Navigation:
Browse pkgsrc
(this page)| 2007-02-16 21:37:52 by Adam Ciarcinski | Files touched by this commit (3) |
Log message: Changes 2.0.34: * 32-bit multiplication overflow vulnerabilities along with a number of similar issues * Memory allocation errors that were not checked * Multiple issues in the GIF loader. Corrupt gif images would cause a segfault or infinite loop * Malformed or empty PNG image also may have caused segfaults * gdImageFillToBorder segfaulted when the color was not opaque (alpha > 0) * Antialiased lines drawn on an images edge caused a segfault * gdImageFill segfaulted when used with patterns or invalid arguments * gdImageFilledEllipse did not respect transparency |
| 2007-02-07 21:28:49 by Thomas Klausner | Files touched by this commit (1) |
Log message: Update HOMEPAGE. |
| 2006-07-09 01:11:17 by Johnny C. Lam | Files touched by this commit (877) |
Log message: Change the format of BUILDLINK_ORDER to contain depth information as well, and add a new helper target and script, "show-buildlink3", that outputs a listing of the buildlink3.mk files included as well as the depth at which they are included. For example, "make show-buildlink3" in fonts/Xft2 displays: zlib fontconfig iconv zlib freetype2 expat freetype2 Xrender renderproto |
| 2006-07-09 00:39:49 by Johnny C. Lam | Files touched by this commit (877) |
Log message: Track information in a new variable BUILDLINK_ORDER that informs us of the order in which buildlink3.mk files are (recursively) included by a package Makefile. |
| 2006-06-14 23:42:33 by Lubomir Sedlacik | Files touched by this commit (3) |
Log message: Security fix for CVE-2006-2906: "The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote attackers to cause a denial of service (CPU consumption) via malformed GIF data that causes an infinite loop." Patch from Xavier Roche via Ubuntu. |
| 2006-05-14 20:22:38 by Min Sik Kim | Files touched by this commit (1) |
Log message: This package installs a perl script. Add a dependency on perl using USE_TOOLS. Bump PKGREVISION. |
| 2006-05-14 20:19:08 by Min Sik Kim | Files touched by this commit (1) |
Log message: Fix a pkglint warning. |
2006-04-17 15:47:02 by Thomas Klausner | Files touched by this commit (1055) |  |
Log message: Bump BUILDLINK_ABI_DEPENDS.png and PKGREVISION for png-1.2.9nb2 update. |
| 2006-04-06 08:23:06 by Jeremy C. Reed | Files touched by this commit (1147) |
Log message: Over 1200 files touched but no revisions bumped :) RECOMMENDED is removed. It becomes ABI_DEPENDS. BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo. BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo. BUILDLINK_DEPENDS does not change. IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS which defaults to "yes". Added to obsolete.mk checking for IGNORE_RECOMMENDED. I did not manually go through and fix any aesthetic tab/spacing issues. I have tested the above patch on DragonFly building and packaging subversion and pkglint and their many dependencies. I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I have used IGNORE_RECOMMENDED for a long time). I have been an active user of IGNORE_RECOMMENDED since it was available. As suggested, I removed the documentation sentences suggesting bumping for "security" issues. As discussed on tech-pkg. I will commit to revbump, pkglint, pkg_install, createbuildlink separately. Note that if you use wip, it will fail! I will commit to pkgsrc-wip later (within day). |
| 2006-02-06 00:11:50 by Joerg Sonnenberger | Files touched by this commit (4082) |
Log message: Recursive revision bump / recommended bump for gettext ABI change. |
New packages: