Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
net/quagga: security update
Revisions pulled up:
- net/quagga/Makefile 1.39
- net/quagga/distinfo 1.13
---
Module Name: pkgsrc
Committed By: gdt
Date: Sun Mar 18 01:14:07 UTC 2012
Modified Files:
pkgsrc/net/quagga: Makefile distinfo
Log Message:
Update to 0.99.20.1, a security bugfix release.
Multiple security bugfixes, including one for a BGP DOS.
|
|
|
|
www/contao29: security patch
Revisions pulled up:
- www/contao29/Makefile 1.20
- www/contao29/distinfo 1.12
- www/contao29/patches/patch-system_initialize.php 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Mar 13 03:16:30 UTC 2012
Modified Files:
pkgsrc/www/contao29: Makefile distinfo
Added Files:
pkgsrc/www/contao29/patches: patch-system_initialize.php
Log Message:
Add a little experimental fix to prevent CSRF.
Bump PKGREVISION.
|
|
security/openssl: security update
Revisions pulled up:
- security/openssl/Makefile 1.163
- security/openssl/distinfo 1.86
- security/openssl/patches/patch-asn_mime.c deleted
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Mar 13 03:11:32 UTC 2012
Modified Files:
pkgsrc/security/openssl: Makefile distinfo
Removed Files:
pkgsrc/security/openssl/patches: patch-asn_mime.c
Log Message:
Update openssl pacakge to 0.9.8u.
Changes between 0.9.8t and 0.9.8u [12 Mar 2012]
*) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness
in CMS and PKCS7 code. When RSA decryption fails use a random key for
content decryption and always return the same error. Note: this attack
needs on average 2^20 messages so it only affects automated senders. The
old behaviour can be reenabled in the CMS code by setting the
CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where
an MMA defence is not necessary.
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
[Steve Henson]
*) Fix CVE-2011-4619: make sure we really are receiving a
client hello before rejecting multiple SGC restarts. Thanks to
Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this bug.
[Steve Henson]
|
|
|
|
x11/startup-notification: dependency pattern and build fixes
Revisions pulled up:
- x11/startup-notification/buildlink3.mk 1.13-1.14
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Sat Mar 10 13:31:55 UTC 2012
Modified Files:
pkgsrc/x11/startup-notification: buildlink3.mk
Log Message:
Fix patterns so that pbulk does not try to build startup-notification
on systems where startup-notification010 is needed instead.
Tested by bouyer.
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 pkgsrc/x11/startup-notification/buildlink3.mk
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Sun Mar 11 10:37:51 UTC 2012
Modified Files:
pkgsrc/x11/startup-notification: buildlink3.mk
Log Message:
Make ugly hack even uglier to fix build with modular.
Fixes PR 46171 by David Shao.
To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 pkgsrc/x11/startup-notification/buildlink3.mk
|
|
|
|
textproc/libxml2: security fix and HEAD compatibility
Revisions pulled up:
- textproc/libxml2/Makefile 1.113-1.114
- textproc/libxml2/distinfo 1.88-1.89
- textproc/libxml2/patches/patch-CVE-2012-0841-aa 1.1
- textproc/libxml2/patches/patch-CVE-2012-0841-ab 1.1
- textproc/libxml2/patches/patch-CVE-2012-0841-ac 1.1
- textproc/libxml2/patches/patch-aa 1.24
- textproc/libxml2/patches/patch-ab 1.22
- textproc/libxml2/patches/patch-am 1.1
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Wed Feb 22 11:10:18 UTC 2012
Modified Files:
pkgsrc/textproc/libxml2: Makefile distinfo
pkgsrc/textproc/libxml2/patches: patch-aa patch-ab
Added Files:
pkgsrc/textproc/libxml2/patches: patch-am
Log Message:
build the library thread-aware, i.e. use <pthread.h> but do not
link against libpthread. (It doesn't create threads, just uses
locking.) This seems to be wanted by some applications, eg vlc
issues a warning on startup (with no visible consequences afaict,
but anyway).
