Changes in release 1.2.1:
* kadmind: fix remote exploit
Changes in release 1.2:
* fix buffer overrun in ftp
* fix openssl building
* don't try to force encryption in telnet if not talking to a default
telnet port
* recognise AIX 5
* should work with more DB libraries
Summary of changes:
- removal of USE_GTEXINFO
- addition of mk/texinfo.mk
- inclusion of this file in package Makefiles requiring it
- `install-info' substituted by `${INSTALL_INFO}' in PLISTs
- tuning of mk/bsd.pkg.mk:
removal of USE_GTEXINFO
INSTALL_INFO added to PLIST_SUBST
`${INSTALL_INFO}' replace `install-info' in target rules
print-PLIST target now generate `${INSTALL_INFO}' instead of `install-info'
- a couple of new patch files added for a handful of packages
- setting of the TEXINFO_OVERRIDE "switch" in packages Makefiles requiring it
- devel/cssc marked requiring texinfo 4.0
- a couple of packages Makefiles were tuned with respect of INFO_FILES and
makeinfo command usage
See -newly added by this commit- section 10.24 of Packages.txt for
further information.
foo-* to foo-[0-9]*. This is to cause the dependencies to match only the
packages whose base package name is "foo", and not those named "foo-bar".
A concrete example is p5-Net-* matching p5-Net-DNS as well as p5-Net. Also
change dependency examples in Packages.txt to reflect this.
attack described in SA2001-12 (noted by T. M. Pederson <salvage@plethora.net>
in PR pkg/13610).
Instead of applying the patch submitted by T. M. Pederson, we upgrade
kth-krb4 to 1.0.9 where the vulnerability has been fixed.
The upgrade to 1.0.9 was provided by Assar Westerlund <assar@netbsd.org>
and slightly modified by myself.
Also included is diff file for /etc/services for NetBSD-1.5 (and 1.5.1)
also submitted by T. M. Pederson <salvage@plethora.net> in PR 12540.
Note: files/services.diff resurfaces as files/services-1.4.2.diff.
Closes PR 13610 and PR 12540.
Convert most MESSAGE files to new syntax (${VARIABLE} gets replaced,
not @VARIABLE@, nor @@VARIABLE@@).
By default, substitutions are done for LOCALBASE, PKGNAME, PREFIX,
X11BASE, X11PREFIX; additional patterns can be added via MESSAGE_SUBST.
Clean up some packages while I'm there; add RCS tags to most MESSAGEs.
Remove some uninteresting MESSAGEs.
RESTRICTED= variables that were predicated on former U.S. export
regulations. Add CRYPTO=, as necessary, so it's still possible to
exclude all crypto packages from a build by setting MKCRYPTO=no
(but "lintpkgsrc -R" will no longer catch them).
Specifically,
- - All packages which set USE_SSL just lose their RESTRICTED
variable, since MKCRYPTO responds to USE_SSL directly.
- - realplayer7 and ns-flash keep their RESTRICTED, which is based
on license terms, but also gain the CRYPTO variable.
- - srp-client is now marked broken, since the distfile is evidently
no longer available. On this, we're no worse off than before.
[We haven't been mirroring the distfile, or testing the build!]
- - isakmpd gets CRYPTO for RESTRICTED, but remains broken.
- - crack loses all restrictions, as it does not evidently empower
a user to utilize strong encryption (working definition: ability
to encode a message that requires a secret key plus big number
arithmetic to decode).
