cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
63,453 Commits 1 Branch 0 Tags 554 MiB
4cc1d05442
Commit Graph

63453 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
jasper
4cc1d05442 Security fix for CVE-2011-0017 
Patch extracted from exim 3.74.

ok fkr@ (MAINTAINER), sthen@, ajacoutot@
 2011-02-07 16:01:26 +00:00
fgsch
f11ddf0d97 Unbreak hfsplus. Add libtool to BUILD_DEPENDS as requested by ajacoutot@. 
ok ajacoutot@
 2011-02-06 16:03:55 +00:00
ian
5eb3a84fc6 Security Fix for DoS caused by very small subnormal double, found by Konstantin Preisser 
at http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/.
Fix from https://bugs.openjdk.java.net/show_bug.cgi?id=100119.
Ok kurt@ (maintainer), ok & comments sthen@, ok naddy@, aja@.
 2011-02-05 23:11:17 +00:00
sthen
84c285a372 SECURITY update to 1.3.07.11 - CVE-2011-0520 
The compress_add_dlabel_points function in dns/Compress.c in MaraDNS 1.3.x
allows remote attackers to cause a denial of service (segmentation fault)
and possibly execute arbitrary code via a long DNS hostname with a large
number of labels, which triggers a heap-based buffer overflow.

From Brad, ok aja@
 2011-02-05 09:23:52 +00:00
jasper
c9765e187e Security fix for CVE-2011-0020, 
Pango "pango_ft2_font_render_box_glyph()" Buffer Overflow Vulnerability

testing ok sthen@ ajacoutot@
 2011-02-04 18:33:20 +00:00
jasper
f4f02ebd11 - add back a chunk that was removed with the last update; ecore would pickup 
Cocoa.h from gnustep-gui by accident and break the build later on.

ok aja@
 2011-02-04 17:06:38 +00:00
stephan
55eedb8bbe security update to 3.9, addresses SA-CONTRIB-2011-002 (XSS), see 
http://drupal.org/node/1024972 for details.
"These are security things that need to go in before the lock. So commit with my OK." jasper@, maintainer timeout.
 2011-02-04 10:28:01 +00:00
stephan
ef44e77bb0 update to 1.8 as a prerequisite for a security update of www/drupal6/panels. 
"These are security things that need to go in before the lock. So commit it with my OK." jasper@
 2011-02-04 10:22:16 +00:00
robert
1c272110c2 Disable on amd64, because it does not work. 
After unlock a chrome update will come...

ok ajacoutot@, sthen@ and requested by many people
 2011-02-03 10:31:12 +00:00
pea
690155971b Unbreak the pfctl completion. 
Spotted by Brad Kalbaugh

ok ajacoutot@
 2011-02-03 08:56:14 +00:00
jakemsr
ea82525963 the USB_DEVICEINFO ioctl only requires read access to the usb bus. 
open the bus with O_RDONLY instead of O_RDWR to not require write
permission.

ok ajacoutot@
 2011-02-02 21:56:03 +00:00
landry
a9eecce2c2 Grab patch from pkgsrc PR43974 to make majordomo work with perl 5.12. 
(split doesn't return @_ anymore)
Reported by Witek Handzlik on ports@
While here, remove dhartmei@ from MAINTAINER.
ok sthen@ dcoppa@
 2011-02-02 20:15:48 +00:00
pea
6c67d07d32 Update to 9.0.3. 
+ CVE fix (CVE-2010-4015)
+ fix nasty behavior:
  - Before exiting walreceiver, ensure all the received WAL is fsync'd to disk.
    Otherwise the standby server could replay some un-synced WAL, conceivably leading
    to data corruption if the system crashes just at that point.
  - Make ALTER TABLE revalidate uniqueness and exclusion constraints when needed

Tested in a bulk by landry@

ok ajacoutot@, landry@, sthen@
 2011-02-02 14:10:45 +00:00
ajacoutot
77403fc962 SECURITY: fix a remote code execution vulnerability issue with the 
Mastroska container support (VideoLAN-SA-1102).

from Brad (maintainer)
ok sthen@
 2011-02-02 09:34:23 +00:00
sthen
063d8730bb Update mcast fix in line with changes made to ports/emulators/qemu. 
From Brad, ok aja@
 2011-02-02 09:30:11 +00:00
landry
86bb310ea2 Apply same fix as in thunar-archive to fix build on a box where 
thunar-vfs is not installed. Remove the check in configure.
Update patch-thunar-plugin_audio-tags-page_c while here.
ok ajacoutot@.
 2011-02-02 08:41:30 +00:00
giovanni
8105c2a9b4 Fix gnome subpackage lib dependencies 
ok ajacoutot@ sthen@
 2011-02-01 13:47:04 +00:00
sthen
dfbcf7b8c6 Don't try and unconditionally use asm instructions to read the TSC 
for performance-debugging printf()s. (post-unlock, updating darktable
to a newer version should fix this in a better way).

