| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Approved by: portmgr@ (bapt@)
|
| |
|
|
|
|
|
| |
- Remove devel/pth dependency; libassuan-pth was dropped in 2.0.0
- Remove additional CFLAGS for amd64; builds fine on tinderbox without them
Approved by: makc, avilla (mentors, implicit)
|
| |
|
|
| |
Approved by: makc, avilla (mentors, implicit)
|
| |
|
|
|
|
|
| |
A deliberately constructed combination of records could cause named
to hang while populating the additional section of a response.
Security: http://www.vuxml.org/freebsd/57a700f9-12c0-11e2-9f86-001d923933b6.html
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
rely on gcc. The patch uses the new USE_GCC=any code in Mk/bsd.gcc.mk to
accomplish this.
The ports chosen were ports that blocked 2 or more ports from building with
clang. (There are several hundred other ports that still fail to build with
clang, even with this patch. This is merely one step along the way.)
Those interested in fixing these ports with clang, and have clang as their
default compiler, can simply set FORCE_BASE_CC_FOR_TESTING=yes.
For those who have gcc as their default compiler, this change is believed
to cause no change.
Hat: portmgr
Tested with: multiple runs on amd64-8-exp-bcm and 9-exp-clang, with various
combinations of patch/no-patch and flag settings.
|
| | |
|
| |
|
|
| |
- Remove options description already in Mk/bsd.options.desc.mk
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
than 0x7fffffff, as they have exceeded the range of standard int. This
makes the code to compile when -std=c++11.
The resulting binary was not changed by this commit. PORTREVISION
not bumped intentionally as this is a build fix.
While I'm there, also convert the header to new style.
PR: ports/171525
Submitted by: Michael Gmelin <freebsd grem de>
|
| |
|
|
| |
Obtained from: http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
|
| |
|
|
|
|
|
|
| |
various ports that I've created.
I bid fond fare well
A chapter closes for me
What opens for you?
|
| | |
|
| |
|
|
|
|
| |
- Add LICENSE
- Update MASTER_SITES
- Update pkg-descr
|
| |
|
|
|
| |
Noticed by: bsam
Approved by: makc (mentor implicit)
|
| |
|
|
|
|
|
|
|
|
|
| |
- Drop specific ABI version numbers from LIB_DEPENDS [2]
- Trim Makefile header [2]
- Convert to new options framework [2]
- Fix build on 7.x [2]
PR: ports/172395
Submitted by: Kurt Jaeger <fbsd-ports@opsec.eu> (maintainer) [1]
Approved by: makc (mentor), maintainer [2]
|
| |
|
|
|
|
|
| |
Pointy hat to: eadler
PR: ports/172426
Submitted by: Michael Gmelin <freebsd@grem.de> (maintainer)
|
| | |
|
| |
|
|
|
|
| |
- Add LICENSE
- Add math/py-numpy build depends
- Bump PORTREVISION
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
"undefined reference to `__stack_chk_fail_local'" error. None
of the usual remedies work (such as making sure that gcc is used
instead of ld for the linker) so on those releases we simply
disable that option.
pointyhat logs confirm that pidgin-otr (the only consumer of libotr
atm) is failing on 8 and 9 with the same configure error that I am
seeing on 8, so this patch should at least allow it to build on those
releases.
Bump PORTREVISION for libotr to err on the side of caution.
While I'm here, remove a now-spurious mod to the pidgin-otr configure.
|
| |
|
|
|
|
| |
optionsng
Repored by: linimon
|
| |
|
|
|
| |
PR: ports/172426
Submitted by: Michael Gmelin <freebsd@grem.de>
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
- Removed explicit library version number from gpg-error in LIB_DEPENDS
PR: ports/172202
Submitted by: Doug Barton <dougb@freebsd.org>
|
| |
|
|
|
|
|
| |
- Add upstream patch for test failure when built without GMP
PR: 172299
Submitted by: koobs.freebsd@gmail.com
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- bump PORTREVISION
As side effect, I completely disabled --update feature. It was done for number
of reasons:
- subversion relationship starts not only if --update feature is requested by
user, but when pysvn or svn is available
- we do not installing repository metadata from the source tarball (exactly this
breaks the --update option, but it is broken anyway, see below)
- aforementioned repository metadata is not compatible with svn 1.7, that is in
ports now
- development repository moved to github from subversion hosting anyway
This is accomplished with replacing the call of getRevisionNumber() with static
const, that represents the svn last revision from tarball.
while here:
- trim Makefile header
- remove indefinite article from COMMENT
- convert to optionsng
Reported by: Fausto Marzi <fausto.marzi at gmail dot com> (by mail) [1]
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
- add vuxml entry
This release fixes SQL injection vulnerability.
PR: 172114
Submitted by: rm (myself)
Approved by: ports-secteam (eadler)
Security: dee44ba9-08ab-11e2-a044-d0df9acfd7e5
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
- Removed LICENSE_FILE where is no need in this.
