head 1.4; access; symbols pkgsrc-2013Q2:1.4.0.10 pkgsrc-2013Q2-base:1.4 pkgsrc-2012Q4:1.4.0.8 pkgsrc-2012Q4-base:1.4 pkgsrc-2011Q4:1.4.0.6 pkgsrc-2011Q4-base:1.4 pkgsrc-2011Q2:1.4.0.4 pkgsrc-2011Q2-base:1.4 pkgsrc-2009Q4:1.4.0.2 pkgsrc-2009Q4-base:1.4 pkgsrc-2009Q1:1.3.0.22 pkgsrc-2009Q1-base:1.3 pkgsrc-2008Q4:1.3.0.20 pkgsrc-2008Q4-base:1.3 pkgsrc-2008Q3:1.3.0.18 pkgsrc-2008Q3-base:1.3 cube-native-xorg:1.3.0.16 cube-native-xorg-base:1.3 pkgsrc-2008Q2:1.3.0.14 pkgsrc-2008Q2-base:1.3 cwrapper:1.3.0.12 pkgsrc-2008Q1:1.3.0.10 pkgsrc-2008Q1-base:1.3 pkgsrc-2007Q4:1.3.0.8 pkgsrc-2007Q4-base:1.3 pkgsrc-2007Q3:1.3.0.6 pkgsrc-2007Q3-base:1.3 pkgsrc-2007Q2:1.3.0.4 pkgsrc-2007Q2-base:1.3 pkgsrc-2007Q1:1.3.0.2 pkgsrc-2007Q1-base:1.3 pkgsrc-2006Q4:1.2.0.8 pkgsrc-2006Q4-base:1.2 pkgsrc-2006Q3:1.2.0.6 pkgsrc-2006Q3-base:1.2 pkgsrc-2006Q2:1.2.0.4 pkgsrc-2006Q2-base:1.2 pkgsrc-2006Q1:1.2.0.2; locks; strict; comment @# @; 1.4 date 2009.05.23.09.04.01; author tron; state dead; branches; next 1.3; 1.3 date 2007.01.06.22.45.49; author wiz; state Exp; branches 1.3.22.1; next 1.2; 1.2 date 2006.05.29.13.51.20; author tron; state Exp; branches 1.2.2.1; next 1.1; 1.1 date 2006.05.29.13.48.53; author tron; state Exp; branches; next ; 1.3.22.1 date 2009.06.04.08.56.16; author spz; state dead; branches; next ; 1.2.2.1 date 2006.05.29.13.51.20; author ghen; state dead; branches; next 1.2.2.2; 1.2.2.2 date 2006.05.30.20.18.31; author ghen; state Exp; branches; next ; desc @@ 1.4 log @Update "cscope" package to version 15.7a. This version fixes the security vulnerability reported in CVE-2009-0148. @ text @$NetBSD: patch-ak,v 1.3 2007/01/06 22:45:49 wiz Exp $ --- src/exec.c.orig 2006-09-30 10:13:00.000000000 +0200 +++ src/exec.c @@@@ -123,7 +123,7 @@@@ myexecvp(char *a, char **args) /* execute the program or shell script */ execvp(a, args); /* returns only on failure */ - sprintf(msg, "\nCannot exec %s", a); + (void) sprintf(msg, sizeof(msg), "\nCannot exec %s", a); perror(msg); /* display the reason */ askforreturn(); /* wait until the user sees the message */ myexit(1); /* exit the child */ @ 1.3 log @Update to 15.6: Some security problems have been addressed, and overall stability has improved. There are no new features. (The security problems were already fixed in pkgsrc.) @ text @d1 1 a1 1 $NetBSD: patch-ak,v 1.2 2006/05/29 13:51:20 tron Exp $ @ 1.3.22.1 log @Pullup ticket 2780 - requested by tron Security update Revisions pulled up: - pkgsrc/devel/cscope/Makefile 1.50 - pkgsrc/devel/cscope/distinfo 1.19 Files deleted: - pkgsrc/devel/cscope/patches/patch-ae - pkgsrc/devel/cscope/patches/patch-af - pkgsrc/devel/cscope/patches/patch-ag - pkgsrc/devel/cscope/patches/patch-ah - pkgsrc/devel/cscope/patches/patch-ai - pkgsrc/devel/cscope/patches/patch-aj - pkgsrc/devel/cscope/patches/patch-ak - pkgsrc/devel/cscope/patches/patch-al - pkgsrc/devel/cscope/patches/patch-am - pkgsrc/devel/cscope/patches/patch-an - pkgsrc/devel/cscope/patches/patch-ao - pkgsrc/devel/cscope/patches/patch-ap Module Name: pkgsrc Committed By: tron Date: Sat May 23 09:04:02 UTC 2009 Modified Files: pkgsrc/devel/cscope: Makefile distinfo Removed Files: pkgsrc/devel/cscope/patches: patch-ae patch-af patch-ag patch-ah patch-ai patch-aj patch-ak patch-al patch-am patch-an