Age | Commit message (Collapse) | Author | Files | Lines |
|
graphics/dia: package list fix
Revisions pulled up:
- graphics/dia/PLIST 1.19
---
Module Name: pkgsrc
Committed By: drochner
Date: Tue Aug 31 18:25:29 UTC 2010
Modified Files:
pkgsrc/graphics/dia: PLIST
Log Message:
add conditionals to PLIST to fix the non-gnome case, should fix
PR pkg/43812 by Matthew Mondor
The DIA_HELPDIR variable looks unnecessary now, it might make sense
to not install the xml documentation in the non-gnome case because
there is no tool to read it anyway.
|
|
|
|
net/quagga-devel: security update
Revisions pulled up:
- net/quagga-devel/Makefile 1.16
- net/quagga-devel/distinfo 1.11
---
Module Name: pkgsrc
Committed By: gdt
Date: Wed Aug 25 17:52:24 UTC 2010
Modified Files:
pkgsrc/net/quagga-devel: Makefile distinfo
Log Message:
Update to 0.99.17.
The most important change is in correcting handling of malformed data
in BGP sessions.
bgpd:
fix handling of AS path data
tighten bounds checking in RR ORF msg reader
ospfd:
Only refresh external default route once.
Make sure ospf_distribute_list_update_timer() eventually runs.
Make sure all external routes are updated.
zebra:
fix infinite loop when deleting an interface
ospf6d:
Fix crash when '[no] ipv6 ospf6 advertise prefix-list' is in startup-config
isisd:
change ISIS_METHOD to use C preprocessor
other:
build: ignore mkinstalldirs and texinfo.tex
build: Add QuaggaId to README.NetBSD
build/extra: Enhance README.NetBSD make/gmake decision.
git: add pointers to out-of-tree work
git: add (generated) m4 files to .gitignore
Update for git and emphasize asking for good reports.
doc: fixed spelling in bgpd.texi
|
|
|
|
graphics/pear-Image_Color: build fix
Revisions pulled up:
- lang/php/pear.mk 1.19
---
Module Name: pkgsrc
Committed By: obache
Date: Wed Aug 25 06:37:20 UTC 2010
Modified Files:
pkgsrc/lang/php: pear.mk
Log Message:
Always install pear with `-n', or failed to install if extension is required
but not loaded in php.ini.
|
|
|
|
security update
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.83
- pkgsrc/databases/phpmyadmin/distinfo 1.44
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Aug 21 07:50:02 UTC 2010
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 2.11.10.1.
Changes since version 2.11.10:
- [setup] Fixed output sanitizing in setup script, see PMASA-2010-4 for
more details.
- [core] Fixed various XSS issues, see PMASA-2010-5 for more details.
To generate a diff of this commit:
cvs rdiff -u -r1.82 -r1.83 pkgsrc/databases/phpmyadmin/Makefile
cvs rdiff -u -r1.43 -r1.44 pkgsrc/databases/phpmyadmin/distinfo
|
|
build fix for Solaris
Revisions pulled up:
- pkgsrc/devel/glib2/Makefile 1.176
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tez
Date: Fri Aug 20 16:33:10 UTC 2010
Modified Files:
pkgsrc/devel/glib2: Makefile
Log Message:
Fix build on Solaris per pkg/43707 - no revision bump since other
platforms are unaffected and Solaris did not build before
To generate a diff of this commit:
cvs rdiff -u -r1.175 -r1.176 pkgsrc/devel/glib2/Makefile
|
|
|
|
x11/wxGTK24: build fix
Revisions pulled up:
- x11/wxGTK24/Makefile.common 1.7
- x11/wxGTK24/distinfo 1.12
- x11/wxGTK24/patches/patch-aa 1.6
---
Module Name: pkgsrc
Committed By: obache
Date: Wed Aug 18 10:05:08 UTC 2010
Modified Files:
pkgsrc/x11/wxGTK24: Makefile.common distinfo
pkgsrc/x11/wxGTK24/patches: patch-aa
Log Message:
Let to use BUILDLINK_DIR first for find header/library files.
It should fixes PR#43215.
|
|
sysutils/dbus-glib: security update
Revisions pulled up:
- sysutils/dbus-glib/Makefile 1.24
- sysutils/dbus-glib/PLIST 1.11
- sysutils/dbus-glib/distinfo 1.12
---
Module Name: pkgsrc
Committed By: wiz
Date: Tue Aug 17 13:33:40 UTC 2010
Modified Files:
pkgsrc/sysutils/dbus-glib: Makefile PLIST distinfo
Log Message:
Update to 0.88:
0.88:
Astone Lin (1):
Allow duplicate object path registrations for different connections
Christian Dywan (1):
Refer to dbus_g_connection_flush rather than the plain dbus call
Colin Walters (3):
Disable test-profile on win32 for now
Respect property access flags for writing, allow disabling for reads
configure: Release 0.88
Dan Williams (2):
core: don't pass malformed error interface to dbus (rh#581794)
Fix lookup of regular properties when shadow properties are used
Danielle Madeley (6):
Bumping required GLib to 2.24 for GVariant
fd.o #28715: Add dbus_g_value_build_g_variant()
Tests for GValue-to-GVariant
Write a recursive equivalence function for testing the
equivalence of GVariants
Test test_g_variant_equivalent itself
Support DBUS_TYPE_G_SIGNATURE
Fridrich Strba (2):
Use AC_CANONICAL_HOST, not _TARGET
Don't use the identifier "interface" in public headers
Fridrich Strba (3):
Use EXEEXT so that we satisfy dependencies when cross-compiling
Fix linking of tests. On windows, undefined symbols are not
allowed and symbol lookup is sequencial
Put the G_OS_WIN32 check where it can be defined.
