| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Sorry for the inconvenience.
|
|
Changes:
Bug #11:
Fix screenshot rotation for 60SCx
Request #12:
add driver for Forerunner 305
|
|
Changes:
* French Cadastre plugin
* Bing Maps plugin
* GDAL raster background plugin
* Printing and exporting to PDF/raster/SVG
* Extrude interaction for ways
* Filter system
* Toolbar editor (create/modify tollbars)
* Allow to align background image with <SPACE>+pan
* When opening/importing, always fallback to GDAL if available. Allows to open most GDAL supported geomtery files.
* Styles : allow to texture areas with an icon
* Auto-add "source" tag when drawing over a background map; define the value in the WMS and TMS editors
* New command line options: "--ignore-preferences" && "--reset-preferences"
* "--importag-tags-as-is" command-line switch to prevent adding underscores to imported tags
* When creating a way or area, press "C" to close the current way
* New preference: "Allow node/way creation in select mode". When checked, allows double-click to create a node and double-click on a node to start a way in select mode.
* Snap to angle functionality when creating way: keeping "o" pressed snap to 45° angles, "h" snap to 30° angles
* Ability to enter and select multiple OSM servers in preferences
* Use Nominatim (http://nominatim.openstreetmap.org/) for place name lookup due to gazetteer closure
* Support for XAPI
* Allow to rename a layer by double-clicking on its name
* If a shapefile do not provide its projection, ask the user for it and do not crash
* "Set view projection to layer's" action added to image layers; set the main projection to the one of the layer
* Tool to align edges to regularly spaced angles (can orthogonalise buildings)
* Join areas tool
* Add a "portable" mode to merkaartor via command-line ("-p") or build setting ("PORTABLE=1")
* Add a "Find" button to the Feature dock. Press "Reset" to revert to list current features.
|
|
|
|
lang/php5: security update
lang/php53: security update
Revisions pulled up:
- lang/php5/Makefile.common 1.45
- lang/php5/distinfo 1.83
- lang/php5/distinfo 1.84
- lang/php5/patches/patch-ab 1.6
- lang/php5/patches/patch-ab delete
- lang/php53/Makefile.common 1.4
- lang/php53/distinfo 1.9
- lang/php53/patches/patch-ar 1.1
---
Module Name: pkgsrc
Committed By: jklos
Date: Thu Jan 6 22:13:24 UTC 2011
Modified Files:
pkgsrc/lang/php5: distinfo
Added Files:
pkgsrc/lang/php5/patches: patch-ab
Log Message:
Fix VAX floating point handling in zend_strtod.c.
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jan 7 09:16:28 UTC 2011
Modified Files:
pkgsrc/lang/php5: Makefile.common distinfo
Removed Files:
pkgsrc/lang/php5/patches: patch-ab
Log Message:
Update php5 pacakge to 5.2.17.
* patch-ab (Fix VAX floating point handling) is merge to PHP 5.2.17.
06 Jan 2010, PHP 5.2.17
- Fixed Bug #53632 (infinite loop with x87 fpu). (CVE-2010-4645) (Scott,
Rasmus)
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jan 7 09:20:16 UTC 2011
Modified Files:
pkgsrc/lang/php53: Makefile.common distinfo
Added Files:
pkgsrc/lang/php53/patches: patch-ar
Log Message:
Update php53 pacakge to 5.3.5.
* Add fix for VAX floating point handling (Bug #53682), r307192 from
PHP's repositry. (It is in PHP 5.2.17 but not in 5.3.5).
06 Jan 2011, PHP 5.3.5
- Fixed Bug #53632 (infinite loop with x87 fpu). (Scott, Rasmus)
|
|
|
|
www/contao29: security update
Revisions pulled up:
- www/contao29/Makefile 1.8-1.10
- www/contao29/Makefile.version 1.3-1.4
- www/contao29/distinfo 1.4-1.6
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Dec 2 13:32:45 UTC 2010
Modified Files:
pkgsrc/www/contao29: Makefile Makefile.version distinfo
Log Message:
Update contao29 package to 2.9.2.
Version 2.9.2 (2010-12-02)
--------------------------
- Updated TCPDF to version 5.9.023 (#2686)
- Updated MooTools Core to version 1.2.5 (#2545)
- Updated TinyMCE to version 3.3.9.2 (#2702)
- Updated mediaboxAdvanced to version 1.2.5 (#2701)
- Added: allow external images in HTML newsletters (#2396)
- Added: added insert tags for acronyms and abbreviations (#2478)
- Added: add class "sibling" to pages on the same level in the navigation menu (#2419)
- Fixed: do not allow insert tags in comments (#2499)
- Fixed: check for custom layout sections during the theme import
- Fixed: only send the comments notification once (#2407)
- Fixed: skipping the first item of a news list did not work correctly (#2488)
- Fixed: allow column width 0 in page layouts (#2554)
- Fixed: consider the protocol when loading scripts from the Google CDN (#2450)
- Fixed: textareas in the back end were cut off in Opera (#2404)
- Fixed: the task history could not be collapsed (#2424)
- Fixed: the link insert tags showed the page title instead of the page name (#2371)
- Fixed: do not show empty fieldset legends in the form generator (#2625)
- Fixed: preserve curly brackets when replacing simple tokens (#2597)
- Fixed: the style sheet importer did not support some CSS3 selectors (#2566)
- Fixed: textual date insert tags were not replaced when loaded from cache (#2644)
- Fixed: the image insert tag did not output the image dimensions (#2529)
- Fixed: clear the $_GET array after rendering the event list module (#2445)
- Fixed: do not aggregate style sheets with a @font-face selector (#2443)
- Fixed: news insert tags did not handle entities correctly (#2604)
- Fixed: do not show the FTP and database passwords in the install tool (#2417)
- Fixed: minor fixes for the TimePeriod widget (#2477)
- Fixed: update the CSS files after an old version of a record has been restored (#2524)
- Fixed: custom page templates were not shown in "override all" mode (#2494)
- Fixed: incorrect event sorting (#2675)
- Fixed: do not execute hooks in the extension manager (#2448)
- Fixed: check for existing files when renaming files in the file manager (#2610)
- Fixed: check redirect pages for circular references (#2704)
- Fixed: fixed a few minor spelling issues (#2403)
- Fixed some minor issues
---
odule Name: pkgsrc
Committed By: taca
Date: Thu Dec 2 15:41:30 UTC 2010
Modified Files:
pkgsrc/www/contao29: Makefile distinfo
Log Message:
Due to a serious bug of installtool, Contao 2.9.2 has repackaged.
So, introduce DIST_SUBDIR and Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Jan 6 13:19:08 UTC 2011
Modified Files:
pkgsrc/www/contao29: Makefile Makefile.version distinfo
Log Message:
Update contao29 (and implicitly contao29-example) pacakge to 2.9.3.
Version 2.9.3 (2011-01-06)
--------------------------
- Fixed: custom templates were not always shown in "override all" mode (#2725)
- Fixed: prevent the X_FORWARDED_FOR header against XSS attacks (#2751)
- Fixed: preserve the selector fields in the personal data module (#2609)
- Fixed: skip mounted folders in the file manager if they do not exist (#2708)
- Fixed: the quick navigation modules failed to work when aliases were
disabled (#2718)
- Fixed some minor issues
|
|
www/typolight28: security patch
Revisions pulled up:
- www/typolight28/Makefile 1.12
- www/typolight28/distinfo 1.10
- www/typolight28/patches/patch-ae 1.1
- www/typolight28/patches/patch-af 1.1
---
Mommitted By: taca
Date: Thu Jan 6 14:23:41 UTC 2011
Modified Files:
pkgsrc/www/typolight28: Makefile distinfo
Added Files:
pkgsrc/www/typolight28/patches: patch-ae patch-af
Log Message:
Add the same patch of Comment module as Contao 2.9.3.
Changes are derived from Conao's repository.
Bump PKGREVISION.
|
|
|
|
Security patch for wireshark
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.58
- pkgsrc/net/wireshark/distinfo 1.38
- pkgsrc/net/wireshark/patches/patch-SA42767 1.1
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Jan 4 15:39:34 UTC 2011
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Added Files:
pkgsrc/net/wireshark/patches: patch-SA42767
Log Message:
Add patch from the Wireshark SVN repository to fix the security
vulnerability reported in SA42767 which affects the ENTTEC dissector.
|
|
|
|
www/geeklog security fix
Revisions pulled up:
- pkgsrc/www/geeklog/Makefile 1.29, 1.30
- pkgsrc/www/geeklog/PLIST 1.14
- pkgsrc/www/geeklog/distinfo 1.15, 1.16
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 4 15:52:10 UTC 2010
Modified Files:
pkgsrc/www/geeklog: Makefile PLIST distinfo
Log Message:
Update www/geeklog package to 1.7.1.
Geeklog History/Changes:
Oct 31, 2010 (1.7.1)
------------
- Fixed description of $index parameter for STORY_renderArticle (bug #0001203)
[Dirk]
- The number of successfully imported users was always reported as 0 for the
"Batch Add" option in the User Manager (bug #0001211) [Ivy, Dirk]
- Fixed a bug in the MS SQL changeDESCRIBE method to properly prefix the proper
sql query string [Randy]
- Updated Hebrew language files, provided by LWC
- New Italian language files for the Links plugin, provided by Rouslan Placella
- Updated Italian language files for the Static Pages plugin, provided by
Rouslan Placella
Calendar Plugin
---------------
- Fixed an SQL error when returning search results for the Personal Calendar
(bug #0001195) [Dirk]
Oct 10, 2010 (1.7.1rc1)
------------
- If content from an Autotag produces another Autotag it will be executed (to a
maximum of 5 times) [Tom]
- Themes can now have their own display functions for the start and end of
Blocks. (Feature #0001188) [Tom]
- Reverted a change in 1.7.0 that would send a Content-Type header when calling
COM_refresh since this conflicts with some plugins (e.g. the Forum) [Dirk]
- Fixed wrong view after posting a comment on a poll (bug #0001080, patch
provided by Wojtek Szkutnik)
- Fixed language in the dropdown for the permanent cookie in the Configuration
(bug #0001117, patch provided by Eric Brisco)
- Added cancel and delete buttons to comment edit and submission forms when
needed. (Feature #0000981) [Tom]
- Reverted parts of the changes for bug #0001057: Do _not_ escape curly braces
when displaying a block's content (bug #0001156). If you run into the problem
that words in curly braces inside blocks are interpreted as template
variables, simply add a space after the opening and/or the closing brace
[Dirk]
- Autotags can now be inserted directly into template files.
(Feature #0001181) [Tom]
- Plugins are able to control moderation and return a string to be displayed.
(Feature #0000619 patch provided by jmucchiello)
- Admin lists can now display a 0 in a column instead of being blank
(bug #0001060 patch provided by jmucchiello)
- Fixed "Show & Hide Boxes" option in My Account (reported by Pushkar) [Dirk]
- Display the topic name (instead of the topic id) in the list of draft stories
(bug #0001171) [Dirk]
- Fixed COM_formatTimeString to correctly handle intervals bigger than 4 weeks
(bug #0001158) [Dirk]
- Call PLG_templateSetVars for the Advanced Search form [Dirk]
- Make sure we keep the current status of the user's Advanced Editor option
even when Advanced Editor is disabled for the site (Thanks, Markus) [Dirk]
- Comment submissions for plugins were missing the type [Dirk]
- In the Group Editor, hide the 'Apply "Default Group" change' option until the
state of the "Default Group" checkbox changes (feature request #0001116,
patch provided by Dushyant Tiwari)
- Fixed handling of $LANG_DIRECTION in the install script (cf. bug #0000871)
- Fixed query highlighting in articles - didn't work for queries that contained
characters filtered by COM_applyFilter [Dirk]
- Updated Japanese language file, provided by the Geeklog.jp group
- New and updated French (France) language files, provided by Ben
- Updated Hebrew language file for the Links plugin, provided by LWC
Static Pages Plugin
-------------------
- Call up the Advanced Editor when enabled (bug #0001147, patch provided by
Samuel Leathers)
- A Static Page can now be marked as a template and used by other Static Pages.
(Feature #0001085) [Tom]
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Jan 3 01:57:25 UTC 2011
Modified Files:
pkgsrc/www/geeklog: Makefile distinfo
Log Message:
Update geeklog package to 1.7.1.1 (1.7.1sr1), security fix.
Jan 2, 2011 (1.7.1sr1)
------------
This release addresses the following security issue:
Aung Khant of the YGN Ethical Hacker Group reported an XSS in the admin's
configuration panel.
|
|
|
|
wordpress critical security update.
Revisions pulled up:
- www/wordpress/Makefile 1.14
- www/wordpress/distinfo 1.10
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: morr
Date: Thu Dec 30 22:27:45 UTC 2010
Modified Files:
pkgsrc/www/wordpress: Makefile distinfo
Log Message:
Critical security update.
ChangeLog:
* Fix XSS vulnerabilities in the KSES library: Don't be case sensitive
to attribute names. Handle padded entities when checking for bad
protocols. Normalize entities before checking for bad protocols in
esc_url().
|
|
|
|
Security patch for "sysutils/dbus"
Revisions pulled up:
- sysutils/dbus/Makefile 1.50
- sysutils/dbus/distinfo 1.36
- sysutils/dbus/patches/patch-CVE-2010-4352-1 1.1
- sysutils/dbus/patches/patch-CVE-2010-4352-2 1.1
- sysutils/dbus/patches/patch-CVE-2010-4352-3 1.1
- sysutils/dbus/patches/patch-CVE-2010-4352-4 1.1
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Dec 29 10:49:21 UTC 2010
Modified Files:
pkgsrc/sysutils/dbus: Makefile distinfo
Added Files:
pkgsrc/sysutils/dbus/patches: patch-CVE-2010-4352-1
patch-CVE-2010-4352-2 patch-CVE-2010-4352-3 patch-CVE-2010-4352-4
Log Message:
Add fix for vulnerability reported in CVE-2010-4352 (SA42580) taken
from the "dbus" GIT repository.
|
|
|
|
pkgsrc/www/typo3 security fix
Revisions pulled up:
- pkgsrc/www/typo3/Makefile 1.27
- pkgsrc/www/typo3/PLIST 1.16
- pkgsrc/www/typo3/distinfo 1.20
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Dec 16 15:35:34 UTC 2010
Modified Files:
pkgsrc/www/typo3: Makefile PLIST distinfo
Log Message:
Update typo3 package to 4.4.5.
Quote from http://wiki.typo3.org/wiki/TYPO3_4.4.5, prease refer the
page for more detail.
Due to several security issues found in the TYPO3 Core, there was a combined
release of TYPO3 4.2.16, 4.3.9 and 4.4.5.
Find more details in the security bulletin:
http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-022/
|
|
pkgsrc/www/horde security fix
Revisions pulled up:
- pkgsrc/www/horde/Makefile 1.70, 1.71
- pkgsrc/www/horde/PLIST 1.25
- pkgsrc/www/horde/distinfo 1.28, 1.29
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: adam
Date: Wed Nov 10 12:46:53 UTC 2010
Modified Files:
pkgsrc/www/horde: Makefile PLIST distinfo
Log Message:
Changes 3.3.10:
* Fix searching DataTree elements (groups) if backend charset is different
from interface charset
* Fix accessing IMAP ACLs that contain non-alphanumeric characters
* Avoid fatal errors when using DateTime with not properly configured PHP 5.3+
* Fix importing recurrence exceptions from vCalendar 1.0.
* Fix preferences management regression
* Fix conversion of all-day events and certain yearly recurring events for
Funambol clients.
* Fix memcache cache regression.
* Fix SyncML page sometimes deleting more anchors than selected.
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Dec 16 03:38:32 UTC 2010
Modified Files:
pkgsrc/www/horde: Makefile distinfo
Log Message:
Update horde pacakge to 3.3.11.
Fixing http://secunia.com/advisories/42355/.
-------
v3.3.11
-------
[mms] SECURITY: Fix XSS when viewing details of a vCard (Bug #9357).
[jan] Fix exporting recurrence exceptions to vCalendar 1.0.
[jan] Skip event status synchronization with Outlook, which is broken.
[jan] Don't send SIF data to recent Funambol clients, unless requested.
[jan] Log all queries and errors by the history library.
|
|
Revisions pulled up:
- pkgsrc/textproc/php-intl/Makefile 1.2
- pkgsrc/textproc/php-intl/distinfo 1.2
- pkgsrc/textproc/php-intl/patches/patch-aa 1.2
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Dec 16 03:37:28 UTC 2010
Modified Files:
pkgsrc/textproc/php-intl: Makefile distinfo
pkgsrc/textproc/php-intl/patches: patch-aa
Log Message:
Update php-intl package to 1.1.2.
Changelog says only "* Bugfixes" but it is really fix CVE-2010-4409.
|
|
pkgsrc/lang/{php5,php53} security fixes
Revisions pulled up:
- pkgsrc/databases/php-mysql/Makefile 1.14
- pkgsrc/databases/php-mysqli/Makefile 1.3
- pkgsrc/databases/php-pdo_mysql/Makefile 1.12
- pkgsrc/lang/php5/Makefile 1.80, 1.81
- pkgsrc/lang/php5/Makefile.common 1.43, 1.44
- pkgsrc/lang/php5/distinfo 1.80, 1.81, 1.82
- pkgsrc/lang/php5/patches/patch-ak 1.8, deleted
- pkgsrc/lang/php5/patches/patch-bf 1.1, deleted
- pkgsrc/lang/php5/patches/patch-bg 1.1, deleted
- pkgsrc/lang/php53/Makefile 1.5, 1.6
- pkgsrc/lang/php53/Makefile.common 1.3
- pkgsrc/lang/php53/distinfo 1.7, 1.8
- pkgsrc/lang/php53/patches/patch-ab 1.3
- pkgsrc/lang/php53/patches/patch-am 1.1, deleted
- pkgsrc/lang/php53/patches/patch-an 1.1, deleted
- pkgsrc/lang/php53/patches/patch-ao 1.1, deleted
- pkgsrc/lang/php53/patches/patch-ap 1.1, deleted
- pkgsrc/lang/php53/patches/patch-aq 1.1, deleted
- pkgsrc/mail/php-imap/Makefile 1.21, 1.22
- pkgsrc/www/ap-php/Makefile 1.24
- pkgsrc/www/php-eaccelerator/Makefile 1.13
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 25 03:43:50 UTC 2010
Modified Files:
pkgsrc/lang/php53: Makefile distinfo
Added Files:
pkgsrc/lang/php53/patches: patch-am patch-an patch-ao patch-ap patch-aq
Log Message:
- GC bug fix: http://svn.php.net/viewvc?view=revision&revision=303016
- CVE-2010-3710 (a part of SA41724)
http://svn.php.net/viewvc?view=revision&revision=303779
- CVE-2010-3870 (a part of SA41724)
http://svn.php.net/viewvc?view=revision&revision=304959
- CVE-2010-4150 (php-imap)
http://svn.php.net/viewvc?view=revision&revision=305032
- CVE-2010-4156 (SA42135)
http://svn.php.net/viewvc?view=revision&revision=305214
Bump PKGREVISION.
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 25 03:44:16 UTC 2010
Modified Files:
pkgsrc/lang/php5: Makefile distinfo
Added Files:
pkgsrc/lang/php5/patches: patch-ak patch-bf patch-bg
Log Message:
- CVE-2010-4150 (php-imap)
http://svn.php.net/viewvc?view=revision&revision=305032
- CVE-2010-3710 (a part of SA41724)
http://svn.php.net/viewvc?view=revision&revision=303885
- CVE-2010-3870 (a part of SA41724)
http://svn.php.net/viewvc?view=revision&revision=305055
Bump PKGREVISION.
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 25 03:45:19 UTC 2010
Modified Files:
pkgsrc/mail/php-imap: Makefile
Log Message:
Bump REVISION since CVE-2010-4150 fix was added.
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Dec 13 13:15:46 UTC 2010
Modified Files:
pkgsrc/lang/php5: Makefile Makefile.common distinfo
Removed Files:
pkgsrc/lang/php5/patches: patch-ak patch-bf patch-bg
Log Message:
Update php5 package to 5.2.15 (PHP 5.2.15):
The PHP development team would like to announce the immediate
availability of PHP 5.2.15. This release marks the end of support for
PHP 5.2. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3.
This release focuses on improving the security and stability of the
PHP 5.2.x branch with a small number, of predominatly security fixes.
Security Enhancements and Fixes in PHP 5.2.15:
* Fixed extract() to do not overwrite $GLOBALS and $this when using
EXTR_OVERWRITE.
* Fixed crash in zip extract method (possible CWE-170).
* Fixed a possible double free in imap extension.
* Fixed possible flaw in open_basedir (CVE-2010-3436).
* Fixed NULL pointer dereference in
ZipArchive::getArchiveComment. (CVE-2010-3709).
* Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with
large amount of data).
Key enhancements in PHP 5.2.15 include:
* Fixed bug #47643 (array_diff() takes over 3000 times longer than php
5.2.4).
* Fixed bug #44248 (RFC2616 transgression while HTTPS request through proxy
with SoapClient object).
* To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a
migration guide available on http://php.net/migration53, details the changes
between PHP 5.2 and PHP 5.3.
For a full list of changes in PHP 5.2.15 see the ChangeLog at
http://www.php.net/ChangeLog-5.php#5.2.15.
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Dec 13 13:16:37 UTC 2010
Modified Files:
pkgsrc/lang/php53: Makefile Makefile.common distinfo
pkgsrc/lang/php53/patches: patch-ab
Removed Files:
pkgsrc/lang/php53/patches: patch-am patch-an patch-ao patch-ap patch-aq
Log Message:
Update lang/php53 package to 5.3.4 (PHP 5.3.4).
The PHP development team is proud to announce the immediate release of PHP
5.3.4. This is a maintenance release in the 5.3 series, which includes a large
number of bug fixes.
Security Enhancements and Fixes in PHP 5.3.4:
* Fixed crash in zip extract method (possible CWE-170).
* Paths with NULL in them (foo\0bar.txt) are now considered as invalid
(CVE-2006-7243).
* Fixed a possible double free in imap extension (Identified by Mateusz
Kocielski). (CVE-2010-4150).
* Fixed NULL pointer dereference in
ZipArchive::getArchiveComment. (CVE-2010-3709).
* Fixed possible flaw in open_basedir (CVE-2010-3436).
* Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950).
* Fixed symbolic resolution support when the target is a DFS share.
* Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with
large amount of data) (CVE-2010-3710).
Key Bug Fixes in PHP 5.3.4 include:
* Added stat support for zip stream.
* Added follow_location (enabled by default) option for the http stream
support.
* Added a 3rd parameter to get_html_translation_table. It now takes a charset
hint, like htmlentities et al.
* Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect zend
multibyte at runtime.
* Multiple improvements to the FPM SAPI.
* Over 100 other bug fixes.
For users upgrading from PHP 5.2 there is a migration guide available here,
detailing the changes between those releases and PHP 5.3.
For a full list of changes in PHP 5.3.4, see the ChangeLog. For source
downloads please visit our downloads page, Windows binaries can be found on
windows.php.net/download/.
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Dec 13 13:18:20 UTC 2010
Modified Files:
pkgsrc/databases/php-mysql: Makefile
pkgsrc/databases/php-mysqli: Makefile
pkgsrc/databases/php-pdo_mysql: Makefile
pkgsrc/mail/php-imap: Makefile
pkgsrc/www/ap-php: Makefile
pkgsrc/www/php-eaccelerator: Makefile
Log Message:
Reset PKGREVISION by update of base PHP version.
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Dec 16 14:20:45 UTC 2010
Modified Files:
pkgsrc/lang/php5: Makefile.common distinfo
Log Message:
Update php5 pacakge to 5.2.16:
PHP 5.2.16 Released!
The PHP development team would like to announce the immediate availability of
PHP 5.2.16. This release marks the end of support for PHP 5.2. All users of
PHP 5.2 are encouraged to upgrade to PHP 5.3.
This release focuses on addressing a regression in open_basedir implementation
introduced in 5.2.15 in addition to fixing a crash inside PDO::pgsql on data
retrieval when the server is down. All users who have upgraded to 5.2.15 and
are utilizing open_basedir are strongly encouraged to upgrade to 5.2.16 or
5.3.4.
To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a
migration guide available on http://php.net/migration53, details the changes
between PHP 5.2 and PHP 5.3.
For a full list of changes in PHP 5.2.16 see the ChangeLog at
http://www.php.net/ChangeLog-5.php#5.2.16.
ChangeLog:
Version 5.2.16
16-Dec-2010
* Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres is
down). (gyp at balabit dot hu)
* Fixed bug #53516 (Regression in open_basedir handling). (Ilia)
|
|
|
|
security updates for freetype2
Revisions pulled up:
- pkgsrc/graphics/freetype2/Makefile 1.75-1.77
- pkgsrc/graphics/freetype2/distinfo 1.37-1.39
Files added:
- pkgsrc/graphics/freetype2/patches/patch-ab 1.14, 1.15
- pkgsrc/graphics/freetype2/patches/patch-ac 1.6
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Fri Oct 22 16:14:13 UTC 2010
Modified Files:
pkgsrc/graphics/freetype2: Makefile distinfo
Log Message:
update to 2.4.3
changes:
A rendering regression of S-shaped cubic arcs (introduced in
version 2.4.0) has been fixed. Besides that, a bunch
of fixes have been applied to improve handling of broken fonts.
To generate a diff of this commit:
cvs rdiff -u -r1.74 -r1.75 pkgsrc/graphics/freetype2/Makefile
cvs rdiff -u -r1.36 -r1.37 pkgsrc/graphics/freetype2/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Wed Nov 3 11:56:37 UTC 2010
Modified Files:
pkgsrc/graphics/freetype2: Makefile distinfo
Added Files:
pkgsrc/graphics/freetype2/patches: patch-ab
Log Message:
add patch from upstream CVS to fix a possible buffer overflow
when processing TrueType GX fonts (SA41738), bump PKGREVISION
To generate a diff of this commit:
cvs rdiff -u -r1.75 -r1.76 pkgsrc/graphics/freetype2/Makefile
cvs rdiff -u -r1.37 -r1.38 pkgsrc/graphics/freetype2/distinfo
cvs rdiff -u -r0 -r1.14 pkgsrc/graphics/freetype2/patches/patch-ab
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Wed Nov 24 18:44:55 UTC 2010
Modified Files:
pkgsrc/graphics/freetype2: Makefile distinfo
pkgsrc/graphics/freetype2/patches: patch-ab
Added Files:
pkgsrc/graphics/freetype2/patches: patch-ac
Log Message:
add patch from upstream CVS to fix handling the "SHZ" bytecode instruction
which could be exploited to cause a crash and potentially execute
arbitrary code via a specially crafted font (CVE-2010-3814)
bump PKGREV
being here, add CVE reference to an older patch
To generate a diff of this commit:
cvs rdiff -u -r1.76 -r1.77 pkgsrc/graphics/freetype2/Makefile
cvs rdiff -u -r1.38 -r1.39 pkgsrc/graphics/freetype2/distinfo
cvs rdiff -u -r1.14 -r1.15 pkgsrc/graphics/freetype2/patches/patch-ab
cvs rdiff -u -r0 -r1.6 pkgsrc/graphics/freetype2/patches/patch-ac
|
|
security/pcsc-lite vulnerability
Revisions pulled up:
- pkgsrc/security/pcsc-lite/Makefile 1.9
- pkgsrc/security/pcsc-lite/distinfo 1.9
Files added:
- pkgsrc/security/pcsc-lite/patches/patch-ac 1.5
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: shannonjr
Date: Fri Dec 17 17:00:35 UTC 2010
Modified Files:
pkgsrc/security/pcsc-lite: Makefile distinfo
Added Files:
pkgsrc/security/pcsc-lite/patches: patch-ac
Log Message:
Backported security fix from Version 1.6.6 of pcsc-lite. The fix bounds the
value of a pointer, prior to a memcpy(), to prevent a buffer overflow.
To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 pkgsrc/security/pcsc-lite/Makefile \
pkgsrc/security/pcsc-lite/distinfo
cvs rdiff -u -r0 -r1.5 pkgsrc/security/pcsc-lite/patches/patch-ac
|
|
|
|
devel/xulrunner: security update
www/firefox: security update
Revisions pulled up:
- devel/xulrunner/Makefile 1.43,1.45
- devel/xulrunner/PLIST 1.25-1.26
- devel/xulrunner/dist.mk 1.17
- devel/xulrunner/distinfo 1.39
- devel/xulrunner/mozilla-common.mk 1.17-1.18
- devel/xulrunner/patches/patch-pe delete
- www/firefox/Makefile 1.78,1.80
---
Module Name: pkgsrc
Committed By: joerg
Date: Wed Nov 3 01:22:36 UTC 2010
Modified Files:
pkgsrc/devel/xulrunner: mozilla-common.mk
Log Message:
Requires sqlite3 3.7.1 now. Reported by cegger.
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Nov 13 11:54:44 UTC 2010
Modified Files:
pkgsrc/devel/xulrunner: Makefile PLIST mozilla-common.mk
pkgsrc/mail/thunderbird: Makefile
pkgsrc/www/firefox: Makefile
pkgsrc/www/seamonkey: Makefile
Log Message:
Reluctantly switch over to bundled cairo and pixman for mozilla
packages, like other distros have recently done. Bump package revisions.
Background:
The cairo-1.10 update caused multiple regressions in firefox, such as
flickering gif animations and crashes.
Mozilla doesn't seem interested in fixing it on the stable branches:
https://bugzilla.mozilla.org/show_bug.cgi?id=610107
Other references:
https://bugzilla.redhat.com/show_bug.cgi?id=628331
http://bugs.gentoo.org/show_bug.cgi?id=337813
https://bugzilla.mozilla.org/show_bug.cgi?id=597174
This workaround is guaranteed to cause other problems in the long run;
so we should attempt to switch back when we move to the mozilla-2.0
branch.
---
odule Name: pkgsrc
Committed By: tnn
Date: Sat Dec 11 14:46:29 UTC 2010
Modified Files:
pkgsrc/devel/xulrunner: Makefile PLIST dist.mk distinfo
pkgsrc/www/firefox: Makefile
Removed Files:
pkgsrc/devel/xulrunner/patches: patch-pe
Log Message:
Update to firefox-3.6.13.
MFSA 2010-84 XSS hazard in multiple character encodings
MFSA 2010-83 Location bar SSL spoofing using network error page
MFSA 2010-82 Incomplete fix for CVE-2010-0179
MFSA 2010-81 Integer overflow vulnerability in NewIdArray
MFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver
MFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL
meta refresh
MFSA 2010-78 Add support for OTS font sanitizer
MFSA 2010-77 Crash and remote code execution using HTML tags inside a XUL tree
MFSA 2010-76 Chrome privilege escalation with window.open and <isindex> element
MFSA 2010-75 Buffer overflow while line breaking after document.write with
long string
MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)
|
|
|
|
www/seamonkey: security update
Revisions pulled up:
- www/seamonkey/Makefile 1.42-1.43,1.45 via patch
- www/seamonkey/distinfo 1.57-1.58
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Nov 13 10:54:49 UTC 2010
Modified Files:
pkgsrc/www/seamonkey: Makefile distinfo
Log Message:
Update to seamonkey-2.0.10.
Fixes MFSA 2010-73 Heap buffer overflow mixing document.write and DOM insertion
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Nov 13 11:54:44 UTC 2010
Modified Files:
pkgsrc/devel/xulrunner: Makefile PLIST mozilla-common.mk
pkgsrc/mail/thunderbird: Makefile
pkgsrc/www/firefox: Makefile
pkgsrc/www/seamonkey: Makefile
Log Message:
Reluctantly switch over to bundled cairo and pixman for mozilla packages,
like other distros have recently done. Bump package revisions.
Background:
The cairo-1.10 update caused multiple regressions in firefox, such as
flickering gif animations and crashes.
Mozilla doesn't seem interested in fixing it on the stable branches:
https://bugzilla.mozilla.org/show_bug.cgi?id=610107
Other references:
https://bugzilla.redhat.com/show_bug.cgi?id=628331
http://bugs.gentoo.org/show_bug.cgi?id=337813
https://bugzilla.mozilla.org/show_bug.cgi?id=597174
---
odule Name: pkgsrc
Committed By: tnn
Date: Sun Dec 12 00:07:23 UTC 2010
Modified Files:
pkgsrc/www/seamonkey: Makefile distinfo
Log Message:
Update to seamonkey-2.0.11.
MFSA 2010-84 XSS hazard in multiple character encodings
MFSA 2010-83 Location bar SSL spoofing using network error page
MFSA 2010-82 Incomplete fix for CVE-2010-0179
MFSA 2010-81 Integer overflow vulnerability in NewIdArray
MFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver
MFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL
meta refresh
MFSA 2010-78 Add support for OTS font sanitizer
MFSA 2010-77 Crash and remote code execution using HTML tags inside a
XUL tree MFSA 2010-76 Chrome privilege escalation with window.open and
<isindex> element MFSA 2010-75 Buffer overflow while line breaking
after document.write with long string
MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)
Also:
Fixes for a number of non-security-relevant crashes, increasing the
stability of the whole platform and the Mail & Newsgroups part of
SeaMonkey
|
|
mail/thunderbird: security update
Revisions pulled up:
- mail/thunderbird/Makefile 1.61-1.62,1.64 via patch
- mail/thunderbird/distinfo 1.76-1.77
- mail/thunderbird/patches/patch-pe delete
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Nov 13 11:05:05 UTC 2010
Modified Files:
pkgsrc/mail/thunderbird: Makefile distinfo
Log Message:
Update to thunderbird-3.1.6.
Fixes MFSA 2010-73 Heap buffer overflow mixing document.write and DOM insertion
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Nov 13 11:54:44 UTC 2010
Modified Files:
pkgsrc/devel/xulrunner: Makefile PLIST mozilla-common.mk
pkgsrc/mail/thunderbird: Makefile
pkgsrc/www/firefox: Makefile
pkgsrc/www/seamonkey: Makefile
Log Message:
Reluctantly switch over to bundled cairo and pixman for mozilla packages,
like other distros have recently done. Bump package revisions.
Background:
The cairo-1.10 update caused multiple regressions in firefox, such as
flickering gif animations and crashes.
Mozilla doesn't seem interested in fixing it on the stable branches:
https://bugzilla.mozilla.org/show_bug.cgi?id=610107
Other references:
https://bugzilla.redhat.com/show_bug.cgi?id=628331
http://bugs.gentoo.org/show_bug.cgi?id=337813
https://bugzilla.mozilla.org/show_bug.cgi?id=597174
This workaround is guaranteed to cause other problems in the long run;
so we should attempt to switch back when we move to the mozilla-2.0 branch.
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Dec 11 14:34:41 UTC 2010
Modified Files:
pkgsrc/mail/thunderbird: Makefile distinfo
Removed Files:
pkgsrc/mail/thunderbird/patches: patch-pe
Log Message:
Update to thunderbird-3.1.7.
- Several fixes to improve performance, stability and security
- Several fixes to improve handling of large folder files stored
locally.
- Several fixes to improve corruption in local copy of IMAP mailboxes.
- MFSA 2010-78 Add support for OTS font sanitizer
- MFSA 2010-75 Buffer overflow while line breaking after document.write
with long string
- MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/
1.9.1.16)
|
|
security/p5-IO-Socket-SSL: security updated
Revisions pulled up:
- security/p5-IO-Socket-SSL/Makefile 1.53-1.54
- security/p5-IO-Socket-SSL/distinfo 1.38-1.39
---
Module Name: pkgsrc
Committed By: wiz
Date: Thu Dec 2 12:25:05 UTC 2010
Modified Files:
pkgsrc/security/p5-IO-Socket-SSL: Makefile distinfo
Log Message:
Update to 1.34:
v1.34 2010.11.01
- schema http for certificate verification changed to
wildcards_in_cn=1, because according to rfc2818 this is valid and
also seen in the wild
- if upgrading socket from inet to ssl fails due to handshake problems
the socket gets downgraded, but is still open.
