From voroskoi at frugalware.org  Mon Oct  1 09:41:53 2007
From: voroskoi at frugalware.org (voroskoi)
Date: Mon Oct  1 09:41:58 2007
Subject: [Frugalware-darcs] frugalware-0.6: wordpress-2.2.3-1terminus1-i686
Message-ID: <20071001074153.8472213A406A@genesis.frugalware.org>

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071001072955-dd049-420ccb8e26f96e9641365c4d8647a2f8bf4d7720.gz;

[wordpress-2.2.3-1terminus1-i686
voroskoi <voroskoi@frugalware.org>**20071001072955
 secfix bump, closes #2398
] {
hunk ./source/network-extra/wordpress/FrugalBuild 5
-pkgver=2.2.2
+pkgver=2.2.3
hunk ./source/network-extra/wordpress/FrugalBuild 24
-sha1sums=('2ab690dea011f9addcda18ef6579cdc93b7af3fc')
+sha1sums=('171ed6bba94301406cb94b725d2f9ecca6cefecc')
}
From voroskoi at frugalware.org  Mon Oct  1 10:22:10 2007
From: voroskoi at frugalware.org (voroskoi)
Date: Mon Oct  1 10:22:13 2007
Subject: [Frugalware-darcs] 
	frugalware-0.6: libsndfile-1.0.17-3terminus1-i686
Message-ID: <20071001082210.AAC3313A406A@genesis.frugalware.org>

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071001080838-dd049-0091384801c29cd6ccf94a80d8518f7d5f3b8348.gz;

[libsndfile-1.0.17-3terminus1-i686
voroskoi <voroskoi@frugalware.org>**20071001080838
 secfix relbump, closes #2431
] {
addfile ./source/lib/libsndfile/CVE-2007-4974.diff
hunk ./source/lib/libsndfile/CVE-2007-4974.diff 1
+Index: libsndfile-1.0.17/src/flac.c
+===================================================================
+--- libsndfile-1.0.17.orig/src/flac.c
++++ libsndfile-1.0.17/src/flac.c
+@@ -57,7 +57,7 @@ flac_open (SF_PRIVATE *psf)
+ ** Private static functions.
+ */
+ 
+-#define ENC_BUFFER_SIZE 4096
++#define ENC_BUFFER_SIZE 8192
+ 
+ typedef enum
+ {	PFLAC_PCM_SHORT = 0,
+@@ -202,6 +202,17 @@ flac_buffer_copy (SF_PRIVATE *psf)
+ 	const FLAC__int32* const *buffer = pflac->wbuffer ;
+ 	unsigned i = 0, j, offset ;
+ 
++	/*
++	**	frame->header.blocksize is variable and we're using a constant blocksize
++	**	of FLAC__MAX_BLOCK_SIZE.
++	**	Check our assumptions here.
++	*/
++	if (frame->header.blocksize > FLAC__MAX_BLOCK_SIZE)
++	{	psf_log_printf (psf, "Ooops : frame->header.blocksize (%d) > FLAC__MAX_BLOCK_SIZE (%d)\n", __func__, __LINE__, frame->header.blocksize, FLAC__MAX_BLOCK_SIZE) ;
++		psf->error = SFE_INTERNAL ;
++		return 0 ;
++		} ;
++
+ 	if (pflac->ptr == NULL)
+ 	{	/*
+ 		**	Not sure why this code is here and not elsewhere.
+@@ -210,7 +221,7 @@ flac_buffer_copy (SF_PRIVATE *psf)
+ 		pflac->bufferbackup = SF_TRUE ;
+ 		for (i = 0 ; i < frame->header.channels ; i++)
+ 		{	if (pflac->rbuffer [i] == NULL)
+-				pflac->rbuffer [i] = calloc (frame->header.blocksize, sizeof (FLAC__int32)) ;
++				pflac->rbuffer [i] = calloc (FLAC__MAX_BLOCK_SIZE, sizeof (FLAC__int32)) ;
+ 			memcpy (pflac->rbuffer [i], buffer [i], frame->header.blocksize * sizeof (FLAC__int32)) ;
+ 			} ;
+ 		pflac->wbuffer = (const FLAC__int32* const*) pflac->rbuffer ;
hunk ./source/lib/libsndfile/FrugalBuild 6
-pkgrel=2
+pkgrel=3terminus1
hunk ./source/lib/libsndfile/FrugalBuild 14
-	libsndfile-fixhtmldocsdir.patch libsndfile-flac113.patch)
+	libsndfile-fixhtmldocsdir.patch libsndfile-flac113.patch CVE-2007-4974.diff)
hunk ./source/lib/libsndfile/FrugalBuild 17
-	Fcd
hunk ./source/lib/libsndfile/FrugalBuild 22
+sha1sums=('2f66798d596a15491fbd1191ded8125ed71ef411' \
+          '7c61fe6d99ebe664647ce5a1eaf0dce13a183c17' \
+          '4813db22f1dee9f8b3affccbf3783e53160366a1' \
+          'aaa818fdfa35002af77b84b19398dae5c3f53744')
hunk ./source/lib/libsndfile/FrugalBuild 27
-sha1sums=('2f66798d596a15491fbd1191ded8125ed71ef411'\
-          '7c61fe6d99ebe664647ce5a1eaf0dce13a183c17'\
-          '4813db22f1dee9f8b3affccbf3783e53160366a1')
}
From voroskoi at frugalware.org  Mon Oct  1 10:33:46 2007
From: voroskoi at frugalware.org (voroskoi)
Date: Mon Oct  1 10:33:49 2007
Subject: [Frugalware-darcs] frugalware-0.6: mediawiki-1.9.4-1terminus1-i686
Message-ID: <20071001083346.3EB0A13A406A@genesis.frugalware.org>

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071001081754-dd049-843daa2c86669e00af94d1688e0dcc233d405401.gz;

