| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
x11/qt5-qtbase: Linux build fix
Revisions pulled up:
- x11/qt5-qtbase/PLIST.Linux 1.4
---
Module Name: pkgsrc
Committed By: bacon
Date: Fri May 18 15:22:02 UTC 2018
Modified Files:
pkgsrc/x11/qt5-qtbase: PLIST.Linux
Log Message:
x11/qt5-qtbase: Fix version in PLIST.Linux
Previous commit failed to update the hard-coded version from 5.10.0.
Replacing with ${PKGVERSION} to avoid a repeat.
|
|
audio/mpg321: bugfix
Revisions pulled up:
- audio/mpg321/Makefile 1.20
- audio/mpg321/distinfo 1.9
- audio/mpg321/patches/patch-mpg321.c 1.2
---
Module Name: pkgsrc
Committed By: leot
Date: Sat Jun 16 14:43:21 UTC 2018
Modified Files:
pkgsrc/audio/mpg321: Makefile distinfo
pkgsrc/audio/mpg321/patches: patch-mpg321.c
Log Message:
mpg321: Do not unlock unititialized main_lock
Bump PKGREVISION
Problem spotted by <maya>, fixes PR pkg/53369 by <sevan>.
|
|
also note pullups done by bsiegert: #5760 #5761 #5762 #5763 #5764 #5769 #5770
|
|
mail/thunderbird: security update
Revisions pulled up:
- mail/thunderbird/Makefile 1.210
- mail/thunderbird/distinfo 1.200
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: ryoon
Date: Fri Jun 1 19:49:40 UTC 2018
Modified Files:
pkgsrc/mail/thunderbird: Makefile distinfo
Log Message:
Update to 52.8.0
Changelog:
#CVE-2018-5183: Backport critical security fixes in Skia
#CVE-2018-5184: Full plaintext recovery in S/MIME via chosen-ciphertext attack
#CVE-2018-5154: Use-after-free with SVG animations and clip paths
#CVE-2018-5155: Use-after-free with SVG animations and text paths
#CVE-2018-5159: Integer overflow and out-of-bounds write in Skia
#CVE-2018-5161: Hang via malformed headers
#CVE-2018-5162: Encrypted mail leaks plaintext through src attribute
#CVE-2018-5170: Filename spoofing for external attachments
#CVE-2018-5168: Lightweight themes can be installed without user interaction
#CVE-2018-5174: Windows Defender SmartScreen UI runs with less secure behavior
for downloaded files in Windows 10 April 2018 Update
#CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion
through legacy extension
#CVE-2018-5185: Leaking plaintext through HTML forms
#CVE-2018-5150: Memory safety bugs fixed in Firefox 60, Firefox ESR 52.8,
and Thunderbird 52.8
To generate a diff of this commit:
cvs rdiff -u -r1.209 -r1.210 pkgsrc/mail/thunderbird/Makefile
cvs rdiff -u -r1.199 -r1.200 pkgsrc/mail/thunderbird/distinfo
|
|
www/firefox52: security update
Revisions pulled up:
- www/firefox52/Makefile 1.23
- www/firefox52/distinfo 1.14
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: ryoon
Date: Fri Jun 1 19:43:40 UTC 2018
Modified Files:
pkgsrc/www/firefox52: Makefile distinfo
Log Message:
Update to 52.8.0
Changelog:
Various security fixes
Various stability and regression fixes
Performance improvements to the Safe Browsing service to avoid
slowdowns while updating site classification data
Security fixes:
#CVE-2018-5183: Backport critical security fixes in Skia
#CVE-2018-5154: Use-after-free with SVG animations and clip paths
#CVE-2018-5155: Use-after-free with SVG animations and text paths
#CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files
#CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer
#CVE-2018-5159: Integer overflow and out-of-bounds write in Skia
#CVE-2018-5168: Lightweight themes can be installed without user interaction
#CVE-2018-5174: Windows Defender SmartScreen UI runs with less secure behavior
for downloaded files in Windows 10 April 2018 Update
#CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion
through legacy extension
#CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8
To generate a diff of this commit:
cvs rdiff -u -r1.22 -r1.23 pkgsrc/www/firefox52/Makefile
cvs rdiff -u -r1.13 -r1.14 pkgsrc/www/firefox52/distinfo
|
|
devel/jq: security patch
Revisions pulled up:
- devel/jq/Makefile 1.15
- devel/jq/distinfo 1.9
- devel/jq/patches/patch-src_jv__print.c 1.1
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: ginsbach
Date: Wed May 30 16:03:48 UTC 2018
Modified Files:
pkgsrc/devel/jq: Makefile distinfo
Added Files:
pkgsrc/devel/jq/patches: patch-src_jv__print.c
Log Message:
CVE-2016-4074 denial-of-service (via upstream)
Fix present in jq-1.6rc1 (https://github.com/stedolan/jq/commit/83e2cf6).
The fix prevents 'infinite' recursion preventing stack exhaustion.
To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 pkgsrc/devel/jq/Makefile
cvs rdiff -u -r1.8 -r1.9 pkgsrc/devel/jq/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/devel/jq/patches/patch-src_jv__print.c
|
|
security/mcrypt: security patches
Revisions pulled up:
- security/mcrypt/Makefile 1.27
- security/mcrypt/distinfo 1.9
- security/mcrypt/patches/patch-doc_mcrypt.1 1.1
- security/mcrypt/patches/patch-src_errors.c 1.1
- security/mcrypt/patches/patch-src_extra.c 1.1
- security/mcrypt/patches/patch-src_gaaout.c 1.1
- security/mcrypt/patches/patch-src_mcrypt.c 1.1
- security/mcrypt/patches/patch-src_mcrypt.gaa 1.1
- security/mcrypt/patches/patch-src_mcrypt__int.h 1.1
- security/mcrypt/patches/patch-src_rfc2440.c 1.1
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: ginsbach
Date: Wed May 30 14:58:03 UTC 2018
Modified Files:
pkgsrc/security/mcrypt: Makefile distinfo
Added Files:
pkgsrc/security/mcrypt/patches: patch-doc_mcrypt.1 patch-src_errors.c
patch-src_extra.c patch-src_gaaout.c patch-src_mcrypt.c
patch-src_mcrypt.gaa patch-src_mcrypt__int.h patch-src_rfc2440.c
Log Message:
Add various patches from (Brew, Debian, Red Hat, SUSE)
Upstream for mcrypt is effectively dead so incorporate patches from
other OSS packaging systems. These patches address the following:
* CVE-2012-4409 (fix)
* CVE-2012-4527 (fix)
* Spelling and grammar fixes for man page
* Fix potential format-string attacks (no vulnerability Id)
* Fix potential buffer overflows (no vulnerability Id)
* Make native format default as in Debian, Red Hat, and SUSE since
openpgp format handling is seriously broken.
* Fix ARM build [unclear if this is necessary for non-Linux systems]
* Correct include file for OSX
To generate a diff of this commit:
cvs rdiff -u -r1.26 -r1.27 pkgsrc/security/mcrypt/Makefile
cvs rdiff -u -r1.8 -r1.9 pkgsrc/security/mcrypt/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/security/mcrypt/patches/patch-doc_mcrypt.1 \
pkgsrc/security/mcrypt/patches/patch-src_errors.c \
pkgsrc/security/mcrypt/patches/patch-src_extra.c \
pkgsrc/security/mcrypt/patches/patch-src_gaaout.c \
pkgsrc/security/mcrypt/patches/patch-src_mcrypt.c \
pkgsrc/security/mcrypt/patches/patch-src_mcrypt.gaa \
pkgsrc/security/mcrypt/patches/patch-src_mcrypt__int.h \
pkgsrc/security/mcrypt/patches/patch-src_rfc2440.c
|
|
security/gpgme: build fix
Revisions pulled up:
- security/gpgme/options.mk 1.10
---
Module Name: pkgsrc
Committed By: leot
Date: Sun Jun 3 21:18:34 UTC 2018
Modified Files:
pkgsrc/security/gpgme: options.mk
Log Message:
gpgme: Disable tests that needs gpg-agent when built with gnupg1 option
When building with the gnupg1 option some tests force the need of
gpg-agent and fails as noticed by <uwe> via PR pkg/53160.
Adjust options.mk accordingly disabling gpgsm tests for the gnupg1
option.
Should fix PR pkg/53160 reported by <uwe>.
|
|
devel/git: security fix
This was submitted as a manual patch.
---
git: Update devel/git to 2.16.4
Changes:
Git v2.16.4 Release Notes
=========================
This release is to forward-port the fixes made in the v2.13.7 version
of Git. See its release notes for details.
[...2.13.7 release notes...:]
* Submodule "names" come from the untrusted .gitmodules file, but we
blindly append them to $GIT_DIR/modules to create our on-disk repo
paths. This means you can do bad things by putting "../" into the
name. We now enforce some rules for submodule names which will cause
Git to ignore these malicious names (CVE-2018-11235).
Credit for finding this vulnerability and the proof of concept from
which the test script was adapted goes to Etienne Stalmans.
* It was possible to trick the code that sanity-checks paths on NTFS
into reading random piece of memory (CVE-2018-11233).
Credit for fixing for these bugs goes to Jeff King, Johannes
Schindelin and others.
|
|
lang/python27: build fix
devel/py-curses: build fix
Revisions pulled up:
- devel/py-curses/Makefile 1.47
- lang/python27/distinfo 1.69
- lang/python27/patches/patch-ah deleted
---
Module Name: pkgsrc
Committed By: leot
Date: Sun Jun 3 07:49:27 UTC 2018
Modified Files:
pkgsrc/devel/py-curses: Makefile
pkgsrc/lang/python27: distinfo
Removed Files:
pkgsrc/lang/python27/patches: patch-ah
Log Message:
python27: Remove patches/patch-ah (no longer needed)
Since Python 2.7.15 patches/patch-ah is no longer needed and badly interfere
(e.g. with it `curses.KEY_*' are no longer exposed):
- Prototypes of NetBSD curses(3) are as described, no need to patch them
- Avoid {lines,columns} -> {nlines,columns} rename, they are properly
undef-ed due HAVE_TERM_H.
- Use keyname() (it should be present since NetBSD 2.0)
Bump PKGREVISION for devel/py-curses so it will be properly rebuild.
Fixes PR pkg/53330 reported by <oster>.
|
|
mail/roundcube-plugin-enigma: build fix
Revisions pulled up:
- mail/roundcube-plugin-enigma/Makefile 1.3
- mail/roundcube-plugin-enigma/PLIST 1.3
- mail/roundcube-plugin-enigma/distinfo 1.10
---
Module Name: pkgsrc
Committed By: triaxx
Date: Wed May 16 08:17:31 UTC 2018
Modified Files:
pkgsrc/mail/roundcube-plugin-enigma: Makefile PLIST distinfo
Log Message:
roundcube-plugin-enigma: update distinfo for 1.3.6
|
|
mail/roundcube-plugin-zipdownload: build fix
Revisions pulled up:
- mail/roundcube-plugin-zipdownload/PLIST 1.3
- mail/roundcube-plugin-zipdownload/distinfo 1.10
---
Module Name: pkgsrc
Committed By: triaxx
Date: Wed May 16 08:18:08 UTC 2018
Modified Files:
pkgsrc/mail/roundcube-plugin-zipdownload: distinfo
Log Message:
roundcube-plugin-zipdownload: update distinfo for 1.3.6
---
Module Name: pkgsrc
Committed By: taca
Date: Sun May 20 03:51:15 UTC 2018
Modified Files:
pkgsrc/mail/roundcube-plugin-zipdownload: PLIST
Log Message:
mail/roundcube-plugin-zipdownload: Fix PLIST
Fix PLIST after update to 1.3.6.
|
|
mail/roundcube-plugin-password: build fix
Revisions pulled up:
- mail/roundcube-plugin-password/Makefile 1.2
- mail/roundcube-plugin-password/PLIST 1.3
- mail/roundcube-plugin-password/distinfo 1.10
---
Module Name: pkgsrc
Committed By: triaxx
Date: Wed May 16 08:17:50 UTC 2018
Modified Files:
pkgsrc/mail/roundcube-plugin-password: distinfo
Log Message:
roundcube-plugin-password: update distinfo for 1.3.6
---
Module Name: pkgsrc
Committed By: taca
Date: Sun May 20 03:50:53 UTC 2018
Modified Files:
pkgsrc/mail/roundcube-plugin-password: PLIST
Log Message:
mail/roundcube-plugin-password: Fix PLIST
Fix PLIST after update to 1.3.6.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun May 20 03:54:54 UTC 2018
Modified Files:
pkgsrc/mail/roundcube-plugin-password: Makefile
Log Message:
mail/roundcube-plugin-password: fix interpreter
* Replace interpreter of perl script.
* Do not set REPLACE_PYTHON but add to it.
Bump PKGREVISION.
|
|
lang/python27: security fix
Revisions pulled up:
- lang/python27/PLIST.common 1.19
- lang/python27/dist.mk 1.15
- lang/python27/distinfo 1.68
- lang/python27/patches/patch-ah 1.9
- lang/python27/patches/patch-al 1.18
---
Module Name: pkgsrc
Committed By: spz
Date: Sat May 19 06:54:55 UTC 2018
Modified Files:
pkgsrc/lang/python27: PLIST.common dist.mk distinfo
pkgsrc/lang/python27/patches: patch-ah patch-al
Log Message:
update python27 by one teeny, fixing 3 vulnerabilities.
Upstream changelog, slightly reordered:
Security
--------
- bpo-31530: Fixed crashes when iterating over a file on multiple threads.
This resolves CVE-2018-1000030.
- bpo-32997: A regex in fpformat was vulnerable to catastrophic
backtracking. This regex was a potential DOS vector (REDOS). Based on
typical uses of fpformat the risk seems low. The regex has been refactored
and is now safe. Patch by Jamie Davis.
- bpo-32981: Regexes in difflib and poplib were vulnerable to catastrophic
backtracking. These regexes formed potential DOS vectors (REDOS). They
have been refactored. This resolves CVE-2018-1060 and CVE-2018-1061. Patch
by Jamie Davis.
- bpo-31339: Rewrite time.asctime() and time.ctime(). Backport and adapt the
_asctime() function from the master branch to not depend on the
implementation of asctime() and ctime() from the external C library. This
change fixes a bug when Python is run using the musl C library.
- bpo-30730: Prevent environment variables injection in subprocess on
Windows. Prevent passing other environment variables and command
arguments.
- bpo-30694: Upgrade expat copy from 2.2.0 to 2.2.1 to get fixes of multiple
security vulnerabilities including: CVE-2017-9233 (External entity
infinite loop DoS), CVE-2016-9063 (Integer overflow, re-fix),
CVE-2016-0718 (Fix regression bugs from 2.2.0's fix to CVE-2016-0718) and
CVE-2012-0876 (Counter hash flooding with SipHash). Note: the
CVE-2016-5300 (Use os- specific entropy sources like getrandom) doesn't
impact Python, since Python already gets entropy from the OS to set the
expat secret using ``XML_SetHashSalt()``.
- bpo-30500: Fix urllib.splithost() to correctly parse fragments. For
example, ``splithost('//127.0.0.1#@evil.com/')`` now correctly returns the
``127.0.0.1`` host, instead of treating ``@evil.com`` as the host in an
authentification (``login@host``).
- bpo-29591: Update expat copy from 2.1.1 to 2.2.0 to get fixes of
CVE-2016-0718 and CVE-2016-4472. See
https://sourceforge.net/p/expat/bugs/537/ for more information.
Core and Builtins
-----------------
- bpo-33374: Tweak the definition of PyGC_Head, so compilers do not believe
it is always 16-byte aligned on x86. This prevents crashes with more
aggressive optimizations present in GCC 8.
- bpo-33026: Fixed jumping out of "with" block by setting f_lineno.
- bpo-17288: Prevent jumps from 'return' and 'exception' trace events.