Spotted by: zont@
Approved by: portmgr (bapt@)
|
| |
|
|
| |
Reported by: danfe
|
| |
|
|
|
|
|
|
|
|
| |
while here:
- trim Makefile header
- remove indifenite article from COMMENT
- remove deprecated attribution in pkg-descr
PR: 172163
Submitted by: Chris Petrik <c.petrik.sosa at gmail dot com>
|
| | |
|
| |
|
|
|
|
|
|
|
| |
- Convert to new options framework
- Remove ABI versions from LIB_DEPENDS
- Update to new header
PR: ports/171743 [1]
Submitted by: Eric F Crist <ecrist@secure-computing.net> (maintainer) [1]
|
| |
|
|
|
|
|
|
|
|
| |
- Add LICENSE [1]
- Convert to new options framework
- Remove ABI versions from LIB_DEPENDS
- Update to new header
PR: ports/171738 [1]
Submitted by: Eric F Crist <ecrist@secure-computing.net> (maintainer) [1]
|
| |
|
|
| |
Reported by: zi (maintainer)
|
| | |
|
| |
|
|
|
| |
LDFLAGS. Since I want to ensure those who built it on i386 with this
workaround will rebuild it now that it is fixed bump PORTREVISION.
|
| |
|
|
| |
fix until I can figure out what is really going on.
|
| |
|
|
| |
Obtained from: http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
|
| | |
|
| |
|
|
|
|
|
|
|
| |
- Deprecate and schedule removal in month - no upstream fix available and
no active development since 1998
Security: 73efb1b7-07ec-11e2-a391-000c29033c32
Security: CVE-2001-0733
Security: http://www.shmoo.com/mail/bugtraq/jun01/msg00286.shtml
|
| |
|
|
|
|
| |
- Add LICENSE (Artistic 1 & GPL 1)
Changes: http://search.cpan.org/dist/Digest-SHA/Changes
|
| |
|
|
|
|
|
|
|
| |
Bump portrevision.
PR: ports/154711
Submitted by: Jason C. Wells <jcw@speakeasy.net> (pr)
Robert Simmons <rsimmons0@gmail.com> (patch)
Approved by: maintainer timeout (12 weeks), kwm (mentor)
|
| |
|
|
|
|
| |
- Add LICENSE (Artistic 1 & GPL 1)
Changes: http://search.cpan.org/dist/Crypt-Twofish/Changes
|
| |
|
|
|
|
|
| |
- Add LICENSE (GPL 2)
PR: ports/172054
Submitted by: KATO Tsuguru <tkato432@yahoo.com>
|
| | |
|
| |
|
|
|
| |
PR: ports/171837
Submitted by: cy@
|
| |
|
|
| |
- Added -nox11 suffixes to various ImageMagick entries
|
| | |
|
| |
|
|
|
| |
- Switch to OptionsNG
- Pet portlint
|
| |
|
|
|
| |
- Mute MKDIRs, remove trailing dot from RESTRICTED, drop leading indefinite
article from COMMENT where appropriate
|
| |
|
|
|
|
|
|
|
| |
upstream has been completely unresponsive for years.
- While here, rebuild patches using current naming conventions
- Trim Makefile headers
PR: 165312
Submitted by: Anatoly Borodin
|
| | |
|
| |
|
|
| |
distilator)
|
| |
|
|
| |
Approved by: Marko Njezic <mr.max@maxempire.com> (maintainer)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Add and update relevant vuxml entries
Changes:
- CVE-2011-1398 - The sapi_header_op function in main/SAPI.c in PHP
before 5.3.11 does not properly handle %0D sequences
- CVE-2012-0789 - Memory leak in the timezone functionality in PHP
before 5.3.9 allows remote attackers to cause a denial of service
(memory consumption) by triggering many strtotime function calls,
which are not properly handled by the php_date_parse_tzfile cache.
- CVE-2012-3365 - The SQLite functionality in PHP before 5.3.15 allows
remote attackers to bypass the open_basedir protection mechanism via
unspecified vectors
- Timezone database updated to version 2012.5 (2012e) (from 2011.13 (2011m))
- Minor improvements (CVE-2012-2688, compilation issues with old GCC)
PR: ports/171583
Submitted by: Svyatoslav Lempert <svyatoslav.lempert@gmail.com>
Approved by: Alex Keda <admin@lissyara.su> (maintainer)
|
| |
|
|
|
|
|
| |
PR: ports/170063
PR: ports/171583
Reported by: Svyatoslav Lempert <svyatoslav.lempert@gmail.com>
Security: bdab0acd-d4cd-11e1-8a1c-14dae9ebcf89
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prevents a crash when queried for a record whose RDATA exceeds
65535 bytes.
Prevents a crash when validating caused by using "Bad cache" data
before it has been initialized.
ISC_QUEUE handling for recursive clients was updated to address
a race condition that could cause a memory leak. This rarely
occurred with UDP clients, but could be a significant problem
for a server handling a steady rate of TCP queries.
A condition has been corrected where improper handling of
zero-length RDATA could cause undesirable behavior, including
termination of the named process.
For more information: https://kb.isc.org/article/AA-00788
|
| |
|
|
|
|
| |
- Bump PORTREVISION
Reported by: portmgr (linimon)
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
perl is installed without creating symlinks to /usr/bin/perl.
