Age | Commit message (Collapse) | Author | Files | Lines |
|
www/midori: bugfix
Revisions pulled up:
- www/midori/Makefile 1.130
- www/midori/distinfo 1.30
- www/midori/patches/patch-core_browser.vala 1.1
---
Module Name: pkgsrc
Committed By: nia
Date: Tue Jun 16 13:54:25 UTC 2020
Modified Files:
pkgsrc/www/midori: Makefile distinfo
Added Files:
pkgsrc/www/midori/patches: patch-core_browser.vala
Log Message:
midori: Fix typing / and backspace in the URL bar.
Noticed by benny on twitter
PKGREVISION++
|
|
net/powerdns-recursor: security fix
Revisions pulled up:
- net/powerdns-recursor/Makefile 1.36
- net/powerdns-recursor/distinfo 1.32
- net/powerdns-recursor/patches/patch-iputils.hh deleted
- net/powerdns-recursor/patches/patch-misc.cc 1.1
- net/powerdns-recursor/patches/patch-misc.hh 1.1
- net/powerdns-recursor/patches/patch-pdns__recursor.cc 1.6
- net/powerdns-recursor/patches/patch-rec-carbon.cc 1.1
- net/powerdns-recursor/patches/patch-rec__control.cc 1.1
- net/powerdns-recursor/patches/patch-webserver.cc 1.1
- net/powerdns-recursor/patches/patch-ws-recursor.cc 1.1
---
Module Name: pkgsrc
Committed By: otis
Date: Wed Jun 17 22:55:11 UTC 2020
Modified Files:
pkgsrc/net/powerdns-recursor: Makefile distinfo
Added Files:
pkgsrc/net/powerdns-recursor/patches: patch-misc.cc patch-misc.hh
patch-pdns__recursor.cc patch-rec-carbon.cc patch-rec__control.cc
patch-webserver.cc patch-ws-recursor.cc
Removed Files:
pkgsrc/net/powerdns-recursor/patches: patch-iputils.hh
Log Message:
net/powerdns-recursor: Update to 4.3.1
Changelog since 4.3.0:
* Released:
- 19th of May 2020
* Improvements:
- Add ubuntu focal target.
* Bug Fixes:
- Backport of security fixes for:
- CVE-2020-10995
- CVE-2020-12244
- CVE-2020-10030
- avoid a crash when loading an invalid RPZ.
- RPZ dumpFile/seedFile: store/get SOA refresh on dump/load.
* misc:
- Update boost.m4.
|
|
|
|
graphics/librsvg: NetBSD/arm build fix
Revisions pulled up:
- graphics/librsvg/available.mk 1.2
---
Module Name: pkgsrc
Committed By: nia
Date: Wed Jun 17 10:13:25 UTC 2020
Modified Files:
pkgsrc/graphics/librsvg: available.mk
Log Message:
librsvg: Disable rust version on NetBSD/arm (32-bit)
It doesn't have the address space to build a rust compiler so this
is currently broken.
|
|
www/ruby-websocket-extensions: security fix
Revisions pulled up:
- www/ruby-websocket-extensions/Makefile 1.4
- www/ruby-websocket-extensions/distinfo 1.3
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Jun 14 15:57:43 UTC 2020
Modified Files:
pkgsrc/www/ruby-websocket-extensions: Makefile distinfo
Log Message:
devel/ruby-websocket-extensions: update to 0.1.5
Update ruby-websocket-extensions to 0.1.5.
pkgsrc change:
* Add "USE_LANGUAGES= # none".
* Change LICENSE to apache-2.0.
### 0.1.5 / 2020-06-02
- Remove a ReDoS vulnerability in the header parser (CVE-2020-7663)
### 0.1.4 / 2019-06-10
- Fix a deprecation warning for using the `=~` operator on `true`
- Change license from MIT to Apache 2.0
|
|
net/qbittorrent: i386 build fix
Revisions pulled up:
- net/qbittorrent/Makefile 1.14
---
Module Name: pkgsrc
Committed By: nia
Date: Sat Jun 13 11:21:29 UTC 2020
Modified Files:
pkgsrc/net/qbittorrent: Makefile
Log Message:
qbittorrent: needs 64-bit atomic ops
|
|
net/grpc: i386 build fix
Revisions pulled up:
- net/grpc/Makefile 1.26
---
Module Name: pkgsrc
Committed By: nia
Date: Sat Jun 13 11:26:31 UTC 2020
Modified Files:
pkgsrc/net/grpc: Makefile
Log Message:
grpc: needs 64-bit atomic ops
|
|
emulators/libretro-bsnes-mercury: NetBSD/arm build fix
Revisions pulled up:
- emulators/libretro-bsnes-mercury/Makefile.common 1.7
---
Module Name: pkgsrc
Committed By: nia
Date: Sat Jun 13 10:01:06 UTC 2020
Modified Files:
pkgsrc/emulators/libretro-bsnes-mercury: Makefile.common
Log Message:
libretro-bsnes-mercury: Uncondition HAVE_POSIX_MEMALIGN so it works on 32-bit arm
|
|
x11/qt5-qtwebkit: NetBSD/arm build fix
Revisions pulled up:
- x11/qt5-qtwebkit/Makefile 1.79
---
Module Name: pkgsrc
Committed By: nia
Date: Sat Jun 13 09:47:40 UTC 2020
Modified Files:
pkgsrc/x11/qt5-qtwebkit: Makefile
Log Message:
qt5-qtwebkit: Remove invalid ARM linker args
|
|
sysutils/intel-microcode-netbsd: security fix
Revisions pulled up:
- sysutils/intel-microcode-netbsd/Makefile 1.37-1.39
- sysutils/intel-microcode-netbsd/distinfo 1.29-1.31
---
Module Name: pkgsrc
Committed By: msaitoh
Date: Wed May 13 05:03:24 UTC 2020
Modified Files:
pkgsrc/sysutils/intel-microcode-netbsd: Makefile distinfo
Log Message:
Update intel-microcode-netbsd to 20200508.
== 20200508 Release ==
-- Updates upon 20191115 release --
Processor Identifier Version Products
Model Stepping F-MO-S/PI Old->New
---- new platforms ----------------------------------------
---- updated platforms ------------------------------------
ICL-U/Y D1 6-7e-5/80 00000046->00000078 Core Gen10 Mobile
---- removed platforms ------------------------------------
---
Module Name: pkgsrc
Committed By: msaitoh
Date: Mon Jun 1 15:34:40 UTC 2020
Modified Files:
pkgsrc/sysutils/intel-microcode-netbsd: Makefile distinfo
Log Message:
Update intel-microcode-netbsd to 20200520.
== 20200520 Release ==
-- Updates upon 20200508 release --
Processor Identifier Version Products
Model Stepping F-MO-S/PI Old->New
---- new platforms ----------------------------------------
---- updated platforms ------------------------------------
SNB-E/EN/EP C1/M0 6-2d-6/6d 0000061f->00000621 Xeon E3/E5, Core X
SNB-E/EN/EP C2/M1 6-2d-7/6d 00000718->0000071a Xeon E3/E5, Core X
---- removed platforms ------------------------------------
---
Module Name: pkgsrc
Committed By: msaitoh
Date: Wed Jun 10 02:29:45 UTC 2020
Modified Files:
pkgsrc/sysutils/intel-microcode-netbsd: Makefile distinfo
Log Message:
Update intel-microcode-netbsd to 20200609.
