/security/lxnb/

rowspan='2'>cgit logo index : freebsd-ports-gnome
FreeBSD GNOME current development ports (https://github.com/freebsd/freebsd-ports-gnome)
aboutsummaryrefslogtreecommitdiffstats
path: root/security
Commit message (Collapse)AuthorAgeFilesLines
* - Update to 1.10jhale2012-10-127-242/+76
| | | | | | | | | | | | | | - Convert to new options framework - Allow for any available version of TCL to be used - Add LICENSE - Remove indefinite article from COMMENT, update - Mark MAKE_JOBS_SAFE - Trim Makefile header PR: ports/172456 Submitted by: Paul Schmehl <pauls@utdallas.edu> (maintainer) Approved by: makc (mentor) Feature safe: yes
* - Update to 20120831 snapshot [1]bdrewery2012-10-122-9/+4
| | | | | | | | | - Trim header PR: ports/171201 [1] Submitted by: dumbbell [1] Approved by: Jui-Nan Lin <jnlin@csie.nctu.edu.tw> (maintainer) [1] Feature safe: yes
* - Update to latest snapshot [1]bdrewery2012-10-124-15/+10
| | | | | | | | | | - Properly install symlinks for auth-pam and down-root plugins [1] - Fix pkg-message description of locations of these plugins [1] - Fix plist for nonexistent DOCSDIR/openvpn and DOCSDIRS/sample PR: ports/172587 [1] Submitted by: Eric F Crist <ecrist@secure-computing.net> (maintainer) [1] Feature safe: yes
* - Properly install symlinks for auth-pam and down-root plugins [1]bdrewery2012-10-123-9/+6
| | | | | | | | | - Fix pkg-message description of locations of these plugins [1] - Fix plist for nonexistent DOCSDIR/openvpn PR: ports/172598 [1] Submitted by: Eric F Crist <ecrist@secure-computing.net> (maintainer) [1] Feature safe: yes
* - update to 16.0.1flo2012-10-121-9/+18
| | | | | | - update vuln.xml entry Feature safe: yes
* Update to 2.0.0 release:ale2012-10-113-8/+94
| | | | | | - add PSKC support Feature safe: yes
* If OPIE option is on we can not pass --with-pam in CONFIGURE_ARGS. Make itwxs2012-10-112-16/+8
| | | | | | | | | | so that OPIE will pass --with-opie and if it is off we pass --with-pam. [1] No functional changes with this, just a build fix. While here use tabs where appropriate and cleanup pkg-descr. [2] Feature safe: yes
* Document a new vulnerability in www/chromium < 22.0.1229.94rene2012-10-111-0/+27
| | | | | Obtained from: http://googlechromereleases.blogspot.nl/search/label/Stable%20updates Feature safe: yes
* - Update firefox-esr, thunderbird-esr, linux-firefox and linux-thunderbird ↵flo2012-10-115-5/+124
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | to 10.0.8 - Update firefox and thunderbird to 16.0 - Update seamonkey to 2.13 - Update all -i18n ports respectively - switch firefox 16.0 and seamonkey 2.13 to ALSA by default for better latency during pause and seeking with HTML5 video - remove fedisableexcept() hacks, obsolete since FreeBSD 4.0 - support system hunspell dictionaries [1] - unbreak -esr ports with clang3.2 [2] - unbreak nss build when CC contains full path [3] - remove GNOME option grouping [4] - integrate enigmail into thunderbird/seamonkey as an option [5] - remove mail/enigmail* [6] - enable ENIGMAIL, LIGHTNING and GIO options by default - add more reporters in about:memory: page-faults-hard, page-faults-soft, resident, vsize - use bundled jemalloc 3.0.0 on FreeBSD < 10.0 for gecko 16.0, only heap-allocated reporter works in about:memory (see bug 762445) - use lrintf() instead of slow C cast in bundled libopus - use libjpeg-turbo's faster color conversion if available during build - record startup time for telemetry - use -z origin instead of hardcoding path to gecko runtime - fail early if incompatible libxul version is installed (in USE_GECKO) - *miscellaneous cleanups and fixups* PR: ports/171534 [1] PR: ports/171566 [2] PR: ports/172164 [3] PR: ports/172201 [4] Discussed with: ale, beat, Jan Beich [5] Approved by: ale [6] In collaboration with: Jan Beich <jbeich@tormail.org> Security: 6e5a9afd-12d3-11e2-b47d-c8600054b392 Feature safe: yes Approved by: portmgr (beat)
* - Remove SITE_PERL from *_DEPENDS (final part)az2012-10-111-4/+2
| | | | Approved by: portmgr@ (bapt@)
* - Update to 2.0.3jhale2012-10-102-14/+7
