| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
www/contao35: security fix
Revisions pulled up:
- www/contao35/Makefile 1.40
- www/contao35/distinfo 1.32
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Sep 18 15:10:58 UTC 2018
Modified Files:
pkgsrc/www/contao35: Makefile distinfo
Log Message:
www/contao35: update to 3.5.36
Version 3.5.36 (2018-09-18)
---------------------------
### Fixed
Prevent arbitrary code execution through .phar files (see CVE-2018-17057).
### Fixed
Correctly reset the autologin data upon logout (#8868).
### Fixed
Remove support for deprecated user password hashes (see #8889).
|
|
lang/php56: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.231
- lang/php56/distinfo 1.51
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Sep 13 15:47:46 UTC 2018
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php56: distinfo
Log Message:
lang/php56: Update to 5.6.38
13 Sep 2018, PHP 5.6.38
- Apache2
. Fixed bug #76582 (XSS due to the header Transfer-Encoding: chunked). (Stas)
|
|
lang/php70: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.230
- lang/php70/Makefile.php 1.10
- lang/php70/distinfo 1.48
---
Module Name: pkgsrc
Committed By: manu
Date: Mon Jul 30 07:17:16 UTC 2018
Modified Files:
pkgsrc/lang/php70: Makefile.php
pkgsrc/lang/php71: Makefile.php
pkgsrc/lang/php72: Makefile.php
Log Message:
Fix PHP buidl on i386
The --disable-gcc-global-regs fix is not enough, we really need
GCC 6 to avoid php crashing during www/ap-ph build.
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Sep 13 15:46:38 UTC 2018
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php70: distinfo
Log Message:
lang/php70: Update to 7.0.32
13 Sep 2018 PHP 7.0.32
- Apache2
. Fixed bug #76582 (XSS due to the header Transfer-Encoding: chunked). (Stas)
|
|
lang/php72: security fix
Revisions pulled up:
- lang/php72/Makefile 1.13
- lang/php72/Makefile.php 1.7-1.8
- lang/php72/distinfo 1.29-1.30
---
Module Name: pkgsrc
Committed By: manu
Date: Mon Jul 30 07:17:16 UTC 2018
Modified Files:
pkgsrc/lang/php70: Makefile.php
pkgsrc/lang/php71: Makefile.php
pkgsrc/lang/php72: Makefile.php
Log Message:
Fix PHP buidl on i386
The --disable-gcc-global-regs fix is not enough, we really need
GCC 6 to avoid php crashing during www/ap-ph build.
---
Module Name: pkgsrc
Committed By: maya
Date: Tue Jul 31 01:17:56 UTC 2018
Modified Files:
pkgsrc/lang/php70: Makefile Makefile.php
pkgsrc/lang/php71: Makefile Makefile.php
pkgsrc/lang/php72: Makefile Makefile.php
Log Message:
move --disable-gcc-global-regs to Makefile.php.
Seems to make a previously segfaulting netbsd-8/i386's build not segfau=
lt.
ap-php runs PHP's configure and builds some of its code, so it needs th=
e
same flag.
Now we can stop requiring an arbitrary GCC version. The test case in th=
e
GCC bugzilla fails on all GCC versions I tested, but magically some
versions of GCC manage to build a working PHP.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 19 13:56:59 UTC 2018
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php72: distinfo
Log Message:
lang/php72: update to 7.2.9
16 Aug 2018, PHP 7.2.9
- Calendar:
. Fixed bug #52974 (jewish.c: compile error under Windows with GBK ch=
arset).
(cmb)
- Filter:
. Fixed bug #76366 (References in sub-array for filtering breaks the =
filter).
(ZiHang Gao)
- PDO_Firebird:
. Fixed bug #76488 (Memory leak when fetching a BLOB field). (Simonov=
Denis)
- PDO_PgSQL:
. Fixed bug #75402 (Possible Memory Leak using PDO::CURSOR_SCROLL opt=
ion).
(Anatol)
- SQLite3:
. Fixed #76665 (SQLite3Stmt::bindValue() with SQLITE3_FLOAT doesn't j=
uggle).
(cmb)
- Standard:
. Fixed bug #73817 (Incorrect entries in get_html_translation_table).=
(cmb)
. Fixed bug #68553 (array_column: null values in $index_key become in=
crementing
keys in result). (Laruence)
. Fixed bug #76643 (Segmentation fault when using `output_add_rewrite=
_var`).
(cmb)
- Zip:
. Fixed bug #76524 (ZipArchive memory leak (OVERWRITE flag and empty =
archive)).
(Timur Ibragimov)
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Sep 13 15:45:33 UTC 2018
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php72: distinfo
Log Message:
lang/php72: Update to 7.2.10
13 Sep 2018, PHP 7.2.10
- Core:
. Fixed bug #76754 (parent private constant in extends class memory l=
eak).
(Laruence)
. Fixed bug #72443 (Generate enabled extension). (petk)
. Fixed bug #75797 (Memory leak when using class_alias() in non-debug=
mode).
(Massimiliano Braglia)
- Apache2:
. Fixed bug #76582 (Apache bucket brigade sometimes becomes invalid).=
(stas)
- Bz2:
. Fixed arginfo for bzcompress. (Tyson Andre)
- gettext:
. Fixed bug #76517 (incorrect restoring of LDFLAGS). (sji)
- iconv:
. Fixed bug #68180 (iconv_mime_decode can return extra characters in =
a
header). (cmb)
. Fixed bug #63839 (iconv_mime_decode_headers function is skipping he=
aders).
(cmb)
. Fixed bug #60494 (iconv_mime_decode does ignore special characters)=
. (cmb)
. Fixed bug #55146 (iconv_mime_decode_headers() skips some headers). =
(cmb)
- intl:
. Fixed bug #74484 (MessageFormatter::formatMessage memory corruption=
with
11+ named placeholders). (Anatol)
- libxml:
. Fixed bug #76777 ("public id" parameter of libxml_set_external_enti=
ty_loader
callback undefined). (Ville Hukkam=E4ki)
- mbstring:
. Fixed bug #76704 (mb_detect_order return value varies based on argu=
ment
type). (cmb)
- Opcache:
. Fixed bug #76747 (Opcache treats path containing "test.pharma.tld" =
as a phar
file). (Laruence)
- OpenSSL:
. Fixed bug #76705 (unusable ssl =3D> peer_fingerprint in
stream_context_create()). (Jakub Zelenka)
- phpdbg:
. Fixed bug #76595 (phpdbg man page contains outdated information).
(Kevin Abel)
- SPL:
. Fixed bug #68825 (Exception in DirectoryIterator::getLinkTarget()).=
(cmb)
. Fixed bug #68175 (RegexIterator pregFlags are NULL instead of 0). (=
Tim
Siebels)
- Standard:
. Fixed bug #76778 (array_reduce leaks memory if callback throws exce=
ption).
(cmb)
- zlib:
. Fixed bug #65988 (Zlib version check fails when an include/zlib/ st=
yle dir
is passed to the --with-zlib configure option). (Jay Bonci)
. Fixed bug #76709 (Minimal required zlib library is 1.2.0.4). (petk)=
|
|
lang/php71: security fix
Revisions pulled up:
- lang/php71/Makefile 1.16
- lang/php71/Makefile.php 1.9-1.10
- lang/php71/distinfo 1.41-1.42
---
Module Name: pkgsrc
Committed By: manu
Date: Mon Jul 30 07:17:16 UTC 2018
Modified Files:
pkgsrc/lang/php70: Makefile.php
pkgsrc/lang/php71: Makefile.php
pkgsrc/lang/php72: Makefile.php
Log Message:
Fix PHP buidl on i386
The --disable-gcc-global-regs fix is not enough, we really need
GCC 6 to avoid php crashing during www/ap-ph build.
---
Module Name: pkgsrc
Committed By: maya
Date: Tue Jul 31 01:17:56 UTC 2018
Modified Files:
pkgsrc/lang/php70: Makefile Makefile.php
pkgsrc/lang/php71: Makefile Makefile.php
pkgsrc/lang/php72: Makefile Makefile.php
Log Message:
move --disable-gcc-global-regs to Makefile.php.
Seems to make a previously segfaulting netbsd-8/i386's build not segfau=
lt.
ap-php runs PHP's configure and builds some of its code, so it needs th=
e
same flag.
Now we can stop requiring an arbitrary GCC version. The test case in th=
e
GCC bugzilla fails on all GCC versions I tested, but magically some
versions of GCC manage to build a working PHP.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 19 13:55:24 UTC 2018
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php71: distinfo
Log Message:
lang/php71: Update to 7.1.21
PHP =
NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||=
||||||||
16 Aug 2018, PHP 7.1.21
- Calendar:
. Fixed bug #52974 (jewish.c: compile error under Windows with GBK ch=
arset).
(cmb)
- Filter:
. Fixed bug #76366 (References in sub-array for filtering breaks the =
filter).
(ZiHang Gao)
- PDO_Firebird:
. Fixed bug #76488 (Memory leak when fetching a BLOB field). (Simonov=
Denis)
- PDO_PgSQL:
. Fixed bug #75402 (Possible Memory Leak using PDO::CURSOR_SCROLL opt=
ion).
(Anatol)
- SQLite3:
. Fixed #76665 (SQLite3Stmt::bindValue() with SQLITE3_FLOAT doesn't j=
uggle).
(cmb)
- Standard:
. Fixed bug #68553 (array_column: null values in $index_key become in=
crementing
keys in result). (Laruence)
. Fixed bug #73817 (Incorrect entries in get_html_translation_table).=
(cmb)
. Fixed bug #76643 (Segmentation fault when using `output_add_rewrite=
_var`).
(cmb)
- Zip:
. Fixed bug #76524 (ZipArchive memory leak (OVERWRITE flag and empty =
archive)).
(Timur Ibragimov)
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Sep 13 15:44:06 UTC 2018
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php71: distinfo
Log Message:
lang/php71: Update to 7.1.22
13 Sep 2018, PHP 7.1.22
- Core:
. Fixed bug #76754 (parent private constant in extends class memory l=
eak).
(Laruence)
. Fixed bug #72443 (Generate enabled extension). (petk)
- Apache2:
. Fixed bug #76582 (Apache bucket brigade sometimes becomes invalid).=
(stas)
- Bz2:
. Fixed arginfo for bzcompress. (Tyson Andre)
- gettext:
. Fixed bug #76517 (incorrect restoring of LDFLAGS). (sji)
- iconv:
. Fixed bug #68180 (iconv_mime_decode can return extra characters in =
a
header). (cmb)
. Fixed bug #63839 (iconv_mime_decode_headers function is skipping he=
aders).
(cmb)
. Fixed bug #60494 (iconv_mime_decode does ignore special characters)=
. (cmb)
. Fixed bug #55146 (iconv_mime_decode_headers() skips some headers). =
(cmb)
- intl:
. Fixed bug #74484 (MessageFormatter::formatMessage memory corruption=
with
11+ named placeholders). (Anatol)
- libxml:
. Fixed bug #76777 ("public id" parameter of libxml_set_external_enti=
ty_loader
callback undefined). (Ville Hukkam=E4ki)
- mbstring:
. Fixed bug #76704 (mb_detect_order return value varies based on argu=
ment
type). (cmb)
- Opcache:
. Fixed bug #76747 (Opcache treats path containing "test.pharma.tld" =
as a phar
file). (Laruence)
- OpenSSL:
. Fixed bug #76705 (unusable ssl =3D> peer_fingerprint in
stream_context_create()). (Jakub Zelenka)
- phpdbg:
. Fixed bug #76595 (phpdbg man page contains outdated information).
(Kevin Abel)
- SPL:
. Fixed bug #68825 (Exception in DirectoryIterator::getLinkTarget()).=
(cmb)
. Fixed bug #68175 (RegexIterator pregFlags are NULL instead of 0). (=
Tim
Siebels)
- Standard:
. Fixed bug #76778 (array_reduce leaks memory if callback throws exce=
ption).
(cmb)
- zlib:
. Fixed bug #65988 (Zlib version check fails when an include/zlib/ st=
yle dir
is passed to the --with-zlib configure option). (Jay Bonci)
. Fixed bug #76709 (Minimal required zlib library is 1.2.0.4). (petk)=
|
|
|
|
www/moodle: security update
Revisions pulled up:
- www/moodle/Makefile 1.67
- www/moodle/distinfo 1.52
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wen
Date: Sat Sep 15 13:10:00 UTC 2018
Modified Files:
pkgsrc/www/moodle: Makefile distinfo
Log Message:
Update to 3.5.2
Upstream changes:
Moodle 3.5.2 release notes
Releases > Moodle 3.5.2 release notes
Release date: 10 September 2018
Here is the full list of fixed issues in 3.5.2.
Contents
1 Highlights
2 Fixes and improvements
3 Security issues
4 See also
Highlights
MDL-61652 - Configuration as to who can download SAR data
MDL-62026 - Privacy officer can mark general enquiries as complete
MDL-62660 - Option to set a data request expiry time
MDL-57741 - Launch URL for Publish as LTI tool
MDL-57977 - Global search allows searching for users by alternate name
Fixes and improvements
MDL-60826 - Memory exhaustion error when trying to add/edit calendar event as admin
MDL-60874 - Clearer search results in user enrolment
MDL-62782 - Users with the capability mod/assign:viewgrades can also view uploaded feedback files
MDL-62849 - Filemanager: cannot manage files when there are folders
MDL-62534 - Empty course sections deleted when upgrading
MDL-62600 - Admin is misinformed that there are no data requests
MDL-61351 - Shibboleth logout does not handle file sessions correctly
MDL-62996 - Missing upgrade.php file on tool_dataprivacy may cause errors when upgrading from 3.3 or 3.4
MDL-62643 - Online text assignment submissions generate a blank HTML document for grading when no text is entered
MDL-61515 - The current core php-css-parser prefixing library does not support sass syntax "@supports"
MDL-61424 - When token is rejected from moodle.net provide option to unregister
MDL-59847 - Behaviour when city/country are hiddenfields and identityfields at the same time
MDL-62965 - User profile fields missing on signup page
MDL-62889 - Multiple fixes when redirecting to a URL after clicking on a notification
MDL-62989 - Data requests are listed by date requested for users
MDL-62896 - Some non-core plugins are missing their Additional label on the Plugin data registry page
MDL-62993 - External tool Message in Membership Service not in an Array
MDL-62969 - External tool LtiLinkMemberships URL is invalid
MDL-62581 - Boost Course restore screen styling improvements
MDL-62769 - "Statistics for question positions" graph shows last shown variant, not stats for overall question
MDL-62341 - 'Go back to previous page' link on All policies page
MDL-62746 - Boost core_tag modals content layout improvements
MDL-45389 - Forum index page alignment improvements
MDL-61707 - Pre-signup (minor check) session is not deleted upon signup
MDL-62852 - All policies page lists policy type and audience
Security issues
A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.
