x11-toolkits/libhandy: Move e1c500dd02b1.patch to patch file
Checksum of it changed again. It changes all the time because
GitLab insists on embedding the version of whatever Git packages
they have installed in the footer.
PR: 243797
Approved by: ports-secteam blanket
databases/mongodb40-tools: Unbreak build with MONGOTOP=on, MONGOREPLAY=off
===> Building package for mongodb40-tools-4.0.8_2
pkg-static: Unable to access file /wrkdirs/usr/ports/databases/mongodb40-tools/work/stage/usr/local/bin/mongoreplay:No such file or directory
PR: 243685
Approved by: ports-secteam blanket
audio/beets: add missing dependency.
Add devel/py-confuse to the tree since audio/beets needs it.
PR: 243601
Approved by: portmgr (blanket: missing dependency), tcberner (mentor)
mail/opensmtpd: update to 6.6.2p1 relase
This update addressed LPE and RCE vulnerabilities in OpenSMTPD (CVE-2020-7247)
https://www.openwall.com/lists/oss-security/2020/01/28/3
This vulnerability is exploitable since May 2018 (commit a8e222352f, "switch
smtpd to new grammar") and allows an attacker to execute arbitrary shell
commands, as root:
- either locally, in OpenSMTPD's default configuration (which listens on
the loopback interface and only accepts mail from localhost);
- or locally and remotely, in OpenSMTPD's "uncommented" default
configuration (which listens on all interfaces and accepts external
mail).
PR: 243686
Reported by: authors via irc
Relnotes: https://www.mail-archive.com/misc@opensmtpd.org/msg04850.html
Security: CVE-2020-7247
Security: 08f5c27d-4326-11ea-af8b-00155d0a0200
Approved by: ports-secteam (blanket, security issue)
devel/elfutils: fix future build failure w.r.t. stdio _unlocked
Include <stdio.h> early so that the stdio.h function declarations come
first, then redefine fputs/fwrite/fread_unlocked to the locked versions.
fputc_unlocked will be a macro similar to putc_unlocked, so just hide that
one behind an #ifndef since it will be provided as a macro by <stdio.h>. The
other three will be using the technically-incorrect locked variants until
all supported releases provide the needed functions, at which point we can
switch them all at once.
No PORTREVISION bump as this is just a preemptive build fix that doesn't
change the output at all.
QA:
* portlint not ran, no change outside of a single patch
* testport (-CURRENT, amd64; 12.1-RELEASE, amd64; -CURRENT+patch, amd64)
Approved by: koobs (ports), cem (maintainer)
Approved by: ports-secteam (implicit; build fix)
games/openfodder: unbreak with GCC after r521658
In file included from Source/Utils/SimplexIslands.cpp:2:
Source/Utils/SimplexIslands.hpp:65:16: error: 'int32_t' does not name a type
65 | static inline int32_t fastfloor(double fp) {
| ^~~~~~~
Source/Utils/SimplexIslands.hpp: In member function 'double SimplexIslands::noise(double, double)':
Source/Utils/SimplexIslands.hpp:79:11: error: 'fastfloor' was not declared in this scope
79 | int i = fastfloor(xin + s);
| ^~~~~~~~~
PR: 243670
Submitted by: pkubaj
Approved by: ports-secteam blanket
lang/erlang*: repair 32-bit x86 erlang builds
Having HIPE & NATIVE enabled breaks OTP on 32-bit x86. They have not
built succesfully for quite some time.
Reported by: pkg fallout
Reviewed by: olgeni
Sponsored by: SkunkWerks, GmbH
Differential Revision: https://reviews.freebsd.org/D23296
lang/erlang*: include serious scheduler bugfixes
OTP-16371
Taking a scheduler offline could cause timers set while executing on
that scheduler to be delayed until the scheduler was put online again.
This bug was introduced in ERTS version 10.0 (OTP 21.0).
OTP-16378 | ERL-1125
The ets:update_counter/4 core dumped when given an ordered_set with
write_concurrency enabled and an invalid position.
OTP-16379
A process calling erlang:system_flag(multi_scheduling, block) could end
up blocked waiting for the operation to complete indefinitely.
