Age | Commit message (Collapse) | Author | Files | Lines |
|
PLIST fix for lablgtk2
Revisions pulled up:
- pkgsrc/x11/lablgtk2/Makefile 1.5
- pkgsrc/x11/lablgtk2/PLIST 1.2
Module Name: pkgsrc
Committed By: drochner
Date: Tue May 31 15:56:18 UTC 2005
Modified Files:
pkgsrc/x11/lablgtk2: PLIST
Log Message:
sync with reality
---
Module Name: pkgsrc
Committed By: wiz
Date: Wed Jun 1 21:00:26 UTC 2005
Modified Files:
pkgsrc/x11/lablgtk2: Makefile
Log Message:
Bump PKGREVISION after PLIST fix (hi drochner!)
Noted by salo@.
|
|
|
|
bugfix updates for xentools20
Revisions pulled up:
- pkgsrc/sysutils/xentools20/Makefile 1.6, 1.8, 1.10
- pkgsrc/sysutils/xentools20/files/xend.sh 1.2
- pkgsrc/sysutils/xentools20/distinfo 1.4-1.5
- pkgsrc/sysutils/xentools20/patches/patch-af 1.2
- pkgsrc/sysutils/xentools20/patches/patch-as 1.1
Module Name: pkgsrc
Committed By: bouyer
Date: Fri Apr 1 19:06:12 UTC 2005
Modified Files:
pkgsrc/sysutils/xentools20: Makefile
pkgsrc/sysutils/xentools20/files: xend.sh
Log Message:
xend.sh fixes:
- set command_interpreter, so that rc.subr(8) can find the process(es).
- /usr/pkg/sbin/xend {stop,restart} don't to what we expect, to
let rc.subr do it instead.
Bump PKGREVISION.
Should fix pkg/29847.
---
Module Name: pkgsrc
Committed By: wiz
Date: Sat Apr 16 13:35:29 UTC 2005
Modified Files:
pkgsrc/sysutils/xentools20: Makefile
Log Message:
Fix dependency pattern to include [0-9].
---
Module Name: pkgsrc
Committed By: xtraeme
Date: Mon May 23 18:05:16 UTC 2005
Modified Files:
pkgsrc/sysutils/xentools20: distinfo
pkgsrc/sysutils/xentools20/patches: patch-af
Log Message:
Fix build on NetBSD/-current by including <sys/select.h>.
---
Module Name: pkgsrc
Committed By: bouyer
Date: Mon May 23 22:02:04 UTC 2005
Modified Files:
pkgsrc/sysutils/xentools20: Makefile distinfo
Added Files:
pkgsrc/sysutils/xentools20/patches: patch-as
Log Message:
Don't mmap /kern/xen/privcmd (this doesn't work any more on current),
use MAP_ANON instead. Bump pkgrevision.
|
|
|
|
security update for cyrus-imapd21
Revisions pulled up:
- pkgsrc/mail/cyrus-imapd21/Makefile 1.29
- pkgsrc/mail/cyrus-imapd21/distinfo 1.10, 1.11
Module Name: pkgsrc
Committed By: wiz
Date: Wed May 25 12:44:19 UTC 2005
Modified Files:
pkgsrc/mail/cyrus-imapd21: distinfo
Log Message:
Add RMD160 checksum.
----
Module Name: pkgsrc
Committed By: adrianp
Date: Sat May 28 17:41:54 UTC 2005
Modified Files:
pkgsrc/mail/cyrus-imapd21: Makefile distinfo
Log Message:
- Update cyrus-imapd21 to 2.1.18:
- From the changelog:
> Changes to the Cyrus IMAP Server since 2.1.17
> Fix single byte overflow in imapd annotate extension.
>
> Changes to the Cyrus IMAP Server since 2.1.16
> Fix several security issues in imapd and in mysasl_canon_user.
>
> Changes to the Cyrus IMAP Server since 2.1.15
> Clean up a timeout bug in fud proxy code.
> Fix a number of bugs with the murder and altnamespace handling.
> Detect fork() failures when launching sendmail in lmtpd
> Enable telemetry logging in lmtpd/lmtpproxyd
> Allow APOP to be disabled via an imap option
> Fix reconstruct to handle missing cyrus.header files
> Add the quotawarnkb option
> Update MUPDATE to look for IANA assigned port numbers.
|
|
|
|
security fix for tcpdump
Revisions pulled up:
- pkgsrc/net/tcpdump/Makefile 1.15
- pkgsrc/net/tcpdump/distinfo 1.8
- pkgsrc/net/tcpdump/patches/patch-ac 1.1
- pkgsrc/net/tcpdump/patches/patch-ad 1.1
- pkgsrc/net/tcpdump/patches/patch-ae 1.1
- pkgsrc/net/tcpdump/patches/patch-af 1.1
Module Name: pkgsrc
Committed By: adrianp
Date: Sat May 28 14:15:23 UTC 2005
Modified Files:
pkgsrc/net/tcpdump: Makefile distinfo
Added Files:
pkgsrc/net/tcpdump/patches: patch-ac patch-ad patch-ae patch-af
Log Message:
- Update to nb1 for security issues
- Patches from tcpdump.org CVS tree
|
|
|
|
security update for gxine
Revisions pulled up:
- pkgsrc/multimedia/gxine/Makefile 1.9, 1.10
- pkgsrc/multimedia/gxine/distinfo 1.4, 1.5, 1.6
- pkgsrc/multimedia/gxine/patches/patch-ac 1.3
- pkgsrc/multimedia/gxine/patches/patch-ad 1.3, 1.4
- pkgsrc/multimedia/gxine/patches/patch-ag 1.1
- pkgsrc/multimedia/gxine/patches/patch-ah 1.1
- pkgsrc/multimedia/gxine/patches/patch-ai 1.1, 1.2
- pkgsrc/multimedia/gxine/patches/patch-aj 1.1
Module Name: pkgsrc
Committed By: rillig
Date: Wed Apr 13 16:39:32 UTC 2005
Modified Files:
pkgsrc/multimedia/gxine: Makefile distinfo
Added Files:
pkgsrc/multimedia/gxine/patches: patch-ag patch-ah patch-ai patch-aj
patch-ak
Log Message:
Added some patches for ISO C90 compliance, for NetBSD-1.6.2, and for
gcc-2.95. Approved by jlam.