Guillaume Desmottes (1):
add mising DBUS_TYPE_G_* to the doc
Simon McVittie (6):
Bug 14579: remove pending call from hash table before cancelling it
Merge branch '14579-remove-before-cancel'
fd.o #27958: dbus_g_error_domain_register: rewrite the documentation
Add Libtool m4 to .gitignore
Add various tests etc. to .gitignore
Consolidate LDADD variables in tests/examples and make them more complete
Will Thompson (1):
Merge remote branch 'danni/gvalue-to-gvariant'
0.86:
Colin Walters (8):
Squash underscores and dashes in errors when converting to DBus errors
Remove dbus-glib-undocumented.txt from git
Revert "Squash underscores and dashes in errors when converting
to DBus errors"
Fix hyphenated error codes correctly
[configure.ac] Use AM_SILENT_RULES if available
Remove dbus-glib-undeclared.txt from git; it's a generated file
[dbus-gobject.c] Trivial compiler warning fixes
[configure] Release 0.86
Dan Williams (2):
core: allow duplicate property names on GInterfaces
core: performance optimization for object info lookup
Sven Herzberg (1):
turn the gtk-doc documentation into buildable shape
Will Thompson (1):
Free errors returned by method implementations
|
|
databases/mysql51-client: security update
databases/mysql51-server: security update
Revisions pulled up:
- databases/mysql51-client/Makefile.common 1.10
- databases/mysql51-client/distinfo 1.6
- databases/mysql51-client/patches/patch-ap 1.2
- databases/mysql51-server/PLIST 1.7
- databases/mysql51-server/Makefile 1.6
- databases/mysql51-server/distinfo 1.8-1.9
- databases/mysql51-server/patches/patch-ae 1.2
- databases/mysql51-server/patches/patch-aj 1.2
- databases/mysql51-server/patches/patch-ak 1.2
- databases/mysql51-server/patches/patch-ay 1.3
- databases/mysql51-server/patches/patch-az 1.1
- databases/mysql51-server/patches/patch-ba 1.1
- databases/mysql51-server/patches/patch-bb 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Aug 11 23:18:04 UTC 2010
Modified Files:
pkgsrc/databases/mysql51-client: Makefile.common distinfo
pkgsrc/databases/mysql51-client/patches: patch-ap
pkgsrc/databases/mysql51-server: PLIST distinfo
pkgsrc/databases/mysql51-server/patches: patch-aj patch-ak
Removed Files:
pkgsrc/databases/mysql51-server/patches: patch-ay
Log Message:
Update mysql51-client and mysql51-server to 5.1.49.
Please refer http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html
for full changes.
* InnoDB Plugin has been upgraded to version 1.0.10. This version is
considered of General Availability (GA) quality.
In this release, the InnoDB Plugin is included in source and binary
distributions, except RHEL3, RHEL4, SuSE 9 (x86, x86_64, ia64), and
generic Linux RPM packages. It also does not work for FreeBSD 6 and
HP-UX or for Linux on generic ia64.
Bugs fixed:
* Security Fix: After changing the values of the innodb_file_format or
innodb_file_per_table configuration parameters, DDL statements could
cause a server crash. (Bug#55039)
* Security Fix: Joins involving a table with with a unique SET column
could cause a server crash. (Bug#54575)
* Security Fix: Incorrect handling of NULL arguments could lead to a
crash for IN() or CASE operations when NULL arguments were either
passed explicitly as arguments (for IN()) or implicitly generated by
the WITH ROLLUP modifier (for IN() and CASE). (Bug#54477)
* Security Fix: A malformed argument to the BINLOG statement could
result in Valgrind warnings or a server crash. (Bug#54393)
* Security Fix: Use of TEMPORARY InnoDB tables with nullable columns
could cause a server crash. (Bug#54044)
* Security Fix: The server could crash if there were alternate reads
from two indexes on a table using the HANDLER interface. (Bug#54007)
* Security Fix: Using EXPLAIN with queries of the form SELECT
... UNION ... ORDER BY (SELECT ... WHERE ...) could cause a server
crash. (Bug#52711)
* Security Fix: LOAD DATA INFILE did not check for SQL errors and sent
an OK packet even when errors were already reported. Also, an assert
related to client-server protocol checking in debug servers
sometimes was raised when it should not have been. (Bug#52512)
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Aug 13 14:25:35 UTC 2010
Modified Files:
pkgsrc/databases/mysql51-server: Makefile distinfo
pkgsrc/databases/mysql51-server/patches: patch-ae
Added Files:
pkgsrc/databases/mysql51-server/patches: patch-ay patch-az patch-ba
patch-bb
Log Message:
Fix some my_time_t (long) v.s. time_t problem introduced MySQL 5.1.49.
This problem results mysqld to exit on start up.
5.1/i386 5.1/amd64 5.99.38/i386 5.99.38/amd64
my_time_t int32_t int64_t int32_t int64_t
time_t int32_t int32_t int64_t int64_t
I confirmed to mysqld running on these four case except 5.99.38/i386.
