[Security-team] I: bzip2 1.0.4

[Slava Semushin]

JFYI. Хотя, скорее всего, ldv@ и без меня в курсе :)

Покопался в чейнджлоге и не понял закрыты ли у нас эти дырочки. Может и
запатчены, но сходу упоминаний не увидел.

---------- Forwarded message ----------
From: Thomas Klausner <wiz / netbsd.org>
Date: 06.01.2007 18:34
Subject: CVS commit: pkgsrc/archivers/bzip2
To: pkgsrc-changes / netbsd.org


Module Name:    pkgsrc
Committed By:   wiz
Date:           Sat Jan  6 15:34:37 UTC 2007

Modified Files:
        pkgsrc/archivers/bzip2: Makefile distinfo
        pkgsrc/archivers/bzip2/patches: patch-aa

Log Message:
Update to 1.0.4:

1.0.4 (20 Dec 06)
~~~~~~~~~~~~~~~~~
Fixes some minor bugs since the last version, 1.0.3.

* Fix file permissions race problem (CAN-2005-0953).

* Avoid possible segfault in BZ2_bzclose.  From Coverity's NetBSD
  scan.

* 'const'/prototype cleanups in the C code.

* Change default install location to /usr/local, and handle multiple
  'make install's without error.

* Sanitise file names more carefully in bzgrep.  Fixes CAN-2005-0758
  to the extent that applies to bzgrep.

* Use 'mktemp' rather than 'tempfile' in bzdiff.

* Tighten up a couple of assertions in blocksort.c following automated
  analysis.

* Fix minor doc/comment bugs.


To generate a diff of this commit:
cvs rdiff -r1.42 -r1.43 pkgsrc/archivers/bzip2/Makefile
cvs rdiff -r1.12 -r1.13 pkgsrc/archivers/bzip2/distinfo
cvs rdiff -r1.11 -r1.12 pkgsrc/archivers/bzip2/patches/patch-aa

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



-- 
+ Slava Semushin | slava.semushin @ gmail.com
+ ALT Linux Team | php-coder @ altlinux.ru
----------- следующая часть -----------
Вложение в формате HTML было удалено...
URL: <http://lists.altlinux.org/pipermail/security-team/attachments/20070106/d2a42f8c/attachment-0003.html>