| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
ampache: security update
Revisions pulled up:
- audio/ampache/Makefile 1.3
- audio/ampache/PLIST 1.4
- audio/ampache/distinfo 1.3
---
Module Name: pkgsrc
Committed By: abs
Date: Mon Jan 4 20:46:06 UTC 2010
Modified Files:
pkgsrc/audio/ampache: Makefile PLIST distinfo
Log Message:
Updated audio/ampache to 3.5.3
Addresses the following security issue:
http://secunia.com/advisories/37867/
--------------------------------------------------------------------------
v.3.5.3 20/12/2009
- Added local authtype which uses PHP's PAM module
- Correct potential security issues due to misuse of REQUEST for write
operations rather then POST
(Thx Raphael Geissert <geissert%debian.org@localhost>)
--------------------------------------------------------------------------
v.3.5.2 19/11/2009
- Fix typo that caused song count to not be set on tag xml response
- Fix tag methods so that alpha_match and exact_match work
- Fix limit and offset not working on search_songs API method
- Fix import m3u on catalog build so it does something
- Fix inconsistent view during catalog operations
- Sort malformed files into "Unknown (Broken)" rather then leaving
them in "Unknown (Orphaned)"
- Fix API democratic voting methods (Thx kindachris)
- Add server version information to API ping command
- Fix Localplay API methods (Thx thomasa)
- Improve bin/catalog_update.inc to allow only verify, clean or add
(Thx ascheel)
- Fix issue with batch download and UNC paths (Thx greengeek)
- Added config option to turn caching on/off, Default is off
- Fix issue where file tag pattern was ignored if files have no tag
structure
- Add TDRC to list of parsed id3v2 tags
- Fix issue where rating could get cached and not update the
display correctly until a page reload
- Fix User Stats having a formating issue and not listing the
active playlist correctly
- Fix incorrect default ogg transcode target format in the default
config file
- Fix issue where the user preferences were not respected by
the streaming code due to caching
- Fix issue where prevent multiple logins would prevent all logins
--------------------------------------------------------------------------
v.3.5.1 24/06/2009
- Make the PHP error a little clearer for windows users by indicating
that their version of PHP is < 5.3 (required for windows)
- Fix random methods not working for Localplay
- Fix extra space on prefixed albums (Thx ibizaman)
- Add missing operator on tag and rating searches so they will
work with other methods (Thx kiehnet%netscape.net@localhost)
- Fix get_art_url() so it returns something...
- Fix problem with creating new playlists where it doesn't work
but appending to an existing did.
- Fixed issue with url_to_song, also cleaned up the code a bit
- Fixed issue with Random All Catalogs
- Fixed issues with API and Tag methods not working as advertised
- Fix endless loop in getid3() with malformed genre tags in mp3s
- Fixed show test page always returning false on web path
- Update Man page to adhear to newer Debian rules
- Fixed issue with Videos being incorrectly registered with stats
and now playing as songs.
- Fixed missing > in HTML for song row
--------------------------------------------------------------------------
v.3.5 05/05/2009
- Added complete Czech translation (Thx martin hason)
- Add the AlmightyOatmeal-Sanity check to prevent a clean from
removing all songs if your mount failed, but is still
readable by ampache
- Make the Lang Install page prettier
- Added Check for hash,inet_pton,windows PHP Version to init so
that upgrades without pre-reqs are handled correctly
- Allow mms,mmsh,mmsu,mmst,rstp in Radio Stream URLs
- Fixed a problem where after adding a track to a saved playlist
there was no UI response upon deleting the track without
a page refresh
- Fix an issue where the full version of the album art was never
used even when requested
- Fix maxlength on acl fields being to small for all IPv6 addresses
- Add error message when file exists but is unreadable do not
remove unreadable songs from catalog
- Fixed missing title tag on song browse for the title
(Thx flowerysong)
- Fix htmlchar'd rss feed url
- Fix Port not correctly being added to URL in most cases
even when defined in config
|
|
|
|
security update
Revisions pulled up:
- pkgsrc/lang/php5/Makefile 1.75
- pkgsrc/lang/php5/Makefile.common 1.39
- pkgsrc/lang/php5/PLIST 1.25
- pkgsrc/lang/php5/distinfo 1.71
- pkgsrc/lang/php5/patches/patch-ag 1.4
- pkgsrc/lang/php5/patches/patch-ah 1.3
- pkgsrc/textproc/php5-xsl/Makefile 1.13
Files removed:
pkgsrc/lang/php5/patches/patch-ay
pkgsrc/lang/php5/patches/patch-az
pkgsrc/lang/php5/patches/patch-ba
pkgsrc/lang/php5/patches/patch-bb
pkgsrc/lang/php5/patches/patch-bc
pkgsrc/lang/php5/patches/patch-bd
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Dec 23 07:07:35 UTC 2009
Modified Files:
pkgsrc/lang/php5: Makefile Makefile.common PLIST distinfo
pkgsrc/lang/php5/patches: patch-ag patch-ah
Removed Files:
pkgsrc/lang/php5/patches: patch-ay patch-az patch-ba patch-bb
patch-bc patch-bd
Log Message:
Update lang/php5 to 5.2.12, security update.
