Age | Commit message (Collapse) | Author | Files | Lines |
|
lang/sun-jdk6: security update
lang/sun-jre6: security update
Revisions pulled up:
- lang/sun-jdk6/Makefile 1.31
- lang/sun-jdk6/distinfo 1.20
- lang/sun-jre6/Makefile 1.39
- lang/sun-jre6/distinfo 1.23
---
Module Name: pkgsrc
Committed By: obache
Date: Fri Aug 31 11:34:01 UTC 2012
Modified Files:
pkgsrc/lang/sun-jdk6: Makefile distinfo
pkgsrc/lang/sun-jre6: Makefile distinfo
Log Message:
Update sun-{jdk,jre}6 to 6.0.35.
Java(TM) SE Development Kit 6, Update 35 (JDK 6u35)
The full version string for this update release is 1.6.0_35-b10 (where "b" means
"build") and the version number is 6u35.
JDK Demos and Samples remain the same as in JDK 6u34
The vulnerabilities addressed by this security release do not affect the demos
and samples code. Therefore there is no need to update Demos and Samples as long
as the JDK itself is updated to 6u35.
Olson Data 2012c
JDK 6u35 contains Olson time zone data version 2012c. For more information,
refer to Timezone Data Versions in the JRE
Bug Fixes
This release contains a security-in-depth fix. For more information, see Oracle
Security Alert for CVE-2012-4681.
Java(TM) SE Development Kit 6, Update 34 (JDK 6u34)
The full version string for this update release is 1.6.0_34-b04 (where "b" means
"build") and the version number is 6u34.
Olson Data 2012c
JDK 6u34 contains Olson time zone data version 2012c. For more information,
refer to Timezone Data Versions in the JRE Software.
Bug Fixes
Notable Bug Fixes in JDK 6u34
Bug Id Category Sub_Category Description
7162955 hotspot attach Attach api on Solaris, too many
open files
7100757 hotspot compiler2 The BitSet.nextSetBit() produces
incorrect result in 32bit VM on
Sparc
7108221 hotspot compiler2 Backport to jdk6 Hotspot defaults
for AMD Bulldozer processor
7167142 hotspot runtime_arguments Issue warning when finding a
.hotspotrc or .hotspot_compiler
file that isn't used
6941923 hotspot runtime_logging RFE: Handling large log files
produced by long running Java
Applications
7059899 hotspot runtime_system Stack overflows in Java code cause
64-bit JVMs to exit due to SIGSEGV
7145587 hotspot runtime_system Stack overflows in Java code cause
64-bit JVMs to exit due to
SIGSEGV (solaris sparc)
7177216 java char_encodings native2ascii changes file
permissions of input file
7027300 java classes_2d Unsynchronized HashMap access
causes endless loop
7183251 java classes_2d Netbeans editor renders text
wrong on JDK 7u6 build 17
6707273 java classes_awt TrayIcon does not support 8-bit
alpha channel in Windows XP
7145980 java classes_awt Dispose method of window.java
takes long
6521014 java classes_net IOException thrown when Socket
tries to bind to an local IPv6
address on SuSE Linux
6543428 java classes_net BindException when binding to a
link-local address on Windows
6886436 java classes_net Lightwight HTTP Container
(com.sun.* package) is unstable
7118373 java classes_nio (se) Potential leak file descriptor
when deregistrating at around
the same time as an async close
7093090 java classes_security Reduce synchronization in
java.security.Policy.getPolicyNoCheck
7152564 java classes_security Improve CodeSource.matchLocation
(CodeSource) performance
7165725 java classes_swing JAVA6 HTML PARSER CANNOT PARSE
MULTIPLE SCRIPT TAGS IN A LINE
CORRECTLY
7071826 java classes_util UUID.randomUUID() race condition
7144488 java classes_util (coll) Infinite recursion for
some equals tests in Collections
7133138 java classes_util_i18n Improve io performance around
timezone lookups
7149608 java classes_util_i18n (tz): Default TZ detection fails
on linux when symbolic links to
non default location used.
7167359 java classes_util_i18n (tz) SEGV on solaris if TZ
variable not set
7141852 java compiler 1.6 v30 no longer compiles
particular interface inheritance
hierarchy
7158412 java install JRE installer does not delete
its installation files from the
user's Application Data folder
7148584 java jar Jar tools fails to generate
manifest correctly when boundary
condition hit
7175845 java jar "jar uf" changes file permissions
unexpectedly
7070619 java localization locale issue for keytool with
pt_BR
7168110 java serviceability Misleading jstack error message
7063183 java_deployment general AIOB exception in the
RemoveCommentReader
7063790 java_deployment general SunAutoProxyHandlerTest hangs
7119269 java_deployment general Tune URLUtils
7173533 java_deployment general Discoverer 10g olap is slower
when using java 1.6 than with 1.5
7175548 java_deployment security Regression: Fix 7110690 breaks
crossdomain functionality for
applets running on 6u33-b03 (FCS/GA)
6670362 jgss krb5plugin HTTP/SPNEGO should work across
realms
7067974 jgss krb5plugin multiple ETYPE-INFO-ENTRY with
same etype and different salt
7155051 jndi dns DNS provider may return incorrect
results
7157903 jsse runtime JSSE client sockets are very slow
7166570 jsse runtime JSSE certificate validation has
started to fail for certificate
chains
|
|
Ruby on Rails 3.2.8 security update
Revisions pulled up:
- databases/ruby-activerecord32/distinfo 1.6
- devel/ruby-activemodel32/distinfo 1.6
- devel/ruby-activesupport32/distinfo 1.6
- devel/ruby-railties32/distinfo 1.6
- lang/ruby/rails.mk 1.30
- mail/ruby-actionmailer32/distinfo 1.6
- www/ruby-actionpack32/distinfo 1.6
- www/ruby-activeresource32/distinfo 1.6
- www/ruby-rails32/distinfo 1.6
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 12:37:06 UTC 2012
Modified Files:
pkgsrc/lang/ruby: rails.mk
Log Message:
Start update of Ruby on Rails 3.2.8.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 12:38:09 UTC 2012
Modified Files:
pkgsrc/devel/ruby-activesupport32: distinfo
Log Message:
Update ruby-activesupport32 to 3.2.8.
