Age | Commit message (Collapse) | Author | Files | Lines |
|
www/geeklog: security patch
Revisions pulled up:
- www/geeklog/Makefile 1.41
- www/geeklog/PLIST 1.20
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Jul 6 11:49:54 UTC 2015
Modified Files:
pkgsrc/www/geeklog: Makefile PLIST
Log Message:
Remove test and demo from wideimage library which is used by filemanger
since these files contains XSS problem.
Bump PKGREVISION.
|
|
devel/p5-Test-Approx: build fix
Revisions pulled up:
- devel/p5-Test-Approx/Makefile 1.9
---
Module Name: pkgsrc
Committed By: joerg
Date: Sun Jul 5 12:51:14 UTC 2015
Modified Files:
pkgsrc/devel/p5-Test-Approx: Makefile
Log Message:
Set module type correctly.
|
|
textproc/p5-Text-Microformat: build fix
Revisions pulled up:
- textproc/p5-Text-Microformat/Makefile 1.9
---
Module Name: pkgsrc
Committed By: joerg
Date: Sun Jul 5 12:42:35 UTC 2015
Modified Files:
pkgsrc/textproc/p5-Text-Microformat: Makefile
Log Message:
Set module type correctly.
|
|
|
|
www/typo3_62: security update
Revisions pulled up:
- www/typo3_62/Makefile 1.7
- www/typo3_62/PLIST 1.6
- www/typo3_62/distinfo 1.6
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jul 4 09:58:30 UTC 2015
Modified Files:
pkgsrc/www/typo3_62: Makefile PLIST distinfo
Log Message:
Update typo3_62 to 6.2.14 (TYPO3 6.2.14).
2015-07-01 e7376af [RELEASE] Release of TYPO3 6.2.14 =
(TYPO3 Release Team)
2015-07-01 0f3fb37 #59231 [SECURITY] Add hook to implement l=
ogin protection methods (Nicole Cordes)
2015-07-01 2973b57 #67538 [SECURITY] Disallow access to fall=
back storage '0' (Nicole Cordes)
2015-07-01 8546772 #67458 [SECURITY] XSS in 3rd party librar=
y Flowplayer (Wouter Wolters)
2015-07-01 9be2f6b #34107 [SECURITY] Encode link text proper=
ly in typolink (Nicole Cordes)
2015-07-01 7695d91 #59211 [SECURITY] XSS in Filelist (Markus=
Bucher)
2015-07-01 4f6e84b #59258 [SECURITY] Regenerate session id u=
pon login if needed (Helmut Hummel)
2015-07-01 bff9fa5 #56644 [SECURITY] Prevent edit of file me=
tadata of files with no access (Marc Bastian Heinrichs)
2015-07-01 fac6e13 #67799,#67775 [TASK] Travis: container based and=
no composer self-update (Christian Kuhn)
2015-07-01 ca0df84 #67835 [BUGFIX] Use single quotes in quer=
y for values in EXT:workspaces (Andreas Fernandez)
2015-07-01 e742451 #67867 [BUGFIX] Duplicate XLIFF identifie=
rs (Xavier Perseguers)
2015-07-01 af872e2 #65205 [BUGFIX] Load language file for er=
ror messages (Nicole Cordes)
2015-07-01 1f19bb5 #66895 [BUGFIX] Correction of Filelink of=
FAL in linkvalidator (Pierre Boivin)
2015-07-01 603edc3 #67837 [BUGFIX] 1st level cache for ``Que=
ryResult::count()`` (Mathias Brodala)
2015-06-30 a5bec24 #16840 [BUGFIX] hmenu.special =3D list mu=
st evaluate showAccessRestrictedPages (Gilles FOUET)
2015-06-30 f151333 #67834 [BUGFIX] Fix SQL error in IndexSea=
rchRepository (Tim Schreiner)
2015-06-29 d9d1754 #67779 [TASK] Travis: Add github oauth to=
ken (Anja Leichsenring)
2015-06-29 abbfcac [FOLLOWUP][BUGFIX] Only count item=
s in ForViewHelper when ``iteration`` argument is set (Anja Leichsenrin=
g)
2015-06-29 3db88fe #67801 [BUGFIX] Only count items in ForVi=
ewHelper when ``iteration`` argument is set (Mathias Brodala)
2015-06-26 e1198d9 #67770 [BUGFIX] Fix wrong variable spelli=
