cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
101,871 Commits 1 Branch 0 Tags
Commit Graph

1114 Commits

Author SHA1 Message Date
juanfra
2a990c0463 Update to lziprecover 1.17. 2015-06-09 11:40:51 +00:00
juanfra
f11c01ccde Update to lunzip 1.7. 2015-06-06 21:34:01 +00:00
juanfra
c798abe9c5 Update to pdlzip 1.6. 2015-06-05 11:42:55 +00:00
robert
9c1017ae2d bump revision due to the change of the default php version to 5.6 
ok aja@
 2015-06-05 06:00:20 +00:00
ajacoutot
1ba1807e46 +gcab 2015-05-27 06:49:24 +00:00
ajacoutot
096d3b814d Import gcab-0.6. 
GObject library to create cabinet files.

ok robert@
 2015-05-27 06:47:59 +00:00
ajacoutot
a183b75553 "/usr/local/lib/pkgconfig/" is part of mtree(8). 
Packages should not own this dir to prevent its deletion or a warning that it
cannot be removed because it's not empty at pkg_delete(1) time.
 2015-05-22 11:31:10 +00:00
jasper
7e7ecc3b15 remove another bunch of @rm -f, some of which were hiding the arguments no 
longer existed
 2015-05-18 11:29:37 +00:00
sthen
fe84f97f78 update to lz4-r129 2015-05-15 15:32:00 +00:00
ajacoutot
fe9bf95b16 +unzip,iconv 2015-05-11 23:07:21 +00:00
jasper
89d6207e73 update to libzip-1.0.1 2015-05-11 21:22:19 +00:00
czarkoff
c0c449206d consistent spacing 
OK sthen@
 2015-05-11 21:22:06 +00:00
czarkoff
87e407f2c6 add "iconv" flavor 
OK sthen@, stsp@
 2015-05-11 21:19:23 +00:00
jasper
00c8abbfa6 update to deco-1.6.3/deco-archive-1.6 2015-05-11 20:31:13 +00:00
sthen
764d4a86fe add some missing pthread to WANTLIB 
(using modified portbump, thanks zhuk@)

"exciting" one in databases/py-sqlalchemy; port had a bad PKG_ARCH=* line
and also contained .so modules.
 2015-04-21 18:40:20 +00:00
jca
b9a00f3919 Fold long line. 2015-04-19 17:53:59 +00:00
jca
5500f89cc2 Fix incorrect logic leading to a fatal assert when using the -q flag. 
Ports patch from Mikolaj Kucharski, source patch from Debian
(https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=299658),
upstream issue: http://sourceforge.net/p/parchive/bugs/37/
 2015-04-19 17:52:47 +00:00
naddy
d8f86af3c9 update to upstream tarball 5.2.7, still labeled version 5.21 2015-04-10 20:32:12 +00:00
naddy
074951595a update to 3.1.2; with jasper@ 2015-04-04 11:05:19 +00:00
sthen
9500439bfe Patch libzip for CVE-2015-2331; int overflow leading to a heap overflow. 
Upstream's patch depends on other changes; for us, we can simplify things
and just use reallocarray.
 2015-04-03 18:20:49 +00:00
naddy
4946712c9c update to 5.21 2015-04-03 11:58:51 +00:00
naddy
81691e03a5 Security fix for 
CVE-2015-2063: buffer overflow when reading bogus file headers

The header parser was not checking if it had read enough data when
trying to parse the header from memory, causing it to accept files
with headers smaller than expected.

From Debian
 2015-04-03 11:26:26 +00:00
naddy
b522e1f179 maintenance update to 5.2.1 and enable multi-threading; mostly from brad@ 2015-03-31 18:00:23 +00:00
naddy
c1d595ad3d CVE-2014-9112: Heap-based buffer overflow in the process_copy_in 
function allows remote attackers to cause a denial of service via
a large block value in a cpio archive.
Fix from a series of upstream commits by Sergey Poznyakoff, via Debian.

CVE-2015-1197: cpio, when using the --no-absolute-filenames option,
allows local users to write to arbitrary files via a symlink attack
on a file in an archive.
Fix from Vitezslav Cizek after 3.5 years of gestation in the SUSE
bug tracker, via Debian.

Also apply an upstream fix for some regression tests while here.
 2015-03-31 15:36:52 +00:00
benoit
a5bcb4ccdc Update to p5-PerlIO-gzip-0.19. 2015-03-29 09:23:49 +00:00
juanfra
d7718fd83f Update to p7zip 9.38.1. From Josh Grosse (MAINTAINER). 2015-03-16 17:20:40 +00:00
juanfra
916d6eef26 Update to pigz 2.3.3. From Thomas Pfaff (MAINTAINER). 2015-03-16 16:26:15 +00:00
sthen
63f1718ad8 update to lzo2-2.09 and take MAINTAINER 2015-03-16 09:40:10 +00:00
benoit
8995b4a1a1 Update to p5-Compress-Bzip2-2.22. 2015-03-15 17:45:11 +00:00
naddy
2235cd4981 switch from "-static" to "${STATIC}, i.e., build static PIE executables 
on most archs
 2015-03-14 20:52:46 +00:00
sthen
864bbedd53 Fix directory-traversal vulnerability involving long UTF-8 encodings. 
Nice write-up at http://www.openwall.com/lists/oss-security/2015/02/18/3
 2015-02-18 13:04:09 +00:00
naddy
eae40dae37 Security fixes: 
CVE-2014-8139: CRC32 verification heap-based overflow
CVE-2014-8140: out-of-bounds write issue in test_compr_eb()
CVE-2014-8141: out-of-bounds read issues in getZip64Data()
CVE-2014-9636: out-of-bounds read/write in test_compr_eb()

Via Debian; ok sthen@
 2015-02-06 21:37:04 +00:00
sthen
3ad6c95bf2 Force a WANTLIB on libc for ports linked statically, to ensure they get updated 
following major updates in base. kurt is ok with this approach. ok naddy
 2015-02-04 21:16:11 +00:00
sthen
4e81609896 update to cabextract 1.5, embedded copy of libmspack is updated for 
security fixes (see recent commit to archivers/libmspack), additionally
cabextract now replaces bad Unicode characters in filenames with the
standard Unicode replacement character.
 2015-02-04 09:51:53 +00:00
sthen
34c7f77418 update to libmspack 0.5alpha (part 2: cvs didn't see the patches/ dir) 
null pointer dereference on a crafted CAB:
- https://bugs.debian.org/774665

CHM decompression: division by zero
- https://bugs.debian.org/774725

CHM decompression: pointer arithmetic overflow
- https://bugs.debian.org/774726

off-by-one buffer over-read in mspack/mszipd.c
- https://bugs.debian.org/775498

off-by-one buffer under-read in mspack/lzxd.c
- https://bugs.debian.org/775499

CHM decompression: another pointer arithmetic overflow
- https://bugs.debian.org/775687
 2015-02-04 09:46:37 +00:00
sthen
82408b2659 update to libmspack 0.5alpha 
null pointer dereference on a crafted CAB:
 - https://bugs.debian.org/774665

CHM decompression: division by zero
 - https://bugs.debian.org/774725

CHM decompression: pointer arithmetic overflow
 - https://bugs.debian.org/774726

off-by-one buffer over-read in mspack/mszipd.c
 - https://bugs.debian.org/775498

off-by-one buffer under-read in mspack/lzxd.c
 - https://bugs.debian.org/775499

CHM decompression: another pointer arithmetic overflow
 - https://bugs.debian.org/775687
 2015-02-04 09:45:49 +00:00
jasper
c040a5f602 Security fix for CVE-2014-9556 2015-01-30 13:34:40 +00:00
juanfra
01ae7e1736 Update to plzip 1.3. 2015-01-24 20:32:59 +00:00
bentley
87cea09896 Remove Kevin Lo as maintainer, by request. 
While here, fix a couple of license markers.
 2015-01-21 06:13:46 +00:00
benoit
88db489dea Update to p5-Compress-Bzip2-2.20. 2015-01-16 07:53:22 +00:00
brad
757220d9ce Update to xz 5.2.0. 
ok naddy@
 2015-01-12 22:07:17 +00:00
sthen
9b2c4a4676 update to lz4 r127 2015-01-12 15:23:09 +00:00
bcallah
2f30aef1e8 Bugfix update to 0.7.1 - marble (it's only dependent) compiles/runs ok. 2015-01-10 05:00:40 +00:00
rpe
bdf559dc2f Remove mirror.switch.ch from MASTER_SITES. 
OK sthen@
 2014-12-09 22:51:35 +00:00
rpe
c01550032f Update p5-Archive-Extract to 0.74 
OK sthen@
 2014-12-09 22:47:47 +00:00
zhuk
a70b2d603a Make sure Qt4 is picked up, not Qt5. No package change. 
okay bcallah@ (MAINTAINER)
 2014-12-09 18:55:42 +00:00
kili
52db5b1530 Remove dependencies on devel/hs-haskeline and devel/hs-transformers, 
to unbreak ports like databases/sqlports (noticed by naddy).

plist changes and bumps included, but a little bit pointless (the
ports are still unbuildable).
 2014-12-03 21:56:43 +00:00
kili
ad6ebe9b7d Update dependencies and plists and bump. 2014-11-25 22:11:02 +00:00
kili
8c5512f8e3 Update plist. 2014-11-22 20:29:53 +00:00
jca
11147a18ea +innoextract 2014-11-21 19:05:09 +00:00