Age | Commit message (Collapse) | Author | Files | Lines |
|
lang/php56: security update
Revisions pulled up:
- lang/php56/Makefile 1.15
- lang/php56/distinfo 1.43
- lang/php/phpversion.mk patch
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Fri Oct 27 08:45:06 UTC 2017
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php56: Makefile distinfo
Log Message:
lang/php56: Update to 5.6.32
* pkgsrc change: remove post-extract which is not required any more.
* including securiy fixes.
26 Sep 2017, PHP 5.6.32
- Date:
. Fixed bug #75055 (Out-Of-Bounds Read in timelib_meridian()). (Derick)
- mcrypt:
. Fixed bug #72535 (arcfour encryption stream filter crashes php). (Leigh)
- PCRE:
. Fixed bug #75207 (applied upstream patch for CVE-2016-1283). (Anatol)
To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 pkgsrc/lang/php56/Makefile
cvs rdiff -u -r1.42 -r1.43 pkgsrc/lang/php56/distinfo
|
|
lang/php71: security update
Revisions pulled up:
- lang/php71/Makefile 1.13
- lang/php71/Makefile.common 1.2
- lang/php71/distinfo 1.28-1.29
- lang/php/phpversion.mk patch
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sun Oct 1 15:50:06 UTC 2017
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php71: distinfo
Log Message:
lang/php71: update to 7.1.10
28 Sep 2017, PHP 7.1.10
- Core:
. Fixed bug #75042 (run-tests.php issues with EXTENSION block). (John Boehr)
- BCMath:
. Fixed bug #44995 (bcpowmod() fails if scale != 0). (cmb)
. Fixed bug #46781 (BC math handles minus zero incorrectly). (cmb)
. Fixed bug #54598 (bcpowmod() may return 1 if modulus is 1). (okano1220, cmb)
. Fixed bug #75178 (bcpowmod() misbehaves for non-integer base or modulus). (cmb)
- CLI server:
. Fixed bug #70470 (Built-in server truncates headers spanning over TCP
packets). (bouk)
- CURL:
. Fixed bug #75093 (OpenSSL support not detected). (Remi)
- GD:
. Fixed bug #75124 (gdImageGrayScale() may produce colors). (cmb)
. Fixed bug #75139 (libgd/gd_interpolation.c:1786: suspicious if ?). (cmb)
- Gettext:
. Fixed bug #73730 (textdomain(null) throws in strict mode). (cmb)
- Intl:
. Fixed bug #75090 (IntlGregorianCalendar doesn't have constants from parent
class). (tpunt)
. Fixed bug #75193 (segfault in collator_convert_object_to_string). (Remi)
- PDO_OCI:
. Fixed bug #74631 (PDO_PCO with PHP-FPM: OCI environment initialized
before PHP-FPM sets it up). (Ingmar Runge)
- SPL:
. Fixed bug #75155 (AppendIterator::append() is broken when appending another
AppendIterator). (Nikita)
. Fixed bug #75173 (incorrect behavior of AppendIterator::append in foreach loop).
(jhdxr)
- Standard:
. Fixed bug #75152 (signed integer overflow in parse_iv). (Laruence)
. Fixed bug #75097 (gethostname fails if your host name is 64 chars long). (Andrea)
To generate a diff of this commit:
cvs rdiff -u -r1.27 -r1.28 pkgsrc/lang/php71/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: jdolecek
Date: Mon Oct 9 21:43:30 UTC 2017
Modified Files:
pkgsrc/lang/php71: Makefile.common
Log Message:
seems we actually don't need the EXTRACT_USING=gtar, apparently
it's been carried over from php 5.x times
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 pkgsrc/lang/php71/Makefile.common
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Fri Oct 27 08:47:49 UTC 2017
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php71: Makefile distinfo
Log Message:
lang/php71: Update to 7.1.11
* pkgsrc change: remove post-extract which is not required any more.
* including securiy fixes.
26 Oct 2017, PHP 7.1.11
- Core:
. Fixed bug #75241 (Null pointer dereference in zend_mm_alloc_small()).
(Laruence)
. Fixed bug #75236 (infinite loop when printing an error-message). (Andrea)
. Fixed bug #75252 (Incorrect token formatting on two parse errors in one
request). (Nikita)
. Fixed bug #75220 (Segfault when calling is_callable on parent).
(andrewnester)
. Fixed bug #75290 (debug info of Closures of internal functions contain
garbage argument names). (Andrea)
- Date:
. Fixed bug #75055 (Out-Of-Bounds Read in timelib_meridian()). (Derick)
- Apache2Handler:
. Fixed bug #75311 (error: 'zend_hash_key' has no member named 'arKey' in
apache2handler). (mcarbonneaux)
- Hash:
. Fixed bug #75303 (sha3 hangs on bigendian). (Remi)
- Intl:
. Fixed bug #75318 (The parameter of UConverter::getAliases() is not
optional). (cmb)
- litespeed:
. Fixed bug #75248 (Binary directory doesn't get created when building
only litespeed SAPI). (petk)
. Fixed bug #75251 (Missing program prefix and suffix). (petk)
- mcrypt:
. Fixed bug #72535 (arcfour encryption stream filter crashes php). (Leigh)
- MySQLi:
. Fixed bug #75018 (Data corruption when reading fields of bit type). (Anatol)
- OCI8:
. Fixed incorrect reference counting. (Dmitry, Tianfang Yang)
- Opcache
. Fixed bug #75255 (Request hangs and not finish). (Dmitry)
- PCRE:
. Fixed bug #75207 (applied upstream patch for CVE-2016-1283). (Anatol)
- PDO_mysql:
. Fixed bug #75177 (Type 'bit' is fetched as unexpected string). (Anatol)
- SPL:
. Fixed bug #73629 (SplDoublyLinkedList::setIteratorMode masks intern flags).
(J. Jeising, cmb)
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 pkgsrc/lang/php71/Makefile
cvs rdiff -u -r1.28 -r1.29 pkgsrc/lang/php71/distinfo
|
|
lang/php70: security update
Revisions pulled up:
- lang/php70/Makefile 1.10
- lang/php70/distinfo 1.38-1.39
- lang/php/phpversion.mk patch
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sun Oct 1 15:48:17 UTC 2017
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php70: distinfo
Log Message:
lang/php70: update to 7.0.24.
28 Sep 2017 PHP 7.0.24
- Core:
. Fixed bug #75042 (run-tests.php issues with EXTENSION block). (John Boehr)
- BCMath:
. Fixed bug #44995 (bcpowmod() fails if scale != 0). (cmb)
. Fixed bug #46781 (BC math handles minus zero incorrectly). (cmb)
. Fixed bug #54598 (bcpowmod() may return 1 if modulus is 1). (okano1220, cmb)
. Fixed bug #75178 (bcpowmod() misbehaves for non-integer base or modulus). (cmb)
- CLI server:
. Fixed bug #70470 (Built-in server truncates headers spanning over TCP
packets). (bouk)
- CURL:
. Fixed bug #75093 (OpenSSL support not detected). (Remi)
- GD:
. Fixed bug #75124 (gdImageGrayScale() may produce colors). (cmb)
. Fixed bug #75139 (libgd/gd_interpolation.c:1786: suspicious if ?). (cmb)
- Gettext:
. Fixed bug #73730 (textdomain(null) throws in strict mode). (cmb)
- Intl:
. Fixed bug #75090 (IntlGregorianCalendar doesn't have constants from parent
class). (tpunt)
. Fixed bug #75193 (segfault in collator_convert_object_to_string). (Remi)
- PDO_OCI:
. Fixed bug #74631 (PDO_PCO with PHP-FPM: OCI environment initialized
before PHP-FPM sets it up). (Ingmar Runge)
- SPL:
. Fixed bug #75173 (incorrect behavior of AppendIterator::append in foreach loop).
(jhdxr)
- Standard:
. Fixed bug #75097 (gethostname fails if your host name is 64 chars long). (Andrea)
To generate a diff of this commit:
cvs rdiff -u -r1.37 -r1.38 pkgsrc/lang/php70/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Fri Oct 27 08:46:49 UTC 2017
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php70: Makefile distinfo
Log Message:
lang/php70: Update to 7.0.25
* pkgsrc change: remove post-extract which is not required any more.
* including securiy fixes.
