Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
www/firefox91: security fix
Revisions pulled up:
- www/firefox91-l10n/Makefile 1.5
- www/firefox91-l10n/distinfo 1.7
- www/firefox91/Makefile 1.10
- www/firefox91/distinfo 1.7
---
Module Name: pkgsrc
Committed By: nia
Date: Fri Dec 10 14:32:07 UTC 2021
Modified Files:
pkgsrc/www/firefox91: Makefile distinfo
pkgsrc/www/firefox91-l10n: Makefile distinfo
Log Message:
firefox91: Update to 91.4.0
Security Vulnerabilities fixed in Firefox ESR 91.4.0
#CVE-2021-43536: URL leakage when navigating while executing asynchronous
function
#CVE-2021-43537: Heap buffer overflow when using structured clone
#CVE-2021-43538: Missing fullscreen and pointer lock notification when
requesting both
#CVE-2021-43539: GC rooting failure when calling wasm instance methods
#CVE-2021-43541: External protocol handler parameters were unescaped
#CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence
of an external protocol handler
#CVE-2021-43543: Bypass of CSP sandbox directive when embedding
#CVE-2021-43545: Denial of Service when using the Location API in a loop
#CVE-2021-43546: Cursor spoofing could overlay user interface when native
cursor is zoomed
#MOZ-2021-0009: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4
|
|
|
|
databases/mariadb105: fix PLIST on SunOS
databases/mariadb106: fix PLIST on SunOS
Revisions pulled up:
- databases/mariadb105-server/PLIST 1.9
- databases/mariadb106-server/PLIST 1.6
---
Module Name: pkgsrc
Committed By: nia
Date: Fri Dec 10 13:29:24 UTC 2021
Modified Files:
pkgsrc/databases/mariadb105-server: PLIST
pkgsrc/databases/mariadb106-server: PLIST
Log Message:
mariadb[105,106]-server: fix PLIST on SunOS
|
|
|
|
databases/mariadb106: security fix
Revisions pulled up:
- databases/mariadb106-client/Makefile 1.4
- databases/mariadb106-client/Makefile.common 1.6
- databases/mariadb106-client/PLIST 1.2
- databases/mariadb106-client/distinfo 1.5
- databases/mariadb106-client/patches/patch-CMakeLists.txt 1.2
- databases/mariadb106-client/patches/patch-plugin_auth__pam_CMakeLists.txt deleted
- databases/mariadb106-client/patches/patch-plugin_auth__socket_auth__socket.c deleted
- databases/mariadb106-client/patches/patch-scripts_CMakeLists.txt 1.2
- databases/mariadb106-client/patches/patch-storage_innobase_include_transactional__lock__guard.h 1.1
- databases/mariadb106-server/Makefile 1.7
- databases/mariadb106-server/PLIST 1.5
---
Module Name: pkgsrc
Committed By: nia
Date: Sat Nov 27 23:40:28 UTC 2021
Modified Files:
pkgsrc/databases/mariadb106-client: Makefile Makefile.common PLIST
distinfo
pkgsrc/databases/mariadb106-client/patches: patch-CMakeLists.txt
patch-scripts_CMakeLists.txt
pkgsrc/databases/mariadb106-server: Makefile PLIST
Added Files:
pkgsrc/databases/mariadb106-client/patches:
patch-storage_innobase_include_transactional__lock__guard.h
Removed Files:
pkgsrc/databases/mariadb106-client/patches:
patch-plugin_auth__pam_CMakeLists.txt
patch-plugin_auth__socket_auth__socket.c
Log Message:
mariadb106*: Update to 10.6.5
Release notes:
https://mariadb.com/kb/en/mariadb-1065-release-notes/
|
|
|
|
databases/mariadb105: security fix
Revisions pulled up:
- databases/mariadb105-client/Makefile 1.8
- databases/mariadb105-client/Makefile.common 1.14
- databases/mariadb105-client/PLIST 1.3
- databases/mariadb105-client/distinfo 1.10
- databases/mariadb105-client/patches/patch-plugin_auth__pam_CMakeLists.txt deleted
- databases/mariadb105-client/patches/patch-scripts_CMakeLists.txt 1.3
- databases/mariadb105-server/Makefile 1.18
- databases/mariadb105-server/PLIST 1.8
---
Module Name: pkgsrc
Committed By: nia
Date: Sat Nov 27 22:52:15 UTC 2021
Modified Files:
pkgsrc/databases/mariadb105-client: Makefile Makefile.common PLIST
distinfo
pkgsrc/databases/mariadb105-client/patches:
patch-scripts_CMakeLists.txt
pkgsrc/databases/mariadb105-server: Makefile PLIST
Removed Files:
pkgsrc/databases/mariadb105-client/patches:
patch-plugin_auth__pam_CMakeLists.txt
Log Message:
mariadb105*: Update to 10.5.13
Release notes:
https://mariadb.com/kb/en/mariadb-10513-release-notes/
|
|
|
|
devel/nss: security-update
Revisions pulled up:
- devel/nss/Makefile 1.215-1.217
- devel/nss/distinfo 1.139,1.142-1.143
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Thu Sep 30 21:39:55 UTC 2021
Modified Files:
pkgsrc/devel/nss: Makefile distinfo
Log Message:
nss: update to 3.71.
Changes:
- Bug 1717716 - Set nssckbi version number to 2.52.
- Bug 1667000 - Respect server requirements of tlsfuzzer/test-tls13-signature-algorithms.py
- Bug 1373716 - Import of PKCS#12 files with Camellia encryption is not supported
- Bug 1717707 - Add HARICA Client ECC Root CA 2021.
- Bug 1717707 - Add HARICA Client RSA Root CA 2021.
- Bug 1717707 - Add HARICA TLS ECC Root CA 2021.
- Bug 1717707 - Add HARICA TLS RSA Root CA 2021.
- Bug 1728394 - Add TunTrust Root CA certificate to NSS.
To generate a diff of this commit:
cvs rdiff -u -r1.214 -r1.215 pkgsrc/devel/nss/Makefile
cvs rdiff -u -r1.138 -r1.139 pkgsrc/devel/nss/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Thu Oct 28 10:03:13 UTC 2021
Modified Files:
pkgsrc/devel/nss: Makefile distinfo
Log Message:
nss: update to 3.72.
Changes:
- Documentation: release notes for NSS 3.72
- Documentation: release notes for NSS 3.71
- Remove newline at the end of coreconf.dep
- Bug 1731911 - Fix nsinstall parallel failure.
- Bug 1729930 - Increase KDF cache size to mitigate perf regression in about:logins.
To generate a diff of this commit:
cvs rdiff -u -r1.215 -r1.216 pkgsrc/devel/nss/Makefile
cvs rdiff -u -r1.141 -r1.142 pkgsrc/devel/nss/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Wed Dec 1 17:04:11 UTC 2021
Modified Files:
pkgsrc/devel/nss: Makefile distinfo
Log Message:
nss: update to 3.73.
This contains the fix for CVE-2021-43527.
To generate a diff of this commit:
cvs rdiff -u -r1.216 -r1.217 pkgsrc/devel/nss/Makefile
cvs rdiff -u -r1.142 -r1.143 pkgsrc/devel/nss/distinfo
|
|
|
|
lang/ruby30-base: security fix
Revisions pulled up:
- lang/ruby/rubyversion.mk 1.240
- lang/ruby30-base/PLIST 1.4
- lang/ruby30-base/distinfo 1.7
- lang/ruby30-base/patches/patch-lib_rubygems_installer.rb 1.2
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 25 16:35:52 UTC 2021
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
pkgsrc/lang/ruby30-base: PLIST distinfo
pkgsrc/lang/ruby30-base/patches: patch-lib_rubygems_installer.rb
Log Message:
lang/ruby30-base: update to 3.0.3
Ruby 3.0.3 Released
Posted by nagachika on 24 Nov 2021
Ruby 3.0.3 has been released.
This release includes security fixes. Please check the topics below for
details.
* CVE-2021-41817: Regular Expression Denial of Service Vulnerability of Date
Parsing Methods
* CVE-2021-41816: Buffer Overrun in CGI.escape_html
* CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse
See the commit logs for details.
|
|
|
|
lang/ruby27-base: security fix
Revisions pulled up:
- lang/ruby/rubyversion.mk 1.239
- lang/ruby27-base/PLIST 1.5
- lang/ruby27-base/distinfo 1.9
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 25 16:01:18 UTC 2021
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
pkgsrc/lang/ruby27-base: PLIST distinfo
Log Message:
lang/ruby27-base: update to 2.7.5
Ruby 2.7.5 Released
Posted by usa on 24 Nov 2021
Ruby 2.7.5 has been released.
This release includes security fixes. Please check the topics below for
details.
* CVE-2021-41817: Regular Expression Denial of Service Vulnerability of Date
Parsing Methods
* CVE-2021-41816: Buffer Overrun in CGI.escape_html
* CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse
See the commit logs for details.
|
|
|
|
lang/ruby26-base: security fix
Revisions pulled up:
- lang/ruby/rubyversion.mk 1.238
- lang/ruby26-base/distinfo 1.15
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 25 15:51:08 UTC 2021
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
pkgsrc/lang/ruby26-base: distinfo
Log Message:
lang/ruby26-base: update to 2.6.9
Ruby 2.6.9 Released
Posted by usa on 24 Nov 2021
Ruby 2.6.9 has been released.
This release includes security fixes. Please check the topics below for
details.
* CVE-2021-41817: Regular Expression Denial of Service Vulnerability of Date
Parsing Methods
* CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse See the commit
logs for details.
Ruby 2.6 is now under the state of the security maintenance phase, until the
end of March of 2022. After that date, maintenance of Ruby 2.6 will be
ended. We recommend you start planning the migration to newer versions of
Ruby, such as 3.0 or 2.7.
|
|
|
|
devel/gmp: security fix
Revisions pulled up:
- devel/gmp/Makefile 1.89
- devel/gmp/distinfo 1.59
- devel/gmp/patches/patch-mpz_inp__raw.c 1.1
---
Module Name: pkgsrc
Committed By: wiz
Date: Fri Nov 26 12:23:09 UTC 2021
Modified Files:
pkgsrc/devel/gmp: Makefile distinfo
Added Files:
pkgsrc/devel/gmp/patches: patch-mpz_inp__raw.c
Log Message:
gmp: fix CVE-2021-43618 using upstream patch
Bump PKGREVISION.
|
|
|
|
chat/matrix-synapse: security update
Revisions pulled up:
- chat/matrix-synapse/Makefile 1.34-1.36
- chat/matrix-synapse/PLIST 1.18-1.19
- chat/matrix-synapse/distinfo 1.24,1.27-1.28
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: js
Date: Sat Oct 2 12:23:13 UTC 2021
Modified Files:
pkgsrc/chat/matrix-synapse: Makefile PLIST distinfo
Log Message:
Update chat/matrix-synapse to 1.43.0
Synapse 1.43.0 (2021-09-21)
=============
This release drops support for the deprecated, unstable API for [MSC2858 (Multiple SSO Identity
Providers)](https://github.com/matrix-org/matrix-doc/blob/master/proposals/2858-Multiple-SSO-Identity-Providers.md#unstable-prefix), as well as the undocumented `experimental.msc2858_enabled` config
option. Client authors should update their clients to use the stable API, available since Synapse 1.30.
The documentation has been updated with configuration for routing `/spaces`, `/hierarchy` and `/summary` to workers. See [the upgrade
notes](https://github.com/matrix-org/synapse/blob/release-v1.43/docs/upgrade.md#upgrading-to-v1430) for more details.
No significant changes since 1.43.0rc2.
Synapse 1.43.0rc2 (2021-09-17)
===============
Bugfixes
--------
- Added opentracing logging to help debug [\#9424](https://github.com/matrix-org/synapse/issues/9424). ([\#10828](https://github.com/matrix-org/synapse/issues/10828))
Synapse 1.43.0rc1 (2021-09-14)
===============
Features
--------
- Allow room creators to send historical events specified by [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) in existing room versions.
([\#10566](https://github.com/matrix-org/synapse/issues/10566))
- Add config option to use non-default manhole password and keys. ([\#10643](https://github.com/matrix-org/synapse/issues/10643))
- Skip final GC at shutdown to improve restart performance. ([\#10712](https://github.com/matrix-org/synapse/issues/10712))
- Allow configuration of the oEmbed URLs used for URL previews. ([\#10714](https://github.com/matrix-org/synapse/issues/10714), [\#10759](https://github.com/matrix-org/synapse/issues/10759))
- Prefer [room version 9](https://github.com/matrix-org/matrix-doc/pull/3375) for restricted rooms per the [room version capabilities](https://github.com/matrix-org/matrix-doc/pull/3244) API.
([\#10772](https://github.com/matrix-org/synapse/issues/10772))
Bugfixes
--------
- Fix a long-standing bug where room avatars were not included in email notifications. ([\#10658](https://github.com/matrix-org/synapse/issues/10658))
- Fix a bug where the ordering algorithm was skipping the `origin_server_ts` step in the spaces summary resulting in unstable room orderings.
([\#10730](https://github.com/matrix-org/synapse/issues/10730))
- Fix edge case when persisting events into a room where there are multiple events we previously hadn't calculated auth chains for (and hadn't marked as needing to be calculated).
([\#10743](https://github.com/matrix-org/synapse/issues/10743))
- Fix a bug which prevented calls to `/createRoom` that included the `room_alias_name` parameter from being handled by worker processes. ([\#10757](https://github.com/matrix-org/synapse/issues/10757))
- Fix a bug which prevented user registration via SSO to require consent tracking for SSO mapping providers that don't prompt for Matrix ID selection. Contributed by @AndrewFerr.
([\#10733](https://github.com/matrix-org/synapse/issues/10733))
- Only return the stripped state events for the `m.space.child` events in a room for the spaces summary from [MSC2946](https://github.com/matrix-org/matrix-doc/pull/2946).
([\#10760](https://github.com/matrix-org/synapse/issues/10760))
- Properly handle room upgrades of spaces. ([\#10774](https://github.com/matrix-org/synapse/issues/10774))
- Fix a bug which generated invalid homeserver config when the `frontend_proxy` worker type was passed to the Synapse Worker-based Complement image.
([\#10783](https://github.com/matrix-org/synapse/issues/10783))
Improved Documentation
----------------------
- Minor fix to the `media_repository` developer documentation. Contributed by @cuttingedge1109. ([\#10556](https://github.com/matrix-org/synapse/issues/10556))
- Update the documentation to note that the `/spaces` and `/hierarchy` endpoints can be routed to workers. ([\#10648](https://github.com/matrix-org/synapse/issues/10648))
- Clarify admin API documentation on undoing room deletions. ([\#10735](https://github.com/matrix-org/synapse/issues/10735))
- Split up the modules documentation and add examples for module developers. ([\#10758](https://github.com/matrix-org/synapse/issues/10758))
- Correct 2 typographical errors in the [Log Contexts documentation](https://matrix-org.github.io/synapse/latest/log_contexts.html). ([\#10795](https://github.com/matrix-org/synapse/issues/10795))
- Fix a wording mistake in the sample configuration. Contributed by @bramvdnheuvel:nltrix.net. ([\#10804](https://github.com/matrix-org/synapse/issues/10804))
Deprecations and Removals
-------------------------
- Remove the [unstable MSC2858 API](https://github.com/matrix-org/matrix-doc/blob/master/proposals/2858-Multiple-SSO-Identity-Providers.md#unstable-prefix), including the undocumented
`experimental.msc2858_enabled` config option. The unstable API has been deprecated since Synapse 1.35. Client authors should update their clients to use the stable API introduced in Synapse 1.30 if
they have not already done so. ([\#10693](https://github.com/matrix-org/synapse/issues/10693))
Internal Changes
----------------
- Add OpenTracing logging to help debug stuck messages (as described by issue [#9424](https://github.com/matrix-org/synapse/issues/9424)).
([\#10704](https://github.com/matrix-org/synapse/issues/10704))
- Add type annotations to the `synapse.util` package. ([\#10601](https://github.com/matrix-org/synapse/issues/10601))
- Ensure `rooms.creator` field is always populated for easy lookup in [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) usage later.
([\#10697](https://github.com/matrix-org/synapse/issues/10697))
- Add missing type hints to REST servlets. ([\#10707](https://github.com/matrix-org/synapse/issues/10707), [\#10728](https://github.com/matrix-org/synapse/issues/10728),
[\#10736](https://github.com/matrix-org/synapse/issues/10736))
- Do not include rooms with unknown room versions in the spaces summary results. ([\#10727](https://github.com/matrix-org/synapse/issues/10727))
- Additional error checking for the `preset` field when creating a room. ([\#10738](https://github.com/matrix-org/synapse/issues/10738))
- Clean up some of the federation event authentication code for clarity. ([\#10744](https://github.com/matrix-org/synapse/issues/10744), [\#10745](https://github.com/matrix-org/synapse/issues/10745),
[\#10746](https://github.com/matrix-org/synapse/issues/10746), [\#10771](https://github.com/matrix-org/synapse/issues/10771), [\#10773](https://github.com/matrix-org/synapse/issues/10773),
[\#10781](https://github.com/matrix-org/synapse/issues/10781))
- Add an index to `presence_stream` to hopefully speed up startups a little. ([\#10748](https://github.com/matrix-org/synapse/issues/10748))
- Refactor event size checking code to simplify searching the codebase for the origins of certain error strings that are occasionally emitted.
([\#10750](https://github.com/matrix-org/synapse/issues/10750))
- Move tests relating to rooms having encryption out of the user directory tests. ([\#10752](https://github.com/matrix-org/synapse/issues/10752))
- Use `attrs` internally for the URL preview code & update documentation. ([\#10753](https://github.com/matrix-org/synapse/issues/10753))
- Minor speed ups when joining large rooms over federation. ([\#10754](https://github.com/matrix-org/synapse/issues/10754), [\#10755](https://github.com/matrix-org/synapse/issues/10755),
[\#10756](https://github.com/matrix-org/synapse/issues/10756), [\#10780](https://github.com/matrix-org/synapse/issues/10780), [\#10784](https://github.com/matrix-org/synapse/issues/10784))
- Add a constant for `m.federate`. ([\#10775](https://github.com/matrix-org/synapse/issues/10775))
- Add a script to update the Debian changelog in a Docker container for systems that are not Debian-based. ([\#10778](https://github.com/matrix-org/synapse/issues/10778))
- Change the format of authenticated users in logs when a user is being puppeted by and admin user. ([\#10779](https://github.com/matrix-org/synapse/issues/10779))
- Remove fixed and flakey tests from the Sytest blacklist. ([\#10788](https://github.com/matrix-org/synapse/issues/10788))
- Improve internal details of the user directory code. ([\#10789](https://github.com/matrix-org/synapse/issues/10789))
- Use direct references to config flags. ([\#10798](https://github.com/matrix-org/synapse/issues/10798))
- Ensure the Rust reporter passes type checking with jaeger-client 4.7's type annotations. ([\#10799](https://github.com/matrix-org/synapse/issues/10799))
Synapse 1.42.0 (2021-09-07)
=============
This version of Synapse removes deprecated room-management admin APIs, removes out-of-date email pushers, and improves error handling for fallback templates for user-interactive authentication. For
more information on these points, server administrators are encouraged to read [the upgrade notes](docs/upgrade.md#upgrading-to-v1420).
No significant changes since 1.42.0rc2.
Synapse 1.42.0rc2 (2021-09-06)
===============
Features
--------
- Support room version 9 from [MSC3375](https://github.com/matrix-org/matrix-doc/pull/3375). ([\#10747](https://github.com/matrix-org/synapse/issues/10747))
Internal Changes
----------------
- Print a warning when using one of the deprecated `template_dir` settings. ([\#10768](https://github.com/matrix-org/synapse/issues/10768))
Synapse 1.42.0rc1 (2021-09-01)
===============
Features
--------
- Add support for [MSC3231](https://github.com/matrix-org/matrix-doc/pull/3231): Token authenticated registration. Users can be required to submit a token during registration to authenticate
themselves. Contributed by Callum Brown. ([\#10142](https://github.com/matrix-org/synapse/issues/10142))
- Add support for [MSC3283](https://github.com/matrix-org/matrix-doc/pull/3283): Expose `enable_set_displayname` in capabilities. ([\#10452](https://github.com/matrix-org/synapse/issues/10452))
- Port the `PresenceRouter` module interface to the new generic interface. ([\#10524](https://github.com/matrix-org/synapse/issues/10524))
- Add pagination to the spaces summary based on updates to [MSC2946](https://github.com/matrix-org/matrix-doc/pull/2946). ([\#10613](https://github.com/matrix-org/synapse/issues/10613),
[\#10725](https://github.com/matrix-org/synapse/issues/10725))
Bugfixes
--------
- Validate new `m.room.power_levels` events. Contributed by @aaronraimist. ([\#10232](https://github.com/matrix-org/synapse/issues/10232))
- Display an error on User-Interactive Authentication fallback pages when authentication fails. Contributed by Callum Brown. ([\#10561](https://github.com/matrix-org/synapse/issues/10561))
- Remove pushers when deleting an e-mail address from an account. Pushers for old unlinked emails will also be deleted. ([\#10581](https://github.com/matrix-org/synapse/issues/10581),
[\#10734](https://github.com/matrix-org/synapse/issues/10734))
- Reject Client-Server `/keys/query` requests which provide `device_ids` incorrectly. ([\#10593](https://github.com/matrix-org/synapse/issues/10593))
- Rooms with unsupported room versions are no longer returned via `/sync`. ([\#10644](https://github.com/matrix-org/synapse/issues/10644))
- Enforce the maximum length for per-room display names and avatar URLs. ([\#10654](https://github.com/matrix-org/synapse/issues/10654))
- Fix a bug which caused the `synapse_user_logins_total` Prometheus metric not to be correctly initialised on restart. ([\#10677](https://github.com/matrix-org/synapse/issues/10677))
- Improve `ServerNoticeServlet` to avoid duplicate requests and add unit tests. ([\#10679](https://github.com/matrix-org/synapse/issues/10679))
- Fix long-standing issue which caused an error when a thumbnail is requested and there are multiple thumbnails with the same quality rating.
([\#10684](https://github.com/matrix-org/synapse/issues/10684))
- Fix a regression introduced in v1.41.0 which affected the performance of concurrent fetches of large sets of events, in extreme cases causing the process to hang.
([\#10703](https://github.com/matrix-org/synapse/issues/10703))
- Fix a regression introduced in Synapse 1.41 which broke email transmission on Systems using older versions of the Twisted library. ([\#10713](https://github.com/matrix-org/synapse/issues/10713))
Improved Documentation
----------------------
- Add documentation on how to connect Django with Synapse using OpenID Connect and django-oauth-toolkit. Contributed by @HugoDelval. ([\#10192](https://github.com/matrix-org/synapse/issues/10192))
- Advertise https://matrix-org.github.io/synapse documentation in the `README` and `CONTRIBUTING` files. ([\#10595](https://github.com/matrix-org/synapse/issues/10595))
- Fix some of the titles not rendering in the OpenID Connect documentation. ([\#10639](https://github.com/matrix-org/synapse/issues/10639))
- Minor clarifications to the documentation for reverse proxies. ([\#10708](https://github.com/matrix-org/synapse/issues/10708))
- Remove table of contents from the top of installation and contributing documentation pages. ([\#10711](https://github.com/matrix-org/synapse/issues/10711))
Deprecations and Removals
-------------------------
- Remove deprecated Shutdown Room and Purge Room Admin API. ([\#8830](https://github.com/matrix-org/synapse/issues/8830))
Internal Changes
----------------
- Improve type hints for the proxy agent and SRV resolver modules. Contributed by @dklimpel. ([\#10608](https://github.com/matrix-org/synapse/issues/10608))
- Clean up some of the federation event authentication code for clarity. ([\#10614](https://github.com/matrix-org/synapse/issues/10614), [\#10615](https://github.com/matrix-org/synapse/issues/10615),
[\#10624](https://github.com/matrix-org/synapse/issues/10624), [\#10640](https://github.com/matrix-org/synapse/issues/10640))
- Add a comment asking developers to leave a reason when bumping the database schema version. ([\#10621](https://github.com/matrix-org/synapse/issues/10621))
- Remove not needed database updates in modify user admin API. ([\#10627](https://github.com/matrix-org/synapse/issues/10627))
- Convert room member storage tuples to `attrs` classes. ([\#10629](https://github.com/matrix-org/synapse/issues/10629), [\#10642](https://github.com/matrix-org/synapse/issues/10642))
- Use auto-attribs for the attrs classes used in sync. ([\#10630](https://github.com/matrix-org/synapse/issues/10630))
- Make `backfill` and `get_missing_events` use the same codepath. ([\#10645](https://github.com/matrix-org/synapse/issues/10645))
- Improve the performance of the `/hierarchy` API (from [MSC2946](https://github.com/matrix-org/matrix-doc/pull/2946)) by caching responses received over federation.
([\#10647](https://github.com/matrix-org/synapse/issues/10647))
- Run a nightly CI build against Twisted trunk. ([\#10651](https://github.com/matrix-org/synapse/issues/10651), [\#10672](https://github.com/matrix-org/synapse/issues/10672))
- Do not print out stack traces for network errors when fetching data over federation. ([\#10662](https://github.com/matrix-org/synapse/issues/10662))
- Simplify tests for device admin rest API. ([\#10664](https://github.com/matrix-org/synapse/issues/10664))
- Add missing type hints to REST servlets. ([\#10665](https://github.com/matrix-org/synapse/issues/10665), [\#10666](https://github.com/matrix-org/synapse/issues/10666),
[\#10674](https://github.com/matrix-org/synapse/issues/10674))
- Flatten the `tests.synapse.rests` package by moving the contents of `v1` and `v2_alpha` into the parent. ([\#10667](https://github.com/matrix-org/synapse/issues/10667))
- Update `complement.sh` to rebuild the base Docker image when run with workers. ([\#10686](https://github.com/matrix-org/synapse/issues/10686))
- Split the event-processing methods in `FederationHandler` into a separate `FederationEventHandler`. ([\#10692](https://github.com/matrix-org/synapse/issues/10692))
- Remove unused `compare_digest` function. ([\#10706](https://github.com/matrix-org/synapse/issues/10706))
To generate a diff of this commit:
cvs rdiff -u -r1.33 -r1.34 pkgsrc/chat/matrix-synapse/Makefile
cvs rdiff -u -r1.17 -r1.18 pkgsrc/chat/matrix-synapse/PLIST
cvs rdiff -u -r1.23 -r1.24 pkgsrc/chat/matrix-synapse/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: js
Date: Fri Nov 19 14:06:08 UTC 2021
Modified Files:
pkgsrc/chat/matrix-synapse: Makefile PLIST distinfo
Log Message:
Update chat/matrix-synapse to 1.47.0
Synapse 1.47.0 (2021-11-17)
=============
No significant changes since 1.47.0rc3.
Synapse 1.47.0rc3 (2021-11-16)
===============
Bugfixes
--------
- Fix a bug introduced in 1.47.0rc1 which caused worker processes to not halt startup in the presence of outstanding database migrations.
([\#11346](https://github.com/matrix-org/synapse/issues/11346))
- Fix a bug introduced in 1.47.0rc1 which prevented the 'remove deleted devices from `device_inbox` column' background process from running when updating from a recent Synapse version.
([\#11303](https://github.com/matrix-org/synapse/issues/11303), [\#11353](https://github.com/matrix-org/synapse/issues/11353))
Synapse 1.47.0rc2 (2021-11-10)
===============
This fixes an issue with publishing the Debian packages for 1.47.0rc1.
It is otherwise identical to 1.47.0rc1.
Synapse 1.47.0rc1 (2021-11-09)
===============
Deprecations and Removals
-------------------------
- The `user_may_create_room_with_invites` module callback is now deprecated. Please refer to the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#upgrading-to-v1470) for more
information. ([\#11206](https://github.com/matrix-org/synapse/issues/11206))
- Remove deprecated admin API to delete rooms (`POST /_synapse/admin/v1/rooms/<room_id>/delete`). ([\#11213](https://github.com/matrix-org/synapse/issues/11213))
Features
--------
- Advertise support for Client-Server API r0.6.1. ([\#11097](https://github.com/matrix-org/synapse/issues/11097))
- Add search by room ID and room alias to the List Room admin API. ([\#11099](https://github.com/matrix-org/synapse/issues/11099))
- Add an `on_new_event` third-party rules callback to allow Synapse modules to act after an event has been sent into a room. ([\#11126](https://github.com/matrix-org/synapse/issues/11126))
- Add a module API method to update a user's membership in a room. ([\#11147](https://github.com/matrix-org/synapse/issues/11147))
- Add metrics for thread pool usage. ([\#11178](https://github.com/matrix-org/synapse/issues/11178))
- Support the stable room type field for [MSC3288](https://github.com/matrix-org/matrix-doc/pull/3288). ([\#11187](https://github.com/matrix-org/synapse/issues/11187))
- Add a module API method to retrieve the current state of a room. ([\#11204](https://github.com/matrix-org/synapse/issues/11204))
- Calculate a default value for `public_baseurl` based on `server_name`. ([\#11210](https://github.com/matrix-org/synapse/issues/11210))
- Add support for serving `/.well-known/matrix/server` files, to redirect federation traffic to port 443. ([\#11211](https://github.com/matrix-org/synapse/issues/11211))
- Add admin APIs to pause, start and check the status of background updates. ([\#11263](https://github.com/matrix-org/synapse/issues/11263))
Bugfixes
--------
- Fix a long-standing bug which allowed hidden devices to receive to-device messages, resulting in unnecessary database bloat. ([\#10097](https://github.com/matrix-org/synapse/issues/10097))
- Fix a long-standing bug where messages in the `device_inbox` table for deleted devices would persist indefinitely. Contributed by @dklimpel and @JohannesKleine.
([\#10969](https://github.com/matrix-org/synapse/issues/10969), [\#11212](https://github.com/matrix-org/synapse/issues/11212))
- Do not accept events if a third-party rule `check_event_allowed` callback raises an exception. ([\#11033](https://github.com/matrix-org/synapse/issues/11033))
- Fix long-standing bug where verification requests could fail in certain cases if a federation whitelist was in place but did not include your own homeserver.
([\#11129](https://github.com/matrix-org/synapse/issues/11129))
- Allow an empty list of `state_events_at_start` to be sent when using the [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) `/batch_send` endpoint and the author of the historical
messages is already part of the current room state at the given `?prev_event_id`. ([\#11188](https://github.com/matrix-org/synapse/issues/11188))
- Fix a bug introduced in Synapse 1.45.0 which prevented the `synapse_review_recent_signups` script from running. Contributed by @samuel-p.
([\#11191](https://github.com/matrix-org/synapse/issues/11191))
- Delete `to_device` messages for hidden devices that will never be read, reducing database size. ([\#11199](https://github.com/matrix-org/synapse/issues/11199))
- Fix a long-standing bug wherein a missing `Content-Type` header when downloading remote media would cause Synapse to throw an error. ([\#11200](https://github.com/matrix-org/synapse/issues/11200))
- Fix a long-standing bug which could result in serialization errors and potentially duplicate transaction data when sending ephemeral events to application services. Contributed by @Fizzadar at
Beeper. ([\#11207](https://github.com/matrix-org/synapse/issues/11207))
- Fix a bug introduced in Synapse 1.35.0 which made it impossible to join rooms that return a `send_join` response containing floats. ([\#11217](https://github.com/matrix-org/synapse/issues/11217))
- Fix long-standing bug where cross signing keys were not included in the response to `/r0/keys/query` the first time a remote user was queried.
([\#11234](https://github.com/matrix-org/synapse/issues/11234))
- Fix a long-standing bug where all requests that read events from the database could get stuck as a result of losing the database connection.
([\#11240](https://github.com/matrix-org/synapse/issues/11240))
- Fix a bug preventing Synapse from being rolled back to an earlier version when using workers. ([\#11255](https://github.com/matrix-org/synapse/issues/11255),
[\#11276](https://github.com/matrix-org/synapse/issues/11276))
- Fix a bug introduced in Synapse 1.37.1 which caused a remote event being processed by a worker to not get processed on restart if the worker was killed.
([\#11262](https://github.com/matrix-org/synapse/issues/11262))
- Only allow old Element/Riot Android clients to send read receipts without a request body. All other clients must include a request body as required by the specification. Contributed by @rogersheu.
([\#11157](https://github.com/matrix-org/synapse/issues/11157))
Updates to the Docker image
---------------------------
- Avoid changing user ID when started as a non-root user, and no explicit `UID` is set. ([\#11209](https://github.com/matrix-org/synapse/issues/11209))
Improved Documentation
----------------------
- Improve example HAProxy config in the docs to properly handle HTTP `Host` headers with port information. This is required for federation over port 443 to work correctly.
([\#11128](https://github.com/matrix-org/synapse/issues/11128))
- Add documentation for using Authentik as an OpenID Connect Identity Provider. Contributed by @samip5. ([\#11151](https://github.com/matrix-org/synapse/issues/11151))
- Clarify lack of support for Windows. ([\#11198](https://github.com/matrix-org/synapse/issues/11198))
- Improve code formatting and fix a few typos in docs. Contributed by @sumnerevans at Beeper. ([\#11221](https://github.com/matrix-org/synapse/issues/11221))
- Add documentation for using LemonLDAP as an OpenID Connect Identity Provider. Contributed by @l00ptr. ([\#11257](https://github.com/matrix-org/synapse/issues/11257))
Internal Changes
----------------
- Add type annotations for the `log_function` decorator. ([\#10943](https://github.com/matrix-org/synapse/issues/10943))
- Add type hints to `synapse.events`. ([\#11098](https://github.com/matrix-org/synapse/issues/11098))
- Remove and document unnecessary `RoomStreamToken` checks in application service ephemeral event code. ([\#11137](https://github.com/matrix-org/synapse/issues/11137))
- Add type hints so that `synapse.http` passes `mypy` checks. ([\#11164](https://github.com/matrix-org/synapse/issues/11164))
- Update scripts to pass Shellcheck lints. ([\#11166](https://github.com/matrix-org/synapse/issues/11166))
- Add knock information in admin export. Contributed by Rafael Gonçalves. ([\#11171](https://github.com/matrix-org/synapse/issues/11171))
- Add tests to check that `ClientIpStore.get_last_client_ip_by_device` and `get_user_ip_and_agents` combine database and in-memory data correctly.
([\#11179](https://github.com/matrix-org/synapse/issues/11179))
- Refactor `Filter` to check different fields depending on the data type. ([\#11194](https://github.com/matrix-org/synapse/issues/11194))
- Improve type hints for the relations datastore. ([\#11205](https://github.com/matrix-org/synapse/issues/11205))
- Replace outdated links in the pull request checklist with links to the rendered documentation. ([\#11225](https://github.com/matrix-org/synapse/issues/11225))
- Fix a bug in unit test `test_block_room_and_not_purge`. ([\#11226](https://github.com/matrix-org/synapse/issues/11226))
- In `ObservableDeferred`, run observers in the order they were registered. ([\#11229](https://github.com/matrix-org/synapse/issues/11229))
- Minor speed up to start up times and getting updates for groups by adding missing index to `local_group_updates.stream_id`. ([\#11231](https://github.com/matrix-org/synapse/issues/11231))
- Add `twine` and `towncrier` as dev dependencies, as they're used by the release script. ([\#11233](https://github.com/matrix-org/synapse/issues/11233))
- Allow `stream_writers.typing` config to be a list of one worker. ([\#11237](https://github.com/matrix-org/synapse/issues/11237))
- Remove debugging statement in tests. ([\#11239](https://github.com/matrix-org/synapse/issues/11239))
- Fix [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) historical messages backfilling in random order on remote homeservers.
([\#11244](https://github.com/matrix-org/synapse/issues/11244))
- Add an additional test for the `cachedList` method decorator. ([\#11246](https://github.com/matrix-org/synapse/issues/11246))
- Make minor correction to the type of `auth_checkers` callbacks. ([\#11253](https://github.com/matrix-org/synapse/issues/11253))
- Clean up trivial aspects of the Debian package build tooling. ([\#11269](https://github.com/matrix-org/synapse/issues/11269), [\#11273](https://github.com/matrix-org/synapse/issues/11273))
- Blacklist new SyTest that checks that key uploads are valid pending the validation being implemented in Synapse. ([\#11270](https://github.com/matrix-org/synapse/issues/11270))
Synapse 1.46.0 (2021-11-02)
=============
The cause of the [performance regression affecting Synapse 1.44](https://github.com/matrix-org/synapse/issues/11049) has been identified and fixed.