----
Module Name: pkgsrc
Committed By: reed
Date: Sun May 8 06:33:35 UTC 2005
Modified Files:
pkgsrc/multimedia/gxine: distinfo
pkgsrc/multimedia/gxine/patches: patch-ac
Added Files:
pkgsrc/multimedia/gxine/patches: patch-ad
Log Message:
Make this build under FreeBSD.
PKGREVISION not bumped since these changes only matter for
FreeBSD build which failed in the first place.
Note that xine-lib is needed, but the xine-lib fixes for
FreeBSD have not been committed yet.
(If you are curious, I am using gxine on FreeBSD all installed
via pkgsrc to watch a MS Windows Media 7 ASF video and listen to
MS Windows Media Audio 2 without any win32-codecs installed.)
----
Module Name: pkgsrc
Committed By: salo
Date: Fri May 27 12:09:27 UTC 2005
Modified Files:
pkgsrc/multimedia/gxine: Makefile distinfo
pkgsrc/multimedia/gxine/patches: patch-ad patch-ai
Removed Files:
pkgsrc/multimedia/gxine/patches: patch-ak
Log Message:
Update to version 0.4.5
Changes:
0.4.5:
======
- SECURITY FIX (pst.advisory 2005-21)
Remotely-exploitable missing-format-string vulnerability in some
message dialogue boxes.
- Fixed some brokenness in the visualisations menu; hide/show the
video widget as needed when selecting an item from that menu.
- Better handling of uninstantiatable post-plugins (when configuring).
- Caught and replaced another asprintf. [Bug 1204625]
- Compile fix (Solaris): need $(X_EXTRA_LIBS).
- Correct the documentation of the '-e' option in gxine.1.
- Don't set a title for the full-screen toolbar.
- Set up X threads earlier (it was being done too late).
(based on a patch from Antti P Miettinen <ananaza@iki.fi>.)
0.4.4:
======
- Added support for VDR's AUDIO key.
- Made the browser plugin optional.
- Stop playback on playlist clear.
- Fixed a bug in multi-file drag+drop.
0.4.3:
======
- Fix a bug in JS vdr(). It should check the active MRL rather than
the currently-selected playlist entry.
- Fix a post-plugin parameter handling error.
- Provide a few more default bindings with keys.
- Fix a compile failure when using xine-lib 1.0 headers. Whoops :-(
- Added doc/Keybindings-HOWTO (from Craig Sanders).
0.4.2:
======
- Use external JS lib by default (if available).
If you're using amd64, you want this, I'm told.
- This version should be buildable and useable with GTK+2.2.
It may also use, but not rely on, a few features from GTK+2.6.
- Configure switches for GTK+ versions compatibility and whether to
use the desktop integration wizard. (Mainly for packagers.)
- Mark 'repeat' and 'random' buttons (playlist) as having accelerator
keys.
- Improve prefs window numeric entry editing.
- "tvtime" deinterlace plugin support.
- Video and audio post-plugin chain support.
The deinterlace plugin is prepended to the video chain if enabled.
The visualisation plugin is prepended to the audio chain if active.
- Hide tab & border for single-page notebooks in the prefs window.
- Make columns in playlist etc. resizable.
- Fixed a few crash/warning bugs (mediamarks/playlist item edit) left
over from 0.4.1.
- Respond to volume changes made externally.
- Fix crash on virtual desktop change. The full-screen window is now
sticky and on all desktops. (If you have a better way of fixing
this which *doesn't* require this, let me know.)
- Fix overlay bug with window managers, such as IceWM, which have
their own toolbars.
- Text preferences which are uncommitted may be undone by Ctrl '-' or
Undo.
- Make the visualisation setting a preference.
- Fix a few problems in playlist expansion via xine-lib.
- Add JS event(NAME) function and make event() and vdr() output help
text if called without parameters.
- Add keybinding entries for 'next angle' and 'previous angle'.
- Save the A/V offset setting.
- Build fix: apparently, Spidermonkey isn't always libsmjs.so.
- Stop GTK's complaints when the locale doesn't use UTF-8.
(This is done by telling gettext that we want translated text in
UTF-8. Some is intended for the console; this isn't special-cased.)
- Add a few extra icons to the menus.
- Add config options for default window size and magnification of
low-res video streams.
- Improve live-stream detection; recognise streams of unknown length.
- Improve the current stream title display.
- Rely on xine-lib's XML parser and quote some characters when saving
the playlist, media marks and key bindings.
- Change the way in which the control button images are implemented.
(There are problems with some GTK+ theme engines otherwise.)
- Try to update the current playlist item's title from the stream
automatically unless the title has been edited.
- Deleting a playlist item will, if it is being played, cause the
next item to be played (or the player to enter idle mode).
- Use ellipsis in long entries in the playlist & mediamarks windows.
(Requires GTK+2.6.)
- Allow drag&drop for reordering playlist items.
- Prevent multiple install wizard instantiations.
- Add menu tooltips for plugins with short descriptions in the plugin
chain configuration windows.
- Make playlist repeat & random settings persistent. (Guenter)
|
|
|
|
security fix for net-snmp
Revisions pulled up:
- pkgsrc/net/net-snmp/Makefile patched by hand
- pkgsrc/net/net-snmp/buildlink3.mk patched by hand
- pkgsrc/net/net-snmp/distinfo patched by hand
- pkgsrc/net/net-snmp/patches/patch-ab 1.5
Module Name: pkgsrc
Committed By: tron
Date: Wed May 25 13:49:10 UTC 2005
Modified Files:
pkgsrc/net/net-snmp: Makefile distinfo
Added Files:
pkgsrc/net/net-snmp/patches: patch-ab
Log Message:
Replace "fixproc" script with version from "net-snmp" CVS respository.
