Skip to main content.

2003-Jun-06

Installing pkgsrc/misc/kstars did:
===> Required package kdelibs<3.0: NOT found
===> Verifying reinstall for ../../x11/kdelibs2
===> Checking for vulnerabilities in kdelibs-2.2.2nb5
*** WARNING - remote-code-execution vulnerability in kdelibs-2.2.2nb5 - see http://www.kde.org/info/security/advisory-20021220-1.txt for more information ***
*** WARNING - remote-code-execution vulnerability in kdelibs-2.2.2nb5 - see http://www.kde.org/info/security/advisory-20030409-1.txt for more information ***
or define ALLOW_VULNERABLE_PACKAGES if this package is absolutely essential

Also kdelibs version 3 was already installed.

Upgrading kstars to newest release. pkglint caused perl to core:

#0  0x80daf1d in Perl_regexec_flags ()
#1  0x80dd122 in Perl_regexec_flags ()
#2  0x80dd122 in Perl_regexec_flags ()

Send-pr'd updated package: pkg/21814: misc/kstars doesn't build; patch to update it Note that it is version 1.0. This is the number in the ChangeLog and kstars developer, Jason Harris, told me:

There will never be another release of version 1.0, the CVS snapshot is the "real" 1.0 release. We didn't call it kstars-1.0 on the webpage because as an official KDE project, we are not supposed to make independent releases. To make it clear that this was not an official KDE release, we used the cvs-date versioning instead.
This patch also changes MAINTAINER to me, adds more to DESCR, shortens COMMENT, and adds a CONFLICTS to kdeedu (which needs one too).

(kristerw closed this PR and removed the package: "The author writes on the kstars homepage that he prefer if we use kstars from the kdeedu package instead of packaging the CVS snapshot. So I have removed the misc/kstars package.")

On NetBSD, pkgsrc/x11/Xaos won't install setuid root because it doesn't detect the libvga. But maybe on another platform it will. This is not good, because code has buffer overflows and a bugtraq announcement indicates it is exploitable. Send-pr: pkg/21812: make sure x11/Xaos never installs setuid root (Wiz committed and closed on 24/mar/2004.)