Allow admins to start migrating to the new nomenclature for
failing addresses:
fail_soft -> pass
fail_hard -> fail
The queryprogram router should use the word decline
instead of fail.
New keyword timezone used to manipulate the TZ variable.
which officially fixes the setuid security exploit by the vendors.
Additionally, from the PR:
* adds in distribution patches to allow it to interoperate
with libtiff-3.5.5 (the current version in the ports tree),
and replace an original FreeBSD patch.
* includes security patches (replacements of 'strcpy' and
'sprintf', primarily), mostly based on patches originally
submitted by Alex Langer [1] for 4.0pl2 and not yet commited,
although some new work was done too.
[1] I don't think, that these were my patches but those submitted by
John Holland <john@zoner.org> in PR 19180.
* Fixes some issues with the configure/setup scripts introduced
since the previous version.
* Additionally, original FreeBSD patches from 4.0pl2 were
merged in where they were not addressed by anything else.
(except the I18N patch, sorry).
I removed the FORBIDDEN line since there are at least no obvious security
concerns left.
PR: 19237
Submitted by: Andy Sparrow <andy@geek4food.org>
control word to use 64-bit (extended) precision instead of FreeBSDs
default 53-bit (double) precision.
Submitted by: Sune Falck <sunef@hem.passagen.se>
Also provide following enhancements:
- Remove PLIST.perl and merge its contents into main PLIST using Satoshi's
%%PORTDOCS:%% hack;
- the same as previous for Gnome bits;
- automatically generate and substitute shared libraries version;
- slightly reorder Makefile to be more organised;
- remove mailformed pieces from configure patch (it is appears that somebody
did diff after USE_LIBTOOL hack has been applied).
The problem with temporary file/directory permission, which have been
dealt with by patches/patch-a[b-i] seems to have gone away.
However, I haven't examined the rest of the code to determine whether
security problems with this program have been corrected.
(CF: FreeBSD-SA-00:04.)
Correct typo from 1.33 which made rnews setuid news, not setgid uucp which it actually
required to implement the intended change.
Submitted by: Russ Allbery <rra@STANFORD.EDU> (first change) via Bugtraq