[no description] https://git.osdyson.ru/mirror/pkgsrc/atom?h=pkgsrc_2008Q2 2008-09-17T10:41:37Z 2008-09-17T10:41:37Z tron tron 2008-09-17T10:41:37Z urn:sha1:2fb1eec323433624ef31d98bedad07975277e2f1 ruby18-base: security patch Revisions pulled up: - lang/ruby18-base/Makefile 1.47 - lang/ruby18-base/distinfo 1.34 - lang/ruby18-base/patches/patch-dg 1.5 - lang/ruby18-base/patches/patch-dh 1.3 --- Module Name: pkgsrc Committed By: taca Date: Sun Sep 14 05:17:18 UTC 2008 Modified Files: pkgsrc/lang/ruby18-base: Makefile distinfo Added Files: pkgsrc/lang/ruby18-base/patches: patch-dg patch-dh Log Message: Add fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3790 (http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/) from ruby_1_8 branch. Bump PKGREVISION. 2008-09-04T21:37:19Z tron tron 2008-09-04T21:37:19Z urn:sha1:b98e81c8cd800129ee520db8f9ce5f0e106db937 mono: security patch Revisions pulled up: - lang/mono/Makefile 1.70-1.71 - lang/mono/PLIST 1.25 - lang/mono/distinfo 1.37 - lang/mono/patches/patch-cl 1.1 - lang/mono/patches/patch-cm 1.1 --- Module Name: pkgsrc Committed By: tron Date: Sun Aug 10 16:19:33 UTC 2008 Modified Files: pkgsrc/lang/mono: Makefile PLIST Log Message: Remove directory "include/mono-1.0/mono" on deinstallation. Bump package revision because of a package list fix. --- Module Name: pkgsrc Committed By: kefren Date: Mon Sep 1 09:28:54 UTC 2008 Modified Files: pkgsrc/lang/mono: Makefile distinfo Added Files: pkgsrc/lang/mono/patches: patch-cl patch-cm Log Message: Merge fix for Bug 418620 (SVN revision 111276) - Sys.Web is prone to "HTTP header injection" attacks 2008-09-02T14:13:33Z rtr rtr 2008-09-02T14:13:33Z urn:sha1:1e015223391d425b65537f5b8c4dd9b384c1f17f python25: update for security fixes revisions pulled up: pkgsrc/lang/python25/Makefile 1.7,1.8 pkgsrc/lang/python25/distinfo 1.6 pkgsrc/lang/python25/patches/patch-at 1.2 pkgsrc/lang/python25/patches/patch-ba 1.1 pkgsrc/lang/python25/patches/patch-bb 1.1 pkgsrc/lang/python25/patches/patch-bc 1.1 pkgsrc/lang/python25/patches/patch-bd 1.1 pkgsrc/lang/python25/patches/patch-be 1.1 pkgsrc/lang/python25/patches/patch-bf 1.1 pkgsrc/lang/python25/patches/patch-bg 1.1 pkgsrc/lang/python25/patches/patch-bh 1.1 pkgsrc/lang/python25/patches/patch-bi 1.1 pkgsrc/lang/python25/patches/patch-bj 1.1 pkgsrc/lang/python25/patches/patch-bk 1.1 pkgsrc/lang/python25/patches/patch-ca 1.1 pkgsrc/lang/python25/patches/patch-cb 1.1 pkgsrc/lang/python25/patches/patch-cc 1.1 pkgsrc/lang/python25/patches/patch-cd 1.1 pkgsrc/lang/python25/patches/patch-ce 1.1 pkgsrc/lang/python25/patches/patch-da 1.1 pkgsrc/lang/python25/patches/patch-db 1.1 pkgsrc/lang/python25/patches/patch-ea 1.1 Module Name: pkgsrc Committed By: joerg Date: Mon Jul 14 14:42:51 UTC 2008 Modified Files: pkgsrc/lang/python25: Makefile Log Message: Always build depend on readline, so that devel/py-readline can pick up the right config. Bump revision. ------------------------------------------------------------------------ Module Name: pkgsrc Committed By: tron Date: Sat Aug 30 10:02:33 UTC 2008 Modified Files: pkgsrc/lang/python25: Makefile distinfo pkgsrc/lang/python25/patches: patch-at Added Files: pkgsrc/lang/python25/patches: patch-ba patch-bb patch-bc patch-bd patch-be patch-bf patch-bg patch-bh patch-bi patch-bj patch-bk patch-ca patch-cb patch-cc patch-cd patch-ce patch-da patch-db patch-ea Log Message: Add security patches for CVE-2008-2315, CVE-2008-2316, CVE-2008-3142 and CVE-2008-3144 (this one shouldn't affect platforms supported by pkgsrc) all taken from Gentoo. Bump package revision. 