cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
99,002 Commits 1 Branch 0 Tags 544 MiB
61d1768e72
Commit Graph

99002 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
jca
61d1768e72 SECURITY update for CVE-2015-0240 
talloc free on uninitialized stack pointer in netlogon server could lead
to remote-code execution.

  https://www.samba.org/samba/security/CVE-2015-0240
  https://bugzilla.samba.org/show_bug.cgi?id=11077

ok sthen@ naddy@ Ian McWilliam (MAINTAINER)
 2015-02-25 01:37:49 +00:00
bentley
4f3240bad9 Fix backwards memcpy that breaks netplay. 
From Ryan Freeman (MAINTAINER); ok naddy@
 2015-02-24 23:40:02 +00:00
dcoppa
3e56d38030 Revert, we're locked. 
Sorry for the churn!
 2015-02-23 14:26:31 +00:00
dcoppa
e619f249f4 Merge fix from the '0.6.x' maintenance branch: 
window: don't add encrypted prompts to input history
* Passwords are no longer added to the input history.

(git commit e5e61842c5bf610da1b4ceeb52e613dd911040b6)
 2015-02-23 10:16:48 +00:00
nigel
0a8b6c13fd Add dependency WANTLIB for jpeg ok sthen@ 2015-02-22 17:15:17 +00:00
rpe
eb33f29fc2 Update sysutils/ansible to 1.8.4 
- including a security fix for ansible-vault
- and various other bugfixes

OK naddy@ sthen@ landry@ aja@
 2015-02-22 16:49:40 +00:00
sthen
9a2838466f Update to p5-Tk 804.033, fixing segfaults with the majority of programs using 
it (broken since the perl update). All dependent ports build OK, and fixes
crashes in the sample of dep ports that I tested at runtime.

Explicitly list -L${LOCALBASE}/lib so it can find libjpeg, presumably fallout
from the change to avoid /usr/local during perl builds (2014/12/24).

ok afresh1@, naddy@
 2015-02-22 15:27:43 +00:00
sthen
21c3eb8510 Replace an overlapping memcpy with memmove, ok ajacoutot@ naddy@ 2015-02-22 14:46:43 +00:00
robert
9cab0dcef3 Rework how the GPU vendor and device id is detected by using direct calls 
to Mesa. The current solution is based on a diff from jsg@.
Also fix font redering issues with WebKit, with 3rd party TTFs with a
diff from Yoshihisa Matsushita.
 2015-02-22 11:33:57 +00:00
robert
c8ff44bc99 update to 40.0.2214.115 2015-02-22 05:58:34 +00:00
ajacoutot
8ba41e33cd Update to lumina-0.8.2.1424293520. 
- fix a crash with Desktop plugins on OpenBSD
 2015-02-21 05:14:58 +00:00
ajacoutot
14b32f45a9 Bugfix update to colord-1.2.9. 2015-02-21 05:01:57 +00:00
schwarze
fa903a01ac fix the worst syntax and semantic errors to make the manual usable, 
drop USE_GROFF, and bump; issues reported by and OK naddy@
 2015-02-21 00:01:20 +00:00
sthen
cca8e578d4 sync; 9061 2015-02-20 23:29:40 +00:00
naddy
ba76aebe81 drop USE_GROFF for mdoc page 2015-02-20 17:56:07 +00:00
naddy
6e8200ef68 fix typo in mdoc macro name and drop USE_GROFF 2015-02-20 16:55:36 +00:00
robert
efc9a59c3b fix path to zarafa-autorespond 2015-02-20 14:44:42 +00:00
jca
3eb089115c Fix localhost.cf path 
ok ajacoutot@
 2015-02-20 14:39:18 +00:00
dcoppa
ca82f33026 Update to luafs-1.6.3 ; Florian Stinglmayr 
works fine with ldoc and lua-penlight
regression tests all ok
 2015-02-20 08:17:30 +00:00
jasper
962b675bf3 update to elasticsearch-1.4.4 2015-02-20 07:09:18 +00:00
ajacoutot
0dbecbb1b2 Update to hwdata-0.275 and add forgotten file in PLIST. 2015-02-20 04:35:58 +00:00
ajacoutot
2594d3e099 Bump tryton modules to their latest bugfix release. 2015-02-20 04:30:07 +00:00
ajacoutot
0228a3ceb3 Bugfix update to gtkspell3-3.0.7. 
- fix a crasher
 2015-02-20 04:16:20 +00:00
sthen
9d14cb2afe SECURITY update to php-5.4.38, ok robert@ 
CVE-2015-0273 (use-after-free with arbitrary code execution;
https://bugs.php.net/bug.php?id=68942), and various other fixes
 2015-02-19 20:14:55 +00:00
sthen
06ed6cf0fa SECURITY update to php-5.5.22, ok robert@ 
CVE-2015-0273 (use-after-free with arbitrary code execution;
https://bugs.php.net/bug.php?id=68942), and various other fixes
 2015-02-19 20:14:41 +00:00
ajacoutot
18d78e5329 Bugfix update to vino-3.14.2. 
- Handle closed signal properly on notification prompt
 2015-02-19 18:38:32 +00:00
espie
87154de247 fix fucked-up update. gnupg-1 and gnupg-2 are not allowed to conflict! 
this breaks the bulk builds.
 2015-02-19 18:18:30 +00:00
dcoppa
e5cf1d752b Update to youtube-dl-2015.02.19.2 2015-02-19 14:34:15 +00:00
sthen
a0c780fe5c bugfix update to squid-3.4.12, including several crashes with debugging, 
and fix silent SSL/TLS failure on "split-stack" OS (i.e. using different
sockets for v4/v6, like us)
 2015-02-19 14:30:29 +00:00
naddy
efaadf857b requires nroff to build cmds.doc 2015-02-19 12:42:06 +00:00
dcoppa
1830f36b76 Bugfixing update to mlterm-3.4.3 2015-02-19 09:33:45 +00:00
giovanni
899b3fddc6 honours CFLAGS and remove an old comment on a patch 
diff by Donovan Watteau
ok sthen@
 2015-02-19 08:01:59 +00:00
sthen
ebab207e7e update to BIND 9.10.2P2 
On servers configured to perform DNSSEC validation using managed
   trust anchors (i.e., keys configured explicitly via managed-keys, or
   implicitly via dnssec-validation auto; or dnssec-lookaside auto;),
   revoking a trust anchor and sending a new untrusted replacement could
   cause named to crash with an assertion failure.  This could occur in
   the event of a botched key rollover, or potentially as a result of a
   deliberate attack if the attacker was in position to monitor the
   victim's DNS traffic.  This flaw was discovered by Jan-Piet Mens, and
   is disclosed in [CVE-2015-1349] [RT #38344] (**)
 2015-02-18 22:49:44 +00:00
sthen
cfd95932fd Adjust the "meta" rc-scripts (these are used in ports with multiple daemons 
which should all be started/stopped together), previously "restart" would
restart each sub-daemon in turn, but actually it should stop all daemons
and only then start them again. Additionally, as suggested by ajacoutot,
stop the procedure and return an error if stopping one of the rc scripts
failed.  ok ajacoutot@ rpe@

(as done for a couple of other ports; bacula was actually the one I wanted
to fix this on but missed the earlier commit ;)
 2015-02-18 20:55:11 +00:00
naddy
e63637c54c drop USE_GROFF from this BROKEN port, too 2015-02-18 20:00:21 +00:00
naddy
8766820654 fix roff errors that were eating some text; drop USE_GROFF 2015-02-18 18:06:59 +00:00
naddy
a4681cfd5f Drop USE_GROFF from this IGNOREd port, too. 2015-02-18 17:58:26 +00:00
jca
39b50d922e Fix hba "samehost"/"samenet" support. 
On OpenBSD, the sa_family field in netmask sockaddrs can be zero and
thus different from the sa_family of the address sockaddr.
Until this glitch gets corrected, fix postgresql.

ok sthen@ pea@ (MAINTAINER)
 2015-02-18 17:49:56 +00:00
naddy
dd9aa3bac5 escape backslashes for roff 2015-02-18 16:15:37 +00:00
sthen
864bbedd53 Fix directory-traversal vulnerability involving long UTF-8 encodings. 
Nice write-up at http://www.openwall.com/lists/oss-security/2015/02/18/3
 2015-02-18 13:04:09 +00:00
sthen
7d91c091ac drop Roman Kravchuk as maintainer per his request. 2015-02-18 12:51:31 +00:00
espie
700c0e0171 drupal views CVE 2015-02-18 12:21:37 +00:00
dcoppa
4682a5d4cd zap useless lines 2015-02-18 11:08:35 +00:00
jasper
c5d00036a8 update to gnome-font-viewer-3.14.1 2015-02-18 11:04:58 +00:00
espie
66e1bde3c0 security update to 6.2.18 
SA-CONTRIB-2015-039 - Views - Multiple vulnerabilities

okay aja, jasper.
 2015-02-18 10:09:02 +00:00
rpe
5d58d381c0 Update www/sarg to 2.3.10 
OK sthen@ aja@
 2015-02-18 08:41:27 +00:00
ajacoutot
2fa2050883 Update to trytond-module-stock_split-3.2.2. 2015-02-18 08:29:33 +00:00
ajacoutot
195d1e54f5 Update to trytond-module-stock_supply-3.2.3. 2015-02-18 08:29:08 +00:00
ajacoutot
1ff1756db5 Update to trytond-module-stock_supply_production-3.2.2. 2015-02-18 08:28:51 +00:00
ajacoutot
6e7135574d Update to trytond-module-timesheet_cost-3.2.1. 2015-02-18 08:05:34 +00:00