lang/php74: Update from 7.4.10 to 7.4.11
Core:
Fixed bug #79699 (PHP parses encoded cookie names so malicious `__Host-` cookies can be sent). (CVE-2020-7070)
Fixed bug #79979 (passing value to by-ref param via CUFA crashes).
Fixed bug #80037 (Typed property must not be accessed before initialization when __get() declared).
Fixed bug #80048 (Bug #69100 has not been fixed for Windows).
Fixed bug #80049 (Memleak when coercing integers to string via variadic argument).
Calendar:
Fixed bug #80007 (Potential type confusion in unixtojd() parameter parsing).
COM:
Fixed bug #64130 (COM obj parameters passed by reference are not updated).
OPcache:
Fixed bug #80002 (calc free space for new interned string is wrong).
Fixed bug #80046 (FREE for SWITCH_STRING optimized away).
Fixed bug #79825 (opcache.file_cache causes SIGSEGV when custom opcode handlers changed).
OpenSSL:
Fixed bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV). (CVE-2020-7069)
PDO:
Fixed bug #80027 (Terrible performance using $query->fetch on queries with many bind parameters).
SOAP:
Fixed bug #47021 (SoapClient stumbles over WSDL delivered with "Transfer-Encoding: chunked").
Standard:
Fixed bug #79986 (str_ireplace bug with diacritics characters).
Fixed bug #80077 (getmxrr test bug).
Fixed bug #72941 (Modifying bucket->data by-ref has no effect any longer).
Fixed bug #80067 (Omitting the port in bindto setting errors).
Sponsored by: Bounce Experts
Approved by: ports-secteam (joneum, implicit for PHP Updates)
lang/php73: Update from 7.3.22 to 7.3.23
Core:
Fixed bug #80048 (Bug #69100 has not been fixed for Windows).
Fixed bug #80049 (Memleak when coercing integers to string via variadic argument).
Fixed bug #79699 (PHP parses encoded cookie names so malicious `__Host-` cookies can be sent). (CVE-2020-7070)
Calendar:
Fixed bug #80007 (Potential type confusion in unixtojd() parameter parsing).
COM:
Fixed bug #64130 (COM obj parameters passed by reference are not updated).
OPcache:
Fixed bug #80002 (calc free space for new interned string is wrong).
Fixed bug #79825 (opcache.file_cache causes SIGSEGV when custom opcode handlers changed).
OpenSSL:
Fixed bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV). (CVE-2020-7069)
PDO:
Fixed bug #80027 (Terrible performance using $query->fetch on queries with many bind parameters).
SOAP:
Fixed bug #47021 (SoapClient stumbles over WSDL delivered with "Transfer-Encoding: chunked").
Standard:
Fixed bug #79986 (str_ireplace bug with diacritics characters).
Fixed bug #80077 (getmxrr test bug).
Fixed bug #72941 (Modifying bucket->data by-ref has no effect any longer).
Fixed bug #80067 (Omitting the port in bindto setting errors).
Sponsored by: Bounce Experts
Approved by: ports-secteam (joneum, implicit for PHP Updates)
lang/php72: Update from 7.2.33 to 7.2.34
Core:
Fixed bug #79699 (PHP parses encoded cookie names so malicious `__Host-` cookies can be sent). (CVE-2020-7070)
OpenSSL:
Fixed bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV). (CVE-2020-7069)
Sponsored by: Bounce Experts
Approved by: ports-secteam (joneum, implicit for PHP Updates)
Fix tracker-miners
The glib schemas were not tracked as such, making nautilus failed to access
them when it needed to.
While here; remove entire LDCONFIG which is not needed given this port does not
provide any library that anything would be dynamiclaly linked to
PR: 250129
Submitted by: Neel Chauhan <neel@neelc.org>
This all bunch of patches fixes GDM with gnome
x11/gdm: @sample-ify some GDM files in etc/
It's been reported that it would be desired to treat the following
files as samples:
- etc/dbus-1/system.d/gdm.conf.sample
- etc/gdm/Init/Default.sample
- etc/gdm/Xsession.sample
- etc/pam.d/gdm-autologin.sample
- etc/pam.d/gdm-launch-environment.sample
- etc/pam.d/gdm-password.sample
PR: 187558
Submitted by: Eugene M. Kim <astralblue@gmail.com
Reported by: robmessick@gmail.com
Approved by: maintainer timeout
x11/gdm: Switch to USES=localbase
Approved by: portmgr blanket
Properly handle logind -> consolekit
Grab a patch from openbsd and extend it do other components which requires it
Remove from the gnome session a list of required dbus services that no
longer exists
Gnome-shell: fix the login manager interface
gdm call gnome-shell to provide its login manager. with the upgrade of gnome-shell
this wasn't patched to be able to talk to consolekit. Fix this by incorporating patches
from OpenBSD
update x11/mate-panel to 1.24.1
Properly register the schema for the preview window list
This prevents the mate-panel from crashing all the time
This fixes the continuous crashing of the window list applet
dns/nsd: update 4.3.2 -> 4.3.3
This release contains the DNS Flag Day 2020 fixes. This sets the
default EDNS buffer size to 1232, that should reduce fragmentation.