[mediawiki-1.9.4-1terminus1-i686
voroskoi <voroskoi@frugalware.org>**20071001081754
 secfix bump, closes #2412
] {
hunk ./source/network-extra/mediawiki/FrugalBuild 6
-pkgver=1.9.3
-pkgrel=1
+pkgver=1.9.4
+pkgrel=1terminus1
hunk ./source/network-extra/mediawiki/FrugalBuild 16
-source=($source README.Frugalware mediawikisetup)
+source=(http://download.wikimedia.org/mediawiki/1.9/mediawiki-1.9.4.tar.gz \
+	README.Frugalware mediawikisetup)
hunk ./source/network-extra/mediawiki/FrugalBuild 28
-sha1sums=('a2f56a22241ad65b4f2130c87525108b80cf03e4'\
-          '2c70930c46b8a5d87e830f64dc2761c5506ce967'\
+sha1sums=('9162571c56e95f2b9e941921d4d9f1826f7ae37f' \
+          '2c70930c46b8a5d87e830f64dc2761c5506ce967' \
}
From voroskoi at frugalware.org  Mon Oct  1 10:55:31 2007
From: voroskoi at frugalware.org (voroskoi)
Date: Mon Oct  1 10:55:33 2007
Subject: [Frugalware-darcs] 
	frugalware-0.6: inotify-tools-3.8-2terminus1-i686
Message-ID: <20071001085531.958CC13A406A@genesis.frugalware.org>

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071001084237-dd049-900d2ea7bb1ffd14a11a8ae4bf81e1cc38b238b7.gz;

[inotify-tools-3.8-2terminus1-i686
voroskoi <voroskoi@frugalware.org>**20071001084237
 secfix relbump, closes #2425
] {
addfile ./source/apps-extra/inotify-tools/CVE-2007-5037.diff
hunk ./source/apps-extra/inotify-tools/CVE-2007-5037.diff 1
+--- inotify-tools-3.10/libinotifytools/src/inotifytools.c	2007-05-03 09:28:22.000000000 +0200
++++ inotify-tools-3.11/libinotifytools/src/inotifytools.c	2007-09-16 10:16:14.000000000 +0200
+@@ -1828,7 +1828,7 @@
+ 
+ 		if ( ch1 == 'w' ) {
+ 			if ( filename ) {
+-				strncpy( &out[ind], filename, MAX_STRLEN - ind );
++				strncpy( &out[ind], filename, size - ind );
+ 				ind += strlen(filename);
+ 			}
+ 			++i;
+@@ -1837,7 +1837,7 @@
+ 
+ 		if ( ch1 == 'f' ) {
+ 			if ( eventname ) {
+-				strncpy( &out[ind], eventname, MAX_STRLEN - ind );
++				strncpy( &out[ind], eventname, size - ind );
+ 				ind += strlen(eventname);
+ 			}
+ 			++i;
+@@ -1846,7 +1846,7 @@
+ 
+ 		if ( ch1 == 'e' ) {
+ 			eventstr = inotifytools_event_to_str( event->mask );
+-			strncpy( &out[ind], eventstr, MAX_STRLEN - ind );
++			strncpy( &out[ind], eventstr, size - ind );
+ 			ind += strlen(eventstr);
+ 			++i;
+ 			continue;
+@@ -1869,7 +1869,7 @@
+ 				timestr[0] = 0;
+ 			}
+ 
+-			strncpy( &out[ind], timestr, MAX_STRLEN - ind );
++			strncpy( &out[ind], timestr, size - ind );
+ 			ind += strlen(timestr);
+ 			++i;
+ 			continue;
+@@ -1878,7 +1878,7 @@
+ 		// Check if next char in fmt is e
+ 		if ( i < strlen(fmt) - 2 && fmt[i+2] == 'e' ) {
+ 			eventstr = inotifytools_event_to_str_sep( event->mask, ch1 );
+-			strncpy( &out[ind], eventstr, MAX_STRLEN - ind );
++			strncpy( &out[ind], eventstr, size - ind );
+ 			ind += strlen(eventstr);
+ 			i += 2;
+ 			continue;
hunk ./source/apps-extra/inotify-tools/FrugalBuild 6
-pkgrel=1
+pkgrel=2terminus1
hunk ./source/apps-extra/inotify-tools/FrugalBuild 13
+source=($source CVE-2007-5037.diff)
+sha1sums=('ead89b7bf8402e88909de43831424143a40e9eea' \
+          'b82c4957deada2e133bccb8ad8cd47df2009bbfe')
hunk ./source/apps-extra/inotify-tools/FrugalBuild 17
-sha1sums=('ead89b7bf8402e88909de43831424143a40e9eea')
}
From voroskoi at frugalware.org  Mon Oct  1 11:56:18 2007
From: voroskoi at frugalware.org (voroskoi)
Date: Mon Oct  1 11:56:21 2007
Subject: [Frugalware-darcs] frugalware-0.6: elinks-0.11.2-2terminus2-i686
Message-ID: <20071001095618.2E58A13A406A@genesis.frugalware.org>

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071001094207-dd049-7520f5d2d6cdb409a68cd237188e2399de51b888.gz;

