| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
www/apache22: security patch
Revisions pulled up:
- www/apache22/Makefile 1.114
- www/apache22/distinfo 1.68
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Thu Sep 28 04:58:29 UTC 2017
Modified Files:
pkgsrc/www/apache22: Makefile distinfo
Log Message:
apache: update to 2.2.34nb1.
Apply upstream patch to fix CVE 2017-9798.
To generate a diff of this commit:
cvs rdiff -u -r1.113 -r1.114 pkgsrc/www/apache22/Makefile
cvs rdiff -u -r1.67 -r1.68 pkgsrc/www/apache22/distinfo
|
|
|
|
mail/roundcube: security update
mail/roundcube-plugin-enigma: security update
mail/roundcube-plugin-password: security update
mail/roundcube-plugin-zipdownload: security update
Revisions pulled up:
- mail/roundcube-plugin-enigma/distinfo 1.7
- mail/roundcube-plugin-password/distinfo 1.7
- mail/roundcube-plugin-zipdownload/distinfo 1.7
- mail/roundcube/Makefile.common 1.7
- mail/roundcube/distinfo 1.58
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 9 01:13:12 UTC 2017
Modified Files:
pkgsrc/mail/roundcube: Makefile.common distinfo
pkgsrc/mail/roundcube-plugin-enigma: distinfo
pkgsrc/mail/roundcube-plugin-password: distinfo
pkgsrc/mail/roundcube-plugin-zipdownload: distinfo
Log Message:
mail/roundcube: update to 1.2.7
Security fix for CVE-2017-16651.
RELEASE 1.2.7
-------------
- Fix rewind(): stream does not support seeking (#5950)
- Fix bug where HTML messages could have been rendered empty on some systems
(#5957)
- Fix (again) bug where image data URIs in css style were treated as
evil/remote in mail preview (#5580)
- Managesieve: Fix parsing dot-staffed lines in multiline text (#5838, #5959)
- Fix file disclosure vulnerability caused by insufficient input validation
[CVE-2017-16651] (#6026)
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 pkgsrc/mail/roundcube/Makefile.common
cvs rdiff -u -r1.57 -r1.58 pkgsrc/mail/roundcube/distinfo
cvs rdiff -u -r1.6 -r1.7 pkgsrc/mail/roundcube-plugin-enigma/distinfo
cvs rdiff -u -r1.6 -r1.7 pkgsrc/mail/roundcube-plugin-password/distinfo
cvs rdiff -u -r1.6 -r1.7 pkgsrc/mail/roundcube-plugin-zipdownload/distinfo
|
|
|
|
net/socket++: build fix
Revisions pulled up:
- net/socket++/Makefile 1.12
---
Module Name: pkgsrc
Committed By: wiz
Date: Mon Nov 6 13:36:39 UTC 2017
Modified Files:
pkgsrc/net/socket++: Makefile
Log Message:
socketxx: fix HOMEPAGE
|
|
www/paros: build fix
Revisions pulled up:
- www/paros/Makefile 1.18
---
Module Name: pkgsrc
Committed By: wiz
Date: Mon Nov 6 13:33:48 UTC 2017
Modified Files:
pkgsrc/www/paros: Makefile
Log Message:
paros: fix HOMEPAGE, set LICENSE
|
|
x11/rofi: build fix
Revisions pulled up:
- x11/rofi/Makefile 1.7
---
Module Name: pkgsrc
Committed By: wiz
Date: Mon Nov 6 13:35:43 UTC 2017
Modified Files:
pkgsrc/x11/rofi: Makefile
Log Message:
rofi: fix HOMEPAGE
|
|
|
|
net/rsync: security patch
Revisions pulled up:
- net/rsync/Makefile 1.105
- net/rsync/distinfo 1.45
- net/rsync/patches/patch-authenticate.c 1.3
- net/rsync/patches/patch-xattrs.c 1.1
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: spz
Date: Fri Nov 10 06:59:16 UTC 2017
Modified Files:
pkgsrc/net/rsync: Makefile distinfo
Added Files:
pkgsrc/net/rsync/patches: patch-authenticate.c patch-xattrs.c
Log Message:
patch for CVE-2017-16548, mitigation for weak checksums
To generate a diff of this commit:
cvs rdiff -u -r1.104 -r1.105 pkgsrc/net/rsync/Makefile
cvs rdiff -u -r1.44 -r1.45 pkgsrc/net/rsync/distinfo
cvs rdiff -u -r0 -r1.3 pkgsrc/net/rsync/patches/patch-authenticate.c
cvs rdiff -u -r0 -r1.1 pkgsrc/net/rsync/patches/patch-xattrs.c
|
|
|
|
www/curl: security update
Revisions pulled up:
- www/curl/Makefile 1.188-1.189
- www/curl/PLIST 1.66
- www/curl/distinfo 1.137-1.138
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Wed Oct 4 06:32:58 UTC 2017
Modified Files:
pkgsrc/www/curl: Makefile PLIST distinfo
Log Message:
curl: update to 7.56.0.