Build failure on macppc reported by ajacoutot@ (though it affects
other arch too). ok ajacoutot@
 2011-01-31 23:20:23 +00:00
landry
a43aa001da Other patches remove references to thunar-vfs, but configure still 
checks for it. Remove the check from configure so that it builds fine on
a box where thunar-vfs is not installed.
ok ajacoutot@
 2011-01-31 15:34:23 +00:00
naddy
03f208dc46 Fix a segfault in rTorrent when running a large number of torrents. 
From Tobias Ulmer; ok espie@
 2011-01-31 14:59:38 +00:00
naddy
ffa3232502 sync, 6852 2011-01-31 13:59:53 +00:00
ajacoutot
0816c5205a Unbreak on powerpc by moving to new DEPENDS style. 
ok espie@ landry@
 2011-01-30 09:38:41 +00:00
landry
1c74338058 Fix an unaligned access on sparc64 leading to random crashes when 
mozilla tries to read a malformed ICC profile on random image content
found on the web.
backport of http://hg.mozilla.org/mozilla-central/rev/e8207773d54d
ref: https://bugzilla.mozilla.org/show_bug.cgi?id=629057
issue reported and fix found by naddy@
ok naddy@ ajacoutot@
 2011-01-28 21:38:12 +00:00
ratchov
373155557e revert latest commit 2011-01-28 10:36:09 +00:00
ratchov
66a43ec149 update to 1.0.6, fixes timer overflows during suspend/continue cycles 2011-01-28 10:29:28 +00:00
sthen
e252552d65 - fix multicast virtual networks; setsockopt(SOL_IP, IP_MULTICAST_LOOP) 
takes a u_char, not int as in the 0.13.0 qemu code. from mcbride@ with
name change by fgsch@.

- fix copy-and-pasto in the sample qemu-ifdown script resulting in
tun interface not being removed and errors when qemu closes. from me.

ok mcbride@(first part) fgsch@ ajacoutot@ landry@
 2011-01-26 13:51:43 +00:00
ajacoutot
223ba194c4 Brought to you by the king of slack! 
Manually removing TABs is an exhausting job, so make the analyse
function output compatible for copy/paste into a port Makefile.

"yes yes yes" sthen@
ok landry@ espie@
 2011-01-26 12:53:46 +00:00
robert
5c993e6644 Update to 3.3.0.4 which is the stable release of LibreOffice. 
This has been discussed to be commited before the lock.

ok espie@, ajacoutot@
 2011-01-26 10:49:02 +00:00
jakemsr
6d4bede5b6 allow libusb to find ugen(4) devices without needing to access 
the bus.

ok espie@
 2011-01-25 21:04:16 +00:00
sthen
249f7be968 update and patch appkonference to work with asterisk 1.8. 
spotted by and diff ok with naddy@
 2011-01-24 08:23:27 +00:00
espie
058b0021ca register directories properly for check-common-dirs 
common work with robert@
 2011-01-23 13:31:11 +00:00
naddy
bba1b6bb06 don't install header file outside fake area; ok espie@ 2011-01-22 19:59:14 +00:00
robert
947c6e192b It seems that this commit did not get cherry-picked to the stable branch 
of LibreOffice so add the patch here that fixes the no_java flavor build.
Noticed by espie@
 2011-01-22 11:42:37 +00:00
ajacoutot
528cfe5b3c SECURITY: Handle early termination properly in StripTags. 
from Brad
ok sthen@
 2011-01-22 09:10:22 +00:00
jeremy
be40d18596 Fix zlib ffi driver on 32-bit big endian platforms. Fixes gem 
installation on macppc.  Thanks to ajacoutot@ for access to a macppc
machine.

OK ajacoutot@, jasper@
 2011-01-21 16:36:53 +00:00
sebastia
9430082d68 Fix build of bash on static archs. 
OK jasper@
 2011-01-21 11:25:03 +00:00
landry
7453988da2 Fix build when automake-1.9 is installed. add it to BUILD_DEPENDS, and 
add gnu libtool too since it needs autofoo makros, and thus set
USE_LIBTOOL. Barf.
failure reported by jasper@
 2011-01-21 10:23:43 +00:00
sthen
9613b75ab6 SECURITY update (for real this time) to 1.8.2.2; no other changes. 
"Due to a failed merge, Asterisk 1.8.2.1 which should have included
the security fix did not. Asterisk 1.8.2.2 contains the the changes
which should have been included in Asterisk 1.8.2.1."  ok ajacoutot@
 2011-01-20 21:44:54 +00:00
dcoppa
bb19e7888d An argument was forgotten in the getopt_long() call. 
Bugfix from upstream git

Ok jasper@
 2011-01-20 21:17:15 +00:00
naddy
991b1ede51 bump epoch, we need to be newer than pidgin-otr-20070506 2011-01-20 18:55:44 +00:00
jasper
c710e094bc - don't install regression tests, fixes conflict with py-cssutils 2011-01-20 18:55:17 +00:00
sthen
9412bacbc5 Cherrypicked diff from svn; fix the internal implementation of htonll/ntohll 
which was incorrect and would cause IAX interoperation to break. ok jasper@
 2011-01-20 16:26:26 +00:00
sthen
84291d928e add an rc script for nrpe; ok ajacoutot@ 2011-01-20 14:04:42 +00:00
sthen
6d0528957b add an rc script for nagios; ok ajacoutot@ 2011-01-20 14:04:33 +00:00
landry
6e676f1b3f Mark as BROKEN on amd64, it never managed to build in all my bulk 
builds.. jasper@ agrees.
 2011-01-20 00:23:06 +00:00
jasper
0c934b7b33 - move some files to PFRAG.native. 
spotted by landry@ on sparc64
 2011-01-19 23:36:18 +00:00
landry
23bb2cd49d Amend patch now that strptime supports %F and %z, but keep the part 
removing 'timezone' extern which we don't seem to have.
reminded by jasper@
 2011-01-19 23:26:51 +00:00
stu
85ad3659e7 Adjust for author screwups; remove now no longer needed patch. Ok landry@. 2011-01-19 23:25:18 +00:00
stu
d9c40afc0d Eagle is now also on sf; a more reliable place for the distfile. 2011-01-19 23:22:05 +00:00
landry
386080f342 Small tweak.. stop lying and pretend there's a gnu configure script, 
gigolo uses plain waf. pass --mandir through CONFIGURE_ARGS.
 2011-01-19 23:15:36 +00:00