| | | | | | | - Remove devel/pth dependency; libassuan-pth was dropped in 2.0.0 - Remove additional CFLAGS for amd64; builds fine on tinderbox without them Approved by: makc, avilla (mentors, implicit)
* - Take maintainershipjhale2012-10-101-2/+1
| | | | Approved by: makc, avilla (mentors, implicit)
* Upgrade to the latest BIND patch level:erwin2012-10-101-0/+38
| | | | | | | A deliberately constructed combination of records could cause named to hang while populating the additional section of a response. Security: http://www.vuxml.org/freebsd/57a700f9-12c0-11e2-9f86-001d923933b6.html
* - Update to 1.3.2zi2012-10-104-6/+58
|
* - Add additional MASTER_SITES for pkcs header files.zi2012-10-101-1/+2
|
* - Update to 4.54zi2012-10-102-3/+3
|
* Force numerous ports that fail to build with clang over to instead alwayslinimon2012-10-101-0/+1
| | | | | | | | | | | | | | | | | | | rely on gcc. The patch uses the new USE_GCC=any code in Mk/bsd.gcc.mk to accomplish this. The ports chosen were ports that blocked 2 or more ports from building with clang. (There are several hundred other ports that still fail to build with clang, even with this patch. This is merely one step along the way.) Those interested in fixing these ports with clang, and have clang as their default compiler, can simply set FORCE_BASE_CC_FOR_TESTING=yes. For those who have gcc as their default compiler, this change is believed to cause no change. Hat: portmgr Tested with: multiple runs on amd64-8-exp-bcm and 9-exp-clang, with various combinations of patch/no-patch and flag settings.
* - Fix Makefile headersbz2012-10-091-1/+1
|
* - Update MASTER_SITESsbz2012-10-091-9/+5
| | | | - Remove options description already in Mk/bsd.options.desc.mk
* Add a few casts to initializer of int array when the constant is greaterdelphij2012-10-092-5/+21
| | | | | | | | | | | | | than 0x7fffffff, as they have exceeded the range of standard int. This makes the code to compile when -std=c++11. The resulting binary was not changed by this commit. PORTREVISION not bumped intentionally as this is a build fix. While I'm there, also convert the header to new style. PR: ports/171525 Submitted by: Michael Gmelin <freebsd grem de>
* Document new vulnerabilities in www/chromium < 22.0.1229.92rene2012-10-091-0/+40
| | | | Obtained from: http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
* Throw my ports back in the pool, and make my intentions clear for thedougb2012-10-084-9/+6
| | | | | | | | various ports that I've created. I bid fond fare well A chapter closes for me What opens for you?
* - Fix logic problemsbz2012-10-081-1/+1
|
* - Convert to new option frameworksbz2012-10-082-33/+19
| | | | | | - Add LICENSE - Update MASTER_SITES - Update pkg-descr
* - Fix typojhale2012-10-081-1/+1
| | | | | Noticed by: bsam Approved by: makc (mentor implicit)
* - Update to 0.4.5 [1]jhale2012-10-083-11/+23
| | | | | | | | | | | - Drop specific ABI version numbers from LIB_DEPENDS [2] - Trim Makefile header [2] - Convert to new options framework [2] - Fix build on 7.x [2] PR: ports/172395 Submitted by: Kurt Jaeger <fbsd-ports@opsec.eu> (maintainer) [1] Approved by: makc (mentor), maintainer [2]
* Restore option descriptions to what the maintainer actually put in the PRdougb2012-10-081-0/+5
| | | | | | | Pointy hat to: eadler PR: ports/172426 Submitted by: Michael Gmelin <freebsd@grem.de> (maintainer)
* silence reinplace command from last commitdougb2012-10-081-1/+1
|
* - Convert to new options frameworksbz2012-10-071-13/+11
| | | | | | - Add LICENSE - Add math/py-numpy build depends - Bump PORTREVISION
* Work around a problem on stable/[89] with libotr generating andougb2012-10-072-4/+9
| | | | | | | | | | | | | | | | "undefined reference to `__stack_chk_fail_local'" error. None of the usual remedies work (such as making sure that gcc is used instead of ld for the linker) so on those releases we simply disable that option. pointyhat logs confirm that pidgin-otr (the only consumer of libotr atm) is failing on 8 and 9 with the same configure error that I am seeing on 8, so this patch should at least allow it to build on those releases. Bump PORTREVISION for libotr to err on the side of caution. While I'm here, remove a now-spurious mod to the pidgin-otr configure.