[elinks-0.11.2-2terminus2-i686
voroskoi <voroskoi@frugalware.org>**20071001094207
 secfix relbump, closes #2457
] {
addfile ./source/network/elinks/CVE-2007-5034.diff
hunk ./source/network/elinks/CVE-2007-5034.diff 1
+diff -aur elinks-0.11.2/src/protocol/http/http.c fw_elinks-0.11.2/src/protocol/http/http.c
+--- elinks-0.11.2/src/protocol/http/http.c	2006-11-19 14:46:37.000000000 +0100
++++ fw_elinks-0.11.2/src/protocol/http/http.c	2007-10-01 11:26:47.000000000 +0200
+@@ -685,31 +685,33 @@
+ 		add_crlf_to_string(&header);
+ 	}
+ 
+-	switch (get_opt_int("protocol.http.referer.policy")) {
+-		case REFERER_NONE:
+-			/* oh well */
+-			break;
++	if (!use_connect) {
++		switch (get_opt_int("protocol.http.referer.policy")) {
++			case REFERER_NONE:
++				/* oh well */
++				break;
+ 
+-		case REFERER_FAKE:
+-			optstr = get_opt_str("protocol.http.referer.fake");
+-			if (!optstr[0]) break;
+-			add_to_string(&header, "Referer: ");
+-			add_to_string(&header, optstr);
+-			add_crlf_to_string(&header);
+-			break;
++			case REFERER_FAKE:
++				optstr = get_opt_str("protocol.http.referer.fake");
++				if (!optstr[0]) break;
++				add_to_string(&header, "Referer: ");
++				add_to_string(&header, optstr);
++				add_crlf_to_string(&header);
++				break;
+ 
+-		case REFERER_TRUE:
+-			if (!conn->referrer) break;
+-			add_to_string(&header, "Referer: ");
+-			add_url_to_http_string(&header, conn->referrer, URI_HTTP_REFERRER);
+-			add_crlf_to_string(&header);
+-			break;
++			case REFERER_TRUE:
++				if (!conn->referrer) break;
++				add_to_string(&header, "Referer: ");
++				add_url_to_http_string(&header, conn->referrer, URI_HTTP_REFERRER);
++				add_crlf_to_string(&header);
++				break;
+ 
+-		case REFERER_SAME_URL:
+-			add_to_string(&header, "Referer: ");
+-			add_url_to_http_string(&header, uri, URI_HTTP_REFERRER);
+-			add_crlf_to_string(&header);
+-			break;
++			case REFERER_SAME_URL:
++				add_to_string(&header, "Referer: ");
++				add_url_to_http_string(&header, uri, URI_HTTP_REFERRER);
++				add_crlf_to_string(&header);
++				break;
++		}
+ 	}
+ 
+ 	add_to_string(&header, "Accept: */*");
+@@ -782,7 +784,7 @@
+ 		add_crlf_to_string(&header);
+ 	}
+ 
+-	if (conn->cached) {
++	if (!use_connect && conn->cached) {
+ 		if (!conn->cached->incomplete && conn->cached->head && conn->cached->last_modified
+ 		    && conn->cache_mode <= CACHE_MODE_CHECK_IF_MODIFIED) {
+ 			add_to_string(&header, "If-Modified-Since: ");
+@@ -798,7 +800,7 @@
+ 		add_crlf_to_string(&header);
+ 	}
+ 
+-	if (conn->from || conn->progress->start > 0) {
++	if (!use_connect && (conn->from || conn->progress->start > 0)) {
+ 		/* conn->from takes precedence. conn->progress.start is set only the first
+ 		 * time, then conn->from gets updated and in case of any retries
+ 		 * etc we have everything interesting in conn->from already. */
+@@ -808,7 +810,9 @@
+ 		add_crlf_to_string(&header);
+ 	}
+ 
+-	entry = find_auth(uri);
++	if (!use_connect) {
++		entry = find_auth(uri);
++	}
+ 	if (entry) {
+ 		if (entry->digest) {
+ 			unsigned char *response;
+@@ -848,7 +852,7 @@
+ 		}
+ 	}
+ 
+-	if (uri->post) {
++	if (!use_connect && uri->post) {
+ 		/* We search for first '\n' in uri->post to get content type
+ 		 * as set by get_form_uri(). This '\n' is dropped if any
+ 		 * and replaced by correct '\r\n' termination here. */
+@@ -867,7 +871,7 @@
+ 	}
+ 
+ #ifdef CONFIG_COOKIES
+-	{
++	if (!use_connect) {
+ 		struct string *cookies = send_cookies(uri);
+ 
+ 		if (cookies) {
+@@ -887,6 +891,8 @@
+ 		unsigned char buffer[POST_BUFFER_SIZE];
+ 		int n = 0;
+ 
++		assert(!use_connect);
++
+ 		while (post[0] && post[1]) {
+ 			int h1, h2;
+ 
hunk ./source/network/elinks/FrugalBuild 7
-pkgrel=2terminus1
+pkgrel=2terminus2
hunk ./source/network/elinks/FrugalBuild 16
-	elinks-0.11.0-gcc4-inline.patch  elinks-0.11.0-ruby.patch CVE-2007-2027.diff)
+	elinks-0.11.0-gcc4-inline.patch elinks-0.11.0-ruby.patch \
+	CVE-2007-2027.diff CVE-2007-5034.diff)
hunk ./source/network/elinks/FrugalBuild 30
-sha1sums=('47669c38e1e5ebb35015a9a9a8f9c898821bd408'\
-          '68f6c6dc3bf170aeef6b0d3a5df46bd53b7a3bef'\
-          'e11b612c791cbf371d61e943556220aff0e1b472'\
-          '5cb02dfd86fe1967d2e07b47609762e22b9a236e')
+sha1sums=('47669c38e1e5ebb35015a9a9a8f9c898821bd408' \
+          '68f6c6dc3bf170aeef6b0d3a5df46bd53b7a3bef' \
+          'e11b612c791cbf371d61e943556220aff0e1b472' \
+          '5cb02dfd86fe1967d2e07b47609762e22b9a236e' \
+          '01e58c6236d9f1ffd9fa14f6c79b8f975c1e02d7')
}
From voroskoi at frugalware.org  Tue Oct  2 22:51:31 2007
From: voroskoi at frugalware.org (voroskoi)
Date: Tue Oct  2 22:51:33 2007
Subject: [Frugalware-darcs] frugalware-0.6: firefox-2.0.0.7-1terminus1-i686
Message-ID: <20071002205131.8188213A4076@genesis.frugalware.org>

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071002204923-dd049-8167ce00e32798b13e63d000ee415c27f12fbcc2.gz;

