Date: Tue, 9 Dec 2003 18:36:34 +0100 (CET) From: Xavier Beaudouin <kiwi@oav.net> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/60084: [MAINTAINER] lang/pike74: set machine code to off to avoid security bug or exploit Message-ID: <20031209173634.B7B8811ACE2@yoko.home.oav.net> Resent-Message-ID: <200312091740.hB9HeALE078329@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 60084 >Category: ports >Synopsis: [MAINTAINER] lang/pike74: set machine code to off to avoid security bug or exploit >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Tue Dec 09 09:40:09 PST 2003 >Closed-Date: >Last-Modified: >Originator: Xavier Beaudouin >Release: FreeBSD 4.9-RELEASE i386 >Organization: The Caudium Group >Environment: System: FreeBSD yoko.home.oav.net 4.9-RELEASE FreeBSD 4.9-RELEASE #0: Sun Nov 2 14:35:22 CET >Description: - Fix a security bug in pike when using machine code options. Machine code puts the machine code in a data segment that can be executable with mprotect. This option is not forced to be desactivated. - Force depends of math/libgmp4 for obscure reasons that is not detected on some systems. See ports/59801. Generated with FreeBSD Port Tools 0.50 >How-To-Repeat: >Fix: --- pike74-7.4.31_1.patch begins here --- diff -ruN --exclude=CVS /usr/ports/lang/pike74.old/Makefile /usr/ports/lang/pike74/Makefile --- /usr/ports/lang/pike74.old/Makefile Tue Dec 9 18:25:37 2003 +++ /usr/ports/lang/pike74/Makefile Tue Dec 9 18:29:03 2003 @@ -7,6 +7,7 @@ PORTNAME= pike74 PORTVERSION= 7.4.31 +PORTREVISION= 1 CATEGORIES= lang MASTER_SITES= ftp://pike.ida.liu.se/pub/pike/all/${PORTVERSION}/ \ ftp://ftp.oav.net/pkg_freebsd/distfiles/ \ @@ -27,7 +28,8 @@ LIB_DEPENDS= jpeg.9:${PORTSDIR}/graphics/jpeg \ tiff.4:${PORTSDIR}/graphics/tiff \ gdbm.3:${PORTSDIR}/databases/gdbm \ - fftw.2:${PORTSDIR}/math/fftw + fftw.2:${PORTSDIR}/math/fftw \ + gmp.6:${PORTSDIR}/math/libgmp4 MAN1= pike.1 @@ -61,16 +63,12 @@ --without-gnome \ --without-glade \ --without-libglade-config \ + --without-machine-code \ --prefix=${PREFIX} .include <bsd.port.pre.mk> PLIST_SUB+= PORTVERSION=${PORTVERSION} - -# FreeBSD 5.0 Needs to have libgmp port to support gmp. -.if ${OSVERSION} >= 500000 -LIB_DEPENDS+= gmp.6:${PORTSDIR}/math/libgmp4 -.endif # Allow building Embeded perl when >= 5.6 .if ${PERL_LEVEL} > 500600 --- pike74-7.4.31_1.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031209173634.B7B8811ACE2>