I hope this works for other OSes too. If not, we should probably
add support for these cases to mk/pthread.bl3.mk.
bump PKGREV
To generate a diff of this commit:
cvs rdiff -u -r1.112 -r1.113 pkgsrc/textproc/libxml2/Makefile
cvs rdiff -u -r1.87 -r1.88 pkgsrc/textproc/libxml2/distinfo
cvs rdiff -u -r1.23 -r1.24 pkgsrc/textproc/libxml2/patches/patch-aa
cvs rdiff -u -r1.21 -r1.22 pkgsrc/textproc/libxml2/patches/patch-ab
cvs rdiff -u -r0 -r1.1 pkgsrc/textproc/libxml2/patches/patch-am
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Fri Mar 9 12:12:28 UTC 2012
Modified Files:
pkgsrc/textproc/libxml2: Makefile distinfo
Added Files:
pkgsrc/textproc/libxml2/patches: patch-CVE-2012-0841-aa
patch-CVE-2012-0841-ab patch-CVE-2012-0841-ac
Log Message:
Add patch from upstream to add hash randomization.
Without that, (untrusted) input can fill hash buckets uneven, causing
high CPU load. (CVE-2012-0841)
To get a patch which is simple enough to get pulled up to the stable
pkgsrc branch, I've not touched "configure" but just assumed that
the POSIX functions rand(), srand() and time() are present.
bump PKGREV
To generate a diff of this commit:
cvs rdiff -u -r1.113 -r1.114 pkgsrc/textproc/libxml2/Makefile
cvs rdiff -u -r1.88 -r1.89 pkgsrc/textproc/libxml2/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/textproc/libxml2/patches/patch-CVE-2012-0841-aa \
pkgsrc/textproc/libxml2/patches/patch-CVE-2012-0841-ab \
pkgsrc/textproc/libxml2/patches/patch-CVE-2012-0841-ac
|
|
|
|
mk/plist: fix for handling of man pages
Revisions pulled up:
- mk/plist/plist.mk 1.41
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sun Mar 4 08:03:56 UTC 2012
Modified Files:
pkgsrc/mk/plist: plist.mk
Log Message:
Don't strip out "cat" manual pages if the package gets built via "imake".
The settings in "MANINSTALL" don't apply here.
To generate a diff of this commit:
cvs rdiff -u -r1.40 -r1.41 pkgsrc/mk/plist/plist.mk
|
|
|
|
misc/openoffice3: build fix
Revisions pulled up:
- misc/openoffice3/Makefile 1.65 via patch
- misc/openoffice3/patches/patch-bo deleted
---
Module Name: pkgsrc
Committed By: he
Date: Wed Mar 7 15:07:23 UTC 2012
Modified Files:
pkgsrc/misc/openoffice3: Makefile
Removed Files:
pkgsrc/misc/openoffice3/patches: patch-bo
Log Message:
Remove patch-bo, which is indirectly responsible for placing
-R/usr/X11R7/lib early into the link line in extensions/source/plugin/unx/,
creating another instance of "the pixman problem" when trying to build
this package on NetBSD 5.1. It appears that some other part of the
makefile setup for OpenOffice3 is now responsible for inserting the
appropriate -Wl,-R/usr/X11R7/lib into the linker line.
The resulting package has been verify to build and start up, and
fixes PR#46131. Bump pkgrevision.
|
|
|
|
security/openssl: security patch
Revisions pulled up:
- security/openssl/Makefile 1.162
- security/openssl/distinfo 1.85
- security/openssl/patches/patch-asn_mime.c 1.1
---
Module Name: pkgsrc
Committed By: pettai
Date: Mon Mar 5 00:26:55 UTC 2012
Modified Files:
pkgsrc/security/openssl: Makefile distinfo
Added Files:
pkgsrc/security/openssl/patches: patch-asn_mime.c
Log Message:
Add fix for CVE-2006-7250
|
|
mail/imp: security update
Revisions pulled up:
- mail/imp/Makefile 1.58
- mail/imp/distinfo 1.26
---
Module Name: pkgsrc
Committed By: obache
Date: Thu Feb 23 11:04:09 UTC 2012
Modified Files:
pkgsrc/mail/imp: Makefile distinfo
Log Message:
Update imp to 4.3.11.
