Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
sysutils/xenkernel41: security patch
Revisions pulled up:
- sysutils/xenkernel41/Makefile 1.7
- sysutils/xenkernel41/patch-xsa7-xsa8-xen-4.1 deleted
- sysutils/xenkernel41/patch-xsa9-xen-4.1 deleted
- sysutils/xenkernel41/patches/patch-xsa7-xsa8-xen-4.1 1.1
- sysutils/xenkernel41/patches/patch-xsa9-xen-4.1 1.1
---
Module Name: pkgsrc
Committed By: bouyer
Date: Tue Jun 19 20:17:07 UTC 2012
Modified Files:
pkgsrc/sysutils/xenkernel41: Makefile
Added Files:
pkgsrc/sysutils/xenkernel41/patches: patch-xsa7-xsa8-xen-4.1
patch-xsa9-xen-4.1
Removed Files:
pkgsrc/sysutils/xenkernel41: patch-xsa7-xsa8-xen-4.1 patch-xsa9-xen-4.1
Log Message:
Move patches to the right place. Bump PKGREVISION
|
|
|
|
emulators/suse121_libxml2: security update
Revisions pulled up:
- emulators/suse121_libxml2/Makefile 1.2-1.3
- emulators/suse121_libxml2/distinfo 1.2-1.3
---
Module Name: pkgsrc
Committed By: obache
Date: Sun May 27 09:09:57 UTC 2012
Modified Files:
pkgsrc/emulators/suse121_libxml2: Makefile distinfo
Log Message:
Update libxml2 rpm to 2.7.8+git20110708-3.5.1 for CVE-2012-0841.
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: obache
Date: Wed Jun 13 23:38:37 UTC 2012
Modified Files:
pkgsrc/emulators/suse121_libxml2: Makefile distinfo
Log Message:
Update suse121 libxml2 rpm to 2.7.8+git20110708-3.8.1 for CVE-2011-3102.
Bump PKGREVISION.
|
|
devel/electric-fence: build fix
Revisions pulled up:
- devel/electric-fence/Makefile 1.4
- devel/electric-fence/distinfo 1.2
- devel/electric-fence/patches/patch-efence_c 1.1
---
Module Name: pkgsrc
Committed By: dholland
Date: Sat Jun 16 07:46:55 UTC 2012
Modified Files:
pkgsrc/devel/electric-fence: Makefile distinfo
Added Files:
pkgsrc/devel/electric-fence/patches: patch-efence_c
Log Message:
Add gcc memory barriers after the manner of emacs20's patch-bm, for
the same reason: gcc "knows" that malloc has no side effects and
reorders code around it, only it's wrong. Fixes SIGSEGV during build
seen in some environments.
Bump package revision as a precaution, because I don't understand why
this sometimes doesn't fail and sometimes does with the same gcc
version.
|
|
|
|
sysutils/xenkernel41: security patch
Revisions pulled up:
- sysutils/xenkernel41/Makefile 1.6
- sysutils/xenkernel41/distinfo 1.7
- sysutils/xenkernel41/patch-xsa7-xsa8-xen-4.1 1.1
- sysutils/xenkernel41/patch-xsa9-xen-4.1 1.1
---
Module Name: pkgsrc
Committed By: bouyer
Date: Tue Jun 12 15:59:04 UTC 2012
Modified Files:
pkgsrc/sysutils/xenkernel41: Makefile distinfo
Added Files:
pkgsrc/sysutils/xenkernel41: patch-xsa7-xsa8-xen-4.1 patch-xsa9-xen-4.1
Log Message:
pull up patches from upstream, fixing XSA7, XSA8 and XSA9.
PKGREVISION++
|
|
|
|
multimedia/adobe-flash-plugin11: security update
Revisions pulled up:
- multimedia/adobe-flash-plugin11/Makefile 1.6
- multimedia/adobe-flash-plugin11/distinfo 1.6
---
Module Name: pkgsrc
Committed By: obache
Date: Mon Jun 11 06:51:05 UTC 2012
Modified Files:
pkgsrc/multimedia/adobe-flash-plugin11: Makefile distinfo
Log Message:
Update adobe-flas-plugin11 to 11.2.202.236 for APSB12-14.
|
|
multimedia/adobe-flash-plugin10.1: security update
Revisions pulled up:
- multimedia/adobe-flash-plugin10.1/Makefile 1.19
- multimedia/adobe-flash-plugin10.1/distinfo 1.11
---
Module Name: pkgsrc
Committed By: obache
Date: Mon Jun 11 06:50:03 UTC 2012
Modified Files:
pkgsrc/multimedia/adobe-flash-plugin10.1: Makefile distinfo
Log Message:
Update adobe-flas-plugin10.1 to 10.3.183.20 for APSB12-14.
