graphics/drm-current-kmod: Update snapshot
Update graphics/drm-current-kmod to the latest snapshot.
This update takes into account changes in lkpi in base, and makes use of
debugfs in base, instead of the bundled one.
note: If you are on an older version of current, prior to r347973, you might
need to update current first, before updating this driver.
Approved by: jmd (maintainer, implicit)
Sponsored by: B3 Init
Approved by: ports-secteam (implicit, drm-drivers blanket)
www/firefox: restore SafeBrowsing v4 after r495403
Required for phishing protection. Not covered by uBlock Origin lists.
Looks like #Mozilla didn't announce the POLA-violating change anywhere
public despite backporting to ESR60.
https://bugzilla.mozilla.org/show_bug.cgi?id=1531176
Approved by: ports-secteam blanket
Add explicit build depend on python, since it's actually used during
the install phase.
PR: 237862
Submitted by: Christopher <inbox@alleghenycomputer.com>
Approved by: ports-secteam (miwi)
databases/mysql80-{client, server}: Update to latest release 8.0.16
This update includes:
Bugfixes:
- InnoDB: Undo tablespaces remained unencrypted after enabling
undo tablespace encryption at startup. (Bug #29477795)
- InnoDB: Problematic macros introduced with undo tablespace DDL support
(Bug #29324132, Bug #94243).
- InnoDB: Static thread local variables defined at the wrong scope
were not released at thread exit. (Bug #29305186)
- Memory leaks discovered in the innochecksum (Bug #28917614, Bug #93164).
New features:
- MySQL C API now supports asynchronous functions for
nonblocking communication with the MySQL server.
- MySQL now supports a new Chinese collation, utf8mb4_zh_0900_as_cs
- CMake now causes the build process to link with the llvm lld linker
for Clang if it is available.
Security Fix:
CVE-2019-2632, CVE-2019-2693, CVE-2019-2694, CVE-2019-2695 and other fixes.
More info: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
PR: 237399
Reported by: Brent Busby <brent@jfi.uchicago.edu>
Sponsored by: The FreeBSD Foundation
Approved by: ports-secteam (feld, CVE-patch blanket)
databases/mysql57-{client, server}: Update to latest release 5.7.26
This update includes:
Bugfix:
- InnoDB: Optimized internal temporary tables did not support
in-place UPDATE operations
- InnoDB: A function called by a CREATE TABLE thread attempted access after free()
- InnoDB: The INDEX_LENGTH value in INFORMATION_SCHEMA.TABLES
was not updated when adding an index
- The authentication_ldap_simple plugin could enforce authentication incorrectly
More info: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-26.html
Security Fix:
CVE-2019-2632, CVE-2019-1559, CVE-2018-3123, and other fixes.
More info: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
PR: 237399
Reported by: Brent Busby <brent@jfi.uchicago.edu>
Sponsored by: The FreeBSD Foundation
Approved by: ports-secteam (feld, CVE-patch blanket)
databases/mysql56-{client, server}: Update to latest release 5.6.44
This update includes
Bugfix:
- InnoDB: The INDEX_LENGTH value in INFORMATION_SCHEMA.TABLES
was not updated when adding an index
- MySQL 5.6 did not build with maintainer mode enabled with GCC 7
- A damaged mysql.user table could cause a server exit
- mysqladmin shutdown did not wait for mysqld to shut down
More info: https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-44.html
Security Fix:
CVE-2019-1559, CVE-2018-3123 and other fixes.
More info: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL<Paste>
PR: 237399
Reported by: Brent Busby <brent@jfi.uchicago.edu>
Sponsored by: The FreeBSD Foundation
Approved by: ports-secteam (feld, CVE-patch blanket)
sysutils/py-google-compute-engine: disable boto
This avoids breakage when running with python3
PR: 237877
Submitted by: Lucas Kanashiro <lucas.kanashiro@collabora.com> (maintainer)
Approved by: ports-secteam (implicit, bug fix)
Patch to add missing config and take the maintainership
Two new variables was added to instance_config.cfg file
in version 2.8.13 to allow the addition and removal of
users from groups.
I am also taking over the maintainership of this packages
as previously discussed with Helen.
Bump PORTREVISION.
