| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Changes since 1.2.4:
Bugfixes:
* The following vulnerabilities have been fixed. See the security advisory
for details and a workaround.
* The Daintree SNA file parser could overflow a buffer. (Bug 4294)
* The SMB and SMB2 dissectors could crash. (Bug 4301)
* The IPMI dissector could crash on Windows. (Bug 4319)
* Wireshark does not graph rtp streams. (Bug 3801)
* Wireshark showing extraneous data in a TCP stream. (Bug 3955)
* Wrong decoding of gtp.target identification. (Bug 3974)
* TTE dissector bug. (Bug 4247)
* Upper case in Lua pref symbol causes Wireshark to crash. (Bug 4255)
* OpenBSD 4.5 build fails at epan/dissectors/packet-rpcap.c. (Bug 4258)
* Incorrect display of stream data using "Follow tcp stream" option. (Bug 4288)
* Custom RADIUS dictionary can cause a crash. (Bug 4316)
Updated Protocol Support:
* DAP, eDonkey, GTP, IPMI, MIP, RADIUS, RANAP, SMB, SMB2, TCP, TTE, VNC,
X.509sat
Updated Capture File Support:
* Daintree SNA.
|
|
|
|
help2man-1.37.1, ikiwiki-3.20091218, ktorrent3-3.3.2, libgdiplus-2.6,
mono-2.6.1, p5-Any-Moose-0.11, p5-DBD-postgresql-2.16.0,
p5-Error-0.17016, p5-IMDB-Film-0.43, p5-JSON-2.16, p5-MailTools-2.05,
p5-Mouse-0.45, p5-Pod-Simple-3.13, p5-WWW-Curl-4.11, py-anita-1.9,
py-icalendar-2.1, qemu-0.12.0, redland-1.0.10.1, rftg-0.6.0,
scmgit-base-1.6.5.7, scmgit-docs-1.6.5.7, t-prot-2.8, uim-1.5.7
[pkg/42481], wordpress-2.9, x264-devel-20091219.
|
|
|
|
as temporary directory, use a directory in the builddir.
|
|
|
|
remove of www/opengoo.
|
|
|
|
Approved by wiz@
Feng Office formerly known as OpenGoo is an easy to use Open
Source Web Office.
Manage tasks, documents, contacts, e-mail, calendar, and more...
Manage project progress, track time, and bill your customers.
Access all information from a single and elegant dashboard.
Communicate with co-workers, clients and vendors.
|
|
PKGREVISION of libtool to 3 and require it as a dependency.
|
|
This makes f2c work. Bump PKGREVISION.
The default CPP points to gcc, which broke f2c because gcc is unable to
preprocess Fortran files as the Fortran compiler is not installed.
Surprisingly, /usr/bin/cpp is just a wrapper around gcc, but it explicitly
passes '-x c' to cpp to force the language to be C and bypass the .F
extension.
|
|
|
|
|
|
hashes to files on a (not mounted) data CD/DVD): limit the buffer
size to 32k, otherwise physio()/MAXPHYS strikes
being here, add typecasts in some isspace(char) cases
bump PKGREVISION
|
|
|
|
|
|
package.
|
|
|
|
Major changes between sudo 1.7.2p1 and 1.7.2p2:
* Fixed a a bug where the negation operator in a Cmnd_List
was not being honored.
* Sudo no longer produces a parse error when #includedir references
a directory that contains no valid filenames.
* The sudo.man.pl and sudoers.man.pl files are now included in
the distribution for people who wish to regenerate the man pages.
* Fixed the emulation of krb5_get_init_creds_opt_alloc() for MIT kerberos.
* When authenticating via PAM, set PAM_RUSER and PAM_RHOST early so
they can be used during authentication.
|
|
www/typolight26 2.6.7nb3
www/typolight27 2.7.6
|
|
Only security updates: http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html.
|
|
http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html.