26 Oct 2017 PHP 7.0.25
- Core:
. Fixed bug #75241 (Null pointer dereference in zend_mm_alloc_small()).
(Laruence)
. Fixed bug #75236 (infinite loop when printing an error-message). (Andrea)
. Fixed bug #75252 (Incorrect token formatting on two parse errors in one
request). (Nikita)
. Fixed bug #75220 (Segfault when calling is_callable on parent).
(andrewnester)
. Fixed bug #75290 (debug info of Closures of internal functions contain
garbage argument names). (Andrea)
- Apache2Handler:
. Fixed bug #75311 (error: 'zend_hash_key' has no member named 'arKey' in
apache2handler). (mcarbonneaux)
- Date:
. Fixed bug #75055 (Out-Of-Bounds Read in timelib_meridian()). (Derick)
- Intl:
. Fixed bug #75318 (The parameter of UConverter::getAliases() is not
optional). (cmb)
- mcrypt:
. Fixed bug #72535 (arcfour encryption stream filter crashes php). (Leigh)
- OCI8:
. Fixed incorrect reference counting. (Dmitry, Tianfang Yang)
- PCRE:
. Fixed bug #75207 (applied upstream patch for CVE-2016-1283). (Anatol)
- litespeed:
. Fixed bug #75248 (Binary directory doesn't get created when building
only litespeed SAPI). (petk)
. Fixed bug #75251 (Missing program prefix and suffix). (petk)
- SPL:
. Fixed bug #73629 (SplDoublyLinkedList::setIteratorMode masks intern flags).
(J. Jeising, cmb)
To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 pkgsrc/lang/php70/Makefile
cvs rdiff -u -r1.38 -r1.39 pkgsrc/lang/php70/distinfo
|
|
devel/ruby-redmine: build fix
meta-pkgs/ruby-redmine-plugins: build fix
meta-pkgs/ruby-redmine-themes: build fix
Revisions pulled up:
- devel/ruby-redmine/Makefile 1.24
- meta-pkgs/ruby-redmine-plugins/Makefile 1.5
- meta-pkgs/ruby-redmine-plugins/Makefile.common 1.3
- meta-pkgs/ruby-redmine-themes/Makefile 1.6
- meta-pkgs/ruby-redmine-themes/Makefile.common 1.4
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Fri Sep 29 13:13:26 UTC 2017
Modified Files:
pkgsrc/devel/ruby-redmine: Makefile
Log Message:
devel/ruby-redmine: Fix usage ofRUBY_VERSIONS_ACCEPTED
Define RUBY_VERSIONS_ACCEPTED before including rubyversion.mk.
Should be fix pbulk problem.
To generate a diff of this commit:
cvs rdiff -u -r1.23 -r1.24 pkgsrc/devel/ruby-redmine/Makefile
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sat Sep 30 15:48:42 UTC 2017
Modified Files:
pkgsrc/meta-pkgs/ruby-redmine-plugins: Makefile Makefile.common
pkgsrc/meta-pkgs/ruby-redmine-themes: Makefile Makefile.common
Log Message:
meta-pkgs/ruby-redmine-*: Restrict ruby's version
Restrict ruby-redmine depending pacakges to ruby22 only.
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 pkgsrc/meta-pkgs/ruby-redmine-plugins/Makefile
cvs rdiff -u -r1.2 -r1.3 \
pkgsrc/meta-pkgs/ruby-redmine-plugins/Makefile.common
cvs rdiff -u -r1.5 -r1.6 pkgsrc/meta-pkgs/ruby-redmine-themes/Makefile
cvs rdiff -u -r1.3 -r1.4 pkgsrc/meta-pkgs/ruby-redmine-themes/Makefile.common
|
|
net/nmap: build fix for nmap with Lua option
Revisions pulled up:
- net/nmap/Makefile 1.137
- net/nmap/options.mk 1.19
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: leot
Date: Thu Oct 19 21:43:25 UTC 2017
Modified Files:
pkgsrc/net/nmap: Makefile options.mk
Log Message:
nmap: set LUA_VERSIONS_ACCEPTED to avoid using internal Lua provided by nmap
Without that change the nmap configure script checks for `lua_isyield'
symbol (appeared on Lua 5.3), and for LUA_VERSION_DEFAULT != 53
(pkgsrc by default set LUA_VERSION_DEFAULT to 52) it will just
silently use its internal version.
Set LUA_VERSIONS_ACCEPTED to 53 to avoid that.
Fix PR pkg/52624 reported by Patrick Mackey.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.136 -r1.137 pkgsrc/net/nmap/Makefile
cvs rdiff -u -r1.18 -r1.19 pkgsrc/net/nmap/options.mk
|
|
bootstrap/bootstrap: build fix
Revisions pulled up:
- bootstrap/bootstrap 1.244
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: bsiegert
Date: Sun Oct 22 19:29:20 UTC 2017
Modified Files:
pkgsrc/bootstrap: bootstrap
Log Message:
Set cwrappers in bootstrap mk.conf too.
When bootstrap is run with --cwrappers=no (or yes, for that matter),
the value is written into mk.conf at the end of the bootstrap but not
used _during_ the bootstrap itself. Thus, when bootstrapping on Linux
with no builtin diffutils, cwrappers ends up indirectly depending on
itself, and there is no way around that. This commit fixes this.
To generate a diff of this commit:
cvs rdiff -u -r1.243 -r1.244 pkgsrc/bootstrap/bootstrap
|
|
audio/lame: security update
Revisions pulled up:
- audio/lame/Makefile 1.80
- audio/lame/distinfo 1.29
- audio/lame/patches/patch-ab 1.11
- audio/lame/patches/patch-configure deleted
- audio/lame/patches/patch-configure.in deleted
- audio/lame/patches/patch-frontend_get__audio.c deleted
- audio/lame/patches/patch-libmp3lame_lame.c deleted
- audio/lame/patches/patch-libmp3lame_util.c deleted
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Sat Oct 21 22:51:00 UTC 2017
Modified Files:
pkgsrc/audio/lame: Makefile distinfo
pkgsrc/audio/lame/patches: patch-ab
Removed Files:
pkgsrc/audio/lame/patches: patch-configure patch-configure.in
patch-frontend_get__audio.c patch-libmp3lame_lame.c
patch-libmp3lame_util.c
Log Message:
lame: update to 3.100.
Many bug fixes and security fixes.
To generate a diff of this commit:
cvs rdiff -u -r1.79 -r1.80 pkgsrc/audio/lame/Makefile
cvs rdiff -u -r1.28 -r1.29 pkgsrc/audio/lame/distinfo
cvs rdiff -u -r1.10 -r1.11 pkgsrc/audio/lame/patches/patch-ab
cvs rdiff -u -r1.3 -r0 pkgsrc/audio/lame/patches/patch-configure
cvs rdiff -u -r1.1 -r0 pkgsrc/audio/lame/patches/patch-configure.in \
pkgsrc/audio/lame/patches/patch-frontend_get__audio.c \
pkgsrc/audio/lame/patches/patch-libmp3lame_lame.c \
pkgsrc/audio/lame/patches/patch-libmp3lame_util.c
|
|
|
|
net/wget: security patch
Revisions pulled up:
- net/wget/Makefile 1.136
- net/wget/distinfo 1.55
- net/wget/patches/patch-CVE-2017-13089 1.1
- net/wget/patches/patch-CVE-2017-13090 1.1
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tez
Date: Thu Oct 26 15:01:39 UTC 2017
Modified Files:
pkgsrc/net/wget: Makefile distinfo
Added Files:
pkgsrc/net/wget/patches: patch-CVE-2017-13089 patch-CVE-2017-13090
Log Message:
wget: patches for CVE-2017-13089 and CVE-2017-13090
To generate a diff of this commit:
cvs rdiff -u -r1.135 -r1.136 pkgsrc/net/wget/Makefile
cvs rdiff -u -r1.54 -r1.55 pkgsrc/net/wget/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/net/wget/patches/patch-CVE-2017-13089 \
pkgsrc/net/wget/patches/patch-CVE-2017-13090
|
|
shells/fish: build fix
Revisions pulled up:
- shells/fish/Makefile 1.12
- shells/fish/distinfo 1.9
- shells/fish/patches/patch-configure.ac 1.1
- shells/fish/patches/patch-src_fallback.cpp 1.1
- shells/fish/patches/patch-src_fallback.h 1.1
- shells/fish/patches/patch-src_output.cpp 1.1
- shells/fish/patches/patch-src_output.h 1.1
- shells/fish/patches/patch-src_screen.cpp 1.1
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: maya
Date: Tue Oct 24 03:51:41 UTC 2017
Modified Files:
pkgsrc/shells/fish: Makefile distinfo
Added Files:
pkgsrc/shells/fish/patches: patch-configure.ac patch-src_fallback.cpp
patch-src_fallback.h patch-src_output.cpp patch-src_output.h
patch-src_screen.cpp
Log Message:
fish: add patches from pkgsrc-wip reported to fix build with clang
force ncurses because auto-completion is broken with netbsd curses.