- bpo-18533: ``repr()`` on a dict containing its own ``viewvalues()`` or
``viewitems()`` no longer raises ``RuntimeError``. Instead, use ``...``,
as for other recursive structures. Patch by Ben North.
- bpo-10544: Yield expressions are now deprecated in comprehensions and
generator expressions when checking Python 3 compatibility. They are still
permitted in the definition of the outermost iterable, as that is
evaluated directly in the enclosing scope.
- bpo-32137: The repr of deeply nested dict now raises a RecursionError
instead of crashing due to a stack overflow.
- bpo-20047: Bytearray methods partition() and rpartition() now accept only
bytes-like objects as separator, as documented. In particular they now
raise TypeError rather of returning a bogus result when an integer is
passed as a separator.
- bpo-31733: Add a new PYTHONSHOWREFCOUNT environment variable. In debug
mode, Python now only print the total reference count if
PYTHONSHOWREFCOUNT is set.
- bpo-31692: Add a new PYTHONSHOWALLOCCOUNT environment variable. When
Python is compiled with COUNT_ALLOCS, PYTHONSHOWALLOCCOUNT now has to be
set to dump allocation counts into stderr on shutdown. Moreover,
allocations statistics are now dumped into stderr rather than stdout.
- bpo-31478: Prevent unwanted behavior in `_random.Random.seed()` in case
the argument has a bad ``__abs__()`` method. Patch by Oren Milman.
- bpo-31490: Fix an assertion failure in `ctypes` class definition, in case
the class has an attribute whose name is specified in ``_anonymous_`` but
not in ``_fields_``. Patch by Oren Milman.
- bpo-31411: Raise a TypeError instead of SystemError in case
warnings.onceregistry is not a dictionary. Patch by Oren Milman.
- bpo-31343: Include sys/sysmacros.h for major(), minor(), and makedev().
GNU C libray plans to remove the functions from sys/types.h.
- bpo-31311: Fix a crash in the ``__setstate__()`` method of
`ctypes._CData`, in case of a bad ``__dict__``. Patch by Oren Milman.
- bpo-31243: Fix a crash in some methods of `io.TextIOWrapper`, when the
decoder's state is invalid. Patch by Oren Milman.
- bpo-31095: Fix potential crash during GC caused by ``tp_dealloc`` which
doesn't call ``PyObject_GC_UnTrack()``.
- bpo-30657: Fixed possible integer overflow in PyString_DecodeEscape. Patch
by Jay Bosamiya.
- bpo-27945: Fixed various segfaults with dict when input collections are
mutated during searching, inserting or comparing. Based on patches by
Duane Griffin and Tim Mitchell.
- bpo-25794: Fixed type.__setattr__() and type.__delattr__() for non-
interned or unicode attribute names. Based on patch by Eryk Sun.
- bpo-29935: Fixed error messages in the index() method of tuple and list
when pass indices of wrong type.
- bpo-28598: Support __rmod__ for subclasses of str being called before
str.__mod__. Patch by Martijn Pieters.
- bpo-29602: Fix incorrect handling of signed zeros in complex constructor
for complex subclasses and for inputs having a __complex__ method. Patch
by Serhiy Storchaka.
- bpo-29347: Fixed possibly dereferencing undefined pointers when creating
weakref objects.
- bpo-14376: Allow sys.exit to accept longs as well as ints. Patch by Gareth
Rees.
- bpo-29028: Fixed possible use-after-free bugs in the subscription of the
buffer object with custom index object.
- bpo-29145: Fix overflow checks in string, bytearray and unicode. Patch by
jan matejek and Xiang Zhang.
- bpo-28932: Do not include <sys/random.h> if it does not exist.
Library
-------
- bpo-33096: Allow ttk.Treeview.insert to insert iid that has a false
boolean value. Note iid=0 and iid=False would be same. Patch by Garvit
Khatri.
- bpo-33127: The ssl module now compiles with LibreSSL 2.7.1.
- bpo-30622: The ssl module now detects missing NPN support in LibreSSL.
- bpo-21060: Rewrite confusing message from setup.py upload from "No dist
file created in earlier command" to the more helpful "Must create and
upload files in one command".
- bpo-30157: Fixed guessing quote and delimiter in csv.Sniffer.sniff() when
only the last field is quoted. Patch by Jake Davis.
- bpo-32647: The ctypes module used to depend on indirect linking for
dlopen. The shared extension is now explicitly linked against libdl on
platforms with dl.
- bpo-32304: distutils' upload command no longer corrupts tar files ending
with a CR byte, and no longer tries to convert CR to CRLF in any of the
upload text fields.
- bpo-31848: Fix the error handling in Aifc_read.initfp() when the SSND
chunk is not found. Patch by Zackery Spytz.
- bpo-32521: The nis module is now compatible with new libnsl and headers
location.
- bpo-32539: Fix ``OSError`` for ``os.listdir`` with deep paths (starting
with ``\\?\``) on windows. Patch by Anthony Sottile.
- bpo-32521: glibc has removed Sun RPC. Use replacement libtirpc headers and
library in nis module.
- bpo-18035: ``telnetlib``: ``select.error`` doesn't have an ``errno``
attribute. Patch by Segev Finer.
- bpo-32185: The SSL module no longer sends IP addresses in SNI TLS
extension on platforms with OpenSSL 1.0.2+ or inet_pton.
- bpo-32186: Creating io.FileIO() and builtin file() objects now release the
GIL when checking the file descriptor. io.FileIO.readall(),
io.FileIO.read(), and file.read() now release the GIL when getting the
file size. Fixed hang of all threads with inaccessible NFS server. Patch
by Nir Soffer.
- bpo-32110: ``codecs.StreamReader.read(n)`` now returns not more than *n*
characters/bytes for non-negative *n*. This makes it compatible with
``read()`` methods of other file-like objects.
- bpo-21149: Silence a `'NoneType' object is not callable` in
`_removeHandlerRef` error that could happen when a logging Handler is
destroyed as part of cyclic garbage collection during process shutdown.
- bpo-31764: Prevent a crash in ``sqlite3.Cursor.close()`` in case the
``Cursor`` object is uninitialized. Patch by Oren Milman.
- bpo-31955: Fix CCompiler.set_executable() of distutils to handle properly
Unicode strings.
- bpo-9678: Fixed determining the MAC address in the uuid module:
* Using ifconfig on NetBSD and OpenBSD.
* Using arp on Linux, FreeBSD, NetBSD and OpenBSD.
Based on patch by Takayuki Shimizukawa.
- bpo-30057: Fix potential missed signal in signal.signal().
- bpo-31927: Fixed reading arbitrary data when parse a AF_BLUETOOTH address
on NetBSD and DragonFly BSD.
- bpo-27666: Fixed stack corruption in curses.box() and curses.ungetmouse()
when the size of types chtype or mmask_t is less than the size of C long.
curses.box() now accepts characters as arguments. Based on patch by Steve
Fink.
- bpo-25720: Fix the method for checking pad state of curses WINDOW. Patch
by Masayuki Yamamoto.
- bpo-31893: Fixed the layout of the kqueue_event structure on OpenBSD and
NetBSD. Fixed the comparison of the kqueue_event objects.
- bpo-31891: Fixed building the curses module on NetBSD.
- bpo-30058: Fixed buffer overflow in select.kqueue.control().
- bpo-31770: Prevent a crash when calling the ``__init__()`` method of a
``sqlite3.Cursor`` object more than once. Patch by Oren Milman.
- bpo-31728: Prevent crashes in `_elementtree` due to unsafe cleanup of
`Element.text` and `Element.tail`. Patch by Oren Milman.
- bpo-31752: Fix possible crash in timedelta constructor called with custom
integers.
- bpo-31681: Fix pkgutil.get_data to avoid leaking open files.
- bpo-31675: Fixed memory leaks in Tkinter's methods splitlist() and split()
when pass a string larger than 2 GiB.
- bpo-30806: Fix the string representation of a netrc object.
- bpo-30347: Stop crashes when concurrently iterate over itertools.groupby()
iterators.
- bpo-25732: `functools.total_ordering()` now implements the `__ne__`
method.
- bpo-31351: python -m ensurepip now exits with non-zero exit code if pip
bootstrapping has failed.
- bpo-31544: The C accelerator module of ElementTree ignored exceptions
raised when looking up TreeBuilder target methods in XMLParser().
- bpo-31455: The C accelerator module of ElementTree ignored exceptions
raised when looking up TreeBuilder target methods in XMLParser().
- bpo-25404: SSLContext.load_dh_params() now supports non-ASCII path.
- bpo-28958: ssl.SSLContext() now uses OpenSSL error information when a
context cannot be instantiated.
- bpo-27448: Work around a `gc.disable()` race condition in the `subprocess`
module that could leave garbage collection disabled when multiple threads
are spawning subprocesses at once. Users are *strongly encouraged* to use
the `subprocess32` module from PyPI on Python 2.7 instead, it is much more
reliable.
- bpo-31170: expat: Update libexpat from 2.2.3 to 2.2.4. Fix copying of
partial characters for UTF-8 input (libexpat bug 115):
https://github.com/libexpat/libexpat/issues/115
- bpo-29136: Add TLS 1.3 cipher suites and OP_NO_TLSv1_3.
- bpo-31334: Fix ``poll.poll([timeout])`` in the ``select`` module for
arbitrary negative timeouts on all OSes where it can only be a non-
negative integer or -1. Patch by Riccardo Coccioli.
- bpo-10746: Fix ctypes producing wrong PEP 3118 type codes for integer
types.
- bpo-30102: The ssl and hashlib modules now call
OPENSSL_add_all_algorithms_noconf() on OpenSSL < 1.1.0. The function
detects CPU features and enables optimizations on some CPU architectures
such as POWER8. Patch is based on research from Gustavo Serra Scalet.
- bpo-30502: Fix handling of long oids in ssl. Based on patch by Christian
Heimes.
- bpo-25684: Change ``ttk.OptionMenu`` radiobuttons to be unique across
instances of ``OptionMenu``.
- bpo-29169: Update zlib to 1.2.11.
- bpo-30746: Prohibited the '=' character in environment variable names in
``os.putenv()`` and ``os.spawn*()``.
- bpo-28994: The traceback no longer displayed for SystemExit raised in a
callback registered by atexit.
- bpo-30418: On Windows, subprocess.Popen.communicate() now also ignore
EINVAL on stdin.write() if the child process is still running but closed
the pipe.
- bpo-30378: Fix the problem that logging.handlers.SysLogHandler cannot
handle IPv6 addresses.
- bpo-29960: Preserve generator state when _random.Random.setstate() raises
an exception. Patch by Bryan Olson.
- bpo-30310: tkFont now supports unicode options (e.g. font family).
- bpo-30414: multiprocessing.Queue._feed background running thread do not
break from main loop on exception.
- bpo-30003: Fix handling escape characters in HZ codec. Based on patch by
Ma Lin.
- bpo-30375: Warnings emitted when compile a regular expression now always
point to the line in the user code. Previously they could point into
inners of the re module if emitted from inside of groups or conditionals.
- bpo-30363: Running Python with the -3 option now warns about regular
expression syntax that is invalid or has different semantic in Python 3 or
will change the behavior in future Python versions.
- bpo-30365: Running Python with the -3 option now emits deprecation
warnings for getchildren() and getiterator() methods of the Element class
in the xml.etree.cElementTree module and when pass the html argument to
xml.etree.ElementTree.XMLParser().
- bpo-30365: Fixed a deprecation warning about the doctype() method of the
xml.etree.ElementTree.XMLParser class. Now it is emitted only when define
the doctype() method in the subclass of XMLParser.
- bpo-30329: imaplib now catchs the Windows socket WSAEINVAL error (code
10022) on shutdown(SHUT_RDWR): An invalid operation was attempted. This
error occurs sometimes on SSL connections.
- bpo-30342: Fix sysconfig.is_python_build() if Python is built with Visual
Studio 2008 (VS 9.0).
- bpo-29990: Fix range checking in GB18030 decoder. Original patch by Ma
Lin.
- bpo-30243: Removed the __init__ methods of _json's scanner and encoder.
Misusing them could cause memory leaks or crashes. Now scanner and
encoder objects are completely initialized in the __new__ methods.
- bpo-26293: Change resulted because of zipfile breakage. (See also:
bpo-29094)
- bpo-30070: Fixed leaks and crashes in errors handling in the parser
module.
- bpo-30061: Fixed crashes in IOBase methods next() and readlines() when
readline() or next() respectively return non-sizeable object. Fixed
possible other errors caused by not checking results of PyObject_Size(),
PySequence_Size(), or PyMapping_Size().
- bpo-30011: Fixed race condition in HTMLParser.unescape().
- bpo-30068: _io._IOBase.readlines will check if it's closed first when hint
is present.
- bpo-27863: Fixed multiple crashes in ElementTree caused by race conditions
and wrong types.
- bpo-29942: Fix a crash in itertools.chain.from_iterable when encountering
long runs of empty iterables.
- bpo-29861: Release references to tasks, their arguments and their results
as soon as they are finished in multiprocessing.Pool.
- bpo-27880: Fixed integer overflow in cPickle when pickle large strings or
too many objects.
- bpo-29110: Fix file object leak in aifc.open() when file is given as a
filesystem path and is not in valid AIFF format. Original patch by Anthony
Zhang.
- bpo-29354: Fixed inspect.getargs() for parameters which are cell
variables.
- bpo-29335: Fix subprocess.Popen.wait() when the child process has exited
to a stopped instead of terminated state (ex: when under ptrace).
- bpo-29219: Fixed infinite recursion in the repr of uninitialized
ctypes.CDLL instances.
- bpo-29082: Fixed loading libraries in ctypes by unicode names on Windows.
Original patch by Chi Hsuan Yen.
- bpo-29188: Support glibc 2.24 on Linux: don't use getentropy() function
but read from /dev/urandom to get random bytes, for example in
os.urandom(). On Linux, getentropy() is implemented which getrandom() is
blocking mode, whereas os.urandom() should not block.
- bpo-29142: In urllib, suffixes in no_proxy environment variable with
leading dots could match related hostnames again (e.g. .b.c matches
a.b.c). Patch by Milan Oberkirch.
- bpo-13051: Fixed recursion errors in large or resized
curses.textpad.Textbox. Based on patch by Tycho Andersen.
- bpo-9770: curses.ascii predicates now work correctly with negative
integers.
- bpo-28427: old keys should not remove new values from WeakValueDictionary
when collecting from another thread.
- bpo-28998: More APIs now support longs as well as ints.
- bpo-28923: Remove editor artifacts from Tix.py, including encoding not
recognized by codecs.lookup.
- bpo-29019: Fix dict.fromkeys(x) overallocates when x is sparce dict.
Original patch by Rasmus Villemoes.
- bpo-19542: Fix bugs in WeakValueDictionary.setdefault() and
WeakValueDictionary.pop() when a GC collection happens in another thread.
- bpo-28925: cPickle now correctly propagates errors when unpickle instances
of old-style classes.
Documentation
-------------
- bpo-27212: Modify documentation for the :func:`islice` recipe to consume
initial values up to the start index.
- bpo-32800: Update link to w3c doc for xml default namespaces.
- bpo-17799: Explain real behaviour of sys.settrace and sys.setprofile and
their C-API counterparts regarding which type of events are received in
each function. Patch by Pablo Galindo Salgado.
- bpo-8243: Add a note about curses.addch and curses.addstr exception
behavior when writing outside a window, or pad.
- bpo-21649: Add RFC 7525 and Mozilla server side TLS links to SSL
documentation.
- bpo-30176: Add missing attribute related constants in curses
documentation.
- bpo-28929: Link the documentation to its source file on GitHub.
- bpo-26355: Add canonical header link on each page to corresponding major
version of the documentation. Patch by Matthias Bussonnier.
- bpo-12067: Rewrite Comparisons section in the Expressions chapter of the
language reference. Some of the details of comparing mixed types were
incorrect or ambiguous. Added default behaviour and consistency
suggestions for user- defined classes. Based on patch from Andy Maier.