== 20200609 Release ==
-- Updates upon 20200520 release --
Processor Identifier Version Products
Model Stepping F-MO-S/PI Old->New
---- new platforms ----------------------------------------
---- updated platforms ------------------------------------
HSW C0 6-3c-3/32 00000027->00000028 Core Gen4
BDW-U/Y E0/F0 6-3d-4/c0 0000002e->0000002f Core Gen5
HSW-U C0/D0 6-45-1/72 00000025->00000026 Core Gen4
HSW-H C0 6-46-1/32 0000001b->0000001c Core Gen4
BDW-H/E3 E0/G0 6-47-1/22 00000021->00000022 Core Gen5
SKL-U/Y D0 6-4e-3/c0 000000d6->000000dc Core Gen6 Mobile
SKL-U23e K1 6-4e-3/c0 000000d6->000000dc Core Gen6 Mobile
SKX-SP B1 6-55-3/97 01000151->01000157 Xeon Scalable
SKX-SP H0/M0/U0 6-55-4/b7 02000065->02006906 Xeon Scalable
SKX-D M1 6-55-4/b7 02000065->02006906 Xeon D-21xx
CLX-SP B0 6-55-6/bf 0400002c->04002f01 Xeon Scalable Gen2
CLX-SP B1 6-55-7/bf 0500002c->05002f01 Xeon Scalable Gen2
SKL-H/S R0/N0 6-5e-3/36 000000d6->000000dc Core Gen6; Xeon E3 v5
AML-Y22 H0 6-8e-9/10 000000ca->000000d6 Core Gen8 Mobile
KBL-U/Y H0 6-8e-9/c0 000000ca->000000d6 Core Gen7 Mobile
CFL-U43e D0 6-8e-a/c0 000000ca->000000d6 Core Gen8 Mobile
WHL-U W0 6-8e-b/d0 000000ca->000000d6 Core Gen8 Mobile
AML-Y42 V0 6-8e-c/94 000000ca->000000d6 Core Gen10 Mobile
CML-Y42 V0 6-8e-c/94 000000ca->000000d6 Core Gen10 Mobile
WHL-U V0 6-8e-c/94 000000ca->000000d6 Core Gen8 Mobile
KBL-G/H/S/E3 B0 6-9e-9/2a 000000ca->000000d6 Core Gen7; Xeon E3 v6
CFL-H/S/E3 U0 6-9e-a/22 000000ca->000000d6 Core Gen8 Desktop, Mobile, Xeon E
CFL-S B0 6-9e-b/02 000000ca->000000d6 Core Gen8
CFL-H/S P0 6-9e-c/22 000000ca->000000d6 Core Gen9
CFL-H R0 6-9e-d/22 000000ca->000000d6 Core Gen9 Mobile
---- removed platforms ------------------------------------
|
|
|
|
devel/libntlm: security fix
Revisions pulled up:
- devel/libntlm/Makefile 1.22
- devel/libntlm/distinfo 1.12
---
Module Name: pkgsrc
Committed By: wiz
Date: Tue Jun 9 06:18:18 UTC 2020
Modified Files:
pkgsrc/devel/libntlm: Makefile distinfo
Log Message:
libntlm: update to 1.6.
* Version 1.6 (released 2020-04-19)
** Fix buffer overflow in buildSmbNtlmAuth* function. CVE-2019-17455.
Reported by Kirin in <https://gitlab.com/jas/libntlm/-/issues/2> and
patch provided by Cedric Buissart. See newly introduced regression
check test_CVE-2019-17455.c for test of a vulnerable library.
** API and ABI modifications.
No changes since last version.
|
|
sysutils/dbus: security fix
Revisions pulled up:
- sysutils/dbus/Makefile 1.121
- sysutils/dbus/distinfo 1.93
---
Module Name: pkgsrc
Committed By: wiz
Date: Tue Jun 9 07:13:31 UTC 2020
Modified Files:
pkgsrc/sysutils/dbus: Makefile distinfo
Log Message:
dbus: update to 1.12.18.
dbus 1.12.18 (2020-06-02)
=========================
The “telepathic vines” release.
Denial of service fixes:
• CVE-2020-12049: If a message contains more file descriptors than can
be sent, close those that did get through before reporting error.
Previously, a local attacker could cause the system dbus-daemon (or
another system service with its own DBusServer) to run out of file
descriptors, by repeatedly connecting to the server and sending fds that
would get leaked.
Thanks to Kevin Backhouse of GitHub Security Lab.
(dbus#294, GHSL-2020-057; Simon McVittie)
Other fixes:
• Fix a crash when the dbus-daemon is terminated while one or more
monitors are active (dbus#291, dbus!140; Simon McVittie)
• The dbus-send(1) man page now documents --bus and --peer instead of
the old --address synonym for --peer, which has been deprecated since
the introduction of --bus and --peer in 1.7.6
(fd.o #48816, dbus!115; Chris Morin)
• Fix a wrong environment variable name in dbus-daemon(1)
(dbus#275, dbus!122; Mubin, Philip Withnall)
• Fix formatting of dbus_message_append_args example
(dbus!126, Felipe Franciosi)
• Avoid a test failure on Linux when built in a container as uid 0, but
without the necessary privileges to increase resource limits
(dbus!58, Debian #908092; Simon McVittie)
• When building with CMake, cope with libX11 in a non-standard location
(dbus!129, Tuomo Rinne)
|
|
security/gnutls: security fix
Revisions pulled up:
- security/gnutls/Makefile 1.210-1.213
- security/gnutls/PLIST 1.70-1.71
- security/gnutls/PLIST.guile 1.1
- security/gnutls/buildlink3.mk 1.37
- security/gnutls/distinfo 1.143-1.144
- security/gnutls/options.mk 1.3
- security/gnutls/patches/patch-configure 1.5
---
Module Name: pkgsrc
Committed By: adam
Date: Wed Apr 1 08:24:07 UTC 2020
Modified Files:
pkgsrc/security/gnutls: Makefile PLIST distinfo
Added Files:
pkgsrc/security/gnutls/patches: patch-configure
Log Message:
gnutls: updated to 3.6.13
Version 3.6.13:
** libgnutls: Fix a DTLS-protocol regression (caused by TLS1.3 support), since 3.6.3.
The DTLS client would not contribute any randomness to the DTLS negotiation,
breaking the security guarantees of the DTLS protocol
[GNUTLS-SA-2020-03-31, CVSS: high]
** libgnutls: Added new APIs to access KDF algorithms.
** libgnutls: Added new callback gnutls_keylog_func that enables a custom
logging functionality.
** libgnutls: Added support for non-null terminated usernames in PSK
negotiation.
** gnutls-cli-debug: Improved support for old servers that only support
SSL 3.0.
** API and ABI modifications:
gnutls_hkdf_extract: Added
gnutls_hkdf_expand: Added
gnutls_pbkdf2: Added
gnutls_session_get_keylog_function: Added
gnutls_session_set_keylog_function: Added
gnutls_prf_hash_get: Added
gnutls_psk_server_get_username2: Added
gnutls_psk_set_client_credentials2: Added
gnutls_psk_set_client_credentials_function2: Added
gnutls_psk_set_server_credentials_function2: Added
---
Module Name: pkgsrc
Committed By: nikita
Date: Thu May 14 14:30:02 UTC 2020
Modified Files:
pkgsrc/security/gnutls: Makefile buildlink3.mk options.mk
Added Files:
pkgsrc/security/gnutls: PLIST.guile
Log Message:
security/gnutls: revbump, add support for building guile bindings
---
Module Name: pkgsrc
Committed By: leot
Date: Mon Jun 8 19:48:14 UTC 2020
Modified Files:
pkgsrc/security/gnutls: Makefile PLIST distinfo
Log Message:
gnutls: Update to 3.6.14
Changes:
3.6.14
------
* libgnutls: Fixed insecure session ticket key construction, since 3.6.4.
The TLS server would not bind the session ticket encryption key with a
value supplied by the application until the initial key rotation, allowing
attacker to bypass authentication in TLS 1.3 and recover previous
conversations in TLS 1.2 (#1011).
[GNUTLS-SA-2020-06-03, CVSS: high]
* libgnutls: Fixed handling of certificate chain with cross-signed
intermediate CA certificates (#1008).
* libgnutls: Fixed reception of empty session ticket under TLS 1.2 (#997).
* libgnutls: gnutls_x509_crt_print() is enhanced to recognizes commonName
(2.5.4.3), decodes certificate policy OIDs (!1245), and prints Authority
Key Identifier (AKI) properly (#989, #991).
* certtool: PKCS #7 attributes are now printed with symbolic names (!1246).
* libgnutls: Added several improvements on Windows Vista and later releases
(!1257, !1254, !1256). Most notably the system random number generator now
uses Windows BCrypt* API if available (!1255).
* libgnutls: Use accelerated AES-XTS implementation if possible (!1244).
Also both accelerated and non-accelerated implementations check key block
according to FIPS-140-2 IG A.9 (!1233).
* libgnutls: Added support for AES-SIV ciphers (#463).
* libgnutls: Added support for 192-bit AES-GCM cipher (!1267).
* libgnutls: No longer use internal symbols exported from Nettle (!1235)
* API and ABI modifications:
GNUTLS_CIPHER_AES_128_SIV: Added
GNUTLS_CIPHER_AES_256_SIV: Added
GNUTLS_CIPHER_AES_192_GCM: Added
gnutls_pkcs7_print_signature_info: Added
|
|
mail/sympa: security fix
Revisions pulled up:
- mail/sympa/Makefile 1.75-1.76
- mail/sympa/PLIST 1.16-1.17
- mail/sympa/distinfo 1.20-1.21
- mail/sympa/patches/patch-aa 1.10
- mail/sympa/patches/patch-ab 1.8
- mail/sympa/patches/patch-ac 1.6
---
Module Name: pkgsrc
Committed By: bouyer
Date: Mon Apr 27 17:57:52 UTC 2020
Modified Files:
pkgsrc/mail/sympa: Makefile PLIST distinfo
pkgsrc/mail/sympa/patches: patch-aa patch-ab patch-ac
Log Message:
Update to 6.2.54. Main changes since 6.2.16:
* Security and bug fixes
* more translations
* Some scenarios and list creation templates for "intranet" use cases were
made optional: They have been moved into samples/
https://github.com/sympa-community/sympa/issues/119
See also "upgrading notes" (https://sympa-community.github.io/manual/upgrade/notes.html#from-version-prior-to-6250)
for details.
* Hide full email addresses in archives
* Button for full export of subscribers
* Admin function to bulk unsubscribe
* Delete my account" button
* ARC support (Authenticated Received Chain).
---
Module Name: pkgsrc
Committed By: bouyer
Date: Mon Jun 1 21:46:25 UTC 2020
Modified Files:
pkgsrc/mail/sympa: Makefile PLIST distinfo
Log Message:
Update to 6.2.56. Changes since 6.2.54:
Security fix for https://sympa-community.github.io/security/2020-002.html
Translation updates
|
|
mail/roundcube: security fix
Revisions pulled up:
- mail/roundcube-plugin-password/distinfo 1.18-1.19
- mail/roundcube/Makefile 1.93
- mail/roundcube/Makefile.common 1.18-1.19
- mail/roundcube/distinfo 1.69-1.70
- mail/roundcube/options.mk 1.17
- mail/roundcube/patches/patch-program_lib_Roundcube_rcube__mime.php 1.3
- mail/roundcube/patches/patch-rcube_mime_default deleted
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Jun 7 22:07:04 UTC 2020
Modified Files:
pkgsrc/mail/roundcube: Makefile Makefile.common distinfo options.mk
Added Files:
pkgsrc/mail/roundcube/patches:
patch-program_lib_Roundcube_rcube__mime.php
Removed Files:
pkgsrc/mail/roundcube/patches: patch-rcube_mime_default
Log Message:
mail/roundcube: update to 1.4.5
Update roundcube to 1.4.5, including some security fixes.
pkgsrc change:
* Proper replace PHP interpreter.
* Fix php-sockets option to work.
RELEASE 1.4.5
-------------
- Fix bug in extracting required plugins from composer.json that led to spurious error in log (#7364)
- Fix so the database setup description is compatible with MySQL 8 (#7340)
- Markasjunk: Fix regression in jsevent driver (#7361)
- Fix missing flag indication on collapsed thread in Larry and Elastic (#7366)
- Fix default keyservers (use keys.openpgp.org), add note about CORS (#7373, #7367)
- Mailvelope: Use sender's address to find pubkeys to check signatures (#7348)
- Mailvelope: Fix Encrypt button hidden in Elastic (#7353)
- Fix PHP warning: count(): Parameter must be an array or an object... in ID command handler (#7392)
- Fix error when user-configured skin does not exist anymore (#7271)
- Elastic: Fix aspect ratio of a contact photo in mail preview (#7339)
- Fix bug where PDF attachments marked as inline could have not been attached on mail forward (#7382)
- Security: Fix a couple of XSS issues in Installer (#7406)
- Security: Fix XSS issue in template object 'username' (#7406)
- Security: Better fix for CVE-2020-12641
- Security: Fix cross-site scripting (XSS) via malicious XML attachment
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Jun 7 22:08:37 UTC 2020
Modified Files:
pkgsrc/mail/roundcube-plugin-password: distinfo
Log Message:
mail/roundcube-plugin-password: update to 1.4.5
Update roundcube-plugin-password to 1.4.5
RELEASE 1.4.5
-------------
- Password: Fix issue with Modoboa driver (#7372)
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jun 9 00:25:19 UTC 2020
Modified Files:
pkgsrc/mail/roundcube: Makefile.common distinfo
pkgsrc/mail/roundcube-plugin-password: distinfo
Log Message:
mail/roundcube: update to 1.14.6
Update roundcube to 1.14.6.
RELEASE 1.4.6
-------------
- Installer: Fix regression in SMTP test section (#7417)
|
|
|
|
net/powerdns: bugfixes
Revisions pulled up:
- net/powerdns/Makefile 1.55
- net/powerdns/Makefile.common 1.29
- net/powerdns/distinfo 1.40
- net/powerdns/patches/patch-pdns_iputils.hh deleted
---
Module Name: pkgsrc
Committed By: otis
Date: Sun Jun 7 18:55:13 UTC 2020
Modified Files:
pkgsrc/net/powerdns: Makefile Makefile.common distinfo
Removed Files:
pkgsrc/net/powerdns/patches: patch-pdns_iputils.hh
Log Message:
net/powerdns: Update to 4.2.2
Changes since 4.2.1:
* Released:
- 9th of April 2020
* New Features:
- api: add includerings option to statistics endpoint
* Improvements:
- cache: strictly enforce maximum size, and improve cleanup routine
* Bug Fixes:
- fix records ending up in wrong packet section
- avoid IXFR-in corruption when deltas come in close together.
Please see the IXFR-in corruption upgrade notes
- fix out-of-bound access for zero length "serialized" string when
using lmdbbackend.
- bind backend: pthread_mutex_t should be inited and destroyed and not be copied
* Reference:
- https://doc.powerdns.com/authoritative/changelog/4.2.html#change-4.2.2
|
|
www/ruby-em-http-request: security fix
Revisions pulled up:
- www/ruby-em-http-request/Makefile 1.5
- www/ruby-em-http-request/PLIST 1.5
- www/ruby-em-http-request/distinfo 1.6
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jun 2 13:46:43 UTC 2020
Modified Files:
pkgsrc/www/ruby-em-http-request: Makefile PLIST distinfo
Log Message:
www/ruby-em-http-request: update to 1.1.6
Update ruby-em-http-request to 1.1.6.
1.1.6 (2020-06-02)
- Merge TLS verification patch from Faraday (CVE-2020-13482)
- IPv6 literal support
|
|
www/ruby-puma: security fix
Revisions pulled up:
- www/ruby-puma/Makefile 1.23
- www/ruby-puma/distinfo 1.18
---
Module Name: pkgsrc
Committed By: taca
Date: Sun May 24 13:47:49 UTC 2020
Modified Files:
pkgsrc/www/ruby-puma: Makefile distinfo
Log Message:
www/ruby-puma: update to 4.3.5
Update ruby-puma to 4.3.5.
4.3.4/4.3.5 and 3.12.5/3.12.6 / 2020-05-22
Each patchlevel release contains a separate security fix. We recommend
simply upgrading to 4.3.5/3.12.6.
* Security
Fix: Fixed two separate HTTP smuggling vulnerabilities that used the
Transfer-Encoding header. CVE-2020-11076 and CVE-2020-11077.
|
|
www/firefox68-l10n: dependent update
Revisions pulled up:
- www/firefox68-l10n/Makefile 1.14
- www/firefox68-l10n/distinfo 1.11
---
Module Name: pkgsrc
Committed By: nia
Date: Wed Jun 3 13:05:58 UTC 2020
Modified Files:
pkgsrc/www/firefox68-l10n: Makefile distinfo
Log Message:
firefox68-l10n: sync with firefox68
|
|
www/firefox68: security fix
Revisions pulled up:
- www/firefox68/Makefile 1.22
- www/firefox68/distinfo 1.16
- www/firefox68/patches/patch-build_moz.configure_rust.configure 1.1
---
Module Name: pkgsrc
Committed By: nia
Date: Wed Jun 3 13:00:24 UTC 2020
Modified Files:
pkgsrc/www/firefox68: Makefile distinfo
Added Files:
pkgsrc/www/firefox68/patches: patch-build_moz.configure_rust.configure
Log Message:
firefox68: Update to 68.9.0
Security Vulnerabilities fixed in Firefox ESR 68.9
#CVE-2020-12399: Timing attack on DSA signatures in NSS library
#CVE-2020-12405: Use-after-free in SharedWorkerService
#CVE-2020-12406: JavaScript Type confusion with NativeTypes
#CVE-2020-12410: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9
|
|
www/drupal8: security fix
Revisions pulled up:
- www/drupal8/Makefile 1.32-1.33
- www/drupal8/PLIST 1.26
- www/drupal8/distinfo 1.28
---
Module Name: pkgsrc
Committed By: rillig
Date: Sat May 2 13:40:18 UTC 2020
Modified Files:
pkgsrc/www/drupal8: Makefile
Log Message:
www/drupal8: remove SUBST block for nonexistent file
---
Module Name: pkgsrc
Committed By: taca
Date: Wed May 20 16:31:27 UTC 2020
Modified Files:
pkgsrc/www/drupal8: Makefile PLIST distinfo
Log Message:
www/drupal8: update to 8.7.14
Update drupal8 to 8.7.14.
8.7.14 (2020-05-20) -- Security update
View usage statistics for this release
Release notes
Maintenance and security release of the Drupal 8 series.
This release fixes security vulnerabilities. Sites are urged to upgrade
immediately after reading the notes below and the security announcement:
* Drupal core - Moderately critical - Third-party library - SA-CORE-2020-002
No other fixes are included.
|
|
www/drupal7: security fix
Revisions pulled up:
- www/drupal7/Makefile 1.64
- www/drupal7/PLIST 1.25
- www/drupal7/distinfo 1.49
---
Module Name: pkgsrc
Committed By: taca
Date: Wed May 20 16:22:15 UTC 2020
Modified Files:
pkgsrc/www/drupal7: Makefile PLIST distinfo
Log Message:
www/drupal7: update to 7.70
Update drupal7 to 7.70.
