Now
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3397.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/sysutils/xenkernel3/Makefile@1.19.2.1
/
diff
pkgsrc/sysutils/xenkernel3/distinfo@1.12.2.1 / diff
pkgsrc/sysutils/xenkernel3/patches/patch-ac@1.3.2.2 / diff
pkgsrc/sysutils/xenkernel33/Makefile@1.12.2.1 / diff
pkgsrc/sysutils/xenkernel33/distinfo@1.10.2.1 / diff
pkgsrc/sysutils/xenkernel33/patches/patch-ac@1.1.2.2 / diff
pkgsrc/sysutils/xenkernel3/distinfo@1.12.2.1 / diff
pkgsrc/sysutils/xenkernel3/patches/patch-ac@1.3.2.2 / diff
pkgsrc/sysutils/xenkernel33/Makefile@1.12.2.1 / diff
pkgsrc/sysutils/xenkernel33/distinfo@1.10.2.1 / diff
pkgsrc/sysutils/xenkernel33/patches/patch-ac@1.1.2.2 / diff
Pullup ticket #3397 - requested by drochner
sysutils/xenkernel3: security patch
sysutils/xenkernel33: security patch
Revisions pulled up:
- sysutils/xenkernel3/Makefile 1.20
- sysutils/xenkernel3/distinfo 1.13
- sysutils/xenkernel3/patches/patch-ac 1.3
- sysutils/xenkernel33/Makefile 1.13
- sysutils/xenkernel33/distinfo 1.11
- sysutils/xenkernel33/patches/patch-ac 1.1
---
Module Name: pkgsrc
Committed By: drochner
Date: Thu Mar 24 12:04:57 UTC 2011
Modified Files:
pkgsrc/sysutils/xenkernel33: Makefile distinfo
Added Files:
pkgsrc/sysutils/xenkernel33/patches: patch-ac
Log Message:
add patch from upstream (manually, due to changed #ifdefs and indentation)
to fix possible crashes triggered by 64-bit guests (found by
Cherry G. Mathew, CVE-2011-1166)
bump PKGREV
---
Module Name: pkgsrc
Committed By: drochner
Date: Thu Mar 24 12:43:53 UTC 2011
Modified Files:
pkgsrc/sysutils/xenkernel3: Makefile distinfo
Added Files:
pkgsrc/sysutils/xenkernel3/patches: patch-ac
Log Message:
add patch from upstream (manually, due to changed #ifdefs and indentation)
to fix possible crashes triggered by 64-bit guests (found by
Cherry G. Mathew, CVE-2011-1166)
bump PKGREV
sysutils/xenkernel3: security patch
sysutils/xenkernel33: security patch
Revisions pulled up:
- sysutils/xenkernel3/Makefile 1.20
- sysutils/xenkernel3/distinfo 1.13
- sysutils/xenkernel3/patches/patch-ac 1.3
- sysutils/xenkernel33/Makefile 1.13
- sysutils/xenkernel33/distinfo 1.11
- sysutils/xenkernel33/patches/patch-ac 1.1
---
Module Name: pkgsrc
Committed By: drochner
Date: Thu Mar 24 12:04:57 UTC 2011
Modified Files:
pkgsrc/sysutils/xenkernel33: Makefile distinfo
Added Files:
pkgsrc/sysutils/xenkernel33/patches: patch-ac
Log Message:
add patch from upstream (manually, due to changed #ifdefs and indentation)
to fix possible crashes triggered by 64-bit guests (found by
Cherry G. Mathew, CVE-2011-1166)
bump PKGREV
---
Module Name: pkgsrc
Committed By: drochner
Date: Thu Mar 24 12:43:53 UTC 2011
Modified Files:
pkgsrc/sysutils/xenkernel3: Makefile distinfo
Added Files:
pkgsrc/sysutils/xenkernel3/patches: patch-ac
Log Message:
add patch from upstream (manually, due to changed #ifdefs and indentation)
to fix possible crashes triggered by 64-bit guests (found by
Cherry G. Mathew, CVE-2011-1166)
bump PKGREV
pkgsrc-2010Q4 commitmail json YAML
Pullup tickets 3393, 3394 and 3395
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/lang/php53/Makefile@1.6.2.2
/
diff
pkgsrc/lang/php53/Makefile.common@1.4.2.1 / diff
pkgsrc/lang/php53/distinfo@1.9.2.3 / diff
pkgsrc/lang/php53/patches/patch-aa@1.1.1.1.8.1 / diff
pkgsrc/lang/php53/patches/patch-ab@1.3.2.1 / diff
pkgsrc/lang/php53/patches/patch-af@1.1.1.1.8.1 / diff
pkgsrc/lang/php53/patches/patch-ar deleted
pkgsrc/lang/php53/patches/patch-ext_exif_exif.c deleted
pkgsrc/lang/php53/patches/patch-ext_zip_lib_zip__name__locate.c deleted
pkgsrc/lang/php53/patches/patch-ext_zip_php__zip.c deleted
pkgsrc/lang/php53/Makefile.common@1.4.2.1 / diff
pkgsrc/lang/php53/distinfo@1.9.2.3 / diff
pkgsrc/lang/php53/patches/patch-aa@1.1.1.1.8.1 / diff
pkgsrc/lang/php53/patches/patch-ab@1.3.2.1 / diff
pkgsrc/lang/php53/patches/patch-af@1.1.1.1.8.1 / diff
pkgsrc/lang/php53/patches/patch-ar deleted
pkgsrc/lang/php53/patches/patch-ext_exif_exif.c deleted
pkgsrc/lang/php53/patches/patch-ext_zip_lib_zip__name__locate.c deleted
pkgsrc/lang/php53/patches/patch-ext_zip_php__zip.c deleted
Pullup ticket #3395 - requested by taca
security fix for lang/php53
Revisions pulled up:
- lang/php53/Makefile 1.8
- lang/php53/Makefile.common 1.5
- lang/php53/distinfo 1.13
- lang/php53/patches/patch-aa 1.2
- lang/php53/patches/patch-ab 1.4
- lang/php53/patches/patch-af 1.2
- lang/php53/patches/patch-ar Removed
- lang/php53/patches/patch-ext_exif_exif.c Removed
- lang/php53/patches/patch-ext_zip_lib_zip__name__locate.c Removed
- lang/php53/patches/patch-ext_zip_php__zip.c Removed
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Mar 19 07:01:19 UTC 2011
Modified Files:
pkgsrc/lang/php53: Makefile Makefile.common distinfo
pkgsrc/lang/php53/patches: patch-aa patch-ab patch-af
Removed Files:
pkgsrc/lang/php53/patches: patch-ar patch-ext_exif_exif.c
patch-ext_zip_lib_zip__name__locate.c patch-ext_zip_php__zip.c
Log Message:
Update lang/php53 package to PHP 5.3.
PHP 5.3.6 Released!
[17-Mar-2011]
The PHP development team would like to announce the immediate availability
of PHP 5.3.6. This release focuses on improving the stability of the PHP
5.3.x branch with over 60 bug fixes, some of which are security related.
Security Enhancements and Fixes in PHP 5.3.6:
* Enforce security in the fastcgi protocol parsing with fpm SAPI.
* Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153)
* Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092)
* Fixed bug #54055 (buffer overrun with high values for precision ini setting).
* Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708)
* Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty
archive). (CVE-2011-0421)
Key enhancements in PHP 5.3.6 include:
* Upgraded bundled Sqlite3 to version 3.7.4.
* Upgraded bundled PCRE to version 8.11.
* Added ability to connect to HTTPS sites through proxy with basic
authentication using stream_context/http/header/Proxy-Authorization.
* Added options to debug backtrace functions.
* Changed default value of ini directive serialize_precision from 100 to 17.
* Fixed Bug #53971 (isset() and empty() produce apparently spurious
runtime error).
* Fixed Bug #53958 (Closures can't 'use' shared variables by value and
by reference).
* Fixed bug #53577 (Regression introduced in 5.3.4 in open_basedir
with a trailing forward slash).
* Over 60 other bug fixes.
security fix for lang/php53
Revisions pulled up:
- lang/php53/Makefile 1.8
- lang/php53/Makefile.common 1.5
- lang/php53/distinfo 1.13
- lang/php53/patches/patch-aa 1.2
- lang/php53/patches/patch-ab 1.4
- lang/php53/patches/patch-af 1.2
- lang/php53/patches/patch-ar Removed
- lang/php53/patches/patch-ext_exif_exif.c Removed
- lang/php53/patches/patch-ext_zip_lib_zip__name__locate.c Removed
- lang/php53/patches/patch-ext_zip_php__zip.c Removed
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Mar 19 07:01:19 UTC 2011
Modified Files:
pkgsrc/lang/php53: Makefile Makefile.common distinfo
pkgsrc/lang/php53/patches: patch-aa patch-ab patch-af
Removed Files:
pkgsrc/lang/php53/patches: patch-ar patch-ext_exif_exif.c
patch-ext_zip_lib_zip__name__locate.c patch-ext_zip_php__zip.c
Log Message:
Update lang/php53 package to PHP 5.3.
PHP 5.3.6 Released!
[17-Mar-2011]
The PHP development team would like to announce the immediate availability
of PHP 5.3.6. This release focuses on improving the stability of the PHP
5.3.x branch with over 60 bug fixes, some of which are security related.
Security Enhancements and Fixes in PHP 5.3.6:
* Enforce security in the fastcgi protocol parsing with fpm SAPI.
* Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153)
* Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092)
* Fixed bug #54055 (buffer overrun with high values for precision ini setting).
* Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708)
* Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty
archive). (CVE-2011-0421)
Key enhancements in PHP 5.3.6 include:
* Upgraded bundled Sqlite3 to version 3.7.4.
* Upgraded bundled PCRE to version 8.11.
* Added ability to connect to HTTPS sites through proxy with basic
authentication using stream_context/http/header/Proxy-Authorization.
* Added options to debug backtrace functions.
* Changed default value of ini directive serialize_precision from 100 to 17.
* Fixed Bug #53971 (isset() and empty() produce apparently spurious
runtime error).
* Fixed Bug #53958 (Closures can't 'use' shared variables by value and
by reference).
* Fixed bug #53577 (Regression introduced in 5.3.4 in open_basedir
with a trailing forward slash).
* Over 60 other bug fixes.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/lang/php5/Makefile@1.81.2.2
/
diff
pkgsrc/lang/php5/distinfo@1.84.2.3 / diff
pkgsrc/lang/php5/patches/patch-main_snprintf.c@1.1.2.2 / diff
pkgsrc/lang/php5/patches/patch-main_snprintf.h@1.1.2.2 / diff
pkgsrc/lang/php5/patches/patch-main_spprintf.c@1.1.2.2 / diff
pkgsrc/lang/php5/distinfo@1.84.2.3 / diff
pkgsrc/lang/php5/patches/patch-main_snprintf.c@1.1.2.2 / diff
pkgsrc/lang/php5/patches/patch-main_snprintf.h@1.1.2.2 / diff
pkgsrc/lang/php5/patches/patch-main_spprintf.c@1.1.2.2 / diff
Pullup ticket #3393 - requested by taca
security fix for lang/php5
Revisions pulled up:
- lang/php5/Makefile 1.84
- lang/php5/distinfo 1.89
- lang/php5/patches/patch-main_snprintf.c 1.1
- lang/php5/patches/patch-main_snprintf.h 1.1
- lang/php5/patches/patch-main_spprintf.c 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Mar 21 16:34:28 UTC 2011
Modified Files:
pkgsrc/lang/php5: Makefile distinfo
Added Files:
pkgsrc/lang/php5/patches: patch-main_snprintf.c patch-main_snprintf.h
patch-main_spprintf.c
Log Message:
Apply changes by r308525 from PHP's repository to fix bug #54055
(buffer overrun with high values for precision ini setting).
It fixes one of security fixes by PHP 5.3.6.
Bump PKGREVISION.
security fix for lang/php5
Revisions pulled up:
- lang/php5/Makefile 1.84
- lang/php5/distinfo 1.89
- lang/php5/patches/patch-main_snprintf.c 1.1
- lang/php5/patches/patch-main_snprintf.h 1.1
- lang/php5/patches/patch-main_spprintf.c 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Mar 21 16:34:28 UTC 2011
Modified Files:
pkgsrc/lang/php5: Makefile distinfo
Added Files:
pkgsrc/lang/php5/patches: patch-main_snprintf.c patch-main_snprintf.h
patch-main_spprintf.c
Log Message:
Apply changes by r308525 from PHP's repository to fix bug #54055
(buffer overrun with high values for precision ini setting).
It fixes one of security fixes by PHP 5.3.6.
Bump PKGREVISION.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/devel/php-shmop/Makefile@1.9.26.1
/
diff
pkgsrc/lang/php5/distinfo@1.84.2.2 / diff
pkgsrc/lang/php5/patches/patch-ext_shmop_shmop.c@1.1.2.2 / diff
pkgsrc/lang/php5/distinfo@1.84.2.2 / diff
pkgsrc/lang/php5/patches/patch-ext_shmop_shmop.c@1.1.2.2 / diff
Pullup ticket #3394 - requested by taca
security fix for devel/php-shmop
Revisions pulled up:
- devel/php-shmop/Makefile 1.10
- lang/php5/distinfo 1.88
- lang/php5/patches/patch-ext_shmop_shmop.c 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Mar 21 16:08:29 UTC 2011
Modified Files:
pkgsrc/devel/php-shmop: Makefile
pkgsrc/lang/php5: distinfo
Added Files:
pkgsrc/lang/php5/patches: patch-ext_shmop_shmop.c
Log Message:
Add a patch to fix bug #54193 (Integer overflow in shmop_read()) referring
r309018 from PHPs' repository. (CVE-2011-1092)
Bump PKGREVISION of devel/php-shmop.
security fix for devel/php-shmop
Revisions pulled up:
- devel/php-shmop/Makefile 1.10
- lang/php5/distinfo 1.88
- lang/php5/patches/patch-ext_shmop_shmop.c 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Mar 21 16:08:29 UTC 2011
Modified Files:
pkgsrc/devel/php-shmop: Makefile
pkgsrc/lang/php5: distinfo
Added Files:
pkgsrc/lang/php5/patches: patch-ext_shmop_shmop.c
Log Message:
Add a patch to fix bug #54193 (Integer overflow in shmop_read()) referring
r309018 from PHPs' repository. (CVE-2011-1092)
Bump PKGREVISION of devel/php-shmop.
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3388
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/graphics/tiff/Makefile@1.98.2.1
/
diff
pkgsrc/graphics/tiff/distinfo@1.49.4.1 / diff
pkgsrc/graphics/tiff/patches/patch-SA43593@1.1.2.2 / diff
pkgsrc/graphics/tiff/distinfo@1.49.4.1 / diff
pkgsrc/graphics/tiff/patches/patch-SA43593@1.1.2.2 / diff
Pullup ticket #3388 - requested by tron
Security update for graphic/tiff
Revisions pulled up:
- graphics/tiff/Makefile 1.99
- graphics/tiff/distinfo 1.50
- graphics/tiff/patches/patch-SA43593 1.1
---
Module Name: pkgsrc
Committed By: tron
Date: Sat Mar 12 16:10:43 UTC 2011
Modified Files:
pkgsrc/graphics/tiff: Makefile distinfo
Added Files:
pkgsrc/graphics/tiff/patches: patch-SA43593
Log Message:
Add fix for vulnerability reported in SA43593 taken from the
"libtiff" CVS repository.
Security update for graphic/tiff
Revisions pulled up:
- graphics/tiff/Makefile 1.99
- graphics/tiff/distinfo 1.50
- graphics/tiff/patches/patch-SA43593 1.1
---
Module Name: pkgsrc
Committed By: tron
Date: Sat Mar 12 16:10:43 UTC 2011
Modified Files:
pkgsrc/graphics/tiff: Makefile distinfo
Added Files:
pkgsrc/graphics/tiff/patches: patch-SA43593
Log Message:
Add fix for vulnerability reported in SA43593 taken from the
"libtiff" CVS repository.
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3387
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3387 - requested by wiz
build fix for devel/bmake
Revisions pulled up:
- devel/bmake/files/make-bootstrap.sh.in 1.2
---
Module Name: pkgsrc
Committed By: wiz
Date: Wed Jan 26 10:13:48 UTC 2011
Modified Files:
pkgsrc/devel/bmake/files: make-bootstrap.sh.in
Log Message:
Add missing ".o". Found by Matthieu Herrb in PR 44461.
build fix for devel/bmake
Revisions pulled up:
- devel/bmake/files/make-bootstrap.sh.in 1.2
---
Module Name: pkgsrc
Committed By: wiz
Date: Wed Jan 26 10:13:48 UTC 2011
Modified Files:
pkgsrc/devel/bmake/files: make-bootstrap.sh.in
Log Message:
Add missing ".o". Found by Matthieu Herrb in PR 44461.
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3385.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/mail/postfix-current/MESSAGE@1.2.56.1
/
diff
pkgsrc/mail/postfix-current/MESSAGE.sasl@1.3.46.1 / diff
pkgsrc/mail/postfix-current/Makefile@1.115.4.1 / diff
pkgsrc/mail/postfix-current/PLIST@1.22.8.1 / diff
pkgsrc/mail/postfix-current/distinfo@1.59.6.1 / diff
pkgsrc/mail/postfix-current/files/mailer.conf@1.4.56.1 / diff
pkgsrc/mail/postfix-current/patches/patch-aa@1.19.22.1 / diff
pkgsrc/mail/postfix-current/patches/patch-ag@1.22.6.1 / diff
pkgsrc/mail/postfix-current/patches/patch-ai@1.24.10.1 / diff
pkgsrc/mail/postfix-current/patches/patch-as deleted
pkgsrc/mail/postfix-current/patches/patch-at deleted
pkgsrc/mail/postfix-current/patches/patch-au deleted
pkgsrc/mail/postfix-current/patches/patch-av deleted
pkgsrc/mail/postfix-current/MESSAGE.sasl@1.3.46.1 / diff
pkgsrc/mail/postfix-current/Makefile@1.115.4.1 / diff
pkgsrc/mail/postfix-current/PLIST@1.22.8.1 / diff
pkgsrc/mail/postfix-current/distinfo@1.59.6.1 / diff
pkgsrc/mail/postfix-current/files/mailer.conf@1.4.56.1 / diff
pkgsrc/mail/postfix-current/patches/patch-aa@1.19.22.1 / diff
pkgsrc/mail/postfix-current/patches/patch-ag@1.22.6.1 / diff
pkgsrc/mail/postfix-current/patches/patch-ai@1.24.10.1 / diff
pkgsrc/mail/postfix-current/patches/patch-as deleted
pkgsrc/mail/postfix-current/patches/patch-at deleted
pkgsrc/mail/postfix-current/patches/patch-au deleted
pkgsrc/mail/postfix-current/patches/patch-av deleted
Pullup ticket #3385 - requested by taca
mail/postfix-current: security update
Revisions pulled up:
- mail/postfix-current/MESSAGE patch
- mail/postfix-current/MESSAGE.sasl patch
- mail/postfix-current/Makefile patch
- mail/postfix-current/PLIST patch
- mail/postfix-current/distinfo patch
- mail/postfix-current/files/mailer.conf patch
- mail/postfix-current/patches/patch-aa patch
- mail/postfix-current/patches/patch-ag patch
- mail/postfix-current/patches/patch-ai patch
- mail/postfix-current/patches/patch-as patch
- mail/postfix-current/patches/patch-at deleted
- mail/postfix-current/patches/patch-au deleted
- mail/postfix-current/patches/patch-av deleted
---
Update "postfix-current" package to version 2.8.1:
Postfix stable release 2.8.0 is available. This release continues the
move towards improving code and documentation, and making the system
better prepared for changes in the threat environment.
The postscreen daemon (a zombie blocker in front of Postfix) is now
included with the stable release. postscreen now supports TLS and can
log the rejected sender, recipient and helo information. See the
POSTSCREEN_README file for recommended usage scenarios.
Support for DNS whitelisting (permit_rhswl_client), and for pattern
matching to filter the responses from DNS white/blacklist servers
(e.g., reject_rhsbl_client zen.spamhaus.org=127.0.0.[1..10]).
Improved message tracking across SMTP-based content filters; the
after-filter SMTP server can log the before-filter queue ID (the
XCLIENT protocol was extended).
Read-only support for sqlite databases. See sqlite_table(5) and
SQLITE_README.
Support for 'footers' that are appended to SMTP server "reject"
responses. See "smtpd_reject_footer" in the postconf(5) manpage.
mail/postfix-current: security update
Revisions pulled up:
- mail/postfix-current/MESSAGE patch
- mail/postfix-current/MESSAGE.sasl patch
- mail/postfix-current/Makefile patch
- mail/postfix-current/PLIST patch
- mail/postfix-current/distinfo patch
- mail/postfix-current/files/mailer.conf patch
- mail/postfix-current/patches/patch-aa patch
- mail/postfix-current/patches/patch-ag patch
- mail/postfix-current/patches/patch-ai patch
- mail/postfix-current/patches/patch-as patch
- mail/postfix-current/patches/patch-at deleted
- mail/postfix-current/patches/patch-au deleted
- mail/postfix-current/patches/patch-av deleted
---
Update "postfix-current" package to version 2.8.1:
Postfix stable release 2.8.0 is available. This release continues the
move towards improving code and documentation, and making the system
better prepared for changes in the threat environment.
The postscreen daemon (a zombie blocker in front of Postfix) is now
included with the stable release. postscreen now supports TLS and can
log the rejected sender, recipient and helo information. See the
POSTSCREEN_README file for recommended usage scenarios.
Support for DNS whitelisting (permit_rhswl_client), and for pattern
matching to filter the responses from DNS white/blacklist servers
(e.g., reject_rhsbl_client zen.spamhaus.org=127.0.0.[1..10]).
Improved message tracking across SMTP-based content filters; the
after-filter SMTP server can log the before-filter queue ID (the
XCLIENT protocol was extended).
Read-only support for sqlite databases. See sqlite_table(5) and
SQLITE_README.
Support for 'footers' that are appended to SMTP server "reject"
responses. See "smtpd_reject_footer" in the postconf(5) manpage.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/www/py-moin/Makefile@1.14.4.1
/
diff
pkgsrc/www/py-moin/distinfo@1.6.4.1 / diff
pkgsrc/www/py-moin/patches/patch-MoinMoin_parser_text__rst.py@1.1.2.2 / diff
pkgsrc/www/py-moin/distinfo@1.6.4.1 / diff
pkgsrc/www/py-moin/patches/patch-MoinMoin_parser_text__rst.py@1.1.2.2 / diff
Pullup ticket #3386 - requested by gls
www/py-moin: security patch
Revisions pulled up:
- www/py-moin/Makefile 1.16
- www/py-moin/distinfo 1.7
- www/py-moin/patches/patch-MoinMoin_parser_text__rst.py 1.1
---
Module Name: pkgsrc
Committed By: gls
Date: Mon Mar 7 20:51:41 UTC 2011
Modified Files:
pkgsrc/www/py-moin: Makefile distinfo
Added Files:
pkgsrc/www/py-moin/patches: patch-MoinMoin_parser_text__rst.py
Log Message:
Add a fix for CVE CVE 2011-1058.
Taken from http://moinmo.in/SecurityFixes
www/py-moin: security patch
Revisions pulled up:
- www/py-moin/Makefile 1.16
- www/py-moin/distinfo 1.7
- www/py-moin/patches/patch-MoinMoin_parser_text__rst.py 1.1
---
Module Name: pkgsrc
Committed By: gls
Date: Mon Mar 7 20:51:41 UTC 2011
Modified Files:
pkgsrc/www/py-moin: Makefile distinfo
Added Files:
pkgsrc/www/py-moin/patches: patch-MoinMoin_parser_text__rst.py
Log Message:
Add a fix for CVE CVE 2011-1058.
Taken from http://moinmo.in/SecurityFixes
pkgsrc-2010Q4 commitmail json YAML
Pullup tickets #3383, #3384 and #3386.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/mail/postfix/Makefile@1.236.2.1
/
diff
pkgsrc/mail/postfix/distinfo@1.132.2.1 / diff
pkgsrc/mail/postfix/patches/patch-ag@1.30.6.1 / diff
pkgsrc/mail/postfix/distinfo@1.132.2.1 / diff
pkgsrc/mail/postfix/patches/patch-ag@1.30.6.1 / diff
Pullup ticket #3384 - requested by taca
mail/postfix: security update
Revisions pulled up:
- mail/postfix/Makefile patch
- mail/postfix/distinfo patch
- mail/postfix/patches/patch-ag patch
---
Postfix legacy releases 2.7.3, 2.6.9, 2.5.12 and 2.4.16 are available.
These releases contain a fix for CVE-2011-0411 which allows plaintext
command injection with SMTP sessions over TLS. This defect was
introduced with Postfix version 2.2. The same flaw exists in other
implementations of the STARTTLS command.
Note: CVE-2011-0411 is an issue only for the minority of SMTP
clients that actually verify server certificates. Without server
certificate verification, clients are always vulnerable to
man-in-the-middle attacks that allow attackers to inject
plaintext commands or responses into SMTP sessions, and more.
Postfix 2.8 and 2.9 are not affected.
The following problems were fixed with the Postfix legacy releases:
* Fix for CVE-2011-0411: discard buffered plaintext input,
after reading the SMTP "STARTTLS" command or response.
* Fix to the local delivery agent: look up the "unextended"
address in the local aliases database, when that address has
a malformed address extension.
* Fix to virtual alias expansion: report a tempfail error,
instead of silently ignoring recipients that exceed the
virtual_alias_expansion_limit or the virtual_alias_recursion_limit.
* Fix for Solaris: the Postfix event engine was deaf for SIGHUP
and SIGALRM signals after the switch from select() to /dev/poll.
Symptoms were delayed "postfix reload" response, and killed
processes with watchdog timeout values under 100 seconds.
* Fix for HP-UX: the Postfix event engine was deaf for SIGALRM
signals. Symptoms were killed processes with watchdog timeout
values under 100 seconds.
* Fix for BSD-ish mkdir() to prevent maildir directories from
inheriting their group ownership from the parent directory.
* Fix to the SMTP client: missing support for mail to
[ipv6:ipv6addr] address literal destinations.
* FreeBSD back-ported closefrom() from FreeBSD 8x to 7x, breaking
Postfix builds retroactively.
Historical note:
Wietse Venema discovered the problem two weeks before the
Postfix 2.8 release, and silently fixed it pending further
investigation. While investigating the problem's scope and
impact, Victor Duchovni found that many other TLS applications
were also affected. At that point, CERT/CC was asked to coordinate
with the problem's resolution.
You can find the updated Postfix source code at the mirrors listed
at http://www.postfix.org/.
mail/postfix: security update
Revisions pulled up:
- mail/postfix/Makefile patch
- mail/postfix/distinfo patch
- mail/postfix/patches/patch-ag patch
---
Postfix legacy releases 2.7.3, 2.6.9, 2.5.12 and 2.4.16 are available.
These releases contain a fix for CVE-2011-0411 which allows plaintext
command injection with SMTP sessions over TLS. This defect was
introduced with Postfix version 2.2. The same flaw exists in other
implementations of the STARTTLS command.
Note: CVE-2011-0411 is an issue only for the minority of SMTP
clients that actually verify server certificates. Without server
certificate verification, clients are always vulnerable to
man-in-the-middle attacks that allow attackers to inject
plaintext commands or responses into SMTP sessions, and more.
Postfix 2.8 and 2.9 are not affected.
The following problems were fixed with the Postfix legacy releases:
* Fix for CVE-2011-0411: discard buffered plaintext input,
after reading the SMTP "STARTTLS" command or response.
* Fix to the local delivery agent: look up the "unextended"
address in the local aliases database, when that address has
a malformed address extension.
* Fix to virtual alias expansion: report a tempfail error,
instead of silently ignoring recipients that exceed the
virtual_alias_expansion_limit or the virtual_alias_recursion_limit.
* Fix for Solaris: the Postfix event engine was deaf for SIGHUP
and SIGALRM signals after the switch from select() to /dev/poll.
Symptoms were delayed "postfix reload" response, and killed
processes with watchdog timeout values under 100 seconds.
* Fix for HP-UX: the Postfix event engine was deaf for SIGALRM
signals. Symptoms were killed processes with watchdog timeout
values under 100 seconds.
* Fix for BSD-ish mkdir() to prevent maildir directories from
inheriting their group ownership from the parent directory.
* Fix to the SMTP client: missing support for mail to
[ipv6:ipv6addr] address literal destinations.
* FreeBSD back-ported closefrom() from FreeBSD 8x to 7x, breaking
Postfix builds retroactively.
Historical note:
Wietse Venema discovered the problem two weeks before the
Postfix 2.8 release, and silently fixed it pending further
investigation. While investigating the problem's scope and
impact, Victor Duchovni found that many other TLS applications
were also affected. At that point, CERT/CC was asked to coordinate
with the problem's resolution.
You can find the updated Postfix source code at the mirrors listed
at http://www.postfix.org/.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/chat/weechat/Makefile@1.26.8.1
/
diff
pkgsrc/chat/weechat/PLIST@1.13.8.1 / diff
pkgsrc/chat/weechat/distinfo@1.17.8.1 / diff
pkgsrc/chat/weechat/patches/patch-aa@1.3.38.1 / diff
pkgsrc/chat/weechat/patches/patch-ab@1.5.18.1 / diff
pkgsrc/chat/weechat/patches/patch-ac@1.4.10.1 / diff
pkgsrc/chat/weechat/patches/patch-ad@1.3.8.1 / diff
pkgsrc/chat/weechat/patches/patch-src_core_wee-hook.c@1.1.2.2 / diff
pkgsrc/chat/weechat/patches/patch-src_core_wee-hook.h@1.1.2.2 / diff
pkgsrc/chat/weechat/patches/patch-src_core_wee-network.c@1.1.2.2 / diff
pkgsrc/chat/weechat/patches/patch-src_plugins_irc_irc-server.c@1.1.2.2 / diff
pkgsrc/chat/weechat/patches/patch-src_plugins_rmodifier_rmodifier-config.h@1.1.2.2 / diff
pkgsrc/chat/weechat/PLIST@1.13.8.1 / diff
pkgsrc/chat/weechat/distinfo@1.17.8.1 / diff
pkgsrc/chat/weechat/patches/patch-aa@1.3.38.1 / diff
pkgsrc/chat/weechat/patches/patch-ab@1.5.18.1 / diff
pkgsrc/chat/weechat/patches/patch-ac@1.4.10.1 / diff
pkgsrc/chat/weechat/patches/patch-ad@1.3.8.1 / diff
pkgsrc/chat/weechat/patches/patch-src_core_wee-hook.c@1.1.2.2 / diff
pkgsrc/chat/weechat/patches/patch-src_core_wee-hook.h@1.1.2.2 / diff
pkgsrc/chat/weechat/patches/patch-src_core_wee-network.c@1.1.2.2 / diff
pkgsrc/chat/weechat/patches/patch-src_plugins_irc_irc-server.c@1.1.2.2 / diff
pkgsrc/chat/weechat/patches/patch-src_plugins_rmodifier_rmodifier-config.h@1.1.2.2 / diff
Pullup ticket #3383 - requested by tonio
chat/weechat: security update
Revisions pulled up:
- chat/weechat/Makefile 1.27
- chat/weechat/PLIST 1.14
- chat/weechat/distinfo 1.18
- chat/weechat/patches/patch-aa 1.4
- chat/weechat/patches/patch-ab 1.6
- chat/weechat/patches/patch-ac 1.5
- chat/weechat/patches/patch-ad 1.4
- chat/weechat/patches/patch-src_core_wee-hook.c 1.1
- chat/weechat/patches/patch-src_core_wee-hook.h 1.1
- chat/weechat/patches/patch-src_core_wee-network.c 1.1
- chat/weechat/patches/patch-src_plugins_irc_irc-server.c 1.1
- chat/weechat/patches/patch-src_plugins_rmodifier_rmodifier-config.h 1.1
---
Module Name: pkgsrc
Committed By: tonio
Date: Sat Mar 5 22:48:07 UTC 2011
Modified Files:
pkgsrc/chat/weechat: Makefile PLIST distinfo
pkgsrc/chat/weechat/patches: patch-aa patch-ab patch-ac patch-ad
Added Files:
pkgsrc/chat/weechat/patches: patch-src_core_wee-hook.c
patch-src_core_wee-hook.h patch-src_core_wee-network.c
patch-src_plugins_irc_irc-server.c
patch-src_plugins_rmodifier_rmodifier-config.h
Log Message:
Update chat/weechat to 0.3.4
Fix for SA43543 and update kindly provided by gls@
This is a major release, with lot of bugs fixed and major new features.
Among the new features:
- 256 colors support, with unlimited number of nick colors
- irc proxy (relay plugin)
- redirection of IRC commands
- command /notify
- rmodifier plugin
- regular expressions for highlights
- color support for timestamp in chat buffer
- irc option to force color for some nicks
- share input line between buffers.
chat/weechat: security update
Revisions pulled up:
- chat/weechat/Makefile 1.27
- chat/weechat/PLIST 1.14
- chat/weechat/distinfo 1.18
- chat/weechat/patches/patch-aa 1.4
- chat/weechat/patches/patch-ab 1.6
- chat/weechat/patches/patch-ac 1.5
- chat/weechat/patches/patch-ad 1.4
- chat/weechat/patches/patch-src_core_wee-hook.c 1.1
- chat/weechat/patches/patch-src_core_wee-hook.h 1.1
- chat/weechat/patches/patch-src_core_wee-network.c 1.1
- chat/weechat/patches/patch-src_plugins_irc_irc-server.c 1.1
- chat/weechat/patches/patch-src_plugins_rmodifier_rmodifier-config.h 1.1
---
Module Name: pkgsrc
Committed By: tonio
Date: Sat Mar 5 22:48:07 UTC 2011
Modified Files:
pkgsrc/chat/weechat: Makefile PLIST distinfo
pkgsrc/chat/weechat/patches: patch-aa patch-ab patch-ac patch-ad
Added Files:
pkgsrc/chat/weechat/patches: patch-src_core_wee-hook.c
patch-src_core_wee-hook.h patch-src_core_wee-network.c
patch-src_plugins_irc_irc-server.c
patch-src_plugins_rmodifier_rmodifier-config.h
Log Message:
Update chat/weechat to 0.3.4
Fix for SA43543 and update kindly provided by gls@
This is a major release, with lot of bugs fixed and major new features.
Among the new features:
- 256 colors support, with unlimited number of nick colors
- irc proxy (relay plugin)
- redirection of IRC commands
- command /notify
- rmodifier plugin
- regular expressions for highlights
- color support for timestamp in chat buffer
- irc option to force color for some nicks
- share input line between buffers.
