Problems found locating distfiles:
Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
Package libidea: missing distfile libidea-0.8.2b.tar.gz
Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
Package uvscan: missing distfile vlp4510e.tar.Z
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
{perl>=5.16.6,p5-ExtUtils-ParseXS>=3.15}:../../devel/p5-ExtUtils-ParseXS
since pkgsrc enforces the newest perl version anyway, so they
should always pick perl, but sometimes (pkg_add) don't due to the
design of the {,} syntax.
No effective change for the above reason.
Ok joerg
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package
Like last time, where this caused no complaints.
Upstream changes:
2.32 Fri Dec 14 14:20:17 EST 2012
- Fixes "Taint checks are turned on and your key is tainted" error when autogenerating salt and IV.
Upstream changes:
2.31 Tue Oct 30 07:03:40 EDT 2012
- Fixes to regular expressions to avoid rare failures to
correctly strip padding in decoded messages.
- Add padding type = "none".
- Both fixes contributed by Bas van Sisseren.
to trigger/signal a rebuild for the transition 5.10.1 -> 5.12.1.
The list of packages is computed by finding all packages which end
up having either of PERL5_USE_PACKLIST, BUILDLINK_API_DEPENDS.perl,
or PERL5_PACKLIST defined in their make setup (tested via
"make show-vars VARNAMES=..."), minus the packages updated after
the perl package update.
sno@ was right after all, obache@ kindly asked and he@ led the
way. Thanks!
to trigger/signal a rebuild for the transition 5.8.8 -> 5.10.0.
The list of packages is computed by finding all packages which end
up having either of PERL5_USE_PACKLIST, BUILDLINK_API_DEPENDS.perl,
or PERL5_PACKLIST defined in their make setup (tested via
"make show-vars VARNAMES=...").
Pkgsrc changes:
- none
Changes since version 2.24:
===========================
2.29 Tue Apr 22 10:22:37 EDT 2008
- Fixed errors that occurred when encrypting/decrypting utf8 strings
in Perl's more recent than 5.8.8.
2.28 Mon Mar 31 10:46:25 EDT 2008
- Fixed bug in onesandzeroes test that causes it to fail with
Rijndael module is not installed.
2.27 Fri Mar 28 10:13:32 EDT 2008
- When taint mode is turned on and user is using a tainted key,
explicitly check tainting of key in order to avoid "cryptic"
failure messages from some crypt modules.
2.26 Thu Mar 20 16:41:23 EDT 2008
- Fixed onezeropadding test, which was not reporting its test count
properly.
2.25 Fri Jan 11 15:26:27 EST 2008
- Fixed failure of oneandzeroes padding when plaintext size is
an even multiple of blocksize.
- Added new "rijndael_compat" padding method, which is compatible
with the oneandzeroes padding method used by Crypt::Rijndael in
CBC mode.
Pkgsrc changes:
- The package supports installation to DESTDIR.
Changes since version 2.19:
===========================
Revision history for Perl extension Crypt::CBC.
2.24 Fri Sep 28 11:21:07 EDT 2007
- Fixed failure to run under taint checks with Crypt::Rijndael
or Crypt::OpenSSL::AES (and maybe other Crypt modules). See
http://rt.cpan.org/Public/Bug/Display.html?id=29646.
2.23 Fri Apr 13 14:50:21 EDT 2007
- Added checks for other implementations of CBC which add no
standard padding at all when cipher text is an even multiple
of the block size.
2.22 Sun Oct 29 16:50:32 EST 2006
- Fixed bug in which plaintext encrypted with the -literal_key
option could not be decrypted using a new object created with
the same -literal_key.
- Added documentation confirming that -literal_key must be
accompanied by a -header of 'none' and a manually specificied IV.
2.21 Mon Oct 16 19:26:26 EDT 2006
- Fixed bug in which new() failed to work when first option is
-literal_key.
2.20 Sat Aug 12 22:30:53 EDT 2006
- Added ability to pass a preinitialized Crypt::* block cipher
object instead of the class name.