(while here, set LICENSE=gnu-gpl-v2.)
-------
v4.3.11
-------
[mms] SECURITY: Fix XSS vulnerabilities on the compose page, the contacts popup
window, and with certain IMAP mailbox names.
-------
v4.3.10
-------
[jan] Don't submit the action form when reloading messages with iTip
attachments (Bug #9502).
|
|
www/horde: security update
Revisions pulled up:
- www/horde/Makefile 1.73
- www/horde/PLIST 1.26
- www/horde/distinfo 1.30
---
Module Name: pkgsrc
Committed By: obache
Date: Thu Feb 23 10:34:08 UTC 2012
Modified Files:
pkgsrc/www/horde: Makefile PLIST distinfo
Log Message:
Update horde to 3.3.13.
(while here, set LICENSE=gnu-lgpl-v2, move empty directory handling to PLIST)
-------
v3.3.13
-------
[mms] SECURITY: Fix XSS vulnerability in email form field validation.
[jan] Fix UTF-8 support with Firefox 10 or later.
[jan] Add support for resetting passwords to LDAP driver.
-------
v3.3.12
-------
[jan] Convert charset of group names in SQL driver (Bug #9611).
[jan] Fix deleting of SyncML anchors if PHP short_open_tag is off (Bug #9349).
[jan] Add an experimental new Share SQL driver with better performance.
[jan] Fix integer overflow in ASN.1 parser for S/MIME messages.
[jan] Fix splitread database usage in VFS (Bug #9467).
[jan] Fix invalidating permission cache in SQL driver (Bug #9392).
|
|
|
|
net/p5-Net-Amazon: compatibility update
Revisions pulled up:
- net/p5-Net-Amazon/Makefile 1.10
- net/p5-Net-Amazon/distinfo 1.6
---
Module Name: pkgsrc
Committed By: obache
Date: Fri Feb 10 10:50:45 UTC 2012
Modified Files:
pkgsrc/net/p5-Net-Amazon: Makefile distinfo
Log Message:
Update p5-Net-Amazon to 0.61.
(WSDL older than 2011-08-01 will not be supported after Feb 22, 2012)
0.61 (10/28/2011)
(cb) rt 71937; Amazon now requires an Associate Tag, so enforce usage.
(cb) The ListLookup operation has been removed from the WSDL (from 2010!),
scrub all of the wishlist operations as a result.
(cb) Update to the latest WSDL - 2011-08-01.
|
|
devel/ruby-activesupport3: security patch
devel/ruby-activesupport31: security patch
www/ruby-actionpack3: security patch
www/ruby-actionpack31: security patch
Revisions pulled up:
- devel/ruby-activesupport3/Makefile 1.6
- devel/ruby-activesupport3/distinfo 1.11
- devel/ruby-activesupport3/patches/patch-lib_active__support_core__ext_string_output__safety.rb 1.1
- devel/ruby-activesupport31/Makefile 1.3
- devel/ruby-activesupport31/distinfo 1.2
- devel/ruby-activesupport31/patches/patch-lib_active__support_core__ext_string_output__safety.rb 1.1
- www/ruby-actionpack3/Makefile 1.11
- www/ruby-actionpack3/distinfo 1.11
- www/ruby-actionpack3/patches/patch-lib_action__view_helpers_capture__helper.rb 1.1
- www/ruby-actionpack31/Makefile 1.2
- www/ruby-actionpack31/distinfo 1.2
- www/ruby-actionpack31/patches/patch-lib_action__view_helpers_capture__helper.rb 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Mar 3 04:47:15 UTC 2012
Modified Files:
pkgsrc/devel/ruby-activesupport3: Makefile distinfo
pkgsrc/devel/ruby-activesupport31: Makefile distinfo
pkgsrc/www/ruby-actionpack3: Makefile distinfo
pkgsrc/www/ruby-actionpack31: Makefile distinfo
Added Files:
pkgsrc/devel/ruby-activesupport3/patches:
patch-lib_active__support_core__ext_string_output__safety.rb
pkgsrc/devel/ruby-activesupport31/patches:
patch-lib_active__support_core__ext_string_output__safety.rb
pkgsrc/www/ruby-actionpack3/patches:
patch-lib_action__view_helpers_capture__helper.rb
pkgsrc/www/ruby-actionpack31/patches:
patch-lib_action__view_helpers_capture__helper.rb
Log Message:
Add fix for CVE-2012-1098 to:
devel/ruby-activesupport3
devel/ruby-activesupport31
www/ruby-actionpack3
www/ruby-actionpack31
And bump each PKGREVISION.