Curl and libcurl 7.56.0
This release includes the following changes:
o curl: enable compression for SCP/SFTP with --compressed-ssh [11]
o libcurl: enable compression for SCP/SFTP with CURLOPT_SSH_COMPRESSION [11]
o vtls: added dynamic changing SSL backend with curl_global_sslset() [28]
o new MIME API, curl_mime_init() and friends [32]
o openssl: initial SSLKEYLOGFILE implementation [36]
This release includes the following bugfixes:
o FTP: zero terminate the entry path even on bad input [67]
o examples/ftpuploadresume.c: use portable code
o runtests: match keywords case insensitively
o travis: build the examples too [1]
o strtoofft: reduce integer overflow risks globally [2]
o zsh.pl: produce a working completion script again [3]
o cmake: remove dead code for CURL_DISABLE_RTMP [4]
o progress: Track total times following redirects [5]
o configure: fix --disable-threaded-resolver [6]
o cmake: remove dead code for DISABLED_THREADSAFE [7]
o configure: fix clang version detection
o darwinssi: fix error: variable length array used
o travis: add metalink to some osx builds [8]
o configure: check for __builtin_available() availability [9]
o http_proxy: fix build error for CURL_DOES_CONVERSIONS [10]
o examples/ftpuploadresume: checksrc compliance
o ftp: fix CWD when doing multicwd then nocwd on same connection [12]
o system.h: remove all CURL_SIZEOF_* defines [13]
o http: Don't wait on CONNECT when there is no proxy [14]
o system.h: check for __ppc__ as well [15]
o http2_recv: return error better on fatal h2 errors [16]
o scripts/contri*sh: use "git log --use-mailmap"
o tftp: fix memory leak on too long filename [17]
o system.h: fix build for hppa [18]
o cmake: enable picky compiler options with clang and gcc [19]
o makefile.m32: add support for libidn2 [20]
o curl: turn off MinGW CRT's globbing [21]
o request-target.d: mention added in 7.55.0
o curl: shorten and clean up CA cert verification error message [22]
o imap: support PREAUTH [23]
o CURLOPT_USERPWD.3: see also CURLOPT_PROXYUSERPWD
o examples/threaded-ssl: mention that this is for openssl before 1.1
o winbuild: fix embedded manifest option [24]
o tests: Make sure libtests & unittests call curl_global_cleanup()
o system.h: include sys/poll.h for AIX [25]
o darwinssl: handle long strings in TLS certs [26]
o strtooff: fix build for systems with long long but no strtoll [27]
o asyn-thread: Improved cleanup after OOM situations
o HELP-US.md: "How to get started helping out in the curl project" [29]
o curl.h: CURLSSLBACKEND_WOLFSSL used wrong value [30]
o unit1301: fix error message on first test
o ossfuzz: moving towards the ideal integration [31]
o http: fix a memory leakage in checkrtspprefix()
o examples/post-callback: stop returning one byte at a time
o schannel: return CURLE_SSL_CACERT on failed verification [33]
o MAIL-ETIQUETTE: added "1.9 Your emails are public"
o http-proxy: treat all 2xx as CONNECT success [34]
o openssl: use OpenSSL's default ciphers by default [35]
o runtests.pl: support attribute "nonewline" in part verify/upload
o configure: remove --enable-soname-bump and SONAME_BUMP [37]
o travis: add c-ares enabled builds linux + osx [38]
o vtls: fix WolfSSL 3.12 build problems [39]
o http-proxy: when not doing CONNECT, that phase is done immediately [40]
o configure: fix curl_off_t check's include order [41]
o configure: use -Wno-varargs on clang 3.9[.X] debug builds
o rtsp: do not call fwrite() with NULL pointer FILE * [42]
o mbedtls: enable CA path processing [43]
o travis: add build without HTTP/SMTP/IMAP
o checksrc: verify more code style rules [44]
o HTTP proxy: on connection re-use, still use the new remote port [45]
o tests: add initial gssapi test using stub implementation [46]
o rtsp: Segfault when using WRITEDATA [47]
o docs: clarify the CURLOPT_INTERLEAVE* options behavior
o non-ascii: use iconv() with 'char **' argument [48]
o server/getpart: provide dummy function to build conversion enabled
o conversions: fix several compiler warnings
o openssl: add missing includes [49]
o schannel: Support partial send for when data is too large [50]
o socks: fix incorrect port number in SOCKS4 error message [51]
o curl: fix integer overflow in timeout options [52]
o travis: on mac, don't install openssl or libidn [53]
o cookies: reject oversized cookies instead of truncating [54]
o cookies: use lock when using CURLINFO_COOKIELIST [55]
o curl: check fseek() return code and bail on error
o examples/post-callback: use long for CURLOPT_POSTFIELDSIZE
o openssl: only verify RSA private key if supported [56]
o tests: make the imap server not verify user+password [57]
o imap: quote atoms properly when escaping characters [58]
