| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
security update for libextractor
Revisions pulled up:
- pkgsrc/devel/libextractor/Makefile 1.7
- pkgsrc/devel/libextractor/PLIST 1.2
- pkgsrc/devel/libextractor/distinfo 1.5
- pkgsrc/devel/libextractor/buildlink3.mk 1.2
- pkgsrc/devel/libextractor/patches/patch-ac removed
- pkgsrc/devel/libextractor/patches/patch-ad removed
Module Name: pkgsrc
Committed By: tv
Date: Fri Jun 10 17:03:35 UTC 2005
Modified Files:
pkgsrc/devel/libextractor: Makefile PLIST distinfo
Removed Files:
pkgsrc/devel/libextractor/patches: patch-ac patch-ad
Log Message:
Update libextractor to 0.4.2.
Fixes (second half of) Secunia SA: http://secunia.com/advisories/15651/
(first half was fixed in 0.3.11nb1)
ChangeLog excerpts:
Thu Feb 24 00:32:44 EST 2005
Added extractor that extracts binary (!) thumbnails from
images using ImageMagick. Decoder function for the binary
string is in the thumbnailextractor.c source.
Sun Feb 20 16:36:17 EST 2005
Fixed similar problem in REAL extractor. Added support
for new Helix/Real format to REAL extractor.
Sun Feb 20 12:48:15 EST 2005
Fixed (rare) integer overflow bug in PNG extractor.
Fri Jan 21 15:23:43 PST 2005
Fixed security problem in PDF extractor.
Fri Dec 24 13:28:59 CET 2004
Added support for Unicode to the pdf extractor.
Thu Dec 23 18:14:10 CET 2004
Avoided exporting symbol OPEN (conflicts on OSX
with same symbol from GNUnet). Added conversion
to utf8 to various plugqins (see todo) and
added conversion from utf8 to current locale to
print keywords.
----
Module Name: pkgsrc
Committed By: salo
Date: Fri Jun 10 22:59:22 UTC 2005
Modified Files:
pkgsrc/devel/libextractor: buildlink3.mk
Log Message:
Set BUILDLINK_RECOMMENDED after recent security fixes. (hi tv!)
|
|
|
|
security update for leafnode
Revisions pulled up:
- pkgsrc/news/leafnode/Makefile 1.26
- pkgsrc/news/leafnode/distinfo 1.15
Module Name: pkgsrc
Committed By: salo
Date: Thu Jun 9 18:21:23 UTC 2005
Modified Files:
pkgsrc/news/leafnode: Makefile distinfo
Log Message:
Update to version 1.11.3
Changes:
### SECURITY BUGFIXES
- Fetchnews did not detect timeouts while it was downloading an article
header, which malicious upstream servers could exploit to mount
a denial of service attack against the fetchnews client. See
leafnode-SA-2005-02.txt. CVE Name: CAN-2005-1911
### BUGFIXES
- Bugfix sed expression in makesubst script. (Reported by Jeff Zacharias.)
### CHANGES
- texpire now tags the message.id expired count with "message.id" rather
than "total:" to avoid misleading the user who assumes that "total:"
would have to be the sum of the group counts. See also the FAQ change
below. SourceForge bug #1215453.
- When debugmode and verbose mode are set, leafnode programs now print a
warning to stdout that the user should check syslog.conf and the
syslog output rather than the screen print for debugging and sleeps for
three seconds.
### DOCUMENTATION
- Add FAQ entry to explain discrepancies between texpire group counts
and message.id expired articles counts.
- Add FAQ entry to explain influence of Gnus' gnus-read-active-file
setting on lost subscriptions, and extend stop fetchnews from
unsubscribing FAQ. Debian bug #307685.
- Drop FAQ entry on license issues as some parts of leafnode are in fact
GPLd.
- Drop FAQ entry on why old articles aren't posted, obsolete since
1.9.33.
- INSTALL and INSTALL_de have been polished.
- Add a hint that syslog.conf must be edited to config.example.
- leafnode(8) mentions that LIST ACTIVE keeps an existing subscription
fresh.
|
|
security fix for tcpdump
Revisions pulled up:
- pkgsrc/net/tcpdump/Makefile 1.16
- pkgsrc/net/tcpdump/distinfo 1.9
- pkgsrc/net/tcpdump/patches/patch-ac 1.2
Module Name: pkgsrc
Committed By: salo
Date: Sun Jun 12 15:38:32 UTC 2005
Modified Files:
pkgsrc/net/tcpdump: Makefile distinfo
pkgsrc/net/tcpdump/patches: patch-ac
Log Message:
Security fix for DoS in BGP packets' processing.
Patch from tcpdump cvs.
|
|
|
|
security update for gaim
Revisions pulled up:
- pkgsrc/chat/gaim/Makefile 1.88, 1.89
- pkgsrc/chat/gaim/distinfo 1.65
- pkgsrc/chat/gaim/PLIST 1.40
Module Name: pkgsrc
Committed By: salo
Date: Fri Jun 10 12:57:56 UTC 2005
Modified Files:
pkgsrc/chat/gaim: Makefile distinfo
Log Message:
Update to version 1.3.1
Changes:
- security fixes for DoS issues:
http://gaim.sourceforge.net/security/index.php?id=3D18
http://gaim.sourceforge.net/security/index.php?id=3D19
- Fix Yahoo! privacy bug
- Fix Jabber Get Info crash on busted servers
- The file transfer details section now also displays the full
path to the local file sent/received.
- Yahoo! has the following new "/" commands: /join, /buzz
- Updated our gaim.desktop file, thanks to all our terrific
- translators for sending in translations of the changes
- Improvements to how Gaim handles new message notification
----
Module Name: pkgsrc
Committed By: salo
Date: Fri Jun 10 22:49:47 UTC 2005
Modified Files:
pkgsrc/chat/gaim: Makefile PLIST
Log Message:
Add missing file.
From MAINTAINER, Matthew Luckie via PR pkg/30494
|
|
|
|
security fix for gzip-base
Revisions pulled up:
- pkgsrc/archivers/gzip-base/Makefile 1.19
- pkgsrc/archivers/gzip-base/distinfo 1.6
- pkgsrc/archivers/gzip-base/patches/patch-ab 1.2
Module Name: pkgsrc
Committed By: adrianp
Date: Thu Jun 9 20:23:26 UTC 2005
Modified Files:
pkgsrc/archivers/gzip-base: Makefile distinfo
pkgsrc/archivers/gzip-base/patches: patch-ab
Log Message:
- Patches to address CAN-2005-1228 and CAN-2005-0988 based on FreeBSD SA
and Gentoo/Debian patches.
|
|
|
|
security fix for a2ps
Revisions pulled up:
- pkgsrc/print/a2ps/Makefile 1.54
- pkgsrc/print/a2ps/distinfo 1.9
- pkgsrc/print/a2ps/patches/patch-ad 1.4
- pkgsrc/print/a2ps/patches/patch-ae 1.4
Module Name: pkgsrc
Committed By: salo
Date: Thu Jun 9 14:53:49 UTC 2005
Modified Files:
pkgsrc/print/a2ps: Makefile distinfo
Added Files:
pkgsrc/print/a2ps/patches: patch-ad patch-ae
Log Message:
Security fix for CAN-2004-1377:
"The fixps and psmandup scripts in a2ps allow local users to overwrite
arbitrary files via a symlink attack on temporary files."