Drupal 7.70, 2020-05-19
-----------------------
- Fixed security issues:
- SA-CORE-2020-002
- SA-CORE-2020-003
|
|
www/ruby-rails60: security fix
Revisions pulled up:
- databases/ruby-activerecord60/PLIST 1.2
- databases/ruby-activerecord60/distinfo 1.2-1.3
- devel/ruby-activejob60/distinfo 1.2-1.3
- devel/ruby-activemodel60/distinfo 1.2-1.3
- devel/ruby-activestorage60/distinfo 1.2-1.3
- devel/ruby-activesupport60/distinfo 1.2-1.3
- devel/ruby-railties60/distinfo 1.2-1.3
- mail/ruby-actionmailbox60/distinfo 1.2-1.3
- mail/ruby-actionmailer60/distinfo 1.2-1.3
- textproc/ruby-actiontext60/distinfo 1.2-1.3
- www/ruby-actioncable60/distinfo 1.2-1.3
- www/ruby-actionpack60/distinfo 1.2-1.3
- www/ruby-actionview60/distinfo 1.2-1.3
- www/ruby-rails60/distinfo 1.2-1.3
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:15:25 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activesupport60: distinfo
Log Message:
devel/ruby-activesupport60: update to 6.0.3
Update ruby-activesupport60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* `Array#to_sentence` no longer returns a frozen string.
Before:
['one', 'two'].to_sentence.frozen?
# => true
After:
['one', 'two'].to_sentence.frozen?
# => false
*Nicolas Dular*
* Update `ActiveSupport::Messages::Metadata#fresh?` to work for cookies with expiry set when
`ActiveSupport.parse_json_times = true`.
*Christian Gregg*
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:16:16 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activemodel60: distinfo
Log Message:
devel/ruby-activemodel60: updat to 6.0.3
Update ruby-activemodel60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:16:55 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activejob60: distinfo
Log Message:
devel/ruby-activejob60: update to 6.0.3
Update ruby-activejob60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* While using `perform_enqueued_jobs` test helper enqueued jobs must be stored for the later check with
`assert_enqueued_with`.
*Dmitry Polushkin*
* Add queue name support to Que adapter
*Brad Nauta*, *Wojciech Wnętrzak*
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:17:34 UTC 2020
Modified Files:
pkgsrc/www/ruby-actionview60: distinfo
Log Message:
www/ruby-actionview60: update to 6.0.3
Update ruby-actionview60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* annotated_source_code returns an empty array so TemplateErrors without a
template in the backtrace are surfaced properly by DebugExceptions.
*Guilherme Mansur*, *Kasper Timm Hansen*
* Add autoload for SyntaxErrorInTemplate so syntax errors are correctly raised by DebugExceptions.
*Guilherme Mansur*, *Gannon McGibbon*
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:18:09 UTC 2020
Modified Files:
pkgsrc/www/ruby-actionpack60: distinfo
Log Message:
www/ruby-actionpack60: update to 6.0.3
Update ruby-actionpack60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* Include child session assertion count in ActionDispatch::IntegrationTest
`IntegrationTest#open_session` uses `dup` to create the new session, which
meant it had its own copy of `@assertions`. This prevented the assertions
from being correctly counted and reported.
Child sessions now have their `attr_accessor` overriden to delegate to the
root session.
Fixes #32142
*Sam Bostock*
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:18:56 UTC 2020
Modified Files:
pkgsrc/databases/ruby-activerecord60: PLIST distinfo
Log Message:
databases/ruby-activerecord60: update to 6.0.3
Update ruby-activerecord60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* Recommend applications don't use the `database` kwarg in `connected_to`
The database kwarg in `connected_to` was meant to be used for one-off scripts but is often used in requests. This is really dangerous because it re-establishes a connection every time. It's deprecated in 6.1 and will be removed in 6.2 without replacement. This change soft deprecates it in 6.0 by removing documentation.
*Eileen M. Uchitelle*
* Fix support for PostgreSQL 11+ partitioned indexes.
*Sebastián Palma*
* Add support for beginless ranges, introduced in Ruby 2.7.
*Josh Goodall*
* Fix insert_all with enum values
Fixes #38716.
*Joel Blum*
* Regexp-escape table name for MS SQL
Add `Regexp.escape` to one method in ActiveRecord, so that table names with regular expression characters in them work as expected. Since MS SQL Server uses "[" and "]" to quote table and column names, and those characters are regular expression characters, methods like `pluck` and `select` fail in certain cases when used with the MS SQL Server adapter.
*Larry Reid*
* Store advisory locks on their own named connection.
Previously advisory locks were taken out against a connection when a migration started. This works fine in single database applications but doesn't work well when migrations need to open new connections which results in the lock getting dropped.
In order to fix this we are storing the advisory lock on a new connection with the connection specification name `AdisoryLockBase`. The caveat is that we need to maintain at least 2 connections to a database while migrations are running in order to do this.
*Eileen M. Uchitelle*, *John Crepezzi*
* Ensure `:reading` connections always raise if a write is attempted.
Now Rails will raise an `ActiveRecord::ReadOnlyError` if any connection on the reading handler attempts to make a write. If your reading role needs to write you should name the role something other than `:reading`.
*Eileen M. Uchitelle*
* Enforce fresh ETag header after a collection's contents change by adding
ActiveRecord::Relation#cache_key_with_version. This method will be used by
ActionController::ConditionalGet to ensure that when collection cache versioning
is enabled, requests using ConditionalGet don't return the same ETag header
after a collection is modified. Fixes #38078.
*Aaron Lipman*
* A database URL can now contain a querystring value that contains an equal sign. This is needed to support passing PostgresSQL `options`.
*Joshua Flanagan*
* Retain explicit selections on the base model after applying `includes` and `joins`.
Resolves #34889.
*Patrick Rebsch*
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:20:09 UTC 2020
Modified Files:
pkgsrc/mail/ruby-actionmailer60: distinfo
Log Message:
mail/ruby-actionmailer60: update to 6.0.3
Update ruby-actionmailer60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:20:46 UTC 2020
Modified Files:
pkgsrc/mail/ruby-actionmailbox60: distinfo
Log Message:
mail/ruby-actionmailbox60: update to 6.0.3
Update ruby-actionmailbox60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* Update Mandrill inbound email route to respond appropriately to HEAD requests for URL health checks from Mandrill.
*Bill Cromie*
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:21:24 UTC 2020
Modified Files:
pkgsrc/www/ruby-actioncable60: distinfo
Log Message:
www/ruby-actioncable60: update to 6.0.3
Update to ruby-actioncable60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:22:16 UTC 2020
Modified Files:
pkgsrc/devel/ruby-railties60: distinfo
Log Message:
devel/ruby-railties60: update to 6.0.3
Update ruby-railties60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* Cache compiled view templates when running tests by default
When generating a new app without `--skip-spring`, caching classes is
disabled in `environments/test.rb`. This implicitly disables caching
view templates too. This change will enable view template caching by
adding this to the generated `environments/test.rb`:
````ruby
config.action_view.cache_template_loading = true
````
*Jorge Manrubia*
* `Rails::Application#eager_load!` is available again to load application code
manually as it was possible in previous versions.
Please, note this is not integrated with the whole eager loading logic that
runs when Rails boots with eager loading enabled, you can think of this
method as a vanilla recursive code loader.
This ability has been restored because there are some use cases for it, such
as indexers that need to have all application classes and modules in memory.
*Xavier Noria*
* Generators that inherit from NamedBase respect `--force` option
*Josh Brody*
* Regression fix: The Rake task `zeitwerk:check` supports eager loaded
namespaces which do not have eager load paths, like the recently added
`i18n`. These namespaces are only required to respond to `eager_load!`.
