| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
chat/weechat: security fix
Revisions pulled up:
- chat/weechat/Makefile 1.73
- chat/weechat/distinfo 1.42
---
Module Name: pkgsrc
Committed By: maya
Date: Tue Apr 25 19:50:21 UTC 2017
Modified Files:
pkgsrc/chat/weechat: Makefile distinfo
Log Message:
weechat: update to 1.7.1.
bugfix release fixing CVE-2017-8073: Buffer overflow when removing quotes
in DCC filename.
|
|
chat/gajim: build fix
Revisions pulled up:
- chat/gajim/Makefile 1.34
- chat/gajim/options.mk 1.9
---
Module Name: pkgsrc
Committed By: riastradh
Date: Sat Apr 8 18:08:53 UTC 2017
Modified Files:
pkgsrc/chat/gajim: Makefile options.mk
Log Message:
dbus is optional in gajim.
|
|
2.12.3 (2016-10-22)
* fix crash with bad translations
* fix crash and leaks in mpcinfo plugin
* add mhop command
* change ping timeout to 60 by default
* update translations
2.12.2 (2016-10-08)
* fix input box theme with Adwaita 3.20
* fix return value of hexchat_pluginpref_get_int()
* fix tab color changing when print events are eaten
* fix network name not being sanitized for scrollback files
* fix building sysinfo on OS X <= 10.9
* fix resume with DCC GET
* fix possible assertion when decoding incoming text
* fix possible crashes when plugins modify the UI during context close
* add "chanmodes" to channel list in plugin api
* lua:
o add automatic return and = handling in console
o fix pluginpref usage
* fishlim:
o fix saving nicks containing [ or ]
o add commands: /topic+, /msg+, and /notice+
o add support for /me
o add /keyx command to do DH1080 key exchanges
* improve efficiency of various timers
* reduce updates of user count in titlebar/userlist
* download extra redist for perl on Windows
* update appdata file
* update translations
* update dependencies on Windows
This is a leaf package, and in preparation of a security fix.
"please commit" gdt@
|
|
mirror.
|
|
|
|
version 2.12.0 (03/09/2017):
libpurple:
* Fix an out of bounds memory read in purple_markup_unescape_entity.
CVE-2017-2640
* Fix use of uninitialised memory if running non-debug-enabled versions of glib
* Updated AIM dev and dist ID's to new ones that were assigned by AOL.
* TLS certificate verification now uses SHA-256 checksums.
* Fixed SASL external auth for Freenode.
* Removed the MSN protocol plugin. It has been unusable and dormant for some
time. MSNP18 has been discontinued and the protocol plugin would require a
large update to start working again. See: http://ismsndeadyet.com/ The
third-party Pidgin SkypeWeb plugin, however, should provide enough
functionality as a replacement if people still want to use MSN:
https://github.com/EionRobb/skype4pidgin/tree/master/skypeweb
* Removed Mxit protocol plugin. The service was closed at the end of
September 2016. See
https://pidgin.im/pipermail/devel/2016-September/024078.htm
* Removed the MySpaceIM protocol plugin. The service has been defunct for a
long time. (#15356)
* Remove the Yahoo! protocol plugin. Yahoo has completely
reimplemented their protocol, so this version is no longer operable as
of August 5th, 2016:
https://yahoo.tumblr.com/post/145715934739/q2-2016-progress-report-on-our-product
A new protocol plugin has been written to support the new protocol.
It can be found here: https://github.com/EionRobb/funyahoo-plusplus
This also removes support for Yahoo! Japan. According to
http://messenger.yahoo.co.jp/ the service ended March 26th, 2014.
* Remove the Facebook (XMPP) account option. According to
https://developers.facebook.com/docs/chat the XMPP Chat API service
ended April 30th, 2015. A new protocol plugin has been written,
using a different method, to support Facebook. It can be found at
https://github.com/dequis/purple-facebook/wiki
* Fixed gnutls certificate validation errors that mainly affected google (Dequis)
General
* Replaced instances of d.pidgin.im with developer.pidgin.im and updated the
urls to use https. (#17036)
IRC
* Fixed issue of messages being silently cut off at 500 characters. Large
messages are now split into parts and sent one by one. (#4753)
|
|
I'm not sure what I did differently before that it wasn't building.
|
|
|
|
build, and this update includes a security fix.
v1.0.2 2017-03-10 The Irssi team <staff@irssi.org>
- Prevent some null-pointer crashes (GL!9).
