Upgrade to 8.0.0 which is required for gitlab-ce 11.7 upgrade.
Upgrade to 8.0.1 which is required for security update of gitlab-ce 11.7.3.
Approved by: ports-secteam (miwi)
Upgrade to 1.12.1 which is required for gitlab-ce 11.7 upgrade.
Upgrade to 1.12.2 which is required for security update of gitlab-ce 11.7.3.
Approved by: ports-secteam (miwi)
In preparation for gitlab 11.7 upgrade switch rails4 to rails50.
If required upgraded version to work correctly with rails50.
Fixed some cosmetic issue to make portlint happy.
Reviewed by: sunpoet
Differential Revision: https://reviews.freebsd.org/D18957
Approved by: ports-secteam (miwi)
misc/mc: Do not override variables after bsd.port.pre.mk
At least the Python run dependency is not added on FreeBSD >= 12.0
because of it.
PR: 234587
Approved by: woodsb02 (maintainer timeout, 4 weeks)
Approved by: ports-secteam blanket
Install has a bug with relative links and is creating an incorrect symlink.
Changing this to a full link.
PR: 235327
Approved by: ports-secteam (joneum)
mail/pop3proxy: Fix build with OpenSSL 1.1.1
- Add license
- Fix config file location
- Reorder some things to pet portlint
- Mark it deprecated too as it appears to have no upstream anymore
and only works properly with unencrypted traffic
PR: 232134
Submitted by: freebsd_ports@k-worx.org
Approved by: ports-secteam (miwi)
sysutils/flexbackup: Fix some issues
- flexbackup shows a perl deprecated warning with perl 5.16
- lzma support compression level 0
- compress flags do not work, if you use afio+lzma
PR: 221003
Submitted by: Lars Herschke <lhersch@dssgmbh.de>
Approved by: ports-secteam bug fix blanket
Update to 0.11.79
Changelog:
LDAP group verification doesn't work when using 'dn' as user attribute #4684
LDAP group verification fails #4792
Emoji's do not work in wiki #4869
Log level not applied from configuration #5007
Not able to go get a repository with non-80 port #5305
Fix critical CSRF vulnerabilities on API routes #5355
Wrong redirect after updated protect branch setting whose name contains # #5442
Clear labels not working #5445
[Security] Remote command execution #5469
Push event webhook is not triggered when new branch fetched to mirror repository #5473
Large issue comment exceeds dashboard section #5502
List collaborator API does not contain permission information #5538
[Security] Log out only deletes browser cookies #5540
[Security] Some routes need to be POST #5541
[Security] Stored XSS in external issue tracker URL format #5545
PR: 235030
Submitted by: Dmitri Goutnik <dg@syrec.org> (maintainer)
Sponsored by: Netzkommune GmbH
Approved by: ports-secteam (miwi)
Fix libstatgrab on FreeBSD 12
On FreeBSD 12 (since r309017) v_cache_count no longer exists. A
compatibility shim is in place if COMPAT_FREEBSD11 is defined in
the kernel, but if not libstatgrab fails to return any memory
statistics. This patch modifies libstatgrab to mimic this compatibility
behaviour (ie. return 0), regardless of whether COMPAT_FREEBSD11
is defined, which ensures the remaining statistics are returned
correctly.
A more complete solution will be considered upstream and hopefully
be included in the next release.
Reported by: Alexey Milevsky <a.milevsky@gmail.com>
Approved by: ports-secteam (miwi)
devel/libhoard: Unbreak build with Clang 6 (C++14 by default)
include/hoard/geometricsizeclass.h:137:5: error: non-type template argument evaluates to -2147483648, which cannot be narrowed to type 'size_t' (aka 'unsigned long') [-Wc++11-narrowing]
MaxObjectSize>::VALUE };
^
http://beefy3.nyi.freebsd.org/data/112amd64-quarterly/491309/logs/errors/libhoard-3.10.log
- Respect CXX, CXXFLAGS, LDFLAGS
- Add a soname to the library
- Use INSTALL_LIB to install it
Approved by: ports-secteam build fix blanket
databases/mysql80-{client, server}: Update to latest release 8.0.14
This update (released on Jan 21st) includes:
Bugs Fixed:
Important Change: Fix importing a dump from a MySQL 5.7 server 8.0 failure.
(ER_WRONG_VALUE_FOR_VAR, when an unsupported [by 8.0] SQL mode was used).