Patches from Gentoo with few minor issues corrected.
|
|
|
|
security fix for samba2
Revisions pulled up:
- pkgsrc/net/samba2/Makefile 1.23
- pkgsrc/net/samba2/Makefile.common 1.7
- pkgsrc/net/samba2/distinfo 1.4, 1.5
- pkgsrc/net/samba2/patches/patch-ap 1.2
Module Name: pkgsrc
Committed By: wiz
Date: Wed May 25 13:15:40 UTC 2005
Modified Files:
pkgsrc/net/samba2: distinfo
Log Message:
Add RMD160 checksum.
----
Module Name: pkgsrc
Committed By: salo
Date: Mon Jun 6 13:25:12 UTC 2005
Modified Files:
pkgsrc/net/samba2: Makefile Makefile.common distinfo
pkgsrc/net/samba2/patches: patch-ap
Log Message:
Security fixes for CAN-2004-0882, CAN-2004-0930 and CAN-2004-1154.
Patches adapted from SuSE.
Functionality not tested beyond simple smbclient operations.
This package is marked for removal before next stable branch is cut.
|
|
|
|
gcdmaster update
Revisions pulled up:
- pkgsrc/sysutils/gcdmaster/Makefile 1.23
- pkgsrc/sysutils/gcdmaster/distinfo 1.5
- pkgsrc/sysutils/gcdmaster/patches/patch-ae 1.4
Module Name: pkgsrc
Committed By: adrianp
Date: Sat Jun 4 16:43:37 UTC 2005
Modified Files:
pkgsrc/sysutils/gcdmaster: Makefile distinfo
pkgsrc/sysutils/gcdmaster/patches: patch-ae
Log Message:
- Update gcdmaster to 1.2.0nb1 (sync with cdrdao)
- Add missing dependences on "libao", "libmad" and "libvorbis" for full
audio support.
- From the ChangeLog:
>> ----------------------------------------------------------------------
>> cdrdao 1.2.0 (2005-05-12)
>> ----------------------------------------------------------------------
>>
>> o SECURITY FIX: cdrdao now gives up its root privileges after setting
>> up real-time scheduling, as well as before saving settings through
>> the --save option. This fixes a potential local root exploit when
>> cdrdao is installed with the +s chmod flag. Using --save now also
>> forces an early exit after the settings are saved.
>>
>> o Added MP3 and Ogg Vorbis file support (through respectively the
>> libmad and libvorbis libraries). cdrdao will decode the MP3 and
>> Ogg files into temporary WAV files that will be deleted upon exit
>> (unless the new option --keep is used). The directory used to
>> store those temporary WAV files can be specified with the --tmpdir
>> option (default is /tmp).
>>
>> o Improved native CUE file support: replaced old incomplete existing
>> parser with the one from Matthias Czapla's excellent
>> cue2toc. Added support for cutting binary files.
>>
>> o Added --rspeed option to manually set the device reading speed. Be
>> warned not all devices support this.
>>
>> o Packaged scsilib library upgraded from cdrtools 2.01 (previously
>> was from 2.01a31).
>>
>> o Added --no-mode2-mixed option. Don't read a MODE2 disk as
>> MODE2_FORM_MIXED, only read MODE2_FORM1 or MODE2_FORM2 (Matthieu
>> Castet).
>>
>> o Added help for little-known drive-info command.
>>
>> GCDMaster changes:
>>
>> o MP3 and Ogg Vorbis support: you can drag and drop .mp3, .m3u and
>> .ogg files from Nautilus into the sample display window.
>>
>> o Switched to gtkmm24 API. Improved file browsers.
>>
>> o CUE files support.
>>
>> o Sound output now uses libao library.
>>
>> o Added help for little-known drive-info command.
>>
>> GCDMaster changes:
>>
>> o MP3 and Ogg Vorbis support: you can drag and drop .mp3, .m3u and
>> .ogg files from Nautilus into the sample display window.
>>
>> o Switched to gtkmm24 API. Improved file browsers.
>>
>> o CUE files support.
>>
>> o Sound output now uses libao library.
>>
>> o Added 'Select All' item in menu.
>>
>> o Added 'Eject' button to progress dialog
>>
>> o Bug fixes (sample selection weirdness, couldn't close window
>> during play, problems with gcdmaster command-line argument,
>> crashes with multiple project windows, drive status not reported
>> correctly).
|
|
|
|
portability fix for libpcap
Revisions pulled up:
- pkgsrc/net/libpcap/distinfo 1.7
- pkgsrc/net/libpcap/patches/patch-aa 1.1
Module Name: pkgsrc
Committed By: yyamano
Date: Mon May 30 16:46:21 UTC 2005
Modified Files:
pkgsrc/net/libpcap: distinfo
Added Files:
pkgsrc/net/libpcap/patches: patch-aa
Log Message:
Make this build on Darwin 8.1.0.
|
|
|
|
security update for poppassd
Revisions pulled up:
- pkgsrc/mail/poppassd/Makefile 1.15-1.16
- pkgsrc/mail/poppassd/MESSAGE 1.3
- pkgsrc/mail/poppassd/distinfo 1.11
Module Name: pkgsrc
Committed By: taca
Date: Sat May 28 02:57:22 UTC 2005
Modified Files:
pkgsrc/mail/poppassd: Makefile
Log Message:
- Share MASTER_SITES and HOMEPAGE with qpopper package using
QPOPPER_MASTER_SITES and QPOPPER_HOMEPAGE defined in
../qpopper/Makefile.common.
No functional change.
---
Module Name: pkgsrc
Committed By: adrianp
Date: Wed Jun 1 21:00:39 UTC 2005
Modified Files:
pkgsrc/mail/poppassd: MESSAGE Makefile distinfo
Log Message:
- Update poppassd to 4.0.8
- Thanks to taca@ and gavan@ for feedback and patch review
- This also enables experimental PAM support (on platforms that support it)
- Security fixes included
- From the ChangeLog:
Changes from 4.0.7 to 4.0.8:
> ---------------------------
> 1. Fix compilation error on HPUX.
> 2. Fix some compilation warnings.
> 3. Update man page with '-x' option.
> 4. Fix problems with 'make install'
>
>
> Changes from 4.0.6 to 4.0.7:
> ---------------------------
> 1. Fix '-V' for standalone.
