have it be automatically included by bsd.pkg.mk if USE_PKGINSTALL is set
to "YES". This enforces the requirement that bsd.pkg.install.mk be
included at the end of a package Makefile. Idea suggested by Julio M.
Merino Vidal <jmmv at menta.net>.
it has to be there.
* Use BUILD_DIRS instead of manually invoking "make all" from another
subdirectory of WRKSRC during post-build.
* Install the actual binary in ${PREFIX}/libexec/cgi-bin/php and symlink
into ${PREFIX}/bin/php. This allows the php binary to function in a
secure Apache setup. This fixes part of pkg/18783 by Chris Baird.
buildlink2.mk files from here. Also change a BUILDLINK_DIR to a
BUILDLINK_PREFIX.gdbm since we strive not to lie to the configure/build
processes any longer with buildlink2.
generalise the linker flags used to export symbols by setting them on
a per-OS basis.
> many packages force -Wl,-export-dynamic which is not portable outside GNU ld
> and cause problems e.g. on Solaris. some of these packages use if
> conditionals either only for NetBSD or except SunOS, but the state is not
> coherent and it may complicate later when support for new OS is added to
> pkgsrc (e.g. ongoing work on HP-UX support).
>
> jlam proposed the following framework in discussion on tech-pkg:
>
> http://mail-index.netbsd.org/tech-pkg/2002/06/21/0009.html
>
> now, ${EXPORT_SYMBOLS_LDFLAGS} is used instead of directly defining
> -Wl,-export-dynamic which is set in appropriate defs.*.mk to reasonable
> values. packages should be converted to this framework by:
>
> 1) replacing LDFLAGS+= -Wl,-export-dynamic and LIBS+= -export-dynamic with:
>
> LDFLAGS+= ${EXPORT_SYMBOLS_LDFLAGS}
>
> 2) for use in patchfiles, add this variable to MAKE_ENV if needed:
>
> MAKE_ENV+= EXPORT_SYMBOLS_LDFLAGS=${EXPORT_SYMBOLS_LDFLAGS}
>
> 3) replace occurances of -Wl,-export-dynamic and -export-dynamic in patch
> files with:
>
> $(EXPORT_SYMBOLS_LDFLAGS)
a security fix for a file-upload bug.
<===> SECURITY NOTE <===>
Note that the buffer overflow fix is a major security fix. Quoting from
the security advisory at:
http://security.e-matters.de/advisories/012002.html
"PHP supports multipart/form-data POST requests (as described in RFC1867)
known as POST fileuploads. Unfourtunately there are several flaws in the
php_mime_split function that could be used by an attacker to execute
arbitrary code. During our research we found out that not only PHP4 but
also older versions from the PHP3 tree are vulnerable.
modules are handled. Also buildlinkify, honor ${PKG_SYSCONFDIR}, and use
the general INSTALL scripts to handle the php3.ini config file. Become
the maintainer since the changes to the package structure are fairly large.
The new framework should make creating new PHP3 modules simpler, and makes
buildlinkifying those modules simpler as well.
foo-* to foo-[0-9]*. This is to cause the dependencies to match only the
packages whose base package name is "foo", and not those named "foo-bar".
A concrete example is p5-Net-* matching p5-Net-DNS as well as p5-Net. Also
change dependency examples in Packages.txt to reflect this.
first component is now a package name+version/pattern, no more
executable/patchname/whatnot.
While there, introduce BUILD_USES_MSGFMT as shorthand to pull in
devel/gettext unless /usr/bin/msgfmt exists (i.e. on post-1.5 -current).
Patch by Alistair Crooks <agc@netbsd.org>
October 21, 2000, Version 3.0.18
- Fixed file upload bugs (Sascha)
October 11, 2000, Version 3.0.17
- Fixed output functions (Sascha)
- Added odbc_tables() (Frank)
- Fixed htmlspecialchars/htmlentities inconsistencies (Rasmus)
- Added is_uploaded_file() (Zeev)
- Clean up htmlspecialchars/htmlentities inconsistencies (Rasmus)
- Add optional charset parameter to sybase_[p]connect (alf@alpha.ulatina.ac.cr)
- Fixed incorrect handling of 0-precision strings (e.g., %4.0s)
in printf (Ken Coar)
- You can now call Ora_Error() without prameters to get the reason
for a failed connection attempt. (Kirill Maximov)
- Fixed crash in OCIFetchStatement() when trying to read after
all data has already been read. (Thies)
- Added --enable-sigchild. Use this option if you encounter
<defunc> processes when using Oracle 8i. (Thies)
- Uncommitted outstanding OCI8 transactions are now rolled back
before the connection is closed. (Thies)
- Improved configure checks for Oracle 8i. (Thies)
- Added imap_mime_header_decode() function (Skalski)