o tests: fix a compiler warning in test 643
o file_range: avoid integer overflow when figuring out byte range [59]
o curl.h: include <sys/select.h> on cygwin too [60]
o reuse_conn: don't copy flags that are known to be equal [61]
o http: fix adding custom empty headers to repeated requests [62]
o docs: clarify the use of environment variables for proxy [63]
o docs: link CURLOPT_CONNECTTIMEOUT and CURLOPT_CONNECTTIMEOUT_MS [64]
o connect: fix race condition with happy eyeballs timeout [65]
o cookie: fix memory leak if path was set twice in header [66]
o vtls: compare and clone ssl configs properly [68]
o proxy: read the "no_proxy" variable only if necessary [69]
To generate a diff of this commit:
cvs rdiff -u -r1.187 -r1.188 pkgsrc/www/curl/Makefile
cvs rdiff -u -r1.65 -r1.66 pkgsrc/www/curl/PLIST
cvs rdiff -u -r1.136 -r1.137 pkgsrc/www/curl/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: adam
Date: Mon Oct 23 06:59:36 UTC 2017
Modified Files:
pkgsrc/www/curl: Makefile distinfo
Log Message:
curl: update to 7.56.1
Curl and libcurl 7.56.1
This release includes the following bugfixes:
o imap: if a FETCH response has no size, don't call write callback
o ftp: UBsan fixup 'pointer index expression overflowed
o failf: skip the sprintf() if there are no consumers
o fuzzer: move to using external curl-fuzzer
o lib/Makefile.m32: allow customizing dll suffixes
o docs: fix typo in curl_mime_data_cb man page
o darwinssl: add support for TLSv1.3
o build: fix --disable-crypto-auth
o lib/config-win32.h: let SMB/SMBS be enabled with OpenSSL/NSS
o openssl: fix build without HAVE_OPAQUE_EVP_PKEY
o strtoofft: Remove extraneous null check
o multi_cleanup: call DONE on handles that never got that
o tests: added flaky keyword to tests 587 and 644
o pingpong: return error when trying to send without connection
o remove_handle: call multi_done() first, then clear dns cache pointer
o mime: be tolerant about setting twice the same header list in a part.
o mime: improve unbinding top multipart from easy handle.
o mime: avoid resetting a part's encoder when part's contents change.
o mime: refuse to add subparts to one of their own descendants
o RTSP: avoid integer overflow on funny RTSP responses
o curl: don't pass semicolons when parsing Content-Disposition
o openssl: enable PKCS12 support for !BoringSSL
o FAQ: s/CURLOPT_PROGRESSFUNCTION/CURLOPT_XFERINFOFUNCTION
o CURLOPT_NOPROGRESS.3: also refer to xferinfofunction
o CURLOPT_XFERINFODATA.3: fix duplicate see also
o test298: verify --ftp-method nowcwd with URL encoded path
o FTP: URL decode path for dir listing in nocwd mode
o smtp_done: fix memory leak on send failure
o ftpserver: support case insensitive commands
o test950; verify SMTP with custom request
o openssl: don't use old BORINGSSL_YYYYMM macros
o setopt: update current connection SSL verify params
o winbuild/BUILD.WINDOWS.txt: mention WITH_NGHTTP2
o curl: reimplement stdin buffering in -F option
o mime: keep "text/plain" content type if user-specified
o mime: fix the content reader to handle >16K data properly
o configure: remove the C++ compiler check
o memdebug: trace send, recv and socket
o runtests: use valgrind for torture as well
o ldap: silence clang warning
o makefile.m32: allow to override gcc, ar and ranlib
o setopt: avoid integer overflows when setting millsecond values
o setopt: range check most long options
o ftp: reject illegal IP/port in PASV 227 response
o mime: do not reuse previously computed multipart size
o vtls: change struct Curl_ssl `close' field name to `close_one'
o os400: add missing symbols in config file
o mime: limit bas64-encoded lines length to 76 characters
o mk-ca-bundle: Remove URL for aurora
o mk-ca-bundle: Fix URL for NSS
To generate a diff of this commit:
cvs rdiff -u -r1.188 -r1.189 pkgsrc/www/curl/Makefile
cvs rdiff -u -r1.137 -r1.138 pkgsrc/www/curl/distinfo
|
|
emulators/stella: build fix
Revisions pulled up:
- emulators/stella/distinfo 1.22
- emulators/stella/patches/patch-configure 1.4
---
Module Name: pkgsrc
Committed By: dbj
Date: Fri Nov 3 07:49:58 UTC 2017
Modified Files:
pkgsrc/emulators/stella: distinfo
pkgsrc/emulators/stella/patches: patch-configure
Log Message:
tweak clang compiler version matching
|
|
sysutils/augeas: security fix
Revisions pulled up:
- sysutils/augeas/Makefile 1.3
- sysutils/augeas/PLIST 1.2
- sysutils/augeas/distinfo 1.3
---
Module Name: pkgsrc
Committed By: bsiegert
Date: Fri Nov 3 11:05:43 UTC 2017
Modified Files:
pkgsrc/sysutils/augeas: Makefile PLIST distinfo
Log Message:
Update Augeas to 1.9.0.
The changelog is too long for this commit message, go find it at
https://github.com/hercules-team/augeas/releases and
http://augeas.net/news.html.
