- chcon, runcon: --help output now includes the bug-reporting address
- cp -p copies permissions more portably. For example, on MacOS X 10.5,
"cp -p some-fifo some-file" no longer fails while trying to copy the
permissions from the some-fifo argument.
- id with no options now prints the SELinux context only when invoked
with no USERNAME argument.
- id and groups once again print the AFS-specific nameless group-ID (PAG).
Printing of such large-numbered, kernel-only (not in /etc/group) group-IDs
was suppressed in 6.11 due to ignorance that they are useful.
- uniq: avoid subtle field-skipping malfunction due to isblank misuse.
In some locales on some systems, isblank(240) (aka  ) is nonzero.
On such systems, uniq --skip-fields=N would fail to skip the proper
number of fields for some inputs.
- tac: avoid segfault with --regex (-r) and multiple files, e.g.,
"echo > x; tac -r x x".
- install once again sets SELinux context, when possible
- "cp -fR fifo E" now succeeds with an existing E. Before this fix, using
-fR to copy a fifo or "special" file onto an existing file would fail
with EEXIST. Now, it once again unlinks the destination before trying
to create the destination file. [bug introduced in coreutils-5.90]
- dd once again works with unnecessary options like if=/dev/stdin and
of=/dev/stdout. [bug introduced in fileutils-4.0h]
- id now uses getgrouplist, when possible. This results in
much better performance when there are many users and/or groups.
- ls no longer segfaults on files in /proc when linked with an older version
of libselinux. E.g., ls -l /proc/sys would dereference a NULL pointer.
- md5sum would segfault for invalid BSD-style input, e.g.,
echo 'MD5 (' | md5sum -c - Now, md5sum ignores that line.
sha1sum, sha224sum, sha384sum, and sha512sum are affected, too.
[bug introduced in coreutils-5.1.0]
- md5sum -c would accept a NUL-containing checksum string like "abcd\0..."
and would unnecessarily read and compute the checksum of the named file,
and then compare that checksum to the invalid one: guaranteed to fail.
Now, it recognizes that the line is not valid and skips it.
sha1sum, sha224sum, sha384sum, and sha512sum are affected, too.
[bug present in the original version, in coreutils-4.5.1, 1995]
- "mkdir -Z x dir" no longer segfaults when diagnosing invalid context "x"
mkfifo and mknod would fail similarly. Now they're fixed.
- mv would mistakenly unlink a destination file before calling rename,
when the destination had two or more hard links. It no longer does that.
[bug introduced in coreutils-5.3.0]
- "paste -d'\' file" no longer overruns memory (heap since coreutils-5.1.2,
stack before then) [bug present in the original version, in 1992]
- "pr -e" with a mix of backspaces and TABs no longer corrupts the heap
[bug present in the original version, in 1992]
- "ptx -F'\' long-file-name" would overrun a malloc'd buffer and corrupt
the heap. That was triggered by a lone backslash (or odd number of them)
at the end of the option argument to --flag-truncation=STRING (-F),
--word-regexp=REGEXP (-W), or --sentence-regexp=REGEXP (-S).
- "rm -r DIR" would mistakenly declare to be "write protected" -- and
prompt about -- full DIR-relative names longer than MIN (PATH_MAX, 8192).
- "rmdir --ignore-fail-on-non-empty" detects and ignores the failure
in more cases when a directory is empty.
- "seq -f % 1" would issue the erroneous diagnostic "seq: memory exhausted"
rather than reporting the invalid string format.
[bug introduced in coreutils-6.0]
- join now verifies that the inputs are in sorted order. This check can
be turned off with the --nocheck-order option.
- sort accepts the new option --sort=WORD, where WORD can be one of
general-numeric, month, numeric or random. These are equivalent to the
options --general-numeric-sort/-g, --month-sort/-M, --numeric-sort/-n
and --random-sort/-R, resp.
- id and groups work around an AFS-related bug whereby those programs
would print an invalid group number, when given no user-name argument.
- ls --color no longer outputs unnecessary escape sequences
- seq gives better diagnostics for invalid formats.
- install, mkdir, rmdir and split now write --verbose output to stdout,
not to stderr.
New tools:
* gmktemp - GNU implementation of mktemp(1)
* gchcon - change the SELinux security context of a file
* gruncon - run a program in a different SELinux security context
Programs now default disabled by upstream (thus not installed):
* ghostname
* gsu (XXX: could make this a PKG_OPTION if requested)
Also assorted bugfixes.
to "${MKDIR}". "configure" will otherwise decide to use "gmkdir -p" if an
older version of the "coreutils" package is already installed. But during
the install stage the old "gmkdir" binary will have been removed by
"pkg_delete" and the installation fails.
