Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
security update for ap-auth-kerb
- pkgsrc/www/ap-auth-kerb/Makefile 1.5
- pkgsrc/www/ap-auth-kerb/distinfo 1.2
Module Name: pkgsrc
Committed By: markd
Date: Thu Jan 25 19:54:08 UTC 2007
Modified Files:
pkgsrc/www/ap-auth-kerb: Makefile distinfo
Log Message:
Update to mod_auth_kerb-5.3. Suggested by Michael Santos in PR pkg/35459.
Changes:
Fixes a potential buffer overflow vulnerability in the SPNEGO processing.
|
|
security update for py-django
- pkgsrc/www/py-django/Makefile 1.5
- pkgsrc/www/py-django/PLIST 1.2
- pkgsrc/www/py-django/distinfo 1.2
Module Name: pkgsrc
Committed By: joerg
Date: Thu Jan 25 20:11:30 UTC 2007
Modified Files:
pkgsrc/www/py-django: Makefile PLIST distinfo
Log Message:
Update Django to 0.95.1. Changes:
* A patch for a small security vulnerability in the script Django's
internationalization system uses to compile translation files.
* A fix for a bug in Django's authentication middleware which could cause
apparent "caching" of a logged-in user.
* A patch which disables debugging mode in the flup FastCGI package
Django uses to launch its FastCGI server, which prevents tracebacks
from bubbling up during production use.
|
|
|
|
download fix for suse91_*
- pkgsrc/emulators/suse91_linux/Makefile.common 1.16
Module Name: pkgsrc
Committed By: joerg
Date: Tue Jan 23 16:54:59 UTC 2007
Modified Files:
pkgsrc/emulators/suse91_linux: Makefile.common
Log Message:
SuSE 9.1 is discontinued, directory layout changed to reflect that.
|
|
build fix for jakarta-servletapi
- pkgsrc/www/jakarta-servletapi/distinfo 1.6
- pkgsrc/www/jakarta-servletapi/patches/patch-aa 1.1
Module Name: pkgsrc
Committed By: joerg
Date: Tue Jan 23 16:22:00 UTC 2007
Modified Files:
pkgsrc/www/jakarta-servletapi: distinfo
Added Files:
pkgsrc/www/jakarta-servletapi/patches: patch-aa
Log Message:
Don't bail out on deprecated symbols. Fixes build with jikes which
considers them errors by default. From Peter Schuller.
|
|
distinfo fix for fd
- pkgsrc/misc/fd/Makefile 1.24
- pkgsrc/misc/fd/distinfo 1.8
Module Name: pkgsrc
Committed By: hira
Date: Mon Jan 22 03:52:27 UTC 2007
Modified Files:
pkgsrc/misc/fd: distinfo
Log Message:
Correct filename of patch (patch-ab -> patch-ae).
---
Module Name: pkgsrc
Committed By: hira
Date: Mon Jan 22 11:30:01 UTC 2007
Modified Files:
pkgsrc/misc/fd: Makefile
Log Message:
The previous commit has fixed the path of manpages.
Bump PKGREVISION.
|
|
bugfix for mldonkey
- pkgsrc/net/mldonkey/Makefile 1.43
- pkgsrc/net/mldonkey/distinfo 1.34
- pkgsrc/net/mldonkey/patches/patch-aa 1.13
- pkgsrc/net/mldonkey/patches/patch-ab 1.3
- pkgsrc/net/mldonkey/patches/patch-ac 1.3
Module Name: pkgsrc
Committed By: wiz
Date: Sat Jan 13 18:41:33 UTC 2007
Modified Files:
pkgsrc/net/mldonkey: Makefile distinfo
Added Files:
pkgsrc/net/mldonkey/patches: patch-aa patch-ab patch-ac
Log Message:
Add (official) patch to fix following problem:
MLDonkey has a very serious bug which leeds to uploading
data blocks twice to eMule clients.
This is due to the fact that MLDonkey gets confused by
eMule rotating block request scheme.
http://hydranode.com/docs/ed2k/ed2kproto.php#upload
> Namely, eMule (and compatible) clients use "rotational chunkrequest"
> scheme, where each REQCHUNKS packet contains one new chunk and two older
> chunks ...
> This can lead to duplicate data being sent by mldonkeys, if a rotational
> chunkrequest scheme is used when communicating with them.
More infos about it, including logs proving the problem, can be found here:
http://mldonkey.sourceforge.net/forums/viewtopic.php?t=4576
Bump PKGREVISION.
|
|
bugfix update for proftpd
- pkgsrc/net/proftpd/Makefile 1.39
- pkgsrc/net/proftpd/PLIST 1.12
- pkgsrc/net/proftpd/distinfo 1.22
- pkgsrc/net/proftpd/patches/patch-aa 1.9
- pkgsrc/net/proftpd/patches/patch-ab 1.6
- pkgsrc/net/proftpd/patches/patch-ac 1.8
Module Name: pkgsrc
Committed By: martti
Date: Sat Jan 13 09:47:38 UTC 2007
Modified Files:
pkgsrc/net/proftpd: Makefile PLIST distinfo
pkgsrc/net/proftpd/patches: patch-aa patch-ab patch-ac
Log Message:
Updated net/proftpd to 1.3.1rc2
+ Fixed mod_sql's handling of WHERE clauses
+ Fixed segfaults ocurring after SIGHUP when shared modules are used
+ Fixed copying of symlinks in skeleton directory for CreateHome
|
|
portability fix for libksba
- pkgsrc/security/libksba/distinfo 1.10
- pkgsrc/security/libksba/patches/patch-ab 1.1
Module Name: pkgsrc
Committed By: minskim
Date: Thu Jan 11 00:02:53 UTC 2007
Modified Files:
pkgsrc/security/libksba: distinfo
Added Files:
pkgsrc/security/libksba/patches: patch-ab
Log Message:
Make this package build on Darwin. Patch from Darwinports.
This fixes PR 35400.
|
|
|
|
security fix for koffice
- pkgsrc/misc/koffice/Makefile 1.88-1.89
- pkgsrc/misc/koffice/distinfo 1.37-1.38
- pkgsrc/misc/koffice/patches/patch-ac 1.10
Module Name: pkgsrc
Committed By: markd
Date: Sun Jan 14 11:31:44 UTC 2007
Modified Files:
pkgsrc/misc/koffice: Makefile distinfo
Added Files:
pkgsrc/misc/koffice/patches: patch-ac
Log Message:
Fix path in a #include in kdchart_export.h so that it works when installed.
From Gary Duzan in private email. Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: markd
Date: Wed Jan 17 10:35:40 UTC 2007
Modified Files:
pkgsrc/misc/koffice: Makefile distinfo
Log Message:
Fix for kword/xpdf denial of service vulnerability from
http://www.kde.org/info/security/advisory-20070115-1.txt.
Bump PKGREVISION.
|
|
|
|
security fix for xorg-server
Revisions pulled up:
- pkgsrc/x11/xorg-server/Makefile 1.50
- pkgsrc/x11/xorg-libs/distinfo 1.58
- pkgsrc/x11/xorg-libs/patches/patch-cv 1.1
- pkgsrc/x11/xorg-libs/patches/patch-cw 1.1
Module Name: pkgsrc
Committed By: joerg
Date: Wed Jan 17 16:32:35 UTC 2007
Modified Files:
pkgsrc/x11/xorg-libs: distinfo
pkgsrc/x11/xorg-server: Makefile
Added Files:
pkgsrc/x11/xorg-libs/patches: patch-cv patch-cw
Log Message:
Add vendor patch for CVE-2006-6101, CVE-2006-6102 and CVE-2006-6103;
this fixes possible overflows in the extensions dbe and render.