*Xavier Noria*
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:22:55 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activestorage60: distinfo
Log Message:
devel/ruby-activestorage60: update to 6.0.3
Update ruby-activestorage60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:23:36 UTC 2020
Modified Files:
pkgsrc/textproc/ruby-actiontext60: distinfo
Log Message:
textproc/ruby-actiontext60: update to 6.0.3
Update ruby-actiontext60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:24:28 UTC 2020
Modified Files:
pkgsrc/www/ruby-rails60: distinfo
Log Message:
www/ruby-rails60: update to 6.0.3
Finally, update ruby-rails60 to 6.0.3.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:10:27 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activesupport60: distinfo
Log Message:
devel/ruby-activesupport60: update to 6.0.3.1
Update ruby-activesupport60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* [CVE-2020-8165] Deprecate Marshal.load on raw cache read in RedisCacheStore
* [CVE-2020-8165] Avoid Marshal.load on raw cache value in MemCacheStore
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:11:10 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activemodel60: distinfo
Log Message:
devel/ruby-activemodel60: update to 6.0.3.1
Update ruby-activemodel60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:11:43 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activejob60: distinfo
Log Message:
devel/ruby-activejob60: update to 6.0.3.1
Update ruby-activejob60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:12:16 UTC 2020
Modified Files:
pkgsrc/www/ruby-actionview60: distinfo
Log Message:
www/ruby-actionview60: update to 6.0.3.1
Update ruby-actionview60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* [CVE-2020-8167] Check that request is same-origin prior to including CSRF token in XHRs
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:12:50 UTC 2020
Modified Files:
pkgsrc/www/ruby-actionpack60: distinfo
Log Message:
www/ruby-actionpack60: update to 6.0.3.1
Update ruby-actionpack60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* [CVE-2020-8166] HMAC raw CSRF token before masking it, so it cannot be used to reconstruct a per-form token
* [CVE-2020-8164] Return self when calling #each, #each_pair, and #each_value instead of the raw @parameters hash
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:13:24 UTC 2020
Modified Files:
pkgsrc/databases/ruby-activerecord60: distinfo
Log Message:
databases/ruby-activerecord60: update to 6.0.3.1
Update ruby-activerecord60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:14:04 UTC 2020
Modified Files:
pkgsrc/mail/ruby-actionmailer60: distinfo
Log Message:
mail/ruby-actionmailer60: update to 6.0.3.1
Update ruby-actionmailer60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:14:41 UTC 2020
Modified Files:
pkgsrc/mail/ruby-actionmailbox60: distinfo
Log Message:
mail/ruby-actionmailbox60: update to 6.0.3.1
Update ruby-actionmailbox60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:15:14 UTC 2020
Modified Files:
pkgsrc/www/ruby-actioncable60: distinfo
Log Message:
www/ruby-actioncable60: update to 6.0.3.1
Update ruby-actioncable60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:15:47 UTC 2020
Modified Files:
pkgsrc/devel/ruby-railties60: distinfo
Log Message:
devel/ruby-railties60: update to 6.0.3.1
Update ruby-railties60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:16:26 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activestorage60: distinfo
Log Message:
devel/ruby-activestorage60: update to 6.0.3.1
Update ruby-activestorage60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* [CVE-2020-8162] Include Content-Length in signature for ActiveStorage direct upload
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:17:01 UTC 2020
Modified Files:
pkgsrc/textproc/ruby-actiontext60: distinfo
Log Message:
textproc/ruby-actiontext60: update to 6.0.3.1
Update ruby-actiontext60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:17:45 UTC 2020
Modified Files:
pkgsrc/www/ruby-rails60: distinfo
Log Message:
www/ruby-rails60: update to 6.0.3.1.
Finally, update ruby-rails60 to 6.0.3.1.
|
|
www/ruby-rails52: security fix
Revisions pulled up:
- lang/ruby/rails.mk patch
- databases/ruby-activerecord52/distinfo 1.4
- devel/ruby-activejob52/distinfo 1.4
- devel/ruby-activemodel52/distinfo 1.4
- devel/ruby-activestorage52/distinfo 1.4
- devel/ruby-activesupport52/distinfo 1.4
- devel/ruby-railties52/distinfo 1.4
- mail/ruby-actionmailer52/distinfo 1.4
- www/ruby-actioncable52/distinfo 1.4
- www/ruby-actionpack52/distinfo 1.4
- www/ruby-actionview52/distinfo 1.4
- www/ruby-rails52/distinfo 1.4
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:33:41 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activesupport52: distinfo
Log Message:
devel/ruby-activesupport52: update to 5.2.4.3
Update ruby-activesupport52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* [CVE-2020-8165] Deprecate Marshal.load on raw cache read in RedisCacheStore
* [CVE-2020-8165] Avoid Marshal.load on raw cache value in MemCacheStore
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:34:47 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activemodel52: distinfo
Log Message:
devel/ruby-activemodel52: update to 5.2.4.3
Update ruby-activemodel52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:35:30 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activejob52: distinfo
Log Message:
devel/ruby-activejob52: update to 5.2.4.3
Update ruby-activejob52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:36:18 UTC 2020
Modified Files:
pkgsrc/www/ruby-actionview52: distinfo
Log Message:
www/ruby-actionview52: update to 5.2.4.3
Update ruby-actionview52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* [CVE-2020-8167] Check that request is same-origin prior to including CSRF token in XHRs
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:36:58 UTC 2020
Modified Files:
pkgsrc/www/ruby-actionpack52: distinfo
Log Message:
www/ruby-actionpack52: update to 5.2.4.3
Update ruby-actionpack52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* [CVE-2020-8166] HMAC raw CSRF token before masking it, so it cannot be used to reconstruct a per-form token
* [CVE-2020-8164] Return self when calling #each, #each_pair, and #each_value instead of the raw @parameters hash
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:37:46 UTC 2020
Modified Files:
pkgsrc/www/ruby-actioncable52: distinfo
Log Message:
www/ruby-actioncable52: update to 5.2.4.3
Update ruby-actioncable52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:38:35 UTC 2020
Modified Files:
pkgsrc/databases/ruby-activerecord52: distinfo
Log Message:
databases/ruby-activerecord52: update to 5.2.4.3
Update ruby-activerecord52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:39:12 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activestorage52: distinfo
Log Message:
devel/ruby-activestorage52: update to 5.2.4.3
Update ruby-activestorage52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* [CVE-2020-8162] Include Content-Length in signature for ActiveStorage direct upload
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:39:54 UTC 2020
Modified Files:
pkgsrc/mail/ruby-actionmailer52: distinfo
Log Message:
mail/ruby-actionmailer52: update to 5.2.4.3
Update ruby-actionmailer52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:40:32 UTC 2020
Modified Files:
pkgsrc/devel/ruby-railties52: distinfo
Log Message:
devel/ruby-railties52: update to 5.2.4.3
Update ruby-railties52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:41:07 UTC 2020
Modified Files:
pkgsrc/www/ruby-rails52: distinfo
Log Message:
www/ruby-rails52: update to 5.2.4.3
Finally, update ruby-rails52 to 5.2.4.3.
|
|
|
|
audio/adplay: dependent update
Revisions pulled up:
- audio/adplay/Makefile 1.4
- audio/adplay/distinfo 1.2
- audio/adplay/patches/patch-configure 1.1
---
Module Name: pkgsrc
Committed By: nia
Date: Thu May 21 21:00:49 UTC 2020
Modified Files:
pkgsrc/audio/adplay: Makefile distinfo
Added Files:
pkgsrc/audio/adplay/patches: patch-configure
Log Message:
adplay: Work around breakage caused by adplug-2.3.2
Pointed out by joerg
|
|
audio/adplug: security fix
Revisions pulled up:
- audio/adplug/Makefile 1.11
- audio/adplug/PLIST 1.4
- audio/adplug/distinfo 1.8
---
Module Name: pkgsrc
Committed By: nia
Date: Thu May 21 13:39:55 UTC 2020
Modified Files:
pkgsrc/audio/adplug: Makefile PLIST distinfo
Log Message:
adplug: Update to 2.3.2
Changes for version 2.3.2:
--------------------------
- Bug fixes:
- FMOPL: Fix global variable pointer double-free (CVE-2018-17825)
- HERAD: Fix compilation on GCC 4.2.1
- ADL: Calling rewind() before update() causes access violation
- Move OPL reset/init code to rewind() for some players
|
|
www/py-httplib2: security fix
Revisions pulled up:
- www/py-httplib2/Makefile 1.24-1.25
- www/py-httplib2/distinfo 1.21-1.22
---
Module Name: pkgsrc
Committed By: adam
Date: Wed May 20 15:29:53 UTC 2020
Modified Files:
pkgsrc/www/py-httplib2: Makefile distinfo
Log Message:
py-httplib2: updated to 0.18.0
0.18.0
IMPORTANT security vulnerability CWE-93 CRLF injection
Force %xx quote of space, CR, LF characters in uri.