This fixes the security problem documented in SA15471. Bump package
revision because of this change.
|
|
|
|
security update for mhonarc
Revisions pulled up:
- pkgsrc/mail/mhonarc/Makefile 1.20
- pkgsrc/mail/mhonarc/distinfo 1.13
Module Name: pkgsrc
Committed By: adrianp
Date: Fri May 27 11:41:03 UTC 2005
Modified Files:
pkgsrc/mail/mhonarc: Makefile distinfo
Log Message:
- Update mhonarc for recent security issue (XSS)
- From the changelog:
> 9050 Regex abort error in mhmimetypes.pl under Win32
> 11187 incorrectly parsing UTF-8 encoded messages
> 11207 usenameext option to m2h_external::filter has no effect
> 11760 spammode false positives on some HTML mail
> 11762 rel=nofollow attribute support in message body hyperlinks
> 11977 TSLICETOPBEGCUR ignored
> 12512 Consecutive spaces not displayed in some cases
> 12802 SubjectStripCode not working on message file
> 12930 Cross site scripting bug in m2h_text_html::filter
|
|
|
|
security update for openslp
Revisions pulled up:
- pkgsrc/net/openslp/Makefile 1.26
- pkgsrc/net/openslp/buildlink3.mk 1.8
- pkgsrc/net/openslp/distinfo 1.12
- pkgsrc/net/openslp/patches/patch-ac 1.2
- pkgsrc/net/openslp/patches/patch-ae 1.2
- pkgsrc/net/openslp/patches/patch-ah 1.2
- pkgsrc/net/openslp/patches/patch-ad removed
- pkgsrc/net/openslp/patches/patch-af removed
- pkgsrc/net/openslp/patches/patch-ag removed
- pkgsrc/net/openslp/patches/patch-ai 1.1
Module Name: pkgsrc
Committed By: adrianp
Date: Thu May 26 20:14:21 UTC 2005
Modified Files:
pkgsrc/net/openslp: Makefile buildlink3.mk distinfo
pkgsrc/net/openslp/patches: patch-ac patch-ae patch-ah
Added Files:
pkgsrc/net/openslp/patches: patch-ai
Removed Files:
pkgsrc/net/openslp/patches: patch-ad patch-af patch-ag
Log Message:
- Update to 1.2.1 - ok'ed jlam@
- This incorporates security fixes from SuSE to address the issues
they found
From the ChangeLog:
> 02/04/2005 jcalcote@novell.com
> Incorporated various bug fixes from SuSE and others.
> Updated Autotools files for version 1.5+
|
|
|
|
security update for bzip2
Revisions pulled up:
- pkgsrc/archivers/bzip2/PLIST 1.3
- pkgsrc/archivers/bzip2/Makefile 1.39
- pkgsrc/archivers/bzip2/buildlink3.mk 1.17
- pkgsrc/archivers/bzip2/distinfo 1.12
- pkgsrc/archivers/bzip2/patches/patch-aa 1.11
Module Name: pkgsrc
Committed By: rillig
Date: Mon May 23 06:49:29 UTC 2005
Modified Files:
pkgsrc/archivers/bzip2: PLIST
Log Message:
Sorted PLIST entries to make pkglint happy.
----
Module Name: pkgsrc
Committed By: salo
Date: Thu May 26 15:03:11 UTC 2005
Modified Files:
pkgsrc/archivers/bzip2: Makefile buildlink3.mk distinfo
pkgsrc/archivers/bzip2/patches: patch-aa
Log Message:
Security update to version 1.0.3
- Further robustification against corrupted compressed data.
There are currently no known bitstreams which can cause the
decompressor to crash, loop or access memory which does not
belong to it. If you are using bzip2 or the library to
decompress bitstreams from untrusted sources, an upgrade
to 1.0.3 is recommended.
http://scary.beasts.org/security/CESA-2005-002.txt
- The documentation has been converted to XML, from which html
and pdf can be derived.
- Various minor bugs in the documentation have been fixed.
- Fixes for various compilation warnings with newer versions of
gcc, and on 64-bit platforms.
- The BZ_NO_STDIO cpp symbol was not properly observed in 1.0.2.
This has been fixed.
|
|
security update for ImageMagick
Revisions pulled up:
- pkgsrc/graphics/ImageMagick/Makefile.common 1.40
- pkgsrc/graphics/ImageMagick/PLIST 1.37
- pkgsrc/graphics/ImageMagick/distinfo 1.49
- pkgsrc/graphics/ImageMagick/patches/patch-aa 1.30
- pkgsrc/graphics/ImageMagick/buildlink3.mk 1.9
Module Name: pkgsrc
Committed By: adam
Date: Wed May 25 10:32:33 UTC 2005
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile.common PLIST distinfo
pkgsrc/graphics/ImageMagick/patches: patch-aa
Log Message:
Changes 6.2.3.0:
* Bug fixes
----
Module Name: pkgsrc
Committed By: salo
Date: Thu May 26 13:37:32 UTC 2005
Modified Files:
pkgsrc/graphics/ImageMagick: buildlink3.mk
Log Message:
Bump BUILDLINK_RECOMMENDED after latest update with security fixes.
(hi adam!)
|
|
|
|
various changes in bulk/upload script
Module Name: pkgsrc
Committed By: hubertf
Date: Wed Mar 30 22:26:37 UTC 2005
Modified Files:
pkgsrc/mk/bulk: upload
Log Message:
Before calculating checksums, print a line that says what's happening.
With a slow NFS server (as mine), this can take a lot of time.
---
Module Name: pkgsrc
Committed By: hubertf
Date: Wed Mar 30 22:36:18 UTC 2005
Modified Files:
pkgsrc/mk/bulk: upload
Log Message:
If SIGN_AS is not set, remind the user to please sign the checksum
files manually.