|
|
|
|
security update for fetchmail
Revisions pulled up:
- pkgsrc/mail/fetchmail/Makefile 1.159
- pkgsrc/mail/fetchmail/PLIST 1.11
- pkgsrc/mail/fetchmail/distinfo 1.35
- pkgsrc/mail/fetchmail/patches/patch-aa removed
- pkgsrc/mail/fetchmail/patches/patch-ab 1.16
- pkgsrc/mail/fetchmail/patches/patch-ac removed
- pkgsrc/mail/fetchmail/patches/patch-ad removed
- pkgsrc/mail/fetchmail/patches/patch-ae removed
- pkgsrc/mail/fetchmail/patches/patch-ah removed
- pkgsrc/mail/fetchmail/patches/patch-ai removed
- pkgsrc/mail/fetchmail/patches/patch-aj removed
- pkgsrc/mail/fetchmail/patches/patch-al removed
- pkgsrc/mail/fetchmailconf/Makefile 1.69, 1.70
- pkgsrc/mail/fetchmailconf/PLIST 1.2
Module Name: pkgsrc
Committed By: rillig
Date: Sun Jan 7 09:14:16 UTC 2007
Modified Files:
pkgsrc/mail/fetchmailconf: Makefile
Log Message:
Mechanically replaced man/* with ${PKGMANDIR}/* in the definition of
INSTALLATION_DIRS, as well as all occurrences of ${PREFIX}/man with
${PREFIX}/${PKGMANDIR}.
Fixes PR 35265, although I did not use the patch provided therein.
---
Module Name: pkgsrc
Committed By: tron
Date: Wed Jan 17 14:29:12 UTC 2007
Modified Files:
pkgsrc/mail/fetchmail: Makefile PLIST distinfo
pkgsrc/mail/fetchmail/patches: patch-ab
pkgsrc/mail/fetchmailconf: Makefile PLIST
Removed Files:
pkgsrc/mail/fetchmail/patches: patch-aa patch-ac patch-ad patch-ae
patch-ah patch-ai patch-aj patch-al
Log Message:
Update "fetchmail" and "fetchmailconf" packages to version 6.3.6.
The list of changes since version 6.2.5.5 is too large to mention here.
The new version provides a fix for the vulnerability reported in the
fetchmail-SA-2006-02.txt advisory.
|
|
|
|
security update for pam-ldap
Revisions pulled up:
- pkgsrc/security/pam-ldap/Makefile 1.27
- pkgsrc/security/pam-ldap/distinfo 1.9
- pkgsrc/security/pam-ldap/patches/patch-ab 1.6
Module Name: pkgsrc
Committed By: taca
Date: Mon Jan 15 03:24:03 UTC 2007
Modified Files:
pkgsrc/security/pam-ldap: Makefile distinfo
pkgsrc/security/pam-ldap/patches: patch-ab
Log Message:
Update pam-ldap to 183.
- Fix miscellaneous pkglint warnings.
- Fix security problem; CAN-2006-5170.
$Id: ChangeLog,v 1.212 2006/10/05 23:23:52 lukeh Exp $
===============================================================
183 Luke Howard <lukeh@padl.com>
* fix for BUG#291: don't suppress password policy
errors which should not be suppressed
182 Luke Howard <lukeh@padl.com>
* fix for BUG#269: compile time error in call to
ldap_sasl_interactive_bind_s()
181 Luke Howard <lukeh@padl.com>
* fix for BUG#256: don't send password policy request
control if pam_lookup_policy no specified
* fix for BUG#254: check gethostbyname() result
* fix for BUG#237: typo in ldap_get_lderrno()
implementation
* fix for BUG#207: if ldap_start_tls_s() fails
return PAM_AUTHINFO_UNAVAIL
* fix for BUG#261: sslpath example wrong
* fix for BUG#268: POLICY_ERROR_CHANGE_AFTER_RESET
should be handled as POLICY_ERROR_PASSWORD_EXPIRED,
other password policy errors to be treated as fatal
|
|
|
|
security fix for kdegraphics3
- pkgsrc/graphics/kdegraphics3/Makefile 1.70
- pkgsrc/graphics/kdegraphics3/distinfo 1.43
Module Name: pkgsrc
Committed By: markd
Date: Wed Jan 17 10:33:06 UTC 2007
Modified Files:
pkgsrc/graphics/kdegraphics3: Makefile distinfo
Log Message:
Fix for kpdf denial of service vulnerability from
http://www.kde.org/info/security/advisory-20070115-1.txt.