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3379.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/mail/thunderbird/Makefile@1.64.2.1
/
diff
pkgsrc/mail/thunderbird/distinfo@1.77.2.1 / diff
pkgsrc/mail/thunderbird/patches/patch-directory_c-sdk_configure.in@1.1.6.1 / diff
pkgsrc/mail/thunderbird/patches/patch-directory_c-sdk_ldap_include_portable.h@1.2.6.1 / diff
pkgsrc/mail/thunderbird/patches/patch-directory_c-sdk_ldap_libraries_libldap_Makefile.in@1.1.6.1 / diff
pkgsrc/mail/thunderbird/patches/patch-mm@1.3.4.1 / diff
pkgsrc/mail/thunderbird/distinfo@1.77.2.1 / diff
pkgsrc/mail/thunderbird/patches/patch-directory_c-sdk_configure.in@1.1.6.1 / diff
pkgsrc/mail/thunderbird/patches/patch-directory_c-sdk_ldap_include_portable.h@1.2.6.1 / diff
pkgsrc/mail/thunderbird/patches/patch-directory_c-sdk_ldap_libraries_libldap_Makefile.in@1.1.6.1 / diff
pkgsrc/mail/thunderbird/patches/patch-mm@1.3.4.1 / diff
Pullup ticket #3379 - requested by tnn
mail/thunderbird: security update
Revisions pulled up:
- mail/thunderbird/Makefile 1.66 via patch
- mail/thunderbird/distinfo 1.78
- mail/thunderbird/patches/patch-directory_c-sdk_configure.in 1.2
- mail/thunderbird/patches/patch-directory_c-sdk_ldap_include_portable.h 1.3
- mail/thunderbird/patches/patch-directory_c-sdk_ldap_libraries_libldap_Makefile.in 1.2
- mail/thunderbird/patches/patch-mm 1.4
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Mar 5 13:09:36 UTC 2011
Modified Files:
pkgsrc/mail/thunderbird: Makefile distinfo
pkgsrc/mail/thunderbird/patches: patch-directory_c-sdk_configure.in
patch-directory_c-sdk_ldap_include_portable.h
patch-directory_c-sdk_ldap_libraries_libldap_Makefile.in patch-mm
Log Message:
Stability and security update of thunderbird to 3.1.8.
MFSA 2011-09 Crash caused by corrupted JPEG image
MFSA 2011-08 ParanoidFragmentSink allows javascript: URLs in chrome documents
MFSA 2011-01 Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17)
mail/thunderbird: security update
Revisions pulled up:
- mail/thunderbird/Makefile 1.66 via patch
- mail/thunderbird/distinfo 1.78
- mail/thunderbird/patches/patch-directory_c-sdk_configure.in 1.2
- mail/thunderbird/patches/patch-directory_c-sdk_ldap_include_portable.h 1.3
- mail/thunderbird/patches/patch-directory_c-sdk_ldap_libraries_libldap_Makefile.in 1.2
- mail/thunderbird/patches/patch-mm 1.4
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Mar 5 13:09:36 UTC 2011
Modified Files:
pkgsrc/mail/thunderbird: Makefile distinfo
pkgsrc/mail/thunderbird/patches: patch-directory_c-sdk_configure.in
patch-directory_c-sdk_ldap_include_portable.h
patch-directory_c-sdk_ldap_libraries_libldap_Makefile.in patch-mm
Log Message:
Stability and security update of thunderbird to 3.1.8.
MFSA 2011-09 Crash caused by corrupted JPEG image
MFSA 2011-08 ParanoidFragmentSink allows javascript: URLs in chrome documents
MFSA 2011-01 Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17)
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/devel/xulrunner/Makefile@1.45.2.1
/
diff
pkgsrc/devel/xulrunner/dist.mk@1.17.2.1 / diff
pkgsrc/devel/xulrunner/distinfo@1.39.2.1 / diff
pkgsrc/devel/xulrunner/patches/patch-mm@1.3.4.1 / diff
pkgsrc/doc/CHANGES-pkgsrc-2010Q4@1.1.2.33 / diff
pkgsrc/www/firefox/Makefile@1.81.2.1 / diff
pkgsrc/devel/xulrunner/dist.mk@1.17.2.1 / diff
pkgsrc/devel/xulrunner/distinfo@1.39.2.1 / diff
pkgsrc/devel/xulrunner/patches/patch-mm@1.3.4.1 / diff
pkgsrc/doc/CHANGES-pkgsrc-2010Q4@1.1.2.33 / diff
pkgsrc/www/firefox/Makefile@1.81.2.1 / diff
Pullup #3381, requested by tnn
firefox-3.6.15 update and prerequisite commits.
pkgsrc/www/firefox/Makefile 1.82, 1.83
pkgsrc/devel/xulrunner/Makefile 1.46, 1.47, 1.48
pkgsrc/devel/xulrunner/dist.mk 1.18
pkgsrc/devel/xulrunner/distinfo 1.40
pkgsrc/devel/xulrunner/patches/patch-mm 1.4
Module Name: pkgsrc
Committed By: wiz
Date: Thu Jan 13 13:40:12 UTC 2011
Modified Files:
pkgsrc/www/firefox: Makefile
Log Message:
png shlib name changed for png>=1.5.0, so bump PKGREVISIONs.
---
Module Name: pkgsrc
Committed By: wiz
Date: Thu Jan 13 13:53:34 UTC 2011
Modified Files:
pkgsrc/devel/xulrunner: Makefile
Log Message:
png shlib name changed for png>=1.5.0, so bump PKGREVISIONs.
---
Module Name: pkgsrc
Committed By: markd
Date: Sun Jan 23 11:18:27 UTC 2011
Modified Files:
pkgsrc/devel/xulrunner: Makefile
Log Message:
set FREEBL_NO_DEPEND=0 in MAKE_ENV otherwise Linux2.6 defaults to
FREEBL_NO_DEPEND=1 and files not in PLIST are installed.
OKed by tnn.
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Mar 5 11:57:17 UTC 2011
Modified Files:
pkgsrc/devel/xulrunner: Makefile dist.mk distinfo
pkgsrc/devel/xulrunner/patches: patch-mm
pkgsrc/www/firefox: Makefile
Log Message:
Stability & security update of firefox to 3.6.15.
MFSA 2011-10 CSRF risk with plugins and 307 redirects
MFSA 2011-09 Crash caused by corrupted JPEG image
MFSA 2011-08 ParanoidFragmentSink allows javascript: URLs in chrome documents
MFSA 2011-07 Memory corruption during text run construction (Windows)
MFSA 2011-06 Use-after-free error using Web Workers
MFSA 2011-05 Buffer overflow in JavaScript atom map
MFSA 2011-04 Buffer overflow in JavaScript upvarMap
MFSA 2011-03 Use-after-free error in JSON.stringify
MFSA 2011-02 Recursive eval call causes confirm dialogs to evaluate to true
MFSA 2011-01 Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17)
firefox-3.6.15 update and prerequisite commits.
pkgsrc/www/firefox/Makefile 1.82, 1.83
pkgsrc/devel/xulrunner/Makefile 1.46, 1.47, 1.48
pkgsrc/devel/xulrunner/dist.mk 1.18
pkgsrc/devel/xulrunner/distinfo 1.40
pkgsrc/devel/xulrunner/patches/patch-mm 1.4
Module Name: pkgsrc
Committed By: wiz
Date: Thu Jan 13 13:40:12 UTC 2011
Modified Files:
pkgsrc/www/firefox: Makefile
Log Message:
png shlib name changed for png>=1.5.0, so bump PKGREVISIONs.
---
Module Name: pkgsrc
Committed By: wiz
Date: Thu Jan 13 13:53:34 UTC 2011
Modified Files:
pkgsrc/devel/xulrunner: Makefile
Log Message:
png shlib name changed for png>=1.5.0, so bump PKGREVISIONs.
---
Module Name: pkgsrc
Committed By: markd
Date: Sun Jan 23 11:18:27 UTC 2011
Modified Files:
pkgsrc/devel/xulrunner: Makefile
Log Message:
set FREEBL_NO_DEPEND=0 in MAKE_ENV otherwise Linux2.6 defaults to
FREEBL_NO_DEPEND=1 and files not in PLIST are installed.
OKed by tnn.
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Mar 5 11:57:17 UTC 2011
Modified Files:
pkgsrc/devel/xulrunner: Makefile dist.mk distinfo
pkgsrc/devel/xulrunner/patches: patch-mm
pkgsrc/www/firefox: Makefile
Log Message:
Stability & security update of firefox to 3.6.15.
MFSA 2011-10 CSRF risk with plugins and 307 redirects
MFSA 2011-09 Crash caused by corrupted JPEG image
MFSA 2011-08 ParanoidFragmentSink allows javascript: URLs in chrome documents
MFSA 2011-07 Memory corruption during text run construction (Windows)
MFSA 2011-06 Use-after-free error using Web Workers
MFSA 2011-05 Buffer overflow in JavaScript atom map
MFSA 2011-04 Buffer overflow in JavaScript upvarMap
MFSA 2011-03 Use-after-free error in JSON.stringify
MFSA 2011-02 Recursive eval call causes confirm dialogs to evaluate to true
MFSA 2011-01 Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17)
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3380.
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3380 - requested by gls
chat/cgiirc: security update
Revisions pulled up:
- chat/cgiirc/Makefile 1.17
- chat/cgiirc/distinfo 1.7
---
Module Name: pkgsrc
Committed By: gls
Date: Wed Mar 2 20:24:40 UTC 2011
Modified Files:
pkgsrc/chat/cgiirc: Makefile distinfo
Log Message:
Update chat/cgiirc to 0.5.10
Upstream changes:
After ~5 years without a release 0.5.10 is now available. This is
actually just
0.5.9 with one security fix:
CVE-2011-0050: XSS in R param in nonjs interface
Thanks to Michael Brooks (Sitewatch) for discovering this.
pkgsrc changes:
- Update MASTER_SITES and HOMEPAGE to point to cgiirc.org
- Add LICENSE
chat/cgiirc: security update
Revisions pulled up:
- chat/cgiirc/Makefile 1.17
- chat/cgiirc/distinfo 1.7
---
Module Name: pkgsrc
Committed By: gls
Date: Wed Mar 2 20:24:40 UTC 2011
Modified Files:
pkgsrc/chat/cgiirc: Makefile distinfo
Log Message:
Update chat/cgiirc to 0.5.10
Upstream changes:
After ~5 years without a release 0.5.10 is now available. This is
actually just
0.5.9 with one security fix:
CVE-2011-0050: XSS in R param in nonjs interface
Thanks to Michael Brooks (Sitewatch) for discovering this.
pkgsrc changes:
- Update MASTER_SITES and HOMEPAGE to point to cgiirc.org
- Add LICENSE
pkgsrc-2010Q4 commitmail json YAML
Pullup tickets #3376 and #3382.
pkgsrc-2010Q4 commitmail json YAML
pull up request 3382, requested by tnn@
Revisions pulled up:
+ pkgsrc/www/seamonkey/Makefile 1.46, 1.47
+ pkgsrc/www/seamonkey/distinfo 1.59
Module Name: pkgsrc
Committed By: wiz
Date: Thu Jan 13 13:53:34 UTC 2011
Modified Files:
pkgsrc/www/seamonkey: Makefile
Log Message:
png shlib name changed for png>=1.5.0, so bump PKGREVISIONs.
To generate a diff of this commit:
cvs rdiff -u -r1.45 -r1.46 pkgsrc/www/seamonkey/Makefile
Module Name: pkgsrc
Committed By: tnn
Date: Sat Mar 5 14:48:21 UTC 2011
Modified Files:
pkgsrc/www/seamonkey: Makefile distinfo
Log Message:
Security and stability update of seamonkey to 2.0.12.
MFSA 2011-10 CSRF risk with plugins and 307 redirects
MFSA 2011-08 ParanoidFragmentSink allows javascript: URLs in chrome
documents MFSA 2011-07 Memory corruption during text run construction
(Windows) MFSA 2011-06 Use-after-free error using Web Workers
MFSA 2011-05 Buffer overflow in JavaScript atom map
MFSA 2011-04 Buffer overflow in JavaScript upvarMap
MFSA 2011-03 Use-after-free error in JSON.stringify
MFSA 2011-02 Recursive eval call causes confirm dialogs to evaluate to
true MFSA 2011-01 Miscellaneous memory safety hazards (rv:1.9.2.14/
1.9.1.17)
Revisions pulled up:
+ pkgsrc/www/seamonkey/Makefile 1.46, 1.47
+ pkgsrc/www/seamonkey/distinfo 1.59
Module Name: pkgsrc
Committed By: wiz
Date: Thu Jan 13 13:53:34 UTC 2011
Modified Files:
pkgsrc/www/seamonkey: Makefile
Log Message:
png shlib name changed for png>=1.5.0, so bump PKGREVISIONs.
To generate a diff of this commit:
cvs rdiff -u -r1.45 -r1.46 pkgsrc/www/seamonkey/Makefile
Module Name: pkgsrc
Committed By: tnn
Date: Sat Mar 5 14:48:21 UTC 2011
Modified Files:
pkgsrc/www/seamonkey: Makefile distinfo
Log Message:
Security and stability update of seamonkey to 2.0.12.
MFSA 2011-10 CSRF risk with plugins and 307 redirects
MFSA 2011-08 ParanoidFragmentSink allows javascript: URLs in chrome
documents MFSA 2011-07 Memory corruption during text run construction
(Windows) MFSA 2011-06 Use-after-free error using Web Workers
MFSA 2011-05 Buffer overflow in JavaScript atom map
MFSA 2011-04 Buffer overflow in JavaScript upvarMap
MFSA 2011-03 Use-after-free error in JSON.stringify
MFSA 2011-02 Recursive eval call causes confirm dialogs to evaluate to
true MFSA 2011-01 Miscellaneous memory safety hazards (rv:1.9.2.14/
1.9.1.17)
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/security/clamav/Makefile@1.1.1.1.2.1
/
diff
pkgsrc/security/clamav/distinfo@1.1.1.1.2.1 / diff
pkgsrc/security/clamav/distinfo@1.1.1.1.2.1 / diff
Pull up ticket 3376, requested by tron@
Module Name: pkgsrc
Committed By: adam
Date: Tue Feb 8 07:56:09 UTC 2011
Modified Files:
pkgsrc/security/clamav: Makefile distinfo
Log Message:
Changes 0.97:
ClamAV 0.97 brings many improvements, including complete Windows
support (all major components compile out-of-box under Visual
Studio), support for signatures based on SHA1 and SHA256, better
error detection, as well as speed and memory optimizations. The
complete list of changes is available in the ChangeLog file.
Module Name: pkgsrc
Committed By: adam
Date: Tue Feb 8 07:56:09 UTC 2011
Modified Files:
pkgsrc/security/clamav: Makefile distinfo
Log Message:
Changes 0.97:
ClamAV 0.97 brings many improvements, including complete Windows
support (all major components compile out-of-box under Visual
Studio), support for signatures based on SHA1 and SHA256, better
error detection, as well as speed and memory optimizations. The
complete list of changes is available in the ChangeLog file.
pkgsrc-2010Q4 commitmail json YAML
pullups 3377 + 3378
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/devel/pango/Makefile@1.149.2.2
/
diff
pkgsrc/devel/pango/distinfo@1.86.2.2 / diff
pkgsrc/devel/pango/patches/patch-CVE-2011-0064-1@1.1.2.2 / diff
pkgsrc/devel/pango/patches/patch-CVE-2011-0064-2@1.1.2.2 / diff
pkgsrc/devel/pango/patches/patch-CVE-2011-0064-3@1.1.2.2 / diff
pkgsrc/devel/pango/distinfo@1.86.2.2 / diff
pkgsrc/devel/pango/patches/patch-CVE-2011-0064-1@1.1.2.2 / diff
pkgsrc/devel/pango/patches/patch-CVE-2011-0064-2@1.1.2.2 / diff
pkgsrc/devel/pango/patches/patch-CVE-2011-0064-3@1.1.2.2 / diff
Pullup ticket #3378 - requested by tron
devel/pango: security fix
Revisions pulled up:
- devel/pango/Makefile 1.152
- devel/pango/distinfo 1.88
Files added:
devel/pango/patches/patch-CVE-2011-0064-1
devel/pango/patches/patch-CVE-2011-0064-2
devel/pango/patches/patch-CVE-2011-0064-3
---------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Mar 5 13:37:20 UTC 2011
Modified Files:
pkgsrc/devel/pango: Makefile distinfo
Added Files:
pkgsrc/devel/pango/patches: patch-CVE-2011-0064-1 patch-CVE-2011-0064-2
patch-CVE-2011-0064-3
Log Message:
Add openSUSE's fix for the DoS vulnerability remoted in CVE-2011-0064.
devel/pango: security fix
Revisions pulled up:
- devel/pango/Makefile 1.152
- devel/pango/distinfo 1.88
Files added:
devel/pango/patches/patch-CVE-2011-0064-1
devel/pango/patches/patch-CVE-2011-0064-2
devel/pango/patches/patch-CVE-2011-0064-3
---------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Mar 5 13:37:20 UTC 2011
Modified Files:
pkgsrc/devel/pango: Makefile distinfo
Added Files:
pkgsrc/devel/pango/patches: patch-CVE-2011-0064-1 patch-CVE-2011-0064-2
patch-CVE-2011-0064-3
Log Message:
Add openSUSE's fix for the DoS vulnerability remoted in CVE-2011-0064.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/devel/pango/Makefile@1.149.2.1
/
diff
pkgsrc/devel/pango/distinfo@1.86.2.1 / diff
pkgsrc/devel/pango/patches/patch-ac@1.15.2.2 / diff
pkgsrc/devel/pango/patches/patch-ad@1.12.2.2 / diff
pkgsrc/devel/pango/distinfo@1.86.2.1 / diff
pkgsrc/devel/pango/patches/patch-ac@1.15.2.2 / diff
pkgsrc/devel/pango/patches/patch-ad@1.12.2.2 / diff
Pullup ticket #3377 - requested by tron
devel/pango: security update
Revisions pulled up:
- devel/pango/Makefile 1.151
- devel/pango/distinfo 1.87
- devel/pango/patches/patch-ac 1.15
- devel/pango/patches/patch-ad 1.12
----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Thu Jan 27 14:04:51 UTC 2011
Modified Files:
pkgsrc/devel/pango: Makefile distinfo
Added Files:
pkgsrc/devel/pango/patches: patch-ac patch-ad
Log Message:
-add patch from https://bugzilla.gnome.org/show_bug.cgi?id=3D639882 to fix
possible heap corruption when parsing a corrupt font (CVE-2011-0020)
-being here, add a patch from upstream to fix a scaling inconsistency
bump PKGREV
devel/pango: security update
Revisions pulled up:
- devel/pango/Makefile 1.151
- devel/pango/distinfo 1.87
- devel/pango/patches/patch-ac 1.15
- devel/pango/patches/patch-ad 1.12
----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Thu Jan 27 14:04:51 UTC 2011
Modified Files:
pkgsrc/devel/pango: Makefile distinfo
Added Files:
pkgsrc/devel/pango/patches: patch-ac patch-ad
Log Message:
-add patch from https://bugzilla.gnome.org/show_bug.cgi?id=3D639882 to fix
possible heap corruption when parsing a corrupt font (CVE-2011-0020)
-being here, add a patch from upstream to fix a scaling inconsistency
bump PKGREV
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3373, #3374 and #3375.
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3375 - requested by taca
www/typo3: dependence fix
Revisions pulled up:
- www/typo3/Makefile 1.32
---
Module Name: pkgsrc
Committed By: bouyer
Date: Wed Mar 2 19:06:09 UTC 2011
Modified Files:
pkgsrc/www/typo3: Makefile
Log Message:
This requires php-json
www/typo3: dependence fix
Revisions pulled up:
- www/typo3/Makefile 1.32
---
Module Name: pkgsrc
Committed By: bouyer
Date: Wed Mar 2 19:06:09 UTC 2011
Modified Files:
pkgsrc/www/typo3: Makefile
Log Message:
This requires php-json
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/www/mongrel/Makefile@1.11.4.2
/
diff
pkgsrc/www/mongrel/files/gemspec@1.1.2.2 / diff
pkgsrc/www/mongrel/patches/patch-ac deleted
pkgsrc/www/mongrel/files/gemspec@1.1.2.2 / diff
pkgsrc/www/mongrel/patches/patch-ac deleted
Pullup ticket #3374 - requested by taca
www/mongrel: build fix
Revisions pulled up:
- www/mongrel/Makefile 1.14 via patch
- www/mongrel/files/gemspec 1.1
- www/mongrel/patches/patch-ac 0
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 28 15:46:39 UTC 2011
Modified Files:
pkgsrc/www/mongrel: Makefile
Added Files:
pkgsrc/www/mongrel/files: gemspec
Removed Files:
pkgsrc/www/mongrel/patches: patch-ac
Log Message:
Fix build problem with ruby18.
Give up to patch gemspec but use pre-generated one.
www/mongrel: build fix
Revisions pulled up:
- www/mongrel/Makefile 1.14 via patch
- www/mongrel/files/gemspec 1.1
- www/mongrel/patches/patch-ac 0
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 28 15:46:39 UTC 2011
Modified Files:
pkgsrc/www/mongrel: Makefile
Added Files:
pkgsrc/www/mongrel/files: gemspec
Removed Files:
pkgsrc/www/mongrel/patches: patch-ac
Log Message:
Fix build problem with ruby18.
Give up to patch gemspec but use pre-generated one.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/graphics/ruby-imlib2/Makefile@1.21.4.2
/
diff
pkgsrc/graphics/ruby-imlib2/distinfo@1.6.4.1 / diff
pkgsrc/graphics/ruby-imlib2/files/gemspec@1.1.2.2 / diff
pkgsrc/graphics/ruby-imlib2/patches/patch-aa deleted
pkgsrc/graphics/ruby-imlib2/distinfo@1.6.4.1 / diff
pkgsrc/graphics/ruby-imlib2/files/gemspec@1.1.2.2 / diff
pkgsrc/graphics/ruby-imlib2/patches/patch-aa deleted
Pullup ticket #3373 - requested by taca
FIXME: Please provide the list of changed packages and the reasons here.
Revisions pulled up:
- graphics/ruby-imlib2/Makefile 1.25
- graphics/ruby-imlib2/distinfo 1.7
- graphics/ruby-imlib2/files/gemspec 1.1
- graphics/ruby-imlib2/patches/patch-aa 0
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 28 15:46:08 UTC 2011
Modified Files:
pkgsrc/graphics/ruby-imlib2: Makefile distinfo
Added Files:
pkgsrc/graphics/ruby-imlib2/files: gemspec
Removed Files:
pkgsrc/graphics/ruby-imlib2/patches: patch-aa
Log Message:
Fix build problem with ruby18.
Give up to patch gemspec but use pre-generated one.
FIXME: Please provide the list of changed packages and the reasons here.
Revisions pulled up:
- graphics/ruby-imlib2/Makefile 1.25
- graphics/ruby-imlib2/distinfo 1.7
- graphics/ruby-imlib2/files/gemspec 1.1
- graphics/ruby-imlib2/patches/patch-aa 0
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 28 15:46:08 UTC 2011
Modified Files:
pkgsrc/graphics/ruby-imlib2: Makefile distinfo
Added Files:
pkgsrc/graphics/ruby-imlib2/files: gemspec
Removed Files:
pkgsrc/graphics/ruby-imlib2/patches: patch-aa
Log Message:
Fix build problem with ruby18.
Give up to patch gemspec but use pre-generated one.
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3368
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3368 - requested by taca
net/samba35 security fix.
Revisions pulled up:
- net/samba35/Makefile 1.2
- net/samba35/distinfo 1.2
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 28 14:34:56 UTC 2011
Modified Files:
pkgsrc/net/samba35: Makefile distinfo
Log Message:
Update samba35 pacakge to 3.5.7.
Release Announcements
=====================
Samba 3.5.7, 3.4.12 and 3.3.15 are security releases in order to
address CVE-2011-0719.
o CVE-2011-0719:
All current released versions of Samba are vulnerable to
a denial of service caused by memory corruption. Range
checks on file descriptors being used in the FD_SET macro
were not present allowing stack corruption. This can cause
the Samba code to crash or to loop attempting to select
on a bad file descriptor set.
A connection to a file share, or a local account is needed
to exploit this problem, either authenticated or unauthenticated
(guest connection).
Currently we do not believe this flaw is exploitable
beyond a crash or causing the code to loop, but on the
advice of our security reviewers we are releasing fixes
in case an exploit is discovered at a later date.
Changes
-------
o Jeremy Allison <jra at samba.org>
* BUG 7949: Fix DoS in Winbind and smbd with many file descriptors open.
net/samba35 security fix.
Revisions pulled up:
- net/samba35/Makefile 1.2
- net/samba35/distinfo 1.2
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 28 14:34:56 UTC 2011
Modified Files:
pkgsrc/net/samba35: Makefile distinfo
Log Message:
Update samba35 pacakge to 3.5.7.
Release Announcements
=====================
Samba 3.5.7, 3.4.12 and 3.3.15 are security releases in order to
address CVE-2011-0719.
o CVE-2011-0719:
All current released versions of Samba are vulnerable to
a denial of service caused by memory corruption. Range
checks on file descriptors being used in the FD_SET macro
were not present allowing stack corruption. This can cause
the Samba code to crash or to loop attempting to select
on a bad file descriptor set.
A connection to a file share, or a local account is needed
to exploit this problem, either authenticated or unauthenticated
(guest connection).
Currently we do not believe this flaw is exploitable
beyond a crash or causing the code to loop, but on the
advice of our security reviewers we are releasing fixes
in case an exploit is discovered at a later date.
Changes
-------
o Jeremy Allison <jra at samba.org>
* BUG 7949: Fix DoS in Winbind and smbd with many file descriptors open.
pkgsrc-2010Q4 commitmail json YAML
pullups 3371 and 3372
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket 3372 - requested by sbd
build fix for Linux
Revisions pulled up:
- pkgsrc/net/samba35/Makefile 1.3
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: sbd
Date: Tue Mar 1 11:28:59 UTC 2011
Modified Files:
pkgsrc/net/samba35: Makefile
Log Message:
Add --with-cifsumount to CONFIGURE_ARGS on Linux systems in order to build
umount.cifs
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/net/samba35/Makefile
build fix for Linux
Revisions pulled up:
- pkgsrc/net/samba35/Makefile 1.3
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: sbd
Date: Tue Mar 1 11:28:59 UTC 2011
Modified Files:
pkgsrc/net/samba35: Makefile
Log Message:
Add --with-cifsumount to CONFIGURE_ARGS on Linux systems in order to build
umount.cifs
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/net/samba35/Makefile
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/net/wireshark/Makefile@1.56.2.3
/
diff
pkgsrc/net/wireshark/distinfo@1.38.2.3 / diff
pkgsrc/net/wireshark/patches/patch-af deleted
pkgsrc/net/wireshark/patches/patch-ag deleted
pkgsrc/net/wireshark/distinfo@1.38.2.3 / diff
pkgsrc/net/wireshark/patches/patch-af deleted
pkgsrc/net/wireshark/patches/patch-ag deleted
Pullup ticket 3371 - requested by tron
security update
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.60
- pkgsrc/net/wireshark/distinfo by patch
Files deleted:
pkgsrc/net/wireshark/patches/patch-af
pkgsrc/net/wireshark/patches/patch-ag
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Mar 2 00:09:15 UTC 2011
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Removed Files:
pkgsrc/net/wireshark/patches: patch-af patch-ag
Log Message:
Update "wireshark" package to version 1.4.4. Changes since 1.4.3:
- Bug Fixes
The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.
o Huzaifa Sidhpurwala of the Red Hat Security Response Team
discovered that Wireshark could free an uninitialized pointer
while reading a malformed pcap-ng file. (Bug 5652)
Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3.
CVE-2011-0538
o Huzaifa Sidhpurwala of the Red Hat Security Response Team
discovered that a large packet length in a pcap-ng file could
crash Wireshark. (Bug 5661)
Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3.
o Wireshark could overflow a buffer while reading a Nokia DCT3
trace file. (Bug 5661)
Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3.
CVE-2011-0713
o Paul Makowski working for SEI/CERT discovered that Wireshark
on 32 bit systems could crash while reading a malformed
6LoWPAN packet. (Bug 5661)
Versions affected: 1.4.0 to 1.4.3.
o joernchen of Phenoelit discovered that the LDAP and SMB
dissectors could overflow the stack. (Bug 5717)
Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. (Prior
versions including 1.0.x are also affected.)
o Xiaopeng Zhang of Fortinet's Fortiguard Labs discovered that
large LDAP Filter strings can consume excessive amounts of
memory. (Bug 5732)
Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. (Prior
versions including 1.0.x are also affected.)
The following bugs have been fixed:
o A TCP stream would not always be recognized as the same
stream. (Bug 2907)
o Wireshark Crashing by pressing 2 Buttons. (Bug 4645)
o A crash can occur in the NTLMSSP dissector. (Bug 5157)
o The column texts from a Lua dissector could be mangled. (Bug
5326) (Bug 5630)
o Corrections to ANSI MAP ASN.1 specifications. (Bug 5584)
o When searching in packet bytes, the field and bytes are not
immediately shown. (Bug 5585)
o Malformed Packet: ULP reported when dissecting ULP SessionID
PDU. (Bug 5593)
o Wrong IEI in container of decode_gtp_mm_cntxt. (Bug 5598)
o Display filter does not work for expressions of type BASE_DEC,
BASE_DEC_HEX and BASE_HEX_DEC. (Bug 5606)
o NTLMSSP dissector may fail to compile due to space embedded in
C comment delimiters. (Bug 5614)
o Allow for name resolution of link-scope and multicast IPv6
addresses from local host file. (Bug 5615)
o DHCPv6 dissector formats DUID_LLT time incorrectly. (Bug 5627)
o Allow for IEEE 802.3bc-2009 style PoE TLVs. (Bug 5639)
o Various fixes to the HIP packet dissector. (Bug 5646)
o Display "Day of Year" for January 1 as 1, not 0. (Bug 5653)
o Accommodate the CMake build on Ubuntu 10.10. (Bug 5665)
o E.212 MCC 260 Poland update according to local national
regulatory. (Bug 5668)
o IPP on ports other than 631 not recognized. (Bug 5677)
o Potential access violation when writing to LANalyzer files.
(Bug 5698)
o IEEE 802.15.4 Superframe Specification - Final CAP Slot always
0. (Bug 5700)
o Peer SRC and DST AS numbers are swapped for cflow. (Bug 5702)
o dumpcap: -q option behavior doesn't match documentation. (Bug
5716)
- Updated Protocol Support
ANSI MAP, BitTorrent, DCM, DHCPv6, DTAP, DTPT, E.212, GSM
Management, GTP, HIP, IEEE 802.15.4, IPP, LDAP, LLDP, Netflow,
NTLMSSP, P_Mul, Quake, Skinny, SMB, SNMP, ULP
- New and Updated Capture File Support
LANalyzer, Nokia DCT3, Pcap-ng
To generate a diff of this commit:
cvs rdiff -u -r1.59 -r1.60 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.41 -r1.42 pkgsrc/net/wireshark/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/net/wireshark/patches/patch-af \
pkgsrc/net/wireshark/patches/patch-ag
security update
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.60
- pkgsrc/net/wireshark/distinfo by patch
Files deleted:
pkgsrc/net/wireshark/patches/patch-af
pkgsrc/net/wireshark/patches/patch-ag
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Mar 2 00:09:15 UTC 2011
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Removed Files:
pkgsrc/net/wireshark/patches: patch-af patch-ag
Log Message:
Update "wireshark" package to version 1.4.4. Changes since 1.4.3:
- Bug Fixes
The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.
o Huzaifa Sidhpurwala of the Red Hat Security Response Team
discovered that Wireshark could free an uninitialized pointer
while reading a malformed pcap-ng file. (Bug 5652)
Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3.
CVE-2011-0538
o Huzaifa Sidhpurwala of the Red Hat Security Response Team
discovered that a large packet length in a pcap-ng file could
crash Wireshark. (Bug 5661)
Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3.
o Wireshark could overflow a buffer while reading a Nokia DCT3
trace file. (Bug 5661)
Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3.
CVE-2011-0713
o Paul Makowski working for SEI/CERT discovered that Wireshark
on 32 bit systems could crash while reading a malformed
6LoWPAN packet. (Bug 5661)
Versions affected: 1.4.0 to 1.4.3.
o joernchen of Phenoelit discovered that the LDAP and SMB
dissectors could overflow the stack. (Bug 5717)
Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. (Prior
versions including 1.0.x are also affected.)
o Xiaopeng Zhang of Fortinet's Fortiguard Labs discovered that
large LDAP Filter strings can consume excessive amounts of
memory. (Bug 5732)
Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. (Prior
versions including 1.0.x are also affected.)
The following bugs have been fixed:
o A TCP stream would not always be recognized as the same
stream. (Bug 2907)
o Wireshark Crashing by pressing 2 Buttons. (Bug 4645)
o A crash can occur in the NTLMSSP dissector. (Bug 5157)
o The column texts from a Lua dissector could be mangled. (Bug
5326) (Bug 5630)
o Corrections to ANSI MAP ASN.1 specifications. (Bug 5584)
o When searching in packet bytes, the field and bytes are not
immediately shown. (Bug 5585)
o Malformed Packet: ULP reported when dissecting ULP SessionID
PDU. (Bug 5593)
o Wrong IEI in container of decode_gtp_mm_cntxt. (Bug 5598)
o Display filter does not work for expressions of type BASE_DEC,
BASE_DEC_HEX and BASE_HEX_DEC. (Bug 5606)
o NTLMSSP dissector may fail to compile due to space embedded in
C comment delimiters. (Bug 5614)
o Allow for name resolution of link-scope and multicast IPv6
addresses from local host file. (Bug 5615)
o DHCPv6 dissector formats DUID_LLT time incorrectly. (Bug 5627)
o Allow for IEEE 802.3bc-2009 style PoE TLVs. (Bug 5639)
o Various fixes to the HIP packet dissector. (Bug 5646)
o Display "Day of Year" for January 1 as 1, not 0. (Bug 5653)
o Accommodate the CMake build on Ubuntu 10.10. (Bug 5665)
o E.212 MCC 260 Poland update according to local national
regulatory. (Bug 5668)
o IPP on ports other than 631 not recognized. (Bug 5677)
o Potential access violation when writing to LANalyzer files.
