Commit Graph

442544 Commits

Author SHA1 Message Date
Jan Beich
26d1d5b844 MFH: r472348
emulators/rpcs3: update to 0.0.5.480

Changes:	88b6d5164...f491dc141
Approved by:	ports-secteam (junovitch, implicit for snapshots)
2018-06-14 00:52:16 +00:00
Joseph Mingrone
f65937c96e MFH: r472342
devel/git-review/Makefile: Update to version 1.26.0

PR:		226100
Submitted by:	w.schwarzenfeld@utanet.at
Reported by:    erj
Approved by:	dereckson@gmail.com (maintainer)

Approved by:	portmgr (implicit)
2018-06-13 20:58:12 +00:00
Carlos J. Puga Medina
518dee9c7f MFH: r472337
security/libgcrypt: Update to 1.8.3 (bugfix)

- Improve comment in Makefile
- Provide more elaborate port description and update WWW in pkg-descr

Noteworthy changes in version 1.8.3
===================================

   - Use blinding for ECDSA signing to mitigate a novel side-channel
     attack.  [#4011,CVE-2018-0495]

   - Fix incorrect counter overflow handling for GCM when using an IV
     size other than 96 bit.  [#3764]

   - Fix incorrect output of AES-keywrap mode for in-place encryption
     on some platforms.

   - Fix the gcry_mpi_ec_curve_point point validation function.

   - Fix rare assertion failure in gcry_prime_check.

   Release info at <https://dev.gnupg.org/T4016>.

For further details, see https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000426.html

Security:	http://vuxml.freebsd.org/freebsd/9b5162de-6f39-11e8-818e-e8e0b747a45a.html

Approved by:	ports-secteam (feld)
2018-06-13 19:08:49 +00:00
Jan Beich
364ffd22f9 MFH: r472311
multimedia/libvpx: unbreak on powerpc*

- newer libstdc++ ABI is required by many consumers
- -mspe and -maltivec are mutually exclusive
- implement VSX detection for powerpc and powerpc64

PR:		228586
Submitted by:	jhibbits (based on)
Approved by:	ports-secteam blanket
2018-06-13 13:27:53 +00:00
Jan Beich
fac87fa00e MFH: r472312 r472319
emulators/ppsspp: unbreak in-game movies

PR:		228972
Approved by:	ports-secteam blanket
2018-06-13 13:26:08 +00:00
Steve Wills
5daa05182b MFH: r466686 r471978 r472316
sysutils/google-compute-engine-oslogin: update to version 1.1.5

PR:		226936
Submitted by:	Helen Koike <helen.koike@collabora.com> (maintainer)

Mark as broken on various tier-2 archs.

Approved by:	portmgr (tier-2 blanket)

sysutils/google-compute-engine-oslogin: fix oslogin and update to 1.3.0

PR:		228949
Submitted by:	Helen Koike <helen.koike@collabora.com> (maintainer)

Approved by:	ports-secteam (implicit)
2018-06-13 13:16:51 +00:00
Bernard Spil
c85aa609e1 MFH: r472247
security/openssl-devel: Security update

 - Upstream update for CVE-2018-0732

Security:       c82ecac5-6e3f-11e8-8777-b499baebfeaf

Approved by:	ports-secteam (miwi)
2018-06-12 14:18:39 +00:00
Bernard Spil
8b030ab1e4 MFH: r472245
security/openssl: Actually add patch file

Security:	c82ecac5-6e3f-11e8-8777-b499baebfeaf

Approved by:	ports-secteam (miwi)
2018-06-12 14:17:10 +00:00
Adam Weinberger
5b606f2b16 MFH: r472250
Update gnupg1 to security release 1.4.23

PR:		228936
Submitted by:	Dani
Security:	CVE-2017-7526

Approved by:	ports-secteam (miwi)
2018-06-12 14:06:25 +00:00
Jan Beich
833ee8019a MFH: r472223
emulators/rpcs3: update to 0.0.5.474