> 2. Include 'man' directory in tarball.
>
>
> Changes from 4.0.5 to 4.0.6:
> ----------------------------
> 1. Minor fixes for true64.
> 2. Patch from Uli Zappe to fix SCRAM compilation bugs.
> 3. Minor fixes for true64.
> 4. poppassd now runs smbpasswd as user, not root, to avoid exploit
> 5. Remove -traditional-cpp from the compiler options for Darwin
> builds (otherwise build fails)
> 6. Open stdout and stderr as O_WRONLY instead of O_RDONLY so that
> should anything actually be written to them it will show up
> 7. When configured as --with-pam and required,
> include <pam/pam_appl.h> instead of <security/pam_appl.h>
> (otherwise build fails)
> 8. strdup the pw.pw_name field from getpwnam so that it's still
> valid by the time genpath is called; also added corresponding
> free (without this fix when the bug manifests, clients are
> erroneously told there are 0 messages in the mail drop
> regardless of the actual number)
> 9. Add a pam bug workaround at the beginning of main to do a
> pam_start and pam_end immediately when the program starts up
> in order to avoid bogus authentication failed messages from
> pam_authenticate later (only when configured as --with-pam)
> [ Thanks to Kyle McKay for changes 5-9 ]
> 10. Fixed error in configure script for Mac OS / Darwin.
> 11. Support chained certs for OpenSSL [from Daniel Senie].
> 12. Fixes to compile better on Linux [from Daniel Senie].
> 13. X-UIDL header no longer written when Update_status_hdrs is false
> [thanks to Helge Oldach]
> 14. Now calling SSL_shutdown() again if it fails the first time.
> 15. Now logging TLS errors when compiled with debugging and debug is
> enabled (instead of either) [thanks to Maks N. Polunin].
> 16. Config file now always closed (not just on error).
> 17. When using pam, Kerberos tickets are now destroyed.
> Otherwise dead tickets accumulate in cache directory which runs
> out of space quickly on busy server. Problem noted by Rodney
> McDuff ITS UQ. (Directory permissions on ticket cache dir need
> to be 1777).
> 18. Always log "Servicing request" (instead of just when debugging is
> on). This allows start of pop sessions to be logged always which
> is useful for diagnosis of problems.
> 19. Worked around problem on some systems causing SIGALRM to be masked,
> leaving hung pop processes which should have timed out waiting
> for a command from the client.
> [ Thanks to David Shrimpton for changes 16-19 ]
> 20. Now defaulting to "EXPIRE NEVER" instead of "EXPIRE 0".
> 21. Fix core dump on 64-bit Solaris 2.8 [thanks to Kenny Nguyen]
> 22. Log facility set on command line now applies to daemon as well.
> [Thanks to Helge Oldach]
> 23. '-y' to set log facility on command line now works again.
> 24. Allow '-V' as synonym for '-v' (to see version).
> 25. Process user and spool config files as user, not as root (fix
> security hole reported by Jens Steube)
> 26. Added "xtnd_xmit" as a boolean option to permit/deny XTND XMIT
> and 'x' as a command-line option to disable it. You should
> disable it unless you really need it, and even then it is better
> to move to SMTP AUTH.
> 27. popauth now opens trace file as user, not root (fix security
> hole reported by Jens Steube); also umask now set.
> 28. Fix race crash on FreeBSD (thanks to Martin Haller).
> 29. Resolve some compiler warnings.
> 30. Fix check for libcrypt on FreeBSD.
> 31. Added sample pam configuration file (also installed by 'make
> install')
> 32. Use generic error msg and sleep in more auth failure cases.
> 33. Added code to use mkstemp() instead of our perfectly safe usage
> of tempnam() because some compilers issue overly broad warnings
> implying that all uses of tempnam() are unsafe. To bypass,
> use '--enable-tempnam' with ./configure.
|
|
security update for qpopper
Revisions pulled up:
- pkgsrc/mail/qpopper/Makefile 1.49-1.50
- pkgsrc/mail/qpopper/Makefile.common 1.14-1.15
- pkgsrc/mail/qpopper/PLIST 1.4
- pkgsrc/mail/qpopper/distinfo 1.12
- pkgsrc/mail/qpopper/options.mk patched by hand (parts of 1.5-1.6)
- pkgsrc/mail/qpopper/patches/patch-am 1.4
- pkgsrc/mail/qpopper/patches/patch-ao removed
- pkgsrc/mail/qpopper/patches/patch-ap 1.3
Module Name: pkgsrc
Committed By: taca
Date: Sat May 28 02:55:43 UTC 2005
Modified Files:
pkgsrc/mail/qpopper: Makefile Makefile.common PLIST
Log Message:
- Sort PLIST.
- Share MASTER_SITES and HOMEPAGE with poppassd package with introducing
QPOPPER_MASTER_SITES and QPOPPER_HOMEPAGE in Makefile.common.
No functional change.
---
Module Name: pkgsrc
Committed By: adrianp
Date: Wed Jun 1 20:55:16 UTC 2005
Modified Files:
pkgsrc/mail/qpopper: Makefile Makefile.common distinfo options.mk
pkgsrc/mail/qpopper/patches: patch-am patch-ap
Removed Files:
pkgsrc/mail/qpopper/patches: patch-ao
Log Message:
- Update qpopper to 4.0.8
- Thanks to taca@ and gavan@ for feedback and patch review
- This also enables experimental PAM support (on platforms that support it)
- Security fixes included
- From the ChangeLog:
> Changes from 4.0.7 to 4.0.8:
> ---------------------------
> 1. Fix compilation error on HPUX.
> 2. Fix some compilation warnings.
> 3. Update man page with '-x' option.
> 4. Fix problems with 'make install'
>
>
> Changes from 4.0.6 to 4.0.7:
> ---------------------------
> 1. Fix '-V' for standalone.
> 2. Include 'man' directory in tarball.
>
>
> Changes from 4.0.5 to 4.0.6:
> ----------------------------
> 1. Minor fixes for true64.
> 2. Patch from Uli Zappe to fix SCRAM compilation bugs.
> 3. Minor fixes for true64.
> 4. poppassd now runs smbpasswd as user, not root, to avoid exploit
> 5. Remove -traditional-cpp from the compiler options for Darwin
> builds (otherwise build fails)
> 6. Open stdout and stderr as O_WRONLY instead of O_RDONLY so that
> should anything actually be written to them it will show up
> 7. When configured as --with-pam and required,
> include <pam/pam_appl.h> instead of <security/pam_appl.h>
> (otherwise build fails)
> 8. strdup the pw.pw_name field from getpwnam so that it's still
> valid by the time genpath is called; also added corresponding
> free (without this fix when the bug manifests, clients are
> erroneously told there are 0 messages in the mail drop
> regardless of the actual number)
> 9. Add a pam bug workaround at the beginning of main to do a
> pam_start and pam_end immediately when the program starts up
> in order to avoid bogus authentication failed messages from
> pam_authenticate later (only when configured as --with-pam)
> [ Thanks to Kyle McKay for changes 5-9 ]
> 10. Fixed error in configure script for Mac OS / Darwin.
