Commit Graph

623 Commits

Author SHA1 Message Date
jasper
dd3584d233 Security update to unrar 3.7.3
CVE-2007-0855: Stack-based buffer overflow allows user-assisted remote attackers
to execute arbitrary code via a crafted, password-protected archive.

"go, go, go, get it in" naddy@, ok MAINTAINER
2007-02-22 19:08:02 +00:00
naddy
4ec1f15ebe SECURITY update to 1.0.4:
* Fix file permissions race problem (CVE-2005-0953).
* Avoid possible segfault in BZ2_bzclose.
* Sanitise file names more carefully in bzgrep.  Fixes CVE-2005-0758
  to the extent that applies to bzgrep.
* Use 'mktemp' rather than 'tempfile' in bzdiff.
* Tighten up a couple of assertions in blocksort.c following automated
  analysis.
2007-01-25 21:08:22 +00:00
kili
d85f5ecfaa Update to 2.1.
Also, change maintainer's address.

From maintainer (Lawrence Teo).

ok, steven@
2007-01-04 23:38:23 +00:00
kili
0c8473d969 SECURITY:
CVE-2006-4335, CVE-2006-4337, CVE-2006-4338

From maintainer (Yozo Toda).

PKGNAME tweak from sturm@

ok mbalmer@
2007-01-04 23:05:07 +00:00
steven
c57c16bb73 fix PKGNAME 2007-01-04 18:49:49 +00:00
naddy
d187595079 avoid __malloc name clash; from star 1.5.x 2006-12-30 20:25:59 +00:00
steven
b26225e6a5 missing WANTLIB 2006-12-27 12:49:29 +00:00
steven
2634ddb00f remove no longer needed hack for endianess, the code checks BYTE_ORDER
ok maintainer Rui Reis
2006-12-26 20:42:38 +00:00
sturm
c051d459d6 the static FLAVOR needs gettext to build as well 2006-12-23 20:24:42 +00:00
mbalmer
759fb99dc0 Maintenance update to version 3.68, from maintainer Rui Reis. 2006-12-18 09:06:15 +00:00
naddy
5615100fa3 Update to 1.16.1. User-visible changes:
* New option --exclude-tag allows to specify "exclusion tag files".
* The --exclude-cache option now excludes the directories themselves, too.
* Support for reading ustar type 'N' logical records has been removed.
* Race conditions around 'tar -x --same-owner' have been fixed.
2006-12-14 20:29:00 +00:00
matthieu
3ffe26d812 add MASTER_SITE_TEX_CTAN to MASTER_SITES, as many other are down or don't
have the latest version. "Don't bump pkgname" and ok steven@
2006-12-03 08:51:34 +00:00
naddy
e448c78a4a SECURITY:
GNU tar allows user-assisted attackers to overwrite arbitrary files
via a tar file that contains a GNUTYPE_NAMES record with a symbolic
link. (CVE-2006-6097)
2006-11-30 20:37:29 +00:00
steven
7067f0d402 no BUILD_DEPENDS needed 2006-11-21 19:07:10 +00:00
jasper
127dcdcaa6 update p5-Archive-Zip to 1.18
feedback and ok steven
2006-11-21 18:33:09 +00:00
espie
b46544f5d6 cpan, update Mail-Tools (prompted by David Hill) 2006-11-17 15:08:16 +00:00
naddy
37fdb40795 update to 1.16 2006-11-13 16:25:10 +00:00
espie
1210bdb474 switch to cpan module, arch-indep. bump pkgname 2006-11-13 09:53:21 +00:00
espie
fcb2aa96d4 switch to cpan module, bump PKGNAME since this is arch-independent. 2006-11-13 09:43:25 +00:00
espie
5965c38623 link in some cpan ports 2006-11-12 16:34:33 +00:00
espie
0cfda185cc perlio interface to gzip 2006-11-12 16:27:26 +00:00
espie
bf269f72ed replace SHARED_LIBS with libtool-generated entry, that shows the
original number of the library
no functional change
2006-10-28 10:15:10 +00:00
espie
a5ccef6967 stuff with CONFIGURE_STYLE=autoconf without any configure.in/aclocal patches
makes NO sense.
2006-10-23 11:21:28 +00:00
jsg
bc59701678 Use libc md5 code rather than included broken md5 code.
Makes unshield work properly on amd64 and probably other 64bit archs.
2006-10-18 13:47:36 +00:00
sturm
7f5e527002 PKGNAME *is* necessary 2006-10-15 21:45:02 +00:00
jasper
e14d2f6044 - make use of MASTER_SITE_SOURCEFORGE_JP
- remove unneeded PKGNAME line
2006-10-12 13:59:51 +00:00
kevlo
dc4ed4a619 update to 1.42 2006-09-26 12:37:15 +00:00
dhill
3b6c4d9caf update to 1.30
ok kevlo@
2006-09-19 02:44:06 +00:00
espie
24c4894c84 new lib specs 2006-08-01 11:17:55 +00:00
espie
100b45279f convert a few libspecs to new style.
Note: no package bump, those are only BUILD dependencies,
the pkg_create code will create the correct wantlib specs.
2006-08-01 10:50:19 +00:00
naddy
9afa4982b3 Update to 2.32 from David Hill <dhill@mindcry.org>. Clean up a bit. 2006-07-30 17:33:40 +00:00
martin
6362ff3053 better bump PKGNAME 2006-07-19 19:33:05 +00:00
martin
68d118e63e move variable declaration to beginning of block for gcc2
ok naddy@, steven@
2006-07-19 19:21:01 +00:00
steven
dc265cc44e update to lzma utils 4.32.0beta2 2006-07-17 12:10:22 +00:00
steven
2458370caf fix master sites 2006-07-11 06:55:28 +00:00
steven
0fa6fa1a4f update to 1.29; from willmaier@ml1.net
maintainer timeout
2006-07-04 16:56:18 +00:00
alek
4417488532 New maintainer -- Will Maier <willmaier@ml1.net> 2006-06-21 12:20:40 +00:00
alek
2986fcfad7 Update to arc-5.21o; from Will Maier <willmaier@ml1.net> 2006-06-21 10:19:32 +00:00
sturm
9b5b22a0ae permit build as root or when SUDO is not defined, in which case we
need additional chmod() permissions