PR: 171673 (based on)
Notified by: Yuriy Taraday <yorik.sar@gmail.com>
|
| | |
|
| |
|
|
|
| |
PR: ports/169985
Submitted by: "Anders N." <wicked@baot.se>
|
| | |
|
| |
|
|
|
| |
Reported by: beat
Approved by: portmgr (beat)
|
| |
|
|
| |
- Changelog: http://cpansearch.perl.org/src/GBARR/Authen-SASL-2.16/Changes
|
| |
|
|
| |
Approved by: makc (mentor)
|
| |
|
|
| |
Security: Tor bugs 6690, 6811
|
| |
|
|
|
|
|
| |
- Document security issues in vuxml [1]
Reviewed by: bdrewery [1]
Security: 178ba4ea-fd40-11e1-b2ae-001fd0af1a4c
|
| |
|
|
| |
adjust dependent ports
|
| |
|
|
|
| |
PR: ports/169690
Submitted by: Paul Dokas <paul at dokas dot name>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This update includes:
- www/py-plone.outputfilters 1.2 -> 1.6
- www/py-Products.CMFPlone 4.1.5 -> 4.2.1.1
- www/py-plone.app.vocabularies 2.1.6 -> 2.1.7
- www/py-plone.subrequest 1.6.2 -> 1.6.6
- www/py-plone.app.discussion 2.1.5 -> 2.1.7
- www/py-plonetheme.classic 1.1.2 -> 1.2.3
- www/plone 4.1.5 -> 4.2.1
- www/py-plone.i18n 2.0 -> 2.0.1
- www/py-plone.fieldsets 2.0.1 -> 2.0.2
- www/py-plone.app.search 1.0.2 -> 1.0.4
- www/py-plone.app.content 2.0.9 -> 2.0.11
- www/py-plone.app.testing 4.0.2 -> 4.2
- www/py-plone.app.contentrules 2.1.4 -> 2.1.8
- www/py-plone.uuid 1.0.2 -> 1.0.3
- www/py-plone.app.upgrade 1.1.6 -> 1.2.1
- www/py-plone.app.caching 1.0.3 -> 1.1
- www/py-plone.app.linkintegrity 1.4.5 -> 1.4.6
- www/py-plone.app.iterate 2.1.5 -> 2.1.7
- www/py-plone.testing 4.0.3 -> 4.0.4
- www/py-plone.app.contentmenu 2.0.5 -> 2.0.6
- www/py-plone.app.controlpanel 2.2.3 -> 2.2.8
- www/py-plone.portlet.collection 2.0.4 -> 2.1.1
- www/py-plone.resource 1.0b6 -> 1.0.1
- www/py-plone.app.registry 1.0.1 -> 1.1
- www/py-plone.app.workflow 2.0.6 -> 2.0.7
- www/py-plone.app.portlets 2.2.3 -> 2.2.6
- www/py-plone.app.blob 1.5.1 -> 1.5.2
- www/py-Products.TinyMCE 1.2.12 -> 1.2.13
- www/py-plone.app.locales 4.0.11 -> 4.0.15
- www/py-plonetheme.sunburst 1.2.4 -> 1.2.7
- www/py-plone.app.theming 1.0b9 -> 1.0.3
- www/py-plone.app.collection 1.0.1 -> 1.0.5
- www/py-plone.folder 1.0.1 -> 1.0.2
- www/py-plone.app.querystring 1.0.1 -> 1.0.5
- www/py-plone.app.jquerytools 1.3.1 -> 1.3.2
- www/py-plone.app.contentlisting 1.0 -> 1.0.1
- www/py-plone.stringinterp 1.0.5 -> 1.0.7
- www/py-plone.app.layout 2.2.4 -> 2.2.7
- www/py-plone.app.z3cform 0.5.7 -> 0.6.0
- www/py-plone.portlets 2.0.2 -> 2.1
- www/py-plone.app.kss 1.7.0 -> 1.7.1
- www/py-plone.app.redirector 1.1.2 -> 1.1.3
- devel/py-kss-core 1.6.3 -> 1.6.4
- devel/py-Products.ATContentTypes 2.1.7 -> 2.1.8
- devel/py-Products.ResourceRegistries 2.0.6 -> 2.2.1
- devel/py-five.customerize 1.0.2 -> 1.0.3
- devel/py-diazo 1.0rc4 -> 1.0.1
- devel/py-Products.CMFEditions 2.2.2 -> 2.2.5
- devel/py-Products.ExtendedPathIndex 2.9 -> 3.0.1
- devel/py-z3c.formwidget.query 0.7 -> 0.8
- devel/py-Products.Archetypes 1.7.13 -> 1.8.3
- devel/py-Products.CMFPlacefulWorkflow 1.5.6 -> 1.5.7
- devel/py-archetypes.querywidget 1.0.1 -> 1.0.4
- devel/py-Products.PloneLanguageTool 3.2.4 -> 3.2.5
- devel/py-Products.GenericSetup 1.6.6 -> 1.7.2
- devel/py-Products.CMFTestCase 0.9.11 -> 0.9.12
- devel/py-Products.PasswordResetTool 2.0.7 -> 2.0.8
- devel/py-archetypes.kss 1.7.1 -> 1.7.2
- devel/py-collective.z3cform.datetimewidget 1.1.1 -> 1.2.0
- devel/py-Products.PloneTestCase 0.9.13 -> 0.9.15
- devel/py-zope.schema 4.0.1 -> 4.2.0
- devel/py-archetypes.referencebrowserwidget 2.4.11 -> 2.4.12
- security/py-Products.PlonePAS 4.0.12 -> 4.0.13
- security/py-Products.PluggableAuthService 1.7.7 -> 1.8.0
common changes:
- strip Makefile header
- choose proper value for USE_PYTHON in a cases when I sure that the port
is required -2.7 only or may be built/run both 2.x and 3.x
- comment off USE_ZOPE
- tab -> space in pkg-descr:WWW
nuances:
- new port www/py-plone.app.jquery added per this plone update requirements
- devel/py-zope.schema updated to 4.2.0 because I hadn't got any response from
maintainer and because this exact version is required for this plone update
feature highlights/release notes:
- http://plone.org/products/plone/releases/4.2
- http://plone.org/products/plone/releases/4.2.1
|
| |
|
|
| |
cve-2012-3547
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Using upstream patch from
http://hg.moinmo.in/moin/1.9/raw-rev/7b9f39289e16
PR: 171346
QA page: http://codelabs.ru/fbsd/ports/qa/www/moinmoin/1.9.4_1
Approved by: khsing.cn@gmail.com (maintainer)
Security: http://www.vuxml.org/freebsd/4f99e2ef-f725-11e1-8bd8-0022156e8794.html
|
| |
|
|
|
|
|
|
|
|
| |
- Update www/libxul to 10.0.7
- Update all dependent ports to use www/libxul19 (no functional changes)
- Bump PORTREVISION on ports where libxul is a run dependency as the
resulting package will change.