Changes:	626836f95...88b6d5164
Approved by:	ports-secteam (junovitch, implicit for snapshots)
2018-06-12 00:31:21 +00:00
Jan Beich
1e9f9ba459 MFH: r472219
emulators/rpcs3: update to 0.0.5.471

Changes:	5454f57dd...626836f95
Approved by:	ports-secteam (junovitch, implicit for snapshots)
2018-06-11 23:40:43 +00:00
Jan Beich
28823d2fc6 MFH: r472217
www/waterfox: apply FF61 fix

Approved by:	ports-secteam blanket
2018-06-11 23:39:40 +00:00
Jan Beich
7d2527516f MFH: r472204 r472205
games/openra: make GeoLite2 fetch deterministic

PR:		228877
Approved by:	ports-secteam blanket
2018-06-11 20:40:42 +00:00
Jan Beich
3efbe823bd MFH: r472201
devel/android-tools-fastboot: unbreak fetch

fetch: https://anonscm.debian.org/cgit/android-tools/android-tools.git/plain/debian/fastboot.1?id=706e754: Not Found

Submitted by:	jrm
Approved by:	ports-secteam blanket
Differential Revision:	https://reviews.freebsd.org/D15761
2018-06-11 19:42:35 +00:00
Jan Beich
d9e01e0a45 MFH: r472153
games/openra: update GeoLite2 to June snapshot

fetch: https://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.mmdb.gz: size mismatch: expected 1717847, actual 1728369

PR:		228877
Reported by:	dbn
Approved by:	ports-secteam blanket
2018-06-10 19:36:46 +00:00
Thomas Zander
111868ec43 MFH: r471488 r472147
Mark as broken on powerpc64.

Approved by:	portmgr (tier-2 blanket)

Fix startup script for FreeBSD 10: -o option is unknown

PR:		228266
Submitted by:	takefu@airport.fm

Approved by:	ports-secteam (riggs)
2018-06-10 17:13:14 +00:00
Jan Beich
0b55aab104 MFH: r472125
www/waterfox: flatten line endings after r461193 (direct commit)

Subversion doesn't allow mixed line endings when svn:eol-style
property is set. files/patch-bug1402766 tries to create a new test
file, so simply strip carriage-return from lines which is what
actually happens on checkout. Originally, the file landed via
git-svn which doesn't appear to run sanity checks on dcommit.

$ svn cat files/patch-bug1402766
svn: E135000: Inconsistent line ending style

Reported by:	gjb
Approved by:	ports-secteam blanket
2018-06-10 10:28:59 +00:00
Jan Beich
34c405751b MFH: r472028
emulators/rpcs3: update to 0.0.5.464

Changes:	dde4a9c6e...5454f57dd
Approved by:	ports-secteam (junovitch, implicit for snapshots)
2018-06-09 00:30:35 +00:00
Jan Beich
c840823f63 MFH: r472027
www/waterfox: apply some FF61 fixes

Approved by:	ports-secteam blanket
2018-06-09 00:26:35 +00:00
Craig Leres
a887982e58 MFH: r472014
Update to 2.5.4 which fixes multiple memory allocation issues:

 - Multiple fixes and improvements to BinPAC generated code
   related to array parsing, with potential impact to all Bro's
   BinPAC-generated analyzers in the form of buffer over-reads
   or other invalid memory accesses depending on whether a
   particular analyzer incorrectly assumed that the
   evaulated-array-length expression is actually the number of
   elements that were parsed out from the input.

 - The NCP analyzer (not enabled by default and also updated
   to actually work with newer Bro APIs in the release) performed
   a memory allocation based directly on a field in the input
   packet and using signed integer storage. This could result
   in a signed integer overflow and memory allocations of
   negative or very large size, leading to a crash or memory
   exhaustion. The new NCP::max_frame_size tuning option now
   limits the maximum amount of memory that can be allocated.

Other fixes:

 - A memory leak in the SMBv1 analyzer.

