Sharness is a portable shell library to write, run, and analyze
automated tests for Unix programs. Since all tests output TAP,
the Test Anything Protocol, they can be run with any TAP harness.
Comment:
UDisks2 service implementation for OpenBSD
Description:
A UDisks2 service implementation for OpenBSD forked from FreeBSD
(bsdutils/bsdisks).
OpenBSDisks2 provides a simple DBus org.freedesktop.UDisks2 service.
It only provides readable properties for the UDisks2.Drive,
UDisks2.Block and UDisks2.Filesystem interfaces.
UDisks2 is an abstraction for enumerating disk and storage devices and
performing operations on them.
Maintainer: Rafael Sadowski <rsadowski@openbsd.org>
WWW: https://github.com/sizeofvoid/openbsdisks2
Test, feedack and OK namn@
Use OpenSSL 1.1.1 code path that uses SSL_CTX_up_ref() instead of
handrolling it. This way mosquitto will continue to build after
an upcoming libssl bump.
===> Faking installation for qemu-6.0.0
env: bash: No such file or directory
env: bash: No such file or directory
env: bash: No such file or directory
env: bash: No such file or directory
(GIT="git" "/pobj/qemu-6.0.0/qemu-6.0.0/scripts/git-submodule.sh" ignore )
env: bash: No such file or directory
Remove much of the patching to force the OpenSSL 1.0.x code path.
This way the code uses accessors and will continue building when
we switch some structs in libssl to opaque.
This adds and removes some symbols in wkhtmltox, so bump major.
ok Frank Groeneveld (maintainer)
Remove two #if defined(LIBRESSL_VERSION_NUMBER) to take the OpenSSL 1.1.1
code path. This way swi-prolog will continue building once we will have
made some structs opaque in libssl.
ok edd (maintainer)
Fixes many issues reported (with fixes) last year by Qualys, details will be
available later at https://www.qualys.com/2021/05/04/21nails/21nails.txt
Local vulnerabilities
- CVE-2020-28007: Link attack in Exim's log directory
- CVE-2020-28008: Assorted attacks in Exim's spool directory
- CVE-2020-28014: Arbitrary PID file creation
- CVE-2020-28011: Heap buffer overflow in queue_run()
- CVE-2020-28010: Heap out-of-bounds write in main()
- CVE-2020-28013: Heap buffer overflow in parse_fix_phrase()
- CVE-2020-28016: Heap out-of-bounds write in parse_fix_phrase()
- CVE-2020-28015: New-line injection into spool header file (local)
- CVE-2020-28012: Missing close-on-exec flag for privileged pipe
- CVE-2020-28009: Integer overflow in get_stdinput()
Remote vulnerabilities
- CVE-2020-28017: Integer overflow in receive_add_recipient()
- CVE-2020-28020: Integer overflow in receive_msg()
- CVE-2020-28023: Out-of-bounds read in smtp_setup_msg()
- CVE-2020-28021: New-line injection into spool header file (remote)
- CVE-2020-28022: Heap out-of-bounds read and write in extract_option()
- CVE-2020-28026: Line truncation and injection in spool_read_header()
- CVE-2020-28019: Failure to reset function pointer after BDAT error
- CVE-2020-28024: Heap buffer underflow in smtp_ungetc()
- CVE-2020-28018: Use-after-free in tls-openssl.c
- CVE-2020-28025: Heap out-of-bounds read in pdkim_finish_bodyhash()
The following modules are currently available:
- qttranslations
- qttools
- qtsvg
- qtshadertools
- qtquicktimeline
- qtquickcontrols2
- qtquick3d
- qtdeclarative
- qtbase
- qt5compat
- qtwayland (not ported, depends on wayland)
- qtdoc (not ported, is not worth the effort)
Further modules will follow in later Qt versions. Some patches come form
x11/qt5. With tb@'s help, I married QtBase with LibreSSL again. We are now on
our own again as Gentoo no longer follows this path. From the port perspective,
I have decided on the following points:
- Prefix all Qt6 ports with qt6-*.
- Rename all imported qt tools with the -qt6 suffix like we do with qt5.
This makes it easier to use several versions at the same time.
- x11/qt6 is based on x11/qt5. I have tried to make many things simpler
and cleaner.
- Qt6 switched to cmake as build system and needs help with *FLAGS.
OK landry, Merci!
Comment:
audio player with QML and KDE Plasma integration
Description:
Elisa is a music player developed by the KDE community that strives to be
simple and nice to use.
Maintainer: Rafael Sadowski <rsadowski@openbsd.org>
WWW: https://elisa.kde.org/
CVE-2019-20790 - OpenDMARC through 1.3.2 and 1.4.x, when used with
pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC
authentication in situations where the HELO field is inconsistent
with the MAIL FROM field.
CVE-2020-12272 - OpenDMARC through 1.3.2 and 1.4.x allows attacks
that inject authentication results to provide false information
about the domain that originated an e-mail message. This is caused
by incorrect parsing and interpretation of SPF/DKIM authentication
results, as demonstrated by the "example.net(.example.com" substring.
CVE-2020-12460 - OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1
has improper null termination in the function opendmarc_xml_parse that
can result in a one-byte heap overflow in opendmarc_xml when parsing a
specially crafted DMARC aggregate report. This can cause remote memory
corruption when a '\0' byte overwrites the heap metadata of the next
chunk and its PREV_INUSE flag.
following problems:
- An attacker who can upload attachments to the wiki can use this to
achieve remote code execution.
- An attacker with write permissions can upload an SVG file that
contains malicious javascript. This javascript will be executed in a
user's browser when the user is viewing that SVG file on the wiki.
add support for:
- "guest-get-fsinfo"
- "guest-get-vcpus"
- "guest-network-get-interfaces"
taken/adapted from FreeBSD patchset at https://github.com/aborche/qemu-guest-agent/
Initial port patch from Jeroen Derks for qemu 5.1 (thanks!),
forward-ported to 6.0 by myself.
i still need to fixup qemu-ga default args and write a proper rc script..
ok Brad Smith (MAINTAINER)
Executables were installed mode 774 owned by root:bin. We need to use
mode 775 (o+x), otherwise nagios which runs as user _nagios complains:
Error: failed to access() /usr/local/bin/nagios: Permission denied
Error: Spawning workers will be impossible. Aborting.
Solution discussed and found together with sthen and tb.
ok sthen@ tb@
