Now
pkgsrc-2010Q3 commitmail json YAML
pkgsrc/devel/libsmi/Makefile@1.16.20.1
/
diff
pkgsrc/devel/libsmi/distinfo@1.5.20.1 / diff
pkgsrc/devel/libsmi/patches/patch-ae@1.1.2.2 / diff
pkgsrc/devel/libsmi/distinfo@1.5.20.1 / diff
pkgsrc/devel/libsmi/patches/patch-ae@1.1.2.2 / diff
Pullup ticket 3281 - requested by tron
security fix
Revisions pulled up:
- pkgsrc/devel/libsmi/Makefile 1.17
- pkgsrc/devel/libsmi/distinfo 1.6
Files added:
pkgsrc/devel/libsmi/patches/patch-ae
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Nov 23 11:30:50 UTC 2010
Modified Files:
pkgsrc/devel/libsmi: Makefile distinfo
Added Files:
pkgsrc/devel/libsmi/patches: patch-ae
Log Message:
Add fix for CVE-2010-2891 taken from Debian's GIT repository.
To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 pkgsrc/devel/libsmi/Makefile
cvs rdiff -u -r1.5 -r1.6 pkgsrc/devel/libsmi/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/devel/libsmi/patches/patch-ae
security fix
Revisions pulled up:
- pkgsrc/devel/libsmi/Makefile 1.17
- pkgsrc/devel/libsmi/distinfo 1.6
Files added:
pkgsrc/devel/libsmi/patches/patch-ae
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Nov 23 11:30:50 UTC 2010
Modified Files:
pkgsrc/devel/libsmi: Makefile distinfo
Added Files:
pkgsrc/devel/libsmi/patches: patch-ae
Log Message:
Add fix for CVE-2010-2891 taken from Debian's GIT repository.
To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 pkgsrc/devel/libsmi/Makefile
cvs rdiff -u -r1.5 -r1.6 pkgsrc/devel/libsmi/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/devel/libsmi/patches/patch-ae
pkgsrc-2010Q3 commitmail json YAML
pkgsrc/net/wget/Makefile@1.101.8.1
/
diff
pkgsrc/net/wget/distinfo@1.35.8.1 / diff
pkgsrc/net/wget/patches/patch-aa@1.11.2.2 / diff
pkgsrc/net/wget/patches/patch-ab@1.9.2.2 / diff
pkgsrc/net/wget/patches/patch-ac@1.11.2.2 / diff
pkgsrc/net/wget/patches/patch-ad@1.10.2.2 / diff
pkgsrc/net/wget/patches/patch-ae@1.8.2.2 / diff
pkgsrc/net/wget/patches/patch-af@1.6.2.2 / diff
pkgsrc/net/wget/distinfo@1.35.8.1 / diff
pkgsrc/net/wget/patches/patch-aa@1.11.2.2 / diff
pkgsrc/net/wget/patches/patch-ab@1.9.2.2 / diff
pkgsrc/net/wget/patches/patch-ac@1.11.2.2 / diff
pkgsrc/net/wget/patches/patch-ad@1.10.2.2 / diff
pkgsrc/net/wget/patches/patch-ae@1.8.2.2 / diff
pkgsrc/net/wget/patches/patch-af@1.6.2.2 / diff
Pullup ticket 3278 - requested by tron
security fixes
Revisions pulled up:
- pkgsrc/net/wget/Makefile 1.102
- pkgsrc/net/wget/distinfo 1.36
Files added:
pkgsrc/net/wget/patches/patch-aa
pkgsrc/net/wget/patches/patch-ab
pkgsrc/net/wget/patches/patch-ac
pkgsrc/net/wget/patches/patch-ad
pkgsrc/net/wget/patches/patch-ae
pkgsrc/net/wget/patches/patch-af
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Nov 23 08:22:47 UTC 2010
Modified Files:
pkgsrc/net/wget: Makefile distinfo
Added Files:
pkgsrc/net/wget/patches: patch-aa patch-ab patch-ac patch-ad patch-ae
patch-af
Log Message:
Add Debian's "wget" 1.12 backport of the fix for CVE-2010-2252.
To generate a diff of this commit:
cvs rdiff -u -r1.101 -r1.102 pkgsrc/net/wget/Makefile
cvs rdiff -u -r1.35 -r1.36 pkgsrc/net/wget/distinfo
cvs rdiff -u -r0 -r1.11 pkgsrc/net/wget/patches/patch-aa \
pkgsrc/net/wget/patches/patch-ac
cvs rdiff -u -r0 -r1.9 pkgsrc/net/wget/patches/patch-ab
cvs rdiff -u -r0 -r1.10 pkgsrc/net/wget/patches/patch-ad
cvs rdiff -u -r0 -r1.8 pkgsrc/net/wget/patches/patch-ae
cvs rdiff -u -r0 -r1.6 pkgsrc/net/wget/patches/patch-af
security fixes
Revisions pulled up:
- pkgsrc/net/wget/Makefile 1.102
- pkgsrc/net/wget/distinfo 1.36
Files added:
pkgsrc/net/wget/patches/patch-aa
pkgsrc/net/wget/patches/patch-ab
pkgsrc/net/wget/patches/patch-ac
pkgsrc/net/wget/patches/patch-ad
pkgsrc/net/wget/patches/patch-ae
pkgsrc/net/wget/patches/patch-af
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Nov 23 08:22:47 UTC 2010
Modified Files:
pkgsrc/net/wget: Makefile distinfo
Added Files:
pkgsrc/net/wget/patches: patch-aa patch-ab patch-ac patch-ad patch-ae
patch-af
Log Message:
Add Debian's "wget" 1.12 backport of the fix for CVE-2010-2252.
To generate a diff of this commit:
cvs rdiff -u -r1.101 -r1.102 pkgsrc/net/wget/Makefile
cvs rdiff -u -r1.35 -r1.36 pkgsrc/net/wget/distinfo
cvs rdiff -u -r0 -r1.11 pkgsrc/net/wget/patches/patch-aa \
pkgsrc/net/wget/patches/patch-ac
cvs rdiff -u -r0 -r1.9 pkgsrc/net/wget/patches/patch-ab
cvs rdiff -u -r0 -r1.10 pkgsrc/net/wget/patches/patch-ad
cvs rdiff -u -r0 -r1.8 pkgsrc/net/wget/patches/patch-ae
cvs rdiff -u -r0 -r1.6 pkgsrc/net/wget/patches/patch-af
pkgsrc-2010Q3 commitmail json YAML
Pullup ticket 3277 - requested by tron
security update
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.55
- pkgsrc/net/wireshark/distinfo 1.37
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sun Nov 21 22:54:55 UTC 2010
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update "wireshark" package to version 1.4.2. Changes since version 1.4.1:
- The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.
- Nephi Johnson of BreakingPoint discovered that the LDSS
dissector could overflow a buffer. (Bug 5318)
Versions affected: 1.2.0 to 1.2.12 and 1.4.0 to 1.4.1.
- The ZigBee ZCL dissector could go into an infinite loop. (Bug 5303)
Versions affected: 1.4.0 to 1.4.1.
- The following bugs have been fixed:
- File-Open Display Filter is overwritten by Save-As Filename. (Bug 3894)
- Wireshark crashes with "Gtk-ERROR **: Byte index 6 is off the
end of the line" if click on last PDU. (Bug 5285)
- GTK-ERROR can occur in packets when there are multiple
Netbios/SMB headers in a single frame. (Bug 5289)
- "Tshark -G values" crashes on Windows. (Bug 5296)
- PROFINET I&M0FilterData packet not fully decoded. (Bug 5299)
- PROFINET MRP linkup/linkdown decoding incorrect. (Bug 5300)
- [lua] Dumper:close() will cause a segfault due later GC of the
Dumper. (Bug 5320)
- Network Instruments' trace files sometimes cannot be read with
an error message of "Observer: bad record: Invalid magic
number". (Bug 5330)
- IO Graph Time of Day times incorrect for filtered data. (Bug
5340)
- Wireshark tools do not detect and read some ERF files
correctly. (Bug 5344)
- "editcap -h" sends some lines to stderr and others to stdout.
(Bug 5353)
- IP Timestamp Option: "flag=3D3" variant (prespecified) not
displayed correctly. (Bug 5357)
- AgentX PDU Header 'hex field highlighting' incorrectly spans
extra bytes. (Bug 5364)
- AgentX dissector cannot handle null OID in Open-PDU. (Bug
5368)
- Crash with "Gtk-ERROR **: Byte index 6 is off the end of the
line". (Bug 5374)
- ANCP Portmanagment TLV wrong decoded. (Bug 5388)
- Crash during startup because of Python SyntaxError in
wspy_libws.py. (Bug 5389)
- Updated Protocol Support
AgentX, ANCP, DIAMETER, HTTP, IP, LDSS, MIME, NBNS, PROFINET, SIP,
TCP, Telnet, ZigBee
- New and Updated Capture File Support
Endace ERF, Network Instruments Observer.
To generate a diff of this commit:
cvs rdiff -u -r1.54 -r1.55 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.36 -r1.37 pkgsrc/net/wireshark/distinfo
security update
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.55
- pkgsrc/net/wireshark/distinfo 1.37
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sun Nov 21 22:54:55 UTC 2010
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update "wireshark" package to version 1.4.2. Changes since version 1.4.1:
- The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.
- Nephi Johnson of BreakingPoint discovered that the LDSS
dissector could overflow a buffer. (Bug 5318)
Versions affected: 1.2.0 to 1.2.12 and 1.4.0 to 1.4.1.
- The ZigBee ZCL dissector could go into an infinite loop. (Bug 5303)
Versions affected: 1.4.0 to 1.4.1.
- The following bugs have been fixed:
- File-Open Display Filter is overwritten by Save-As Filename. (Bug 3894)
- Wireshark crashes with "Gtk-ERROR **: Byte index 6 is off the
end of the line" if click on last PDU. (Bug 5285)
- GTK-ERROR can occur in packets when there are multiple
Netbios/SMB headers in a single frame. (Bug 5289)
- "Tshark -G values" crashes on Windows. (Bug 5296)
- PROFINET I&M0FilterData packet not fully decoded. (Bug 5299)
- PROFINET MRP linkup/linkdown decoding incorrect. (Bug 5300)
- [lua] Dumper:close() will cause a segfault due later GC of the
Dumper. (Bug 5320)
- Network Instruments' trace files sometimes cannot be read with
an error message of "Observer: bad record: Invalid magic
number". (Bug 5330)
- IO Graph Time of Day times incorrect for filtered data. (Bug
5340)
- Wireshark tools do not detect and read some ERF files
correctly. (Bug 5344)
- "editcap -h" sends some lines to stderr and others to stdout.
(Bug 5353)
- IP Timestamp Option: "flag=3D3" variant (prespecified) not
displayed correctly. (Bug 5357)
- AgentX PDU Header 'hex field highlighting' incorrectly spans
extra bytes. (Bug 5364)
- AgentX dissector cannot handle null OID in Open-PDU. (Bug
5368)
- Crash with "Gtk-ERROR **: Byte index 6 is off the end of the
line". (Bug 5374)
- ANCP Portmanagment TLV wrong decoded. (Bug 5388)
- Crash during startup because of Python SyntaxError in
wspy_libws.py. (Bug 5389)
- Updated Protocol Support
AgentX, ANCP, DIAMETER, HTTP, IP, LDSS, MIME, NBNS, PROFINET, SIP,
TCP, Telnet, ZigBee
- New and Updated Capture File Support
Endace ERF, Network Instruments Observer.
To generate a diff of this commit:
cvs rdiff -u -r1.54 -r1.55 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.36 -r1.37 pkgsrc/net/wireshark/distinfo
MAIN commitmail json YAML
pkgsrc/mail/majordomo/Makefile@1.40
/
diff
pkgsrc/mail/majordomo/distinfo@1.12 / diff
pkgsrc/mail/majordomo/patches/patch-ae@1.4 / diff
pkgsrc/mail/majordomo/distinfo@1.12 / diff
pkgsrc/mail/majordomo/patches/patch-ae@1.4 / diff
more fixes for digest
pkgsrc-2010Q3 commitmail json YAML
pullups 3267, 3268, 3269
pkgsrc-2010Q3 commitmail json YAML
Pullup ticket 3267 - requested by wiz
security fix
Revisions pulled up:
- pkgsrc/finance/gnucash/Makefile 1.145
- pkgsrc/finance/gnucash/PLIST 1.38
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Sun Nov 7 23:27:53 UTC 2010
Modified Files:
pkgsrc/finance/gnucash: Makefile PLIST
Log Message:
Do not install gnc-test-env. This file got CVE-2010-3999 attached to it
and it's not needed except for testing. Bump PKGREVISION.
While here, include desktopdb.mk.
To generate a diff of this commit:
cvs rdiff -u -r1.144 -r1.145 pkgsrc/finance/gnucash/Makefile
cvs rdiff -u -r1.37 -r1.38 pkgsrc/finance/gnucash/PLIST
security fix
Revisions pulled up:
- pkgsrc/finance/gnucash/Makefile 1.145
- pkgsrc/finance/gnucash/PLIST 1.38
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Sun Nov 7 23:27:53 UTC 2010
Modified Files:
pkgsrc/finance/gnucash: Makefile PLIST
Log Message:
Do not install gnc-test-env. This file got CVE-2010-3999 attached to it
and it's not needed except for testing. Bump PKGREVISION.
While here, include desktopdb.mk.
To generate a diff of this commit:
cvs rdiff -u -r1.144 -r1.145 pkgsrc/finance/gnucash/Makefile
cvs rdiff -u -r1.37 -r1.38 pkgsrc/finance/gnucash/PLIST
pkgsrc-2010Q3 commitmail json YAML
pkgsrc/net/proftpd/Makefile@1.58.6.1
/
diff
pkgsrc/net/proftpd/PLIST@1.21.6.1 / diff
pkgsrc/net/proftpd/distinfo@1.33.6.1 / diff
pkgsrc/net/proftpd/options.mk@1.8.16.1 / diff
pkgsrc/net/proftpd/patches/patch-aa@1.12.6.1 / diff
pkgsrc/net/proftpd/patches/patch-ab@1.11.6.1 / diff
pkgsrc/net/proftpd/patches/patch-ac@1.12.6.1 / diff
pkgsrc/net/proftpd/patches/patch-ae deleted
pkgsrc/net/proftpd/PLIST@1.21.6.1 / diff
pkgsrc/net/proftpd/distinfo@1.33.6.1 / diff
pkgsrc/net/proftpd/options.mk@1.8.16.1 / diff
pkgsrc/net/proftpd/patches/patch-aa@1.12.6.1 / diff
pkgsrc/net/proftpd/patches/patch-ab@1.11.6.1 / diff
pkgsrc/net/proftpd/patches/patch-ac@1.12.6.1 / diff
pkgsrc/net/proftpd/patches/patch-ae deleted
Pullup ticket 3269 - requested by obache
security update
Revisions pulled up:
- pkgsrc/net/proftpd/Makefile 1.59
- pkgsrc/net/proftpd/PLIST 1.22
- pkgsrc/net/proftpd/distinfo 1.34
- pkgsrc/net/proftpd/options.mk 1.9
- pkgsrc/net/proftpd/patches/patch-aa 1.13
- pkgsrc/net/proftpd/patches/patch-ac 1.13
- pkgsrc/net/proftpd/patches/patch-ab 1.12
Files deleted:
pkgsrc/net/proftpd/patches/patch-ae
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: obache
Date: Sun Nov 7 12:21:10 UTC 2010
Modified Files:
pkgsrc/net/proftpd: Makefile PLIST distinfo options.mk
pkgsrc/net/proftpd/patches: patch-aa patch-ab patch-ac
Removed Files:
pkgsrc/net/proftpd/patches: patch-ae
Log Message:
Update proftpd to 1.3.3c.
pksrc changes:
* Instead of patch&subst to change layout of statedir, pass it to configure
instead (and subst for manpages are fixed).
* Convert custom mod_wrap library modification to SUBST.
* Need to buildlink with security/tcp_wappers for mod_wrap.
NEWS:
1.3.3c - Released 29-Oct-2010
--------------------------------
- Bug 3511 - SQLAuthType Backend not properly rejected by mod_sql_sqlite.
- Bug 3513 - EPERM error logged unnecessarily for SFTP logins on Linux.
- Bug 3517 - mod_quotatab decrements file tally improperly for failed DELE
commands.
- Bug 3518 - Support SiteMiscEngine directive, for disabling mod_site_misc
functionality via proftpd.conf.
- Bug 3519 - Inappropriate directory traversal allowed by mod_site_misc.
- Bug 3521 - Telnet IAC processing stack overflow.
1.3.3b - Released 09-Sep-2010
--------------------------------
- Bug 3481 - Problem with SFTP directory listings.
- Bug 3483 - NULL pointer dereference handling SITE command in mod_quotatab.
- Bug 3485 - Disabling IPv6 via -4 or --ipv4 command-line options does not work.
- Bug 3487 - Null pointer dereference with EPRT/EPSV/PASV/PORT command during
data transfer.
- Bug 3482 - ProFTPD corrupts utmpx log files on FreeBSD 9.0/HEAD.
- Bug 3491 - Directory pattern not matching as expected.
- Bug 3492 - Null pointer dereference during data transfer due to RNFR/RNTO.
- Bug 3494 - Null pointer dereference for IPv6-enabled proftpd when no
DefaultServer configured.
- Bug 3501 - <Anonymous> logins with "AuthAliasOnly on" still handled as
anonymous logins.
1.3.3a - Released 01-Jul-2010
--------------------------------
- Bug 3400 - Add Japanese translation.
- Bug 3401 - mod_sftp does not compile with pre-0.9.7 OpenSSL.
- Bug 3402 - mod_tls does not compile with pre-0.9.7 OpenSSL due to Bug#3349.
- Bug 3403 - File upload followed by MLSD leads to wrong file size entries in
TransferLog.
- Bug 3405 - Multiple SFTPAuthorizedUserKeys stores causes segfault on 64-bit
platforms.
- Bug 3354 - Renaming a file across mount points to a full disk does not fail
as expected.
- Bug 3408 - Use <termios.h> instead of <sys/termios.h> where possible.
- Bug 3412 - Include files not included after restart due to permissions.
- Bug 3409 - Build failure on newer FreeBSD due to utmp/utmpx system changes.
- Bug 3417 - Unsafe use of pointer when scanning config for ScoreboardFile.
- Bug 3418 - %U sometimes showing up as "(none)" in ExtendedLog.
- Bug 3421 - RewriteHome does not work properly for SFTP connections.
- Bug 3419 - SSL_shutdown() errors with openssl-0.9.8m.
- Bug 3423 - Last line of multiline DisplayLogin file improperly handled.
- Bug 3426 - mod_sftp does not log to TransferLog by default.
- Bug 3425 - Improperly constructed destination paths for SCP uploads.
- Bug 3427 - mod_sftp does not handle recursive SCP uploads properly.
- Bug 3432 - ExecBeforeCommand does not interpolate the %F/%f variables
properly.
- Bug 3434 - TraceLog contains messages even with "Trace DEFAULT:0" configured.
- Bug 3435 - Encoding/decoding conversion can cause CPU spike.
- Bug 3436 - Support build-time option to disable use of nonblocking open of
log files. Use --disable-nonblocking-log-open to get the pre-1.3.3 behavior
of opening log files.
- Bug 3437 - UseImplicitSSL TLSOption causes PBSZ/PROT commands to fail.
- Bug 3439 - Encoding fails if an NLS-enabled proftpd starts in a UTF8 locale.
- Bug 3446 - .ftpaccess ignored in some cases.
- Bug 3447 - mod_sftp can become confused during large recursive SCP uploads.
- Bug 3448 - Ensure that STAT/LSTAT/FSTAT SFTP requests do not use cached/stale
data.
- Bug 3449 - mod_sftp does not properly handle the O_TRUNC flag in a SFTP OPEN
request.
- Bug 3450 - mod_sftp does not properly handle the O_APPEND flag in a SFTP OPEN
request.
- Bug 3451 - WinSCP can't upload files using protocol version 5 with mod_sftp.
- Bug 3452 - mod_sftp does not advertise its supported SFTP extensions for
protocol version 5.
- Bug 3454 - msgfmt(1) options used for generating NLS files are not compatible
with Solaris' msgfmt.
- Bug 3456 - Problem attempting to recursively download a directory via SCP.
- Bug 3458 - mod_sftp incorrectly performs OpenSSL cleanup.
- Bug 3459 - mod_radius segfaults during incorrect login due to stale data.
- Bug 3460 - REALPATH SFTP request can cause improperly cached directory
configuration.
- Bug 3462 - ftpasswd script's --delete-user option does not work.
- Bug 3463 - ftpasswd script's --delete-group option does not work.
- Bug 3465 - SIGSEGV at LIST after CCC.
- Bug 3470 - Deferred resolution <Directory> paths not handled properly by
mod_sftp.
- Bug 3469 - ExtendedLog's %f variable not properly expanded for DELE if path
begins with tilde ('~').
- Bug 3467 - mod_ifsession does not merge <Directory> blocks properly.
- Bug 3471 - Null values in allow/deny rules causes mod_wrap2 to segfault.
- Bug 3472 - mod_sftp publickey authentication fails for large keys.
- Bug 3424 - Bad LDAP lookup can cause mod_ldap segfault under some conditions.
- Bug 3476 - LIST/NLST of path starting with "-" fails.
- Bug 3475 - Add new 'noGetgrouplist' AuthUnixOption to work around buggy
libc code.
- Bug 3474 - Using SQLite database and SQLLog directive can lead to problems
under load.
To generate a diff of this commit:
cvs rdiff -u -r1.58 -r1.59 pkgsrc/net/proftpd/Makefile
cvs rdiff -u -r1.21 -r1.22 pkgsrc/net/proftpd/PLIST
cvs rdiff -u -r1.33 -r1.34 pkgsrc/net/proftpd/distinfo
cvs rdiff -u -r1.8 -r1.9 pkgsrc/net/proftpd/options.mk
cvs rdiff -u -r1.12 -r1.13 pkgsrc/net/proftpd/patches/patch-aa \
pkgsrc/net/proftpd/patches/patch-ac
cvs rdiff -u -r1.11 -r1.12 pkgsrc/net/proftpd/patches/patch-ab
cvs rdiff -u -r1.7 -r0 pkgsrc/net/proftpd/patches/patch-ae
security update
Revisions pulled up:
- pkgsrc/net/proftpd/Makefile 1.59
- pkgsrc/net/proftpd/PLIST 1.22
- pkgsrc/net/proftpd/distinfo 1.34
- pkgsrc/net/proftpd/options.mk 1.9
- pkgsrc/net/proftpd/patches/patch-aa 1.13
- pkgsrc/net/proftpd/patches/patch-ac 1.13
- pkgsrc/net/proftpd/patches/patch-ab 1.12
Files deleted:
pkgsrc/net/proftpd/patches/patch-ae
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: obache
Date: Sun Nov 7 12:21:10 UTC 2010
Modified Files:
pkgsrc/net/proftpd: Makefile PLIST distinfo options.mk
pkgsrc/net/proftpd/patches: patch-aa patch-ab patch-ac
Removed Files:
pkgsrc/net/proftpd/patches: patch-ae
Log Message:
Update proftpd to 1.3.3c.
pksrc changes:
* Instead of patch&subst to change layout of statedir, pass it to configure
instead (and subst for manpages are fixed).
* Convert custom mod_wrap library modification to SUBST.
* Need to buildlink with security/tcp_wappers for mod_wrap.
NEWS:
1.3.3c - Released 29-Oct-2010
--------------------------------
- Bug 3511 - SQLAuthType Backend not properly rejected by mod_sql_sqlite.
- Bug 3513 - EPERM error logged unnecessarily for SFTP logins on Linux.
- Bug 3517 - mod_quotatab decrements file tally improperly for failed DELE
commands.
- Bug 3518 - Support SiteMiscEngine directive, for disabling mod_site_misc
functionality via proftpd.conf.
- Bug 3519 - Inappropriate directory traversal allowed by mod_site_misc.
- Bug 3521 - Telnet IAC processing stack overflow.
1.3.3b - Released 09-Sep-2010
--------------------------------
- Bug 3481 - Problem with SFTP directory listings.
- Bug 3483 - NULL pointer dereference handling SITE command in mod_quotatab.
- Bug 3485 - Disabling IPv6 via -4 or --ipv4 command-line options does not work.
- Bug 3487 - Null pointer dereference with EPRT/EPSV/PASV/PORT command during
data transfer.
- Bug 3482 - ProFTPD corrupts utmpx log files on FreeBSD 9.0/HEAD.
- Bug 3491 - Directory pattern not matching as expected.
- Bug 3492 - Null pointer dereference during data transfer due to RNFR/RNTO.
- Bug 3494 - Null pointer dereference for IPv6-enabled proftpd when no
DefaultServer configured.
- Bug 3501 - <Anonymous> logins with "AuthAliasOnly on" still handled as
anonymous logins.
1.3.3a - Released 01-Jul-2010
--------------------------------
- Bug 3400 - Add Japanese translation.
- Bug 3401 - mod_sftp does not compile with pre-0.9.7 OpenSSL.
- Bug 3402 - mod_tls does not compile with pre-0.9.7 OpenSSL due to Bug#3349.
- Bug 3403 - File upload followed by MLSD leads to wrong file size entries in
TransferLog.
- Bug 3405 - Multiple SFTPAuthorizedUserKeys stores causes segfault on 64-bit
platforms.
- Bug 3354 - Renaming a file across mount points to a full disk does not fail
as expected.
- Bug 3408 - Use <termios.h> instead of <sys/termios.h> where possible.
- Bug 3412 - Include files not included after restart due to permissions.
- Bug 3409 - Build failure on newer FreeBSD due to utmp/utmpx system changes.
- Bug 3417 - Unsafe use of pointer when scanning config for ScoreboardFile.
- Bug 3418 - %U sometimes showing up as "(none)" in ExtendedLog.
- Bug 3421 - RewriteHome does not work properly for SFTP connections.
- Bug 3419 - SSL_shutdown() errors with openssl-0.9.8m.
- Bug 3423 - Last line of multiline DisplayLogin file improperly handled.
- Bug 3426 - mod_sftp does not log to TransferLog by default.
- Bug 3425 - Improperly constructed destination paths for SCP uploads.
- Bug 3427 - mod_sftp does not handle recursive SCP uploads properly.
- Bug 3432 - ExecBeforeCommand does not interpolate the %F/%f variables
properly.
- Bug 3434 - TraceLog contains messages even with "Trace DEFAULT:0" configured.
- Bug 3435 - Encoding/decoding conversion can cause CPU spike.
- Bug 3436 - Support build-time option to disable use of nonblocking open of
log files. Use --disable-nonblocking-log-open to get the pre-1.3.3 behavior
of opening log files.
- Bug 3437 - UseImplicitSSL TLSOption causes PBSZ/PROT commands to fail.
- Bug 3439 - Encoding fails if an NLS-enabled proftpd starts in a UTF8 locale.
- Bug 3446 - .ftpaccess ignored in some cases.
- Bug 3447 - mod_sftp can become confused during large recursive SCP uploads.
- Bug 3448 - Ensure that STAT/LSTAT/FSTAT SFTP requests do not use cached/stale
data.
- Bug 3449 - mod_sftp does not properly handle the O_TRUNC flag in a SFTP OPEN
request.
- Bug 3450 - mod_sftp does not properly handle the O_APPEND flag in a SFTP OPEN
request.
- Bug 3451 - WinSCP can't upload files using protocol version 5 with mod_sftp.
- Bug 3452 - mod_sftp does not advertise its supported SFTP extensions for
protocol version 5.
- Bug 3454 - msgfmt(1) options used for generating NLS files are not compatible
with Solaris' msgfmt.
- Bug 3456 - Problem attempting to recursively download a directory via SCP.
- Bug 3458 - mod_sftp incorrectly performs OpenSSL cleanup.
- Bug 3459 - mod_radius segfaults during incorrect login due to stale data.
- Bug 3460 - REALPATH SFTP request can cause improperly cached directory
configuration.
- Bug 3462 - ftpasswd script's --delete-user option does not work.
- Bug 3463 - ftpasswd script's --delete-group option does not work.
- Bug 3465 - SIGSEGV at LIST after CCC.
- Bug 3470 - Deferred resolution <Directory> paths not handled properly by
mod_sftp.
- Bug 3469 - ExtendedLog's %f variable not properly expanded for DELE if path
begins with tilde ('~').
- Bug 3467 - mod_ifsession does not merge <Directory> blocks properly.
- Bug 3471 - Null values in allow/deny rules causes mod_wrap2 to segfault.
- Bug 3472 - mod_sftp publickey authentication fails for large keys.
- Bug 3424 - Bad LDAP lookup can cause mod_ldap segfault under some conditions.
- Bug 3476 - LIST/NLST of path starting with "-" fails.
- Bug 3475 - Add new 'noGetgrouplist' AuthUnixOption to work around buggy
libc code.
- Bug 3474 - Using SQLite database and SQLLog directive can lead to problems
under load.
To generate a diff of this commit:
cvs rdiff -u -r1.58 -r1.59 pkgsrc/net/proftpd/Makefile
cvs rdiff -u -r1.21 -r1.22 pkgsrc/net/proftpd/PLIST
cvs rdiff -u -r1.33 -r1.34 pkgsrc/net/proftpd/distinfo
cvs rdiff -u -r1.8 -r1.9 pkgsrc/net/proftpd/options.mk
cvs rdiff -u -r1.12 -r1.13 pkgsrc/net/proftpd/patches/patch-aa \
pkgsrc/net/proftpd/patches/patch-ac
cvs rdiff -u -r1.11 -r1.12 pkgsrc/net/proftpd/patches/patch-ab
cvs rdiff -u -r1.7 -r0 pkgsrc/net/proftpd/patches/patch-ae
pkgsrc-2010Q3 commitmail json YAML
pkgsrc/databases/mysql51-client/Makefile.common@1.12.2.1
/
diff
pkgsrc/databases/mysql51-client/distinfo@1.9.2.1 / diff
pkgsrc/databases/mysql51-server/PLIST@1.9.2.1 / diff
pkgsrc/databases/mysql51-server/distinfo@1.11.2.1 / diff
pkgsrc/databases/mysql51-client/distinfo@1.9.2.1 / diff
pkgsrc/databases/mysql51-server/PLIST@1.9.2.1 / diff
pkgsrc/databases/mysql51-server/distinfo@1.11.2.1 / diff
Pullup ticket 3268 - requested by taca
security update
Revisions pulled up:
- pkgsrc/databases/mysql51-client/Makefile.common 1.13
- pkgsrc/databases/mysql51-client/distinfo 1.10
- pkgsrc/databases/mysql51-server/PLIST 1.10
- pkgsrc/databases/mysql51-server/distinfo 1.12
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 4 15:57:07 UTC 2010
Modified Files:
pkgsrc/databases/mysql51-client: Makefile.common distinfo
pkgsrc/databases/mysql51-server: PLIST distinfo
Log Message:
Update mysql51-{client,server} package from 5.1.51 to 5.1.52.
This is maintainous release and pleare refer in detail:
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html
One note from the changes:
* Security Fix: In prepared-statement mode, EXPLAIN for a SELECT from
a derived table caused a server crash. (Bug#54488)
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 pkgsrc/databases/mysql51-client/Makefile.common
cvs rdiff -u -r1.9 -r1.10 pkgsrc/databases/mysql51-client/distinfo
cvs rdiff -u -r1.9 -r1.10 pkgsrc/databases/mysql51-server/PLIST
cvs rdiff -u -r1.11 -r1.12 pkgsrc/databases/mysql51-server/distinfo
security update
Revisions pulled up:
- pkgsrc/databases/mysql51-client/Makefile.common 1.13
- pkgsrc/databases/mysql51-client/distinfo 1.10
- pkgsrc/databases/mysql51-server/PLIST 1.10
- pkgsrc/databases/mysql51-server/distinfo 1.12
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 4 15:57:07 UTC 2010
Modified Files:
pkgsrc/databases/mysql51-client: Makefile.common distinfo
pkgsrc/databases/mysql51-server: PLIST distinfo
Log Message:
Update mysql51-{client,server} package from 5.1.51 to 5.1.52.
This is maintainous release and pleare refer in detail:
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html
One note from the changes:
* Security Fix: In prepared-statement mode, EXPLAIN for a SELECT from
a derived table caused a server crash. (Bug#54488)
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 pkgsrc/databases/mysql51-client/Makefile.common
cvs rdiff -u -r1.9 -r1.10 pkgsrc/databases/mysql51-client/distinfo
cvs rdiff -u -r1.9 -r1.10 pkgsrc/databases/mysql51-server/PLIST
cvs rdiff -u -r1.11 -r1.12 pkgsrc/databases/mysql51-server/distinfo
MAIN commitmail json YAML
pkgsrc/mail/majordomo/Makefile@1.39
/
diff
pkgsrc/mail/majordomo/distinfo@1.11 / diff
pkgsrc/mail/majordomo/patches/patch-ai@1.2 / diff
pkgsrc/mail/majordomo/distinfo@1.11 / diff
pkgsrc/mail/majordomo/patches/patch-ai@1.2 / diff
add List-Id:, Mail-Reply-To: and Mail-Followup-To: headers
fix copying of majordomo.cf
bump pkgrev
fix copying of majordomo.cf
bump pkgrev
MAIN commitmail json YAML
pkgsrc/mail/majordomo/Makefile@1.38
/
diff
pkgsrc/mail/majordomo/distinfo@1.10 / diff
pkgsrc/mail/majordomo/patches/patch-ae@1.3 / diff
pkgsrc/mail/majordomo/distinfo@1.10 / diff
pkgsrc/mail/majordomo/patches/patch-ae@1.3 / diff
fix error in digest I introduced
MAIN commitmail json YAML
note updates of apache-tomcat6 and rt3
MAIN commitmail json YAML
pkgsrc/www/apache-tomcat6/Makefile@1.7
/
diff
pkgsrc/www/apache-tomcat6/PLIST@1.4 / diff
pkgsrc/www/apache-tomcat6/distinfo@1.4 / diff
pkgsrc/www/apache-tomcat6/PLIST@1.4 / diff
pkgsrc/www/apache-tomcat6/distinfo@1.4 / diff
Update of apache-tomcat to version 6.0.29
(and a little Makefile cosmetics)
fixes two of the currently known security issues
Upstream changelog:
Tomcat 6.0.29 (jfclere) released 2010-07-22
Catalina
add 48960: Add a new option to the SSI Servlet and SSI Filter to
allow the disabling of the exec command. This is now disabled
by default. Based on a patch by Yair Lenga. (markt)
fix 49551: Allow default context.xml location to be specified using
an absolute path. (markt)
fix 49598: When session is changed and the session cookie is
replaced, ensure that the new Set-Cookie header overwrites the
old Set-Cookie header. (markt)
fix Fix order when listing Webapp loader search URLs. (rjung)
add Add support for *.jar pattern in VirtualWebappLoader. (kkolinko)
Tomcat 6.0.28 (jfclere) released 2010-07-09
Catalina
fix Arrange filter logic. (jfclere)
fix 49230: Enhance JRE leak prevention listener with protection for
the keep-alive thread started by sun.net.www.http.HttpClient.
Patch provided by Rob Kooper. (markt)
fix 49351: Fix possible NPe when embedding and no name is specified
for the Service. (markt)
fix 49424: Avoid NPE if client provides no data with a chunked
POST request. (markt)
fix 49414: Differentiate between request threads and application
created threads when warning about still running threads when
an application stops. (markt)
fix 49443: Use remoteIpHeader rather than remoteIPHeader
consistently. (markt)
add Add property searchExternalFirst to WebappLoader. If set,
the external repositories will be searched before the WEB-INF
ones. (rjung)
Cluster
fix 49445: When session ID is changed after authentication, ensure
the DeltaManager replicates the change in ID to the other nodes
in the cluster. (kfujino)
Webapps
fix 49213: Grant permissions required by manager application when
running under a security manager. (markt/kkolinko)
fix 49436: Correct documented default for readonly attribute of
the UserDatabase component. (markt)
Tomcat 6.0.27 (jfclere) not released
General
update Update DBCP to 1.3. (markt)
Catalina
fix Fix CVE-2010-1157. Prevent possible disclosure of host name
or IP address via the HTTP WWW-Authenticate header when using
BASIC or DIGEST authentication. (markt)
add Include context name when reporting memory leaks to aid root
cause identification. (markt)
fix Improve exception handling on session de-serialization to
assist in identifying the root cause of 48007. (kkolinko)
add 48379: Make session cookie name, domain and path configurable
per context. (markt)
fix 48589: Make JNDIRealm easier to extend. Based on a patch by
Candid Dauth. (markt/kkolinko)
fix 48629: Allow user names as well as DNs to be used with the
nested role search. Add roleNested to the documentation.
Patch provided by Felix Schumacher. (markt)
fix 48661: Make error page behavior consistent, regardless of how
the error page is defined. If a response has been committed,
always include the error page. (markt)
fix 48729: Return roles defined by both userRoleName and roleName
mechanisms. Patch provided by 'eric'. Also make user's role
list immutable.(markt)
fix 48760: Fix potential multi-threading issue in static resource
serving where multiple threads could try to use the the same
InputStream. (markt)
fix 48790: Fix thread safety issue in the count of the maximum
number of active session. (markt/kkolinko)
fix 48793: Make catalina.sh more robust to different return values
on different platforms. Patch provided by Thomas GL. (markt)
fix 48840: Swallow output (if any) from use of cd when determining
$CATALINA_HOME in catalina.sh and tool-wrapper.sh scripts.
Based on patch provided by mdietze. (markt/kkolinko)
fix 48895: Make clearing of ThreadLocals that are causing memory
leaks on web application stop, reload or undeploy configurable
since the process of clearing them is not thread-safe. (markt)
fix 48903: Fix deadlock in webapp class loader. (rjung)
fix 48971: Make stopping of leaking Timer threads optional and
disabled by default. (markt)
fix 48976: Document JAVA_ENDORSED_DIRS in start-up scripts.
Patch provided by Laurent Vaills. (markt)
fix 48983: Improve debug logging for situations when RemoteIpValve
is bypassed. Patch provided by Cyrille Le Clerc. (markt)
fix 49018: Fix processing of time argument in the Expire sessions
action in the Manager web application. (kkolinko)
fix 49116: If session is already invalid, expire session to prevent
memory leak. (kfujino)
fix 49158: Ensure only one session cookie is returned for a single
request. (markt/fhanik)
fix 49245: Fix session expiration check in cross-context requests.
(markt)
fix 49398: ByteChunk.indexOf(String, int, int, int) could not find
a string of length 1. (kkolinko)
fix Fix possible overflows when calculating session statistics.
(kkolinko)
add Log unexpected exceptions when providing access to web
application resources in ApplicationContext. (kkolinko)
fix Improve exception handling in CatalinaShutdownHook. (kkolinko)
add Expose properties of VirtualWebappLoader and WebappClassLoader
via JMX. (rjung)
Coyote
fix 48839: Correctly handle HTTP header folding in the NIO connector.
Patch suggested by Richa Baronia. (markt)
fix 48843: Prevent possible deadlock for worker allocation in
connectors. (kkolinko)
fix 48843: Fix handling of add queues in AprEndpoint.Poller and
AprEndpoint.Sendfile. Do not miss wakeups. (kkolinko)
add 48862: Add support for the backlog parameter to the AJP
connector. (pero/markt)
fix 48917: Correct name of mod_jk module in ApacheConfig.
Patch provided by Todd Hicks. (markt)
fix 49095: AprEndpoint did not wakeup acceptors during shutdown
when deferAccept option was enabled. Based on a patch provided
by Ruediger Pluem. (kkolinko)
add Use chunked encoding for http 1.1 requests with no
content-length (regardless of keep-alive) so client can
differentiate between complete and partial responses. (markt)
fix Correct the SSL session timeout attribute name so the code
agrees with the documentation. (markt)
add CoyotePrincipal now implements Serializable. (fhanik)
fix Enable the BIO AJP connector to run under a security manager.
(markt)
Jasper
fix 45015: Correct a regression in quote handling caused by the
re-factoring of attribute parsing. (markt)
fix 48701: Add a system property to allow disabling enforcement
of JSP.5.3. The specification recommends, but does not require,
this enforcement. (kkolinko)
fix 48737: Don't assume paths that start with /META-INF/... are
always in JARs. This is not true for some IDEs.
Patch provided by Fabrizio Giustina. (markt)
fix 49081: Correctly handle EL expressions of the form #${...}. (markt)
fix 49196: Avoid NullPointerException in PageContext.getErrorData()
if an error-handling JSP page is called directly. (markt)
Cluster
fix 48717: When a node joins a cluster and it receives all the
current sessions, ensure the sessionCreated event is fired
if the Manager is configured to replicate session events. (markt)
fix 48934: Previous fix to handle dropped connections incorrectly
permanently disabled session replication. (fhanik)
fix 49051: memberAlive is not called if member has not already
existed in membership. (kfujino)
fix 49151: Avoid ClassCastException in BackupManager#stop. (kfujino)
fix 49170: Do not send duplicated session. (kfujino)
fix Add missing messages and ensure cluster listeners log messages
to correct logger. (markt)
Webapps
add Use underscores instead of spaces in anchor names in Tomcat
documentation. (kkolinko)
add Add support for displaying the Spring Security user name
(if present) in the Manager application. (markt)
update Improve the ChatServlet Comet example (/examples/jsp/chat/).
(kkolinko)
Other
update Update to Commons Daemon 1.0.2. Use service launcher (procrun)
from the Commons Daemon release. Do not keep a copy of it in
our source tree. (mturk/kkolinko)
update Update to NSIS 2.46. (kkolinko)
fix 48990: Fix the skip.installer build property so if set, only
the Windows installer is skipped. (markt)
fix 49178: Provide in catalina.policy an example of additional
permissions that might be needed for code located in
$CATALINA_BASE/lib. (markt)
fix 49236: Do not use indexing when packing Tomcat JARs. (kkolinko)
fix Remove unused code from org.apache.tomcat.util.buf classes.
(kkolinko)
update Rearrange tomcat-juli.jar permissions and wrap long lines in
the conf/catalina.policy file, to make the text more readable
when cited in documentation. (kkolinko)
fix Do not evaluate the execute.installer property when building
a release. The skip.installer property is used instead. (kkolinko)
Tomcat 6.0.26 (jfclere) released 2010-03-11
Catalina
fix Close security hole in unreleased 6.0.25 by ensuring new find
leaks functionality is protected by a security constraint.
(kkolinko)
fix 48831: Improve logging shutdown behaviour. Use Catalina's
shutdown hook to shutdown JULI. This enables them to be shutdown
in the correct order. Do not shutdown global handlers several
times. (markt/kkolinko)
Coyote
fix 48584: Prevent the APR connector logging an error if the
acceptor fails during shutdown since this is expected. (mturk)
fix 48660: Using compression should not overwrite any Vary header
set by a web application. (markt)
Jasper
fix 48371: Ensure generated servlet mappings are inserted at the
correct location when using JspC and allow the option that
controls this to be configured on the command line.
Also allow the encoding of web.xml to be configured when using
JspC and deprecate some unused JspC methods. (markt/kkolinko)
fix 48498: Avoid ArrayIndexOutOfBoundsException triggered by a
Java 6/7 XML parser bug. (markt/kkolinko)
fix 48668: Additional fixes to ensure deferred syntax is handled
correctly. (kkolinko)
fix 48827: Correct a regression in the fix for 47977 that caused
an incorrect non-empty body error to be reported for valid
JSP documents. (markt)
Webapps
add Make changelog.xml be directly rendered as HTML by certain
browsers. (kkolinko)
add Add support for automated generation of TOC tables and for
links to svn revisions to tomcat-docs.xsl in documentation.
(kkolinko/fhanik)
add Move Manager application JSPs that are not intended to be
accessed directly under the WEB-INF directory. (kkolinko)
fix Improve the messages displayed by the find leaks diagnostic
in the Manager application. (kkolinko)
Other
fix Encode all property files using ascii escaped UTF-8. Also
fixes deployment problem when using French locale. (jfclere/rjung)
Tomcat 6.0.25 (jfclere) not released
Catalina
fix 48039: Return immediately if start() is called on an already
started StandardService. (markt)
fix 48109: Ensure InputStream is closed on error condition in web
application class loader. (markt)
fix 48179: Clean up dead code that was used to read tldCache file.
(kkolinko)
fix 48318: Handle case where WebDAV resource is in directory
listing but is not accessible. (markt)
add 48384: Add a per context xslt option for directory listings.
Make the fallback options work as described in the
documentation. (markt)
fix 48577: Filter URL when displaying missing included page. (markt)
fix 48612: Prevent exception on shutdown if the address attribute
is specified for a connector. (markt)
fix 48613: Further fixes to ensure APRLifecycleListener is only
used if defined in server.xml. (fhanik)
fix 48614: Correct JULI log file buffering so default behaviour
is no buffering. (fhanik)
fix 48625: Provide an option to exit if an error occurs during
the initialization phase. (fhanik)
fix 48645: Use specified encoding rather than null in calls to
RequestUtil.URLDecode(byte[] bytes, String enc) (markt)
fix 48653: Force request.secure and request.scheme to false and
http if the X-Forwarded-Proto header has the value http.
Patch provided by Cyrille Le Clerc. (markt)
fix 48678: Remove duplicate server field from
org.apache.catalina.startup.Catalina. (markt)
fix 48694: Remove potential deadlock in web application class
loader. (markt)
add 48716: Provide additional configuration options for JULI. (markt)
fix 48726: Prevent OOME when uploading large WAR files with the
deployer. Patch provided by adam. (markt)
add Improve memory leak protection by safely stopping threads
started via java.util.Timer that an application starts but
fails to stop and by clearing references retained due to the
use of java.util.ResourceBundle. (markt)
update Modify ThreadLocal memory leak detection to not report false
positives and to simplify implementation. (markt/kkolinko)
add Basic memory leak detection was added to the standard Host
implementation and exposed via JMX to detect memory leaks on
web application reload. (markt/kkolinko)
Coyote
update Update the native/APR library version bundled with Tomcat to
1.1.20. (kkolinko)
Jasper
add Add some debug logging to the compiler where exceptions were
previously swallowed. (markt)
fix 48170: Remove unnecessary synchronization that is causing
issues under load. (markt)
fix 48580: Prevent AccessControlException if first access is to
a JSP that uses a FunctionMapper. (markt)
fix 48582: Avoid NPE on background compilation failure. (markt)
fix 48616: Don't declare or synchronize scripting variables for
JSP fragments since they are scriptless. This is an alternative
fix for 42390 that avoids both the original problem and the
regression in the first fix. (kkolinko)
fix 48627: Fix regression in re-factored EL parsing. Keep literals
as literals and handle deferredSyntaxAllowedAsLiteral. (kkolinko)
fix 48668: When parsing JSPs only parse EL as EL if EL is enabled
else strings such as ${ will be silently dropped. (markt)
fix Various EL TCK failures. (markt)
Cluster
fix Force a disconnect if an error occurs during replication such
as a firewall dropping the connection. (fhanik)
Webapps
add Add new "Find leaks" command to the Manager application.
It allows to detect web applications that have caused memory
leaks on stop, reload or undeploy. (markt/kkolinko)
Other
fix Ensure files in conf directory have CRLF line endings when
using the Windows installer. (kkolinko)
fix Allow special characters recognized by the Windows command-line
shell to be present in the names of CATALINA_HOME/_BASE and
the current directory used to call the Tomcat scripts. (kkolinko)
fix Don't use @Deprecated annotations in javax.servlet.jsp.JspContext
since the specification does not include them in the API
definition. (markt)
add Improve the information in the JAR manifest files. (markt)
(and a little Makefile cosmetics)
fixes two of the currently known security issues
Upstream changelog:
Tomcat 6.0.29 (jfclere) released 2010-07-22
Catalina
add 48960: Add a new option to the SSI Servlet and SSI Filter to
allow the disabling of the exec command. This is now disabled
by default. Based on a patch by Yair Lenga. (markt)
fix 49551: Allow default context.xml location to be specified using
an absolute path. (markt)
fix 49598: When session is changed and the session cookie is
replaced, ensure that the new Set-Cookie header overwrites the
old Set-Cookie header. (markt)
fix Fix order when listing Webapp loader search URLs. (rjung)
add Add support for *.jar pattern in VirtualWebappLoader. (kkolinko)
Tomcat 6.0.28 (jfclere) released 2010-07-09
Catalina
fix Arrange filter logic. (jfclere)
fix 49230: Enhance JRE leak prevention listener with protection for
the keep-alive thread started by sun.net.www.http.HttpClient.
Patch provided by Rob Kooper. (markt)
fix 49351: Fix possible NPe when embedding and no name is specified
for the Service. (markt)
fix 49424: Avoid NPE if client provides no data with a chunked
POST request. (markt)
fix 49414: Differentiate between request threads and application
created threads when warning about still running threads when
an application stops. (markt)
fix 49443: Use remoteIpHeader rather than remoteIPHeader
consistently. (markt)
add Add property searchExternalFirst to WebappLoader. If set,
the external repositories will be searched before the WEB-INF
ones. (rjung)
Cluster
fix 49445: When session ID is changed after authentication, ensure
the DeltaManager replicates the change in ID to the other nodes
in the cluster. (kfujino)
Webapps
fix 49213: Grant permissions required by manager application when
running under a security manager. (markt/kkolinko)
fix 49436: Correct documented default for readonly attribute of
the UserDatabase component. (markt)
Tomcat 6.0.27 (jfclere) not released
General
update Update DBCP to 1.3. (markt)
Catalina
fix Fix CVE-2010-1157. Prevent possible disclosure of host name
or IP address via the HTTP WWW-Authenticate header when using
BASIC or DIGEST authentication. (markt)
add Include context name when reporting memory leaks to aid root
cause identification. (markt)
fix Improve exception handling on session de-serialization to
assist in identifying the root cause of 48007. (kkolinko)
add 48379: Make session cookie name, domain and path configurable
per context. (markt)
fix 48589: Make JNDIRealm easier to extend. Based on a patch by
Candid Dauth. (markt/kkolinko)
fix 48629: Allow user names as well as DNs to be used with the
nested role search. Add roleNested to the documentation.
Patch provided by Felix Schumacher. (markt)
fix 48661: Make error page behavior consistent, regardless of how
the error page is defined. If a response has been committed,
always include the error page. (markt)
fix 48729: Return roles defined by both userRoleName and roleName
mechanisms. Patch provided by 'eric'. Also make user's role
list immutable.(markt)
fix 48760: Fix potential multi-threading issue in static resource
serving where multiple threads could try to use the the same
InputStream. (markt)
fix 48790: Fix thread safety issue in the count of the maximum
number of active session. (markt/kkolinko)
fix 48793: Make catalina.sh more robust to different return values
on different platforms. Patch provided by Thomas GL. (markt)
fix 48840: Swallow output (if any) from use of cd when determining
$CATALINA_HOME in catalina.sh and tool-wrapper.sh scripts.
Based on patch provided by mdietze. (markt/kkolinko)
fix 48895: Make clearing of ThreadLocals that are causing memory
leaks on web application stop, reload or undeploy configurable
since the process of clearing them is not thread-safe. (markt)
fix 48903: Fix deadlock in webapp class loader. (rjung)
fix 48971: Make stopping of leaking Timer threads optional and
disabled by default. (markt)
fix 48976: Document JAVA_ENDORSED_DIRS in start-up scripts.
Patch provided by Laurent Vaills. (markt)
fix 48983: Improve debug logging for situations when RemoteIpValve
is bypassed. Patch provided by Cyrille Le Clerc. (markt)
fix 49018: Fix processing of time argument in the Expire sessions
action in the Manager web application. (kkolinko)
fix 49116: If session is already invalid, expire session to prevent
memory leak. (kfujino)
fix 49158: Ensure only one session cookie is returned for a single
request. (markt/fhanik)
fix 49245: Fix session expiration check in cross-context requests.
(markt)
fix 49398: ByteChunk.indexOf(String, int, int, int) could not find
a string of length 1. (kkolinko)
fix Fix possible overflows when calculating session statistics.
(kkolinko)
add Log unexpected exceptions when providing access to web
application resources in ApplicationContext. (kkolinko)
fix Improve exception handling in CatalinaShutdownHook. (kkolinko)
add Expose properties of VirtualWebappLoader and WebappClassLoader
via JMX. (rjung)
Coyote
fix 48839: Correctly handle HTTP header folding in the NIO connector.
Patch suggested by Richa Baronia. (markt)
fix 48843: Prevent possible deadlock for worker allocation in
connectors. (kkolinko)
fix 48843: Fix handling of add queues in AprEndpoint.Poller and
AprEndpoint.Sendfile. Do not miss wakeups. (kkolinko)
add 48862: Add support for the backlog parameter to the AJP
connector. (pero/markt)
fix 48917: Correct name of mod_jk module in ApacheConfig.
Patch provided by Todd Hicks. (markt)
fix 49095: AprEndpoint did not wakeup acceptors during shutdown
when deferAccept option was enabled. Based on a patch provided
by Ruediger Pluem. (kkolinko)
add Use chunked encoding for http 1.1 requests with no
content-length (regardless of keep-alive) so client can
differentiate between complete and partial responses. (markt)
fix Correct the SSL session timeout attribute name so the code
agrees with the documentation. (markt)
add CoyotePrincipal now implements Serializable. (fhanik)
fix Enable the BIO AJP connector to run under a security manager.
(markt)
Jasper
fix 45015: Correct a regression in quote handling caused by the
re-factoring of attribute parsing. (markt)
fix 48701: Add a system property to allow disabling enforcement
of JSP.5.3. The specification recommends, but does not require,
this enforcement. (kkolinko)
fix 48737: Don't assume paths that start with /META-INF/... are
always in JARs. This is not true for some IDEs.
Patch provided by Fabrizio Giustina. (markt)
fix 49081: Correctly handle EL expressions of the form #${...}. (markt)
fix 49196: Avoid NullPointerException in PageContext.getErrorData()
if an error-handling JSP page is called directly. (markt)
Cluster
fix 48717: When a node joins a cluster and it receives all the
current sessions, ensure the sessionCreated event is fired
if the Manager is configured to replicate session events. (markt)
fix 48934: Previous fix to handle dropped connections incorrectly
permanently disabled session replication. (fhanik)
fix 49051: memberAlive is not called if member has not already
existed in membership. (kfujino)
fix 49151: Avoid ClassCastException in BackupManager#stop. (kfujino)
fix 49170: Do not send duplicated session. (kfujino)
fix Add missing messages and ensure cluster listeners log messages
to correct logger. (markt)
Webapps
add Use underscores instead of spaces in anchor names in Tomcat
documentation. (kkolinko)
add Add support for displaying the Spring Security user name
(if present) in the Manager application. (markt)
update Improve the ChatServlet Comet example (/examples/jsp/chat/).
(kkolinko)
Other
update Update to Commons Daemon 1.0.2. Use service launcher (procrun)
from the Commons Daemon release. Do not keep a copy of it in
our source tree. (mturk/kkolinko)
update Update to NSIS 2.46. (kkolinko)
fix 48990: Fix the skip.installer build property so if set, only
the Windows installer is skipped. (markt)
fix 49178: Provide in catalina.policy an example of additional
permissions that might be needed for code located in
$CATALINA_BASE/lib. (markt)
fix 49236: Do not use indexing when packing Tomcat JARs. (kkolinko)
fix Remove unused code from org.apache.tomcat.util.buf classes.
(kkolinko)
update Rearrange tomcat-juli.jar permissions and wrap long lines in
the conf/catalina.policy file, to make the text more readable
when cited in documentation. (kkolinko)
fix Do not evaluate the execute.installer property when building
a release. The skip.installer property is used instead. (kkolinko)
Tomcat 6.0.26 (jfclere) released 2010-03-11
Catalina
fix Close security hole in unreleased 6.0.25 by ensuring new find
leaks functionality is protected by a security constraint.
(kkolinko)
fix 48831: Improve logging shutdown behaviour. Use Catalina's
shutdown hook to shutdown JULI. This enables them to be shutdown
in the correct order. Do not shutdown global handlers several
times. (markt/kkolinko)
Coyote
fix 48584: Prevent the APR connector logging an error if the
acceptor fails during shutdown since this is expected. (mturk)
fix 48660: Using compression should not overwrite any Vary header
set by a web application. (markt)
Jasper
fix 48371: Ensure generated servlet mappings are inserted at the
correct location when using JspC and allow the option that
controls this to be configured on the command line.
Also allow the encoding of web.xml to be configured when using
JspC and deprecate some unused JspC methods. (markt/kkolinko)
fix 48498: Avoid ArrayIndexOutOfBoundsException triggered by a
Java 6/7 XML parser bug. (markt/kkolinko)
fix 48668: Additional fixes to ensure deferred syntax is handled
correctly. (kkolinko)
fix 48827: Correct a regression in the fix for 47977 that caused
an incorrect non-empty body error to be reported for valid
JSP documents. (markt)
Webapps
add Make changelog.xml be directly rendered as HTML by certain
browsers. (kkolinko)
add Add support for automated generation of TOC tables and for
links to svn revisions to tomcat-docs.xsl in documentation.
(kkolinko/fhanik)
add Move Manager application JSPs that are not intended to be
accessed directly under the WEB-INF directory. (kkolinko)
fix Improve the messages displayed by the find leaks diagnostic
in the Manager application. (kkolinko)
Other
fix Encode all property files using ascii escaped UTF-8. Also
fixes deployment problem when using French locale. (jfclere/rjung)
Tomcat 6.0.25 (jfclere) not released
Catalina
fix 48039: Return immediately if start() is called on an already
started StandardService. (markt)
fix 48109: Ensure InputStream is closed on error condition in web
application class loader. (markt)
fix 48179: Clean up dead code that was used to read tldCache file.
(kkolinko)
fix 48318: Handle case where WebDAV resource is in directory
listing but is not accessible. (markt)
add 48384: Add a per context xslt option for directory listings.
Make the fallback options work as described in the
documentation. (markt)
fix 48577: Filter URL when displaying missing included page. (markt)
fix 48612: Prevent exception on shutdown if the address attribute
is specified for a connector. (markt)
fix 48613: Further fixes to ensure APRLifecycleListener is only
used if defined in server.xml. (fhanik)
fix 48614: Correct JULI log file buffering so default behaviour
is no buffering. (fhanik)
fix 48625: Provide an option to exit if an error occurs during
the initialization phase. (fhanik)
fix 48645: Use specified encoding rather than null in calls to
RequestUtil.URLDecode(byte[] bytes, String enc) (markt)
fix 48653: Force request.secure and request.scheme to false and
http if the X-Forwarded-Proto header has the value http.