## Rails 3.2.8 (Aug 9, 2012) ##
* Fix ActiveSupport integration with Mocha > 0.12.1. *Mike Gunderloy*
* Reverted the deprecation of ActiveSupport::JSON::Variable.
*Rafael Mendonça França*
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 12:38:41 UTC 2012
Modified Files:
pkgsrc/devel/ruby-activemodel32: distinfo
Log Message:
Update ruby-activemodel32 to 3.2.8.
## Rails 3.2.8 (Aug 9, 2012) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 12:40:00 UTC 2012
Modified Files:
pkgsrc/www/ruby-actionpack32: distinfo
Log Message:
Update ruby-actionpack32 to 3.2.8.
## Rails 3.2.8 (Aug 9, 2012) ##
* There is an XSS vulnerability in the strip_tags helper in Ruby on Rails, the
helper doesn't correctly handle malformed html. As a result an attacker can
execute arbitrary javascript through the use of specially crafted malformed
html.
*Marek from Nethemba (www.nethemba.com) & Santiago Pastorino*
* When a "prompt" value is supplied to the `select_tag` helper, the "prompt"
value is not escaped.
If untrusted data is not escaped, and is supplied as the prompt value, there
is a potential for XSS attacks.
Vulnerable code will look something like this:
select_tag("name", options, :prompt => UNTRUSTED_INPUT)
*Santiago Pastorino*
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 12:41:02 UTC 2012
Modified Files:
pkgsrc/databases/ruby-activerecord32: distinfo
Log Message:
Update ruby-activerecord32 to 3.2.8.
## Rails 3.2.8 (Aug 9, 2012) ##
* Do not consider the numeric attribute as changed if the old value is zero
and the new value is not a string.
Fixes #7237.
*Rafael Mendonça França*
* Removes the deprecation of `update_attribute`. *fxn*
* Reverted the deprecation of `composed_of`. *Rafael Mendonça França*
* Reverted the deprecation of `*_sql` association options. They will be
deprecated in 4.0 instead. *Jon Leighton*
* Do not eager load AR session store. ActiveRecord::SessionStore depends on
the abstract store in Action Pack. Eager loading this class would break
client code that eager loads Active Record standalone.
Fixes #7160
*Xavier Noria*
* Do not set RAILS_ENV to "development" when using `db:test:prepare` and
related rake tasks.
This was causing the truncation of the development database data when using
RSpec.
Fixes #7175.
*Rafael Mendonça França*
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 12:41:37 UTC 2012
Modified Files:
pkgsrc/www/ruby-activeresource32: distinfo
Log Message:
Update ruby-activeresource32 to 3.2.8.
## Rails 3.2.8 (Aug 9, 2012) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 12:42:14 UTC 2012
Modified Files:
pkgsrc/mail/ruby-actionmailer32: distinfo
Log Message:
Update ruby-actionmailer32 to 3.2.8.
## Rails 3.2.8 (Aug 9, 2012) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 12:43:08 UTC 2012
Modified Files:
pkgsrc/devel/ruby-railties32: distinfo
Log Message:
Update ruby-railties32 to 3.2.8.
## Rails 3.2.8 (Aug 9, 2012) ##
* ERB scaffold generator use the `:data => { :confirm => "Text" }` syntax
instead of `:confirm`.
*Rafael Mendonça França*
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 12:44:30 UTC 2012
Modified Files:
pkgsrc/www/ruby-rails32: distinfo
Log Message:
Update ruby-rails32 to 3.2.8.
This is a meta-like package and no changes.
|
|
Ruby on Rails 3.1.8 security update
Revisions pulled up:
- databases/ruby-activerecord31/distinfo 1.6
- devel/ruby-activemodel31/distinfo 1.6
- devel/ruby-activesupport31/distinfo 1.7
- devel/ruby-railties31/distinfo 1.6
- lang/ruby/rails.mk 1.29
- mail/ruby-actionmailer31/distinfo 1.6
- www/ruby-actionpack31/distinfo 1.7
- www/ruby-activeresource31/distinfo 1.6
- www/ruby-rails31/distinfo 1.6
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 10:32:52 UTC 2012
Modified Files:
pkgsrc/lang/ruby: rails.mk
Log Message:
Start Ruby on Rails 3.1.8.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 10:33:18 UTC 2012
Modified Files:
pkgsrc/devel/ruby-activesupport31: distinfo
Log Message:
Update ruby-activesupport31 to 3.1.8.
