[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Ports current status

Apologies for the odd quoting - I am not on this list and I'm using lynx.

>===>  hylafax-4.0.2-letter is marked as broken: Security hole (buffer overflow
>yielding setuid uucp).

HylaFAX 4.1beta2 is marked as fixed in the freebsd tree.
I have built it on 2.7+current using patches based on a mix of
the freebsd patches for 4.1 and the openbsd patches for 4.0.

To whom should I send my patches?

I have also built hylafax from their cvs tree.
Most of the older patches are no longer relevent.
(They have replaced most of the troublesome string handling with a c++ class,
and now support libtiff 3.5)
Again, still a few problems but I think I have them all.

I assume it is not practical or desirable to make the port fetch from cvs,
so I guess I'll sit on these until hylafax next release a tarball.

>so, I'm considering not unlocking until at least a few of these are fixed,
>as an incentive for the ports team to work.

The carrot is, we won't use the stick. :-)

Andrew Dalgleish