2008-08-20T09:30:43Z tron tron 2008-08-20T09:30:43Z urn:sha1:d7da887a7f35fa0d9e6a5bf3677961b6aa6a9728 sun-jdk15: security update sun-jre15: security update Revisions pulled up: - lang/sun-jdk15/Makefile 1.32 - lang/sun-jdk15/distinfo 1.19 - lang/sun-jre15/Makefile 1.55 - lang/sun-jre15/PLIST.linux-i386 1.8 - lang/sun-jre15/PLIST.linux-x86_64 1.6 - lang/sun-jre15/distinfo 1.20 --- Module Name: pkgsrc Committed By: he Date: Fri Aug 15 15:06:36 UTC 2008 Modified Files: pkgsrc/lang/sun-jdk15: Makefile distinfo pkgsrc/lang/sun-jre15: Makefile PLIST.linux-i386 PLIST.linux-x86_64 distinfo Log Message: Update to Java 5.0 Update 16. Fixes a number of security vulnerabilities. Also updates some root certificates and imports tzdata2008b. Sun's release notes are at http://java.sun.com/j2se/1.5.0/ReleaseNotes.html#150_16 2008-08-12T11:22:11Z rtr rtr 2008-08-12T11:22:11Z urn:sha1:4f14e7f145cd2ec66b1ebf135affb9831ab70995 ruby-curses, ruby, ruby18-base, ruby-tk: security fix revisions pulled up pkgsrc/lang/ruby/rubyversion.mk 1.44 pkgsrc/lang/ruby18-base/distinfo 1.17 pkgsrc/devel/ruby-curses/distinfo 1.33 pkgsrc/x11/ruby-tk/distinfo 1.20 Module Name: pkgsrc Committed By: taca Date: Mon Aug 11 06:58:33 UTC 2008 Modified Files: pkgsrc/lang/ruby: rubyversion.mk pkgsrc/lang/ruby18-base: distinfo Log Message: Update ruby18-base to 1.8.7.72 (Ruby 1.8.7-p72). These packages are implicitly updated with distfile update only. databases/ruby-gdbm devel/ruby-readline lang/ruby lang/ruby18 Here's quote from release announce: Sorry for a fuss, but it turned out that taintness check of dl in last releases I made was incomplete. Here are fixes for that. And relevant changes: Mon Aug 11 09:37:17 2008 Yukihiro Matsumoto <matz@ruby-lang.org> * ext/dl/dl.c (rb_str_to_ptr): should propagate taint to dlptr. * ext/dl/dl.c (rb_ary_to_ptr): ditto. * ext/dl/sym.c (rb_dlsym_call): should check taint of DLPtrData as well. ------------------------------------------------------------------------ Module Name: pkgsrc Committed By: taca Date: Mon Aug 11 06:59:40 UTC 2008 Modified Files: pkgsrc/devel/ruby-curses: distinfo Log Message: Update ruby-curses package to 1.8.7.72. It is distfile change only. ------------------------------------------------------------------------ Module Name: pkgsrc Committed By: taca Date: Mon Aug 11 06:59:55 UTC 2008 Modified Files: pkgsrc/x11/ruby-tk: distinfo Log Message: Update ruby-curses package to 1.8.7.72. It is distfile change only. 2008-08-10T17:02:25Z tron tron 2008-08-10T17:02:25Z urn:sha1:a1824d076751431a446702a544e0660562b406dd Security patches for python24 Revisions pulled up: - lang/python24/Makefile 1.44-1.45 - lang/python24/distinfo 1.29-1.31 - lang/python24/patches/patch-ba 1.1 - lang/python24/patches/patch-bb 1.1 - lang/python24/patches/patch-bc 1.1 - lang/python24/patches/patch-bd 1.1 - lang/python24/patches/patch-be 1.1 - lang/python24/patches/patch-bf 1.1 - lang/python24/patches/patch-bg 1.1 - lang/python24/patches/patch-bh 1.1 - lang/python24/patches/patch-bi 1.1 - lang/python24/patches/patch-bj 1.1 - lang/python24/patches/patch-bk 1.1 - lang/python24/patches/patch-bl 1.1 - lang/python24/patches/patch-bm 1.1 --- Module Name: pkgsrc Committed By: joerg Date: Mon Jul 14 14:42:51 UTC 2008 Modified Files: pkgsrc/lang/python24: Makefile Log Message: Always build depend on readline, so that devel/py-readline can pick up the right config. Bump revision. --- Module Name: pkgsrc Committed By: drochner Date: Tue Aug 5 10:13:34 UTC 2008 Modified Files: pkgsrc/lang/python24: Makefile distinfo Added Files: pkgsrc/lang/python24/patches: patch-ba patch-bb patch-bc patch-bd patch-be patch-bf patch-bg Log