 - The MySQL analyzer was generally not working as intended,
   for example, it now is able to parse responses that contain
   multiple results/rows.

Add gettext-runtime to USES to address a poudriere testport
warning.

Reviewed by:	matthew (mentor)
Approved by:	matthew (mentor)
Security:	2f4fd3aa-32f8-4116-92f2-68f05398348e
Differential Revision:	https://reviews.freebsd.org/D15678

Approved by:	ports-secteam (feld), matthew (mentor)
2018-06-08 19:52:02 +00:00
Adam Weinberger
2541f340fe MFH: r467022 r469025 r472003
Update gnupg to 2.2.6

  * gpg,gpgsm: New option --request-origin to pretend requests coming
    from a browser or a remote site.

  * gpg: Fix race condition on trustdb.gpg updates due to too early
    released lock.  [#3839]

  * gpg: Emit FAILURE status lines in almost all cases.  [#3872]

  * gpg: Implement --dry-run for --passwd to make checking a key's
    passphrase straightforward.

  * gpg: Make sure to only accept a certification capable key for key
    signatures.  [#3844]

  * gpg: Better user interaction in --card-edit for the factory-reset
    sub-command.

  * gpg: Improve changing key attributes in --card-edit by adding an
    explicit "key-attr" sub-command.  [#3781]

  * gpg: Print the keygrips in the --card-status.

  * scd: Support KDF DO setup.  [#3823]

  * scd: Fix some issues with PC/SC on Windows.  [#3825]

  * scd: Fix suspend/resume handling in the CCID driver.

  * agent: Evict cached passphrases also via a timer.  [#3829]

  * agent: Use separate passphrase caches depending on the request
    origin.  [#3858]

  * ssh: Support signature flags.  [#3880]

  * dirmngr: Handle failures related to missing IPv6 support
    gracefully.  [#3331]

  * Fix corner cases related to specified home directory with
    drive letter on Windows.  [#3720]

  * Allow the use of UNC directory names as homedir.  [#3818]

Update gnupg to 2.2.7

Also, remove unnecessary USE_LDCONFIG.

  * gpg: New option --no-symkey-cache to disable the passphrase cache
    for symmetrical en- and decryption.

  * gpg: The ERRSIG status now prints the fingerprint if that is part
    of the signature.

  * gpg: Relax emitting of FAILURE status lines

  * gpg: Add a status flag to "sig" lines printed with --list-sigs.

  * gpg: Fix "Too many open files" when using --multifile.  [#3951]

  * ssh: Return an error for unknown ssh-agent flags.  [#3880]

  * dirmngr: Fix a regression since 2.1.16 which caused corrupted CRL
    caches under Windows.  [#2448,#3923]

  * dirmngr: Fix a CNAME problem with pools and TLS.  Also use a fixed
    mapping of keys.gnupg.net to sks-keyservers.net.  [#3755]

  * dirmngr: Try resurrecting dead hosts earlier (from 3 to 1.5 hours).

  * dirmngr: Fallback to CRL if no default OCSP responder is configured.

  * dirmngr: Implement CRL fetching via https.  Here a redirection to
    http is explictly allowed.

  * dirmngr: Make LDAP searching and CRL fetching work under Windows.
    This stopped working with 2.1.  [#3937]

  * agent,dirmngr: New sub-command "getenv" for "getinfo" to ease
    debugging.

Update gnupg to 2.2.8 (security release)

CVE-2018-12020:
The OpenPGP protocol allows to include the file name of the original
input file into a signed or encrypted message.  During decryption and
verification the GPG tool can display a notice with that file name.  The
displayed file name is not sanitized and as such may include line feeds
or other control characters.  This can be used inject terminal control
sequences into the out and, worse, to fake the so-called status
messages.  These status messages are parsed by programs to get
information from gpg about the validity of a signature and an other
parameters.  Status messages are created with the option "--status-fd N"
where N is a file descriptor.  Now if N is 2 the status messages and the
regular diagnostic messages share the stderr output channel.  By using a
made up file name in the message it is possible to fake status messages.
Using this technique it is for example possible to fake the verification
status of a signed mail.

