Update PHP 7.1 from 7.1.13 to 7.1.14
Changelog: http://www.php.net/ChangeLog-7.php#7.1.14
Remove patch since upstream integrated a fix for the issue
Approved by: ports-secteam (swills)
Fix builds of lang/gcc{48,49,5} with clang 6.0.0
Since clang++ 6.0.0 now defaults to -std=gnu++14 (similar to g++ 6 and
higher), building gcc48, gcc49 or gcc5 produce quite a number of
"invalid suffix on literal; C++11 requires a space between literal and
identifier" errors. This is because in many places, double quotes are
directly followed by printf helper macros like HOST_WIDE_INT_PRINT.
In gcc 6 and later, spaces were added between the double quotes and the
macros, to fix this issue, but for earlier versions, use a combination
of find, grep and sed to add them mechanically throughout the respective
source trees.
In addition, gcc5 needs a regular patch to fix an incorrect call to
error(), which should have been error_at(). (This was a mismerge by
upstream.)
Approved by: gerald (maintainer)
PR: 224927
Update to upstream version 0.0.62
Detailed maintainer log:
- v0.0.62: Miscellaneous tweaks
- Updated Let's Encrypt agreement URL in example response file.
- Now builds for current Go 1.x version in Travis rather than Go 1.8.
- More error details are now available for challenge errors in the acmeapi
package.
- Error when trying to prompt the user in non-interactive mode now advises
user to remove --batch flag.
PR: 224627
Submitted by: samm@os2.kiev.ua (maintainer)
Upgrade to build 242
Approved by: feld (maintainer)
Unbreak last commit.
Pointy hat: dvl
Sponsored by: Absolight
security/snort3: Update to Alpha BUILD_242
- Use cmake now as autotools will be going away
- Fix segfaulting which was actually caused by devel/hwloc
security/snort3: Bump PORTREVISION
Bump for sanity
Add missing DOCS to OPTIONS_DEFINE
- update to 3.2.5
- license is now dual (see Changelog 20180127)
- make EAI optional but on by default [1]
Changelog:
20171116
Bugfix (introduced: Postfix 2.1): don't log warnings
that some restriction returns OK, when the access map
DISCARD feature is in effect. File: smtpd/smtpd_check.c.
20171215
Bugfix (introduced: 20170611): the DB_CONFIG bugfix broke
Berkeley DB configurations with a relative pathname. File:
util/dict_db.c.
20171218
Workaround: reportedly, some res_query(3) implementation
can return -1 with h_errno==0. Instead of terminating with
a panic, the Postfix DNS client now logs a warning and sets
h_errno to TRY_AGAIN. File: dns/dns_lookup.c.
20171226
Documentation patches by Sven Neuhaus. Files:
proto/FORWARD_SECRECY_README.html, proto/MILTER_README.html,
proto/SMTPD_ACCESS_README.html.
20180106
Cleanup: missing mailbox seek-to-end error check in the
local(8) delivery agent. File: local/mailbox.c.
Cleanup: incorrect mailbox seek-to-end error message in the
virtual(8) delivery agent. File: virtual/mailbox.c.
20180127
Licence: in addition to the historical IBM Public License
1.0, this software is now also distributed with the more
recent Eclipse Public License 2.0. Recipients can choose
to take the software under the license of their choice.
Those who are more comfortable with the IPL can continue
with that license. File: LICENSE.
- fix licence error after last commit
Reported by: Yasuhiro KIMURA
PR: ports/221619 [1]
Submitted by: Kubilay Kocak (koobs@)
Approved by: ports-secteam (swills@)
www/mediawiki130: Add missing PHP module dependency
When upgrading from MediaWiki 1.29:
Error: Missing one or more required components of PHP.
You are missing a required extension to PHP that MediaWiki needs.
Please install:
* fileinfo <https://secure.php.net/fileinfo>
Complete fix for CVE-2017-15132
Complete fix for CVE-2017-15132, the previous fix was not enough, and caused
the request to remain after an abort, causing a use-after-free later on.
PR: 225585
Submitted by: Vladimir Krstulja
Approved by: adamw (maintainer)
Approved by: ports-secteam (implicit, security fix)
Update glib to 2.50.3.
