Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
Compile with version 2.8.18 of "mod_ssl" instead with the (reported to
be vulnerable) version 2.8.17. Bump package revision because of this.
|
|
Compile with version 2.8.18 of "mod_ssl" instead with the (reported to
be vulnerable) version 2.8.17. Bump package revision because of this.
|
|
updated mod_ssl to 2.8.18.
*) Fix buffer overflow in "SSLOptions +FakeBasicAuth" implementation
if the Subject-DN in the client certificate exceeds 6KB in length.
(CVE CAN-2004-0488).
|
|
updated mod_ssl to 2.8.18.
*) Fix buffer overflow in "SSLOptions +FakeBasicAuth" implementation
if the Subject-DN in the client certificate exceeds 6KB in length.
(CVE CAN-2004-0488).
|
|
exim-user/ no longer exists.
|
|
Update exim-exiscan to 4.33_20nb1 (from 4.22-12)
- Fix buffer overflow listed at http://www.guninski.com/exim1.html
- Leave nb1 to indicate we have a local change from stock 4.33_20
- Same exim changes -
http://www.exim.org/ftp/ChangeLogs/ChangeLog-4.33
- Changes (http://duncanthrax.net/exiscan-acl/CHANGELOG) include
- added option to use multiple spamd servers
- many mime changes
- Added Brightmail Antispam support
- clamd fixes
|
|
Update exim-html to 4.30 (from 4.20)
- Update to latest docs
|
|
Update exim-html to 4.30 (from 4.20)
- Update to latest docs
|
|
Delete exim-user
- No longer required - exim now looks up EXIM_{USER,GROUP} at
runtime
|
|
Update exim to exim-4.33nb1 (from 4.22nb5)
- Fix buffer overflow listed at http://www.guninski.com/exim1.html
- Leave nb1 to indicate we have a local change from stock 4.33
- 1086 lines of changes -
http://www.exim.org/ftp/ChangeLogs/ChangeLog-4.33
- Remove dependancy on exim-user - now looks up EXIM_{USER,GROUP} at
runtime
|
|
Update exim to exim-4.33nb1 (from 4.22nb5)
- Fix buffer overflow listed at http://www.guninski.com/exim1.html
- Leave nb1 to indicate we have a local change from stock 4.33
- 1086 lines of changes -
http://www.exim.org/ftp/ChangeLogs/ChangeLog-4.33
- Remove dependancy on exim-user - now looks up EXIM_{USER,GROUP} at
runtime
|
|
Update exim to exim-4.33nb1 (from 4.22nb5)
- Fix buffer overflow listed at http://www.guninski.com/exim1.html
- Leave nb1 to indicate we have a local change from stock 4.33
- 1086 lines of changes -
http://www.exim.org/ftp/ChangeLogs/ChangeLog-4.33
- Remove dependancy on exim-user - now looks up EXIM_{USER,GROUP} at
runtime
|
|
Update exim to exim-4.33nb1 (from 4.22nb5)
- Fix buffer overflow listed at http://www.guninski.com/exim1.html
- Leave nb1 to indicate we have a local change from stock 4.33
- 1086 lines of changes -
http://www.exim.org/ftp/ChangeLogs/ChangeLog-4.33
- Remove dependancy on exim-user - now looks up EXIM_{USER,GROUP} at
runtime
|
|
Update exim to exim-4.33nb1 (from 4.22nb5)
- Fix buffer overflow listed at http://www.guninski.com/exim1.html
- Leave nb1 to indicate we have a local change from stock 4.33
- 1086 lines of changes -
http://www.exim.org/ftp/ChangeLogs/ChangeLog-4.33
- Remove dependancy on exim-user - now looks up EXIM_{USER,GROUP} at
runtime
|
|
Update exim to exim-4.33nb1 (from 4.22nb5)
- Fix buffer overflow listed at http://www.guninski.com/exim1.html
- Leave nb1 to indicate we have a local change from stock 4.33
- 1086 lines of changes -
http://www.exim.org/ftp/ChangeLogs/ChangeLog-4.33
- Remove dependancy on exim-user - now looks up EXIM_{USER,GROUP} at
runtime
|
|
Update exim to exim-4.33nb1 (from 4.22nb5)
- Fix buffer overflow listed at http://www.guninski.com/exim1.html
- Leave nb1 to indicate we have a local change from stock 4.33
- 1086 lines of changes -
http://www.exim.org/ftp/ChangeLogs/ChangeLog-4.33
- Remove dependancy on exim-user - now looks up EXIM_{USER,GROUP} at
runtime
|
|
Update exim to exim-4.33nb1 (from 4.22nb5)
- Fix buffer overflow listed at http://www.guninski.com/exim1.html
- Leave nb1 to indicate we have a local change from stock 4.33
- 1086 lines of changes -
http://www.exim.org/ftp/ChangeLogs/ChangeLog-4.33
- Remove dependancy on exim-user - now looks up EXIM_{USER,GROUP} at
runtime
|
|
Reset maintainer to tech-pkg@ (from ad@, since he is not working on
them any longer).