|
|
|
|
mail/postfix: build fix
Revisions pulled up:
- mail/postfix/distinfo 1.141
- mail/postfix/patches/patch-ag 1.33
- mail/postfix/patches/patch-ai 1.27
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 27 03:01:30 UTC 2012
Modified Files:
pkgsrc/mail/postfix: distinfo
pkgsrc/mail/postfix/patches: patch-ag patch-ai
Log Message:
Build fix for NetBSD 6.0_BETA.
To generate a diff of this commit:
cvs rdiff -u -r1.140 -r1.141 pkgsrc/mail/postfix/distinfo
cvs rdiff -u -r1.32 -r1.33 pkgsrc/mail/postfix/patches/patch-ag
cvs rdiff -u -r1.26 -r1.27 pkgsrc/mail/postfix/patches/patch-ai
|
|
|
|
lang/perl5: build fix
Revisions pulled up:
- lang/perl5/distinfo 1.82
- lang/perl5/patches/patch-hints_netbsd.sh 1.1
---
Module Name: pkgsrc
Committed By: obache
Date: Fri Feb 17 14:04:01 UTC 2012
Modified Files:
pkgsrc/lang/perl5: distinfo
Added Files:
pkgsrc/lang/perl5/patches: patch-hints_netbsd.sh
Log Message:
Fixes build on NetBSD-6.x, PR 46037.
patch provided by nonaka@.
|
|
|
|
security/putty: security update
security/putty-devel: removed
Revisions pulled up:
- doc/CHANGES-2012 1.565
- security/Makefile 1.426
- security/putty-devel/DESCR deleted
- security/putty-devel/Makefile deleted
- security/putty-devel/PLIST deleted
- security/putty-devel/distinfo deleted
- security/putty-devel/patches/patch-aa deleted
- security/putty-devel/patches/patch-ak deleted
- security/putty-devel/patches/patch-al deleted
- security/putty-devel/patches/patch-am deleted
- security/putty-devel/patches/patch-an deleted
- security/putty-devel/patches/patch-ldisc.c deleted
- security/putty/Makefile 1.23
- security/putty/distinfo 1.10-1.11
- security/putty/options.mk 1.1
- security/putty/patches/patch-aa deleted
- security/putty/patches/patch-ac deleted
- security/putty/patches/patch-ad deleted
- security/putty/patches/patch-ae deleted
- security/putty/patches/patch-af deleted
- security/putty/patches/patch-ag deleted
- security/putty/patches/patch-ai deleted
- security/putty/patches/patch-aj deleted
- security/putty/patches/patch-ak deleted
- security/putty/patches/patch-al deleted
- security/putty/patches/patch-am deleted
- security/putty/patches/patch-an deleted
- security/putty/patches/patch-import.c 1.1
- security/putty/patches/patch-ldisc.c 1.1
- security/putty/patches/patch-terminal.c 1.1
- security/putty/patches/patch-unix_Makefile.gtk 1.1
- security/putty/patches/patch-unix_gtkwin.c 1.1
- security/putty/patches/patch-unix_uxnet.c 1.1
- security/putty/patches/patch-windows_window.c 1.1
---
Module Name: pkgsrc
Committed By: wiz
Date: Wed Feb 22 15:27:17 UTC 2012
Modified Files:
pkgsrc/security/putty: Makefile distinfo
Added Files:
pkgsrc/security/putty: options.mk
pkgsrc/security/putty/patches: patch-import.c patch-terminal.c
patch-unix_Makefile.gtk patch-unix_gtkwin.c patch-unix_uxnet.c
patch-windows_window.c
Removed Files:
pkgsrc/security/putty/patches: patch-aa patch-ac patch-ad patch-ae
patch-af patch-ag patch-ai patch-aj patch-ak patch-al patch-am
patch-an
Log Message:
Update to 0.62, keeping all pkgsrc patches which have not been fed upstream (hi roy! hi rillig!)