Submitted by: Jan Beich <jbeich@tormail.org>
With hat: gecko
|
| | |
|
| |
|
|
|
|
| |
Reported by: pointyhat
Submitted by: ashish
Approved by: maintainer timeout
|
| |
|
|
| |
- Remove deprecated header information
|
| |
|
|
| |
Security: Tor bugs 6252, 6690, 6710
|
| |
|
|
| |
PR: ports/171481
|
| |
|
|
|
| |
PR: ports/171057
Approved by: maintainer timeout (sethk@meowfishies.com, >2 weeks)
|
| | |
|
| |
|
|
|
| |
PR: ports/170970
Approved by: maintainer timeout (kappa@rambler-co.ru, >2 weeks)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The main new features in 4.0.0:
* Support v3 of the OTR protocol
* The plugin now supports multiple OTR conversations with the same buddy
who is logged in at multiple locations. In this case, a new OTR menu
will appear, which allows you to select which session an outgoing
message is indended for. Note that concurrent SMP authentications with
the same buddy who is logged in multiple times is not yet supported
(starting a second authentication will end the first).
* During a private conversation with a buddy, an incoming unencrypted
message will now trigger the regular incoming message notifications.
In Pidgin this includes showing the message in the top-right
notification area, if it is normally configured to do so.
* When a private conversation begins, the plugin will indicate whether
Pidgin is configured to log the conversation.
* By default, OTR conversations will not be logged by Pidgin.
* New translations.
* libotr API changes:
- instance tags, to support multiple simultaneous logins
- support for asynchronous private key generation
- the ability to provide an "extra" symmetric key to applications
(with forward secrecy)
- applications can supply a formation conversion callback if they do
not natively use XHTML-style UTF8 markup
- error messages formerly provided by libotr are now handled using
callbacks to the application, for better i18n support
- otrl_message_sending now handles message fragmentation internally
|
| |
|
|
| |
to this new dependency.
|
| |
|
|
| |
Hat: portmgr
|
| |
|
|
| |
incompatible version can continue uninterrupted until they upgrade.
|
| |
|
|
| |
Submitted by: bdrewery
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Sync changes from gecko repository@r995
general
- don't specify prefix for libevent when using pkg-config
- ia64 and sparc64 use 8k pagesize by default
- add visibility hack for clang 3.2 with libc++
- fix build using clang 3.2 (on FreeBSD 10-CURRENT)
- rename a few more patches to ease tracking of bugzilla bugs
www/seamonkey
- unbreak unsetting LDAP and MAILNEWS options after bug 707305
- use compile time debugging WITH_DEBUG
security/nss
- unbreak install WITH_DEBUG
- unbreak powerpc64
devel/nspr
- use absolute paths when specifiying srcdir to make gdb(1) happy
In collaboration with: andreast, zeising, Jan Beich <jbeich@tormail.org>
|
| |
|
|
|
|
|
|
| |
the tidy step in validate. This step actually requires just the dependancies
but the full validate requires that vuxml be installed.
Reviewed by: simon
Approved by: secteam (implicit)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- Document security issue [4]
PR: ports/171397 [1]
PR: ports/171404 [2]
PR: ports/171405 [3]
Submitted by: Yuan-Chung Hsiao <ychsiao@ychsiao.org> (maintainer) [1]
Submitted by: Joe Horn <joehorn@gmail.com> (maintainer) [2] [3]
Reviewed by: eadler [4]
Security: 30149157-f926-11e1-95cd-001fd0af1a4c
|
| |
|
|
|
|
| |
kde, and other builds on 8 and 9.
Hat: portmgr
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
- Bump PORTREVISION
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Changes: http://search.cpan.org/dist/Authen-TacacsPlus/Changes
|
| | |
|
| | |
|
| |
|
|
|
|
| |
There is a related CVE number (CVE-2012-4388), but there is no current
consensus about it:
http://article.gmane.org/gmane.comp.security.oss.general/8303
|
| |
|
|
|
| |
While at it, adjust the two oldest topics to current format, for uniformity,
on, for instance, http://www.vuxml.org/freebsd/pkg-fetchmail.html.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Apply upstream patches for CVE-2012-3501 and CVE-2012-4667.