To generate a diff of this commit:
cvs rdiff -u -r1.66 -r1.67 pkgsrc/www/moodle/Makefile
cvs rdiff -u -r1.51 -r1.52 pkgsrc/www/moodle/distinfo
|
|
|
|
net/rtorrent: security fix (remote code execution)
Revisions pulled up:
- net/rtorrent/Makefile 1.72
- net/rtorrent/options.mk 1.3
---
Module Name: pkgsrc
Committed By: maya
Date: Fri Sep 14 21:06:42 UTC 2018
Modified Files:
pkgsrc/net/rtorrent: Makefile options.mk
Log Message:
rtorrent: disable xmlrpc option by default, it is too insecure.
bump PKGREVISION.
|
|
|
|
net/youtube-dl: bugfix
Revisions pulled up:
- net/youtube-dl/Makefile 1.140-1.145
- net/youtube-dl/PLIST 1.66-1.68
- net/youtube-dl/distinfo 1.125-1.130
- net/youtube-dl/patches/patch-youtube__dl_postprocessor_ffmpeg.py 1.4
---
Module Name: pkgsrc
Committed By: leot
Date: Sat Jul 14 11:27:05 UTC 2018
Modified Files:
pkgsrc/net/youtube-dl: Makefile PLIST distinfo
pkgsrc/net/youtube-dl/patches:
patch-youtube__dl_postprocessor_ffmpeg.py
Log Message:
youtube-dl: Update net/youtube-dl to 20180710
Changes:
version 2018.07.10
Core
* [utils] Share JSON-LD regular expression
* [downloader/dash] Improve error handling (#16927)
Extractors
+ [nrktv] Add support for new season and serie URL schema
+ [nrktv] Add support for new episode URL schema (#16909)
+ [frontendmasters] Add support for frontendmasters.com (#3661, #16328)
* [funk] Fix extraction (#16918)
* [watchbox] Fix extraction (#16904)
* [dplayit] Sort formats
* [dplayit] Fix extraction (#16901)
* [youtube] Improve login error handling (#13822)
version 2018.07.04
Core
* [extractor/common] Properly escape % in MPD templates (#16867)
* [extractor/common] Use source URL as Referer for HTML5 entries (16849)
* Prefer ffmpeg over avconv by default (#8622)
Extractors
* [pluralsight] Switch to graphql (#16889, #16895, #16896, #16899)
* [lynda] Simplify login and improve error capturing (#16891)
+ [go90] Add support for embed URLs (#16873)
* [go90] Detect geo restriction error and pass geo verification headers
(#16874)
* [vlive] Fix live streams extraction (#16871)
* [npo] Fix typo (#16872)
+ [mediaset] Add support for new videos and extract all formats (#16568)
* [dctptv] Restore extraction based on REST API (#16850)
* [svt] Improve extraction and add support for pages (#16802)
* [porncom] Fix extraction (#16808)
version 2018.06.25
Extractors
* [joj] Relax URL regular expression (#16771)
* [brightcove] Workaround sonyliv DRM protected videos (#16807)
* [motherless] Fix extraction (#16786)
* [itv] Make SOAP request non fatal and extract metadata from webpage (#16780)
- [foxnews:insider] Remove extractor (#15810)
+ [foxnews] Add support for iframe embeds (#15810, #16711)
version 2018.06.19
Core
+ [extractor/common] Introduce expected_status in _download_* methods
for convenient accept of HTTP requests failed with non 2xx status codes
+ [compat] Introduce compat_integer_types
Extractors
* [peertube] Improve generic support (#16733)
+ [6play] Use geo verification headers
* [rtbf] Fix extraction for python 3.2
* [vgtv] Improve HLS formats extraction
+ [vgtv] Add support for www.aftonbladet.se/tv URLs
* [bbccouk] Use expected_status
* [markiza] Expect 500 HTTP status code
* [tvnow] Try all clear manifest URLs (#15361)
---
Module Name: pkgsrc
Committed By: leot
Date: Sun Jul 22 10:16:11 UTC 2018
Modified Files:
pkgsrc/net/youtube-dl: Makefile distinfo
Log Message:
youtube-dl: Update net/youtube-dl to 20180721
Changes:
2018.07.21
----------
Core
+ [utils] Introduce url_or_none
* [utils] Allow JSONP without function name (#17028)
+ [extractor/common] Extract DASH and MSS formats from SMIL manifests
Extractors
+ [bbc] Add support for BBC Radio Play pages (#17022)
* [iwara] Fix download URLs (#17026)
* [vrtnu] Relax title extraction and extract JSON-LD (#17018)
+ [viu] Pass Referer and Origin headers and area id (#16992)
+ [vimeo] Add another config regular expression (#17013)
+ [facebook] Extract view count (#16942)
* [dailymotion] Improve description extraction (#16984)
* [slutload] Fix and improve extraction (#17001)
* [mediaset] Fix extraction (#16977)
+ [theplatform] Add support for theplatform TLD customization (#16977)
* [imgur] Relax URL regular expression (#16987)
* [pornhub] Improve extraction and extract all formats (#12166, #15891, #16262,
#16959)
---
Module Name: pkgsrc
Committed By: leot
Date: Thu Aug 9 11:10:10 UTC 2018
Modified Files:
pkgsrc/net/youtube-dl: Makefile PLIST distinfo
Log Message:
youtube-dl: Update net/youtube-dl to 20180804
Changes:
2018.08.04
----------
Extractors
* [funk:channel] Improve byChannelAlias extraction (#17142)
* [twitch] Fix authentication (#17024, #17126)
* [twitch:vod] Improve URL regular expression (#17135)
* [watchbox] Fix extraction (#17107)
* [pbs] Fix extraction (#17109)
* [theplatform] Relax URL regular expression (#16181, #17097)
+ [viqeo] Add support for viqeo.tv (#17066)
2018.07.29
----------
Extractors
* [crunchyroll:playlist] Restrict URL regular expression (#17069, #17076)
+ [pornhub] Add support for subtitles (#16924, #17088)
* [ceskatelevize] Use https for API call (#16997, #16999)
* [dailymotion:playlist] Fix extraction (#16894)
* [ted] Improve extraction
* [ted] Fix extraction for videos without nativeDownloads (#16756, #17085)
* [telecinco] Fix extraction (#17080)
* [mitele] Reduce number of requests
* [rai] Return non HTTP relinker URL intact (#17055)
* [vk] Fix extraction for inline only videos (#16923)
* [streamcloud] Fix extraction (#17054)
* [facebook] Fix tahoe player extraction with authentication (#16655)
+ [puhutv] Add support for puhutv.com (#12712, #16010, #16269)
---
Module Name: pkgsrc
Committed By: leot
Date: Wed Aug 22 10:57:11 UTC 2018
Modified Files:
pkgsrc/net/youtube-dl: Makefile PLIST distinfo
Log Message:
youtube-dl: Update net/youtube-dl to 20180822
Changes:
version 2018.08.22
------------------
Core
* [utils] Use pure browser header for User-Agent (#17236)
Extractors
+ [kinopoisk] Add support for kinopoisk.ru (#17283)
+ [yourporn] Add support for yourporn.sexy (#17298)
+ [go] Add support for disneynow.go.com (#16299, #17264)
+ [6play] Add support for play.rtl.hr (#17249)
* [anvato] Fallback to generic API key for access-key-to-API-key lookup
(#16788, #17254)
* [lci] Fix extraction (#17274)
* [bbccouk] Extend id URL regular expression (#17270)
* [cwtv] Fix extraction (#17256)
* [nova] Fix extraction (#17241)
+ [generic] Add support for expressen embeds
* [raywenderlich] Adapt to site redesign (#17225)
+ [redbulltv] Add support redbull.com tv URLs (#17218)
+ [bitchute] Add support for bitchute.com (#14052)
+ [clyp] Add support for token protected media (#17184)
* [imdb] Fix extension extraction (#17167)
---
Module Name: pkgsrc
Committed By: leot
Date: Sat Sep 1 16:49:45 UTC 2018
Modified Files:
pkgsrc/net/youtube-dl: Makefile distinfo
Log Message:
youtube-dl: Update net/youtube-dl to 20180901
Changes:
version 2018.09.01
Core
* [utils] Skip remote IP addresses non matching to source address' IP version
when creating a connection (#13422, #17362)
Extractors
+ [ard] Add support for one.ard.de (#17397)
* [niconico] Fix extraction on python3 (#17393, #17407)
* [ard] Extract f4m formats
* [crunchyroll] Parse vilos media data (#17343)
+ [ard] Add support for Beta ARD Mediathek
+ [bandcamp] Extract more metadata (#13197)
* [internazionale] Fix extraction of non-available-abroad videos (#17386)
version 2018.08.28
Extractors
+ [youtube:playlist] Add support for music album playlists (OLAK5uy_ prefix)
(#17361)
* [bitchute] Fix extraction by pass custom User-Agent (#17360)
* [webofstories:playlist] Fix extraction (#16914)
+ [tvplayhome] Add support for new tvplay URLs (#17344)
+ [generic] Allow relative src for videojs embeds (#17324)
+ [xfileshare] Add support for vidto.se (#17317)
+ [vidzi] Add support for vidzi.nu (#17316)
+ [nova:embed] Add support for media.cms.nova.cz (#17282)
---
Module Name: pkgsrc
Committed By: leot
Date: Sat Sep 8 16:24:35 UTC 2018
Modified Files:
pkgsrc/net/youtube-dl: Makefile distinfo
Log Message:
youtube-dl: Update net/youtube-dl to 20180908
Changes:
version 2018.09.08
Extractors
* [youtube] Fix extraction (#17457, #17464)
+ [pornhub:uservideos] Add support for new URLs (#17388)
* [iprima] Confirm adult check (#17437)
* [slideslive] Make check for video service name case-insensitive (#17429)
* [radiojavan] Fix extraction (#17151)
* [generic] Skip unsuccessful jwplayer extraction (#16735)
|
|
x11/xlockmore, x11/xlockmore-lite: build fix
Revisions pulled up:
- x11/xlockmore-lite/Makefile 1.23
- x11/xlockmore/Makefile 1.134
- x11/xlockmore/Makefile.common 1.79
---
Module Name: pkgsrc
Committed By: maya
Date: Sun Sep 9 20:05:19 UTC 2018
Modified Files:
pkgsrc/x11/xlockmore: Makefile.common
Log Message:
xlockmore{,-lite}: drop CONFLICTS.
This file is used by both xlockmore-lite and xlockmore, and results in
the package being considered conflicting with itself.
Reported by he in PR pkg/53586
---
Module Name: pkgsrc
Committed By: maya
Date: Mon Sep 10 00:06:07 UTC 2018
Modified Files:
pkgsrc/x11/xlockmore: Makefile
pkgsrc/x11/xlockmore-lite: Makefile
Log Message:
xlockmore{,-lite}: restore CONFLICTS.
|
|
|
|
security/sleuthkit: security fix
Revisions pulled up:
- security/sleuthkit/Makefile 1.11
- security/sleuthkit/distinfo 1.6
- security/sleuthkit/patches/patch-tsk_fs_iso9660__dent.c 1.1
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: he
Date: Thu Aug 23 07:47:34 UTC 2018
Modified Files:
pkgsrc/security/sleuthkit: Makefile distinfo
Added Files:
pkgsrc/security/sleuthkit/patches: patch-tsk_fs_iso9660__dent.c
Log Message:
Add a fix for CVE-2017-13755, pointed to from
https://github.com/sleuthkit/sleuthkit/issues/913
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 pkgsrc/security/sleuthkit/Makefile
cvs rdiff -u -r1.5 -r1.6 pkgsrc/security/sleuthkit/distinfo
cvs rdiff -u -r0 -r1.1 \
pkgsrc/security/sleuthkit/patches/patch-tsk_fs_iso9660__dent.c
|
|
|
|
shells/zsh: security update
Revisions pulled up:
- shells/zsh/Makefile 1.85
- shells/zsh/PLIST 1.39
- shells/zsh/distinfo 1.63
- shells/zsh/patches/patch-configure.ac 1.6
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wen
Date: Sun Sep 9 00:46:52 UTC 2018
Modified Files:
pkgsrc/shells/zsh: Makefile PLIST distinfo
pkgsrc/shells/zsh/patches: patch-configure.ac
Log Message:
Update to 5.6
Upstream changes:
Changes from 5.5.1-test-2 to 5.6
--------------------------------
CVE-2018-0502: Data from the second line of a #! script file might be passed to
execve(). For example, in the following situation -
.
printf '#!foo\nbar' > baz
./baz
.
the shell might take "bar" rather than "foo" for the argv[0] to be passed to
execve(). [ Reported by Anthony Sottile and Buck Evan. ]
CVE-2018-13259: A shebang line longer than 64 characters would be truncated.
For example, in the following situation:
.
( printf '#!'; repeat 64 printf 'x'; printf 'y' ) > foo
./foo
.
the shell might execute x...x (64 repetitions) rather than x...xy (64 x's,
one y). [ Reported by Daniel Shahaf. ]
Changes from 5.5.1 to 5.5.1-test-2
----------------------------------
Non-stop IEEE 754 arithmetic support - Inf and NaN are now returned
from floating point operations where errors were printed before.
Inf and NaN are also recognised in arithmetic expressions.
In shell patterns, [[:blank:]] now honours the locale instead of
matching exclusively on space and tab, like for the other POSIX
character classes or for extended regular expressions.
Nanosecond precision on file times is supported in the module
zsh/stat.
To generate a diff of this commit:
cvs rdiff -u -r1.84 -r1.85 pkgsrc/shells/zsh/Makefile
cvs rdiff -u -r1.38 -r1.39 pkgsrc/shells/zsh/PLIST
cvs rdiff -u -r1.62 -r1.63 pkgsrc/shells/zsh/distinfo
cvs rdiff -u -r1.5 -r1.6 pkgsrc/shells/zsh/patches/patch-configure.ac
|
|
www/curl: security update
Revisions pulled up:
- www/curl/Makefile 1.201
- www/curl/distinfo 1.146
- www/curl/patches/patch-src_tool__cb__hdr.c deleted
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Wed Sep 5 06:49:26 UTC 2018
Modified Files:
pkgsrc/www/curl: Makefile distinfo
Removed Files:
pkgsrc/www/curl/patches: patch-src_tool__cb__hdr.c
Log Message:
curl: update to 7.61.1.
This release includes the following bugfixes:
o security advisory (CVE-2018-14618): NTLM password overflow via integer overflow [73]
o CURLINFO_SIZE_UPLOAD: fix missing counter update [46]
o CURLOPT_ACCEPT_ENCODING.3: list them comma-separated
o CURLOPT_SSL_CTX_FUNCTION.3: might cause accidental connection reuse [72]
o Curl_getoff_all_pipelines: improved for multiplexed [3]
o DEPRECATE: remove release date from 7.62.0
o HTTP: Don't attempt to needlessly decompress redirect body [30]
o INTERNALS: require GnuTLS >= 2.11.3 [62]
o README.md: add LGTM.com code quality grade for C/C++ [42]
o SSLCERTS: improve the openssl command line
o Silence GCC 8 cast-function-type warnings [47]
o ares: check for NULL in completed-callback [3]
o asyn-thread: Remove unused macro [40]
o auth: only pick CURLAUTH_BEARER if we *have* a Bearer token [15]
o auth: pick Bearer authentication whenever a token is available [15]
o cmake: CMake config files are defining CURL_STATICLIB for static builds [54]
o cmake: Respect BUILD_SHARED_LIBS [35]
o cmake: Update scripts to use consistent style [9]
o cmake: bumped minimum version to 3.4 [34]
o cmake: link curl to the OpenSSL targets instead of lib absolute paths [34]
o configure: conditionally enable pedantic-errors [64]
o configure: fix for -lpthread detection with OpenSSL and pkg-config [38]
o conn: remove the boolean 'inuse' field [3]
o content_encoding: accept up to 4 unknown trailer bytes after raw deflate data [5]
o cookie tests: treat files as text
o cookies: support creation-time attribute for cookies [75]
o curl: Fix segfault when -H @headerfile is empty [23]
o curl: add http code 408 to transient list for --retry [78]
o curl: fix time-of-check, time-of-use race in dir creation [71]
o curl: use Content-Disposition before the "URL end" for -OJ [29]
o curl: warn the user if a given file name looks like an option [56]
o curl_threads: silence bad-function-cast warning [69]
o darwinssl: add support for ALPN negotiation [7]
o docs/CURLOPT_URL: fix indentation [20]
o docs/CURLOPT_WRITEFUNCTION: size is always 1 [19]
o docs/SECURITY-PROCESS: mention bounty, drop pre-notify
o docs/examples: add hiperfifo example using linux epoll/timerfd [21]
o docs: add disallow-username-in-url.d and haproxy-protocol.d to dist [50]
o docs: clarify NO_PROXY env variable functionality [70]
o docs: improved the manual pages of some callbacks [48]
o docs: mention NULL is fine input to several functions [43]
o formdata: Remove unused macro HTTPPOST_CONTENTTYPE_DEFAULT [40]
o gopher: Do not translate `?' to `%09' [67]
o header output: switch off all styles, not just unbold [8]
o hostip: fix unused variable warning
o http2: Use correct format identifier for stream_id [77]
o http2: abort the send_callback if not setup yet [63]
o http2: avoid set_stream_user_data() before stream is assigned [61]
o http2: check nghttp2_session_set_stream_user_data return code [55]
o http2: clear the drain counter in Curl_http2_done [27]
o http2: make sure to send after RST_STREAM [58]
o http2: separate easy handle from connections better [12]
o http: fix for tiny "HTTP/0.9" response [51]
o http_proxy: Remove unused macro SELECT_TIMEOUT [40]
o lib/Makefile: only do symbol hiding if told to [32]
o lib1502: fix memory leak in torture test [44]
o lib1522: fix curl_easy_setopt argument type
o libcurl-thread.3: expand somewhat on the NO_SIGNAL motivation [66]
o mime: check Curl_rand_hex's return code [22]
o multi: always do the COMPLETED procedure/state [3]
o openssl: assume engine support in 1.0.0 or later [2]
o openssl: fix debug messages [39]
o projects: Improve Windows perl detection in batch scripts [49]
o retry: return error if rewind was necessary but didn't happen [28]
o reuse_conn(): memory leak - free old_conn->options [17]
o schannel: client certificate store opening fix [68]
o schannel: enable CALG_TLS1PRF for w32api >= 5.1
o schannel: fix MinGW compile break [1]
o sftp: don't send post-qoute sequence when retrying a connection [79]
o smb: fix memory leak on early failure [26]
o smb: fix memory-leak in URL parse error path [4]
o smb_getsock: always wait for write socket too [11]
o ssh-libssh: fix infinite connect loop on invalid private key [53]
o ssh-libssh: reduce excessive verbose output about pubkey auth [53]
o ssh-libssh: use FALLTHROUGH to silence gcc8 [76]
o ssl: set engine implicitly when a PKCS#11 URI is provided [36]
o sws: handle EINTR when calling select() [24]
o system_win32: fix version checking [16]
o telnet: Remove unused macros TELOPTS and TELCMDS [40]
o test1143: disable MSYS2's POSIX path conversion [10]
o test1148: disable if decimal separator is not point [65]
o test1307: (fnmatch testing) disabled [31]
o test1422: add required file feature [6]
o test1531: Add timeout [41]
o test1540: Remove unused macro TEST_HANG_TIMEOUT [40]
o test214: disable MSYS2's POSIX path conversion for URL
o test320: treat curl320.out file as binary [14]
o tests/http_pipe.py: Use /usr/bin/env to find python
o tests: Don't use Windows path %PWD for SSH tests [74]
o tests: fixes for Windows line endlings [13]
o tool_operate: Fix setting proxy TLS 1.3 ciphers
o travis: build darwinssl on macos 10.12 to fix linker errors [33]
o travis: execute "set -eo pipefail" for coverage build [45]
o travis: run a 'make checksrc' too [25]
o travis: update to GCC-8 [52]
o travis: verify that man pages can be regenerated [50]
o upload: allocate upload buffer on-demand [60]
o upload: change default UPLOAD_BUFSIZE to 64KB [60]
o urldata: remove unused pipe_broke struct field [57]
o vtls: reinstantiate engine on duplicated handles [59]
o windows: implement send buffer tuning [37]
o wolfSSL/CyaSSL: Fix memory leak in Curl_cyassl_random [18]
To generate a diff of this commit:
cvs rdiff -u -r1.200 -r1.201 pkgsrc/www/curl/Makefile
cvs rdiff -u -r1.145 -r1.146 pkgsrc/www/curl/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/www/curl/patches/patch-src_tool__cb__hdr.c
|
|
net/wireshark: security update
Revisions pulled up:
- net/wireshark/Makefile 1.194,1.196
- net/wireshark/distinfo 1.113-1.114
- net/wireshark/options.mk 1.20
- net/wireshark/patches/patch-ui_qt_packet__format__group__box.cpp deleted
- net/wireshark/patches/patch-ui_qt_time__shift__dialog.cpp deleted
- net/wireshark/patches/patch-ui_qt_wireless__frame.cpp deleted
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Thu Aug 16 13:20:32 UTC 2018
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Removed Files:
pkgsrc/net/wireshark/patches:
patch-ui_qt_packet__format__group__box.cpp
patch-ui_qt_time__shift__dialog.cpp patch-ui_qt_wireless__frame.cpp
Log Message:
wireshark: update to 2.6.2.
Wireshark 2.6.2 Release Notes
What’s New
Bug Fixes
The following vulnerabilities have been fixed:
• wnpa-sec-2018-34[1]
• BGP dissector large loop. Bug 13741[2]. CVE-2018-14342[3].
• wnpa-sec-2018-35[4]
• ISMP dissector crash. Bug 14672[5]. CVE-2018-14344[6].
• wnpa-sec-2018-36[7]
• Multiple dissectors could crash. Bug 14675[8]. CVE-2018-14340[9].
• wnpa-sec-2018-37[10]
• ASN.1 BER dissector crash. Bug 14682[11]. CVE-2018-14343[12].
• wnpa-sec-2018-38[13]
• MMSE dissector infinite loop. Bug 14738[14]. CVE-2018-14339[15].
• wnpa-sec-2018-39[16]
• DICOM dissector crash. Bug 14742[17]. CVE-2018-14341[18].
• wnpa-sec-2018-40[19]
• Bazaar dissector infinite loop. Bug 14841[20].
CVE-2018-14368[21].
• wnpa-sec-2018-41[22]
• HTTP2 dissector crash. Bug 14869[23]. CVE-2018-14369[24].
• wnpa-sec-2018-42[25]
• CoAP dissector crash. Bug 14966[26]. CVE-2018-14367[27].
The following bugs have been fixed:
• ISMP.EDP "Tuples" dissected incorrectly. Bug 4943[28].
• Wireshark - Race issue when switching between files using
Wireshark’s "Files in Set" dialog. Bug 10870[29].
• Sorting on "Source port" or "Destination port" column sorts
alphabetically, not numerically. Bug 11460[30].
• Wireshark crashes when changing profiles. Bug 11648[31].
• Crash when starting capture while saving capture file or
rescanning file after display filter change. Bug 13594[32].
• Crash when switching to TRANSUM enabled profile. Bug 13697[33].
• TCP retransmission with additional payload leads to incorrect
bytes and length in stream. Bug 13700[34].
• Wireshark crashes with single quote string display filter. Bug
14084[35].
• randpkt can write packets that libwiretap can’t read. Bug
14107[36].
• Wireshark crashes when loading new file before previous load has
finished. Bug 14351[37].
• Valid packet produces Malformed Packet: OpcUa. Bug 14465[38].
• Error received from dissect_wccp2_hash_assignment_info(). Bug
14573[39].
• CRC checker wrong for FPP. Bug 14610[40].
• Cross-build broken due to make-dissectors and make-taps. Bug
14622[41].
• Extraction of SMB file results in wrong size. Bug 14662[42].
• 6LoWPAN dissector merges fragments from different sources. Bug
14700[43].
• IP address to name resolution doesn’t work in TShark. Bug
14711[44].
• "Decode as" Modbus RTU over USB doesn’t work with 2.6.0 but with
2.4.6. Bug 14717[45].
• proto_tree_add_protocol_format might leak memory. Bug 14719[46].
• tostring for NSTime objects in lua gives wrong results. Bug
14720[47].
• Media type "application/octet-stream" registered for both Thread
and UASIP. Bug 14729[48].
• Crash related to SCTP tap. Bug 14733[49].
• Formatting of OSI area addresses/address prefixes goes past the
end of the area address/address prefix. Bug 14744[50].
• ICMPv6 Router Renumbering - Packet Dissector - malformed. Bug
14755[51].
• WiMAX HARQ MAP decoder segfaults when length is too short. Bug
14780[52].
• HTTP PUT request following a HEAD request is not correctly
decoded. Bug 14793[53].
• SYNC PDU type 3 miss the last PDU length. Bug 14823[54].
• Reversed 128 bits service UUIDs when Bluetooth Low Energy
advertisement data are dissected. Bug 14843[55].
• Issues with Wireshark when the user doesn’t have permission to
capture. Bug 14847[56].
• Wrong description when LE Bluetooth Device Address type is
dissected. Bug 14866[57].
• LE Role advertisement type (0x1c) is not dissected properly
according to the Bluetooth specification. Bug 14868[58].
• Regression: Wireshark 2.6.0 and 2.6.1 are unable to read NetMon
files which were readable by previous versions. Bug 14876[59].
• Wireshark doesn’t properly display (deliberately) invalid 220
responses from Postfix. Bug 14878[60].
• Follow TCP Stream and click reassembled content moves you to
incorrect current packet. Bug 14898[61].
• Crash when changing profiles while loading a capture file. Bug
14918[62].
• Duplicate PDU during C Arrays Output Export. Bug 14933[63].
• DCE/RPC not dissected when "reserved for use by implementations"
flag bits set. Bug 14942[64].
• Follow TCP Stream truncates output on missing (but ACKed)
segments. Bug 14944[65].
• There’s no option to include column headings when printing
packets or exporting packet dissections with Qt Wireshark. Bug
14945[66].
• Qt: SCTP Graph Dialog: Abort when doing analysis. Bug 14971[67].
• CMake is unable to find LUA libraries. Bug 14983[68].
Updated Protocol Support
6LoWPAN, ASN.1 BER, Bazaar, BGP, Bluetooth, Bluetooth HCI_CMD, CIGI,
Cisco ttag, CoAP, Data, DCERPC, Diameter 3GPP, DICOM, DOCSIS, FPP,
GSM A GM, GTPv2, HTTP, HTTP2, IAX2, ICMPv6, IEEE 1722, IEEE 802.11,
IPv4, ISMP, LISP, MMSE, MTP3, MySQL, NFS, OpcUa, PPI GPS, Q.931,
RNSAP, RPCoRDMA, S1AP, SCTP, SMB, SMTP, STUN, SYNC, T.30, TCP,
TRANSUM, WAP, WCCP, Wi-SUN, WiMax HARQ Map Message, and WSP
New and Updated Capture File Support
Alcatel-Lucent Ascend and Microsoft Network Monitor
To generate a diff of this commit:
cvs rdiff -u -r1.193 -r1.194 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.112 -r1.113 pkgsrc/net/wireshark/distinfo
cvs rdiff -u -r1.1 -r0 \
pkgsrc/net/wireshark/patches/patch-ui_qt_packet__format__group__box.cpp \
pkgsrc/net/wireshark/patches/patch-ui_qt_time__shift__dialog.cpp \
pkgsrc/net/wireshark/patches/patch-ui_qt_wireless__frame.cpp
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Sun Sep 2 21:49:06 UTC 2018
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo options.mk
Log Message:
wireshark: update to 2.6.3.
Fix some pkglint warnings while here.
Wireshark 2.6.3 Release Notes
Bug Fixes
The following vulnerabilities have been fixed:
• wnpa-sec-2018-44[1]
• Bluetooth AVDTP dissector crash. Bug 14884[2]. CVE-2018-16058[3].
• wnpa-sec-2018-45[4]
• Bluetooth Attribute Protocol dissector crash. Bug 14994[5].
CVE-2018-16056[6].
• wnpa-sec-2018-46[7]
• Radiotap dissector crash. Bug 15022[8]. CVE-2018-16057[9].
The following bugs have been fixed:
• Wireshark Hangs on startup initializing external capture plugins.
Bug 14657[10].
• Qt: SCTP Analyse Association Dialog: Segmentation fault when
clicking twice the Filter Association button. Bug 14970[11].
• Incorrect presentation of dissected data item (NETMASK) in ISAKMP
dissector. Bug 14987[12].
• Decode NFAPI: CONFIG.request Error. Bug 14988[13].
• udpdump frame too long error. Bug 14989[14].
• ISDN - LAPD dissector broken since version 2.5.0. Bug 15018[15].
• ASTERIX Category 062 / 135 Altitude has wrong value. Bug
15030[16].
• Wireshark cannot decrypt SSL/TLS session if it was proxied over
HTTP tunnel. Bug 15042[17].
• TLS records in a HTTP tunnel are displayed as "Encrypted
Handshake Message". Bug 15043[18].
• BTATT Dissector: Temperature Measurement: Celsius and Fahrenheit
swapped. Bug 15058[19].
• Diameter AVP User Location Info, Mobile Network Code decoded not
correctly. Bug 15068[20].
• Heartbeat message "Info" displayed without comma separator. Bug
15079[21].
Updated Protocol Support
ASTERIX, Bluetooth, Bluetooth ATT, Bluetooth AVDTP, DHCP, DTLS,
E.212, FP, GSM A RR, HTTP, HTTP2, IEEE 802.11, ISAKMP, ISDN, K12,
NFAPI, Nordic BLE, PFCP, Radiotap, SSL, Steam IHS Discovery, and TLS
1.3
New and Updated Capture File Support
pcapng
New and Updated Capture Interfaces support
ciscodump, udpdump
To generate a diff of this commit:
cvs rdiff -u -r1.195 -r1.196 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.113 -r1.114 pkgsrc/net/wireshark/distinfo
cvs rdiff -u -r1.19 -r1.20 pkgsrc/net/wireshark/options.mk
|
|
x11/libX11: security update
Revisions pulled up:
- x11/libX11/Makefile 1.46
- x11/libX11/PLIST 1.14
- x11/libX11/distinfo 1.28
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Tue Aug 21 19:29:48 UTC 2018
Modified Files:
pkgsrc/x11/libX11: Makefile PLIST distinfo
Log Message:
libX11: update to 1.6.6.
Security fix release.
Alan Coopersmith (6):
Make Xkb{Get,Set}NamedIndicator spec & manpages match code
Clarify state parameter to XkbSetNamedDeviceIndicator
Improve table formatting in XkbChangeControls & XkbKeyNumGroups man pages
If XGetImage fails to create image, don't dereference it to bounds check
Use size_t for buffer sizes in SetHints.c
Change fall through comment in lcDB.c to match gcc's requirements
Arthur Huillet (1):
_XDefaultError: set XlibDisplayIOError flag before calling exit
Bhavi Dhingra (1):
Fix possible memory leak in cmsProp.c:140
Martin Natano (1):
Don't rebuild ks_tables.h if nothing changed.
Matthieu Herrb (2):
Remove statement with no effect.
libX11 1.6.6
Michal Srb (1):
Use flexible array member instead of fake size.
Ryan C. Gordon (1):
Valgrind fix for XStoreColor and XStoreColors.
Samuel Thibault (1):
XkbOpenDisplay.3: fix typo
Tobias Stoeckmann (4):
Validation of server response in XListHosts.
Fixed off-by-one writes (CVE-2018-14599).
Fixed out of boundary write (CVE-2018-14600).
Fixed crash on invalid reply (CVE-2018-14598).
walter harms (13):
fix shadow warning
_XIOError(dpy); will never return so remore dead
remove argument check for free() adjust one inden
fix shadow char_size
fix more shadow warning
no need to check argument for _XkbFree()
remove stray extern
no need to check args for Xfree()
fix memleak in error path
fix memleak in error path
no need to check XFree arguments
mark _XDefaultIOError as no_return
Fixes: warning: variable 'req' set but not,used
wharms (3):
add _X_UNUSED to avoid unused variable warnings
remove empty line
silence gcc warning assignment discards 'const' qualifier from
pointer target type
To generate a diff of this commit:
cvs rdiff -u -r1.45 -r1.46 pkgsrc/x11/libX11/Makefile
cvs rdiff -u -r1.13 -r1.14 pkgsrc/x11/libX11/PLIST
cvs rdiff -u -r1.27 -r1.28 pkgsrc/x11/libX11/distinfo
|
|
x11/libxkbcommon: security update
Revisions pulled up:
- x11/libxkbcommon/Makefile 1.21
- x11/libxkbcommon/distinfo 1.14
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Thu Aug 16 12:21:44 UTC 2018
Modified Files:
pkgsrc/x11/libxkbcommon: Makefile distinfo
Log Message:
libxkbcommon: update to 0.8.2.
libxkbcommon 0.8.2 - 2018-08-05
=========
- Fix various problems found with fuzzing (see commit messages for
more details):
- Fix a few NULL-dereferences, out-of-bounds access and undefined behavior
in the XKB text format parser.
libxkbcommon 0.8.1 - 2018-08-03
=========
- Fix various problems found in the meson build (see commit messages for more
details):
- Fix compilation on Darwin.
- Fix compilation of the x11 tests and demos when XCB is installed in a
non-standard location.
- Fix xkbcommon-x11.pc missing the Requires specification.
- Fix various problems found with fuzzing and Coverity (see commit messages for
more details):
- Fix stack overflow in the XKB text format parser when evaluating boolean
negation.
- Fix NULL-dereferences in the XKB text format parser when some unsupported
tokens appear (the tokens are still parsed for backward compatibility).
- Fix NULL-dereference in the XKB text format parser when parsing an
xkb_geometry section.
- Fix an infinite loop in the Compose text format parser on some inputs.
- Fix an invalid free() when using multiple keysyms.
- Replace the Unicode characters for the leftanglebracket and rightanglebracket
keysyms from the deprecated LEFT/RIGHT-POINTING ANGLE BRACKET to
MATHEMATICAL LEFT/RIGHT ANGLE BRACKET.
- Reject out-of-range Unicode codepoints in xkb_keysym_to_utf8 and
xkb_keysym_to_utf32.
To generate a diff of this commit:
cvs rdiff -u -r1.20 -r1.21 pkgsrc/x11/libxkbcommon/Makefile
cvs rdiff -u -r1.13 -r1.14 pkgsrc/x11/libxkbcommon/distinfo
|
|
|
|
graphics/ImageMagick: security fix
Revisions pulled up:
- graphics/ImageMagick/Makefile 1.246-1.247
- graphics/ImageMagick/Makefile.common 1.175
- graphics/ImageMagick/distinfo 1.190-1.192
- graphics/ImageMagick/patches/patch-config_policy.xml 1.1-1.2
---
Module Name: pkgsrc
Committed By: wiz
Date: Thu Aug 16 08:23:16 UTC 2018
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile.common distinfo
Log Message:
ImageMagick: update to 7.0.8.10.
2018-08-13 7.0.8-10 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-10, GIT revision 14646:48fba3256:201=
80813
2018-08-12 7.0.8-10 Dirk Lemstra <dirk@lem.....org>
* Added dcraw coder (dcraw:img.cr2) that can be used to force the use of=
the
dcraw delegate when libraw is the default raw delegate.
* Restored thread support for the HEIC coder.
2018-08-08 7.0.8-10 Cristy <quetzlzacatenango@image...>
* ThumbnailImage function no longer reveals sensitive information (refer=
ence
https://github.com/ImageMagick/ImageMagick/issues/1243).
2018-08-06 7.0.8-9 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-9, GIT revision 14618:a3663c3dc:2018=
0805.
2018-07-24 7.0.8-9 Cristy <quetzlzacatenango@image...>
* XBM coder leaves the hex image data uninitialized if hex value of the
pixel is negative.
* More improvements to SVG text handling.
* New -range threshold option that combines hard and soft thresholding.
2018-07-23 7.0.8-8 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-8, GIT revision 14583:300fdbcfd:2018=
0723.
2018-07-20 7.0.8-8 Cristy <quetzlzacatenango@image...>
* Non-HDRI ScaleLongToQuantum() private method no longer adds a half int=
erval.
* Fixed memset() negative-size-param (reference
https://github.com/ImageMagick/ImageMagick/issues/1217).
2018-07-16 7.0.8-7 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-7, GIT revision 14561:f85c23180:2018=
0716.
2018-07-15 7.0.8-7 Cristy <quetzlzacatenango@image...>
* Fixed numerous use of uninitialized values, integer overflow, memory
exceeded, and timeouts (credit to OSS Fuzz).
2018-07-08 7.0.8-6 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-6, GIT revision 14541:db940ccd2:2018=
0708.
2018-07-06 7.0.8-6 Cristy <quetzlzacatenango@image...>
* Improve SVG support for tspan element.
* Add support for -fx image.extent.
2018-07-04 7.0.8-5 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-5, GIT revision 14514:bba545bbb:2018=
0704.
2018-07-04 7.0.8-5 Cristy <quetzlzacatenango@image...>
* Fixed a few potential memory leaks
https://github.com/ImageMagick/ImageMagick/issues).
2018-07-02 7.0.8-4 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-4, GIT revision 14505:4613eed4a:2018=
0702.
2018-06-28 7.0.8-4 Cristy <quetzlzacatenango@image...>
* Small tweaks to compile under Cygwin.
* Fixed numerous use of uninitialized values, integer overflow, memory
exceeded, and timeouts (credit to OSS Fuzz).
* Support %B property, the image file size without any decorations.
2018-06-24 7.0.8-3 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-3, GIT revision 14489:c63c504e8:2018=
0624.
2018-06-24 7.0.8-3 Cristy <quetzlzacatenango@image...>
* Apply translate component of SVG transform rotate.
---
Module Name: pkgsrc
Committed By: leot
Date: Wed Aug 22 13:39:24 UTC 2018
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile distinfo
Added Files:
pkgsrc/graphics/ImageMagick/patches: patch-config_policy.xml
Log Message:
ImageMagick: Disable ghostscript coders by default in policy.xml
Disable ghostscript coders in policy.xml as a workaround for
VU#332928 (<https://www.kb.cert.org/vuls/id/332928>).
Please note that apart commenting/removing lines added in policy.xml,
the ghostscript coders can be enabled per-user by copying policy.xml
to ~/.config/ImageMagick/policy.xml and adjusting it with the
following lines:
| [...]
| <policy domain=3D"coder" rights=3D"read|write" pattern=3D"PS" />
| <policy domain=3D"coder" rights=3D"read|write" pattern=3D"EPS" />
| <policy domain=3D"coder" rights=3D"read|write" pattern=3D"PDF" />
| <policy domain=3D"coder" rights=3D"read|write" pattern=3D"XPS" />
| [...]
Bump PKGREVISION
---
Module Name: pkgsrc
Committed By: leot
Date: Thu Aug 23 14:52:23 UTC 2018
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile distinfo
pkgsrc/graphics/ImageMagick/patches: patch-config_policy.xml
Log Message:
ImageMagick: Also block PS2 and PS3 coders in policy.xml
At least when reading PS2 and PS3 files via
`convert PS2:<input> <output>' and `convert PS3:<input> <output>'
gslib/ghostscript will be invoked and hence subject to VU#332928.
Pointed out by Bob Friesenhahn via oss-security@ ML (and follow up from
VU#332928 update).
|
|
graphics/ImageMagick6: security fix
Revisions pulled up:
- graphics/ImageMagick6/Makefile 1.18-1.19
- graphics/ImageMagick6/distinfo 1.10-1.11
- graphics/ImageMagick6/patches/patch-config_policy.xml 1.1-1.2
---
Module Name: pkgsrc
Committed By: leot
Date: Wed Aug 22 13:38:00 UTC 2018
Modified Files:
pkgsrc/graphics/ImageMagick6: Makefile distinfo
Added Files:
pkgsrc/graphics/ImageMagick6/patches: patch-config_policy.xml
Log Message:
ImageMagick6: Disable ghostscript coders by default in policy.xml
Disable ghostscript coders in policy.xml as a workaround for
VU#332928 (<https://www.kb.cert.org/vuls/id/332928>).
Please note that apart commenting/removing lines added in policy.xml,
the ghostscript coders can be enabled per-user by copying policy.xml
to ~/.config/ImageMagick/policy.xml and adjusting it with the
following lines:
| [...]
| <policy domain=3D"coder" rights=3D"read|write" pattern=3D"PS" />
| <policy domain=3D"coder" rights=3D"read|write" pattern=3D"EPS" />
| <policy domain=3D"coder" rights=3D"read|write" pattern=3D"PDF" />
| <policy domain=3D"coder" rights=3D"read|write" pattern=3D"XPS" />
| [...]
Bump PKGREVISION
---
Module Name: pkgsrc
Committed By: leot
Date: Thu Aug 23 14:54:21 UTC 2018
Modified Files:
pkgsrc/graphics/ImageMagick6: Makefile distinfo
pkgsrc/graphics/ImageMagick6/patches: patch-config_policy.xml
Log Message:
ImageMagick6: Also block PS2 and PS3 coders in policy.xml
At least when reading PS2 and PS3 files via
`convert PS2:<input> <output>' and `convert PS3:<input> <output>'
gslib/ghostscript will be invoked and hence subject to VU#332928.
Pointed out by Bob Friesenhahn via oss-security@ ML (and follow up from
VU#332928 update).
|
|
www/drupal8: security fix
Revisions pulled up:
- www/drupal8/Makefile 1.8-1.10
- www/drupal8/PLIST 1.7-1.8
- www/drupal8/distinfo 1.8-1.9
---
Module Name: pkgsrc
Committed By: jperkin
Date: Wed Jul 4 13:40:45 UTC 2018
Modified Files:
pkgsrc/www/drupal8: Makefile
Log Message:
*: Move SUBST_STAGE from post-patch to pre-configure
Performing substitutions during post-patch breaks tools such as mkpatches,
making it very difficult to regenerate correct patches after making changes,
and often leading to substituted string replacements being committed.
---
Module Name: pkgsrc
Committed By: wen
Date: Mon Jul 16 02:21:49 UTC 2018
Modified Files:
pkgsrc/www/drupal8: Makefile PLIST distinfo
Log Message:
Update to 8.5.5
Upstream changes:
Release notes
This is a patch release of Drupal 8 and is ready for use on production sites. Learn more about Drupal 8.
This release only contains bug fixes, along with documentation and testing improvements. Translators should take note of a minor string change since the last release.
Known issues
View with user/% path breaks login/logout on 8.5.x - a regression from 8.4.x
Important: If you have not already upgraded to 8.5.0, read the Drupal 8.5.0 release notes before upgrading to 8.5.5.
Search the issue queue for all known issues.
Changes since 8.5.4:
#2921661 by heddn, maxocub, alexpott, phenaproxima, Jo Fitzgerald, badmetevils, quietone: Add support to migrate multilingual revisions
#2977945 by awm: typo in test_node_revision_links views yml file
Revert "Issue #2971338 by Jo Fitzgerald, quietone, joachim: MigrationLookupTest::testMultipleSourceIds() uses wrong class for mocking"
#2971338 by Jo Fitzgerald, quietone, joachim: MigrationLookupTest::testMultipleSourceIds() uses wrong class for mocking
#2887490 by michaellenahan, cilefen, rOprOprOp, catch: Activity Tracker cannot be enabled if there are unpublished nodes
#2982042 by progga: UUID component's composer.json has wrong description
#2860760 by Jo Fitzgerald, heddn, quietone, alexpott: Match setup() functionality of MigrateFileTest with MigratePrivateFileTest
#2979813 by Wim Leers, TwoD: Add TwoD as maintainer for the editor.module component
#2581557 by dawehner, mxh, xjm, sorabh.v6, JeroenT: Add ltrim($path, '/') in drupalGet method
#2635046 by neclimdul, dawehner, alexpott: run-test.sh doesn't work in directories with spaces
#2950158 by Vidushi Mehta, ankitjain28may, Shiva Srikanth T, ckrina, markconroy, Eli-T: Choose policy for defining font-weight on Umami theme
#2875679 by mondrake, daffie: BasicSyntaxTest::testConcatFields fails with contrib driver
#2933413 by Graber, alexpott, joelpittet, chanderbhushan, jchand: Improve test coverage of using bulk actions when the view has an exposed form using AJAX
#2978596 by visshu007, Chi: views_add_contextual_links() references to non existent views_preprocess_page() function
#2977175 by borisson_, PieterJanPut, tstoeckler, msankhala: DataDefinition::setConstraints() should be on DataDefinitionInterface
#2822611 by Mile23, Wim Leers, alexpott, Berdir, catch, dawehner, xjm, tstoeckler, borisson_: Document why UserInterface + FileInterface + MenuLinkContentInterface + … extend \Drupal\Core\Entity\ContentEntityInterface
#2969598 by msankhala, joachim: badly formatted sample code in docs for Select::orderBy()
Revert "Issue #2886609 by quietone, Jo Fitzgerald, jhodgdon, masipila, heddn, Gábor Hojtsy, mikeryan: Migrate D6 i18n loacalized translations of taxonomy terms"
#2975751 by msankhala, leolando.tan, joachim, claudiu.cristea: incorrect @return for Tables::getTableMapping()
#2927723 by longwave, artreaktor, chiranjeeb2410, ankitjain28may, cilefen, dawehner: The URL "/ " with trailing space is not getting recognized as
#2737773 by antongp, wturrell, pcambra, cilefen, Darvanen, cwells, manningpete, alexpott: Proper way to install Drupal, missing vendor folders, example.gitignore
#2943107 by mherchel, NicholasS, jordana, finnsky, tomphippen, smaz, markconroy, andrewmacpherson, kjay: Umami support for Internet Explorer 11
#2979166 by RajeevK, lomasr: Wrong documentation on SiteCacheContext class
#2749901 by MaskyS, kleog, priya.chat, harsha012, rakesh.gectcr, shobhit_juyal, snehi, SenthilMohith, neerajpandey, gawaksh, thompsizzle, ecrown, mohit1604, andrewmacpherson, surbz, rahulrasgon, riddhi.addweb: Add README.txt to Bartik theme
#2886609 by quietone, Jo Fitzgerald, jhodgdon, masipila, heddn, Gábor Hojtsy, mikeryan: Migrate D6 i18n loacalized translations of taxonomy terms
#2772251 by msankhala, markpavlitski, joachim: description for EntityForm::actions() could use rewording
#2978848 by claudiu.cristea, amateescu: EntityReferenceFieldItemList::referencedEntities() doesn't work for computed fields
#2073467 by maxocub, Jo Fitzgerald, pobster, masipila, plach, heddn, phenaproxima, catch: Migrate Drupal 7 Entity Translation settings to Drupal 8
#2877828 by msankhala, joachim: FormInterface::getFormId() should state restrictions on the returned ID string
#2855054 by alexpott, LoMo, wesleydv, Artusamak, gawaksh, xjm: User cancel link doesn't redirect to the homepage
#2936821 by msankhala, joachim, lomasr, marxjohnson: unclear docs in MigrateProcessInterface
#2951715 by dravenk, marvil07, rakesh.gectcr, davidsonjames, heddn, Jo Fitzgerald, quietone, alexpott, maxocub: Log message if static_map plugin skips the row
#2932777 by mondrake, borisson_, alexpott, daffie: Risky count() in SQLite Statement
#2951163 by nkoporec, Parvateesam, joachim: CachePluginBase::cacheGet()/::cacheSet() doesn't document @params or @return
---
Module Name: pkgsrc
Committed By: wen
Date: Wed Aug 15 10:52:46 UTC 2018
Modified Files:
pkgsrc/www/drupal8: Makefile PLIST distinfo
Log Message:
Update to 8.5.6
Upstream changes:
Drupal 8.5.6 Release notes
Maintenance and security release of the Drupal 8 series.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcement:
Drupal Core - 3rd-party libraries -SA-CORE-2018-005
No other fixes are included.
|
|
www/squid3: security fix
Revisions pulled up:
- www/squid3/Makefile 1.82
- www/squid3/distinfo 1.64
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Aug 11 01:22:02 UTC 2018
Modified Files:
pkgsrc/www/squid3: Makefile distinfo
Log Message:
www/squid3: update to 3.5.29
Changes to squid-3.5.28 (15 Jul 2018):
- SQUID-2018:1: crash processing SSL-Bumped traffic containing ESI
- SQUID-2018:2: crash handling responses to internally generated requests
- SQUID-2018:3 / CVE-2018-1172: crash in ESI Response processing
- Bug 4861: HTTPMSGLOCK missing pointer safety
- Bug 4829: IPC shared memory leaks when disker queue overflows
- Bug 4767: SMP breaks IPv6 SNMP and cache manager queries
- Bug 2821: Ignore Content-Range in non-206 responses
- HTCP: Ignore HTCP packets with invalid URI
- SSL-Bump: fix authentication with schemes other than Basic
- TPROXY: Fix clientside_mark and client port logging
- Fix "Cannot assign requested address" for to-origin TPROXY FTP data
- Fix --with-netfilter-conntrack error message
- Validate mime icon URL before allocating store entries
- ... and many documentation changes
|
|
mail/roundcube: security fix, build fix
Revisions pulled up:
- mail/roundcube-plugin-enigma/distinfo 1.11
- mail/roundcube-plugin-password/Makefile 1.3
- mail/roundcube-plugin-password/distinfo 1.11
- mail/roundcube-plugin-zipdownload/distinfo 1.11
- mail/roundcube/Makefile.common 1.11
- mail/roundcube/distinfo 1.62
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Aug 9 15:03:57 UTC 2018
Modified Files:
pkgsrc/mail/roundcube: Makefile.common distinfo
Log Message:
mail/roundcube: update to 1.3.7
RELEASE 1.3.7
-------------
- Fix PHP Warning: Use of undefined constant IDNA_DEFAULT on systems without php-intl (#6244)
- Fix bug where some parts of quota information could have been ignored (#6280)
- Fix bug where some escape sequences in html styles could bypass security checks
- Fix bug where some forbidden characters on Cyrus-IMAP were not prevented from use in folder names
- Fix bug where only attachments with the same name would be ignored on zip download (#6301)
- Fix bug where unicode contact names could have been broken/emptied or caused DB errors (#6299)
- Fix bug where after "mark all folders as read" action message counters were not reset (#6307)
- Enigma: [EFAIL] Don't decrypt PGP messages with no MDC protection (#6289)
- Fix bug where some HTML comments could have been malformed by HTML parser (#6333)
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Aug 9 15:07:01 UTC 2018
Modified Files:
pkgsrc/mail/roundcube-plugin-enigma: distinfo
Log Message:
mail/roundcube-plugin-enigma: update to 1.3.7
- Enigma: [EFAIL] Don't decrypt PGP messages with no MDC protection (#6289)
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Aug 9 15:08:15 UTC 2018
Modified Files:
pkgsrc/mail/roundcube-plugin-password: Makefile distinfo
Log Message:
mail/roundcube-plugin-password: update to 1.3.7
* No change except version.
Reset PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Aug 9 15:09:31 UTC 2018
Modified Files:
pkgsrc/mail/roundcube-plugin-zipdownload: distinfo
Log Message:
mail/roundcube-plugin-zipdownload: update to 1.3.7
A small PHP poratbility fix.
|
|
|
|
|
|
www/webkit-gtk: security fix
Revisions pulled up:
- www/webkit-gtk/Makefile 1.142
- www/webkit-gtk/PLIST 1.40
- www/webkit-gtk/distinfo 1.104
---
Module Name: pkgsrc
Committed By: wiz
Date: Fri Aug 17 10:37:58 UTC 2018
Modified Files:
pkgsrc/www/webkit-gtk: Makefile PLIST distinfo
Log Message:
webkit-gtk: update to 2.20.4.
What's new in WebKitGTK+ 2.20.4?
- Fix a crash when leaving accelerated compositing mode.
- Fix non-deterministic build failure due to missing JavaScriptCore/JSContextRef.h.
- Security fixes: CVE-2018-4261, CVE-2018-4262, CVE-2018-4263, CVE-2018-4264, CVE-2018-4265, CVE-2018-4266,
CVE-2018-4267, CVE-2018-4270, CVE-2018-4272, CVE-2018-4273, CVE-2018-4278, CVE-2018-4284.
|
|
security/polkit: security fix
Revisions pulled up:
- security/polkit/Makefile 1.12
- security/polkit/distinfo 1.8
- security/polkit/patches/patch-src_polkit_polkitunixprocess.c 1.6
---
Module Name: pkgsrc
Committed By: wiz
Date: Thu Aug 16 12:30:43 UTC 2018
Modified Files:
pkgsrc/security/polkit: Makefile distinfo
pkgsrc/security/polkit/patches: patch-src_polkit_polkitunixprocess.c
Log Message:
polkit: update to 0.115.
This is polkit 0.115.
Highlights:
Fixes CVE-2018-1116, a local information disclosure and denial of service
caused by trusting client-submitted UIDs when referencing processes.
Thanks to Matthias Gerstner of the SUSE security team for reporting
this issue.
Changes since polkit 0.114:
Miloslav Trmač (1):
Fix CVE-2018-1116: Trusting client-supplied UID
Ray Strode (3):
Post-release version bump to 0.115
jsauthority: pass "%s" format string to remaining report function
NEWS: fix date from 2017 to 2018 for 0.114 entry
|
|
The update from 1.2.37 works around an Apache cstratup crash on NetBSD 8.0
Complete Changelog
1.2.43
61733: LB: Propagate load factor changes applied by the status worker to a load balancer sub worker correctly to all processes. Based on a patch provided by Jonathan Oddy. (rjung)
fix ISAPI: Align the make files for 32-bit and 64-bit builds. (markt)
update Update config.guess and config.sub from http://git.savannah.gnu.org/cgit/config.git. (rjung)
update Update PCRE bundled with the ISAPI redirector to 8.41. (rjung)
fix Update the ISAPI redirector installation documentation to reflect the currently supported versions of Windows. (markt)
fix Align the normalization performed by the ISAPI redirector with that implemented by Tomcat. (markt)
1.2.42
fix Status: Fix displayed number of bytes read from and written to the backend when an AJP worker is used without a load balancer worker. (rjung)
fix Apache: Don't try to read remaining request body parts during clean up if reading the request body from the client already failed during earlier processing phases. (rjung)
fix 57485: Apache: Propagate errors reading the request body from the client to mod_jk so Tomcat sees an error rather than a truncated body. (markt)
fix 57836: ISAPI: Empty REMOTE_USER should not be translated to "". (rjung)
fix 58249: Add a note the the documentation that max_packet_size will be aligned to the next multiple of 1024 if a value is specified that is not a multiple of 1024. (markt)
update 58309: ISAPI: Update bundled pcre from version 5.0 to 8.38. (rjung)
fix 58286: Fix crash in mod_jk and in the ISAPI Redirector. The crash only happens on Windows when retrieving the jk-status for the HTML format (which is the default format). This regression was introduced by the fix to 54177. (rjung)
fix 58285: Don't use GCC atomics on platforms, for which GCC doesn't provide an atomics implementation. This regression was introduced by the fix to 44454 and 56703. (rjung)
fix 58425: Fix regression in 1.4.41 that prevented AJP 1.2 workers from initialising. Note that the AJP 1.2 protocol is deprecated. Patch provided by yagisita. (markt)
fix 58504: If a background thread is used to perform worker maintenance, ensure that maintenance runs are not skipped. Patch provided by Hiroto Shimizu. (markt)
fix 58608: ISAPI: Add a new registry option "flush_packets" that allows the flushing behaviour of IIS7+ to be controlled. The default is not to flush. Setting the option to "true" with cause IIS to write data to the client as each AJP packet is received. (markt)
fix 58813: ISAPI: Correctly release a mutex allowing the plugin to complete initialization. Prior to this fix, the incomplete initialization was causing a hang on shutdown. Patch provided by Matthew Reiter. (markt)
fix 58895: Correct an off-by-one error in the log messages for the number of attempts made to communicate with the backend server. Patch provided by Hiroto Shimizu. (markt)
fix 59164: Fix crash on first connection if a host name is specified for the worker that cannot be resolved to an IP address. (markt)
fix 59184: HTTPD: Avoid segmentation fault if mod_jk is configured with an invalid value for JkShmFile. This causes the server startup to fail. (markt)
fix Minor code clean-up and optimization. (markt)
1.2.40
fix AJP, LB: Reduce lock contention during maintenance function. This was observable when using a big number of AJP13 and LB workers, especially in combination with the Apache httpd prefork MPM. (rjung)
fix 57060: Allow building from outside of source tree. Patch contributed by Petr Sumbera. (rjung)
fix 56703: Status: Fix inflated counter for current number of backend connections especially when a connection timeout occurred on the backend. (rjung)
fix 56661: Fix Servlet API getLocalAddr(). Works for Tomcat 6.0.42, 7.0.55 and 8.0.11 and Apache and ISAPI plugins. (rjung)
update Status: Log old and new values when changing worker attributes. (rjung)
fix 56667: Status: Fix log message when changing activation state of all members. (rjung)
fix 56565: Fix IPV6 address resolve on non-dual network stacks. (mturk)
fix 50511: Reduce log level for "OPTIONS *" requests from warning to debug. (rjung)
fix Apache: Copy log notes instead of using references to prevent access to memory from closed pool. (rjung)
add Add option to control handling of multiple adjacent slashes in mount and unmount. New default is collapsing the slashes only in unmount. Configuration is done via new JkOption for Apache ("CollapseSlashesAll", "CollapseSlashesNone" or "CollapseSlashesUnmount") and via property "collapse_slashes" for IIS (values "all", "none", "unmount"). This is the fix for CVE-2014-8111. (rjung)
add Add more checks for shared memory allocation. (rjung)
add 56869: Status: Add maximum number of open backend connections to status worker. Patch contributed by Martin Knoblauch. (rjung)
add 56770: AJP: Add worker name to all log messages. Patch contributed by Martin Knoblauch. (rjung)
fix 50186: Docs: Clarify relation between "connection_pool_timeout" and "keepAliveTimeout" or "connectionTimeout" in the Tomcat AJP connector configuration. (rjung)
fix 52334: LB: Calculate worker recovery time based on last recovery attempt time instead of original error time after the first recovery attempt. (rjung)
fix 54596 part 1: IIS: Fix missing last character when parsing relative file names with no ".." directory components from configuration. (rjung)
fix 54596 part 2: IIS: Fix using relative file names in config with ".." path segments that go up the directory hierarchy higher than the starting point of the relative file name. (rjung)
fix Status: Add logging if status worker output was dropped due to insufficient buffer size. (rjung)
fix Reduce log buffer from 8KB to 1KB. Add logging in case of failed logging and add trailing "..." to lines which were likely truncated. (rjung)
update Replace fixed allocation of 32 entries for fail_on_status by dynamic allocation. (rjung)
add Enforce implementation restriction on maximal length "60" of worker attributes "name", "host", "route", "domain", "redirect", "session_cookie", "session_path" and "set_session_cookie". Checks were added to configuration file processing and configuration updates via the status worker. (rjung)
add 52483: Apache: Add debug logging for result of JkOptions configuration processing. (rjung)
fix 54177: Status: Use numeric time stamps instead of textual ones to avoid non-well-formed XML output. Textual timestamps are formatted according to locale settings and reencoding them to UTF-8 would be cumbersome. (rjung)
fix 56618: Status: Use percent decoding when reading query string parameters. For example this fixes editing IPv6 addresses via the status worker if the client encodes ":" as "%3A". Patch contributed by Christopher Schultz. (rjung)
fix 56452: Fix crash in debug logging for IPv6 adresses. Patch contributed by Christopher Schultz. (rjung)
fix 34526: Apache: Improve compatibility with mod_deflate request body inflation. An automatic detection of mod_deflate inflation is not implemented. Use the new Apache environment variable JK_IGNORE_CL instead, to let mod_jk ignore an existing Content-Length request header. (rjung)
update 44454: LB: Add warning to docs about problems with "busyness" load balancing method. (rjung)
fix 44454: Improve busy counter by using atomics. (rjung)
fix 56703: Status: Improve connected counter. Use atomics and for mod_jk (Apache) currectly count down connections closed by child processes that are stopped. (rjung)
fix 44571: Ensure that we return with status 503 if we can not get and endpoint for a worker. (rjung)
fix Apache: Improve log handling during graceful or normal restart. (rjung)
fix Don't update last access time of worker connections during optional checking of idle connections using CPing. Updating the time stamp breaks closing idle connections. (rjung)
fix Adjust linger parameters used during connection shutdown. (rjung)
fix Fix annoying redefine warnings for the autoconf PACKAGE defines during configure based builds. (rjung)
fix Status: Use multi-line table headers and fix invalid xml output. (rjung)
fix 44571: Implement an optional limit on concurrent requests allowed for a worker (attribute "busy_limit"). Original patch contributed by zealot0630 at gmail dot com. (rjung)
fix Correct log message "all endpoints are disconnected" to "no usable connection found, will create a new one". Tone done from info log level to debug for the common case. (rjung)
add 57536: AJP: Allow to configure connection source address. This should only be used on multi-homed hosts. The feature is experimental. (rjung)
add 57540: AJP: Forward name of SSL protocol used for handling the request (SSLv3, TLSv1, TLSv1.1, TLSv1.2). (rjung)
1.2.39
Fix forwarding of chunked requests, which is broken in version 1.2.39. (rjung)
fix 56352: Fix regression in memory release. (mturk)
fix Fix status worker display of worker IP address after name or port was changed. (rjung)
update 56297: Improve key hash function. Copied from APR. (rjung)
fix 55683: Remove quotes from quoted session cookies. (rjung)
fix 53542: ISAPI: Fix grammar in 503 error page. (rjung)
fix 55696: Crash on Mac OS X 10.9 during config parsing. (rjung)
1.2.38
update Deprecate nt_service from Apache Tomcat Connectors. (mturk)
fix 56133: Fix possible crash when a request fails during request body transfer to the back end and reply_timeout was set. Patch contributed by Hiroto Shimizu. (rjung)
fix Fix status worker not updating parameters for all members. (mturk)
fix 55853: HTTPD: Use the correct API for setting Content-Length. Patch contributed by areese yahoo-inc.com. (rjung)
add Add IPV6 support for connection to webserver. New directive prefer_ipv6 has been added to control the hostname resolution and preserve backward compatibility. (mturk)
add Add --disable-sock-cloexec to configure to disable use of SOCK_CLOEXEC (using FD_CLOEXEC + fnctl instead) so built modules will work with Linux kernels prior to 2.6.27. (timw)
update Clean up config file parsing. Worker names are now restricted to 60 bytes. (rjung)
update Allow to set a stickyness cookie in case a web framework breaks Tomcat's adding of the routing ID to the end of the JSESSIONID cookie. (rjung)
update Use max_packet_size also for request body forwarding. (rjung)
update Apache 2.4: By default forward logical client address as provided by mod_remoteip. When setting JkOptions ForwardPhysicalAddress mod_jk will instead forward the physical peer address. (rjung)
update Minor documentation improvements. (rjung)
|
|
|
|
chat/line-purple: mark as broken
Revisions pulled up:
- chat/line-purple/Makefile 1.6
---
Module Name: pkgsrc
Committed By: maya
Date: Wed Aug 15 09:10:58 UTC 2018
Modified Files:
pkgsrc/chat/line-purple: Makefile
Log Message:
line-purple: mark BROKEN, using this program will get your account banned
Upstream intentionally broke the build, follow the same policy for pkgsrc:
http://altrepo.eu/git/purple-line/commit/1a07012f75d8e86077690d73917b3759fbe9b52c
Reported by scole in PR pkg/53526
|
|
|
|
net/bind99: security fix, NetBSD build fix
net/bind910: security fix, NetBSD build fix
Revisions pulled up:
- net/bind910/Makefile 1.42-1.43
- net/bind910/distinfo 1.35-1.36
- net/bind910/patches/patch-lib_isc_unix_socket.c 1.1
- net/bind99/Makefile 1.75-1.76
- net/bind99/distinfo 1.53-1.54
- net/bind99/patches/patch-lib_isc_unix_socket.c 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Aug 9 14:51:25 UTC 2018
Modified Files:
pkgsrc/net/bind99: Makefile distinfo
Log Message:
net/bind99: update to 9.9.13pl1
Update bind99 to 9.9.13pl1 (9.9.13-P1).
--- 9.9.13-P1 released ---
4997. [security] named could crash during recursive processing
of DNAME records when "deny-answer-aliases" was
in use. (CVE-2018-5740) [GL #387]
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Aug 9 14:49:09 UTC 2018
Modified Files:
pkgsrc/net/bind910: Makefile distinfo
Log Message:
net/bind910: update to 9.10.8pl1
Update bind910 to 9.10.8pl1 (9.10.8-P1).
--- 9.10.8-P1 released ---
4997. [security] named could crash during recursive processing
of DNAME records when "deny-answer-aliases" was
in use. (CVE-2018-5740) [GL #387]
---
Module Name: pkgsrc
Committed By: maya
Date: Mon Aug 13 13:36:25 UTC 2018
Modified Files:
pkgsrc/net/bind99: Makefile distinfo
Added Files:
pkgsrc/net/bind99/patches: patch-lib_isc_unix_socket.c
Log Message:
bind99: Make ENOBUFS a soft error. Needed for netbsd>=8.
See https://gitlab.isc.org/isc-projects/bind9/issues/462
bump PKGREVISION
---
Module Name: pkgsrc
Committed By: maya
Date: Mon Aug 13 13:37:14 UTC 2018
Modified Files:
pkgsrc/net/bind910: Makefile
Added Files:
pkgsrc/net/bind910/patches: patch-lib_isc_unix_socket.c
Log Message:
bind910: Make ENOBUFS a soft error. Needed for netbsd>=8.
See https://gitlab.isc.org/isc-projects/bind9/issues/462
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: maya
Date: Mon Aug 13 13:41:49 UTC 2018
Modified Files:
pkgsrc/net/bind910: distinfo
Log Message:
bind910: also add patch to distinfo.
|
|
pkgtools/pkgin: bugfix
Revisions pulled up:
- pkgtools/pkgin/Makefile 1.82
- pkgtools/pkgin/distinfo 1.52
---
Module Name: pkgsrc
Committed By: jperkin
Date: Tue Jul 3 17:39:35 UTC 2018
Modified Files:
pkgsrc/pkgtools/pkgin: Makefile distinfo
Log Message:
pkgin: Update to 0.11.4.
## Version 0.11.4 (2018-07-03)
* Fix dependency matching to correctly consider DEPENDS rather than simply
attempting to pull in the highest version. Resolves issues with installing
packages depending on samba and their conflicts against tdb and talloc.
|
|
sysutils/smartmontools: NetBSD build fix
Revisions pulled up:
- sysutils/smartmontools/Makefile 1.32
- sysutils/smartmontools/distinfo 1.31
- sysutils/smartmontools/patches/patch-os_netbsd.cpp 1.2
---
Module Name: pkgsrc
Committed By: sevan
Date: Sat Aug 4 19:05:13 UTC 2018
Modified Files:
pkgsrc/sysutils/smartmontools: Makefile distinfo
pkgsrc/sysutils/smartmontools/patches: patch-os_netbsd.cpp
Log Message:
Backport fix for NetBSD on bigendian systems
https://www.smartmontools.org/ticket/943
https://www.smartmontools.org/changeset/4628
|
|
geography/opencpn: build fix
Revisions pulled up:
- geography/opencpn-plugin-debugger/Makefile 1.11
- geography/opencpn-plugin-draw/Makefile 1.17
- geography/opencpn-plugin-statusbar/Makefile 1.8
- geography/opencpn-plugin-watchdog/Makefile 1.15
- geography/opencpn-plugin-watchdog/distinfo 1.10
- geography/opencpn-plugin-watchdog/patches/patch-src_Alarm.cpp 1.2
- geography/opencpn-plugin-watchdog/patches/patch-src_watchdog_pi.cpp 1.2
- geography/opencpn-plugin-weather_routing/Makefile 1.18
- geography/opencpn/Makefile 1.24
- geography/opencpn/distinfo 1.19-1.20
- geography/opencpn/patches/patch-CMakeLists.txt 1.7
- geography/opencpn/patches/patch-plugins_wmm_pi_src_MagneticPlotMap.cpp 1.2
---
Module Name: pkgsrc
Committed By: bouyer
Date: Tue Jul 3 15:14:16 UTC 2018
Modified Files:
pkgsrc/geography/opencpn: distinfo
pkgsrc/geography/opencpn-plugin-watchdog: distinfo
pkgsrc/geography/opencpn-plugin-watchdog/patches: patch-src_Alarm.cpp
patch-src_watchdog_pi.cpp
pkgsrc/geography/opencpn/patches:
patch-plugins_wmm_pi_src_MagneticPlotMap.cpp
Log Message:
newer gcc (e.g. 8.0_RC2) requires <cmath> for std::isnan().
This is only a build fix so no revision bump
---
Module Name: pkgsrc
Committed By: bouyer
Date: Thu Jul 19 17:58:58 UTC 2018
Modified Files:
pkgsrc/geography/opencpn: Makefile distinfo
pkgsrc/geography/opencpn-plugin-debugger: Makefile
pkgsrc/geography/opencpn-plugin-draw: Makefile
pkgsrc/geography/opencpn-plugin-statusbar: Makefile
pkgsrc/geography/opencpn-plugin-watchdog: Makefile
pkgsrc/geography/opencpn-plugin-weather_routing: Makefile
pkgsrc/geography/opencpn/patches: patch-CMakeLists.txt
Log Message:
Do not include buildlink3 files already inclued by wxGTK30/buildlink3.mk
(especially, remove gtk2 buildlink3).
Make opencpn build with gtk3
Conservatively bump PKGREVISIONs
|
|
misc/libreoffice: build fix
Revisions pulled up:
- misc/libreoffice/distinfo 1.59
- misc/libreoffice/patches/patch-external_mysql-connector-cpp_config.h 1.1
---
Module Name: pkgsrc
Committed By: bouyer
Date: Fri Jul 20 09:36:19 UTC 2018
Added Files:
pkgsrc/misc/libreoffice/patches:
patch-external_mysql-connector-cpp_config.h
Log Message:
Define HAVE_INTTYPES_H for __NetBSD__ too.
Fixes build on NetBSD/i386 8.0 at last
---
Module Name: pkgsrc
Committed By: bouyer
Date: Fri Jul 20 09:36:57 UTC 2018
Modified Files:
pkgsrc/misc/libreoffice: distinfo
Log Message:
Update distinfo for new patch-external_mysql-connector-cpp_config.h
|
|
www/apache24: security fix
Revisions pulled up:
- www/apache24/Makefile 1.69-1.70
- www/apache24/distinfo 1.36
- www/apache24/patches/patch-aa 1.2
---
Module Name: pkgsrc
Committed By: jperkin
Date: Wed Jul 4 13:40:45 UTC 2018
Modified Files:
pkgsrc/www/apache24: Makefile
Log Message:
*: Move SUBST_STAGE from post-patch to pre-configure
Performing substitutions during post-patch breaks tools such as mkpatches,
making it very difficult to regenerate correct patches after making changes,
and often leading to substituted string replacements being committed.
---
Module Name: pkgsrc
Committed By: adam
Date: Thu Jul 19 08:53:58 UTC 2018
Modified Files:
pkgsrc/www/apache24: Makefile distinfo
pkgsrc/www/apache24/patches: patch-aa
Log Message:
apache24: updated to 2.4.34
Apache 2.4.34
*) SECURITY: CVE-2018-8011 (cve.mitre.org)
mod_md: DoS via Coredumps on specially crafted requests
*) SECURITY: CVE-2018-1333 (cve.mitre.org)
mod_http2: DoS for HTTP/2 connections by specially crafted requests
*) Introduce zh-cn and zh-tw (simplified and traditional Chinese) error
document translations.
*) event: avoid possible race conditions with modules on the child pool.
*) mod_proxy: Fix a corner case where the ProxyPassReverseCookieDomain or
ProxyPassReverseCookiePath directive could fail to update correctly
'domain=' or 'path=' in the 'Set-Cookie' header.
*) mod_ratelimit: fix behavior when proxing content.
*) core: Re-allow '_' (underscore) in hostnames.
*) mod_authz_core: If several parameters are used in a AuthzProviderAlias
directive, if these parameters are not enclosed in quotation mark, only
the first one is handled. The other ones are silently ignored.
Add a message to warn about such a spurious configuration.
*) mod_md: improvements and bugfixes
- MDNotifyCmd now takes additional parameter that are passed on to the called command.
- ACME challenges have better checks for interference with other modules
- ACME challenges are only handled for domains managed by the module, allowing
other ACME clients to operate for other domains in the server.
- better libressl integration
*) mod_proxy_wstunnel: Add default schema ports for 'ws' and 'wss'.
*) logging: Some early logging-related startup messages could be lost
when using syslog for the global ErrorLog.
*) mod_cache: Handle case of an invalid Expires header value RFC compliant
like the case of an Expires time in the past: allow to overwrite the
non-caching decision using CacheStoreExpired and respect Cache-Control
"max-age" and "s-maxage".
*) mod_xml2enc: Fix forwarding of error metadata/responses.
*) mod_proxy_http: Fix response header thrown away after the previous one
was considered too large and truncated.
*) core: Add and handle AP_GETLINE_NOSPC_EOL flag for ap_getline() family
of functions to consume the end of line when the buffer is exhausted.
*) mod_proxy_http: Add new worker parameter 'responsefieldsize' to
allow maximum HTTP response header size to be increased past 8192
bytes.
*) mod_ssl: Extend SSLOCSPEnable with mode 'leaf' that only checks the leaf
of a certificate chain.
*) http: Fix small memory leak per request when handling persistent
connections.
*) mod_proxy_html: Fix variable interpolation and memory allocation failure
in ProxyHTMLURLMap.
*) mod_remoteip: Fix RemoteIP{Trusted,Internal}ProxyList loading broken by 2.4.30.
*) mod_remoteip: When overriding the useragent address from X-Forwarded-For,
zero out what had been initialized as the connection-level port.
*) core: In ONE_PROCESS/debug mode, cleanup everything when exiting.
*) mod_proxy_balancer: Add hot spare member type and corresponding flag (R).
Hot spare members are used as drop-in replacements for unusable workers
in the same load balancer set. This differs from hot standbys which are
only used when all workers in a set are unusable.
*) suexec: Add --enable-suexec-capabilites support on Linux, to use
setuid/setgid capability bits rather than a setuid root binary.
*) suexec: Add support for logging to syslog as an alternative to
logging to a file; use --without-suexec-logfile --with-suexec-syslog.
*) mod_ssl: Restore 2.4.29 behaviour in SSL vhost merging/enabling
which broke some rare but previously-working configs.
*) core, log: improve sanity checks for the ErrorLog's syslog config, and
explicitly allow only lowercase 'syslog' settings.
*) mod_http2: accurate reporting of h2 data input/output per request via
mod_logio. Fixes an issue where output sizes where counted n-times on
reused slave connections.
*) mod_http2: Fix unnecessary timeout waits in case streams are aborted.
*) mod_http2: restoring the v1.10.16 keepalive timeout behaviour of mod_http2.
*) mod_proxy: Do not restrict the maximum pool size for backend connections
any longer by the maximum number of threads per process and use a better
default if mod_http2 is loaded.
*) mod_slotmem_shm: Add generation number to shm filename to fix races
with graceful restarts.
*) core: Preserve the original HTTP request method in the '%<m' LogFormat
when an path-based ErrorDocument is used.
*) mod_remoteip: make proxy-protocol work on slave connections, e.g. in
HTTP/2 requests.
*) mod_ssl: Fix merging of proxy SSL context outside <Proxy> sections,
regression introduced in 2.4.30.
*) mod_md: Fix compilation with OpenSSL before version 1.0.2.
*) mod_dumpio: do nothing below log level TRACE7.
*) mod_remoteip: Restore compatibility with APR 1.4 (apr_sockaddr_is_wildcard).
*) core: On ECBDIC platforms, some errors related to oversized headers
may be misreported or be logged as ASCII escapes.
*) mod_ssl: Fix cmake-based build.
*) core: Add <IfFile>, <IfDirective> and <IfSection> conditional
section containers.
|
|
|
|
archivers/php-zip: reset revision
databases/php-mssql: reset revision
databases/php-pdo_dblib: reset revision
databases/php-pdo_sqlite: reset revision
textproc/php-intl: reset revision
www/ap-php: reset revision
www/php-curl: reset revision
www/php-fpm: reset revision
Revisions pulled up:
- archivers/php-zip/Makefile 1.22
- databases/php-mssql/Makefile 1.31
- databases/php-pdo_dblib/Makefile 1.28
- databases/php-pdo_sqlite/Makefile 1.31-1.32
- textproc/php-intl/Makefile 1.37-1.38
- www/ap-php/Makefile 1.40-1.41
- www/php-curl/Makefile 1.39
- www/php-fpm/Makefile 1.24-1.25
---
Module Name: pkgsrc
Committed By: ryoon
Date: Fri Jul 20 03:34:33 UTC 2018
Modified Files:
pkgsrc/databases/php-pdo_sqlite: Makefile
pkgsrc/textproc/php-intl: Makefile
pkgsrc/www/ap-php: Makefile
pkgsrc/www/php-fpm: Makefile
Log Message:
Recursive revbump from textproc/icu-62.1
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jul 20 13:33:03 UTC 2018
Modified Files:
pkgsrc/archivers/php-zip: Makefile
pkgsrc/databases/php-mssql: Makefile
pkgsrc/databases/php-pdo_dblib: Makefile
pkgsrc/databases/php-pdo_sqlite: Makefile
pkgsrc/textproc/php-intl: Makefile
pkgsrc/www/ap-php: Makefile
pkgsrc/www/php-curl: Makefile
pkgsrc/www/php-fpm: Makefile
Log Message:
lang/php: reset PKGREVISION
Reset PKGREVISION with all php's version updates.
|
|
lang/php56: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.225
- lang/php56/Makefile.php 1.5
- lang/php56/distinfo 1.49-1.50
- lang/php56/patches/patch-disable-filter-url 1.1
---
Module Name: pkgsrc
Committed By: manu
Date: Wed Jul 18 07:33:12 UTC 2018
Modified Files:
pkgsrc/lang/php56: Makefile.php distinfo
pkgsrc/lang/php70: Makefile.php distinfo
pkgsrc/lang/php71: Makefile.php distinfo
pkgsrc/lang/php72: Makefile.php distinfo
Added Files:
pkgsrc/lang/php56/patches: patch-disable-filter-url
pkgsrc/lang/php70/patches: patch-disable-filter-url
pkgsrc/lang/php71/patches: patch-disable-filter-url
pkgsrc/lang/php72/patches: patch-disable-filter-url
Log Message:
Add pkgsrc build option disable-filter-url to disable php://filter URL
php://filter URL is a feature documented here:
http://php.net/manual/en/wrappers.php.php
Unfortunately, it allows remote control of include() behavior
beyond what many developpers expected, enabling easy dump of
PHP source files. The administrator may want to disable the
feature for security sake, and this option makes that possible.
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jul 20 13:28:48 UTC 2018
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php56: distinfo
Log Message:
lang/php56: update to 5.6.37
19 Jul 2018, PHP 5.6.37
- Exif:
. Fixed bug #76423 (Int Overflow lead to Heap OverFlow in
exif_thumbnail_extract of exif.c). (Stas)
. Fixed bug #76557 (heap-buffer-overflow (READ of size 48) while reading exif
data). (Stas)
- Win32:
. Fixed bug #76459 (windows linkinfo lacks openbasedir check). (Anatol)
|
|
lang/php70: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.224
- lang/php70/Makefile 1.11-1.12
- lang/php70/Makefile.php 1.8-1.9
- lang/php70/distinfo 1.46-1.47
- lang/php70/patches/patch-disable-filter-url 1.1
---
Module Name: pkgsrc
Committed By: maya
Date: Mon Jul 16 10:58:50 UTC 2018
Modified Files:
pkgsrc/lang/php70: Makefile Makefile.php
pkgsrc/lang/php71: Makefile Makefile.php
pkgsrc/lang/php72: Makefile Makefile.php
Log Message:
php*: disable global regs on i386.
Fixes PR pkg/53222 that resurfaced
Remove the previous workaround to add GCC_REQD, which isn't sufficient
any more, possibly due to enabling ssp/fortify?
XXX bumping PKGREVISION might not be sufficient, for the same reason the
GCC_REQD had to be moved to Makefile.php, it affects modules too.
---
Module Name: pkgsrc
Committed By: manu
Date: Wed Jul 18 07:33:12 UTC 2018
Modified Files:
pkgsrc/lang/php56: Makefile.php distinfo
pkgsrc/lang/php70: Makefile.php distinfo
pkgsrc/lang/php71: Makefile.php distinfo
pkgsrc/lang/php72: Makefile.php distinfo
Added Files:
pkgsrc/lang/php56/patches: patch-disable-filter-url
pkgsrc/lang/php70/patches: patch-disable-filter-url
pkgsrc/lang/php71/patches: patch-disable-filter-url
pkgsrc/lang/php72/patches: patch-disable-filter-url
Log Message:
Add pkgsrc build option disable-filter-url to disable php://filter URL
php://filter URL is a feature documented here:
http://php.net/manual/en/wrappers.php.php
Unfortunately, it allows remote control of include() behavior
beyond what many developpers expected, enabling easy dump of
PHP source files. The administrator may want to disable the
feature for security sake, and this option makes that possible.