Bump PKGREVISION.
|
|
|
|
security fix for kdenetwork3
Revisions pulled up:
- pkgsrc/net/kdenetwork3/Makefile 1.56
- pkgsrc/net/kdenetwork3/distinfo 1.41
Module Name: pkgsrc
Committed By: markd
Date: Sat Jan 13 01:02:55 UTC 2007
Modified Files:
pkgsrc/net/kdenetwork3: Makefile distinfo
Log Message:
Fix security issue in ksirc
http://www.kde.org/info/security/advisory-20070109-1.txt
bump PKGREVISION.
|
|
|
|
security update for acroread7
Revisions pulled up:
- pkgsrc/print/acroread7/Makefile 1.17
- pkgsrc/print/acroread7/distinfo 1.7
Module Name: pkgsrc
Committed By: obache
Date: Thu Jan 11 11:52:17 UTC 2007
Modified Files:
pkgsrc/print/acroread7: Makefile distinfo
Log Message:
Update to version 7.0.9.
Patch provided by KIRIHARA Masaharu in PR 35393.
Security fix of APSB07-01.
http://www.adobe.com/support/security/bulletins/apsb07-01.html
|
|
|
|
security fix for mplayer, gmplayer, mencoder
- pkgsrc/multimedia/gmplayer/Makefile 1.58
- pkgsrc/multimedia/gmplayer/distinfo 1.44
- pkgsrc/multimedia/mencoder/Makefile 1.31
- pkgsrc/multimedia/mplayer/Makefile 1.38
- pkgsrc/multimedia/mplayer-share/distinfo 1.36
- pkgsrc/multimedia/mplayer-share/patches/patch-ba 1.5
- pkgsrc/multimedia/mplayer-share/patches/patch-bb 1.5
- pkgsrc/multimedia/mplayer-share/patches/patch-bc 1.3
Module Name: pkgsrc
Committed By: drochner
Date: Tue Jan 9 14:49:34 UTC 2007
Modified Files:
pkgsrc/multimedia/gmplayer: Makefile distinfo
pkgsrc/multimedia/mencoder: Makefile
pkgsrc/multimedia/mplayer: Makefile
pkgsrc/multimedia/mplayer-share: distinfo
Added Files:
pkgsrc/multimedia/mplayer-share/patches: patch-ba patch-bb patch-bc
Log Message:
add limit check to real parser (identical to CVE-2006-6172)
from mplayer svn
bump PKGREVISIONs
|
|
|
|
security update for phpmyadmin
- pkgsrc/databases/phpmyadmin/Makefile 1.57
- pkgsrc/databases/phpmyadmin/distinfo 1.27
Module Name: pkgsrc
Committed By: tron
Date: Wed Jan 10 12:50:04 UTC 2007
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 2.9.2rc1.
Changes since version 2.9.1.1 (literal quote from the home page):
Version 2.9.2-rc1 contains some security fixes (an advisory will be
published when releasing 2.9.2) and other fixes.
|
|
|
|
dependency fix for pymol
- pkgsrc/biology/pymol/Makefile 1.6
Module Name: pkgsrc
Committed By: joerg
Date: Mon Jan 8 17:23:06 UTC 2007
Modified Files:
pkgsrc/biology/pymol: Makefile
Log Message:
Needs GLU. Bump revision.
|
|
|
|
security fix for gtexinfo
- pkgsrc/devel/gtexinfo/Makefile 1.67
- pkgsrc/devel/gtexinfo/distinfo 1.26-1.27
- pkgsrc/devel/gtexinfo/patches/patch-al 1.4-1.5
Module Name: pkgsrc
Committed By: rillig
Date: Mon Jan 8 08:21:48 UTC 2007
Modified Files:
pkgsrc/devel/gtexinfo: distinfo
pkgsrc/devel/gtexinfo/patches: patch-al
Log Message:
Fixed the "fix" for CVE-2006-4810, since it introduced these compiler
warnings.
===> GCC
texindex.c: In function `readline':
texindex.c:848: warning: assignment makes pointer from integer without a cast
===> MIPSpro
cc-1515 cc: ERROR File = texindex.c, Line = 848
A value of type "long" cannot be assigned to an entity of type "char *".
end = buffer - linebuffer->buffer;
Well, if the compilers were more intelligent, they could have seen that
(buffer == linebuffer->buffer) was an invariant and that the resulting
difference was therefore always zero, and zero can be converted into any
pointer type. ;)
---
Module Name: pkgsrc
Committed By: rillig
Date: Mon Jan 8 08:50:51 UTC 2007
Modified Files:
pkgsrc/devel/gtexinfo: Makefile distinfo
pkgsrc/devel/gtexinfo/patches: patch-al
Log Message:
Corrected my last change. The original patch for CVE-2006-4810 was
correct, only the pkgsrc version somehow managed to get wrong.
