Commit Graph

23 Commits

Author SHA1 Message Date
espie
4828bb03fc avoid preprocessor hackery that turns out to be highly non-portable. 2004-01-04 21:32:18 +00:00
margarida
6e9746075e Add HOMEPAGE 2003-06-04 01:32:06 +00:00
naddy
4fffa9a824 No regression tests available. 2002-10-28 13:40:41 +00:00
pvalchev
288b26e0f4 Disable gv's own setenv/getenv functions which are broken on most
OpenBSD architectures and use the system ones instead.
Bump PKGNAME
10x to various people who tested, brad OK
2002-10-28 00:27:54 +00:00
brad
78171009d1 Fix another security issue with gv.
Zen Parse found a local buffer overflow in gv version 3.5.8 and earlier.

Under this vulnerability, an attacker can create a carefully crafted,
malformed PDF or PostScript file that, when viewed using gv, executes
arbitrary commands on the system.

http://marc.theaimsgroup.com/?l=bugtraq&m=103428425111983&w=2
2002-10-26 21:48:07 +00:00
brad
36a9392a98 Fix security issue with gv.
When GV detects that the document is either a PDF file or a
GZip compressed file, it executes some commands with the help of the
system() function. Unfortunately, these commands contain the
filename, which can be considered as untrusted user input. It is then
possible to distribute a file (with a meticulously chosen filename,
that even seems innocent) that causes execution of arbitrary
shell commands when it is read with GV.

http://www.epita.fr/~bevand_m/asa/asa-0000
2002-10-04 18:29:14 +00:00
espie
00ce723944 Kill remaining RUN_DEPENDS/BUILD_DEPENDS first parters. 2001-11-13 22:13:22 +00:00
espie
4135f66c4d While preparing for ghostscript 7.00, I found a lot of weirdness in that
port.

- why bother creating a man page if we don't install it ?
- our echo does handle \n, so it needs to be protected.
- for that matter, yield a sensible list of directories for OpenBSD.
- INSTALL script that predates dependencies...

And:
- prepare for gs 7.00, detect the version of ghostscript installed,
and tweak resource files to use x11 device with aa options instead
of the older x11alpha. Mark resource files as no checksum accordingly.
2001-04-14 14:43:04 +00:00
espie
b0c4dbb777 Wildcard for ghostscript, to be activated soonish. 2001-04-01 17:04:06 +00:00
espie
46b5f232b5 Kill
FAKE=Yes
HAS_CONFIGURE, GNU_CONFIGURE, USE_IMAKE, NO_INSTALL_MANPAGES, USE_AUTOCONF
and bump NEED_VERSION accordingly.
2000-10-22 15:41:23 +00:00
angelos
a99a21022b Release ports@openbsd.org, as I can no longer maintain ports that
depend on XFree86 3.3.6
2000-07-10 02:06:46 +00:00
espie
3b5e3e8d17 Introduce :: in *_DEPENDS as a place holder for a package spec
Bump NEED_VERSION.
2000-03-24 23:28:01 +00:00
espie
403a21e918 Put docs under /usr/local 2000-03-18 22:35:13 +00:00
espie
c3fa34cf75 Use gs 5.50 port.
Fake
2000-03-11 18:21:51 +00:00
espie
76d52e1f68 PORTSDIR no longer needed in *DEPENDS. 2000-03-05 18:30:21 +00:00
turan
504f314d16 espie will not shut up about this, DISTF -> DISTFILES, PKG -> PACKAGE 2000-02-15 05:03:51 +00:00
turan
1574b9aa2e gpl licenses 2000-02-12 08:02:07 +00:00
espie
3222b739eb Source site actually changed name 1999-09-26 22:51:37 +00:00
brad
ef1b4d6e64 - remove unnecessary comments from the top of the Makefile
- new style shared lib dependency check
1999-09-06 23:09:40 +00:00
espie
2e53f391f9 Oversight,
I should have reverted this ages ago.
1999-07-27 21:32:54 +00:00
espie
d06b9abae0 Busted the same as the other two... 1999-04-14 14:08:09 +00:00
espie
e891c38e51 gv depends upon ghostscript 1998-07-20 00:52:30 +00:00
angelos
bdde903e8c Add gv 3.5.8 port. 1997-12-03 05:59:58 +00:00