Special thanks to Recar https://github.com/Ciyfly for discrete notification.
https://cwe.mitre.org/data/definitions/93.html
0.17.4
Ship test suite in source dist
https://github.com/httplib2/httplib2/pull/168
---
Module Name: pkgsrc
Committed By: adam
Date: Thu May 21 06:19:59 UTC 2020
Modified Files:
pkgsrc/www/py-httplib2: Makefile distinfo
Log Message:
py-httplib2: updated to 0.18.1
0.18.1
explicit build-backend workaround for pip build isolation bug
"AttributeError: 'module' object has no attribute '__legacy__'" on pip install
|
|
chat/irssi: bugfix
Revisions pulled up:
- chat/irssi/Makefile 1.98-1.99
- chat/irssi/distinfo 1.52
- chat/irssi/patches/patch-src_fe-text_term-terminfo.c 1.1
---
Module Name: pkgsrc
Committed By: maya
Date: Mon May 18 18:38:31 UTC 2020
Modified Files:
pkgsrc/chat/irssi: Makefile distinfo
Added Files:
pkgsrc/chat/irssi/patches: patch-src_fe-text_term-terminfo.c
Log Message:
irssi: grab pull request from upstream fixing hangs with ctrl+space
bump pkgrevision
---
Module Name: pkgsrc
Committed By: maya
Date: Mon May 18 19:15:38 UTC 2020
Modified Files:
pkgsrc/chat/irssi: Makefile
Log Message:
irssi: remove random debug leftover
|
|
|
|
net/bind914: security fix
Revisions pulled up:
- net/bind914/Makefile 1.21
- net/bind914/distinfo 1.15
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 10:23:04 UTC 2020
Modified Files:
pkgsrc/net/bind914: Makefile distinfo
Log Message:
net/bind914: update to 9.14.12
Update bind914 to 9.14.12 (BIND 9.14.12).
Note from release announce:
BIND 9.14.12 is the final planned release in the now End-of-Life (EOL)
9.14 branch.
--- 9.14.12 released ---
5395. [security] Further limit the number of queries that can be
triggered from a request. Root and TLD servers
are no longer exempt from max-recursion-queries.
Fetches for missing name server address records
are limited to 4 for any domain. (CVE-2020-8616)
[GL #1388]
5390. [security] Replaying a TSIG BADTIME response as a request could
trigger an assertion failure. (CVE-2020-8617)
[GL #1703]
5376. [bug] Fix ineffective DNS rebinding protection when BIND is
configured as a forwarding DNS server. Thanks to Tobias
Klein. [GL #1574]
5358. [bug] Inline master zones whose master files were touched
but otherwise unchanged and were subsequently reloaded
may have stopped re-signing. [GL !3135]
5357. [bug] Newly added RRSIG records with expiry times before
the previous earliest expiry times might not be
re-signed in time. This was a side effect of 5315.
[GL !3137]
|
|
net/bind911: security fix
Revisions pulled up:
- net/bind911/Makefile 1.23-1.24
- net/bind911/PLIST 1.3
- net/bind911/distinfo 1.17-1.18
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Apr 18 06:12:28 UTC 2020
Modified Files:
pkgsrc/net/bind911: Makefile PLIST distinfo
Log Message:
net/bind911: update to 9.11.18
Update bind911 to 9.11.18 (BIND 9.11.18).
--- 9.11.18 released ---
5380. [contrib] Fix building MySQL DLZ modules against MySQL 8
libraries. [GL #1678]
5379. [doc] Clean up serve-stale related options that leaked into
the BIND 9.11 release. [GL !3265]
5378. [bug] Receiving invalid DNS data was triggering an assertion
failure in nslookup. [GL #1652]
5377. [feature] Detect atomic operations support on ppc64le. Thanks to
Petr Men=A8=EDk. [GL !3295]
5376. [bug] Fix ineffective DNS rebinding protection when BIND is
configured as a forwarding DNS server. Thanks to Tobias
Klein. [GL #1574]
5368. [bug] Named failed to restart if 'rndc addzone' names
contained special characters (e.g. '/'). [GL #1655]
--- 9.11.17 released ---
5358. [bug] Inline master zones whose master files were touched
but otherwise unchanged and were subsequently reloaded
may have stopped re-signing. [GL !3135]
5357. [bug] Newly added RRSIG records with expiry times before
the previous earliest expiry times might not be
re-signed in time. The was a side effect of 5315.
[GL !3137]
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 10:21:25 UTC 2020
Modified Files:
pkgsrc/net/bind911: Makefile distinfo
Log Message:
net/bind911: update to 9.11.19
Update bind911 to 9.11.19 (BIND 9.11.19).
--- 9.11.19 released ---
5404. [bug] 'named-checkconf -z' could incorrectly indicate
success if errors were found in one view but not in a
subsequent one. [GL #1807]
5398. [bug] Named could fail to restart if a zone with a double
quote (") in its name was added with 'rndc addzone'.
[GL #1695]
5395. [security] Further limit the number of queries that can be
triggered from a request. Root and TLD servers
are no longer exempt from max-recursion-queries.
Fetches for missing name server address records
are limited to 4 for any domain. (CVE-2020-8616)
[GL #1388]
5394. [cleanup] Named formerly attempted to change the effective UID an=
d
GID in named_os_openfile(), which could trigger a
spurious log message if they were already set to the
desired values. This has been fixed. [GL #1042]
[GL #1090]
5390. [security] Replaying a TSIG BADTIME response as a request could
trigger an assertion failure. (CVE-2020-8617)
[GL #1703]
5387. [func] Warn about AXFR streams with inconsistent message IDs.
[GL #1674]
|
|
games/teeworlds: security fix
Revisions pulled up:
- games/teeworlds/Makefile 1.16
- games/teeworlds/PLIST 1.4
- games/teeworlds/distinfo 1.5
---
Module Name: pkgsrc
Committed By: nia
Date: Tue May 19 11:46:26 UTC 2020
Modified Files:
pkgsrc/games/teeworlds: Makefile PLIST distinfo
Log Message:
teeworlds: Update to 0.7.5
An exploit was discovered, that allows to crash any 0.7 Teeworlds server.
Though it does not compromise the security of the host (e.g. no arbitrary
accesses in memory) it lets an attacker force a server to repetitively shut
down (CVE-2020-12066).
The 0.7.5 release is a security update that aims to patch this server
exploit. As such, it is very light in features, and is mostly made of fixes.
|
|
graphics/libexif: security fix
Revisions pulled up:
- graphics/libexif/Makefile 1.48
- graphics/libexif/PLIST 1.22
- graphics/libexif/distinfo 1.32
- graphics/libexif/patches/patch-libexif_exif-data.c deleted
---
Module Name: pkgsrc
Committed By: nia
Date: Tue May 19 11:20:01 UTC 2020
Modified Files:
pkgsrc/graphics/libexif: Makefile PLIST distinfo
Removed Files:
pkgsrc/graphics/libexif/patches: patch-libexif_exif-data.c
Log Message:
libexif: Update to 0.6.22
libexif-0.6.22 (2020-05-18):
* New translations: ms
* Updated translations for most languages
* Fixed C89 compatibility
* Fixed warnings on recent versions of autoconf
* Some useful EXIF 2.3 tag added:
* EXIF_TAG_GAMMA
* EXIF_TAG_COMPOSITE_IMAGE
* EXIF_TAG_SOURCE_IMAGE_NUMBER_OF_COMPOSITE_IMAGE
* EXIF_TAG_SOURCE_EXPOSURE_TIMES_OF_COMPOSITE_IMAGE
* EXIF_TAG_GPS_H_POSITIONING_ERROR
* EXIF_TAG_CAMERA_OWNER_NAME
* EXIF_TAG_BODY_SERIAL_NUMBER
* EXIF_TAG_LENS_SPECIFICATION
* EXIF_TAG_LENS_MAKE
* EXIF_TAG_LENS_MODEL
* EXIF_TAG_LENS_SERIAL_NUMBER
* Lots of fixes exposed by fuzzers like AFL, ClusterFuzz, OSSFuzz and others.
* CVE-2018-20030: Fix for recursion DoS
* CVE-2020-13114: Time consumption DoS when parsing canon array markers
* CVE-2020-13113: Potential use of uninitialized memory
* CVE-2020-13112: Various buffer overread fixes due to integer overflows in maker notes
* CVE-2020-0093: read overflow
* CVE-2019-9278: replaced integer overflow checks the compiler could optimize away by safer constructs
* CVE-2020-12767: fixed division by zero
* CVE-2016-6328: fixed integer overflow when parsing maker notes
* CVE-2017-7544: fixed buffer overread
|
|
net/unbound: security fix
Revisions pulled up:
- net/unbound/Makefile 1.78
- net/unbound/distinfo 1.58
---
Module Name: pkgsrc
Committed By: he
Date: Tue May 19 08:39:31 UTC 2020
Modified Files:
pkgsrc/net/unbound: Makefile distinfo
Log Message:
Update unbound to version 1.10.1.
Pkgsrc changes:
* None.
Upstream changes:
This release fixes CVE-2020-12662 and CVE-2020-12663.
Bug Fixes:
- CVE-2020-12662 Unbound can be tricked into amplifying an incoming
query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
used to make Unbound unresponsive.
|
|
mail/dovecot2: security fix
Revisions pulled up:
- mail/dovecot2/Makefile.common 1.40
- mail/dovecot2/distinfo 1.104
---
Module Name: pkgsrc
Committed By: taca
Date: Mon May 18 14:20:47 UTC 2020
Modified Files:
pkgsrc/mail/dovecot2: Makefile.common distinfo
pkgsrc/mail/dovecot2-sqlite: Makefile
Log Message:
mail/dovecot2: update to 2.3.10.1
Update dovecot2 to 2.3.10.1.
v2.3.10.1 2020-05-18 Aki Tuomi <aki.tuomi@open-xchange.com>
- CVE-2020-10957: lmtp/submission: A client can crash the server by
sending a NOOP command with an invalid string parameter. This occurs
particularly for a parameter that doesn't start with a double quote.