PKGREVISION++
|
|
|
|
PKGNAME fix for hugs
Revisions pulled up:
- pkgsrc/lang/hugs/Makefile 1.37
Module Name: pkgsrc
Committed By: wiz
Date: Sun Jan 7 00:16:14 UTC 2007
Modified Files:
pkgsrc/lang/hugs: Makefile
Log Message:
Fix PKGNAME after update. Noted by Ben Secrest on pkgsrc-users.
|
|
|
|
security update for bzip2
Revisions pulled up:
- pkgsrc/archivers/bzip2/Makefile 1.43
- pkgsrc/archivers/bzip2/distinfo 1.13
- pkgsrc/archivers/bzip2/patches/patch-aa 1.12
Module Name: pkgsrc
Committed By: wiz
Date: Sat Jan 6 15:34:37 UTC 2007
Modified Files:
pkgsrc/archivers/bzip2: Makefile distinfo
pkgsrc/archivers/bzip2/patches: patch-aa
Log Message:
Update to 1.0.4:
1.0.4 (20 Dec 06)
~~~~~~~~~~~~~~~~~
Fixes some minor bugs since the last version, 1.0.3.
* Fix file permissions race problem (CAN-2005-0953).
* Avoid possible segfault in BZ2_bzclose. From Coverity's NetBSD
scan.
* 'const'/prototype cleanups in the C code.
* Change default install location to /usr/local, and handle multiple
'make install's without error.
* Sanitise file names more carefully in bzgrep. Fixes CAN-2005-0758
to the extent that applies to bzgrep.
* Use 'mktemp' rather than 'tempfile' in bzdiff.
* Tighten up a couple of assertions in blocksort.c following automated
analysis.
* Fix minor doc/comment bugs.
|
|
|
|
security update for drupal
Revisions pulled up:
- pkgsrc/www/drupal/Makefile 1.17
- pkgsrc/www/drupal/distinfo 1.13
Module Name: pkgsrc
Committed By: adrianp
Date: Sat Jan 6 15:40:54 UTC 2007
Modified Files:
pkgsrc/www/drupal: Makefile distinfo
Log Message:
Update to 4.7.5
Only updates to address two new security issues:
http://drupal.org/files/sa-2007-001/advisory.txt
http://drupal.org/files/sa-2007-002/advisory.txt
|
|
|
|
install fix for qcad-partlibrary
Revisions pulled up:
- pkgsrc/cad/qcad-partlibrary/Makefile 1.2
Module Name: pkgsrc
Committed By: rillig
Date: Tue Jan 2 13:44:23 UTC 2007
Modified Files:
pkgsrc/cad/qcad-partlibrary: Makefile
Log Message:
Fixed file permissions. 3270 files had been installed world-writable.
PKGREVISION++
|
|
|
|
configure bugfix for libextractor
Revisions pulled up:
- pkgsrc/devel/libextractor/Makefile 1.26
- pkgsrc/devel/libextractor/distinfo 1.18
- pkgsrc/devel/libextractor/patches/patch-ae 1.5
Module Name: pkgsrc
Committed By: rillig
Date: Tue Jan 2 14:51:15 UTC 2007
Modified Files:
pkgsrc/devel/libextractor: Makefile distinfo
pkgsrc/devel/libextractor/patches: patch-ae
Log Message:
Fixed insufficient variable expansion by the configure script.
PKGREVISION++
|
|
|
|
portability fix for png
Revisions pulled up:
- pkgsrc/graphics/png/Makefile 1.87, 1.88
- pkgsrc/graphics/png/buildlink3.mk 1.18, 1.19, 1.20
- pkgsrc/graphics/png/distinfo 1.35
- pkgsrc/graphics/png/patches/patch-ac 1.6
Module Name: pkgsrc
Committed By: tv
Date: Wed Jan 3 16:23:10 UTC 2007
Modified Files:
pkgsrc/graphics/png: Makefile buildlink3.mk distinfo
Added Files:
pkgsrc/graphics/png/patches: patch-ac
Log Message:
Don't allow "ld --version-script" on Interix. Fixes PR pkg/35210.