The behavior of the server in such circumstances now depends on the setting of the
`pseudo_slave_mode` system variable.
If this is false, the server rejects the mode setting with ER_UNSUPPORTED_SQL_MODE.
Otherwise, server just gives a warning. (Bug #90337, Bug #27828236).
InnoDB: Properly initialize the static thread-local 'tables' variable in
the TempTable storage engine (on Solaris X86) was not properly initialized.
(Bug #28987365)
InnoDB: Fix incorrect lock order caused a deadlock when one thread attempted to
drop a table while another created an encrypted tablespace. (Bug #28774259)
More info from upstream:
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-14.html
While here, Adapt some local patches with new upstream changes.
PR: 234984
Sponsored by: The FreeBSD Foundation
Approved by: ports-secteam (feld, CVE-patch blanket)
japanese/man: unbreak in several archs.
The port was broken in 12 and in different archs.
mips is still to be tested.
PR: 235058
Submitted by: phd_kimberlite@yahoo.co.jp
Reviewed by: Ronald Klop (aarch64) mikael.urankar@gmail.com (armv6, armv7)
Approved by: ports-secteam (miwi)
Update to 2.4.38
Changelog:
*) SECURITY: CVE-2018-17199 (cve.mitre.org)
mod_session: mod_session_cookie does not respect expiry time allowing
sessions to be reused. [Hank Ibell]
*) SECURITY: CVE-2018-17189 (cve.mitre.org)
mod_http2: fixes a DoS attack vector. By sending slow request bodies
to resources not consuming them, httpd cleanup code occupies a server
thread unnecessarily. This was changed to an immediate stream reset
which discards all stream state and incoming data. [Stefan Eissing]
*) SECURITY: CVE-2019-0190 (cve.mitre.org)
mod_ssl: Fix infinite loop triggered by a client-initiated
renegotiation in TLSv1.2 (or earlier) with OpenSSL 1.1.1 and
later. PR 63052. [Joe Orton]
*) mod_ssl: Clear retry flag before aborting client-initiated renegotiation.
PR 63052 [Joe Orton]
*) mod_negotiation: Treat LanguagePriority as case-insensitive to match
AddLanguage behavior and HTTP specification. PR 39730 [Christophe Jaillet]
*) mod_md: incorrect behaviour when synchronizing ongoing ACME challenges
have been fixed. [Michael Kaufmann, Stefan Eissing]
*) mod_setenvif: We can have expressions that become true if a regex pattern
in the expression does NOT match. In this case val is NULL
and we should just set the value for the environment variable
like in the pattern case. [Ruediger Pluem]
*) mod_session: Always decode session attributes early. [Hank Ibell]
*) core: Incorrect values for environment variables are substituted when
multiple environment variables are specified in a directive. [Hank Ibell]
*) mod_rewrite: Only create the global mutex used by "RewriteMap prg:" when
this type of map is present in the configuration. PR62311.
[Hank Ibell <hwibell gmail.com>]
*) mod_dav: Fix invalid Location header when a resource is created by
passing an absolute URI on the request line [Jim Jagielski]
*) mod_session_cookie: avoid duplicate Set-Cookie header in the response.
[Emmanuel Dreyfus <manu@netbsd.org>, Luca Toscano]
*) mod_ssl: clear *SSL errors before loading certificates and checking
afterwards. Otherwise errors are reported when other SSL using modules
are in play. Fixes PR 62880. [Michael Kaufmann]
*) mod_ssl: Fix the error code returned in an error path of
'ssl_io_filter_handshake()'. This messes-up error handling performed
in 'ssl_io_filter_error()' [Yann Ylavic]
*) mod_ssl: Fix $HTTPS definition for "SSLEngine optional" case, and fix
authz provider so "Require ssl" works correctly in HTTP/2.
PR 61519, 62654. [Joe Orton, Stefan Eissing]
*) mod_proxy: If ProxyPassReverse is used for reverse mapping of relative
redirects, subsequent ProxyPassReverse statements, whether they are
relative or absolute, may fail. PR 60408. [Peter Haworth <pmh1wheel gmail.com>]
*) mod_lua: Now marked as a stable module [https://s.apache.org/Xnh1]
Security: eb888ce5-1f19-11e9-be05-4c72b94353b5
Sponsored by: Netzkommune GmbH
Approved by: ports-secteam (miwi)