Bump PKG_REVISION.
|
|
|
|
lang/ruby18-base: security patch
Revisions pulled up:
- lang/ruby18-base/Makefile 1.56
- lang/ruby18-base/distinfo 1.44
- lang/ruby18-base/patches/patch-ea 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Aug 16 07:08:13 UTC 2010
Modified Files:
pkgsrc/lang/ruby18-base: Makefile distinfo
Added Files:
pkgsrc/lang/ruby18-base/patches: patch-ea
Log Message:
Add a patch to fix for possible cross-site scripting (CVE-2010-0541)
from r29002 in Ruby's repository. (Sadly, Ruby 1.8.7 pl301 missed
this change...)
Bump PKGREVISION.
|
|
|
|
net/socat: security update
Revisions pulled up:
- net/socat/Makefile 1.24
- net/socat/distinfo 1.15
---
Module Name: pkgsrc
Committed By: zafer
Date: Thu Aug 12 17:54:14 UTC 2010
Modified Files:
pkgsrc/net/socat: Makefile distinfo
Log Message:
Update socat to 1.7.1.3
Changelog:
security:
fixed a stack overflow vulnerability that occurred when command
line arguments (whole addresses, host names, file names) were longer
than 512 bytes.
Note that this could only be exploited when an attacker was able to
inject data into socat's command line.
Full credits to Felix Grobert, Google Security Team, for finding and
reporting this issue
|
|
|
|
www/drupal6: security update
Revisions pulled up:
- www/drupal6/Makefile 1.22
- www/drupal6/distinfo 1.17
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Aug 11 21:56:28 UTC 2010
Modified Files:
pkgsrc/www/drupal6: Makefile distinfo
Log Message:
Update drupal6 package to 6.18.
Drupal 6.18, 2010-08-11
----------------------
- Fixed security issues (OpenID authentication bypass, File download access
bypass, Comment unpublishing bypass, Actions cross site scripting),
see SA-CORE-2010-002.
|
|
|
|
www/typolight27: security patch
Revisions pulled up:
- www/typolight27/Makefile patch
- www/typolight27/distinfo patch
- www/typolight27/patches/patch-ab new file
---
Apply patch to fix XSS vulnerability.
|
|
|
|
www/typolight28: security update
Revisions pulled up:
- www/typolight28/Makefile 1.10-1.11
- www/typolight28/Makefile.version 1.7
- www/typolight28/distinfo 1.8-1.9
- www/typolight28/patches/patch-ad 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jul 3 04:00:09 UTC 2010
Modified Files:
pkgsrc/www/typolight28: Makefile Makefile.version distinfo
Log Message:
Update typolight28 to 2.8.4.
Version 2.8.4 (2010-06-30)
--------------------------
- Back-ported the Safe Mode Hack improvements from version 2.9
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Jul 28 16:24:20 UTC 2010
Modified Files:
pkgsrc/www/typolight28: Makefile distinfo
Added Files:
pkgsrc/www/typolight28/patches: patch-ad
Log Message:
Add a patch from Contao(TYPOlight) repository to fix possible
XSS problem on frontend module.
Bump PKGREVISION.
|
|
|
|
archivers/cabextract: security update
Revisions pulled up:
- archivers/cabextract/Makefile 1.21
- archivers/cabextract/distinfo 1.10
---
Module Name: pkgsrc
Committed By: wiz
Date: Sat Jul 24 08:45:14 UTC 2010
Modified Files:
pkgsrc/archivers/cabextract: Makefile distinfo
Log Message:
Update to 1.3, set LICENSE.
New in 1.3:
* Bugs in the MS-ZIP and Quantum decompressors have been fixed.
* MS-ZIP recovery has been improved.
* cabextract should now compile with MinGW
|
|
|
|
security update
Revisions pulled up:
- pkgsrc/graphics/freetype2/Makefile 1.74
- pkgsrc/graphics/freetype2/distinfo 1.36
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tnn
Date: Sun Aug 8 16:06:02 UTC 2010
Modified Files:
pkgsrc/graphics/freetype2: Makefile distinfo
Log Message:
Update to freetype2-2.4.2:
CHANGES BETWEEN 2.4.1 and 2.4.2
I. IMPORTANT BUG FIXES
- A stack overflow in CFF Type2 CharStrings interpreter is fixed.
- Handling Type 42 font deallocation was broken; additionally, the
library is now more robust against malformed Type 42 fonts.
II. MISCELLANEOUS
- Two new functions, `FT_Reference_Library' (in FT_MODULE_H) and
`FT_Reference_Face' (in FT_FREETYPE_H), have been added to
simplify life-cycle management. A counter gets initialized to 1
at the time an FT_Library (or FT_Face) structure is created.
The two new functions increment the respective counter.
`FT_Done_Library' and `FT_Done_Face' then only destroy a library
or face if the counter is 1, otherwise they simply decrement the
counter.
To generate a diff of this commit:
cvs rdiff -u -r1.73 -r1.74 pkgsrc/graphics/freetype2/Makefile
cvs rdiff -u -r1.35 -r1.36 pkgsrc/graphics/freetype2/distinfo
|
|
|
|
security patch
Revisions pulled up:
- pkgsrc/security/gnupg2/Makefile 1.30
- pkgsrc/security/gnupg2/distinfo 1.18
Files added:
pkgsrc/security/gnupg2/patches/patch-an
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Tue Aug 3 19:14:42 UTC 2010
Modified Files:
pkgsrc/security/gnupg2: Makefile distinfo
Added Files:
pkgsrc/security/gnupg2/patches: patch-an
Log Message:
add patch from upstream to fix a possible use-after-free problem
(CVE-2010-2547), bump PKGREVISION
To generate a diff of this commit:
cvs rdiff -u -r1.29 -r1.30 pkgsrc/security/gnupg2/Makefile
cvs rdiff -u -r1.17 -r1.18 pkgsrc/security/gnupg2/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/security/gnupg2/patches/patch-an
|
|
net/lftp: security update
Revisions pulled up:
- net/lftp/Makefile 1.92-1.93
- net/lftp/distinfo 1.53-1.54
- net/lftp/PLIST 1.17
- net/lftp/patches/patch-ab 1.4
- net/lftp/patches/patch-af delete
- net/lftp/patches/patch-ag delete
---
Module Name: pkgsrc
Committed By: pettai
Date: Mon Jul 19 13:12:00 UTC 2010
Modified Files:
pkgsrc/net/lftp: Makefile distinfo
Removed Files:
pkgsrc/net/lftp/patches: patch-af patch-ag
Log Message:
Update to 4.0.4:
* added dnssec support.