[firefox-2.0.0.7-1terminus1-i686
voroskoi <voroskoi@frugalware.org>**20071002204923
 secfix bump, closes #2423
] {
hunk ./source/xapps/firefox/FrugalBuild 7
-pkgver=2.0.0.6
+pkgver=2.0.0.7
}
From voroskoi at frugalware.org  Tue Oct  2 23:12:08 2007
From: voroskoi at frugalware.org (voroskoi)
Date: Tue Oct  2 23:12:09 2007
Subject: [Frugalware-darcs] frugalware-0.6: devhelp-0.13-3terminus5-i686
Message-ID: <20071002211208.3B82013A4076@genesis.frugalware.org>

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071002211028-dd049-feecce803bbae0ac4bfeb496880ae29d87ea90ce.gz;

[devhelp-0.13-3terminus5-i686
voroskoi <voroskoi@frugalware.org>**20071002211028
 rebuilt with ff 2.0.0.7
] {
hunk ./source/gnome-extra/devhelp/FrugalBuild 6
-pkgrel=3terminus4
+pkgrel=3terminus5
hunk ./source/gnome-extra/devhelp/FrugalBuild 9
-depends=('libglade' 'libwnck' 'gconf' 'firefox=2.0.0.6' 'dbus-glib>=0.71-2')
+depends=('libglade' 'libwnck' 'gconf' 'firefox=2.0.0.7' 'dbus-glib>=0.71-2')
}
From voroskoi at frugalware.org  Tue Oct  2 23:51:01 2007
From: voroskoi at frugalware.org (voroskoi)
Date: Tue Oct  2 23:51:03 2007
Subject: [Frugalware-darcs] frugalware-0.6: epiphany-2.18.0-2terminus5-i686
Message-ID: <20071002215101.3B82213A4077@genesis.frugalware.org>

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071002214935-dd049-58dd9c8ec8f0cf672baa63e1ae307bc11f1705f2.gz;

[epiphany-2.18.0-2terminus5-i686
voroskoi <voroskoi@frugalware.org>**20071002214935
 rebuilt with ff 2.0.0.7
] {
hunk ./source/gnome-extra/epiphany/FrugalBuild 6
-pkgrel=2terminus4
+pkgrel=2terminus5
hunk ./source/gnome-extra/epiphany/FrugalBuild 10
-	 'firefox=2.0.0.6' 'docbook-xsl')
+	 'firefox=2.0.0.7' 'docbook-xsl')
hunk ./source/gnome-extra/epiphany/FrugalBuild 23
-
hunk ./source/gnome-extra/epiphany/FrugalBuild 24
+
}
From voroskoi at frugalware.org  Tue Oct  2 23:51:52 2007
From: voroskoi at frugalware.org (voroskoi)
Date: Tue Oct  2 23:51:55 2007
Subject: [Frugalware-darcs] frugalware-0.6: yelp-2.18.0-2terminus5-x86_64
Message-ID: <20071002215153.1DBFC13A4077@genesis.frugalware.org>

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071002215015-dd049-e639208bcd784ab5ebe26cadff56ce543451a824.gz;

[yelp-2.18.0-2terminus5-x86_64
voroskoi <voroskoi@frugalware.org>**20071002215015
 rebuilt with ff 2.0.0.7
] {
hunk ./source/gnome/yelp/FrugalBuild 6
-pkgrel=2terminus4
+pkgrel=2terminus5
hunk ./source/gnome/yelp/FrugalBuild 9
-depends=('libgnomeui>=2.18.0' 'libxslt' 'firefox=2.0.0.6' \
+depends=('libgnomeui>=2.18.0' 'libxslt' 'firefox=2.0.0.7' \
hunk ./source/gnome/yelp/FrugalBuild 19
-
hunk ./source/gnome/yelp/FrugalBuild 20
+
}
From voroskoi at frugalware.org  Wed Oct  3 00:14:54 2007
From: voroskoi at frugalware.org (voroskoi)
Date: Wed Oct  3 00:14:56 2007
Subject: [Frugalware-darcs] frugalware-0.6: galeon-2.0.3-6terminus5-i686
Message-ID: <20071002221454.4C5CC13A4077@genesis.frugalware.org>

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071002221359-dd049-1e8789d32c43f92bcf7313b258b1a2f83b2e8c90.gz;

[galeon-2.0.3-6terminus5-i686
voroskoi <voroskoi@frugalware.org>**20071002221359
 rebuilt with ff 2.0.0.7
] {
hunk ./source/gnome-extra/galeon/FrugalBuild 6
-pkgrel=6terminus4
+pkgrel=6terminus5
hunk ./source/gnome-extra/galeon/FrugalBuild 9
-depends=('firefox=2.0.0.6' 'gnome-desktop' 'dbus-glib>=0.71-2')
+depends=('firefox=2.0.0.7' 'gnome-desktop' 'dbus-glib>=0.71-2')
hunk ./source/gnome-extra/galeon/FrugalBuild 23
-
}
From voroskoi at frugalware.org  Thu Oct  4 11:00:35 2007
From: voroskoi at frugalware.org (voroskoi)
Date: Thu Oct  4 11:00:39 2007
Subject: [Frugalware-darcs] frugalware-0.6: t1lib-5.1.1-2terminus1-i686
Message-ID: <20071004090035.ADEE513A4012@genesis.frugalware.org>

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071004084615-dd049-10963981f4ebe3d07e38570a77ad1718ef8529b1.gz;