Security: http://www.vuxml.org/freebsd/ce680f0a-eea6-11e1-8bd8-0022156e8794.html
Security: http://www.vuxml.org/freebsd/8defa0f9-ee8a-11e1-8bd8-0022156e8794.html
PR: 171022
QA page: http://codelabs.ru/fbsd/ports/qa/security/squidclamav/5.7_1
Approved by: maintainer timeout (1 week)
|
| |
|
|
| |
Hat: portmgr
|
| |
|
|
|
|
|
|
|
| |
Fixes setting of "realm-kdc" and "server-realm"
http://lists.gnu.org/archive/html/help-shishi/2012-08/msg00073.html
- Bump PORTREVISION
- Reduce Makefile header
Submitted by: Mats Erik Andersson <openbsd@gisladisker.se>
|
| |
|
|
| |
Reviewed by: swills
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
- use new bugzilla@ address (members skv@, tota@, ohauer@)
- patch russian/japanese/german bugzilla and bugzilla templates
so the reflect the security updates in the original templates
- patch german/bugzilla42 templates
- adopt new Makefile header
vuxml: 6ad18fe5-f469-11e1-920d-20cf30e32f6d
CVE: CVE-2012-3981
https://bugzilla.mozilla.org/show_bug.cgi?id=785470
https://bugzilla.mozilla.org/show_bug.cgi?id=785522
https://bugzilla.mozilla.org/show_bug.cgi?id=785511
|
| | |
|
| |
|
|
| |
mediawiki118 has PKGNAME mediawiki-1.18.4
|
| |
|
|
|
|
|
| |
Forgot to do it at r303435.
Spotted by: wxs
Pointyhat to: rea
|
| |
|
|
|
| |
- Update www/mediawiki118 to 1.18.5
- Document the security bugs
|
| |
|
|
| |
Oracle's Java 7 update 7 fixes CVE-2012-4681.
|
| |
|
|
| |
Suggested by: wxs
|
| | |
|
| |
|
|
| |
Obtained from: http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
|
| |
|
|
|
|
|
|
| |
- Update net/asterisk10 to 10.7.1
- Document vulnerabilities in vuln.xml
- Fix URLs in the pervious asterisk vuln.xml entry
Security: http://www.vuxml.org/freebsd/4c53f007-f2ed-11e1-a215-14dae9ebcf89.html
|
| |
|
|
|
| |
PR: ports/171129
Submitted by: Steve Wills <swills@freebsd.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- update firefox-esr, thunderbird-esr, linux-thunderbird and linux-firefox to 10.0.7
- update seamonkey and linux-seamonkey to 2.12
- update nss to 3.13.6
- update bsdipc code (posix_spawn, SysV shared memory)
- rename patches to easily track those not (yet) submitted upstream
- reduce package size, except for www/libxul[1]
- restore default objdir to what it was in 13.0
- fix mail/enigmail after thunderbird build changes
- don't accidentally pick up headers from installed ports[3]
- add support for PREFIX != LOCALBASE to Makefile.webplugins [4]
- document vulnerabilities in vuln.xml
- *miscellaneous cleanups and fixups*
Obtained from: OpenBSD ports[1]
PR: ports/159831, ports/160933, ports/170467[3], ports/170236 [4]
Submitted by: avilla [4]
In collaboration with: Jan Beich <jbeich@tormail.net> Who did most of the hard
work.
|
| |
|
|
|
|
|
|
|
|
|
| |
- Update MASTER_SITES
- Convert to optionsNG and add DOCS option
- Document security vulnerabilities [1]
PR: ports/169558
Requested by: Alexey <alexey@kouznetsov.com> (submitter)
Security: 6dd5e45c-f084-11e1-8d0f-406186f3d89d [1]
Approved by: flo (mentor)
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: ports/171117
Submitted by: Lung-Pin Chang <changlp at cs.nctu.edu.tw>
|
| |
|
|
|
| |
PR: ports/170929
Approved by: Frank Wall <fw@moov.de> (maintainer)
|
| |
|
|
|
|
|
|
|
| |
Adjust VuXML database entry from < 6.3.22 to < 6.3.21_1.
PR: ports/170613
Approved by: maintainer timeout (14 days)
Security: http://www.vuxml.org/freebsd/83f9e943-e664-11e1-a66d-080027ef73ec.html
Security: CVE-2012-3482
|
| |
|
|
|
| |
PR: 171006
Submitted by: Nick Hibma
|
| |
|
|
| |
Pointyhat to: rea
|
| |
|
|
|
| |
Branch 0.8.x before 0.8.1 is prone to XSS attack via incoming
HTML messages.
|
| |
|
|
|
| |
PR: ports/171064
Approved by: Victor Popov <v.a.popov@gmail.com> (maintainer)
|
| |
|
|
|
|
|
|
| |
Relevant only for INN installations that are using encryption.
PR: 171013
Approved by: fluffy@FreeBSD.org (maintainer)
Security: http://www.vuxml.org/freebsd/a7975581-ee26-11e1-8bd8-0022156e8794.html
|
| |
|
|
| |
Security: Tor bugs 6480, 6530, 6537
|
| | |
|
| |
|
|
|
|
|
| |
Verified this by inspecting the automake14 source, as well as
official release tarballs and git history.
Approved by: bapt (mentor)
|
| | |
|
| |
|
|
|
| |
SquidGuard can be crashed via the specially-crafted URL
when external URL checker is used.
|
| |
|
|
|
|
|
|
|
|
| |
ports
- Avoid installing multiple copies of the GPLv2 and LGPL21 licenses
- Bump PORTREVISION
PR: 170488
Submitted by: Jason E. Hale <bsdkaffee@gmail.com>
Approved by: Hirohisa Yamaguchi (maintainer)
|
| | |
|
| |
|
|
| |
With hat: portmgr
|
| | |
|
| |
|
|
|
|
| |
Changes: http://clamtk.sourceforge.net/CHANGES
Approved by: eadler (mentor)
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
files is unversioned, so it conflicts with the name of the rc.d script in
WRKDIR after SUB_FILES is applied.
|
| | |
|
| |
|
|
|
|
| |
configure: error: libgnutls is required in order to build libprelude.
