Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66]) by www.NetBSD.org (Postfix) with ESMTP id 5C3CC63B8C0 for ; Mon, 12 Mar 2012 18:06:48 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 605) id 70A3214A305; Mon, 12 Mar 2012 18:06:55 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id F35EE14A2CE for ; Mon, 12 Mar 2012 18:06:50 +0000 (UTC) X-Virus-Scanned: amavisd-new at NetBSD.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.NetBSD.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id BiUo7CFBDBLr for ; Mon, 12 Mar 2012 18:06:50 +0000 (UTC) Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd]) by mail.netbsd.org (Postfix) with ESMTP id 368A914A2A9 for ; Mon, 12 Mar 2012 18:06:50 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id 8996B175DD; Mon, 12 Mar 2012 18:06:50 +0000 (UTC) MIME-Version: 1.0 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Date: Mon, 12 Mar 2012 18:06:50 +0000 From: "S.P.Zeidler" Subject: CVS commit: [pkgsrc-2011Q4] pkgsrc/textproc/libxml2 To: pkgsrc-changes@NetBSD.org Reply-To: spz@netbsd.org X-Mailer: log_accum Message-Id: <20120312180650.8996B175DD@cvs.netbsd.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk Module Name: pkgsrc Committed By: spz Date: Mon Mar 12 18:06:50 UTC 2012 Modified Files: pkgsrc/textproc/libxml2 [pkgsrc-2011Q4]: Makefile distinfo pkgsrc/textproc/libxml2/patches [pkgsrc-2011Q4]: patch-aa patch-ab Added Files: pkgsrc/textproc/libxml2/patches [pkgsrc-2011Q4]: patch-CVE-2012-0841-aa patch-CVE-2012-0841-ab patch-CVE-2012-0841-ac patch-am Log Message: Pullup ticket #3701 - requested by drochner textproc/libxml2: security fix and HEAD compatibility Revisions pulled up: - textproc/libxml2/Makefile 1.113-1.114 - textproc/libxml2/distinfo 1.88-1.89 - textproc/libxml2/patches/patch-CVE-2012-0841-aa 1.1 - textproc/libxml2/patches/patch-CVE-2012-0841-ab 1.1 - textproc/libxml2/patches/patch-CVE-2012-0841-ac 1.1 - textproc/libxml2/patches/patch-aa 1.24 - textproc/libxml2/patches/patch-ab 1.22 - textproc/libxml2/patches/patch-am 1.1 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: drochner Date: Wed Feb 22 11:10:18 UTC 2012 Modified Files: pkgsrc/textproc/libxml2: Makefile distinfo pkgsrc/textproc/libxml2/patches: patch-aa patch-ab Added Files: pkgsrc/textproc/libxml2/patches: patch-am Log Message: build the library thread-aware, i.e. use but do not link against libpthread. (It doesn't create threads, just uses locking.) This seems to be wanted by some applications, eg vlc issues a warning on startup (with no visible consequences afaict, but anyway). I hope this works for other OSes too. If not, we should probably add support for these cases to mk/pthread.bl3.mk. bump PKGREV To generate a diff of this commit: cvs rdiff -u -r1.112 -r1.113 pkgsrc/textproc/libxml2/Makefile cvs rdiff -u -r1.87 -r1.88 pkgsrc/textproc/libxml2/distinfo cvs rdiff -u -r1.23 -r1.24 pkgsrc/textproc/libxml2/patches/patch-aa cvs rdiff -u -r1.21 -r1.22 pkgsrc/textproc/libxml2/patches/patch-ab cvs rdiff -u -r0 -r1.1 pkgsrc/textproc/libxml2/patches/patch-am ------------------------------------------------------------------- Module Name: pkgsrc Committed By: drochner Date: Fri Mar 9 12:12:28 UTC 2012 Modified Files: pkgsrc/textproc/libxml2: Makefile distinfo Added Files: pkgsrc/textproc/libxml2/patches: patch-CVE-2012-0841-aa patch-CVE-2012-0841-ab patch-CVE-2012-0841-ac Log Message: Add patch from upstream to add hash randomization. Without that, (untrusted) input can fill hash buckets uneven, causing high CPU load. (CVE-2012-0841) To get a patch which is simple enough to get pulled up to the stable pkgsrc branch, I've not touched "configure" but just assumed that the POSIX functions rand(), srand() and time() are present. bump PKGREV To generate a diff of this commit: cvs rdiff -u -r1.113 -r1.114 pkgsrc/textproc/libxml2/Makefile cvs rdiff -u -r1.88 -r1.89 pkgsrc/textproc/libxml2/distinfo cvs rdiff -u -r0 -r1.1 pkgsrc/textproc/libxml2/patches/patch-CVE-2012-0841-aa \ pkgsrc/textproc/libxml2/patches/patch-CVE-2012-0841-ab \ pkgsrc/textproc/libxml2/patches/patch-CVE-2012-0841-ac To generate a diff of this commit: cvs rdiff -u -r1.110.2.2 -r1.110.2.3 pkgsrc/textproc/libxml2/Makefile cvs rdiff -u -r1.84.2.2 -r1.84.2.3 pkgsrc/textproc/libxml2/distinfo cvs rdiff -u -r0 -r1.1.2.2 \ pkgsrc/textproc/libxml2/patches/patch-CVE-2012-0841-aa \ pkgsrc/textproc/libxml2/patches/patch-CVE-2012-0841-ab \ pkgsrc/textproc/libxml2/patches/patch-CVE-2012-0841-ac \ pkgsrc/textproc/libxml2/patches/patch-am cvs rdiff -u -r1.23 -r1.23.30.1 pkgsrc/textproc/libxml2/patches/patch-aa cvs rdiff -u -r1.21 -r1.21.10.1 pkgsrc/textproc/libxml2/patches/patch-ab Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.