ng in RteHtmlParser (Markus Klein)
2015-06-26 0f4157b #50231 [BUGFIX] Increase lifetime of cach=
e_rootline (Christian Kuhn)
2015-06-25 53d22b5 #67238 [BUGFIX] Avoid race conditions in =
typo3temp/Cache (Bernhard Kraft)
2015-06-25 ed1948d #67735 [BUGFIX] Make ext_update working (=
Markus Klein)
2015-06-25 583eb67 #67703 [BUGFIX] Cleanup AbstractException=
Handler and fix variable access (Mathias Schreiber)
2015-06-23 9d8c63b #67697 [TASK] Bump class alias loader ver=
sion (Helmut Hummel)
2015-06-23 0edaed8 #67696 [TASK] Bump composer installer ver=
sion (Helmut Hummel)
2015-06-23 25aa461 #67466 [TASK] Improve "Overwrite files" m=
essage (Alina Fleser)
2015-06-22 8d2fc92 #67620 [BUGFIX] Illegal string offset in =
DataPreprocessor (Wouter Wolters)
2015-06-22 2f9eca0 #24858 [BUGFIX] "fixed_lgd_cs" may crash =
in eID environment (Benjamin Mack)
2015-06-22 396595f #67563 [BUGFIX] Render correct menu item =
for broken shortcut (Andreas Wolf)
2015-06-21 0d0b502 #23270 [BUGFIX] Correctly handle forceTyp=
eValue =3D 0 (Benjamin Mack)
2015-06-20 75114d6 #22774 [BUGFIX] Sorting ignored in "Templ=
ate Overview" (Reinhard F=FChricht)
2015-06-19 ec1d0cb #67413 [BUGFIX] Don't force lowercase on =
SQL SET() values (Stephan Gro=DFberndt)
2015-06-18 af4c2a0 #66352 [BUGFIX] Properly resolve link for=
mat to page type (Daniel Schmidt)
2015-06-18 e903c84 #67432 [BUGFIX] Check if file exists befo=
re deletion (Christoph Lehmann)
2015-06-18 88f3653 #67543 [BUGFIX] Fix check for import / ex=
port folder (Alexander Stehlik)
2015-06-18 9e228bc #67599 [BUGFIX] Use single quotes for pas=
sword check (Andreas Fernandez)
2015-06-18 28bdc45 #65563 [BUGFIX] File metadata can't be ed=
ited inline (Benjamin Mack)
2015-06-18 ee8c8b9 #67586 [TASK] Add basic unit tests for Co=
ntentObjectRenderer::typoLink (Nicole Cordes)
2015-06-17 0b7dee6 #56296 [BUGFIX] Properly escape option va=
lue for groups (Wouter Wolters)
2015-06-17 77ac8f2 #64654 [BUGFIX] Fix SQL error on recursiv=
e TypoScript template inclusion (Andreas Fernandez)
2015-06-17 856ca19 #60261 [BUGFIX] Add "tx_felogin" folder i=
n "uploads" folder during install (Jonathan IROULIN)
2015-06-16 d4ee83c #53034 [BUGFIX] Always use MCRYPT_DEV_URA=
NDOM if using mcrypt (Helmut Hummel)
2015-06-15 4eff898 #67463 [BUGFIX] Scheduler now throws OutO=
fBoundsException on SQL query error (Mathias Schreiber)
2015-06-15 c90515e #64429 [TASK] Remove version number from =
generator tag (Wouter Wolters)
2015-06-11 af1b31b #67408 [TASK] Nail down php 5.6 instantia=
tion issues in tests (Christian Kuhn)
2015-06-10 0d91bf6 #67383 [BUGFIX] Check $http_response_head=
ers in GeneralUtility::getUrl() (Andreas Fernandez)
|
|
lang/php56: security update
Revisions pulled up:
- lang/php/phpversion.mk 1.105
- lang/php56/Makefile 1.7
- lang/php56/distinfo 1.13
- lang/php56/patches/patch-ext_spl_spl__heap.c deleted
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jul 11 00:31:01 UTC 2015
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php56: Makefile distinfo
Removed Files:
pkgsrc/lang/php56/patches: patch-ext_spl_spl__heap.c
Log Message:
Update php56 to 5.6.11.
10 Jul 2015, PHP 5.6.11
- Core:
. Fixed bug #69768 (escapeshell*() doesn't cater to !). (cmb)
. Fixed bug #69703 (Use __builtin_clzl on PowerPC).