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jul 20 13:27:28 UTC 2018
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php70: Makefile distinfo
Log Message:
lang/php70: update to 7.0.31
19 Jul 2018 PHP 7.0.31
- Exif:
. Fixed bug #76423 (Int Overflow lead to Heap OverFlow in
exif_thumbnail_extract of exif.c). (Stas)
. Fixed bug #76557 (heap-buffer-overflow (READ of size 48) while reading exif
data). (Stas)
- Win32:
. Fixed bug #76459 (windows linkinfo lacks openbasedir check). (Anatol)
|
|
lang/php72: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.223
- lang/php72/Makefile 1.9-1.12
- lang/php72/Makefile.php 1.5-1.6
- lang/php72/distinfo 1.27-1.28
- lang/php72/patches/patch-disable-filter-url 1.1
---
Module Name: pkgsrc
Committed By: maya
Date: Mon Jul 16 10:58:50 UTC 2018
Modified Files:
pkgsrc/lang/php70: Makefile Makefile.php
pkgsrc/lang/php71: Makefile Makefile.php
pkgsrc/lang/php72: Makefile Makefile.php
Log Message:
php*: disable global regs on i386.
Fixes PR pkg/53222 that resurfaced
Remove the previous workaround to add GCC_REQD, which isn't sufficient
any more, possibly due to enabling ssp/fortify?
XXX bumping PKGREVISION might not be sufficient, for the same reason the
GCC_REQD had to be moved to Makefile.php, it affects modules too.
---
Module Name: pkgsrc
Committed By: manu
Date: Wed Jul 18 07:33:12 UTC 2018
Modified Files:
pkgsrc/lang/php56: Makefile.php distinfo
pkgsrc/lang/php70: Makefile.php distinfo
pkgsrc/lang/php71: Makefile.php distinfo
pkgsrc/lang/php72: Makefile.php distinfo
Added Files:
pkgsrc/lang/php56/patches: patch-disable-filter-url
pkgsrc/lang/php70/patches: patch-disable-filter-url
pkgsrc/lang/php71/patches: patch-disable-filter-url
pkgsrc/lang/php72/patches: patch-disable-filter-url
Log Message:
Add pkgsrc build option disable-filter-url to disable php://filter URL
php://filter URL is a feature documented here:
http://php.net/manual/en/wrappers.php.php
Unfortunately, it allows remote control of include() behavior
beyond what many developpers expected, enabling easy dump of
PHP source files. The administrator may want to disable the
feature for security sake, and this option makes that possible.
---
Module Name: pkgsrc
Committed By: ryoon
Date: Fri Jul 20 03:34:33 UTC 2018
Modified Files:
pkgsrc/lang/php72: Makefile
Log Message:
Recursive revbump from textproc/icu-62.1
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jul 20 13:25:26 UTC 2018
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php72: Makefile distinfo
Log Message:
lang/php72: update to 7.2.8
19 Jul 2018, PHP 7.2.8
- Core:
. Fixed bug #76534 (PHP hangs on 'illegal string offset on string references
with an error handler). (Laruence)
. Fixed bug #76520 (Object creation leaks memory when executed over HTTP).
(Nikita)
. Fixed bug #76502 (Chain of mixed exceptions and errors does not serialize
properly). (Nikita)
- Date:
. Fixed bug #76462 (Undefined property: DateInterval::$f). (Anatol)
- EXIF:
. Fixed bug #76409 (heap use after free in _php_stream_free). (cmb)
. Fixed bug #76423 (Int Overflow lead to Heap OverFlow in
exif_thumbnail_extract of exif.c). (Stas)
. Fixed bug #76557 (heap-buffer-overflow (READ of size 48) while reading exif
data). (Stas)
- FPM:
. Fixed bug #73342 (Vulnerability in php-fpm by changing stdin to
non-blocking). (Nikita)
- GMP:
. Fixed bug #74670 (Integer Underflow when unserializing GMP and possible
other classes). (Nikita)
- intl:
. Fixed bug #76556 (get_debug_info handler for BreakIterator shows wrong
type). (cmb)
- mbstring:
. Fixed bug #76532 (Integer overflow and excessive memory usage
in mb_strimwidth). (MarcusSchwarz)
- Opcache:
. Fixed bug #76477 (Opcache causes empty return value).
(Nikita, Laruence)
- PGSQL:
. Fixed bug #76548 (pg_fetch_result did not fetch the next row). (Anatol)
- phpdbg:
. Fix arginfo wrt. optional/required parameters. (cmb)
- Reflection:
. Fixed bug #76536 (PHP crashes with core dump when throwing exception in
error handler). (Laruence)
. Fixed bug #75231 (ReflectionProperty#getValue() incorrectly works with
inherited classes). (Nikita)
- Standard:
. Fixed bug #76505 (array_merge_recursive() is duplicating sub-array keys).
(Laruence)
. Fixed bug #71848 (getimagesize with $imageinfo returns false). (cmb)
- Win32:
. Fixed bug #76459 (windows linkinfo lacks openbasedir check). (Anatol)
- ZIP:
. Fixed bug #76461 (OPSYS_Z_CPM defined instead of OPSYS_CPM).
(Dennis Birkholz, Remi)
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jul 20 13:29:51 UTC 2018
Modified Files:
pkgsrc/lang/php72: Makefile
Log Message:
lang/php72: reset PKGREVISION
Reset PKGREVISION along with update to 7.2.8.
|
|
lang/php71: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.222
- lang/php71/Makefile 1.14-1.15
- lang/php71/Makefile.php 1.7-1.8
- lang/php71/distinfo 1.39-1.40
- lang/php71/patches/patch-disable-filter-url 1.1
---
Module Name: pkgsrc
Committed By: maya
Date: Mon Jul 16 10:58:50 UTC 2018
Modified Files:
pkgsrc/lang/php70: Makefile Makefile.php
pkgsrc/lang/php71: Makefile Makefile.php
pkgsrc/lang/php72: Makefile Makefile.php
Log Message:
php*: disable global regs on i386.
Fixes PR pkg/53222 that resurfaced
Remove the previous workaround to add GCC_REQD, which isn't sufficient
any more, possibly due to enabling ssp/fortify?
XXX bumping PKGREVISION might not be sufficient, for the same reason the
GCC_REQD had to be moved to Makefile.php, it affects modules too.
---
Module Name: pkgsrc
Committed By: manu
Date: Wed Jul 18 07:33:12 UTC 2018
Modified Files:
pkgsrc/lang/php56: Makefile.php distinfo
pkgsrc/lang/php70: Makefile.php distinfo
pkgsrc/lang/php71: Makefile.php distinfo
pkgsrc/lang/php72: Makefile.php distinfo
Added Files:
pkgsrc/lang/php56/patches: patch-disable-filter-url
pkgsrc/lang/php70/patches: patch-disable-filter-url
pkgsrc/lang/php71/patches: patch-disable-filter-url
pkgsrc/lang/php72/patches: patch-disable-filter-url
Log Message:
Add pkgsrc build option disable-filter-url to disable php://filter URL
php://filter URL is a feature documented here:
http://php.net/manual/en/wrappers.php.php
Unfortunately, it allows remote control of include() behavior
beyond what many developpers expected, enabling easy dump of
PHP source files. The administrator may want to disable the
feature for security sake, and this option makes that possible.
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jul 20 13:23:47 UTC 2018
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php71: Makefile distinfo
Log Message:
lang/php71: update to 7.1.20
19 Jul 2018, PHP 7.1.20
- Core:
. Fixed bug #76534 (PHP hangs on 'illegal string offset on string references
with an error handler). (Laruence)
. Fixed bug #76502 (Chain of mixed exceptions and errors does not serialize
properly). (Nikita)
- Date:
. Fixed bug #76462 (Undefined property: DateInterval::$f). (Anatol)
- exif:
. Fixed bug #76423 (Int Overflow lead to Heap OverFlow in
exif_thumbnail_extract of exif.c). (Stas)
. Fixed bug #76557 (heap-buffer-overflow (READ of size 48) while reading exif
data). (Stas)
- FPM:
. Fixed bug #73342 (Vulnerability in php-fpm by changing stdin to
non-blocking). (Nikita)
- GMP:
. Fixed bug #74670 (Integer Underflow when unserializing GMP and possible
other classes). (Nikita)
- intl:
. Fixed bug #76556 (get_debug_info handler for BreakIterator shows wrong
type). (cmb)
- mbstring:
. Fixed bug #76532 (Integer overflow and excessive memory usage
in mb_strimwidth). (MarcusSchwarz)
- PGSQL:
. Fixed bug #76548 (pg_fetch_result did not fetch the next row). (Anatol)
- phpdbg:
. Fix arginfo wrt. optional/required parameters. (cmb)
- Reflection:
. Fixed bug #76536 (PHP crashes with core dump when throwing exception in
error handler). (Laruence)
. Fixed bug #75231 (ReflectionProperty#getValue() incorrectly works with
inherited classes). (Nikita)
- Standard:
. Fixed bug #76505 (array_merge_recursive() is duplicating sub-array keys).
(Laruence)
. Fixed bug #71848 (getimagesize with $imageinfo returns false). (cmb)
- Win32:
. Fixed bug #76459 (windows linkinfo lacks openbasedir check). (Anatol)
|
|
|
|
lang/gcc48: i386 build fix
lang/gcc5: i386 build fix
lang/gcc6: i386 build fix
lang/gcc7: i386 build fix
lang/gcc8: i386 build fix
Revisions pulled up:
- lang/gcc48-libs/Makefile 1.29
- lang/gcc48/Makefile 1.41
- lang/gcc48/distinfo 1.38
- lang/gcc48/patches/patch-gcc_targhooks.c 1.1
- lang/gcc5-libs/Makefile 1.13
- lang/gcc5/Makefile 1.29
- lang/gcc5/distinfo 1.19
- lang/gcc5/patches/patch-gcc_targhooks.c 1.1
- lang/gcc6-libs/Makefile 1.7
- lang/gcc6/Makefile 1.14
- lang/gcc6/distinfo 1.11
- lang/gcc6/patches/patch-gcc_targhooks.c 1.1
- lang/gcc7-libs/Makefile 1.3
- lang/gcc7/Makefile 1.19
- lang/gcc7/distinfo 1.11
- lang/gcc7/patches/patch-gcc_targhooks.c 1.1
- lang/gcc8/Makefile 1.2
- lang/gcc8/distinfo 1.2
- lang/gcc8/patches/patch-gcc_targhooks.c 1.1
---
Module Name: pkgsrc
Committed By: maya
Date: Wed Jul 18 22:42:57 UTC 2018
Modified Files:
pkgsrc/lang/gcc5: Makefile distinfo
pkgsrc/lang/gcc5-libs: Makefile
Added Files:
pkgsrc/lang/gcc5/patches: patch-gcc_targhooks.c
Log Message:
gcc5: don't try to make references to stack_chk_fail_local on netbsd/sun
sun was added as joyent is patching for the same.
this code is only reached if compiling for i386 (or some variation of ppc)
netbsd's stack_chk_fail_local won't work for this.
PR pkg/53436
---
Module Name: pkgsrc
Committed By: maya
Date: Wed Jul 18 22:35:44 UTC 2018
Modified Files:
pkgsrc/lang/gcc6: Makefile distinfo
pkgsrc/lang/gcc6-libs: Makefile
Added Files:
pkgsrc/lang/gcc6/patches: patch-gcc_targhooks.c
Log Message:
gcc6: don't try to make references to stack_chk_fail_local on netbsd/sun
sun was added as joyent is patching for the same.
this code is only reached if compiling for i386 (or some variation of ppc)
netbsd's stack_chk_fail_local won't work for this.
PR pkg/53436.
---
Module Name: pkgsrc
Committed By: maya
Date: Wed Jul 18 22:55:08 UTC 2018
Modified Files:
pkgsrc/lang/gcc7: Makefile distinfo
pkgsrc/lang/gcc7-libs: Makefile
Added Files:
pkgsrc/lang/gcc7/patches: patch-gcc_targhooks.c
Log Message:
gcc7: don't try to make references to stack_chk_fail_local on netbsd/sun
sun was added as joyent is patching for the same.
this code is only reached if compiling for i386 (or some variation of ppc)
netbsd's stack_chk_fail_local won't work for this.
PR pkg/53436.
---
Module Name: pkgsrc
Committed By: maya
Date: Wed Jul 18 22:56:23 UTC 2018
Modified Files:
pkgsrc/lang/gcc8: Makefile distinfo
Added Files:
pkgsrc/lang/gcc8/patches: patch-gcc_targhooks.c
Log Message:
gcc8: don't try to make references to stack_chk_fail_local on netbsd/sun
sun was added as joyent is patching for the same.
this code is only reached if compiling for i386 (or some variation of ppc)
netbsd's stack_chk_fail_local won't work for this.
PR pkg/53436.
---
Module Name: pkgsrc
Committed By: maya
Date: Wed Jul 18 23:15:42 UTC 2018
Modified Files:
pkgsrc/lang/gcc48: Makefile distinfo
pkgsrc/lang/gcc48-libs: Makefile
Added Files:
pkgsrc/lang/gcc48/patches: patch-gcc_targhooks.c
Log Message:
gcc48: don't try to make references to stack_chk_fail_local on netbsd/sun
sun was added as joyent is patching for the same.
this code is only reached if compiling for i386 (or some variation of ppc)
netbsd's stack_chk_fail_local won't work for this.
bump gcc48-libs PKGREVISION above gcc48
PR pkg/53436.
|
|
|