* use libtommath as default math library as it used to be before conversion tobapt2012-10-071-0/+1
| | | | | | optionsng Repored by: linimon
* Convert to OptionsNGeadler2012-10-071-17/+12
| | | | | PR: ports/172426 Submitted by: Michael Gmelin <freebsd@grem.de>
* Trim the headers in the ports I maintain.eadler2012-10-061-5/+0
|
* Change headers of all ports maintained by me to new formatgarga2012-10-057-35/+6
|
* - Updated to 1.3.0glarkin2012-10-052-6/+6
| | | | | | | - Removed explicit library version number from gpg-error in LIB_DEPENDS PR: ports/172202 Submitted by: Doug Barton <dougb@freebsd.org>
* - Make GMP OPTION'aljgh2012-10-054-13/+68
| | | | | | | - Add upstream patch for test failure when built without GMP PR: 172299 Submitted by: koobs.freebsd@gmail.com
* Convert to new options frameworkbapt2012-10-048-91/+52
|
* - fix runtime when devel/subversion and/or devel/pysvn is installed [1]rm2012-10-042-9/+19
| | | | | | | | | | | | | | | | | | | | | | | | - bump PORTREVISION As side effect, I completely disabled --update feature. It was done for number of reasons: - subversion relationship starts not only if --update feature is requested by user, but when pysvn or svn is available - we do not installing repository metadata from the source tarball (exactly this breaks the --update option, but it is broken anyway, see below) - aforementioned repository metadata is not compatible with svn 1.7, that is in ports now - development repository moved to github from subversion hosting anyway This is accomplished with replacing the call of getRevisionNumber() with static const, that represents the svn last revision from tarball. while here: - trim Makefile header - remove indefinite article from COMMENT - convert to optionsng Reported by: Fausto Marzi <fausto.marzi at gmail dot com> (by mail) [1]
* - correct the range in last entry (le/lt typo)rm2012-10-031-1/+1
|
* - update to 2.8.10rm2012-10-031-0/+36
| | | | | | | | | | | - add vuxml entry This release fixes SQL injection vulnerability. PR: 172114 Submitted by: rm (myself) Approved by: ports-secteam (eadler) Security: dee44ba9-08ab-11e2-a044-d0df9acfd7e5
* - Update to 1.8.0sbz2012-10-034-16/+11
|
* - Update to 20121001 snapshotjlaffaye2012-10-033-12/+81
|
* - set maintainer to ruby@jgh2012-10-031-5/+1
|
* - Fix typos (LICENSE is correct form inside bsd.licenses.mk).az2012-10-031-1/+1
| | | | | | | - Removed LICENSE_FILE where is no need in this. Spotted by: zont@ Approved by: portmgr (bapt@)
* - Fix header to proper formatbdrewery2012-10-012-2/+2
| | | | Reported by: danfe
* - pass maintainership to new volonteerrm2012-09-302-12/+4
| | | | | | | | | | while here: - trim Makefile header - remove indifenite article from COMMENT - remove deprecated attribution in pkg-descr PR: 172163 Submitted by: Chris Petrik <c.petrik.sosa at gmail dot com>
* - Reassign to the heap due to mail bouncestabthorpe2012-09-301-6/+2
|
* - Update to 201237 snapshot [1]bdrewery2012-09-294-31/+43
| | | | | | | | | - Convert to new options framework - Remove ABI versions from LIB_DEPENDS - Update to new header PR: ports/171743 [1] Submitted by: Eric F Crist <ecrist@secure-computing.net> (maintainer) [1]
* - Update to 2.3-beta1 [1]bdrewery2012-09-296-132/+68
| | | | | | | | | | - Add LICENSE [1] - Convert to new options framework - Remove ABI versions from LIB_DEPENDS - Update to new header PR: ports/171738 [1] Submitted by: Eric F Crist <ecrist@secure-computing.net> (maintainer) [1]
* Fix type in headedbapt2012-09-281-1/+1
| | | | Reported by: zi (maintainer)
* Mark nvidia-driver-173.14.35_1 as not vulnerable.danfe2012-09-281-1/+1
|
* Fix the temporary workaround by passing the appropriate flag inwxs2012-09-271-9/+3
| | | | | LDFLAGS. Since I want to ensure those who built it on i386 with this workaround will rebuild it now that it is fixed bump PORTREVISION.
* Fix build on i386 by disabling hardening measures. This is a temporarywxs2012-09-271-2/+10
| | | | fix until I can figure out what is really going on.
