[no description] https://git.osdyson.ru/mirror/pkgsrc/atom?h=pkgsrc_2014Q4 2015-04-01T20:02:52Z 2015-04-01T20:02:52Z hiramatsu hiramatsu 2015-04-01T20:02:52Z urn:sha1:daa4713c4c2628d95871b35ef31283559ceb983c 2015-04-01T20:01:59Z hiramatsu hiramatsu 2015-04-01T20:01:59Z urn:sha1:9a3f8bf42d551572094250892d8f8e1177520cc2 devel/exctags: security patch Revisions pulled up: - devel/exctags/Makefile 1.27 - devel/exctags/distinfo 1.13 - devel/exctags/patches/patch-CVE-2014-7204 1.1 --- Module Name: pkgsrc Committed By: bsiegert Date: Sun Mar 29 09:19:06 UTC 2015 Modified Files: pkgsrc/devel/exctags: Makefile distinfo Added Files: pkgsrc/devel/exctags/patches: patch-CVE-2014-7204 Log Message: SECURITY: Fix CVE-2014-7204 (DoS in JavaScript parser) in exuberant-ctags. 2015-04-01T19:32:15Z hiramatsu hiramatsu 2015-04-01T19:32:15Z urn:sha1:15a6c885dbc640f9529aeca1e684ac1d1e8930aa 2015-04-01T19:30:43Z hiramatsu hiramatsu 2015-04-01T19:30:43Z urn:sha1:24d4af8e4ef55674e87f9fd0caf48db0b7659d65 sysutils/file: security update Revisions pulled up: - sysutils/file/Makefile 1.34 - sysutils/file/distinfo 1.21 - sysutils/file/patches/patch-config.h.in deleted - sysutils/file/patches/patch-configure deleted - sysutils/file/patches/patch-configure.ac deleted - sysutils/file/patches/patch-src_file.c deleted - sysutils/file/patches/patch-src_file.h deleted - sysutils/file/patches/patch-src_getline.c deleted --- Module Name: pkgsrc Committed By: bsiegert Date: Sun Mar 22 09:48:52 UTC 2015 Modified Files: pkgsrc/sysutils/file: Makefile distinfo Removed Files: pkgsrc/sysutils/file/patches: patch-config.h.in patch-configure patch-configure.ac patch-src_file.c patch-src_file.h patch-src_getline.c Log Message: SECURITY: Update file to 5.22. Bugs fixed: * restructure elf note printing to avoid repeated messages * add note limit, suggested by Alexander Cherepanov * Bail out on partial pread()'s (Alexander Cherepanov) * Fix incorrect bounds check in file_printable (Alexander Cherepanov) * PR/405: ignore SIGPIPE from uncompress programs * change printable -> file_printable and use it in more places for safety * Fix for CVE-2014-9620. 2015-04-01T18:14:52Z hiramatsu hiramatsu 2015-04-01T18:14:52Z urn:sha1:251214d7807b3b4e69c01179cbd490c734e95524 2015-04-01T18:11:56Z hiramatsu hiramatsu 2015-04-01T18:11:56Z urn:sha1:cc35f7e3f2fa208f126bc9530f413baa28db2888 net/ntp4: security update Revisions pulled up: - net/ntp4/Makefile 1.84 - net/ntp4/PLIST 1.17 - net/ntp4/distinfo 1.20 - net/ntp4/patches/patch-ntpd_ntp__io.c deleted --- Module Name: pkgsrc Committed By: bsiegert Date: Sat Mar 21 20:49:28 UTC 2015 Modified Files: pkgsrc/net/ntp4: Makefile PLIST distinfo Removed Files: pkgsrc/net/ntp4/patches: patch-ntpd_ntp__io.c Log Message: SECURITY: Update ntpd to 4.2.8p1. * [Sec 2671] vallen in extension fields are not validated. * [Sec 2672] On some OSes ::1 can be spoofed, bypassing source IP ACLs. 2015-04-01T16:43:53Z hiramatsu hiramatsu 2015-04-01T16:43:53Z urn:sha1:a3f3bfd36b4fd6b0ea57d731dade5dce3821fa6c 2015-04-01T16:41:36Z hiramatsu hiramatsu 2015-04-01T16:41:36Z urn:sha1:202e21b2cf4ae5b4cbdb8ff4fb89db4b97567fa3 net/lftp: security patch Revisions pulled up: - net/lftp/Makefile 1.109 - net/lftp/distinfo 1.62 - net/lftp/patches/patch-src_SSH__Access.cc 1.1 --- Module Name: pkgsrc Committed By: bsiegert Date: Sat Mar 21 20:04:39 UTC 2015 Modified Files: pkgsrc/net/lftp: Makefile distinfo Added Files: pkgsrc/net/lftp/patches: patch-src_SSH__Access.cc Log Message: SECURITY: add a patch to prevent saving of unknown host keys without user intervention. Bump PKGREVISION. 2015-04-01T15:35:44Z hiramatsu hiramatsu 2015-04-01T15:35:44Z urn:sha1:dae339772166e8cdd4940abb2709577555c3ec06 2015-04-01T15:32:04Z hiramatsu hiramatsu 2015-04-01T15:32:04Z urn:sha1:45d7b184ecc2063f1d9f87318b412992161034d8 audio/vorbis-tools: security patch Revisions pulled up: - audio/vorbis-tools/Makefile 1.61 - audio/vorbis-tools/distinfo 1.24 - audio/vorbis-tools/patches/patch-ac 1.10 --- Module Name: pkgsrc Committed By: bsiegert Date: Sat Mar 21 19:06:54 UTC 2015 Modified Files: pkgsrc/audio/vorbis-tools: Makefile distinfo pkgsrc/audio/vorbis-tools/patches: patch-ac Log Message: SECURITY: Fix CVE-2014-9640. https://trac.xiph.org/changeset/19117 oggenc: fix crash on raw file close, reported by Hanno in issue #2009. pointer to a non-static struct was escaping its scope.