[odc] Daily ports changes for 2002-10-07

ODC auto at squish.net
Tue Oct 8 08:00:35 BST 2002


OpenBSD ports changes summary for 2002-10-07
============================================

mail/p5-Mail-SpamAssassin               net/gaim
net/silc-client                         print/gv

== mail ============================================================== 01/03 ==

  http://www.openbsd.org/cgi-bin/cvsweb/ports/mail

p5-Mail-SpamAssassin

  ~ pkg/PLIST                             ~ distinfo
  ~ Makefile                              

  > update p5-Mail-SpamAssassin to version 2.42; from MAINTAINER (lebel@)

== net =============================================================== 02/03 ==

  http://www.openbsd.org/cgi-bin/cvsweb/ports/net

gaim

  ~ distinfo                              ~ Makefile

  > update to gaim-0.59.4 (jcs@)

silc-client

  + patches/gcc-patch-lib_silcsim_Makefile_in

  TAGGED OPENBSD_3_2
  > MFC:
  > more workarounds for sha1.c on sparc64; this works fine now. (brad@)

== print ============================================================= 03/03 ==

  http://www.openbsd.org/cgi-bin/cvsweb/ports/print

gv

  + patches/patch-source_ps_c             + patches/patch-source_file_h
  + patches/patch-source_file_c           ~ Makefile

  TAGGED OPENBSD_3_2
  > Fix security issue with gv.
  > When GV detects that the document is either a PDF file or a
  > GZip compressed file, it executes some commands with the help of the
  > system() function. Unfortunately, these commands contain the
  > filename, which can be considered as untrusted user input. It is then
  > possible to distribute a file (with a meticulously chosen filename,
  > that even seems innocent) that causes execution of arbitrary
  > shell commands when it is read with GV.
  > http://www.epita.fr/~bevand_m/asa/asa-0000 (brad@)

===============================================================================




More information about the odc mailing list