Date: Thu, 4 Sep 2008 10:03:18 GMT From: bf <bf2006a@yahoo.com> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/127085: [PATCH]www/neon28: update to 0.28.3 Message-ID: <200809041003.m84A3Iab007164@www.freebsd.org> Resent-Message-ID: <200809041010.m84AA1K9089006@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 127085 >Category: ports >Synopsis: [PATCH]www/neon28: update to 0.28.3 >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Thu Sep 04 10:10:01 UTC 2008 >Closed-Date: >Last-Modified: >Originator: bf >Release: 7-STABLE i386 >Organization: - >Environment: >Description: Fix two small problems when PREFIX is distinct from LOCALBASE; upgrade to a new version containing an important security fix: "Changes in release neon 0.28.3, 20 August 2008 ... SECURITY (CVE-2008-3746): Fix potential NULL pointer dereference in Digest domain parameter support; could allow a DoS by a malicious server Fix parsing of *-Authenticate response header with LWS after quoted value Fix ne_set_progress(, NULL, ) to match pre-0.27 behaviour (and not crash) Document existing ne_uri_parse() API postcondition and ne_uri_resolve() pre/postconditions regarding the ->path field in ne_uri structures Mark ne_{,buffer_}concat with sentinel attribute for GCC >= 4. Distinguish the error message for an SSL handshake which fails after a client cert was requested. Compile with PIC flags by default even for static library builds" >How-To-Repeat: >Fix: Patch attached with submission follows: diff -ruN neon28.orig/Makefile neon28/Makefile --- neon28.orig/Makefile 2008-09-04 03:53:26.916445773 -0400 +++ neon28/Makefile 2008-09-04 04:43:16.662388344 -0400 @@ -6,8 +6,7 @@ # PORTNAME= neon28 -PORTVERSION= 0.28.2 -PORTREVISION= 1 +PORTVERSION= 0.28.3 CATEGORIES= www MASTER_SITES= http://www.webdav.org/neon/ \ http://keyserver.kjsl.com/~jharris/distfiles/ @@ -41,7 +40,7 @@ --enable-xml \ --enable-shared \ --with-expat \ - --with-libs=${PREFIX} + --with-libs=${LOCALBASE}:${PREFIX} MAN1= neon-config.1 MAN3= ne_add_request_header.3 ne_addr_resolve.3 ne_buffer.3 \ @@ -112,17 +111,15 @@ ne_xml_create.3 ne_xml_destroy.3 PLIST_SUB+= PORTVERSION=${PORTVERSION} +DOCSDIR= ${PREFIX}/share/doc/neon .include <bsd.port.pre.mk> -DOCSDIR:= ${DOCSDIR:S/28//} - post-install: ${INSTALL_MAN} ${WRKSRC}/doc/man/*.1 ${MANPREFIX}/man/man1 ${INSTALL_MAN} ${WRKSRC}/doc/man/*.3 ${MANPREFIX}/man/man3 .ifndef NOPORTDOCS (cd ${WRKSRC} ; ${MAKE} install-html) - ${INSTALL_DATA} ${WRKSRC}/doc/using-neon.txt ${DOCSDIR} .endif .include <bsd.port.post.mk> diff -ruN neon28.orig/distinfo neon28/distinfo --- neon28.orig/distinfo 2008-09-04 03:53:26.946445396 -0400 +++ neon28/distinfo 2008-09-04 04:43:16.662388344 -0400 @@ -1,3 +1,3 @@ -MD5 (neon-0.28.2.tar.gz) = b99b3f44e8507ae2d17362f1b34aaf02 -SHA256 (neon-0.28.2.tar.gz) = d9cd601613db6affb25655e0908b0bf8c266669cef31999b6b4121d585ff9094 -SIZE (neon-0.28.2.tar.gz) = 797944 +MD5 (neon-0.28.3.tar.gz) = 47599a328862ce64ac3c52726d6daa12 +SHA256 (neon-0.28.3.tar.gz) = 90dee51b4c70bc50ce2fa106ca945349b81cd86c90aa9d4dbff73abb284fcdc2 +SIZE (neon-0.28.3.tar.gz) = 799681 diff -ruN neon28.orig/pkg-plist neon28/pkg-plist --- neon28.orig/pkg-plist 2008-09-04 03:53:27.026443273 -0400 +++ neon28/pkg-plist 2008-09-04 04:43:16.662388344 -0400 @@ -81,7 +81,6 @@ %%PORTDOCS%%%%DOCSDIR%%/html/refxml.html %%PORTDOCS%%%%DOCSDIR%%/html/using.html %%PORTDOCS%%%%DOCSDIR%%/html/xml.html -%%PORTDOCS%%%%DOCSDIR%%/using-neon.txt %%PORTDOCS%%@dirrm %%DOCSDIR%%/html %%PORTDOCS%%@dirrm %%DOCSDIR%% @dirrm include/neon >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200809041003.m84A3Iab007164>