bump pkgrevision
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 pkgsrc/shells/fish/Makefile
cvs rdiff -u -r1.8 -r1.9 pkgsrc/shells/fish/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/shells/fish/patches/patch-configure.ac \
pkgsrc/shells/fish/patches/patch-src_fallback.cpp \
pkgsrc/shells/fish/patches/patch-src_fallback.h \
pkgsrc/shells/fish/patches/patch-src_output.cpp \
pkgsrc/shells/fish/patches/patch-src_output.h \
pkgsrc/shells/fish/patches/patch-src_screen.cpp
|
|
chat/irssi: security update
chat/irssi-icb: security update
chat/irssi-xmpp: security update
Revisions pulled up:
- chat/irssi-icb/distinfo 1.31
- chat/irssi-xmpp/distinfo 1.13
- chat/irssi/Makefile.common 1.25
- chat/irssi/distinfo 1.44
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: maya
Date: Mon Oct 23 15:08:24 UTC 2017
Modified Files:
pkgsrc/chat/irssi: Makefile.common distinfo
pkgsrc/chat/irssi-icb: distinfo
pkgsrc/chat/irssi-xmpp: distinfo
Log Message:
irssi: update to 1.0.5
- Fix missing -sasl_method '' in /NETWORK (#718, #719).
- Fix incorrect restoration of term state when hitting SUSP
inside screen (#737, #733).
- Fix out of bounds read when compressing colour
sequences. Found by Hanno B?ck (GL#12, GL!18).
- Fix use after free condition during a race condition when
waiting on channel sync during a rejoin (GL#13, GL!19).
- Fix null pointer dereference when parsing certain malformed
CTCP DCC messages (GL#14, GL!20).
- Fix crash due to null pointer dereference when failing to
split messages due to overlong nick or target (GL#15, GL!21).
- Fix out of bounds read when trying to skip a safe channel ID
without verifying that the ID is long enough (GL#16, GL!22).
- Fix return of random memory when inet_ntop failed (#769).
- Minor statusbar help update. By Robert Bisewski (#758,
#763).
Security advisory: https://irssi.org/security/irssi_sa_2017_10.txt
To generate a diff of this commit:
cvs rdiff -u -r1.24 -r1.25 pkgsrc/chat/irssi/Makefile.common
cvs rdiff -u -r1.43 -r1.44 pkgsrc/chat/irssi/distinfo
cvs rdiff -u -r1.30 -r1.31 pkgsrc/chat/irssi-icb/distinfo
cvs rdiff -u -r1.12 -r1.13 pkgsrc/chat/irssi-xmpp/distinfo
|
|
graphics/ImageMagick: security update
Revisions pulled up:
- graphics/ImageMagick/Makefile.common 1.157
- graphics/ImageMagick/PLIST 1.98
- graphics/ImageMagick/distinfo 1.173
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tez
Date: Tue Oct 10 19:47:50 UTC 2017
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile.common PLIST distinfo
Log Message:
ImageMagick: update to 7.0.7.7
2017-10-07 7.0.7-7 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.7-7, GIT revision 21432:29003eeed:20171007.
2017-10-06 7.0.7-7 Cristy <quetzlzacatenango@image...>
* Correct handling of GIF transparency (reference
https://github.com/ImageMagick/ImageMagick/issues/831).
2017-10-04 7.0.7-6 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.7-6, GIT revision 21426:0a1cb507b:20171004.
2017-10-03 7.0.7-6 Cristy <quetzlzacatenango@image...>
* Reset the magick_list_initialized boolean when needed (reference
https://github.com/ImageMagick/ImageMagick/pull/826).
2017-10-02 7.0.7-6 Cristy <quetzlzacatenango@image...>
* Reset the magick_list_initialized boolean when needed (reference
https://github.com/ImageMagick/ImageMagick/pull/826).
2017-10-01 7.0.7-5 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.7-5, GIT revision 21382:3846f9d97:20171001.
2017-09-28 7.0.7-5 Cristy <quetzlzacatenango@image...>
* Fixed numerous memory leaks (reference
https://github.com/ImageMagick/ImageMagick/issues).
* Support URW-base35 fonts.
2017-09-26 7.0.7-5 Glenn Randers-Pehrson <glennrp@image...>
* Removed "ping_preserve_iCCP=MagickTrue;" statement that was inadvertently
added to coders/png.c (reference
http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t2771).
2017-09-23 7.0.7-4 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.7-4, GIT revision 21265:bdbc14590:20170923.
2017-09-23 7.0.7-4 Cristy <quetzlzacatenango@image...>
* Fixed numerous memory leaks (reference
https://github.com/ImageMagick/ImageMagick/pull/763).
2017-09-17 7.0.7-3 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.7-3, GIT revision 21202:6e6907ac7:20170917.
2017-09-17 7.0.7-3 ADLab of Venustech
* Fixed numerous memory leaks (reference
https://github.com/ImageMagick/ImageMagick/pull/763).
2017-09-15 7.0.7-3 Glenn Randers-Pehrson <glennrp@image...>
* Stop potential leaks in the JNG decoder (reference:
https://github.com/ImageMagick/ImageMagick/issues/760).
* Maximum valid hour is 23, not 24, in the PNG tIME chunk, and maximum
valid minute is 59, not 60.
To generate a diff of this commit:
cvs rdiff -u -r1.156 -r1.157 pkgsrc/graphics/ImageMagick/Makefile.common
cvs rdiff -u -r1.97 -r1.98 pkgsrc/graphics/ImageMagick/PLIST
cvs rdiff -u -r1.172 -r1.173 pkgsrc/graphics/ImageMagick/distinfo
|
|
|
|
x11/libXfont: security fix
Revisions pulled up:
- x11/libXfont/Makefile 1.37
- x11/libXfont/distinfo 1.29
---
Module Name: pkgsrc
Committed By: wiz
Date: Thu Oct 19 23:29:46 UTC 2017
Modified Files:
pkgsrc/x11/libXfont: Makefile distinfo
Log Message:
libXfont: update to 1.5.3.
Matt Turner (1):
libXfont 1.5.3
Michal Srb (2):
Check for end of string in PatternMatch (CVE-2017-13720)
pcfGetProperties: Check string boundaries (CVE-2017-13722)
|
|
print/mupdf: bugfix
Revisions pulled up:
- print/mupdf/Makefile 1.53
- print/mupdf/distinfo 1.37
- print/mupdf/patches/patch-source_fitz_load-jpx.c 1.6
---
Module Name: pkgsrc
Committed By: leot
Date: Thu Oct 19 20:32:07 UTC 2017
Modified Files:
pkgsrc/print/mupdf: Makefile distinfo
pkgsrc/print/mupdf/patches: patch-source_fitz_load-jpx.c
Log Message:
mupdf: Fix possible segfaults when calling opj_free()
With graphics/openjpeg (at least 2.2.0 and 2.3.0) mupdf can crashes when
calling opj_free().
Adapt a patch from OpenBSD ports
textproc/mupdf/patch-source_fitz_load-jpx_c,v 1.5 that fixes this issue.
Bump PKGREVISION
|
|
|
|
lang/g95: Linux build fix
Revisions pulled up:
- lang/g95/Makefile 1.29
---
Module Name: pkgsrc
Committed By: maya
Date: Wed Oct 18 09:38:23 UTC 2017
Modified Files:
pkgsrc/lang/g95: Makefile
Log Message:
g95: fix build on linux
force passing asprintf test which is incorrectly not found due to FORTIFY
pass LIBRARY_PATH so crtn.o and crti.o are found on Ubuntu & friends
Note many reporters need to install g++-multilib as a package to overcome
the errors they reported in the bugs (missing <sys/cdefs.h>)
PR pkg/51198, PR pkg/51690, PR pkg/52116
|
|
|
|
|
|
multimedia/adobe-flash-player: security update
Revisions pulled up:
- multimedia/adobe-flash-player/Makefile 1.11
- multimedia/adobe-flash-player/distinfo 1.11
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tsutsui
Date: Tue Oct 17 13:52:29 UTC 2017
Modified Files:
pkgsrc/multimedia/adobe-flash-player: Makefile distinfo
Log Message:
adobe-flash-player: update to 27.0.0.170.