Security Enhancements and Fixes in PHP 5.2.12:
* Fixed a safe_mode bypass in tempnam() identified by Grzegorz
Stachowiak. (CVE-2009-3557, Rasmus)
* Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz
Stachowiak. (CVE-2009-3558, Rasmus)
* Added "max_file_uploads" INI directive, which can be set to limit the
number of file uploads per-request to 20 by default, to prevent possible
DOS via temporary file exhaustion, identified by Bogdan
Calin. (CVE-2009-4017, Ilia)
* Added protection for $_SESSION from interrupt corruption and improved
"session.save_path" check, identified by Stefan Esser. (CVE-2009-4143,
Stas)
* Fixed bug #49785 (insufficient input string validation of
htmlspecialchars()). (CVE-2009-4142, Moriyoshi, hello at iwamot dot com)
Key enhancements in PHP 5.2.12 include:
* Fixed unnecessary invocation of setitimer when timeouts have been
disabled. (Arvind Srinivasan)
* Fixed crash in com_print_typeinfo when an invalid typelib is given. (Pierre)
* Fixed crash in SQLiteDatabase::ArrayQuery() and
SQLiteDatabase::SingleQuery() when calling using Reflection. (Felipe)
* Fixed crash when instantiating PDORow and PDOStatement through
Reflection. (Felipe)
* Fixed memory leak in openssl_pkcs12_export_to_file(). (Felipe)
* Fixed bug #50207 (segmentation fault when concatenating very large strings
on 64bit linux). (Ilia)
* Fixed bug #50162 (Memory leak when fetching timestamp column from Oracle
database). (Felipe)
* Fixed bug #50006 (Segfault caused by uksort()). (Felipe)
* Fixed bug #50005 (Throwing through Reflection modified Exception object
makes segmentation fault). (Felipe)
* Fixed bug #49174 (crash when extending PDOStatement and trying to set
queryString property). (Felipe)
* Fixed bug #49098 (mysqli segfault on error). (Rasmus)
* Over 50 other bug fixes.
To generate a diff of this commit:
cvs rdiff -u -r1.74 -r1.75 pkgsrc/lang/php5/Makefile
cvs rdiff -u -r1.38 -r1.39 pkgsrc/lang/php5/Makefile.common
cvs rdiff -u -r1.24 -r1.25 pkgsrc/lang/php5/PLIST
cvs rdiff -u -r1.70 -r1.71 pkgsrc/lang/php5/distinfo
cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/php5/patches/patch-ag
cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/php5/patches/patch-ah
cvs rdiff -u -r1.2 -r0 pkgsrc/lang/php5/patches/patch-ay \
pkgsrc/lang/php5/patches/patch-az
cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php5/patches/patch-ba \
pkgsrc/lang/php5/patches/patch-bb pkgsrc/lang/php5/patches/patch-bc \
pkgsrc/lang/php5/patches/patch-bd
--------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Dec 23 07:08:31 UTC 2009
Modified Files:
pkgsrc/textproc/php5-xsl: Makefile
Log Message:
Reset PKGREVISION by implicit update to 5.2.12.
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 pkgsrc/textproc/php5-xsl/Makefile
|
|
|
|
security update
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.40
- pkgsrc/net/wireshark/distinfo 1.27
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu Dec 10 19:03:31 UTC 2009
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update "wireshark" package to version 1.2.4. Changes since version 1.2.3:
- Bug Fixes
- Can't RTP stream in both directions. (Bug 4120)
- Updated Protocol Support
DCERPC, IPFIX/Netflow, IPv4, NAS EPS, RTCP, TIPC
To generate a diff of this commit:
cvs rdiff -u -r1.38 -r1.39 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.25 -r1.26 pkgsrc/net/wireshark/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tonnerre
Date: Sun Dec 20 19:25:34 UTC 2009
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update wireshark to version 1.2.5 in order to fix wpna-sec-2009-09.
Changes since 1.2.4:
Bugfixes:
* The following vulnerabilities have been fixed. See the security advisory
for details and a workaround.
* The Daintree SNA file parser could overflow a buffer. (Bug 4294)
* The SMB and SMB2 dissectors could crash. (Bug 4301)
* The IPMI dissector could crash on Windows. (Bug 4319)
* Wireshark does not graph rtp streams. (Bug 3801)
* Wireshark showing extraneous data in a TCP stream. (Bug 3955)
* Wrong decoding of gtp.target identification. (Bug 3974)
* TTE dissector bug. (Bug 4247)
* Upper case in Lua pref symbol causes Wireshark to crash. (Bug 4255)
* OpenBSD 4.5 build fails at epan/dissectors/packet-rpcap.c. (Bug 4258)
* Incorrect display of stream data using "Follow tcp stream" option.
(Bug 4288)
* Custom RADIUS dictionary can cause a crash. (Bug 4316)
Updated Protocol Support:
* DAP, eDonkey, GTP, IPMI, MIP, RADIUS, RANAP, SMB, SMB2, TCP, TTE, VNC,
X.509sat
Updated Capture File Support:
* Daintree SNA.
To generate a diff of this commit:
cvs rdiff -u -r1.39 -r1.40 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.26 -r1.27 pkgsrc/net/wireshark/distinfo
|
|
|
|
security update
Revisions pulled up:
- pkgsrc/devel/xulrunner/Makefile by patch
- pkgsrc/devel/xulrunner/distinfo by patch
- pkgsrc/devel/xulrunner/mozilla-common.mk by patch
- pkgsrc/www/firefox/Makefile by patch
-------------------------------------------------------------------------
firefox-3.5.6 & xulrunner-1.9.1.6 fix the following vulnerabilities:
MFSA 2009-71 GeckoActiveXObject exception messages can be used to
enumerate installed COM objects
MFSA 2009-70 Privilege escalation via chrome window.opener
MFSA 2009-69 Location bar spoofing vulnerabilities
MFSA 2009-68 NTLM reflection vulnerability
MFSA 2009-67 Integer overflow, crash in libtheora video library
MFSA 2009-66 Memory safety fixes in liboggplay media library
MFSA 2009-65 Crashes with evidence of memory corruption
|
|
|
|
typolight26: security update
typolight26-example: security update
typolight27: security update
typolight27-example: security update
Revisions pulled up:
- www/typolight/Makefile.common 1.14
- www/typolight26-example/Makefile 1.2
- www/typolight26-translations/Makefile 1.3
- www/typolight26/DEINSTALL 1.2
- www/typolight26/Makefile 1.3-1.5
- www/typolight26/distinfo 1.3
- www/typolight26/patches/patch-ad 1.1
- www/typolight26/patches/patch-ae 1.1
- www/typolight27-example/Makefile 1.2
- www/typolight27-translations/Makefile 1.33
- www/typolight27/DEINSTALL 1.2
- www/typolight27/Makefile 1.10-1.12
- www/typolight27/Makefile.version 1.8
- www/typolight27/distinfo 1.9
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Nov 22 16:18:00 UTC 2009
Modified Files:
pkgsrc/www/typolight: Makefile.common
pkgsrc/www/typolight26: Makefile
pkgsrc/www/typolight26-example: Makefile
pkgsrc/www/typolight26-translations: Makefile
pkgsrc/www/typolight27: Makefile
pkgsrc/www/typolight27-example: Makefile
pkgsrc/www/typolight27-translations: Makefile
Log Message:
Move LICENSE from typolight/Makefile.common to each Makefiles for
license change of forthcoming TYPOlihght 2.8(.RC1).
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Nov 29 06:46:21 UTC 2009
Modified Files:
pkgsrc/www/typolight26: DEINSTALL Makefile
Log Message:
o DEINSTALL: remove .htacces under plugins/tcpdf/cache.
o make plugins/tcpdf/cache writable to web server.
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Nov 29 06:46:37 UTC 2009
Modified Files:
pkgsrc/www/typolight27: DEINSTALL Makefile
Log Message:
o DEINSTALL: remove .htacces under plugins/tcpdf/cache.
o make plugins/tcpdf/cache writable to web server.
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Dec 20 04:21:05 UTC 2009
Modified Files:
pkgsrc/www/typolight26: Makefile distinfo
Added Files:
pkgsrc/www/typolight26/patches: patch-ad patch-ae
Log Message:
Add security fix patches, refering http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html.
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Dec 20 04:22:04 UTC 2009
Modified Files:
pkgsrc/www/typolight27: Makefile Makefile.version distinfo
Log Message:
Update to TYPOlight 2.7.6.
Only security updates: http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html.
|
|
|
|
security update
Revisions pulled up:
- pkgsrc/www/drupal6/Makefile 1.18
- pkgsrc/www/drupal6/PLIST 1.5
- pkgsrc/www/drupal6/distinfo 1.14
- pkgsrc/www/drupal6/files/drupal.conf 1.3
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sat Dec 19 09:29:23 UTC 2009
Modified Files:
pkgsrc/www/drupal6: Makefile PLIST distinfo
pkgsrc/www/drupal6/files: drupal.conf
Log Message:
Update www/drupal6 package to 6.15, fixing security problem.
