2008年4月 7日

[installer 1488] GNU m4-1.4.11

GNU m4-1.4.11 出ています。

security fix 2つ修正されているようです。

☆ GNU m4-1.4.11
http://www.gnu.org/software/m4/
http://ftp.gnu.org/gnu/m4/m4-1.4.11.tar.gz
ftp://ftp.gnu.org/gnu/m4/m4-1.4.11.tar.gz


* Noteworthy changes in Version 1.4.11 (2008-04-02) [stable]
Released by Eric Blake, based on git version 1.4.10a

** Security fixes for the -F option, for bugs present since -F was
introduced in 1.3: Avoid core dump with 'm4 -F file -t undefined', and
avoid arbitrary code execution with certain file names.

** Fix regression introduced in 1.4.9b in the `divert' builtin when more
than 512 kibibytes are saved in diversions on platforms like NetBSD
or darwin where fopen(name,"a+") seeks to the end of the file.

** The output of the `maketemp' and `mkstemp' builtins is now quoted if a
file was created. This is a minor security fix, because it was possible
(although rather unlikely) that an unquoted string could match an
existing macro name, such that use of the `mkstemp' output would trigger
inadvertent macro expansion and operate on the wrong file name.

** Enhance the `defn' builtin to support concatenation of multiple text
arguments, as required by POSIX. However, at this time, it is not
possible to concatenate a builtin macro with anything else; a warning is
now issued if this is attempted, although a future version of M4 may
lift this restriction to match other implementations.

** Enhance the `format' builtin to parse all C99 floating point numbers,
even on platforms where strtod(3) is buggy, although the replacement
function does have the known issue of rounding errors when parsing
some decimal floating point values. This fixes testsuite failures
introduced in 1.4.9b.

** Enhance the `index' builtin to guarantee linear behavior, in spite of
the surprisingly large number of systems with a brain-dead quadratic
strstr(3).

** A number of portability improvements inherited from gnulib.

----
こがよういちろう


投稿者 xml-rpc : 2008年4月 7日 16:53
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/71862
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。