databases/pgpool: Upgrade from 3.4.23 to 3.4.24
Changelog:
Enhancements
- Speed up failover when all of backends are down. (Tatsuo Ishii)
- pgpool-recovery extension and pgpool_setup is now ready for the next major release PostgreSQL 12. (Tatsuo Ishii)
Bug fixes
- Fix the wrong error message "ERROR: connection cache is full", when all backend nodes are down. (bug 487) (Bo Peng)
- Avoid exit/fork storm of pool_worker_child process. (Tatsuo Ishii)
- Fix black_function_list's broken default value. (Tatsuo Ishii)
- Fix "not enough space in buffer" error. (bug 499) (Tatsuo Ishii)
- The error occurred while processing error message returned from backend and the cause is that the query string in question is too big. Problem is, the buffer is in fixed size (8192 bytes). Eliminate the fixed size buffer and use palloced buffer instead. This also saves some memory copy work.
- Fix DROP DATABASE failure. (Tatsuo Ishii)
- Fix wrong variable in read_status_file() function. (bug 493) (Takuma Hoshiai)
- Fix compiler warnings. (Tatsuo Ishii)
Changelog taken from: http://www.pgpool.net/docs/latest/en/html/release-3-4-24.html
Approved by: ports-secteam (mivy)
graphics/drm-devel-kmod: fix package
Fix packaging of graphics/drm-devel-kmod, the amdkfd module has been
disabled, and I missed this last night. Remove it from the pkg-plist by
commenting it out for all architectures for now.
This is a stop gap measure to get the port to package, until I can touch
base with johalun and jmd about how to handle this permanently.
Sponsored by: B3 Init
Approved by: ports-secteam (implicit, drm-drivers blanket)
add graphics/drm-devel-kmod
Add graphics/drm-devel-kmod, development version of the lkpi based DRM
graphics drivers. This version is experimental, and for recent CURRENT
only.
This version currently corresponds to Linux 5.0 DRM drivers, and should give
better support for more recent Intel and AMD GPUs.
Please note that this port is copied from drm-current-kmod, rather than
resurrected from the old drm-devel-kmod port, that's because
drm-current-kmod was created by copying the old drm-devel-kmod when that
went to a more stable version.
Big thank you to everyone who has worked on this, and johalun in particuar,
who has done most of the heavy lifting.
Approved by: jmd (maintainer, implicit)
Sponsored by: B3 Init
drm-kmod ports: Update conflicts
Update conflicts for all drm-kmod ports to take into account the new
drm-devel-kmod port.
Sponsored by: B3 Init
Remove old drm-devel-kmod entry
Sponsored by: B3 Init
graphics/drm-current-kmod: Adjust FreeBSD compat
Update the FreeBSD OSVERSION compat of drm-current-kmod after the latest
update in r502043.
Suggested by: jbeich
Discussed with: johalun
Aproved by: jmd (maintainer, implicit)
Sponsored by: B3 Init
Approved by: ports-secteam (implicit, drm-drivers blanket)
graphics/drm-current-kmod: Update snapshot
Update graphics/drm-current-kmod to the latest snapshot.
This update takes into account changes in lkpi in base, and makes use of
debugfs in base, instead of the bundled one.
note: If you are on an older version of current, prior to r347973, you might
need to update current first, before updating this driver.
Approved by: jmd (maintainer, implicit)
Sponsored by: B3 Init
Approved by: ports-secteam (implicit, drm-drivers blanket)
www/firefox: restore SafeBrowsing v4 after r495403
Required for phishing protection. Not covered by uBlock Origin lists.
Looks like #Mozilla didn't announce the POLA-violating change anywhere
public despite backporting to ESR60.
https://bugzilla.mozilla.org/show_bug.cgi?id=1531176
Approved by: ports-secteam blanket
Add explicit build depend on python, since it's actually used during
the install phase.