Drupal 6.15, 2009-12-16
----------------------
- Fixed security issues (Cross site scripting), see SA-CORE-2009-009.
- Fixed a variety of other bugs.
other pkgsrc changes:
* Add PKG_DESTDIR_SUPPORT spport.
* Use REPLACE_INTERPRETER.
* Change default.settings.php handling to fix PR pkg/42355.
To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.18 pkgsrc/www/drupal6/Makefile
cvs rdiff -u -r1.4 -r1.5 pkgsrc/www/drupal6/PLIST
cvs rdiff -u -r1.13 -r1.14 pkgsrc/www/drupal6/distinfo
cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/drupal6/files/drupal.conf
|
|
security update
Revisions pulled up:
- pkgsrc/www/drupal/Makefile most of the diff 1.42-1.43
- pkgsrc/www/drupal/PLIST 1.9
- pkgsrc/www/drupal/distinfo 1.33
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sat Dec 19 09:20:23 UTC 2009
Modified Files:
pkgsrc/www/drupal: Makefile PLIST distinfo
Log Message:
Update www/drupal package to 5.21, fixing security problem.
Drupal 5.21, 2009-12-16
-----------------------
- Fixed a security issue (Cross site scripting), see SA-CORE-2009-009.
- Fixed a variety of small bugs.
To generate a diff of this commit:
cvs rdiff -u -r1.42 -r1.43 pkgsrc/www/drupal/Makefile
cvs rdiff -u -r1.8 -r1.9 pkgsrc/www/drupal/PLIST
cvs rdiff -u -r1.32 -r1.33 pkgsrc/www/drupal/distinfo
|
|
|
|
security update
Revisions pulled up:
- pkgsrc/net/ntp4/Makefile 1.66
- pkgsrc/net/ntp4/distinfo 1.14
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tnn
Date: Tue Dec 15 10:53:21 UTC 2009
Modified Files:
pkgsrc/net/ntp4: Makefile distinfo
Log Message:
Update to ntp-4.2.4p8. Security fix for CVE-2009-3563 DoS vulnerability.
To generate a diff of this commit:
cvs rdiff -u -r1.65 -r1.66 pkgsrc/net/ntp4/Makefile
cvs rdiff -u -r1.13 -r1.14 pkgsrc/net/ntp4/distinfo
|
|
|
|
automake: security update
Revisions pulled up:
- devel/automake/Makefile 1.75
- devel/automake/distinfo 1.31
---
Module Name: pkgsrc
Committed By: wiz
Date: Wed Dec 9 14:39:18 UTC 2009
Modified Files:
pkgsrc/devel/automake: Makefile distinfo
Log Message:
Update to 1.11.1:
Bugs fixed in 1.11.1:
- Lots of minor bugfixes.
* Bugs introduced by 1.11:
- The `parallel-tests' test driver works around a GNU make 3.80 bug with
trailing white space in the test list (`TESTS = foo $(EMPTY)').
* Long standing bugs:
- On Darwin 9, `pythondir' and `pyexecdir' pointed below `/Library/Python'
even if the `--prefix' argument pointed outside of a system directory.
AM_PATH_PYTHON has been fixed to ignore the value returned from python's
`get_python_lib' function if it points outside the configured prefix,
unless the `--prefix' argument was either `/usr' or below `/System'.
- The testsuite does not try to change the mode of `ltmain.sh' files from
a Libtool installation (symlinked to test directories) any more.
- AM_PROG_GCJ uses AC_CHECK_TOOLS to look for `gcj' now, so that prefixed
tools are preferred in a cross-compile setup.
- The distribution is tarred up with mode 755 now by the `dist*' targets.
This fixes a race condition where untrusted users could modify files
in the $(PACKAGE)-$(VERSION) distdir before packing if the toplevel
build directory was world-searchable. This is CVE-2009-4029.
|
|
|
|
security update
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.80
- pkgsrc/databases/phpmyadmin/distinfo 1.42
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu Dec 3 12:05:10 UTC 2009
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 2.11.9.6. Changes since 2.11.9.5:
- [security] XSS and SQL injection, thanks to Herman van Rink
To generate a diff of this commit:
cvs rdiff -u -r1.79 -r1.80 pkgsrc/databases/phpmyadmin/Makefile
cvs rdiff -u -r1.41 -r1.42 pkgsrc/databases/phpmyadmin/distinfo
-------------------------------------------------------------------------
|
|
|
|
rt3: security update
Revisions pulled up:
- devel/rt3/Makefile 1.40
- devel/rt3/Makefile.install 1.14
- devel/rt3/PLIST 1.16
- devel/rt3/distinfo 1.14
---
Module Name: pkgsrc
Committed By: spz
Date: Fri Dec 4 09:30:20 UTC 2009
Modified Files:
pkgsrc/devel/rt3: Makefile Makefile.install PLIST distinfo
Log Message:
update of rt3 to next version (without the session hijacking vulnerability)
upstream changelog:
UPGRADING FROM 3.8.5 and earlier - Changes:
You can now forward an entire Ticket history (in addition to specific
transactions) but this requires a new Template called forward ticket.
This template will be added when you run.
/opt/rt3/sbin/rt-setup-database --dba root --prompt-for-dba-password --action
upgrade
Custom fields with categories can optionally be split out into
hierarchical custom fields. If you wish to convert your old
category-based custom fields, run:
perl etc/upgrade/split-out-cf-categories
It will prompt you for each custom field with categories that it
finds, and the name of the custom field to create to store the
categories.
If you were using the LocalizedDateTime RT::Date formatter from code
and passing a DateFormat or TimeFormat argument, you need to switch from
the strftime methods to the cldr methods (ie full_date_format becomes
date_format_full)
You may have done this from your RT_SiteConfig.pm by using
Set($DateTimeFormat, { Format => 'LocalizedDateTime', DateFormat =>
'medium_date_format' );
|
|
|
|
libvorbis: security patch
Revisions pulled up:
- audio/libvorbis/Makefile 1.49
- audio/libvorbis/distinfo 1.18
- audio/libvorbis/patches/patch-aa 1.5
- audio/libvorbis/patches/patch-ab 1.5
---
Module Name: pkgsrc
Committed By: wiz
Date: Wed Dec 2 12:41:25 UTC 2009
Modified Files:
pkgsrc/audio/libvorbis: Makefile distinfo
Added Files:
pkgsrc/audio/libvorbis/patches: patch-aa patch-ab
Log Message:
Apply some possible security fixes from upstream SVN.
Glanced from links in mozilla advisory
http://www.mozilla.org/security/announce/2009/mfsa2009-63.html
and Fedora Core patches for 1.2.0.
Bump PKGREVISION.
|
|
pear-Mail: security update
Revisions pulled up:
- mail/pear-Mail/Makefile 1.10
- mail/pear-Mail/distinfo 1.3-1.4
- mail/pear-Mail/patches/patch-ab 1.1
- mail/pear-Mail/patches/patch-aa 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Nov 30 06:16:56 UTC 2009
Modified Files:
pkgsrc/mail/pear-Mail: Makefile distinfo
Added Files:
pkgsrc/mail/pear-Mail/patches: patch-aa
Log Message:
Add a fix for http://secunia.com/advisories/37410/ refering
Debian's patch via http://secunia.com/advisories/37458/
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Dec 3 08:11:40 UTC 2009
Modified Files:
pkgsrc/mail/pear-Mail: distinfo
Added Files:
pkgsrc/mail/pear-Mail/patches: patch-ab
Log Message:
Try to fix build problem on amd64 (at least).
|
|
|
|
|
|
apr: security update
Revisions pulled up:
- devel/apr/Makefile 1.60
- devel/apr/distinfo 1.28
---
Module Name: pkgsrc
Committed By: fhajny
Date: Wed Dec 2 11:36:27 UTC 2009
Modified Files:
pkgsrc/devel/apr: Makefile distinfo
Log Message:
Update to 1.3.9 (security fix).
Changes for APR 1.3.9
*) SECURITY: CVE-2009-2699 (cve.mitre.org)
Faulty error handling in the Solaris pollset support
(Event Port backend) which could trigger hangs in the prefork
and event MPMs on that platform. PR 47645. [Jeff Trawick]
|
|
databases/ruby-activerecord: security update
devel/ruby-activesupport: security update
mail/ruby-actionmailer: security update
www/rails: security update
www/ruby-actionpack: security update
www/ruby-activeresource security update
Revisions pulled up:
- databases/ruby-activerecord/Makefile 1.17
- databases/ruby-activerecord/distinfo 1.17
- devel/ruby-activesupport/Makefile 1.20
- devel/ruby-activesupport/PLIST 1.16
- devel/ruby-activesupport/distinfo 1.17
- mail/ruby-actionmailer/Makefile 1.16
- mail/ruby-actionmailer/distinfo 1.17
- www/rails/Makefile 1.17
- www/rails/distinfo 1.13
- www/ruby-actionpack/Makefile 1.18
- www/ruby-actionpack/PLIST 1.18
- www/ruby-actionpack/distinfo 1.19
- www/ruby-activeresource/Makefile 1.7
- www/ruby-activeresource/distinfo 1.7
---
Module Name: pkgsrc
Committed By: minskim
Date: Tue Dec 1 23:24:24 UTC 2009
Modified Files:
pkgsrc/databases/ruby-activerecord: Makefile distinfo
pkgsrc/devel/ruby-activesupport: Makefile PLIST distinfo
pkgsrc/mail/ruby-actionmailer: Makefile distinfo
pkgsrc/www/rails: Makefile distinfo
pkgsrc/www/ruby-actionpack: Makefile PLIST distinfo
pkgsrc/www/ruby-activeresource: Makefile distinfo
Log Message:
Update rails packages to 2.3.5. This fixes a cross-site scripting
vulnerability in ruby-actionpack.
