"Multiple buffer overflows in imlib 1.9.14 and earlier, which is used by
gkrellm and several window managers, allow remote attackers to execute
arbitrary code via certain image files." (1.9.15 is also affected)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1026
Patch from Pavel Kankovsky.
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
All library names listed by *.la files no longer need to be listed
in the PLIST, e.g., instead of:
lib/libfoo.a
lib/libfoo.la
lib/libfoo.so
lib/libfoo.so.0
lib/libfoo.so.0.1
one simply needs:
lib/libfoo.la
and bsd.pkg.mk will automatically ensure that the additional library
names are listed in the installed package +CONTENTS file.
Also make LIBTOOLIZE_PLIST default to "yes".
by moving the inclusion of buildlink3.mk files outside of the protected
region. This bug would be seen by users that have set PREFER_PKGSRC
or PREFER_NATIVE to non-default values.
BUILDLINK_PACKAGES should be ordered so that for any package in the
list, that package doesn't depend on any packages to the left of it
in the list. This ordering property is used to check for builtin
packages in the correct order. The problem was that including a
buildlink3.mk file for <pkg> correctly ensured that <pkg> was removed
from BUILDLINK_PACKAGES and appended to the end. However, since the
inclusion of any other buildlink3.mk files within that buildlink3.mk
was in a region that was protected against multiple inclusion, those
dependencies weren't also moved to the end of BUILDLINK_PACKAGES.
decimal number, according to the specification. As a result, it fails to
correctly parse file created with numbers printed with leading 0.
Reported and fix provided in PR 24759 by Enami Tsugutomo.
the normal case when BUILDLINK_DEPENDS.<pkg> isn't specified, it receives
a value only once due to the multiple inclusion protection in the
bulldlink3.mk files. In the case where a package includes several
buildlink3.mk files that each want a slightly different version of another
dependency, having BUILDLINK_DEPENDS.<pkg> be a list allows for the
strictest <pkg> dependency to be matched.
Makefiles simply need to use this value often, for better or for
worse.
(2) Create a new variable FIX_RPATH that lists variables that should
be cleansed of -R or -rpath values if ${_USE_RPATH} is "no". By
default, FIX_RPATH contains LIBS, X11_LDFLAGS, and LDFLAGS, and
additional variables may be appended from package Makefiles.
have it be automatically included by bsd.pkg.mk if USE_PKGINSTALL is set
to "YES". This enforces the requirement that bsd.pkg.install.mk be
included at the end of a package Makefile. Idea suggested by Julio M.
Merino Vidal <jmmv at menta.net>.
buildlink2.mk files back into the main trunk. This provides sufficient
buildlink2 infrastructure to start merging other packages from the
buildlink2 branch that have already been converted to use the buildlink2
framework.
* load.c: Fixed reported bug. If Imlib thought it needed a fallback,
bad things will happen.
* utils.c: Removed the open/close_helper functions. A little less
bloat now removed.
all dependencies on packages depending on "png" which contain shared
libraries, all for the (imminent) update to the "png" package.
[List courtesy of John Darrow, courtesy of "bulk-build".]
redefines about which buildlink.mk files would care is BUILDLINK_X11_DIR,
which points to the location of the X11R6 hierarchy used during building.
If x11.buildlink.mk isn't included, then BUILDLINK_X11_DIR defaults to
${X11BASE} (set in bsd.pkg.mk), so its value is always safe to use. Remove
the ifdefs surrounding the use of BUILDLINK_X11_DIR in tk/buildlink.mk and
revert changes to move x11.buildlink.mk before the other buildlink.mk files.
use X11_BUILDLINK_MK as a test value. Generally just reordering the
inclusions so that x11.buildlink.mk comes before the other buildlink.mk
files will make everthing work.
to ${X11BASE} in the header and library search paths into references to
${LOCALBASE}/share/x11-links. These packages should now be strongly-
buildlinked regardless of whether xpkgwedge is installed.
Changes well-tested on NetBSD-1.5X/i386 with and without xpkgwedge and
lightly-tested on NetBSD-1.5.1/alpha without xpkgwedge.
Include a bugfix for lisp_LISP independently discovered by me that has
been pulled up to the automake-1-4 branch of automake cvs.
Changes are:
New in 1.4-p5:
* Allow AM_PROG_LIBTOOL again.