[t1lib-5.1.1-2terminus1-i686
voroskoi <voroskoi@frugalware.org>**20071004084615
 secfix relbump, closes #2297
] {
addfile ./source/xlib/t1lib/CVE-2007-4033.diff
hunk ./source/xlib/t1lib/CVE-2007-4033.diff 1
+--- t1lib-5.1.0.orig/lib/t1lib/t1env.c
++++ t1lib-5.1.0/lib/t1lib/t1env.c
+@@ -611,6 +611,12 @@
+ #endif 
+     strcat( pathbuf, DIRECTORY_SEP);
+     /* And finally the filename: */
++    /* If current pathbuf + StrippedName + 1 byte for NULL is bigger than pathbuf
++       let's try next pathbuf */
++    if( strlen(pathbuf) + strlen(StrippedName) + 1 > sizeof(pathbuf) ) {
++	i++;
++    	continue;
++    }
+     strcat( pathbuf, StrippedName);
+     
+     /* Check for existence of the path: */
hunk ./source/xlib/t1lib/FrugalBuild 6
-pkgrel=1
-pkgdesc="Library for generating character- and string-glyphs from Adobe Type 1 fonts"
+pkgrel=2terminus1
+pkgdesc="Library for generating character- and string-glyphs from Adobe Type 1 fonts."
hunk ./source/xlib/t1lib/FrugalBuild 10
-makedepends=('tetex')
hunk ./source/xlib/t1lib/FrugalBuild 13
-source=("http://www.ibiblio.org/pub/Linux/libs/graphics/$pkgname-$pkgver.tar.gz")
+source=(http://www.ibiblio.org/pub/Linux/libs/graphics/$pkgname-$pkgver.tar.gz CVE-2007-4033.diff)
hunk ./source/xlib/t1lib/FrugalBuild 17
-	Fsed "all: t1lib_doc.ps" "all: pdf" doc/Makefile.in
-	Fbuild
+	Fpatchall
+	Fconf
+	make without_doc || Fdie
+	Fmakeinstall
+	chmod +x $Fdestdir/usr/lib/*.so || Fdie
hunk ./source/xlib/t1lib/FrugalBuild 23
+sha1sums=('98418741cb9e0a27d65c2313f93bd1ef53ec1833' \
+          'f99460baf795c67bf4063fad33c93b040a13e78a')
hunk ./source/xlib/t1lib/FrugalBuild 26
-sha1sums=('98418741cb9e0a27d65c2313f93bd1ef53ec1833')
}
From voroskoi at frugalware.org  Fri Oct  5 12:05:19 2007
From: voroskoi at frugalware.org (voroskoi)
Date: Fri Oct  5 12:05:29 2007
Subject: [Frugalware-darcs] frugalware-0.6: ruby-1.8.5-4terminus2-i686
Message-ID: <20071005100519.24F6313A4013@genesis.frugalware.org>

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071005094601-dd049-dbc13306096f7afa2acc26d2eb9c2f981cccfc2b.gz;

[ruby-1.8.5-4terminus2-i686
voroskoi <voroskoi@frugalware.org>**20071005094601
 secfix relbump, closes #2459
] {
addfile ./source/devel/ruby/CVE-2007-5162.diff
hunk ./source/devel/ruby/CVE-2007-5162.diff 1
+--- ruby_1_8_5/lib/net/http.rb	2007/09/24 07:55:41	13501
++++ ruby_1_8_5/lib/net/http.rb	2007/09/24 08:02:31	13502
+@@ -470,6 +470,7 @@
+       @debug_output = nil
+       @use_ssl = false
+       @ssl_context = nil
++      @enable_post_connection_check = false
+     end
+ 
+     def inspect
+@@ -526,6 +527,9 @@
+       false   # redefined in net/https
+     end
+ 
++    # specify enabling SSL server certificate and hostname checking.
++    attr_accessor :enable_post_connection_check
++
+     # Opens TCP connection and HTTP session.
+     # 
+     # When this method is called with block, gives a HTTP object
+@@ -584,6 +588,14 @@
+           HTTPResponse.read_new(@socket).value
+         end
+         s.connect
++        if @ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE
++          begin
++            s.post_connection_check(@address)
++          rescue OpenSSL::SSL::SSLError => ex
++            raise ex if @enable_post_connection_check
++            warn ex.message
++          end
++        end
+       end
+       on_connect
+     end
+--- ruby_1_8_5/lib/open-uri.rb	2007/09/24 07:55:41	13501
++++ ruby_1_8_5/lib/open-uri.rb	2007/09/24 08:02:31	13502
+@@ -229,6 +229,7 @@
+     if target.class == URI::HTTPS
+       require 'net/https'
+       http.use_ssl = true
++      http.enable_post_connection_check = true
+       http.verify_mode = OpenSSL::SSL::VERIFY_PEER
+       store = OpenSSL::X509::Store.new
+       store.set_default_paths
+@@ -240,16 +241,6 @@
+ 
+     resp = nil
+     http.start {
+-      if target.class == URI::HTTPS
+-        # xxx: information hiding violation
+-        sock = http.instance_variable_get(:@socket)
+-        if sock.respond_to?(:io)
+-          sock = sock.io # 1.9
+-        else
+-          sock = sock.instance_variable_get(:@socket) # 1.8
+-        end
+-        sock.post_connection_check(target_host)
+-      end
+       req = Net::HTTP::Get.new(request_uri, header)
+       if options.include? :http_basic_authentication
+         user, pass = options[:http_basic_authentication]
+--- ruby_1_8_5/ext/openssl/lib/openssl/ssl.rb	2007/09/24 07:55:41	13501
++++ ruby_1_8_5/ext/openssl/lib/openssl/ssl.rb	2007/09/24 08:02:31	13502
+@@ -88,7 +88,7 @@
+             end
+           }
+         end
+-        raise SSLError, "hostname not match"
++        raise SSLError, "hostname was not match with the server certificate"
+       end
+     end
+ 
hunk ./source/devel/ruby/FrugalBuild 6
-pkgrel=4terminus1
+pkgrel=4terminus2
hunk ./source/devel/ruby/FrugalBuild 14
-source=(ftp://ftp.ruby-lang.org/pub/ruby/ruby-$pkgver.tar.gz CVE-2006-5467.patch)
+source=(ftp://ftp.ruby-lang.org/pub/ruby/ruby-$pkgver.tar.gz CVE-2006-5467.patch CVE-2007-5162.diff)
hunk ./source/devel/ruby/FrugalBuild 16
-	  '0699e71e4f85a91e927eaa84830de44c9d578828')
+          '0699e71e4f85a91e927eaa84830de44c9d578828' \
+          'f298a3da2e62eea703934e131cc759cfcda4812b')
}
From voroskoi at frugalware.org  Sat Oct  6 09:45:47 2007
From: voroskoi at frugalware.org (voroskoi)
Date: Sat Oct  6 09:45:48 2007
Subject: [Frugalware-darcs] frugalware-0.6: openssl-0.9.8-7terminus1-i686
Message-ID: <20071006074547.90AA913A40D5@genesis.frugalware.org>