* new setting cmd:stifle-rl-history to limit command history size.
* fixed exit code of mget/mput.
* fixed compilation on some systems.
* fixed crash of `cls -s' on MacOS X x64.
* torrent: don't try to connect back to peers which connected to us.
---
Module Name: pkgsrc
Committed By: pettai
Date: Sun Jul 25 21:38:34 UTC 2010
Modified Files:
pkgsrc/net/lftp: Makefile PLIST distinfo
pkgsrc/net/lftp/patches: patch-ab
Log Message:
Version 4.0.9 - 2010-06-10
* torrent: don't try to re-download invalid piece from the same peer.
* added a short lftp.conf(5) man page.
* fixed a problem with zeroed errno.
* fixed status of mget from file: schema.
* fixed a compilation problem on AIX.
Version 4.0.8 - 2010-05-24
* fixed get/mget -c when xfer:clobber is off.
* fixed file verification in pget.
* fixed ftp encoding for servers with LANG but without UTF8 feature.
Version 4.0.7 - 2010-04-29
* make xfer:clobber off by default.
* limit number of attempts to upload a file (net:max-retries).
* handle 426 ftp reply to STOR specially.
* retry FEAT after login even after non-standard 5xx reply.
Version 4.0.6 - 2010-03-25
* use O_EXCL flag when xfer:clobber is off.
* better validation of server-provided file name (CVE-2010-2251).
* new setting xfer:auto-rename (off by default).
* new setting ftp:ssl-copy-sid (for some broken servers).
* fixed CCC ftp command to shutdown SSL connection properly.
* fixed `pget -c' on complete files.
Version 4.0.5 - 2009-12-21
* added support for lighttpd listings.
* fixed sftp rename.
* fixed a core dump on `kill all' with pget.
* fixed interrupting of a torrent with unresponsive tracker.
* Czech translation updated
|
|
|
|
|
|
security patches
Revisions pulled up:
- pkgsrc/graphics/tiff/Makefile 1.97
- pkgsrc/graphics/tiff/distinfo 1.49
Files added:
pkgsrc/graphics/tiff/patches/patch-aa
pkgsrc/graphics/tiff/patches/patch-ab
pkgsrc/graphics/tiff/patches/patch-ac
pkgsrc/graphics/tiff/patches/patch-ad
pkgsrc/graphics/tiff/patches/patch-ae
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Aug 4 17:48:22 UTC 2010
Modified Files:
pkgsrc/graphics/tiff: Makefile distinfo
Added Files:
pkgsrc/graphics/tiff/patches: patch-aa patch-ab patch-ac patch-ad
patch-ae
Log Message:
Add patches from either libtiff's or Red Hat's Bugzilla which fix the
following vulnerabilities:
- CVE-2010-2233
- CVE-2010-2482
- CVE-2010-2483
- CVE-2010-2595
- CVE-2010-2597
There is no patch for CVE-2010-2596 yet. But it is low risk (an assertion
gets triggered) and cannot be exploited after the above vulnerabilities
are fixed (at least if I understood correctly).
No butcher was involved in fixing this package.
To generate a diff of this commit:
cvs rdiff -u -r1.96 -r1.97 pkgsrc/graphics/tiff/Makefile
cvs rdiff -u -r1.48 -r1.49 pkgsrc/graphics/tiff/distinfo
cvs rdiff -u -r0 -r1.19 pkgsrc/graphics/tiff/patches/patch-aa
cvs rdiff -u -r0 -r1.20 pkgsrc/graphics/tiff/patches/patch-ab
cvs rdiff -u -r0 -r1.22 pkgsrc/graphics/tiff/patches/patch-ac
cvs rdiff -u -r0 -r1.16 pkgsrc/graphics/tiff/patches/patch-ad
cvs rdiff -u -r0 -r1.11 pkgsrc/graphics/tiff/patches/patch-ae
|
|
security update
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.50
- pkgsrc/net/wireshark/distinfo 1.33
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Aug 3 20:45:50 UTC 2010
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update "wireshark" package to version 1.2.10. Changes since version 1.2.9:
- Bug Fixes
o The SigComp Universal Decompressor Virtual Machine could
overrun a buffer. (Bug 4867)
Versions affected: 0.10.8 to 1.0.14, 1.2.0 to 1.2.9
CVE-2010-2287
o The GSM A RR dissector could crash. (Bug 4897)
Versions affected: 1.2.2 to 1.2.9
o Due to a regression the ASN.1 BER dissector could overrun the stack.
Versions affected: 0.10.13 to 1.0.14, 1.2.0 to 1.2.9
CVE-2010-2284
o The IPMI dissector could go into an infinite loop.