Patch provided by Cyrille Le Clerc. (markt)
fix 48678: Remove duplicate server field from
org.apache.catalina.startup.Catalina. (markt)
fix 48694: Remove potential deadlock in web application class
loader. (markt)
add 48716: Provide additional configuration options for JULI. (markt)
fix 48726: Prevent OOME when uploading large WAR files with the
deployer. Patch provided by adam. (markt)
add Improve memory leak protection by safely stopping threads
started via java.util.Timer that an application starts but
fails to stop and by clearing references retained due to the
use of java.util.ResourceBundle. (markt)
update Modify ThreadLocal memory leak detection to not report false
positives and to simplify implementation. (markt/kkolinko)
add Basic memory leak detection was added to the standard Host
implementation and exposed via JMX to detect memory leaks on
web application reload. (markt/kkolinko)
Coyote
update Update the native/APR library version bundled with Tomcat to
1.1.20. (kkolinko)
Jasper
add Add some debug logging to the compiler where exceptions were
previously swallowed. (markt)
fix 48170: Remove unnecessary synchronization that is causing
issues under load. (markt)
fix 48580: Prevent AccessControlException if first access is to
a JSP that uses a FunctionMapper. (markt)
fix 48582: Avoid NPE on background compilation failure. (markt)
fix 48616: Don't declare or synchronize scripting variables for
JSP fragments since they are scriptless. This is an alternative
fix for 42390 that avoids both the original problem and the
regression in the first fix. (kkolinko)
fix 48627: Fix regression in re-factored EL parsing. Keep literals
as literals and handle deferredSyntaxAllowedAsLiteral. (kkolinko)
fix 48668: When parsing JSPs only parse EL as EL if EL is enabled
else strings such as ${ will be silently dropped. (markt)
fix Various EL TCK failures. (markt)
Cluster
fix Force a disconnect if an error occurs during replication such
as a firewall dropping the connection. (fhanik)
Webapps
add Add new "Find leaks" command to the Manager application.
It allows to detect web applications that have caused memory
leaks on stop, reload or undeploy. (markt/kkolinko)
Other
fix Ensure files in conf directory have CRLF line endings when
using the Windows installer. (kkolinko)
fix Allow special characters recognized by the Windows command-line
shell to be present in the names of CATALINA_HOME/_BASE and
the current directory used to call the Tomcat scripts. (kkolinko)
fix Don't use @Deprecated annotations in javax.servlet.jsp.JspContext
since the specification does not include them in the API
definition. (markt)
add Improve the information in the JAR manifest files. (markt)
MAIN commitmail json YAML
pkgsrc/devel/rt3/Makefile@1.44
/
diff
pkgsrc/devel/rt3/Makefile.install@1.15 / diff
pkgsrc/devel/rt3/PLIST@1.17 / diff
pkgsrc/devel/rt3/distinfo@1.18 / diff
pkgsrc/devel/rt3/Makefile.install@1.15 / diff
pkgsrc/devel/rt3/PLIST@1.17 / diff
pkgsrc/devel/rt3/distinfo@1.18 / diff
update to version 3.8.8, partially by sno@
Upstream Changelog:
NEW FEATURES AND MAJOR CHANGES
* Aaron Sigel performed a security audit of RT and pointed out
a number of potential improvements which have been addressed
* Charts improvements
* Time-based charts can now show "hourly" goupings.
* ChartFont option is now hash with font per language.
* Two default fonts are shipped with RT to cover most
supported languages.
* The table of chart results now contains links to tickets
matching a given row.
* Timezones support, but protected with config option.
* Better scaling of Y axis.
* X axis labels are now vertical if there is not enough
space to display them horizontally.
* RTAddressRegexp option improvements
* No default value anymore.
* If no value is set then RT will attempt to calculate the right value
from the user-defined queue addresses.
* On create/update/people pages RT now checks addresses
users enter and stop users from entering known
addresses for RT queues.
* Admin UI improvements
* Improved display of the "About this RT" page.
* More pages in the Admin UI have been switched to generic
code to list objects (like tickets in search results)
* Display formats for these objects are now configurable
in the config file (%AdminSearchResultFormat)
* More columns in column maps for objects other than
tickets.
* Custom fields ordering and application improvements
* Queue specific custom fields now can be placed above
global, below or even in the middle. Order of global
custom fields stays the same in all queues, but a custom
field that is applied to particular queues can be placed
differently in each queue.
* Make it possible to apply a CF globally from 'Applies To'
page.
* RT no longer allows you to apply a CF globally and to queues
at the same time. When CF is applied globally it is
un-applied from specific queues first.
* Refactored simple (googleish) search
* new options in the config to control defaults
* new keywords to search for particular things
* RSS feeds now contain embedded single-query authentication strings
* We've Introduced a config option to prevent adding the
RT-Originator header in outgoing mails.
* New MessageBoxIncludeSignature* options
* LogoutRefresh config option to control how long to wait
before going back to login
* New config option for AttachmentUnits
* New config option for AlwaysDownloadAttachments
* RT now requires your current password to change any password
* Improved LinkValueTo and returned back functionality
* if LinkValueTo starts with __CustomField__ then don't
escape it, but make sure it's not a JS link
* escape links using HTML escaping
* don't wrap into <a> with empty href if link is empty
* Added DefaultMailPrecedence and DefaultErrorMailPrecedence
config options
* Squelch watchers on update. This makes doing silent
Updates possible
* New web handler: bin/fastcgi_server
* Refactored Elements/ShowUser so it's easy to add custom
formats. Several performance improvements in this code.
* MERGE_CACHE to cache information about merged tickets and
lower logs and DB impact on re-checks
* Made NotifyActor into a User Preference
* If the MIME entity has header X-RT-Squelch, do not send
the message
* Improved print layouts
* Serve images in js and css dirs as static files,
so browsers cache them more agressively
* Added HasAttribute and HasNoAttribute to TicketSQL
* New faster and less memory hungry TicketsMaps - First, Prev,
Next and Last links when you view tickets from the current
search. Size is now limited by a new config option. Floating
window is used to build the links.
CLEANUPS AND SMALL IMPROVEMENTS
* Updated doc/Security with more modern security tips
* Made the plaintext mono feature work in IE.
* Better timezone handling in Tools/Reports/ResolvedByDates.html
* Make sure we don't serve files outside RT's paths
* Additional checks to make sure that credentials
are sent to RT on Login
* Moved CustomField column map from tickets' to generic
* Make height, width, href and alt of the logo configurable
* Load as much as possible when a web-handler with forks
is used, this increase memory sharing across processes
* A link provided for approvals templates to whoever worked
the approval
* Global __WebRequestPath__ and __WebRequestPathDir__
column map entries
* Process custom fields in ModifyDates.html
* Handle Ccs and AdminCcs of the queue in SkipNotification
feature
* Sort callbacks within a root only, respect plugins
order
* Add some wording to the check boxes on the reply pages
* Reduce whitespace on bottom of boxes as was earlier
* Use smaller margin for reminders display to save space
* Use a reasonable length for scrip descriptions
* Removed a lie about RT CLI still being "unsupported"
* User friendlier errors handling thrown by Calendar::Simple
* Split some CSS from themes into base/xxx.css
* Googleish search was making incorrect assumptions
about RT::User and RT::Group's Load function
returning a boolean not a list. This was throwing
(harmless, but ugly) errors.
* Don't apply order on collections if sorting is not
allowed
* Removed the "URL" parameter to 'Logout' as it had no
legitimate use.
* make instal and testdeps tests to avoid some versions
of modules that are known to be buggy or incompatible,
for example DBD::Oracle 1.23
BUG FIXES
* properly use AND/OR when content is searched and
DontSearchFileAttachments option is enabled
* Make sure Merge only possible when user has Modify
right on both tickets
* Fixes for UseSQLForACLChecks option, it was possible
to construct a query and see tickets an user has no
right to see. Lots of tests have been added to make
sure it wouldn't happen again.
* SQL used for ACL checks has been refactored to get
more effective queries. Especially when list of
potential owners is built for the query builder.
* Unified API for tables with disabled column and
fixes when ->Count could return bigger value
when some CFs are disabled.
* I18N was transcoding attachments to UTF-8 one line
at a time. This doesn't work at all for UTF-16 and
probably other encodings.
* Fixed encoding problem when loading a dump file
produced by rt-dump-database.
* A closing </li> was missing in PreviewScrips comp
* Fixed config loading when Fcntl module or other exporting
symbols is loaded. Load was failing with "Not a SCALAR
reference" error.
* Returned back effective SQL when searching by CFs with
= or != operator
* Fixed error on login when user make mistake in password
and he entered character out of ASCII range.
* Honor a user's MessageBoxRichTextHeight setting
* Fixed query builder behaviour with NULLs and '' (empty values)
* Fixed potential information loose on incorrect GnuPG mails
* Fixed display-all-rows in Dashboards
* Fixed JS escaping issues
* Set context object in OCFV::CustomFieldObj
* Sessions ended up in /tmp/ in some cases
* Fixed safe_run_child when code dies between fork and exec,
deals with "mysql server has gone away" error
* fix Jumbo reloading and losing message content
* Stop infinite looping when you have global custom
fields and no Queue restriction
* Fixed sorting of custom fields in Results.tsv
* Set of fixes for Unicode characters in emails
and tests covering these changes
* Don't create handles we don't need, we can hit limit
* Prevent servers using GnuPG from running out of file handles
TRANSLATION
Updates merged from launchpad and two new languages: nn.po
and pt_PT.po. Thanks to all contributors.
CALLBACKS
* AboutThisUser in ShowPeople box
* Between the GnuPG and message rows
* AfterSubject
* Before and After CustomFields
* Before and After TransactionCustomFields
* AfterAddress in PreviewScrips
* At the top of ticket summary columns
* For adding links for attachment downloads
* At the bottom of the logout box
* Pass more information to the FormStart callback
in Ticket/Update.html
* AfterMessageBox on ticket create page
* ShowTransaction/AfterAnchor
* In EditDates and ShowDates
* Pass a reference to the signature in MessageBox's callback
* For inserting text after the transaction's description
* AfterUpdateType in Jumbo.html and Update.html
Upstream Changelog:
NEW FEATURES AND MAJOR CHANGES
* Aaron Sigel performed a security audit of RT and pointed out
a number of potential improvements which have been addressed
* Charts improvements
* Time-based charts can now show "hourly" goupings.
* ChartFont option is now hash with font per language.
* Two default fonts are shipped with RT to cover most
supported languages.
* The table of chart results now contains links to tickets
matching a given row.
* Timezones support, but protected with config option.
* Better scaling of Y axis.
* X axis labels are now vertical if there is not enough
space to display them horizontally.
* RTAddressRegexp option improvements
* No default value anymore.
* If no value is set then RT will attempt to calculate the right value
from the user-defined queue addresses.
* On create/update/people pages RT now checks addresses
users enter and stop users from entering known
addresses for RT queues.
* Admin UI improvements
* Improved display of the "About this RT" page.
* More pages in the Admin UI have been switched to generic
code to list objects (like tickets in search results)
* Display formats for these objects are now configurable
in the config file (%AdminSearchResultFormat)
* More columns in column maps for objects other than
tickets.
* Custom fields ordering and application improvements
* Queue specific custom fields now can be placed above
global, below or even in the middle. Order of global
custom fields stays the same in all queues, but a custom
field that is applied to particular queues can be placed
differently in each queue.
* Make it possible to apply a CF globally from 'Applies To'
page.
* RT no longer allows you to apply a CF globally and to queues
at the same time. When CF is applied globally it is
un-applied from specific queues first.
* Refactored simple (googleish) search
* new options in the config to control defaults
* new keywords to search for particular things
* RSS feeds now contain embedded single-query authentication strings
* We've Introduced a config option to prevent adding the
RT-Originator header in outgoing mails.
* New MessageBoxIncludeSignature* options
* LogoutRefresh config option to control how long to wait
before going back to login
* New config option for AttachmentUnits
* New config option for AlwaysDownloadAttachments
* RT now requires your current password to change any password
* Improved LinkValueTo and returned back functionality
* if LinkValueTo starts with __CustomField__ then don't
escape it, but make sure it's not a JS link
* escape links using HTML escaping
* don't wrap into <a> with empty href if link is empty
* Added DefaultMailPrecedence and DefaultErrorMailPrecedence
config options
* Squelch watchers on update. This makes doing silent
Updates possible
* New web handler: bin/fastcgi_server
* Refactored Elements/ShowUser so it's easy to add custom
formats. Several performance improvements in this code.
* MERGE_CACHE to cache information about merged tickets and
lower logs and DB impact on re-checks
* Made NotifyActor into a User Preference
* If the MIME entity has header X-RT-Squelch, do not send
the message
* Improved print layouts
* Serve images in js and css dirs as static files,
so browsers cache them more agressively
* Added HasAttribute and HasNoAttribute to TicketSQL
* New faster and less memory hungry TicketsMaps - First, Prev,
Next and Last links when you view tickets from the current
search. Size is now limited by a new config option. Floating
window is used to build the links.
CLEANUPS AND SMALL IMPROVEMENTS
* Updated doc/Security with more modern security tips
* Made the plaintext mono feature work in IE.
* Better timezone handling in Tools/Reports/ResolvedByDates.html
* Make sure we don't serve files outside RT's paths
* Additional checks to make sure that credentials
are sent to RT on Login
* Moved CustomField column map from tickets' to generic
* Make height, width, href and alt of the logo configurable
* Load as much as possible when a web-handler with forks
is used, this increase memory sharing across processes
* A link provided for approvals templates to whoever worked
the approval
* Global __WebRequestPath__ and __WebRequestPathDir__
column map entries
* Process custom fields in ModifyDates.html
* Handle Ccs and AdminCcs of the queue in SkipNotification
feature
* Sort callbacks within a root only, respect plugins
order
* Add some wording to the check boxes on the reply pages
* Reduce whitespace on bottom of boxes as was earlier
* Use smaller margin for reminders display to save space
* Use a reasonable length for scrip descriptions
* Removed a lie about RT CLI still being "unsupported"
* User friendlier errors handling thrown by Calendar::Simple
* Split some CSS from themes into base/xxx.css
* Googleish search was making incorrect assumptions
about RT::User and RT::Group's Load function
returning a boolean not a list. This was throwing
(harmless, but ugly) errors.
* Don't apply order on collections if sorting is not
allowed
* Removed the "URL" parameter to 'Logout' as it had no
legitimate use.
* make instal and testdeps tests to avoid some versions
of modules that are known to be buggy or incompatible,
for example DBD::Oracle 1.23
BUG FIXES
* properly use AND/OR when content is searched and
DontSearchFileAttachments option is enabled
* Make sure Merge only possible when user has Modify
right on both tickets
* Fixes for UseSQLForACLChecks option, it was possible
to construct a query and see tickets an user has no
right to see. Lots of tests have been added to make
sure it wouldn't happen again.
* SQL used for ACL checks has been refactored to get
more effective queries. Especially when list of
potential owners is built for the query builder.
* Unified API for tables with disabled column and
fixes when ->Count could return bigger value
when some CFs are disabled.
* I18N was transcoding attachments to UTF-8 one line
at a time. This doesn't work at all for UTF-16 and
probably other encodings.
* Fixed encoding problem when loading a dump file
produced by rt-dump-database.
* A closing </li> was missing in PreviewScrips comp
* Fixed config loading when Fcntl module or other exporting
symbols is loaded. Load was failing with "Not a SCALAR
reference" error.
* Returned back effective SQL when searching by CFs with
= or != operator
* Fixed error on login when user make mistake in password
and he entered character out of ASCII range.
* Honor a user's MessageBoxRichTextHeight setting
* Fixed query builder behaviour with NULLs and '' (empty values)
* Fixed potential information loose on incorrect GnuPG mails
* Fixed display-all-rows in Dashboards
* Fixed JS escaping issues
* Set context object in OCFV::CustomFieldObj
* Sessions ended up in /tmp/ in some cases
* Fixed safe_run_child when code dies between fork and exec,
deals with "mysql server has gone away" error
* fix Jumbo reloading and losing message content
* Stop infinite looping when you have global custom
fields and no Queue restriction
* Fixed sorting of custom fields in Results.tsv
* Set of fixes for Unicode characters in emails
and tests covering these changes
* Don't create handles we don't need, we can hit limit
* Prevent servers using GnuPG from running out of file handles
TRANSLATION
Updates merged from launchpad and two new languages: nn.po
and pt_PT.po. Thanks to all contributors.
CALLBACKS
* AboutThisUser in ShowPeople box
* Between the GnuPG and message rows
* AfterSubject
* Before and After CustomFields
* Before and After TransactionCustomFields
* AfterAddress in PreviewScrips
* At the top of ticket summary columns
* For adding links for attachment downloads
* At the bottom of the logout box
* Pass more information to the FormStart callback
in Ticket/Update.html
* AfterMessageBox on ticket create page
* ShowTransaction/AfterAnchor
* In EditDates and ShowDates
* Pass a reference to the signature in MessageBox's callback
* For inserting text after the transaction's description
* AfterUpdateType in Jumbo.html and Update.html
pkgsrc-2010Q2 commitmail json YAML
pullups 3218 + 3219
pkgsrc-2010Q2 commitmail json YAML
pkgsrc/www/seamonkey/Makefile@1.37.2.2
/
diff
pkgsrc/www/seamonkey/distinfo@1.50.2.2 / diff
pkgsrc/www/seamonkey/patches/patch-ap@1.7.4.1 / diff
pkgsrc/www/seamonkey/patches/patch-mm@1.1.4.1 / diff
pkgsrc/www/seamonkey/distinfo@1.50.2.2 / diff
pkgsrc/www/seamonkey/patches/patch-ap@1.7.4.1 / diff
pkgsrc/www/seamonkey/patches/patch-mm@1.1.4.1 / diff
Pullup ticket 3218 - requested by tnn
security update
Revisions pulled up:
- pkgsrc/www/seamonkey/Makefile 1.39
- pkgsrc/www/seamonkey/distinfo 1.55
- pkgsrc/www/seamonkey/patches/patch-ap 1.8
- pkgsrc/www/seamonkey/patches/patch-mm 1.2
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tnn
Date: Thu Sep 9 11:12:27 UTC 2010
Modified Files:
pkgsrc/www/seamonkey: Makefile distinfo
pkgsrc/www/seamonkey/patches: patch-ap patch-mm
Log Message:
Update to seamonkey-2.0.7.
* Message-ID searches on Google Groups work again
* Add-ons preferences button for Lightning should work now
* Security fixes:
MFSA 2010-63 Information leak via XMLHttpRequest statusText
MFSA 2010-62 Copy-and-paste or drag-and-drop into designMode document allows XSS
MFSA 2010-61 UTF-7 XSS by overriding document charset using <object> type
attribute
MFSA 2010-60 XSS using SJOW scripted function
MFSA 2010-58 Crash on Mac using fuzzed font in data: URL
MFSA 2010-57 Crash and remote code execution in normalizeDocument
MFSA 2010-56 Dangling pointer vulnerability in nsTreeContentView
MFSA 2010-55 XUL tree removal crash and remote code execution
MFSA 2010-54 Dangling pointer vulnerability in nsTreeSelection
MFSA 2010-53 Heap buffer overflow in nsTextFrameUtils::TransformText
MFSA 2010-52 Windows XP DLL loading vulnerability
MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array
MFSA 2010-50 Frameset integer overflow vulnerability
MFSA 2010-49 Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12)
To generate a diff of this commit:
cvs rdiff -u -r1.38 -r1.39 pkgsrc/www/seamonkey/Makefile
cvs rdiff -u -r1.54 -r1.55 pkgsrc/www/seamonkey/distinfo
cvs rdiff -u -r1.7 -r1.8 pkgsrc/www/seamonkey/patches/patch-ap
cvs rdiff -u -r1.1 -r1.2 pkgsrc/www/seamonkey/patches/patch-mm
security update
Revisions pulled up:
- pkgsrc/www/seamonkey/Makefile 1.39
- pkgsrc/www/seamonkey/distinfo 1.55
- pkgsrc/www/seamonkey/patches/patch-ap 1.8
- pkgsrc/www/seamonkey/patches/patch-mm 1.2
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tnn
Date: Thu Sep 9 11:12:27 UTC 2010
Modified Files:
pkgsrc/www/seamonkey: Makefile distinfo
pkgsrc/www/seamonkey/patches: patch-ap patch-mm
Log Message:
Update to seamonkey-2.0.7.
* Message-ID searches on Google Groups work again
* Add-ons preferences button for Lightning should work now
* Security fixes:
MFSA 2010-63 Information leak via XMLHttpRequest statusText
MFSA 2010-62 Copy-and-paste or drag-and-drop into designMode document allows XSS
MFSA 2010-61 UTF-7 XSS by overriding document charset using <object> type
attribute
MFSA 2010-60 XSS using SJOW scripted function
MFSA 2010-58 Crash on Mac using fuzzed font in data: URL
MFSA 2010-57 Crash and remote code execution in normalizeDocument
MFSA 2010-56 Dangling pointer vulnerability in nsTreeContentView
MFSA 2010-55 XUL tree removal crash and remote code execution
MFSA 2010-54 Dangling pointer vulnerability in nsTreeSelection
MFSA 2010-53 Heap buffer overflow in nsTextFrameUtils::TransformText
MFSA 2010-52 Windows XP DLL loading vulnerability
MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array
MFSA 2010-50 Frameset integer overflow vulnerability
MFSA 2010-49 Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12)
To generate a diff of this commit:
cvs rdiff -u -r1.38 -r1.39 pkgsrc/www/seamonkey/Makefile
cvs rdiff -u -r1.54 -r1.55 pkgsrc/www/seamonkey/distinfo
cvs rdiff -u -r1.7 -r1.8 pkgsrc/www/seamonkey/patches/patch-ap
cvs rdiff -u -r1.1 -r1.2 pkgsrc/www/seamonkey/patches/patch-mm
pkgsrc-2010Q2 commitmail json YAML
pkgsrc/devel/nspr/Makefile@1.36.4.1
/
diff
pkgsrc/devel/nspr/PLIST@1.10.6.1 / diff
pkgsrc/devel/nss/Makefile@1.37.4.1 / diff
pkgsrc/devel/xulrunner/PLIST@1.22.2.2 / diff
pkgsrc/devel/xulrunner/dist.mk@1.11.2.3 / diff
pkgsrc/devel/xulrunner/distinfo@1.33.2.3 / diff
pkgsrc/devel/xulrunner/mozilla-common.mk@1.15.2.1 / diff
pkgsrc/devel/xulrunner/patches/patch-ag@1.1.1.1.8.1 / diff
pkgsrc/devel/xulrunner/patches/patch-al@1.1.1.1.8.1 / diff
pkgsrc/devel/xulrunner/patches/patch-ap@1.3.8.1 / diff
pkgsrc/devel/xulrunner/patches/patch-mc@1.1.2.1 / diff
pkgsrc/devel/xulrunner/patches/patch-mm@1.2.6.1 / diff
pkgsrc/devel/xulrunner/patches/patch-mn@1.2.6.1 / diff
pkgsrc/devel/nspr/PLIST@1.10.6.1 / diff
pkgsrc/devel/nss/Makefile@1.37.4.1 / diff
pkgsrc/devel/xulrunner/PLIST@1.22.2.2 / diff
pkgsrc/devel/xulrunner/dist.mk@1.11.2.3 / diff
pkgsrc/devel/xulrunner/distinfo@1.33.2.3 / diff
pkgsrc/devel/xulrunner/mozilla-common.mk@1.15.2.1 / diff
pkgsrc/devel/xulrunner/patches/patch-ag@1.1.1.1.8.1 / diff
pkgsrc/devel/xulrunner/patches/patch-al@1.1.1.1.8.1 / diff
pkgsrc/devel/xulrunner/patches/patch-ap@1.3.8.1 / diff
pkgsrc/devel/xulrunner/patches/patch-mc@1.1.2.1 / diff
pkgsrc/devel/xulrunner/patches/patch-mm@1.2.6.1 / diff
pkgsrc/devel/xulrunner/patches/patch-mn@1.2.6.1 / diff
Pullup ticket 3219 - requested by tnn
security update
Revisions pulled up:
- pkgsrc/devel/nspr/Makefile 1.37
- pkgsrc/devel/nspr/PLIST 1.11
- pkgsrc/devel/nss/Makefile 1.38
- pkgsrc/devel/xulrunner/PLIST 1.24
- pkgsrc/devel/xulrunner/dist.mk 1.14
- pkgsrc/devel/xulrunner/distinfo 1.36
- pkgsrc/devel/xulrunner/mozilla-common.mk 1.16
- pkgsrc/devel/xulrunner/patches/patch-ag 1.2
- pkgsrc/devel/xulrunner/patches/patch-al 1.2
- pkgsrc/devel/xulrunner/patches/patch-ap 1.4
- pkgsrc/devel/xulrunner/patches/patch-mc 1.2
- pkgsrc/devel/xulrunner/patches/patch-mm 1.3
- pkgsrc/devel/xulrunner/patches/patch-mn 1.3
-------------------------------------------------------------------------
Modified Files:
pkgsrc/devel/nspr: Makefile PLIST
Log Message:
Update to nspr-4.8.6 (via firefox-3.6.9). Changes unknown.
To generate a diff of this commit:
cvs rdiff -u -r1.36 -r1.37 pkgsrc/devel/nspr/Makefile
cvs rdiff -u -r1.10 -r1.11 pkgsrc/devel/nspr/PLIST
-------------------------------------------------------------------------
Modified Files:
pkgsrc/devel/nss: Makefile
Log Message:
Update to nss-3.12.7.0 (via firefox-3.6.9). Changes unknown.
To generate a diff of this commit:
cvs rdiff -u -r1.37 -r1.38 pkgsrc/devel/nss/Makefile
-------------------------------------------------------------------------
Modified Files:
pkgsrc/devel/xulrunner: PLIST dist.mk distinfo mozilla-common.mk
pkgsrc/devel/xulrunner/patches: patch-ag patch-al patch-ap
patch-mc patch-mm patch-mn
Log Message:
Update to firefox-3.6.9 (xulrunner-1.9.2.9)
MFSA 2010-63 Information leak via XMLHttpRequest statusText
MFSA 2010-62 Copy-and-paste or drag-and-drop into designMode document allows XSS
MFSA 2010-61 UTF-7 XSS by overriding document charset using <object> type
attribute
MFSA 2010-59 SJOW creates scope chains ending in outer object
MFSA 2010-58 Crash on Mac using fuzzed font in data: URL
MFSA 2010-57 Crash and remote code execution in normalizeDocument
MFSA 2010-56 Dangling pointer vulnerability in nsTreeContentView
MFSA 2010-55 XUL tree removal crash and remote code execution
MFSA 2010-54 Dangling pointer vulnerability in nsTreeSelection
MFSA 2010-53 Heap buffer overflow in nsTextFrameUtils::TransformText
MFSA 2010-52 Windows XP DLL loading vulnerability
MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array
MFSA 2010-50 Frameset integer overflow vulnerability
MFSA 2010-49 Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12)
To generate a diff of this commit:
cvs rdiff -u -r1.23 -r1.24 pkgsrc/devel/xulrunner/PLIST
cvs rdiff -u -r1.13 -r1.14 pkgsrc/devel/xulrunner/dist.mk
cvs rdiff -u -r1.35 -r1.36 pkgsrc/devel/xulrunner/distinfo
cvs rdiff -u -r1.15 -r1.16 pkgsrc/devel/xulrunner/mozilla-common.mk
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/devel/xulrunner/patches/patch-ag \
pkgsrc/devel/xulrunner/patches/patch-al
cvs rdiff -u -r1.3 -r1.4 pkgsrc/devel/xulrunner/patches/patch-ap
cvs rdiff -u -r1.1 -r1.2 pkgsrc/devel/xulrunner/patches/patch-mc
cvs rdiff -u -r1.2 -r1.3 pkgsrc/devel/xulrunner/patches/patch-mm \
pkgsrc/devel/xulrunner/patches/patch-mn
security update
Revisions pulled up:
- pkgsrc/devel/nspr/Makefile 1.37
- pkgsrc/devel/nspr/PLIST 1.11
- pkgsrc/devel/nss/Makefile 1.38
- pkgsrc/devel/xulrunner/PLIST 1.24
- pkgsrc/devel/xulrunner/dist.mk 1.14
- pkgsrc/devel/xulrunner/distinfo 1.36
- pkgsrc/devel/xulrunner/mozilla-common.mk 1.16
- pkgsrc/devel/xulrunner/patches/patch-ag 1.2
- pkgsrc/devel/xulrunner/patches/patch-al 1.2
- pkgsrc/devel/xulrunner/patches/patch-ap 1.4
- pkgsrc/devel/xulrunner/patches/patch-mc 1.2
- pkgsrc/devel/xulrunner/patches/patch-mm 1.3
- pkgsrc/devel/xulrunner/patches/patch-mn 1.3
-------------------------------------------------------------------------
Modified Files:
pkgsrc/devel/nspr: Makefile PLIST
Log Message:
Update to nspr-4.8.6 (via firefox-3.6.9). Changes unknown.
To generate a diff of this commit:
cvs rdiff -u -r1.36 -r1.37 pkgsrc/devel/nspr/Makefile
cvs rdiff -u -r1.10 -r1.11 pkgsrc/devel/nspr/PLIST
-------------------------------------------------------------------------
Modified Files:
pkgsrc/devel/nss: Makefile
Log Message:
Update to nss-3.12.7.0 (via firefox-3.6.9). Changes unknown.
To generate a diff of this commit:
cvs rdiff -u -r1.37 -r1.38 pkgsrc/devel/nss/Makefile
-------------------------------------------------------------------------
Modified Files:
pkgsrc/devel/xulrunner: PLIST dist.mk distinfo mozilla-common.mk
pkgsrc/devel/xulrunner/patches: patch-ag patch-al patch-ap
patch-mc patch-mm patch-mn
Log Message:
Update to firefox-3.6.9 (xulrunner-1.9.2.9)
MFSA 2010-63 Information leak via XMLHttpRequest statusText
MFSA 2010-62 Copy-and-paste or drag-and-drop into designMode document allows XSS
MFSA 2010-61 UTF-7 XSS by overriding document charset using <object> type
attribute
MFSA 2010-59 SJOW creates scope chains ending in outer object
MFSA 2010-58 Crash on Mac using fuzzed font in data: URL
MFSA 2010-57 Crash and remote code execution in normalizeDocument
MFSA 2010-56 Dangling pointer vulnerability in nsTreeContentView
MFSA 2010-55 XUL tree removal crash and remote code execution
MFSA 2010-54 Dangling pointer vulnerability in nsTreeSelection
MFSA 2010-53 Heap buffer overflow in nsTextFrameUtils::TransformText
MFSA 2010-52 Windows XP DLL loading vulnerability
MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array
MFSA 2010-50 Frameset integer overflow vulnerability
MFSA 2010-49 Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12)
To generate a diff of this commit:
cvs rdiff -u -r1.23 -r1.24 pkgsrc/devel/xulrunner/PLIST
cvs rdiff -u -r1.13 -r1.14 pkgsrc/devel/xulrunner/dist.mk
cvs rdiff -u -r1.35 -r1.36 pkgsrc/devel/xulrunner/distinfo
cvs rdiff -u -r1.15 -r1.16 pkgsrc/devel/xulrunner/mozilla-common.mk
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/devel/xulrunner/patches/patch-ag \
pkgsrc/devel/xulrunner/patches/patch-al
cvs rdiff -u -r1.3 -r1.4 pkgsrc/devel/xulrunner/patches/patch-ap
cvs rdiff -u -r1.1 -r1.2 pkgsrc/devel/xulrunner/patches/patch-mc
cvs rdiff -u -r1.2 -r1.3 pkgsrc/devel/xulrunner/patches/patch-mm \
pkgsrc/devel/xulrunner/patches/patch-mn
MAIN commitmail json YAML
note update of sudo
MAIN commitmail json YAML
pkgsrc/security/sudo/Makefile@1.123
/
diff
pkgsrc/security/sudo/PLIST@1.5 / diff
pkgsrc/security/sudo/distinfo@1.65 / diff
pkgsrc/security/sudo/patches/patch-aa@1.24 / diff
pkgsrc/security/sudo/patches/patch-af@1.25 / diff
pkgsrc/security/sudo/patches/patch-ag@1.16 / diff
pkgsrc/security/sudo/PLIST@1.5 / diff
pkgsrc/security/sudo/distinfo@1.65 / diff
pkgsrc/security/sudo/patches/patch-aa@1.24 / diff
pkgsrc/security/sudo/patches/patch-af@1.25 / diff
pkgsrc/security/sudo/patches/patch-ag@1.16 / diff
updating to the latest and greatest (and less a bunch of security
relevant bugs) version:
Major changes between version 1.7.4p3 and 1.7.4p4:
* A potential security issue has been fixed with respect to the
handling of sudo's -g command line option when -u is also
specified. The flaw may allow an attacker to run commands as a
user that is not authorized by the sudoers file.
* A bug has been fixed where "sudo -l" output was incomplete if
multiple sudoers sources were defined in nsswitch.conf and there
was an error querying one of the sources.
* The log_input, log_output, and use_pty sudoers options now work
correctly on AIX. Previously, sudo would hang if they were
enabled.
* Fixed "make install" when sudo is built in a directory other
than the directory that holds the sources.
* The runas_default sudoers setting now works properly in a
per-command Defaults line.
* Suspending and resuming the bash shell when PAM is in use now
works properly. The SIGCONT signal was not being propagated to
the child process.
Major changes between version 1.7.4p2 and 1.7.4p3:
* A bug has been fixed where duplicate HOME environment variables
could be set when the env_reset setting was disabled and the
always_set_home setting was enabled in sudoers.
* The value of sysconfdir is now substituted into the path to the
sudoers.d directory in the installed sudoers file.
* Fixed compilation problems on Irix and other platforms.
* If multiple PAM "auth" actions are specified and the user enters
^C at the password prompt, sudo will now abort any subsequent
"auth" actions. Previously it was necessary to enter ^C once for
each "auth" action.
Major changes between version 1.7.4p1 and 1.7.4p2:
* Fixed a bug where sudo could spin in a cpu loop waiting for the
child process.
* Packaging fixes for sudo.pp to better handle patchlevels.
Major changes between version 1.7.4 and 1.7.4p1:
* Fix a bug introduced in sudo 1.7.3 that prevented the -k and -K
options from functioning when the tty_tickets sudoers option was
enabled.
* Sudo no longer prints a warning when the -k or -K options are
specified and the ticket file does not exist.
* Changes to the configure script to enable cross-compilation of
Sudo.
Major changes between version 1.7.3 and 1.7.4:
* Sudoedit will now preserve the file extension in the name of the
temporary file being edited. The extension is used by some
editors (such as emacs) to choose the editing mode.
* Time stamp files have moved from /var/run/sudo to either
/var/db/sudo, /var/lib/sudo or /var/adm/sudo. The directories
are checked for existence in that order. This prevents users
from receiving the sudo lecture every time the system reboots.
Time stamp files older than the boot time are ignored on systems
where it is possible to determine this.
* Ancillary documentation (README files, LICENSE, etc) is now
installed in a sudo documentation directory.
* Sudo now recognizes "tls_cacert" as an alias for "tls_cacertfile"
in ldap.conf.
* Defaults settings that are tied to a user, host or command may
now include the negation operator. For example:
Defaults:!millert lecture
will match any user but millert.
* The default PATH environment variable, used when no PATH variable
exists, now includes /usr/sbin and /sbin.
* Sudo now uses polypkg for cross-platform packing.
* On Linux, sudo will now restore the nproc resource limit before
executing a command, unless the limit appears to have been
modified by pam_limits. This avoids a problem with bash scripts
that open more than 32 descriptors on SuSE Linux, where
sysconf(_SC_CHILD_MAX) will return -1 when RLIMIT_NPROC is set
to RLIMIT_UNLIMITED (-1).
* Visudo will now treat an unrecognized Defaults entry as a parse
error (sudo will warn but still run).
* The HOME and MAIL environment variables are now reset based on
the target user's password database entry when the env_reset
sudoers option is enabled (which is the case in the default
configuration). Users wishing to preserve the original values
should use a sudoers entry like:
Defaults env_keep += HOME
to preserve the old value of HOME and
Defaults env_keep += MAIL
to preserve the old value of MAIL.
* The tty_tickets option is now on by default.
* Fixed a problem in the restoration of the AIX authdb registry
setting.
* If PAM is in use, wait until the process has finished before
closing the PAM session.
* Fixed "sudo -i -u user" where user has no shell listed in the
password database.
* When logging I/O, sudo now handles pty read/write returning ENXIO,
as seen on FreeBSD when the login session has been killed.
* Sudo now performs I/O logging in the C locale. This avoids
locale-related issues when parsing floating point numbers in the
timing file.
* Added support for Ubuntu-style admin flag dot files.
Major changes between version 1.7.2p8 and 1.7.3:
* Support for logging a command's input and output as well as the
ability to replay sessions. For more information, see the
documentation for the log_input and log_output Defaults options
in the sudoers manual. Also see the sudoreplay manual for
information on replaying I/O log sessions.
* The use_pty sudoers option can be used to force a command to be
run in a pseudo-pty, even when I/O logging is not enabled.
* On some systems, sudo can now detect when a user has logged out
and back in again when tty-based time stamps are in use.
Supported systems include Solaris systems with the devices file
system, Mac OS X, and Linux systems with the devpts filesystem
(pseudo-ttys only).
* On AIX systems, the registry setting in /etc/security/user is
now taken into account when looking up users and groups.
Sudo now applies the correct the user and group ids when running
a command as a user whose account details come from a different
source (e.g. LDAP or DCE vs. local files).
* Support for multiple sudoers_base and uri entries in ldap.conf.
When multiple entries are listed, sudo will try each one in the
order in which they are specified.
* Sudo's SELinux support should now function correctly when running
commands as a non-root user and when one of stdin, stdout or stderr
is not a terminal.
* Sudo will now use the Linux audit system with configure with the
--with-linux-audit flag.
* Sudo now uses mbr_check_membership() on systems that support it
to determine group membership. Currently, only Darwin (Mac OS X)
supports this.
* When the tty_tickets sudoers option is enabled but there is no
terminal device, sudo will no longer use or create a tty-based
ticket file. Previously, sudo would use a tty name of "unknown".
As a consequence, if a user has no terminal device, sudo will now
always prompt for a password.
* The passwd_timeout and timestamp_timeout options may now be
specified as floating point numbers for more granular timeout
values.
* Negating the fqdn option in sudoers now works correctly when sudo
is configured with the --with-fqdn option. In previous versions
of sudo the fqdn was set before sudoers was parsed.
relevant bugs) version:
Major changes between version 1.7.4p3 and 1.7.4p4:
* A potential security issue has been fixed with respect to the
handling of sudo's -g command line option when -u is also
specified. The flaw may allow an attacker to run commands as a
user that is not authorized by the sudoers file.
* A bug has been fixed where "sudo -l" output was incomplete if
multiple sudoers sources were defined in nsswitch.conf and there
was an error querying one of the sources.
* The log_input, log_output, and use_pty sudoers options now work
correctly on AIX. Previously, sudo would hang if they were
enabled.
* Fixed "make install" when sudo is built in a directory other
than the directory that holds the sources.
* The runas_default sudoers setting now works properly in a
per-command Defaults line.
* Suspending and resuming the bash shell when PAM is in use now
works properly. The SIGCONT signal was not being propagated to
the child process.
Major changes between version 1.7.4p2 and 1.7.4p3:
* A bug has been fixed where duplicate HOME environment variables
could be set when the env_reset setting was disabled and the
always_set_home setting was enabled in sudoers.
* The value of sysconfdir is now substituted into the path to the
sudoers.d directory in the installed sudoers file.
* Fixed compilation problems on Irix and other platforms.
* If multiple PAM "auth" actions are specified and the user enters
^C at the password prompt, sudo will now abort any subsequent
"auth" actions. Previously it was necessary to enter ^C once for
each "auth" action.
Major changes between version 1.7.4p1 and 1.7.4p2:
* Fixed a bug where sudo could spin in a cpu loop waiting for the
child process.
* Packaging fixes for sudo.pp to better handle patchlevels.
Major changes between version 1.7.4 and 1.7.4p1:
* Fix a bug introduced in sudo 1.7.3 that prevented the -k and -K
options from functioning when the tty_tickets sudoers option was
enabled.
* Sudo no longer prints a warning when the -k or -K options are
specified and the ticket file does not exist.
* Changes to the configure script to enable cross-compilation of
Sudo.
Major changes between version 1.7.3 and 1.7.4:
* Sudoedit will now preserve the file extension in the name of the
temporary file being edited. The extension is used by some
editors (such as emacs) to choose the editing mode.
* Time stamp files have moved from /var/run/sudo to either
/var/db/sudo, /var/lib/sudo or /var/adm/sudo. The directories
are checked for existence in that order. This prevents users
from receiving the sudo lecture every time the system reboots.
Time stamp files older than the boot time are ignored on systems
where it is possible to determine this.
* Ancillary documentation (README files, LICENSE, etc) is now
installed in a sudo documentation directory.
* Sudo now recognizes "tls_cacert" as an alias for "tls_cacertfile"
in ldap.conf.
* Defaults settings that are tied to a user, host or command may
now include the negation operator. For example:
Defaults:!millert lecture
will match any user but millert.
* The default PATH environment variable, used when no PATH variable
exists, now includes /usr/sbin and /sbin.
* Sudo now uses polypkg for cross-platform packing.
* On Linux, sudo will now restore the nproc resource limit before
executing a command, unless the limit appears to have been
modified by pam_limits. This avoids a problem with bash scripts
that open more than 32 descriptors on SuSE Linux, where
sysconf(_SC_CHILD_MAX) will return -1 when RLIMIT_NPROC is set
to RLIMIT_UNLIMITED (-1).
* Visudo will now treat an unrecognized Defaults entry as a parse
error (sudo will warn but still run).
* The HOME and MAIL environment variables are now reset based on
the target user's password database entry when the env_reset
sudoers option is enabled (which is the case in the default
configuration). Users wishing to preserve the original values
should use a sudoers entry like:
Defaults env_keep += HOME
to preserve the old value of HOME and
Defaults env_keep += MAIL
to preserve the old value of MAIL.
* The tty_tickets option is now on by default.
* Fixed a problem in the restoration of the AIX authdb registry
setting.
* If PAM is in use, wait until the process has finished before
closing the PAM session.
* Fixed "sudo -i -u user" where user has no shell listed in the
password database.
* When logging I/O, sudo now handles pty read/write returning ENXIO,
as seen on FreeBSD when the login session has been killed.
* Sudo now performs I/O logging in the C locale. This avoids
locale-related issues when parsing floating point numbers in the
timing file.
* Added support for Ubuntu-style admin flag dot files.
Major changes between version 1.7.2p8 and 1.7.3:
* Support for logging a command's input and output as well as the
ability to replay sessions. For more information, see the
documentation for the log_input and log_output Defaults options
in the sudoers manual. Also see the sudoreplay manual for
information on replaying I/O log sessions.
* The use_pty sudoers option can be used to force a command to be
run in a pseudo-pty, even when I/O logging is not enabled.
* On some systems, sudo can now detect when a user has logged out
and back in again when tty-based time stamps are in use.
Supported systems include Solaris systems with the devices file
system, Mac OS X, and Linux systems with the devpts filesystem
(pseudo-ttys only).
* On AIX systems, the registry setting in /etc/security/user is
now taken into account when looking up users and groups.
Sudo now applies the correct the user and group ids when running
a command as a user whose account details come from a different
source (e.g. LDAP or DCE vs. local files).
* Support for multiple sudoers_base and uri entries in ldap.conf.
When multiple entries are listed, sudo will try each one in the
order in which they are specified.
* Sudo's SELinux support should now function correctly when running
commands as a non-root user and when one of stdin, stdout or stderr
is not a terminal.
* Sudo will now use the Linux audit system with configure with the
--with-linux-audit flag.
* Sudo now uses mbr_check_membership() on systems that support it
to determine group membership. Currently, only Darwin (Mac OS X)
supports this.
* When the tty_tickets sudoers option is enabled but there is no
terminal device, sudo will no longer use or create a tty-based
ticket file. Previously, sudo would use a tty name of "unknown".
As a consequence, if a user has no terminal device, sudo will now
always prompt for a password.
* The passwd_timeout and timestamp_timeout options may now be
specified as floating point numbers for more granular timeout
values.
* Negating the fqdn option in sudoers now works correctly when sudo
is configured with the --with-fqdn option. In previous versions
of sudo the fqdn was set before sudoers was parsed.
pkgsrc-2010Q2 commitmail json YAML
pullup #3216
pkgsrc-2010Q2 commitmail json YAML
pkgsrc/www/squid/options.mk@1.19.2.1
/
diff
pkgsrc/www/squid31/Makefile@1.22.2.1 / diff
pkgsrc/www/squid31/distinfo@1.20.2.1 / diff
pkgsrc/www/squid31/Makefile@1.22.2.1 / diff
pkgsrc/www/squid31/distinfo@1.20.2.1 / diff
Pullup ticket 3216 - requested by tron
security update
Revisions pulled up:
- pkgsrc/www/squid/options.mk 1.20
- pkgsrc/www/squid31/Makefile 1.26
- pkgsrc/www/squid31/distinfo 1.24
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: adam
Date: Wed Jul 28 10:16:14 UTC 2010
Modified Files:
pkgsrc/www/squid: options.mk
pkgsrc/www/squid31: Makefile distinfo
Log Message:
Changes 3.1.5.1:
* SourceFormat Enforcement
* Replace most USE_IPV6 with run-time support probing
* Translations: sync with 3.HEAD language updates
* Split-Stack enable DNS and http(s)_port sockets.
* Bug: --with-valgrind-debug failures ignored
* Fixed comm.cc:377: "fd_table[fd].halfClosedReader !=3D NULL" assertion
* Kludge: try to detect system acinclude path, to fix libtool brokenness.
* Bug: search scope for digest_ldap_auth didn't work
* Update libtool autoconf macros to libtool2 style
* Correction documentation of QoS disable-preserve-miss
* Remove .so from SASL build checks
* Bug: AIX support: c only c++ style comments test case
* Bug: AIX support: check libm for log()
* Do not stop accepting just because we got COMM_NOMESSAGE.
* Bug: AIX support: uchar is already define (more)
* Bug: AIX support: uchar is already define
* Bug: crash handling NULL write callback
* Correct Joomla DB auth handling
* Fixed memory leak related to retried requests.
* Prevent memory leaks when cloning Range requests.
* Fixed memory leaks related to Range requests.
Changes 3.1.5:
* Bug: Fix context leak in HttpStateData::processReplyHeader
* Bug: raw-IPv6 address URL with append_domain broken
* Bug: does not send indirect X-Client-Ip in ICAP respmod
* Fix free memory corruption and off-by-on error when comparing SNMP OIDs
* Restart DNS retransmission count when restarting the query as an A lookup
* Bug: HTTP responses with no Date, L-M or Expires can now be cached
* Maintenance: Formater skip libltdl dirs
* SourceFormat Enforcement
* Bug: Fails to detect chunked encoding if not given in all lower case
* Port from 2.7: max_filedescriptor config option
* persistent_connection_after_error is meant to be on by default
* kFreeBSD does not have linux headers. Wrap properly.
* Maintenance: Use system MD5 instead of hard-coded python paths
* Bug: ICAP tokens not logged when using multiple access
* SourceFormat Enforcement
* OpenBSD: Fix build mem.cc warning: converting of negative value
To generate a diff of this commit:
cvs rdiff -u -r1.19 -r1.20 pkgsrc/www/squid/options.mk
cvs rdiff -u -r1.22 -r1.23 pkgsrc/www/squid31/Makefile
cvs rdiff -u -r1.20 -r1.21 pkgsrc/www/squid31/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Aug 4 11:36:08 UTC 2010
Modified Files:
pkgsrc/www/squid31: Makefile distinfo
Log Message:
Update "squid31" package to version 3.1.6. Changes since 3.1.5.1:
- Bug 2994, 2995: IPv4-only regressions
- Bug 2991: Wrong parameters to fcntl() in commSetCloseOnExec()
- Bug 2975: chunked requests not supported after regular ones
- Fix: 32-bit overflow in reported bytes received from next hop
- Fix Libtool build regressions
- Limited split-stack IPv6 support.
- squid_db_auth support MD5 encrypted passwords
To generate a diff of this commit:
cvs rdiff -u -r1.23 -r1.24 pkgsrc/www/squid31/Makefile
cvs rdiff -u -r1.21 -r1.22 pkgsrc/www/squid31/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Aug 25 17:53:44 UTC 2010
Modified Files:
pkgsrc/www/squid31: Makefile distinfo
Log Message:
Update "squid31" package to version 3.1.7. Change since 3.1.6:
- Regression Bug 3021: Large DNS reply causes crash
- Regression Bug 3011: ICAP, HTTPS, cache_peer probe IPv4-only port fixes
- Regression Bug 2997: visible_hostname directive no longer matches docs
- Bug 3012: deprecate sslBump and support ssl-bump spelling in http_port
- Bug 3006: handle IPV6_V6ONLY definition missing
- Bug 3004: Solaris 9 SunStudio 12 build failure
- Bug 3003: inconsistent concepts in documentation of cache_dir
- Bug 3001: dnsserver link issues
- HTTP/1.1: default keep-alive for 1.1 clients (bug 3016)
- HTTP/1.1: Improved Range header field validation
- HTTP/1.1: Forward multiple unknown Cache-Control directives
- HTTP/1.1: Stop sending Proxy-Connection header
- Fix 32-bit wrap in refresh_pattern min/max values
- ... and several documentation corrections.
To generate a diff of this commit:
cvs rdiff -u -r1.24 -r1.25 pkgsrc/www/squid31/Makefile
cvs rdiff -u -r1.22 -r1.23 pkgsrc/www/squid31/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Sep 7 19:55:17 UTC 2010
Modified Files:
pkgsrc/www/squid31: Makefile distinfo
Log Message:
Update "squid31" package to version 3.1.8. Changes since 3.1.7:
- Security fixes:
- Fixes for the request processing vulnerability tagged SQUID-2010:3.
http://www.squid-cache.org/Advisories/SQUID-2010_3.txt
- A hardening of the DNS client against packet queueing approaches
used to enable attacks. This completes the protection against attacks
published by Yamaguchi late in 2009.
- An HTTP request-line parser hardened against several categories of
request attack. This greatly increasing the speed of detection and
reducing resources used to detect these categories of attack.
- Fixes for the following bugs:
- Bug 3020: Segmentation fault: nameservers[vc->ns].vc =3D NULL
- Bug 3005,2972: Locate LTDL headers correctly (again)
- Bug 2872: leaking file descriptors
- Bug 2583: pure virtual method called
To generate a diff of this commit:
cvs rdiff -u -r1.25 -r1.26 pkgsrc/www/squid31/Makefile
cvs rdiff -u -r1.23 -r1.24 pkgsrc/www/squid31/distinfo
security update
Revisions pulled up:
- pkgsrc/www/squid/options.mk 1.20
- pkgsrc/www/squid31/Makefile 1.26
- pkgsrc/www/squid31/distinfo 1.24
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: adam
Date: Wed Jul 28 10:16:14 UTC 2010
Modified Files:
pkgsrc/www/squid: options.mk
pkgsrc/www/squid31: Makefile distinfo
Log Message:
Changes 3.1.5.1:
* SourceFormat Enforcement
* Replace most USE_IPV6 with run-time support probing
* Translations: sync with 3.HEAD language updates
* Split-Stack enable DNS and http(s)_port sockets.
* Bug: --with-valgrind-debug failures ignored
* Fixed comm.cc:377: "fd_table[fd].halfClosedReader !=3D NULL" assertion
* Kludge: try to detect system acinclude path, to fix libtool brokenness.
* Bug: search scope for digest_ldap_auth didn't work
* Update libtool autoconf macros to libtool2 style
* Correction documentation of QoS disable-preserve-miss
* Remove .so from SASL build checks
* Bug: AIX support: c only c++ style comments test case
* Bug: AIX support: check libm for log()
* Do not stop accepting just because we got COMM_NOMESSAGE.
* Bug: AIX support: uchar is already define (more)
* Bug: AIX support: uchar is already define
* Bug: crash handling NULL write callback
* Correct Joomla DB auth handling
* Fixed memory leak related to retried requests.
* Prevent memory leaks when cloning Range requests.
* Fixed memory leaks related to Range requests.
Changes 3.1.5:
* Bug: Fix context leak in HttpStateData::processReplyHeader
* Bug: raw-IPv6 address URL with append_domain broken
* Bug: does not send indirect X-Client-Ip in ICAP respmod
* Fix free memory corruption and off-by-on error when comparing SNMP OIDs
* Restart DNS retransmission count when restarting the query as an A lookup
* Bug: HTTP responses with no Date, L-M or Expires can now be cached
* Maintenance: Formater skip libltdl dirs
* SourceFormat Enforcement
* Bug: Fails to detect chunked encoding if not given in all lower case
* Port from 2.7: max_filedescriptor config option
* persistent_connection_after_error is meant to be on by default
* kFreeBSD does not have linux headers. Wrap properly.
* Maintenance: Use system MD5 instead of hard-coded python paths
* Bug: ICAP tokens not logged when using multiple access
* SourceFormat Enforcement
* OpenBSD: Fix build mem.cc warning: converting of negative value
To generate a diff of this commit:
cvs rdiff -u -r1.19 -r1.20 pkgsrc/www/squid/options.mk
cvs rdiff -u -r1.22 -r1.23 pkgsrc/www/squid31/Makefile
cvs rdiff -u -r1.20 -r1.21 pkgsrc/www/squid31/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Aug 4 11:36:08 UTC 2010
Modified Files:
pkgsrc/www/squid31: Makefile distinfo
Log Message:
Update "squid31" package to version 3.1.6. Changes since 3.1.5.1:
- Bug 2994, 2995: IPv4-only regressions
- Bug 2991: Wrong parameters to fcntl() in commSetCloseOnExec()
- Bug 2975: chunked requests not supported after regular ones
- Fix: 32-bit overflow in reported bytes received from next hop
- Fix Libtool build regressions
- Limited split-stack IPv6 support.
- squid_db_auth support MD5 encrypted passwords
To generate a diff of this commit:
cvs rdiff -u -r1.23 -r1.24 pkgsrc/www/squid31/Makefile
cvs rdiff -u -r1.21 -r1.22 pkgsrc/www/squid31/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Aug 25 17:53:44 UTC 2010
Modified Files:
pkgsrc/www/squid31: Makefile distinfo
Log Message:
Update "squid31" package to version 3.1.7. Change since 3.1.6:
- Regression Bug 3021: Large DNS reply causes crash
- Regression Bug 3011: ICAP, HTTPS, cache_peer probe IPv4-only port fixes
- Regression Bug 2997: visible_hostname directive no longer matches docs
- Bug 3012: deprecate sslBump and support ssl-bump spelling in http_port
- Bug 3006: handle IPV6_V6ONLY definition missing
- Bug 3004: Solaris 9 SunStudio 12 build failure
- Bug 3003: inconsistent concepts in documentation of cache_dir
- Bug 3001: dnsserver link issues
- HTTP/1.1: default keep-alive for 1.1 clients (bug 3016)
- HTTP/1.1: Improved Range header field validation
- HTTP/1.1: Forward multiple unknown Cache-Control directives
- HTTP/1.1: Stop sending Proxy-Connection header
- Fix 32-bit wrap in refresh_pattern min/max values
- ... and several documentation corrections.
To generate a diff of this commit:
cvs rdiff -u -r1.24 -r1.25 pkgsrc/www/squid31/Makefile
cvs rdiff -u -r1.22 -r1.23 pkgsrc/www/squid31/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Sep 7 19:55:17 UTC 2010
Modified Files:
pkgsrc/www/squid31: Makefile distinfo
Log Message:
Update "squid31" package to version 3.1.8. Changes since 3.1.7:
- Security fixes:
- Fixes for the request processing vulnerability tagged SQUID-2010:3.
http://www.squid-cache.org/Advisories/SQUID-2010_3.txt
- A hardening of the DNS client against packet queueing approaches
used to enable attacks. This completes the protection against attacks
published by Yamaguchi late in 2009.
- An HTTP request-line parser hardened against several categories of
request attack. This greatly increasing the speed of detection and
reducing resources used to detect these categories of attack.
- Fixes for the following bugs:
- Bug 3020: Segmentation fault: nameservers[vc->ns].vc =3D NULL
- Bug 3005,2972: Locate LTDL headers correctly (again)
- Bug 2872: leaking file descriptors
- Bug 2583: pure virtual method called
To generate a diff of this commit:
cvs rdiff -u -r1.25 -r1.26 pkgsrc/www/squid31/Makefile
cvs rdiff -u -r1.23 -r1.24 pkgsrc/www/squid31/distinfo
pkgsrc-2010Q2 commitmail json YAML
pullup #3211 & #3212
pkgsrc-2010Q2 commitmail json YAML
pkgsrc/databases/phpmyadmin/Makefile@1.82.4.1
/
diff
pkgsrc/databases/phpmyadmin/distinfo@1.43.4.1 / diff
pkgsrc/databases/phpmyadmin/distinfo@1.43.4.1 / diff
Pullup ticket 3212 - requested by tron
security update
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.83
- pkgsrc/databases/phpmyadmin/distinfo 1.44
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Aug 21 07:50:02 UTC 2010
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 2.11.10.1.
Changes since version 2.11.10:
- [setup] Fixed output sanitizing in setup script, see PMASA-2010-4 for
more details.
- [core] Fixed various XSS issues, see PMASA-2010-5 for more details.
To generate a diff of this commit:
cvs rdiff -u -r1.82 -r1.83 pkgsrc/databases/phpmyadmin/Makefile
cvs rdiff -u -r1.43 -r1.44 pkgsrc/databases/phpmyadmin/distinfo
security update
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.83
- pkgsrc/databases/phpmyadmin/distinfo 1.44
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Aug 21 07:50:02 UTC 2010
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 2.11.10.1.
Changes since version 2.11.10:
- [setup] Fixed output sanitizing in setup script, see PMASA-2010-4 for
more details.
- [core] Fixed various XSS issues, see PMASA-2010-5 for more details.
To generate a diff of this commit:
cvs rdiff -u -r1.82 -r1.83 pkgsrc/databases/phpmyadmin/Makefile
cvs rdiff -u -r1.43 -r1.44 pkgsrc/databases/phpmyadmin/distinfo
pkgsrc-2010Q2 commitmail json YAML
Pullup ticket 3211 - requested by tez
build fix for Solaris
Revisions pulled up:
- pkgsrc/devel/glib2/Makefile 1.176
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tez
Date: Fri Aug 20 16:33:10 UTC 2010
Modified Files:
pkgsrc/devel/glib2: Makefile
Log Message:
Fix build on Solaris per pkg/43707 - no revision bump since other
platforms are unaffected and Solaris did not build before
To generate a diff of this commit:
cvs rdiff -u -r1.175 -r1.176 pkgsrc/devel/glib2/Makefile
build fix for Solaris
Revisions pulled up:
- pkgsrc/devel/glib2/Makefile 1.176
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tez
Date: Fri Aug 20 16:33:10 UTC 2010
Modified Files:
pkgsrc/devel/glib2: Makefile
Log Message:
Fix build on Solaris per pkg/43707 - no revision bump since other
platforms are unaffected and Solaris did not build before
To generate a diff of this commit:
cvs rdiff -u -r1.175 -r1.176 pkgsrc/devel/glib2/Makefile
pkgsrc-2010Q2 commitmail json YAML
pullup 3200
pkgsrc-2010Q2 commitmail json YAML
pkgsrc/graphics/freetype2/Makefile@1.72.4.2
/
diff
pkgsrc/graphics/freetype2/distinfo@1.34.4.2 / diff
pkgsrc/graphics/freetype2/distinfo@1.34.4.2 / diff
Pullup ticket 3200 - requested by tnn
security update
Revisions pulled up:
- pkgsrc/graphics/freetype2/Makefile 1.74
- pkgsrc/graphics/freetype2/distinfo 1.36
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tnn
Date: Sun Aug 8 16:06:02 UTC 2010
Modified Files:
pkgsrc/graphics/freetype2: Makefile distinfo
Log Message:
Update to freetype2-2.4.2:
CHANGES BETWEEN 2.4.1 and 2.4.2
I. IMPORTANT BUG FIXES
- A stack overflow in CFF Type2 CharStrings interpreter is fixed.
- Handling Type 42 font deallocation was broken; additionally, the
library is now more robust against malformed Type 42 fonts.
II. MISCELLANEOUS
- Two new functions, `FT_Reference_Library' (in FT_MODULE_H) and
`FT_Reference_Face' (in FT_FREETYPE_H), have been added to
simplify life-cycle management. A counter gets initialized to 1
at the time an FT_Library (or FT_Face) structure is created.
The two new functions increment the respective counter.
`FT_Done_Library' and `FT_Done_Face' then only destroy a library
or face if the counter is 1, otherwise they simply decrement the
counter.
To generate a diff of this commit:
cvs rdiff -u -r1.73 -r1.74 pkgsrc/graphics/freetype2/Makefile
cvs rdiff -u -r1.35 -r1.36 pkgsrc/graphics/freetype2/distinfo
security update
Revisions pulled up:
- pkgsrc/graphics/freetype2/Makefile 1.74
- pkgsrc/graphics/freetype2/distinfo 1.36
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tnn
Date: Sun Aug 8 16:06:02 UTC 2010
Modified Files:
pkgsrc/graphics/freetype2: Makefile distinfo
Log Message:
Update to freetype2-2.4.2:
CHANGES BETWEEN 2.4.1 and 2.4.2
I. IMPORTANT BUG FIXES
- A stack overflow in CFF Type2 CharStrings interpreter is fixed.
- Handling Type 42 font deallocation was broken; additionally, the
library is now more robust against malformed Type 42 fonts.
II. MISCELLANEOUS
- Two new functions, `FT_Reference_Library' (in FT_MODULE_H) and
`FT_Reference_Face' (in FT_FREETYPE_H), have been added to
simplify life-cycle management. A counter gets initialized to 1
at the time an FT_Library (or FT_Face) structure is created.
The two new functions increment the respective counter.
`FT_Done_Library' and `FT_Done_Face' then only destroy a library
or face if the counter is 1, otherwise they simply decrement the
counter.
To generate a diff of this commit:
cvs rdiff -u -r1.73 -r1.74 pkgsrc/graphics/freetype2/Makefile
cvs rdiff -u -r1.35 -r1.36 pkgsrc/graphics/freetype2/distinfo
pkgsrc-2010Q2 commitmail json YAML
pullup #3199
pkgsrc-2010Q2 commitmail json YAML
pkgsrc/security/gnupg2/Makefile@1.29.2.1
/
diff
pkgsrc/security/gnupg2/distinfo@1.17.4.1 / diff
pkgsrc/security/gnupg2/patches/patch-an@1.1.2.2 / diff
pkgsrc/security/gnupg2/distinfo@1.17.4.1 / diff
pkgsrc/security/gnupg2/patches/patch-an@1.1.2.2 / diff
Pullup ticket 3199 - requested by gls
security patch
Revisions pulled up:
- pkgsrc/security/gnupg2/Makefile 1.30
- pkgsrc/security/gnupg2/distinfo 1.18
Files added:
pkgsrc/security/gnupg2/patches/patch-an
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Tue Aug 3 19:14:42 UTC 2010
Modified Files:
pkgsrc/security/gnupg2: Makefile distinfo
Added Files:
pkgsrc/security/gnupg2/patches: patch-an
Log Message:
add patch from upstream to fix a possible use-after-free problem
(CVE-2010-2547), bump PKGREVISION
To generate a diff of this commit:
cvs rdiff -u -r1.29 -r1.30 pkgsrc/security/gnupg2/Makefile
cvs rdiff -u -r1.17 -r1.18 pkgsrc/security/gnupg2/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/security/gnupg2/patches/patch-an
security patch
Revisions pulled up:
- pkgsrc/security/gnupg2/Makefile 1.30
- pkgsrc/security/gnupg2/distinfo 1.18
Files added:
pkgsrc/security/gnupg2/patches/patch-an
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Tue Aug 3 19:14:42 UTC 2010
Modified Files:
pkgsrc/security/gnupg2: Makefile distinfo
Added Files:
pkgsrc/security/gnupg2/patches: patch-an
Log Message:
add patch from upstream to fix a possible use-after-free problem
(CVE-2010-2547), bump PKGREVISION
To generate a diff of this commit:
cvs rdiff -u -r1.29 -r1.30 pkgsrc/security/gnupg2/Makefile
cvs rdiff -u -r1.17 -r1.18 pkgsrc/security/gnupg2/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/security/gnupg2/patches/patch-an
pkgsrc-2010Q2 commitmail json YAML
pullups 3196 + 3197
pkgsrc-2010Q2 commitmail json YAML
pkgsrc/graphics/tiff/Makefile@1.96.2.1
/
diff
pkgsrc/graphics/tiff/distinfo@1.48.2.1 / diff
pkgsrc/graphics/tiff/patches/patch-aa@1.19.2.2 / diff
pkgsrc/graphics/tiff/patches/patch-ab@1.20.2.2 / diff
pkgsrc/graphics/tiff/patches/patch-ac@1.22.2.2 / diff
pkgsrc/graphics/tiff/patches/patch-ad@1.16.2.2 / diff
pkgsrc/graphics/tiff/patches/patch-ae@1.11.2.2 / diff
pkgsrc/graphics/tiff/distinfo@1.48.2.1 / diff
pkgsrc/graphics/tiff/patches/patch-aa@1.19.2.2 / diff
pkgsrc/graphics/tiff/patches/patch-ab@1.20.2.2 / diff
pkgsrc/graphics/tiff/patches/patch-ac@1.22.2.2 / diff
pkgsrc/graphics/tiff/patches/patch-ad@1.16.2.2 / diff
pkgsrc/graphics/tiff/patches/patch-ae@1.11.2.2 / diff
Pullup ticket 3197 - requested by tron
security patches
Revisions pulled up:
- pkgsrc/graphics/tiff/Makefile 1.97
- pkgsrc/graphics/tiff/distinfo 1.49
Files added:
pkgsrc/graphics/tiff/patches/patch-aa
pkgsrc/graphics/tiff/patches/patch-ab
pkgsrc/graphics/tiff/patches/patch-ac
pkgsrc/graphics/tiff/patches/patch-ad
pkgsrc/graphics/tiff/patches/patch-ae
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Aug 4 17:48:22 UTC 2010
Modified Files:
pkgsrc/graphics/tiff: Makefile distinfo
Added Files:
pkgsrc/graphics/tiff/patches: patch-aa patch-ab patch-ac patch-ad
patch-ae
Log Message:
Add patches from either libtiff's or Red Hat's Bugzilla which fix the
following vulnerabilities:
- CVE-2010-2233
- CVE-2010-2482
- CVE-2010-2483
- CVE-2010-2595
- CVE-2010-2597
There is no patch for CVE-2010-2596 yet. But it is low risk (an assertion
gets triggered) and cannot be exploited after the above vulnerabilities
are fixed (at least if I understood correctly).
No butcher was involved in fixing this package.
To generate a diff of this commit:
cvs rdiff -u -r1.96 -r1.97 pkgsrc/graphics/tiff/Makefile
cvs rdiff -u -r1.48 -r1.49 pkgsrc/graphics/tiff/distinfo
cvs rdiff -u -r0 -r1.19 pkgsrc/graphics/tiff/patches/patch-aa
cvs rdiff -u -r0 -r1.20 pkgsrc/graphics/tiff/patches/patch-ab
cvs rdiff -u -r0 -r1.22 pkgsrc/graphics/tiff/patches/patch-ac
cvs rdiff -u -r0 -r1.16 pkgsrc/graphics/tiff/patches/patch-ad
cvs rdiff -u -r0 -r1.11 pkgsrc/graphics/tiff/patches/patch-ae
security patches
Revisions pulled up:
- pkgsrc/graphics/tiff/Makefile 1.97
- pkgsrc/graphics/tiff/distinfo 1.49
Files added:
pkgsrc/graphics/tiff/patches/patch-aa
pkgsrc/graphics/tiff/patches/patch-ab
pkgsrc/graphics/tiff/patches/patch-ac
pkgsrc/graphics/tiff/patches/patch-ad
pkgsrc/graphics/tiff/patches/patch-ae
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Aug 4 17:48:22 UTC 2010
Modified Files:
pkgsrc/graphics/tiff: Makefile distinfo
Added Files:
pkgsrc/graphics/tiff/patches: patch-aa patch-ab patch-ac patch-ad
patch-ae
Log Message:
Add patches from either libtiff's or Red Hat's Bugzilla which fix the
following vulnerabilities:
- CVE-2010-2233
- CVE-2010-2482
- CVE-2010-2483
- CVE-2010-2595
- CVE-2010-2597
There is no patch for CVE-2010-2596 yet. But it is low risk (an assertion
gets triggered) and cannot be exploited after the above vulnerabilities
are fixed (at least if I understood correctly).
No butcher was involved in fixing this package.
To generate a diff of this commit:
cvs rdiff -u -r1.96 -r1.97 pkgsrc/graphics/tiff/Makefile
cvs rdiff -u -r1.48 -r1.49 pkgsrc/graphics/tiff/distinfo
cvs rdiff -u -r0 -r1.19 pkgsrc/graphics/tiff/patches/patch-aa
cvs rdiff -u -r0 -r1.20 pkgsrc/graphics/tiff/patches/patch-ab
cvs rdiff -u -r0 -r1.22 pkgsrc/graphics/tiff/patches/patch-ac
cvs rdiff -u -r0 -r1.16 pkgsrc/graphics/tiff/patches/patch-ad
cvs rdiff -u -r0 -r1.11 pkgsrc/graphics/tiff/patches/patch-ae
pkgsrc-2010Q2 commitmail json YAML
Pullup ticket 3196 - requested by tron
security update
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.50
- pkgsrc/net/wireshark/distinfo 1.33
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Aug 3 20:45:50 UTC 2010
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update "wireshark" package to version 1.2.10. Changes since version 1.2.9:
- Bug Fixes
o The SigComp Universal Decompressor Virtual Machine could
overrun a buffer. (Bug 4867)
Versions affected: 0.10.8 to 1.0.14, 1.2.0 to 1.2.9
CVE-2010-2287
o The GSM A RR dissector could crash. (Bug 4897)
Versions affected: 1.2.2 to 1.2.9
o Due to a regression the ASN.1 BER dissector could overrun the stack.
Versions affected: 0.10.13 to 1.0.14, 1.2.0 to 1.2.9
CVE-2010-2284
o The IPMI dissector could go into an infinite loop.
Versions affected: 1.2.0 to 1.2.9
- The following bugs have been fixed:
o Wireshark crashes after configuring new Information column.
(Bug 4854)
o Crash triggered when changing display filter from right-mouse
pop-up menu via packet-list. (Bug 4860)
o Wireshark crash selecting Inter-Asterisk exchange v2 packet
data. (Bug 4868)
o zlib-1.2.5 cause tshark to stop live capture. (Bug 4916)
o Crash when adding SNMP users. (Bug 4926)
o Wireshark via ssh -X on ipv6 link-local address fails to allow
capture. (Bug 4945)
o OMAPI dissector fails to parse combined initialization
messages. (Bug 4982)
o QUERY_FS_INFO for Macintosh level 0x301 - MacSupportFlags
decodes wrong. (Bug 4993)
o SCSI dissector misidentifies ATA PASSTHROUGH command as ACCESS
CONTROL IN. (Bug 5037)
o Wrong decoding of GTP Prime (GTP') packets. (Bug 5055)
- Updated Protocol Support
ASN.1 BER, GSM A RR, GTP, IAX2, IPMI, OMAPI, PRES, SCSI, SMB, UNISTIM
To generate a diff of this commit:
cvs rdiff -u -r1.49 -r1.50 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.32 -r1.33 pkgsrc/net/wireshark/distinfo
security update
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.50
- pkgsrc/net/wireshark/distinfo 1.33
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Aug 3 20:45:50 UTC 2010
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update "wireshark" package to version 1.2.10. Changes since version 1.2.9:
- Bug Fixes
o The SigComp Universal Decompressor Virtual Machine could
overrun a buffer. (Bug 4867)
Versions affected: 0.10.8 to 1.0.14, 1.2.0 to 1.2.9
CVE-2010-2287
o The GSM A RR dissector could crash. (Bug 4897)
Versions affected: 1.2.2 to 1.2.9
o Due to a regression the ASN.1 BER dissector could overrun the stack.
Versions affected: 0.10.13 to 1.0.14, 1.2.0 to 1.2.9
CVE-2010-2284
o The IPMI dissector could go into an infinite loop.
Versions affected: 1.2.0 to 1.2.9
- The following bugs have been fixed:
o Wireshark crashes after configuring new Information column.
(Bug 4854)
o Crash triggered when changing display filter from right-mouse
pop-up menu via packet-list. (Bug 4860)
o Wireshark crash selecting Inter-Asterisk exchange v2 packet
data. (Bug 4868)
o zlib-1.2.5 cause tshark to stop live capture. (Bug 4916)
o Crash when adding SNMP users. (Bug 4926)
o Wireshark via ssh -X on ipv6 link-local address fails to allow
capture. (Bug 4945)
o OMAPI dissector fails to parse combined initialization
messages. (Bug 4982)
o QUERY_FS_INFO for Macintosh level 0x301 - MacSupportFlags
decodes wrong. (Bug 4993)
o SCSI dissector misidentifies ATA PASSTHROUGH command as ACCESS
CONTROL IN. (Bug 5037)
o Wrong decoding of GTP Prime (GTP') packets. (Bug 5055)
- Updated Protocol Support
ASN.1 BER, GSM A RR, GTP, IAX2, IPMI, OMAPI, PRES, SCSI, SMB, UNISTIM
To generate a diff of this commit:
cvs rdiff -u -r1.49 -r1.50 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.32 -r1.33 pkgsrc/net/wireshark/distinfo
pkgsrc-2010Q2 commitmail json YAML
pullup 3192
pkgsrc-2010Q2 commitmail json YAML
pkgsrc/net/avahi/Makefile@1.16.2.1
/
diff
pkgsrc/net/avahi/PLIST@1.4.10.1 / diff
pkgsrc/net/avahi/PLIST.pygdbm@1.2.6.1 / diff
pkgsrc/net/avahi/PLIST.python@1.3.6.1 / diff
pkgsrc/net/avahi/distinfo@1.7.10.1 / diff
pkgsrc/net/avahi/options.mk@1.1.1.1.14.1 / diff
pkgsrc/net/avahi/patches/patch-aa@1.1.1.1.14.1 / diff
pkgsrc/net/avahi/patches/patch-ab@1.1.1.1.14.1 / diff
pkgsrc/net/avahi/patches/patch-ac@1.1.1.1.14.1 / diff
pkgsrc/net/avahi/patches/patch-ad@1.1.1.1.14.1 / diff
pkgsrc/net/avahi/patches/patch-ae@1.3.12.1 / diff
pkgsrc/net/avahi/patches/patch-ag@1.3.10.1 / diff
pkgsrc/net/avahi/patches/patch-ah@1.1.14.1 / diff
pkgsrc/net/avahi/patches/patch-ai@1.1.14.1 / diff
pkgsrc/net/avahi/patches/patch-aj@1.3.10.1 / diff
pkgsrc/net/avahi/PLIST@1.4.10.1 / diff
pkgsrc/net/avahi/PLIST.pygdbm@1.2.6.1 / diff
pkgsrc/net/avahi/PLIST.python@1.3.6.1 / diff
pkgsrc/net/avahi/distinfo@1.7.10.1 / diff
pkgsrc/net/avahi/options.mk@1.1.1.1.14.1 / diff
pkgsrc/net/avahi/patches/patch-aa@1.1.1.1.14.1 / diff
pkgsrc/net/avahi/patches/patch-ab@1.1.1.1.14.1 / diff
pkgsrc/net/avahi/patches/patch-ac@1.1.1.1.14.1 / diff
pkgsrc/net/avahi/patches/patch-ad@1.1.1.1.14.1 / diff
pkgsrc/net/avahi/patches/patch-ae@1.3.12.1 / diff
pkgsrc/net/avahi/patches/patch-ag@1.3.10.1 / diff
pkgsrc/net/avahi/patches/patch-ah@1.1.14.1 / diff
pkgsrc/net/avahi/patches/patch-ai@1.1.14.1 / diff
pkgsrc/net/avahi/patches/patch-aj@1.3.10.1 / diff
Pullup ticket 3192 - requested by obache
security update
Revisions pulled up:
- pkgsrc/net/avahi/Makefile 1.17
- pkgsrc/net/avahi/PLIST 1.5
- pkgsrc/net/avahi/PLIST.pygdbm 1.3
- pkgsrc/net/avahi/PLIST.python 1.4
- pkgsrc/net/avahi/distinfo 1.8
- pkgsrc/net/avahi/options.mk 1.2
- pkgsrc/net/avahi/patches/patch-aa 1.2
- pkgsrc/net/avahi/patches/patch-ab 1.2
- pkgsrc/net/avahi/patches/patch-ac 1.2
- pkgsrc/net/avahi/patches/patch-ad 1.2
- pkgsrc/net/avahi/patches/patch-ae 1.4
- pkgsrc/net/avahi/patches/patch-ag 1.4
- pkgsrc/net/avahi/patches/patch-aj 1.4
- pkgsrc/net/avahi/patches/patch-ah 1.2
- pkgsrc/net/avahi/patches/patch-ai 1.2
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: obache
Date: Sat Jul 24 13:42:12 UTC 2010
Modified Files:
pkgsrc/net/avahi: Makefile PLIST PLIST.pygdbm PLIST.python distinfo
options.mk
pkgsrc/net/avahi/patches: patch-aa patch-ab patch-ac patch-ad patch-ae
patch-ag patch-ah patch-ai patch-aj
Log Message:
Update avahi to 0.6.27.
0.6.27
some build fixes
0.6.26
This is mostly a bugfix release but also fixes a low risk security issue and
adds a couple of minor new features.
* Fix CVE-2010-2244 (Ludwig Nussel)
* Support for Gtk+ 3 and Gtk+ Introspection
* Native systemd socket activation support
* Add systemd service files
* Add various resource control options, for traffic rate limiting as well
as cache size and D-Bus client object limits.
* i18n updates
* Minor other updates
To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 pkgsrc/net/avahi/Makefile
cvs rdiff -u -r1.4 -r1.5 pkgsrc/net/avahi/PLIST
cvs rdiff -u -r1.2 -r1.3 pkgsrc/net/avahi/PLIST.pygdbm
cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/avahi/PLIST.python
cvs rdiff -u -r1.7 -r1.8 pkgsrc/net/avahi/distinfo
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/net/avahi/options.mk
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/net/avahi/patches/patch-aa \
pkgsrc/net/avahi/patches/patch-ab pkgsrc/net/avahi/patches/patch-ac \
pkgsrc/net/avahi/patches/patch-ad
cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/avahi/patches/patch-ae \
pkgsrc/net/avahi/patches/patch-ag pkgsrc/net/avahi/patches/patch-aj
cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/avahi/patches/patch-ah \
pkgsrc/net/avahi/patches/patch-ai
security update
Revisions pulled up:
- pkgsrc/net/avahi/Makefile 1.17
- pkgsrc/net/avahi/PLIST 1.5
- pkgsrc/net/avahi/PLIST.pygdbm 1.3
- pkgsrc/net/avahi/PLIST.python 1.4
- pkgsrc/net/avahi/distinfo 1.8
- pkgsrc/net/avahi/options.mk 1.2
- pkgsrc/net/avahi/patches/patch-aa 1.2
- pkgsrc/net/avahi/patches/patch-ab 1.2
- pkgsrc/net/avahi/patches/patch-ac 1.2
- pkgsrc/net/avahi/patches/patch-ad 1.2
- pkgsrc/net/avahi/patches/patch-ae 1.4
- pkgsrc/net/avahi/patches/patch-ag 1.4
- pkgsrc/net/avahi/patches/patch-aj 1.4
- pkgsrc/net/avahi/patches/patch-ah 1.2
- pkgsrc/net/avahi/patches/patch-ai 1.2
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: obache
Date: Sat Jul 24 13:42:12 UTC 2010
Modified Files:
pkgsrc/net/avahi: Makefile PLIST PLIST.pygdbm PLIST.python distinfo
options.mk
pkgsrc/net/avahi/patches: patch-aa patch-ab patch-ac patch-ad patch-ae
patch-ag patch-ah patch-ai patch-aj
Log Message:
Update avahi to 0.6.27.
0.6.27
some build fixes
0.6.26
This is mostly a bugfix release but also fixes a low risk security issue and
adds a couple of minor new features.
* Fix CVE-2010-2244 (Ludwig Nussel)
* Support for Gtk+ 3 and Gtk+ Introspection
* Native systemd socket activation support
* Add systemd service files
* Add various resource control options, for traffic rate limiting as well
as cache size and D-Bus client object limits.
* i18n updates
* Minor other updates
To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 pkgsrc/net/avahi/Makefile
cvs rdiff -u -r1.4 -r1.5 pkgsrc/net/avahi/PLIST
cvs rdiff -u -r1.2 -r1.3 pkgsrc/net/avahi/PLIST.pygdbm
cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/avahi/PLIST.python
cvs rdiff -u -r1.7 -r1.8 pkgsrc/net/avahi/distinfo
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/net/avahi/options.mk
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/net/avahi/patches/patch-aa \
pkgsrc/net/avahi/patches/patch-ab pkgsrc/net/avahi/patches/patch-ac \
pkgsrc/net/avahi/patches/patch-ad
cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/avahi/patches/patch-ae \
pkgsrc/net/avahi/patches/patch-ag pkgsrc/net/avahi/patches/patch-aj
cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/avahi/patches/patch-ah \
pkgsrc/net/avahi/patches/patch-ai
pkgsrc-2010Q2 commitmail json YAML
pullup 3187
pkgsrc-2010Q2 commitmail json YAML
pkgsrc/www/apache22/Makefile@1.59.2.1
/
diff
pkgsrc/www/apache22/distinfo@1.33.2.1 / diff
pkgsrc/www/apache22/patches/patch-af deleted
pkgsrc/www/apache22/distinfo@1.33.2.1 / diff
pkgsrc/www/apache22/patches/patch-af deleted
Pullup ticket 3187 - requested by tron
security update
Revisions pulled up:
- pkgsrc/www/apache22/Makefile 1.61
- pkgsrc/www/apache22/distinfo 1.34
Files deleted:
pkgsrc/www/apache22/patches/patch-af
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Mon Jul 26 21:38:52 UTC 2010
Modified Files:
pkgsrc/www/apache22: Makefile distinfo
Removed Files:
pkgsrc/www/apache22/patches: patch-af
Log Message:
Update "apache22" package to version 2.2.16. Changes since version 2.2.15:
- SECURITY: CVE-2010-1452 (cve.mitre.org)
mod_dav, mod_cache: Fix Handling of requests without a path segment.
PR: 49246 [Mark Drayton, Jeff Trawick]
- SECURITY: CVE-2010-2068 (cve.mitre.org)
mod_proxy_ajp, mod_proxy_http, mod_reqtimeout: Fix timeout detection
for platforms Windows, Netware and OS2. PR: 49417. [Rainer Jung]
- core: Filter init functions are now run strictly once per request
before handler invocation. The init functions are no longer run
for connection filters. PR 49328. [Joe Orton]
- mod_filter: enable it to act on non-200 responses.
PR 48377 [Nick Kew]
- mod_ldap: LDAP caching was suppressed (and ldap-status handler returns
title page only) when any mod_ldap directives were used in VirtualHost
context. [Eric Covener]
- mod_ssl: Fix segfault at startup if proxy client certs are shared
across multiple vhosts. PR 39915. [Joe Orton]
- mod_proxy_http: Log the port of the remote server in various messages.
PR 48812. [Igor Gali?? <i galic brainsware org>]
- apxs: Fix -A and -a options to ignore whitespace in httpd.conf
[Philip M. Gollucci]
- mod_dir: add FallbackResource directive, to enable admin to specify
an action to happen when a URL maps to no file, without resorting
to ErrorDocument or mod_rewrite. PR 47184 [Nick Kew]
- mod_rewrite: Allow to set environment variables without explicitely
giving a value. [Rainer Jung]
To generate a diff of this commit:
cvs rdiff -u -r1.60 -r1.61 pkgsrc/www/apache22/Makefile
cvs rdiff -u -r1.33 -r1.34 pkgsrc/www/apache22/distinfo
cvs rdiff -u -r1.3 -r0 pkgsrc/www/apache22/patches/patch-af
security update
Revisions pulled up:
- pkgsrc/www/apache22/Makefile 1.61
- pkgsrc/www/apache22/distinfo 1.34
Files deleted:
pkgsrc/www/apache22/patches/patch-af
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Mon Jul 26 21:38:52 UTC 2010
Modified Files:
pkgsrc/www/apache22: Makefile distinfo
Removed Files:
pkgsrc/www/apache22/patches: patch-af
Log Message:
Update "apache22" package to version 2.2.16. Changes since version 2.2.15:
- SECURITY: CVE-2010-1452 (cve.mitre.org)
mod_dav, mod_cache: Fix Handling of requests without a path segment.
PR: 49246 [Mark Drayton, Jeff Trawick]
- SECURITY: CVE-2010-2068 (cve.mitre.org)
mod_proxy_ajp, mod_proxy_http, mod_reqtimeout: Fix timeout detection
for platforms Windows, Netware and OS2. PR: 49417. [Rainer Jung]
- core: Filter init functions are now run strictly once per request
before handler invocation. The init functions are no longer run
for connection filters. PR 49328. [Joe Orton]
- mod_filter: enable it to act on non-200 responses.
PR 48377 [Nick Kew]
- mod_ldap: LDAP caching was suppressed (and ldap-status handler returns
title page only) when any mod_ldap directives were used in VirtualHost
context. [Eric Covener]
- mod_ssl: Fix segfault at startup if proxy client certs are shared
across multiple vhosts. PR 39915. [Joe Orton]
- mod_proxy_http: Log the port of the remote server in various messages.
PR 48812. [Igor Gali?? <i galic brainsware org>]
- apxs: Fix -A and -a options to ignore whitespace in httpd.conf
[Philip M. Gollucci]
- mod_dir: add FallbackResource directive, to enable admin to specify
an action to happen when a URL maps to no file, without resorting
to ErrorDocument or mod_rewrite. PR 47184 [Nick Kew]
- mod_rewrite: Allow to set environment variables without explicitely
giving a value. [Rainer Jung]
To generate a diff of this commit:
cvs rdiff -u -r1.60 -r1.61 pkgsrc/www/apache22/Makefile
cvs rdiff -u -r1.33 -r1.34 pkgsrc/www/apache22/distinfo
cvs rdiff -u -r1.3 -r0 pkgsrc/www/apache22/patches/patch-af
pkgsrc-2010Q2 commitmail json YAML
pullups 3181, 3182, 3183 + 3184
pkgsrc-2010Q2 commitmail json YAML
pkgsrc/databases/openldap-client/PLIST@1.7.6.1
/
diff
pkgsrc/databases/openldap-cloak/Makefile@1.7.2.1 / diff
pkgsrc/databases/openldap-doc/Makefile@1.19.4.1 / diff
pkgsrc/databases/openldap-nops/Makefile@1.9.2.1 / diff
pkgsrc/databases/openldap-server/Makefile@1.25.2.1 / diff
pkgsrc/databases/openldap-smbk5pwd/Makefile@1.7.2.1 / diff
pkgsrc/databases/openldap/Makefile@1.134.4.1 / diff
pkgsrc/databases/openldap/Makefile.common@1.25.4.1 / diff
pkgsrc/databases/openldap/distinfo@1.77.4.1 / diff
pkgsrc/databases/openldap-cloak/Makefile@1.7.2.1 / diff
pkgsrc/databases/openldap-doc/Makefile@1.19.4.1 / diff
pkgsrc/databases/openldap-nops/Makefile@1.9.2.1 / diff
pkgsrc/databases/openldap-server/Makefile@1.25.2.1 / diff
pkgsrc/databases/openldap-smbk5pwd/Makefile@1.7.2.1 / diff
pkgsrc/databases/openldap/Makefile@1.134.4.1 / diff
pkgsrc/databases/openldap/Makefile.common@1.25.4.1 / diff
pkgsrc/databases/openldap/distinfo@1.77.4.1 / diff
Pullup ticket 3183 - requested by ghen
security update
Revisions pulled up:
- pkgsrc/databases/openldap/Makefile 1.135
- pkgsrc/databases/openldap/Makefile.common 1.26
- pkgsrc/databases/openldap/distinfo 1.78
- pkgsrc/databases/openldap-client/PLIST 1.8
- pkgsrc/databases/openldap-cloak/Makefile 1.8
- pkgsrc/databases/openldap-doc/Makefile 1.20
- pkgsrc/databases/openldap-nops/Makefile 1.10
- pkgsrc/databases/openldap-server/Makefile 1.26
- pkgsrc/databases/openldap-smbk5pwd/Makefile 1.8
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: ghen
Date: Sat Jul 24 11:15:18 UTC 2010
Modified Files:
pkgsrc/databases/openldap: Makefile Makefile.common distinfo
pkgsrc/databases/openldap-client: PLIST
pkgsrc/databases/openldap-cloak: Makefile
pkgsrc/databases/openldap-doc: Makefile
pkgsrc/databases/openldap-nops: Makefile
pkgsrc/databases/openldap-server: Makefile
pkgsrc/databases/openldap-smbk5pwd: Makefile
Log Message:
Update to OpenLDAP 2.4.23, now the "stable" release.
OpenLDAP 2.4.23 Release (2010/06/30)
Fixed libldap to return server's error code (ITS#6569)
Fixed libldap memleaks (ITS#6568)
Fixed liblutil off-by-one with delta (ITS#6541)
Fixed slapd acls with glued databases (ITS#6468)
Fixed slapd syncrepl rid logging (ITS#6533)
Fixed slapd modrdn handling of invalid values (ITS#6570)
Fixed slapd-bdb hasSubordinates computation (ITS#6549)
Fixed slapd-bdb to use memcpy instead for strcpy (ITS#6474)
Fixed slapd-bdb entry cache delete failure (ITS#6577)
Fixed slapd-ldap to return control responses (ITS#6530)
Fixed slapo-ppolicy to use Debug (ITS#6566)
Fixed slapo-refint to zero out freed DN vals (ITS#6572)
Fixed slapo-rwm to use Debug (ITS#6566)
Fixed slapo-sssvlv to use Debug (ITS#6566)
Fixed slapo-syncprov lost deletes in refresh phase (ITS#6555)
Fixed slapo-valsort to use Debug (ITS#6566)
Fixed contrib/nssov network.c missing patch (ITS#6562)
Build Environment
Fixed test043 attribute sorting (ITS#6553)
Documentation
slapd-config(5) note default rootdn (ITS#6546)
OpenLDAP 2.4.22 Release (2010/04/24)
Added slapd SLAP_SCHEMA_EXPOSE flag for hidden schema elements (ITS#6435)
Added slapd tools selective iterations (ITS#6442)
Added slapd syncrepl TCP keepalive (ITS#6389)
Added slapo-ldap idassert-passthru (ITS#6456)
Added slapo-pbind
Fixed libldap gmtime re-entrancy (ITS#6262)
Fixed libldap gssapi off by one error (ITS#6223)
Fixed libldap GnuTLS serial length (ITS#6460)
Fixed libldap MozNSS context and PEM support (ITS#6432)
Fixed libldap referral on bind behavior(ITS#6510)
Fixed slapd acl non-entry internal searches (ITS#6481)
Fixed slapd acl attrval style initialization (ITS#6520)
Fixed slapd certificateListValidate (ITS#6466)
Fixed slapd empty URI parsing (ITS#6465)
Fixed slapd glued misplaced entries (ITS#6506)
Fixed slapd glued paged cookies (ITS#6507)
Fixed slapd glued paged results (ITS#6504)
Fixed slapd gmtime re-entrancy (ITS#6262)
Fixed slapd to ignore controls with unrecognized flags (ITS#6480)
Fixed slapd entry ownership (ITS#5340)
Fixed slapd sasl auxprop_lookup (ITS#6441)
Fixed slapd sasl auxprop ssf (ITS#5195)
Fixed slapd syncrepl for attributes with no matching rule (ITS#6458)
Fixed slapd syncrepl for unknown attrs and delta-sync (ITS#6473)
Fixed slapd syncrepl loop with moddn (ITS#6472)
Fixed slapo-accesslog to not replicate internal purges (ITS#6519)
Fixed slapd-bdb contextCSN updates from updatedn (ITS#6469)
Fixed slapd-bdb lockobj zeroing (ITS#6501)
Fixed slapd-ldap/meta control criticality (ITS#6523)
Fixed slapd-ldap/meta with ordered values (ITS#6516)
Fixed slapo-collect entry ownership (ITS#5340,ITS#6423)
Fixed slapo-dds with NULL backend (ITS#6490)
Fixed slapo-dynlist entry ownership (ITS#5340,ITS#6423)
Fixed slapo-memberof attr count (ITS#6508)
Fixed slapo-pcache to release its own entries (ITS#6484)
Fixed slapo-pcache with NULL backend (ITS#6490)
Fixed slapo-rwm entry release handling (ITS#6484)
Fixed slapo-rwm memory handling with rewrites (ITS#6526)
Fixed slapo-rwm olcRwmMap handling (ITS#6436)
Fixed slapo-rwm entry ownership (ITS#5340,ITS#6423)
Fixed slapo-syncprov memory leak (ITS#6459)
Fixed slapo-translucent counter increment (ITS#6497)
Fixed slapo-valsort entry ownership (ITS#5340,ITS#6423)
Fixed contrib/sha2 adds mechs for more hashes (ITS#6433)
Fixed contrib/nssov to use nss-pam-ldapd (ITS#6488)
Build Environment
Added back-ldif, back-null test support (ITS#5810)
Documentation
admin24 avoid explicit moduleload statements (ITS#6486)
admin24 broken link fixes (ITS#6493,ITS#6515)
slapd.access(5) val.regex explanation (ITS#5804)
To generate a diff of this commit:
cvs rdiff -u -r1.134 -r1.135 pkgsrc/databases/openldap/Makefile
cvs rdiff -u -r1.25 -r1.26 pkgsrc/databases/openldap/Makefile.common
cvs rdiff -u -r1.77 -r1.78 pkgsrc/databases/openldap/distinfo
cvs rdiff -u -r1.7 -r1.8 pkgsrc/databases/openldap-client/PLIST
cvs rdiff -u -r1.7 -r1.8 pkgsrc/databases/openldap-cloak/Makefile
cvs rdiff -u -r1.19 -r1.20 pkgsrc/databases/openldap-doc/Makefile
cvs rdiff -u -r1.9 -r1.10 pkgsrc/databases/openldap-nops/Makefile
cvs rdiff -u -r1.25 -r1.26 pkgsrc/databases/openldap-server/Makefile
cvs rdiff -u -r1.7 -r1.8 pkgsrc/databases/openldap-smbk5pwd/Makefile
security update
Revisions pulled up:
- pkgsrc/databases/openldap/Makefile 1.135
- pkgsrc/databases/openldap/Makefile.common 1.26
- pkgsrc/databases/openldap/distinfo 1.78
- pkgsrc/databases/openldap-client/PLIST 1.8
- pkgsrc/databases/openldap-cloak/Makefile 1.8
- pkgsrc/databases/openldap-doc/Makefile 1.20
- pkgsrc/databases/openldap-nops/Makefile 1.10
- pkgsrc/databases/openldap-server/Makefile 1.26
- pkgsrc/databases/openldap-smbk5pwd/Makefile 1.8
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: ghen
Date: Sat Jul 24 11:15:18 UTC 2010
Modified Files:
pkgsrc/databases/openldap: Makefile Makefile.common distinfo
pkgsrc/databases/openldap-client: PLIST
pkgsrc/databases/openldap-cloak: Makefile
pkgsrc/databases/openldap-doc: Makefile
pkgsrc/databases/openldap-nops: Makefile
pkgsrc/databases/openldap-server: Makefile
pkgsrc/databases/openldap-smbk5pwd: Makefile
Log Message:
Update to OpenLDAP 2.4.23, now the "stable" release.
OpenLDAP 2.4.23 Release (2010/06/30)
Fixed libldap to return server's error code (ITS#6569)
Fixed libldap memleaks (ITS#6568)
Fixed liblutil off-by-one with delta (ITS#6541)
Fixed slapd acls with glued databases (ITS#6468)
Fixed slapd syncrepl rid logging (ITS#6533)
Fixed slapd modrdn handling of invalid values (ITS#6570)
Fixed slapd-bdb hasSubordinates computation (ITS#6549)
Fixed slapd-bdb to use memcpy instead for strcpy (ITS#6474)
Fixed slapd-bdb entry cache delete failure (ITS#6577)
Fixed slapd-ldap to return control responses (ITS#6530)
Fixed slapo-ppolicy to use Debug (ITS#6566)
Fixed slapo-refint to zero out freed DN vals (ITS#6572)
Fixed slapo-rwm to use Debug (ITS#6566)
Fixed slapo-sssvlv to use Debug (ITS#6566)
Fixed slapo-syncprov lost deletes in refresh phase (ITS#6555)
Fixed slapo-valsort to use Debug (ITS#6566)
Fixed contrib/nssov network.c missing patch (ITS#6562)
Build Environment
Fixed test043 attribute sorting (ITS#6553)
Documentation
slapd-config(5) note default rootdn (ITS#6546)
OpenLDAP 2.4.22 Release (2010/04/24)
Added slapd SLAP_SCHEMA_EXPOSE flag for hidden schema elements (ITS#6435)
Added slapd tools selective iterations (ITS#6442)
Added slapd syncrepl TCP keepalive (ITS#6389)
Added slapo-ldap idassert-passthru (ITS#6456)
Added slapo-pbind
Fixed libldap gmtime re-entrancy (ITS#6262)
Fixed libldap gssapi off by one error (ITS#6223)
Fixed libldap GnuTLS serial length (ITS#6460)
Fixed libldap MozNSS context and PEM support (ITS#6432)
Fixed libldap referral on bind behavior(ITS#6510)
Fixed slapd acl non-entry internal searches (ITS#6481)
Fixed slapd acl attrval style initialization (ITS#6520)
Fixed slapd certificateListValidate (ITS#6466)
Fixed slapd empty URI parsing (ITS#6465)
Fixed slapd glued misplaced entries (ITS#6506)
Fixed slapd glued paged cookies (ITS#6507)
Fixed slapd glued paged results (ITS#6504)
Fixed slapd gmtime re-entrancy (ITS#6262)
Fixed slapd to ignore controls with unrecognized flags (ITS#6480)
Fixed slapd entry ownership (ITS#5340)
Fixed slapd sasl auxprop_lookup (ITS#6441)
Fixed slapd sasl auxprop ssf (ITS#5195)
Fixed slapd syncrepl for attributes with no matching rule (ITS#6458)
Fixed slapd syncrepl for unknown attrs and delta-sync (ITS#6473)
Fixed slapd syncrepl loop with moddn (ITS#6472)
Fixed slapo-accesslog to not replicate internal purges (ITS#6519)
Fixed slapd-bdb contextCSN updates from updatedn (ITS#6469)
Fixed slapd-bdb lockobj zeroing (ITS#6501)
Fixed slapd-ldap/meta control criticality (ITS#6523)
Fixed slapd-ldap/meta with ordered values (ITS#6516)
Fixed slapo-collect entry ownership (ITS#5340,ITS#6423)
Fixed slapo-dds with NULL backend (ITS#6490)
Fixed slapo-dynlist entry ownership (ITS#5340,ITS#6423)
Fixed slapo-memberof attr count (ITS#6508)
Fixed slapo-pcache to release its own entries (ITS#6484)
Fixed slapo-pcache with NULL backend (ITS#6490)
Fixed slapo-rwm entry release handling (ITS#6484)
Fixed slapo-rwm memory handling with rewrites (ITS#6526)
Fixed slapo-rwm olcRwmMap handling (ITS#6436)
Fixed slapo-rwm entry ownership (ITS#5340,ITS#6423)
Fixed slapo-syncprov memory leak (ITS#6459)
Fixed slapo-translucent counter increment (ITS#6497)
Fixed slapo-valsort entry ownership (ITS#5340,ITS#6423)
Fixed contrib/sha2 adds mechs for more hashes (ITS#6433)
Fixed contrib/nssov to use nss-pam-ldapd (ITS#6488)
Build Environment
Added back-ldif, back-null test support (ITS#5810)
Documentation
admin24 avoid explicit moduleload statements (ITS#6486)
admin24 broken link fixes (ITS#6493,ITS#6515)
slapd.access(5) val.regex explanation (ITS#5804)
To generate a diff of this commit:
cvs rdiff -u -r1.134 -r1.135 pkgsrc/databases/openldap/Makefile
cvs rdiff -u -r1.25 -r1.26 pkgsrc/databases/openldap/Makefile.common
cvs rdiff -u -r1.77 -r1.78 pkgsrc/databases/openldap/distinfo
cvs rdiff -u -r1.7 -r1.8 pkgsrc/databases/openldap-client/PLIST
cvs rdiff -u -r1.7 -r1.8 pkgsrc/databases/openldap-cloak/Makefile
cvs rdiff -u -r1.19 -r1.20 pkgsrc/databases/openldap-doc/Makefile
cvs rdiff -u -r1.9 -r1.10 pkgsrc/databases/openldap-nops/Makefile
cvs rdiff -u -r1.25 -r1.26 pkgsrc/databases/openldap-server/Makefile
cvs rdiff -u -r1.7 -r1.8 pkgsrc/databases/openldap-smbk5pwd/Makefile
pkgsrc-2010Q2 commitmail json YAML
pkgsrc/audio/pulseaudio/Makefile@1.37.2.1
/
diff
pkgsrc/audio/pulseaudio/distinfo@1.19.4.1 / diff
pkgsrc/audio/pulseaudio/patches/patch-ba@1.6.2.2 / diff
pkgsrc/audio/pulseaudio/patches/patch-bb@1.5.2.2 / diff
pkgsrc/audio/pulseaudio/distinfo@1.19.4.1 / diff
pkgsrc/audio/pulseaudio/patches/patch-ba@1.6.2.2 / diff
pkgsrc/audio/pulseaudio/patches/patch-bb@1.5.2.2 / diff
Pullup ticket 3182 - requested by tron
security patch
Revisions pulled up:
- pkgsrc/audio/pulseaudio/Makefile 1.38
- pkgsrc/audio/pulseaudio/distinfo 1.21
Files added:
pkgsrc/audio/pulseaudio/patches/patch-ba
pkgsrc/audio/pulseaudio/patches/patch-bb
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Jul 24 12:51:09 UTC 2010
Modified Files:
pkgsrc/audio/pulseaudio: Makefile distinfo
Added Files:
pkgsrc/audio/pulseaudio/patches: patch-ba patch-bb
Log Message:
Add fix for symlink race reported in CVE-2009-1299 taken from
Lennart Poettering's GIT repository.
To generate a diff of this commit:
cvs rdiff -u -r1.37 -r1.38 pkgsrc/audio/pulseaudio/Makefile
cvs rdiff -u -r1.20 -r1.21 pkgsrc/audio/pulseaudio/distinfo
cvs rdiff -u -r0 -r1.6 pkgsrc/audio/pulseaudio/patches/patch-ba
cvs rdiff -u -r0 -r1.5 pkgsrc/audio/pulseaudio/patches/patch-bb
security patch
Revisions pulled up:
- pkgsrc/audio/pulseaudio/Makefile 1.38
- pkgsrc/audio/pulseaudio/distinfo 1.21
Files added:
pkgsrc/audio/pulseaudio/patches/patch-ba
pkgsrc/audio/pulseaudio/patches/patch-bb
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Jul 24 12:51:09 UTC 2010
Modified Files:
pkgsrc/audio/pulseaudio: Makefile distinfo
Added Files:
pkgsrc/audio/pulseaudio/patches: patch-ba patch-bb
Log Message:
Add fix for symlink race reported in CVE-2009-1299 taken from
Lennart Poettering's GIT repository.
To generate a diff of this commit:
cvs rdiff -u -r1.37 -r1.38 pkgsrc/audio/pulseaudio/Makefile
cvs rdiff -u -r1.20 -r1.21 pkgsrc/audio/pulseaudio/distinfo
cvs rdiff -u -r0 -r1.6 pkgsrc/audio/pulseaudio/patches/patch-ba
cvs rdiff -u -r0 -r1.5 pkgsrc/audio/pulseaudio/patches/patch-bb
pkgsrc-2010Q2 commitmail json YAML
pkgsrc/converters/php-mbstring/Makefile@1.1.1.1.4.1
/
diff
pkgsrc/devel/php-gmp/Makefile@1.11.4.1 / diff
pkgsrc/graphics/php-gd/Makefile@1.23.2.1 / diff
pkgsrc/lang/php5/Makefile@1.78.4.1 / diff
pkgsrc/lang/php5/Makefile.common@1.41.4.1 / diff
pkgsrc/lang/php5/Makefile.php@1.41.4.1 / diff
pkgsrc/lang/php5/distinfo@1.78.2.1 / diff
pkgsrc/lang/php5/patches/patch-be deleted
pkgsrc/lang/php53/Makefile@1.3.2.1 / diff
pkgsrc/lang/php53/Makefile.common@1.1.1.1.4.1 / diff
pkgsrc/lang/php53/Makefile.php@1.2.4.1 / diff
pkgsrc/lang/php53/distinfo@1.5.2.1 / diff
pkgsrc/lang/php53/patches/patch-ab@1.1.1.1.4.1 / diff
pkgsrc/lang/php53/patches/patch-ak deleted
pkgsrc/multimedia/php-ming/Makefile@1.10.2.1 / diff
pkgsrc/net/php-xmlrpc/Makefile@1.12.4.1 / diff
pkgsrc/net/php-yaz/Makefile@1.8.4.1 / diff
pkgsrc/print/php-pdflib/Makefile@1.16.2.1 / diff
pkgsrc/devel/php-gmp/Makefile@1.11.4.1 / diff
pkgsrc/graphics/php-gd/Makefile@1.23.2.1 / diff
pkgsrc/lang/php5/Makefile@1.78.4.1 / diff
pkgsrc/lang/php5/Makefile.common@1.41.4.1 / diff
pkgsrc/lang/php5/Makefile.php@1.41.4.1 / diff
pkgsrc/lang/php5/distinfo@1.78.2.1 / diff
pkgsrc/lang/php5/patches/patch-be deleted
pkgsrc/lang/php53/Makefile@1.3.2.1 / diff
pkgsrc/lang/php53/Makefile.common@1.1.1.1.4.1 / diff
pkgsrc/lang/php53/Makefile.php@1.2.4.1 / diff
pkgsrc/lang/php53/distinfo@1.5.2.1 / diff
pkgsrc/lang/php53/patches/patch-ab@1.1.1.1.4.1 / diff
pkgsrc/lang/php53/patches/patch-ak deleted
pkgsrc/multimedia/php-ming/Makefile@1.10.2.1 / diff
pkgsrc/net/php-xmlrpc/Makefile@1.12.4.1 / diff
pkgsrc/net/php-yaz/Makefile@1.8.4.1 / diff
pkgsrc/print/php-pdflib/Makefile@1.16.2.1 / diff
Pullup ticket 3184 - requested by tron
security updates
Revisions pulled up:
- pkgsrc/lang/php5/Makefile 1.79
- pkgsrc/lang/php5/distinf 1.79
- pkgsrc/lang/php5/Makefile.common 1.42
- pkgsrc/lang/php5/Makefile.ph 1.42
- pkgsrc/lang/php53/Makefile 1.4
- pkgsrc/lang/php53/Makefile.common 1.2
- pkgsrc/lang/php53/Makefile.php 1.3
- pkgsrc/lang/php53/distinfo 1.6
- pkgsrc/lang/php53/patches/patch-ab 1.2
- pkgsrc/converters/php-mbstring/Makefile 1.2
- pkgsrc/devel/php-gmp/Makefile 1.12
- pkgsrc/graphics/php-gd/Makefile 1.24
- pkgsrc/multimedia/php-ming/Makefile 1.11
- pkgsrc/net/php-xmlrpc/Makefile 1.13
- pkgsrc/net/php-yaz/Makefile 1.9
- pkgsrc/print/php-pdflib/Makefile 1.17
Files deleted:
pkgsrc/lang/php5/patches/patch-be
pkgsrc/lang/php53/patches/patch-ak
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Jul 24 22:23:15 UTC 2010
Modified Files:
pkgsrc/lang/php5: Makefile Makefile.common Makefile.php distinfo
Removed Files:
pkgsrc/lang/php5/patches: patch-be
Log Message:
Update "php5" package to version 5.2.14. Changes since version 5.2.13:
- Reverted bug fix #49521 (PDO fetchObject sets values before calling
constructor). (Felipe)
- Updated timezone database to version 2010.5. (Derick)
- Upgraded bundled PCRE to version 8.02. (Ilia)
- Rewrote var_export() to use smart_str rather than output buffering, prevents
data disclosure if a fatal error occurs (CVE-2010-2531). (Scott)
- Fixed a possible interruption array leak in strrchr(). Reported by
P??ter Veres. (CVE-2010-2484) (Felipe)
- Fixed a possible interruption array leak in strchr(), strstr(), substr(),
chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). (Felipe)
- Fixed a possible memory corruption in substr_replace() (Dmitry)
- Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas)
- Fixed a possible stack exaustion inside fnmatch(). Reporeted by Stefan
Esser (Ilia)
- Reset error state in PDO::beginTransaction() reset error state. (Ilia)
- Fixed a NULL pointer dereference when processing invalid XML-RPC
requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)
- Fixed handling of session variable serialization on certain prefix
characters. Reported by Stefan Esser (Ilia)
- Fixed a possible arbitrary memory access inside sqlite extension. Reported
by Mateusz Kocielski. (Ilia)
- Fixed a crash when calling an inexistent method of a class that inherits
PDOStatement if instantiated directly instead of doing by the PDO methods.
(Felipe)
- Fixed bug #52317 (Segmentation fault when using mail() on a rhel 4.x (only 64
bit)). (Adam)
- Fixed bug #52238 (Crash when an Exception occured in iterator_to_array).
(Johannes)
- Fixed bug #52237 (Crash when passing the reference of the property of a
non-object). (Dmitry)
- Fixed bug #52163 (SplFileObject::fgetss() fails due to parameter that can't
be set). (Felipe)
- Fixed bug #52162 (custom request header variables with numbers are removed).
(Sriram Natarajan)
- Fixed bug #52160 (Invalid E_STRICT redefined constructor error). (Felipe)
- Fixed bug #52061 (memory_limit above 2G). (Felipe)
- Fixed bug #52041 (Memory leak when writing on uninitialized variable returned
from function). (Dmitry)
- Fixed bug #52037 (Concurrent builds fail in install-programs). (seanius at
debian dot org, Kalle)
- Fixed bug #52019 (make lcov doesn't support TESTS variable anymore). (Patrick)
- Fixed bug #52010 (open_basedir restrictions mismatch on vacuum command).
(Ilia, Felipe)
- Fixed bug #51943 (AIX: Several files are out of ANSI spec). (Kalle,
coreystup at gmail dot com)
- Fixed bug #51911 (ReflectionParameter::getDefaultValue() memory leaks with
constant array). (Felipe)
- Fixed bug #51905 (ReflectionParameter fails if default value is an array
with an access to self::). (Felipe)
- Fixed bug #51822 (Segfault with strange __destruct() for static class
variables). (Dmitry)
- Fixed bug #51671 (imagefill does not work correctly for small images).
(Pierre)
- Fixed bug #51670 (getColumnMeta causes segfault when re-executing query
after calling nextRowset). (Pierrick)
- Fixed bug #51629 (CURLOPT_FOLLOWLOCATION error message is misleading).
(Pierre)
- Fixed bug #51617 (PDO PGSQL still broken against PostGreSQL < 7.4).
(Felipe, wdierkes at 5dollarwhitebox dot org)
- Fixed bug #51615 (PHP crash with wrong HTML in SimpleXML). (Felipe)
- Fixed bug #51609 (pg_copy_to: Invalid results when using fourth parameter).
(Felipe)
- Fixed bug #51608 (pg_copy_to: WARNING: nonstandard use of \\ in a string
literal). (cbandy at jbandy dot com)
- Fixed bug #51607 (pg_copy_from does not allow schema in the tablename
argument). (cbandy at jbandy dot com)
- Fixed bug #51604 (newline in end of header is shown in start of message).
(Daniel Egeberg)
- Fixed bug #51562 (query timeout in mssql can not be changed per query).
(ejsmont dot artur at gmail dot com)
- Fixed bug #51552 (debug_backtrace() causes segmentation fault and/or memory
issues). (Dmitry)
- Fixed bug #51532 (Wrong prototype for SplFileObject::fscanf()). (Etienne)
- Fixed bug #51445 (var_dump() invalid/slow *RECURSION* detection). (Felipe)
- Fixed bug #51393 (DateTime::createFromFormat() fails if format string contains
timezone). (Adam)
- Fixed bug #51374 (Wrongly initialized object properties). (Etienne)
- Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is
on). (Ilia, j dot jeising at gmail dot com)
- Fixed bug #51273 (Faultstring property does not exist when the faultstring is
empty) (Ilia, dennis at transip dot nl)
- Fixed bug #51269 (zlib.output_compression Overwrites Vary Header). (Adam)
- Fixed bug #51263 (imagettftext and rotated text uses wrong baseline)
(cschneid at cschneid dot com, Takeshi Abe)
- Fixed bug #51237 (milter SAPI crash on startup). (igmar at palsenberg dot com)
- Fixed bug #51213 (pdo_mssql is trimming value of the money column). (Ilia,
alexr at oplot dot com)
- Fixed bug #51192 (FILTER_VALIDATE_URL will invalidate a hostname that
includes '-'). (Adam, solar at azrael dot ws).
- Fixed bug #51190 (ftp_put() returns false when transfer was successful).
(Ilia)
- Fixed bug #51183 (ext/date/php_date.c fails to compile with Sun Studio).
(Sriram Natarajan)
- Fixed bug #51171 (curl_setopt() doesn't output any errors or warnings when
an invalid option is provided). (Ilia)
- Fixed bug #51128 (imagefill() doesn't work with large images). (Pierre)
- Fixed bug #51086 (DBA DB4 doesn't work with Berkeley DB 4.8). (Chris Jones)
- Fixed bug #51062 (DBA DB4 uses mismatched headers and libraries). (Chris
Jones)
- Fixed bug #51023 (filter doesn't detect int overflows with GCC 4.4).
(Raphael Geissert)
- Fixed bug #50762 (in WSDL mode Soap Header handler function only being called
if defined in WSDL). (mephius at gmail dot com)
- Fixed bug #50698 (SoapClient should handle wsdls with some incompatiable
endpoints). (Justin Dearing)
- Fixed bug #50383 (Exceptions thrown in __call() / __callStatic() do not
include file and line in trace). (Felipe)
- Fixed bug #49730 (Firebird - new PDO() returns NULL). (Felipe)
- Fixed bug #49723 (LimitIterator with empty SeekableIterator). (Etienne)
- Fixed bug #49576 (FILTER_VALIDATE_EMAIL filter needs updating) (Rasmus)
- Fixed bug #49320 (PDO returns null when SQLite connection fails). (Felipe)
- Fixed bug #49267 (Linking fails for iconv). (Moriyosh)
- Fixed bug #48601 (xpath() returns FALSE for legitimate query). (Rob)
- Fixed bug #48289 (iconv_mime_encode() quoted-printable scheme is broken).
(Adam, patch from hiroaki dot kawai at gmail dot com).
- Fixed bug #43314 (iconv_mime_encode(), broken Q scheme). (Rasmus)
- Fixed bug #33210 (getimagesize() fails to detect width/height on certain
JPEGs). (Ilia)
- Fixed bug #23229 (syslog() truncates messages). (Adam)
To generate a diff of this commit:
cvs rdiff -u -r1.78 -r1.79 pkgsrc/lang/php5/Makefile \
pkgsrc/lang/php5/distinfo
cvs rdiff -u -r1.41 -r1.42 pkgsrc/lang/php5/Makefile.common \
pkgsrc/lang/php5/Makefile.php
cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php5/patches/patch-be
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Jul 24 22:23:37 UTC 2010
Modified Files:
pkgsrc/lang/php53: Makefile Makefile.common Makefile.php distinfo
pkgsrc/lang/php53/patches: patch-ab
Removed Files:
pkgsrc/lang/php53/patches: patch-ak
Log Message:
Update "php53" package to version 5.3.3. Changes since version 5.3.2:
- Rewrote var_export() to use smart_str rather than output buffering,
prevents data disclosure if a fatal error occurs (CVE-2010-2531).
(Scott)
- Fixed a NULL pointer dereference when processing invalid XML-RPC
requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)
- Fixed SplObjectStorage unserialization problems (CVE-2010-2225).
(Stas)
- A large number of not security related bug fixes
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/php53/Makefile
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/lang/php53/Makefile.common
cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/php53/Makefile.php
cvs rdiff -u -r1.5 -r1.6 pkgsrc/lang/php53/distinfo
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/lang/php53/patches/patch-ab
cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php53/patches/patch-ak
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Jul 24 22:24:22 UTC 2010
Modified Files:
pkgsrc/converters/php-mbstring: Makefile
pkgsrc/devel/php-gmp: Makefile
pkgsrc/graphics/php-gd: Makefile
pkgsrc/multimedia/php-ming: Makefile
pkgsrc/net/php-xmlrpc: Makefile
pkgsrc/net/php-yaz: Makefile
pkgsrc/print/php-pdflib: Makefile
Log Message:
Revert revision of several PHP extensions after both core PHP packages
were updated.
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/converters/php-mbstring/Makefile
cvs rdiff -u -r1.11 -r1.12 pkgsrc/devel/php-gmp/Makefile
cvs rdiff -u -r1.23 -r1.24 pkgsrc/graphics/php-gd/Makefile
cvs rdiff -u -r1.10 -r1.11 pkgsrc/multimedia/php-ming/Makefile
cvs rdiff -u -r1.12 -r1.13 pkgsrc/net/php-xmlrpc/Makefile
cvs rdiff -u -r1.8 -r1.9 pkgsrc/net/php-yaz/Makefile
cvs rdiff -u -r1.16 -r1.17 pkgsrc/print/php-pdflib/Makefile
security updates
Revisions pulled up:
- pkgsrc/lang/php5/Makefile 1.79
- pkgsrc/lang/php5/distinf 1.79
- pkgsrc/lang/php5/Makefile.common 1.42
- pkgsrc/lang/php5/Makefile.ph 1.42
- pkgsrc/lang/php53/Makefile 1.4
- pkgsrc/lang/php53/Makefile.common 1.2
- pkgsrc/lang/php53/Makefile.php 1.3
- pkgsrc/lang/php53/distinfo 1.6
- pkgsrc/lang/php53/patches/patch-ab 1.2
- pkgsrc/converters/php-mbstring/Makefile 1.2
- pkgsrc/devel/php-gmp/Makefile 1.12
- pkgsrc/graphics/php-gd/Makefile 1.24
- pkgsrc/multimedia/php-ming/Makefile 1.11
- pkgsrc/net/php-xmlrpc/Makefile 1.13
- pkgsrc/net/php-yaz/Makefile 1.9
- pkgsrc/print/php-pdflib/Makefile 1.17
Files deleted:
pkgsrc/lang/php5/patches/patch-be
pkgsrc/lang/php53/patches/patch-ak
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Jul 24 22:23:15 UTC 2010
Modified Files:
pkgsrc/lang/php5: Makefile Makefile.common Makefile.php distinfo
Removed Files:
pkgsrc/lang/php5/patches: patch-be
Log Message:
Update "php5" package to version 5.2.14. Changes since version 5.2.13:
- Reverted bug fix #49521 (PDO fetchObject sets values before calling
constructor). (Felipe)
- Updated timezone database to version 2010.5. (Derick)
- Upgraded bundled PCRE to version 8.02. (Ilia)
- Rewrote var_export() to use smart_str rather than output buffering, prevents
data disclosure if a fatal error occurs (CVE-2010-2531). (Scott)
- Fixed a possible interruption array leak in strrchr(). Reported by
P??ter Veres. (CVE-2010-2484) (Felipe)
- Fixed a possible interruption array leak in strchr(), strstr(), substr(),
chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). (Felipe)
- Fixed a possible memory corruption in substr_replace() (Dmitry)
- Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas)
- Fixed a possible stack exaustion inside fnmatch(). Reporeted by Stefan
Esser (Ilia)
- Reset error state in PDO::beginTransaction() reset error state. (Ilia)
- Fixed a NULL pointer dereference when processing invalid XML-RPC
requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)
- Fixed handling of session variable serialization on certain prefix
characters. Reported by Stefan Esser (Ilia)
- Fixed a possible arbitrary memory access inside sqlite extension. Reported
by Mateusz Kocielski. (Ilia)
- Fixed a crash when calling an inexistent method of a class that inherits
PDOStatement if instantiated directly instead of doing by the PDO methods.
(Felipe)
- Fixed bug #52317 (Segmentation fault when using mail() on a rhel 4.x (only 64
bit)). (Adam)
- Fixed bug #52238 (Crash when an Exception occured in iterator_to_array).
(Johannes)
- Fixed bug #52237 (Crash when passing the reference of the property of a
non-object). (Dmitry)
- Fixed bug #52163 (SplFileObject::fgetss() fails due to parameter that can't
be set). (Felipe)
- Fixed bug #52162 (custom request header variables with numbers are removed).
(Sriram Natarajan)
- Fixed bug #52160 (Invalid E_STRICT redefined constructor error). (Felipe)
- Fixed bug #52061 (memory_limit above 2G). (Felipe)
- Fixed bug #52041 (Memory leak when writing on uninitialized variable returned
from function). (Dmitry)
- Fixed bug #52037 (Concurrent builds fail in install-programs). (seanius at
debian dot org, Kalle)
- Fixed bug #52019 (make lcov doesn't support TESTS variable anymore). (Patrick)
- Fixed bug #52010 (open_basedir restrictions mismatch on vacuum command).
(Ilia, Felipe)
- Fixed bug #51943 (AIX: Several files are out of ANSI spec). (Kalle,
coreystup at gmail dot com)
- Fixed bug #51911 (ReflectionParameter::getDefaultValue() memory leaks with
constant array). (Felipe)
- Fixed bug #51905 (ReflectionParameter fails if default value is an array
with an access to self::). (Felipe)
- Fixed bug #51822 (Segfault with strange __destruct() for static class
variables). (Dmitry)
- Fixed bug #51671 (imagefill does not work correctly for small images).
(Pierre)
- Fixed bug #51670 (getColumnMeta causes segfault when re-executing query
after calling nextRowset). (Pierrick)
- Fixed bug #51629 (CURLOPT_FOLLOWLOCATION error message is misleading).
(Pierre)
- Fixed bug #51617 (PDO PGSQL still broken against PostGreSQL < 7.4).
(Felipe, wdierkes at 5dollarwhitebox dot org)
- Fixed bug #51615 (PHP crash with wrong HTML in SimpleXML). (Felipe)
- Fixed bug #51609 (pg_copy_to: Invalid results when using fourth parameter).
(Felipe)
- Fixed bug #51608 (pg_copy_to: WARNING: nonstandard use of \\ in a string
literal). (cbandy at jbandy dot com)
- Fixed bug #51607 (pg_copy_from does not allow schema in the tablename
argument). (cbandy at jbandy dot com)
- Fixed bug #51604 (newline in end of header is shown in start of message).
(Daniel Egeberg)
- Fixed bug #51562 (query timeout in mssql can not be changed per query).
(ejsmont dot artur at gmail dot com)
- Fixed bug #51552 (debug_backtrace() causes segmentation fault and/or memory
issues). (Dmitry)
- Fixed bug #51532 (Wrong prototype for SplFileObject::fscanf()). (Etienne)
- Fixed bug #51445 (var_dump() invalid/slow *RECURSION* detection). (Felipe)
- Fixed bug #51393 (DateTime::createFromFormat() fails if format string contains
timezone). (Adam)
- Fixed bug #51374 (Wrongly initialized object properties). (Etienne)
- Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is
on). (Ilia, j dot jeising at gmail dot com)
- Fixed bug #51273 (Faultstring property does not exist when the faultstring is
empty) (Ilia, dennis at transip dot nl)
- Fixed bug #51269 (zlib.output_compression Overwrites Vary Header). (Adam)
- Fixed bug #51263 (imagettftext and rotated text uses wrong baseline)
(cschneid at cschneid dot com, Takeshi Abe)
- Fixed bug #51237 (milter SAPI crash on startup). (igmar at palsenberg dot com)
- Fixed bug #51213 (pdo_mssql is trimming value of the money column). (Ilia,
alexr at oplot dot com)
- Fixed bug #51192 (FILTER_VALIDATE_URL will invalidate a hostname that
includes '-'). (Adam, solar at azrael dot ws).
- Fixed bug #51190 (ftp_put() returns false when transfer was successful).
(Ilia)
- Fixed bug #51183 (ext/date/php_date.c fails to compile with Sun Studio).
(Sriram Natarajan)
- Fixed bug #51171 (curl_setopt() doesn't output any errors or warnings when
an invalid option is provided). (Ilia)
- Fixed bug #51128 (imagefill() doesn't work with large images). (Pierre)
- Fixed bug #51086 (DBA DB4 doesn't work with Berkeley DB 4.8). (Chris Jones)
- Fixed bug #51062 (DBA DB4 uses mismatched headers and libraries). (Chris
Jones)
- Fixed bug #51023 (filter doesn't detect int overflows with GCC 4.4).
(Raphael Geissert)
- Fixed bug #50762 (in WSDL mode Soap Header handler function only being called
if defined in WSDL). (mephius at gmail dot com)
- Fixed bug #50698 (SoapClient should handle wsdls with some incompatiable
endpoints). (Justin Dearing)
- Fixed bug #50383 (Exceptions thrown in __call() / __callStatic() do not
include file and line in trace). (Felipe)
- Fixed bug #49730 (Firebird - new PDO() returns NULL). (Felipe)
- Fixed bug #49723 (LimitIterator with empty SeekableIterator). (Etienne)
- Fixed bug #49576 (FILTER_VALIDATE_EMAIL filter needs updating) (Rasmus)
- Fixed bug #49320 (PDO returns null when SQLite connection fails). (Felipe)
- Fixed bug #49267 (Linking fails for iconv). (Moriyosh)
- Fixed bug #48601 (xpath() returns FALSE for legitimate query). (Rob)
- Fixed bug #48289 (iconv_mime_encode() quoted-printable scheme is broken).
(Adam, patch from hiroaki dot kawai at gmail dot com).
- Fixed bug #43314 (iconv_mime_encode(), broken Q scheme). (Rasmus)
- Fixed bug #33210 (getimagesize() fails to detect width/height on certain
JPEGs). (Ilia)
- Fixed bug #23229 (syslog() truncates messages). (Adam)
To generate a diff of this commit:
cvs rdiff -u -r1.78 -r1.79 pkgsrc/lang/php5/Makefile \
pkgsrc/lang/php5/distinfo
cvs rdiff -u -r1.41 -r1.42 pkgsrc/lang/php5/Makefile.common \
pkgsrc/lang/php5/Makefile.php
cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php5/patches/patch-be
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Jul 24 22:23:37 UTC 2010
Modified Files:
pkgsrc/lang/php53: Makefile Makefile.common Makefile.php distinfo
pkgsrc/lang/php53/patches: patch-ab
Removed Files:
pkgsrc/lang/php53/patches: patch-ak
Log Message:
Update "php53" package to version 5.3.3. Changes since version 5.3.2:
- Rewrote var_export() to use smart_str rather than output buffering,
prevents data disclosure if a fatal error occurs (CVE-2010-2531).
(Scott)
- Fixed a NULL pointer dereference when processing invalid XML-RPC
requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)
- Fixed SplObjectStorage unserialization problems (CVE-2010-2225).
(Stas)
- A large number of not security related bug fixes
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/php53/Makefile
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/lang/php53/Makefile.common
cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/php53/Makefile.php
cvs rdiff -u -r1.5 -r1.6 pkgsrc/lang/php53/distinfo
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/lang/php53/patches/patch-ab
cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php53/patches/patch-ak
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Jul 24 22:24:22 UTC 2010
Modified Files:
pkgsrc/converters/php-mbstring: Makefile
pkgsrc/devel/php-gmp: Makefile
pkgsrc/graphics/php-gd: Makefile
pkgsrc/multimedia/php-ming: Makefile
pkgsrc/net/php-xmlrpc: Makefile
pkgsrc/net/php-yaz: Makefile
pkgsrc/print/php-pdflib: Makefile
Log Message:
Revert revision of several PHP extensions after both core PHP packages
were updated.
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/converters/php-mbstring/Makefile
cvs rdiff -u -r1.11 -r1.12 pkgsrc/devel/php-gmp/Makefile
cvs rdiff -u -r1.23 -r1.24 pkgsrc/graphics/php-gd/Makefile
cvs rdiff -u -r1.10 -r1.11 pkgsrc/multimedia/php-ming/Makefile
cvs rdiff -u -r1.12 -r1.13 pkgsrc/net/php-xmlrpc/Makefile
cvs rdiff -u -r1.8 -r1.9 pkgsrc/net/php-yaz/Makefile
cvs rdiff -u -r1.16 -r1.17 pkgsrc/print/php-pdflib/Makefile
pkgsrc-2010Q2 commitmail json YAML
pkgsrc/mail/squirrelmail/Makefile@1.114.4.1
/
diff
pkgsrc/mail/squirrelmail/PLIST@1.36.4.1 / diff
pkgsrc/mail/squirrelmail/distinfo@1.59.4.1 / diff
pkgsrc/mail/squirrelmail/PLIST@1.36.4.1 / diff
pkgsrc/mail/squirrelmail/distinfo@1.59.4.1 / diff
Pullup ticket 3181 - requested by tron
security update
Revisions pulled up:
- pkgsrc/mail/squirrelmail/Makefile 1.115
- pkgsrc/mail/squirrelmail/PLIST 1.37
- pkgsrc/mail/squirrelmail/distinfo 1.60
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Jul 24 12:20:34 UTC 2010
Modified Files:
pkgsrc/mail/squirrelmail: Makefile PLIST distinfo
Log Message:
Update "squirremail" package to version 1.4.21. Changes since 1.4.20:
- Now allow more than one plugin to control the compose form submit action.
- When sorting by received date, the received date is now shown on the
message list.
- Explicitly disable browser caching for left_main and right_main pages
(#2983134).
- Fix error with SpamCop reporting plugin not being able to send report as
emails (#1795310).
- Fix typo in SpamCop plugin.
- Reduced default time security tokens stay valid from 30 days to 2 days
(reduces chances of session data growing too large)
- Several speed enhancements for recent fixes regarding the display of
encoded subjects, including a fix for messages with invalid subject
encoding (includes #2987016 amongst several other issues reported via
mailing list, etc.) (Many thanks to Zdenek Pytela for the untiring help
diagnosing and testing.)
- Fixed minor vulnerability in Mail Fetch plugin.
[CVE-2010-1637/TEHTRI-SA-2010-009]
- Now properly quote personal part of encoded addresses when replying.
- Now fill in default subject when forwarding as attachment (#2936541).
- Implement header folding that doesn't add extraneous spaces so unfolding
is less ambiguous (#1951776).
- Fixed issues caused by use of PostgreSQL keyword "user" in SquirrelMail's
default preferences database schema (#2943483).
- Fixed attachment filename decoding problems (#2994865).
- Now default search criteria to the TO header when searching the sent fold=
er.
- Fixed literal processing of 8-bit usernames/passwords during login.
[CVE-2010-2813]
To generate a diff of this commit:
cvs rdiff -u -r1.114 -r1.115 pkgsrc/mail/squirrelmail/Makefile
cvs rdiff -u -r1.36 -r1.37 pkgsrc/mail/squirrelmail/PLIST
cvs rdiff -u -r1.59 -r1.60 pkgsrc/mail/squirrelmail/distinfo
security update
Revisions pulled up:
- pkgsrc/mail/squirrelmail/Makefile 1.115
- pkgsrc/mail/squirrelmail/PLIST 1.37
- pkgsrc/mail/squirrelmail/distinfo 1.60
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Jul 24 12:20:34 UTC 2010
Modified Files:
pkgsrc/mail/squirrelmail: Makefile PLIST distinfo
Log Message:
Update "squirremail" package to version 1.4.21. Changes since 1.4.20:
- Now allow more than one plugin to control the compose form submit action.
- When sorting by received date, the received date is now shown on the
message list.
- Explicitly disable browser caching for left_main and right_main pages
(#2983134).
- Fix error with SpamCop reporting plugin not being able to send report as
emails (#1795310).
- Fix typo in SpamCop plugin.
- Reduced default time security tokens stay valid from 30 days to 2 days
(reduces chances of session data growing too large)
- Several speed enhancements for recent fixes regarding the display of
encoded subjects, including a fix for messages with invalid subject
encoding (includes #2987016 amongst several other issues reported via
mailing list, etc.) (Many thanks to Zdenek Pytela for the untiring help
diagnosing and testing.)
- Fixed minor vulnerability in Mail Fetch plugin.
[CVE-2010-1637/TEHTRI-SA-2010-009]
- Now properly quote personal part of encoded addresses when replying.
- Now fill in default subject when forwarding as attachment (#2936541).
- Implement header folding that doesn't add extraneous spaces so unfolding
is less ambiguous (#1951776).
- Fixed issues caused by use of PostgreSQL keyword "user" in SquirrelMail's
default preferences database schema (#2943483).
- Fixed attachment filename decoding problems (#2994865).
- Now default search criteria to the TO header when searching the sent fold=
er.
- Fixed literal processing of 8-bit usernames/passwords during login.
[CVE-2010-2813]
To generate a diff of this commit:
cvs rdiff -u -r1.114 -r1.115 pkgsrc/mail/squirrelmail/Makefile
cvs rdiff -u -r1.36 -r1.37 pkgsrc/mail/squirrelmail/PLIST
cvs rdiff -u -r1.59 -r1.60 pkgsrc/mail/squirrelmail/distinfo
MAIN commitmail json YAML
pkgsrc/mk/scripts/binpkg-cache@1.21
/
diff
pkgsrc/mk/scripts/genreadme.awk@1.34 / diff
pkgsrc/mk/scripts/mkreadme@1.25 / diff
pkgsrc/mk/scripts/genreadme.awk@1.34 / diff
pkgsrc/mk/scripts/mkreadme@1.25 / diff
give the readme creation scripts the option to be a lot less talkative,
by optionally disabling progress report type output.
This will make the daily pkgmastr mail a lot smaller without dropping
useful information.
by optionally disabling progress report type output.
This will make the daily pkgmastr mail a lot smaller without dropping
useful information.
pkgsrc-2010Q2 commitmail json YAML
pullup #3173
pkgsrc-2010Q2 commitmail json YAML
pkgsrc/graphics/freetype2/Makefile@1.72.4.1
/
diff
pkgsrc/graphics/freetype2/distinfo@1.34.4.1 / diff
pkgsrc/graphics/freetype2/distinfo@1.34.4.1 / diff
Pullup ticket 3173 - requested by drochner
security update
Revisions pulled up:
- pkgsrc/graphics/freetype2/Makefile 1.73
- pkgsrc/graphics/freetype2/distinfo 1.35
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Tue Jul 20 11:44:15 UTC 2010
Modified Files:
pkgsrc/graphics/freetype2: Makefile distinfo
Log Message:
update to 2.4.1
changes:
- Since May 2010, all patents regarding the TrueType bytecode
interpreter have expired worldwide. Consequently, we now define
TT_CONFIG_OPTION_BYTECODE_INTERPRETER by default (and undefine
TT_CONFIG_OPTION_UNPATENTED_HINTING).
- A new function `FT_Library_SetLcdFilterWeights' is available to
adjust the filter weights set by `FT_Library_SetLcdFilter'.
-increased robustness, bugfixes
pkgsrc note: the "truetype" option was removed, the bytecode interpreter
is now always enabled
To generate a diff of this commit:
cvs rdiff -u -r1.72 -r1.73 pkgsrc/graphics/freetype2/Makefile
cvs rdiff -u -r1.34 -r1.35 pkgsrc/graphics/freetype2/distinfo
security update
Revisions pulled up:
- pkgsrc/graphics/freetype2/Makefile 1.73
- pkgsrc/graphics/freetype2/distinfo 1.35
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Tue Jul 20 11:44:15 UTC 2010
Modified Files:
pkgsrc/graphics/freetype2: Makefile distinfo
Log Message:
update to 2.4.1
changes:
- Since May 2010, all patents regarding the TrueType bytecode
interpreter have expired worldwide. Consequently, we now define
TT_CONFIG_OPTION_BYTECODE_INTERPRETER by default (and undefine
TT_CONFIG_OPTION_UNPATENTED_HINTING).
- A new function `FT_Library_SetLcdFilterWeights' is available to
adjust the filter weights set by `FT_Library_SetLcdFilter'.
-increased robustness, bugfixes
pkgsrc note: the "truetype" option was removed, the bytecode interpreter
is now always enabled
To generate a diff of this commit:
cvs rdiff -u -r1.72 -r1.73 pkgsrc/graphics/freetype2/Makefile
cvs rdiff -u -r1.34 -r1.35 pkgsrc/graphics/freetype2/distinfo
MAIN commitmail json YAML
we nowadays have too many packages to have the grep for IPv6 in Makefiles
and options.mk to succeed, so grep by category instead
and options.mk to succeed, so grep by category instead
pkgsrc-2010Q1 commitmail json YAML
pullup 3153
pkgsrc-2010Q1 commitmail json YAML
pkgsrc/www/w3m-img/Makefile@1.19.2.1
/
diff
pkgsrc/www/w3m/Makefile@1.57.2.1 / diff
pkgsrc/www/w3m/distinfo@1.20.12.1 / diff
pkgsrc/www/w3m/patches/patch-ac@1.14.2.2 / diff
pkgsrc/www/w3m/patches/patch-ad@1.8.2.2 / diff
pkgsrc/www/w3m/Makefile@1.57.2.1 / diff
pkgsrc/www/w3m/distinfo@1.20.12.1 / diff
pkgsrc/www/w3m/patches/patch-ac@1.14.2.2 / diff
pkgsrc/www/w3m/patches/patch-ad@1.8.2.2 / diff
Pullup ticket 3153 - requested by tron
security patch
Revisions pulled up:
- pkgsrc/www/w3m/Makefile 1.58
- pkgsrc/www/w3m/distinfo 1.21
- pkgsrc/www/w3m-img/Makefile 1.20
Files added:
pkgsrc/www/w3m/patches/patch-ac
pkgsrc/www/w3m/patches/patch-ad
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu Jul 1 18:50:15 UTC 2010
Modified Files:
pkgsrc/www/w3m: Makefile distinfo
pkgsrc/www/w3m-img: Makefile
Added Files:
pkgsrc/www/w3m/patches: patch-ac patch-ad
Log Message:
Add patch by Ludwig Nussel to fix the certificate spoofing vulnerability
reported in CVE-2010-2074.
To generate a diff of this commit:
cvs rdiff -u -r1.57 -r1.58 pkgsrc/www/w3m/Makefile
cvs rdiff -u -r1.20 -r1.21 pkgsrc/www/w3m/distinfo
cvs rdiff -u -r1.19 -r1.20 pkgsrc/www/w3m-img/Makefile
cvs rdiff -u -r0 -r1.14 pkgsrc/www/w3m/patches/patch-ac
cvs rdiff -u -r0 -r1.8 pkgsrc/www/w3m/patches/patch-ad
security patch
Revisions pulled up:
- pkgsrc/www/w3m/Makefile 1.58
- pkgsrc/www/w3m/distinfo 1.21
- pkgsrc/www/w3m-img/Makefile 1.20
Files added:
pkgsrc/www/w3m/patches/patch-ac
pkgsrc/www/w3m/patches/patch-ad
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu Jul 1 18:50:15 UTC 2010
Modified Files:
pkgsrc/www/w3m: Makefile distinfo
pkgsrc/www/w3m-img: Makefile
Added Files:
pkgsrc/www/w3m/patches: patch-ac patch-ad
Log Message:
Add patch by Ludwig Nussel to fix the certificate spoofing vulnerability
reported in CVE-2010-2074.
To generate a diff of this commit:
cvs rdiff -u -r1.57 -r1.58 pkgsrc/www/w3m/Makefile
cvs rdiff -u -r1.20 -r1.21 pkgsrc/www/w3m/distinfo
cvs rdiff -u -r1.19 -r1.20 pkgsrc/www/w3m-img/Makefile
cvs rdiff -u -r0 -r1.14 pkgsrc/www/w3m/patches/patch-ac
cvs rdiff -u -r0 -r1.8 pkgsrc/www/w3m/patches/patch-ad
MAIN commitmail json YAML
pkgsrc/net/irrd/MESSAGE@1.2
/
diff
pkgsrc/net/irrd/Makefile@1.43 / diff
pkgsrc/net/irrd/distinfo@1.14 / diff
pkgsrc/net/irrd/patches/patch-ak@1.1 / diff
pkgsrc/net/irrd/Makefile@1.43 / diff
pkgsrc/net/irrd/distinfo@1.14 / diff
pkgsrc/net/irrd/patches/patch-ak@1.1 / diff
build fix for a leafy package (plus some beautifying)
pkgsrc-2010Q1 commitmail json YAML
pullup 3152
pkgsrc-2010Q1 commitmail json YAML
pkgsrc/lang/python26/Makefile@1.21.2.1
/
diff
pkgsrc/lang/python26/distinfo@1.20.2.1 / diff
pkgsrc/lang/python26/patches/patch-af@1.1.2.2 / diff
pkgsrc/lang/python26/distinfo@1.20.2.1 / diff
pkgsrc/lang/python26/patches/patch-af@1.1.2.2 / diff
Pullup ticket 3152 - requested by tron
security patch
Revisions pulled up:
- pkgsrc/lang/python26/Makefile via patch
- pkgsrc/lang/python26/distinfo via patch
- pkgsrc/lang/python26/patches/patch-af via patch
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Jun 29 08:15:42 UTC 2010
Modified Files:
pkgsrc/lang/python26: Makefile distinfo
Added Files:
pkgsrc/lang/python26/patches: patch-af
Log Message:
Add fix for CVE-2010-2089 taken from Red Hat's Bugzilla database.
To generate a diff of this commit:
cvs rdiff -u -r1.23 -r1.24 pkgsrc/lang/python26/Makefile
cvs rdiff -u -r1.21 -r1.22 pkgsrc/lang/python26/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/lang/python26/patches/patch-af
security patch
Revisions pulled up:
- pkgsrc/lang/python26/Makefile via patch
- pkgsrc/lang/python26/distinfo via patch
- pkgsrc/lang/python26/patches/patch-af via patch
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Jun 29 08:15:42 UTC 2010
Modified Files:
pkgsrc/lang/python26: Makefile distinfo
Added Files:
pkgsrc/lang/python26/patches: patch-af
Log Message:
Add fix for CVE-2010-2089 taken from Red Hat's Bugzilla database.
To generate a diff of this commit:
cvs rdiff -u -r1.23 -r1.24 pkgsrc/lang/python26/Makefile
cvs rdiff -u -r1.21 -r1.22 pkgsrc/lang/python26/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/lang/python26/patches/patch-af
MAIN commitmail json YAML
pkgsrc/lang/perl5/Makefile@1.159
/
diff
pkgsrc/lang/perl5/distinfo@1.65 / diff
pkgsrc/lang/perl5/patches/patch-fa@1.1 / diff
pkgsrc/lang/perl5/distinfo@1.65 / diff
pkgsrc/lang/perl5/patches/patch-fa@1.1 / diff
fix CVE-2010-1168 and CVE-2010-1447 by updating Safe.pm to the current,
not-affected version
not-affected version
MAIN commitmail json YAML
pkgsrc/games/freeciv-client/Makefile@1.43
/
diff
pkgsrc/games/freeciv-client/PLIST@1.3 / diff
pkgsrc/games/freeciv-server/Makefile@1.32 / diff
pkgsrc/games/freeciv-server/PLIST@1.3 / diff
pkgsrc/games/freeciv-share/Makefile@1.18 / diff
pkgsrc/games/freeciv-share/Makefile.common@1.37 / diff
pkgsrc/games/freeciv-share/PLIST@1.11 / diff
pkgsrc/games/freeciv-share/distinfo@1.23 / diff
pkgsrc/games/freeciv-share/patches/patch-aa@1.11 / diff
pkgsrc/games/freeciv-share/patches/patch-ab@1.9 / diff
pkgsrc/games/freeciv-share/patches/patch-ac@1.3 / diff
pkgsrc/games/freeciv-client/PLIST@1.3 / diff
pkgsrc/games/freeciv-server/Makefile@1.32 / diff
pkgsrc/games/freeciv-server/PLIST@1.3 / diff
pkgsrc/games/freeciv-share/Makefile@1.18 / diff
pkgsrc/games/freeciv-share/Makefile.common@1.37 / diff
pkgsrc/games/freeciv-share/PLIST@1.11 / diff
pkgsrc/games/freeciv-share/distinfo@1.23 / diff
pkgsrc/games/freeciv-share/patches/patch-aa@1.11 / diff
pkgsrc/games/freeciv-share/patches/patch-ab@1.9 / diff
pkgsrc/games/freeciv-share/patches/patch-ac@1.3 / diff
update of the freeciv packages to the latest version.
Fixes a security vulnerability. (SA40078)
Changelog:
--- 2.1.x - 2.2.0
* Built-in editor
* Expanded ruleset format:
* Unit classes
* Movement restrictions
* Can limit which terrains a unit can enter
* River-boats
* Wheeled units
* Which units another unit can transport
* Migration
* Plague
* Bases
* Calendar effects
* Changes to gameplay with default ruleset:
* New terrains:
o Deep Ocean (as Ocean but no specials and cannot be transformed)
o Lake (as Ocean but no Whales special; inland water below a certain size is generated as Lake)
* Triremes are not restricted to tiles next to land, but to (shallow) Ocean tiles; they now cannot even attempt to enter unsafe tiles
* Triremes no longer get the +1 movement bonus from Nuclear Power that other sea units get
* Triremes and Carriers can no longer attack land units
* Submarine attack strength reduced from 15 to 12 (to make it easier to defend against them with escorts)
* New base type buoy, which can be built by Engineers on water tiles with the Radio advance, and gives vision.
* Ruins (left behind by destroyed cities, no effect on gameplay currently)
* New advance Environmentalism and Solar Plant improvement, which can eliminate pollution from production
* Trade route value now depends on size of cities, not on trade generated in them
* New national borders system
* Coastal Defense now available earlier (requires Gunpowder instead of Metallurgy)
* No restrictions on specialists in small cities
* Terrain within working range of a city can no longer remain unknown
* Units in fortresses now regain 25% HP per turn (as in 2.0.x) instead of 100%
* New nations
* AI difficulty level: Cheating
* New server options:
* foggedborders: visibility of borders is subject to fog of war
* borders gains new modes where player can see all tiles inside borders, and borders extend to unknown tiles revealing them
* endspaceship controls whether spaceship reaching Alpha Cen ends the game
* trademindist controls the minimum distance for trade routes between your cities
* Times now specified in turns instead of years (endyear becomes endturn, onsetbarbs expressed in turns)
* simultaneousphases renamed to phasemode and gains new options
* Client interface changes:
* Menus and shortcut keys revamped; notable changes include:
o Connect with Road/Rail/Irrigation changes from Ctrl+Shift+R/L/I to Shift+R/L/I
o City Report: F1 to F4
o Go/Airlift to City: Shift+L to T
o Wake up Others (Shift+W) becomes Unsentry all on tile (Shift+S)
o Orders menu split into Select, Unit, Work, and Combat; Reports becomes Civilization
* Scripting improvements
* Event cache: messages from the last few turns can be replayed to clients on connection and saved in savegames
* Featured text in Gtk client, including colour coding and clickable links to mentioned cities/units/tiles
--- 2.2.0 - 2.2.1
* Stability fixes and refactoring. GNA#15305 GNA#15356 GNA#15432 GNA#15426 GNA#15332 GNAPATCH#1465 GNA#15348 GNA#15442 GNA#15468 GNA#15469 GNA#15480 GNA#15483 GNA#15456 GNA#15500 GNAPATCH#1490 GNA#15582 GNAPATCH#1513 GNAPATCH#1515 GNA#15661 GNAPATCH#1537 GNA#15450 GNA#15671 GNA#15714 GNA#15643 GNA#15734 GNA#15741 GNA#15730 GNAPATCH#1544 GNA#15377 GNA#15778 GNAPATCH#1598 GNA#15709 GNA#15844 GNA#15857 GNA#15908 GNA#15899 GNA#15983 GNA#16003
* client-sdl: Push the maximal resolution to 3200x2400 in options. GNA#15346
* Make impossible to change the server settings trademindist when the game is running. GNA#15405
* Fixed the display of workable tiles when investigating foreign cities. GNA#15411 GNA#15944
* Improved server logging. GNA#15404 GNA#15336 GNA#15460 GNA#15333 GNA#15523 GNAPATCH#1498 GNA#15923
* client-gtk2: Canceling server logon takes you back to the main menu. GNA#15388
* Fixed a bug where you were unable to initiate diplomatic meetings with other players under certain circumstances. GNA#15439
* Internationalization and string fixes. GNA#15443 GNA#15403 GNA#15427 GNA#15457 GNA#15440 GNA#15455 GNA#15467 GNA#15478 GNA#15477 GNA#15484 GNA#15487 GNA#15585 GNA#15665 GNAPATCH#1569 GNA#15790 GNA#15809 GNA#15808 GNA#15802 GNA#15890
* Fixed bugs with voting. GNA#15451
* client-gtk2 Use city id instead of name in the goto dialog. GNA#15435
* Fixed a bug where air bases wouldn't work on certain tiles. GNA#15446
* Improved city illness. GNA#15373 GNA#15394 GNA#15422 GNA#15499
* Do not show new city dialog if city cannot be built GNA#15328
* client-gtk2: Made the unit info label scrollable to prevent the map view to resize. GNA#15504
* Do not show team name in victory message in the case there's only one team member. GNA#15511
* Improved documentation. GNA#13848 GNA#15667 GNA#15345
* Fixed goto turn time calculations. GNA#15503 GNA#15722
* Fixed a bug where the -M <metaserver> command line parameter was ignored. GNA#15538
* Improvements to Lua scripting. GNAPATCH#1503 GNA#15531 GNA#15586 GNA#15596 GNA#15602 GNA#15606 GNA#15612 GNAPATCH#1526 GNAPATCH#1531 GNAPATCH#1532 GNAPATCH#1533 GNAPATCH#1535 GNA#15675 GNA#15624 GNAPATCH#1553 GNAPATCH#1554 GNAPATCH#1552 GNA#15705 GNA#15706 GNA#15707 GNAPATCH#1599 GNA#13709 GNA#13709 GNAPATCH#1621 GNA#15725 GNA#15860 GNAPATCH#1617 GNA#15586 GNA#15696
* Fixed configuration and compilation warnings. GNA#15549 GNA#15575
* Added a column for plague risk in city report. GNA#15376
* Fixed bugs with loading saved games. GNA#15520 GNA#15581 GNA#15660
* Fixed the display of global warming / nuclear winter in the client. GNA#15563
* Disallowed paradrops inside peaceful foreign borders. GNA#15569
* Give a palace to nations split off by civil war. GNA#15548
* Fixed editor UI bugs. GNA#15578 GNA#15579 GNA#15605
* client-gtk2: Made 'Work' menu adapt to terrain for multiple units on single tile. GNA#15611
* Introduced Lake terrain in more scenario maps. GNA#15610
* Fixed minor issues with isotrident and amplio tilesets. GNA#15621 GNA#15777
* client-gtk2: Made the pregame player context menu stay open with one click. GNA#15593
* Disallowed transporter units to load into themselves. GNA#15616
* Don't close client dialogs when switching tileset. GNA#15620
* client-gtk2: Made client work with GTK versions older than 2.6. GNA#15637
* client-gtk2: Added tooltips for columns in the city report. GNA#15603
* Made improvement upkeep visible in "Info" column of worklist editor. GNAPATCH#1563
* Fixed mangled server "help options" output. GNA#15723
* client-gtk2: Improved the "Start Scenario Game" page. GNA#15663
* client-gtk2: Center map view at start of first game. GNA#15738
* Show pillage activity in middle-click map popup. GNAPATCH#1566
* Create ruins for disbanded cities. GNAPATCH#1570
* Avoid getting migrants that starve to death instantly. GNA#15760 GNAPATCH#1579
* client-gtk2: Improvements diplomacy dialog. GNA#15776
* client-gtk2: Sort the science dialog technologies in alphabetical order. GNA#15779
* Do not require an extra endline at the end of ruleset files. GNA#15816
* client-sdl: Fixed bug where popups were not displayed. GNA#13493
* Fixes to freedesktop.org file. GNA#15878
* Avoid transforming a city tile to a terrain that won't support the city. GNA#15630
* Fixed a bug with the France scenario that caused trouble building improvements the first few turns. GNA#15892
* Fixed bugs with the CMA UI. GNA#15909
* Reworked pillaging. GNA#15744 GNA#15742
* Changed the build system to work better with shared libraries. GNA#15973
* Fixed typos in civil war nations. GNA#15378
* Made linking work with binutils-gold. GNA#15400
* Updated translations: Ukrainian, Korean, Catalan, French, Spanish, Russian, Italian
Fixes a security vulnerability. (SA40078)
Changelog:
--- 2.1.x - 2.2.0
* Built-in editor
* Expanded ruleset format:
* Unit classes
* Movement restrictions
* Can limit which terrains a unit can enter
* River-boats
* Wheeled units
* Which units another unit can transport
* Migration
* Plague
* Bases
* Calendar effects
* Changes to gameplay with default ruleset:
* New terrains:
o Deep Ocean (as Ocean but no specials and cannot be transformed)
o Lake (as Ocean but no Whales special; inland water below a certain size is generated as Lake)
* Triremes are not restricted to tiles next to land, but to (shallow) Ocean tiles; they now cannot even attempt to enter unsafe tiles
* Triremes no longer get the +1 movement bonus from Nuclear Power that other sea units get
* Triremes and Carriers can no longer attack land units
* Submarine attack strength reduced from 15 to 12 (to make it easier to defend against them with escorts)
* New base type buoy, which can be built by Engineers on water tiles with the Radio advance, and gives vision.
* Ruins (left behind by destroyed cities, no effect on gameplay currently)
* New advance Environmentalism and Solar Plant improvement, which can eliminate pollution from production
* Trade route value now depends on size of cities, not on trade generated in them
* New national borders system
* Coastal Defense now available earlier (requires Gunpowder instead of Metallurgy)
* No restrictions on specialists in small cities
* Terrain within working range of a city can no longer remain unknown
* Units in fortresses now regain 25% HP per turn (as in 2.0.x) instead of 100%
* New nations
* AI difficulty level: Cheating
* New server options:
* foggedborders: visibility of borders is subject to fog of war
* borders gains new modes where player can see all tiles inside borders, and borders extend to unknown tiles revealing them
* endspaceship controls whether spaceship reaching Alpha Cen ends the game
* trademindist controls the minimum distance for trade routes between your cities
* Times now specified in turns instead of years (endyear becomes endturn, onsetbarbs expressed in turns)
* simultaneousphases renamed to phasemode and gains new options
* Client interface changes:
* Menus and shortcut keys revamped; notable changes include:
o Connect with Road/Rail/Irrigation changes from Ctrl+Shift+R/L/I to Shift+R/L/I
o City Report: F1 to F4
o Go/Airlift to City: Shift+L to T
o Wake up Others (Shift+W) becomes Unsentry all on tile (Shift+S)
o Orders menu split into Select, Unit, Work, and Combat; Reports becomes Civilization
* Scripting improvements
* Event cache: messages from the last few turns can be replayed to clients on connection and saved in savegames
* Featured text in Gtk client, including colour coding and clickable links to mentioned cities/units/tiles
--- 2.2.0 - 2.2.1
* Stability fixes and refactoring. GNA#15305 GNA#15356 GNA#15432 GNA#15426 GNA#15332 GNAPATCH#1465 GNA#15348 GNA#15442 GNA#15468 GNA#15469 GNA#15480 GNA#15483 GNA#15456 GNA#15500 GNAPATCH#1490 GNA#15582 GNAPATCH#1513 GNAPATCH#1515 GNA#15661 GNAPATCH#1537 GNA#15450 GNA#15671 GNA#15714 GNA#15643 GNA#15734 GNA#15741 GNA#15730 GNAPATCH#1544 GNA#15377 GNA#15778 GNAPATCH#1598 GNA#15709 GNA#15844 GNA#15857 GNA#15908 GNA#15899 GNA#15983 GNA#16003
* client-sdl: Push the maximal resolution to 3200x2400 in options. GNA#15346
* Make impossible to change the server settings trademindist when the game is running. GNA#15405
* Fixed the display of workable tiles when investigating foreign cities. GNA#15411 GNA#15944
* Improved server logging. GNA#15404 GNA#15336 GNA#15460 GNA#15333 GNA#15523 GNAPATCH#1498 GNA#15923
* client-gtk2: Canceling server logon takes you back to the main menu. GNA#15388
* Fixed a bug where you were unable to initiate diplomatic meetings with other players under certain circumstances. GNA#15439
* Internationalization and string fixes. GNA#15443 GNA#15403 GNA#15427 GNA#15457 GNA#15440 GNA#15455 GNA#15467 GNA#15478 GNA#15477 GNA#15484 GNA#15487 GNA#15585 GNA#15665 GNAPATCH#1569 GNA#15790 GNA#15809 GNA#15808 GNA#15802 GNA#15890
* Fixed bugs with voting. GNA#15451
* client-gtk2 Use city id instead of name in the goto dialog. GNA#15435
* Fixed a bug where air bases wouldn't work on certain tiles. GNA#15446
* Improved city illness. GNA#15373 GNA#15394 GNA#15422 GNA#15499
* Do not show new city dialog if city cannot be built GNA#15328
* client-gtk2: Made the unit info label scrollable to prevent the map view to resize. GNA#15504
* Do not show team name in victory message in the case there's only one team member. GNA#15511
* Improved documentation. GNA#13848 GNA#15667 GNA#15345
* Fixed goto turn time calculations. GNA#15503 GNA#15722
* Fixed a bug where the -M <metaserver> command line parameter was ignored. GNA#15538
* Improvements to Lua scripting. GNAPATCH#1503 GNA#15531 GNA#15586 GNA#15596 GNA#15602 GNA#15606 GNA#15612 GNAPATCH#1526 GNAPATCH#1531 GNAPATCH#1532 GNAPATCH#1533 GNAPATCH#1535 GNA#15675 GNA#15624 GNAPATCH#1553 GNAPATCH#1554 GNAPATCH#1552 GNA#15705 GNA#15706 GNA#15707 GNAPATCH#1599 GNA#13709 GNA#13709 GNAPATCH#1621 GNA#15725 GNA#15860 GNAPATCH#1617 GNA#15586 GNA#15696
* Fixed configuration and compilation warnings. GNA#15549 GNA#15575
* Added a column for plague risk in city report. GNA#15376
* Fixed bugs with loading saved games. GNA#15520 GNA#15581 GNA#15660
* Fixed the display of global warming / nuclear winter in the client. GNA#15563
* Disallowed paradrops inside peaceful foreign borders. GNA#15569
* Give a palace to nations split off by civil war. GNA#15548
* Fixed editor UI bugs. GNA#15578 GNA#15579 GNA#15605
* client-gtk2: Made 'Work' menu adapt to terrain for multiple units on single tile. GNA#15611
* Introduced Lake terrain in more scenario maps. GNA#15610
* Fixed minor issues with isotrident and amplio tilesets. GNA#15621 GNA#15777
* client-gtk2: Made the pregame player context menu stay open with one click. GNA#15593
* Disallowed transporter units to load into themselves. GNA#15616
* Don't close client dialogs when switching tileset. GNA#15620
* client-gtk2: Made client work with GTK versions older than 2.6. GNA#15637
* client-gtk2: Added tooltips for columns in the city report. GNA#15603
* Made improvement upkeep visible in "Info" column of worklist editor. GNAPATCH#1563
* Fixed mangled server "help options" output. GNA#15723
* client-gtk2: Improved the "Start Scenario Game" page. GNA#15663
* client-gtk2: Center map view at start of first game. GNA#15738
* Show pillage activity in middle-click map popup. GNAPATCH#1566
* Create ruins for disbanded cities. GNAPATCH#1570
* Avoid getting migrants that starve to death instantly. GNA#15760 GNAPATCH#1579
* client-gtk2: Improvements diplomacy dialog. GNA#15776
* client-gtk2: Sort the science dialog technologies in alphabetical order. GNA#15779
* Do not require an extra endline at the end of ruleset files. GNA#15816
* client-sdl: Fixed bug where popups were not displayed. GNA#13493
* Fixes to freedesktop.org file. GNA#15878
* Avoid transforming a city tile to a terrain that won't support the city. GNA#15630
* Fixed a bug with the France scenario that caused trouble building improvements the first few turns. GNA#15892
* Fixed bugs with the CMA UI. GNA#15909
* Reworked pillaging. GNA#15744 GNA#15742
* Changed the build system to work better with shared libraries. GNA#15973
* Fixed typos in civil war nations. GNA#15378
* Made linking work with binutils-gold. GNA#15400
* Updated translations: Ukrainian, Korean, Catalan, French, Spanish, Russian, Italian
MAIN commitmail json YAML
pkgsrc/print/xpdf/Makefile@1.72
/
diff
pkgsrc/print/xpdf/distinfo@1.37 / diff
pkgsrc/print/xpdf/patches/patch-ai@1.3 / diff
pkgsrc/print/xpdf/patches/patch-ak@1.4 / diff
pkgsrc/print/xpdf/patches/patch-al@1.3 / diff
pkgsrc/print/xpdf/distinfo@1.37 / diff
pkgsrc/print/xpdf/patches/patch-ai@1.3 / diff
pkgsrc/print/xpdf/patches/patch-ak@1.4 / diff
pkgsrc/print/xpdf/patches/patch-al@1.3 / diff
the fonts that xpdf uses used to be in ghostscript-fonts, but nowadays
they are present in urw-fonts; fix dependencies and font search paths.
Also add X11R7 to the font search paths.
they are present in urw-fonts; fix dependencies and font search paths.
Also add X11R7 to the font search paths.
pkgsrc-2010Q1 commitmail json YAML
pullups 3144 + 3145
pkgsrc-2010Q1 commitmail json YAML
pkgsrc/www/apache22/Makefile@1.56.2.1
/
diff
pkgsrc/www/apache22/distinfo@1.31.2.1 / diff
pkgsrc/www/apache22/patches/patch-af@1.3.2.2 / diff
pkgsrc/www/apache22/distinfo@1.31.2.1 / diff
pkgsrc/www/apache22/patches/patch-af@1.3.2.2 / diff
Pullup ticket 3145 - requested by tron
security fix
Revisions pulled up:
- pkgsrc/www/apache22/Makefile 1.59
- pkgsrc/www/apache22/distinfo 1.33
- pkgsrc/www/apache22/patches/patch-af 1.3
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Jun 12 10:40:27 UTC 2010
Modified Files:
pkgsrc/www/apache22: Makefile distinfo
Added Files:
pkgsrc/www/apache22/patches: patch-af
Log Message:
Add patch provided by the Apache foundation to close the privacy leak
reported in CVE-2010-2068.
To generate a diff of this commit:
cvs rdiff -u -r1.58 -r1.59 pkgsrc/www/apache22/Makefile
cvs rdiff -u -r1.32 -r1.33 pkgsrc/www/apache22/distinfo
cvs rdiff -u -r0 -r1.3 pkgsrc/www/apache22/patches/patch-af
security fix
Revisions pulled up:
- pkgsrc/www/apache22/Makefile 1.59
- pkgsrc/www/apache22/distinfo 1.33
- pkgsrc/www/apache22/patches/patch-af 1.3
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Jun 12 10:40:27 UTC 2010
Modified Files:
pkgsrc/www/apache22: Makefile distinfo
Added Files:
pkgsrc/www/apache22/patches: patch-af
Log Message:
Add patch provided by the Apache foundation to close the privacy leak
reported in CVE-2010-2068.
To generate a diff of this commit:
cvs rdiff -u -r1.58 -r1.59 pkgsrc/www/apache22/Makefile
cvs rdiff -u -r1.32 -r1.33 pkgsrc/www/apache22/distinfo
cvs rdiff -u -r0 -r1.3 pkgsrc/www/apache22/patches/patch-af
pkgsrc-2010Q1 commitmail json YAML
Pullup ticket 3144 - requested by tron
security update
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.46
- pkgsrc/net/wireshark/distinfo 1.32
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu Jun 10 18:24:40 UTC 2010
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update "wireshark" package to version 1.2.9. Changes since version 1.2.8:
- Bug Fixes
- The following vulnerabilities have been fixed.
- The SMB dissector could dereference a NULL pointer. (Bug 4734)
- J. Oquendo discovered that the ASN.1 BER dissector could overrun
the stack.
- The SMB PIPE dissector could dereference a NULL pointer on some
platforms.
- The SigComp Universal Decompressor Virtual Machine could go into an
infinite loop. (Bug 4826)
- The SigComp Universal Decompressor Virtual Machine could overrun
a buffer. (Bug 4837)
- The following bugs have been fixed:
- Cannot open file with File -> Open. (Bug 1791)
- Application crash when changing real-time option. (Bug 4035)
- Crash in filter autocompletion. (Bug 4306)
- The XML dissector doesn't allow dots (".") in tags. (Bug 4405)
- Live capture stops when using zlib 1.2.5. (Bug 4708)
- Want to be able to apply decode as to Data Portion of Lan Trace.
(Bug 4721)
- SABP short pdu (packet_per.c). (Bug 4743)
- Kerberos pre-auth type constants - MS extensions are wrong. (Bug 4752)
- Check HTTP Content-Length parsing for overflow. (Bug 4758)
- Wrong variable used for proto_tree_add_text() in ptp dissector.
(Bug 4773)
- Crash when close window frame of gtk file chooser. (Bug 4778)
- Wrong decoding for BGP ORF. (Bug 4782)
- Crash when Ctrl-Backspacing the display filter. (Bug 4797)
- Acker AFI field incorrect size in PGM dissector. (Bug 4798)
- Fedora 13: wireshark fails to build (linking problem). (Bug 4815)
- The NFS FH hash (nfs.fh.hash) incorrectly matches multiple filehandles.
(Bug 4839)
- AES-CTR decoding not working, (dissectors/packet_ipsec.c using gcrypt).
(Bug 4838)
- Updated Protocol Support
ASN.1 BER, BGP, HTTP, IGMP, IPsec, Kerberos, NFS, PGM, PTP, SABP, SigComp,
SMB, TCAP, XML,
- Updated Capture File Support
ERF, PacketLogger.
To generate a diff of this commit:
cvs rdiff -u -r1.45 -r1.46 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.31 -r1.32 pkgsrc/net/wireshark/distinfo
security update
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.46
- pkgsrc/net/wireshark/distinfo 1.32
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu Jun 10 18:24:40 UTC 2010
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update "wireshark" package to version 1.2.9. Changes since version 1.2.8:
- Bug Fixes
- The following vulnerabilities have been fixed.
- The SMB dissector could dereference a NULL pointer. (Bug 4734)
- J. Oquendo discovered that the ASN.1 BER dissector could overrun
the stack.
- The SMB PIPE dissector could dereference a NULL pointer on some
platforms.
- The SigComp Universal Decompressor Virtual Machine could go into an
infinite loop. (Bug 4826)
- The SigComp Universal Decompressor Virtual Machine could overrun
a buffer. (Bug 4837)
- The following bugs have been fixed:
- Cannot open file with File -> Open. (Bug 1791)
- Application crash when changing real-time option. (Bug 4035)
- Crash in filter autocompletion. (Bug 4306)
- The XML dissector doesn't allow dots (".") in tags. (Bug 4405)
- Live capture stops when using zlib 1.2.5. (Bug 4708)
- Want to be able to apply decode as to Data Portion of Lan Trace.
(Bug 4721)
- SABP short pdu (packet_per.c). (Bug 4743)
- Kerberos pre-auth type constants - MS extensions are wrong. (Bug 4752)
- Check HTTP Content-Length parsing for overflow. (Bug 4758)
- Wrong variable used for proto_tree_add_text() in ptp dissector.
(Bug 4773)
- Crash when close window frame of gtk file chooser. (Bug 4778)
- Wrong decoding for BGP ORF. (Bug 4782)
- Crash when Ctrl-Backspacing the display filter. (Bug 4797)
- Acker AFI field incorrect size in PGM dissector. (Bug 4798)
- Fedora 13: wireshark fails to build (linking problem). (Bug 4815)
- The NFS FH hash (nfs.fh.hash) incorrectly matches multiple filehandles.
(Bug 4839)
- AES-CTR decoding not working, (dissectors/packet_ipsec.c using gcrypt).
(Bug 4838)
- Updated Protocol Support
ASN.1 BER, BGP, HTTP, IGMP, IPsec, Kerberos, NFS, PGM, PTP, SABP, SigComp,
SMB, TCAP, XML,
- Updated Capture File Support
ERF, PacketLogger.
To generate a diff of this commit:
cvs rdiff -u -r1.45 -r1.46 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.31 -r1.32 pkgsrc/net/wireshark/distinfo
pkgsrc-2010Q1 commitmail json YAML
pullup 3139
pkgsrc-2010Q1 commitmail json YAML
pkgsrc/databases/mysql5-client/Makefile.common@1.38.2.1
/
diff
pkgsrc/databases/mysql5-client/buildlink3.mk@1.15.2.1 / diff
pkgsrc/databases/mysql5-client/distinfo@1.28.2.1 / diff
pkgsrc/databases/mysql5-server/distinfo@1.24.2.1 / diff
pkgsrc/databases/mysql5-client/buildlink3.mk@1.15.2.1 / diff
pkgsrc/databases/mysql5-client/distinfo@1.28.2.1 / diff
pkgsrc/databases/mysql5-server/distinfo@1.24.2.1 / diff
Pullup ticket 3139 - requested by taca
security update
Revisions pulled up:
- pkgsrc/databases/mysql5-client/Makefile.common 1.39
- pkgsrc/databases/mysql5-client/buildlink3.mk 1.16
- pkgsrc/databases/mysql5-client/distinfo 1.29
- pkgsrc/databases/mysql5-server/distinfo 1.25
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Jun 2 13:34:45 UTC 2010
Modified Files:
pkgsrc/databases/mysql5-client: Makefile.common buildlink3.mk distinfo
pkgsrc/databases/mysql5-server: distinfo
Log Message:
Update mysql5-{client,server} package to 5.0.91.
For full changes, refer http://dev.mysql.com/doc/refman/5.0/en/news-5-0-91.html.
Here is security related changes.
* Security Fix: The server failed to check the table name argument of
a COM_FIELD_LIST command packet for validity and compliance to
acceptable table name standards. This could be exploited to bypass
almost all forms of checks for privileges and table-level grants by
providing a specially crafted table name argument to COM_FIELD_LIST.
In MySQL 5.0 and above, this allowed an authenticated user with
SELECT privileges on one table to obtain the field definitions of
any table in all other databases and potentially of other MySQL
instances accessible from the server's file system.
Additionally, for MySQL version 5.1 and above, an authenticated user
with DELETE or SELECT privileges on one table could delete or read
content from any other table in all databases on this server, and
potentially of other MySQL instances accessible from the server's
file system. (Bug#53371, CVE-2010-1848)
* Security Fix: The server was susceptible to a buffer-overflow attack
due to a failure to perform bounds checking on the table name
argument of a COM_FIELD_LIST command packet. By sending long data
for the table name, a buffer is overflown, which could be exploited
by an authenticated user to inject malicious code. (Bug#53237,
CVE-2010-1850)
* Security Fix: The server could be tricked into reading packets
indefinitely if it received a packet larger than the maximum size of
one packet. (Bug#50974, CVE-2010-1849)
To generate a diff of this commit:
cvs rdiff -u -r1.38 -r1.39 pkgsrc/databases/mysql5-client/Makefile.common
cvs rdiff -u -r1.15 -r1.16 pkgsrc/databases/mysql5-client/buildlink3.mk
cvs rdiff -u -r1.28 -r1.29 pkgsrc/databases/mysql5-client/distinfo
cvs rdiff -u -r1.24 -r1.25 pkgsrc/databases/mysql5-server/distinfo
security update
Revisions pulled up:
- pkgsrc/databases/mysql5-client/Makefile.common 1.39
- pkgsrc/databases/mysql5-client/buildlink3.mk 1.16
- pkgsrc/databases/mysql5-client/distinfo 1.29
- pkgsrc/databases/mysql5-server/distinfo 1.25
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Jun 2 13:34:45 UTC 2010
Modified Files:
pkgsrc/databases/mysql5-client: Makefile.common buildlink3.mk distinfo
pkgsrc/databases/mysql5-server: distinfo
Log Message:
Update mysql5-{client,server} package to 5.0.91.
For full changes, refer http://dev.mysql.com/doc/refman/5.0/en/news-5-0-91.html.
Here is security related changes.
* Security Fix: The server failed to check the table name argument of
a COM_FIELD_LIST command packet for validity and compliance to
acceptable table name standards. This could be exploited to bypass
almost all forms of checks for privileges and table-level grants by
providing a specially crafted table name argument to COM_FIELD_LIST.
In MySQL 5.0 and above, this allowed an authenticated user with
SELECT privileges on one table to obtain the field definitions of
any table in all other databases and potentially of other MySQL
instances accessible from the server's file system.
Additionally, for MySQL version 5.1 and above, an authenticated user
with DELETE or SELECT privileges on one table could delete or read
content from any other table in all databases on this server, and
potentially of other MySQL instances accessible from the server's
file system. (Bug#53371, CVE-2010-1848)
* Security Fix: The server was susceptible to a buffer-overflow attack
due to a failure to perform bounds checking on the table name
argument of a COM_FIELD_LIST command packet. By sending long data
for the table name, a buffer is overflown, which could be exploited
by an authenticated user to inject malicious code. (Bug#53237,
CVE-2010-1850)
* Security Fix: The server could be tricked into reading packets
indefinitely if it received a packet larger than the maximum size of
one packet. (Bug#50974, CVE-2010-1849)
To generate a diff of this commit:
cvs rdiff -u -r1.38 -r1.39 pkgsrc/databases/mysql5-client/Makefile.common
cvs rdiff -u -r1.15 -r1.16 pkgsrc/databases/mysql5-client/buildlink3.mk
cvs rdiff -u -r1.28 -r1.29 pkgsrc/databases/mysql5-client/distinfo
cvs rdiff -u -r1.24 -r1.25 pkgsrc/databases/mysql5-server/distinfo
pkgsrc-2010Q1 commitmail json YAML
pullup 3131
pkgsrc-2010Q1 commitmail json YAML
Pullup ticket 3131 - requested by is
bugfix update
Revisions pulled up:
- pkgsrc/shells/mksh/Makefile 1.15
- pkgsrc/shells/mksh/distinfo 1.14
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: is
Date: Fri May 28 12:26:49 UTC 2010
Modified Files:
pkgsrc/shells/mksh: Makefile distinfo
Log Message:
Update to mksh-39c on suggestion from Thorsten Glaser.
To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 pkgsrc/shells/mksh/Makefile
cvs rdiff -u -r1.13 -r1.14 pkgsrc/shells/mksh/distinfo
bugfix update
Revisions pulled up:
- pkgsrc/shells/mksh/Makefile 1.15
- pkgsrc/shells/mksh/distinfo 1.14
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: is
Date: Fri May 28 12:26:49 UTC 2010
Modified Files:
pkgsrc/shells/mksh: Makefile distinfo
Log Message:
Update to mksh-39c on suggestion from Thorsten Glaser.
To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 pkgsrc/shells/mksh/Makefile
cvs rdiff -u -r1.13 -r1.14 pkgsrc/shells/mksh/distinfo
pkgsrc-2010Q1 commitmail json YAML
pullups 3137 and 3138
pkgsrc-2010Q1 commitmail json YAML
Pullup ticket 3138 - requested by pettai
functionality fix
Revisions pulled up:
- pkgsrc/mail/mimedefang/Makefile 1.45
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: pettai
Date: Thu Jun 3 09:37:51 UTC 2010
Modified Files:
pkgsrc/mail/mimedefang: Makefile
Log Message:
part of PR pkg/43380 that didn't make it the first commit
To generate a diff of this commit:
cvs rdiff -u -r1.43 -r1.44 pkgsrc/mail/mimedefang/Makefile
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: pettai
Date: Fri Jun 4 21:00:07 UTC 2010
Modified Files:
pkgsrc/mail/mimedefang: Makefile
Log Message:
Bump PKGREVISION for the bulkbuild
To generate a diff of this commit:
cvs rdiff -u -r1.44 -r1.45 pkgsrc/mail/mimedefang/Makefile
functionality fix
Revisions pulled up:
- pkgsrc/mail/mimedefang/Makefile 1.45
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: pettai
Date: Thu Jun 3 09:37:51 UTC 2010
Modified Files:
pkgsrc/mail/mimedefang: Makefile
Log Message:
part of PR pkg/43380 that didn't make it the first commit
To generate a diff of this commit:
cvs rdiff -u -r1.43 -r1.44 pkgsrc/mail/mimedefang/Makefile
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: pettai
Date: Fri Jun 4 21:00:07 UTC 2010
Modified Files:
pkgsrc/mail/mimedefang: Makefile
Log Message:
Bump PKGREVISION for the bulkbuild
To generate a diff of this commit:
cvs rdiff -u -r1.44 -r1.45 pkgsrc/mail/mimedefang/Makefile
pkgsrc-2010Q1 commitmail json YAML
Pullup ticket 3137 - requested by kefren
security update
Revisions pulled up:
- pkgsrc/security/sudo/Makefile 1.121
- pkgsrc/security/sudo/distinfo 1.63
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Jun 3 14:53:14 UTC 2010
Modified Files:
pkgsrc/security/sudo: Makefile distinfo
Log Message:
Update security/sudo package to 1.7.2p7.
For more detail: http://www.sudo.ws/sudo/alerts/secure_path.html
Summary:
Sudo "secure path" feature works by replacing the PATH environment
variable with a value specified in the sudoers file, or at
compile time if the --with-secure-path configure option is used.
The flaw is that sudo only replaces the first instance of PATH
in the environment. If the program being run through sudo uses
the last instance of PATH in the environment, an attacker may
be able to avoid the "secure path" restrictions.
Sudo versions affected:
Sudo 1.3.1 through 1.6.9p22 and Sudo 1.7.0 through 1.7.2p6.
To generate a diff of this commit:
cvs rdiff -u -r1.120 -r1.121 pkgsrc/security/sudo/Makefile
cvs rdiff -u -r1.62 -r1.63 pkgsrc/security/sudo/distinfo
security update
Revisions pulled up:
- pkgsrc/security/sudo/Makefile 1.121
- pkgsrc/security/sudo/distinfo 1.63
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Jun 3 14:53:14 UTC 2010
Modified Files:
pkgsrc/security/sudo: Makefile distinfo
Log Message:
Update security/sudo package to 1.7.2p7.
For more detail: http://www.sudo.ws/sudo/alerts/secure_path.html
Summary:
Sudo "secure path" feature works by replacing the PATH environment
variable with a value specified in the sudoers file, or at
compile time if the --with-secure-path configure option is used.
The flaw is that sudo only replaces the first instance of PATH
in the environment. If the program being run through sudo uses
the last instance of PATH in the environment, an attacker may
be able to avoid the "secure path" restrictions.
Sudo versions affected:
Sudo 1.3.1 through 1.6.9p22 and Sudo 1.7.0 through 1.7.2p6.
To generate a diff of this commit:
cvs rdiff -u -r1.120 -r1.121 pkgsrc/security/sudo/Makefile
cvs rdiff -u -r1.62 -r1.63 pkgsrc/security/sudo/distinfo
pkgsrc-2010Q1 commitmail json YAML
pullup 3136
pkgsrc-2010Q1 commitmail json YAML
pkgsrc/chat/p5-POE-Component-IRC/Makefile@1.9.4.1
/
diff
pkgsrc/chat/p5-POE-Component-IRC/distinfo@1.4.4.1 / diff
pkgsrc/chat/p5-POE-Component-IRC/distinfo@1.4.4.1 / diff
Pullup ticket 3136 - requested by kefren
security update
Revisions pulled up:
- pkgsrc/chat/p5-POE-Component-IRC/Makefile 1.10
- pkgsrc/chat/p5-POE-Component-IRC/distinfo 1.5
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: kefren
Date: Thu Jun 3 09:12:50 UTC 2010
Modified Files:
pkgsrc/chat/p5-POE-Component-IRC: Makefile distinfo
Log Message:
Security update to 6.32
See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=581194
To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 pkgsrc/chat/p5-POE-Component-IRC/Makefile
cvs rdiff -u -r1.4 -r1.5 pkgsrc/chat/p5-POE-Component-IRC/distinfo
security update
Revisions pulled up:
- pkgsrc/chat/p5-POE-Component-IRC/Makefile 1.10
- pkgsrc/chat/p5-POE-Component-IRC/distinfo 1.5
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: kefren
Date: Thu Jun 3 09:12:50 UTC 2010
Modified Files:
pkgsrc/chat/p5-POE-Component-IRC: Makefile distinfo
Log Message:
Security update to 6.32
See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=581194
To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 pkgsrc/chat/p5-POE-Component-IRC/Makefile
cvs rdiff -u -r1.4 -r1.5 pkgsrc/chat/p5-POE-Component-IRC/distinfo
pkgsrc-2010Q1 commitmail json YAML
pullups 3132, 3133, 3134 and 3135
pkgsrc-2010Q1 commitmail json YAML
pkgsrc/security/openssl/Makefile@1.146.2.1
/
diff
pkgsrc/security/openssl/distinfo@1.73.2.1 / diff
pkgsrc/security/openssl/patches/patch-bc deleted
pkgsrc/security/openssl/distinfo@1.73.2.1 / diff
pkgsrc/security/openssl/patches/patch-bc deleted
Pullup ticket 3135 - requested by taca
security update
Revisions pulled up:
- pkgsrc/security/openssl/Makefile 1.149
- pkgsrc/security/openssl/distinfo 1.75
Files removed:
pkgsrc/security/openssl/patches/patch-bc
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Apr 12 14:19:17 UTC 2010
Modified Files:
pkgsrc/security/openssl: Makefile distinfo
Removed Files:
pkgsrc/security/openssl/patches: patch-bc
Log Message:
Update openssl package from 0.9.8m to 0.9.8n.
Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
*) When rejecting SSL/TLS records due to an incorrect version number, never
update s->server with a new major version number. As of
- OpenSSL 0.9.8m if 'short' is a 16-bit type,
- OpenSSL 0.9.8f if 'short' is longer than 16 bits,
the previous behavior could result in a read attempt at NULL when
receiving specific incorrect SSL/TLS records once record payload
protection is active. (CVE-2010-0740)
[Bodo Moeller, Adam Langley <agl@chromium.org>]
*) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
could be crashed if the relevant tables were not present (e.g. chrooted).
[Tomas Hoger <thoger@redhat.com>]
To generate a diff of this commit:
cvs rdiff -u -r1.146 -r1.147 pkgsrc/security/openssl/Makefile
cvs rdiff -u -r1.73 -r1.74 pkgsrc/security/openssl/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/security/openssl/patches/patch-bc
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: adam
Date: Sat May 8 06:33:41 UTC 2010
Modified Files:
pkgsrc/security/openssl: Makefile
Log Message:
Set correct architecture on Darwin
To generate a diff of this commit:
cvs rdiff -u -r1.147 -r1.148 pkgsrc/security/openssl/Makefile
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Jun 2 13:30:11 UTC 2010
Modified Files:
pkgsrc/security/openssl: Makefile distinfo
Log Message:
Update security/openssl package to 0.9.8o.
OpenSSL CHANGES
_______________
Changes between 0.9.8n and 0.9.8o [01 Jun 2010]
*) Correct a typo in the CMS ASN1 module which can result in invalid memory
access or freeing data twice (CVE-2010-0742)
[Steve Henson, Ronald Moesbergen <intercommit@gmail.com>]
*) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more
common in certificates and some applications which only call
SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
[Steve Henson]
*) VMS fixes:
Reduce copying into .apps and .test in makevms.com
Don't try to use blank CA certificate in CA.com
Allow use of C files from original directories in maketests.com
[Steven M. Schweda" <sms@antinode.info>]
To generate a diff of this commit:
cvs rdiff -u -r1.148 -r1.149 pkgsrc/security/openssl/Makefile
cvs rdiff -u -r1.74 -r1.75 pkgsrc/security/openssl/distinfo
security update
Revisions pulled up:
- pkgsrc/security/openssl/Makefile 1.149
- pkgsrc/security/openssl/distinfo 1.75
Files removed:
pkgsrc/security/openssl/patches/patch-bc
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Apr 12 14:19:17 UTC 2010
Modified Files:
pkgsrc/security/openssl: Makefile distinfo
Removed Files:
pkgsrc/security/openssl/patches: patch-bc
Log Message:
Update openssl package from 0.9.8m to 0.9.8n.
Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
*) When rejecting SSL/TLS records due to an incorrect version number, never
update s->server with a new major version number. As of
- OpenSSL 0.9.8m if 'short' is a 16-bit type,
- OpenSSL 0.9.8f if 'short' is longer than 16 bits,
the previous behavior could result in a read attempt at NULL when
receiving specific incorrect SSL/TLS records once record payload
protection is active. (CVE-2010-0740)
[Bodo Moeller, Adam Langley <agl@chromium.org>]
*) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
could be crashed if the relevant tables were not present (e.g. chrooted).
[Tomas Hoger <thoger@redhat.com>]
To generate a diff of this commit:
cvs rdiff -u -r1.146 -r1.147 pkgsrc/security/openssl/Makefile
cvs rdiff -u -r1.73 -r1.74 pkgsrc/security/openssl/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/security/openssl/patches/patch-bc
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: adam
Date: Sat May 8 06:33:41 UTC 2010
Modified Files:
pkgsrc/security/openssl: Makefile
Log Message:
Set correct architecture on Darwin
To generate a diff of this commit:
cvs rdiff -u -r1.147 -r1.148 pkgsrc/security/openssl/Makefile
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Jun 2 13:30:11 UTC 2010
Modified Files:
pkgsrc/security/openssl: Makefile distinfo
Log Message:
Update security/openssl package to 0.9.8o.
OpenSSL CHANGES
_______________
Changes between 0.9.8n and 0.9.8o [01 Jun 2010]
*) Correct a typo in the CMS ASN1 module which can result in invalid memory
access or freeing data twice (CVE-2010-0742)
[Steve Henson, Ronald Moesbergen <intercommit@gmail.com>]
*) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more
common in certificates and some applications which only call
SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
[Steve Henson]
*) VMS fixes:
Reduce copying into .apps and .test in makevms.com
Don't try to use blank CA certificate in CA.com
Allow use of C files from original directories in maketests.com
[Steven M. Schweda" <sms@antinode.info>]
To generate a diff of this commit:
cvs rdiff -u -r1.148 -r1.149 pkgsrc/security/openssl/Makefile
cvs rdiff -u -r1.74 -r1.75 pkgsrc/security/openssl/distinfo
pkgsrc-2010Q1 commitmail json YAML
Pullup ticket 3134 - requested by bouyer
build fix
Revisions pulled up:
- pkgsrc/security/py-smbpasswd/Makefile 1.6
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: bouyer
Date: Tue Jun 1 21:30:25 UTC 2010
Modified Files:
pkgsrc/security/py-smbpasswd: Makefile
Log Message:
Works fine with python2.6 too.
To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 pkgsrc/security/py-smbpasswd/Makefile
build fix
Revisions pulled up:
- pkgsrc/security/py-smbpasswd/Makefile 1.6
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: bouyer
Date: Tue Jun 1 21:30:25 UTC 2010
Modified Files:
pkgsrc/security/py-smbpasswd: Makefile
Log Message:
Works fine with python2.6 too.
To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 pkgsrc/security/py-smbpasswd/Makefile
pkgsrc-2010Q1 commitmail json YAML
pkgsrc/mail/mimedefang/Makefile@1.42.2.1
/
diff
pkgsrc/mail/mimedefang/distinfo@1.19.2.1 / diff
pkgsrc/mail/mimedefang/patches/patch-ad@1.1.2.2 / diff
pkgsrc/mail/mimedefang/distinfo@1.19.2.1 / diff
pkgsrc/mail/mimedefang/patches/patch-ad@1.1.2.2 / diff
Pullup ticket 3133 - requested by pettai
functionality fix
Revisions pulled up:
- pkgsrc/mail/mimedefang/Makefile 1.43
- pkgsrc/mail/mimedefang/distinfo 1.20
Files added:
pkgsrc/mail/mimedefang/patches/patch-ad
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: pettai
Date: Mon May 31 10:08:22 UTC 2010
Modified Files:
pkgsrc/mail/mimedefang: Makefile distinfo
Added Files:
pkgsrc/mail/mimedefang/patches: patch-ad
Log Message:
Fix for PR pkg/43380
To generate a diff of this commit:
cvs rdiff -u -r1.42 -r1.43 pkgsrc/mail/mimedefang/Makefile
cvs rdiff -u -r1.19 -r1.20 pkgsrc/mail/mimedefang/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/mail/mimedefang/patches/patch-ad
functionality fix
Revisions pulled up:
- pkgsrc/mail/mimedefang/Makefile 1.43
- pkgsrc/mail/mimedefang/distinfo 1.20
Files added:
pkgsrc/mail/mimedefang/patches/patch-ad
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: pettai
Date: Mon May 31 10:08:22 UTC 2010
Modified Files:
pkgsrc/mail/mimedefang: Makefile distinfo
Added Files:
pkgsrc/mail/mimedefang/patches: patch-ad
Log Message:
Fix for PR pkg/43380
To generate a diff of this commit:
cvs rdiff -u -r1.42 -r1.43 pkgsrc/mail/mimedefang/Makefile
cvs rdiff -u -r1.19 -r1.20 pkgsrc/mail/mimedefang/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/mail/mimedefang/patches/patch-ad
pkgsrc-2010Q1 commitmail json YAML
pkgsrc/databases/postgresql82-client/Makefile@1.12.2.2
/
diff
pkgsrc/databases/postgresql82-client/PLIST@1.17.4.3 / diff
pkgsrc/databases/postgresql83-client/Makefile@1.12.2.3 / diff
pkgsrc/databases/postgresql83-client/PLIST@1.11.4.2 / diff
pkgsrc/databases/postgresql82-client/PLIST@1.17.4.3 / diff
pkgsrc/databases/postgresql83-client/Makefile@1.12.2.3 / diff
pkgsrc/databases/postgresql83-client/PLIST@1.11.4.2 / diff
Pullup ticket 3132 - requested by joerg
build fix
Revisions pulled up:
- pkgsrc/databases/postgresql82-client/Makefile 1.16
- pkgsrc/databases/postgresql82-client/PLIST 1.21
- pkgsrc/databases/postgresql83-client/Makefile 1.16
- pkgsrc/databases/postgresql83-client/PLIST 1.13
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: joerg
Date: Sun May 30 11:51:19 UTC 2010
Modified Files:
pkgsrc/databases/postgresql82-client: Makefile PLIST
pkgsrc/databases/postgresql83-client: Makefile PLIST
Log Message:
Fix PLIST. Bump revision.
To generate a diff of this commit:
cvs rdiff -u -r1.15 -r1.16 pkgsrc/databases/postgresql82-client/Makefile
cvs rdiff -u -r1.20 -r1.21 pkgsrc/databases/postgresql82-client/PLIST
cvs rdiff -u -r1.15 -r1.16 pkgsrc/databases/postgresql83-client/Makefile
cvs rdiff -u -r1.12 -r1.13 pkgsrc/databases/postgresql83-client/PLIST
-------------------------------------------------------------------------
the PLIST update from:
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: adam
Date: Fri Apr 23 15:41:50 UTC 2010
Modified Files:
pkgsrc/databases/postgresql82-client: Makefile PLIST
Log Message:
PLIST fix
To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 pkgsrc/databases/postgresql82-client/Makefile
cvs rdiff -u -r1.18 -r1.19 pkgsrc/databases/postgresql82-client/PLIST
build fix
Revisions pulled up:
- pkgsrc/databases/postgresql82-client/Makefile 1.16
- pkgsrc/databases/postgresql82-client/PLIST 1.21
- pkgsrc/databases/postgresql83-client/Makefile 1.16
- pkgsrc/databases/postgresql83-client/PLIST 1.13
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: joerg
Date: Sun May 30 11:51:19 UTC 2010
Modified Files:
pkgsrc/databases/postgresql82-client: Makefile PLIST
pkgsrc/databases/postgresql83-client: Makefile PLIST
Log Message:
Fix PLIST. Bump revision.
To generate a diff of this commit:
cvs rdiff -u -r1.15 -r1.16 pkgsrc/databases/postgresql82-client/Makefile
cvs rdiff -u -r1.20 -r1.21 pkgsrc/databases/postgresql82-client/PLIST
cvs rdiff -u -r1.15 -r1.16 pkgsrc/databases/postgresql83-client/Makefile
cvs rdiff -u -r1.12 -r1.13 pkgsrc/databases/postgresql83-client/PLIST
-------------------------------------------------------------------------
the PLIST update from:
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: adam
Date: Fri Apr 23 15:41:50 UTC 2010
Modified Files:
pkgsrc/databases/postgresql82-client: Makefile PLIST
Log Message:
PLIST fix
To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 pkgsrc/databases/postgresql82-client/Makefile
cvs rdiff -u -r1.18 -r1.19 pkgsrc/databases/postgresql82-client/PLIST
MAIN commitmail json YAML
remove updated pkgs from the to-be-updated list: hobbitmon, inn, irrd, rt3
pkgsrc-2010Q1 commitmail json YAML
pullup #3114
pkgsrc-2010Q1 commitmail json YAML
Pullup ticket 3114 - requested by tron
security update
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.44
- pkgsrc/net/wireshark/distinfo 1.30
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu May 13 07:03:22 UTC 2010
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update "wireshark" package to version 1.2.8. Changes since 1.2.7:
- The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.
o The DOCSIS dissector could crash. (Bug 4644), (bug 4646) -->
Versions affected: 0.9.6 to 1.0.12, 1.2.0 to 1.2.7
- The following bugs have been fixed:
o HTTP parser limits with Content-Length. (Bug 1958)
o MATE dissector bug with GOGs. (Bug 3010)
o Changing fonts and deleting system time from preferences,
results in wireshark crash. (Bug 3387)
o ERF file starting with record with timestamp=3D0,1 or 2 not
recognized as ERF file. (Bug 4503)
o The SSL dissector can not correctly resemple SSL records when
the record header is spit between packets. (Bug 4535)
o TCP reassembly can call subdissector with incorrect TCP
sequence number. (Bug 4624)
o PTP dissector displays big correction field values wrong. (Bug
4635)
o MSF is at Anthorn, not Rugby. (Bug 4678)
o ProtoField __tostring() description is missing in Wireshark's
Lua API Reference Manual. (Bug 4695)
o EVRC packet bundling not handled correctly. (Bug 4718)
o Completely unresponsive when run very first time by root user.
(Bug 4308)
- Updated Protocol Support: DOCSIS, HTTP, SSL
- Updated Capture File Support: ERF, PacketLogger.
To generate a diff of this commit:
cvs rdiff -u -r1.43 -r1.44 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.29 -r1.30 pkgsrc/net/wireshark/distinfo
security update
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.44
- pkgsrc/net/wireshark/distinfo 1.30
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu May 13 07:03:22 UTC 2010
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update "wireshark" package to version 1.2.8. Changes since 1.2.7:
- The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.
o The DOCSIS dissector could crash. (Bug 4644), (bug 4646) -->
Versions affected: 0.9.6 to 1.0.12, 1.2.0 to 1.2.7
- The following bugs have been fixed:
o HTTP parser limits with Content-Length. (Bug 1958)
o MATE dissector bug with GOGs. (Bug 3010)
o Changing fonts and deleting system time from preferences,
results in wireshark crash. (Bug 3387)
o ERF file starting with record with timestamp=3D0,1 or 2 not
recognized as ERF file. (Bug 4503)
o The SSL dissector can not correctly resemple SSL records when
the record header is spit between packets. (Bug 4535)
o TCP reassembly can call subdissector with incorrect TCP
sequence number. (Bug 4624)
o PTP dissector displays big correction field values wrong. (Bug
4635)
o MSF is at Anthorn, not Rugby. (Bug 4678)
o ProtoField __tostring() description is missing in Wireshark's
Lua API Reference Manual. (Bug 4695)
o EVRC packet bundling not handled correctly. (Bug 4718)
o Completely unresponsive when run very first time by root user.
(Bug 4308)
- Updated Protocol Support: DOCSIS, HTTP, SSL
- Updated Capture File Support: ERF, PacketLogger.
To generate a diff of this commit:
cvs rdiff -u -r1.43 -r1.44 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.29 -r1.30 pkgsrc/net/wireshark/distinfo
pkgsrc-2010Q1 commitmail json YAML
pullup #3108
pkgsrc-2010Q1 commitmail json YAML
pkgsrc/mail/fetchmail/MESSAGE@1.1.2.2
/
diff
pkgsrc/mail/fetchmail/Makefile@1.171.2.1 / diff
pkgsrc/mail/fetchmail/distinfo@1.41.2.1 / diff
pkgsrc/mail/fetchmail/patches/patch-aa@1.8.2.2 / diff
pkgsrc/mail/fetchmailconf/Makefile@1.78.2.1 / diff
pkgsrc/mail/fetchmail/Makefile@1.171.2.1 / diff
pkgsrc/mail/fetchmail/distinfo@1.41.2.1 / diff
pkgsrc/mail/fetchmail/patches/patch-aa@1.8.2.2 / diff
pkgsrc/mail/fetchmailconf/Makefile@1.78.2.1 / diff
Pullup ticket 3108 - requested by tez and tron
security update
Revisions pulled up:
- pkgsrc/mail/fetchmail/Makefile 1.173
- pkgsrc/mail/fetchmail/distinfo 1.43
- pkgsrc/mail/fetchmailconf/Makefile 1.79
Files added:
pkgsrc/mail/fetchmail/MESSAGE
pkgsrc/mail/fetchmail/patches/patch-aa
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tez
Date: Sat May 8 15:34:59 UTC 2010
Modified Files:
pkgsrc/mail/fetchmail: Makefile distinfo
Added Files:
pkgsrc/mail/fetchmail: MESSAGE
Log Message:
Update to 6.3.17 per PR#43269
fetchmail-6.3.17 (released 2010-05-06, 25767 LoC):
# SECURITY FIX
* CVE-2010-1167: Fetchmail before release 6.3.17 did not properly sanitize
external input (mail headers and UID). When a multi-character locale (such as
# FEATURES
* Fetchmail now supports a --sslcertfile <file> option to specify a "CA bundle"
file (a file that contains trusted CA certificates). Since these bundled CA
files do not require c_rehash to be run, they are easier to use and immune to
OpenSSL library updates that affect the hash function.
* Fetchmail now supports a FETCHMAIL_INCLUDE_DEFAULT_X509_CA_CERTS
environment variable to force loading the default SSL CA certificate
locations even if --sslcertfile or --sslcertpath is used.
If neither option is in effect, fetchmail loads the default locations.
# REGRESSION FIX
* Fix string handling in rcfile scanner, which caused fetchmail to misparse a
run control file in certain circumstances. Fixes BerliOS bug #14257.
Patch by Michael Banack. This fixes a regression introduced before 6.3.0.
# BUG FIXES
* Plug memory leak when using a "defaults" entry in the run control file.
* Do not print SSL certificate mismatches unless verbose or --sslcertck is
enabled.
* Do not lose "set invisible" in fetchmailconf. (Michael Barnack)
# CHANGES
* Usability: SSL certificate chains are fully printed in -v -v mode, and there
are now helpful pointers to --sslcertpath and c_rehash for "unable to get
local issuer certificate" and self-signed certificates -- these usually hint
to missing root signing CAs in the certs directory.
* Several fixes for compiler (GCC, Intel C++, CLang) and autotools warnings
* Memory allocation failures will now cause abnormal program abort (SIGABRT),
no longer an exit with unspecified code.
# DOCUMENTATION
* Fix table of global option to read "set softbounce" where there used to be a
2nd copy of "set spambounce". Patch by Michael Banack, BerliOS Bug #17067.
* In the --sslcertpath description, mention that OpenSSL upgrade (and a 0.9.X
to 1.0.0 upgrade in particular) may require running c_rehash.
# TRANSLATION UPDATES
[zh_CN] Chinese/simplified (Ji Zheng-Yu)
[cs] Czech (Petr Pisar)
[nl] Dutch (Erwin Poeze)
[fr] French (Fr\xc3<A9>d\xc3<A9>ric Marchal)
[de] German
[id] Indonesian (Andhika Padmawan)
[it] Italian (Vincenzo Campanella)
[ja] Japanese (Takeshi Hamasaki)
[pl] Polish (Jakub Bogusz)
[sk] Slovak (Marcel Telka)
[vi] Vietnamese (Clytie Siddall)
# KNOWN BUGS AND WORKAROUNDS:
(this section floats upwards through the NEWS file so it stays with the
current release information - however, it was stuck with 6.3.8 for a while)
* fetchmail does not handle messages without Message-ID header well
(See sourceforge.net bug #780933)
* BSMTP is mostly untested and errors can cause corrupt output.
* Sun Workshop 6 (SPARC) is known to miscompile the configuration file lexer in
64-bit mode. Either compile 32-bit code or use GCC to compile 64-bit
fetchmail. Note that fetchmail doesn't take advantage of 64-bit code,
so compiling 32-bit SPARC code should not cause any difficulties.
* fetchmail does not track pending deletes over crashes
* the command line interface is sometimes a bit stubborn, for instance,
fetchmail -s doesn't work with a daemon running
fetchmail-6.3.16 (released 2010-04-06, 25574 LoC):
# BUG FIX
* Fix --interface option, broken in 6.3.15. Reported by Vladmimir Stavrinov.
Fixes Debian Bug #576717.
# CHANGE
* Call OpenSSL_add_all_algorithms(). This is needed to support non-mandatory
and non-standard algorithms in certificates.
Sjoerd Simons, to fix Debian Bug #576430.
OpenSSL 0.9.8* does not load - for instance - the SHA256 digest by default.
Reported as OpenSSL RT#2224.
fetchmail-6.3.15 (released 2010-03-28, 25572 LoC):
# FEATURE
* Fetchmail now supports a bad-header command line or rcfile option that takes
exactly one argument, accept or reject (default). This specifies how messages
with bad headers retrieved from the current server are to be treated.
# BUG FIXES
* In the rcfile, recognize "local" as abbreviation for "localdomains", as
documented. The short form has not ever worked since this feature was added in
January 1997. Reported by Fr\xc3<A9>d\xc3<A9>ric Marchal.
* Do not close stdout when using mda and "bsmtp -" at the same time.
* Log operating system errors when BSMTP writes fail.
* Fix verbose mode progress formatting regression from 6.3.10; SMTP trace lines
were no longer on a line of their own. Reported by Melchior Franz.
* Check seteuid() return value and abort running MDA if switch fails.
* Set global flags in a consistent manner. Make --nosoftbounce and
--nobounce work from command line (these used to work in rcfiles).
Reported and fix confirmed working by N.J. Mann. (Sunil Shetye)
* Properly import h_errno declarations, even on systems where h_errno isn't a
macro. (Adds ./configure check, fixes Cygwin dllimport warnings.)
# CHANGES
* The repository has been converted and moved from the Subversion (SVN) format
kindly hosted by Graham Wilson over the past years to Git format hosted on
Gitorious.org. My deepest thanks to Graham Wilson for this service that
kept us going when BerliOS's Subversion service was faulty in its early days.
* This opportunity was used to convert BRANCH_6-2 and BRANCH_1-9-9 to
GnuPG-signed tags, as a sign that these are now closed.
* The outdated SVN trunk is now called "oldtrunk" in Git just to save the work
for future reference. All development in the past few years was on BRANCH_6-3.
* master was branched from BRANCH_6-3. BRANCH_6-3 is now obsolete (and in fact
was also converted to a tag to record where the conversion from SVN to Git
took place).
* "make check" now skips HTML validation if xmllint or XHTML DTD are missing.
# DOCUMENTATION
* Web site and documentation were adjusted to reflect the SVN->Git move.
* The fetchmail manual page is now much clearer on the user id switching
(seteuid) when using --mda while running as the super user.
# TRANSLATION UPDATES, by language name
* [zh_CN] Chinese (Simplified), by Ji Zheng-Yu
* [cs] Czech, by Petr Pisar
* [nl] Dutch, by Erwin Poeze
* [fr] French, by Fr\xc3<A9>d\xc3<A9>ric Marchal
* [de] German
* [id] Indonesian, by Andhika Padmawan
* [it] Italian, by Vincenzo Campanella
* [ja] Japanese, by Takeshi Hamasaki
* [pl] Polish, by Jakub Bogusz
* [vi] Vietnamese, by Clytie Siddall
To generate a diff of this commit:
cvs rdiff -u -r0 -r1.1 pkgsrc/mail/fetchmail/MESSAGE
cvs rdiff -u -r1.171 -r1.172 pkgsrc/mail/fetchmail/Makefile
cvs rdiff -u -r1.41 -r1.42 pkgsrc/mail/fetchmail/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sun May 9 11:45:28 UTC 2010
Modified Files:
pkgsrc/mail/fetchmail: Makefile distinfo
Added Files:
pkgsrc/mail/fetchmail/patches: patch-aa
Log Message:
Add patch by Matthias Andree to avoid warnings about insecure connections
if SSL fingerprints are used.
To generate a diff of this commit:
cvs rdiff -u -r1.172 -r1.173 pkgsrc/mail/fetchmail/Makefile
cvs rdiff -u -r1.42 -r1.43 pkgsrc/mail/fetchmail/distinfo
cvs rdiff -u -r0 -r1.8 pkgsrc/mail/fetchmail/patches/patch-aa
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sun May 9 11:54:21 UTC 2010
Modified Files:
pkgsrc/mail/fetchmailconf: Makefile
Log Message:
Unbreak "fetchmailconf" package by updating it to version 6.3.17 as well.
Changes since version 6.3.14:
# BUG FIXES
* Do not lose "set invisible" in fetchmailconf. (Michael Barnack)
To generate a diff of this commit:
cvs rdiff -u -r1.78 -r1.79 pkgsrc/mail/fetchmailconf/Makefile
security update
Revisions pulled up:
- pkgsrc/mail/fetchmail/Makefile 1.173
- pkgsrc/mail/fetchmail/distinfo 1.43
- pkgsrc/mail/fetchmailconf/Makefile 1.79
Files added:
pkgsrc/mail/fetchmail/MESSAGE
pkgsrc/mail/fetchmail/patches/patch-aa
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tez
Date: Sat May 8 15:34:59 UTC 2010
Modified Files:
pkgsrc/mail/fetchmail: Makefile distinfo
Added Files:
pkgsrc/mail/fetchmail: MESSAGE
Log Message:
Update to 6.3.17 per PR#43269
fetchmail-6.3.17 (released 2010-05-06, 25767 LoC):
# SECURITY FIX
* CVE-2010-1167: Fetchmail before release 6.3.17 did not properly sanitize
external input (mail headers and UID). When a multi-character locale (such as
# FEATURES
* Fetchmail now supports a --sslcertfile <file> option to specify a "CA bundle"
file (a file that contains trusted CA certificates). Since these bundled CA
files do not require c_rehash to be run, they are easier to use and immune to
OpenSSL library updates that affect the hash function.
* Fetchmail now supports a FETCHMAIL_INCLUDE_DEFAULT_X509_CA_CERTS
environment variable to force loading the default SSL CA certificate
locations even if --sslcertfile or --sslcertpath is used.
If neither option is in effect, fetchmail loads the default locations.
# REGRESSION FIX
* Fix string handling in rcfile scanner, which caused fetchmail to misparse a
run control file in certain circumstances. Fixes BerliOS bug #14257.
Patch by Michael Banack. This fixes a regression introduced before 6.3.0.
# BUG FIXES
* Plug memory leak when using a "defaults" entry in the run control file.
* Do not print SSL certificate mismatches unless verbose or --sslcertck is
enabled.
* Do not lose "set invisible" in fetchmailconf. (Michael Barnack)
# CHANGES
* Usability: SSL certificate chains are fully printed in -v -v mode, and there
are now helpful pointers to --sslcertpath and c_rehash for "unable to get
local issuer certificate" and self-signed certificates -- these usually hint
to missing root signing CAs in the certs directory.
* Several fixes for compiler (GCC, Intel C++, CLang) and autotools warnings
* Memory allocation failures will now cause abnormal program abort (SIGABRT),
no longer an exit with unspecified code.
# DOCUMENTATION
* Fix table of global option to read "set softbounce" where there used to be a
2nd copy of "set spambounce". Patch by Michael Banack, BerliOS Bug #17067.
* In the --sslcertpath description, mention that OpenSSL upgrade (and a 0.9.X
to 1.0.0 upgrade in particular) may require running c_rehash.
# TRANSLATION UPDATES
[zh_CN] Chinese/simplified (Ji Zheng-Yu)
[cs] Czech (Petr Pisar)
[nl] Dutch (Erwin Poeze)
[fr] French (Fr\xc3<A9>d\xc3<A9>ric Marchal)
[de] German
[id] Indonesian (Andhika Padmawan)
[it] Italian (Vincenzo Campanella)
[ja] Japanese (Takeshi Hamasaki)
[pl] Polish (Jakub Bogusz)
[sk] Slovak (Marcel Telka)
[vi] Vietnamese (Clytie Siddall)
# KNOWN BUGS AND WORKAROUNDS:
(this section floats upwards through the NEWS file so it stays with the
current release information - however, it was stuck with 6.3.8 for a while)
* fetchmail does not handle messages without Message-ID header well
(See sourceforge.net bug #780933)
* BSMTP is mostly untested and errors can cause corrupt output.
* Sun Workshop 6 (SPARC) is known to miscompile the configuration file lexer in
64-bit mode. Either compile 32-bit code or use GCC to compile 64-bit
fetchmail. Note that fetchmail doesn't take advantage of 64-bit code,
so compiling 32-bit SPARC code should not cause any difficulties.
* fetchmail does not track pending deletes over crashes
* the command line interface is sometimes a bit stubborn, for instance,
fetchmail -s doesn't work with a daemon running
fetchmail-6.3.16 (released 2010-04-06, 25574 LoC):
# BUG FIX
* Fix --interface option, broken in 6.3.15. Reported by Vladmimir Stavrinov.
Fixes Debian Bug #576717.
# CHANGE
* Call OpenSSL_add_all_algorithms(). This is needed to support non-mandatory
and non-standard algorithms in certificates.
Sjoerd Simons, to fix Debian Bug #576430.
OpenSSL 0.9.8* does not load - for instance - the SHA256 digest by default.
Reported as OpenSSL RT#2224.
fetchmail-6.3.15 (released 2010-03-28, 25572 LoC):
# FEATURE
* Fetchmail now supports a bad-header command line or rcfile option that takes
exactly one argument, accept or reject (default). This specifies how messages
with bad headers retrieved from the current server are to be treated.
# BUG FIXES
* In the rcfile, recognize "local" as abbreviation for "localdomains", as
documented. The short form has not ever worked since this feature was added in
January 1997. Reported by Fr\xc3<A9>d\xc3<A9>ric Marchal.
* Do not close stdout when using mda and "bsmtp -" at the same time.
* Log operating system errors when BSMTP writes fail.
* Fix verbose mode progress formatting regression from 6.3.10; SMTP trace lines
were no longer on a line of their own. Reported by Melchior Franz.
* Check seteuid() return value and abort running MDA if switch fails.
* Set global flags in a consistent manner. Make --nosoftbounce and
--nobounce work from command line (these used to work in rcfiles).
Reported and fix confirmed working by N.J. Mann. (Sunil Shetye)
* Properly import h_errno declarations, even on systems where h_errno isn't a
macro. (Adds ./configure check, fixes Cygwin dllimport warnings.)
# CHANGES
* The repository has been converted and moved from the Subversion (SVN) format
kindly hosted by Graham Wilson over the past years to Git format hosted on
Gitorious.org. My deepest thanks to Graham Wilson for this service that
kept us going when BerliOS's Subversion service was faulty in its early days.
* This opportunity was used to convert BRANCH_6-2 and BRANCH_1-9-9 to
GnuPG-signed tags, as a sign that these are now closed.
* The outdated SVN trunk is now called "oldtrunk" in Git just to save the work
for future reference. All development in the past few years was on BRANCH_6-3.
* master was branched from BRANCH_6-3. BRANCH_6-3 is now obsolete (and in fact
was also converted to a tag to record where the conversion from SVN to Git
took place).
* "make check" now skips HTML validation if xmllint or XHTML DTD are missing.
# DOCUMENTATION
* Web site and documentation were adjusted to reflect the SVN->Git move.
* The fetchmail manual page is now much clearer on the user id switching
(seteuid) when using --mda while running as the super user.
# TRANSLATION UPDATES, by language name
* [zh_CN] Chinese (Simplified), by Ji Zheng-Yu
* [cs] Czech, by Petr Pisar
* [nl] Dutch, by Erwin Poeze
* [fr] French, by Fr\xc3<A9>d\xc3<A9>ric Marchal
* [de] German
* [id] Indonesian, by Andhika Padmawan
* [it] Italian, by Vincenzo Campanella
* [ja] Japanese, by Takeshi Hamasaki
* [pl] Polish, by Jakub Bogusz
* [vi] Vietnamese, by Clytie Siddall
To generate a diff of this commit:
cvs rdiff -u -r0 -r1.1 pkgsrc/mail/fetchmail/MESSAGE
cvs rdiff -u -r1.171 -r1.172 pkgsrc/mail/fetchmail/Makefile
cvs rdiff -u -r1.41 -r1.42 pkgsrc/mail/fetchmail/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sun May 9 11:45:28 UTC 2010
Modified Files:
pkgsrc/mail/fetchmail: Makefile distinfo
Added Files:
pkgsrc/mail/fetchmail/patches: patch-aa
Log Message:
Add patch by Matthias Andree to avoid warnings about insecure connections
if SSL fingerprints are used.
To generate a diff of this commit:
cvs rdiff -u -r1.172 -r1.173 pkgsrc/mail/fetchmail/Makefile
cvs rdiff -u -r1.42 -r1.43 pkgsrc/mail/fetchmail/distinfo
cvs rdiff -u -r0 -r1.8 pkgsrc/mail/fetchmail/patches/patch-aa
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sun May 9 11:54:21 UTC 2010
Modified Files:
pkgsrc/mail/fetchmailconf: Makefile
Log Message:
Unbreak "fetchmailconf" package by updating it to version 6.3.17 as well.
Changes since version 6.3.14:
# BUG FIXES
* Do not lose "set invisible" in fetchmailconf. (Michael Barnack)
To generate a diff of this commit:
cvs rdiff -u -r1.78 -r1.79 pkgsrc/mail/fetchmailconf/Makefile
pkgsrc-2010Q1 commitmail json YAML
pullup #3092
pkgsrc-2010Q1 commitmail json YAML
pkgsrc/wm/golem/distinfo@1.5.4.1
/
diff
pkgsrc/wm/golem/patches/patch-ah@1.1.2.2 / diff
pkgsrc/wm/golem/patches/patch-ai@1.1.2.2 / diff
pkgsrc/wm/golem/patches/patch-aj@1.1.2.2 / diff
pkgsrc/wm/golem/patches/patch-ah@1.1.2.2 / diff
pkgsrc/wm/golem/patches/patch-ai@1.1.2.2 / diff
pkgsrc/wm/golem/patches/patch-aj@1.1.2.2 / diff
Pullup ticket 3092 - requested by dholland
build fix
Revisions pulled up:
- pkgsrc/wm/golem/distinfo 1.7
Files added:
pkgsrc/wm/golem/patches/patch-ah
pkgsrc/wm/golem/patches/patch-ai
pkgsrc/wm/golem/patches/patch-aj
--------------------------------------------------------------------
Module Name: pkgsrc
Committed By: dholland
Date: Sat Apr 24 19:28:31 UTC 2010
Modified Files:
pkgsrc/wm/golem: distinfo
Added Files:
pkgsrc/wm/golem/patches: patch-ah patch-ai
Log Message:
Fix energizer-bunny-makefiles.
To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 pkgsrc/wm/golem/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/wm/golem/patches/patch-ah \
pkgsrc/wm/golem/patches/patch-ai
--------------------------------------------------------------------
Module Name: pkgsrc
Committed By: dholland
Date: Sat Apr 24 19:36:14 UTC 2010
Modified Files:
pkgsrc/wm/golem: distinfo
Added Files:
pkgsrc/wm/golem/patches: patch-aj
Log Message:
Hack around build problem with -current's lex.
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 pkgsrc/wm/golem/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/wm/golem/patches/patch-aj
build fix
Revisions pulled up:
- pkgsrc/wm/golem/distinfo 1.7
Files added:
pkgsrc/wm/golem/patches/patch-ah
pkgsrc/wm/golem/patches/patch-ai
pkgsrc/wm/golem/patches/patch-aj
--------------------------------------------------------------------
Module Name: pkgsrc
Committed By: dholland
Date: Sat Apr 24 19:28:31 UTC 2010
Modified Files:
pkgsrc/wm/golem: distinfo
Added Files:
pkgsrc/wm/golem/patches: patch-ah patch-ai
Log Message:
Fix energizer-bunny-makefiles.
To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 pkgsrc/wm/golem/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/wm/golem/patches/patch-ah \
pkgsrc/wm/golem/patches/patch-ai
--------------------------------------------------------------------
Module Name: pkgsrc
Committed By: dholland
Date: Sat Apr 24 19:36:14 UTC 2010
Modified Files:
pkgsrc/wm/golem: distinfo
Added Files:
pkgsrc/wm/golem/patches: patch-aj
Log Message:
Hack around build problem with -current's lex.
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 pkgsrc/wm/golem/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/wm/golem/patches/patch-aj
pkgsrc-2010Q1 commitmail json YAML
pullup #3086
pkgsrc-2010Q1 commitmail json YAML
pkgsrc/databases/mysql51-client/Makefile@1.3.2.1
/
diff
pkgsrc/databases/mysql51-client/Makefile.common@1.4.2.1 / diff
pkgsrc/databases/mysql51-client/distinfo@1.1.1.1.2.1 / diff
pkgsrc/databases/mysql51-server/Makefile@1.3.2.1 / diff
pkgsrc/databases/mysql51-server/PLIST@1.2.2.1 / diff
pkgsrc/databases/mysql51-server/distinfo@1.2.2.1 / diff
pkgsrc/databases/mysql51-server/patches/patch-av@1.1.2.2 / diff
pkgsrc/databases/mysql51-client/Makefile.common@1.4.2.1 / diff
pkgsrc/databases/mysql51-client/distinfo@1.1.1.1.2.1 / diff
pkgsrc/databases/mysql51-server/Makefile@1.3.2.1 / diff
pkgsrc/databases/mysql51-server/PLIST@1.2.2.1 / diff
pkgsrc/databases/mysql51-server/distinfo@1.2.2.1 / diff
pkgsrc/databases/mysql51-server/patches/patch-av@1.1.2.2 / diff
Pullup ticket 3086 - requested by taca
security update
Revisions pulled up:
- pkgsrc/databases/mysql51-client/Makefile 1.4
- pkgsrc/databases/mysql51-client/Makefile.common 1.5
- pkgsrc/databases/mysql51-client/distinfo 1.2
- pkgsrc/databases/mysql51-server/Makefile 1.4
- pkgsrc/databases/mysql51-server/PLIST 1.3
- pkgsrc/databases/mysql51-server/distinfo 1.3
Files added:
pkgsrc/databases/mysql51-server/patches/patch-av
--------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Tue Apr 20 22:58:10 UTC 2010
Modified Files:
pkgsrc/databases/mysql51-client: Makefile Makefile.common distinfo
pkgsrc/databases/mysql51-server: Makefile PLIST distinfo
Added Files:
pkgsrc/databases/mysql51-server/patches: patch-av
Log Message:
Update mysql51-client/mysql51-server package to 5.1.45.
This is maintainous release and please refer for full changes:
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-45.html
Added a patch for recent security problem to mysql51-server, too.
http://secunia.com/advisories/39454
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/databases/mysql51-client/Makefile
cvs rdiff -u -r1.4 -r1.5 pkgsrc/databases/mysql51-client/Makefile.common
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/databases/mysql51-client/distinfo
cvs rdiff -u -r1.3 -r1.4 pkgsrc/databases/mysql51-server/Makefile
cvs rdiff -u -r1.2 -r1.3 pkgsrc/databases/mysql51-server/PLIST \
pkgsrc/databases
security update
Revisions pulled up:
- pkgsrc/databases/mysql51-client/Makefile 1.4
- pkgsrc/databases/mysql51-client/Makefile.common 1.5
- pkgsrc/databases/mysql51-client/distinfo 1.2
- pkgsrc/databases/mysql51-server/Makefile 1.4
- pkgsrc/databases/mysql51-server/PLIST 1.3
- pkgsrc/databases/mysql51-server/distinfo 1.3
Files added:
pkgsrc/databases/mysql51-server/patches/patch-av
--------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Tue Apr 20 22:58:10 UTC 2010
Modified Files:
pkgsrc/databases/mysql51-client: Makefile Makefile.common distinfo
pkgsrc/databases/mysql51-server: Makefile PLIST distinfo
Added Files:
pkgsrc/databases/mysql51-server/patches: patch-av
Log Message:
Update mysql51-client/mysql51-server package to 5.1.45.
This is maintainous release and please refer for full changes:
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-45.html
Added a patch for recent security problem to mysql51-server, too.
http://secunia.com/advisories/39454
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/databases/mysql51-client/Makefile
cvs rdiff -u -r1.4 -r1.5 pkgsrc/databases/mysql51-client/Makefile.common
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/databases/mysql51-client/distinfo
cvs rdiff -u -r1.3 -r1.4 pkgsrc/databases/mysql51-server/Makefile
cvs rdiff -u -r1.2 -r1.3 pkgsrc/databases/mysql51-server/PLIST \
pkgsrc/databases
MAIN commitmail json YAML
note updates of inn, irrtoolset5 and irssi
MAIN commitmail json YAML
pkgsrc/chat/irssi-icb/distinfo@1.15
/
diff
pkgsrc/chat/irssi/Makefile.common@1.11 / diff
pkgsrc/chat/irssi/distinfo@1.31 / diff
pkgsrc/chat/irssi/Makefile.common@1.11 / diff
pkgsrc/chat/irssi/distinfo@1.31 / diff
updating irssi to next version (0.8.15). Changelog:
Features:
* Add active_window_ignore_refnum option With active_window_ignore_refnum ON, the current behavior for the active_window key (meta-a by default) is preserved: it switches to the window with the highest activity level that was last activated. With active_window_ignore_refnum OFF, the old behavior is used: it switches to the window with the highest activity level with the lowest refnum. (by Matt Sparks, bug #667)
* Show new Charybdis +q list in channel windows (numerics 728 and 729).
* Allow servers to belong to multiple networks.
* Improve paste detection. Irssi now detects a paste if it reads at least three bytes in a single read; subsequent reads are associated to the same paste if they happen before 'paste_detect_time' time since the last read. If no read occurs after 'paste_detect_time' time the paste buffer is flushed; if there is at least one complete line its content is sent as a paste, otherwise it is processed normally.
* Show "target changing too fast" messages in the channel/query window.
* Use default trusted CAs if nothing is specified. This allows useful use of -ssl_verify without -ssl_cafile/-ssl_capath, using OpenSSL's default trusted CAs.
* Show why an SSL certificate failed validation.
* Make own nick and actions use default colour instead of white (by Tim Retout).
Bugfixes:
* Change some characters illegal in Windows filenames to underscores in logs
* Fix disconnects when sending large amounts of data over SSL
* Show all nicks instead of just the first in an /accept * listing (Bug #704)
* Make several signals without parameters available to perl again. In particular, this includes the "beep" signal (by Matt Sparks, bug #674)
* Close the config file fd after saving (by Sven Wegener)
* Check if an SSL certificate matches the hostname of the server we are connecting to.
* Fix bash'isms, use command -v instead of which and use bc -l in /CALC.
* Fix a crash with handling the DCC queue.
* Fix crash when checking for fuzzy nick match when not on the channel. Reported by Aurelien Delaitre (SATE 2009).
Features:
* Add active_window_ignore_refnum option With active_window_ignore_refnum ON, the current behavior for the active_window key (meta-a by default) is preserved: it switches to the window with the highest activity level that was last activated. With active_window_ignore_refnum OFF, the old behavior is used: it switches to the window with the highest activity level with the lowest refnum. (by Matt Sparks, bug #667)
* Show new Charybdis +q list in channel windows (numerics 728 and 729).
* Allow servers to belong to multiple networks.
* Improve paste detection. Irssi now detects a paste if it reads at least three bytes in a single read; subsequent reads are associated to the same paste if they happen before 'paste_detect_time' time since the last read. If no read occurs after 'paste_detect_time' time the paste buffer is flushed; if there is at least one complete line its content is sent as a paste, otherwise it is processed normally.
* Show "target changing too fast" messages in the channel/query window.
* Use default trusted CAs if nothing is specified. This allows useful use of -ssl_verify without -ssl_cafile/-ssl_capath, using OpenSSL's default trusted CAs.
* Show why an SSL certificate failed validation.
* Make own nick and actions use default colour instead of white (by Tim Retout).
Bugfixes:
* Change some characters illegal in Windows filenames to underscores in logs
* Fix disconnects when sending large amounts of data over SSL
* Show all nicks instead of just the first in an /accept * listing (Bug #704)
* Make several signals without parameters available to perl again. In particular, this includes the "beep" signal (by Matt Sparks, bug #674)
* Close the config file fd after saving (by Sven Wegener)
* Check if an SSL certificate matches the hostname of the server we are connecting to.
* Fix bash'isms, use command -v instead of which and use bc -l in /CALC.
* Fix a crash with handling the DCC queue.
* Fix crash when checking for fuzzy nick match when not on the channel. Reported by Aurelien Delaitre (SATE 2009).
pkgsrc-2010Q1 commitmail json YAML
pullup 3079
pkgsrc-2010Q1 commitmail json YAML
pkgsrc/security/sudo/Makefile@1.119.2.1
/
diff
pkgsrc/security/sudo/distinfo@1.61.2.1 / diff
pkgsrc/security/sudo/patches/patch-aa@1.22.4.1 / diff
pkgsrc/security/sudo/distinfo@1.61.2.1 / diff
pkgsrc/security/sudo/patches/patch-aa@1.22.4.1 / diff
Pullup ticket 3079 - requested by taca
security update
Revisions pulled up:
- pkgsrc/security/sudo/Makefile 1.120
- pkgsrc/security/sudo/distinfo 1.62
- pkgsrc/security/sudo/patches/patch-aa 1.23
--------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Fri Apr 16 15:33:52 UTC 2010
Modified Files:
pkgsrc/security/sudo: Makefile distinfo
pkgsrc/security/sudo/patches: patch-aa
Log Message:
Update sudo package from sudo-1.7.2p4 to sudo-1.7.2p6.
Sudo versions 1.7.2p6 and 1.6.9p22 are now available. These releases
fix a privilege escalation bug in the sudoedit functionality.
Summary:
A flaw exists in sudo's -e option (aka sudoedit) in sudo versions
1.6.8 through 1.7.2p5 that may give a user with permission to
run sudoedit the ability to run arbitrary commands. This bug
is related to, but distinct from, CVE 2010-0426.
Sudo versions affected:
1.6.8 through 1.7.2p5 inclusive.
To generate a diff of this commit:
cvs rdiff -u -r1.119 -r1.120 pkgsrc/security/sudo/Makefile
cvs rdiff -u -r1.61 -r1.62 pkgsrc/security/sudo/distinfo
cvs rdiff -u -r1.22 -r1.23 pkgsrc/security/sudo/patches/patch-aa
security update
Revisions pulled up:
- pkgsrc/security/sudo/Makefile 1.120
- pkgsrc/security/sudo/distinfo 1.62
- pkgsrc/security/sudo/patches/patch-aa 1.23
--------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Fri Apr 16 15:33:52 UTC 2010
Modified Files:
pkgsrc/security/sudo: Makefile distinfo
pkgsrc/security/sudo/patches: patch-aa
Log Message:
Update sudo package from sudo-1.7.2p4 to sudo-1.7.2p6.
Sudo versions 1.7.2p6 and 1.6.9p22 are now available. These releases
fix a privilege escalation bug in the sudoedit functionality.
Summary:
A flaw exists in sudo's -e option (aka sudoedit) in sudo versions
1.6.8 through 1.7.2p5 that may give a user with permission to
run sudoedit the ability to run arbitrary commands. This bug
is related to, but distinct from, CVE 2010-0426.
Sudo versions affected:
1.6.8 through 1.7.2p5 inclusive.
To generate a diff of this commit:
cvs rdiff -u -r1.119 -r1.120 pkgsrc/security/sudo/Makefile
cvs rdiff -u -r1.61 -r1.62 pkgsrc/security/sudo/distinfo
cvs rdiff -u -r1.22 -r1.23 pkgsrc/security/sudo/patches/patch-aa
MAIN commitmail json YAML
adding a message + Makefile beautification
MAIN commitmail json YAML
Makefile style improvements
MAIN commitmail json YAML
update to irrtoolset5 release version
updating LICENSE
updating LICENSE
MAIN commitmail json YAML
pkgsrc/news/inn/Makefile@1.103
/
diff
pkgsrc/news/inn/distinfo@1.26 / diff
pkgsrc/news/inn/options.mk@1.6 / diff
pkgsrc/news/inn/patches/patch-ab@1.10 / diff
pkgsrc/news/inn/distinfo@1.26 / diff
pkgsrc/news/inn/options.mk@1.6 / diff
pkgsrc/news/inn/patches/patch-ab@1.10 / diff
update from 2.5.1 -> 2.5.2
Vendor update message (excerpt):
Many thanks to Julien �LIE for preparing this release.
Special notes:
The way checkpoints are handled by innreport for innd and innfeed has totally changed to provide more accurate daily statistics. The first Usenet report after an upgrade to INN 2.5.2 will probably contain incorrect statistics for incoming and outgoing articles because the beginning of the log files that will be used was generated by a previous version of INN.
A new version of innreport.conf is shipped with INN 2.5.2 but, in order to preserve any local changes, will not be automatically installed with make update. The changes are minor and not mandatory for the upgrade.
Changes from 2.5.1 to 2.5.2
* Julien Elie has implemented in innd the new version of the NNTP protocol described in RFC 3977, RFC 4643 and RFC 4644, and innd now recognizes the CAPABILITIES command. Despite these standards, three commands (IHAVE, CHECK and TAKETHIS) will continue, for interoperability reasons, to return a reject code (respectively 435, 438, and 439) when the command contains a syntax error instead of 501. The mandatory username argument for authenticated peers is not enforced in INN 2.5.2 but will be be enforced by INN 2.6.0 when it is released.
Major improvements are:
* innd now has a decent parser for NNTP commands. The parser is more correct (commands like "IHAVEZ<>", without a space between the command and its argument, are no longer valid) and allows leading and trailing whitespaces in commands. innd also now checks the length of the NNTP command sent by the client. If the command contains more than 512 bytes (or 497 bytes for an argument), an error is returned and the command is discarded. After ten unrecognized commands, innd closes the connection with the appropriate code (400 instead of 500).
* The output of the HELP command specifies the arguments expected by NNTP commands, similar to nnrpd's HELP command.
* LIST ACTIVE, LIST ACTIVE.TIMES and LIST NEWSGROUPS now allow an optional wildmat argument to restrict the results of those commands to specific newsgroups.
* When using HEAD or STAT with an article number or a range, 412 (no group selected) is now returned instead of 501 (syntax error).
* Jeffrey M. Vinocur has implemented support in both innd and nnrpd for whitespace in usernames/passwords provided with AUTHINFO USER/PASS. They were previously treated as invalid arguments or incorrectly parsed. innd and nnrpd now treat everything after the first whitespace character following AUTHINFO USER/PASS, up to, but not including, the final CRLF, as the username/password, in conformity with RFC 4643.
* The syntax of message-IDs is now based on RFC 5536 (USEFOR) instead of RFC 1036. The major change is that quoted-pairs have been removed from the syntax.
* The Perl and Python filters for innd now check the message-ID of articles arriving through TAKETHIS. Only CHECK and IHAVE commands previously used them.
* Case-insensitive matches are now used for distributions, path identities, IMAP commands, header names, and control commands. (Newsgroups are still matched case-sensitively.) Message-IDs are case-sensitively matched, except for history hashes.
* The new Archive:, Archive-At:, Comments:, and Summary: header fields defined in RFC 5064 and RFC 5536 can be used in innd filters. nnrpd now checks at injection time that an article does not contain an Injection-Info: header, that an Injection-Date: header (if provided) is valid, and that the Path: header does not contain ".POSTED". Note that INN does not yet generate these two injection fields or include the new Path: header field ".POSTED" keyword. These new features will be in the next major release of INN.
* LIST SUBSCRIPTIONS now accepts an optional wildmat argument to restrict the results of this command to specific newsgroups.
* nnrpd now supports a new LIST variant named COUNTS. LIST COUNTS is a combination of LIST ACTIVE and GROUP. It returns the same result as LIST ACTIVE except that the number of articles in a newsgroup is inserted before its status.
