pkgsrc Source-Changes / commit log search

Upgrade to nginx-1.6.2 to fix security vulnerability CVE-2014-3616.
Restore module checksums that were lost in last update.

Changes with nginx 1.6.2 16 Sep 2014

*) Security: it was possible to reuse SSL sessions in unrelated contexts
if a shared SSL session cache or the same TLS session ticket key was
used for multiple "server" blocks (CVE-2014-3616).
Thanks to Antoine Delignat-Lavaud.

*) Bugfix: requests might hang if resolver was used and a DNS server
returned a malformed response; the bug had appeared in 1.5.8.

*) Bugfix: requests might hang if resolver was used and a timeout
occurred during a DNS request.

(kim)

2014-09-24 01:07:19 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3607 / diff

Updated devel/mantis to 1.2.17

(rodent)

2014-09-24 01:06:26 UTC MAIN commitmail json YAML

pkgsrc/devel/mantis/MESSAGE@1.6 / diff
pkgsrc/devel/mantis/Makefile@1.43 / diff
pkgsrc/devel/mantis/PLIST@1.18 / diff
pkgsrc/devel/mantis/distinfo@1.17 / diff
pkgsrc/devel/mantis/options.mk@1.1 / diff

Update to 1.2.17. pkgsrc changes: Add bash:run to USE_TOOLS and
REPLACE_BASH in installed file. Replace PHP interpreter in installed *.php
files. Move options framework into options.mk. Use INSTALLATION_DIRS
instead of INSTALL_DATA_DIR. From doc/RELEASE:

1.2.17 Security Release (2014-03-04)
-------------------------------------------------

MantisBT 1.2.17 is a security update for the stable 1.2.x branch. All
installations that are currently running any 1.2.x version are strongly advised
to upgrade to this release. Download it from [3].

An SQL injection vulnerability (CVE-2014-2238) in adm_config_report.php was
patched. Refer to issue #17055 for detailed information.

This release also includes a few bug fixes for the tracker, including News API
correction for the regression issue #16940 introduced in 1.2.16, as well as
updated translations in many languages.

A full changelog for the 1.2.x series can be found on the official site. [1]

1.2.16 Security Release (2014-02-07)
-------------------------------------------------

MantisBT 1.2.16 is a security update for the stable 1.2.x branch. All
installations that are currently running any 1.2.x version are strongly advised
to upgrade to this release. Download it from [3].

The following security issues were resolved:

- Cross-site scripting (XSS) issue in account_sponsor_page.php, allowing a
malicious user with project manager access to execute arbitrary JavaScript
code (CVE-2013-4460). Affects MantisBT 1.1.0 and later.
Refer to issue #16513 for detailed information.

- SQL injection attacks through the SOAP API's mc_attachment_get() function
(CVE-2014-1608). Affects MantisBT 1.1.0a4 and later.
Refer to issue #16879 for detailed information.

- Additional cases of unsanitized SQL query parameters usage were identified,
potentially allowing SQL injection attacks (CVE-2014-1609).
Refer to issue #16880 for detailed information.

This release also includes many bug fixes and enhancements to the tracker
and the SOAP api, as well as updated translations in many languages.

A full changelog for the 1.2.x series can be found on the official site. [1]

[1] The changelog is split between multiple releases:

1.2.17 http://www.mantisbt.org/bugs/changelog_page.php?version_id=189
1.2.16 http://www.mantisbt.org/bugs/changelog_page.php?version_id=183

(rodent)

2014-09-23 22:52:01 UTC MAIN commitmail json YAML

pkgsrc/math/genius/distinfo@1.21 / diff
pkgsrc/math/genius/patches/patch-src_genius.c@1.1 / diff

Don't include termcap.h on SunOS.

(jperkin)

2014-09-23 22:40:27 UTC MAIN commitmail json YAML

pkgsrc/editors/uemacs/distinfo@1.12 / diff
pkgsrc/editors/uemacs/patches/patch-ag@1.6 / diff

Don't include termcap.h on SunOS.

(jperkin)

2014-09-23 22:37:29 UTC MAIN commitmail json YAML

pkgsrc/chat/icb/distinfo@1.16 / diff
pkgsrc/chat/icb/patches/patch-an@1.6 / diff

Don't include termcap.h on SunOS.

(jperkin)

2014-09-23 22:30:30 UTC MAIN commitmail json YAML

pkgsrc/editors/ne/Makefile@1.16 / diff

Use appropriate build target on SunOS.

(jperkin)

2014-09-23 22:26:24 UTC MAIN commitmail json YAML

pkgsrc/lang/mono/distinfo@1.96 / diff
pkgsrc/lang/mono/patches/patch-mono_mini_mini-arm.c@1.3 / diff

fix arm build

(jmcneill)

2014-09-23 22:24:38 UTC MAIN commitmail json YAML

pkgsrc/editors/ve/distinfo@1.7 / diff
pkgsrc/editors/ve/patches/patch-term.c@1.2 / diff

Don't include termcap.h on SunOS.

(jperkin)

2014-09-23 22:21:43 UTC MAIN commitmail json YAML

pkgsrc/games/greed/distinfo@1.8 / diff
pkgsrc/games/greed/patches/patch-ab@1.4 / diff

Don't include termcap.h on SunOS.

(jperkin)

2014-09-23 22:18:22 UTC MAIN commitmail json YAML

pkgsrc/sysutils/psmisc/distinfo@1.6 / diff
pkgsrc/sysutils/psmisc/patches/patch-af@1.6 / diff

Fix build on systems which lack BSD termcap.

(jperkin)

2014-09-23 22:13:50 UTC MAIN commitmail json YAML

pkgsrc/chat/ircu/distinfo@1.14 / diff
pkgsrc/chat/ircu/patches/patch-ircd_engine__epoll.c@1.1 / diff

Fix build on SunOS when epoll is available.

(jperkin)

2014-09-23 21:47:52 UTC MAIN commitmail json YAML

pkgsrc/emulators/dega/Makefile@1.20 / diff

SunOS needs -lm.

(jperkin)

2014-09-23 21:41:07 UTC MAIN commitmail json YAML

pkgsrc/www/deforaos-surfer/Makefile@1.18 / diff

SunOS needs -lnsl -lresolv.

(jperkin)

2014-09-23 19:39:50 UTC MAIN commitmail json YAML

pkgsrc/security/oath-toolkit/Makefile@1.14 / diff
pkgsrc/security/oath-toolkit/PLIST@1.5 / diff

Sync PLIST with reality adding various man pages. Bump revision.

(joerg)

2014-09-23 19:39:17 UTC MAIN commitmail json YAML

pkgsrc/geography/proj-swig/distinfo@1.4 / diff
pkgsrc/geography/proj-swig/patches/patch-configure@1.1 / diff

Add rpath for libpython.

(joerg)

2014-09-23 19:07:06 UTC MAIN commitmail json YAML

pkgsrc/graphics/tesseract/Makefile@1.13 / diff

SunOS needs -lsocket -lnsl.

(jperkin)

2014-09-23 18:55:24 UTC MAIN commitmail json YAML

pkgsrc/games/tanked/Makefile@1.20 / diff

SunOS needs -lsocket -lnsl.

(jperkin)

2014-09-23 18:19:22 UTC MAIN commitmail json YAML

pkgsrc/www/webkit1-gtk/buildlink3.mk@1.2 / diff

Make sure all patterns provide the upper limit to avoid conflicting
packages getting installed in bulk builds.

(joerg)

2014-09-23 18:18:42 UTC MAIN commitmail json YAML

pkgsrc/devel/java-subversion/Makefile@1.29 / diff

Fails rather spectaculary with MAKE_JOBS, so disable it.

(joerg)

2014-09-23 17:57:04 UTC MAIN commitmail json YAML

pkgsrc/net/dhisd/Makefile@1.16 / diff
pkgsrc/net/dhisd/distinfo@1.5 / diff
pkgsrc/net/dhisd/patches/patch-aa@1.4 / diff

SunOS needs -lsocket -lnsl.

(jperkin)

2014-09-23 15:52:13 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3606 / diff

Note update of www/fengoffice package to 2.7.1.1.

(taca)

2014-09-23 15:51:43 UTC MAIN commitmail json YAML

pkgsrc/www/fengoffice/Makefile@1.31 / diff
pkgsrc/www/fengoffice/PLIST@1.19 / diff
pkgsrc/www/fengoffice/distinfo@1.21 / diff

Update fengoffice to 2.7.1.1.

Changes from 2.6.1 is too many, please refer <http://sourceforge.net/projects/opengoo/files/fengoffice/fengoffice_2.7.0/> in detail.

And this release contains security fix, XSS.

(taca)

2014-09-23 15:13:23 UTC MAIN commitmail json YAML

pkgsrc/lang/polyml/Makefile@1.12 / diff

Provide flag to set correct RPATH in pkg-config.

(asau)

2014-09-23 15:11:54 UTC MAIN commitmail json YAML

pkgsrc/security/ssdeep/Makefile@1.4 / diff
pkgsrc/security/ssdeep/distinfo@1.4 / diff
pkgsrc/security/ssdeep/patches/patch-Makefile.in@1.1 / diff

Don't forcefully build only a static library. Bump revision.

(joerg)

2014-09-23 15:09:54 UTC MAIN commitmail json YAML

pkgsrc/multimedia/hwdecode-demos/Makefile@1.12 / diff

Resort, fixes use of undefined variable as mentioned by obache@

(joerg)

2014-09-23 14:59:24 UTC MAIN commitmail json YAML

pkgsrc/net/dhid/Makefile@1.23 / diff
pkgsrc/net/dhid/distinfo@1.6 / diff
pkgsrc/net/dhid/patches/patch-aa@1.4 / diff

SunOS needs -lsocket -lnsl.

(jperkin)

2014-09-23 14:53:03 UTC MAIN commitmail json YAML

pkgsrc/misc/wdic/Makefile@1.4 / diff
pkgsrc/misc/wdic/distinfo@1.4 / diff
pkgsrc/misc/wdic/patches/patch-aa@1.2 / diff

SunOS needs -lsocket -lnsl.

(jperkin)

2014-09-23 14:50:03 UTC MAIN commitmail json YAML

pkgsrc/net/bounce/Makefile@1.13 / diff
pkgsrc/net/bounce/distinfo@1.6 / diff
pkgsrc/net/bounce/patches/patch-ab@1.2 / diff

SunOS needs -lsocket -lnsl.

(jperkin)

2014-09-23 14:40:28 UTC MAIN commitmail json YAML

pkgsrc/mail/cyrus-imapd/Makefile@1.103 / diff

SunOS needs -lsocket.

(jperkin)

2014-09-23 14:33:40 UTC MAIN commitmail json YAML

pkgsrc/biology/gnome-chemistry-utils/distinfo@1.6 / diff
pkgsrc/biology/gnome-chemistry-utils/patches/patch-libs_gccv_text.cc@1.1 / diff

Fix "call of overloaded 'abs(unsigned int)' is ambiguous".