Upstream announcement:
https://helpx.adobe.com/security/products/flash-player/apsb17-32.html
Adobe Security Bulletin
Summary
Adobe has released a security update for Adobe Flash Player for Windows,
Macintosh, Linux and Chrome OS. This update addresses a critical type
confusion vulnerability that could lead to code execution.
Adobe is aware of a report that an exploit for CVE-2017-11292 exists
in the wild, and is being used in limited, targeted attacks against
users running Windows.
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 pkgsrc/multimedia/adobe-flash-player/Makefile \
pkgsrc/multimedia/adobe-flash-player/distinfo
|
|
sysutils/consul: security update
Revisions pulled up:
- sysutils/consul/Makefile 1.23
- sysutils/consul/distinfo 1.18
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: fhajny
Date: Tue Oct 17 11:39:57 UTC 2017
Modified Files:
pkgsrc/sysutils/consul: Makefile distinfo
Log Message:
Update sysutils/consul to 1.0.0
SECURITY:
- Fixed an XSS issue with Consul's built-in web UI where node names
were not being properly escaped.
BREAKING CHANGES:
- Raft Protocol Now Defaults to 3
- Config Files Require an Extension
- Deprecated Options Have Been Removed
- `statsite_prefix` Renamed to `metrics_prefix`
- `advertise_addrs` Removed
- Escaping Behavior Changed for go-discover Configs
- HTTP Verbs are Enforced in Many HTTP APIs
- Unauthorized KV Requests Return 403
- Config Section of Agent Self Endpoint has Changed
- Deprecated `configtest` Command Removed
- Undocumented Flags in `validate` Command Removed
- Metric Names Updated
- Checks Validated On Agent Startup
FEATURES:
- Support for HCL Config Files
- Support for Binding to Multiple Addresses
- Support for RFC1434 DNS TXT records
- Support for Running Subproccesses Directly Without a Shell
- Sentinel Integration
IMPROVEMENTS:
- agent: Added support to detect public IPv4 and IPv6 addresses on
AWS.
- agent: Improved /v1/operator/raft/configuration endpoint which
allows Consul to avoid an extra agent RPC call for the `consul
operator raft list-peers` command.
- agent: Improved ACL system for the KV store to support list
permissions. This behavior can be opted in. For more information,
see the ACL Guide].
- agent: Updates miekg/dns library to later version to pick up bug
fixes and improvements.
- agent: Added automatic retries to the RPC path, and a brief RPC
drain time when servers leave. These changes make Consul more robust
during graceful leaves of Consul servers, such as during upgrades, and
help shield applications from "no leader" errors. These are configured
with new `performance` options.
- agent: Added a new `discard_check_output` agent-level configuration
option that can be used to trade off write load to the Consul
servers vs. visibility of health check output. This is reloadable so
it can be toggled without fully restarting the agent.
- api: Updated the API client to ride out network errors when
monitoring locks and semaphores.
- build: Updated Go toolchain to version 1.9.1.
- cli: `consul lock` and `consul watch` commands will forward `TERM`
and `KILL` signals to their child subprocess.
- cli: Added support for autocompletion].
- server: Updated BoltDB to final version 1.3.1.
- server: Improved dead member reap algorithm to fix edge cases where
servers could get left behind.
BUG FIXES:
- agent: Fixed an issue where disabling both the http and https
interfaces would cause a watch-related error on agent startup, even
when no watches were defined.
- agent: Added an additional step to kill health check scripts that
timeout on all platforms except Windows, and added a wait so that
it's not possible to run multiple instances of the same health check
script at the same time.
- cli: If the `consul operator raft list-peers` command encounters an
error it will now exit with a non-zero exit code.
- cli: CLI commands will now show help for all of their arguments.
- server: Fixed an issue where the leader server could get into a
state where it was no longer performing the periodic leader loop
duties and unable to serve consistent reads after a barrier timeout
error.
Full (unabridged) changelog:
https://github.com/hashicorp/consul/blob/v1.0.0/CHANGELOG.md
To generate a diff of this commit:
cvs rdiff -u -r1.22 -r1.23 pkgsrc/sysutils/consul/Makefile
cvs rdiff -u -r1.17 -r1.18 pkgsrc/sysutils/consul/distinfo
|
|
sysutils/xenkernel46, sysutils/xentools46: security fix
Revisions pulled up:
- sysutils/xenkernel46/MESSAGE 1.2
- sysutils/xenkernel46/Makefile 1.14
- sysutils/xenkernel46/distinfo 1.10
- sysutils/xenkernel46/patches/patch-XSA-212 deleted
- sysutils/xenkernel46/patches/patch-XSA226 1.1
- sysutils/xenkernel46/patches/patch-XSA227 1.1
- sysutils/xenkernel46/patches/patch-XSA228 1.1
- sysutils/xenkernel46/patches/patch-XSA230 1.1
- sysutils/xenkernel46/patches/patch-XSA231 1.1
- sysutils/xenkernel46/patches/patch-XSA232 1.1
- sysutils/xenkernel46/patches/patch-XSA234 1.1
- sysutils/xenkernel46/patches/patch-XSA237 1.1
- sysutils/xenkernel46/patches/patch-XSA238 1.1
- sysutils/xenkernel46/patches/patch-XSA239 1.1
- sysutils/xenkernel46/patches/patch-XSA240 1.1
- sysutils/xenkernel46/patches/patch-XSA241 1.1
- sysutils/xenkernel46/patches/patch-XSA242 1.1
- sysutils/xenkernel46/patches/patch-XSA243 1.1
- sysutils/xenkernel46/patches/patch-XSA244 1.1
- sysutils/xentools46/Makefile 1.21
- sysutils/xentools46/distinfo 1.9
- sysutils/xentools46/patches/patch-XSA-211-1 deleted
- sysutils/xentools46/patches/patch-XSA-211-2 deleted
- sysutils/xentools46/patches/patch-XSA228 1.1
- sysutils/xentools46/patches/patch-XSA233 1.1
- sysutils/xentools46/patches/patch-XSA240 1.1
- sysutils/xentools46/version.mk 1.3
---
Module Name: pkgsrc
Committed By: bouyer
Date: Tue Oct 17 10:57:35 UTC 2017
Modified Files:
pkgsrc/sysutils/xenkernel46: MESSAGE Makefile distinfo
pkgsrc/sysutils/xentools46: Makefile distinfo version.mk
Added Files:
pkgsrc/sysutils/xenkernel46/patches: patch-XSA226 patch-XSA227
patch-XSA228 patch-XSA230 patch-XSA231 patch-XSA232 patch-XSA234
patch-XSA237 patch-XSA238 patch-XSA239 patch-XSA240 patch-XSA241
patch-XSA242 patch-XSA243 patch-XSA244
pkgsrc/sysutils/xentools46/patches: patch-XSA228 patch-XSA233
patch-XSA240
Removed Files:
pkgsrc/sysutils/xenkernel46/patches: patch-XSA-212
pkgsrc/sysutils/xentools46/patches: patch-XSA-211-1 patch-XSA-211-2
Log Message:
Update xen*46 to 4.6.6, including fixes up to XSA244.
changes since Xen 4.6.5: mostly bug fixes, including security fixes
for XSA206, XSA211 to XSA244.
PKGREVISION set to 1 to account for the fact that it's not a stock Xen 4.6.6.
