| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
lang/gawk: build fix
Revisions pulled up:
- lang/gawk/Makefile 1.57
- lang/gawk/PLIST 1.20
- lang/gawk/distinfo 1.25
- lang/gawk/patches/patch-extension_configure 1.1
---
Module Name: pkgsrc
Committed By: bsiegert
Date: Sat Oct 19 19:47:39 UTC 2013
Modified Files:
pkgsrc/lang/gawk: Makefile PLIST distinfo
Added Files:
pkgsrc/lang/gawk/patches: patch-extension_configure
Log Message:
Fix build on MirBSD.
The gawk developers added code to skip building the extensions on MirBSD
but inserted a syntax error. Also skip the extensions in the PLIST on MirBSD.
|
|
|
|
lang/python27: build fix
Revisions pulled up:
- lang/python27/Makefile 1.30
---
Module Name: pkgsrc
Committed By: joerg
Date: Tue Oct 15 20:46:41 UTC 2013
Modified Files:
pkgsrc/lang/python27: Makefile
Log Message:
PowerPC64 is a 64bit platform.
|
|
devel/bmake: build fix
Revisions pulled up:
- devel/bmake/files/util.c 1.12
---
Module Name: pkgsrc
Committed By: joerg
Date: Mon Oct 14 23:19:10 UTC 2013
Modified Files:
pkgsrc/devel/bmake/files: util.c
Log Message:
Workaround for bad Linux headers.
|
|
|
|
www/py-genshi: security update
Revisions pulled up:
- www/py-genshi/Makefile 1.8
- www/py-genshi/distinfo 1.3
---
Module Name: pkgsrc
Committed By: obache
Date: Fri Oct 11 10:54:15 UTC 2013
Modified Files:
pkgsrc/www/py-genshi: Makefile distinfo
Log Message:
Update genshi to 0.6.1.
Version 0.6.1
http://svn.edgewall.org/repos/genshi/tags/0.6.1/
(Jan 27 2013, from branches/stable/0.6.x)
* Security fix to enhance sanitizing of CSS in style attributes. Genshi's
`HTMLSanitizer` disallows style attributes by default (this remains
unchanged) and warns against such attacks in its documentation, but
the provided CSS santizing is now less lacking (see #455).
* Fix for error in how `HTMLFormFiller` would handle `textarea` elements if
no value was not supplied form them.
* The `HTMLFormFiller` now correctly handles check boxes and radio buttons
with an empty `value` attribute.
* Template `Context` objects now have a `.copy` method.
* Added a simple `tox.ini` file for using tox to test against multiple
verions of Python.
* Fix for bug in `QName` comparison (see #413).
* Fix for bug in handling of trailing events in match template matches
(see #399).
* Fix i18n namespace declaration in documentation (see #400).
* Fix for bug in caching of events in serializers by no longer caching
`(TEXT, Markup)` events (see #429).
* Fix handling of `None` by `Markup.escape` in `_speedups.c` (see #439).
* Fix handling of internal state by match templates (relevant when multiple
templates match the same part of the stream, see #370).
* Fix handling of multiple events between or on either side of start and end
tags in translated messages (see #404).
* Fix test failures caused by changes in HTMLParser in Python 2.7 (see #501).
* Fix infinite loop in interplotation lexing that was introduced by a change
in Python 2.7's tokenizer (see #540).
* Fix handling of processing instructions without data (see #368).
* Updated MANIFEST.in so as not to rely on build from Subersion 1.6.
|
|
graphics/png: build fix
Revisions pulled up:
- graphics/png/Makefile 1.163
- graphics/png/distinfo 1.108
---
Module Name: pkgsrc
Committed By: wiz
Date: Mon Sep 30 18:17:03 UTC 2013
Modified Files:
pkgsrc/graphics/png: Makefile distinfo
Log Message:
Update to 1.6.6:
Version 1.6.6 [September 16, 2013]
Removed two stray lines of code from arm/arm_init.c, again.
|
|
sysutils/ruby-rb-appscript: build fix
Revisions pulled up:
- sysutils/ruby-rb-appscript/Makefile 1.4
- sysutils/ruby-rb-appscript/PLIST 1.5
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Oct 1 15:24:02 UTC 2013
Modified Files:
pkgsrc/sysutils/ruby-rb-appscript: Makefile PLIST
Log Message:
Fix build problem and clean up PLIST.