([\#11177](https://github.com/matrix-org/synapse/issues/11177))
Bugfixes
--------
- Fix a bug introduced in v1.46.0rc1 where URL previews of some XML documents would fail. ([\#11196](https://github.com/matrix-org/synapse/issues/11196))
Synapse 1.46.0rc1 (2021-10-27)
===============
Features
--------
- Add support for Ubuntu 21.10 "Impish Indri". ([\#11024](https://github.com/matrix-org/synapse/issues/11024))
- Port the Password Auth Providers module interface to the new generic interface. ([\#10548](https://github.com/matrix-org/synapse/issues/10548),
[\#11180](https://github.com/matrix-org/synapse/issues/11180))
- Experimental support for the thread relation defined in [MSC3440](https://github.com/matrix-org/matrix-doc/pull/3440). ([\#11088](https://github.com/matrix-org/synapse/issues/11088),
[\#11181](https://github.com/matrix-org/synapse/issues/11181), [\#11192](https://github.com/matrix-org/synapse/issues/11192))
- Users admin API can now also modify user type in addition to allowing it to be set on user creation. ([\#11174](https://github.com/matrix-org/synapse/issues/11174))
Bugfixes
--------
- Newly-created public rooms are now only assigned an alias if the room's creation has not been blocked by permission settings. Contributed by @AndrewFerr.
([\#10930](https://github.com/matrix-org/synapse/issues/10930))
- Fix a long-standing bug which meant that events received over federation were sometimes incorrectly accepted into the room state. ([\#11001](https://github.com/matrix-org/synapse/issues/11001),
[\#11009](https://github.com/matrix-org/synapse/issues/11009), [\#11012](https://github.com/matrix-org/synapse/issues/11012))
- Fix 500 error on `/messages` when the server accumulates more than 5 backwards extremities at a given depth for a room. ([\#11027](https://github.com/matrix-org/synapse/issues/11027))
- Fix a bug where setting a user's `external_id` via the admin API returns 500 and deletes user's existing external mappings if that external ID is already mapped.
([\#11051](https://github.com/matrix-org/synapse/issues/11051))
- Fix a long-standing bug where users excluded from the user directory were added into the directory if they belonged to a room which became public or private.
([\#11075](https://github.com/matrix-org/synapse/issues/11075))
- Fix a long-standing bug when attempting to preview URLs which are in the `windows-1252` character encoding. ([\#11077](https://github.com/matrix-org/synapse/issues/11077),
[\#11089](https://github.com/matrix-org/synapse/issues/11089))
- Fix broken export-data admin command and add test script checking the command to CI. ([\#11078](https://github.com/matrix-org/synapse/issues/11078))
- Show an error when timestamp in seconds is provided to the `/purge_media_cache` Admin API. ([\#11101](https://github.com/matrix-org/synapse/issues/11101))
- Fix local users who left all their rooms being removed from the user directory, even if the `search_all_users` config option was enabled.
([\#11103](https://github.com/matrix-org/synapse/issues/11103))
- Fix a bug which caused the module API's `get_user_ip_and_agents` function to always fail on workers. `get_user_ip_and_agents` was introduced in 1.44.0 and did not function correctly on worker
processes at the time. ([\#11112](https://github.com/matrix-org/synapse/issues/11112))
- Identity server connection is no longer ignoring `ip_range_whitelist`. ([\#11120](https://github.com/matrix-org/synapse/issues/11120))
- Fix a bug introduced in Synapse 1.45.0 breaking the configuration file parsing script. ([\#11145](https://github.com/matrix-org/synapse/issues/11145))
- Fix a performance regression introduced in 1.44.0 which could cause client requests to time out when making large numbers of outbound requests.
([\#11177](https://github.com/matrix-org/synapse/issues/11177), [\#11190](https://github.com/matrix-org/synapse/issues/11190))
- Resolve and share `state_groups` for all [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) historical events in batch. ([\#10975](https://github.com/matrix-org/synapse/issues/10975))
Improved Documentation
----------------------
- Fix broken links relating to module API deprecation in the upgrade notes. ([\#11069](https://github.com/matrix-org/synapse/issues/11069))
- Add more information about what happens when a user is deactivated. ([\#11083](https://github.com/matrix-org/synapse/issues/11083))
- Clarify the the sample log config can be copied from the documentation without issue. ([\#11092](https://github.com/matrix-org/synapse/issues/11092))
- Update the admin API documentation with an updated list of the characters allowed in registration tokens. ([\#11093](https://github.com/matrix-org/synapse/issues/11093))
- Document Synapse's behaviour when dealing with multiple modules registering the same callbacks and/or handlers for the same HTTP endpoints.
([\#11096](https://github.com/matrix-org/synapse/issues/11096))
- Fix instances of `[example]{.title-ref}` in the upgrade documentation as a result of prior RST to Markdown conversion. ([\#11118](https://github.com/matrix-org/synapse/issues/11118))
- Document the version of Synapse each module callback was introduced in. ([\#11132](https://github.com/matrix-org/synapse/issues/11132))
- Document the version of Synapse that introduced each module API method. ([\#11183](https://github.com/matrix-org/synapse/issues/11183))
Internal Changes
----------------
- Fix spurious warnings about losing the logging context on the `ReplicationCommandHandler` when losing the replication connection. ([\#10984](https://github.com/matrix-org/synapse/issues/10984))
- Include rejected status when we log events. ([\#11008](https://github.com/matrix-org/synapse/issues/11008))
- Add some extra logging to the event persistence code. ([\#11014](https://github.com/matrix-org/synapse/issues/11014))
- Rearrange the internal workings of the incremental user directory updates. ([\#11035](https://github.com/matrix-org/synapse/issues/11035))
- Fix a long-standing bug where users excluded from the directory could still be added to the `users_who_share_private_rooms` table after a regular user joins a private room.
([\#11143](https://github.com/matrix-org/synapse/issues/11143))
- Add and improve type hints. ([\#10972](https://github.com/matrix-org/synapse/issues/10972), [\#11055](https://github.com/matrix-org/synapse/issues/11055),
[\#11066](https://github.com/matrix-org/synapse/issues/11066), [\#11076](https://github.com/matrix-org/synapse/issues/11076), [\#11095](https://github.com/matrix-org/synapse/issues/11095),
[\#11109](https://github.com/matrix-org/synapse/issues/11109), [\#11121](https://github.com/matrix-org/synapse/issues/11121), [\#11146](https://github.com/matrix-org/synapse/issues/11146))
- Mark the Synapse package as containing type annotations and fix export declarations so that Synapse pluggable modules may be type checked against Synapse.
([\#11054](https://github.com/matrix-org/synapse/issues/11054))
- Remove dead code from `MediaFilePaths`. ([\#11056](https://github.com/matrix-org/synapse/issues/11056))
- Be more lenient when parsing oEmbed response versions. ([\#11065](https://github.com/matrix-org/synapse/issues/11065))
- Create a separate module for the retention configuration. ([\#11070](https://github.com/matrix-org/synapse/issues/11070))
- Clean up some of the federation event authentication code for clarity. ([\#11115](https://github.com/matrix-org/synapse/issues/11115), [\#11116](https://github.com/matrix-org/synapse/issues/11116),
[\#11122](https://github.com/matrix-org/synapse/issues/11122))
- Add docstrings and comments to the application service ephemeral event sending code. ([\#11138](https://github.com/matrix-org/synapse/issues/11138))
- Update the `sign_json` script to support inline configuration of the signing key. ([\#11139](https://github.com/matrix-org/synapse/issues/11139))
- Fix broken link in the docker image README. ([\#11144](https://github.com/matrix-org/synapse/issues/11144))
- Always dump logs from unit tests during CI runs. ([\#11068](https://github.com/matrix-org/synapse/issues/11068))
- Add tests for `MediaFilePaths` class. ([\#11057](https://github.com/matrix-org/synapse/issues/11057))
- Simplify the user admin API tests. ([\#11048](https://github.com/matrix-org/synapse/issues/11048))
- Add a test for the workaround introduced in [\#11042](https://github.com/matrix-org/synapse/pull/11042) concerning the behaviour of third-party rule modules and `SynapseError`s.
([\#11071](https://github.com/matrix-org/synapse/issues/11071))
Synapse 1.45.1 (2021-10-20)
=============
Bugfixes
--------
- Revert change to counting of deactivated users towards the monthly active users limit, introduced in 1.45.0rc1. ([\#11127](https://github.com/matrix-org/synapse/issues/11127))
Synapse 1.45.0 (2021-10-19)
=============
No functional changes since Synapse 1.45.0rc2.
Known Issues
------------
- A suspected [performance regression](https://github.com/matrix-org/synapse/issues/11049) which was first reported after the release of 1.44.0 remains unresolved.
We have not been able to identify a probable cause. Affected users report that setting up a federation sender worker appears to alleviate symptoms of the regression.
Improved Documentation
----------------------
- Reword changelog to clarify concerns about a suspected performance regression in 1.44.0. ([\#11117](https://github.com/matrix-org/synapse/issues/11117))
Synapse 1.45.0rc2 (2021-10-14)
===============
This release candidate [fixes](https://github.com/matrix-org/synapse/issues/11053) a user directory [bug](https://github.com/matrix-org/synapse/issues/11025) present in 1.45.0rc1.
Known Issues
------------
- A suspected [performance regression](https://github.com/matrix-org/synapse/issues/11049) which was first reported after the release of 1.44.0 remains unresolved.
We have not been able to identify a probable cause. Affected users report that setting up a federation sender worker appears to alleviate symptoms of the regression.
Bugfixes
--------
- Fix a long-standing bug when using multiple event persister workers where events were not correctly sent down `/sync` due to a race. ([\#11045](https://github.com/matrix-org/synapse/issues/11045))
- Fix a bug introduced in Synapse 1.45.0rc1 where the user directory would stop updating if it processed an event from a
user not in the `users` table. ([\#11053](https://github.com/matrix-org/synapse/issues/11053))
- Fix a bug introduced in Synapse 1.44.0 when logging errors during oEmbed processing. ([\#11061](https://github.com/matrix-org/synapse/issues/11061))
Internal Changes
----------------
- Add an 'approximate difference' method to `StateFilter`. ([\#10825](https://github.com/matrix-org/synapse/issues/10825))
- Fix inconsistent behavior of `get_last_client_by_ip` when reporting data that has not been stored in the database yet. ([\#10970](https://github.com/matrix-org/synapse/issues/10970))
- Fix a bug introduced in Synapse 1.21.0 that causes opentracing and Prometheus metrics for replication requests to be measured incorrectly.
([\#10996](https://github.com/matrix-org/synapse/issues/10996))
- Ensure that cache config tests do not share state. ([\#11036](https://github.com/matrix-org/synapse/issues/11036))
Synapse 1.45.0rc1 (2021-10-12)
===============
**Note:** Media storage providers module that read from Synapse's configuration need changes as of this version, see the [upgrade
notes](https://matrix-org.github.io/synapse/develop/upgrade#upgrading-to-v1450) for more information.
Known Issues
------------
- We are investigating [a performance issue](https://github.com/matrix-org/synapse/issues/11049) which was reported after the release of 1.44.0.
- We are aware of [a bug](https://github.com/matrix-org/synapse/issues/11025) with the user directory when using application services. A second release candidate is expected which will resolve this.
Features
--------
- Add [MSC3069](https://github.com/matrix-org/matrix-doc/pull/3069) support to `/account/whoami`. ([\#9655](https://github.com/matrix-org/synapse/issues/9655))
- Support autodiscovery of oEmbed previews. ([\#10822](https://github.com/matrix-org/synapse/issues/10822))
- Add a `user_may_send_3pid_invite` spam checker callback for modules to allow or deny 3PID invites. ([\#10894](https://github.com/matrix-org/synapse/issues/10894))
- Add a spam checker callback to allow or deny room joins. ([\#10910](https://github.com/matrix-org/synapse/issues/10910))
- Include an `update_synapse_database` script in the distribution. Contributed by @Fizzadar at Beeper. ([\#10954](https://github.com/matrix-org/synapse/issues/10954))
- Include exception information in JSON logging output. Contributed by @Fizzadar at Beeper. ([\#11028](https://github.com/matrix-org/synapse/issues/11028))
Bugfixes
--------
- Fix a minor bug in the response to `/_matrix/client/r0/voip/turnServer`. Contributed by @lukaslihotzki. ([\#10922](https://github.com/matrix-org/synapse/issues/10922))
- Fix a bug where empty `yyyy-mm-dd/` directories would be left behind in the media store's `url_cache_thumbnails/` directory. ([\#10924](https://github.com/matrix-org/synapse/issues/10924))
- Fix a bug introduced in Synapse v1.40.0 where the signature checks for room version 8 and 9 could be applied to earlier room versions in some situations.
([\#10927](https://github.com/matrix-org/synapse/issues/10927))
- Fix a long-standing bug wherein deactivated users still count towards the monthly active users limit. ([\#10947](https://github.com/matrix-org/synapse/issues/10947))
- Fix a long-standing bug which meant that events received over federation were sometimes incorrectly accepted into the room state. ([\#10956](https://github.com/matrix-org/synapse/issues/10956))
- Fix a long-standing bug where rebuilding the user directory wouldn't exclude support and deactivated users. ([\#10960](https://github.com/matrix-org/synapse/issues/10960))
- Fix [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) `/batch_send` endpoint rejecting subsequent batches with unknown batch ID error in existing room versions from the room creator.
([\#10962](https://github.com/matrix-org/synapse/issues/10962))
- Fix a bug that could leak local users' per-room nicknames and avatars when the user directory is rebuilt. ([\#10981](https://github.com/matrix-org/synapse/issues/10981))
- Fix a long-standing bug where the remainder of a batch of user directory changes would be silently dropped if the server left a room early in the batch.
([\#10982](https://github.com/matrix-org/synapse/issues/10982))
- Correct a bugfix introduced in Synapse v1.44.0 that would catch the wrong error if a connection is lost before a response could be written to it.
([\#10995](https://github.com/matrix-org/synapse/issues/10995))
- Fix a long-standing bug where local users' per-room nicknames/avatars were visible to anyone who could see you in the user directory. ([\#11002](https://github.com/matrix-org/synapse/issues/11002))
- Fix a long-standing bug where a user's per-room nickname/avatar would overwrite their profile in the user directory when a room was made public.
([\#11003](https://github.com/matrix-org/synapse/issues/11003))
- Work around a regression, introduced in Synapse v1.39.0, that caused `SynapseError`s raised by the experimental third-party rules module callback `check_event_allowed` to be ignored.
([\#11042](https://github.com/matrix-org/synapse/issues/11042))
- Fix a bug in [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) insertion events in rooms that could cause cross-talk/conflicts between batches.
([\#10877](https://github.com/matrix-org/synapse/issues/10877))
Improved Documentation
----------------------
- Change wording ("reference homeserver") in Synapse repository documentation. Contributed by @maxkratz. ([\#10971](https://github.com/matrix-org/synapse/issues/10971))
- Fix a dead URL in development documentation (SAML) and change wording from "Riot" to "Element". Contributed by @maxkratz. ([\#10973](https://github.com/matrix-org/synapse/issues/10973))
- Add additional content to the Welcome and Overview page of the documentation. ([\#10990](https://github.com/matrix-org/synapse/issues/10990))
- Update links to MSCs in documentation. Contributed by @dklimpel. ([\#10991](https://github.com/matrix-org/synapse/issues/10991))
Internal Changes
----------------
- Improve type hinting in `synapse.util`. ([\#10888](https://github.com/matrix-org/synapse/issues/10888))
- Add further type hints to `synapse.storage.util`. ([\#10892](https://github.com/matrix-org/synapse/issues/10892))
- Fix type hints to be compatible with an upcoming change to Twisted. ([\#10895](https://github.com/matrix-org/synapse/issues/10895))
- Update utility code to handle C implementations of frozendict. ([\#10902](https://github.com/matrix-org/synapse/issues/10902))
- Drop old functionality which maintained database compatibility with Synapse versions before v1.31. ([\#10903](https://github.com/matrix-org/synapse/issues/10903))
- Clean-up configuration helper classes for the `ServerConfig` class. ([\#10915](https://github.com/matrix-org/synapse/issues/10915))
- Use direct references to config flags. ([\#10916](https://github.com/matrix-org/synapse/issues/10916), [\#10959](https://github.com/matrix-org/synapse/issues/10959),
[\#10985](https://github.com/matrix-org/synapse/issues/10985))
- Clean up some of the federation event authentication code for clarity. ([\#10926](https://github.com/matrix-org/synapse/issues/10926), [\#10940](https://github.com/matrix-org/synapse/issues/10940),
[\#10986](https://github.com/matrix-org/synapse/issues/10986), [\#10987](https://github.com/matrix-org/synapse/issues/10987), [\#10988](https://github.com/matrix-org/synapse/issues/10988),
[\#11010](https://github.com/matrix-org/synapse/issues/11010), [\#11011](https://github.com/matrix-org/synapse/issues/11011))
- Refactor various parts of the codebase to use `RoomVersion` objects instead of room version identifier strings. ([\#10934](https://github.com/matrix-org/synapse/issues/10934))
- Refactor user directory tests in preparation for upcoming changes. ([\#10935](https://github.com/matrix-org/synapse/issues/10935))
- Include the event id in the logcontext when handling PDUs received over federation. ([\#10936](https://github.com/matrix-org/synapse/issues/10936))
- Fix logged errors in unit tests. ([\#10939](https://github.com/matrix-org/synapse/issues/10939))
- Fix a broken test to ensure that consent configuration works during registration. ([\#10945](https://github.com/matrix-org/synapse/issues/10945))
- Add type hints to filtering classes. ([\#10958](https://github.com/matrix-org/synapse/issues/10958))
- Add type-hint to `HomeserverTestcase.setup_test_homeserver`. ([\#10961](https://github.com/matrix-org/synapse/issues/10961))
- Fix the test utility function `create_room_as` so that `is_public=True` will explicitly set the `visibility` parameter of room creation requests to `public`. Contributed by @AndrewFerr.
([\#10963](https://github.com/matrix-org/synapse/issues/10963))
- Make the release script more robust and transparent. ([\#10966](https://github.com/matrix-org/synapse/issues/10966))
- Refactor [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) `/batch_send` mega function into smaller handler functions. ([\#10974](https://github.com/matrix-org/synapse/issues/10974))
- Log stack traces when a missing opentracing span is detected. ([\#10983](https://github.com/matrix-org/synapse/issues/10983))
- Update GHA config to run tests against Python 3.10 and PostgreSQL 14. ([\#10992](https://github.com/matrix-org/synapse/issues/10992))
- Fix a long-standing bug where `ReadWriteLock`s could drop logging contexts on exit. ([\#10993](https://github.com/matrix-org/synapse/issues/10993))
- Add a `CODEOWNERS` file to automatically request reviews from the `@matrix-org/synapse-core` team on new pull requests. ([\#10994](https://github.com/matrix-org/synapse/issues/10994))
- Add further type hints to `synapse.state`. ([\#11004](https://github.com/matrix-org/synapse/issues/11004))
- Remove the deprecated `BaseHandler` object. ([\#11005](https://github.com/matrix-org/synapse/issues/11005))
- Bump mypy version for CI to 0.910, and pull in new type stubs for dependencies. ([\#11006](https://github.com/matrix-org/synapse/issues/11006))
- Fix CI to run the unit tests without optional deps. ([\#11017](https://github.com/matrix-org/synapse/issues/11017))
- Ensure that cache config tests do not share state. ([\#11019](https://github.com/matrix-org/synapse/issues/11019))
- Add additional type hints to `synapse.server_notices`. ([\#11021](https://github.com/matrix-org/synapse/issues/11021))
- Add additional type hints for `synapse.push`. ([\#11023](https://github.com/matrix-org/synapse/issues/11023))
- When installing the optional developer dependencies, also include the dependencies needed for type-checking and unit testing. ([\#11034](https://github.com/matrix-org/synapse/issues/11034))
- Remove unnecessary list comprehension from `synapse_port_db` to satisfy code style requirements. ([\#11043](https://github.com/matrix-org/synapse/issues/11043))
Synapse 1.44.0 (2021-10-05)
=============
No significant changes since 1.44.0rc3.
Synapse 1.44.0rc3 (2021-10-04)
===============
Bugfixes
--------
- Fix a bug introduced in Synapse v1.40.0 where changing a user's display name or avatar in a restricted room would cause an authentication error.
([\#10933](https://github.com/matrix-org/synapse/issues/10933))
- Fix `/admin/whois/{user_id}` endpoint, which was broken in v1.44.0rc1. ([\#10968](https://github.com/matrix-org/synapse/issues/10968))
Synapse 1.44.0rc2 (2021-09-30)
===============
Bugfixes
--------
- Fix a bug introduced in v1.44.0rc1 which caused the experimental [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) `/batch_send` endpoint to return a 500 error.
([\#10938](https://github.com/matrix-org/synapse/issues/10938))
- Fix a bug introduced in v1.44.0rc1 which prevented sending presence events to application services. ([\#10944](https://github.com/matrix-org/synapse/issues/10944))
Improved Documentation
----------------------
- Minor updates to the installation instructions. ([\#10919](https://github.com/matrix-org/synapse/issues/10919))
Synapse 1.44.0rc1 (2021-09-29)
===============
Features
--------
- Only allow the [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) `/batch_send?chunk_id=xxx` endpoint to connect to an already existing insertion event.
([\#10776](https://github.com/matrix-org/synapse/issues/10776))
- Improve oEmbed URL previews by processing the author name, photo, and video information. ([\#10814](https://github.com/matrix-org/synapse/issues/10814),
[\#10819](https://github.com/matrix-org/synapse/issues/10819))
- Speed up responding with large JSON objects to requests. ([\#10868](https://github.com/matrix-org/synapse/issues/10868), [\#10905](https://github.com/matrix-org/synapse/issues/10905))
- Add a `user_may_create_room_with_invites` spam checker callback to allow modules to allow or deny a room creation request based on the invites and/or 3PID invites it includes.
([\#10898](https://github.com/matrix-org/synapse/issues/10898))
Bugfixes
--------
- Fix a long-standing bug that caused an `AssertionError` when purging history in certain rooms. Contributed by @Kokokokoka. ([\#10690](https://github.com/matrix-org/synapse/issues/10690))
- Fix a long-standing bug which caused deactivated users that were later reactivated to be missing from the user directory. ([\#10782](https://github.com/matrix-org/synapse/issues/10782))
- Fix a long-standing bug that caused unbanning a user by sending a membership event to fail. Contributed by @aaronraimist. ([\#10807](https://github.com/matrix-org/synapse/issues/10807))
- Fix a long-standing bug where logging contexts would go missing when federation requests time out. ([\#10810](https://github.com/matrix-org/synapse/issues/10810))
- Fix a long-standing bug causing an error in the deprecated `/initialSync` endpoint when using the undocumented `from` and `to` parameters.
([\#10827](https://github.com/matrix-org/synapse/issues/10827))
- Fix a bug causing the `remove_stale_pushers` background job to repeatedly fail and log errors. This bug affected Synapse servers that had been upgraded from version 1.28 or older and are using
SQLite. ([\#10843](https://github.com/matrix-org/synapse/issues/10843))
- Fix a long-standing bug in Unicode support of the room search admin API breaking search for rooms with non-ASCII characters. ([\#10859](https://github.com/matrix-org/synapse/issues/10859))
- Fix a bug introduced in Synapse 1.37.0 which caused `knock` membership events which we sent to remote servers to be incorrectly stored in the local database.
([\#10873](https://github.com/matrix-org/synapse/issues/10873))
- Fix invalidating one-time key count cache after claiming keys. The bug was introduced in Synapse v1.41.0. Contributed by Tulir at Beeper.
([\#10875](https://github.com/matrix-org/synapse/issues/10875))
- Fix a long-standing bug causing application service users to be subject to MAU blocking if the MAU limit had been reached, even if configured not to be blocked.
([\#10881](https://github.com/matrix-org/synapse/issues/10881))
- Fix a long-standing bug which could cause events pulled over federation to be incorrectly rejected. ([\#10907](https://github.com/matrix-org/synapse/issues/10907))
- Fix a long-standing bug causing URL cache files to be stored in storage providers. Server admins may safely delete the `url_cache/` and `url_cache_thumbnails/` directories from any configured
storage providers to reclaim space. ([\#10911](https://github.com/matrix-org/synapse/issues/10911))
- Fix a long-standing bug leading to race conditions when creating media store and config directories. ([\#10913](https://github.com/matrix-org/synapse/issues/10913))
Improved Documentation
----------------------
- Fix some crashes in the Module API example code, by adding JSON encoding/decoding. ([\#10845](https://github.com/matrix-org/synapse/issues/10845))
- Add developer documentation about experimental configuration flags. ([\#10865](https://github.com/matrix-org/synapse/issues/10865))
- Properly remove deleted files from GitHub pages when generating the documentation. ([\#10869](https://github.com/matrix-org/synapse/issues/10869))
Internal Changes
----------------
- Fix GitHub Actions config so we can run sytest on synapse from parallel branches. ([\#10659](https://github.com/matrix-org/synapse/issues/10659))
- Split out [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) meta events to their own fields in the `/batch_send` response. ([\#10777](https://github.com/matrix-org/synapse/issues/10777))
- Add missing type hints to REST servlets. ([\#10785](https://github.com/matrix-org/synapse/issues/10785), [\#10817](https://github.com/matrix-org/synapse/issues/10817))
- Simplify the internal logic which maintains the user directory database tables. ([\#10796](https://github.com/matrix-org/synapse/issues/10796))
- Use direct references to config flags. ([\#10812](https://github.com/matrix-org/synapse/issues/10812), [\#10885](https://github.com/matrix-org/synapse/issues/10885),
[\#10893](https://github.com/matrix-org/synapse/issues/10893), [\#10897](https://github.com/matrix-org/synapse/issues/10897))
- Specify the type of token in generic "Invalid token" error messages. ([\#10815](https://github.com/matrix-org/synapse/issues/10815))
- Make `StateFilter` frozen so it is hashable. ([\#10816](https://github.com/matrix-org/synapse/issues/10816))
- Fix a long-standing bug where an `m.room.message` event containing a null byte would cause an internal server error. ([\#10820](https://github.com/matrix-org/synapse/issues/10820))
- Add type hints to the state database. ([\#10823](https://github.com/matrix-org/synapse/issues/10823))
- Opt out of cache expiry for `get_users_who_share_room_with_user`, to hopefully improve `/sync` performance when you
haven't synced recently. ([\#10826](https://github.com/matrix-org/synapse/issues/10826))
- Track cache eviction rates more finely in Prometheus's monitoring. ([\#10829](https://github.com/matrix-org/synapse/issues/10829))
- Add missing type hints to `synapse.handlers`. ([\#10831](https://github.com/matrix-org/synapse/issues/10831), [\#10856](https://github.com/matrix-org/synapse/issues/10856))
- Extend the Module API to let plug-ins check whether an ID is local and to access IP + User Agent data. ([\#10833](https://github.com/matrix-org/synapse/issues/10833))
- Factor out PNG image data to a constant to be used in several tests. ([\#10834](https://github.com/matrix-org/synapse/issues/10834))
- Add a test to ensure state events sent by modules get persisted correctly. ([\#10835](https://github.com/matrix-org/synapse/issues/10835))
- Rename [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) fields and event types from `chunk` to `batch` to match the `/batch_send` endpoint.
([\#10838](https://github.com/matrix-org/synapse/issues/10838))
- Rename [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) `/batch_send` query parameter from `?prev_event` to more obvious usage with `?prev_event_id`.
([\#10839](https://github.com/matrix-org/synapse/issues/10839))
- Add type hints to `synapse.http.site`. ([\#10867](https://github.com/matrix-org/synapse/issues/10867))
- Include outlier status when we log V2 or V3 events. ([\#10879](https://github.com/matrix-org/synapse/issues/10879))
- Break down Grafana's cache expiry time series based on reason for eviction, c.f. [\#10829](https://github.com/matrix-org/synapse/issues/10829).
([\#10880](https://github.com/matrix-org/synapse/issues/10880))
- Clean up some of the federation event authentication code for clarity. ([\#10883](https://github.com/matrix-org/synapse/issues/10883), [\#10884](https://github.com/matrix-org/synapse/issues/10884),
[\#10896](https://github.com/matrix-org/synapse/issues/10896), [\#10901](https://github.com/matrix-org/synapse/issues/10901))
- Allow the `.` and `~` characters when creating registration tokens as per the change to [MSC3231](https://github.com/matrix-org/matrix-doc/pull/3231).
([\#10887](https://github.com/matrix-org/synapse/issues/10887))
- Clean up some unnecessary parentheses in places around the codebase. ([\#10889](https://github.com/matrix-org/synapse/issues/10889))
- Improve type hinting in the user directory code. ([\#10891](https://github.com/matrix-org/synapse/issues/10891))
- Update development testing script `test_postgresql.sh` to use a supported Python version and make re-runs quicker. ([\#10906](https://github.com/matrix-org/synapse/issues/10906))
- Document and summarize changes in schema version `61` – `64`. ([\#10917](https://github.com/matrix-org/synapse/issues/10917))
- Update release script to sign the newly created git tags. ([\#10925](https://github.com/matrix-org/synapse/issues/10925))
- Fix Debian builds due to `dh-virtualenv` no longer being able to build their docs. ([\#10931](https://github.com/matrix-org/synapse/issues/10931))
To generate a diff of this commit:
cvs rdiff -u -r1.34 -r1.35 pkgsrc/chat/matrix-synapse/Makefile
cvs rdiff -u -r1.18 -r1.19 pkgsrc/chat/matrix-synapse/PLIST
cvs rdiff -u -r1.26 -r1.27 pkgsrc/chat/matrix-synapse/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: gdt
Date: Tue Nov 23 12:47:51 UTC 2021
Modified Files:
pkgsrc/chat/matrix-synapse: Makefile distinfo
Log Message:
chat/matrix-synapse: Update to 1.47.1 (security)
Synapse 1.47.1 (2021-11-23)
======This release fixes a security issue in the media store, affecting all prior releases of Synapse. Server administrators are encouraged to update Synapse as soon as possible. We are not aware of these vulnerabilities being exploited in the wild.
Server administrators who are unable to update Synapse may use the workarounds described in the linked GitHub Security Advisory below.
Security advisory
-----------------
The following issue is fixed in 1.47.1.
- **[GHSA-3hfw-x7gx-437c](https://github.com/matrix-org/synapse/security/advisories/GHSA-3hfw-x7gx-437c) / [CVE-2021-41281](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41281): Path traversal when downloading remote media.**
Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory, potentially outside the media store directory.
The last two directories and file name of the path are chosen randomly by Synapse and cannot be controlled by an attacker, which limits the impact.
Homeservers with the media repository disabled are unaffected. Homeservers configured with a federation whitelist are also unaffected.
Fixed by [91f2bd090](https://github.com/matrix-org/synapse/commit/91f2bd090).
To generate a diff of this commit:
cvs rdiff -u -r1.35 -r1.36 pkgsrc/chat/matrix-synapse/Makefile
cvs rdiff -u -r1.27 -r1.28 pkgsrc/chat/matrix-synapse/distinfo
|
|
|
|
databases/postgresql: security fix
Revisions pulled up:
- databases/postgresql10-docs/PLIST 1.20
- databases/postgresql10-server/PLIST 1.10
- databases/postgresql10/Makefile 1.27
- databases/postgresql10/Makefile.common 1.31
- databases/postgresql10/distinfo 1.25
- databases/postgresql11-docs/PLIST 1.15
- databases/postgresql11-server/PLIST 1.5
- databases/postgresql11/Makefile.common 1.24
- databases/postgresql11/distinfo 1.20
- databases/postgresql12-docs/PLIST 1.10
- databases/postgresql12-server/PLIST 1.6
- databases/postgresql12/Makefile 1.18
- databases/postgresql12/Makefile.common 1.17
- databases/postgresql12/distinfo 1.14
- databases/postgresql13-client/PLIST 1.5
- databases/postgresql13-docs/PLIST 1.6
- databases/postgresql13-server/PLIST 1.4
- databases/postgresql13/Makefile 1.9
- databases/postgresql13/Makefile.common 1.10
- databases/postgresql13/distinfo 1.10
- databases/postgresql96-docs/PLIST 1.24
- databases/postgresql96-server/PLIST 1.9
- databases/postgresql96/Makefile 1.16
- databases/postgresql96/Makefile.common 1.36
- databases/postgresql96/distinfo 1.29
---
Module Name: pkgsrc
Committed By: adam
Date: Tue Nov 16 10:14:39 UTC 2021
Modified Files:
pkgsrc/databases/postgresql10: Makefile.common distinfo
pkgsrc/databases/postgresql10-docs: PLIST
pkgsrc/databases/postgresql10-server: PLIST
pkgsrc/databases/postgresql11: Makefile.common distinfo
pkgsrc/databases/postgresql11-docs: PLIST
pkgsrc/databases/postgresql11-server: PLIST
pkgsrc/databases/postgresql12: Makefile.common distinfo
pkgsrc/databases/postgresql12-docs: PLIST
pkgsrc/databases/postgresql12-server: PLIST
pkgsrc/databases/postgresql13: Makefile.common distinfo
pkgsrc/databases/postgresql13-client: PLIST
pkgsrc/databases/postgresql13-docs: PLIST
pkgsrc/databases/postgresql13-server: PLIST
pkgsrc/databases/postgresql96: Makefile.common distinfo
pkgsrc/databases/postgresql96-docs: PLIST
pkgsrc/databases/postgresql96-server: PLIST
Log Message:
postgresql: updated to 13.5, 12.9, 11.14, 10.19, 9.6.24
PostgreSQL 13.5, 12.9, 11.14, 10.19, and 9.6.24
Security Issues
CVE-2021-23214: Server processes unencrypted bytes from man-in-the-middle
Versions Affected: 9.6 - 14. The security team typically does not test
unsupported versions, but this problem is quite old.
When the server is configured to use trust authentication with a
clientcert requirement or to use cert authentication, a
man-in-the-middle attacker can inject arbitrary SQL queries when a
connection is first established, despite the use of SSL certificate
verification and encryption.
The PostgreSQL project thanks Jacob Champion for reporting this problem.
CVE-2021-23222: libpq processes unencrypted bytes from man-in-the-middle
Versions Affected: 9.6 - 14. The security team typically does not test
unsupported versions, but this problem is quite old.
A man-in-the-middle attacker can inject false responses to the
client's first few queries, despite the use of SSL certificate
verification and encryption.
If more preconditions hold, the attacker can exfiltrate the client's
password or other confidential data that might be transmitted early in
a session. The attacker must have a way to trick the client's intended
server into making the confidential data accessible to the attacker. A
known implementation having that property is a PostgreSQL
configuration vulnerable to CVE-2021-23214.
As with any exploitation of CVE-2021-23214, the server must be using
trust authentication with a clientcert requirement or using cert
authentication. To disclose a password, the client must be in
possession of a password, which is atypical when using an
authentication configuration vulnerable to CVE-2021-23214. The
attacker must have some other way to access the server to retrieve the
exfiltrated data (a valid, unprivileged login account would be
sufficient).
The PostgreSQL project thanks Jacob Champion for reporting this problem.
Bug Fixes and Improvements
This update fixes over 40 bugs that were reported in the last several
months. The issues listed below affect PostgreSQL 14. Some of these
issues may also affect other supported versions of PostgreSQL.
Some of these fixes include:
Fix physical replication for cases where the primary crashes after
shipping a WAL segment that ends with a partial WAL record. When
applying this update, update your standby servers before the primary
so that they will be ready to handle the fix if the primary happens to
crash.
Fix parallel VACUUM so that it will process indexes below the
min_parallel_index_scan_size threshold if the table has at least two
indexes that are above that size. This problem does not affect
autovacuum. If you are affected by this issue, you should reindex any
manually-vacuumed tables.
Fix causes of CREATE INDEX CONCURRENTLY and REINDEX CONCURRENTLY
writing corrupt indexes. You should reindex any concurrently-built
indexes.
Fix for attaching/detaching a partition that could allow certain
INSERT/UPDATE queries to misbehave in active sessions.
Fix for creating a new range type with CREATE TYPE that could cause
problems for later event triggers or subsequent executions of the
CREATE TYPE command.