(Bug 5698)
o IEEE 802.15.4 Superframe Specification - Final CAP Slot always
0. (Bug 5700)
o Peer SRC and DST AS numbers are swapped for cflow. (Bug 5702)
o dumpcap: -q option behavior doesn't match documentation. (Bug
5716)
- Updated Protocol Support
ANSI MAP, BitTorrent, DCM, DHCPv6, DTAP, DTPT, E.212, GSM
Management, GTP, HIP, IEEE 802.15.4, IPP, LDAP, LLDP, Netflow,
NTLMSSP, P_Mul, Quake, Skinny, SMB, SNMP, ULP
- New and Updated Capture File Support
LANalyzer, Nokia DCT3, Pcap-ng
To generate a diff of this commit:
cvs rdiff -u -r1.59 -r1.60 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.41 -r1.42 pkgsrc/net/wireshark/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/net/wireshark/patches/patch-af \
pkgsrc/net/wireshark/patches/patch-ag
pkgsrc-2010Q4 commitmail json YAML
Pullup tickets 3365 3366 3367 3369 3370
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/lang/pear/Makefile@1.14.4.1
/
diff
pkgsrc/lang/pear/distinfo@1.6.4.1 / diff
pkgsrc/lang/pear/patches/patch-aa@1.5.4.1 / diff
pkgsrc/lang/pear/distinfo@1.6.4.1 / diff
pkgsrc/lang/pear/patches/patch-aa@1.5.4.1 / diff
Pullup ticket #3370 - requested by taca
lang/pear security fix.
Revisions pulled up:
- lang/pear/Makefile 1.15
- lang/pear/distinfo 1.7
- lang/pear/patches/patch-aa 1.6
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Tue Mar 1 03:15:17 UTC 2011
Modified Files:
pkgsrc/lang/pear: Makefile distinfo
pkgsrc/lang/pear/patches: patch-aa
Log Message:
Update pear package to 1.9.2, including update of these PEAR packages
Console_GetOpt and Structures_Graph.
PEAR 1.9.2:
Release date: 2011-02-28 18:58 UTC
Changelog:
Important! This is a security fix release. The advisory can be found at
http://pear.php.net/advisory-20110228.txt
Bugs:
* Fixed Bug #17463: Regression: On Windows, svntag [patch by doconnor]
* Fixed Bug #17641: pecl-list doesn't sort packages by name [dufuz]
* Fixed Bug #17781: invalid argument warning on foreach due to an
empty optional dependencie [dufuz]
* Fixed Bug #17801: PEAR run-tests wrongly detects php-cgi [patch by
David Jean Louis (izi)]
* Fixed Bug #17839: pear svntag does not tag package.xml file [dufuz]
* Fixed Bug #17986: PEAR Installer cannot handle files moved between
packages [dufuz]
* Fixed Bug #17997: Strange output if directories are not writeable [dufuz]
* Fixed Bug #18001: PEAR/RunTest coverage fails [dufuz]
* Fixed Bug #18056 [SECURITY]: Symlink attack in PEAR install [dufuz]
* Fixed Bug #18218: "pear package" does not allow the use of late
static binding [dufuz and Christer Edvartsen]
* Fixed Bug #18238: Wrong return code from "pear help" [till]
* Fixed Bug #18308: Broken error message about missing channel
validator [yunosh]
This feature is implemented as a result of #18056
* Implemented Request #16648: Use TMPDIR for builds instead of /var/tmp [dufuz]
Console_GetOpt 1.3.0
Release date: 2010-12-11 21:23 UTC
Changelog:
* Implement Request #13140: [PATCH] to skip unknown parameters.
[patch by rquadling, improved on by dufuz]
Structures_Graph 1.0.4
Release date: 2010-10-26 04:10 UTC
Changelog:
Bugfix Release:
* Bug #17108 BasicGraph::test_directed_degree fails on PHP 5 [clockwerx]
lang/pear security fix.
Revisions pulled up:
- lang/pear/Makefile 1.15
- lang/pear/distinfo 1.7
- lang/pear/patches/patch-aa 1.6
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Tue Mar 1 03:15:17 UTC 2011
Modified Files:
pkgsrc/lang/pear: Makefile distinfo
pkgsrc/lang/pear/patches: patch-aa
Log Message:
Update pear package to 1.9.2, including update of these PEAR packages
Console_GetOpt and Structures_Graph.
PEAR 1.9.2:
Release date: 2011-02-28 18:58 UTC
Changelog:
Important! This is a security fix release. The advisory can be found at
http://pear.php.net/advisory-20110228.txt
Bugs:
* Fixed Bug #17463: Regression: On Windows, svntag [patch by doconnor]
* Fixed Bug #17641: pecl-list doesn't sort packages by name [dufuz]
* Fixed Bug #17781: invalid argument warning on foreach due to an
empty optional dependencie [dufuz]
* Fixed Bug #17801: PEAR run-tests wrongly detects php-cgi [patch by
David Jean Louis (izi)]
* Fixed Bug #17839: pear svntag does not tag package.xml file [dufuz]
* Fixed Bug #17986: PEAR Installer cannot handle files moved between
packages [dufuz]
* Fixed Bug #17997: Strange output if directories are not writeable [dufuz]
* Fixed Bug #18001: PEAR/RunTest coverage fails [dufuz]
* Fixed Bug #18056 [SECURITY]: Symlink attack in PEAR install [dufuz]
* Fixed Bug #18218: "pear package" does not allow the use of late
static binding [dufuz and Christer Edvartsen]
* Fixed Bug #18238: Wrong return code from "pear help" [till]
* Fixed Bug #18308: Broken error message about missing channel
validator [yunosh]
This feature is implemented as a result of #18056
* Implemented Request #16648: Use TMPDIR for builds instead of /var/tmp [dufuz]
Console_GetOpt 1.3.0
Release date: 2010-12-11 21:23 UTC
Changelog:
* Implement Request #13140: [PATCH] to skip unknown parameters.
[patch by rquadling, improved on by dufuz]
Structures_Graph 1.0.4
Release date: 2010-10-26 04:10 UTC
Changelog:
Bugfix Release:
* Bug #17108 BasicGraph::test_directed_degree fails on PHP 5 [clockwerx]
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/lang/python26/Makefile@1.33.2.1
/
diff
pkgsrc/lang/python26/distinfo@1.30.2.1 / diff
pkgsrc/lang/python26/patches/patch-SA43463@1.1.2.2 / diff
pkgsrc/lang/python26/distinfo@1.30.2.1 / diff
pkgsrc/lang/python26/patches/patch-SA43463@1.1.2.2 / diff
Pullup ticket #3369 - requested by tron
Security patch for "python26" package
Revisions pulled up:
- lang/python26/Makefile 1.34
- lang/python26/distinfo 1.32
- lang/python26/patches/patch-SA43463 1.1
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: tron
Date: Mon Feb 28 22:35:53 UTC 2011
Modified Files:
pkgsrc/lang/python26: Makefile distinfo
Added Files:
pkgsrc/lang/python26/patches: patch-SA43463
Log Message:
Add fix for the information disclosure vulnerability reported in SA43463
taken from the Python SVN repository.
Security patch for "python26" package
Revisions pulled up:
- lang/python26/Makefile 1.34
- lang/python26/distinfo 1.32
- lang/python26/patches/patch-SA43463 1.1
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: tron
Date: Mon Feb 28 22:35:53 UTC 2011
Modified Files:
pkgsrc/lang/python26: Makefile distinfo
Added Files:
pkgsrc/lang/python26/patches: patch-SA43463
Log Message:
Add fix for the information disclosure vulnerability reported in SA43463
taken from the Python SVN repository.
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3367 - requested by taca
net/samba33 security fix.
Revisions pulled up:
- net/samba33/Makefile 1.13
- net/samba33/distinfo 1.6
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 28 14:34:09 UTC 2011
Modified Files:
pkgsrc/net/samba33: Makefile distinfo
Log Message:
Update samba33 pacakge to 3.3.15.
Release Announcements
=====================
Samba 3.5.7, 3.4.12 and 3.3.15 are security releases in order to
address CVE-2011-0719.
o CVE-2011-0719:
All current released versions of Samba are vulnerable to
a denial of service caused by memory corruption. Range
checks on file descriptors being used in the FD_SET macro
were not present allowing stack corruption. This can cause
the Samba code to crash or to loop attempting to select
on a bad file descriptor set.
A connection to a file share, or a local account is needed
to exploit this problem, either authenticated or unauthenticated
(guest connection).
Currently we do not believe this flaw is exploitable
beyond a crash or causing the code to loop, but on the
advice of our security reviewers we are releasing fixes
in case an exploit is discovered at a later date.
Changes
-------
o Jeremy Allison <jra at samba.org>
* BUG 7949: Fix DoS in Winbind and smbd with many file descriptors open.
net/samba33 security fix.
Revisions pulled up:
- net/samba33/Makefile 1.13
- net/samba33/distinfo 1.6
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 28 14:34:09 UTC 2011
Modified Files:
pkgsrc/net/samba33: Makefile distinfo
Log Message:
Update samba33 pacakge to 3.3.15.
Release Announcements
=====================
Samba 3.5.7, 3.4.12 and 3.3.15 are security releases in order to
address CVE-2011-0719.
o CVE-2011-0719:
All current released versions of Samba are vulnerable to
a denial of service caused by memory corruption. Range
checks on file descriptors being used in the FD_SET macro
were not present allowing stack corruption. This can cause
the Samba code to crash or to loop attempting to select
on a bad file descriptor set.
A connection to a file share, or a local account is needed
to exploit this problem, either authenticated or unauthenticated
(guest connection).
Currently we do not believe this flaw is exploitable
beyond a crash or causing the code to loop, but on the
advice of our security reviewers we are releasing fixes
in case an exploit is discovered at a later date.
Changes
-------
o Jeremy Allison <jra at samba.org>
* BUG 7949: Fix DoS in Winbind and smbd with many file descriptors open.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/databases/mysql5-client/Makefile.common@1.40.2.1
/
diff
pkgsrc/databases/mysql5-client/distinfo@1.29.6.1 / diff
pkgsrc/databases/mysql5-client/patches/patch-ad@1.7.30.1 / diff
pkgsrc/databases/mysql5-client/patches/patch-af@1.8.8.1 / diff
pkgsrc/databases/mysql5-server/PLIST@1.16.8.1 / diff
pkgsrc/databases/mysql5-server/distinfo@1.25.6.1 / diff
pkgsrc/databases/mysql5-server/patches/patch-aa@1.6.8.1 / diff
pkgsrc/databases/mysql5-server/patches/patch-ag@1.8.8.1 / diff
pkgsrc/databases/mysql5-server/patches/patch-ah@1.7.8.1 / diff
pkgsrc/databases/mysql5-client/distinfo@1.29.6.1 / diff
pkgsrc/databases/mysql5-client/patches/patch-ad@1.7.30.1 / diff
pkgsrc/databases/mysql5-client/patches/patch-af@1.8.8.1 / diff
pkgsrc/databases/mysql5-server/PLIST@1.16.8.1 / diff
pkgsrc/databases/mysql5-server/distinfo@1.25.6.1 / diff
pkgsrc/databases/mysql5-server/patches/patch-aa@1.6.8.1 / diff
pkgsrc/databases/mysql5-server/patches/patch-ag@1.8.8.1 / diff
pkgsrc/databases/mysql5-server/patches/patch-ah@1.7.8.1 / diff
Pullup ticket #3366 - requested by taca
databases/mysql5-{client,server} security fixes.
Revisions pulled up:
- databases/mysql5-client/Makefile.common 1.41
- databases/mysql5-client/distinfo 1.30
- databases/mysql5-client/patches/patch-ad 1.8
- databases/mysql5-client/patches/patch-af 1.9
- databases/mysql5-server/PLIST 1.17
- databases/mysql5-server/distinfo 1.26
- databases/mysql5-server/patches/patch-aa 1.7
- databases/mysql5-server/patches/patch-ag 1.9
- databases/mysql5-server/patches/patch-ah 1.8
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Sat Feb 26 02:58:56 UTC 2011
Modified Files:
pkgsrc/databases/mysql5-client: Makefile.common distinfo
pkgsrc/databases/mysql5-client/patches: patch-ad patch-af
pkgsrc/databases/mysql5-server: PLIST distinfo
pkgsrc/databases/mysql5-server/patches: patch-aa patch-ag patch-ah
Log Message:
Update mysql5-{client,server} pacakge to 5.0.92.
Functionality added or changed:
* The time zone tables available at
http://dev.mysql.com/downloads/timezones.html have been
updated. These tables can be used on systems such as Windows or
HP-UX that do not include zoneinfo files. (Bug#40230)
Bugs fixed:
* Security Fix: During evaluation of arguments to extreme-value
functions (such as LEAST() and GREATEST()), type errors did not
propagate properly, causing the server to crash. (Bug#55826,
CVE-2010-3833)
* Security Fix: The server could crash after materializing a derived
table that required a temporary table for grouping. (Bug#55568,
CVE-2010-3834)
* Security Fix: A user-variable assignment expression that is
evaluated in a logical expression context can be precalculated in a
temporary table for GROUP BY. However, when the expression value is
used after creation of the temporary table, it was re-evaluated, not
read from the table and a server crash resulted. (Bug#55564,
CVE-2010-3835)
* Security Fix: Joins involving a table with a unique SET column could
cause a server crash. (Bug#54575, CVE-2010-3677)
* Security Fix: Pre-evaluation of LIKE predicates during view
preparation could cause a server crash. (Bug#54568, CVE-2010-3836)
* Security Fix: GROUP_CONCAT() and WITH ROLLUP together could cause a
server crash. (Bug#54476, CVE-2010-3837)
* Security Fix: Queries could cause a server crash if the GREATEST()
or LEAST() function had a mixed list of numeric and LONGBLOB
arguments, and the result of such a function was processed using an
intermediate temporary table. (Bug#54461, CVE-2010-3838)
* Security Fix: Using EXPLAIN with queries of the form SELECT
... UNION ... ORDER BY (SELECT ... WHERE ...) could cause a server
crash. (Bug#52711, CVE-2010-3682)
* InnoDB Storage Engine: Creating or dropping a table with 1023
transactions active caused an assertion failure. (Bug#49238)
* The make_binary_distribution target to make could fail on some
platforms because the lines generated were too long for the
shell. (Bug#54590)
* A client could supply data in chunks to a prepared statement
parameter other than of type TEXT or BLOB using the
mysql_stmt_send_long_data() C API function (or
COM_STMT_SEND_LONG_DATA command). This led to a crash because other
data types are not valid for long data. (Bug#54041)
* Builds of the embedded mysqld would fail due to a missing element of
the struct NET. (Bug#53908, Bug#53912)
* The definition of the MY_INIT macro in my_sys.h included an
extraneous semicolon, which could cause compilation
failure. (Bug#53906)
* If the remote server for a FEDERATED table could not be accessed,
queries for the INFORMATION_SCHEMA.TABLES table failed. (Bug#35333)
* mysqld could fail during execution when using SSL. (Bug#34236)
* Threads that were calculating the estimated number of records for a
range scan did not respond to the KILL statement. That is, if a
range join type is possible (even if not selected by the optimizer
as a join type of choice and thus not shown by EXPLAIN), the query
in the statistics state (shown by the SHOW PROCESSLIST) did not
respond to the KILL statement. (Bug#25421)
databases/mysql5-{client,server} security fixes.
Revisions pulled up:
- databases/mysql5-client/Makefile.common 1.41
- databases/mysql5-client/distinfo 1.30
- databases/mysql5-client/patches/patch-ad 1.8
- databases/mysql5-client/patches/patch-af 1.9
- databases/mysql5-server/PLIST 1.17
- databases/mysql5-server/distinfo 1.26
- databases/mysql5-server/patches/patch-aa 1.7
- databases/mysql5-server/patches/patch-ag 1.9
- databases/mysql5-server/patches/patch-ah 1.8
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Sat Feb 26 02:58:56 UTC 2011
Modified Files:
pkgsrc/databases/mysql5-client: Makefile.common distinfo
pkgsrc/databases/mysql5-client/patches: patch-ad patch-af
pkgsrc/databases/mysql5-server: PLIST distinfo
pkgsrc/databases/mysql5-server/patches: patch-aa patch-ag patch-ah
Log Message:
Update mysql5-{client,server} pacakge to 5.0.92.
Functionality added or changed:
* The time zone tables available at
http://dev.mysql.com/downloads/timezones.html have been
updated. These tables can be used on systems such as Windows or
HP-UX that do not include zoneinfo files. (Bug#40230)
Bugs fixed:
* Security Fix: During evaluation of arguments to extreme-value
functions (such as LEAST() and GREATEST()), type errors did not
propagate properly, causing the server to crash. (Bug#55826,
CVE-2010-3833)
* Security Fix: The server could crash after materializing a derived
table that required a temporary table for grouping. (Bug#55568,
CVE-2010-3834)
* Security Fix: A user-variable assignment expression that is
evaluated in a logical expression context can be precalculated in a
temporary table for GROUP BY. However, when the expression value is
used after creation of the temporary table, it was re-evaluated, not
read from the table and a server crash resulted. (Bug#55564,
CVE-2010-3835)
* Security Fix: Joins involving a table with a unique SET column could
cause a server crash. (Bug#54575, CVE-2010-3677)
* Security Fix: Pre-evaluation of LIKE predicates during view
preparation could cause a server crash. (Bug#54568, CVE-2010-3836)
* Security Fix: GROUP_CONCAT() and WITH ROLLUP together could cause a
server crash. (Bug#54476, CVE-2010-3837)
* Security Fix: Queries could cause a server crash if the GREATEST()
or LEAST() function had a mixed list of numeric and LONGBLOB
arguments, and the result of such a function was processed using an
intermediate temporary table. (Bug#54461, CVE-2010-3838)
* Security Fix: Using EXPLAIN with queries of the form SELECT
... UNION ... ORDER BY (SELECT ... WHERE ...) could cause a server
crash. (Bug#52711, CVE-2010-3682)
* InnoDB Storage Engine: Creating or dropping a table with 1023
transactions active caused an assertion failure. (Bug#49238)
* The make_binary_distribution target to make could fail on some
platforms because the lines generated were too long for the
shell. (Bug#54590)
* A client could supply data in chunks to a prepared statement
parameter other than of type TEXT or BLOB using the
mysql_stmt_send_long_data() C API function (or
COM_STMT_SEND_LONG_DATA command). This led to a crash because other
data types are not valid for long data. (Bug#54041)
* Builds of the embedded mysqld would fail due to a missing element of
the struct NET. (Bug#53908, Bug#53912)
* The definition of the MY_INIT macro in my_sys.h included an
extraneous semicolon, which could cause compilation
failure. (Bug#53906)
* If the remote server for a FEDERATED table could not be accessed,
queries for the INFORMATION_SCHEMA.TABLES table failed. (Bug#35333)
* mysqld could fail during execution when using SSL. (Bug#34236)
* Threads that were calculating the estimated number of records for a
range scan did not respond to the KILL statement. That is, if a
range join type is possible (even if not selected by the optimizer
as a join type of choice and thus not shown by EXPLAIN), the query
in the statistics state (shown by the SHOW PROCESSLIST) did not
respond to the KILL statement. (Bug#25421)
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3361.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/archivers/ruby-libarchive/Makefile@1.1.1.1.4.1
/
diff
pkgsrc/comms/ruby-termios/Makefile@1.22.4.1 / diff
pkgsrc/converters/ruby-uconv/Makefile@1.18.4.1 / diff
pkgsrc/databases/ruby-do_sqlite3/Makefile@1.1.1.1.4.1 / diff
pkgsrc/databases/ruby-ldap/Makefile@1.6.4.1 / diff
pkgsrc/databases/ruby-mysql/Makefile@1.32.4.1 / diff
pkgsrc/databases/ruby-odbc/Makefile@1.8.4.1 / diff
pkgsrc/databases/ruby-pg/Makefile@1.5.2.1 / diff
pkgsrc/databases/ruby-postgresql/Makefile@1.36.4.1 / diff
pkgsrc/databases/ruby-qdbm/Makefile@1.11.4.1 / diff
pkgsrc/databases/ruby-sqlite/Makefile@1.2.4.1 / diff
pkgsrc/databases/ruby-sqlite3/Makefile@1.14.2.1 / diff
pkgsrc/databases/ruby-tokyocabinet/Makefile@1.23.4.1 / diff
pkgsrc/devel/ruby-SDL/Makefile@1.7.4.1 / diff
pkgsrc/devel/ruby-debug-base/Makefile@1.6.2.1 / diff
pkgsrc/devel/ruby-eet/Makefile@1.7.4.1 / diff
pkgsrc/devel/ruby-eventmachine/Makefile@1.6.4.1 / diff
pkgsrc/devel/ruby-ffi/Makefile@1.2.2.1 / diff
pkgsrc/devel/ruby-gnome2-atk/Makefile@1.7.2.1 / diff
pkgsrc/devel/ruby-gnome2-bonobo/Makefile@1.10.2.1 / diff
:
(more 80 files)
pkgsrc/comms/ruby-termios/Makefile@1.22.4.1 / diff
pkgsrc/converters/ruby-uconv/Makefile@1.18.4.1 / diff
pkgsrc/databases/ruby-do_sqlite3/Makefile@1.1.1.1.4.1 / diff
pkgsrc/databases/ruby-ldap/Makefile@1.6.4.1 / diff
pkgsrc/databases/ruby-mysql/Makefile@1.32.4.1 / diff
pkgsrc/databases/ruby-odbc/Makefile@1.8.4.1 / diff
pkgsrc/databases/ruby-pg/Makefile@1.5.2.1 / diff
pkgsrc/databases/ruby-postgresql/Makefile@1.36.4.1 / diff
pkgsrc/databases/ruby-qdbm/Makefile@1.11.4.1 / diff
pkgsrc/databases/ruby-sqlite/Makefile@1.2.4.1 / diff
pkgsrc/databases/ruby-sqlite3/Makefile@1.14.2.1 / diff
pkgsrc/databases/ruby-tokyocabinet/Makefile@1.23.4.1 / diff
pkgsrc/devel/ruby-SDL/Makefile@1.7.4.1 / diff
pkgsrc/devel/ruby-debug-base/Makefile@1.6.2.1 / diff
pkgsrc/devel/ruby-eet/Makefile@1.7.4.1 / diff
pkgsrc/devel/ruby-eventmachine/Makefile@1.6.4.1 / diff
pkgsrc/devel/ruby-ffi/Makefile@1.2.2.1 / diff
pkgsrc/devel/ruby-gnome2-atk/Makefile@1.7.2.1 / diff
pkgsrc/devel/ruby-gnome2-bonobo/Makefile@1.10.2.1 / diff
:
(more 80 files)
Pullup ticket #%d - requested by %s
archivers/ruby-libarchive: dependence update
comms/ruby-termios: dependence update
converters/ruby-uconv: dependence update
databases/ruby-do_sqlite3: dependence update
databases/ruby-ldap: dependence update
databases/ruby-mysql: dependence update
databases/ruby-odbc: dependence update
databases/ruby-pg: dependence update
databases/ruby-postgresql: dependence update
databases/ruby-qdbm: dependence update
databases/ruby-sqlite: dependence update
databases/ruby-sqlite3: dependence update
databases/ruby-tokyocabinet: dependence update
devel/ruby-SDL: dependence update
devel/ruby-debug-base: dependence update
devel/ruby-eet: dependence update
devel/ruby-eventmachine: dependence update
devel/ruby-ffi: dependence update
devel/ruby-gnome2-atk: dependence update
devel/ruby-gnome2-bonobo: dependence update
devel/ruby-gnome2-bonoboui: dependence update
devel/ruby-gnome2-gconf: dependence update
devel/ruby-gnome2-gio: dependence update
devel/ruby-gnome2-glib: dependence update
devel/ruby-gnome2-libglade: dependence update
devel/ruby-gnome2-pango: dependence update
devel/ruby-linecache: dependence update
devel/ruby-memcache: dependence update
devel/ruby-ncurses: dependence update
devel/ruby-priority-queue: dependence update
devel/ruby-racc: dependence update
devel/ruby-rbtree: dependence update
devel/ruby-rcov: dependence update
devel/ruby-rcsparse: dependence update
devel/ruby-subversion: dependence update
devel/ruby-thrift: dependence update
graphics/ruby-RMagick: dependence update
graphics/ruby-clutter-cairo: dependence update
graphics/ruby-clutter-core: dependence update
graphics/ruby-clutter-gtk: dependence update
graphics/ruby-gd: dependence update
graphics/ruby-gnome2-gdkpixbuf: dependence update
graphics/ruby-gnome2-gnomecanvas: dependence update
graphics/ruby-gnome2-goocanvas: dependence update
graphics/ruby-gnome2-gtkglext: dependence update
graphics/ruby-gnome2-libart: dependence update
graphics/ruby-gnome2-rsvg: dependence update
graphics/ruby-imlib2: dependence update
graphics/ruby-opengl: dependence update
graphics/ruby-rcairo: dependence update
inputmethod/ruby-zinnia: dependence update
lang/ruby: dependence update
lang/ruby18-base: security update
lang/ruby19-base: security update
mail/ruby-tmail: dependence update
math/ruby-rb-gsl: dependence update
multimedia/ruby-clutter-gst: dependence update
multimedia/ruby-gnome2-gstreamer: dependence update
multimedia/ruby-ming: dependence update
print/ruby-gnome2-gnomeprint: dependence update
print/ruby-gnome2-gnomeprintui: dependence update
print/ruby-gnome2-poppler: dependence update
security/ruby-password: dependence update
security/ruby-tcpwrap: dependence update
sysutils/ruby-quota: dependence update
textproc/ruby-bluecloth: dependence update
textproc/ruby-cabocha: dependence update
textproc/ruby-eruby: dependence update
textproc/ruby-ferret: dependence update
textproc/ruby-hpricot: dependence update
textproc/ruby-itex2MML: dependence update
textproc/ruby-json: dependence update
textproc/ruby-libxml: dependence update
textproc/ruby-mecab: dependence update
textproc/ruby-native-hyperestraier: dependence update
textproc/ruby-nokogiri: dependence update
textproc/ruby-oniguruma: dependence update
textproc/ruby-redcloth: dependence update
textproc/ruby-sary: dependence update
textproc/ruby-xmlparser: dependence update
textproc/ruby-xslt: dependence update
textproc/ruby-yamcha: dependence update
www/mongrel: dependence update
www/ruby-clearsilver: dependence update
www/ruby-fcgi: dependence update
www/ruby-gnome2-gtkhtml2: dependence update
www/ruby-gnome2-gtkmozembed: dependence update
www/ruby-patron: dependence update
www/thin: dependence update
x11/ruby-gnome2-gnome: dependence update
x11/ruby-gnome2-gtk: dependence update
x11/ruby-gnome2-gtksourceview: dependence update
x11/ruby-gnome2-gtksourceview2: dependence update
x11/ruby-gnome2-panelapplet: dependence update
x11/ruby-gnome2-vte: dependence update
Revisions pulled up:
- archivers/ruby-libarchive/Makefile 1.2
- comms/ruby-termios/Makefile 1.23
- converters/ruby-uconv/Makefile 1.19
- databases/ruby-do_sqlite3/Makefile 1.2
- databases/ruby-ldap/Makefile 1.7
- databases/ruby-mysql/Makefile 1.34 via patch
- databases/ruby-odbc/Makefile 1.10 via patch
- databases/ruby-pg/Makefile 1.6
- databases/ruby-postgresql/Makefile 1.37
- databases/ruby-qdbm/Makefile 1.12
- databases/ruby-sqlite/Makefile 1.3
- databases/ruby-sqlite3/Makefile 1.15
- databases/ruby-tokyocabinet/Makefile 1.24
- devel/ruby-SDL/Makefile 1.9 via patch
- devel/ruby-debug-base/Makefile 1.7
- devel/ruby-eet/Makefile 1.8
- devel/ruby-eventmachine/Makefile 1.7
- devel/ruby-ffi/Makefile 1.3
- devel/ruby-gnome2-atk/Makefile 1.8
- devel/ruby-gnome2-bonobo/Makefile patch
- devel/ruby-gnome2-bonoboui/Makefile patch
- devel/ruby-gnome2-gconf/Makefile patch
- devel/ruby-gnome2-gio/Makefile 1.3 via patch
- devel/ruby-gnome2-glib/Makefile 1.11
- devel/ruby-gnome2-libglade/Makefile patch
- devel/ruby-gnome2-pango/Makefile 1.18 via patch
- devel/ruby-linecache/Makefile 1.5
- devel/ruby-memcache/Makefile 1.4
- devel/ruby-ncurses/Makefile 1.9
- devel/ruby-priority-queue/Makefile 1.6
- devel/ruby-racc/Makefile 1.18
- devel/ruby-rbtree/Makefile 1.6
- devel/ruby-rcov/Makefile 1.5
- devel/ruby-rcsparse/Makefile 1.10
- devel/ruby-subversion/Makefile 1.28
- devel/ruby-thrift/Makefile 1.4 via patch
- graphics/ruby-RMagick/Makefile 1.76 via patch
- graphics/ruby-clutter-cairo/Makefile 1.8 via patch
- graphics/ruby-clutter-core/Makefile 1.11 via patch
- graphics/ruby-clutter-gtk/Makefile 1.8 via patch
- graphics/ruby-gd/Makefile 1.34 via patch
- graphics/ruby-gnome2-gdkpixbuf/Makefile 1.20 via patch
- graphics/ruby-gnome2-gnomecanvas/Makefile patch
- graphics/ruby-gnome2-goocanvas/Makefile 1.12 via patch
- graphics/ruby-gnome2-gtkglext/Makefile patch
- graphics/ruby-gnome2-libart/Makefile patch
- graphics/ruby-gnome2-rsvg/Makefile 1.21 va patch
- graphics/ruby-imlib2/Makefile 1.24 va patch
- graphics/ruby-opengl/Makefile 1.31
- graphics/ruby-rcairo/Makefile 1.22 via patch
- inputmethod/ruby-zinnia/Makefile 1.3
- lang/ruby/buildlink3.mk 1.13
- lang/ruby/rubyversion.mk 1.58-1.59
- lang/ruby18-base/distinfo 1.47
- lang/ruby19-base/DEINSTALL 1.2
- lang/ruby19-base/Makefile 1.7
- lang/ruby19-base/PLIST 1.4
- lang/ruby19-base/distinfo 1.4
- lang/ruby19-base/patches/patch-string.c 1.1
- mail/ruby-tmail/Makefile 1.19
- math/ruby-rb-gsl/Makefile 1.9
- multimedia/ruby-clutter-gst/Makefile 1.9 via patch
- multimedia/ruby-gnome2-gstreamer/Makefile 1.7
- multimedia/ruby-ming/Makefile 1.15 via patch
- print/ruby-gnome2-gnomeprint/Makefile patch
- print/ruby-gnome2-gnomeprintui/Makefile patch
- print/ruby-gnome2-poppler/Makefile 1.19 via patch
- security/ruby-password/Makefile 1.5
- security/ruby-tcpwrap/Makefile 1.18
- sysutils/ruby-quota/Makefile 1.21
- textproc/ruby-bluecloth/Makefile 1.5
- textproc/ruby-cabocha/Makefile 1.3
- textproc/ruby-eruby/Makefile 1.26
- textproc/ruby-ferret/Makefile 1.6
- textproc/ruby-hpricot/Makefile 1.8
- textproc/ruby-itex2MML/Makefile 1.7
- textproc/ruby-json/Makefile 1.9
- textproc/ruby-libxml/Makefile 1.7
- textproc/ruby-mecab/Makefile 1.6
- textproc/ruby-native-hyperestraier/Makefile 1.6
- textproc/ruby-nokogiri/Makefile 1.4
- textproc/ruby-oniguruma/Makefile 1.6
- textproc/ruby-redcloth/Makefile 1.14
- textproc/ruby-sary/Makefile 1.7
- textproc/ruby-xmlparser/Makefile 1.15
- textproc/ruby-xslt/Makefile 1.7
- textproc/ruby-yamcha/Makefile 1.3
- www/mongrel/Makefile 1.13 via patch
- www/ruby-clearsilver/Makefile 1.15
- www/ruby-fcgi/Makefile 1.15
- www/ruby-gnome2-gtkhtml2/Makefile patch
- www/ruby-gnome2-gtkmozembed/Makefile 1.17 via patch
- www/ruby-patron/Makefile 1.5
- www/thin/Makefile 1.8 via patch
- x11/ruby-gnome2-gtk/Makefile 1.25 via patch
- x11/ruby-gnome2-gtksourceview/Makefile patch via 1.12
- x11/ruby-gnome2-gtksourceview2/Makefile patch
- x11/ruby-gnome2-panelapplet/Makefile patch
- x11/ruby-gnome2-vte/Makefile 1.16 via patch
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 14:31:06 UTC 2011
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
Log Message:
* Start upate of ruby18 and ruby19 packags.
* Remove redundant GEM_HOME definition from PLIST.
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 14:35:38 UTC 2011
Modified Files:
pkgsrc/lang/ruby18-base: distinfo
Log Message:
Update ruby18-base package to 1.8.7.334 (Ruby 1.8.7p334).
* The FileUtils Vulnerability
http://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/
* The $SAFE Vulnerability
Fri Feb 18 21:18:55 2011 Shugo Maeda <shugo@ruby-lang.org>
* test/ruby/test_exception.rb (TestException::test_to_s_taintness_propagation):
Test for below.
Fri Feb 18 21:18:55 2011 URABE Shyouhei <shyouhei@ruby-lang.org>
* error.c (exc_to_s): untainted strings can be tainted via
Exception#to_s, which enables attackers to overwrite sane strings.
Reported by: Yusuke Endoh <mame at tsg.ne.jp>.
* error.c (name_err_to_s): ditto.
Fri Feb 18 21:17:22 2011 Shugo Maeda <shugo@ruby-lang.org>
* lib/fileutils.rb (FileUtils::remove_entry_secure): there is a
race condition in the case where the given path is a directory,
and some other user can move that directory, and create a
symlink while this method is executing.
Reported by: Nicholas Jefferson <nicholas at pythonic.com.au>
Fri Feb 18 19:46:46 2011 NAKAMURA Usaku <usa@ruby-lang.org>
* win32/win32.c (init_stdhandle): backport mistake of r29382.
some code are needless in ruby 1.8.
[ruby-core:34579]
Fri Feb 18 19:22:17 2011 URABE Shyouhei <shyouhei@ruby-lang.org>
* configure.in: revert revision r29854. This revision introduced
binary incompatibilities on some circumstances. The bug that
revision was fixing gets reopened by this reversion.