Tests
-----
- bpo-31719: Fix test_regrtest.test_crashed() on s390x. Add a new
_testcapi._read_null() function to crash Python in a reliable way on
s390x. On s390x, ctypes.string_at(0) returns an empty string rather than
crashing.
- bpo-31518: Debian Unstable has disabled TLS 1.0 and 1.1 for
SSLv23_METHOD(). Change TLS/SSL protocol of some tests to PROTOCOL_TLS or
PROTOCOL_TLSv1_2 to make them pass on Debian.
- bpo-25674: Remove sha256.tbs-internet.com ssl test
- bpo-11790: Fix sporadic failures in
test_multiprocessing.WithProcessesTestCondition.
- bpo-30236: Backported test.regrtest options -m/--match and -G/--failfast
from Python 3.
- bpo-30223: To unify running tests in Python 2.7 and Python 3, the test
package can be run as a script. This is equivalent to running the
test.regrtest module as a script.
- bpo-30207: To simplify backports from Python 3, the test.test_support
module was converted into a package and renamed to test.support. The
test.script_helper module was moved into the test.support package. Names
test.test_support and test.script_helper are left as aliases to
test.support and test.support.script_helper.
- bpo-30197: Enhanced function swap_attr() in the test.test_support module.
It now works when delete replaced attribute inside the with statement.
The old value of the attribute (or None if it doesn't exist) now will be
assigned to the target of the "as" clause, if there is one. Also
backported function swap_item().
- bpo-28087: Skip test_asyncore and test_eintr poll failures on macOS. Skip
some tests of select.poll when running on macOS due to unresolved issues
with the underlying system poll function on some macOS versions.
- bpo-15083: Convert ElementTree doctests to unittests.
Build
-----
- bpo-33163: Upgrade pip to 9.0.3 and setuptools to v39.0.1.
- bpo-32616: Disable computed gotos by default for clang < 5.0. It caused
significant performance regression.
- bpo-32635: Fix segfault of the crypt module when libxcrypt is provided
instead of libcrypt at the system.
- bpo-31934: Abort the build when building out of a not clean source tree.
- bpo-31474: Fix -Wint-in-bool-context warnings in PyMem_MALLOC and
PyMem_REALLOC macros
- bpo-29243: Prevent unnecessary rebuilding of Python during ``make test``,
``make install`` and some other make targets when configured with
``--enable- optimizations``.
- bpo-23404: Don't regenerate generated files based on file modification
time anymore: the action is now explicit. Replace ``make touch`` with
``make regen-all``.
- bpo-27593: sys.version and the platform module python_build(),
python_branch(), and python_revision() functions now use git information
rather than hg when building from a repo.
- bpo-29643: Fix ``--enable-optimization`` configure option didn't work.
- bpo-29572: Update Windows build and OS X installers to use OpenSSL 1.0.2k.
- bpo-28768: Fix implicit declaration of function _setmode. Patch by
Masayuki Yamamoto
Windows
-------
- bpo-33184: Update Windows build to use OpenSSL 1.0.2o.
- bpo-32903: Fix a memory leak in os.chdir() on Windows if the current
directory is set to a UNC path.
- bpo-30855: Bump Tcl/Tk to 8.5.19.
- bpo-30450: Pull build dependencies from GitHub rather than svn.python.org.
macOS
-----
- bpo-32726: Provide an additional, more modern macOS installer variant that
supports macOS 10.9+ systems in 64-bit mode only. Upgrade the supplied
third-party libraries to OpenSSL 1.0.2n and SQLite 3.22.0. The 10.9+
installer now supplies its own private copy of Tcl/Tk 8.6.8.
- bpo-24414: Default macOS deployment target is now set by ``configure`` to
the build system's OS version (as is done by Python 3), not ``10.4``;
override with, for example, ``./configure MACOSX_DEPLOYMENT_TARGET=10.4``.
- bpo-17128: All 2.7 macOS installer variants now supply their own version
of ``OpenSSL 1.0.2``; the Apple-supplied SSL libraries and root
certificates are not longer used. The ``Installer Certificate`` command
in ``/Applications/Python 2.7`` may be used to download and install a
default set of root certificates from the third-party ``certifi`` package.
- bpo-11485: python.org macOS Pythons no longer supply a default SDK value
(e.g. ``-isysroot /``) or specific compiler version default (e.g.
``gcc-4.2``) when building extension modules. Use ``CC``, ``SDKROOT``,
and ``DEVELOPER_DIR`` environment variables to override compilers or to
use an SDK. See Apple's ``xcrun`` man page for more info.
- bpo-33184: Update macOS installer build to use OpenSSL 1.0.2o.
Tools/Demos
-----------
- bpo-31920: Fixed handling directories as arguments in the ``pygettext``
script. Based on patch by Oleg Krasnikov.
- bpo-30109: Fixed Tools/scripts/reindent.py for non-ASCII files. It now
processes files as binary streams. This also fixes "make reindent".
- bpo-24960: 2to3 and lib2to3 can now read pickled grammar files using
pkgutil.get_data() rather than probing the filesystem. This lets 2to3 and
lib2to3 work when run from a zipfile.
C API
-----
- bpo-20891: Fix PyGILState_Ensure(). When PyGILState_Ensure() is called in
a non-Python thread before PyEval_InitThreads(), only call
PyEval_InitThreads() after calling PyThreadState_New() to fix a crash.
- bpo-31626: When Python is built in debug mode, the memory debug hooks now
fail with a fatal error if realloc() fails to shrink a memory block,
because the debug hook just erased freed bytes without keeping a copy of
them.
|
|
|
|
mail/roundcube: security update
Revisions pulled up:
- mail/roundcube/Makefile 1.89
- mail/roundcube/Makefile.common 1.10
- mail/roundcube/PLIST 1.45
- mail/roundcube/distinfo 1.61
- mail/roundcube/files/apache.conf 1.2
- mail/roundcube/files/lighttpd.conf 1.1
- mail/roundcube/files/nginx.conf 1.2
- mail/roundcube/options.mk 1.16
- mail/roundcube/patches/patch-ac deleted
- mail/roundcube/patches/patch-rcube_mime_default 1.3
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: triaxx
Date: Wed May 16 08:14:41 UTC 2018
Modified Files:
pkgsrc/mail/roundcube: Makefile Makefile.common PLIST distinfo
options.mk
pkgsrc/mail/roundcube/files: apache.conf nginx.conf
pkgsrc/mail/roundcube/patches: patch-rcube_mime_default
Added Files:
pkgsrc/mail/roundcube/files: lighttpd.conf
Removed Files:
pkgsrc/mail/roundcube/patches: patch-ac
Log Message:
roundcube: update to 1.3.6
* add JavaScript dependencies listed in jsdeps.json
* put them on /pub/pkgsrc/distfiles/roundcube to avoid checksum error due
to archive automatic generation (e.g. tinymce_languages.zip)
* remove patch-ac
* add example configuration fragment for www/lighttpd
CHANGELOG Roundcube Webmail
===========================
RELEASE 1.3.6
-------------
- Fix parsing date strings (e.g. from a Date: mail header) with comments
(#6216)
- Fix PHP 7.2: count(): Parameter must be an array in enchant-based
spellchecker (#6234)
- Fix possible IMAP command injection and type juggling vulnerabilities
(#6229)
- Enigma: Fix key selection for signing
- Enigma: Enable keypair generation on Internet Explorer 11
- Fix check_request() bypass in places using get_uids() [CVE-2018-9846]
(#6238)
- Fix bug where usernames without domain part could be malformed or
converted to lower-case on logon (#6224)
RELEASE 1.3.5
-------------
- Managesieve: Fix bug where text: syntax was forced for strings longer
than 1024 characters (#6143)
- Managesieve: Fix missing Save button in Edit Filter Set page of Classic
skin (#6154)
- Fix duplicated labels in Test SMTP Config section (#6166)
- Fix PHP Warning: exif_read_data(...): Illegal IFD size (#6169)
- Enigma: Fix key generation in Safari by upgrade to OpenPGP 2.6.2 (#6149)
- Fix security issue in remote content blocking on HTML image and style
tags (#6178)
- Added 9pt and 11pt to the list of font sizes in HTML editor
- Fix handling encoding of HTML tags in "inline" JSON output (#6207)
- Fix bug where some unix timestamps were not handled correctly by
rcube_utils::anytodatetime() (#6212)
RELEASE 1.3.4
-------------
- Fix bug where contacts search could skip some records (#6130)
- Fix possible information leak - add more strict sql error check on user
creation (#6125)
- Fix a couple of warnings on PHP 7.2 (#6098)
- Fix broken long filenames when using imap4d server - workaround server
bug (#6048)
- Fix so temp_dir misconfiguration prints an error to the log (#6045)
- Fix untagged COPYUID responses handling - again (#5982)
- Fix PHP warning "idn_to_utf8(): INTL_IDNA_VARIANT_2003 is deprecated"
with PHP 7.2 (#6075)
- Fix bug where Archive folder wasn't auto-created on login with
create_default_folders=true
- Fix performance issue when parsing malformed and long Date header (#6087)
- Fix syntax error in mssql.initial.sql (#6097)
- Fix bug where contacts export by selection returned no more than 10
entries (#6103)
- Fix searching contacts by address in LDAP source (#6084)
- Fix X-Frame-Options:ALLOW-FROM support, remove custom click-jacking
protection (#6057)
RELEASE 1.3.3
-------------
- Fix decoding of mailto: links with + character in HTML messages (#6020)
- Fix false reporting of failed upgrade in installto.sh (#6019)
- Fix file disclosure vulnerability caused by insufficient input validation
[CVE-2017-16651] (#6026)
- Fix mangled non-ASCII characters in links in HTML messages (#6028)
RELEASE 1.3.2
-------------
- Improve detection for Egde browser and add pointer event support (#5922)
- Fix bug where pink image was used instead of a thumbnail when image
resize fails (#5933)
- Fix so files size/count limit is verified (client-side) also on
drag-n-drop uploads (#5940)
- Fix invalid template loading on a message error in preview frame (#5941)
- Fix bug where HTML messages could have been rendered empty on some
systems (#5957)
- Fix wording of "Mark previewed messages as read" to "Mark messages as
read" (#5952)
- Enigma: Fix decryption of messages encoded with non-ascii charset (#5962)
- Fix missing cursor in HTML editor on mail reply (#5969)
- Fix (again) bug where image data URIs in css style were treated as
evil/remote in mail preview (#5580)
- Fix bug where mail search could return empty result on servers without
SORT capability (#5973)
- Fix bug where assets_path wasn't added to some watermark frames
- Fix so untagged COPYUID responses are also supported according to RFC6851
(#5982)
- Fix issue caused by non-default session.cookie_lifetime setting (#5961)
- Fix Edge encoding bug when pasting text into the HTML editor, update to
TinyMCE 4.5.8 (#5885)
- Fix handling of unknown Content-Disposition type (#6002)
- Fix truncated folder name on messages list in multi-folder mode, for
folders with non-ascii characters (#6004)
- Fix bug where removing the last subfolder did not hide toggle button on
its parent record (#6007)
- Fix bug where ghost messages could be added to the list after fast delete
(#5941)
RELEASE 1.3.1
-------------
- Don't ignore (global) userlogins/sendmail logs in per_user_logging mode
- Add Preferences > Mailbox View > Main Options > Layout (#5829)
- Password: Fix compatibility with PHP 7+ in cpanel_webmail driver (#5820)
- Managesieve: Fix parsing dot-staffed lines in multiline text (#5838)
- Managesieve: Fix AM/PM suffix in vacation time selectors
- Managesieve: Fix bug where 'exists' operator was reset to 'contains'
(#5899)
- Remove non-printable characters from filenames on download/display (#5880)
- Fix decoding non-ascii attachment names from TNEF attachments (#5646,
#5799)
- Fix uninitialized string offset in rcube_utils::bin2ascii() and make sure
rcube_utils::random_bytes() result has always requested length (#5788)
- Fix bug where HTML messages with @media styles could moddify style of
page body (#5811)
- Fix style issue on selected and unfocused message that is part of a
thread (#5798)
- Fix bug where a.button style from managesieve plugin could impact other
elements (#5800)
- Fix position of selected icon for (Mailvelope) Encrypt button
- Fix fatal error when using DMY- or MDY-based date format in PostgreSQL
(#5808)
- Fix bug where errors were not printed when using bin/update.sh (#5834)
- Fix PHP 7.2 warnings on count() use (#5845)
- Fix bug where Chrome could not upload the same file that was selected
before (#5854)
- Fix duplicate messages on the list after deleting messages on the next to
the last page (#5862)
- Fix bug where messages count was not updated after delete when imap_cache
is set (#5872)
- Fix potential XSS vulnerability with malformed HTML message markup
- Fix sending message with "Too many public recipients" dialog buttons
(#5924)
- Bring back double-click behavior on the message list which was removed in
1.3.0 (#5823)
- Enigma: Fix decrypting an encrypted+signed message when signature
verification fails (#5914)
RELEASE 1.3.0
-------------
- Update to TinyMCE 4.5.7
- Fix bug where invalid recipients could be silently discarded (#5739)
- Fix conflict with _gid cookie of Google Analytics (#5748)
- Print error from CLI scripts when system/exec function is disabled (#5744)
- Fix bug where comment notation within style tag would cause the whole
style to be ignored (#5747)
- Fix bug where it wasn't possible to scroll folders list in Edge (#5750)
- Fix folders list sorting on Windows - if php-intl is available (#5732)
- Fix addressbook searching by gender (#5757)
- Fix prevention from using % and * characters in folder name (#5762)
- Fix POST parameter reflection in default_charset selector (#5768)
- Enigma: Fix compatibility with assets_dir
- Managesieve: Skip redundant LISTSCRIPTS command
- Fix SQL syntax error on MariaDB 10.2 (#5774)
- Fix bug where zipdownload ignored files with the same name (#5777)
- Fix bug where it wasn't possible to set timezone to auto-detected value
(#5782)
RELEASE 1.3-rc
--------------
- "Flattened" the larry theme: fresher look by removing shadows and
gradients
- Support logging to php://stdout (#5721)
- Add support for DelSp=Yes in format=flowed messages (#5702)
- Update to jQuery 3.2.1
- Update to TinyMCE 4.5.6
- Plugin API: Call message_part_structure hook for sub-parts of
multipart/alternative message (#5678)
- Enigma: Always use detached signatures (#5624)
- Enigma: Fix handling of messages with nested PGP encrypted parts (#5634)
- Minimize unwanted message loading in preview frame on drag (#5616)
- Fix failing database schema check in all engines except mysql (#5730)
- Fix autocomplete popup closing with click outside the input, don't handle
Tab key as Enter (#5606)
- Fix jsdeps.json synchronization on update, warn about missing
requirements of install-jsdeps.sh (#5598)
- Fix missing thread expand icon on search result in widescreen mode (#5613)
- Fix bug where image data URIs in css style were treated as evil/remote in
mail preview (#5580)
- Fix bug where external content in src attribute of input/video tags was
not secured (#5583)
- Fix PHP error on update of a contact with multiple email addresses when
using PHP 7.1 (#5587)
- Fix bug where mail content frame couldn't be reset in some corner cases
(#5608)
- Fix bug where some classic skin images were not displayed in IE/Edge
(#5614)
- Fix bug where signature couldn't be added above the quote in Firefox 51
(#5628)
- Fix regression where groups with email address were resolved to its
members' addresses
- Fix update of group name in the contacts list header on group rename
(#5648)
- Add rewrite rule to disable access to /vendor/bin folder in .htaccess
(#5630)
- Fix bug where it was too easy accidentally move a folder when using the
subscription checkbox (#5655)
- Managesieve: Fix parser issue with empty lines between comments (#5657)
- Managesieve: Fix possible defect in handling \r\n in scripts (#5685)
- Fix/rephrase "unsaved changes" warning when cancelling a draft (#5610)
- Fix XSS issue in handling of a style tag inside of an svg element
[CVE-2017-6820]
- Fix bug where settings/upload.inc could not be used by plugins (#5694)
- Fix regression in LDAP fuzzy search where it always used prefix search
instead (#5713)
- Fix bug where namespace prefix could not be truncated on folders list if
show_real_foldernames=true (#5695)
- Fix undesired effects when postgres database uses different timezone than
PHP host (#5708)
- Installer: Fix DB schema initialization on MS SQL Server
- Fix bug where base_dn setting was ignored inside group_filters (#5720)
- Password: Fix security issue in virtualmin and sasl drivers
[CVE-2017-8114]
RELEASE 1.3-beta
----------------
- Nicely handle contact deletion on contact edit (#5522)
