cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
95,410 Commits 1 Branch 0 Tags 544 MiB
4088f45def
Commit Graph

174 Commits

Author SHA1 Message Date
sthen
f9b16f1900 In libxml, use arc4random instead of rand_r for hash bucket randomization. 
Avoids triggering APIWARN for its many dependencies. ok/tweaks ajacoutot@ (on
earlier version), jca@
 2014-05-29 13:40:51 +00:00
jasper
6647870f6b Security fix for CVE-2014-0191 
external parameter entity loaded when entity substitution is disabled

pointed out by aja@
 2014-05-12 07:48:35 +00:00
jasper
4c2b741e35 use correct variable in FAKE_FLAGS, so we can drop a chunk from the patch 2014-03-09 19:54:45 +00:00
jasper
cb39815aaa - update libxml to 2.9.1 
tested in a bulk by landry@, thanks!
ok aja@
 2013-09-25 12:32:22 +00:00
miod
63fffecb3a No __builtin_clzll unless gcc >= 3.4; gives this a chance to build with gcc 3.3. 2013-08-19 16:00:10 +00:00
naddy
792c32ed74 remove some gcc2 workarounds 2013-08-07 16:49:36 +00:00
espie
3b83b6ddb6 give it a chance on gcc < 3... 2013-06-30 10:12:14 +00:00
sthen
f1ca092d73 Backport security fixes from libxml upstream: 
https://secunia.com/advisories/53061/
https://bugzilla.gnome.org/show_bug.cgi?id=690202

ok ajacoutot@
 2013-04-17 13:55:42 +00:00
sthen
6dd623e6b9 update to libxml 2.9.0, ok ajacoutot@ 2013-04-14 23:22:04 +00:00
ajacoutot
58f1a6f9f6 USE_LIBTOOL=Yes is the default now. 2013-03-21 08:45:11 +00:00
espie
eae66e4a7b PERMIT_* / REGRESS->TEST sweep 2013-03-11 11:35:43 +00:00
jasper
82fea34cab - update to libxml-2.8.0 
tested on amd64, sparc64, mips64el and powerpc.
ok aja@
 2012-09-30 12:22:05 +00:00
naddy
1663a22640 no need for groff 2012-08-05 00:16:50 +00:00
jasper
249155d82f Security fix for SA49177, 
Libxml2 "xmlXPtrEvalXPtrPart()" Off-By-One Vulnerability

Patch from upstream git

ok aja@
 2012-05-18 13:25:46 +00:00
sthen
56be85e0e1 missed REVISION bump; pointed out by pascal@, thanks! 2012-02-23 12:37:46 +00:00
sthen
273c75eb1b apply a fix for CVE-2012-0841 to libxml. ok ajacoutot@ 
"certain XML parsers/servers are affected by the same, or similar,
flaw as the hash table collisions CPU usage denial of service.
Sending a specially crafted message to an XML service can result
in longer processing time, which could lead to a denial of service.
It is reported that this attack on XML can be applied on different
XML nodes (such as entities, element attributes, namespaces, various
elements in the XML security, etc.)."
 2012-02-23 09:39:00 +00:00
ajacoutot
a2bd8e17dc Bring some patches from upstream repo to fix the following CVE: 
CVE-2011-0216 - Off-by-one error
CVE-2011-2821 - Double free vulnerability
CVE-2011-2834 - Double free vulnerability
CVE-2011-3905 - DOS (out-of-bounds read) via unspecified vectors
CVE-2011-3919 - Heap-based buffer overflow

ok sthen@
 2012-01-23 10:17:49 +00:00
jasper
dc77888463 Security fix for CVE-2011-2821 and CVE-2011-2834, 
Libxml2 Two XSLT Double Free Vulnerabilities

Patches from upstream.
 2011-10-30 12:35:16 +00:00
espie
82d351bc74 use bsd.port.arch.mk 2011-10-02 08:18:04 +00:00
espie
46d3548829 normalize pkgpath 2011-09-16 11:41:38 +00:00
jasper
e930168a83 - fix patch names, no binary change 
- add missing rcs ids
 2011-07-08 09:52:50 +00:00
jasper
3b3f7eec16 bump after default python version switch 2011-06-08 18:09:58 +00:00
sthen
d71dd2a4c3 add http MASTER_SITES, remove MASTER_SITE_GNOME as they only have 2.6 releases 2011-06-03 10:12:15 +00:00
gsoares
cba05c375f Security Fix for SA44711, Libxml2 XPath Nodeset Processing Vulnerability. 
OK sthen@, "Yep, please go ahead" jasper@
 2011-06-01 17:31:21 +00:00
jasper
0f0605e729 Security fix for CVE-2010-4494, 
Libxml2 XPath Double Free Vulnerability