(dja at axtens dot net, Kalle)
. Fixed bug #69732 (can induce segmentation fault with basic php code).
(Dmitry)
. Fixed bug #69642 (Windows 10 reported as Windows 8).
(Christian Wenz, Anatol Belski)
. Fixed bug #69551 (parse_ini_file() and parse_ini_string() segmentation
fault). (Christoph M. Becker)
. Fixed bug #69781 (phpinfo() reports Professional Editions of Windows
7/8/8.1/10 as "Business"). (Christian Wenz)
. Fixed bug #69740 (finally in generator (yield) swallows exception in
iteration). (Nikita)
. Fixed bug #69835 (phpinfo() does not report many Windows SKUs).
(Christian Wenz)
. Fixed bug #69892 (Different arrays compare indentical due to integer key
truncation). (Nikita)
. Fixed bug #69874 (Can't set empty additional_headers for mail()), regression
from fix to bug #68776. (Yasuo)
- GD:
. Fixed bug #61221 (imagegammacorrect function loses alpha channel). (cmb)
- GMP:
. Fixed bug #69803 (gmp_random_range() modifies second parameter if GMP
number). (Nikita)
- PCRE:
. Fixed Bug #53823 (preg_replace: * qualifier on unicode replace garbles the
string). (cmb)
. Fixed bug #69864 (Segfault in preg_replace_callback) (cmb, ab)
- PDO_pgsql:
. Fixed bug #69752 (PDOStatement::execute() leaks memory with DML
Statements when closeCuror() is u). (Philip Hofstetter)
. Fixed bug #69362 (PDO-pgsql fails to connect if password contains a
leading single quote). (Matteo)
. Fixed bug #69344 (PDO PgSQL Incorrect binding numeric array with gaps).
(Matteo)
- SimpleXML:
. Refactored the fix for bug #66084 (simplexml_load_string() mangles empty
node name). (Christoph Michael Becker)
- SPL:
. Fixed bug #69737 (Segfault when SplMinHeap::compare produces fatal error).
(Stas)
. Fixed bug #67805 (SplFileObject setMaxLineLength). (Willian Gustavo Veiga).
. Fixed bug #69970 (Use-after-free vulnerability in
spl_recursive_it_move_forward_ex()). (Laruence)
- Sqlite3:
. Fixed bug #69972 (Use-after-free vulnerability in
sqlite3SafetyCheckSickOrOk()). (Laruence)
|
|
lang/php55: security update
Revisions pulled up:
- lang/php/phpversion.mk 1.104
- lang/php55/Makefile 1.22
- lang/php55/distinfo 1.43
- lang/php55/patches/patch-ext_spl_spl__heap.c deleted
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jul 11 00:30:11 UTC 2015
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php55: Makefile distinfo
Removed Files:
pkgsrc/lang/php55/patches: patch-ext_spl_spl__heap.c
Log Message:
Update php55 to 5.5.27.
09 Jul 2015, PHP 5.5.27
- Core:
. Fixed bug #69768 (escapeshell*() doesn't cater to !). (cmb)
. Fixed bug #69703 (Use __builtin_clzl on PowerPC).
(dja at axtens dot net, Kalle)
. Fixed bug #69732 (can induce segmentation fault with basic php code).
(Dmitry)
. Fixed bug #69642 (Windows 10 reported as Windows 8).
(Christian Wenz, Anatol Belski)
. Fixed bug #69551 (parse_ini_file() and parse_ini_string() segmentation
fault). (Christoph M. Becker)
. Fixed bug #69781 (phpinfo() reports Professional Editions of Windows
7/8/8.1/10 as "Business"). (Christian Wenz)
. Fixed bug #69835 (phpinfo() does not report many Windows SKUs).
(Christian Wenz)
. Fixed bug #69892 (Different arrays compare indentical due to integer key
truncation). (Nikita)
. Fixed bug #69874 (Can't set empty additional_headers for mail()), regression
from fix to bug #68776. (Yasuo)
- GD:
. Fixed bug #61221 (imagegammacorrect function loses alpha channel). (cmb)
- Mysqlnd:
. Fixed bug #69669 (mysqlnd is vulnerable to BACKRONYM) (CVE-2015-3152).