- vcard_attachments: Add possibility to attach contact vCard to composed
message (#4997)
- Preserve message internal/received date on import in mbox format (#5559)
- Zipdownload: Fix date format in mbox "From line"
- Possibility to display QR code for contacts data (#5030)
- Added identicon plugin
- Widescreen layout aka three column view (#5093)
- Unify automatic marking as \Seen in preview pane, full-page and extwin
views (#5071)
- Disable double-click on the list when preview pane is on (#5199)
- Support hostname and hostname:port in force_https option (#5511)
- Support ALLOW-FROM in x_frame_options (#5122)
- Allow to omit a subject when sending an email (#5068)
- Warn about too many disclosed recipients in composed email
[max_disclosed_recipients] (#5132)
- identity_select: Support Received header (#5085)
- Plugin API: Added get_compose_responses hook (#5457)
- Display error when trying to upload more files than specified in
max_file_uploads (#5483)
- Add missing sql upgrade file for 'ip' column resize in session table
(#5465)
- Do not show inline images of unsupported mimetype (#5463)
- Password: Added replacement variables support in password_pop_host (#5539)
- Password: Don't store passwords in temp files when using dovecotpw (#5531)
- Password: Added LDAP PPolicy driver (#5364)
- Password: Added cpanel_webmail driver (#5549)
- Password: Added possibility to nicely redirect from other plugins on
password expiration (#5468)
- Implement separate action to mark all messages in a folder as \Seen
(#5006)
- Implement marking as \Seen in all folders or in a folder and its
subfolders (#5076)
- Archive: Don't reload messages list when it's not needed (#5225)
- Archive: Add option to automatically mark archived messages as \Seen
(#5142)
- Improve randomness of password salts and random hashes (#5266)
- Password/cPanel: Add support for hash authentication and reseller
accounts (#5252)
- Support host-specific
imap_conn_options/smtp_conn_options/managesieve_conn_options (#5136)
- Center and scale images in attachment preview frame (#5421)
- Added max_message_size option enforced when attaching files to a composed
message (#4993)
- Added Search button in quick search menus (#5312)
- Implement "one click" attachment/messages/photo upload (#5024)
- Squirrelmail_usercopy: Add option to define character set of data files
- Removed useless 'created' column from 'session' table (#5389)
- Dropped legacy browsers support (#5167)
- Removed legacy_browser plugin
- Removed hacks for IE < 10
- Update to jQuery 3.1.1 and jQuery-UI 1.12.0
- compile .min.js files with ECMASCRIPT5 option
- Require PHP >= 5.4
- Add possibility to preview and download attachments in mail compose
(#5053)
- Add possibility to rename attachments in mail compose (#4996)
- Remove backward compatibility "layer" of bc.php (#4902)
- Support WEBP images in mail messages (#5362)
- Support MathML in HTML message preview (#5182)
- Rename Addressbook to Contacts (#5233)
- Remove PHP mail() support, smtp_server is required now (#5340)
- Display full message subject in onmouseover on truncated subject in mail
view (#5346)
- Enigma: Support GnuPG 2.1 (#5313)
- Enigma: Support key generation for multiple identities (#5383)
- Enigma: Import keys from key-server(s) (#5286)
- Enigma: Search missing public keys on a key-server in mail compose (#5286)
- Enigma: Delete user keys when using deluser.sh script
- Enigma: Fix redundant list-secret-keys/list-public-keys calls on
signing/encryption
- Enigma: Implement PGP encryption and signing in one go (#5302)
- Enigma: Display signature verification status for encrypted+signed
messages (#5302)
- Display different attachment icon on encrypted messages
- Display different confirmation text when moving messages to Trash (#5220)
- Indicate that a collapsed thread has flagged children (#5013)
- Implemented message/rfc822 attachment preview
- Update to jsTimezoneDetect 1.0.6
- Managesieve: Add (optional) RAW script editor (#5414)
- Managesieve: Add option to automatically set vacation :from address
(#5428)
- Managesieve: Support 'string' test from variables extension [RFC 5229]
(#5248)
- Managesieve: Support 'duplicate' extension [RFC 7352]
- Managesieve: Unhide advanced rule controls if there are inputs with errors
- Managesieve: Display warning message when filter form contains errors
- Control search engine crawlers via X-Robots-Tag header instead of <meta>
and robots.txt (#5098)
- Fixed redundancy in sql caching system and compatibility with Galera
Cluster (#5439)
- Removed redundant 'created' column from cache and cache_shared tables
- Removed use of redundant data records
- Added missing primary keys (dictionary, cache, cache_shared tables)
- Fix so templating system does not mess with external (e.g. email) content
(#5499)
- Fix redundant keep-alive/refresh after session error on compose page
(#5500)
- Managesieve: Fix handling of scripts with nested rules (#5540)
- Fix variable substitution in ldap host for some use-cases, e.g.
new_user_identity (#5544)
- Enigma: Fix PHP fatal error when decrypting a message with invalid
signature (#5555)
- Fix adding images to new identity signatures
- Fix rsync error handling in installto.sh script (#5562)
- Fix some advanced search issues with multiple addressbooks (#5572)
- Fix so group/addressbook selection is retained on page refresh
To generate a diff of this commit:
cvs rdiff -u -r1.88 -r1.89 pkgsrc/mail/roundcube/Makefile
cvs rdiff -u -r1.9 -r1.10 pkgsrc/mail/roundcube/Makefile.common
cvs rdiff -u -r1.44 -r1.45 pkgsrc/mail/roundcube/PLIST
cvs rdiff -u -r1.60 -r1.61 pkgsrc/mail/roundcube/distinfo
cvs rdiff -u -r1.15 -r1.16 pkgsrc/mail/roundcube/options.mk
cvs rdiff -u -r1.1 -r1.2 pkgsrc/mail/roundcube/files/apache.conf \
pkgsrc/mail/roundcube/files/nginx.conf
cvs rdiff -u -r0 -r1.1 pkgsrc/mail/roundcube/files/lighttpd.conf
cvs rdiff -u -r1.10 -r0 pkgsrc/mail/roundcube/patches/patch-ac
cvs rdiff -u -r1.2 -r1.3 \
pkgsrc/mail/roundcube/patches/patch-rcube_mime_default
|
|
www/apachetop: security update
Revisions pulled up:
- www/apachetop/Makefile 1.21
- www/apachetop/distinfo 1.6
- www/apachetop/patches/patch-aa deleted
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wen
Date: Tue May 8 08:17:36 UTC 2018
Modified Files:
pkgsrc/www/apachetop: Makefile distinfo
Removed Files:
pkgsrc/www/apachetop/patches: patch-aa
Log Message:
Update to 0.18.4
Add LICENSE
Update HOMEPAGE
Upstream changes:
v0.18.4 (12th April, 2018)
* fix for clang6
* add better build instructions to INSTALL
* add option (-v) to show version
* fix minor mem leak (8 bytes per apachetop invocation)
v0.17.4 (25th April, 2017)
* create config.nice when running ./configure
* fix error: extra qualification on member (when using adns)
* fix compiler warnings
* fix a potential buffer overflow
v0.15.6 (10th June, 2015)
* allow other time/date formats in Apache log
* use sys/param.h for MAXPATHLEN
* fix deprecated auto tools macros
* fix compiler warnings
* use silent compile rules
* updated man page
* change version to 0.YY.M of new release
v0.12.6 (27th October, 2005)
* fixed security issue which described at CVE-2005-2660
To generate a diff of this commit:
cvs rdiff -u -r1.20 -r1.21 pkgsrc/www/apachetop/Makefile
cvs rdiff -u -r1.5 -r1.6 pkgsrc/www/apachetop/distinfo
cvs rdiff -u -r1.3 -r0 pkgsrc/www/apachetop/patches/patch-aa
|
|
www/curl: security update
Revisions pulled up:
- www/curl/Makefile 1.196
- www/curl/PLIST 1.69
- www/curl/distinfo 1.143
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: leot
Date: Thu May 17 09:59:40 UTC 2018
Modified Files:
pkgsrc/www/curl: Makefile PLIST distinfo
Log Message:
curl: Update www/curl to 7.60.0
Changes:
7.60.0
------
This release includes the following changes:
o Add CURLOPT_HAPROXYPROTOCOL, support for the HAProxy PROXY protocol
o Add --haproxy-protocol for the command line tool
o Add CURLOPT_DNS_SHUFFLE_ADDRESSES, shuffle returned IP addresses
This release includes the following bugfixes:
o FTP: shutdown response buffer overflow CVE-2018-1000300
o RTSP: bad headers buffer over-read CVE-2018-1000301
o FTP: fix typo in recursive callback detection for seeking
o test1208: marked flaky
o HTTP: make header-less responses still count correct body size
o user-agent.d:: mention --proxy-header as well
o http2: fixes typo
o cleanup: misc typos in strings and comments
o rate-limit: use three second window to better handle high speeds
o examples/hiperfifo.c: improved
o pause: when changing pause state, update socket state
o multi: improved pending transfers handling => improved performance
o curl_version_info.3: fix ssl_version description
o add_handle/easy_perform: clear errorbuffer on start if set
o darwinssl: fix iOS build
o cmake: add support for brotli
o parsedate: support UT timezone
o vauth/ntlm.h: fix the #ifdef header guard
o lib/curl_path.h: added #ifdef header guard
o vauth/cleartext: fix integer overflow check
o CURLINFO_COOKIELIST.3: made the example not leak memory
o cookie.d: mention that "-" as filename means stdin
o CURLINFO_SSL_VERIFYRESULT.3: fixed the example
o http2: read pending frames (including GOAWAY) in connection-check
o timeval: remove compilation warning by casting
o cmake: avoid warn-as-error during config checks
o travis-ci: enable -Werror for CMake builds
o openldap: fix for NULL return from ldap_get_attribute_ber()
o threaded resolver: track resolver time and set suitable timeout values
o cmake: Add advapi32 as explicit link library for win32
o docs: fix CURLINFO_*_T examples use of CURL_FORMAT_CURL_OFF_T
o test1148: set a fixed locale for the test
o cookies: when reading from a file, only remove_expired once
o cookie: store cookies per top-level-domain-specific hash table
o openssl: fix build with LibreSSL 2.7
o tls: fix mbedTLS 2.7.0 build + handle sha256 failures
o openssl: RESTORED verify locations when verifypeer==0
o file: restore old behavior for file:////foo/bar URLs
o FTP: allow PASV on IPv6 connections when a proxy is being used
o build-openssl.bat: allow custom paths for VS and perl
o winbuild: make the clean target work without build-type
o build-openssl.bat: Refer to VS2017 as VC14.1 instead of VC15
o curl: retry on FTP 4xx, ignore other protocols
o configure: detect (and use) sa_family_t
o examples/sftpuploadresume: Fix Windows large file seek
o build: cleanup to fix clang warnings/errors
o winbuild: updated the documentation
o lib: silence null-dereference warnings
o travis: bump to clang 6 and gcc 7
o travis: build libpsl and make builds use it
o proxy: show getenv proxy use in verbose output
o duphandle: make sure CURLOPT_RESOLVE is duplicated
o all: Refactor malloc+memset to use calloc
o checksrc: Fix typo
o system.h: Add sparcv8plus to oracle/sunpro 32-bit detection
o vauth: Fix typo
o ssh: show libSSH2 error code when closing fails
o test1148: tolerate progress updates better
o urldata: make service names unconditional
o configure: keep LD_LIBRARY_PATH changes local
o ntlm_sspi: fix authentication using Credential Manager
o schannel: add client certificate authentication
o winbuild: Support custom devel paths for each dependency
o schannel: add support for CURLOPT_CAINFO
o http2: handle on_begin_headers() called more than once
o openssl: support OpenSSL 1.1.1 verbose-mode trace messages
o openssl: fix subjectAltName check on non-ASCII platforms
o http2: avoid strstr() on data not zero terminated
o http2: clear the "drain counter" when a stream is closed
o http2: handle GOAWAY properly
o tool_help: clarify --max-time unit of time is seconds
o curl.1: clarify that options and URLs can be mixed
o http2: convert an assert to run-time check
o curl_global_sslset: always provide available backends
o ftplistparser: keep state between invokes
o Curl_memchr: zero length input can't match
o examples/sftpuploadresume: typecast fseek argument to long
o examples/http2-upload: expand buffer to avoid silly warning
o ctype: restore character classification for non-ASCII platforms
o mime: avoid NULL pointer dereference risk
o cookies: ensure that we have cookies before writing jar
o os400.c: fix checksrc warnings
o configure: provide --with-wolfssl as an alias for --with-cyassl
o cyassl: adapt to libraries without TLS 1.0 support built-in
o http2: get rid of another strstr
o checksrc: force indentation of lines after an else
o cookies: remove unused macro
o CURLINFO_PROTOCOL.3: mention the existing defined names
o tests: provide 'manual' as a feature to optionally require
o travis: enable libssh2 on both macos and Linux
o CURLOPT_URL.3: added ENCODING section
o wolfssl: Fix non-blocking connect
o vtls: don't define MD5_DIGEST_LENGTH for wolfssl
o docs: remove extraneous commas in man pages
o URL: fix ASCII dependency in strcpy_url and strlen_url
o ssh-libssh.c: fix left shift compiler warning
o configure: only check for CA bundle for file-using SSL backends
o travis: add an mbedtls build
o http: don't set the "rewind" flag when not uploading anything
o configure: put CURLDEBUG and DEBUGBUILD in lib/curl_config.h
o transfer: don't unset writesockfd on setup of multiplexed conns
o vtls: use unified "supports" bitfield member in backends
o URLs: fix one more http url
o travis: add a build using WolfSSL
o openssl: change FILE ops to BIO ops
o travis: add build using NSS
o smb: reject negative file sizes
o cookies: accept parameter names as cookie name
o http2: getsock fix for uploads
o all over: fixed format specifiers
o http2: use the correct function pointer typedef
This release would not have looked like this without help, code, reports and
advice from friends like these:
Adam Brown, Alex Baines, Anders Bakken, Anders Roxell, anshnd on github,
Bas van Schaik, Bernard Spil, Chris Araman, Christian Schmitz, Cyril B,
Dagobert Michelsen, Dan Fandrich, Daniel Gustafsson, Daniel Stenberg,
Dan McNulty, Dario Weisser, dasimx on github, David Garske, David L.,
Denis Ollier, Dmitry Mikhirev, Dongliang Mu, Don J Olmstead, Eric
Gallager,
Ernst Sjöstrand, Frank Gevaerts, Gaurav Malhotra, Geeknik Labs, Howard
Chu,
iz8mbw on github, Jakub Wilk, Jon DeVree, Kees Dekker, Kobi Gurkan,
Laurie Clark-Michalek, Lauri Kasanen, Lawrence Matthews, Luz Paz,
Marcel Raad, Max Dymond, Michael Kaufmann, Michael Kilburn,
Michał Janiszewski, Michal Trybus, Muz Dima, Nikos Tsipinakis, Ori
Avtalion,
Oumph on github, patelvivekv1993 on github, Patrick Monnerat,
Philip Prindeville, Ray Satiro, Rick Deist, Rikard Falkeborn, Sergei
Nikulov,
Stefan Agner, steini2000 on github, Stephan Mühlstrasser, Sunny Purushe,
Terry Wu, Vincas Razma, wncboy on github, Wyatt O'Day, 刘佩东,
(64 contributors)
Thanks! (and sorry if I forgot to mention someone)
To generate a diff of this commit:
cvs rdiff -u -r1.195 -r1.196 pkgsrc/www/curl/Makefile
cvs rdiff -u -r1.68 -r1.69 pkgsrc/www/curl/PLIST
cvs rdiff -u -r1.142 -r1.143 pkgsrc/www/curl/distinfo
|
|
www/w3m: security update
Revisions pulled up:
- www/w3m/Makefile.common 1.66
- www/w3m/distinfo 1.31
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: leot
Date: Mon May 14 14:40:17 UTC 2018
Modified Files:
pkgsrc/www/w3m: Makefile.common distinfo
Log Message:
w3m{,-img}: Update www/w3m{,-img} to 0.5.3.20180125
Changes:
Debian's w3m 0.5.3+git20180125
* bug fixes
- fix stack overflow with malformed text [CVE-2018-6196]
- fix null deref with malformed text [CVE-2018-6197]
- fix /tmp file races only when ~/.w3m is unwritable [CVE-2018-6198]
- do not remove w3mdict.cgi when "make distclean"
- do not turn a form's GET into POST
- correct <base ...> parsing
- accept TERMûterm
* new feature
- extend ssl_forbid_method to disable TLSv1.1
To generate a diff of this commit:
cvs rdiff -u -r1.65 -r1.66 pkgsrc/www/w3m/Makefile.common
cvs rdiff -u -r1.30 -r1.31 pkgsrc/www/w3m/distinfo
|
|
devel/py-angr: build fix
Revisions pulled up:
- devel/py-angr/Makefile 1.2
- devel/py-angr/PLIST 1.2
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: khorben
Date: Tue May 8 17:54:42 UTC 2018
Modified Files:
pkgsrc/devel/py-angr: Makefile PLIST
Log Message:
Fix build on macOS
Inspired by a similar fix from tron@
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 pkgsrc/devel/py-angr/Makefile \
pkgsrc/devel/py-angr/PLIST
|
|
|
|
www/thttpd: security fix
Revisions pulled up:
- www/thttpd/Makefile 1.48
- www/thttpd/distinfo 1.18
---
Module Name: pkgsrc
Committed By: wiz
Date: Mon May 7 07:01:37 UTC 2018
Modified Files:
pkgsrc/www/thttpd: Makefile distinfo
Log Message:
thttpd: update to 2.28.