Suggested and OK'd by jschauma@
---
Module Name: pkgsrc
Committed By: jschauma
Date: Sun Apr 10 21:44:04 UTC 2005
Modified Files:
pkgsrc/mk/bulk: upload
Log Message:
uncomment the checksums for IRIX
(the commented version was committed by mistake)
---
Module Name: pkgsrc
Committed By: jschauma
Date: Sat Apr 30 21:35:06 UTC 2005
Modified Files:
pkgsrc/mk/bulk: upload
Log Message:
s/upto date/up-to-date/
---
Module Name: pkgsrc
Committed By: wiz
Date: Sun May 8 13:29:09 UTC 2005
Modified Files:
pkgsrc/mk/bulk: upload
Log Message:
Changes to the upload script:
vulnerable packages are uploaded directly into the vulnerable subdir.
While here:
quote variables
better handling of the temporary directory
remove some backwards compatibility code that's been here long enough
opsys-specific package handling was doing the same as non-opsys
specific, so fold them together.
Written together with dillo.
|
|
|
|
security fix for freeradius
Revisions pulled up:
- pkgsrc/net/freeradius/Makefile 1.28
- pkgsrc/net/freeradius/distinfo 1.14
- pkgsrc/net/freeradius/patches/patch-ak 1.3
Module Name: pkgsrc
Committed By: adrianp
Date: Wed May 18 21:58:45 UTC 2005
Modified Files:
pkgsrc/net/freeradius: Makefile distinfo
Added Files:
pkgsrc/net/freeradius/patches: patch-ak
Log Message:
- Add fix for recent security issue
|
|
|
|
security update for bugzilla
Revisions pulled up:
- pkgsrc/devel/bugzilla/DESCR 1.2
- pkgsrc/devel/bugzilla/MESSAGE 1.2
- pkgsrc/devel/bugzilla/Makefile 1.6
- pkgsrc/devel/bugzilla/PLIST 1.3
- pkgsrc/devel/bugzilla/distinfo 1.5
Module Name: pkgsrc
Committed By: adrianp
Date: Sun May 15 17:04:32 UTC 2005
Modified Files:
pkgsrc/devel/bugzilla: DESCR MESSAGE Makefile PLIST distinfo
Log Message:
- Update to 2.18.1
- Two "Information Disclosure" security bugs fixed
- From the ChangeLog:
> + You can now enter a negative time for "Hours Worked"
> in the time-tracking area. (Bug 271276)
>
> + The BugMail.pm customization required for Windows (as
> described in the Bugzilla Guide) now actually works. (Bug 280911)
>
> + Users who were using Bugzilla 2.8 can now successfully upgrade
> to 2.18.1 (they couldn't upgrade to 2.18). (Bug 283403)
>
> + Dependency mails are now properly sent during a mass-change of bugs.
> (Bug 178157)
|
|
|
|
remove mozilla-stable
Module Name: pkgsrc
Committed By: wiz
Date: Mon Apr 18 22:40:36 UTC 2005
Modified Files:
pkgsrc/www: Makefile
Removed Files:
pkgsrc/www/mozilla-stable: DESCR Makefile PLIST buildlink3.mk distinfo
pkgsrc/www/mozilla-stable/files: moz-install mozilla-ELF.in
mozilla-Mach-O.in mozilla-a.out.in xptcinvoke_asm_sparc64_netbsd.s
xptcinvoke_sparc64_netbsd.cpp xptcstubs_asm_sparc64_netbsd.s
xptcstubs_sparc64_netbsd.cpp
pkgsrc/www/mozilla-stable/patches: patch-aa patch-ab patch-ac patch-ad
patch-ae patch-af patch-ag patch-ah patch-ai patch-aj patch-ak
patch-al patch-an patch-ao patch-aw patch-ax patch-ba patch-bb
patch-bm patch-bo patch-bq patch-br patch-bs patch-bt patch-bu
patch-bv patch-bw patch-bx patch-by patch-bz patch-ca patch-cb
patch-cc
Log Message:
Remove mozilla-stable; not much difference to the mozilla package
itself. Okayed by the maintainer, taya@.
|
|
|
|
security update for mozilla
Revisions pulled up:
- pkgsrc/www/mozilla/Makefile 1.145
- pkgsrc/www/mozilla/Makefile.common 1.50-1.51, 1.53-1.54
- pkgsrc/www/mozilla/buildlink3.mk 1.11
- pkgsrc/www/mozilla/distinfo 1.76
- pkgsrc/www/mozilla-gtk2/Makefile 1.22
- pkgsrc/www/mozilla-gtk2/buildlink3.mk 1.9
Module Name: pkgsrc
Committed By: abs
Date: Sat Apr 2 09:46:41 UTC 2005
Modified Files:
pkgsrc/www/mozilla: Makefile.common
Log Message:
cut trailing whitespace
---
Module Name: pkgsrc
Committed By: abs
Date: Sat Apr 2 14:38:15 UTC 2005
Modified Files:
pkgsrc/www/firefox: Makefile
pkgsrc/www/mozilla: Makefile.common
pkgsrc/www/mozilla-gtk2: Makefile
Log Message:
MOZILLA_USE_GTK2 needs --disable-gnomevfs, so make this so in
mozilla/Makefile.common, rather than adding it into each Makefile
(also fixes thunderbird-gtk2).
---
Module Name: pkgsrc
Committed By: taya
Date: Sun Apr 24 14:05:06 UTC 2005
Modified Files:
pkgsrc/www/mozilla: Makefile.common
Log Message:
set CONFIG_GUESS_OVERRIDE, CONFIG_SUB_OVERRIDE, and CONFIG_STATUS_OVERRIDE
explicitly, because it fails to detect them with default setting.
suggested by Todd Willey.
---
Module Name: pkgsrc
Committed By: taya
Date: Sun May 15 02:58:05 UTC 2005
Modified Files:
pkgsrc/www/mozilla: Makefile Makefile.common buildlink3.mk distinfo
pkgsrc/www/mozilla-gtk2: Makefile buildlink3.mk
Log Message:
Update mozilla & mozilla-gtk2 to 1.7.8
This is a security fix release.