(Andrey)
- PCRE:
. Fixed Bug #53823 (preg_replace: * qualifier on unicode replace garbles the
string). (cmb)
. Fixed bug #69864 (Segfault in preg_replace_callback) (cmb, ab)
- PDO_pgsql:
. Fixed bug #69752 (PDOStatement::execute() leaks memory with DML
Statements when closeCuror() is u). (Philip Hofstetter)
. Fixed bug #69362 (PDO-pgsql fails to connect if password contains a
leading single quote). (Matteo)
. Fixed bug #69344 (PDO PgSQL Incorrect binding numeric array with gaps).
(Matteo)
- Phar:
. Fixed bug #69958 (Segfault in Phar::convertToData on invalid file). (Stas)
. Fixed bug #69923 (Buffer overflow and stack smashing error in
phar_fix_filepath). (Stas)
- SimpleXML:
. Refactored the fix for bug #66084 (simplexml_load_string() mangles empty
node name). (Christoph Michael Becker)
- SPL:
. Fixed bug #69737 (Segfault when SplMinHeap::compare produces fatal error).
(Stas)
. Fixed bug #67805 (SplFileObject setMaxLineLength). (Willian Gustavo Veiga).
|
|
lang/php54: security update
Revisions pulled up:
- lang/php/phpversion.mk 1.103
- lang/php54/Makefile 1.30
- lang/php54/distinfo 1.61
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jul 11 00:29:17 UTC 2015
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php54: Makefile distinfo
Log Message:
Update php54 to 5.4.43.
09 Jul 2015 PHP 5.4.43
- Core:
. Fixed bug #69768 (escapeshell*() doesn't cater to !). (cmb)
. Fixed bug #69874 (Can't set empty additional_headers for mail()), regression
from fix to bug #68776. (Yasuo)
- Mysqlnd:
. Fixed bug #69669 (mysqlnd is vulnerable to BACKRONYM) (CVE-2015-3152).
(Andrey)
- Phar:
. Fixed bug #69958 (Segfault in Phar::convertToData on invalid file). (Stas)
. Fixed bug #69923 (Buffer overflow and stack smashing error in
phar_fix_filepath). (Stas)
|
|
security/openssh: security update
Revisions pulled up:
- security/openssh/Makefile 1.233
- security/openssh/distinfo 1.92-1.93
- security/openssh/options.mk 1.30
- security/openssh/patches/patch-Makefile.in 1.4
- security/openssh/patches/patch-auth-passwd.c 1.2
- security/openssh/patches/patch-auth-rhosts.c 1.2
- security/openssh/patches/patch-auth.c 1.3
- security/openssh/patches/patch-auth1.c 1.3
- security/openssh/patches/patch-auth2.c 1.4
- security/openssh/patches/patch-channels.c 1.2
- security/openssh/patches/patch-clientloop.c 1.2
- security/openssh/patches/patch-compat.c deleted
- security/openssh/patches/patch-config.h.in 1.4
- security/openssh/patches/patch-configure deleted
- security/openssh/patches/patch-configure.ac 1.4
- security/openssh/patches/patch-defines.h 1.3
- security/openssh/patches/patch-includes.h 1.3
- security/openssh/patches/patch-openbsd-compat_openbsd-compat.h 1.3
- security/openssh/patches/patch-openbsd-compat_port-tun.c 1.2
- security/openssh/patches/patch-platform.c 1.4
- security/openssh/patches/patch-scp.c 1.3
- security/openssh/patches/patch-session.c 1.4
- security/openssh/patches/patch-ssh.c 1.4
- security/openssh/patches/patch-sshconnect.c deleted
- security/openssh/patches/patch-sshd.8 1.1
- security/openssh/patches/patch-sshd.c 1.4
- security/openssh/patches/patch-sshpty.c 1.2
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Jul 9 16:14:24 UTC 2015
Modified Files:
pkgsrc/security/openssh: Makefile distinfo options.mk
pkgsrc/security/openssh/patches: patch-Makefile.in patch-auth-passwd.c
patch-auth-rhosts.c patch-auth.c patch-auth1.c patch-auth2.c
patch-channels.c patch-clientloop.c patch-config.h.in
patch-configure.ac patch-defines.h patch-includes.h
patch-openbsd-compat_openbsd-compat.h
patch-openbsd-compat_port-tun.c patch-platform.c patch-scp.c
patch-session.c patch-ssh.c patch-sshd.c patch-sshpty.c
Added Files:
pkgsrc/security/openssh/patches: patch-sshd.8
Removed Files:
pkgsrc/security/openssh/patches: patch-compat.c patch-configure
patch-sshconnect.c
Log Message:
Update openssh to 6.9.1 (OpenSSH 6.9p1) which contains security fix.
pkgsrc change:
* tcp_wrappers support was removed from release 6.7, but add it refering
FreeBSD's ports.