Note that 1.8.1 included the following:
Fix error in handling escaped whitespace at the end of path expressions
(addresses CVE-2017-7555).
|
|
net/py-suds: build fix
Revisions pulled up:
- net/py-suds/Makefile 1.10
---
Module Name: pkgsrc
Committed By: wiz
Date: Fri Nov 3 19:40:31 UTC 2017
Modified Files:
pkgsrc/net/py-suds: Makefile
Log Message:
py-suds: replace dead HOMEPAGE with bad one at pypi
|
|
sysutils/beats: build fix
Revisions pulled up:
- sysutils/beats/Makefile 1.19
---
Module Name: pkgsrc
Committed By: fhajny
Date: Thu Nov 2 15:30:50 UTC 2017
Modified Files:
pkgsrc/sysutils/beats: Makefile
Log Message:
sysutils/beats: Provide a better hint to where libpcap is. May fix
the build in some situations.
|
|
devel/idutils: FreeBSD build fix
Revisions pulled up:
- devel/idutils/distinfo 1.10
- devel/idutils/patches/patch-lib_fflush_c 1.2
- devel/idutils/patches/patch-lib_fseeko_c 1.2
---
Module Name: pkgsrc
Committed By: agc
Date: Thu Nov 2 04:26:21 UTC 2017
Modified Files:
pkgsrc/devel/idutils/patches: patch-lib_fflush_c patch-lib_fseeko_c
Log Message:
patch fflush.c and fseeko.c so that this package builds on FreeBSD HEAD
---
Module Name: pkgsrc
Committed By: maya
Date: Thu Nov 2 04:54:27 UTC 2017
Modified Files:
pkgsrc/devel/idutils: distinfo
Log Message:
idutils: regen patch sums after previous commit
|
|
security/yara: build fix
Revisions pulled up:
- security/yara/Makefile 1.5
---
Module Name: pkgsrc
Committed By: minskim
Date: Wed Nov 1 19:29:30 UTC 2017
Modified Files:
pkgsrc/security/yara: Makefile
Log Message:
security/yara: Needs OpenSSL to build
|
|
sysutils/py-augeas: build fix
Revisions pulled up:
- sysutils/py-augeas/Makefile 1.3
---
Module Name: pkgsrc
Committed By: wiz
Date: Wed Nov 1 08:23:42 UTC 2017
Modified Files:
pkgsrc/sysutils/py-augeas: Makefile
Log Message:
py-augeas: use pypi instead of deprecated fedorahosted
|
|
textproc/xmlto: build fix
Revisions pulled up:
- textproc/xmlto/Makefile 1.31
---
Module Name: pkgsrc
Committed By: maya
Date: Wed Nov 1 06:41:23 UTC 2017
Modified Files:
pkgsrc/textproc/xmlto: Makefile
Log Message:
xmlto: master sites / homepage from fedorahosted to pagure
|
|
devel/py-dulwich: security fix
Revisions pulled up:
- devel/py-dulwich/Makefile 1.24
- devel/py-dulwich/distinfo 1.21
---
Module Name: pkgsrc
Committed By: adam
Date: Mon Oct 30 18:37:38 UTC 2017
Modified Files:
pkgsrc/devel/py-dulwich: Makefile distinfo
Log Message:
py-dulwich: updated to 0.18.5
0.18.5:
BUG FIXES
* Fix cwd for hooks.
* Fix setting of origin in config when non-standard origin is passed into
``Repo.clone``.
* Prevent setting SSH arguments from SSH URLs when using SSH through a
subprocess. Note that Dulwich doesn't support cloning submodules.
(CVE 2017-1000117)
IMPROVEMENTS
* Silently ignored directories in ``Repo.stage``.
API CHANGES
* GitFile now raises ``FileLocked`` when encountering a lock
rather than OSError(EEXIST).
|
|
mail/imapsync: build fix
Revisions pulled up:
- mail/imapsync/Makefile 1.20
---
Module Name: pkgsrc
Committed By: maya
Date: Wed Nov 1 05:27:44 UTC 2017
Modified Files:
pkgsrc/mail/imapsync: Makefile
Log Message:
imapsync: switch homepage/master sites fedorahosted -> pagure
|
|
fonts/lohit-fonts: build fix
Revisions pulled up:
- fonts/lohit-fonts/Makefile 1.6
---
Module Name: pkgsrc
Committed By: maya
Date: Wed Nov 1 05:19:33 UTC 2017
Modified Files:
pkgsrc/fonts/lohit-fonts: Makefile
Log Message:
lohit-fonts: replace fedorahosted with pagure
|
|
fonts/liberation-ttf: build fix
Revisions pulled up:
- fonts/liberation-ttf/Makefile 1.15
---
Module Name: pkgsrc
Committed By: maya
Date: Wed Nov 1 05:17:06 UTC 2017
Modified Files:
pkgsrc/fonts/liberation-ttf: Makefile
Log Message:
liberation-ttf: add non-fedorahosted MASTER_SITES
|
|
math/R: Darwin build fix
Revisions pulled up:
- math/R/PLIST.Darwin 1.6
---
Module Name: pkgsrc
Committed By: jperkin
Date: Mon Oct 30 11:49:38 UTC 2017
Modified Files:
pkgsrc/math/R: PLIST.Darwin
Log Message:
R: Add missing zoneinfo file from previous update.
|
|
|
|
|
|
www/apache-tomcat8: security update
Revisions pulled up:
- www/apache-tomcat8/Makefile 1.15
- www/apache-tomcat8/distinfo 1.16
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: fhajny
Date: Tue Oct 31 14:33:23 UTC 2017
Modified Files:
pkgsrc/www/apache-tomcat8: Makefile distinfo
Log Message:
Update www/apache-tomcat8 to 8.0.47.