> 11. Support chained certs for OpenSSL [from Daniel Senie].
> 12. Fixes to compile better on Linux [from Daniel Senie].
> 13. X-UIDL header no longer written when Update_status_hdrs is false
> [thanks to Helge Oldach]
> 14. Now calling SSL_shutdown() again if it fails the first time.
> 15. Now logging TLS errors when compiled with debugging and debug is
> enabled (instead of either) [thanks to Maks N. Polunin].
> 16. Config file now always closed (not just on error).
> 17. When using pam, Kerberos tickets are now destroyed.
> Otherwise dead tickets accumulate in cache directory which runs
> out of space quickly on busy server. Problem noted by Rodney
> McDuff ITS UQ. (Directory permissions on ticket cache dir need
> to be 1777).
> 18. Always log "Servicing request" (instead of just when debugging is
> on). This allows start of pop sessions to be logged always which
> is useful for diagnosis of problems.
> 19. Worked around problem on some systems causing SIGALRM to be masked,
> leaving hung pop processes which should have timed out waiting
> for a command from the client.
> [ Thanks to David Shrimpton for changes 16-19 ]
> 20. Now defaulting to "EXPIRE NEVER" instead of "EXPIRE 0".
> 21. Fix core dump on 64-bit Solaris 2.8 [thanks to Kenny Nguyen]
> 22. Log facility set on command line now applies to daemon as well.
> [Thanks to Helge Oldach]
> 23. '-y' to set log facility on command line now works again.
> 24. Allow '-V' as synonym for '-v' (to see version).
> 25. Process user and spool config files as user, not as root (fix
> security hole reported by Jens Steube)
> 26. Added "xtnd_xmit" as a boolean option to permit/deny XTND XMIT
> and 'x' as a command-line option to disable it. You should
> disable it unless you really need it, and even then it is better
> to move to SMTP AUTH.
> 27. popauth now opens trace file as user, not root (fix security
> hole reported by Jens Steube); also umask now set.
> 28. Fix race crash on FreeBSD (thanks to Martin Haller).
> 29. Resolve some compiler warnings.
> 30. Fix check for libcrypt on FreeBSD.
> 31. Added sample pam configuration file (also installed by 'make
> install')
> 32. Use generic error msg and sleep in more auth failure cases.
> 33. Added code to use mkstemp() instead of our perfectly safe usage
> of tempnam() because some compilers issue overly broad warnings
> implying that all uses of tempnam() are unsafe. To bypass,
> use '--enable-tempnam' with ./configure.
---
Module Name: pkgsrc
Committed By: adrianp
Date: Wed Jun 1 21:09:02 UTC 2005
Modified Files:
pkgsrc/mail/qpopper: options.mk
Log Message:
- Add a note for PAM
|
|
|
|
dependencies updates for horde and imp
Revisions pulled up:
- pkgsrc/www/horde/Makefile 1.36-1.38
- pkgsrc/mail/imp/Makefile 1.31-1.32
Module Name: pkgsrc
Committed By: bouyer
Date: Thu Jun 2 09:03:27 UTC 2005
Modified Files:
pkgsrc/www/horde: Makefile
Log Message:
Add dependancy to pear-DB and pear-Mail, now that these
aren't included in php any more.
While here, change -* to -[0-9]* for the pear-Log dependancy.
---
Module Name: pkgsrc
Committed By: bouyer
Date: Thu Jun 2 09:13:44 UTC 2005
Modified Files:
pkgsrc/mail/imp: Makefile
pkgsrc/www/horde: Makefile
Log Message:
Move pear-Mail dependancy from www/horde to mail/imp
(horde itself doesn't need it).
---
Module Name: pkgsrc
Committed By: salo
Date: Thu Jun 2 23:26:41 UTC 2005
Modified Files:
pkgsrc/www/horde: Makefile
Log Message:
Bump PKGREVISION, DEPENDS changed. (hi bouyer!)
---
Module Name: pkgsrc
Committed By: salo
Date: Thu Jun 2 23:28:11 UTC 2005
Modified Files:
pkgsrc/mail/imp: Makefile
Log Message:
Bump PKGREVISION, DEPENDS changed. (hi bouyer!)
|
|
dependencies update for horde3 and imp4
Revisions pulled up:
- pkgsrc/www/horde3/Makefile 1.7, 1.9
- pkgsrc/mail/imp4/Makefile 1.6
Module Name: pkgsrc
Committed By: adrianp
Date: Wed May 18 20:25:02 UTC 2005
Modified Files:
pkgsrc/www/horde3: Makefile
Log Message:
- Add in an extra depends on pear-DB
---
Module Name: pkgsrc
Committed By: salo
Date: Thu Jun 2 23:07:30 UTC 2005
Modified Files:
pkgsrc/www/horde3: Makefile
Log Message:
Bump PKGREVISION, DEPENDS changed. (hi bouyer!)
---
Module Name: pkgsrc
Committed By: adrianp
Date: Wed May 18 20:27:13 UTC 2005
Modified Files:
pkgsrc/mail/imp4: Makefile
Log Message:
- Add in an extra depends on pear-Mail
---
Module Name: pkgsrc
Committed By: salo
Date: Thu Jun 2 23:10:28 UTC 2005
Modified Files:
pkgsrc/mail/imp4: Makefile
Log Message:
Bump PKGREVISION, DEPENDS changed. (hi bouyer!)
|
|
|
|
security fix for wine
Apply patch from Lubomir Sedlacik. "it fixes insecure tempfile creation
in /tmp, patches are from Wine bugzilla:
http://bugs.winehq.org/show_bug.cgi?id=2715"
|
|
security update for cdrdao
Revisions pulled up:
- pkgsrc/sysutils/cdrdao/Makefile 1.22, 1.23
- pkgsrc/sysutils/cdrdao/distinfo 1.12
Module Name: pkgsrc
Committed By: adrianp
Date: Fri May 27 08:39:26 UTC 2005
Modified Files:
pkgsrc/sysutils/cdrdao: Makefile distinfo
Log Message:
- Update cdrdao to 1.2.0
- NOTE: pkgsrc does _not_ install cdrdao suid root so the noted security fix
does not apply to us.
- From the ChangeLog:
> --------------------------------------------------------------------------
> cdrdao 1.2.0 (2005-05-12)
> --------------------------------------------------------------------------
>
> o SECURITY FIX: cdrdao now gives up its root privileges after setting
> up real-time scheduling, as well as before saving settings through
> the --save option. This fixes a potential local root exploit when
> cdrdao is installed with the +s chmod flag. Using --save now also
> forces an early exit after the settings are saved.
