NetBSD Problem Report #32353
From dauphin@enst.fr Wed Dec 21 13:05:50 2005
Return-Path: <dauphin@enst.fr>
Received: from smtp2.enst.fr (revol1.enst.fr [137.194.32.27])
by narn.netbsd.org (Postfix) with ESMTP id 1FAF463B976
for <gnats-bugs@gnats.netbsd.org>; Wed, 21 Dec 2005 13:05:50 +0000 (UTC)
Message-Id: <1135170344.0@bi.enst.fr>
Date: Wed, 21 Dec 2005 14:05:44 +0100
From: "Gilles Dauphin" <dauphin@enst.fr>
To: "gnats bugs" <gnats-bugs@netbsd.org>
Subject: mk/bulk/upload lintpkgsrc upload vulnerable
X-Send-Pr-Version: gtk-send-pr 0.4.5
X-GNATS-Notify:
>Number: 32353
>Category: pkg
>Synopsis: mk/bulk/upload lintpkgsrc upload vulnerable
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: pkg-manager
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Dec 21 13:10:00 +0000 2005
>Closed-Date: Mon Oct 10 21:32:15 +0000 2016
>Last-Modified: Mon Oct 10 21:32:15 +0000 2016
>Originator: Gilles Dauphin
>Release: SunOS 5.10 i86pc
>Organization:
ENST
>Environment:
System: SunOS bi.enst.fr 5.10 Generic_118844-20 i86pc
>Description:
--------------does not work if distdir != /usr/pkgsrc/distfiles/ --------------
[root@u2 604] echo lintpkgsrc $lintpkgsrc_cache -K $packages -P $pkgsrcdir -V
lintpkgsrc -K /usr/pkgsrc/packages -P /usr/pkgsrc -V
[root@u2 605] echo $DISTDIR
/cal/archives/pub/pkgsrc/distfiles
[root@u2 606] echo $distdir
/cal/archives/pub/pkgsrc/distfiles
[root@u2 607] lintpkgsrc $lintpkgsrc_cache -K $packages -P $pkgsrcdir -V
Unable to open 'pkg-vulnerabilities': No such file or directory
[root@u2 608]
------------------------- work with -M $distdir --------------------
[root@u2 609] lintpkgsrc $lintpkgsrc_cache -M $distdir -K $packages -P $pkgsrcdir -V
Scanning Makefiles: ........
etc....
>How-To-Repeat:
sh mk/bulk/upload with distfiles != /usr/pkgsrc/distfiles
>Fix:
diff -bu upload.orig upload
--- upload.orig Thu Jul 28 02:37:43 2005
+++ upload Wed Dec 21 13:56:11 2005
@@ -94,10 +94,10 @@
echo "Checking for restricted and out of date packages:"
# -p = report old versions of packages
# -R = report restricted packages
-lintpkgsrc $lintpkgsrc_cache -K $packages -P $pkgsrcdir -pR | sed 's@'$packages'/@@' > "$exf"
+lintpkgsrc $lintpkgsrc_cache -M $distdir -K $packages -P $pkgsrcdir -pR | sed 's@'$packages'/@@' > "$exf"
echo "Checking for vulnerable packages:"
-lintpkgsrc $lintpkgsrc_cache -K $packages -P $pkgsrcdir -V | sed 's@'$packages'/@@' > "$vf"
+lintpkgsrc $lintpkgsrc_cache -M $distdir -K $packages -P $pkgsrcdir -V | sed 's@'$packages'/@@' > "$vf"
RSFLAGS="-vap --progress $RSYNC_OPTS"
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: pkg-manager->grant
Responsible-Changed-By: recht@netbsd.org
Responsible-Changed-When: Thu, 22 Dec 2005 12:25:28 +0000
Responsible-Changed-Why:
Over to responsible person.
Responsible-Changed-From-To: grant->pkg-manager
Responsible-Changed-By: wiz@NetBSD.org
Responsible-Changed-When: Sun, 21 Mar 2010 15:54:12 +0000
Responsible-Changed-Why:
Back to role account, grant lost his commit bit.
From: Joerg Sonnenberger <joerg@britannica.bec.de>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: pkg/32353 (mk/bulk/upload lintpkgsrc upload vulnerable)
Date: Sun, 21 Mar 2010 17:28:00 +0100
Is this still relevant now that the vulnerable filtering is no longer
done?
Joerg
From: David Holland <dholland-pbugs@netbsd.org>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: pkg/32353 (mk/bulk/upload lintpkgsrc upload vulnerable)
Date: Tue, 23 Mar 2010 18:36:11 +0000
On Sun, Mar 21, 2010 at 04:30:04PM +0000, Joerg Sonnenberger wrote:
> Is this still relevant now that the vulnerable filtering is no longer
> done?
One of the checks the patch adjusts is for restricted packages.
I don't see why lintpkgsrc should need to know where the distfiles are
to do either of those checks, but it certainly shouldn't do any harm.
It seems like a reasonable change to apply as a precaution anyway...
--
David A. Holland
dholland@netbsd.org
Responsible-Changed-From-To: pkg-manager->dholland
Responsible-Changed-By: bsiegert@NetBSD.org
Responsible-Changed-When: Tue, 26 Mar 2013 19:55:44 +0000
Responsible-Changed-Why:
David, you spoke in favor of applying this, please go ahead.
Responsible-Changed-From-To: dholland->pkg-manager
Responsible-Changed-By: dholland@NetBSD.org
Responsible-Changed-When: Mon, 10 Oct 2016 21:31:55 +0000
Responsible-Changed-Why:
wasn't ever actually mine
State-Changed-From-To: open->closed
State-Changed-By: dholland@NetBSD.org
State-Changed-When: Mon, 10 Oct 2016 21:32:15 +0000
State-Changed-Why:
the old bulk build logic got removed finally
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.