From nia in PR 53266.
New in version 2.28:
Improvements to the FreeBSD startup script. (Craig Leres)
Minor portability tweak in mmc.c.
Fix to buffer overrun bug in htpasswd. Reported by Alessio Santoru as CVE-2017-17663.
New in version 2.27:
Stats syslogs changed from LOG_INFO to LOG_NOTICE.
Use memmove() for self-overlapping string copies instead of strcpy().
Couple of subroutine name changes for consistency.
|
|
net/wget: security fix
Revisions pulled up:
- net/wget/Makefile 1.140
- net/wget/distinfo 1.57
---
Module Name: pkgsrc
Committed By: wiz
Date: Mon May 7 06:48:39 UTC 2018
Modified Files:
pkgsrc/net/wget: Makefile distinfo
Log Message:
wget: update to 1.19.5.
* Changes in Wget 1.19.5
* Fix cookie injection (CVE-2018-0494)
* Enable TLS1.3 with recent OpenSSL environment
* New option --ciphers to set GnuTLS / OpenSSL ciphers directly
* Updated CSS grammar to CSS 2.2
* Fixed several memleaks found by OSS-Fuzz
* Fixed several buffer overflows found by OSS-Fuzz
* Fixed several integer overflows found by OSS-Fuzz
* Several minor bug fixes
* Changes in Wget 1.19.4
* A major bug that caused GZip'ed pages to never be decompressed has been fixed
* Support for Content-Encoding and Transfer-Encoding have been marked as
experimental and disabled by default
* Changes in Wget 1.19.3
* Prevent erroneous decompression of .gz and .tgz files with broken servers
* Added support for HTTP 308 Permanent Redirect response
* Fix a segfault in some cases where the Content-Type header is not sent
* Support OpenSSL 1.1 builds without using deprecated features
* Fix netrc file detection on Windows
* Several minor bug fixes
|
|
|
|
www/squid3: security patch
Revisions pulled up:
- www/squid3/Makefile 1.81
- www/squid3/distinfo 1.63
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Apr 30 08:57:49 UTC 2018
Modified Files:
pkgsrc/www/squid3: Makefile distinfo
Log Message:
www/squid3: Add official security patch SQUID-2018_3
Add security patch for SQUID-2018_3.
Bump PKGREVISION.
http://www.squid-cache.org/Advisories/SQUID-2018_3.txt
__________________________________________________________________
Problem Description:
Due to incorrect pointer handling Squid is vulnerable to denial
of service attack when processing ESI responses.
__________________________________________________________________
Severity:
This problem allows a remote server delivering ESI responses
to trigger a denial of service for all clients accessing the
Squid service.
This problem is limited to Squid operating as reverse proxy.
To generate a diff of this commit:
cvs rdiff -u -r1.80 -r1.81 pkgsrc/www/squid3/Makefile
cvs rdiff -u -r1.62 -r1.63 pkgsrc/www/squid3/distinfo
|
|
mail/squirrelmail: security update
Revisions pulled up:
- mail/squirrelmail/Makefile 1.134
- mail/squirrelmail/distinfo 1.70
- mail/squirrelmail/patches/patch-ai 1.3
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Apr 30 07:56:55 UTC 2018
Modified Files:
pkgsrc/mail/squirrelmail: Makefile distinfo
pkgsrc/mail/squirrelmail/patches: patch-ai
Log Message:
mail/squirrelmail: update to 1.4.23pre14764
Fix CVE-2018-8741 and more.
- Added ability (and user preference) to return to message list
after moving a message
- Search enhancement: Added ability to search in more than one
header without having to search the body
- Add ability for saved drafts to indicate if they are a reply and
if so, to which message, and mark that message as replied when
the draft is finally sent
- Added option to allow returning to the message one had been
replying to after sending
- Sanitize user-supplied attachment filenames (thanks to Florian
Grunow for reporting this issue) [CVE-2018-8741]
- Allow users who cannot edit their email address but who have
multiple identities to edit all their identities
To generate a diff of this commit:
cvs rdiff -u -r1.133 -r1.134 pkgsrc/mail/squirrelmail/Makefile
cvs rdiff -u -r1.69 -r1.70 pkgsrc/mail/squirrelmail/distinfo
cvs rdiff -u -r1.2 -r1.3 pkgsrc/mail/squirrelmail/patches/patch-ai
|
|
lang/php56: security update
Revisions pulled up:
- lang/php/phpversion.mk 1.217
- lang/php56/distinfo 1.48
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sun Apr 29 16:26:40 UTC 2018
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php56: distinfo
Log Message:
lang/php56: update to 5.6.36
26 Apr 2018 PHP 5.6.36
- Exif:
. Fixed bug #76130 (Heap Buffer Overflow (READ: 1786) in exif_iif_add_value).
(Stas)
- iconv:
. Fixed bug #76249 (stream filter convert.iconv leads to infinite loop on
invalid sequence). (Stas)
- LDAP:
. Fixed bug #76248 (Malicious LDAP-Server Response causes Crash). (Stas)
- Phar:
. Fixed bug #76129 (fix for CVE-2018-5712 may not be complete). (Stas)
To generate a diff of this commit:
cvs rdiff -u -r1.216 -r1.217 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.47 -r1.48 pkgsrc/lang/php56/distinfo
|
|
lang/php70: security update
Revisions pulled up:
- lang/php/phpversion.mk 1.216
- lang/php70/distinfo 1.45
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Apr 26 15:46:57 UTC 2018
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php70: distinfo
Log Message:
lang/php70: update to 7.0.30
26 Apr 2018 PHP 7.0.30
- Exif:
. Fixed bug #76130 (Heap Buffer Overflow (READ: 1786) in exif_iif_add_value).
(Stas)
- iconv:
. Fixed bug #76249 (stream filter convert.iconv leads to infinite loop on
invalid sequence). (Stas)
- LDAP:
. Fixed bug #76248 (Malicious LDAP-Server Response causes Crash). (Stas)
- Phar:
. Fixed bug #76129 (fix for CVE-2018-5712 may not be complete). (Stas)
29 Mar 2018 PHP 7.0.29
- FPM:
. Fixed bug #75605 (Dumpable FPM child processes allow bypassing opcache
access controls). (Jakub Zelenka)
To generate a diff of this commit:
cvs rdiff -u -r1.215 -r1.216 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.44 -r1.45 pkgsrc/lang/php70/distinfo
|
|
lang/php72: security update
Revisions pulled up:
- lang/php/phpversion.mk 1.215
- lang/php72/Makefile 1.7-1.8
- lang/php72/distinfo 1.24
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: adam
Date: Sat Apr 14 07:34:46 UTC 2018
Modified Files:
pkgsrc/archivers/karchive: Makefile buildlink3.mk
pkgsrc/audio/ario: Makefile
pkgsrc/audio/bmpx: Makefile
pkgsrc/audio/cddb-bundle: Makefile
pkgsrc/audio/cdplayer: Makefile
pkgsrc/audio/glyr: Makefile
pkgsrc/audio/gmpc: Makefile
pkgsrc/audio/gmpc-jamendo: Makefile
pkgsrc/audio/gmpc-magnatune: Makefile
pkgsrc/audio/gmpc-wikipedia: Makefile
pkgsrc/audio/kid3: Makefile
pkgsrc/audio/libgpod: Makefile
pkgsrc/audio/musicpd: Makefile
pkgsrc/audio/qjackctl: Makefile
pkgsrc/audio/qsynth: Makefile
pkgsrc/audio/rhythmbox: Makefile
pkgsrc/audio/rhythmbox-gtk3: Makefile
pkgsrc/audio/sound-juicer: Makefile
pkgsrc/chat/empathy: Makefile buildlink3.mk
pkgsrc/chat/farstream: Makefile
pkgsrc/chat/gnomeicu: Makefile
pkgsrc/chat/inspircd: Makefile
pkgsrc/chat/inspircd12: Makefile
pkgsrc/chat/jabberd2: Makefile
pkgsrc/chat/spectrum: Makefile
pkgsrc/chat/swift: Makefile
pkgsrc/chat/telepathy-gabble: Makefile
pkgsrc/chat/telepathy-logger: Makefile buildlink3.mk
pkgsrc/comms/asterisk: Makefile
pkgsrc/comms/asterisk13: Makefile
pkgsrc/comms/asterisk14: Makefile
pkgsrc/comms/asterisk18: Makefile
pkgsrc/comms/gnome-pilot: Makefile buildlink3.mk
pkgsrc/comms/libopensync: Makefile buildlink3.mk
pkgsrc/comms/libopensync-plugin-evolution2: Makefile
pkgsrc/comms/libopensync-plugin-file: Makefile
pkgsrc/comms/libopensync-plugin-syncml: Makefile
pkgsrc/comms/msynctool: Makefile
pkgsrc/comms/multisync-gui: Makefile
pkgsrc/converters/libcdr: Makefile buildlink3.mk
pkgsrc/converters/libe-book: Makefile
pkgsrc/converters/libfreehand: Makefile
pkgsrc/converters/libmspub: Makefile
pkgsrc/converters/libqxp: Makefile
pkgsrc/converters/libvisio: Makefile buildlink3.mk
pkgsrc/converters/libzmf: Makefile
pkgsrc/converters/pyzy: Makefile buildlink3.mk
pkgsrc/databases/couchdb: Makefile
pkgsrc/databases/deforaos-libdatabase: Makefile
pkgsrc/databases/erlang-sqlite3: Makefile
pkgsrc/databases/idzebra: Makefile buildlink3.mk
pkgsrc/databases/libdbi-driver-sqlite3: Makefile
pkgsrc/databases/libzdb: Makefile buildlink3.mk
pkgsrc/databases/lua-sqlite3: Makefile
pkgsrc/databases/mysql-workbench: Makefile
pkgsrc/databases/ocaml-sqlite3: Makefile
pkgsrc/databases/p5-DBD-SQLite: Makefile
pkgsrc/databases/php-pdo_sqlite: Makefile
pkgsrc/databases/poco-data-sqlite: Makefile buildlink3.mk
pkgsrc/databases/postgresql10: Makefile
pkgsrc/databases/py-apsw: Makefile
pkgsrc/databases/py-peewee: Makefile
pkgsrc/databases/py-sqlite2: Makefile
pkgsrc/databases/py-sqlite3: Makefile
pkgsrc/databases/qore-sqlite3-module: Makefile
pkgsrc/databases/ruby-do_sqlite3: Makefile
pkgsrc/databases/ruby-sqlite3: Makefile
pkgsrc/databases/soci: Makefile
pkgsrc/databases/sqlite3: Makefile buildlink3.mk
pkgsrc/databases/sqlite3-tcl: Makefile
pkgsrc/databases/sqlitebrowser: Makefile
pkgsrc/databases/sqlrelay-sqlite: Makefile
pkgsrc/databases/vsqlite++: Makefile buildlink3.mk
pkgsrc/devel/Gorm: Makefile
pkgsrc/devel/ObjectiveLib: Makefile
pkgsrc/devel/ProjectCenter: Makefile
pkgsrc/devel/Renaissance: Makefile buildlink3.mk
pkgsrc/devel/SOPE: Makefile
pkgsrc/devel/appdata-tools: Makefile
pkgsrc/devel/apr-util: Makefile
pkgsrc/devel/boost-libs: Makefile
pkgsrc/devel/compizconfig-backend-gconf: Makefile
pkgsrc/devel/cppcheck: Makefile
pkgsrc/devel/cutter: Makefile
pkgsrc/devel/devhelp: Makefile
pkgsrc/devel/edcommon: Makefile
pkgsrc/devel/fossil: Makefile
pkgsrc/devel/frama-c: Makefile
pkgsrc/devel/gearmand: Makefile
pkgsrc/devel/global: Makefile
pkgsrc/devel/gnustep-base: Makefile buildlink3.mk
pkgsrc/devel/gnustep-examples: Makefile
pkgsrc/devel/grantlee-qt5: Makefile buildlink3.mk
pkgsrc/devel/java-subversion: Makefile
pkgsrc/devel/kbookmarks: Makefile buildlink3.mk
pkgsrc/devel/kcmutils: Makefile buildlink3.mk
pkgsrc/devel/kconfig: Makefile buildlink3.mk
pkgsrc/devel/kcoreaddons: Makefile buildlink3.mk
pkgsrc/devel/kcrash: Makefile buildlink3.mk
pkgsrc/devel/kdeclarative: Makefile buildlink3.mk
pkgsrc/devel/kdesdk-kioslaves: Makefile
pkgsrc/devel/kdevelop4: Makefile
pkgsrc/devel/kdevplatform: Makefile
pkgsrc/devel/kdoctools: Makefile buildlink3.mk
pkgsrc/devel/ki18n: Makefile
pkgsrc/devel/kidletime: Makefile buildlink3.mk
pkgsrc/devel/kio: Makefile buildlink3.mk
pkgsrc/devel/kitemmodels: Makefile buildlink3.mk
pkgsrc/devel/knotifications: Makefile buildlink3.mk
pkgsrc/devel/knotifyconfig: Makefile buildlink3.mk
pkgsrc/devel/kpackage: Makefile buildlink3.mk
pkgsrc/devel/kparts: Makefile buildlink3.mk
pkgsrc/devel/kpeople: Makefile buildlink3.mk
pkgsrc/devel/kpty: Makefile buildlink3.mk
pkgsrc/devel/krunner: Makefile buildlink3.mk
pkgsrc/devel/kservice: Makefile buildlink3.mk
pkgsrc/devel/ktexteditor: Makefile buildlink3.mk
pkgsrc/devel/kyua: Makefile
pkgsrc/devel/libcompizconfig: Makefile
pkgsrc/devel/libdbusmenu-qt5: Makefile buildlink3.mk
pkgsrc/devel/libgail-gnome: Makefile buildlink3.mk
pkgsrc/devel/libgweather: Makefile buildlink3.mk
pkgsrc/devel/libthrift: Makefile
pkgsrc/devel/mono-addins: Makefile buildlink3.mk
pkgsrc/devel/mono-tools: Makefile
pkgsrc/devel/monodevelop: Makefile buildlink3.mk
pkgsrc/devel/monodevelop-database: Makefile
pkgsrc/devel/monotone: Makefile