Versions affected: 1.2.0 to 1.2.9
- The following bugs have been fixed:
o Wireshark crashes after configuring new Information column.
(Bug 4854)
o Crash triggered when changing display filter from right-mouse
pop-up menu via packet-list. (Bug 4860)
o Wireshark crash selecting Inter-Asterisk exchange v2 packet
data. (Bug 4868)
o zlib-1.2.5 cause tshark to stop live capture. (Bug 4916)
o Crash when adding SNMP users. (Bug 4926)
o Wireshark via ssh -X on ipv6 link-local address fails to allow
capture. (Bug 4945)
o OMAPI dissector fails to parse combined initialization
messages. (Bug 4982)
o QUERY_FS_INFO for Macintosh level 0x301 - MacSupportFlags
decodes wrong. (Bug 4993)
o SCSI dissector misidentifies ATA PASSTHROUGH command as ACCESS
CONTROL IN. (Bug 5037)
o Wrong decoding of GTP Prime (GTP') packets. (Bug 5055)
- Updated Protocol Support
ASN.1 BER, GSM A RR, GTP, IAX2, IPMI, OMAPI, PRES, SCSI, SMB, UNISTIM
To generate a diff of this commit:
cvs rdiff -u -r1.49 -r1.50 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.32 -r1.33 pkgsrc/net/wireshark/distinfo
|
|
|
|
www/typo3: security update
Pulled up:
- www/typo3/Makefile patch
- www/typo3/PLIST patch
- www/typo3/distinfo patch
---
Update typo3 package to 4.3.4:
Due to several security issues found in the TYPO3 Core, there was a
combined release of TYPO3 4.1.14, 4.2.14, 4.3.4 and 4.4.1.
Find more details in the security bulletin:
http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-012/
For full change please refer:
http://wiki.typo3.org/index.php/TYPO3_4.3.4#Changelog
|
|
print/gv: security update
Revisions pulled up:
- print/gv/Makefile 1.72-1.73
---
Module Name: pkgsrc
Committed By: obache
Date: Mon Jul 26 14:40:22 UTC 2010
Modified Files:
pkgsrc/print/gv: Makefile
Log Message:
* Also need SIGCHLD-fallback for OpenBSD and DragonFly
* using iconv, so buildlink with libiconv
XXX: but failed to link with libiconv from pkgsrc, bad configure test.
---
Module Name: pkgsrc
Committed By: obache
Date: Mon Jul 26 14:57:51 UTC 2010
Modified Files:
pkgsrc/print/gv: Makefile
Log Message:
Skip iconv_open in libiconv check in configure script.
It always failed with libiconv from pkgsrc.
|
|
|
|
print/gv: security update
Revisions pulled up:
- print/gv/Makefile 1.71
- print/gv/PLIST 1.8
- print/gv/distinfo 1.18
- print/gv/patches/patch-aa 1.15
- print/gv/patches/patch-ab delete
- print/gv/patches/patch-ad delete
- print/gv/patches/patch-ae 1.10
- print/gv/patches/patch-af 1.7
- print/gv/patches/patch-aj 1.1
---
Module Name: pkgsrc
Committed By: obache
Date: Sat Jul 24 08:22:02 UTC 2010
Modified Files:
pkgsrc/print/gv: Makefile PLIST distinfo
pkgsrc/print/gv/patches: patch-aa patch-ae patch-af
Added Files:
pkgsrc/print/gv/patches: patch-aj
Removed Files:
pkgsrc/print/gv/patches: patch-ab patch-ad
Log Message:
Update gv to 3.7.1.
%%%%%%%%%%%%%%%%%%% GV 3.7.1 (June 2010) %%%%%%%%%%%%%%%%%%%%%%%%%%%%%
# Fix bug [bug #30081] gv 3.7.0: unable to print/save pdf files.
%%%%%%%%%%%%%%%%%%% GV 3.7.0 (June 2010) %%%%%%%%%%%%%%%%%%%%%%%%%%%%%
* GV 3.6.91 has been released as GV 3.7.0 with no changes but
some minor code cleanups.
%%%%%%%%%%%%%%%%%%% GV 3.6.91 (June 2010) %%%%%%%%%%%%%%%%%%%%%%%%%%%%%
# Support starting ghostscript from a safe directory.
# ghostscript is started with -P- if SAFER is enabled.
# ghostscript is started with -dSAFER and -dDELAYSAFER for "pdf2dsc"
and "pdf2ps" if safer is enabled
# Minor bugfixes
%%%%%%%%%%%%%%%%%%% GV 3.6.90 (May 2010) %%%%%%%%%%%%%%%%%%%%%%%%%%%%%
# Fix compiling on Mac OS X
# Support for localised user interfaces
%%%%%%%%%%%%%%%%%%% GV 3.6.9 (April 2010) %%%%%%%%%%%%%%%%%%%%%%%%%%%%%
# Bugfix in gv-update-userconfig
%%%%%%%%%%%%%%%%%%% GV 3.6.8.91 (March 2010) %%%%%%%%%%%%%%%%%%%%%%%%%%%%%
# Fixed compiling on Xaw3d 1.5.
%%%%%%%%%%%%%%%%%%% GV 3.6.8.90 (March 2010) %%%%%%%%%%%%%%%%%%%%%%%%%%%%%
# UTF-8 Support. Read the included file README.I18N for details.
%%%%%%%%%%%%%%%%%%% GV 3.6.8 (December 2009) %%%%%%%%%%%%%%%%%%%%%%%%%%%%%
# GV 3.6.7.90 has been released as GV 3.6.8 with no changes
? "Fit to window magnification" and "Fit width to window magnification" with
"Automatic resizing" turned on sometime miss rescaling, especially when
changing the orientation or resizing the window. You can force
rescaling by selecting the active "special" scale in the scales menu.