PR: 236500
Submitted by: Lucas Kanashiro <lucas.kanashiro@collabora.com>
Approved by: Helen Koike <helen.koike@collabora.com> (maintainer)
sysutils/py-google-compute-engine: update to 20190416 [1]
This fixes a python3 runtime issue [1]
While here, pull in missing dependency in python3 case [2]
PR: 237505 [1]
PR: 237203 [2]
Submitted by: Lucas Kanashiro <lucas.kanashiro@collabora.com> (maintainer) [1]
Submitted by: Miroslav Lachman <000.fbsd@quip.cz> [2]
Approved by: Lucas Kanashiro <lucas.kanashiro@collabora.com> (maintainer) [2]
sysutils/py-google-compute-engine: fix daemons in python 2.7 case
PR: 237845
Reviewed by: koobs
Approved by: implicit (portmgr, python, jfi blanket)
Approved by: ports-secteam (implicit)
The PostgreSQL Global Development Group has released an update to all
supported versions of our database system, including 11.3, 10.8, 9.6.13,
9.5.17, and 9.4.22. This release fixes two security issues in the
PostgreSQL server, a security issue found in two of the PostgreSQL
Windows installers, and over 60 bugs reported over the last three months.
Security: CVE-2019-10129: Memory disclosure in partition routing
Prior to this release, a user running PostgreSQL 11 can read arbitrary
bytes of server memory by executing a purpose-crafted INSERT statement
to a partitioned table.
Security: CVE-2019-10130: Selectivity estimators bypass row security policies
PostgreSQL maintains statistics for tables by sampling data available in
columns; this data is consulted during the query planning process. Prior
to this release, a user able to execute SQL queries with permissions to
read a given column could craft a leaky operator that could read
whatever data had been sampled from that column. If this happened to
include values from rows that the user is forbidden to see by a row
security policy, the user could effectively bypass the policy. This is
fixed by only allowing a non-leakproof operator to use this data if
there are no relevant row security policies for the table.
This issue is present in PostgreSQL 9.5, 9.6, 10, and 11. The PostgreSQL
project thanks Dean Rasheed for reporting this problem.
Also fix a FreeBSD port problem with LLVM [1] and add promote command
to `service postgresql` [2]
PR: 236100, 234879
Submitted by: tomonori.usaka@ubin.jp [1], Trix Farrar [2]
Approved by: ports-secteam (joneum)
- Add USES=shebangfix where required in geany and geany-plugin-*
ports. This fixes build issues reported by users [1]
- Only bump PORTREVISION for geany-plugin-geanypy since the file
modified in it by shebangfix is actually installed with the pkg
PR: 237862 [1]
Submitted by: Christopher <inbox@alleghenycomputer.com>
Approved by: ports-secteam (joneum)
sysutils/pesign: mark BROKEN after r501212
In file included from /usr/local/include/nss/nss/cert.h:22,
from efikeygen.c:39:
efikeygen.c: In function 'add_cert_type':
/usr/local/include/nss/nss/certt.h:445:5: error: unsigned conversion from 'int' to 'unsigned char' changes value from '496' to '240' [-Werror=overflow]
(NS_CERT_TYPE_SSL_CLIENT | NS_CERT_TYPE_SSL_SERVER | NS_CERT_TYPE_EMAIL | \
^
efikeygen.c:208:23: note: in expansion of macro 'NS_CERT_TYPE_APP'
unsigned char type = NS_CERT_TYPE_APP;
^~~~~~~~~~~~~~~~
Reported by: pkg-fallout
Approved by: ports-secteam blanket
security/nss: unbreak on powerpc64 after r501212
crypto_primitives.c: In function 'swap8b':
crypto_primitives.c:31: error: 'SHA_MASK8' undeclared (first use in this
function)
crypto_primitives.c:31: error: (Each undeclared identifier is reported only
once
crypto_primitives.c:31: error: for each function it appears in.)