|
|
Use @PKG_SYSCONFDIR@ instead of @PREFIX@/etc/exim
for location of configure script check in the exim rc.d script.
|
|
Update exim3 to exim-3.36nb2
- Fix buffer overflows listed at http://www.guninski.com/exim1.html
|
|
Update exim3 to exim-3.36nb2
- Fix buffer overflows listed at http://www.guninski.com/exim1.html
|
|
Update exim3 to exim-3.36nb2
- Fix buffer overflows listed at http://www.guninski.com/exim1.html
|
|
Update exim3 to exim-3.36nb2
- Fix buffer overflows listed at http://www.guninski.com/exim1.html
|
|
Update ap-ssl package (mod_ssl) to 2.8.17.
Upgraded to Apache 1.3.31.
|
|
Update ap-ssl package (mod_ssl) to 2.8.17.
Upgraded to Apache 1.3.31.
|
|
Update apache package to 1.3.31.
Regenerate patch-aa to obtain correct offsets so this works with
Linux 'patch'.
|
|
Regenerate patch-aa to obtain correct offsets so this works with
Linux 'patch'.
|
|
define BUILDLINK_PKGBASE.
|
|
Update apache package to 1.3.31.
* CAN-2003-0987 (cve.mitre.org)
* CAN-2003-0020 (cve.mitre.org)
* CAN-2004-0174 (cve.mitre.org)
* CAN-2003-0993 (cve.mitre.org)
|
|
Update apache package to 1.3.31.
* CAN-2003-0987 (cve.mitre.org)
* CAN-2003-0020 (cve.mitre.org)
* CAN-2004-0174 (cve.mitre.org)
* CAN-2003-0993 (cve.mitre.org)
|
|
Update to Version 1.0.3.
(19 May 2004, from /branches/1.0.3)
http://svn.collab.net/repos/svn/tags/1.0.3
User-visible-changes:
* fixed: security bug in date parsing. (CAN-2004-0397)
|
|
Update to Version 1.0.3.
(19 May 2004, from /branches/1.0.3)
http://svn.collab.net/repos/svn/tags/1.0.3
User-visible-changes:
* fixed: security bug in date parsing. (CAN-2004-0397)
|
|
Update to Version 1.0.3.
(19 May 2004, from /branches/1.0.3)
http://svn.collab.net/repos/svn/tags/1.0.3
User-visible-changes:
* fixed: security bug in date parsing. (CAN-2004-0397)
|
|
Update to Version 1.0.3.
(19 May 2004, from /branches/1.0.3)
http://svn.collab.net/repos/svn/tags/1.0.3
User-visible-changes:
* fixed: security bug in date parsing. (CAN-2004-0397)
|
|
Update to Version 1.0.3.
(19 May 2004, from /branches/1.0.3)
http://svn.collab.net/repos/svn/tags/1.0.3
User-visible-changes:
* fixed: security bug in date parsing. (CAN-2004-0397)
|
|
security problem (reported as CAN-2004-0426 (cve.mitre.org)).
Requested by taca in ticket pkgsrc/27.
Module Name: pkgsrc
Committed By: tron
Date: Tue May 4 11:36:19 UTC 2004
Modified Files:
pkgsrc/net/rsync: Makefile distinfo
Removed Files:
pkgsrc/net/rsync/patches: patch-af
Log Message:
Update "rsync" package to version 2.6.2. Changes since version 2.6.0:
- Fixed a major bug in the sorting of the filenames when --relative
is used for some sources (probably just "/", but don't depend on
that). This fix ensures that we ask for the right file-list item
when requesting changes from the sender.
- Rsync now checks the return value of the close() function to
better report disk-full problems on an NFS file system.
- Paths sent to an rsync daemon are more thoroughly sanitized when
chroot is not used. If you're running a non-read-only rsync
daemon with chroot disabled, *please upgrade*, ESPECIALLY if the
user privs you run rsync under is anything above "nobody".
- Lower memory use, more optimal transfer of data over the socket,
and lower CPU usage (see the INTERNAL section for details).
- The RSYNC_PROXY environment variable can now contain a
"USER:PASS@" prefix before the "HOST:PORT" information.
(Bardur Arantsson)
- The --progress output now mentions how far along in the transfer
we are, including both a count of files transferred and a
percentage of the total file-count that we've processed. It also
shows better current-rate-of-transfer and remaining-transfer-time
values.
- The configure script now accepts --with-rsyncd-conf=PATH to
override the default value of the /etc/rsyncd.conf file.
- Added a couple extra diffs in the "patches" dir, removed the ones
that got applied, and rebuilt the rest.
- Documentation changes now attempt to describe some often mis-
understood features more clearly.
- When -x (--one-file-system) is combined with -L (--copy-links) or
--copy-unsafe-links, no symlinked files are skipped, even if the
referent file is on a different filesystem.
- The --link-dest code now works properly for a non-root user when
(1) the UIDs of the source and destination differ and -o was
specified, or (2) when the group of the source can't be used on
the destination and -g was specified.
- Fixed a bug in the handling of -H (hard-links) that might cause
the expanded PATH/NAME value of the current item to get
overwritten (due to an expanded-name caching bug).
- We now reset the "new data has been sent" flag at the start of
each file we send. This makes sure that an interrupted transfer
with the --partial option set doesn't keep a shorter temp file
than the current basis file when no new data has been transfered
over the wire for that file.
- Fixed a byte-order problem in --batch-mode on big-endian machines.
(Jay Fenlason)
- Fixed configure bug when running "./configure --disable-ipv6".
- Fixed "make test" bug when build dir is not the source dir.
- When using --cvs-exclude, the exclude items we get from a
per-directory's .cvsignore file once again only affect that one
directory (not all following directories too). The items are also
now properly word-split and parsed without any +/- prefix parsing.
- When specifying the USER@HOST: prefix for a file, the USER part
can now contain an '@', if needed (i.e. the last '@' is used to
find the HOST, not the first).
- Fixed some bugs in the handling of group IDs for non-root users:
(1) It properly handles a group that the sender didn't have a name
for (it would previously skip changing the group on any files in
that group). (2) If --numeric-ids is used, rsync no longer
attempts to set groups that the user doesn't have the permission
to set.
- Fixed the "refuse options" setting in the rsyncd.conf file.
- Improved the -x (--one-file-system) flag's handling of any mount-
point directories we encounter. It is both more optimal (in that
it no longer does a useless scan of the contents of the mount-
point dirs) and also fixes a bug where a remapped mount of the
original filesystem could get discovered in a subdir we should be
ignoring.
- Rsync no longer discards a double-slash at the start of a filename
when trying to open the file. It also no longer constructs names
that start with a double slash (unless the user supplied them).
- Path-specifying options to a daemon should now work the same with
or without chroot turned on. Previously, such a option (such as
--link-dest) would get its absolute path munged into a relative
one if chroot was not on, making that setting fairly useless.
Rsync now transforms the path into one that is based on the
module's base dir when chroot is not enabled.
- Fixed compilation problem on Tru64 Unix (having to do with
sockaddr.sa_len and sockaddr.sin_len).
