openbsd-ports

Author	SHA1	Message	Date
jasper	a87f904c7a	- the issues some people have been seeing with the build crashing in v8, is related to too low limits, so remove the comment and set VMEM_WARNING instead. (ports is unlocked, but no new files/directories/imports!, if in doubt, ask!)	2011-03-02 06:29:44 +00:00
jasper	9a87fc39ae	- remove USE_GROFF (ports is unlocked, but no new files/directories/imports!, if in doubt, ask!)	2011-03-02 06:27:51 +00:00
jasper	ea043b96b5	- update fritzing to 0.5.2b (ports is unlocked, but no new files/directories/imports!, if in doubt, ask!)	2011-03-02 06:26:04 +00:00
naddy	4af9e9a2e9	sync, 6852	2011-02-13 19:18:06 +00:00
pea	d101f4d2bf	Fix CVE-2010-1623 ok sthen@, landry@	2011-02-12 21:06:57 +00:00
pea	9b749c36f3	Fix CVE-2010-1452 ok sthen@, landry@	2011-02-12 21:05:38 +00:00
ajacoutot	f8fdd4d5e2	Document the fact that these will not build on macppc with the current default MAXDSIZ value. ok miod@ espie@	2011-02-12 11:25:48 +00:00
jasper	9c7a6b7a43	- Security fix for SA43271, Pidgin Cipher API Information Disclosure Security Issue from upstream git commit 16f4c309528b82961b169edb8b74b9061db6c471 from brad (MAINTAINER), ok aja@	2011-02-12 10:59:59 +00:00
jasper	9a9bc1c503	Security fixes for CVE-2010-4704, CVE-2010-4705 and CVE-2011-0480. ok naddy@ looks fine to brad	2011-02-12 10:49:36 +00:00
jasper	2c109b968d	Security fixes for CVE-2010-4704, CVE-2010-4705 and CVE-2011-0480. ok brad (MAINTAINER), naddy@	2011-02-12 10:48:56 +00:00
jasper	7fa477c473	- SECURITY UPDATE of chromium to 9.0.597.94, fixes about 13 CVE's. tested by myself on amd64, and espie@ on i386. "sure, make sure it works" robert@ (MAINTAINER), ok espie@	2011-02-12 10:42:43 +00:00
jasper	84ff9e5db1	Security fixes for django that address CVE-2011-069{6,7,8}. Patches from upstream svn, via ryan boggs (MAINTAINER) ok espie@	2011-02-11 11:45:48 +00:00
jasper	4ae9582f93	Security fix for SA43020: MuPDF "closedctd()" Memory Corruption Vulnerability. ok sthen@ (MAINTAINER) aja@	2011-02-10 13:01:12 +00:00
jasper	368a34f067	Security update of phpmyadmin to 3.3.9.1, addresses PMASA-2011-1. pointed out by rpointel@ ok kevlo@ (MAINTAINER) aja@	2011-02-10 12:55:05 +00:00
espie	da899085eb	fix MESSAGE, bump	2011-02-10 08:26:06 +00:00
jakemsr	a6173b70a9	fix crash in the libao backend. set the 'matrix' member of struct ao_sample_format to NULL before passing the structure to libao functions. ok espie@, ajacoutot@, naddy@	2011-02-10 03:14:43 +00:00
jeremy	78cb8c2e49	Apply security fix for: CVE-2011-0448: Potential SQL Injection OK ajacoutot@	2011-02-10 01:44:54 +00:00
jeremy	eca5a82349	Apply security fixes for: CVE-2011-0446: Potential XSS Problem with mail_to :encode => :javascript CVE-2011-0447: CSRF Protection Bypass OK ajacoutot@	2011-02-10 01:42:21 +00:00
jeremy	f07bd47521	Fix "Vulnerability in Sendmail Delivery Agent code", which allowed arbitrary code execution. Details at http://groups.google.com/group/mail-ruby/browse_thread/thread/e93bbd05706478dd OK ajacoutot@	2011-02-10 01:39:47 +00:00
pea	fa243c7d12	Add a small upgrade howto. idea from sthen@ ok sthen@, landry@ looks good espie@	2011-02-09 10:53:12 +00:00
landry	2d9e57c1f1	Add http://download.gna.org/warmux/archive/ to MASTER_SITES so that files are always fetchable, even when new versions are published and the old version is moved to archive/ Fetch breakage reported by Pascal Stumpf on ports@ Suggestion to add archive url to MASTER_SITES from phessler@ ok phessler@ jasper@	2011-02-09 10:20:16 +00:00