noticed by steven
2006-06-16 18:51:37 +00:00
jolan
a612e2f7b1 +libmspack 2006-06-01 08:13:49 +00:00
jolan
f699855994 libmspack-20040308a, library for handling microsoft compression formats 2006-06-01 08:12:41 +00:00
pvalchev
673ecfb881 fix several buffer overflows/issues from gentoo/fedora, brought up
by Rui Reis <rui@rui.cx>.  more exist for sure...
2006-04-07 23:14:13 +00:00
pvalchev
2a92eb704b update-patches 2006-04-07 07:40:18 +00:00
naddy
21aab70737 don't break mirror-maker on other archs 2006-03-15 19:59:42 +00:00
naddy
2a8f0ff541 homepage moved; from Christian Drauch <cdr@xteam.co.at> 2006-03-11 15:20:23 +00:00
naddy
d5b99a068f SECURITY:
A buffer overflow allows user-complicit attackers to cause a denial
of service (application crash) and possibly execute code via
unspecified vectors involving PAX extended headers.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300

Fix via Ubuntu (ultimately from upstream CVS).

ok pvalchev@
2006-02-27 21:29:55 +00:00
steven
2cd2a5c2fb working master site
ok jolan@
2006-02-18 19:31:06 +00:00
david
45a9fffed8 remove .orig file in tarball; fixes make update-patches; ok sturm@ 2006-02-15 05:59:41 +00:00
steven
aee309fe46 add working master site, and update maintainer e-mail address.
from Lawrence Teo (maintainer)
2006-02-14 10:18:37 +00:00
david
9923841b93 cleaning: remove commented nonexistent SUBDIR entries; ok sturm@ 2006-02-12 14:58:15 +00:00