? Interactive prompting for the password of encrypted PDF files do not work
if and only if DSC is turned off. As a workarouund, you can load the file
with DSC turned on and then turn DSC off.
%%%%%%%%%%%%%%%%%%% GV 3.6.7.90 (December 2009) %%%%%%%%%%%%%%%%%%%%%%%%%%%
# Compilation fix for Mac OS X: Requires --enable-SIGCHLD-fallback during
compilation.
# "Fit height to window magnification" --
currently works best with "Automatic resizing" turned off.
With --scale=-1003, you can access the new scale from the command line.
# Improved handling of filename "-" (which means read document from stdin)
%%%%%%%%%%%%%%%%%%% GV 3.6.7 (March 2009) %%%%%%%%%%%%%%%%%%%%%%%%%%%%%
# GV 3.6.6.92 has been released as GV 3.6.7 with no changes
? "Fit to window magnification" and "Fit width to window magnification" with
"Automatic resizing" turned on sometime miss rescaling, especially when
changing the orientation or resizing the window. You can force
rescaling by selecting the active "special" scale in the scales menu.
? Interactive prompting for the password of encrypted PDF files do not work
if and only if DSC is turned off. As a workarouund, you can load the file
with DSC turned on and then turn DSC off.
%%%%%%%%%%%%%% GV 3.6.6.92 (internal release: March 2009) %%%%%%%%%%%%%%
# Fixed debian bug #516995: Misleading error message when .gv file is not
present [and XUSERFILESEARCHPATH is used]
%%%%%%%%%%%%%%%%%%% GV 3.6.6.91 (February 2009) %%%%%%%%%%%%%%%%%%%%%%%%
# Fixed a bug in switching to presentation mode.
# Fixed reset scrolling position in open dialog when changing directories.
%%%%%%%%%%%%%%%%%%% GV 3.6.6.90 (January 2009) %%%%%%%%%%%%%%%%%%%%%%%%
# TOC can now display more than about 2000 pages (fixes bug #24069).
# File open dialog can now display more than about 2000 files
(fixes ubuntu bug #274767).
# By pressing "Shift-P" or selecting "State/Presentation Mode", you can
open another instance of GNU gv which is in presentation mode.
%%%%%%%%%%%%%%%%%%% GV 3.6.6 (September 2008) %%%%%%%%%%%%%%%%%%%%%%%%
# Updated maintainer's e-mail address, otherwise no changes
%%%%%%%%%%%%%%%%%%% GV 3.6.5.92 (September 2008) %%%%%%%%%%%%%%%%%%%%%
# libzio is now used if available during compile time
%%%%%%%%%%%%%%%%%%% GV 3.6.5.91 (September 2008) %%%%%%%%%%%%%%%%%%%%%
# gv-update-userconfig now offers the options -n resp. -N to switch to an
alternative navigation: After each page switch (except if selected by the
page number) the page is scrolled to the top (if switching forward) resp.
the bottom (if switching backward).
# gv-update-userconfig can remove the resources inserted by -n resp. -N with
the new option -s.
# Support for encrypted PDF files. New command line switch
"--password=PASSWORD" for opening encrypted PDFs. If the password
is not supplied via command line, the user will be asked to enter it.
# Support for files > 2GB on file systems with large file support.
? Interactive prompting for the password of encrypted PDF files do not work
if and only if DSC is turned off. As a workarouund, you can load the file
with DSC turned on and then turn DSC off.
%%%%%%%%%%%%%%%%%%% GV 3.6.5.90 (August 2008) %%%%%%%%%%%%%%%%%%%%%%%%
# the current coordinate can be saved to a file by the z resp. the u key.
See gv.info for details.
# The return key now scrolls through the whole document vertically.
Unlike the space key no horizontal scrolling is performed. The old function
of the return key is still available through the "Page Down" and the "f" key.
# *.ad and *.dat files are installed to $PREFIX/share/gv
# "ERROR:" and "error:" now also trigger the info popup in error mode
# Xinerama support. It can be configured by the "xinerama"-resource.
Its values can be "On", "Off" or "Auto". "Auto" is the default.
# New helper Script "gv-update-userconfig", which is a simple script to
update an .gv config file to the current version of gv.
# Should build on Solaris now using sun studio 11 compiler
%%%%%%%%%%%%%%%%%%% GV 3.6.5 (July 2008) %%%%%%%%%%%%%%%%%%%%%%%%%%%%%
# GV 3.6.4.91 has been released as GV 3.6.5 with no changes
? "Fit to window magnification" and "Fit width to window magnification" with
"Automatic resizing" turned on sometime miss rescaling, especially when
changing the orientation or resizing the window. You can force
rescaling by selecting the active "special" scale in the scales menu.
%%%%%%%%%%%%%%%%%%% GV 3.6.4.91 (June 2008) %%%%%%%%%%%%%%%%%%%%%%%%%%
# ~/.gv now contains the version that has saved that configuration.
%%%%%%%%%%%%%%%%%%% GV 3.6.4.90 (June 2008) %%%%%%%%%%%%%%%%%%%%%%%%%%
* Build-system ensures that the man-page is always up to date
# Fixed some compiler warnings
# Added new widgetless mode, usable via option "--widgetless"
# --help, --usage and --version now work without having an X11 display
# --spartan and --widgetless now use embedded resources. Before this bugfix,
you had to use --style=gv_spartan.dat to use the embedded resource.