Bump PKGREVISION.
|
|
|
|
graphics/librsvg: security patch
Revisions pulled up:
- graphics/librsvg/Makefile 1.74
- graphics/librsvg/distinfo 1.26
- graphics/librsvg/patches/patch-CVE-2013-1881 1.1
---
Module Name: pkgsrc
Committed By: tez
Date: Thu Oct 3 13:39:13 UTC 2013
Modified Files:
pkgsrc/graphics/librsvg: Makefile distinfo
Added Files:
pkgsrc/graphics/librsvg/patches: patch-CVE-2013-1881
Log Message:
Fix for CVE-2013-1881 (SA55088)
Modified (for portability) from
https://git.gnome.org/browse/librsvg/patch/?id=f01aded72c38f0e18bc7ff67dee800e380251c8e
|
|
|
|
x11/modular-xorg-server: security fix
Revisions pulled up:
- x11/modular-xorg-server/Makefile 1.81
- x11/modular-xorg-server/distinfo 1.52
- x11/modular-xorg-server/patches/patch-dix_dixfonts.c 1.1
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Tue Oct 8 20:33:54 UTC 2013
Modified Files:
pkgsrc/x11/modular-xorg-server: Makefile distinfo
Added Files:
pkgsrc/x11/modular-xorg-server/patches: patch-dix_dixfonts.c
Log Message:
Fix CVE-2013-4396.
From a4d9bf1259ad28f54b6d59a480b2009cc89ca623 Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Mon, 16 Sep 2013 21:47:16 -0700
Subject: [PATCH] Avoid use-after-free in dix/dixfonts.c: doImageText()
Save a pointer to the passed in closure structure before copying it
and overwriting the *c pointer to point to our copy instead of the
original. If we hit an error, once we free(c), reset c to point to
the original structure before jumping to the cleanup code that
references *c.
Since one of the errors being checked for is whether the server was
able to malloc(c->nChars * itemSize), the client can potentially pass
a number of characters chosen to cause the malloc to fail and the
error path to be taken, resulting in the read from freed memory.
Since the memory is accessed almost immediately afterwards, and the
X server is mostly single threaded, the odds of the free memory having
invalid contents are low with most malloc implementations when not using
memory debugging features, but some allocators will definitely overwrite
the memory there, leading to a likely crash.
Reported-by: Pedro Ribeiro <pedrib@gmail.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Julien Cristau <jcristau@debian.org>
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.80 -r1.81 pkgsrc/x11/modular-xorg-server/Makefile
cvs rdiff -u -r1.51 -r1.52 pkgsrc/x11/modular-xorg-server/distinfo
cvs rdiff -u -r0 -r1.1 \
pkgsrc/x11/modular-xorg-server/patches/patch-dix_dixfonts.c
|
|
|
|
www/ap2-subversion: functionality fix
Revisions pulled up:
- www/ap2-subversion/Makefile 1.60
- www/ap2-subversion/PLIST 1.6
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: obache
Date: Sat Oct 5 12:41:57 UTC 2013
Modified Files:
pkgsrc/www/ap2-subversion: Makefile PLIST
Log Message:
Let to install modules into apache libexecdir, same as 1.7.x.
fixes PR pkg/48273
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.59 -r1.60 pkgsrc/www/ap2-subversion/Makefile
cvs rdiff -u -r1.5 -r1.6 pkgsrc/www/ap2-subversion/PLIST
|
|
|
|
security/gnupg2: security update
Revisions pulled up:
- security/gnupg2/Makefile 1.48
- security/gnupg2/distinfo 1.29
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Sat Oct 5 13:20:03 UTC 2013
Modified Files:
pkgsrc/security/gnupg2: Makefile distinfo
Log Message:
Update to 2.0.22:
Noteworthy changes in version 2.0.22 (2013-10-04)
-------------------------------------------------
* Fixed possible infinite recursion in the compressed packet
parser. [CVE-2013-4402]
* Improved support for some card readers.