[ruby-dev:43152] cf. [Bug #2553]
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 14:44:11 UTC 2011
Modified Files:
pkgsrc/lang/ruby19-base: DEINSTALL Makefile PLIST distinfo
Added Files:
pkgsrc/lang/ruby19-base/patches: patch-string.c
Log Message:
Update ruby19-base package to 1.9.2pl180 (Ruby 1.9.2 p180).
* The FileUtils Vulnerability
http://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/
* Add a patch r30779 from repository; a bug of utf-8 string handling.
For more detail changes of Ruby 1.9.2pl180, please refer:
http://svn.ruby-lang.org/repos/ruby/tags/v1_9_2_180/ChangeLog
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 15:00:34 UTC 2011
Modified Files:
pkgsrc/lang/ruby: buildlink3.mk rubyversion.mk
Log Message:
Introduce RUBY_ABI_VERSION and use it BUILDLINK_ABI_DEPENDS.
There are ABI incompatibility amaong Ruby 1.8.7 patchlevel 302, 330 and 334,
So it would be handle if such problem in future.
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:01:24 UTC 2011
Modified Files:
pkgsrc/archivers/ruby-libarchive: Makefile
pkgsrc/comms/ruby-termios: Makefile
pkgsrc/converters/ruby-uconv: Makefile
pkgsrc/databases/ruby-do_sqlite3: Makefile
pkgsrc/databases/ruby-ldap: Makefile
pkgsrc/databases/ruby-mysql: Makefile
pkgsrc/databases/ruby-odbc: Makefile
pkgsrc/databases/ruby-pg: Makefile
pkgsrc/databases/ruby-postgresql: Makefile
pkgsrc/databases/ruby-qdbm: Makefile
pkgsrc/databases/ruby-sqlite: Makefile
pkgsrc/databases/ruby-sqlite3: Makefile
pkgsrc/databases/ruby-tokyocabinet: Makefile
pkgsrc/devel/ruby-SDL: Makefile
pkgsrc/devel/ruby-debug-base: Makefile
pkgsrc/devel/ruby-eet: Makefile
pkgsrc/devel/ruby-eventmachine: Makefile
pkgsrc/devel/ruby-ffi: Makefile
pkgsrc/devel/ruby-gnome2-atk: Makefile
pkgsrc/devel/ruby-gnome2-gio: Makefile
pkgsrc/devel/ruby-gnome2-glib: Makefile
pkgsrc/devel/ruby-gnome2-pango: Makefile
pkgsrc/devel/ruby-linecache: Makefile
pkgsrc/devel/ruby-memcache: Makefile
pkgsrc/devel/ruby-ncurses: Makefile
pkgsrc/devel/ruby-priority-queue: Makefile
pkgsrc/devel/ruby-racc: Makefile
pkgsrc/devel/ruby-rbtree: Makefile
pkgsrc/devel/ruby-rcov: Makefile
pkgsrc/devel/ruby-rcsparse: Makefile
pkgsrc/devel/ruby-subversion: Makefile
pkgsrc/devel/ruby-thrift: Makefile
pkgsrc/graphics/ruby-RMagick: Makefile
pkgsrc/graphics/ruby-clutter-cairo: Makefile
pkgsrc/graphics/ruby-clutter-core: Makefile
pkgsrc/graphics/ruby-clutter-gtk: Makefile
pkgsrc/graphics/ruby-gd: Makefile
pkgsrc/graphics/ruby-gnome2-gdkpixbuf: Makefile
pkgsrc/graphics/ruby-gnome2-goocanvas: Makefile
pkgsrc/graphics/ruby-gnome2-rsvg: Makefile
pkgsrc/graphics/ruby-imlib2: Makefile
pkgsrc/graphics/ruby-opengl: Makefile
pkgsrc/graphics/ruby-rcairo: Makefile
pkgsrc/inputmethod/ruby-zinnia: Makefile
pkgsrc/mail/ruby-tmail: Makefile
pkgsrc/math/ruby-rb-gsl: Makefile
pkgsrc/multimedia/ruby-clutter-gst: Makefile
pkgsrc/multimedia/ruby-gnome2-gstreamer: Makefile
pkgsrc/multimedia/ruby-ming: Makefile
pkgsrc/print/ruby-gnome2-poppler: Makefile
pkgsrc/security/ruby-password: Makefile
pkgsrc/security/ruby-tcpwrap: Makefile
pkgsrc/sysutils/ruby-quota: Makefile
pkgsrc/textproc/ruby-bluecloth: Makefile
pkgsrc/textproc/ruby-cabocha: Makefile
pkgsrc/textproc/ruby-eruby: Makefile
pkgsrc/textproc/ruby-ferret: Makefile
pkgsrc/textproc/ruby-hpricot: Makefile
pkgsrc/textproc/ruby-itex2MML: Makefile
pkgsrc/textproc/ruby-json: Makefile
pkgsrc/textproc/ruby-libxml: Makefile
pkgsrc/textproc/ruby-mecab: Makefile
pkgsrc/textproc/ruby-native-hyperestraier: Makefile
pkgsrc/textproc/ruby-nokogiri: Makefile
pkgsrc/textproc/ruby-oniguruma: Makefile
pkgsrc/textproc/ruby-redcloth: Makefile
pkgsrc/textproc/ruby-sary: Makefile
pkgsrc/textproc/ruby-xmlparser: Makefile
pkgsrc/textproc/ruby-xslt: Makefile
pkgsrc/textproc/ruby-yamcha: Makefile
pkgsrc/www/mongrel: Makefile
pkgsrc/www/ruby-clearsilver: Makefile
pkgsrc/www/ruby-fcgi: Makefile
pkgsrc/www/ruby-gnome2-gtkmozembed: Makefile
pkgsrc/www/ruby-patron: Makefile
pkgsrc/www/thin: Makefile
pkgsrc/x11/ruby-gnome2-gtk: Makefile
pkgsrc/x11/ruby-gnome2-gtksourceview2: Makefile
pkgsrc/x11/ruby-gnome2-vte: Makefile
Log Message:
Bump PKGREVISION due to ABI change of ruby18-base.
archivers/ruby-libarchive: dependence update
comms/ruby-termios: dependence update
converters/ruby-uconv: dependence update
databases/ruby-do_sqlite3: dependence update
databases/ruby-ldap: dependence update
databases/ruby-mysql: dependence update
databases/ruby-odbc: dependence update
databases/ruby-pg: dependence update
databases/ruby-postgresql: dependence update
databases/ruby-qdbm: dependence update
databases/ruby-sqlite: dependence update
databases/ruby-sqlite3: dependence update
databases/ruby-tokyocabinet: dependence update
devel/ruby-SDL: dependence update
devel/ruby-debug-base: dependence update
devel/ruby-eet: dependence update
devel/ruby-eventmachine: dependence update
devel/ruby-ffi: dependence update
devel/ruby-gnome2-atk: dependence update
devel/ruby-gnome2-bonobo: dependence update
devel/ruby-gnome2-bonoboui: dependence update
devel/ruby-gnome2-gconf: dependence update
devel/ruby-gnome2-gio: dependence update
devel/ruby-gnome2-glib: dependence update
devel/ruby-gnome2-libglade: dependence update
devel/ruby-gnome2-pango: dependence update
devel/ruby-linecache: dependence update
devel/ruby-memcache: dependence update
devel/ruby-ncurses: dependence update
devel/ruby-priority-queue: dependence update
devel/ruby-racc: dependence update
devel/ruby-rbtree: dependence update
devel/ruby-rcov: dependence update
devel/ruby-rcsparse: dependence update
devel/ruby-subversion: dependence update
devel/ruby-thrift: dependence update
graphics/ruby-RMagick: dependence update
graphics/ruby-clutter-cairo: dependence update
graphics/ruby-clutter-core: dependence update
graphics/ruby-clutter-gtk: dependence update
graphics/ruby-gd: dependence update
graphics/ruby-gnome2-gdkpixbuf: dependence update
graphics/ruby-gnome2-gnomecanvas: dependence update
graphics/ruby-gnome2-goocanvas: dependence update
graphics/ruby-gnome2-gtkglext: dependence update
graphics/ruby-gnome2-libart: dependence update
graphics/ruby-gnome2-rsvg: dependence update
graphics/ruby-imlib2: dependence update
graphics/ruby-opengl: dependence update
graphics/ruby-rcairo: dependence update
inputmethod/ruby-zinnia: dependence update
lang/ruby: dependence update
lang/ruby18-base: security update
lang/ruby19-base: security update
mail/ruby-tmail: dependence update
math/ruby-rb-gsl: dependence update
multimedia/ruby-clutter-gst: dependence update
multimedia/ruby-gnome2-gstreamer: dependence update
multimedia/ruby-ming: dependence update
print/ruby-gnome2-gnomeprint: dependence update
print/ruby-gnome2-gnomeprintui: dependence update
print/ruby-gnome2-poppler: dependence update
security/ruby-password: dependence update
security/ruby-tcpwrap: dependence update
sysutils/ruby-quota: dependence update
textproc/ruby-bluecloth: dependence update
textproc/ruby-cabocha: dependence update
textproc/ruby-eruby: dependence update
textproc/ruby-ferret: dependence update
textproc/ruby-hpricot: dependence update
textproc/ruby-itex2MML: dependence update
textproc/ruby-json: dependence update
textproc/ruby-libxml: dependence update
textproc/ruby-mecab: dependence update
textproc/ruby-native-hyperestraier: dependence update
textproc/ruby-nokogiri: dependence update
textproc/ruby-oniguruma: dependence update
textproc/ruby-redcloth: dependence update
textproc/ruby-sary: dependence update
textproc/ruby-xmlparser: dependence update
textproc/ruby-xslt: dependence update
textproc/ruby-yamcha: dependence update
www/mongrel: dependence update
www/ruby-clearsilver: dependence update
www/ruby-fcgi: dependence update
www/ruby-gnome2-gtkhtml2: dependence update
www/ruby-gnome2-gtkmozembed: dependence update
www/ruby-patron: dependence update
www/thin: dependence update
x11/ruby-gnome2-gnome: dependence update
x11/ruby-gnome2-gtk: dependence update
x11/ruby-gnome2-gtksourceview: dependence update
x11/ruby-gnome2-gtksourceview2: dependence update
x11/ruby-gnome2-panelapplet: dependence update
x11/ruby-gnome2-vte: dependence update
Revisions pulled up:
- archivers/ruby-libarchive/Makefile 1.2
- comms/ruby-termios/Makefile 1.23
- converters/ruby-uconv/Makefile 1.19
- databases/ruby-do_sqlite3/Makefile 1.2
- databases/ruby-ldap/Makefile 1.7
- databases/ruby-mysql/Makefile 1.34 via patch
- databases/ruby-odbc/Makefile 1.10 via patch
- databases/ruby-pg/Makefile 1.6
- databases/ruby-postgresql/Makefile 1.37
- databases/ruby-qdbm/Makefile 1.12
- databases/ruby-sqlite/Makefile 1.3
- databases/ruby-sqlite3/Makefile 1.15
- databases/ruby-tokyocabinet/Makefile 1.24
- devel/ruby-SDL/Makefile 1.9 via patch
- devel/ruby-debug-base/Makefile 1.7
- devel/ruby-eet/Makefile 1.8
- devel/ruby-eventmachine/Makefile 1.7
- devel/ruby-ffi/Makefile 1.3
- devel/ruby-gnome2-atk/Makefile 1.8
- devel/ruby-gnome2-bonobo/Makefile patch
- devel/ruby-gnome2-bonoboui/Makefile patch
- devel/ruby-gnome2-gconf/Makefile patch
- devel/ruby-gnome2-gio/Makefile 1.3 via patch
- devel/ruby-gnome2-glib/Makefile 1.11
- devel/ruby-gnome2-libglade/Makefile patch
- devel/ruby-gnome2-pango/Makefile 1.18 via patch
- devel/ruby-linecache/Makefile 1.5
- devel/ruby-memcache/Makefile 1.4
- devel/ruby-ncurses/Makefile 1.9
- devel/ruby-priority-queue/Makefile 1.6
- devel/ruby-racc/Makefile 1.18
- devel/ruby-rbtree/Makefile 1.6
- devel/ruby-rcov/Makefile 1.5
- devel/ruby-rcsparse/Makefile 1.10
- devel/ruby-subversion/Makefile 1.28
- devel/ruby-thrift/Makefile 1.4 via patch
- graphics/ruby-RMagick/Makefile 1.76 via patch
- graphics/ruby-clutter-cairo/Makefile 1.8 via patch
- graphics/ruby-clutter-core/Makefile 1.11 via patch
- graphics/ruby-clutter-gtk/Makefile 1.8 via patch
- graphics/ruby-gd/Makefile 1.34 via patch
- graphics/ruby-gnome2-gdkpixbuf/Makefile 1.20 via patch
- graphics/ruby-gnome2-gnomecanvas/Makefile patch
- graphics/ruby-gnome2-goocanvas/Makefile 1.12 via patch
- graphics/ruby-gnome2-gtkglext/Makefile patch
- graphics/ruby-gnome2-libart/Makefile patch
- graphics/ruby-gnome2-rsvg/Makefile 1.21 va patch
- graphics/ruby-imlib2/Makefile 1.24 va patch
- graphics/ruby-opengl/Makefile 1.31
- graphics/ruby-rcairo/Makefile 1.22 via patch
- inputmethod/ruby-zinnia/Makefile 1.3
- lang/ruby/buildlink3.mk 1.13
- lang/ruby/rubyversion.mk 1.58-1.59
- lang/ruby18-base/distinfo 1.47
- lang/ruby19-base/DEINSTALL 1.2
- lang/ruby19-base/Makefile 1.7
- lang/ruby19-base/PLIST 1.4
- lang/ruby19-base/distinfo 1.4
- lang/ruby19-base/patches/patch-string.c 1.1
- mail/ruby-tmail/Makefile 1.19
- math/ruby-rb-gsl/Makefile 1.9
- multimedia/ruby-clutter-gst/Makefile 1.9 via patch
- multimedia/ruby-gnome2-gstreamer/Makefile 1.7
- multimedia/ruby-ming/Makefile 1.15 via patch
- print/ruby-gnome2-gnomeprint/Makefile patch
- print/ruby-gnome2-gnomeprintui/Makefile patch
- print/ruby-gnome2-poppler/Makefile 1.19 via patch
- security/ruby-password/Makefile 1.5
- security/ruby-tcpwrap/Makefile 1.18
- sysutils/ruby-quota/Makefile 1.21
- textproc/ruby-bluecloth/Makefile 1.5
- textproc/ruby-cabocha/Makefile 1.3
- textproc/ruby-eruby/Makefile 1.26
- textproc/ruby-ferret/Makefile 1.6
- textproc/ruby-hpricot/Makefile 1.8
- textproc/ruby-itex2MML/Makefile 1.7
- textproc/ruby-json/Makefile 1.9
- textproc/ruby-libxml/Makefile 1.7
- textproc/ruby-mecab/Makefile 1.6
- textproc/ruby-native-hyperestraier/Makefile 1.6
- textproc/ruby-nokogiri/Makefile 1.4
- textproc/ruby-oniguruma/Makefile 1.6
- textproc/ruby-redcloth/Makefile 1.14
- textproc/ruby-sary/Makefile 1.7
- textproc/ruby-xmlparser/Makefile 1.15
- textproc/ruby-xslt/Makefile 1.7
- textproc/ruby-yamcha/Makefile 1.3
- www/mongrel/Makefile 1.13 via patch
- www/ruby-clearsilver/Makefile 1.15
- www/ruby-fcgi/Makefile 1.15
- www/ruby-gnome2-gtkhtml2/Makefile patch
- www/ruby-gnome2-gtkmozembed/Makefile 1.17 via patch
- www/ruby-patron/Makefile 1.5
- www/thin/Makefile 1.8 via patch
- x11/ruby-gnome2-gtk/Makefile 1.25 via patch
- x11/ruby-gnome2-gtksourceview/Makefile patch via 1.12
- x11/ruby-gnome2-gtksourceview2/Makefile patch
- x11/ruby-gnome2-panelapplet/Makefile patch
- x11/ruby-gnome2-vte/Makefile 1.16 via patch
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 14:31:06 UTC 2011
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
Log Message:
* Start upate of ruby18 and ruby19 packags.
* Remove redundant GEM_HOME definition from PLIST.
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 14:35:38 UTC 2011
Modified Files:
pkgsrc/lang/ruby18-base: distinfo
Log Message:
Update ruby18-base package to 1.8.7.334 (Ruby 1.8.7p334).
* The FileUtils Vulnerability
http://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/
* The $SAFE Vulnerability
Fri Feb 18 21:18:55 2011 Shugo Maeda <shugo@ruby-lang.org>
* test/ruby/test_exception.rb (TestException::test_to_s_taintness_propagation):
Test for below.
Fri Feb 18 21:18:55 2011 URABE Shyouhei <shyouhei@ruby-lang.org>
* error.c (exc_to_s): untainted strings can be tainted via
Exception#to_s, which enables attackers to overwrite sane strings.
Reported by: Yusuke Endoh <mame at tsg.ne.jp>.
* error.c (name_err_to_s): ditto.
Fri Feb 18 21:17:22 2011 Shugo Maeda <shugo@ruby-lang.org>
* lib/fileutils.rb (FileUtils::remove_entry_secure): there is a
race condition in the case where the given path is a directory,
and some other user can move that directory, and create a
symlink while this method is executing.
Reported by: Nicholas Jefferson <nicholas at pythonic.com.au>
Fri Feb 18 19:46:46 2011 NAKAMURA Usaku <usa@ruby-lang.org>
* win32/win32.c (init_stdhandle): backport mistake of r29382.
some code are needless in ruby 1.8.
[ruby-core:34579]
Fri Feb 18 19:22:17 2011 URABE Shyouhei <shyouhei@ruby-lang.org>
* configure.in: revert revision r29854. This revision introduced
binary incompatibilities on some circumstances. The bug that
revision was fixing gets reopened by this reversion.
[ruby-dev:43152] cf. [Bug #2553]
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 14:44:11 UTC 2011
Modified Files:
pkgsrc/lang/ruby19-base: DEINSTALL Makefile PLIST distinfo
Added Files:
pkgsrc/lang/ruby19-base/patches: patch-string.c
Log Message:
Update ruby19-base package to 1.9.2pl180 (Ruby 1.9.2 p180).
* The FileUtils Vulnerability
http://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/
* Add a patch r30779 from repository; a bug of utf-8 string handling.
For more detail changes of Ruby 1.9.2pl180, please refer:
http://svn.ruby-lang.org/repos/ruby/tags/v1_9_2_180/ChangeLog
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 15:00:34 UTC 2011
Modified Files:
pkgsrc/lang/ruby: buildlink3.mk rubyversion.mk
Log Message:
Introduce RUBY_ABI_VERSION and use it BUILDLINK_ABI_DEPENDS.
There are ABI incompatibility amaong Ruby 1.8.7 patchlevel 302, 330 and 334,
So it would be handle if such problem in future.
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:01:24 UTC 2011
Modified Files:
pkgsrc/archivers/ruby-libarchive: Makefile
pkgsrc/comms/ruby-termios: Makefile
pkgsrc/converters/ruby-uconv: Makefile
pkgsrc/databases/ruby-do_sqlite3: Makefile
pkgsrc/databases/ruby-ldap: Makefile
pkgsrc/databases/ruby-mysql: Makefile
pkgsrc/databases/ruby-odbc: Makefile
pkgsrc/databases/ruby-pg: Makefile
pkgsrc/databases/ruby-postgresql: Makefile
pkgsrc/databases/ruby-qdbm: Makefile
pkgsrc/databases/ruby-sqlite: Makefile
pkgsrc/databases/ruby-sqlite3: Makefile
pkgsrc/databases/ruby-tokyocabinet: Makefile
pkgsrc/devel/ruby-SDL: Makefile
pkgsrc/devel/ruby-debug-base: Makefile
pkgsrc/devel/ruby-eet: Makefile
pkgsrc/devel/ruby-eventmachine: Makefile
pkgsrc/devel/ruby-ffi: Makefile
pkgsrc/devel/ruby-gnome2-atk: Makefile
pkgsrc/devel/ruby-gnome2-gio: Makefile
pkgsrc/devel/ruby-gnome2-glib: Makefile
pkgsrc/devel/ruby-gnome2-pango: Makefile
pkgsrc/devel/ruby-linecache: Makefile
pkgsrc/devel/ruby-memcache: Makefile
pkgsrc/devel/ruby-ncurses: Makefile
pkgsrc/devel/ruby-priority-queue: Makefile
pkgsrc/devel/ruby-racc: Makefile
pkgsrc/devel/ruby-rbtree: Makefile
pkgsrc/devel/ruby-rcov: Makefile
pkgsrc/devel/ruby-rcsparse: Makefile
pkgsrc/devel/ruby-subversion: Makefile
pkgsrc/devel/ruby-thrift: Makefile
pkgsrc/graphics/ruby-RMagick: Makefile
pkgsrc/graphics/ruby-clutter-cairo: Makefile
pkgsrc/graphics/ruby-clutter-core: Makefile
pkgsrc/graphics/ruby-clutter-gtk: Makefile
pkgsrc/graphics/ruby-gd: Makefile
pkgsrc/graphics/ruby-gnome2-gdkpixbuf: Makefile
pkgsrc/graphics/ruby-gnome2-goocanvas: Makefile
pkgsrc/graphics/ruby-gnome2-rsvg: Makefile
pkgsrc/graphics/ruby-imlib2: Makefile
pkgsrc/graphics/ruby-opengl: Makefile
pkgsrc/graphics/ruby-rcairo: Makefile
pkgsrc/inputmethod/ruby-zinnia: Makefile
pkgsrc/mail/ruby-tmail: Makefile
pkgsrc/math/ruby-rb-gsl: Makefile
pkgsrc/multimedia/ruby-clutter-gst: Makefile
pkgsrc/multimedia/ruby-gnome2-gstreamer: Makefile
pkgsrc/multimedia/ruby-ming: Makefile
pkgsrc/print/ruby-gnome2-poppler: Makefile
pkgsrc/security/ruby-password: Makefile
pkgsrc/security/ruby-tcpwrap: Makefile
pkgsrc/sysutils/ruby-quota: Makefile
pkgsrc/textproc/ruby-bluecloth: Makefile
pkgsrc/textproc/ruby-cabocha: Makefile
pkgsrc/textproc/ruby-eruby: Makefile
pkgsrc/textproc/ruby-ferret: Makefile
pkgsrc/textproc/ruby-hpricot: Makefile
pkgsrc/textproc/ruby-itex2MML: Makefile
pkgsrc/textproc/ruby-json: Makefile
pkgsrc/textproc/ruby-libxml: Makefile
pkgsrc/textproc/ruby-mecab: Makefile
pkgsrc/textproc/ruby-native-hyperestraier: Makefile
pkgsrc/textproc/ruby-nokogiri: Makefile
pkgsrc/textproc/ruby-oniguruma: Makefile
pkgsrc/textproc/ruby-redcloth: Makefile
pkgsrc/textproc/ruby-sary: Makefile
pkgsrc/textproc/ruby-xmlparser: Makefile
pkgsrc/textproc/ruby-xslt: Makefile
pkgsrc/textproc/ruby-yamcha: Makefile
pkgsrc/www/mongrel: Makefile
pkgsrc/www/ruby-clearsilver: Makefile
pkgsrc/www/ruby-fcgi: Makefile
pkgsrc/www/ruby-gnome2-gtkmozembed: Makefile
pkgsrc/www/ruby-patron: Makefile
pkgsrc/www/thin: Makefile
pkgsrc/x11/ruby-gnome2-gtk: Makefile
pkgsrc/x11/ruby-gnome2-gtksourceview2: Makefile
pkgsrc/x11/ruby-gnome2-vte: Makefile
Log Message:
Bump PKGREVISION due to ABI change of ruby18-base.
pkgsrc-2010Q4 commitmail json YAML
Ticket #3358.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/devel/ruby-activemodel/Makefile@1.2.4.2
/
diff
pkgsrc/devel/ruby-activemodel/patches/patch-.._activemodel-3.0.4.gemspec@1.1.2.2 / diff
pkgsrc/www/ruby-actionpack3/Makefile@1.2.4.2 / diff
pkgsrc/www/ruby-actionpack3/patches/patch-.._actionpack-3.0.4.gemspec@1.1.2.2 / diff
pkgsrc/devel/ruby-activemodel/patches/patch-.._activemodel-3.0.4.gemspec@1.1.2.2 / diff
pkgsrc/www/ruby-actionpack3/Makefile@1.2.4.2 / diff
pkgsrc/www/ruby-actionpack3/patches/patch-.._actionpack-3.0.4.gemspec@1.1.2.2 / diff
Pullup ticket #3358 - requested by taca
devel/ruby-activemodel: security patch
www/ruby-actionpack3: security patch
Revisions pulled up
- devel/ruby-activemodel/Makefile 1.4
- devel/ruby-activemodel/patches/patch-.._activemodel-3.0.4.gemspec 1.1
- www/ruby-actionpack3/Makefile 1.4
- www/ruby-actionpack3/patches/patch-.._actionpack-3.0.4.gemspec 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Feb 20 02:12:08 UTC 2011
Modified Files:
pkgsrc/devel/ruby-activemodel: Makefile
Added Files:
pkgsrc/devel/ruby-activemodel/patches:
patch-.._activemodel-3.0.4.gemspec
Log Message:
Add missing patch file, something was wrong since patches/CVS directory
existed but patches directory wasn't cvs added...
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Feb 20 15:44:17 UTC 2011
Modified Files:
pkgsrc/www/ruby-actionpack3: Makefile
Added Files:
pkgsrc/www/ruby-actionpack3/patches: patch-.._actionpack-3.0.4.gemspec
Log Message:
Add another missing patch, noted by HIRAMATSU Yoshifumi on tech-pkg-ja@.
Bump PKGREVISION.
devel/ruby-activemodel: security patch
www/ruby-actionpack3: security patch
Revisions pulled up
- devel/ruby-activemodel/Makefile 1.4
- devel/ruby-activemodel/patches/patch-.._activemodel-3.0.4.gemspec 1.1
- www/ruby-actionpack3/Makefile 1.4
- www/ruby-actionpack3/patches/patch-.._actionpack-3.0.4.gemspec 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Feb 20 02:12:08 UTC 2011
Modified Files:
pkgsrc/devel/ruby-activemodel: Makefile
Added Files:
pkgsrc/devel/ruby-activemodel/patches:
patch-.._activemodel-3.0.4.gemspec
Log Message:
Add missing patch file, something was wrong since patches/CVS directory
existed but patches directory wasn't cvs added...
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Feb 20 15:44:17 UTC 2011
Modified Files:
pkgsrc/www/ruby-actionpack3: Makefile
Added Files:
pkgsrc/www/ruby-actionpack3/patches: patch-.._actionpack-3.0.4.gemspec
Log Message:
Add another missing patch, noted by HIRAMATSU Yoshifumi on tech-pkg-ja@.
Bump PKGREVISION.
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3364.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/misc/rubygems/Makefile@1.34.4.1
/
diff
pkgsrc/misc/rubygems/distinfo@1.26.4.1 / diff
pkgsrc/misc/rubygems/patches/patch-aq deleted
pkgsrc/misc/rubygems/patches/patch-ar deleted
pkgsrc/misc/rubygems/distinfo@1.26.4.1 / diff
pkgsrc/misc/rubygems/patches/patch-aq deleted
pkgsrc/misc/rubygems/patches/patch-ar deleted
Pullup ticket #3364 - requested by taca
misc/rubygems: build fix
Revisions pulled up:
- misc/rubygems/Makefile 1.36
- misc/rubygems/distinfo 1.27
- misc/rubygems/patches/patch-aq delete
- misc/rubygems/patches/patch-ar delete
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 23 10:32:24 UTC 2011
Modified Files:
pkgsrc/misc/rubygems: Makefile distinfo
Removed Files:
pkgsrc/misc/rubygems/patches: patch-aq patch-ar
Log Message:
Remove patches to make a gemspec file's format compatible as before.
Now latest ruby19-base package comes with gem supporting newer format,
so no need to keep older.
Shouold be fix build problem of newer rails3 related packages with
ruby18-base.
Bump PKGREVISION.
misc/rubygems: build fix
Revisions pulled up:
- misc/rubygems/Makefile 1.36
- misc/rubygems/distinfo 1.27
- misc/rubygems/patches/patch-aq delete
- misc/rubygems/patches/patch-ar delete
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 23 10:32:24 UTC 2011
Modified Files:
pkgsrc/misc/rubygems: Makefile distinfo
Removed Files:
pkgsrc/misc/rubygems/patches: patch-aq patch-ar
Log Message:
Remove patches to make a gemspec file's format compatible as before.
Now latest ruby19-base package comes with gem supporting newer format,
so no need to keep older.
Shouold be fix build problem of newer rails3 related packages with
ruby18-base.
Bump PKGREVISION.
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3363.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/net/bind97/Makefile@1.5.2.1
/
diff
pkgsrc/net/bind97/PLIST@1.3.4.1 / diff
pkgsrc/net/bind97/distinfo@1.5.2.1 / diff
pkgsrc/net/bind97/files/named9.sh@1.1.1.1.6.1 / diff
pkgsrc/net/bind97/patches/patch-ac@1.2.4.1 / diff
pkgsrc/net/bind97/patches/patch-ae@1.1.1.1.6.1 / diff
pkgsrc/net/bind97/PLIST@1.3.4.1 / diff
pkgsrc/net/bind97/distinfo@1.5.2.1 / diff
pkgsrc/net/bind97/files/named9.sh@1.1.1.1.6.1 / diff
pkgsrc/net/bind97/patches/patch-ac@1.2.4.1 / diff
pkgsrc/net/bind97/patches/patch-ae@1.1.1.1.6.1 / diff
Pullup ticket #3363 - requested by taca
net/bind97: security update
Revisions pulled up:
- net/bind97/Makefile 1.6
- net/bind97/PLIST 1.4
- net/bind97/distinfo 1.6
- net/bind97/files/named9.sh 1.2
- net/bind97/patches/patch-ac 1.3
- net/bind97/patches/patch-ae 1.2
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 16 17:43:22 UTC 2011
Modified Files:
pkgsrc/net/bind97: Makefile PLIST distinfo
pkgsrc/net/bind97/files: named9.sh
pkgsrc/net/bind97/patches: patch-ac patch-ae
Log Message:
Update bind97 package to 9.7.3.
* also sync rc scrpt with base system.
Bug Fixes
9.7.3
* BIND now builds with threads disabled in versions of NetBSD earlier
than 5.0 and with pthreads enabled by default in NetBSD versions
5.0 and higher. Also removes support for unproven-pthreads,
mit-pthreads and ptl2. [RT #19203]
* Added a regression test for fix 2896/RT #21045 ("rndc sign" failed
to properly update the zone when adding a DNSKEY for publication
only). [RT #21324]
* "nsupdate -l" now gives error message if "session.key" file is not
found. [RT #21670]
* HPUX now correctly defaults to using /dev/poll, which should
increase performance. [RT #21919]
* If named is running as a threaded application, after an "rndc stop"
command has been issued, other inbound TCP requests can cause named
to hang and never complete shutdown. [RT #22108]
* After an "rndc reconfig", the refresh timer for managed-keys is
ignored, resulting in managed-keys not being refreshed until named
is restarted. [RT #22296]
* An NSEC3PARAM record placed inside a zone which is not properly
signed with NSEC3 could cause named to crash, if changed via
dynamic update. [RT #22363]
* "rndc -h" now includes "loadkeys" option. [RT #22493]
* When performing a GSS-TSIG signed dynamic zone update, memory could
be leaked. This causes an unclean shutdown and may affect
long-running servers. [RT #22573]
* A bug in NetBSD and FreeBSD kernels with SO_ACCEPTFILTER enabled
allows for a TCP DoS attack. Until there is a kernel fix, ISC is
disabling SO_ACCEPTFILTER support in BIND. [RT #22589]
* When signing records, named didn't filter out any TTL changes to
DNSKEY records. This resulted in an incomplete key set. TTL changes
are now dealt with before signing. [RT #22590]
* Corrected a defect where a combination of dynamic updates and zone
transfers incorrectly locked the in-memory zone database, causing
named to freeze. [RT #22614]
* Don't run MX checks (check-mx) when the MX record points to ".".
[RT #22645]
* DST key reference counts can now be incremented via dst_key_attach.
[RT #22672]
* The IN6_IS_ADDR_LINKLOCAL and IN6_IS_ADDR_SITELOCAL macros in win32
were updated/corrected per current Windows OS. [RT #22724]
* "dnssec-settime -S" no longer tests prepublication interval
validity when the interval is set to 0. [RT #22761]
* isc_mutex_init_errcheck() in phtreads/mutex.c failed to destroy
attr. [RT #22766]
* The Kerberos realm was being truncated when being pulled from the
the host prinicipal, make krb5-self updates fail. [RT #22770]
* named failed to preserve the case of domain names in RDATA which is
not compressible when writing master files. [RT #22863]
* The man page for dnssec-keyfromlabel incorrectly had "-U" rather
than the correct option "-I". [RT #22887]
* The "rndc" command usage statement was missing the "-b" option. [RT
#22937]
* There was a bug in how the clients-per-query code worked with some
query patterns. This could result, in rare circumstances, in having
all the client query slots filled with queries for the same DNS
label, essentially ignoring the max-clients-per-query setting. [RT
#22972]
* The secure zone update feature in named is based on the zone being
signed and configured for dynamic updates. A bug in the ACL
processing for "allow-update { none; };" resulted in a zone that is
supposed to be static being treated as a dynamic zone. Thus, name
would try to sign/re-sign that zone erroneously. [RT #23120]
net/bind97: security update
Revisions pulled up:
- net/bind97/Makefile 1.6
- net/bind97/PLIST 1.4
- net/bind97/distinfo 1.6
- net/bind97/files/named9.sh 1.2
- net/bind97/patches/patch-ac 1.3
- net/bind97/patches/patch-ae 1.2
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 16 17:43:22 UTC 2011
Modified Files:
pkgsrc/net/bind97: Makefile PLIST distinfo
pkgsrc/net/bind97/files: named9.sh
pkgsrc/net/bind97/patches: patch-ac patch-ae
Log Message:
Update bind97 package to 9.7.3.
* also sync rc scrpt with base system.