PR: 237862
Submitted by: Christopher <inbox@alleghenycomputer.com>
Approved by: ports-secteam (miwi)
databases/mysql80-{client, server}: Update to latest release 8.0.16
This update includes:
Bugfixes:
- InnoDB: Undo tablespaces remained unencrypted after enabling
undo tablespace encryption at startup. (Bug #29477795)
- InnoDB: Problematic macros introduced with undo tablespace DDL support
(Bug #29324132, Bug #94243).
- InnoDB: Static thread local variables defined at the wrong scope
were not released at thread exit. (Bug #29305186)
- Memory leaks discovered in the innochecksum (Bug #28917614, Bug #93164).
New features:
- MySQL C API now supports asynchronous functions for
nonblocking communication with the MySQL server.
- MySQL now supports a new Chinese collation, utf8mb4_zh_0900_as_cs
- CMake now causes the build process to link with the llvm lld linker
for Clang if it is available.
Security Fix:
CVE-2019-2632, CVE-2019-2693, CVE-2019-2694, CVE-2019-2695 and other fixes.
More info: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
PR: 237399
Reported by: Brent Busby <brent@jfi.uchicago.edu>
Sponsored by: The FreeBSD Foundation
Approved by: ports-secteam (feld, CVE-patch blanket)
databases/mysql57-{client, server}: Update to latest release 5.7.26
This update includes:
Bugfix:
- InnoDB: Optimized internal temporary tables did not support
in-place UPDATE operations
- InnoDB: A function called by a CREATE TABLE thread attempted access after free()
- InnoDB: The INDEX_LENGTH value in INFORMATION_SCHEMA.TABLES
was not updated when adding an index
- The authentication_ldap_simple plugin could enforce authentication incorrectly
More info: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-26.html
Security Fix:
CVE-2019-2632, CVE-2019-1559, CVE-2018-3123, and other fixes.
More info: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
PR: 237399
Reported by: Brent Busby <brent@jfi.uchicago.edu>
Sponsored by: The FreeBSD Foundation
Approved by: ports-secteam (feld, CVE-patch blanket)
databases/mysql56-{client, server}: Update to latest release 5.6.44
This update includes
Bugfix:
- InnoDB: The INDEX_LENGTH value in INFORMATION_SCHEMA.TABLES
was not updated when adding an index
- MySQL 5.6 did not build with maintainer mode enabled with GCC 7
- A damaged mysql.user table could cause a server exit
- mysqladmin shutdown did not wait for mysqld to shut down
More info: https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-44.html
Security Fix:
CVE-2019-1559, CVE-2018-3123 and other fixes.
More info: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL<Paste>
PR: 237399
Reported by: Brent Busby <brent@jfi.uchicago.edu>
Sponsored by: The FreeBSD Foundation
Approved by: ports-secteam (feld, CVE-patch blanket)
sysutils/py-google-compute-engine: disable boto
This avoids breakage when running with python3
PR: 237877
Submitted by: Lucas Kanashiro <lucas.kanashiro@collabora.com> (maintainer)
Approved by: ports-secteam (implicit, bug fix)
Patch to add missing config and take the maintainership
Two new variables was added to instance_config.cfg file
in version 2.8.13 to allow the addition and removal of
users from groups.
I am also taking over the maintainership of this packages
as previously discussed with Helen.
Bump PORTREVISION.
