Next | Query returned 1 messages, browsing 1 to 10 | previous

History of commit frequency

CVS Commit History:


   2008-04-13 13:45:17 by S.P.Zeidler | Files touched by this commit (6) | Package updated
Log message:
Pullup ticket 2331 - requested by wiz
security update for m4

Revisions pulled up:
- pkgsrc/devel/m4/Makefile            1.53
- pkgsrc/devel/m4/PLIST               1.10
- pkgsrc/devel/m4/distinfo            1.21
- pkgsrc/devel/m4/patches/patch-aa    removed
- pkgsrc/devel/m4/patches/patch-ab    removed
- pkgsrc/devel/m4/patches/patch-ac    removed

   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Fri Apr 11 06:08:43 UTC 2008

   Modified Files:
   	pkgsrc/devel/m4: Makefile PLIST distinfo
   Removed Files:
   	pkgsrc/devel/m4/patches: patch-aa patch-ab patch-ac

   Log message:
   Update to 1.4.11:

   * Noteworthy changes in Version 1.4.11 (2008-04-02) [stable]
     Released by Eric Blake, based on git version 1.4.10a

   ** Security fixes for the -F option, for bugs present since -F was
      introduced in 1.3: Avoid core dump with 'm4 -F file -t undefined', and
      avoid arbitrary code execution with certain file names.

   ** Fix regression introduced in 1.4.9b in the `divert' builtin when more
      than 512 kibibytes are saved in diversions on platforms like NetBSD
      or darwin where fopen(name,"a+") seeks to the end of the file.

   ** The output of the `maketemp' and `mkstemp' builtins is now quoted if a
      file was created.  This is a minor security fix, because it was possible
      (although rather unlikely) that an unquoted string could match an
      existing macro name, such that use of the `mkstemp' output would trigger
      inadvertent macro expansion and operate on the wrong file name.

   ** Enhance the `defn' builtin to support concatenation of multiple text
      arguments, as required by POSIX.  However, at this time, it is not
      possible to concatenate a builtin macro with anything else; a warning is
      now issued if this is attempted, although a future version of M4 may
      lift this restriction to match other implementations.

   ** Enhance the `format' builtin to parse all C99 floating point numbers,
      even on platforms where strtod(3) is buggy, although the replacement
      function does have the known issue of rounding errors when parsing
      some decimal floating point values.  This fixes testsuite failures
      introduced in 1.4.9b.

   ** Enhance the `index' builtin to guarantee linear behavior, in spite of
      the surprisingly large number of systems with a brain-dead quadratic
      strstr(3).

   ** A number of portability improvements inherited from gnulib.

Next | Query returned 1 messages, browsing 1 to 10 | previous