cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
99,015 Commits 1 Branch 0 Tags 544 MiB
219ef0298c
Commit Graph

99015 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
naddy
219ef0298c sync; 9061 2015-03-06 18:37:42 +00:00
jasper
5c36912739 update to jenkins-1.596.1, which fixes some additional bugs 
ok sthen@
 2015-03-03 11:55:58 +00:00
jasper
5f13c84696 update to the latest versions available which fix the security issues mentioned 
here: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27

ok ian@ (MAINTAINER), sthen@
 2015-03-03 07:37:29 +00:00
rpointel
c9568f73a4 Make tortoisehg works with actual version of mercurial. 
from Matthew Clarke (thanks). ok sthen@.
 2015-03-01 14:07:34 +00:00
jca
8db7b9c34e SECURITY update to gnupg-1.4.19 
* Use ciphertext blinding for Elgamal decryption [CVE-2014-3591].
  See http://www.cs.tau.ac.il/~tromer/radioexp/ for details.

* Fixed data-dependent timing variations in modular exponentiation
  [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
   are Practical].

This update introduces additional fixes and features, see

  http://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html

ok sthen@
 2015-03-01 12:12:54 +00:00
ajacoutot
3a46ca9417 SECURITY update to cups-filters-1.0.66. 
ok sthen@
 2015-03-01 09:59:23 +00:00
ajacoutot
5062835772 SECURITY update to libgcrypt-1.6.3. 
CVE-2014-3591, CVE-2015-0837

prodded by "Corey"
ok sthen@
 2015-02-28 09:56:23 +00:00
jca
7158fc4492 Mark as broken for 5.7 
The current samba4 version is affected by several security flaws, so
let's warn future -stable users. (NB: samba4 is not linked to the build
anyway)

ok naddy@ Ian McWilliam (MAINTAINER)
 2015-02-27 17:32:52 +00:00
jca
ce01fb6ded Unbreak tinyca. 
Input from and ok naddy@
 2015-02-27 17:24:44 +00:00
espie
f70b7931a0 zap extra noise, suggested by aja@, okay sthen@ 2015-02-27 12:37:04 +00:00
sthen
163fd909e1 Don't enable audio/opus' fixed-point code on arm; in the current version 
the asm code requires EABI. Retain as a commented-out section as a hint
for future review. Problem reported by Jan Stary, ok naddy@
 2015-02-26 14:56:40 +00:00
jca
a2289bbe46 Add missing daemon_flags and rename manpages conflicting with postfix 
Requested by sthen@.  Also tweak README while here.

Input from and ok ajacoutot@ sthen@
 2015-02-25 15:07:38 +00:00
ajacoutot
b7fea8a2d9 Unbreak ck-launch-session by properly initializing len in get_kinfo_proc(). 
from jmatthew@

No need to call sysctl(3) twice since we know exactly how many
structures it wants back: just one.
from guenther@

While here, drop a bogus chunk.

ok sthen@
 2015-02-25 10:35:06 +00:00
jca
61d1768e72 SECURITY update for CVE-2015-0240 
talloc free on uninitialized stack pointer in netlogon server could lead
to remote-code execution.

  https://www.samba.org/samba/security/CVE-2015-0240
  https://bugzilla.samba.org/show_bug.cgi?id=11077

ok sthen@ naddy@ Ian McWilliam (MAINTAINER)
 2015-02-25 01:37:49 +00:00
bentley
4f3240bad9 Fix backwards memcpy that breaks netplay. 
From Ryan Freeman (MAINTAINER); ok naddy@
 2015-02-24 23:40:02 +00:00
dcoppa
3e56d38030 Revert, we're locked. 
Sorry for the churn!
 2015-02-23 14:26:31 +00:00
dcoppa
e619f249f4 Merge fix from the '0.6.x' maintenance branch: 
window: don't add encrypted prompts to input history
* Passwords are no longer added to the input history.

(git commit e5e61842c5bf610da1b4ceeb52e613dd911040b6)
 2015-02-23 10:16:48 +00:00
nigel
0a8b6c13fd Add dependency WANTLIB for jpeg ok sthen@ 2015-02-22 17:15:17 +00:00
rpe
eb33f29fc2 Update sysutils/ansible to 1.8.4 
- including a security fix for ansible-vault
- and various other bugfixes

OK naddy@ sthen@ landry@ aja@
 2015-02-22 16:49:40 +00:00
sthen
9a2838466f Update to p5-Tk 804.033, fixing segfaults with the majority of programs using 
it (broken since the perl update). All dependent ports build OK, and fixes
crashes in the sample of dep ports that I tested at runtime.