pkgsrc/devel/monotone-viz: Makefile
pkgsrc/devel/nant: Makefile
pkgsrc/devel/nss: Makefile
pkgsrc/devel/ocamlgraph: Makefile
pkgsrc/devel/opengrok: Makefile
pkgsrc/devel/p5-subversion: Makefile
pkgsrc/devel/py-compizconfig: Makefile
pkgsrc/devel/py-pysvn: Makefile
pkgsrc/devel/py-subversion: Makefile
pkgsrc/devel/py-subvertpy: Makefile
pkgsrc/devel/qconf: Makefile
pkgsrc/devel/radare2-cutter: Makefile
pkgsrc/devel/rapidsvn: Makefile
pkgsrc/devel/ruby-redmine: Makefile
pkgsrc/devel/ruby-subversion: Makefile
pkgsrc/devel/startbug1: Makefile
pkgsrc/devel/subversion-base: Makefile buildlink3.mk
pkgsrc/devel/threadweaver: Makefile buildlink3.mk
pkgsrc/devel/verifast: Makefile
pkgsrc/devel/xulrunner192: Makefile
pkgsrc/editors/Sigil: Makefile
pkgsrc/editors/abiword-plugins: Makefile
pkgsrc/editors/codelite: Makefile
pkgsrc/editors/emacs-snapshot: Makefile
pkgsrc/editors/emacs25: Makefile
pkgsrc/editors/poedit: Makefile
pkgsrc/editors/texmaker: Makefile
pkgsrc/editors/texstudio: Makefile
pkgsrc/editors/texworks: Makefile
pkgsrc/editors/tomboy: Makefile
pkgsrc/emulators/PC6001VX: Makefile
pkgsrc/emulators/ckmame: Makefile
pkgsrc/emulators/mame: Makefile
pkgsrc/filesystems/fuse-darling-dmg: Makefile
pkgsrc/filesystems/fuse-svnfs: Makefile
pkgsrc/filesystems/glusterfs: Makefile
pkgsrc/finance/gnucash: Makefile
pkgsrc/finance/gnucash2: Makefile
pkgsrc/finance/homebank: Makefile
pkgsrc/fonts/harfbuzz: Makefile
pkgsrc/games/freeciv-client: Makefile
pkgsrc/games/gbrainy: Makefile
pkgsrc/games/gcompris: Makefile
pkgsrc/games/kajongg: Makefile
pkgsrc/games/openttd: Makefile
pkgsrc/games/solarus: Makefile
pkgsrc/geography/emerillon: Makefile
pkgsrc/geography/gama: Makefile
pkgsrc/geography/gdal-lib: Makefile
pkgsrc/geography/libchamplain012: Makefile buildlink3.mk
pkgsrc/geography/libchamplain04: Makefile buildlink3.mk
pkgsrc/geography/libchamplain06: Makefile buildlink3.mk
pkgsrc/geography/libchamplain08: Makefile buildlink3.mk
pkgsrc/geography/libspatialite: Makefile buildlink3.mk
pkgsrc/geography/osm-gps-map: Makefile
pkgsrc/geography/qgis: Makefile
pkgsrc/geography/viking: Makefile
pkgsrc/graphics/Cenon: Makefile
pkgsrc/graphics/ImageViewer: Makefile
pkgsrc/graphics/breeze-icons: Makefile
pkgsrc/graphics/camlimages: Makefile
pkgsrc/graphics/cheese: Makefile
pkgsrc/graphics/darktable: Makefile
pkgsrc/graphics/eog-plugins-map: Makefile
pkgsrc/graphics/f-spot: Makefile
pkgsrc/graphics/flickrnet: Makefile
pkgsrc/graphics/geeqie: Makefile
pkgsrc/graphics/gnuplot: Makefile
pkgsrc/graphics/hugin: Makefile
pkgsrc/graphics/inkscape: Makefile
pkgsrc/graphics/kiconthemes: Makefile buildlink3.mk
pkgsrc/graphics/kimageformats: Makefile
pkgsrc/graphics/kplotting: Makefile buildlink3.mk
pkgsrc/graphics/krita: Makefile
pkgsrc/graphics/luminance-hdr: Makefile
pkgsrc/graphics/prison: Makefile buildlink3.mk
pkgsrc/graphics/shotwell: Makefile
pkgsrc/graphics/tesseract: Makefile
pkgsrc/inputmethod/ibus-array: Makefile
pkgsrc/inputmethod/ibus-chewing: Makefile
pkgsrc/inputmethod/ibus-libpinyin: Makefile
pkgsrc/inputmethod/ibus-mozc: Makefile
pkgsrc/inputmethod/ibus-pinyin: Makefile
pkgsrc/inputmethod/ibus-qt: Makefile
pkgsrc/inputmethod/im-ja: Makefile
pkgsrc/inputmethod/imhangul_status_applet: Makefile
pkgsrc/inputmethod/libchewing: Makefile buildlink3.mk
pkgsrc/inputmethod/mozc-elisp: Makefile
pkgsrc/inputmethod/mozc-renderer: Makefile
pkgsrc/inputmethod/mozc-server: Makefile
pkgsrc/inputmethod/mozc-tool: Makefile
pkgsrc/inputmethod/qt5-uim: Makefile
pkgsrc/inputmethod/scim-chewing: Makefile
pkgsrc/inputmethod/uim: Makefile
pkgsrc/inputmethod/uim-chewing: Makefile
pkgsrc/inputmethod/uim-mozc: Makefile
pkgsrc/lang/basic256: Makefile
pkgsrc/lang/coq: Makefile
pkgsrc/lang/coreclr: Makefile buildlink3.mk
pkgsrc/lang/konoha: Makefile
pkgsrc/lang/mono: Makefile buildlink3.mk
pkgsrc/lang/mono-basic: Makefile
pkgsrc/lang/mono2: Makefile buildlink3.mk
pkgsrc/lang/nodejs: Makefile
pkgsrc/lang/nodejs4: Makefile
pkgsrc/lang/nodejs8: Makefile
pkgsrc/lang/parrot: Makefile buildlink3.mk
pkgsrc/lang/php72: Makefile
pkgsrc/lang/racket: Makefile
pkgsrc/lang/smalltalk: Makefile
pkgsrc/lang/spl: Makefile
pkgsrc/lang/tcl: Makefile
pkgsrc/mail/GNUMail: Makefile
pkgsrc/mail/Pantomime: Makefile buildlink3.mk
pkgsrc/mail/akonadi: Makefile
pkgsrc/mail/balsa: Makefile
pkgsrc/mail/bogofilter: Makefile
pkgsrc/mail/cyrus-imapd23: Makefile
pkgsrc/mail/cyrus-imapd24: Makefile
pkgsrc/mail/dbmail: Makefile
pkgsrc/mail/dovecot: Makefile
pkgsrc/mail/dovecot2-sqlite: Makefile
pkgsrc/mail/dspam: Makefile
pkgsrc/mail/evolution: Makefile buildlink3.mk
pkgsrc/mail/evolution-data-server: Makefile buildlink3.mk
pkgsrc/mail/evolution-exchange: Makefile
pkgsrc/mail/exim: Makefile
pkgsrc/mail/ezmlm-idx: Makefile
pkgsrc/mail/postfix: Makefile
pkgsrc/mail/postfix-sqlite: Makefile
pkgsrc/mail/rspamd: Makefile
pkgsrc/math/gnome-calculator: Makefile
pkgsrc/math/octave: Makefile
pkgsrc/meta-pkgs/gnustep: Makefile
pkgsrc/misc/Addresses: Makefile buildlink3.mk
pkgsrc/misc/attica-qt5: Makefile buildlink3.mk
pkgsrc/misc/bibletime: Makefile
pkgsrc/misc/deskbar-applet: Makefile
pkgsrc/misc/fbreader: Makefile
pkgsrc/misc/gnome-utils: Makefile
pkgsrc/misc/kchmviewer: Makefile
pkgsrc/misc/kemoticons: Makefile buildlink3.mk
pkgsrc/misc/kunitconversion: Makefile buildlink3.mk
pkgsrc/misc/libmateweather: Makefile buildlink3.mk
pkgsrc/misc/libreoffice: Makefile
pkgsrc/misc/mousetweaks: Makefile
pkgsrc/misc/stellarium: Makefile
pkgsrc/misc/sword: Makefile buildlink3.mk
pkgsrc/misc/tellico: Makefile
pkgsrc/misc/xfce4-weather-plugin: Makefile
pkgsrc/misc/yelp3: Makefile
pkgsrc/multimedia/farsight2: Makefile
pkgsrc/multimedia/fuppes: Makefile
pkgsrc/multimedia/kodi: Makefile
pkgsrc/multimedia/mediatomb: Makefile
pkgsrc/multimedia/minidlna: Makefile
pkgsrc/multimedia/mkvtoolnix: Makefile
pkgsrc/multimedia/mlt: Makefile
pkgsrc/multimedia/phonon-qt5: Makefile buildlink3.mk
pkgsrc/multimedia/phonon-qt5-backend-gstreamer: Makefile
pkgsrc/multimedia/phonon-qt5-backend-vlc: Makefile
pkgsrc/multimedia/swfdec: Makefile buildlink3.mk
pkgsrc/multimedia/swfdec-gnome: Makefile
pkgsrc/multimedia/swfdec-mozilla: Makefile
pkgsrc/multimedia/totem: Makefile
pkgsrc/multimedia/totem-browser-plugin: Makefile
pkgsrc/multimedia/totem-nautilus: Makefile
pkgsrc/multimedia/totem-pl-parser: Makefile buildlink3.mk
pkgsrc/net/aria2: Makefile
pkgsrc/net/avahi: Makefile
pkgsrc/net/bug-buddy: Makefile
pkgsrc/net/corebird: Makefile
pkgsrc/net/ekiga: Makefile
pkgsrc/net/filezilla: Makefile
pkgsrc/net/freeradius-sqlite3: Makefile
pkgsrc/net/gnome-netstatus: Makefile
pkgsrc/net/gnome-online-accounts: Makefile
pkgsrc/net/grilo: Makefile buildlink3.mk
pkgsrc/net/grilo-plugins: Makefile
pkgsrc/net/grilo-testui: Makefile
pkgsrc/net/gssdp: Makefile buildlink3.mk
pkgsrc/net/gst-plugins0.10-soup: Makefile
pkgsrc/net/gst-plugins1-libnice: Makefile
pkgsrc/net/gst-plugins1-soup: Makefile
pkgsrc/net/gupnp: Makefile buildlink3.mk
pkgsrc/net/gupnp-av: Makefile buildlink3.mk
pkgsrc/net/gupnp-dlna: Makefile buildlink3.mk
pkgsrc/net/gupnp-igd: Makefile buildlink3.mk
pkgsrc/net/gupnp-tools: Makefile
pkgsrc/net/kdnssd: Makefile buildlink3.mk
pkgsrc/net/kget: Makefile
pkgsrc/net/knewstuff: Makefile buildlink3.mk
pkgsrc/net/kopete: Makefile
pkgsrc/net/kxmlrpcclient: Makefile buildlink3.mk
pkgsrc/net/libdmapsharing: Makefile
pkgsrc/net/libdmapsharing3: Makefile buildlink3.mk
pkgsrc/net/libgdata: Makefile buildlink3.mk
pkgsrc/net/libgdata0.6: Makefile buildlink3.mk
pkgsrc/net/libnice: Makefile buildlink3.mk
pkgsrc/net/libsoup: Makefile buildlink3.mk
pkgsrc/net/libzrtpcpp: Makefile buildlink3.mk
pkgsrc/net/logjam: Makefile
pkgsrc/net/mldonkey-gui: Makefile
pkgsrc/net/mono-nat: Makefile buildlink3.mk
pkgsrc/net/monotorrent: Makefile buildlink3.mk
pkgsrc/net/monsoon: Makefile
pkgsrc/net/ncdc: Makefile
pkgsrc/net/ntopng: Makefile
pkgsrc/net/ocamlnet: Makefile
pkgsrc/net/ocsync: Makefile buildlink3.mk
pkgsrc/net/owncloudclient: Makefile
pkgsrc/net/p5-Net-Z3950-ZOOM: Makefile
pkgsrc/net/php-yaz: Makefile
pkgsrc/net/powerdns: Makefile
pkgsrc/net/proftpd-sqlite: Makefile
pkgsrc/net/transmission-qt: Makefile
pkgsrc/net/tsclient: Makefile
pkgsrc/net/twitux: Makefile
pkgsrc/net/unison: Makefile
pkgsrc/net/unison2.32: Makefile
pkgsrc/net/unison2.40: Makefile
pkgsrc/net/vinagre: Makefile
pkgsrc/net/vino: Makefile
pkgsrc/net/wireshark: Makefile
pkgsrc/net/yaz: Makefile buildlink3.mk
pkgsrc/news/newsbeuter: Makefile
pkgsrc/news/tin: Makefile
pkgsrc/pkgtools/gnome-packagekit: Makefile
pkgsrc/pkgtools/packagekit: Makefile buildlink3.mk
pkgsrc/pkgtools/pkgin: Makefile
pkgsrc/print/advi: Makefile
pkgsrc/print/glabels: Makefile
pkgsrc/print/pdfmod: Makefile
pkgsrc/print/poppler-qt5: Makefile
pkgsrc/print/qpdfview: Makefile
pkgsrc/print/xetex: Makefile
pkgsrc/print/zathura: Makefile
pkgsrc/security/cy2-sql: Makefile
pkgsrc/security/gnome-keyring-sharp: Makefile
pkgsrc/security/gnupg2: Makefile
pkgsrc/security/gpgmepp: Makefile buildlink3.mk
pkgsrc/security/heimdal: Makefile buildlink3.mk
pkgsrc/security/hydra: Makefile
pkgsrc/security/kauth: Makefile buildlink3.mk
pkgsrc/security/kdesu: Makefile buildlink3.mk
pkgsrc/security/keepassxc: Makefile
pkgsrc/security/kwallet: Makefile buildlink3.mk
pkgsrc/security/libpreludedb-sqlite3: Makefile
pkgsrc/security/opendnssec: Makefile
pkgsrc/security/polkit-qt5: Makefile buildlink3.mk
pkgsrc/security/qca2-qt5: Makefile buildlink3.mk
pkgsrc/security/qca2-qt5-gnupg: Makefile
pkgsrc/security/qca2-qt5-ossl: Makefile
pkgsrc/security/qgpgme: Makefile buildlink3.mk
pkgsrc/security/seahorse: Makefile
pkgsrc/security/seahorse-plugins: Makefile
pkgsrc/security/softhsm: Makefile buildlink3.mk
pkgsrc/security/tor-browser: Makefile
pkgsrc/sysutils/bacula: Makefile
pkgsrc/sysutils/baloo5: Makefile buildlink3.mk
pkgsrc/sysutils/brasero: Makefile buildlink3.mk
pkgsrc/sysutils/brasero-nautilus: Makefile
pkgsrc/sysutils/burn: Makefile
pkgsrc/sysutils/caja-extensions: Makefile
pkgsrc/sysutils/dbus-sharp: Makefile buildlink3.mk
pkgsrc/sysutils/dbus-sharp-glib: Makefile buildlink3.mk
pkgsrc/sysutils/gnome-power-manager: Makefile
pkgsrc/sysutils/gvfs: Makefile
pkgsrc/sysutils/gworkspace: Makefile
pkgsrc/sysutils/kdbusaddons: Makefile buildlink3.mk
pkgsrc/sysutils/kfilemetadata5: Makefile
pkgsrc/sysutils/lnav: Makefile
pkgsrc/sysutils/nautilus-sendto: Makefile
pkgsrc/sysutils/ndesk-dbus: Makefile
pkgsrc/sysutils/ndesk-dbus-glib: Makefile buildlink3.mk
pkgsrc/sysutils/open-vm-tools: Makefile
pkgsrc/sysutils/solid: Makefile buildlink3.mk
pkgsrc/sysutils/tarsnap-gui: Makefile
pkgsrc/sysutils/xfce4-thunar-vcs: Makefile
pkgsrc/sysutils/zabbix: Makefile
pkgsrc/textproc/OdfConverter: Makefile
pkgsrc/textproc/R-stringi: Makefile
pkgsrc/textproc/csharp-xapian: Makefile
pkgsrc/textproc/gnome-subtitles: Makefile
pkgsrc/textproc/kcodecs: Makefile buildlink3.mk
pkgsrc/textproc/kcompletion: Makefile buildlink3.mk
pkgsrc/textproc/php-intl: Makefile
pkgsrc/textproc/sonnet: Makefile buildlink3.mk
pkgsrc/textproc/sublib: Makefile buildlink3.mk
pkgsrc/textproc/syntax-highlighting: Makefile buildlink3.mk
pkgsrc/time/evolution-webcal: Makefile
pkgsrc/time/fet: Makefile
pkgsrc/wm/compiz: Makefile buildlink3.mk