* hpn-patch is also based on FreeBSD's ports.
Security
--------
* ssh(1): when forwarding X11 connections with ForwardX11Trusted=no,
connections made after ForwardX11Timeout expired could be permitted
and no longer subject to XSECURITY restrictions because of an
ineffective timeout check in ssh(1) coupled with "fail open"
behaviour in the X11 server when clients attempted connections with
expired credentials. This problem was reported by Jann Horn.
* ssh-agent(1): fix weakness of agent locking (ssh-add -x) to
password guessing by implementing an increasing failure delay,
storing a salted hash of the password rather than the password
itself and using a timing-safe comparison function for verifying
unlock attempts. This problem was reported by Ryan Castellucci.
For more information, please refer release announce.
http://www.openssh.com/txt/release-6.9
http://www.openssh.com/txt/release-6.8
http://www.openssh.com/txt/release-6.7
---
Module Name: pkgsrc
Committed By: dsainty
Date: Fri Jul 10 07:00:29 UTC 2015
Modified Files:
pkgsrc/security/openssh: distinfo
Log Message:
Remove dangling stale hash for patch-sshconnect.c
|
|
|
|
security/openssl: security update
Revisions pulled up:
- security/openssl/Makefile 1.210
- security/openssl/PLIST.common 1.25
- security/openssl/distinfo 1.115
---
Module Name: pkgsrc
Committed By: wiz
Date: Thu Jul 9 13:37:56 UTC 2015
Modified Files:
pkgsrc/security/openssl: Makefile PLIST.common distinfo
Log Message:
Update to 1.0.2d:
Major changes between OpenSSL 1.0.2c and OpenSSL 1.0.2d [9 Jul 2015]
o Alternate chains certificate forgery (CVE-2015-1793)
|
|
|
|
net/bind910: security update
Revisions pulled up:
- net/bind910/Makefile 1.9
- net/bind910/distinfo 1.7
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 7 22:26:42 UTC 2015
Modified Files:
pkgsrc/net/bind910: Makefile distinfo
Log Message:
Update bind910 to 9.10.2pl2.
--- 9.10.2-P2 released ---
4138. [bug] An uninitialized value in validator.c could result
in an assertion failure. (CVE-2015-4620) [RT #39795]
|
|
net/bind99: security update
Revisions pulled up:
- net/bind99/Makefile 1.45
- net/bind99/distinfo 1.29
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 7 22:25:35 UTC 2015
Modified Files:
pkgsrc/net/bind99: Makefile distinfo
Log Message:
Update bind99 to 9.9.7pl1 (BIND 9.9.7-P1).
--- 9.9.7-P1 released ---
4138. [bug] An uninitialized value in validator.c could result
in an assertion failure. (CVE-2015-4620) [RT #39795]
|
|
textproc/libxml2: security patch
Revisions pulled up:
- textproc/libxml2/Makefile 1.138
- textproc/libxml2/distinfo 1.107
- textproc/libxml2/patches/patch-HTMLparser.c 1.1
---
Module Name: pkgsrc
Committed By: he
Date: Fri Jul 3 18:55:46 UTC 2015
Modified Files:
pkgsrc/textproc/libxml2: Makefile distinfo
Added Files:
pkgsrc/textproc/libxml2/patches: patch-HTMLparser.c
Log Message:
Apply the patch for arbitrary-memory-access vulnerability as reported
in https://bugzilla.gnome.org/show_bug.cgi?id=746048.
Bump PKGREVISION.
|
|
net/ntp4: security update
Revisions pulled up:
- net/ntp4/Makefile 1.87
- net/ntp4/PLIST 1.19
- net/ntp4/distinfo 1.22
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jun 30 16:08:21 UTC 2015
Modified Files:
pkgsrc/net/ntp4: Makefile PLIST distinfo
Log Message:
Update ntp4 to 4.2.8p3.
Please refer NEWS and ChangeLog for full changes.
NTP 4.2.8p3 (Harlan Stenn <stenn@ntp.org>, 2015/06/29)
Focus: 1 Security fix. Bug fixes and enhancements. Leap-second improvements.