Fixed vulnerabilities are follows:
MFSA 2005-44 Privilege escalation via non-DOM property overrides
MFSA 2005-43 "Wrapped" javascript: urls bypass security checks
MFSA 2005-42 Code execution via javascript: IconURL
|
|
|
|
portability fix for cdbkup
Revisions pulled up:
- pkgsrc/sysutils/cdbkup/Makefile 1.4
Module Name: pkgsrc
Committed By: kristerw
Date: Fri Mar 25 23:11:19 UTC 2005
Modified Files:
pkgsrc/sysutils/cdbkup: Makefile
Log Message:
Rewrite the version test in a way the NetBSD 1.6 make understands.
|
|
|
|
security update for firefox
Revisions pulled up:
- pkgsrc/www/firefox/Makefile 1.15
- pkgsrc/www/firefox/Makefile-firefox.common 1.14, 1.16-1.18
- pkgsrc/www/firefox/PLIST 1.13-1.15
- pkgsrc/www/firefox/buildlink3.mk 1.5
- pkgsrc/www/firefox/distinfo 1.29
- pkgsrc/www/firefox-gtk1/PLIST 1.3-1.4
- pkgsrc/www/firefox-gtk1/buildlink3.mk 1.4
Module Name: pkgsrc
Committed By: taya
Date: Wed Apr 13 13:34:26 UTC 2005
Modified Files:
pkgsrc/www/firefox: Makefile-firefox.common PLIST
pkgsrc/www/firefox-gtk1: PLIST
Log Message:
change extensions list as same as Linux official build.
bump PKGREVISION.
fix PR pkg/29595
---
Module Name: pkgsrc
Committed By: wiz
Date: Fri Apr 15 12:42:27 UTC 2005
Modified Files:
pkgsrc/www/firefox: PLIST
Log Message:
Add two @exec ${MKDIR} lines for empty directories which have @dirrm
lines, to fix binary packages.
---
Module Name: pkgsrc
Committed By: wiz
Date: Fri Apr 15 12:44:30 UTC 2005
Modified Files:
pkgsrc/www/firefox-gtk1: PLIST
Log Message:
Add an @exec ${MKDIR} line for an empty directory which has a @dirrm
line, to fix binary packages.
---
Module Name: pkgsrc
Committed By: taya
Date: Sun Apr 24 14:00:12 UTC 2005
Modified Files:
pkgsrc/www/firefox: Makefile-firefox.common
Log Message:
concatinate extensions with separator ',' and set to MOZILLA_EXTENSIONS,
instead of using ':ts' modifier.
becase make of NetBSD-1.6.x doesn't have it.
suggested by Jeremy C. Reed.
---
Module Name: pkgsrc
Committed By: reed
Date: Mon Apr 25 19:26:10 UTC 2005
Modified Files:
pkgsrc/www/firefox: Makefile-firefox.common
Log Message:
Make sure build is without gssapi support. (Okayed by maintainer,
taya ... well really he said "I don't object your idea.")
This fixes a build bug when heimdal is detected but not buildlinked.
It is a known mozilla bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=245467
I didn't put this in the mozilla/Makefile.common, because didn't test
that yet.
This issue probably only happens when using /usr as the LOCALBASE,
which is not really supported and maybe I am the only one to hit this
with pkgsrc.
Maybe later someone can consider adding a build option for GSSAPI,
but I don't know anything about it in regards to a web browser myself.
---
Module Name: pkgsrc
Committed By: taya
Date: Sat May 14 15:27:10 UTC 2005
Modified Files:
pkgsrc/www/firefox: Makefile Makefile-firefox.common PLIST
buildlink3.mk distinfo
pkgsrc/www/firefox-gtk1: buildlink3.mk
Log Message:
Update firefox & firefox-gtk1 to 1.0.4.
This is a security fix release.
Fixed vulnerabilities are follows:
MFSA 2005-44 Privilege escalation via non-DOM property overrides
MFSA 2005-43 "Wrapped" javascript: urls bypass security checks
MFSA 2005-42 Code execution via javascript: IconURL
|
|
|
|
security update for firefox-gtk2-bin
Updated by a patch.
Module Name: pkgsrc
Committed By: tron
Date: Thu May 12 15:06:58 UTC 2005
Modified Files:
pkgsrc/www/firefox-bin: Makefile distinfo
Log Message:
Update "firefox-bin" package to version 1.0.4. The following security
issuses were fixed in this release:
MFSA 2005-44 Privilege escalation via non-DOM property overrides
MFSA 2005-43 "Wrapped" javascript: urls bypass security checks
MFSA 2005-42 Code execution via javascript: IconURL
|
|
|
|
security update for horde
Revisions pulled up:
- pkgsrc/www/horde/Makefile 1.34
- pkgsrc/www/horde/distinfo 1.12
Module Name: pkgsrc
Committed By: adrianp
Date: Sat May 14 13:33:15 UTC 2005
Modified Files:
pkgsrc/www/horde: Makefile distinfo
Log Message:
- Update horde to 2.2.8
Changes in this release:
* Fixed two XSS vulnerabilities.
* Updated German and Traditional Chinese translations.
|
|
|
|
security fix for leafnode
Revisions pulled up:
- pkgsrc/news/leafnode/Makefile 1.24
- pkgsrc/news/leafnode/distinfo 1.14
- pkgsrc/news/leafnode/patches/patch-aa 1.6
Module Name: pkgsrc
Committed By: kim
Date: Fri May 13 15:08:04 UTC 2005
Modified Files:
pkgsrc/news/leafnode: Makefile distinfo
pkgsrc/news/leafnode/patches: patch-aa
Log Message:
Upgrade to 1.11.2:
* Fix segfault when timeout or connection reset encountered while
article header is read.
* fetchnews will no longer re-fetch the active file for a server if it
has been completely received even if fetching articles from this server
encounters a problem. Long-standing bug. Debian bug #70052.
* fetchnews will now properly mark the active for complete re-fetch if
it says so. Previously, it forgot the mark in some circumstances. A
problem fetching the active file or descriptions for a newly added
server will now mark the active for re-fetch even if articles have
successfully been retrieved from the same server.
* Fix use-after-free segfault when server dies while body is being
received.
* Support quoted strings on the right hand side of configuration lines.
* Support IPv6 in fetchnews as well.
