www/node: Update 11.10.1 -> 11.11.0
https://nodejs.org/en/blog/release/v11.11.0/
Sponsored by: Miles AS
www/node: set environment variables for host build
The Node.js build system supports cross-compilation via node-gyp, which
picks up CC, CXX, LINK, C*FLAGS, and LDFLAGS from the environment for the
target build, but not for the host. We need to set the environment variables
for the "host" build.
This unbreaks the build on powerpc64.
PR: 233650
Reported by: Piotr Kubaj <pkubaj@anongoth.pl>
Sponsored by: Miles AS
Differential Revision: https://reviews.freebsd.org/D19250
net/ocserv: Update to 0.12.3
- Remove LOCAL MASTER_SITES
Noteworthy changes in 0.12.3
- Fixed crash when no DTLS ciphersuite is negotiated.
- Fixed crash happening arbitrarily depending on handled string sizes (#197).
- Fixed compatibility issue with GnuTLS 3.3.x (#201).
- occtl: print the TLS session information, even if the DTLS channel is not established.
Approved by: ports-secteam (miwi)
Backport patches from upstream against all currently known CVEs
PR: 227669
Submitted by: p5B2E9A8F@t-online.de
Security: CVE-2018-19661
CVE-2018-19662
CVE-2017-17456
CVE-2017-17457
CVE-2018-19758
Approved by: ports-secteam (riggs)
databases/pgpool-II-40: Update from 4.0.2 to 4.0.3
Changelog:
- Skip over "host=" when getting info from conninfo string. (Bo Peng)
- Test: Fix old JDBC functions and typos in regression test 068.memqcache_bug. (Takuma Hoshiai)
- Doc: Fix configuration change timing regarding memory_cache_enabled. (Tatsuo Ishii)
- Fix online recovery failed due to client_idle_limit_in_recovery in certain cases. (bug 431) (Tatsuo Ishii)
- Reduce memory usage when large data set is returned from backend. (bug 462) (Tatsuo Ishii)
- Test: Fix syntax error in extended query test script. (Tatsuo Ishii)
- Fix corner case bug when strip_quote() handle a empty query string. (bug 458) (Tatsuo Ishii)
- Doc: Mention that schema qualifications cannot be used in white/black_function_list. (Tatsuo Ishii)
- Fix typo about wd_priority in watchdog_setup. (Takuma Hoshiai)
- Fixed segfault when wd_lifecheck_method = 'query'. (bug 455) (Muhammad Usama)
- The fix was proposed by Muhammad Usama and some adjustments to the patch and testing is done by Yugo Nagata.
- Fix Pgpool child segfault if failover occurs when trying to establish a connection. (Tatsuo Ishii)
- Doc: fix typo in logdir description. (bug 453) (Tatsuo Ishii)
- Fix PAM authentication failed. (Takuma Hoshiai)
- Fix Pgpool-II hang if a client sends a extended query message such as close after sync message but before next simple query. (Tatsuo Ishii)
- Fix Pgpool-II hang when idle_in_transaction_session_timeout = on. (bug 448) (Tatsuo Ishii)
Changelog taken from: http://www.pgpool.net/docs/latest/en/html/release-4-0-3.html
Approved by: ports-secteam (joneum)
databases/pgpool-II-37: Update from 3.7.7 to 3.7.8
Changelog:
- Test: Fix old JDBC functions and typos in regression test 068.memqcache_bug. (Takuma Hoshiai)
- Doc: Fix configuration change timing regarding memory_cache_enabled. (Tatsuo Ishii)
- Fix online recovery failed due to client_idle_limit_in_recovery in certain cases. (bug 431) (Tatsuo Ishii)
- Reduce memory usage when large data set is returned from backend. (bug 462) (Tatsuo Ishii)
- Test: Fix syntax error in extended query test script. (Tatsuo Ishii)
- Fix corner case bug when strip_quote() handle a empty query string. (bug 458) (Tatsuo Ishii)
- Doc: Mention that schema qualifications cannot be used in white/black_function_list. (Tatsuo Ishii)
- Fix typo about wd_priority in watchdog_setup. (Takuma Hoshiai)
- Fix Pgpool child segfault if failover occurs when trying to establish a connection. (Tatsuo Ishii)
- Doc: fix typo in logdir description. (bug 453) (Tatsuo Ishii)
- Fix Pgpool-II hang if a client sends a extended query message such as close after sync message but before next simple query. (Tatsuo Ishii)
- Fix Pgpool-II hang when idle_in_transaction_session_timeout = on. (bug 448) (Tatsuo Ishii)
- Doc: Fix Japanese document typo in pcp_common_options. (Bo Peng)
Changelog taken from: http://www.pgpool.net/docs/latest/en/html/release-3-7-8.html
Approved by: ports-secteam (joneum)
databases/pgpool-II-36: Update from 3.6.14 to 3.6.15
Changelog:
- Test: Fix old JDBC functions and typos in regression test 068.memqcache_bug.