- Fixed a compatibility problem interacting with older rsync
versions that might send us an empty --suffix value without
telling us that --backup-dir was specified.
- The "hosts allow" option for a daemon-over-remote-shell process
now has improved support for IPv6 addresses and a fix for systems
that have a length field in their socket structs.
- Fixed the ability to request an empty backup --suffix when sending
files to an rsync daemon.
|
|
Requested by hubertf in ticket pkgsrc-26.
"Update Appendix B for new ftp server layout"
|
|
for comments which were sandwiched in the middle).
Requested by hubertf in ticket pkgsrc-25.
"Deprecate RSYNC_DST_SPECIFIC and RSYNC_DST_OTHER and replace them
by RSYNC_DST. Warn if any of them is not set properly, and in
general adjust to the new layout on the FTP server."
|
|
Requested by xtraeme in ticket pkgsrc-24.
"Update neon to 0.24.5
Changes in release 0.24.5:
* SECURITY (CVE CAN-2004-0179): Fix format string vulnerabilities in
XML/207 response handling, reported by greuff@void.at.
* Performance fix: avoid seeding the SSL PRNG if not creating an SSL socket.
* ne_ssl_readable_dname() is now defined to return UTF-8 strings.
* Fix case where gssapi/gssapi_generic.h was included but not present.
* Fix ne_utils.c build on platforms where zlib does "#define const".
* Fix use of ne_proppatch_operation with some C++ compilers.
* Update libtool for fix to --enable-shared on Darwin.
* BeOS: check for gethostbyname in -lbind (David Reid)."
|
|
Requested by tron in ticket pkgsrc-23.
"Fix buffer overflow in Socks 5 code, bump package revision."
|
|
Requested by xtraeme in ticket pkgsrc-22.
"Fix XChat's Socks-5 proxy code, see
http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html.
Bump PKGREVISION."
|
|
Requested by fredb in ticket pkgsrc-19.
"Update uudeview and friends to 0.5.20. Fixes a few serious bugs in uulib,
including buffer overrun errors, and adds a handful of little improvements
to the library and programs."
and
"Bump the share library version number to 2.0 for the addition of
UULoadFileWithPartNo(), with apologies to anyone who's updated within
the last three minutes."
|
|
Requested by hubertf in ticket pkgsrc-18.
"Catch UPDATE_VULNERABILITY_LIST being unset, default to be conservative
and run it if it's not explicitly set to "no""
|
|
Requested by xtraeme in ticket pkgsrc-17.
"Ensure that xmms is linked against libiconv under 1.6, so the vorbis
plugin works correctly, fixes PR pkg/24885."
|
|
Requested by taca in ticket pkgsrc-16 (and 12, I think).
"Add three patches to resolve security issue:
SECURITY [CAN-2003-0020]: escape arbitrary data before writing into the errorlog
The three patches are from Apache cvs.
http://cvs.apache.org/viewcvs.cgi/apache-1.3/src/
Also bump PKGREVISION too."
|
|
Requested by dmcmahill in ticket pkgsrc-15.
"document how to do a bulk build of a subset of pkgsrc".
|
|
branch. Also pullup a minor wording change in an informational
message whilst I'm here.
Requested by dmcmahill in ticket pkgsrc-14.
"Add support in the bulk build code to properly deal with SPECIFIC_PKGS=1.
In particular, when SPECIFIC_PKGS is set in /etc/mk.conf, you can now do
sh mk/bulk/build
and have the right thing happen. Only those packages explicitly listed
and those which are depended upon are considered for the build. Other
than the restricted list of packages, the bulk build works the same way
as a full bulk build."
|
|
Requested by jschauma in ticket pkgsrc-13.
"Set EGREP to an actual egrep, not plain old grep.
This fixed my own PR pkg/25109, as using a proper egrep will allow
buildlink to work."
|
|
Requested by jwise in ticket pkgsrc-9.
"Fix build against newest X11. for some obscure reason,
src/modules/x11/dataentry.c explicitly unset NeedFunctionPrototypes,
which can no longer safely be done in recent X11 sources (as _Xconst
is only defined if this is set, yet is used everywhere)."
|