Bug Fixes
9.7.3
* BIND now builds with threads disabled in versions of NetBSD earlier
than 5.0 and with pthreads enabled by default in NetBSD versions
5.0 and higher. Also removes support for unproven-pthreads,
mit-pthreads and ptl2. [RT #19203]
* Added a regression test for fix 2896/RT #21045 ("rndc sign" failed
to properly update the zone when adding a DNSKEY for publication
only). [RT #21324]
* "nsupdate -l" now gives error message if "session.key" file is not
found. [RT #21670]
* HPUX now correctly defaults to using /dev/poll, which should
increase performance. [RT #21919]
* If named is running as a threaded application, after an "rndc stop"
command has been issued, other inbound TCP requests can cause named
to hang and never complete shutdown. [RT #22108]
* After an "rndc reconfig", the refresh timer for managed-keys is
ignored, resulting in managed-keys not being refreshed until named
is restarted. [RT #22296]
* An NSEC3PARAM record placed inside a zone which is not properly
signed with NSEC3 could cause named to crash, if changed via
dynamic update. [RT #22363]
* "rndc -h" now includes "loadkeys" option. [RT #22493]
* When performing a GSS-TSIG signed dynamic zone update, memory could
be leaked. This causes an unclean shutdown and may affect
long-running servers. [RT #22573]
* A bug in NetBSD and FreeBSD kernels with SO_ACCEPTFILTER enabled
allows for a TCP DoS attack. Until there is a kernel fix, ISC is
disabling SO_ACCEPTFILTER support in BIND. [RT #22589]
* When signing records, named didn't filter out any TTL changes to
DNSKEY records. This resulted in an incomplete key set. TTL changes
are now dealt with before signing. [RT #22590]
* Corrected a defect where a combination of dynamic updates and zone
transfers incorrectly locked the in-memory zone database, causing
named to freeze. [RT #22614]
* Don't run MX checks (check-mx) when the MX record points to ".".
[RT #22645]
* DST key reference counts can now be incremented via dst_key_attach.
[RT #22672]
* The IN6_IS_ADDR_LINKLOCAL and IN6_IS_ADDR_SITELOCAL macros in win32
were updated/corrected per current Windows OS. [RT #22724]
* "dnssec-settime -S" no longer tests prepublication interval
validity when the interval is set to 0. [RT #22761]
* isc_mutex_init_errcheck() in phtreads/mutex.c failed to destroy
attr. [RT #22766]
* The Kerberos realm was being truncated when being pulled from the
the host prinicipal, make krb5-self updates fail. [RT #22770]
* named failed to preserve the case of domain names in RDATA which is
not compressible when writing master files. [RT #22863]
* The man page for dnssec-keyfromlabel incorrectly had "-U" rather
than the correct option "-I". [RT #22887]
* The "rndc" command usage statement was missing the "-b" option. [RT
#22937]
* There was a bug in how the clients-per-query code worked with some
query patterns. This could result, in rare circumstances, in having
all the client query slots filled with queries for the same DNS
label, essentially ignoring the max-clients-per-query setting. [RT
#22972]
* The secure zone update feature in named is based on the zone being
signed and configured for dynamic updates. A bug in the ACL
processing for "allow-update { none; };" resulted in a zone that is
supposed to be static being treated as a dynamic zone. Thus, name
would try to sign/re-sign that zone erroneously. [RT #23120]
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3362.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/archivers/php-zip/Makefile@1.11.8.1
/
diff
pkgsrc/graphics/php-exif/Makefile@1.8.8.1 / diff
pkgsrc/lang/php5/Makefile@1.81.2.1 / diff
pkgsrc/lang/php5/Makefile.php@1.42.4.1 / diff
pkgsrc/lang/php5/distinfo@1.84.2.1 / diff
pkgsrc/lang/php5/patches/patch-ext_exif_exif.c@1.1.2.2 / diff
pkgsrc/lang/php5/patches/patch-ext_zip_lib_zip__name__locate.c@1.1.2.2 / diff
pkgsrc/lang/php5/patches/patch-ext_zip_php__zip.c@1.1.2.2 / diff
pkgsrc/lang/php53/Makefile@1.6.2.1 / diff
pkgsrc/lang/php53/Makefile.php@1.3.4.2 / diff
pkgsrc/lang/php53/distinfo@1.9.2.2 / diff
pkgsrc/lang/php53/patches/patch-ext_exif_exif.c@1.1.2.2 / diff
pkgsrc/lang/php53/patches/patch-ext_zip_lib_zip__name__locate.c@1.1.2.2 / diff
pkgsrc/lang/php53/patches/patch-ext_zip_php__zip.c@1.1.2.2 / diff
pkgsrc/graphics/php-exif/Makefile@1.8.8.1 / diff
pkgsrc/lang/php5/Makefile@1.81.2.1 / diff
pkgsrc/lang/php5/Makefile.php@1.42.4.1 / diff
pkgsrc/lang/php5/distinfo@1.84.2.1 / diff
pkgsrc/lang/php5/patches/patch-ext_exif_exif.c@1.1.2.2 / diff
pkgsrc/lang/php5/patches/patch-ext_zip_lib_zip__name__locate.c@1.1.2.2 / diff
pkgsrc/lang/php5/patches/patch-ext_zip_php__zip.c@1.1.2.2 / diff
pkgsrc/lang/php53/Makefile@1.6.2.1 / diff
pkgsrc/lang/php53/Makefile.php@1.3.4.2 / diff
pkgsrc/lang/php53/distinfo@1.9.2.2 / diff
pkgsrc/lang/php53/patches/patch-ext_exif_exif.c@1.1.2.2 / diff
pkgsrc/lang/php53/patches/patch-ext_zip_lib_zip__name__locate.c@1.1.2.2 / diff
pkgsrc/lang/php53/patches/patch-ext_zip_php__zip.c@1.1.2.2 / diff
Pullup ticket #3362 - requested by taca
archivers/php-zip: security patch
graphics/php-exif: security patch
lang/php5: security patch
lang/php53: security patch
Revisions pulled up:
- archivers/php-zip/Makefile 1.12-1.13
- graphics/php-exif/Makefile 1.9-1.10
- lang/php5/Makefile 1.82-1.83
- lang/php5/Makefile.php 1.43-1.44
- lang/php5/distinfo 1.86-1.87
- lang/php5/patches/patch-ext_exif_exif.c 1.1
- lang/php5/patches/patch-ext_zip_lib_zip__name__locate.c 1.1
- lang/php5/patches/patch-ext_zip_php__zip.c 1.1
- lang/php53/Makefile 1.7
- lang/php53/Makefile.php 1.5
- lang/php53/distinfo 1.12
- lang/php53/patches/patch-ext_exif_exif.c 1.1
- lang/php53/patches/patch-ext_zip_lib_zip__name__locate.c 1.1
- lang/php53/patches/patch-ext_zip_php__zip.c 1.1
---
Module Name: pkgsrc
Committed By: shattered
Date: Tue Feb 15 20:52:24 UTC 2011
Modified Files:
pkgsrc/lang/php5: Makefile Makefile.php
Log Message:
Re-enable DL_AUTO_VARS -- makes PHP CLI work again with extensions that
are linked to pthread (like mysql.so).
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:21:17 UTC 2011
Modified Files:
pkgsrc/lang/php5: Makefile.php distinfo
Log Message:
Re-enable suhosin patch as php53.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:23:58 UTC 2011
Modified Files:
pkgsrc/lang/php53: Makefile.php
Log Message:
Re-enable DL_AUTO_VARS as php5 package.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:25:33 UTC 2011
Modified Files:
pkgsrc/lang/php5: Makefile
Added Files:
pkgsrc/lang/php5/patches: patch-ext_exif_exif.c
patch-ext_zip_lib_zip__name__locate.c patch-ext_zip_php__zip.c
Log Message:
Add patches to fix SA43328.
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:26:50 UTC 2011
Modified Files:
pkgsrc/lang/php5: distinfo
Log Message:
Regen distinfo.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:29:15 UTC 2011
Modified Files:
pkgsrc/lang/php53: Makefile
Log Message:
Bump PKGREVISION for DL_AUTO_VARS.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:30:44 UTC 2011
Modified Files:
pkgsrc/archivers/php-zip: Makefile
pkgsrc/graphics/php-exif: Makefile
Log Message:
Bump PKGREVISION reflects fix of SA43328.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:38:40 UTC 2011
Modified Files:
pkgsrc/lang/php53: distinfo
Added Files:
pkgsrc/lang/php53/patches: patch-ext_exif_exif.c
patch-ext_zip_lib_zip__name__locate.c patch-ext_zip_php__zip.c
Log Message:
Oops, it should be commit before CHANGE-2011 update.
Add Add patches to fix SA43328.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Feb 22 07:36:08 UTC 2011
Modified Files:
pkgsrc/archivers/php-zip: Makefile
pkgsrc/graphics/php-exif: Makefile
Log Message:
Add missing USE_PHP_EXT_PATCHES to apply patches really.
archivers/php-zip: security patch
graphics/php-exif: security patch
lang/php5: security patch
lang/php53: security patch
Revisions pulled up:
- archivers/php-zip/Makefile 1.12-1.13
- graphics/php-exif/Makefile 1.9-1.10
- lang/php5/Makefile 1.82-1.83
- lang/php5/Makefile.php 1.43-1.44
- lang/php5/distinfo 1.86-1.87
- lang/php5/patches/patch-ext_exif_exif.c 1.1
- lang/php5/patches/patch-ext_zip_lib_zip__name__locate.c 1.1
- lang/php5/patches/patch-ext_zip_php__zip.c 1.1
- lang/php53/Makefile 1.7
- lang/php53/Makefile.php 1.5
- lang/php53/distinfo 1.12
- lang/php53/patches/patch-ext_exif_exif.c 1.1
- lang/php53/patches/patch-ext_zip_lib_zip__name__locate.c 1.1
- lang/php53/patches/patch-ext_zip_php__zip.c 1.1
---
Module Name: pkgsrc
Committed By: shattered
Date: Tue Feb 15 20:52:24 UTC 2011
Modified Files:
pkgsrc/lang/php5: Makefile Makefile.php
Log Message:
Re-enable DL_AUTO_VARS -- makes PHP CLI work again with extensions that
are linked to pthread (like mysql.so).
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:21:17 UTC 2011
Modified Files:
pkgsrc/lang/php5: Makefile.php distinfo
Log Message:
Re-enable suhosin patch as php53.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:23:58 UTC 2011
Modified Files:
pkgsrc/lang/php53: Makefile.php
Log Message:
Re-enable DL_AUTO_VARS as php5 package.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:25:33 UTC 2011
Modified Files:
pkgsrc/lang/php5: Makefile
Added Files:
pkgsrc/lang/php5/patches: patch-ext_exif_exif.c
patch-ext_zip_lib_zip__name__locate.c patch-ext_zip_php__zip.c
Log Message:
Add patches to fix SA43328.
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:26:50 UTC 2011
Modified Files:
pkgsrc/lang/php5: distinfo
Log Message:
Regen distinfo.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:29:15 UTC 2011
Modified Files:
pkgsrc/lang/php53: Makefile
Log Message:
Bump PKGREVISION for DL_AUTO_VARS.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:30:44 UTC 2011
Modified Files:
pkgsrc/archivers/php-zip: Makefile
pkgsrc/graphics/php-exif: Makefile
Log Message:
Bump PKGREVISION reflects fix of SA43328.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:38:40 UTC 2011
Modified Files:
pkgsrc/lang/php53: distinfo
Added Files:
pkgsrc/lang/php53/patches: patch-ext_exif_exif.c
patch-ext_zip_lib_zip__name__locate.c patch-ext_zip_php__zip.c
Log Message:
Oops, it should be commit before CHANGE-2011 update.
Add Add patches to fix SA43328.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Feb 22 07:36:08 UTC 2011
Modified Files:
pkgsrc/archivers/php-zip: Makefile
pkgsrc/graphics/php-exif: Makefile
Log Message:
Add missing USE_PHP_EXT_PATCHES to apply patches really.
pkgsrc-2010Q4 commitmail json YAML
Pullup tickets #3357 and #3359.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/www/typo3/Makefile@1.28.2.1
/
diff
pkgsrc/www/typo3/PLIST@1.16.2.1 / diff
pkgsrc/www/typo3/distinfo@1.21.2.1 / diff
pkgsrc/www/typo3/patches/patch-aa@1.4.4.1 / diff
pkgsrc/www/typo3/PLIST@1.16.2.1 / diff
pkgsrc/www/typo3/distinfo@1.21.2.1 / diff
pkgsrc/www/typo3/patches/patch-aa@1.4.4.1 / diff
Pullup ticket #3359 - requested by taca
www/typo3: security update
Revisions pulled up:
- www/typo3/Makefile 1.29
- www/typo3/PLIST 1.17
- www/typo3/distinfo 1.22
- www/typo3/patches/patch-aa 1.5
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 7 12:57:30 UTC 2011
Modified Files:
pkgsrc/www/typo3: Makefile PLIST distinfo
pkgsrc/www/typo3/patches: patch-aa
Log Message:
Update to www/typo3 package to 4.5.0.
This is TYPO3 Version 4.5: Your Long Term Solution:
Please refer new feature and changes in detail:
http://typo3.org/news-single-view/?tx_newsimporter_pi1[showItem]=0&tx_newsimporter_pi1[feed]=10&cHash=c5554a06e2
www/typo3: security update
Revisions pulled up:
- www/typo3/Makefile 1.29
- www/typo3/PLIST 1.17
- www/typo3/distinfo 1.22
- www/typo3/patches/patch-aa 1.5
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 7 12:57:30 UTC 2011
Modified Files:
pkgsrc/www/typo3: Makefile PLIST distinfo
pkgsrc/www/typo3/patches: patch-aa
Log Message:
Update to www/typo3 package to 4.5.0.
This is TYPO3 Version 4.5: Your Long Term Solution:
Please refer new feature and changes in detail:
http://typo3.org/news-single-view/?tx_newsimporter_pi1[showItem]=0&tx_newsimporter_pi1[feed]=10&cHash=c5554a06e2
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/lang/sun-jdk6/Makefile@1.20.2.1
/
diff
pkgsrc/lang/sun-jdk6/PLIST@1.10.2.1 / diff
pkgsrc/lang/sun-jdk6/distinfo@1.11.2.1 / diff
pkgsrc/lang/sun-jre6/Makefile@1.27.2.1 / diff
pkgsrc/lang/sun-jre6/PLIST.linux-i386@1.20.2.1 / diff
pkgsrc/lang/sun-jre6/distinfo@1.14.2.1 / diff
pkgsrc/lang/sun-jre6/sfiles-i386.mk@1.3.2.1 / diff
pkgsrc/lang/sun-jdk6/PLIST@1.10.2.1 / diff
pkgsrc/lang/sun-jdk6/distinfo@1.11.2.1 / diff
pkgsrc/lang/sun-jre6/Makefile@1.27.2.1 / diff
pkgsrc/lang/sun-jre6/PLIST.linux-i386@1.20.2.1 / diff
pkgsrc/lang/sun-jre6/distinfo@1.14.2.1 / diff
pkgsrc/lang/sun-jre6/sfiles-i386.mk@1.3.2.1 / diff
Pullup ticket #3357 - requested by obache
lang/sun-jdk6: security update
lang/sun-jre6: security update
Revivions pulled up:
- lang/sun-jdk6/Makefile 1.21
- lang/sun-jdk6/PLIST 1.11
- lang/sun-jdk6/distinfo 1.12
- lang/sun-jre6/Makefile 1.28
- lang/sun-jre6/PLIST.linux-i386 1.21
- lang/sun-jre6/distinfo 1.15
- lang/sun-jre6/sfiles-i386.mk 1.4
---
Module Name: pkgsrc
Committed By: obache
Date: Mon Feb 21 07:48:20 UTC 2011
Modified Files:
pkgsrc/lang/sun-jdk6: Makefile PLIST distinfo
pkgsrc/lang/sun-jre6: Makefile PLIST.linux-i386 distinfo sfiles-i386.mk
Log Message:
Update sun-{jre,jdk}6 to 6.0.24.
Java SE 6 Update 24
* OlsonData 2010o
* Java DB 10.6.2.1
* Bug Fixes, include following security fix.
CVE-2010-4422
CVE-2010-4447
CVE-2010-4448
CVE-2010-4450
CVE-2010-4451
CVE-2010-4452
CVE-2010-4454
CVE-2010-4462
CVE-2010-4463
CVE-2010-4465
CVE-2010-4466
CVE-2010-4467
CVE-2010-4468
CVE-2010-4469
CVE-2010-4470
CVE-2010-4471
CVE-2010-4472
CVE-2010-4473
CVE-2010-4474
CVE-2010-4475
CVE-2010-4476
Java SE 6 Update 23
* OlsonData 2010l
* Java Hotspot VM 19.0
* Java VisualVM 1.3.1
* Menu Item Corrections for Right-to-Left Languages
* Additional Languages Support in Linux Systems
* Bug Fixes
lang/sun-jdk6: security update
lang/sun-jre6: security update
Revivions pulled up:
- lang/sun-jdk6/Makefile 1.21
- lang/sun-jdk6/PLIST 1.11
- lang/sun-jdk6/distinfo 1.12
- lang/sun-jre6/Makefile 1.28
- lang/sun-jre6/PLIST.linux-i386 1.21
- lang/sun-jre6/distinfo 1.15
- lang/sun-jre6/sfiles-i386.mk 1.4
---
Module Name: pkgsrc
Committed By: obache
Date: Mon Feb 21 07:48:20 UTC 2011
Modified Files:
pkgsrc/lang/sun-jdk6: Makefile PLIST distinfo
pkgsrc/lang/sun-jre6: Makefile PLIST.linux-i386 distinfo sfiles-i386.mk
Log Message:
Update sun-{jre,jdk}6 to 6.0.24.
Java SE 6 Update 24
* OlsonData 2010o
* Java DB 10.6.2.1
* Bug Fixes, include following security fix.
CVE-2010-4422
CVE-2010-4447
CVE-2010-4448
CVE-2010-4450
CVE-2010-4451
CVE-2010-4452
CVE-2010-4454
CVE-2010-4462
CVE-2010-4463
CVE-2010-4465
CVE-2010-4466
CVE-2010-4467
CVE-2010-4468
CVE-2010-4469
CVE-2010-4470
CVE-2010-4471
CVE-2010-4472
CVE-2010-4473
CVE-2010-4474
CVE-2010-4475
CVE-2010-4476
Java SE 6 Update 23
* OlsonData 2010l
* Java Hotspot VM 19.0
* Java VisualVM 1.3.1
* Menu Item Corrections for Right-to-Left Languages
* Additional Languages Support in Linux Systems
* Bug Fixes
pkgsrc-2010Q4 commitmail json YAML
pullup 3356
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/pkgtools/pkg_install/files/admin/audit.c@1.16.6.1
/
diff
pkgsrc/pkgtools/pkg_install/files/lib/version.h@1.160.2.1 / diff
pkgsrc/pkgtools/pkg_install/files/lib/version.h@1.160.2.1 / diff
Pullup ticket 3356 - requested by aymeric
functionality fix
Revisions pulled up:
- pkgsrc/pkgtools/pkg_install/files/admin/audit.c 1.17
- pkgsrc/pkgtools/pkg_install/files/lib/version.h 1.161
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: aymeric
Date: Fri Feb 18 15:59:52 UTC 2011
Modified Files:
pkgsrc/pkgtools/pkg_install/files/admin: audit.c
pkgsrc/pkgtools/pkg_install/files/lib: version.h
Log Message:
. fix audit-history subcommand to include patterns making use of [x-y] notation
. bump version to 20110215
To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 pkgsrc/pkgtools/pkg_install/files/admin/audit.c
cvs rdiff -u -r1.160 -r1.161 pkgsrc/pkgtools/pkg_install/files/lib/version.h
functionality fix
Revisions pulled up:
- pkgsrc/pkgtools/pkg_install/files/admin/audit.c 1.17
- pkgsrc/pkgtools/pkg_install/files/lib/version.h 1.161
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: aymeric
Date: Fri Feb 18 15:59:52 UTC 2011
Modified Files:
pkgsrc/pkgtools/pkg_install/files/admin: audit.c
pkgsrc/pkgtools/pkg_install/files/lib: version.h
Log Message:
. fix audit-history subcommand to include patterns making use of [x-y] notation
. bump version to 20110215
To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 pkgsrc/pkgtools/pkg_install/files/admin/audit.c
cvs rdiff -u -r1.160 -r1.161 pkgsrc/pkgtools/pkg_install/files/lib/version.h
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3355
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/net/bind96/Makefile@1.17.2.1
/
diff
pkgsrc/net/bind96/PLIST@1.6.6.1 / diff
pkgsrc/net/bind96/distinfo@1.10.2.1 / diff
pkgsrc/net/bind96/patches/patch-ad@1.4.6.1 / diff
pkgsrc/net/bind96/patches/patch-am@1.2.6.1 / diff
pkgsrc/net/bind96/PLIST@1.6.6.1 / diff
pkgsrc/net/bind96/distinfo@1.10.2.1 / diff
pkgsrc/net/bind96/patches/patch-ad@1.4.6.1 / diff
pkgsrc/net/bind96/patches/patch-am@1.2.6.1 / diff
Pullup ticket #3355 - requested by taca
Revisions pulled up:
- pkgsrc/net/bind96/Makefile 1.18
- pkgsrc/net/bind96/PLIST 1.7
- pkgsrc/net/bind96/distinfo 1.11
- pkgsrc/net/bind96/patches/patch-ad 1.5
- pkgsrc/net/bind96/patches/patch-am 1.3
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 16:24:14 UTC 2011
Modified Files:
pkgsrc/net/bind96: Makefile PLIST distinfo
pkgsrc/net/bind96/patches: patch-ad patch-am
Log Message:
Update bind96 package to 9.6.3.
9.6.3
* BIND now builds with threads disabled in versions of NetBSD earlier
than 5.0 and with pthreads enabled by default in NetBSD versions
5.0 and higher. Also removes support for unproven-pthreads,
mit-pthreads and ptl2. [RT #19203]
* HPUX now correctly defaults to using /dev/poll, which should
increase performance. [RT #21919]
* If named is running as a threaded application, after an "rndc stop"
command has been issued, other inbound TCP requests can cause named
to hang and never complete shutdown. [RT #22108]
* When performing a GSS-TSIG signed dynamic zone update, memory could
be leaked. This causes an unclean shutdown and may affect
long-running servers. [RT #22573]
* A bug in NetBSD and FreeBSD kernels with SO_ACCEPTFILTER enabled
allows for a TCP DoS attack. Until there is a kernel fix, ISC is
disabling SO_ACCEPTFILTER support in BIND. [RT #22589]
* Corrected a defect where a combination of dynamic updates and zone
transfers incorrectly locked the in-memory zone database, causing
named to freeze. [RT #22614]
* Don't run MX checks (check-mx) when the MX record points to ".".
[RT #22645]
* DST key reference counts can now be incremented via dst_key_attach.
[RT #22672]
* isc_mutex_init_errcheck() in phtreads/mutex.c failed to destroy
attr. [RT #22766]
* The Kerberos realm was being truncated when being pulled from the
the host prinicipal, make krb5-self updates fail. [RT #22770]
* named failed to preserve the case of domain names in RDATA which is
not compressible when writing master files. [RT #22863]
* There was a bug in how the clients-per-query code worked with some
query patterns. This could result, in rare circumstances, in having
all the client query slots filled with queries for the same DNS
label, essentially ignoring the max-clients-per-query setting. [RT
#22972]
Revisions pulled up:
- pkgsrc/net/bind96/Makefile 1.18
- pkgsrc/net/bind96/PLIST 1.7
- pkgsrc/net/bind96/distinfo 1.11
- pkgsrc/net/bind96/patches/patch-ad 1.5
- pkgsrc/net/bind96/patches/patch-am 1.3
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 16:24:14 UTC 2011
Modified Files:
pkgsrc/net/bind96: Makefile PLIST distinfo
pkgsrc/net/bind96/patches: patch-ad patch-am
Log Message:
Update bind96 package to 9.6.3.
9.6.3
* BIND now builds with threads disabled in versions of NetBSD earlier
than 5.0 and with pthreads enabled by default in NetBSD versions
5.0 and higher. Also removes support for unproven-pthreads,
mit-pthreads and ptl2. [RT #19203]
* HPUX now correctly defaults to using /dev/poll, which should
increase performance. [RT #21919]
* If named is running as a threaded application, after an "rndc stop"
command has been issued, other inbound TCP requests can cause named
to hang and never complete shutdown. [RT #22108]
* When performing a GSS-TSIG signed dynamic zone update, memory could
be leaked. This causes an unclean shutdown and may affect
long-running servers. [RT #22573]
* A bug in NetBSD and FreeBSD kernels with SO_ACCEPTFILTER enabled
allows for a TCP DoS attack. Until there is a kernel fix, ISC is
disabling SO_ACCEPTFILTER support in BIND. [RT #22589]
* Corrected a defect where a combination of dynamic updates and zone
transfers incorrectly locked the in-memory zone database, causing
named to freeze. [RT #22614]
* Don't run MX checks (check-mx) when the MX record points to ".".
[RT #22645]
* DST key reference counts can now be incremented via dst_key_attach.
[RT #22672]
* isc_mutex_init_errcheck() in phtreads/mutex.c failed to destroy
attr. [RT #22766]
* The Kerberos realm was being truncated when being pulled from the
the host prinicipal, make krb5-self updates fail. [RT #22770]
* named failed to preserve the case of domain names in RDATA which is
not compressible when writing master files. [RT #22863]
* There was a bug in how the clients-per-query code worked with some
query patterns. This could result, in rare circumstances, in having
all the client query slots filled with queries for the same DNS
label, essentially ignoring the max-clients-per-query setting. [RT
#22972]
pkgsrc-2010Q4 commitmail json YAML
pullup 3353 + 3354
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/databases/ruby-activerecord3/Makefile@1.2.4.1
/
diff
pkgsrc/databases/ruby-activerecord3/PLIST@1.1.1.1.4.1 / diff
pkgsrc/databases/ruby-activerecord3/distinfo@1.2.4.1 / diff
pkgsrc/databases/ruby-arel/Makefile@1.1.1.1.4.1 / diff
pkgsrc/databases/ruby-arel/PLIST@1.1.1.1.4.1 / diff
pkgsrc/databases/ruby-arel/distinfo@1.1.1.1.4.1 / diff
pkgsrc/devel/ruby-activemodel/Makefile@1.2.4.1 / diff
pkgsrc/devel/ruby-activemodel/distinfo@1.2.4.1 / diff
pkgsrc/devel/ruby-activesupport3/Makefile@1.2.4.1 / diff
pkgsrc/devel/ruby-activesupport3/distinfo@1.2.4.1 / diff
pkgsrc/devel/ruby-railties/Makefile@1.2.4.1 / diff
pkgsrc/devel/ruby-railties/PLIST@1.1.1.1.4.1 / diff
pkgsrc/devel/ruby-railties/distinfo@1.2.4.1 / diff
pkgsrc/mail/ruby-actionmailer3/Makefile@1.3.2.1 / diff
pkgsrc/mail/ruby-actionmailer3/distinfo@1.2.4.1 / diff
pkgsrc/www/ruby-actionpack3/Makefile@1.2.4.1 / diff
pkgsrc/www/ruby-actionpack3/distinfo@1.2.4.1 / diff
pkgsrc/www/ruby-activeresource3/Makefile@1.2.4.1 / diff
pkgsrc/www/ruby-activeresource3/distinfo@1.2.4.1 / diff
pkgsrc/www/ruby-rack-test/Makefile@1.1.1.1.4.1 / diff
:
(more 4 files)
pkgsrc/databases/ruby-activerecord3/PLIST@1.1.1.1.4.1 / diff
pkgsrc/databases/ruby-activerecord3/distinfo@1.2.4.1 / diff
pkgsrc/databases/ruby-arel/Makefile@1.1.1.1.4.1 / diff
pkgsrc/databases/ruby-arel/PLIST@1.1.1.1.4.1 / diff
pkgsrc/databases/ruby-arel/distinfo@1.1.1.1.4.1 / diff
pkgsrc/devel/ruby-activemodel/Makefile@1.2.4.1 / diff
pkgsrc/devel/ruby-activemodel/distinfo@1.2.4.1 / diff
pkgsrc/devel/ruby-activesupport3/Makefile@1.2.4.1 / diff
pkgsrc/devel/ruby-activesupport3/distinfo@1.2.4.1 / diff
pkgsrc/devel/ruby-railties/Makefile@1.2.4.1 / diff
pkgsrc/devel/ruby-railties/PLIST@1.1.1.1.4.1 / diff
pkgsrc/devel/ruby-railties/distinfo@1.2.4.1 / diff
pkgsrc/mail/ruby-actionmailer3/Makefile@1.3.2.1 / diff
pkgsrc/mail/ruby-actionmailer3/distinfo@1.2.4.1 / diff
pkgsrc/www/ruby-actionpack3/Makefile@1.2.4.1 / diff
pkgsrc/www/ruby-actionpack3/distinfo@1.2.4.1 / diff
pkgsrc/www/ruby-activeresource3/Makefile@1.2.4.1 / diff
pkgsrc/www/ruby-activeresource3/distinfo@1.2.4.1 / diff
pkgsrc/www/ruby-rack-test/Makefile@1.1.1.1.4.1 / diff
:
(more 4 files)
Pullup ticket 3354 - requested by taca
security update
Revisions pulled up:
- pkgsrc/databases/ruby-activerecord3/Makefile 1.3
- pkgsrc/databases/ruby-activerecord3/distinfo 1.3
- pkgsrc/databases/ruby-activerecord3/PLIST 1.2
- pkgsrc/databases/ruby-arel/Makefile 1.2
- pkgsrc/databases/ruby-arel/PLIST 1.2
- pkgsrc/databases/ruby-arel/distinfo 1.2
- pkgsrc/devel/ruby-activemodel/Makefile 1.3
- pkgsrc/devel/ruby-activemodel/distinfo 1.3
- pkgsrc/devel/ruby-activesupport3/Makefile 1.3
- pkgsrc/devel/ruby-activesupport3/distinfo 1.3
- pkgsrc/devel/ruby-railties/Makefile 1.3
- pkgsrc/devel/ruby-railties/distinfo 1.3
- pkgsrc/devel/ruby-railties/PLIST 1.2
- pkgsrc/mail/ruby-actionmailer3/Makefile 1.4
- pkgsrc/mail/ruby-actionmailer3/distinfo 1.3
- pkgsrc/www/ruby-actionpack3/Makefile 1.3
- pkgsrc/www/ruby-actionpack3/distinfo 1.3
- pkgsrc/www/ruby-activeresource3/Makefile 1.3
- pkgsrc/www/ruby-activeresource3/distinfo 1.3
- pkgsrc/www/ruby-rack-test/Makefile 1.2
- pkgsrc/www/ruby-rack-test/PLIST 1.2
- pkgsrc/www/ruby-rack-test/distinfo 1.2
- pkgsrc/www/ruby-rails3/Makefile 1.3
- pkgsrc/www/ruby-rails3/distinfo 1.4
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:54:35 UTC 2011
Modified Files:
pkgsrc/www/ruby-rack-test: Makefile PLIST distinfo
Log Message:
Update ruby-rack-test package to 0.5.7.
== 0.5.7 / 2011-01-01
* Bug fixes
* If no URI is present, include all cookies (Pratik Naik)
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/www/ruby-rack-test/Makefile \
pkgsrc/www/ruby-rack-test/PLIST pkgsrc/www/ruby-rack-test/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:55:29 UTC 2011
Modified Files:
pkgsrc/databases/ruby-arel: Makefile PLIST distinfo
Log Message:
Update ruby-arel package to 2.0.8.
== 2.0.8 / 2010/02/08
* Bug Fixes
* Added set operation support
* Fixed problems with *_any / *_all methods.
== 2.0.7 (unreleased)
* Bug Fixes
* Limit members are visited
* Fixing MSSQL TOP support
== 2.0.6 12/01/2010
* Bug Fixes
* Rails 3.0.x does not like that Node is Enumerable, so removing for now.
== 2.0.5 11/30/2010
* Enhancements
* Arel::Visitors::DepthFirst can walk your AST depth first
* Arel::Nodes::Node is enumerable, depth first
* Bug fixes
* #lock will lock SELECT statements "FOR UPDATE" on mysql
* Nodes::Node#not factory method added for creating Nodes::Not nodes
* Added an As node
* Deprecations
* Support for Subclasses of core classes will be removed in ARel version
2.2.0
== 2.0.4
* Bug fixes
* Speed improvements for Range queries. Thanks Rolf Timmermans!
== 2.0.3
* Bug fixes
* Fixing Oracle support
* Added a visitor for "Class" objects
== 2.0.2
* Bug fixes
* MySQL selects from DUAL on empty FROM
* Visitor translates nil to NULL
* Visitor translates Bignum properly
== 2.0.1
* Bug fixes
== 2.0.0 / 2010-08-01
* Enhancements
* Recreate library using the Visitor pattern.
http://en.wikipedia.org/wiki/Visitor_pattern
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/databases/ruby-arel/Makefile \
pkgsrc/databases/ruby-arel/PLIST pkgsrc/databases/ruby-arel/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:56:49 UTC 2011
Modified Files:
pkgsrc/devel/ruby-activesupport3: Makefile distinfo
Log Message:
Update ruby-activesupport3 package to 3.0.4.
* 3.0.4 updates version only for Ruby on Rails 3.0.4 update.
*Rails 3.0.3 (November 16, 2010)*
* No changes.
*Rails 3.0.2 (November 15, 2010)*
* Added before_remove_const callback to ActiveSupport::Dependencies.remove_unloadable_constants! [Andrew White]
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/devel/ruby-activesupport3/Makefile \
pkgsrc/devel/ruby-activesupport3/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:57:47 UTC 2011
Modified Files:
pkgsrc/devel/ruby-activemodel: Makefile distinfo
Log Message:
Update ruby-activemodel package to 3.0.4.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 3.0.4 update.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/devel/ruby-activemodel/Makefile \
pkgsrc/devel/ruby-activemodel/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:58:53 UTC 2011
Modified Files:
pkgsrc/www/ruby-actionpack3: Makefile distinfo
Log Message:
Update ruby-actionpack3 package to 3.0.4.
* More strict dependency reflect gemspec's description.
*Rails 3.0.3 (November 16, 2010)*
* When ActiveRecord::Base objects are sent to predicate methods, the id of
the object should be sent to ARel, not the ActiveRecord::Base object.
* :constraints routing should only do sanity checks against regular
expressions. String arguments are OK.