# --infoSilent, --infoErrors and --infoAll will control, which ghostscript
messages will lead to an info pop-up window.
The same effect can be reached via a resource "infoVerbose", which values can
be "Silent", "Errors" and "All". It can also be edited via the "gv options"
dialog.
# "Fit to window magnification" and "Fit width to window magnification" --
currently works best with "Automatic resizing" turned off. With --scale=-1000
resp. --scale=-1001, you can access these special scales from the command line.
? "Fit to window magnification" and "Fit width to window magnification" with
"Automatic resizing" turned on sometime miss rescaling, especially when
changing the orientation or resizing the window. You can force
rescaling by selecting the active "special" scale in the scales menu.
# Arbitrary scales are now possible - input them in the gv options dialog
or with --scale=n, where n is a float.
# New fullscreen mode which needs support from the window manager
# New command line switch "--presentation" as a shortcut for
"--fullscreen --noresize --scale=-1000 --widgetless"
%%%%%%%%%%%%%%%%%%% GV 3.6.4 (June 2008) %%%%%%%%%%%%%%%%%%%%%%%%%%%%%
# GV 3.6.3.90 has been released as GV 3.6.4 with no changes
%%%%%%%%%%%%%%%%%%% GV 3.6.3.90 (May 2008) %%%%%%%%%%%%%%%%%%%%%%%%%%%
# DSC parser now respects the level of BeginDocument/EndDocument
# Possible segfault has been fixed
# Fixed bug #21239: Vlist.c produces garbage if International is set
# Fixed bug #21740: popup windows may partly invisible as not on the screen
# The escape key is now working in more contexts
# The filename can optionally be shown insted of the title
# Fixed bug #23199: No error message for errors in opened file
* Got rid of non-free code.
|
|
|
|
security update
Revisions pulled up:
- pkgsrc/net/avahi/Makefile 1.17
- pkgsrc/net/avahi/PLIST 1.5
- pkgsrc/net/avahi/PLIST.pygdbm 1.3
- pkgsrc/net/avahi/PLIST.python 1.4
- pkgsrc/net/avahi/distinfo 1.8
- pkgsrc/net/avahi/options.mk 1.2
- pkgsrc/net/avahi/patches/patch-aa 1.2
- pkgsrc/net/avahi/patches/patch-ab 1.2
- pkgsrc/net/avahi/patches/patch-ac 1.2
- pkgsrc/net/avahi/patches/patch-ad 1.2
- pkgsrc/net/avahi/patches/patch-ae 1.4
- pkgsrc/net/avahi/patches/patch-ag 1.4
- pkgsrc/net/avahi/patches/patch-aj 1.4
- pkgsrc/net/avahi/patches/patch-ah 1.2
- pkgsrc/net/avahi/patches/patch-ai 1.2
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: obache
Date: Sat Jul 24 13:42:12 UTC 2010
Modified Files:
pkgsrc/net/avahi: Makefile PLIST PLIST.pygdbm PLIST.python distinfo
options.mk
pkgsrc/net/avahi/patches: patch-aa patch-ab patch-ac patch-ad patch-ae
patch-ag patch-ah patch-ai patch-aj
Log Message:
Update avahi to 0.6.27.
0.6.27
some build fixes
0.6.26
This is mostly a bugfix release but also fixes a low risk security issue and
adds a couple of minor new features.
* Fix CVE-2010-2244 (Ludwig Nussel)
* Support for Gtk+ 3 and Gtk+ Introspection
* Native systemd socket activation support
* Add systemd service files
* Add various resource control options, for traffic rate limiting as well
as cache size and D-Bus client object limits.
* i18n updates
* Minor other updates
To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 pkgsrc/net/avahi/Makefile
cvs rdiff -u -r1.4 -r1.5 pkgsrc/net/avahi/PLIST
cvs rdiff -u -r1.2 -r1.3 pkgsrc/net/avahi/PLIST.pygdbm
cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/avahi/PLIST.python
cvs rdiff -u -r1.7 -r1.8 pkgsrc/net/avahi/distinfo
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/net/avahi/options.mk
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/net/avahi/patches/patch-aa \
pkgsrc/net/avahi/patches/patch-ab pkgsrc/net/avahi/patches/patch-ac \
pkgsrc/net/avahi/patches/patch-ad
cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/avahi/patches/patch-ae \
pkgsrc/net/avahi/patches/patch-ag pkgsrc/net/avahi/patches/patch-aj
cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/avahi/patches/patch-ah \
pkgsrc/net/avahi/patches/patch-ai
|
|
|
|
|
|
|
|
www/py-paste: security update
Revisions pulled up:
- www/py-paste/Makefile 1.7
- www/py-paste/PLIST 1.5
- www/py-paste/distinfo 1.3
---
Module Name: pkgsrc
Committed By: obache
Date: Mon Jul 26 12:38:42 UTC 2010
Modified Files:
pkgsrc/www/py-paste: Makefile PLIST distinfo
Log Message:
Update py-Paste to 1.7.4.
While here, set LICENSE=mit.
1.7.4
-----
* Fix XSS bug (security issue) with not found handlers for
:class:`paste.urlparser.StaticURLParser` and
:class:`paste.urlmap.URLMap`. If you ask for a path with
``/--><script>...`` that will be inserted in the error page and can
execute Javascript. Reported by Tim Wintle.