* A new flag has been added to newsfeeds entries: "Aj", when present, says to feed articles accepted and filed in "junk" (due to *wanttrash*) to peers based on their newsfeeds feed patterns applied to the Newsgroups: header as though the article were accepted and all those groups were locally carried. This is useful if you want to run INN with a minimal active file and propagate all posts. Thanks to Andrew Gierth for the patch.
* A new parameter has been added to inn.conf: *logtrash* defines whether a line for articles posted to groups not locally carried by the news server should be added in the news log file to report unwanted newsgroups. The default is true but it can be useful to set it to false (especially when *wanttrash* is also used).
* The procbatchdir keyword has been added to news.daily to specify the backlog directory of innfeed. This is useful when several instances of innfeed are running or when its configuration file is not the default one.
* sm now supports a new flag, -c, which shows a decoded form of the storage API token. This was previously done by the contrib showtoken script developed by Olaf Titz and Marco d'Itri.
* The O flag in newsfeeds now relies on the contents of the Injection-Info: header field if it is present to determine the origin of an article. It falls back on X-Trace: if there is no Injection-Info: header field.
* A new "unsigned long" type bas been added to the configuration parser. It will properly warn the news administrator when a variable supposed to be positive contains a negative integer. It will prevent INN from crashing due to misconfiguration at several places where it did not expect negative values.
* innxbatch and innxmit now recognize the new 403 code introduced by RFC 3977 for a problem preventing the requested action from being taken.
* HDR and OVER commands now return the correct 423 code (instead of 420) when the current article number is used but the article no longer exists.
* actsync, inews, innxbatch, innxmit, nntpget and rnews can now authenticate to news servers which only expect a username, without password, conforming to RFC 4643.
* The keyword generation code now generates a Keywords: header only if the original article does not already have one. The generated Keywords: header no longer begins with a comma. If keyword generation is set to true in inn.conf but the Keywords: header is not stored in the overview, the news administrator is warned and keyword generation deactivated, since it exists only to populate the overview data.
* Two segfaults in keyword generation were fixed. The first occurred when an article already had a Keywords: header longer than the *keylimit* parameter. The second was caused by a possible invalid pointer beyond the newly allocated Keywords: header.
* Fixed innd handling of empty lines. innd was not properly discarding an empty command and was closing the connection when it received only whitespace in a command.
* Fixed a bug in how innd responded to reader commands when readers were not allowed. A superfluous blank line was sent in its response.
* Fixed a bug in innd's response to TAKETHIS when authentication is required. Previously, 480 code was returned immediately without accepting the multi-line data block first, which broke synchronization in the NNTP protocol.
* Fixed a bug in recognizing the article terminator when empty articles were fed to innd via IHAVE or TAKETHIS, leading to treating subsequent NNTP commands as part of the article.
* When innd could not provide information for LIST ACTIVE.TIMES and LIST NEWSGROUPS, it was returning an invalid error message without a response code. The proper 503 answer code is now returned.
* When an unauthenticated user tried to post an article, nnrpd replied 440 (posting not allowed) instead of the correct 480 (authentication required) response if the user might be able to post after authentication. Thanks to Daniel Weber for the bug report.
* Fixed a bug in both innd and nnrpd answers to LIST commands where the output was not checked for valid dot stuffing.
* Fixed a bug leading to junked non-control articles being sent to control-only feeds, and also fixed handling of poisoned control groups. Thanks to Andrew Gierth for the patch.
* Fixed a bug in innreport leading to incorrect summing of innd stats when *hostname* was set to an IPv6 address instead of a fully-qualified domain name. Thanks to Petr Novopashenniy for the bug report.
* Changed how innreport uses innd and innfeed checkpoint messages. Previously, connections held open for multiple days led to skewed and incorrect statistics on how many articles had been received or sent. The count is now more accurate and, for each connection of a feed, only depends on *incominglogfrequency* in inn.conf and *stats-period* in innfeed.conf.
* Fixed a bug in nnrpd Perl filter: a header field whose name begins with the name of a standardized header field was not properly handled.
* Fixed a bug in how innd was parsing Message-ID: and Supersedes: headers which contained trailing whitespace. The article was corrupted by an unexpected "\r" in the middle of the header. nnrpd now checks the syntax of the Message-ID: header field, if present.
* Fixed various bugs in how leading whitespace was treated in headers. The HDR, XHDR and XPAT commands were not properly showing leading whitespace in header values. Lone "\n" and "\r" characters are now changed into spaces and "\r\n" is just removed. archive, makehistory, and tdx-util now keep leading whitespace in headers when generating overview data, and archive now changes "\n" (when not preceded by "\r") into a space when generating overview data.
* Fixed a bug in the generation of overview data which may corrupt previously generated overview data when a pseudo Xref: header field is injected in an extra overview field.
* Fixed a bug in the parsing of the *ovgrouppat* wildmat in inn.conf that prevented overview data from being generated when poisoned groups were specified but a latter sub-pattern matched the group. A uwildmat expression is now correctly handled, and a potential segfault has been fixed. Thanks to Dieter Stussy for the bug report.
* Fixed a bug when HDR, XHDR and XPAT were used when *virtualhost* was set to true in readers.conf. The Xref: header of articles posted to only one newsgroup appeared empty.
* Fixed a bug in tdx-util in parsing empty overview fields when called with -A or -F.
* Fixed a bug in cvtbatch, which was returning only the size of the headers of an article when the "b" parameter was used with the -w flag. It now correctly returns the size of the whole article, which is what "b" was documented to do. cvtbatch also has a new "t" parameter, which can be used with the -w flag to retrieve the arrival time of an article.
* Fixed a bug in how mailpost handles cross-posting feature. It was not properly detaching from sendmail. Thanks to Harald Dunkel for the patch.
* Fixed a bug in the newsfeeds C flag: the count of followup groups was one less than the real number. When the value of the Followup-To: header field is "poster", it is no longer considered to be a followup. Thanks to Dieter Stussy for the patch.
* When using tradindexed, the overview data for a cancelled article is now immediately removed from the overview. Thanks to Lars Magne Ingebrigtsen for the patch.
* batcher has not supported the retrieval of an article with its file name for a long time. The -S flag has therefore been removed.
* inews no longer rejects articles that contain more than 50 header fields. Thanks to Torsten Jerzembeck for the bug report.
* news.daily no longer sends superfluous mails when the nomail keyword is given. Mail is only sent when there is real output. Previously, there would always be headings and empty lines left over from the structuring of the full report, which are now ommitted. Also, the output of programs executed with postexec is now included in the regular mail. Thanks to Florian Schlichting for the patch.
* innconfval no longer maps NULL string or list values to an empty string or list and instead maps them to undefined values. This fixes an issue reported by Kamil Jonca: nnrpd was inserting an empty Organization: header when the *organization* parameter in inn.conf was unset.
* Other minor bug fixes and documentation improvements.
Vendor update message (excerpt):
Many thanks to Julien �LIE for preparing this release.
Special notes:
The way checkpoints are handled by innreport for innd and innfeed has totally changed to provide more accurate daily statistics. The first Usenet report after an upgrade to INN 2.5.2 will probably contain incorrect statistics for incoming and outgoing articles because the beginning of the log files that will be used was generated by a previous version of INN.
A new version of innreport.conf is shipped with INN 2.5.2 but, in order to preserve any local changes, will not be automatically installed with make update. The changes are minor and not mandatory for the upgrade.
Changes from 2.5.1 to 2.5.2
* Julien Elie has implemented in innd the new version of the NNTP protocol described in RFC 3977, RFC 4643 and RFC 4644, and innd now recognizes the CAPABILITIES command. Despite these standards, three commands (IHAVE, CHECK and TAKETHIS) will continue, for interoperability reasons, to return a reject code (respectively 435, 438, and 439) when the command contains a syntax error instead of 501. The mandatory username argument for authenticated peers is not enforced in INN 2.5.2 but will be be enforced by INN 2.6.0 when it is released.
Major improvements are:
* innd now has a decent parser for NNTP commands. The parser is more correct (commands like "IHAVEZ<>", without a space between the command and its argument, are no longer valid) and allows leading and trailing whitespaces in commands. innd also now checks the length of the NNTP command sent by the client. If the command contains more than 512 bytes (or 497 bytes for an argument), an error is returned and the command is discarded. After ten unrecognized commands, innd closes the connection with the appropriate code (400 instead of 500).
* The output of the HELP command specifies the arguments expected by NNTP commands, similar to nnrpd's HELP command.
* LIST ACTIVE, LIST ACTIVE.TIMES and LIST NEWSGROUPS now allow an optional wildmat argument to restrict the results of those commands to specific newsgroups.
* When using HEAD or STAT with an article number or a range, 412 (no group selected) is now returned instead of 501 (syntax error).
* Jeffrey M. Vinocur has implemented support in both innd and nnrpd for whitespace in usernames/passwords provided with AUTHINFO USER/PASS. They were previously treated as invalid arguments or incorrectly parsed. innd and nnrpd now treat everything after the first whitespace character following AUTHINFO USER/PASS, up to, but not including, the final CRLF, as the username/password, in conformity with RFC 4643.
* The syntax of message-IDs is now based on RFC 5536 (USEFOR) instead of RFC 1036. The major change is that quoted-pairs have been removed from the syntax.
* The Perl and Python filters for innd now check the message-ID of articles arriving through TAKETHIS. Only CHECK and IHAVE commands previously used them.
* Case-insensitive matches are now used for distributions, path identities, IMAP commands, header names, and control commands. (Newsgroups are still matched case-sensitively.) Message-IDs are case-sensitively matched, except for history hashes.
* The new Archive:, Archive-At:, Comments:, and Summary: header fields defined in RFC 5064 and RFC 5536 can be used in innd filters. nnrpd now checks at injection time that an article does not contain an Injection-Info: header, that an Injection-Date: header (if provided) is valid, and that the Path: header does not contain ".POSTED". Note that INN does not yet generate these two injection fields or include the new Path: header field ".POSTED" keyword. These new features will be in the next major release of INN.
* LIST SUBSCRIPTIONS now accepts an optional wildmat argument to restrict the results of this command to specific newsgroups.
* nnrpd now supports a new LIST variant named COUNTS. LIST COUNTS is a combination of LIST ACTIVE and GROUP. It returns the same result as LIST ACTIVE except that the number of articles in a newsgroup is inserted before its status.
* A new flag has been added to newsfeeds entries: "Aj", when present, says to feed articles accepted and filed in "junk" (due to *wanttrash*) to peers based on their newsfeeds feed patterns applied to the Newsgroups: header as though the article were accepted and all those groups were locally carried. This is useful if you want to run INN with a minimal active file and propagate all posts. Thanks to Andrew Gierth for the patch.
* A new parameter has been added to inn.conf: *logtrash* defines whether a line for articles posted to groups not locally carried by the news server should be added in the news log file to report unwanted newsgroups. The default is true but it can be useful to set it to false (especially when *wanttrash* is also used).
* The procbatchdir keyword has been added to news.daily to specify the backlog directory of innfeed. This is useful when several instances of innfeed are running or when its configuration file is not the default one.
* sm now supports a new flag, -c, which shows a decoded form of the storage API token. This was previously done by the contrib showtoken script developed by Olaf Titz and Marco d'Itri.
* The O flag in newsfeeds now relies on the contents of the Injection-Info: header field if it is present to determine the origin of an article. It falls back on X-Trace: if there is no Injection-Info: header field.
* A new "unsigned long" type bas been added to the configuration parser. It will properly warn the news administrator when a variable supposed to be positive contains a negative integer. It will prevent INN from crashing due to misconfiguration at several places where it did not expect negative values.
* innxbatch and innxmit now recognize the new 403 code introduced by RFC 3977 for a problem preventing the requested action from being taken.
* HDR and OVER commands now return the correct 423 code (instead of 420) when the current article number is used but the article no longer exists.
* actsync, inews, innxbatch, innxmit, nntpget and rnews can now authenticate to news servers which only expect a username, without password, conforming to RFC 4643.
* The keyword generation code now generates a Keywords: header only if the original article does not already have one. The generated Keywords: header no longer begins with a comma. If keyword generation is set to true in inn.conf but the Keywords: header is not stored in the overview, the news administrator is warned and keyword generation deactivated, since it exists only to populate the overview data.
* Two segfaults in keyword generation were fixed. The first occurred when an article already had a Keywords: header longer than the *keylimit* parameter. The second was caused by a possible invalid pointer beyond the newly allocated Keywords: header.
* Fixed innd handling of empty lines. innd was not properly discarding an empty command and was closing the connection when it received only whitespace in a command.
* Fixed a bug in how innd responded to reader commands when readers were not allowed. A superfluous blank line was sent in its response.
* Fixed a bug in innd's response to TAKETHIS when authentication is required. Previously, 480 code was returned immediately without accepting the multi-line data block first, which broke synchronization in the NNTP protocol.
* Fixed a bug in recognizing the article terminator when empty articles were fed to innd via IHAVE or TAKETHIS, leading to treating subsequent NNTP commands as part of the article.
* When innd could not provide information for LIST ACTIVE.TIMES and LIST NEWSGROUPS, it was returning an invalid error message without a response code. The proper 503 answer code is now returned.
* When an unauthenticated user tried to post an article, nnrpd replied 440 (posting not allowed) instead of the correct 480 (authentication required) response if the user might be able to post after authentication. Thanks to Daniel Weber for the bug report.
* Fixed a bug in both innd and nnrpd answers to LIST commands where the output was not checked for valid dot stuffing.
* Fixed a bug leading to junked non-control articles being sent to control-only feeds, and also fixed handling of poisoned control groups. Thanks to Andrew Gierth for the patch.
* Fixed a bug in innreport leading to incorrect summing of innd stats when *hostname* was set to an IPv6 address instead of a fully-qualified domain name. Thanks to Petr Novopashenniy for the bug report.
* Changed how innreport uses innd and innfeed checkpoint messages. Previously, connections held open for multiple days led to skewed and incorrect statistics on how many articles had been received or sent. The count is now more accurate and, for each connection of a feed, only depends on *incominglogfrequency* in inn.conf and *stats-period* in innfeed.conf.
* Fixed a bug in nnrpd Perl filter: a header field whose name begins with the name of a standardized header field was not properly handled.
* Fixed a bug in how innd was parsing Message-ID: and Supersedes: headers which contained trailing whitespace. The article was corrupted by an unexpected "\r" in the middle of the header. nnrpd now checks the syntax of the Message-ID: header field, if present.
* Fixed various bugs in how leading whitespace was treated in headers. The HDR, XHDR and XPAT commands were not properly showing leading whitespace in header values. Lone "\n" and "\r" characters are now changed into spaces and "\r\n" is just removed. archive, makehistory, and tdx-util now keep leading whitespace in headers when generating overview data, and archive now changes "\n" (when not preceded by "\r") into a space when generating overview data.
* Fixed a bug in the generation of overview data which may corrupt previously generated overview data when a pseudo Xref: header field is injected in an extra overview field.
* Fixed a bug in the parsing of the *ovgrouppat* wildmat in inn.conf that prevented overview data from being generated when poisoned groups were specified but a latter sub-pattern matched the group. A uwildmat expression is now correctly handled, and a potential segfault has been fixed. Thanks to Dieter Stussy for the bug report.
* Fixed a bug when HDR, XHDR and XPAT were used when *virtualhost* was set to true in readers.conf. The Xref: header of articles posted to only one newsgroup appeared empty.
* Fixed a bug in tdx-util in parsing empty overview fields when called with -A or -F.
* Fixed a bug in cvtbatch, which was returning only the size of the headers of an article when the "b" parameter was used with the -w flag. It now correctly returns the size of the whole article, which is what "b" was documented to do. cvtbatch also has a new "t" parameter, which can be used with the -w flag to retrieve the arrival time of an article.
* Fixed a bug in how mailpost handles cross-posting feature. It was not properly detaching from sendmail. Thanks to Harald Dunkel for the patch.
* Fixed a bug in the newsfeeds C flag: the count of followup groups was one less than the real number. When the value of the Followup-To: header field is "poster", it is no longer considered to be a followup. Thanks to Dieter Stussy for the patch.
* When using tradindexed, the overview data for a cancelled article is now immediately removed from the overview. Thanks to Lars Magne Ingebrigtsen for the patch.
* batcher has not supported the retrieval of an article with its file name for a long time. The -S flag has therefore been removed.
* inews no longer rejects articles that contain more than 50 header fields. Thanks to Torsten Jerzembeck for the bug report.
* news.daily no longer sends superfluous mails when the nomail keyword is given. Mail is only sent when there is real output. Previously, there would always be headings and empty lines left over from the structuring of the full report, which are now ommitted. Also, the output of programs executed with postexec is now included in the regular mail. Thanks to Florian Schlichting for the patch.
* innconfval no longer maps NULL string or list values to an empty string or list and instead maps them to undefined values. This fixes an issue reported by Kamil Jonca: nnrpd was inserting an empty Organization: header when the *organization* parameter in inn.conf was unset.
* Other minor bug fixes and documentation improvements.
MAIN commitmail json YAML
pkgsrc/devel/rt3/Makefile@1.43
/
diff
pkgsrc/devel/rt3/distinfo@1.17 / diff
pkgsrc/devel/rt3/patches/patch-ac@1.3 / diff
pkgsrc/devel/rt3/distinfo@1.17 / diff
pkgsrc/devel/rt3/patches/patch-ac@1.3 / diff
perl FCGI 0.69 onwards is more picky about the strings it gets.
Thus, if you feed it perl strings with utf-8 you get a complaint about
wide characters in the string.
The new patch-ac contains a fix.
Thus, if you feed it perl strings with utf-8 you get a complaint about
wide characters in the string.
The new patch-ac contains a fix.
MAIN commitmail json YAML
misc/p5-Geo-Weather is now known as geography/p5-Geo-Weather
MAIN commitmail json YAML
the handling of vulnerable binary packages has been moved from notification
by filesystem location to notification by pkg_add; document
by filesystem location to notification by pkg_add; document
MAIN commitmail json YAML
don't upload to a 'vulnerable' subdir any more
MAIN commitmail json YAML
setting vital info like the hostname environment variable in the
startup script makes xymonclient work so amazingly better than without :-}
startup script makes xymonclient work so amazingly better than without :-}
MAIN commitmail json YAML
pkgsrc/devel/rt3/Makefile@1.42
/
diff
pkgsrc/devel/rt3/distinfo@1.16 / diff
pkgsrc/devel/rt3/patches/patch-ab@1.3 / diff
pkgsrc/devel/rt3/distinfo@1.16 / diff
pkgsrc/devel/rt3/patches/patch-ab@1.3 / diff
improve gnupg handling
MAIN commitmail json YAML
the dependency p5-Email-MIME-Creator has been superseded by p5-Email-MIME
MAIN commitmail json YAML
remove dependency on p5-Email-MIME-Modifier, which has been superseded by
p5-Email-MIME
p5-Email-MIME
MAIN commitmail json YAML
remove dependency on p5-Email-MIME-Creator, which has been superseded by
the p5-Email-MIME package
the p5-Email-MIME package
MAIN commitmail json YAML
remove dependencies on p5-Email-MIME-Creator and p5-Email-MIME-Modifier
which have been superseded by the p5-Email-MIME package
which have been superseded by the p5-Email-MIME package
MAIN commitmail json YAML
remove dependency on p5-Email-MIME-Modifier which has been superseded by
the p5-Email-MIME package
the p5-Email-MIME package
MAIN commitmail json YAML
pkgsrc/databases/rrdtool/Makefile@1.81
/
diff
pkgsrc/databases/rrdtool/distinfo@1.40 / diff
pkgsrc/databases/rrdtool/patches/patch-az@1.1 / diff
pkgsrc/databases/rrdtool/distinfo@1.40 / diff
pkgsrc/databases/rrdtool/patches/patch-az@1.1 / diff
make "rrdtool restore" work on archs where time_t is an int
MAIN commitmail json YAML
fix file permission != directory permission problem for the pkg_summary.bz2
MAIN commitmail json YAML
update pkg_summary.bz2 files if existing (and the pkg_summary.gz gets updated)
MAIN commitmail json YAML
remove option to build with an older version of dependency as that
older dependency (tk83) is no longer around.
older dependency (tk83) is no longer around.
MAIN commitmail json YAML
updated patch -> distinfo needs an update too
MAIN commitmail json YAML
update to latest release
DESTDIRify
ok'd by manu@
DESTDIRify
ok'd by manu@
MAIN commitmail json YAML
correct forward looking addition of ruby19 in the previous commit :)
MAIN commitmail json YAML
i2cb at least compiles now
MAIN commitmail json YAML
pkgsrc/chat/i2cb/Makefile@1.22
/
diff
pkgsrc/chat/i2cb/distinfo@1.11 / diff
pkgsrc/chat/i2cb/patches/patch-aa@1.2 / diff
pkgsrc/chat/i2cb/patches/patch-ac@1.4 / diff
pkgsrc/chat/i2cb/patches/patch-at@1.2 / diff
pkgsrc/chat/i2cb/patches/patch-ay@1.1 / diff
pkgsrc/chat/i2cb/patches/patch-az@1.1 / diff
pkgsrc/chat/i2cb/distinfo@1.11 / diff
pkgsrc/chat/i2cb/patches/patch-aa@1.2 / diff
pkgsrc/chat/i2cb/patches/patch-ac@1.4 / diff
pkgsrc/chat/i2cb/patches/patch-at@1.2 / diff
pkgsrc/chat/i2cb/patches/patch-ay@1.1 / diff
pkgsrc/chat/i2cb/patches/patch-az@1.1 / diff
Add patches to compile on systems with getline() and to link to the tcl
currently in pkgsrc.
currently in pkgsrc.
pkgsrc-2009Q4 commitmail json YAML
pullup #3027, #3028, #3029
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/x11/wxGTK28/Makefile@1.6.4.1
/
diff
pkgsrc/x11/wxGTK28/Makefile.common@1.4.4.1 / diff
pkgsrc/x11/wxGTK28/distinfo@1.7.2.1 / diff
pkgsrc/x11/wxGTK28/patches/patch-ba@1.1.4.1 / diff
pkgsrc/x11/wxGTK28/patches/patch-bb@1.1.4.1 / diff
pkgsrc/x11/wxGTK28/patches/patch-ca@1.1.4.1 / diff
pkgsrc/x11/wxGTK28/patches/patch-cb@1.1.2.2 / diff
pkgsrc/x11/wxGTK28/Makefile.common@1.4.4.1 / diff
pkgsrc/x11/wxGTK28/distinfo@1.7.2.1 / diff
pkgsrc/x11/wxGTK28/patches/patch-ba@1.1.4.1 / diff
pkgsrc/x11/wxGTK28/patches/patch-bb@1.1.4.1 / diff
pkgsrc/x11/wxGTK28/patches/patch-ca@1.1.4.1 / diff
pkgsrc/x11/wxGTK28/patches/patch-cb@1.1.2.2 / diff
Pullup ticket 3029 - requested by taca
security patch
Revisions pulled up:
- pkgsrc/x11/wxGTK28/Makefile 1.8
- pkgsrc/x11/wxGTK28/Makefile.common 1.5
- pkgsrc/x11/wxGTK28/distinfo 1.8
- pkgsrc/x11/wxGTK28/patches/patch-ba 1.2
- pkgsrc/x11/wxGTK28/patches/patch-bb 1.2
- pkgsrc/x11/wxGTK28/patches/patch-ca 1.2
Files added:
pkgsrc/x11/wxGTK28/patches/patch-cb
--------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Tue Feb 16 17:38:14 UTC 2010
Modified Files:
pkgsrc/x11/wxGTK28: Makefile Makefile.common distinfo
pkgsrc/x11/wxGTK28/patches: patch-ba patch-bb patch-ca
Added Files:
pkgsrc/x11/wxGTK28/patches: patch-cb
Log Message:
* Add patches for CVE-2009-2369 and CVE-2009-2625.
* Use textproc/expat to fix CVE-2009-3720.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 pkgsrc/x11/wxGTK28/Makefile \
pkgsrc/x11/wxGTK28/distinfo
cvs rdiff -u -r1.4 -r1.5 pkgsrc/x11/wxGTK28/Makefile.common
cvs rdiff -u -r1.1 -r1.2 pkgsrc/x11/wxGTK28/patches/patch-ba \
pkgsrc/x11/wxGTK28/patches/patch-bb pkgsrc/x11/wxGTK28/patches/patch-ca
cvs rdiff -u -r0 -r1.1 pkgsrc/x11/wxGTK28/patches/patch-cb
security patch
Revisions pulled up:
- pkgsrc/x11/wxGTK28/Makefile 1.8
- pkgsrc/x11/wxGTK28/Makefile.common 1.5
- pkgsrc/x11/wxGTK28/distinfo 1.8
- pkgsrc/x11/wxGTK28/patches/patch-ba 1.2
- pkgsrc/x11/wxGTK28/patches/patch-bb 1.2
- pkgsrc/x11/wxGTK28/patches/patch-ca 1.2
Files added:
pkgsrc/x11/wxGTK28/patches/patch-cb
--------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Tue Feb 16 17:38:14 UTC 2010
Modified Files:
pkgsrc/x11/wxGTK28: Makefile Makefile.common distinfo
pkgsrc/x11/wxGTK28/patches: patch-ba patch-bb patch-ca
Added Files:
pkgsrc/x11/wxGTK28/patches: patch-cb
Log Message:
* Add patches for CVE-2009-2369 and CVE-2009-2625.
* Use textproc/expat to fix CVE-2009-3720.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 pkgsrc/x11/wxGTK28/Makefile \
pkgsrc/x11/wxGTK28/distinfo
cvs rdiff -u -r1.4 -r1.5 pkgsrc/x11/wxGTK28/Makefile.common
cvs rdiff -u -r1.1 -r1.2 pkgsrc/x11/wxGTK28/patches/patch-ba \
pkgsrc/x11/wxGTK28/patches/patch-bb pkgsrc/x11/wxGTK28/patches/patch-ca
cvs rdiff -u -r0 -r1.1 pkgsrc/x11/wxGTK28/patches/patch-cb
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/x11/wxGTK26/Makefile@1.3.4.1
/
diff
pkgsrc/x11/wxGTK26/distinfo@1.3.2.1 / diff
pkgsrc/x11/wxGTK26/patches/patch-ae@1.1.2.2 / diff
pkgsrc/x11/wxGTK26/patches/patch-af@1.1.2.2 / diff
pkgsrc/x11/wxGTK26/patches/patch-ag@1.1.2.2 / diff
pkgsrc/x11/wxGTK26/patches/patch-ah@1.1.2.2 / diff
pkgsrc/x11/wxGTK26/distinfo@1.3.2.1 / diff
pkgsrc/x11/wxGTK26/patches/patch-ae@1.1.2.2 / diff
pkgsrc/x11/wxGTK26/patches/patch-af@1.1.2.2 / diff
pkgsrc/x11/wxGTK26/patches/patch-ag@1.1.2.2 / diff
pkgsrc/x11/wxGTK26/patches/patch-ah@1.1.2.2 / diff
Pullup ticket 3028 - requested by taca
security patch
Revisions pulled up:
- pkgsrc/x11/wxGTK26/Makefile 1.5
- pkgsrc/x11/wxGTK26/distinfo 1.4
Files added:
pkgsrc/x11/wxGTK26/patches/patch-ae
pkgsrc/x11/wxGTK26/patches/patch-af
pkgsrc/x11/wxGTK26/patches/patch-ag
pkgsrc/x11/wxGTK26/patches/patch-ah
--------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Tue Feb 16 17:35:34 UTC 2010
Modified Files:
pkgsrc/x11/wxGTK26: Makefile distinfo
Added Files:
pkgsrc/x11/wxGTK26/patches: patch-ae patch-af patch-ag patch-ah
Log Message:
Add patches for CVE-2009-2369 and CVE-2009-2625.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 pkgsrc/x11/wxGTK26/Makefile
cvs rdiff -u -r1.3 -r1.4 pkgsrc/x11/wxGTK26/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/x11/wxGTK26/patches/patch-ae \
pkgsrc/x11/wxGTK26/patches/patch-af pkgsrc/x11/wxGTK26/patches/patch-ag \
pkgsrc/x11/wxGTK26/patches/patch-ah
security patch
Revisions pulled up:
- pkgsrc/x11/wxGTK26/Makefile 1.5
- pkgsrc/x11/wxGTK26/distinfo 1.4
Files added:
pkgsrc/x11/wxGTK26/patches/patch-ae
pkgsrc/x11/wxGTK26/patches/patch-af
pkgsrc/x11/wxGTK26/patches/patch-ag
pkgsrc/x11/wxGTK26/patches/patch-ah
--------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Tue Feb 16 17:35:34 UTC 2010
Modified Files:
pkgsrc/x11/wxGTK26: Makefile distinfo
Added Files:
pkgsrc/x11/wxGTK26/patches: patch-ae patch-af patch-ag patch-ah
Log Message:
Add patches for CVE-2009-2369 and CVE-2009-2625.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 pkgsrc/x11/wxGTK26/Makefile
cvs rdiff -u -r1.3 -r1.4 pkgsrc/x11/wxGTK26/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/x11/wxGTK26/patches/patch-ae \
pkgsrc/x11/wxGTK26/patches/patch-af pkgsrc/x11/wxGTK26/patches/patch-ag \
pkgsrc/x11/wxGTK26/patches/patch-ah
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/x11/wxGTK24/Makefile@1.9.2.1
/
diff
pkgsrc/x11/wxGTK24/distinfo@1.9.2.1 / diff
pkgsrc/x11/wxGTK24/patches/patch-am@1.1.2.2 / diff
pkgsrc/x11/wxGTK24/patches/patch-an@1.1.2.2 / diff
pkgsrc/x11/wxGTK24/patches/patch-ao@1.1.2.2 / diff
pkgsrc/x11/wxGTK24/patches/patch-ap@1.1.2.2 / diff
pkgsrc/x11/wxGTK24/distinfo@1.9.2.1 / diff
pkgsrc/x11/wxGTK24/patches/patch-am@1.1.2.2 / diff
pkgsrc/x11/wxGTK24/patches/patch-an@1.1.2.2 / diff
pkgsrc/x11/wxGTK24/patches/patch-ao@1.1.2.2 / diff
pkgsrc/x11/wxGTK24/patches/patch-ap@1.1.2.2 / diff
Pullup ticket 3027 - requested by taca
security patch
Revisions pulled up:
- pkgsrc/x11/wxGTK24/Makefile 1.11
- pkgsrc/x11/wxGTK24/distinfo 1.10
Files added:
pkgsrc/x11/wxGTK24/patches/patch-am
pkgsrc/x11/wxGTK24/patches/patch-an
pkgsrc/x11/wxGTK24/patches/patch-ao
pkgsrc/x11/wxGTK24/patches/patch-ap
--------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Tue Feb 16 17:33:39 UTC 2010
Modified Files:
pkgsrc/x11/wxGTK24: Makefile distinfo
Added Files:
pkgsrc/x11/wxGTK24/patches: patch-am patch-an patch-ao patch-ap
Log Message:
Add patches for CVE-2009-2625 and CVE-2009-2369.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 pkgsrc/x11/wxGTK24/Makefile
cvs rdiff -u -r1.9 -r1.10 pkgsrc/x11/wxGTK24/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/x11/wxGTK24/patches/patch-am \
pkgsrc/x11/wxGTK24/patches/patch-an pkgsrc/x11/wxGTK24/patches/patch-ao \
pkgsrc/x11/wxGTK24/patches/patch-ap
security patch
Revisions pulled up:
- pkgsrc/x11/wxGTK24/Makefile 1.11
- pkgsrc/x11/wxGTK24/distinfo 1.10
Files added:
pkgsrc/x11/wxGTK24/patches/patch-am
pkgsrc/x11/wxGTK24/patches/patch-an
pkgsrc/x11/wxGTK24/patches/patch-ao
pkgsrc/x11/wxGTK24/patches/patch-ap
--------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Tue Feb 16 17:33:39 UTC 2010
Modified Files:
pkgsrc/x11/wxGTK24: Makefile distinfo
Added Files:
pkgsrc/x11/wxGTK24/patches: patch-am patch-an patch-ao patch-ap
Log Message:
Add patches for CVE-2009-2625 and CVE-2009-2369.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 pkgsrc/x11/wxGTK24/Makefile
cvs rdiff -u -r1.9 -r1.10 pkgsrc/x11/wxGTK24/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/x11/wxGTK24/patches/patch-am \
pkgsrc/x11/wxGTK24/patches/patch-an pkgsrc/x11/wxGTK24/patches/patch-ao \
pkgsrc/x11/wxGTK24/patches/patch-ap
MAIN commitmail json YAML
delete the summary and cache files in case the dir is writeable, but the
file isn't (as suggested by bouyer@)
fix typo in output message
file isn't (as suggested by bouyer@)
fix typo in output message
pkgsrc-2009Q4 commitmail json YAML
pullup #3024
pkgsrc-2009Q4 commitmail json YAML
Pullup ticket 3024 - requested by taca
security update
Revisions pulled up:
- pkgsrc/security/sudo/Makefile 1.119
- pkgsrc/security/sudo/distinfo 1.61
--------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Fri Feb 26 01:08:38 UTC 2010
Modified Files:
pkgsrc/security/sudo: Makefile distinfo
Log Message:
Update sudo package to 1.7.2p4.
Major changes between version 1.7.2p3 and 1.7.2p4:
* Fix a bug that could allow users with permission to run sudoedit
to run arbitrary commands.
Major changes between version 1.7.2p2 and 1.7.2p3:
* Fix printing of entries with multiple host entries on a single line.
* Fix use after free when sending error messages via email.
* Use setrlimit64(), if available, instead of setrlimit() when
setting AIX resource limits since rlim_t is 32bits.
* Fix size arg when realloc()ing include stack.
* Avoid a duplicate fclose() of the sudoers file.
To generate a diff of this commit:
cvs rdiff -u -r1.118 -r1.119 pkgsrc/security/sudo/Makefile
cvs rdiff -u -r1.60 -r1.61 pkgsrc/security/sudo/distinfo
------------------------------------------------------------------
Module Name: pkgsrc
Committed By: zafer
Date: Tue Feb 9 00:05:48 UTC 2010
Modified Files:
pkgsrc/security/sudo: Makefile
Log Message:
update master_sites
To generate a diff of this commit:
cvs rdiff -u -r1.117 -r1.118 pkgsrc/security/sudo/Makefile
security update
Revisions pulled up:
- pkgsrc/security/sudo/Makefile 1.119
- pkgsrc/security/sudo/distinfo 1.61
--------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Fri Feb 26 01:08:38 UTC 2010
Modified Files:
pkgsrc/security/sudo: Makefile distinfo
Log Message:
Update sudo package to 1.7.2p4.
Major changes between version 1.7.2p3 and 1.7.2p4:
* Fix a bug that could allow users with permission to run sudoedit
to run arbitrary commands.
Major changes between version 1.7.2p2 and 1.7.2p3:
* Fix printing of entries with multiple host entries on a single line.
* Fix use after free when sending error messages via email.
* Use setrlimit64(), if available, instead of setrlimit() when
setting AIX resource limits since rlim_t is 32bits.
* Fix size arg when realloc()ing include stack.
* Avoid a duplicate fclose() of the sudoers file.
To generate a diff of this commit:
cvs rdiff -u -r1.118 -r1.119 pkgsrc/security/sudo/Makefile
cvs rdiff -u -r1.60 -r1.61 pkgsrc/security/sudo/distinfo
------------------------------------------------------------------
Module Name: pkgsrc
Committed By: zafer
Date: Tue Feb 9 00:05:48 UTC 2010
Modified Files:
pkgsrc/security/sudo: Makefile
Log Message:
update master_sites
To generate a diff of this commit:
cvs rdiff -u -r1.117 -r1.118 pkgsrc/security/sudo/Makefile
pkgsrc-2009Q4 commitmail json YAML
pullup #3022
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/graphics/netpbm/Makefile@1.163.4.1
/
diff
pkgsrc/graphics/netpbm/PLIST@1.5.46.1 / diff
pkgsrc/graphics/netpbm/distinfo@1.71.4.1 / diff
pkgsrc/graphics/netpbm/patches/patch-aa@1.39.28.1 / diff
pkgsrc/graphics/netpbm/patches/patch-ac deleted
pkgsrc/graphics/netpbm/patches/patch-af deleted
pkgsrc/graphics/netpbm/patches/patch-ag deleted
pkgsrc/graphics/netpbm/patches/patch-ai deleted
pkgsrc/graphics/netpbm/patches/patch-aj deleted
pkgsrc/graphics/netpbm/patches/patch-ak deleted
pkgsrc/graphics/netpbm/patches/patch-al deleted
pkgsrc/graphics/netpbm/patches/patch-am deleted
pkgsrc/graphics/netpbm/patches/patch-an deleted
pkgsrc/graphics/netpbm/patches/patch-ao@1.3.30.1 / diff
pkgsrc/graphics/netpbm/patches/patch-ap deleted
pkgsrc/graphics/netpbm/patches/patch-aq deleted
pkgsrc/graphics/netpbm/patches/patch-ar deleted
pkgsrc/graphics/netpbm/patches/patch-as deleted
pkgsrc/graphics/netpbm/patches/patch-at deleted
pkgsrc/graphics/netpbm/patches/patch-au deleted
:
(more 9 files)
pkgsrc/graphics/netpbm/PLIST@1.5.46.1 / diff
pkgsrc/graphics/netpbm/distinfo@1.71.4.1 / diff
pkgsrc/graphics/netpbm/patches/patch-aa@1.39.28.1 / diff
pkgsrc/graphics/netpbm/patches/patch-ac deleted
pkgsrc/graphics/netpbm/patches/patch-af deleted
pkgsrc/graphics/netpbm/patches/patch-ag deleted
pkgsrc/graphics/netpbm/patches/patch-ai deleted
pkgsrc/graphics/netpbm/patches/patch-aj deleted
pkgsrc/graphics/netpbm/patches/patch-ak deleted
pkgsrc/graphics/netpbm/patches/patch-al deleted
pkgsrc/graphics/netpbm/patches/patch-am deleted
pkgsrc/graphics/netpbm/patches/patch-an deleted
pkgsrc/graphics/netpbm/patches/patch-ao@1.3.30.1 / diff
pkgsrc/graphics/netpbm/patches/patch-ap deleted
pkgsrc/graphics/netpbm/patches/patch-aq deleted
pkgsrc/graphics/netpbm/patches/patch-ar deleted
pkgsrc/graphics/netpbm/patches/patch-as deleted
pkgsrc/graphics/netpbm/patches/patch-at deleted
pkgsrc/graphics/netpbm/patches/patch-au deleted
:
(more 9 files)
Pullup ticket 3022 - requested by taca
security update
Revisions pulled up:
- pkgsrc/graphics/netpbm/Makefile
- pkgsrc/graphics/netpbm/distinfo
- pkgsrc/graphics/netpbm/patches/patch-aa
- pkgsrc/graphics/netpbm/patches/patch-ao
- pkgsrc/graphics/netpbm/patches/patch-da
- pkgsrc/graphics/netpbm/patches/patch-db
- pkgsrc/graphics/netpbm/patches/patch-dd
Files added:
pkgsrc/graphics/netpbm/PLIST
pkgsrc/graphics/netpbm/patches/patch-ec
Files deleted:
pkgsrc/graphics/netpbm/patches/patch-ac
pkgsrc/graphics/netpbm/patches/patch-af
pkgsrc/graphics/netpbm/patches/patch-ag
pkgsrc/graphics/netpbm/patches/patch-ai
pkgsrc/graphics/netpbm/patches/patch-aj
pkgsrc/graphics/netpbm/patches/patch-ak
pkgsrc/graphics/netpbm/patches/patch-al
pkgsrc/graphics/netpbm/patches/patch-am
pkgsrc/graphics/netpbm/patches/patch-an
pkgsrc/graphics/netpbm/patches/patch-ap
pkgsrc/graphics/netpbm/patches/patch-aq
pkgsrc/graphics/netpbm/patches/patch-ar
pkgsrc/graphics/netpbm/patches/patch-as
pkgsrc/graphics/netpbm/patches/patch-at
pkgsrc/graphics/netpbm/patches/patch-au
pkgsrc/graphics/netpbm/patches/patch-av
pkgsrc/graphics/netpbm/patches/patch-az
pkgsrc/graphics/netpbm/patches/patch-ba
pkgsrc/graphics/netpbm/patches/patch-ca
pkgsrc/graphics/netpbm/patches/patch-ea
--------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Fri Feb 19 18:25:44 UTC 2010
Modified Files:
pkgsrc/graphics/netpbm: Makefile distinfo
pkgsrc/graphics/netpbm/patches: patch-aa patch-ao patch-da patch-db
patch-dd
Added Files:
pkgsrc/graphics/netpbm: PLIST
pkgsrc/graphics/netpbm/patches: patch-ec
Removed Files:
pkgsrc/graphics/netpbm/patches: patch-ac patch-af patch-ag patch-ai
patch-aj patch-ak patch-al patch-am patch-an patch-ap patch-aq
patch-ar patch-as patch-at patch-au patch-av patch-az patch-ba
patch-ca patch-ea
Log Message:
update to 10.35.73
changes: many bugfixes, especially:
xpmtoppm: fix wild pointer with color index > 127.
which fixes a stack-based buffer overflow (CVE-2009-4274)
pkgsrc change: use a fixed PLIST instead of generating on install,
helps to detect problems
To generate a diff of this commit:
cvs rdiff -u -r1.164 -r1.165 pkgsrc/graphics/netpbm/Makefile
cvs rdiff -u -r0 -r1.6 pkgsrc/graphics/netpbm/PLIST
cvs rdiff -u -r1.71 -r1.72 pkgsrc/graphics/netpbm/distinfo
cvs rdiff -u -r1.39 -r1.40 pkgsrc/graphics/netpbm/patches/patch-aa
cvs rdiff -u -r1.17 -r0 pkgsrc/graphics/netpbm/patches/patch-ac
cvs rdiff -u -r1.12 -r0 pkgsrc/graphics/netpbm/patches/patch-af
cvs rdiff -u -r1.18 -r0 pkgsrc/graphics/netpbm/patches/patch-ag
cvs rdiff -u -r1.11 -r0 pkgsrc/graphics/netpbm/patches/patch-ai \
pkgsrc/graphics/netpbm/patches/patch-aj
cvs rdiff -u -r1.7 -r0 pkgsrc/graphics/netpbm/patches/patch-ak
cvs rdiff -u -r1.3 -r0 pkgsrc/graphics/netpbm/patches/patch-al \
pkgsrc/graphics/netpbm/patches/patch-am \
pkgsrc/graphics/netpbm/patches/patch-an \
pkgsrc/graphics/netpbm/patches/patch-ap \
pkgsrc/graphics/netpbm/patches/patch-aq \
pkgsrc/graphics/netpbm/patches/patch-ar \
pkgsrc/graphics/netpbm/patches/patch-as \
pkgsrc/graphics/netpbm/patches/patch-at \
pkgsrc/graphics/netpbm/patches/patch-au
cvs rdiff -u -r1.3 -r1.4 pkgsrc/graphics/netpbm/patches/patch-ao
cvs rdiff -u -r1.4 -r0 pkgsrc/graphics/netpbm/patches/patch-av \
pkgsrc/graphics/netpbm/patches/patch-az
cvs rdiff -u -r1.5 -r0 pkgsrc/graphics/netpbm/patches/patch-ba
cvs rdiff -u -r1.1 -r0 pkgsrc/graphics/netpbm/patches/patch-ca \
pkgsrc/graphics/netpbm/patches/patch-ea
cvs rdiff -u -r1.1 -r1.2 pkgsrc/graphics/netpbm/patches/patch-da \
pkgsrc/graphics/netpbm/patches/patch-db \
pkgsrc/graphics/netpbm/patches/patch-dd
cvs rdiff -u -r0 -r1.1 pkgsrc/graphics/netpbm/patches/patch-ec
security update
Revisions pulled up:
- pkgsrc/graphics/netpbm/Makefile
- pkgsrc/graphics/netpbm/distinfo
- pkgsrc/graphics/netpbm/patches/patch-aa
- pkgsrc/graphics/netpbm/patches/patch-ao
- pkgsrc/graphics/netpbm/patches/patch-da
- pkgsrc/graphics/netpbm/patches/patch-db
- pkgsrc/graphics/netpbm/patches/patch-dd
Files added:
pkgsrc/graphics/netpbm/PLIST
pkgsrc/graphics/netpbm/patches/patch-ec
Files deleted:
pkgsrc/graphics/netpbm/patches/patch-ac
pkgsrc/graphics/netpbm/patches/patch-af
pkgsrc/graphics/netpbm/patches/patch-ag
pkgsrc/graphics/netpbm/patches/patch-ai
pkgsrc/graphics/netpbm/patches/patch-aj
pkgsrc/graphics/netpbm/patches/patch-ak
pkgsrc/graphics/netpbm/patches/patch-al
pkgsrc/graphics/netpbm/patches/patch-am
pkgsrc/graphics/netpbm/patches/patch-an
pkgsrc/graphics/netpbm/patches/patch-ap
pkgsrc/graphics/netpbm/patches/patch-aq
pkgsrc/graphics/netpbm/patches/patch-ar
pkgsrc/graphics/netpbm/patches/patch-as
pkgsrc/graphics/netpbm/patches/patch-at
pkgsrc/graphics/netpbm/patches/patch-au
pkgsrc/graphics/netpbm/patches/patch-av
pkgsrc/graphics/netpbm/patches/patch-az
pkgsrc/graphics/netpbm/patches/patch-ba
pkgsrc/graphics/netpbm/patches/patch-ca
pkgsrc/graphics/netpbm/patches/patch-ea
--------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Fri Feb 19 18:25:44 UTC 2010
Modified Files:
pkgsrc/graphics/netpbm: Makefile distinfo
pkgsrc/graphics/netpbm/patches: patch-aa patch-ao patch-da patch-db
patch-dd
Added Files:
pkgsrc/graphics/netpbm: PLIST
pkgsrc/graphics/netpbm/patches: patch-ec
Removed Files:
pkgsrc/graphics/netpbm/patches: patch-ac patch-af patch-ag patch-ai
patch-aj patch-ak patch-al patch-am patch-an patch-ap patch-aq
patch-ar patch-as patch-at patch-au patch-av patch-az patch-ba
patch-ca patch-ea
Log Message:
update to 10.35.73
changes: many bugfixes, especially:
xpmtoppm: fix wild pointer with color index > 127.
which fixes a stack-based buffer overflow (CVE-2009-4274)
pkgsrc change: use a fixed PLIST instead of generating on install,
helps to detect problems
To generate a diff of this commit:
cvs rdiff -u -r1.164 -r1.165 pkgsrc/graphics/netpbm/Makefile
cvs rdiff -u -r0 -r1.6 pkgsrc/graphics/netpbm/PLIST
cvs rdiff -u -r1.71 -r1.72 pkgsrc/graphics/netpbm/distinfo
cvs rdiff -u -r1.39 -r1.40 pkgsrc/graphics/netpbm/patches/patch-aa
cvs rdiff -u -r1.17 -r0 pkgsrc/graphics/netpbm/patches/patch-ac
cvs rdiff -u -r1.12 -r0 pkgsrc/graphics/netpbm/patches/patch-af
cvs rdiff -u -r1.18 -r0 pkgsrc/graphics/netpbm/patches/patch-ag
cvs rdiff -u -r1.11 -r0 pkgsrc/graphics/netpbm/patches/patch-ai \
pkgsrc/graphics/netpbm/patches/patch-aj
cvs rdiff -u -r1.7 -r0 pkgsrc/graphics/netpbm/patches/patch-ak
cvs rdiff -u -r1.3 -r0 pkgsrc/graphics/netpbm/patches/patch-al \
pkgsrc/graphics/netpbm/patches/patch-am \
pkgsrc/graphics/netpbm/patches/patch-an \
pkgsrc/graphics/netpbm/patches/patch-ap \
pkgsrc/graphics/netpbm/patches/patch-aq \
pkgsrc/graphics/netpbm/patches/patch-ar \
pkgsrc/graphics/netpbm/patches/patch-as \
pkgsrc/graphics/netpbm/patches/patch-at \
pkgsrc/graphics/netpbm/patches/patch-au
cvs rdiff -u -r1.3 -r1.4 pkgsrc/graphics/netpbm/patches/patch-ao
cvs rdiff -u -r1.4 -r0 pkgsrc/graphics/netpbm/patches/patch-av \
pkgsrc/graphics/netpbm/patches/patch-az
cvs rdiff -u -r1.5 -r0 pkgsrc/graphics/netpbm/patches/patch-ba
cvs rdiff -u -r1.1 -r0 pkgsrc/graphics/netpbm/patches/patch-ca \
pkgsrc/graphics/netpbm/patches/patch-ea
cvs rdiff -u -r1.1 -r1.2 pkgsrc/graphics/netpbm/patches/patch-da \
pkgsrc/graphics/netpbm/patches/patch-db \
pkgsrc/graphics/netpbm/patches/patch-dd
cvs rdiff -u -r0 -r1.1 pkgsrc/graphics/netpbm/patches/patch-ec
MAIN commitmail json YAML
pkgsrc/net/irrd/MESSAGE@1.1
/
diff
pkgsrc/net/irrd/Makefile@1.42 / diff
pkgsrc/net/irrd/PLIST@1.6 / diff
pkgsrc/net/irrd/distinfo@1.13 / diff
pkgsrc/net/irrd/files/irrd.sh@1.1 / diff
pkgsrc/net/irrd/patches/patch-aa@1.8 / diff
pkgsrc/net/irrd/patches/patch-ab deleted
pkgsrc/net/irrd/patches/patch-ac deleted
pkgsrc/net/irrd/patches/patch-ae@1.3 / diff
pkgsrc/net/irrd/patches/patch-af@1.3 / diff
pkgsrc/net/irrd/patches/patch-ag@1.3 / diff
pkgsrc/net/irrd/patches/patch-ah@1.3 / diff
pkgsrc/net/irrd/patches/patch-ai@1.3 / diff
pkgsrc/net/irrd/patches/patch-aj@1.3 / diff
pkgsrc/net/irrd/Makefile@1.42 / diff
pkgsrc/net/irrd/PLIST@1.6 / diff
pkgsrc/net/irrd/distinfo@1.13 / diff
pkgsrc/net/irrd/files/irrd.sh@1.1 / diff
pkgsrc/net/irrd/patches/patch-aa@1.8 / diff
pkgsrc/net/irrd/patches/patch-ab deleted
pkgsrc/net/irrd/patches/patch-ac deleted
pkgsrc/net/irrd/patches/patch-ae@1.3 / diff
pkgsrc/net/irrd/patches/patch-af@1.3 / diff
pkgsrc/net/irrd/patches/patch-ag@1.3 / diff
pkgsrc/net/irrd/patches/patch-ah@1.3 / diff
pkgsrc/net/irrd/patches/patch-ai@1.3 / diff
pkgsrc/net/irrd/patches/patch-aj@1.3 / diff
pkgsrc-2009Q4 commitmail json YAML
pullup #3015
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/pkgtools/x11-links/Makefile@1.107.2.1
/
diff
pkgsrc/pkgtools/x11-links/files/xfree.libXpm@1.1.2.2 / diff
pkgsrc/pkgtools/x11-links/files/xfree.xpm deleted
pkgsrc/pkgtools/x11-links/files/xfree.libXpm@1.1.2.2 / diff
pkgsrc/pkgtools/x11-links/files/xfree.xpm deleted
Pullup ticket 3015 - requested by bouyer
bug fix
Revisions pulled up:
- pkgsrc/pkgtools/x11-links/Makefile 1.110
Files added:
pkgsrc/pkgtools/x11-links/files/xfree.libXpm
Files deleted:
pkgsrc/pkgtools/x11-links/files/xfree.xpm
--------------------------------------------------------------------
Module Name: pkgsrc
Committed By: bouyer
Date: Sat Feb 20 16:23:29 UTC 2010
Modified Files:
pkgsrc/pkgtools/x11-links: Makefile
Added Files:
pkgsrc/pkgtools/x11-links/files: xfree.libXpm
Removed Files:
pkgsrc/pkgtools/x11-links/files: xfree.xpm
Log Message:
Rename xfree.xpm to xfree.libXpm, so that xfree.mk will find it.
Fixes PR pkg/42827 and should also fix pkg/42671 once pulled up.
PKGREVISION++
To generate a diff of this commit:
cvs rdiff -u -r1.109 -r1.110 pkgsrc/pkgtools/x11-links/Makefile
cvs rdiff -u -r0 -r1.1 pkgsrc/pkgtools/x11-links/files/xfree.libXpm
cvs rdiff -u -r1.3 -r0 pkgsrc/pkgtools/x11-links/files/xfree.xpm
bug fix
Revisions pulled up:
- pkgsrc/pkgtools/x11-links/Makefile 1.110
Files added:
pkgsrc/pkgtools/x11-links/files/xfree.libXpm
Files deleted:
pkgsrc/pkgtools/x11-links/files/xfree.xpm
--------------------------------------------------------------------
Module Name: pkgsrc
Committed By: bouyer
Date: Sat Feb 20 16:23:29 UTC 2010
Modified Files:
pkgsrc/pkgtools/x11-links: Makefile
Added Files:
pkgsrc/pkgtools/x11-links/files: xfree.libXpm
Removed Files:
pkgsrc/pkgtools/x11-links/files: xfree.xpm
Log Message:
Rename xfree.xpm to xfree.libXpm, so that xfree.mk will find it.
Fixes PR pkg/42827 and should also fix pkg/42671 once pulled up.
PKGREVISION++
To generate a diff of this commit:
cvs rdiff -u -r1.109 -r1.110 pkgsrc/pkgtools/x11-links/Makefile
cvs rdiff -u -r0 -r1.1 pkgsrc/pkgtools/x11-links/files/xfree.libXpm
cvs rdiff -u -r1.3 -r0 pkgsrc/pkgtools/x11-links/files/xfree.xpm
MAIN commitmail json YAML
if xymonclient isn't safe for make-jobs, xymon won't be either, so
set MAKE_JOBS_SAFE=NO here too
set MAKE_JOBS_SAFE=NO here too
MAIN commitmail json YAML
a irreproducible error report suggests MAKE_JOBS_SAFE=NO should be set
pkgsrc-2009Q4 commitmail json YAML
pullup #3009
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/devel/nspr/Makefile@1.32.2.1
/
diff
pkgsrc/devel/xulrunner/dist.mk@1.3.2.1 / diff
pkgsrc/devel/xulrunner/distinfo@1.22.2.1 / diff
pkgsrc/www/firefox/Makefile@1.65.2.1 / diff
pkgsrc/devel/xulrunner/dist.mk@1.3.2.1 / diff
pkgsrc/devel/xulrunner/distinfo@1.22.2.1 / diff
pkgsrc/www/firefox/Makefile@1.65.2.1 / diff
Pullup ticket 3009 - requested by tnn
security and bug fixes
Revisions pulled up:
- pkgsrc/devel/nspr/Makefile by patch to equiv of 1.34
- pkgsrc/devel/xulrunner/dist.mk by patch to equiv of 1.7
- pkgsrc/devel/xulrunner/distinfo by patch to equiv of 1.24
- pkgsrc/www/firefox/Makefile by patch to equiv of 1.70
--------------------------------------------------------------------
The attached diff against 2009Q4 updates firefox to 3.5.8.
This is a security and bugfix update.
security and bug fixes
Revisions pulled up:
- pkgsrc/devel/nspr/Makefile by patch to equiv of 1.34
- pkgsrc/devel/xulrunner/dist.mk by patch to equiv of 1.7
- pkgsrc/devel/xulrunner/distinfo by patch to equiv of 1.24
- pkgsrc/www/firefox/Makefile by patch to equiv of 1.70
--------------------------------------------------------------------
The attached diff against 2009Q4 updates firefox to 3.5.8.
This is a security and bugfix update.
pkgsrc-2009Q4 commitmail json YAML
pullups #3002 - #3007
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/misc/rubygems/Makefile@1.29.4.1
/
diff
pkgsrc/misc/rubygems/distinfo@1.23.4.1 / diff
pkgsrc/misc/rubygems/patches/patch-ag@1.5.4.1 / diff
pkgsrc/misc/rubygems/distinfo@1.23.4.1 / diff
pkgsrc/misc/rubygems/patches/patch-ag@1.5.4.1 / diff
Pullup ticket 3005 - requested by taca
functionality fix
Revisions pulled up:
- pkgsrc/misc/rubygems/Makefile 1.30
- pkgsrc/misc/rubygems/distinfo 1.24
- pkgsrc/misc/rubygems/patches/patch-ag 1.6
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: fhajny
Date: Wed Jan 27 13:21:58 UTC 2010
Modified Files:
pkgsrc/misc/rubygems: Makefile distinfo
pkgsrc/misc/rubygems/patches: patch-ag
Log Message:
Fix (finally) the typo in patch-ag. Previous fix wasn't correct.
To generate a diff of this commit:
cvs rdiff -u -r1.29 -r1.30 pkgsrc/misc/rubygems/Makefile
cvs rdiff -u -r1.23 -r1.24 pkgsrc/misc/rubygems/distinfo
cvs rdiff -u -r1.5 -r1.6 pkgsrc/misc/rubygems/patches/patch-ag
functionality fix
Revisions pulled up:
- pkgsrc/misc/rubygems/Makefile 1.30
- pkgsrc/misc/rubygems/distinfo 1.24
- pkgsrc/misc/rubygems/patches/patch-ag 1.6
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: fhajny
Date: Wed Jan 27 13:21:58 UTC 2010
Modified Files:
pkgsrc/misc/rubygems: Makefile distinfo
pkgsrc/misc/rubygems/patches: patch-ag
Log Message:
Fix (finally) the typo in patch-ag. Previous fix wasn't correct.