Severity: MEDIUM
Security Fix:
* [Sec 2853] Crafted remote config packet can crash some versions of
ntpd. Aleksis Kauppinen, Juergen Perlinger, Harlan Stenn.
Under specific circumstances an attacker can send a crafted packet to
cause a vulnerable ntpd instance to crash. This requires each of the
following to be true:
1) ntpd set up to allow remote configuration (not allowed by default), and
2) knowledge of the configuration password, and
3) access to a computer entrusted to perform remote configuration.
This vulnerability is considered low-risk.
New features in this release:
Optional (disabled by default) support to have ntpd provide smeared
leap second time. A specially built and configured ntpd will only
offer smeared time in response to client packets. These response
packets will also contain a "refid" of 254.a.b.c, where the 24 bits
of a, b, and c encode the amount of smear in a 2:22 integer:fraction
format. See README.leapsmear and http://bugs.ntp.org/2855 for more
information.
*IF YOU CHOOSE TO CONFIGURE NTPD TO PROVIDE LEAP SMEAR TIME*
*BE SURE YOU DO NOT OFFER THAT TIME ON PUBLIC TIMESERVERS.*
We've imported the Unity test framework, and have begun converting
the existing google-test items to this new framework. If you want
to write new tests or change old ones, you'll need to have ruby
installed. You don't need ruby to run the test suite.
|
|
|
|
textproc/latex2html: bug fix patch
Revisions pulled up:
- textproc/latex2html/Makefile 1.45
- textproc/latex2html/distinfo 1.12
- textproc/latex2html/patches/patch-aa 1.2
---
Module Name: pkgsrc
Committed By: joerg
Date: Sun Jul 5 12:42:14 UTC 2015
Modified Files:
pkgsrc/textproc/latex2html: Makefile distinfo
pkgsrc/textproc/latex2html/patches: patch-aa
Log Message:
Fix latex2html for Perl 5.22. Bump revision.
|
|
mail/isync: bug fix patch
Revisions pulled up:
- mail/isync/Makefile 1.37
- mail/isync/distinfo 1.14
- mail/isync/patches/patch-src_socket.c 1.3
---
Module Name: pkgsrc
Committed By: bsiegert
Date: Sat Jul 4 15:52:51 UTC 2015
Modified Files:
pkgsrc/mail/isync: Makefile distinfo
Added Files:
pkgsrc/mail/isync/patches: patch-src_socket.c
Log Message:
Fix crashing bug in mbsync on NetBSD 6. From Enami Tsugutumo in
PR pkg/49784.
|
|
print/cups-filters: security update
Revisions pulled up:
- print/cups-filters/Makefile 1.23-1.24
- print/cups-filters/distinfo 1.18-1.19
- print/cups-filters/patches/patch-configure.ac deleted
- print/cups-filters/patches/patch-filter_foomatic-rip_foomaticrip.c deleted
---
Module Name: pkgsrc
Committed By: wiz
Date: Wed Jul 1 15:31:34 UTC 2015
Modified Files:
pkgsrc/print/cups-filters: Makefile distinfo
Removed Files:
pkgsrc/print/cups-filters/patches: patch-configure.ac
patch-filter_foomatic-rip_foomaticrip.c
Log Message:
Update to 1.0.70, provided by Leonardo Taccari in PR 50013:
Changes:
- texttopdf: Fixed buffer overflow on size allocation of texttopdf
when working with extremely small line sizes, which causes the size
calculation to result in 0 (CVE-2015-3258, thanks to Stefan
Cornelius fro Red Hat for the patch).
- cups-browsed: leak fixes
- cups-browsed: Further BrowseAllow fixing
- cups-browsed: BrowsePoll is an array of pointers, not structures,
so allocate room for the pointers
- cups-browsed: Prevent NULL dereference when handling BrowseAllow
without value
- cups-browsed: Use memory deallocation function corresponding to
allocation function used
- cups-browsed: Fixes for glib source handling (Red Hat bug #1228555)
- foomatic-rip: Allow using another shell than /bin/bash using the
"--with-shell=..." option for "./configure". Thanks to Leonardo
Taccari for the patch (Bug #1288).
---
Module Name: pkgsrc
Committed By: wiz
Date: Fri Jul 3 12:25:13 UTC 2015
Modified Files:
pkgsrc/print/cups-filters: Makefile distinfo
Log Message:
Update to 1.0.71:
CHANGES IN V1.0.71
- texttopdf: The Page allocation is moved into textcommon.c, where it
does all the necessary checking: lower-bounds for CVE-2015-3258 and
upper-bounds for CVE-2015-3259 due to integer overflows for the
calloc() call initialising Page[0] and the memset() call in
texttopdf.c's WritePage() function zeroing the entire array. Thanks
to Tim Waugh from Red Hat for the patch.