- Fix compilation with OpenSSL 1.1.0 (#628, #597).
- Correct dereferencing of already freed server objects during
output of netjoins. Found by APic (GL!10, GL#7).
- Fix in command arg parser to detect missing arguments in tail place
(#652, #651).
- Fix regression that broke incoming DCC file transfers (#667, #656).
- Fix issue with escaping \ in evaluated strings (#669, #520).
|
|
|
|
version 2.11.0 (06/21/2016):
General:
* 2.10.12 was accidentally released with new additions to the API and
should have been released as 2.11.0. Unfortunately, we did not catch
the mistake until after 2.10.12 was released, but we're fixing it now.
See ChangeLog.API for more information.
* Include the Mozilla certificate bundle. This fixes connecting to servers
with certificates from Let's Encrypt.
* Remove all 1024-bit CAs
libpurple:
* media: fix an issue with ximagesink displaying only a corner cut-out of
a larger webcam video (Jakub Adam)
* mediamanager: update output window destruction so that it reflects recent
changes in the media pipeline structure (Jakub Adam)
* Ported Instantbird's CommandUiOps to libpurple (Dequis)
Pidgin:
* Fixed #14962
* Fixed alignment of incoming right-to-left messages in protocols that
don't support rich text
* Fix a potential crash while exiting pidgin
Windows-Specific Changes:
* Use getaddrinfo for DNS to enable IPv6 (#1075)
* Updates to dependencies:
* NSS 3.24 and NSPR 4.12.
AIM:
* Add support for the newer kerberos-based authentication of AIM 8.x
Bonjour
* Fixed building on Mac OSX (Patrick Cloke) (#16883)
ICQ:
* Stop truncating passwords to 8 characters like old ICQ clients did.
(#16692). If you actually needed this, truncate your password
manually by pressing backspace a few times.
IRC:
* Base64-decode SASL messages before passing to libsasl (#16268)
MXit
* Fixed a buffer overflow. Discovered by Yves Younan of Cisco Talos.
(TALOS-CAN-0120)
* Fixed a remote out-of-bounds read. Discovered by Yves Younan of Cisco
Talos. (TALOS-CAN-0140)
* Fixed a remote out-of-band read. Discovered by Yves Younan of Cisco
Talos. (TALOS-CAN-0138, TALOS-CAN-0135)
* Fixed an invalid read. Discovered by Yves Younan of Cisco Talos
(TALOS-CAN-0118)
* Fixed a remote buffer overflow vulnerability. Discovered by Yves
Younan of Cisco Talos. (TALOS-CAN-0119)
* Fixed an out-of-bounds read discovered by Yves Younan of Cisco Talos.
(TALOS-CAN-0123)
* Fixed a directory traversal issue. Discovered by Yves Younan of Cisco
Talos (TALOS-CAN-0128)
* Fixed a remote denial of service vulnerability that could result in
a null pointer dereference. Discovered by Yves Younan of Cisco Talos.