* Document vulnerabilities in www/chromium < 22.0.1229.79rene2012-09-271-0/+96
| | | | Obtained from: http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
* - Chase www/smarty -> www/smarty2 renameglarkin2012-09-271-2/+2
|
* - Document remote code execution in ePerl (all versions)glarkin2012-09-261-0/+36
| | | | | | | | | - Deprecate and schedule removal in month - no upstream fix available and no active development since 1998 Security: 73efb1b7-07ec-11e2-a391-000c29033c32 Security: CVE-2001-0733 Security: http://www.shmoo.com/mail/bugtraq/jun01/msg00286.shtml
* - Update to 5.72culot2012-09-262-8/+7
| | | | | | - Add LICENSE (Artistic 1 & GPL 1) Changes: http://search.cpan.org/dist/Digest-SHA/Changes
* Enable the Berkley DB backend by default.zeising2012-09-261-2/+2
| | | | | | | | | Bump portrevision. PR: ports/154711 Submitted by: Jason C. Wells <jcw@speakeasy.net> (pr) Robert Simmons <rsimmons0@gmail.com> (patch) Approved by: maintainer timeout (12 weeks), kwm (mentor)
* - Update to 2.15culot2012-09-262-8/+7
| | | | | | - Add LICENSE (Artistic 1 & GPL 1) Changes: http://search.cpan.org/dist/Crypt-Twofish/Changes
* - Update MASTER_SITES and WWW linkculot2012-09-262-8/+8
| | | | | | | - Add LICENSE (GPL 2) PR: ports/172054 Submitted by: KATO Tsuguru <tkato432@yahoo.com>
* Convert to OptionsNGbapt2012-09-261-14/+11
|
* Update to 1.8.6p3wxs2012-09-263-3/+8
| | | | | PR: ports/171837 Submitted by: cy@
* - Documented PNG file DoS vulnerability in ImageMagick and GraphicsMagickglarkin2012-09-261-0/+49
| | | | - Added -nox11 suffixes to various ImageMagick entries
* - Reassign to the heap at maintainer's requesttabthorpe2012-09-252-12/+4
|
* - Update to v12.09.12 releaseale2012-09-247-40/+67
| | | | | - Switch to OptionsNG - Pet portlint
* - Adjust "Created by" tag to include more complete submitter's informationdanfe2012-09-231-3/+3
| | | | | - Mute MKDIRs, remove trailing dot from RESTRICTED, drop leading indefinite article from COMMENT where appropriate
* - Fix spelling in docs: normally I'd submit this change upstream, butmatthew2012-09-235-16/+33
| | | | | | | | | upstream has been completely unresponsive for years. - While here, rebuild patches using current naming conventions - Trim Makefile headers PR: 165312 Submitted by: Anatoly Borodin
* Update vuxml to indicate which versions are vulnerable.eadler2012-09-231-1/+3
|
* Deprecate a bunch a ports with no more public distfiles (thanks ehaupt's ↵bapt2012-09-219-0/+27
| | | | distilator)
* Add a sourceforge mirrorbapt2012-09-211-6/+3
| | | | Approved by: Marko Njezic <mr.max@maxempire.com> (maintainer)
* - Update php52 backports patch to 20120911bdrewery2012-09-201-2/+86
| | | | | | | | | | | | | | | | | | | | | - Add and update relevant vuxml entries Changes: - CVE-2011-1398 - The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 does not properly handle %0D sequences - CVE-2012-0789 - Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not properly handled by the php_date_parse_tzfile cache. - CVE-2012-3365 - The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors - Timezone database updated to version 2012.5 (2012e) (from 2011.13 (2011m)) - Minor improvements (CVE-2012-2688, compilation issues with old GCC) PR: ports/171583 Submitted by: Svyatoslav Lempert <svyatoslav.lempert@gmail.com> Approved by: Alex Keda <admin@lissyara.su> (maintainer)
* - CVE-2012-2688 was addressed by php52-5.2.17_10bdrewery2012-09-201-1/+2
| | | | | | | PR: ports/170063 PR: ports/171583 Reported by: Svyatoslav Lempert <svyatoslav.lempert@gmail.com> Security: bdab0acd-d4cd-11e1-8a1c-14dae9ebcf89
* Update to 0.12.6 release.ale2012-09-192-8/+3
|
* Upgrade to the latest BIND patch level:dougb2012-09-191-0/+47
| | | | | | | | | | | | | | | | | | | Prevents a crash when queried for a record whose RDATA exceeds 65535 bytes. Prevents a crash when validating caused by using "Bad cache" data before it has been initialized. ISC_QUEUE handling for recursive clients was updated to address a race condition that could cause a memory leak. This rarely occurred with UDP clients, but could be a significant problem for a server handling a steady rate of TCP queries. A condition has been corrected where improper handling of zero-length RDATA could cause undesirable behavior, including termination of the named process. For more information: https://kb.isc.org/article/AA-00788