Reported by: pointyhat
|
| | |
|
| | |
|
| |
|
|
| |
and experience needs to take care of this, I'm clearly not competent.
|
| |
|
|
|
|
|
|
|
| |
- s/USE_APACHE= 20+/USE_APACHE= 22+/
- unify s/YES/yes/
- cleanup APACHE_VERSION <= 22 usage
- add entry to MOVED
with hat apache@
|
| |
|
|
|
|
|
|
| |
Versions 3.2.0 and earlier of libotr contain a small heap write overrun
(thanks to Justin Ferguson for the report), and a large heap read overrun
(thanks to Ben Hawkes for the report).
Add a vuxml entry, and tune up the notes about adding a new entry.
|
| | |
|
| |
|
|
|
| |
Two are from 1.8.1 (CVE-2012-4048 and CVE-2012-4049). The remaining are
from 1.8.2 which is not in ports yet.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
all active branches
of the PostgreSQL database system, including versions 9.1.5, 9.0.9, 8.4.13 and 8.3.20. This
update patches security holes associated with libxml2 and libxslt, similar to those affecting
other open source projects. All users are urged to update their installations at the first
available opportunity.
This security release fixes a vulnerability in the built-in XML functionality, and a vulnerability
in the XSLT functionality supplied by the optional XML2 extension. Both vulnerabilities allow
reading of arbitrary files by any authenticated database user, and the XSLT vulnerability
allows writing files as well. The fixes cause limited backwards compatibility issues.
These issues correspond to the following two vulnerabilities:
CVE-2012-3488: PostgreSQL insecure use of libxslt
CVE-2012-3489: PostgreSQL insecure use of libxml2
This release also contains several fixes to version 9.1, and a smaller number of fixes to older versions, including:
Updates and corrections to time zone data
Multiple documentation updates and corrections
Add limit on max_wal_senders
Fix dependencies generated during ALTER TABLE ADD CONSTRAINT USING INDEX.
Correct behavior of unicode conversions for PL/Python
Fix WITH attached to a nested set operation (UNION/INTERSECT/EXCEPT).
Fix syslogger so that log_truncate_on_rotation works in the first rotation.
Only allow autovacuum to be auto-canceled by a directly blocked process.
Improve fsync request queue operation
Prevent corner-case core dump in rfree().
Fix Walsender so that it responds correctly to timeouts and deadlocks
Several PL/Perl fixes for encoding-related issues
Make selectivity operators use the correct collation
Prevent unsuitable slaves from being selected for synchronous replication
Make REASSIGN OWNED work on extensions as well
Fix race condition with ENUM comparisons
Make NOTIFY cope with out-of-disk-space
Fix memory leak in ARRAY subselect queries
Reduce data loss at replication failover
Fix behavior of subtransactions with Hot Standby
|
| | |
|
| |
|
|
|
|
| |
- bump PORTREVISION.
Reported by: Alexander Yamshanov <alexander@yamshanov.ru>
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Convert to new options framework [1]
- Update www/typo345 to 4.5.19 [2]
- Update www/typo346 to 4.6.12 [3]
- Changes: https://typo3.org/news/article/typo3-4519-4612-and-474-released/
- Document security vulnerabilities [4]
https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/
PR: ports/170650 [1]
PR: ports/170647 [2]
PR: ports/170649 [3]
Submitted by: Helmut Schneider <jumper99@gmx.de> (maintainer)
Security: 48bcb4b2-e708-11e1-a59d-000d601460a4 [4]
Approved by: eadler (mentor)
|
| |
|
|
|
|
| |
- Thank you for your years of service, we hope to see you back
Approved by: portmgr
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- Do not link to -lphread directly [2]
- Use USE_PKGCONFIG [2]
- Pet portlint by removing ABI number references [2]
- Drop no longer actual --with-lzo=no switch, lzo support
is disabled by default anyway [2]
- Bump PORTREVISION
PR: 170390 [2]
Submitted by: Jason E. Hale [2], A.J. Kehoe IV (Nanoman) [1]
|
| |
|
|
|
|
| |
vulnerability in non-default NTLM code.
Also see ports/170613 which is pending maintainer feedback.
|
| |
|
|
| |
With hat: portmgr
|
| |
|
|
|
| |
PR: ports/170633
Submitted by: Kubilay Kocak <koobs.freebsd at gmail.com> (maintainer)
|
| |
|
|
|
|
|
|
|
|
|
| |
- Clean up COMMENT
- Drop ABI numbers from LIB_DEPENDS
- pkg-config is needed for build
- Make sure we are picking up version 2.x of gpg during configure
- Convert to OPTIONSng
PR: ports/170570
Submitted by: Jason E. Hale <bsdkaffee@gmail.com> (maintainer)
|
| | |
|
| |
|
|
|
| |
- devel/py-DateTime: 3.0b3 -> 3.0
- security/py-AccessControl: 2.13.7 -> 2.13.8
|
| | |
|
| |
|
|
|
|
|
| |
- Adjust USE_PYTHON versions (Py3k ready)
PR: 170547
Submitted by: Kubilay Kocak <koobs.freebsd@gmail.com> (maintainer)
|
| |
|
|
| |
Security: CVE-2012-3446
|
| |
|
|
| |
I caught most of these, but missed this one, apologies
|
| | |
|
| |
|
|
| |
- Keep the latest chromium vulnerabilies on top.
|
| |
|
|
|
|
| |
builtin PDF viewer.