>
> o Added MP3 and Ogg Vorbis file support (through respectively the
> libmad and libvorbis libraries). cdrdao will decode the MP3 and
> Ogg files into temporary WAV files that will be deleted upon exit
> (unless the new option --keep is used). The directory used to
> store those temporary WAV files can be specified with the --tmpdir
> option (default is /tmp).
>
> o Improved native CUE file support: replaced old incomplete existing
> parser with the one from Matthias Czapla's excellent
> cue2toc. Added support for cutting binary files.
>
> o Added --rspeed option to manually set the device reading speed. Be
> warned not all devices support this.
>
> o Packaged scsilib library upgraded from cdrtools 2.01 (previously
> was from 2.01a31).
>
> o Added --no-mode2-mixed option. Don't read a MODE2 disk as
> MODE2_FORM_MIXED, only read MODE2_FORM1 or MODE2_FORM2 (Matthieu
> Castet).
>
> o Added help for little-known drive-info command.
>
> GCDMaster changes:
>
> o MP3 and Ogg Vorbis support: you can drag and drop .mp3, .m3u and
> .ogg files from Nautilus into the sample display window.
>
> o Switched to gtkmm24 API. Improved file browsers.
>
> o CUE files support.
>
> o Sound output now uses libao library.
>
> o Added help for little-known drive-info command.
>
> GCDMaster changes:
>
> o MP3 and Ogg Vorbis support: you can drag and drop .mp3, .m3u and
> .ogg files from Nautilus into the sample display window.
>
> o Switched to gtkmm24 API. Improved file browsers.
>
> o CUE files support.
>
> o Sound output now uses libao library.
>
> o Added 'Select All' item in menu.
>
> o Added 'Eject' button to progress dialog
>
> o Bug fixes (sample selection weirdness, couldn't close window during
> play, problems with gcdmaster command-line argument, crashes with
> multiple project windows, drive status not reported correctly).
----
Module Name: pkgsrc
Committed By: tron
Date: Sat May 28 21:50:19 UTC 2005
Modified Files:
pkgsrc/sysutils/cdrdao: Makefile
Log Message:
Add missing dependences on "libao", "libmad" and "libvorbis" for full
audio support. Bump package revision.
|
|
add pear-Mail package
Revisions pulled up:
- pkgsrc/mail/pear-Mail/Makefile 1.1.1.1
- pkgsrc/mail/pear-Mail/DESCR 1.1.1.1
- pkgsrc/mail/pear-Mail/PLIST 1.1.1.1
- pkgsrc/mail/pear-Mail/distinfo 1.1.1.1
- pkgsrc/mail/Makefile 1.256
Module Name: pkgsrc
Committed By: adrianp
Date: Wed May 18 20:07:46 UTC 2005
Update of /cvsroot/pkgsrc/mail/pear-Mail
In directory ivanova.netbsd.org:/tmp/cvs-serv1549
Log Message:
- Import of pear-Mail
PEAR's Mail:: package defines the interface for implementing mailers
under the PEAR hierarchy, and provides supporting functions useful in
multiple mailer backends. Currently supported are native PHP mail()
function, sendmail and SMTP. This package also provides a RFC 822 Email
address list validation utility class.
---
Module Name: pkgsrc
Committed By: adrianp
Date: Wed May 18 20:09:12 UTC 2005
Modified Files:
pkgsrc/mail: Makefile
Log Message:
- Note addition of pear-Mail-1.1.4
|
|
add pear-DB package
Revisions pulled up:
- pkgsrc/databases/pear-DB/Makefile 1.1.1.1
- pkgsrc/databases/pear-DB/DESCR 1.1.1.1
- pkgsrc/databases/pear-DB/PLIST 1.1.1.1
- pkgsrc/databases/pear-DB/distinfo 1.1.1.1
- pkgsrc/databases/Makefile 1.171
Module Name: pkgsrc
Committed By: adrianp
Date: Wed May 18 19:56:06 UTC 2005
Update of /cvsroot/pkgsrc/databases/pear-DB
In directory ivanova.netbsd.org:/tmp/cvs-serv18260
Log Message:
- Import of pear-DB
DB is a database abstraction layer providing:
* an OO-style query API
* portability features that make programs written for one DBMS
work with other DBMS's
* a DSN (data source name) format for specifying database servers
* prepare/execute (bind) emulation for databases that don't support
it natively
* a result object for each query response
* portable error codes
* sequence emulation
* sequential and non-sequential row fetching as well as bulk fetching
* formats fetched rows as associative arrays, ordered arrays or objects
* row limit support
* transactions support
* table information interface
* DocBook and phpDocumentor API documentation
---
Module Name: pkgsrc
Committed By: adrianp
Date: Wed May 18 19:58:45 UTC 2005
Modified Files:
pkgsrc/databases: Makefile
Log Message:
- Note addition of pear-DB-1.7.6
|
|
|
|
security update for mailman
Revisions pulled up:
- pkgsrc/mail/mailman/Makefile 1.22
- pkgsrc/mail/mailman/PLIST 1.8
- pkgsrc/mail/mailman/distinfo 1.8
- pkgsrc/mail/mailman/patches/patch-ac removed
- pkgsrc/mail/mailman/patches/patch-ai removed
Module Name: pkgsrc
Committed By: bouyer
Date: Wed Jun 1 23:25:07 UTC 2005
Modified Files:
pkgsrc/mail/mailman: Makefile PLIST distinfo
Removed Files:
pkgsrc/mail/mailman/patches: patch-ac patch-ai
Log Message:
Update to 2.1.6. Changes (note: the fix for CAN-2005-0202 was already in
pkgsrc as patches/patch-ai):
Security
- Added the ability for Mailman generated passwords (both member
and list admin) to be more cryptographically secure. See new
configuration variables USER_FRIENDLY_PASSWORDS,
MEMBER_PASSWORD_LENGTH, and ADMIN_PASSWORD_LENGTH. Also added
a new bin/withlist script called reset_pw.py which can be used
to reset all member passwords. Passwords generated by Mailman
are now 8 characters by default for members, and 10 characters
for list administrators.
- A potential cross-site scripting hole in the driver script has been
closed. Thanks to Florian Weimer for its discovery. Also, turn
STEALTH_MODE on by default.
Internationalization
- Chinese languages are now supported. They have been moved from
'big5' and 'gb' to 'zh_TW' and 'zh_CN' respectively for compliance
to the IANA spec. Note, however, that the character sets were
changed from 'Big5' or 'GB2312' to 'UTF-8' to cope with the
insufficient codecs support in Python 2.3 and earlier. You may
have to install Chinese capable codecs (like CJKCodecs) separately
to handle the incoming messages which are in local charsets, or
upgrade your Python to 2.4 or newer.