* - Add missing dependency on bisonkevlo2012-09-181-2/+3
| | | | | | - Bump PORTREVISION Reported by: portmgr (linimon)
* Update to 20120917garga2012-09-182-3/+3
|
* Update to 0.97.6garga2012-09-182-4/+3
|
* Document Jenkins Security Advisory 2012-09-17lwhsu2012-09-181-0/+41
|
* Point shebang in a perl script to ${PERL} in order to solve a build problem ifehaupt2012-09-161-0/+1
| | | | | | | perl is installed without creating symlinks to /usr/bin/perl. PR: 171673 (based on) Notified by: Yuriy Taraday <yorik.sar@gmail.com>
* include newly 'awarded' CVEeadler2012-09-161-0/+1
|
* Add vuxml for older versions of multimedia/vlc .nox2012-09-161-0/+30
| | | | | PR: ports/169985 Submitted by: "Anders N." <wicked@baot.se>
* Tell the world about the recent bacula vulneadler2012-09-151-0/+31
|
* - chase textproc/nltk update (upstream switched to setuptools)rm2012-09-141-1/+2
| | | | | Reported by: beat Approved by: portmgr (beat)
* - Update to 2.16jadawin2012-09-132-3/+3
| | | | - Changelog: http://cpansearch.perl.org/src/GBARR/Authen-SASL-2.16/Changes
* - Update MAINTAINER to my new FreeBSD.org addressjhale2012-09-132-2/+2
| | | | Approved by: makc (mentor)
* update security/tor to 0.2.2.39 and security/tor-devel to 0.2.3.22-rcbf2012-09-134-6/+6
| | | | Security: Tor bugs 6690, 6811
* - Update to 0.10.22.6 which fixes two security issuesswills2012-09-131-0/+50
| | | | | | | - Document security issues in vuxml [1] Reviewed by: bdrewery [1] Security: 178ba4ea-fd40-11e1-b2ae-001fd0af1a4c
* update lang/sbcl to 1.0.58 and switch to the new options format;bf2012-09-131-1/+1
| | | | adjust dependent ports
* Update to 2.0; with some help from rm@kevlo2012-09-123-201/+250
| | | | | PR: ports/169690 Submitted by: Paul Dokas <paul at dokas dot name>
* Update NVIDIA arbitrary memory access vulnerability with CVE-2012-4225.danfe2012-09-121-2/+16
|
* Update Plone to 4.2.1.rm2012-09-127-23/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This update includes: - www/py-plone.outputfilters 1.2 -> 1.6 - www/py-Products.CMFPlone 4.1.5 -> 4.2.1.1 - www/py-plone.app.vocabularies 2.1.6 -> 2.1.7 - www/py-plone.subrequest 1.6.2 -> 1.6.6 - www/py-plone.app.discussion 2.1.5 -> 2.1.7 - www/py-plonetheme.classic 1.1.2 -> 1.2.3 - www/plone 4.1.5 -> 4.2.1 - www/py-plone.i18n 2.0 -> 2.0.1 - www/py-plone.fieldsets 2.0.1 -> 2.0.2 - www/py-plone.app.search 1.0.2 -> 1.0.4 - www/py-plone.app.content 2.0.9 -> 2.0.11 - www/py-plone.app.testing 4.0.2 -> 4.2 - www/py-plone.app.contentrules 2.1.4 -> 2.1.8 - www/py-plone.uuid 1.0.2 -> 1.0.3 - www/py-plone.app.upgrade 1.1.6 -> 1.2.1 - www/py-plone.app.caching 1.0.3 -> 1.1 - www/py-plone.app.linkintegrity 1.4.5 -> 1.4.6 - www/py-plone.app.iterate 2.1.5 -> 2.1.7 - www/py-plone.testing 4.0.3 -> 4.0.4 - www/py-plone.app.contentmenu 2.0.5 -> 2.0.6 - www/py-plone.app.controlpanel 2.2.3 -> 2.2.8 - www/py-plone.portlet.collection 2.0.4 -> 2.1.1 - www/py-plone.resource 1.0b6 -> 1.0.1 - www/py-plone.app.registry 1.0.1 -> 1.1 - www/py-plone.app.workflow 2.0.6 -> 2.0.7 - www/py-plone.app.portlets 2.2.3 -> 2.2.6 - www/py-plone.app.blob 1.5.1 -> 1.5.2 - www/py-Products.TinyMCE 1.2.12 -> 1.2.13 - www/py-plone.app.locales 4.0.11 -> 4.0.15 - www/py-plonetheme.sunburst 1.2.4 -> 1.2.7 - www/py-plone.app.theming 1.0b9 -> 1.0.3 - www/py-plone.app.collection 1.0.1 -> 1.0.5 - www/py-plone.folder 1.0.1 -> 1.0.2 - www/py-plone.app.querystring 1.0.1 -> 1.0.5 - www/py-plone.app.jquerytools 1.3.1 -> 1.3.2 - www/py-plone.app.contentlisting 1.0 -> 1.0.1 - www/py-plone.stringinterp 1.0.5 -> 1.0.7 - www/py-plone.app.layout 2.2.4 -> 2.2.7 - www/py-plone.app.z3cform 0.5.7 -> 0.6.0 - www/py-plone.portlets 2.0.2 -> 2.1 - www/py-plone.app.kss 1.7.0 -> 1.7.1 - www/py-plone.app.redirector 1.1.2 -> 1.1.3 - devel/py-kss-core 1.6.3 -> 1.6.4 - devel/py-Products.ATContentTypes 2.1.7 -> 2.1.8 - devel/py-Products.ResourceRegistries 2.0.6 -> 2.2.1 - devel/py-five.customerize 1.0.2 -> 1.0.3 - devel/py-diazo 1.0rc4 -> 1.0.1 - devel/py-Products.CMFEditions 2.2.2 -> 2.2.5 - devel/py-Products.ExtendedPathIndex 2.9 -> 3.0.1 - devel/py-z3c.formwidget.query 0.7 -> 0.8 - devel/py-Products.Archetypes 1.7.13 -> 1.8.3 - devel/py-Products.CMFPlacefulWorkflow 1.5.6 -> 1.5.7 - devel/py-archetypes.querywidget 1.0.1 -> 1.0.4 - devel/py-Products.PloneLanguageTool 3.2.4 -> 3.2.5 - devel/py-Products.GenericSetup 1.6.6 -> 1.7.2 - devel/py-Products.CMFTestCase 0.9.11 -> 0.9.12 - devel/py-Products.PasswordResetTool 2.0.7 -> 2.0.8 - devel/py-archetypes.kss 1.7.1 -> 1.7.2 - devel/py-collective.z3cform.datetimewidget 1.1.1 -> 1.2.0 - devel/py-Products.PloneTestCase 0.9.13 -> 0.9.15 - devel/py-zope.schema 4.0.1 -> 4.2.0 - devel/py-archetypes.referencebrowserwidget 2.4.11 -> 2.4.12 - security/py-Products.PlonePAS 4.0.12 -> 4.0.13 - security/py-Products.PluggableAuthService 1.7.7 -> 1.8.0 common changes: - strip Makefile header - choose proper value for USE_PYTHON in a cases when I sure that the port is required -2.7 only or may be built/run both 2.x and 3.x - comment off USE_ZOPE - tab -> space in pkg-descr:WWW nuances: - new port www/py-plone.app.jquery added per this plone update requirements - devel/py-zope.schema updated to 4.2.0 because I hadn't got any response from maintainer and because this exact version is required for this plone update feature highlights/release notes: - http://plone.org/products/plone/releases/4.2 - http://plone.org/products/plone/releases/4.2.1
* - Update entry for net/freeradius2 to reflect local patch to address ↵zi2012-09-111-1/+2
| | | | cve-2012-3547
* VuXML: document remote code execution in freeRADIUSrea2012-09-111-0/+47
|
* www/moinmoin: fix CVE-2012-4404, wrong processing of group ACLsrea2012-09-111-1/+2
| | | | | | | | | | Using upstream patch from http://hg.moinmo.in/moin/1.9/raw-rev/7b9f39289e16 PR: 171346 QA page: http://codelabs.ru/fbsd/ports/qa/www/moinmoin/1.9.4_1 Approved by: khsing.cn@gmail.com (maintainer) Security: http://www.vuxml.org/freebsd/4f99e2ef-f725-11e1-8bd8-0022156e8794.html
* - Move libxul 1.9.2 to www/libxul19beat2012-09-111-2/+2
| | | | | | | | | | - Update www/libxul to 10.0.7 - Update all dependent ports to use www/libxul19 (no functional changes) - Bump PORTREVISION on ports where libxul is a run dependency as the resulting package will change. Submitted by: Jan Beich <jbeich@tormail.org> With hat: gecko
* Update to 0.14.novel2012-09-112-3/+3
|
* - Add Emacs 24 to IGNORE listebeat2012-09-101-2/+2
| | | | | | Reported by: pointyhat Submitted by: ashish Approved by: maintainer timeout
* - Use OPTIONSngehaupt2012-09-101-15/+13
| | | | - Remove deprecated header information
* update to 0.2.3.21-rcbf2012-09-092-3/+3
| | | | Security: Tor bugs 6252, 6690, 6710
* Welcome back Chris Petrik <c.petrik.sosa@gmail.com>eadler2012-09-091-1/+1
| | | | PR: ports/171481
* - Update to 0.13swills2012-09-093-5/+4
| | | | | PR: ports/171057 Approved by: maintainer timeout (sethk@meowfishies.com, >2 weeks)
* - Remove dependency on p5-Devel-Mallinfoswills2012-09-091-1/+3
|
* - Update to 1.09swills2012-09-082-4/+3
| | | | | PR: ports/170970 Approved by: maintainer timeout (kappa@rambler-co.ru, >2 weeks)
* Update libotr and pidgin-otr to 4.0.0dougb2012-09-086-28/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The main new features in 4.0.0: * Support v3 of the OTR protocol * The plugin now supports multiple OTR conversations with the same buddy who is logged in at multiple locations. In this case, a new OTR menu will appear, which allows you to select which session an outgoing message is indended for. Note that concurrent SMP authentications with the same buddy who is logged in multiple times is not yet supported (starting a second authentication will end the first). * During a private conversation with a buddy, an incoming unencrypted message will now trigger the regular incoming message notifications. In Pidgin this includes showing the message in the top-right notification area, if it is normally configured