switch kicad-doc from source to pre-built docs
The build process is rather unstable on our asciidoc toolchain, but
then the doc files are completely independent of OS and machine
architecture, so there's nothing which stops us from just taking the
ready-built files from upstream. At the same time this enables two
additional documentation languages (polnish and chinese) - their
build process was even more unstable than the rest in my environment.
PR: 241183
Approved by: ports-secteam (joneum@)
textproc/apache-solr: security related update to 8.4.1
Switch java version to current LTS version.
Security: e59cb761-5ad8-11ea-abb7-001b217b3468
Approved by: ports-secteam (joneum)
x11/xdm: Fix generation of etc/X11/xdm/Xresources
By some stupidity of autotools, spacing for a sed regexp used to generate
Xresources gets broken, and the sed command doen't match as it should. This
results in an Xresources file with an extra '#endif /* XPM */', which breaks
the file.
Patch Makefile.in to fix the regexp and have Xresources generated properly.
PR: 244404
Reported by: olgeni
Approved by: ports-secteam (joenum)
mail/opensmtpd: update to 6.6.4p1 security releaase
SECURITY RELEASE
An out of bounds read in smtpd allows an attacker to inject arbitrary commands into the envelope file which are then executed as root. Separately, missing privilege revocation in smtpctl allows arbitrary commands to be run with the _smtpq group.
Approved by: ports-secteam (joneum)
Security: CVE-2020-8793, CVE-2020-8794
net/freeradius-client: unbreak fetch, update to 1.1.7 release
Maintainer didn't unbreak the port over 3 months since it was marked unfetchable,
version 1.1.7 was released 26.05.2017
Approved by: maintainer (timeout)
Approved by: ports-secteam (joneum)
Update Postfix to 3.4.9 (bugfix-only release)
While here, also strip libexec/postfix/postlogd.
Announcement: http://www.postfix.org/announcements/postfix-3.4.9.html
Fixed in all supported stable releases:
Bug (introduced: Postfix 3.1): smtp_dns_resolver_options were broken while adding support for negative DNS response caching in postscreen. Postfix was inadvertently changed to call res_query() instead of res_search(). Reported by Jaroslav Skarvada.
Bug (introduced: Postfix 2.5): Postfix ignored the CONNECT macro overrides from a Milter application. Postfix now evaluates the Milter macros for an SMTP CONNECT event after the Postfix-to-Milter connection is negotiated. Problem reported by David Bürgin.
Bug (introduced: Postfix 3.0): sanitize (remote) server responses before storing them in the verify database, to avoid Postfix warnings about malformed UTF8. Found during code maintenance.
PR: 243879
Submitted by: Juraj Lutter <juraj@lutter.sk>
Approved by: maintainer timeout 15d (ohauer@)
Differential Revision: https://reviews.freebsd.org/D23502
Approved by: ports-secteam (joneum@)
Graphics/drm-fbsd11.2-kmod: Update snapshot
Update graphics/drm-fbsd11.2-kmod to the latest snapshot.
Make unsynchronized DRM_IOCTL_I915_GEM_USERPTR work in mesa on 7th
generation Haswell graphics. This is needed for vulkan.
Add devctl (devd) notification for monitor hotplug.
Approved by: portmgr (implicit, drm-drivers blanket)
devel/valgrind(-devel): Fix compiler version detection hopefully forever
Every time a compiler major version is bumped, we run into this exact
same error:
===> Configuring for valgrind-3.10.1.20160113_7,1
...
checking for a supported version of gcc... no (10.0.0)
configure: error: please use gcc >= 3.0 or clang >= 2.9
Attempt to fix this for all versions in the future.
Other fix included: don't use undefined behavior to implement offsetof,
just use the official builtin function instead.
Approved by: portmgr (joneum)
PR: 244234
graphics/drm-fbsd12.0-kmod: Update snapshot
Update the graphics/drm-fbsd12.0-kmod snapshot
Make unsynchronized DRM_IOCTL_I915_GEM_USERPTR work in mesa on 7th
generation Haswell graphics. This is needed for vulkan.
Approved by: portmgr (implicit, drm-drivers blanket)
www/p5-Gantry: correctly escape $
In make(1), "$$" is the escaped version of "$", rather than the expected
"\$". this expression was getting passed through to ${REINPLACE_CMD} as
"s,\NV{..." rathern than the expected "s,$ENV{..." -- bug #229925 makes \N
an illegal expression, as ordinary characters will be disallowed from being
escaped in preparation for future changes to grant some of these escape
sequences GNU-extended behavior.