Explicitly list -L${LOCALBASE}/lib so it can find libjpeg, presumably fallout
from the change to avoid /usr/local during perl builds (2014/12/24).

ok afresh1@, naddy@
 2015-02-22 15:27:43 +00:00
sthen
21c3eb8510 Replace an overlapping memcpy with memmove, ok ajacoutot@ naddy@ 2015-02-22 14:46:43 +00:00
robert
9cab0dcef3 Rework how the GPU vendor and device id is detected by using direct calls 
to Mesa. The current solution is based on a diff from jsg@.
Also fix font redering issues with WebKit, with 3rd party TTFs with a
diff from Yoshihisa Matsushita.
 2015-02-22 11:33:57 +00:00
robert
c8ff44bc99 update to 40.0.2214.115 2015-02-22 05:58:34 +00:00
ajacoutot
8ba41e33cd Update to lumina-0.8.2.1424293520. 
- fix a crash with Desktop plugins on OpenBSD
 2015-02-21 05:14:58 +00:00
ajacoutot
14b32f45a9 Bugfix update to colord-1.2.9. 2015-02-21 05:01:57 +00:00
schwarze
fa903a01ac fix the worst syntax and semantic errors to make the manual usable, 
drop USE_GROFF, and bump; issues reported by and OK naddy@
 2015-02-21 00:01:20 +00:00
sthen
cca8e578d4 sync; 9061 2015-02-20 23:29:40 +00:00
naddy
ba76aebe81 drop USE_GROFF for mdoc page 2015-02-20 17:56:07 +00:00
naddy
6e8200ef68 fix typo in mdoc macro name and drop USE_GROFF 2015-02-20 16:55:36 +00:00
robert
efc9a59c3b fix path to zarafa-autorespond 2015-02-20 14:44:42 +00:00
jca
3eb089115c Fix localhost.cf path 
ok ajacoutot@
 2015-02-20 14:39:18 +00:00
dcoppa
ca82f33026 Update to luafs-1.6.3 ; Florian Stinglmayr 
works fine with ldoc and lua-penlight
regression tests all ok
 2015-02-20 08:17:30 +00:00
jasper
962b675bf3 update to elasticsearch-1.4.4 2015-02-20 07:09:18 +00:00
ajacoutot
0dbecbb1b2 Update to hwdata-0.275 and add forgotten file in PLIST. 2015-02-20 04:35:58 +00:00
ajacoutot
2594d3e099 Bump tryton modules to their latest bugfix release. 2015-02-20 04:30:07 +00:00
ajacoutot
0228a3ceb3 Bugfix update to gtkspell3-3.0.7. 
- fix a crasher
 2015-02-20 04:16:20 +00:00
sthen
9d14cb2afe SECURITY update to php-5.4.38, ok robert@ 
CVE-2015-0273 (use-after-free with arbitrary code execution;
https://bugs.php.net/bug.php?id=68942), and various other fixes
 2015-02-19 20:14:55 +00:00
sthen
06ed6cf0fa SECURITY update to php-5.5.22, ok robert@ 
CVE-2015-0273 (use-after-free with arbitrary code execution;
https://bugs.php.net/bug.php?id=68942), and various other fixes
 2015-02-19 20:14:41 +00:00
ajacoutot
18d78e5329 Bugfix update to vino-3.14.2. 
- Handle closed signal properly on notification prompt
 2015-02-19 18:38:32 +00:00
espie
87154de247 fix fucked-up update. gnupg-1 and gnupg-2 are not allowed to conflict! 
this breaks the bulk builds.
 2015-02-19 18:18:30 +00:00
dcoppa
e5cf1d752b Update to youtube-dl-2015.02.19.2 2015-02-19 14:34:15 +00:00
sthen
a0c780fe5c bugfix update to squid-3.4.12, including several crashes with debugging, 
and fix silent SSL/TLS failure on "split-stack" OS (i.e. using different
sockets for v4/v6, like us)
 2015-02-19 14:30:29 +00:00
naddy
efaadf857b requires nroff to build cmds.doc 2015-02-19 12:42:06 +00:00
dcoppa
1830f36b76 Bugfixing update to mlterm-3.4.3 2015-02-19 09:33:45 +00:00
giovanni
899b3fddc6 honours CFLAGS and remove an old comment on a patch 
diff by Donovan Watteau
ok sthen@
 2015-02-19 08:01:59 +00:00
sthen
ebab207e7e update to BIND 9.10.2P2 
On servers configured to perform DNSSEC validation using managed
   trust anchors (i.e., keys configured explicitly via managed-keys, or
   implicitly via dnssec-validation auto; or dnssec-lookaside auto;),
   revoking a trust anchor and sending a new untrusted replacement could
   cause named to crash with an assertion failure.  This could occur in
   the event of a botched key rollover, or potentially as a result of a
   deliberate attack if the attacker was in position to monitor the
   victim's DNS traffic.  This flaw was discovered by Jan-Piet Mens, and
   is disclosed in [CVE-2015-1349] [RT #38344] (**)
 2015-02-18 22:49:44 +00:00
sthen
cfd95932fd Adjust the "meta" rc-scripts (these are used in ports with multiple daemons 
which should all be started/stopped together), previously "restart" would
restart each sub-daemon in turn, but actually it should stop all daemons
and only then start them again. Additionally, as suggested by ajacoutot,
stop the procedure and return an error if stopping one of the rc scripts
failed.  ok ajacoutot@ rpe@

(as done for a couple of other ports; bacula was actually the one I wanted
to fix this on but missed the earlier commit ;)
 2015-02-18 20:55:11 +00:00
naddy
e63637c54c drop USE_GROFF from this BROKEN port, too 2015-02-18 20:00:21 +00:00
naddy
8766820654 fix roff errors that were eating some text; drop USE_GROFF 2015-02-18 18:06:59 +00:00
naddy
a4681cfd5f Drop USE_GROFF from this IGNOREd port, too. 2015-02-18 17:58:26 +00:00