*Rails 3.0.2 (November 15, 2010)*
* The helper number_to_currency accepts a new :negative_format option to be
able to configure how to render negative amounts. [Don Wilson]
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/ruby-actionpack3/Makefile \
pkgsrc/www/ruby-actionpack3/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 13:00:07 UTC 2011
Modified Files:
pkgsrc/databases/ruby-activerecord3: Makefile PLIST distinfo
Log Message:
Update ruby-activerecord3 package to 3.0.4.
* More strict dependency reflect gemspec's description.
*Rails 3.0.4 (unreleased)*
* Added deprecation warning for has_and_belongs_to_many associations where the join table has
additional attributes other than the keys. Access to these attributes is removed in 3.1.
Please use has_many :through instead. [Jon Leighton]
*Rails 3.0.3 (November 16, 2010)*
* Support find by class like this: Post.where(:name => Post)
*Rails 3.0.2 (November 15, 2010)*
* Dramatic speed increase (see: http://engineering.attinteractive.com/2010/10/arel-two-point-ohhhhh-yaaaaaa/) [Aaron Patterson]
* reorder is deprecated in favor of except(:order).order(...) [Santiago Pastorino]
* except is now AR public API
Model.order('name').except(:order).order('salary')
generates:
SELECT * FROM models ORDER BY salary
[Santiago Pastorino]
* The following code:
Model.limit(10).scoping { Model.count }
now generates the following SQL:
SELECT COUNT(*) FROM models LIMIT 10
This may not return what you want. Instead, you may with to do something
like this:
Model.limit(10).scoping { Model.all.size }
[Aaron Patterson]
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/databases/ruby-activerecord3/Makefile \
pkgsrc/databases/ruby-activerecord3/distinfo
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/databases/ruby-activerecord3/PLIST
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 13:00:50 UTC 2011
Modified Files:
pkgsrc/www/ruby-activeresource3: Makefile distinfo
Log Message:
Update ruby-activeresource3 package to 3.0.4.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 3.0.4 update.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/ruby-activeresource3/Makefile \
pkgsrc/www/ruby-activeresource3/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 13:01:46 UTC 2011
Modified Files:
pkgsrc/mail/ruby-actionmailer3: Makefile distinfo
Log Message:
Update ruby-actionmailer3 package to 3.0.4.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 3.0.4 update.
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/mail/ruby-actionmailer3/Makefile
cvs rdiff -u -r1.2 -r1.3 pkgsrc/mail/ruby-actionmailer3/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 13:04:29 UTC 2011
Modified Files:
pkgsrc/devel/ruby-railties: Makefile PLIST distinfo
Log Message:
Update ruby-railties package to 3.0.4.
* More strict dependency reflect gemspec's description.
Not documented but includes fix for security problem:
http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/devel/ruby-railties/Makefile \
pkgsrc/devel/ruby-railties/distinfo
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/devel/ruby-railties/PLIST
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 13:05:57 UTC 2011
Modified Files:
pkgsrc/www/ruby-rails3: Makefile distinfo
Log Message:
Update ruby-rails3 package to 3.0.4.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 3.0.4 update.
(This is meta gem.)
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/ruby-rails3/Makefile
cvs rdiff -u -r1.3 -r1.4 pkgsrc/www/ruby-rails3/distinfo
security update
Revisions pulled up:
- pkgsrc/databases/ruby-activerecord3/Makefile 1.3
- pkgsrc/databases/ruby-activerecord3/distinfo 1.3
- pkgsrc/databases/ruby-activerecord3/PLIST 1.2
- pkgsrc/databases/ruby-arel/Makefile 1.2
- pkgsrc/databases/ruby-arel/PLIST 1.2
- pkgsrc/databases/ruby-arel/distinfo 1.2
- pkgsrc/devel/ruby-activemodel/Makefile 1.3
- pkgsrc/devel/ruby-activemodel/distinfo 1.3
- pkgsrc/devel/ruby-activesupport3/Makefile 1.3
- pkgsrc/devel/ruby-activesupport3/distinfo 1.3
- pkgsrc/devel/ruby-railties/Makefile 1.3
- pkgsrc/devel/ruby-railties/distinfo 1.3
- pkgsrc/devel/ruby-railties/PLIST 1.2
- pkgsrc/mail/ruby-actionmailer3/Makefile 1.4
- pkgsrc/mail/ruby-actionmailer3/distinfo 1.3
- pkgsrc/www/ruby-actionpack3/Makefile 1.3
- pkgsrc/www/ruby-actionpack3/distinfo 1.3
- pkgsrc/www/ruby-activeresource3/Makefile 1.3
- pkgsrc/www/ruby-activeresource3/distinfo 1.3
- pkgsrc/www/ruby-rack-test/Makefile 1.2
- pkgsrc/www/ruby-rack-test/PLIST 1.2
- pkgsrc/www/ruby-rack-test/distinfo 1.2
- pkgsrc/www/ruby-rails3/Makefile 1.3
- pkgsrc/www/ruby-rails3/distinfo 1.4
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:54:35 UTC 2011
Modified Files:
pkgsrc/www/ruby-rack-test: Makefile PLIST distinfo
Log Message:
Update ruby-rack-test package to 0.5.7.
== 0.5.7 / 2011-01-01
* Bug fixes
* If no URI is present, include all cookies (Pratik Naik)
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/www/ruby-rack-test/Makefile \
pkgsrc/www/ruby-rack-test/PLIST pkgsrc/www/ruby-rack-test/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:55:29 UTC 2011
Modified Files:
pkgsrc/databases/ruby-arel: Makefile PLIST distinfo
Log Message:
Update ruby-arel package to 2.0.8.
== 2.0.8 / 2010/02/08
* Bug Fixes
* Added set operation support
* Fixed problems with *_any / *_all methods.
== 2.0.7 (unreleased)
* Bug Fixes
* Limit members are visited
* Fixing MSSQL TOP support
== 2.0.6 12/01/2010
* Bug Fixes
* Rails 3.0.x does not like that Node is Enumerable, so removing for now.
== 2.0.5 11/30/2010
* Enhancements
* Arel::Visitors::DepthFirst can walk your AST depth first
* Arel::Nodes::Node is enumerable, depth first
* Bug fixes
* #lock will lock SELECT statements "FOR UPDATE" on mysql
* Nodes::Node#not factory method added for creating Nodes::Not nodes
* Added an As node
* Deprecations
* Support for Subclasses of core classes will be removed in ARel version
2.2.0
== 2.0.4
* Bug fixes
* Speed improvements for Range queries. Thanks Rolf Timmermans!
== 2.0.3
* Bug fixes
* Fixing Oracle support
* Added a visitor for "Class" objects
== 2.0.2
* Bug fixes
* MySQL selects from DUAL on empty FROM
* Visitor translates nil to NULL
* Visitor translates Bignum properly
== 2.0.1
* Bug fixes
== 2.0.0 / 2010-08-01
* Enhancements
* Recreate library using the Visitor pattern.
http://en.wikipedia.org/wiki/Visitor_pattern
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/databases/ruby-arel/Makefile \
pkgsrc/databases/ruby-arel/PLIST pkgsrc/databases/ruby-arel/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:56:49 UTC 2011
Modified Files:
pkgsrc/devel/ruby-activesupport3: Makefile distinfo
Log Message:
Update ruby-activesupport3 package to 3.0.4.
* 3.0.4 updates version only for Ruby on Rails 3.0.4 update.
*Rails 3.0.3 (November 16, 2010)*
* No changes.
*Rails 3.0.2 (November 15, 2010)*
* Added before_remove_const callback to ActiveSupport::Dependencies.remove_unloadable_constants! [Andrew White]
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/devel/ruby-activesupport3/Makefile \
pkgsrc/devel/ruby-activesupport3/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:57:47 UTC 2011
Modified Files:
pkgsrc/devel/ruby-activemodel: Makefile distinfo
Log Message:
Update ruby-activemodel package to 3.0.4.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 3.0.4 update.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/devel/ruby-activemodel/Makefile \
pkgsrc/devel/ruby-activemodel/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:58:53 UTC 2011
Modified Files:
pkgsrc/www/ruby-actionpack3: Makefile distinfo
Log Message:
Update ruby-actionpack3 package to 3.0.4.
* More strict dependency reflect gemspec's description.
*Rails 3.0.3 (November 16, 2010)*
* When ActiveRecord::Base objects are sent to predicate methods, the id of
the object should be sent to ARel, not the ActiveRecord::Base object.
* :constraints routing should only do sanity checks against regular
expressions. String arguments are OK.
*Rails 3.0.2 (November 15, 2010)*
* The helper number_to_currency accepts a new :negative_format option to be
able to configure how to render negative amounts. [Don Wilson]
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/ruby-actionpack3/Makefile \
pkgsrc/www/ruby-actionpack3/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 13:00:07 UTC 2011
Modified Files:
pkgsrc/databases/ruby-activerecord3: Makefile PLIST distinfo
Log Message:
Update ruby-activerecord3 package to 3.0.4.
* More strict dependency reflect gemspec's description.
*Rails 3.0.4 (unreleased)*
* Added deprecation warning for has_and_belongs_to_many associations where the join table has
additional attributes other than the keys. Access to these attributes is removed in 3.1.
Please use has_many :through instead. [Jon Leighton]
*Rails 3.0.3 (November 16, 2010)*
* Support find by class like this: Post.where(:name => Post)
*Rails 3.0.2 (November 15, 2010)*
* Dramatic speed increase (see: http://engineering.attinteractive.com/2010/10/arel-two-point-ohhhhh-yaaaaaa/) [Aaron Patterson]
* reorder is deprecated in favor of except(:order).order(...) [Santiago Pastorino]
* except is now AR public API
Model.order('name').except(:order).order('salary')
generates:
SELECT * FROM models ORDER BY salary
[Santiago Pastorino]
* The following code:
Model.limit(10).scoping { Model.count }
now generates the following SQL:
SELECT COUNT(*) FROM models LIMIT 10
This may not return what you want. Instead, you may with to do something
like this:
Model.limit(10).scoping { Model.all.size }
[Aaron Patterson]
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/databases/ruby-activerecord3/Makefile \
pkgsrc/databases/ruby-activerecord3/distinfo
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/databases/ruby-activerecord3/PLIST
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 13:00:50 UTC 2011
Modified Files:
pkgsrc/www/ruby-activeresource3: Makefile distinfo
Log Message:
Update ruby-activeresource3 package to 3.0.4.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 3.0.4 update.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/ruby-activeresource3/Makefile \
pkgsrc/www/ruby-activeresource3/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 13:01:46 UTC 2011
Modified Files:
pkgsrc/mail/ruby-actionmailer3: Makefile distinfo
Log Message:
Update ruby-actionmailer3 package to 3.0.4.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 3.0.4 update.
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/mail/ruby-actionmailer3/Makefile
cvs rdiff -u -r1.2 -r1.3 pkgsrc/mail/ruby-actionmailer3/distinfo
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 13:04:29 UTC 2011
Modified Files:
pkgsrc/devel/ruby-railties: Makefile PLIST distinfo
Log Message:
Update ruby-railties package to 3.0.4.
* More strict dependency reflect gemspec's description.
Not documented but includes fix for security problem:
http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/devel/ruby-railties/Makefile \
pkgsrc/devel/ruby-railties/distinfo
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/devel/ruby-railties/PLIST
-----------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 13:05:57 UTC 2011
Modified Files:
pkgsrc/www/ruby-rails3: Makefile distinfo
Log Message:
Update ruby-rails3 package to 3.0.4.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 3.0.4 update.
(This is meta gem.)
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/ruby-rails3/Makefile
cvs rdiff -u -r1.3 -r1.4 pkgsrc/www/ruby-rails3/distinfo
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/databases/ruby-activerecord/Makefile@1.20.4.1
/
diff
pkgsrc/databases/ruby-activerecord/distinfo@1.20.4.1 / diff
pkgsrc/devel/ruby-activesupport/Makefile@1.23.4.1 / diff
pkgsrc/devel/ruby-activesupport/distinfo@1.20.4.1 / diff
pkgsrc/mail/ruby-actionmailer/Makefile@1.18.4.1 / diff
pkgsrc/mail/ruby-actionmailer/distinfo@1.19.4.1 / diff
pkgsrc/www/ruby-actionpack/Makefile@1.21.4.1 / diff
pkgsrc/www/ruby-actionpack/PLIST@1.20.4.1 / diff
pkgsrc/www/ruby-actionpack/distinfo@1.21.4.1 / diff
pkgsrc/www/ruby-activeresource/Makefile@1.10.4.1 / diff
pkgsrc/www/ruby-activeresource/distinfo@1.10.4.1 / diff
pkgsrc/www/ruby-rails/Makefile@1.1.1.1.2.1 / diff
pkgsrc/www/ruby-rails/distinfo@1.1.1.1.2.1 / diff
pkgsrc/www/ruby-rails/patches/patch-ad deleted
pkgsrc/databases/ruby-activerecord/distinfo@1.20.4.1 / diff
pkgsrc/devel/ruby-activesupport/Makefile@1.23.4.1 / diff
pkgsrc/devel/ruby-activesupport/distinfo@1.20.4.1 / diff
pkgsrc/mail/ruby-actionmailer/Makefile@1.18.4.1 / diff
pkgsrc/mail/ruby-actionmailer/distinfo@1.19.4.1 / diff
pkgsrc/www/ruby-actionpack/Makefile@1.21.4.1 / diff
pkgsrc/www/ruby-actionpack/PLIST@1.20.4.1 / diff
pkgsrc/www/ruby-actionpack/distinfo@1.21.4.1 / diff
pkgsrc/www/ruby-activeresource/Makefile@1.10.4.1 / diff
pkgsrc/www/ruby-activeresource/distinfo@1.10.4.1 / diff
pkgsrc/www/ruby-rails/Makefile@1.1.1.1.2.1 / diff
pkgsrc/www/ruby-rails/distinfo@1.1.1.1.2.1 / diff
pkgsrc/www/ruby-rails/patches/patch-ad deleted
Pullup ticket 3353 - requested by taca
security update
Revisions pulled up:
- pkgsrc/databases/ruby-activerecord/Makefile 1.21
- pkgsrc/databases/ruby-activerecord/distinfo 1.21
- pkgsrc/devel/ruby-activesupport/Makefile 1.24
- pkgsrc/devel/ruby-activesupport/distinfo 1.21
- pkgsrc/mail/ruby-actionmailer/Makefile 1.19
- pkgsrc/mail/ruby-actionmailer/distinfo 1.20
- pkgsrc/www/ruby-actionpack/Makefile 1.22
- pkgsrc/www/ruby-actionpack/distinfo 1.22
- pkgsrc/www/ruby-actionpack/PLIST 1.21
- pkgsrc/www/ruby-activeresource/Makefile 1.11
- pkgsrc/www/ruby-activeresource/distinfo 1.11
- pkgsrc/www/ruby-rails/Makefile 1.2
- pkgsrc/www/ruby-rails/distinfo 1.2
Files deleted:
pkgsrc/www/ruby-rails/patches/patch-ad
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:37:58 UTC 2011
Modified Files:
pkgsrc/devel/ruby-activesupport: Makefile distinfo
Log Message:
Update ruby-activesupport package to 2.3.11.
It is update of version only for Ruby on Rails 2.3.11 update.
To generate a diff of this commit:
cvs rdiff -u -r1.23 -r1.24 pkgsrc/devel/ruby-activesupport/Makefile
cvs rdiff -u -r1.20 -r1.21 pkgsrc/devel/ruby-activesupport/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:39:41 UTC 2011
Modified Files:
pkgsrc/databases/ruby-activerecord: Makefile distinfo
Log Message:
Update ruby-activerecord package to 2.3.11.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 2.3.11 update.
To generate a diff of this commit:
cvs rdiff -u -r1.20 -r1.21 pkgsrc/databases/ruby-activerecord/Makefile \
pkgsrc/databases/ruby-activerecord/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:40:52 UTC 2011
Modified Files:
pkgsrc/www/ruby-actionpack: Makefile PLIST distinfo
Log Message:
Update ruby-actionpack package to 2.3.11.
* More strict dependency reflect gemspec's description.
*2.3.11 (February 9, 2011)*
* Two security fixes. CVE-2011-0446, CVE-2011-0447
To generate a diff of this commit:
cvs rdiff -u -r1.21 -r1.22 pkgsrc/www/ruby-actionpack/Makefile \
pkgsrc/www/ruby-actionpack/distinfo
cvs rdiff -u -r1.20 -r1.21 pkgsrc/www/ruby-actionpack/PLIST
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:42:26 UTC 2011
Modified Files:
pkgsrc/mail/ruby-actionmailer: Makefile distinfo
Log Message:
Update ruby-actionmailer package to 2.3.11.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 2.3.11 update.
To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 pkgsrc/mail/ruby-actionmailer/Makefile
cvs rdiff -u -r1.19 -r1.20 pkgsrc/mail/ruby-actionmailer/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:43:09 UTC 2011
Modified Files:
pkgsrc/www/ruby-activeresource: Makefile distinfo
Log Message:
Update ruby-activeresource/ package to 2.3.11.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 2.3.11 update.
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 pkgsrc/www/ruby-activeresource/Makefile \
pkgsrc/www/ruby-activeresource/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:44:07 UTC 2011
Modified Files:
pkgsrc/www/ruby-rails: Makefile distinfo
Removed Files:
pkgsrc/www/ruby-rails/patches: patch-ad
Log Message:
Update ruby-rails package to 2.3.11.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 2.3.11 update.
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/www/ruby-rails/Makefile \
pkgsrc/www/ruby-rails/distinfo
cvs rdiff -u -r1.1.1.1 -r0 pkgsrc/www/ruby-rails/patches/patch-ad
security update
Revisions pulled up:
- pkgsrc/databases/ruby-activerecord/Makefile 1.21
- pkgsrc/databases/ruby-activerecord/distinfo 1.21
- pkgsrc/devel/ruby-activesupport/Makefile 1.24
- pkgsrc/devel/ruby-activesupport/distinfo 1.21
- pkgsrc/mail/ruby-actionmailer/Makefile 1.19
- pkgsrc/mail/ruby-actionmailer/distinfo 1.20
- pkgsrc/www/ruby-actionpack/Makefile 1.22
- pkgsrc/www/ruby-actionpack/distinfo 1.22
- pkgsrc/www/ruby-actionpack/PLIST 1.21
- pkgsrc/www/ruby-activeresource/Makefile 1.11
- pkgsrc/www/ruby-activeresource/distinfo 1.11
- pkgsrc/www/ruby-rails/Makefile 1.2
- pkgsrc/www/ruby-rails/distinfo 1.2
Files deleted:
pkgsrc/www/ruby-rails/patches/patch-ad
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:37:58 UTC 2011
Modified Files:
pkgsrc/devel/ruby-activesupport: Makefile distinfo
Log Message:
Update ruby-activesupport package to 2.3.11.
It is update of version only for Ruby on Rails 2.3.11 update.
To generate a diff of this commit:
cvs rdiff -u -r1.23 -r1.24 pkgsrc/devel/ruby-activesupport/Makefile
cvs rdiff -u -r1.20 -r1.21 pkgsrc/devel/ruby-activesupport/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:39:41 UTC 2011
Modified Files:
pkgsrc/databases/ruby-activerecord: Makefile distinfo
Log Message:
Update ruby-activerecord package to 2.3.11.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 2.3.11 update.
To generate a diff of this commit:
cvs rdiff -u -r1.20 -r1.21 pkgsrc/databases/ruby-activerecord/Makefile \
pkgsrc/databases/ruby-activerecord/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:40:52 UTC 2011
Modified Files:
pkgsrc/www/ruby-actionpack: Makefile PLIST distinfo
Log Message:
Update ruby-actionpack package to 2.3.11.
* More strict dependency reflect gemspec's description.
*2.3.11 (February 9, 2011)*
* Two security fixes. CVE-2011-0446, CVE-2011-0447
To generate a diff of this commit:
cvs rdiff -u -r1.21 -r1.22 pkgsrc/www/ruby-actionpack/Makefile \
pkgsrc/www/ruby-actionpack/distinfo
cvs rdiff -u -r1.20 -r1.21 pkgsrc/www/ruby-actionpack/PLIST
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:42:26 UTC 2011
Modified Files:
pkgsrc/mail/ruby-actionmailer: Makefile distinfo
Log Message:
Update ruby-actionmailer package to 2.3.11.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 2.3.11 update.
To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 pkgsrc/mail/ruby-actionmailer/Makefile
cvs rdiff -u -r1.19 -r1.20 pkgsrc/mail/ruby-actionmailer/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:43:09 UTC 2011
Modified Files:
pkgsrc/www/ruby-activeresource: Makefile distinfo
Log Message:
Update ruby-activeresource/ package to 2.3.11.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 2.3.11 update.
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 pkgsrc/www/ruby-activeresource/Makefile \
pkgsrc/www/ruby-activeresource/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:44:07 UTC 2011
Modified Files:
pkgsrc/www/ruby-rails: Makefile distinfo
Removed Files:
pkgsrc/www/ruby-rails/patches: patch-ad
Log Message:
Update ruby-rails package to 2.3.11.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 2.3.11 update.
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/www/ruby-rails/Makefile \
pkgsrc/www/ruby-rails/distinfo
cvs rdiff -u -r1.1.1.1 -r0 pkgsrc/www/ruby-rails/patches/patch-ad
pkgsrc-2010Q4 commitmail json YAML
pullup 3352
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/databases/phpmyadmin/Makefile@1.85.2.3
/
diff
pkgsrc/databases/phpmyadmin/distinfo@1.46.2.3 / diff
pkgsrc/databases/phpmyadmin/distinfo@1.46.2.3 / diff
Pullup ticket 3352 - requested by tron
security update
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.88
- pkgsrc/databases/phpmyadmin/distinfo 1.49
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sun Feb 13 16:11:11 UTC 2011
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 2.11.11.3.
This version fixes the script insertion reported in CVE-2011-0987.
To generate a diff of this commit:
cvs rdiff -u -r1.87 -r1.88 pkgsrc/databases/phpmyadmin/Makefile
cvs rdiff -u -r1.48 -r1.49 pkgsrc/databases/phpmyadmin/distinfo
security update
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.88
- pkgsrc/databases/phpmyadmin/distinfo 1.49
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sun Feb 13 16:11:11 UTC 2011
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 2.11.11.3.
This version fixes the script insertion reported in CVE-2011-0987.
To generate a diff of this commit:
cvs rdiff -u -r1.87 -r1.88 pkgsrc/databases/phpmyadmin/Makefile
cvs rdiff -u -r1.48 -r1.49 pkgsrc/databases/phpmyadmin/distinfo
pkgsrc-2010Q4 commitmail json YAML
pullups 3344 and 3345
file syntax fixes
file syntax fixes
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/lang/ruby19-base/Makefile@1.5.2.1
/
diff
pkgsrc/lang/ruby19-base/distinfo@1.2.2.1 / diff
pkgsrc/lang/ruby19-base/patches/patch-as@1.1.1.1.4.1 / diff
pkgsrc/lang/ruby19-base/distinfo@1.2.2.1 / diff
pkgsrc/lang/ruby19-base/patches/patch-as@1.1.1.1.4.1 / diff
Pullup ticket 3345 - requested by taca
portability fix
Revisions pulled up:
- pkgsrc/lang/ruby19-base/Makefile 1.6
- pkgsrc/lang/ruby19-base/distinfo 1.3
- pkgsrc/lang/ruby19-base/patches/patch-as 1.2
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 7 11:15:29 UTC 2011
Modified Files:
pkgsrc/lang/ruby19-base: Makefile distinfo
pkgsrc/lang/ruby19-base/patches: patch-as
Log Message:
Add a patch from FreeBSD's port and it fixes runtime problem
on DragonFly, too. The patch was provided by Rumko via private mail.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 pkgsrc/lang/ruby19-base/Makefile
cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/ruby19-base/distinfo
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/lang/ruby19-base/patches/patch-as
portability fix
Revisions pulled up:
- pkgsrc/lang/ruby19-base/Makefile 1.6
- pkgsrc/lang/ruby19-base/distinfo 1.3
- pkgsrc/lang/ruby19-base/patches/patch-as 1.2
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 7 11:15:29 UTC 2011
Modified Files:
pkgsrc/lang/ruby19-base: Makefile distinfo
pkgsrc/lang/ruby19-base/patches: patch-as
Log Message:
Add a patch from FreeBSD's port and it fixes runtime problem
on DragonFly, too. The patch was provided by Rumko via private mail.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 pkgsrc/lang/ruby19-base/Makefile
cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/ruby19-base/distinfo
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/lang/ruby19-base/patches/patch-as
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket 3344 - requested by taca
portability fix
Revisions pulled up:
- pkgsrc/lang/ruby/rubyversion.mk 1.57
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Tue Feb 1 22:32:38 UTC 2011
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
Log Message:
Apply patch provided by obache@, fixing build problem on Solaris.
Should be fix PR pkg/44480.
To generate a diff of this commit:
cvs rdiff -u -r1.55 -r1.56 pkgsrc/lang/ruby/rubyversion.mk
----------------------------------------------------------------------
Module Name: pkgsrc
Committed By: obache
Date: Wed Feb 2 08:47:01 UTC 2011
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
Log Message:
fixes shlib alias name for Solaris. PR#44480.
RUBY_API_TEENY must be used instead of _RUBY_VER_TEENY for shlib name.
To generate a diff of this commit:
cvs rdiff -u -r1.56 -r1.57 pkgsrc/lang/ruby/rubyversion.mk
portability fix
Revisions pulled up:
- pkgsrc/lang/ruby/rubyversion.mk 1.57
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Tue Feb 1 22:32:38 UTC 2011
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
Log Message:
Apply patch provided by obache@, fixing build problem on Solaris.
Should be fix PR pkg/44480.
To generate a diff of this commit:
cvs rdiff -u -r1.55 -r1.56 pkgsrc/lang/ruby/rubyversion.mk
----------------------------------------------------------------------
Module Name: pkgsrc
Committed By: obache
Date: Wed Feb 2 08:47:01 UTC 2011
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
Log Message:
fixes shlib alias name for Solaris. PR#44480.
RUBY_API_TEENY must be used instead of _RUBY_VER_TEENY for shlib name.
To generate a diff of this commit:
cvs rdiff -u -r1.56 -r1.57 pkgsrc/lang/ruby/rubyversion.mk
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket's 3343, 3347, 3348, 3349, 3350 and 3351
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3348 - requested by rumko
lang/php53 with suhosin build fix
Revisions pulled up:
- pkgsrc/lang/php53/Makefile.php
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: rumko
Date: Sun Jan 30 17:58:06 UTC 2011
Modified Files:
pkgsrc/lang/php53: Makefile.php distinfo
Log Message:
lang/php53: add the missing suhosin patch
5.3.5 was released due to a critical issue and the previous suhosin
patch still applies. Prior art of this can be seen in OpenBSD's and
FreeBSD's ports.
ok@ wiz
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/php53/Makefile.php
cvs rdiff -u -r1.10 -r1.11 pkgsrc/lang/php53/distinfo
lang/php53 with suhosin build fix
Revisions pulled up:
- pkgsrc/lang/php53/Makefile.php
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: rumko
Date: Sun Jan 30 17:58:06 UTC 2011
Modified Files:
pkgsrc/lang/php53: Makefile.php distinfo
Log Message:
lang/php53: add the missing suhosin patch
5.3.5 was released due to a critical issue and the previous suhosin
patch still applies. Prior art of this can be seen in OpenBSD's and
FreeBSD's ports.
ok@ wiz
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/php53/Makefile.php
cvs rdiff -u -r1.10 -r1.11 pkgsrc/lang/php53/distinfo
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/net/wireshark/Makefile@1.56.2.2
/
diff
pkgsrc/net/wireshark/distinfo@1.38.2.2 / diff
pkgsrc/net/wireshark/patches/patch-af@1.1.2.2 / diff
pkgsrc/net/wireshark/patches/patch-ag@1.1.2.2 / diff
pkgsrc/net/wireshark/distinfo@1.38.2.2 / diff
pkgsrc/net/wireshark/patches/patch-af@1.1.2.2 / diff
pkgsrc/net/wireshark/patches/patch-ag@1.1.2.2 / diff
Pullup ticket #3351 - requested by drochner
wireshark security patches
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.59
- pkgsrc/net/wireshark/distinfo 1.41
- pkgsrc/net/wireshark/patches/patch-af 1.1
- pkgsrc/net/wireshark/patches/patch-ag 1.1
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Thu Feb 10 11:00:57 UTC 2011
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Added Files:
pkgsrc/net/wireshark/patches: patch-af patch-ag
Log Message:
add two patches from upstream:
-fix possible free() of an uninitialized pointer when reading a
malformed pcap-ng file (CVE-2011-0538)
-add length check in pcap-ng reader
bump PKGREV
wireshark security patches
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.59
- pkgsrc/net/wireshark/distinfo 1.41
- pkgsrc/net/wireshark/patches/patch-af 1.1
- pkgsrc/net/wireshark/patches/patch-ag 1.1
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Thu Feb 10 11:00:57 UTC 2011
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Added Files:
pkgsrc/net/wireshark/patches: patch-af patch-ag
Log Message:
add two patches from upstream:
-fix possible free() of an uninitialized pointer when reading a
malformed pcap-ng file (CVE-2011-0538)
-add length check in pcap-ng reader
bump PKGREV
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/databases/phpmyadmin/Makefile@1.85.2.2
/
diff
pkgsrc/databases/phpmyadmin/distinfo@1.46.2.2 / diff
pkgsrc/databases/phpmyadmin/distinfo@1.46.2.2 / diff
Pullup ticket #3350 - requested by tron
Security update for "phpmyadmin" package
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.87
- pkgsrc/databases/phpmyadmin/distinfo 1.48
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu Feb 10 16:48:09 UTC 2011
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 2.11.11.2.
This version fixes the information leak reported in PMASA-2011-1.
Security update for "phpmyadmin" package
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.87
- pkgsrc/databases/phpmyadmin/distinfo 1.48
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu Feb 10 16:48:09 UTC 2011
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 2.11.11.2.
This version fixes the information leak reported in PMASA-2011-1.
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3349 - requested by morr
www/wordpress update
Revisions pulled up:
- pkgsrc/www/wordpress/Makefile 1.15
- pkgsrc/www/wordpress/distinfo 1.11
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: morr
Date: Thu Feb 10 10:25:50 UTC 2011
Modified Files:
pkgsrc/www/wordpress: Makefile distinfo
Log Message:
Security update to 3.0.5. Changes:
* Fix XSS bug: Properly encode title used in Quick/Bulk Edit, and offer
additional sanitization to various fields. Affects users of the
Author or Contributor role.
* Fix XSS bug: Preserve tag escaping in the tags meta box. Affects
users of the Author or Contributor role.
* Fix potential information disclosure of posts through the media
uploader. Affects users of the Author role.
* Enhancement: Force HTML filtering on comment text in the admin
* Enhancement: Harden check_admin_referer() when called without
arguments, which plugins should avoid.
* Update the license to GPLv2 (or later) and update copyright
information for the KSES library.
www/wordpress update
Revisions pulled up:
- pkgsrc/www/wordpress/Makefile 1.15
- pkgsrc/www/wordpress/distinfo 1.11
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: morr
Date: Thu Feb 10 10:25:50 UTC 2011
Modified Files:
pkgsrc/www/wordpress: Makefile distinfo
Log Message:
Security update to 3.0.5. Changes:
* Fix XSS bug: Properly encode title used in Quick/Bulk Edit, and offer
additional sanitization to various fields. Affects users of the
Author or Contributor role.
* Fix XSS bug: Preserve tag escaping in the tags meta box. Affects
users of the Author or Contributor role.
* Fix potential information disclosure of posts through the media
uploader. Affects users of the Author role.
* Enhancement: Force HTML filtering on comment text in the admin
* Enhancement: Harden check_admin_referer() when called without
arguments, which plugins should avoid.
* Update the license to GPLv2 (or later) and update copyright
information for the KSES library.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/security/openssl/Makefile@1.153.2.1
/
diff
pkgsrc/security/openssl/distinfo@1.79.2.1 / diff
pkgsrc/security/openssl/patches/patch-ssl_t1__lib.c@1.1.2.2 / diff
pkgsrc/security/openssl/distinfo@1.79.2.1 / diff
pkgsrc/security/openssl/patches/patch-ssl_t1__lib.c@1.1.2.2 / diff
Pullup ticket #3347 - requested by taca
security/openssl security fix
Revisions pulled up:
- pkgsrc/security/openssl/Makefile 1.154
- pkgsrc/security/openssl/distinfo 1.80
- pkgsrc/security/openssl/patches/patch-ssl_t1__lib.c 1.1
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 00:15:30 UTC 2011
Modified Files:
pkgsrc/security/openssl: Makefile distinfo
Added Files:
pkgsrc/security/openssl/patches: patch-ssl_t1__lib.c
Log Message:
Add fix for security issue CVE-2011-0014.
Bump PKGREVISION.
security/openssl security fix
Revisions pulled up:
- pkgsrc/security/openssl/Makefile 1.154
- pkgsrc/security/openssl/distinfo 1.80
- pkgsrc/security/openssl/patches/patch-ssl_t1__lib.c 1.1
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 00:15:30 UTC 2011
Modified Files:
pkgsrc/security/openssl: Makefile distinfo
Added Files:
pkgsrc/security/openssl/patches: patch-ssl_t1__lib.c
Log Message:
Add fix for security issue CVE-2011-0014.
Bump PKGREVISION.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/mail/ruby-mail/Makefile@1.2.4.1
/
diff
pkgsrc/mail/ruby-mail/PLIST@1.2.4.1 / diff
pkgsrc/mail/ruby-mail/distinfo@1.2.4.1 / diff
pkgsrc/mail/ruby-mail/PLIST@1.2.4.1 / diff
pkgsrc/mail/ruby-mail/distinfo@1.2.4.1 / diff
Pullup ticket #3343 - requested by taca
mail/ruby-mail security fix
Revisions pulled up:
- pkgsrc/mail/ruby-mail/Makefile 1.3
- pkgsrc/mail/ruby-mail/PLIST 1.3
- pkgsrc/mail/ruby-mail/distinfo 1.3
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Fri Jan 28 13:23:20 UTC 2011
Modified Files:
pkgsrc/mail/ruby-mail: Makefile PLIST distinfo
Log Message:
Update ruby-mail package to 2.2.15.
== Wed 26 Jan 2011 02:23:09 UTC Mikel Lindsaar <mikel@rubyx.com>
* Update addresses passed into sendmail to escape them (Andy Lindeman)
* Version bump to 2.2.15 and gem release
mail/ruby-mail security fix
Revisions pulled up:
- pkgsrc/mail/ruby-mail/Makefile 1.3
- pkgsrc/mail/ruby-mail/PLIST 1.3
- pkgsrc/mail/ruby-mail/distinfo 1.3
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Fri Jan 28 13:23:20 UTC 2011
Modified Files:
pkgsrc/mail/ruby-mail: Makefile PLIST distinfo
Log Message:
Update ruby-mail package to 2.2.15.
