Upgrade libbz2 (bzip2) to 1.0.4

RESOLVED FIXED

Status

Firefox Build System
General
RESOLVED FIXED
12 years ago
4 months ago

People

(Reporter: Kenneth Herron, Assigned: Kenneth Herron)

Tracking

({coverity})

Trunk
coverity

Firefox Tracking Flags

(Not tracked)

Details

(URL)

Attachments

(1 attachment)

(Assignee)

Description

12 years ago
Bzip2 1.0.4 was released in December 2006. It addresses a couple of security issues and two coverity items (CIDs 510 and 512). <http://www.bzip.org/downloads.html> says:

The current stable version is 1.0.4, released 20 December 2006. This contains some security-related bug fixes and other very minor changes. See the CHANGES file in the sources for details. Upgrading to 1.0.4 is recommended.

The CHANGES file says:

1.0.4 (20 Dec 06)
~~~~~~~~~~~~~~~~~
Fixes some minor bugs since the last version, 1.0.3.

* Fix file permissions race problem (CAN-2005-0953).

* Avoid possible segfault in BZ2_bzclose.  From Coverity's NetBSD
  scan.

* 'const'/prototype cleanups in the C code.

* Change default install location to /usr/local, and handle multiple
  'make install's without error.

* Sanitise file names more carefully in bzgrep.  Fixes CAN-2005-0758
  to the extent that applies to bzgrep.

* Use 'mktemp' rather than 'tempfile' in bzdiff.

* Tighten up a couple of assertions in blocksort.c following automated
  analysis.

* Fix minor doc/comment bugs.
(Assignee)

Comment 1

12 years ago
Created attachment 254699 [details] [diff] [review]
patch 1.0.3 to 1.0.4

libbz2 was added to the tree in bug 296294. The comments there imply that the files in modules/libbz2/src are unmodified from the bzip2 release. For this patch, I just replaced the files one-for-one with the 1.0.4 versions.
Attachment #254699 - Flags: review?(benjamin)

Updated

12 years ago
Attachment #254699 - Flags: review?(benjamin) → review+
(Assignee)

Updated

12 years ago
Attachment #254699 - Flags: superreview?(brendan)
(Assignee)

Comment 2

11 years ago
Comment on attachment 254699 [details] [diff] [review]
patch 1.0.3 to 1.0.4

I guess Brendan is busy. Darin, you originally added libbz2. Could you sr this update?
Attachment #254699 - Flags: superreview?(brendan) → superreview?(darin.moz)

Updated

11 years ago
Attachment #254699 - Flags: superreview?(darin.moz) → superreview+
(Assignee)

Comment 3

11 years ago
Checked in.
Status: ASSIGNED → RESOLVED
Last Resolved: 11 years ago
Resolution: --- → FIXED

Updated

4 months ago
Product: Core → Firefox Build System
You need to log in before you can comment on or make changes to this bug.