(jperkin)

2014-09-23 14:29:51 UTC MAIN commitmail json YAML

pkgsrc/multimedia/mpeg_encode/Makefile@1.18 / diff
pkgsrc/multimedia/mpeg_encode/distinfo@1.10 / diff
pkgsrc/multimedia/mpeg_encode/patches/patch-ac@1.3 / diff

Fix build on SunOS (socket libraries, use strerror()).

(jperkin)

2014-09-23 14:26:35 UTC MAIN commitmail json YAML

pkgsrc/security/stud/Makefile@1.3 / diff
pkgsrc/security/stud/PLIST@1.3 / diff

Provide a catman page where mdoc pages are not supported. PKGREVISION++

(fhajny)

2014-09-23 13:55:00 UTC MAIN commitmail json YAML

pkgsrc/benchmarks/netperf/distinfo@1.9 / diff
pkgsrc/benchmarks/netperf/patches/patch-src_dscp.c@1.2 / diff

SunOS needs sys/types.h too.

(jperkin)

2014-09-23 13:50:01 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3605 / diff

Updated audio/libxmp to 4.2.7nb1

(jperkin)

2014-09-23 13:49:30 UTC MAIN commitmail json YAML

pkgsrc/audio/libxmp/Makefile@1.7 / diff
pkgsrc/audio/libxmp/distinfo@1.6 / diff
pkgsrc/audio/libxmp/patches/patch-src_common.h@1.1 / diff

Avoid versioned symbols on SunOS to fix dependencies.

Bump PKGREVISION as package previously built, was just missing symbols.

(jperkin)

2014-09-23 13:47:47 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3604 / diff

Note update of the "phpmyadmin" package to version 4.2.9.

(tron)

2014-09-23 13:47:31 UTC MAIN commitmail json YAML

pkgsrc/databases/phpmyadmin/Makefile@1.134 / diff
pkgsrc/databases/phpmyadmin/PLIST@1.39 / diff
pkgsrc/databases/phpmyadmin/distinfo@1.91 / diff

Update "phpmyadmin" package to version 4.2.9.

The following bugs have been fixed since version 4.2.7.1:
- bug ajax.js responseHandler: cannot read property of null
- bug sql.js: str is undefined
- bug #4524 Allow for direct selection of "0" on the "user overview" page
- bug #4529 Undefined index: pos
- bug #4523 tbl_change.js: insert as new row submit type on multiple
selected records does not set all AUTO_INCREMENTs to 0 value
- bug ajax.js responseHandler: another "cannot read property"
- bug tbl_structure.js "cannot read property"
- bug #4530 [security] DOM based XSS that results to a CSRF that creates a
ROOT account in certain conditions
- bug #4516 Odd export behavior
- bug #4519 Uncaught TypeError: Cannot read property 'success' of null
- bug #4520 sql.js: cannot read property
- bug #4521 Initially allowed chart types do not match selected data
- bug #4518 Export to SQL: CREATE TABLE option AUTO_INCREMENT ignored
- bug #4522 Duplicate column names while assigning index
- bug #4487 Export of partitioned table does not import
- bug server_privileges.js: cannot read property
- bug #4527 Importing ODS files with column names having trailing spaces fails
- bug #4413 Navigation Error in Nav Tree for Search Results Past the First Page
- bug functions.js: Cannot read property 'replace' of undefined

(tron)

2014-09-23 13:28:54 UTC MAIN commitmail json YAML

pkgsrc/audio/soundtouch/distinfo@1.2 / diff
pkgsrc/audio/soundtouch/patches/patch-source_SoundTouch_FIRFilter.cpp@1.1 / diff
pkgsrc/audio/soundtouch/patches/patch-source_SoundTouch_SoundTouch.cpp@1.1 / diff

Fix build on SunOS (alloca() needs alloca.h)

(jperkin)

2014-09-23 13:21:16 UTC MAIN commitmail json YAML

pkgsrc/net/Makefile@1.1036 / diff

Add newly added p5-Net-SSH-Expect.

(he)

2014-09-23 13:13:49 UTC MAIN commitmail json YAML

pkgsrc/mail/mutt-devel/options.mk@1.46 / diff

When using native curses on SunOS we must use X/Open Curses, SYSV curses
doesn't support mvchgat.

(jperkin)

2014-09-23 12:06:49 UTC MAIN commitmail json YAML

pkgsrc/devel/deforaos-libsystem/Makefile@1.8 / diff
pkgsrc/devel/deforaos-libsystem/distinfo@1.5 / diff
pkgsrc/devel/deforaos-libsystem/patches/patch-src_Makefile@1.1 / diff
pkgsrc/devel/deforaos-libsystem/patches/patch-tests_tests.sh@1.2 / diff

Fix some build issues exposed by the cwrappers build:

- Use REPLACE_SH for echo -n.
- Use LD_LIBRARY_PATH for tests to find pre-installed libraries.
- Fix parallel build issues.

(jperkin)

2014-09-23 10:54:09 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3603 / diff

Note addition of net/p5-Net-SSH-Expect version 1.09.

(he)

2014-09-23 10:53:09 UTC MAIN commitmail json YAML

pkgsrc/net/p5-Net-SSH-Expect/DESCR@1.1 / diff
pkgsrc/net/p5-Net-SSH-Expect/Makefile@1.1 / diff
pkgsrc/net/p5-Net-SSH-Expect/distinfo@1.1 / diff

Add p5-Net-SSH-Expect -- a module doing expect over an SSH session.

(he)

2014-09-23 09:08:21 UTC MAIN commitmail json YAML

pkgsrc/math/pari/Makefile@1.61 / diff

Remove TOOLS_DIR references from the generated pari.cfg.

(jperkin)

2014-09-23 08:51:00 UTC MAIN commitmail json YAML

pkgsrc/misc/ruby-pry/Makefile@1.2 / diff

Needs rdoc 4.0.0 or newer. Fixes build with RUBY_VERSION_DEFAULT=193,
no change on newer Ruby versions.

(fhajny)

2014-09-23 08:31:14 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3602 / diff

Updated lang/nodejs to 0.10.32

(fhajny)

2014-09-23 08:30:58 UTC MAIN commitmail json YAML

pkgsrc/lang/nodejs/Makefile@1.28 / diff
pkgsrc/lang/nodejs/PLIST@1.19 / diff
pkgsrc/lang/nodejs/distinfo@1.22 / diff

Update nodejs to 0.10.32.

2014.09.16, Version 0.10.32 (Stable)
* npm: Update to 1.4.28
* v8: fix a crash introduced by previous release (Fedor Indutny)
* configure: add --openssl-no-asm flag (Fedor Indutny)
* crypto: use domains for any callback-taking method (Chris Dickinson)
* http: do not send `0\r\n\r\n` in TE HEAD responses (Fedor Indutny)
* querystring: fix unescape override (Tristan Berger)
* url: Add support for RFC 3490 separators (Mathias Bynens)

(fhajny)

2014-09-23 07:07:26 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3601 / diff

Updated www/moodle to 2.7.2

(wen)

2014-09-23 07:06:10 UTC MAIN commitmail json YAML

pkgsrc/www/moodle/Makefile@1.31 / diff
pkgsrc/www/moodle/distinfo@1.22 / diff

Update to 2.7.2(security update)

Upstream changes:
Highlights
MDL-45780 - Atto now working with form change checker and quiz autosave
MDL-46748 - Mathjax address that changed, that caused Atto to fail to load, has been updated in Moodle
MDL-35984 - Gradebook Sum of grades shows correct total if items are hidden
Functional changes
MDL-45724 - Warning given when the same memcached instance is used for both sessions and MUC
MDL-46681 - For Multiple choices questions in the quiz / question bank, the options "Clear incorrect responses" and "Show the number of correct responses" did not make sense for "One answer only" questions. It is now impossible to select that combination of options on the form.
Security issues
MSA-14-0033 URL parameter injection in CAS authentication
MSA-14-0034 Identity information revealed early in Q&A forum
Fixes and improvements
MDL-37509 - Description of assignment hidden in calendar if "always show description" = NO
MDL-46545 - Weekly stats now working again
MDL-46589 - Automatic emails now sent after users import from CSV
MDL-43197 - Parent role only sees course total and no longer individual grades
MDL-46236 - Start New Attempt option is now followed if SCORM is set to appear in a popup

Approved by: wiz@

(wen)

2014-09-22 12:02:05 UTC MAIN commitmail json YAML

pkgsrc/sysutils/open-vm-tools/Makefile@1.47 / diff

Don't bail out on unused local typedefs for clang.

(joerg)

2014-09-22 11:56:54 UTC MAIN commitmail json YAML

pkgsrc/x11/hanterm/patches/patch-ptyx.h@1.1 / diff

Forgotten patch for last commit.

(joerg)

2014-09-22 11:56:39 UTC MAIN commitmail json YAML

pkgsrc/x11/hanterm/distinfo@1.12 / diff
pkgsrc/x11/hanterm/patches/patch-ab@1.3 / diff
pkgsrc/x11/hanterm/patches/patch-ae@1.5 / diff

Fix implicit prototype conflicts. Always include termios.h for ECHO.

(joerg)

2014-09-22 11:55:59 UTC MAIN commitmail json YAML

pkgsrc/sysutils/xenkernel33/Makefile@1.28 / diff

Don't bail out on unused local typedefs.

(joerg)

2014-09-22 11:55:37 UTC MAIN commitmail json YAML

pkgsrc/security/heimdal/PLIST.OpenBSD@1.2 / diff
pkgsrc/security/heimdal/distinfo@1.42 / diff
pkgsrc/security/heimdal/patches/patch-lib_libedit_src_unvis.c@1.2 / diff
pkgsrc/security/heimdal/patches/patch-lib_libedit_src_vis.c@1.2 / diff

Clean up RCS IDs in patches and PLIST to avoid permanent rebuilds.

(joerg)

2014-09-22 11:55:07 UTC MAIN commitmail json YAML

pkgsrc/multimedia/hwdecode-demos/Makefile@1.11 / diff
pkgsrc/multimedia/hwdecode-demos/PLIST@1.3 / diff

VAAPI might be missing too, handle in PLIST.

(joerg)

2014-09-22 11:54:45 UTC MAIN commitmail json YAML

pkgsrc/lang/openjdk7/distinfo@1.54 / diff
pkgsrc/lang/openjdk7/patches/patch-corba_make_common_shared_Defs-java.gmk@1.3 / diff

Force serial GC for jar invocations.

(joerg)

2014-09-22 11:54:15 UTC MAIN commitmail json YAML

pkgsrc/ham/gnuradio-core-docs/Makefile@1.28 / diff
pkgsrc/ham/gnuradio-core-docs/PLIST@1.19 / diff
pkgsrc/ham/usrp-docs/Makefile@1.26 / diff
pkgsrc/ham/usrp-docs/PLIST@1.15 / diff

Dance the doxygen!