Major changes:
- Improved compatibility with Ruby 1.9
- RailsXss plugin availability
- Fixes for the Nokogiri backend for XmlMini
|
|
|
|
security update
Revisions pulled up:
- pkgsrc/net/bind95/Makefile 1.13
- pkgsrc/net/bind95/PLIST 1.4
- pkgsrc/net/bind95/distinfo 1.11
- pkgsrc/net/bind95/patches/patch-ac 1.3
- pkgsrc/net/bind95/patches/patch-ad 1.3
- pkgsrc/net/bind95/patches/patch-ai 1.3
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: joerg
Date: Wed Nov 25 23:25:44 UTC 2009
Modified Files:
pkgsrc/net/bind95: Makefile distinfo
pkgsrc/net/bind95/patches: patch-ad patch-ai
Log Message:
Not MAKE_JOBS_SAFE. Prepare for libtool-2.2.
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 pkgsrc/net/bind95/Makefile
cvs rdiff -u -r1.9 -r1.10 pkgsrc/net/bind95/distinfo
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/net/bind95/patches/patch-ad \
pkgsrc/net/bind95/patches/patch-ai
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Mon Nov 30 11:58:30 UTC 2009
Modified Files:
pkgsrc/net/bind95: Makefile PLIST distinfo
pkgsrc/net/bind95/patches: patch-ac patch-ad patch-ai
Log Message:
Update "bind95" package to version 9.5.2pl1. Changes since 9.5.1pl3:
- Security fix for CVE-2009-4022 (incorrect DNSSEC validation)
- Bug fixes
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 pkgsrc/net/bind95/Makefile
cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/bind95/PLIST
cvs rdiff -u -r1.10 -r1.11 pkgsrc/net/bind95/distinfo
cvs rdiff -u -r1.2 -r1.3 pkgsrc/net/bind95/patches/patch-ac \
pkgsrc/net/bind95/patches/patch-ad pkgsrc/net/bind95/patches/patch-ai
|
|
|
|
php5: security patch
Revisions pulled up:
- lang/php5/Makefile 1.73-1.74
- lang/php5/distinfo 1.69-1.70
- lang/php5/patches/patch-ag 1.3
- lang/php5/patches/patch-ah 1.2
- lang/php5/patches/patch-ay 1.2
- lang/php5/patches/patch-az 1.1-1.2
- lang/php5/patches/patch-ba 1.1
- lang/php5/patches/patch-bb 1.1
- lang/php5/patches/patch-bc 1.1
- lang/php5/patches/patch-bd 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Oct 22 14:49:06 UTC 2009
Modified Files:
pkgsrc/lang/php5: Makefile distinfo
Added Files:
pkgsrc/lang/php5/patches: patch-az
Log Message:
Add patch to check byte sequence more strictly in htmlspecialchars().
http://bugs.php.net/bug.php?id=49785
These are patch refrects r289411, r289554, r289565, r289567 and r289605
in PHP svn repositry.
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Nov 30 06:14:08 UTC 2009
Modified Files:
pkgsrc/lang/php5: Makefile distinfo
pkgsrc/lang/php5/patches: patch-ag patch-ah patch-ay patch-az
Added Files:
pkgsrc/lang/php5/patches: patch-ba patch-bb patch-bc patch-bd
Log Message:
Add fixes for http://secunia.com/advisories/37412/ from PHP's repositry.
1. CVE-2009-3292 is already fixed in 5.2.11.
2. CVE-2009-3558
http://svn.php.net/viewvc?view=revision&revision=288934
3. CVE-2009-3557
http://svn.php.net/viewvc?view=revision&revision=288945
http://svn.php.net/viewvc?view=revision&revision=288971
4. CVE-2009-4017
http://svn.php.net/viewvc?view=revision&revision=289990
http://svn.php.net/viewvc?view=revision&revision=290820
http://svn.php.net/viewvc?view=revision&revision=290885
Other pkgsrc changes:
* Don't hardcord /usr/pkg in php.ini-dist and php.ini-recommended.
* Add comments to some of patch files.