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071006072826-dd049-7758c1ba92a36fb92dde04a9a30a9100a0cac13c.gz;

[openssl-0.9.8-7terminus1-i686
voroskoi <voroskoi@frugalware.org>**20071006072826
 secfix relbump, closes #2466
] {
addfile ./source/lib/openssl/CVE-2007-5135.diff
hunk ./source/lib/openssl/CVE-2007-5135.diff 1
+diff -aur openssl-0.9.8e/ssl/ssl_lib.c fw_openssl-0.9.8e/ssl/ssl_lib.c
+--- openssl-0.9.8e/ssl/ssl_lib.c	2006-11-29 21:47:15.000000000 +0100
++++ fw_openssl-0.9.8e/ssl/ssl_lib.c	2007-10-05 12:12:10.000000000 +0200
+@@ -1201,7 +1201,6 @@
+ char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
+ 	{
+ 	char *p;
+-	const char *cp;
+ 	STACK_OF(SSL_CIPHER) *sk;
+ 	SSL_CIPHER *c;
+ 	int i;
+@@ -1214,20 +1213,21 @@
+ 	sk=s->session->ciphers;
+ 	for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
+ 		{
+-		/* Decrement for either the ':' or a '\0' */
+-		len--;
++		int n;
++
+ 		c=sk_SSL_CIPHER_value(sk,i);
+-		for (cp=c->name; *cp; )
++		n=strlen(c->name);
++		if (n+1 > len)
+ 			{
+-			if (len-- <= 0)
+-				{
+-				*p='\0';
+-				return(buf);
+-				}
+-			else
+-				*(p++)= *(cp++);
++			if (p != buf)
++				--p;
++			*p='\0';
++			return buf;
+ 			}
++		strcpy(p,c->name);
++		p+=n;
+ 		*(p++)=':';
++		len-=n+1;
+ 		}
+ 	p[-1]='\0';
+ 	return(buf);
hunk ./source/lib/openssl/FrugalBuild 8
-pkgrel=6
+pkgrel=7terminus1
hunk ./source/lib/openssl/FrugalBuild 16
-source=($url$pkgname-$pkgver$pkgextraver.tar.gz man_symlinks.diff)
-signatures=("$source.asc" '')
+source=($url$pkgname-$pkgver$pkgextraver.tar.gz man_symlinks.diff bn_mont.c.diff CVE-2007-5135.diff)
+signatures=("$source.asc" '' '' '')
addfile ./source/lib/openssl/bn_mont.c.diff
hunk ./source/lib/openssl/bn_mont.c.diff 1
+--- openssl-0.9.8c.orig/crypto/bn/bn_mont.c
++++ openssl-0.9.8c/crypto/bn/bn_mont.c
+@@ -176,7 +176,6 @@
+ 
+ 	max=(nl+al+1); /* allow for overflow (no?) XXX */
+ 	if (bn_wexpand(r,max) == NULL) goto err;
+-	if (bn_wexpand(ret,max) == NULL) goto err;
+ 
+ 	r->neg=a->neg^n->neg;
+ 	np=n->d;
+@@ -228,19 +227,70 @@
+ 		}
+ 	bn_correct_top(r);
+ 	
+-	/* mont->ri will be a multiple of the word size */
+-#if 0
+-	BN_rshift(ret,r,mont->ri);
+-#else
+-	ret->neg = r->neg;
+-	x=ri;
++	/* mont->ri will be a multiple of the word size and below code
++	 * is kind of BN_rshift(ret,r,mont->ri) equivalent */
++	if (r->top <= ri)
++		{
++		ret->top=0;
++		retn=1;
++		goto err;
++		}
++	al=r->top-ri;
++
++# define BRANCH_FREE 1
++# if BRANCH_FREE
++	if (bn_wexpand(ret,ri) == NULL) goto err;
++	x=0-(((al-ri)>>(sizeof(al)*8-1))&1);
++	ret->top=x=(ri&~x)|(al&x);	/* min(ri,al) */
++	ret->neg=r->neg;
++
+ 	rp=ret->d;
+-	ap= &(r->d[x]);
+-	if (r->top < x)
+-		al=0;
+-	else
+-		al=r->top-x;
++	ap=&(r->d[ri]);
++
++	{
++	size_t m1,m2;
++
++	v=bn_sub_words(rp,ap,np,ri);
++	/* this ----------------^^ works even in al<ri case
++	 * thanks to zealous zeroing of top of the vector in the
++	 * beginning. */
++
++	/* if (al==ri && !v) || al>ri) nrp=rp; else nrp=ap; */
++	/* in other words if subtraction result is real, then
++	 * trick unconditional memcpy below to perform in-place
++	 * "refresh" instead of actual copy. */
++	m1=0-(size_t)(((al-ri)>>(sizeof(al)*8-1))&1);	/* al<ri */
++	m2=0-(size_t)(((ri-al)>>(sizeof(al)*8-1))&1);	/* al>ri */
++	m1|=m2;			/* (al!=ri) */
++	m1|=(0-(size_t)v);	/* (al!=ri || v) */
++	m1&=~m2;		/* (al!=ri || v) && !al>ri */
++	nrp=(BN_ULONG *)(((size_t)rp&~m1)|((size_t)ap&m1));
++	}
++
++	/* 'i<ri' is chosen to eliminate dependency on input data, even
++	 * though it results in redundant copy in al<ri case. */
++	for (i=0,ri-=4; i<ri; i+=4)
++		{
++		BN_ULONG t1,t2,t3,t4;
++		
++		t1=nrp[i+0];
++		t2=nrp[i+1];
++		t3=nrp[i+2];	ap[i+0]=0;
++		t4=nrp[i+3];	ap[i+1]=0;
++		rp[i+0]=t1;	ap[i+2]=0;
++		rp[i+1]=t2;	ap[i+3]=0;
++		rp[i+2]=t3;
++		rp[i+3]=t4;
++		}
++	for (ri+=4; i<ri; i++)
++		rp[i]=nrp[i], ap[i]=0;
++# else
++	if (bn_wexpand(ret,al) == NULL) goto err;
+ 	ret->top=al;
++	ret->neg=r->neg;
++
++	rp=ret->d;
++	ap=&(r->d[ri]);
+ 	al-=4;
+ 	for (i=0; i<al; i+=4)
+ 		{
+@@ -258,7 +308,7 @@
+ 	al+=4;
+ 	for (; i<al; i++)
+ 		rp[i]=ap[i];
+-#endif
++# endif
+ #else /* !MONT_WORD */ 
+ 	BIGNUM *t1,*t2;
+ 
+@@ -278,10 +328,12 @@
+ 	if (!BN_rshift(ret,t2,mont->ri)) goto err;
+ #endif /* MONT_WORD */
+ 
++#if !defined(BRANCH_FREE) || BRANCH_FREE==0
+ 	if (BN_ucmp(ret, &(mont->N)) >= 0)
+ 		{
+ 		if (!BN_usub(ret,ret,&(mont->N))) goto err;
+ 		}
++#endif
+ 	retn=1;
+ 	bn_check_top(ret);
+  err:
}
From voroskoi at frugalware.org  Sat Oct  6 09:45:58 2007
From: voroskoi at frugalware.org (voroskoi)
Date: Sat Oct  6 09:45:59 2007
Subject: [Frugalware-darcs] frugalware-0.6: xfs-1.0.4-2terminus1-i686
Message-ID: <20071006074558.371DD13A40D5@genesis.frugalware.org>