(TALOS-CAN-0133)
* Fixed a remote denial of service that could result in an out-of-bounds
read. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0134)
* Fixed multiple remote buffer overflows. Discovered by Yves Younan of
Cisco Talos. (TALOS-CAN-0136)
* Fixed a remote NULL pointer dereference. Discovered by Yves Younan of
Cisco Talos (TALOS-CAN-0137)
* Fixed a remote code execution issue discovered by Yves Younan of Cisco
Talos. (TALOS-CAN-0142)
* Fixed a remote denial of service vulnerability in contact mood
handling. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0141)
* Fixed a remote out-of-bounds write vulnerability. Discovered by Yves
Younan of Cisco Talos. (TALOS-CAN-0139)
* Fix a remote out-of-bounds read. Discovered by Yves Younan of Cisco
Talos. (TALOS-CAN-0143)
|
|
0.9.12
- Dependencies: Fix certificate verification failures when using
LuaSec 0.6
- mod_s2s: Lower log message to 'warn' level, standard for
remotely-triggered protocol issues
- certs/Makefile: Remove -c flag from chmod call (a GNU extension)
- Networking: Prevent writes after a handler is closed
0.9.11
- HTTP parser: Improve buffering of incoming HTTP data and add size
limits
- sessionmanager: Fix for an issue which caused people to be kicked
from conferences if mod_smacks was enabled
- Dependencies: Workaround for compatibility with LuaSec 0.6
- MUC: Accept missing form as "instant room" request
- C2S: Fix issues with destroying disconnected connections
- mod_privacy: Fix selection of the top resource(s)
- mod_presence: Make sure both users get each others presence after
adding each other
- mod_http_files: Fix traceback when serving a non-wildcard path
- mod_http_files: Preserve a trailing slash in paths
- util.datamanager: Fix error handling
- net.server_event: Fix internal socket API to allow writing from
socket.ondrain callback
- net.server_event: Fix timeout
- net.server_event: Fix traceback due to write during TLS handshake
- net.server_event: Fix buffer length check
|
|
|
|
This needs glib2 to run, and glib2 depends on perl, so no reason not to
support perl scripting here.
Requested by Dominik Bialy in PR 52008.
Bump PKGREVISION.
|
|
|
|
of PKGREVISION.
|
|
|
|
|
|
|
|
|
|
this one is build tested, not run.
|
|
|
|
v1.0.1 2017-02-03 The Irssi team <staff@irssi.org>
- Fix Perl compilation in object dir. By Martijn Dekker (#602, #623).
- Disable EC cryptography on Solaris to fix build (#604, #598).
- Fix incorrect HELP SERVER example (#606, #519).
- Correct memory leak in /OP and /VOICE. By Tim Konick (#608).
- Fix regression that broke second level completion (#613, #609).
- Correct missing NULL termination in perl_parse. By Hanno Böck (#619).
- Sync broken mail.pl script (#624, #607).
|
|
|
|
Changelog:
[[v1.7]]
== Version 1.7 (2017-01-15)
New features::
* core: add option weechat.look.align_multiline_words (issue #411, issue #802)
* core: add optional command prefix in completion templates "commands", "plugins_commands" and "weechat_commands"
* core: add optional arguments in completion template, sent to the callback
* core: add option "time" in command /debug
* api: add info "uptime" (WeeChat uptime)
* api: add info "pid" (WeeChat PID) (issue #850)
* fifo: add file fifo.conf and option fifo.file.path to customize FIFO pipe path/filename (issue #850)
* irc: add server option "usermode" (issue #377, issue #820)
* irc: add tag "self_msg" on self messages (issue #840)
Improvements::
* core, xfer: display more information on fork errors (issue #573)
* core: add a slash before commands completed in arguments of /command, /debug time, /key bind, /key bindctxt, /mute, /repeat, /wait
* core: add a warning in header of configuration files to not edit by hand (issue #851)
* alias: add a slash before commands completed in arguments of /alias
* exec: add option "-oc" in command /exec to execute commands in process output, don't execute commands by default with "-o" (issue #877)
* irc: evaluate content of server option "ssl_fingerprint" (issue #858)
* irc: change default value of option irc.network.lag_reconnect from 0 to 300 (issue #818)
* trigger: do not hide email in command "/msg nickserv register password email" (issue #849)
Bug fixes::
* core: fix deadlock when quitting after a signal SIGHUP/SIGQUIT/SIGTERM is received (issue #32)
* core: fix display of empty lines in search mode (issue #829)