(joerg)

2014-09-22 11:53:43 UTC MAIN commitmail json YAML

pkgsrc/graphics/vid/distinfo@1.8 / diff
pkgsrc/graphics/vid/patches/patch-aa@1.4 / diff

Deal with move of netpbm headers.

(joerg)

2014-09-22 11:53:18 UTC MAIN commitmail json YAML

pkgsrc/devel/snappy-java10/Makefile@1.2 / diff

Honour DIST_SUBDIR.

(joerg)

2014-09-22 11:53:00 UTC MAIN commitmail json YAML

pkgsrc/devel/delta/Makefile@1.7 / diff

Perl script work significantly better with Perl around. Bump revision.

(joerg)

2014-09-22 11:52:18 UTC MAIN commitmail json YAML

pkgsrc/databases/libcassandra/Makefile@1.26 / diff

Don't bail out on unused local typedefs. Bump revision.

(joerg)

2014-09-22 11:51:14 UTC MAIN commitmail json YAML

pkgsrc/cross/h8300-elf-gcc34/distinfo@1.2 / diff
pkgsrc/cross/h8300-elf-gcc34/patches/patch-gcc_cp_cfns.h@1.1 / diff

Drop explicit inline violating C99 semantics.

(joerg)

2014-09-22 11:50:30 UTC MAIN commitmail json YAML

pkgsrc/cross/avr-libc/Makefile@1.35 / diff
pkgsrc/cross/avr-libc/PLIST@1.18 / diff

Simplify. Sync PLIST with reality. Bump revision.

(joerg)

2014-09-22 11:49:42 UTC MAIN commitmail json YAML

pkgsrc/cross/bossa/Makefile@1.6 / diff

Don't bail out on unused local typedefs with clang.

(joerg)

2014-09-22 10:49:57 UTC MAIN commitmail json YAML

pkgsrc/devel/p5-Curses/Makefile@1.47 / diff

Fix build on Linux where the default curses implementation is ncurses.

(jperkin)

2014-09-22 10:47:18 UTC MAIN commitmail json YAML

pkgsrc/devel/p5-Curses/distinfo@1.15 / diff
pkgsrc/devel/p5-Curses/patches/patch-CursesFun.c@1.1 / diff

Fix build on systems which do not defined KEY_CODE_YES, using KEY_MIN
instead (notably SunOS).

(jperkin)

2014-09-21 21:39:54 UTC pkgsrc-2014Q2 commitmail json YAML

pkgsrc/doc/CHANGES-pkgsrc-2014Q2@1.1.2.35 / diff

pullup 4500

(spz)

2014-09-21 21:39:04 UTC pkgsrc-2014Q2 commitmail json YAML

pkgsrc/net/wireshark/Makefile@1.123.2.2 / diff
pkgsrc/net/wireshark/distinfo@1.75.2.2 / diff

Pullup ticket #4500 - requested by tron
net/wireshark: security update

Revisions pulled up:
- net/wireshark/Makefile 1.125
- net/wireshark/distinfo 1.77

-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Sep 17 22:32:18 UTC 2014

Modified Files:
pkgsrc/net/wireshark: Makefile distinfo

Log Message:
Update "wireshark" package to version 1.10.10. Changes since 1.10.9:
- The following vulnerabilities have been fixed.
* wnpa-sec-2014-12
RTP dissector crash. (Bug 9920) CVE-2014-6421
CVE-2014-6422
* wnpa-sec-2014-13
MEGACO dissector infinite loop. (Bug 10333)
CVE-2014-6423
* wnpa-sec-2014-14
Netflow dissector crash. (Bug 10370) CVE-2014-6424
* wnpa-sec-2014-17
RTSP dissector crash. (Bug 10381) CVE-2014-6427
* wnpa-sec-2014-18
SES dissector crash. (Bug 10454) CVE-2014-6428
* wnpa-sec-2014-19
Sniffer file parser crash. (Bug 10461)
CVE-2014-6429 CVE-2014-6430 CVE-2014-6431
CVE-2014-6432
- The following bugs have been fixed:
* Wireshark can crash during remote capture (rpcap)
configuration. (Bug 3554, Bug 6922,
ws-buglink:7021)
* MIPv6 Service Selection Identifier parse error. (Bug
10323)
* 802.11 BA sequence number decode is broken. (Bug 10334)
* TRILL NLPID 0xc0 unknown to Wireshark. (Bug 10382)
* Wrong decoding of RPKI RTR End of Data PDU. (Bug 10411)
* Misparsed NTP control assignments with empty values.
(Bug 10417)
* 6LoWPAN multicast address decompression problems. (Bug
10426)
* GUI Hangs when Selecting Path to GeoIP Files. (Bug
10434)
* 6LoWPAN context handling not working. (Bug 10443)
* SIP: When export to a CSV, Info is changed to differ.
(Bug 10453)
* Typo in packet-netflow.c. (Bug 10458)
* UCP dissector bug of operation 30 - data not decoded.
(Bug 10464)
- Updated Protocol Support
6LoWPAN, DVB-CI, IEEE 802.11, MEGACO, MIPv6, Netflow, NTP, OSI,
RPKI RTR, RTP, RTSP, SES, SIP, and UCP
- New and Updated Capture File Support
DOS Sniffer, and NetScaler

To generate a diff of this commit:
cvs rdiff -u -r1.124 -r1.125 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.76 -r1.77 pkgsrc/net/wireshark/distinfo

(spz)

2014-09-21 14:49:45 UTC MAIN commitmail json YAML

pkgsrc/net/xymon/Makefile@1.41 / diff
pkgsrc/net/xymon/distinfo@1.13 / diff
pkgsrc/net/xymon/patches/patch-xymond_client_netbsd.c@1.2 / diff
pkgsrc/net/xymon/patches/patch-xymond_rrd_do__disk.c@1.1 / diff

fix inode checks for NetBSD
fix inode check result rrd handling for all BSDish systems; if you use
xymon-4.3.17nb1 on *BSD you may have lots of inode<number>.rrd files
in /var/xymon/rrd, since it used iavail instead of the name of the
filesystem mount to identify the inode usage stats.

(spz)

2014-09-21 11:20:19 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3600 / diff

Updated net/mikutter to 3.0.6

(obache)

2014-09-21 11:20:08 UTC MAIN commitmail json YAML

pkgsrc/net/mikutter/Makefile@1.88 / diff
pkgsrc/net/mikutter/PLIST@1.28 / diff
pkgsrc/net/mikutter/distinfo@1.78 / diff

Update mikutter to 3.0.6.

* Update translations
* Add Portuguese language
* Fixes crash with passing Listner to select of setting DSL
* Remove unused remaining UI settings
* show retweets
* show faved
* Fixes to work some checkbox in standard plugins' settings properly.

(obache)

2014-09-21 10:47:37 UTC MAIN commitmail json YAML

pkgsrc/graphics/libsixel/Makefile@1.7 / diff

Set preferred URL to HOMEPAGE.

(obache)

2014-09-21 04:43:51 UTC MAIN commitmail json YAML

pkgsrc/x11/gnome-desktop3/Makefile@1.19 / diff
pkgsrc/x11/gnome-desktop3/distinfo@1.8 / diff
pkgsrc/x11/gnome-desktop3/patches/patch-aa@1.4 / diff
pkgsrc/x11/gnome-desktop3/patches/patch-configure@1.1 / diff
pkgsrc/x11/gnome-desktop3/patches/patch-configure.ac deleted
pkgsrc/x11/gnome-desktop3/patches/patch-libgnome-desktop_Makefile.am deleted
pkgsrc/x11/gnome-desktop3/patches/patch-libgnome-desktop_Makefile.in@1.1 / diff

Second attempt at:

Fix build on systems which don't provide openat() such as NetBSD 6
https://bugzilla.gnome.org/show_bug.cgi?id=735974

after Joerg's failure report. Previous was tested on NetBSD 6 and 7. Not
so this time.

(prlw1)

2014-09-21 00:09:24 UTC MAIN commitmail json YAML

pkgsrc/mail/nmh/Makefile@1.86 / diff

The configure script checks for arc4random(), but the program uses
arc4random_buf(); netbsd-5 (and presumably earlier) has the one but
not the other. Just disable it, because all it's using the randomness
for is message-ids. Fixes the netbsd-5 build.

(dholland)

2014-09-20 23:26:50 UTC MAIN commitmail json YAML

pkgsrc/doc/TODO@1.13671 / diff

nmh 1.6 was added recently.

(dholland)

2014-09-20 23:15:57 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3599 / diff

nmh

(dholland)

2014-09-20 23:15:03 UTC MAIN commitmail json YAML

pkgsrc/mail/nmh/Makefile@1.85 / diff

This version of nmh specifically needs terminfo and not termcap
Adjust accordingly and bump PKGREVISION.

(dholland)

2014-09-20 23:01:20 UTC MAIN commitmail json YAML

pkgsrc/mail/nmh/distinfo@1.18 / diff
pkgsrc/mail/nmh/patches/patch-uip_folder.c deleted

Remove empty patch file. Regen distinfo, which also removes references
to two other patches that apparently no longer exist.

(dholland)

2014-09-20 21:14:35 UTC MAIN commitmail json YAML

pkgsrc/x11/wxGTK30/buildlink3.mk@1.2 / diff

Include libSM since it's needed.

(wiz)

2014-09-20 19:12:26 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3598 / diff

Updated comms/asterisk to 11.12.1

(jnemeth)

2014-09-20 19:12:16 UTC MAIN commitmail json YAML

pkgsrc/comms/asterisk/Makefile@1.111 / diff
pkgsrc/comms/asterisk/distinfo@1.66 / diff

Update to Asterisk 11.12.1: this is mainly a security fix for AST-2014-010.

The Asterisk Development Team has announced security releases for Certified
Asterisk 11.6 and Asterisk 11 and 12. The available security releases are
released as versions 11.6-cert6, 11.12.1, and 12.5.1.

Please note that the release of these versions resolves the following security
vulnerability:

* AST-2014-010: Remote Crash when Handling Out of Call Message in Certain
Dialplan Configurations

Note that the crash described in AST-2014-010 can be worked around through
dialplan configuration. Given the likelihood of the issue, an advisory was
deemed to be warranted.

For more information about the details of these vulnerabilities, please read
security advisories AST-2014-009 and AST-2014-010, which were released at the
same time as this announcement.

For a full list of changes in the current releases, please see the ChangeLogs:

http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.12.1

The security advisories are available at:

* http://downloads.asterisk.org/pub/security/AST-2014-010.pdf

Thank you for your continued support of Asterisk!

(jnemeth)

2014-09-20 18:13:29 UTC MAIN commitmail json YAML

pkgsrc/lang/snobol/Makefile@1.30 / diff

fix path in snobol post-build target

(jakllsch)

2014-09-20 17:56:49 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3597 / diff

Updated math/py-pytables to 3.1.1

(wiz)

2014-09-20 17:56:36 UTC MAIN commitmail json YAML

pkgsrc/math/py-pytables/Makefile@1.31 / diff
pkgsrc/math/py-pytables/distinfo@1.12 / diff
pkgsrc/math/py-pytables/patches/patch-setup.py@1.1 / diff

Update to 3.1.1 and fix build with py-cython-0.20+.

