Age | Commit message (Collapse) | Author | Files | Lines |
|
net/bind97: security update
Revisions pulled up:
- net/bind97/Makefile 1.6
- net/bind97/PLIST 1.4
- net/bind97/distinfo 1.6
- net/bind97/files/named9.sh 1.2
- net/bind97/patches/patch-ac 1.3
- net/bind97/patches/patch-ae 1.2
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 16 17:43:22 UTC 2011
Modified Files:
pkgsrc/net/bind97: Makefile PLIST distinfo
pkgsrc/net/bind97/files: named9.sh
pkgsrc/net/bind97/patches: patch-ac patch-ae
Log Message:
Update bind97 package to 9.7.3.
* also sync rc scrpt with base system.
Bug Fixes
9.7.3
* BIND now builds with threads disabled in versions of NetBSD earlier
than 5.0 and with pthreads enabled by default in NetBSD versions
5.0 and higher. Also removes support for unproven-pthreads,
mit-pthreads and ptl2. [RT #19203]
* Added a regression test for fix 2896/RT #21045 ("rndc sign" failed
to properly update the zone when adding a DNSKEY for publication
only). [RT #21324]
* "nsupdate -l" now gives error message if "session.key" file is not
found. [RT #21670]
* HPUX now correctly defaults to using /dev/poll, which should
increase performance. [RT #21919]
* If named is running as a threaded application, after an "rndc stop"
command has been issued, other inbound TCP requests can cause named
to hang and never complete shutdown. [RT #22108]
* After an "rndc reconfig", the refresh timer for managed-keys is
ignored, resulting in managed-keys not being refreshed until named
is restarted. [RT #22296]
* An NSEC3PARAM record placed inside a zone which is not properly
signed with NSEC3 could cause named to crash, if changed via
dynamic update. [RT #22363]
* "rndc -h" now includes "loadkeys" option. [RT #22493]
* When performing a GSS-TSIG signed dynamic zone update, memory could
be leaked. This causes an unclean shutdown and may affect
long-running servers. [RT #22573]
* A bug in NetBSD and FreeBSD kernels with SO_ACCEPTFILTER enabled
allows for a TCP DoS attack. Until there is a kernel fix, ISC is
disabling SO_ACCEPTFILTER support in BIND. [RT #22589]
* When signing records, named didn't filter out any TTL changes to
DNSKEY records. This resulted in an incomplete key set. TTL changes
are now dealt with before signing. [RT #22590]
* Corrected a defect where a combination of dynamic updates and zone
transfers incorrectly locked the in-memory zone database, causing
named to freeze. [RT #22614]
* Don't run MX checks (check-mx) when the MX record points to ".".
[RT #22645]
* DST key reference counts can now be incremented via dst_key_attach.
[RT #22672]
* The IN6_IS_ADDR_LINKLOCAL and IN6_IS_ADDR_SITELOCAL macros in win32
were updated/corrected per current Windows OS. [RT #22724]
* "dnssec-settime -S" no longer tests prepublication interval
validity when the interval is set to 0. [RT #22761]
* isc_mutex_init_errcheck() in phtreads/mutex.c failed to destroy
attr. [RT #22766]
* The Kerberos realm was being truncated when being pulled from the
the host prinicipal, make krb5-self updates fail. [RT #22770]
* named failed to preserve the case of domain names in RDATA which is
not compressible when writing master files. [RT #22863]
* The man page for dnssec-keyfromlabel incorrectly had "-U" rather
than the correct option "-I". [RT #22887]
* The "rndc" command usage statement was missing the "-b" option. [RT
#22937]
* There was a bug in how the clients-per-query code worked with some
query patterns. This could result, in rare circumstances, in having
all the client query slots filled with queries for the same DNS
label, essentially ignoring the max-clients-per-query setting. [RT
#22972]
* The secure zone update feature in named is based on the zone being
signed and configured for dynamic updates. A bug in the ACL
processing for "allow-update { none; };" resulted in a zone that is
supposed to be static being treated as a dynamic zone. Thus, name
would try to sign/re-sign that zone erroneously. [RT #23120]
|
|
|
|
archivers/php-zip: security patch
graphics/php-exif: security patch
lang/php5: security patch
lang/php53: security patch
Revisions pulled up:
- archivers/php-zip/Makefile 1.12-1.13
- graphics/php-exif/Makefile 1.9-1.10
- lang/php5/Makefile 1.82-1.83
- lang/php5/Makefile.php 1.43-1.44
- lang/php5/distinfo 1.86-1.87
- lang/php5/patches/patch-ext_exif_exif.c 1.1
- lang/php5/patches/patch-ext_zip_lib_zip__name__locate.c 1.1
- lang/php5/patches/patch-ext_zip_php__zip.c 1.1
- lang/php53/Makefile 1.7
- lang/php53/Makefile.php 1.5
- lang/php53/distinfo 1.12
- lang/php53/patches/patch-ext_exif_exif.c 1.1
- lang/php53/patches/patch-ext_zip_lib_zip__name__locate.c 1.1
- lang/php53/patches/patch-ext_zip_php__zip.c 1.1
---
Module Name: pkgsrc
Committed By: shattered
Date: Tue Feb 15 20:52:24 UTC 2011
Modified Files:
pkgsrc/lang/php5: Makefile Makefile.php
Log Message:
Re-enable DL_AUTO_VARS -- makes PHP CLI work again with extensions that
are linked to pthread (like mysql.so).
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:21:17 UTC 2011
Modified Files:
pkgsrc/lang/php5: Makefile.php distinfo
Log Message:
Re-enable suhosin patch as php53.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:23:58 UTC 2011
Modified Files:
pkgsrc/lang/php53: Makefile.php
Log Message:
Re-enable DL_AUTO_VARS as php5 package.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:25:33 UTC 2011
Modified Files:
pkgsrc/lang/php5: Makefile
Added Files:
pkgsrc/lang/php5/patches: patch-ext_exif_exif.c
patch-ext_zip_lib_zip__name__locate.c patch-ext_zip_php__zip.c
Log Message:
Add patches to fix SA43328.
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:26:50 UTC 2011
Modified Files:
pkgsrc/lang/php5: distinfo
Log Message:
Regen distinfo.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:29:15 UTC 2011
Modified Files:
pkgsrc/lang/php53: Makefile
Log Message:
Bump PKGREVISION for DL_AUTO_VARS.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:30:44 UTC 2011
Modified Files:
pkgsrc/archivers/php-zip: Makefile
pkgsrc/graphics/php-exif: Makefile
Log Message:
Bump PKGREVISION reflects fix of SA43328.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:38:40 UTC 2011
Modified Files:
pkgsrc/lang/php53: distinfo
Added Files:
pkgsrc/lang/php53/patches: patch-ext_exif_exif.c
patch-ext_zip_lib_zip__name__locate.c patch-ext_zip_php__zip.c
Log Message:
Oops, it should be commit before CHANGE-2011 update.
Add Add patches to fix SA43328.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Feb 22 07:36:08 UTC 2011
Modified Files:
pkgsrc/archivers/php-zip: Makefile
pkgsrc/graphics/php-exif: Makefile
Log Message:
Add missing USE_PHP_EXT_PATCHES to apply patches really.
|
|
|
|
www/typo3: security update
Revisions pulled up:
- www/typo3/Makefile 1.29
- www/typo3/PLIST 1.17
- www/typo3/distinfo 1.22
- www/typo3/patches/patch-aa 1.5
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 7 12:57:30 UTC 2011
Modified Files:
pkgsrc/www/typo3: Makefile PLIST distinfo
pkgsrc/www/typo3/patches: patch-aa
Log Message:
Update to www/typo3 package to 4.5.0.
This is TYPO3 Version 4.5: Your Long Term Solution:
Please refer new feature and changes in detail:
http://typo3.org/news-single-view/?tx_newsimporter_pi1[showItem]=0&tx_newsimporter_pi1[feed]=10&cHash=c5554a06e2
|
|
lang/sun-jdk6: security update
lang/sun-jre6: security update
Revivions pulled up:
- lang/sun-jdk6/Makefile 1.21
- lang/sun-jdk6/PLIST 1.11
- lang/sun-jdk6/distinfo 1.12
- lang/sun-jre6/Makefile 1.28
- lang/sun-jre6/PLIST.linux-i386 1.21
- lang/sun-jre6/distinfo 1.15
- lang/sun-jre6/sfiles-i386.mk 1.4
---
Module Name: pkgsrc
Committed By: obache
Date: Mon Feb 21 07:48:20 UTC 2011
Modified Files:
pkgsrc/lang/sun-jdk6: Makefile PLIST distinfo
pkgsrc/lang/sun-jre6: Makefile PLIST.linux-i386 distinfo sfiles-i386.mk
Log Message:
Update sun-{jre,jdk}6 to 6.0.24.
Java SE 6 Update 24
* OlsonData 2010o
* Java DB 10.6.2.1
* Bug Fixes, include following security fix.
CVE-2010-4422
CVE-2010-4447
CVE-2010-4448
CVE-2010-4450
CVE-2010-4451
CVE-2010-4452
CVE-2010-4454
CVE-2010-4462
CVE-2010-4463
CVE-2010-4465
CVE-2010-4466
CVE-2010-4467
CVE-2010-4468
CVE-2010-4469
CVE-2010-4470
CVE-2010-4471
CVE-2010-4472
CVE-2010-4473
CVE-2010-4474
CVE-2010-4475
CVE-2010-4476
Java SE 6 Update 23
* OlsonData 2010l
* Java Hotspot VM 19.0
* Java VisualVM 1.3.1
* Menu Item Corrections for Right-to-Left Languages
* Additional Languages Support in Linux Systems
* Bug Fixes
|
|
|
|
functionality fix
Revisions pulled up:
- pkgsrc/pkgtools/pkg_install/files/admin/audit.c 1.17
- pkgsrc/pkgtools/pkg_install/files/lib/version.h 1.161
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: aymeric
Date: Fri Feb 18 15:59:52 UTC 2011
Modified Files:
pkgsrc/pkgtools/pkg_install/files/admin: audit.c
pkgsrc/pkgtools/pkg_install/files/lib: version.h
Log Message:
. fix audit-history subcommand to include patterns making use of [x-y] notation
. bump version to 20110215
To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 pkgsrc/pkgtools/pkg_install/files/admin/audit.c
cvs rdiff -u -r1.160 -r1.161 pkgsrc/pkgtools/pkg_install/files/lib/version.h
|
|
|
|
Revisions pulled up:
- pkgsrc/net/bind96/Makefile 1.18
- pkgsrc/net/bind96/PLIST 1.7
- pkgsrc/net/bind96/distinfo 1.11
- pkgsrc/net/bind96/patches/patch-ad 1.5
- pkgsrc/net/bind96/patches/patch-am 1.3
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 16:24:14 UTC 2011
Modified Files:
pkgsrc/net/bind96: Makefile PLIST distinfo
pkgsrc/net/bind96/patches: patch-ad patch-am
Log Message:
Update bind96 package to 9.6.3.
9.6.3
* BIND now builds with threads disabled in versions of NetBSD earlier
than 5.0 and with pthreads enabled by default in NetBSD versions
5.0 and higher. Also removes support for unproven-pthreads,
mit-pthreads and ptl2. [RT #19203]
* HPUX now correctly defaults to using /dev/poll, which should
increase performance. [RT #21919]
* If named is running as a threaded application, after an "rndc stop"
command has been issued, other inbound TCP requests can cause named
to hang and never complete shutdown. [RT #22108]
* When performing a GSS-TSIG signed dynamic zone update, memory could
be leaked. This causes an unclean shutdown and may affect
long-running servers. [RT #22573]
* A bug in NetBSD and FreeBSD kernels with SO_ACCEPTFILTER enabled
allows for a TCP DoS attack. Until there is a kernel fix, ISC is
disabling SO_ACCEPTFILTER support in BIND. [RT #22589]
* Corrected a defect where a combination of dynamic updates and zone
transfers incorrectly locked the in-memory zone database, causing
named to freeze. [RT #22614]
* Don't run MX checks (check-mx) when the MX record points to ".".
[RT #22645]
* DST key reference counts can now be incremented via dst_key_attach.
[RT #22672]
* isc_mutex_init_errcheck() in phtreads/mutex.c failed to destroy
attr. [RT #22766]
* The Kerberos realm was being truncated when being pulled from the
the host prinicipal, make krb5-self updates fail. [RT #22770]
* named failed to preserve the case of domain names in RDATA which is
not compressible when writing master files. [RT #22863]
* There was a bug in how the clients-per-query code worked with some
query patterns. This could result, in rare circumstances, in having
all the client query slots filled with queries for the same DNS
label, essentially ignoring the max-clients-per-query setting. [RT
#22972]
|
|
|
|
security update
Revisions pulled up:
- pkgsrc/databases/ruby-activerecord3/Makefile 1.3
- pkgsrc/databases/ruby-activerecord3/distinfo 1.3
- pkgsrc/databases/ruby-activerecord3/PLIST 1.2
- pkgsrc/databases/ruby-arel/Makefile 1.2
- pkgsrc/databases/ruby-arel/PLIST 1.2
- pkgsrc/databases/ruby-arel/distinfo 1.2
- pkgsrc/devel/ruby-activemodel/Makefile 1.3
- pkgsrc/devel/ruby-activemodel/distinfo 1.3
- pkgsrc/devel/ruby-activesupport3/Makefile 1.3
- pkgsrc/devel/ruby-activesupport3/distinfo 1.3
- pkgsrc/devel/ruby-railties/Makefile 1.3
- pkgsrc/devel/ruby-railties/distinfo 1.3
- pkgsrc/devel/ruby-railties/PLIST 1.2
- pkgsrc/mail/ruby-actionmailer3/Makefile 1.4
- pkgsrc/mail/ruby-actionmailer3/distinfo 1.3
- pkgsrc/www/ruby-actionpack3/Makefile 1.3
- pkgsrc/www/ruby-actionpack3/distinfo 1.3
- pkgsrc/www/ruby-activeresource3/Makefile 1.3
- pkgsrc/www/ruby-activeresource3/distinfo 1.3
- pkgsrc/www/ruby-rack-test/Makefile 1.2
- pkgsrc/www/ruby-rack-test/PLIST 1.2
- pkgsrc/www/ruby-rack-test/distinfo 1.2
- pkgsrc/www/ruby-rails3/Makefile 1.3
- pkgsrc/www/ruby-rails3/distinfo 1.4
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:54:35 UTC 2011
Modified Files:
pkgsrc/www/ruby-rack-test: Makefile PLIST distinfo
Log Message:
Update ruby-rack-test package to 0.5.7.
== 0.5.7 / 2011-01-01
* Bug fixes
* If no URI is present, include all cookies (Pratik Naik)
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/www/ruby-rack-test/Makefile \
pkgsrc/www/ruby-rack-test/PLIST pkgsrc/www/ruby-rack-test/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:55:29 UTC 2011
Modified Files:
pkgsrc/databases/ruby-arel: Makefile PLIST distinfo
Log Message:
Update ruby-arel package to 2.0.8.
== 2.0.8 / 2010/02/08
* Bug Fixes
* Added set operation support
* Fixed problems with *_any / *_all methods.
== 2.0.7 (unreleased)
* Bug Fixes
* Limit members are visited
* Fixing MSSQL TOP support
== 2.0.6 12/01/2010
* Bug Fixes
* Rails 3.0.x does not like that Node is Enumerable, so removing for now.
== 2.0.5 11/30/2010
* Enhancements
* Arel::Visitors::DepthFirst can walk your AST depth first
* Arel::Nodes::Node is enumerable, depth first
* Bug fixes
* #lock will lock SELECT statements "FOR UPDATE" on mysql
* Nodes::Node#not factory method added for creating Nodes::Not nodes
* Added an As node
* Deprecations
* Support for Subclasses of core classes will be removed in ARel version
2.2.0
== 2.0.4
* Bug fixes
* Speed improvements for Range queries. Thanks Rolf Timmermans!
== 2.0.3
* Bug fixes
* Fixing Oracle support
* Added a visitor for "Class" objects
== 2.0.2
* Bug fixes
* MySQL selects from DUAL on empty FROM
* Visitor translates nil to NULL
* Visitor translates Bignum properly
== 2.0.1
* Bug fixes
== 2.0.0 / 2010-08-01
* Enhancements
* Recreate library using the Visitor pattern.
http://en.wikipedia.org/wiki/Visitor_pattern
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/databases/ruby-arel/Makefile \
pkgsrc/databases/ruby-arel/PLIST pkgsrc/databases/ruby-arel/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:56:49 UTC 2011
Modified Files:
pkgsrc/devel/ruby-activesupport3: Makefile distinfo
Log Message:
Update ruby-activesupport3 package to 3.0.4.
* 3.0.4 updates version only for Ruby on Rails 3.0.4 update.
*Rails 3.0.3 (November 16, 2010)*
* No changes.
*Rails 3.0.2 (November 15, 2010)*
* Added before_remove_const callback to ActiveSupport::Dependencies.remove_unloadable_constants! [Andrew White]
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/devel/ruby-activesupport3/Makefile \
pkgsrc/devel/ruby-activesupport3/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:57:47 UTC 2011
Modified Files:
pkgsrc/devel/ruby-activemodel: Makefile distinfo
Log Message:
Update ruby-activemodel package to 3.0.4.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 3.0.4 update.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/devel/ruby-activemodel/Makefile \
pkgsrc/devel/ruby-activemodel/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:58:53 UTC 2011
Modified Files:
pkgsrc/www/ruby-actionpack3: Makefile distinfo
Log Message:
Update ruby-actionpack3 package to 3.0.4.
* More strict dependency reflect gemspec's description.
*Rails 3.0.3 (November 16, 2010)*
* When ActiveRecord::Base objects are sent to predicate methods, the id of
the object should be sent to ARel, not the ActiveRecord::Base object.
* :constraints routing should only do sanity checks against regular
expressions. String arguments are OK.
*Rails 3.0.2 (November 15, 2010)*
* The helper number_to_currency accepts a new :negative_format option to be
able to configure how to render negative amounts. [Don Wilson]
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/ruby-actionpack3/Makefile \
pkgsrc/www/ruby-actionpack3/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 13:00:07 UTC 2011
Modified Files:
pkgsrc/databases/ruby-activerecord3: Makefile PLIST distinfo
Log Message:
Update ruby-activerecord3 package to 3.0.4.
* More strict dependency reflect gemspec's description.
*Rails 3.0.4 (unreleased)*
* Added deprecation warning for has_and_belongs_to_many associations where the join table has
additional attributes other than the keys. Access to these attributes is removed in 3.1.