* api: fix crash in function string_expand_home() when the HOME environment variable is not set (issue #827)
* exec: fix memory leak in display of process output
* irc: fix option "-temp" in command /server (issue #880)
* irc: fix close of server channels which are waiting for the JOIN when the server buffer is closed (issue #873)
* irc: fix buffer switching on manual join for forwarded channels (issue #876)
* irc: add missing tags on CTCP message sent
* lua: fix integers returned in Lua >= 5.3 (issue #834)
* relay: make HTTP headers case-insensitive for WebSocket connections (issue #888)
* relay: set status to "authentication failed" and close immediately connection in case of authentication failure in weechat and irc protocols (issue #825)
* script: reload a script after upgrade only if it was loaded, set autoload only if the script was auto-loaded (issue #855)
Build::
* core, irc, xfer: fix compilation on Mac OS X (add link with resolv) (issue #276)
* core: add build of xz package with make dist (cmake)
* tests: fix compilation of tests on FreeBSD 11.0
|
|
Most relevant changes:
Admin
- Add example api_permissions: definition to config template
- Allow old-stype mod_vcard_ldap in the config
- Fix migration of old pubsub database (migrating from 2.1.x)
- Get nodes from ejabberd_cluster instead of mnesia
- mod_configure: Fix configuration commands
Core
- Fix case clauses when using compression
- Set from/to in every routed packet
- Correctly process errors from new cyrsasl API
- Improve return values in cyrsasl API
Modules
- mod_http_bind: remove and migration code to mod_bosh
- mod_muc: Allow a subscriber to create room, then set
allow_subscription=true
- mod_muc: Support legacy muc#roomconfig values
- mod_offline: Decode message before checking for expiration
Mnesia
- Let ejabberd_mnesia handles copy_type
- Fix index processing
- Speedup table setup, no i/o if EJABBERD_SCHEMA_PATH not set
SQL
- Add SSL support for SQL connections with PostgreSQL 1.1.2+
- Cope with malformed values in 'rosterusers' SQL table
- Improve tag insertion, avoid duplication
|
|
|
|
MASTER_SITES= site1 \
site2
style continuation lines to be simple repeated
MASTER_SITES+= site1
MASTER_SITES+= site2
lines. As previewed on tech-pkg. With thanks to rillig for fixing pkglint
accordingly.
|
|
* Do not attempt to reload SM modules on SIGHUP
* Cleanup config files example
* Fixed memory leak in pgsql storage driver
* Fixed two double-frees caused by dangling pointers
* Fixed c2s logger initialization point
On NetBSD, sm receives a SIGHUP shortly after being started from rc.d,
which causes a crash. With 2.5.0, sm starts correctly on boot.
Drop MESSAGE; reading NEWS on updating is standard practice and not
special about jabberd.
|
|
Drop dependency of router, sm, s2s on c2s. This did not make sense --
none of them care if c2s runs.
c2s, s2s, and sm all connect to router. So make them depend on
router, even though in theory they should retry.
Make c2s depend on sm, because if someone tries to log in before sm is
running, they will get a failure, and some clients do not retry
correctly. Getting ECONNREFUSED connecting to c2s is more likely to
be handled correctly.
No PKGREVISION; riding the impending update.
(Tested on netbsd-6 i386 in a domU.)
|
|
thanks leot for testing!
|
|
thanks leot for testing!
|
|
v1.0.0 2017-01-03 The Irssi team <staff@irssi.org>
* Removed --disable-ipv6 (#408).
* /connect Network now aborts with an error if no servers have been
added to that network (#443).
* /dcc commands now use quotes around spaces consistently.
* bell_beeps was removed (#524, #565).
* Switch to GRegex instead of regex.h (#412).
+ irssiproxy can now forward all tags through a single
port. By Lukas Mai (mauke, #425).
+ irssiproxy can also listen on unix sockets. By Lukas Mai (#427).
+ send channel -botcmds immediately when no mask is specified (#175, #399).
+ the kill buffer now remembers consecutive kills.
New bindings were added: yank_next_cutbuffer and append_next_kill
By Todd A. Pratt (#353, #414, #455)
+ connections will avoid looking up IPv6 addresses if the machine does
not have an IPv6 address assigned (exact behaviour is implementation
defined, #410).
+ Fix potential crash if scripts insert undef values into the completion
list (#413).
+ Paste warning is now also shown on pasting overlong
lines. By Manish Goregaokar (#426).
