Subject: CVS commit: [pkgsrc-2018Q1] pkgsrc/security/mcrypt
From: S.P.Zeidler
Date: 2018-06-17 13:40:03
Message id: 20180617114003.89187FBEC@cvs.NetBSD.org
Log Message:
Pullup ticket #5765 - requested by bsiegert
security/mcrypt: security patches

Revisions pulled up:
- security/mcrypt/Makefile                                      1.27
- security/mcrypt/distinfo                                      1.9
- security/mcrypt/patches/patch-doc_mcrypt.1                    1.1
- security/mcrypt/patches/patch-src_errors.c                    1.1
- security/mcrypt/patches/patch-src_extra.c                     1.1
- security/mcrypt/patches/patch-src_gaaout.c                    1.1
- security/mcrypt/patches/patch-src_mcrypt.c                    1.1
- security/mcrypt/patches/patch-src_mcrypt.gaa                  1.1
- security/mcrypt/patches/patch-src_mcrypt__int.h               1.1
- security/mcrypt/patches/patch-src_rfc2440.c                   1.1

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   ginsbach
   Date:           Wed May 30 14:58:03 UTC 2018

   Modified Files:
           pkgsrc/security/mcrypt: Makefile distinfo
   Added Files:
           pkgsrc/security/mcrypt/patches: patch-doc_mcrypt.1 patch-src_errors.c
               patch-src_extra.c patch-src_gaaout.c patch-src_mcrypt.c
               patch-src_mcrypt.gaa patch-src_mcrypt__int.h patch-src_rfc2440.c

   Log Message:
   Add various patches from (Brew, Debian, Red Hat, SUSE)

   Upstream for mcrypt is effectively dead so incorporate patches from
   other OSS packaging systems.  These patches address the following:

   * CVE-2012-4409 (fix)
   * CVE-2012-4527 (fix)
   * Spelling and grammar fixes for man page
   * Fix potential format-string attacks (no vulnerability Id)
   * Fix potential buffer overflows (no vulnerability Id)
   * Make native format default as in Debian, Red Hat, and SUSE since
     openpgp format handling is seriously broken.
   * Fix ARM build [unclear if this is necessary for non-Linux systems]
   * Correct include file for OSX

   To generate a diff of this commit:
   cvs rdiff -u -r1.26 -r1.27 pkgsrc/security/mcrypt/Makefile
   cvs rdiff -u -r1.8 -r1.9 pkgsrc/security/mcrypt/distinfo
   cvs rdiff -u -r0 -r1.1 pkgsrc/security/mcrypt/patches/patch-doc_mcrypt.1 \
       pkgsrc/security/mcrypt/patches/patch-src_errors.c \
       pkgsrc/security/mcrypt/patches/patch-src_extra.c \
       pkgsrc/security/mcrypt/patches/patch-src_gaaout.c \
       pkgsrc/security/mcrypt/patches/patch-src_mcrypt.c \
       pkgsrc/security/mcrypt/patches/patch-src_mcrypt.gaa \
       pkgsrc/security/mcrypt/patches/patch-src_mcrypt__int.h \
       pkgsrc/security/mcrypt/patches/patch-src_rfc2440.c
Files:
RevisionActionfile
1.26.28.1modifypkgsrc/security/mcrypt/Makefile
1.8.22.1modifypkgsrc/security/mcrypt/distinfo
1.1.2.2addpkgsrc/security/mcrypt/patches/patch-doc_mcrypt.1
1.1.2.2addpkgsrc/security/mcrypt/patches/patch-src_errors.c
1.1.2.2addpkgsrc/security/mcrypt/patches/patch-src_extra.c
1.1.2.2addpkgsrc/security/mcrypt/patches/patch-src_gaaout.c
1.1.2.2addpkgsrc/security/mcrypt/patches/patch-src_mcrypt.c
1.1.2.2addpkgsrc/security/mcrypt/patches/patch-src_mcrypt.gaa
1.1.2.2addpkgsrc/security/mcrypt/patches/patch-src_mcrypt__int.h
1.1.2.2addpkgsrc/security/mcrypt/patches/patch-src_rfc2440.c