* Prepared building with the forthcoming Libgcrypt 1.6.
* Protect against rogue keyservers sending secret keys.
To generate a diff of this commit:
cvs rdiff -u -r1.47 -r1.48 pkgsrc/security/gnupg2/Makefile
cvs rdiff -u -r1.28 -r1.29 pkgsrc/security/gnupg2/distinfo
|
|
security/gnupg: security update
Revisions pulled up:
- security/gnupg/Makefile 1.121
- security/gnupg/distinfo 1.62
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Sat Oct 5 13:19:51 UTC 2013
Modified Files:
pkgsrc/security/gnupg: Makefile distinfo
Log Message:
Update to 1.4.15:
Noteworthy changes in version 1.4.15 (2013-10-04)
-------------------------------------------------
* Fixed possible infinite recursion in the compressed packet
parser. [CVE-2013-4402]
* Protect against rogue keyservers sending secret keys.
* Use 2048 bit also as default for batch key generation.
* Minor bug fixes.
To generate a diff of this commit:
cvs rdiff -u -r1.120 -r1.121 pkgsrc/security/gnupg/Makefile
cvs rdiff -u -r1.61 -r1.62 pkgsrc/security/gnupg/distinfo
|
|
|
|
No PKGREVISION bump since this fixes simply PLIST problem on Mac OS X.
|
|
|
|
|
|
Bump PKGREVISION of cyrus-saslauthd.
|
|
can not be detected by pbulk packaging.
The PATH for the icon may not be correct, but this is where upstream
places it (please correct me if unappropriate, thanks).
|
|
|
|
|
|
* Revert previous (PR pkg/48246), it breaks wip/libreoffice4 build.
It measn something goes wrong. More investigation is needed.
|
|
misc/rubygems 2.0.10
lang/ruby193-base 1.9.3p448nb5
lang/ruby200-base 2.0.0p247nb2
|
|
Bump PKGREVISION.
|
|
=== 2.0.10 / 2013-09-24
Security fixes:
* RubyGems 2.1.4 and earlier are vulnerable to excessive CPU usage due to a
backtracking in Gem::Version validation. See CVE-2013-4363 for full details
including vulnerable APIs. Fixed versions include 2.1.5, 2.0.10, 1.8.27 and
1.8.23.2 (for Ruby 1.9.3).
=== 2.0.9 / 2013-09-13
Bug fixes:
* Gem fetch now fetches the newest (not oldest) gem when --version is given.
Issue #643 by Brian Shirai.
* Fixed credential creation for `gem push` when `--host` is not given. Pull
request #622 by Arthur Nogueira Neves
|
|
former.
|
|
|
|
|
|
|
|
|
|
Bump PKGREVISION.