This is a major update from 5.2.1 and the ChangeLog is far too long to
include here. The update includes many bugfixes, POSIX.1 conformance fixes,
various GNU extensions to command line syntax, translations and some new
tools: gbase64, gsha224sum, gsha256sum, gsha384sum, gsha512sum, gshuf.
PKGLOCALEDIR and which install their locale files directly under
${PREFIX}/${PKGLOCALEDIR} and sort the PLIST file entries. From now
on, pkgsrc/mk/plist/plist-locale.awk will automatically handle
transforming the PLIST to refer to the correct locale directory.
In paste.c, do real boundary checks and consider NULL FILE pointers as
closed files. This replaces use of global dummy FILEs, which is not
possible on DragonFly, since FILE is incompletly.
In configure, include stdio.h when checking for __fpending, since
the prototype is defined there on DragonFly.
systen call. We now assumes that it only exists in NetBSD 2.99.x and
newer. This will avoid build problems under the upcoming NetBSD 2.1
release. Mark this package as unusable for NetBSD-2.0[D-H]-* (a few
very old NetBSD-current versions which have statvfs(2) but a version
number smaller than 2.99.x).
around at either build-time or at run-time is:
USE_TOOLS+= perl # build-time
USE_TOOLS+= perl:run # run-time
Also remove some places where perl5/buildlink3.mk was being included
by a package Makefile, but all that the package wanted was the Perl
executable.
* Add check for sync(2) and setgroups(3), and don't use these if they
don't exist on the host.
* Interix has a ... Special ... way of doing the "su" thing.
* Implement Interix-specific portion of mountlist.c.
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
** Bug fixes
mv could mistakenly fail to preserve hard links when moving two
or more arguments between partitions.
`cp --sparse=always F /dev/hdx' no longer tries to use lseek to create
holes in the destination.
nohup now sets the close-on-exec flag for its copy of the stderr file
descriptor. This avoids some nohup-induced hangs. For example, before
this change, if you ran `ssh localhost', then `nohup sleep 600 </dev/null &',
and then exited that remote shell, the ssh session would hang until the
10-minute sleep terminated. With the fixed nohup, the ssh session
terminates immediately.
`expr' now conforms to POSIX better:
Integers like -0 and 00 are now treated as zero.
The `|' operator now returns 0, not its first argument, if both
arguments are null or zero. E.g., `expr "" \| ""' now returns 0,
not the empty string.
The `|' and `&' operators now use short-circuit evaluation, e.g.,
`expr 1 \| 1 / 0' no longer reports a division by zero.
** New features
`chown user.group file' now has its traditional meaning even when
conforming to POSIX 1003.1-2001, so long as no user has a name
containing `.' that happens to equal `user.group'.
many fixes/new features, among them:
- nohup now always exits with status 127 when it finds an error,
as POSIX requires; formerly it sometimes exited with status 1.
- Several programs (including cut, date, dd, env, hostname, nl, pr,
stty, and tr) now always exit with status 1 when they find an error;
formerly they sometimes exited with status 2.
- chgrp and chown now accept POSIX-mandated -L, -H, and -P options
- du now accepts -P (--no-dereference), for compatibility with du
of NetBSD and for consistency with e.g., chown and chgrp
- date accepts a new option --rfc-2822, an alias for --rfc-822.
- `sha1sum --check' now accepts the BSD format for SHA1 message digests
in addition to the BSD format for MD5 ones.
- md5sum --check now accepts the output of the BSD md5sum program, e.g.,
MD5 (f) = d41d8cd98f00b204e9800998ecf8427e
- date -d DATE can now parse a DATE string like May-23-2003
- chown: `.' is no longer recognized as a separator in the OWNER:GROUP
specifier on POSIX 1003.1-2001 systems. If chown *was not* compiled
on such a system, then it still accepts `.', by default. If chown
was compiled on a POSIX 1003.1-2001 system, then you may enable the
old behavior by setting _POSIX2_VERSION=199209 in your environment.
(see NEWS for a complete list)
1.)
An integer overflow in ls in the fileutils or coreutils packages may allow
local users to cause a denial of service or execute arbitrary code via a
large -w value, which could be remotely exploited via applications that use
ls, such as wu-ftpd.
2.)
ls in the fileutils or coreutils packages allows local users to consume a
large amount of memory via a large -w value, which can be remotely exploited
via applications that use ls, such as wu-ftpd.
See
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0853http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0854
and the original report
http://www.guninski.com/binls.html
for details.
Patches taken from Red Hat's Security Advisory RHSA-2003:309-01.
reported by reed@
bump PKGREVISION
