Displaying 1 50 of 327,857 commits (0.024s)

pkgsrc — doc CHANGES-2016

Updated databases/redis to 3.2.4
Delta File
+2 -1 doc/CHANGES-2016
+2 -1 1 file

pkgsrc — databases/redis distinfo Makefile

Update databases/redis to 3.2.4.

This is a Redis critical release in order to fix a security issue
which is documented clearly here:

https://github.com/antirez/redis/commit/6d9f8e2462fc2c426d48c941edeb78e5df7d2977

Thanks to Cory Duplantis of Cisco Talos for reporting the issue.

IMPACT:
The gist is that using CONFIG SET calls (or by manipulating
redis.conf) an attacker is able to compromise certain fields of
the "server" global structure, including the aof filename pointer,
that could be made pointing to something else. In turn the AOF
name is used in different contexts such as logging, rename(2) and
open(2) syscalls, leading to potential problems.

Please note that since having access to CONFIG SET also means to
be able to change the AOF filename (and many other things)
directly, this issue actual real world impact is quite small, so I
would not panik: if you have CONFIG SET level of access, you can
do more and more easily.

AFFECTED VERSIONS:
- All Redis 3.2.x versions are affected.

    [9 lines not shown]

pkgsrc — doc CHANGES-2016

Updated databases/mongodb to 3.2.9
Delta File
+2 -1 doc/CHANGES-2016
+2 -1 1 file

pkgsrc — databases/mongodb distinfo Makefile

    Update to 3.2.9
    
    Changelog: https://docs.mongodb.com/manual/release-notes/3.2-changelog/
    3.2.9 Changelog
    Security
        SERVER-17856 users on mongods should always be able to run currentOp and killOp on 
their own operations
    
    Sharding
        SERVER-23958 DBConfig::_loadIfNeeded will not do a reload even in cases where a 
force reload is needed
        SERVER-24810 Swap movePrimary command for ShardingTest::ensurePrimaryShard
        SERVER-24842 ShardingStateRecovery::recover cleanup should not wait for 
replication
        SERVER-24892 "Creating first chunks failed: Data inconsistency detected amongst 
config servers" when using 3.2.3+ without replica set config servers
        SERVER-25029 Segmentation fault in mongos when config servers not available
        SERVER-25052 csrs_upgrade_set_shard_version.js test is racy
        SERVER-25254 Only advance config server optime in response to messages from 
cluster members
        SERVER-25258 Improve parsing of killOp opID in mongos
    
    Replication
        SERVER-22136 Attach term metadata to UpdatePosition command
        SERVER-23795 master/slave looks at on-disk size on a resync

    [85 lines not shown]

pkgsrc — comms/srtp distinfo, comms/srtp/patches patch-crypto_hash_hmac.c patch-crypto_kernel_crypto__kernel.c

srtp: do not conflict with builtin hmac in netbsd-7.99.x, use another name
(local_hmac). Fixes build on NetBSD.

Patch by Sérgio de Almeida Lenzi

pkgsrc — doc CHANGES-2016

Updated security/openssl to 1.0.2j
Delta File
+2 -1 doc/CHANGES-2016
+2 -1 1 file

pkgsrc — security/openssl distinfo Makefile

Update security/openssl to 1.0.2j.

 Changes between 1.0.2i and 1.0.2j [26 Sep 2016]

  *) Missing CRL sanity check

     A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0
     but was omitted from OpenSSL 1.0.2i. As a result any attempt to use
     CRLs in OpenSSL 1.0.2i will crash with a null pointer exception.