This applies to all SMTP services, including submission-login, which
makes it possible to crash the submission service without
authentication.
- CVE-2020-10958: lmtp/submission: Sending many invalid or unknown
commands can cause the server to access freed memory, which can lead
to a server crash. This happens when the server closes the connection
with a "421 Too many invalid commands" error. The bad command limit
depends on the service (lmtp or submission) and varies between 10 to
20 bad commands.
- CVE-2020-10967: lmtp/submission: Issuing the RCPT command with an
address that has the empty quoted string as local-part causes the lmtp
service to crash.
|
|
|
|
mail/mailman: security fix
Revisions pulled up:
- mail/mailman/Makefile 1.91
- mail/mailman/PLIST 1.29
- mail/mailman/distinfo 1.27
---
Module Name: pkgsrc
Committed By: nia
Date: Fri May 15 09:40:46 UTC 2020
Modified Files:
pkgsrc/mail/mailman: Makefile PLIST distinfo
Log Message:
mailman: Update to 2.1.33
>From jcea via pkgsrc-wip
2.1.33 (07-May-2020)
Security
- A content injection vulnerability via the private login page has been
fixed. (LP: #1877379)
2.1.32 (05-May-2020)
i18n
Fixed a typo in the Spanish translation and uptated mailman.pot and
the message catalog for 2.1.31 security fix.
2.1.31 (05-May-2020)
Security
- A content injection vulnerability via the options login page has been
discovered and reported by Vishal Singh. This is fixed. (LP: #1873722)
i18n
- The Spanish translation has been updated by Omar Walid Llorente.
Bug Fixes and other patches
- Bounce recognition for a non-compliant Yahoo format is added.
- Archiving workaround for non-ascii in string.lowercase in some Python
packages is added.
2.1.30 (13-Apr-2020)
New Features
- Thanks to Jim Popovitch, there is now a dmarc_moderation_addresses
list setting that can be used to apply dmarc_moderation_action to mail
From: addresses listed or matching listed regexps. This can be used
to modify mail to addresses that don't accept external mail From:
themselves.
- There is a new MAX_LISTNAME_LENGTH setting. The fix for LP: #1780874
obtains a list of the names of all the all the lists in the installation
in order to determine the maximum length of a legitimate list name. It
does this on every web access and on sites with a very large number of
lists, this can have performance implications. See the description in
Defaults.py for more information.
- Thanks to Ralf Jung there is now the ability to add text based captchas
(aka textchas) to the listinfo subscribe form. See the documentation
for the new CAPTCHA setting in Defaults.py for how to enable this. Also
note that if you have custom listinfo.html templates, you will have to
add a <mm-captcha-ui> tag to those templates to make this work. This
feature can be used in combination with or instead of the Google
reCAPTCHA feature added in 2.1.26.
- Thanks to Ralf Hildebrandt the web admin Membership Management section
now has a feature to sync the list's membership with a list of email
addresses as with the bin/sync_members command.
- There is a new drop_cc list attribute set from DEFAULT_DROP_CC. This
controls the dropping of addresses from the Cc: header in delivered
messages by the duplicate avoidance process. (LP: #1845751)
- There is a new REFUSE_SECOND_PENDING mm_cfg.py setting that will cause
a second request to subscribe to a list when there is already a pending
confirmation for that user. This can be set to Yes to prevent
mailbombing of a third party by repeatedly posting the subscribe form.
(LP: #1859104)
i18n
- The Japanese translation has been updated by Yasuhito FUTATSUKI.
- The German translation has been updated by Ludwig Reiter.
- The Spanish translation has been updated by Omar Walid Llorente.
- The Brazilian Portugese translation has been updated by Emerson de Mello.
Bug Fixes and other patches
- Fixed the confirm CGI to catch a rare TypeError on simultaneous
confirmations of the same token. (LP: #1785854)
- Scrubbed application/octet-stream MIME parts will now be given a
.bin extension instead of .obj.
- Added bounce recognition for a non-compliant opensmtpd DSN with
Action: error. (LP: #1805137)
- Corrected and augmented some security log messages. (LP: #1810098)
- Implemented use of QRUNNER_SLEEP_TIME for bin/qrunner --runner=All.
(LP: #1818205)
- Leading/trailing spaces in provided email addresses for login to private
archives and the user options page are now ignored. (LP: #1818872)
- Fixed the spelling of the --no-restart option for mailmanctl.
- Fixed an issue where certain combinations of charset and invalid
characters in a list's description could produce a List-ID header
without angle brackets. (LP: #1831321)
- With the Postfix MTA and virtual domains, mappings for the site list
-bounces and -request addresses in each virtual domain are now added
to data/virtual-mailman (-owner was done in 2.1.24). (LP: #1831777)
- The paths.py module now extends sys.path with the result of
site.getsitepackages() if available. (LP: #1838866)
- A bug causing a UnicodeDecodeError in preparing to send the confirmation
request message to a new subscriber has been fixed. (LP: #1851442)
- The SimpleMatch heuristic bounce recognizer has been improved to not
return most invalid email addresses. (LP: #1859011)
|
|
lang/php72: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.298
- lang/php72/distinfo 1.55
---
Module Name: pkgsrc
Committed By: taca
Date: Thu May 14 14:26:59 UTC 2020
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php72: distinfo
Log Message:
lang/php72: update to 7.2.31
Update php72 to 7.2.31 (PHP 7.2.31).
14 May 2020, PHP 7.2.31
- Core:
. Fixed bug #78875 (Long filenames cause OOM and temp files are not cleaned).
(CVE-2019-11048) (cmb)
. Fixed bug #78876 (Long variables in multipart/form-data cause OOM and temp
files are not cleaned). (CVE-2019-11048) (cmb)
|
|
lang/php74: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.297
- lang/php74/distinfo 1.8
---
Module Name: pkgsrc
Committed By: taca
Date: Thu May 14 14:24:53 UTC 2020
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php74: distinfo
Log Message:
lang/php74: update to 7.4.6
Update php74 to 7.4.6 (PHP 7.4.6).
14 May 2020, PHP 7.4.6
- Core:
. Fixed bug #78434 (Generator yields no items after valid() call). (Nikita)
. Fixed bug #79477 (casting object into array creates references). (Nikita)
. Fixed bug #79514 (Memory leaks while including unexistent file). (cmb,
Nikita)
. Fixed bug #79470 (PHP incompatible with 3rd party file system on demand).
(cmb)
. Fixed bug #78784 (Unable to interact with files inside a VFS for Git
repository). (cmb)
. Fixed bug #78875 (Long variables cause OOM and temp files are not cleaned).
(cmb) (CVE-2019-11048)
. Fixed bug #78876 (Long variables cause OOM and temp files are not cleaned).
(cmb) (CVE-2019-11048)
- DOM:
. Fixed bug #78221 (DOMNode::normalize() doesn't remove empty text nodes).
(cmb)
- EXIF:
. Fixed bug #79336 (ext/exif/tests/bug79046.phpt fails on Big endian arch).
(Nikita)
- FCGI:
. Fixed bug #79491 (Search for .user.ini extends up to root dir). (cmb)
- MBString:
. Fixed bug #79441 (Segfault in mb_chr() if internal encoding is unsupported).
(Girgias)
- OpenSSL:
. Fixed bug #79497 (stream_socket_client() throws an unknown error sometimes
with <1s timeout). (Joe Cai)
- PCRE:
. Upgraded to PCRE2 10.34. (cmb)
- Phar:
. Fixed bug #79503 (Memory leak on duplicate metadata). (cmb)
- SimpleXML:
. Fixed bug #79528 (Different object of the same xml between 7.4.5 and
7.4.4). (cmb)
- SPL:
. Fixed bug #69264 (__debugInfo() ignored while extending SPL classes). (cmb)
. Fixed bug #67369 (ArrayObject serialization drops the iterator class).
(Alex Dowad)
- Standard:
. Fixed bug #79468 (SIGSEGV when closing stream handle with a stream filter
appended). (dinosaur)
. Fixed bug #79447 (Serializing uninitialized typed properties with __sleep
should not throw). (nicolas-grekas)
|
|
devel/SDL: security fix
Revisions pulled up:
- devel/SDL/Makefile 1.139
- devel/SDL/distinfo 1.83
- devel/SDL/patches/patch-src_video_SDL__bmp.c 1.2
---
Module Name: pkgsrc
Committed By: nia
Date: Thu May 14 14:44:17 UTC 2020
Modified Files:
pkgsrc/devel/SDL: Makefile distinfo
pkgsrc/devel/SDL/patches: patch-src_video_SDL__bmp.c
Log Message:
SDL: fix CVE-2019-13616
bump PKGREVISION
|
|
lang/php73: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.296
- lang/php73/distinfo 1.22
---
Module Name: pkgsrc
Committed By: taca
Date: Thu May 14 14:23:08 UTC 2020
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php73: distinfo
Log Message:
lang/php73: update to 7.3.18
Update php73 to 7.3.18 (PHP 7.3.18).