Please use has_many :through instead. [Jon Leighton]
*Rails 3.0.3 (November 16, 2010)*
* Support find by class like this: Post.where(:name => Post)
*Rails 3.0.2 (November 15, 2010)*
* Dramatic speed increase (see: http://engineering.attinteractive.com/2010/10/arel-two-point-ohhhhh-yaaaaaa/) [Aaron Patterson]
* reorder is deprecated in favor of except(:order).order(...) [Santiago Pastorino]
* except is now AR public API
Model.order('name').except(:order).order('salary')
generates:
SELECT * FROM models ORDER BY salary
[Santiago Pastorino]
* The following code:
Model.limit(10).scoping { Model.count }
now generates the following SQL:
SELECT COUNT(*) FROM models LIMIT 10
This may not return what you want. Instead, you may with to do something
like this:
Model.limit(10).scoping { Model.all.size }
[Aaron Patterson]
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/databases/ruby-activerecord3/Makefile \
pkgsrc/databases/ruby-activerecord3/distinfo
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/databases/ruby-activerecord3/PLIST
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 13:00:50 UTC 2011
Modified Files:
pkgsrc/www/ruby-activeresource3: Makefile distinfo
Log Message:
Update ruby-activeresource3 package to 3.0.4.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 3.0.4 update.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/ruby-activeresource3/Makefile \
pkgsrc/www/ruby-activeresource3/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 13:01:46 UTC 2011
Modified Files:
pkgsrc/mail/ruby-actionmailer3: Makefile distinfo
Log Message:
Update ruby-actionmailer3 package to 3.0.4.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 3.0.4 update.
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/mail/ruby-actionmailer3/Makefile
cvs rdiff -u -r1.2 -r1.3 pkgsrc/mail/ruby-actionmailer3/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 13:04:29 UTC 2011
Modified Files:
pkgsrc/devel/ruby-railties: Makefile PLIST distinfo
Log Message:
Update ruby-railties package to 3.0.4.
* More strict dependency reflect gemspec's description.
Not documented but includes fix for security problem:
http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/devel/ruby-railties/Makefile \
pkgsrc/devel/ruby-railties/distinfo
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/devel/ruby-railties/PLIST
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 13:05:57 UTC 2011
Modified Files:
pkgsrc/www/ruby-rails3: Makefile distinfo
Log Message:
Update ruby-rails3 package to 3.0.4.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 3.0.4 update.
(This is meta gem.)
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/ruby-rails3/Makefile
cvs rdiff -u -r1.3 -r1.4 pkgsrc/www/ruby-rails3/distinfo
|
|
security update
Revisions pulled up:
- pkgsrc/databases/ruby-activerecord/Makefile 1.21
- pkgsrc/databases/ruby-activerecord/distinfo 1.21
- pkgsrc/devel/ruby-activesupport/Makefile 1.24
- pkgsrc/devel/ruby-activesupport/distinfo 1.21
- pkgsrc/mail/ruby-actionmailer/Makefile 1.19
- pkgsrc/mail/ruby-actionmailer/distinfo 1.20
- pkgsrc/www/ruby-actionpack/Makefile 1.22
- pkgsrc/www/ruby-actionpack/distinfo 1.22
- pkgsrc/www/ruby-actionpack/PLIST 1.21
- pkgsrc/www/ruby-activeresource/Makefile 1.11
- pkgsrc/www/ruby-activeresource/distinfo 1.11
- pkgsrc/www/ruby-rails/Makefile 1.2
- pkgsrc/www/ruby-rails/distinfo 1.2
Files deleted:
pkgsrc/www/ruby-rails/patches/patch-ad
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:37:58 UTC 2011
Modified Files:
pkgsrc/devel/ruby-activesupport: Makefile distinfo
Log Message:
Update ruby-activesupport package to 2.3.11.
It is update of version only for Ruby on Rails 2.3.11 update.
To generate a diff of this commit:
cvs rdiff -u -r1.23 -r1.24 pkgsrc/devel/ruby-activesupport/Makefile
cvs rdiff -u -r1.20 -r1.21 pkgsrc/devel/ruby-activesupport/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:39:41 UTC 2011
Modified Files:
pkgsrc/databases/ruby-activerecord: Makefile distinfo
Log Message:
Update ruby-activerecord package to 2.3.11.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 2.3.11 update.
To generate a diff of this commit:
cvs rdiff -u -r1.20 -r1.21 pkgsrc/databases/ruby-activerecord/Makefile \
pkgsrc/databases/ruby-activerecord/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:40:52 UTC 2011
Modified Files:
pkgsrc/www/ruby-actionpack: Makefile PLIST distinfo
Log Message:
Update ruby-actionpack package to 2.3.11.
* More strict dependency reflect gemspec's description.
*2.3.11 (February 9, 2011)*
* Two security fixes. CVE-2011-0446, CVE-2011-0447
To generate a diff of this commit:
cvs rdiff -u -r1.21 -r1.22 pkgsrc/www/ruby-actionpack/Makefile \
pkgsrc/www/ruby-actionpack/distinfo
cvs rdiff -u -r1.20 -r1.21 pkgsrc/www/ruby-actionpack/PLIST
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:42:26 UTC 2011
Modified Files:
pkgsrc/mail/ruby-actionmailer: Makefile distinfo
Log Message:
Update ruby-actionmailer package to 2.3.11.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 2.3.11 update.
To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 pkgsrc/mail/ruby-actionmailer/Makefile
cvs rdiff -u -r1.19 -r1.20 pkgsrc/mail/ruby-actionmailer/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:43:09 UTC 2011
Modified Files:
pkgsrc/www/ruby-activeresource: Makefile distinfo
Log Message:
Update ruby-activeresource/ package to 2.3.11.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 2.3.11 update.
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 pkgsrc/www/ruby-activeresource/Makefile \
pkgsrc/www/ruby-activeresource/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:44:07 UTC 2011
Modified Files:
pkgsrc/www/ruby-rails: Makefile distinfo
Removed Files:
pkgsrc/www/ruby-rails/patches: patch-ad
Log Message:
Update ruby-rails package to 2.3.11.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 2.3.11 update.
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/www/ruby-rails/Makefile \
pkgsrc/www/ruby-rails/distinfo
cvs rdiff -u -r1.1.1.1 -r0 pkgsrc/www/ruby-rails/patches/patch-ad
|
|
|
|
security update
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.88
- pkgsrc/databases/phpmyadmin/distinfo 1.49
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sun Feb 13 16:11:11 UTC 2011
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 2.11.11.3.