crypto_primitives.c:32: error: 'SHA_MASK16' undeclared (first use in this
function)
PR: 237841
Reported by: jhibbits
Approved by: ports-secteam blanket
Apply fix for installation with ruby 2.5
PR: 237478
Submitted by: Koichiro Iwao
Approved by: portmgr (blanket: Build, runtime or packaging fixes, if the quarterly branch version is currently broken)
- Fix reported sporadic crashes
- Enumerate all displays for backlight support
- Fix some compile warnings
- When building debug binaries enable extra debugging code too
PR: 237714
Submitted by: rozhuk.im@gmail.com
Approved by: ports-secteam (miwi)
emulators/rpcs3: unbreak EVDEV after r487789
In file included from rpcs3/rpcs3qt/pad_settings_dialog.cpp:24:
In file included from rpcs3/evdev_joystick_handler.h:7:
/usr/local/include/libevdev-1.0/libevdev/libevdev.h:30:10: fatal error: 'linux/input.h' file not found
#include <linux/input.h>
^~~~~~~~~~~~~~~
Approved by: ports-secteam blanket
emulators/rpcs3: document broken GDB after r482459
Utilities/GDBDebugServer.cpp:357:36: error: no member named 'cr_pack' in 'ppu_thread'
return u32_to_padded_hex(thread->cr_pack());
~~~~~~ ^
Utilities/GDBDebugServer.cpp:386:11: error: no member named 'cr_unpack' in 'ppu_thread'
thread->cr_unpack(hex_to_u32(value));
~~~~~~ ^
Utilities/GDBDebugServer.cpp:736:22: error: out-of-line definition of 'on_task' does not match any declaration in 'GDBDebugServer'
void GDBDebugServer::on_task()
^~~~~~~
Utilities/GDBDebugServer.cpp:811:22: error: out-of-line definition of 'on_exit' does not match any declaration in 'GDBDebugServer'
void GDBDebugServer::on_exit()
^~~~~~~
Utilities/GDBDebugServer.cpp:822:29: error: out-of-line definition of 'get_name' does not match any declaration in 'GDBDebugServer'
std::string GDBDebugServer::get_name() const
^~~~~~~~
Utilities/GDBDebugServer.cpp:827:22: error: out-of-line definition of 'on_stop' does not match any declaration in 'GDBDebugServer'
void GDBDebugServer::on_stop()
^~~~~~~
Utilities/GDBDebugServer.cpp:831:8: error: no member named 'notify' in 'GDBDebugServer'
this->notify();
~~~~ ^
Utilities/GDBDebugServer.cpp:832:2: error: use of undeclared identifier 'old_thread'; did you mean 'pad_thread'?
old_thread::on_stop();
^~~~~~~~~~
pad_thread
rpcs3/Emu/System.h:197:38: note: 'pad_thread' declared here
std::function<std::shared_ptr<class pad_thread>()> get_pad_handler;
^
Utilities/GDBDebugServer.cpp:832:2: error: incomplete type 'pad_thread' named in nested name specifier
old_thread::on_stop();
^~~~~~~~~~~~
rpcs3/Emu/System.h:197:38: note: forward declaration of 'pad_thread'
std::function<std::shared_ptr<class pad_thread>()> get_pad_handler;
^
Utilities/GDBDebugServer.cpp:841:2: error: use of undeclared identifier 'notify'
notify();
^
rpcs3/Emu/System.cpp:1543:30: error: no member named 'on_stop' in 'GDBDebugServer'
fxm::get<GDBDebugServer>()->on_stop();
~~~~~~~~~~~~~~~~~~~~~~~~~~ ^
Approved by: ports-secteam blanket
Prepare for the pending removal of ispec from GENERIC, making sure
that the ipsec kld is loaded.
Suggested by: gallatin@
Approved by: portmgr (joneum@)
multimedia/ffmpeg: backport AOM warning fix
[libaom-av1 encoder @ 0x807b0d1c0] Value -1.000000 for parameter 'enable-intrabc' out of range [0 - 1]
Approved by: ports-secteam blanket
lang/php71: Update from 7.1.28 to 7.1.29
Changelog:
EXIF:
Fixed bug #77950 (Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG).
Mail:
Fixed bug #77821 (Potential heap corruption in TSendMail()).
Changelog taken from: https://www.php.net/ChangeLog-7.php#7.1.29
lang/php71: put mailheader patch back
Reported by: mat
Approved by: ports-secteam (mivy)
devel/aphpunit: Upgrade from 1.7 to 1.8
Changelog:
- Bugfix: now exit with code 1, if no test-cases were found
- Bugfix: now exit with code 1, if not a single assertion was performed
- Bugfix: detected PHP errors are no longer unhandled. They are no reported as error
Changelog taken from: https://gitlab.toco-domains.de/tocOS/APHPUnit/blob/master/CHANGELOG
Approved by: ports-secteam (miwi)
Add AES-CCM and plain SHA digest test vectors.
These will be used to expand testing of OCF crypto algorithms in
future changes to the base system OCF tests.
Approved by: ports-secteam (miwi)
