# ChangeLog for net-misc/whois # Copyright 2002-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2 # $Header: /var/cvsroot/gentoo-x86/net-misc/whois/ChangeLog,v 1.32 2004/01/15 05:36:05 avenj Exp $ 15 Jan 2004; Jon Portnoy whois-4.6.9.ebuild : Stable on AMD64. 14 Jan 2004; Martin Guy whois-4.6.6-r2.ebuild, whois-4.6.9.ebuild: Changed /bin/install to install because different versions of coreutils place install in different locations. 08 Dec 2003; Martin Holzer files/whois-4.6.9-gentoo-security.patch: correcting security patch. submitted by Marcin Krycze in #34768. *whois-4.6.9 (07 Dec 2003) 07 Dec 2003; Martin Holzer whois-4.6.9.ebuild, files/whois-4.6.9-gentoo-security.patch: Version bumped. 28 Nov 2003; Chuck Short whois-4.6.8.ebuild: Added ~amd64 keywords. *whois-4.6.8 (23 Nov 2003) 23 Nov 2003; Martin Holzer whois-4.6.8.ebuild, files/whois-4.6.8-gentoo-security.patch: Version bumped. Closes #34109. 21 Nov 2003; Aron Griffis whois-4.6.6-r2.ebuild: Stable on alpha *whois-4.6.6-r2 (11 Aug 2003) 11 Aug 2003; whois-4.6.6-r1.ebuild, whois-4.6.6-r2.ebuild, files/whois-4.6.6-gentoo-security-2.patch, files/whois-4.6.6-gentoo-security.patch: whois does not check the return values of malloc and realloc to ensure that they succeeded which can lead to unexpected results including segfaults. So I merged the last gentoo-security.patch with Matt Kraai's idea from debian bug report - #135822 to form the gentoo-security-2.patch *whois-4.6.6-r1 (11 Aug 2003) 11 Aug 2003; whois-4.5.28-r1.ebuild, whois-4.6.2.ebuild, whois-4.6.5.ebuild, whois-4.6.6-r1.ebuild, whois-4.6.6.ebuild, files/whois-4.6.6-gentoo-security.patch: Ok so looking at the whois code, there seems to be quite a few ways to overflow it. I've written a little patch which should address this. I'm also removing all the older exploitable versions of whois from the portage tree, and adding my patch. Closes bug 24860 08 Jul 2003; Jason Wever whois-4.6.6.ebuild: Changed ~sparc keyword to sparc. 30 Jun 2003; Martin Holzer whois-4.6.6.ebuild: Stable on x86 *whois-4.6.6 (25 Jun 2003) 06 Jul 2003; Guy Martin whois-4.6.6.ebuild : Marked stable on hppa. 25 Jun 2003; Martin Holzer whois-4.6.6.ebuild: Version bumped. 24 May 2003; Christian Birchinger whois-4.6.5.ebuild: Added sparc stable keyword *whois-4.6.5 (09 May 2003) 19 Jun 2003; Zach Welch whois-4.6.5.ebuild: Marked stable on x86. 09 May 2003; Martin Holzer whois-4.5.31.ebuild, whois-4.5.31.ebuild, whois-4.5.33.ebuild, whois-4.5.33.ebuild, whois-4.6.1.ebuild, whois-4.6.1.ebuild, whois-4.6.5.ebuild: Version bumped. Cleanup. *whois-4.6.2 (29 Jan 2003) 06 Apr 2003; Guy Martin whois-4.6.2.ebuild : Added hppa to KEYWORDS. 30 Mar 2003; Christian Birchinger whois-4.6.2.ebuild: Added sparc stable keyword 24 Feb 2003; Nicholas Wourms whois-4.6.2.ebuild : Added stable mips keyword to the ebuild. 29 Jan 2003; Martin Holzer whois-4.6.2.ebuild files/digest-whois-4.6.2 ChangeLog : Version bumped. Closes #14695. *whois-4.6.1 (25 Dec 2002) 24 Feb 2003; Nicholas Wourms whois-4.6.1.ebuild : Added stable mips keyword to the ebuild. 25 Dec 2002; Martin Holzer whois-4.6.1.ebuild files/digest-whois-4.6.1 ChangeLog : Version bumped. Closes #12107. *whois-4.5.33 (21 Nov 2002) 24 Feb 2003; Nicholas Wourms whois-4.5.33.ebuild : Added stable mips keyword to the ebuild. 21 Nov 2002; Hannes Mehnert whois-4.5.33.ebuild, files/digest-whois-4.5.33: version bump *whois-4.5.31 (31 Oct 2002) 24 Feb 2003; Nicholas Wourms whois-4.5.31.ebuild : Added stable mips keyword to the ebuild. 31 Oct 2002; Hannes Mehnert whois-4.5.31.ebuild, files/digest-whois-4.5.31: version bump *whois-4.5.28-r1 (1 Jul 2002) 24 Feb 2003; Nicholas Wourms whois-4.5.28-r1.ebuild : Added stable mips keyword to the ebuild. 01 Jul 2002; Seemant Kulleen whois-4.5.28-r1.ebuild files/digest-whois-4.5.28-r1 : NLS fixes (bloat reduction) *whois-4.5.28 (25 Jun 2002) 09 Jul 2002; phoen][x whois-4.5.28.ebuild : Added KEYWORDS. 25 Jun 2002; Thilo Bangert whois-4.5.28.ebuild : version bump - added SLOT *whois-4.5.8 (1 Feb 2002) 1 Feb 2002; G.Bevin ChangeLog : Added initial ChangeLog which should be updated whenever the package is updated in any way. This changelog is targetted to users. This means that the comments should well explained and written in clean English. The details about writing correct changelogs are explained in the skel.ChangeLog file which you can find in the root directory of the portage repository.