This version fixes the script insertion reported in CVE-2011-0987.
To generate a diff of this commit:
cvs rdiff -u -r1.87 -r1.88 pkgsrc/databases/phpmyadmin/Makefile
cvs rdiff -u -r1.48 -r1.49 pkgsrc/databases/phpmyadmin/distinfo
|
|
file syntax fixes
|
|
portability fix
Revisions pulled up:
- pkgsrc/lang/ruby19-base/Makefile 1.6
- pkgsrc/lang/ruby19-base/distinfo 1.3
- pkgsrc/lang/ruby19-base/patches/patch-as 1.2
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 7 11:15:29 UTC 2011
Modified Files:
pkgsrc/lang/ruby19-base: Makefile distinfo
pkgsrc/lang/ruby19-base/patches: patch-as
Log Message:
Add a patch from FreeBSD's port and it fixes runtime problem
on DragonFly, too. The patch was provided by Rumko via private mail.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 pkgsrc/lang/ruby19-base/Makefile
cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/ruby19-base/distinfo
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/lang/ruby19-base/patches/patch-as
|
|
portability fix
Revisions pulled up:
- pkgsrc/lang/ruby/rubyversion.mk 1.57
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Tue Feb 1 22:32:38 UTC 2011
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
Log Message:
Apply patch provided by obache@, fixing build problem on Solaris.
Should be fix PR pkg/44480.
To generate a diff of this commit:
cvs rdiff -u -r1.55 -r1.56 pkgsrc/lang/ruby/rubyversion.mk
----------------------------------------------------------------------
Module Name: pkgsrc
Committed By: obache
Date: Wed Feb 2 08:47:01 UTC 2011
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
Log Message:
fixes shlib alias name for Solaris. PR#44480.
RUBY_API_TEENY must be used instead of _RUBY_VER_TEENY for shlib name.
To generate a diff of this commit:
cvs rdiff -u -r1.56 -r1.57 pkgsrc/lang/ruby/rubyversion.mk
|
|
|
|
lang/php53 with suhosin build fix
Revisions pulled up:
- pkgsrc/lang/php53/Makefile.php
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: rumko
Date: Sun Jan 30 17:58:06 UTC 2011
Modified Files:
pkgsrc/lang/php53: Makefile.php distinfo
Log Message:
lang/php53: add the missing suhosin patch
5.3.5 was released due to a critical issue and the previous suhosin
patch still applies. Prior art of this can be seen in OpenBSD's and
FreeBSD's ports.
ok@ wiz
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/php53/Makefile.php
cvs rdiff -u -r1.10 -r1.11 pkgsrc/lang/php53/distinfo
|
|
wireshark security patches
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.59
- pkgsrc/net/wireshark/distinfo 1.41
- pkgsrc/net/wireshark/patches/patch-af 1.1
- pkgsrc/net/wireshark/patches/patch-ag 1.1
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Thu Feb 10 11:00:57 UTC 2011
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Added Files:
pkgsrc/net/wireshark/patches: patch-af patch-ag
Log Message:
add two patches from upstream:
-fix possible free() of an uninitialized pointer when reading a
malformed pcap-ng file (CVE-2011-0538)
-add length check in pcap-ng reader
bump PKGREV
|
|
Security update for "phpmyadmin" package
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.87
- pkgsrc/databases/phpmyadmin/distinfo 1.48
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu Feb 10 16:48:09 UTC 2011
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 2.11.11.2.
This version fixes the information leak reported in PMASA-2011-1.
|
|
www/wordpress update
Revisions pulled up:
- pkgsrc/www/wordpress/Makefile 1.15
- pkgsrc/www/wordpress/distinfo 1.11
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: morr
Date: Thu Feb 10 10:25:50 UTC 2011
Modified Files:
pkgsrc/www/wordpress: Makefile distinfo
Log Message:
Security update to 3.0.5. Changes:
* Fix XSS bug: Properly encode title used in Quick/Bulk Edit, and offer
additional sanitization to various fields. Affects users of the
Author or Contributor role.
* Fix XSS bug: Preserve tag escaping in the tags meta box. Affects
users of the Author or Contributor role.
* Fix potential information disclosure of posts through the media
uploader. Affects users of the Author role.
* Enhancement: Force HTML filtering on comment text in the admin
* Enhancement: Harden check_admin_referer() when called without
arguments, which plugins should avoid.
* Update the license to GPLv2 (or later) and update copyright
information for the KSES library.
|
|
security/openssl security fix
Revisions pulled up:
- pkgsrc/security/openssl/Makefile 1.154
- pkgsrc/security/openssl/distinfo 1.80
- pkgsrc/security/openssl/patches/patch-ssl_t1__lib.c 1.1
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 00:15:30 UTC 2011
Modified Files:
pkgsrc/security/openssl: Makefile distinfo
Added Files:
pkgsrc/security/openssl/patches: patch-ssl_t1__lib.c
Log Message:
Add fix for security issue CVE-2011-0014.
Bump PKGREVISION.
|
|
mail/ruby-mail security fix
Revisions pulled up:
- pkgsrc/mail/ruby-mail/Makefile 1.3
- pkgsrc/mail/ruby-mail/PLIST 1.3
- pkgsrc/mail/ruby-mail/distinfo 1.3
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Fri Jan 28 13:23:20 UTC 2011
Modified Files:
pkgsrc/mail/ruby-mail: Makefile PLIST distinfo
Log Message:
Update ruby-mail package to 2.2.15.
== Wed 26 Jan 2011 02:23:09 UTC Mikel Lindsaar <mikel@rubyx.com>
* Update addresses passed into sendmail to escape them (Andy Lindeman)
* Version bump to 2.2.15 and gem release
|
|
|
|
functionality fix
Revisions pulled up:
- pkgsrc/mail/dovecot2/Makefile 1.7
- pkgsrc/mail/dovecot2/distinfo 1.7
Files added:
pkgsrc/mail/dovecot2/patches/patch-ad
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Feb 2 22:19:25 UTC 2011
Modified Files:
pkgsrc/mail/dovecot2: Makefile distinfo
Added Files:
pkgsrc/mail/dovecot2/patches: patch-ad
Log Message:
Add fix by Timo Sirainen from the Dovecot Mercury repository to fix
a hang when trying to COPY to a non existent mailbox via IMAP.