2011-12-10 PuTTY 0.62 released
PuTTY 0.62 is out, containing only bug fixes from 0.61, in particular a security fix preventing passwords from being accidentally
retained in memory.
2011-11-27 PuTTY 0.62 pre-release builds available
PuTTY 0.61 had a few noticeable bugs in it (but nothing security-related), so we are planning to make a 0.62 release containing just bug
fixes. The Wishlist page lists the bugs that will be fixed by the 0.62 release. The Download page now contains pre-release snapshots of
0.62, which contain those bug fixes and should be otherwise stable. (The usual development snapshots, containing other development since
0.61, are also still available.)
2011-07-12 PuTTY 0.61 is released
PuTTY 0.61 is out, after over four years (sorry!), with new features, bug fixes, and compatibility updates for Windows 7 and various SSH
server software.
---
Module Name: pkgsrc
Committed By: wiz
Date: Wed Feb 22 15:30:21 UTC 2012
Modified Files:
pkgsrc/security/putty: distinfo
Added Files:
pkgsrc/security/putty/patches: patch-ldisc.c
Log Message:
Add a patch from the putty-devel package (not needed on my -current though)
---
Module Name: pkgsrc
Committed By: wiz
Date: Wed Feb 22 15:31:06 UTC 2012
Modified Files:
pkgsrc/doc: CHANGES-2012
pkgsrc/security: Makefile
Removed Files:
pkgsrc/security/putty-devel: DESCR Makefile PLIST distinfo
pkgsrc/security/putty-devel/patches: patch-aa patch-ak patch-al
patch-am patch-an patch-ldisc.c
Log Message:
Remove putty-devel, older than putty now.
|
|
|
|
meta-pkgs/netbsd-www dependence update
Revisions pulled up:
- meta-pkgs/netbsd-www/Makefile 1.26
---
Module Name: pkgsrc
Committed By: tron
Date: Mon Feb 20 19:59:47 UTC 2012
Modified Files:
pkgsrc/meta-pkgs/netbsd-www: Makefile
Log Message:
Update "netbsd-www" package to version 1.6:
Add more TeX dependences to really allow building the NetBSD website.
|
|
|
|
graphics/png: security update
Revisions pulled up:
- graphics/png/Makefile 1.144-1.146
- graphics/png/distinfo 1.91-1.93
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Sat Feb 18 15:16:59 UTC 2012
Modified Files:
pkgsrc/graphics/png: Makefile distinfo
Added Files:
pkgsrc/graphics/png/patches: patch-CVE-2011-3026
Log Message:
fix possible buffer overflow due to integer overflow in malloc()
size calculation (2011-3026), patch from Chromium via Redhat/Debian
bump PKGREV
To generate a diff of this commit:
cvs rdiff -u -r1.143 -r1.144 pkgsrc/graphics/png/Makefile
cvs rdiff -u -r1.90 -r1.91 pkgsrc/graphics/png/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/graphics/png/patches/patch-CVE-2011-3026
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Sat Feb 18 15:42:57 UTC 2012
Modified Files:
pkgsrc/graphics/png: Makefile distinfo
Removed Files:
pkgsrc/graphics/png/patches: patch-CVE-2011-3026
Log Message:
Update to 1.5.9rc01, which includes the official patch for CVE-2011-3026.