|
|
|
|
security/mit-krb5: security patch
Revisions pulled up:
- security/mit-krb5/Makefile 1.57
- security/mit-krb5/distinfo 1.34
- security/mit-krb5/patches/patch-lib_kadm5_srv_svr__principal.c 1.1
---
Module Name: pkgsrc
Committed By: tez
Date: Wed Jun 6 18:17:46 UTC 2012
Modified Files:
pkgsrc/security/mit-krb5: Makefile distinfo
Added Files:
pkgsrc/security/mit-krb5/patches: patch-lib_kadm5_srv_svr__principal.c
Log Message:
Fix for CVE-2012-1013 from:
[10]https://github.com/krb5/krb5/commit/ca2909440015d33be42e77d1955194963d8c095
5
|
|
|
|
audio/pulseaudio: build fix
Revisions pulled up:
- audio/pulseaudio/distinfo 1.29-1.32
- audio/pulseaudio/patches/patch-aa 1.9-1.11
---
Module Name: pkgsrc
Committed By: obache
Date: Mon May 14 14:56:51 UTC 2012
Modified Files:
pkgsrc/audio/pulseaudio: distinfo
pkgsrc/audio/pulseaudio/patches: patch-aa
Log Message:
Try to fix build failure on NeBSD 6.99.7 from _oss_ioctl API change as PR 46448.
---
Module Name: pkgsrc
Committed By: abs
Date: Mon May 14 18:01:46 UTC 2012
Modified Files:
pkgsrc/audio/pulseaudio: distinfo
pkgsrc/audio/pulseaudio/patches: patch-aa
Log Message:
Extend previous to apply to netbsd-6 also (at least the one currently on
netbsd-daily and soon be in BETA2)
---
Module Name: pkgsrc
Committed By: abs
Date: Mon May 14 18:46:22 UTC 2012
Modified Files:
pkgsrc/audio/pulseaudio: distinfo
Log Message:
regen distinfo
---
Module Name: pkgsrc
Committed By: abs
Date: Tue May 15 13:20:03 UTC 2012
Modified Files:
pkgsrc/audio/pulseaudio: distinfo
pkgsrc/audio/pulseaudio/patches: patch-aa
Log Message:
fix borked __NetBSD_Version__ in last
|
|
finance/kmymoney2: build fix
Revisions pulled up:
- finance/kmymoney2/Makefile 1.59 via patch
- finance/kmymoney2/options.mk 1.4
---
Module Name: pkgsrc
Committed By: dholland
Date: Sat Jun 2 18:33:32 UTC 2012
Modified Files:
pkgsrc/finance/kmymoney2: Makefile options.mk
Log Message:
As the sqlite plugin in the PLIST is unconditional, and sqlite3 is
innocuous and small compared to kde3, and built into netbsd-6 anyway,
and the package finds sqlite3 regardless of whether it's buildlinked,
always depend on sqlite3. Should fix build on netbsd-5.
Remove commented-out traces of a sqlite3 option from options.mk.
PKGREVISION++
|
|
devel/ruby-posix-spawn: correct list of supported platforms
Revisions pulled up:
- devel/ruby-posix-spawn/Makefile 1.4-1.6
---
Module Name: pkgsrc
Committed By: obache
Date: Mon May 21 12:18:05 UTC 2012
Modified Files:
pkgsrc/devel/ruby-posix-spawn: Makefile
Log Message:
Not for NetBSD-5 release.
---
Module Name: pkgsrc
Committed By: dholland
Date: Wed Jun 6 21:55:22 UTC 2012
Modified Files:
pkgsrc/devel/ruby-posix-spawn: Makefile
Log Message:
Fix COMMENT.
---
Module Name: pkgsrc
Committed By: dholland
Date: Sat Jun 9 08:03:17 UTC 2012
Modified Files:
pkgsrc/devel/ruby-posix-spawn: Makefile
Log Message:
Don't try to be too fancy with the NOT_FOR_PLATFORM pattern. It broke.
(see pkgsrc-bulk)
|
|
|
|
x11/xvidtune: build fix
Revisions pulled up:
- x11/xvidtune/hacks.mk 1.1-1.2
---
Module Name: pkgsrc
Committed By: dholland
Date: Sat Jun 2 21:03:03 UTC 2012
Added Files:
pkgsrc/x11/xvidtune: hacks.mk
Log Message:
Work around x11-links lossage with native X on NetBSD 5.
x11-links rejects xf86vidmodeproto because it's too old according
to the pkgsrc X xf86vidmodeproto bl3 file (which is at best dubious
logic) and doesn't link it. Then the .pc file isn't available, so
this package's configure script silently fails running pkg-config
and sets XVIDTUNE_LIBS to empty. The build then fails at link time
because no X libs at all have been requested. Fix it by feeding in
the result of running the same pkg-config invocation outside
pkgsrc. The fact that the native xf86vidmode is "too old" does not
itself break the package.
---
Module Name: pkgsrc
Committed By: dholland
Date: Sun Jun 3 18:06:11 UTC 2012
Modified Files:
pkgsrc/x11/xvidtune: hacks.mk
Log Message:
This should also have bsd.prefs.mk before checking MACHINE_PLATFORM.
|
|
www/p5-Task-Plack: build fix
Revisions pulled up:
- www/p5-Task-Plack/Makefile 1.5
---
Module Name: pkgsrc
Committed By: dholland
Date: Sat Jun 2 18:54:32 UTC 2012
Modified Files:
pkgsrc/www/p5-Task-Plack: Makefile
Log Message:
Fix invalid version numbers.
|
|
net/nasd: build fix
Revisions pulled up:
- net/nasd/distinfo 1.2
- net/nasd/patches/patch-al 1.2
- net/nasd/patches/patch-ay 1.2
- net/nasd/patches/patch-common_i386_Imakefile 1.1
- net/nasd/patches/patch-include_nasd_nasd__timer_h 1.1
- net/nasd/patches/patch-kernel__generate_dux_other_Makefile 1.1
- net/nasd/patches/patch-kernel__generate_dux_other_nasd_Makefile 1.1
---
Module Name: pkgsrc
Committed By: dholland
Date: Sat Jun 2 23:34:56 UTC 2012
Modified Files:
pkgsrc/net/nasd: distinfo
pkgsrc/net/nasd/patches: patch-al patch-ay
Added Files:
pkgsrc/net/nasd/patches: patch-common_i386_Imakefile
patch-include_nasd_nasd__timer_h
patch-kernel__generate_dux_other_Makefile
patch-kernel__generate_dux_other_nasd_Makefile
Log Message:
Fix broken build.
(1) With gcc 4.5, cpp does not fold lines separated by a escaped
newline in the output. Therefore when nasd_rpcgen runs its rpc
definitions through cpp, what comes out contains syntax errors. The
parser then reports these with SIGSEGV. First fix the cpp plumbing to
use the cpp tool wrapper during build, and then have it use -traditional.
(2) On amd64, roughly half the build thinks it's actually i386. Patch
the other half to agree. This may not turn out to work, but it does
build instead of dumping out bizarre compile errors.
|
|
misc/stellarium/Makefile: build fix
print/pdf2djvu/Makefile: build fix
Revisions pulled up:
- misc/stellarium/Makefile 1.54-1.55
- print/pdf2djvu/Makefile 1.8-1.9
---
Module Name: pkgsrc
Committed By: dholland
Date: Sat Jun 2 19:35:47 UTC 2012
Modified Files:
pkgsrc/misc/stellarium: Makefile
Log Message:
Use BUILDLINK_TRANSFORM to drop unsupported -W options on netbsd-5.
---
Module Name: pkgsrc
Committed By: dholland
Date: Sat Jun 2 19:38:56 UTC 2012
Modified Files:
pkgsrc/print/pdf2djvu: Makefile
Log Message:
Use BUILDLINK_TRANSFORM to remove -Werror=foo syntax not supported on
netbsd-5.
---
Module Name: pkgsrc
Committed By: obache
Date: Sun Jun 3 09:31:32 UTC 2012
Modified Files:
pkgsrc/misc/stellarium: Makefile
pkgsrc/print/pdf2djvu: Makefile
Log Message:
require bsd.prefs.mk before conditional check.
|
|
audio/xcdplayer: build fix
Revisions pulled up:
- audio/xcdplayer/distinfo 1.9
- audio/xcdplayer/patches/patch-al 1.6
---
Module Name: pkgsrc
Committed By: dholland
Date: Sat Jun 2 20:00:50 UTC 2012
Modified Files:
pkgsrc/audio/xcdplayer: distinfo
pkgsrc/audio/xcdplayer/patches: patch-al
Log Message:
Call time() correctly; fixes netbsd-5 build.
|
|
|
|
net/bind96 security update
Revisions pulled up:
- net/bind96/Makefile 1.26
- net/bind96/distinfo 1.18
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Jun 4 13:29:19 UTC 2012
Modified Files:
pkgsrc/net/bind96: Makefile distinfo
Log Message:
Update bind96 to 9.6.3.1.ESV.7pl1 (BIND 9.6-ESV-R7-P1).
Security release for CVE-2012-1667.
--- 9.6-ESV-R7-P1 released ---
3331. [security] dns_rdataslab_fromrdataset could produce bad
rdataslabs. [RT #29644]
|
|
net/bind97 security update
Revisions pulled up:
- net/bind97/Makefile 1.15
- net/bind97/distinfo 1.14
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Jun 4 13:27:32 UTC 2012
Modified Files:
pkgsrc/net/bind97: Makefile distinfo
Log Message:
Update bind97 to 9.7.6pl1 (BIND 9.7.6-P1).
Security release for CVE-2012-1667.
--- 9.7.6-P1 released ---
3331. [security] dns_rdataslab_fromrdataset could produce bad
rdataslabs. [RT #29644]
|
|
net/bind98 security update
Revisions pulled up:
- net/bind98/Makefile 1.12
- net/bind98/distinfo 1.12
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Jun 4 13:25:56 UTC 2012
Modified Files:
pkgsrc/net/bind98: Makefile distinfo
Log Message:
Update bind98 to 9.8.3pl1 (BIND 9.8.3-P1).
Security release for CVE-2012-1667.
--- 9.8.3-P1 released ---
3331. [security] dns_rdataslab_fromrdataset could produce bad
rdataslabs. [RT #29644]
|
|
net/bind99 security update
Revisions pulled up:
- net/bind99/Makefile 1.5
- net/bind99/distinfo 1.5
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Jun 4 13:24:28 UTC 2012
Modified Files:
pkgsrc/net/bind99: Makefile distinfo
Log Message:
Update bind99 to 9.9.1pl1 (BIND 9.9.1-P1).
Security release for CVE-2012-1667.