Bump PKGREVISION.
|
|
|
|
gtk2: portability fix
Revisions pulled up:
- x11/gtk2/Makefile 1.191 (via patch)
- x11/gtk2/distinfo 1.118 (via patch)
- x11/gtk2/patches/patch-af 1.16
---
Module Name: pkgsrc
Committed By: tnn
Date: Fri Nov 27 16:54:30 UTC 2009
Modified Files:
pkgsrc/x11/gtk2: Makefile distinfo
Added Files:
pkgsrc/x11/gtk2/patches: patch-af
Log Message:
Use ${COMPILER_RPATH_FLAG} instead of -R for X_LIBS in pkg-config files.
This fixes firefox run-time breakage with native X11 on netbsd-4 caused by
pkgsrc wrappers not dealing with -R.
Bump PKGREVISION.
|
|
|
|
security update
Revisions pulled up:
- pkgsrc/databases/mysql5-client/Makefile 1.22
- pkgsrc/databases/mysql5-client/Makefile.common 1.36
- pkgsrc/databases/mysql5-client/PLIST 1.12
- pkgsrc/databases/mysql5-client/distinfo 1.27
- pkgsrc/databases/mysql5-server/Makefile 1.29
- pkgsrc/databases/mysql5-server/PLIST 1.15
- pkgsrc/databases/mysql5-server/distinfo 1.23
- pkgsrc/databases/mysql5-server/patches/patch-ab 1.6
- pkgsrc/databases/mysql5-server/patches/patch-al 1.4
- pkgsrc/databases/mysql5-server/patches/patch-an 1.6
Deleted files:
- pkgsrc/databases/mysql5-client/patches/patch-bh
- pkgsrc/databases/mysql5-client/patches/patch-bi
- pkgsrc/databases/mysql5-client/patches/patch-bj
- pkgsrc/databases/mysql5-server/patches/patch-ac
- pkgsrc/databases/mysql5-server/patches/patch-ad
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu Nov 26 16:33:30 UTC 2009
Modified Files:
pkgsrc/databases/mysql5-client: Makefile Makefile.common PLIST distinfo
pkgsrc/databases/mysql5-server: Makefile PLIST distinfo
pkgsrc/databases/mysql5-server/patches: patch-ab patch-al patch-an
Removed Files:
pkgsrc/databases/mysql5-client/patches: patch-bh patch-bi patch-bj
pkgsrc/databases/mysql5-server/patches: patch-ac patch-ad
Log Message:
Update "mysql5-client" and "mysql5-server" package to version 5.0.88.
This release fixes a large number of bugs and security vulnerabilities
including SA37372.
For detailed list of all the changes since 5.0.67 have a look here, please:
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-x.html
To generate a diff of this commit:
cvs rdiff -u -r1.21 -r1.22 pkgsrc/databases/mysql5-client/Makefile
cvs rdiff -u -r1.35 -r1.36 pkgsrc/databases/mysql5-client/Makefile.common
cvs rdiff -u -r1.11 -r1.12 pkgsrc/databases/mysql5-client/PLIST
cvs rdiff -u -r1.26 -r1.27 pkgsrc/databases/mysql5-client/distinfo
cvs rdiff -u -r1.3 -r0 pkgsrc/databases/mysql5-client/patches/patch-bh
cvs rdiff -u -r1.1 -r0 pkgsrc/databases/mysql5-client/patches/patch-bi \
pkgsrc/databases/mysql5-client/patches/patch-bj
cvs rdiff -u -r1.28 -r1.29 pkgsrc/databases/mysql5-server/Makefile
cvs rdiff -u -r1.14 -r1.15 pkgsrc/databases/mysql5-server/PLIST
cvs rdiff -u -r1.22 -r1.23 pkgsrc/databases/mysql5-server/distinfo
cvs rdiff -u -r1.5 -r1.6 pkgsrc/databases/mysql5-server/patches/patch-ab \
pkgsrc/databases/mysql5-server/patches/patch-an
cvs rdiff -u -r1.8 -r0 pkgsrc/databases/mysql5-server/patches/patch-ac
cvs rdiff -u -r1.4 -r0 pkgsrc/databases/mysql5-server/patches/patch-ad
cvs rdiff -u -r1.3 -r1.4 pkgsrc/databases/mysql5-server/patches/patch-al
|
|
|
|
scribus: build fix
Revisions pulled up:
- print/scribus/Makefile 1.64
- print/scribus/distinfo 1.22
- print/scribus/patches/patch-ai 1.2
---
Module Name: pkgsrc
Committed By: he
Date: Sat Oct 24 13:41:05 UTC 2009
Modified Files:
pkgsrc/print/scribus: Makefile
Log Message:
Add INSTALLATION_DIRS of share/pixmap, that way we ensure that it doesn't
end up as a file instead of as a directory. Fixes old-style bulk builds
for subsequent packages which want to install in that directory.