## Rails 3.1.8 (Aug 9, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 10:33:48 UTC 2012
Modified Files:
pkgsrc/devel/ruby-activemodel31: distinfo
Log Message:
Update ruby-activemodel31 to 3.1.8.
## Rails 3.1.8 (Aug 9, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 10:34:38 UTC 2012
Modified Files:
pkgsrc/www/ruby-actionpack31: distinfo
Log Message:
Update ruby-actionpack31 to 3.1.8.
## Rails 3.1.8 (Aug 9, 2012)
* There is an XSS vulnerability in the strip_tags helper in Ruby on Rails, the
helper doesn't correctly handle malformed html. As a result an attacker can
execute arbitrary javascript through the use of specially crafted malformed
html.
*Marek from Nethemba (www.nethemba.com) & Santiago Pastorino*
* When a "prompt" value is supplied to the `select_tag` helper, the
"prompt" value is not escaped.
If untrusted data is not escaped, and is supplied as the prompt value,
there is a potential for XSS attacks.
Vulnerable code will look something like this:
select_tag("name", options, :prompt => UNTRUSTED_INPUT)
*Santiago Pastorino*
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 10:35:20 UTC 2012
Modified Files:
pkgsrc/databases/ruby-activerecord31: distinfo
Log Message:
Update ruby-activerecord31 to 3.1.8.
## Rails 3.1.8 (Aug 9, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 10:36:35 UTC 2012
Modified Files:
pkgsrc/www/ruby-activeresource31: distinfo
Log Message:
Update ruby-activeresource31 to 3.1.8.
## Rails 3.1.8 (Aug 9, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 10:37:22 UTC 2012
Modified Files:
pkgsrc/mail/ruby-actionmailer31: distinfo
Log Message:
Update ruby-actionmailer31 to 3.1.8.
## Rails 3.1.8 (Aug 9, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 10:37:52 UTC 2012
Modified Files:
pkgsrc/devel/ruby-railties31: distinfo
Log Message:
Update ruby-railties31 to 3.1.8.
## Rails 3.1.8 (Aug 9, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 10:38:45 UTC 2012
Modified Files:
pkgsrc/www/ruby-rails31: distinfo
Log Message:
Update ruby-rails31 to 3.1.8.
This is a meta-like package and no changes.
|
|
Ruby on Rails 3.0.17 security update.
Revisions pulled up:
- databases/ruby-activerecord3/distinfo 1.15
- devel/ruby-activemodel/distinfo 1.15
- devel/ruby-activesupport3/distinfo 1.16
- devel/ruby-railties/distinfo 1.15
- lang/ruby/rails.mk 1.28
- mail/ruby-actionmailer3/distinfo 1.17
- www/ruby-actionpack3/distinfo 1.16
- www/ruby-activeresource3/distinfo 1.15
- www/ruby-rails3/distinfo 1.16
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 09:44:22 UTC 2012
Modified Files:
pkgsrc/lang/ruby: rails.mk
Log Message:
Start update of Ruby on Rails 3.0.17.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 09:44:58 UTC 2012
Modified Files:
pkgsrc/devel/ruby-activesupport3: distinfo
Log Message:
Update ruby-activesupport3 to 3.0.17.
## Rails 3.0.17 (Aug 9, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 09:45:45 UTC 2012
Modified Files:
pkgsrc/devel/ruby-activemodel: distinfo
Log Message:
Update ruby-activemodel to 3.0.17.
## Rails 3.0.17 (Aug 9, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 09:46:45 UTC 2012
Modified Files:
pkgsrc/www/ruby-actionpack3: distinfo
Log Message:
Update ruby-actionpack3 to 3.0.17
## Rails 3.0.17 (Aug 9, 2012)
* There is an XSS vulnerability in the strip_tags helper in Ruby on Rails, the
helper doesn't correctly handle malformed html. As a result an attacker can
execute arbitrary javascript through the use of specially crafted malformed
html.
*Marek from Nethemba (www.nethemba.com) & Santiago Pastorino*
* When a "prompt" value is supplied to the `select_tag` helper, the "prompt"
value is not escaped. If untrusted data is not escaped, and is supplied as
the prompt value, there is a potential for XSS attacks.
Vulnerable code will look something like this:
select_tag("name", options, :prompt => UNTRUSTED_INPUT)
*Santiago Pastorino*
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 09:47:45 UTC 2012
Modified Files:
pkgsrc/databases/ruby-activerecord3: distinfo
Log Message:
Update ruby-activerecord3 to 3.0.17.
## Rails 3.0.17 (Aug 9, 2012)
* Fix type_to_sql with text and limit on mysql/mysql2 (GH #7252)
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 09:48:26 UTC 2012
Modified Files:
pkgsrc/mail/ruby-actionmailer3: distinfo
Log Message:
Update ruby-actionmailer3 to 3.0.17.
## Rails 3.0.17 (Aug 9, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 09:49:01 UTC 2012
Modified Files:
pkgsrc/devel/ruby-railties: distinfo
Log Message:
Update ruby-railties to 3.0.17.
## Rails 3.0.17 (Aug 9, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 09:50:41 UTC 2012
Modified Files:
pkgsrc/www/ruby-rails3: distinfo
Log Message:
Update ruby-rails3 to 3.0.17.