https://dnsflagday.net/2020/
There is a new feature where it is possible to list an interface by
name. This pulls in the IP addresses associated with the interface
at server start.
FEATURES:
- Follow DNS flag day 2020 advice and
set default EDNS message size to 1232.
- Merged PR #113 with fixes. Instead of listing an IP-address to
listen on, an interface name can be specified in nsd.conf, with
ip-address: eth0. The IP-addresses for that interface are then used.
- Port TSIG code for openssl 3.0.0-alpha6.
BUG FIXES:
- Fix make install with --with-pidfile="".
- Merge #115 from millert: Fix strlcpy() usage. From OpenBSD.
- Merge #117: mini_event.h (4.3.2 and 4.3.1) on OpenBSD cannot find
fd_set - patch.
- Fix that configure checks for EVP_sha256 to detect openssl, because
HMAC_CTX_new is deprecated in 3.0.0.
- Fix#119: fix compile warnings from new gcc.
- Fix#119: warn when trying to parse a directory.
- Merge PR #121: Increase log level of recreated database from
WARNING to ERR.
- Remove unused space from LIBS on link line.
- Updated date in nsd -v output.
PR: 250203
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Relnotes: https://www.nlnetlabs.nl/news/2020/Oct/08/nsd-4.3.3-released/
Approved by: portmgr (backport of reliability fix blanket)
Create dedicated sandbox user for wsdd service
This changes the account the wsdd service runs under from the generic
'daemon' user to its own dedicated '_wsdd' user.
Approved by: ports-secteam (joneum)
PR: 250159
lang/php74: Add missing dependency from php74-xmlreader to php74-dom
xmlreader needs not only the DOM extension, but to be compiled
with --enabled-dom. This commit adds the missing configuration
to etablish the dependency.
PR: 249886
Submitted by: michael.glaus@hostpoint.ch
Sponsored by: Bounce Experts
Approved by: ports-secteam (joneum, implicit for PHP Updates)
Mark BROKEN everywhere
c++ -DHAVE_CONFIG_H -I. -I./src -I. -isystem /usr/local/include -Wall -Werror -fno-exceptions -fno-rtti -D_THREAD_SAFE -pthread -I/usr/local/include -I/usr/local/include -I/usr/include -O2 -pipe -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing -isystem /usr/local/include -MT src/schwanenlied/crypto/obfsclient-base32.o -MD -MP -MF src/schwanenlied/crypto/.deps/obfsclient-base32.Tpo -c -o src/schwanenlied/crypto/obfsclient-base32.o `test -f 'src/schwanenlied/crypto/base32.cc' || echo './'`src/schwanenlied/crypto/base32.cc
In file included from src/schwanenlied/crypto/base32.cc:34:
In file included from ./src/schwanenlied/crypto/base32.h:37:
In file included from ./src/schwanenlied/crypto/utils.h:40:
In file included from ./src/schwanenlied/common.h:47:
./src/ext/easylogging++.h:1119:84: error: 'ptr_fun<int, int>' is deprecated [-Werror,-Wdeprecated-declarations]
str.erase(str.begin(), std::find_if(str.begin(), str.end(), std::not1(std::ptr_fun<int, int>(&std::isspace))));
^
/usr/include/c++/v1/functional:1107:1: note: 'ptr_fun<int, int>' has been explicitly marked deprecated here
_LIBCPP_DEPRECATED_IN_CXX11 inline _LIBCPP_INLINE_VISIBILITY
^
/usr/include/c++/v1/__config:972:39: note: expanded from macro '_LIBCPP_DEPRECATED_IN_CXX11'
# define _LIBCPP_DEPRECATED_IN_CXX11 _LIBCPP_DEPRECATED
^
/usr/include/c++/v1/__config:961:48: note: expanded from macro '_LIBCPP_DEPRECATED'