To generate a diff of this commit:
cvs rdiff -u -r1.29 -r1.30 pkgsrc/misc/rubygems/Makefile
cvs rdiff -u -r1.23 -r1.24 pkgsrc/misc/rubygems/distinfo
cvs rdiff -u -r1.5 -r1.6 pkgsrc/misc/rubygems/patches/patch-ag
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/cross/h8300-hms-gcc/Makefile@1.23.8.1
/
diff
pkgsrc/cross/h8300-hms-gcc/distinfo@1.3.34.1 / diff
pkgsrc/cross/h8300-hms-gcc/patches/patch-aa@1.2.2.2 / diff
pkgsrc/cross/h8300-hms-gcc/patches/patch-ab@1.2.2.2 / diff
pkgsrc/cross/h8300-hms-gcc/distinfo@1.3.34.1 / diff
pkgsrc/cross/h8300-hms-gcc/patches/patch-aa@1.2.2.2 / diff
pkgsrc/cross/h8300-hms-gcc/patches/patch-ab@1.2.2.2 / diff
Pullup ticket 3007 - requested by dholland
build fix
Revisions pulled up:
- pkgsrc/cross/h8300-hms-gcc/Makefile 1.24
- pkgsrc/cross/h8300-hms-gcc/distinfo 1.4
Files added:
pkgsrc/cross/h8300-hms-gcc/patches/patch-aa
pkgsrc/cross/h8300-hms-gcc/patches/patch-ab
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: dholland
Date: Sun Feb 14 06:28:07 UTC 2010
Modified Files:
pkgsrc/cross/h8300-hms-gcc: Makefile distinfo
Added Files:
pkgsrc/cross/h8300-hms-gcc/patches: patch-aa patch-ab
Log Message:
Patch out the illegal C found in old gcc versions. Fixes broken build.
To generate a diff of this commit:
cvs rdiff -u -r1.23 -r1.24 pkgsrc/cross/h8300-hms-gcc/Makefile
cvs rdiff -u -r1.3 -r1.4 pkgsrc/cross/h8300-hms-gcc/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/cross/h8300-hms-gcc/patches/patch-aa \
pkgsrc/cross/h8300-hms-gcc/patches/patch-ab
build fix
Revisions pulled up:
- pkgsrc/cross/h8300-hms-gcc/Makefile 1.24
- pkgsrc/cross/h8300-hms-gcc/distinfo 1.4
Files added:
pkgsrc/cross/h8300-hms-gcc/patches/patch-aa
pkgsrc/cross/h8300-hms-gcc/patches/patch-ab
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: dholland
Date: Sun Feb 14 06:28:07 UTC 2010
Modified Files:
pkgsrc/cross/h8300-hms-gcc: Makefile distinfo
Added Files:
pkgsrc/cross/h8300-hms-gcc/patches: patch-aa patch-ab
Log Message:
Patch out the illegal C found in old gcc versions. Fixes broken build.
To generate a diff of this commit:
cvs rdiff -u -r1.23 -r1.24 pkgsrc/cross/h8300-hms-gcc/Makefile
cvs rdiff -u -r1.3 -r1.4 pkgsrc/cross/h8300-hms-gcc/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/cross/h8300-hms-gcc/patches/patch-aa \
pkgsrc/cross/h8300-hms-gcc/patches/patch-ab
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/mail/fetchmail/Makefile@1.169.4.1
/
diff
pkgsrc/mail/fetchmail/distinfo@1.40.4.1 / diff
pkgsrc/mail/fetchmailconf/Makefile@1.75.4.1 / diff
pkgsrc/mail/fetchmail/distinfo@1.40.4.1 / diff
pkgsrc/mail/fetchmailconf/Makefile@1.75.4.1 / diff
Pullup ticket 3006 - requested by tron
security update
Revisions pulled up:
- pkgsrc/mail/fetchmail/Makefile 1.170
- pkgsrc/mail/fetchmail/distinfo 1.41
- pkgsrc/mail/fetchmailconf/Makefile 1.78
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Sun Feb 14 09:46:00 UTC 2010
Modified Files:
pkgsrc/mail/fetchmail: Makefile distinfo
Log Message:
Update to 6.3.14:
fetchmail 6.3.14 (released 2010-02-05, 25487 LoC):
# SECURITY FIXES
* SSL/TLS certificate information is now also reported properly on computers
that consider the "char" type signed. Fixes malloc() buffer overrun.
Workaround for older versions: do not use verbose mode.
See fetchmail-SA-2010-01.txt for details, including a minimal patch.
# BUG FIXES
* The IMAP client no longer skips messages from several IMAP servers including
Dovecot if fetchmail's "idle" is in use. Causes were that fetchmail (a)
ignored some untagged responses when it should not (b) relied on EXISTS
messages in response to EXPUNGE, which aren't mandated by RFC-3501 (the IMAP
standard) and aren't sent by Dovecot either.
Fix by Sunil Shetye (the fix also consolidates IMAP response handling,
improving overall robustness of the IMAP client), bug report and testing by
Matt Doran, with further hints from Timo Sirainen.
* The SMTP client now recovers from errors (such as servers dropping the
connection after errors) when sending an RSET command.
Fix by Sunil Shetye. Report by James Moe.
* The IMAP client now uses "SEARCH UNSEEN" rather than "SEARCH UNSEEN NOT
DELETED" again on IMAP2, to fix a regression in fetchmail 6.2.5 reported by
Will Stringer in June 2004. (Sunil Shetye)
* The IMAP client now uses "SEARCH UNSEEN UNDELETED" on IMAP4 and IMAP4r1
servers (Sunil Shetye).
* Workaround: The IMAP client now falls back to "FETCH n:m FLAGS" if the server
does not support "SEARCH". (Sunil Shetye)
* The IMAP client now requests message numbers in batches of 1,000 to avoid
problems if there are more than 1860 unseen messages. (Sunil Shetye)
Note that this wasn't security relevant because fetchmail would only read up
to the maximum buffer size and leave the remainder of the string unread, going
out of synch afterwards.
* Stricter validation of IMAP responses containing byte or message counts.
# CHANGES
* Only include gssapi.h if we're not including gssapi/gssapi.h, to fix a FreeBSD
compiler warning about gssapi.h being obsolete.
# DOCUMENTATION
* The README.SSL document was revised for grammar, spelling, and clarity.
Courtesy of Robert Mullin.
fetchmail 6.3.13 (released 2009-10-30, 25333 LoC):
# REGRESSION FIXES
* The multiline SMTP error fix in release 6.3.12 caused fetchmail to lose
message codes 400..599 and treat all of these as temporary error. This would
cause messages to be left on the server even if softbounce was turned off.
Reported by Thomas Jarosch.
fetchmail 6.3.12 (released 2009-10-05):
# REGRESSION FIXES
* The CVS-2009-2666 fix in fetchmail release 6.3.11 caused a free() of
unallocated memory on SSL connections, which caused crashes or program aborts
on some systems (depending on how initialization and free() of unallocated
memory is handled in compiler and libc).
Workaround for older versions: run in verbose mode.
Patch courtesy of Thomas Heinz, fixes Gentoo Bug #280760.
This regression affected only the 6.3.11 release, but not the patch that was
part of the security announcement fetchmail-SA-2009-01.
# BUG FIXES
* Fix error reporting for GSSAPI on Heimdal (h5l) Kerberos.
* Look for MD5_Init in libcrypto rather than libssl, fixes Gentoo Kerberos
builds; fixes upstream parts of Gentoo Bugs #231400 and #185652, and fixes
BerliOS Bug #16134.
* Report multiline SMTP errors properly, reported by Earl Chew; fixes Debian Bug
#529899, reported by Akihiro Terasaki.
Note: This fix introduced a regression, fixed in 6.3.13.
* Replace control characters in SMTP replies by '?'.
* Fetchmailconf: Fix descriptions for smtpaddress and smtpname options;
smtpaddress is for RCPT TO, not MAIL FROM. Found by Gerard Seibert.
..as well as translation updates in all three releases.
To generate a diff of this commit:
cvs rdiff -u -r1.169 -r1.170 pkgsrc/mail/fetchmail/Makefile
cvs rdiff -u -r1.40 -r1.41 pkgsrc/mail/fetchmail/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tnn
Date: Sun Feb 14 13:06:32 UTC 2010
Modified Files:
pkgsrc/mail/fetchmailconf: Makefile
Log Message:
catch up w/ fetchmail
To generate a diff of this commit:
cvs rdiff -u -r1.77 -r1.78 pkgsrc/mail/fetchmailconf/Makefile
security update
Revisions pulled up:
- pkgsrc/mail/fetchmail/Makefile 1.170
- pkgsrc/mail/fetchmail/distinfo 1.41
- pkgsrc/mail/fetchmailconf/Makefile 1.78
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Sun Feb 14 09:46:00 UTC 2010
Modified Files:
pkgsrc/mail/fetchmail: Makefile distinfo
Log Message:
Update to 6.3.14:
fetchmail 6.3.14 (released 2010-02-05, 25487 LoC):
# SECURITY FIXES
* SSL/TLS certificate information is now also reported properly on computers
that consider the "char" type signed. Fixes malloc() buffer overrun.
Workaround for older versions: do not use verbose mode.
See fetchmail-SA-2010-01.txt for details, including a minimal patch.
# BUG FIXES
* The IMAP client no longer skips messages from several IMAP servers including
Dovecot if fetchmail's "idle" is in use. Causes were that fetchmail (a)
ignored some untagged responses when it should not (b) relied on EXISTS
messages in response to EXPUNGE, which aren't mandated by RFC-3501 (the IMAP
standard) and aren't sent by Dovecot either.
Fix by Sunil Shetye (the fix also consolidates IMAP response handling,
improving overall robustness of the IMAP client), bug report and testing by
Matt Doran, with further hints from Timo Sirainen.
* The SMTP client now recovers from errors (such as servers dropping the
connection after errors) when sending an RSET command.
Fix by Sunil Shetye. Report by James Moe.
* The IMAP client now uses "SEARCH UNSEEN" rather than "SEARCH UNSEEN NOT
DELETED" again on IMAP2, to fix a regression in fetchmail 6.2.5 reported by
Will Stringer in June 2004. (Sunil Shetye)
* The IMAP client now uses "SEARCH UNSEEN UNDELETED" on IMAP4 and IMAP4r1
servers (Sunil Shetye).
* Workaround: The IMAP client now falls back to "FETCH n:m FLAGS" if the server
does not support "SEARCH". (Sunil Shetye)
* The IMAP client now requests message numbers in batches of 1,000 to avoid
problems if there are more than 1860 unseen messages. (Sunil Shetye)
Note that this wasn't security relevant because fetchmail would only read up
to the maximum buffer size and leave the remainder of the string unread, going
out of synch afterwards.
* Stricter validation of IMAP responses containing byte or message counts.
# CHANGES
* Only include gssapi.h if we're not including gssapi/gssapi.h, to fix a FreeBSD
compiler warning about gssapi.h being obsolete.
# DOCUMENTATION
* The README.SSL document was revised for grammar, spelling, and clarity.
Courtesy of Robert Mullin.
fetchmail 6.3.13 (released 2009-10-30, 25333 LoC):
# REGRESSION FIXES
* The multiline SMTP error fix in release 6.3.12 caused fetchmail to lose
message codes 400..599 and treat all of these as temporary error. This would
cause messages to be left on the server even if softbounce was turned off.
Reported by Thomas Jarosch.
fetchmail 6.3.12 (released 2009-10-05):
# REGRESSION FIXES
* The CVS-2009-2666 fix in fetchmail release 6.3.11 caused a free() of
unallocated memory on SSL connections, which caused crashes or program aborts
on some systems (depending on how initialization and free() of unallocated
memory is handled in compiler and libc).
Workaround for older versions: run in verbose mode.
Patch courtesy of Thomas Heinz, fixes Gentoo Bug #280760.
This regression affected only the 6.3.11 release, but not the patch that was
part of the security announcement fetchmail-SA-2009-01.
# BUG FIXES
* Fix error reporting for GSSAPI on Heimdal (h5l) Kerberos.
* Look for MD5_Init in libcrypto rather than libssl, fixes Gentoo Kerberos
builds; fixes upstream parts of Gentoo Bugs #231400 and #185652, and fixes
BerliOS Bug #16134.
* Report multiline SMTP errors properly, reported by Earl Chew; fixes Debian Bug
#529899, reported by Akihiro Terasaki.
Note: This fix introduced a regression, fixed in 6.3.13.
* Replace control characters in SMTP replies by '?'.
* Fetchmailconf: Fix descriptions for smtpaddress and smtpname options;
smtpaddress is for RCPT TO, not MAIL FROM. Found by Gerard Seibert.
..as well as translation updates in all three releases.
To generate a diff of this commit:
cvs rdiff -u -r1.169 -r1.170 pkgsrc/mail/fetchmail/Makefile
cvs rdiff -u -r1.40 -r1.41 pkgsrc/mail/fetchmail/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tnn
Date: Sun Feb 14 13:06:32 UTC 2010
Modified Files:
pkgsrc/mail/fetchmailconf: Makefile
Log Message:
catch up w/ fetchmail
To generate a diff of this commit:
cvs rdiff -u -r1.77 -r1.78 pkgsrc/mail/fetchmailconf/Makefile
pkgsrc-2009Q4 commitmail json YAML
Pullup ticket 3004 - requested by taca
security fix
Revisions pulled up:
- pkgsrc/security/f-prot-antivirus6-ms-bin/Makefile 1.2
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sun Feb 14 10:56:32 UTC 2010
Modified Files:
pkgsrc/security/f-prot-antivirus6-ms-bin: Makefile
Log Message:
It was missing to replace user in scan-mail.pl.
Add FPROT_GROUP and FPROT_USER to proper handling that user.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 \
pkgsrc/security/f-prot-antivirus6-ms-bin/Makefile
security fix
Revisions pulled up:
- pkgsrc/security/f-prot-antivirus6-ms-bin/Makefile 1.2
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sun Feb 14 10:56:32 UTC 2010
Modified Files:
pkgsrc/security/f-prot-antivirus6-ms-bin: Makefile
Log Message:
It was missing to replace user in scan-mail.pl.
Add FPROT_GROUP and FPROT_USER to proper handling that user.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 \
pkgsrc/security/f-prot-antivirus6-ms-bin/Makefile
pkgsrc-2009Q4 commitmail json YAML
Pullup ticket 3003 - requested by taca
security update
Revisions pulled up:
- pkgsrc/www/squid30/Makefile 1.20
- pkgsrc/www/squid30/distinfo 1.18
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sun Feb 14 13:37:02 UTC 2010
Modified Files:
pkgsrc/www/squid30: Makefile distinfo
Log Message:
Update squid to 3.0.24 (3.0.STABLE24).
Changes to squid-3.0.STABLE24 (13 Feb 2010):
- Bug 2858: Segment violation in HTCP
- Updated refresh pattern for dynamic pages
To generate a diff of this commit:
cvs rdiff -u -r1.19 -r1.20 pkgsrc/www/squid30/Makefile
cvs rdiff -u -r1.17 -r1.18 pkgsrc/www/squid30/distinfo
security update
Revisions pulled up:
- pkgsrc/www/squid30/Makefile 1.20
- pkgsrc/www/squid30/distinfo 1.18
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sun Feb 14 13:37:02 UTC 2010
Modified Files:
pkgsrc/www/squid30: Makefile distinfo
Log Message:
Update squid to 3.0.24 (3.0.STABLE24).
Changes to squid-3.0.STABLE24 (13 Feb 2010):
- Bug 2858: Segment violation in HTCP
- Updated refresh pattern for dynamic pages
To generate a diff of this commit:
cvs rdiff -u -r1.19 -r1.20 pkgsrc/www/squid30/Makefile
cvs rdiff -u -r1.17 -r1.18 pkgsrc/www/squid30/distinfo
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/www/squid27/Makefile@1.10.2.2
/
diff
pkgsrc/www/squid27/distinfo@1.6.4.2 / diff
pkgsrc/www/squid27/patches/patch-ao@1.1.2.2 / diff
pkgsrc/www/squid27/distinfo@1.6.4.2 / diff
pkgsrc/www/squid27/patches/patch-ao@1.1.2.2 / diff
Pullup ticket 3002 - requested by taca
security fix
Revisions pulled up:
- pkgsrc/www/squid27/Makefile 1.12
- pkgsrc/www/squid27/distinfo 1.8
Files added:
pkgsrc/www/squid27/patches/patch-ao
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sun Feb 14 13:27:52 UTC 2010
Modified Files:
pkgsrc/www/squid27: Makefile distinfo
Added Files:
pkgsrc/www/squid27/patches: patch-ao
Log Message:
Add a security patch described security advisory SQUID-2010_2.txt,
http://www.squid-cache.org/Advisories/SQUID-2010_2.txt
Patch was the same content as official one.
http://www.squid-cache.org/Versions/v2/2.7/changesets/12600.patch.
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 pkgsrc/www/squid27/Makefile
cvs rdiff -u -r1.7 -r1.8 pkgsrc/www/squid27/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/www/squid27/patches/patch-ao
security fix
Revisions pulled up:
- pkgsrc/www/squid27/Makefile 1.12
- pkgsrc/www/squid27/distinfo 1.8
Files added:
pkgsrc/www/squid27/patches/patch-ao
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sun Feb 14 13:27:52 UTC 2010
Modified Files:
pkgsrc/www/squid27: Makefile distinfo
Added Files:
pkgsrc/www/squid27/patches: patch-ao
Log Message:
Add a security patch described security advisory SQUID-2010_2.txt,
http://www.squid-cache.org/Advisories/SQUID-2010_2.txt
Patch was the same content as official one.
http://www.squid-cache.org/Versions/v2/2.7/changesets/12600.patch.
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 pkgsrc/www/squid27/Makefile
cvs rdiff -u -r1.7 -r1.8 pkgsrc/www/squid27/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/www/squid27/patches/patch-ao
MAIN commitmail json YAML
note addition of xymon and xymonclient
MAIN commitmail json YAML
add xymon
MAIN commitmail json YAML
pkgsrc/net/xymon/DEINSTALL@1.1.1.1
/
diff
pkgsrc/net/xymon/DESCR@1.1.1.1 / diff
pkgsrc/net/xymon/INSTALL@1.1.1.1 / diff
pkgsrc/net/xymon/Makefile@1.1.1.1 / diff
pkgsrc/net/xymon/PLIST@1.1.1.1 / diff
pkgsrc/net/xymon/distinfo@1.1.1.1 / diff
pkgsrc/net/xymon/files/xymon.sh@1.1.1.1 / diff
pkgsrc/net/xymon/patches/patch-aa@1.1.1.1 / diff
pkgsrc/net/xymon/patches/patch-ab@1.1.1.1 / diff
pkgsrc/net/xymon/patches/patch-ac@1.1.1.1 / diff
pkgsrc/net/xymon/patches/patch-ad@1.1.1.1 / diff
pkgsrc/net/xymon/patches/patch-ae@1.1.1.1 / diff
pkgsrc/net/xymon/patches/patch-af@1.1.1.1 / diff
pkgsrc/net/xymon/DESCR@1.1.1.1 / diff
pkgsrc/net/xymon/INSTALL@1.1.1.1 / diff
pkgsrc/net/xymon/Makefile@1.1.1.1 / diff
pkgsrc/net/xymon/PLIST@1.1.1.1 / diff
pkgsrc/net/xymon/distinfo@1.1.1.1 / diff
pkgsrc/net/xymon/files/xymon.sh@1.1.1.1 / diff
pkgsrc/net/xymon/patches/patch-aa@1.1.1.1 / diff
pkgsrc/net/xymon/patches/patch-ab@1.1.1.1 / diff
pkgsrc/net/xymon/patches/patch-ac@1.1.1.1 / diff
pkgsrc/net/xymon/patches/patch-ad@1.1.1.1 / diff
pkgsrc/net/xymon/patches/patch-ae@1.1.1.1 / diff
pkgsrc/net/xymon/patches/patch-af@1.1.1.1 / diff
xymon is the successor to hobbit. This is the server package.
It's a beta, so handle with care.
Status:
Vendor Tag: TNF
Release Tags: pkgsrc-base
It's a beta, so handle with care.
Status:
Vendor Tag: TNF
Release Tags: pkgsrc-base
MAIN commitmail json YAML
startup file improvements: start as the right user, make sure we can use
the pid file when we run as a mere user
the pid file when we run as a mere user
MAIN commitmail json YAML
add xymonclient
MAIN commitmail json YAML
pkgsrc/net/xymonclient/DESCR@1.1.1.1
/
diff
pkgsrc/net/xymonclient/Makefile@1.1.1.1 / diff
pkgsrc/net/xymonclient/PLIST@1.1.1.1 / diff
pkgsrc/net/xymonclient/distinfo@1.1.1.1 / diff
pkgsrc/net/xymonclient/files/xymonclient.sh@1.1.1.1 / diff
pkgsrc/net/xymonclient/patches/patch-aa@1.1.1.1 / diff
pkgsrc/net/xymonclient/patches/patch-ab@1.1.1.1 / diff
pkgsrc/net/xymonclient/patches/patch-ac@1.1.1.1 / diff
pkgsrc/net/xymonclient/patches/patch-ad@1.1.1.1 / diff
pkgsrc/net/xymonclient/patches/patch-ae@1.1.1.1 / diff
pkgsrc/net/xymonclient/patches/patch-af@1.1.1.1 / diff
pkgsrc/net/xymonclient/patches/patch-ag@1.1.1.1 / diff
pkgsrc/net/xymonclient/Makefile@1.1.1.1 / diff
pkgsrc/net/xymonclient/PLIST@1.1.1.1 / diff
pkgsrc/net/xymonclient/distinfo@1.1.1.1 / diff
pkgsrc/net/xymonclient/files/xymonclient.sh@1.1.1.1 / diff
pkgsrc/net/xymonclient/patches/patch-aa@1.1.1.1 / diff
pkgsrc/net/xymonclient/patches/patch-ab@1.1.1.1 / diff
pkgsrc/net/xymonclient/patches/patch-ac@1.1.1.1 / diff
pkgsrc/net/xymonclient/patches/patch-ad@1.1.1.1 / diff
pkgsrc/net/xymonclient/patches/patch-ae@1.1.1.1 / diff
pkgsrc/net/xymonclient/patches/patch-af@1.1.1.1 / diff
pkgsrc/net/xymonclient/patches/patch-ag@1.1.1.1 / diff
xymon is the successor to hobbit. This is the client (aka agent) package.
It's a beta, handle with care.
Status:
Vendor Tag: TNF
Release Tags: pkgsrc-base
It's a beta, handle with care.
Status:
Vendor Tag: TNF
Release Tags: pkgsrc-base
pkgsrc-2009Q4 commitmail json YAML
pullup #2996
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/www/ap-ssl/Makefile@1.107.20.1
/
diff
pkgsrc/www/ap-ssl/distinfo@1.34.20.1 / diff
pkgsrc/www/ap-ssl/patches/patch-ac@1.2.32.1 / diff
pkgsrc/www/apache/Makefile@1.198.20.1 / diff
pkgsrc/www/apache/distinfo@1.59.4.1 / diff
pkgsrc/www/ap-ssl/distinfo@1.34.20.1 / diff
pkgsrc/www/ap-ssl/patches/patch-ac@1.2.32.1 / diff
pkgsrc/www/apache/Makefile@1.198.20.1 / diff
pkgsrc/www/apache/distinfo@1.59.4.1 / diff
Pullup ticket 2996 - requested by dholland
security update
Revisions pulled up:
- pkgsrc/www/apache/Makefile 1.199
- pkgsrc/www/apache/distinfo 1.60
- pkgsrc/www/ap-ssl/Makefile 1.109
- pkgsrc/www/ap-ssl/distinfo 1.35
Files added:
pkgsrc/www/ap-ssl/patches/patch-ac
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: dholland
Date: Tue Feb 9 07:22:06 UTC 2010
Modified Files:
pkgsrc/www/apache: Makefile distinfo
Log Message:
Update to 1.3.42, fixing CVE-2010-0010. Note: this package is now EOL
upstream. The next security bug probably won't get patched, so if you're
still using this, it's time to migrate to 2.x.
To generate a diff of this commit:
cvs rdiff -u -r1.198 -r1.199 pkgsrc/www/apache/Makefile
cvs rdiff -u -r1.59 -r1.60 pkgsrc/www/apache/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: dholland
Date: Wed Feb 10 03:55:18 UTC 2010
Modified Files:
pkgsrc/www/ap-ssl: Makefile distinfo
Added Files:
pkgsrc/www/ap-ssl/patches: patch-ac
Log Message:
Hack this to build against Apache 1.3.42. As 1.3.42 doesn't change
anything significant in the internals, all this requires is patching
the accepted version and bumping BUILDLINK_API_DEPENDS. PKGREVISION++.
To generate a diff of this commit:
cvs rdiff -u -r1.108 -r1.109 pkgsrc/www/ap-ssl/Makefile
cvs rdiff -u -r1.34 -r1.35 pkgsrc/www/ap-ssl/distinfo
cvs rdiff -u -r0 -r1.3 pkgsrc/www/ap-ssl/patches/patch-ac
security update
Revisions pulled up:
- pkgsrc/www/apache/Makefile 1.199
- pkgsrc/www/apache/distinfo 1.60
- pkgsrc/www/ap-ssl/Makefile 1.109
- pkgsrc/www/ap-ssl/distinfo 1.35
Files added:
pkgsrc/www/ap-ssl/patches/patch-ac
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: dholland
Date: Tue Feb 9 07:22:06 UTC 2010
Modified Files:
pkgsrc/www/apache: Makefile distinfo
Log Message:
Update to 1.3.42, fixing CVE-2010-0010. Note: this package is now EOL
upstream. The next security bug probably won't get patched, so if you're
still using this, it's time to migrate to 2.x.
To generate a diff of this commit:
cvs rdiff -u -r1.198 -r1.199 pkgsrc/www/apache/Makefile
cvs rdiff -u -r1.59 -r1.60 pkgsrc/www/apache/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: dholland
Date: Wed Feb 10 03:55:18 UTC 2010
Modified Files:
pkgsrc/www/ap-ssl: Makefile distinfo
Added Files:
pkgsrc/www/ap-ssl/patches: patch-ac
Log Message:
Hack this to build against Apache 1.3.42. As 1.3.42 doesn't change
anything significant in the internals, all this requires is patching
the accepted version and bumping BUILDLINK_API_DEPENDS. PKGREVISION++.
To generate a diff of this commit:
cvs rdiff -u -r1.108 -r1.109 pkgsrc/www/ap-ssl/Makefile
cvs rdiff -u -r1.34 -r1.35 pkgsrc/www/ap-ssl/distinfo
cvs rdiff -u -r0 -r1.3 pkgsrc/www/ap-ssl/patches/patch-ac
pkgsrc-2009Q4 commitmail json YAML
pullup #2993
pkgsrc-2009Q4 commitmail json YAML
Pullup ticket 2993 - requested by heinz
repair update
Revisions pulled up:
- pkgsrc/misc/esniper/Makefile 1.17
- pkgsrc/misc/esniper/distinfo 1.14
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: heinz
Date: Fri Jan 22 20:15:00 UTC 2010
Modified Files:
pkgsrc/misc/esniper: Makefile distinfo
Log Message:
Updated to version 2.22.0
Pkgsrc changes:
- none
Changes since version 2.21.0:
=============================
2010-01-21
* 2.22.0 released
* Fixed bug 2936564: Can't get item number or title
2010-01-06:
* Fixed bugs 2887061 and 2922040: Recognize "bad password" page.
To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.18 pkgsrc/misc/esniper/Makefile
cvs rdiff -u -r1.13 -r1.14 pkgsrc/misc/esniper/distinfo
repair update
Revisions pulled up:
- pkgsrc/misc/esniper/Makefile 1.17
- pkgsrc/misc/esniper/distinfo 1.14
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: heinz
Date: Fri Jan 22 20:15:00 UTC 2010
Modified Files:
pkgsrc/misc/esniper: Makefile distinfo
Log Message:
Updated to version 2.22.0
Pkgsrc changes:
- none
Changes since version 2.21.0:
=============================
2010-01-21
* 2.22.0 released
* Fixed bug 2936564: Can't get item number or title
2010-01-06:
* Fixed bugs 2887061 and 2922040: Recognize "bad password" page.
To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.18 pkgsrc/misc/esniper/Makefile
cvs rdiff -u -r1.13 -r1.14 pkgsrc/misc/esniper/distinfo
pkgsrc-2009Q4 commitmail json YAML
pullup #2991
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/databases/pear-DB/Makefile@1.6.4.1
/
diff
pkgsrc/databases/pear-DB/distinfo@1.1.1.1.44.1 / diff
pkgsrc/databases/pear-DB/distinfo@1.1.1.1.44.1 / diff
Pullup ticket 2991 - requested by taca
security update
Revisions pulled up:
- pkgsrc/databases/pear-DB/Makefile 1.8
- pkgsrc/databases/pear-DB/distinfo 1.2
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sat Feb 6 15:48:17 UTC 2010
Modified Files:
pkgsrc/databases/pear-DB: Makefile distinfo
Log Message:
Update pear-DB package from 1.7.6 to 1.7.13
Since changes are too huge to show here, please refer:
http://pear.php.net/package/DB/download/All
One note from 1.7.8's changes:
This release of DB fixes numerous bugs compared to 1.7.7. Users of previous
versions are encouraged to upgrade in due course.
Users of the pgsql driver should note that this release fixes a security
issue
reported by Yasuo Ohgaki; the security issue is described in more detail by
CVE-2006-2313 and CVE-2006-2314. PostgreSQL users should upgrade to both DB
1.7.8 AND at least PostgreSQL 7.3.15, 7.4.13, 8.0.8, 8.1.4 or 8.2.0 as
soon as
possible if they are using SJIS, BIG5, GBK, GB18030 or UHC as a client
encoding.
longlong
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 pkgsrc/databases/pear-DB/Makefile
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/databases/pear-DB/distinfo
security update
Revisions pulled up:
- pkgsrc/databases/pear-DB/Makefile 1.8
- pkgsrc/databases/pear-DB/distinfo 1.2
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sat Feb 6 15:48:17 UTC 2010
Modified Files:
pkgsrc/databases/pear-DB: Makefile distinfo
Log Message:
Update pear-DB package from 1.7.6 to 1.7.13
Since changes are too huge to show here, please refer:
http://pear.php.net/package/DB/download/All
One note from 1.7.8's changes:
This release of DB fixes numerous bugs compared to 1.7.7. Users of previous
versions are encouraged to upgrade in due course.
Users of the pgsql driver should note that this release fixes a security
issue
reported by Yasuo Ohgaki; the security issue is described in more detail by
CVE-2006-2313 and CVE-2006-2314. PostgreSQL users should upgrade to both DB
1.7.8 AND at least PostgreSQL 7.3.15, 7.4.13, 8.0.8, 8.1.4 or 8.2.0 as
soon as
possible if they are using SJIS, BIG5, GBK, GB18030 or UHC as a client
encoding.
longlong
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 pkgsrc/databases/pear-DB/Makefile
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/databases/pear-DB/distinfo
pkgsrc-2009Q4 commitmail json YAML
pullup #2990
pkgsrc-2009Q4 commitmail json YAML
Pullup ticket 2990 - requested by obache
build fix for php5 with suhosin option
Revisions pulled up:
- pkgsrc/lang/php5/Makefile.php 1.38
- pkgsrc/lang/php5/distinfo 1.72
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: obache
Date: Fri Feb 5 12:15:47 UTC 2010
Modified Files:
pkgsrc/lang/php5: Makefile.php distinfo
Log Message:
Suhosin patch for php-5.2.12 is available now.
Noticed by Volkmar Seifert via PR#42749.
To generate a diff of this commit:
cvs rdiff -u -r1.37 -r1.38 pkgsrc/lang/php5/Makefile.php
cvs rdiff -u -r1.71 -r1.72 pkgsrc/lang/php5/distinfo
build fix for php5 with suhosin option
Revisions pulled up:
- pkgsrc/lang/php5/Makefile.php 1.38
- pkgsrc/lang/php5/distinfo 1.72
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: obache
Date: Fri Feb 5 12:15:47 UTC 2010
Modified Files:
pkgsrc/lang/php5: Makefile.php distinfo
Log Message:
Suhosin patch for php-5.2.12 is available now.
Noticed by Volkmar Seifert via PR#42749.
To generate a diff of this commit:
cvs rdiff -u -r1.37 -r1.38 pkgsrc/lang/php5/Makefile.php
cvs rdiff -u -r1.71 -r1.72 pkgsrc/lang/php5/distinfo
pkgsrc-2009Q4 commitmail json YAML
pullups #2988 and #2989
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/sysutils/puppet/Makefile@1.7.2.1
/
diff
pkgsrc/sysutils/puppet/PLIST@1.8.2.1 / diff
pkgsrc/sysutils/puppet/distinfo@1.5.2.1 / diff
pkgsrc/sysutils/puppet/patches/patch-ae@1.1.2.2 / diff
pkgsrc/sysutils/puppet/patches/patch-af@1.1.2.2 / diff
pkgsrc/sysutils/puppet/PLIST@1.8.2.1 / diff
pkgsrc/sysutils/puppet/distinfo@1.5.2.1 / diff
pkgsrc/sysutils/puppet/patches/patch-ae@1.1.2.2 / diff
pkgsrc/sysutils/puppet/patches/patch-af@1.1.2.2 / diff
Pullup ticket 2989 - requested by taca
security update
Revisions pulled up:
- pkgsrc/sysutils/puppet/Makefile 1.9
- pkgsrc/sysutils/puppet/PLIST 1.9
- pkgsrc/sysutils/puppet/distinfo 1.6
Files added:
pkgsrc/sysutils/puppet/patches/patch-ae
pkgsrc/sysutils/puppet/patches/patch-af
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: joerg
Date: Wed Jan 27 19:51:55 UTC 2010
Modified Files:
pkgsrc/sysutils/puppet: Makefile
Log Message:
DESTDIR support
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 pkgsrc/sysutils/puppet/Makefile
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Feb 4 16:22:03 UTC 2010
Modified Files:
pkgsrc/sysutils/puppet: Makefile PLIST distinfo
Added Files:
pkgsrc/sysutils/puppet/patches: patch-ae patch-af
Log Message:
Update sysutils/puppet to 0.24.9.
* Add LICENSE.
* Add patches for CVE-2009-3564 from puppet's repositry.
* puppet user/group handling which commented out now.
* Some other pkgsrc tweak.
0.24.9
Fix for temporary file issues
(https://bugzilla.redhat.com/show_bug.cgi?id=502881)
To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 pkgsrc/sysutils/puppet/Makefile \
pkgsrc/sysutils/puppet/PLIST
cvs rdiff -u -r1.5 -r1.6 pkgsrc/sysutils/puppet/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/sysutils/puppet/patches/patch-ae \
pkgsrc/sysutils/puppet/patches/patch-af
security update
Revisions pulled up:
- pkgsrc/sysutils/puppet/Makefile 1.9
- pkgsrc/sysutils/puppet/PLIST 1.9
- pkgsrc/sysutils/puppet/distinfo 1.6
Files added:
pkgsrc/sysutils/puppet/patches/patch-ae
pkgsrc/sysutils/puppet/patches/patch-af
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: joerg
Date: Wed Jan 27 19:51:55 UTC 2010
Modified Files:
pkgsrc/sysutils/puppet: Makefile
Log Message:
DESTDIR support
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 pkgsrc/sysutils/puppet/Makefile
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Feb 4 16:22:03 UTC 2010
Modified Files:
pkgsrc/sysutils/puppet: Makefile PLIST distinfo
Added Files:
pkgsrc/sysutils/puppet/patches: patch-ae patch-af
Log Message:
Update sysutils/puppet to 0.24.9.
* Add LICENSE.
* Add patches for CVE-2009-3564 from puppet's repositry.
* puppet user/group handling which commented out now.
* Some other pkgsrc tweak.
0.24.9
Fix for temporary file issues
(https://bugzilla.redhat.com/show_bug.cgi?id=502881)
To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 pkgsrc/sysutils/puppet/Makefile \
pkgsrc/sysutils/puppet/PLIST
cvs rdiff -u -r1.5 -r1.6 pkgsrc/sysutils/puppet/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/sysutils/puppet/patches/patch-ae \
pkgsrc/sysutils/puppet/patches/patch-af
pkgsrc-2009Q4 commitmail json YAML
Pullup ticket 2988 - requested by tron
infrastructure fix
Revisions pulled up:
- pkgsrc/lang/perl5/files/deinstall.tmpl 1.2
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Feb 3 13:29:38 UTC 2010
Modified Files:
pkgsrc/lang/perl5/files: deinstall.tmpl
Log Message:
Don't use "${PKG_PREFIX}" which is not set when this script gets run.
This avoids error messages from "perllink" while deinstalling (or
updateing) a Perl module package.
Fixed based on an analysis provided by Steven Drake on "tech-pkg".
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 pkgsrc/lang/perl5/files/deinstall.tmpl
infrastructure fix
Revisions pulled up:
- pkgsrc/lang/perl5/files/deinstall.tmpl 1.2
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Feb 3 13:29:38 UTC 2010
Modified Files:
pkgsrc/lang/perl5/files: deinstall.tmpl
Log Message:
Don't use "${PKG_PREFIX}" which is not set when this script gets run.
This avoids error messages from "perllink" while deinstalling (or
updateing) a Perl module package.
Fixed based on an analysis provided by Steven Drake on "tech-pkg".
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 pkgsrc/lang/perl5/files/deinstall.tmpl
pkgsrc-2009Q4 commitmail json YAML
pullup #2984
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/www/squid31/Makefile@1.16.2.1
/
diff
pkgsrc/www/squid31/distinfo@1.14.2.1 / diff
pkgsrc/www/squid31/patches/patch-ah deleted
pkgsrc/www/squid31/patches/patch-am deleted
pkgsrc/www/squid31/distinfo@1.14.2.1 / diff
pkgsrc/www/squid31/patches/patch-ah deleted
pkgsrc/www/squid31/patches/patch-am deleted
Pullup ticket 2984 - requested by tron
security update
Revisions pulled up:
- pkgsrc/www/squid31/Makefile 1.17
- pkgsrc/www/squid31/distinfo 1.15
Files removed:
pkgsrc/www/squid31/patches/patch-ah
pkgsrc/www/squid31/patches/patch-am
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Feb 2 13:57:49 UTC 2010
Modified Files:
pkgsrc/www/squid31: Makefile distinfo
Removed Files:
pkgsrc/www/squid31/patches: patch-ah patch-am
Log Message:
Update "squid31" package to version 3.1.0.16. Changes since 3.1.0.15:
- Regression Fix: Make Squid abort on all config parse failures.
- Regression Bug 2811: SNMP client/peer table OID numbering
- Bug 2851: Connection pinning fails when using a peer
- Bug 2850: Mismatch in hier_code enum / hier_strings array
- Bug 2731: Add follow_x_forwarded_for support to ICAP
- Bug 2730: Regressions in follow_x_forwarded_for since Squid-2
- Bug 2706: Set timestamps during ICAP request satisfaction.
- Bug 2553: X-Forwarded-For with IPv6 address not handled correctly
- Fix: WCCPv1 not connecting to router correctly
- Remove obsolete RunCache/RunAccel scripts.
- Add client_ip_max_connections
- Add the http::>ha format code and make http::>h log original request
headers
- ... and all bug fixes from 3.0 up to 3.0.STABLE22
- ... and many more minor build and display annoyances.
This update also contains the fix for the remote DoS vulnerability
reported in "Squid Proxy Cache Security Update Advisory SQUID-2010:1".
To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 pkgsrc/www/squid31/Makefile
cvs rdiff -u -r1.14 -r1.15 pkgsrc/www/squid31/distinfo
cvs rdiff -u -r1.2 -r0 pkgsrc/www/squid31/patches/patch-ah \
pkgsrc/www/squid31/patches/patch-am
security update
Revisions pulled up:
- pkgsrc/www/squid31/Makefile 1.17
- pkgsrc/www/squid31/distinfo 1.15
Files removed:
pkgsrc/www/squid31/patches/patch-ah
pkgsrc/www/squid31/patches/patch-am
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Feb 2 13:57:49 UTC 2010
Modified Files:
pkgsrc/www/squid31: Makefile distinfo
Removed Files:
pkgsrc/www/squid31/patches: patch-ah patch-am
Log Message:
Update "squid31" package to version 3.1.0.16. Changes since 3.1.0.15:
- Regression Fix: Make Squid abort on all config parse failures.
- Regression Bug 2811: SNMP client/peer table OID numbering
- Bug 2851: Connection pinning fails when using a peer
- Bug 2850: Mismatch in hier_code enum / hier_strings array
- Bug 2731: Add follow_x_forwarded_for support to ICAP
- Bug 2730: Regressions in follow_x_forwarded_for since Squid-2
- Bug 2706: Set timestamps during ICAP request satisfaction.
- Bug 2553: X-Forwarded-For with IPv6 address not handled correctly
- Fix: WCCPv1 not connecting to router correctly
- Remove obsolete RunCache/RunAccel scripts.
- Add client_ip_max_connections
- Add the http::>ha format code and make http::>h log original request
headers
- ... and all bug fixes from 3.0 up to 3.0.STABLE22
- ... and many more minor build and display annoyances.
This update also contains the fix for the remote DoS vulnerability
reported in "Squid Proxy Cache Security Update Advisory SQUID-2010:1".
To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 pkgsrc/www/squid31/Makefile
cvs rdiff -u -r1.14 -r1.15 pkgsrc/www/squid31/distinfo
cvs rdiff -u -r1.2 -r0 pkgsrc/www/squid31/patches/patch-ah \
pkgsrc/www/squid31/patches/patch-am
pkgsrc-2009Q4 commitmail json YAML
pullup #2983
pkgsrc-2009Q4 commitmail json YAML
Pullup ticket 2983 - requested by joerg
syntax fix
Revisions pulled up:
- pkgsrc/net/bind9/Makefile 1.113
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: joerg
Date: Mon Feb 1 12:56:28 UTC 2010
Modified Files:
pkgsrc/net/bind9: Makefile
Log Message:
Fix version number. Just assume that -P always should be translated to
pl.
To generate a diff of this commit:
cvs rdiff -u -r1.112 -r1.113 pkgsrc/net/bind9/Makefile
syntax fix
Revisions pulled up:
- pkgsrc/net/bind9/Makefile 1.113
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: joerg
Date: Mon Feb 1 12:56:28 UTC 2010
Modified Files:
pkgsrc/net/bind9: Makefile
Log Message:
Fix version number. Just assume that -P always should be translated to
pl.
To generate a diff of this commit:
cvs rdiff -u -r1.112 -r1.113 pkgsrc/net/bind9/Makefile
MAIN commitmail json YAML
Add readline support and depend on pkgsrc flex for netbsd-5 and earlier
MAIN commitmail json YAML
bumping pkgrevision ought to have gone in with addition of patches/patch-ad
MAIN commitmail json YAML
The comment above the code patch in the new patch file says:
"This is a Hail Mary situation. It seems to work."
It doesn't reliably on NetBSD-5 or -current; namely, it makes flex
spit out a "Broken pipe" when presented with an input file on stdin.
Finding the problem area and suggesting a workaround kudos mlelstv.
There are better ways to fix it properly, which will be employed
in Due Time.
"This is a Hail Mary situation. It seems to work."
It doesn't reliably on NetBSD-5 or -current; namely, it makes flex
spit out a "Broken pipe" when presented with an input file on stdin.
Finding the problem area and suggesting a workaround kudos mlelstv.
There are better ways to fix it properly, which will be employed
in Due Time.
MAIN commitmail json YAML
list new package net/irrtoolset5
MAIN commitmail json YAML
add irrtoolset5
MAIN commitmail json YAML
pkgsrc/net/irrtoolset5/DESCR@1.1.1.1
/
diff
pkgsrc/net/irrtoolset5/Makefile@1.1.1.1 / diff
pkgsrc/net/irrtoolset5/PLIST@1.1.1.1 / diff
pkgsrc/net/irrtoolset5/distinfo@1.1.1.1 / diff
pkgsrc/net/irrtoolset5/Makefile@1.1.1.1 / diff
pkgsrc/net/irrtoolset5/PLIST@1.1.1.1 / diff
pkgsrc/net/irrtoolset5/distinfo@1.1.1.1 / diff
this is the new version (as of yet: release candidate) of irrtoolset,
the client tools to irrd
Status:
Vendor Tag: TNF
Release Tags: pkgsrc-base
the client tools to irrd
Status:
Vendor Tag: TNF
Release Tags: pkgsrc-base
pkgsrc-2009Q4 commitmail json YAML
pullup #2980
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/net/wireshark/Makefile@1.40.2.1
/
diff
pkgsrc/net/wireshark/distinfo@1.27.2.1 / diff
pkgsrc/net/wireshark/patches/patch-ad@1.4.4.1 / diff
pkgsrc/net/wireshark/distinfo@1.27.2.1 / diff
pkgsrc/net/wireshark/patches/patch-ad@1.4.4.1 / diff
Pullup ticket 2980 - requested by tron
security update
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.42
- pkgsrc/net/wireshark/distinfo 1.28
- pkgsrc/net/wireshark/patches/patch-ad 1.5
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Fri Jan 29 12:09:53 UTC 2010
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
pkgsrc/net/wireshark/patches: patch-ad
Log Message:
Update "wireshark" package to version 1.2.6. Changes since version 1.2.5:
- Bug Fixes
The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.
- Babi discovered several buffer overflows in the LWRES
dissector.
The following bugs have been fixed:
- Wireshark could crash while decrypting Kerberos data.
- Address display filters hang Wireshark. (Bug 658)
- PSML - structure context node missing. (Bug 1564)
- Wireshark doesn't dynamically update the packet list. (Bug 1605)
- LUA: There's no tvb_get_stringz() equivalent. (Bug 2244)
- tvb_new_real_data is prone to memory leak. (Bug 3917)
- Malformed OPC UA traffic makes Wireshark "freeze". (Bug 3986)
- Analyze->Expert... doesn't show IP "Bad Checksum" errors. (Bug 4177)
- Wireshark can't decrypt WPA(2)-PSK when passphrase is 63
bytes. (Bug 4183)
- RTP stream analysis: Wrong jitter values after clicking the
refresh button. (Bug 4340)
- Wireshark decodes bootp option 2 incorrectly. (Bug 4342)
- Deleting SMI modules causes Wireshark to crash. (Bug 4354)
- Wireshark decodes kerberos AS-REQ PADATA incorrect. (Bug 4363)
- PDML output from TShark includes invalid characters. (Bug 4402)
- Empty GPRS LLC S frames cause truncated data exception. (Bug 4417)
- Updated Protocol Support
BJNP, BOOTP/DHCP, DHCPv6, FIP, GPRS LLC, IEEE 802.11, IP,
Kerberos, OPCUA, SCTP, SSL, ZRTP
To generate a diff of this commit:
cvs rdiff -u -r1.41 -r1.42 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.27 -r1.28 pkgsrc/net/wireshark/distinfo
cvs rdiff -u -r1.4 -r1.5 pkgsrc/net/wireshark/patches/patch-ad
security update
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.42
- pkgsrc/net/wireshark/distinfo 1.28
- pkgsrc/net/wireshark/patches/patch-ad 1.5
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Fri Jan 29 12:09:53 UTC 2010
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
pkgsrc/net/wireshark/patches: patch-ad
Log Message:
Update "wireshark" package to version 1.2.6. Changes since version 1.2.5:
- Bug Fixes
The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.
- Babi discovered several buffer overflows in the LWRES
dissector.
The following bugs have been fixed:
- Wireshark could crash while decrypting Kerberos data.
- Address display filters hang Wireshark. (Bug 658)
- PSML - structure context node missing. (Bug 1564)
- Wireshark doesn't dynamically update the packet list. (Bug 1605)
- LUA: There's no tvb_get_stringz() equivalent. (Bug 2244)
- tvb_new_real_data is prone to memory leak. (Bug 3917)
- Malformed OPC UA traffic makes Wireshark "freeze". (Bug 3986)
- Analyze->Expert... doesn't show IP "Bad Checksum" errors. (Bug 4177)
- Wireshark can't decrypt WPA(2)-PSK when passphrase is 63
bytes. (Bug 4183)
- RTP stream analysis: Wrong jitter values after clicking the
refresh button. (Bug 4340)
- Wireshark decodes bootp option 2 incorrectly. (Bug 4342)
- Deleting SMI modules causes Wireshark to crash. (Bug 4354)
- Wireshark decodes kerberos AS-REQ PADATA incorrect. (Bug 4363)
- PDML output from TShark includes invalid characters. (Bug 4402)
- Empty GPRS LLC S frames cause truncated data exception. (Bug 4417)
- Updated Protocol Support
BJNP, BOOTP/DHCP, DHCPv6, FIP, GPRS LLC, IEEE 802.11, IP,
Kerberos, OPCUA, SCTP, SSL, ZRTP
To generate a diff of this commit:
cvs rdiff -u -r1.41 -r1.42 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.27 -r1.28 pkgsrc/net/wireshark/distinfo
cvs rdiff -u -r1.4 -r1.5 pkgsrc/net/wireshark/patches/patch-ad
MAIN commitmail json YAML
note apache-tomcat6 update
pkgsrc-2009Q4 commitmail json YAML
pullup #2978
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/textproc/expat/Makefile@1.24.4.1
/
diff
pkgsrc/textproc/expat/distinfo@1.18.2.1 / diff
pkgsrc/textproc/expat/patches/patch-ab@1.1.2.2 / diff
pkgsrc/textproc/expat/distinfo@1.18.2.1 / diff
pkgsrc/textproc/expat/patches/patch-ab@1.1.2.2 / diff
Pullup ticket 2978 - requested by tron
security patch
Revisions pulled up:
- pkgsrc/textproc/expat/Makefile 1.25
- pkgsrc/textproc/expat/distinfo 1.19
Files added:
- pkgsrc/textproc/expat/patches/patch-ab
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Tue Jan 26 18:37:02 UTC 2010
Modified Files:
pkgsrc/textproc/expat: Makefile distinfo
Added Files:
pkgsrc/textproc/expat/patches: patch-ab
Log Message:
add patch from upstream CVS to fix CVE-2009-3560
(possible DOS due to crash on bad input)
bump PKGREVISION
To generate a diff of this commit:
cvs rdiff -u -r1.24 -r1.25 pkgsrc/textproc/expat/Makefile
cvs rdiff -u -r1.18 -r1.19 pkgsrc/textproc/expat/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/textproc/expat/patches/patch-ab
security patch
Revisions pulled up:
- pkgsrc/textproc/expat/Makefile 1.25
- pkgsrc/textproc/expat/distinfo 1.19
Files added:
- pkgsrc/textproc/expat/patches/patch-ab
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Tue Jan 26 18:37:02 UTC 2010
Modified Files:
pkgsrc/textproc/expat: Makefile distinfo
Added Files:
pkgsrc/textproc/expat/patches: patch-ab
Log Message:
add patch from upstream CVS to fix CVE-2009-3560
(possible DOS due to crash on bad input)
bump PKGREVISION
To generate a diff of this commit:
cvs rdiff -u -r1.24 -r1.25 pkgsrc/textproc/expat/Makefile
cvs rdiff -u -r1.18 -r1.19 pkgsrc/textproc/expat/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/textproc/expat/patches/patch-ab
MAIN commitmail json YAML
pkgsrc/www/apache-tomcat6/MESSAGE@1.1
/
diff
pkgsrc/www/apache-tomcat6/Makefile@1.5 / diff
pkgsrc/www/apache-tomcat6/distinfo@1.3 / diff
pkgsrc/www/apache-tomcat6/Makefile@1.5 / diff
pkgsrc/www/apache-tomcat6/distinfo@1.3 / diff
update to the fresh release
The changelog from 6.0.20 to 6.0.24 is quite lengthy, please refer to
http://tomcat.apache.org/tomcat-6.0-doc/changelog.html for details
fixes CVE-2009-2693, CVE-2009-2901 and CVE-2009-2902
The changelog from 6.0.20 to 6.0.24 is quite lengthy, please refer to
http://tomcat.apache.org/tomcat-6.0-doc/changelog.html for details
fixes CVE-2009-2693, CVE-2009-2901 and CVE-2009-2902
pkgsrc-2009Q4 commitmail json YAML
pullups #2972 and #2973
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/lang/python26/Makefile@1.16.2.1
/
diff
pkgsrc/lang/python26/PLIST.common@1.7.2.1 / diff
pkgsrc/lang/python26/distinfo@1.17.2.1 / diff
pkgsrc/lang/python26/patches/patch-am@1.7.2.1 / diff
pkgsrc/lang/python26/PLIST.common@1.7.2.1 / diff
pkgsrc/lang/python26/distinfo@1.17.2.1 / diff
pkgsrc/lang/python26/patches/patch-am@1.7.2.1 / diff
Pullup ticket 2973 - requested by tron
build fix
Revisions pulled up:
- pkgsrc/lang/python26/Makefile 1.18->1.19
- pkgsrc/lang/python26/PLIST.common 1.8
- pkgsrc/lang/python26/distinfo 1.18
- pkgsrc/lang/python26/patches/patch-am 1.8
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Jan 26 12:15:26 UTC 2010
Modified Files:
pkgsrc/lang/python26: Makefile PLIST.common distinfo
pkgsrc/lang/python26/patches: patch-am
Log Message:
Fix build problems under Mac OS X reported by Taylor R Campbell
on the "pkgsrc-users" mailing list:
1.) Fix 64-Bit ABI check for Snow Leopard so it doesn't break the build
on older version of Mac OS X.
2.) Properly disable the "pyexpat" module and remove it from the
package list.
Bump package revision because of these changes.
To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 pkgsrc/lang/python26/Makefile
cvs rdiff -u -r1.7 -r1.8 pkgsrc/lang/python26/PLIST.common
cvs rdiff -u -r1.17 -r1.18 pkgsrc/lang/python26/distinfo
cvs rdiff -u -r1.7 -r1.8 pkgsrc/lang/python26/patches/patch-am
build fix
Revisions pulled up:
- pkgsrc/lang/python26/Makefile 1.18->1.19
- pkgsrc/lang/python26/PLIST.common 1.8
- pkgsrc/lang/python26/distinfo 1.18
- pkgsrc/lang/python26/patches/patch-am 1.8
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Jan 26 12:15:26 UTC 2010
Modified Files:
pkgsrc/lang/python26: Makefile PLIST.common distinfo
pkgsrc/lang/python26/patches: patch-am
Log Message:
Fix build problems under Mac OS X reported by Taylor R Campbell
on the "pkgsrc-users" mailing list:
1.) Fix 64-Bit ABI check for Snow Leopard so it doesn't break the build
on older version of Mac OS X.
2.) Properly disable the "pyexpat" module and remove it from the
package list.
Bump package revision because of these changes.
To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 pkgsrc/lang/python26/Makefile
cvs rdiff -u -r1.7 -r1.8 pkgsrc/lang/python26/PLIST.common
cvs rdiff -u -r1.17 -r1.18 pkgsrc/lang/python26/distinfo
cvs rdiff -u -r1.7 -r1.8 pkgsrc/lang/python26/patches/patch-am
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/databases/phpmyadmin/Makefile@1.80.2.1
/
diff
pkgsrc/databases/phpmyadmin/distinfo@1.42.2.1 / diff
pkgsrc/databases/phpmyadmin/distinfo@1.42.2.1 / diff
Pullup ticket 2972 - requested by tron
security update
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.81
- pkgsrc/databases/phpmyadmin/distinfo 1.43
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Jan 26 12:04:37 UTC 2010
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 2.11.10.
Changes since version 2.11.9.6:
- [core] safer handling of temporary files with open_basedir
(thanks to Thijs Kinkhorst)
- [core] do not automatically set and create TempDir, it might lead to
security issue (thanks to Thijs Kinkhorst)
- [setup] avoid usage of (un)serialize, what might be unsafe in some cases
This fixes the security vulnerabilities reported in PMASA-2010-1,
PMASA-2010-2 and PMASA-2010-3.
To generate a diff of this commit:
cvs rdiff -u -r1.80 -r1.81 pkgsrc/databases/phpmyadmin/Makefile
cvs rdiff -u -r1.42 -r1.43 pkgsrc/databases/phpmyadmin/distinfo
security update
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.81
- pkgsrc/databases/phpmyadmin/distinfo 1.43
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Jan 26 12:04:37 UTC 2010
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 2.11.10.
Changes since version 2.11.9.6:
- [core] safer handling of temporary files with open_basedir
(thanks to Thijs Kinkhorst)
- [core] do not automatically set and create TempDir, it might lead to
security issue (thanks to Thijs Kinkhorst)
- [setup] avoid usage of (un)serialize, what might be unsafe in some cases
This fixes the security vulnerabilities reported in PMASA-2010-1,
PMASA-2010-2 and PMASA-2010-3.
To generate a diff of this commit:
cvs rdiff -u -r1.80 -r1.81 pkgsrc/databases/phpmyadmin/Makefile
cvs rdiff -u -r1.42 -r1.43 pkgsrc/databases/phpmyadmin/distinfo
pkgsrc-2009Q4 commitmail json YAML
pullup #2971
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/mail/imap-uw/Makefile@1.131.4.1
/
diff
pkgsrc/mail/imap-uw/distinfo@1.38.2.1 / diff
pkgsrc/mail/imap-uw/patches/patch-ab@1.24.2.1 / diff
pkgsrc/mail/imap-uw/distinfo@1.38.2.1 / diff
pkgsrc/mail/imap-uw/patches/patch-ab@1.24.2.1 / diff
Pullup ticket 2971 - requested by tron
build fix for Solaris / Sun Studio C
Revisions pulled up:
- pkgsrc/mail/imap-uw/Makefile 1.132
- pkgsrc/mail/imap-uw/distinfo 1.39
- pkgsrc/mail/imap-uw/patches/patch-ab 1.25
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Mon Jan 25 23:04:49 UTC 2010
Modified Files:
pkgsrc/mail/imap-uw: Makefile distinfo
pkgsrc/mail/imap-uw/patches: patch-ab
Log Message:
Use "soc" target if building with Sun Studio C++ and modify that target
to use "cc" rather than an absolute path (which is no longer correct).
This fixes the build with that compiler without breaking the build
using GCC.
To generate a diff of this commit:
cvs rdiff -u -r1.131 -r1.132 pkgsrc/mail/imap-uw/Makefile
cvs rdiff -u -r1.38 -r1.39 pkgsrc/mail/imap-uw/distinfo
cvs rdiff -u -r1.24 -r1.25 pkgsrc/mail/imap-uw/patches/patch-ab
build fix for Solaris / Sun Studio C
Revisions pulled up:
- pkgsrc/mail/imap-uw/Makefile 1.132
- pkgsrc/mail/imap-uw/distinfo 1.39
- pkgsrc/mail/imap-uw/patches/patch-ab 1.25
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Mon Jan 25 23:04:49 UTC 2010
Modified Files:
pkgsrc/mail/imap-uw: Makefile distinfo
pkgsrc/mail/imap-uw/patches: patch-ab
Log Message:
Use "soc" target if building with Sun Studio C++ and modify that target
to use "cc" rather than an absolute path (which is no longer correct).
This fixes the build with that compiler without breaking the build
using GCC.