This is a meta-like package and no changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Aug 15 15:58:23 UTC 2012
Modified Files:
pkgsrc/www/ruby-activeresource3: distinfo
Log Message:
Oops, missed from commit for ruby-activeresource3.
|
|
databases/ruby-activerecord32: security update
devel/ruby-activemodel32: security update
devel/ruby-activesupport32: security update
devel/ruby-railties32: security update
mail/ruby-actionmailer32: security update
www/ruby-actionpack32: security update
www/ruby-activeresource32: security update
www/ruby-rails32: security update
Revisions pulled up:
- databases/ruby-activerecord32/distinfo 1.5
- devel/ruby-activemodel32/distinfo 1.5
- devel/ruby-activesupport32/distinfo 1.5
- devel/ruby-railties32/distinfo 1.5
- lang/ruby/rails.mk 1.27
- mail/ruby-actionmailer32/distinfo 1.5
- www/ruby-actionpack32/distinfo 1.5
- www/ruby-activeresource32/distinfo 1.5
- www/ruby-rails32/distinfo 1.5
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:50:28 UTC 2012
Modified Files:
pkgsrc/lang/ruby: rails.mk
Log Message:
Start update of Ruby on Rails 3.2.7.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:51:18 UTC 2012
Modified Files:
pkgsrc/devel/ruby-activesupport32: distinfo
Log Message:
Update ruby-activesupport32 to 3.2.7.
## Rails 3.2.7 (unreleased)
* Hash#fetch(fetch) is not the same as doing hash[key]
* adds a missing require [fixes #6896]
* make sure the inflection rules are loaded when cherry-picking
active_support/core_ext/string/inflections.rb [fixes #6884]
* Merge pull request #6857 from rsutphin/as_core_ext_time_missing_require
* bump AS deprecation_horizon to 4.0
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:52:25 UTC 2012
Modified Files:
pkgsrc/devel/ruby-activemodel32: distinfo
Log Message:
Update ruby-activemodel32 to 3.2.7.
## Rails 3.2.7 (unreleased)
* `validates_inclusion_of` and `validates_exclusion_of` now accept `:within`
option as alias of `:in` as documented.
* Fix the the backport of the object dup with the ruby 1.9.3p194.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:53:01 UTC 2012
Modified Files:
pkgsrc/www/ruby-activeresource32: distinfo
Log Message:
Update ruby-activeresource32 to 3.2.7.
## Rails 3.2.7 (unreleased)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:53:46 UTC 2012
Modified Files:
pkgsrc/databases/ruby-activerecord32: distinfo
Log Message:
Update ruby-activerecord32 to 3.2.7.
## Rails 3.2.7 (unreleased) ##
* `:finder_sql` and `:counter_sql` options on collection associations
are deprecated. Please transition to using scopes.
*Jon Leighton*
* `:insert_sql` and `:delete_sql` options on `has_and_belongs_to_many`
associations are deprecated. Please transition to using `has_many
:through`
*Jon Leighton*
* `composed_of` has been deprecated. You'll have to write your own accessor
and mutator methods if you'd like to use value objects to represent some
portion of your models.
*Steve Klabnik*
* `update_attribute` has been deprecated. Use `update_column` if
you want to bypass mass-assignment protection, validations, callbacks,
and touching of updated_at. Otherwise please use `update_attributes`.
*Steve Klabnik*
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:55:32 UTC 2012
Modified Files:
pkgsrc/www/ruby-actionpack32: distinfo
Log Message:
Update ruby-actionpack32 to 3.2.7.
## Rails 3.2.7 (unreleased) ##
* Do not convert digest auth strings to symbols. CVE-2012-3424
* Bump Journey requirements to 1.0.4
* Add support for optional root segments containing slashes
* Fixed bug creating invalid HTML in select options
* Show in log correct wrapped keys
* Fix NumberHelper options wrapping to prevent verbatim blocks being rendered
instead of line continuations.
* ActionController::Metal doesn't have logger method, check it and then
delegate
* ActionController::Caching depends on RackDelegation and
AbstractController::Callbacks
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:56:13 UTC 2012
Modified Files:
pkgsrc/mail/ruby-actionmailer32: distinfo
Log Message:
Update ruby-actionmailer32 to 3.2.7.
## Rails 3.2.7 (unreleased)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:56:46 UTC 2012
Modified Files:
pkgsrc/devel/ruby-railties32: distinfo
Log Message:
Update ruby-railties32 to 3.2.7.
## Rails 3.2.7 (unreleased)
* Since Rails 3.2, use layout false to render no layout
* Use strict_args_position! if available from Thor
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:57:33 UTC 2012
Modified Files:
pkgsrc/www/ruby-rails32: distinfo
Log Message:
Update Update ruby-rails32 to 3.2.17.