- Doc: Fix configuration change timing regarding memory_cache_enabled.
- Fix online recovery failed due to client_idle_limit_in_recovery in certain cases. (bug 431)
- Fix corner case bug when strip_quote() handle a empty query string. (bug 458)
- Doc: Mention that schema qualifications cannot be used in white/black_function_list.
- Fix typo about wd_priority in watchdog_setup.
- Fix Pgpool child segfault if failover occurs when trying to establish a connection.
- Doc: fix typo in logdir description. (bug 453)
- Fix Pgpool-II hang if a client sends a extended query message such as close after sync message but before next simple query.
- Fix Pgpool-II hang when idle_in_transaction_session_timeout = on. (bug 448)
- Doc: Fix Japanese document typo in pcp_common_options.
Changelog taken from: http://www.pgpool.net/docs/latest/en/html/release-3-6-15.html
Approved by: ports-secteam (joneum)
databases/pgpool-II-35: Update from 3.5.18 to 3.5.19
Changelog:
- Test: Fix old JDBC functions and typos in regression test 068.memqcache_bug.
- Doc: Fix configuration change timing regarding memory_cache_enabled.
- Fix online recovery failed due to client_idle_limit_in_recovery in certain cases. (bug 431)
- Fix corner case bug when strip_quote() handle a empty query string. (bug 458)
- Fix Pgpool child segfault if failover occurs when trying to establish a connection.
- Fix Pgpool-II hang if a client sends a extended query message such as close after sync message but before next simple query.
- Fix Pgpool-II hang when idle_in_transaction_session_timeout = on. (bug 448)
Changelog taken from: http://www.pgpool.net/docs/latest/en/html/release-3-5-19.html
Approved by: ports-secteam (joneum)
databases/pgpool: Upgrade from 3.4.21 to 3.4.22
Changelog:
- Doc: Fix configuration change timing regarding memory_cache_enabled.
- Fix online recovery failed due to client_idle_limit_in_recovery in certain cases. (bug 431)
- Fix corner case bug when strip_quote() handle a empty query string. (bug 458)
- Fix Pgpool child segfault if failover occurs when trying to establish a connection.
- Fix Pgpool-II hang when idle_in_transaction_session_timeout = on.
Approved by: ports-secteam (joneum)
lang/php73: Upgrade from 7.3.2 to 7.3.3
Changelog:
Core:
Fixed bug #77589 (Core dump using parse_ini_string with numeric sections).
Fixed bug #77329 (Buffer Overflow via overly long Error Messages).
Fixed bug #77494 (Disabling class causes segfault on member access).
Fixed bug #77498 (Custom extension Segmentation fault when declare static property).
Fixed bug #77530 (PHP crashes when parsing `(2)::class`).
Fixed bug #77546 (iptcembed broken function).
Fixed bug #77630 (rename() across the device may allow unwanted access during processing).
COM:
Fixed bug #77621 (Already defined constants are not properly reported).
Fixed bug #77626 (Persistence confusion in php_com_import_typelib()).
EXIF:
Fixed bug #77509 (Uninitialized read in exif_process_IFD_in_TIFF).
Fixed bug #77540 (Invalid Read on exif_process_SOFn).
Fixed bug #77563 (Uninitialized read in exif_process_IFD_in_MAKERNOTE).
Fixed bug #77659 (Uninitialized read in exif_process_IFD_in_MAKERNOTE).
Mbstring:
Fixed bug #77514 (mb_ereg_replace() with trailing backslash adds null byte).
MySQL:
Disabled LOCAL INFILE by default, can be enabled using php.ini directive mysqli.allow_local_infile for mysqli, or PDO::MYSQL_ATTR_LOCAL_INFILE attribute for pdo_mysql.
OpenSSL:
Fixed bug #77390 (feof might hang on TLS streams in case of fragmented TLS records).
PDO_OCI:
Support Oracle Database tracing attributes ACTION, MODULE, CLIENT_INFO, and CLIENT_IDENTIFIER.