- texttopdf: Upper-bounds checking (CVE-2015-3259).
|
|
|
|
net/p5-DNS-LDNS: build fix
Revisions pulled up:
- net/p5-DNS-LDNS/Makefile 1.5
---
Module Name: pkgsrc
Committed By: joerg
Date: Fri Jul 3 12:47:16 UTC 2015
Modified Files:
pkgsrc/net/p5-DNS-LDNS: Makefile
Log Message:
Don't use PKGVERSION, the infrastructure already does. Also avoid
DISTVERSION, it doesn't really make it any simpler or more obvious.
|
|
|
|
lang/tcl: crash fixes
Revisions pulled up:
- lang/tcl/Makefile 1.79
- lang/tcl/distinfo 1.66
- lang/tcl/patches/patch-pkgs_itcl4.0.3_configure 1.2
- lang/tcl/patches/patch-pkgs_sqlite3.8.8.3_configure 1.2
- lang/tcl/patches/patch-pkgs_tdbc1.0.3_configure 1.2
- lang/tcl/patches/patch-pkgs_tdbcmysql1.0.3_configure 1.2
- lang/tcl/patches/patch-pkgs_tdbcodbc1.0.3_configure 1.2
- lang/tcl/patches/patch-pkgs_tdbcpostgres1.0.3_configure 1.2
- lang/tcl/patches/patch-pkgs_thread2.7.2_configure 1.2
- lang/tcl/patches/patch-unix_configure 1.8
---
Module Name: pkgsrc
Committed By: joerg
Date: Mon Jun 29 09:49:51 UTC 2015
Modified Files:
pkgsrc/lang/tcl: Makefile distinfo
pkgsrc/lang/tcl/patches: patch-pkgs_itcl4.0.3_configure
patch-pkgs_sqlite3.8.8.3_configure patch-pkgs_tdbc1.0.3_configure
patch-pkgs_tdbcmysql1.0.3_configure
patch-pkgs_tdbcodbc1.0.3_configure
patch-pkgs_tdbcpostgres1.0.3_configure
patch-pkgs_thread2.7.2_configure patch-unix_configure
Log Message:
Spell --export-dynamic correctly. Do not use gethostbyname_r on NetBSD.
Bump revision.
|
|
|
|
www/nginx: build fix
Revisions pulled up:
- www/nginx/distinfo 1.46
---
Module Name: pkgsrc
Committed By: nils
Date: Tue Jun 30 07:38:08 UTC 2015
Modified Files:
pkgsrc/www/nginx: distinfo
Log Message:
Added back missing checksums, PR pkg/50007
|
|
|
|
|
|
buildlink3.mk files.
|
|
lang/php54 5.4.42nb1
lang/php55 5.5.26nb1
lang/php56 5.6.10nb1
|
|
Bump PKGREVISION.
|
|
|
|
gcc48-4.8.5, git-base-2.4.5, gtexinfo-6.0, libetonyek-0.1.3,
liblangtag-0.5.7, mame-0.163, mono-4.0.2.5, musicpd-0.19.10,
pango-1.37.1, pspp-0.8.5, py-setuptools-18.0.1, py-test-2.7.2,
raine-0.64.5, socat-1.7.3.0 [pkg/49996], waf-1.8.11, x264-devel-20150627,
xf86-input-vmmouse-13.1.0 [wiz].
|
|
Now, if defined(%foo) is an error, and one must use if %foo.
|
|
|
|
|
|
will work comfortable within a 2GB limit.
|
|
not tried.
|
|
|
|
Pointed out by bsiegert@
|
|
|
|
|
|
modern code without such nonsense. Fix definition inconsistency.
|
|
|
|
|
|
the build, but it gets further now.
|
|
NB: I'm not game enough to do it in the freeze, but it looks like the
JVM version detection patching could be removed - it appears no longer
necessary now that Pkgsrc passes in the correct RXTX_PATH and JHOME_PATH
itself. At any rate, adding version 8 is not required for the oracle-jdk8
build to complete smoothly.
|
|
-apache-mpm-worker is set.
And fix PLIST mismatch error.
|
|
|
|
multiplication
|