Behavior or defaults changes
- VERP_PROBES is disabled by default.
- bin/withlist can be run without a list name, but only if -i is
given. Also, withlist puts the directory it's found in at the end
of sys.path, making it easier to run withlist scripts that live in
$prefix/bin.
- bin/newlist grew two new options: -u/--urlhost and -e/--emailhost
which lets the user provide the web and email hostnames for the new
mailing list. This is a better way to specify the domain for the
list, rather than the old 'mylist@hostname' syntax (which is still
supported for backward compatibility, but deprecated).
Compatibility
- Python 2.4 compatibility issue: time.strftime() became strict about
the 'day of year' range. (1078482)
New Features
- New feature: automatic discards of held messages. List owners can now
set how many days to hold the messages in the moderator request queue.
cron/checkdb will automatically discard old messages. See the
max_days_to_hold variable in the General Options and
DEFAULT_MAX_DAYS_TO_HOLD in Defaults.py. This defaults to 0
(i.e. disabled). (790494)
- New feature: subject_prefix can be configured to include a sequence
number which is taken from the post_id variable. Also, the prefix is
always put at the start of the subject, i.e. "[list-name] Re:
original subject", if mm_cfg.OLD_STYLE_PREFIXING is set No.
The default style is "Re: [list-name]" if numbering is not set, for
backward compatibility. If the list owner is using numbering feature
by "%d" directive, the new style, "[list-name 123] Re:", is always
used.
- List owners can now cusomize the non-member rejection notice from
admin/<listname>/privacy/sender page. (1107169)
- Allow editing of the welcome message from the admin page (1085501).
- List owners can now use Scrubber to get the attachments scrubbed
(held in the web archive), if the site admin permits it in mm_cfg.py.
New variables introduced are SCRUBBER_DONT_USE_ATTACHMENT_FILENAME
and SCRUBBER_USE_ATTACHMENT_FILENAME_EXTENSION in Defaults.py for
scrubber behavior. (904850)
Documentation
- Most of the installation instructions have been moved to a latex
document. See admin/www/mailman-install/index.html for details.
Bug fixes and other patches
- Mail-to-news gateway now strips subject prefix off from a response
by a mail user if news_prefix_subject_too is not set.
- Date and Message-Id headers are added for digests. (1116952)
- Improved mail address sanity check. (1030228)
- SpamDetect.py now checks attachment header. (1026977)
- Filter attachments by filename extensions. (1027882)
- Bugs and patches: 955381 (older Python compatibility),
1020102/1013079/ 1020013 (fix spam filter removed), 665569 (newer
Postfix bounce detection), 970383 (moderator -1 admin requests
pending), 873035 (subject handling in -request mail), 799166/946554
(makefile compatibility), 872068 (add header/footer via unicode),
1032434 (KNOWN_SPAMMERS check for multi-header), 1025372 (empty
Cc:), 789015 (fix pipermail URL), 948152 (Out of date link on Docs),
1099138 (Scrubber.py breaks on None part), 1099840/1099840
(deprecated % insertion), 880073/933762 (List-ID RFC compliance),
1090439 (passwd reminder shunted), 1112349 (case insensitivity in
acceptable_aliases), 1117618 (Don't Cc for personalized anonymous
list), 1190404 (wrong permission after editing html)
|
|
|
|
PLIST fix for lablgtk2
Revisions pulled up:
- pkgsrc/x11/lablgtk2/Makefile 1.5
- pkgsrc/x11/lablgtk2/PLIST 1.2
Module Name: pkgsrc
Committed By: drochner
Date: Tue May 31 15:56:18 UTC 2005
Modified Files:
pkgsrc/x11/lablgtk2: PLIST
Log Message:
sync with reality
---
Module Name: pkgsrc
Committed By: wiz
Date: Wed Jun 1 21:00:26 UTC 2005
Modified Files:
pkgsrc/x11/lablgtk2: Makefile
Log Message:
Bump PKGREVISION after PLIST fix (hi drochner!)
Noted by salo@.
|
|
|
|
bugfix updates for xentools20
Revisions pulled up:
- pkgsrc/sysutils/xentools20/Makefile 1.6, 1.8, 1.10
- pkgsrc/sysutils/xentools20/files/xend.sh 1.2
- pkgsrc/sysutils/xentools20/distinfo 1.4-1.5
- pkgsrc/sysutils/xentools20/patches/patch-af 1.2
- pkgsrc/sysutils/xentools20/patches/patch-as 1.1
Module Name: pkgsrc
Committed By: bouyer
Date: Fri Apr 1 19:06:12 UTC 2005
Modified Files:
pkgsrc/sysutils/xentools20: Makefile
pkgsrc/sysutils/xentools20/files: xend.sh
Log Message:
xend.sh fixes:
- set command_interpreter, so that rc.subr(8) can find the process(es).
- /usr/pkg/sbin/xend {stop,restart} don't to what we expect, to
let rc.subr do it instead.
Bump PKGREVISION.
Should fix pkg/29847.
---
Module Name: pkgsrc
Committed By: wiz
Date: Sat Apr 16 13:35:29 UTC 2005
Modified Files:
pkgsrc/sysutils/xentools20: Makefile
Log Message:
Fix dependency pattern to include [0-9].
---
Module Name: pkgsrc
Committed By: xtraeme
Date: Mon May 23 18:05:16 UTC 2005
Modified Files:
pkgsrc/sysutils/xentools20: distinfo
pkgsrc/sysutils/xentools20/patches: patch-af
Log Message:
Fix build on NetBSD/-current by including <sys/select.h>.
---
Module Name: pkgsrc
Committed By: bouyer
Date: Mon May 23 22:02:04 UTC 2005
Modified Files:
pkgsrc/sysutils/xentools20: Makefile distinfo
Added Files:
pkgsrc/sysutils/xentools20/patches: patch-as
Log Message:
Don't mmap /kern/xen/privcmd (this doesn't work any more on current),
use MAP_ANON instead. Bump pkgrevision.
|
|
|
|
security update for cyrus-imapd21
Revisions pulled up:
- pkgsrc/mail/cyrus-imapd21/Makefile 1.29
- pkgsrc/mail/cyrus-imapd21/distinfo 1.10, 1.11
Module Name: pkgsrc
Committed By: wiz
Date: Wed May 25 12:44:19 UTC 2005
Modified Files:
pkgsrc/mail/cyrus-imapd21: distinfo
Log Message:
Add RMD160 checksum.
----
Module Name: pkgsrc
Committed By: adrianp
Date: Sat May 28 17:41:54 UTC 2005
Modified Files:
pkgsrc/mail/cyrus-imapd21: Makefile distinfo
Log Message:
- Update cyrus-imapd21 to 2.1.18:
- From the changelog:
> Changes to the Cyrus IMAP Server since 2.1.17
> Fix single byte overflow in imapd annotate extension.