PR: 236500
Submitted by: Lucas Kanashiro <lucas.kanashiro@collabora.com>
Approved by: Helen Koike <helen.koike@collabora.com> (maintainer)
sysutils/py-google-compute-engine: update to 20190416 [1]
This fixes a python3 runtime issue [1]
While here, pull in missing dependency in python3 case [2]
PR: 237505 [1]
PR: 237203 [2]
Submitted by: Lucas Kanashiro <lucas.kanashiro@collabora.com> (maintainer) [1]
Submitted by: Miroslav Lachman <000.fbsd@quip.cz> [2]
Approved by: Lucas Kanashiro <lucas.kanashiro@collabora.com> (maintainer) [2]
sysutils/py-google-compute-engine: fix daemons in python 2.7 case
PR: 237845
Reviewed by: koobs
Approved by: implicit (portmgr, python, jfi blanket)
Approved by: ports-secteam (implicit)
The PostgreSQL Global Development Group has released an update to all
supported versions of our database system, including 11.3, 10.8, 9.6.13,
9.5.17, and 9.4.22. This release fixes two security issues in the
PostgreSQL server, a security issue found in two of the PostgreSQL
Windows installers, and over 60 bugs reported over the last three months.
Security: CVE-2019-10129: Memory disclosure in partition routing
Prior to this release, a user running PostgreSQL 11 can read arbitrary
bytes of server memory by executing a purpose-crafted INSERT statement
to a partitioned table.
Security: CVE-2019-10130: Selectivity estimators bypass row security policies
PostgreSQL maintains statistics for tables by sampling data available in
columns; this data is consulted during the query planning process. Prior
to this release, a user able to execute SQL queries with permissions to
read a given column could craft a leaky operator that could read
whatever data had been sampled from that column. If this happened to
include values from rows that the user is forbidden to see by a row
security policy, the user could effectively bypass the policy. This is
fixed by only allowing a non-leakproof operator to use this data if
there are no relevant row security policies for the table.
This issue is present in PostgreSQL 9.5, 9.6, 10, and 11. The PostgreSQL
project thanks Dean Rasheed for reporting this problem.
Also fix a FreeBSD port problem with LLVM [1] and add promote command
to `service postgresql` [2]
PR: 236100, 234879
Submitted by: tomonori.usaka@ubin.jp [1], Trix Farrar [2]
Approved by: ports-secteam (joneum)
- Add USES=shebangfix where required in geany and geany-plugin-*
ports. This fixes build issues reported by users [1]
- Only bump PORTREVISION for geany-plugin-geanypy since the file
modified in it by shebangfix is actually installed with the pkg
PR: 237862 [1]
Submitted by: Christopher <inbox@alleghenycomputer.com>
Approved by: ports-secteam (joneum)
sysutils/pesign: mark BROKEN after r501212
In file included from /usr/local/include/nss/nss/cert.h:22,
from efikeygen.c:39:
efikeygen.c: In function 'add_cert_type':
/usr/local/include/nss/nss/certt.h:445:5: error: unsigned conversion from 'int' to 'unsigned char' changes value from '496' to '240' [-Werror=overflow]
(NS_CERT_TYPE_SSL_CLIENT | NS_CERT_TYPE_SSL_SERVER | NS_CERT_TYPE_EMAIL | \
^
efikeygen.c:208:23: note: in expansion of macro 'NS_CERT_TYPE_APP'
unsigned char type = NS_CERT_TYPE_APP;
^~~~~~~~~~~~~~~~
Reported by: pkg-fallout
Approved by: ports-secteam blanket
security/nss: unbreak on powerpc64 after r501212
crypto_primitives.c: In function 'swap8b':
crypto_primitives.c:31: error: 'SHA_MASK8' undeclared (first use in this
function)
crypto_primitives.c:31: error: (Each undeclared identifier is reported only
once
crypto_primitives.c:31: error: for each function it appears in.)