landry	724ce93b27	Backport rev 8b0c024c435b2cab825ceb2661e2589145e3b5ee Fixes http://bugzilla.xfce.org/show_bug.cgi?id=7117 (Panel was crashing when removing a panel in multi-panel confs) Reported by Lawrence Teo, thanks! ok sthen@ ajacoutot@	2011-02-09 07:55:15 +00:00
sthen	ed3d1a0a57	tweak wrapper script; use larger default limits for FD and datasize (you may still need to raise them if you open many tabs, but this should be enough to avoid problems in normal use), only warn if softlimits can't be raised, and adjust messages to mention login.conf (and login.conf.db if detected). ok espie@ "feel free to modify it if you don't like it" robert@	2011-02-08 21:10:28 +00:00
espie	8422be1e92	... and ditch older patches too	2011-02-08 09:48:26 +00:00
espie	ae6e8f236b	late update to chromium 9, robert@ did the work, but he doesn't have the time right now. Tree is still locked! Reasons for the update: - good work that can be used now - only builds on i386/amd64, and they're fast - multiple security problems in old chrome - old chrome half working, can't break it more than it was. This one requires resources (see MESSAGE), but it's ways more stable. Again, discussed with sthen@, jasper@, naddy@, miod@	2011-02-08 09:43:02 +00:00
espie	2d6d25ab59	add PRAGMA_POP_PUSH_PACK support on i386 and amd64, to allow chromium9 to work. Limit it to i386 and amd64 so that it has minimal impact. As discussed with naddy@/jasper@/sthen@/miod@	2011-02-08 09:37:51 +00:00
jasper	4cc1d05442	Security fix for CVE-2011-0017 Patch extracted from exim 3.74. ok fkr@ (MAINTAINER), sthen@, ajacoutot@	2011-02-07 16:01:26 +00:00
fgsch	f11ddf0d97	Unbreak hfsplus. Add libtool to BUILD_DEPENDS as requested by ajacoutot@. ok ajacoutot@	2011-02-06 16:03:55 +00:00
ian	5eb3a84fc6	Security Fix for DoS caused by very small subnormal double, found by Konstantin Preisser at http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/. Fix from https://bugs.openjdk.java.net/show_bug.cgi?id=100119. Ok kurt@ (maintainer), ok & comments sthen@, ok naddy@, aja@.	2011-02-05 23:11:17 +00:00
sthen	84c285a372	SECURITY update to 1.3.07.11 - CVE-2011-0520 The compress_add_dlabel_points function in dns/Compress.c in MaraDNS 1.3.x allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long DNS hostname with a large number of labels, which triggers a heap-based buffer overflow. From Brad, ok aja@	2011-02-05 09:23:52 +00:00
jasper	c9765e187e	Security fix for CVE-2011-0020, Pango "pango_ft2_font_render_box_glyph()" Buffer Overflow Vulnerability testing ok sthen@ ajacoutot@	2011-02-04 18:33:20 +00:00
jasper	f4f02ebd11	- add back a chunk that was removed with the last update; ecore would pickup Cocoa.h from gnustep-gui by accident and break the build later on. ok aja@	2011-02-04 17:06:38 +00:00
stephan	55eedb8bbe	security update to 3.9, addresses SA-CONTRIB-2011-002 (XSS), see http://drupal.org/node/1024972 for details. "These are security things that need to go in before the lock. So commit with my OK." jasper@, maintainer timeout.	2011-02-04 10:28:01 +00:00
stephan	ef44e77bb0	update to 1.8 as a prerequisite for a security update of www/drupal6/panels. "These are security things that need to go in before the lock. So commit it with my OK." jasper@	2011-02-04 10:22:16 +00:00
