* Don't use GROFF_CSH_HACK. It would change the "#! /bin/sh" to just
":", and this causes trouble for some shells. For example, if
CONFIG_SHELL=/bin/ksh, when the groff build uses ${CONFIG_SHELL} to
run a script that has been modified in this way, ksh sees the ":" and
decided to run the script under /bin/sh instead.
* Use SH_SCRIPT_SED_CMD="1s,/bin/sh,${CONFIG_SHELL},"
to edit the "#! /bin/sh" line, to ensure that scripts
are always run under the correct shell.
* Add CONFIG_SHELL=$(SHELL) to the environment when invoking genmultilib.
Due to substitutions made by associated configure scripts, the make
variable $(SHELL) will actually refer to the environment variable
${CONFIG_SHELL}.
* Explicitly use $(SHELL) to run shell scripts.
* Use SHELL = @SHELL@, not SHELL = /bin/sh. @SHELL@ will be substituted
by associated configure scripts, and will actually refer to the
environment variable ${CONFIG_SHELL}.
* Describe the HOST_SH variable, and the way build.sh attempts to set it.
* Suggest passing HOST_SH in the environment if /bin/sh is not a working
shell.
* Try to guess a suitable value for HOST_SH, if it was not set in
the environment. First try host-specific heuristics (Solaris has
/usr/xpg4/bin/sh); then try to find the name of the shell that was used
to run build.sh itself (by parsing the output from ps -p $$ -o comm);
then fall back to "sh".
* Having found a value for HOST_SH, copy it to BSHELL and CONFIG_SHELL.
* Use ${HOST_SH} instead of /bin/sh when creating the make wrapper.
* Use ${HOST_SH} instead of unqualified sh when running shell scripts.
If there are any undead ones set a flag so we don't report the 'Child (pid)
not in table' message when they die - it is impossible to (portably) find
the childrens pids.
This happens when make is run as 'make -f- ... <<EOF' and the shell uses
a child of (what will be) make to write the data into a pipe.
be set. Linux NFS servers (at least) reset suid/sgid bits if a write
happens afterwards. Add a comment why this is done.
This fixes system builds on diskless systems for me where suid bits
were missing after install(1).
Approved by yamt.
only been broken for 12 years, but some things are better done
sooner than later.
While meddling here, introduce mp_vchain, which prints the vnode
chain given a mount point.
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows
remote attackers to cause a denial of service (inifnite loop
and memory consumption) via malformed ASN.1 structures that
trigger an improperly handled error condition.
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier
versions allows attackers to cause a denial of service (CPU
consumption) via certain public keys that require extra time
to process.
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738
Buffer overflow in the SSL_get_shared_ciphers function in
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier
versions has unspecified impact and remote attack vectors
involving a long list of ciphers.
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Unspecified vulnerability in the SSLv2 client code in OpenSSL
0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions
allows remote servers to cause a denial of service (client
crash) via unknown vectors.
macallan