This is a meta-like package and no changes.
|
|
databases/ruby-activerecord31: security update
devel/ruby-activemodel31: security update
devel/ruby-activesupport31: security update
devel/ruby-railties31: security update
mail/ruby-actionmailer31: security update
www/ruby-actionpack31: security update
www/ruby-activeresource31: security update
www/ruby-rails31: security update
Revisions pulled up:
- databases/ruby-activerecord31/distinfo 1.5
- devel/ruby-activemodel31/distinfo 1.5
- devel/ruby-activesupport31/distinfo 1.6
- devel/ruby-railties31/distinfo 1.5
- lang/ruby/rails.mk 1.26
- mail/ruby-actionmailer31/distinfo 1.5
- www/ruby-actionpack31/distinfo 1.6
- www/ruby-activeresource31/distinfo 1.5
- www/ruby-rails31/distinfo 1.5
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:34:39 UTC 2012
Modified Files:
pkgsrc/lang/ruby: rails.mk
Log Message:
Start update of Ruby on Rails 3.1.7.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:35:07 UTC 2012
Modified Files:
pkgsrc/devel/ruby-activesupport31: distinfo
Log Message:
Update ruby-activesupport31 to 3.1.7.
## Rails 3.1.7 (Jul 26, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:35:47 UTC 2012
Modified Files:
pkgsrc/devel/ruby-activemodel31: distinfo
Log Message:
Update ruby-activemodel31 to 3.1.7.
## Rails 3.1.7 (Jul 26, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:36:18 UTC 2012
Modified Files:
pkgsrc/www/ruby-activeresource31: distinfo
Log Message:
Update ruby-activeresource31 to 3.1.7.
## Rails 3.1.7 (Jul 26, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:36:59 UTC 2012
Modified Files:
pkgsrc/databases/ruby-activerecord31: distinfo
Log Message:
Update ruby-activerecord31 to 3.1.7.
## Rails 3.1.7 (Jul 26, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:38:13 UTC 2012
Modified Files:
pkgsrc/www/ruby-actionpack31: distinfo
Log Message:
Update ruby-actionpack31 to 3.1.7.
## Rails 3.1.7 (Jul 26, 2012)
* Do not convert digest auth strings to symbols. CVE-2012-3424
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:38:47 UTC 2012
Modified Files:
pkgsrc/mail/ruby-actionmailer31: distinfo
Log Message:
Update ruby-actionmailer31 to 3.1.7.
## Rails 3.1.7 (Jul 26, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:39:16 UTC 2012
Modified Files:
pkgsrc/devel/ruby-railties31: distinfo
Log Message:
Update ruby-railties31 to 3.1.7.
## Rails 3.1.7 (Jul 26, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:41:23 UTC 2012
Modified Files:
pkgsrc/www/ruby-rails31: distinfo
Log Message:
Update Update ruby-rails31 to 3.1.17.
This is a meta-like package and no changes.
|
|
databases/ruby-activerecord3: security update
devel/ruby-activemodel: security update
devel/ruby-activesupport3: security update
devel/ruby-railties: security update
mail/ruby-actionmailer3: security update
mail/ruby-mail22/Makefile
www/ruby-actionpack3: security update
www/ruby-activeresource3: security update
www/ruby-rails3: security update
Revisions pulled up:
- databases/ruby-activerecord3/distinfo 1.14
- devel/ruby-activemodel/distinfo 1.14
- devel/ruby-activesupport3/distinfo 1.15
- devel/ruby-railties/distinfo 1.14
- lang/ruby/rails.mk 1.25
- mail/ruby-actionmailer3/distinfo 1.16
- mail/ruby-mail22/Makefile 1.5
- www/ruby-actionpack3/distinfo 1.15
- www/ruby-activeresource3/distinfo 1.14
- www/ruby-rails3/distinfo 1.15
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:20:08 UTC 2012
Modified Files:
pkgsrc/lang/ruby: rails.mk
Log Message:
Start update of Ruby on Rails to 3.0.16.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:21:03 UTC 2012
Modified Files:
pkgsrc/devel/ruby-activesupport3: distinfo
Log Message:
Update ruby-activesupport3 to 3.0.16.
## Rails 3.0.16 (Jul 26, 2012)
* No changes.
## Rails 3.0.14 (Jun 12, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:21:54 UTC 2012
Modified Files:
pkgsrc/devel/ruby-activemodel: distinfo
Log Message:
Update ruby-activemodel to 3.0.16.
## Rails 3.0.16 (Jul 26, 2012)
* No changes.
## Rails 3.0.14 (Jun 12, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:22:56 UTC 2012
Modified Files:
pkgsrc/www/ruby-activeresource3: distinfo
Log Message:
Update ruby-activeresource3 to 3.0.16.
## Rails 3.0.16 (Jul 26, 2012)
* No changes.
## Rails 3.0.14 (Jun 12, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:24:29 UTC 2012
Modified Files:
pkgsrc/www/ruby-actionpack3: distinfo
Log Message:
Update ruby-actionpack3 to 3.0.16.
## Rails 3.0.16 (Jul 26, 2012)
* Do not convert digest auth strings to symbols. CVE-2012-3424
## Rails 3.0.14 (Jun 12, 2012)
* nil is removed from array parameter values
CVE-2012-2694
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:25:14 UTC 2012
Modified Files:
pkgsrc/databases/ruby-activerecord3: distinfo
Log Message:
Update ruby-activerecord3 to 3.0.16.
## Rails 3.0.16 (Jul 26, 2012)
* No changes.
## Rails 3.0.14 (Jun 12, 2012)
* protect against the nesting of hashes changing the
table context in the next call to build_from_hash. This fix
covers this case as well.