See https://rt.cpan.org/Ticket/Display.html?id=61466
- deprecate kill_socket, just use close()
---
Module Name: pkgsrc
Committed By: gls
Date: Tue Dec 7 20:15:01 UTC 2010
Modified Files:
pkgsrc/security/p5-IO-Socket-SSL: Makefile distinfo
Log Message:
Update security/p5-IO-Socket-SSL to 1.35
Security fix
v1.35 2010.12.06
- if verify_mode is not VERIFY_NONE and the ca_file/ca_path cannot be
verified as valid it will no longer fall back to VERIFY_NONE but throw
an error. Thanks to Salvatore Bonaccorso and Daniel Kahn Gillmor for
pointing out the problem, see also
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606058
|
|
|
|
emulators/suse113_openssl: security patch
Revisions pulled up:
- emulators/suse113_openssl/Makefile 1.2
- emulators/suse113_openssl/distinfo 1.2
---
Module Name: pkgsrc
Committed By: markd
Date: Sun Dec 12 09:58:21 UTC 2010
Modified Files:
pkgsrc/emulators/suse113_openssl: Makefile distinfo
Log Message:
Update for CVE-2010-3864. Bump PKGREVISION.
|
|
www/wordpress: security update
Revisions pulled up:
- www/wordpress/Makefile 1.13
- www/wordpress/distinfo 1.9
---
Module Name: pkgsrc
Committed By: morr
Date: Fri Dec 10 23:34:18 UTC 2010
Modified Files:
pkgsrc/www/wordpress: Makefile distinfo
Log Message:
Security update to 3.0.3. Changes:
Fixes issues in the XML-RPC remote publishing interface which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish or delete posts.
|
|
|
|
security fixes
Revisions pulled up:
- pkgsrc/security/mit-krb5/Makefile 1.50
- pkgsrc/security/mit-krb5/distinfo 1.26
Files added:
pkgsrc/security/mit-krb5/patches/patch-ca
pkgsrc/security/mit-krb5/patches/patch-cb
pkgsrc/security/mit-krb5/patches/patch-cc
pkgsrc/security/mit-krb5/patches/patch-cd
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tez
Date: Fri Dec 3 20:11:31 UTC 2010
Modified Files:
pkgsrc/security/mit-krb5: Makefile distinfo
Added Files:
pkgsrc/security/mit-krb5/patches: patch-ca patch-cb patch-cc patch-cd
Log Message:
add fix for CVE-2010-1323 from
http://web.mit.edu/kerberos/advisories/2010-007-patch-r15.txt
To generate a diff of this commit:
cvs rdiff -u -r1.49 -r1.50 pkgsrc/security/mit-krb5/Makefile
cvs rdiff -u -r1.25 -r1.26 pkgsrc/security/mit-krb5/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/security/mit-krb5/patches/patch-ca \
pkgsrc/security/mit-krb5/patches/patch-cb \
pkgsrc/security/mit-krb5/patches/patch-cc \
pkgsrc/security/mit-krb5/patches/patch-cd
|
|
|
|
sysutils/xenkernel3: security patch
sysutils/xenkernel33: security patch
Revisions pulled up:
- sysutils/xenkernel3/Makefile 1.19
- sysutils/xenkernel3/distinfo 1.12
- sysutils/xenkernel3/patches/patch-dc 1.1
- sysutils/xenkernel33/Makefile 1.12
- sysutils/xenkernel33/distinfo 1.10
- sysutils/xenkernel33/patches/patch-ab 1.1
---
Module Name: pkgsrc
Committed By: bouyer
Date: Tue Dec 7 18:43:49 UTC 2010
Modified Files:
pkgsrc/sysutils/xenkernel3: Makefile distinfo
Added Files:
pkgsrc/sysutils/xenkernel3/patches: patch-dc
Log Message:
Add a fix for CVE-2010-4255, from the xen-devel list and adapted for Xen 3.1
---
Module Name: pkgsrc
Committed By: bouyer
Date: Tue Dec 7 18:44:26 UTC 2010
Modified Files:
pkgsrc/sysutils/xenkernel33: Makefile distinfo
Added Files:
pkgsrc/sysutils/xenkernel33/patches: patch-ab
Log Message:
Add a fix for CVE-2010-4255, from the xen-devel list.
Bump PKGREVISION.
|
|
|
|
multimedia/gstreamer0.10: build fix
Revisions pulled up:
- multimedia/gstreamer0.10/buildlink3.mk 1.12
---
Module Name: pkgsrc
Committed By: obache
Date: Fri Dec 3 15:19:42 UTC 2010
Modified Files:
pkgsrc/multimedia/gstreamer0.10: buildlink3.mk
Log Message:
set GST_REGISTRY_FORK=no on DragonFly.
workaround of gst-inspect hung up as PR#44108.
|
|
www/wordpress: security update
Revisions pulled up:
- www/wordpress/Makefile 1.12
- www/wordpress/PLIST 1.7
- www/wordpress/distinfo 1.8
---
Module Name: pkgsrc
Committed By: morr
Date: Sun Dec 5 16:46:29 UTC 2010
Modified Files:
pkgsrc/www/wordpress: Makefile PLIST distinfo
Log Message:
Security update. Changes:
* Fix moderate security issue where a malicious Author-level user could
gain further access to the site.
* Remove pingback/trackback blogroll whitelisting feature as it can
easily be abused.
* Fix canonical redirection for permalinks containing %category% with
nested categories and paging.
* Fix occasional irrelevant error messages on plugin activation.
* Minor XSS fixes in request_filesystem_credentials() and when deleting
a plugin.
* Clarify the license in the readme
* Multisite: Fix the delete_user meta capability
* Multisite: Force current_user_can_for_blog() to run map_meta_cap()
even for super admins
* Multisite: Fix ms-files.php content type headers when requesting a
URL with a query string
* Multisite: Fix the usage of the SUBDOMAIN_INSTALL constant for
upgraded WordPress MU installs
While here, set license.
|
|
|
|
mail/clamav: bug fix update
Revisions pulled up:
- mail/clamav/Makefile 1.106-1.108
- mail/clamav/distinfo 1.68-1.69
- mail/clamav/patches/patch-ab 1.14
- mail/clamav/patches/patch-ac deleted
- mail/clamav/patches/patch-ah deleted
---
Module Name: pkgsrc
Committed By: adam
Date: Tue Oct 26 06:38:37 UTC 2010
Modified Files:
pkgsrc/mail/clamav: Makefile distinfo
Log Message:
Changes 0.96.4:
* This is a bugfix release recommended for all users.
