search

NetBSD / pkgsrc

Automatic conversion of the NetBSD pkgsrc CVS module, use with care
https://www.pkgsrc.org
308 stars 164 forks source link

devel/patch: security fixes #33

Closed AttilaFueloep closed 6 years ago

AttilaFueloep commented 6 years ago

Fixes CVE-2018-6951, CVE-2018-6952 and CVE-2018-1000156.

iamleot commented 6 years ago

Hello Attila,

Attila Fülöp writes:

Fixes CVE-2018-6951, CVE-2018-6952 and CVE-2018-1000156. You can view, comment on, or merge this pull request online at:

https://github.com/NetBSD/pkgsrc/pull/33

-- Commit Summary --

  • devel/patch: security fixes

-- File Changes --

M devel/patch/Makefile (8)
M devel/patch/distinfo (4)
A devel/patch/patches/patch-config.hin (20)

Is patch-config.hin really needed? In the configure phase it seems that now all the HAVE_* are checked also without the patch and config.h is then populated properly after the `configure' phase.

I think that patch-config.hin is not needed. According cvs annotate' it seems that the change was part of devel/patch/Makefile -r1.42' reported via PR pkg/49672 and indeed it seems that it was applied upstream, so we can just remove patch-config.hin.

[...]

Thank you!

AttilaFueloep commented 6 years ago

@iamleot Good catch. Builds fine on SmartOS without, so I removed the config.hin> patch.

iamleot commented 6 years ago

Hello Attila,

Attila Fülöp writes:

@iamleot Good catch. Builds fine on SmartOS without, so I removed the config.hin> patch.

Thank you!

They are now committed!

AttilaFueloep commented 6 years ago

It's been a pleasure.

Closing.

AttilaFueloep commented 6 years ago

merged