We are happy to announce PyTables 3.1.1.

This is a bug-fix release that addresses a critical bug that make PyTables
unusable on some platforms.

What's new
==========

- Fixed a critical bug that caused an exception at import time.
The error was triggered when a bug in long-double detection is detected
in the HDF5 library (see :issue:`275`) and numpy_ does not expose
`float96` or `float128`. Closes :issue:`344`.
- The internal Blosc_ library has been updated to version 1.3.5.
This fixes a false buffer overrun condition that made c-blosc to fail,
even if the problem was not real.

As always, a large amount of bugs have been addressed and squashed as well.

(wiz)

2014-09-20 12:00:53 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3596 / diff

Updated misc/vimpager to 1.8.9

(obache)

2014-09-20 12:00:42 UTC MAIN commitmail json YAML

pkgsrc/misc/vimpager/Makefile@1.5 / diff
pkgsrc/misc/vimpager/PLIST@1.2 / diff
pkgsrc/misc/vimpager/distinfo@1.4 / diff

Update vimpager to 1.8.9.
While here, use bundled Makefile to install, prevent missing contents.

Version 1.8.9
* security enhancements (snordhausen: Stefan Nordhausen) #78

(obache)

2014-09-20 09:13:49 UTC MAIN commitmail json YAML

pkgsrc/math/Makefile@1.297 / diff

- R-formatR.

(wiz)

2014-09-20 04:11:43 UTC MAIN commitmail json YAML

pkgsrc/math/Makefile@1.296 / diff
pkgsrc/math/R-knitr/DESCR deleted
pkgsrc/math/R-knitr/Makefile deleted
pkgsrc/math/R-knitr/distinfo deleted
pkgsrc/print/Makefile@1.592 / diff

Move math/R-knitr to print/R-knitr.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-20 04:03:40 UTC MAIN commitmail json YAML

pkgsrc/print/R-knitr/DESCR@1.1 / diff
pkgsrc/print/R-knitr/Makefile@1.1 / diff
pkgsrc/print/R-knitr/distinfo@1.1 / diff

Initial import of knitr v1.6 as print/R-knitr.

This package provides a general-purpose tool for dynamic report
generation in R, which can be used to deal with any type of (plain
text) files, including Sweave, HTML, Markdown, reStructuredText,
AsciiDoc, and Textile. R code is evaluated as if it were copied and
pasted in an R terminal thanks to the evaluate package (e.g., we do
not need to explicitly print() plots from ggplot2 or lattice). R code
can be reformatted by the formatR package so that long lines are
automatically wrapped, with indent and spaces added, and comments
preserved. A simple caching mechanism is provided to cache results
from computations for the first time and the computations will be
skipped the next time. Almost all common graphics devices, including
those in base R and add-on packages like Cairo, cairoDevice and
tikzDevice, are built-in with this package and it is straightforward
to switch between devices without writing any special functions. The
width and height as well as alignment of plots in the output document
can be specified in chunk options (the size of plots for graphics
devices is also supported). Multiple plots can be recorded in a single
code chunk, and it is also allowed to rearrange plots to the end of a
chunk or just keep the last plot. Warnings, messages and errors are
written in the output document by default (can be turned off). The
language in code chunks is not restricted to R (there is simple
support to Python and shell scripts, etc). Many features are borrowed
from or inspired by Sweave, cacheSweave, pgfSweave, brew and decumar.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-20 03:53:55 UTC MAIN commitmail json YAML

pkgsrc/devel/Makefile@1.1983 / diff
pkgsrc/math/Makefile@1.295 / diff
pkgsrc/math/R-evaluate/DESCR deleted
pkgsrc/math/R-evaluate/Makefile deleted
pkgsrc/math/R-evaluate/distinfo deleted
pkgsrc/math/R-knitr/Makefile@1.6 / diff

Move math/R-evaluate to devel/R-evaluate and fix dependencies.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-20 03:48:56 UTC MAIN commitmail json YAML

pkgsrc/devel/R-evaluate/DESCR@1.1 / diff
pkgsrc/devel/R-evaluate/Makefile@1.1 / diff
pkgsrc/devel/R-evaluate/distinfo@1.1 / diff

Initial import of evaluate v0.5.5 as devel/R-evaluate.

Parsing and evaluation tools that make it easy to recreate the command
line behaviour of R.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-20 03:34:56 UTC MAIN commitmail json YAML

pkgsrc/math/Makefile@1.294 / diff
pkgsrc/math/R-digest/DESCR deleted
pkgsrc/math/R-digest/Makefile deleted
pkgsrc/math/R-digest/distinfo deleted
pkgsrc/math/R-knitr/Makefile@1.5 / diff
pkgsrc/security/Makefile@1.523 / diff

Move math/R-digest to security/R-digest and fix dependencies.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-20 03:28:30 UTC MAIN commitmail json YAML

pkgsrc/security/R-digest/DESCR@1.1 / diff
pkgsrc/security/R-digest/Makefile@1.1 / diff
pkgsrc/security/R-digest/distinfo@1.1 / diff

Initial import of digest v0.6.4 as security/R-digest.

The digest package provides a function 'digest()' for the creation of
hash digests of arbitrary R objects (using the md5, sha-1, sha-256 and
crc32 algorithms) permitting easy comparison of R language objects, as
well as a function 'hmac()' to create hash-based message
authentication code.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-20 01:22:27 UTC MAIN commitmail json YAML

pkgsrc/databases/ruby-tokyotyrant/Makefile@1.18 / diff

Use "pp" instead of "pe" pax option for unprivileged build.

(obache)

2014-09-20 01:20:46 UTC MAIN commitmail json YAML

pkgsrc/databases/lua-tokyocabinet/Makefile@1.22 / diff
pkgsrc/databases/ruby-tokyocabinet/Makefile@1.27 / diff

Use "pp" instead "pe" pax option for unprivileged build.

(obache)

2014-09-19 22:47:06 UTC MAIN commitmail json YAML

pkgsrc/math/Makefile@1.293 / diff
pkgsrc/math/R-knitr/Makefile@1.4 / diff
pkgsrc/math/R-markdown/DESCR deleted
pkgsrc/math/R-markdown/Makefile deleted
pkgsrc/math/R-markdown/distinfo deleted
pkgsrc/textproc/Makefile@1.804 / diff

Move math/R-markdown to textproc/R-markdown and fix dependencies.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-19 22:44:40 UTC MAIN commitmail json YAML

pkgsrc/textproc/R-markdown/DESCR@1.1 / diff
pkgsrc/textproc/R-markdown/Makefile@1.1 / diff
pkgsrc/textproc/R-markdown/distinfo@1.1 / diff

Initial import of markdown v0.7.4 as textproc/R-markdown.

Markdown is a plain-text formatting syntax that can be converted to
XHTML or other formats. This package provides R bindings to the
Sundown markdown rendering library.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-19 22:34:44 UTC MAIN commitmail json YAML

pkgsrc/math/Makefile@1.292 / diff
pkgsrc/math/R-highr/DESCR deleted
pkgsrc/math/R-highr/Makefile deleted
pkgsrc/math/R-highr/distinfo deleted
pkgsrc/math/R-knitr/Makefile@1.3 / diff
pkgsrc/textproc/Makefile@1.803 / diff

Move math/R-highr to textproc/R-highr and fix dependencies.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-19 22:31:53 UTC MAIN commitmail json YAML

pkgsrc/textproc/R-highr/DESCR@1.1 / diff
pkgsrc/textproc/R-highr/Makefile@1.1 / diff
pkgsrc/textproc/R-highr/distinfo@1.1 / diff

Initial import of highr v0.3 as textproc/R-highr.

This package provides syntax highlighting for R source code. Currently
it supports LaTeX and HTML output. Source code of other languages can
be supported via Andre Simon's Highlight package.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-19 21:24:15 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3595 / diff

Updated mail/sendmail to 8.14.9nb4

(jnemeth)

2014-09-19 21:24:05 UTC MAIN commitmail json YAML

pkgsrc/mail/sendmail/Makefile@1.126 / diff
pkgsrc/mail/sendmail/patches/patch-bg@1.1 / diff

build fix for clang

(jnemeth)

2014-09-19 21:21:17 UTC MAIN commitmail json YAML

pkgsrc/math/Makefile@1.291 / diff
pkgsrc/math/R-evaluate/Makefile@1.2 / diff
pkgsrc/math/R-stringr/DESCR deleted
pkgsrc/math/R-stringr/Makefile deleted
pkgsrc/math/R-stringr/distinfo deleted
pkgsrc/textproc/Makefile@1.802 / diff

Move math/R-stringr to textproc/R-stringr and fix dependencies.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-19 21:19:40 UTC MAIN commitmail json YAML

pkgsrc/math/R-plyr/Makefile@1.3 / diff

Fix dependency on R-Rcpp, which was moved from math/R-Rcpp to devel/R-Rcpp.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-19 21:17:12 UTC MAIN commitmail json YAML

pkgsrc/math/R-Rcpp/DESCR deleted
pkgsrc/math/R-Rcpp/Makefile deleted
pkgsrc/math/R-Rcpp/buildlink3.mk deleted
pkgsrc/math/R-Rcpp/distinfo deleted

Move math/R-Rcpp to devel/R-Rcpp.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-19 21:03:26 UTC MAIN commitmail json YAML

pkgsrc/textproc/R-stringr/DESCR@1.1 / diff
pkgsrc/textproc/R-stringr/Makefile@1.1 / diff
pkgsrc/textproc/R-stringr/distinfo@1.1 / diff

Initial import of stringr v0.6.2 as textproc/R-stringr.

stringr is a set of simple wrappers that make R's string functions
more consistent, simpler and easier to use. It does this by ensuring
that: function and argument names (and positions) are consistent, all
functions deal with NA's and zero length character appropriately, and
the output data structures from each function matches the input data
structures of other functions.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-19 20:55:08 UTC MAIN commitmail json YAML

pkgsrc/geography/Makefile@1.43 / diff
pkgsrc/math/Makefile@1.290 / diff
pkgsrc/math/R-countrycode/DESCR deleted
pkgsrc/math/R-countrycode/Makefile deleted
pkgsrc/math/R-countrycode/distinfo deleted

Move math/R-countrycode to geography/R-countrycode.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-19 20:53:02 UTC MAIN commitmail json YAML

pkgsrc/geography/R-countrycode/DESCR@1.1 / diff
pkgsrc/geography/R-countrycode/Makefile@1.1 / diff
pkgsrc/geography/R-countrycode/distinfo@1.1 / diff

Initial import of countrycode v0.17 as geography/R-countrycode.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-19 20:46:32 UTC MAIN commitmail json YAML

pkgsrc/mail/Makefile@1.456 / diff
pkgsrc/math/Makefile@1.289 / diff
pkgsrc/math/R-mime/DESCR deleted
pkgsrc/math/R-mime/Makefile deleted
pkgsrc/math/R-mime/distinfo deleted

Move math/R-mime to mail/R-mime.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-19 20:44:29 UTC MAIN commitmail json YAML

pkgsrc/mail/R-mime/DESCR@1.1 / diff
pkgsrc/mail/R-mime/Makefile@1.1 / diff
pkgsrc/mail/R-mime/distinfo@1.1 / diff

Initial import of mime v0.1.2 as mail/R-mime.