Note that, unlike upstream, pv-linear-pt defaults to true, so that
NetBSD PV guests (including dom0) will continue to boot without changes
to boot.cfg
|
|
sysutils/xenkernel48, sysutils/xentools48: security fix
Revisions pulled up:
- sysutils/xenkernel48/MESSAGE 1.2
- sysutils/xenkernel48/Makefile 1.6
- sysutils/xenkernel48/distinfo 1.3
- sysutils/xenkernel48/patches/patch-XSA-212 deleted
- sysutils/xenkernel48/patches/patch-XSA231 1.1
- sysutils/xenkernel48/patches/patch-XSA232 1.1
- sysutils/xenkernel48/patches/patch-XSA234 1.1
- sysutils/xenkernel48/patches/patch-XSA237 1.1
- sysutils/xenkernel48/patches/patch-XSA238 1.1
- sysutils/xenkernel48/patches/patch-XSA239 1.1
- sysutils/xenkernel48/patches/patch-XSA240 1.1
- sysutils/xenkernel48/patches/patch-XSA241 1.1
- sysutils/xenkernel48/patches/patch-XSA242 1.1
- sysutils/xenkernel48/patches/patch-XSA243 1.1
- sysutils/xenkernel48/patches/patch-XSA244 1.1
- sysutils/xentools48/Makefile 1.8
- sysutils/xentools48/distinfo 1.4
- sysutils/xentools48/patches/patch-XSA-211-1 deleted
- sysutils/xentools48/patches/patch-XSA-211-2 deleted
- sysutils/xentools48/patches/patch-XSA233 1.1
- sysutils/xentools48/patches/patch-XSA240 1.1
---
Module Name: pkgsrc
Committed By: bouyer
Date: Tue Oct 17 08:42:30 UTC 2017
Modified Files:
pkgsrc/sysutils/xenkernel48: MESSAGE Makefile distinfo
pkgsrc/sysutils/xentools48: Makefile distinfo
Added Files:
pkgsrc/sysutils/xenkernel48/patches: patch-XSA231 patch-XSA232
patch-XSA234 patch-XSA237 patch-XSA238 patch-XSA239 patch-XSA240
patch-XSA241 patch-XSA242 patch-XSA243 patch-XSA244
pkgsrc/sysutils/xentools48/patches: patch-XSA233 patch-XSA240
Removed Files:
pkgsrc/sysutils/xenkernel48/patches: patch-XSA-212
pkgsrc/sysutils/xentools48/patches: patch-XSA-211-1 patch-XSA-211-2
Log Message:
Update xentools48 and xenkernel48 to 4.8.2, and apply security patches up
to XSA244. Keep PKGREVISION to 1 to account for the fact that it's
not a stock Xen 4.8.2.
Note that, unlike upstream, pv-linear-pt defaults to true, so that
NetBSD PV guests (including dom0) will continue to boot without changes
to boot.cfg
|
|
|
|
net/wpa_supplicant: security patch
Revisions pulled up:
- net/wpa_supplicant/Makefile 1.18
- net/wpa_supplicant/distinfo 1.10
- net/wpa_supplicant/patches/patch-src_ap_ieee802__11.c 1.1
- net/wpa_supplicant/patches/patch-src_ap_wpa__auth.c 1.1
- net/wpa_supplicant/patches/patch-src_ap_wpa__auth.h 1.1
- net/wpa_supplicant/patches/patch-src_ap_wpa__auth__ft.c 1.1
- net/wpa_supplicant/patches/patch-src_ap_wpa__auth__i.h 1.1
- net/wpa_supplicant/patches/patch-src_common_wpa__common.h 1.1
- net/wpa_supplicant/patches/patch-src_rsn__supp_tdls.c 1.1
- net/wpa_supplicant/patches/patch-src_rsn__supp_wpa.c 1.1
- net/wpa_supplicant/patches/patch-src_rsn__supp_wpa__ft.c 1.1
- net/wpa_supplicant/patches/patch-src_rsn__supp_wpa__i.h 1.1
- net/wpa_supplicant/patches/patch-wpa__supplicant_wnm__sta.c 1.1
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: maya
Date: Mon Oct 16 10:26:21 UTC 2017
Modified Files:
pkgsrc/net/wpa_supplicant: Makefile distinfo
Added Files:
pkgsrc/net/wpa_supplicant/patches: patch-src_ap_ieee802__11.c
patch-src_ap_wpa__auth.c patch-src_ap_wpa__auth.h
patch-src_ap_wpa__auth__ft.c patch-src_ap_wpa__auth__i.h
patch-src_common_wpa__common.h patch-src_rsn__supp_tdls.c
patch-src_rsn__supp_wpa.c patch-src_rsn__supp_wpa__ft.c
patch-src_rsn__supp_wpa__i.h patch-wpa__supplicant_wnm__sta.c
Log Message:
wpa_supplicant: apply upstream patch for security advisory
Patches from Juoni Malinen and Mathy Vanhoef.
Fixes:
- CVE-2017-13077
- CVE-2017-13078
- CVE-2017-13079
- CVE-2017-13080
- CVE-2017-13081
- CVE-2017-13082
- CVE-2017-13086
- CVE-2017-13087
- CVE-2017-13088
Tested by leot, thanks!
Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
Do not reinstall TK to the driver during Reassociation Response frame
processing if the first attempt of setting the TK succeeded. This avoids
issues related to clearing the TX/RX PN that could result in reusing
same PN values for transmitted frames (e.g., due to CCM nonce reuse and
also hitting replay protection on the receiver) and accepting replayed
frames on RX side.
This issue was introduced by the commit
0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
authenticator') which allowed wpa_ft_install_ptk() to be called multiple
times with the same PTK. While the second configuration attempt is
needed with some drivers, it must be done only if the first attempt
failed.
Subject: [PATCH 2/8] Prevent reinstallation of an already in-use group key
Track the current GTK and IGTK that is in use and when receiving a
(possibly retransmitted) Group Message 1 or WNM-Sleep Mode Response, do
not install the given key if it is already in use. This prevents an
attacker from trying to trick the client into resetting or lowering the
sequence counter associated to the group key.
Subject: [PATCH 3/8] Extend protection of GTK/IGTK reinstallation of WNM-Sleep
Mode cases
This extends the protection to track last configured GTK/IGTK value
separately from EAPOL-Key frames and WNM-Sleep Mode frames to cover a
corner case where these two different mechanisms may get used when the
GTK/IGTK has changed and tracking a single value is not sufficient to
detect a possible key reconfiguration.
Subject: [PATCH 4/8] Prevent installation of an all-zero TK
Properly track whether a PTK has already been installed to the driver
and the TK part cleared from memory. This prevents an attacker from
trying to trick the client into installing an all-zero TK.
This fixes the earlier fix in commit
ad00d64e7d8827b3cebd665a0ceb08adabf15e1e ('Fix TK configuration to the
driver in EAPOL-Key 3/4 retry case') which did not take into account
possibility of an extra message 1/4 showing up between retries of
message 3/4.
Subject: [PATCH 5/8] Fix PTK rekeying to generate a new ANonce
The Authenticator state machine path for PTK rekeying ended up bypassing
the AUTHENTICATION2 state where a new ANonce is generated when going
directly to the PTKSTART state since there is no need to try to
determine the PMK again in such a case. This is far from ideal since the
new PTK would depend on a new nonce only from the supplicant.
Fix this by generating a new ANonce when moving to the PTKSTART state
for the purpose of starting new 4-way handshake to rekey PTK.
Subject: [PATCH 6/8] TDLS: Reject TPK-TK reconfiguration
Do not try to reconfigure the same TPK-TK to the driver after it has
been successfully configured. This is an explicit check to avoid issues
related to resetting the TX/RX packet number. There was already a check
for this for TPK M2 (retries of that message are ignored completely), so
that behavior does not get modified.
For TPK M3, the TPK-TK could have been reconfigured, but that was
followed by immediate teardown of the link due to an issue in updating
the STA entry. Furthermore, for TDLS with any real security (i.e.,
ignoring open/WEP), the TPK message exchange is protected on the AP path
and simple replay attacks are not feasible.
As an additional corner case, make sure the local nonce gets updated if
the peer uses a very unlikely "random nonce" of all zeros.
Subject: [PATCH 7/8] WNM: Ignore WNM-Sleep Mode Response without pending
request
Commit 03ed0a52393710be6bdae657d1b36efa146520e5 ('WNM: Ignore WNM-Sleep
Mode Response if WNM-Sleep Mode has not been used') started ignoring the
response when no WNM-Sleep Mode Request had been used during the
association. This can be made tighter by clearing the used flag when
successfully processing a response. This adds an additional layer of
protection against unexpected retransmissions of the response frame.