to do so. * When a private conversation begins, the plugin will indicate whether Pidgin is configured to log the conversation. * By default, OTR conversations will not be logged by Pidgin. * New translations. * libotr API changes: - instance tags, to support multiple simultaneous logins - support for asynchronous private key generation - the ability to provide an "extra" symmetric key to applications (with forward secrecy) - applications can supply a formation conversion callback if they do not natively use XHTML-style UTF8 markup - error messages formerly provided by libotr are now handled using callbacks to the application, for better i18n support - otrl_message_sending now handles message fragmentation internally
* Hook security/libotr3 up, and move ports that depend on the old versiondougb2012-09-084-15/+10
| | | | to this new dependency.
* Mark as broken on sparc64.linimon2012-09-081-1/+7
| | | | Hat: portmgr
* Copy libotr to libotr3 so that ports that still rely on the old,dougb2012-09-084-0/+81
| | | | incompatible version can continue uninterrupted until they upgrade.
* Add vim specific modeline to help users write correct vuxmleadler2012-09-081-0/+1
| | | | Submitted by: bdrewery
* Document the vulnerability that led to emacs 24.2rakuco2012-09-081-0/+40
|
* - Update firefox to 15.0.1flo2012-09-082-9/+15
| | | | | | | | | | | | | | | | | | | | - Sync changes from gecko repository@r995 general - don't specify prefix for libevent when using pkg-config - ia64 and sparc64 use 8k pagesize by default - add visibility hack for clang 3.2 with libc++ - fix build using clang 3.2 (on FreeBSD 10-CURRENT) - rename a few more patches to ease tracking of bugzilla bugs www/seamonkey - unbreak unsetting LDAP and MAILNEWS options after bug 707305 - use compile time debugging WITH_DEBUG security/nss - unbreak install WITH_DEBUG - unbreak powerpc64 devel/nspr - use absolute paths when specifiying srcdir to make gdb(1) happy In collaboration with: andreast, zeising, Jan Beich <jbeich@tormail.org>
* Add a sanity check to ensure vuxml is actually installed prior to performingeadler2012-09-081-0/+5
| | | | | | | | the tidy step in validate. This step actually requires just the dependancies but the full validate requires that vuxml be installed. Reviewed by: simon Approved by: secteam (implicit)
* - Update to 3.4.2 [1] [2] [3]swills2012-09-081-0/+29
| | | | | | | | | | | | - Document security issue [4] PR: ports/171397 [1] PR: ports/171404 [2] PR: ports/171405 [3] Submitted by: Yuan-Chung Hsiao <ychsiao@ychsiao.org> (maintainer) [1] Submitted by: Joe Horn <joehorn@gmail.com> (maintainer) [2] [3] Reviewed by: eadler [4] Security: 30149157-f926-11e1-95cd-001fd0af1a4c
* Mark as broken on powerpc only on -current. This will unblock gnome,linimon2012-09-081-0/+3
| | | | | | kde, and other builds on 8 and 9. Hat: portmgr
* Update to 20120906garga2012-09-072-3/+3
|
* VuXML: add <modified> tag for Wireshark's entry for CVE-2012-3548rea2012-09-061-0/+1
|
* - Update to 4.07zi2012-09-062-3/+3
|
* - Update to 1.3.1zi2012-09-062-4/+3
|
* - Add in workaround for compatibility with libhtp >= 0.3zi2012-09-062-0/+12
| | | | - Bump PORTREVISION
* Change the wireshark version for the DRDA fix.marcus2012-09-061-4/+4
|
* Remove useless metadata from ports I created.des2012-09-051-5/+0
|
* Update 0.13.1 --> 0.15.1cy2012-09-052-4/+3
|
* - Update to 0.23culot2012-09-052-3/+3
| | | | Changes: http://search.cpan.org/dist/Authen-TacacsPlus/Changes
* VuXML: document XSS in MoinMoin before 1.9.4 via RST parserrea2012-09-051-0/+32
|
* VuXML: document wrong group ACL processing in MoinMoinrea2012-09-051-0/+44
|
* PHP 5.x: document header splitting vulnerabilityrea2012-09-051-0/+43
| | | | | | There is a related CVE number (CVE-2012-4388), but there is no current consensus about it: http://article.gmane.org/gmane.comp.security.oss.general/8303
* Modify fetchmail vuln' URLs to established site.mandree2012-09-051-23/+24
| | | | | While at it, adjust the two oldest topics to current format, for uniformity, on, for instance, http://www.vuxml.org/freebsd/pkg-fetchmail.html.