Also:
  * gpg: Decryption of messages not using the MDC mode will now lead
    to a hard failure even if a legacy cipher algorithm was used.  The
    option --ignore-mdc-error can be used to turn this failure into a
    warning.  Take care: Never use that option unconditionally or
    without a prior warning.

  * gpg: The MDC encryption mode is now always used regardless of the
    cipher algorithm or any preferences.  For testing --rfc2440 can be
    used to create a message without an MDC.

  * gpg: Sanitize the diagnostic output of the original file name in
    verbose mode.  [#4012,CVE-2018-12020]

  * gpg: Detect suspicious multiple plaintext packets in a more
    reliable way.  [#4000]

  * gpg: Fix the duplicate key signature detection code.  [#3994]

  * gpg: The options --no-mdc-warn, --force-mdc, --no-force-mdc,
    --disable-mdc and --no-disable-mdc have no more effect.

  * agent: Add DBUS_SESSION_BUS_ADDRESS and a few other envvars to the
    list of startup environment variables.  [#3947]

Security:	CVE-2018-12020

Approved by:	ports-secteam (miwi)
2018-06-08 14:43:44 +00:00
Jan Beich
3e0a566ea6 MFH: r472001
www/waterfox: restore FF61 fix after r471887

Approved by:	ports-secteam blanket
2018-06-08 14:16:30 +00:00
Jung-uk Kim
7ccb4885bc MFH: r471958
Catch up with Flash Player 30.0.0.113.

Approved by:	ports-secteam (blanket)
2018-06-08 00:14:52 +00:00
Jung-uk Kim
e3d453f6f3 MFH: r471957
Update to 30.0.0.113.

https://helpx.adobe.com/security/products/flash-player/apsb18-19.html

Approved by:	ports-secteam (blanket)
2018-06-08 00:14:14 +00:00
Antoine Brodin
cd2200b15f Revert MFH of r467535 r471795, it fails to build in 2018Q2
Reported by:	pkg-fallout
2018-06-07 12:53:09 +00:00
Jan Beich
901bf7f908 MFH: r471887
www/waterfox: apply some FF61 fixes

Approved by:	ports-secteam blanket
2018-06-06 23:24:27 +00:00
Jan Beich
ad36f8f920 MFH: r471886
emulators/rpcs3: update to 0.0.5.445

Changes:	88f9d5d58...dde4a9c6e
Approved by:	ports-secteam (junovitch, implicit for snapshots)
2018-06-06 23:11:39 +00:00
Thomas Zander
1b76595782 MFH: r471883
Update to upstream version 1.6.3

Approved by:	ports-secteam (riggs)
2018-06-06 21:23:59 +00:00
Jan Beich
3fa0ec68ff MFH: r471878
security/nss: update to 3.37.3

Changes:	https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.37.3_release_notes
Changes:	https://hg.mozilla.org/projects/nss/shortlog/NSS_3_37_3_RTM
ABI:		https://abi-laboratory.pro/tracker/timeline/nss/
Approved by:	ports-secteam blanket (required by Firefox 61)
2018-06-06 19:03:41 +00:00
Bernard Spil
89095381f5 MFH: r470572
dns/unbound: Fix errors when unbound_conf is set

PR:		228390
Approved by:	maintainer <jaap NLnetLabs nl>

Approved by:	ports-secteam (feld)
2018-06-06 18:48:08 +00:00
Jan Beich
71a10b6d02 MFH: r471866
www/firefox-esr: update to 52.8.1

Changes:	https://www.mozilla.org/firefox/52.8.1/releasenotes/
Approved by:	ports-secteam blanket
2018-06-06 18:26:45 +00:00
Jan Beich
5e3fdf995c MFH: r471865
www/firefox: update to 60.0.2