PR: 240310
Approved by: koobs (mentor), bapt (mentor)
Approved by: portmgr (maintainer timeout: 4 months, blanket: bugfix)
Differential Revision: https://reviews.freebsd.org/D23701
Approved by: ports-secteam (blanket: bugfix)
x11-toolkits/p5-Alien-wxWidgets: remove extraneous escapes
post-patch phase of this port uses sed to replace 'wx-config with
'${WX_CONFIG:T}. Previously it escaped the ', but this is not necessary in
this context.
Remove the extraneous escape so that it doesn't get passed through to sed(1)
as an escape of an ordinary character. This is important as the patch in bug
#229925 will make such escapes an error to ease transition into a world
where some escaped-ordinaries will be granted a special meaning.
PR: 240450
Approved by: koobs (mentor), bapt (mentor)
Approved by: portmgr (maintainer timeout: 4 months)
Differential Revision: https://reviews.freebsd.org/D23702
Approved by: ports-secteam (implicit, future build fix)
x11-toolkits/p5-Alien-wxWidgets: add missing file to pkg-plist
This appears to have been overlooked in a previous update, so note its
presence in the pkg-plist.
This fixes Q/A checks run by `poudriere testport`.
Approved by: koobs (mentor), bapt (mentor)
Differential Revision: D23702 (included, but not the primary change)
Approved by: ports-secteam (implicit, packaging fix)
www/foswiki: remove redundant escape
= does not need to be escaped in this context; bug #229925 will make this
escape as well as the escape of most ordinary characters an error to reduce
friction when some of these ordinary characters are later granted special
GNU-extended behavior.
No functional change, no need to bump PORTREVISION.
PR: 240309
Approved by: koobs (mentor), bapt (mentor)
Approved by: portmgr (maintainer timeout: 4 months)
Differential Revision: https://reviews.freebsd.org/D23698
Approved by: ports-secteam (implicit, future build fix)
qemu-user-static: revert SSP_CFLAGS workaround (ports r501032)
This was later diagnosed to be a bug in libc, which has since been addressed
in all supported releases and branches. PORTREVISION is bumped as SSP_CFLAGS
will change the output, and for consumers of these two ports it is
imperative that it be rebuilt against the updated libc to avoid high failure
rates. In testing qemu-user-static-devel failed roughly 60% of the time,
rendering it unusable as each fork/exec was yet one more chance to fail.
The bug was fixed in the following patch levels (FreeBSD-EN-20:01.ssp):
- 12.1-p2
- 12.0-p13
- 11.3-p6
PR: 243735
Approved by: koobs (ports)
Approved by: ports-secteam (implicit, runtime fix)
glib20: revert SSP_CFLAGS workaround (ports r500819)
This was later diagnosed to be a bug in libc, which has since been addressed
in all supported releases and branches. PORTREVISION is bumped as SSP_CFLAGS
will change the output.
The bug was fixed in the following patch levels (FreeBSD-EN-20:01.ssp):
- 12.1-p2
- 12.0-p13
- 11.3-p6
PR: 243735
Approved by: kwm (gnome, maintainer via IRC)
Approved by: ports-secteam (miwi)
mail/fetchmail: mail/fetchmailconf: update to 6.4.2, make Python 3 compatible
Fetchmail updated to new revision 6.4.2
- one bugfix
- manual page updates
- update of Chinese (simplified) translation
- massive fetchmailconf overhaul
+ Python 3 compatible (requires py-future)
+ Supports IPv6 and SSL probing
- remove two patches for fetchmail that are in the upstream release
- add a smoke test to fetchmailconf's post-install,
and a patch to support that running without X11 $DISPLAY.
PR: 244130
Submitted by: mandree@
Reviewed by: Corey Halpin <chalpin@cs.wisc.edu> (maintainer)
Approved by: Corey Halpin <chalpin@cs.wisc.edu> (maintainer)
Approved by: ports-secteam@ (joneum@)
games/anki: Update to 2.1.16
* Backport two patches from upstream that fix the argument handling with
multimedia/mpv since r520597.
* Also slightly change the MASTER_SITES as upstream distribute tarballs for
newer versions only via GitHub.
Although there are already some newer releases available use the 2.1.16
release for a while. It's mainly because the build process has changed a
lot since the 2.1.17 release and still needs to be investigated a little
more closely.
Changelog:
https://apps.ankiweb.net/docs/changes.html#changes-in-2.1.16
Approved by: ports-secteam bugfix blanket
security/softether5: fix build on non-x86 architectures
Tested on: Raspberry Pi 3 Model B+
Sponsored by: HAW International
Approved by: portmgr blanket (fix build)