Obtained from: http://googlechromereleases.blogspot.com/search/label/Stable%20updates
|
| |
|
|
|
|
|
|
| |
- Document security issue in 3.2.7 [1]
Submitted by: bdrewery [1]
Reviewed by: swills [1]
Security: 31db9a18-e289-11e1-a57d-080027a27dbf
|
| | |
|
| |
|
|
|
|
| |
function buffer overflow.
Security: Secunia Advisory SA38292, ISS X-Force sudosh-replay-bo (55903)
|
| |
|
|
| |
Noticed by: Diego Linke
|
| |
|
|
|
| |
Replace broken vid in 10f38033-e006-11e1-9304-000000000000 with one that is
correct.
|
| |
|
|
|
|
| |
- Eliminate harmless library detection messages
Reported by: Alexander Wittig <alexander@wittig.name>
|
| | |
|
| |
|
|
| |
Approved by: eadler (mentor)
|
| |
|
|
|
|
| |
- Update LICENSE
Changes: http://search.cpan.org/dist/Crypt-SSLeay/Changes
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
command=foo >/dev/null 2>&1
|
v
command=foo
command_args='>/dev/null 2>&1'
This is clearly what should have been done, for several reasons.
No PORTREVISION bump because the old version simply ignored everything
after the space, and does not seem to have done any harm. However
it's good to clean these up so that similar errors aren't pasted into
a new script where they might actually matter.
|
| |
|
|
|
|
| |
Where necessary add $FreeBSD$ to the file
No PORTREVISION bump necessary because this is a no-op
|
| |
|
|
| |
all the gymnastics
|
| |
|
|
|
|
|
|
|
|
| |
- Don't install gpg-zip.1 manpage as gpg-zip script is not installed
[1].
- Fix /dev/tty brokenness [2].
PR: ports/170327 [1], ports/170269 [2]
Submitted by: Alfred Bartsch <bartsch@dssgmbh.de> [1],
Ben Cottrell <tamino@wolfhut.org> [2]
|
| |
|
|
|
|
|
| |
schemes.
PR: ports/168949
Submitted by: koobs <koobs.freebsd@gmail.com>
|
| |
|
|
|
| |
PR: 169564
Submitted by: maintainer
|
| | |
|
| |
|
|
| |
Reported by: sunpoet@
|
| |
|
|
|
|
| |
Handbook)
Approved by: portmgr@ (implicit)
|
| | |
|
| |
|
|
|
|
| |
- Use the new options framework
Obtained from: FreeBSD Haskell
|
| |
|
|
|
|
| |
- Use the new options framework
Obtained from: FreeBSD Haskell
|
| |
|
|
|
|
| |
- Remove some cruft
Obtained from: FreeBSD Haskell
|
| |
|
|
| |
Security: http://www.freebsd.org/ports/portaudit/dbf338d0-dce5-11e1-b655-14dae9ebcf89.html
|
| | |
|
| | |
|
| |
|
|
| |
Noticed by: remko@
|
| |
|
|
|
| |
- Enforce the now clarified rules from the Porter's Handbook (e.g. no dots, no
A/An, etc.)
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Add patch[1] to address problem to apache port.
[1]: http://svn.apache.org/viewvc/httpd/httpd/trunk/support/envvars-std.in?view=log&pathrev=1296428
Approved by: apache@ (pgollucci@)
Obtained from: Apache SVN
|
| |
|
|
| |
- Unbreak INDEX caused by databases/lsdb, editors/flim, and editors/semi
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
- Add LICENSE
- Add TEST_DEPENDS
Changes: http://search.cpan.org/dist/Crypt-SSLeay/Changes
|
| |
|
|
|
|
|
| |
Fix a few outstanding plist bugs.
PR: ports/166509 [0]
Submitted by: Paul Procacci <pprocacci at gmail.com> [0]
|
| |
|
|
|
|
|
|
|
| |
- Document vulnerabilities in net/isc-dhcp41-server
- Cleanup formatting in vuxml
PR: ports/170245 [1]
Submitted by: Douglas Thrift <douglas@douglasthrift.net> (maintainer) [1]
Security: c7fa3618-d5ff-11e1-90a2-000c299b62e1
|
| | |
|
| |
|
|
|
| |
PR: 170261
Submitted by: Bryan Drewery
|
| |
|
|
| |
Approved by: portmgr@ (implicit)
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
- bump PORTREVISION
PR: 170231
Submitted by: Kubilay Kocak
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
new Versions: 3.6.10, 4.0.7, 4.2.2
4.2.2
This release fixes two security issues. See the Security Advisory for details.
In addition, the following important fixes/changes have been made in this release:
o A regression introduced in Bugzilla 4.0 caused some login names to be ignored
when entered in the CC list of bugs. (Bug 756314)
o Some queries could trigger an invalid SQL query if strings entered by the user
contained leading or trailing whitespaces. (Bug 760075)
o The auto-completion form for keywords no longer automatically selects the
first keyword in the list when the field is empty. (Bug 764517)
o A regression in Bugzilla 4.2 prevented classifications from being used in
graphical and tabular reports in the "Multiple Tables" field. (Bug 753688)
o Attachments created by the email_in.pl script were associated to the wrong
comment. (Bug 762785)
o Very long dependency lists can now be viewed correctly. (Bug 762783)
o Keywords are now correctly escaped in the auto-completion form to prevent any
XSS abuse. (Bug 754561)
o A regression introduced in Bugzilla 4.0rc2 when fixing CVE-2011-0046 caused
the "Un-forget the search" link to not work correctly anymore when restoring a
deleted saved search, because this link was lacking a valid token. (Bug 768870)
o Two minor CSRF vulnerabilities have been fixed which could let an attacker
alter your default search criteria in the Advanced Search page. (Bugs 754672
and 754673)
4.0.7
This release fixes one security issue. See the Security Advisory for details.