This package guesses the MIME type from a filename extension using the
data derived from /etc/mime.types in UNIX-type systems.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-19 20:36:54 UTC MAIN commitmail json YAML

pkgsrc/math/Makefile@1.288 / diff
pkgsrc/math/R-formatR/DESCR deleted
pkgsrc/math/R-formatR/Makefile deleted
pkgsrc/math/R-formatR/distinfo deleted
pkgsrc/math/R-knitr/Makefile@1.2 / diff
pkgsrc/textproc/Makefile@1.801 / diff

Move math/R-formatR to textproc/R-formatR and fix depending packages.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-19 20:31:50 UTC MAIN commitmail json YAML

pkgsrc/textproc/R-formatR/DESCR@1.1 / diff
pkgsrc/textproc/R-formatR/Makefile@1.1 / diff
pkgsrc/textproc/R-formatR/distinfo@1.1 / diff

Initial import of formatR v1.0 as textproc/R-formatR.

This package provides a function tidy_source() to format R source
code. Spaces and indent will be added to the code automatically, and
comments will be preserved under certain conditions, so that R code
will be more human-readable and tidy. There is also a Shiny app as a
user interface in this package (see tidy_app()).

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-19 20:12:51 UTC MAIN commitmail json YAML

pkgsrc/devel/R-Rcpp/DESCR@1.1 / diff
pkgsrc/devel/R-Rcpp/Makefile@1.1 / diff
pkgsrc/devel/R-Rcpp/buildlink3.mk@1.1 / diff
pkgsrc/devel/R-Rcpp/distinfo@1.1 / diff

Initial import of Rcpp v0.11.2 as devel/R-Rcpp.

The Rcpp package provides R functions as well as a C++ library which
facilitate the integration of R and C++.

R data types (SEXP) are matched to C++ objects in a class hierarchy.
All R types are supported (vectors, functions, environment, etc ...)
and each type is mapped to a dedicated class. For example, numeric
vectors are represented as instances of the Rcpp::NumericVector class,
environments are represented as instances of Rcpp::Environment,
functions are represented as Rcpp::Function, etc ... The
"Rcpp-introduction" vignette provides a good entry point to Rcpp.

Rcpp also provides Rcpp modules, a framework that allows exposing C++
functions and classes to the R level. The "Rcpp-modules" vignette
details the current set of features of Rcpp-modules.

Rcpp includes a concept called Rcpp sugar that brings many R functions
into C++. Sugar takes advantage of lazy evaluation and expression
templates to achieve great performance while exposing a syntax that is
much nicer to use than the equivalent low-level loop code. The
"Rcpp-sugar" vignette gives an overview of the feature.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-19 19:42:13 UTC MAIN commitmail json YAML

pkgsrc/math/Makefile@1.287 / diff
pkgsrc/math/R-DAAG/Makefile@1.11 / diff
pkgsrc/math/R-latticeExtra/DESCR deleted
pkgsrc/math/R-latticeExtra/Makefile deleted
pkgsrc/math/R-latticeExtra/distinfo deleted

Remove math/R-latticeExtra and switch dependency to reimported package
in graphics/R-latticeExtra.

Note: this commit is part of reorganizing some of the recently
imported R packages, which are being reimported into more appropriate
categories (and removed from math) as a result of a recent discussion
on tech-pkg and privately with wiz@. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-19 16:54:43 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3594 / diff

Added graphics/R-latticeExtra version 0.6.26

(brook)

2014-09-19 16:52:58 UTC MAIN commitmail json YAML

pkgsrc/graphics/Makefile@1.689 / diff

Added R-latticeExtra.

Note: this is being reimported into graphics (and removed from math)
as a result of a recent discussion on tech-pkg and with wiz@ regarding
categories for R packages. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-19 16:50:27 UTC MAIN commitmail json YAML

pkgsrc/graphics/R-latticeExtra/DESCR@1.1 / diff
pkgsrc/graphics/R-latticeExtra/Makefile@1.1 / diff
pkgsrc/graphics/R-latticeExtra/distinfo@1.1 / diff

Initial revision.

Extra graphical utilities based on lattice.

Note: this is being reimported into graphics (and removed from math)
as a result of a recent discussion on tech-pkg and privately with wiz@
regarding categories for R packages. See the thread starting with:

pkg/2014/09/05/msg013558.html">http://mail-index.netbsd.org/tech-pkg/2014/09/05/msg013558.html

(brook)

2014-09-19 13:17:22 UTC MAIN commitmail json YAML

pkgsrc/misc/screen/PLIST@1.14 / diff

Add missing screen-256color entry for terminfo build.

(jperkin)

2014-09-19 12:50:43 UTC MAIN commitmail json YAML

pkgsrc/devel/libuuid/builtin.mk@1.7 / diff

Fix generated fake uuid.pc. A missing ";" meant that the Cflags line was
appended to the Libs line, causing build problems for anything using it.

(jperkin)

2014-09-19 11:36:45 UTC pkgsrc-2014Q2 commitmail json YAML

pkgsrc/doc/CHANGES-pkgsrc-2014Q2@1.1.2.34 / diff

Pullup tickets #4494 and #4501.

(tron)

2014-09-19 11:35:30 UTC pkgsrc-2014Q2 commitmail json YAML

pkgsrc/www/apache22/Makefile@1.101.2.1 / diff
pkgsrc/www/apache22/distinfo@1.59.4.1 / diff

Pullup ticket #4501 - requested by he
www/apache22: security update

Revisions pulled up:
- www/apache22/Makefile 1.102
- www/apache22/distinfo 1.60

---
Module Name: pkgsrc
Committed By: adam
Date: Tue Sep 9 08:11:48 UTC 2014

Modified Files:
pkgsrc/www/apache22: Makefile distinfo

Log Message:
Changes 2.4.10

*) SECURITY: CVE-2014-0117 (cve.mitre.org)
mod_proxy: Fix crash in Connection header handling which
allowed a denial of service attack against a reverse proxy
with a threaded MPM.

*) SECURITY: CVE-2014-3523 (cve.mitre.org)
Fix a memory consumption denial of service in the WinNT MPM (used in all Windows
installations). Workaround: AcceptFilter <protocol> {none|connect}

*) SECURITY: CVE-2014-0226 (cve.mitre.org)
Fix a race condition in scoreboard handling, which could lead to
a heap buffer overflow.

*) SECURITY: CVE-2014-0118 (cve.mitre.org)
mod_deflate: The DEFLATE input filter (inflates request bodies) now
limits the length and compression ratio of inflated request bodies to avoid
denial of sevice via highly compressed bodies. See directives
DeflateInflateLimitRequestBody, DeflateInflateRatioLimit,
and DeflateInflateRatioBurst.

*) SECURITY: CVE-2014-0231 (cve.mitre.org)
mod_cgid: Fix a denial of service against CGI scripts that do
not consume stdin that could lead to lingering HTTPD child processes
filling up the scoreboard and eventually hanging the server. By
default, the client I/O timeout (Timeout directive) now applies to
communication with scripts. The CGIDScriptTimeout directive can be
used to set a different timeout for communication with scripts.

*) mod_ssl: Extend the scope of SSLSessionCacheTimeout to sessions
resumed by TLS session resumption (RFC 5077).

*) mod_deflate: Don't fail when flushing inflated data to the user-agent
and that coincides with the end of stream ("Zlib error flushing inflate
buffer").

*) mod_proxy_ajp: Forward local IP address as a custom request attribute
like we already do for the remote port.

*) core: Include any error notes set by modules in the canned error
response for 403 errors.

*) mod_ssl: Set an error note for requests rejected due to
SSLStrictSNIVHostCheck.

*) mod_ssl: Fix issue with redirects to error documents when handling
SNI errors.

*) mod_ssl: Fix tmp DH parameter leak, adjust selection to prefer
larger keys and support up to 8192-bit keys.

*) mod_dav: Fix improper encoding in PROPFIND responses.

*) WinNT MPM: Improve error handling for termination events in child.

*) mod_proxy: When ping/pong is configured for a worker, don't send or
forward "100 Continue" (interim) response to the client if it does
not expect one.

*) mod_ldap: Be more conservative with the last-used time for
LDAPConnectionPoolTTL.

*) mod_ldap: LDAP connections used for authn were not respecting
LDAPConnectionPoolTTL.

*) mod_proxy_fcgi: Fix occasional high CPU when handling request bodies.

*) event MPM: Fix possible crashes (third-party modules accessing c->sbh)
or occasional missed mod_status updates under load.

*) mod_authnz_ldap: Support primitive LDAP servers do not accept
filters, such as "SDBM-backed LDAP" on z/OS, by allowing a special
filter "none" to be specified in AuthLDAPURL.

*) mod_deflate: Fix inflation of files larger than 4GB.

*) mod_deflate: Handle Zlib header and validation bytes received in multiple
chunks.

*) mod_proxy: Allow reverse-proxy to be set via explicit handler.

*) ab: support custom HTTP method with -m argument.

*) mod_proxy_balancer: Correctly encode user provided data in management
interface.

*) mod_proxy_fcgi: Support iobuffersize parameter.

*) mod_auth_form: Add a debug message when the fields on a form are not
recognised.

*) mod_cache: Preserve non-cacheable headers forwarded from an origin 304
response.

*) mod_proxy_wstunnel: Fix the use of SSL connections with the "wss:"
scheme.

*) mod_socache_shmcb: Correct counting of expirations for status display.
Expirations happening during retrieval were not counted.

*) mod_cache: Retry unconditional request with the full URL (including the
query-string) when the origin server's 304 response does not match the
conditions used to revalidate the stale entry.

*) mod_alias: Stop setting CONTEXT_PREFIX and CONTEXT_DOCUMENT environment
variables as a result of AliasMatch.

*) mod_cache: Don't add cached/revalidated entity headers to a 304 response.

*) mod_proxy_scgi: Support Unix sockets. ap_proxy_port_of_scheme():
Support default SCGI port (4000).

*) mod_cache: Fix AH00784 errors on Windows when the the CacheLock directive
is enabled.

*) mod_expires: don't add Expires header to error responses (4xx/5xx),
be they generated or forwarded.

*) mod_proxy_fcgi: Don't segfault when failing to connect to the backend.
(regression in 2.4.9 release)

*) mod_authn_socache: Fix crash at startup in certain configurations.