pkgsrc/wm/compiz-fusion-plugins-extra: Makefile
pkgsrc/wm/compiz-fusion-plugins-main: Makefile
pkgsrc/www/SOGo: Makefile
pkgsrc/www/SOGo3: Makefile
pkgsrc/www/ap-authnz-crowd: Makefile
pkgsrc/www/ap-mono: Makefile
pkgsrc/www/ap-php: Makefile
pkgsrc/www/ap2-subversion: Makefile
pkgsrc/www/cppcms: Makefile
pkgsrc/www/deforaos-surfer: Makefile
pkgsrc/www/epiphany: Makefile buildlink3.mk
pkgsrc/www/epiphany-extensions: Makefile
pkgsrc/www/firefox36: Makefile
pkgsrc/www/firefox45: Makefile
pkgsrc/www/firefox52: Makefile
pkgsrc/www/gtkhtml314: Makefile
pkgsrc/www/kdewebkit: Makefile buildlink3.mk
pkgsrc/www/khtml: Makefile buildlink3.mk
pkgsrc/www/kjs: Makefile buildlink3.mk
pkgsrc/www/kjsembed: Makefile buildlink3.mk
pkgsrc/www/librest: Makefile buildlink3.mk
pkgsrc/www/librest07: Makefile buildlink3.mk
pkgsrc/www/liferea: Makefile
pkgsrc/www/lighttpd: Makefile
pkgsrc/www/midori: Makefile
pkgsrc/www/mono-xsp: Makefile buildlink3.mk
pkgsrc/www/otter-browser: Makefile
pkgsrc/www/php-fpm: Makefile
pkgsrc/www/seamonkey: Makefile
pkgsrc/www/uhttpmock: Makefile buildlink3.mk
pkgsrc/www/vimb: Makefile
pkgsrc/www/webkit-gtk: Makefile buildlink3.mk
pkgsrc/www/webkit24-gtk: Makefile buildlink3.mk
pkgsrc/www/webkit24-gtk3: Makefile buildlink3.mk
pkgsrc/x11/fast-user-switch-applet: Makefile
pkgsrc/x11/frameworkintegration: Makefile buildlink3.mk
pkgsrc/x11/gnome-applets: Makefile
pkgsrc/x11/gnome-control-center: Makefile buildlink3.mk
pkgsrc/x11/gnome-desktop-sharp: Makefile buildlink3.mk
pkgsrc/x11/gnome-panel: Makefile buildlink3.mk
pkgsrc/x11/gnome-session: Makefile
pkgsrc/x11/gnome-sharp: Makefile buildlink3.mk
pkgsrc/x11/gnustep-back: Makefile buildlink3.mk
pkgsrc/x11/gnustep-gui: Makefile buildlink3.mk
pkgsrc/x11/gnustep-preferences: Makefile
pkgsrc/x11/grandr_applet: Makefile
pkgsrc/x11/gtk-sharp: Makefile
pkgsrc/x11/gtksourceview-sharp2: Makefile
pkgsrc/x11/hyena: Makefile
pkgsrc/x11/kactivities-stats: Makefile buildlink3.mk
pkgsrc/x11/kactivities5: Makefile buildlink3.mk
pkgsrc/x11/kconfigwidgets: Makefile buildlink3.mk
pkgsrc/x11/kded: Makefile
pkgsrc/x11/kdelibs4support: Makefile buildlink3.mk
pkgsrc/x11/kdesignerplugin: Makefile
pkgsrc/x11/kglobalaccel: Makefile buildlink3.mk
pkgsrc/x11/kguiaddons: Makefile buildlink3.mk
pkgsrc/x11/kinit: Makefile
pkgsrc/x11/kirigami2: Makefile buildlink3.mk
pkgsrc/x11/kitemviews: Makefile buildlink3.mk
pkgsrc/x11/kjobwidgets: Makefile buildlink3.mk
pkgsrc/x11/ktextwidgets: Makefile buildlink3.mk
pkgsrc/x11/kwidgetsaddons: Makefile buildlink3.mk
pkgsrc/x11/kwindowsystem: Makefile buildlink3.mk
pkgsrc/x11/kxmlgui: Makefile buildlink3.mk
pkgsrc/x11/mate-applets: Makefile
pkgsrc/x11/mate-panel: Makefile
pkgsrc/x11/ocaml-lablgtk: Makefile buildlink3.mk
pkgsrc/x11/plasma-framework: Makefile buildlink3.mk
pkgsrc/x11/py-gnome2-desktop: Makefile
pkgsrc/x11/py-qt5: Makefile
pkgsrc/x11/qqc2-desktop-style: Makefile
pkgsrc/x11/qt4-sqlite3: Makefile
pkgsrc/x11/qt5-mysql: Makefile
pkgsrc/x11/qt5-odbc: Makefile buildlink3.mk
pkgsrc/x11/qt5-psql: Makefile
pkgsrc/x11/qt5-qtbase: Makefile buildlink3.mk
pkgsrc/x11/qt5-qtdeclarative: Makefile buildlink3.mk
pkgsrc/x11/qt5-qtdoc: Makefile
pkgsrc/x11/qt5-qtgraphicaleffects: Makefile
pkgsrc/x11/qt5-qtimageformats: Makefile buildlink3.mk
pkgsrc/x11/qt5-qtlocation: Makefile buildlink3.mk
pkgsrc/x11/qt5-qtmacextras: Makefile buildlink3.mk
pkgsrc/x11/qt5-qtmultimedia: Makefile buildlink3.mk
pkgsrc/x11/qt5-qtquickcontrols: Makefile buildlink3.mk
pkgsrc/x11/qt5-qtquickcontrols2: Makefile buildlink3.mk
pkgsrc/x11/qt5-qtscript: Makefile buildlink3.mk
pkgsrc/x11/qt5-qtsensors: Makefile buildlink3.mk
pkgsrc/x11/qt5-qtserialport: Makefile buildlink3.mk
pkgsrc/x11/qt5-qtsvg: Makefile buildlink3.mk
pkgsrc/x11/qt5-qttools: Makefile buildlink3.mk
pkgsrc/x11/qt5-qttranslations: Makefile
pkgsrc/x11/qt5-qtwebchannel: Makefile buildlink3.mk
pkgsrc/x11/qt5-qtwebkit: Makefile buildlink3.mk
pkgsrc/x11/qt5-qtwebsockets: Makefile buildlink3.mk
pkgsrc/x11/qt5-qtx11extras: Makefile buildlink3.mk
pkgsrc/x11/qt5-qtxmlpatterns: Makefile buildlink3.mk
pkgsrc/x11/xfce4-screenshooter: Makefile
Log Message:
revbump after icu update
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 pkgsrc/lang/php72/Makefile
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Apr 26 15:43:03 UTC 2018
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php72: distinfo
Log Message:
lang/php72: update to 7.2.5
26 Apr 2018, PHP 7.2.5
- Core:
. Fixed bug #75722 (Convert valgrind detection to configure option).
(Michael Heimpold)
- Date:
. Fixed bug #76131 (mismatch arginfo for date_create). (carusogabriel)
- Exif:
. Fixed bug#76130 (Heap Buffer Overflow (READ: 1786) in exif_iif_add_value).
(Stas)
- FPM:
. Fixed bug #68440 (ERROR: failed to reload: execvp() failed: Argument list
too long). (Jacob Hipps)
. Fixed incorrect write to getenv result in FPM reload. (Jakub Zelenka)
- GD:
. Fixed bug #52070 (imagedashedline() - dashed line sometimes is not visible).
(cmb)
- intl:
. Fixed bug #76153 (Intl compilation fails with icu4c 61.1). (Anatol)
- iconv:
. Fixed bug #76249 (stream filter convert.iconv leads to infinite loop on
invalid sequence). (Stas)
- ldap:
. Fixed bug #76248 (Malicious LDAP-Server Response causes Crash). (Stas)
- mbstring:
. Fixed bug #75944 (Wrong cp1251 detection). (dmk001)
. Fixed bug #76113 (mbstring does not build with Oniguruma 6.8.1).
(chrullrich, cmb)
- ODBC:
. Fixed bug #76088 (ODBC functions are not available by default on Windows).
(cmb)
- Opcache:
. Fixed bug #76094 (Access violation when using opcache). (Laruence)
- Phar:
. Fixed bug #76129 (fix for CVE-2018-5712 may not be complete). (Stas)
- phpdbg:
. Fixed bug #76143 (Memory corruption: arbitrary NUL overwrite). (Laruence)
- SPL:
. Fixed bug #76131 (mismatch arginfo for splarray constructor).
(carusogabriel)
- standard:
. Fixed bug #74139 (mail.add_x_header default inconsistent with docs). (cmb)
. Fixed bug #75996 (incorrect url in header for mt_rand). (tatarbj)
To generate a diff of this commit:
cvs rdiff -u -r1.214 -r1.215 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.23 -r1.24 pkgsrc/lang/php72/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Apr 26 15:44:15 UTC 2018
Modified Files:
pkgsrc/lang/php72: Makefile
Log Message:
lang/php72: Reset PKGREVISION
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 pkgsrc/lang/php72/Makefile
|
|
lang/php71: security update
Revisions pulled up:
- lang/php/phpversion.mk 1.214
- lang/php71/distinfo 1.36
- lang/php71/patches/patch-ext_intl_config.m4 1.2
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Apr 26 15:41:04 UTC 2018
Modified Files:
pkgsrc/lang/php71: distinfo
pkgsrc/lang/php71/patches: patch-ext_intl_config.m4
Log Message:
lang/php71: update to 7.1.17
26 Apr 2018, PHP 7.1.17
- Date:
. Fixed bug #76131 (mismatch arginfo for date_create). (carusogabriel)
- Exif:
. Fixed bug#76130 (Heap Buffer Overflow (READ: 1786) in exif_iif_add_value).
(Stas)
- FPM:
. Fixed bug #68440 (ERROR: failed to reload: execvp() failed: Argument list
too long). (Jacob Hipps)
. Fixed incorrect write to getenv result in FPM reload. (Jakub Zelenka)
- GD:
. Fixed bug #52070 (imagedashedline() - dashed line sometimes is not visible).
(cmb)
- iconv:
. Fixed bug #76249 (stream filter convert.iconv leads to infinite loop on
invalid sequence). (Stas)
- intl:
. Fixed bug #76153 (Intl compilation fails with icu4c 61.1). (Anatol)
- ldap:
. Fixed bug #76248 (Malicious LDAP-Server Response causes Crash). (Stas)
- mbstring:
. Fixed bug #75944 (Wrong cp1251 detection). (dmk001)
. Fixed bug #76113 (mbstring does not build with Oniguruma 6.8.1).
(chrullrich, cmb)
- Phar:
. Fixed bug #76129 (fix for CVE-2018-5712 may not be complete). (Stas)
- phpdbg:
. Fixed bug #76143 (Memory corruption: arbitrary NUL overwrite). (Laruence)
- SPL:
. Fixed bug #76131 (mismatch arginfo for splarray constructor).
(carusogabriel)
- standard:
. Fixed bug #75996 (incorrect url in header for mt_rand). (tatarbj)
To generate a diff of this commit:
cvs rdiff -u -r1.35 -r1.36 pkgsrc/lang/php71/distinfo
cvs rdiff -u -r1.1 -r1.2 pkgsrc/lang/php71/patches/patch-ext_intl_config.m4
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Apr 26 15:42:15 UTC 2018
Modified Files:
pkgsrc/lang/php: phpversion.mk
Log Message:
lang/php: update php71 to 7.1.17
Oops, should be commited with previous one.
To generate a diff of this commit:
cvs rdiff -u -r1.213 -r1.214 pkgsrc/lang/php/phpversion.mk
|
|
www/contao45: security update
Revisions pulled up:
- www/contao45/Makefile 1.6
- www/contao45/PLIST 1.6
- www/contao45/distinfo 1.6
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Apr 23 14:30:45 UTC 2018
Modified Files:
pkgsrc/www/contao45: Makefile PLIST distinfo
Log Message:
www/contao45: update to 4.5.8
Contao 4.5.7 (2018-04-04)
Contao version 4.5.7 is available. The bugfix release fixes a few minor
issues including a problem with validating the request token and a problem
with rendering custom layout sections.
Contao 4.5.8 (2018-04-18)
Contao version 4.5.8 is available. The bugfix release fixes an XSS
vulnerability in the system log of the back end (CVE-2018-10125).
CVE-2018-10125
With a manipulated request, an attacker can implant a script which is executed
when a logged in back end user opens the system log. The attacker themselves
does not have to be logged in.
The problem affects Contao 3.0.0 to 3.5.34, 4.0.0 to 4.4.17 and 4.5.0 to
4.5.7. We highly recommend you to update.
To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 pkgsrc/www/contao45/Makefile \
pkgsrc/www/contao45/PLIST pkgsrc/www/contao45/distinfo
|
|
www/contao44: security update
Revisions pulled up:
- www/contao44/Makefile 1.18
- www/contao44/PLIST 1.15
- www/contao44/distinfo 1.16
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Apr 23 14:19:00 UTC 2018
Modified Files:
pkgsrc/www/contao44: Makefile PLIST distinfo
Log Message:
www/contao44: update to 4.4.18
Contao 4.4.17 (2018-04-04)
Contao version 4.4.17 is available. The bugfix release fixes a few minor
issues including a problem with rendering custom layout sections.
Contao 4.4.18 (2018-04-18)
Contao version 4.4.18 is available. The bugfix release fixes an XSS
vulnerability in the system log of the back end (CVE-2018-10125).
CVE-2018-10125
With a manipulated request, an attacker can implant a script which is executed
when a logged in back end user opens the system log. The attacker themselves
does not have to be logged in.
The problem affects Contao 3.0.0 to 3.5.34, 4.0.0 to 4.4.17 and 4.5.0 to
4.5.7. We highly recommend you to update.
To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.18 pkgsrc/www/contao44/Makefile
cvs rdiff -u -r1.14 -r1.15 pkgsrc/www/contao44/PLIST
cvs rdiff -u -r1.15 -r1.16 pkgsrc/www/contao44/distinfo
|
|
www/contao35: security update
Revisions pulled up:
- www/contao35/Makefile 1.39
- www/contao35/distinfo 1.31
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Apr 23 14:00:18 UTC 2018
Modified Files:
pkgsrc/www/contao35: Makefile distinfo
Log Message:
www/contao35: update to 3.5.35
Version 3.5.35 (2018-04-18)
---------------------------
### Fixed
Fix an XSS vulnerability in the system log (see CVE-2018-10125).