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 pkgsrc/mail/dovecot2/Makefile \
pkgsrc/mail/dovecot2/distinfo
cvs rdiff -u -r0 -r1.3 pkgsrc/mail/dovecot2/patches/patch-ad
|
|
|
|
Security patch for "phpmyadmin" package
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.86
- pkgsrc/databases/phpmyadmin/PLIST 1.22
- pkgsrc/databases/phpmyadmin/distinfo 1.47
- pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-1 1.1
- pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-2 1.1
- pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-3 1.1
- pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4481 1.1
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu Jan 27 13:45:56 UTC 2011
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile PLIST distinfo
Added Files:
pkgsrc/databases/phpmyadmin/patches: patch-CVE-2010-4480-1
patch-CVE-2010-4480-2 patch-CVE-2010-4480-3 patch-CVE-2010-4481
Log Message:
Add fixes for the security vulnerabilities reported in CVE-2010-4480 and
CVE-2010-4481 taken from the phpMyAdmin GIT repository.
Thanks a lot to Tim Zingelman for pointing out that the fixes had
finally been made available.
To generate a diff of this commit:
cvs rdiff -u -r1.85 -r1.86 pkgsrc/databases/phpmyadmin/Makefile
cvs rdiff -u -r1.21 -r1.22 pkgsrc/databases/phpmyadmin/PLIST
cvs rdiff -u -r1.46 -r1.47 pkgsrc/databases/phpmyadmin/distinfo
cvs rdiff -u -r0 -r1.1 \
pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-1 \
pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-2 \
pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-3 \
pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4481
|
|
|
|
(distutils.mk includes extension; this change simply adds the egg
metadata file that other python programs expect to find.)
|
|
|
|
comms/asterisk18: security update
Revisions pulled up:
- comms/asterisk18/Makefile 1.3-1.4
- comms/asterisk18/distinfo 1.5-1.6
- comms/asterisk18/patches/patch-aq 1.2
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Sun Jan 16 17:52:43 UTC 2011
Modified Files:
pkgsrc/comms/asterisk18: Makefile distinfo
pkgsrc/comms/asterisk18/patches: patch-aq
Log Message:
Update to 1.8.2:
The release of Asterisk 1.8.2 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* 'sip notify clear-mwi' needs terminating CRLF.
(Closes issue #18275. Reported, patched by klaus3000)
* Patch for deadlock from ordering issue between channel/queue locks in
app_queue (set_queue_variables).
(Closes issue #18031. Reported by rain. Patched by bbryant)
* Fix cache of device state changes for multiple servers.
(Closes issue #18284, #18280. Reported, tested by klaus3000. Patched,
tested
by russellb)
* Resolve issue where channel redirect function (CLI or AMI) hangs up
the call
instead of redirecting the call.
(Closes issue #18171. Reported by: SantaFox)
(Closes issue #18185. Reported by: kwemheuer)
(Closes issue #18211. Reported by: zahir_koradia)
(Closes issue #18230. Reported by: vmarrone)
(Closes issue #18299. Reported by: mbrevda)
(Closes issue #18322. Reported by: nerbos)
* Fix reloading of peer when a user is requested. Prevent peer reloading
from
causing multiple MWI subscriptions to be created when using realtime.
(Closes issue #18342. Reported, patched by nivek.)
* Fix XMPP PubSub-based distributed device state. Initialize pubsubflags
to 0
so res_jabber doesn't think there is already an XMPP connection sending
device state. Also clean up CLI commands a bit.
(Closes issue #18272. Reported by klaus3000. Patched by Marquis42)
* Don't crash after Set(CDR(userfield)=...) in ast_bridge_call. Instead of
setting peer->cdr = NULL, set it to not post.
(Closes issue #18415. Reported by macbrody. Patched, tested by jsolares)
* Fixes issue with outbound google voice calls not working. Thanks to az1234
and nevermind_quack for their input in helping debug the issue.
(Closes issue #18412. Reported by nevermind_quack. Patched by dvossel)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.2
---
odule Name: pkgsrc
Committed By: jnemeth
Date: Fri Jan 21 07:00:44 UTC 2011
Modified Files:
pkgsrc/comms/asterisk18: Makefile distinfo
Log Message:
Update to 1.8.2.2
This is to fix AST-2011-001: Stack buffer overflow in SIP channel driver
Asterisk Project Security Advisory - AST-2011-001
Product Asterisk
Summary Stack buffer overflow in SIP channel driver
Nature of Advisory Exploitable Stack Buffer Overflow
Susceptibility Remote Authenticated Sessions
Severity Moderate
Exploits Known No
Reported On January 11, 2011
Reported By Matthew Nicholson
Posted On January 18, 2011
Last Updated On January 18, 2011
Advisory Contact Matthew Nicholson <mnicholson at digium.com>
CVE Name
Description When forming an outgoing SIP request while in pedantic
mode, a
stack buffer can be made to overflow if supplied with
carefully crafted caller ID information. This vulnerability
also affects the URIENCODE dialplan function and in some
versions of asterisk, the AGI dialplan application as well..
The ast_uri_encode function does not properly respect the
size
of its output buffer and can write past the end of it when
encoding URIs.
For full details, see:
http://downloads.digium.com/pub/security/AST-2011-001.html
|
|
|
|
comms/asterisk16: security update
Revisions pulled up:
- comms/asterisk16/Makefile 1.28-1.29
- comms/asterisk16/distinfo 1.19-1.20
- comms/asterisk16/patches/patch-aq 1.10
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Sun Jan 16 06:30:57 UTC 2011
Modified Files:
pkgsrc/comms/asterisk16: Makefile distinfo
pkgsrc/comms/asterisk16/patches: patch-aq
Log Message:
Update to 1.6.2.16:
The release of Asterisk 1.6.2.16 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* Fix cache of device state changes for multiple servers.
(Closes issue #18284, #18280. Reported, tested by klaus3000. Patched,
tested
by russellb)
* Resolve issue where channel redirect function (CLI or AMI) hangs up
the call
instead of redirecting the call.
(Closes issue #18171. Reported by: SantaFox)
(Closes issue #18185. Reported by: kwemheuer)
(Closes issue #18211. Reported by: zahir_koradia)
(Closes issue #18230. Reported by: vmarrone)
(Closes issue #18299. Reported by: mbrevda)
(Closes issue #18322. Reported by: nerbos)
* Linux and *BSD disagree on the elements within the ucred structure. Detect
which one is in use on the system.
(Closes issue #18384. Reported, patched, tested by bjm, tilghman)
* app_followme: Don't create a Local channel if the target extension
does not
exist.
(Closes issue #18126. Reported, patched by junky)
* Revert code that changed SSRC for DTMF.
(Closes issue #17404, #18189, #18352. Reported by sdolloff, marcbou.
rsw686.
Tested by cmbaker82)
* Resolve issue where REGISTER request with a Call-ID matching an existing
transaction is received it was possible that the REGISTER request would
overwrite the initreq of the private structure.
(Closes issue #18051. Reported by eeman. Patched, tested by twilson)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.16
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Fri Jan 21 05:13:12 UTC 2011
Modified Files:
pkgsrc/comms/asterisk16: Makefile distinfo
Log Message:
Update to 1.6.2.16.1
This is to fix AST-2011-001: Stack buffer overflow in SIP channel driver
Asterisk Project Security Advisory - AST-2011-001
Product Asterisk
Summary Stack buffer overflow in SIP channel driver
Nature of Advisory Exploitable Stack Buffer Overflow
Susceptibility Remote Authenticated Sessions
Severity Moderate
Exploits Known No
Reported On January 11, 2011
Reported By Matthew Nicholson
Posted On January 18, 2011
Last Updated On January 18, 2011
Advisory Contact Matthew Nicholson <mnicholson at digium.com>
CVE Name
Description When forming an outgoing SIP request while in pedantic
mode, a
stack buffer can be made to overflow if supplied with
carefully crafted caller ID information. This vulnerability
also affects the URIENCODE dialplan function and in some
versions of asterisk, the AGI dialplan application as well..
The ast_uri_encode function does not properly respect the
size
of its output buffer and can write past the end of it when
encoding URIs.
For full details, see:
http://downloads.digium.com/pub/security/AST-2011-001.html
|
|
inputmethod/ibus-table-chinese: build fix
Revisions pulled up:
- inputmethod/ibus-table-chinese/distinfo 1.4
- inputmethod/ibus-table-chinese/patches/patch-ad 1.1
---
Module Name: pkgsrc
Committed By: obache
Date: Mon Jan 24 08:40:39 UTC 2011
Modified Files:
pkgsrc/inputmethod/ibus-table-chinese: distinfo
Added Files:
pkgsrc/inputmethod/ibus-table-chinese/patches: patch-ad
Log Message:
"-m" option for grep is not portable.
|
|
|
|
inputmethod/ibus-input-pad: build fix
Revisions pulled up:
- inputmethod/ibus-input-pad/Makefile 1.7
---
Module Name: pkgsrc
Committed By: obache
Date: Sat Jan 22 05:28:24 UTC 2011
Modified Files:
pkgsrc/inputmethod/ibus-input-pad: Makefile
Log Message:
configure require msgfmt xgettext and msgmerge.
|
|
pkgtools/pkgin: bug fix update
Revisions pulled up:
- pkgtools/pkgin/Makefile 1.6-1.8
- pkgtools/pkgin/distinfo 1.5-1.7
- pkgtools/pkgin/patches/patch-aa delete
---
Module Name: pkgsrc
Committed By: imil
Date: Sun Jan 16 22:47:56 UTC 2011
Modified Files:
pkgsrc/pkgtools/pkgin: Makefile distinfo
Log Message:
pkgin 0.3.3.2
Fixed a nasty bug in handling dependencies like php>=5.2.17<5.3
Included is@ patch upstream for Solaris build
---
Module Name: pkgsrc
Committed By: imil
Date: Sun Jan 16 22:52:53 UTC 2011
Removed Files:
pkgsrc/pkgtools/pkgin/patches: patch-aa
Log Message:
Removed patches, now upstream.
---
Module Name: pkgsrc
Committed By: imil
Date: Wed Jan 19 12:10:11 UTC 2011
Modified Files:
pkgsrc/pkgtools/pkgin: Makefile distinfo
Log Message:
pkgin 0.3.3.3, hopefully the last 0.3 release
- Double dewey match fixed, i.e. foo>=1.2.3<3.0
- Duplicate entries for remove and upgrade fixed
- "Missing package in repository" case handled
---
Module Name: pkgsrc
Committed By: imil
Date: Thu Jan 20 18:14:09 UTC 2011
Modified Files:
pkgsrc/pkgtools/pkgin: Makefile distinfo
Log Message:
pkgin 0.3.3.4, never say "this is the last release"
Fixed a non-critical bug: some packages were marked
for upgrade more than once.
|
|
|
|
converters/p5-Convert-UUlib: security update
Revisions pulled up:
- converters/p5-Convert-UUlib/Makefile 1.27
- converters/p5-Convert-UUlib/distinfo 1.12
---
Module Name: pkgsrc
Committed By: gls
Date: Fri Jan 21 22:31:19 UTC 2011
Modified Files:
pkgsrc/converters/p5-Convert-UUlib: Makefile distinfo
Log Message:
1.34 Tue Dec 14 22:20:00 CET 2010
- fix a one-byte-past-end-write buffer overflow in UURepairData
(reported, analysed and testcase provided by Marco Walther).
- quoted-printable decoding was completely broken, try a fix.
|
|
mail/exim-html: security update
Revisions pulled up:
- mail/exim-html/Makefile 1.19
- mail/exim-html/PLIST 1.12
- mail/exim-html/distinfo 1.14
---
Module Name: pkgsrc
Committed By: adam
Date: Wed Jan 12 07:52:45 UTC 2011
Modified Files:
pkgsrc/mail/exim: Makefile distinfo
pkgsrc/mail/exim/patches: patch-aa
Added Files:
pkgsrc/mail/exim/patches: patch-ba patch-bb patch-bc patch-bd
Log Message:
Changes 4.73:
* Date: & Message-Id: revert to normally being appended to a message,
only prepend for the Resent-* case. Fixes regression introduced in
Exim 4.70 by NM/22 for Bugzilla 607.
* Include check_rfc2047_length in configure.default because we're seeing
increasing numbers of administrators be bitten by this.
* Added DISABLE_DKIM and comment to src/EDITME
* Bugzilla 994: added openssl_options main configuration option.
* Bugzilla 995: provide better SSL diagnostics on failed reads.
* Bugzilla 834: provide a permit_coredump option for pipe transports.
* Adjust NTLM authentication to handle SASL Initial Response.
* If TLS negotiated an anonymous cipher, we could end up with SSL but
without a peer certificate, leading to a segfault because of an
assumption that peers always have certificates. Be a little more
paranoid.
* Bugzilla 926: switch ClamAV to use the new zINSTREAM API for content
filtering; old API available if built with WITH_OLD_CLAMAV_STREAM=yes
NB: ClamAV planning to remove STREAM in "middle of 2010".
CL also introduces -bmalware, various -d+acl logging additions and
more caution in buffer sizes.
* Implemented reverse_ip expansion operator.
* Bugzilla 937: provide a "debug" ACL control.
* Bugzilla 922: Documentation dusting, patch provided by John Horne.
* Bugzilla 973: Implement --version.
* Bugzilla 752: Refuse to build/run if Exim user is root/0.
* Build without WITH_CONTENT_SCAN. Path from Andreas Metzler.
* Bugzilla 816: support multiple condition rules on Routers.
* Add bool_lax{} expansion operator and use that for combining multiple
condition rules, instead of bool{}. Make both bool{} and bool_lax{}
ignore trailing whitespace.
* prevent non-panic DKIM error from being sent to paniclog
* added tcp_wrappers_daemon_name to allow host entries other than
"exim" to be used
* Fix malware regression for cmdline scanner introduced in PP/08.
Notification from Dr Andrew Aitchison.
* Change ClamAV response parsing to be more robust and to handle ClamAV's
ExtendedDetectionInfo response format.
* OpenSSL 1.0.0a compatibility const-ness change, should be backwards
compatible.
|
|
mail/exim: security update
Revisions pulled up:
- mail/exim/Makefile 1.104
- mail/exim/distinfo 1.47
- mail/exim/patches/patch-aa 1.21
- mail/exim/patches/patch-ba 1.1
- mail/exim/patches/patch-bb 1.1
- mail/exim/patches/patch-bc 1.1
- mail/exim/patches/patch-bd 1.1
---
Module Name: pkgsrc
Committed By: adam
Date: Wed Jan 12 07:52:45 UTC 2011
Modified Files:
pkgsrc/mail/exim: Makefile distinfo
pkgsrc/mail/exim/patches: patch-aa
Added Files:
pkgsrc/mail/exim/patches: patch-ba patch-bb patch-bc patch-bd
Log Message:
Changes 4.73:
* Date: & Message-Id: revert to normally being appended to a message,
only prepend for the Resent-* case. Fixes regression introduced in
Exim 4.70 by NM/22 for Bugzilla 607.
* Include check_rfc2047_length in configure.default because we're seeing
increasing numbers of administrators be bitten by this.
* Added DISABLE_DKIM and comment to src/EDITME
* Bugzilla 994: added openssl_options main configuration option.
* Bugzilla 995: provide better SSL diagnostics on failed reads.
* Bugzilla 834: provide a permit_coredump option for pipe transports.
* Adjust NTLM authentication to handle SASL Initial Response.
* If TLS negotiated an anonymous cipher, we could end up with SSL but
without a peer certificate, leading to a segfault because of an
assumption that peers always have certificates. Be a little more
paranoid.
* Bugzilla 926: switch ClamAV to use the new zINSTREAM API for content
filtering; old API available if built with WITH_OLD_CLAMAV_STREAM=yes
NB: ClamAV planning to remove STREAM in "middle of 2010".
CL also introduces -bmalware, various -d+acl logging additions and
more caution in buffer sizes.
* Implemented reverse_ip expansion operator.
* Bugzilla 937: provide a "debug" ACL control.
* Bugzilla 922: Documentation dusting, patch provided by John Horne.
* Bugzilla 973: Implement --version.
* Bugzilla 752: Refuse to build/run if Exim user is root/0.
* Build without WITH_CONTENT_SCAN. Path from Andreas Metzler.
* Bugzilla 816: support multiple condition rules on Routers.
* Add bool_lax{} expansion operator and use that for combining multiple
condition rules, instead of bool{}. Make both bool{} and bool_lax{}
ignore trailing whitespace.
* prevent non-panic DKIM error from being sent to paniclog
* added tcp_wrappers_daemon_name to allow host entries other than
"exim" to be used
* Fix malware regression for cmdline scanner introduced in PP/08.
Notification from Dr Andrew Aitchison.
* Change ClamAV response parsing to be more robust and to handle ClamAV's
ExtendedDetectionInfo response format.
* OpenSSL 1.0.0a compatibility const-ness change, should be backwards
compatible.
|
|
|
|
tor security update
Revisions pulled up:
- pkgsrc/net/tor/Makefile 1.77
- pkgsrc/net/tor/distinfo 1.47
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Mon Jan 17 14:06:54 UTC 2011
Modified Files:
pkgsrc/net/tor: Makefile distinfo
Log Message:
update to 0.2.1.29
changes:
-Fix a heap overflow (probably allows remote code execution)
(CVE-2011-0427)
-Prevent a denial-of-service attack by disallowing any
zlib-compressed data whose compression factor is implausibly
high
-Zero out a few more keys in memory before freeing them
-bugfixes
-Update to the January 1 2011 Maxmind GeoLite Country db
-Introduce output size checks on all of our decryption functions
|
|
Fix previous commit to Linux.bsd.man.mk
Revisions pulled up:
- pkgsrc/pkgtools/bootstrap-mk-files/files/mods/Linux.bsd.man.mk 1.9
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: ghen
Date: Mon Jan 17 15:12:46 UTC 2011
Modified Files:
pkgsrc/pkgtools/bootstrap-mk-files/files/mods:
Linux.bsd.man.mk
Log Message:
Fix it correctly for Arch Linux.
|
|
|
|
|
|
|
|
build fix
Revisions pulled up:
- pkgsrc/archivers/star/distinfo 1.11
Files added:
pkgsrc/archivers/star/patches/patch-ae
pkgsrc/archivers/star/patches/patch-af
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Jan 15 17:46:02 UTC 2011
Modified Files:
pkgsrc/archivers/star: distinfo
Added Files:
pkgsrc/archivers/star/patches: patch-ae patch-af
Log Message:
Fix build under NetBSD-currenty removing unused custom function "getline"
which conflicts with getline(3).
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 pkgsrc/archivers/star/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/archivers/star/patches/patch-ae \
pkgsrc/archivers/star/patches/patch-af
|