cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
138,042 Commits 1 Branch 0 Tags
Commit Graph

108 Commits

Author SHA1 Message Date
naddy
b3b70c47ec Update to 4.0.10. 
Disable the new support for ZSTD and WebP compression for the time being
to avoid bringing in extra dependencies.
 2018-12-05 20:35:25 +00:00
sthen
25f0e460f2 Add COMPILER lines to c++ ports which currently use the default. Adjust 
some existing COMPILER lines with arch restrictions etc. In the usual
case this is now using "COMPILER = base-clang ports-gcc base-gcc" on
ports with c++ libraries in WANTLIB.

This is basically intended to be a noop on architectures using clang
as the system compiler, but help with other architectures where we
currently have many ports knocked out due to building with an unsuitable
compiler -

- some ports require c++11/newer so the GCC version in base that is used
on these archirtectures is too old.

- some ports have conflicts where an executable is built with one compiler
(e.g. gcc from base) but a library dependency is built with a different
one (e.g. gcc from ports), resulted in mixing incompatible libraries in the
same address space.

devel/gmp is intentionally skipped as it's on the path to building gcc -
the c++ library there is unused in ports (and not built by default upstream)
so intending to disable building gmpcxx in a future commit.
 2018-10-24 14:27:57 +00:00
landry
c37eb2c6a8 Update to tiff 4.0.9. 
See http://www.simplesystems.org/libtiff/v4.0.9.html for changes -
fixing a bunch of CVEs and bugs found via fuzzing.
Went in a bulk build without fallout.
 2017-11-24 11:23:50 +00:00
sthen
5e964ab0df bump LIBCXX/LIBECXX/COMPILER_LIBCXX ports. 2017-07-26 22:45:14 +00:00
espie
c114d7057b add pthread to COMPILER_LIBCXX. 
white lie, but it allows clang and gcc to be more similar
bump accordingly.
 2017-07-23 09:26:25 +00:00
espie
8ac47fd9c6 use COMPILER_LIBCXX where applicable 2017-07-16 19:18:47 +00:00
naddy
8f6b7a6780 Security update to 4.0.8: 
Fixes CVE-2017-5225, CVE-2017-7592 to -7602
 2017-05-26 20:50:57 +00:00
sthen
bcbf44ab87 use LIBCXX 2017-04-10 11:46:18 +00:00
naddy
69ccef1601 bump REVISION to clearly distinguish this from the -stable package, 
which has a different shared library major version; ok jca@ kili@
 2016-11-30 22:40:31 +00:00
naddy
1f8cdd4e20 Update to 4.0.7. 
* Multiple security fixes, including
  CVE-2016-3622, CVE-2014-8127, CVE-2016-9273, CVE-2016-9448,
  MSVR 35094, MSVR 35095, MSVR 35105
* Remove obsolete tools bmp2tiff, gif2tiff, ras2tiff, sgi2tiff, sgisv, ycbcr
 2016-11-29 20:00:35 +00:00
jasper
a5f9cad7b7 fixes for CVE-2016-3186 and CVE-2016-5875 2016-07-01 11:23:44 +00:00
naddy
ce859edcb4 garbage collect CONFIGURE_SHARED 2016-03-11 20:28:21 +00:00
naddy
7c8440a0fc Fix a number of out-of-bound reads and writes, including CVE-2015-8665 and 
CVE-2015-8683.  From upstream CVS.
 2016-01-24 16:48:48 +00:00
naddy
60c359a7bc update to 4.0.6, no major changes 2015-11-04 20:51:36 +00:00
naddy
13d3eb3dc1 Update to 4.0.4. No major changes. 2015-07-08 19:36:54 +00:00
naddy
5e20edcff3 Security update to 4.0.4beta (plus one further upstream fix). 
Should fix CVE-2014-8127, CVE-2014-8128, CVE-2014-8129, CVE-2014-8130,
CVE-2014-9655, CVE-2015-1547.
 2015-03-29 17:39:22 +00:00
jasper
bb3536112b Security fixes for 
CVE-2013-1960 - Heap-based buffer overflow
CVE-2013-1961 - Stack-based buffer overflow

ok sthen@
 2013-05-03 11:00:39 +00:00
naddy
21a6eb6a66 Reinstate the interlibrary dependencies, fix .pc files. 
Parts/help/input from brad@
 2013-03-27 16:37:09 +00:00
ajacoutot
58f1a6f9f6 USE_LIBTOOL=Yes is the default now. 2013-03-21 08:45:11 +00:00
espie
e4fa65e765 PERMIT_* / REGRESS -> TEST sweep 2013-03-11 11:10:51 +00:00
jasper
a6f7cc5f4f Security fix for CVE-2012-4564 
libtiff: Missing return value check in ppm2tiff leading to heap-buffer overflow when reading a tiff file

ok naddy@
 2012-11-06 21:31:06 +00:00
naddy
be5efd77b8 Update to 4.0.3. 
* A number of security issues have been resolved, including CVE-2012-3401.
* Accessor functions for TIFF field information have been added to
  support functionality which was available in libtiff 3.9.X.