*) mod_ssl: restore argument structure for "exec"-type SSLPassPhraseDialog
programs to the form used in releases up to 2.4.7, and emulate
a backwards-compatible behavior for existing setups.

*) mod_ssl: Add SSLOCSPUseRequestNonce directive to control whether or not
OCSP requests should use a nonce to be checked against the responder's
one.

*) mod_ssl: "SSLEngine off" will now override a Listen-based default
and does disable mod_ssl for the vhost.

*) mod_lua: Enforce the max post size allowed via r:parsebody()

*) mod_lua: Use binary comparison to find boundaries for multipart
objects, as to not terminate our search prematurely when hitting
a NULL byte.

*) mod_ssl: add workaround for SSLCertificateFile when using OpenSSL
versions before 0.9.8h and not specifying an SSLCertificateChainFile
(regression introduced with 2.4.8).

*) mod_ssl: bring SNI behavior into better conformance with RFC 6066:
no longer send warning-level unrecognized_name(112) alerts,
and limit startup warnings to cases where an OpenSSL version
without TLS extension support is used.

*) mod_proxy_html: Avoid some possible memory access violation in case of
specially crafted files, when the ProxyHTMLMeta directive is turned on.

*) mod_auth_form: Make sure the optional functions are loaded even when
the AuthFormProvider isn't specified.

*) mod_ssl: avoid processing bogus SSLCertificateKeyFile values
(and logging garbled file names).

*) mod_ssl: fix merging of global and vhost-level settings with the
SSLCertificateFile, SSLCertificateKeyFile, and SSLOpenSSLConfCmd
directives.

*) mod_headers: Allow the "value" parameter of Header and RequestHeader to
contain an ap_expr expression if prefixed with "expr=".

*) rotatelogs: Avoid creation of zombie processes when -p is used on
Unix platforms.

*) mod_authnz_fcgi: New module to enable FastCGI authorizer
applications to authenticate and/or authorize clients.

*) mod_proxy: Do not try to parse the regular expressions passed by
ProxyPassMatch as URL as they do not follow their syntax.

*) mod_reqtimeout: Resolve unexpected timeouts on keepalive requests
under the Event MPM.

*) mod_proxy_fcgi: Fix sending of response without some HTTP headers
that might be set by filters.

*) mod_proxy_html: Do not delete the wrong data from HTML code when a
"http-equiv" meta tag specifies a Content-Type behind any other
"http-equiv" meta tag.

*) mod_proxy: Don't reuse a SSL backend connection whose requested SNI
differs.

*) Add suspend_connection and resume_connection hooks to notify modules
when the thread/connection relationship changes. (Should be implemented
for any third-party async MPMs.)

*) mod_proxy_wstunnel: Don't issue AH02447 and log a 500 on routine
hangups from websockets origin servers.

*) mod_proxy_wstunnel: Don't pool backend websockets connections,
because we need to handshake every time.

*) mod_lua: Redesign how request record table access behaves,
in order to utilize the request record from within these tables.

*) mod_lua: Add r:wspeek for peeking at WebSocket frames.

*) mod_lua: Log an error when the initial parsing of a Lua file fails.

*) mod_lua: Reformat and escape script error output.

*) mod_lua: URL-escape cookie keys/values to prevent tainted cookie data
from causing response splitting.

*) mod_lua: Disallow newlines in table values inside the request_rec,
to prevent HTTP Response Splitting via tainted headers.

*) mod_lua: Remove the non-working early/late arguments for
LuaHookCheckUserID.

*) mod_lua: Change IVM storage to use shm

*) mod_lua: More verbose error logging when a handler function cannot be
found.

(tron)

2014-09-19 11:30:10 UTC pkgsrc-2014Q2 commitmail json YAML

pkgsrc/net/socat/Makefile@1.31.4.1 / diff
pkgsrc/net/socat/distinfo@1.19.6.1 / diff
pkgsrc/net/socat/patches/patch-aa deleted
pkgsrc/net/socat/patches/patch-configure@1.1.8.1 / diff
pkgsrc/net/socat/patches/patch-mytypes.h@1.1.22.1 / diff

Pullup ticket #4494 - requested by rodent
net/socat: security update

Revisions pulled up:
- net/socat/Makefile 1.32
- net/socat/distinfo 1.20
- net/socat/patches/patch-aa deleted
- net/socat/patches/patch-configure 1.2
- net/socat/patches/patch-mytypes.h 1.2

---
Module Name: pkgsrc
Committed By: rodent
Date: Sun Sep 7 23:24:56 UTC 2014

Modified Files:
pkgsrc/net/socat: Makefile distinfo
pkgsrc/net/socat/patches: patch-configure patch-mytypes.h
Removed Files:
pkgsrc/net/socat/patches: patch-aa

Log Message:
Update to latest stable, 1.7.2.4, which is supposed to resolve CVE-2014-0019.
patches/patch-aa seems to have been committed upstream. Passing readline
location to configure and fixing CCOPTS in Makefile.in seems to not be
necessary anymore. From CHANGES:

####################### V 1.7.2.4:

corrections:
LISTEN based addresses applied some address options, e.g. so-keepalive,
to the listening file descriptor instead of the connected file
descriptor

make failed after configure with non gcc compiler due to missing
include.

configure checked for --disable-rawsocket but printed
--disable-genericsocket in the help text.

In xioshutdown() a wrong branch was chosen after RECVFROM type addresses.
Probably no impact.

procan could not cleanly format ulimit values longer than 16 decimal
digits. Thanks to Frank Dana for providing a patch that increases field
width to 24 digits.

OPENSSL-CONNECT with bind option failed on some systems, eg.FreeBSD, with
"Invalid argument"

Changed some variable definitions to make gcc -O2 aliasing checker happy

On big endian platforms with type long >32bit the range option applied a
bad base address.

Red Hat issue 1022070: missing length check in xiolog_ancillary_socket()

Red Hat issue 1022063: out-of-range shifts on net mask bits

Red Hat issue 1022062: strcpy misuse in xiosetsockaddrenv_ip4()

Red Hat issue 1022048: strncpy hardening: corrected suspicious strncpy()
uses

Red Hat issue 1021958: fixed a bug with faulty buffer/data length
calculation in xio-ascii.c:_xiodump()

Red Hat issue 1021972: fixed a missing NUL termination in return string
of sysutils.c:sockaddr_info() for the AF_UNIX case

fixed some typos and minor issues, including:
Red Hat issue 1021967: formatting error in manual page

UNIX-LISTEN with fork option did not remove the socket file system entry
when exiting. Other file system based passive address types had similar
issues or failed to apply options umask, user e.a.

porting:
Red Hat issue 1020203: configure checks fail with some compilers.
Use case: clang

Performed changes for Fedora release 19

Adapted, improved test.sh script

Red Hat issue 1021429: getgroupent fails with large number of groups;
use getgrouplist() when available instead of sequence of calls to
getgrent()

Red Hat issue 1021948: snprintf API change;
Implemented xio_snprintf() function as wrapper that tries to emulate C99
behaviour on old glibc systems, and adapted all affected calls
appropriately

Mike Frysinger provided a patch that supports long long for time_t,
socklen_t and a few other libc types.

Artem Mygaiev extended Cedril Priscals Android build script with pty code

The check for fips.h required stddef.h

Check for linux/errqueue.h failed on some systems due to lack of
linux/types.h inclusion.

autoconf now prefers configure.ac over configure.in

type of struct cmsghdr.cmsg is system dependend, determine it with
configure; some more print format corrections

docu:
libwrap always logs to syslog

added actual text version of GPLv2

####################### V 1.7.2.3:

security:
CVE-2014-0019: socats PROXY-CONNECT address was vulnerable to a buffer
overflow with data from command line (see socat-secadv5.txt)

(tron)

2014-09-19 09:07:27 UTC MAIN commitmail json YAML

pkgsrc/devel/zlib/Makefile@1.51 / diff

Remove unnecessary reference to __moddi3 on SunOS by defining NO_DIVIDE for
adler32.c and adding LDFLAGS.SunOS+=-Wl,-zignore removing the dependency
on libgcc_s.so.
Bump PKGREVISION to take effect.

(richard)

2014-09-19 08:42:56 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3593 / diff

Updated graphics/netpbm to 10.67.05nb1

(wiz)

2014-09-19 08:42:47 UTC MAIN commitmail json YAML

pkgsrc/graphics/netpbm/Makefile@1.193 / diff
pkgsrc/graphics/netpbm/PLIST@1.11 / diff

Add jpeg dependency and enable it.
Adds jpegto* and *tojpeg again, needed e.g. by avr-libc (reported by joerg).
Bump PKGREVISION.

(wiz)

2014-09-19 08:35:55 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3592 / diff

Updated x11/wxGTK30 to 3.0.1nb3

(wiz)

2014-09-19 08:35:41 UTC MAIN commitmail json YAML

pkgsrc/x11/wxGTK30/Makefile@1.5 / diff

Disable visibility to fix build on NetBSD with gcc.
Bump PKGREVISION.
Reported upstream as http://trac.wxwidgets.org/ticket/16571 .

(wiz)

2014-09-19 08:31:26 UTC MAIN commitmail json YAML

pkgsrc/net/rancid/distinfo@1.9 / diff
pkgsrc/net/rancid/patches/patch-etc_Makefile.in@1.3 / diff

Don't use comments in the middle of a multiline statements.

(joerg)

2014-09-19 08:30:52 UTC MAIN commitmail json YAML

pkgsrc/cross/avr-gcc/Makefile@1.36 / diff

Reset CFLAGS/CXXFLAGS at the end and add CPPFLAGS to the list.
Fixes build on NetBSD where native unwind.h is picked up otherwise.

(joerg)

2014-09-19 07:05:24 UTC MAIN commitmail json YAML

pkgsrc/chat/swift/distinfo@1.2 / diff
pkgsrc/chat/swift/patches/patch-Swift_QtUI_UserSearch_QtUserSearchWindow.cpp@1.1 / diff
pkgsrc/chat/swift/patches/patch-Swiften_Serializer_StreamResumeSerializer.cpp@1.1 / diff
pkgsrc/chat/swift/patches/patch-Swiften_Serializer_StreamResumedSerializer.cpp@1.1 / diff

Fix build with boost-1.56.0. From upstream git.

(wiz)

2014-09-19 06:03:21 UTC MAIN commitmail json YAML

pkgsrc/graphics/GUIlib/patches/patch-aa deleted
pkgsrc/graphics/GUIlib/patches/patch-hello.cpp deleted
pkgsrc/graphics/GUIlib/patches/patch-keyboard.cpp deleted

Remove patches removed from distinfo during 1.2.1 update.

(wiz)

2014-09-19 05:45:51 UTC MAIN commitmail json YAML

pkgsrc/security/john/patches/patch-ac deleted

Remove patch-ac which was removed from distinfo during 1.8.0 update.

