forth. This resolves CVE-2009-3563, but it should be noted that nobody uses
this code so far, so this is more of a preventive update than a security
one.
Fix an off-by-one in the check for properly sized pkgdb entries.
It rejected perfectly valid entries.
Extract dependencies of libarchive from the pkgconfig file and thereby
drop knowledge of the needed libraries.
At least some versions of HP-UX are known to not support %zu, add a
workaround. This is using the black list approach for now.
Recognize xz as compression type for pkg_create.
The first time an error is hit while fetching packages, try to reget
from the same position. This works around the server closing the
connection while fetching dependencies.
Try to detect common forms of pkgdb corruption and issue a warning in
that case.
Refactor the pkg_vulnerabilities logic to use the compression support
from libarchive. This reduces the amount zlib/bzip2 interaction to
the linkage.
Add man pages for audit-packages and download-vulnerability-list which
point to pkg_admin and notes that the scripts are obsolete.
define REG_STARTEND
include tre-config.h inplace in tre.h, since it is small, always gets
included anyway, and this means that we don't have to install tre-config.h
in the dest tree. this will be addressed differently long-term.
it belongs in a separate elf_nbsd.sh, included from elf_i386_nbsd.sh.
The problem is described in:
https://bugzilla.redhat.com/show_bug.cgi?id=492183#c7, namely if
all the sections are not defined in the ld script, it can screw
up. This happens when building /usr/src/usr.sbin.crash with
MKPIE=yes. Thanks to Piotr Meyer for the report and analysis.
We don't need to fix any other archs yet (because crash only works on i386),
but we should. skrll should look into it, please :-)
- "postmulti -p command" did not skip disabled instances.
- In the multi_instance_wrapper parameter, the expansion of
$command_directory and $daemon_directory was broken.
- The address_verify_poll_count parameter value was not made
stress-dependent by default. This defeated the purpose of making other
settings stress-dependent by default with Postfix 2.6.
- Milter applications would hang up after receiving an unexpected
SMFIC_HEADER (mail header) command. This problem happened with Milters
that (legitimately) do not send replies for SMFIC_RCPT (recipient
address) or SMFIC_DATA (start of message) commands.
- Core dump while an printing error message for a malformed %<letter>
sequence in LDAP, MySQL or PostgreSQL lookup table configuration.
- Mail with zero recipients was forever stuck in the queue. This happened
when "postsuper -r" was run after all the recipients of a message were
delivered (or bounced), but before the message was deleted from the queue.
- With hostnames such as 1-2-3-4, the valid_hostname() fuction did not
recognize the '-' as a non-numeric character, causing a legitimate name
to be rejected as "invalid".
- The VRFY command did not accept a mailbox address inside <>.
- Better support for obsolete .Xo/.Xc macros if compiled with -DUGLY
- Support for more roff instructions in the man(7) code
- Correct handling of opening punctuation in macros for mdoc(7)
- Discard more of the pod2man junk
PR 43013 by Brook Milligan: fetch(3) violates RFC 1738 for ftp:// URLs
if the home directory is not the root directory.
Remember the current directory the first time a CWD / CDUP has to be
issued. Use the document as full URL if the URL started with two /
(quoted or not), otherwise append it to the initial directory.
1.) "ifdef-out" unused functions and global variables.
2.) Include "x86/include/cpu_counter.h" for amd64 and i386 to get the
prototype of "cpu_frequency".
- Fix NULL deference for short self-extracting zip archives
- Don't dereference symlinks on Linux when reading ACLs
- Better detection of SHA2 support for old OpenSSL versions
- Fix parsing of input files for bsdtar -T
- Do not leak setup_xattr into the global namespace
- Fix build when an older libarchive is already installed
- Use O_BINARY opening files in bsdtar
- Include missing archive_crc32.h
- Correctly include iconv.h required by libxml2
most of them are most harmless, but the libgcc parts are quite essential.
before this change, all the special rules for .pico files were not applied,
and exception handling wasn't enabled. this caused c++ exceptions not to
work on sparc64.
this fixes the build of boost-headers (it was correctly calling exception
support broken!), which in turn makes all the things that depend upon it
to actually work again on sparc64.
module instruments every function in the kernel with entry and exit
probes. These probes are true zero-effect probes in that they don't
exist in the code until they are enabled. The probes are enabled by
directly patching the function entry and exit points to make jumps into
the dtrace framework.
This gives us over 29,000 trace points in the kernel.
* VendorID is now dhcpcd-$version:$OS-$version:$machine:$platform
* IPv4LL address range can now be used in DHCP requests
* sysctl net.ipv4.conf.$iface.promote_secondaries enabled on Linux
This resolves a long standing issue of changing ip on the same subnet.
* IPv4LL correctly resets the DHCP timer.
with many thanks to ville laurikari for writing tre in the first place
and for changing the licensing to a 2-clause bsd license; thanks also to
matthias-christian ott for his work on the google summer of code 2009
project.
this import brings the distribution to src/external - the reachover
build files will follow
haad