ok jasper@
 2012-09-24 19:51:03 +00:00
jasper
06cec91f2a Update tiff to 4.0.2, includes a fix for CVE-2012-2113, 
LibTIFF "tiff2pdf" Integer Overflow Vulnerability
 2012-06-27 14:27:02 +00:00
naddy
5cab5c465d Major update to 4.0.1, which adds BigTIFF support and includes some API 
changes.  Also include upstream fix for CVE-2012-1173.
 2012-04-14 15:09:55 +00:00
naddy
1a6a73c4b1 SECURITY fix for CVE-2012-1173 (integer overflow). 
From upstream, via Sebastien Marie.
http://bugzilla.maptools.org/show_bug.cgi?id=2369
 2012-04-09 17:35:38 +00:00
naddy
5a919588de maintenance update to 3.9.6 2012-04-09 17:21:05 +00:00
sthen
88ea72915d Change SEPARATE_BUILD=(concurrent|simple) to Yes; bsd.port.mk doesn't 
make a distinction between these.  ok aja@ dcoppa@
 2012-03-29 13:38:12 +00:00
giovanni
c4a6085cf3 Update to 3.9.5, help and ok naddy@ 2011-05-09 08:14:43 +00:00
jasper
917a1f2f5b Security fix for CVE-2011-1167, libtiff heap-based buffer overflow 2011-03-23 08:08:50 +00:00
jasper
d5d6a98846 Security fix for CVE-2011-0192: buffer overflow in Fax4Decode. 2011-03-19 18:41:05 +00:00
espie
88d20077a4 new depends 2010-11-17 08:05:12 +00:00
espie
5dc31071a8 WANTLIB conversion 2010-11-09 19:00:28 +00:00
espie
0f681543b5 USE_GROFF=Yes 2010-10-18 18:13:12 +00:00
ajacoutot
10e41a8fe3 Fix MASTER_SITES. 
from patrick keshishian
 2010-07-21 06:46:33 +00:00
naddy
12aaddf055 SECURITY: 
Update to 3.9.4, which includes fixes for CVE-2009-2347 and CVE-2010-1411.
 2010-06-30 17:10:07 +00:00
jasper
5bd6d49b4a - SECURITY FIX for CVE-2009-2347 (integer overflows in tiff tools) 
patch taken from upstream bugreport:
http://bugzilla.maptools.org/show_bug.cgi?id=2079

ok ajacoutot@
 2009-07-22 13:15:00 +00:00
jasper
72d0a18369 SECURITY FIX for for SA35515, 
LibTIFF "LZWDecodeCompat()" Buffer Underflow Vulnerability

Patch from upstream bugreport #2065 (committed to CVS).
 2009-06-23 07:49:31 +00:00
naddy
cdd487f6df fix a silly C99-ism to allow building with gcc2 2009-03-07 15:31:57 +00:00
naddy
fab96bfad1 SECURITY fixes for CVE-2006-2656 and CVE-2006-3459 through 3465. 
Man page fixes.

Mostly via FreeBSD.  Approving noises from bernd@ and jasper@
 2008-10-25 09:39:29 +00:00
jasper
2247677749 Security fix for SA31610 
http://secunia.com/advisories/31610
LibTIFF LZW Decoder Buffer Underflow Vulnerability

Patch extracted from Debian's tiff_3.8.2-7+etch1

"looks fine" ajacoutot@
 2008-08-27 18:09:36 +00:00
simon
68a2007cc1 remove surrounding quotes from COMMENT/BROKEN/PERMIT_* 2007-09-15 20:09:40 +00:00
espie
9eafbbfb35 base64 checksums. 2007-04-05 16:19:55 +00:00
espie
9881f499e5 new lib specs 2006-08-03 12:53:18 +00:00
naddy
06de83c3cc SECURITY: 
Prevent sign extension on integer promotion that leads to a buffer overflow.
Minimal fix from upstream CVS.  CVE-2006-2193.
prodded by bernd@
 2006-06-12 17:31:34 +00:00
naddy
b3d4e51b49 update to 3.8.2: bugfix release 2006-03-31 20:38:29 +00:00
espie
c7e0f26245 fix broken manpages, found out because makewhatis was complaining... 2006-03-26 10:45:18 +00:00
naddy
ce1884601e update to 3.8.1 2006-03-18 17:40:02 +00:00
espie
a9df05cec2 more C++ libs bumps. Done thru mail, plus lizards. 2006-01-14 00:07:28 +00:00
steven
46a206179b remove MODGNU_SHARED_LIBS 2006-01-08 00:29:37 +00:00
steven
dd5b94a745 SHARED_LIBS 
ok espie@
 2005-12-27 16:42:43 +00:00