---
Module Name: pkgsrc
Committed By: joerg
Date: Wed Oct 28 00:53:56 UTC 2009
Modified Files:
pkgsrc/print/scribus: distinfo
pkgsrc/print/scribus/patches: patch-ai
Log Message:
We want to stinking lib64, thanks. Fixes packages on amd64 and other
64bit platforms.
|
|
|
|
bind96: security update
Revisions pulled up:
- net/bind96/Makefile 1.11
- net/bind96/distinfo 1.6
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Nov 25 09:50:07 UTC 2009
Modified Files:
pkgsrc/net/bind96: Makefile distinfo
Log Message:
Update BIND 9.6.1-P2.
--- 9.6.1-P2 released ---
2772. [security] When validating, track whether pending data was from
the additional section or not and only return it if
validates as secure. [RT #20438]
|
|
|
|
gnats: build fix
Revisions pulled up:
- databases/gnats/distinfo 1.10-1.11
- databases/gnats/patches/patch-ah 1.2
---
Module Name: pkgsrc
Committed By: obache
Date: Mon Nov 16 11:47:37 UTC 2009
Modified Files:
pkgsrc/databases/gnats: distinfo
Log Message:
Re-add missing distinfo entries, lost in the previous commit.
PR 42330.
---
Module Name: pkgsrc
Committed By: obache
Date: Tue Nov 17 04:37:02 UTC 2009
Modified Files:
pkgsrc/databases/gnats: distinfo
pkgsrc/databases/gnats/patches: patch-ah
Log Message:
patch-ah was broken (wrong paths).
|
|
|
|
wordpress: security update
Revisions pulled up:
- www/wordpress/Makefile 1.6
- www/wordpress/PLIST 1.4
- www/wordpress/distinfo 1.5
---
Module Name: pkgsrc
Committed By: adrianp
Date: Thu Nov 12 22:05:55 UTC 2009
Modified Files:
pkgsrc/www/wordpress: Makefile PLIST distinfo
Log Message:
Update to 2.8.6
- 2.8.5
* Fix for trackback DOS
* Removal of permalink_structure eval
* Remove some create_function() calls
* Disallow unfiltered uploads by default, even for admins. Enable it again with
define('ALLOW_UNFILTERED_UPLOADS', true); in wp-config.php
* Add extra escapes here and there for some backside coverage
* Retire two old importers
* A few small bug fixes
- 2.8.6
* Fixed an XSS vulnerability in Press This
* Fixed issue with sanitizing uploaded file names that can be exploited in
certain Apache configurations
|
|
selectwm: portability fix
Revisions pulled up:
- wm/selectwm/distinfo 1.4
- wm/selectwm/patches/patch-ad 1.1
---
Committed By: obache
Date: Thu Nov 12 04:34:45 UTC 2009
Modified Files:
pkgsrc/wm/selectwm: distinfo
Added Files:
pkgsrc/wm/selectwm/patches: patch-ad
Log Message:
Add a patch-ad to avoid conflict with getline(3) in IEEE Std 1003.1-2008.
PR 42292.
|
|
|
|
MASTER_SITES list update
Revisions pulled up:
- pkgsrc/www/apache22/Makefile patch 1.53 to 1.54
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Nov 11 22:28:51 UTC 2009
Modified Files:
pkgsrc/www/apache22: Makefile
Log Message:
Provide working URLs for fetching old Apache releases.
To generate a diff of this commit:
cvs rdiff -u -r1.53 -r1.54 pkgsrc/www/apache22/Makefile
|
|
|
|
acroread8: security update
Revisions pulled up:
- print/acroread8/Makefile 1.9-1.10
- print/acroread8/PLIST 1.3
- print/acroread8/PLIST.Linux 1.1
- print/acroread8/PLIST.SunOS 1.1
- print/acroread8/distinfo 1.7
- print/acroread8/files/acroread.diff 1.2
---
Module Name: pkgsrc
Committed By: tez
Date: Wed Nov 4 23:37:53 UTC 2009
Modified Files:
pkgsrc/print/acroread8: Makefile PLIST distinfo
pkgsrc/print/acroread8/files: acroread.diff
Added Files:
pkgsrc/print/acroread8: PLIST.Linux PLIST.SunOS
Log Message:
update to 8.1.7 for apsb09-15
add support for solaris-sparc - pr#40154
---
Module Name: pkgsrc
Committed By: tez
Date: Mon Nov 9 19:14:53 UTC 2009
Modified Files:
pkgsrc/print/acroread8: Makefile
Log Message:
Fix PLIST handling for linux emulation installs (pr#42278)
|
|
|