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071006073038-dd049-a988eb7312c948cffdd1a3d9f57e0ec7dfe10fd6.gz;

[xfs-1.0.4-2terminus1-i686
voroskoi <voroskoi@frugalware.org>**20071006073038
 secfix relbump, closes #2458
] {
hunk ./source/x11/xfs/FrugalBuild 6
-pkgrel=1
+pkgrel=2terminus1
hunk ./source/x11/xfs/FrugalBuild 12
+makedepends=('util-macros')
hunk ./source/x11/xfs/FrugalBuild 15
-sha1sums=('5c3f82746141250c49d57b5075c3e3ec42e2fd1d')
+source=($source \
+	ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xfs-1.0.4-query.diff)
+sha1sums=('8d07d1f24caa44b805b2abdbf8b7110f2d3a17ae' \
+          '093db0ce2c134ebc40e47a40db89503dad2b0f3e')
hunk ./source/x11/xfs/FrugalBuild 20
-build() {
-	Fbuild --libdir=/etc --enable-IPv6
+build()
+{
+	Fpatchall
+	Fautoreconf
+	Fmake --libdir=/etc --enable-IPv6
+	Fmakeinstall
}
From voroskoi at frugalware.org  Sat Oct  6 10:43:31 2007
From: voroskoi at frugalware.org (voroskoi)
Date: Sat Oct  6 10:43:33 2007
Subject: [Frugalware-darcs] frugalware-0.6: cdemu-0.8-16terminus3-i686
Message-ID: <20071006084331.27BBE13A40D5@genesis.frugalware.org>

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071006082901-dd049-f4358441411dec2a682e713d8d7be8d085913eb4.gz;

[cdemu-0.8-16terminus3-i686
voroskoi <voroskoi@frugalware.org>**20071006082901
 fixes #2173
] {
hunk ./source/apps-extra/cdemu/FrugalBuild 6
-pkgrel=16terminus2
+pkgrel=16terminus3
hunk ./source/apps-extra/cdemu/FrugalBuild 21
+	Fsed 'generic_file_read' 'do_sync_read' $Fsrcdir/$pkgname-$pkgver/cdemu_core.c
hunk ./source/apps-extra/cdemu/FrugalBuild 25
-
}
From voroskoi at frugalware.org  Sun Oct  7 15:49:13 2007
From: voroskoi at frugalware.org (voroskoi)
Date: Sun Oct  7 15:49:15 2007
Subject: [Frugalware-darcs] frugalware-0.6: python-2.5-3terminus3-i686
Message-ID: <20071007134913.4D2FF13A40D5@genesis.frugalware.org>

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071007104104-dd049-e6d937187eb4c5323b3e92d4abff89d03f887cc6.gz;

[python-2.5-3terminus3-i686
voroskoi <voroskoi@frugalware.org>**20071007104104
 secfix relbump, closes #2428
] {
hunk ./source/devel/python/FrugalBuild 7
-pkgrel=3terminus2
+pkgrel=3terminus3
hunk ./source/devel/python/FrugalBuild 20
-	CVE-2007-2052.diff insecure_pathnames.diff)
-signatures=(http://www.python.org/download/releases/$pkgver/Python-$pkgver.tar.bz2.asc '' '' '' '' '')
+	CVE-2007-2052.diff \
+	insecure_pathnames.diff \
+	http://bugs.python.org/file8452/python-2.5.CVE-2007-4965-int-overflow.patch)
+signatures=(http://www.python.org/download/releases/$pkgver/Python-$pkgver.tar.bz2.asc '' '' '' '' '' '')
}
From voroskoi at frugalware.org  Sun Oct  7 15:57:49 2007
From: voroskoi at frugalware.org (voroskoi)
Date: Sun Oct  7 15:57:51 2007
Subject: [Frugalware-darcs] frugalware-0.6: kdebase-3.5.6-3terminus3-x86_64
Message-ID: <20071007135749.EA79E13A40D5@genesis.frugalware.org>

