Successful exploitation allows arbitrary code execution, but requires
valid credentials on the IMAP server."
http://secunia.com/advisories/17062/
www.idefense.com/application/poi/display?id=313&type=vulnerabilities
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2933
Patch from 2004g.
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.