Patch from upstream git.
 2010-12-28 10:53:02 +00:00
espie
733eeeedb6 I don't know if the removal of versioning was intentional, but this is 
definitely NOT the same library.
 2010-11-21 12:25:49 +00:00
espie
811d94d9d6 new depends 2010-11-20 19:56:47 +00:00
jasper
3744502856 - bugfix update of libxml to 2.7.8 
ok aja@, landry@ (who also tested it in a bulk, thanks)
 2010-11-15 09:54:11 +00:00
jasper
de44b59fed - some WANTLIB/LIB_DEPENDS/REVISION cleaning 2010-11-10 22:44:03 +00:00
espie
dcdfee948c convert libiconv to new wantlib 2010-11-06 10:18:38 +00:00
sthen
3b2bbaacc0 Add MODPY_WANTLIB, adjust MODPY_LIB_DEPENDS to new-style LIB_DEPENDS, 
update all ports to match. Plists don't change -> no bump.
Looks ok to jasper.
 2010-10-24 15:53:55 +00:00
espie
dcaa846fde USE_GROFF=Yes 2010-10-19 07:54:21 +00:00
jasper
7ea4dc8f15 - missed these while bumping. 
spotted by markus lude.
 2010-08-31 14:35:25 +00:00
jasper
201e6faa0a Might as well bump. Bump! 2010-08-30 21:47:15 +00:00
jasper
a695901f36 - previous didn't work out. so python ought to be fixed instead.. 2010-01-04 14:13:51 +00:00
jasper
9aa3caa07a - let libxml build on mips64 too. 2010-01-03 22:39:08 +00:00
steven
210b01fbaf update to 2.7.6 2009-10-11 10:39:42 +00:00
sthen
9c33cbf851 SECURITY; add a patch to fix CVE-2009-2414 and CVE-2009-2416, 
from Daniel Veillard via redhat bug 515195. Add @bin markers to
PLIST while there.  ok jasper@
 2009-08-13 09:29:47 +00:00
ajacoutot
2c5f8a533a CONFIGURE_ENV += PYTHON="${MODPY_BIN}" is inherited from the python module 2009-04-26 11:01:04 +00:00
bernd
acb6b0a04f bump for python dependencies 2009-03-11 16:14:08 +00:00
sthen
c8f7742685 bump PKGNAME-python, missed when I bumped PKGNAME-main following 
libc/libm changes.  Pointed out by Markus Bergkvist, thanks!
 2009-01-04 11:08:01 +00:00
naddy
ec4d137d7a Fix two integer overflows. CVE-2008-4225, CVE-2008-4226. 
ok ajacoutot@, simon@
 2008-11-23 18:49:42 +00:00
sthen
323cf44154 shared library and PKGNAME bumps due to use of isinf/isnan/nan 
following libc/libm changes
 2008-07-25 20:25:59 +00:00
martynas
9ff4557468 There's a fine utility in base, called ftp. There's no reason at 
all that some of the ports RUN_DEPEND on wget.
"Nice!" naddy@, who also went even further and made libxml not
BUILD_DEPEND on wget.
 2008-06-20 10:49:42 +00:00
ajacoutot
66856ad8b0 - install html devhelp files 
"looks ok" steven@
 2008-06-01 14:56:06 +00:00
steven
28437252b2 update to 2.6.32 2008-05-06 18:53:01 +00:00
jasper
ffefbd4fb2 - add missing BUILD_DEPENDS on wget 
(specifically in a seperate commit of the security fix)

spotted by sthen@, thanks!
 2008-04-01 11:36:24 +00:00
jasper
7585a37f8e SECURITY FIX for http://secunia.com/advisories/28444/ 
Libxml2 UTF-8 Parsing Denial of Service Vulnerability

Patch taken from upstream author.

testing and ok simon@ sthen@
 2008-04-01 11:34:16 +00:00
espie
9ca2e064cf do the same thing with REGRESS_FLAGS as FAKE_FLAGS 2008-01-04 18:38:51 +00:00
steven
9bfed1ac43 bump PKGNAME after python version switch 2007-10-08 08:22:38 +00:00