+ autolog_ignore_targets and activity_hide_targets learn a new syntax
tag/* and * to ignore whole networks or everything.
By Jari Matilainen (vague666, #437)
+ /hilight got a -matchcase flag to hilight case
sensitively. By Thibault B (isundil, #421, #476).
+ Always build irssi with TLS support.
+ Rename SSL to TLS in the code and add -tls_* versions of the -ssl_*
options to /CONNECT and /SERVER, but make sure the -ssl_* options continue
to work.
+ Use TLS for Freenode, EFnet, EsperNet, OFTC, Rizon, and IRC6 in the default
configuration.
+ Display TLS connection information upon connect. You can disable this by
setting tls_verbose_connect to FALSE.
+ Add -tls_pinned_cert and -tls_pinned_pubkey for x509 and public key pinning.
The values needed for -tls_pinned_cert and -tls_pinned_pubkey is shown
when connecting to a TLS enabled IRC server, but you can also find the
values like this: Start by downloading the certificate from a given IRC
server:
$ openssl s_client -connect chat.freenode.net:6697 < /dev/null 2>/dev/null | \
openssl x509 > freenode.cert
Find the value for -tls_pinned_cert:
$ openssl x509 -in freenode.cert -fingerprint -sha256 -noout
Find the value for -tls_pinned_pubkey:
$ openssl x509 -in freenode.cert -pubkey -noout | \
openssl pkey -pubin -outform der | \
openssl dgst -sha256 -c | \
tr a-z A-Z
+ Remove support for DANE validation of TLS certificates.
There wasn't enough support in the IRC community to push for this on the
majority of bigger IRC networks. If you believe this should be
reintroduced into irssi, then please come up with an implementation that
does not rely on the libval library. It is causing a lot of troubles for
our downstream maintainers.
+ /names and $[...] now uses utf8 string operations. By Xavier
G. (#40, #411, #471, #480).
+ New setting completion_nicks_match_case (#488).
+ /channel /server /network now support modify subcommand. By
Jari Matilainen (#338, #498).
+ Irssi::signal_remove now works with coderefs. By Tom Feist (shabble, #512).
+ /script reset got an -autorun switch (#540, #538).
+ cap_toggle can now be called from Perl, and fields
cap_active and cap_supported can be inspected (#542).
+ Make it possible to disable empty line completion. By Lauri
Tirkkonen (lotheac, #574).
+ New option sasl_disconnect_on_failure to disconnect when
SASL log-in failed (#514).
- IP addresses are no longer stored when resolve_reverse_lookup is
used.
- Removed broken support for curses (#521).
- Removed broken dummy mode (#526).
- Fix terminal state after suspend (#450, #452).
- Improve Perl library path detection (#479, #132).
- Reconnect now works on unix connections (#493).
- Fix completion warnings (#125, #496, FS#124).
- Fix a crash in the --more-- item (#501).
- Fix a display issue in /unignore (#517, bdo#577202).
- Fix a crash in some netsplits (#529, #500).
- Fix crashes with some invalid config (#550, #551, #563, #564, #587, #581, #570).
- Add support for SASL Fragmentation. By Kenny Root (kruton, #506).
- Improve netsplit dumping (#420, #465).
- Improve responsibility under DCC I/O strain (#578, #159).
- Fix query nick change on open (#580, #586).
- Correct a few help texts.
|
|
bump PKGREVISION to ensure it is rebuilt.
|
|
bump PKGREVISION to ensure it is rebuilt.
|
|
irssi 0.8.21 is a maintenance release without any new features.
Changes:
- Correct a NULL pointer dereference in the nickcmp function found by
Joseph Bisch (GL#1)
- Correct an out of bounds read in certain incomplete control codes
found by Joseph Bisch (GL#2)
- Correct an out of bounds read in certain incomplete character
sequences found by Hanno Böck and independently by J. Bisch (GL#3)
- Correct an error when receiving invalid nick message (GL#4, #466)
|
|
Due to the documenation change below, man pages are no longer supplied in pkgsrc.
