A tool to make replicating ZFS datasets easy and reliable.
Testing:
- `portlint -AC` - OK
- `poudriere testport` - OK
- Live test - OK
Sponsored by: Intel
supported versions of our database system, including 12.4, 11.9, 10.14,
9.6.19, and 9.5.23.
This release closes two security vulnerabilities and fixes over 50 bugs
reported over the last three months.
Please plan to update at your earliest convenience.
Security Issues
---------------
* CVE-2020-14349: Uncontrolled search path element in logical replication.
Versions Affected: 10 - 12.
The PostgreSQL `search_path` setting determines schemas searched for
tables, functions, operators, etc. The CVE-2018-1058 fix caused most
PostgreSQL-provided client applications to sanitize `search_path`, but
logical replication continued to leave `search_path` unchanged. Users of
a replication publisher or subscriber database can create objects in the
`public` schema and harness them to execute arbitrary SQL functions
under the identity running replication, often a superuser. Installations
having adopted a documented secure schema usage pattern are not vulnerable.
The PostgreSQL project thanks Noah Misch for reporting this problem.
* CVE-2020-14350: Uncontrolled search path element in `CREATE EXTENSION`.
Versions Affected: 9.5 - 12. The security team typically does not test
unsupported versions, but this problem is quite old.
When a superuser runs certain `CREATE EXTENSION` statements, users may
be able to execute arbitrary SQL functions under the identity of that
superuser. The attacker must have permission to create objects in the
new extension's schema or a schema of a prerequisite extension. Not all
extensions are vulnerable.
In addition to correcting the extensions provided with PostgreSQL, the
PostgreSQL Global Development Group is issuing guidance for third-party
extension authors to secure their own work.
The PostgreSQL project thanks Andres Freund for reporting this problem.
Security: CVE-2020-14349, CVE-2020-14350
===> Applying distribution patches for qtcurve-1.9.0
patch: **** can't cd to /wrkdirs/usr/ports/x11-themes/qtcurve/work/qtcurve-1.9: No such file or directory
===> FAILED Applying distribution patch ee2228ea2f18ac5da9b434ee6089381df815aa94.patch with -p1
*** Error code 1
Reported by: pkg-fallout
MFH: 2020Q3 (build fix blanket)
Else the cmake setup will not install the extract_wb_from_images.sh
script, leading to inconsistent installs or packaging failures.
Reported by: poudriere
Approved by: portmgr@ (blanket approval to add missing requisites)
There's no release notes for kimageannotator, but looking at the log
https://github.com/ksnip/kImageAnnotator/commits/v0.3.2
it's just translation fixes and patches relevant for platforms
that are not-FreeBSD.
Reported by: portscout
- This (still) builds with CMake 3.17
- Circular dependency between harfbuzz and freetype causes
build (configure) failures with CMake 3.18, although I don't
see why CMake 3.17 doesn't fall over (it might be due to
recent CMake module additions)
- Reported upstream with alternate fix at
https://github.com/EasyRPG/Player/pull/2274
PR: 248003
Use C11 compiler:
/usr/local/include/unicode/localpointer.h:224: error: expected ';' before 'noexcept'
Also required is bumping GCC for misc/biblesync because of libstdc++ ABI error.
MFH: 2020Q3 (fix build blanket)
- Release notes: https://github.com/be5invis/Iosevka/releases/tag/v3.4.1
- Add more spacing variants (fixed & term). They are available as options
- Refactor Makefile to make it easier for the port maintainer to manage
variants
Add option to support jinja2 templates.
From ChangeLog: https://github.com/TheLocehiliosan/yadm/releases/tag/2.5.0
* Support for transcrypt
* Support ESH templates
* Preserve file mode of template
* Fish shell completions
* Fix alt processing when worktree is `/`
* Assert config directory if missing
* Documentation improvements
PR: 245593
Submitted by: vendion@gmail.com (maintainer)
Pythonic bindings for the notmuch mail database using CFFI. This module makes
the functionality of the notmuch library (https://notmuchmail.org) available to
python using CFFI
WWW: https://notmuchmail.org/
GCC doesn't include sys/endian.h by default:
/wrkdirs/usr/ports/audio/opustags/work/opustags-1.3.0/src/opus.cc: In function 'ot::status ot::parse_tags(const ogg_packet&, ot::opus_tags&)':
/wrkdirs/usr/ports/audio/opustags/work/opustags-1.3.0/src/opus.cc:58:25: error: 'le32toh' was not declared in this scope
58 | size_t vendor_length = le32toh(*((uint32_t*) (data + pos)));
| ^~~~~~~
/wrkdirs/usr/ports/audio/opustags/work/opustags-1.3.0/src/opus.cc: In function 'ot::dynamic_ogg_packet ot::render_tags(const ot::opus_tags&)':
/wrkdirs/usr/ports/audio/opustags/work/opustags-1.3.0/src/opus.cc:107:6: error: 'htole32' was not declared in this scope
107 | n = htole32(tags.vendor.size());
| ^~~~~~~
Please refer to the 20200811 UPDATING entry when upgrading
dependent (*-emacs26-*) ports.
Port changes:
- depend on math/gmp
- match upstream by turning CAIRO, HARFBUZZ, and JSON options and on and
turning MAGICK off by default
- remove OPENMP check for graphics/ImageMagick as the openmp is now
included in base
- update EMACS_VER in Mk/Uses/emacs.mk
- bump USES=emacs ports or remove BROKEN for net-im/jabber.el and
deskutils/howm, which now build
Submitted by: HIROSE Yuuji <yuuji@gentei.org> (canna patch)
Reviewed by: ashish
Differential Revision: https://reviews.freebsd.org/D23966