patch-ao patch-ap Log Message: Update "cscope" package to version 15.7a. This version fixes the security vulnerability reported in CVE-2009-0148. To generate a diff of this commit: cvs rdiff -u -r1.49 -r1.50 pkgsrc/devel/cscope/Makefile cvs rdiff -u -r1.18 -r1.19 pkgsrc/devel/cscope/distinfo cvs rdiff -u -r1.10 -r0 pkgsrc/devel/cscope/patches/patch-ae cvs rdiff -u -r1.9 -r0 pkgsrc/devel/cscope/patches/patch-af cvs rdiff -u -r1.6 -r0 pkgsrc/devel/cscope/patches/patch-ag \ pkgsrc/devel/cscope/patches/patch-ai cvs rdiff -u -r1.7 -r0 pkgsrc/devel/cscope/patches/patch-ah cvs rdiff -u -r1.4 -r0 pkgsrc/devel/cscope/patches/patch-aj cvs rdiff -u -r1.3 -r0 pkgsrc/devel/cscope/patches/patch-ak \ pkgsrc/devel/cscope/patches/patch-al pkgsrc/devel/cscope/patches/patch-ap cvs rdiff -u -r1.2 -r0 pkgsrc/devel/cscope/patches/patch-am \ pkgsrc/devel/cscope/patches/patch-an pkgsrc/devel/cscope/patches/patch-ao @ text @d1 1 a1 1 $NetBSD: patch-ak,v 1.3 2007/01/06 22:45:49 wiz Exp $ @ 1.2 log @Add missing RCS Ids. @ text @d1 1 a1 1 $NetBSD$ d3 3 a5 3 --- src/exec.c.orig 2002-07-29 13:37:49.000000000 +0100 +++ src/exec.c 2006-05-29 14:34:26.000000000 +0100 @@@@ -124,7 +124,7 @@@@ d7 7 a13 7 /* execute the program or shell script */ (void) execvp(a, args); /* returns only on failure */ - (void) sprintf(msg, "\nCannot exec %s", a); + (void) snprintf(msg, sizeof(msg), "\nCannot exec %s", a); perror(msg); /* display the reason */ askforreturn(); /* wait until the user sees the message */ myexit(1); /* exit the child */ @ 1.2.2.1 log @file patch-ak was added on branch pkgsrc-2006Q1 on 2006-05-29 13:51:20 +0000 @ text @d1 13 @ 1.2.2.2 log @Pullup ticket 1675 - requested by tron security fix for cscope Revisions pulled up: - pkgsrc/devel/cscope/Makefile 1.44 - pkgsrc/devel/cscope/distinfo 1.13 - pkgsrc/devel/cscope/patches/patch-ae 1.7 - pkgsrc/devel/cscope/patches/patch-af 1.6 - pkgsrc/devel/cscope/patches/patch-ag 1.3 - pkgsrc/devel/cscope/patches/patch-ah 1.3 - pkgsrc/devel/cscope/patches/patch-ai 1.3 - pkgsrc/devel/cscope/patches/patch-aj 1.1 - pkgsrc/devel/cscope/patches/patch-ak 1.1 - pkgsrc/devel/cscope/patches/patch-al 1.1 - pkgsrc/devel/cscope/patches/patch-am 1.1 - pkgsrc/devel/cscope/patches/patch-an 1.1 - pkgsrc/devel/cscope/patches/patch-ao 1.1 Module Name: pkgsrc Committed By: tron Date: Mon May 29 13:48:53 UTC 2006 Modified Files: pkgsrc/devel/cscope: Makefile distinfo pkgsrc/devel/cscope/patches: patch-af Added Files: pkgsrc/devel/cscope/patches: patch-ae patch-ag patch-ah patch-ai patch-aj patch-ak patch-al patch-am patch-an patch-ao Log Message: Integrate Debian's fix for security whole reported in CVE-2004-2541. Bump package revision. @ text @a0 11 --- src/exec.c.orig 2002-07-29 13:37:49.000000000 +0100 +++ src/exec.c 2006-05-29 14:34:26.000000000 +0100 @@@@ -124,7 +124,7 @@@@ /* execute the program or shell script */ (void) execvp(a, args); /* returns only on failure */ - (void) sprintf(msg, "\nCannot exec %s", a); + (void) snprintf(msg, sizeof(msg), "\nCannot exec %s", a); perror(msg); /* display the reason */ askforreturn(); /* wait until the user sees the message */ myexit(1); /* exit the child */ @ 1.1 log @Integrate Debian's fix for security whole reported in CVE-2004-2541. Bump package revision. @ text @d1 2 @