>
> Changes to the Cyrus IMAP Server since 2.1.16
> Fix several security issues in imapd and in mysasl_canon_user.
>
> Changes to the Cyrus IMAP Server since 2.1.15
> Clean up a timeout bug in fud proxy code.
> Fix a number of bugs with the murder and altnamespace handling.
> Detect fork() failures when launching sendmail in lmtpd
> Enable telemetry logging in lmtpd/lmtpproxyd
> Allow APOP to be disabled via an imap option
> Fix reconstruct to handle missing cyrus.header files
> Add the quotawarnkb option
> Update MUPDATE to look for IANA assigned port numbers.
|
|
|
|
security fix for tcpdump
Revisions pulled up:
- pkgsrc/net/tcpdump/Makefile 1.15
- pkgsrc/net/tcpdump/distinfo 1.8
- pkgsrc/net/tcpdump/patches/patch-ac 1.1
- pkgsrc/net/tcpdump/patches/patch-ad 1.1
- pkgsrc/net/tcpdump/patches/patch-ae 1.1
- pkgsrc/net/tcpdump/patches/patch-af 1.1
Module Name: pkgsrc
Committed By: adrianp
Date: Sat May 28 14:15:23 UTC 2005
Modified Files:
pkgsrc/net/tcpdump: Makefile distinfo
Added Files:
pkgsrc/net/tcpdump/patches: patch-ac patch-ad patch-ae patch-af
Log Message:
- Update to nb1 for security issues
- Patches from tcpdump.org CVS tree
|
|
|
|
security update for gxine
Revisions pulled up:
- pkgsrc/multimedia/gxine/Makefile 1.9, 1.10
- pkgsrc/multimedia/gxine/distinfo 1.4, 1.5, 1.6
- pkgsrc/multimedia/gxine/patches/patch-ac 1.3
- pkgsrc/multimedia/gxine/patches/patch-ad 1.3, 1.4
- pkgsrc/multimedia/gxine/patches/patch-ag 1.1
- pkgsrc/multimedia/gxine/patches/patch-ah 1.1
- pkgsrc/multimedia/gxine/patches/patch-ai 1.1, 1.2
- pkgsrc/multimedia/gxine/patches/patch-aj 1.1
Module Name: pkgsrc
Committed By: rillig
Date: Wed Apr 13 16:39:32 UTC 2005
Modified Files:
pkgsrc/multimedia/gxine: Makefile distinfo
Added Files:
pkgsrc/multimedia/gxine/patches: patch-ag patch-ah patch-ai patch-aj
patch-ak
Log Message:
Added some patches for ISO C90 compliance, for NetBSD-1.6.2, and for
gcc-2.95. Approved by jlam.
----
Module Name: pkgsrc
Committed By: reed
Date: Sun May 8 06:33:35 UTC 2005
Modified Files:
pkgsrc/multimedia/gxine: distinfo
pkgsrc/multimedia/gxine/patches: patch-ac
Added Files:
pkgsrc/multimedia/gxine/patches: patch-ad
Log Message:
Make this build under FreeBSD.
PKGREVISION not bumped since these changes only matter for
FreeBSD build which failed in the first place.
Note that xine-lib is needed, but the xine-lib fixes for
FreeBSD have not been committed yet.
(If you are curious, I am using gxine on FreeBSD all installed
via pkgsrc to watch a MS Windows Media 7 ASF video and listen to
MS Windows Media Audio 2 without any win32-codecs installed.)
----
Module Name: pkgsrc
Committed By: salo
Date: Fri May 27 12:09:27 UTC 2005
Modified Files:
pkgsrc/multimedia/gxine: Makefile distinfo
pkgsrc/multimedia/gxine/patches: patch-ad patch-ai
Removed Files:
pkgsrc/multimedia/gxine/patches: patch-ak
Log Message:
Update to version 0.4.5
Changes:
0.4.5:
======
- SECURITY FIX (pst.advisory 2005-21)
Remotely-exploitable missing-format-string vulnerability in some
message dialogue boxes.
- Fixed some brokenness in the visualisations menu; hide/show the
video widget as needed when selecting an item from that menu.
- Better handling of uninstantiatable post-plugins (when configuring).
- Caught and replaced another asprintf. [Bug 1204625]
- Compile fix (Solaris): need $(X_EXTRA_LIBS).
- Correct the documentation of the '-e' option in gxine.1.
- Don't set a title for the full-screen toolbar.
- Set up X threads earlier (it was being done too late).
(based on a patch from Antti P Miettinen <ananaza@iki.fi>.)
0.4.4:
======
- Added support for VDR's AUDIO key.
- Made the browser plugin optional.
- Stop playback on playlist clear.
- Fixed a bug in multi-file drag+drop.
0.4.3:
======
- Fix a bug in JS vdr(). It should check the active MRL rather than
the currently-selected playlist entry.
- Fix a post-plugin parameter handling error.
- Provide a few more default bindings with keys.
- Fix a compile failure when using xine-lib 1.0 headers. Whoops :-(
- Added doc/Keybindings-HOWTO (from Craig Sanders).
0.4.2:
======
- Use external JS lib by default (if available).
If you're using amd64, you want this, I'm told.
- This version should be buildable and useable with GTK+2.2.
It may also use, but not rely on, a few features from GTK+2.6.
- Configure switches for GTK+ versions compatibility and whether to
use the desktop integration wizard. (Mainly for packagers.)
- Mark 'repeat' and 'random' buttons (playlist) as having accelerator
keys.
- Improve prefs window numeric entry editing.
- "tvtime" deinterlace plugin support.
- Video and audio post-plugin chain support.
The deinterlace plugin is prepended to the video chain if enabled.
The visualisation plugin is prepended to the audio chain if active.
- Hide tab & border for single-page notebooks in the prefs window.
- Make columns in playlist etc. resizable.
- Fixed a few crash/warning bugs (mediamarks/playlist item edit) left
over from 0.4.1.
- Respond to volume changes made externally.
- Fix crash on virtual desktop change. The full-screen window is now
sticky and on all desktops. (If you have a better way of fixing
this which *doesn't* require this, let me know.)
- Fix overlay bug with window managers, such as IceWM, which have
their own toolbars.
- Text preferences which are uncommitted may be undone by Ctrl '-' or
Undo.
- Make the visualisation setting a preference.
- Fix a few problems in playlist expansion via xine-lib.
- Add JS event(NAME) function and make event() and vdr() output help
text if called without parameters.
- Add keybinding entries for 'next angle' and 'previous angle'.
- Save the A/V offset setting.
- Build fix: apparently, Spidermonkey isn't always libsmjs.so.
- Stop GTK's complaints when the locale doesn't use UTF-8.