PHAR:
Fixed bug #77396 (Null Pointer Dereference in phar_create_or_parse_filename).
Fixed bug #77586 (phar_tar_writeheaders_int() buffer overflow).
phpdbg:
Fixed bug #76596 (phpdbg support for display_errors=stderr).
SPL:
Fixed bug #51068 (DirectoryIterator glob:// don't support current path relative queries).
Fixed bug #77431 (openFile() silently truncates after a null byte).
Standard:
Fixed bug #77552 (Unintialized php_stream_statbuf in stat functions).
Fixed bug #77612 (setcookie() sets incorrect SameSite header if all of its options filled).
Changelog taken from: http://www.php.net/ChangeLog-7.php#7.3.3
Approved by: ports-secteam (joneum)
lang/php72: Upgrade from 7.2.15 to 7.2.16
Changelog:
Core:
Fixed bug #77589 (Core dump using parse_ini_string with numeric sections).
Fixed bug #77630 (rename() across the device may allow unwanted access during processing).
COM:
Fixed bug #77621 (Already defined constants are not properly reported).
EXIF:
Fixed bug #77509 (Uninitialized read in exif_process_IFD_in_TIFF).
Fixed bug #77540 (Invalid Read on exif_process_SOFn).
Fixed bug #77563 (Uninitialized read in exif_process_IFD_in_MAKERNOTE).
Fixed bug #77659 (Uninitialized read in exif_process_IFD_in_MAKERNOTE).
PDO_OCI:
Support Oracle Database tracing attributes ACTION, MODULE, CLIENT_INFO, and CLIENT_IDENTIFIER.
PHAR:
Fixed bug #77396 (Null Pointer Dereference in phar_create_or_parse_filename).
SPL:
Fixed bug #51068 (DirectoryIterator glob:// don't support current path relative queries).
Fixed bug #77431 (openFile() silently truncates after a null byte).
Standard:
Fixed bug #77552 (Unintialized php_stream_statbuf in stat functions).
MySQL:
Disabled LOCAL INFILE by default, can be enabled using php.ini directive mysqli.allow_local_infile for mysqli, or PDO::MYSQL_ATTR_LOCAL_INFILE attribute for pdo_mysql.
Changelog taken from: http://www.php.net/ChangeLog-7.php#7.2.16
Approved by: ports-secteam (joneum)
Catch up with smartctl changes while retaining old behaviour.
PR: 236227
Approved by: Krzysztof <ports@bsdserwis.com> (maintainer)
Approved by: ports-secteam (miwi)
net-mgmt/unifi-lts: Fix support for Mongo 3.6+
Ubiquiti still hasn't fixed UniFi-LTS after this was reported ages ago, so
I guess every OS will have to fix this manually.
Reported by: many
Add USES=shared-mime-info
Starting with version 18.12.0, Ark has included a custom kerfuffle.xml mime
type to support zstd-compressed files (the mimetype was only added to
shared-mime-info starting with version 1.11, which we don't ship yet). We need
to make sure update-mime-database is run, otherwise Ark will still fail to
recognize those archives.
Approved by: ports-secteam (blanket approval)
shells/rssh: Apply fixes for basename(3) handling and some security issues
basename(3) has been changed to be POSIX compliant in r308264. This implies
that it can possibly write to the passed string. shells/rssh passes a const
string, so it always crashes on invocation with FreeBSD 12 and later. The
new patches remedy this issue. [1] [2]
During further tests and research came to light that there were also
recently discovered security issues with the parsing of rsync/scp command
line arguments and insufficient sanitization of environment variables when
using rysnc.
The corresponding fixes have been incorporated to the new patches and the
already existing patch for the RSYNC option has been tightened for the
argument parsing. Please note that with this patch the scp option "-3" can
no longer be used. [3]
Furthermore, another patch was applied to make this port a bit more secure.
That patch handles a buffer allocation issue for an error message. [4]
PR: 235121
Submitted by: topical@gmx.net (first version) [1], Jason Harris (maintainer) [2]
Approved by: tcberner (mentor)
Obtained from: Debian [3] [4]
Security: d193aa9f-3f8c-11e9-9a24-6805ca0b38e8
Differential Revision: https://reviews.freebsd.org/D19474
Approved by: ports-secteam (riggs), mentors implicit
Import patch from upstream bug report for xfce4-weather-plugin to
adapt to new upstream weather service API interface.
Previous API version is deprecated and expired by upstream.
While here, remove unneeded USES=intlhack.