# define _LIBCPP_DEPRECATED __attribute__ ((deprecated))
^
In file included from src/schwanenlied/crypto/base32.cc:34:
In file included from ./src/schwanenlied/crypto/base32.h:37:
In file included from ./src/schwanenlied/crypto/utils.h:40:
In file included from ./src/schwanenlied/common.h:47:
./src/ext/easylogging++.h:1126:73: error: 'ptr_fun<int, int>' is deprecated [-Werror,-Wdeprecated-declarations]
str.erase(std::find_if(str.rbegin(), str.rend(), std::not1(std::ptr_fun<int, int>(&std::isspace))).base(), str.end());
^
/usr/include/c++/v1/functional:1107:1: note: 'ptr_fun<int, int>' has been explicitly marked deprecated here
_LIBCPP_DEPRECATED_IN_CXX11 inline _LIBCPP_INLINE_VISIBILITY
^
/usr/include/c++/v1/__config:972:39: note: expanded from macro '_LIBCPP_DEPRECATED_IN_CXX11'
# define _LIBCPP_DEPRECATED_IN_CXX11 _LIBCPP_DEPRECATED
^
/usr/include/c++/v1/__config:961:48: note: expanded from macro '_LIBCPP_DEPRECATED'
# define _LIBCPP_DEPRECATED __attribute__ ((deprecated))
^
Reported by: pkg-fallout
Mark BROKEN everywhere
memmem.c:81:25: error: misleading indentation; statement is not part of the previous 'if' [-Werror,-Wmisleading-indentation]
sp++;
^
memmem.c:77:17: note: previous statement is here
if (*sp == *pp)
^
Reported by: pkg-fallout
Mark BROKEN
c++ -o obj/x86_64-unknown-freebsd12.1/fea/data_plane/ifconfig/ifconfig_get_sysctl.os -c -pipe -fstack-protector-strong -fno-strict-aliasing -O3 -g3 -W -Wall -Wwrite-strings -Wno-cast-qual -Wno-sign-compare -Wpointer-arith -Woverloaded-virtual -DXORP_BUILDINFO -fPIC -DXRL_PF=120 -DXORP_VERSION=1.8.5 -DBOOST_DISABLE_THREADS -I/usr/local/include -Iobj/x86_64-unknown-freebsd12.1 -I. -I. fea/data_plane/ifconfig/ifconfig_get_sysctl.cc
In file included from fea/data_plane/ifconfig/ifconfig_get_sysctl.cc:35:
In file included from /usr/include/net/if_var.h:83:
/usr/include/sys/lock.h:68:15: error: reference to 'thread' is ambiguous
struct thread **owner);
^
/usr/include/sys/lock.h:42:8: note: candidate found by name lookup is 'thread'
struct thread;
^
/usr/include/c++/v1/__threading_support:397:24: note: candidate found by name lookup is 'std::__1::thread'
class _LIBCPP_TYPE_VIS thread;
^
Reported by: pkg-fallout
sysutils/edid-decode: fix build on GCC architectures
Use C++11 compiler:
edid-decode.cpp: In member function 'std::string edid_state::dtd_type(unsigned int)':
edid-decode.cpp:195: error: 'to_string' is not a member of 'std'
Approved by: portmgr (fix build blanket)
devel/ipython5: Use newest version of pygments
The pinned dependency 'pygments<2.6' is only necessary to solve an issue with
Python 2.7, and devel/ipython5 is now python3.5+ only. [1] [2]
This fixes a conflict introduced on ports r549076 and r549418 between
textproc/py-pygments and textproc/py-pygments-25 when building at least
textproc/py-sphinx and math/sage.
1 - https://github.com/ipython/ipython/pull/12174
2 - https://github.com/ipython/ipython/issues/12173
PR: 249131, 250074, 250144
Reported by: thierry, swills
Approved by: python (with hat)
Approved by: ports-secteam (fluffy)
security/zeek: Update to 3.0.11 to fix memory leaks and potential DOS:
https://github.com/zeek/zeek/releases/tag/v3.0.11
- A memory leak in multipart MIME code has potential for remote
exploitation and cause for Denial of Service via resource
exhaustion.