--- 9.9.1-P1 released ---
3331. [security] dns_rdataslab_fromrdataset could produce bad
rdataslabs. [RT #29644]
|
|
|
|
geography/mapserver: security update
Revisions pulled up:
- geography/mapserver/Makefile 1.34
- geography/mapserver/distinfo 1.7
---
Module Name: pkgsrc
Committed By: obache
Date: Sat Jun 2 11:16:58 UTC 2012
Modified Files:
pkgsrc/geography/mapserver: Makefile distinfo
Log Message:
Update MapServer to 5.6.8.
PR 46504 By Wen Heping.
Version 5.6.8 (2012-02-08):
---------------------------
- Fix security issue with quote escape in WFS GetFeature Filter (#4087)
- Fix segfault on join with postgresql tables (#4074)
- Define Z_BEST_COMPRESSION for newer libpng versions (#4033)
- Fixes to support latest PROJ versions (#4008)
Version 5.6.7 (2011-07-12):
---------------------------
IMPORTANT SECURITY FIXES:
- Fixes to prevent SQL injections through OGC filter encoding (in WMS, WFS
and SOS), as well as a potential SQL injection in WMS time support.
Your system may be vulnerable if it has MapServer with OGC protocols
enabled, with layers connecting to an SQL RDBMS backend, either
natively or via OGR (#3903)
- Fixed potentially exploitable buffer overflows in OGC Filter Encoding
support (#3903)
Other Fixes:
- Fixed PHP/MapScript ms_iogetstdoutbufferbytes() always returning 0 bytes
written (#3041)
- OGC Filter: fix segfault when a ows_varname_type or wfs_varname_type is
defined but not a gml_varname_type (#3902)
- Fixed mssql2008 to return correct geometries with chart layer type (#3894)
- Fix segfault with png-inimage exceptions and quantize_force=on (#2903)
- Fix segfault on malformed <PropertyIsLike> filters (#3888)
- Fixed potential crash with AVERAGE resampling and crazy reprojection (#3886)
- Fixed segmentation fault on invalid symbol (#3849)
- add support for gml:Box for spatial filters (#3789)
- Fixed false computation of symbol size when used as a brush on line (#3760)
- Fixed SQL Spatial to be able to use UniqueIdentifier field as unique key (#3722)
- Fixed possible seg. fault when using "OGR:Label*" special attributes (#3667)
- Fixed bug with newlines around multipart boundaries in wcs multipart (#3672)
Version 5.6.6 (2011-01-17):
---------------------------
- SLD: Fix point symbolizer issue when color is not set (#3658)
- Fix WMS EXCEPTIONS parameter issue with fastcgi (#3525)
- Fixed missing time in msDrawMap logging (#3651)
- Fixed Internal error with Oracle Spatial multi point geometries (#3627)
- Fixed double free in shp2img.c (#3497)
- Fixed free(): invalid next size in mapfile.c (#3604)
- Fix for the memory corruption when mapping the string data type in the
Java bindings (3491)
- Correct wms 1.3.0 latlong bbox error (#2578)
- Fix ProperyIsLike not used efficiently with Oracle (#3557)
- Fixed msOGRGetSymbolId according to the changes in gdal 1.8 (#3556)
- Fixed crash when drawing a map using UNIQUE fid in the layer data (#3271)
- Fixed Oracle Spatial Data gets corrupt (#3541)
- Fixed issue with multiple styles and binding (#3538)
- Fixed multiple include tags not supported in xml mapfiles (#3530)
- Ensure the class is not marked BeforeFieldInit causing memory corruption
with C#/CLR4 (#3438)
- Fixed MSSQL2008 driver returning invalid extent (#3498)
- Fix computation of shape bounds when the first line contains no points
(#3119)(fixes #3383)
- Fixed error message tiles on zero-sized map cause memory allocation errors
in maperror.c. (#3524)
|
|
|
|
graphics/cairo: build fix
Revisions pulled up:
- graphics/cairo/Makefile 1.99
- graphics/cairo/hacks.mk 1.3
---
Module Name: pkgsrc
Committed By: dholland
Date: Sun May 27 18:21:44 UTC 2012
Modified Files:
pkgsrc/graphics/cairo: Makefile hacks.mk
Log Message:
Since a proper solution does not appear to be forthcoming anytime soon,
add a hack for "the pixman problem" on netbsd-5. Add -lpixman-1 to the
libs in cairo's .pc file when on netbsd-5.
|
|
www/moodle:: security update
Revisions pulled up:
- www/moodle/Makefile 1.11
- www/moodle/PLIST 1.9
- www/moodle/distinfo 1.9
---
Module Name: pkgsrc
Committed By: obache
Date: Thu May 31 12:12:54 UTC 2012
Modified Files:
pkgsrc/www/moodle: Makefile PLIST distinfo
Log Message:
Update moodle to 2.1.6, include some security fixes.
Based on maintainer update request by PR 46498.
Upstream changes:
Highlights
* MDL-32431 Calendar events can be backed-up and restored
* MDL-29262 Moodle 2 backup_controllers table is no longer needlessly massive
Functional changes
* MDL-27862 Ability to unset a theme
* MDL-31835 Recent conversations link added when viewing a message
* MDL-27427 Option added to delete external blog entries
Security issues
* MSA-12-0024 Hidden information access issue
* MSA-12-0025 Personal communication access issue
* MSA-12-0026 Quiz capability issue
* MSA-12-0027 Question bank capability issues
* MSA-12-0028 Insecure authentication issue
* MSA-12-0029 Information editing access issue
* MSA-12-0030 Capability manipulation issue
* MSA-12-0031 Cross-site scripting vulnerability in Wiki
* MSA-12-0032 Cross-site scripting vulnerability in Web services
* MSA-12-0035 Cross-site scripting vulnerability in "download all"
* MSA-12-0036 Cross-site scripting vulnerability in category identifier
* MSA-12-0037 Write access issue in Database activity module
* MSA-12-0038 Calendar event write permission issue
Fixes and improvements
* MDL-32061 Backup fixed when there is a lesson with attempts in the course
* MDL-31008 CSS fixed to display dimmed objects
* MDL-30867 Lesson essay question formatting fixed
* MDL-31528 Breadcrumbs appearing consistently when editing is off
* MDL-31631 Caching fixed so deleted activities do not remain listed
* MDL-26674 Wiki Module activity logs activity fully
* MDL-31510 Students in groups see only assignments in the Gradebook according to their group allocation
* MDL-32141 Custom TinyMCE additions now work in Firefox 11
|
|
|
|
devel/apache-ant: security update
Revisions pulled up:
- devel/apache-ant/Makefile 1.31
- devel/apache-ant/PLIST 1.14
- devel/apache-ant/distinfo 1.15
---
Module Name: pkgsrc
Committed By: tonio
Date: Mon May 28 08:10:06 UTC 2012
Modified Files:
pkgsrc/devel/apache-ant: Makefile PLIST distinfo
Log Message:
Update devel/apache-ant to 1.8.4
Changes from Ant 1.8.3 TO Ant 1.8.4
Fixed bugs:
* Ported libbzip2's fallback sort algorithm to CBZip2OutputStream to
speed up compression in certain edge cases. Merge from Commons
Compress.
* Using specially crafted inputs this can be used as a denial of
service attack.
See CVE-2012-2098.
|
|
|
|
audio/arts: build fix
Revisions pulled up:
- audio/arts/distinfo 1.55
- audio/arts/patches/patch-ab 1.6
---
Module Name: pkgsrc
Committed By: abs
Date: Tue May 15 13:18:43 UTC 2012
Modified Files:
pkgsrc/audio/arts: distinfo
pkgsrc/audio/arts/patches: patch-ab
Log Message:
Conditionalise old ioctl() usage on __NetBSD_Version__ < 600000000 or
__NetBSD_Version__ > 699000000 && __NetBSD_Version__ < 699000700
|
|
|
|
textproc/p5-YAML-LibYAML: security update
Revisions pulled up:
- textproc/p5-YAML-LibYAML/Makefile 1.9-1.10
- textproc/p5-YAML-LibYAML/distinfo 1.7-1.8
- textproc/p5-YAML-LibYAML/patches/patch-LibYAML_perl__libyaml.c 1.1
---
Module Name: pkgsrc
Committed By: sno
Date: Tue Apr 10 13:50:05 UTC 2012
Modified Files:
pkgsrc/textproc/p5-YAML-LibYAML: Makefile distinfo
Log Message:
Updating package for CPAN module YAML::LibYAML in textproc/p5-YAML-LibYAML
from 0.37 to 0.38
Upstream changes:
version: 0.38
date: Tue Jan 3 22:56:01 PST 2012
changes:
- Apply SPROUT++ deparse test patch. Thanks!
---
Module Name: pkgsrc
Committed By: spz
Date: Thu May 24 20:21:18 UTC 2012
Modified Files:
pkgsrc/textproc/p5-YAML-LibYAML: Makefile distinfo
Added Files:
pkgsrc/textproc/p5-YAML-LibYAML/patches: patch-LibYAML_perl__libyaml.c
Log Message:
fix for CVS-2012-1152 taken from
https://rt.cpan.org/Ticket/Attachment/920541/477607/YAML-LibYAML-0.35-format-err
or.patch
|
|
devel/rt3: security update
Revisions pulled up:
- devel/rt3/Makefile 1.49
- devel/rt3/Makefile.install 1.18
- devel/rt3/PLIST 1.21
- devel/rt3/distinfo 1.22
- devel/rt3/patches/patch-lib_RT_Action_CreateTickets.pm deleted
- devel/rt3/patches/patch-lib_RT_Ticket__Overlay.pm deleted
- devel/rt3/patches/patch-lib_RT_Transaction__Overlay.pm deleted
- devel/rt3/patches/patch-share_html_Admin_CustomFields_Modify.html deleted
- devel/rt3/patches/patch-share_html_Search_Bulk.html deleted
- devel/rt3/patches/patch-share_html_Search_Elements_SelectChartType deleted
- devel/rt3/patches/patch-share_html_Ticket_Elements_PreviewScrips deleted
---
Module Name: pkgsrc
Committed By: spz
Date: Fri May 25 19:55:44 UTC 2012
Modified Files:
pkgsrc/devel/rt3: Makefile Makefile.install PLIST distinfo
Removed Files:
pkgsrc/devel/rt3/patches: patch-lib_RT_Action_CreateTickets.pm
patch-lib_RT_Ticket__Overlay.pm
patch-lib_RT_Transaction__Overlay.pm
patch-share_html_Admin_CustomFields_Modify.html
patch-share_html_Search_Bulk.html
patch-share_html_Search_Elements_SelectChartType
patch-share_html_Ticket_Elements_PreviewScrips
Log Message:
Update RT to version 3.8.12:
Changes from 3.8.11 to 3.8.12:
This release, in addition to being a bugfix release, also resolves a
number of security vulnerabilities. It resolves CVE-2011-2082,
CVE-2011-2083, CVE-2011-2084, CVE-2011-2085, CVE-2011-4458,
CVE-2011-4459, and CVE-2011-4460.
* Upgrade prototype.js to version 1.7, for compatibility with google
charts.
* Remove ie7.js, which is no longer used.
* Ensure that TransactionBatch scripts are only run once.
Changes from 3.8.10 to 3.8.11:
This release contains a number of bugfixes and minor security updates
since the 3.8.10 release, most notably:
* Adjust FCGI dependency to one which resolves FCGI's CVE-2011-2766
* New WebHttpOnlyCookies option, enabled by default, which hides RT's
cookie from direct Javascript access.
* Compatibility with perl 5.12 and 5.14, by removing deprecated "for
qw(...)" and "defined %hash" syntax.
* MySQL 5.5 compatibility, by specifying ENGINE=InnoDB rather than
TYPE=InnoDB
* Ensure that RT::Interface::Web's _Overlay, _Local, and _Vendor files
are loaded correctly.
* Fix session cleaner for on-disk sessions, broken since 3.8.0.
* Ensure that only one "Based on" attribute is stored for each custom
field.
* Fix the loading of Shredder plugins, broken in 3.8.10.
|
|
|
|
www/ikiwiki: security update
Revisions pulled up:
- www/ikiwiki/Makefile 1.94
- www/ikiwiki/distinfo 1.78
- www/ikiwiki/PLIST 1.36
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: schmonz
Date: Thu May 17 05:51:05 UTC 2012
Modified Files:
pkgsrc/www/ikiwiki: Makefile distinfo
Log Message:
Update to 3.20120516. From the changelog:
* meta: Security fix; add missing sanitization of author and authorurl.
Thanks, Raúl Benencia
To generate a diff of this commit:
cvs rdiff -u -r1.93 -r1.94 pkgsrc/www/ikiwiki/Makefile
cvs rdiff -u -r1.77 -r1.78 pkgsrc/www/ikiwiki/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: schmonz
Date: Fri Apr 20 03:48:25 UTC 2012
Modified Files:
pkgsrc/www/ikiwiki: Makefile PLIST distinfo
Log Message:
Update to 3.20120419. From the changelog:
* Remove dead link from plugins/teximg. Closes: #664885
* inline: When the pagenames list includes pages that do not exist, skip
them.
* meta: Export author information in html <meta> tag. Closes: #664779
Thanks, Martin Michlmayr
* notifyemail: New plugin, sends email notifications about new and
changed pages, and allows subscribing to comments.
* Added a "changes" hook. Renamed the "change" hook to "rendered", but
the old hook name is called for now for back-compat.
* meta: Support keywords header. Closes: #664780
Thanks, Martin Michlmayr
* passwordauth: Fix url in password recovery email to be absolute.
* httpauth: When it's the only auth method, avoid a pointless and
confusing signin form, and go right to the httpauthurl.
* rename: Allow rename to be started not from the edit page; return to
the renamed page in this case.
* remove: Support removing of pages in the transient underlay. (smcv)
* inline, trail: The pagenames parameter is now a list of absolute
pagenames, not relative wikilink type names. This is necessary to fix
a bug, and makes pagenames more consistent with the pagespec used
in the pages parameter. (smcv)
* link: Fix renaming wikilinks that contain embedded urls.
* graphviz: Handle self-links.
* trail: Improve CSS, also display trail links at bottom of page,
and a bug fix. (smcv)
Add dependency on p5-HTML-Tree, suggested by Matthias Rampke in PR pkg/45688.
To generate a diff of this commit:
cvs rdiff -u -r1.92 -r1.93 pkgsrc/www/ikiwiki/Makefile
cvs rdiff -u -r1.35 -r1.36 pkgsrc/www/ikiwiki/PLIST
cvs rdiff -u -r1.76 -r1.77 pkgsrc/www/ikiwiki/distinfo
|
|
|
|
net/haproxy: security update
Revisions pulled up:
- net/haproxy/Makefile 1.4
- net/haproxy/distinfo 1.3
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: morr
Date: Fri May 25 08:19:47 UTC 2012
Modified Files:
pkgsrc/net/haproxy: Makefile distinfo
Log Message:
Update for net/haproxy to 1.4.21.
ChangeLog:
2012/05/21 : 1.4.21
- MINOR: patch for minor typo (ressources/resources)
- CLEANUP: fix typo in findserver() log message
- DOC: cleanup indentation, alignment, columns and chapters
- DOC: fix some keywords arguments documentation
- MINOR: stats admin: allow unordered parameters in POST requests
- MINOR: stats admin: use the backend id instead of its name in the form
- BUG/MAJOR: trash must always be the size of a buffer
- DOC: fix minor regex example issue and improve doc on stats
- BUG/MAJOR: possible crash when using capture headers on TCP frontends
- MINOR: config: disable header captures in TCP mode and complain
- BUG/MEDIUM: balance source did not properly hash IPv6 addresses
- CLEANUP: http: message parser must ignore HTTP_MSG_ERROR
- CLEANUP: remove a few warning about unchecked return values in debug code
- CLEANUP: http: remove unused http_msg->col
- BUG/MINOR: http: error snapshots are wrong if buffer wraps
- BUG/MAJOR: checks: don't call set_server_status_* when no LB algo is set
- MINOR: proxy: make findproxy() return proxies from numeric IDs too
- BUILD: http: stop gcc-4.1.2 from complaining about possibly uninitialized values
- BUG/MINOR: stop connect timeout when connect succeeds
2012/03/10 : 1.4.20
- BUG/MINOR: fix typo in processing of http-send-name-header
- BUG/MEDIUM: correctly disable servers tracking another disabled servers.
- BUG/MEDIUM: zero-weight servers must not dequeue requests from the backend
- MINOR: halog: add some help on the command line (cherry picked from commit 615674cdec067066a42f53f5d55628ab7b207e6c)
- BUILD: fix build error on FreeBSD
- BUG: queue: fix dequeueing sequence on HTTP keep-alive sessions
- BUG: http: disable TCP delayed ACKs when forwarding content-length data
- BUG: checks: fix server maintenance exit sequence
- BUG/MINOR: stream_sock: don't remove BF_EXPECT_MORE and BF_SEND_DONTWAIT on partial writes
- DOC: enumerate valid status codes for "observe layer7"
- BUILD: make it possible to look for pcre in the default system paths
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/haproxy/Makefile
cvs rdiff -u -r1.2 -r1.3 pkgsrc/net/haproxy/distinfo
|
|
textproc/py-feedparser: security update
Revisions pulled up:
- textproc/py-feedparser/Makefile 1.22
- textproc/py-feedparser/distinfo 1.13
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: schmonz
Date: Sat May 26 16:51:59 UTC 2012
Modified Files:
pkgsrc/textproc/py-feedparser: Makefile distinfo
Log Message:
Update to 5.1.2. From the changelog:
* Minor changes to the documentation
* Strip potentially dangerous ENTITY declarations in encoded feeds
* feedparser will now try to continue parsing despite compression errors
* Fix issue 321 a little more (the initial fix missed a code path)
* Issue 337 (`_parse_date_rfc822()` returns None on single-digit days)
* Issue 343 (add magnet links to the ACCEPTABLE_URI_SCHEMES)
* Issue 344 (handle deflated data with no headers nor checksums)
* Issue 347 (support `itunes:image` elements with a `url` attribute)
* Fix mistakes, typos, and bugs in the unit test code
* Fix crash in Python 2.4 and 2.5 if the feed has a UTF_32 byte order mark
* Replace the RFC822 date parser for more extensibility
* Issue 304 (handle RFC822 dates with timezones like GMT+00:00)
* Issue 309 (itunes:keywords should be split by commas, not whitespace)
* Issue 310 (pubDate should map to `published`, not `updated`)
* Issue 313 (include the compression test files in MANIFEST.in)
* Issue 314 (far-flung RFC822 dates don't throw OverflowError on x64)
* Issue 315 (HTTP server for unit tests runs on 0.0.0.0)
* Issue 321 (malformed URIs can cause ValueError to be thrown)
* Issue 322 (HTTP redirect to HTTP 304 causes SAXParseException)
* Issue 323 (installing chardet causes 11 unit test failures)
* Issue 325 (map `description_detail` to `summary_detail`)
* Issue 326 (Unicode filename causes UnicodeEncodeError if locale is ASCII)
* Issue 327 (handle RFC822 dates with extraneous commas)
* Issue 328 (temporarily map `updated` to `published` due to issue 310)
* Issue 329 (escape backslashes in Windows path in docs/introduction.rst)
* Issue 331 (don't escape backslashes that are in raw strings in the docs)
To generate a diff of this commit:
cvs rdiff -u -r1.21 -r1.22 pkgsrc/textproc/py-feedparser/Makefile
cvs rdiff -u -r1.12 -r1.13 pkgsrc/textproc/py-feedparser/distinfo
|
|
shells/tcsh: bugfix
Revisions pulled up:
- shells/tcsh/Makefile 1.70
- shells/tcsh/distinfo 1.29
- shells/tcsh/patches/patch-aa 1.13
- shells/tcsh/patches/patch-ab 1.12
- shells/tcsh/patches/patch-ac 1.15
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: he
Date: Fri May 25 20:01:31 UTC 2012
Modified Files:
pkgsrc/shells/tcsh: Makefile distinfo
pkgsrc/shells/tcsh/patches: patch-aa patch-ab
Log Message:
Add a patch to fix issue with Meta-<key> no longer being recognized.
Patch from christos@.
Add comments to some of the other patch files to appease pkglint.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.69 -r1.70 pkgsrc/shells/tcsh/Makefile
cvs rdiff -u -r1.28 -r1.29 pkgsrc/shells/tcsh/distinfo
cvs rdiff -u -r1.12 -r1.13 pkgsrc/shells/tcsh/patches/patch-aa
cvs rdiff -u -r1.11 -r1.12 pkgsrc/shells/tcsh/patches/patch-ab
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: he
Date: Sat May 26 08:34:14 UTC 2012
Added Files:
pkgsrc/shells/tcsh/patches: patch-ac
Log Message:
Add a patch to fix issue with Meta-<key> no longer being recognized.
Patch from christos@. (Sorry for overlooking "cvs add" earlier...)
To generate a diff of this commit:
cvs rdiff -u -r0 -r1.15 pkgsrc/shells/tcsh/patches/patch-ac
|
|
net/wireshark: security update
Revisions pulled up:
- net/wireshark/Makefile 1.78
- net/wireshark/distinfo 1.55
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue May 22 22:42:17 UTC 2012
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update "wireshark" package to version 1.6.8. Changes since 1.6.7:
- The following vulnerabilities have been fixed:
o wnpa-sec-2012-08
Infinite and large loops in the ANSI MAP, ASF, BACapp,
Bluetooth HCI, IEEE 802.11, IEEE 802.3, LTP, and R3 dissectors
have been fixed. Discovered by Laurent Butti. (Bugs 6805,
7118, 7119, 7120, 7121, 7122, 7124, 7125)
Versions affected: 1.4.0 to 1.4.12, 1.6.0 to 1.6.7.
o wnpa-sec-2012-09
The DIAMETER dissector could try to allocate memory improperly
and crash. (Bug 7138)
Versions affected: 1.4.0 to 1.4.12, 1.6.0 to 1.6.7.
o wnpa-sec-2012-10
Wireshark could crash on SPARC processors due to misaligned
memory. Discovered by Klaus Heckelmann. (Bug 7221)
Versions affected: 1.4.0 to 1.4.12, 1.6.0 to 1.6.7.
- The following bugs have been fixed:
o User-Password - PAP decoding passwords longer than 16 bytes.
(Bug 6779)
o The MSISDN is not seen correctly in GTP packet. (Bug 7042)
o Wireshark doesn't calculate the right IPv4 destination using
source routing options when bad options precede them. (Bug
7043)
o BOOTP dissector issue with DHCP option 82 - suboption 9. (Bug
7047)
o MPLS dissector in 1.6.7 and 1.7.1 misdecodes some MPLS CW
packets. (Bug 7089)
o ANSI MAP infinite loop. (Bug 7119)
o HCIEVT infinite loop. (Bug 7122)
o Wireshark doesn't decode NFSv4.1 operations. (Bug 7127)
o LTP infinite loop. (Bug 7124)
o Wrong values in DNS CERT RR. (Bug 7130)
o Megaco parser problem with LF in header. (Bug 7198)
o OPC UA bytestring node id decoding is wrong. (Bug 7226)
- Updated Protocol Support
ANSI MAP, ASF, BACapp, Bluetooth HCI, DHCP, DIAMETER, DNS, GTP,
IEEE 802.11, IEEE 802.3, IPv4, LTP, Megaco, MPLS, NFS, OPC UA,
RADIUS
- New and Updated Capture File Support
5View, CSIDS, pcap, pcap-ng
To generate a diff of this commit:
cvs rdiff -u -r1.77 -r1.78 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.54 -r1.55 pkgsrc/net/wireshark/distinfo
|
|
|
|
graphics/gdk-pixbuf: security patch
Revisions pulled up:
- graphics/gdk-pixbuf/Makefile 1.45
- graphics/gdk-pixbuf/distinfo 1.23
- graphics/gdk-pixbuf/patches/patch-ao 1.1
---
Module Name: pkgsrc
Committed By: he
Date: Fri May 25 08:29:36 UTC 2012
Modified Files:
pkgsrc/graphics/gdk-pixbuf: Makefile distinfo
Log Message:
Add fix for http://secunia.com/advisories/49125/, taken from
http://bugzilla-attachments.gnome.org/attachment.cgi?id=212053.
Bump pkgrevision.
---
Module Name: pkgsrc
Committed By: he
Date: Fri May 25 08:31:35 UTC 2012
Added Files:
pkgsrc/graphics/gdk-pixbuf/patches: patch-ao
Log Message:
Add fix for http://secunia.com/advisories/49125/, taken from
http://bugzilla-attachments.gnome.org/attachment.cgi?id=212053.
|
|
|
|
x11/slock: security update
Revisions pulled up:
- x11/slock/Makefile 1.4
- x11/slock/distinfo 1.2
---
Module Name: pkgsrc
Committed By: reed
Date: Wed May 23 17:10:50 UTC 2012
Modified Files:
pkgsrc/doc: CHANGES-2012
pkgsrc/x11/slock: Makefile distinfo
Log Message:
Upgrade slock to 1.0
Add license and change homepage.
No changes file included in source distribution.
Changes can be seen at http://hg.suckless.org/slock/ (see changelog
for last few versions).
One important fix is:
added XRaiseWindow workaround when new clients are launched
See http://secunia.com/advisories/48700/ for the security issue.
|