PR: 236166
Submitted by: Olivier Duchateau <duchateau.olivier@gmail.com>
Obtained from: https://bugzilla.xfce.org/show_bug.cgi?id=14972
Approved by: ports-secteam (joneum)
sysutils/cluster-glue: unbreak and modernize port
- add USES=gnome
- sort Makefile
- disable HPI option because that port is currently broken
PR: 231097
Submitted by: w.schwarzenfeld@utanet.at
Approved by: port-secteam (joneum)
drm-legacy-kmod: Update to latest snapshot
Update graphics/drm-legacy-kmod to the latest snapshot. This includes the
fix for an off by one error, that was committed as FreeBSD base r343060
Approved by: jmd (maintainer, implicit)
Sponsored by: B3 Init
graphics/drm-legacy-kmod: Update snapshot
Update the graphics/drm-legacy-kmod drivers to the latest snapshot. This
includes fixes to make the driver build on CURRENT after base r343567.
Reported by: Steve Kargl
Approved by: jmd (maintainer, implicit)
Approved by: ports-secteam (implicit, drm kmods)
This merges all changes done to drm-current-kmod, drm-fbsd12.0-kmod and
drm-fbsd11.2-kmod, in order to avoid merge conflicts.
Update pkg-descr to match reality
Update pkg-descr in drm-kmod ports to match reality in terms of which Linux
kernel version they correspond to and which FreeBSD version they are
supporting.
Noticed by: Graham Perrin
graphics/drm-current-kmod: Update messges
Update pkg-message and makefile COMMENT to remove references to
drm-devel-kmod and the mention that this is the development version. It is
the version for FreeBSD CURRENT, so the ride might be a little bumpy, but
it's not the devlopment version.
No changes to package.
FreeBSDDesktop issue: #129
Reported by: grahamperrin
Sponsored by: B3 Init (zeising)
update drm-current and drm-fbsd12.0 snapshots
Update drm-current-kmod and drm-fbsd12.0-kmod to the latest snapshots.
This mutes console chatter about unimplemented stuff, which sometimes is
confusing.
Approved by: jmd (maintainer, implicit)
graphics/drm-fbsd{11.2,12.0}-kmod: Update pkg-message with new names
PR: 235726
Approved by: graphics (jmd)
Differential Revision: https://reviews.freebsd.org/D19189
Update drm kmods for current and FreeBSD 12.0
Update graphics/drm-current-kmod and graphics/drm-fbsd12.0-kmod to their
respective latest snapshots.
This fixes a bug where a non-recursive mutex was used recursively in certain
conditions.
See https://github.com/FreeBSDDesktop/kms-drm/issues/134 for further details
FreeBSDDesktop issue: #134
Approved by: jmd (maintainer, implicit)
Sponsored by: B3 Init
Approved by: ports-secteam (implicit, drm-kmod ports)
net-im/py-slixmpp: Add missing RUN_DEPENDS and fix some other issues
- Switch MASTER_SITES to CHEESESHOP as it ought to be the default for
Python software.
- Adjust COMMENT to match the short description from setup.py.
- Add missing RUN_DEPENDS.
- Standardize test invocation.
- Update WWW to point to project's homepage instead of the Git repository.
Reported by: koobs
Reviewed by: koobs, krion
Approved by: koobs, krion (mentor)
Differential Revision: https://reviews.freebsd.org/D18684
net-im/py-slixmpp: Update to 1.4.2
This release contains a fix for CVE-2019-1000021.
Changelog:
https://lab.louiz.org/poezio/slixmpp/tags/slix-1.4.2
Reviewed by: krion
Approved by: krion (mentor)
Security: 526d9642-3ae7-11e9-a669-8c164582fbac
Security: CVE-2019-1000021
Differential Revision: https://reviews.freebsd.org/D19397
Approved by: ports-secteam (joneum), krion (mentor, implicit)
www/node10: Update 10.15.1 -> 10.15.2
This is a security release. All Node.js users should consult the security
release summary at
https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/
for details on patched vulnerabilities.
Security: b71d7193-3c54-11e9-a3f9-00155d006b02
Sponsored by: Miles AS
Approved by: ports-secteam (miwi)
www/node8: Update 8.15.0 -> 8.15.1
This is a security release. All Node.js users should consult the security
release summary at
https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/
for details on patched vulnerabilities.
Security: b71d7193-3c54-11e9-a3f9-00155d006b02
Sponsored by: Miles AS
Approved by: ports-secteam (miwi)