     This issue only affects the OpenSSL 1.0.2i
     (CVE-2016-7052)
     [Matt Caswell]

pkgsrc — fonts/harfbuzz distinfo, fonts/harfbuzz/patches patch-src_hb-coretext.cc

Fix build on older Darwin.

pkgsrc — sysutils/salt Makefile

Fix DISTNAME.  Pointed out by wiz.
Delta File
+2 -2 sysutils/salt/Makefile
+2 -2 1 file

pkgsrc — doc CHANGES-2016

gmic, last week
Delta File
+2 -1 doc/CHANGES-2016
+2 -1 1 file

pkgsrc — games/xboard distinfo

Fix distinfo entry for patch-gettext.h
Delta File
+2 -2 games/xboard/distinfo
+2 -2 1 file

pkgsrc — doc CHANGES-2016

Updated net/net6 to 1.3.14nb3
Delta File
+2 -1 doc/CHANGES-2016
+2 -1 1 file

pkgsrc — net/net6 Makefile distinfo, net/net6/patches patch-src_encrypt.cpp

Fix net/net6 build against new GnuTLS

Patch inspired by net/vino/patches/patch-server_libvncserver_auth.c (r.1.1)

Bump PKGREVISION to 3.

pkgsrc — doc CHANGES-2016

Updated benchmarks/benchfft to 2.0nb5
Delta File
+3 -2 doc/CHANGES-2016
+3 -2 1 file

pkgsrc — benchmarks/benchfft Makefile

Build benchfft with gfortran instead of g95

This package doesn't compile with g95 on NetBSD 7.99.39 and older releases
according to bulk results (eg. pkgsrc NetBSD 7.0.1_PATCH/x86_64 2016-09-20
13:42). It might be also questionable to benchmark code generated with g95.

Bump PKGREVISION to 5.
Delta File
+3 -2 benchmarks/benchfft/Makefile
+3 -2 1 file

pkgsrc — lang/gcc48 distinfo, lang/gcc48/patches patch-gcc_config_arm_arm.h

gcc48: fix build error on netbsd/arm

configs for gcc on netbsd don't build -march=native support, but this
stray prototype was left, causing build errors:

gcc.o:(.rodata+0x58c4): undefined reference to
`host_detect_local_cpu(int, char const**)'

pkgsrc — doc TODO

+ ImageMagick-7.0.3.1, MesaLib-12.0.3, afl-2.35b, cups-filters-1.11.4,
  global-6.5.5, liblangtag-0.6.1, orcus0.12-0.12.1,
  p5-Canary-Stability-2012, p5-DateTime-Locale-1.08, p5-Email-Valid-1.201,
  p5-Specio-0.26, p5-Text-BibTeX-0.77, py-cryptography-1.5.1,
  py-html2text-2016.9.19, py-hypothesis-3.5.1, tor-0.2.8.8,
  x264-devel-20160924, xf86-video-nouveau-1.0.13, xproto-7.0.31.
Delta File
+20 -3 doc/TODO
+20 -3 1 file

pkgsrc — time/dateutils Makefile

Remove nonworking master site.
Delta File
+2 -2 time/dateutils/Makefile
+2 -2 1 file

pkgsrc — multimedia/xine-lib Makefile.common

Use more up-to-date homepage.

pkgsrc — audio/bmpx Makefile

bmpx requires C++11 unconditionally, not just for Clang

While there add GCC_REQD+=4.8 as it was the first branch to support major
subset of C++11. Build tested with GCC-5.4.0 on NetBSD.
Delta File
+2 -4 audio/bmpx/Makefile
+2 -4 1 file

pkgsrc — emulators/mame Makefile

Remove restrictions, this now has standard licensing.
Delta File
+1 -5 emulators/mame/Makefile
+1 -5 1 file

pkgsrc — doc CHANGES-2016

Updated net/owncloudclient to 2.2.3
Delta File
+2 -1 doc/CHANGES-2016
+2 -1 1 file