Bump PKGREVISION.
|
|
cherokee-0.99.37, eog-2.28.2, epiphany-2.28.2 [GNOME 2.28],
etm-423, gdm-2.28.2 [GNOME 2.28], gnome-desktop-2.28.2,
gnome-games-2.28.2, gnome-system-tools-2.28.2 [GNOME 2.28],
gnome-user-docs-2.28.2 [GNOME 2.28], gtk-doc-1.13, librep-0.90.4,
mathomatic-15.0.1, openbox-3.4.9, puzzles-8785, rasqal-0.9.17,
redland-1.0.10, rep-gtk-0.90.1, scilab-5.2.0, solfege-3.14.10,
system-tools-backends-2.8.3 [needs polkit>=1.0?|GNOME 2.28],
vala-0.7.9, wine-devel-1.1.35, wireshark-1.2.5.
|
|
webkit-1.1.15.4, xbiff-1.0.2, xcalc-1.0.3, xeyes-1.1.0.
* viewres-1.0.2 isn't packaged yet.
* I'm working on php5-5.2.12.
|
|
|
|
(zlib/bzip2/lzo/lzma and enabled by default for former two).
LZO and LZMA supports are exclusive, optional and should be selected by
user's use-case (priority of data compression ratio, compression speed,
or so on).
Furthermore, Tokyocabinet uses archives/lzmalib for lzma support, but lzmalib
conflicts with archivers/xz.
It means if tokyocabinet is installed with lzma, failed to install xz,
and result in failure of "make extract" for packages using .lzma/.xz distfiles.
This issue also resolved by optionify lzma support and disabled by default.
This changes also make tokyocabinet ABI changes, so bump PKGREVISION
and recursive bump.
OKed to commit in freeze by wiz@.
|
|
Workaround of PR#42379, broken nbpatch package on SUA 6.1.
|
|
|
|
|
|
* www/drupal 5.21
* www/drupal6 6.15
|
|
Drupal 6.15, 2009-12-16
----------------------
- Fixed security issues (Cross site scripting), see SA-CORE-2009-009.
- Fixed a variety of other bugs.
other pkgsrc changes:
* Add PKG_DESTDIR_SUPPORT spport.
* Use REPLACE_INTERPRETER.
* Change default.settings.php handling to fix PR pkg/42355.
|
|
Drupal 5.21, 2009-12-16
-----------------------
- Fixed a security issue (Cross site scripting), see SA-CORE-2009-009.
- Fixed a variety of small bugs.
|
|
From Goetz Isenmann via private mail.
|
|
NetBSD. Install a prestine install.sh to not leak our modifications
into packages. Bump revision.
|
|
aren't used if the "cups" option is not set (which means that cups
is not a dependency)
|
|
|
|
an "idea" option, but that was removed more than a year ago when it
got updated from 1.2 to 1.4
The patch was was used on gnupg2 in the "idea" case was just a four-line
memory initialization fix, there is no point in LICENSE restrictions
due to this, so I've pulled it in as regular patch so that it doesn't
get lost for the case someone fixes idea support in libgcrypt
(which isn't hard).
|
|
|
|
1.2.36 fixed AST-2009-008, and 1.2.37 fixed AST-2009-010. The
problem in AST-2009-008 is:
-----
It is possible to determine if a peer with a specific name is
configured in Asterisk by sending a specially crafted REGISTER
message twice. The username that is to be checked is put in the
user portion of the URI in the To header. A bogus non-matching
value is put into the username portion of the Digest in the
Authorization header. If the peer does exist the second REGISTER
will receive a response of "403 Authentication user name does not
match account name". If the peer does not exist the response will
be "404 Not Found" if alwaysauthreject is disabled and "401
Unauthorized" if alwaysauthreject is enabled.
-----
And, the problem in AST-2009-010 is:
-----
An attacker sending a valid RTP comfort noise payload containing
a data length of 24 bytes or greater can remotely crash Asterisk.
-----
|
|
changes:
-minor fixes
-build uses autoconf
supports DESTDIR now
|
|
From Rumko <rumcic at gmail.com> via private mail.
|
|
|
|
|
|
Somewhat more than 11 rooms later... PKG_DESTDIR_SUPPORT
|
|
|
|
|
|
|
|
|
|
|