To generate a diff of this commit:
cvs rdiff -u -r1.131 -r1.132 pkgsrc/mail/imap-uw/Makefile
cvs rdiff -u -r1.38 -r1.39 pkgsrc/mail/imap-uw/distinfo
cvs rdiff -u -r1.24 -r1.25 pkgsrc/mail/imap-uw/patches/patch-ab
MAIN commitmail json YAML
note update of the two remaining bind packages
MAIN commitmail json YAML
security update:
BIND 9.4.3-P4 is a SECURITY PATCH for BIND 9.4.3. It addresses a
potential cache poisoning vulnerability, in which data in the additional
section of a response could be cached without proper DNSSEC validation.
Changes since 9.4.3-P3:
2772. [security] When validating, track whether pending data was from
the additional section or not and only return it if
validates as secure. [RT #20438]
BIND 9.4.3-P5 is a SECURITY PATCH for BIND 9.4.3. It addresses two
potential cache poisoning vulnerabilities, both of which could allow
a validating recursive nameserver to cache data which had not been
authenticated or was invalid.
CVE identifiers: CVE-2009-4022, CVE-2010-0097
CERT advisories: VU#418861, VU#360341
Changes since 9.4.3-P4:
2831. [security] Do not attempt to validate or cache
out-of-bailiwick data returned with a secure
answer; it must be re-fetched from its original
source and validated in that context. [RT #20819]
2828. [security] Cached CNAME or DNAME RR could be returned to clients
without DNSSEC validation. [RT #20737]
2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712]
BIND 9.4.3-P4 is a SECURITY PATCH for BIND 9.4.3. It addresses a
potential cache poisoning vulnerability, in which data in the additional
section of a response could be cached without proper DNSSEC validation.
Changes since 9.4.3-P3:
2772. [security] When validating, track whether pending data was from
the additional section or not and only return it if
validates as secure. [RT #20438]
BIND 9.4.3-P5 is a SECURITY PATCH for BIND 9.4.3. It addresses two
potential cache poisoning vulnerabilities, both of which could allow
a validating recursive nameserver to cache data which had not been
authenticated or was invalid.
CVE identifiers: CVE-2009-4022, CVE-2010-0097
CERT advisories: VU#418861, VU#360341
Changes since 9.4.3-P4:
2831. [security] Do not attempt to validate or cache
out-of-bailiwick data returned with a secure
answer; it must be re-fetched from its original
source and validated in that context. [RT #20819]
2828. [security] Cached CNAME or DNAME RR could be returned to clients
without DNSSEC validation. [RT #20737]
2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712]
MAIN commitmail json YAML
security update:
BIND 9.5.2-P2 is a SECURITY PATCH for BIND 9.5.2. It addresses two
potential cache poisoning vulnerabilities, both of which could allow
a validating recursive nameserver to cache data which had not been
authenticated or was invalid.
CVE identifiers: CVE-2009-4022, CVE-2010-0097
CERT advisories: VU#418861, VU#360341
Changes since 9.5.2-P1:
2831. [security] Do not attempt to validate or cache
out-of-bailiwick data returned with a secure
answer; it must be re-fetched from its original
source and validated in that context. [RT #20819]
2828. [security] Cached CNAME or DNAME RR could be returned to clients
without DNSSEC validation. [RT #20737]
2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712]
BIND 9.5.2-P2 is a SECURITY PATCH for BIND 9.5.2. It addresses two
potential cache poisoning vulnerabilities, both of which could allow
a validating recursive nameserver to cache data which had not been
authenticated or was invalid.
CVE identifiers: CVE-2009-4022, CVE-2010-0097
CERT advisories: VU#418861, VU#360341
Changes since 9.5.2-P1:
2831. [security] Do not attempt to validate or cache
out-of-bailiwick data returned with a secure
answer; it must be re-fetched from its original
source and validated in that context. [RT #20819]
2828. [security] Cached CNAME or DNAME RR could be returned to clients
without DNSSEC validation. [RT #20737]
2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712]
pkgsrc-2009Q4 commitmail json YAML
pullup #2964
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/net/Transmission/Makefile@1.53.2.1
/
diff
pkgsrc/net/Transmission/PLIST.common@1.8.6.1 / diff
pkgsrc/net/Transmission/PLIST.gtk@1.15.4.1 / diff
pkgsrc/net/Transmission/distinfo@1.41.2.1 / diff
pkgsrc/net/Transmission/PLIST.common@1.8.6.1 / diff
pkgsrc/net/Transmission/PLIST.gtk@1.15.4.1 / diff
pkgsrc/net/Transmission/distinfo@1.41.2.1 / diff
Pullup ticket 2964 - requested by tnn
security update
Revisions pulled up:
- pkgsrc/net/Transmission/Makefile 1.55
- pkgsrc/net/Transmission/PLIST.common 1.9
- pkgsrc/net/Transmission/PLIST.gtk 1.16
- pkgsrc/net/Transmission/distinfo 1.42
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tnn
Date: Thu Jan 21 10:19:21 UTC 2010
Modified Files:
pkgsrc/net/Transmission: Makefile PLIST.common PLIST.gtk
distinfo
Log Message:
Update to 1.80.
This is a huge listen-to-the-users release -- it uses 103 ideas from
users, including 44 enhancements, 26 bugfixes and 33 more bugfixes
during the beta tests.
Also includes fix for CVE-2010-0012 which allowed overwriting local
files if a malicious .torrent file was opened.
To generate a diff of this commit:
cvs rdiff -u -r1.54 -r1.55 pkgsrc/net/Transmission/Makefile
cvs rdiff -u -r1.8 -r1.9 pkgsrc/net/Transmission/PLIST.common
cvs rdiff -u -r1.15 -r1.16 pkgsrc/net/Transmission/PLIST.gtk
cvs rdiff -u -r1.41 -r1.42 pkgsrc/net/Transmission/distinfo
security update
Revisions pulled up:
- pkgsrc/net/Transmission/Makefile 1.55
- pkgsrc/net/Transmission/PLIST.common 1.9
- pkgsrc/net/Transmission/PLIST.gtk 1.16
- pkgsrc/net/Transmission/distinfo 1.42
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tnn
Date: Thu Jan 21 10:19:21 UTC 2010
Modified Files:
pkgsrc/net/Transmission: Makefile PLIST.common PLIST.gtk
distinfo
Log Message:
Update to 1.80.
This is a huge listen-to-the-users release -- it uses 103 ideas from
users, including 44 enhancements, 26 bugfixes and 33 more bugfixes
during the beta tests.
Also includes fix for CVE-2010-0012 which allowed overwriting local
files if a malicious .torrent file was opened.
To generate a diff of this commit:
cvs rdiff -u -r1.54 -r1.55 pkgsrc/net/Transmission/Makefile
cvs rdiff -u -r1.8 -r1.9 pkgsrc/net/Transmission/PLIST.common
cvs rdiff -u -r1.15 -r1.16 pkgsrc/net/Transmission/PLIST.gtk
cvs rdiff -u -r1.41 -r1.42 pkgsrc/net/Transmission/distinfo
pkgsrc-2009Q4 commitmail json YAML
pullup #2961
pkgsrc-2009Q4 commitmail json YAML
pkgsrc/net/bind96/Makefile@1.12.2.1
/
diff
pkgsrc/net/bind96/PLIST@1.4.4.1 / diff
pkgsrc/net/bind96/distinfo@1.7.2.1 / diff
pkgsrc/net/bind96/PLIST@1.4.4.1 / diff
pkgsrc/net/bind96/distinfo@1.7.2.1 / diff
Pullup ticket 2961 - requested by taca
security update
Revisions pulled up:
- pkgsrc/net/bind96/Makefile 1.14
- pkgsrc/net/bind96/PLIST 1.5
- pkgsrc/net/bind96/distinfo 1.8
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Jan 20 01:01:15 UTC 2010
Modified Files:
pkgsrc/net/bind96: Makefile PLIST distinfo
Log Message:
Update net/bind96 to 9.6.1pl3 (9.6.1-P3).
--- 9.6.1-P3 released ---
2831. [security] Do not attempt to validate or cache
out-of-bailiwick data returned with a secure
answer; it must be re-fetched from its original
source and validated in that context. [RT #20819]
2828. [security] Cached CNAME or DNAME RR could be returned to clients
without DNSSEC validation. [RT #20737]
2827. [security] Bogus NXDOMAIN could be cached as if valid.
[RT #20712]
To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 pkgsrc/net/bind96/Makefile
cvs rdiff -u -r1.4 -r1.5 pkgsrc/net/bind96/PLIST
cvs rdiff -u -r1.7 -r1.8 pkgsrc/net/bind96/distinfo
security update
Revisions pulled up:
- pkgsrc/net/bind96/Makefile 1.14
- pkgsrc/net/bind96/PLIST 1.5
- pkgsrc/net/bind96/distinfo 1.8
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Jan 20 01:01:15 UTC 2010
Modified Files:
pkgsrc/net/bind96: Makefile PLIST distinfo
Log Message:
Update net/bind96 to 9.6.1pl3 (9.6.1-P3).
--- 9.6.1-P3 released ---
2831. [security] Do not attempt to validate or cache
out-of-bailiwick data returned with a secure
answer; it must be re-fetched from its original
source and validated in that context. [RT #20819]
2828. [security] Cached CNAME or DNAME RR could be returned to clients
without DNSSEC validation. [RT #20737]
2827. [security] Bogus NXDOMAIN could be cached as if valid.
[RT #20712]
To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 pkgsrc/net/bind96/Makefile
cvs rdiff -u -r1.4 -r1.5 pkgsrc/net/bind96/PLIST
cvs rdiff -u -r1.7 -r1.8 pkgsrc/net/bind96/distinfo
MAIN commitmail json YAML
tn3270 is back
MAIN commitmail json YAML
pkgsrc/comms/tn3270/DESCR@1.3
/
diff
pkgsrc/comms/tn3270/Makefile@1.4 / diff
pkgsrc/comms/tn3270/PLIST@1.3 / diff
pkgsrc/comms/tn3270/distinfo@1.1 / diff
pkgsrc/comms/tn3270/Makefile@1.4 / diff
pkgsrc/comms/tn3270/PLIST@1.3 / diff
pkgsrc/comms/tn3270/distinfo@1.1 / diff
resuscitate, with a distfile instead of a files subdir
MAIN commitmail json YAML
updated devel/rt3 to 3.8.7
MAIN commitmail json YAML
update maintainer (*brrr* :)
Update to next version (thanks to Frederic Jaeckel for the prod).
The upstream changelog is:
* Stop old DateTime or DateTime::Locales from exploding in Preferences
* Move all JS for hierarchical CFs onto derivative field; remove DerivativeCFs
method
Fix bug on Oracle when selecting against a CLOB
* Call the method on the object, not the username string (Reported by
Philip Shore)
Fix error when using WebExternalAuth and setting user info
* When using WebExternalAuth don't issue a new session cookie on each request
Fix lost attachments when using WebExternalAuth. WebExternalAuthContinuous
can be set back to 1
* Mention missing index that was only added to upgrade scripts
* fixes for PlainTextMono config option introduced in 3.8.6
* fixes for updating charts and dashboards
* delete links from Bulk Update
Update to next version (thanks to Frederic Jaeckel for the prod).
The upstream changelog is:
* Stop old DateTime or DateTime::Locales from exploding in Preferences
* Move all JS for hierarchical CFs onto derivative field; remove DerivativeCFs
method
Fix bug on Oracle when selecting against a CLOB
* Call the method on the object, not the username string (Reported by
Philip Shore)
Fix error when using WebExternalAuth and setting user info
* When using WebExternalAuth don't issue a new session cookie on each request
Fix lost attachments when using WebExternalAuth. WebExternalAuthContinuous
can be set back to 1
* Mention missing index that was only added to upgrade scripts
* fixes for PlainTextMono config option introduced in 3.8.6
* fixes for updating charts and dashboards
* delete links from Bulk Update
pkgsrc-2009Q4 commitmail json YAML
pullup #2959
pkgsrc-2009Q4 commitmail json YAML
Pullup ticket 2959 - requested by tron
build fix for Solaris
Revisions pulled up:
- pkgsrc/security/opencdk/Makefile 1.32
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Jan 16 11:23:04 UTC 2010
Modified Files:
pkgsrc/security/opencdk: Makefile
Log Message:
Fix build under Solaris.
To generate a diff of this commit:
cvs rdiff -u -r1.31 -r1.32 pkgsrc/security/opencdk/Makefile
build fix for Solaris
Revisions pulled up:
- pkgsrc/security/opencdk/Makefile 1.32
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Jan 16 11:23:04 UTC 2010
Modified Files:
pkgsrc/security/opencdk: Makefile
Log Message:
Fix build under Solaris.
To generate a diff of this commit:
cvs rdiff -u -r1.31 -r1.32 pkgsrc/security/opencdk/Makefile
MAIN commitmail json YAML
pkgsrc/news/inn/Makefile@1.101
/
diff
pkgsrc/news/inn/distinfo@1.25 / diff
pkgsrc/news/inn/patches/patch-ag@1.11 / diff
pkgsrc/news/inn/distinfo@1.25 / diff
pkgsrc/news/inn/patches/patch-ag@1.11 / diff
the patch to set the pgp path setting was both superfluous (as the path gets
reset later on) and had a typo. Add a dependency on gnupg instead to make
sure a pgp (gpg) binary is around to be used (provision should be made to
be able to use eg netpgp instead .. to be done later, hopefully after
someone else created the 'pick my favourite pgp version' infrastructure :> ).
reset later on) and had a typo. Add a dependency on gnupg instead to make
sure a pgp (gpg) binary is around to be used (provision should be made to
be able to use eg netpgp instead .. to be done later, hopefully after
someone else created the 'pick my favourite pgp version' infrastructure :> ).
MAIN commitmail json YAML
pkgsrc/misc/screen/Makefile@1.81
/
diff
pkgsrc/misc/screen/distinfo@1.31 / diff
pkgsrc/misc/screen/patches/patch-ac@1.9 / diff
pkgsrc/misc/screen/patches/patch-ah@1.4 / diff
pkgsrc/misc/screen/patches/patch-ar@1.1 / diff
pkgsrc/misc/screen/patches/patch-as@1.1 / diff
pkgsrc/misc/screen/distinfo@1.31 / diff
pkgsrc/misc/screen/patches/patch-ac@1.9 / diff
pkgsrc/misc/screen/patches/patch-ah@1.4 / diff
pkgsrc/misc/screen/patches/patch-ar@1.1 / diff
pkgsrc/misc/screen/patches/patch-as@1.1 / diff
Fix build failure:
NetBSD-current added dwarf.h and that made the code assume that sys/stropts.h
was present without greater need, since configure also checks for
HAVE_SYS_STROPTS_H.
NetBSD-current added dwarf.h and that made the code assume that sys/stropts.h
was present without greater need, since configure also checks for
HAVE_SYS_STROPTS_H.
MAIN commitmail json YAML
pkgsrc/sysutils/strace/distinfo@1.14
/
diff
pkgsrc/sysutils/strace/patches/patch-ao@1.4 / diff
pkgsrc/sysutils/strace/patches/patch-au@1.4 / diff
pkgsrc/sysutils/strace/patches/patch-ao@1.4 / diff
pkgsrc/sysutils/strace/patches/patch-au@1.4 / diff
compile fixes for a leaf package for non-x86 NetBSD
(note that there are no claims of making it actually work)
(note that there are no claims of making it actually work)
pkgsrc-2009Q3 commitmail json YAML
pullup #2955
pkgsrc-2009Q3 commitmail json YAML
pkgsrc/lang/php5/Makefile@1.72.4.2
/
diff
pkgsrc/lang/php5/Makefile.common@1.38.2.1 / diff
pkgsrc/lang/php5/PLIST@1.24.2.1 / diff
pkgsrc/lang/php5/distinfo@1.67.2.3 / diff
pkgsrc/lang/php5/patches/patch-ag@1.2.34.2 / diff
pkgsrc/lang/php5/patches/patch-ah@1.1.36.2 / diff
pkgsrc/lang/php5/patches/patch-ay deleted
pkgsrc/lang/php5/patches/patch-az deleted
pkgsrc/lang/php5/patches/patch-ba deleted
pkgsrc/lang/php5/patches/patch-bb deleted
pkgsrc/lang/php5/patches/patch-bc deleted
pkgsrc/lang/php5/patches/patch-bd deleted
pkgsrc/textproc/php5-xsl/Makefile@1.12.2.1 / diff
pkgsrc/lang/php5/Makefile.common@1.38.2.1 / diff
pkgsrc/lang/php5/PLIST@1.24.2.1 / diff
pkgsrc/lang/php5/distinfo@1.67.2.3 / diff
pkgsrc/lang/php5/patches/patch-ag@1.2.34.2 / diff
pkgsrc/lang/php5/patches/patch-ah@1.1.36.2 / diff
pkgsrc/lang/php5/patches/patch-ay deleted
pkgsrc/lang/php5/patches/patch-az deleted
pkgsrc/lang/php5/patches/patch-ba deleted
pkgsrc/lang/php5/patches/patch-bb deleted
pkgsrc/lang/php5/patches/patch-bc deleted
pkgsrc/lang/php5/patches/patch-bd deleted
pkgsrc/textproc/php5-xsl/Makefile@1.12.2.1 / diff
Pullup ticket 2955 - requested by taca
security update
Revisions pulled up:
- pkgsrc/lang/php5/Makefile 1.75
- pkgsrc/lang/php5/Makefile.common 1.39
- pkgsrc/lang/php5/PLIST 1.25
- pkgsrc/lang/php5/distinfo 1.71
- pkgsrc/lang/php5/patches/patch-ag 1.4
- pkgsrc/lang/php5/patches/patch-ah 1.3
- pkgsrc/textproc/php5-xsl/Makefile 1.13
Files removed:
pkgsrc/lang/php5/patches/patch-ay
pkgsrc/lang/php5/patches/patch-az
pkgsrc/lang/php5/patches/patch-ba
pkgsrc/lang/php5/patches/patch-bb
pkgsrc/lang/php5/patches/patch-bc
pkgsrc/lang/php5/patches/patch-bd
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Dec 23 07:07:35 UTC 2009
Modified Files:
pkgsrc/lang/php5: Makefile Makefile.common PLIST distinfo
pkgsrc/lang/php5/patches: patch-ag patch-ah
Removed Files:
pkgsrc/lang/php5/patches: patch-ay patch-az patch-ba patch-bb
patch-bc patch-bd
Log Message:
Update lang/php5 to 5.2.12, security update.
Security Enhancements and Fixes in PHP 5.2.12:
* Fixed a safe_mode bypass in tempnam() identified by Grzegorz
Stachowiak. (CVE-2009-3557, Rasmus)
* Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz
Stachowiak. (CVE-2009-3558, Rasmus)
* Added "max_file_uploads" INI directive, which can be set to limit the
number of file uploads per-request to 20 by default, to prevent possible
DOS via temporary file exhaustion, identified by Bogdan
Calin. (CVE-2009-4017, Ilia)
* Added protection for $_SESSION from interrupt corruption and improved
"session.save_path" check, identified by Stefan Esser. (CVE-2009-4143,
Stas)
* Fixed bug #49785 (insufficient input string validation of
htmlspecialchars()). (CVE-2009-4142, Moriyoshi, hello at iwamot dot com)
Key enhancements in PHP 5.2.12 include:
* Fixed unnecessary invocation of setitimer when timeouts have been
disabled. (Arvind Srinivasan)
* Fixed crash in com_print_typeinfo when an invalid typelib is given. (Pierre)
* Fixed crash in SQLiteDatabase::ArrayQuery() and
SQLiteDatabase::SingleQuery() when calling using Reflection. (Felipe)
* Fixed crash when instantiating PDORow and PDOStatement through
Reflection. (Felipe)
* Fixed memory leak in openssl_pkcs12_export_to_file(). (Felipe)
* Fixed bug #50207 (segmentation fault when concatenating very large strings
on 64bit linux). (Ilia)
* Fixed bug #50162 (Memory leak when fetching timestamp column from Oracle
database). (Felipe)
* Fixed bug #50006 (Segfault caused by uksort()). (Felipe)
* Fixed bug #50005 (Throwing through Reflection modified Exception object
makes segmentation fault). (Felipe)
* Fixed bug #49174 (crash when extending PDOStatement and trying to set
queryString property). (Felipe)
* Fixed bug #49098 (mysqli segfault on error). (Rasmus)
* Over 50 other bug fixes.
To generate a diff of this commit:
cvs rdiff -u -r1.74 -r1.75 pkgsrc/lang/php5/Makefile
cvs rdiff -u -r1.38 -r1.39 pkgsrc/lang/php5/Makefile.common
cvs rdiff -u -r1.24 -r1.25 pkgsrc/lang/php5/PLIST
cvs rdiff -u -r1.70 -r1.71 pkgsrc/lang/php5/distinfo
cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/php5/patches/patch-ag
cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/php5/patches/patch-ah
cvs rdiff -u -r1.2 -r0 pkgsrc/lang/php5/patches/patch-ay \
pkgsrc/lang/php5/patches/patch-az
cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php5/patches/patch-ba \
pkgsrc/lang/php5/patches/patch-bb pkgsrc/lang/php5/patches/patch-bc \
pkgsrc/lang/php5/patches/patch-bd
--------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Dec 23 07:08:31 UTC 2009
Modified Files:
pkgsrc/textproc/php5-xsl: Makefile
Log Message:
Reset PKGREVISION by implicit update to 5.2.12.
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 pkgsrc/textproc/php5-xsl/Makefile
security update
Revisions pulled up:
- pkgsrc/lang/php5/Makefile 1.75
- pkgsrc/lang/php5/Makefile.common 1.39
- pkgsrc/lang/php5/PLIST 1.25
- pkgsrc/lang/php5/distinfo 1.71
- pkgsrc/lang/php5/patches/patch-ag 1.4
- pkgsrc/lang/php5/patches/patch-ah 1.3
- pkgsrc/textproc/php5-xsl/Makefile 1.13
Files removed:
pkgsrc/lang/php5/patches/patch-ay
pkgsrc/lang/php5/patches/patch-az
pkgsrc/lang/php5/patches/patch-ba
pkgsrc/lang/php5/patches/patch-bb
pkgsrc/lang/php5/patches/patch-bc
pkgsrc/lang/php5/patches/patch-bd
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Dec 23 07:07:35 UTC 2009
Modified Files:
pkgsrc/lang/php5: Makefile Makefile.common PLIST distinfo
pkgsrc/lang/php5/patches: patch-ag patch-ah
Removed Files:
pkgsrc/lang/php5/patches: patch-ay patch-az patch-ba patch-bb
patch-bc patch-bd
Log Message:
Update lang/php5 to 5.2.12, security update.
Security Enhancements and Fixes in PHP 5.2.12:
* Fixed a safe_mode bypass in tempnam() identified by Grzegorz
Stachowiak. (CVE-2009-3557, Rasmus)
* Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz
Stachowiak. (CVE-2009-3558, Rasmus)
* Added "max_file_uploads" INI directive, which can be set to limit the
number of file uploads per-request to 20 by default, to prevent possible
DOS via temporary file exhaustion, identified by Bogdan
Calin. (CVE-2009-4017, Ilia)
* Added protection for $_SESSION from interrupt corruption and improved
"session.save_path" check, identified by Stefan Esser. (CVE-2009-4143,
Stas)
* Fixed bug #49785 (insufficient input string validation of
htmlspecialchars()). (CVE-2009-4142, Moriyoshi, hello at iwamot dot com)
Key enhancements in PHP 5.2.12 include:
* Fixed unnecessary invocation of setitimer when timeouts have been
disabled. (Arvind Srinivasan)
* Fixed crash in com_print_typeinfo when an invalid typelib is given. (Pierre)
* Fixed crash in SQLiteDatabase::ArrayQuery() and
SQLiteDatabase::SingleQuery() when calling using Reflection. (Felipe)
* Fixed crash when instantiating PDORow and PDOStatement through
Reflection. (Felipe)
* Fixed memory leak in openssl_pkcs12_export_to_file(). (Felipe)
* Fixed bug #50207 (segmentation fault when concatenating very large strings
on 64bit linux). (Ilia)
* Fixed bug #50162 (Memory leak when fetching timestamp column from Oracle
database). (Felipe)
* Fixed bug #50006 (Segfault caused by uksort()). (Felipe)
* Fixed bug #50005 (Throwing through Reflection modified Exception object
makes segmentation fault). (Felipe)
* Fixed bug #49174 (crash when extending PDOStatement and trying to set
queryString property). (Felipe)
* Fixed bug #49098 (mysqli segfault on error). (Rasmus)
* Over 50 other bug fixes.
To generate a diff of this commit:
cvs rdiff -u -r1.74 -r1.75 pkgsrc/lang/php5/Makefile
cvs rdiff -u -r1.38 -r1.39 pkgsrc/lang/php5/Makefile.common
cvs rdiff -u -r1.24 -r1.25 pkgsrc/lang/php5/PLIST
cvs rdiff -u -r1.70 -r1.71 pkgsrc/lang/php5/distinfo
cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/php5/patches/patch-ag
cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/php5/patches/patch-ah
cvs rdiff -u -r1.2 -r0 pkgsrc/lang/php5/patches/patch-ay \
pkgsrc/lang/php5/patches/patch-az
cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php5/patches/patch-ba \
pkgsrc/lang/php5/patches/patch-bb pkgsrc/lang/php5/patches/patch-bc \
pkgsrc/lang/php5/patches/patch-bd
--------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Dec 23 07:08:31 UTC 2009
Modified Files:
pkgsrc/textproc/php5-xsl: Makefile
Log Message:
Reset PKGREVISION by implicit update to 5.2.12.
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 pkgsrc/textproc/php5-xsl/Makefile
pkgsrc-2009Q3 commitmail json YAML
pullup #2954
pkgsrc-2009Q3 commitmail json YAML
Pullup ticket 2954 - requested by tonnerre
security update
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.40
- pkgsrc/net/wireshark/distinfo 1.27
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu Dec 10 19:03:31 UTC 2009
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update "wireshark" package to version 1.2.4. Changes since version 1.2.3:
- Bug Fixes
- Can't RTP stream in both directions. (Bug 4120)
- Updated Protocol Support
DCERPC, IPFIX/Netflow, IPv4, NAS EPS, RTCP, TIPC
To generate a diff of this commit:
cvs rdiff -u -r1.38 -r1.39 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.25 -r1.26 pkgsrc/net/wireshark/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tonnerre
Date: Sun Dec 20 19:25:34 UTC 2009
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update wireshark to version 1.2.5 in order to fix wpna-sec-2009-09.
Changes since 1.2.4:
Bugfixes:
* The following vulnerabilities have been fixed. See the security advisory
for details and a workaround.
* The Daintree SNA file parser could overflow a buffer. (Bug 4294)
* The SMB and SMB2 dissectors could crash. (Bug 4301)
* The IPMI dissector could crash on Windows. (Bug 4319)
* Wireshark does not graph rtp streams. (Bug 3801)
* Wireshark showing extraneous data in a TCP stream. (Bug 3955)
* Wrong decoding of gtp.target identification. (Bug 3974)
* TTE dissector bug. (Bug 4247)
* Upper case in Lua pref symbol causes Wireshark to crash. (Bug 4255)
* OpenBSD 4.5 build fails at epan/dissectors/packet-rpcap.c. (Bug 4258)
* Incorrect display of stream data using "Follow tcp stream" option.
(Bug 4288)
* Custom RADIUS dictionary can cause a crash. (Bug 4316)
Updated Protocol Support:
* DAP, eDonkey, GTP, IPMI, MIP, RADIUS, RANAP, SMB, SMB2, TCP, TTE, VNC,
X.509sat
Updated Capture File Support:
* Daintree SNA.
To generate a diff of this commit:
cvs rdiff -u -r1.39 -r1.40 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.26 -r1.27 pkgsrc/net/wireshark/distinfo
security update
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.40
- pkgsrc/net/wireshark/distinfo 1.27
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu Dec 10 19:03:31 UTC 2009
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update "wireshark" package to version 1.2.4. Changes since version 1.2.3:
- Bug Fixes
- Can't RTP stream in both directions. (Bug 4120)
- Updated Protocol Support
DCERPC, IPFIX/Netflow, IPv4, NAS EPS, RTCP, TIPC
To generate a diff of this commit:
cvs rdiff -u -r1.38 -r1.39 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.25 -r1.26 pkgsrc/net/wireshark/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tonnerre
Date: Sun Dec 20 19:25:34 UTC 2009
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update wireshark to version 1.2.5 in order to fix wpna-sec-2009-09.
Changes since 1.2.4:
Bugfixes:
* The following vulnerabilities have been fixed. See the security advisory
for details and a workaround.
* The Daintree SNA file parser could overflow a buffer. (Bug 4294)
* The SMB and SMB2 dissectors could crash. (Bug 4301)
* The IPMI dissector could crash on Windows. (Bug 4319)
* Wireshark does not graph rtp streams. (Bug 3801)
* Wireshark showing extraneous data in a TCP stream. (Bug 3955)
* Wrong decoding of gtp.target identification. (Bug 3974)
* TTE dissector bug. (Bug 4247)
* Upper case in Lua pref symbol causes Wireshark to crash. (Bug 4255)
* OpenBSD 4.5 build fails at epan/dissectors/packet-rpcap.c. (Bug 4258)
* Incorrect display of stream data using "Follow tcp stream" option.
(Bug 4288)
* Custom RADIUS dictionary can cause a crash. (Bug 4316)
Updated Protocol Support:
* DAP, eDonkey, GTP, IPMI, MIP, RADIUS, RANAP, SMB, SMB2, TCP, TTE, VNC,
X.509sat
Updated Capture File Support:
* Daintree SNA.
To generate a diff of this commit:
cvs rdiff -u -r1.39 -r1.40 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.26 -r1.27 pkgsrc/net/wireshark/distinfo
pkgsrc-2009Q3 commitmail json YAML
pullup #2953
pkgsrc-2009Q3 commitmail json YAML
pkgsrc/devel/xulrunner/Makefile@1.23.2.2
/
diff
pkgsrc/devel/xulrunner/distinfo@1.12.2.2 / diff
pkgsrc/devel/xulrunner/mozilla-common.mk@1.1.2.2 / diff
pkgsrc/www/firefox/Makefile@1.59.2.2 / diff
pkgsrc/devel/xulrunner/distinfo@1.12.2.2 / diff
pkgsrc/devel/xulrunner/mozilla-common.mk@1.1.2.2 / diff
pkgsrc/www/firefox/Makefile@1.59.2.2 / diff
Pullup ticket 2953 - requested by tnn
security update
Revisions pulled up:
- pkgsrc/devel/xulrunner/Makefile by patch
- pkgsrc/devel/xulrunner/distinfo by patch
- pkgsrc/devel/xulrunner/mozilla-common.mk by patch
- pkgsrc/www/firefox/Makefile by patch
-------------------------------------------------------------------------
firefox-3.5.6 & xulrunner-1.9.1.6 fix the following vulnerabilities:
MFSA 2009-71 GeckoActiveXObject exception messages can be used to
enumerate installed COM objects
MFSA 2009-70 Privilege escalation via chrome window.opener
MFSA 2009-69 Location bar spoofing vulnerabilities
MFSA 2009-68 NTLM reflection vulnerability
MFSA 2009-67 Integer overflow, crash in libtheora video library
MFSA 2009-66 Memory safety fixes in liboggplay media library
MFSA 2009-65 Crashes with evidence of memory corruption
security update
Revisions pulled up:
- pkgsrc/devel/xulrunner/Makefile by patch
- pkgsrc/devel/xulrunner/distinfo by patch
- pkgsrc/devel/xulrunner/mozilla-common.mk by patch
- pkgsrc/www/firefox/Makefile by patch
-------------------------------------------------------------------------
firefox-3.5.6 & xulrunner-1.9.1.6 fix the following vulnerabilities:
MFSA 2009-71 GeckoActiveXObject exception messages can be used to
enumerate installed COM objects
MFSA 2009-70 Privilege escalation via chrome window.opener
MFSA 2009-69 Location bar spoofing vulnerabilities
MFSA 2009-68 NTLM reflection vulnerability
MFSA 2009-67 Integer overflow, crash in libtheora video library
MFSA 2009-66 Memory safety fixes in liboggplay media library
MFSA 2009-65 Crashes with evidence of memory corruption
pkgsrc-2009Q3 commitmail json YAML
pullups #2950 + #2951
pkgsrc-2009Q3 commitmail json YAML
pkgsrc/www/drupal6/Makefile@1.17.2.1
/
diff
pkgsrc/www/drupal6/PLIST@1.4.4.1 / diff
pkgsrc/www/drupal6/distinfo@1.13.2.1 / diff
pkgsrc/www/drupal6/files/drupal.conf@1.2.6.1 / diff
pkgsrc/www/drupal6/PLIST@1.4.4.1 / diff
pkgsrc/www/drupal6/distinfo@1.13.2.1 / diff
pkgsrc/www/drupal6/files/drupal.conf@1.2.6.1 / diff
Pullup ticket 2951 - requested by taca
security update
Revisions pulled up:
- pkgsrc/www/drupal6/Makefile 1.18
- pkgsrc/www/drupal6/PLIST 1.5
- pkgsrc/www/drupal6/distinfo 1.14
- pkgsrc/www/drupal6/files/drupal.conf 1.3
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sat Dec 19 09:29:23 UTC 2009
Modified Files:
pkgsrc/www/drupal6: Makefile PLIST distinfo
pkgsrc/www/drupal6/files: drupal.conf
Log Message:
Update www/drupal6 package to 6.15, fixing security problem.
Drupal 6.15, 2009-12-16
----------------------
- Fixed security issues (Cross site scripting), see SA-CORE-2009-009.
- Fixed a variety of other bugs.
other pkgsrc changes:
* Add PKG_DESTDIR_SUPPORT spport.
* Use REPLACE_INTERPRETER.
* Change default.settings.php handling to fix PR pkg/42355.
To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.18 pkgsrc/www/drupal6/Makefile
cvs rdiff -u -r1.4 -r1.5 pkgsrc/www/drupal6/PLIST
cvs rdiff -u -r1.13 -r1.14 pkgsrc/www/drupal6/distinfo
cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/drupal6/files/drupal.conf
security update
Revisions pulled up:
- pkgsrc/www/drupal6/Makefile 1.18
- pkgsrc/www/drupal6/PLIST 1.5
- pkgsrc/www/drupal6/distinfo 1.14
- pkgsrc/www/drupal6/files/drupal.conf 1.3
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sat Dec 19 09:29:23 UTC 2009
Modified Files:
pkgsrc/www/drupal6: Makefile PLIST distinfo
pkgsrc/www/drupal6/files: drupal.conf
Log Message:
Update www/drupal6 package to 6.15, fixing security problem.
Drupal 6.15, 2009-12-16
----------------------
- Fixed security issues (Cross site scripting), see SA-CORE-2009-009.
- Fixed a variety of other bugs.
other pkgsrc changes:
* Add PKG_DESTDIR_SUPPORT spport.
* Use REPLACE_INTERPRETER.
* Change default.settings.php handling to fix PR pkg/42355.
To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.18 pkgsrc/www/drupal6/Makefile
cvs rdiff -u -r1.4 -r1.5 pkgsrc/www/drupal6/PLIST
cvs rdiff -u -r1.13 -r1.14 pkgsrc/www/drupal6/distinfo
cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/drupal6/files/drupal.conf
pkgsrc-2009Q3 commitmail json YAML
pkgsrc/www/drupal/Makefile@1.41.2.1
/
diff
pkgsrc/www/drupal/PLIST@1.8.4.1 / diff
pkgsrc/www/drupal/distinfo@1.32.2.1 / diff
pkgsrc/www/drupal/PLIST@1.8.4.1 / diff
pkgsrc/www/drupal/distinfo@1.32.2.1 / diff
Pullup ticket 2950 - requested by taca
security update
Revisions pulled up:
- pkgsrc/www/drupal/Makefile most of the diff 1.42-1.43
- pkgsrc/www/drupal/PLIST 1.9
- pkgsrc/www/drupal/distinfo 1.33
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sat Dec 19 09:20:23 UTC 2009
Modified Files:
pkgsrc/www/drupal: Makefile PLIST distinfo
Log Message:
Update www/drupal package to 5.21, fixing security problem.
Drupal 5.21, 2009-12-16
-----------------------
- Fixed a security issue (Cross site scripting), see SA-CORE-2009-009.
- Fixed a variety of small bugs.
To generate a diff of this commit:
cvs rdiff -u -r1.42 -r1.43 pkgsrc/www/drupal/Makefile
cvs rdiff -u -r1.8 -r1.9 pkgsrc/www/drupal/PLIST
cvs rdiff -u -r1.32 -r1.33 pkgsrc/www/drupal/distinfo
security update
Revisions pulled up:
- pkgsrc/www/drupal/Makefile most of the diff 1.42-1.43
- pkgsrc/www/drupal/PLIST 1.9
- pkgsrc/www/drupal/distinfo 1.33
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sat Dec 19 09:20:23 UTC 2009
Modified Files:
pkgsrc/www/drupal: Makefile PLIST distinfo
Log Message:
Update www/drupal package to 5.21, fixing security problem.
Drupal 5.21, 2009-12-16
-----------------------
- Fixed a security issue (Cross site scripting), see SA-CORE-2009-009.
- Fixed a variety of small bugs.
To generate a diff of this commit:
cvs rdiff -u -r1.42 -r1.43 pkgsrc/www/drupal/Makefile
cvs rdiff -u -r1.8 -r1.9 pkgsrc/www/drupal/PLIST
cvs rdiff -u -r1.32 -r1.33 pkgsrc/www/drupal/distinfo
MAIN commitmail json YAML
pkgsrc/news/inn/Makefile@1.100
/
diff
pkgsrc/news/inn/Makefile.common@1.6 / diff
pkgsrc/news/inn/PLIST@1.21 / diff
pkgsrc/news/inn/distinfo@1.24 / diff
pkgsrc/news/inn/options.mk@1.5 / diff
pkgsrc/news/inn/patches/patch-ab@1.9 / diff
pkgsrc/news/inn/patches/patch-ah@1.13 / diff
pkgsrc/news/inn/patches/patch-ai@1.7 / diff
pkgsrc/news/inn/Makefile.common@1.6 / diff
pkgsrc/news/inn/PLIST@1.21 / diff
pkgsrc/news/inn/distinfo@1.24 / diff
pkgsrc/news/inn/options.mk@1.5 / diff
pkgsrc/news/inn/patches/patch-ab@1.9 / diff
pkgsrc/news/inn/patches/patch-ah@1.13 / diff
pkgsrc/news/inn/patches/patch-ai@1.7 / diff
The next minor version of INN. From the release announcement:
Major changes from 2.5.0 to 2.5.1
* Fixed a segfault in imap_connection which could occur when SASL was
used.
* Fixed a segfault in the keyword generation code which was assuming
that an article was nul-terminated. Fixed another segfault in the
keyword generation code when an article already contained a Keywords:
header. Thanks to Nix for the bug reports.
* Owing to the US-CERT vulnerability note VU#238019, Cyrus SASL library
has slightly changed. imap_connection and nnrpd now handle that
change. Otherwise, some answers are too long to be properly computed
during SASL exchanges.
* Fixed a memory allocation problem which caused nnrpd to die when
retrieving via HDR/XHDR/XPAT the contents of an extra overview field
absent from the headers of an article. The NEWNEWS command was also
affected on very rare cases. Thanks to Tim Woodall for the bug
report.
* HDR/XHDR/XPAT answers are now robust when the overview database is
inconsistent. When the overview schema was modified without the
overview database being rebuilt, wrong results could be returned for
extra fields (especially a random portion of some other header). The
desired header name is now explicitly searched for in the overview
information.
* Fixed the source which is logged to the news log file for local
postings when the local server is not listed in incoming.conf. A
wrong name was used, taken amongst known peers. The source is now
logged as "localhost".
* Fixed a bug in the timecaf storage method: only the first 65535
articles could be retrievable in a CAF, though everything was properly
stored. (A Crunched Article File contains all the articles that
arrive to the news server during 256 seconds.)
The storage token now uses 4 bytes to store the article sequence
number for timecaf, instead of only 2 bytes. Thanks to Kamil Jonca
for the bug report and also the patch.
* Fixed a bug in both timecaf and timehash which prevented them from
working on systems where short ints were not 16-bit integers.
* When there is not enough space to write an entire CAF header, the
timecaf storage manager now uses a larger blocksize. On 32-bit
systems, the CAF header is about 300 bytes, leaving about 200 bytes
for the free bitmap index (the remaining of a 512-byte blocksize). On
64-bit systems, the size of the CAF header could exceed 512 bytes,
thus leaving no room for the free bitmap index. A 1 KB blocksize is
then used, or a larger size if need be.
* A new CNFS version has been introduced by Miquel van Smoorenburg in
the CNFS header. CNFSv4 uses 4 KB blocks instead of 512 bytes, which
more particularly makes writes faster. CNFSv4 supports
files/partitions up to 16 TB with a 4 KB blocksize.
Existing CNFS buffers are kept unchanged; only new CNFS buffers are
initialized with that new version.
* grephistory -l now returns the contents of the expires history field
as well as the hash of the message-ID. Besides, when the storage API
token does not exist, grephistory -v now also returns the hash of the
requested message-ID.
* The check on cancel messages when *verifycancels* is set to true in
inn.conf has been changed to verify that at least one newsgroup in the
cancel message can be found in the article to be cancelled. This new
feature is from Christopher Biedl.
The previous behaviour was to check whether the cancel message is from
the same person as the original post, which is extremely easy to
spoof; besides, RFC 5537 (USEPRO) mentions that "cancel control
messages are not required to contain From: and Sender: header fields
matching the target message. This requirement only encouraged cancel
issuers to conceal their identity and provided no security".
* The way the "/remember/" line in expire.ctl works has changed.
History retention for an article was done according to its original
arrival time; it is now according to its original posting date.
Otherwise, unnecessary data may be kept too long in the history file.
To achieve that, the HISremember() function in history API now expects
a fourth parameter: the article posting time.
Note that article expiration has not changed and is still based on
arrival time, unless the -p flag is passed to expire or expireover, in
which case posting time is used.
* The default value for "/remember/" has changed from 10 to 11 because
it should be one more than the *artcutoff* parameter in inn.conf, so
that articles posted one day into the future are properly retained in
history.
* auth_krb5 has been rewritten by Russ Allbery to use modern Kerberos
APIs. Note that using ckpasswd with PAM support and a Kerberos PAM
module instead of this authenticator is still recommended.
* A new -L flag has been added by Jonathan Kamens to makehistory so as
to specify a load average limit. If the system load average exceeds
the specified limit, makehistory sleeps until it goes below the limit.
* As UTF-8 is the default character set in RFC 3977, "ctlinnd pause",
"ctlinnd readers", "ctlinnd reject", "ctlinnd reserve", "ctlinnd
throttle" and "nnrpd -r" commands now require the given reason to be
encoded in UTF-8, so that it can be properly sent to news readers.
The creator's name given to "ctlinnd newgroup" is also expected to be
encoded in UTF-8.
* The output of consistency checks for article storage and the history
file no longer appears by default when "cnfsstat -a" is used. A new
-v flag has been added to cnfsstat so as to see it.
* The default path for TLS certificates has changed from *pathnews*/lib
to *pathetc*. It only affects new INN installations or generations of
certificates with "make cert". Besides, a default value has been
added to *tlscapath* because it is required by nnrpd when TLS is used.
* gzip(1) is now the default UUCP batcher in send-uucp instead of
compress(1) because gzip is more widely available than compress, due
to old patent issues. Note that there is no impact on decompression
as it is handled by rnews.
* cnfsheadconf now uses the Perl core module "Math::BigInt" rather than
the deprecated bigint.pl library. When used without specifying a CNFS
buffer, it now properly displays the status of all CNFS buffers.
Major changes from 2.5.0 to 2.5.1
* Fixed a segfault in imap_connection which could occur when SASL was
used.
* Fixed a segfault in the keyword generation code which was assuming
that an article was nul-terminated. Fixed another segfault in the
keyword generation code when an article already contained a Keywords:
header. Thanks to Nix for the bug reports.
* Owing to the US-CERT vulnerability note VU#238019, Cyrus SASL library
has slightly changed. imap_connection and nnrpd now handle that
change. Otherwise, some answers are too long to be properly computed
during SASL exchanges.
* Fixed a memory allocation problem which caused nnrpd to die when
retrieving via HDR/XHDR/XPAT the contents of an extra overview field
absent from the headers of an article. The NEWNEWS command was also
affected on very rare cases. Thanks to Tim Woodall for the bug
report.
* HDR/XHDR/XPAT answers are now robust when the overview database is
inconsistent. When the overview schema was modified without the
overview database being rebuilt, wrong results could be returned for
extra fields (especially a random portion of some other header). The
desired header name is now explicitly searched for in the overview
information.
* Fixed the source which is logged to the news log file for local
postings when the local server is not listed in incoming.conf. A
wrong name was used, taken amongst known peers. The source is now
logged as "localhost".
* Fixed a bug in the timecaf storage method: only the first 65535
articles could be retrievable in a CAF, though everything was properly
stored. (A Crunched Article File contains all the articles that
arrive to the news server during 256 seconds.)
The storage token now uses 4 bytes to store the article sequence
number for timecaf, instead of only 2 bytes. Thanks to Kamil Jonca
for the bug report and also the patch.
* Fixed a bug in both timecaf and timehash which prevented them from
working on systems where short ints were not 16-bit integers.
* When there is not enough space to write an entire CAF header, the
timecaf storage manager now uses a larger blocksize. On 32-bit
systems, the CAF header is about 300 bytes, leaving about 200 bytes
for the free bitmap index (the remaining of a 512-byte blocksize). On
64-bit systems, the size of the CAF header could exceed 512 bytes,
thus leaving no room for the free bitmap index. A 1 KB blocksize is
then used, or a larger size if need be.
* A new CNFS version has been introduced by Miquel van Smoorenburg in
the CNFS header. CNFSv4 uses 4 KB blocks instead of 512 bytes, which
more particularly makes writes faster. CNFSv4 supports
files/partitions up to 16 TB with a 4 KB blocksize.
Existing CNFS buffers are kept unchanged; only new CNFS buffers are
initialized with that new version.
* grephistory -l now returns the contents of the expires history field
as well as the hash of the message-ID. Besides, when the storage API
token does not exist, grephistory -v now also returns the hash of the
requested message-ID.
* The check on cancel messages when *verifycancels* is set to true in
inn.conf has been changed to verify that at least one newsgroup in the
cancel message can be found in the article to be cancelled. This new
feature is from Christopher Biedl.
The previous behaviour was to check whether the cancel message is from
the same person as the original post, which is extremely easy to
spoof; besides, RFC 5537 (USEPRO) mentions that "cancel control
messages are not required to contain From: and Sender: header fields
matching the target message. This requirement only encouraged cancel
issuers to conceal their identity and provided no security".
* The way the "/remember/" line in expire.ctl works has changed.
History retention for an article was done according to its original
arrival time; it is now according to its original posting date.
Otherwise, unnecessary data may be kept too long in the history file.
To achieve that, the HISremember() function in history API now expects
a fourth parameter: the article posting time.
Note that article expiration has not changed and is still based on
arrival time, unless the -p flag is passed to expire or expireover, in
which case posting time is used.
* The default value for "/remember/" has changed from 10 to 11 because
it should be one more than the *artcutoff* parameter in inn.conf, so
that articles posted one day into the future are properly retained in
history.
* auth_krb5 has been rewritten by Russ Allbery to use modern Kerberos
APIs. Note that using ckpasswd with PAM support and a Kerberos PAM
module instead of this authenticator is still recommended.
* A new -L flag has been added by Jonathan Kamens to makehistory so as
to specify a load average limit. If the system load average exceeds
the specified limit, makehistory sleeps until it goes below the limit.
* As UTF-8 is the default character set in RFC 3977, "ctlinnd pause",
"ctlinnd readers", "ctlinnd reject", "ctlinnd reserve", "ctlinnd
throttle" and "nnrpd -r" commands now require the given reason to be
encoded in UTF-8, so that it can be properly sent to news readers.
The creator's name given to "ctlinnd newgroup" is also expected to be
encoded in UTF-8.
* The output of consistency checks for article storage and the history
file no longer appears by default when "cnfsstat -a" is used. A new
-v flag has been added to cnfsstat so as to see it.
* The default path for TLS certificates has changed from *pathnews*/lib
to *pathetc*. It only affects new INN installations or generations of
certificates with "make cert". Besides, a default value has been
added to *tlscapath* because it is required by nnrpd when TLS is used.
* gzip(1) is now the default UUCP batcher in send-uucp instead of
compress(1) because gzip is more widely available than compress, due
to old patent issues. Note that there is no impact on decompression
as it is handled by rnews.
* cnfsheadconf now uses the Perl core module "Math::BigInt" rather than
the deprecated bigint.pl library. When used without specifying a CNFS
buffer, it now properly displays the status of all CNFS buffers.
pkgsrc-2009Q3 commitmail json YAML
pullup #2949
pkgsrc-2009Q3 commitmail json YAML
Pullup ticket 2949 - requested by tnn
security update
Revisions pulled up:
- pkgsrc/net/ntp4/Makefile 1.66
- pkgsrc/net/ntp4/distinfo 1.14
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tnn
Date: Tue Dec 15 10:53:21 UTC 2009
Modified Files:
pkgsrc/net/ntp4: Makefile distinfo
Log Message:
Update to ntp-4.2.4p8. Security fix for CVE-2009-3563 DoS vulnerability.
To generate a diff of this commit:
cvs rdiff -u -r1.65 -r1.66 pkgsrc/net/ntp4/Makefile
cvs rdiff -u -r1.13 -r1.14 pkgsrc/net/ntp4/distinfo
security update
Revisions pulled up:
- pkgsrc/net/ntp4/Makefile 1.66
- pkgsrc/net/ntp4/distinfo 1.14
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tnn
Date: Tue Dec 15 10:53:21 UTC 2009
Modified Files:
pkgsrc/net/ntp4: Makefile distinfo
Log Message:
Update to ntp-4.2.4p8. Security fix for CVE-2009-3563 DoS vulnerability.
To generate a diff of this commit:
cvs rdiff -u -r1.65 -r1.66 pkgsrc/net/ntp4/Makefile
cvs rdiff -u -r1.13 -r1.14 pkgsrc/net/ntp4/distinfo
pkgsrc-2009Q3 commitmail json YAML
pullup #2944
pkgsrc-2009Q3 commitmail json YAML
pkgsrc/databases/phpmyadmin/Makefile@1.79.4.1
/
diff
pkgsrc/databases/phpmyadmin/distinfo@1.41.4.1 / diff
pkgsrc/databases/phpmyadmin/distinfo@1.41.4.1 / diff
Pullup ticket 2944 - requested by tron
security update
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.80
- pkgsrc/databases/phpmyadmin/distinfo 1.42
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu Dec 3 12:05:10 UTC 2009
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 2.11.9.6. Changes since 2.11.9.5:
- [security] XSS and SQL injection, thanks to Herman van Rink
To generate a diff of this commit:
cvs rdiff -u -r1.79 -r1.80 pkgsrc/databases/phpmyadmin/Makefile
cvs rdiff -u -r1.41 -r1.42 pkgsrc/databases/phpmyadmin/distinfo
-------------------------------------------------------------------------
security update
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.80
- pkgsrc/databases/phpmyadmin/distinfo 1.42
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu Dec 3 12:05:10 UTC 2009
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 2.11.9.6. Changes since 2.11.9.5:
- [security] XSS and SQL injection, thanks to Herman van Rink
To generate a diff of this commit:
cvs rdiff -u -r1.79 -r1.80 pkgsrc/databases/phpmyadmin/Makefile
cvs rdiff -u -r1.41 -r1.42 pkgsrc/databases/phpmyadmin/distinfo
-------------------------------------------------------------------------
MAIN commitmail json YAML
pkgsrc/devel/rt3/Makefile@1.40
/
diff
pkgsrc/devel/rt3/Makefile.install@1.14 / diff
pkgsrc/devel/rt3/PLIST@1.16 / diff
pkgsrc/devel/rt3/distinfo@1.14 / diff
pkgsrc/devel/rt3/Makefile.install@1.14 / diff
pkgsrc/devel/rt3/PLIST@1.16 / diff
pkgsrc/devel/rt3/distinfo@1.14 / diff
update of rt3 to next version (without the session hijacking vulnerability)
upstream changelog:
UPGRADING FROM 3.8.5 and earlier - Changes:
You can now forward an entire Ticket history (in addition to specific
transactions) but this requires a new Template called forward ticket.
This template will be added when you run.
/opt/rt3/sbin/rt-setup-database --dba root --prompt-for-dba-password --action upgrade
Custom fields with categories can optionally be split out into
hierarchical custom fields. If you wish to convert your old
category-based custom fields, run:
perl etc/upgrade/split-out-cf-categories
It will prompt you for each custom field with categories that it
finds, and the name of the custom field to create to store the
categories.
If you were using the LocalizedDateTime RT::Date formatter from code
and passing a DateFormat or TimeFormat argument, you need to switch from
the strftime methods to the cldr methods (ie full_date_format becomes
date_format_full)
You may have done this from your RT_SiteConfig.pm by using
Set($DateTimeFormat, { Format => 'LocalizedDateTime', DateFormat => 'medium_date_format' );
upstream changelog:
UPGRADING FROM 3.8.5 and earlier - Changes:
You can now forward an entire Ticket history (in addition to specific
transactions) but this requires a new Template called forward ticket.
This template will be added when you run.
/opt/rt3/sbin/rt-setup-database --dba root --prompt-for-dba-password --action upgrade
Custom fields with categories can optionally be split out into
hierarchical custom fields. If you wish to convert your old
category-based custom fields, run:
perl etc/upgrade/split-out-cf-categories
It will prompt you for each custom field with categories that it
finds, and the name of the custom field to create to store the
categories.
If you were using the LocalizedDateTime RT::Date formatter from code
and passing a DateFormat or TimeFormat argument, you need to switch from
the strftime methods to the cldr methods (ie full_date_format becomes
date_format_full)
You may have done this from your RT_SiteConfig.pm by using
Set($DateTimeFormat, { Format => 'LocalizedDateTime', DateFormat => 'medium_date_format' );
pkgsrc-2009Q3 commitmail json YAML
pullup #2938
pkgsrc-2009Q3 commitmail json YAML
pkgsrc/net/bind95/Makefile@1.11.2.1
/
diff
pkgsrc/net/bind95/PLIST@1.3.4.1 / diff
pkgsrc/net/bind95/distinfo@1.9.2.1 / diff
pkgsrc/net/bind95/patches/patch-ac@1.2.6.1 / diff
pkgsrc/net/bind95/patches/patch-ad@1.1.1.1.16.1 / diff
pkgsrc/net/bind95/patches/patch-ai@1.1.1.1.16.1 / diff
pkgsrc/net/bind95/PLIST@1.3.4.1 / diff
pkgsrc/net/bind95/distinfo@1.9.2.1 / diff
pkgsrc/net/bind95/patches/patch-ac@1.2.6.1 / diff
pkgsrc/net/bind95/patches/patch-ad@1.1.1.1.16.1 / diff
pkgsrc/net/bind95/patches/patch-ai@1.1.1.1.16.1 / diff
Pullup ticket 2938 - requested by tron
security update
Revisions pulled up:
- pkgsrc/net/bind95/Makefile 1.13
- pkgsrc/net/bind95/PLIST 1.4
- pkgsrc/net/bind95/distinfo 1.11
- pkgsrc/net/bind95/patches/patch-ac 1.3
- pkgsrc/net/bind95/patches/patch-ad 1.3
- pkgsrc/net/bind95/patches/patch-ai 1.3
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: joerg
Date: Wed Nov 25 23:25:44 UTC 2009
Modified Files:
pkgsrc/net/bind95: Makefile distinfo
pkgsrc/net/bind95/patches: patch-ad patch-ai
Log Message:
Not MAKE_JOBS_SAFE. Prepare for libtool-2.2.
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 pkgsrc/net/bind95/Makefile
cvs rdiff -u -r1.9 -r1.10 pkgsrc/net/bind95/distinfo
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/net/bind95/patches/patch-ad \
pkgsrc/net/bind95/patches/patch-ai
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Mon Nov 30 11:58:30 UTC 2009
Modified Files:
pkgsrc/net/bind95: Makefile PLIST distinfo
pkgsrc/net/bind95/patches: patch-ac patch-ad patch-ai
Log Message:
Update "bind95" package to version 9.5.2pl1. Changes since 9.5.1pl3:
- Security fix for CVE-2009-4022 (incorrect DNSSEC validation)
- Bug fixes
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 pkgsrc/net/bind95/Makefile
cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/bind95/PLIST
cvs rdiff -u -r1.10 -r1.11 pkgsrc/net/bind95/distinfo
cvs rdiff -u -r1.2 -r1.3 pkgsrc/net/bind95/patches/patch-ac \
pkgsrc/net/bind95/patches/patch-ad pkgsrc/net/bind95/patches/patch-ai
security update
Revisions pulled up:
- pkgsrc/net/bind95/Makefile 1.13
- pkgsrc/net/bind95/PLIST 1.4
- pkgsrc/net/bind95/distinfo 1.11
- pkgsrc/net/bind95/patches/patch-ac 1.3
- pkgsrc/net/bind95/patches/patch-ad 1.3
- pkgsrc/net/bind95/patches/patch-ai 1.3
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: joerg
Date: Wed Nov 25 23:25:44 UTC 2009
Modified Files:
pkgsrc/net/bind95: Makefile distinfo
pkgsrc/net/bind95/patches: patch-ad patch-ai
Log Message:
Not MAKE_JOBS_SAFE. Prepare for libtool-2.2.
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 pkgsrc/net/bind95/Makefile
cvs rdiff -u -r1.9 -r1.10 pkgsrc/net/bind95/distinfo
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/net/bind95/patches/patch-ad \
pkgsrc/net/bind95/patches/patch-ai
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Mon Nov 30 11:58:30 UTC 2009
Modified Files:
pkgsrc/net/bind95: Makefile PLIST distinfo
pkgsrc/net/bind95/patches: patch-ac patch-ad patch-ai
Log Message:
Update "bind95" package to version 9.5.2pl1. Changes since 9.5.1pl3:
- Security fix for CVE-2009-4022 (incorrect DNSSEC validation)
- Bug fixes
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 pkgsrc/net/bind95/Makefile
cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/bind95/PLIST
cvs rdiff -u -r1.10 -r1.11 pkgsrc/net/bind95/distinfo
cvs rdiff -u -r1.2 -r1.3 pkgsrc/net/bind95/patches/patch-ac \
pkgsrc/net/bind95/patches/patch-ad pkgsrc/net/bind95/patches/patch-ai