Return to Makefile CVS log

Up to [cvs.NetBSD.org] / pkgsrc / devel / java-subversion

subversion: update to 1.14.4

This is a security release but the issue is Windows-only AFAICT.

This is a stable bugfix and security release of the Apache Subversion
open source version control system.

Among regular bug fixes, this release fixes CVE-2024-45720:

   Subversion command line argument injection on Windows platforms

   On Windows platforms, a "best fit" character encoding conversion of
   command line arguments to Subversion's executables (e.g., svn.exe,
   etc.) may lead to unexpected command line argument interpretation,
   including argument injection and execution of other programs, if a
   specially crafted command line argument string is processed.

   UNIX-like platforms are not affected.

   Reported by:
   Orange Tsai and splitline from DEVCORE Research Team

   Full advisory:
   https://subversion.apache.org/security/CVE-2024-45720-advisory.txt
   https://subversion.apache.org/security/CVE-2024-45720-advisory.txt.asc

# $NetBSD: Makefile,v 1.72 2024/10/09 21:15:42 bsiegert Exp $

PKGNAME=	java-subversion-${SVNVER}
COMMENT=	Java bindings for Subversion

MAKE_JOBS_SAFE=	no

.include "../../devel/subversion/Makefile.common"

SHLIBTOOL_OVERRIDE=	# empty

USE_TOOLS+=		gmake perl
USE_LANGUAGES+=		c c++
USE_JAVA2=		yes
# We might need PKG_JVM_DEFAULT/PKG_JVMS_ACCEPTED; I'm not much for Java...

CONFIGURE_ARGS+=	--enable-javahl --with-jdk=${PKG_JAVA_HOME}
# To run the tests, uncomment this line if you have junit installed in
# jre/lib/ext .  TODO: If someone packages junit, use that.
#CONFIGURE_ARGS+=	--with-junit

BUILD_TARGET=		javahl
INSTALL_TARGET=		install-javahl
TEST_TARGET=		check-javahl

post-patch:
	${RM} ${WRKSRC}/build-outputs.mk
	${CP} ${FILESDIR}/build-outputs.mk ${WRKSRC}/build-outputs.mk

.include "../../devel/subversion-base/buildlink3.mk"
.include "../../mk/java-vm.mk"
.include "../../mk/bsd.pkg.mk"