(This is done by telling gettext that we want translated text in
UTF-8. Some is intended for the console; this isn't special-cased.)
- Add a few extra icons to the menus.
- Add config options for default window size and magnification of
low-res video streams.
- Improve live-stream detection; recognise streams of unknown length.
- Improve the current stream title display.
- Rely on xine-lib's XML parser and quote some characters when saving
the playlist, media marks and key bindings.
- Change the way in which the control button images are implemented.
(There are problems with some GTK+ theme engines otherwise.)
- Try to update the current playlist item's title from the stream
automatically unless the title has been edited.
- Deleting a playlist item will, if it is being played, cause the
next item to be played (or the player to enter idle mode).
- Use ellipsis in long entries in the playlist & mediamarks windows.
(Requires GTK+2.6.)
- Allow drag&drop for reordering playlist items.
- Prevent multiple install wizard instantiations.
- Add menu tooltips for plugins with short descriptions in the plugin
chain configuration windows.
- Make playlist repeat & random settings persistent. (Guenter)
|
|
|
|
security fix for net-snmp
Revisions pulled up:
- pkgsrc/net/net-snmp/Makefile patched by hand
- pkgsrc/net/net-snmp/buildlink3.mk patched by hand
- pkgsrc/net/net-snmp/distinfo patched by hand
- pkgsrc/net/net-snmp/patches/patch-ab 1.5
Module Name: pkgsrc
Committed By: tron
Date: Wed May 25 13:49:10 UTC 2005
Modified Files:
pkgsrc/net/net-snmp: Makefile distinfo
Added Files:
pkgsrc/net/net-snmp/patches: patch-ab
Log Message:
Replace "fixproc" script with version from "net-snmp" CVS respository.
This fixes the security problem documented in SA15471. Bump package
revision because of this change.
|
|
|
|
security update for mhonarc
Revisions pulled up:
- pkgsrc/mail/mhonarc/Makefile 1.20
- pkgsrc/mail/mhonarc/distinfo 1.13
Module Name: pkgsrc
Committed By: adrianp
Date: Fri May 27 11:41:03 UTC 2005
Modified Files:
pkgsrc/mail/mhonarc: Makefile distinfo
Log Message:
- Update mhonarc for recent security issue (XSS)
- From the changelog:
> 9050 Regex abort error in mhmimetypes.pl under Win32
> 11187 incorrectly parsing UTF-8 encoded messages
> 11207 usenameext option to m2h_external::filter has no effect
> 11760 spammode false positives on some HTML mail
> 11762 rel=nofollow attribute support in message body hyperlinks
> 11977 TSLICETOPBEGCUR ignored
> 12512 Consecutive spaces not displayed in some cases
> 12802 SubjectStripCode not working on message file
> 12930 Cross site scripting bug in m2h_text_html::filter
|
|
|
|
security update for openslp
Revisions pulled up:
- pkgsrc/net/openslp/Makefile 1.26
- pkgsrc/net/openslp/buildlink3.mk 1.8
- pkgsrc/net/openslp/distinfo 1.12
- pkgsrc/net/openslp/patches/patch-ac 1.2
- pkgsrc/net/openslp/patches/patch-ae 1.2
- pkgsrc/net/openslp/patches/patch-ah 1.2
- pkgsrc/net/openslp/patches/patch-ad removed
- pkgsrc/net/openslp/patches/patch-af removed
- pkgsrc/net/openslp/patches/patch-ag removed
- pkgsrc/net/openslp/patches/patch-ai 1.1
Module Name: pkgsrc
Committed By: adrianp
Date: Thu May 26 20:14:21 UTC 2005
Modified Files:
pkgsrc/net/openslp: Makefile buildlink3.mk distinfo
pkgsrc/net/openslp/patches: patch-ac patch-ae patch-ah
Added Files:
pkgsrc/net/openslp/patches: patch-ai
Removed Files:
pkgsrc/net/openslp/patches: patch-ad patch-af patch-ag
Log Message:
- Update to 1.2.1 - ok'ed jlam@
- This incorporates security fixes from SuSE to address the issues
they found
From the ChangeLog:
> 02/04/2005 jcalcote@novell.com
> Incorporated various bug fixes from SuSE and others.
> Updated Autotools files for version 1.5+
|
|
|
|
security update for bzip2
Revisions pulled up:
- pkgsrc/archivers/bzip2/PLIST 1.3
- pkgsrc/archivers/bzip2/Makefile 1.39
- pkgsrc/archivers/bzip2/buildlink3.mk 1.17
- pkgsrc/archivers/bzip2/distinfo 1.12
- pkgsrc/archivers/bzip2/patches/patch-aa 1.11
Module Name: pkgsrc
Committed By: rillig
Date: Mon May 23 06:49:29 UTC 2005
Modified Files:
pkgsrc/archivers/bzip2: PLIST
Log Message:
Sorted PLIST entries to make pkglint happy.
----
Module Name: pkgsrc
Committed By: salo
Date: Thu May 26 15:03:11 UTC 2005
Modified Files:
pkgsrc/archivers/bzip2: Makefile buildlink3.mk distinfo
pkgsrc/archivers/bzip2/patches: patch-aa
Log Message:
Security update to version 1.0.3
- Further robustification against corrupted compressed data.
There are currently no known bitstreams which can cause the
decompressor to crash, loop or access memory which does not
belong to it. If you are using bzip2 or the library to
decompress bitstreams from untrusted sources, an upgrade
to 1.0.3 is recommended.
http://scary.beasts.org/security/CESA-2005-002.txt
- The documentation has been converted to XML, from which html
and pdf can be derived.
- Various minor bugs in the documentation have been fixed.
- Fixes for various compilation warnings with newer versions of
gcc, and on 64-bit platforms.
- The BZ_NO_STDIO cpp symbol was not properly observed in 1.0.2.
This has been fixed.
|
|
security update for ImageMagick
Revisions pulled up:
- pkgsrc/graphics/ImageMagick/Makefile.common 1.40
- pkgsrc/graphics/ImageMagick/PLIST 1.37
- pkgsrc/graphics/ImageMagick/distinfo 1.49
- pkgsrc/graphics/ImageMagick/patches/patch-aa 1.30
- pkgsrc/graphics/ImageMagick/buildlink3.mk 1.9
Module Name: pkgsrc
Committed By: adam
Date: Wed May 25 10:32:33 UTC 2005
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile.common PLIST distinfo
pkgsrc/graphics/ImageMagick/patches: patch-aa
Log Message:
Changes 6.2.3.0:
* Bug fixes
----
Module Name: pkgsrc
Committed By: salo
Date: Thu May 26 13:37:32 UTC 2005
Modified Files:
pkgsrc/graphics/ImageMagick: buildlink3.mk
Log Message:
Bump BUILDLINK_RECOMMENDED after latest update with security fixes.
(hi adam!)
|
|
|