* Diagnose AC_CONFIG_HEADERS the same as AC_CONFIG_HEADER.
* Display distributed file list correctly in usage message.
* Allow numbers in macro names.
* Bugfixes.
New in 1.4-p4:
* Deal with configure.ac as well as configure.in -- this time for real!
* The version numbering system now allows three point version numbers,
such as 1.4.4, without thinking they are alpha release numbers.
New in 1.4-p3:
* Deal with configure.ac as well as configure.in.
* Don't complain if `version.texi' is included in multiple places.
New in 1.4-p2:
* Deal with AC_CONFIG_FILES from autoconf-2.50.
* Improvements to f77 support.
* DESTDIR now works for script targets.
* distcheck-hook works correctly.
New in 1.4-p1:
* The version numbering system now allows fork identifiers (such as
the p1 in this version of automake).
* Cope gracefully with various versions of libtool which may or may not
require ltconfig, ltcf-c.sh, ltcf-cxx.sh or ltcf-gcj.sh.
* Bugfixes.
set FOO_CONFIG=${BUILDLINK_CONFIG_WRAPPER.foo} in both CONFIGURE_ENV and
MAKE_ENV. We remove the check for GNU_CONFIGURE because if a package
Makefile includes the buildlink.mk file, then it most likely wants to use
the config script wrappers as well. Change suggested by Hubert Feyrer
(hubertf) and Tomasz Luchowski (zuntum).
workaround, create a dummy "ltconfig" for the buildlink autoconf to pick
up. Fixes a build problem with buildlink-x11 and xpgwedge pointed out in
private mail by David Brownlee <abs@netbsd.org>
XXX: in the long run, the buildlink autoconf macros probably need to be
updated and fixed to prevent similar problems in other packages.
BUILDLINK_PREFIX.<pkgname>. This allows buildlink to find X11BASE packages
regardless of whether they were installed before or after xpkgwedge was
installed. Idea by Alistair Crooks <agc@pkgsrc.org>.
so remove it from package Makefiles. Also move the inclusion of the
buildlink.mk files to the end of the Makefile to just before bsd.pkg.mk
to ensure that any Makefile settings occur before the buildlink.mk files.
FOO_REQD=1.0 being converted to foo>=1.0, one can now directly specify
the dependency pattern as FOO_DEPENDS=foo>=1.0. This allows things like
JPEG_DEPENDS=jpeg-6b, or fancier expressions like for postgresql-lib.
Change existing FOO_REQD definitions in Makefiles to FOO_DEPENDS.
first component is now a package name+version/pattern, no more
executable/patchname/whatnot.
While there, introduce BUILD_USES_MSGFMT as shorthand to pull in
devel/gettext unless /usr/bin/msgfmt exists (i.e. on post-1.5 -current).
Patch by Alistair Crooks <agc@netbsd.org>
using the newest PNG library won't work on system with an older one. To
prevent such problems with precompiled binary packages require at least
"png-1.0.9nb1" in all dependences.
out of date - it was based on a.out OBJECT_FMT, and added entries in the
generated PLISTs to reflect the symlinks that ELF packages uses. It also
tried to be clever, and removed and recreated any symbolic links that were
created, which has resulted in some fun, especially with packages which
use dlopen(3) to load modules. Some recent changes to our ld.so to bring
it more into line with other Operating Systems also exposed some cracks.
+ Modify bsd.pkg.mk and its shared object handling, so that PLISTs now contain
the ELF symlinks.
+ Don't mess about with file system entries when handling shared objects in
bsd.pkg.mk, since it's likely that libtool and the BSD *.mk processing will
have got it right, and have a much better idea than we do.
+ Modify PLISTs to contain "ELF symlinks"
+ On a.out platforms, delete any "ELF symlinks" from the generated PLISTs
+ On ELF platforms, no extra processing needs to be done in bsd.pkg.mk
+ Modify print-PLIST target in bsd.pkg.mk to add dummy symlink entries on
a.out platforms
+ Update the documentation in Packages.txt
With many thanks to Thomas Klausner for keeping me honest with this.
Add a new USE_LIBTOOL definition that uses the libtool package instead of
pkglibtool which is now considered outdated.
USE_PKGLIBTOOL is available for backwards compatibility with old packages
but is deprecated for new packages.
