head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.4 pkgsrc-2013Q2-base:1.2 pkgsrc-2012Q4:1.2.0.2 pkgsrc-2012Q4-base:1.2 pkgsrc-2012Q2:1.1.0.12 pkgsrc-2012Q2-base:1.1 pkgsrc-2012Q1:1.1.0.10 pkgsrc-2012Q1-base:1.1 pkgsrc-2011Q4:1.1.0.8 pkgsrc-2011Q4-base:1.1 pkgsrc-2011Q3:1.1.0.6 pkgsrc-2011Q3-base:1.1 pkgsrc-2011Q2:1.1.0.4 pkgsrc-2011Q2-base:1.1 pkgsrc-2011Q1:1.1.0.2; locks; strict; comment @# @; 1.2 date 2012.08.01.17.52.22; author drochner; state dead; branches; next 1.1; 1.1 date 2011.06.13.22.06.39; author tez; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2011.06.13.22.06.39; author sbd; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2011.06.18.01.21.38; author sbd; state Exp; branches; next ; desc @@ 1.2 log @update to 1.6.4 this is a step of two major branches, to much to list here pkgsrc notes: -I've left out our NETBSD_ATOMIC_OPS patch because it is very invasive and gcc intrinsics are hopefully good enough -A workaround for non-standard behavior of vsnprintf has been added upstream, for HPUX as the comment says. We had a patch for __hpux||__sgi which is removed now - the sgi case should be checked. @ text @$NetBSD: patch-CVE-2011-2200,v 1.1 2011/06/13 22:06:39 tez Exp $ Patch for CVE-2011-2200 from http://cgit.freedesktop.org/dbus/dbus/commit/?h=dbus-1.2&id=6519a1f77c61d753d4c97efd6e15630eb275336e --- dbus/dbus-marshal-header.c.orig 2011-06-13 16:48:26.166342800 -0500 +++ dbus/dbus-marshal-header.c 2011-06-13 16:52:02.755479400 -0500 @@@@ -1462,14 +1462,20 @@@@ _dbus_header_byteswap (DBusHeader *header, int new_order) { + unsigned char byte_order; + if (header->byte_order == new_order) return; + byte_order = _dbus_string_get_byte (&header->data, BYTE_ORDER_OFFSET); + _dbus_assert (header->byte_order == byte_order); + _dbus_marshal_byteswap (&_dbus_header_signature_str, 0, header->byte_order, new_order, &header->data, 0); + _dbus_string_set_byte (&header->data, BYTE_ORDER_OFFSET, new_order); header->byte_order = new_order; } @ 1.1 log @Add patch for CVE-2011-2200 (SA44896) from http://cgit.freedesktop.org/dbus/dbus/commit/?h=dbus-1.2&id=6519a1f77c61d753d4c97efd6e15630eb275336e @ text @d1 1 a1 1 $NetBSD$ @ 1.1.2.1 log @file patch-CVE-2011-2200 was added on branch pkgsrc-2011Q1 on 2011-06-18 01:21:38 +0000 @ text @d1 27 @ 1.1.2.2 log @Pullup ticket #3458 - requested by tez sysutils/dbus security update Revisions pulled up: - sysutils/dbus/Makefile 1.52 - sysutils/dbus/distinfo 1.37 - sysutils/dbus/patches/patch-CVE-2011-2200 1.1 --- Module Name: pkgsrc Committed By: tez Date: Mon Jun 13 22:06:39 UTC 2011 Modified Files: pkgsrc/sysutils/dbus: Makefile distinfo Added Files: pkgsrc/sysutils/dbus/patches: patch-CVE-2011-2200 Log Message: Add patch for CVE-2011-2200 (SA44896) from http://cgit.freedesktop.org/dbus/dbus/commit/?h=dbus-1.2&id=6519a1f77c61d753d4c97efd6e15630eb275336e @ text @a0 27 $NetBSD$ Patch for CVE-2011-2200 from http://cgit.freedesktop.org/dbus/dbus/commit/?h=dbus-1.2&id=6519a1f77c61d753d4c97efd6e15630eb275336e --- dbus/dbus-marshal-header.c.orig 2011-06-13 16:48:26.166342800 -0500 +++ dbus/dbus-marshal-header.c 2011-06-13 16:52:02.755479400 -0500 @@@@ -1462,14 +1462,20 @@@@ _dbus_header_byteswap (DBusHeader *header, int new_order) { + unsigned char byte_order; + if (header->byte_order == new_order) return; + byte_order = _dbus_string_get_byte (&header->data, BYTE_ORDER_OFFSET); + _dbus_assert (header->byte_order == byte_order); + _dbus_marshal_byteswap (&_dbus_header_signature_str, 0, header->byte_order, new_order, &header->data, 0); + _dbus_string_set_byte (&header->data, BYTE_ORDER_OFFSET, new_order); header->byte_order = new_order; } @