Also redo the kqueue patches. Now we patch files only once, and add some
bits that got lost somewhere (which is probably my fault). Which where
causing crashes when for example nautilus or thundar where monitoring
directories and files where added/removed.
PR: 199872
Fix another crash bug in the kqueue backend.
PR: 199872 217946
Approved by: ports-secteam (swills@)
KGDB fixes for amd64 and aarch64.
- Update the amd64 kernel support to recognize mchk_calltrap as a
trapframe generator.
- Remove some unneeded headers from fbsd-kld.c.
- Various fixes to get stack traces working for aarch64 kernels:
- Map the LR register from the PCB to PC instead of LR.
- Skip the PC register from the PCB as it isn't initialized to anything.
- Correct the register cache map for the PCB. The old one had the
offsets of pcb_sp and pcb_pc reversed.
- Don't map all of the saved general purpose registers in a
trapframe to X1 rather than X0 .. X29.
- Use correct name for el0 trapframe entry points.
Reviewed by: pizzamig (maintainer)
Differential Revision: https://reviews.freebsd.org/D13977
Approved by: ports-secteam (swills)
devel/awscli: use USE_PTYHON=noflavors, remove PKGNAMEPREFIX
The introduction of flavors caused the awscli package to be renamed to
py27-awscli. Since this package is preinstalled on all AWS EC2 instances
running a FreeBSD image, apply POLA and rename the package back to
awscli. The assumption is that the rename was unintentional.
Approved by: mat (co-mentor)
Differential Revision: https://reviews.freebsd.org/D13555
Approved by: portmgr
Add patch and fix CVE-2017-15132
Add upstream patch to fix CVE-2017-15132, memory leak in the log in process
that can cause memory exhaustion.
PR: 225446
Submitted by: Vladimir Krstulja
Approved by: adamw (maintainer), swills (ports-secteam)
Security: 92b8b284-a3a2-41b1-956c-f9cf8b74f500
Approved by: ports-secteam (implicit)
security/clamav: remove LHA from default options.
r459039 made distribution of the lha binary not allowed.
PR: 225180
Submitted by: antoine
security/clamav: upgrade to 0.99.3.
* Update to 0.99.3.
* Fix following portlint warnings.
** Move position of USES in Makefile.
** Remove reference of undefined LLVM option.
** Regenerate files/patch-libclamav_regex_pcre.c by 'make makepatch
** add USES=ssl
PR: 225461
Submitted by: yasu@utahime.org
Approved by: ports-secteam (swills)
Security: b464f61b-84c7-4e1c-8ad4-6cf9efffd025
Make AQMP support optional. AQMP support, which was prior to this
revision not optional, caused syslog-ng to fail to build with
LibreSSL. Users of LibreSSL should disable AQMP support.
PR: 225380
Submitted by: Peter Czanik (CzP) <peter.czanik@balabit.com>
Balabit / syslog-ng upstream
Approved by: portmgr (swills)
sysutils/gdisk: Unbreak UTF16 option
/usr/bin/ld: undefined reference to symbol `_ZN3icu13UnicodeStringC1EPKc' (try adding -licuuc)
//usr/local/lib/libicuuc.so.60: could not read symbols: Bad value
PR: 198518
Submitted by: Ting-Wei Lan <lantw44@gmail.com>
Approved by: wg (maintainer timeout, ~3 years)
Approved by: ports-secteam blanket
Show errors for duplicate source entries.
Remove duplicate entries found by updated MOVEDlint.awk in r459958
Fix some other lint findings
Approved by: portmgr (implicit)
Fix databases/mariadb* hostname verification when building against LibreSSL
LibreSSL imported X509_check_host from BoringSSL. Unlike OpenSSL,
it doesn't calculate the length of the hostname passed in case
chklen/namelen == 0. This means that the check in MariaDB always
fails if built against LibreSSL. This forces adminstrators to disable
hostname verification, which weakens security (hence the MFH request below).
Note that the fix has no negative implications if built against OpenSSL,
as its implementation calls strlen(hostname) in case namelen == 0.
See also https://github.com/MariaDB/server/pull/562
Approved by: portmgr
xen-kernel: fix build with clang 6 and apply pending XSA patches
This includes a band-aid for running 64bit PV guests without
compromising the whole system.
Approved by: ports-secteam (swills)