Based on patch idea from Aleksey Cheusov <cheusov@tut.by>.
(Sanity tested for breakage on a non-Interix platform, NetBSD.)
---
Module Name: pkgsrc
Committed By: joerg
Date: Wed Jan 3 19:54:12 UTC 2007
Modified Files:
pkgsrc/graphics/png: buildlink3.mk
Log Message:
Include bsd.fast.prefs.mk before accessing OPSYS.
---
Module Name: pkgsrc
Committed By: rillig
Date: Wed Jan 3 20:38:46 UTC 2007
Modified Files:
pkgsrc/graphics/png: Makefile buildlink3.mk
Log Message:
Fixed pkglint warnings.
|
|
|
|
add CONFLICT with bacula-clientonly in bacula
Revisions pulled up:
- pkgsrc/sysutils/bacula/Makefile 1.20
Module Name: pkgsrc
Committed By: ghen
Date: Thu Jan 4 12:16:57 UTC 2007
Modified Files:
pkgsrc/sysutils/bacula: Makefile
Log Message:
bacula-client was reimported as bacula-clientonly, add a CONFLICT with the
latter, too.
|
|
|
|
bugfix update for lftp
Revisions pulled up:
- pkgsrc/net/lftp/Makefile 1.75
- pkgsrc/net/lftp/distinfo 1.40
Module Name: pkgsrc
Committed By: ghen
Date: Thu Jan 4 13:27:12 UTC 2007
Modified Files:
pkgsrc/net/lftp: Makefile distinfo
Log Message:
Update lftp to 3.5.6 which fixes a coredump on mget/mput. Ok with salo.
|
|
|
|
security update for miredo
Revisions pulled up:
- pkgsrc/net/miredo/Makefile 1.12
- pkgsrc/net/miredo/PLIST 1.5
- pkgsrc/net/miredo/distinfo 1.9
- pkgsrc/net/miredo/patches/patch-aa removed
- pkgsrc/net/miredo/patches/patch-ab 1.6
- pkgsrc/net/miredo/patches/patch-ac 1.5
Module Name: pkgsrc
Committed By: rpaulo
Date: Wed Jan 3 19:21:01 UTC 2007
Modified Files:
pkgsrc/net/miredo: Makefile PLIST distinfo
pkgsrc/net/miredo/patches: patch-ab patch-ac
Removed Files:
pkgsrc/net/miredo/patches: patch-aa
Log Message:
Update do version 1.0.6 as requested by pkgsrc-security (hi!).
===========================================================================
STABLE RELEASE 1.0.6 : Major bug fixes
# Fix support for Teredo peers behind symmetric NATs (bug from 0.9.8).
This could probably be used to spoof a Teredo clients.
# MacOS X compilation fix.
===========================================================================
STABLE RELEASE 1.0.5 : Major bug fixes
# Fix issues with timer and compiler optimizations (bug from 0.9.4).
# Increase ping test hop limit:
Some IPv6 native nodes could not be reached otherwise.
# Increase HMAC secret size from 64 to 128 bits.
# Fix filtering of packets with link-local source address (bug from
0.4.0).
# Various fixes to the experimental ISATAP daemon.
============================================================================
STABLE RELEASE 1.0.4 : Major bug fix
# Fix packet storm with Teredo client behind symmetric NATs.
============================================================================
STABLE RELEASE 1.0.3 : Minor feature enhancement
# Work-around for compatibility with Microsoft Teredo servers.
# Better detection of symmetric NATs and access network changes.
# Limit spamming of syslog.
===========================================================================
STABLE RELEASE 1.0.2 : Minor portability and bug fixes
# Several portability and minor/impossible bug fixes (see ChangeLog).
===========================================================================
STABLE RELEASE 1.0.1 : Minor portability fixes
# Install configuration file samples into a dedicated directory.
# Build fixes (libteredo would not link on Mac OS X).
|