Changes:	https://www.mozilla.org/firefox/60.0.2/releasenotes/
PR:		226476
Approved by:	ports-secteam blanket
2018-06-06 18:26:05 +00:00
Mark Felder
5934a3a00f MFH: r467535 r471795
Update to 1.1.4

- Change MASTER_SITES to CHEESESHOP
- Add missing RUN_DEPENDS

Changes:	https://github.com/matrix-org/python-canonicaljson/blob/master/CHANGES.md
PR:		228072
2018-06-06 16:48:12 +00:00
Matthias Fechner
9976394814 MFH: r468171 r470353
www/gitlab-pages: fix rc script

www/gitlab-pages: update to 0.9.1

Approved by:	ports-secteam (eadler)
2018-06-05 20:16:46 +00:00
Matthias Fechner
d72ea79412 MFH: r471741
Took maintainer (approved by wg).
Security update to 0.27.1.

Reviewed by:	wg (maintainer), tz (mentor)
Approved by:	wg (maintainer), tz (mentor)
Differential Revision:	https://reviews.freebsd.org/D15654

Approved by:	ports-secteam (miwi)
2018-06-05 19:46:03 +00:00
Matthias Fechner
0803deb306 MFH: r467503
Add rubygem-gitaly-proto095 0.95.0 (copied from rubygem-gitaly-proto)

- Add PORTSCOUT

Approved by:	ports-secteam (eadler)
2018-06-05 19:43:48 +00:00
Matthias Fechner
0819cb10ca MFH: r466579
Add rubygem-flipper013 0.13.0 (copied from rubygem-flipper)

- Add PORTSCOUT

Approved by:	ports-secteam (eadler)
2018-06-05 19:41:28 +00:00
Matthias Fechner
6693bd52e5 MFH: r466581
Add rubygem-flipper-active_support_cache_store013 0.13.0 (copied from rubygem-flipper-active_support_cache_store)

- Update RUN_DEPENDS
- Add PORTSCOUT

Approved by:	ports-secteam (eadler)
2018-06-05 19:39:47 +00:00
Matthias Fechner
cf389ae5ec MFH: r467248
Add rubygem-default_value_for30 3.0.5 (copied from rubygem-default_value_for)

- Add PORTSCOUT

Approved by:	ports-secteam (eadler)
2018-06-05 19:37:55 +00:00
Matthias Fechner
0e2e4ae787 MFH: r466580
Add rubygem-flipper-active_record013 0.13.0 (copied from rubygem-flipper-active_record)

- Update RUN_DEPENDS
- Add PORTSCOUT

Approved by:	ports-secteam (eadler)
2018-06-05 19:35:51 +00:00
Matthias Fechner
98a2bb9875 MFH: r469941 r471208
Update gitlab to 10.7.3.
For list of changes look here: https://about.gitlab.com/2018/04/22/gitlab-10-7-released/
Please note that gitlab-pages is temporarily removed and will be added later if upstream bug is fixed.
To not update to this version if you require gitlab-pages.
The Gemfile.lock is now generated on gitlab startup, so this should help with Gemfile issues.

Reviewed by:	swills (mentor)
Approved by:	swills (mentor)
Differential Revision:	https://reviews.freebsd.org/D15314

Applied security upgrade to gitlab 10.7.5.
Fixed bug with wrong path for gitlab-workhouse that should fix artifacts (reported by Felix <mail@felix.flornet.de>). This was fix upstream but is not included in this version yet: https://gitlab.com/gitlab-org/gitlab-ce/issues/46763
Update net/rubygem-grpc to 1.11.1 which is required for gitlab 10.7.5.
Sync dep net/rubygem-grpc with gitlab which uses now 1.11.1.
Added gitlab-pages again to dependencies as the new version builds again.

Reported by:	Felix <mail@felix.flornet.de>
Reviewed by:	swills (mentor)
Approved by:	swills (mentor)
Differential Revision:	https://reviews.freebsd.org/D15631

Approved by:	ports-secteam (eadler)
2018-06-05 19:32:49 +00:00
Matthias Fechner
e7dfe0d10a MFH: r469940
Update www/gitlab-workhorse to 4.1.0 required for gitlab 10.7.x.