- Fixed a bug when processing -literal_key.
This resolves PR pkg/34398 by Martin Wilke.
Pkgsrc changes:
- none
Changes since version 2.17:
===========================
2.19 Tue Jul 18 18:39:57 EDT 2006
- Renamed Crypt::CBC-2.16-vulnerability.txt so that package installs
correctly under Cygwin
2.18 2006/06/06 23:17:04
- added more documentation describing how to achieve compatibility
with old encrypted messages
Pkgsrc changes:
none
Changes since version 2.15:
===========================
2.17 Mon Jan 9 18:22:51 EST 2006
-IMPORTANT NOTE: Versions of this module prior to 2.17 were incorrectly
using 8 byte IVs when generating the old-style RandomIV style header
(as opposed to the new-style random salt header). This affects data
encrypted using the Rijndael algorithm, which has a 16 byte blocksize,
and is a significant security issue.
The bug has been corrected in versions 2.17 and higher by making it
impossible to use 16-byte block ciphers with RandomIV headers. You may
still read legacy encrypted data by explicitly passing the
-insecure_legacy_decrypt option to Crypt::CBC->new().
-The salt, iv and key are now reset before each complete encryption
cycle. This avoids inadvertent reuse of the same salt.
-A new -header option has been added that allows you to select
among the various types of headers, and avoids the ambiguity
of having multiple interacting options.
-A new random_bytes() method provides access to /dev/urandom on
suitably-equipped hardware.
2.16 Tue Dec 6 14:17:45 EST 2005
- Added two new options to new():
-keysize => <bytes> Force the keysize -- useful for Blowfish
-blocksize => <bytes> Force the blocksize -- not known to be useful
("-keysize=>16" is necessary to decrypt OpenSSL messages encrypted
with Blowfish)
Relevant changes since version 2.08:
=====================================
- RandomIV in message header overrides manually-supplied -salt, as one
would expect it should.
- Added OpenSSL compatibility
- Salt and IV generators take advantage of /dev/urandom device, if available
- Added regression test for PCBC mode
- Fixed bug reported by Joshua Brown that caused certain length
strings to not encrypt properly if ending in a "0" character.
- Fixed Rijndael compat problems
module directory has changed (eg. "darwin-2level" vs.
"darwin-thread-multi-2level").
binary packages of perl modules need to be distinguishable between
being built against threaded perl and unthreaded perl, so bump the
PKGREVISION of all perl module packages and introduce
BUILDLINK_RECOMMENDED for perl as perl>=5.8.5nb5 so the correct
dependencies are registered and the binary packages are distinct.
addresses PR pkg/28619 from H. Todd Fujinaka.
Taking maintainership.
Needs p5-Crypt-Rijndael for running the tests.
Adapted to buildlink3.
Changes sinces 2.02
===================
-Bug fix from Chris Laas to fix custom padding
-Bug fixes from Stephen Waters to fix space padding
-Lots of regression tests from Stephen Waters
-Makes zero-and-one padding compatible with Crypt::Rijndael::MODE_CBC.
-Lots of improvements to padding mechanisms from Stephen Waters
-Patch from Andy Turner <turner@mikomi.org> to allow backward
compatibility with old versions when key length exceeded max.
Changes :
- Patches for foreign program compatibility, initialization vectors
and padding methods from Jody Biggs <jody.biggs@paymybills.com>
- Removed debugging code
- Used Digest-MD5
The automatic truncation in gensolpkg doesn't work for packages which
have the same package name for the first 5-6 chars.
e.g. amanda-server and amanda-client would be named amanda and amanda.
Now, we add a SVR4_PKGNAME and use amacl for amanda-client and amase for
amanda-server.
All svr4 packages also have a vendor tag, so we have to reserve some chars
for this tag, which is normaly 3 or 4 chars. Thats why we can only use 6
or 5 chars for SVR4_PKGNAME. I used 5 for all the packages, to give the
vendor tag enough room.
All p5-* packages and a few other packages have now a SVR4_PKGNAME.