Subject: [PATCH 8/8] FT: Do not allow multiple Reassociation Response frames
The driver is expected to not report a second association event without
the station having explicitly request a new association. As such, this
case should not be reachable. However, since reconfiguring the same
pairwise or group keys to the driver could result in nonce reuse issues,
be extra careful here and do an additional state check to avoid this
even if the local driver ends up somehow accepting an unexpected
Reassociation Response frame.
To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.18 pkgsrc/net/wpa_supplicant/Makefile
cvs rdiff -u -r1.9 -r1.10 pkgsrc/net/wpa_supplicant/distinfo
cvs rdiff -u -r0 -r1.1 \
pkgsrc/net/wpa_supplicant/patches/patch-src_ap_ieee802__11.c \
pkgsrc/net/wpa_supplicant/patches/patch-src_ap_wpa__auth.c \
pkgsrc/net/wpa_supplicant/patches/patch-src_ap_wpa__auth.h \
pkgsrc/net/wpa_supplicant/patches/patch-src_ap_wpa__auth__ft.c \
pkgsrc/net/wpa_supplicant/patches/patch-src_ap_wpa__auth__i.h \
pkgsrc/net/wpa_supplicant/patches/patch-src_common_wpa__common.h \
pkgsrc/net/wpa_supplicant/patches/patch-src_rsn__supp_tdls.c \
pkgsrc/net/wpa_supplicant/patches/patch-src_rsn__supp_wpa.c \
pkgsrc/net/wpa_supplicant/patches/patch-src_rsn__supp_wpa__ft.c \
pkgsrc/net/wpa_supplicant/patches/patch-src_rsn__supp_wpa__i.h \
pkgsrc/net/wpa_supplicant/patches/patch-wpa__supplicant_wnm__sta.c
|
|
|
|
lang/gcc49: functionality fix
lang/gcc49-libs: functionality fix
Revisions pulled up:
- lang/gcc49-libs/Makefile 1.14
- lang/gcc49/Makefile 1.22
- lang/gcc49/distinfo 1.15
- lang/gcc49/patches/patch-gcc_targhooks.c 1.1
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: ryoon
Date: Sat Oct 14 14:46:00 UTC 2017
Modified Files:
pkgsrc/lang/gcc49: Makefile distinfo
Added Files:
pkgsrc/lang/gcc49/patches: patch-gcc_targhooks.c
Log Message:
Fix __stack_chk_fail_local undefined error in PIE case, bump PKGREVISION
* Port from NetBSD src
Fix __stack_chk_fail_local undefined reference error
from "gcc test.c -fstack-protector-all -fPIE".
* As a result, pkgsrc/www/firefox build under NetBSD/i386 7.1 is fixed
To generate a diff of this commit:
cvs rdiff -u -r1.21 -r1.22 pkgsrc/lang/gcc49/Makefile
cvs rdiff -u -r1.14 -r1.15 pkgsrc/lang/gcc49/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/lang/gcc49/patches/patch-gcc_targhooks.c
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: ryoon
Date: Sat Oct 14 14:47:43 UTC 2017
Modified Files:
pkgsrc/lang/gcc49-libs: Makefile
Log Message:
Bump PKGREVISON from lang/gcc49 bump
To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 pkgsrc/lang/gcc49-libs/Makefile
|
|
editors/emacs21: security patch
Revisions pulled up:
- editors/emacs21/Makefile 1.40
- editors/emacs21/distinfo 1.24
- editors/emacs21/patches/patch-CVE-2017-14482 1.1
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tez
Date: Thu Oct 12 17:30:24 UTC 2017
Modified Files:
pkgsrc/editors/emacs21: Makefile distinfo
Added Files:
pkgsrc/editors/emacs21/patches: patch-CVE-2017-14482
Log Message:
emacs21: fix for CVE-2017-14482
adapted from upstream 9ad0fcc54442a9a01d41be19880250783426db70
To generate a diff of this commit:
cvs rdiff -u -r1.39 -r1.40 pkgsrc/editors/emacs21/Makefile
cvs rdiff -u -r1.23 -r1.24 pkgsrc/editors/emacs21/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/editors/emacs21/patches/patch-CVE-2017-14482
|
|
x11/modular-xorg-server: security update
Revisions pulled up:
- x11/modular-xorg-server/Makefile 1.114
- x11/modular-xorg-server/Makefile.common 1.18-1.19
- x11/modular-xorg-server/distinfo 1.84-1.85
- x11/modular-xorg-server/patches/patch-Xi_sendexev.c deleted
- x11/modular-xorg-server/patches/patch-dix_events.c deleted
- x11/modular-xorg-server/patches/patch-dix_swapreq.c deleted
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Thu Oct 5 15:34:13 UTC 2017
Modified Files:
pkgsrc/x11/modular-xorg-server: Makefile Makefile.common distinfo
Removed Files:
pkgsrc/x11/modular-xorg-server/patches: patch-Xi_sendexev.c
patch-dix_events.c patch-dix_swapreq.c
Log Message:
modular-xorg-server: update to 1.19.4.
A collection of stability fixes from the development branch, including
two minor CVEs. Thanks to all who sent in patches!
Aaron Plattner (1):
randr: Use RRTransformEqual in RRCrtcPendingTransform
Adam Jackson (11):
parser: Fix crash when xf86nameCompare(s1 = x, s2 = NULL)
xinerama: Implement graphics exposures for window->pixmap copies (v4)
ephyr: Don't clobber bitsPerPixel when using glamor
xephyr: Check for host XVideo support before trying to use it
modesetting: Validate the atom for enum properties
wayland: Sync drm.xml with Mesa
os: Fix warning in LockServer
xfree86: Silence a new glibc warning
dmx: Silence an unused-result warning
dmx: Remove some not-very-interesting debug prints
xserver 1.19.4
Carlos Garnacho (5):
xwayland: Allow pointer warp on root/None window
xwayland: "Accept" confineTo on InputOnly windows
xwayland: Update root window size when desktop size changes
xwayland: Lock the pointer if it is confined and has no cursor
Xi: Use WarpPointerProc hook on XI pointer warping implementation
Daniel Stone (1):
modesetting: Set correct DRM event context version
Dawid Kurek (1):
modesetting: Blacklist EVDI devices from PRIME sync
Eric Anholt (1):
glamor: Fix dashed line rendering.
Jason Gerecke (1):
xfree86: Fix interpretation of xf86WaitForInput timeout
Jon TURNEY (1):
Move statically linked xorgxkb files from dixmods to a separate directory
Keith Packard (6):
os: un-duplicate code to close client on write failure
os: Mark client as ready to read when closing due to write failure [100863]
dix: Remove clients from input and output ready queues after closing
modesetting: Skip no-longer-present connectors when resetting BAD links
xkb: Handle xkb formated string output safely (CVE-2017-13723)
xf86-video-modesetting: Add ms_queue_vblank helper [v3]
Kenneth Graunke (1):
dri2: Sync i965_pci_ids.h from Mesa.
Louis-Francis Ratté-Boulianne (1):
present: Check the whole exec queue on event
Lyude (1):
xwayland: Don't load extension list more than once
Martin Peres (1):
modesetting: re-set the crtc's mode when link-status goes BAD
Michal Srb (7):
Xi: Zero target buffer in SProcXSendExtensionEvent.
dix: Disallow GenericEvent in SendEvent request.
Xi: Verify all events in ProcXSendExtensionEvent.
Xi: Do not try to swap GenericEvent.
Xi: Test exact size of XIBarrierReleasePointer
Xext/shm: Validate shmseg resource id (CVE-2017-13721)
xkb: Escape non-printable characters correctly.
Michel Dänzer (5):
xfree86/modes: Make colormap/gamma glue code work with RandR disabled
os: Handle SIGABRT
glamor: Store the actual EGL/GLX context pointer in lastGLContext
glamor: Fix temporary pixmap coordinate offsets
xfree86/modes: Use RRTransformEqual in xf86RandR12CrtcSet
Nick Sarnie (1):
suid: Include sysmacros.h to fix build after glibc-2.25
Olivier Fourdan (9):
glamor: Check for NULL pixmap in glamor_get_pixmap_texture()
Xephyr: Check screen resources creation success
glamor: glamor_set_destination_drawable() can fail
glamor: Check glamor_set_destination_drawable() return value
glamor: avoid a crash if texture allocation failed
glamor: an FBO is not needed for Xv pixmaps
xwayland: Fix a segfault with pointer locking
glamor: handle NULL source picture
glamor: Avoid overflow between box32 and box16 box
Peter Hutterer (2):
test: fix compiler warning
xfree86: up the path name size to 512 in xf86MatchDriverFromFiles
Rodrigo Vivi (1):
dri2: Sync i965_pci_ids.h from Mesa.