(wiz)

2014-09-19 05:25:20 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3591 / diff

Updated www/ikiwiki to 3.20140916nb1

(schmonz)

2014-09-19 05:24:15 UTC MAIN commitmail json YAML

pkgsrc/www/ikiwiki/Makefile@1.125 / diff
pkgsrc/www/ikiwiki/distinfo@1.102 / diff
pkgsrc/www/ikiwiki/patches/patch-Makefile.PL@1.1 / diff

Apply 053de54 from upstream git to fix paths in installed binaries
with the default PKG_SYSCONFBASE. Bump PKGREVISION.

(schmonz)

2014-09-19 04:54:04 UTC MAIN commitmail json YAML

pkgsrc/doc/pkgsrc.html@1.185 / diff
pkgsrc/doc/pkgsrc.txt@1.188 / diff

regen

(jnemeth)

2014-09-19 04:53:09 UTC MAIN commitmail json YAML

pkgsrc/doc/guide/files/pkgsrc.xml@1.27 / diff

assert copyright through to current year (only seven years late)

(jnemeth)

2014-09-19 01:59:43 UTC MAIN commitmail json YAML

pkgsrc/doc/pkgsrc.html@1.184 / diff

regen

(jnemeth)

2014-09-18 19:31:47 UTC MAIN commitmail json YAML

pkgsrc/pkgtools/cwrappers/files/bin/Makefile@1.2 / diff

Explicitly set target directory. Provide RCS ID.

(joerg)

2014-09-18 16:08:35 UTC MAIN commitmail json YAML

pkgsrc/doc/TODO@1.13670 / diff

+ inadyn-1.99.10 [https://github.com/troglobit/inadyn], kde4-4.14.1,
libchamplain08-0.12.9, libgdata-0.16.0, plasma-5.0.2, qt5-qtbase-5.3.2,
rcs-5.9.3, rpm-4.12.0.

(wiz)

2014-09-18 14:55:04 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3590 / diff

Updated www/snownews to 1.5.12nb7

(wiz)

2014-09-18 14:54:55 UTC MAIN commitmail json YAML

pkgsrc/www/snownews/Makefile@1.45 / diff
pkgsrc/www/snownews/options.mk@1.5 / diff

Add ncursesw option. From Leonard Schmidt in PR 49211.
Bump PKGREVISION.

(wiz)

2014-09-18 11:11:09 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3589 / diff

Updated emulators/suse131_libcurl to 13.1nb4

(obache)

2014-09-18 11:10:51 UTC MAIN commitmail json YAML

pkgsrc/emulators/suse131_libcurl/Makefile@1.6 / diff
pkgsrc/emulators/suse131_libcurl/distinfo@1.5 / diff

security fix update for suse131_libcurl.

openSUSE Security Update: curl
______________________________________________________________________________

Announcement ID: openSUSE-SU-2014:1139-1
Rating: important
References: #894575 #895991
Cross-References: CVE-2014-3613 CVE-2014-3620
Affected Products:
openSUSE 13.1
openSUSE 12.3
______________________________________________________________________________

An update that fixes two vulnerabilities is now available.

Description:

libcurl was updated to fix security issues:

CVE-2014-3613: Cookies for hosts specified by numeric IP could be assigned
or used for other numeric IP hosts if portions of the numerics were the
same.

CVE-2014-3620: libcurl allowed cookies to be set for toplevel domains,
making them to broad.

(obache)

2014-09-17 22:46:28 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3588 / diff

Updated www/p5-LWPx-ParanoidAgent to 1.10nb1

(schmonz)

2014-09-17 22:46:17 UTC MAIN commitmail json YAML

pkgsrc/www/p5-LWPx-ParanoidAgent/Makefile@1.13 / diff
pkgsrc/www/p5-LWPx-ParanoidAgent/distinfo@1.5 / diff
pkgsrc/www/p5-LWPx-ParanoidAgent/patches/patch-Makefile.PL@1.1 / diff
pkgsrc/www/p5-LWPx-ParanoidAgent/patches/patch-lib_LWPx_ParanoidAgent.pm@1.1 / diff
pkgsrc/www/p5-LWPx-ParanoidAgent/patches/patch-lib_LWPx_Protocol_http__paranoid.pm@1.1 / diff

Apply patches from upstream git and Debian to fix reading long
documents over IO::Socket::SSL, then stop forcing Net::SSL (which
doesn't verify hostnames) even when the admin requested IO::Socket::SSL,
and then pass the server name through so SNI can work. Bump PKGREVISION.

Updating during the freeze for the security improvements.

(schmonz)

2014-09-17 22:41:15 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3587 / diff

Updated net/py-twisted to 14.0.1

(wiz)

2014-09-17 22:41:06 UTC MAIN commitmail json YAML

pkgsrc/net/py-twisted/Makefile.common@1.17 / diff
pkgsrc/net/py-twisted/distinfo@1.15 / diff

Update to 14.0.1 -- security update:

On behalf of Twisted Matrix Laboratories, I穃 releasing Twisted
14.0.1, a security release for Twisted 14.0. It is strongly suggested
that users of 14.0.0 upgrade to this release.

This patches a bug in Twisted Web龝 Agent, where BrowserLikePolicyForHTTPS
would not honour the trust root given, and would use the system
trust root instead. This would have broken, for example, attempting
to pin the issuer for your HTTPS application because you only trust
one issuer.

Note: on OS X, with the system OpenSSL, you still can't fully rely
on this API for issuer pinning, due to modifications by Apple �
please see https://hynek.me/articles/apple-openssl-verification-surprises/
for more details.

(wiz)

2014-09-17 22:37:13 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3586 / diff

Updated finance/moneyguru to 2.7.2

(wiz)

2014-09-17 22:37:04 UTC MAIN commitmail json YAML

pkgsrc/finance/moneyguru/Makefile@1.8 / diff
pkgsrc/finance/moneyguru/PLIST@1.4 / diff
pkgsrc/finance/moneyguru/distinfo@1.3 / diff
pkgsrc/finance/moneyguru/patches/patch-hscommon_sphinxgen.py@1.1 / diff

Update to 2.7.2 and fix build with py-sphinx-1.2.3.

2.7.2 (2014-01-25)

Fixed amount parsing issue. (#379)
Don't repeatedly fetch currency rates we can never get. (#374)
Fixed date parsing issue. [Windows, Linux] (#381)
Fixed view plugins which were broken.

(wiz)

2014-09-17 22:32:50 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3585 / diff

Note update of the "wireshark" package to version 1.10.10.

(tron)

2014-09-17 22:32:18 UTC MAIN commitmail json YAML

pkgsrc/net/wireshark/Makefile@1.125 / diff
pkgsrc/net/wireshark/distinfo@1.77 / diff

Update "wireshark" package to version 1.10.10. Changes since 1.10.9:
- The following vulnerabilities have been fixed.
* wnpa-sec-2014-12
RTP dissector crash. (Bug 9920) CVE-2014-6421
CVE-2014-6422
* wnpa-sec-2014-13
MEGACO dissector infinite loop. (Bug 10333)
CVE-2014-6423
* wnpa-sec-2014-14
Netflow dissector crash. (Bug 10370) CVE-2014-6424
* wnpa-sec-2014-17
RTSP dissector crash. (Bug 10381) CVE-2014-6427
* wnpa-sec-2014-18
SES dissector crash. (Bug 10454) CVE-2014-6428
* wnpa-sec-2014-19
Sniffer file parser crash. (Bug 10461)
CVE-2014-6429 CVE-2014-6430 CVE-2014-6431
CVE-2014-6432
- The following bugs have been fixed:
* Wireshark can crash during remote capture (rpcap)
configuration. (Bug 3554, Bug 6922,
ws-buglink:7021)
* MIPv6 Service Selection Identifier parse error. (Bug
10323)
* 802.11 BA sequence number decode is broken. (Bug 10334)
* TRILL NLPID 0xc0 unknown to Wireshark. (Bug 10382)
* Wrong decoding of RPKI RTR End of Data PDU. (Bug 10411)
* Misparsed NTP control assignments with empty values.
(Bug 10417)
* 6LoWPAN multicast address decompression problems. (Bug
10426)
* GUI Hangs when Selecting Path to GeoIP Files. (Bug
10434)
* 6LoWPAN context handling not working. (Bug 10443)
* SIP: When export to a CSV, Info is changed to differ.
(Bug 10453)
* Typo in packet-netflow.c. (Bug 10458)
* UCP dissector bug of operation 30 - data not decoded.
(Bug 10464)
- Updated Protocol Support
6LoWPAN, DVB-CI, IEEE 802.11, MEGACO, MIPv6, Netflow, NTP, OSI,
RPKI RTR, RTP, RTSP, SES, SIP, and UCP
- New and Updated Capture File Support
DOS Sniffer, and NetScaler

(tron)

2014-09-17 20:32:36 UTC MAIN commitmail json YAML

pkgsrc/sysutils/xentools42/distinfo@1.11 / diff
pkgsrc/sysutils/xentools42/patches/patch-qemu-xen-traditional_configure@1.2 / diff

Apply a fix similar to
http://mail-index.netbsd.org/pkgsrc-changes/2014/08/28/msg110551.html:
Don't redefine MAP_ANONYMOUS is already defined. Fixes build on netbsd-7

pointed out by Mustafa Dogan in private mail

(bouyer)

2014-09-17 17:35:23 UTC MAIN commitmail json YAML

pkgsrc/www/webkit-gtk/options.mk@1.7 / diff

don't try to enable JIT on PowerPC or sparc
now this builds & works on NetBSD/macppc

(macallan)

2014-09-17 12:54:58 UTC MAIN commitmail json YAML

pkgsrc/pkgtools/cwrappers/DESCR@1.2 / diff

Fix spelling.

(schmonz)

2014-09-17 12:41:50 UTC MAIN commitmail json YAML

pkgsrc/pkgtools/Makefile@1.107 / diff

+ cwrappers

(joerg)

2014-09-17 12:41:41 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3584 / diff

Updated pkgtools/cwrappers to 20100308

(joerg)

2014-09-17 12:40:56 UTC MAIN commitmail json YAML

Add cwrappers-20100308 with minimal compat changes. Developed as part of
GSoC 2007, initial test suite parts from schmonz@, nagging by jperkin,
approval for addition during freeze by agc@.

(joerg)

2014-09-17 12:07:18 UTC MAIN commitmail json YAML

pkgsrc/multimedia/mpv/options.mk@1.2 / diff

Add option for pulseaudio support.

This commit was approved by wiz@

(nat)

2014-09-17 10:50:24 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3583 / diff

Updated databases/phppgadmin to 5.1nb1

(wiz)

2014-09-17 10:50:15 UTC MAIN commitmail json YAML

pkgsrc/databases/phppgadmin/Makefile@1.31 / diff
pkgsrc/databases/phppgadmin/PLIST@1.17 / diff

Install some missing files which were not installed due to broken
find command.