crypto_primitives.c:32: error: 'SHA_MASK16' undeclared (first use in this
function)
PR: 237841
Reported by: jhibbits
Approved by: ports-secteam blanket
Apply fix for installation with ruby 2.5
PR: 237478
Submitted by: Koichiro Iwao
Approved by: portmgr (blanket: Build, runtime or packaging fixes, if the quarterly branch version is currently broken)
- Fix reported sporadic crashes
- Enumerate all displays for backlight support
- Fix some compile warnings
- When building debug binaries enable extra debugging code too
PR: 237714
Submitted by: rozhuk.im@gmail.com
Approved by: ports-secteam (miwi)
emulators/rpcs3: unbreak EVDEV after r487789
In file included from rpcs3/rpcs3qt/pad_settings_dialog.cpp:24:
In file included from rpcs3/evdev_joystick_handler.h:7:
/usr/local/include/libevdev-1.0/libevdev/libevdev.h:30:10: fatal error: 'linux/input.h' file not found
#include <linux/input.h>
^~~~~~~~~~~~~~~
Approved by: ports-secteam blanket
emulators/rpcs3: document broken GDB after r482459
Utilities/GDBDebugServer.cpp:357:36: error: no member named 'cr_pack' in 'ppu_thread'
return u32_to_padded_hex(thread->cr_pack());
~~~~~~ ^
Utilities/GDBDebugServer.cpp:386:11: error: no member named 'cr_unpack' in 'ppu_thread'
thread->cr_unpack(hex_to_u32(value));
~~~~~~ ^
Utilities/GDBDebugServer.cpp:736:22: error: out-of-line definition of 'on_task' does not match any declaration in 'GDBDebugServer'
void GDBDebugServer::on_task()
^~~~~~~
Utilities/GDBDebugServer.cpp:811:22: error: out-of-line definition of 'on_exit' does not match any declaration in 'GDBDebugServer'
void GDBDebugServer::on_exit()
^~~~~~~
Utilities/GDBDebugServer.cpp:822:29: error: out-of-line definition of 'get_name' does not match any declaration in 'GDBDebugServer'
std::string GDBDebugServer::get_name() const
^~~~~~~~
Utilities/GDBDebugServer.cpp:827:22: error: out-of-line definition of 'on_stop' does not match any declaration in 'GDBDebugServer'
void GDBDebugServer::on_stop()
^~~~~~~
Utilities/GDBDebugServer.cpp:831:8: error: no member named 'notify' in 'GDBDebugServer'
this->notify();
~~~~ ^
Utilities/GDBDebugServer.cpp:832:2: error: use of undeclared identifier 'old_thread'; did you mean 'pad_thread'?
old_thread::on_stop();
^~~~~~~~~~
pad_thread
rpcs3/Emu/System.h:197:38: note: 'pad_thread' declared here
std::function<std::shared_ptr<class pad_thread>()> get_pad_handler;
^
Utilities/GDBDebugServer.cpp:832:2: error: incomplete type 'pad_thread' named in nested name specifier
old_thread::on_stop();
^~~~~~~~~~~~
rpcs3/Emu/System.h:197:38: note: forward declaration of 'pad_thread'
std::function<std::shared_ptr<class pad_thread>()> get_pad_handler;
^
Utilities/GDBDebugServer.cpp:841:2: error: use of undeclared identifier 'notify'
notify();
^
rpcs3/Emu/System.cpp:1543:30: error: no member named 'on_stop' in 'GDBDebugServer'
fxm::get<GDBDebugServer>()->on_stop();
~~~~~~~~~~~~~~~~~~~~~~~~~~ ^
Approved by: ports-secteam blanket
Prepare for the pending removal of ispec from GENERIC, making sure
that the ipsec kld is loaded.
Suggested by: gallatin@
Approved by: portmgr (joneum@)
multimedia/ffmpeg: backport AOM warning fix
[libaom-av1 encoder @ 0x807b0d1c0] Value -1.000000 for parameter 'enable-intrabc' out of range [0 - 1]
Approved by: ports-secteam blanket
lang/php71: Update from 7.1.28 to 7.1.29
Changelog:
EXIF:
Fixed bug #77950 (Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG).
Mail:
Fixed bug #77821 (Potential heap corruption in TSendMail()).
Changelog taken from: https://www.php.net/ChangeLog-7.php#7.1.29
lang/php71: put mailheader patch back
Reported by: mat
Approved by: ports-secteam (mivy)