pkgsrc — net/owncloudclient distinfo Makefile

    Update to 2.2.3
    
    Changelog:
    Release 2.2.3 August 8th 2016
    
        SyncEngine: Fix detection of backup (#5104)
        Fix bug with overriding URL in config (#5016)
        Sharing: Fix bug with file names containing percent encodes (#5042, #5043)
        Sharing: Permissions for federated shares on servers >=9.1 (#4996, #5001)
        Overlays: Fix issues with file name casing on OS X and Windows
        Windows: Skip symlinks and junctions again (#5019)
        Only accept notification API Capability if endpoint is OCS-enabled (#5034)
        Fix windows HiDPI (#4994)
        SocketAPI: Use different pipe name to avoid unusual delay (#4977)
        Tray: Add minimal mode as workaround and testing tool for Linux issues (#4985, 
#4990)
        owncloudcmd: Fix --exclude regression #4979
        Small memleak: Use the full file stat destructors (#4992)
        Fix small QAction memleak (#5008)
        Fix crash on shutting down during propagation (#4979)
        Decrease memory usage during sync (#4979)
        Fix a deadlock when shutting down during discovery (#4993)
        Setup csync logging earlier to get all log output (#4991)
        Enable Shibboleth debug view with OWNCLOUD_SHIBBOLETH_DEBUG env
    

    [45 lines not shown]

pkgsrc — doc CHANGES-2016

Updated www/php-owncloud to 9.1.1
Delta File
+2 -1 doc/CHANGES-2016
+2 -1 1 file

pkgsrc — www/php-owncloud PLIST Makefile

    Update to 9.1.1
    
    * Remove contact and calendar distfiles
    * Remove replace commands for code sining, fix PR pkg/51032
    
    Changelog:
    Version 9.1.1 Sep 20 2016
    
        Core: Remove OCS response body for HTTP status 204 and 304 which disturbed some 
firewalls - core/#25835
        Core: Map Oracle driver options to params - core/#23938
        Core: Log cron job class name for easier troubleshooting - core/#25743
        Core: Skip version and trash expiry for users that never logged in - core/#25741
        Core: Added white download icons for apps to use - core/#23891
        Core: Fix warning about undefined offset in LoginController - core/#25714
        Core: Fix warning about undefined two factor providers - core/#25606
        Core: Load app before executing its repair steps - core/#25674
        Core: Fix "defaultapp" setting - core/#25562
        Core: Fix issue when opening some file app links received in share emails - 
core/#25200
        Core: Reconnect DB in occ files:scan to avoid DB timeouts - core/#25853
        Core: Fix status.php page redirection with non-standard port - core/#25946
        Core: Improve users page loading performance with many groups - core/#25922
        Core: Don't log credentials from tryLogin - core/#25895
        Core: Fix password recovery with case sensitive user names - core/#25684

    [157 lines not shown]
Delta File
+1,745 -2,188 www/php-owncloud/PLIST
+2 -28 www/php-owncloud/Makefile
+5 -13 www/php-owncloud/distinfo
+1,752 -2,229 3 files

pkgsrc — doc TODO

viewvc-1.1.25
Delta File
+2 -2 doc/TODO
+2 -2 1 file

pkgsrc — doc CHANGES-2016

Updated devel/py-buildbot to 0.8.8nb1
Delta File
+2 -1 doc/CHANGES-2016
+2 -1 1 file

pkgsrc — devel/py-buildbot Makefile

py-buildbot requires py-sqlparse to operate

Bump PKGREVISION to 1
Delta File
+3 -1 devel/py-buildbot/Makefile
+3 -1 1 file

pkgsrc — cad/librecad Makefile

add GCC_REQD+=        4.7 as the package uses -std=c++11 flag
Delta File
+4 -1 cad/librecad/Makefile
+4 -1 1 file

pkgsrc — cad/openscad Makefile

add gettext to USE_TOOLS
Delta File
+2 -2 cad/openscad/Makefile
+2 -2 1 file

pkgsrc — doc CHANGES-pkgsrc-2016Q2

Pullup tickets #5105 to #5107.
Delta File
+10 -1 doc/CHANGES-pkgsrc-2016Q2
+10 -1 1 file

pkgsrc — mk mpi.buildlink3.mk

Appease pkglint(1) - replace () with {}

No functional change
Delta File
+3 -3 mk/mpi.buildlink3.mk
+3 -3 1 file

pkgsrc — www/typo3_62 distinfo Makefile

    Pullup ticket #5107 - requested by taca
    www/typo3_62: security fix
    
    Revisions pulled up:
    - www/typo3_62/Makefile                                         1.17-1.18
    - www/typo3_62/PLIST                                            1.13-1.14
    - www/typo3_62/distinfo                                         1.15-1.16
    