Version 1.5.9beta01 [February 3, 2012]
Rebuilt configure scripts in the tar distributions.
Version 1.5.9beta02 [February 16, 2012]
Removed two unused definitions from scripts/pnglibconf.h.prebuilt
Removed some unused arrays (with #ifdef) from png_read_push_finish_row().
Removed tests for no-longer-used *_EMPTY_PLTE_SUPPORTED from pngstruct.h
Version 1.5.9rc01 [February 17, 2012]
Fixed CVE-2011-3026 buffer overrun bug. Deal more correctly with the test
on iCCP chunk length. Also removed spurious casts that may hide problems
on 16-bit systems.
To generate a diff of this commit:
cvs rdiff -u -r1.144 -r1.145 pkgsrc/graphics/png/Makefile
cvs rdiff -u -r1.91 -r1.92 pkgsrc/graphics/png/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/graphics/png/patches/patch-CVE-2011-3026
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sun Feb 19 09:26:39 UTC 2012
Modified Files:
pkgsrc/graphics/png: Makefile distinfo
Log Message:
Update "libpng" package to version 1.5.9. There are no change since
version 1.5.9rc01 except of the minor detail that you can actually
fetch the distfile.
To generate a diff of this commit:
cvs rdiff -u -r1.145 -r1.146 pkgsrc/graphics/png/Makefile
cvs rdiff -u -r1.92 -r1.93 pkgsrc/graphics/png/distinfo
|
|
|
|
databases/phpmyadmin security update
Revisions pulled up:
- databases/phpmyadmin/Makefile 1.97-1.98
- databases/phpmyadmin/PLIST 1.25
- databases/phpmyadmin/distinfo 1.58-1.59
---
Module Name: pkgsrc
Committed By: tron
Date: Thu Feb 16 20:19:25 UTC 2012
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile PLIST distinfo
Log Message:
Update "phpmyadmin" package to version 3.4.10. Changes since 3.4.9:
- bug #3460090 [interface] TextareaAutoSelect feature broken
- patch #3375984 [export] PHP Array export might generate invalid php code
- bug #3049209 [import] Import from ODS ignores cell that is the same as
cell before
- bug #3463933 [display] SELECT DISTINCT displays wrong total records found
- patch #3458944 [operations] copy table data missing
SET SQL_MODE='NO_AUTO_VALUE_ON_ZERO'
- bug #3469254 [edit] Setting data to NULL and drop-downs
- bug #3477063 [edit] Missing set fields and values in generated INSERT query
- bug #3460867 [libraries] license issue with TCPDF (updated to 5.9.145)
---
Module Name: pkgsrc
Committed By: tron
Date: Sat Feb 18 23:04:45 UTC 2012
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
pdatep "phpmyadmin" package to version 3.4.10.1. Changes since 3.4.10:
- [security] XSS in replication setup, see PMASA-2012-1
|
|
|
|
lang/python25: security patch
lang/python26: security patch
lang/python27: security patch
lang/python31: security patch
Revisions pulled up:
- lang/python25/Makefile 1.37 via patch
- lang/python25/distinfo 1.22
- lang/python25/patches/patch-CVE-2012-0845 1.1
- lang/python26/Makefile 1.45 via patch
- lang/python26/distinfo 1.43
- lang/python26/patches/patch-CVE-2012-0845 1.1
- lang/python27/Makefile 1.11 via patch
- lang/python27/distinfo 1.15