Notable changes:
- A fix for CVE-2017-12617.
- Add ExtractingRoot, a new WebResourceRoot implementation that extracts
JARs to the work directory for improved performance when deploying
packed WAR files.
- Update the packaged version of the Tomcat Native Library to 1.2.14
Full changelog:
https://tomcat.apache.org/tomcat-8.0-doc/changelog.html
To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 pkgsrc/www/apache-tomcat8/Makefile
cvs rdiff -u -r1.15 -r1.16 pkgsrc/www/apache-tomcat8/distinfo
|
|
www/apache-tomcat7: security update
Revisions pulled up:
- www/apache-tomcat7/Makefile 1.34
- www/apache-tomcat7/distinfo 1.28
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: fhajny
Date: Tue Oct 31 14:31:10 UTC 2017
Modified Files:
pkgsrc/www/apache-tomcat7: Makefile distinfo
Log Message:
Update www/apache-tomcat7 to 7.0.82.
Notable changes:
- A fix for CVE-2017-12617.
- Update the packaged version of the Tomcat Native Library to 1.2.14
Full changelog:
https://tomcat.apache.org/tomcat-7.0-doc/changelog.html
To generate a diff of this commit:
cvs rdiff -u -r1.33 -r1.34 pkgsrc/www/apache-tomcat7/Makefile
cvs rdiff -u -r1.27 -r1.28 pkgsrc/www/apache-tomcat7/distinfo
|
|
|
|
textproc/libxml2: security update
textproc/py-libxml2: security update
Revisions pulled up:
- textproc/libxml2/Makefile.common 1.8
- textproc/libxml2/distinfo 1.118
- textproc/py-libxml2/distinfo 1.38
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: fhajny
Date: Mon Oct 30 14:02:03 UTC 2017
Modified Files:
pkgsrc/textproc/libxml2: Makefile.common distinfo
Log Message:
Update textproc/libxml2 to 2.9.6.
Update Portability:
- Change preprocessor OS tests to __linux__
Bug Fixes:
- Fix XPath stack frame logic
- Report undefined XPath variable error message
- Fix regression with librsvg
- Handle more invalid entity values in recovery mode
- Fix structured validation errors
- Fix memory leak in LZMA decompressor
- Set memory limit for LZMA decompression
- Handle illegal entity values in recovery mode
- Fix debug dump of streaming XPath expressions
- Fix memory leak in nanoftp
- Fix memory leaks in SAX1 parser
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 pkgsrc/textproc/libxml2/Makefile.common
cvs rdiff -u -r1.117 -r1.118 pkgsrc/textproc/libxml2/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: jperkin
Date: Tue Oct 31 09:08:27 UTC 2017
Modified Files:
pkgsrc/textproc/py-libxml2: distinfo
Log Message:
py-libxml2: Update checksum.
To generate a diff of this commit:
cvs rdiff -u -r1.37 -r1.38 pkgsrc/textproc/py-libxml2/distinfo
|
|
www/wordpress: security fix
Revisions pulled up:
- www/wordpress/Makefile 1.73
- www/wordpress/PLIST 1.35
- www/wordpress/distinfo 1.58
---
Module Name: pkgsrc
Committed By: morr
Date: Fri Nov 3 09:49:13 UTC 2017
Modified Files:
pkgsrc/www/wordpress: Makefile PLIST distinfo
Log Message:
Security update to version 4.8.3.
WordPress versions 4.8.2 and earlier are affected by an issue where
$wpdb->prepare() can create unexpected and unsafe queries leading to potential
SQL injection (SQLi). WordPress core is not directly vulnerable to this issue,
but we’ve added hardening to prevent plugins and themes from accidentally
causing a vulnerability. Reported by Anthony Ferrara.
|
|
chat/weechat: build fix
Revisions pulled up:
- chat/weechat/distinfo 1.45-1.46
- chat/weechat/patches/patch-CMakeLists.txt 1.1-1.2
---
Module Name: pkgsrc
Committed By: maya
Date: Sat Nov 4 17:16:58 UTC 2017
Modified Files:
pkgsrc/chat/weechat: distinfo
Added Files:
pkgsrc/chat/weechat/patches: patch-CMakeLists.txt
Log Message:
weechat: add configure check that eat_newline_glitch can be assigned to
Fixes netbsd-7 build.
