diff -r 5ba5c2911c12 -r 0d4f475bfc81 bison/bison.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/bison/bison.patch	Wed Jan 07 14:58:25 2009 +0100
@@ -0,0 +1,31 @@
+Index: lib/timevar.c
+--- lib/timevar.c.orig	2008-07-14 10:56:12 +0200
++++ lib/timevar.c	2008-11-03 19:16:04 +0100
+@@ -42,6 +42,7 @@
+ # include <sys/times.h>
+ #endif
+ #ifdef HAVE_SYS_RESOURCE_H
++#include <sys/time.h>
+ #include <sys/resource.h>
+ #endif
+ 
+----------------------------------------------------------------------------
+
+Security Fix:
+http://undeadly.org/cgi?action=article&sid=20080708155228&mode=flat&count=13
+
+Index: data/yacc.c
+--- data/yacc.c.orig	2008-11-02 19:09:10 +0100
++++ data/yacc.c	2008-11-03 19:16:04 +0100
+@@ -1444,7 +1444,10 @@
+      users should not rely upon it.  Assigning to YYVAL
+      unconditionally makes the parser a bit smaller, and it avoids a
+      GCC warning that YYVAL may be used uninitialized.  */
++if (yylen)
+   yyval = yyvsp[1-yylen];
++else
++  memset(&yyval, 0, sizeof(yyval));
+ 
+ ]b4_locations_if(
+ [[  /* Default location.  */
+