* Chase Emacs updatesashish2012-09-052-2/+2
|
* security/squidclamav: fix DoS and XSS vulnerabilitiesrea2012-09-044-1/+198
| | | | | | | | | | Apply upstream patches for CVE-2012-3501 and CVE-2012-4667. Security: http://www.vuxml.org/freebsd/ce680f0a-eea6-11e1-8bd8-0022156e8794.html Security: http://www.vuxml.org/freebsd/8defa0f9-ee8a-11e1-8bd8-0022156e8794.html PR: 171022 QA page: http://codelabs.ru/fbsd/ports/qa/security/squidclamav/5.7_1 Approved by: maintainer timeout (1 week)
* Mark as broken on powerpc and sparc64 (and, presumably, ia64).linimon2012-09-042-1/+11
| | | | Hat: portmgr
* - Add patch to fix getsubopt() parsingjohans2012-09-022-7/+257
| | | | | | | | | Fixes setting of "realm-kdc" and "server-realm" http://lists.gnu.org/archive/html/help-shishi/2012-08/msg00073.html - Bump PORTREVISION - Reduce Makefile header Submitted by: Mats Erik Andersson <openbsd@gisladisker.se>
* Inform the community about a recent bitcoin DoS vuln.eadler2012-09-021-0/+26
| | | | Reviewed by: swills
* - update bugzilla bugzilla3 and bugzilla42ohauer2012-09-021-0/+50
| | | | | | | | | | | | | | - use new bugzilla@ address (members skv@, tota@, ohauer@) - patch russian/japanese/german bugzilla and bugzilla templates so the reflect the security updates in the original templates - patch german/bugzilla42 templates - adopt new Makefile header vuxml: 6ad18fe5-f469-11e1-920d-20cf30e32f6d CVE: CVE-2012-3981 https://bugzilla.mozilla.org/show_bug.cgi?id=785470 https://bugzilla.mozilla.org/show_bug.cgi?id=785522 https://bugzilla.mozilla.org/show_bug.cgi?id=785511
* VuXML: document CVE-2012-3534, DoS via large number of connectionsrea2012-09-021-0/+31
|
* vuxml matches on PKGNAME, not on the port directory.eadler2012-09-021-5/+2
| | | | mediawiki118 has PKGNAME mediawiki-1.18.4
* Add "modified" tag to the Java 7 entryrea2012-09-021-0/+1
| | | | | | | Forgot to do it at r303435. Spotted by: wxs Pointyhat to: rea
* - Update www/mediawiki to 1.19.2wen2012-09-011-0/+67
| | | | | - Update www/mediawiki118 to 1.18.5 - Document the security bugs
* VuXML: update Java 7 entry with Oracle-provided detailsrea2012-09-011-2/+3
| | | | Oracle's Java 7 update 7 fixes CVE-2012-4681.
* Tidy up paragraph formatting (it passed "make validate" before).mandree2012-08-311-10/+8
| | | | Suggested by: wxs
* VuXML: document CVE-2012-3548, DoS in Wiresharkrea2012-08-311-0/+45
|
* Document vulnerabilities in www/chromium < 21.0.1180.89rene2012-08-311-0/+47
| | | | Obtained from: http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
* - Update net/asterisk to 1.8.15.1flo2012-08-311-1/+37
| | | | | | | | - Update net/asterisk10 to 10.7.1 - Document vulnerabilities in vuln.xml - Fix URLs in the pervious asterisk vuln.xml entry Security: http://www.vuxml.org/freebsd/4c53f007-f2ed-11e1-a215-14dae9ebcf89.html
* Update to 1.11skreuzer2012-08-312-3/+3
| | | | | PR: ports/171129 Submitted by: Steve Wills <swills@freebsd.org>
* - update firefox and thunderbird to 15.0flo2012-08-30