- lang/python27/patches/patch-CVE-2012-0845 1.1
- lang/python31/Makefile 1.6 via patch
- lang/python31/distinfo 1.8
- lang/python31/patches/patch-CVE-2012-0845 1.1
---
Module Name: pkgsrc
Committed By: drochner
Date: Wed Feb 15 12:21:41 UTC 2012
Modified Files:
pkgsrc/lang/python26: Makefile distinfo
Added Files:
pkgsrc/lang/python26/patches: patch-CVE-2012-0845
Log Message:
add patch from Python issue#14001 to fix xmlrpc server endless loop
by malformed request
bump PKGREV
---
Module Name: pkgsrc
Committed By: drochner
Date: Wed Feb 15 16:08:26 UTC 2012
Modified Files:
pkgsrc/lang/python25: Makefile distinfo
pkgsrc/lang/python27: Makefile distinfo
pkgsrc/lang/python31: Makefile distinfo
Added Files:
pkgsrc/lang/python25/patches: patch-CVE-2012-0845
pkgsrc/lang/python27/patches: patch-CVE-2012-0845
pkgsrc/lang/python31/patches: patch-CVE-2012-0845
Log Message:
apply fix for CVE-2012-0845 to other Python versions too
(2.4 is not affected)
|
|
audio/libvorbis: security patch
Revisions pulled up:
- audio/libvorbis/Makefile 1.52
- audio/libvorbis/distinfo 1.21
- audio/libvorbis/patches/patch-CVE-2012-0444 1.1
---
Module Name: pkgsrc
Committed By: drochner
Date: Fri Feb 17 12:23:24 UTC 2012
Modified Files:
pkgsrc/audio/libvorbis: Makefile distinfo
Added Files:
pkgsrc/audio/libvorbis/patches: patch-CVE-2012-0444
Log Message:
add patch from upstream to fix possible memory corruption by
malicious Ogg Vorbis files
bump PKGREV
|
|
|
|
lang/sun-{jre,jdk}6 security update
Revisions pulled up:
- lang/sun-jdk6/Makefile 1.28
- lang/sun-jdk6/PLIST.linux-i386 1.2
- lang/sun-jdk6/PLIST.linux-x86_64 1.2
- lang/sun-jdk6/distinfo 1.17
- lang/sun-jre6/Makefile 1.35
- lang/sun-jre6/PLIST.linux-i386 1.23
- lang/sun-jre6/PLIST.linux-x86_64 1.5
- lang/sun-jre6/distinfo 1.20
- lang/sun-jre6/sfiles-i386.mk 1.6
- lang/sun-jre6/sfiles-x86_64.mk 1.2
---
Module Name: pkgsrc
Committed By: obache
Date: Fri Feb 17 08:16:14 UTC 2012
Modified Files:
pkgsrc/lang/sun-jdk6: Makefile PLIST.linux-i386 PLIST.linux-x86_64
distinfo
pkgsrc/lang/sun-jre6: Makefile PLIST.linux-i386 PLIST.linux-x86_64
distinfo sfiles-i386.mk sfiles-x86_64.mk
Log Message:
Java SE 6 Update 31
* Olson Data 2011l
* Bug Fixes
This release contains fixes for security vulnerabilities. For more information,
see Oracle Java SE Critical Patch Update Advisory.
http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html
|
|
|
|
parsing for L2CAP packets, new parsing for AVCTP and AVRCP
protocols, some endian bugfixes and the archive now contains
the files needed from bluez-libs so we don't need to get that
separately.
|
|
|
|
lang/php5: build fix
Revisions pulled up:
- lang/php5/distinfo 1.92-1.93
- lang/php5/patches/patch-main_streams_cast.c 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Feb 2 15:44:22 UTC 2012
Modified Files:
pkgsrc/lang/php5: distinfo
Added Files:
pkgsrc/lang/php5/patches: patch-main_streams_cast.c
Log Message:
Trying to fix build problem on NetBSD current recently.