>From Timshel Knoll-Miller in PR 49209.

Bump PKGREVISION.

(wiz)

2014-09-17 10:41:32 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3582 / diff

Updated www/termtter to 2.2.1

(obache)

2014-09-17 10:41:22 UTC MAIN commitmail json YAML

pkgsrc/www/termtter/Makefile@1.12 / diff
pkgsrc/www/termtter/PLIST@1.6 / diff
pkgsrc/www/termtter/distinfo@1.8 / diff

Update termtter to 2.2.1.

== 2.2.1 / 2013-05-20

* Fix package problem (termtter requires termtter).

* Suppress the warning on ruby 1.9 with CentOS.

== 2.2.0 / 2013-04-20

* Using https to connect to api.twitter.com (important).

* Improvement testing (CI enabled).

* Using jeweler for packaging.

* Suppress the warning (on ruby 2.0).

* Change default stdout and colors.

* Added some plugins

== 2.1.1 / 2013-04-10

* Correspond to API 1.1

* Other fixes.

== 2.0.0 / 2013-04-07

* User own plugins loader.

* If ~/.termtter/lib/plugins exist, load them.

* Improvement easy_post plugin.

* Plug-in easy_post should operate only when above 15 characters.

* Improvement tests.

* "Failed to update :(" when updated with URL.

* use String#sub instead of String#[regexp]=.

* spec for expand_tco_url plugin.

* and fix other minor bugs.

(obache)

2014-09-16 23:17:49 UTC MAIN commitmail json YAML

pkgsrc/security/libgpg-error/distinfo@1.18 / diff
pkgsrc/security/libgpg-error/patches/patch-src_gpgrt-int.h@1.1 / diff

Add patch from GIT repository to fix build under Mac OS X.

(tron)

2014-09-16 21:45:03 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3581 / diff

Updated multimedia/mpv to 0.5.1nb2

(wiz)

2014-09-16 21:44:52 UTC MAIN commitmail json YAML

pkgsrc/multimedia/mpv/Makefile@1.4 / diff
pkgsrc/multimedia/mpv/distinfo@1.3 / diff
pkgsrc/multimedia/mpv/patches/patch-audio_out_ao__oss.c@1.2 / diff

Improve audio pause/playback patch; from Nat Sloss <nat@> again.
Bump PKGREVISION.

(wiz)

2014-09-16 21:30:27 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3580 / diff

Updated sysutils/dbus to 1.8.8

(wiz)

2014-09-16 21:30:18 UTC MAIN commitmail json YAML

pkgsrc/sysutils/dbus/Makefile@1.74 / diff
pkgsrc/sysutils/dbus/distinfo@1.59 / diff

Update to 1.8.8, many security fixes.

D-Bus 1.8.8 (2014-09-16)
==

The "smashy smashy egg man" release.

Security fixes:

* Do not accept an extra fd in the padding of a cmsg message, which
could lead to a 4-byte heap buffer overrun.
(CVE-2014-3635, fd.o #83622; Simon McVittie)

* Reduce default for maximum Unix file descriptors passed per message
from 1024 to 16, preventing a uid with the default maximum number of
connections from exhausting the system bus' file descriptors under
Linux's default rlimit. Distributors or system administrators with a
more restrictive fd limit may wish to reduce these limits further.

Additionally, on Linux this prevents a second denial of service
in which the dbus-daemon can be made to exceed the maximum number
of fds per sendmsg() and disconnect the process that would have
received them.
(CVE-2014-3636, fd.o #82820; Alban Crequy)

* Disconnect connections that still have a fd pending unmarshalling after
a new configurable limit, pending_fd_timeout (defaulting to 150 seconds),
removing the possibility of creating an abusive connection that cannot be
disconnected by setting up a circular reference to a connection's
file descriptor.
(CVE-2014-3637, fd.o #80559; Alban Crequy)

* Reduce default for maximum pending replies per connection from 8192 to 128,
mitigating an algorithmic complexity denial-of-service attack
(CVE-2014-3638, fd.o #81053; Alban Crequy)

* Reduce default for authentication timeout on the system bus from
30 seconds to 5 seconds, avoiding denial of service by using up
all unauthenticated connection slots; and when all unauthenticated
connection slots are used up, make new connection attempts block
instead of disconnecting them.
(CVE-2014-3639, fd.o #80919; Alban Crequy)

Other fixes:

* Check for libsystemd from systemd >= 209, falling back to
the older separate libraries if not found (Umut Tezduyar Lindskog,
Simon McVittie)

* On Linux, use prctl() to disable core dumps from a test executable
that deliberately raises SIGSEGV to test dbus-daemon's handling
of that condition (fd.o #83772, Simon McVittie)

* Fix compilation with --enable-stats (fd.o #81043, Gentoo #507232;
Alban Crequy)

* Improve documentation for running tests on Windows (fd.o #41252,
Ralf Habacker)

(wiz)

2014-09-16 19:29:50 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3579 / diff

Updated devel/deforaos-libsystem to 0.2.0

(khorben)

2014-09-16 19:25:51 UTC MAIN commitmail json YAML

pkgsrc/devel/deforaos-libsystem/DESCR@1.2 / diff
pkgsrc/devel/deforaos-libsystem/Makefile@1.7 / diff
pkgsrc/devel/deforaos-libsystem/PLIST@1.4 / diff
pkgsrc/devel/deforaos-libsystem/distinfo@1.4 / diff
pkgsrc/devel/deforaos-libsystem/patches/patch-data_pkgconfig.sh@1.2 / diff
pkgsrc/devel/deforaos-libsystem/patches/patch-tests_tests.sh@1.1 / diff

Updated devel/deforaos-libsystem to version 0.2.0

This release includes:
- a command-line tool, configctl(1), to interact with configuration files
- a new generic Mutator class
- further improvements to the String and Variable classes

(khorben)

2014-09-16 18:45:57 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3578 / diff

Updated security/ssdeep to 2.11

(khorben)

2014-09-16 18:45:11 UTC MAIN commitmail json YAML

pkgsrc/security/ssdeep/Makefile@1.3 / diff
pkgsrc/security/ssdeep/distinfo@1.3 / diff

Updated security/ssdeep to version 2.11

Quoted from http://jessekornblum.livejournal.com/295883.html:

This is an important update, which corrects a bug in the signature
generation code. Any ssdeep hashes created with version 2.10 should be
recomputed. The signatures are not wrong per se though, they are just not
as good as they should be"

(khorben)

2014-09-16 17:53:14 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3577 / diff

Updated www/ikiwiki to 3.20140916

(schmonz)

2014-09-16 17:53:01 UTC MAIN commitmail json YAML

pkgsrc/www/ikiwiki/Makefile@1.124 / diff
pkgsrc/www/ikiwiki/PLIST@1.40 / diff
pkgsrc/www/ikiwiki/distinfo@1.101 / diff
pkgsrc/www/ikiwiki/options.mk@1.16 / diff
pkgsrc/www/ikiwiki/patches/patch-IkiWiki.pm deleted
pkgsrc/www/ikiwiki/patches/patch-IkiWiki_CGI.pm deleted

Update to 3.20140916. From the changelog:

* Don't double-decode CGI submissions with Encode.pm >= 2.53,
fixing "Error: Cannot decode string with wide characters".
Thanks, Antoine Beaupr辿
* Avoid making trails depend on everything in the wiki by giving them
a better way to sort the pages
* Don't let users post comments that won't be displayed
* Fix encoding of Unicode strings in Python plugins.
Thanks, chrysn
* Improve performance and correctness of the [[!if]] directive
* Let [[!inline rootpage=foo postform=no]] disable the posting form
* Switch default [[!man]] shortcut to manpages.debian.org. Closes: #700322
* Add UUID and TIME variables to edittemplate. Closes: #752827
Thanks, Jonathon Anderson
* Display pages in linkmaps as their pagetitle (no underscore escapes).
Thanks, chrysn
* Fix aspect ratio when scaling small images, and add support for
converting SVG and PDF graphics to PNG.
Thanks, chrysn
- suggest ghostscript (required for PDF-to-PNG thumbnailing)
and libmagickcore-extra (required for SVG-to-PNG thumbnailing)
- build-depend on ghostscript so the test for scalable images can be run
* In the CGI wrapper, incorporate $config{ENV} into the environment
before executing Perl code, so that PERL5LIB can point to a
non-system-wide installation of IkiWiki.
Thanks, Lafayette Chamber Singers Webmaster
* filecheck: accept MIME types not containing ';'
* autoindex: index files in underlays if the resulting pages aren't
going to be committed. Closes: #611068
* Add [[!templatebody]] directive so template pages don't have to be
simultaneously a valid template and valid HTML
* Add myself to Uploaders and release to Debian

-- Simon McVittie <smcv@debian.org> Fri, 12 Sep 2014 21:23:58 +0100

pkgsrc changes:

* Add 'cgi' option, enabled by default
* Add 'git' option, disabled by default

Updating during the freeze because it's a leaf with many fixes,
including our local patches.

(schmonz)

2014-09-16 14:05:45 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3576 / diff

Added devel/p5-Module-CPANfile version 1.1000

(wen)

2014-09-16 14:03:06 UTC MAIN commitmail json YAML

pkgsrc/devel/Makefile@1.1982 / diff

Add p5-Module-CPANfile

(wen)

2014-09-16 14:01:42 UTC MAIN commitmail json YAML

pkgsrc/devel/p5-Module-CPANfile/DESCR@1.1 / diff
pkgsrc/devel/p5-Module-CPANfile/Makefile@1.1 / diff
pkgsrc/devel/p5-Module-CPANfile/distinfo@1.1 / diff

Import Module-CPANfile-1.1000 as devel/p5-Module-CPANfile.

Module::CPANfile is a tool to handle cpanfile format to load application
specific dependencies, not just for CPAN distributions.

(wen)

2014-09-16 12:28:43 UTC MAIN commitmail json YAML

pkgsrc/doc/CHANGES-2014@1.3575 / diff

Updated textproc/p5-Text-Unidecode to 1.22

(wen)

2014-09-16 12:27:48 UTC MAIN commitmail json YAML

pkgsrc/textproc/p5-Text-Unidecode/Makefile@1.11 / diff
pkgsrc/textproc/p5-Text-Unidecode/distinfo@1.3 / diff

Update to 1.22
Add LICENSE

Upstream changes:
2014-08-15 Sean M. Burke sburke@cpan.org
* RELEASE 1.22. (The dev release works, so this is a version bump.)
* See notes for 2014-07-25, because this is the first public release
with significant changes since 2001!

2014-07-25 Sean M. Burke sburke@cpan.org
* !DEVELOPER RELEASE!
* !Release 1.20_01!
* Many bugfixes. Thanks especially to Tomaolc!
* Yet more *.t files added for improved sanity checking.
* Shuffling around the internals of Unidecode.pm
* Putting in some vacuous 0x__.pm files where
previously there would just be a load failure

(wen)