|
|
|
|
Changelog:
What's new in 1.509.3 (2013/09/09)
Standalone install does not work with Apache + mod_proxy_ajp + SSL (issue 5753)
Reload configuration from disk no longer works after upgrade to Jenkins 1.512. (issue 17977)
Build Now link on MultiJob page doesn't work (issue 16974)
Add descriptions for custom tools (issue 18771)
Lazy loading causes massive delays after a period of inactivity when loading dashboard (issue 16023)
NPE running matrix job (issue 18024)
LastSuccessful and LastStable symlinks are invalid under Windows (issue 17681)
IllegalStateException from MavenProject.getParent can break MavenFingerprinter.recordParents (issue 17775)
NPE (isEmpty) from main.groovy (issue 15309)
DependencyClassLoader#getTransitiveDependencies returns disabled plugins (issue 18654)
parameter description don't use MarkupFormatter (issue 18427)
Incompatible signature change in 1.489: AbstractProject.doBuild (issue 18356)
Display Name is not shown (issue 17715)
Fingerprint throws exceptions on 1.518 (issue 18337)
FingerprintAction deserialization leads to NPE (issue 17125)
update view via REST API doesn't work (issue 17302)
MavenModuleSetBuild.getResult is expensive (issue 18895)
Builds disappear from jobs - hudson.util.IOException2: Invalid directory name - java.text.ParseException: Unparseable date: "39" (issue 15587)
Outdated JRuby libs (issue 14351)
Fingerprint performance (issue 16301)
10,000+ jobs tied to a label make Node index page unusably unresponsive (issue 18660)
"Delete Project" link fails with 403 Exception: No valid crumb was included in the request (issue 18032)
Manually uploaded plugins are incorrectly unpacked (issue 4543)
Decorated Launcher Does Not Maintain "isUnix" for RemoteLauncher (issue 18368)
Test harness packs copies of Maven into plugin archive (issue 18918)
All Maven 2 builds fail with java.lang.NoSuchMethodError DigestUtils.md5Hex (issue 18178)
|
|
|
|
* Sync with seamonkey-2.21
|
|
|
|
Changelog:
SeaMonkey-specific changes
Implemented an option to thread messages received by date.
Allowed deletion of news posts by default.
Implemented optional taskbar preview-per-tab.
Added support (permission prompt) for desktop notifications.
Added Isn't operator for searching by Priority.
See the changes page for a more complete overview.
Mozilla platform changes
Support for new scrollbar style on Mac OS X 10.7 and newer.
Accessibility related improvements on using pinned tabs (bug 577727).
Major SVG rendering improvements around Image tiling and scaling (bug 600207).
Removed support for sherlock files that are loaded from application or profile directory.
Support for W3C touch events disabled (bug 888304).
Fixed several stability issues.
Fixed in SeaMonkey 2.21
MFSA 2013-92 GC hazard with default compartments and frame chain restoration
MFSA 2013-91 User-defined properties on DOM proxies get the wrong "this" object
MFSA 2013-90 Memory corruption involving scrolling
MFSA 2013-89 Buffer overflow with multi-column, lists, and floats
MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes
MFSA 2013-85 Uninitialized data in IonMonkey
MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification
MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption
MFSA 2013-81 Use-after-free with select element
MFSA 2013-80 NativeKey continues handling key messages after widget is destroyed
MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning
MFSA 2013-78 Integer overflow in ANGLE library
MFSA 2013-77 Improper state in HTML5 Tree Builder with templates
MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9)
|
|
|
|
|
|
* Prevent to show "Retweet" command for protected account
* Change permanent link for tweets in Activity tab.
* Add icon for Activity.
|
|
|
|
- bug #3993 Sorting in database overview with statistics doesn't work
- bug Handle the situation where PHP_SELF is not set
- bug #4080 Overwrite existing file not obeyed
- bug #3929 Database-specific privileges are not copied when cloning user
- bug #3997 Error handling in case MySQL extension is missing
- bug #4089 Moving Columns will alter column definition
- bug #4091 Insert ignore option does not work
- bug #4090 Downloading BLOB downloads page template
- bug #4092 Clicking on table name in view of information_schema redirects to wrong page
- bug #4079 Copy Table Add AUTO_INCREMENT value checkbox not working
- bug #4088 MySQL server version at index.php incorrect w/ controlhost
- bug #4001 Import error: Class 'ImportOds' not found
- bug #3986 Missing DROP VIEW button
Approved by Thomas Klausner.
|
|
|
|
|
|
* Sync with firefox17-17.0.9
|