robert	1c272110c2	Disable on amd64, because it does not work. After unlock a chrome update will come... ok ajacoutot@, sthen@ and requested by many people	2011-02-03 10:31:12 +00:00
pea	690155971b	Unbreak the pfctl completion. Spotted by Brad Kalbaugh ok ajacoutot@	2011-02-03 08:56:14 +00:00
jakemsr	ea82525963	the USB_DEVICEINFO ioctl only requires read access to the usb bus. open the bus with O_RDONLY instead of O_RDWR to not require write permission. ok ajacoutot@	2011-02-02 21:56:03 +00:00
landry	a9eecce2c2	Grab patch from pkgsrc PR43974 to make majordomo work with perl 5.12. (split doesn't return @_ anymore) Reported by Witek Handzlik on ports@ While here, remove dhartmei@ from MAINTAINER. ok sthen@ dcoppa@	2011-02-02 20:15:48 +00:00
pea	6c67d07d32	Update to 9.0.3. + CVE fix (CVE-2010-4015) + fix nasty behavior: - Before exiting walreceiver, ensure all the received WAL is fsync'd to disk. Otherwise the standby server could replay some un-synced WAL, conceivably leading to data corruption if the system crashes just at that point. - Make ALTER TABLE revalidate uniqueness and exclusion constraints when needed Tested in a bulk by landry@ ok ajacoutot@, landry@, sthen@	2011-02-02 14:10:45 +00:00
ajacoutot	77403fc962	SECURITY: fix a remote code execution vulnerability issue with the Mastroska container support (VideoLAN-SA-1102). from Brad (maintainer) ok sthen@	2011-02-02 09:34:23 +00:00
sthen	063d8730bb	Update mcast fix in line with changes made to ports/emulators/qemu. From Brad, ok aja@	2011-02-02 09:30:11 +00:00
landry	86bb310ea2	Apply same fix as in thunar-archive to fix build on a box where thunar-vfs is not installed. Remove the check in configure. Update patch-thunar-plugin_audio-tags-page_c while here. ok ajacoutot@.	2011-02-02 08:41:30 +00:00
giovanni	8105c2a9b4	Fix gnome subpackage lib dependencies ok ajacoutot@ sthen@	2011-02-01 13:47:04 +00:00
sthen	dfbcf7b8c6	Don't try and unconditionally use asm instructions to read the TSC for performance-debugging printf()s. (post-unlock, updating darktable to a newer version should fix this in a better way). Build failure on macppc reported by ajacoutot@ (though it affects other arch too). ok ajacoutot@	2011-01-31 23:20:23 +00:00
landry	a43aa001da	Other patches remove references to thunar-vfs, but configure still checks for it. Remove the check from configure so that it builds fine on a box where thunar-vfs is not installed. ok ajacoutot@	2011-01-31 15:34:23 +00:00
naddy	03f208dc46	Fix a segfault in rTorrent when running a large number of torrents. From Tobias Ulmer; ok espie@	2011-01-31 14:59:38 +00:00
naddy	ffa3232502	sync, 6852	2011-01-31 13:59:53 +00:00
ajacoutot	0816c5205a	Unbreak on powerpc by moving to new DEPENDS style. ok espie@ landry@	2011-01-30 09:38:41 +00:00
landry	1c74338058	Fix an unaligned access on sparc64 leading to random crashes when mozilla tries to read a malformed ICC profile on random image content found on the web. backport of http://hg.mozilla.org/mozilla-central/rev/e8207773d54d ref: https://bugzilla.mozilla.org/show_bug.cgi?id=629057 issue reported and fix found by naddy@ ok naddy@ ajacoutot@	2011-01-28 21:38:12 +00:00
ratchov	373155557e	revert latest commit	2011-01-28 10:36:09 +00:00

1 2 3 4 5 ...

63479 Commits