== Wed 26 Jan 2011 02:23:09 UTC Mikel Lindsaar <mikel@rubyx.com>
* Update addresses passed into sendmail to escape them (Andy Lindeman)
* Version bump to 2.2.15 and gem release
pkgsrc-2010Q4 commitmail json YAML
pullup 3340
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/mail/dovecot2/Makefile@1.5.2.1
/
diff
pkgsrc/mail/dovecot2/distinfo@1.5.2.1 / diff
pkgsrc/mail/dovecot2/patches/patch-ad@1.3.2.2 / diff
pkgsrc/mail/dovecot2/distinfo@1.5.2.1 / diff
pkgsrc/mail/dovecot2/patches/patch-ad@1.3.2.2 / diff
Pullup ticket 3340 - requested by tron
functionality fix
Revisions pulled up:
- pkgsrc/mail/dovecot2/Makefile 1.7
- pkgsrc/mail/dovecot2/distinfo 1.7
Files added:
pkgsrc/mail/dovecot2/patches/patch-ad
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Feb 2 22:19:25 UTC 2011
Modified Files:
pkgsrc/mail/dovecot2: Makefile distinfo
Added Files:
pkgsrc/mail/dovecot2/patches: patch-ad
Log Message:
Add fix by Timo Sirainen from the Dovecot Mercury repository to fix
a hang when trying to COPY to a non existent mailbox via IMAP.
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 pkgsrc/mail/dovecot2/Makefile \
pkgsrc/mail/dovecot2/distinfo
cvs rdiff -u -r0 -r1.3 pkgsrc/mail/dovecot2/patches/patch-ad
functionality fix
Revisions pulled up:
- pkgsrc/mail/dovecot2/Makefile 1.7
- pkgsrc/mail/dovecot2/distinfo 1.7
Files added:
pkgsrc/mail/dovecot2/patches/patch-ad
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Feb 2 22:19:25 UTC 2011
Modified Files:
pkgsrc/mail/dovecot2: Makefile distinfo
Added Files:
pkgsrc/mail/dovecot2/patches: patch-ad
Log Message:
Add fix by Timo Sirainen from the Dovecot Mercury repository to fix
a hang when trying to COPY to a non existent mailbox via IMAP.
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 pkgsrc/mail/dovecot2/Makefile \
pkgsrc/mail/dovecot2/distinfo
cvs rdiff -u -r0 -r1.3 pkgsrc/mail/dovecot2/patches/patch-ad
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3338 - requested by tron
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/databases/phpmyadmin/Makefile@1.85.2.1
/
diff
pkgsrc/databases/phpmyadmin/PLIST@1.21.14.1 / diff
pkgsrc/databases/phpmyadmin/distinfo@1.46.2.1 / diff
pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-1@1.1.2.2 / diff
pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-2@1.1.2.2 / diff
pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-3@1.1.2.2 / diff
pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4481@1.1.2.2 / diff
pkgsrc/databases/phpmyadmin/PLIST@1.21.14.1 / diff
pkgsrc/databases/phpmyadmin/distinfo@1.46.2.1 / diff
pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-1@1.1.2.2 / diff
pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-2@1.1.2.2 / diff
pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-3@1.1.2.2 / diff
pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4481@1.1.2.2 / diff
Pullup ticket #3338 - requested by tron
Security patch for "phpmyadmin" package
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.86
- pkgsrc/databases/phpmyadmin/PLIST 1.22
- pkgsrc/databases/phpmyadmin/distinfo 1.47
- pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-1 1.1
- pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-2 1.1
- pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-3 1.1
- pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4481 1.1
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu Jan 27 13:45:56 UTC 2011
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile PLIST distinfo
Added Files:
pkgsrc/databases/phpmyadmin/patches: patch-CVE-2010-4480-1
patch-CVE-2010-4480-2 patch-CVE-2010-4480-3 patch-CVE-2010-4481
Log Message:
Add fixes for the security vulnerabilities reported in CVE-2010-4480 and
CVE-2010-4481 taken from the phpMyAdmin GIT repository.
Thanks a lot to Tim Zingelman for pointing out that the fixes had
finally been made available.
To generate a diff of this commit:
cvs rdiff -u -r1.85 -r1.86 pkgsrc/databases/phpmyadmin/Makefile
cvs rdiff -u -r1.21 -r1.22 pkgsrc/databases/phpmyadmin/PLIST
cvs rdiff -u -r1.46 -r1.47 pkgsrc/databases/phpmyadmin/distinfo
cvs rdiff -u -r0 -r1.1 \
pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-1 \
pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-2 \
pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-3 \
pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4481
Security patch for "phpmyadmin" package
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.86
- pkgsrc/databases/phpmyadmin/PLIST 1.22
- pkgsrc/databases/phpmyadmin/distinfo 1.47
- pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-1 1.1
- pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-2 1.1
- pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-3 1.1
- pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4481 1.1
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu Jan 27 13:45:56 UTC 2011
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile PLIST distinfo
Added Files:
pkgsrc/databases/phpmyadmin/patches: patch-CVE-2010-4480-1
patch-CVE-2010-4480-2 patch-CVE-2010-4480-3 patch-CVE-2010-4481
Log Message:
Add fixes for the security vulnerabilities reported in CVE-2010-4480 and
CVE-2010-4481 taken from the phpMyAdmin GIT repository.
Thanks a lot to Tim Zingelman for pointing out that the fixes had
finally been made available.
To generate a diff of this commit:
cvs rdiff -u -r1.85 -r1.86 pkgsrc/databases/phpmyadmin/Makefile
cvs rdiff -u -r1.21 -r1.22 pkgsrc/databases/phpmyadmin/PLIST
cvs rdiff -u -r1.46 -r1.47 pkgsrc/databases/phpmyadmin/distinfo
cvs rdiff -u -r0 -r1.1 \
pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-1 \
pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-2 \
pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4480-3 \
pkgsrc/databases/phpmyadmin/patches/patch-CVE-2010-4481
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/databases/py-sqlite2/Makefile@1.21.4.2
/
diff
pkgsrc/databases/py-sqlite2/PLIST@1.8.4.2 / diff
pkgsrc/databases/py-sqlite2/PLIST@1.8.4.2 / diff
revert accidental commit to release branch
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/databases/py-sqlite2/Makefile@1.21.4.1
/
diff
pkgsrc/databases/py-sqlite2/PLIST@1.8.4.1 / diff
pkgsrc/databases/py-sqlite2/PLIST@1.8.4.1 / diff
Use distutils.mk instead of extension.mk, and add egg file to PLIST.
(distutils.mk includes extension; this change simply adds the egg
metadata file that other python programs expect to find.)
(distutils.mk includes extension; this change simply adds the egg
metadata file that other python programs expect to find.)
pkgsrc-2010Q4 commitmail json YAML
Pullup tickets #3336.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/comms/asterisk18/Makefile@1.2.2.1
/
diff
pkgsrc/comms/asterisk18/distinfo@1.4.2.1 / diff
pkgsrc/comms/asterisk18/patches/patch-aq@1.1.1.1.2.1 / diff
pkgsrc/comms/asterisk18/distinfo@1.4.2.1 / diff
pkgsrc/comms/asterisk18/patches/patch-aq@1.1.1.1.2.1 / diff
Pullup ticket #3336 - requested by gls
comms/asterisk18: security update
Revisions pulled up:
- comms/asterisk18/Makefile 1.3-1.4
- comms/asterisk18/distinfo 1.5-1.6
- comms/asterisk18/patches/patch-aq 1.2
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Sun Jan 16 17:52:43 UTC 2011
Modified Files:
pkgsrc/comms/asterisk18: Makefile distinfo
pkgsrc/comms/asterisk18/patches: patch-aq
Log Message:
Update to 1.8.2:
The release of Asterisk 1.8.2 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* 'sip notify clear-mwi' needs terminating CRLF.
(Closes issue #18275. Reported, patched by klaus3000)
* Patch for deadlock from ordering issue between channel/queue locks in
app_queue (set_queue_variables).
(Closes issue #18031. Reported by rain. Patched by bbryant)
* Fix cache of device state changes for multiple servers.
(Closes issue #18284, #18280. Reported, tested by klaus3000. Patched,
tested
by russellb)
* Resolve issue where channel redirect function (CLI or AMI) hangs up
the call
instead of redirecting the call.
(Closes issue #18171. Reported by: SantaFox)
(Closes issue #18185. Reported by: kwemheuer)
(Closes issue #18211. Reported by: zahir_koradia)
(Closes issue #18230. Reported by: vmarrone)
(Closes issue #18299. Reported by: mbrevda)
(Closes issue #18322. Reported by: nerbos)
* Fix reloading of peer when a user is requested. Prevent peer reloading
from
causing multiple MWI subscriptions to be created when using realtime.
(Closes issue #18342. Reported, patched by nivek.)
* Fix XMPP PubSub-based distributed device state. Initialize pubsubflags
to 0
so res_jabber doesn't think there is already an XMPP connection sending
device state. Also clean up CLI commands a bit.
(Closes issue #18272. Reported by klaus3000. Patched by Marquis42)
* Don't crash after Set(CDR(userfield)=...) in ast_bridge_call. Instead of
setting peer->cdr = NULL, set it to not post.
(Closes issue #18415. Reported by macbrody. Patched, tested by jsolares)
* Fixes issue with outbound google voice calls not working. Thanks to az1234
and nevermind_quack for their input in helping debug the issue.
(Closes issue #18412. Reported by nevermind_quack. Patched by dvossel)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.2
---
odule Name: pkgsrc
Committed By: jnemeth
Date: Fri Jan 21 07:00:44 UTC 2011
Modified Files:
pkgsrc/comms/asterisk18: Makefile distinfo
Log Message:
Update to 1.8.2.2
This is to fix AST-2011-001: Stack buffer overflow in SIP channel driver
Asterisk Project Security Advisory - AST-2011-001
Product Asterisk
Summary Stack buffer overflow in SIP channel driver
Nature of Advisory Exploitable Stack Buffer Overflow
Susceptibility Remote Authenticated Sessions
Severity Moderate
Exploits Known No
Reported On January 11, 2011
Reported By Matthew Nicholson
Posted On January 18, 2011
Last Updated On January 18, 2011
Advisory Contact Matthew Nicholson <mnicholson at digium.com>
CVE Name
Description When forming an outgoing SIP request while in pedantic
mode, a
stack buffer can be made to overflow if supplied with
carefully crafted caller ID information. This vulnerability
also affects the URIENCODE dialplan function and in some
versions of asterisk, the AGI dialplan application as well..
The ast_uri_encode function does not properly respect the
size
of its output buffer and can write past the end of it when
encoding URIs.
For full details, see:
http://downloads.digium.com/pub/security/AST-2011-001.html
comms/asterisk18: security update
Revisions pulled up:
- comms/asterisk18/Makefile 1.3-1.4
- comms/asterisk18/distinfo 1.5-1.6
- comms/asterisk18/patches/patch-aq 1.2
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Sun Jan 16 17:52:43 UTC 2011
Modified Files:
pkgsrc/comms/asterisk18: Makefile distinfo
pkgsrc/comms/asterisk18/patches: patch-aq
Log Message:
Update to 1.8.2:
The release of Asterisk 1.8.2 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* 'sip notify clear-mwi' needs terminating CRLF.
(Closes issue #18275. Reported, patched by klaus3000)
* Patch for deadlock from ordering issue between channel/queue locks in
app_queue (set_queue_variables).
(Closes issue #18031. Reported by rain. Patched by bbryant)
* Fix cache of device state changes for multiple servers.
(Closes issue #18284, #18280. Reported, tested by klaus3000. Patched,
tested
by russellb)
* Resolve issue where channel redirect function (CLI or AMI) hangs up
the call
instead of redirecting the call.
(Closes issue #18171. Reported by: SantaFox)
(Closes issue #18185. Reported by: kwemheuer)
(Closes issue #18211. Reported by: zahir_koradia)
(Closes issue #18230. Reported by: vmarrone)
(Closes issue #18299. Reported by: mbrevda)
(Closes issue #18322. Reported by: nerbos)
* Fix reloading of peer when a user is requested. Prevent peer reloading
from
causing multiple MWI subscriptions to be created when using realtime.
(Closes issue #18342. Reported, patched by nivek.)
* Fix XMPP PubSub-based distributed device state. Initialize pubsubflags
to 0
so res_jabber doesn't think there is already an XMPP connection sending
device state. Also clean up CLI commands a bit.
(Closes issue #18272. Reported by klaus3000. Patched by Marquis42)
* Don't crash after Set(CDR(userfield)=...) in ast_bridge_call. Instead of
setting peer->cdr = NULL, set it to not post.
(Closes issue #18415. Reported by macbrody. Patched, tested by jsolares)
* Fixes issue with outbound google voice calls not working. Thanks to az1234
and nevermind_quack for their input in helping debug the issue.
(Closes issue #18412. Reported by nevermind_quack. Patched by dvossel)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.2
---
odule Name: pkgsrc
Committed By: jnemeth
Date: Fri Jan 21 07:00:44 UTC 2011
Modified Files:
pkgsrc/comms/asterisk18: Makefile distinfo
Log Message:
Update to 1.8.2.2
This is to fix AST-2011-001: Stack buffer overflow in SIP channel driver
Asterisk Project Security Advisory - AST-2011-001
Product Asterisk
Summary Stack buffer overflow in SIP channel driver
Nature of Advisory Exploitable Stack Buffer Overflow
Susceptibility Remote Authenticated Sessions
Severity Moderate
Exploits Known No
Reported On January 11, 2011
Reported By Matthew Nicholson
Posted On January 18, 2011
Last Updated On January 18, 2011
Advisory Contact Matthew Nicholson <mnicholson at digium.com>
CVE Name
Description When forming an outgoing SIP request while in pedantic
mode, a
stack buffer can be made to overflow if supplied with
carefully crafted caller ID information. This vulnerability
also affects the URIENCODE dialplan function and in some
versions of asterisk, the AGI dialplan application as well..
The ast_uri_encode function does not properly respect the
size
of its output buffer and can write past the end of it when
encoding URIs.
For full details, see:
http://downloads.digium.com/pub/security/AST-2011-001.html
pkgsrc-2010Q4 commitmail json YAML
Pullup tickets #3334 and #3335.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/comms/asterisk16/Makefile@1.27.2.1
/
diff
pkgsrc/comms/asterisk16/distinfo@1.18.2.1 / diff
pkgsrc/comms/asterisk16/patches/patch-aq@1.9.2.1 / diff
pkgsrc/comms/asterisk16/distinfo@1.18.2.1 / diff
pkgsrc/comms/asterisk16/patches/patch-aq@1.9.2.1 / diff
Pullup ticket #3335 - requested by gls
comms/asterisk16: security update
Revisions pulled up:
- comms/asterisk16/Makefile 1.28-1.29
- comms/asterisk16/distinfo 1.19-1.20
- comms/asterisk16/patches/patch-aq 1.10
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Sun Jan 16 06:30:57 UTC 2011
Modified Files:
pkgsrc/comms/asterisk16: Makefile distinfo
pkgsrc/comms/asterisk16/patches: patch-aq
Log Message:
Update to 1.6.2.16:
The release of Asterisk 1.6.2.16 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* Fix cache of device state changes for multiple servers.
(Closes issue #18284, #18280. Reported, tested by klaus3000. Patched,
tested
by russellb)
* Resolve issue where channel redirect function (CLI or AMI) hangs up
the call
instead of redirecting the call.
(Closes issue #18171. Reported by: SantaFox)
(Closes issue #18185. Reported by: kwemheuer)
(Closes issue #18211. Reported by: zahir_koradia)
(Closes issue #18230. Reported by: vmarrone)
(Closes issue #18299. Reported by: mbrevda)
(Closes issue #18322. Reported by: nerbos)
* Linux and *BSD disagree on the elements within the ucred structure. Detect
which one is in use on the system.
(Closes issue #18384. Reported, patched, tested by bjm, tilghman)
* app_followme: Don't create a Local channel if the target extension
does not
exist.
(Closes issue #18126. Reported, patched by junky)
* Revert code that changed SSRC for DTMF.
(Closes issue #17404, #18189, #18352. Reported by sdolloff, marcbou.
rsw686.
Tested by cmbaker82)
* Resolve issue where REGISTER request with a Call-ID matching an existing
transaction is received it was possible that the REGISTER request would
overwrite the initreq of the private structure.
(Closes issue #18051. Reported by eeman. Patched, tested by twilson)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.16
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Fri Jan 21 05:13:12 UTC 2011
Modified Files:
pkgsrc/comms/asterisk16: Makefile distinfo
Log Message:
Update to 1.6.2.16.1
This is to fix AST-2011-001: Stack buffer overflow in SIP channel driver
Asterisk Project Security Advisory - AST-2011-001
Product Asterisk
Summary Stack buffer overflow in SIP channel driver
Nature of Advisory Exploitable Stack Buffer Overflow
Susceptibility Remote Authenticated Sessions
Severity Moderate
Exploits Known No
Reported On January 11, 2011
Reported By Matthew Nicholson
Posted On January 18, 2011
Last Updated On January 18, 2011
Advisory Contact Matthew Nicholson <mnicholson at digium.com>
CVE Name
Description When forming an outgoing SIP request while in pedantic
mode, a
stack buffer can be made to overflow if supplied with
carefully crafted caller ID information. This vulnerability
also affects the URIENCODE dialplan function and in some
versions of asterisk, the AGI dialplan application as well..
The ast_uri_encode function does not properly respect the
size
of its output buffer and can write past the end of it when
encoding URIs.
For full details, see:
http://downloads.digium.com/pub/security/AST-2011-001.html
comms/asterisk16: security update
Revisions pulled up:
- comms/asterisk16/Makefile 1.28-1.29
- comms/asterisk16/distinfo 1.19-1.20
- comms/asterisk16/patches/patch-aq 1.10
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Sun Jan 16 06:30:57 UTC 2011
Modified Files:
pkgsrc/comms/asterisk16: Makefile distinfo
pkgsrc/comms/asterisk16/patches: patch-aq
Log Message:
Update to 1.6.2.16:
The release of Asterisk 1.6.2.16 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* Fix cache of device state changes for multiple servers.
(Closes issue #18284, #18280. Reported, tested by klaus3000. Patched,
tested
by russellb)
* Resolve issue where channel redirect function (CLI or AMI) hangs up
the call
instead of redirecting the call.
(Closes issue #18171. Reported by: SantaFox)
(Closes issue #18185. Reported by: kwemheuer)
(Closes issue #18211. Reported by: zahir_koradia)
(Closes issue #18230. Reported by: vmarrone)
(Closes issue #18299. Reported by: mbrevda)
(Closes issue #18322. Reported by: nerbos)
* Linux and *BSD disagree on the elements within the ucred structure. Detect
which one is in use on the system.
(Closes issue #18384. Reported, patched, tested by bjm, tilghman)
* app_followme: Don't create a Local channel if the target extension
does not
exist.
(Closes issue #18126. Reported, patched by junky)
* Revert code that changed SSRC for DTMF.
(Closes issue #17404, #18189, #18352. Reported by sdolloff, marcbou.
rsw686.
Tested by cmbaker82)
* Resolve issue where REGISTER request with a Call-ID matching an existing
transaction is received it was possible that the REGISTER request would
overwrite the initreq of the private structure.
(Closes issue #18051. Reported by eeman. Patched, tested by twilson)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.16
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Fri Jan 21 05:13:12 UTC 2011
Modified Files:
pkgsrc/comms/asterisk16: Makefile distinfo
Log Message:
Update to 1.6.2.16.1
This is to fix AST-2011-001: Stack buffer overflow in SIP channel driver
Asterisk Project Security Advisory - AST-2011-001
Product Asterisk
Summary Stack buffer overflow in SIP channel driver
Nature of Advisory Exploitable Stack Buffer Overflow
Susceptibility Remote Authenticated Sessions
Severity Moderate
Exploits Known No
Reported On January 11, 2011
Reported By Matthew Nicholson
Posted On January 18, 2011
Last Updated On January 18, 2011
Advisory Contact Matthew Nicholson <mnicholson at digium.com>
CVE Name
Description When forming an outgoing SIP request while in pedantic
mode, a
stack buffer can be made to overflow if supplied with
carefully crafted caller ID information. This vulnerability
also affects the URIENCODE dialplan function and in some
versions of asterisk, the AGI dialplan application as well..
The ast_uri_encode function does not properly respect the
size
of its output buffer and can write past the end of it when
encoding URIs.
For full details, see:
http://downloads.digium.com/pub/security/AST-2011-001.html
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/inputmethod/ibus-table-chinese/distinfo@1.3.2.1
/
diff
pkgsrc/inputmethod/ibus-table-chinese/patches/patch-ad@1.1.2.2 / diff
pkgsrc/inputmethod/ibus-table-chinese/patches/patch-ad@1.1.2.2 / diff
Pullup ticket #3334 - requested by obache
inputmethod/ibus-table-chinese: build fix
Revisions pulled up:
- inputmethod/ibus-table-chinese/distinfo 1.4
- inputmethod/ibus-table-chinese/patches/patch-ad 1.1
---
Module Name: pkgsrc
Committed By: obache
Date: Mon Jan 24 08:40:39 UTC 2011
Modified Files:
pkgsrc/inputmethod/ibus-table-chinese: distinfo
Added Files:
pkgsrc/inputmethod/ibus-table-chinese/patches: patch-ad
Log Message:
"-m" option for grep is not portable.
inputmethod/ibus-table-chinese: build fix
Revisions pulled up:
- inputmethod/ibus-table-chinese/distinfo 1.4
- inputmethod/ibus-table-chinese/patches/patch-ad 1.1
---
Module Name: pkgsrc
Committed By: obache
Date: Mon Jan 24 08:40:39 UTC 2011
Modified Files:
pkgsrc/inputmethod/ibus-table-chinese: distinfo
Added Files:
pkgsrc/inputmethod/ibus-table-chinese/patches: patch-ad
Log Message:
"-m" option for grep is not portable.
pkgsrc-2010Q4 commitmail json YAML
Pullup tickets #3332 and #3333.
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3333 - requested by obache
inputmethod/ibus-input-pad: build fix
Revisions pulled up:
- inputmethod/ibus-input-pad/Makefile 1.7
---
Module Name: pkgsrc
Committed By: obache
Date: Sat Jan 22 05:28:24 UTC 2011
Modified Files:
pkgsrc/inputmethod/ibus-input-pad: Makefile
Log Message:
configure require msgfmt xgettext and msgmerge.
inputmethod/ibus-input-pad: build fix
Revisions pulled up:
- inputmethod/ibus-input-pad/Makefile 1.7
---
Module Name: pkgsrc
Committed By: obache
Date: Sat Jan 22 05:28:24 UTC 2011
Modified Files:
pkgsrc/inputmethod/ibus-input-pad: Makefile
Log Message:
configure require msgfmt xgettext and msgmerge.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/pkgtools/pkgin/Makefile@1.5.6.1
/
diff
pkgsrc/pkgtools/pkgin/distinfo@1.4.6.1 / diff
pkgsrc/pkgtools/pkgin/patches/patch-aa deleted
pkgsrc/pkgtools/pkgin/distinfo@1.4.6.1 / diff
pkgsrc/pkgtools/pkgin/patches/patch-aa deleted
Pullup ticket #3332 - requested by imil
pkgtools/pkgin: bug fix update
Revisions pulled up:
- pkgtools/pkgin/Makefile 1.6-1.8
- pkgtools/pkgin/distinfo 1.5-1.7
- pkgtools/pkgin/patches/patch-aa delete
---
Module Name: pkgsrc
Committed By: imil
Date: Sun Jan 16 22:47:56 UTC 2011
Modified Files:
pkgsrc/pkgtools/pkgin: Makefile distinfo
Log Message:
pkgin 0.3.3.2
Fixed a nasty bug in handling dependencies like php>=5.2.17<5.3
Included is@ patch upstream for Solaris build
---
Module Name: pkgsrc
Committed By: imil
Date: Sun Jan 16 22:52:53 UTC 2011
Removed Files:
pkgsrc/pkgtools/pkgin/patches: patch-aa
Log Message:
Removed patches, now upstream.
---
Module Name: pkgsrc
Committed By: imil
Date: Wed Jan 19 12:10:11 UTC 2011
Modified Files:
pkgsrc/pkgtools/pkgin: Makefile distinfo
Log Message:
pkgin 0.3.3.3, hopefully the last 0.3 release
- Double dewey match fixed, i.e. foo>=1.2.3<3.0
- Duplicate entries for remove and upgrade fixed
- "Missing package in repository" case handled
---
Module Name: pkgsrc
Committed By: imil
Date: Thu Jan 20 18:14:09 UTC 2011
Modified Files:
pkgsrc/pkgtools/pkgin: Makefile distinfo
Log Message:
pkgin 0.3.3.4, never say "this is the last release"
Fixed a non-critical bug: some packages were marked
for upgrade more than once.
pkgtools/pkgin: bug fix update
Revisions pulled up:
- pkgtools/pkgin/Makefile 1.6-1.8
- pkgtools/pkgin/distinfo 1.5-1.7
- pkgtools/pkgin/patches/patch-aa delete
---
Module Name: pkgsrc
Committed By: imil
Date: Sun Jan 16 22:47:56 UTC 2011
Modified Files:
pkgsrc/pkgtools/pkgin: Makefile distinfo
Log Message:
pkgin 0.3.3.2
Fixed a nasty bug in handling dependencies like php>=5.2.17<5.3
Included is@ patch upstream for Solaris build
---
Module Name: pkgsrc
Committed By: imil
Date: Sun Jan 16 22:52:53 UTC 2011
Removed Files:
pkgsrc/pkgtools/pkgin/patches: patch-aa
Log Message:
Removed patches, now upstream.
---
Module Name: pkgsrc
Committed By: imil
Date: Wed Jan 19 12:10:11 UTC 2011
Modified Files:
pkgsrc/pkgtools/pkgin: Makefile distinfo
Log Message:
pkgin 0.3.3.3, hopefully the last 0.3 release
- Double dewey match fixed, i.e. foo>=1.2.3<3.0
- Duplicate entries for remove and upgrade fixed
- "Missing package in repository" case handled
---
Module Name: pkgsrc
Committed By: imil
Date: Thu Jan 20 18:14:09 UTC 2011
Modified Files:
pkgsrc/pkgtools/pkgin: Makefile distinfo
Log Message:
pkgin 0.3.3.4, never say "this is the last release"
Fixed a non-critical bug: some packages were marked
for upgrade more than once.
pkgsrc-2010Q4 commitmail json YAML
Pullup tickets #3329 to #3331.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/converters/p5-Convert-UUlib/Makefile@1.26.4.1
/
diff
pkgsrc/converters/p5-Convert-UUlib/distinfo@1.11.10.1 / diff
pkgsrc/converters/p5-Convert-UUlib/distinfo@1.11.10.1 / diff
Pullup ticket #3331 - requested by gls
converters/p5-Convert-UUlib: security update
Revisions pulled up:
- converters/p5-Convert-UUlib/Makefile 1.27
- converters/p5-Convert-UUlib/distinfo 1.12
---
Module Name: pkgsrc
Committed By: gls
Date: Fri Jan 21 22:31:19 UTC 2011
Modified Files:
pkgsrc/converters/p5-Convert-UUlib: Makefile distinfo
Log Message:
1.34 Tue Dec 14 22:20:00 CET 2010
- fix a one-byte-past-end-write buffer overflow in UURepairData
(reported, analysed and testcase provided by Marco Walther).
- quoted-printable decoding was completely broken, try a fix.
converters/p5-Convert-UUlib: security update
Revisions pulled up:
- converters/p5-Convert-UUlib/Makefile 1.27
- converters/p5-Convert-UUlib/distinfo 1.12
---
Module Name: pkgsrc
Committed By: gls
Date: Fri Jan 21 22:31:19 UTC 2011
Modified Files:
pkgsrc/converters/p5-Convert-UUlib: Makefile distinfo
Log Message:
1.34 Tue Dec 14 22:20:00 CET 2010
- fix a one-byte-past-end-write buffer overflow in UURepairData
(reported, analysed and testcase provided by Marco Walther).
- quoted-printable decoding was completely broken, try a fix.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/mail/exim-html/Makefile@1.18.2.1
/
diff
pkgsrc/mail/exim-html/PLIST@1.11.2.1 / diff
pkgsrc/mail/exim-html/distinfo@1.13.2.1 / diff
pkgsrc/mail/exim-html/PLIST@1.11.2.1 / diff
pkgsrc/mail/exim-html/distinfo@1.13.2.1 / diff
Pullup ticket #3329 - requested by gls
mail/exim-html: security update
Revisions pulled up:
- mail/exim-html/Makefile 1.19
- mail/exim-html/PLIST 1.12
- mail/exim-html/distinfo 1.14
---
Module Name: pkgsrc
Committed By: adam
Date: Wed Jan 12 07:52:45 UTC 2011
Modified Files:
pkgsrc/mail/exim: Makefile distinfo
pkgsrc/mail/exim/patches: patch-aa
Added Files:
pkgsrc/mail/exim/patches: patch-ba patch-bb patch-bc patch-bd
Log Message:
Changes 4.73:
* Date: & Message-Id: revert to normally being appended to a message,
only prepend for the Resent-* case. Fixes regression introduced in
Exim 4.70 by NM/22 for Bugzilla 607.
* Include check_rfc2047_length in configure.default because we're seeing
increasing numbers of administrators be bitten by this.
* Added DISABLE_DKIM and comment to src/EDITME
* Bugzilla 994: added openssl_options main configuration option.
* Bugzilla 995: provide better SSL diagnostics on failed reads.
* Bugzilla 834: provide a permit_coredump option for pipe transports.
* Adjust NTLM authentication to handle SASL Initial Response.
* If TLS negotiated an anonymous cipher, we could end up with SSL but
without a peer certificate, leading to a segfault because of an
assumption that peers always have certificates. Be a little more
paranoid.
* Bugzilla 926: switch ClamAV to use the new zINSTREAM API for content
filtering; old API available if built with WITH_OLD_CLAMAV_STREAM=yes
NB: ClamAV planning to remove STREAM in "middle of 2010".
CL also introduces -bmalware, various -d+acl logging additions and
more caution in buffer sizes.
* Implemented reverse_ip expansion operator.
* Bugzilla 937: provide a "debug" ACL control.
* Bugzilla 922: Documentation dusting, patch provided by John Horne.
* Bugzilla 973: Implement --version.
* Bugzilla 752: Refuse to build/run if Exim user is root/0.
* Build without WITH_CONTENT_SCAN. Path from Andreas Metzler.
* Bugzilla 816: support multiple condition rules on Routers.
* Add bool_lax{} expansion operator and use that for combining multiple
condition rules, instead of bool{}. Make both bool{} and bool_lax{}
ignore trailing whitespace.
* prevent non-panic DKIM error from being sent to paniclog
* added tcp_wrappers_daemon_name to allow host entries other than
"exim" to be used
* Fix malware regression for cmdline scanner introduced in PP/08.
Notification from Dr Andrew Aitchison.
* Change ClamAV response parsing to be more robust and to handle ClamAV's
ExtendedDetectionInfo response format.
* OpenSSL 1.0.0a compatibility const-ness change, should be backwards
compatible.
mail/exim-html: security update
Revisions pulled up:
- mail/exim-html/Makefile 1.19
- mail/exim-html/PLIST 1.12
- mail/exim-html/distinfo 1.14
---
Module Name: pkgsrc
Committed By: adam
Date: Wed Jan 12 07:52:45 UTC 2011
Modified Files:
pkgsrc/mail/exim: Makefile distinfo
pkgsrc/mail/exim/patches: patch-aa
Added Files:
pkgsrc/mail/exim/patches: patch-ba patch-bb patch-bc patch-bd
Log Message:
Changes 4.73:
* Date: & Message-Id: revert to normally being appended to a message,
only prepend for the Resent-* case. Fixes regression introduced in
Exim 4.70 by NM/22 for Bugzilla 607.
* Include check_rfc2047_length in configure.default because we're seeing
increasing numbers of administrators be bitten by this.
* Added DISABLE_DKIM and comment to src/EDITME
* Bugzilla 994: added openssl_options main configuration option.
* Bugzilla 995: provide better SSL diagnostics on failed reads.
* Bugzilla 834: provide a permit_coredump option for pipe transports.
* Adjust NTLM authentication to handle SASL Initial Response.
* If TLS negotiated an anonymous cipher, we could end up with SSL but
without a peer certificate, leading to a segfault because of an
assumption that peers always have certificates. Be a little more
paranoid.
* Bugzilla 926: switch ClamAV to use the new zINSTREAM API for content
filtering; old API available if built with WITH_OLD_CLAMAV_STREAM=yes
NB: ClamAV planning to remove STREAM in "middle of 2010".
CL also introduces -bmalware, various -d+acl logging additions and
more caution in buffer sizes.
* Implemented reverse_ip expansion operator.
* Bugzilla 937: provide a "debug" ACL control.
* Bugzilla 922: Documentation dusting, patch provided by John Horne.
* Bugzilla 973: Implement --version.
* Bugzilla 752: Refuse to build/run if Exim user is root/0.
* Build without WITH_CONTENT_SCAN. Path from Andreas Metzler.
* Bugzilla 816: support multiple condition rules on Routers.
* Add bool_lax{} expansion operator and use that for combining multiple
condition rules, instead of bool{}. Make both bool{} and bool_lax{}
ignore trailing whitespace.
* prevent non-panic DKIM error from being sent to paniclog
* added tcp_wrappers_daemon_name to allow host entries other than
"exim" to be used
* Fix malware regression for cmdline scanner introduced in PP/08.
Notification from Dr Andrew Aitchison.
* Change ClamAV response parsing to be more robust and to handle ClamAV's
ExtendedDetectionInfo response format.
