michael@22: Index: lib/timevar.c
michael@22: --- lib/timevar.c.orig	2008-07-14 10:56:12 +0200
michael@22: +++ lib/timevar.c	2008-11-03 19:16:04 +0100
michael@22: @@ -42,6 +42,7 @@
michael@22:  # include <sys/times.h>
michael@22:  #endif
michael@22:  #ifdef HAVE_SYS_RESOURCE_H
michael@22: +#include <sys/time.h>
michael@22:  #include <sys/resource.h>
michael@22:  #endif
michael@22:  
michael@22: ----------------------------------------------------------------------------
michael@22: 
michael@22: Security Fix:
michael@22: http://undeadly.org/cgi?action=article&sid=20080708155228&mode=flat&count=13
michael@22: 
michael@22: Index: data/yacc.c
michael@22: --- data/yacc.c.orig	2008-11-02 19:09:10 +0100
michael@22: +++ data/yacc.c	2008-11-03 19:16:04 +0100
michael@22: @@ -1444,7 +1444,10 @@
michael@22:       users should not rely upon it.  Assigning to YYVAL
michael@22:       unconditionally makes the parser a bit smaller, and it avoids a
michael@22:       GCC warning that YYVAL may be used uninitialized.  */
michael@22: +if (yylen)
michael@22:    yyval = yyvsp[1-yylen];
michael@22: +else
michael@22: +  memset(&yyval, 0, sizeof(yyval));
michael@22:  
michael@22:  ]b4_locations_if(
michael@22:  [[  /* Default location.  */
michael@22: