Age | Commit message (Collapse) | Author | Files | Lines |
|
www/apache22: security update
Revisions pulled up:
- www/apache22/Makefile 1.92
- www/apache22/distinfo 1.57
- www/apache22/patches/patch-modules_mappers_mod_rewrite.c deleted
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Mon Jul 15 18:15:49 UTC 2013
Modified Files:
pkgsrc/www/apache22: Makefile distinfo
Removed Files:
pkgsrc/www/apache22/patches: patch-modules_mappers_mod_rewrite.c
Log Message:
Update "apache22" package to version 2.2.25. Changes since 2.2.24:
- SECURITY: CVE-2013-1862 (cve.mitre.org)
mod_rewrite: Ensure that client data written to the RewriteLog is
escaped to prevent terminal escape sequences from entering the
log file. [Eric Covener, Jeff Trawick, Joe Orton]
- core: Limit ap_pregsub() to 64MB and add ap_pregsub_ex() for longer
strings. The default limit for ap_pregsub() can be adjusted at compile
time by defining AP_PREGSUB_MAXLEN. [Stefan Fritsch, Jeff Trawick]
- core: Support the SINGLE_LISTEN_UNSERIALIZED_ACCEPT optimization
on Linux kernel versions 3.x and above. Bug#55121. [Bradley Heilbrun
<apache heilbrun.org>]
- mod_setenvif: Log error on substitution overflow.
[Stefan Fritsch]
- mod_ssl/proxy: enable the SNI extension for backend TLS connections
[Kaspar Brand]
- mod_proxy: Use the the same hostname for SNI as for the HTTP request when
forwarding to SSL backends. Bug#53134.
[Michael Weiser <michael weiser.dinsnail.net>, Ruediger Pluem]
- mod_ssl: Quiet FIPS mode weak keys disabled and FIPS not selected emits
in the error log to debug level. [William Rowe]
- mod_ssl: Catch missing, mismatched or encrypted client cert/key pairs
with SSLProxyMachineCertificateFile/Path directives. Bug#52212, Bug#54698.
[Keith Burdis <keith burdis.org>, Joe Orton, Kaspar Brand]
- mod_proxy_balancer: Added balancer parameter failontimeout to allow server
admin to configure an IO timeout as an error in the balancer.
[Daniel Ruggeri]
- mod_authnz_ldap: Allow using exec: calls to obtain LDAP bind
password. [Daniel Ruggeri]
- htdigest: Fix buffer overflow when reading digest password file
with very long lines. Bug#54893. [Rainer Jung]
- mod_dav: Sending a MERGE request against a URI handled by mod_dav_svn with
the source href (sent as part of the request body as XML) pointing to a
URI that is not configured for DAV will trigger a segfault. [Ben Reser
<ben reser.org>]
- mod_dav: Ensure URI is correctly uriencoded on return. Bug#54611
[Timothy Wood <tjw omnigroup.com>]
- mod_dav: Make sure that when we prepare an If URL for Etag comparison,
we compare unencoded paths. Bug#53910 [Timothy Wood <tjw omnigroup.com>]
- mod_dav: Sending an If or If-Match header with an invalid ETag doesn't
result in a 412 Precondition Failed for a COPY operation. PR54610
[Timothy Wood <tjw omnigroup.com>]
- mod_dav: When a PROPPATCH attempts to remove a non-existent dead
property on a resource for which there is no dead property in the same
namespace httpd segfaults. Bug#52559 [Diego Santa Cruz
<diego.santaCruz spinetix.com>]
- mod_dav: Do not fail PROPPATCH when prop namespace is not known.
Bug#52559 [Diego Santa Cruz <diego.santaCruz spinetix.com>]
- mod_dav: Do not segfault on PROPFIND with a zero length DBM.
Bug#52559 [Diego Santa Cruz <diego.santaCruz spinetix.com>]
To generate a diff of this commit:
cvs rdiff -u -r1.91 -r1.92 pkgsrc/www/apache22/Makefile
cvs rdiff -u -r1.56 -r1.57 pkgsrc/www/apache22/distinfo
cvs rdiff -u -r1.3 -r0 \
pkgsrc/www/apache22/patches/patch-modules_mappers_mod_rewrite.c
|
|
|
|
www/wordpress: security update
Revisions pulled up:
- www/wordpress/Makefile 1.32-1.33
- www/wordpress/PLIST 1.15
- www/wordpress/distinfo 1.25
---
Module Name: pkgsrc
Committed By: morr
Date: Mon Jun 24 16:13:21 UTC 2013
Modified Files:
pkgsrc/www/wordpress: Makefile distinfo
Log Message:
Security update to version 3.5.2.
Fixed issues:
* Server-Side Request Forgery (SSRF) via the HTTP API. CVE-2013-2199.
* Privilege Escalation: Contributors can publish posts, and users can reassign authorship. CVE-2013-2200.
* Cross-Site Scripting (XSS) in SWFUpload. CVE-2013-2205.
* Denial of Service (DoS) via Post Password Cookies. CVE-2013-2173.
* Content Spoofing via Flash Applet in TinyMCE Media Plugin. CVE-2013-2204.
* Cross-Site Scripting (XSS) when Uploading Media. CVE-2013-2201.
* Full Path Disclosure (FPD) during File Upload. CVE-2013-2203.
* Cross-Site Scripting (XSS) (Low Severity) when Editing Media. CVE-2013-2201.
* Cross-Site Scripting (XSS) (Low Severity) when Installing/Updating Plugins/Themes. CVE-2013-2201.
* XML External Entity Injection (XXE) via oEmbed. CVE-2013-2202.
---
Module Name: pkgsrc
Committed By: morr
Date: Mon Jun 24 16:16:42 UTC 2013
Modified Files:
pkgsrc/www/wordpress: Makefile
Log Message:
Remove pkgrevision bit
---
Module Name: pkgsrc
Committed By: morr
Date: Thu Jun 27 08:04:57 UTC 2013
Modified Files:
pkgsrc/www/wordpress: PLIST
Log Message:
Fix PLIST file, unbreak build
|
|
|
|
net/haproxy: security update
Pullup ticket #4165 - requested by morr
net/haproxy: security update
Revisions pulled up:
- net/haproxy/Makefile 1.8
- net/haproxy/distinfo 1.6
- net/haproxy/patches/patch-aa 1.3
- net/haproxy/patches/patch-ab 1.2
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: morr
Date: Wed Apr 17 19:55:38 UTC 2013
Modified Files:
pkgsrc/net/haproxy: Makefile distinfo
pkgsrc/net/haproxy/patches: patch-aa patch-ab
Log Message:
Security update to version 1.4.23.
ChangeLog:
2013/04/03 : 1.4.23
- CONTRIB: halog: sort URLs by avg bytes_read or total bytes_read
- BUG: fix garbage data when http-send-name-header replaces an existing header
- BUG/MEDIUM: remove supplementary groups when changing gid
- BUG/MINOR: Correct logic in cut_crlf()
- BUG/MINOR: config: use a copy of the file name in proxy configurations
- BUG/MINOR: epoll: correctly disable FD polling in fd_rem()
- MINOR: halog: sort output by cookie code
- BUG/MINOR: halog: -ad/-ac report the correct number of output lines
- BUG/MINOR: halog: fix help message for -ut/-uto
- BUG/MEDIUM: http: set DONTWAIT on data when switching to tunnel mode
- BUG/MEDIUM: command-line option -D must have precedence over "debug"
- OPTIM: halog: keep a fast path for the lines-count only
- MINOR: halog: add a parameter to limit output line count
- BUG: halog: fix broken output limitation
- MEDIUM: checks: avoid accumulating TIME_WAITs during checks
- MEDIUM: checks: prevent TIME_WAITs from appearing also on timeouts
- BUG/MAJOR: cli: show sess <id> may randomly corrupt the back-ref list
- BUG/MINOR: http: don't report client aborts as server errors
- BUG/MINOR: http: don't log a 503 on client errors while waiting for requests
- BUG/MEDIUM: tcp: process could theorically crash on lack of source ports
- BUG/MINOR: http: don't abort client connection on premature responses
- BUILD: no need to clean up when making git-tar
- MINOR: http: always report PR-- flags for redirect rules
- BUG/MINOR: time: frequency counters are not totally accurate
- BUG/MINOR: http: don't process abortonclose when request was sent
- BUG/MINOR: epoll: use a fix maxevents argument in epoll_wait()
- BUG/MINOR: config: fix improper check for failed memory alloc in ACL parser
- BUG/MEDIUM: checks: ensure the health_status is always within bounds
- CLEANUP: http: remove a useless null check
- BUG/MEDIUM: signal: signal handler does not properly check for signal bounds
- BUG/MEDIUM: uri_auth: missing NULL check and memory leak on memory shortage
- CLEANUP: config: slowstart is never negative
- BUILD: improve the makefile's support for libpcre
- BUG/MINOR: checks: fix an warning introduced by commit 2f61455a
- MEDIUM: halog: add support for counting per source address (-ic)
- DOC: mention the new HTTP 307 and 308 redirect statues (cherry picked from commit b67fdc4cd8bde202f2805d98683ddab929469a05)
- MEDIUM: poll: do not use FD_* macros anymore
- BUG/MAJOR: ev_select: disable the select() poller if maxsock > FD_SETSIZE
- BUILD: enable poll() by default in the makefile
- BUILD: add explicit support for Mac OS/X
- BUG/CRITICAL: using HTTP information in tcp-request content may crash the process
- MEDIUM: http: implement redirect 307 and 308
- MINOR: http: status 301 should not be marked non-cacheable
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 pkgsrc/net/haproxy/Makefile
cvs rdiff -u -r1.4 -r1.5 pkgsrc/net/haproxy/distinfo
cvs rdiff -u -r1.2 -r1.3 pkgsrc/net/haproxy/patches/patch-aa
cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/haproxy/patches/patch-ab
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: morr
Date: Thu Jun 20 21:36:28 UTC 2013
Modified Files:
pkgsrc/net/haproxy: Makefile distinfo
Log Message:
Security update to version 1.4.24.
ChangeLog:
- BUG/MAJOR: backend: consistent hash can loop forever in certain circumstances
- BUG/MEDIUM: checks: disable TCP quickack when pure TCP checks are used
- MEDIUM: protocol: implement a "drain" function in protocol layers
- BUG/CRITICAL: fix a possible crash when using negative header occurrences
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 pkgsrc/net/haproxy/Makefile
cvs rdiff -u -r1.5 -r1.6 pkgsrc/net/haproxy/distinfo
|
|
net/wireshark: security update
Revisions pulled up:
- net/wireshark/Makefile 1.103
- net/wireshark/distinfo 1.66
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Jun 11 22:57:59 UTC 2013
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update "wireshark" package to version 1.8.8. Changes since 1.8.7:
- Bug Fixes
The following vulnerabilities have been fixed.
o wnpa-sec-2013-32
The CAPWAP dissector could crash. Discovered by Laurent Butti.
(Bug 8725)
Versions affected: 1.8.0 to 1.8.7, 1.6.0 to 1.6.15.
o wnpa-sec-2013-33
The GMR-1 BCCH dissector could crash. Discovered by Sylvain
Munaut and Laurent Butti. (Bug 7664, Bug 8726 )
Versions affected: 1.8.0 to 1.8.7.
o wnpa-sec-2013-34
The PPP dissector could crash. Discovered by Laurent Butti.
(Bug 7880, Bug 8727 )
Versions affected: 1.8.0 to 1.8.7.
o wnpa-sec-2013-35
The NBAP dissector could crash. (Bug 8697)
Versions affected: 1.8.0 to 1.8.7.
o wnpa-sec-2013-36
The RDP dissector could crash. Discovered by Laurent Butti
(Bug 8729)
Versions affected: 1.8.0 to 1.8.7.
o wnpa-sec-2013-37
The GSM CBCH dissector could crash. Discovered by Laurent
Butti (Bug 8730)
Versions affected: 1.8.0 to 1.8.7.
o wnpa-sec-2013-38
The Assa Abloy R3 dissector could consume excessive memory and
CPU. (Bug 8764)
Versions affected: 1.8.0 to 1.8.7.
o wnpa-sec-2013-39
The HTTP dissector could overrun the stack. (Bug 8733)
Versions affected: 1.8.0 to 1.8.7, 1.6.0 to 1.6.15.
o wnpa-sec-2013-40
The Ixia IxVeriWave file parser could overflow the heap.
Discovered by Sachin Shinde. (Bug 8760)
Versions affected: 1.8.0 to 1.8.7.
o wnpa-sec-2013-41
The DCP ETSI dissector could crash. (Bug 8717)
Versions affected: 1.10.0, 1.8.0 to 1.8.7, 1.6.0 to 1.6.15.
The following bugs have been fixed:
o TRY_TO_FAKE_THIS_ITEM disables bounds errors. (Bug 3290)
o Multiple expert info in a packet does not cause the most
"severe" to be displayed in expert column. (Bug 7733)
o tshark -z io,stat reports bad byte counts if filter doesn't
match anything. (Bug 8066)
o Add decryption for WPA eapol 4-way handshake. (Bug 8680)
o wireshark is crashing while attempting to use 'SCTP' ->
'Prepare Filter for this Association'. (Bug 8731)
o Crash analyzing VoIP Calls (T38). (Bug 8736)
o IMAP Dissector, Missing byte. (Bug 8739)
o C12.22 Invocation Id shows negative sometimes. (Bug 8744)
o gsm_a_dtap dissector (SMS): under certain conditions fillbits
may be displayed for an alphanumeric TP-Originating-Address.
(Bug 8756)
o TETRA dissector assertion. (Bug 8768)
o Mark retransmitted SYN and FIN packets as retransmissions.
- Updated Protocol Support
Bittorrent DHT, C12.22, CAPWAP, DCP ETSI, EAPOL, GMR-1 BCCH, GSM
CBCH, GSM SMS, HTTP, IMAP, NBAP, PPP, R3, RDP, SGsAP, T.38, TETRA
- New and Updated Capture File Support
Ixia IxVeriWave.
To generate a diff of this commit:
cvs rdiff -u -r1.102 -r1.103 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.65 -r1.66 pkgsrc/net/wireshark/distinfo
|
|
|
|
sysutils/dbus: security update
Revisions pulled up:
- sysutils/dbus/Makefile 1.60-1.61
- sysutils/dbus/distinfo 1.43-1.44
- sysutils/dbus/patches/patch-ab 1.21
---
Module Name: pkgsrc
Committed By: wiz
Date: Sun May 26 18:06:05 UTC 2013
Modified Files:
pkgsrc/sysutils/dbus: Makefile distinfo
pkgsrc/sysutils/dbus/patches: patch-ab
Log Message:
Update to 1.6.10:
D-Bus 1.6.10 (2013-04-24)
==
The “little-known facts about bananas” release.
• Following Unicode Corrigendum #9, the noncharacters U+nFFFE, U+nFFFF,
U+FDD0..U+FDEF are allowed in UTF-8 strings again.
(fd.o #63072, Simon McVittie)
• Diagnose incorrect use of dbus_connection_get_data() with negative slot
(i.e. before allocating the slot) rather than returning junk
(fd.o #63127, Dan Williams)
• In the activation helper, when compiled for tests, do not reset the system
bus address, fixing the regression tests. (fd.o #52202, Simon)
• Fix building with Valgrind 3.8, at the cost of causing harmless warnings
with Valgrind 3.6 on some compilers (fd.o #55932, Arun Raghavan)
• Don't leak temporary fds pointing to /dev/null (fd.o #56927, Michel HERMIER)
• Create session.d, system.d directories under CMake (fd.o #41319,
Ralf Habacker)
• Unix-specific:
· Include alloca.h for alloca() if available, fixing compilation on
Solaris 10 (fd.o #63071, Dagobert Michelsen)
---
Module Name: pkgsrc
Committed By: wiz
Date: Thu Jun 13 13:00:34 UTC 2013
Modified Files:
pkgsrc/sysutils/dbus: Makefile distinfo
Log Message:
Update to 1.6.12:
D-Bus 1.6.12 (2013-06-13)
==
Fixes:
• CVE-2013-2168: Fix misuse of va_list that could be used as a denial
of service for system services. Vulnerability reported by Alexandru Cornea.
(Simon)
• In dbus-daemon, don't crash if a .service file starts with key=value
(fd.o #60853, Chengwei Yang)
• Unix-specific:
· Fix an assertion failure if we try to activate systemd services before
systemd connects to the bus (fd.o #50199, Chengwei Yang)
· Avoid compiler warnings for ignoring the return from write()
(Chengwei Yang)
|
|
|
|
multimedia/adobe-flash-plugin10.1: security update
Revisions pulled up:
- multimedia/adobe-flash-plugin10.1/Makefile 1.29
- multimedia/adobe-flash-plugin10.1/distinfo 1.20
---
Module Name: pkgsrc
Committed By: obache
Date: Fri Jun 14 08:22:13 UTC 2013
Modified Files:
pkgsrc/multimedia/adobe-flash-plugin10.1: Makefile distinfo
Log Message:
Update adobe-flash-plugin10.1 to 10.3.183.90 for APSB13-16
|
|
multimedia/adobe-flash-plugin11: security update
Revisions pulled up:
- multimedia/adobe-flash-plugin11/Makefile 1.17
- multimedia/adobe-flash-plugin11/distinfo 1.16
---
Module Name: pkgsrc
Committed By: obache
Date: Fri Jun 14 08:20:57 UTC 2013
Modified Files:
pkgsrc/multimedia/adobe-flash-plugin11: Makefile distinfo
Log Message:
Update adobe-flash-plugin11 to 11.2.202.291 for APSB13-16
|
|
|
|
|
|
lang/php53: fix build with "suhosi" option
Revisions pulled up:
- lang/php53/Makefile.php 1.34
- lang/php53/distinfo 1.65
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Jun 9 22:23:24 UTC 2013
Modified Files:
pkgsrc/lang/php53: Makefile.php distinfo
Log Message:
Fix suhosi patch part.
Thanks to Volkmar Seifert notified me the problem via private e-mail.
(I should modify my local mk.conf to handle better...)
|
|
|
|
lang/php53: fix build with "suhosi" option
Revisions pulled up:
- lang/php53/Makefile.php 1.34
- lang/php53/distinfo 1.65
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Jun 9 22:23:24 UTC 2013
Modified Files:
pkgsrc/lang/php53: Makefile.php distinfo
Log Message:
Fix suhosi patch part.
Thanks to Volkmar Seifert notified me the problem via private e-mail.
(I should modify my local mk.conf to handle better...)
|
|
lang/php/phpversion.mk: update PHP versions after security update
Revisions pulled up:
- lang/php/phpversion.mk 1.32-1.34
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Apr 12 17:01:47 UTC 2013
Modified Files:
pkgsrc/lang/php: phpversion.mk
Log Message:
Update PHP53_VERSION and PHP54_VERSION.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Jun 3 15:23:14 UTC 2013
Modified Files:
pkgsrc/lang/php: phpversion.mk
Log Message:
Update PHP53_VERSION and PHP54_VERSION. It should be updated with
last update of php53/php54.
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jun 7 13:56:25 UTC 2013
Modified Files:
pkgsrc/lang/php: phpversion.mk
Log Message:
Update PHP53_VERSION and PHP54_VERSION.
|
|
lang/php53: security update
Revisions pulled up:
- lang/php53/Makefile.common 1.24-1.26
- lang/php53/Makefile.php 1.33 via patch
- lang/php53/distinfo 1.63-1.64 via patch
- lang/php53/patches/patch-main_main.c deleted
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Apr 12 16:59:51 UTC 2013
Modified Files:
pkgsrc/lang/php53: Makefile.common Makefile.php distinfo
pkgsrc/lang/php53/patches: patch-ab
Log Message:
Update php53 to 5.3.24.
11 Apr 2013, PHP 5.3.24
- Core
. Fixed bug #64370 (microtime(true) less than $_SERVER['REQUEST_TIME_FLOAT']).
(Anatol)
. Fixed bug #63914 (zend_do_fcall_common_helper_SPEC does not handle
exceptions properly). (Jeff Welch)
. Fixed bug #62343 (Show class_alias In get_declared_classes()) (Dmitry)
- PCRE:
. Merged PCRE 8.32). (Anatol)
- mysqlnd
. Fixed bug #63530 (mysqlnd_stmt::bind_one_parameter crashes, uses wrong alloc
for stmt->param_bind). (Andrey)
- DateTime
. Fixed bug #62852 (Unserialize Invalid Date causes crash). (Anatol)
- Zip:
. Bug #64452 (Zip crash intermittently). (Anatol)
---
Module Name: pkgsrc
Committed By: taca
Date: Thu May 16 16:19:14 UTC 2013
Modified Files:
pkgsrc/lang/php53: Makefile.common Makefile.php distinfo
Removed Files:
pkgsrc/lang/php53/patches: patch-main_main.c
Log Message:
Update php53 to 5.3.25 (PHP 5.3.25).
09 May 2013, PHP 5.3.25
- Core:
. Fixed bug #64578 (debug_backtrace in set_error_handler corrupts zend heap:
segfault). (Laruence)
. Fixed bug #64458 (dns_get_record result with string of length -1). (Stas)
. Fixed bugs #47675 and #64577 (fd leak on Solaris). (Rasmus)
- Streams:
. Fixed Windows x64 version of stream_socket_pair() and improved error
handling. (Anatol Belski)
- Zip:
. Fixed bug #64342 (ZipArchive::addFile() has to check for file existence).
(Anatol)
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jun 7 13:53:52 UTC 2013
Modified Files:
pkgsrc/lang/php53: Makefile.common distinfo
Log Message:
Update php53 to 5.3.26.
06 Jun 2013, PHP 5.3.26
- Core:
. Fixed bug #64879 (Heap based buffer overflow in quoted_printable_encode,
CVE 2013-2110). (Stas)
- Calendar:
. Fixed bug #64895 (Integer overflow in SndToJewish). (Remi)
- FPM:
. Fixed some possible memory or resource leaks and possible null dereference
detected by code coverity scan. (Remi)
. Log a warning when a syscall fails. (Remi)
- MySQLi:
. Fixed bug #64726 (Segfault when calling fetch_object on a use_result and DB
pointer has closed). (Laruence)
- Phar
. Fixed bug #64214 (PHAR PHPTs intermittently crash when run on DFS, SMB or
with non std tmp dir). (Pierre)
- Streams:
. Fixed bug #64770 (stream_select() fails with pipes returned by proc_open()
on Windows x64). (Anatol)
- Zend Engine:
. Fixed bug #64821 (Custom Exception crash when internal properties
overridden). (Anatol)
|
|
|
|
lang/php54: security update
Revisions pulled up:
- lang/php54/Makefile.common 1.11-1.13
- lang/php54/distinfo 1.16-1.18
- lang/php54/patches/patch-main_main.c deleted
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Apr 12 17:00:40 UTC 2013
Modified Files:
pkgsrc/lang/php54: Makefile.common distinfo
Log Message:
Update php54 to 5.4.14.
11 Apr 2013, PHP 5.4.14
- Core
. Fixed bug #64529 (Ran out of opcode space). (Dmitry)
. Fixed bug #64515 (Memoryleak when using the same variablename two t=
imes in
function declaration). (Laruence)
. Fixed bug #64432 (more empty delimiter warning in strX methods). (L=
aruence)
. Fixed bug #64417 (ArrayAccess::&offsetGet() in a trait causes fatal=
error).
(Dmitry)
. Fixed bug #64370 (microtime(true) less than $_SERVER['REQUEST_TIME_=
FLOAT']).
(Anatol)
. Fixed bug #64239 (Debug backtrace changed behavior since 5.4.10 or =
5.4.11).
(Dmitry, Laruence)
. Fixed bug #63976 (Parent class incorrectly using child constant in =
class
property). (Dmitry)
. Fixed bug #63914 (zend_do_fcall_common_helper_SPEC does not handle
exceptions properly). (Jeff Welch)
. Fixed bug #62343 (Show class_alias In get_declared_classes()) (Dmit=
ry)
- PCRE:
. Merged PCRE 8.32. (Anatol)
- SNMP:
. Fixed bug #61981 (OO API, walk: $suffix_as_key is not working corre=
ctly).
(Boris Lytochkin)
- Zip:
. Bug #64452 (Zip crash intermittently). (Anatol)
---
Module Name: pkgsrc
Committed By: taca
Date: Thu May 16 16:19:58 UTC 2013
Modified Files:
pkgsrc/lang/php54: Makefile.common distinfo
Removed Files:
pkgsrc/lang/php54/patches: patch-main_main.c
Log Message:
Update php54 to 5.4.15 (PHP 5.4.15).
09 May 2013, PHP 5.4.15
- Core:
. Fixed bug #64578 (debug_backtrace in set_error_handler corrupts zen=
d heap:
segfault). (Laruence)
. Fixed bug #64458 (dns_get_record result with string of length -1). =
(Stas)
. Fixed bug #64433 (follow_location parameter of context is ignored f=
or most
response codes). (Sergey Akbarov)
. Fixed bugs #47675 and #64577 (fd leak on Solaris)
- Fileinfo:
. Upgraded libmagic to 5.14. (Anatol)
- Zip:
. Fixed bug #64342 (ZipArchive::addFile() has to check for file exist=
ence).
(Anatol)
- Streams:
. Fixed Windows x64 version of stream_socket_pair() and improved erro=
r
handling (Anatol Belski)
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jun 7 13:54:33 UTC 2013
Modified Files:
pkgsrc/lang/php54: Makefile.common distinfo
Log Message:
Update php54 to 5.4.16.
06 Jun 2013, PHP 5.4.16
- Core:
. Fixed bug #64879 (Heap based buffer overflow in quoted_printable_en=
code,
CVE 2013-2110). (Stas)
. Fixed bug #64853 (Use of no longer available ini directives causes =
crash on
TS build). (Anatol)
. Fixed bug #64729 (compilation failure on x32). (Gustavo)
. Fixed bug #64720 (SegFault on zend_deactivate). (Dmitry)
. Fixed bug #64660 (Segfault on memory exhaustion within function def=
inition).
(Stas, reported by Kylm=E4nen)
- Calendar:
. Fixed bug #64895 (Integer overflow in SndToJewish). (Remi)
- Fileinfo:
. Fixed bug #64830 (mimetype detection segfaults on mp3 file). (Anato=
l)
- FPM:
. Ignore QUERY_STRING when sent in SCRIPT_FILENAME. (Remi)
. Fixed some possible memory or resource leaks and possible null dere=
ference
detected by code coverity scan. (Remi)
. Log a warning when a syscall fails. (Remi)
. Add --with-fpm-systemd option to report health to systemd, and
systemd_interval option to configure this. The service can now use
Type=3Dnotify in the systemd unit file. (Remi)
- MySQLi
. Fixed bug #64726 (Segfault when calling fetch_object on a use_result=
and DB
pointer has closed). (Laruence)
- Phar
. Fixed bug #64214 (PHAR PHPTs intermittently crash when run on DFS, =
SMB or
with non std tmp dir). (Pierre)
- SNMP:
. Fixed bug #64765 (Some IPv6 addresses get interpreted wrong).
(Boris Lytochkin)
. Fixed bug #64159 (Truncated snmpget). (Boris Lytochkin)
- Streams:
. Fixed bug #64770 (stream_select() fails with pipes returned by proc=
_open()
on Windows x64). (Anatol)
- Zend Engine:
. Fixed bug #64821 (Custom Exceptions crash when internal properties
overridden). (Anatol)
|
|
fonts/efont-unicode: build fix
fonts/ja-naga10: build fix
Revisions pulled up:
- fonts/efont-unicode/Makefile 1.14
- fonts/ja-naga10/Makefile 1.12
- mk/tools/replace.mk 1.259-1.260
---
Module Name: pkgsrc
Committed By: obache
Date: Wed Jun 5 13:26:35 UTC 2013
Modified Files:
pkgsrc/mk/tools: replace.mk
Log Message:
fixes usage of TOOLS_CREATE for X related tools, and those tools will be created
in ${TOOLS_DIR}/bin, same as other tools.
---
Module Name: pkgsrc
Committed By: obache
Date: Thu Jun 6 02:17:17 UTC 2013
Modified Files:
pkgsrc/mk/tools: replace.mk
Log Message:
create X related tools also for X11_TYPE=native.
might fix PR pkg/47883.
---
Module Name: pkgsrc
Committed By: obache
Date: Sun Jun 9 13:00:47 UTC 2013
Modified Files:
pkgsrc/fonts/efont-unicode: Makefile
pkgsrc/fonts/ja-naga10: Makefile
Log Message:
Bump PKGREVISION so that .pcf files will be created correctly with X related
tools fixes.
PR pkg/47883.
|
|
lang/ruby193-base: security update
Revisions pulled up:
- lang/ruby/rubyversion.mk 1.96-1.99 via patch
- lang/ruby193-base/Makefile 1.28-1.30 via patch
- lang/ruby193-base/PLIST 1.8 via patch
- lang/ruby193-base/distinfo 1.19-1.21,1.19 via patch
- lang/ruby193-base/patches/patch-Makefile.in 1.1 via patch
- lang/ruby193-base/patches/patch-configure 1.7-1.9,1.7 via patch
- lang/ruby193-base/patches/patch-configure.in 1.6-1.8,1.6 via patch
- lang/ruby193-base/patches/patch-lib_rubygems_dependency__installer.rb 1.2 via patch
---
Module Name: pkgsrc
Committed By: obache
Date: Thu Apr 4 13:30:07 UTC 2013
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
Log Message:
define ruby library names for Cygwin (only tested with ruby193).
---
Module Name: pkgsrc
Committed By: obache
Date: Thu Apr 4 13:31:55 UTC 2013
Modified Files:
pkgsrc/lang/ruby193-base: Makefile PLIST
Log Message:
Add missing PLIST entries for Win32 (currently, on Cygwin).
---
Module Name: pkgsrc
Committed By: obache
Date: Sat Apr 20 02:30:18 UTC 2013
Modified Files:
pkgsrc/lang/ruby193-base: Makefile
Log Message:
Cygwin also require tools.mkdir in rbconfig.rb work around.
---
Module Name: pkgsrc
Committed By: rodent
Date: Mon Apr 8 11:17:26 UTC 2013
Modified Files:
pkgsrc/audio/distmp3: Makefile
pkgsrc/audio/festival: Makefile
pkgsrc/audio/moc: Makefile
pkgsrc/chat/konversation: Makefile
pkgsrc/chat/xchat: Makefile.common
pkgsrc/converters/skf: Makefile
pkgsrc/databases/clisp-bdb: PLIST
pkgsrc/databases/gdbm: Makefile
pkgsrc/databases/gdbm_compat: builtin.mk
pkgsrc/databases/mysql51-client: Makefile.common
pkgsrc/databases/p5-Catalyst-Model-RDBO: MESSAGE
pkgsrc/databases/php-pdo_mysql: Makefile
pkgsrc/databases/postgresql84: options.mk
pkgsrc/databases/py-metakit: Makefile
pkgsrc/devel/gps: options.mk
pkgsrc/devel/gtexinfo: options.mk
pkgsrc/devel/lwp: PLIST
pkgsrc/devel/netbsd-iscsi-lib: Makefile
pkgsrc/devel/p5-Devel-Pragma: Makefile
pkgsrc/devel/p5-Test-TinyMocker: Makefile
pkgsrc/devel/ruby-readline: options.mk
pkgsrc/devel/tpasm: PLIST
pkgsrc/devel/xulrunner192: Makefile mozilla-common.mk
pkgsrc/editors/emacs22: Makefile.common
pkgsrc/editors/xemacs: hacks.mk
pkgsrc/emulators/suse121_gtk2: Makefile
pkgsrc/filesystems/fuse: builtin.mk
pkgsrc/filesystems/glusterfs: MESSAGE.NetBSD options.mk
pkgsrc/filesystems/openafs: options.mk
pkgsrc/fonts/ja-elisat: Makefile
pkgsrc/games/crack-attack-sounds: Makefile
pkgsrc/games/gnuchess: Makefile
pkgsrc/games/pingus: Makefile
pkgsrc/games/quake3server-ut: Makefile
pkgsrc/graphics/graphviz: buildlink3.mk
pkgsrc/graphics/tgif: Makefile
pkgsrc/graphics/xplot-devel: Makefile
pkgsrc/inputmethod/ibus: bad-env-usage.mk
pkgsrc/inputmethod/prime: Makefile
pkgsrc/inputmethod/uim-elisp: Makefile
pkgsrc/lang/gcc47-libs: Makefile
pkgsrc/lang/objc: Makefile
pkgsrc/lang/ruby: gem.mk rubyversion.mk
pkgsrc/lang/ucblogo: Makefile
pkgsrc/mail/mailhops: Makefile
pkgsrc/mail/perdition: Makefile.common
pkgsrc/mail/thunderbird-l10n: MESSAGE
pkgsrc/mail/thunderbird10-l10n: MESSAGE
pkgsrc/math/mpcomplex: inplace.mk
pkgsrc/math/mtl: Makefile
pkgsrc/math/p5-Math-Random-MT-Perl: Makefile
pkgsrc/misc/autocue: distinfo
pkgsrc/multimedia/gstreamer1: options.mk
pkgsrc/multimedia/tstools: Makefile
pkgsrc/net/arping: Makefile
pkgsrc/net/delegate: Makefile
pkgsrc/net/hlfl: Makefile
pkgsrc/net/irrd: options.mk
pkgsrc/net/netdisco: Makefile
pkgsrc/net/openvpn: MESSAGE
pkgsrc/net/py-omniORBpy: hacks.mk
pkgsrc/net/radiusclient-ng: Makefile
pkgsrc/net/ruby-amqp: Makefile
pkgsrc/net/sitescooper: Makefile
pkgsrc/net/teamspeak-client: Makefile
pkgsrc/net/vnc: Makefile
pkgsrc/net/wistumbler2: Makefile.common
pkgsrc/net/wpa_gui: Makefile
pkgsrc/net/wu-ftpd: Makefile
pkgsrc/parallel/gridscheduler: Makefile
pkgsrc/pkgtools/pkg_install: Makefile
pkgsrc/print/LPRng-core: Makefile
pkgsrc/security/crypto++: Makefile
pkgsrc/security/f-prot-antivirus6-ms-bin: Makefile
pkgsrc/security/libbf: Makefile
pkgsrc/security/libidea: Makefile
pkgsrc/security/libssh: Makefile
pkgsrc/security/pakemon: Makefile
pkgsrc/security/php-suhosin: Makefile
pkgsrc/security/pks: Makefile
pkgsrc/security/prelude-lml: Makefile
pkgsrc/security/prngd: Makefile
pkgsrc/security/py-lasso: Makefile
pkgsrc/shells/ast-ksh: Makefile.common
pkgsrc/sysutils/mkmemstick: distinfo
pkgsrc/sysutils/whowatch: Makefile
pkgsrc/textproc/dblatex: Makefile
pkgsrc/textproc/hunspell-da_DK: Makefile
pkgsrc/textproc/hunspell-sk_SK: Makefile
pkgsrc/textproc/jade: Makefile
pkgsrc/textproc/kakasi: Makefile
pkgsrc/textproc/py-enchant: Makefile
pkgsrc/wm/compiz-fusion-plugins-extra: Makefile
pkgsrc/wm/compiz-fusion-plugins-main: Makefile
pkgsrc/www/SOGo: MESSAGE
pkgsrc/www/amaya: hacks.mk
pkgsrc/www/ap2-xslt2: Makefile
pkgsrc/www/contao30: Makefile
pkgsrc/www/epiphany: Makefile
pkgsrc/www/firefox-l10n: MESSAGE
pkgsrc/www/firefox10-l10n: MESSAGE
pkgsrc/www/firefox36: Makefile
pkgsrc/www/firefox36-l10n: MESSAGE
pkgsrc/www/phraseanet: MESSAGE
pkgsrc/www/seamonkey-l10n: MESSAGE
pkgsrc/x11/xdaemon: Makefile
Log Message:
Remove "Trailing empty lines." and/or "Trailing white-space."
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 14 15:18:05 UTC 2013
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
Log Message:
* Properly handle the case of multiple values in RUBY_VERSION_SUPPORTED.
* Clean up PLIST_VARS.
No functional change should be done.
---
Module Name: pkgsrc
Committed By: bsiegert
Date: Tue Apr 30 21:30:59 UTC 2013
Modified Files:
pkgsrc/lang/ruby193-base: distinfo
pkgsrc/lang/ruby193-base/patches: patch-configure patch-configure.in
Log Message:
Unbreak build on MirBSD by pre-including sys/types.h and sys/time.h in
header checks.
This will be submitted upstream.
---
Module Name: pkgsrc
Committed By: taca
Date: Thu May 16 16:13:59 UTC 2013
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
pkgsrc/lang/ruby193-base: Makefile distinfo
pkgsrc/lang/ruby193-base/patches: patch-configure patch-configure.in
patch-lib_rubygems_dependency__installer.rb
Added Files:
pkgsrc/lang/ruby193-base/patches: patch-Makefile.in
Log Message:
Update ruby193 and related packages to 1.9.3p429 (Ruby 1.9.3 patchlevel 429).
pkgsrc changes:
* Fix gem command creating extra directories.
Quote from release announce:
This release includes a security fix about bundled DL / Fiddle.
* Object taint bypassing in DL and Fiddle in Ruby (CVE-2013-2065)
http://www.ruby-lang.org/en/news/2013/05/14/taint-bypass-dl-fiddle-cve-2013-2065/
* And some small bugfixes are also included.
See tickets:
https://bugs.ruby-lang.org/projects/ruby-193/issues?set_filter=1&status_id=5
ChangeLog for details.
http://svn.ruby-lang.org/repos/ruby/tags/v1_9_3_426/ChangeLog
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 18 07:39:36 UTC 2013
Modified Files:
pkgsrc/lang/ruby193-base: distinfo
pkgsrc/lang/ruby193-base/patches: patch-configure patch-configure.in
Log Message:
Correct patch of configure scripts for DragonFly/FreeBSD.
That place was changed prior to my update of ruby193-base pacakge and
I'm not sure it was correct or not.
And suffix of libruby shared library has something historical part of
pkgsrc. I don't care so much to changing the name, but also don't
think it is so important thing to bump revisions.
Noted by pkg/47831 from David Shao.
---
Module Name: pkgsrc
Committed By: bsiegert
Date: Tue Apr 30 21:30:59 UTC 2013
Modified Files:
pkgsrc/lang/ruby193-base: distinfo
pkgsrc/lang/ruby193-base/patches: patch-configure patch-configure.in
Log Message:
Unbreak build on MirBSD by pre-including sys/types.h and sys/time.h in
header checks.
This will be submitted upstream.
|
|
|
|
devel/transifex-client: security update
Revisions pulled up:
- devel/transifex-client/Makefile 1.2-1.3
- devel/transifex-client/PLIST 1.2
- devel/transifex-client/distinfo 1.2
---
Module Name: pkgsrc
Committed By: taca
Date: Thu May 23 13:17:52 UTC 2013
Modified Files:
pkgsrc/devel/transifex-client: Makefile
Log Message:
Correct HOEPAGE noted by PR pkg/47848 from Ilias-Dimitrios Vrachnis.
---
Module Name: pkgsrc
Committed By: taca
Date: Thu May 23 14:54:53 UTC 2013
Modified Files:
pkgsrc/devel/transifex-client: Makefile PLIST distinfo
Log Message:
Update transifex-client to 0.9, fixing CVE-2013-2073.
pkgsrc changes; use wget instead of curl to fetch.
Quote from release announce on the blog.
* Verify SSL certificates. Even though the client opened an encrypted
connection to the server, it did not validate the certificate used. As a
result, the client was open to MITM attacks. The new version will always
validate the certificate first and refuse to connect to the server if there
is a problem with it.
* Add support for soft links in UNIX systems. You can now use soft links in
your project directories. This would be useful in cases where you have a
large project and you would prefer to assign the localization files to
multiple Transifex projects.
* Add support for local .transifexrc files. You can now have a .transifexrc
file in your project directory. The entries in the file will override the
ones from the main one. This would be useful in cases you would prefer to
use a different set of credentials for a project than the ones you use for
the rest of your projects in Transifex.
* Make the client more friendly to users in Windows. The .tx/config file now
supports forward slashes for the paths in Windows, in accordance to what
UNIX uses. As a result, people can now share a .tx/config irrespective of
whether they use a UNIX-based system (like Linux and Mac OS X) or Windows.
|
|
|
|
www/apache22: security patch
Revisions pulled up:
- www/apache22/Makefile 1.88
- www/apache22/distinfo 1.55
- www/apache22/patches/patch-modules_mappers_mod_rewrite.c 1.3
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu May 30 22:58:15 UTC 2013
Modified Files:
pkgsrc/www/apache22: Makefile distinfo
Added Files:
pkgsrc/www/apache22/patches: patch-modules_mappers_mod_rewrite.c
Log Message:
Add Apache developer fix for security vulnerability reported
in CVE-2013-1862.
To generate a diff of this commit:
cvs rdiff -u -r1.87 -r1.88 pkgsrc/www/apache22/Makefile
cvs rdiff -u -r1.54 -r1.55 pkgsrc/www/apache22/distinfo
cvs rdiff -u -r0 -r1.3 \
pkgsrc/www/apache22/patches/patch-modules_mappers_mod_rewrite.c
|
|
|
|
www/apache-tomcat6: security update
Revisions pulled up:
- www/apache-tomcat6/Makefile 1.12
- www/apache-tomcat6/PLIST 1.8
- www/apache-tomcat6/distinfo 1.9
---
Module Name: pkgsrc
Committed By: spz
Date: Sat May 18 15:19:15 UTC 2013
Modified Files:
pkgsrc/www/apache-tomcat6: Makefile PLIST distinfo
Log Message:
security update:
Important: Session fixation CVE-2013-2067
FORM authentication associates the most recent request requiring
authentication with the current session. By repeatedly sending
a request for an authenticated resource while the victim is
completing the login form, an attacker could inject a request
that would be executed using the victim's credentials.
Note that the option to change session ID on authentication was
added in Tomcat 6.0.21. In earlier 6.0.x releases, prevention of
session fixation was an application responsibility.
This vulnerability represents a bug in Tomcat's session fixation
protection that was added in 6.0.21. Hence, only versions 6.0.21
onwards are listed as vulnerable.
This was fixed in revision 1417891.
This issue was identified by the Tomcat security team on
15 Oct 2012 and made public on 10 May 2013.
Affects: 6.0.21-6.0.36
Important: Denial of service CVE-2012-3544
When processing a request submitted using the chunked transfer
encoding, Tomcat ignored but did not limit any extensions that
were included. This allows a client to perform a limited DOS
by streaming an unlimited amount of data to the server.
This was fixed in revision 1476592.
This issue was reported to the Tomcat security team on
10 November 2011 and made public on 10 May 2013.
Affects: 6.0.0-6.0.36
ChangeLog:
++++++++++
Catalina
fix 52055: Ensure that filters are recycled. (markt/kkolinko)
fix 52184: Reduce log level for invalid cookies. (markt)
fix 53481: Added support for SSLHonorCipherOrder to allow the
server to impose its cipher order on the client. Based on
a patch provided by Marcel Šebek. (schultz)
fix 54044: Correct bug in timestamp cache used by logging
(including the access log valve) that meant entries could
be made with an earlier timestamp than the true timestamp. (markt)
fix In FormAuthenticator: If it is configured to change
Session IDs, do the change before displaying the login
form. (kkolinko)
fix 54054: Do not share shell environment variables between
multiple instances of the CGI servlet. (markt)
fix 54087: Correctly handle (ignore) invalid If-Modified-Since
header rather than throwing an exception. (markt/kkolinko)
fix 54220: Ensure the ErrorReportValve only generates an error
report if the error flag on the response has been set. (markt)
fix Fix memory leak of servlet instances when running with
a SecurityManager and either init() or destroy() methods
fail or the servlet is a SingleThreadModel one, and of
filter instances if their destroy() method fails with an
Error. (kkolinko)
fix 54382: Fix NPE when SSI processing is enabled and an empty
SSI directive is present. (markt)
fix 54483: Correct one of the Spanish translations. Based on
a suggestion from adinamita. (kkolinko)
update 54527: Synchronize conf/web.xml mime mapping with Tomcat 7. (markt)
Coyote
fix 54248: Ensure that byte order marks are swallowed when
using a Reader to read a request body with a BOM for those
encodings that require byte order marks. (markt)
fix 54324: Allow APR connector to disable TLS compression
if OpenSSL supports it. (schultz)
fix 54456: Ensure that if a client aborts a request when
sending a chunked request body that this is communicated
correctly to the client reading the request body. (markt)
update Update the native component of the APR/native connector
to 1.1.27 and make that version the recommended minimum
version. (kkolinko)
Jasper
fix 54615: Tomcat 6 doesn't build against ecj 4.x (kkolinko)
Cluster
fix 54045: Make sure getMembers() returns available member
when TcpFailureDetector works in static cluster. (kfujino)
Web applications
update 22278: Add a commented out sample configuration of
RemoteAddrValve to META-INF/context.xml files of the
Manager and Host Manager applications. (kkolinko)
fix 54080: Clarify documentation for initial value of
internalProxies attribute of RemoteIpValve. (schultz/kkolinko)
fix 54198: Clarify that HttpServletResponse.sendError(int)
results in an HTML response by default. (markt)
fix 54207: Correct JNDI factory package name in Javadoc for
org.apache.naming.java.javaURLContextFactory. (markt)
Other
update Add sample Apache Commons Daemon JSVC wrapper script
bin/daemon.sh that can be used with /etc/init.d. (kkolinko)
update In the build configuration: introduce property
"tomcat.output" that is used to specify location of the
build output directory. This simplifies configuration if
someone wants to move the output directory elsewhere
(e.g. out of the source tree). (kkolinko)
fix 54390: Use 'java_home' on Mac OS X to auto-detect
JAVA_HOME. (schultz)
update 54601: Change catalina.sh to consistently use
LOGGING_MANAGER variable to configure logging, instead
of modifying JAVA_OPTS one. (kkolinko)
update 54890: Update to Apache Commons Daemon 1.0.15. (mturk)
|
|
|
|
devel/rt3: security update
Revisions pulled up:
- devel/rt3/Makefile 1.52
- devel/rt3/Makefile.install 1.20
- devel/rt3/PLIST 1.23
- devel/rt3/distinfo 1.24
---
Module Name: pkgsrc
Committed By: spz
Date: Sun May 26 16:55:53 UTC 2013
Modified Files:
pkgsrc/devel/rt3: Makefile Makefile.install PLIST distinfo
Log Message:
security update for RT3, fixing:
CVE-2013-3368
CVE-2013-3369
CVE-2013-3370
CVE-2013-3371
CVE-2013-3372
CVE-2013-3373
CVE-2013-3374
It also includes a database upgrade, so please make sure to run `make
upgrade-database`.
Changes in detail are:
3.8.15->3.8.16:
ruz stop RT from locking on "large" mails
ruz make sure data is recorded (tests)
alexmv Remove bogus argument to ->get(), which fail on HTTP::Message >= 5.05
alexmv Ensure that tickets are destroyed before global destruction, in more
alexmv Work around a bug in perl < 5.13.10 with open($fh, ">:raw", \$string)
sunnavy destroy more tickets and objects before global destruction for modern
tsibley Remove the "signature" paragraph from the README's explanation of RT
3.8.16->3.8.17:
alexmv Ensure that filenames in inline image attributes are HTML-escaped
alexmv Deny direct access to callbacks
alexmv Protect calls to $m->comp with user input in ColumnMap
alexmv Ensure that subjects cannot contain embedded newlines
alexmv Remove filename= suggesions from Content-Disposition lines
alexmv Ensure consistent escaping of filenames in attachment URIs
alexmv Ensure that URLs placed in HTML attributes are escaped correctly, to
prevent XSS injection
alexmv Ensure that the default replacement does not pass through unescaped
content
alexmv Use File::Temp for non-predictable temporary filenames
|
|
|
|
print/acroread9: security update
Revisions pulled up:
- print/acroread9/Makefile 1.10
- print/acroread9/distinfo 1.9
---
Module Name: pkgsrc
Committed By: obache
Date: Fri May 24 13:11:08 UTC 2013
Modified Files:
pkgsrc/print/acroread9: Makefile distinfo
Log Message:
Update acroread9 to 9.5.5 for APSB13-15.
|
|
|
|
emulators/suse121_libtiff: security update
Revisions pulled up:
- emulators/suse121_libtiff/Makefile 1.4
- emulators/suse121_libtiff/distinfo 1.4
---
Module Name: pkgsrc
Committed By: obache
Date: Thu May 23 11:20:09 UTC 2013
Modified Files:
pkgsrc/emulators/suse121_libtiff: Makefile distinfo
Log Message:
Update libtiff3 rpm to 3.9.5-8.17.1 for CVE-2013-1960 and CVE-2013-1961.
Bump PKGREVISION.
|
|
|
|
net/wireshark: security update
Revisions pulled up:
- net/wireshark/Makefile 1.98
- net/wireshark/distinfo 1.64
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sun May 19 15:47:29 UTC 2013
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update "wireshark" package to version 1.8.7. Changes since 1.8.6:
- Bug Fixes
The following vulnerabilities have been fixed.
o wnpa-sec-2013-23
The RELOAD dissector could go into an infinite loop.
Discovered by Evan Jensen. (Bug 8364, (Bug 8546)
Versions affected: 1.8.0 to 1.8.6.
CVE-2013-2486
CVE-2013-2487
o wnpa-sec-2013-24
The GTPv2 dissector could crash. (Bug 8493)
Versions affected: 1.8.0 to 1.8.6.
o wnpa-sec-2013-25
The ASN.1 BER dissector could crash. (Bug 8599)
Versions affected: 1.8.0 to 1.8.6, 1.6.0 to 1.6.14.
o wnpa-sec-2013-26
The PPP CCP dissector could crash. (Bug 8638)
Versions affected: 1.8.0 to 1.8.6.
o wnpa-sec-2013-27
The DCP ETSI dissector could crash. Discovered by Evan Jensen.
(Bug 8231, bug 8540, bug 8541)
Versions affected: 1.8.0 to 1.8.6.
o wnpa-sec-2013-28
The MPEG DSM-CC dissector could crash. (Bug 8481)
Versions affected: 1.8.0 to 1.8.6.
o wnpa-sec-2013-29
The Websocket dissector could crash. Discovered by Moshe
Kaplan. (Bug 8448, Bug 8499)
Versions affected: 1.8.0 to 1.8.6.
o wnpa-sec-2013-30
The MySQL dissector could go into an infinite loop. Discovered
by Moshe Kaplan. (Bug 8458)
Versions affected: 1.8.0 to 1.8.6.
o wnpa-sec-2013-31
The ETCH dissector could go into a large loop. Discovered by
Moshe Kaplan. (Bug 8464)
Versions affected: 1.8.0 to 1.8.6.
The following bugs have been fixed:
o The Windows installer and uninstaller does a better job of
detecting running executables.
o Library mismatch when compiling on a system with an older
Wireshark version. (Bug 6011)
o SNMP dissector bug: STATUS_INTEGER_DIVIDE_BY_ZERO. (Bug 7359)
o A console window is never opened. (Bug 7755)
o GSM_MAP show malformed Packets when two IMSI. (Bug 7882)
o Fix include and libs search path when cross compiling. (Bug
7926)
o PER dissector crash. (Bug 8197)
o pcap-ng: name resolution block is not written to file on save.
(Bug 8317)
o Incorrect RTP statistics (Lost Packets indication not ok).
(Bug 8321)
o Decoding of GSM MAP E164 Digits. (Bug 8450)
o Silent installer and uninstaller not silent. (Bug 8451)
o Replace use of INCLUDES with AM_CPPFLAGS in all Makefiles to
placate recent autotools. (Bug 8452)
o Wifi details are not stored in the Decryption Key Management
dialog (post 1.8.x). (Bug 8446)
o IO Graph should not be limited to 100k points (NUM_IO_ITEMS).
(Bug 8460)
o geographical_description: hf_gsm_a_geo_loc_deg_of_long 24 bit
field truncated to 23 bits. (Bug 8532)
o IRC message with multiple params causes malformed packet
exception. (Bug 8548)
o Part of Ping Reply Message in ICMPv6 Reply Message is marked
as "Malformed Packet". (Bug 8554)
o MP2T wiretap heuristic overriding ERF. (Bug 8556)
o Cannot read content of Ran Information Application Error Rim
Container. (Bug 8559)
o Endian error and IP:Port error when decoding BT-DHT response
message. (Bug 8572)
o "ACE4_ADD_FILE/ACE4_ADD_SUBDIRECTORY" should be
"ACE4_APPEND_DATA / ACE4_ADD_SUBDIRECTORY". (Bug 8575)
o wireshark crashes while displaying I/O Graph. (Bug 8583)
o GTPv2 MM Context (UMTS Key, Quad, and Quint Decoded)
incorrectly. (Bug 8596)
o DTLS 1.2 uses wrong PRF. (Bug 8608)
o RTP DTMF digits are no longer displayed in VoIP graph
analysis. (Bug 8610)
o Universal port not accepted in RSA Keys List window. (Bug
8618)
o Wireshark Dissector bug with HSRP Version 2. (Bug 8622)
o LISP control packet incorrectly identified as LISP data based
when UDP source port is 4341. (Bug 8627)
o Bad tcp checksum not detected. (Bug 8629)
o AMR Frame Type uses wrong Value String. (Bug 8681)
- Updated Protocol Support
AMR, ASN.1 BER, BAT, Bluetooth DHT, BSSGP, DTLS, E.164, Ericsson
A-bis OML, GSM A, GSM MAP, HDFSDATA, ICMP, ICMPv6, ixveriwave,
IRC, KDSP, LISP Data, MMS, NFS, OpenWire, PPP, RELOAD, RTP, SASP,
SIP, SSL/TLS, TCP, UA3G
- New and Updated Capture File Support
Endace ERF, NetScreen snoop.
To generate a diff of this commit:
cvs rdiff -u -r1.97 -r1.98 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.63 -r1.64 pkgsrc/net/wireshark/distinfo
|
|
|
|
lang/php53: build fix
Revisions pulled up:
- lang/php53/Makefile.php 1.32
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu May 9 14:31:48 UTC 2013
Modified Files:
pkgsrc/lang/php53: Makefile.php
Log Message:
Fix wrong condition check; make's variable should be referenced as variable.
To generate a diff of this commit:
cvs rdiff -u -r1.31 -r1.32 pkgsrc/lang/php53/Makefile.php
|
|
|
|
multimedia/adobe-flash-plugin11: security update
Revisions pulled up:
- multimedia/adobe-flash-plugin11/Makefile 1.16
- multimedia/adobe-flash-plugin11/distinfo 1.15
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: obache
Date: Thu May 16 05:17:17 UTC 2013
Modified Files:
pkgsrc/multimedia/adobe-flash-plugin11: Makefile distinfo
Log Message:
Update adobe-flash-plugin11 to 11.2.202.285 for APSB13-14.
To generate a diff of this commit:
cvs rdiff -u -r1.15 -r1.16 pkgsrc/multimedia/adobe-flash-plugin11/Makefile
cvs rdiff -u -r1.14 -r1.15 pkgsrc/multimedia/adobe-flash-plugin11/distinfo
|
|
multimedia/adobe-flash-plugin10.1: security update
Revisions pulled up:
- multimedia/adobe-flash-plugin10.1/Makefile 1.28
- multimedia/adobe-flash-plugin10.1/distinfo 1.19
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: obache
Date: Thu May 16 05:15:54 UTC 2013
Modified Files:
pkgsrc/multimedia/adobe-flash-plugin10.1: Makefile distinfo
Log Message:
Update adobe-flash-plugin10.1 to 10.3.183.86 for APSB13-14.
To generate a diff of this commit:
cvs rdiff -u -r1.27 -r1.28 pkgsrc/multimedia/adobe-flash-plugin10.1/Makefile
cvs rdiff -u -r1.18 -r1.19 pkgsrc/multimedia/adobe-flash-plugin10.1/distinfo
|
|
security/mit-krb5: security fix
Revisions pulled up:
- security/mit-krb5/Makefile 1.70
- security/mit-krb5/distinfo 1.43
- security/mit-krb5/patches/patch-kadmin_server_schpw.c 1.1
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tez
Date: Mon May 13 22:42:34 UTC 2013
Modified Files:
pkgsrc/security/mit-krb5: Makefile distinfo
Added Files:
pkgsrc/security/mit-krb5/patches: patch-kadmin_server_schpw.c
Log Message:
The kpasswd service provided by kadmind was vulnerable to a UDP
"ping-pong" attack [CVE-2002-2443]. Don't respond to packets unless
they pass some basic validation, and don't respond to our own error
packets.
Some authors use CVE-1999-0103 to refer to the kpasswd UDP ping-pong
attack or UDP ping-pong attacks in general, but there is discussion
leading toward narrowing the definition of CVE-1999-0103 to the echo,
chargen, or other similar built-in inetd services.
https://github.com/krb5/krb5/commit/cf1a0c411b2668c57c41e9c4efd15ba17b6b322ccvs
To generate a diff of this commit:
cvs rdiff -u -r1.69 -r1.70 pkgsrc/security/mit-krb5/Makefile
cvs rdiff -u -r1.42 -r1.43 pkgsrc/security/mit-krb5/distinfo
cvs rdiff -u -r0 -r1.1 \
pkgsrc/security/mit-krb5/patches/patch-kadmin_server_schpw.c
|
|
emulators/suse121_libcurl: security update
Revisions pulled up:
- emulators/suse121_libcurl/Makefile 1.2
- emulators/suse121_libcurl/distinfo 1.2
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: obache
Date: Sat May 11 10:18:53 UTC 2013
Modified Files:
pkgsrc/emulators/suse121_libcurl: Makefile distinfo
Log Message:
Update libcurl4 RPM to 7.22.0-2.14.1 for CVE-2013-1944.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/emulators/suse121_libcurl/Makefile \
pkgsrc/emulators/suse121_libcurl/distinfo
|
|
emulators/suse121_libxml2: security update
Revisions pulled up:
- emulators/suse121_libxml2/Makefile 1.7
- emulators/suse121_libxml2/distinfo 1.7
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: obache
Date: Thu May 2 09:15:08 UTC 2013
Modified Files:
pkgsrc/emulators/suse121_libxml2: Makefile distinfo
Log Message:
Update libxml2 RPM to 2.7.8+git20110708-3.24.1 for CVE-2013-1969.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 pkgsrc/emulators/suse121_libxml2/Makefile \
pkgsrc/emulators/suse121_libxml2/distinfo
|
|
|
|
www/squid3: build fix
Revisions pulled up:
- www/squid3/PLIST 1.4
- www/squid3/options.mk 1.6
---
Module Name: pkgsrc
Committed By: obache
Date: Sat May 4 06:08:44 UTC 2013
Modified Files:
pkgsrc/www/squid3: PLIST options.mk
Log Message:
enabled file_userip external acl helper require more tweak.
related to PR pkg/47784
|
|
|
|
www/squid3: build fix
Revisions pulled up:
- www/squid3/options.mk 1.5
---
Module Name: pkgsrc
Committed By: dholland
Date: Mon Apr 29 15:53:59 UTC 2013
Modified Files:
pkgsrc/www/squid3: options.mk
Log Message:
Fix options.mk, from Edgar Fuss in PR 47784.
|
|
security/mit-krb5: security patch
Revisions pulled up:
- security/mit-krb5/Makefile 1.68
- security/mit-krb5/distinfo 1.41
- security/mit-krb5/patches/patch-kdc_do_tgs_req.c 1.1
---
Module Name: pkgsrc
Committed By: tez
Date: Tue Apr 23 22:09:44 UTC 2013
Modified Files:
pkgsrc/security/mit-krb5: Makefile distinfo
Added Files:
pkgsrc/security/mit-krb5/patches: patch-kdc_do_tgs_req.c
Log Message:
Fix for CVE-2013-1416 from:
http://krbdev.mit.edu/rt/Ticket/Display.html?user=guest&pass=guest&id=7600
|
|
|