Tobias Stoeckmann (2):
record: Fix OOB access in ProcRecordUnregisterClients
dmx: Fix null pointer dereference
To generate a diff of this commit:
cvs rdiff -u -r1.113 -r1.114 pkgsrc/x11/modular-xorg-server/Makefile
cvs rdiff -u -r1.17 -r1.18 pkgsrc/x11/modular-xorg-server/Makefile.common
cvs rdiff -u -r1.83 -r1.84 pkgsrc/x11/modular-xorg-server/distinfo
cvs rdiff -u -r1.3 -r0 \
pkgsrc/x11/modular-xorg-server/patches/patch-Xi_sendexev.c
cvs rdiff -u -r1.1 -r0 \
pkgsrc/x11/modular-xorg-server/patches/patch-dix_events.c \
pkgsrc/x11/modular-xorg-server/patches/patch-dix_swapreq.c
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Thu Oct 12 23:29:58 UTC 2017
Modified Files:
pkgsrc/x11/modular-xorg-server: Makefile.common distinfo
Log Message:
modular-xorg-server: update to 1.19.5.
One regression fix since 1.19.4 (mea culpa), and fixes for CVEs 2017-
12176 through 2017-12187. C is a terrible language, please stop writing
code in it.
To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 pkgsrc/x11/modular-xorg-server/Makefile.common
cvs rdiff -u -r1.84 -r1.85 pkgsrc/x11/modular-xorg-server/distinfo
|
|
x11/libXres: security update
Revisions pulled up:
- x11/libXres/Makefile 1.12
- x11/libXres/distinfo 1.7
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Wed Oct 11 16:45:43 UTC 2017
Modified Files:
pkgsrc/x11/libXres: Makefile distinfo
Log Message:
libXres: update to 1.2.0.
Version 1.2 of the X-Resource extension (added in xserver 1.13)
added some new requests allowing inspection of every resource for a
client, the bytes used per resource, and the PIDs of local clients.
Unfortunately the client library never saw a corresponding release, so
let's fix that.
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 pkgsrc/x11/libXres/Makefile
cvs rdiff -u -r1.6 -r1.7 pkgsrc/x11/libXres/distinfo
|
|
x11/libXfont2: security update
Revisions pulled up:
- x11/libXfont2/Makefile 1.3
- x11/libXfont2/distinfo 1.3
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Wed Oct 11 16:47:42 UTC 2017
Modified Files:
pkgsrc/x11/libXfont2: Makefile distinfo
Log Message:
libXfont2: update to 2.0.2.
A collection of minor fixes since 2.0.1, including CVEs 2017-13720
and 2017-13722.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/x11/libXfont2/Makefile \
pkgsrc/x11/libXfont2/distinfo
|
|
security/mit-krb5: security update
Revisions pulled up:
- security/mit-krb5/Makefile 1.95
- security/mit-krb5/distinfo 1.62
- security/mit-krb5/patches/patch-CVE-2017-11368 deleted
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tez
Date: Tue Oct 10 21:22:53 UTC 2017
Modified Files:
pkgsrc/security/mit-krb5: Makefile distinfo
Removed Files:
pkgsrc/security/mit-krb5/patches: patch-CVE-2017-11368
Log Message:
mit-krb5: update to 1.14.6
Major changes in 1.14.6 (2017-09-25)
This is a bug fix release.
Fix a KDC denial of service vulnerability caused by unset status
strings [CVE-2017-11368]
Preserve GSS contexts on init/accept failure [CVE-2017-11462]
Fix kadm5 setkey operation with LDAP KDB module
Use a ten-second timeout after successful connection for HTTPS KDC
requests, as we do for TCP requests
Fix client null dereference when KDC offers encrypted challenge
without FAST
To generate a diff of this commit:
cvs rdiff -u -r1.94 -r1.95 pkgsrc/security/mit-krb5/Makefile
cvs rdiff -u -r1.61 -r1.62 pkgsrc/security/mit-krb5/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/security/mit-krb5/patches/patch-CVE-2017-11368
|
|
lang/ocaml: fix for NetBSD/powerpc
Revisions pulled up:
- lang/ocaml/Makefile 1.115
- lang/ocaml/PLIST 1.44
- lang/ocaml/distinfo 1.111
- lang/ocaml/patches/patch-asmrun_signals__osdep.h 1.2
- lang/ocaml/patches/patch-configure 1.25
- lang/ocaml/patches/patch-testsuite_tests_lib-dynlink-native_Makefile 1.1
- lang/ocaml/patches/patch-testsuite_tests_tool-ocamldoc-man_Makefile 1.3
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: he
Date: Tue Oct 10 12:10:05 UTC 2017
Modified Files:
pkgsrc/lang/ocaml: Makefile PLIST distinfo
pkgsrc/lang/ocaml/patches: patch-asmrun_signals__osdep.h
patch-configure
Added Files:
pkgsrc/lang/ocaml/patches:
patch-testsuite_tests_lib-dynlink-native_Makefile
patch-testsuite_tests_tool-ocamldoc-man_Makefile
Log Message:
Apply the required fixes to make this work again on NetBSD/powerpc.
A similar set of changes has been sent upstream.
OK by jaapb@
To generate a diff of this commit:
cvs rdiff -u -r1.114 -r1.115 pkgsrc/lang/ocaml/Makefile
cvs rdiff -u -r1.43 -r1.44 pkgsrc/lang/ocaml/PLIST
cvs rdiff -u -r1.110 -r1.111 pkgsrc/lang/ocaml/distinfo
cvs rdiff -u -r1.1 -r1.2 \
pkgsrc/lang/ocaml/patches/patch-asmrun_signals__osdep.h
cvs rdiff -u -r1.24 -r1.25 pkgsrc/lang/ocaml/patches/patch-configure
cvs rdiff -u -r0 -r1.1 \
pkgsrc/lang/ocaml/patches/patch-testsuite_tests_lib-dynlink-native_Makefile
cvs rdiff -u -r0 -r1.3 \
pkgsrc/lang/ocaml/patches/patch-testsuite_tests_tool-ocamldoc-man_Makefile
|
|
devel/libmemcached: build fix for Darwin
Revisions pulled up:
- devel/libmemcached/distinfo 1.13
- devel/libmemcached/patches/patch-clients_memflush.cc 1.2
- devel/libmemcached/patches/patch-libmemcached_byteorder.cc 1.3
- devel/libmemcached/patches/patch-libtest_lite.h 1.4
- devel/libmemcached/patches/patch-libtest_test.hpp 1.3
- devel/libmemcached/patches/patch-tests_libmemcached-1.0_ketama.cc 1.5
- devel/libmemcached/patches/patch-tests_libmemcached-1.0_pool.cc 1.5
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: adam
Date: Mon Oct 9 07:48:52 UTC 2017
Modified Files:
pkgsrc/devel/libmemcached: distinfo
pkgsrc/devel/libmemcached/patches: patch-clients_memflush.cc
patch-libmemcached_byteorder.cc patch-libtest_lite.h
patch-libtest_test.hpp patch-tests_libmemcached-1.0_ketama.cc
patch-tests_libmemcached-1.0_pool.cc
Log Message:
Fixed building on Darwin; clean-ups
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 pkgsrc/devel/libmemcached/distinfo
cvs rdiff -u -r1.1 -r1.2 \
pkgsrc/devel/libmemcached/patches/patch-clients_memflush.cc
cvs rdiff -u -r1.2 -r1.3 \
pkgsrc/devel/libmemcached/patches/patch-libmemcached_byteorder.cc \
pkgsrc/devel/libmemcached/patches/patch-libtest_test.hpp
cvs rdiff -u -r1.3 -r1.4 \
pkgsrc/devel/libmemcached/patches/patch-libtest_lite.h
cvs rdiff -u -r1.4 -r1.5 \
pkgsrc/devel/libmemcached/patches/patch-tests_libmemcached-1.0_ketama.cc \
pkgsrc/devel/libmemcached/patches/patch-tests_libmemcached-1.0_pool.cc
|
|
sysutils/salt: security update
Revisions pulled up:
- sysutils/salt/Makefile 1.55
- sysutils/salt/distinfo 1.31
- sysutils/salt/patches/patch-salt_grains_core.py deleted
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: sborrill
Date: Wed Oct 11 09:40:28 UTC 2017
Modified Files:
pkgsrc/sysutils/salt: Makefile distinfo
Removed Files:
pkgsrc/sysutils/salt/patches: patch-salt_grains_core.py
Log Message:
salt: update to 2017.7.2
Changelog:
https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html
Fixes CVE-2017-14695 and CVE-2017-14696
To generate a diff of this commit:
cvs rdiff -u -r1.54 -r1.55 pkgsrc/sysutils/salt/Makefile
cvs rdiff -u -r1.30 -r1.31 pkgsrc/sysutils/salt/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/sysutils/salt/patches/patch-salt_grains_core.py
|
|
|
|
lang/go: security update
Revisions pulled up:
- lang/go/distinfo 1.52
- lang/go/version.mk 1.29
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: bsiegert
Date: Fri Oct 6 18:38:25 UTC 2017
Modified Files:
pkgsrc/lang/go: distinfo version.mk
Log Message:
Update Go to 1.9.1 (security fix).