---
Module Name: pkgsrc
Committed By: maya
Date: Sat Nov 4 17:23:20 UTC 2017
Modified Files:
pkgsrc/chat/weechat: distinfo
pkgsrc/chat/weechat/patches: patch-CMakeLists.txt
Log Message:
weechat: ...and don't expand unrelated things in CMakeLists.txt
|
|
multimedia/smpeg: build fix
Revisions pulled up:
- multimedia/smpeg/distinfo 1.9
- multimedia/smpeg/patches/patch-audio_huffmantable.cpp 1.1
---
Module Name: pkgsrc
Committed By: jperkin
Date: Thu Oct 19 15:59:22 UTC 2017
Modified Files:
pkgsrc/multimedia/smpeg: distinfo
Added Files:
pkgsrc/multimedia/smpeg/patches: patch-audio_huffmantable.cpp
Log Message:
smpeg: Fix build with GCC >= 6, from various.
|
|
print/py-reportlab: bugfix
Revisions pulled up:
- print/py-reportlab/Makefile 1.57
- print/py-reportlab/patches/patch-src_reportlab_platypus_tables.py 1.1
---
Module Name: pkgsrc
Committed By: joerg
Date: Thu Nov 2 20:03:13 UTC 2017
Modified Files:
pkgsrc/print/py-reportlab: Makefile
Added Files:
pkgsrc/print/py-reportlab/patches:
patch-src_reportlab_platypus_tables.py
Log Message:
Merge fix for quadratic performance of very long tables from upstream.
Bump revision.
|
|
devel/libgnome: build fix
Revisions pulled up:
- devel/libgnome/distinfo 1.41
- devel/libgnome/patches/patch-libgnome_gnome-config.h 1.1
---
Module Name: pkgsrc
Committed By: jperkin
Date: Thu Oct 19 09:14:32 UTC 2017
Modified Files:
pkgsrc/devel/libgnome: distinfo
Added Files:
pkgsrc/devel/libgnome/patches: patch-libgnome_gnome-config.h
Log Message:
libgnome: Remove UTF-8 character causing glib-mkenums failure.
Patch taken from MacPorts.
|
|
devel/flex: Linux build fix
Revisions pulled up:
- devel/flex/Makefile 1.61
---
Module Name: pkgsrc
Committed By: triaxx
Date: Fri Oct 20 06:22:24 UTC 2017
Modified Files:
pkgsrc/devel/flex: Makefile
Log Message:
Add workaround for fixing build on Linux
See https://github.com/westes/flex/issues/241
The problem is fixed in master branch and the workaround could be removed
in the next version update.
|
|
sysutils/hal: build fix
Revisions pulled up:
- sysutils/hal/PLIST.Linux 1.7
---
Module Name: pkgsrc
Committed By: triaxx
Date: Fri Oct 20 08:20:30 UTC 2017
Modified Files:
pkgsrc/sysutils/hal: PLIST.Linux
Log Message:
Fix missing macbook/macbookpro files in PLIST
|
|
|
|
audio/grip: Linux build fix
Revisions pulled up:
- audio/grip/Makefile 1.5
- audio/grip/distinfo 1.3
- audio/grip/patches/patch-configure 1.3
---
Module Name: pkgsrc
Committed By: triaxx
Date: Sun Oct 22 07:55:24 UTC 2017
Modified Files:
pkgsrc/audio/grip: Makefile distinfo
Added Files:
pkgsrc/audio/grip/patches: patch-configure
Log Message:
Add workaround for fixing build on Linux
See https://github.com/westes/flex/issues/241
The problem is fixed in master branch and the workaround could be removed
in the next version update.
|
|
www/apache-tomcat85: security fix
Revisions pulled up:
- www/apache-tomcat85/Makefile 1.4
- www/apache-tomcat85/distinfo 1.4
---
Module Name: pkgsrc
Committed By: ryoon
Date: Wed Oct 25 14:18:47 UTC 2017
Modified Files:
pkgsrc/www/apache-tomcat85: Makefile distinfo
Log Message:
Update to 8.5.23
Changelog:
A fix for CVE-2017-12617.
Stricter validation of the HTTP Host header.
Add ExtractingRoot, a new WebResourceRoot implementation that
extracts JARs to the work directory for improved performance when
deploying packed WAR files.
Added support for the OpenSSL SSL_CONF API. To support this the
minimum required Tomcat Native version is 1.2.14.
|
|
multimedia/mplayer-share: build fix
Revisions pulled up:
- multimedia/mplayer-share/distinfo 1.92
- multimedia/mplayer-share/patches/patch-libvo_vo__vdpau.c 1.1
---
Module Name: pkgsrc
Committed By: ryoon
Date: Mon Oct 23 10:38:22 UTC 2017
Modified Files:
pkgsrc/multimedia/mplayer-share: distinfo
Added Files:
pkgsrc/multimedia/mplayer-share/patches: patch-libvo_vo__vdpau.c
Log Message:
Fix build with ffmpeg 3.4
|
|
lang/g95: build fix
Revisions pulled up:
- lang/g95/distinfo 1.32
- lang/g95/patches/patch-ab 1.9
---
Module Name: pkgsrc
Committed By: khorben
Date: Fri Oct 27 20:57:16 UTC 2017
Modified Files:
pkgsrc/lang/g95: distinfo
pkgsrc/lang/g95/patches: patch-ab
Log Message:
Apply CFLAGS to the whole build process for lang/g95
This fixes building g95 with PKGSRC_MKPIE=yes without cwrappers.