* Replaced :func:`paste.util.mimeparse.desired_match`
1.7.3.1
-------
* Removed directory name from 404 errors in
:class:`paste.urlparser.StaticURLParser`.
* Fixed packaging to include Javascript and images for
:mod:`paste.evalexception`
1.7.3
-----
* I got a fever and the only prescription is more :mod:`paste.cowbell`!
* Fix :mod:`paste.httpserver` on Python 2.6.
* Fix :mod:`paste.auth.cookie`, which would insert newlines for long
cookies.
* :mod:`paste.util.mimeparse` parses a single ``*`` in Accept headers
(sent by IE 6).
* Fix some problems with the ``wdg_validate`` middleware.
* Improvements to :mod:`paste.auth.auth_tkt`: add httponly support,
don't always aggressively set cookies without the
``wildcard_cookie`` option. Also on logout, make cookies expire.
* In :class:`paste.proxy.Proxy` handle Content-Length of -1.
* In :mod:`paste.httpexceptions` avoid some unicode errors.
* In :mod:`paste.httpserver` handle ``.read()`` from 100 Continue
properly (because of a typo it was doing a readline).
* Update ``paste.util.mimeparse`` from `upstream
<http://code.google.com/p/mimeparse/>`_.
|
|
security update
Revisions pulled up:
- pkgsrc/www/apache22/Makefile 1.61
- pkgsrc/www/apache22/distinfo 1.34
Files deleted:
pkgsrc/www/apache22/patches/patch-af
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Mon Jul 26 21:38:52 UTC 2010
Modified Files:
pkgsrc/www/apache22: Makefile distinfo
Removed Files:
pkgsrc/www/apache22/patches: patch-af
Log Message:
Update "apache22" package to version 2.2.16. Changes since version 2.2.15:
- SECURITY: CVE-2010-1452 (cve.mitre.org)
mod_dav, mod_cache: Fix Handling of requests without a path segment.
PR: 49246 [Mark Drayton, Jeff Trawick]
- SECURITY: CVE-2010-2068 (cve.mitre.org)
mod_proxy_ajp, mod_proxy_http, mod_reqtimeout: Fix timeout detection
for platforms Windows, Netware and OS2. PR: 49417. [Rainer Jung]
- core: Filter init functions are now run strictly once per request
before handler invocation. The init functions are no longer run
for connection filters. PR 49328. [Joe Orton]
- mod_filter: enable it to act on non-200 responses.
PR 48377 [Nick Kew]
- mod_ldap: LDAP caching was suppressed (and ldap-status handler returns
title page only) when any mod_ldap directives were used in VirtualHost
context. [Eric Covener]
- mod_ssl: Fix segfault at startup if proxy client certs are shared
across multiple vhosts. PR 39915. [Joe Orton]
- mod_proxy_http: Log the port of the remote server in various messages.
PR 48812. [Igor Gali?? <i galic brainsware org>]
- apxs: Fix -A and -a options to ignore whitespace in httpd.conf
[Philip M. Gollucci]
- mod_dir: add FallbackResource directive, to enable admin to specify
an action to happen when a URL maps to no file, without resorting
to ErrorDocument or mod_rewrite. PR 47184 [Nick Kew]
- mod_rewrite: Allow to set environment variables without explicitely
giving a value. [Rainer Jung]
To generate a diff of this commit:
cvs rdiff -u -r1.60 -r1.61 pkgsrc/www/apache22/Makefile
cvs rdiff -u -r1.33 -r1.34 pkgsrc/www/apache22/distinfo
cvs rdiff -u -r1.3 -r0 pkgsrc/www/apache22/patches/patch-af
|
|
|
|
devel/xulrunner: security update
www/firefox: security update
Revisions pulled up:
- devel/xulrunner/dist.mk 1.13
- devel/xulrunner/distinfo 1.35
---
Module Name: pkgsrc
Committed By: tnn
Date: Tue Jul 27 07:58:53 UTC 2010
Modified Files:
pkgsrc/devel/xulrunner: dist.mk distinfo
Log Message:
Update to firefox-3.6.8.
Fixes a heap corruption issue due to free() of garbage pointers when
parsing an invalid <object> tag.
|
|
|
|
mail/dovecot: security update
Revisions pulled up:
- mail/dovecot/Makefile 1.150
- mail/dovecot/PLIST 1.28
- mail/dovecot/distinfo 1.112
---
Module Name: pkgsrc
Committed By: ghen
Date: Sun Jul 25 22:17:20 UTC 2010
Modified Files:
pkgsrc/mail/dovecot: Makefile PLIST distinfo
Log Message:
Update Dovecot to 1.2.13.
This release fixes a bug in ACL plugin, which could be considered a security
bug: If Maildir is used with default settings (INBOX is same as Maildir root
dir) and user set some ACLs to INBOX, those ACLs were copied to all newly
created mailboxes. This should have been done only for "default ACLs", but with
Maildir the INBOX directory is the same as the default ACL directory, so this
mixup happened. This bug exists only in v1.2.x releases.
Other fixes:
- Fixed iconv() crash when it was processing several kilobytes of broken
continuous input. This mainly could have caused a problem with IMAP SEARCH.
Possibly also with some Sieve checks.
- If MIME encoded-words contained line feeds, Dovecot logged cache corruption
errors.
- mbox: Renaming mailbox under newly created dir didn't move index directory.
- mbox: When generating envelope to From_-line, don't append a second
@owndomain if username already has one.
|
|
|