Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 27 Feb 2000 01:58:39 -0800
From:      Doug Barton <Doug@gorean.org>
To:        ports@freebsd.org, billf@freebsd.org, ache@freebsd.org
Subject:   Semi-Urgent: New htdig port
Message-ID:  <38B8F54F.70C5876B@gorean.org>

next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format.
--------------28232B1F429F58DD0418B3C7
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

	There is a security hole in htDig that is addressed by the most recent
version. I wrote Bill Fumerola about it yesterday and haven't heard
back, so I thought I'd send this here. The diff is available at
http://freebsd.simplenet.com/htdig-FreeBSD-port-3_1_3-3_1_5.patch.
Information about the security hole is available at the URL below.

	Note that I did not address the path issue in PR 16766 since I'm not
sure what Bill and ache are trying to accomplish. Either the htdig port
or the apache port has to be changed to use the correct paths. One way
to accomplish this would be to back out rev. 1.12 of htdig's Makefile
before applying my patch.

Doug

-------- Original Message --------
Subject: New htdig port

Hey Bill,

	Here is the port update for htdig I promised. I updated the version,
fixed a portlint warning, updated the patch and fixed it so that the
port installs htdig.conf.sample instead of htdig.conf since pkg_delete
was deleting the config file. 

	Any questions/comments/problems let me know. Also, here's a URL for the
security warning in case you need it.
http://www.htdig.org/mail/2000/02/0231.html

Doug
-- 
"Welcome to the desert of the real." 

    - Laurence Fishburne as Morpheus, "The Matrix"
--------------28232B1F429F58DD0418B3C7
Content-Type: text/plain; charset=us-ascii;
 name="htdig-FreeBSD-port-3_1_3-3_1_5.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="htdig-FreeBSD-port-3_1_3-3_1_5.patch"

Index: Makefile
===================================================================
RCS file: /usr/ncvs/ports/textproc/htdig/Makefile,v
retrieving revision 1.12
diff -u -r1.12 Makefile
--- Makefile	1999/12/10 20:07:19	1.12
+++ Makefile	2000/02/26 22:49:39
@@ -1,12 +1,12 @@
 # New ports collection makefile for:   htdig
-# Version required:    3.1.3
+# Version required:    3.1.5
 # Date created:        18 August 1998
 # Whom:                Bill Fumerola <billf@chc-chimes.com>
 #
 # $FreeBSD: ports/textproc/htdig/Makefile,v 1.12 1999/12/10 20:07:19 billf Exp $
 #
 
-DISTNAME=	htdig-3.1.3
+DISTNAME=	htdig-3.1.5
 CATEGORIES=	textproc www
 MASTER_SITES=	http://www.htdig.org/files/ \
 		${MASTER_SITE_SUNSITE} \
@@ -16,13 +16,9 @@
 		ftp://ftp.htdig.org/pub/htdig/
 MASTER_SITE_SUBDIR=	apps/www/indexing
 
-PATCH_SITES=	http://www.htdig.org/files/contrib/other/
-PATCHFILES=	htdig-3.1.3-urlparmbug.patch
-PATCH_DIST_STRIP=	-p1
-
 MAINTAINER=	billf@FreeBSD.org
 
-RUN_DEPENDS=	${PREFIX}/share/apache:${PORTSDIR}/www/apache13
+RUN_DEPENDS=	${LOCALBASE}/share/apache:${PORTSDIR}/www/apache13
 
 Y2K=		http://www.htdig.org/FAQ.html#q1.7
 
@@ -33,6 +29,9 @@
 BUILD_TARGET=	depends all
 
 post-patch:
+	@ ${MV} ${WRKSRC}/Makefile.in ${WRKSRC}/Makefile.in.Dist
+	@ ${SED} -e 's#(CONFIG_DIR)/htdig.conf#(CONFIG_DIR)/htdig.conf.sample#g' \
+	${WRKSRC}/Makefile.in.Dist > ${WRKSRC}/Makefile.in
 
 	@ ${MV} ${WRKSRC}/CONFIG.in ${WRKSRC}/CONFIG.in.Dist
 	@ ${SED} -e 's#/conf#/etc#' \
Index: files/md5
===================================================================
RCS file: /usr/ncvs/ports/textproc/htdig/files/md5,v
retrieving revision 1.5
diff -u -r1.5 md5
--- files/md5	1999/10/29 01:19:08	1.5
+++ files/md5	2000/02/26 21:22:32
@@ -1,2 +1 @@
-MD5 (htdig-3.1.3.tar.gz) = 02c8e8e04c01932111958d4cd7bdd674
-MD5 (htdig-3.1.3-urlparmbug.patch) = 3744a515fc90edbb7bd3cfe9d60d20d0
+MD5 (htdig-3.1.5.tar.gz) = cbf4a0f2b703d9822db555a14dc96ed3
Index: patches/patch-ab
===================================================================
RCS file: /usr/ncvs/ports/textproc/htdig/patches/patch-ab,v
retrieving revision 1.2
diff -u -r1.2 patch-ab
--- patches/patch-ab	1999/10/29 01:19:09	1.2
+++ patches/patch-ab	2000/02/26 21:40:49
@@ -1,6 +1,5 @@
-diff -ur ../htdig-3.1.3.Dist/db/dist/configure ./db/dist/configure
---- ../htdig-3.1.3.Dist/db/dist/configure	Wed Sep 22 09:18:15 1999
-+++ ./db/dist/configure	Tue Oct 26 18:06:57 1999
+--- db/dist/configure.orig	Thu Feb 24 18:29:00 2000
++++ db/dist/configure	Sat Feb 26 13:25:13 2000
 @@ -3056,7 +3056,7 @@
  
  case "$host_os" in
@@ -10,9 +9,8 @@
  irix*)    CPPFLAGS="-D_SGI_MP_SOURCE $CPPFLAGS";;
  osf*)	  CPPFLAGS="-D_REENTRANT $CPPFLAGS";;
  solaris*) CPPFLAGS="-D_REENTRANT $CPPFLAGS"
-diff -ur ../htdig-3.1.3.Dist/db/dist/configure.in ./db/dist/configure.in
---- ../htdig-3.1.3.Dist/db/dist/configure.in	Wed Sep 22 09:18:15 1999
-+++ ./db/dist/configure.in	Tue Oct 26 18:06:46 1999
+--- db/dist/configure.in.orig	Thu Feb 24 18:29:00 2000
++++ db/dist/configure.in	Sat Feb 26 13:25:13 2000
 @@ -405,7 +405,7 @@
  dnl libraries for threaded applications
  case "$host_os" in
Index: pkg/PLIST
===================================================================
RCS file: /usr/ncvs/ports/textproc/htdig/pkg/PLIST,v
retrieving revision 1.4
diff -u -r1.4 PLIST
--- pkg/PLIST	1999/12/10 20:07:21	1.4
+++ pkg/PLIST	2000/02/26 22:13:26
@@ -3,7 +3,7 @@
 bin/htmerge
 bin/htnotify
 bin/rundig
-etc/htdig.conf
+etc/htdig.conf.sample
 share/htdig/bad_words
 share/htdig/english.0
 share/htdig/english.aff


--------------28232B1F429F58DD0418B3C7--



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38B8F54F.70C5876B>