* In LIST ACTIVE/GROUP, keep group interesting in spite of being
pseudo (which includes empty) as long as it is interesting. Avoids
unsubscription of low-traffic groups that fall empty.
|
|
security fix for maradns
Revisions pulled up:
- pkgsrc/net/maradns/DESCR 1.2
- pkgsrc/net/maradns/Makefile 1.14
- pkgsrc/net/maradns/PLIST 1.4
- pkgsrc/net/maradns/distinfo 1.6
- pkgsrc/net/maradns/patches/patch-aa 1.3
- pkgsrc/net/maradns/patches/patch-ae 1.1
- pkgsrc/net/maradns/patches/patch-af 1.1
- pkgsrc/net/maradns/patches/patch-ag 1.1
- pkgsrc/net/maradns/patches/patch-ah 1.1
- pkgsrc/net/maradns/patches/patch-ai 1.1
- pkgsrc/net/maradns/patches/patch-aj 1.1
Module Name: pkgsrc
Committed By: salo
Date: Fri May 13 13:25:55 UTC 2005
Modified Files:
pkgsrc/net/maradns: DESCR Makefile PLIST distinfo
pkgsrc/net/maradns/patches: patch-aa
Added Files:
pkgsrc/net/maradns/patches: patch-ae patch-af patch-ag patch-ah
patch-ai patch-aj
Log Message:
Update to version 1.0.28
Too many changes to list, see CHANGELOG within the source tarball.
This update was prompted by an issue with random number generator,
see the following url for details:
http://www.maradns.org/download/patches/maradns-1.0.26-rekey_rng
|
|
security fix for libexif
Revisions pulled up:
- pkgsrc/graphics/libexif/Makefile 1.24, 1.25
- pkgsrc/graphics/libexif/PLIST 1.12
- pkgsrc/graphics/libexif/distinfo 1.13, 1.14, 1.15
- pkgsrc/graphics/libexif/buildlink3.mk 1.7
- pkgsrc/graphics/libexif/patches/patch-aa 1.3
- pkgsrc/graphics/libexif/patches/patch-ab 1.3
- pkgsrc/graphics/libexif/patches/patch-ac 1.1
Module Name: pkgsrc
Committed By: adam
Date: Wed Apr 20 12:40:41 UTC 2005
Modified Files:
pkgsrc/graphics/libexif: Makefile PLIST distinfo
Removed Files:
pkgsrc/graphics/libexif/patches: patch-aa patch-ab
Log Message:
Changes 0.6.12:
* Final fix of Ubuntu Security Notice USN-91-1 (CAN-2005-0664)
https://bugzilla.ubuntulinux.org/show_bug.cgi?id=7152
* Updated build system with cross compile capabilities
* Small fixes:
Fix tag order, use even offsets, improve Nikon&Olympus mnote tags.
----
Module Name: pkgsrc
Committed By: minskim
Date: Mon May 9 13:21:16 UTC 2005
Modified Files:
pkgsrc/graphics/libexif: distinfo
Added Files:
pkgsrc/graphics/libexif/patches: patch-aa patch-ab
Log Message:
Declare a static function in .c, not in .h.
----
Module Name: pkgsrc
Committed By: salo
Date: Fri May 13 11:58:00 UTC 2005
Modified Files:
pkgsrc/graphics/libexif: Makefile buildlink3.mk distinfo
Added Files:
pkgsrc/graphics/libexif/patches: patch-ac
Log Message:
Security fix:
"Matthias Clasen has reported a vulnerability in libexif, which can be
exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an infinite recursion in the
"exif_data_load_data_content()" function and can be exploited to
cause a stack overflow when parsing a specially crafted image.
Successful exploitation may crash an application linked against the
vulnerable library."
Bump PKGREVISION. Patch from:
http://sourceforge.net/tracker/index.php?func=detail&aid=1196787&group_id=12272&atid=112272
|
|
|
|
security fix for squid
Revisions pulled up:
- pkgsrc/www/squid/Makefile 1.150
- pkgsrc/www/squid/distinfo 1.97
Module Name: pkgsrc
Committed By: taca
Date: Thu May 12 16:09:48 UTC 2005
Modified Files:
pkgsrc/www/squid: Makefile distinfo
Log Message:
Update squid package to 2.5.9nb11.
Apply 9 official fixes including security improvement in DNS lookup.
I still disable transparent_port.patch because it needs a missing header
file of IP Filter. NetBSD current and 3.0_BETA already fixed this problem
but still netbsd-2/2-0 branches. I will apply it after netbsd-2/2-0
branches fix this problem. (And this fix needs to update squid package
to 2.5.STABLE10 which is RC3 now.)