14 May 2020, PHP 7.3.18
- Core:
. Fixed bug #78875 (Long filenames cause OOM and temp files are not cleaned).
(CVE-2019-11048) (cmb)
. Fixed bug #78876 (Long variables in multipart/form-data cause OOM and temp
files are not cleaned). (CVE-2019-11048) (cmb)
. Fixed bug #79434 (PHP 7.3 and PHP-7.4 crash with NULL-pointer dereference
on !CS constant). (Nikita)
. Fixed bug #79477 (casting object into array creates references). (Nikita)
. Fixed bug #79470 (PHP incompatible with 3rd party file system on demand).
(cmb)
. Fixed bug #78784 (Unable to interact with files inside a VFS for Git
repository). (cmb)
- DOM:
. Fixed bug #78221 (DOMNode::normalize() doesn't remove empty text nodes).
(cmb)
- FCGI:
. Fixed bug #79491 (Search for .user.ini extends up to root dir). (cmb)
- MBString:
. Fixed bug #79441 (Segfault in mb_chr() if internal encoding is unsupported).
(Girgias)
- OpenSSL:
. Fixed bug #79497 (stream_socket_client() throws an unknown error sometimes
with <1s timeout). (Joe Cai)
- Phar:
. Fix bug #79503 (Memory leak on duplicate metadata). (cmb)
- SimpleXML:
. Fixed bug #79528 (Different object of the same xml between 7.4.5 and
7.4.4). (cmb)
- Standard:
. Fixed bug #79468 (SIGSEGV when closing stream handle with a stream filter
appended). (dinosaur)
|
|
security/cyrus-sasl: security fix
Revisions pulled up:
- security/cyrus-sasl/Makefile 1.77
- security/cyrus-sasl/distinfo 1.38
- security/cyrus-sasl/patches/patch-CVE-2019-19906 1.1
---
Module Name: pkgsrc
Committed By: nia
Date: Thu May 14 14:27:32 UTC 2020
Modified Files:
pkgsrc/security/cyrus-sasl: Makefile distinfo
Added Files:
pkgsrc/security/cyrus-sasl/patches: patch-CVE-2019-19906
Log Message:
cyrus-sasl: Fix CVE-2019-19906
|
|
security/clamav: security fix
Revisions pulled up:
- security/clamav/Makefile 1.64-1.65
- security/clamav/Makefile.common 1.16
- security/clamav/distinfo 1.33
---
Module Name: pkgsrc
Committed By: adam
Date: Wed May 6 14:05:09 UTC 2020
Modified Files:
pkgsrc/security/clamav: Makefile
Log Message:
revbump after boost update
---
Module Name: pkgsrc
Committed By: taca
Date: Wed May 13 14:58:58 UTC 2020
Modified Files:
pkgsrc/security/clamav: Makefile Makefile.common distinfo
Log Message:
security/clamav: update to 0.102.3
Update clamav to 0.102.3.
## 0.102.3
ClamAV 0.102.3 is a bug patch release to address the following issues.
- [CVE-2020-3327](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3327):
Fix a vulnerability in the ARJ archive parsing module in ClamAV 0.102.2 that
could cause a Denial-of-Service (DoS) condition. Improper bounds checking of
an unsigned variable results in an out-of-bounds read which causes a crash.
Special thanks to Daehui Chang and Fady Othman for helping identify the ARJ
parsing vulnerability.
- [CVE-2020-3341](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3341):
Fix a vulnerability in the PDF parsing module in ClamAV 0.101 - 0.102.2 that
could cause a Denial-of-Service (DoS) condition. Improper size checking of
a buffer used to initialize AES decryption routines results in an out-of-
bounds read which may cause a crash. Bug found by OSS-Fuzz.
- Fix "Attempt to allocate 0 bytes" error when parsing some PDF documents.
- Fix a couple of minor memory leaks.
- Updated libclamunrar to UnRAR 5.9.2.
|
|
|
|
graphics/openjpeg: security fix
Revisions pulled up:
- graphics/openjpeg/Makefile 1.21
- graphics/openjpeg/distinfo 1.18
- graphics/openjpeg/patches/patch-src_lib_openjp2_j2k.c 1.1
- graphics/openjpeg/patches/patch-src_lib_openjp2_tcd.c 1.1
---
Module Name: pkgsrc
Committed By: nia
Date: Tue May 12 10:44:46 UTC 2020
Modified Files:
pkgsrc/graphics/openjpeg: Makefile distinfo
Added Files:
pkgsrc/graphics/openjpeg/patches: patch-src_lib_openjp2_j2k.c
patch-src_lib_openjp2_tcd.c
Log Message:
openjpeg: Cherrypick fixes for the following CVEs from upstream:
https://nvd.nist.gov/vuln/detail/CVE-2020-6851 - out-of-bounds-write
https://nvd.nist.gov/vuln/detail/CVE-2020-8112 - heap-overflow
Please make releases for your software. :/
Bump PKGREVISION
|
|
net/youtube-dl: update for extractor changes
Revisions pulled up:
- net/youtube-dl/Makefile 1.205-1.206
- net/youtube-dl/distinfo 1.187-1.188
---
Module Name: pkgsrc
Committed By: leot
Date: Sat May 2 17:17:21 UTC 2020
Modified Files:
pkgsrc/net/youtube-dl: Makefile distinfo
Log Message:
youtube-dl: Update to 20200503
Changes:
20200503
--------
Core
+ [extractor/common] Extract multiple JSON-LD entries
* [options] Clarify doc on --exec command (#19087, #24883)
* [extractor/common] Skip malformed ISM manifest XMLs while extracting
ISM formats (#24667)
Extractors
* [crunchyroll] Fix and improve extraction (#25096, #25060)
* [youtube] Improve player id extraction
* [youtube] Use redirected video id if any (#25063)
* [yahoo] Fix GYAO Player extraction and relax URL regular expression
(#24178, #24778)
* [tvplay] Fix Viafree extraction (#15189, #24473, #24789)
* [tenplay] Relax URL regular expression (#25001)
+ [prosiebensat1] Extract series metadata
* [prosiebensat1] Improve extraction and remove 7tv.de support (#24948)
- [prosiebensat1] Remove 7tv.de support (#24948)
* [youtube] Fix DRM videos detection (#24736)
* [thisoldhouse] Fix video id extraction (#24548, #24549)
+ [soundcloud] Extract AAC format (#19173, #24708)
* [youtube] Skip broken multifeed videos (#24711)
* [nova:embed] Fix extraction (#24700)
* [motherless] Fix extraction (#24699)
* [twitch:clips] Extend URL regular expression (#24290, #24642)
* [tv4] Fix ISM formats extraction (#24667)
* [tele5] Fix extraction (#24553)
+ [mofosex] Add support for generic embeds (#24633)
+ [youporn] Add support for generic embeds
+ [spankwire] Add support for generic embeds (#24633)
* [spankwire] Fix extraction (#18924, #20648)
---
Module Name: pkgsrc
Committed By: leot
Date: Fri May 8 11:21:09 UTC 2020
Modified Files:
pkgsrc/net/youtube-dl: Makefile distinfo
Log Message:
youtube-dl: Update to 20200508
Changes:
20200508
--------
Core
* [downloader/http] Request last data block of exact remaining size
* [downloader/http] Finish downloading once received data length matches
expected
* [extractor/common] Use compat_cookiejar_Cookie for _set_cookie to always
ensure cookie name and value are bytestrings on python 2 (#23256, #24776)
+ [compat] Introduce compat_cookiejar_Cookie
* [utils] Improve cookie files support
+ Add support for UTF-8 in cookie files
* Skip malformed cookie file entries instead of crashing (invalid entry
length, invalid expires at)
Extractors
* [youtube] Improve signature cipher extraction (#25187, #25188)
* [iprima] Improve extraction (#25138)
* [uol] Fix extraction (#22007)
+ [orf] Add support for more radio stations (#24938, #24968)
* [dailymotion] Fix typo
- [puhutv] Remove no longer available HTTP formats (#25124)
|
|
www/firefox68-l10n: dependent update
Revisions pulled up:
- www/firefox68-l10n/Makefile 1.13
- www/firefox68-l10n/distinfo 1.10
---
Module Name: pkgsrc
Committed By: nia
Date: Sat May 9 13:21:31 UTC 2020
Modified Files:
pkgsrc/www/firefox68-l10n: Makefile distinfo
Log Message:
firefox68-l10n: Sync with firefox68
|