In addition, the following bugs have been fixed in this release:
o A regression introduced in Bugzilla 4.0 caused some login names to be ignored
when entered in the CC list of bugs. (Bug 756314)
o Keywords are now correctly escaped in the auto-complete form to prevent any
XSS abuse. (Bug 754561)
o A regression introduced in Bugzilla 4.0rc2 when fixing CVE-2011-0046 caused
the "Un-forget the search" link to not work correctly anymore when restoring a
deleted saved search, because this link was lacking a valid token. (Bug 768870)
3.6.10
This release fixes one security issue. See the Security Advisory for details.
http://www.bugzilla.org/security/3.6.9/
Approved by: implicit skv@ (bugzilla / bugzilla3)
Security: CVE-2012-1968
CVE-2012-1969
https://bugzilla.mozilla.org/show_bug.cgi?id=777398
https://bugzilla.mozilla.org/show_bug.cgi?id=777586
vid=58253655-d82c-11e1-907c-20cf30e32f6d
|
| |
|
|
| |
Please care more about formating.
|
| |
|
|
|
|
|
|
|
| |
- Cleanup whitespace
- Document vulnerability in dns/nsd (CVE-2012-29789)
PR: ports/170208
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Security: 17f369dc-d7e7-11e1-90a2-000c299b62e1
|
| | |
|
| |
|
|
|
| |
- use CONFLICTS_INSTALL
- other minor changes
|
| |
|
|
|
|
| |
- Add vuxml entry for Rails 3.2.6 [1]
Reviewed by: zi [1]
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- update firefox 14.0.1
- update thunderbird to 14.0
- update seamonkey to 2.11
- switch to new options framework
- add experimental rendering via cairo-qt (QT4 option)
- add audio backend options (ALSA and PulseAudio)
- rename SMB option to GNOMEVFS2
- turn on LOGGING by default (like upstream linux builds)
- improve about:memory output
- unbreak PGO
- use system libs [1]
- switch to libevent2 [2]
- fix conflict with devel/libunwind and base gcc [3]
- unbreak clang/libc++ build [4]
- unbreak build with base gcc on >= 9.x [5]
- use common IPC code with other BSDs[6]
- and *miscellaneous improvements*
PR: ports/146231 [1], ports/161421 [2]
ports/150631, ports/168369, ports/168637, ports/168793, ports/168978 [3]
ports/163454, ports/164905, ports/169231 [4]
ports/169389, ports/169479 [5]
Obtained from: pkgsrc via bugzilla #753046 [6]
In collaboration with: Jan Beich (who did the major part of this work and
deserves a special thank you!)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ChangeLog:
0.11 2012-07-03 Alex Vandiver
* Obfuscate passwords in RT's System Configuration page
* Set an empty CurrentUser on failure, instead of removing it entirely
0.10_01 2012-02-23 Thomas Sibley
* Escape usernames in filter values so special characters don't die
0.10 2012-02-17 Thomas Sibley
* Silence confusing log messages when $ExternalInfoPriority is empty
0.09_03 2012-01-27 Thomas Sibley
* Fetch the necessary attributes when group_attr_value is used
* Test escaping of commas during the group check
0.09_02 2012-01-26 Thomas Sibley
* Improved logging inside the LDAP group membership check
0.09_01 2012-01-23 Thomas Sibley
* Improved logic when dealing with Disabled/disabling users
* Configurable group membership attribute values
* Group membership tests
Security Advisory:
http://blog.bestpractical.com/2012/07/security-vulnerabilities-in-three-commonly-deployed-rt-extensions.html
Approved by: shaun (mentor)
Security: cdc4ff0e-d736-11e1-8221-e0cb4e266481
|
| |
|
|
|
|
| |
For all but kdenetwork4 use =build. For it use both just in case.
For net-im/clim also fix the manual call to pkg-config for CONFIGURE_ENV
|
| |
|
|
|
|
| |
to the new macro (r301539). Convert pkg-config to pkgconf.
Add a build dep on pkgconf to pidgin-otr to handle libotr's .pc files
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
are no more self hosting so we are stuck with 0.25 version while pkgconf provide
the same set of features as 0.27 and a compatible frontend. A symlink to
pkg-config has been added for convenience and compatibility
This also introduces a new macro to use pkgconf in your ports:
USE_PKGCONFIG
it can take the following arguments:
- yes (meaning build only dep)
- build (meaning build only dep)
- run (meaning run only dep)
- both (meaning run and build dep)
From now USE_GNOME= pkgconfig is deprecated in favour of USE_PKGCONFIG
The old gnome macro has been modified to use pkgconf but still the sameway: run
and build dep to avoid large breakage.
While here fix some ports relying on pkg-config but not specifying it, fix some
ports broken because testing wrong .pc files, and fix ports using pkg-config
--version to determine pkg-config version instead of
pkg-config --modversion pkg-config like recommanded by pkg-config
With Hat: portmgr
Exp-runs by: bapt (pointhat-west), beat (pointyhat)
|
| |
|
|
|
| |
PR: ports/170111
Submitted by: Eric F Crist <ecrist@secure-computing.net> (maintainer)
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Set expiration date for one month from now.
|