A separate fix for the same issue with cwrappers is on its way.
|
|
print/mupdf: security fix
Revisions pulled up:
- print/mupdf/Makefile 1.54
- print/mupdf/distinfo 1.38
- print/mupdf/patches/patch-CVE-2017-14685 1.1
- print/mupdf/patches/patch-CVE-2017-14686 1.1
- print/mupdf/patches/patch-CVE-2017-14687 1.1
- print/mupdf/patches/patch-CVE-2017-15369 1.1
- print/mupdf/patches/patch-CVE-2017-15587 1.1
---
Module Name: pkgsrc
Committed By: leot
Date: Wed Oct 25 11:00:03 UTC 2017
Modified Files:
pkgsrc/print/mupdf: Makefile distinfo
Added Files:
pkgsrc/print/mupdf/patches: patch-CVE-2017-14685
patch-CVE-2017-14686
patch-CVE-2017-14687 patch-CVE-2017-15369 patch-CVE-2017-15587
Log Message:
mupdf: backport patches to fix several possible security issues
Backport patches from upstream to address CVE-2017-14685, CVE-2017-14686,
CVE-2017-14687, CVE-2017-15369 and CVE-2017-15587.
These will not be needed for the next mupdf stable release.
Bump PKGREVISION.
|
|
www/lighttpd: SunOS build fix
Revisions pulled up:
- www/lighttpd/distinfo 1.40
- www/lighttpd/patches/patch-src_fdevent__solaris__port.c 1.1
---
Module Name: pkgsrc
Committed By: fhajny
Date: Wed Oct 25 14:27:21 UTC 2017
Modified Files:
pkgsrc/www/lighttpd: distinfo
Added Files:
pkgsrc/www/lighttpd/patches: patch-src_fdevent__solaris__port.c
Log Message:
www/lighttpd: Fix build on SunOS.
|
|
math/lp_solve: security fix
Revisions pulled up:
- math/lp_solve/Makefile 1.11
- math/lp_solve/distinfo 1.7-1.8
- math/lp_solve/patches/patch-lp__solve_ccc 1.4-1.5
- math/lp_solve/patches/patch-lpsolve55_ccc 1.4-1.5
---
Module Name: pkgsrc
Committed By: khorben
Date: Sat Oct 28 11:23:50 UTC 2017
Modified Files:
pkgsrc/math/lp_solve: distinfo
pkgsrc/math/lp_solve/patches: patch-lp__solve_ccc
patch-lpsolve55_ccc
Log Message:
Fix local privilege escalation when building math/lp_solve
This still requires $TMPDIR (or /tmp) to be mounted with "exec", but now
respects $TMPDIR.
---
Module Name: pkgsrc
Committed By: khorben
Date: Sun Oct 29 22:16:03 UTC 2017
Modified Files:
pkgsrc/math/lp_solve: Makefile distinfo
pkgsrc/math/lp_solve/patches: patch-lp__solve_ccc
patch-lpsolve55_ccc
Log Message:
Use ${WRKDIR}/tmp for temporary files instead of $(mktemp -d)
This is more portable.
As suggested by joerg@.
|
|
|
|
lang/nodejs6: security update
Revisions pulled up:
- lang/nodejs6/Makefile 1.16-1.17
- lang/nodejs6/distinfo 1.15-1.16
- lang/nodejs6/patches/patch-deps_cares_cares.gyp 1.2-1.3
- lang/nodejs6/patches/patch-deps_uv_uv.gyp 1.1-1.2
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: fhajny
Date: Wed Oct 4 16:20:58 UTC 2017
Modified Files:
pkgsrc/lang/nodejs6: Makefile distinfo
pkgsrc/lang/nodejs6/patches: patch-deps_cares_cares.gyp
Added Files:
pkgsrc/lang/nodejs6/patches: patch-deps_uv_uv.gyp
Log Message:
Update lang/nodejs6 to 6.11.4.
- net: support passing undefined to listen() to match behavior
in v4.x and v8.x
To generate a diff of this commit:
cvs rdiff -u -r1.15 -r1.16 pkgsrc/lang/nodejs6/Makefile
cvs rdiff -u -r1.14 -r1.15 pkgsrc/lang/nodejs6/distinfo
cvs rdiff -u -r1.1 -r1.2 \
pkgsrc/lang/nodejs6/patches/patch-deps_cares_cares.gyp
cvs rdiff -u -r0 -r1.1 pkgsrc/lang/nodejs6/patches/patch-deps_uv_uv.gyp
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: fhajny
Date: Wed Oct 25 13:45:18 UTC 2017
Modified Files:
pkgsrc/lang/nodejs6: Makefile distinfo
pkgsrc/lang/nodejs6/patches: patch-deps_cares_cares.gyp
patch-deps_uv_uv.gyp
Log Message:
Update lang/nodejs6 to 6.11.5.
zlib:
- CVE-2017-14919 - In zlib v1.2.9, a change was made that causes an
error to be raised when a raw deflate stream is initialized with
windowBits set to 8. On some versions this crashes Node and you cannot
recover from it, while on some versions it throws an exception.
Node.js will now gracefully set windowBits to 9 replicating the legacy
behavior to avoid a DOS vector.