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071007135610-dd049-9cb6d4761e6c590d2740d8cce630e2b5fbdeb7df.gz;

[kdebase-3.5.6-3terminus3-x86_64
voroskoi <voroskoi@frugalware.org>**20071007135610
 secfix relbump, closes #2198
] {
addfile ./source/kde/kdebase/CVE-2007-2022.diff
hunk ./source/kde/kdebase/CVE-2007-2022.diff 1
+------------------------------------------------------------------------
+r652585 | lunakl | 2007-04-11 16:26:32 +0200 (Wed, 11 Apr 2007) | 3 lines
+Changed paths:
+   M /branches/KDE/3.5/kdebase/nsplugins/viewer/qxteventloop.cpp
+
+Fix keyboard events handling.
+
+
+------------------------------------------------------------------------
+Index: nsplugins/viewer/qxteventloop.cpp
+===================================================================
+--- kdebase/nsplugins/viewer/qxteventloop.cpp	(revision 652584)
++++ nsplugins/viewer/qxteventloop.cpp	(revision 652585)
+@@ -32,12 +32,16 @@
+ ** not clear to you.
+ **
+ **********************************************************************/
++
++#include <config.h>
++
+ #include "qxteventloop.h"
+ 
+ #if QT_VERSION >= 0x030100
+ 
+ #include <qapplication.h>
+ #include <qwidgetintdict.h>
++#include <kglobal.h>
+ 
+ // resolve the conflict between X11's FocusIn and QEvent::FocusIn
+ const int XFocusOut = FocusOut;
+@@ -52,6 +56,8 @@ const int XKeyRelease = KeyRelease;
+ 
+ Boolean qmotif_event_dispatcher( XEvent *event );
+ 
++static void handle_xquerykeymap( Display* dpy, XEvent* event );
++
+ class QXtEventLoopPrivate
+ {
+ public:
+@@ -147,6 +153,7 @@ void QXtEventLoopPrivate::unhook()
+ extern bool qt_try_modal( QWidget *, XEvent * ); // defined in qapplication_x11.cpp
+ Boolean qmotif_event_dispatcher( XEvent *event )
+ {
++    handle_xquerykeymap( qt_xdisplay(), event );
+     QApplication::sendPostedEvents();
+ 
+     QWidgetIntDict *mapper = &static_d->mapper;
+@@ -462,6 +469,29 @@ bool QXtEventLoop::processEvents( Proces
+     return ( (flags & WaitForMore) || ( pendingmask != 0 ) || nevents > 0 );
+ }
+ 
++#include <dlfcn.h>
++
++static char xquerykeymap_data[ 32 ];
++static int (*real_xquerykeymap)( Display*, char[32] ) = NULL;
++
++static void handle_xquerykeymap( Display* dpy, XEvent* event )
++{
++    if( real_xquerykeymap == NULL )
++        real_xquerykeymap = (int (*)( Display*, char[32] )) dlsym( RTLD_NEXT, "XQueryKeymap" );
++    if( event->type == XFocusIn || event->type == XKeyPress || event->type == XKeyRelease )
++        real_xquerykeymap( dpy, xquerykeymap_data );
++    if( event->type == XFocusOut )
++        memset( xquerykeymap_data, 0, 32 );
++}
++
++extern "C" KDE_EXPORT
++int XQueryKeymap( Display* , char k[32] )
++{
++    memcpy( k, xquerykeymap_data, 32 );
++    return 1;
++}
++
++
+ #include "qxteventloop.moc"
+ 
+ #endif
hunk ./source/kde/kdebase/FrugalBuild 7
-pkgrel=3terminus2
+pkgrel=3terminus3
hunk ./source/kde/kdebase/FrugalBuild 38
-	ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.7-kdebase-kdm.diff)
+	ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.7-kdebase-kdm.diff \
+	CVE-2007-2022.diff)
hunk ./source/kde/kdebase/FrugalBuild 104
-          'b270a1d5b3980f49a274308bec7fc649be1bd315')
+          'b270a1d5b3980f49a274308bec7fc649be1bd315' \
+          'b01ae84a81367774443c56f44fabf66830808962')
}
From vmiklos at frugalware.org  Mon Oct  8 12:50:36 2007
From: vmiklos at frugalware.org (VMiklos)
Date: Mon Oct  8 12:50:39 2007
Subject: [Frugalware-darcs] 
	frugalware-0.6: xfce4-icon-theme-4.4.0-2terminus1-i686
Message-ID: <20071008105036.DACA713A40D5@genesis.frugalware.org>

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071008104917-e2957-4e3d6baf7dd333fb1ac552970773945df958ac07.gz;

[xfce4-icon-theme-4.4.0-2terminus1-i686
VMiklos <vmiklos@frugalware.org>**20071008104917
 rebuild, package was corrupted
] {
hunk ./source/xfce4/xfce4-icon-theme/FrugalBuild 6
-pkgrel=1
+pkgrel=2terminus1
}
From voroskoi at frugalware.org  Mon Oct  8 22:07:12 2007
From: voroskoi at frugalware.org (voroskoi)
Date: Mon Oct  8 22:07:15 2007
Subject: [Frugalware-darcs] frugalware-0.6: kdebase-3.5.6-3terminus4-i686
Message-ID: <20071008200712.8C4F013A40D5@genesis.frugalware.org>

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071008200542-dd049-a7e70b8519df8acd02ad9ad90bf6cab18fb8cb69.gz;

[kdebase-3.5.6-3terminus4-i686
voroskoi <voroskoi@frugalware.org>**20071008200542
 relbump, former version was corrupted
] {
hunk ./source/kde/kdebase/FrugalBuild 7
-pkgrel=3terminus3
+pkgrel=3terminus4
}