Reviewed by: olgeni
Sponsored by: SkunkWerks, GmbH
Differential Revision: https://reviews.freebsd.org/D23313
Approved by: portmgr
sysutils/runit-faster: Fix runsvdir rc script
%%RUNITDIR%% was not replaced with the correct dir leading to
/var/run/runit/runsvdir/current pointing to some bogus location.
Approved by: ports-secteam runtime fix blanket
Fix accidental removal of devfs_rulesets on jail stop
Pulls in a bugfix[0] that has been merged upstream[1].
This bug caused manually configured devfs_rulesets to get deleted on jail
stop, causing jails to come up with a default devfs rules on next start,
which can be a nuisance or even dangerous, depending on the specific setup.
Also adds a minimum devfs_ruleset id for dynamically created devfs rulesets
and fixes a devfs_ruleset resource leak when using plugins.
Take maintainership, as suggested by araujo@ (thanks for taking care of that
port for so long!).
[0]https://github.com/iocage/iocage/pull/1106
[1]753b2f3573
PR: 243510
Approved by: araujo (maintainer)
Approved by: ports-secteam (joneum)
www/iridium: copy snappy fix from chromium
just like chromium (from which it was forked), iridium embeds a copy
of snappy (the compression library) and cannot be fully switched to
the system-provided archivers/snappy in an easy way. consider this a
band-aid patch
Reported by: pkubaj
Approved by: portmgr (blanket: web browser, build fix)
fix build
in a 12.1amd64 poudriere, chromium failed:
In file included from ../../third_party/leveldatabase/port/port_chromium.cc:10:
../../third_party/snappy/src/snappy.h:76:59: error: unknown type name 'string'; did you mean 'std::string'?
size_t Compress(const char* input, size_t input_length, string* output);
^~~~~~
std::string
/usr/include/c++/v1/iosfwd:211:65: note: 'std::string' declared here
instead of trying to muck around with type aliasing (see
snappy-stubs-public.h.in) just reference thy type directly, as there's only
one file requiring patching.
Approved by: portmgr (blanket: web browser, just fix it)
Fix calibre-server startup script by extending the PATH to include
LOBALBASE/bin.
The server looks in path for the pdftohtml binary, which is used
to render PDF files for viewing in the browser.
Reported by: Alexander Leidinger <Alexander@leidinger.net>
Approved by: ports-secteam (joneum)
sysutils/lsof: fix build following base r356337.
I took the patch from 243122 as it was more correct.
PR: 243122, 243083
Submitted by: cy, yasu@utahime.org
sysutils/lsof: fix after base r356432.
PR: 243172
Submitted by: mjg
Reported by: yasu@utahime.org
sysutils/lsof: add a PPC64 work around for needing -lzpool
PR: 242833
Submitted by: luciano@vespaperitivo.it
sysutils/lsof: fix build on powerpc, powerpc64, powerpcse
PR: 242758
Submitted by: pkubaj
Approved by: ports-secteam (joneum)
net-mgmt/netbox: Update to 2.6.12
Changelog:
Enhancements:
* Improved NAPALM method documentation in Swagger (OpenAPI)
* Preview image attachments when hovering over the link
* Allow NAPALM driver settings to be changed with request headers
* Toggle the display of child prefixes/IP addresses
* Search by description when assigning IP address to interfaces
* Add tenant filter field for cables
* Enable filtering of interfaces by name on the device view
* Add rack selection field to rack elevations view
* Paginate assigned circuits at the provider details view
* Add total path length to cable trace
* Include content of response on webhook error
* Enable word expansion during interface creation
* Enable searching by DNS name when assigning IP address
* Allow passing initial data to custom script forms
* Add local_context_data filter for virtual machines
Bug Fixes:
* Fix validation on tagged VLANs of an interface
* Fix ordering of models when dumping data to JSON
* Fix device role link on config context view
* Allow filtering VM interfaces by multiple MAC addresses
* Fix rendering of grouped custom links
* Allow filtering device components by multiple device names
* Disallow /0 masks for prefixes and IP addresses
* Paginate related IPs on the IP address view
* Fix minimum/maximum value rendering for site ASN field
* Fix filtering of devices by rack group
* Fix references to deleted cables without a label
* Fix divide-by-zero on power feeds with low power values
https://github.com/netbox-community/netbox/releases
Approved by: ports-secteam (joneum)