    ---
       Module Name:        pkgsrc
       Committed By:        taca
       Date:                Tue Jul 19 12:02:08 UTC 2016
    
       Modified Files:
               pkgsrc/www/typo3_62: Makefile PLIST distinfo
    
       Log Message:
       Update typo3_62 package to 6.2.26 (TYPO3 6.2.26 LTS), including security
       fix for XSS.
    
       2016-07-19  d719c97                  [RELEASE] Release of TYPO3 6.2.26 (TYPO3 
Release Team)
       2016-07-19  2bc8727  #76358          [SECURITY] Link fields accept Javascript code 
when using URI Data Scheme (Valentin Despa)
       2016-07-19  485396d  #75933          [SECURITY] Prevent persistent username in 

    [59 lines not shown]

pkgsrc — lang/php phpversion.mk, lang/php70 distinfo

Pullup ticket #5106 - requested by taca
lang/php70: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.157
- lang/php70/distinfo                                           1.19

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Fri Sep 16 16:10:29 UTC 2016

   Modified Files:
           pkgsrc/lang/php: phpversion.mk
           pkgsrc/lang/php70: distinfo

   Log Message:
   Update php70 to 7.0.11 (PHP 7.0.11).

   15 Sep 2016 PHP 7.0.11

   - Core:
     . Fixed bug #72944 (Null pointer deref in zval_delref_p). (Dmitry)
     . Fixed bug #72943 (assign_dim on string doesn't reset hval). (Laruence)
     . Fixed bug #72911 (Memleak in zend_binary_assign_op_obj_helper). (Laruence)

    [116 lines not shown]
Delta File
+5 -5 lang/php70/distinfo
+2 -2 lang/php/phpversion.mk
+7 -7 2 files

pkgsrc — lang/php phpversion.mk, lang/php56 distinfo

Pullup ticket #5105 - requested by taca
lang/php56: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.156
- lang/php56/distinfo                                           1.34

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Fri Sep 16 16:09:24 UTC 2016

   Modified Files:
           pkgsrc/lang/php: phpversion.mk
           pkgsrc/lang/php56: distinfo

   Log Message:
   Update php56 to 5.6.26 (PHP 5.6.26).

   15 Sep 2016, PHP 5.6.26

   - Core:
     . Fixed bug #72907 (null pointer deref, segfault in gc_remove_zval_from_buffer
       (zend_gc.c:260)). (Laruence)


    [82 lines not shown]
Delta File
+5 -5 lang/php56/distinfo
+2 -2 lang/php/phpversion.mk
+7 -7 2 files

pkgsrc — doc CHANGES-2016

Updated cross/dfu-programmer to 0.7.2
Delta File
+2 -1 doc/CHANGES-2016
+2 -1 1 file

pkgsrc — cross/dfu-programmer distinfo Makefile

    Update dfu-programmer to 0.7.2
    
    Upstream's NEWS:
    
    == Release 0.7.2 [2015-02-04]
     * Fix memory bounds used for XMega targets.
    