Reviewed by:	swills (mentor)
Approved by:	swills (mentor)
Differential Revision:	https://reviews.freebsd.org/D15315

Approved by:	ports-secteam (eadler)
2018-06-05 19:27:06 +00:00
Matthias Fechner
771dd6efde MFH: r469939
Update devel/gitlab-shell to 7.1.2 required for gitlab 10.7.x.

Reviewed by:	tz (mentor)
Approved by:	tz (mentor)
Differential Revision:	https://reviews.freebsd.org/D15322

Approved by:	ports-secteam (eadler)
2018-06-05 19:26:17 +00:00
Matthias Fechner
4529ade71d MFH: r469312 r469938 r470126
Remove duplicate entry of BUILD_DEPENDS

- Fix indent

rubygem-bundler is already listed in MY_DEPENDS.

Differential Revision:	https://reviews.freebsd.org/D15281
Submitted by:	sunpoet (myself)
Approved by:	mfechner (maintainer)

Upgrade devel/gitaly to 0.96.1 required for gitlab 10.7.x.

Reviewed by:	tz (mentor)
Approved by:	tz (mentor)
Differential Revision:	https://reviews.freebsd.org/D15323

Fixed a wrong standard path in a configuration. New projects can be created again if the standard gitaly configuration is used.

Reviewed by:	tz (mentor)
Approved by:	tz (mentor)
Differential Revision:	https://reviews.freebsd.org/D15447

Approved by:	ports-secteam (eadler)
2018-06-05 19:24:00 +00:00
Matthias Fechner
87c8153aa4 MFH: r469937
Update devel/rubygem-prometheus-client-mmap to 0.9.2 required for gitlab 10.7.x.

Reviewed by:	tz (mentor)
Approved by:	tz (mentor)
Differential Revision:	https://reviews.freebsd.org/D15376

Approved by:	ports-secteam (eadler)
2018-06-05 19:16:33 +00:00
Matthias Fechner
cd3ed7b5d7 MFH: r469936
Update devel/rubygem-licensee8 to 8.9.2 required for gitlab 10.7.x.

Reviewed by:	tz (mentor)
Approved by:	tz (mentor)
Differential Revision:	https://reviews.freebsd.org/D15318

Approved by:	ports-secteam (eadler)
2018-06-05 19:15:42 +00:00
Matthias Fechner
cfbb57b406 MFH: r469935
Update to 5.0.0 required for gitlab 10.7.x.
Fixed some small problems reported by portlint.

Reviewed by:	tz (mentor)
Approved by:	tz (mentor)
Differential Revision:	https://reviews.freebsd.org/D15313

Approved by:	ports-secteam (eadler)
2018-06-05 19:14:44 +00:00
Matthias Fechner
c38194938a MFH: r468376 r469934
Update to 2.5.2

Changes:	https://github.com/abonas/kubeclient/blob/master/CHANGELOG.md

Update to 3.0.0 which is required for gitlab update to 10.7.x.

Reviewed by:	tz (mentor), sunpoet (maintainer by email)
Approved by:	tz (mentor), sunpoet (maintainer by email)
Differential Revision:	https://reviews.freebsd.org/D15202

Approved by:	ports-secteam (eadler)
2018-06-05 19:13:52 +00:00
Kirill Ponomarev
63058a9ff7 MFH: r471771
Update to 0.6.4

PR:		228766
Submitted by:	maintainer

Approved by:	ports-secteam@freebsd.org (miwi)
2018-06-05 17:20:57 +00:00
Matthias Fechner
f6be452ffc MFH: r469933
Added missing dependency to rinku.

Reviewed by:	swills (mentor)
Approved by:	swills (mentor)
Differential Revision:	https://reviews.freebsd.org/D15316

Approved by:	ports-secteam (eadler)
2018-06-05 14:46:32 +00:00