Multiple vulnerabilities:
1) Various integer overflow errors exist in core modules e.g. stringobject,
unicodeobject, bufferobject, longobject, tupleobject, stropmodule, gcmodule, mmapmodule.
2) An integer overflow in the hashlib module can lead to an unreliable cryptographic digest results.
3) Integer overflow errors in the processing of unicode strings can be exploited to cause
buffer overflows on 32-bit systems.
4) An integer overflow exists in the PyOS_vsnprintf() function on architectures that do not
have a "vsnprintf()" function.
5) An integer underflow error in the PyOS_vsnprintf() function when passing zero-length strings
can lead to memory corruption.
PR: 127172 (based on)
Submitted by: bf <bf2006a@yahoo.com>
Obtained from: python svn
Security: CVE-2008-2315, CVE-2008-2316, CVE-2008-3142, CVE-2008-3144, CVE-2008-3143. (vuxml come later)
standard with a few extensions. Ucc is released
under BSD license.
Ucc is specificaly designed for personal research
and assist the undergraduate or graduate in compiler
learning. We hope that Ucc will be a seedbed for new
ideas and world-class optimizing techniques.
Ucc's design and development goals is clear code
structure,upstanding extensibility,retargetable and
excellent optimization.
WWW: http://ucc.sf.net
PR: ports/126551
Submitted by: Wen Heping <wenheping at gmail.com>
Specifically, newer autoconf (> 2.13) has different semantic of the
configure target. In short, one should use --build=CONFIGURE_TARGET
instead of CONFIGURE_TARGET directly. Otherwise, you will get a warning
and the old semantic may be removed in later autoconf releases.
To workaround this issue, many ports hack the CONFIGURE_TARGET variable
so that it contains the ``--build='' prefix.
To solve this issue, under the fact that some ports still have
configure script generated by the old autoconf, we use runtime detection
in the do-configure target so that the proper argument can be used.
Changes to Mk/*:
- Add runtime detection magic in bsd.port.mk
- Remove CONFIGURE_TARGET hack in various bsd.*.mk
- USE_GNOME=gnometarget is now an no-op
Changes to individual ports, other than removing the CONFIGURE_TARGET hack:
= pkg-plist changed (due to the ugly CONFIGURE_TARGET prefix in * executables)
- comms/gnuradio
- science/abinit
- science/elmer-fem
- science/elmer-matc
- science/elmer-meshgen2d
- science/elmerfront
- science/elmerpost
= use x86_64 as ARCH
- devel/g-wrap
= other changes
- print/magicfilter
GNU_CONFIGURE -> HAS_CONFIGURE since it's not generated by autoconf
Total # of ports modified: 1,027
Total # of ports affected: ~7,000 (set GNU_CONFIGURE to yes)
PR: 126524 (obsoletes 52917)
Submitted by: rafan
Tested on: two pointyhat 7-amd64 exp runs (by pav)
Approved by: portmgr (pav)
Maude 2.3 is compiles under 4.2 again, so port does not
need to be marked as broken anymore.
Quite a few hacks to get it installing properly:
* Coder forgot to include the *.maude files into the
Makefile.am while porting files into the MixFix directory
to Main directory. Included again, which explains the current
need of aclocal and automake to regenerate the Makefiles
* Project requires MAUDE_LIB env to be set to the location
of %%DATADIR%% which is quite cumbersome, introduced
MAUDE_DATA_DIR into the code to get rid of the non handy
environment variable.
PR: ports/126438
Submitted by: Rick van der Zwet <rick@wzoeterwoude.net>
- tolua++50 is to be used with lua 5.0 and tolua++ with lua 5.1, update depends accordingly
- Depend on lua with USE_LUA instead of LIB_DEPEND
- Make both ports install files to (lua version)-specific directories, so they can coexist peacefully in a manner similar to tolua/tolua50.
- Take maintainership
- Add distfile mirror
- Remove USE_LDCONFIG (ports do not install any shared libs)
- Fix pkg-descr
Approved by: miwi (mentor implicit)
- Patch lang/lua to behave as expected by the framework.
- Add missing library dependency (only run before) when using lua 5.1.
- Add notes in bsd.lua.mk for updating lang/lua* ports describing how they are
integrated into the ports tree.
PR: ports/126207
Submitted by: Daniel Roethlisberger <daniel@roe.ch>
applications, which conforms to the latest standard R^6RS.
Ypsilon features mostly concurrent garbage collector optimized for systems
with multiple CPUs, and an easy to use FFI.
WWW: http://code.google.com/p/ypsilon/
PR: ports/126015
Submitted by: Vitaly Magerya <vmagerya@gmail.com>
Approved by: gabor (mentor, implicit)