To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 pkgsrc/lang/nodejs6/Makefile
cvs rdiff -u -r1.15 -r1.16 pkgsrc/lang/nodejs6/distinfo
cvs rdiff -u -r1.2 -r1.3 \
pkgsrc/lang/nodejs6/patches/patch-deps_cares_cares.gyp
cvs rdiff -u -r1.1 -r1.2 pkgsrc/lang/nodejs6/patches/patch-deps_uv_uv.gyp
|
|
databases/php-ldap: revision cleanup
databases/php-mssql: revision cleanup
databases/php-pdo_dblib: revision cleanup
databases/php-pdo_sqlite: revision cleanup
graphics/php-gd: revision cleanup
meta-pkgs/php56-extensions: revision cleanup
meta-pkgs/php70-extensions: revision cleanup
meta-pkgs/php71-extensions: revision cleanup
textproc/php-intl: revision cleanup
textproc/php-xsl: revision cleanup
www/php-curl: revision cleanup
www/php-fpm: revision cleanup
www/php-tidy: revision cleanup
Revisions pulled up:
- databases/php-ldap/Makefile 1.29
- databases/php-mssql/Makefile 1.29
- databases/php-pdo_dblib/Makefile 1.26
- databases/php-pdo_sqlite/Makefile 1.27
- graphics/php-gd/Makefile 1.41
- meta-pkgs/php56-extensions/Makefile 1.8
- meta-pkgs/php70-extensions/Makefile 1.3
- meta-pkgs/php71-extensions/Makefile 1.3
- textproc/php-intl/Makefile 1.32
- textproc/php-xsl/Makefile 1.11
- www/php-curl/Makefile 1.33
- www/php-fpm/Makefile 1.22
- www/php-tidy/Makefile 1.4
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Fri Oct 27 08:49:01 UTC 2017
Modified Files:
pkgsrc/databases/php-ldap: Makefile
pkgsrc/databases/php-mssql: Makefile
pkgsrc/databases/php-pdo_dblib: Makefile
pkgsrc/databases/php-pdo_sqlite: Makefile
pkgsrc/graphics/php-gd: Makefile
pkgsrc/meta-pkgs/php56-extensions: Makefile
pkgsrc/meta-pkgs/php70-extensions: Makefile
pkgsrc/meta-pkgs/php71-extensions: Makefile
pkgsrc/textproc/php-intl: Makefile
pkgsrc/textproc/php-xsl: Makefile
pkgsrc/www/php-curl: Makefile
pkgsrc/www/php-fpm: Makefile
pkgsrc/www/php-tidy: Makefile
Log Message:
pkgsrc: reset PKGREVISION
reset PKGREVISION along with update of all lang/php*.
To generate a diff of this commit:
cvs rdiff -u -r1.28 -r1.29 pkgsrc/databases/php-ldap/Makefile
cvs rdiff -u -r1.28 -r1.29 pkgsrc/databases/php-mssql/Makefile
cvs rdiff -u -r1.25 -r1.26 pkgsrc/databases/php-pdo_dblib/Makefile
cvs rdiff -u -r1.26 -r1.27 pkgsrc/databases/php-pdo_sqlite/Makefile
cvs rdiff -u -r1.40 -r1.41 pkgsrc/graphics/php-gd/Makefile
cvs rdiff -u -r1.7 -r1.8 pkgsrc/meta-pkgs/php56-extensions/Makefile
cvs rdiff -u -r1.2 -r1.3 pkgsrc/meta-pkgs/php70-extensions/Makefile
cvs rdiff -u -r1.2 -r1.3 pkgsrc/meta-pkgs/php71-extensions/Makefile
cvs rdiff -u -r1.31 -r1.32 pkgsrc/textproc/php-intl/Makefile
cvs rdiff -u -r1.10 -r1.11 pkgsrc/textproc/php-xsl/Makefile
cvs rdiff -u -r1.32 -r1.33 pkgsrc/www/php-curl/Makefile
cvs rdiff -u -r1.21 -r1.22 pkgsrc/www/php-fpm/Makefile
cvs rdiff -u -r1.3 -r1.4 pkgsrc/www/php-tidy/Makefile
|
|
lang/nodejs4: security update
Revisions pulled up:
- lang/nodejs4/Makefile 1.35
- lang/nodejs4/distinfo 1.30
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: fhajny
Date: Wed Oct 25 13:56:01 UTC 2017
Modified Files:
pkgsrc/lang/nodejs4: Makefile distinfo
Log Message:
Update lang/nodejs4 to 4.8.5.
zlib:
- CVE-2017-14919 - In zlib v1.2.9, a change was made that causes an
error to be raised when a raw deflate stream is initialized with
windowBits set to 8. On some versions this crashes Node and you cannot
recover from it, while on some versions it throws an exception.
Node.js will now gracefully set windowBits to 9 replicating the legacy
behavior to avoid a DOS vector.
To generate a diff of this commit:
cvs rdiff -u -r1.34 -r1.35 pkgsrc/lang/nodejs4/Makefile
cvs rdiff -u -r1.29 -r1.30 pkgsrc/lang/nodejs4/distinfo
|