Other fixes:
- Fix incorrect RSTOS0 conn_state determinations
Reported by: Jon Siwek
Security: 769a4f60-9056-4c27-89a1-1758a59a21f8
Approved by: ports-secteam (joneum)
devel/gh: Update to 1.1.0
From ChangeLog: https://github.com/cli/cli/releases/v1.1.0
Features
* Support GH_PAGER environment override for PAGER
* Disable terminal pager when its value is set to cat
* repo view: add option to specify a branch
* repo view: render :emoji: syntax as emoji characters
Bugs
* Fix pr create when branch was already pushed to a non-base remote
* pr status/view/create: fix API-related failures with GitHub Enterprise
Server
* Fix markdown rendering when terminal pager is enabled
* repo create: respect repo name input given in interactive prompt
* auth login: display correct hostname in Personal Access Token instructions
* auth login: document minimum required token scopes
* pr checkout: fix running on detached HEAD
* pr merge: default to "no" for "delete branch after merge" prompt
* gist list: switch to GraphQL API to improve fetching
- support fetching more than 100 gists
- list gists ordered by creation time, descending
- for machine-readable output, serialize timestamps in RFC 3339 format
- ensure newlines in gist description are rendered as spaces
* gist view/edit: fix passing Gist URL as argument
* gist edit: check ownership before editing
* gist edit: avoid updating gist when the contents haven't changed
* repo garden: fix for repositories with only a few commits
* repo garden: restore tty settings on exit
* Fix reading the current git branch name when it contains a non-breaking space
* Document gh config set pager ... option
* Fix .tar upload tests on different OSs
PR: 250176
Submitted by: vulcan@wired.sh (maintainer)
Approved by: ports-secteam (blanket, bugfix release)
sysutils/openzfs*: Update to fix 12.1-REL build
Bump to 79f0935fa for header changes to fix the package build on FreeBSD 12.1
PR: ports/250001
Reported by: tleavitt@alumni.usc.edu
Reviewed by: wg
Approved by: wg (ports)
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D26656
Approved by: ports-secteam (implicit, build fix)
devel/bmake: disable cmd-interrupt test in batch builds
This fixes the build under modern poudriere, but continues to run the test
in all other environments so that we *can* catch issues here if they arise.
The breakage should get fixed on the poudriere or base sh(1) side, but this
will not necessarily be done soon.
Reported by: mjg
Approved by: portmgr (implicit, bulk fix)
Approved by: ports-secteam (implicit, build fix)
x11-wm/compiz: Fix compiz-manager texture size parsing error
compiz-manager doesn't cover the possibility of duplicate output from
glxinfo at line 238, which causes check_texture_size() to fail. Let's fix
it by limiting the number of output lines to 1.
PR: 247476
Submitted by: Vladimir Bychik
Approved by: maintainer (Chris Hutchinson)
Approved by: ports-secteam (fluffy)
x11/gdm: Install gconftool-2 as it is needed by pkg-install
Before this patch, the following error could be observed during the
installation of the port:
===> Creating homedir(s)
/bin/sh: gconftool-2: not found
chown: /usr/local/etc/gdm/home/.gconf.mandatory: No such file or directory
chmod: /usr/local/etc/gdm/home/.gconf.mandatory: No such file or directory
chmod: /usr/local/etc/gdm/home/.gconf.mandatory/*.xml: No such file or directory
GDM is installed.
Specifying USE_GNOME+=gconf2 seems to fix the error messages.
(BTW, for some reason the gconf2 dependency was removed in r372768.)
Approved by: portmgr blanket
Approved by: ports-secteam (fluffy)
x11/gdm: Fix pkg-message
pkg-message does not contain %%PREFIX%% anymore, so a sed(1) call is not
necessary. In addition to that, passing pkg-message though fmt(1) was
breaking the UCL inside causing pkg-message to not be displayed at all.
Approved by: portmgr blanket
Approved by: ports-secteam (fluffy)
devel/arm-none-eabi-newlib: unbreak after include-fixed removal
We're now operating on more standards-compliant headers. Defining
__LONG_LONG_SUPPORTED is a little hacky, but some backflips are needed to
assume a C99 build. For now, just make it work so that we can get the
definition from sys/limits.h as needed.
Approved by: ports-secteam (implicit, build fix)
devel/upnp: update to 1.14.0
Update to newer release which contains a fix for CVE-2020-13848:
c805c1de11
Security: CVE-2020-13848
Approved by: ports-secteam (joneum)