Message: add patches from upstream svn rev.65333, fix integer overflows in memory allocation (CVE-2008-2315) --- Module Name: pkgsrc Committed By: drochner Date: Tue Aug 5 10:45:46 UTC 2008 Modified Files: pkgsrc/lang/python24: distinfo Added Files: pkgsrc/lang/python24/patches: patch-bh patch-bi patch-bj patch-bk patch-bl Log Message: also apply upstream svn rev.65262, fixes overflow checks in memory allocation (CVE-2008-3142), ride on PKGREVISION bump some minutes ago --- Module Name: pkgsrc Committed By: drochner Date: Thu Aug 7 11:20:18 UTC 2008 Modified Files: pkgsrc/lang/python24: distinfo Added Files: pkgsrc/lang/python24/patches: patch-bm Log Message: Add a patch from the upstream 2.5 branch (svn rev.63883) to fix an integer overflow in the vsnprintf replacement function. This is likely not a real problem, and the patch wasn't pulled to the upstream 2.4 branch, but so we can formally declare our 2.4 as not vulnerable now. 2008-08-10T15:27:26Z tron tron 2008-08-10T15:27:26Z urn:sha1:1c8282e04e0823ef80520796bb745de8339cc62b Security patch for mono Revisions pulled up: - lang/mono/Makefile 1.69 - lang/mono/distinfo 1.36 - lang/mono/patches/patch-cf 1.1 - lang/mono/patches/patch-cg 1.1 - lang/mono/patches/patch-ch 1.1 - lang/mono/patches/patch-ci 1.1 - lang/mono/patches/patch-cj 1.1 - lang/mono/patches/patch-ck 1.1 --- Module Name: pkgsrc Committed By: kefren Date: Sat Aug 9 19:57:51 UTC 2008 Modified Files: pkgsrc/lang/mono: Makefile distinfo Added Files: pkgsrc/lang/mono/patches: patch-cf patch-cg patch-ch patch-ci patch-cj patch-ck Log Message: fix an cross site scripting vulnerability bump PKGREVISION 2008-08-08T14:37:50Z ghen ghen 2008-08-08T14:37:50Z urn:sha1:35821c18e266453077fed8ba802c7f11d26f8446 security update for ruby - pkgsrc/devel/ruby-curses/distinfo 1.16 - pkgsrc/lang/ruby/rubyversion.mk 1.43 - pkgsrc/lang/ruby18-base/Makefile 1.46 - pkgsrc/lang/ruby18-base/distinfo 1.32 - pkgsrc/lang/ruby18-base/patches/patch-ad removed - pkgsrc/x11/ruby-tk/distinfo 1.19 Module Name: pkgsrc Committed By: taca Date: Fri Aug 8 12:38:59 UTC 2008 Modified Files: pkgsrc/lang/ruby: rubyversion.mk Log Message: Start update of Ruby 1.8.7 patchlevel 71. --- Module Name: pkgsrc Committed By: taca Date: Fri Aug 8 12:42:44 UTC 2008 Modified Files: pkgsrc/lang/ruby18-base: Makefile distinfo Removed Files: pkgsrc/lang/ruby18-base/patches: patch-ad Log Message: Update ruby18-base to 1.8.7.71. pkgsrc change: Apply fix for sunpro compilre, provided by PR pkg/37771 from Naoto Morishima. This release includes fix for multiple vulnerabilities. http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/ * Several vulnerabilities in safe level * DoS vulnerability in WEBrick * Lack of taintness check in dl * DNS spoofing vulnerability in resolv.rb Full changes are too many, please refer ChangeLog file. --- Module Name: pkgsrc Committed By: taca Date: Fri Aug 8 12:43:51 UTC 2008 Modified Files: pkgsrc/devel/ruby-curses: distinfo Log Message: Update ruby-curses package to 1.8.7.71. This is version update only, no functional change in this ruby extention. --- Module Name: pkgsrc Committed By: taca Date: Fri Aug 8 12:44:51 UTC 2008 Modified Files: pkgsrc/x11/ruby-tk: distinfo Log Message: Update ruby-tk package to 1.8.7.71. This is version update only, no functional change in this ruby extention. 2008-07-11T13:17:39Z obache obache 2008-07-11T13:17:39Z urn:sha1:eae987f8a5a9e1e63f6cb9bb60f2d1eb8571df4d Noticed by Zafer Aydogan via private mail. 2008-07-08T20:28:55Z adrianp adrianp 2008-07-08T20:28:55Z urn:sha1:68758ad9bd0ed5c2e0b975386e835a816a7437bf Fixes PR 39081 PKGREVISION++