gitweb.dragonflybsd.org Git - pkgsrcv2.git/commit

Pullup ticket #3701 - requested by drochner
textproc/libxml2: security fix and HEAD compatibility

Revisions pulled up:
- textproc/libxml2/Makefile                                     1.113-1.114
- textproc/libxml2/distinfo                                     1.88-1.89
- textproc/libxml2/patches/patch-CVE-2012-0841-aa               1.1
- textproc/libxml2/patches/patch-CVE-2012-0841-ab               1.1
- textproc/libxml2/patches/patch-CVE-2012-0841-ac               1.1
- textproc/libxml2/patches/patch-aa                             1.24
- textproc/libxml2/patches/patch-ab                             1.22
- textproc/libxml2/patches/patch-am                             1.1

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   drochner
   Date:           Wed Feb 22 11:10:18 UTC 2012

   Modified Files:
           pkgsrc/textproc/libxml2: Makefile distinfo
           pkgsrc/textproc/libxml2/patches: patch-aa patch-ab
   Added Files:
           pkgsrc/textproc/libxml2/patches: patch-am

   Log Message:
   build the library thread-aware, i.e. use <pthread.h> but do not
   link against libpthread. (It doesn't create threads, just uses
   locking.) This seems to be wanted by some applications, eg vlc
   issues a warning on startup (with no visible consequences afaict,
   but anyway).
   I hope this works for other OSes too. If not, we should probably
   add support for these cases to mk/pthread.bl3.mk.
   bump PKGREV

   To generate a diff of this commit:
   cvs rdiff -u -r1.112 -r1.113 pkgsrc/textproc/libxml2/Makefile
   cvs rdiff -u -r1.87 -r1.88 pkgsrc/textproc/libxml2/distinfo
   cvs rdiff -u -r1.23 -r1.24 pkgsrc/textproc/libxml2/patches/patch-aa
   cvs rdiff -u -r1.21 -r1.22 pkgsrc/textproc/libxml2/patches/patch-ab
   cvs rdiff -u -r0 -r1.1 pkgsrc/textproc/libxml2/patches/patch-am

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   drochner
   Date:           Fri Mar  9 12:12:28 UTC 2012

   Modified Files:
           pkgsrc/textproc/libxml2: Makefile distinfo
   Added Files:
           pkgsrc/textproc/libxml2/patches: patch-CVE-2012-0841-aa
           patch-CVE-2012-0841-ab patch-CVE-2012-0841-ac

   Log Message:
   Add patch from upstream to add hash randomization.
   Without that, (untrusted) input can fill hash buckets uneven, causing
   high CPU load. (CVE-2012-0841)
   To get a patch which is simple enough to get pulled up to the stable
   pkgsrc branch, I've not touched "configure" but just assumed that
   the POSIX functions rand(), srand() and time() are present.
   bump PKGREV

   To generate a diff of this commit:
   cvs rdiff -u -r1.113 -r1.114 pkgsrc/textproc/libxml2/Makefile
   cvs rdiff -u -r1.88 -r1.89 pkgsrc/textproc/libxml2/distinfo
   cvs rdiff -u -r0 -r1.1 pkgsrc/textproc/libxml2/patches/patch-CVE-2012-0841-aa \
       pkgsrc/textproc/libxml2/patches/patch-CVE-2012-0841-ab \
       pkgsrc/textproc/libxml2/patches/patch-CVE-2012-0841-ac

author	spz <spz>
	Mon, 12 Mar 2012 18:06:50 +0000 (18:06 +0000)
committer	spz <spz>
	Mon, 12 Mar 2012 18:06:50 +0000 (18:06 +0000)
commit	d662a4277b77f731ac746700e69fedd416541907
tree	ea7bf670ea48661c030b1e14afc3175bcb41ae65	tree \| snapshot
parent	8c0dd9e5ae2b367ab10389e095f5a258ad4e208d	commit \| diff

textproc/libxml2/Makefile		diff \| blob \| blame \| history
textproc/libxml2/distinfo		diff \| blob \| blame \| history
textproc/libxml2/patches/patch-CVE-2012-0841-aa	[new file with mode: 0644]	blob
textproc/libxml2/patches/patch-CVE-2012-0841-ab	[new file with mode: 0644]	blob
textproc/libxml2/patches/patch-CVE-2012-0841-ac	[new file with mode: 0644]	blob
textproc/libxml2/patches/patch-aa		diff \| blob \| blame \| history
textproc/libxml2/patches/patch-ab		diff \| blob \| blame \| history
textproc/libxml2/patches/patch-am	[new file with mode: 0644]	blob