     == Release 0.7.1 [2015-01-03]
     * Fix use of mandatory filename ChangeLog in distribution tarball
     * Fix infinite loop in rpl_malloc
     * Add experimental support for autocomplete on Ubuntu
     * Fix exit status of help-related options and improve start sequence
    
    == Release 0.7.0 [2014-08-02]
     * Add support for atmega16c4 and atmega32c4
     * Fix device erase for bootloaders which return busy status
     * Better include file defaults for libusb when run bootstrap is run without 
pkgconfig.
     * Improved status output
     * Add hex dump commands
     * Add blank memory check
     * Major rework of the flash/user/eeprom code
     * Replace start and reset commands with launch
     * Repository and website migrated to GitHub
    

    [26 lines not shown]

pkgsrc — editors/vim-lang PLIST

vim-lang: add missing PLIST entries.
Delta File
+3 -1 editors/vim-lang/PLIST
+3 -1 1 file

pkgsrc — doc CHANGES-2016

Note update of contao35 and contao42 package.

        www/contao35        3.5.17
        www/contao42        4.2.4
VS: ----------------------------------------------------------------------
Delta File
+3 -1 doc/CHANGES-2016
+3 -1 1 file

pkgsrc — www/contao42 PLIST distinfo

    Update contao42 to 4.2.4.  This is a leaf package.
    
    ### 4.2.4 (2016-09-21)
    
     * Handle special character passwords in the "close account" module (see 
contao/core#8455).
     * Handle broken SVG files in the Image and File class (see contao/core#8470).
     * Reduce the maximum field length by the file extension length (see 
contao/core#8472).
     * Fall back to the field name if there is no label (see contao/core#8461).
     * Do not assume NULL by default for binary fields (see contao/core#8477).
     * Correctly render the diff view if not the latest version is active (see 
contao/core#8481).
     * Update the list of countries and languages (see contao/core#8453).
     * Correctly set up the MooTools CDN URL (see contao/core#8458).
     * Also check the URL length when determining the search URL (see contao/core#8460).
     * Only regenerate the session ID upon login.

pkgsrc — www/contao35 PLIST distinfo

Update contao35 to 3.5.17.  This is a leaf package.

Version 3.5.17 (2016-09-20)
---------------------------

### Fixed
Handle special character passwords in the "close account" module (see #8455).

### Fixed
Handle broken SVG files in the Image and File class (see #8470).

### Fixed
Reduce the maximum field length by the file extension length (see #8472).

### Fixed
Fall back to the field name if there is no label (see #8461).

### Fixed
Do not assume NULL by default for binary fields (see #8477).

### Fixed
Correctly render the diff view if not the latest version is active (see #8481).

### Fixed
Update the list of countries and languages (see #8453).

    [9 lines not shown]

pkgsrc — devel/asm2html Makefile

Remove blank line, sorry
Delta File
+1 -2 devel/asm2html/Makefile
+1 -2 1 file

pkgsrc — devel/asm2html Makefile

Update HOMEPAGE, previous one not on DNS
Delta File
+3 -2 devel/asm2html/Makefile
+3 -2 1 file

pkgsrc — doc CHANGES-pkgsrc-2016Q2

Pullup tickets #5103 and #5104.
Delta File
+9 -1 doc/CHANGES-pkgsrc-2016Q2
+9 -1 1 file

pkgsrc — chat/irssi Makefile.common distinfo, chat/irssi-icb distinfo Makefile

Pullup ticket #5104 - requested by sevan
chat/irssi: security fix, bugfixes
chat/irssi-icb: security fix, bugfixes
chat/irssi-xmpp: security fix, bugfixes

Revisions pulled up:
- chat/irssi-icb/Makefile                                       1.39
- chat/irssi-icb/distinfo                                       1.23-1.24
- chat/irssi-icb/patches/patch-src_core_icb-core.c              1.1
- chat/irssi-icb/patches/patch-src_fe-common_fe-icb.c           1.1
- chat/irssi-xmpp/Makefile                                      1.6-1.7,1.9-1.10
- chat/irssi-xmpp/PLIST                                         1.2
- chat/irssi-xmpp/distinfo                                      1.5-1.6
- chat/irssi/Makefile                                           1.72-1.73
- chat/irssi/Makefile.common                                    1.17-1.18
- chat/irssi/PLIST                                              1.13-1.14
- chat/irssi/distinfo                                           1.35-1.37
- chat/irssi/options.mk                                         1.12
- chat/irssi/patches/patch-scripts_buf.pl                       1.1