CVE-2018-10125
With a manipulated request, an attacker can implant a script which is executed
when a logged in back end user opens the system log. The attacker themselves
does not have to be logged in.
The problem affects Contao 3.0.0 to 3.5.34, 4.0.0 to 4.4.17 and 4.5.0 to
4.5.7. We highly recommend you to update.
To generate a diff of this commit:
cvs rdiff -u -r1.38 -r1.39 pkgsrc/www/contao35/Makefile
cvs rdiff -u -r1.30 -r1.31 pkgsrc/www/contao35/distinfo
|
|
mail/roundcube: regression fix
mail/roundcube-plugin-enigma: regression fix
mail/roundcube-plugin-password: regression fix
mail/roundcube-plugin-zipdownload: regression fix
Revisions pulled up:
- mail/roundcube-plugin-enigma/distinfo 1.9
- mail/roundcube-plugin-password/distinfo 1.9
- mail/roundcube-plugin-zipdownload/distinfo 1.9
- mail/roundcube/Makefile.common 1.9
- mail/roundcube/distinfo 1.60
- mail/roundcube/plugins.mk 1.2
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Apr 30 06:44:11 UTC 2018
Modified Files:
pkgsrc/mail/roundcube: plugins.mk
Log Message:
mail/roundcube: fix typo
Fix typo in DEPENDS.
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 pkgsrc/mail/roundcube/plugins.mk
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Apr 30 06:45:04 UTC 2018
Modified Files:
pkgsrc/mail/roundcube: Makefile.common distinfo
pkgsrc/mail/roundcube-plugin-enigma: distinfo
pkgsrc/mail/roundcube-plugin-password: distinfo
pkgsrc/mail/roundcube-plugin-zipdownload: distinfo
Log Message:
mail/roundcube: update to 1.2.9
RELEASE 1.2.9
-------------
- Fix regression where IMAP commands with '*' uidset argument wasn't working
To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 pkgsrc/mail/roundcube/Makefile.common
cvs rdiff -u -r1.59 -r1.60 pkgsrc/mail/roundcube/distinfo
cvs rdiff -u -r1.8 -r1.9 pkgsrc/mail/roundcube-plugin-enigma/distinfo
cvs rdiff -u -r1.8 -r1.9 pkgsrc/mail/roundcube-plugin-password/distinfo
cvs rdiff -u -r1.8 -r1.9 pkgsrc/mail/roundcube-plugin-zipdownload/distinfo
|
|
www/drupal7: security update
Revisions pulled up:
- www/drupal7/Makefile 1.49
- www/drupal7/distinfo 1.37
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Apr 25 16:43:35 UTC 2018
Modified Files:
pkgsrc/www/drupal7: Makefile distinfo
Log Message:
www/drupal7: update to 7.59
Drupal 7.59, 2018-04-25
-----------------------
- Fixed security issues (remote code execution). See SA-CORE-2018-004.
To generate a diff of this commit:
cvs rdiff -u -r1.48 -r1.49 pkgsrc/www/drupal7/Makefile
cvs rdiff -u -r1.36 -r1.37 pkgsrc/www/drupal7/distinfo
|
|
lang/spidermonkey185: build fix for Solaris
Revisions pulled up:
- lang/spidermonkey185/Makefile 1.4
- lang/spidermonkey185/distinfo 1.4
- lang/spidermonkey185/patches/patch-jsgcchunk.cpp 1.1
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: jperkin
Date: Thu Apr 26 09:39:18 UTC 2018
Modified Files:
pkgsrc/lang/spidermonkey185: Makefile distinfo
Added Files:
pkgsrc/lang/spidermonkey185/patches: patch-jsgcchunk.cpp
Log Message:
spidermonkey185: Fix build on SunOS 64-bit.
SpiderMonkey makes assumptions about memory layout that break in a 64-bit
SunOS
environment, so limit mmap() to the lower 32-bit address space. Provides a
workaround for https://bugzilla.mozilla.org/show_bug.cgi?idW7056
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/spidermonkey185/Makefile \
pkgsrc/lang/spidermonkey185/distinfo
cvs rdiff -u -r0 -r1.1 \
pkgsrc/lang/spidermonkey185/patches/patch-jsgcchunk.cpp
|
|
mail/roundcube: security update
mail/roundcube-plugin-enigma: security update
mail/roundcube-plugin-password: security update
mail/roundcube-plugin-zipdownload: security update
Revisions pulled up:
- mail/roundcube-plugin-enigma/distinfo 1.8
- mail/roundcube-plugin-password/distinfo 1.8
- mail/roundcube-plugin-zipdownload/distinfo 1.8
- mail/roundcube/Makefile.common 1.8
- mail/roundcube/distinfo 1.59
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Apr 23 13:55:00 UTC 2018
Modified Files:
pkgsrc/mail/roundcube: Makefile.common distinfo
pkgsrc/mail/roundcube-plugin-enigma: distinfo
pkgsrc/mail/roundcube-plugin-password: distinfo
pkgsrc/mail/roundcube-plugin-zipdownload: distinfo
Log Message:
mail/roundcube: update to 1.2.8
This is a security update to the stable version 1.2. It fixes a recently
reported vulnerability allowing IMAP command injection via a GET parameters.
More details about this are published under CVE-2018-9846.
The second fix is about a missed remote content blocking on HTML messages
with
specially crafted image and style tags.
We strongly recommend to update all productive installations of Roundcube
1.2.x. Please do backup your data before updating!
CHANGELOG
* Fix check_request() bypass in places using get_uids() [CVE-2018-9846]
(#6238)
* Fix possible IMAP command injection vulnerability [CVE-2018-9846] (#6229)
* Fix security issue in remote content blocking on HTML image and style tags
(#6178)
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 pkgsrc/mail/roundcube/Makefile.common
cvs rdiff -u -r1.58 -r1.59 pkgsrc/mail/roundcube/distinfo
cvs rdiff -u -r1.7 -r1.8 pkgsrc/mail/roundcube-plugin-enigma/distinfo
cvs rdiff -u -r1.7 -r1.8 pkgsrc/mail/roundcube-plugin-password/distinfo
cvs rdiff -u -r1.7 -r1.8 pkgsrc/mail/roundcube-plugin-zipdownload/distinfo
|
|
|
|
www/wordpress: security fix
Revisions pulled up:
- www/wordpress/Makefile 1.77
- www/wordpress/distinfo 1.62
---
Module Name: pkgsrc
Committed By: morr
Date: Mon Apr 16 10:22:10 UTC 2018
Modified Files:
pkgsrc/www/wordpress: Makefile distinfo
Log Message:
Update to version 4.9.5.
This maintenance release fixes 28 bugs in 4.9, including fixes for Customizer, media library, error notices, and some security fixes. Twenty Seventeen bundled theme and Hello Dolly bundled plugin have also been updated.
WordPress versions 4.9.4 and earlier are affected by three security issues.
More changes at https://codex.wordpress.org/Version_4.9.5.
|
|
security/libgpg-error: ARM build fix
Revisions pulled up:
- security/libgpg-error/Makefile 1.61
- security/libgpg-error/distinfo 1.36
- security/libgpg-error/patches/patch-src_logging.c 1.1
---
Module Name: pkgsrc
Committed By: maya
Date: Wed Apr 11 08:29:24 UTC 2018
Modified Files:
pkgsrc/security/libgpg-error: Makefile distinfo
Added Files:
pkgsrc/security/libgpg-error/patches: patch-src_logging.c
Log Message:
libgpg-error: Fix build error on ARM via upstream patch.
PR pkg/53106, upstream fix noted by Matthias Peterman.
Bump PKGREVISION.
|
|
sysutils/e2fsprogs: Linux build fix
Revisions pulled up:
- sysutils/e2fsprogs/PLIST.Linux 1.5
---
Module Name: pkgsrc
Committed By: maya
Date: Wed Apr 11 08:11:57 UTC 2018
Added Files:
pkgsrc/sysutils/e2fsprogs: PLIST.Linux
Log Message:
e2fsprogs: add linux-specific PLIST.
These files are only built on linux. When attempting to build them on netbsd,
I found I am missing mntent.h, and there might be more changes necessary.
Just make it linux-specific now.
PR pkg/53174, from Albert Ou.
|
|
devel/nss: bugfix
Revisions pulled up:
- devel/nss/Makefile 1.149
- devel/nss/distinfo 1.84
---
Module Name: pkgsrc
Committed By: maya
Date: Tue Apr 10 15:21:30 UTC 2018
Modified Files:
pkgsrc/devel/nss: Makefile distinfo
Log Message:
nss: update to 3.36.1
No new functionality is introduced in this release. This is a patch release to fix regression bugs.
In NSS version 3.35 the iteration count in optimized builds, which is used for password based encryption algorithm related to encrypted PKCS#7 or PKCS#12 data, was increased to one million
iterations. That change had caused an interoperability regression with operating systems that are limited to 600 K iterations. NSS 3.36.1 has been changed to use the same 600 K limit.
Certain smartcard operations could result in a deadlock
This Bugzilla query returns all the bugs fixed in NSS 3.36.1:
https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXED&classification=Components&query_format=advanced&product=NSS&target_milestone=3.36.1
|
|
|
|
lang/gcc49-libs: build fix
Revisions pulled up:
- lang/gcc49-libs/Makefile 1.15
---
Module Name: pkgsrc
Committed By: wiz
Date: Sun Apr 8 06:06:13 UTC 2018
Modified Files:
pkgsrc/lang/gcc49-libs: Makefile
Log Message:
gcc49-libs: bump PKGREVISION.
It needs to be higher than gcc49's.
From Izumi Tsutsui in PR 53165.
|
|
|
|
devel/ncurses: security update
devel/ncursesw: security update
Revisions pulled up:
- devel/ncurses/Makefile 1.97
- devel/ncurses/Makefile.common 1.35
- devel/ncurses/PLIST 1.24
- devel/ncurses/distinfo 1.34
- devel/ncurses/patches/patch-aa 1.19
- devel/ncurses/patches/patch-ab 1.21
- devel/ncurses/patches/patch-ac 1.26
- devel/ncurses/patches/patch-c++_Makefile.in 1.2
- devel/ncurses/patches/patch-ncurses_tinfo_alloc__entry.c deleted
- devel/ncurses/patches/patch-ncurses_tinfo_lib__baudrate.c deleted
- devel/ncurses/patches/patch-ncurses_tinfo_parse__entry.c deleted
- devel/ncursesw/Makefile 1.16
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: spz
Date: Mon Apr 2 16:26:04 UTC 2018
Modified Files:
pkgsrc/devel/ncurses: Makefile Makefile.common PLIST distinfo
pkgsrc/devel/ncurses/patches: patch-aa patch-ab patch-ac
patch-c++_Makefile.in
pkgsrc/devel/ncursesw: Makefile
Removed Files:
pkgsrc/devel/ncurses/patches: patch-ncurses_tinfo_alloc__entry.c
patch-ncurses_tinfo_lib__baudrate.c
patch-ncurses_tinfo_parse__entry.c
Log Message:
update ncurses(w) to version 6.1, which fixes CVE-2017-13728 and
CVE-2017-16879
summary relnotes:
This release is designed to be source-compatible with ncurses 5.0
through 6.0; providing extensions to the application binary interface
(ABI).
Although the source can still be configured to support the ncurses 5 ABI,
the intent of the release is to provide extensions to the ncurses 6 ABI:
improve integration of tput and tset
provide support for extended numeric capabilities.
The lengthy details are at http://invisible-island.net/ncurses/announce.html
To generate a diff of this commit:
cvs rdiff -u -r1.96 -r1.97 pkgsrc/devel/ncurses/Makefile
cvs rdiff -u -r1.34 -r1.35 pkgsrc/devel/ncurses/Makefile.common
cvs rdiff -u -r1.23 -r1.24 pkgsrc/devel/ncurses/PLIST
cvs rdiff -u -r1.33 -r1.34 pkgsrc/devel/ncurses/distinfo
cvs rdiff -u -r1.18 -r1.19 pkgsrc/devel/ncurses/patches/patch-aa
cvs rdiff -u -r1.20 -r1.21 pkgsrc/devel/ncurses/patches/patch-ab
cvs rdiff -u -r1.25 -r1.26 pkgsrc/devel/ncurses/patches/patch-ac
cvs rdiff -u -r1.1 -r1.2 pkgsrc/devel/ncurses/patches/patch-c++_Makefile.in
cvs rdiff -u -r1.1 -r0 \
pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_alloc__entry.c \
pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_parse__entry.c
cvs rdiff -u -r1.2 -r0 \
pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_lib__baudrate.c
cvs rdiff -u -r1.15 -r1.16 pkgsrc/devel/ncursesw/Makefile
|
|
devel/libgphoto2: dependency fix
filesystems/fuse-gphotofs: revbump
graphics/darktable: revbump
graphics/digikam: revbump
graphics/f-spot: revbump
graphics/gphoto2: revbump
graphics/gthumb: revbump
graphics/gthumb3: revbump
graphics/gtkam: revbump
graphics/kamera: revbump
graphics/shotwell: revbump
Revisions pulled up:
- devel/libgphoto2/buildlink3.mk 1.22
- filesystems/fuse-gphotofs/Makefile 1.11
- graphics/darktable/Makefile 1.84
- graphics/digikam/Makefile 1.135
- graphics/f-spot/Makefile 1.87
- graphics/gphoto2/Makefile 1.63
- graphics/gthumb/Makefile 1.90
- graphics/gthumb3/Makefile 1.22
- graphics/gtkam/Makefile 1.75
- graphics/kamera/Makefile 1.36
- graphics/shotwell/Makefile 1.90
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Tue Apr 3 06:14:55 UTC 2018
Modified Files:
pkgsrc/devel/libgphoto2: buildlink3.mk
pkgsrc/filesystems/fuse-gphotofs: Makefile
pkgsrc/graphics/darktable: Makefile
pkgsrc/graphics/digikam: Makefile
pkgsrc/graphics/f-spot: Makefile
pkgsrc/graphics/gphoto2: Makefile
pkgsrc/graphics/gthumb: Makefile
pkgsrc/graphics/gthumb3: Makefile
pkgsrc/graphics/gtkam: Makefile
pkgsrc/graphics/kamera: Makefile
pkgsrc/graphics/shotwell: Makefile
Log Message:
libgphoto2: update bl3.mk for dependency change
Bump PKGREVISIONs of packages using it.
Noted by John D. Baker on pkgsrc-users.
To generate a diff of this commit:
cvs rdiff -u -r1.21 -r1.22 pkgsrc/devel/libgphoto2/buildlink3.mk
cvs rdiff -u -r1.10 -r1.11 pkgsrc/filesystems/fuse-gphotofs/Makefile
cvs rdiff -u -r1.83 -r1.84 pkgsrc/graphics/darktable/Makefile
cvs rdiff -u -r1.134 -r1.135 pkgsrc/graphics/digikam/Makefile
cvs rdiff -u -r1.86 -r1.87 pkgsrc/graphics/f-spot/Makefile
cvs rdiff -u -r1.62 -r1.63 pkgsrc/graphics/gphoto2/Makefile
cvs rdiff -u -r1.89 -r1.90 pkgsrc/graphics/gthumb/Makefile
cvs rdiff -u -r1.21 -r1.22 pkgsrc/graphics/gthumb3/Makefile
cvs rdiff -u -r1.74 -r1.75 pkgsrc/graphics/gtkam/Makefile
cvs rdiff -u -r1.35 -r1.36 pkgsrc/graphics/kamera/Makefile
cvs rdiff -u -r1.89 -r1.90 pkgsrc/graphics/shotwell/Makefile
|
|
|
|
|