New features
core: add optional argument "lowest", "highest" or level mask in command /input hotlist_clear
core: add option "cycle" in command /buffer
api: add "extra" argument to evaluate extra variables in function string_eval_expression() (issue #534)
relay: add option relay.network.allow_empty_password (issue #735)
trigger: add support for one-time triggers (issue #399, issue #509)
Improvements
core, irc, xfer: display more information in memory allocation errors (issue #573)
api: remove functions printf_date() and printf_tags()
irc: rename server options "default_msg_{kick|part|quit}" to "msg_{kick|part|quit}", evaluate them
relay: allow escape of comma in command "init" (weechat protocol) (issue #730)
Bug fixes
core, irc, xfer: refresh domain name and name server addresses before connection to servers (fix connection to servers after suspend mode) (issue #771)
api: fix return of function string_match() when there are multiple masks in the string (issue #812)
api: fix crash in function network_connect_to() if address is NULL
api: fix connection to servers with hook_connect() on Windows 10 with Windows subsystem for Linux (issue #770)
api: fix crash in function string_split_command() when the separator is not a semicolon (issue #731)
irc: fix socket leak in connection to server (issue #358, issue #801)
irc: fix display of service notice mask (message 008) (issue #429)
irc: fix NULL pointer dereference in 734 command callback (issue #738)
relay: return an empty hdata when the requested hdata or pointer is not found (issue #767)
xfer: fix crash on DCC send if option xfer.file.auto_accept_nicks is set (issue #781)
Documentation
switch to asciidoctor to build docs and man page
Build
python: add detection of Python 3.5
|
|
|
|
However, it now needs patches to include stdarg.h in a few places...
|
|
|
|
|
|
API / integration
- New API permissions framework
Commands
- Add configurable weight for ejabberd commands
- add_rosteritem: Support several groups separated by ;
- create_rooms_file: Fix reading room jids from file
- delete_old_messages: Fix command for SQL backends
- send_message: Don't duplicate the message
- Remove obsolete remove_node command (use leave_cluster)
- Fix reload_config
- Cleanup mod_admin_extra, add few functions
- Expose unregister API command
Core XMPP
- New BOSH module
- Use fxml_gen XML generator
- Use our new stand-alone XMPP library instead of jlib.erl
- Don't let MAM messages go into offline storage
- Add xdata generator for XMPP data form
- Get rid of excessive (io)list_to_binary/1 calls
HTTP
- Add authentication support to mod_http_fileserver
- ejabberd_http: Handle missing POST data gracefully
- Use inets instead of lhttpc in http_p1
- Add http_p1.erl, rest.erl, and oauth2 ReST backend for OAuth2 tokens
MUC
- Create room on configuration request as per XEP-0045, 10.1.3
- Ensure that presence_broadcast room option is stored
- Fix conference disco#items when running multiple virtual hosts
- Fix Result Set Management (RSM) for conference disco#items
- Introduce muc_invite hook
- Make the constant MAX_ROOMS_DISCOITEMS configurable
- mod_carboncopy: Don't copy MUC private messages
MUC/Sub
- Store the flag "Allow Subscription" room option in database
- When getting list of subscribed rooms, also check temporary ones
- Add password support in muc_subscribe
- When unsubscribes, check if room should get closed
Pubsub
- Enforce pubsub node removal
- Relational databases support
- Append ; to privacy_list_data exporting lines
- Improve relational database import
Build
- Make build system compatible with rebar3
- Produce ejabberd.service and fix for systemd usage
- Cleanup ext_mod and fix compilation path
- Fix compilation of external module with new xmpp lib
|
|
|
|
|
|
library name in devel/ncurses changed.
|
|
process fails if no openssl.cnf exists. Patch can likely be extended to
remove dependency on the openssl binary completely, but that's beyond
the scope of this fix.
|
|
|
|
Many of these definitely do not depend on readline.
So there must be a different underlying problem, and that
should be tracked down instead of papering over it.
|
|
|
|
Solves:
/usr/libexec/binutils225/elf/ld.gold: error: cannot find -lreadline
The missing specification is obvious on DragonFly because there's
no publically accessible version of readline in base.
|