* 2005-05-10 23:11 (Cosmetic)
Extended documentation of the always_direct directive
* 2005-05-10 22:33 (Medium)
assertion failed: store_client.c:343:
"storeSwapOutObjectBytesOnDisk(mem) > sc->copy_offset"
* 2005-05-11 19:19 (Security issue)
DNS lookups unreliable on untrusted networks
* 2005-05-09 01:51 (Minor)
Allow dstdomain and dstdom_regex to match IP based hosts
* 2005-05-08 14:01 (Cosmetic)
Minor arp ACL improvements
* 2005-05-04 18:09 (Minor)
SNMP Agent updates to support SNMP Version 2 and bulk requests
* 2005-05-01 10:58 (Cosmetic) Cosmetic change to DISKD statistics
* 2005-04-30 12:58 (Medium)
Poor hot object cache hit ratio and sporadic assertion
failed: store_swapin.c: e->mem_status == NOT_IN_MEMORY
* 2005-04-25 16:36 (Cosmetic)
Minor aufs improvements
|
|
|
|
security update for mit-krb5
Revisions pulled up:
- pkgsrc/security/mit-krb5/Makefile 1.17-1.18, 1.20
- pkgsrc/security/mit-krb5/PLIST 1.6-1.8
- pkgsrc/security/mit-krb5/buildlink3.mk 1.4
- pkgsrc/security/mit-krb5/distinfo 1.9-1.10
- pkgsrc/security/mit-krb5/files/kadmind.sh 1.2
- pkgsrc/security/mit-krb5/files/kdc.sh 1.2
- pkgsrc/security/mit-krb5/patches/patch-aa 1.2
- pkgsrc/security/mit-krb5/patches/patch-ab 1.2
- pkgsrc/security/mit-krb5/patches/patch-ac 1.2
- pkgsrc/security/mit-krb5/patches/patch-ad 1.2
- pkgsrc/security/mit-krb5/patches/patch-ae 1.2
- pkgsrc/security/mit-krb5/patches/patch-af 1.3
- pkgsrc/security/mit-krb5/patches/patch-ag 1.3
- pkgsrc/security/mit-krb5/patches/patch-ai removed
- pkgsrc/security/mit-krb5/patches/patch-aj 1.2
- pkgsrc/security/mit-krb5/patches/patch-ak 1.1
- pkgsrc/security/mit-krb5/patches/patch-al 1.1
Module Name: pkgsrc
Committed By: jlam
Date: Sun Apr 10 07:15:25 UTC 2005
Modified Files:
pkgsrc/security/mit-krb5: Makefile PLIST distinfo
pkgsrc/security/mit-krb5/files: kadmind.sh kdc.sh
pkgsrc/security/mit-krb5/patches: patch-aa patch-ab patch-ac patch-ad
patch-ae patch-af patch-ag patch-aj
Added Files:
pkgsrc/security/mit-krb5/patches: patch-ak
Removed Files:
pkgsrc/security/mit-krb5/patches: patch-ai
Log Message:
Updated security/mit-krb5 to krb5-1.4.
Changes from version 1.3.6 include:
* Merged Athena telnetd changes for creating a new option for requiring
encryption.
* Add implementation of the RPCSEC_GSS authentication flavor to the RPC
library.
* The kadmind4 backwards-compatibility admin server and the v5passwdd
backwards-compatibility password-changing server have been removed.
* Thread safety for krb5 libraries.
* Yarrow code now uses AES.
* Merged Athena changes to allow ftpd to require encrypted passwords.
* Incorporate gss_krb5_set_allowable_enctypes() and
gss_krb5_export_lucid_sec_context(), which are needed for NFSv4.
* Fix heap buffer overflow in password history mechanism.
[MITKRB5-SA-2004-004]
---
Module Name: pkgsrc
Committed By: jlam
Date: Sun Apr 10 07:45:31 UTC 2005
Modified Files:
pkgsrc/security/mit-krb5: PLIST
Log Message:
Remove the examples directory on deinstallation.
---
Module Name: pkgsrc
Committed By: jlam
Date: Sun Apr 10 07:46:51 UTC 2005
Modified Files:
pkgsrc/security/mit-krb5: Makefile distinfo
Added Files:
pkgsrc/security/mit-krb5/patches: patch-al
Log Message:
Patch from http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt
which fixes MITKRB5-SA-2005-001 (CAN-2005-0468 & CAN-2005-0469) relating
to buffer overflows in the telnet client. Bump PKGREVISION to 1.
---
Module Name: pkgsrc
Committed By: jlam
Date: Mon Apr 11 22:44:54 UTC 2005
Modified Files:
pkgsrc/security/mit-krb5: PLIST
Log Message:
The FTP daemon is always named "kftpd" regardless of whether prefix-cmds
is a PKG_OPTION.
---
Module Name: pkgsrc
Committed By: jlam
Date: Thu Apr 14 23:07:55 UTC 2005
Modified Files:
pkgsrc/security/mit-krb5: Makefile
Log Message:
Remove unused section... MIT krb5 apparently now detects NetBSD's utmpx
implementation correctly on NetBSD>=2.0.
---
Module Name: pkgsrc
Committed By: salo
Date: Sat Apr 16 14:32:53 UTC 2005
Modified Files:
pkgsrc/security/mit-krb5: buildlink3.mk
Log Message:
Bump BUILDLINK_RECOMMENDED for latest security fix. (hi jlam!)
|
|
|
|
remove dead mirrors from bsd.sites.mk
Revisions pulled up:
- pkgsrc/mk/bsd.sites.mk 1.36, 1.37
Module Name: pkgsrc
Committed By: tv
Date: Wed May 11 15:51:10 UTC 2005
Modified Files:
pkgsrc/mk: bsd.sites.mk
Log Message:
Remove belnet.dl.sourceforge.net; it may as well be completely dead.
----
Module Name: pkgsrc
Committed By: tv
Date: Wed May 11 15:52:14 UTC 2005
Modified Files:
pkgsrc/mk: bsd.sites.mk
Log Message:
Ditto citkit.dl.sourceforge.net.
|
|
security fix for tiff
Revisions pulled up:
- pkgsrc/graphics/tiff/Makefile 1.67, 1.69
- pkgsrc/graphics/tiff/PLIST 1.7
- pkgsrc/graphics/tiff/distinfo 1.26, 1.27, 1.28, 1.29
- pkgsrc/graphics/tiff/options.mk 1.1
- pkgsrc/graphics/tiff/buildlink3.mk 1.12
- pkgsrc/graphics/tiff/patches/patch-aa 1.16
- pkgsrc/graphics/tiff/patches/patch-ab 1.16
- pkgsrc/graphics/tiff/patches/patch-ac 1.16
- pkgsrc/graphics/tiff/patches/patch-ad 1.14
- pkgsrc/graphics/tiff/patches/patch-ae removed
- pkgsrc/graphics/tiff/patches/patch-af removed
- pkgsrc/graphics/tiff/patches/patch-ah removed
- pkgsrc/graphics/tiff/patches/patch-ag removed
Module Name: pkgsrc
Committed By: wiz
Date: Wed Mar 23 01:17:45 UTC 2005
Modified Files:
pkgsrc/graphics/tiff: Makefile PLIST distinfo
pkgsrc/graphics/tiff/patches: patch-aa
Added Files:
pkgsrc/graphics/tiff: options.mk
Removed Files:
pkgsrc/graphics/tiff/patches: patch-ab patch-ac patch-ad patch-ae
patch-af patch-ag patch-ah
Log Message:
Update to 3.7.2.