Fix updates of element fields in arrays of a domain that is a part of
a composite.
Disallow the combination of FETCH FIRST WITH TIES and FOR UPDATE SKIP LOCKED.
Fix corner-case loss of precision in the numeric power() function.
Fix restoration of a Portal's snapshot inside a subtransaction, which
could lead to a crash. For example, this could occur in PL/pgSQL when
a COMMIT is immediately followed by a BEGIN ... EXCEPTION block that
performs a query.
Clean up correctly if a transaction fails after exporting its
snapshot. This could occur if a replication slot was created then
rolled back, and then another replication slot was created in the same
session.
Fix for "overflowed-subtransaction" wraparound tracking on standby
servers that could lead to performance degradation.
Ensure that prepared transactions are properly accounted for during
promotion of a standby server.
Ensure that the correct lock level is used when renaming a table.
Avoid crash when dropping a role that owns objects being dropped concurrently.
Disallow setting huge_pages to on when shared_memory_type is sysv
Fix query type checking in the PL/pgSQL RETURN QUERY.
Several fixes for pg_dump, including the ability to dump non-global
default privileges correctly.
Use the CLDR project's data to map Windows time zone names to IANA time zones.
This update also contains tzdata release 2021e for DST law changes in
Fiji, Jordan, Palestine, and Samoa, plus historical corrections for
Barbados, Cook Islands, Guyana, Niue, Portugal, and Tonga.
Also, the Pacific/Enderbury zone has been renamed to Pacific/Kanton.
Also, the following zones have been merged into nearby, more-populous
zones whose clocks have agreed with them since 1970: Africa/Accra,
America/Atikokan, America/Blanc-Sablon, America/Creston,
America/Curacao, America/Nassau, America/Port_of_Spain,
Antarctica/DumontDUrville, and Antarctica/Syowa. In all these cases,
the previous zone name remains as an alias.
---
Module Name: pkgsrc
Committed By: adam
Date: Tue Nov 16 10:17:40 UTC 2021
Modified Files:
pkgsrc/databases/postgresql10: Makefile
pkgsrc/databases/postgresql12: Makefile
pkgsrc/databases/postgresql13: Makefile
pkgsrc/databases/postgresql96: Makefile
Log Message:
postgresqlNN: reset revision
|
|
|
|
net/samba4: security fix
Revisions pulled up:
- net/samba4/Makefile 1.130-1.132
- net/samba4/PLIST 1.39-1.40
- net/samba4/distinfo 1.67,1.69
---
Module Name: pkgsrc
Committed By: adam
Date: Wed Sep 29 19:01:31 UTC 2021
Modified Files:
pkgsrc/archivers/ark: Makefile
pkgsrc/archivers/innoextract: Makefile
pkgsrc/archivers/libcomprex: Makefile buildlink3.mk
pkgsrc/archivers/libzip: Makefile buildlink3.mk
pkgsrc/archivers/php-pecl-zip: Makefile
pkgsrc/archivers/php-zip: Makefile
pkgsrc/audio/ardour: Makefile
pkgsrc/audio/ario: Makefile
pkgsrc/audio/audacious-plugins: Makefile
pkgsrc/audio/bmp-scrobbler: Makefile
pkgsrc/audio/cmusfm: Makefile
pkgsrc/audio/csound6: Makefile
pkgsrc/audio/din: Makefile
pkgsrc/audio/flactag: Makefile
pkgsrc/audio/forked-daapd: Makefile
pkgsrc/audio/gbemol: Makefile
pkgsrc/audio/glyr: Makefile buildlink3.mk
pkgsrc/audio/grip: Makefile
pkgsrc/audio/herrie: Makefile
pkgsrc/audio/hydrogen: Makefile
pkgsrc/audio/icecast: Makefile
pkgsrc/audio/jack-rack: Makefile
pkgsrc/audio/libmusicbrainz: Makefile buildlink3.mk
pkgsrc/audio/libmusicbrainz5: Makefile buildlink3.mk
pkgsrc/audio/libofa: Makefile
pkgsrc/audio/mad123: Makefile
pkgsrc/audio/moc: Makefile
pkgsrc/audio/mp3diags: Makefile
pkgsrc/audio/mpdas: Makefile
pkgsrc/audio/musicpd: Makefile
pkgsrc/audio/ncmpcpp: Makefile
pkgsrc/audio/pianobar: Makefile
pkgsrc/audio/pragha: Makefile
pkgsrc/audio/qmmp: Makefile
pkgsrc/audio/sound-juicer: Makefile
pkgsrc/audio/strawberry: Makefile
pkgsrc/audio/streamtuner: Makefile buildlink3.mk
pkgsrc/audio/terminatorx: Makefile
pkgsrc/audio/tremor-tools: Makefile
pkgsrc/audio/vimpc: Makefile
pkgsrc/audio/vorbis-tools: Makefile
pkgsrc/biology/canu: Makefile
pkgsrc/biology/coordgenlibs: Makefile buildlink3.mk
pkgsrc/biology/htslib: Makefile
pkgsrc/biology/maeparser: Makefile buildlink3.mk
pkgsrc/biology/ncbi-blast+: Makefile
pkgsrc/biology/openbabel: Makefile
pkgsrc/cad/kicad: Makefile
pkgsrc/cad/librecad: Makefile
pkgsrc/cad/openscad: Makefile
pkgsrc/chat/anope: Makefile
pkgsrc/chat/bitlbee: Makefile
pkgsrc/chat/centerim: Makefile
pkgsrc/chat/ctrlproxy: Makefile
pkgsrc/chat/ekg: Makefile
pkgsrc/chat/farstream: Makefile
pkgsrc/chat/gloox: Makefile
pkgsrc/chat/ircd-hybrid: Makefile
pkgsrc/chat/konversation: Makefile
pkgsrc/chat/ktp-accounts-kcm: Makefile
pkgsrc/chat/ktp-approver: Makefile
pkgsrc/chat/ktp-auth-handler: Makefile
pkgsrc/chat/ktp-common-internals: Makefile buildlink3.mk
pkgsrc/chat/ktp-contact-list: Makefile
pkgsrc/chat/ktp-contact-runner: Makefile
pkgsrc/chat/ktp-desktop-applets: Makefile
pkgsrc/chat/ktp-filetransfer-handler: Makefile
pkgsrc/chat/ktp-kded-integration-module: Makefile
pkgsrc/chat/ktp-send-file: Makefile
pkgsrc/chat/ktp-text-ui: Makefile
pkgsrc/chat/libgadu: Makefile buildlink3.mk
pkgsrc/chat/libpurple: Makefile
pkgsrc/chat/mumble: Makefile
pkgsrc/chat/profanity: Makefile
pkgsrc/chat/scrollz: Makefile
pkgsrc/chat/spectrum: Makefile
pkgsrc/chat/swift: Makefile
pkgsrc/chat/telepathy-gabble: Makefile
pkgsrc/chat/unrealircd: Makefile
pkgsrc/chat/weechat: Makefile
pkgsrc/chat/znc: Makefile
pkgsrc/comms/asterisk13: Makefile
pkgsrc/comms/asterisk16: Makefile
pkgsrc/comms/asterisk18: Makefile
pkgsrc/comms/gammu: Makefile
pkgsrc/converters/libabw: Makefile buildlink3.mk
pkgsrc/converters/libcdr: Makefile buildlink3.mk
pkgsrc/converters/libe-book: Makefile buildlink3.mk
pkgsrc/converters/libepubgen: Makefile buildlink3.mk
pkgsrc/converters/libetonyek: Makefile buildlink3.mk
pkgsrc/converters/libfreehand: Makefile buildlink3.mk
pkgsrc/converters/libmspub: Makefile buildlink3.mk
pkgsrc/converters/libmwaw: Makefile buildlink3.mk
pkgsrc/converters/libpagemaker: Makefile buildlink3.mk
pkgsrc/converters/libqxp: Makefile buildlink3.mk
pkgsrc/converters/librevenge: Makefile buildlink3.mk
pkgsrc/converters/libstaroffice: Makefile
pkgsrc/converters/libvisio: Makefile buildlink3.mk
pkgsrc/converters/libwpd: Makefile buildlink3.mk
pkgsrc/converters/libwpg: Makefile buildlink3.mk
pkgsrc/converters/libwps: Makefile buildlink3.mk
pkgsrc/converters/libzmf: Makefile
pkgsrc/converters/orcus: Makefile
pkgsrc/converters/rss2html: Makefile
pkgsrc/databases/couchdb: Makefile
pkgsrc/databases/freetds: Makefile buildlink3.mk
pkgsrc/databases/libcassandra: Makefile
pkgsrc/databases/mariadb104-client: Makefile
pkgsrc/databases/mariadb104-server: Makefile
pkgsrc/databases/mariadb105-client: Makefile
pkgsrc/databases/mariadb105-server: Makefile
pkgsrc/databases/mariadb106-client: Makefile
pkgsrc/databases/mariadb106-server: Makefile
pkgsrc/databases/mongodb: Makefile
pkgsrc/databases/mongodb3: Makefile
pkgsrc/databases/mysql-workbench: Makefile
pkgsrc/databases/mysql57-client: Makefile
pkgsrc/databases/mysql57-server: Makefile
pkgsrc/databases/p5-DBD-Sybase: Makefile
pkgsrc/databases/p5-sqlrelay: Makefile
pkgsrc/databases/p5-sybperl: Makefile
pkgsrc/databases/php-mssql: Makefile
pkgsrc/databases/php-pdo_dblib: Makefile
pkgsrc/databases/php-sqlrelay: Makefile
pkgsrc/databases/postgresql-postgis2: Makefile
pkgsrc/databases/py-mssql: Makefile
pkgsrc/databases/py-sqlrelay: Makefile
pkgsrc/databases/py-sybase: Makefile
pkgsrc/databases/qore-freetds-module: Makefile
pkgsrc/databases/ruby-sqlrelay: Makefile
pkgsrc/databases/ruby-tiny_tds: Makefile
pkgsrc/databases/soci: Makefile
pkgsrc/databases/sqlrelay: Makefile buildlink3.mk
pkgsrc/databases/sqlrelay-freetds: Makefile
pkgsrc/databases/sqlrelay-mysql: Makefile
pkgsrc/databases/sqlrelay-nodejs: Makefile
pkgsrc/databases/sqlrelay-odbc: Makefile
pkgsrc/databases/sqlrelay-pgsql: Makefile
pkgsrc/databases/sqlrelay-sqlite: Makefile
pkgsrc/databases/sqsh: Makefile
pkgsrc/databases/virtuoso: Makefile
pkgsrc/devel/aegis: Makefile
pkgsrc/devel/cfitsio: Makefile
pkgsrc/devel/cmake: Makefile
pkgsrc/devel/cmake-gui: Makefile
pkgsrc/devel/darcs: Makefile
pkgsrc/devel/ecore: Makefile buildlink3.mk
pkgsrc/devel/eio: Makefile buildlink3.mk
pkgsrc/devel/exempi: Makefile
pkgsrc/devel/fifengine: Makefile
pkgsrc/devel/gearmand: Makefile buildlink3.mk
pkgsrc/devel/git-base: Makefile
pkgsrc/devel/gnustep-base: Makefile
pkgsrc/devel/kdesdk-kioslaves: Makefile
pkgsrc/devel/kdesdk-strigi-analyzers: Makefile
pkgsrc/devel/kdesdk-thumbnailers: Makefile
pkgsrc/devel/kdevelop4: Makefile
pkgsrc/devel/kdevplatform: Makefile
pkgsrc/devel/kio-extras: Makefile
pkgsrc/devel/libcutl: Makefile
pkgsrc/devel/libftdi1: Makefile
pkgsrc/devel/libgit2: Makefile
pkgsrc/devel/libkgapi: Makefile
pkgsrc/devel/librelp: Makefile buildlink3.mk
pkgsrc/devel/libthrift: Makefile
pkgsrc/devel/libxenserver: Makefile buildlink3.mk
pkgsrc/devel/mad-flute: Makefile
pkgsrc/devel/mdds: Makefile
pkgsrc/devel/mdds1.2: Makefile
pkgsrc/devel/netcdf: Makefile buildlink3.mk
pkgsrc/devel/netcdf-cxx: Makefile buildlink3.mk
pkgsrc/devel/netcdf-fortran: Makefile buildlink3.mk
pkgsrc/devel/okteta: Makefile
pkgsrc/devel/php-gearman: Makefile
pkgsrc/devel/radare2: Makefile buildlink3.mk
pkgsrc/devel/radare2-cutter: Makefile
pkgsrc/devel/rudiments: Makefile buildlink3.mk
pkgsrc/devel/sdcc3: Makefile
pkgsrc/devel/ucommon: Makefile buildlink3.mk
pkgsrc/devel/vera++: Makefile
pkgsrc/editors/Sigil: Makefile
pkgsrc/editors/TeXmacs: Makefile
pkgsrc/editors/abiword: Makefile buildlink3.mk
pkgsrc/editors/abiword-plugins: Makefile
pkgsrc/editors/codelite: Makefile
pkgsrc/editors/emacs25: Makefile
pkgsrc/editors/emacs26: Makefile
pkgsrc/editors/emacs27: Makefile
pkgsrc/editors/gobby: Makefile
pkgsrc/editors/lyx: Makefile
pkgsrc/editors/obby: Makefile buildlink3.mk
pkgsrc/editors/poedit: Makefile
pkgsrc/editors/xournalpp: Makefile
pkgsrc/emulators/cannonball: Makefile
pkgsrc/emulators/ckmame: Makefile
pkgsrc/emulators/dolphin-emu: Makefile
pkgsrc/emulators/emulationstation: Makefile
pkgsrc/emulators/libretro-dolphin: Makefile
pkgsrc/emulators/mgba: Makefile
pkgsrc/emulators/qemu: Makefile
pkgsrc/emulators/wine: Makefile
pkgsrc/filesystems/cloudfuse: Makefile
pkgsrc/filesystems/fuse-curlftpfs: Makefile
pkgsrc/filesystems/fuse-wdfs: Makefile
pkgsrc/finance/QuantLib: Makefile
pkgsrc/finance/bitcoin: Makefile
pkgsrc/finance/cpuminer: Makefile
pkgsrc/finance/gnucash: Makefile
pkgsrc/finance/ledger: Makefile
pkgsrc/finance/libofx: Makefile
pkgsrc/fonts/ghostscript-cidfonts-ryumin: Makefile
pkgsrc/games/7kaa: Makefile
pkgsrc/games/amor: Makefile
pkgsrc/games/asc: Makefile
pkgsrc/games/assaultcube: Makefile
pkgsrc/games/bastet: Makefile
pkgsrc/games/bzflag: Makefile
pkgsrc/games/criticalmass: Makefile
pkgsrc/games/crossfire-client: Makefile
pkgsrc/games/crossfire-server: Makefile
pkgsrc/games/dhewm3: Makefile
pkgsrc/games/dopewars: Makefile
pkgsrc/games/enigma: Makefile
pkgsrc/games/etlegacy: Makefile
pkgsrc/games/etlegacy-server: Makefile
pkgsrc/games/flightgear: Makefile
pkgsrc/games/freeciv-client: Makefile
pkgsrc/games/freeciv-server: Makefile
pkgsrc/games/freeciv-share: Makefile
pkgsrc/games/ggz-client-libs: Makefile buildlink3.mk
pkgsrc/games/holtz: Makefile
pkgsrc/games/ioquake3: Makefile
pkgsrc/games/iortcw: Makefile
pkgsrc/games/klavaro: Makefile
pkgsrc/games/lgogdownloader: Makefile
pkgsrc/games/libggz: Makefile buildlink3.mk
pkgsrc/games/manaplus: Makefile
pkgsrc/games/megaglest: Makefile
pkgsrc/games/minetest: Makefile
pkgsrc/games/naev: Makefile
pkgsrc/games/openmw: Makefile
pkgsrc/games/openrct2: Makefile
pkgsrc/games/pingus: Makefile
pkgsrc/games/powder-toy: Makefile
pkgsrc/games/quakeforge: Makefile
pkgsrc/games/scummvm: Makefile
pkgsrc/games/scummvm-tools: Makefile
pkgsrc/games/simgear: Makefile buildlink3.mk
pkgsrc/games/supertux: Makefile
pkgsrc/games/supertuxkart: Makefile
pkgsrc/games/taisei: Makefile
pkgsrc/games/ufoai: Makefile
pkgsrc/games/violetland: Makefile
pkgsrc/games/warmux: Makefile
pkgsrc/games/warzone2100: Makefile
pkgsrc/games/wesnoth: Makefile
pkgsrc/games/widelands: Makefile
pkgsrc/games/yquake2: Makefile
pkgsrc/geography/R-rgdal: Makefile
pkgsrc/geography/R-sf: Makefile
pkgsrc/geography/gdal-lib: Makefile buildlink3.mk
pkgsrc/geography/mapserver: Makefile
pkgsrc/geography/merkaartor: Makefile
pkgsrc/geography/opencpn: Makefile
pkgsrc/geography/osm2pgsql: Makefile
pkgsrc/geography/pdal-lib: Makefile buildlink3.mk
pkgsrc/geography/py-gdal: Makefile
pkgsrc/geography/qgis: Makefile
pkgsrc/geography/qlandkartegt: Makefile
pkgsrc/geography/qlandkartem: Makefile
pkgsrc/geography/viking: Makefile
pkgsrc/graphics/GMT: Makefile
pkgsrc/graphics/GraphicsMagick: Makefile buildlink3.mk
pkgsrc/graphics/ImageMagick: Makefile buildlink3.mk
pkgsrc/graphics/ImageMagick6: Makefile buildlink3.mk
pkgsrc/graphics/aqsis: Makefile
pkgsrc/graphics/autotrace: Makefile
pkgsrc/graphics/blender: Makefile
pkgsrc/graphics/blender-lts: Makefile
pkgsrc/graphics/camlimages: Makefile
pkgsrc/graphics/darktable: Makefile
pkgsrc/graphics/digikam: Makefile
pkgsrc/graphics/drawpile: Makefile
pkgsrc/graphics/dx: Makefile
pkgsrc/graphics/edje: Makefile buildlink3.mk
pkgsrc/graphics/enblend-enfuse: Makefile
pkgsrc/graphics/feh: Makefile
pkgsrc/graphics/gimmage: Makefile
pkgsrc/graphics/gmic: Makefile
pkgsrc/graphics/gource: Makefile
pkgsrc/graphics/gpick: Makefile
pkgsrc/graphics/graphviz: Makefile
pkgsrc/graphics/gri: Makefile
pkgsrc/graphics/hugin: Makefile
pkgsrc/graphics/jp2a: Makefile
pkgsrc/graphics/kde-base-artwork: Makefile
pkgsrc/graphics/kdegraphics-strigi-analyzer: Makefile
pkgsrc/graphics/kgamma: Makefile
pkgsrc/graphics/koverartist: Makefile
pkgsrc/graphics/kqtquickcharts4: Makefile
pkgsrc/graphics/krita: Makefile
pkgsrc/graphics/libgltf: Makefile
pkgsrc/graphics/libkexiv2-kde4: Makefile
pkgsrc/graphics/libsixel: Makefile
pkgsrc/graphics/lsix: Makefile
pkgsrc/graphics/luminance-hdr: Makefile
pkgsrc/graphics/ncview: Makefile
pkgsrc/graphics/openimageio: Makefile buildlink3.mk