* OpenSSL 1.0.0a compatibility const-ness change, should be backwards
compatible.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/mail/exim/Makefile@1.103.2.1
/
diff
pkgsrc/mail/exim/distinfo@1.46.2.1 / diff
pkgsrc/mail/exim/patches/patch-aa@1.20.10.1 / diff
pkgsrc/mail/exim/patches/patch-ba@1.1.2.2 / diff
pkgsrc/mail/exim/patches/patch-bb@1.1.2.2 / diff
pkgsrc/mail/exim/patches/patch-bc@1.1.2.2 / diff
pkgsrc/mail/exim/patches/patch-bd@1.1.2.2 / diff
pkgsrc/mail/exim/distinfo@1.46.2.1 / diff
pkgsrc/mail/exim/patches/patch-aa@1.20.10.1 / diff
pkgsrc/mail/exim/patches/patch-ba@1.1.2.2 / diff
pkgsrc/mail/exim/patches/patch-bb@1.1.2.2 / diff
pkgsrc/mail/exim/patches/patch-bc@1.1.2.2 / diff
pkgsrc/mail/exim/patches/patch-bd@1.1.2.2 / diff
Pullup ticket #3330 - requested by gls
mail/exim: security update
Revisions pulled up:
- mail/exim/Makefile 1.104
- mail/exim/distinfo 1.47
- mail/exim/patches/patch-aa 1.21
- mail/exim/patches/patch-ba 1.1
- mail/exim/patches/patch-bb 1.1
- mail/exim/patches/patch-bc 1.1
- mail/exim/patches/patch-bd 1.1
---
Module Name: pkgsrc
Committed By: adam
Date: Wed Jan 12 07:52:45 UTC 2011
Modified Files:
pkgsrc/mail/exim: Makefile distinfo
pkgsrc/mail/exim/patches: patch-aa
Added Files:
pkgsrc/mail/exim/patches: patch-ba patch-bb patch-bc patch-bd
Log Message:
Changes 4.73:
* Date: & Message-Id: revert to normally being appended to a message,
only prepend for the Resent-* case. Fixes regression introduced in
Exim 4.70 by NM/22 for Bugzilla 607.
* Include check_rfc2047_length in configure.default because we're seeing
increasing numbers of administrators be bitten by this.
* Added DISABLE_DKIM and comment to src/EDITME
* Bugzilla 994: added openssl_options main configuration option.
* Bugzilla 995: provide better SSL diagnostics on failed reads.
* Bugzilla 834: provide a permit_coredump option for pipe transports.
* Adjust NTLM authentication to handle SASL Initial Response.
* If TLS negotiated an anonymous cipher, we could end up with SSL but
without a peer certificate, leading to a segfault because of an
assumption that peers always have certificates. Be a little more
paranoid.
* Bugzilla 926: switch ClamAV to use the new zINSTREAM API for content
filtering; old API available if built with WITH_OLD_CLAMAV_STREAM=yes
NB: ClamAV planning to remove STREAM in "middle of 2010".
CL also introduces -bmalware, various -d+acl logging additions and
more caution in buffer sizes.
* Implemented reverse_ip expansion operator.
* Bugzilla 937: provide a "debug" ACL control.
* Bugzilla 922: Documentation dusting, patch provided by John Horne.
* Bugzilla 973: Implement --version.
* Bugzilla 752: Refuse to build/run if Exim user is root/0.
* Build without WITH_CONTENT_SCAN. Path from Andreas Metzler.
* Bugzilla 816: support multiple condition rules on Routers.
* Add bool_lax{} expansion operator and use that for combining multiple
condition rules, instead of bool{}. Make both bool{} and bool_lax{}
ignore trailing whitespace.
* prevent non-panic DKIM error from being sent to paniclog
* added tcp_wrappers_daemon_name to allow host entries other than
"exim" to be used
* Fix malware regression for cmdline scanner introduced in PP/08.
Notification from Dr Andrew Aitchison.
* Change ClamAV response parsing to be more robust and to handle ClamAV's
ExtendedDetectionInfo response format.
* OpenSSL 1.0.0a compatibility const-ness change, should be backwards
compatible.
mail/exim: security update
Revisions pulled up:
- mail/exim/Makefile 1.104
- mail/exim/distinfo 1.47
- mail/exim/patches/patch-aa 1.21
- mail/exim/patches/patch-ba 1.1
- mail/exim/patches/patch-bb 1.1
- mail/exim/patches/patch-bc 1.1
- mail/exim/patches/patch-bd 1.1
---
Module Name: pkgsrc
Committed By: adam
Date: Wed Jan 12 07:52:45 UTC 2011
Modified Files:
pkgsrc/mail/exim: Makefile distinfo
pkgsrc/mail/exim/patches: patch-aa
Added Files:
pkgsrc/mail/exim/patches: patch-ba patch-bb patch-bc patch-bd
Log Message:
Changes 4.73:
* Date: & Message-Id: revert to normally being appended to a message,
only prepend for the Resent-* case. Fixes regression introduced in
Exim 4.70 by NM/22 for Bugzilla 607.
* Include check_rfc2047_length in configure.default because we're seeing
increasing numbers of administrators be bitten by this.
* Added DISABLE_DKIM and comment to src/EDITME
* Bugzilla 994: added openssl_options main configuration option.
* Bugzilla 995: provide better SSL diagnostics on failed reads.
* Bugzilla 834: provide a permit_coredump option for pipe transports.
* Adjust NTLM authentication to handle SASL Initial Response.
* If TLS negotiated an anonymous cipher, we could end up with SSL but
without a peer certificate, leading to a segfault because of an
assumption that peers always have certificates. Be a little more
paranoid.
* Bugzilla 926: switch ClamAV to use the new zINSTREAM API for content
filtering; old API available if built with WITH_OLD_CLAMAV_STREAM=yes
NB: ClamAV planning to remove STREAM in "middle of 2010".
CL also introduces -bmalware, various -d+acl logging additions and
more caution in buffer sizes.
* Implemented reverse_ip expansion operator.
* Bugzilla 937: provide a "debug" ACL control.
* Bugzilla 922: Documentation dusting, patch provided by John Horne.
* Bugzilla 973: Implement --version.
* Bugzilla 752: Refuse to build/run if Exim user is root/0.
* Build without WITH_CONTENT_SCAN. Path from Andreas Metzler.
* Bugzilla 816: support multiple condition rules on Routers.
* Add bool_lax{} expansion operator and use that for combining multiple
condition rules, instead of bool{}. Make both bool{} and bool_lax{}
ignore trailing whitespace.
* prevent non-panic DKIM error from being sent to paniclog
* added tcp_wrappers_daemon_name to allow host entries other than
"exim" to be used
* Fix malware regression for cmdline scanner introduced in PP/08.
Notification from Dr Andrew Aitchison.
* Change ClamAV response parsing to be more robust and to handle ClamAV's
ExtendedDetectionInfo response format.
* OpenSSL 1.0.0a compatibility const-ness change, should be backwards
compatible.
pkgsrc-2010Q4 commitmail json YAML
Pullup tickets 3327 and 3328
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3328 - requested by drochner
tor security update
Revisions pulled up:
- pkgsrc/net/tor/Makefile 1.77
- pkgsrc/net/tor/distinfo 1.47
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Mon Jan 17 14:06:54 UTC 2011
Modified Files:
pkgsrc/net/tor: Makefile distinfo
Log Message:
update to 0.2.1.29
changes:
-Fix a heap overflow (probably allows remote code execution)
(CVE-2011-0427)
-Prevent a denial-of-service attack by disallowing any
zlib-compressed data whose compression factor is implausibly
high
-Zero out a few more keys in memory before freeing them
-bugfixes
-Update to the January 1 2011 Maxmind GeoLite Country db
-Introduce output size checks on all of our decryption functions
tor security update
Revisions pulled up:
- pkgsrc/net/tor/Makefile 1.77
- pkgsrc/net/tor/distinfo 1.47
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Mon Jan 17 14:06:54 UTC 2011
Modified Files:
pkgsrc/net/tor: Makefile distinfo
Log Message:
update to 0.2.1.29
changes:
-Fix a heap overflow (probably allows remote code execution)
(CVE-2011-0427)
-Prevent a denial-of-service attack by disallowing any
zlib-compressed data whose compression factor is implausibly
high
-Zero out a few more keys in memory before freeing them
-bugfixes
-Update to the January 1 2011 Maxmind GeoLite Country db
-Introduce output size checks on all of our decryption functions
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3327 - requested by markd
Fix previous commit to Linux.bsd.man.mk
Revisions pulled up:
- pkgsrc/pkgtools/bootstrap-mk-files/files/mods/Linux.bsd.man.mk 1.9
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: ghen
Date: Mon Jan 17 15:12:46 UTC 2011
Modified Files:
pkgsrc/pkgtools/bootstrap-mk-files/files/mods:
Linux.bsd.man.mk
Log Message:
Fix it correctly for Arch Linux.
Fix previous commit to Linux.bsd.man.mk
Revisions pulled up:
- pkgsrc/pkgtools/bootstrap-mk-files/files/mods/Linux.bsd.man.mk 1.9
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: ghen
Date: Mon Jan 17 15:12:46 UTC 2011
Modified Files:
pkgsrc/pkgtools/bootstrap-mk-files/files/mods:
Linux.bsd.man.mk
Log Message:
Fix it correctly for Arch Linux.
pkgsrc-2010Q4 commitmail json YAML
Revert commit on release branch.
pkgsrc-2010Q4 commitmail json YAML
Fix HOMEPAGE per Thomas Mueller's report on pkgsrc-users.
pkgsrc-2010Q4 commitmail json YAML
pullup 3326
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/archivers/star/distinfo@1.10.4.1
/
diff
pkgsrc/archivers/star/patches/patch-ae@1.1.2.2 / diff
pkgsrc/archivers/star/patches/patch-af@1.1.2.2 / diff
pkgsrc/archivers/star/patches/patch-ae@1.1.2.2 / diff
pkgsrc/archivers/star/patches/patch-af@1.1.2.2 / diff
Pullup ticket 3326 - requested by tron
build fix
Revisions pulled up:
- pkgsrc/archivers/star/distinfo 1.11
Files added:
pkgsrc/archivers/star/patches/patch-ae
pkgsrc/archivers/star/patches/patch-af
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Jan 15 17:46:02 UTC 2011
Modified Files:
pkgsrc/archivers/star: distinfo
Added Files:
pkgsrc/archivers/star/patches: patch-ae patch-af
Log Message:
Fix build under NetBSD-currenty removing unused custom function "getline"
which conflicts with getline(3).
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 pkgsrc/archivers/star/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/archivers/star/patches/patch-ae \
pkgsrc/archivers/star/patches/patch-af
build fix
Revisions pulled up:
- pkgsrc/archivers/star/distinfo 1.11
Files added:
pkgsrc/archivers/star/patches/patch-ae
pkgsrc/archivers/star/patches/patch-af
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Jan 15 17:46:02 UTC 2011
Modified Files:
pkgsrc/archivers/star: distinfo
Added Files:
pkgsrc/archivers/star/patches: patch-ae patch-af
Log Message:
Fix build under NetBSD-currenty removing unused custom function "getline"
which conflicts with getline(3).
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 pkgsrc/archivers/star/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/archivers/star/patches/patch-ae \
pkgsrc/archivers/star/patches/patch-af
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3324.
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3324 - requested by obache
archivers/star: build fix
Revision pulled up:
- archivers/star/Makefile 1.24
---
Module Name: pkgsrc
Committed By: obache
Date: Thu Jan 13 08:56:19 UTC 2011
Modified Files:
pkgsrc/archivers/star: Makefile
Log Message:
Honor PKGMANDIR, per PR#44380.
archivers/star: build fix
Revision pulled up:
- archivers/star/Makefile 1.24
---
Module Name: pkgsrc
Committed By: obache
Date: Thu Jan 13 08:56:19 UTC 2011
Modified Files:
pkgsrc/archivers/star: Makefile
Log Message:
Honor PKGMANDIR, per PR#44380.
pkgsrc-2010Q4 commitmail json YAML
pullup 3325
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket 3325 - requested by taca
security update
Revisions pulled up:
- pkgsrc/security/sudo/Makefile 1.127
- pkgsrc/security/sudo/distinfo 1.67
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Jan 13 12:22:40 UTC 2011
Modified Files:
pkgsrc/security/sudo: Makefile distinfo
Log Message:
Update sudo package to 1.7.4p5.
What's new in Sudo 1.7.4p5?
* A bug has been fixed that would allow a command to be run without the
user entering a password when sudo's -g flag is used without the -u flag.
* If user has no supplementary groups, sudo will now fall back on checking
the group file explicitly, which restores historic sudo behavior.
* A crash has been fixed when sudo's -g flag is used without the -u flag
and the sudoers file contains an entry with no runas user or group listed.
* A bug has been fixed in the I/O logging support that could cause
visual artifacts in full-screen programs such as text editors,.
* A crash has been fixed when the Solaris project support is enabled
and sudo's -g flag is used without the -u flag.
* Sudo no longer exits with an error when support for auditing is
compiled in but auditing is not enabled.
* Fixed a bug introduced in sudo 1.7.3 where the ticket file was not
being honored when the "targetpw" sudoers Defaults option was enabled.
* The LOG_INPUT and LOG_OUTPUT tags in sudoers are now parsed correctly.
* A crash has been fixed in "sudo -l" when sudo is built with auditing
support and the user is not allowed to run any commands on the host.
To generate a diff of this commit:
cvs rdiff -u -r1.126 -r1.127 pkgsrc/security/sudo/Makefile
cvs rdiff -u -r1.66 -r1.67 pkgsrc/security/sudo/distinfo
security update
Revisions pulled up:
- pkgsrc/security/sudo/Makefile 1.127
- pkgsrc/security/sudo/distinfo 1.67
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Jan 13 12:22:40 UTC 2011
Modified Files:
pkgsrc/security/sudo: Makefile distinfo
Log Message:
Update sudo package to 1.7.4p5.
What's new in Sudo 1.7.4p5?
* A bug has been fixed that would allow a command to be run without the
user entering a password when sudo's -g flag is used without the -u flag.
* If user has no supplementary groups, sudo will now fall back on checking
the group file explicitly, which restores historic sudo behavior.
* A crash has been fixed when sudo's -g flag is used without the -u flag
and the sudoers file contains an entry with no runas user or group listed.
* A bug has been fixed in the I/O logging support that could cause
visual artifacts in full-screen programs such as text editors,.
* A crash has been fixed when the Solaris project support is enabled
and sudo's -g flag is used without the -u flag.
* Sudo no longer exits with an error when support for auditing is
compiled in but auditing is not enabled.
* Fixed a bug introduced in sudo 1.7.3 where the ticket file was not
being honored when the "targetpw" sudoers Defaults option was enabled.
* The LOG_INPUT and LOG_OUTPUT tags in sudoers are now parsed correctly.
* A crash has been fixed in "sudo -l" when sudo is built with auditing
support and the user is not allowed to run any commands on the host.
To generate a diff of this commit:
cvs rdiff -u -r1.126 -r1.127 pkgsrc/security/sudo/Makefile
cvs rdiff -u -r1.66 -r1.67 pkgsrc/security/sudo/distinfo
pkgsrc-2010Q4 commitmail json YAML
combine the removed packages and the EOL package - the net effect is that
the postgresql82 package has been removed from pkgsrc. Note the reason for
removal (EOL) when we mention it.
the postgresql82 package has been removed from pkgsrc. Note the reason for
removal (EOL) when we mention it.
pkgsrc-2010Q4 commitmail json YAML
compress the vertical space taken by the pkgsrc platforms section
pkgsrc-2010Q4 commitmail json YAML
include older postgresql versions too, and get the name of the postgresql-9.0
package correct
package correct
pkgsrc-2010Q4 commitmail json YAML
get the package directories correct for the mysql client and server packages
pkgsrc-2010Q4 commitmail json YAML
Fill in packages which were removed, a selection of new packages, and a note
sayiong there were no infrastructure changes.
sayiong there were no infrastructure changes.
pkgsrc-2010Q4 commitmail json YAML
Add a list of platforms supported by pkgsrc
pkgsrc-2010Q4 commitmail json YAML
add headline versions of packages in the branch
pkgsrc-2010Q4 commitmail json YAML
add and populate EOL packages section
note scope of secteam work
note scope of secteam work
pkgsrc-2010Q4 commitmail json YAML
I'm not exactly active for pkgsrc-security, so take my name from the list.
pkgsrc-2010Q4 commitmail json YAML
add some easily looked up values
pkgsrc-2010Q4 commitmail json YAML
Add a file containing summary information (to be filled in) relating to the
pkgsrc-2010Q4 branch.
pkgsrc-2010Q4 branch.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/graphics/goocanvasmm/Makefile@1.10.2.1
/
diff
pkgsrc/graphics/goocanvasmm/distinfo@1.4.4.1 / diff
pkgsrc/graphics/goocanvasmm/patches/patch-aa@1.1.2.2 / diff
pkgsrc/graphics/goocanvasmm/patches/patch-ab@1.1.2.2 / diff
pkgsrc/graphics/goocanvasmm/patches/patch-ac@1.1.2.2 / diff
pkgsrc/graphics/goocanvasmm/patches/patch-ad@1.1.2.2 / diff
pkgsrc/graphics/goocanvasmm/distinfo@1.4.4.1 / diff
pkgsrc/graphics/goocanvasmm/patches/patch-aa@1.1.2.2 / diff
pkgsrc/graphics/goocanvasmm/patches/patch-ab@1.1.2.2 / diff
pkgsrc/graphics/goocanvasmm/patches/patch-ac@1.1.2.2 / diff
pkgsrc/graphics/goocanvasmm/patches/patch-ad@1.1.2.2 / diff
Pullup ticket #3321 - requested by obache
graphics/goocanvasmm: build fix
Revisions pulled up:
- graphics/goocanvasmm/Makefile 1.11
- graphics/goocanvasmm/distinfo 1.5
- graphics/goocanvasmm/patches/patch-aa 1.1
- graphics/goocanvasmm/patches/patch-ab 1.1
- graphics/goocanvasmm/patches/patch-ac 1.1
- graphics/goocanvasmm/patches/patch-ad 1.1
---
Module Name: pkgsrc
Committed By: obache
Date: Wed Jan 12 11:57:27 UTC 2011
Modified Files:
pkgsrc/graphics/goocanvasmm: Makefile distinfo
Added Files:
pkgsrc/graphics/goocanvasmm/patches: patch-aa patch-ab patch-ac
patch-ad
Log Message:
Fix the build with the latest cairomm.
* goocanvas/src/enums.[hg|ccg]: Remove the (unused) Value<Cairo::Pattern>
specialization. Pattern should always (and is always) used via RefPtr
anyway.
http://git.gnome.org/browse/goocanvasmm/commit/?h=goocanvasmm-1.0&id=30edcb72c89c0f97d11d9f88c6da82f6ae78d4bf
Installed header file is changed, so bump PKGREVISION.
graphics/goocanvasmm: build fix
Revisions pulled up:
- graphics/goocanvasmm/Makefile 1.11
- graphics/goocanvasmm/distinfo 1.5
- graphics/goocanvasmm/patches/patch-aa 1.1
- graphics/goocanvasmm/patches/patch-ab 1.1
- graphics/goocanvasmm/patches/patch-ac 1.1
- graphics/goocanvasmm/patches/patch-ad 1.1
---
Module Name: pkgsrc
Committed By: obache
Date: Wed Jan 12 11:57:27 UTC 2011
Modified Files:
pkgsrc/graphics/goocanvasmm: Makefile distinfo
Added Files:
pkgsrc/graphics/goocanvasmm/patches: patch-aa patch-ab patch-ac
patch-ad
Log Message:
Fix the build with the latest cairomm.
* goocanvas/src/enums.[hg|ccg]: Remove the (unused) Value<Cairo::Pattern>
specialization. Pattern should always (and is always) used via RefPtr
anyway.
http://git.gnome.org/browse/goocanvasmm/commit/?h=goocanvasmm-1.0&id=30edcb72c89c0f97d11d9f88c6da82f6ae78d4bf
Installed header file is changed, so bump PKGREVISION.
pkgsrc-2010Q4 commitmail json YAML
Pullup tickets #3321 and #3323.
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/sysutils/xentools3/Makefile@1.22.4.1
/
diff
pkgsrc/sysutils/xentools3/PLIST@1.3.14.1 / diff
pkgsrc/sysutils/xentools3/files/vif-bridge-nbsd@1.1.1.1.34.1 / diff
pkgsrc/sysutils/xentools3/files/vif-ip-nbsd@1.1.1.1.34.1 / diff
pkgsrc/sysutils/xentools3/files/xen-subr-nbsd@1.1.2.2 / diff
pkgsrc/sysutils/xentools33/Makefile@1.22.2.1 / diff
pkgsrc/sysutils/xentools33/PLIST@1.9.12.1 / diff
pkgsrc/sysutils/xentools33/files/vif-bridge-nbsd@1.1.1.1.22.1 / diff
pkgsrc/sysutils/xentools33/files/vif-ip-nbsd@1.1.1.1.22.1 / diff
pkgsrc/sysutils/xentools33/files/xen-subr-nbsd@1.1.2.2 / diff
pkgsrc/sysutils/xentools3/PLIST@1.3.14.1 / diff
pkgsrc/sysutils/xentools3/files/vif-bridge-nbsd@1.1.1.1.34.1 / diff
pkgsrc/sysutils/xentools3/files/vif-ip-nbsd@1.1.1.1.34.1 / diff
pkgsrc/sysutils/xentools3/files/xen-subr-nbsd@1.1.2.2 / diff
pkgsrc/sysutils/xentools33/Makefile@1.22.2.1 / diff
pkgsrc/sysutils/xentools33/PLIST@1.9.12.1 / diff
pkgsrc/sysutils/xentools33/files/vif-bridge-nbsd@1.1.1.1.22.1 / diff
pkgsrc/sysutils/xentools33/files/vif-ip-nbsd@1.1.1.1.22.1 / diff
pkgsrc/sysutils/xentools33/files/xen-subr-nbsd@1.1.2.2 / diff
Pullup ticket #3323 - requested by jym
sysutils/xentools3: improve NetBSD support
sysutils/xentools33: improve NetBSD support
Revisions pulled up:
- sysutils/xentools3/Makefile 1.23
- sysutils/xentools3/PLIST 1.4
- sysutils/xentools3/files/vif-bridge-nbsd 1.2
- sysutils/xentools3/files/vif-ip-nbsd 1.2
- sysutils/xentools3/files/xen-subr-nbsd 1.1
- sysutils/xentools33/Makefile 1.23
- sysutils/xentools33/PLIST 1.10
- sysutils/xentools33/files/vif-bridge-nbsd 1.2
- sysutils/xentools33/files/vif-ip-nbsd 1.2
- sysutils/xentools33/files/xen-subr-nbsd 1.1
---
Module Name: pkgsrc
Committed By: jym
Date: Wed Jan 12 00:11:20 UTC 2011
Modified Files:
pkgsrc/sysutils/xentools3: Makefile PLIST
pkgsrc/sysutils/xentools3/files: vif-bridge-nbsd vif-ip-nbsd
Added Files:
pkgsrc/sysutils/xentools3/files: xen-subr-nbsd
Log Message:
Add support for "vifname" keys inside XenStore. Its value is the
interface name for the vif, e.g. xvif(4) for dom0, and xennet(4)
for domU.
This allows querying the XenStore for the vif names, rather than
hardcoding their syntax in vif-* scripts.
Add a xen-subr shell script that can contain customized functions, and
include it in the vif-ip/vif-bridge scripts.
Introduce xenstore_read_default that returns the value of a specific
key from XenStore, or the default specified value when key is absent.
Bump revision.
ok bouyer@.
See port-xen/2011/01/11/msg006405.html">http://mail-index.netbsd.org/port-xen/2011/01/11/msg006405.html
---
Module Name: pkgsrc
Committed By: jym
Date: Wed Jan 12 00:12:14 UTC 2011
Modified Files:
pkgsrc/sysutils/xentools33: Makefile PLIST
pkgsrc/sysutils/xentools33/files: vif-bridge-nbsd vif-ip-nbsd
Added Files:
pkgsrc/sysutils/xentools33/files: xen-subr-nbsd
Log Message:
Add support for "vifname" keys inside XenStore. Its value is the
interface name for the vif, e.g. xvif(4) for dom0, and xennet(4)
for domU.
This allows querying the XenStore for the vif names, rather than
hardcoding their syntax in vif-* scripts.
Add a xen-subr shell script that can contain customized functions, and
include it in the vif-ip/vif-bridge scripts.
Introduce xenstore_read_default that returns the value of a specific
key from XenStore, or the default specified value when key is absent.
Bump revision.
ok bouyer@.
See port-xen/2011/01/11/msg006405.html">http://mail-index.netbsd.org/port-xen/2011/01/11/msg006405.html
sysutils/xentools3: improve NetBSD support
sysutils/xentools33: improve NetBSD support
Revisions pulled up:
- sysutils/xentools3/Makefile 1.23
- sysutils/xentools3/PLIST 1.4
- sysutils/xentools3/files/vif-bridge-nbsd 1.2
- sysutils/xentools3/files/vif-ip-nbsd 1.2
- sysutils/xentools3/files/xen-subr-nbsd 1.1
- sysutils/xentools33/Makefile 1.23
- sysutils/xentools33/PLIST 1.10
- sysutils/xentools33/files/vif-bridge-nbsd 1.2
- sysutils/xentools33/files/vif-ip-nbsd 1.2
- sysutils/xentools33/files/xen-subr-nbsd 1.1
---
Module Name: pkgsrc
Committed By: jym
Date: Wed Jan 12 00:11:20 UTC 2011
Modified Files:
pkgsrc/sysutils/xentools3: Makefile PLIST
pkgsrc/sysutils/xentools3/files: vif-bridge-nbsd vif-ip-nbsd
Added Files:
pkgsrc/sysutils/xentools3/files: xen-subr-nbsd
Log Message:
Add support for "vifname" keys inside XenStore. Its value is the
interface name for the vif, e.g. xvif(4) for dom0, and xennet(4)
for domU.
This allows querying the XenStore for the vif names, rather than
hardcoding their syntax in vif-* scripts.
Add a xen-subr shell script that can contain customized functions, and
include it in the vif-ip/vif-bridge scripts.
Introduce xenstore_read_default that returns the value of a specific
key from XenStore, or the default specified value when key is absent.
Bump revision.
ok bouyer@.
See port-xen/2011/01/11/msg006405.html">http://mail-index.netbsd.org/port-xen/2011/01/11/msg006405.html
---
Module Name: pkgsrc
Committed By: jym
Date: Wed Jan 12 00:12:14 UTC 2011
Modified Files:
pkgsrc/sysutils/xentools33: Makefile PLIST
pkgsrc/sysutils/xentools33/files: vif-bridge-nbsd vif-ip-nbsd
Added Files:
pkgsrc/sysutils/xentools33/files: xen-subr-nbsd
Log Message:
Add support for "vifname" keys inside XenStore. Its value is the
interface name for the vif, e.g. xvif(4) for dom0, and xennet(4)
for domU.
This allows querying the XenStore for the vif names, rather than
hardcoding their syntax in vif-* scripts.
Add a xen-subr shell script that can contain customized functions, and
include it in the vif-ip/vif-bridge scripts.
Introduce xenstore_read_default that returns the value of a specific
key from XenStore, or the default specified value when key is absent.
Bump revision.
ok bouyer@.
See port-xen/2011/01/11/msg006405.html">http://mail-index.netbsd.org/port-xen/2011/01/11/msg006405.html
pkgsrc-2010Q4 commitmail json YAML
Pullup ticket #3320
pkgsrc-2010Q4 commitmail json YAML
pkgsrc/net/wireshark/Makefile@1.56.2.1
/
diff
pkgsrc/net/wireshark/distinfo@1.38.2.1 / diff
pkgsrc/net/wireshark/patches/patch-SA42767 deleted
pkgsrc/net/wireshark/distinfo@1.38.2.1 / diff
pkgsrc/net/wireshark/patches/patch-SA42767 deleted
Pullup ticket #3320 - requested by tron
net/wireshark security update
Revisions pulled up:
- net/wireshark/Makefile 1.57
- net/wireshark/distinfo 1.39
- net/wireshark/patches/patch-SA42767 deleted
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Jan 12 00:16:31 UTC 2011
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Removed Files:
pkgsrc/net/wireshark/patches: patch-SA42767
Log Message:
Update "wireshark" package to version 1.4.3. Changes since 1.4.2:
- Bug Fixes
The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.
- FRAsse discovered that the MAC-LTE dissector could overflow a
buffer. (Bug 5530)
Versions affected: 1.2.0 to 1.2.13 and 1.4.0 to 1.4.2.
- FRAsse discovered that the ENTTEC dissector could overflow a
buffer. (Bug 5539)
Versions affected: 1.2.0 to 1.2.13 and 1.4.0 to 1.4.2.
CVE-2010-4538
- The ASN.1 BER dissector could assert and make Wireshark exit
prematurely. (Bug 5537)
Versions affected: 1.4.0 to 1.4.2.
The following bugs have been fixed:
- AMQP failed assertion. (Bug 4048)
- Reassemble.c leaks memory for GLIB > 2.8. (Bug 4141)
- Fuzz testing reports possible dissector bug: TCP. (Bug 4211)
- Wrong length calculation in new_octet_aligned_subset_bits()
(PER dissector). (Bug 5393)
- Function dissect_per_bit_string_display might read more bytes
than available (PER dissector). (Bug 5394)
- Cannot load wpcap.dll & packet.dll from Wireshark program
directory. (Bug 5420)
- Wireshark crashes with Copy -> Description on date/time
fields. (Bug 5421)
- DHCPv6 OPTION_CLIENT_FQDN parse error. (Bug 5426)
- Information element Error for supported channels. (Bug 5430)
- Assert when using ASN.1 dissector with loading a 'type table'.
(Bug 5447)
- Bug with RWH parsing in Infiniband dissector. (Bug 5444)
- Help->About Wireshark mis-reports OS. (Bug 5453)
- Delegated-IPv6-Prefix(123) is shown incorrect as
X-Ascend-Call-Attempt-Limit(123). (Bug 5455)
- "tshark -r file -T fields" is truncating exported data. (Bug 5463)
- gsm_a_dtap: incorrect "Extraneous Data" when decoding Packet
Flow Identifier. (Bug 5475)
- Improper decode of TLS 1.2 packet containing both
CertificateRequest and ServerHelloDone messages. (Bug 5485)
- LTE-PDCP UL and DL problem. (Bug 5505)
- CIGI 3.2/3.3 support broken. (Bug 5510)
- Prepare Filter in RTP Streams dialog does not work correctly.
(Bug 5513)
- Wrong decode at ethernet OAM Y.1731 ETH-CC. (Bug 5517)
- WPS: RF bands decryption. (Bug 5523)
- Incorrect LTP SDNV value handling. (Bug 5521)
- LTP bug found by randpkt. (Bug 5323)
- Buffer overflow in SNMP EngineID preferences. (Bug 5530)
- Updated Protocol Support
AMQP, ASN.1 BER, ASN.1 PER, CFM, CIGI, DHCPv6, Diameter, ENTTEC,
GSM A GM, IEEE 802.11, InfiniBand, LTE-PDCP, LTP, MAC-LTE, MP2T,
RADIUS, SAMR, SCCP, SIP, SNMP, TCP, TLS, TN3270, UNISTIM, WPS
- New and Updated Capture File Support
Endace ERF, Microsoft Network Monitor, VMS TCPtrace.
net/wireshark security update
Revisions pulled up:
- net/wireshark/Makefile 1.57
- net/wireshark/distinfo 1.39
- net/wireshark/patches/patch-SA42767 deleted
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Jan 12 00:16:31 UTC 2011
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Removed Files:
pkgsrc/net/wireshark/patches: patch-SA42767
Log Message:
Update "wireshark" package to version 1.4.3. Changes since 1.4.2:
- Bug Fixes
The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.
- FRAsse discovered that the MAC-LTE dissector could overflow a
buffer. (Bug 5530)
Versions affected: 1.2.0 to 1.2.13 and 1.4.0 to 1.4.2.
- FRAsse discovered that the ENTTEC dissector could overflow a
buffer. (Bug 5539)
Versions affected: 1.2.0 to 1.2.13 and 1.4.0 to 1.4.2.
CVE-2010-4538
- The ASN.1 BER dissector could assert and make Wireshark exit
prematurely. (Bug 5537)
Versions affected: 1.4.0 to 1.4.2.
The following bugs have been fixed:
- AMQP failed assertion. (Bug 4048)
- Reassemble.c leaks memory for GLIB > 2.8. (Bug 4141)
- Fuzz testing reports possible dissector bug: TCP. (Bug 4211)
- Wrong length calculation in new_octet_aligned_subset_bits()
(PER dissector). (Bug 5393)
- Function dissect_per_bit_string_display might read more bytes
than available (PER dissector). (Bug 5394)
- Cannot load wpcap.dll & packet.dll from Wireshark program
directory. (Bug 5420)
- Wireshark crashes with Copy -> Description on date/time
fields. (Bug 5421)
- DHCPv6 OPTION_CLIENT_FQDN parse error. (Bug 5426)
- Information element Error for supported channels. (Bug 5430)
- Assert when using ASN.1 dissector with loading a 'type table'.
(Bug 5447)
- Bug with RWH parsing in Infiniband dissector. (Bug 5444)
- Help->About Wireshark mis-reports OS. (Bug 5453)
- Delegated-IPv6-Prefix(123) is shown incorrect as
X-Ascend-Call-Attempt-Limit(123). (Bug 5455)
- "tshark -r file -T fields" is truncating exported data. (Bug 5463)
- gsm_a_dtap: incorrect "Extraneous Data" when decoding Packet
Flow Identifier. (Bug 5475)
- Improper decode of TLS 1.2 packet containing both
CertificateRequest and ServerHelloDone messages. (Bug 5485)
- LTE-PDCP UL and DL problem. (Bug 5505)
- CIGI 3.2/3.3 support broken. (Bug 5510)
- Prepare Filter in RTP Streams dialog does not work correctly.
(Bug 5513)
- Wrong decode at ethernet OAM Y.1731 ETH-CC. (Bug 5517)
- WPS: RF bands decryption. (Bug 5523)
- Incorrect LTP SDNV value handling. (Bug 5521)
- LTP bug found by randpkt. (Bug 5323)
- Buffer overflow in SNMP EngineID preferences. (Bug 5530)
- Updated Protocol Support
AMQP, ASN.1 BER, ASN.1 PER, CFM, CIGI, DHCPv6, Diameter, ENTTEC,
GSM A GM, IEEE 802.11, InfiniBand, LTE-PDCP, LTP, MAC-LTE, MP2T,
RADIUS, SAMR, SCCP, SIP, SNMP, TCP, TLS, TN3270, UNISTIM, WPS
- New and Updated Capture File Support
Endace ERF, Microsoft Network Monitor, VMS TCPtrace.
pkgsrc-2010Q4 commitmail json YAML
Please welcome the pkgsrc-2010Q4 branch.