---
   Module Name:    pkgsrc
   Committed By:   maya
   Date:           Sun Aug 14 21:10:35 UTC 2016


    [188 lines not shown]

pkgsrc — doc CHANGES-2016

Updated comms/asterisk to 11.23.1
Delta File
+2 -1 doc/CHANGES-2016
+2 -1 1 file

pkgsrc — comms/asterisk distinfo Makefile, comms/asterisk/patches patch-include_asterisk_sha1.h patch-configure

Update to Asterisk 11.23.1:  this is a security fix release to fix
AST-2016-007.  Note that on Oct. 25th, this branch of Asterisk will
switch to security fixes, and one year later it will read end-of-life.

pkgsrc changes:
- don't use gethostbyname_r on NetBSD
- eliminate conflict with new hmac(1) function on NetBSd

----- AST-2016-007

The overlap dialing feature in chan_sip allows chan_sip to report
to a device that the number that has been dialed is incomplete and
more digits are required. If this functionality is used with a
device that has performed username/password authentication RTP
resources are leaked.  This occurs because the code fails to release
the old RTP resources before allocating new ones in this scenario.
If all resources are used then RTP port exhaustion will occur and
no RTP sessions are able to be set up.

pkgsrc — databases/mariadb55-client distinfo Makefile.common, databases/mariadb55-client/patches patch-vio_viosslfactories.c patch-include_my__context.h

    Pullup ticket #5103 - requested by maya
    databases/mariadb55-server: security fix
    
    Revisions pulled up:
    - databases/mariadb55-client/Makefile                           1.6
    - databases/mariadb55-client/Makefile.common                    1.4
    - databases/mariadb55-client/distinfo                           1.5
    - databases/mariadb55-client/patches/patch-include_my__context.h 1.2
    - databases/mariadb55-client/patches/patch-vio_viosslfactories.c deleted
    - databases/mariadb55-server/Makefile                           1.4
    - databases/mariadb55-server/PLIST                              1.3-1.4
    
    ---
       Module Name:        pkgsrc
       Committed By:        maya
       Date:                Tue Sep 13 19:15:14 UTC 2016
    
       Modified Files:
               pkgsrc/databases/mariadb55-client: Makefile Makefile.common distinfo
               pkgsrc/databases/mariadb55-client/patches: patch-include_my__context.h
               pkgsrc/databases/mariadb55-server: Makefile PLIST
       Removed Files:
               pkgsrc/databases/mariadb55-client/patches: patch-vio_viosslfactories.c
    
       Log Message:

    [823 lines not shown]

pkgsrc — doc CHANGES-2016

Updated comms/asterisk13 to 13.11.2
Delta File
+2 -1 doc/CHANGES-2016
+2 -1 1 file

pkgsrc — comms/asterisk13 distinfo Makefile, comms/asterisk13/patches patch-include_asterisk_sha1.h patch-configure

Update to Asterisk 13.11.2: this is mainly a bug fix release
including two security issues:  AST-2016-006 and AST-2016-007.
Note that AST-2016-006 only affected setups using PJSIP, which
pkgsrc Asterisk does not.

pkgsrc changes:
- don't use gethostbyname_r on NetBSD
- eliminte conflict with new hmac(1) function on NetBSD

----- AST-2016-006

Asterisk can be crashed remotely by sending an ACK to it from an
endpoint username that Asterisk does not recognize.  Most SIP
request types result in an "artificial" endpoint being looked up,
but ACKs bypass this lookup. The resulting NULL pointer results in
a crash when attempting to determine if ACLs should be applied.

This issue was introduced in the Asterisk 13.10 release and only
affects that release.

This issue only affects users using the PJSIP stack with Asterisk.
Those users that use chan_sip are unaffected.

----- AST-2016-007


    [141 lines not shown]