Package changes:
Put options in options.mk, and retire support for USE_GIF; turn on
the lzw option by default (since USE_GIF was on by default).
C++ library's name changed, to be in sync with tiff distribution's name
for it (libtiffcxx -> libtiffxx).
Changes in 3.7.2:
Maintainance [sic] release. Many bugfixes in the build
environment and compatibility improvements.
----
Module Name: pkgsrc
Committed By: recht
Date: Thu Mar 24 17:46:29 UTC 2005
Modified Files:
pkgsrc/graphics/tiff: distinfo
Added Files:
pkgsrc/graphics/tiff/patches: patch-ab
Log Message:
Pull in libtiff/Makefile.in rev. 1.54 and 1.55 without the rpath changes
from libtiff CVS to fix the build on Darwin.
----
Modified Files:
pkgsrc/graphics/tiff: distinfo
Added Files:
pkgsrc/graphics/tiff/patches: patch-ac
Log Message:
Fix for NetBSD LP64 arches by checking if _LP64 is defined. These arches
don't define __LP64__. This is basically same as patch-ab rev. 1.13,
which was probably removed by mistake.
----
Module Name: pkgsrc
Committed By: salo
Date: Thu May 12 12:53:21 UTC 2005
Modified Files:
pkgsrc/graphics/tiff: Makefile buildlink3.mk distinfo
Added Files:
pkgsrc/graphics/tiff/patches: patch-ad
Log Message:
Security fix:
"A vulnerability in libTIFF was found, it can be potentially exploited by
malicious people to compromise a vulnerable system."
http://secunia.com/advisories/15320/
http://bugzilla.remotesensing.org/show_bug.cgi?id=3D843
Bump PKGREVISION, patch from libtiff cvs repository.
|
|
security fix for gaim
Revisions pulled up:
- pkgsrc/chat/gaim/Makefile 1.85
- pkgsrc/chat/gaim/PLIST 1.39
- pkgsrc/chat/gaim/buildlink3.mk 1.5
- pkgsrc/chat/gaim/distinfo 1.64
Module Name: pkgsrc
Committed By: salo
Date: Thu May 12 10:32:18 UTC 2005
Modified Files:
pkgsrc/chat/gaim: Makefile PLIST buildlink3.mk distinfo
Log Message:
Update to version 1.3.0
Changes:
- Fixes for two remotely exploitable crash bugs. See
http://gaim.sourceforge.net/security/ for more information.
- Removed parts of the font selection dialog that were not respected
- Fix being invited to a multi user chat on MSN
- Multiple SILC accounts should work now (Pekka Riikonen)
- Fix times on jabber chat backlogs
- Fix gevolution plugin to compile with e-d-s 1.0 or 1.2
- Fix gevolution plugin to remember buddy name when someone added you
and you then add them
- Formatting in jabber chats works
- Fix to prevent MSN disconnecting if you change status while
- connecting
- Change to correctly handle adding jabber buddies on ejabberd servers
Mostly from MAINTAINER via PR pkg/30204
|
|
security fix for lsh
Revisions pulled up:
- pkgsrc/security/lsh/Makefile 1.8
- pkgsrc/security/lsh/distinfo 1.4
- pkgsrc/security/lsh/patches/patch-ac 1.1
Module Name: pkgsrc
Committed By: drochner
Date: Sat Apr 30 12:23:42 UTC 2005
Modified Files:
pkgsrc/security/lsh: Makefile PLIST distinfo
Added Files:
pkgsrc/security/lsh/patches: patch-ac
pkgsrc/security/lsh2: DESCR Makefile PLIST distinfo
pkgsrc/security/lsh2/patches: patch-aa patch-ab
Log Message:
Move the freshly update lsh-2.0.1 into a separate pkg and leave
security/lsh at 1.4.3.
lsh-2.0.1 has interoperability problems with openssh servers
(always gets "Invalid server signature" errors).
lsh-1.4.3 is not affected by CAN-2003-0826. Add a patch to address
CAN-2005-0814 and bump PKGREVISION.
|
|
security update for ImageMagick
Revisions pulled up:
- pkgsrc/graphics/ImageMagick/Makefile.common 1.35, 1.36, 1.37, 1.38, 1.39
- pkgsrc/graphics/ImageMagick/PLIST 1.32, 1.33, 1.34, 1.35, 1.36
- pkgsrc/graphics/ImageMagick/distinfo 1.44, 1.45, 1.46, 1.47, 1.48
- pkgsrc/graphics/ImageMagick/patches/patch-aa 1.29
- pkgsrc/graphics/ImageMagick/buildlink3.mk 1.8
Module Name: pkgsrc
Committed By: adam
Date: Tue Mar 22 15:10:39 UTC 2005
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile.common PLIST distinfo
Log Message:
Changes 6.2.0-8:
* Bug fixes
----
Module Name: pkgsrc
Committed By: adam
Date: Tue Mar 29 14:31:52 UTC 2005
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile.common PLIST distinfo
pkgsrc/graphics/ImageMagick/patches: patch-aa
Log Message:
Changes 6.2.1-0:
* Bug fixes, clean ups, and improvements
----
Module Name: pkgsrc
Committed By: adam
Date: Wed Apr 13 08:10:18 UTC 2005
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile.common PLIST distinfo
Log Message:
Changes 6.2.1-3:
* Bug fixes
----
Module Name: pkgsrc
Committed By: adam
Date: Tue Apr 19 15:43:13 UTC 2005
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile.common PLIST distinfo
Log Message:
Changes 6.2.1.6:
* Bug fixes?
----
Module Name: pkgsrc
Committed By: adam
Date: Tue Apr 26 08:08:01 UTC 2005
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile.common PLIST distinfo
Log Message:
Changes 6.2.2.0:
* Bug-fixes
----
Module Name: pkgsrc
Committed By: salo
Date: Wed May 11 13:22:15 UTC 2005
Modified Files:
pkgsrc/graphics/ImageMagick: buildlink3.mk
Log Message:
Bump BUILDLINK_RECOMMENDED after latest update with security fixes.
|