CVE-2012-2695
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:25:49 UTC 2012
Modified Files:
pkgsrc/mail/ruby-actionmailer3: distinfo
Log Message:
Update ruby-actionmailer3 to 3.0.16.
## Rails 3.0.16 (Jul 26, 2012)
* No changes.
## Rails 3.0.14 (Jun 12, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:26:47 UTC 2012
Modified Files:
pkgsrc/devel/ruby-railties: distinfo
Log Message:
Update ruby-railties to 3.0.16.
## Rails 3.0.16 (Jul 26, 2012)
* No changes.
## Rails 3.0.14 (Jun 12, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 12:27:36 UTC 2012
Modified Files:
pkgsrc/www/ruby-rails3: distinfo
Log Message:
Update ruby-rails3 to 3.0.16.
This is a meta-like package and no changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 31 13:02:49 UTC 2012
Modified Files:
pkgsrc/mail/ruby-mail22: Makefile
Log Message:
Bump PKGREVISION to reflect dependency to devel/ruby-activesupport3.
|
|
lang/php: fix PHP version numbers in dependencies after recent update
Revisions pulled up:
- lang/php/phpversion.mk 1.20
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Jul 25 10:50:12 UTC 2012
Modified Files:
pkgsrc/lang/php: phpversion.mk
Log Message:
Update PHP53_VERSION and PHP54_VERSION noted by Uwe Klaus.
|
|
archivers/php-bz2: security update
archivers/php-zip: security update
archivers/php-zlib: security update
converters/php-iconv: security update
converters/php-mbstring: security update
databases/php-dba: security update
databases/php-ldap: security update
databases/php-mssql: security update
databases/php-mysql: security update
databases/php-mysqli: security update
databases/php-pdo: security update
databases/php-pdo_dblib: security update
databases/php-pdo_mysql: security update
databases/php-pdo_pgsql: security update
databases/php-pdo_sqlite: security update
databases/php-pgsql: security update
databases/php-sqlite: security update
devel/php-gettext: security update
devel/php-gmp: security update
devel/php-pcntl: security update
devel/php-posix: security update
devel/php-shmop: security update
devel/php-sysvmsg: security update
devel/php-sysvsem: security update
devel/php-sysvshm: security update
graphics/php-exif: security update
graphics/php-gd: security update
lang/php53: security update
lang/php54: security update
mail/php-imap: security update
math/php-bcmath: security update
net/php-ftp: security update
net/php-snmp: security update
net/php-soap: security update
net/php-sockets: security update
net/php-xmlrpc: security update
security/php-mcrypt: security update
textproc/php-dom: security update
textproc/php-enchant: security update
textproc/php-intl: security update
textproc/php-json: security update
textproc/php-pspell: security update
textproc/php-wddx: security update
textproc/php-xsl: security update
time/php-calendar: security update
www/ap-php: security update
www/php-curl: security update
www/php-fpm: security update
www/php-tidy: security update
Revisions pulled up:
- archivers/php-zip/Makefile 1.15
- databases/php-dba/Makefile 1.15
- databases/php-mssql/Makefile 1.14
- databases/php-pdo_dblib/Makefile 1.15
- databases/php-pdo_sqlite/Makefile 1.12
- databases/php-sqlite/Makefile 1.16
- devel/php-gettext/Makefile 1.11
- devel/php-shmop/Makefile 1.11
- graphics/php-exif/Makefile 1.11
- graphics/php-gd/Makefile 1.28
- lang/php53/Makefile.common 1.15
- lang/php53/Makefile.php 1.19
- lang/php53/distinfo 1.46
- lang/php53/patches/patch-aj 1.2
- lang/php54/Makefile.common 1.2
- lang/php54/distinfo 1.2
- lang/php54/patches/patch-run-tests.php 1.2
- net/php-soap/Makefile 1.4
- net/php-xmlrpc/Makefile 1.15
- textproc/php-dom/Makefile 1.4
- textproc/php-intl/Makefile 1.13
- textproc/php-pspell/Makefile 1.13
- textproc/php-wddx/Makefile 1.17
- textproc/php-xsl/Makefile 1.5
- www/ap-php/Makefile 1.27
- www/php-curl/Makefile 1.18
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jul 20 12:28:18 UTC 2012
Modified Files:
pkgsrc/lang/php53: Makefile.common Makefile.php distinfo
pkgsrc/lang/php53/patches: patch-aj
Log Message:
Update php53 pacakge to 5.3.15 (PHP 5.3.15).