Two security-related issues were recently reported.
To address this issue, we have just released Go 1.8.4 and Go 1.9.1.
We recommend that all users update to one of these releases (if you're
not sure
which, choose Go 1.9.1).
The issues addressed by these releases are:
By nesting a git checkout inside another version control repository, it was
possible for an attacker to trick the "go get" command into executing
arbitrary
code. The go command now refuses to use version control checkouts found
inside
other version control systems, with an exception for git submodules (git
inside
git).
The issue is tracked as https://golang.org/issue/22125 (Go 1.8.4) and
https://golang.org/issue/22131 (Go 1.9.1). Fixes are linked from the issues.
Thanks to Simon Rawet for the report.
In the smtp package, PlainAuth is documented as sending credentials only
over
authenticated, encrypted TLS connections, but it was changed in Go 1.1
to also
send credentials on non-TLS connections when the remote server
advertises that
PLAIN authentication is supported. The change was meant to allow use of
PLAIN
authentication on localhost, but it has the effect of allowing a
man-in-the-middle attacker to harvest credentials. PlainAuth now requires
either TLS or a localhost connection before sending credentials,
regardless of
what the remote server claims.
This issue is tracked as https://golang.org/issue/22134 (Go 1.8.4) and
https://golang.org/issue/22133 (Go 1.9.1). Fixes are linked from the issues.
Thanks to Stevie Johnstone for the report.
To generate a diff of this commit:
cvs rdiff -u -r1.51 -r1.52 pkgsrc/lang/go/distinfo
cvs rdiff -u -r1.28 -r1.29 pkgsrc/lang/go/version.mk
|
|
math/py-numpy: security update
Revisions pulled up:
- math/py-numpy/Makefile 1.44
- math/py-numpy/distinfo 1.25
- math/py-numpy/patches/patch-numpy_distutils_fcompiler_gnu.py 1.13
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: adam
Date: Thu Oct 5 08:21:27 UTC 2017
Modified Files:
pkgsrc/math/py-numpy: Makefile distinfo
pkgsrc/math/py-numpy/patches: patch-numpy_distutils_fcompiler_gnu.py
Log Message:
py-numpy: update to 1.13.3
NumPy 1.13.3:
This is a bugfix release for some problems found since 1.13.1. The most
important fixes are for CVE-2017-12852 and temporary elision. Users of
earlier
versions of 1.13 should upgrade.
To generate a diff of this commit:
cvs rdiff -u -r1.43 -r1.44 pkgsrc/math/py-numpy/Makefile
cvs rdiff -u -r1.24 -r1.25 pkgsrc/math/py-numpy/distinfo
cvs rdiff -u -r1.12 -r1.13 \
pkgsrc/math/py-numpy/patches/patch-numpy_distutils_fcompiler_gnu.py
|
|
graphics/libfpx: security patch
Revisions pulled up:
- graphics/libfpx/Makefile 1.3
- graphics/libfpx/distinfo 1.2
- graphics/libfpx/patches/patch-fpx_f__fpxvw.cpp 1.1
- graphics/libfpx/patches/patch-oless_dir.cxx 1.1
- graphics/libfpx/patches/patch-oless_docfile.cxx 1.1
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: nros
Date: Wed Oct 4 17:19:33 UTC 2017
Modified Files:
pkgsrc/graphics/libfpx: Makefile distinfo
Added Files:
pkgsrc/graphics/libfpx/patches: patch-fpx_f__fpxvw.cpp
patch-oless_dir.cxx patch-oless_docfile.cxx
Log Message:
Add patches to fix CVE-2017-12925 , CVE-2017-12921 and a possible fix
for CVE-2017-12920.
Use += in master sites insted of \.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/graphics/libfpx/Makefile
cvs rdiff -u -r1.1 -r1.2 pkgsrc/graphics/libfpx/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/graphics/libfpx/patches/patch-fpx_f__fpxvw.cpp \
pkgsrc/graphics/libfpx/patches/patch-oless_dir.cxx \
pkgsrc/graphics/libfpx/patches/patch-oless_docfile.cxx
|
|
|
|
lang/tcl: build fix
Revisions pulled up:
- lang/tcl/distinfo 1.75
- lang/tcl/patches/patch-unix_tclUnixSock.c 1.1
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Sep 27 02:53:43 UTC 2017
Modified Files:
pkgsrc/lang/tcl: distinfo
Added Files:
pkgsrc/lang/tcl/patches: patch-unix_tclUnixSock.c
Log Message:
lang/tcl: build fix on NetBSD 6
Build fix on NetBSD 6 applying upstream update.
To generate a diff of this commit:
cvs rdiff -u -r1.74 -r1.75 pkgsrc/lang/tcl/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/lang/tcl/patches/patch-unix_tclUnixSock.c
|
|
|
|
audio/audacious-plugins: build fix
Revisions pulled up:
- audio/audacious-plugins/Makefile 1.75-1.76
- audio/audacious-plugins/PLIST 1.13
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Sat Sep 30 16:03:34 UTC 2017
Modified Files:
pkgsrc/audio/audacious-plugins: Makefile
Log Message:
audacious-plugins: Add libsamplerate bl3.mk
Fixes build without Jack.
From PR 52575 by John D. Baker.
To generate a diff of this commit:
cvs rdiff -u -r1.74 -r1.75 pkgsrc/audio/audacious-plugins/Makefile
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Wed Oct 4 11:29:37 UTC 2017
Modified Files:
pkgsrc/audio/audacious-plugins: Makefile PLIST
Log Message:
audacious-plugins: add gdbus-codegen as build dependency
When it is found, the mpris2 plugin is built, which lead to "random"
PLIST problems. Depend on it to always build it.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.75 -r1.76 pkgsrc/audio/audacious-plugins/Makefile
cvs rdiff -u -r1.12 -r1.13 pkgsrc/audio/audacious-plugins/PLIST
|
|
|
|
gama now requires c++11. It's likely that 1.18 did also, but that
this was less obvious.
Besides items noted in upstream NEWS, two pkgsrc patches were applied
upstream.
Version 1.19 June 2017
* fixed a bug introduced in 1.16, reported by Pierre Bosser
<pierre.bosser@ensta-bretagne.fr>. Implicit value of
covariance band in XML adjustment output is -1 (full
bandwidth).
|
|
|
|
The software Makefiles try to install example configuration files
directly into $(sysconfdir), which is set during the configure
stage to ${PKG_SYSCONFDIR} == ${PREFIX}/etc/siege. However, pkgsrc
standards require that the example configuration files be installed
into ${PREFIX}/share/examples/siege ( ${EGDIR} ).
Pass sysconfdir=${EGDIR} to the bmake(1) process during the install
stage so that the Makefile recipe will install the example files
into the correct location.
Remove the "install" substitution class that was trying to do the
same thing but which fails if ${PKG_SYSCONFBASE} != ${PREFIX}/etc.
Bump the PKGREVISION due to changes in the installed files if the
package is built with default settings. Fix discussed with nils@
in private correspondence.
|
|
|
|
|
|
required i.e. by py-html5lib.
|