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Feb 2 15:47:13 UTC 2012
Modified Files:
pkgsrc/lang/php5: distinfo
Log Message:
Remove none existing patch files.
|
|
|
|
devel/m4: build fixes
Revisions pulled up:
- devel/m4/Makefile 1.66
- devel/m4/distinfo 1.34
- devel/m4/patches/patch-ab 1.12
- devel/m4/patches/patch-ac 1.10
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: christos
Date: Tue Jan 31 00:58:44 UTC 2012
Added Files:
pkgsrc/devel/m4/patches: patch-ab patch-ac
Log Message:
update for new fpos_t
To generate a diff of this commit:
cvs rdiff -u -r0 -r1.12 pkgsrc/devel/m4/patches/patch-ab
cvs rdiff -u -r0 -r1.10 pkgsrc/devel/m4/patches/patch-ac
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: christos
Date: Tue Jan 31 01:00:13 UTC 2012
Modified Files:
pkgsrc/devel/m4: Makefile
Log Message:
bump patchlevel
To generate a diff of this commit:
cvs rdiff -u -r1.65 -r1.66 pkgsrc/devel/m4/Makefile
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: christos
Date: Tue Jan 31 01:12:46 UTC 2012
Modified Files:
pkgsrc/devel/m4: distinfo
Log Message:
update.
To generate a diff of this commit:
cvs rdiff -u -r1.33 -r1.34 pkgsrc/devel/m4/distinfo
|
|
|
|
emulators/qemu: build fix
Revisions pulled up:
- emulators/qemu/Makefile 1.87
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: sbd
Date: Thu Feb 9 22:53:37 UTC 2012
Modified Files:
pkgsrc/emulators/qemu: Makefile
Log Message:
Use the --mandir configure arg to set the manpage directory.
To generate a diff of this commit:
cvs rdiff -u -r1.86 -r1.87 pkgsrc/emulators/qemu/Makefile
|
|
|
|
devel/apr security update
Revisions pulled up:
- devel/apr/Makefile 1.68
- devel/apr/distinfo 1.34
- devel/apr/patches/patch-tables_apr__hash.c 1.1
- devel/apr/patches/patch-test_testhash.c 1.1
---
Module Name: pkgsrc
Committed By: spz
Date: Sat Feb 11 12:44:09 UTC 2012
Modified Files:
pkgsrc/devel/apr: Makefile distinfo
Added Files:
pkgsrc/devel/apr/patches: patch-tables_apr__hash.c
patch-test_testhash.c
Log Message:
fix CVE-2012-0840 with patches taken from the Apache svn
|
|
|
|
Additon of startup-notification010 to x11 SUBDIR list
Revisions pulled up:
- x11/Makefile 1.642
---
Module Name: pkgsrc
Committed By: wiz
Date: Thu Feb 2 11:32:48 UTC 2012
Modified Files:
pkgsrc/x11: Makefile
Log Message:
+ startup-notification010.
|
|
x11/startup-notification010: new package
x11/startup-notification: suport older native X11 via "startup-notification010"
Revisions pulled up:
- x11/startup-notification/buildlink3.mk 1.12
- x11/startup-notification010/Makefile 1.1.1.1
- x11/startup-notification010/DESCR 1.1.1.1
- x11/startup-notification010/distinfo 1.1.1.1
- x11/startup-notification010/PLIST 1.1.1.1
- x11/startup-notification010/patches/patch-aa 1.1.1.1
- x11/startup-notification010/patches/patch-ab 1.1.1.1
---
Module Name: pkgsrc
Committed By: wiz
Date: Thu Feb 2 11:31:33 UTC 2012
Update of /cvsroot/pkgsrc/x11/startup-notification010
In directory ivanova.netbsd.org:/tmp/cvs-serv24369
Log Message:
Initial import of startup-notification-0.10nb1 for NetBSD-5.[0-9], from
Robert Elz.
startup-notification provides mechanisms allowing a desktop environment to
track application startup, to provide user feedback and other features.
This is an older version to allow compatibility with native X11 in
NetBSD 5 and earlier (pre-xcb).
---
Module Name: pkgsrc
Committed By: wiz
Date: Thu Feb 2 11:33:32 UTC 2012
Modified Files:
pkgsrc/x11/startup-notification: buildlink3.mk
Log Message:
On NetBSD<5.99 with native X, use startup-notification010 instead,
which does not use XCB (which is not provided by native X in older
NetBSD releases). From Robert Elz.
|