I haven't been doing any maintenance for a long time now and not only
do I get notified, it also creates a fake impression that all these
packages had at least one maintainer when in practice they had none.
This reverts commit 41af38f3728bd64b80721c44ed1fb019978cbc1b, reversing
changes made to f0fec244ca380b9d3e617ee7b419c59758c8b0f1.
Let's delay this. We have some serious regressions.
In 3605f128 I somehow forgot about the 5.1 names that now don't make
sense anymore. I can't see any evidence of _5_1 alias ever being used
or (potentially) useful; _5 might make sense, but for now I couldn't
see why add it.
5.1.5 says: Fix SF bug #113:
Heap Buffer Overflow-2 in function DGifDecompressLine()
in cgif.c. This had been assigned CVE-2018-11490.
This *probably* also fixes a minor CVE-2019-15133 #68563 (DoS only).
(I couldn't find a good reference quickly.)
The changelogs are almost only bugfixes, and ABI tracker also looks OK:
https://abi-laboratory.pro/?view=timeline&l=giflib
so I gather this is suitable for direct push to nixpkgs staging-next.
I built several reverse dependencies locally.
The following parameters are now available:
* hardeningDisable
To disable specific hardening flags
* hardeningEnable
To enable specific hardening flags
Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.
cc-wrapper supports the following flags:
* fortify
* stackprotector
* pie (disabled by default)
* pic
* strictoverflow
* format
* relro
* bindnow