pkgsrc/graphics/osg: Makefile buildlink3.mk
pkgsrc/graphics/p5-GraphicsMagick: Makefile
pkgsrc/graphics/p5-PerlMagick: Makefile
pkgsrc/graphics/pcl: Makefile buildlink3.mk
pkgsrc/graphics/pfstools: Makefile
pkgsrc/graphics/php-imagick: Makefile
pkgsrc/graphics/pstoedit: Makefile
pkgsrc/graphics/ruby-RMagick: Makefile
pkgsrc/graphics/sane-airscan: Makefile
pkgsrc/graphics/shotwell: Makefile
pkgsrc/graphics/tango-icon-theme: Makefile
pkgsrc/graphics/vtk: Makefile buildlink3.mk
pkgsrc/graphics/zbar: Makefile
pkgsrc/graphics/zphoto: Makefile
pkgsrc/ham/fldigi: Makefile
pkgsrc/ham/gnuradio-channels: Makefile
pkgsrc/ham/gnuradio-companion: Makefile
pkgsrc/ham/gnuradio-core: Makefile
pkgsrc/ham/gnuradio-ctrlport: Makefile
pkgsrc/ham/gnuradio-digital: Makefile
pkgsrc/ham/gnuradio-doxygen: Makefile
pkgsrc/ham/gnuradio-dtv: Makefile
pkgsrc/ham/gnuradio-fec: Makefile
pkgsrc/ham/gnuradio-network: Makefile
pkgsrc/ham/gnuradio-qtgui: Makefile
pkgsrc/ham/gnuradio-soapy-sdr: Makefile
pkgsrc/ham/gnuradio-trellis: Makefile
pkgsrc/ham/gnuradio-uhd: Makefile
pkgsrc/ham/gnuradio-utils: Makefile
pkgsrc/ham/gnuradio-video-sdl: Makefile
pkgsrc/ham/gnuradio-vocoder: Makefile
pkgsrc/ham/gnuradio-wavelet: Makefile
pkgsrc/ham/gnuradio-zeromq: Makefile
pkgsrc/ham/gpredict: Makefile
pkgsrc/ham/gr-fcdproplus: Makefile
pkgsrc/ham/gr-osmosdr: Makefile
pkgsrc/ham/trustedQSL: Makefile
pkgsrc/ham/uhd: Makefile
pkgsrc/inputmethod/fcitx5-chinese-addons: Makefile
pkgsrc/inputmethod/fcitx5-mozc: Makefile
pkgsrc/inputmethod/fcitx5-table-extra: Makefile
pkgsrc/inputmethod/fcitx5-table-other: Makefile
pkgsrc/inputmethod/ibus-mozc: Makefile
pkgsrc/inputmethod/libime: Makefile
pkgsrc/inputmethod/librime: Makefile
pkgsrc/inputmethod/mozc-elisp: Makefile
pkgsrc/inputmethod/mozc-renderer: Makefile
pkgsrc/inputmethod/mozc-server: Makefile
pkgsrc/inputmethod/mozc-tool: Makefile
pkgsrc/inputmethod/uim-mozc: Makefile
pkgsrc/lang/konoha: Makefile
pkgsrc/lang/nodejs10: Makefile buildlink3.mk
pkgsrc/lang/nodejs12: Makefile buildlink3.mk
pkgsrc/lang/openjdk11: Makefile
pkgsrc/lang/openjdk8: Makefile
pkgsrc/lang/rust: Makefile
pkgsrc/mail/akonadi: Makefile
pkgsrc/mail/balsa: Makefile
pkgsrc/mail/claws-mail: Makefile
pkgsrc/mail/claws-mail-archive: Makefile
pkgsrc/mail/claws-mail-attachwarner: Makefile
pkgsrc/mail/claws-mail-attremover: Makefile
pkgsrc/mail/claws-mail-bogofilter: Makefile
pkgsrc/mail/claws-mail-dillo: Makefile
pkgsrc/mail/claws-mail-fetchinfo: Makefile
pkgsrc/mail/claws-mail-libravatar: Makefile
pkgsrc/mail/claws-mail-mailmbox: Makefile
pkgsrc/mail/claws-mail-managesieve: Makefile
pkgsrc/mail/claws-mail-newmail: Makefile
pkgsrc/mail/claws-mail-notification: Makefile
pkgsrc/mail/claws-mail-pgpcore: Makefile
pkgsrc/mail/claws-mail-pgpinline: Makefile
pkgsrc/mail/claws-mail-pgpmime: Makefile
pkgsrc/mail/claws-mail-rssyl: Makefile
pkgsrc/mail/claws-mail-smime: Makefile
pkgsrc/mail/claws-mail-spamassassin: Makefile
pkgsrc/mail/claws-mail-spamreport: Makefile
pkgsrc/mail/claws-mail-tnef: Makefile
pkgsrc/mail/claws-mail-vcalendar: Makefile
pkgsrc/mail/cone: Makefile
pkgsrc/mail/evolution-data-server: Makefile
pkgsrc/mail/libetpan: Makefile buildlink3.mk
pkgsrc/mail/mailfront: Makefile
pkgsrc/mail/milter-greylist: Makefile
pkgsrc/mail/mpop: Makefile
pkgsrc/mail/msmtp: Makefile
pkgsrc/mail/mutt: Makefile
pkgsrc/mail/nmh: Makefile
pkgsrc/mail/nullmailer: Makefile
pkgsrc/mail/wmbiff: Makefile
pkgsrc/mail/xfce4-mailwatch-plugin: Makefile
pkgsrc/math/R: Makefile
pkgsrc/math/R-CGIwithR: Makefile
pkgsrc/math/R-RNetCDF: Makefile
pkgsrc/math/R-ncdf: Makefile
pkgsrc/math/R-ncdf4: Makefile
pkgsrc/math/cantor: Makefile
pkgsrc/math/cgal: Makefile buildlink3.mk
pkgsrc/math/grace: Makefile
pkgsrc/math/libixion: Makefile
pkgsrc/math/octave: Makefile
pkgsrc/math/py-Scientific: Makefile
pkgsrc/math/py-libixion: Makefile
pkgsrc/math/py-netCDF4: Makefile
pkgsrc/math/qalculate: Makefile buildlink3.mk
pkgsrc/math/qalculate-gtk: Makefile
pkgsrc/math/sc-im: Makefile
pkgsrc/math/volk: Makefile
pkgsrc/math/vowpal_wabbit: Makefile
pkgsrc/math/xmgr: Makefile
pkgsrc/misc/bibletime: Makefile
pkgsrc/misc/esniper: Makefile
pkgsrc/misc/fbreader: Makefile
pkgsrc/misc/gwaei: Makefile
pkgsrc/misc/kaccessible: Makefile
pkgsrc/misc/kchmviewer: Makefile
pkgsrc/misc/kde-wallpapers4: Makefile
pkgsrc/misc/kdeartwork4: Makefile
pkgsrc/misc/kdepim-runtime4: Makefile
pkgsrc/misc/kdepim4: Makefile
pkgsrc/misc/kdepimlibs4: Makefile buildlink3.mk
pkgsrc/misc/kdeplasma-addons4: Makefile
pkgsrc/misc/kremotecontrol: Makefile
pkgsrc/misc/kstars: Makefile
pkgsrc/misc/ktux: Makefile
pkgsrc/misc/libcarddav: Makefile
pkgsrc/misc/libkdeedu: Makefile buildlink3.mk
pkgsrc/misc/libreoffice: Makefile
pkgsrc/misc/ocaml-opam: Makefile
pkgsrc/misc/parley: Makefile
pkgsrc/misc/rocs: Makefile
pkgsrc/misc/step: Makefile
pkgsrc/misc/superkaramba: Makefile
pkgsrc/misc/sweeper: Makefile
pkgsrc/misc/sword: Makefile buildlink3.mk
pkgsrc/misc/usbprog: Makefile
pkgsrc/misc/wandio: Makefile buildlink3.mk
pkgsrc/multimedia/audiocd-kio: Makefile
pkgsrc/multimedia/dvdauthor: Makefile
pkgsrc/multimedia/ffmpeg2: Makefile
pkgsrc/multimedia/ffmpeg3: Makefile
pkgsrc/multimedia/ffmpeg4: Makefile
pkgsrc/multimedia/ffmpegthumbs: Makefile
pkgsrc/multimedia/gnome-mplayer: Makefile
pkgsrc/multimedia/gpac: Makefile
pkgsrc/multimedia/kscd: Makefile
pkgsrc/multimedia/libkcddb: Makefile buildlink3.mk
pkgsrc/multimedia/lightspark: Makefile
pkgsrc/multimedia/mediatomb: Makefile
pkgsrc/multimedia/mkvtoolnix: Makefile
pkgsrc/multimedia/mkvtoolnix-old: Makefile
pkgsrc/multimedia/mplayerthumbs: Makefile
pkgsrc/multimedia/nostt: Makefile
pkgsrc/multimedia/obs-studio: Makefile
pkgsrc/multimedia/omxplayer: Makefile
pkgsrc/multimedia/totem: Makefile
pkgsrc/multimedia/transcode: Makefile
pkgsrc/multimedia/vlc: Makefile
pkgsrc/multimedia/xine-lib: Makefile
pkgsrc/multimedia/xine-ui: Makefile
pkgsrc/net/aiccu: Makefile
pkgsrc/net/bbk_cli: Makefile
pkgsrc/net/btget: Makefile
pkgsrc/net/cclive: Makefile
pkgsrc/net/ccrtp: Makefile buildlink3.mk
pkgsrc/net/choqok: Makefile
pkgsrc/net/chrony: Makefile
pkgsrc/net/dc_gui2: Makefile
pkgsrc/net/deforaos-vncviewer: Makefile
pkgsrc/net/doh: Makefile
pkgsrc/net/ettercap: Makefile
pkgsrc/net/ettercap-gtk: Makefile
pkgsrc/net/filezilla: Makefile
pkgsrc/net/flickcurl: Makefile
pkgsrc/net/freeDiameter: Makefile
pkgsrc/net/freeradius-freetds: Makefile
pkgsrc/net/freeradius-rest: Makefile
pkgsrc/net/glib-networking: Makefile
pkgsrc/net/grilo: Makefile buildlink3.mk
pkgsrc/net/grilo-plugins: Makefile
pkgsrc/net/grive2: Makefile
pkgsrc/net/gst-plugins0.10-rtmp: Makefile
pkgsrc/net/gst-plugins1-rtmp: Makefile
pkgsrc/net/gtk-gnutella: Makefile
pkgsrc/net/gtk-vnc: Makefile buildlink3.mk
pkgsrc/net/guacamole-server: Makefile
pkgsrc/net/icinga2: Makefile
pkgsrc/net/jigdo: Makefile
pkgsrc/net/kdenetwork-filesharing: Makefile
pkgsrc/net/kdenetwork-strigi-analyzers: Makefile
pkgsrc/net/kget: Makefile
pkgsrc/net/kmldonkey: Makefile
pkgsrc/net/knot: Makefile
pkgsrc/net/kopete: Makefile
pkgsrc/net/kppp: Makefile
pkgsrc/net/krdc: Makefile
pkgsrc/net/krfb: Makefile
pkgsrc/net/ktorrent: Makefile
pkgsrc/net/lftp: Makefile
pkgsrc/net/libcmis: Makefile
pkgsrc/net/libfilezilla: Makefile
pkgsrc/net/libgdata: Makefile buildlink3.mk
pkgsrc/net/libktorrent: Makefile buildlink3.mk
pkgsrc/net/libquvi: Makefile
pkgsrc/net/libtorrent-rasterbar: Makefile buildlink3.mk
pkgsrc/net/libtrace: Makefile
pkgsrc/net/libvncserver: Makefile buildlink3.mk
pkgsrc/net/libzrtpcpp: Makefile buildlink3.mk
pkgsrc/net/megatools: Makefile
pkgsrc/net/nanotodon: Makefile
pkgsrc/net/ncdc: Makefile
pkgsrc/net/net6: Makefile buildlink3.mk
pkgsrc/net/netatalk22: Makefile
pkgsrc/net/netatalk3: Makefile
pkgsrc/net/ntopng: Makefile
pkgsrc/net/ocamlnet: Makefile
pkgsrc/net/ocsync: Makefile buildlink3.mk
pkgsrc/net/openvpn: Makefile
pkgsrc/net/podcastdl: Makefile
pkgsrc/net/powerdns: Makefile
pkgsrc/net/py-smbc: Makefile
pkgsrc/net/qbittorrent: Makefile
pkgsrc/net/quvi: Makefile
pkgsrc/net/rdesktop: Makefile
pkgsrc/net/remmina: Makefile
pkgsrc/net/rtmpdump: Makefile buildlink3.mk
pkgsrc/net/rtorrent: Makefile
pkgsrc/net/samba: Makefile
pkgsrc/net/samba4: Makefile buildlink3.mk
pkgsrc/net/snort: Makefile
pkgsrc/net/synergy: Makefile
pkgsrc/net/taskserver: Makefile
pkgsrc/net/tcpflow: Makefile
pkgsrc/net/tigervnc: Makefile
pkgsrc/net/transmission: Makefile
pkgsrc/net/transmission-gtk: Makefile
pkgsrc/net/transmission-qt: Makefile
pkgsrc/net/unbound: Makefile buildlink3.mk
pkgsrc/net/urlgfe: Makefile
pkgsrc/net/vinagre: Makefile
pkgsrc/net/vino: Makefile
pkgsrc/net/wget: Makefile
pkgsrc/net/wireshark: Makefile
pkgsrc/net/wmget: Makefile
pkgsrc/net/zeroconf-ioslave: Makefile
pkgsrc/news/neix: Makefile
pkgsrc/news/newsbeuter: Makefile
pkgsrc/news/pan: Makefile
pkgsrc/parallel/slurm-wlm: Makefile
pkgsrc/print/auctex: Makefile
pkgsrc/print/brlaser: Makefile
pkgsrc/print/cups: Makefile
pkgsrc/print/cups-base: Makefile buildlink3.mk
pkgsrc/print/cups-drivers-Magicolor5440DL: Makefile
pkgsrc/print/cups-filters: Makefile buildlink3.mk
pkgsrc/print/cups-pdf: Makefile
pkgsrc/print/dspdfviewer: Makefile
pkgsrc/print/epdfview: Makefile
pkgsrc/print/ghostscript: Makefile buildlink3.mk
pkgsrc/print/ghostscript-gpl: Makefile buildlink3.mk
pkgsrc/print/gtklp: Makefile
pkgsrc/print/gutenprint-lib: Makefile
pkgsrc/print/hplip: Makefile
pkgsrc/print/libcups: Makefile buildlink3.mk
pkgsrc/print/mupdf: Makefile buildlink3.mk
pkgsrc/print/okular: Makefile
pkgsrc/print/p5-Net-CUPS: Makefile
pkgsrc/print/pdf2djvu: Makefile
pkgsrc/print/py-cups: Makefile
pkgsrc/print/qpdfview: Makefile
pkgsrc/print/scribus-qt4: Makefile
pkgsrc/print/scribus-qt5: Makefile
pkgsrc/print/xpdf4: Makefile
pkgsrc/print/xpp: Makefile
pkgsrc/print/zathura-pdf-mupdf: Makefile
pkgsrc/security/ap-modsecurity2: Makefile
pkgsrc/security/botan-devel: Makefile buildlink3.mk
pkgsrc/security/clamav: Makefile
pkgsrc/security/dirb: Makefile
pkgsrc/security/gnupg: Makefile
pkgsrc/security/gnupg-pkcs11-scd: Makefile
pkgsrc/security/gnupg2: Makefile
pkgsrc/security/gnutls: Makefile buildlink3.mk
pkgsrc/security/gsasl: Makefile
pkgsrc/security/kgpg: Makefile
pkgsrc/security/lastpass-cli: Makefile
pkgsrc/security/libfprint: Makefile
pkgsrc/security/liboauth: Makefile buildlink3.mk
pkgsrc/security/libprelude: Makefile buildlink3.mk
pkgsrc/security/libprelude-lua: Makefile
pkgsrc/security/libprelude-perl: Makefile
pkgsrc/security/libprelude-python: Makefile
pkgsrc/security/libpreludedb: Makefile buildlink3.mk
pkgsrc/security/libpreludedb-mysql: Makefile
pkgsrc/security/libpreludedb-perl: Makefile
pkgsrc/security/libpreludedb-pgsql: Makefile
pkgsrc/security/libpreludedb-python: Makefile
pkgsrc/security/libpreludedb-sqlite3: Makefile
pkgsrc/security/libykneomgr: Makefile
pkgsrc/security/opendnssec2: Makefile
pkgsrc/security/opensaml: Makefile
pkgsrc/security/openvas-libnasl: Makefile
pkgsrc/security/openvas-libraries: Makefile
pkgsrc/security/openvas-plugins: Makefile
pkgsrc/security/openvas-server: Makefile
pkgsrc/security/pam-yubico: Makefile
pkgsrc/security/php-oauth: Makefile
pkgsrc/security/php-oauth1: Makefile
pkgsrc/security/pkcs11-helper: Makefile buildlink3.mk
pkgsrc/security/prelude-lml: Makefile
pkgsrc/security/prelude-manager: Makefile
pkgsrc/security/prelude-pflogger: Makefile
pkgsrc/security/rvault: Makefile
pkgsrc/security/softhsm2: Makefile buildlink3.mk
pkgsrc/security/ykclient: Makefile buildlink3.mk
pkgsrc/sysutils/baloo: Makefile
pkgsrc/sysutils/cfengine3: Makefile
pkgsrc/sysutils/collectd-curl: Makefile
pkgsrc/sysutils/collectd-riemann: Makefile
pkgsrc/sysutils/collectd-virt: Makefile
pkgsrc/sysutils/collectd-write_prometheus: Makefile
pkgsrc/sysutils/conky: Makefile
pkgsrc/sysutils/edbus: Makefile buildlink3.mk
pkgsrc/sysutils/efreet: Makefile buildlink3.mk
pkgsrc/sysutils/gkrellm: Makefile
pkgsrc/sysutils/gnome-control-center: Makefile
pkgsrc/sysutils/gnome-settings-daemon: Makefile
pkgsrc/sysutils/gvfs: Makefile
pkgsrc/sysutils/k3b: Makefile
pkgsrc/sysutils/kcron: Makefile
pkgsrc/sysutils/kfilemetadata: Makefile
pkgsrc/sysutils/kfilemetadata5: Makefile
pkgsrc/sysutils/kuser: Makefile
pkgsrc/sysutils/libbaloo4: Makefile
pkgsrc/sysutils/mc: Makefile
pkgsrc/sysutils/openxenmanager: Makefile
pkgsrc/sysutils/riemann-client: Makefile buildlink3.mk
pkgsrc/sysutils/rsyslog: Makefile
pkgsrc/sysutils/rsyslog-dbi: Makefile
pkgsrc/sysutils/rsyslog-elasticsearch: Makefile
pkgsrc/sysutils/rsyslog-gnutls: Makefile
pkgsrc/sysutils/rsyslog-gssapi: Makefile
pkgsrc/sysutils/rsyslog-kafka: Makefile
pkgsrc/sysutils/rsyslog-libgcrypt: Makefile
pkgsrc/sysutils/rsyslog-mysql: Makefile
pkgsrc/sysutils/rsyslog-omprog: Makefile
pkgsrc/sysutils/rsyslog-pgsql: Makefile
pkgsrc/sysutils/rsyslog-rabbitmq: Makefile
pkgsrc/sysutils/rsyslog-relp: Makefile
pkgsrc/sysutils/rsyslog-snmp: Makefile
pkgsrc/sysutils/strigi: Makefile buildlink3.mk
pkgsrc/sysutils/syslog-ng-curl: Makefile
pkgsrc/sysutils/virt-viewer: Makefile
pkgsrc/sysutils/zabbix: Makefile
pkgsrc/sysutils/zabbix50-agent: Makefile
pkgsrc/sysutils/zabbix50-proxy: Makefile
pkgsrc/sysutils/zabbix50-server: Makefile
pkgsrc/textproc/FlightCrew: Makefile
pkgsrc/textproc/dikt: Makefile
pkgsrc/textproc/ebook-tools: Makefile buildlink3.mk
pkgsrc/textproc/iksemel: Makefile
pkgsrc/textproc/libclucene: Makefile buildlink3.mk
pkgsrc/textproc/libkolabxml: Makefile buildlink3.mk
pkgsrc/textproc/liblrdf: Makefile buildlink3.mk
pkgsrc/textproc/libnxml: Makefile buildlink3.mk
pkgsrc/textproc/libodfgen: Makefile buildlink3.mk
pkgsrc/textproc/lucene++: Makefile
pkgsrc/textproc/multimarkdown: Makefile
pkgsrc/textproc/odt2tex: Makefile
pkgsrc/textproc/p5-Syntax-SourceHighlight: Makefile
pkgsrc/textproc/raptor: Makefile buildlink3.mk
pkgsrc/textproc/raptor2: Makefile buildlink3.mk
pkgsrc/textproc/rasqal: Makefile buildlink3.mk
pkgsrc/textproc/redland: Makefile buildlink3.mk
pkgsrc/textproc/soprano: Makefile buildlink3.mk