---
Module Name: pkgsrc
Committed By: bouyer
Date: Thu Oct 28 20:15:38 UTC 2010
Modified Files:
pkgsrc/mail/clamav: Makefile distinfo
Removed Files:
pkgsrc/mail/clamav/patches: patch-ah
Log Message:
Revert previous, this patch is already in 0.96.4.
---
Module Name: pkgsrc
Committed By: adam
Date: Wed Dec 1 07:44:10 UTC 2010
Modified Files:
pkgsrc/mail/clamav: Makefile distinfo
pkgsrc/mail/clamav/patches: patch-ab
Removed Files:
pkgsrc/mail/clamav/patches: patch-ac
Log Message:
Changes 0.96.5:
* libclamav/pdf.c: fix crashes
* libclamav/pe_icons.c: off by one while
* libclamav: fix detection of embedded executables
* libclamav/matcher-ac.c: fix offset handling for sigs with {x-y} wildcards
* freshclam/manager.c: fix error path infinite loop
* clamd/clamd.c: fix RLIMIT_DATA setting on BSD
* freshclam: improve mirror management
* libclamav: fix possible use of uninitialized values
* libclamav: Set the unreliability flag on (un)packed files
* libclamav/c++: Update embedded copy of LLVM to version 2.8
* freshclam: make query format backward compatible
* freshclam: get detection stats directly from clamd
* libclamav/cache.c,c++/bytecode2llvm.cpp}: make cl_load thread safe
* freshclam: load database in subprocess
* clamd: add new commands DETSTATS and DETSTATSCLEAR
* libclamav/7z.c: fix file descriptor leak
* clamd, libclamavll: add ability to logg messages from libclamav
* libclamav/builtin_bytecodes.h: Don't disable JIT on pentium4
|
|
net/ocsinventory-agent: compatibility update
Revisions pulled up:
- net/ocsinventory-agent/Makefile 1.3
- net/ocsinventory-agent/distinfo 1.2
- net/ocsinventory-agent/patches/patch-ab 1.2
- net/ocsinventory-agent/patches/patch-ac 1.2
- net/ocsinventory-agent/patches/patch-ap 1.1
---
Module Name: pkgsrc
Committed By: bouyer
Date: Wed Dec 1 21:00:51 UTC 2010
Modified Files:
pkgsrc/net/ocsinventory-agent: Makefile distinfo
pkgsrc/net/ocsinventory-agent/patches: patch-ab patch-ac
Added Files:
pkgsrc/net/ocsinventory-agent/patches: patch-ap
Log Message:
Update to 1.1.2.1. Main motivation is to avoid warnings with perl 5.12.
Other changes are mainly improvements in backend to support more OS,
more OS variants or versions.
|
|
mail/imp: dependence fix
Revisions pulled up:
- mail/imp/Makefile 1.56
---
Module Name: pkgsrc
Committed By: bouyer
Date: Sun Nov 14 21:17:47 UTC 2010
Modified Files:
pkgsrc/mail/imp: Makefile
Log Message:
php5-pear-Mail_mimeDecode is required to properly display certain
mail (especially ones with a smime.p7s signature).
Bump PKGREVISION
|
|
|
|
pkgsrc/security/openssl security update
Revisions pulled up:
pkgsrc/security/openssl/Makefile 1.153
pkgsrc/security/openssl/distinfo 1.79
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Fri Dec 3 00:17:21 UTC 2010
Modified Files:
pkgsrc/security/openssl: Makefile distinfo
Log Message:
Update openssl package to 0.9.8q.
OpenSSL version 0.9.8q released
===============================
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 0.9.8q of our open source toolkit for SSL/TLS. This new
OpenSSL version is a security and bugfix release. For a complete
list of changes, please see
http://www.openssl.org/source/exp/CHANGES.
The most significant changes are:
o Fix for security issue CVE-2010-4180
o Fix for CVE-2010-4252
To generate a diff of this commit:
cvs rdiff -u -r1.152 -r1.153 pkgsrc/security/openssl/Makefile
cvs rdiff -u -r1.78 -r1.79 pkgsrc/security/openssl/distinfo
|
|
|
|
net/bind97 security update
Revisions pulled up:
pkgsrc/net/bind97/Makefile 1.5
pkgsrc/net/bind97/distinfo 1.5
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Dec 2 00:31:34 UTC 2010
Modified Files:
pkgsrc/net/bind97: Makefile distinfo
Log Message:
Update bind97 package to bind-9.7.2pl3 (9.7.2-P3).
http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories
CVE: CVE-2010-3613
CERT: VU#706148
BIND: cache incorrectly allows a ncache entry and a rrsig for the same type
CVE: CVE-2010-3614
CERT: VU#837744
BIND: Key algorithm rollover bug in bind9
CVE: CVE-2010-3615
CERT: VU#510208
BIND: allow-query processed incorrectly
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 pkgsrc/net/bind97/Makefile \
pkgsrc/net/bind97/distinfo
|
|
net/bind96 security update
Revisions pulled up:
- pkgsrc/net/bind96/Makefile 1.17
- pkgsrc/net/bind96/distinfo 1.10
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Dec 2 00:32:34 UTC 2010
Modified Files:
pkgsrc/net/bind96: Makefile distinfo
Log Message:
Update bind96 package to bind-9.6.2pl3 (9.6.2-P3).
http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories
CVE: CVE-2010-3613
CERT: VU#706148
BIND: cache incorrectly allows a ncache entry and a rrsig for the same type
CVE: CVE-2010-3614
CERT: VU#837744
BIND: Key algorithm rollover bug in bind9
To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 pkgsrc/net/bind96/Makefile
cvs rdiff -u -r1.9 -r1.10 pkgsrc/net/bind96/distinfo
|
|
|