19-July-2012
o Zend Engine
* Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value
that includes a semi-colon)
o COM
* Fixed bug #62146 com_dotnet cannot be built shared
o Core
* Fixed potential overflow in _php_stream_scandir, CVE-2012-2688
* Fixed bug #62432 (ReflectionMethod random corrupt memory on high
concurrent)
* Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt)
o Fileinfo
* Fixed magic file regex support
o FPM
* Fixed bug #61045 (fpm don't send error log to fastcgi clients)
* Fixed bug #61835 (php-fpm is not allowed to run as root)
* Fixed bug #61295 (php-fpm should not fail with commented 'user' for
non-root start)
* Fixed bug #61026 (FPM pools can listen on the same address)
* Fixed bug #62033 (php-fpm exits with status 0 on some failures to
start)
* Fixed bug #62153 (when using unix sockets, multiples FPM instances
can be launched without errors)
* Fixed bug #62160 (Add process.priority to set nice(2) priorities)
* Fixed bug #61218 (FPM drops connection while receiving some binary
values in FastCGI requests)
* Fixed bug #62205 (php-fpm segfaults (null passed to strstr))
o Intl
* Fixed bug #62083 (grapheme_extract() memory leaks)
* Fixed bug #62081 (IntlDateFormatter constructor leaks memory when
called twice)
* Fixed bug #62070 (Collator::getSortKey() returns garbage)
* Fixed bug #62017 (datefmt_create with incorrectly encoded timezone
leaks pattern)
* Fixed bug #60785 (memory leak in IntlDateFormatter constructor)
o JSON
* Reverted fix for bug #61537
o Phar
* Fixed bug #62227 (Invalid phar stream path causes crash)
o Reflection
* Fixed bug #62384 (Attempting to invoke a Closure more than once
causes segfault)
* Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory
leaks with constant)
o SPL
* Fixed bug #62262 (RecursiveArrayIterator does not implement Countable)
o SQLite
* Fixed open_basedir bypass, CVE-2012-3365
o XML Write
* Fixed bug #62064 (memory leak in the XML Writer module)
o Zip
* Upgraded libzip to 0.10
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jul 20 12:29:05 UTC 2012
Modified Files:
pkgsrc/lang/php54: Makefile.common distinfo
pkgsrc/lang/php54/patches: patch-run-tests.php
Log Message:
Update php54 package to 5.4.5 (PHP 5.4.5).
19-July-2012
o Core
* Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt)
* Fixed bug #62432 (ReflectionMethod random corrupt memory on high
concurrent)
* Fixed bug #62373 (serialize() generates wrong reference to the
object).
* Fixed bug #62357 (compile failure: (S) Arguments missing for
built-in function __memcmp)
* Fixed bug #61998 (Using traits with method aliases appears to result
in crash during execution)
* Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value
that includes a semi-colon)
* Fixed potential overflow in _php_stream_scandir (CVE-2012-2688)
o EXIF
* Fixed information leak in ext exi
o FPM
* Fixed bug #62205 (php-fpm segfaults (null passed to strstr)
* Fixed bug #62160 (Add process.priority to set nice(2) priorities)
* Fixed bug #62153 (when using unix sockets, multiples FPM instances)
* Fixed bug #62033 (php-fpm exits with status 0 on some failures to
start)
* Fixed bug #61839 (Unable to cross-compile PHP with --enable-fpm)
* Fixed bug #61835 (php-fpm is not allowed to run as root)
* Fixed bug #61295 (php-fpm should not fail with commented 'user'
* Fixed bug #61218 (FPM drops connection while receiving some binary
values in FastCGI requests)
* Fixed bug #61045 (fpm don't send error log to fastcgi clients).
(fat) for non-root start)
* Fixed bug #61026 (FPM pools can listen on the same address).
(fat) can be launched without errors)
o Iconv
* Fixed bug #55042 (Erealloc in iconv.c unsafe)
o Intl
* Fixed bug #62083 (grapheme_extract() memory leaks)
* Fixed bug #62081 (IntlDateFormatter constructor leaks memory when
called twice)
* Fixed bug #62070 (Collator::getSortKey() returns garbage)
* Fixed bug #62017 (datefmt_create with incorrectly encoded timezone
leaks pattern)
* Fixed bug #60785 (memory leak in IntlDateFormatter constructor)
* ResourceBundle constructor now accepts NULL for the first two arguments
o JSON
* Fixed bug #61359 (json_encode() calls too many reallocs)
o libxml
* Fixed bug #62266 (Custom extension segfaults during xmlParseFile
with FPM SAPI)
o Phar
* Fixed bug #62227 (Invalid phar stream path causes crash)
o Readline
* Fixed bug #62186 (readline fails to compile - void function should
not return a value)
o Reflection
* Fixed bug #62384 (Attempting to invoke a Closure more than once
causes segfault)
* Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory
leaks with constant)
o Sockets
* Fixed bug #62025 (__ss_family was changed on AIX 5.3)
o SPL
* Fixed bug #62433 (Inconsistent behavior of
RecursiveDirectoryIterator to dot files)
* Fixed bug #62262 (RecursiveArrayIterator does not implement
Countable)
o XML Writer
* Fixed bug #62064 (memory leak in the XML Writer module)
o Zip
* Upgraded libzip to 0.10.
{
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jul 20 12:30:38 UTC 2012
Modified Files:
pkgsrc/archivers/php-zip: Makefile
pkgsrc/databases/php-dba: Makefile
pkgsrc/databases/php-mssql: Makefile
pkgsrc/databases/php-pdo_dblib: Makefile
pkgsrc/databases/php-pdo_sqlite: Makefile
pkgsrc/databases/php-sqlite: Makefile
pkgsrc/devel/php-gettext: Makefile
pkgsrc/devel/php-shmop: Makefile
pkgsrc/graphics/php-exif: Makefile
pkgsrc/graphics/php-gd: Makefile
pkgsrc/net/php-soap: Makefile
pkgsrc/net/php-xmlrpc: Makefile
pkgsrc/textproc/php-dom: Makefile
pkgsrc/textproc/php-intl: Makefile
pkgsrc/textproc/php-pspell: Makefile
pkgsrc/textproc/php-wddx: Makefile
pkgsrc/textproc/php-xsl: Makefile
pkgsrc/www/ap-php: Makefile
pkgsrc/www/php-curl: Makefile
Log Message:
- Reset PKG_REVISION by both php53 and php54 are updated.