pkgsrc/textproc/source-highlight: Makefile buildlink3.mk
pkgsrc/textproc/translate-shell: Makefile
pkgsrc/textproc/xmlrpc-c: Makefile buildlink3.mk
pkgsrc/textproc/xmltooling: Makefile
pkgsrc/time/taskwarrior: Makefile
pkgsrc/wm/compiz: Makefile
pkgsrc/www/R-RCurl: Makefile
pkgsrc/www/R-curl: Makefile
pkgsrc/www/SOGo: Makefile
pkgsrc/www/SOGo4: Makefile
pkgsrc/www/ap-auth-openidc: Makefile
pkgsrc/www/ap-authnz-crowd: Makefile
pkgsrc/www/ap2-auth-mellon: Makefile
pkgsrc/www/ap2-passenger: Makefile
pkgsrc/www/apache24: Makefile
pkgsrc/www/aws: Makefile
pkgsrc/www/aws-demos: Makefile
pkgsrc/www/cadaver: Makefile
pkgsrc/www/curl: Makefile buildlink3.mk
pkgsrc/www/elinks: Makefile
pkgsrc/www/felinks: Makefile
pkgsrc/www/htdavlock: Makefile
pkgsrc/www/htmldoc: Makefile
pkgsrc/www/kore: Makefile
pkgsrc/www/libmicrohttpd: Makefile buildlink3.mk
pkgsrc/www/libmrss: Makefile buildlink3.mk
pkgsrc/www/lighttpd: Makefile
pkgsrc/www/litmus: Makefile
pkgsrc/www/lua-curl: Makefile
pkgsrc/www/lynx: Makefile
pkgsrc/www/neon: Makefile buildlink3.mk
pkgsrc/www/netsurf: Makefile
pkgsrc/www/nghttp2: buildlink3.mk
pkgsrc/www/nspluginwrapper: Makefile
pkgsrc/www/ocaml-curl: Makefile
pkgsrc/www/p5-Net-Curl: Makefile
pkgsrc/www/passenger: Makefile
pkgsrc/www/php-curl: Makefile
pkgsrc/www/php-http: Makefile
pkgsrc/www/php-http3: Makefile
pkgsrc/www/py-curl: Makefile
pkgsrc/www/rekonq: Makefile
pkgsrc/www/ruby-patron: Makefile
pkgsrc/www/shibboleth-sp: Makefile
pkgsrc/www/sitecopy: Makefile
pkgsrc/www/snownews: Makefile
pkgsrc/www/squid4: Makefile
pkgsrc/www/wwwoffle: Makefile
pkgsrc/www/yahttp: Makefile
pkgsrc/x11/elementary: Makefile buildlink3.mk
pkgsrc/x11/enlightenment: Makefile buildlink3.mk
pkgsrc/x11/gtk2: Makefile
pkgsrc/x11/gtk3: Makefile
pkgsrc/x11/gtk4: Makefile
pkgsrc/x11/kactivities: Makefile buildlink3.mk
pkgsrc/x11/kactivities-stats: Makefile
pkgsrc/x11/kactivities5: Makefile
pkgsrc/x11/kde-baseapps4: Makefile
pkgsrc/x11/kde-runtime4: Makefile buildlink3.mk
pkgsrc/x11/kde-workspace4: Makefile buildlink3.mk
pkgsrc/x11/kdelibs4: Makefile buildlink3.mk
pkgsrc/x11/libkactivities4: Makefile buildlink3.mk
pkgsrc/x11/qt4-libs: Makefile
pkgsrc/x11/qt5-qtbase: Makefile
pkgsrc/x11/qt5-qtwebengine: Makefile
pkgsrc/x11/vte3: Makefile
pkgsrc/x11/wmweather: Makefile
pkgsrc/x11/x11vnc: Makefile
pkgsrc/x11/x2go-client: Makefile
pkgsrc/x11/xfce4-tumbler: Makefile
pkgsrc/x11/xlockmore: Makefile
Log Message:
revbump for boost-libs
---
Module Name: pkgsrc
Committed By: adam
Date: Fri Oct 8 13:20:34 UTC 2021
Modified Files:
pkgsrc/net/samba4: Makefile PLIST distinfo
Log Message:
samba4: updated to 4.13.12
Changes since 4.13.11
---------------------
* BUG 14806: Address a signifcant performance regression in database access
in the AD DC since Samba 4.12.
* BUG 14807: Fix performance regression in lsa_LookupSids3/LookupNames4 since
Samba 4.9 by using an explicit database handle cache.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
server name in a TGS-REQ.
* BUG 14818: Address flapping samba_tool_drs_showrepl test.
* BUG 14819: Address flapping dsdb_schema_attributes test.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
server name in a TGS-REQ
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
server name in a TGS-REQ.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
server name in a TGS-REQ.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
server name in a TGS-REQ.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
server name in a TGS-REQ.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
server name in a TGS-REQ.
* BUG 14784: Fix CTDB flag/status update race conditions.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
server name in a TGS-REQ.
---
Module Name: pkgsrc
Committed By: adam
Date: Wed Nov 10 13:33:20 UTC 2021
Modified Files:
pkgsrc/net/samba4: Makefile PLIST distinfo
Log Message:
samba4: updated to 4.13.14
Changes since 4.13.13
---------------------
o Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* CVE-2020-25722
o Andrew Bartlett <abartlet@samba.org>
* CVE-2020-25718
* CVE-2020-25719
* CVE-2020-25721
* CVE-2020-25722
o Ralph Boehme <slow@samba.org>
* CVE-2020-25717
o Alexander Bokovoy <ab@samba.org>
* CVE-2020-25717
o Samuel Cabrero <scabrero@samba.org>
* CVE-2020-25717
o Nadezhda Ivanova <nivanova@symas.com>
* CVE-2020-25722
o Stefan Metzmacher <metze@samba.org>
* CVE-2016-2124
* CVE-2020-25717
* CVE-2020-25719
* CVE-2020-25722
* CVE-2021-23192
* CVE-2021-3738
* ldb: version 2.2.3
o Andreas Schneider <asn@samba.org>
* CVE-2020-25719
o Joseph Sutton <josephsutton@catalyst.net.nz>
* CVE-2020-17049
* CVE-2020-25718
* CVE-2020-25719
* CVE-2020-25721
* CVE-2020-25722
* MS CVE-2020-17049
Changes since 4.13.12
---------------------
o Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* BUG 14868: rodc_rwdc test flaps.
* BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.
o Andrew Bartlett <abartlet@samba.org>
* BUG 14642: Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
bit' S4U2Proxy Constrained Delegation bypass in Samba with
embedded Heimdal.
* BUG 14836: Python ldb.msg_diff() memory handling failure.
* BUG 14845: "in" operator on ldb.Message is case sensitive.
* BUG 14848: Release LDB 2.3.1 for Samba 4.14.9.
* BUG 14871: Fix Samba support for UF_NO_AUTH_DATA_REQUIRED.
* BUG 14874: Allow special chars like "@" in samAccountName when generating
the salt.
* BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.
o Isaac Boukris <iboukris@gmail.com>
* BUG 14642: Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
bit' S4U2Proxy Constrained Delegation bypass in Samba with
embedded Heimdal.
* BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.
o Viktor Dukhovni <viktor@twosigma.com>
* BUG 12998: Fix transit path validation.
* BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.
o Luke Howard <lukeh@padl.com>
* BUG 14642: Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
bit' S4U2Proxy Constrained Delegation bypass in Samba with
embedded Heimdal.
* BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.
o Stefan Metzmacher <metze@samba.org>
* BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.
o David Mulder <dmulder@suse.com>
* BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.
o Andreas Schneider <asn@samba.org>
* BUG 14870: Prepare to operate with MIT krb5 >= 1.20.
* BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.
o Joseph Sutton <josephsutton@catalyst.net.nz>
* BUG 14642: Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
bit' S4U2Proxy Constrained Delegation bypass in Samba with
embedded Heimdal.
* BUG 14645: rpcclient NetFileEnum and net rpc file both cause lock order
violation: brlock.tdb, share_entries.tdb.
* BUG 14836: Python ldb.msg_diff() memory handling failure.
* BUG 14845: "in" operator on ldb.Message is case sensitive.
* BUG 14848: Release LDB 2.3.1 for Samba 4.14.9.
* BUG 14868: rodc_rwdc test flaps.
* BUG 14871: Fix Samba support for UF_NO_AUTH_DATA_REQUIRED.
* BUG 14874: Allow special chars like "@" in samAccountName when generating
the salt.
* BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.
o Nicolas Williams <nico@twosigma.com>
* BUG 14642: Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
bit' S4U2Proxy Constrained Delegation bypass in Samba with
embedded Heimdal.
* BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.
|
|
|
|
databases/ldb: dependency for samba4 security fix
Revisions pulled up:
- databases/ldb/Makefile 1.24
- databases/ldb/distinfo 1.17
---
Module Name: pkgsrc
Committed By: adam
Date: Wed Nov 10 13:32:10 UTC 2021
Modified Files:
pkgsrc/databases/ldb: Makefile distinfo
Log Message:
ldb: updated to 2.2.3
2.2.3:
Unknown changes
|
|
|
|
lang/php80: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.347
- lang/php80/distinfo 1.13
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Nov 19 14:29:05 UTC 2021
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php80: distinfo
Log Message:
lang/php80: update to 8.0.13
This release contains security fix.
18 Nov 2021, PHP 8.0.13
- Core:
. Fixed bug #81518 (Header injection via default_mimetype / default_charset).
(cmb)
- Date:
. Fixed bug #81500 (Interval serialization regression since 7.3.14 / 7.4.2).
(cmb)
- MBString:
. Fixed bug #76167 (mbstring may use pointer from some previous request).
(cmb, cataphract)
- Opcache:
. Fixed bug #81512 (Unexpected behavior with arrays and JIT). (Dmitry)
- PCRE:
. Fixed bug #81424 (PCRE2 10.35 JIT performance regression). (cmb)
- XML:
. Fixed bug #79971 (special character is breaking the path in xml function).
(CVE-2021-21707) (cmb)
- XMLReader:
. Fixed bug #81521 (XMLReader::getParserProperty may throw with a valid
property). (Nikita)
|
|
|
|
lang/php73: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.346
- lang/php73/distinfo 1.41
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Nov 19 14:27:56 UTC 2021
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php73: distinfo
Log Message:
lang/php73: update to 7.3.33
This release contains security fix.
18 Nov 2021, PHP 7.3.33
- XML:
. Fix #79971: special character is breaking the path in xml function.
(CVE-2021-21707) (cmb)
|
|
|
|
lang/php74: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.345
- lang/php74/distinfo 1.33
- lang/php74/patches/patch-ext_intl_breakiterator_codepointiterator__internal.cpp 1.3
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Nov 19 14:26:29 UTC 2021
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php74: distinfo
pkgsrc/lang/php74/patches:
patch-ext_intl_breakiterator_codepointiterator__internal.cpp
Log Message:
lang/php74: udpate to 7.4.26
This release contains security fix.
18 Nov 2021, PHP 7.4.26
- Core:
. Fixed bug #81518 (Header injection via default_mimetype / default_charset).
(cmb)
- Date:
. Fixed bug #81500 (Interval serialization regression since 7.3.14 / 7.4.2).
(cmb)
- MBString:
. Fixed bug #76167 (mbstring may use pointer from some previous request).
(cmb, cataphract)
- MySQLi:
. Fixed bug #81494 (Stopped unbuffered query does not throw error). (Nikita)
- PCRE:
. Fixed bug #81424 (PCRE2 10.35 JIT performance regression). (cmb)
- Streams:
. Fixed bug #54340 (Memory corruption with user_filter). (Nikita)
- XML:
. Fixed bug #79971 (special character is breaking the path in xml function).
(CVE-2021-21707) (cmb)
|
|
|
|
devel/ruby-redmine41: security fix
Revisions pulled up:
- devel/ruby-redmine41/Makefile 1.7
- devel/ruby-redmine41/distinfo 1.7
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Nov 8 15:06:37 UTC 2021
Modified Files:
pkgsrc/devel/ruby-redmine41: Makefile distinfo
Log Message:
devel/ruby-redmine41: update to 4.1.5
This release includes a fix for a moderate severity issue found in all
recent releases.
4.1.5 (2021-10-10)
[Administration]
* Defect #35731: Password and Confirmation fields are marked as required
when editing a user
[Attachments]
* Defect #35715: File upload fails when run with uWSGI
[Issues]
* Defect #35642: Long text custom field values are not aligned with their
labels
[Issues planning]
* Defect #35669: Prints of Issues Report details are messed-up due to the
size of the graphs
[Permissions and roles]
* Defect #35634: Attachments deletable even though issue edit not permitted
[Security]
* Defect #35789: Redmine is leaking usernames on activities index view
* Patch #35463: Enforce stricter class filtering in WatchersController
[UI]
* Defect #34834: Line breaks in the description of a custom field are
ignored in a tooltip
|
|
|
|
devel/ruby-redmine42: security fix
Revisions pulled up:
- devel/ruby-redmine42/Makefile 1.3
- devel/ruby-redmine42/distinfo 1.5
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Nov 8 15:04:57 UTC 2021
Modified Files:
pkgsrc/devel/ruby-redmine42: Makefile distinfo
Log Message:
devel/ruby-redmine42: update to 4.2.3
This release includes a fix for a moderate severity issue found in all
recent releases.
4.2.3 (2021-10-10)
[Administration]
* Defect #35731: Password and Confirmation fields are marked as required
when editing a user
[Attachments]
* Defect #35642: Long text custom field values are not aligned with their
labels
* Defect #35715: File upload fails when run with uWSGI
[Issues]
* Defect #35655: Create duplicated follows relations fails with 500 internal
error
[Issues planning]
* Defect #35669: Prints of Issues Report details are messed-up due to the
size of the graphs
[Permissions and roles]
* Defect #35634: Attachments deletable even though issue edit not permitted
[Projects]
* Defect #35827: Deleting a closed or archived project returns 403
[Roadmap]
* Feature #35758: Add some space around the versions on the Roadmap
[Security]
* Defect #35789: Redmine is leaking usernames on activities index view
* Patch #35463: Enforce stricter class filtering in WatchersController
[Translations]
* Patch #35662: Mongolian translation update for "Notes", "Totals", and "%
Done"
* Patch #35766: Galician translation update for 4.2-stable
[UI]
* Defect #34834: Line breaks in the description of a custom field are
ignored in a tooltip
|
|
|
|
www/ap2-auth-mellon: security fix
Revisions pulled up:
- www/ap2-auth-mellon/Makefile 1.66
- www/ap2-auth-mellon/distinfo 1.24
---
Module Name: pkgsrc
Committed By: manu
Date: Tue Nov 9 01:50:45 UTC 2021
Modified Files:
pkgsrc/doc: CHANGES-2021
pkgsrc/www/ap2-auth-mellon: Makefile distinfo
Log Message:
Updated www/ap2-auth-mellon to 0.18.0
Change sine 0.17 from NEWS file:
Version 0.18.0
---------------------------------------------------------------------------
Security fixes:
* [CVE-2019-13038] Redirect URL validation bypass
Version 0.17.0 and older of mod_auth_mellon allows the redirect URL
validation to be bypassed by specifying an URL formatted as
"///fishing-site.example.com/logout.html". In this case, the browser
would interpret the URL differently than the APR parsing utility
mellon uses and redirect to fishing-site.example.com.