- Remove supporting php5 (PHP 5.2.x) supporting codes.
|
|
versions that loops chewing memory.
|
|
|
|
|
|
|
|
|
|
GCC47 was marked NOT-FOR-DRAGONFLY, so support has been added.
* DragonFly-specific files added via patch mechanism
* Some existing patches modified to add DragonFly configuration items
* dl_iterate_phdr error handling support added (FreeBSD support was altered,
NetBSD and OpenBSD support is commented out)
* The java language is taken off as a default option
On the i386 platform, the compiler will build from a full bootstrap, but
one of the later stages fails on x86_64. It fails to find libstdc++.so.6
even though the previous stage library was built and -B, -L flags point
to it. The cause of the platform-specific build failure isn't clear --
The workaround is to disable the bootstrap on DragonFly so that the compiler
is built in one stage instead of three. This workaround could have been
limited to the x86_64-DragonFly platform only, but currently is applied to
i386-DragonFly too.
|
|
Should fix Solaris build.
|
|
Solaris build. While here, stop stuffing pointers in ints on 64-bit
platforms (other than Alpha, which it already knew about) and therefore
bump PKGREVISION to 1.
|
|
|
|
Bump PKGREVISION
|
|
Bump PKGREVISION.
|
|
The netbsd/ctype_base.h patch was added in the previous update without
adding a new entry to distinfo.
|
|
Bump package revision.
|
|
|
|
In terms of the core YAP, most changes are small bug fixes. They include
- better support for 64 bits in win64,
- some fixes to the garbage collector
- OSX Lion compilation
- wide char support
- bug in copy_term when some variables have attributes
- fixes to lam interface
- C-interface and SWI support
- over-optimisation of =/2.
- arithmetic exceptions
- write_canonical (Ulrich)
- retracting may not follow lu semantics
- minor predicate import bug.
There has been a lot of progress in ProbLog and cplint.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Key new features: traits, a shortened array syntax, a built-in webserver for
testing purposes and more.
A migration guide: http://php.net/migration54
Full changes: http://www.php.net/ChangeLog-5.php
|
|
|
|
* PHP_VERSION_DEFAULT, PHP_VERSIONS_ACCEPTED, PKG_PHP_VERSION now
don't accept 5 any more but 52, 53, 54.
Each value corresponding to PHP 5.2.x, 5.3.x, 5.4.x.
* PHP_PKG_PREFIX might be "php54".
* phpversion.mk defines PHP_BASE_VERS.
* phpversion.mk defines each PHP's exact version for now.
TODO:
php{5,53,54}/Makefile.{common,php} could be arranged to some
redundant codes.
|
|
Version 5.3.14
06-June-2012
* CLI SAPI
- Fixed bug #61546 (functions related to current script failed when
chdir() in cli sapi)
* Core
- Fixed CVE-2012-2143
- Fixed bug #62005 (unexpected behavior when incrementally assigning to a
member of a null object)
- Fixed bug #61730 (Segfault from array_walk modifying an array passed by
reference)
- Fixed missing bound check in iptcparse()
- Fixed bug #61764 ('I' unpacks n as signed if n > 2^31-1 on LP64)
- Fixed bug #54197 ([PATH=] sections incompatibility with
user_ini.filename set to null)
- Fixed bug #61713 (Logic error in charset detection for htmlentities)
- Fixed bug #61991 (long overflow in realpath_cache_get())
- Changed php://fd to be available only for CLI.
* CURL
- Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction)
* COM
- Fixed bug #62146 com_dotnet cannot be built shared
* Fileinfo
- Fixed bug #61812 (Uninitialised value used in libmagic)
* Iconv
- Fixed a bug that iconv extension fails to link to the correct library
when another extension makes use of a library that links to the iconv
library. See https://bugs.gentoo.org/show_bug.cgi?id=364139 for detail
* Intl
- Fixed bug #62082 (Memory corruption in internal function
get_icu_disp_value_src_php()
* JSON
- Fixed bug #61537 (json_encode() incorrectly truncates/discards
information)
* PDO
- Fixed bug #61755 (A parsing bug in the prepared statements can lead to
access violations)
* Phar
- Fixed bug #61065 (Secunia SA44335)
* Streams
- Fixed bug #61961 (file_get_contents leaks when access empty file with
maxlen set)
|
|
|
|
|
|
Bump PKGREVISION.
|
|
|
|
Bump PKGREVISION.
|
|
with GCC 64-bit. Tested on 32-bit too.
Fixes PR pkg/44999.
|
|
For Ruby on Rails component packages depends strictly on teeny version
(RUBY_RAILS_STRICT_DEP is "yes") and others depends on minor version.
Fix some none-component packages which accidently depends strictly.
|
|
|
|
|
|
|
|
|
|
* Olson Data 2012c
* Bug Fixes
This release contains fixes for security vulnerabilities. For more information,
see Oracle Java SE Critical Patch Update Advisory.
http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html
|
|
|
|
|
|
Bump PKGREVISION.
|
|
sys/param.h.
|