This could be reproduced with:
https://rp.example.co.jp/mellon/logout?ReturnTo=///fishing-site.example.com
/logout.html
This version fixes that issue by rejecting all URLs that start with "///".
Enhancements:
* A new option MellonSessionIdleTimeout that represents the amount of time
a user can be inactive before the user's session times out in seconds.
Bug fixes:
* Several build-time fixes
* The CookieTest SameSite attribute was only set to None if mellon configure
option MellonCookieSameSite was set to something other than default.
This is now fixed.
|
|
|
|
net/zeromq: security fix
Revisions pulled up:
- net/zeromq/Makefile 1.32
- net/zeromq/PLIST 1.11
- net/zeromq/distinfo 1.34
- net/zeromq/patches/patch-src_ipc__listener.cpp 1.5
- net/zeromq/patches/patch-src_tcp__listener.cpp 1.6
---
Module Name: pkgsrc
Committed By: adam
Date: Sun Nov 14 20:15:46 UTC 2021
Modified Files:
pkgsrc/net/zeromq: Makefile PLIST distinfo
pkgsrc/net/zeromq/patches: patch-src_ipc__listener.cpp
patch-src_tcp__listener.cpp
Log Message:
zeromq: updated to 4.3.4
libzmq 4.3.4
New DRAFT (see NEWS for 4.2.0) socket option:
ZMQ_PRIORITY will set the SO_PRIORITY socket option on the underlying
sockets. Only supported on Linux.
See doc/zmq_setsockopt.txt and doc/zmq_getsockopt.txt for details.
Fixed 4113 - compilation errors on kFreeBSD and GNU/Hurd
Fixed 4086 - excessive amount of socket files left behind in Windows TMP
directory
Fixed 4108 - regression that breaks using IPv6 link-local addresses on Linux
Fixed 4078 - compilation errors on Android
Fixed 4074 - compilation error with ulibc and libbsd
Fixed 4060 - stack overflow on Windows x64
Fixed 4051 - various compilation errors on Windows ARM 32bit
Fixed 4043 - various compilation warnings with XCode
Fixed 4038 - return value of zmq_ctx_get changed unintentionally
libzmq 4.3.3
Security advisories:
CVE-2020-15166: Denial-of-Service on CURVE/ZAP-protected servers by
unauthenticated clients.
If a raw TCP socket is opened and connected to an endpoint that is fully
configured with CURVE/ZAP, legitimate clients will not be able to exchange
any message. Handshakes complete successfully, and messages are delivered to
the library, but the server application never receives them.
For more information see the security advisory:
GHSA-25wp-cf8g-938m
Stack overflow on server running PUB/XPUB socket (CURVE disabled).
The PUB/XPUB subscription store (mtrie) is traversed using recursive
function calls. In the remove (unsubscription) case, the recursive calls are
NOT tail calls, so even with optimizations the stack grows linearly with the
length of a subscription topic. Topics are under the control of remote
clients - they can send a subscription to arbitrary length topics. An
attacker can thus cause a server to create an mtrie sufficiently large such
that, when unsubscribing, traversal will cause a stack overflow.
For more information see the security advisory:
GHSA-qq65-x72m-9wr8
Memory leak in PUB server induced by malicious client(s) without CURVE/ZAP.
Messages with metadata are never processed by PUB sockets, but the metadata
is kept referenced in the PUB object and never freed.
For more information see the security advisory:
GHSA-4p5v-h92w-6wxw
Memory leak in client induced by malicious server(s) without CURVE/ZAP.
When a pipe processes a delimiter and is already not in active state but
still has an unfinished message, the message is leaked.
For more information see the security advisory:
GHSA-wfr2-29gj-5w87
Heap overflow when receiving malformed ZMTP v1 packets (CURVE disabled).
By crafting a packet which is not valid ZMTP v2/v3, and which has two
messages larger than 8192 bytes, the decoder can be tricked into changing
the recorded size of the 8192 bytes static buffer, which then gets overflown
by the next message. The content that gets written in the overflown memory
is entirely decided by the sender.
For more information see the security advisory:
GHSA-fc3w-qxf5-7hp6
Note for packagers: an external, self-contained sha1 library is now
included in the source tree under external/sha1/ - it is licensed
under BSD-3-Clause and thus it is fully compatible with libzmq's
license.
It is only used if WebSockets support is enabled, and if neither GnuTLS nor
NSS are available.
Note for packagers: an internal reimplementation of strlcpy is now included,
for wider platform compatibility.
libbsd can be used and is enabled by default if available instead of the
internal implementation, for better security maintenance in distros.
Note for packagers: ZeroMQConfig.cmake is now installed in the arch-dependent
subdirectory - eg: /usr/lib/x86_64-linux-gnu/cmake/
New DRAFT (see NEWS for 4.2.0) socket type:
ZMQ_CHANNEL is a thread-safe alternative to ZMQ_PAIR.
See doc/zmq_socket.txt for details.
New DRAFT (see NEWS for 4.2.0) socket option:
ZMQ_ONLY_FIRST_SUBSCRIBE will cause only the first part of a multipart
message to be processed as a subscribe/unsubscribe message, and the rest
will be forwarded as user data to the application.
ZMQ_RECONNECT_STOP will cause a connecting socket to stop trying to
reconnect in specific circumstances. See the manpage for details.
ZMQ_HELLO_MSG to set a message that will be automatically sent to a new
connection.
ZMQ_DISCONNECT_MSG to set a message that will be automatically received when
a peer disconnects.
See doc/zmq_setsockopt.txt and doc/zmq_getsockopt.txt for details.
New DRAFT (see NEWS for 4.2.0) zmq_ctx_get_ext/zmq_ctx_set_ext APIs were added
to allow enhancing the context options with variable data inputs.
See doc/zmq_ctx_get_ext.txt and doc/zmq_ctx_set_ext.txt for details.
New DRAFT (see NEWS for 4.2.0) transport options WS and WSS added for support
of WebSockets (and secure WebSockets via TLS) via the ZWS 2.0 protocol.
WSS requires the GnuTLS library for TLS support. ZMQ_WSS_ specific socket
options were added to support TLS.
WebSockets support is disabled by default if DRAFT APIs are disabled.
New DRAFT (see NEWS for 4.2.0) socket type, PEER, which is thread safe and a
related zmq_connect_peer function which atomically and thread-safely connects
and returns a routing-id.
New DRAFT (see NEWS for 4.2.0) zmq_msg_init_buffer API was added to allow
the construction of a message by copying from an existing buffer.
New DRAFT (see NEWS for 4.2.0) zmq_poller_size API was added to allow querying
the number of sockets/fds registered in a zmq_poller.
ZMTP 3.1 peers will receive subscribe/cancel on PUB/SUB via commands rather
than using the first byte of the payload.
zmq_z85_decode now checks that the input string's length is at least 5
characters
and always a multiple of 5 as per API specification.
Fixed 3566 - malformed CURVE message can cause memory leak
Fixed 3567 - missing ZeroMQ_INCLUDE_DIR in ZeroMQConfig.cmake when only
static lib is built
Fixed 3576 - CURVE plaintext secrets now stored in libsodium's secure memory
Fixed 3588 - install debug libraries for debug msvc builds with CMake
Fixed 3591 - incorrect ZMQ_MAX_SOCKETS default value in doc
Fixed 3594 - fixed stream_engine use after free due to concurrent heartbeats
Fixed 3586 - error when compiling with MinGW due to usage of MS-specific
__except keyword
Fixed 3603 - fixed CMake build on SL6.9
Fixed 3607 - added scripts to ease performance graph generation
Fixed 3608 - fix for IPv4 mapping not supported in DragonFlyBSD
Fixed 3636 - added ENABLE_PRECOMPILED CMake option to fix build with Ninja
Fixed 2862 - UDP engine aborts on networking-related errors from socket
syscalls
Fixed 3656 - segfault on sending data from XSUB to XPUB
Fixed 3646 - static-only test run fails
Fixed 3668 - fixed CMAKE_CXX_FLAGS_* regexes on MSVC
Fixed 110 - do not include winsock2.h in public zmq.h header
Fixed 3683 - allow "configure --disable-maintainer-mode"
Fixed 3686 - fix documentation about sockets blocking on send operations
Fixed 3323 - fix behavior of ZMQ_CONFLATE on PUB sockets
Fixed 3698 - fix build on IBM i/PASE/os400
Fixed 3705 - zero-sized messages cause assertion when glibc assertion are on
Fixed 3713 - remove dependency on math library by avoiding std::ceil
Fixed 3694 - build targeting Windows XP is broken
Fixed 3691 - added support for IPC on Windows 10 via AF_UNIX
Fixed 3725 - disable by default test that requires sudo on CMake
Fixed 3727 - fix zmq_poller documentation example
Fixed 3729 - do not check for FD_OOB when using WSAEventSelect on Windows
Fixed 3738 - allow renaming the library in CMake
Fixed 1808 - use AF_UNIX instead of TCP for the internal socket on Windows 10
Fixed 3758 - fix pthread_set_affinity detection in CMake
Fixed 3769 - fix undefined behaviour in array.hpp
Fixed 3772 - fix compiling under msys2-mingw
Fixed 3775 - add -latomic to the private libs flag in pkg-config if needed
Fixed 3778 - fix documentation of zmq_poller's thread safety
Fixed 3792 - do not allow creation of new sockets after zmq_ctx_shutdown
Fixed 3805 - improve performance of CURVE by reducing copies
Fixed 3814 - send subscribe/cancel as commands to ZMTP 3.1 peers
Fixed 3847 - fix building without PGM and NORM
Fixed 3849 - install .cmake file in arch-dependent subdirectory
Fixed 4005 - allow building on Windows ARM/ARM64
|
|
|
|
mail/mailman: security fix
Revisions pulled up:
- mail/mailman/Makefile 1.95
- mail/mailman/PLIST 1.31
- mail/mailman/distinfo 1.31
---
Module Name: pkgsrc
Committed By: tm
Date: Tue Oct 26 18:42:55 UTC 2021
Modified Files:
pkgsrc/mail/mailman: Makefile PLIST distinfo
Log Message:
mail/mailman: Update to 2.1.35
2.1.35 (19-Oct-2021)
Security
- A potential for for a list member to carry out an off-line brute force
attack to obtain the list admin password has been reported by Andre
Protas, Richard Cloke and Andy Nuttall of Apple. This is fixed.
CVE-2021-42096 (LP:#1947639)
- A CSRF attack via the user options page could allow takeover of a users
account. This is fixed. CVE-2021-42097 (LP:#1947640)
Bug Fixes and other patches
- Fixed an issue where sometimes the wrapper message for DMARC mitigation
Wrap Message has no Subject:. (LP: #1915655)
- Plain text message bodies with Content-Disposition: and no declared
charset are no longer scrubbed. (LP: #1917968)
- CommandRunner now recodes message bodies in the charset of the user's
or list's language to avoid a possible UnicodeError when including the
message body in the reply. (LP: #1921682)
- Delivery disabled by bounce notices to admins now have 'disabled'
properly translated. (LP: #1922843)
- DMARC policy discovery ignores domains with multiple DMARC records per
RFC 7849, (LP: 1931029)
|
|
|
|
www/firefox91: security fix
Revisions pulled up:
- www/firefox91/Makefile 1.8
- www/firefox91/PLIST 1.3
- www/firefox91/distinfo 1.6
- www/firefox91/patches/patch-modules_fdlibm_src_math__private.h 1.1
---
Module Name: pkgsrc
Committed By: nia
Date: Wed Nov 3 19:19:40 UTC 2021
Modified Files:
pkgsrc/www/firefox91: Makefile PLIST distinfo
Added Files:
pkgsrc/www/firefox91/patches: patch-modules_fdlibm_src_math__private.h
Log Message:
firefox91: update to 91.3.0
Security Vulnerabilities fixed in Firefox ESR 91.3
#CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets
#CVE-2021-38504: Use-after-free in file picker dialog
#CVE-2021-38506: Firefox could be coaxed into going into fullscreen mode
without notification or warning
#CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass
the Same-Origin-Policy on services hosted on other ports
#MOZ-2021-0008: Use-after-free in HTTP2 Session object
#CVE-2021-38508: Permission Prompt could be overlaid, resulting in user
confusion and potential spoofing
#CVE-2021-38509: Javascript alert box could have been spoofed onto an
arbitrary domain
#CVE-2021-38510: Download Protections were bypassed by .inetloc files on Mac
OS
#MOZ-2021-0007: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3
|
|
firefox91-l10n: dependent update
Revisions pulled up:
- www/firefox91-l10n/Makefile 1.4
- www/firefox91-l10n/distinfo 1.6
---
Module Name: pkgsrc
Committed By: nia
Date: Wed Nov 3 19:23:05 UTC 2021
Modified Files:
pkgsrc/www/firefox91-l10n: Makefile distinfo
Log Message:
firefox91-l10n: sync with firefox91
|
|
|
|
lang/python27: bugfix
Revisions pulled up:
- lang/python27/Makefile 1.95
- lang/python27/distinfo 1.87
- lang/python27/patches/patch-Lib_urlparse.py 1.2
---
Module Name: pkgsrc
Committed By: gutteridge
Date: Wed Oct 27 23:58:55 UTC 2021
Modified Files:
pkgsrc/lang/python27: Makefile distinfo
pkgsrc/lang/python27/patches: patch-Lib_urlparse.py
Log Message:
python27: fix definition of variable added in security patch
Correct a merge botch introduced in a previous commit. It was intended
that a variable be redefined, but it was committed in an incomplete
testing state.
|
|
|
|
lang/php80: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.342
- lang/php80/distinfo 1.11
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Oct 22 15:09:52 UTC 2021
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php80: distinfo
Log Message:
lang/php80: update to 8.0.12
This is a security fix release.
21 Oct 2021, PHP 8.0.12
- CLI:
. Fixed bug #81496 (Server logs incorrect request method). (lauri)
- Core:
. Fixed bug #81435 (Observer current_observed_frame may point to an old
(overwritten) frame). (Bob)
. Fixed bug #81380 (Observer may not be initialized properly). (krakjoe)
- DOM:
. Fixed bug #81433 (DOMElement::setIdAttribute() called twice may remove ID).
(Viktor Volkov)
- FFI:
. Fixed bug #79576 ("TYPE *" shows unhelpful message when type is not
defined). (Dmitry)
- FPM:
. Fixed bug #81026 (PHP-FPM oob R/W in root process leading to privilege
escalation) (CVE-2021-21703). (Jakub Zelenka)
- Fileinfo:
. Fixed bug #78987 (High memory usage during encoding detection). (Anatol)
- Filter:
. Fixed bug #61700 (FILTER_FLAG_IPV6/FILTER_FLAG_NO_PRIV|RES_RANGE failing).
(cmb, Nikita)
- Opcache:
. Fixed bug #81472 (Cannot support large linux major/minor device number when
read /proc/self/maps). (Lin Yang)
- Reflection:
. ReflectionAttribute is no longer final. (sasezaki)
- SPL:
. Fixed bug #80663 (Recursive SplFixedArray::setSize() may cause double-free).
(cmb, Nikita, Tyson Andre)
. Fixed bug #81477 (LimitIterator + SplFileObject regression in 8.0.1). (cmb)
- Standard:
. Fixed bug #69751 (Change Error message of sprintf/printf for missing/typo
position specifier). (Aliaksandr Bystry)
- Streams:
. Fixed bug #81475 (stream_isatty emits warning with attached stream wrapper).
(cmb)
- XML:
. Fixed bug #70962 (XML_OPTION_SKIP_WHITE strips embedded whitespace).
(Aliaksandr Bystry, cmb)
- Zip:
. Fixed bug #81490 (ZipArchive::extractTo() may leak memory). (cmb, Remi)
. Fixed bug #77978 (Dirname ending in colon unzips to wrong dir). (cmb)
|
|
lang/php74: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.343
- lang/php74/distinfo 1.31
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Oct 22 15:14:24 UTC 2021
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php74: distinfo
Log Message:
lang/php74: update to 7.4.25
This is a security fix release.
21 Oct 2021, PHP 7.4.25
- DOM:
. Fixed bug #81433 (DOMElement::setIdAttribute() called twice may remove ID).
(Viktor Volkov)
- FFI:
. Fixed bug #79576 ("TYPE *" shows unhelpful message when type is not
defined). (Dmitry)
- Fileinfo:
. Fixed bug #78987 (High memory usage during encoding detection). (Anatol)
- Filter:
. Fixed bug #61700 (FILTER_FLAG_IPV6/FILTER_FLAG_NO_PRIV|RES_RANGE failing).
(cmb, Nikita)
- FPM:
. Fixed bug #81026 (PHP-FPM oob R/W in root process leading to privilege
escalation) (CVE-2021-21703). (Jakub Zelenka)
- SPL:
. Fixed bug #80663 (Recursive SplFixedArray::setSize() may cause double-free).
(cmb, Nikita, Tyson Andre)
- Streams:
. Fixed bug #81475 (stream_isatty emits warning with attached stream wrapper).
(cmb)
- XML:
. Fixed bug #70962 (XML_OPTION_SKIP_WHITE strips embedded whitespace).
(Aliaksandr Bystry, cmb)
- Zip:
. Fixed bug #81490 (ZipArchive::extractTo() may leak memory). (cmb, Remi)
. Fixed bug #77978 (Dirname ending in colon unzips to wrong dir). (cmb)
|